palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

..

No commits in common. "main" and "feature/clan-update" have entirely different histories.
main ... feature/cl

74 changed files with 999 additions and 809 deletions

2
components/chaospott.nix
View file

@ -13,7 +13,7 @@ with lib;
}; };
config = mkIf (config.components.chaospott.enable && config.components.gui.audio.enable) { config = mkIf (config.components.chaospott.enable && config.components.gui.audio.enable) {
services.pulseaudio.zeroconf.discovery.enable = true; hardware.pulseaudio.zeroconf.discovery.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
paprefs paprefs
]; ];

21
components/gui/audio.nix
View file

@ -12,10 +12,12 @@ with lib;
default = config.components.gui.enable; default = config.components.gui.enable;
}; };
config = mkMerge [ config = mkIf (config.components.gui.audio.enable) {
(mkIf (config.components.gui.audio.enable) {
security.rtkit.enable = true; security.rtkit.enable = true;
hardware.pulseaudio.enable = false;
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
powerOnBoot = true; powerOnBoot = true;
@ -32,7 +34,7 @@ with lib;
]; ];
services.pipewire = { services.pipewire = {
#enable = true; enable = true;
systemWide = true; systemWide = true;
alsa.enable = true; alsa.enable = true;
alsa.support32Bit = true; alsa.support32Bit = true;
@ -50,16 +52,5 @@ with lib;
} }
''; '';
}; };
}) };
{
# this is always true
# seems other options enable this one
services.pipewire.enable = config.components.gui.audio.enable;
services.pulseaudio.enable = false;
}
];
} }

1
components/gui/default.nix
View file

@ -16,7 +16,6 @@ with lib;
./browser.nix ./browser.nix
./cups.nix ./cups.nix
./home-manager ./home-manager
./kde.nix
./kmonad.nix ./kmonad.nix
./noti.nix # todo: make this different (use password store and such) ./noti.nix # todo: make this different (use password store and such)
./pass.nix ./pass.nix

19
components/gui/kde.nix
View file

@ -1,19 +0,0 @@
{
config,
pkgs,
lib,
...
}:
{
options.components.gui.kde.enable = lib.mkOption {
type = lib.types.bool;
default = config.components.gui.enable;
};
config = lib.mkIf (config.components.gui.kde.enable) {
services.desktopManager.plasma6.enable = true;
};
}

43
components/gui/xorg/default.nix
View file

@ -14,41 +14,30 @@ with lib;
default = config.components.gui.enable; default = config.components.gui.enable;
}; };
options.components.gui.xorg.lightdm.enable = mkOption { config = mkIf (config.components.gui.xorg.enable && config.components.gui.enable) {
type = lib.types.bool;
default = config.components.gui.xorg.enable;
};
options.components.gui.xorg.sddm.enable = mkOption {
type = lib.types.bool;
default = !config.components.gui.xorg.lightdm.enable;
};
config = mkMerge [
(mkIf (config.components.gui.xorg.lightdm.enable && config.components.gui.xorg.enable) {
# system.custom.fonts.enable = true;
services.displayManager = { services.displayManager = {
defaultSession = "none+i3"; defaultSession = lib.mkDefault "none+i3";
autoLogin.enable = lib.mkDefault true; autoLogin.enable = lib.mkDefault true;
autoLogin.user = config.users.users.mainUser.name; autoLogin.user = config.users.users.mainUser.name;
}; };
services.xserver.displayManager.lightdm.enable = true; services.xserver = {
}) enable = true;
(mkIf (config.components.gui.xorg.sddm.enable && config.components.gui.xorg.enable) { displayManager = {
lightdm.enable = lib.mkDefault true;
};
services.xserver.displayManager.sddm.enable = true; desktopManager.xterm.enable = false;
windowManager.i3.enable = true;
}) # mouse/touchpad
# --------------
(mkIf (config.components.gui.xorg.enable && config.components.gui.enable) { };
services.xserver.enable = true;
services.xserver.windowManager.i3.enable = true;
services.libinput = { services.libinput = {
enable = true; enable = true;
@ -67,7 +56,7 @@ with lib;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
xclip xclip
#xtrlock-pam xtrlock-pam
xorg.xev xorg.xev
dmenu dmenu
@ -92,7 +81,5 @@ with lib;
''; '';
environment.etc."/X11/Xresource.d/.keep".text = ""; environment.etc."/X11/Xresource.d/.keep".text = "";
}) };
];
} }

8
components/media/video.nix
View file

@ -136,7 +136,7 @@ in
home-manager.sharedModules = [ home-manager.sharedModules = [
{ {
programs.obs-studio = { programs.obs-studio = {
enable = false; enable = true;
plugins = with pkgs.obs-studio-plugins; [ plugins = with pkgs.obs-studio-plugins; [
obs-backgroundremoval obs-backgroundremoval
obs-vaapi obs-vaapi
@ -161,17 +161,17 @@ in
# obs studio stuff # obs studio stuff
obs-cli obs-cli
v4l-utils v4l-utils
#obs-cmd obs-cmd
# to record your screen # to record your screen
# --------------------- # ---------------------
#simplescreenrecorder simplescreenrecorder
screenKey screenKey
#obs-studio #obs-studio
# to transcode video material # to transcode video material
# --------------------------- # ---------------------------
# handbrake handbrake
ffmpeg-full ffmpeg-full
]; ];

21
components/monitor/container.nix Normal file
View file

@ -0,0 +1,21 @@
{
lib,
config,
inputs,
...
}:
with lib;
with types;
{
imports = [
../timezone.nix
];
config = {
telemetry.enable = mkDefault true;
telemetry.metrics.enable = mkDefault false;
telemetry.opentelemetry.enable = false;
services.journald.extraConfig = "SystemMaxUse=1G";
};
}

17
components/network/sshd/default.nix
View file

@ -36,13 +36,6 @@ in
make sure ssh is only available trough the tinc make sure ssh is only available trough the tinc
''; '';
}; };
allowMosh = mkOption {
type = bool;
default = true;
description = ''
make mosh port available
'';
};
}; };
config = mkMerge [ config = mkMerge [
@ -76,16 +69,6 @@ in
iptables --table nat --append PREROUTING ! --in-interface tinc.+ --protocol tcp --match tcp --dport 22 --jump REDIRECT --to-ports 0 iptables --table nat --append PREROUTING ! --in-interface tinc.+ --protocol tcp --match tcp --dport 22 --jump REDIRECT --to-ports 0
''; '';
}) })
(mkIf (cfg.allowMosh && cfg.enable) {
networking.firewall.allowedUDPPortRanges = [
{
from = 60000;
to = 61000;
}
];
})
]; ];
} }

11
components/virtualisation/virtualbox.nix
View file

@ -14,13 +14,10 @@ with lib;
config = mkIf config.components.virtualisation.virtualbox.enable { config = mkIf config.components.virtualisation.virtualbox.enable {
virtualisation.virtualbox.host.enable = true; virtualisation.virtualbox = {
virtualisation.virtualbox.host.enableExtensionPack = true; host.enable = true;
virtualisation.virtualbox.guest.enable = true; guest.enable = true;
virtualisation.virtualbox.guest.dragAndDrop = true; };
# https://discourse.nixos.org/t/issue-with-virtualbox-in-24-11/57607/2
boot.kernelParams = [ "kvm.enable_virt_at_load=0" ];
users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ]; users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ];

399
flake.lock generated
View file

@ -82,11 +82,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1740718722, "lastModified": 1739259543,
"narHash": "sha256-QhvkAvtgwZl89/7FjCFe+frxGxdQhYNfqc2+ymFdfcA=", "narHash": "sha256-AW5UFLVstsfzTUVRJGJLmyhc9wDxo/1aROjsawEBD/c=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "bcd6c7108afbc692b0b3bd39299fa153eefe1104", "rev": "15e8df894e8ca457dadb8953750b28363f1bae6c",
"revCount": 5739, "revCount": 5648,
"type": "git", "type": "git",
"url": "https://git.clan.lol/clan/clan-core" "url": "https://git.clan.lol/clan/clan-core"
}, },
@ -104,11 +104,11 @@
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1739428569, "lastModified": 1723143645,
"narHash": "sha256-uvW5PQqw4+cqjoaoPB/frHY7EjO+ehRryOHAkJKYX5A=", "narHash": "sha256-/71L2ZBM9AmUpEQC19Rf7AxA+BhIquObB8aZDkfVRz8=",
"owner": "mrvandalo", "owner": "mrvandalo",
"repo": "clan-fact-generators", "repo": "clan-fact-generators",
"rev": "882fc040fcd283044a940a5e11e81a7e86aa76ce", "rev": "620c5d3185594b3e2d91e29a7590f44abae4319c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -156,24 +156,6 @@
"type": "github" "type": "github"
} }
}, },
"devshell_3": {
"inputs": {
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1735644329,
"narHash": "sha256-tO3HrHriyLvipc4xr+Ewtdlo7wM1OjXNjlWRgmM7peY=",
"owner": "numtide",
"repo": "devshell",
"rev": "f7795ede5b02664b57035b3b757876703e2c3eac",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -182,11 +164,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1739634831, "lastModified": 1738765162,
"narHash": "sha256-xFnU+uUl48Icas2wPQ+ZzlL2O3n8f6J2LrzNK9f2nng=", "narHash": "sha256-3Z40qHaFScWUCVQrGc4Y+RdoPsh1R/wIh+AN4cTXP0I=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "fa5746ecea1772cf59b3f34c5816ab3531478142", "rev": "ff3568858c54bd306e9e1f2886f0f781df307dff",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -220,11 +202,11 @@
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1739223196, "lastModified": 1736899990,
"narHash": "sha256-vAxN2f3rvl5q62gQQjZGVSvF93nAsOxntuFz+e/655w=", "narHash": "sha256-S79Hqn2EtSxU4kp99t8tRschSifWD4p/51++0xNWUxw=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "firefox-gnome-theme", "repo": "firefox-gnome-theme",
"rev": "a89108e6272426f4eddd93ba17d0ea101c34fb21", "rev": "91ca1f82d717b02ceb03a3f423cbe8082ebbb26d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -250,6 +232,7 @@
} }
}, },
"flake-compat_2": { "flake-compat_2": {
"flake": false,
"locked": { "locked": {
"lastModified": 1733328505, "lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
@ -379,18 +362,14 @@
}, },
"flake-parts_7": { "flake-parts_7": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": "nixpkgs-lib_5"
"stylix",
"nur",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1733312601, "lastModified": 1726153070,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -400,24 +379,6 @@
} }
}, },
"flake-parts_8": { "flake-parts_8": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_5"
},
"locked": {
"lastModified": 1738453229,
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_9": {
"inputs": { "inputs": {
"nixpkgs-lib": "nixpkgs-lib_6" "nixpkgs-lib": "nixpkgs-lib_6"
}, },
@ -551,11 +512,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1737465171, "lastModified": 1735882644,
"narHash": "sha256-R10v2hoJRLq8jcL4syVFag7nIGE7m13qO48wRIukWNg=", "narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=",
"owner": "cachix", "owner": "cachix",
"repo": "git-hooks.nix", "repo": "git-hooks.nix",
"rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17", "rev": "a5a961387e75ae44cc20f0a57ae463da5e959656",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -634,11 +595,11 @@
"treefmt-nix": "treefmt-nix_2" "treefmt-nix": "treefmt-nix_2"
}, },
"locked": { "locked": {
"lastModified": 1739947726, "lastModified": 1729744850,
"narHash": "sha256-5GUrVccTk1iIuM7JbJsTqM57Etxek9ebo6e+loQadus=", "narHash": "sha256-2tggkyfZKEHPsubKxqW1KhN9vzNJVpxLdFtyaFNTJR0=",
"owner": "mrvandalo", "owner": "mrvandalo",
"repo": "nixos-healthchecks", "repo": "nixos-healthchecks",
"rev": "45da1993e4b568590170cee8d70e7c2266b2f536", "rev": "22119198994f20ba6d68efa2c1106aae83d74a8f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -654,11 +615,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1740845322, "lastModified": 1738753876,
"narHash": "sha256-AXEgFj3C0YJhu9k1OhbRhiA6FnDr81dQZ65U3DhaWpw=", "narHash": "sha256-yXT82kERWL4R81hfun9BuT478Q6ut0dJzdQjAxjRS38=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "fcac3d6d88302a5e64f6cb8014ac785e08874c8d", "rev": "f20b7a8ab527a2482f13754dc00b2deaddc34599",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -739,11 +700,11 @@
"treefmt-nix": "treefmt-nix_3" "treefmt-nix": "treefmt-nix_3"
}, },
"locked": { "locked": {
"lastModified": 1740657886, "lastModified": 1738399995,
"narHash": "sha256-7kHxBQuzb7gcHzVmLGljJ4kF6BDDSYVCIxYFDmYPnAo=", "narHash": "sha256-2s+b7M2UayudwHQTVSo2RSF1sKbasqCXHYbE3XStVVI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-anywhere", "repo": "nixos-anywhere",
"rev": "77e6a4e14baa93a29952ea9f0e4a59a29cca09e9", "rev": "d4a3ecf32bd3cc9d243e0a2f37de91bc84b14216",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -754,11 +715,11 @@
}, },
"nixos-facter-modules": { "nixos-facter-modules": {
"locked": { "locked": {
"lastModified": 1738752252, "lastModified": 1736931726,
"narHash": "sha256-/nA3tDdp/2g0FBy8966ppC2WDoyXtUWaHkZWL+N3ZKc=", "narHash": "sha256-aY55yiifyo1XPPpbpH0kWlV1g2dNGBlx6622b7OK8ks=",
"owner": "numtide", "owner": "numtide",
"repo": "nixos-facter-modules", "repo": "nixos-facter-modules",
"rev": "60f8b8f3f99667de6a493a44375e5506bf0c48b1", "rev": "fa11d87b61b2163efbb9aed7b7a5ae0299e5ab9c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -769,11 +730,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1740646007, "lastModified": 1738638143,
"narHash": "sha256-dMReDQobS3kqoiUCQIYI9c0imPXRZnBubX20yX/G5LE=", "narHash": "sha256-ZYMe4c4OCtIUBn5hx15PEGr0+B1cNEpl2dsaLxwY2W0=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "009b764ac98a3602d41fc68072eeec5d24fc0e49", "rev": "9bdd53f5908453e4d03f395eb1615c3e9a351f70",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -794,11 +755,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1740452541, "lastModified": 1734098258,
"narHash": "sha256-aa5gPveHysMTVkxj+0iH0BdcSn8+v8lZPud+IItOSaQ=", "narHash": "sha256-3mzGstXtPqt+zWzXqesgQ2haEI6LNCFhc/uU3Bcj6Ak=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-images", "repo": "nixos-images",
"rev": "283bbacb81bd2c1a7b89f33e011ecabe398a564e", "rev": "231f5f6370e78d04675c9fa8199be6c3b1b85773",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -839,6 +800,70 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-legacy_2211": {
"locked": {
"lastModified": 1688392541,
"narHash": "sha256-lHrKvEkCPTUO+7tPfjIcb7Trk6k31rz18vkyqmkeJfY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-legacy_2311": {
"locked": {
"lastModified": 1720535198,
"narHash": "sha256-zwVvxrdIzralnSbcpghA92tWu2DV2lwv89xZc8MTrbg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "205fd4226592cc83fd4c0885a3e4c9c400efabb5",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-legacy_2405": {
"locked": {
"lastModified": 1735563628,
"narHash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "b134951a4c9f3c995fd7be05f3243f8ecd65d798",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-legacy_2411": {
"locked": {
"lastModified": 1738702386,
"narHash": "sha256-nJj8f78AYAxl/zqLiFGXn5Im1qjFKU8yBPKoWEeZN5M=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "030ba1976b7c0e1a67d9716b17308ccdab5b381e",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1717284937, "lastModified": 1717284937,
@ -889,14 +914,14 @@
}, },
"nixpkgs-lib_5": { "nixpkgs-lib_5": {
"locked": { "locked": {
"lastModified": 1738452942, "lastModified": 1725233747,
"narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", "narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
"type": "tarball", "type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
}, },
"original": { "original": {
"type": "tarball", "type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/072a6db25e947df2f31aab9eccd0ab75d5b2da11.tar.gz" "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
} }
}, },
"nixpkgs-lib_6": { "nixpkgs-lib_6": {
@ -913,11 +938,11 @@
}, },
"nixpkgs-unstable-small": { "nixpkgs-unstable-small": {
"locked": { "locked": {
"lastModified": 1740848276, "lastModified": 1738758495,
"narHash": "sha256-bYeI3FEs824X+MJYksKboNlmglehzplqzn+XvcojWMc=", "narHash": "sha256-CZ8T4vP3ag2hwkpSZjatxJb55ouszvmnWw09qxGW9TU=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e9b0ff70ddc61c42548501b0fafb86bb49cca858", "rev": "ceaea203f3ae1787b1bd13f021f686391696fc5b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -976,16 +1001,16 @@
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1740791350, "lastModified": 1738758495,
"narHash": "sha256-igS2Z4tVw5W/x3lCZeeadt0vcU9fxtetZ/RyrqsCRQ0=", "narHash": "sha256-CZ8T4vP3ag2hwkpSZjatxJb55ouszvmnWw09qxGW9TU=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "199169a2135e6b864a888e89a2ace345703c025d", "rev": "ceaea203f3ae1787b1bd13f021f686391696fc5b",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixpkgs-unstable", "ref": "nixos-unstable-small",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -1006,11 +1031,11 @@
}, },
"nixpkgs_7": { "nixpkgs_7": {
"locked": { "locked": {
"lastModified": 1740301968, "lastModified": 1738178544,
"narHash": "sha256-eDAiNagpMExcLoSIgjdef2ZYyvjuy1VTF8r9OZXCMGc=", "narHash": "sha256-UbM+zJFlze877N5j2YMLKYFX7t05VvmuNX2M0vJ7RfI=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "b7fe81518095c48a8ba94fc7cfe5c0fc8370851b", "rev": "975ac0ab33ee7fea64842047a96f5d679d90913c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1020,61 +1045,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_8": {
"locked": {
"lastModified": 1740367490,
"narHash": "sha256-WGaHVAjcrv+Cun7zPlI41SerRtfknGQap281+AakSAw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0196c0175e9191c474c26ab5548db27ef5d34b05",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1722073938,
"narHash": "sha256-OpX0StkL8vpXyWOGUD6G+MA26wAXK6SpT94kLJXo6B4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e36e9f57337d0ff0cf77aceb58af4c805472bfae",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": "flake-parts_7",
"nixpkgs": [
"stylix",
"nixpkgs"
],
"treefmt-nix": "treefmt-nix_6"
},
"locked": {
"lastModified": 1740408283,
"narHash": "sha256-2xECnhgF3MU9YjmvOkrRp8wRFo2OjjewgCtlfckhL5s=",
"owner": "nix-community",
"repo": "NUR",
"rev": "496a4a11162bdffb9a7b258942de138873f019f7",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"permown": { "permown": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -1150,11 +1120,11 @@
"treefmt-nix": "treefmt-nix_4" "treefmt-nix": "treefmt-nix_4"
}, },
"locked": { "locked": {
"lastModified": 1743686840, "lastModified": 1739081745,
"narHash": "sha256-233lgDM2Jnmfq85LK4vwq+bVLHCvs76fHHEHD6W7/fs=", "narHash": "sha256-FGaxXNmvDd6fL22fvbVS9eb+Lr+4UR+xZtkKkUoYuKI=",
"ref": "main", "ref": "main",
"rev": "b6239a1dcf31962426f28eab4b7f834a5025cea0", "rev": "0d764189384d5fa7d9850b4d2f35ed98a0598871",
"revCount": 90, "revCount": 89,
"type": "git", "type": "git",
"url": "ssh://forgejo@git.ingolf-wagner.de:2222/palo/nixos-private-parts.git" "url": "ssh://forgejo@git.ingolf-wagner.de:2222/palo/nixos-private-parts.git"
}, },
@ -1164,6 +1134,21 @@
"url": "ssh://forgejo@git.ingolf-wagner.de:2222/palo/nixos-private-parts.git" "url": "ssh://forgejo@git.ingolf-wagner.de:2222/palo/nixos-private-parts.git"
} }
}, },
"retiolum": {
"locked": {
"lastModified": 1737987273,
"narHash": "sha256-WQCLoDbthUO5PcdYDBxZZQgpQbEXab50EcwChkukxN4=",
"owner": "Mic92",
"repo": "retiolum",
"rev": "514fe96610f745435b89355822691b1961dc4857",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "retiolum",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"clan-core": "clan-core", "clan-core": "clan-core",
@ -1178,16 +1163,21 @@
"nixos-anywhere": "nixos-anywhere", "nixos-anywhere": "nixos-anywhere",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_5",
"nixpkgs-legacy_2211": "nixpkgs-legacy_2211",
"nixpkgs-legacy_2311": "nixpkgs-legacy_2311",
"nixpkgs-legacy_2405": "nixpkgs-legacy_2405",
"nixpkgs-legacy_2411": "nixpkgs-legacy_2411",
"nixpkgs-unstable-small": "nixpkgs-unstable-small", "nixpkgs-unstable-small": "nixpkgs-unstable-small",
"permown": "permown", "permown": "permown",
"polygon-art": "polygon-art", "polygon-art": "polygon-art",
"private-parts": "private-parts", "private-parts": "private-parts",
"retiolum": "retiolum",
"share-http": "share-http", "share-http": "share-http",
"srvos": "srvos", "srvos": "srvos",
"stylix": "stylix", "stylix": "stylix",
"taskwarrior": "taskwarrior", "taskwarrior": "taskwarrior",
"telemetry": "telemetry", "telemetry": "telemetry",
"treefmt-nix": "treefmt-nix_9" "treefmt-nix": "treefmt-nix_8"
} }
}, },
"share-http": { "share-http": {
@ -1240,11 +1230,11 @@
"nixpkgs": "nixpkgs_7" "nixpkgs": "nixpkgs_7"
}, },
"locked": { "locked": {
"lastModified": 1740358604, "lastModified": 1738198321,
"narHash": "sha256-Wi87Dx5j8JH+ETlU0zrPSAe7zD2wQkEY6DtITCeyOdI=", "narHash": "sha256-lhnHBXO9Y8xEn92JqxjancdL8Gh16ONuxZp60iZfmX4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "srvos", "repo": "srvos",
"rev": "b3065811ae1c822b856af8a254e07703172a0e76", "rev": "7d5a4aaadac9ff63f9ed4347df95175aceee5079",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1270,20 +1260,18 @@
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nur": "nur",
"systems": "systems_3", "systems": "systems_3",
"tinted-foot": "tinted-foot", "tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty", "tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes",
"tinted-tmux": "tinted-tmux", "tinted-tmux": "tinted-tmux",
"tinted-zed": "tinted-zed" "tinted-zed": "tinted-zed"
}, },
"locked": { "locked": {
"lastModified": 1740769934, "lastModified": 1738611626,
"narHash": "sha256-iyxUwII/NQNClT77VqQiDpaXJz1r0Z8tNVxgY64mLak=", "narHash": "sha256-IgjqlYPaS8Bg+jc6a691w27XDFhBeM7gkP4eDcR2EBs=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "de4ee5899042801b62f988687acd454d4d411075", "rev": "d513f59da5856978c363d2f82103f708f4a6024d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1376,17 +1364,19 @@
}, },
"taskwarrior": { "taskwarrior": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_8", "flake-parts": "flake-parts_7",
"nixpkgs": "nixpkgs_8", "nixpkgs": [
"nixpkgs"
],
"taskshell": "taskshell", "taskshell": "taskshell",
"treefmt-nix": "treefmt-nix_7" "treefmt-nix": "treefmt-nix_6"
}, },
"locked": { "locked": {
"lastModified": 1740648759, "lastModified": 1727417586,
"narHash": "sha256-sIgoU5sXAISeQwvpkW9f8h4uKmTT1okuDEqIihYo5zw=", "narHash": "sha256-z3ahlvbUWENgrvatJYd7FtPL0OoV4E+zNZiBzRx9S1E=",
"owner": "mrvandalo", "owner": "mrvandalo",
"repo": "taskwarrior-flake", "repo": "taskwarrior-flake",
"rev": "927ebf78a525272616028cf8e9973bfdc0c5a0cc", "rev": "9433b3b1c4afb18c554d067fadf37d979b129b09",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1397,19 +1387,18 @@
}, },
"telemetry": { "telemetry": {
"inputs": { "inputs": {
"devshell": "devshell_3", "flake-parts": "flake-parts_8",
"flake-parts": "flake-parts_9",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"treefmt-nix": "treefmt-nix_8" "treefmt-nix": "treefmt-nix_7"
}, },
"locked": { "locked": {
"lastModified": 1740624189, "lastModified": 1738566582,
"narHash": "sha256-GET3URhKXO5uq62tAPr9xSe6fSco1m0+p1UvK9iAukM=", "narHash": "sha256-Sl+0RRf9DpxuBfiXNZkJIfDreRE1JoABhvXVGWNBL+k=",
"owner": "mrvandalo", "owner": "mrvandalo",
"repo": "nixos-telemetry", "repo": "nixos-telemetry",
"rev": "bb8713fc2cd19c316c051fa1e643a36531c12364", "rev": "d5bb7a31de3e826e43919897b486649fcdc3fb9a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1452,30 +1441,14 @@
"type": "github" "type": "github"
} }
}, },
"tinted-schemes": {
"flake": false,
"locked": {
"lastModified": 1740351358,
"narHash": "sha256-Hdk850xgAd3DL8KX0AbyU7tC834d3Lej1jOo3duWiOA=",
"owner": "tinted-theming",
"repo": "schemes",
"rev": "a1bc2bd89e693e7e3f5764cfe8114e2ae150e184",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "schemes",
"type": "github"
}
},
"tinted-tmux": { "tinted-tmux": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1740272597, "lastModified": 1735737224,
"narHash": "sha256-/etfUV3HzAaLW3RSJVwUaW8ULbMn3v6wbTlXSKbcoWQ=", "narHash": "sha256-FO2hRBkZsjlIRqzNHCPc/52yxg11kHGA8MEtSun9RwE=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "tinted-tmux", "repo": "tinted-tmux",
"rev": "b6c7f46c8718cc484f2db8b485b06e2a98304cd0", "rev": "aead506a9930c717ebf81cc83a2126e9ca08fa64",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1508,11 +1481,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1739829690, "lastModified": 1738953846,
"narHash": "sha256-mL1szCeIsjh6Khn3nH2cYtwO5YXG6gBiTw1A30iGeDU=", "narHash": "sha256-yrK3Hjcr8F7qS/j2F+r7C7o010eVWWlm4T1PrbKBOxQ=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "3d0579f5cc93436052d94b73925b48973a104204", "rev": "4f09b473c936d41582dd744e19f34ec27592c5fd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1608,17 +1581,16 @@
"treefmt-nix_6": { "treefmt-nix_6": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"stylix", "taskwarrior",
"nur",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1733222881, "lastModified": 1727252110,
"narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", "narHash": "sha256-3O7RWiXpvqBcCl84Mvqa8dXudZ1Bol1ubNdSmQt7nF4=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "49717b5af6f80172275d47a418c9719a31a78b53", "rev": "1bff2ba6ec22bc90e9ad3f7e94cca0d37870afa3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1628,27 +1600,6 @@
} }
}, },
"treefmt-nix_7": { "treefmt-nix_7": {
"inputs": {
"nixpkgs": [
"taskwarrior",
"nixpkgs"
]
},
"locked": {
"lastModified": 1739829690,
"narHash": "sha256-mL1szCeIsjh6Khn3nH2cYtwO5YXG6gBiTw1A30iGeDU=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "3d0579f5cc93436052d94b73925b48973a104204",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_8": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"telemetry", "telemetry",
@ -1669,18 +1620,18 @@
"type": "github" "type": "github"
} }
}, },
"treefmt-nix_9": { "treefmt-nix_8": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1739829690, "lastModified": 1738680491,
"narHash": "sha256-mL1szCeIsjh6Khn3nH2cYtwO5YXG6gBiTw1A30iGeDU=", "narHash": "sha256-8X7tR3kFGkE7WEF5EXVkt4apgaN85oHZdoTGutCFs6I=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "3d0579f5cc93436052d94b73925b48973a104204", "rev": "64dbb922d51a42c0ced6a7668ca008dded61c483",
"type": "github" "type": "github"
}, },
"original": { "original": {

52
flake.nix
View file

@ -22,20 +22,26 @@
nix-topology.url = "github:oddlama/nix-topology"; nix-topology.url = "github:oddlama/nix-topology";
nixos-anywhere.url = "github:nix-community/nixos-anywhere"; nixos-anywhere.url = "github:nix-community/nixos-anywhere";
nixos-hardware.url = "github:nixos/nixos-hardware"; nixos-hardware.url = "github:nixos/nixos-hardware";
nixpkgs-legacy_2211.url = "github:nixos/nixpkgs/nixos-22.11";
nixpkgs-legacy_2311.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-legacy_2405.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgs-legacy_2411.url = "github:nixos/nixpkgs/nixos-24.11";
nixpkgs-unstable-small.url = "github:nixos/nixpkgs/nixos-unstable-small"; nixpkgs-unstable-small.url = "github:nixos/nixpkgs/nixos-unstable-small";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small";
permown.inputs.nixpkgs.follows = "nixpkgs"; permown.inputs.nixpkgs.follows = "nixpkgs";
permown.url = "github:mrVanDalo/module.permown"; permown.url = "github:mrVanDalo/module.permown";
polygon-art.url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git"; polygon-art.url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
private-parts.inputs.nixpkgs.follows = "nixpkgs"; # only private input private-parts.inputs.nixpkgs.follows = "nixpkgs"; # only private input
private-parts.url = "git+ssh://forgejo@git.ingolf-wagner.de:2222/palo/nixos-private-parts.git?ref=main"; private-parts.url = "git+ssh://forgejo@git.ingolf-wagner.de:2222/palo/nixos-private-parts.git?ref=main";
#private-parts.url = "git+file:///home/palo/dev/nixos/nixos-private-parts"; #private-parts.url = "git+file:///home/palo/dev/nixos/nixos-private-parts";
retiolum.url = "github:Mic92/retiolum";
share-http.inputs.nixpkgs.follows = "nixpkgs"; # only private input share-http.inputs.nixpkgs.follows = "nixpkgs"; # only private input
share-http.url = "git+ssh://forgejo@git.ingolf-wagner.de:2222/palo/share-host.git?ref=main"; share-http.url = "git+ssh://forgejo@git.ingolf-wagner.de:2222/palo/share-host.git?ref=main";
srvos.url = "github:nix-community/srvos"; srvos.url = "github:nix-community/srvos";
stylix.inputs.home-manager.follows = "home-manager"; stylix.inputs.home-manager.follows = "home-manager";
stylix.inputs.nixpkgs.follows = "nixpkgs"; stylix.inputs.nixpkgs.follows = "nixpkgs";
stylix.url = "github:danth/stylix"; stylix.url = "github:danth/stylix";
taskwarrior.inputs.nixpkgs.follows = "nixpkgs";
taskwarrior.url = "github:mrvandalo/taskwarrior-flake"; taskwarrior.url = "github:mrvandalo/taskwarrior-flake";
#taskwarrior.url = "git+file:///home/palo/dev/nixos/taskwarrior-flake"; #taskwarrior.url = "git+file:///home/palo/dev/nixos/taskwarrior-flake";
telemetry.inputs.nixpkgs.follows = "nixpkgs"; telemetry.inputs.nixpkgs.follows = "nixpkgs";
@ -67,10 +73,15 @@
nixos-anywhere, nixos-anywhere,
nixos-hardware, nixos-hardware,
nixpkgs, nixpkgs,
nixpkgs-legacy_2211,
nixpkgs-legacy_2311,
nixpkgs-legacy_2405,
nixpkgs-legacy_2411,
nixpkgs-unstable-small, nixpkgs-unstable-small,
permown, permown,
polygon-art, polygon-art,
private-parts, private-parts,
retiolum,
self, self,
share-http, share-http,
srvos, srvos,
@ -114,6 +125,24 @@
inherit allowUnfree permittedInsecurePackages; inherit allowUnfree permittedInsecurePackages;
}; };
}; };
legacy_2211 = import nixpkgs-legacy_2211 {
inherit system;
config = {
inherit allowUnfree permittedInsecurePackages;
};
};
legacy_2311 = import nixpkgs-legacy_2311 {
inherit system;
config = {
inherit allowUnfree permittedInsecurePackages;
};
};
legacy_2405 = import nixpkgs-legacy_2405 {
inherit system;
config = {
inherit allowUnfree permittedInsecurePackages;
};
};
polygon-art = polygon-art.packages.${system}; polygon-art = polygon-art.packages.${system};
landingpage = landingpage.packages.${system}.plain; landingpage = landingpage.packages.${system}.plain;
share-via-http = share-http.packages.${system}.default; share-via-http = share-http.packages.${system}.default;
@ -122,7 +151,6 @@
tasksh tasksh
taskwarrior-hooks taskwarrior-hooks
; ;
healthchecks = self.packages.${system}.healthchecks;
inherit (self.packages.${system}) inherit (self.packages.${system})
otpmenu otpmenu
nsxiv nsxiv
@ -273,15 +301,13 @@
# inputs.stylix.nixosModules.stylix # fixme: not working # inputs.stylix.nixosModules.stylix # fixme: not working
permown.nixosModules.permown permown.nixosModules.permown
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
# retiolum.nixosModules.retiolum # fixme: not working
]; ];
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10; boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10; boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;
boot.loader.grub.configurationLimit = lib.mkDefault 10; boot.loader.grub.configurationLimit = lib.mkDefault 10;
environment.systemPackages = [ environment.systemPackages = [ pkgs.systemctl-find-service-config ];
pkgs.systemctl-find-service-config
pkgs.healthchecks
];
} }
) )
# My Structure # My Structure
@ -289,6 +315,12 @@
./features ./features
./modules # todo : spread this across features and components ./modules # todo : spread this across features and components
#./system/all # todo : spread this across features and components #./system/all # todo : spread this across features and components
(
{ lib, pkgs, ... }:
{
telemetry.netdata.enable = false;
}
)
# some modules I always use # some modules I always use
telemetry.nixosModules.telemetry telemetry.nixosModules.telemetry
@ -321,8 +353,6 @@
# https://github.com/danth/stylix/issues/543 # https://github.com/danth/stylix/issues/543
stylix.targets.hyprpaper.enable = lib.mkForce false; stylix.targets.hyprpaper.enable = lib.mkForce false;
stylix.targets.hyprland.enable = lib.mkForce false; stylix.targets.hyprland.enable = lib.mkForce false;
stylix.targets.swaylock.enable = lib.mkForce false;
stylix.targets.qt.platform = "qtct";
# running into strange problems # running into strange problems
# fixme: remove if possible # fixme: remove if possible
@ -343,6 +373,10 @@
name = "JetBrains Mono"; name = "JetBrains Mono";
}; };
emoji = config.stylix.fonts.monospace; emoji = config.stylix.fonts.monospace;
# emoji = {
# package = pkgs.noto-fonts-emoji;
# name = "Noto Color Emoji";
# };
sizes.popups = 15; sizes.popups = 15;
}; };
}; };
@ -400,6 +434,7 @@
healthchecks.nixosModules.default healthchecks.nixosModules.default
zerotierModules zerotierModules
nixos-hardware.nixosModules.framework-13th-gen-intel nixos-hardware.nixosModules.framework-13th-gen-intel
retiolum.nixosModules.retiolum
private-parts.nixosModules.cherry private-parts.nixosModules.cherry
homeManagerModules homeManagerModules
stylixModules stylixModules
@ -432,6 +467,7 @@
zerotierControllerModule zerotierControllerModule
homeManagerModules homeManagerModules
stylixModules stylixModules
retiolum.nixosModules.retiolum
private-parts.nixosModules.chungus private-parts.nixosModules.chungus
{ {
home-manager.users.mainUser = import ./homes/palo; home-manager.users.mainUser = import ./homes/palo;

3
homes/common/default.nix
View file

@ -1,14 +1,13 @@
{ lib, ... }: { lib, ... }:
{ {
imports = [ imports = [
./editor.nix ./editor.nix
./network.nix ./network.nix
#./oh-my-posh
./starship-rs ./starship-rs
./packages.nix ./packages.nix
./terminal.nix ./terminal.nix
./zfs.nix ./zfs.nix
]; ];
options.gui.enable = lib.mkEnableOption "should GUI packages be anabled?"; options.gui.enable = lib.mkEnableOption "should GUI packages be anabled?";
} }

5
homes/common/editor.nix
View file

@ -4,6 +4,7 @@
enable = true; enable = true;
defaultEditor = lib.mkDefault true; defaultEditor = lib.mkDefault true;
}; };
# enable = true; programs.helix = {
#}; enable = true;
};
} }

15
homes/common/oh-my-posh/default.nix Normal file
View file

@ -0,0 +1,15 @@
{
pkgs,
config,
lib,
...
}:
with lib;
{
programs.oh-my-posh = {
enable = true;
# https://ohmyposh.dev/docs/themes
#useTheme = "gmay"; # ganz nice, aber farben sind ein bisl schrill
settings = builtins.fromJSON (builtins.readFile ./gmay.json);
};
}

121
homes/common/oh-my-posh/gmay.json Normal file
View file

@ -0,0 +1,121 @@
{
"$schema": "https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/main/themes/schema.json",
"blocks": [
{
"alignment": "left",
"segments": [
{
"background": "#076678",
"foreground": "#EBDBB2",
"leading_diamond": "\ue0b6",
"style": "diamond",
"template": " {{ if .WSL }}WSL at {{ end }}{{.Icon}} ",
"type": "os"
},
{
"background": "#AF3A03",
"foreground": "#EBDBB2",
"powerline_symbol": "\ue0b0",
"style": "powerline",
"template": " \uf0e7 ",
"type": "root"
},
{
"background": "#076678",
"foreground": "#EBDBB2",
"powerline_symbol": "\ue0b0",
"style": "powerline",
"template": " {{ if .SSHSession }}\ueba9 {{ end }}{{ .UserName }}@{{ .HostName }} ",
"type": "session"
},
{
"background": "#B57614",
"foreground": "#EBDBB2",
"powerline_symbol": "\ue0b0",
"properties": {
"style": "full"
},
"style": "powerline",
"template": " \ue5ff {{ .Path }} ",
"type": "path"
},
{
"background": "#79740E",
"foreground": "#EBDBB2",
"powerline_symbol": "\ue0b0",
"properties": {
"time_format": "2006-01-02 15:04:05"
},
"style": "powerline",
"template": " {{ .CurrentDate | date .Format }} ",
"type": "time"
},
{
"type": "project",
"style": "powerline",
"powerline_symbol": "",
"foreground": "#193549",
"background": "#ffeb3b",
"template": " {{ if .Error }}{{ .Error }}{{ else }}{{ if .Version }} {{.Version}}{{ end }} {{ if .Name }}{{ .Name }}{{ end }}{{ end }} "
},
{
"type": "git",
"style": "powerline",
"powerline_symbol": "",
"background": "#427b58",
"foreground": "#EBDBB2",
"background_templates": [
"{{ if or (.Working.Changed) (.Staging.Changed) }}#8f3f71{{ end }}",
"{{ if and (gt .Ahead 0) (gt .Behind 0) }}#076678{{ end }}",
"{{ if gt .Ahead 0 }}#076678{{ end }}",
"{{ if gt .Behind 0 }}#076678{{ end }}"
],
"template": "{{ .UpstreamIcon }}{{ .HEAD }}{{if .BranchStatus }} {{ .BranchStatus }}{{ end }}{{ if .Working.Changed }}  {{ .Working.String }}{{ end }}{{ if and (.Working.Changed) (.Staging.Changed) }} |{{ end }}{{ if .Staging.Changed }}  {{ .Staging.String }}{{ end }}{{ if gt .StashCount 0 }}  {{ .StashCount }}{{ end }}",
"properties": {
"fetch_status": true,
"fetch_upstream_icon": true,
"untracked_modes": {
"/Users/user/Projects/oh-my-posh/": "no"
},
"source": "cli",
"mapped_branches": {
"feat/*": "🚀 ",
"bug/*": "🐛 "
}
}
},
{
"background": "#427B58",
"background_templates": [
"{{ if gt .Code 0 }}#9D0006{{ end }}"
],
"foreground": "#EBDBB2",
"leading_diamond": "<transparent,background>\ue0b0</>",
"properties": {
"always_enabled": true
},
"style": "diamond",
"template": " \ueb05 ",
"trailing_diamond": "\ue0b4",
"type": "status"
}
],
"type": "prompt"
},
{
"alignment": "left",
"newline": true,
"segments": [
{
"foreground": "#076678",
"style": "plain",
"template": "\uf0a9 ",
"type": "text"
}
],
"type": "prompt"
}
],
"final_space": true,
"version": 2
}

69
homes/common/oh-my-posh/gruvbox.json Normal file
View file

@ -0,0 +1,69 @@
{
"$schema": "https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/main/themes/schema.json",
"blocks": [
{
"alignment": "left",
"segments": [
{
"background": "#3A3A3A",
"foreground": "#ffffff",
"style": "powerline",
"template": "{{ if .WSL }}WSL at{{ end }} {{.Icon}} ",
"type": "os"
},
{
"background": "#fbf1c7",
"background_templates": [
"{{ if .Root }}#af3a03{{ end }}"
],
"foreground": "#282828",
"foreground_templates": [
"{{ if .Root }}#fbf1c7{{ end }}"
],
"powerline_symbol": "\ue0b0",
"style": "powerline",
"template": " {{ if .SSHSession }} {{ end }}{{ .HostName }} ",
"type": "session"
},
{
"background": "#458588",
"foreground": "#282828",
"powerline_symbol": "\ue0b0",
"properties": {
"style": "full"
},
"style": "powerline",
"template": " {{ .Path }} ",
"type": "path"
},
{
"background": "#98971A",
"background_templates": [
"{{ if or (.Working.Changed) (.Staging.Changed) }}#FF9248{{ end }}",
"{{ if and (gt .Ahead 0) (gt .Behind 0) }}#ff4500{{ end }}",
"{{ if gt .Ahead 0 }}#B388FF{{ end }}",
"{{ if gt .Behind 0 }}#B388FF{{ end }}"
],
"foreground": "#282828",
"leading_diamond": "\ue0b6",
"powerline_symbol": "\ue0b0",
"properties": {
"branch_max_length": 25,
"fetch_stash_count": true,
"fetch_status": true,
"branch_icon": "\uE0A0 ",
"branch_identical_icon": "\u25CF"
},
"style": "powerline",
"template": " {{ .HEAD }}{{if .BranchStatus }} {{ .BranchStatus }}{{ end }}{{ if .Working.Changed }} \uf044 {{ .Working.String }}{{ end }}{{ if and (.Working.Changed) (.Staging.Changed) }} |{{ end }}{{ if .Staging.Changed }} \uf046 {{ .Staging.String }}{{ end }}{{ if gt .StashCount 0 }} \ueb4b {{ .StashCount }}{{ end }} ",
"trailing_diamond": "\ue0b4",
"type": "git"
}
],
"type": "prompt"
}
],
"console_title_template": "{{ .Folder }}",
"final_space": true,
"version": 2
}

25
homes/common/terminal.nix
View file

@ -37,4 +37,29 @@
enableZshIntegration = true; enableZshIntegration = true;
}; };
# provide better `Ctrl+r` command in terminal
programs.atuin = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
#package = pkgs.atuin;
package = pkgs.legacy_2405.atuin.overrideAttrs (_old: {
# as cursed as doing mitigations=off in the kernel command line
patches = [ "${assets}/0001-make-atuin-on-zfs-fast-again.patch" ];
});
settings = {
auto_sync = true;
sync_frequency = "5m";
sync_address = "http://chungus.private:8888";
search_mode = "fuzzy";
style = "full";
inline_height = 20;
keymap_mode = "vim-normal";
# With workspace filtering enabled, Atuin will filter for commands executed
# in any directory within a git repository tree.
workspaces = true;
};
};
} }

28
homes/palo/atuin.nix
View file

@ -1,28 +0,0 @@
{
# provide better `Ctrl+r` command in terminal
programs.atuin = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
daemon.enable = true;
settings = {
auto_sync = true;
sync_frequency = "5m";
sync_address = "http://chungus.private:8888";
search_mode = "fuzzy";
style = "full";
inline_height = 20;
keymap_mode = "vim-normal";
# because the daemon can't remember my mode (with Ctrl-r)
filter_mode = "directory";
# With workspace filtering enabled, Atuin will filter for commands executed
# in any directory within a git repository tree.
workspaces = true;
};
};
}

3
homes/palo/default.nix
View file

@ -3,7 +3,6 @@
imports = [ imports = [
../common ../common
./atuin.nix
./git.nix ./git.nix
./gpg.nix ./gpg.nix
./gui ./gui
@ -13,7 +12,7 @@
./stylix.nix ./stylix.nix
./taskwarrior.nix ./taskwarrior.nix
./tmux.nix ./tmux.nix
#./zellij.nix ./zellij.nix
]; ];
home.stateVersion = "22.11"; home.stateVersion = "22.11";

1
homes/palo/git.nix
View file

@ -14,7 +14,6 @@ with pkgs;
"*.swp" "*.swp"
"*~" "*~"
".idea" ".idea"
"*.iml"
".*penis.*" ".*penis.*"
"result" "result"
".envrc" ".envrc"

61
homes/palo/i3.nix
View file

@ -87,37 +87,36 @@ in
format = "$icon $percentage $time"; format = "$icon $percentage $time";
} }
{ block = "uptime"; } { block = "uptime"; }
# interferes with `bugwarrior pull` {
# { block = "taskwarrior";
# block = "taskwarrior"; interval = 60;
# interval = 60; format = " $icon $count.eng(w:3) todo ";
# format = " $icon $count.eng(w:3) todo "; format_singular = " $icon 1 task ";
# format_singular = " $icon 1 task "; format_everything_done = "";
# format_everything_done = ""; warning_threshold = 10;
# warning_threshold = 10; critical_threshold = 20;
# critical_threshold = 20; filters = [
# filters = [ {
# { name = "active";
# name = "active"; filter = "+PENDING and ( +ACTIVE or +DUETODAY or +TODAY or +OVERDUE )";
# filter = "+PENDING and ( +ACTIVE or +DUETODAY or +TODAY or +OVERDUE )"; }
# } ];
# ]; }
# } {
# { block = "taskwarrior";
# block = "taskwarrior"; interval = 60;
# interval = 60; format = " $icon $count.eng(w:2) ";
# format = " $icon $count.eng(w:2) "; format_singular = " $icon 1 task ";
# format_singular = " $icon 1 task "; format_everything_done = "";
# format_everything_done = ""; warning_threshold = 3;
# warning_threshold = 3; critical_threshold = 5;
# critical_threshold = 5; filters = [
# filters = [ {
# { name = "started";
# name = "started"; filter = "+PENDING and +ACTIVE";
# filter = "+PENDING and +ACTIVE"; }
# } ];
# ]; }
# }
{ {
block = "time"; block = "time";
interval = 60; interval = 60;

5
homes/palo/packages/development.nix
View file

@ -18,7 +18,7 @@ with lib;
jetbrains.idea-ultimate jetbrains.idea-ultimate
vscode vscode
#zed-editor zed-editor
# minicom # for flipper zero # minicom # for flipper zero
@ -47,6 +47,8 @@ with lib;
termtosvg termtosvg
vhs vhs
#legacy_2311.blockdiag
# nomad # nomad
#nomad #nomad
#vault #vault
@ -114,7 +116,6 @@ with lib;
yq-go yq-go
gojq gojq
jq jq
fx
ijq ijq
miller miller

20
homes/palo/packages/graphics.nix
View file

@ -6,22 +6,6 @@
}: }:
with pkgs; with pkgs;
with lib; with lib;
let
use_override = false;
bambu-studio =
if use_override then
pkgs.bambu-studio.overrideAttrs (old: rec {
version = "01.10.02.76";
src = pkgs.fetchFromGitHub {
owner = "bambulab";
repo = "BambuStudio";
rev = "v${version}";
hash = "sha256-LvAi3I5lnnumhOUagyej28uVy0Lgd3e19HNQXOUWSvQ=";
};
})
else
pkgs.bambu-studio;
in
{ {
config = mkIf config.gui.enable { config = mkIf config.gui.enable {
@ -42,9 +26,7 @@ in
# CAD & 3D Plotting # CAD & 3D Plotting
openscad openscad
fstl fstl
legacy_2311.cura
orca-slicer
bambu-studio
qrencode qrencode

2
homes/palo/packages/logseq.nix
View file

@ -9,7 +9,7 @@ with lib;
{ {
config = mkIf config.gui.enable { config = mkIf config.gui.enable {
home.packages = [ home.packages = [
pkgs.logseq pkgs.legacy_2405.logseq
]; ];
#home.file.".config/Logseq/Preferences".source = (pkgs.formats.json { }).generate "LogseqPreferences.json" #home.file.".config/Logseq/Preferences".source = (pkgs.formats.json { }).generate "LogseqPreferences.json"
# { # {

3
homes/palo/packages/nextcloud.nix
View file

@ -7,7 +7,7 @@
with pkgs; with pkgs;
with lib; with lib;
let let
nextcloud-client = pkgs.nextcloud-client; nextcloud-client = pkgs.legacy_2311.nextcloud-client;
nextcloudSync = nextcloudSync =
folder: folder:
@ -51,7 +51,6 @@ in
(nextcloudSync "Kunstbuch") (nextcloudSync "Kunstbuch")
(nextcloudSync "Flipper") (nextcloudSync "Flipper")
(nextcloudSync "AWS-SolutionArchitect-Professional") (nextcloudSync "AWS-SolutionArchitect-Professional")
(nextcloudSync "windows")
borrow borrow

4
homes/palo/packages/social.nix
View file

@ -9,10 +9,12 @@ with lib;
{ {
config = mkIf config.gui.enable { config = mkIf config.gui.enable {
programs.obs-studio.enable = false; programs.obs-studio.enable = true;
home.packages = [ home.packages = [
emoji-picker emoji-picker
signal-desktop signal-desktop
#legacy_2311.fluffychat
#fluffychat
]; ];
}; };

2
homes/palo/stylix.nix
View file

@ -1,6 +1,8 @@
{ pkgs, config, ... }: { pkgs, config, ... }:
{ {
stylix.targets.swaylock.enable = config.gui.enable;
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml"; stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
stylix.fonts = { stylix.fonts = {

2
homes/palo/taskwarrior.nix
View file

@ -8,6 +8,7 @@ with lib;
with types; with types;
let let
#taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
taskwarrior-tui = pkgs.taskwarrior-tui; taskwarrior-tui = pkgs.taskwarrior-tui;
taskwarrior = pkgs.taskwarrior3; taskwarrior = pkgs.taskwarrior3;
@ -22,7 +23,6 @@ in
home.packages = [ home.packages = [
pkgs.timewarrior pkgs.timewarrior
pkgs.bugwarrior
taskwarrior taskwarrior
pkgs.tasksh pkgs.tasksh

2
homes/tina/stylix.nix
View file

@ -1,6 +1,8 @@
{ pkgs, config, ... }: { pkgs, config, ... }:
{ {
stylix.targets.swaylock.enable = config.gui.enable;
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml"; stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
stylix.fonts = { stylix.fonts = {

11
machines/cherry/configuration.nix
View file

@ -13,6 +13,7 @@
./syncthing.nix ./syncthing.nix
./network-tinc.nix ./network-tinc.nix
./network-tinc_retiolum.nix
./network-wireguard-wg0.nix ./network-wireguard-wg0.nix
./network-wireguard-wg1.nix ./network-wireguard-wg1.nix
@ -26,6 +27,12 @@
]; ];
#time.timeZone = lib.mkForce "Asia/Bangkok";
#time.timeZone = lib.mkForce "Asia/Tokyo";
time.timeZone = lib.mkForce "Pacific/Auckland";
#time.timeZone = lib.mkForce "Asia/Singapore";
#time.timeZone = lib.mkForce "Asia/Makassar";
#clan.core.facts.services = #clan.core.facts.services =
# let # let
# promptKey = key: # promptKey = key:
@ -46,10 +53,8 @@
# (promptKey "pushover.api_key"); # (promptKey "pushover.api_key");
components.virtualisation.enable = true; components.virtualisation.enable = true;
components.virtualisation.qemu.enable = false;
components.gui.enable = true; components.gui.enable = true;
#components.gui.audio.enable = false;
components.mainUser.enable = true; components.mainUser.enable = true;
components.media.enable = true; components.media.enable = true;
components.media.tts-client.enable = false; components.media.tts-client.enable = false;
@ -58,7 +63,7 @@
components.terminal.enable = true; components.terminal.enable = true;
telemetry.enable = true; telemetry.enable = true;
telemetry.apps.opentelemetry.exporter.endpoint = "10.100.0.1:4317"; # orbi telemetry.opentelemetry.exporter.endpoint = "10.100.0.1:4317"; # orbi
home-manager.users.mainUser.home.sessionPath = [ "$HOME/.timewarrior/scripts" ]; home-manager.users.mainUser.home.sessionPath = [ "$HOME/.timewarrior/scripts" ];
# todo: move to homemanager # todo: move to homemanager

38
machines/cherry/network-tinc_retiolum.nix Normal file
View file

@ -0,0 +1,38 @@
{
config,
factsGenerator,
pkgs,
...
}:
{
clan.core.facts.services.tinc_retiolum = factsGenerator.tinc { name = "retiolum"; };
networking.retiolum.port = 720;
networking.retiolum.nodename = "cherry";
healthchecks.localCommands.ping-retiolum = pkgs.writers.writeBash "ping-retiolum" ''
ping -c 1 -W 5 ${config.networking.retiolum.nodename}.r
'';
services.tinc.networks.retiolum = {
ed25519PrivateKeyFile =
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.ed25519_key.priv".path;
rsaPrivateKeyFile =
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.rsa_key.priv".path;
};
#fileSystems."/retiolum/sicily" = {
# device = "//sicily.r/tonne";
# fsType = "cifs";
# options = [
# "guest"
# "nofail"
# "noauto"
# "ro"
# "rsize=16777216"
# "cache=loose"
# "x-systemd.after=network.target"
# ];
#};
}

3
machines/cherry/network-wireguard-wg0.nix
View file

@ -18,9 +18,6 @@
"wireguard.wg0.ip" = "10.100.0.7"; "wireguard.wg0.ip" = "10.100.0.7";
}; };
# actually important to make machine visible over wireguard
services.telegraf.extraConfig.inputs.ping = [ { urls = [ "10.100.0.1" ]; } ];
# Enable WireGuard # Enable WireGuard
networking.wg-quick.interfaces = { networking.wg-quick.interfaces = {
# Hub and Spoke Setup # Hub and Spoke Setup

6
machines/chungus/configuration.nix
View file

@ -15,8 +15,9 @@
./packages.nix ./packages.nix
./network-tinc-retiolum.nix # make sure no service is open for this vpn!
./network-tinc.nix ./network-tinc.nix
./network-wireguard-wg0.nix ./network-wireguard.nix
./hass-mqtt.nix ./hass-mqtt.nix
./hass-zigbee2mqtt.nix ./hass-zigbee2mqtt.nix
@ -71,11 +72,12 @@
features.boot.tor.enable = true; features.boot.tor.enable = true;
telemetry.enable = true; telemetry.enable = true;
telemetry.apps.opentelemetry.receiver.endpoint = "0.0.0.0:4317"; telemetry.opentelemetry.receiver.endpoint = "0.0.0.0:4317";
networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ]; networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ];
networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ]; networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ];
healthchecks.closed.wg0.host = "10.100.0.2"; healthchecks.closed.wg0.host = "10.100.0.2";
healthchecks.closed.retiolum.host = "centauri.r";
services.printing.enable = false; services.printing.enable = false;

1
machines/chungus/hass-mqtt.nix
View file

@ -16,4 +16,5 @@
networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [ 1883 ]; networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [ 1883 ];
networking.firewall.interfaces.wg0.allowedTCPPorts = [ 1883 ]; networking.firewall.interfaces.wg0.allowedTCPPorts = [ 1883 ];
healthchecks.closed.retiolum.ports.mqtt = [ 1883 ];
} }

5
machines/chungus/hass-zigbee2mqtt.nix
View file

@ -8,6 +8,11 @@
{ {
imports = [ ./hass-mqtt.nix ]; imports = [ ./hass-mqtt.nix ];
healthchecks.closed.retiolum.ports.zigbee2mqtt = [
1337
9666
];
services.zigbee2mqtt = { services.zigbee2mqtt = {
enable = true; enable = true;
dataDir = "/srv2/zigbee2mqtt"; dataDir = "/srv2/zigbee2mqtt";

4
machines/chungus/hass.nix
View file

@ -2,7 +2,6 @@
config, config,
lib, lib,
pkgs, pkgs,
zerotierInterface,
... ...
}: }:
{ {
@ -18,6 +17,7 @@
networking.firewall.interfaces.wg0.allowedTCPPorts = [ 8123 ]; networking.firewall.interfaces.wg0.allowedTCPPorts = [ 8123 ];
networking.firewall.interfaces.wg0.allowedUDPPorts = [ 8123 ]; networking.firewall.interfaces.wg0.allowedUDPPorts = [ 8123 ];
networking.firewall.interfaces.${zerotierInterface}.allowedTCPPorts = [ 8123 ];
healthchecks.closed.retiolum.ports.hass = [ 8123 ];
} }

73
machines/chungus/media-audiobookshelf.nix
View file

@ -2,68 +2,43 @@
config, config,
lib, lib,
pkgs, pkgs,
zerotierInterface,
... ...
}: }:
with pkgs;
let let
port = 8000;
group = "media"; group = "media";
port = 9002;
in in
{ {
healthchecks.http.audiobookshelf-via-zerotier = {
url = "${config.networking.hostName}.${config.clan.static-hosts.topLevelDomain}:${toString port}";
expectedContent = "audiobookshelf";
};
networking.firewall.interfaces.${zerotierInterface}.allowedTCPPorts = [ port ];
users.users.audiobookshelf = { users.users.audiobookshelf = {
isSystemUser = true; isSystemUser = true;
group = lib.mkForce group; group = group;
}; };
# systemd.services.audiobookshelf = { # make available in retiolum
# enable = true; #networking.firewall.interfaces."tinc.retiolum".allowedTCPPorts = [ port ];
# description = "Self-hosted audiobook server for managing and playing audiobooks"; #networking.firewall.interfaces."tinc.retiolum".allowedUDPPorts = [ port ];
# serviceConfig = {
# Type = "simple";
# WorkingDirectory = "/srv/audiobookshelf";
# ExecStart = "${audiobookshelf}/bin/audiobookshelf --port ${toString port}";
# ExecReload = "${util-linux}/bin/kill -HUP $MAINPID";
# Restart = "always";
# User = config.users.users.audiobookshelf.name;
# Group = config.users.users.audiobookshelf.group;
# };
# wantedBy = [ "multi-user.target" ];
# requires = [ "network.target" ];
# };
services.audiobookshelf = { networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [ port ];
networking.firewall.interfaces.enp0s31f6.allowedUDPPorts = [ port ];
networking.firewall.interfaces.wg0.allowedTCPPorts = [ port ];
networking.firewall.interfaces.wg0.allowedUDPPorts = [ port ];
systemd.services.audiobookshelf = {
enable = true; enable = true;
port = 8000; description = "Self-hosted audiobook server for managing and playing audiobooks";
}; serviceConfig = {
Type = "simple";
services.nginx = { WorkingDirectory = "/srv/audiobookshelf";
enable = true; ExecStart = "${audiobookshelf}/bin/audiobookshelf --port ${toString port}";
recommendedProxySettings = true; ExecReload = "${util-linux}/bin/kill -HUP $MAINPID";
virtualHosts."audiobookshelf.${config.networking.hostName}.${config.clan.static-hosts.topLevelDomain}" = Restart = "always";
{ User = config.users.users.audiobookshelf.name;
listen = [ Group = config.users.users.audiobookshelf.group;
{
addr = "[::]";
port = port;
ssl = false;
}
];
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.audiobookshelf.port}";
proxyWebsockets = true;
extraConfig = ''
proxy_redirect http:// $scheme://;
'';
};
}; };
wantedBy = [ "multi-user.target" ];
requires = [ "network.target" ];
}; };
} }

3
machines/chungus/media-jellyfin.nix
View file

@ -7,7 +7,7 @@
{ {
services.jellyfin = { services.jellyfin = {
enable = true; enable = true;
openFirewall = true; openFirewall = true; # todo: will open for retiolum as well
group = "media"; group = "media";
user = "media"; user = "media";
}; };
@ -15,6 +15,7 @@
healthchecks.http.jellyfin = { healthchecks.http.jellyfin = {
url = "flix.${config.networking.hostName}.private"; url = "flix.${config.networking.hostName}.private";
}; };
healthchecks.closed.retiolum.ports.jellyfin = [ 8096 ];
services.nginx = { services.nginx = {
enable = true; enable = true;

17
machines/chungus/media-navidrome.nix
View file

@ -2,32 +2,23 @@
config, config,
lib, lib,
pkgs, pkgs,
zerotierInterface,
... ...
}: }:
{ {
healthchecks.http.navidrome-tinc = { healthchecks.http.navidrome = {
url = "${config.networking.hostName}.private:${toString config.services.navidrome.settings.Port}/app/#/login"; url = "${config.networking.hostName}.wg0:${toString config.services.navidrome.settings.Port}/app/#/login";
expectedContent = "Navidrome"; expectedContent = "Navidrome";
}; };
healthchecks.http.navidrome-via-zerotier = { healthchecks.closed.retiolum.ports.navidrome = [ config.services.navidrome.settings.Port ];
url = "${config.networking.hostName}.${config.clan.static-hosts.topLevelDomain}:${toString config.services.navidrome.settings.Port}/app/#/login";
expectedContent = "Navidrome";
};
networking.firewall.interfaces.${zerotierInterface}.allowedTCPPorts = [
config.services.navidrome.settings.Port
];
services.navidrome = { services.navidrome = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
group = "media"; group = "media";
user = "media"; user = "media";
settings.Address = "[::]"; settings.Address = "0.0.0.0";
settings.Port = 4533;
settings.MusicFolder = "/media/arr/lidarr"; settings.MusicFolder = "/media/arr/lidarr";
}; };

6
machines/chungus/media-share.nix
View file

@ -1,6 +1,12 @@
{ config, ... }: { config, ... }:
{ {
healthchecks.closed.retiolum.ports.share = [
137
138
139
445
];
networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [ networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [
445 445
139 139

1
machines/chungus/media-syncthing.nix
View file

@ -10,6 +10,7 @@
url = config.services.syncthing.guiAddress; url = config.services.syncthing.guiAddress;
expectedContent = "syncthing"; expectedContent = "syncthing";
}; };
healthchecks.closed.retiolum.ports.syncthing-gui = [ 8384 ];
services.syncthing = { services.syncthing = {
enable = true; enable = true;

23
machines/chungus/network-tinc-retiolum.nix Normal file
View file

@ -0,0 +1,23 @@
{
config,
factsGenerator,
pkgs,
...
}:
{
clan.core.facts.services.tinc_retiolum = factsGenerator.tinc { name = "retiolum"; };
networking.retiolum.port = 720;
networking.retiolum.nodename = "chungus";
healthchecks.localCommands.ping-retiolum = pkgs.writers.writeBash "ping-retiolum" ''
ping -c 1 -W 5 ${config.networking.retiolum.nodename}.r
'';
services.tinc.networks.retiolum = {
ed25519PrivateKeyFile =
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.ed25519_key.priv".path;
rsaPrivateKeyFile =
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.rsa_key.priv".path;
};
}

3
machines/chungus/network-wireguard-wg0.nix → machines/chungus/network-wireguard.nix
View file

@ -18,9 +18,6 @@
"wireguard.wg0.ip" = "10.100.0.2"; "wireguard.wg0.ip" = "10.100.0.2";
}; };
# actually important to make machine visible over wireguard
services.telegraf.extraConfig.inputs.ping = [ { urls = [ "10.100.0.1" ]; } ];
# Enable WireGuard # Enable WireGuard
networking.wg-quick.interfaces = { networking.wg-quick.interfaces = {
# Hub and Spoke Setup # Hub and Spoke Setup

16
machines/chungus/service-atuin.nix
View file

@ -5,21 +5,15 @@
... ...
}: }:
{ {
healthchecks.http.atuin-tinc = {
url = "${config.networking.hostName}.private:${toString config.services.atuin.port}";
expectedContent = "version";
};
# healthchecks.http.atuin-wg0 = { healthchecks.closed.retiolum.ports.atuin = [ config.services.atuin.port ];
# url = "${config.networking.hostName}.wg0:${toString config.services.atuin.port}";
# expectedContent = "version";
# };
# networking.firewall.interfaces.wg0.allowedTCPPorts = [
# config.services.atuin.port
# ];
services.atuin = { services.atuin = {
enable = true; enable = true;
package = pkgs.legacy_2405.atuin.overrideAttrs (_old: {
# as cursed as doing mitigations=off in the kernel command line
patches = [ "${assets}/0001-make-atuin-on-zfs-fast-again.patch" ];
});
host = "0.0.0.0"; host = "0.0.0.0";
maxHistoryLength = 999999; maxHistoryLength = 999999;
openRegistration = false; openRegistration = false;

2
machines/chungus/service-forgejo.nix
View file

@ -10,6 +10,8 @@
expectedContent = "nixinate"; expectedContent = "nixinate";
}; };
healthchecks.closed.retiolum.ports.forgejo = [ config.services.forgejo.settings.server.HTTP_PORT ];
services.nginx = { services.nginx = {
enable = true; enable = true;
statusPage = true; statusPage = true;

1
machines/chungus/service-paperless-healthchecks.nix
View file

@ -11,5 +11,6 @@
url = "http://paperless.chungus.private/accounts/login/?next=/"; url = "http://paperless.chungus.private/accounts/login/?next=/";
expectedContent = "paperless.chungus.private"; expectedContent = "paperless.chungus.private";
}; };
healthchecks.closed.retiolum.ports.paperless = [ config.services.paperless.port ];
} }

7
machines/chungus/service-paperless.nix
View file

@ -2,15 +2,13 @@
config, config,
pkgs, pkgs,
lib, lib,
zerotierInterface,
... ...
}: }:
{ {
services.paperless = { services.paperless = {
enable = true; enable = true;
address = "[::]"; address = "0.0.0.0";
port = 28981;
package = pkgs.paperless-ngx; package = pkgs.paperless-ngx;
settings = { settings = {
PAPERLESS_OCR_LANGUAGE = "deu+eng"; PAPERLESS_OCR_LANGUAGE = "deu+eng";
@ -37,9 +35,6 @@
}; };
networking.firewall.interfaces.wg0.allowedTCPPorts = [ config.services.paperless.port ]; networking.firewall.interfaces.wg0.allowedTCPPorts = [ config.services.paperless.port ];
networking.firewall.interfaces.${zerotierInterface}.allowedTCPPorts = [
config.services.paperless.port
];
services.nginx.virtualHosts."paperless.${config.networking.hostName}.private" = { services.nginx.virtualHosts."paperless.${config.networking.hostName}.private" = {
serverAliases = [ "paperless.ingolf-wagner.de" ]; serverAliases = [ "paperless.ingolf-wagner.de" ];

5
machines/chungus/service-s3.nix
View file

@ -1,6 +1,11 @@
{ config, factsGenerator, ... }: { config, factsGenerator, ... }:
{ {
healthchecks.closed.retiolum.ports.s3 = [
9000
9001
];
healthchecks.http.s3 = { healthchecks.http.s3 = {
url = "http://s3.chungus.private:9001/login"; url = "http://s3.chungus.private:9001/login";
expectedContent = "minio"; expectedContent = "minio";

2
machines/chungus/service-taskwarrior.nix
View file

@ -6,6 +6,8 @@
}: }:
{ {
healthchecks.closed.retiolum.ports.taskwarrior-webui = [ 8080 ];
virtualisation.oci-containers = { virtualisation.oci-containers = {
containers.taskwarrior-webui = { containers.taskwarrior-webui = {
volumes = [ volumes = [

2
machines/chungus/service-vault.nix
View file

@ -1,6 +1,8 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
healthchecks.closed.retiolum.ports.vault = [ 8200 ];
services.vault = { services.vault = {
enable = true; enable = true;
#adress = "chungus.private:8200"; #adress = "chungus.private:8200";

4
machines/chungus/telemetry/loki.nix
View file

@ -7,7 +7,7 @@
default_labels_enabled = { default_labels_enabled = {
exporter = true; exporter = true;
job = true; job = true;
instance_name = true; instance = true;
level = true; level = true;
}; };
}; };
@ -16,7 +16,7 @@
{ {
action = "insert"; action = "insert";
key = "loki.attribute.labels"; key = "loki.attribute.labels";
value = "job, unit, boot_id, instance_name, facility, facility_label, priority, priority_label"; value = "job, unit, boot_id, instance, facility, facility_label, priority, priority_label";
} }
]; ];
resource.attributes = [ resource.attributes = [

8
machines/chungus/telemetry/prometheus.nix
View file

@ -22,8 +22,12 @@
}; };
}; };
telemetry.apps.prometheus.enable = true; services.prometheus = {
telemetry.apps.prometheus.retentionTime = "90d"; checkConfig = "syntax-only";
enable = true;
# keep data for 30 days
extraFlags = [ "--storage.tsdb.retention.time=90d" ];
};
services.grafana.provision.datasources.settings = { services.grafana.provision.datasources.settings = {
apiVersion = 1; apiVersion = 1;

6
machines/chungus/topology.nix
View file

@ -22,5 +22,11 @@ with config.lib.topology;
# type = "tinc"; # type = "tinc";
virtual = true; virtual = true;
}; };
interfaces."tinc.retiolum" = {
network = "tinc.retiolum";
# type = "tinc";
virtual = true;
};
}; };
} }

2
machines/chungus/zerotier-controller.nix
View file

@ -22,6 +22,8 @@ let
in in
{ {
healthchecks.closed.retiolum.ports.vault = [ 9993 ];
environment.systemPackages = [ environment.systemPackages = [
(zerotierCommand "zerotier-script-members" '' (zerotierCommand "zerotier-script-members" ''
curl "http://localhost:9993/controller/network/''${NWID}/member" -H "X-ZT1-AUTH: ''${TOKEN}" | gojq curl "http://localhost:9993/controller/network/''${NWID}/member" -H "X-ZT1-AUTH: ''${TOKEN}" | gojq

11
machines/orbi/configuration.nix
View file

@ -45,10 +45,6 @@
]; ];
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.extraCommands = ''
iptables -P FORWARD DROP
'';
boot.kernel.sysctl."net.ipv4.ip_forwarding" = false;
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here services.logrotate.checkConfig = false; # because uid 3000 does not exist in here
@ -60,19 +56,16 @@
components.network.enable = true; components.network.enable = true;
components.network.nginx.landingpage.enable = false; components.network.nginx.landingpage.enable = false;
components.network.wifi.enable = false; components.network.wifi.enable = false;
components.virtualisation.enable = true; # we only enable this stuff where we need it explicitly components.virtualisation.enable = true; # we only enable this stuff where we need it explicitly
components.virtualisation.podman.enable = false; components.virtualisation.podman.enable = false;
components.virtualisation.virtualbox.enable = false;
virtualisation.oci-containers.backend = "docker"; virtualisation.oci-containers.backend = "docker";
features.network.fail2ban.enable = true; features.network.fail2ban.enable = true;
features.boot.ssh.enable = true; features.boot.ssh.enable = true;
telemetry.enable = true; telemetry.enable = true;
telemetry.apps.opentelemetry.receiver.endpoint = "0.0.0.0:4317"; telemetry.opentelemetry.receiver.endpoint = "0.0.0.0:4317";
telemetry.apps.opentelemetry.exporter.endpoint = "10.100.0.2:4317"; # chnungus telemetry.opentelemetry.exporter.endpoint = "10.100.0.2:4317"; # chnungus
networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ]; networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ];
networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ]; networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ];
healthchecks.closed.public.ports.opentelemetry = [ 4317 ]; healthchecks.closed.public.ports.opentelemetry = [ 4317 ];

3
machines/orbi/media-nextcloud.nix
View file

@ -114,8 +114,9 @@ in
{ {
nixpkgs.pkgs = pkgs; nixpkgs.pkgs = pkgs;
imports = [ imports = [
"${components}/monitor/container.nix"
inputs.nix-topology.nixosModules.default inputs.nix-topology.nixosModules.default
inputs.telemetry.nixosModules.container-telemetry-non-private-network inputs.telemetry.nixosModules.telemetry
]; ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here services.logrotate.checkConfig = false; # because uid 3000 does not exist in here

4
machines/orbi/media-transmission2.nix
View file

@ -35,8 +35,9 @@ in
{ {
nixpkgs.pkgs = pkgs; nixpkgs.pkgs = pkgs;
imports = [ imports = [
"${components}/monitor/container.nix"
inputs.nix-topology.nixosModules.default inputs.nix-topology.nixosModules.default
inputs.telemetry.nixosModules.container-telemetry-non-private-network inputs.telemetry.nixosModules.telemetry
]; ];
system.stateVersion = "21.05"; system.stateVersion = "21.05";
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here services.logrotate.checkConfig = false; # because uid 3000 does not exist in here
@ -49,6 +50,7 @@ in
services.transmission = { services.transmission = {
enable = true; enable = true;
package = pkgs.legacy_2405.transmission_4;
settings = { settings = {
download-dir = "/media/torrent/downloads"; download-dir = "/media/torrent/downloads";
incomplete-dir = "/media/torrent/incomplete"; incomplete-dir = "/media/torrent/incomplete";

7
machines/orbi/network-wireguard.nix
View file

@ -20,11 +20,6 @@ let
in in
{ {
networking.firewall.allowedUDPPorts = [ 51820 ]; networking.firewall.allowedUDPPorts = [ 51820 ];
networking.firewall.extraCommands = ''
iptables -A FORWARD -i wg0 -j ACCEPT
'';
boot.kernel.sysctl."net.ipv4.conf.wg0.forwarding" = true;
clan.core.facts.services.wireguard = factsGenerator.wireguard { name = "wg0"; }; clan.core.facts.services.wireguard = factsGenerator.wireguard { name = "wg0"; };
clan.core.facts.services.wireguard_ip = factsGenerator.public { clan.core.facts.services.wireguard_ip = factsGenerator.public {
"wireguard.wg0.endpoint" = "95.216.66.212:51820"; "wireguard.wg0.endpoint" = "95.216.66.212:51820";
@ -36,6 +31,8 @@ in
ping -c 1 -W 5 ${config.clan.core.facts.services.wireguard_ip.public."wireguard.wg0.ip".value} ping -c 1 -W 5 ${config.clan.core.facts.services.wireguard_ip.public."wireguard.wg0.ip".value}
''; '';
boot.kernel.sysctl."net.ipv4.ip_forward" = true;
# Enable WireGuard # Enable WireGuard
networking.wg-quick.interfaces = { networking.wg-quick.interfaces = {
# Hub and Spoke Setup # Hub and Spoke Setup

3
machines/orbi/service-forgejo.nix
View file

@ -60,8 +60,9 @@ in
{ {
nixpkgs.pkgs = pkgs; nixpkgs.pkgs = pkgs;
imports = [ imports = [
"${components}/monitor/container.nix"
inputs.nix-topology.nixosModules.default inputs.nix-topology.nixosModules.default
inputs.telemetry.nixosModules.container-telemetry-non-private-network inputs.telemetry.nixosModules.telemetry
]; ];
system.stateVersion = "24.11"; system.stateVersion = "24.11";
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here services.logrotate.checkConfig = false; # because uid 3000 does not exist in here

40
machines/orbi/service-nix-cache.nix
View file

@ -4,11 +4,12 @@
pkgs, pkgs,
... ...
}: }:
let
port = 5005;
in
{ {
# nixpkgs.config.packageOverrides = p: {
# nix-serve = p.haskellPackages.nix-serve-ng;
# };
# generate private key with: # generate private key with:
# nix-store --generate-binary-cache-key my-secret-key my-public-key # nix-store --generate-binary-cache-key my-secret-key my-public-key
clan.core.facts.services."nix-serve" = { clan.core.facts.services."nix-serve" = {
@ -25,31 +26,34 @@ in
''; '';
}; };
services.harmonia = { services.nix-serve = {
enable = true; enable = true;
signKeyPaths = [ config.clan.core.facts.services.nix-serve.secret."nix-serve.key".path ]; secretKeyFile = config.clan.core.facts.services.nix-serve.secret."nix-serve.key".path;
settings = { port = 5005;
bind = "127.0.0.1:${toString port}";
priority = 100;
};
}; };
healthchecks.closed.public.ports.nix-cache = [ port ]; healthchecks.closed.public.ports.nix-serve = [ config.services.nix-serve.port ];
healthchecks.http.nix-cache = { healthchecks.http.nix-serve = {
url = "cache.${config.networking.hostName}.wg0/nix-cache-info"; url = "cache.${config.networking.hostName}.wg0/nix-cache-info";
expectedContent = "Priority: ${toString config.services.harmonia.settings.priority}"; expectedContent = "Priority: 50";
}; };
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts."cache.${config.networking.hostName}.wg0" = { virtualHosts."cache.${config.networking.hostName}.wg0" = {
locations."/".extraConfig = '' locations."/".extraConfig = ''
proxy_pass http://localhost:${toString port}; proxy_pass http://localhost:${toString config.services.nix-serve.port};
proxy_set_header Host $host; allow ${config.wireguard.wg0.subnet};
proxy_http_version 1.1; deny all;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; '';
proxy_set_header Upgrade $http_upgrade; # curl https://cache.nixos.org/nix-cache-info
proxy_set_header Connection $connection_upgrade; # lower priority means ask first.
locations."= /nix-cache-info".extraConfig = ''
alias ${pkgs.writeText "cache-info" ''
StoreDir: /nix/store
WantMassQuery: 1
Priority: 50
''};
allow ${config.wireguard.wg0.subnet}; allow ${config.wireguard.wg0.subnet};
deny all; deny all;
''; '';

9
machines/orbi/service-photoprism.nix
View file

@ -4,7 +4,6 @@
lib, lib,
components, components,
inputs, inputs,
zerotierInterface,
... ...
}: }:
let let
@ -15,19 +14,17 @@ in
{ {
networking.firewall.interfaces.wg0.allowedTCPPorts = [ photoprismPort ]; networking.firewall.interfaces.wg0.allowedTCPPorts = [ photoprismPort ];
# networking.firewall.interfaces.wg0.allowedUDPPorts = [ photoprismPort ];
healthchecks.closed.public.ports.photoprism = [ healthchecks.closed.public.ports.photoprism = [
photoprismPort photoprismPort
mysqlPort mysqlPort
]; ];
healthchecks.http.photoprism = { healthchecks.http.photoprism = {
url = "http://10.100.0.1:2342/library/login"; url = "http://10.100.0.1:2342/library/login";
expectedContent = "AI-Powered Photos App"; expectedContent = "AI-Powered Photos App";
}; };
networking.firewall.interfaces.${zerotierInterface}.allowedTCPPorts = [ photoprismPort ];
containers.photoprism = { containers.photoprism = {
privateNetwork = false; privateNetwork = false;
autoStart = true; autoStart = true;
@ -37,8 +34,9 @@ in
{ {
nixpkgs.pkgs = pkgs; nixpkgs.pkgs = pkgs;
imports = [ imports = [
"${components}/monitor/container.nix"
inputs.nix-topology.nixosModules.default inputs.nix-topology.nixosModules.default
inputs.telemetry.nixosModules.container-telemetry-non-private-network inputs.telemetry.nixosModules.telemetry
]; ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here services.logrotate.checkConfig = false; # because uid 3000 does not exist in here
@ -52,6 +50,7 @@ in
services.photoprism = { services.photoprism = {
enable = true; enable = true;
port = photoprismPort; port = photoprismPort;
package = pkgs.legacy_2405.photoprism;
originalsPath = "/var/lib/private/photoprism/originals"; originalsPath = "/var/lib/private/photoprism/originals";
address = "0.0.0.0"; address = "0.0.0.0";
settings = { settings = {

3
machines/orbi/service-surrealdb.nix
View file

@ -25,8 +25,9 @@ in
{ {
nixpkgs.pkgs = pkgs; nixpkgs.pkgs = pkgs;
imports = [ imports = [
"${components}/monitor/container.nix"
inputs.nix-topology.nixosModules.default inputs.nix-topology.nixosModules.default
inputs.telemetry.nixosModules.container-telemetry-non-private-network inputs.telemetry.nixosModules.telemetry
]; ];
system.stateVersion = "24.05"; system.stateVersion = "24.05";
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here services.logrotate.checkConfig = false; # because uid 3000 does not exist in here

3
machines/orbi/social-matrix-terranix.nix
View file

@ -90,8 +90,9 @@ in
{ {
nixpkgs.pkgs = pkgs; nixpkgs.pkgs = pkgs;
imports = [ imports = [
"${components}/monitor/container.nix"
inputs.nix-topology.nixosModules.default inputs.nix-topology.nixosModules.default
inputs.telemetry.nixosModules.container-telemetry-non-private-network inputs.telemetry.nixosModules.telemetry
]; ];
system.stateVersion = "23.11"; system.stateVersion = "23.11";
services.logrotate.checkConfig = false; # because uid 3000 does not exist in here services.logrotate.checkConfig = false; # because uid 3000 does not exist in here

1
machines/usbstick/hardware-configuration/hardware-configuration.nix
View file

@ -50,6 +50,7 @@
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s25.useDHCP = lib.mkDefault true; # networking.interfaces.enp0s25.useDHCP = lib.mkDefault true;
# networking.interfaces.tinc.private.useDHCP = lib.mkDefault true; # networking.interfaces.tinc.private.useDHCP = lib.mkDefault true;
# networking.interfaces.tinc.retiolum.useDHCP = lib.mkDefault true;
# networking.interfaces.tinc.secret.useDHCP = lib.mkDefault true; # networking.interfaces.tinc.secret.useDHCP = lib.mkDefault true;
# networking.interfaces.virbr0.useDHCP = lib.mkDefault true; # networking.interfaces.virbr0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;

3
machines/usbstick/network-wireguard-wg0.nix
View file

@ -12,9 +12,6 @@
"wireguard.wg0.ip" = "10.100.0.100"; "wireguard.wg0.ip" = "10.100.0.100";
}; };
# actually important to make machine visible over wireguard
services.telegraf.extraConfig.inputs.ping = [ { urls = [ "10.100.0.1" ]; } ];
# Enable WireGuard # Enable WireGuard
networking.wg-quick.interfaces = { networking.wg-quick.interfaces = {
# Hub and Spoke Setup # Hub and Spoke Setup

15
nix/formatter.nix
View file

@ -13,21 +13,6 @@
programs.deno.enable = true; programs.deno.enable = true;
programs.yamlfmt.enable = true; programs.yamlfmt.enable = true;
programs.black.enable = true; programs.black.enable = true;
programs.beautysh.enable = true;
programs.taplo.enable = true;
programs.clang-format.enable = true;
settings.global.excludes = [
"machines/*/facts/*"
"old-machines/*/facts/*"
"vars/*"
"*.gpg"
"*.pub"
".git-crypt/*"
"*.png"
"LICENSE"
"*.gitignore"
".gitattributes"
];
}; };
}; };
} }

3
nix/packages/default.nix
View file

@ -4,6 +4,9 @@
perSystem = perSystem =
{ pkgs, system, ... }: { pkgs, system, ... }:
with pkgs; with pkgs;
let
legacy_2311 = import inputs.nixpkgs-legacy_2311 { inherit system; };
in
{ {
packages.pkl = callPackage ./pkl { }; packages.pkl = callPackage ./pkl { };
packages.otpmenu = callPackage ./otpmenu { }; packages.otpmenu = callPackage ./otpmenu { };

228
nix/packages/nsxiv/config.def.h
View file

@ -6,15 +6,14 @@ static const int WIN_HEIGHT = 600;
/* colors and font can be overwritten via X resource properties. /* colors and font can be overwritten via X resource properties.
* See nsxiv(1), X(7) section Resources and xrdb(1) for more information. * See nsxiv(1), X(7) section Resources and xrdb(1) for more information.
* X resource value (NULL == * X resource value (NULL == default) */
* default) */ static const char *WIN_BG[] = { "Nsxiv.window.background", "white" };
static const char *WIN_BG[] = {"Nsxiv.window.background", "white"}; static const char *WIN_FG[] = { "Nsxiv.window.foreground", "black" };
static const char *WIN_FG[] = {"Nsxiv.window.foreground", "black"}; static const char *MARK_FG[] = { "Nsxiv.mark.foreground", NULL };
static const char *MARK_FG[] = {"Nsxiv.mark.foreground", NULL};
#if HAVE_LIBFONTS #if HAVE_LIBFONTS
static const char *BAR_BG[] = {"Nsxiv.bar.background", NULL}; static const char *BAR_BG[] = { "Nsxiv.bar.background", NULL };
static const char *BAR_FG[] = {"Nsxiv.bar.foreground", NULL}; static const char *BAR_FG[] = { "Nsxiv.bar.foreground", NULL };
static const char *BAR_FONT[] = {"Nsxiv.bar.font", "monospace-8"}; static const char *BAR_FONT[] = { "Nsxiv.bar.font", "monospace-8" };
/* if true, statusbar appears on top of the window */ /* if true, statusbar appears on top of the window */
static const bool TOP_STATUSBAR = false; static const bool TOP_STATUSBAR = false;
@ -26,8 +25,10 @@ static const bool TOP_STATUSBAR = false;
/* levels (in percent) to use when zooming via '-' and '+': /* levels (in percent) to use when zooming via '-' and '+':
* (first/last value is used as min/max zoom level) * (first/last value is used as min/max zoom level)
*/ */
static const float zoom_levels[] = {12.5, 25.0, 50.0, 75.0, 100.0, static const float zoom_levels[] = {
150.0, 200.0, 400.0, 800.0}; 12.5, 25.0, 50.0, 75.0,
100.0, 150.0, 200.0, 400.0, 800.0
};
/* default slideshow delay (in sec, overwritten via -S option): */ /* default slideshow delay (in sec, overwritten via -S option): */
static const int SLIDESHOW_DELAY = 5; static const int SLIDESHOW_DELAY = 5;
@ -52,12 +53,9 @@ static const int PAN_FRACTION = 5;
* NOTE: higher cache size means better image reloading performance, but also * NOTE: higher cache size means better image reloading performance, but also
* higher memory usage. * higher memory usage.
*/ */
static const int CACHE_SIZE_MEM_PERCENTAGE = static const int CACHE_SIZE_MEM_PERCENTAGE = 3; /* use 3% of total memory for cache */
3; /* use 3% of total memory for cache */ static const int CACHE_SIZE_LIMIT = 256 * 1024 * 1024; /* but not above 256MiB */
static const int CACHE_SIZE_LIMIT = static const int CACHE_SIZE_FALLBACK = 32 * 1024 * 1024; /* fallback to 32MiB if we can't determine total memory */
256 * 1024 * 1024; /* but not above 256MiB */
static const int CACHE_SIZE_FALLBACK =
32 * 1024 * 1024; /* fallback to 32MiB if we can't determine total memory */
#endif #endif
#ifdef INCLUDE_OPTIONS_CONFIG #ifdef INCLUDE_OPTIONS_CONFIG
@ -84,7 +82,7 @@ static const bool TNS_FILTERS_IS_BLACKLIST = false;
#ifdef INCLUDE_THUMBS_CONFIG #ifdef INCLUDE_THUMBS_CONFIG
/* thumbnail sizes in pixels (width == height): */ /* thumbnail sizes in pixels (width == height): */
static const int thumb_sizes[] = {32, 64, 96, 128, 160}; static const int thumb_sizes[] = { 32, 64, 96, 128, 160 };
/* thumbnail size at startup, index into thumb_sizes[]: */ /* thumbnail size at startup, index into thumb_sizes[]: */
static const int THUMB_SIZE = 3; static const int THUMB_SIZE = 3;
@ -101,114 +99,114 @@ static const KeySym KEYHANDLER_ABORT = XK_Escape;
/* keyboard mappings for image and thumbnail mode: */ /* keyboard mappings for image and thumbnail mode: */
static const keymap_t keys[] = { static const keymap_t keys[] = {
/* modifiers key function argument */ /* modifiers key function argument */
{0, XK_q, g_quit, 0}, { 0, XK_q, g_quit, 0 },
{0, XK_Q, g_pick_quit, 0}, { 0, XK_Q, g_pick_quit, 0 },
{0, XK_Return, g_switch_mode, None}, { 0, XK_Return, g_switch_mode, None },
{0, XK_f, g_toggle_fullscreen, None}, { 0, XK_f, g_toggle_fullscreen, None },
{0, XK_b, g_toggle_bar, None}, { 0, XK_b, g_toggle_bar, None },
{ControlMask, XK_x, g_prefix_external, None}, { ControlMask, XK_x, g_prefix_external, None },
{0, XK_g, g_first, None}, { 0, XK_g, g_first, None },
{0, XK_G, g_n_or_last, None}, { 0, XK_G, g_n_or_last, None },
{0, XK_r, g_reload_image, None}, { 0, XK_r, g_reload_image, None },
{0, XK_D, g_remove_image, None}, { 0, XK_D, g_remove_image, None },
{ControlMask, XK_h, g_scroll_screen, DIR_LEFT}, { ControlMask, XK_h, g_scroll_screen, DIR_LEFT },
{ControlMask, XK_Left, g_scroll_screen, DIR_LEFT}, { ControlMask, XK_Left, g_scroll_screen, DIR_LEFT },
{ControlMask, XK_j, g_scroll_screen, DIR_DOWN}, { ControlMask, XK_j, g_scroll_screen, DIR_DOWN },
{ControlMask, XK_Down, g_scroll_screen, DIR_DOWN}, { ControlMask, XK_Down, g_scroll_screen, DIR_DOWN },
{ControlMask, XK_k, g_scroll_screen, DIR_UP}, { ControlMask, XK_k, g_scroll_screen, DIR_UP },
{ControlMask, XK_Up, g_scroll_screen, DIR_UP}, { ControlMask, XK_Up, g_scroll_screen, DIR_UP },
{ControlMask, XK_l, g_scroll_screen, DIR_RIGHT}, { ControlMask, XK_l, g_scroll_screen, DIR_RIGHT },
{ControlMask, XK_Right, g_scroll_screen, DIR_RIGHT}, { ControlMask, XK_Right, g_scroll_screen, DIR_RIGHT },
{0, XK_plus, g_zoom, +1}, { 0, XK_plus, g_zoom, +1 },
{0, XK_KP_Add, g_zoom, +1}, { 0, XK_KP_Add, g_zoom, +1 },
{0, XK_minus, g_zoom, -1}, { 0, XK_minus, g_zoom, -1 },
{0, XK_KP_Subtract, g_zoom, -1}, { 0, XK_KP_Subtract, g_zoom, -1 },
{0, XK_m, g_toggle_image_mark, None}, { 0, XK_m, g_toggle_image_mark, None },
{0, XK_M, g_mark_range, None}, { 0, XK_M, g_mark_range, None },
{ControlMask, XK_m, g_reverse_marks, None}, { ControlMask, XK_m, g_reverse_marks, None },
{ControlMask, XK_u, g_unmark_all, None}, { ControlMask, XK_u, g_unmark_all, None },
{0, XK_N, g_navigate_marked, +1}, { 0, XK_N, g_navigate_marked, +1 },
{0, XK_P, g_navigate_marked, -1}, { 0, XK_P, g_navigate_marked, -1 },
{0, XK_braceleft, g_change_gamma, -1}, { 0, XK_braceleft, g_change_gamma, -1 },
{0, XK_braceright, g_change_gamma, +1}, { 0, XK_braceright, g_change_gamma, +1 },
{ControlMask, XK_g, g_change_gamma, 0}, { ControlMask, XK_g, g_change_gamma, 0 },
{ControlMask, XK_bracketright, g_change_brightness, +1}, { ControlMask, XK_bracketright, g_change_brightness, +1 },
{ControlMask, XK_bracketleft, g_change_brightness, -1}, { ControlMask, XK_bracketleft, g_change_brightness, -1 },
{0, XK_parenleft, g_change_contrast, -1}, { 0, XK_parenleft, g_change_contrast, -1 },
{0, XK_parenright, g_change_contrast, +1}, { 0, XK_parenright, g_change_contrast, +1 },
{0, XK_h, t_move_sel, DIR_LEFT}, { 0, XK_h, t_move_sel, DIR_LEFT },
{0, XK_Left, t_move_sel, DIR_LEFT}, { 0, XK_Left, t_move_sel, DIR_LEFT },
{0, XK_j, t_move_sel, DIR_DOWN}, { 0, XK_j, t_move_sel, DIR_DOWN },
{0, XK_Down, t_move_sel, DIR_DOWN}, { 0, XK_Down, t_move_sel, DIR_DOWN },
{0, XK_k, t_move_sel, DIR_UP}, { 0, XK_k, t_move_sel, DIR_UP },
{0, XK_Up, t_move_sel, DIR_UP}, { 0, XK_Up, t_move_sel, DIR_UP },
{0, XK_l, t_move_sel, DIR_RIGHT}, { 0, XK_l, t_move_sel, DIR_RIGHT },
{0, XK_Right, t_move_sel, DIR_RIGHT}, { 0, XK_Right, t_move_sel, DIR_RIGHT },
{0, XK_R, t_reload_all, None}, { 0, XK_R, t_reload_all, None },
{0, XK_n, i_navigate, +1}, { 0, XK_n, i_navigate, +1 },
{0, XK_n, i_scroll_to_edge, DIR_LEFT | DIR_UP}, { 0, XK_n, i_scroll_to_edge, DIR_LEFT | DIR_UP },
{0, XK_space, i_navigate, +1}, { 0, XK_space, i_navigate, +1 },
{0, XK_p, i_navigate, -1}, { 0, XK_p, i_navigate, -1 },
{0, XK_p, i_scroll_to_edge, DIR_LEFT | DIR_UP}, { 0, XK_p, i_scroll_to_edge, DIR_LEFT | DIR_UP },
{0, XK_BackSpace, i_navigate, -1}, { 0, XK_BackSpace, i_navigate, -1 },
{0, XK_bracketright, i_navigate, +10}, { 0, XK_bracketright, i_navigate, +10 },
{0, XK_bracketleft, i_navigate, -10}, { 0, XK_bracketleft, i_navigate, -10 },
{ControlMask, XK_6, i_alternate, None}, { ControlMask, XK_6, i_alternate, None },
{ControlMask, XK_n, i_navigate_frame, +1}, { ControlMask, XK_n, i_navigate_frame, +1 },
{ControlMask, XK_p, i_navigate_frame, -1}, { ControlMask, XK_p, i_navigate_frame, -1 },
{ControlMask, XK_space, i_toggle_animation, None}, { ControlMask, XK_space, i_toggle_animation, None },
{ControlMask, XK_a, i_toggle_animation, None}, { ControlMask, XK_a, i_toggle_animation, None },
{0, XK_h, i_scroll, DIR_LEFT}, { 0, XK_h, i_scroll, DIR_LEFT },
{0, XK_Left, i_scroll, DIR_LEFT}, { 0, XK_Left, i_scroll, DIR_LEFT },
{0, XK_j, i_scroll, DIR_DOWN}, { 0, XK_j, i_scroll, DIR_DOWN },
{0, XK_Down, i_scroll, DIR_DOWN}, { 0, XK_Down, i_scroll, DIR_DOWN },
{0, XK_k, i_scroll, DIR_UP}, { 0, XK_k, i_scroll, DIR_UP },
{0, XK_Up, i_scroll, DIR_UP}, { 0, XK_Up, i_scroll, DIR_UP },
{0, XK_l, i_scroll, DIR_RIGHT}, { 0, XK_l, i_scroll, DIR_RIGHT },
{0, XK_Right, i_scroll, DIR_RIGHT}, { 0, XK_Right, i_scroll, DIR_RIGHT },
{0, XK_H, i_scroll_to_edge, DIR_LEFT}, { 0, XK_H, i_scroll_to_edge, DIR_LEFT },
{0, XK_J, i_scroll_to_edge, DIR_DOWN}, { 0, XK_J, i_scroll_to_edge, DIR_DOWN },
{0, XK_K, i_scroll_to_edge, DIR_UP}, { 0, XK_K, i_scroll_to_edge, DIR_UP },
{0, XK_L, i_scroll_to_edge, DIR_RIGHT}, { 0, XK_L, i_scroll_to_edge, DIR_RIGHT },
{0, XK_z, i_scroll_to_center, None}, { 0, XK_z, i_scroll_to_center, None },
{0, XK_equal, i_set_zoom, 100}, { 0, XK_equal, i_set_zoom, 100 },
{0, XK_w, i_fit_to_win, SCALE_DOWN}, { 0, XK_w, i_fit_to_win, SCALE_DOWN },
{0, XK_W, i_fit_to_win, SCALE_FIT}, { 0, XK_W, i_fit_to_win, SCALE_FIT },
{0, XK_F, i_fit_to_win, SCALE_FILL}, { 0, XK_F, i_fit_to_win, SCALE_FILL },
{0, XK_e, i_fit_to_win, SCALE_WIDTH}, { 0, XK_e, i_fit_to_win, SCALE_WIDTH },
{0, XK_E, i_fit_to_win, SCALE_HEIGHT}, { 0, XK_E, i_fit_to_win, SCALE_HEIGHT },
{0, XK_less, i_rotate, DEGREE_270}, { 0, XK_less, i_rotate, DEGREE_270 },
{0, XK_greater, i_rotate, DEGREE_90}, { 0, XK_greater, i_rotate, DEGREE_90 },
{0, XK_question, i_rotate, DEGREE_180}, { 0, XK_question, i_rotate, DEGREE_180 },
{0, XK_bar, i_flip, FLIP_HORIZONTAL}, { 0, XK_bar, i_flip, FLIP_HORIZONTAL },
{0, XK_underscore, i_flip, FLIP_VERTICAL}, { 0, XK_underscore, i_flip, FLIP_VERTICAL },
{0, XK_a, i_toggle_antialias, None}, { 0, XK_a, i_toggle_antialias, None },
{0, XK_A, i_toggle_alpha, None}, { 0, XK_A, i_toggle_alpha, None },
{0, XK_s, i_slideshow, None}, { 0, XK_s, i_slideshow, None },
}; };
/* mouse button mappings for image mode: */ /* mouse button mappings for image mode: */
static const button_t buttons_img[] = { static const button_t buttons_img[] = {
/* modifiers button function argument */ /* modifiers button function argument */
{0, 1, i_drag, DRAG_RELATIVE}, { 0, 1, i_drag, DRAG_RELATIVE },
{ControlMask, 1, i_drag, DRAG_RELATIVE}, { ControlMask, 1, i_drag, DRAG_RELATIVE },
{0, 2, i_drag, DRAG_ABSOLUTE}, { 0, 2, i_drag, DRAG_ABSOLUTE },
{0, 3, g_switch_mode, None}, { 0, 3, g_switch_mode, None },
{0, 4, g_zoom, +1}, { 0, 4, g_zoom, +1 },
{0, 5, g_zoom, -1}, { 0, 5, g_zoom, -1 },
}; };
/* mouse button mappings for thumbnail mode: */ /* mouse button mappings for thumbnail mode: */
static const button_t buttons_tns[] = { static const button_t buttons_tns[] = {
/* modifiers button function argument */ /* modifiers button function argument */
{0, 1, t_select, None}, { 0, 1, t_select, None },
{0, 3, t_drag_mark_image, None}, { 0, 3, t_drag_mark_image, None },
{0, 4, t_scroll, DIR_UP}, { 0, 4, t_scroll, DIR_UP },
{0, 5, t_scroll, DIR_DOWN}, { 0, 5, t_scroll, DIR_DOWN },
{ControlMask, 4, g_scroll_screen, DIR_UP}, { ControlMask, 4, g_scroll_screen, DIR_UP },
{ControlMask, 5, g_scroll_screen, DIR_DOWN}, { ControlMask, 5, g_scroll_screen, DIR_DOWN },
}; };
/* true means NAV_WIDTH is relative (33%), false means absolute (33 pixels) */ /* true means NAV_WIDTH is relative (33%), false means absolute (33 pixels) */
@ -217,6 +215,8 @@ static const bool NAV_IS_REL = true;
static const unsigned int NAV_WIDTH = 33; static const unsigned int NAV_WIDTH = 33;
/* mouse cursor on left, middle and right part of the window */ /* mouse cursor on left, middle and right part of the window */
static const cursor_t imgcursor[3] = {CURSOR_LEFT, CURSOR_ARROW, CURSOR_RIGHT}; static const cursor_t imgcursor[3] = {
CURSOR_LEFT, CURSOR_ARROW, CURSOR_RIGHT
};
#endif #endif

2
nix/packages/systemctl-find-service-config/default.nix
View file

@ -1,5 +1,5 @@
{ pkgs }: { pkgs }:
pkgs.writers.writeBashBin "systemctl-find-service-config" ( pkgs.writers.writeBashBin "sysetmctl-find-service-config" (
pkgs.lib.fileContents ./systemctl-find-service-config.sh pkgs.lib.fileContents ./systemctl-find-service-config.sh
) )

11
nix/packages/systemctl-find-service-config/systemctl-find-service-config.sh
View file

@ -8,19 +8,12 @@ display_usage() {
exit 1 exit 1
} }
# Prüfen, ob mindestens ein Argument übergeben wurde # Prüfen, ob genügend Argumente übergeben wurden
if [ $# -lt 1 ] || [ $# -gt 2 ]; then if [ $# -ne 2 ]; then
display_usage display_usage
fi fi
SERVICE=$1 SERVICE=$1
# Spezialfall: Wenn nur ein Argument übergeben wurde
if [ $# -eq 1 ]; then
systemctl cat "$SERVICE"
exit 0
fi
REGEX=$2 REGEX=$2
# Holen der Service-Konfiguration # Holen der Service-Konfiguration

4
nix/topology/networks.nix
View file

@ -20,4 +20,8 @@ with config.lib.topology;
cidrv4 = "10.23.42.0/24"; cidrv4 = "10.23.42.0/24";
}; };
networks."tinc.retiolum" = {
name = "tinc retiolum";
};
} }

3
system/all/defaults.nix
View file

@ -7,6 +7,9 @@
{ {
imports = [ ./packages.nix ]; imports = [ ./packages.nix ];
# provide overlays
# -----------------
# nixpkgs.overlays = [ (import ../../pkgs) ];
# allow un-free # allow un-free
# ------------- # -------------

17
system/all/on-failure.nix Normal file
View file

@ -0,0 +1,17 @@
{ lib, ... }:
{
#on-failure = {
# enable = true;
# plans = {
# tinc_private.name = "tinc.private";
# tinc_retiolum.name = "tinc.retiolum";
# sshd.name = "sshd";
# tor.name = "tor";
# dnsmasq.name = "dnsmasq";
# #backup_on_workhorse.name = "backup.on-workhorse.private";
# #backup_on_workout.name = "backup.on-workout.private";
# #backup_on_porani.name = "backup.on-porani.private";
# syncthing.name = "syncthing";
# };
#};
}