palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Projects Releases Wiki Activity

Compare commits

merge into: palo:update
Branches Tags
palo:main
palo:update
palo:refactor/component/ssh
palo:orbi-ssh-unlock-works
...
pull from: palo:main
Branches Tags
palo:main
palo:update
palo:refactor/component/ssh
palo:orbi-ssh-unlock-works

83 commits
update ... main

Author SHA1 Message Date
Ingolf Wagner 2f769675fd
📝 add a comment
Some checks failed
Build all NixOS Configurations / nix build (push) Failing after 1h58m53s
Details
2024-09-17 08:44:54 +07:00
Ingolf Wagner a5a36ce5c8
Add Volume Commands to i3
Some checks are pending
Build all NixOS Configurations / nix build (push) Waiting to run
Details
2024-09-17 07:40:53 +07:00
Ingolf Wagner eea3ddf0cf
♻️ minor refactoring
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 12m31s
Details
2024-09-16 08:58:27 +07:00
Ingolf Wagner 62315ee2c2
📝 update module documentation
Some checks failed
Build all NixOS Configurations / nix build (push) Has been cancelled
Details
2024-09-16 08:53:03 +07:00
Ingolf Wagner e43f4514bc
create verify.http options
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 12m40s
Details
2024-09-16 07:06:03 +07:00
Ingolf Wagner c584bb39ce
add service-taskchampion verify test
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 12m17s
Details
2024-09-16 06:36:08 +07:00
Forgejo Action :robot e62d841524 ⬆️ nix flake update 2024-09-15 08:43:38 +02:00
Ingolf Wagner d0a34454d4
add some more smoke tests.
Some checks failed
Build all NixOS Configurations / nix build (push) Failing after 3h2m38s
Details
2024-09-15 09:11:25 +07:00
Ingolf Wagner 743a9fc885
add some smoke tests.
Some checks failed
Build all NixOS Configurations / nix build (push) Has been cancelled
Details
2024-09-15 07:22:02 +07:00
Ingolf Wagner a52e1b39a0
🚚 get rid of modules/default.nix in verify flake module
Some checks failed
Build all NixOS Configurations / nix build (push) Has been cancelled
Details
2024-09-15 07:08:05 +07:00
Ingolf Wagner 614a1d8e37
add local command to verify
Some checks failed
Build all NixOS Configurations / nix build (push) Has been cancelled
Details
2024-09-15 07:04:59 +07:00
Ingolf Wagner 7e8c3d41c9
🚸 improve verify flake
Some checks failed
Build all NixOS Configurations / nix build (push) Has been cancelled
Details
2024-09-15 06:09:53 +07:00
Ingolf Wagner c264db7f13
📝 add documentation to verify flake module
Some checks failed
Build all NixOS Configurations / nix build (push) Failing after 12m28s
Details
2024-09-15 05:31:47 +07:00
Ingolf Wagner 577003f607
🚑 enable zfs auto snapshots again 2024-09-15 05:29:33 +07:00
Ingolf Wagner 267b8d73a0
⬆️ nix flake update
Some checks failed
Build all NixOS Configurations / nix build (push) Failing after 30m53s
Details
2024-09-15 04:53:32 +07:00
Ingolf Wagner e5f1729bdc
🔧 enable push.autoSetupRemote 2024-09-15 04:48:47 +07:00
Ingolf Wagner c53b563565
🔧 disable samba share because it has a new way to configure
Some checks failed
Build all NixOS Configurations / nix build (push) Failing after 10s
Details
2024-09-14 16:49:09 +07:00
Ingolf Wagner 8279af8370
🔧 use photoprism thumb unchached default
Some checks failed
Build all NixOS Configurations / nix build (push) Failing after 17s
Details
2024-09-14 08:52:00 +07:00
Ingolf Wagner 70aba78c06
♻️ refactor samba.extraConfig 2024-09-14 08:51:15 +07:00
Ingolf Wagner c42e7e669a
add counter to autoclicker script
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m34s
Details
2024-09-14 08:16:28 +07:00
Ingolf Wagner 9afb53585b
add autoclicker script
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 13m26s
Details
2024-09-14 07:51:31 +07:00
Ingolf Wagner 31d674132b
verify closed ports script kinda works now.
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 13m25s
Details
2024-09-14 07:09:41 +07:00
Ingolf Wagner 4c1a3ef72f
♻️ refactor the options interface 2024-09-14 06:02:32 +07:00
Ingolf Wagner f49730a0a9
🚚 renaming
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m42s
Details
2024-09-13 14:36:17 +07:00
Ingolf Wagner 7ef34db19b
🚧 poc of rustscan script generator
Some checks failed
Build all NixOS Configurations / nix build (push) Has been cancelled
Details
2024-09-13 14:32:10 +07:00
Ingolf Wagner e795a3bed9
🚑 don't use nextcloud deck for now, because of https://github.com/GothenburgBitFactory/bugwarrior/issues/1062
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m20s
Details
2024-09-13 11:37:46 +07:00
Forgejo Action :robot a6284e6509 ⬆️ nix flake update 2024-09-11 08:40:48 +02:00
Ingolf Wagner 1d044521e8
🚧 use nextcloud deck with bugwarrior
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 13m24s
Details
2024-09-11 10:36:15 +07:00
Ingolf Wagner 84a6dd2c8f
🔧 cache.orbi.wg0: 10 -> 50 2024-09-11 10:36:14 +07:00
Forgejo Action :robot abe153cdce ⬆️ nix flake update 2024-09-08 08:41:53 +02:00
Ingolf Wagner 488a63db26
🚧 taskwarrior-webui as podman container but not working as expected
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m34s
Details
2024-09-08 11:29:49 +07:00
Ingolf Wagner 3a72b901b3
🔧 brightness configuration 2024-09-08 11:29:48 +07:00
Ingolf Wagner 347acf7e6e
🚧 working on taskwarrior-webui 
It can't use wireguard to access stuff, so we will put it on orbi behind an nginx
 2024-09-08 11:29:47 +07:00
Ingolf Wagner 903e963d05
🚑 hotfix bugwarrior by introducing bugwarrior-sync 2024-09-08 11:29:46 +07:00
Ingolf Wagner 9aa5e1ef09
📦 update bugwarrior package 2024-09-08 11:29:45 +07:00
Forgejo Action :robot 7402e5ad5e ⬆️ nix flake update 2024-09-06 08:43:33 +02:00
Ingolf Wagner f670c2af5f
🚚 rename services to service on chungus
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 12m17s
Details
2024-09-05 09:31:08 +07:00
Ingolf Wagner 5655847c08
📦 bump bugwarrior 2024-09-05 09:29:48 +07:00
Ingolf Wagner 7f27ccd07c
🚚 extract bugwarrior to packages 2024-09-05 09:21:16 +07:00
Ingolf Wagner 0e5387dfc0
🔧 remove hyperland from stylix
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m49s
Details
2024-09-04 16:51:59 +07:00
Ingolf Wagner 51e3d8df22
📦 add network packages
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 12m13s
Details
2024-09-04 16:32:40 +07:00
Ingolf Wagner ae3a14f5fa
🔧 add jellyfin-mpv-shim
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m32s
Details
2024-09-04 07:57:18 +07:00
Ingolf Wagner 394790bf0e
💄 nix fmt
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 16m37s
Details
2024-09-03 18:21:26 +07:00
Ingolf Wagner e619cc2dab
🔧 migrate to taskwarrior 3
Some checks failed
Build all NixOS Configurations / nix build (push) Has been cancelled
Details
2024-09-03 18:20:29 +07:00
Ingolf Wagner c03727fd80
🔥 delete emacs 2024-09-03 18:19:24 +07:00
Ingolf Wagner 485cdfe116
add etags
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 9m34s
Details
2024-09-01 21:23:00 +07:00
Ingolf Wagner ad35b322c5
🐛 fix insecure packages error
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 12m34s
Details
2024-09-01 19:32:28 +07:00
Ingolf Wagner 96c388bbac
🔧 add some topology information
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 10m34s
Details
2024-08-31 23:29:18 +07:00
Forgejo Action :robot 229eff0d63 ⬆️ nix flake update 2024-08-31 08:45:44 +02:00
Ingolf Wagner 8da0bbc3ef
🔧 add some topology information
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 19m3s
Details
2024-08-31 08:33:28 +07:00
Forgejo Action :robot 3833b870dd ⬆️ nix flake update 2024-08-30 14:41:05 +02:00
Ingolf Wagner 1564bd8d72
🔧 add some topology information
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 12m0s
Details
2024-08-30 17:34:57 +07:00
Ingolf Wagner 55c2e14337
🔧 configure nsxiv 2024-08-30 16:32:00 +07:00
Ingolf Wagner ee13d7fa82
add nix run .#topology
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m11s
Details
2024-08-30 14:18:51 +07:00
Forgejo Action :robot 2f3a6ba574 ⬆️ nix flake update 2024-08-30 08:42:09 +02:00
Ingolf Wagner f7ac29e2fa
add nix-topology
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m5s
Details
2024-08-30 08:50:04 +07:00
Ingolf Wagner 71f9225dc6
♻️ refactored flake.nix inputs to easily sort them 2024-08-30 08:50:03 +07:00
Ingolf Wagner aed3dbd602
🚚 private_assets -> private-parts
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 10m30s
Details
2024-08-30 07:31:06 +07:00
Ingolf Wagner d1c9241245
♻️ move pkgs to nix/packages 2024-08-30 07:31:05 +07:00
Ingolf Wagner db2187a2e7
♻️ migrated pkgs to flake-parts 2024-08-30 07:31:05 +07:00
Forgejo Action :robot 09d8f33a01 ⬆️ nix flake update 2024-08-29 20:49:24 +02:00
Ingolf Wagner 0f42a99288
🎨 nix fmt
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 10m49s
Details
2024-08-29 13:22:51 +07:00
Ingolf Wagner 32e0eacffa
🔧 update formatter.nix 2024-08-29 13:22:29 +07:00
Ingolf Wagner 7a6510a4e6
nix fmt
Some checks are pending
Build all NixOS Configurations / nix build (push) Waiting to run
Details
2024-08-29 08:26:04 +07:00
Ingolf Wagner 200063fcb1
introduce treefmt-nix 2024-08-29 08:25:41 +07:00
Ingolf Wagner 2bc86a4912
improve syncthing.nix
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 10m11s
Details
2024-08-29 08:06:27 +07:00
Forgejo Action :robot 4c647291bc ⬆️ nix flake update 2024-08-28 08:42:30 +02:00
Ingolf Wagner 2758c873bb
made oh-my-posh look nice
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m27s
Details
2024-08-28 09:47:09 +07:00
Ingolf Wagner a48aa680a4
clean up private_assets
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m10s
Details
2024-08-28 06:02:37 +07:00
Ingolf Wagner 581d41238c
fix timezone 2024-08-28 06:01:56 +07:00
Ingolf Wagner 4489b24659
fix timezones
Some checks failed
Build all NixOS Configurations / nix build (push) Failing after 3m25s
Details
2024-08-28 05:37:18 +07:00
Forgejo Action :robot 167875c1fc ⬆️ nix flake update 2024-08-27 21:06:57 +02:00
Ingolf Wagner c4bd159888
configure photoprism
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m10s
Details
2024-08-27 17:03:22 +02:00
Ingolf Wagner 0430d97d24
fix clan core update
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m16s
Details
2024-08-27 15:30:09 +02:00
Ingolf Wagner ffc8bcafa7
remove sternchen
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m17s
Details
2024-08-27 11:31:25 +02:00
Ingolf Wagner 0209b7ca42
remove overviewer
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m15s
Details
2024-08-27 09:43:40 +02:00
Ingolf Wagner 644705cdb2
no need for clanDir it breaks stuff
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 10m0s
Details
2024-08-27 09:17:23 +02:00
Ingolf Wagner ec2a51c514
set clanDir manually
Some checks failed
Build all NixOS Configurations / nix build (push) Failing after 15s
Details
2024-08-27 07:30:02 +02:00
Ingolf Wagner 2e9bf75dab
don't use sternchen anymore
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m5s
Details
2024-08-27 05:17:18 +02:00
Ingolf Wagner 47f717392a
comment photoprism
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 15m9s
Details
2024-08-26 17:58:19 +02:00
Forgejo Action :robot d0ff322489 ⬆️ nix flake update 2024-08-23 20:44:13 +02:00
Ingolf Wagner 8879a739b6
fix photoprism
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 11m55s
Details
2024-08-23 17:02:48 +02:00
Forgejo Action :robot a2a7763b47 ⬆️ nix flake update 2024-08-23 09:18:02 +02:00
226 changed files with 5055 additions and 2919 deletions
Show stats Expand all files Collapse all files

13
.forgejo/workflows/nix_build.yaml
View file

@ -1,18 +1,15 @@
name: Build all NixOS Configurations name: Build all NixOS Configurations
on: on:
push: push:
branches: branches:
- "**" - "**"
schedule: schedule:
- cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour - cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour
jobs: jobs:
nix build: nix build:
runs-on: native runs-on: native
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: update nix flakes - name: update nix flakes
if: ${{ github.event_name == 'schedule' }} if: ${{ github.event_name == 'schedule' }}
# we need to use our ssh key here because we need access to private flakes # we need to use our ssh key here because we need access to private flakes
@ -30,7 +27,6 @@ jobs:
echo $SSH_AGENT_PID echo $SSH_AGENT_PID
kill $SSH_AGENT_PID kill $SSH_AGENT_PID
rm .ssh_key rm .ssh_key
- name: nix flake archive/check - name: nix flake archive/check
# we need to use our ssh key here because we need access to private flakes # we need to use our ssh key here because we need access to private flakes
run: | run: |
@ -48,25 +44,16 @@ jobs:
echo $SSH_AGENT_PID echo $SSH_AGENT_PID
kill $SSH_AGENT_PID kill $SSH_AGENT_PID
rm .ssh_key rm .ssh_key
- name: nix build orbi - name: nix build orbi
run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
- name: nix build cream - name: nix build cream
run: nix build .#nixosConfigurations.cream.config.system.build.toplevel run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
- name: nix build cherry - name: nix build cherry
run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
- name: nix build chungus - name: nix build chungus
run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
- name: nix build sternchen
run: nix build .#nixosConfigurations.sternchen.config.system.build.toplevel
- name: nix build usbstick - name: nix build usbstick
run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel
- name: commit & push - name: commit & push
if: ${{ github.event_name == 'schedule' }} if: ${{ github.event_name == 'schedule' }}
# only if all nix builds are fine we update our branch # only if all nix builds are fine we update our branch

6
components/README.md
View file

@ -1,6 +1,8 @@
# components concept # components concept
- components are kinda opinionated. - components are kinda opinionated.
- should be project agnostic (e.g.: configure bugwarrior via options but leave specifics out). - should be project agnostic (e.g.: configure bugwarrior via options but leave
- `component.<toplevel>.enabled` should usually be the default for all it subcomponents (`comonent.<topleve>.<subcomponent>.enabled`). specifics out).
- `component.<toplevel>.enabled` should usually be the default for all it
subcomponents (`comonent.<topleve>.<subcomponent>.enabled`).
- But default should make sense here! - But default should make sense here!

7
components/chaospott.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; with lib;
{ {

1
components/default.nix
View file

@ -14,5 +14,4 @@
./yubikey.nix ./yubikey.nix
]; ];
} }

7
components/gui/audio.nix
View file

@ -1,5 +1,10 @@
# TODO test `alsactl init` after suspend to reinit mic # TODO test `alsactl init` after suspend to reinit mic
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {
options.components.gui.audio.enable = mkOption { options.components.gui.audio.enable = mkOption {

7
components/gui/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
with lib; with lib;
{ {
options.components.gui = { options.components.gui = {

7
components/gui/home-manager/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
with lib; with lib;
{ {

25
components/gui/kmonad.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
{ {
options.components.gui.kmonad.enable = lib.mkOption { options.components.gui.kmonad.enable = lib.mkOption {
@ -79,9 +84,21 @@
in in
{ {
nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [ "lctl" "lmet" "lalt" ]; nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [
dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [ "lctl" "lmet" "lalt" ]; "lctl"
uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [ "lctl" "lmet" "lalt" ]; "lmet"
"lalt"
];
dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [
"lctl"
"lmet"
"lalt"
];
uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [
"lctl"
"lmet"
"lalt"
];
}; };
}; };
}; };

7
components/gui/noti.nix
View file

@ -1,6 +1,11 @@
# notify me when a command is finished # notify me when a command is finished
# todo : secret managment is shit # todo : secret managment is shit
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
{ {
options.components.gui.noti.enable = mkOption { options.components.gui.noti.enable = mkOption {

14
components/gui/pass.nix
View file

@ -1,11 +1,17 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
let let
# desktop file # desktop file
# ------------ # ------------
# makes it possible to be used by other programs # makes it possible to be used by other programs
desktopFile = name: bin: desktopFile =
name: bin:
pkgs.writeTextFile { pkgs.writeTextFile {
name = "${name}.desktop"; name = "${name}.desktop";
destination = "/share/applications/${name}.desktop"; destination = "/share/applications/${name}.desktop";
@ -34,7 +40,9 @@ in
environment.systemPackages = [ environment.systemPackages = [
(pkgs.pass.withExtensions (ext: [ ext.pass-otp ])) (pkgs.pass.withExtensions (ext: [ ext.pass-otp ]))
# todo : use upstream desktop file creator # todo : use upstream desktop file creator
(desktopFile "passmenu" "${pkgs.pass.withExtensions (ext: [ext.pass-otp])}/bin/passmenu --type -l 10") (desktopFile "passmenu" "${
pkgs.pass.withExtensions (ext: [ ext.pass-otp ])
}/bin/passmenu --type -l 10")
pkgs.otpmenu pkgs.otpmenu

14
components/gui/steam.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
{ {
options.components.gui.steam.enable = mkOption { options.components.gui.steam.enable = mkOption {
@ -22,7 +27,12 @@ with lib;
isSystemUser = true; isSystemUser = true;
home = "/home/steam"; home = "/home/steam";
createHome = true; createHome = true;
extraGroups = [ "audio" "input" "video" "pipewire" ]; extraGroups = [
"audio"
"input"
"video"
"pipewire"
];
group = "steam"; group = "steam";
shell = pkgs.bashInteractive; shell = pkgs.bashInteractive;
}; };

17
components/gui/suspend.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {
options.components.gui.suspend.enable = mkOption { options.components.gui.suspend.enable = mkOption {
@ -13,13 +18,11 @@ with lib;
requiredBy = [ "sleep.target" ]; requiredBy = [ "sleep.target" ];
environment = environment =
let let
display = display = if (config.services.xserver.display != null) then config.services.xserver.display else 0;
if (config.services.xserver.display != null) then
config.services.xserver.display
else
0;
in in
{ DISPLAY = ":${toString display}"; }; {
DISPLAY = ":${toString display}";
};
script = '' script = ''
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 & ${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 &
sleep 1 sleep 1

7
components/gui/vscode.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
{ {
options.components.gui.vscode.enable = mkOption { options.components.gui.vscode.enable = mkOption {

7
components/gui/wayland.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
{ {

8
components/gui/xorg/default.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
{ {
@ -78,4 +83,3 @@ with lib;
}; };
} }

7
components/gui/xorg/xlock.nix
View file

@ -1,4 +1,9 @@
{ lib, pkgs, config, ... }: {
lib,
pkgs,
config,
...
}:
with lib; with lib;
let let

28
components/mainUser.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
with types; with types;
let let
@ -6,15 +11,10 @@ let
cfg = config.components.mainUser; cfg = config.components.mainUser;
# todo : use optionalList # todo : use optionalList
dockerGroup = dockerGroup = if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
# todo : use optionalList # todo : use optionalList
vboxGroup = vboxGroup = if (config.virtualisation.virtualbox.host.enable) then [ "vboxusers" ] else [ ];
if (config.virtualisation.virtualbox.host.enable) then
[ "vboxusers" ]
else
[ ];
in in
{ {
@ -73,8 +73,16 @@ in
uid = cfg.uid; uid = cfg.uid;
home = "/home/${cfg.userName}"; home = "/home/${cfg.userName}";
initialPassword = cfg.userName; initialPassword = cfg.userName;
extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" "audio" "pipewire" "input" "dialout" ] extraGroups = [
++ dockerGroup ++ vboxGroup ++ cfg.extraGroups; "wheel"
"networkmanager"
"transmission"
"wireshark"
"audio"
"pipewire"
"input"
"dialout"
] ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles; openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
group = config.users.groups.mainUser.name; group = config.users.groups.mainUser.name;
}; };

7
components/media/icecast.nix
View file

@ -4,7 +4,12 @@
# * connect via mixxx to it. # * connect via mixxx to it.
# * add the podcast to mpd in the same network # * add the podcast to mpd in the same network
# -------------------------------------------------- # --------------------------------------------------
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
let let

7
components/media/tts.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {

46
components/media/video.nix
View file

@ -1,10 +1,14 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
let let
obs-cmd = pkgs.rustPlatform.buildRustPackage obs-cmd = pkgs.rustPlatform.buildRustPackage rec {
rec {
pname = "obs-cmd"; pname = "obs-cmd";
version = "v0.15.2"; version = "v0.15.2";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
@ -53,7 +57,12 @@ let
name = "screen-keys"; name = "screen-keys";
paths = paths =
let let
screenKeyScript = { position ? "bottom", size ? "small", ... }: screenKeyScript =
{
position ? "bottom",
size ? "small",
...
}:
pkgs.writeShellScriptBin "screenkeys-${position}-${size}" # sh pkgs.writeShellScriptBin "screenkeys-${position}-${size}" # sh
'' ''
${pkgs.screenkey}/bin/screenkey \ ${pkgs.screenkey}/bin/screenkey \
@ -65,15 +74,29 @@ let
"$@" "$@"
''; '';
in in
lib.flatten (lib.flip map [ "large" "small" "medium" ] (size: lib.flatten (
lib.flip map [ "top" "center" "bottom" ] lib.flip map
(position: screenKeyScript { inherit size position; }))); [
"large"
"small"
"medium"
]
(
size:
lib.flip map [
"top"
"center"
"bottom"
] (position: screenKeyScript { inherit size position; })
)
);
}; };
mpvReview = mpvReview =
let let
moveToDir = key: dir: pkgs.writeText "move-with-${key}.lua" '' moveToDir =
key: dir:
pkgs.writeText "move-with-${key}.lua" ''
tmp_dir = "${dir}" tmp_dir = "${dir}"
function move_current_track_${key}() function move_current_track_${key}()
@ -110,7 +133,6 @@ in
config = mkIf (config.components.media.video.enable) { config = mkIf (config.components.media.video.enable) {
home-manager.sharedModules = [ home-manager.sharedModules = [
{ {
programs.obs-studio = { programs.obs-studio = {
@ -123,7 +145,6 @@ in
} }
]; ];
boot.kernelModules = [ "v4l2loopback" ]; boot.kernelModules = [ "v4l2loopback" ];
boot.extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ]; boot.extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ];
@ -137,7 +158,6 @@ in
alphaSafe alphaSafe
sanitizeFolder sanitizeFolder
# obs studio stuff # obs studio stuff
obs-cli obs-cli
v4l-utils v4l-utils
@ -154,8 +174,6 @@ in
handbrake handbrake
ffmpeg-full ffmpeg-full
]; ];
}; };
} }

15
components/monitor/logs-promtail.nix
View file

@ -33,7 +33,7 @@ in
services.promtail = { services.promtail = {
enable = true; enable = true;
configuration = { configuration = {
server. disable = true; server.disable = true;
positions.filename = "/var/cache/promtail/positions.yaml"; positions.filename = "/var/cache/promtail/positions.yaml";
clients = [ clients = [
@ -49,7 +49,15 @@ in
_end = ''{{ end }}''; _end = ''{{ end }}'';
elseblock = index: replacement: "${_elseif index}${_replace index replacement}"; elseblock = index: replacement: "${_elseif index}${_replace index replacement}";
ifblock = index: replacement: "${_if index}${_replace index replacement}"; ifblock = index: replacement: "${_if index}${_replace index replacement}";
createTemplateLine = list: "${concatStrings (imap0 (index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement) list)}${_end}"; createTemplateLine =
list:
"${
concatStrings (
imap0 (
index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement
) list
)
}${_end}";
in in
[ [
{ {
@ -117,8 +125,7 @@ in
} }
{ {
# Map facility to human readable # Map facility to human readable
template = template = {
{
source = "facility_label"; source = "facility_label";
template = createTemplateLine [ template = createTemplateLine [
"kern" # Kernel messages "kern" # Kernel messages

13
components/monitor/metrics-export-zfs.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
with types; with types;
{ {
@ -18,9 +23,11 @@ with types;
{ {
job_name = "zfs"; job_name = "zfs";
scrape_interval = "10s"; scrape_interval = "10s";
static_configs = [{ static_configs = [
{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}" ]; targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}" ];
}]; }
];
} }
]; ];
service.pipelines.metrics.receivers = [ "prometheus" ]; service.pipelines.metrics.receivers = [ "prometheus" ];

9
components/monitor/metrics-netdata.nix
View file

@ -1,4 +1,9 @@
{ lib, pkgs, config, ... }: {
lib,
pkgs,
config,
...
}:
with lib; with lib;
with types; with types;
{ {
@ -18,7 +23,7 @@ with types;
scrape_interval = "10s"; scrape_interval = "10s";
metrics_path = "/api/v1/allmetrics"; metrics_path = "/api/v1/allmetrics";
params.format = [ "prometheus" ]; params.format = [ "prometheus" ];
static_configs = [{ targets = [ "127.0.0.1:19999" ]; }]; static_configs = [ { targets = [ "127.0.0.1:19999" ]; } ];
} }
]; ];

2
components/monitor/metrics-prometheus.nix
View file

@ -36,7 +36,7 @@ in
job_name = "opentelemetry"; job_name = "opentelemetry";
metrics_path = "/metrics"; metrics_path = "/metrics";
scrape_interval = "10s"; scrape_interval = "10s";
static_configs = [{ targets = [ "localhost:${toString cfg.port}" ]; }]; static_configs = [ { targets = [ "localhost:${toString cfg.port}" ]; } ];
} }
]; ];
}) })

13
components/monitor/metrics-telegraf.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
with types; with types;
let let
@ -24,7 +29,9 @@ in
receivers.influxdb.endpoint = "127.0.0.1:${toString cfg.influxDBPort}"; receivers.influxdb.endpoint = "127.0.0.1:${toString cfg.influxDBPort}";
service.pipelines.metrics.receivers = [ "influxdb" ]; service.pipelines.metrics.receivers = [ "influxdb" ];
}; };
services.telegraf.extraConfig.outputs.influxdb_v2.urls = [ "http://127.0.0.1:${toString cfg.influxDBPort}" ]; services.telegraf.extraConfig.outputs.influxdb_v2.urls = [
"http://127.0.0.1:${toString cfg.influxDBPort}"
];
}) })
(mkIf config.components.monitor.telegraf.enable { (mkIf config.components.monitor.telegraf.enable {
@ -41,7 +48,7 @@ in
processes = { }; processes = { };
system = { }; system = { };
systemd_units = { }; systemd_units = { };
ping = [{ urls = [ "10.100.0.1" ]; }]; # actually important to make machine visible over wireguard ping = [ { urls = [ "10.100.0.1" ]; } ]; # actually important to make machine visible over wireguard
}; };
}; };
}; };

57
components/monitor/opentelemetry.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
with types; with types;
let let
@ -22,7 +27,10 @@ in
description = "endpoint to ship opentelementry data too"; description = "endpoint to ship opentelementry data too";
}; };
exporter.debug = mkOption { exporter.debug = mkOption {
type = nullOr (enum [ "logs" "metrics" ]); type = nullOr (enum [
"logs"
"metrics"
]);
default = null; default = null;
description = "enable debug exporter."; description = "enable debug exporter.";
}; };
@ -61,11 +69,13 @@ in
include = ".*"; include = ".*";
match_type = "regexp"; match_type = "regexp";
action = "update"; action = "update";
operations = [{ operations = [
{
action = "add_label"; action = "add_label";
new_label = "machine"; new_label = "machine";
new_value = config.networking.hostName; new_value = config.networking.hostName;
}]; }
];
} }
]; ];
}; };
@ -85,7 +95,6 @@ in
}; };
}) })
(mkIf (config.components.monitor.opentelemetry.exporter.debug != null) { (mkIf (config.components.monitor.opentelemetry.exporter.debug != null) {
services.opentelemetry-collector.settings = { services.opentelemetry-collector.settings = {
exporters.debug = { exporters.debug = {
@ -111,24 +120,26 @@ in
}) })
(mkIf (mkIf
( (
config.components.monitor.opentelemetry.exporter.endpoint != null && config.components.monitor.opentelemetry.exporter.endpoint != null
config.components.monitor.logs.enable && config.components.monitor.logs.enable
) )
{ {
services.opentelemetry-collector.settings = { services.opentelemetry-collector.settings = {
service.pipelines.logs.exporters = [ "otlp" ]; service.pipelines.logs.exporters = [ "otlp" ];
}; };
}) }
)
(mkIf (mkIf
( (
config.components.monitor.opentelemetry.exporter.endpoint != null && config.components.monitor.opentelemetry.exporter.endpoint != null
config.components.monitor.metrics.enable && config.components.monitor.metrics.enable
) )
{ {
services.opentelemetry-collector.settings = { services.opentelemetry-collector.settings = {
service.pipelines.metrics.exporters = [ "otlp" ]; service.pipelines.metrics.exporters = [ "otlp" ];
}; };
}) }
)
# ship from other instance # ship from other instance
(mkIf (config.components.monitor.opentelemetry.receiver.endpoint != null) { (mkIf (config.components.monitor.opentelemetry.receiver.endpoint != null) {
@ -138,26 +149,26 @@ in
}) })
(mkIf (mkIf
( (
config.components.monitor.opentelemetry.receiver.endpoint != null && config.components.monitor.opentelemetry.receiver.endpoint != null
config.components.monitor.logs.enable && config.components.monitor.logs.enable
) )
{ {
services.opentelemetry-collector.settings = { services.opentelemetry-collector.settings = {
service.pipelines.logs.receivers = [ "otlp" ]; service.pipelines.logs.receivers = [ "otlp" ];
}; };
}) }
)
(mkIf (mkIf
( (
config.components.monitor.opentelemetry.receiver.endpoint != null && config.components.monitor.opentelemetry.receiver.endpoint != null
config.components.monitor.metrics.enable && config.components.monitor.metrics.enable
) )
{ {
services.opentelemetry-collector.settings = { services.opentelemetry-collector.settings = {
service.pipelines.metrics.receivers = [ "otlp" ]; service.pipelines.metrics.receivers = [ "otlp" ];
}; };
}) }
)
# scrape opentelemetry-colectors metrics # scrape opentelemetry-colectors metrics
# todo: this should be collected another way (opentelemetry internal?) # todo: this should be collected another way (opentelemetry internal?)
@ -169,9 +180,11 @@ in
{ {
job_name = "otelcol"; job_name = "otelcol";
scrape_interval = "10s"; scrape_interval = "10s";
static_configs = [{ static_configs = [
{
targets = [ cfg.metrics.endpoint ]; targets = [ cfg.metrics.endpoint ];
}]; }
];
metric_relabel_configs = [ metric_relabel_configs = [
{ {
source_labels = [ "__name__" ]; source_labels = [ "__name__" ];
@ -195,7 +208,7 @@ in
}; };
}) })
(mkIf (! config.components.monitor.metrics.enable) { (mkIf (!config.components.monitor.metrics.enable) {
services.opentelemetry-collector.settings = { services.opentelemetry-collector.settings = {
service.telemetry.metrics.level = "none"; service.telemetry.metrics.level = "none";
}; };

59
components/network/nginx.nix
View file

@ -1,4 +1,10 @@
{ config, lib, pkgs, assets, ... }: {
config,
lib,
pkgs,
assets,
...
}:
with lib; with lib;
{ {
options.components.network.nginx.enable = mkOption { options.components.network.nginx.enable = mkOption {
@ -16,8 +22,13 @@ with lib;
environment.systemPackages = [ environment.systemPackages = [
pkgs.nginx-config-formatter pkgs.nginx-config-formatter
(pkgs.writers.writePython3Bin "nginx-show-config" { flakeIgnore = [ "E265" "E225" "W292" ]; } (pkgs.writers.writePython3Bin "nginx-show-config" {
(lib.fileContents "${assets}/nginx-show-config.py")) flakeIgnore = [
"E265"
"E225"
"W292"
];
} (lib.fileContents "${assets}/nginx-show-config.py"))
]; ];
security.acme.defaults.email = "contact@ingolf-wagner.de"; security.acme.defaults.email = "contact@ingolf-wagner.de";
@ -85,7 +96,11 @@ with lib;
root = pkgs.landingpage.override { root = pkgs.landingpage.override {
jsonConfig = jsonConfig =
let let
entry = { machine, items ? [ ] }: entry =
{
machine,
items ? [ ],
}:
{ {
text = machine; text = machine;
items = [ items = [
@ -174,14 +189,12 @@ with lib;
{ {
label = "Hetzner Cloud"; label = "Hetzner Cloud";
href = "https://console.hetzner.cloud/projects"; href = "https://console.hetzner.cloud/projects";
image = image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
"https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
} }
{ {
label = "Cups"; label = "Cups";
href = "http://localhost:631/"; href = "http://localhost:631/";
image = image = "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
"https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
} }
]; ];
} }
@ -191,52 +204,42 @@ with lib;
{ {
label = "NixOS Manual"; label = "NixOS Manual";
href = "https://nixos.org/nixos/manual/"; href = "https://nixos.org/nixos/manual/";
image = image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
} }
{ {
label = "Nixpkgs Manual"; label = "Nixpkgs Manual";
href = "https://nixos.org/nixpkgs/manual/"; href = "https://nixos.org/nixpkgs/manual/";
image = image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
} }
{ {
label = "NixOS Reference"; label = "NixOS Reference";
href = href = "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
"https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library"; image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
image =
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
} }
{ {
label = "Nix Packages"; label = "Nix Packages";
href = "https://nixos.org/nixos/packages.html"; href = "https://nixos.org/nixos/packages.html";
image = image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
"https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
} }
{ {
label = "NixOS Language specific helpers"; label = "NixOS Language specific helpers";
href = href = "https://nixos.wiki/wiki/Language-specific_package_helpers";
"https://nixos.wiki/wiki/Language-specific_package_helpers"; image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
image =
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
} }
{ {
label = "NixOS Weekly"; label = "NixOS Weekly";
href = "https://weekly.nixos.org/"; href = "https://weekly.nixos.org/";
image = image = "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
"https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
} }
{ {
label = "NixOS Security"; label = "NixOS Security";
href = "https://broken.sh/"; href = "https://broken.sh/";
image = image = "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
"https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
} }
{ {
label = "NixOS RFCs"; label = "NixOS RFCs";
href = "https://github.com/NixOS/rfcs/"; href = "https://github.com/NixOS/rfcs/";
image = image = "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
"https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
} }
]; ];
} }

11
components/network/sshd/default.nix
View file

@ -1,4 +1,10 @@
{ pkgs, config, lib, assets, ... }: {
pkgs,
config,
lib,
assets,
...
}:
with lib; with lib;
with types; with types;
let let
@ -6,8 +12,7 @@ let
cfg = config.components.network.sshd; cfg = config.components.network.sshd;
# maybe ascii-image-converter is also nice here # maybe ascii-image-converter is also nice here
sshBanner = pkgs.runCommand "ssh-banner" sshBanner = pkgs.runCommand "ssh-banner" { nativeBuildInputs = [ pkgs.boxes ]; } ''
{ nativeBuildInputs = [ pkgs.boxes ]; } ''
echo "${config.networking.hostName}" | boxes -d ansi -s 80x1 -a r > $out echo "${config.networking.hostName}" | boxes -d ansi -s 80x1 -a r > $out
''; '';

8
components/network/sshd/known-hosts-manual.nix
View file

@ -1,4 +1,10 @@
{ pkgs, config, lib, clanLib, ... }: {
pkgs,
config,
lib,
clanLib,
...
}:
with lib; with lib;
let let
publicKey = clanLib.readFact "ssh.id_ed25519.pub"; publicKey = clanLib.readFact "ssh.id_ed25519.pub";

64
components/network/sshd/known-hosts-public.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {
config = mkIf (config.components.network.sshd.enable) { config = mkIf (config.components.network.sshd.enable) {
@ -28,65 +33,66 @@ with lib;
}; };
gitlab = { gitlab = {
hostNames = [ "gitlab.com" ]; hostNames = [ "gitlab.com" ];
publicKey = publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
}; };
gitlab-bk = { gitlab-bk = {
hostNames = [ "gitlab.bk-bund-berlin.de" "116.203.133.59" ]; hostNames = [
publicKey = "gitlab.bk-bund-berlin.de"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw="; "116.203.133.59"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
}; };
# space-left # space-left
gitlabSpaceLeft = { gitlabSpaceLeft = {
hostNames = [ "git.space-left.org" ]; hostNames = [ "git.space-left.org" ];
publicKey = publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
}; };
# c-base # c-base
"bnd-cbase" = { "bnd-cbase" = {
hostNames = [ "bnd.cbrp3.c-base.org" ]; hostNames = [ "bnd.cbrp3.c-base.org" ];
publicKey = publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
}; };
"shell.cbase" = { "shell.cbase" = {
hostNames = [ "shell.c-base.org" ]; hostNames = [ "shell.c-base.org" ];
publicKey = publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
}; };
"kgb.cbase" = { "kgb.cbase" = {
hostNames = [ "kgb.cbrp3.c-base.org" ]; hostNames = [ "kgb.cbrp3.c-base.org" ];
publicKey = publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
}; };
"cns.cbase" = { "cns.cbase" = {
hostNames = [ "cns.c-base.org" ]; hostNames = [ "cns.c-base.org" ];
publicKey = publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
}; };
"lassulus" = { "lassulus" = {
hostNames = [ "[lassul.us]:45621" ]; hostNames = [ "[lassul.us]:45621" ];
publicKey = publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
}; };
renoise = { renoise = {
hostNames = [ "*.renoise.com" "renoise.com" "94.130.128.97" ]; hostNames = [
publicKey = "*.renoise.com"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE="; "renoise.com"
"94.130.128.97"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
}; };
git-renoise = { git-renoise = {
hostNames = [ "[git.renoise.com]:2229" "[94.130.128.97]:2229" ]; hostNames = [
publicKey = "[git.renoise.com]:2229"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH"; "[94.130.128.97]:2229"
];
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
}; };
"siteground" = { "siteground" = {
hostNames = [ "[es5.siteground.eu]:18765" "[37.60.224.6]:18765" ]; hostNames = [
publicKey = "[es5.siteground.eu]:18765"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0="; "[37.60.224.6]:18765"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
}; };
"cracksucht.de" = { "cracksucht.de" = {
hostNames = [ "cracksucht.de" ]; hostNames = [ "cracksucht.de" ];
publicKey = publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
}; };
}; };

24
components/network/sshd/known-hosts-zerotier.nix
View file

@ -1,34 +1,34 @@
{ lib, config, clanLib, ... }: {
lib,
config,
clanLib,
...
}:
with lib; with lib;
with types; with types;
let let
machines = clanLib.allMachineNames; machines = clanLib.allMachineNames;
publicKey = clanLib.readFact "ssh.id_ed25519.pub"; publicKey = clanLib.readFact "ssh.id_ed25519.pub";
tld = config.clan.static-hosts.topLevelDomain; tld = config.clan.static-hosts.topLevelDomain;
knownHosts = lib.genAttrs machines knownHosts = lib.genAttrs machines (machine: {
(machine:
{
hostNames = [ hostNames = [
"${machine}" "${machine}"
"${machine}.${tld}" "${machine}.${tld}"
"${machine}.private" "${machine}.private"
]; ];
publicKey = publicKey machine; publicKey = publicKey machine;
} });
);
bootMachines = clanLib.readFactFromAllMachines "ssh.boot.id_ed25519.pub"; bootMachines = clanLib.readFactFromAllMachines "ssh.boot.id_ed25519.pub";
knownBootHosts = lib.mapAttrs' knownBootHosts = lib.mapAttrs' (
(machine: publicKey: nameValuePair machine: publicKey:
"boot_${machine}" nameValuePair "boot_${machine}" {
{
inherit publicKey; inherit publicKey;
hostNames = [ hostNames = [
"[${machine}]:2222" "[${machine}]:2222"
"[${machine}.public]:2222" "[${machine}.public]:2222"
]; ];
} }
) ) bootMachines;
bootMachines;
in in
{ {

108
components/network/syncthing.nix
View file

@ -1,15 +1,13 @@
{ config, lib, pkgs, factsGenerator, clanLib, ... }: {
let config,
clanMachines = lib,
lib.mapAttrs pkgs,
(machine: facts: { factsGenerator,
name = machine; clanLib,
id = facts."syncthing.pub"; ...
addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ]; }:
}) with lib;
(clanLib.readFactsFromAllMachines [ "syncthing.pub" "zerotier-ip" ]); {
in
with lib; {
# networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ]; # networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ];
@ -22,6 +20,19 @@ with lib; {
cert = config.clan.core.facts.services.syncthing.secret."syncthing.cert".path; cert = config.clan.core.facts.services.syncthing.secret."syncthing.cert".path;
settings.devices = settings.devices =
let let
clanMachines =
lib.mapAttrs
(machine: facts: {
name = machine;
id = facts."syncthing.pub";
addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ];
})
(
clanLib.readFactsFromAllMachines [
"syncthing.pub"
"zerotier-ip"
]
);
device = machine: id: { device = machine: id: {
"${machine}" = { "${machine}" = {
name = machine; name = machine;
@ -32,22 +43,26 @@ with lib; {
in in
clanMachines clanMachines
// (device "iPhone" "RPQBSRB-DYEUUWQ-EAPMBA2-PL4MJ73-Y4F4ZTH-TAD7DUE-GEK56BG-HYW6YAF") // (device "iPhone" "RPQBSRB-DYEUUWQ-EAPMBA2-PL4MJ73-Y4F4ZTH-TAD7DUE-GEK56BG-HYW6YAF")
// (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ") // (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ");
;
settings.folders = { settings.folders = {
# needs to be on encrypted drives
# -------------------------------
audiobooks = { audiobooks = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/audiobooks"; path = lib.mkDefault "/tmp/audiobooks";
devices = [ "chungus" "orbi" ]; devices = [
"chungus"
"orbi"
];
}; };
books = { books = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/books"; path = lib.mkDefault "/tmp/books";
devices = [ "chungus" "cream" "cherry" ]; devices = [
"chungus"
"cream"
"cherry"
];
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "2"; params.keep = "2";
@ -56,12 +71,20 @@ with lib; {
desktop = { desktop = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/desktop"; path = lib.mkDefault "/tmp/desktop";
devices = [ "chungus" "cream" "cherry" ]; devices = [
"chungus"
"cream"
"cherry"
];
}; };
finance = { finance = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/finance"; path = lib.mkDefault "/tmp/finance";
devices = [ "chungus" "cream" "cherry" ]; devices = [
"chungus"
"cream"
"cherry"
];
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";
@ -70,27 +93,46 @@ with lib; {
flix = { flix = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/flix"; path = lib.mkDefault "/tmp/flix";
devices = [ "chungus" "orbi" ]; devices = [
"chungus"
"orbi"
];
}; };
logseq = { logseq = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/logseq"; path = lib.mkDefault "/tmp/logseq";
devices = [ "chungus" "cream" "cherry" "iPhone" ]; devices = [
"chungus"
"cream"
"cherry"
"iPhone"
];
}; };
lectures = { lectures = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/lectures"; path = lib.mkDefault "/tmp/lectures";
devices = [ "chungus" "orbi" ]; devices = [
"chungus"
"orbi"
];
}; };
oscar_cpap = { oscar_cpap = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/oscar_cpap"; path = lib.mkDefault "/tmp/oscar_cpap";
devices = [ "chungus" "cream" "cherry" ]; devices = [
"chungus"
"cream"
"cherry"
];
}; };
password-store = { password-store = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/password-store"; path = lib.mkDefault "/tmp/password-store";
devices = [ "chungus" "cream" "cherry" ]; devices = [
"chungus"
"cream"
"cherry"
];
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";
@ -100,18 +142,12 @@ with lib; {
share = { share = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/password-store"; path = lib.mkDefault "/tmp/password-store";
devices = [ "cream" "cherry" "orbi" ]; devices = [
"cream"
"cherry"
"orbi"
];
}; };
# todo remove if zfs is is used
#nextcloud_backup = {
# enable = lib.mkDefault false;
# path = lib.mkDefault "/tmp/lost-fotos";
# devices = [ "chungus" ];
# versioning = {
# type = "simple";
# params.keep = "2";
# };
#};
}; };
}; };

21
components/network/tinc/default.nix
View file

@ -1,4 +1,10 @@
{ lib, config, factsGenerator, clanLib, ... }: {
lib,
config,
factsGenerator,
clanLib,
...
}:
with lib; with lib;
{ {
@ -20,18 +26,21 @@ with lib;
}; };
config = mkMerge [ config = mkMerge [
(mkIf config.tinc.private.enable (import ./private.nix { (mkIf config.tinc.private.enable (
import ./private.nix {
ipv4 = config.tinc.private.ipv4; ipv4 = config.tinc.private.ipv4;
ipv6 = null; ipv6 = null;
inherit (lib) optionalString concatStringsSep mapAttrsToList; inherit (lib) optionalString concatStringsSep mapAttrsToList;
inherit config factsGenerator clanLib; inherit config factsGenerator clanLib;
})) }
(mkIf config.tinc.secret.enable (import ./secret.nix { ))
(mkIf config.tinc.secret.enable (
import ./secret.nix {
ipv4 = config.tinc.secret.ipv4; ipv4 = config.tinc.secret.ipv4;
ipv6 = null; ipv6 = null;
inherit (lib) optionalString concatStringsSep mapAttrsToList; inherit (lib) optionalString concatStringsSep mapAttrsToList;
inherit config factsGenerator clanLib; inherit config factsGenerator clanLib;
})) }
))
]; ];
} }

40
components/network/tinc/private.nix
View file

@ -1,12 +1,13 @@
{ ipv4 {
, ipv6 ipv4,
, config ipv6,
, optionalString config,
, concatStringsSep optionalString,
, factsGenerator concatStringsSep,
, mapAttrsToList factsGenerator,
, clanLib mapAttrsToList,
, ... clanLib,
...
}: }:
let let
hosts = { hosts = {
@ -51,35 +52,36 @@ in
services.tinc.networks = { services.tinc.networks = {
${network} = { ${network} = {
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path; ed25519PrivateKeyFile =
config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
interfaceType = "tap"; interfaceType = "tap";
extraConfig = '' extraConfig = ''
LocalDiscovery = yes LocalDiscovery = yes
''; '';
hostSettings = { hostSettings = {
mobi = { mobi = {
subnets = [{ address = hosts.mobi; }]; subnets = [ { address = hosts.mobi; } ];
settings.Ed25519PublicKey = "X5sp3YYevVNUrzYvi+HZ2iW5WbO0bIb58jR4jZFH6MB"; settings.Ed25519PublicKey = "X5sp3YYevVNUrzYvi+HZ2iW5WbO0bIb58jR4jZFH6MB";
}; };
bobi = { bobi = {
subnets = [{ address = hosts.bobi; }]; subnets = [ { address = hosts.bobi; } ];
settings.Ed25519PublicKey = "jwvNd4oAgz2cWEI74VTVYU1qgPWq823/a0iEDqJ8KMD"; settings.Ed25519PublicKey = "jwvNd4oAgz2cWEI74VTVYU1qgPWq823/a0iEDqJ8KMD";
}; };
cream = { cream = {
subnets = [{ address = hosts.cream; }]; subnets = [ { address = hosts.cream; } ];
settings.Ed25519PublicKey = Ed25519PublicKey "cream"; settings.Ed25519PublicKey = Ed25519PublicKey "cream";
}; };
cherry = { cherry = {
subnets = [{ address = hosts.cherry; }]; subnets = [ { address = hosts.cherry; } ];
settings.Ed25519PublicKey = Ed25519PublicKey "cherry"; settings.Ed25519PublicKey = Ed25519PublicKey "cherry";
}; };
chungus = { chungus = {
subnets = [{ address = hosts.chungus; }]; subnets = [ { address = hosts.chungus; } ];
settings.Ed25519PublicKey = Ed25519PublicKey "chungus"; settings.Ed25519PublicKey = Ed25519PublicKey "chungus";
}; };
orbi = { orbi = {
addresses = [{ address = "95.216.66.212"; }]; addresses = [ { address = "95.216.66.212"; } ];
subnets = [{ address = hosts.orbi; }]; subnets = [ { address = hosts.orbi; } ];
settings.Ed25519PublicKey = Ed25519PublicKey "orbi"; settings.Ed25519PublicKey = Ed25519PublicKey "orbi";
}; };
}; };
@ -100,6 +102,8 @@ in
LinkLocalAddressing = no LinkLocalAddressing = no
''; '';
networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains)); networking.extraHosts = concatStringsSep "\n" (
mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains)
);
} }

61
components/network/tinc/secret.nix
View file

@ -1,11 +1,12 @@
{ ipv4 {
, ipv6 ipv4,
, config ipv6,
, optionalString config,
, concatStringsSep optionalString,
, mapAttrsToList concatStringsSep,
, factsGenerator mapAttrsToList,
, ... factsGenerator,
...
}: }:
let let
port = 721; port = 721;
@ -23,31 +24,37 @@ in
services.tinc.networks = { services.tinc.networks = {
${network} = { ${network} = {
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path; ed25519PrivateKeyFile =
config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
extraConfig = '' extraConfig = ''
LocalDiscovery = yes LocalDiscovery = yes
Port = ${toString port} Port = ${toString port}
''; '';
hostSettings = { hostSettings = {
sternchen = { sternchen = {
subnets = [{ address = hosts.sternchen; }]; subnets = [ { address = hosts.sternchen; } ];
settings.Ed25519PublicKey = "Z567IKl00Kw5JFBNwMvjL33QYe2hRoNtQcNIDFRPReB"; settings.Ed25519PublicKey = "Z567IKl00Kw5JFBNwMvjL33QYe2hRoNtQcNIDFRPReB";
}; };
cream = { cream = {
subnets = [{ address = hosts.cream; }]; subnets = [ { address = hosts.cream; } ];
settings.Ed25519PublicKey = "Y/YRA90mAlNEmdhUWlUTHjjsco6d6hlvW11sPtarIdL"; settings.Ed25519PublicKey = "Y/YRA90mAlNEmdhUWlUTHjjsco6d6hlvW11sPtarIdL";
}; };
cherry = { cherry = {
subnets = [{ address = hosts.cherry; }]; subnets = [ { address = hosts.cherry; } ];
settings.Ed25519PublicKey = "BsPIrZjbzn0aryC0HO3OXSb4oFCMmzNDmMDQmxUXUuC"; settings.Ed25519PublicKey = "BsPIrZjbzn0aryC0HO3OXSb4oFCMmzNDmMDQmxUXUuC";
}; };
sterni = { sterni = {
subnets = [{ address = hosts.sterni; }]; subnets = [ { address = hosts.sterni; } ];
settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O"; settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O";
}; };
robi = { robi = {
addresses = [{ address = "144.76.13.147"; port = port; }]; addresses = [
subnets = [{ address = hosts.robi; }]; {
address = "144.76.13.147";
port = port;
}
];
subnets = [ { address = hosts.robi; } ];
settings.Ed25519PublicKey = "bZUbSdME4fwudNVbUoNO7PpoOS2xALsyTs81F260KbL"; settings.Ed25519PublicKey = "bZUbSdME4fwudNVbUoNO7PpoOS2xALsyTs81F260KbL";
}; };
}; };
@ -68,23 +75,37 @@ in
LinkLocalAddressing = no LinkLocalAddressing = no
''; '';
networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts); networking.extraHosts = concatStringsSep "\n" (
mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts
);
services.openssh.knownHosts = { services.openssh.knownHosts = {
"cream.${network}" = { "cream.${network}" = {
hostNames = [ "cream.${network}" hosts.cream ]; hostNames = [
"cream.${network}"
hosts.cream
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIConHiCL7INgAhuN6Z9TqP0zP+xNpdV7+OHwUca4IRDD"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIConHiCL7INgAhuN6Z9TqP0zP+xNpdV7+OHwUca4IRDD";
}; };
"sternchen.${network}" = { "sternchen.${network}" = {
hostNames = [ "sterni.${network}" hosts.sterni ]; hostNames = [
"sterni.${network}"
hosts.sterni
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q";
}; };
"sterni.${network}" = { "sterni.${network}" = {
hostNames = [ "sterni.${network}" hosts.sterni ]; hostNames = [
"sterni.${network}"
hosts.sterni
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQRH4gzT4vWSx3KN80ePPYhSPZRUae/qSyEym6pJTht"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQRH4gzT4vWSx3KN80ePPYhSPZRUae/qSyEym6pJTht";
}; };
"robi" = { "robi" = {
hostNames = [ "robi.${network}" hosts.robi ]; hostNames = [
"robi.${network}"
hosts.robi
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2PGX6cZuBUGX4VweMzi0aRh4uQ61yngCzZGcK3w5XV"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2PGX6cZuBUGX4VweMzi0aRh4uQ61yngCzZGcK3w5XV";
}; };
}; };

9
components/network/wifi.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; with lib;
with types; with types;
{ {
@ -22,7 +27,6 @@ with types;
# Setting this value to 1 means to try activation once, without retry. # Setting this value to 1 means to try activation once, without retry.
networking.networkmanager.settings.main.autoconnect-retries-default = 999; networking.networkmanager.settings.main.autoconnect-retries-default = 999;
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
# because Networkd-wait-online is just failing. # because Networkd-wait-online is just failing.
@ -47,4 +51,3 @@ with types;
}; };
} }

2
components/network/wireguard.nix
View file

@ -28,6 +28,4 @@ with lib;
''; '';
}; };
} }

7
components/nixos/upgrade-diff.nix
View file

@ -1,5 +1,10 @@
# MIT Jörg Thalheim - https://github.com/Mic92/dotfiles/blob/c6cad4e57016945c4816c8ec6f0a94daaa0c3203/nixos/modules/upgrade-diff.nix # MIT Jörg Thalheim - https://github.com/Mic92/dotfiles/blob/c6cad4e57016945c4816c8ec6f0a94daaa0c3203/nixos/modules/upgrade-diff.nix
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
{ {
options.components.nixos.update-diff.enable = lib.mkOption { options.components.nixos.update-diff.enable = lib.mkOption {

8
components/terminal/bash.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {
options.components.terminal.bash.enable = mkOption { options.components.terminal.bash.enable = mkOption {
@ -16,7 +21,6 @@ with lib;
interactiveShellInit = "set -o vi"; interactiveShellInit = "set -o vi";
shellAliases = { shellAliases = {
ls = "ls --color=tty"; ls = "ls --color=tty";
l = "ls -CFh"; l = "ls -CFh";

7
components/terminal/default.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
{ {
options.components.terminal = { options.components.terminal = {

12
components/terminal/direnv.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {
options.components.terminal.direnv.enable = mkOption { options.components.terminal.direnv.enable = mkOption {
@ -12,7 +17,10 @@ with lib;
home-manager.sharedModules = [ home-manager.sharedModules = [
{ {
programs.direnv.enable = true; programs.direnv.enable = true;
programs.git.ignores = [ ".envrc" ".direnv" ]; programs.git.ignores = [
".envrc"
".direnv"
];
} }
]; ];

9
components/terminal/git.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
{ {
options.components.terminal.git.enable = mkOption { options.components.terminal.git.enable = mkOption {
@ -8,7 +13,6 @@ with lib;
config = mkIf (config.components.terminal.git.enable) { config = mkIf (config.components.terminal.git.enable) {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
git git
gita gita
@ -29,4 +33,3 @@ with lib;
]; ];
}; };
} }

7
components/terminal/heygpt.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; with lib;
{ {
options.components.terminal.heygpt.enable = mkOption { options.components.terminal.heygpt.enable = mkOption {

31
components/terminal/hoard.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
let let
hoardSrc = pkgs.fetchFromGitHub { hoardSrc = pkgs.fetchFromGitHub {
@ -31,10 +36,26 @@ in
config_home_path = "/home/palo/.config/hoard"; config_home_path = "/home/palo/.config/hoard";
trove_path = "/home/palo/.config/hoard/trove.yml"; trove_path = "/home/palo/.config/hoard/trove.yml";
query_prefix = " >"; query_prefix = " >";
primary_color = [ 87 142 87 ]; primary_color = [
secondary_color = [ 203 184 144 ]; 87
tertiary_color = [ 30 30 30 ]; 142
command_color = [ 30 30 30 ]; 87
];
secondary_color = [
203
184
144
];
tertiary_color = [
30
30
30
];
command_color = [
30
30
30
];
parameter_token = "#"; parameter_token = "#";
read_from_current_directory = true; read_from_current_directory = true;
}; };

9
components/terminal/remote-install.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {
options.components.terminal.remote-install.enable = mkOption { options.components.terminal.remote-install.enable = mkOption {
@ -10,7 +15,7 @@ with lib;
services.tor = { services.tor = {
enable = true; enable = true;
client.enable = true; client.enable = true;
relay.onionServices.liveos.map = [{ port = 1337; }]; relay.onionServices.liveos.map = [ { port = 1337; } ];
}; };
environment.systemPackages = [ environment.systemPackages = [

193
components/terminal/wtf.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
let let
@ -54,8 +59,8 @@ let
echo echo
''; '';
userHighlight = map ({ user, ... }: user) userHighlight =
(builtins.attrValues config.services.browser.configList) map ({ user, ... }: user) (builtins.attrValues config.services.browser.configList)
++ [ "steam" ]; ++ [ "steam" ];
activeUsers = pkgs.writers.writeBash "active-users" '' activeUsers = pkgs.writers.writeBash "active-users" ''
@ -63,14 +68,20 @@ let
| ${pkgs.gnused}/bin/sed '1 d' \ | ${pkgs.gnused}/bin/sed '1 d' \
| ${pkgs.coreutils}/bin/sort \ | ${pkgs.coreutils}/bin/sort \
| ${pkgs.coreutils}/bin/uniq \ | ${pkgs.coreutils}/bin/uniq \
| ${pkgs.gnugrep}/bin/egrep --color=always '(${ | ${pkgs.gnugrep}/bin/egrep --color=always '(${pkgs.lib.concatStringsSep "|" userHighlight})|$'
pkgs.lib.concatStringsSep "|" userHighlight
})|$'
''; '';
# default settings # default settings
wtfModule = wtfModule =
args@{ height ? 1, width ? 1, top, left, enabled ? true, type, ... }: args@{
height ? 1,
width ? 1,
top,
left,
enabled ? true,
type,
...
}:
{ {
enabled = enabled; enabled = enabled;
focusable = false; focusable = false;
@ -78,33 +89,50 @@ let
position.left = left; position.left = left;
position.height = height; position.height = height;
position.width = width; position.width = width;
} // (lib.filterAttrs }
(key: _: lib.all (x: x != key) [ "height" "width" "top" "left" ]) // (lib.filterAttrs (
args); key: _:
lib.all (x: x != key) [
"height"
"width"
"top"
"left"
]
) args);
# command runner module # command runner module
cmdRunner = args@{ cmd, ... }: cmdRunner =
wtfModule ({ args@{ cmd, ... }:
wtfModule (
{
type = "cmdrunner"; type = "cmdrunner";
focusable = false; focusable = false;
refreshInterval = 300; refreshInterval = 300;
} // args); }
// args
);
modules = { modules = {
inherit cmdRunner; inherit cmdRunner;
digitalclock = args@{ top, left, ... }: digitalclock =
cmdRunner ({ args@{ top, left, ... }:
cmdRunner (
{
cmd = pkgs.writers.writeDash "clock" '' cmd = pkgs.writers.writeDash "clock" ''
${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"` ${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"`
${pkgs.coreutils}/bin/date +"%B %d %Y" ${pkgs.coreutils}/bin/date +"%B %d %Y"
''; '';
title = ""; title = "";
refreshInterval = 30; refreshInterval = 30;
} // args); }
// args
);
clocks = args@{ top, left, ... }: clocks =
wtfModule ({ args@{ top, left, ... }:
wtfModule (
{
type = "clocks"; type = "clocks";
title = ""; title = "";
border = false; border = false;
@ -115,30 +143,43 @@ let
locations = { locations = {
UTC = "Etc/UTC"; UTC = "Etc/UTC";
Berlin = "Europe/Berlin"; Berlin = "Europe/Berlin";
Cuba = "America/Havana"; Thailand = "Asia/Bangkok";
Wellington = "Pacific/Auckland"; #Cuba = "America/Havana";
#Wellington = "Pacific/Auckland";
}; };
sort = "alphabetical"; sort = "alphabetical";
refreshInterval = 60; refreshInterval = 60;
} // args); }
// args
);
resourceusage = args@{ top, left, ... }: resourceusage =
wtfModule ({ args@{ top, left, ... }:
wtfModule (
{
type = "resourceusage"; type = "resourceusage";
title = ""; title = "";
cpuCombined = false; cpuCombined = false;
refreshInterval = 5; refreshInterval = 5;
} // args); }
// args
);
power = args@{ top, left, ... }: power =
wtfModule ({ args@{ top, left, ... }:
wtfModule (
{
type = "power"; type = "power";
title = ""; title = "";
refreshInterval = 100; refreshInterval = 100;
} // args); }
// args
);
prettyweather = args@{ top, left, ... }: prettyweather =
wtfModule ({ args@{ top, left, ... }:
wtfModule (
{
type = "prettyweather"; type = "prettyweather";
title = ""; title = "";
city = "Essen"; city = "Essen";
@ -146,10 +187,19 @@ let
view = 0; view = 0;
language = "en"; language = "en";
refreshInterval = 3600; refreshInterval = 3600;
} // args); }
// args
);
feedreader = args@{ top, left, feeds, ... }: feedreader =
wtfModule ({ args@{
top,
left,
feeds,
...
}:
wtfModule (
{
type = "feedreader"; type = "feedreader";
title = ""; title = "";
refreshInterval = 3600; refreshInterval = 3600;
@ -159,10 +209,20 @@ let
even = "white"; even = "white";
odd = "white"; odd = "white";
}; };
} // args); }
// args
);
github = args@{ top, left, username, apiKey, ... }: github =
wtfModule ({ args@{
top,
left,
username,
apiKey,
...
}:
wtfModule (
{
type = "github"; type = "github";
title = ""; title = "";
refreshInterval = 3600; refreshInterval = 3600;
@ -177,7 +237,9 @@ let
# - "wtfutil/wtf" # - "wtfutil/wtf"
# - "wtfutil/docs" # - "wtfutil/docs"
# - "umbrella-corp/wesker-api" # - "umbrella-corp/wesker-api"
} // args); }
// args
);
}; };
@ -190,8 +252,20 @@ let
normal = "green"; normal = "green";
}; };
grid = { grid = {
columns = [ 28 0 0 ]; columns = [
rows = [ 9 9 9 9 9 9 0 ]; 28
0
0
];
rows = [
9
9
9
9
9
9
0
];
}; };
refreshInterval = 1; refreshInterval = 1;
mods = with modules; { mods = with modules; {
@ -226,8 +300,7 @@ let
top = 4; top = 4;
left = 1; left = 1;
height = 1; height = 1;
feeds = feeds = [ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
[ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
}; };
nixos = feedreader { nixos = feedreader {
title = "NixOS Weekly"; title = "NixOS Weekly";
@ -264,8 +337,20 @@ let
normal = "green"; normal = "green";
}; };
grid = { grid = {
columns = [ 33 12 28 36 0 ]; columns = [
rows = [ 9 4 6 6 0 ]; 33
12
28
36
0
];
rows = [
9
4
6
6
0
];
}; };
refreshInterval = 1; refreshInterval = 1;
mods = with modules; { mods = with modules; {
@ -291,12 +376,16 @@ let
left = 0; left = 0;
}; };
rates = wtfModule { yfinance = wtfModule {
type = "yfinance"; type = "yfinance";
top = 3; top = 3;
left = 0; left = 0;
title = "rates"; title = "rates";
symbols = [ "EURUSD=X" "EURNZD=X" ]; symbols = [
"EURUSD=X"
"EURNZD=X"
"EURTHB=X"
];
refreshInterval = 60; refreshInterval = 60;
}; };
@ -307,7 +396,12 @@ let
calendar = cmdRunner { calendar = cmdRunner {
title = ""; title = "";
args = [ "-3" "--monday" "--color=never" "-w" ]; args = [
"-3"
"--monday"
"--color=never"
"-w"
];
cmd = "cal"; cmd = "cal";
top = 1; top = 1;
left = 1; left = 1;
@ -369,9 +463,12 @@ let
}; };
}; };
createDashboard = { json, name }: createDashboard =
let configuration = pkgs.writeText "config.yml" (builtins.toJSON json); { json, name }:
in pkgs.writers.writeBashBin name '' let
configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
in
pkgs.writers.writeBashBin name ''
${pkgs.wtf}/bin/wtfutil --config=${toString configuration} ${pkgs.wtf}/bin/wtfutil --config=${toString configuration}
''; '';

7
components/terminal/zsh.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {
options.components.terminal.zsh.enable = mkOption { options.components.terminal.zsh.enable = mkOption {

7
components/timezone.nix
View file

@ -1,8 +1,9 @@
{ lib, ... }:
{ {
# some system stuff # some system stuff
# ----------------- # -----------------
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
#time.timeZone = lib.mkDefault "Pacific/Auckland"; #time.timeZone = "Pacific/Auckland";
#time.timeZone = lib.mkDefault "Asia/Singapore"; #time.timeZone = "Asia/Singapore";
#time.timeZone = lib.mkDefault "Asia/Makassar"; #time.timeZone = "Asia/Makassar";
} }

7
components/virtualisation/docker.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; with lib;
{ {

7
components/virtualisation/podman.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; with lib;
{ {

7
components/virtualisation/qemu.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; with lib;
{ {

7
components/virtualisation/virtualbox.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; with lib;
{ {

8
components/yubikey.nix
View file

@ -1,7 +1,12 @@
# References: # References:
# * https://github.com/drduh/YubiKey-Guide # * https://github.com/drduh/YubiKey-Guide
# * https://nixos.wiki/wiki/Yubikey # * https://nixos.wiki/wiki/Yubikey
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
{ {
@ -16,7 +21,6 @@ with lib;
services.pcscd.enable = true; services.pcscd.enable = true;
services.udev.packages = [ pkgs.yubikey-personalization ]; services.udev.packages = [ pkgs.yubikey-personalization ];
environment.systemPackages = [ environment.systemPackages = [
pkgs.yubikey-personalization pkgs.yubikey-personalization

13
features/boot/ssh.nix
View file

@ -1,4 +1,11 @@
{ config, lib, pkgs, factsGenerator, clanLib, ... }: {
config,
lib,
pkgs,
factsGenerator,
clanLib,
...
}:
with lib; with lib;
with types; with types;
@ -11,8 +18,7 @@ with types;
kernelModules = mkOption { kernelModules = mkOption {
type = listOf str; type = listOf str;
default = [ ]; default = [ ];
description = description = "nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
"nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
}; };
}; };
@ -42,4 +48,3 @@ with types;
}; };
} }

27
features/boot/tor.nix
View file

@ -1,4 +1,11 @@
{ config, lib, pkgs, factsGenerator, clanLib, ... }: {
config,
lib,
pkgs,
factsGenerator,
clanLib,
...
}:
with lib; with lib;
with types; with types;
{ {
@ -16,14 +23,13 @@ with types;
name = "initrd"; name = "initrd";
addressPrefix = "init"; addressPrefix = "init";
}; };
boot.initrd.secrets = boot.initrd.secrets = mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file) (
mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file) genAttrs [
(genAttrs [
"hostname" "hostname"
"hs_ed25519_public_key" "hs_ed25519_public_key"
"hs_ed25519_secret_key" "hs_ed25519_secret_key"
] ] (secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path)
(secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path)); );
boot.initrd.systemd.storePaths = [ boot.initrd.systemd.storePaths = [
pkgs.tor pkgs.tor
@ -43,7 +49,10 @@ with types;
boot.initrd.systemd.services.tor = { boot.initrd.systemd.services.tor = {
description = "tor during init"; description = "tor during init";
wantedBy = [ "initrd.target" ]; wantedBy = [ "initrd.target" ];
after = [ "network.target" "initrd-nixos-copy-secrets.service" ]; after = [
"network.target"
"initrd-nixos-copy-secrets.service"
];
before = [ "shutdown.target" ]; before = [ "shutdown.target" ];
conflicts = [ "shutdown.target" ]; conflicts = [ "shutdown.target" ];
@ -53,8 +62,7 @@ with types;
pkgs.iproute2 pkgs.iproute2
pkgs.coreutils pkgs.coreutils
]; ];
script = script = ''
''
echo "tor: preparing onion folder" echo "tor: preparing onion folder"
# have to do this otherwise tor does not want to start # have to do this otherwise tor does not want to start
chmod -R 700 /etc/tor chmod -R 700 /etc/tor
@ -66,4 +74,3 @@ with types;
}; };
}; };
} }

7
features/network/fail2ban.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with lib; with lib;
{ {
options.features.network.fail2ban.enable = mkOption { options.features.network.fail2ban.enable = mkOption {

8
features/network/sshguard.nix
View file

@ -1,4 +1,10 @@
{ pkgs, config, lib, assets, ... }: {
pkgs,
config,
lib,
assets,
...
}:
with lib; with lib;
with types; with types;
{ {

545
flake.lock
View file

@ -120,19 +120,21 @@
"flake-parts": [ "flake-parts": [
"flake-parts" "flake-parts"
], ],
"nixos-facter-modules": "nixos-facter-modules",
"nixos-images": "nixos-images", "nixos-images": "nixos-images",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"systems": "systems",
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1723647956, "lastModified": 1726339325,
"narHash": "sha256-ZG5GDth3kK8xllDR8BbgmmY2sqbPqCOiJpTJr/CW0YA=", "narHash": "sha256-bJhxZywuBdQ4vk/t12U1Y9pKKM5VbchKvvM95838+bQ=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "de31db2d005e7b8885e58d12f912f68ae8cc6350", "rev": "17da259ff99e2d4079f686ba837eb55a2ac9e79b",
"revCount": 3704, "revCount": 4100,
"type": "git", "type": "git",
"url": "https://git.clan.lol/clan/clan-core" "url": "https://git.clan.lol/clan/clan-core"
}, },
@ -163,6 +165,28 @@
"type": "github" "type": "github"
} }
}, },
"devshell": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nix-topology",
"nixpkgs"
]
},
"locked": {
"lastModified": 1713532798,
"narHash": "sha256-wtBhsdMJA3Wa32Wtm1eeo84GejtI43pMrFrmwLXrsEc=",
"owner": "numtide",
"repo": "devshell",
"rev": "12e914740a25ea1891ec619bb53cf5e6ca922e40",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -171,11 +195,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1721417620, "lastModified": 1725377834,
"narHash": "sha256-6q9b1h8fI3hXg2DG6/vrKWCeG8c5Wj2Kvv22RCgedzg=", "narHash": "sha256-tqoAO8oT6zEUDXte98cvA1saU9+1dLJQe3pMKLXv8ps=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "bec6e3cde912b8acb915fecdc509eda7c973fb42", "rev": "e55f9a8678adc02024a4877c2a403e3f6daf24fe",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -207,6 +231,22 @@
} }
}, },
"flake-compat": { "flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1673956053, "lastModified": 1673956053,
@ -247,11 +287,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1722555600, "lastModified": 1726153070,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", "narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d", "rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -281,6 +321,24 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"locked": { "locked": {
"lastModified": 1644229661, "lastModified": 1644229661,
@ -298,14 +356,14 @@
}, },
"flake-utils_2": { "flake-utils_2": {
"inputs": { "inputs": {
"systems": "systems" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1694529238, "lastModified": 1701680307,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -315,6 +373,24 @@
} }
}, },
"flake-utils_3": { "flake-utils_3": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"locked": { "locked": {
"lastModified": 1631561581, "lastModified": 1631561581,
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=", "narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
@ -329,9 +405,30 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_4": { "flake-utils_5": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": [
"stylix",
"systems"
]
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_6": {
"inputs": {
"systems": "systems_5"
}, },
"locked": { "locked": {
"lastModified": 1694529238, "lastModified": 1694529238,
@ -363,6 +460,28 @@
"type": "github" "type": "github"
} }
}, },
"gitignore": {
"inputs": {
"nixpkgs": [
"nix-topology",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gnome-shell": { "gnome-shell": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -382,14 +501,16 @@
}, },
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_2" "nixpkgs": [
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1723399884, "lastModified": 1726357542,
"narHash": "sha256-97wn0ihhGqfMb8WcUgzzkM/TuAxce2Gd20A8oiruju4=", "narHash": "sha256-p4OrJL2weh0TRtaeu1fmNYP6+TOp/W2qdaIJxxQay4c=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "086f619dd991a4d355c07837448244029fc2d9ab", "rev": "e524c57b1fa55d6ca9d8354c6ce1e538d2a1f47f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -426,11 +547,11 @@
}, },
"locked": { "locked": {
"dir": "nix", "dir": "nix",
"lastModified": 1723528867, "lastModified": 1726080562,
"narHash": "sha256-sfgm8f50WpzuBObpl2DcEw6VDBl90wwFTF4CToWLyyM=", "narHash": "sha256-Inh/OXdaw5tG/GrVjjhVELtSTZFPGLG3UcN/J5oFWy8=",
"owner": "kmonad", "owner": "kmonad",
"repo": "kmonad", "repo": "kmonad",
"rev": "07cd1cb4fddb46a8d9de3bb9d06196d08b7a8ed2", "rev": "4e17fc4432dad3664d39274e4e698c7a5497216d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -443,7 +564,7 @@
"landingpage": { "landingpage": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1709213960, "lastModified": 1709213960,
@ -459,21 +580,44 @@
"type": "github" "type": "github"
} }
}, },
"nix-topology": {
"inputs": {
"devshell": "devshell",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1725483443,
"narHash": "sha256-WzOlGMKV/51Fccn/OMHcm5yrqgbOJZrJIy1ya4pW0u8=",
"owner": "oddlama",
"repo": "nix-topology",
"rev": "8738d94670265beb166954c4e3a26e432f79f68c",
"type": "github"
},
"original": {
"owner": "oddlama",
"repo": "nix-topology",
"type": "github"
}
},
"nixos-anywhere": { "nixos-anywhere": {
"inputs": { "inputs": {
"disko": "disko_2", "disko": "disko_2",
"flake-parts": "flake-parts_3", "flake-parts": "flake-parts_3",
"nixos-images": "nixos-images_2", "nixos-images": "nixos-images_2",
"nixos-stable": "nixos-stable", "nixos-stable": "nixos-stable",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_3",
"treefmt-nix": "treefmt-nix_2" "treefmt-nix": "treefmt-nix_2"
}, },
"locked": { "locked": {
"lastModified": 1722000256, "lastModified": 1726219387,
"narHash": "sha256-urCCUTXgkHPh9eN3JAKAa8f09nltFxtAQaLyHbOOKxw=", "narHash": "sha256-fACBWdZsLcFrrLsP7M//qIyIgecWEn3W8btu3WiGShE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-anywhere", "repo": "nixos-anywhere",
"rev": "1933f2e7e2395ee88b15d3a411a363775e83274d", "rev": "00a41d52a37f3d3e15d45715a1f5fded0e966e6b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -482,13 +626,29 @@
"type": "github" "type": "github"
} }
}, },
"nixos-facter-modules": {
"flake": false,
"locked": {
"lastModified": 1725379040,
"narHash": "sha256-yJIy595vpcdAYznxamszZhteQCIZM3OJUOIKeU4cIq4=",
"owner": "numtide",
"repo": "nixos-facter-modules",
"rev": "a389bf16ed7db1f7e6a5e9dc4b5547e927498803",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "nixos-facter-modules",
"type": "github"
}
},
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1723310128, "lastModified": 1725885300,
"narHash": "sha256-IiH8jG6PpR4h9TxSGMYh+2/gQiJW9MwehFvheSb5rPc=", "narHash": "sha256-5RLEnou1/GJQl+Wd+Bxaj7QY7FFQ9wjnFq1VNEaxTmc=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "c54cf53e022b0b3c1d3b8207aa0f9b194c24f0cf", "rev": "166dee4f88a7e3ba1b7a243edb1aca822f00680e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -508,11 +668,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1721571445, "lastModified": 1725726968,
"narHash": "sha256-2MnlPVcNJZ9Nbu90kFyo7+lng366gswErP4FExfrUbc=", "narHash": "sha256-sqkJZDj4NjPFhWCDoSyXJoBRfRfXIyvhfssGqLvzgW8=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-images", "repo": "nixos-images",
"rev": "accee005735844d57b411d9969c5d0aabc6a55f6", "rev": "51c98a9f328e7aad81d8aa048f38e4e5c86d3389",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -612,11 +772,11 @@
}, },
"nixpkgs-legacy_2405": { "nixpkgs-legacy_2405": {
"locked": { "locked": {
"lastModified": 1723556749, "lastModified": 1726320982,
"narHash": "sha256-+CHVZnTnIYRLYsARInHYoWkujzcRkLY/gXm3s5bE52o=", "narHash": "sha256-RuVXUwcYwaUeks6h3OLrEmg14z9aFXdWppTWPMTwdQw=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4a92571f9207810b559c9eac203d1f4d79830073", "rev": "8f7492cce28977fbf8bd12c72af08b1f6c7c3e49",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -638,13 +798,41 @@
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz" "url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
} }
}, },
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1722555339,
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1710695816,
"narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "614b4613980a522ba49f0d194531beddbb7220d3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable-small": { "nixpkgs-unstable-small": {
"locked": { "locked": {
"lastModified": 1723635208, "lastModified": 1726346340,
"narHash": "sha256-gPJXTDUpq6gvWN5WvdBIUI8SdnlkarMwC8Q85wilgZc=", "narHash": "sha256-S15Ylznn8MBWIooDT65Z7E3h9N7XpB5VMx7ZdHZ/JGA=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9ccfa877218074582ff21fe950944fa0a7240248", "rev": "c60562f3643f6c1604cba0c7177834266bd35af9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -655,22 +843,6 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1723175592,
"narHash": "sha256-M0xJ3FbDUc4fRZ84dPGx5VvgFsOzds77KiBMW/mMTnI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5e0ca22929f3342b19569b21b2f3462f053e497b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1645527175, "lastModified": 1645527175,
"narHash": "sha256-WeewqaO48sCctiN+iwgZZEJRU29Si7vHHoLCINAvuk8=", "narHash": "sha256-WeewqaO48sCctiN+iwgZZEJRU29Si7vHHoLCINAvuk8=",
@ -685,7 +857,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1717926692, "lastModified": 1717926692,
"narHash": "sha256-THcv8qDqobZefHHluPjx/8n+MtVVb8ag/oJbKMqKNRo=", "narHash": "sha256-THcv8qDqobZefHHluPjx/8n+MtVVb8ag/oJbKMqKNRo=",
@ -701,13 +873,13 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_5": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1723362943, "lastModified": 1726062873,
"narHash": "sha256-dFZRVSgmJkyM0bkPpaYRtG/kRMRTorUIDj8BxoOt1T4=", "narHash": "sha256-IiA3jfbR7K/B5+9byVi9BZGWTD4VSbWe8VLpp9B/iYk=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "a58bc8ad779655e790115244571758e8de055e3d", "rev": "4f807e8940284ad7925ebd0a0993d2a1791acb2f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -717,23 +889,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_6": { "nixpkgs_5": {
"locked": {
"lastModified": 1701263465,
"narHash": "sha256-lNXUIlkfyDyp9Ox21hr+wsEf/IBklLvb6bYcyeXbdRc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "50aa30a13c4ab5e7ba282da460a3e3d44e9d0eb3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": { "locked": {
"lastModified": 1632855891, "lastModified": 1632855891,
"narHash": "sha256-crW76mt9/kbUBiKy/KiSnsQ9JEYgD3StDuYAMVkTbM0=", "narHash": "sha256-crW76mt9/kbUBiKy/KiSnsQ9JEYgD3StDuYAMVkTbM0=",
@ -747,13 +903,13 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs_8": { "nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1723316219, "lastModified": 1726033636,
"narHash": "sha256-2B9qh8QBvw3kV/8cHc7ZJcrbVsRwP8wKjkwPXTSz76Y=", "narHash": "sha256-U5BSY461QUg9x0fatmPSczjVpszOJTdJWQVmFTxt9LU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bef98989a27429e1cb9e3d9c25701ba2da742af2", "rev": "62f0186c41a3f1398e3e025f7dc0ccc603482d5a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -763,43 +919,6 @@
"type": "github" "type": "github"
} }
}, },
"overviewer": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_6",
"pandoc_template": "pandoc_template"
},
"locked": {
"lastModified": 1701775518,
"narHash": "sha256-qJ+lyo5/FY35bddRd26y/bpKzRd99lvUeX88iY2VctQ=",
"ref": "main",
"rev": "13176fcd5b4689d1b15f1f9d19e946fff45dc3c3",
"revCount": 28,
"type": "git",
"url": "ssh://forgejo@git.ingolf-wagner.de/palo/overviewer.git"
},
"original": {
"ref": "main",
"type": "git",
"url": "ssh://forgejo@git.ingolf-wagner.de/palo/overviewer.git"
}
},
"pandoc_template": {
"flake": false,
"locked": {
"lastModified": 1597233765,
"narHash": "sha256-ixEY21akLEjvSmOaH3z+K73jHqOMtijaOxesw1DKseA=",
"owner": "tajmone",
"repo": "pandoc-goodies",
"rev": "c7963da8590c2815d733ddf194d82d950ba94648",
"type": "github"
},
"original": {
"owner": "tajmone",
"repo": "pandoc-goodies",
"type": "github"
}
},
"permown": { "permown": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -822,8 +941,8 @@
}, },
"polygon-art": { "polygon-art": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_7" "nixpkgs": "nixpkgs_5"
}, },
"locked": { "locked": {
"lastModified": 1688766095, "lastModified": 1688766095,
@ -839,29 +958,64 @@
"url": "https://git.ingolf-wagner.de/palo/polygon-art.git" "url": "https://git.ingolf-wagner.de/palo/polygon-art.git"
} }
}, },
"private_assets": { "pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": [
"nix-topology",
"flake-utils"
],
"gitignore": "gitignore",
"nixpkgs": [
"nix-topology",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": { "locked": {
"lastModified": 1723916901, "lastModified": 1714478972,
"narHash": "sha256-/1i1OTqP8Q7DmNqvwyAmKvxxzYr9qiniNM790lKOl4c=", "narHash": "sha256-q//cgb52vv81uOuwz1LaXElp3XAe1TqrABXODAEF6Sk=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "2849da033884f54822af194400f8dff435ada242",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"private-parts": {
"inputs": {
"flake-parts": "flake-parts_4",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix_3"
},
"locked": {
"lastModified": 1726350656,
"narHash": "sha256-mdjvgRc1kfbQ1Z7Nscf6bOBK7LvIMI7sWGx78uqmuNs=",
"ref": "main", "ref": "main",
"rev": "e7a82f91a7347be4cbc786a22450a78bc11c71ce", "rev": "5f550dbeaca257ab021315bba36cabd29120d20f",
"revCount": 67, "revCount": 78,
"type": "git", "type": "git",
"url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-assets.git" "url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-parts.git"
}, },
"original": { "original": {
"ref": "main", "ref": "main",
"type": "git", "type": "git",
"url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-assets.git" "url": "ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-parts.git"
} }
}, },
"retiolum": { "retiolum": {
"locked": { "locked": {
"lastModified": 1723579214, "lastModified": 1725753611,
"narHash": "sha256-YKzjA2J1io2FR6Y1ZS98jKDLnxWKnJXq4ITto93e5Zg=", "narHash": "sha256-sxA8nkZBT0MfbneBEuIfdDCFVNig9b5Nu3cTM0Bo59k=",
"owner": "Mic92", "owner": "Mic92",
"repo": "retiolum", "repo": "retiolum",
"rev": "be646cb8778ad3dd11a5f9227bc3b8ae4338d46f", "rev": "4a766277e2bedb94df583f3236147f51edf84e65",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -879,21 +1033,22 @@
"home-manager-utils": "home-manager-utils", "home-manager-utils": "home-manager-utils",
"kmonad": "kmonad", "kmonad": "kmonad",
"landingpage": "landingpage", "landingpage": "landingpage",
"nix-topology": "nix-topology",
"nixos-anywhere": "nixos-anywhere", "nixos-anywhere": "nixos-anywhere",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_4",
"nixpkgs-legacy_2211": "nixpkgs-legacy_2211", "nixpkgs-legacy_2211": "nixpkgs-legacy_2211",
"nixpkgs-legacy_2311": "nixpkgs-legacy_2311", "nixpkgs-legacy_2311": "nixpkgs-legacy_2311",
"nixpkgs-legacy_2405": "nixpkgs-legacy_2405", "nixpkgs-legacy_2405": "nixpkgs-legacy_2405",
"nixpkgs-unstable-small": "nixpkgs-unstable-small", "nixpkgs-unstable-small": "nixpkgs-unstable-small",
"overviewer": "overviewer",
"permown": "permown", "permown": "permown",
"polygon-art": "polygon-art", "polygon-art": "polygon-art",
"private_assets": "private_assets", "private-parts": "private-parts",
"retiolum": "retiolum", "retiolum": "retiolum",
"srvos": "srvos", "srvos": "srvos",
"stylix": "stylix", "stylix": "stylix",
"taskshell": "taskshell" "taskshell": "taskshell",
"treefmt-nix": "treefmt-nix_4"
} }
}, },
"sops-nix": { "sops-nix": {
@ -907,11 +1062,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1721531171, "lastModified": 1725765163,
"narHash": "sha256-AsvPw7T0tBLb53xZGcUC3YPqlIpdxoSx56u8vPCr6gU=", "narHash": "sha256-rfd2c47iVSFI6bRYy5l8wRijRBaYDeU7dM8XCDUGqlA=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "909e8cfb60d83321d85c8d17209d733658a21c95", "rev": "b68757cd2c3fa66d6ccaa0d046ce42a9324e0070",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -922,14 +1077,14 @@
}, },
"srvos": { "srvos": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_8" "nixpkgs": "nixpkgs_6"
}, },
"locked": { "locked": {
"lastModified": 1723423676, "lastModified": 1726102228,
"narHash": "sha256-E+DdXV2cFj77vU35cVNoEEE5YueE075HXiJLXwAxJ0k=", "narHash": "sha256-9WRTBxEq2P1lqFGXcVAlXx5Eh95rmvHM6/x13fVcUAY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "srvos", "repo": "srvos",
"rev": "a7cc81cd76c4c07bb7db01b731199ecd4be17305", "rev": "b9fae7b4351851d050333df6cef1b02b01b2ca2d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -947,21 +1102,23 @@
"base16-kitty": "base16-kitty", "base16-kitty": "base16-kitty",
"base16-tmux": "base16-tmux", "base16-tmux": "base16-tmux",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"flake-compat": "flake-compat", "flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_5",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"home-manager": [ "home-manager": [
"home-manager" "home-manager"
], ],
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ],
"systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1722946882, "lastModified": 1726170940,
"narHash": "sha256-mxtnMye8gs82tdQbVC+g6v3aPOZlH150f9WyntHIkTg=", "narHash": "sha256-sobkRkGBaMX9pD0bwU1iVPWi0WtQvZqlHyl1YtvNDio=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "5853f1a8bd072f2ebabfc3de3973084353cf6f1e", "rev": "35233f929629c8eb64e939e35260fc8347f94df9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1000,9 +1157,54 @@
"type": "github" "type": "github"
} }
}, },
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"taskshell": { "taskshell": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_6",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
@ -1029,11 +1231,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1722699361, "lastModified": 1725271838,
"narHash": "sha256-3GDJCoNj7PEwQaOqmNgcwoHM+Xy/fkgqeXC1y7UzV2U=", "narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "07741a9babd0754bf73fb47a6340d6289eabd1d6", "rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1062,6 +1264,47 @@
"repo": "treefmt-nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": [
"private-parts",
"nixpkgs"
]
},
"locked": {
"lastModified": 1724833132,
"narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "3ffd842a5f50f435d3e603312eefa4790db46af5",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_4": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1725271838,
"narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

355
flake.nix
View file

@ -1,80 +1,46 @@
{ {
# "git+file:///<full-path>" for fixing an input
inputs = { inputs = {
flake-parts.url = "github:hercules-ci/flake-parts"; clan-core.inputs.flake-parts.follows = "flake-parts";
clan-core.inputs.nixpkgs.follows = "nixpkgs";
clan-core.url = "git+https://git.clan.lol/clan/clan-core";
clan-fact-generators.inputs.clan-core.follows = "clan-core";
clan-fact-generators.url = "github:mrvandalo/clan-fact-generators";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
flake-parts.url = "github:hercules-ci/flake-parts";
clan-fact-generators = { home-manager-utils.inputs.home-manager.follows = "home-manager";
url = "github:mrvandalo/clan-fact-generators"; home-manager-utils.url = "github:mrvandalo/home-manager-utils";
inputs.clan-core.follows = "clan-core"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
}; home-manager.url = "github:nix-community/home-manager";
kmonad.inputs.nixpkgs.follows = "nixpkgs"; # fixme: kmonad crashes every now and than and the keyboard is not usable anymore.
clan-core = { kmonad.url = "github:kmonad/kmonad?dir=nix"; # todo: mabye use https://github.com/jtroo/kanata instead
url = "git+https://git.clan.lol/clan/clan-core"; landingpage.url = "github:mrVanDalo/landingpage";
#url = "git+file:///home/palo/dev/clan-core"; nixos-anywhere.url = "github:nix-community/nixos-anywhere";
inputs.nixpkgs.follows = "nixpkgs"; # Needed if your configuration uses nixpkgs unstable. nix-topology.inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-parts.follows = "flake-parts"; nix-topology.url = "github:oddlama/nix-topology";
}; nixos-hardware.url = "github:nixos/nixos-hardware";
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-unstable-small.url = "github:nixos/nixpkgs/nixos-unstable-small";
nixpkgs-legacy_2211.url = "github:nixos/nixpkgs/nixos-22.11"; nixpkgs-legacy_2211.url = "github:nixos/nixpkgs/nixos-22.11";
nixpkgs-legacy_2311.url = "github:nixos/nixpkgs/nixos-23.11"; nixpkgs-legacy_2311.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-legacy_2405.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgs-legacy_2405.url = "github:nixos/nixpkgs/nixos-24.05";
nixos-hardware.url = "github:nixos/nixos-hardware"; nixpkgs-unstable-small.url = "github:nixos/nixpkgs/nixos-unstable-small";
nixos-anywhere.url = "github:nix-community/nixos-anywhere"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
permown.inputs.nixpkgs.follows = "nixpkgs";
home-manager = { permown.url = "github:mrVanDalo/module.permown";
#url = "github:nix-community/home-manager/release-23.11"; polygon-art.url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
url = "github:nix-community/home-manager"; private-parts.inputs.nixpkgs.follows = "nixpkgs"; # only private input
#inputs.nixpkgs.follows = "nixpkgs"; private-parts.url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-parts.git?ref=main";
}; #private-parts.url = "git+file:///home/palo/dev/nixos/nixos-private-parts";
retiolum.url = "github:Mic92/retiolum";
polygon-art = {
url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
};
home-manager-utils = {
url = "github:mrvandalo/home-manager-utils";
inputs.home-manager.follows = "home-manager";
};
permown = {
url = "github:mrVanDalo/module.permown";
#url = "git+file:///home/palo/dev/nixos/permown";
inputs.nixpkgs.follows = "nixpkgs";
};
private_assets = {
#url = "git+file:///home/palo/dev/nixos/nixos-private-assets";
url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-assets.git?ref=main";
flake = true;
};
retiolum = {
url = "github:Mic92/retiolum";
#url = "git+file:///home/palo/dev/nixos/retiolum";
};
srvos.url = "github:nix-community/srvos"; srvos.url = "github:nix-community/srvos";
stylix.inputs.home-manager.follows = "home-manager";
landingpage = { stylix.inputs.nixpkgs.follows = "nixpkgs";
#url = "git+file:///home/palo/dev/landingpage"; stylix.url = "github:danth/stylix";
url = "github:mrVanDalo/landingpage"; taskshell.inputs.nixpkgs.follows = "nixpkgs";
}; taskshell.url = "github:mrvandalo/taskshell";
treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";
# todo: mabye use https://github.com/jtroo/kanata instead treefmt-nix.url = "github:numtide/treefmt-nix";
# fixme: kmonad crashes every now and than and the keyboard is not usable anymore.
kmonad = {
url = "github:kmonad/kmonad?dir=nix";
inputs.nixpkgs.follows = "nixpkgs";
};
stylix = {
url = "github:danth/stylix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
# smoke test framwork to trigger tests (enable if I want to use it for real) # smoke test framwork to trigger tests (enable if I want to use it for real)
#smoke = { #smoke = {
@ -82,54 +48,45 @@
# inputs.nixpkgs.follows = "nixpkgs"; # inputs.nixpkgs.follows = "nixpkgs";
#}; #};
# had to override it to remove colors
taskshell = {
url = "github:mrvandalo/taskshell";
inputs.nixpkgs.follows = "nixpkgs";
};
# my own tool
overviewer.url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/overviewer.git?ref=main";
}; };
outputs = outputs =
inputs@{ self inputs@{
, clan-core self,
, clan-fact-generators clan-core,
, flake-parts clan-fact-generators,
, home-manager flake-parts,
, home-manager-utils home-manager,
, kmonad home-manager-utils,
, landingpage kmonad,
, nixos-anywhere landingpage,
, nixos-hardware nixos-anywhere,
, nixpkgs nixos-hardware,
, nixpkgs-legacy_2211 nixpkgs,
, nixpkgs-legacy_2311 nixpkgs-legacy_2211,
, nixpkgs-legacy_2405 nixpkgs-legacy_2311,
, nixpkgs-unstable-small nixpkgs-legacy_2405,
, overviewer nixpkgs-unstable-small,
, permown permown,
, polygon-art polygon-art,
, private_assets private-parts,
, retiolum retiolum,
, srvos srvos,
, stylix stylix,
, taskshell taskshell,
treefmt-nix,
nix-topology,
}: }:
let let
#system = "x86_64-linux";
#pkgs = nixpkgs.legacyPackages.${system};
inherit (nixpkgs) lib; inherit (nixpkgs) lib;
meta = rec { meta = rec {
system = "x86_64-linux"; system = "x86_64-linux";
pkgs = import nixpkgs { pkgs =
inherit system; let
config.allowUnfree = true; allowUnfree = true;
config.permittedInsecurePackages = [ permittedInsecurePackages = [
"electron-24.8.6" # for bitwarden "electron-24.8.6" # for bitwarden
"python-2.7.18.6" "python-2.7.18.6"
"python-2.7.18.7" "python-2.7.18.7"
@ -137,70 +94,99 @@
"electron-27.3.11" # for logseq "electron-27.3.11" # for logseq
"electron-28.3.3" # for logseq "electron-28.3.3" # for logseq
]; ];
in
import nixpkgs {
inherit system;
config = {
inherit allowUnfree permittedInsecurePackages;
};
overlays = [ overlays = [
(_self: _super: { (_self: _super: {
unstable-small = import nixpkgs-unstable-small { unstable-small = import nixpkgs-unstable-small {
inherit system; inherit system;
config.allowUnfree = true; config = {
inherit allowUnfree permittedInsecurePackages;
};
}; };
legacy_2211 = import nixpkgs-legacy_2211 { legacy_2211 = import nixpkgs-legacy_2211 {
inherit system; inherit system;
config.allowUnfree = true; config = {
inherit allowUnfree permittedInsecurePackages;
};
}; };
legacy_2311 = import nixpkgs-legacy_2311 { legacy_2311 = import nixpkgs-legacy_2311 {
inherit system; inherit system;
config.allowUnfree = true; config = {
inherit allowUnfree permittedInsecurePackages;
};
}; };
legacy_2405 = import nixpkgs-legacy_2405 { legacy_2405 = import nixpkgs-legacy_2405 {
inherit system; inherit system;
config.allowUnfree = true; config = {
inherit allowUnfree permittedInsecurePackages;
};
}; };
polygon-art = polygon-art.packages.${system}; polygon-art = polygon-art.packages.${system};
landingpage = landingpage.packages.${system}.plain; landingpage = landingpage.packages.${system}.plain;
kmonad = kmonad.packages.${system}.kmonad; kmonad = kmonad.packages.${system}.kmonad;
tasksh = taskshell.packages.${system}.tasksh; tasksh = taskshell.packages.${system}.tasksh;
overviewer = overviewer.packages.${system}.overviewer; inherit (self.packages.${system})
pkl = self.packages.${system}.pkl; otpmenu
taskwarrior-hooks
nsxiv
bugwarrior
;
}) })
(import ./pkgs)
]; ];
}; };
specialArgs = { specialArgs = {
inherit private_assets inputs; inherit inputs;
assets = ./assets; assets = ./assets;
factsGenerator = clan-fact-generators.lib { inherit pkgs; }; factsGenerator = clan-fact-generators.lib { inherit pkgs; };
clanLib = import ./lib/clanlib.nix { inherit (pkgs) lib; machineDir = ./machines; }; clanLib = import ./lib/clanlib.nix {
zerotierDeviceName = "ztbn67ogn2"; inherit (pkgs) lib;
machineDir = ./machines;
};
# https://git.clan.lol/clan/clan-core/issues/1575 < here is how I could do this generic
zerotierInterface = "ztbn67ogn2";
components = ./components; components = ./components;
features = ./features; features = ./features;
}; };
}; };
clanSetup = clanSetup =
{ name {
, host name,
, modules host,
}: { modules,
}:
{
clan.core.networking.targetHost = lib.mkDefault "root@${host}"; clan.core.networking.targetHost = lib.mkDefault "root@${host}";
nixpkgs.pkgs = meta.pkgs; nixpkgs.pkgs = meta.pkgs;
nixpkgs.hostPlatform = meta.system; nixpkgs.hostPlatform = meta.system;
clan.core.facts.secretStore = "password-store"; clan.core.facts.secretStore = "password-store";
imports = modules ++ defaultModules ++ [ imports =
modules
++ defaultModules
++ [
./machines/${name}/configuration.nix ./machines/${name}/configuration.nix
nix-topology.nixosModules.default
self.nixosModules.verify
]; ];
}; };
zerotierControllerModule = zerotierControllerModule = {
{
clan.core.networking.zerotier.controller = { clan.core.networking.zerotier.controller = {
enable = true; enable = true;
public = false; public = false;
}; };
}; };
zerotierModules = { pkgs, ... }: { zerotierModules =
{ pkgs, ... }:
{
imports = [ imports = [
# this magically adds all my machines in the zero tier network # this magically adds all my machines in the zero tier network
@ -235,7 +221,9 @@
_module.args.inputs = self.inputs; _module.args.inputs = self.inputs;
} }
# ssh keys # ssh keys
({ config, ... }: { (
{ config, ... }:
{
users.users.root.openssh.authorizedKeys.keyFiles = [ users.users.root.openssh.authorizedKeys.keyFiles = [
# master key # master key
./assets/mrvandalo_rsa.pub ./assets/mrvandalo_rsa.pub
@ -243,7 +231,8 @@
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub" "${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub"
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub" "${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub"
]; ];
}) }
)
{ {
# disable emergency mode everywhere, although it might be needed on laptops # disable emergency mode everywhere, although it might be needed on laptops
boot.initrd.systemd.emergencyAccess = false; boot.initrd.systemd.emergencyAccess = false;
@ -254,11 +243,20 @@
systemd.enableEmergencyMode = false; systemd.enableEmergencyMode = false;
} }
# configure nix # configure nix
({ pkgs, lib, clanLib, ... }: (
{
pkgs,
lib,
clanLib,
...
}:
{ {
nix.settings.substituters = [ "http://cache.orbi.wg0" ]; nix.settings.substituters = [ "http://cache.orbi.wg0" ];
nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ]; nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ];
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix.settings.max-jobs = 1; nix.settings.max-jobs = 1;
# no channesl needed this way # no channesl needed this way
nix.nixPath = [ "nixpkgs=${pkgs.path}" ]; nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
@ -273,6 +271,9 @@
./features ./features
#./modules #./modules
inputs.clan-core.nixosModules.clanCore inputs.clan-core.nixosModules.clanCore
{
clan.core.clanDir = ./.; # fixes issues with clanCore https://git.clan.lol/clan/clan-core/issues/1979
}
# inputs.stylix.nixosModules.stylix # fixme: not working # inputs.stylix.nixosModules.stylix # fixme: not working
permown.nixosModules.permown permown.nixosModules.permown
kmonad.nixosModules.default kmonad.nixosModules.default
@ -283,7 +284,8 @@
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10; boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10; boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;
boot.loader.grub.configurationLimit = lib.mkDefault 10; boot.loader.grub.configurationLimit = lib.mkDefault 10;
}) }
)
# My Structure # My Structure
./components ./components
./features ./features
@ -294,19 +296,35 @@
permown.nixosModules.permown permown.nixosModules.permown
kmonad.nixosModules.default kmonad.nixosModules.default
# some default things I always want # some default things I always want
({ pkgs, ... }: { (
{ pkgs, ... }:
{
boot.tmp.useTmpfs = lib.mkDefault true; boot.tmp.useTmpfs = lib.mkDefault true;
environment.systemPackages = [ }
pkgs.nixpkgs-fmt )
];
})
]; ];
stylixModules = { pkgs, config, ... }: { stylixModules =
{
pkgs,
config,
lib,
...
}:
{
imports = [ stylix.nixosModules.stylix ]; imports = [ stylix.nixosModules.stylix ];
stylix.enable = true; stylix.enable = true;
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml"; stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
stylix.image = ./assets/wallpaper.png; stylix.image = ./assets/wallpaper.png;
home-manager.sharedModules = [
{
# no need for hyperland
# https://github.com/danth/stylix/issues/543
stylix.targets.hyprpaper.enable = lib.mkForce false;
stylix.targets.hyprland.enable = lib.mkForce false;
}
];
stylix.fonts = { stylix.fonts = {
serif = { serif = {
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; }; package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
@ -328,12 +346,13 @@
}; };
}; };
homeManagerModules = { pkgs, config, ... }: { homeManagerModules =
{ pkgs, config, ... }:
{
imports = [ imports = [
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
]; ];
home-manager.extraSpecialArgs = { home-manager.extraSpecialArgs = {
inherit private_assets;
assets = ./assets; assets = ./assets;
}; };
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
@ -346,20 +365,23 @@
in in
flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: { flake-parts.lib.mkFlake { inherit inputs; } (
# We define our own systems below. you can still use this to add system specific outputs to your flake. {
# See: https://flake.parts/getting-started self,
self',
pkgs,
...
}:
{
systems = [ "x86_64-linux" ]; systems = [ "x86_64-linux" ];
# import clan-core modules
imports = [ imports = [
clan-core.flakeModules.default clan-core.flakeModules.default
./nix/formatter.nix
./nix/packages
./nix/verify
./nix/topology
]; ];
perSystem = { pkgs, ... }: {
packages.pkl = pkgs.callPackage ./pkgs/pkl { };
};
# Define your clan # Define your clan
clan = { clan = {
# Clan wide settings. # Clan wide settings.
@ -368,33 +390,6 @@
machines = { machines = {
sternchen = clanSetup {
name = "sternchen";
host = "sternchen.bear";
#host = "192.168.178.25";
modules = [
nixos-hardware.nixosModules.lenovo-thinkpad-x220
homeManagerModules
stylixModules
{ home-manager.users.mainUser.gui.enable = true; }
{
home-manager.users.mainUser = import ./homes/tina;
home-manager.users.root = import ./homes/root;
}
# todo : strange overrides, this should be an option kinda an be changed on another level (the homes/<name> folders or something)
({ lib, ... }: {
home-manager.sharedModules = [
{
programs.atuin.enable = lib.mkForce false;
}
];
})
{
clan.core.machineDescription = "LaLaptop";
}
];
};
cream = clanSetup { cream = clanSetup {
name = "cream"; name = "cream";
host = "cream.bear"; host = "cream.bear";
@ -402,8 +397,7 @@
zerotierModules zerotierModules
nixos-hardware.nixosModules.framework-12th-gen-intel nixos-hardware.nixosModules.framework-12th-gen-intel
retiolum.nixosModules.retiolum retiolum.nixosModules.retiolum
private_assets.nixosModules.cream private-parts.nixosModules.cream
private_assets.nixosModules.yubikey
homeManagerModules homeManagerModules
stylixModules stylixModules
{ home-manager.users.mainUser.gui.enable = true; } { home-manager.users.mainUser.gui.enable = true; }
@ -424,8 +418,7 @@
zerotierModules zerotierModules
nixos-hardware.nixosModules.framework-13th-gen-intel nixos-hardware.nixosModules.framework-13th-gen-intel
retiolum.nixosModules.retiolum retiolum.nixosModules.retiolum
private_assets.nixosModules.yubikey private-parts.nixosModules.cherry
private_assets.nixosModules.cherry
homeManagerModules homeManagerModules
stylixModules stylixModules
{ home-manager.users.mainUser.gui.enable = true; } { home-manager.users.mainUser.gui.enable = true; }
@ -448,7 +441,7 @@
homeManagerModules homeManagerModules
stylixModules stylixModules
retiolum.nixosModules.retiolum retiolum.nixosModules.retiolum
private_assets.nixosModules.chungus private-parts.nixosModules.chungus
{ {
home-manager.users.mainUser = import ./homes/palo; home-manager.users.mainUser = import ./homes/palo;
home-manager.users.root = import ./homes/root; home-manager.users.root = import ./homes/root;
@ -524,7 +517,7 @@
}; };
}); }
);
} }

1
homes/common/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./editor.nix ./editor.nix
./network.nix
./oh-my-posh ./oh-my-posh
./packages.nix ./packages.nix
./terminal.nix ./terminal.nix

34
homes/common/network.nix Normal file
View file

@ -0,0 +1,34 @@
{
config,
pkgs,
lib,
...
}:
with lib;
{
config = mkMerge [
{
home.packages = [
# firewall analysis
pkgs.nftables
pkgs.nixos-firewall-tool
# analyser
pkgs.dnsutils
pkgs.tcpdump
pkgs.nmap
pkgs.rustscan
# helper
pkgs.ipcalc
];
}
(mkIf config.gui.enable {
home.packages = [
pkgs.wireshark
];
})
];
}

7
homes/common/oh-my-posh/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: {
pkgs,
config,
lib,
...
}:
with lib; with lib;
{ {
programs.oh-my-posh = { programs.oh-my-posh = {

57
homes/common/oh-my-posh/gmay.json
View file

@ -12,11 +12,20 @@
"template": " {{ if .WSL }}WSL at {{ end }}{{.Icon}} ", "template": " {{ if .WSL }}WSL at {{ end }}{{.Icon}} ",
"type": "os" "type": "os"
}, },
{
"background": "#AF3A03",
"foreground": "#EBDBB2",
"powerline_symbol": "\ue0b0",
"style": "powerline",
"template": " \uf0e7 ",
"type": "root"
},
{ {
"background": "#076678", "background": "#076678",
"foreground": "#EBDBB2", "foreground": "#EBDBB2",
"powerline_symbol": "\ue0b0",
"style": "powerline", "style": "powerline",
"template": " {{ .UserName }}@{{ .HostName }} ", "template": " {{ if .SSHSession }}\ueba9 {{ end }}{{ .UserName }}@{{ .HostName }} ",
"type": "session" "type": "session"
}, },
{ {
@ -42,28 +51,44 @@
"type": "time" "type": "time"
}, },
{ {
"background": "#8F3F71", "type": "project",
"foreground": "#EBDBB2",
"powerline_symbol": "\ue0b0",
"properties": {
"fetch_stash_count": true,
"fetch_upstream_icon": true
},
"style": "powerline", "style": "powerline",
"template": " {{ .UpstreamIcon }}{{ .HEAD }}{{ if gt .StashCount 0 }} \ueb4b {{ .StashCount }}{{ end }} ", "powerline_symbol": "",
"type": "git" "foreground": "#193549",
"background": "#ffeb3b",
"template": " {{ if .Error }}{{ .Error }}{{ else }}{{ if .Version }} {{.Version}}{{ end }} {{ if .Name }}{{ .Name }}{{ end }}{{ end }} "
}, },
{ {
"background": "#9D0006", "type": "git",
"foreground": "#EBDBB2",
"powerline_symbol": "\ue0b0",
"style": "powerline", "style": "powerline",
"template": " \uf0e7 ", "powerline_symbol": "",
"type": "root" "background": "#427b58",
"foreground": "#EBDBB2",
"background_templates": [
"{{ if or (.Working.Changed) (.Staging.Changed) }}#8f3f71{{ end }}",
"{{ if and (gt .Ahead 0) (gt .Behind 0) }}#076678{{ end }}",
"{{ if gt .Ahead 0 }}#076678{{ end }}",
"{{ if gt .Behind 0 }}#076678{{ end }}"
],
"template": "{{ .UpstreamIcon }}{{ .HEAD }}{{if .BranchStatus }} {{ .BranchStatus }}{{ end }}{{ if .Working.Changed }}  {{ .Working.String }}{{ end }}{{ if and (.Working.Changed) (.Staging.Changed) }} |{{ end }}{{ if .Staging.Changed }}  {{ .Staging.String }}{{ end }}{{ if gt .StashCount 0 }}  {{ .StashCount }}{{ end }}",
"properties": {
"fetch_status": true,
"fetch_upstream_icon": true,
"untracked_modes": {
"/Users/user/Projects/oh-my-posh/": "no"
},
"source": "cli",
"mapped_branches": {
"feat/*": "🚀 ",
"bug/*": "🐛 "
}
}
}, },
{ {
"background": "#427B58", "background": "#427B58",
"background_templates": ["{{ if gt .Code 0 }}#9D0006{{ end }}"], "background_templates": [
"{{ if gt .Code 0 }}#9D0006{{ end }}"
],
"foreground": "#EBDBB2", "foreground": "#EBDBB2",
"leading_diamond": "<transparent,background>\ue0b0</>", "leading_diamond": "<transparent,background>\ue0b0</>",
"properties": { "properties": {

8
homes/common/oh-my-posh/gruvbox.json
View file

@ -13,9 +13,13 @@
}, },
{ {
"background": "#fbf1c7", "background": "#fbf1c7",
"background_templates": ["{{ if .Root }}#af3a03{{ end }}"], "background_templates": [
"{{ if .Root }}#af3a03{{ end }}"
],
"foreground": "#282828", "foreground": "#282828",
"foreground_templates": ["{{ if .Root }}#fbf1c7{{ end }}"], "foreground_templates": [
"{{ if .Root }}#fbf1c7{{ end }}"
],
"powerline_symbol": "\ue0b0", "powerline_symbol": "\ue0b0",
"style": "powerline", "style": "powerline",
"template": " {{ if .SSHSession }} {{ end }}{{ .HostName }} ", "template": " {{ if .SSHSession }} {{ end }}{{ .HostName }} ",

13
homes/common/packages.nix
View file

@ -1,14 +1,16 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {
config = mkMerge [ config = mkMerge [
{ {
home.packages = [ home.packages = [
bind.dnsutils
nmap
hexyl hexyl
ipcalc
units units
difftastic difftastic
@ -41,7 +43,6 @@ with lib;
} }
(mkIf config.gui.enable { (mkIf config.gui.enable {
home.packages = [ home.packages = [
libreoffice libreoffice
@ -54,7 +55,7 @@ with lib;
aspellDicts.es aspellDicts.es
evince evince
sxiv nsxiv
gimp gimp
inkscape inkscape

7
homes/common/terminal.nix
View file

@ -1,4 +1,9 @@
{ lib, pkgs, assets, ... }: {
lib,
pkgs,
assets,
...
}:
{ {
programs.zsh = { programs.zsh = {

7
homes/common/zfs.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {

4
homes/palo/default.nix
View file

@ -1,11 +1,11 @@
{ pkgs, ... }: { { pkgs, ... }:
{
imports = [ imports = [
../common ../common
./git.nix ./git.nix
./gpg.nix ./gpg.nix
./gui ./gui
#./hyperland.nix
./i3.nix ./i3.nix
./packages ./packages
./ssh.nix ./ssh.nix

35
homes/palo/doom-emacs.nix
View file

@ -1,35 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
{
config = mkMerge [
{
home.packages = [ pkgs.ripgrep ];
}
(mkIf config.gui.enable {
programs.doom-emacs = {
enable = lib.mkDefault true;
doomPrivateDir = ./doom.d;
extraConfig = ''
;; "monospace" means use the system default. However, the default is usually two
;; points larger than I'd like, so I specify size 12 here.
(setq doom-font
(font-spec :family "Jetbrains Mono" :size ${toString 12} :weight 'light))
;;(setq doom-font
;; (font-spec :family "Terminus" :size ${toString 12} :weight 'light))
'';
#emacsPackagesOverlay = self: super: {
# # fixes https://github.com/vlaci/nix-doom-emacs/issues/394
# gitignore-mode = pkgs.emacsPackages.git-modes;
# gitconfig-mode = pkgs.emacsPackages.git-modes;
#};
};
})
(mkIf (!config.gui.enable) {
programs.doom-emacs = {
enable = lib.mkDefault true;
doomPrivateDir = ./doom.d;
package = pkgs.emacs-nox;
};
})
];
}

4
homes/palo/doom.d/config.el
View file

@ -1,4 +0,0 @@
;; configure theme
(setq doom-theme 'doom-solarized-light)

187
homes/palo/doom.d/init.el
View file

@ -1,187 +0,0 @@
;;; init.el -*- lexical-binding: t; -*-
;; This file controls what Doom modules are enabled and what order they load
;; in. Remember to run 'doom sync' after modifying it!
;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's
;; documentation. There you'll find a "Module Index" link where you'll find
;; a comprehensive list of Doom's modules and what flags they support.
;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or
;; 'C-c c k' for non-vim users) to view its documentation. This works on
;; flags as well (those symbols that start with a plus).
;;
;; Alternatively, press 'gd' (or 'C-c c d') on a module to browse its
;; directory (for easy access to its source code).
(doom! :input
;;chinese
;;japanese
;;layout ; auie,ctsrnm is the superior home row
:completion
company ; the ultimate code completion backend
;;helm ; the *other* search engine for love and life
;;ido ; the other *other* search engine...
ivy ; a search engine for love and life
:ui
;;deft ; notational velocity for Emacs
doom ; what makes DOOM look the way it does
doom-dashboard ; a nifty splash screen for Emacs
doom-quit ; DOOM quit-message prompts when you quit Emacs
;;(emoji +unicode) ; 🙂
hl-todo ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW
;;hydra
;;indent-guides ; highlighted indent columns
;;ligatures ; ligatures and symbols to make your code pretty again
;;minimap ; show a map of the code on the side
modeline ; snazzy, Atom-inspired modeline, plus API
;;nav-flash ; blink cursor line after big motions
;;neotree ; a project drawer, like NERDTree for vim
ophints ; highlight the region an operation acts on
(popup +defaults) ; tame sudden yet inevitable temporary windows
;;tabs ; a tab bar for Emacs
;;treemacs ; a project drawer, like neotree but cooler
;;unicode ; extended unicode support for various languages
vc-gutter ; vcs diff in the fringe
vi-tilde-fringe ; fringe tildes to mark beyond EOB
;;window-select ; visually switch windows
workspaces ; tab emulation, persistence & separate workspaces
;;zen ; distraction-free coding or writing
:editor
(evil +everywhere); come to the dark side, we have cookies
file-templates ; auto-snippets for empty files
fold ; (nigh) universal code folding
;;(format +onsave) ; automated prettiness
;;god ; run Emacs commands without modifier keys
;;lispy ; vim for lisp, for people who don't like vim
;;multiple-cursors ; editing in many places at once
;;objed ; text object editing for the innocent
;;parinfer ; turn lisp into python, sort of
;;rotate-text ; cycle region at point between text candidates
snippets ; my elves. They type so I don't have to
;;word-wrap ; soft wrapping with language-aware indent
:emacs
dired ; making dired pretty [functional]
electric ; smarter, keyword-based electric-indent
;;ibuffer ; interactive buffer management
undo ; persistent, smarter undo for your inevitable mistakes
vc ; version-control and Emacs, sitting in a tree
:term
;;eshell ; the elisp shell that works everywhere
;;shell ; simple shell REPL for Emacs
;;term ; basic terminal emulator for Emacs
;;vterm ; the best terminal emulation in Emacs
:checkers
syntax ; tasing you for every semicolon you forget
;;(spell +flyspell) ; tasing you for misspelling mispelling
;;grammar ; tasing grammar mistake every you make
:tools
;;ansible
;;debugger ; FIXME stepping through code, to help you add bugs
;;direnv
;;docker
;;editorconfig ; let someone else argue about tabs vs spaces
;;ein ; tame Jupyter notebooks with emacs
(eval +overlay) ; run code, run (also, repls)
;;gist ; interacting with github gists
lookup ; navigate your code and its documentation
;;lsp ; M-x vscode
magit ; a git porcelain for Emacs
;;make ; run make tasks from Emacs
;;pass ; password manager for nerds
;;pdf ; pdf enhancements
;;prodigy ; FIXME managing external services & code builders
;;rgb ; creating color strings
;;taskrunner ; taskrunner for all your projects
;;terraform ; infrastructure as code
;;tmux ; an API for interacting with tmux
;;upload ; map local to remote projects via ssh/ftp
:os
(:if IS-MAC macos) ; improve compatibility with macOS
;;tty ; improve the terminal Emacs experience
:lang
;;agda ; types of types of types of types...
;;beancount ; mind the GAAP
;;cc ; C > C++ == 1
;;clojure ; java with a lisp
;;common-lisp ; if you've seen one lisp, you've seen them all
;;coq ; proofs-as-programs
;;crystal ; ruby at the speed of c
;;csharp ; unity, .NET, and mono shenanigans
;;data ; config/data formats
;;(dart +flutter) ; paint ui and not much else
;;elixir ; erlang done right
;;elm ; care for a cup of TEA?
emacs-lisp ; drown in parentheses
;;erlang ; an elegant language for a more civilized age
;;ess ; emacs speaks statistics
;;factor
;;faust ; dsp, but you get to keep your soul
;;fsharp ; ML stands for Microsoft's Language
;;fstar ; (dependent) types and (monadic) effects and Z3
;;gdscript ; the language you waited for
;;(go +lsp) ; the hipster dialect
;;(haskell +dante) ; a language that's lazier than I am
;;hy ; readability of scheme w/ speed of python
;;idris ; a language you can depend on
;;json ; At least it ain't XML
;;(java +meghanada) ; the poster child for carpal tunnel syndrome
;;javascript ; all(hope(abandon(ye(who(enter(here))))))
;;julia ; a better, faster MATLAB
;;kotlin ; a better, slicker Java(Script)
;;latex ; writing papers in Emacs has never been so fun
;;lean ; for folks with too much to prove
;;ledger ; be audit you can be
;;lua ; one-based indices? one-based indices
markdown ; writing docs for people to ignore
;;nim ; python + lisp at the speed of c
nix ; I hereby declare "nix geht mehr!"
;;ocaml ; an objective camel
(org +roam2) ; organize your plain life in plain text
;;php ; perl's insecure younger brother
;;plantuml ; diagrams for confusing people more
;;purescript ; javascript, but functional
;;python ; beautiful is better than ugly
;;qt ; the 'cutest' gui framework ever
;;racket ; a DSL for DSLs
;;raku ; the artist formerly known as perl6
;;rest ; Emacs as a REST client
;;rst ; ReST in peace
;;(ruby +rails) ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"}
;;rust ; Fe2O3.unwrap().unwrap().unwrap().unwrap()
;;scala ; java, but good
;;(scheme +guile) ; a fully conniving family of lisps
sh ; she sells {ba,z,fi}sh shells on the C xor
;;sml
;;solidity ; do you need a blockchain? No.
;;swift ; who asked for emoji variables?
;;terra ; Earth and Moon in alignment for performance.
;;web ; the tubes
;;yaml ; JSON, but readable
;;zig ; C, but simpler
:email
;;(mu4e +gmail)
;;notmuch
;;(wanderlust +gmail)
:app
;;calendar
;;emms
;;everywhere ; *leave* Emacs!? You must be joking
;;irc ; how neckbeards socialize
;;(rss +org) ; emacs as an RSS reader
;;twitter ; twitter client https://twitter.com/vnought
:config
;;literate
(default +bindings +smartparens))

0
homes/palo/doom.d/packages.el
View file

12
homes/palo/git.nix
View file

@ -10,16 +10,24 @@ with pkgs;
key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC"; key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
signByDefault = true; signByDefault = true;
}; };
ignores = [ "*.swp" "*~" ".idea" ".*penis.*" "result" ".envrc" ".direnv" ]; ignores = [
"*.swp"
"*~"
".idea"
".*penis.*"
"result"
".envrc"
".direnv"
];
extraConfig = { extraConfig = {
init.defaultBranch = "main"; init.defaultBranch = "main";
pull.ff = "only"; pull.ff = "only";
push.autoSetupRemote = true;
}; };
#diff-so-fancy.enable = true; #diff-so-fancy.enable = true;
difftastic.enable = true; difftastic.enable = true;
}; };
home.packages = [ home.packages = [
pre-commit pre-commit
gita gita

3
homes/palo/gpg.nix
View file

@ -12,8 +12,7 @@
keyserver = "keyserver.ubuntu.com"; keyserver = "keyserver.ubuntu.com";
personal-digest-preferences = "SHA512"; personal-digest-preferences = "SHA512";
cert-digest-algo = "SHA512"; cert-digest-algo = "SHA512";
default-preference-list = default-preference-list = "SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
"SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
}; };
}; };

7
homes/palo/gui/alacritty.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
with lib; with lib;
{ {

8
homes/palo/gui/kitty.nix
View file

@ -1,4 +1,9 @@
{ lib, pkgs, config, ... }: {
lib,
pkgs,
config,
...
}:
with lib; with lib;
{ {
@ -31,6 +36,5 @@ with lib;
}; };
}; };
}; };
} }

161
homes/palo/hyperland.nix
View file

@ -1,161 +0,0 @@
{ pkgs, ... }:
{
home.file.".config/hypr/hyperland.conf".text = ''
autogenerated = 1 # remove this line to remove the warning
# See https://wiki.hyprland.org/Configuring/Monitors/
monitor=,preferred,auto,auto
# Some default env vars.
env = XCURSOR_SIZE,24
# For all categories, see https://wiki.hyprland.org/Configuring/Variables/
input {
kb_layout = us
kb_variant =
kb_model =
kb_options =
kb_rules =
follow_mouse = 1
touchpad {
natural_scroll = no
}
sensitivity = 0 # -1.0 - 1.0, 0 means no modification.
}
general {
# See https://wiki.hyprland.org/Configuring/Variables/ for more
gaps_in = 5
gaps_out = 20
border_size = 2
col.active_border = rgba(33ccffee) rgba(00ff99ee) 45deg
col.inactive_border = rgba(595959aa)
layout = dwindle
# Please see https://wiki.hyprland.org/Configuring/Tearing/ before you turn this on
allow_tearing = false
}
decoration {
# See https://wiki.hyprland.org/Configuring/Variables/ for more
rounding = 10
blur {
enabled = true
size = 3
passes = 1
}
drop_shadow = yes
shadow_range = 4
shadow_render_power = 3
col.shadow = rgba(1a1a1aee)
}
animations {
enabled = yes
# Some default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more
bezier = myBezier, 0.05, 0.9, 0.1, 1.05
animation = windows, 1, 7, myBezier
animation = windowsOut, 1, 7, default, popin 80%
animation = border, 1, 10, default
animation = borderangle, 1, 8, default
animation = fade, 1, 7, default
animation = workspaces, 1, 6, default
}
dwindle {
# See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more
pseudotile = yes # master switch for pseudotiling. Enabling is bound to mainMod + P in the keybinds section below
preserve_split = yes # you probably want this
}
master {
# See https://wiki.hyprland.org/Configuring/Master-Layout/ for more
new_is_master = true
}
gestures {
# See https://wiki.hyprland.org/Configuring/Variables/ for more
workspace_swipe = off
}
misc {
# See https://wiki.hyprland.org/Configuring/Variables/ for more
force_default_wallpaper = -1 # Set to 0 to disable the anime mascot wallpapers
}
# Example per-device config
# See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
device:epic-mouse-v1 {
sensitivity = -0.5
}
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
$mainMod = SUPER
# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
bind = $mainMod, enter, exec, alacritty
bind = $mainMod, C, killactive,
bind = $mainMod, Q, exit,
bind = $mainMod, E, exec, dolphin
bind = $mainMod, V, togglefloating,
bind = $mainMod, R, exec, wofi --show drun
bind = $mainMod, P, pseudo, # dwindle
bind = $mainMod, J, togglesplit, # dwindle
# Move focus with mainMod + arrow keys
bind = $mainMod, left, movefocus, l
bind = $mainMod, right, movefocus, r
bind = $mainMod, up, movefocus, u
bind = $mainMod, down, movefocus, d
# Switch workspaces with mainMod + [0-9]
bind = $mainMod, 1, workspace, 1
bind = $mainMod, 2, workspace, 2
bind = $mainMod, 3, workspace, 3
bind = $mainMod, 4, workspace, 4
bind = $mainMod, 5, workspace, 5
bind = $mainMod, 6, workspace, 6
bind = $mainMod, 7, workspace, 7
bind = $mainMod, 8, workspace, 8
bind = $mainMod, 9, workspace, 9
bind = $mainMod, 0, workspace, 10
# Move active window to a workspace with mainMod + SHIFT + [0-9]
bind = $mainMod SHIFT, 1, movetoworkspace, 1
bind = $mainMod SHIFT, 2, movetoworkspace, 2
bind = $mainMod SHIFT, 3, movetoworkspace, 3
bind = $mainMod SHIFT, 4, movetoworkspace, 4
bind = $mainMod SHIFT, 5, movetoworkspace, 5
bind = $mainMod SHIFT, 6, movetoworkspace, 6
bind = $mainMod SHIFT, 7, movetoworkspace, 7
bind = $mainMod SHIFT, 8, movetoworkspace, 8
bind = $mainMod SHIFT, 9, movetoworkspace, 9
bind = $mainMod SHIFT, 0, movetoworkspace, 10
# Example special workspace (scratchpad)
bind = $mainMod, S, togglespecialworkspace, magic
bind = $mainMod SHIFT, S, movetoworkspace, special:magic
# Scroll through existing workspaces with mainMod + scroll
bind = $mainMod, mouse_down, workspace, e+1
bind = $mainMod, mouse_up, workspace, e-1
# Move/resize windows with mainMod + LMB/RMB and dragging
bindm = $mainMod, mouse:272, movewindow
bindm = $mainMod, mouse:273, resizewindow
'';
}

57
homes/palo/i3.nix
View file

@ -1,8 +1,20 @@
{ config, lib, pkgs, osConfig, ... }: {
config,
lib,
pkgs,
osConfig,
...
}:
with lib; with lib;
let let
rofi = pkgs.rofi.override { plugins = [ pkgs.rofi-emoji pkgs.rofi-calc pkgs.xdotool ]; }; rofi = pkgs.rofi.override {
plugins = [
pkgs.rofi-emoji
pkgs.rofi-calc
pkgs.xdotool
];
};
backgroundCommand = pkgs.writers.writeDash "background" '' backgroundCommand = pkgs.writers.writeDash "background" ''
${pkgs.xorg.xrandr}/bin/xrandr | grep " connected" | grep "primary" | \ ${pkgs.xorg.xrandr}/bin/xrandr | grep " connected" | grep "primary" | \
@ -43,6 +55,7 @@ in
pkgs.autorandr pkgs.autorandr
pkgs.polygon-art.polygon-art pkgs.polygon-art.polygon-art
pkgs.xdotool # needed for rofi-emoji pkgs.xdotool # needed for rofi-emoji
pkgs.xclicker # makes stuff much easier
]; ];
programs.i3status-rust = { programs.i3status-rust = {
@ -140,21 +153,25 @@ in
focus = { focus = {
followMouse = true; followMouse = true;
}; };
colors.focused = colors.focused = with config.lib.stylix.colors.withHashtag; {
with config.lib.stylix.colors.withHashtag;
{
# stylix color overrides # stylix color overrides
border = lib.mkForce base08; border = lib.mkForce base08;
background = lib.mkForce base0A; background = lib.mkForce base0A;
text = lib.mkForce base00; text = lib.mkForce base00;
}; };
startup = startup = [
[ #{ command = "${pkgs.jellyfin-mpv-shim}/bin/jellyfin-mpv-shim"; always = true; }
#{ command = "${pkgs.jellyfin-mpv-shim}/bin/jellyfin-mpv-shim"; always = false; }
{ command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator"; always = true; }
{ command = toString backgroundCommand; always = true; }
{ {
command = toString (pkgs.writers.writeDash "xsettings" '' command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator";
always = true;
}
{
command = toString backgroundCommand;
always = true;
}
{
command = toString (
pkgs.writers.writeDash "xsettings" ''
# to allow sudo commands to access X # to allow sudo commands to access X
${pkgs.xorg.xhost}/bin/xhost + ${pkgs.xorg.xhost}/bin/xhost +
# no shitty pcspkr crap # no shitty pcspkr crap
@ -162,13 +179,15 @@ in
# no sleeping monitor # no sleeping monitor
${pkgs.xorg.xset}/bin/xset -dpms ${pkgs.xorg.xset}/bin/xset -dpms
${pkgs.xorg.xset}/bin/xset s off ${pkgs.xorg.xset}/bin/xset s off
''); ''
);
always = true; always = true;
} }
]; ];
bars = [ bars = [
(config.lib.stylix.i3.bar // (
{ config.lib.stylix.i3.bar
// {
#mode = "hide"; #mode = "hide";
hiddenState = "hide"; hiddenState = "hide";
position = "top"; position = "top";
@ -188,6 +207,16 @@ in
in in
{ {
"Print" = "exec ${pkgs.flameshot}/bin/flameshot gui -c -p /share/"; "Print" = "exec ${pkgs.flameshot}/bin/flameshot gui -c -p /share/";
# --- Brightness controls --- #
"XF86MonBrightnessUp" = "exec --no-startup-id ${pkgs.brightnessctl}/bin/brightnessctl set +5%";
"XF86MonBrightnessDown" = "exec --no-startup-id ${pkgs.brightnessctl}/bin/brightnessctl set 5%-";
# --- Pulse/Pipewire Audio controls --- #
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"${modifier}+Return" = "exec ${cfg.config.terminal}"; "${modifier}+Return" = "exec ${cfg.config.terminal}";
"${modifier}+Shift+q" = "exit"; "${modifier}+Shift+q" = "exit";
"${modifier}+q" = "kill"; "${modifier}+q" = "kill";

43
homes/palo/packages/development.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {
@ -29,15 +34,18 @@ with lib;
jetbrains.pycharm-professional jetbrains.pycharm-professional
# planing # planing
((ganttproject-bin.override { (
(ganttproject-bin.override {
jre = pkgs.openjdk11; jre = pkgs.openjdk11;
}).overrideAttrs (old: { }).overrideAttrs
(old: {
version = "3.1.3100"; version = "3.1.3100";
src = pkgs.fetchzip { src = pkgs.fetchzip {
url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip"; url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip";
sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4="; sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4=";
}; };
})) })
)
# Pkl # Pkl
# --- # ---
@ -101,7 +109,8 @@ with lib;
{ {
home.packages = home.packages =
let let
pandocScript = { inputFormat, outputFormat }: pandocScript =
{ inputFormat, outputFormat }:
pkgs.writers.writeDashBin "pandoc-from-${inputFormat}-to-${outputFormat}" '' pkgs.writers.writeDashBin "pandoc-from-${inputFormat}-to-${outputFormat}" ''
${pkgs.pandoc}/bin/pandoc \ ${pkgs.pandoc}/bin/pandoc \
--from ${inputFormat} \ --from ${inputFormat} \
@ -135,10 +144,26 @@ with lib;
${pkgs.less}/bin/less ${pkgs.less}/bin/less
'') '')
] ++ (map pandocScript (lib.cartesianProduct { ]
inputFormat = [ "man" "markdown" "mediawiki" "asciidoc" ]; ++ (map pandocScript (
outputFormat = [ "mediawiki" "docbook5" "html5" "man" "jira" "markdown" "asciidoc" ]; lib.cartesianProduct {
})); inputFormat = [
"man"
"markdown"
"mediawiki"
"asciidoc"
];
outputFormat = [
"mediawiki"
"docbook5"
"html5"
"man"
"jira"
"markdown"
"asciidoc"
];
}
));
} }
]; ];

11
homes/palo/packages/graphics.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {
@ -11,7 +16,6 @@ with lib;
gimp gimp
inkscape inkscape
imagemagick imagemagick
nsxiv
blender blender
lightburn lightburn
colorpicker colorpicker
@ -23,6 +27,9 @@ with lib;
qrencode qrencode
xclicker
xdotool
]; ];
}; };

7
homes/palo/packages/logseq.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {

28
homes/palo/packages/media.nix
View file

@ -1,5 +1,9 @@
{ pkgs, lib, config, ... }: {
with pkgs; pkgs,
lib,
config,
...
}:
with lib; with lib;
{ {
@ -7,25 +11,21 @@ with lib;
(mkIf config.gui.enable { (mkIf config.gui.enable {
home.packages = [ home.packages = [
freetube pkgs.freetube
vlc pkgs.vlc
# music editors # music editors
# ============= # =============
picard # musicbrainz editor pkgs.picard # musicbrainz editor
#kid3-qt # id3 tag editor pkgs.easytag
easytag pkgs.dconf
dconf
pkgs.jellyfin-mpv-shim
]; ];
}) })
{ {
home.packages = [ home.packages = [ ];
# music editors
# =============
kid3-cli
];
} }
]; ];
} }

15
homes/palo/packages/nextcloud.nix
View file

@ -1,10 +1,16 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with pkgs; with pkgs;
with lib; with lib;
let let
nextcloud-client = pkgs.legacy_2311.nextcloud-client; nextcloud-client = pkgs.legacy_2311.nextcloud-client;
nextcloudSync = folder: nextcloudSync =
folder:
let let
password = "$( ${pkgs.pass}/bin/pass show home/nextcloud/palo/nextcloudcmd-token )"; password = "$( ${pkgs.pass}/bin/pass show home/nextcloud/palo/nextcloudcmd-token )";
user = "palo"; user = "palo";
@ -16,8 +22,7 @@ let
"https://${user}:${password}@nextcloud.ingolf-wagner.de" "https://${user}:${password}@nextcloud.ingolf-wagner.de"
''; '';
borrow = pkgs.writers.writeDashBin "borrow" borrow = pkgs.writers.writeDashBin "borrow" ''
''
${getExe hledger-ui} \ ${getExe hledger-ui} \
--all \ --all \
--theme=terminal \ --theme=terminal \
@ -27,7 +32,7 @@ let
--affirmative="update" \ --affirmative="update" \
--negative="skip" \ --negative="skip" \
--default=false \ --default=false \
"Syncronize with Nextcloud?" && ${getExe(nextcloudSync "Unterlagen")} "Syncronize with Nextcloud?" && ${getExe (nextcloudSync "Unterlagen")}
''; '';
in in
{ {

8
homes/palo/packages/packages.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {
@ -8,7 +13,6 @@ with lib;
# ¯\_(ツ)_/¯ # ¯\_(ツ)_/¯
home.packages = [ home.packages = [
nixos-shell nixos-shell
# bluetooth gui # bluetooth gui

7
homes/palo/packages/social.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {

7
homes/palo/ssh.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
{ {
home.packages = [ pkgs.sshuttle ]; home.packages = [ pkgs.sshuttle ];

116
homes/palo/taskwarrior.nix
View file

@ -1,21 +1,40 @@
{ config, pkgs, lib, ... }: {
config,
pkgs,
lib,
...
}:
with lib; with lib;
with types; with types;
let let
mkMagicMergeOption = { description ? "", example ? { }, default ? { }, apply ? id, ... }: mkMagicMergeOption =
{
description ? "",
example ? { },
default ? { },
apply ? id,
...
}:
mkOption { mkOption {
inherit example description default apply; inherit
type = with lib.types; example
description
default
apply
;
type =
with lib.types;
let let
valueType = nullOr valueType =
(oneOf [ nullOr (oneOf [
bool bool
int int
float float
str str
(attrsOf valueType) (attrsOf valueType)
(listOf valueType) (listOf valueType)
]) // { ])
// {
description = "bool, int, float or str"; description = "bool, int, float or str";
emptyValue.value = { }; emptyValue.value = { };
}; };
@ -23,71 +42,84 @@ let
valueType; valueType;
}; };
#taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
taskwarrior-tui = pkgs.taskwarrior-tui;
taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui; taskwarrior = pkgs.taskwarrior3;
in in
{ {
# bugwarrior (a bit fiddly) # bugwarrior (a bit fiddly)
imports = [{ imports = [
{
options.bugwarrior.config = mkMagicMergeOption { options.bugwarrior.config = mkMagicMergeOption {
type = attrs; type = attrs;
default = { }; default = { };
}; };
config = { config = mkIf config.gui.enable {
home.file.".config/bugwarrior/bugwarrior.toml".source = (pkgs.formats.toml { }).generate "bugwarriorrc.toml" config.bugwarrior.config; home.file.".config/bugwarrior/bugwarrior.toml".source =
# todo : before deleting this, put it in logseq (pkgs.formats.toml { }).generate "bugwarriorrc.toml"
(
{
general.taskrc = pkgs.writeText "taskrc" "data.location=$HOME/.bugwarrior";
}
// config.bugwarrior.config
);
home.packages = [ home.packages = [
(pkgs.legacy_2311.python3Packages.bugwarrior.overrideAttrs (old: { pkgs.bugwarrior
version = "develop"; #export TASKRC=$HOME/.bugwarrior/${pkgs.writeText "bugwarrior.taskrc" "data.location=$HOME/.bugwarrior"}
src = pkgs.fetchFromGitHub { (pkgs.writers.writeBashBin "bugwarrior-sync" ''
owner = "ralphbean"; set -eo pipefail
repo = "bugwarrior";
rev = "6554e70c199cc766a2b5e4e4fe22e4e46d64bba1"; mkdir -p $HOME/.bugwarrior
sha256 = "sha256-cKhL8FBH7wxCxXrybVRLfCHQTCxursFqtBDl3e1UUXs="; touch $HOME/.bugwarrior/taskrc
};
propagatedBuildInputs = old.propagatedBuildInputs ++ [ export TASKRC=$HOME/.bugwarrior/taskrc
pkgs.legacy_2311.python3Packages.pydantic export TASKDATA=$HOME/.bugwarrior
pkgs.legacy_2311.python3Packages.tomli echo "bugwarrior pull" | ${pkgs.boxes}/bin/boxes -d ansi
pkgs.legacy_2311.python3Packages.email-validator ${pkgs.bugwarrior}/bin/bugwarrior pull "$@"
pkgs.legacy_2311.python3Packages.packaging echo "task export" | ${pkgs.boxes}/bin/boxes -d ansi
]; ${pkgs.taskwarrior}/bin/task export > $HOME/.bugwarrior/bugwarrior.json
}))
unset TASKRC
unset TASKDATA
echo "task import" | ${pkgs.boxes}/bin/boxes -d ansi
${taskwarrior}/bin/task import rc.hooks=0 $HOME/.bugwarrior/bugwarrior.json
'')
]; ];
}; };
}]; }
];
config = mkIf config.gui.enable { config = mkIf config.gui.enable {
home.packages = with pkgs; home.packages = [
[
pkgs.timewarrior
taskwarrior taskwarrior
pkgs.tasksh
pkgs.taskwarrior-hooks
(pkgs.writeShellScriptBin "tsak" ''${taskwarrior}/bin/task "$@"'')
pkgs.vit
taskwarrior-tui taskwarrior-tui
timewarrior
tasksh
taskwarrior-hooks
(pkgs.writeShellScriptBin "tsak" ''${pkgs.taskwarrior}/bin/task "$@"'')
vit
(pkgs.writers.writeBashBin "active" "${taskwarrior-tui}/bin/taskwarrior-tui -r active") (pkgs.writers.writeBashBin "active" "${taskwarrior-tui}/bin/taskwarrior-tui -r active")
(pkgs.writers.writeBashBin "todo" "${taskwarrior-tui}/bin/taskwarrior-tui -r todo") (pkgs.writers.writeBashBin "todo" "${taskwarrior-tui}/bin/taskwarrior-tui -r todo")
(pkgs.writers.writeBashBin "calendar" '' (pkgs.writers.writeBashBin "calendar" ''
${pkgs.taskwarrior}/bin/task calendar ${taskwarrior}/bin/task calendar
${pkgs.taskwarrior}/bin/task calendar_report ${taskwarrior}/bin/task calendar_report
'') '')
# todo : belongs to calendar.nix # todo : belongs to calendar.nix
vdirsyncer pkgs.vdirsyncer
khal pkgs.khal
(pkgs.writers.writeBashBin "kalendar" '' (pkgs.writers.writeBashBin "kalendar" ''
${pkgs.vdirsyncer}/bin/vdirsyncer sync ${pkgs.vdirsyncer}/bin/vdirsyncer sync
${pkgs.khal}/bin/ikhal ${pkgs.khal}/bin/ikhal

1
homes/root/default.nix
View file

@ -2,6 +2,7 @@
imports = [ imports = [
../common ../common
]; ];
gui.enable = false; gui.enable = false;
home.stateVersion = "22.11"; home.stateVersion = "22.11";

15
homes/tina/logseq.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {
@ -6,10 +11,14 @@ with lib;
home.packages = [ home.packages = [
logseq logseq
]; ];
home.file.".config/Logseq/Preferences".source = (pkgs.formats.json { }).generate "LogseqPreferences.json" home.file.".config/Logseq/Preferences".source =
(pkgs.formats.json { }).generate "LogseqPreferences.json"
{ {
spellcheck = { spellcheck = {
dictionaries = [ "en-US" "de-DE" ]; dictionaries = [
"en-US"
"de-DE"
];
dictionary = ""; dictionary = "";
}; };
}; };

10
homes/tina/packages.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
with pkgs; with pkgs;
with lib; with lib;
{ {
@ -25,10 +30,7 @@ with lib;
pdfarranger pdfarranger
calibre calibre
]; ];
}; };
} }

30
images/lib/remote-access.nix
View file

@ -1,11 +1,16 @@
{ {
# cat ~/.ssh/id_rsa.pub # cat ~/.ssh/id_rsa.pub
publicSshKey ? "" publicSshKey ? "",
, # remote-install-get-hiddenReceiver # remote-install-get-hiddenReceiver
hiddenReceiver ? "" hiddenReceiver ? "",
,
}: }:
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
imports = [ imports = [
{ {
@ -13,7 +18,9 @@
networking.hostName = "liveos"; networking.hostName = "liveos";
users.extraUsers = { users.extraUsers = {
root = { openssh.authorizedKeys.keys = [ publicSshKey ]; }; root = {
openssh.authorizedKeys.keys = [ publicSshKey ];
};
}; };
} }
{ {
@ -104,15 +111,20 @@
client.enable = true; client.enable = true;
relay.onionServices.hidden-ssh = { relay.onionServices.hidden-ssh = {
version = 3; version = 3;
map = [{ map = [
{
port = 22; port = 22;
target.port = 22; target.port = 22;
}]; }
];
}; };
}; };
systemd.services.hidden-ssh-announce = { systemd.services.hidden-ssh-announce = {
description = "irc announce hidden ssh"; description = "irc announce hidden ssh";
after = [ "tor.service" "network-online.target" ]; after = [
"tor.service"
"network-online.target"
];
wants = [ "tor.service" ]; wants = [ "tor.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {

15
images/machine-init-configuration.nix
View file

@ -1,9 +1,13 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
{ {
imports = imports = [
[
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
@ -42,7 +46,9 @@
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ]; users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de"
];
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
@ -52,5 +58,4 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment? system.stateVersion = "22.11"; # Did you read the comment?
} }

3
images/remote-install/README.md
View file

@ -7,7 +7,8 @@
- import `./remote-service.nix` in your `/etc/nixos/configuration.nix` - import `./remote-service.nix` in your `/etc/nixos/configuration.nix`
- `nixos-rebuild switch` - `nixos-rebuild switch`
- run `remote-install-get-hiddenReceiver` and enter the result in `./config.nix` as `hiddenReceiver` - run `remote-install-get-hiddenReceiver` and enter the result in `./config.nix`
as `hiddenReceiver`
- set the public key in `./config.nix` - set the public key in `./config.nix`
- run `nixos-generate -f install-iso -c ./config.nix` - run `nixos-generate -f install-iso -c ./config.nix`
- prepare the usb stick : `sudo if=<path of the iso> of=/dev/<device> bs=4096` - prepare the usb stick : `sudo if=<path of the iso> of=/dev/<device> bs=4096`

3
images/remote-install/config.nix
View file

@ -4,8 +4,7 @@ let
remote-access = import ../lib/remote-access.nix { remote-access = import ../lib/remote-access.nix {
# cat ~/.ssh/id_rsa.pub # cat ~/.ssh/id_rsa.pub
publicSshKey = publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
# remote-install-get-hiddenReceiver # remote-install-get-hiddenReceiver
hiddenReceiver = ""; hiddenReceiver = "";

2
images/remote-install/remote-install.nix
View file

@ -3,7 +3,7 @@
services.tor = { services.tor = {
enable = true; enable = true;
client.enable = true; client.enable = true;
relay.onionServices.liveos.map = [{ port = 1337; }]; relay.onionServices.liveos.map = [ { port = 1337; } ];
}; };
environment.systemPackages = [ environment.systemPackages = [

18
images/translate-setup/audio.nix
View file

@ -1,10 +1,22 @@
{ pkgs, lib, config, ... }: { {
users.users.mainUser.extraGroups = [ "audio" "pipewire" ]; pkgs,
lib,
config,
...
}:
{
users.users.mainUser.extraGroups = [
"audio"
"pipewire"
];
hardware.pulseaudio = { hardware.pulseaudio = {
enable = true; enable = true;
package = pkgs.pulseaudioFull; package = pkgs.pulseaudioFull;
}; };
environment.systemPackages = with pkgs; [ alsaUtils pavucontrol ]; environment.systemPackages = with pkgs; [
alsaUtils
pavucontrol
];
} }

13
images/translate-setup/config.nix
View file

@ -1,6 +1,15 @@
{ pkgs, lib, config, ... }: { {
pkgs,
lib,
config,
...
}:
{
imports = [ ./x11.nix ./audio.nix ]; imports = [
./x11.nix
./audio.nix
];
#networking.networkmanager.enable = true; #networking.networkmanager.enable = true;
#networking.wireless.enable = false; #networking.wireless.enable = false;

15
images/translate-setup/x11.nix
View file

@ -1,4 +1,10 @@
{ pkgs, config, lib, ... }: { {
pkgs,
config,
lib,
...
}:
{
services.xserver = { services.xserver = {
enable = true; enable = true;
@ -44,6 +50,11 @@
# Packages # Packages
# -------- # --------
environment.systemPackages = with pkgs; [ flameshot pavucontrol mumble vlc ]; environment.systemPackages = with pkgs; [
flameshot
pavucontrol
mumble
vlc
];
} }

17
images/usb-init-configuration.nix
View file

@ -1,17 +1,19 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
{ {
imports = [
imports =
[
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
networking.hostName = "nixos"; networking.hostName = "nixos";
# grub configuraton # grub configuraton
# ----------------- # -----------------
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
@ -41,7 +43,9 @@
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ]; users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de"
];
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
@ -51,5 +55,4 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment? system.stateVersion = "22.11"; # Did you read the comment?
} }

3
images/windows-rescue/README.md
View file

@ -10,4 +10,5 @@
- edit SAM database `chntpw -i SAM` - edit SAM database `chntpw -i SAM`
- reboot - reboot
more details [here](https://opensource.com/article/18/3/how-reset-windows-password-linux). more details
[here](https://opensource.com/article/18/3/how-reset-windows-password-linux).

Some files were not shown because too many files have changed in this diff Show more