aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Reformat everything
All checks were successful
/ test (push) Successful in 32s
Details

Browse source
This commit is contained in:
Andrea Ciceri 2024-09-20 11:37:17 +02:00
parent 5f644d0ccd
commit a394b9cefd
Signed by: aciceri
SSH key fingerprint: SHA256:/AagBweyV4Hlfg9u092n8hbHwD5fcB6A3qhDiDA65Rg
167 changed files with 2795 additions and 2122 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
checks/default.nix
View file

@ -11,18 +11,20 @@
]; ];
perSystem = perSystem =
{ pkgs, ... }: { ... }:
{ {
treefmt.config = { treefmt.config = {
projectRootFile = ".git/config"; projectRootFile = ".git/config";
programs.nixfmt-rfc-style.enable = true; programs = {
nixfmt-rfc-style.enable = true;
deadnix.enable = true;
};
}; };
pre-commit.settings.hooks = { pre-commit.settings.hooks = {
nixfmt-rfc-style.enable = true; nixfmt-rfc-style.enable = true;
deadnix.enable = true;
}; };
formatter = pkgs.nixfmt-rfc-style;
}; };
flake.checks = flake.checks =
@ -30,7 +32,9 @@
build = _: nc: nc.config.system.build.toplevel; build = _: nc: nc.config.system.build.toplevel;
in in
{ {
x86_64-linux = lib.mapAttrs build { inherit (self.nixosConfigurations) picard; }; x86_64-linux = lib.mapAttrs build {
inherit (self.nixosConfigurations) picard;
};
aarch64-linux = lib.mapAttrs build { aarch64-linux = lib.mapAttrs build {
inherit (self.nixosConfigurations) sisko; # pbp; inherit (self.nixosConfigurations) sisko; # pbp;
}; };

11
flake.nix
View file

@ -1,6 +1,5 @@
{ {
description = description = "A complete, declarative, and reproducible configuration of my entire Nix fleet";
"A complete, declarative, and reproducible configuration of my entire Nix fleet";
inputs = { inputs = {
flakeParts.url = "github:hercules-ci/flake-parts"; flakeParts.url = "github:hercules-ci/flake-parts";
@ -58,7 +57,8 @@
vscode-server.url = "github:nix-community/nixos-vscode-server"; vscode-server.url = "github:nix-community/nixos-vscode-server";
}; };
outputs = inputs@{ flakeParts, ... }: outputs =
inputs@{ flakeParts, ... }:
flakeParts.lib.mkFlake { inherit inputs; } { flakeParts.lib.mkFlake { inherit inputs; } {
imports = [ imports = [
# TODO export modules as flake outputs # TODO export modules as flake outputs
@ -69,6 +69,9 @@
./shell ./shell
./checks ./checks
]; ];
systems = [ "x86_64-linux" "aarch64-linux" ]; systems = [
"x86_64-linux"
"aarch64-linux"
];
}; };
} }

2
hmModules/aerc/default.nix
View file

@ -1,5 +1,5 @@
{ {
imports = [../email]; imports = [ ../email ];
config = { config = {
accounts.email.accounts = { accounts.email.accounts = {
autistici.aerc = { autistici.aerc = {

5
hmModules/binance/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.binance]; {
home.packages = [ pkgs.binance ];
} }

21
hmModules/btop/default.nix
View file

@ -1,18 +1,21 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.btop = { programs.btop = {
enable = true; enable = true;
settings = { settings = {
update_ms = 100; update_ms = 100;
theme_background = false; theme_background = false;
# color_theme = "${config.programs.btop.package}/share/btop/themes/dracula.theme"; # color_theme = "${config.programs.btop.package}/share/btop/themes/dracula.theme";
color_theme = let color_theme =
catppuccin-theme = pkgs.fetchFromGitHub { let
owner = "catppuccin"; catppuccin-theme = pkgs.fetchFromGitHub {
repo = "btop"; owner = "catppuccin";
rev = "21b8d5956a8b07fa52519e3267fb3a2d2e693d17"; repo = "btop";
hash = "sha256-UXeTypc15MhjgGUiCrDUZ40m32yH2o1N+rcrEgY6sME="; rev = "21b8d5956a8b07fa52519e3267fb3a2d2e693d17";
}; hash = "sha256-UXeTypc15MhjgGUiCrDUZ40m32yH2o1N+rcrEgY6sME=";
in "${catppuccin-theme}/themes/catppuccin_mocha.theme"; };
in
"${catppuccin-theme}/themes/catppuccin_mocha.theme";
}; };
}; };
} }

5
hmModules/calibre/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.calibre]; {
home.packages = [ pkgs.calibre ];
} }

3
hmModules/chrome/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.chromium = { programs.chromium = {
enable = true; enable = true;
package = pkgs.google-chrome; package = pkgs.google-chrome;

25
hmModules/cura/default.nix
View file

@ -1,15 +1,17 @@
{pkgs, ...}: { { pkgs, ... }:
{
home.packages = [ home.packages = [
(let (
cura5 = pkgs.appimageTools.wrapType2 rec { let
name = "cura5"; cura5 = pkgs.appimageTools.wrapType2 rec {
version = "5.8.0"; name = "cura5";
src = pkgs.fetchurl { version = "5.8.0";
url = "https://github.com/Ultimaker/Cura/releases/download/${version}/UltiMaker-Cura-${version}-linux-X64.AppImage"; src = pkgs.fetchurl {
hash = "sha256-EojVAe+o43W80ES5BY3QgGRTxztwS+B6kIOfJOtULOg="; url = "https://github.com/Ultimaker/Cura/releases/download/${version}/UltiMaker-Cura-${version}-linux-X64.AppImage";
hash = "sha256-EojVAe+o43W80ES5BY3QgGRTxztwS+B6kIOfJOtULOg=";
};
}; };
}; in
in
pkgs.writeScriptBin "cura" '' pkgs.writeScriptBin "cura" ''
#! ${pkgs.bash}/bin/bash #! ${pkgs.bash}/bin/bash
# AppImage version of Cura loses current working directory and treats all paths relateive to $HOME. # AppImage version of Cura loses current working directory and treats all paths relateive to $HOME.
@ -23,6 +25,7 @@
args+=("$a") args+=("$a")
done done
QT_QPA_PLATFORM=xcb exec "${cura5}/bin/cura5" "''${args[@]}" QT_QPA_PLATFORM=xcb exec "${cura5}/bin/cura5" "''${args[@]}"
'') ''
)
]; ];
} }

5
hmModules/digikam/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.digikam]; {
home.packages = [ pkgs.digikam ];
} }

5
hmModules/discord/default.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.discord]; {
home.packages = [ pkgs.discord ];
home.file.".config/discord/settings.json".text = builtins.toJSON { home.file.".config/discord/settings.json".text = builtins.toJSON {
SKIP_HOST_UPDATE = true; SKIP_HOST_UPDATE = true;
}; };

5
hmModules/dolphin/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.dolphin-emu]; {
home.packages = [ pkgs.dolphin-emu ];
} }

9
hmModules/element/default.nix
View file

@ -1,13 +1,14 @@
{pkgs, ...}: { { pkgs, ... }:
{
# home.packages = [pkgs.schildichat-desktop]; # home.packages = [pkgs.schildichat-desktop];
home.packages = [pkgs.element-desktop-wayland]; home.packages = [ pkgs.element-desktop-wayland ];
systemd.user.services.element-desktop = { systemd.user.services.element-desktop = {
Install.WantedBy = ["graphical-session.target"]; Install.WantedBy = [ "graphical-session.target" ];
Unit = { Unit = {
Description = "Element"; Description = "Element";
PartOf = ["graphical-session.target"]; PartOf = [ "graphical-session.target" ];
}; };
Service = { Service = {

4
hmModules/emacs/default.nix
View file

@ -1,9 +1,9 @@
{ {
lib, lib,
age, age,
pkgs,
... ...
}: { }:
{
ccrEmacs.enable = true; ccrEmacs.enable = true;
home.sessionVariables.EDITOR = lib.mkForce "emacsclient"; home.sessionVariables.EDITOR = lib.mkForce "emacsclient";
systemd.user.services.emacs.Service.EnvironmentFile = age.secrets.chatgpt-token.path; systemd.user.services.emacs.Service.EnvironmentFile = age.secrets.chatgpt-token.path;

37
hmModules/email/default.nix
View file

@ -2,22 +2,25 @@
pkgs, pkgs,
secrets, secrets,
... ...
}: { }:
{
programs.mbsync.enable = true; programs.mbsync.enable = true;
programs.msmtp.enable = true; programs.msmtp.enable = true;
services.mbsync.enable = true; services.mbsync.enable = true;
home.file.".config/aerc/stylesets" = let home.file.".config/aerc/stylesets" =
catppuccin-aerc = pkgs.fetchFromGitHub { let
owner = "catppuccin"; catppuccin-aerc = pkgs.fetchFromGitHub {
repo = "aerc"; owner = "catppuccin";
rev = "ca404a9f2d125ef12db40db663d43c9d94116a05"; repo = "aerc";
hash = "sha256-OWIkHsKFts/zkrDUtbBPXHVSrHL/F0v3LB1rnlFAKmE="; rev = "ca404a9f2d125ef12db40db663d43c9d94116a05";
hash = "sha256-OWIkHsKFts/zkrDUtbBPXHVSrHL/F0v3LB1rnlFAKmE=";
};
in
{
source = "${catppuccin-aerc}/dist";
recursive = true;
}; };
in {
source = "${catppuccin-aerc}/dist";
recursive = true;
};
programs.aerc = { programs.aerc = {
enable = true; enable = true;
@ -81,7 +84,9 @@
"<Esc>" = ":clear<Enter>"; "<Esc>" = ":clear<Enter>";
}; };
"messages:folder=Drafts" = {"<Enter>" = ":recall<Enter>";}; "messages:folder=Drafts" = {
"<Enter>" = ":recall<Enter>";
};
view = { view = {
"/" = ":toggle-key-passthrough<Enter>/"; "/" = ":toggle-key-passthrough<Enter>/";
@ -164,8 +169,12 @@
border-char-vertical = ""; border-char-vertical = "";
border-char-horizontal = ""; border-char-horizontal = "";
}; };
viewer = {always-show-mime = true;}; viewer = {
compose = {no-attachment-warning = "^[^>]*attach(ed|ment)";}; always-show-mime = true;
};
compose = {
no-attachment-warning = "^[^>]*attach(ed|ment)";
};
triggers = { triggers = {
email-received = ''exec notify-send "New email from %n" "%s"''; email-received = ''exec notify-send "New email from %n" "%s"'';
}; };

7
hmModules/firefox/default.nix
View file

@ -2,14 +2,15 @@
pkgs, pkgs,
username, username,
... ...
}: { }:
{
programs.firefox = { programs.firefox = {
enable = true; enable = true;
package = pkgs.wrapFirefox pkgs.firefox-unwrapped { package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
extraPolicies = { extraPolicies = {
ExtensionSettings = {}; ExtensionSettings = { };
}; };
nativeMessagingHosts = [pkgs.tridactyl-native]; nativeMessagingHosts = [ pkgs.tridactyl-native ];
}; };
profiles.${username} = { profiles.${username} = {
settings = { settings = {

83
hmModules/foot/default.nix
View file

@ -6,51 +6,54 @@
}: }:
lib.mkMerge [ lib.mkMerge [
{ {
programs.foot = let programs.foot =
catppuccin = pkgs.fetchFromGitHub { let
owner = "catppuccin"; catppuccin = pkgs.fetchFromGitHub {
repo = "foot"; owner = "catppuccin";
rev = "307611230661b7b1787feb7f9d122e851bae97e9"; repo = "foot";
hash = "sha256-mkPYHDJtfdfDnqLr1YOjaBpn4lCceok36LrnkUkNIE4="; rev = "307611230661b7b1787feb7f9d122e851bae97e9";
}; hash = "sha256-mkPYHDJtfdfDnqLr1YOjaBpn4lCceok36LrnkUkNIE4=";
in {
enable = true;
server.enable = true;
settings = {
main = {
term = "xterm-256color";
login-shell = "yes";
dpi-aware = "no";
horizontal-letter-offset = "1";
include = "${catppuccin}/themes/catppuccin-mocha.ini";
font = let
size = "13";
in
lib.concatStringsSep ", " [
"Iosevka Comfy:size=${size}"
"Symbols Nerd Font:size=${size}"
"JoyPixels:size=${size}"
];
};
cursor = {
blink = true;
};
tweak = {
overflowing-glyphs = true;
}; };
in
{
enable = true;
server.enable = true;
settings = {
main = {
term = "xterm-256color";
login-shell = "yes";
dpi-aware = "no";
horizontal-letter-offset = "1";
include = "${catppuccin}/themes/catppuccin-mocha.ini";
font =
let
size = "13";
in
lib.concatStringsSep ", " [
"Iosevka Comfy:size=${size}"
"Symbols Nerd Font:size=${size}"
"JoyPixels:size=${size}"
];
};
cursor = {
blink = true;
};
tweak = {
overflowing-glyphs = true;
};
key-bindings = { key-bindings = {
scrollback-up-page = "Control+Shift+k"; scrollback-up-page = "Control+Shift+k";
scrollback-down-page = "Control+Shift+j"; scrollback-down-page = "Control+Shift+j";
search-start = "Control+Shift+s"; search-start = "Control+Shift+s";
pipe-command-output = ''[sh -c 'f=$(mktemp); cat - > $f; footclient hx $f; rm $f'] Control+Shift+g''; pipe-command-output = ''[sh -c 'f=$(mktemp); cat - > $f; footclient hx $f; rm $f'] Control+Shift+g'';
}; };
mouse = { mouse = {
hide-when-typing = "yes"; hide-when-typing = "yes";
};
}; };
}; };
};
} }
(lib.mkIf config.programs.fish.enable { (lib.mkIf config.programs.fish.enable {
programs.fish.functions = { programs.fish.functions = {

3
hmModules/git-workspace/default.nix
View file

@ -2,7 +2,8 @@
age, age,
username, username,
... ...
}: { }:
{
services.git-workspace = { services.git-workspace = {
enable = true; enable = true;
frequency = "04:00:00"; frequency = "04:00:00";

11
hmModules/git/default.nix
View file

@ -2,13 +2,18 @@
pkgs, pkgs,
username, username,
... ...
}: let }:
let
config = { config = {
name = "Andrea Ciceri"; name = "Andrea Ciceri";
email = "andrea.ciceri@autistici.org"; email = "andrea.ciceri@autistici.org";
}; };
in { in
imports = [../gitui ../lazygit]; {
imports = [
../gitui
../lazygit
];
programs.git = { programs.git = {
enable = true; enable = true;
package = pkgs.gitAndTools.gitFull; package = pkgs.gitAndTools.gitFull;

6
hmModules/gnome-keyring/default.nix
View file

@ -1,9 +1,9 @@
{ {
pkgs, pkgs,
lib, lib,
config,
... ...
}: { }:
{
services.gnome-keyring = { services.gnome-keyring = {
enable = false; # Is this broken? https://github.com/nix-community/home-manager/issues/1454 enable = false; # Is this broken? https://github.com/nix-community/home-manager/issues/1454
components = lib.mkForce [ components = lib.mkForce [
@ -12,7 +12,7 @@
]; ];
}; };
home.packages = [pkgs.gcr]; # Needed in PATH home.packages = [ pkgs.gcr ]; # Needed in PATH
# Workaround # Workaround
wayland.windowManager.hyprland.extraConfig = '' wayland.windowManager.hyprland.extraConfig = ''

38
hmModules/gpg/default.nix
View file

@ -1,25 +1,31 @@
{pkgs, ...}: { { pkgs, ... }:
{
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
enableSshSupport = true; enableSshSupport = true;
sshKeys = ["CE2FD0D9BECBD8876811714925066CC257413416"]; sshKeys = [ "CE2FD0D9BECBD8876811714925066CC257413416" ];
extraConfig = let extraConfig =
pinentryRofi = pkgs.writeShellApplication { let
name = "pinentry-rofi-with-env"; pinentryRofi = pkgs.writeShellApplication {
runtimeInputs = with pkgs; [coreutils rofi]; name = "pinentry-rofi-with-env";
text = '' runtimeInputs = with pkgs; [
"${pkgs.pinentry-rofi}/bin/pinentry-rofi" "$@" coreutils
''; rofi
}; ];
in '' text = ''
allow-emacs-pinentry "${pkgs.pinentry-rofi}/bin/pinentry-rofi" "$@"
allow-loopback-pinentry '';
pinentry-program ${pinentryRofi}/bin/pinentry-rofi-with-env };
''; in
''
allow-emacs-pinentry
allow-loopback-pinentry
pinentry-program ${pinentryRofi}/bin/pinentry-rofi-with-env
'';
}; };
programs.gpg = { programs.gpg = {
enable = true; enable = true;
settings = {}; settings = { };
}; };
} }

9
hmModules/headless-hyprland/default.nix
View file

@ -1,11 +1,12 @@
{ {
config,
lib, lib,
... ...
}: let }:
let
originalConfig = config.wayland.windowManager.hyprland.extraConfig; originalConfig = config.wayland.windowManager.hyprland.extraConfig;
config = builtins.replaceStrings ["SUPER"] [""] originalConfig; config = builtins.replaceStrings [ "SUPER" ] [ "" ] originalConfig;
in { in
{
systemd.user.services.headless-hyprland = { systemd.user.services.headless-hyprland = {
Unit.Description = "Headless Hyprland"; Unit.Description = "Headless Hyprland";
Service = { Service = {

10
hmModules/helix/default.nix
View file

@ -22,26 +22,26 @@
language = [ language = [
{ {
name = "nix"; name = "nix";
language-servers = ["nixd"]; language-servers = [ "nixd" ];
} }
{ {
name = "markdown"; name = "markdown";
language-servers = ["zk"]; language-servers = [ "zk" ];
} }
{ {
name = "typescript"; name = "typescript";
language-servers = ["vtsls"]; language-servers = [ "vtsls" ];
} }
]; ];
language-server = { language-server = {
nixd.command = "nixd"; nixd.command = "nixd";
vtsls = { vtsls = {
command = "vtsls"; command = "vtsls";
args = ["--stdio"]; args = [ "--stdio" ];
}; };
zk = { zk = {
command = "zk"; command = "zk";
args = ["lsp"]; args = [ "lsp" ];
}; };
}; };
}; };

6
hmModules/hyprland/default.nix
View file

@ -2,7 +2,8 @@
config, config,
pkgs, pkgs,
... ...
}: let }:
let
screenshotScript = pkgs.writeShellScriptBin "screenshot.sh" '' screenshotScript = pkgs.writeShellScriptBin "screenshot.sh" ''
filename="$HOME/shots/$(date --iso-8601=seconds).png" filename="$HOME/shots/$(date --iso-8601=seconds).png"
coords="$(${pkgs.slurp}/bin/slurp)" coords="$(${pkgs.slurp}/bin/slurp)"
@ -19,7 +20,8 @@
fi fi
fi fi
''; '';
in { in
{
imports = [ imports = [
./hyprpaper.nix ./hyprpaper.nix
../waybar ../waybar

3
hmModules/hyprland/hyprpaper.nix
View file

@ -1,6 +1,7 @@
let let
wallpaper = ./wallpaper.png; wallpaper = ./wallpaper.png;
in { in
{
xdg.configFile."hypr/hyprpaper.conf".text = '' xdg.configFile."hypr/hyprpaper.conf".text = ''
splash = false splash = false
preload = ${wallpaper} preload = ${wallpaper}

5
hmModules/kicad/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.kicad-small]; {
home.packages = [ pkgs.kicad-small ];
} }

3
hmModules/kitty/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { ... }:
{
programs.kitty = { programs.kitty = {
enable = true; enable = true;
font = { font = {

3
hmModules/lazygit/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.lazygit = { programs.lazygit = {
enable = true; enable = true;
settings = { settings = {

5
hmModules/lutris/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.lutris]; {
home.packages = [ pkgs.lutris ];
} }

5
hmModules/monero/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.monero-gui]; {
home.packages = [ pkgs.monero-gui ];
} }

5
hmModules/moonlight/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.moonlight-qt]; {
home.packages = [ pkgs.moonlight-qt ];
} }

15
hmModules/mopidy/default.nix
View file

@ -1,5 +1,6 @@
# TODO: use upstream ytmusic when updated: https://github.com/OzymandiasTheGreat/mopidy-ytmusic/issues/68 # TODO: use upstream ytmusic when updated: https://github.com/OzymandiasTheGreat/mopidy-ytmusic/issues/68
{pkgs, ...}: let { pkgs, ... }:
let
ytmusicapi = pkgs.python310Packages.buildPythonPackage rec { ytmusicapi = pkgs.python310Packages.buildPythonPackage rec {
pname = "ytmusicapi"; pname = "ytmusicapi";
version = "0.24.0"; version = "0.24.0";
@ -38,14 +39,20 @@
python310Packages.pytube python310Packages.pytube
]; ];
pythonImportsCheck = ["mopidy_ytmusic"]; pythonImportsCheck = [ "mopidy_ytmusic" ];
doCheck = false; doCheck = false;
}; };
in { in
{
services.mopidy = { services.mopidy = {
enable = true; enable = true;
extensionPackages = [mopidy-ytmusic] ++ (with pkgs; [mopidy-mpd mopidy-mpris]); extensionPackages =
[ mopidy-ytmusic ]
++ (with pkgs; [
mopidy-mpd
mopidy-mpris
]);
settings = { settings = {
mpd = { mpd = {
enabled = true; enabled = true;

5
hmModules/nheko/default.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.nheko]; {
home.packages = [ pkgs.nheko ];
# systemd.user.services.nheko = { # systemd.user.services.nheko = {
# Install.WantedBy = ["graphical-session.target"]; # Install.WantedBy = ["graphical-session.target"];

17
hmModules/nix-index/default.nix
View file

@ -1,14 +1,15 @@
{ {
config,
pkgs, pkgs,
fleetFlake, fleetFlake,
lib,
... ...
}: { }:
{
programs.nix-index.enable = true; programs.nix-index.enable = true;
systemd.user.services.nix-index-update = { systemd.user.services.nix-index-update = {
Unit = {Description = "Update nix-index";}; Unit = {
Description = "Update nix-index";
};
Service = { Service = {
CPUSchedulingPolicy = "idle"; CPUSchedulingPolicy = "idle";
@ -18,7 +19,9 @@
}; };
systemd.user.timers.nix-index-update = { systemd.user.timers.nix-index-update = {
Unit = {Description = "Update nix-index";}; Unit = {
Description = "Update nix-index";
};
Timer = { Timer = {
Unit = "nix-index-update.service"; Unit = "nix-index-update.service";
@ -26,6 +29,8 @@
Persistent = true; Persistent = true;
}; };
Install = {WantedBy = ["timers.target"];}; Install = {
WantedBy = [ "timers.target" ];
};
}; };
} }

8
hmModules/obs-studio/default.nix
View file

@ -1,6 +1,10 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.obs-studio = { programs.obs-studio = {
enable = true; enable = true;
plugins = with pkgs.obs-studio-plugins; [wlrobs input-overlay]; plugins = with pkgs.obs-studio-plugins; [
wlrobs
input-overlay
];
}; };
} }

5
hmModules/openscad/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.openscad]; {
home.packages = [ pkgs.openscad ];
} }

2
hmModules/pantalaimon/default.nix
View file

@ -9,5 +9,5 @@
}; };
}; };
}; };
systemd.user.services.pantalaimon.Unit.Requires = ["dbus.socket"]; systemd.user.services.pantalaimon.Unit.Requires = [ "dbus.socket" ];
} }

5
hmModules/password-store/default.nix
View file

@ -2,12 +2,13 @@
pkgs, pkgs,
username, username,
... ...
}: { }:
{
programs.password-store = { programs.password-store = {
enable = true; enable = true;
settings = { settings = {
PASSWORD_STORE_DIR = "/home/${username}/.password-store"; PASSWORD_STORE_DIR = "/home/${username}/.password-store";
}; };
package = pkgs.pass.withExtensions (e: [e.pass-otp]); package = pkgs.pass.withExtensions (e: [ e.pass-otp ]);
}; };
} }

26
hmModules/qutebrowser/default.nix
View file

@ -2,7 +2,8 @@
pkgs, pkgs,
config, config,
... ...
}: let }:
let
inherit (config.programs.qutebrowser) settings; inherit (config.programs.qutebrowser) settings;
websites = { websites = {
searx = "https://searx.be"; searx = "https://searx.be";
@ -16,7 +17,8 @@
less-dark-white = "#cccccc"; less-dark-white = "#cccccc";
blue = "#0000ff"; blue = "#0000ff";
}; };
in { in
{
programs.qutebrowser = { programs.qutebrowser = {
enable = true; enable = true;
searchEngines = with websites; { searchEngines = with websites; {
@ -41,7 +43,7 @@ in {
auto_save.session = true; auto_save.session = true;
url = with websites; { url = with websites; {
default_page = searx; default_page = searx;
start_pages = [searx]; start_pages = [ searx ];
}; };
editor.command = [ editor.command = [
"emacsclient" "emacsclient"
@ -108,15 +110,13 @@ in {
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [
fuzzel fuzzel
( (makeDesktopItem {
makeDesktopItem { name = "qutebrowser";
name = "qutebrowser"; exec = "qutebrowser %u";
exec = "qutebrowser %u"; comment = "Qutebrowser";
comment = "Qutebrowser"; desktopName = "qutebrowser";
desktopName = "qutebrowser"; type = "Application";
type = "Application"; mimeTypes = [ "x-scheme-handler/https" ];
mimeTypes = ["x-scheme-handler/https"]; })
}
)
]; ];
} }

8
hmModules/reinstall-magisk-on-lineage/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: let { pkgs, ... }:
let
reinstall-magisk-on-lineage = pkgs.stdenv.mkDerivation { reinstall-magisk-on-lineage = pkgs.stdenv.mkDerivation {
name = "reinstall-magisk-on-lineage"; name = "reinstall-magisk-on-lineage";
version = "git"; version = "git";
@ -21,6 +22,7 @@
--replace-fail "paste_yours_here" "\"\$1\"" --replace-fail "paste_yours_here" "\"\$1\""
''; '';
}; };
in { in
home.packages = [reinstall-magisk-on-lineage]; {
home.packages = [ reinstall-magisk-on-lineage ];
} }

5
hmModules/remmina/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.remmina]; {
home.packages = [ pkgs.remmina ];
} }

68
hmModules/shell/default.nix
View file

@ -4,7 +4,8 @@
age, age,
hostname, hostname,
... ...
}: { }:
{
programs.bat.enable = true; programs.bat.enable = true;
programs.direnv = { programs.direnv = {
@ -31,7 +32,9 @@
systemd.user.services.atuind = { systemd.user.services.atuind = {
Unit.Description = "Atuin daemon"; Unit.Description = "Atuin daemon";
Install = {WantedBy = ["default.target"];}; Install = {
WantedBy = [ "default.target" ];
};
Service.ExecStart = "${lib.getExe pkgs.atuin} daemon"; Service.ExecStart = "${lib.getExe pkgs.atuin} daemon";
}; };
@ -116,25 +119,29 @@
xdg.configFile = { xdg.configFile = {
"dracula-theme" = { "dracula-theme" = {
target = "fish/themes/dracula.theme"; target = "fish/themes/dracula.theme";
source = let source =
theme = pkgs.fetchFromGitHub { let
owner = "dracula"; theme = pkgs.fetchFromGitHub {
repo = "fish"; owner = "dracula";
rev = "269cd7d76d5104fdc2721db7b8848f6224bdf554"; repo = "fish";
hash = "sha256-Hyq4EfSmWmxwCYhp3O8agr7VWFAflcUe8BUKh50fNfY="; rev = "269cd7d76d5104fdc2721db7b8848f6224bdf554";
}; hash = "sha256-Hyq4EfSmWmxwCYhp3O8agr7VWFAflcUe8BUKh50fNfY=";
in "${theme}/themes/Dracula\ Official.theme"; };
in
"${theme}/themes/Dracula\ Official.theme";
}; };
"catppuccin-theme" = { "catppuccin-theme" = {
target = "fish/themes/Catppuccin\ Mocha.theme"; target = "fish/themes/Catppuccin\ Mocha.theme";
source = let source =
theme = pkgs.fetchFromGitHub { let
owner = "catppuccin"; theme = pkgs.fetchFromGitHub {
repo = "fish"; owner = "catppuccin";
rev = "a3b9eb5eaf2171ba1359fe98f20d226c016568cf"; repo = "fish";
hash = "sha256-shQxlyoauXJACoZWtRUbRMxmm10R8vOigXwjxBhG8ng="; rev = "a3b9eb5eaf2171ba1359fe98f20d226c016568cf";
}; hash = "sha256-shQxlyoauXJACoZWtRUbRMxmm10R8vOigXwjxBhG8ng=";
in "${theme}/themes/Catppuccin\ Mocha.theme"; };
in
"${theme}/themes/Catppuccin\ Mocha.theme";
}; };
}; };
@ -227,7 +234,8 @@
# ''; # '';
# }; # };
home.packages = with pkgs; home.packages =
with pkgs;
[ [
thefuck thefuck
htop-vim htop-vim
@ -240,12 +248,18 @@
carapace # used by nushell carapace # used by nushell
neovim neovim
] ]
++ (lib.optionals (builtins.elem hostname ["kirk" "picard"]) [ ++ (lib.optionals
nixd # TODO probably not the best place (builtins.elem hostname [
terraform-lsp # TODO probably not best place "kirk"
python3Packages.jedi-language-server # TODO probably not best place "picard"
nodePackages.typescript-language-server # TODO probably not best place ])
cntr # TODO probably not best place [
nom # FIXME disable on aarch64-linux, breaks everything :( nixd # TODO probably not the best place
]); terraform-lsp # TODO probably not best place
python3Packages.jedi-language-server # TODO probably not best place
nodePackages.typescript-language-server # TODO probably not best place
cntr # TODO probably not best place
nom # FIXME disable on aarch64-linux, breaks everything :(
]
);
} }

5
hmModules/slack/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.slack]; {
home.packages = [ pkgs.slack ];
} }

14
hmModules/spotify/default.nix
View file

@ -2,17 +2,19 @@
lib, lib,
pkgs, pkgs,
... ...
}: let }:
spotify-adblocked = pkgs.callPackage ../../packages/spotify-adblocked {}; let
in { spotify-adblocked = pkgs.callPackage ../../packages/spotify-adblocked { };
home.packages = [spotify-adblocked]; in
{
home.packages = [ spotify-adblocked ];
systemd.user.services.spotify-adblocked = { systemd.user.services.spotify-adblocked = {
Install.WantedBy = ["graphical-session.target"]; Install.WantedBy = [ "graphical-session.target" ];
Unit = { Unit = {
Description = "Spotify"; Description = "Spotify";
PartOf = ["graphical-session.target"]; PartOf = [ "graphical-session.target" ];
}; };
Service = { Service = {

5
hmModules/steam-run/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.steam-run]; {
home.packages = [ pkgs.steam-run ];
} }

181
hmModules/sway/default.nix
View file

@ -3,7 +3,8 @@
lib, lib,
config, config,
... ...
}: { }:
{
imports = [ imports = [
../waybar ../waybar
../swayidle ../swayidle
@ -12,7 +13,7 @@
../kitty ../kitty
]; ];
config = { config = {
home.packages = with pkgs; [wl-clipboard]; home.packages = with pkgs; [ wl-clipboard ];
systemd.user.sessionVariables = { systemd.user.sessionVariables = {
NIXOS_OZONE_WL = "1"; NIXOS_OZONE_WL = "1";
@ -35,98 +36,100 @@
}; };
wayland = { wayland = {
windowManager.sway = let windowManager.sway =
modifier = "Mod4"; let
in { modifier = "Mod4";
enable = true; in
wrapperFeatures.gtk = true; {
config = { enable = true;
inherit modifier; wrapperFeatures.gtk = true;
menu = "${pkgs.fuzzel}/bin/fuzzel --background-color=253559cc --border-radius=5 --border-width=0"; config = {
output = let inherit modifier;
bg = "${./wallpaper.svg} fill"; menu = "${pkgs.fuzzel}/bin/fuzzel --background-color=253559cc --border-radius=5 --border-width=0";
in { output =
DP-2 = { let
res = "1900x1200"; bg = "${./wallpaper.svg} fill";
pos = "0 0"; in
inherit bg; {
transform = "90"; DP-2 = {
res = "1900x1200";
pos = "0 0";
inherit bg;
transform = "90";
};
DP-1 = {
res = "2560x1440";
pos = "1200 230";
inherit bg;
};
eDP-1 = {
res = "1920x1080";
pos = "3760 230";
inherit bg;
};
};
terminal = "${config.programs.kitty.package}/bin/kitty ${config.programs.kitty.package}/bin/kitty +kitten ssh mothership.fleet";
bars = [
{
mode = "hide";
position = "top";
command = "${pkgs.waybar}/bin/waybar";
}
];
gaps = {
smartBorders = "on";
}; };
DP-1 = { assigns = {
res = "2560x1440"; "1" = [
pos = "1200 230"; { title = ".*Mozilla Firefox$"; }
inherit bg; { title = ".*qutebrowser$"; }
];
"2" = [ { title = "^((?!qutebrowser-editor).)*Emacs$"; } ];
"3" = [ { title = "Slack.*"; } ];
"9" = [ { title = "^Element.*"; } ];
}; };
eDP-1 = { floating.criteria = [
res = "1920x1080"; { title = "MetaMask Notification.*"; }
pos = "3760 230"; { title = "Volume Control"; } # pavucontrol
inherit bg; { title = "^.*editor - qutebrowser$"; } # Emacs opened by qutebrowser
];
input = {
"*" = {
xkb_layout = "us";
xkb_variant = "altgr-intl";
};
}; };
keybindings =
let
screenshotScript = pkgs.writeShellScript "screenshot.sh" ''
filename="$HOME/shots/$(date --iso-8601=seconds).png"
coords="$(${pkgs.slurp}/bin/slurp)"
${pkgs.grim}/bin/grim -t png -g "$coords" "$filename"
wl-copy -t image/png < $filename
'';
in
lib.mkOptionDefault {
"${modifier}+x" = "exec emacsclient -c";
"${modifier}+y" = "exec ${pkgs.waypipe}/bin/waypipe --compress lz4=10 ssh mothership.fleet emacsclient -c";
"${modifier}+b" = "exec qutebrowser";
"${modifier}+s" = "exec ${screenshotScript}";
# "${modifier}+g" = "exec ${screenrecordingScript}"; # FIXME
"${modifier}+t" = ''
exec emacsclient -c -F "\'(name . \\"VTerm\\"))" -q --eval '(vterm (getenv "SHELL"))'
'';
"${modifier}+u" = ''
exec ${pkgs.waypipe}/bin/waypipe --compress lz4=10 ssh mothership.fleet emacsclient -c -F "\'(name . \\"VTerm\\"))" -q --eval '(eat (getenv "SHELL"))'
'';
"XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s +5%";
"XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 5%-";
};
}; };
terminal = "${config.programs.kitty.package}/bin/kitty ${config.programs.kitty.package}/bin/kitty +kitten ssh mothership.fleet"; extraConfig = ''
bars = [ bindsym ${modifier}+p move workspace to output right
{ '';
mode = "hide"; xwayland = true;
position = "top"; systemdIntegration = true;
command = "${pkgs.waybar}/bin/waybar";
}
];
gaps = {
smartBorders = "on";
};
assigns = {
"1" = [{title = ".*Mozilla Firefox$";} {title = ".*qutebrowser$";}];
"2" = [{title = "^((?!qutebrowser-editor).)*Emacs$";}];
"3" = [{title = "Slack.*";}];
"9" = [{title = "^Element.*";}];
};
floating.criteria = [
{title = "MetaMask Notification.*";}
{title = "Volume Control";} # pavucontrol
{title = "^.*editor - qutebrowser$";} # Emacs opened by qutebrowser
];
input = {
"*" = {
xkb_layout = "us";
xkb_variant = "altgr-intl";
};
};
keybindings = let
screenshotScript = pkgs.writeShellScript "screenshot.sh" ''
filename="$HOME/shots/$(date --iso-8601=seconds).png"
coords="$(${pkgs.slurp}/bin/slurp)"
${pkgs.grim}/bin/grim -t png -g "$coords" "$filename"
wl-copy -t image/png < $filename
'';
screenrecordingScript = pkgs.writeShellScript "screenrecorder.sh" ''
filename="$HOME/shots/recording-$(date --iso-8601=seconds).mp4"
coords="$(${pkgs.slurp}/bin/slurp)"
${pkgs.wf-recorder}/bin/wf-recorder -g "$coords" -f "$filename"
wl-copy -t video/mp4 < $filename
'';
in
lib.mkOptionDefault {
"${modifier}+x" = "exec emacsclient -c";
"${modifier}+y" = "exec ${pkgs.waypipe}/bin/waypipe --compress lz4=10 ssh mothership.fleet emacsclient -c";
"${modifier}+b" = "exec qutebrowser";
"${modifier}+s" = "exec ${screenshotScript}";
# "${modifier}+g" = "exec ${screenrecordingScript}"; # FIXME
"${modifier}+t" = ''
exec emacsclient -c -F "\'(name . \\"VTerm\\"))" -q --eval '(vterm (getenv "SHELL"))'
'';
"${modifier}+u" = ''
exec ${pkgs.waypipe}/bin/waypipe --compress lz4=10 ssh mothership.fleet emacsclient -c -F "\'(name . \\"VTerm\\"))" -q --eval '(eat (getenv "SHELL"))'
'';
"XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s +5%";
"XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 5%-";
};
}; };
extraConfig = ''
bindsym ${modifier}+p move workspace to output right
'';
xwayland = true;
systemdIntegration = true;
};
}; };
}; };
} }

93
hmModules/swayidle/default.nix
View file

@ -2,53 +2,56 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
services.swayidle = let {
swaylockWithArgs = pkgs.writeScriptBin "swaylockWithArgs" '' services.swayidle =
${pkgs.swaylock-effects}/bin/swaylock \ let
--daemonize \ swaylockWithArgs = pkgs.writeScriptBin "swaylockWithArgs" ''
--screenshots \ ${pkgs.swaylock-effects}/bin/swaylock \
--clock \ --daemonize \
--indicator \ --screenshots \
--indicator-radius 100 \ --clock \
--indicator-thickness 7 \ --indicator \
--effect-blur 7x5 \ --indicator-radius 100 \
--effect-vignette 0.5:0.5 \ --indicator-thickness 7 \
--ring-color bb00cc \ --effect-blur 7x5 \
--key-hl-color 880033 \ --effect-vignette 0.5:0.5 \
--line-color 00000000 \ --ring-color bb00cc \
--inside-color 00000088 \ --key-hl-color 880033 \
--separator-color 00000000 \ --line-color 00000000 \
--fade-in 0.2 --inside-color 00000088 \
''; --separator-color 00000000 \
swaylockCommand = "${swaylockWithArgs}/bin/swaylockWithArgs"; --fade-in 0.2
in { '';
enable = true; swaylockCommand = "${swaylockWithArgs}/bin/swaylockWithArgs";
events = [ in
{ {
event = "before-sleep"; enable = true;
command = swaylockCommand; events = [
} {
{ event = "before-sleep";
event = "lock"; command = swaylockCommand;
command = swaylockCommand; }
} {
]; event = "lock";
timeouts = [ command = swaylockCommand;
{ }
timeout = 600; ];
command = swaylockCommand; timeouts = [
} {
{ timeout = 600;
timeout = 720; command = swaylockCommand;
command = "${pkgs.systemd}/bin/systemctl suspend"; }
} {
]; timeout = 720;
}; command = "${pkgs.systemd}/bin/systemctl suspend";
}
];
};
# Otherwise it will start only after Sway and will not work with Hyprland # Otherwise it will start only after Sway and will not work with Hyprland
systemd.user.services.swayidle = { systemd.user.services.swayidle = {
Unit.PartOf = lib.mkForce []; Unit.PartOf = lib.mkForce [ ];
Install.WantedBy = lib.mkForce ["hyprland-session.target"]; Install.WantedBy = lib.mkForce [ "hyprland-session.target" ];
}; };
} }

5
hmModules/teams/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.teams-for-linux]; {
home.packages = [ pkgs.teams-for-linux ];
} }

6
hmModules/thunderbird/default.nix
View file

@ -1,14 +1,14 @@
{ {
imports = [../email]; imports = [ ../email ];
config = { config = {
accounts.email.accounts = { accounts.email.accounts = {
autistici.thunderbird = { autistici.thunderbird = {
enable = true; enable = true;
profiles = ["default"]; profiles = [ "default" ];
}; };
mlabs.thunderbird = { mlabs.thunderbird = {
enable = true; enable = true;
profiles = ["default"]; profiles = [ "default" ];
}; };
}; };
programs.thunderbird = { programs.thunderbird = {

5
hmModules/tor-browser/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.tor-browser]; {
home.packages = [ pkgs.tor-browser ];
} }

7
hmModules/tremotesf/default.nix
View file

@ -2,11 +2,12 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
home.packages = [pkgs.tremotesf]; {
home.packages = [ pkgs.tremotesf ];
systemd.user.services.tremotesf = { systemd.user.services.tremotesf = {
Install.WantedBy = ["graphical-session.target"]; Install.WantedBy = [ "graphical-session.target" ];
Unit = { Unit = {
Description = "tremotesf"; Description = "tremotesf";

3
hmModules/vscode/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.vscode = { programs.vscode = {
enable = true; enable = true;
# For a few reasons sometimes I'm forced to use VSCode and I don't have time to nixifiy even its configuration. # For a few reasons sometimes I'm forced to use VSCode and I don't have time to nixifiy even its configuration.

48
hmModules/waybar/default.nix
View file

@ -2,7 +2,8 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
programs.waybar = { programs.waybar = {
enable = true; enable = true;
systemd.enable = true; systemd.enable = true;
@ -18,7 +19,7 @@
"wlr/mode" "wlr/mode"
"hyprland/workspaces" "hyprland/workspaces"
]; ];
modules-center = ["wlr/window"]; modules-center = [ "wlr/window" ];
modules-right = [ modules-right = [
"network" "network"
"tray" "tray"
@ -46,9 +47,13 @@
# sort-by-number = true; # sort-by-number = true;
}; };
"wlr/mode" = {tooltip = false;}; "wlr/mode" = {
tooltip = false;
};
"wlr/window" = {max_length = 50;}; "wlr/window" = {
max_length = 50;
};
tray = { tray = {
spacing = 10; spacing = 10;
}; };
@ -56,7 +61,13 @@
format = "{capacity}% {icon}"; format = "{capacity}% {icon}";
format-alt = "{time} {icon}"; format-alt = "{time} {icon}";
format-charging = "{capacity}% "; format-charging = "{capacity}% ";
format-icons = [" " " " " " " " " "]; format-icons = [
" "
" "
" "
" "
" "
];
format-plugged = "{capacity}% "; format-plugged = "{capacity}% ";
states = { states = {
critical = 15; critical = 15;
@ -71,7 +82,9 @@
format = "{usage}% "; format = "{usage}% ";
tooltip = false; tooltip = false;
}; };
memory = {format = "{}% ";}; memory = {
format = "{}% ";
};
network = { network = {
interval = 1; interval = 1;
format-alt = "{ifname}: {ipaddr}/{cidr}"; format-alt = "{ifname}: {ipaddr}/{cidr}";
@ -86,7 +99,11 @@
format-bluetooth-muted = " {icon} {format_source}"; format-bluetooth-muted = " {icon} {format_source}";
format-icons = { format-icons = {
car = ""; car = "";
default = [" " " " " "]; default = [
" "
" "
" "
];
handsfree = ""; handsfree = "";
headphones = " "; headphones = " ";
headset = ""; headset = "";
@ -98,23 +115,32 @@
format-source-muted = ""; format-source-muted = "";
on-click = "${pkgs.pavucontrol}/bin/pavucontrol"; on-click = "${pkgs.pavucontrol}/bin/pavucontrol";
}; };
"wlr/mode" = {format = ''<span style="italic">{}</span>'';}; "wlr/mode" = {
format = ''<span style="italic">{}</span>'';
};
temperature = { temperature = {
critical-threshold = 80; critical-threshold = 80;
format = "{temperatureC}°C {icon}"; format = "{temperatureC}°C {icon}";
format-icons = ["" "" ""]; format-icons = [
""
""
""
];
hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; # picard FIXME hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; # picard FIXME
# hwmon-path = "/sys/class/thermal/thermal_zone4/temp"; # thinkpad # hwmon-path = "/sys/class/thermal/thermal_zone4/temp"; # thinkpad
}; };
backlight = { backlight = {
device = "ddcci2"; device = "ddcci2";
format = "{percent}% {icon}"; format = "{percent}% {icon}";
format-icons = [" " " "]; format-icons = [
" "
" "
];
}; };
}; };
}; };
}; };
# waybar needs the hyprctl binary in PATH when started in hyprland # waybar needs the hyprctl binary in PATH when started in hyprland
systemd.user.services.waybar.Service.Environment = "PATH=${lib.makeBinPath [pkgs.hyprland]}"; systemd.user.services.waybar.Service.Environment = "PATH=${lib.makeBinPath [ pkgs.hyprland ]}";
} }

7
hmModules/wayvnc/default.nix
View file

@ -4,13 +4,14 @@
vpn, vpn,
hostname, hostname,
... ...
}: { }:
{
systemd.user.services.wayvnc = { systemd.user.services.wayvnc = {
Install.WantedBy = ["graphical-session.target"]; Install.WantedBy = [ "graphical-session.target" ];
Unit = { Unit = {
Description = "WayVNC"; Description = "WayVNC";
PartOf = ["graphical-session.target"]; PartOf = [ "graphical-session.target" ];
}; };
Service = { Service = {

73
hmModules/wezterm/default.nix
View file

@ -2,12 +2,12 @@
pkgs, pkgs,
hostname, hostname,
... ...
}: { }:
{
programs.wezterm = { programs.wezterm = {
enable = true; enable = true;
package = package =
if hostname == "pircard" if hostname == "pircard" then
then
(pkgs.wezterm.overrideAttrs (old: rec { (pkgs.wezterm.overrideAttrs (old: rec {
pname = "wezterm"; pname = "wezterm";
version = "20240406-cce0706"; version = "20240406-cce0706";
@ -24,43 +24,40 @@
"xcb-imdkit-0.3.0" = "sha256-fTpJ6uNhjmCWv7dZqVgYuS2Uic36XNYTbqlaly5QBjI="; "xcb-imdkit-0.3.0" = "sha256-fTpJ6uNhjmCWv7dZqVgYuS2Uic36XNYTbqlaly5QBjI=";
}; };
}; };
patches = patches = (old.patches or [ ]) ++ [
(old.patches or []) (pkgs.fetchpatch {
++ [ # fix(wayland): ensure repaint event is sent in show
(pkgs.fetchpatch { url = "https://patch-diff.githubusercontent.com/raw/wez/wezterm/pull/5264.patch";
# fix(wayland): ensure repaint event is sent in show hash = "sha256-c+frVaBEL0h3PJvNu3AW2iap+uUXBY8olbm7Wsxuh4Q=";
url = "https://patch-diff.githubusercontent.com/raw/wez/wezterm/pull/5264.patch"; })
hash = "sha256-c+frVaBEL0h3PJvNu3AW2iap+uUXBY8olbm7Wsxuh4Q="; (pkgs.writeText "wezterm-remove_capabilities.patch" ''
}) diff --git a/window/src/os/wayland/seat.rs b/window/src/os/wayland/seat.rs
(pkgs.writeText index 3798f4259..e91591130 100644
"wezterm-remove_capabilities.patch" --- a/window/src/os/wayland/seat.rs
'' +++ b/window/src/os/wayland/seat.rs
diff --git a/window/src/os/wayland/seat.rs b/window/src/os/wayland/seat.rs @@ -65,9 +65,15 @@ impl SeatHandler for WaylandState {
index 3798f4259..e91591130 100644 _conn: &Connection,
--- a/window/src/os/wayland/seat.rs _qh: &QueueHandle<Self>,
+++ b/window/src/os/wayland/seat.rs _seat: WlSeat,
@@ -65,9 +65,15 @@ impl SeatHandler for WaylandState { - _capability: smithay_client_toolkit::seat::Capability,
_conn: &Connection, + capability: smithay_client_toolkit::seat::Capability,
_qh: &QueueHandle<Self>, ) {
_seat: WlSeat, - todo!()
- _capability: smithay_client_toolkit::seat::Capability, + if capability == Capability::Keyboard && self.keyboard.is_some() {
+ capability: smithay_client_toolkit::seat::Capability, + self.keyboard.take().unwrap().release();
) { + }
- todo!() +
+ if capability == Capability::Keyboard && self.keyboard.is_some() { + if capability == Capability::Pointer && self.pointer.is_some() {
+ self.keyboard.take().unwrap().release(); + self.pointer = None;
+ } + }
+ }
+ if capability == Capability::Pointer && self.pointer.is_some() {
+ self.pointer = None;
+ }
}
fn remove_seat(&mut self, _conn: &Connection, _qh: &QueueHandle<Self>, _seat: WlSeat) { fn remove_seat(&mut self, _conn: &Connection, _qh: &QueueHandle<Self>, _seat: WlSeat) {
'') '')
]; ];
})) }))
else pkgs.wezterm; else
pkgs.wezterm;
extraConfig = '' extraConfig = ''
return { return {

9
hmModules/whatsapp/default.nix
View file

@ -1,12 +1,13 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.whatsapp-for-linux]; {
home.packages = [ pkgs.whatsapp-for-linux ];
systemd.user.services.whatsapp = { systemd.user.services.whatsapp = {
Install.WantedBy = ["graphical-session.target"]; Install.WantedBy = [ "graphical-session.target" ];
Unit = { Unit = {
Description = "Whatsapp"; Description = "Whatsapp";
PartOf = ["graphical-session.target"]; PartOf = [ "graphical-session.target" ];
}; };
Service = { Service = {

3
hmModules/wine/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
home.packages = with pkgs; [ home.packages = with pkgs; [
winetricks winetricks
wineWowPackages.waylandFull wineWowPackages.waylandFull

19
hmModules/xdg/default.nix
View file

@ -1,11 +1,12 @@
{pkgs, ...}: { { pkgs, ... }:
{
xdg = { xdg = {
enable = true; enable = true;
mimeApps.enable = true; mimeApps.enable = true;
mimeApps.defaultApplications = { mimeApps.defaultApplications = {
"text/html" = ["firefox.desktop"]; "text/html" = [ "firefox.desktop" ];
"x-scheme-handler/http" = ["firefox.desktop"]; "x-scheme-handler/http" = [ "firefox.desktop" ];
"x-scheme-handler/https" = ["firefox.desktop"]; "x-scheme-handler/https" = [ "firefox.desktop" ];
}; };
desktopEntries = { desktopEntries = {
org-protocol = { org-protocol = {
@ -13,16 +14,20 @@
genericName = "Org protocol"; genericName = "Org protocol";
exec = "emacsclient -- %u"; exec = "emacsclient -- %u";
terminal = false; terminal = false;
mimeType = ["x-scheme-handler/org-protocol"]; mimeType = [ "x-scheme-handler/org-protocol" ];
}; };
firefox = { firefox = {
name = "firefox"; name = "firefox";
genericName = "Firefox protocol"; genericName = "Firefox protocol";
exec = "firefox -- %U"; exec = "firefox -- %U";
terminal = false; terminal = false;
mimeType = ["text/html" "text/xml" "text/uri"]; mimeType = [
"text/html"
"text/xml"
"text/uri"
];
}; };
}; };
}; };
home.packages = [pkgs.xdg-utils]; home.packages = [ pkgs.xdg-utils ];
} }

10
hmModules/zmkbatx/default.nix
View file

@ -2,11 +2,15 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
home.packages = [pkgs.zmkBATx]; {
home.packages = [ pkgs.zmkBATx ];
systemd.user.services.zmkBATx = { systemd.user.services.zmkBATx = {
Install.WantedBy = ["graphical-session.target" "waybar.service"]; Install.WantedBy = [
"graphical-session.target"
"waybar.service"
];
Unit = { Unit = {
Description = "zmkBATx"; Description = "zmkBATx";

5
hmModules/zulip/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.zulip]; {
home.packages = [ pkgs.zulip ];
} }

3
hosts/archer/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
environment.systemPackages = [ environment.systemPackages = [
pkgs.vim pkgs.vim
]; ];

5
hosts/beebox/default.nix
View file

@ -1,9 +1,8 @@
{ {
fleetModules, fleetModules,
pkgs,
lib,
... ...
}: { }:
{
imports = imports =
[ [
./hardware-configuration.nix ./hardware-configuration.nix

19
hosts/beebox/hardware-configuration.nix
View file

@ -7,15 +7,22 @@
pkgs, pkgs,
modulesPath, modulesPath,
... ...
}: { }:
{
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod"]; boot.initrd.availableKernelModules = [
boot.initrd.kernelModules = []; "ahci"
boot.kernelModules = ["kvm-intel"]; "xhci_pci"
boot.extraModulePackages = []; "usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -31,7 +38,7 @@
}; };
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-label/swap";} { device = "/dev/disk/by-label/swap"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

39
hosts/default.nix
View file

@ -1,16 +1,14 @@
{ {
self,
lib,
config,
inputs, inputs,
... ...
}: { }:
imports = [./module.nix]; {
imports = [ ./module.nix ];
fleet = { fleet = {
darwinHosts.archer = {}; darwinHosts.archer = { };
nixOnDroidHosts.janeway = {}; nixOnDroidHosts.janeway = { };
hosts = { hosts = {
# thinkpad = { # thinkpad = {
@ -74,10 +72,11 @@
# }; # };
deltaflyer = { deltaflyer = {
nixpkgs = let nixpkgs =
# keep in sync with https://github.com/NixOS/mobile-nixos/blob/development/pkgs.nix let
rev = "44d0940ea560dee511026a53f0e2e2cde489b4d4"; # keep in sync with https://github.com/NixOS/mobile-nixos/blob/development/pkgs.nix
in rev = "44d0940ea560dee511026a53f0e2e2cde489b4d4";
in
builtins.getFlake "github:NixOS/nixpkgs/${rev}"; builtins.getFlake "github:NixOS/nixpkgs/${rev}";
extraHmModules = [ extraHmModules = [
# inputs.ccrEmacs.hmModules.default # inputs.ccrEmacs.hmModules.default
@ -88,10 +87,10 @@
}; };
homeManager = builtins.getFlake "github:nix-community/home-manager/670d9ecc3e46a6e3265c203c2d136031a3d3548e"; homeManager = builtins.getFlake "github:nix-community/home-manager/670d9ecc3e46a6e3265c203c2d136031a3d3548e";
extraModules = [ extraModules = [
(import "${inputs.mobile-nixos}/lib/configuration.nix" {device = "oneplus-fajita";}) (import "${inputs.mobile-nixos}/lib/configuration.nix" { device = "oneplus-fajita"; })
]; ];
secrets = { secrets = {
"deltaflyer-wireguard-private-key" = {}; "deltaflyer-wireguard-private-key" = { };
"chatgpt-token".owner = "ccr"; "chatgpt-token".owner = "ccr";
}; };
}; };
@ -111,12 +110,12 @@
"${inputs.homeManagerGitWorkspace}/modules/services/git-workspace.nix" "${inputs.homeManagerGitWorkspace}/modules/services/git-workspace.nix"
]; ];
secrets = { secrets = {
"kirk-wireguard-private-key" = {}; "kirk-wireguard-private-key" = { };
"chatgpt-token".owner = "ccr"; "chatgpt-token".owner = "ccr";
"cachix-personal-token".owner = "ccr"; "cachix-personal-token".owner = "ccr";
"git-workspace-tokens".owner = "ccr"; "git-workspace-tokens".owner = "ccr";
"autistici-password".owner = "ccr"; "autistici-password".owner = "ccr";
"restic-hetzner-password" = {}; "restic-hetzner-password" = { };
}; };
}; };
@ -137,7 +136,7 @@
inputs.vscode-server.nixosModules.home inputs.vscode-server.nixosModules.home
]; ];
secrets = { secrets = {
"picard-wireguard-private-key" = {}; "picard-wireguard-private-key" = { };
"chatgpt-token".owner = "ccr"; "chatgpt-token".owner = "ccr";
"cachix-personal-token".owner = "ccr"; "cachix-personal-token".owner = "ccr";
"hercules-ci-join-token".owner = "hercules-ci-agent"; "hercules-ci-join-token".owner = "hercules-ci-agent";
@ -145,7 +144,7 @@
"hercules-ci-secrets-json".owner = "hercules-ci-agent"; "hercules-ci-secrets-json".owner = "hercules-ci-agent";
"git-workspace-tokens".owner = "ccr"; "git-workspace-tokens".owner = "ccr";
"autistici-password".owner = "ccr"; "autistici-password".owner = "ccr";
"restic-hetzner-password" = {}; "restic-hetzner-password" = { };
"aws-credentials".owner = "hercules-ci-agent"; "aws-credentials".owner = "hercules-ci-agent";
"forgejo-runners-token".owner = "nixuser"; "forgejo-runners-token".owner = "nixuser";
"forgejo-nix-access-tokens".owner = "nixuser"; "forgejo-nix-access-tokens".owner = "nixuser";
@ -166,7 +165,7 @@
# rock5b.nixosModules.default # rock5b.nixosModules.default
]; ];
secrets = { secrets = {
"sisko-wireguard-private-key" = {}; "sisko-wireguard-private-key" = { };
"hercules-ci-join-token".owner = "hercules-ci-agent"; "hercules-ci-join-token".owner = "hercules-ci-agent";
"hercules-ci-binary-caches".owner = "hercules-ci-agent"; "hercules-ci-binary-caches".owner = "hercules-ci-agent";
"hercules-ci-secrets-json".owner = "hercules-ci-agent"; "hercules-ci-secrets-json".owner = "hercules-ci-agent";
@ -174,8 +173,8 @@
"home-planimetry".owner = "hass"; "home-planimetry".owner = "hass";
"home-assistant-token".owner = "prometheus"; "home-assistant-token".owner = "prometheus";
"grafana-password".owner = "grafana"; "grafana-password".owner = "grafana";
"cloudflare-dyndns-api-token" = {}; "cloudflare-dyndns-api-token" = { };
"restic-hetzner-password" = {}; "restic-hetzner-password" = { };
# "minio-credentials".owner = "minio"; # "minio-credentials".owner = "minio";
# "aws-credentials".owner = "hercules-ci-agent"; # "aws-credentials".owner = "hercules-ci-agent";
"hass-ssh-key".owner = "hass"; "hass-ssh-key".owner = "hass";

53
hosts/deltaflyer/default.nix
View file

@ -3,7 +3,8 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }:
{
imports = imports =
fleetModules [ fleetModules [
"common" "common"
@ -41,7 +42,10 @@
# Networking, modem and misc. # Networking, modem and misc.
{ {
# Ensures any rndis config from stage-1 is not clobbered by NetworkManager # Ensures any rndis config from stage-1 is not clobbered by NetworkManager
networking.networkmanager.unmanaged = ["rndis0" "usb0"]; networking.networkmanager.unmanaged = [
"rndis0"
"usb0"
];
# Setup USB gadget networking in initrd... # Setup USB gadget networking in initrd...
mobile.boot.stage-1.networking.enable = lib.mkDefault true; mobile.boot.stage-1.networking.enable = lib.mkDefault true;
@ -75,13 +79,14 @@
"video" "video"
"wheel" "wheel"
]; ];
backupPaths = []; backupPaths = [ ];
}; };
} }
{ {
system.stateVersion = "24.11"; system.stateVersion = "24.11";
nixpkgs.config.allowUnfreePredicate = pkg: nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [ builtins.elem (lib.getName pkg) [
"oneplus-sdm845-firmware-zstd" "oneplus-sdm845-firmware-zstd"
"oneplus-sdm845-firmware-xz" "oneplus-sdm845-firmware-xz"
@ -106,21 +111,23 @@
bind = $mod, r, exec, rotate-screen hor bind = $mod, r, exec, rotate-screen hor
bind = $mod SHIFT, r, exec, rotate-screen ver bind = $mod SHIFT, r, exec, rotate-screen ver
''; '';
home.packages = let home.packages =
rotateScript = pkgs.writeShellApplication { let
name = "rotate-screen"; rotateScript = pkgs.writeShellApplication {
runtimeInputs = [pkgs.hyprland]; name = "rotate-screen";
text = '' runtimeInputs = [ pkgs.hyprland ];
if [[ "$1" == "hor" ]]; then text = ''
hyprctl keyword monitor DSI-1,1080x2340,0x0,2,transform,1 if [[ "$1" == "hor" ]]; then
hyprctl keyword input:touchdevice:transform 1 hyprctl keyword monitor DSI-1,1080x2340,0x0,2,transform,1
elif [[ "$1" == "ver" ]]; then hyprctl keyword input:touchdevice:transform 1
hyprctl keyword monitor DSI-1,1080x2340,0x0,2,transform,0 elif [[ "$1" == "ver" ]]; then
hyprctl keyword input:touchdevice:transform 0 hyprctl keyword monitor DSI-1,1080x2340,0x0,2,transform,0
fi hyprctl keyword input:touchdevice:transform 0
''; fi
}; '';
in [rotateScript]; };
in
[ rotateScript ];
services.swayidle.enable = lib.mkForce false; services.swayidle.enable = lib.mkForce false;
} }
]; ];
@ -138,7 +145,13 @@
zramSwap.enable = lib.mkDefault true; zramSwap.enable = lib.mkDefault true;
boot.binfmt.emulatedSystems = lib.mkForce ["x86_64-linux" "i686-linux" "i386-linux" "i486-linux" "i586-linux"]; boot.binfmt.emulatedSystems = lib.mkForce [
"x86_64-linux"
"i686-linux"
"i386-linux"
"i486-linux"
"i586-linux"
];
} }
]; ];
} }

5
hosts/deltaflyer/plasma-mobile.nix
View file

@ -2,11 +2,10 @@
# Minimum config used to enable Plasma Mobile. # Minimum config used to enable Plasma Mobile.
# #
{ {
config,
lib, lib,
pkgs,
... ...
}: { }:
{
mobile.beautification = { mobile.beautification = {
silentBoot = lib.mkDefault false; silentBoot = lib.mkDefault false;
splash = lib.mkDefault false; splash = lib.mkDefault false;

27
hosts/devbox/default.nix
View file

@ -4,7 +4,8 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }:
{
imports = imports =
[ [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
@ -42,17 +43,29 @@
}; };
fonts = { fonts = {
fonts = with pkgs; [powerline-fonts dejavu_fonts fira-code fira-code-symbols emacs-all-the-icons-fonts nerdfonts joypixels etBook]; fonts = with pkgs; [
powerline-fonts
dejavu_fonts
fira-code
fira-code-symbols
emacs-all-the-icons-fonts
nerdfonts
joypixels
etBook
];
fontconfig.defaultFonts = { fontconfig.defaultFonts = {
monospace = ["DejaVu Sans Mono for Powerline"]; monospace = [ "DejaVu Sans Mono for Powerline" ];
sansSerif = ["DejaVu Sans"]; sansSerif = [ "DejaVu Sans" ];
serif = ["DejaVu Serif"]; serif = [ "DejaVu Serif" ];
}; };
}; };
nixpkgs.config.joypixels.acceptLicense = true; nixpkgs.config.joypixels.acceptLicense = true;
environment.systemPackages = with pkgs; [waypipe firefox]; environment.systemPackages = with pkgs; [
waypipe
firefox
];
programs.mosh.enable = true; programs.mosh.enable = true;
@ -61,7 +74,7 @@
}; };
boot.loader.grub = { boot.loader.grub = {
devices = ["/dev/sda"]; devices = [ "/dev/sda" ];
efiSupport = true; efiSupport = true;
efiInstallAsRemovable = true; efiInstallAsRemovable = true;
}; };

7
hosts/devbox/disko.nix
View file

@ -1,9 +1,10 @@
# Example to create a bios compatible gpt partition # Example to create a bios compatible gpt partition
{ {
lib, lib,
disks ? ["/dev/sda"], disks ? [ "/dev/sda" ],
... ...
}: { }:
{
disk = lib.genAttrs disks (dev: { disk = lib.genAttrs disks (dev: {
device = dev; device = dev;
type = "disk"; type = "disk";
@ -17,7 +18,7 @@
start = "0"; start = "0";
end = "1M"; end = "1M";
part-type = "primary"; part-type = "primary";
flags = ["bios_grub"]; flags = [ "bios_grub" ];
} }
{ {
type = "partition"; type = "partition";

69
hosts/hs/default.nix
View file

@ -4,7 +4,8 @@
lib, lib,
config, config,
... ...
}: { }:
{
imports = imports =
[ [
./hardware-configuration.nix ./hardware-configuration.nix
@ -21,7 +22,7 @@
"shell" "shell"
"git" "git"
]; ];
packages = []; packages = [ ];
extraGroups = [ extraGroups = [
"wheel" "wheel"
"fuse" "fuse"
@ -31,7 +32,7 @@
systemd.services.standby-sdb = { systemd.services.standby-sdb = {
description = "Set spindown time (sleep) for /dev/sdb "; description = "Set spindown time (sleep) for /dev/sdb ";
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
ExecStart = "${pkgs.hdparm}/bin/hdparm -B 127 -S 241 /dev/sdb"; ExecStart = "${pkgs.hdparm}/bin/hdparm -B 127 -S 241 /dev/sdb";
@ -40,7 +41,7 @@
systemd.services.standby-sdc = { systemd.services.standby-sdc = {
description = "Set spindown time (sleep) for /dev/sdc "; description = "Set spindown time (sleep) for /dev/sdc ";
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
ExecStart = "${pkgs.hdparm}/bin/hdparm -B 127 -S 241 /dev/sdc"; ExecStart = "${pkgs.hdparm}/bin/hdparm -B 127 -S 241 /dev/sdc";
@ -54,7 +55,7 @@
isSystemUser = true; isSystemUser = true;
group = "amule"; group = "amule";
}; };
users.groups."amule" = {}; users.groups."amule" = { };
services = { services = {
samba-wsdd = { samba-wsdd = {
@ -261,33 +262,35 @@
}; };
}; };
systemd.services.ydns = let systemd.services.ydns =
ydnsUpdater = pkgs.writeScriptBin "ydnsUpdater" '' let
USER="andrea.ciceri@autistici.org" ydnsUpdater = pkgs.writeScriptBin "ydnsUpdater" ''
PASSWORD=$(cat /home/ccr/.ydns-password) USER="andrea.ciceri@autistici.org"
DOMAIN="ccr.ydns.eu" PASSWORD=$(cat /home/ccr/.ydns-password)
for SUBDOMAIN in "books" "music" "sync" "torrent" "gate" DOMAIN="ccr.ydns.eu"
do for SUBDOMAIN in "books" "music" "sync" "torrent" "gate"
HOST="$SUBDOMAIN.$DOMAIN" do
${pkgs.curl}/bin/curl --basic -u "$USER:$PASSWORD" --silent https://ydns.io/api/v1/update/?host=$HOST HOST="$SUBDOMAIN.$DOMAIN"
done ${pkgs.curl}/bin/curl --basic -u "$USER:$PASSWORD" --silent https://ydns.io/api/v1/update/?host=$HOST
${pkgs.curl}/bin/curl --basic -u "$USER:$PASSWORD" --silent https://ydns.io/api/v1/update/?host=$DOMAIN done
''; ${pkgs.curl}/bin/curl --basic -u "$USER:$PASSWORD" --silent https://ydns.io/api/v1/update/?host=$DOMAIN
in { '';
description = "YDNS IP updater"; in
wantedBy = ["multi-user.target"]; {
after = ["network.target"]; description = "YDNS IP updater";
serviceConfig = { wantedBy = [ "multi-user.target" ];
User = "root"; after = [ "network.target" ];
Type = "oneshot"; serviceConfig = {
ExecStart = "${pkgs.bash}/bin/bash ${ydnsUpdater}/bin/ydnsUpdater"; User = "root";
Type = "oneshot";
ExecStart = "${pkgs.bash}/bin/bash ${ydnsUpdater}/bin/ydnsUpdater";
};
}; };
};
systemd.services.wstunnel = { systemd.services.wstunnel = {
description = "WSTunnel"; description = "WSTunnel";
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
after = ["network.target"]; after = [ "network.target" ];
serviceConfig = { serviceConfig = {
User = "root"; User = "root";
Type = "oneshot"; Type = "oneshot";
@ -297,8 +300,8 @@
# TODO It seems to not work # TODO It seems to not work
systemd.timers.ydnsUpdater = { systemd.timers.ydnsUpdater = {
wantedBy = ["timers.target"]; wantedBy = [ "timers.target" ];
partOf = ["ydnsUpdater.service"]; partOf = [ "ydnsUpdater.service" ];
timerConfig = { timerConfig = {
OnCalendar = "*-*-* *:00:00"; # hourly OnCalendar = "*-*-* *:00:00"; # hourly
Unit = "ydnsUpdater.service"; Unit = "ydnsUpdater.service";
@ -330,13 +333,13 @@
networking.nat.enable = true; networking.nat.enable = true;
networking.nat.externalInterface = "enp0s10"; networking.nat.externalInterface = "enp0s10";
networking.nat.internalInterfaces = ["wg0"]; networking.nat.internalInterfaces = [ "wg0" ];
networking.wireguard.interfaces = { networking.wireguard.interfaces = {
# "wg0" is the network interface name. You can name the interface arbitrarily. # "wg0" is the network interface name. You can name the interface arbitrarily.
wg0 = { wg0 = {
# Determines the IP address and subnet of the server's end of the tunnel interface. # Determines the IP address and subnet of the server's end of the tunnel interface.
ips = ["10.100.0.1/24"]; ips = [ "10.100.0.1/24" ];
# The port that WireGuard listens to. Must be accessible by the client. # The port that WireGuard listens to. Must be accessible by the client.
listenPort = 51820; listenPort = 51820;
@ -366,7 +369,7 @@
# Public key of the peer (not a file path). # Public key of the peer (not a file path).
publicKey = "fCwjd75CefC9A7WqO7s3xfOk2nRcoTKfnAzDT6Lc5AA="; publicKey = "fCwjd75CefC9A7WqO7s3xfOk2nRcoTKfnAzDT6Lc5AA=";
# List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing.
allowedIPs = ["10.100.0.2/32"]; allowedIPs = [ "10.100.0.2/32" ];
} }
]; ];
}; };

14
hosts/hs/hardware-configuration.nix
View file

@ -1,6 +1,14 @@
{lib, ...}: { { lib, ... }:
{
boot = { boot = {
initrd.availableKernelModules = ["ohci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"]; initrd.availableKernelModules = [
"ohci_pci"
"ehci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
loader.grub = lib.mkForce { loader.grub = lib.mkForce {
enable = true; enable = true;
version = 2; version = 2;
@ -23,5 +31,5 @@
}; };
}; };
swapDevices = [{device = "/dev/disk/by-label/swap";}]; swapDevices = [ { device = "/dev/disk/by-label/swap"; } ];
} }

99
hosts/janeway/default.nix
View file

@ -1,14 +1,15 @@
{ {
config, config,
lib,
pkgs, pkgs,
fleetFlake, fleetFlake,
... ...
}: let }:
let
sshdTmpDirectory = "${config.user.home}/sshd-tmp"; sshdTmpDirectory = "${config.user.home}/sshd-tmp";
sshdDirectory = "${config.user.home}/sshd"; sshdDirectory = "${config.user.home}/sshd";
port = 8022; port = 8022;
in { in
{
# Backup etc files instead of failing to activate generation if a file already exists in /etc # Backup etc files instead of failing to activate generation if a file already exists in /etc
environment.etcBackupExtension = ".bak"; environment.etcBackupExtension = ".bak";
@ -23,54 +24,60 @@ in {
# Set your time zone # Set your time zone
time.timeZone = "Europe/Rome"; time.timeZone = "Europe/Rome";
home-manager.config = {pkgs, ...}: { home-manager.config =
home.stateVersion = "24.05"; { ... }:
_module.args = { {
hostname = "janeway"; home.stateVersion = "24.05";
age.secrets = {}; _module.args = {
hostname = "janeway";
age.secrets = { };
};
imports = [ ../../hmModules/shell ];
}; };
imports = [../../hmModules/shell];
};
build.activation.sshd = let build.activation.sshd =
keys = (builtins.import ../../lib).keys; let
inherit (keys) hosts users; keys = (builtins.import ../../lib).keys;
in '' inherit (keys) hosts users;
$DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh" in
$DRY_RUN_CMD echo ${hosts.picard} > "${config.user.home}/.ssh/authorized_keys" ''
$DRY_RUN_CMD echo ${hosts.sisko} >> "${config.user.home}/.ssh/authorized_keys" $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh"
$DRY_RUN_CMD echo ${hosts.kirk} >> "${config.user.home}/.ssh/authorized_keys" $DRY_RUN_CMD echo ${hosts.picard} > "${config.user.home}/.ssh/authorized_keys"
$DRY_RUN_CMD echo ${users.ccr-ssh} >> "${config.user.home}/.ssh/authorized_keys" $DRY_RUN_CMD echo ${hosts.sisko} >> "${config.user.home}/.ssh/authorized_keys"
$DRY_RUN_CMD echo ${users.ccr-gpg} >> "${config.user.home}/.ssh/authorized_keys" $DRY_RUN_CMD echo ${hosts.kirk} >> "${config.user.home}/.ssh/authorized_keys"
$DRY_RUN_CMD echo ${users.ccr-ssh} >> "${config.user.home}/.ssh/authorized_keys"
$DRY_RUN_CMD echo ${users.ccr-gpg} >> "${config.user.home}/.ssh/authorized_keys"
if [[ ! -d "${sshdDirectory}" ]]; then if [[ ! -d "${sshdDirectory}" ]]; then
$DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}" $DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}"
$DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${sshdTmpDirectory}" $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${sshdTmpDirectory}"
$VERBOSE_ECHO "Generating host keys..." $VERBOSE_ECHO "Generating host keys..."
$DRY_RUN_CMD ${pkgs.openssh}/bin/ssh-keygen -t rsa -b 4096 -f "${sshdTmpDirectory}/ssh_host_rsa_key" -N "" $DRY_RUN_CMD ${pkgs.openssh}/bin/ssh-keygen -t rsa -b 4096 -f "${sshdTmpDirectory}/ssh_host_rsa_key" -N ""
$VERBOSE_ECHO "Writing sshd_config..." $VERBOSE_ECHO "Writing sshd_config..."
$DRY_RUN_CMD echo -e "HostKey ${sshdDirectory}/ssh_host_rsa_key\nPort ${toString port}\n" > "${sshdTmpDirectory}/sshd_config" $DRY_RUN_CMD echo -e "HostKey ${sshdDirectory}/ssh_host_rsa_key\nPort ${toString port}\n" > "${sshdTmpDirectory}/sshd_config"
$DRY_RUN_CMD mv $VERBOSE_ARG "${sshdTmpDirectory}" "${sshdDirectory}" $DRY_RUN_CMD mv $VERBOSE_ARG "${sshdTmpDirectory}" "${sshdDirectory}"
fi fi
''; '';
environment.packages = let environment.packages =
inherit (fleetFlake.inputs.ccrEmacs.packages.aarch64-linux) ccrEmacs; let
in [ inherit (fleetFlake.inputs.ccrEmacs.packages.aarch64-linux) ccrEmacs;
pkgs.bottom in
pkgs.helix [
pkgs.stress pkgs.bottom
pkgs.openssh pkgs.helix
pkgs.git pkgs.stress
pkgs.btop pkgs.openssh
ccrEmacs pkgs.git
(pkgs.writeScriptBin "sshd-start" '' pkgs.btop
#!${pkgs.runtimeShell} ccrEmacs
echo "Starting sshd in non-daemonized way on port ${toString port}" (pkgs.writeScriptBin "sshd-start" ''
${pkgs.openssh}/bin/sshd -f "${sshdDirectory}/sshd_config" -D #!${pkgs.runtimeShell}
'') echo "Starting sshd in non-daemonized way on port ${toString port}"
]; ${pkgs.openssh}/bin/sshd -f "${sshdDirectory}/sshd_config" -D
'')
];
} }

10
hosts/kirk/default.nix
View file

@ -1,10 +1,10 @@
{ {
fleetModules, fleetModules,
lib, lib,
pkgs,
config, config,
... ...
}: { }:
{
imports = imports =
fleetModules [ fleetModules [
"common" "common"
@ -67,11 +67,11 @@
"zulip" "zulip"
"calibre" "calibre"
]; ];
extraGroups = []; extraGroups = [ ];
backupPaths = []; backupPaths = [ ];
}; };
boot.initrd.kernelModules = ["i915"]; boot.initrd.kernelModules = [ "i915" ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [
"nvme" "nvme"
"xhci_pci" "xhci_pci"

520
hosts/module.nix
View file

@ -8,107 +8,208 @@
config, config,
inputs, inputs,
... ...
} @ flakePartsArgs: let }:
let
cfg = config.fleet; cfg = config.fleet;
in { in
{
options.fleet = { options.fleet = {
darwinHosts = lib.mkOption { darwinHosts = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: { type = lib.types.attrsOf (
options = { lib.types.submodule (
name = lib.mkOption { { name, ... }:
description = "Host name"; {
type = lib.types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$"; options = {
default = name; name = lib.mkOption {
}; description = "Host name";
system = lib.mkOption { type = lib.types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$";
description = "NixOS architecture (a.k.a. system)"; default = name;
type = lib.types.str; };
default = "x86_64-darwin"; system = lib.mkOption {
}; description = "NixOS architecture (a.k.a. system)";
nixpkgs = lib.mkOption { type = lib.types.str;
description = "Used nixpkgs"; default = "x86_64-darwin";
type = lib.types.anything; };
default = inputs.nixpkgs; nixpkgs = lib.mkOption {
}; description = "Used nixpkgs";
extraModules = lib.mkOption { type = lib.types.anything;
description = "Extra NixOS modules"; default = inputs.nixpkgs;
type = lib.types.listOf lib.types.deferredModule; };
default = []; extraModules = lib.mkOption {
}; description = "Extra NixOS modules";
overlays = lib.mkOption { type = lib.types.listOf lib.types.deferredModule;
description = "Enabled Nixpkgs overlays"; default = [ ];
type = lib.types.listOf (lib.mkOptionType { };
name = "nixpkgs-overlay"; overlays = lib.mkOption {
description = "nixpkgs overlay"; description = "Enabled Nixpkgs overlays";
check = lib.isFunction; type = lib.types.listOf (
merge = lib.mergeOneOption; lib.mkOptionType {
}); name = "nixpkgs-overlay";
default = []; description = "nixpkgs overlay";
}; check = lib.isFunction;
}; merge = lib.mergeOneOption;
})); }
);
default = [ ];
};
};
}
)
);
}; };
nixOnDroidHosts = lib.mkOption { nixOnDroidHosts = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: { type = lib.types.attrsOf (
options = { lib.types.submodule (
name = lib.mkOption { { name, ... }:
description = "Host name"; {
type = lib.types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$"; options = {
default = name; name = lib.mkOption {
}; description = "Host name";
system = lib.mkOption { type = lib.types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$";
description = "NixOS architecture (a.k.a. system)"; default = name;
type = lib.types.str; };
default = "aarch64-linux"; system = lib.mkOption {
}; description = "NixOS architecture (a.k.a. system)";
nixpkgs = lib.mkOption { type = lib.types.str;
description = "Used nixpkgs"; default = "aarch64-linux";
type = lib.types.anything; };
default = inputs.nixpkgs; nixpkgs = lib.mkOption {
}; description = "Used nixpkgs";
extraModules = lib.mkOption { type = lib.types.anything;
description = "Extra NixOS modules"; default = inputs.nixpkgs;
type = lib.types.listOf lib.types.deferredModule; };
default = []; extraModules = lib.mkOption {
}; description = "Extra NixOS modules";
overlays = lib.mkOption { type = lib.types.listOf lib.types.deferredModule;
description = "Enabled Nixpkgs overlays"; default = [ ];
type = lib.types.listOf (lib.mkOptionType { };
name = "nixpkgs-overlay"; overlays = lib.mkOption {
description = "nixpkgs overlay"; description = "Enabled Nixpkgs overlays";
check = lib.isFunction; type = lib.types.listOf (
merge = lib.mergeOneOption; lib.mkOptionType {
}); name = "nixpkgs-overlay";
default = []; description = "nixpkgs overlay";
}; check = lib.isFunction;
}; merge = lib.mergeOneOption;
})); }
);
default = [ ];
};
};
}
)
);
}; };
hosts = lib.mkOption { hosts = lib.mkOption {
description = "Host configuration"; description = "Host configuration";
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: { type = lib.types.attrsOf (
options = { lib.types.submodule (
name = lib.mkOption { { name, ... }:
description = "Host name"; {
type = lib.types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$"; options = {
default = name; name = lib.mkOption {
}; description = "Host name";
system = lib.mkOption { type = lib.types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$";
description = "NixOS architecture (a.k.a. system)"; default = name;
type = lib.types.str; };
default = "x86_64-linux"; system = lib.mkOption {
}; description = "NixOS architecture (a.k.a. system)";
nixpkgs = lib.mkOption { type = lib.types.str;
description = "Used nixpkgs"; default = "x86_64-linux";
type = lib.types.anything; };
default = inputs.nixpkgs; nixpkgs = lib.mkOption {
}; description = "Used nixpkgs";
homeManager = lib.mkOption { type = lib.types.anything;
description = "Used home-manager"; default = inputs.nixpkgs;
type = lib.types.anything; };
default = inputs.homeManager; homeManager = lib.mkOption {
}; description = "Used home-manager";
vpn = { type = lib.types.anything;
default = inputs.homeManager;
};
vpn = {
ip = lib.mkOption {
description = "Wireguard VPN ip";
type = lib.types.str;
};
publicKey = lib.mkOption {
description = "Wireguard public key";
type = lib.types.str;
};
};
secrets = lib.mkOption {
description = "List of secrets names in the `secrets` folder";
type = lib.types.attrsOf (
lib.types.submodule (
{ name, ... }:
{
options = {
owner = lib.mkOption {
type = lib.types.str;
default = "root";
};
group = lib.mkOption {
type = lib.types.str;
default = "root";
};
file = lib.mkOption {
type = lib.types.path;
default = "${self.outPath}/secrets/${name}.age";
};
mode = lib.mkOption {
# TODO improve type
type = lib.types.str;
default = "0440";
};
};
}
)
);
default = { };
};
enableHomeManager = lib.mkOption {
description = "Enable home-manager module";
type = lib.types.bool;
default = true;
};
overlays = lib.mkOption {
description = "Enabled Nixpkgs overlays";
type = lib.types.listOf (
lib.mkOptionType {
name = "nixpkgs-overlay";
description = "nixpkgs overlay";
check = lib.isFunction;
merge = lib.mergeOneOption;
}
);
default = [ ];
};
extraModules = lib.mkOption {
description = "Extra NixOS modules";
type = lib.types.listOf lib.types.deferredModule;
default = [ ];
};
extraHmModules = lib.mkOption {
description = "Extra home-manager modules";
type = lib.types.listOf lib.types.deferredModule;
default = [ ];
};
extraHmModulesUser = lib.mkOption {
description = "User for which to import extraHmModulesUser";
type = lib.types.str;
default = "ccr";
};
};
config.overlays = with inputs; cfg.overlays;
}
)
);
default = { };
};
vpnExtra = lib.mkOption {
type = lib.types.attrsOf (
lib.types.submodule {
options = {
ip = lib.mkOption { ip = lib.mkOption {
description = "Wireguard VPN ip"; description = "Wireguard VPN ip";
type = lib.types.str; type = lib.types.str;
@ -118,138 +219,81 @@ in {
type = lib.types.str; type = lib.types.str;
}; };
}; };
secrets = lib.mkOption { }
description = "List of secrets names in the `secrets` folder"; );
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: { default = { };
options = {
owner = lib.mkOption {
type = lib.types.str;
default = "root";
};
group = lib.mkOption {
type = lib.types.str;
default = "root";
};
file = lib.mkOption {
type = lib.types.path;
default = "${self.outPath}/secrets/${name}.age";
};
mode = lib.mkOption {
# TODO improve type
type = lib.types.str;
default = "0440";
};
};
}));
default = {};
};
enableHomeManager = lib.mkOption {
description = "Enable home-manager module";
type = lib.types.bool;
default = true;
};
overlays = lib.mkOption {
description = "Enabled Nixpkgs overlays";
type = lib.types.listOf (lib.mkOptionType {
name = "nixpkgs-overlay";
description = "nixpkgs overlay";
check = lib.isFunction;
merge = lib.mergeOneOption;
});
default = [];
};
extraModules = lib.mkOption {
description = "Extra NixOS modules";
type = lib.types.listOf lib.types.deferredModule;
default = [];
};
extraHmModules = lib.mkOption {
description = "Extra home-manager modules";
type = lib.types.listOf lib.types.deferredModule;
default = [];
};
extraHmModulesUser = lib.mkOption {
description = "User for which to import extraHmModulesUser";
type = lib.types.str;
default = "ccr";
};
};
config.overlays = with inputs; cfg.overlays;
}));
default = {};
};
vpnExtra = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule {
options = {
ip = lib.mkOption {
description = "Wireguard VPN ip";
type = lib.types.str;
};
publicKey = lib.mkOption {
description = "Wireguard public key";
type = lib.types.str;
};
};
});
default = {};
}; };
_mkNixosConfiguration = lib.mkOption { _mkNixosConfiguration = lib.mkOption {
description = "Function returning a proper NixOS configuration"; description = "Function returning a proper NixOS configuration";
type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type
internal = true; internal = true;
default = hostname: config: default =
hostname: config:
config.nixpkgs.lib.nixosSystem { config.nixpkgs.lib.nixosSystem {
inherit (config) system; inherit (config) system;
modules = modules =
[ [
({lib, ...}: { (
networking.hostName = lib.mkForce hostname; { lib, ... }:
nixpkgs.overlays = config.overlays; {
}) networking.hostName = lib.mkForce hostname;
nixpkgs.overlays = config.overlays;
}
)
"${self.outPath}/hosts/${hostname}" "${self.outPath}/hosts/${hostname}"
] ]
++ (lib.optionals (config.secrets != []) [ ++ (lib.optionals (config.secrets != [ ]) [
inputs.agenix.nixosModules.default inputs.agenix.nixosModules.default
({lib, ...}: let (
allSecrets = lib.mapAttrs' (name: value: { { lib, ... }:
name = lib.removeSuffix ".age" name; let
inherit value; allSecrets = lib.mapAttrs' (name: value: {
}) (import "${self.outPath}/secrets/secrets.nix"); name = lib.removeSuffix ".age" name;
filteredSecrets = inherit value;
lib.filterAttrs }) (import "${self.outPath}/secrets/secrets.nix");
(name: _: builtins.hasAttr name config.secrets) filteredSecrets = lib.filterAttrs (name: _: builtins.hasAttr name config.secrets) allSecrets;
allSecrets; in
in { {
age.secrets = age.secrets = lib.mapAttrs' (name: _: {
lib.mapAttrs' (name: _: {
name = builtins.baseNameOf name; name = builtins.baseNameOf name;
value = { value = {
inherit (config.secrets.${name}) owner group file mode; inherit (config.secrets.${name})
owner
group
file
mode
;
}; };
}) }) filteredSecrets;
filteredSecrets; }
}) )
]) ])
++ (lib.optionals config.enableHomeManager (let ++ (lib.optionals config.enableHomeManager (
user = config.extraHmModulesUser; let
extraHmModules = config.extraHmModules; user = config.extraHmModulesUser;
in [ extraHmModules = config.extraHmModules;
config.homeManager.nixosModule in
({ [
config, config.homeManager.nixosModule
pkgs, (
... {
}: { config,
home-manager.users."${user}" = { pkgs,
imports = extraHmModules; ...
_module.args = { }:
age = config.age or {}; {
fleetFlake = self; home-manager.users."${user}" = {
pkgsStable = inputs.nixpkgsStable.legacyPackages.${pkgs.system}; imports = extraHmModules;
}; _module.args = {
}; age = config.age or { };
}) fleetFlake = self;
])) pkgsStable = inputs.nixpkgsStable.legacyPackages.${pkgs.system};
};
};
}
)
]
))
++ config.extraModules; ++ config.extraModules;
specialArgs = { specialArgs = {
fleetModules = builtins.map (moduleName: "${self.outPath}/modules/${moduleName}"); fleetModules = builtins.map (moduleName: "${self.outPath}/modules/${moduleName}");
@ -263,18 +307,21 @@ in {
description = "Function returning a proper Darwin configuration"; description = "Function returning a proper Darwin configuration";
type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type
internal = true; internal = true;
default = hostname: config: default =
hostname: config:
inputs.nixDarwin.lib.darwinSystem { inputs.nixDarwin.lib.darwinSystem {
modules = [ modules = [
({ (
lib, {
pkgs, lib,
... ...
}: { }:
networking.hostName = lib.mkForce hostname; {
nixpkgs.overlays = config.overlays; networking.hostName = lib.mkForce hostname;
nixpkgs.hostPlatform = config.system; nixpkgs.overlays = config.overlays;
}) nixpkgs.hostPlatform = config.system;
}
)
"${self.outPath}/hosts/${hostname}" "${self.outPath}/hosts/${hostname}"
]; ];
}; };
@ -284,18 +331,20 @@ in {
description = "Function returning a proper nix-on-droid configuration"; description = "Function returning a proper nix-on-droid configuration";
type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type
internal = true; internal = true;
default = hostname: config: default =
hostname: config:
inputs.nix-on-droid.lib.nixOnDroidConfiguration { inputs.nix-on-droid.lib.nixOnDroidConfiguration {
pkgs = inputs.nixpkgs.legacyPackages.aarch64-linux; pkgs = inputs.nixpkgs.legacyPackages.aarch64-linux;
modules = [ modules = [
({ (
lib, {
pkgs, ...
... }:
}: { {
nixpkgs.overlays = config.overlays; nixpkgs.overlays = config.overlays;
_module.args.fleetFlake = self; _module.args.fleetFlake = self;
}) }
)
"${self.outPath}/hosts/${hostname}" "${self.outPath}/hosts/${hostname}"
]; ];
}; };
@ -303,19 +352,10 @@ in {
}; };
config = { config = {
flake.nixosConfigurations = flake.nixosConfigurations = lib.mapAttrs config.fleet._mkNixosConfiguration config.fleet.hosts;
lib.mapAttrs
config.fleet._mkNixosConfiguration
config.fleet.hosts;
flake.darwinConfigurations = flake.darwinConfigurations = lib.mapAttrs config.fleet._mkDarwinConfiguration config.fleet.darwinHosts;
lib.mapAttrs
config.fleet._mkDarwinConfiguration
config.fleet.darwinHosts;
flake.nixOnDroidConfigurations = flake.nixOnDroidConfigurations = lib.mapAttrs config.fleet._mkNixOnDroidConfiguration config.fleet.nixOnDroidHosts;
lib.mapAttrs
config.fleet._mkNixOnDroidConfiguration
config.fleet.nixOnDroidHosts;
}; };
} }

35
hosts/mothership/default.nix
View file

@ -5,7 +5,8 @@
pkgs, pkgs,
config, config,
... ...
}: { }:
{
imports = fleetModules [ imports = fleetModules [
"common" "common"
"wireguard-server" "wireguard-server"
@ -57,11 +58,20 @@
}; };
fonts = { fonts = {
fonts = with pkgs; [powerline-fonts dejavu_fonts fira-code fira-code-symbols emacs-all-the-icons-fonts nerdfonts joypixels etBook]; fonts = with pkgs; [
powerline-fonts
dejavu_fonts
fira-code
fira-code-symbols
emacs-all-the-icons-fonts
nerdfonts
joypixels
etBook
];
fontconfig.defaultFonts = { fontconfig.defaultFonts = {
monospace = ["DejaVu Sans Mono for Powerline"]; monospace = [ "DejaVu Sans Mono for Powerline" ];
sansSerif = ["DejaVu Sans"]; sansSerif = [ "DejaVu Sans" ];
serif = ["DejaVu Serif"]; serif = [ "DejaVu Serif" ];
}; };
}; };
@ -69,16 +79,21 @@
nixpkgs.config.joypixels.acceptLicense = true; nixpkgs.config.joypixels.acceptLicense = true;
environment.systemPackages = with pkgs; [waypipe]; environment.systemPackages = with pkgs; [ waypipe ];
programs.dconf.enable = true; programs.dconf.enable = true;
programs.mosh.enable = true; programs.mosh.enable = true;
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid"]; boot.initrd.availableKernelModules = [
boot.initrd.kernelModules = []; "xhci_pci"
boot.kernelModules = ["kvm-intel"]; "ahci"
boot.extraModulePackages = []; "nvme"
"usbhid"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot = { boot.loader.systemd-boot = {

9
hosts/mothership/disko.nix
View file

@ -1,8 +1,11 @@
{ {
lib, disks ? [
disks ? ["/dev/nvme0n1" "/dev/nvme1n1"], "/dev/nvme0n1"
"/dev/nvme1n1"
],
... ...
}: { }:
{
disk = { disk = {
x = { x = {
type = "disk"; type = "disk";

6
hosts/oneplus5t/default.nix
View file

@ -1,9 +1,7 @@
{ {
config,
lib,
pkgs,
... ...
}: { }:
{
signing.enable = true; signing.enable = true;
# apps.prebuilt = { # apps.prebuilt = {

3
hosts/pbp/default.nix
View file

@ -3,7 +3,8 @@
pkgs, pkgs,
lib, lib,
... ...
}: { }:
{
imports = imports =
[ [
./hardware-configuration.nix ./hardware-configuration.nix

7
hosts/pbp/hardware-configuration.nix
View file

@ -3,11 +3,12 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }:
disko.devices = import ./disko.nix {}; {
disko.devices = import ./disko.nix { };
boot = { boot = {
initrd.availableKernelModules = ["usbhid"]; initrd.availableKernelModules = [ "usbhid" ];
extraModulePackages = with config.boot.kernelPackages; [ extraModulePackages = with config.boot.kernelPackages; [
v4l2loopback v4l2loopback
]; ];

15
hosts/picard/default.nix
View file

@ -4,7 +4,8 @@
config, config,
pkgs, pkgs,
... ...
}: { }:
{
imports = imports =
fleetModules [ fleetModules [
"common" "common"
@ -85,12 +86,12 @@
"reinstall-magisk-on-lineage" "reinstall-magisk-on-lineage"
"vscode-server" "vscode-server"
]; ];
extraGroups = []; extraGroups = [ ];
backupPaths = []; backupPaths = [ ];
}; };
boot.kernelParams = ["ip=dhcp"]; boot.kernelParams = [ "ip=dhcp" ];
boot.initrd.kernelModules = ["amdgpu"]; boot.initrd.kernelModules = [ "amdgpu" ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [
"nvme" "nvme"
"xhci_pci" "xhci_pci"
@ -108,7 +109,7 @@
# https://github.com/NixOS/nixpkgs/issues/328909 # https://github.com/NixOS/nixpkgs/issues/328909
boot.extraModulePackages = [ boot.extraModulePackages = [
(config.boot.kernelPackages.ddcci-driver.overrideAttrs (old: { (config.boot.kernelPackages.ddcci-driver.overrideAttrs (old: {
patches = []; patches = [ ];
src = pkgs.fetchFromGitLab { src = pkgs.fetchFromGitLab {
owner = "${old.pname}-linux"; owner = "${old.pname}-linux";
repo = "${old.pname}-linux"; repo = "${old.pname}-linux";
@ -154,6 +155,6 @@
# TODO move away from here (how can the interface name be retrieved programmatically?) # TODO move away from here (how can the interface name be retrieved programmatically?)
networking.interfaces.enp11s0.wakeOnLan = { networking.interfaces.enp11s0.wakeOnLan = {
enable = true; enable = true;
policy = ["magic"]; policy = [ "magic" ];
}; };
} }

8
hosts/sisko/default.nix
View file

@ -1,10 +1,10 @@
{ {
fleetModules, fleetModules,
pkgs, pkgs,
fleetFlake,
config, config,
... ...
}: { }:
{
imports = imports =
fleetModules [ fleetModules [
"common" "common"
@ -71,7 +71,7 @@
nixpkgs.hostPlatform = "aarch64-linux"; nixpkgs.hostPlatform = "aarch64-linux";
swapDevices = []; swapDevices = [ ];
boot.loader = { boot.loader = {
systemd-boot.enable = true; systemd-boot.enable = true;
@ -128,7 +128,7 @@
fileSystems."/mnt/hd" = { fileSystems."/mnt/hd" = {
device = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU-part1"; device = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU-part1";
fsType = "ext4"; fsType = "ext4";
options = ["nofail"]; options = [ "nofail" ];
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

17
hosts/sisko/disko.nix
View file

@ -1,15 +1,18 @@
let let
emmc = "/dev/disk/by-id/mmc-SLD64G_0xf6be3ba0";
ssd = "/dev/disk/by-id/ata-CT240BX300SSD1_1739E1042F3C"; ssd = "/dev/disk/by-id/ata-CT240BX300SSD1_1739E1042F3C";
# hd1 = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550"; in
# hd2 = "/dev/disk/by-id/ata-WDC_WD10EADX-22TDHB0_WD-WCAV5V359530"; # hd1 = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550";
hd = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550-part1"; # hd2 = "/dev/disk/by-id/ata-WDC_WD10EADX-22TDHB0_WD-WCAV5V359530";
# old_hd = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU"; # old_hd = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU";
in { {
disko.devices = { disko.devices = {
nodev."/" = { nodev."/" = {
fsType = "tmpfs"; fsType = "tmpfs";
mountOptions = ["size=1024M" "defaults" "mode=755"]; mountOptions = [
"size=1024M"
"defaults"
"mode=755"
];
}; };
disk = { disk = {
ssd = { ssd = {

6
hosts/test/default.nix
View file

@ -1,10 +1,8 @@
{ {
fleetModules, fleetModules,
lib,
config,
pkgs,
... ...
}: { }:
{
imports = imports =
fleetModules [ fleetModules [
"common" "common"

25
hosts/thinkpad/default.nix
View file

@ -1,10 +1,10 @@
{ {
config, config,
lib,
pkgs, pkgs,
fleetModules, fleetModules,
... ...
}: { }:
{
imports = imports =
[ [
./zfs.nix ./zfs.nix
@ -97,10 +97,15 @@
]; ];
}; };
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [
boot.initrd.kernelModules = []; "xhci_pci"
boot.kernelModules = ["kvm-intel"]; "nvme"
boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback]; "usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
# boot.kernelPackages = pkgs.linuxPackages_zen; # boot.kernelPackages = pkgs.linuxPackages_zen;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -126,8 +131,8 @@
useXkbConfig = true; # use xkbOptions in tty. useXkbConfig = true; # use xkbOptions in tty.
}; };
services.joycond.enable = true; #FIXME not here services.joycond.enable = true; # FIXME not here
services.udev.packages = [pkgs.joycond]; services.udev.packages = [ pkgs.joycond ];
# Enable the X11 windowing system. # Enable the X11 windowing system.
# services.xserver.enable = true; # services.xserver.enable = true;
@ -183,7 +188,7 @@
# services.openssh.enable = true; # services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
networking.firewall.allowedTCPPorts = [8000]; networking.firewall.allowedTCPPorts = [ 8000 ];
# networking.firewall.allowedUDPPorts = [ 5000 ]; # networking.firewall.allowedUDPPorts = [ 5000 ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
@ -214,7 +219,7 @@
]; ];
}; };
users.groups.input.members = ["ccr"]; users.groups.input.members = [ "ccr" ];
services.udev.extraRules = '' services.udev.extraRules = ''
Sunshine Sunshine
KERNEL=="uinput", GROUP="input", MODE="0660", OPTIONS+="static_node=uinput" KERNEL=="uinput", GROUP="input", MODE="0660", OPTIONS+="static_node=uinput"

44
hosts/thinkpad/hardware-configuration.nix
View file

@ -4,47 +4,67 @@
{ {
config, config,
lib, lib,
pkgs,
modulesPath, modulesPath,
... ...
}: { }:
{
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [
boot.initrd.kernelModules = []; "xhci_pci"
boot.kernelModules = ["uinput"]; "nvme"
boot.extraModulePackages = []; "usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "uinput" ];
boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "rpool/nixos/root"; device = "rpool/nixos/root";
fsType = "zfs"; fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"]; options = [
"zfsutil"
"X-mount.mkdir"
];
}; };
fileSystems."/home" = { fileSystems."/home" = {
device = "rpool/nixos/home"; device = "rpool/nixos/home";
fsType = "zfs"; fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"]; options = [
"zfsutil"
"X-mount.mkdir"
];
}; };
fileSystems."/var/lib" = { fileSystems."/var/lib" = {
device = "rpool/nixos/var/lib"; device = "rpool/nixos/var/lib";
fsType = "zfs"; fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"]; options = [
"zfsutil"
"X-mount.mkdir"
];
}; };
fileSystems."/var/log" = { fileSystems."/var/log" = {
device = "rpool/nixos/var/log"; device = "rpool/nixos/var/log";
fsType = "zfs"; fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"]; options = [
"zfsutil"
"X-mount.mkdir"
];
}; };
fileSystems."/boot" = { fileSystems."/boot" = {
device = "bpool/nixos/root"; device = "bpool/nixos/root";
fsType = "zfs"; fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"]; options = [
"zfsutil"
"X-mount.mkdir"
];
}; };
fileSystems."/boot/efis/nvme-INTEL_SSDPEKKF010T8L_PHHP938405741P0D-part1" = { fileSystems."/boot/efis/nvme-INTEL_SSDPEKKF010T8L_PHHP938405741P0D-part1" = {
@ -64,7 +84,7 @@
# }; # };
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-label/swap";} { device = "/dev/disk/by-label/swap"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

8
hosts/thinkpad/zfs.nix
View file

@ -1,10 +1,10 @@
{ {
config,
pkgs, pkgs,
lib, lib,
... ...
}: { }:
boot.supportedFilesystems = ["zfs"]; {
boot.supportedFilesystems = [ "zfs" ];
networking.hostId = "adf0b5e7"; networking.hostId = "adf0b5e7";
boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.efi.canTouchEfiVariables = false; boot.loader.efi.canTouchEfiVariables = false;
@ -23,7 +23,7 @@
mount /boot/efi mount /boot/efi
''; '';
boot.loader.grub.extraInstallCommands = '' boot.loader.grub.extraInstallCommands = ''
export PATH=$PATH:${lib.makeBinPath [pkgs.coreutils]} export PATH=$PATH:${lib.makeBinPath [ pkgs.coreutils ]}
ESP_MIRROR=$(mktemp -d) ESP_MIRROR=$(mktemp -d)
cp -r /boot/efi/EFI $ESP_MIRROR cp -r /boot/efi/EFI $ESP_MIRROR
for i in /boot/efis/*; do for i in /boot/efis/*; do

2
modules/adb/default.nix
View file

@ -1,4 +1,4 @@
{ {
programs.adb.enable = true; programs.adb.enable = true;
ccr.extraGroups = ["adbusers"]; ccr.extraGroups = [ "adbusers" ];
} }

7
modules/adguard-home/default.nix
View file

@ -6,6 +6,9 @@
openFirewall = true; openFirewall = true;
}; };
}; };
networking.firewall.allowedTCPPorts = [3000 53]; networking.firewall.allowedTCPPorts = [
networking.firewall.allowedUDPPorts = [53]; 3000
53
];
networking.firewall.allowedUDPPorts = [ 53 ];
} }

3
modules/atuin/default.nix
View file

@ -1,4 +1,5 @@
{config, ...}: { { config, ... }:
{
services.atuin = { services.atuin = {
enable = true; enable = true;
openFirewall = false; # use only in the VPN openFirewall = false; # use only in the VPN

5
modules/audio/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
sound.enable = true; sound.enable = true;
hardware.pulseaudio = { hardware.pulseaudio = {
@ -6,5 +7,5 @@
package = pkgs.pulseaudioFull; package = pkgs.pulseaudioFull;
}; };
users.extraUsers.ccr.extraGroups = ["audio"]; users.extraUsers.ccr.extraGroups = [ "audio" ];
} }

5
modules/auto-upgrade/default.nix
View file

@ -1,9 +1,8 @@
{ {
config, config,
options,
lib,
... ...
}: { }:
{
system.autoUpgrade = { system.autoUpgrade = {
enable = false; enable = false;
flake = "github:aciceri/nixfleet#${config.networking.hostName}"; flake = "github:aciceri/nixfleet#${config.networking.hostName}";

5
modules/battery/default.nix
View file

@ -1,10 +1,11 @@
{config, ...}: { { config, ... }:
{
services.tlp.enable = true; services.tlp.enable = true;
services.upower.enable = true; services.upower.enable = true;
nixpkgs.overlays = [ nixpkgs.overlays = [
(self: super: { (_self: super: {
tlp = super.tlp.override { tlp = super.tlp.override {
enableRDW = config.networkmanager.enable; enableRDW = config.networkmanager.enable;
}; };

6
modules/binfmt/default.nix
View file

@ -1,5 +1,9 @@
{ {
boot.binfmt.emulatedSystems = ["i686-linux" "aarch64-linux" "riscv64-linux"]; boot.binfmt.emulatedSystems = [
"i686-linux"
"aarch64-linux"
"riscv64-linux"
];
nix.extraOptions = '' nix.extraOptions = ''
extra-platforms = aarch64-linux arm-linux i686-linux riscv64-linux extra-platforms = aarch64-linux arm-linux i686-linux riscv64-linux
''; '';

7
modules/bluetooth/default.nix
View file

@ -2,7 +2,8 @@
pkgs, pkgs,
config, config,
... ...
}: { }:
{
services.blueman.enable = true; services.blueman.enable = true;
hardware.pulseaudio.enable = true; hardware.pulseaudio.enable = true;
hardware.bluetooth = { hardware.bluetooth = {
@ -19,6 +20,6 @@
}; };
}; };
}; };
services.dbus.packages = with pkgs; [blueman]; services.dbus.packages = with pkgs; [ blueman ];
ccr.extraGroups = ["bluetooth"]; ccr.extraGroups = [ "bluetooth" ];
} }

9
modules/bubbleupnp/default.nix
View file

@ -2,10 +2,13 @@
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
bubbleupnpserver = { bubbleupnpserver = {
image = "bubblesoftapps/bubbleupnpserver"; image = "bubblesoftapps/bubbleupnpserver";
ports = ["58050:58050"]; ports = [ "58050:58050" ];
extraOptions = ["--network=host" "-device /dev/dri:/dev/dri"]; extraOptions = [
"--network=host"
"-device /dev/dri:/dev/dri"
];
}; };
}; };
networking.firewall.allowedTCPPorts = [58050]; networking.firewall.allowedTCPPorts = [ 58050 ];
} }

109
modules/ccr/default.nix
View file

@ -7,10 +7,12 @@
vpn, vpn,
options, options,
... ...
}: let }:
let
cfg = config.ccr; cfg = config.ccr;
inherit (lib) types; inherit (lib) types;
in { in
{
options.ccr = { options.ccr = {
enable = lib.mkEnableOption "ccr"; enable = lib.mkEnableOption "ccr";
@ -31,12 +33,12 @@ in {
modules = lib.mkOption { modules = lib.mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [ ];
}; };
packages = lib.mkOption { packages = lib.mkOption {
type = types.listOf types.package; type = types.listOf types.package;
default = []; default = [ ];
}; };
autologin = lib.mkOption { autologin = lib.mkOption {
@ -56,63 +58,74 @@ in {
extraGroups = lib.mkOption { extraGroups = lib.mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = {}; default = { };
}; };
extraModules = lib.mkOption { extraModules = lib.mkOption {
type = types.listOf types.deferredModule; type = types.listOf types.deferredModule;
default = []; default = [ ];
}; };
backupPaths = lib.mkOption { backupPaths = lib.mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [ ];
}; };
}; };
config = lib.mkIf cfg.enable (lib.mkMerge [ config = lib.mkIf cfg.enable (
(lib.optionalAttrs (builtins.hasAttr "backup" options) { lib.mkMerge [
backup.paths = cfg.backupPaths; (lib.optionalAttrs (builtins.hasAttr "backup" options) {
}) backup.paths = cfg.backupPaths;
{ })
# FIXME shouldn't set these groups by default {
ccr.extraGroups = ["wheel" "fuse" "video" "dialout" "systemd-journal" "camera"]; # FIXME shouldn't set these groups by default
ccr.modules = ["shell" "git" "nix-index" "btop"]; ccr.extraGroups = [
"wheel"
"fuse"
"video"
"dialout"
"systemd-journal"
"camera"
];
ccr.modules = [
"shell"
"git"
"nix-index"
"btop"
];
users.users.${cfg.username} = { users.users.${cfg.username} = {
inherit (config.ccr) hashedPassword extraGroups description; inherit (config.ccr) hashedPassword extraGroups description;
uid = 1000; uid = 1000;
isNormalUser = true; isNormalUser = true;
shell = cfg.shell; shell = cfg.shell;
openssh.authorizedKeys.keys = config.ccr.authorizedKeys; openssh.authorizedKeys.keys = config.ccr.authorizedKeys;
}; };
programs.fish.enable = true; programs.fish.enable = true;
services.getty.autologinUser = services.getty.autologinUser = if config.ccr.autologin then cfg.username else null;
if config.ccr.autologin
then cfg.username
else null;
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
home-manager.users.${cfg.username} = { home-manager.users.${cfg.username} = {
imports = imports =
fleetHmModules cfg.modules fleetHmModules cfg.modules
++ [ ++ [
{ {
_module.args = { _module.args = {
inherit (config.age) secrets; inherit (config.age) secrets;
inherit (cfg) username; inherit (cfg) username;
inherit vpn; inherit vpn;
hostname = config.networking.hostName; hostname = config.networking.hostName;
}; };
} }
] ]
++ cfg.extraModules; ++ cfg.extraModules;
home.packages = cfg.packages; home.packages = cfg.packages;
home.stateVersion = config.system.stateVersion; home.stateVersion = config.system.stateVersion;
}; };
} }
]); ]
);
} }

55
modules/cgit/config.nix
View file

@ -1,28 +1,31 @@
{ {
lib,
pkgs, pkgs,
... ...
}: let }:
let
repos-path = "/var/lib/cgit-repos"; repos-path = "/var/lib/cgit-repos";
cgit-setup-repos = cgit-setup-repos =
pkgs.writers.writePython3 "cgit-setup-repos" { pkgs.writers.writePython3 "cgit-setup-repos"
libraries = with pkgs.python3Packages; [PyGithub]; {
} '' libraries = with pkgs.python3Packages; [ PyGithub ];
from github import Github }
from pathlib import Path ''
from github import Github
from pathlib import Path
c = Path("${repos-path}") c = Path("${repos-path}")
c.unlink(missing_ok=True) c.unlink(missing_ok=True)
with open(c, "w") as f: with open(c, "w") as f:
for repo in Github().get_user("aciceri").get_repos(): for repo in Github().get_user("aciceri").get_repos():
f.writelines([ f.writelines([
f"repo.url={repo.name}\n" f"repo.url={repo.name}\n"
f"repo.path=/home/ccr/projects/aciceri/{repo.name}/.git\n" f"repo.path=/home/ccr/projects/aciceri/{repo.name}/.git\n"
f"repo.desc={repo.description}\n" f"repo.desc={repo.description}\n"
]) ])
''; '';
in { in
{
services.nginx.virtualHosts."git.aciceri.dev" = { services.nginx.virtualHosts."git.aciceri.dev" = {
cgit = { cgit = {
enable = true; enable = true;
@ -31,10 +34,12 @@ in {
virtual-root = "/"; virtual-root = "/";
cache-size = 1000; cache-size = 1000;
include = [ include = [
(builtins.toString (pkgs.writeText "cgit-extra" '' (builtins.toString (
source-filter=${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py pkgs.writeText "cgit-extra" ''
about-filter=${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh source-filter=${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py
'')) about-filter=${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh
''
))
repos-path repos-path
]; ];
}; };
@ -48,13 +53,13 @@ in {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;
}; };
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
script = builtins.toString cgit-setup-repos; script = builtins.toString cgit-setup-repos;
}; };
systemd.timers.cgit-setup-repos = { systemd.timers.cgit-setup-repos = {
wantedBy = ["timers.target"]; wantedBy = [ "timers.target" ];
partOf = ["cgit-setup-repos.service"]; partOf = [ "cgit-setup-repos.service" ];
timerConfig = { timerConfig = {
OnCalendar = "*-*-* 4:00:00"; # daily at 4 AM OnCalendar = "*-*-* 4:00:00"; # daily at 4 AM
Unit = "cgit-setup-repos.service"; Unit = "cgit-setup-repos.service";

229
modules/cgit/default.nix
View file

@ -4,134 +4,149 @@
pkgs, pkgs,
... ...
}: }:
with lib; let with lib;
let
globalConfig = config; globalConfig = config;
settingsFormat = { settingsFormat = {
type = with lib.types; let type =
value = with lib.types;
oneOf [int str] let
// { value =
description = "INI-like atom (int or string)"; oneOf [
}; int
values = str
coercedTo value lib.singleton (listOf value) ]
// { // {
description = "INI-like atom (int or string)";
};
values = coercedTo value lib.singleton (listOf value) // {
description = value.description + " or a list of them for duplicate keys"; description = value.description + " or a list of them for duplicate keys";
}; };
in in
attrsOf values; attrsOf values;
generate = name: values: generate =
pkgs.writeText name (lib.generators.toKeyValue {listsAsDuplicateKeys = true;} values); name: values:
pkgs.writeText name (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values);
}; };
in { in
{
imports = [ imports = [
../nginx-base ../nginx-base
./config.nix ./config.nix
]; ];
options.services.nginx.virtualHosts = mkOption { options.services.nginx.virtualHosts = mkOption {
type = types.attrsOf (types.submodule ({config, ...}: let type = types.attrsOf (
cfg = config.cgit; types.submodule (
{ config, ... }:
let
cfg = config.cgit;
# These are the global options for this submodule, but for nicer UX they # These are the global options for this submodule, but for nicer UX they
# are inlined into the freeform settings. Hence they MUST NOT INTERSECT # are inlined into the freeform settings. Hence they MUST NOT INTERSECT
# with any settings from cgitrc! # with any settings from cgitrc!
options = { options = {
enable = mkEnableOption "cgit"; enable = mkEnableOption "cgit";
location = mkOption { location = mkOption {
default = "/"; default = "/";
type = types.str; type = types.str;
description = '' description = ''
Location to serve cgit on. Location to serve cgit on.
''; '';
}; };
}; };
# Remove the global options for serialization into cgitrc # Remove the global options for serialization into cgitrc
settings = removeAttrs cfg (attrNames options); settings = removeAttrs cfg (attrNames options);
in { in
options.cgit = mkOption { {
type = types.submodule { options.cgit = mkOption {
freeformType = settingsFormat.type; type = types.submodule {
inherit options; freeformType = settingsFormat.type;
config = { inherit options;
css = mkDefault "/cgit.css"; config = {
logo = mkDefault "/cgit.png"; css = mkDefault "/cgit.css";
favicon = mkDefault "/favicon.ico"; logo = mkDefault "/cgit.png";
favicon = mkDefault "/favicon.ico";
};
};
default = { };
example = literalExample ''
{
enable = true;
virtual-root = "/";
source-filter = "''${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py";
about-filter = "''${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh";
cache-size = 1000;
scan-path = "/srv/git";
include = [
(builtins.toFile "cgitrc-extra-1" '''
# Anything that has to be in a particular order
''')
(builtins.toFile "cgitrc-extra-2" '''
# Anything that has to be in a particular order
''')
];
}
'';
description = ''
Verbatim contents of the cgit runtime configuration file. Documentation
(with cgitrc example file) is available in "man cgitrc". Or online:
http://git.zx2c4.com/cgit/tree/cgitrc.5.txt
'';
}; };
};
default = {};
example = literalExample ''
{
enable = true;
virtual-root = "/";
source-filter = "''${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py";
about-filter = "''${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh";
cache-size = 1000;
scan-path = "/srv/git";
include = [
(builtins.toFile "cgitrc-extra-1" '''
# Anything that has to be in a particular order
''')
(builtins.toFile "cgitrc-extra-2" '''
# Anything that has to be in a particular order
''')
];
}
'';
description = ''
Verbatim contents of the cgit runtime configuration file. Documentation
(with cgitrc example file) is available in "man cgitrc". Or online:
http://git.zx2c4.com/cgit/tree/cgitrc.5.txt
'';
};
config = let config =
location = removeSuffix "/" cfg.location; let
in location = removeSuffix "/" cfg.location;
mkIf cfg.enable { in
locations."${location}/" = { mkIf cfg.enable {
root = "${pkgs.cgit-pink}/cgit/"; locations."${location}/" = {
tryFiles = "$uri @cgit"; root = "${pkgs.cgit-pink}/cgit/";
}; tryFiles = "$uri @cgit";
locations."~ ^${location}/(cgit.(css|png)|favicon.ico|robots.txt)$" = { };
alias = "${pkgs.cgit-pink}/cgit/$1"; locations."~ ^${location}/(cgit.(css|png)|favicon.ico|robots.txt)$" = {
}; alias = "${pkgs.cgit-pink}/cgit/$1";
locations."~ ^${location}/custom.css$" = { };
alias = ./custom.css; locations."~ ^${location}/custom.css$" = {
}; alias = ./custom.css;
locations."@cgit" = { };
extraConfig = locations."@cgit" = {
'' extraConfig =
include ${pkgs.nginx}/conf/fastcgi_params; ''
fastcgi_param CGIT_CONFIG ${settingsFormat.generate "cgitrc" settings}; include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME ${pkgs.cgit-pink}/cgit/cgit.cgi; fastcgi_param CGIT_CONFIG ${settingsFormat.generate "cgitrc" settings};
fastcgi_param QUERY_STRING $args; fastcgi_param SCRIPT_FILENAME ${pkgs.cgit-pink}/cgit/cgit.cgi;
fastcgi_param HTTP_HOST $server_name; fastcgi_param QUERY_STRING $args;
fastcgi_pass unix:${globalConfig.services.fcgiwrap.socketAddress}; fastcgi_param HTTP_HOST $server_name;
'' fastcgi_pass unix:${globalConfig.services.fcgiwrap.socketAddress};
+ ( ''
if cfg.location == "/" + (
then '' if cfg.location == "/" then
fastcgi_param PATH_INFO $uri; ''
'' fastcgi_param PATH_INFO $uri;
else '' ''
fastcgi_split_path_info ^(${location}/)(/?.+)$; else
fastcgi_param PATH_INFO $fastcgi_path_info; ''
'' fastcgi_split_path_info ^(${location}/)(/?.+)$;
); fastcgi_param PATH_INFO $fastcgi_path_info;
}; ''
}; );
})); };
};
}
)
);
}; };
config = let config =
vhosts = config.services.nginx.virtualHosts; let
in vhosts = config.services.nginx.virtualHosts;
in
mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) { mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) {
# make the cgitrc manpage available # make the cgitrc manpage available
environment.systemPackages = [pkgs.cgit-pink]; environment.systemPackages = [ pkgs.cgit-pink ];
services.fcgiwrap.enable = true; services.fcgiwrap.enable = true;
}; };

3
modules/cloudflare-dyndns/default.nix
View file

@ -1,4 +1,5 @@
{config, ...}: { { config, ... }:
{
services.cloudflare-dyndns = { services.cloudflare-dyndns = {
enable = true; enable = true;
ipv4 = true; ipv4 = true;

3
modules/common/default.nix
View file

@ -2,7 +2,8 @@
lib, lib,
fleetModules, fleetModules,
... ...
}: { }:
{
imports = fleetModules [ imports = fleetModules [
"nix" "nix"
"auto-upgrade" "auto-upgrade"

5
modules/dbus/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
services.dbus.packages = [pkgs.dconf]; {
services.dbus.packages = [ pkgs.dconf ];
programs.dconf.enable = true; programs.dconf.enable = true;
} }

9
modules/docker/default.nix
View file

@ -1,13 +1,16 @@
{ {
pkgs, pkgs,
config,
... ...
}: { }:
{
virtualisation.podman.enable = true; virtualisation.podman.enable = true;
# virtualisation.docker.enable = true; # virtualisation.docker.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
docker-compose docker-compose
podman-compose podman-compose
]; ];
ccr.extraGroups = ["docker" "podman"]; ccr.extraGroups = [
"docker"
"podman"
];
} }

Some files were not shown because too many files have changed in this diff Show more