aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Reformat everything
All checks were successful
/ test (push) Successful in 32s
Details

Browse source
This commit is contained in:
Andrea Ciceri 2024-09-20 11:37:17 +02:00
parent 5f644d0ccd
commit a394b9cefd
Signed by: aciceri
SSH key fingerprint: SHA256:/AagBweyV4Hlfg9u092n8hbHwD5fcB6A3qhDiDA65Rg
167 changed files with 2795 additions and 2122 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
checks/default.nix
View file

@ -11,18 +11,20 @@
];
perSystem =
{ pkgs, ... }:
{ ... }:
{
treefmt.config = {
projectRootFile = ".git/config";
programs.nixfmt-rfc-style.enable = true;
programs = {
nixfmt-rfc-style.enable = true;
deadnix.enable = true;
};
};
pre-commit.settings.hooks = {
nixfmt-rfc-style.enable = true;
deadnix.enable = true;
};
formatter = pkgs.nixfmt-rfc-style;
};
flake.checks =
@ -30,7 +32,9 @@
build = _: nc: nc.config.system.build.toplevel;
in
{
x86_64-linux = lib.mapAttrs build { inherit (self.nixosConfigurations) picard; };
x86_64-linux = lib.mapAttrs build {
inherit (self.nixosConfigurations) picard;
};
aarch64-linux = lib.mapAttrs build {
inherit (self.nixosConfigurations) sisko; # pbp;
};

11
flake.nix
View file

@ -1,6 +1,5 @@
{
description =
"A complete, declarative, and reproducible configuration of my entire Nix fleet";
description = "A complete, declarative, and reproducible configuration of my entire Nix fleet";
inputs = {
flakeParts.url = "github:hercules-ci/flake-parts";
@ -58,7 +57,8 @@
vscode-server.url = "github:nix-community/nixos-vscode-server";
};
outputs = inputs@{ flakeParts, ... }:
outputs =
inputs@{ flakeParts, ... }:
flakeParts.lib.mkFlake { inherit inputs; } {
imports = [
# TODO export modules as flake outputs
@ -69,6 +69,9 @@
./shell
./checks
];
systems = [ "x86_64-linux" "aarch64-linux" ];
systems = [
"x86_64-linux"
"aarch64-linux"
];
};
}

2
hmModules/aerc/default.nix
View file

@ -1,5 +1,5 @@
{
imports = [../email];
imports = [ ../email ];
config = {
accounts.email.accounts = {
autistici.aerc = {

5
hmModules/binance/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.binance];
{ pkgs, ... }:
{
home.packages = [ pkgs.binance ];
}

9
hmModules/btop/default.nix
View file

@ -1,18 +1,21 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.btop = {
enable = true;
settings = {
update_ms = 100;
theme_background = false;
# color_theme = "${config.programs.btop.package}/share/btop/themes/dracula.theme";
color_theme = let
color_theme =
let
catppuccin-theme = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "btop";
rev = "21b8d5956a8b07fa52519e3267fb3a2d2e693d17";
hash = "sha256-UXeTypc15MhjgGUiCrDUZ40m32yH2o1N+rcrEgY6sME=";
};
in "${catppuccin-theme}/themes/catppuccin_mocha.theme";
in
"${catppuccin-theme}/themes/catppuccin_mocha.theme";
};
};
}

5
hmModules/calibre/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.calibre];
{ pkgs, ... }:
{
home.packages = [ pkgs.calibre ];
}

3
hmModules/chrome/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.chromium = {
enable = true;
package = pkgs.google-chrome;

9
hmModules/cura/default.nix
View file

@ -1,6 +1,8 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
home.packages = [
(let
(
let
cura5 = pkgs.appimageTools.wrapType2 rec {
name = "cura5";
version = "5.8.0";
@ -23,6 +25,7 @@
args+=("$a")
done
QT_QPA_PLATFORM=xcb exec "${cura5}/bin/cura5" "''${args[@]}"
'')
''
)
];
}

5
hmModules/digikam/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.digikam];
{ pkgs, ... }:
{
home.packages = [ pkgs.digikam ];
}

5
hmModules/discord/default.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: {
home.packages = [pkgs.discord];
{ pkgs, ... }:
{
home.packages = [ pkgs.discord ];
home.file.".config/discord/settings.json".text = builtins.toJSON {
SKIP_HOST_UPDATE = true;
};

5
hmModules/dolphin/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.dolphin-emu];
{ pkgs, ... }:
{
home.packages = [ pkgs.dolphin-emu ];
}

9
hmModules/element/default.nix
View file

@ -1,13 +1,14 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
# home.packages = [pkgs.schildichat-desktop];
home.packages = [pkgs.element-desktop-wayland];
home.packages = [ pkgs.element-desktop-wayland ];
systemd.user.services.element-desktop = {
Install.WantedBy = ["graphical-session.target"];
Install.WantedBy = [ "graphical-session.target" ];
Unit = {
Description = "Element";
PartOf = ["graphical-session.target"];
PartOf = [ "graphical-session.target" ];
};
Service = {

4
hmModules/emacs/default.nix
View file

@ -1,9 +1,9 @@
{
lib,
age,
pkgs,
...
}: {
}:
{
ccrEmacs.enable = true;
home.sessionVariables.EDITOR = lib.mkForce "emacsclient";
systemd.user.services.emacs.Service.EnvironmentFile = age.secrets.chatgpt-token.path;

21
hmModules/email/default.nix
View file

@ -2,19 +2,22 @@
pkgs,
secrets,
...
}: {
}:
{
programs.mbsync.enable = true;
programs.msmtp.enable = true;
services.mbsync.enable = true;
home.file.".config/aerc/stylesets" = let
home.file.".config/aerc/stylesets" =
let
catppuccin-aerc = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "aerc";
rev = "ca404a9f2d125ef12db40db663d43c9d94116a05";
hash = "sha256-OWIkHsKFts/zkrDUtbBPXHVSrHL/F0v3LB1rnlFAKmE=";
};
in {
in
{
source = "${catppuccin-aerc}/dist";
recursive = true;
};
@ -81,7 +84,9 @@
"<Esc>" = ":clear<Enter>";
};
"messages:folder=Drafts" = {"<Enter>" = ":recall<Enter>";};
"messages:folder=Drafts" = {
"<Enter>" = ":recall<Enter>";
};
view = {
"/" = ":toggle-key-passthrough<Enter>/";
@ -164,8 +169,12 @@
border-char-vertical = "";
border-char-horizontal = "";
};
viewer = {always-show-mime = true;};
compose = {no-attachment-warning = "^[^>]*attach(ed|ment)";};
viewer = {
always-show-mime = true;
};
compose = {
no-attachment-warning = "^[^>]*attach(ed|ment)";
};
triggers = {
email-received = ''exec notify-send "New email from %n" "%s"'';
};

7
hmModules/firefox/default.nix
View file

@ -2,14 +2,15 @@
pkgs,
username,
...
}: {
}:
{
programs.firefox = {
enable = true;
package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
extraPolicies = {
ExtensionSettings = {};
ExtensionSettings = { };
};
nativeMessagingHosts = [pkgs.tridactyl-native];
nativeMessagingHosts = [ pkgs.tridactyl-native ];
};
profiles.${username} = {
settings = {

9
hmModules/foot/default.nix
View file

@ -6,14 +6,16 @@
}:
lib.mkMerge [
{
programs.foot = let
programs.foot =
let
catppuccin = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "foot";
rev = "307611230661b7b1787feb7f9d122e851bae97e9";
hash = "sha256-mkPYHDJtfdfDnqLr1YOjaBpn4lCceok36LrnkUkNIE4=";
};
in {
in
{
enable = true;
server.enable = true;
settings = {
@ -23,7 +25,8 @@ lib.mkMerge [
dpi-aware = "no";
horizontal-letter-offset = "1";
include = "${catppuccin}/themes/catppuccin-mocha.ini";
font = let
font =
let
size = "13";
in
lib.concatStringsSep ", " [

3
hmModules/git-workspace/default.nix
View file

@ -2,7 +2,8 @@
age,
username,
...
}: {
}:
{
services.git-workspace = {
enable = true;
frequency = "04:00:00";

11
hmModules/git/default.nix
View file

@ -2,13 +2,18 @@
pkgs,
username,
...
}: let
}:
let
config = {
name = "Andrea Ciceri";
email = "andrea.ciceri@autistici.org";
};
in {
imports = [../gitui ../lazygit];
in
{
imports = [
../gitui
../lazygit
];
programs.git = {
enable = true;
package = pkgs.gitAndTools.gitFull;

6
hmModules/gnome-keyring/default.nix
View file

@ -1,9 +1,9 @@
{
pkgs,
lib,
config,
...
}: {
}:
{
services.gnome-keyring = {
enable = false; # Is this broken? https://github.com/nix-community/home-manager/issues/1454
components = lib.mkForce [
@ -12,7 +12,7 @@
];
};
home.packages = [pkgs.gcr]; # Needed in PATH
home.packages = [ pkgs.gcr ]; # Needed in PATH
# Workaround
wayland.windowManager.hyprland.extraConfig = ''

18
hmModules/gpg/default.nix
View file

@ -1,17 +1,23 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
services.gpg-agent = {
enable = true;
enableSshSupport = true;
sshKeys = ["CE2FD0D9BECBD8876811714925066CC257413416"];
extraConfig = let
sshKeys = [ "CE2FD0D9BECBD8876811714925066CC257413416" ];
extraConfig =
let
pinentryRofi = pkgs.writeShellApplication {
name = "pinentry-rofi-with-env";
runtimeInputs = with pkgs; [coreutils rofi];
runtimeInputs = with pkgs; [
coreutils
rofi
];
text = ''
"${pkgs.pinentry-rofi}/bin/pinentry-rofi" "$@"
'';
};
in ''
in
''
allow-emacs-pinentry
allow-loopback-pinentry
pinentry-program ${pinentryRofi}/bin/pinentry-rofi-with-env
@ -20,6 +26,6 @@
programs.gpg = {
enable = true;
settings = {};
settings = { };
};
}

9
hmModules/headless-hyprland/default.nix
View file

@ -1,11 +1,12 @@
{
config,
lib,
...
}: let
}:
let
originalConfig = config.wayland.windowManager.hyprland.extraConfig;
config = builtins.replaceStrings ["SUPER"] [""] originalConfig;
in {
config = builtins.replaceStrings [ "SUPER" ] [ "" ] originalConfig;
in
{
systemd.user.services.headless-hyprland = {
Unit.Description = "Headless Hyprland";
Service = {

10
hmModules/helix/default.nix
View file

@ -22,26 +22,26 @@
language = [
{
name = "nix";
language-servers = ["nixd"];
language-servers = [ "nixd" ];
}
{
name = "markdown";
language-servers = ["zk"];
language-servers = [ "zk" ];
}
{
name = "typescript";
language-servers = ["vtsls"];
language-servers = [ "vtsls" ];
}
];
language-server = {
nixd.command = "nixd";
vtsls = {
command = "vtsls";
args = ["--stdio"];
args = [ "--stdio" ];
};
zk = {
command = "zk";
args = ["lsp"];
args = [ "lsp" ];
};
};
};

6
hmModules/hyprland/default.nix
View file

@ -2,7 +2,8 @@
config,
pkgs,
...
}: let
}:
let
screenshotScript = pkgs.writeShellScriptBin "screenshot.sh" ''
filename="$HOME/shots/$(date --iso-8601=seconds).png"
coords="$(${pkgs.slurp}/bin/slurp)"
@ -19,7 +20,8 @@
fi
fi
'';
in {
in
{
imports = [
./hyprpaper.nix
../waybar

3
hmModules/hyprland/hyprpaper.nix
View file

@ -1,6 +1,7 @@
let
wallpaper = ./wallpaper.png;
in {
in
{
xdg.configFile."hypr/hyprpaper.conf".text = ''
splash = false
preload = ${wallpaper}

5
hmModules/kicad/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.kicad-small];
{ pkgs, ... }:
{
home.packages = [ pkgs.kicad-small ];
}

3
hmModules/kitty/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ ... }:
{
programs.kitty = {
enable = true;
font = {

3
hmModules/lazygit/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.lazygit = {
enable = true;
settings = {

5
hmModules/lutris/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.lutris];
{ pkgs, ... }:
{
home.packages = [ pkgs.lutris ];
}

5
hmModules/monero/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.monero-gui];
{ pkgs, ... }:
{
home.packages = [ pkgs.monero-gui ];
}

5
hmModules/moonlight/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.moonlight-qt];
{ pkgs, ... }:
{
home.packages = [ pkgs.moonlight-qt ];
}

15
hmModules/mopidy/default.nix
View file

@ -1,5 +1,6 @@
# TODO: use upstream ytmusic when updated: https://github.com/OzymandiasTheGreat/mopidy-ytmusic/issues/68
{pkgs, ...}: let
{ pkgs, ... }:
let
ytmusicapi = pkgs.python310Packages.buildPythonPackage rec {
pname = "ytmusicapi";
version = "0.24.0";
@ -38,14 +39,20 @@
python310Packages.pytube
];
pythonImportsCheck = ["mopidy_ytmusic"];
pythonImportsCheck = [ "mopidy_ytmusic" ];
doCheck = false;
};
in {
in
{
services.mopidy = {
enable = true;
extensionPackages = [mopidy-ytmusic] ++ (with pkgs; [mopidy-mpd mopidy-mpris]);
extensionPackages =
[ mopidy-ytmusic ]
++ (with pkgs; [
mopidy-mpd
mopidy-mpris
]);
settings = {
mpd = {
enabled = true;

5
hmModules/nheko/default.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: {
home.packages = [pkgs.nheko];
{ pkgs, ... }:
{
home.packages = [ pkgs.nheko ];
# systemd.user.services.nheko = {
# Install.WantedBy = ["graphical-session.target"];

17
hmModules/nix-index/default.nix
View file

@ -1,14 +1,15 @@
{
config,
pkgs,
fleetFlake,
lib,
...
}: {
}:
{
programs.nix-index.enable = true;
systemd.user.services.nix-index-update = {
Unit = {Description = "Update nix-index";};
Unit = {
Description = "Update nix-index";
};
Service = {
CPUSchedulingPolicy = "idle";
@ -18,7 +19,9 @@
};
systemd.user.timers.nix-index-update = {
Unit = {Description = "Update nix-index";};
Unit = {
Description = "Update nix-index";
};
Timer = {
Unit = "nix-index-update.service";
@ -26,6 +29,8 @@
Persistent = true;
};
Install = {WantedBy = ["timers.target"];};
Install = {
WantedBy = [ "timers.target" ];
};
};
}

8
hmModules/obs-studio/default.nix
View file

@ -1,6 +1,10 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [wlrobs input-overlay];
plugins = with pkgs.obs-studio-plugins; [
wlrobs
input-overlay
];
};
}

5
hmModules/openscad/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.openscad];
{ pkgs, ... }:
{
home.packages = [ pkgs.openscad ];
}

2
hmModules/pantalaimon/default.nix
View file

@ -9,5 +9,5 @@
};
};
};
systemd.user.services.pantalaimon.Unit.Requires = ["dbus.socket"];
systemd.user.services.pantalaimon.Unit.Requires = [ "dbus.socket" ];
}

5
hmModules/password-store/default.nix
View file

@ -2,12 +2,13 @@
pkgs,
username,
...
}: {
}:
{
programs.password-store = {
enable = true;
settings = {
PASSWORD_STORE_DIR = "/home/${username}/.password-store";
};
package = pkgs.pass.withExtensions (e: [e.pass-otp]);
package = pkgs.pass.withExtensions (e: [ e.pass-otp ]);
};
}

16
hmModules/qutebrowser/default.nix
View file

@ -2,7 +2,8 @@
pkgs,
config,
...
}: let
}:
let
inherit (config.programs.qutebrowser) settings;
websites = {
searx = "https://searx.be";
@ -16,7 +17,8 @@
less-dark-white = "#cccccc";
blue = "#0000ff";
};
in {
in
{
programs.qutebrowser = {
enable = true;
searchEngines = with websites; {
@ -41,7 +43,7 @@ in {
auto_save.session = true;
url = with websites; {
default_page = searx;
start_pages = [searx];
start_pages = [ searx ];
};
editor.command = [
"emacsclient"
@ -108,15 +110,13 @@ in {
};
home.packages = with pkgs; [
fuzzel
(
makeDesktopItem {
(makeDesktopItem {
name = "qutebrowser";
exec = "qutebrowser %u";
comment = "Qutebrowser";
desktopName = "qutebrowser";
type = "Application";
mimeTypes = ["x-scheme-handler/https"];
}
)
mimeTypes = [ "x-scheme-handler/https" ];
})
];
}

8
hmModules/reinstall-magisk-on-lineage/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: let
{ pkgs, ... }:
let
reinstall-magisk-on-lineage = pkgs.stdenv.mkDerivation {
name = "reinstall-magisk-on-lineage";
version = "git";
@ -21,6 +22,7 @@
--replace-fail "paste_yours_here" "\"\$1\""
'';
};
in {
home.packages = [reinstall-magisk-on-lineage];
in
{
home.packages = [ reinstall-magisk-on-lineage ];
}

5
hmModules/remmina/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.remmina];
{ pkgs, ... }:
{
home.packages = [ pkgs.remmina ];
}

32
hmModules/shell/default.nix
View file

@ -4,7 +4,8 @@
age,
hostname,
...
}: {
}:
{
programs.bat.enable = true;
programs.direnv = {
@ -31,7 +32,9 @@
systemd.user.services.atuind = {
Unit.Description = "Atuin daemon";
Install = {WantedBy = ["default.target"];};
Install = {
WantedBy = [ "default.target" ];
};
Service.ExecStart = "${lib.getExe pkgs.atuin} daemon";
};
@ -116,25 +119,29 @@
xdg.configFile = {
"dracula-theme" = {
target = "fish/themes/dracula.theme";
source = let
source =
let
theme = pkgs.fetchFromGitHub {
owner = "dracula";
repo = "fish";
rev = "269cd7d76d5104fdc2721db7b8848f6224bdf554";
hash = "sha256-Hyq4EfSmWmxwCYhp3O8agr7VWFAflcUe8BUKh50fNfY=";
};
in "${theme}/themes/Dracula\ Official.theme";
in
"${theme}/themes/Dracula\ Official.theme";
};
"catppuccin-theme" = {
target = "fish/themes/Catppuccin\ Mocha.theme";
source = let
source =
let
theme = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "fish";
rev = "a3b9eb5eaf2171ba1359fe98f20d226c016568cf";
hash = "sha256-shQxlyoauXJACoZWtRUbRMxmm10R8vOigXwjxBhG8ng=";
};
in "${theme}/themes/Catppuccin\ Mocha.theme";
in
"${theme}/themes/Catppuccin\ Mocha.theme";
};
};
@ -227,7 +234,8 @@
# '';
# };
home.packages = with pkgs;
home.packages =
with pkgs;
[
thefuck
htop-vim
@ -240,12 +248,18 @@
carapace # used by nushell
neovim
]
++ (lib.optionals (builtins.elem hostname ["kirk" "picard"]) [
++ (lib.optionals
(builtins.elem hostname [
"kirk"
"picard"
])
[
nixd # TODO probably not the best place
terraform-lsp # TODO probably not best place
python3Packages.jedi-language-server # TODO probably not best place
nodePackages.typescript-language-server # TODO probably not best place
cntr # TODO probably not best place
nom # FIXME disable on aarch64-linux, breaks everything :(
]);
]
);
}

5
hmModules/slack/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.slack];
{ pkgs, ... }:
{
home.packages = [ pkgs.slack ];
}

14
hmModules/spotify/default.nix
View file

@ -2,17 +2,19 @@
lib,
pkgs,
...
}: let
spotify-adblocked = pkgs.callPackage ../../packages/spotify-adblocked {};
in {
home.packages = [spotify-adblocked];
}:
let
spotify-adblocked = pkgs.callPackage ../../packages/spotify-adblocked { };
in
{
home.packages = [ spotify-adblocked ];
systemd.user.services.spotify-adblocked = {
Install.WantedBy = ["graphical-session.target"];
Install.WantedBy = [ "graphical-session.target" ];
Unit = {
Description = "Spotify";
PartOf = ["graphical-session.target"];
PartOf = [ "graphical-session.target" ];
};
Service = {

5
hmModules/steam-run/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.steam-run];
{ pkgs, ... }:
{
home.packages = [ pkgs.steam-run ];
}

43
hmModules/sway/default.nix
View file

@ -3,7 +3,8 @@
lib,
config,
...
}: {
}:
{
imports = [
../waybar
../swayidle
@ -12,7 +13,7 @@
../kitty
];
config = {
home.packages = with pkgs; [wl-clipboard];
home.packages = with pkgs; [ wl-clipboard ];
systemd.user.sessionVariables = {
NIXOS_OZONE_WL = "1";
@ -35,17 +36,21 @@
};
wayland = {
windowManager.sway = let
windowManager.sway =
let
modifier = "Mod4";
in {
in
{
enable = true;
wrapperFeatures.gtk = true;
config = {
inherit modifier;
menu = "${pkgs.fuzzel}/bin/fuzzel --background-color=253559cc --border-radius=5 --border-width=0";
output = let
output =
let
bg = "${./wallpaper.svg} fill";
in {
in
{
DP-2 = {
res = "1900x1200";
pos = "0 0";
@ -75,15 +80,18 @@
smartBorders = "on";
};
assigns = {
"1" = [{title = ".*Mozilla Firefox$";} {title = ".*qutebrowser$";}];
"2" = [{title = "^((?!qutebrowser-editor).)*Emacs$";}];
"3" = [{title = "Slack.*";}];
"9" = [{title = "^Element.*";}];
"1" = [
{ title = ".*Mozilla Firefox$"; }
{ title = ".*qutebrowser$"; }
];
"2" = [ { title = "^((?!qutebrowser-editor).)*Emacs$"; } ];
"3" = [ { title = "Slack.*"; } ];
"9" = [ { title = "^Element.*"; } ];
};
floating.criteria = [
{title = "MetaMask Notification.*";}
{title = "Volume Control";} # pavucontrol
{title = "^.*editor - qutebrowser$";} # Emacs opened by qutebrowser
{ title = "MetaMask Notification.*"; }
{ title = "Volume Control"; } # pavucontrol
{ title = "^.*editor - qutebrowser$"; } # Emacs opened by qutebrowser
];
input = {
"*" = {
@ -91,19 +99,14 @@
xkb_variant = "altgr-intl";
};
};
keybindings = let
keybindings =
let
screenshotScript = pkgs.writeShellScript "screenshot.sh" ''
filename="$HOME/shots/$(date --iso-8601=seconds).png"
coords="$(${pkgs.slurp}/bin/slurp)"
${pkgs.grim}/bin/grim -t png -g "$coords" "$filename"
wl-copy -t image/png < $filename
'';
screenrecordingScript = pkgs.writeShellScript "screenrecorder.sh" ''
filename="$HOME/shots/recording-$(date --iso-8601=seconds).mp4"
coords="$(${pkgs.slurp}/bin/slurp)"
${pkgs.wf-recorder}/bin/wf-recorder -g "$coords" -f "$filename"
wl-copy -t video/mp4 < $filename
'';
in
lib.mkOptionDefault {
"${modifier}+x" = "exec emacsclient -c";

13
hmModules/swayidle/default.nix
View file

@ -2,8 +2,10 @@
pkgs,
lib,
...
}: {
services.swayidle = let
}:
{
services.swayidle =
let
swaylockWithArgs = pkgs.writeScriptBin "swaylockWithArgs" ''
${pkgs.swaylock-effects}/bin/swaylock \
--daemonize \
@ -22,7 +24,8 @@
--fade-in 0.2
'';
swaylockCommand = "${swaylockWithArgs}/bin/swaylockWithArgs";
in {
in
{
enable = true;
events = [
{
@ -48,7 +51,7 @@
# Otherwise it will start only after Sway and will not work with Hyprland
systemd.user.services.swayidle = {
Unit.PartOf = lib.mkForce [];
Install.WantedBy = lib.mkForce ["hyprland-session.target"];
Unit.PartOf = lib.mkForce [ ];
Install.WantedBy = lib.mkForce [ "hyprland-session.target" ];
};
}

5
hmModules/teams/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.teams-for-linux];
{ pkgs, ... }:
{
home.packages = [ pkgs.teams-for-linux ];
}

6
hmModules/thunderbird/default.nix
View file

@ -1,14 +1,14 @@
{
imports = [../email];
imports = [ ../email ];
config = {
accounts.email.accounts = {
autistici.thunderbird = {
enable = true;
profiles = ["default"];
profiles = [ "default" ];
};
mlabs.thunderbird = {
enable = true;
profiles = ["default"];
profiles = [ "default" ];
};
};
programs.thunderbird = {

5
hmModules/tor-browser/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.tor-browser];
{ pkgs, ... }:
{
home.packages = [ pkgs.tor-browser ];
}

7
hmModules/tremotesf/default.nix
View file

@ -2,11 +2,12 @@
pkgs,
lib,
...
}: {
home.packages = [pkgs.tremotesf];
}:
{
home.packages = [ pkgs.tremotesf ];
systemd.user.services.tremotesf = {
Install.WantedBy = ["graphical-session.target"];
Install.WantedBy = [ "graphical-session.target" ];
Unit = {
Description = "tremotesf";

3
hmModules/vscode/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
programs.vscode = {
enable = true;
# For a few reasons sometimes I'm forced to use VSCode and I don't have time to nixifiy even its configuration.

48
hmModules/waybar/default.nix
View file

@ -2,7 +2,8 @@
pkgs,
lib,
...
}: {
}:
{
programs.waybar = {
enable = true;
systemd.enable = true;
@ -18,7 +19,7 @@
"wlr/mode"
"hyprland/workspaces"
];
modules-center = ["wlr/window"];
modules-center = [ "wlr/window" ];
modules-right = [
"network"
"tray"
@ -46,9 +47,13 @@
# sort-by-number = true;
};
"wlr/mode" = {tooltip = false;};
"wlr/mode" = {
tooltip = false;
};
"wlr/window" = {max_length = 50;};
"wlr/window" = {
max_length = 50;
};
tray = {
spacing = 10;
};
@ -56,7 +61,13 @@
format = "{capacity}% {icon}";
format-alt = "{time} {icon}";
format-charging = "{capacity}% ";
format-icons = [" " " " " " " " " "];
format-icons = [
" "
" "
" "
" "
" "
];
format-plugged = "{capacity}% ";
states = {
critical = 15;
@ -71,7 +82,9 @@
format = "{usage}% ";
tooltip = false;
};
memory = {format = "{}% ";};
memory = {
format = "{}% ";
};
network = {
interval = 1;
format-alt = "{ifname}: {ipaddr}/{cidr}";
@ -86,7 +99,11 @@
format-bluetooth-muted = " {icon} {format_source}";
format-icons = {
car = "";
default = [" " " " " "];
default = [
" "
" "
" "
];
handsfree = "";
headphones = " ";
headset = "";
@ -98,23 +115,32 @@
format-source-muted = "";
on-click = "${pkgs.pavucontrol}/bin/pavucontrol";
};
"wlr/mode" = {format = ''<span style="italic">{}</span>'';};
"wlr/mode" = {
format = ''<span style="italic">{}</span>'';
};
temperature = {
critical-threshold = 80;
format = "{temperatureC}°C {icon}";
format-icons = ["" "" ""];
format-icons = [
""
""
""
];
hwmon-path = "/sys/class/hwmon/hwmon2/temp1_input"; # picard FIXME
# hwmon-path = "/sys/class/thermal/thermal_zone4/temp"; # thinkpad
};
backlight = {
device = "ddcci2";
format = "{percent}% {icon}";
format-icons = [" " " "];
format-icons = [
" "
" "
];
};
};
};
};
# waybar needs the hyprctl binary in PATH when started in hyprland
systemd.user.services.waybar.Service.Environment = "PATH=${lib.makeBinPath [pkgs.hyprland]}";
systemd.user.services.waybar.Service.Environment = "PATH=${lib.makeBinPath [ pkgs.hyprland ]}";
}

7
hmModules/wayvnc/default.nix
View file

@ -4,13 +4,14 @@
vpn,
hostname,
...
}: {
}:
{
systemd.user.services.wayvnc = {
Install.WantedBy = ["graphical-session.target"];
Install.WantedBy = [ "graphical-session.target" ];
Unit = {
Description = "WayVNC";
PartOf = ["graphical-session.target"];
PartOf = [ "graphical-session.target" ];
};
Service = {

17
hmModules/wezterm/default.nix
View file

@ -2,12 +2,12 @@
pkgs,
hostname,
...
}: {
}:
{
programs.wezterm = {
enable = true;
package =
if hostname == "pircard"
then
if hostname == "pircard" then
(pkgs.wezterm.overrideAttrs (old: rec {
pname = "wezterm";
version = "20240406-cce0706";
@ -24,17 +24,13 @@
"xcb-imdkit-0.3.0" = "sha256-fTpJ6uNhjmCWv7dZqVgYuS2Uic36XNYTbqlaly5QBjI=";
};
};
patches =
(old.patches or [])
++ [
patches = (old.patches or [ ]) ++ [
(pkgs.fetchpatch {
# fix(wayland): ensure repaint event is sent in show
url = "https://patch-diff.githubusercontent.com/raw/wez/wezterm/pull/5264.patch";
hash = "sha256-c+frVaBEL0h3PJvNu3AW2iap+uUXBY8olbm7Wsxuh4Q=";
})
(pkgs.writeText
"wezterm-remove_capabilities.patch"
''
(pkgs.writeText "wezterm-remove_capabilities.patch" ''
diff --git a/window/src/os/wayland/seat.rs b/window/src/os/wayland/seat.rs
index 3798f4259..e91591130 100644
--- a/window/src/os/wayland/seat.rs
@ -60,7 +56,8 @@
'')
];
}))
else pkgs.wezterm;
else
pkgs.wezterm;
extraConfig = ''
return {

9
hmModules/whatsapp/default.nix
View file

@ -1,12 +1,13 @@
{pkgs, ...}: {
home.packages = [pkgs.whatsapp-for-linux];
{ pkgs, ... }:
{
home.packages = [ pkgs.whatsapp-for-linux ];
systemd.user.services.whatsapp = {
Install.WantedBy = ["graphical-session.target"];
Install.WantedBy = [ "graphical-session.target" ];
Unit = {
Description = "Whatsapp";
PartOf = ["graphical-session.target"];
PartOf = [ "graphical-session.target" ];
};
Service = {

3
hmModules/wine/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
home.packages = with pkgs; [
winetricks
wineWowPackages.waylandFull

19
hmModules/xdg/default.nix
View file

@ -1,11 +1,12 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
xdg = {
enable = true;
mimeApps.enable = true;
mimeApps.defaultApplications = {
"text/html" = ["firefox.desktop"];
"x-scheme-handler/http" = ["firefox.desktop"];
"x-scheme-handler/https" = ["firefox.desktop"];
"text/html" = [ "firefox.desktop" ];
"x-scheme-handler/http" = [ "firefox.desktop" ];
"x-scheme-handler/https" = [ "firefox.desktop" ];
};
desktopEntries = {
org-protocol = {
@ -13,16 +14,20 @@
genericName = "Org protocol";
exec = "emacsclient -- %u";
terminal = false;
mimeType = ["x-scheme-handler/org-protocol"];
mimeType = [ "x-scheme-handler/org-protocol" ];
};
firefox = {
name = "firefox";
genericName = "Firefox protocol";
exec = "firefox -- %U";
terminal = false;
mimeType = ["text/html" "text/xml" "text/uri"];
mimeType = [
"text/html"
"text/xml"
"text/uri"
];
};
};
};
home.packages = [pkgs.xdg-utils];
home.packages = [ pkgs.xdg-utils ];
}

10
hmModules/zmkbatx/default.nix
View file

@ -2,11 +2,15 @@
pkgs,
lib,
...
}: {
home.packages = [pkgs.zmkBATx];
}:
{
home.packages = [ pkgs.zmkBATx ];
systemd.user.services.zmkBATx = {
Install.WantedBy = ["graphical-session.target" "waybar.service"];
Install.WantedBy = [
"graphical-session.target"
"waybar.service"
];
Unit = {
Description = "zmkBATx";

5
hmModules/zulip/default.nix
View file

@ -1,3 +1,4 @@
{pkgs, ...}: {
home.packages = [pkgs.zulip];
{ pkgs, ... }:
{
home.packages = [ pkgs.zulip ];
}

3
hosts/archer/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
environment.systemPackages = [
pkgs.vim
];

5
hosts/beebox/default.nix
View file

@ -1,9 +1,8 @@
{
fleetModules,
pkgs,
lib,
...
}: {
}:
{
imports =
[
./hardware-configuration.nix

19
hosts/beebox/hardware-configuration.nix
View file

@ -7,15 +7,22 @@
pkgs,
modulesPath,
...
}: {
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@ -31,7 +38,7 @@
};
swapDevices = [
{device = "/dev/disk/by-label/swap";}
{ device = "/dev/disk/by-label/swap"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

33
hosts/default.nix
View file

@ -1,16 +1,14 @@
{
self,
lib,
config,
inputs,
...
}: {
imports = [./module.nix];
}:
{
imports = [ ./module.nix ];
fleet = {
darwinHosts.archer = {};
darwinHosts.archer = { };
nixOnDroidHosts.janeway = {};
nixOnDroidHosts.janeway = { };
hosts = {
# thinkpad = {
@ -74,7 +72,8 @@
# };
deltaflyer = {
nixpkgs = let
nixpkgs =
let
# keep in sync with https://github.com/NixOS/mobile-nixos/blob/development/pkgs.nix
rev = "44d0940ea560dee511026a53f0e2e2cde489b4d4";
in
@ -88,10 +87,10 @@
};
homeManager = builtins.getFlake "github:nix-community/home-manager/670d9ecc3e46a6e3265c203c2d136031a3d3548e";
extraModules = [
(import "${inputs.mobile-nixos}/lib/configuration.nix" {device = "oneplus-fajita";})
(import "${inputs.mobile-nixos}/lib/configuration.nix" { device = "oneplus-fajita"; })
];
secrets = {
"deltaflyer-wireguard-private-key" = {};
"deltaflyer-wireguard-private-key" = { };
"chatgpt-token".owner = "ccr";
};
};
@ -111,12 +110,12 @@
"${inputs.homeManagerGitWorkspace}/modules/services/git-workspace.nix"
];
secrets = {
"kirk-wireguard-private-key" = {};
"kirk-wireguard-private-key" = { };
"chatgpt-token".owner = "ccr";
"cachix-personal-token".owner = "ccr";
"git-workspace-tokens".owner = "ccr";
"autistici-password".owner = "ccr";
"restic-hetzner-password" = {};
"restic-hetzner-password" = { };
};
};
@ -137,7 +136,7 @@
inputs.vscode-server.nixosModules.home
];
secrets = {
"picard-wireguard-private-key" = {};
"picard-wireguard-private-key" = { };
"chatgpt-token".owner = "ccr";
"cachix-personal-token".owner = "ccr";
"hercules-ci-join-token".owner = "hercules-ci-agent";
@ -145,7 +144,7 @@
"hercules-ci-secrets-json".owner = "hercules-ci-agent";
"git-workspace-tokens".owner = "ccr";
"autistici-password".owner = "ccr";
"restic-hetzner-password" = {};
"restic-hetzner-password" = { };
"aws-credentials".owner = "hercules-ci-agent";
"forgejo-runners-token".owner = "nixuser";
"forgejo-nix-access-tokens".owner = "nixuser";
@ -166,7 +165,7 @@
# rock5b.nixosModules.default
];
secrets = {
"sisko-wireguard-private-key" = {};
"sisko-wireguard-private-key" = { };
"hercules-ci-join-token".owner = "hercules-ci-agent";
"hercules-ci-binary-caches".owner = "hercules-ci-agent";
"hercules-ci-secrets-json".owner = "hercules-ci-agent";
@ -174,8 +173,8 @@
"home-planimetry".owner = "hass";
"home-assistant-token".owner = "prometheus";
"grafana-password".owner = "grafana";
"cloudflare-dyndns-api-token" = {};
"restic-hetzner-password" = {};
"cloudflare-dyndns-api-token" = { };
"restic-hetzner-password" = { };
# "minio-credentials".owner = "minio";
# "aws-credentials".owner = "hercules-ci-agent";
"hass-ssh-key".owner = "hass";

29
hosts/deltaflyer/default.nix
View file

@ -3,7 +3,8 @@
lib,
pkgs,
...
}: {
}:
{
imports =
fleetModules [
"common"
@ -41,7 +42,10 @@
# Networking, modem and misc.
{
# Ensures any rndis config from stage-1 is not clobbered by NetworkManager
networking.networkmanager.unmanaged = ["rndis0" "usb0"];
networking.networkmanager.unmanaged = [
"rndis0"
"usb0"
];
# Setup USB gadget networking in initrd...
mobile.boot.stage-1.networking.enable = lib.mkDefault true;
@ -75,13 +79,14 @@
"video"
"wheel"
];
backupPaths = [];
backupPaths = [ ];
};
}
{
system.stateVersion = "24.11";
nixpkgs.config.allowUnfreePredicate = pkg:
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"oneplus-sdm845-firmware-zstd"
"oneplus-sdm845-firmware-xz"
@ -106,10 +111,11 @@
bind = $mod, r, exec, rotate-screen hor
bind = $mod SHIFT, r, exec, rotate-screen ver
'';
home.packages = let
home.packages =
let
rotateScript = pkgs.writeShellApplication {
name = "rotate-screen";
runtimeInputs = [pkgs.hyprland];
runtimeInputs = [ pkgs.hyprland ];
text = ''
if [[ "$1" == "hor" ]]; then
hyprctl keyword monitor DSI-1,1080x2340,0x0,2,transform,1
@ -120,7 +126,8 @@
fi
'';
};
in [rotateScript];
in
[ rotateScript ];
services.swayidle.enable = lib.mkForce false;
}
];
@ -138,7 +145,13 @@
zramSwap.enable = lib.mkDefault true;
boot.binfmt.emulatedSystems = lib.mkForce ["x86_64-linux" "i686-linux" "i386-linux" "i486-linux" "i586-linux"];
boot.binfmt.emulatedSystems = lib.mkForce [
"x86_64-linux"
"i686-linux"
"i386-linux"
"i486-linux"
"i586-linux"
];
}
];
}

5
hosts/deltaflyer/plasma-mobile.nix
View file

@ -2,11 +2,10 @@
# Minimum config used to enable Plasma Mobile.
#
{
config,
lib,
pkgs,
...
}: {
}:
{
mobile.beautification = {
silentBoot = lib.mkDefault false;
splash = lib.mkDefault false;

27
hosts/devbox/default.nix
View file

@ -4,7 +4,8 @@
lib,
pkgs,
...
}: {
}:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
@ -42,17 +43,29 @@
};
fonts = {
fonts = with pkgs; [powerline-fonts dejavu_fonts fira-code fira-code-symbols emacs-all-the-icons-fonts nerdfonts joypixels etBook];
fonts = with pkgs; [
powerline-fonts
dejavu_fonts
fira-code
fira-code-symbols
emacs-all-the-icons-fonts
nerdfonts
joypixels
etBook
];
fontconfig.defaultFonts = {
monospace = ["DejaVu Sans Mono for Powerline"];
sansSerif = ["DejaVu Sans"];
serif = ["DejaVu Serif"];
monospace = [ "DejaVu Sans Mono for Powerline" ];
sansSerif = [ "DejaVu Sans" ];
serif = [ "DejaVu Serif" ];
};
};
nixpkgs.config.joypixels.acceptLicense = true;
environment.systemPackages = with pkgs; [waypipe firefox];
environment.systemPackages = with pkgs; [
waypipe
firefox
];
programs.mosh.enable = true;
@ -61,7 +74,7 @@
};
boot.loader.grub = {
devices = ["/dev/sda"];
devices = [ "/dev/sda" ];
efiSupport = true;
efiInstallAsRemovable = true;
};

7
hosts/devbox/disko.nix
View file

@ -1,9 +1,10 @@
# Example to create a bios compatible gpt partition
{
lib,
disks ? ["/dev/sda"],
disks ? [ "/dev/sda" ],
...
}: {
}:
{
disk = lib.genAttrs disks (dev: {
device = dev;
type = "disk";
@ -17,7 +18,7 @@
start = "0";
end = "1M";
part-type = "primary";
flags = ["bios_grub"];
flags = [ "bios_grub" ];
}
{
type = "partition";

35
hosts/hs/default.nix
View file

@ -4,7 +4,8 @@
lib,
config,
...
}: {
}:
{
imports =
[
./hardware-configuration.nix
@ -21,7 +22,7 @@
"shell"
"git"
];
packages = [];
packages = [ ];
extraGroups = [
"wheel"
"fuse"
@ -31,7 +32,7 @@
systemd.services.standby-sdb = {
description = "Set spindown time (sleep) for /dev/sdb ";
wantedBy = ["multi-user.target"];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.hdparm}/bin/hdparm -B 127 -S 241 /dev/sdb";
@ -40,7 +41,7 @@
systemd.services.standby-sdc = {
description = "Set spindown time (sleep) for /dev/sdc ";
wantedBy = ["multi-user.target"];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.hdparm}/bin/hdparm -B 127 -S 241 /dev/sdc";
@ -54,7 +55,7 @@
isSystemUser = true;
group = "amule";
};
users.groups."amule" = {};
users.groups."amule" = { };
services = {
samba-wsdd = {
@ -261,7 +262,8 @@
};
};
systemd.services.ydns = let
systemd.services.ydns =
let
ydnsUpdater = pkgs.writeScriptBin "ydnsUpdater" ''
USER="andrea.ciceri@autistici.org"
PASSWORD=$(cat /home/ccr/.ydns-password)
@ -273,10 +275,11 @@
done
${pkgs.curl}/bin/curl --basic -u "$USER:$PASSWORD" --silent https://ydns.io/api/v1/update/?host=$DOMAIN
'';
in {
in
{
description = "YDNS IP updater";
wantedBy = ["multi-user.target"];
after = ["network.target"];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
User = "root";
Type = "oneshot";
@ -286,8 +289,8 @@
systemd.services.wstunnel = {
description = "WSTunnel";
wantedBy = ["multi-user.target"];
after = ["network.target"];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
User = "root";
Type = "oneshot";
@ -297,8 +300,8 @@
# TODO It seems to not work
systemd.timers.ydnsUpdater = {
wantedBy = ["timers.target"];
partOf = ["ydnsUpdater.service"];
wantedBy = [ "timers.target" ];
partOf = [ "ydnsUpdater.service" ];
timerConfig = {
OnCalendar = "*-*-* *:00:00"; # hourly
Unit = "ydnsUpdater.service";
@ -330,13 +333,13 @@
networking.nat.enable = true;
networking.nat.externalInterface = "enp0s10";
networking.nat.internalInterfaces = ["wg0"];
networking.nat.internalInterfaces = [ "wg0" ];
networking.wireguard.interfaces = {
# "wg0" is the network interface name. You can name the interface arbitrarily.
wg0 = {
# Determines the IP address and subnet of the server's end of the tunnel interface.
ips = ["10.100.0.1/24"];
ips = [ "10.100.0.1/24" ];
# The port that WireGuard listens to. Must be accessible by the client.
listenPort = 51820;
@ -366,7 +369,7 @@
# Public key of the peer (not a file path).
publicKey = "fCwjd75CefC9A7WqO7s3xfOk2nRcoTKfnAzDT6Lc5AA=";
# List of IPs assigned to this peer within the tunnel subnet. Used to configure routing.
allowedIPs = ["10.100.0.2/32"];
allowedIPs = [ "10.100.0.2/32" ];
}
];
};

14
hosts/hs/hardware-configuration.nix
View file

@ -1,6 +1,14 @@
{lib, ...}: {
{ lib, ... }:
{
boot = {
initrd.availableKernelModules = ["ohci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
initrd.availableKernelModules = [
"ohci_pci"
"ehci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
loader.grub = lib.mkForce {
enable = true;
version = 2;
@ -23,5 +31,5 @@
};
};
swapDevices = [{device = "/dev/disk/by-label/swap";}];
swapDevices = [ { device = "/dev/disk/by-label/swap"; } ];
}

27
hosts/janeway/default.nix
View file

@ -1,14 +1,15 @@
{
config,
lib,
pkgs,
fleetFlake,
...
}: let
}:
let
sshdTmpDirectory = "${config.user.home}/sshd-tmp";
sshdDirectory = "${config.user.home}/sshd";
port = 8022;
in {
in
{
# Backup etc files instead of failing to activate generation if a file already exists in /etc
environment.etcBackupExtension = ".bak";
@ -23,19 +24,23 @@ in {
# Set your time zone
time.timeZone = "Europe/Rome";
home-manager.config = {pkgs, ...}: {
home-manager.config =
{ ... }:
{
home.stateVersion = "24.05";
_module.args = {
hostname = "janeway";
age.secrets = {};
age.secrets = { };
};
imports = [../../hmModules/shell];
imports = [ ../../hmModules/shell ];
};
build.activation.sshd = let
build.activation.sshd =
let
keys = (builtins.import ../../lib).keys;
inherit (keys) hosts users;
in ''
in
''
$DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh"
$DRY_RUN_CMD echo ${hosts.picard} > "${config.user.home}/.ssh/authorized_keys"
$DRY_RUN_CMD echo ${hosts.sisko} >> "${config.user.home}/.ssh/authorized_keys"
@ -57,9 +62,11 @@ in {
fi
'';
environment.packages = let
environment.packages =
let
inherit (fleetFlake.inputs.ccrEmacs.packages.aarch64-linux) ccrEmacs;
in [
in
[
pkgs.bottom
pkgs.helix
pkgs.stress

10
hosts/kirk/default.nix
View file

@ -1,10 +1,10 @@
{
fleetModules,
lib,
pkgs,
config,
...
}: {
}:
{
imports =
fleetModules [
"common"
@ -67,11 +67,11 @@
"zulip"
"calibre"
];
extraGroups = [];
backupPaths = [];
extraGroups = [ ];
backupPaths = [ ];
};
boot.initrd.kernelModules = ["i915"];
boot.initrd.kernelModules = [ "i915" ];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"

188
hosts/module.nix
View file

@ -8,12 +8,17 @@
config,
inputs,
...
} @ flakePartsArgs: let
}:
let
cfg = config.fleet;
in {
in
{
options.fleet = {
darwinHosts = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
type = lib.types.attrsOf (
lib.types.submodule (
{ name, ... }:
{
options = {
name = lib.mkOption {
description = "Host name";
@ -33,23 +38,30 @@ in {
extraModules = lib.mkOption {
description = "Extra NixOS modules";
type = lib.types.listOf lib.types.deferredModule;
default = [];
default = [ ];
};
overlays = lib.mkOption {
description = "Enabled Nixpkgs overlays";
type = lib.types.listOf (lib.mkOptionType {
type = lib.types.listOf (
lib.mkOptionType {
name = "nixpkgs-overlay";
description = "nixpkgs overlay";
check = lib.isFunction;
merge = lib.mergeOneOption;
});
default = [];
}
);
default = [ ];
};
};
}));
}
)
);
};
nixOnDroidHosts = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
type = lib.types.attrsOf (
lib.types.submodule (
{ name, ... }:
{
options = {
name = lib.mkOption {
description = "Host name";
@ -69,24 +81,31 @@ in {
extraModules = lib.mkOption {
description = "Extra NixOS modules";
type = lib.types.listOf lib.types.deferredModule;
default = [];
default = [ ];
};
overlays = lib.mkOption {
description = "Enabled Nixpkgs overlays";
type = lib.types.listOf (lib.mkOptionType {
type = lib.types.listOf (
lib.mkOptionType {
name = "nixpkgs-overlay";
description = "nixpkgs overlay";
check = lib.isFunction;
merge = lib.mergeOneOption;
});
default = [];
}
);
default = [ ];
};
};
}));
}
)
);
};
hosts = lib.mkOption {
description = "Host configuration";
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
type = lib.types.attrsOf (
lib.types.submodule (
{ name, ... }:
{
options = {
name = lib.mkOption {
description = "Host name";
@ -120,7 +139,10 @@ in {
};
secrets = lib.mkOption {
description = "List of secrets names in the `secrets` folder";
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
type = lib.types.attrsOf (
lib.types.submodule (
{ name, ... }:
{
options = {
owner = lib.mkOption {
type = lib.types.str;
@ -140,8 +162,10 @@ in {
default = "0440";
};
};
}));
default = {};
}
)
);
default = { };
};
enableHomeManager = lib.mkOption {
description = "Enable home-manager module";
@ -150,23 +174,25 @@ in {
};
overlays = lib.mkOption {
description = "Enabled Nixpkgs overlays";
type = lib.types.listOf (lib.mkOptionType {
type = lib.types.listOf (
lib.mkOptionType {
name = "nixpkgs-overlay";
description = "nixpkgs overlay";
check = lib.isFunction;
merge = lib.mergeOneOption;
});
default = [];
}
);
default = [ ];
};
extraModules = lib.mkOption {
description = "Extra NixOS modules";
type = lib.types.listOf lib.types.deferredModule;
default = [];
default = [ ];
};
extraHmModules = lib.mkOption {
description = "Extra home-manager modules";
type = lib.types.listOf lib.types.deferredModule;
default = [];
default = [ ];
};
extraHmModulesUser = lib.mkOption {
description = "User for which to import extraHmModulesUser";
@ -175,11 +201,14 @@ in {
};
};
config.overlays = with inputs; cfg.overlays;
}));
default = {};
}
)
);
default = { };
};
vpnExtra = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule {
type = lib.types.attrsOf (
lib.types.submodule {
options = {
ip = lib.mkOption {
description = "Wireguard VPN ip";
@ -190,66 +219,81 @@ in {
type = lib.types.str;
};
};
});
default = {};
}
);
default = { };
};
_mkNixosConfiguration = lib.mkOption {
description = "Function returning a proper NixOS configuration";
type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type
internal = true;
default = hostname: config:
default =
hostname: config:
config.nixpkgs.lib.nixosSystem {
inherit (config) system;
modules =
[
({lib, ...}: {
(
{ lib, ... }:
{
networking.hostName = lib.mkForce hostname;
nixpkgs.overlays = config.overlays;
})
}
)
"${self.outPath}/hosts/${hostname}"
]
++ (lib.optionals (config.secrets != []) [
++ (lib.optionals (config.secrets != [ ]) [
inputs.agenix.nixosModules.default
({lib, ...}: let
(
{ lib, ... }:
let
allSecrets = lib.mapAttrs' (name: value: {
name = lib.removeSuffix ".age" name;
inherit value;
}) (import "${self.outPath}/secrets/secrets.nix");
filteredSecrets =
lib.filterAttrs
(name: _: builtins.hasAttr name config.secrets)
allSecrets;
in {
age.secrets =
lib.mapAttrs' (name: _: {
filteredSecrets = lib.filterAttrs (name: _: builtins.hasAttr name config.secrets) allSecrets;
in
{
age.secrets = lib.mapAttrs' (name: _: {
name = builtins.baseNameOf name;
value = {
inherit (config.secrets.${name}) owner group file mode;
inherit (config.secrets.${name})
owner
group
file
mode
;
};
})
filteredSecrets;
})
}) filteredSecrets;
}
)
])
++ (lib.optionals config.enableHomeManager (let
++ (lib.optionals config.enableHomeManager (
let
user = config.extraHmModulesUser;
extraHmModules = config.extraHmModules;
in [
in
[
config.homeManager.nixosModule
({
(
{
config,
pkgs,
...
}: {
}:
{
home-manager.users."${user}" = {
imports = extraHmModules;
_module.args = {
age = config.age or {};
age = config.age or { };
fleetFlake = self;
pkgsStable = inputs.nixpkgsStable.legacyPackages.${pkgs.system};
};
};
})
]))
}
)
]
))
++ config.extraModules;
specialArgs = {
fleetModules = builtins.map (moduleName: "${self.outPath}/modules/${moduleName}");
@ -263,18 +307,21 @@ in {
description = "Function returning a proper Darwin configuration";
type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type
internal = true;
default = hostname: config:
default =
hostname: config:
inputs.nixDarwin.lib.darwinSystem {
modules = [
({
(
{
lib,
pkgs,
...
}: {
}:
{
networking.hostName = lib.mkForce hostname;
nixpkgs.overlays = config.overlays;
nixpkgs.hostPlatform = config.system;
})
}
)
"${self.outPath}/hosts/${hostname}"
];
};
@ -284,18 +331,20 @@ in {
description = "Function returning a proper nix-on-droid configuration";
type = lib.types.functionTo (lib.types.functionTo lib.types.attrs); # TODO improve this type
internal = true;
default = hostname: config:
default =
hostname: config:
inputs.nix-on-droid.lib.nixOnDroidConfiguration {
pkgs = inputs.nixpkgs.legacyPackages.aarch64-linux;
modules = [
({
lib,
pkgs,
(
{
...
}: {
}:
{
nixpkgs.overlays = config.overlays;
_module.args.fleetFlake = self;
})
}
)
"${self.outPath}/hosts/${hostname}"
];
};
@ -303,19 +352,10 @@ in {
};
config = {
flake.nixosConfigurations =
lib.mapAttrs
config.fleet._mkNixosConfiguration
config.fleet.hosts;
flake.nixosConfigurations = lib.mapAttrs config.fleet._mkNixosConfiguration config.fleet.hosts;
flake.darwinConfigurations =
lib.mapAttrs
config.fleet._mkDarwinConfiguration
config.fleet.darwinHosts;
flake.darwinConfigurations = lib.mapAttrs config.fleet._mkDarwinConfiguration config.fleet.darwinHosts;
flake.nixOnDroidConfigurations =
lib.mapAttrs
config.fleet._mkNixOnDroidConfiguration
config.fleet.nixOnDroidHosts;
flake.nixOnDroidConfigurations = lib.mapAttrs config.fleet._mkNixOnDroidConfiguration config.fleet.nixOnDroidHosts;
};
}

35
hosts/mothership/default.nix
View file

@ -5,7 +5,8 @@
pkgs,
config,
...
}: {
}:
{
imports = fleetModules [
"common"
"wireguard-server"
@ -57,11 +58,20 @@
};
fonts = {
fonts = with pkgs; [powerline-fonts dejavu_fonts fira-code fira-code-symbols emacs-all-the-icons-fonts nerdfonts joypixels etBook];
fonts = with pkgs; [
powerline-fonts
dejavu_fonts
fira-code
fira-code-symbols
emacs-all-the-icons-fonts
nerdfonts
joypixels
etBook
];
fontconfig.defaultFonts = {
monospace = ["DejaVu Sans Mono for Powerline"];
sansSerif = ["DejaVu Sans"];
serif = ["DejaVu Serif"];
monospace = [ "DejaVu Sans Mono for Powerline" ];
sansSerif = [ "DejaVu Sans" ];
serif = [ "DejaVu Serif" ];
};
};
@ -69,16 +79,21 @@
nixpkgs.config.joypixels.acceptLicense = true;
environment.systemPackages = with pkgs; [waypipe];
environment.systemPackages = with pkgs; [ waypipe ];
programs.dconf.enable = true;
programs.mosh.enable = true;
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usbhid"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot = {

9
hosts/mothership/disko.nix
View file

@ -1,8 +1,11 @@
{
lib,
disks ? ["/dev/nvme0n1" "/dev/nvme1n1"],
disks ? [
"/dev/nvme0n1"
"/dev/nvme1n1"
],
...
}: {
}:
{
disk = {
x = {
type = "disk";

6
hosts/oneplus5t/default.nix
View file

@ -1,9 +1,7 @@
{
config,
lib,
pkgs,
...
}: {
}:
{
signing.enable = true;
# apps.prebuilt = {

3
hosts/pbp/default.nix
View file

@ -3,7 +3,8 @@
pkgs,
lib,
...
}: {
}:
{
imports =
[
./hardware-configuration.nix

7
hosts/pbp/hardware-configuration.nix
View file

@ -3,11 +3,12 @@
lib,
pkgs,
...
}: {
disko.devices = import ./disko.nix {};
}:
{
disko.devices = import ./disko.nix { };
boot = {
initrd.availableKernelModules = ["usbhid"];
initrd.availableKernelModules = [ "usbhid" ];
extraModulePackages = with config.boot.kernelPackages; [
v4l2loopback
];

15
hosts/picard/default.nix
View file

@ -4,7 +4,8 @@
config,
pkgs,
...
}: {
}:
{
imports =
fleetModules [
"common"
@ -85,12 +86,12 @@
"reinstall-magisk-on-lineage"
"vscode-server"
];
extraGroups = [];
backupPaths = [];
extraGroups = [ ];
backupPaths = [ ];
};
boot.kernelParams = ["ip=dhcp"];
boot.initrd.kernelModules = ["amdgpu"];
boot.kernelParams = [ "ip=dhcp" ];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
@ -108,7 +109,7 @@
# https://github.com/NixOS/nixpkgs/issues/328909
boot.extraModulePackages = [
(config.boot.kernelPackages.ddcci-driver.overrideAttrs (old: {
patches = [];
patches = [ ];
src = pkgs.fetchFromGitLab {
owner = "${old.pname}-linux";
repo = "${old.pname}-linux";
@ -154,6 +155,6 @@
# TODO move away from here (how can the interface name be retrieved programmatically?)
networking.interfaces.enp11s0.wakeOnLan = {
enable = true;
policy = ["magic"];
policy = [ "magic" ];
};
}

8
hosts/sisko/default.nix
View file

@ -1,10 +1,10 @@
{
fleetModules,
pkgs,
fleetFlake,
config,
...
}: {
}:
{
imports =
fleetModules [
"common"
@ -71,7 +71,7 @@
nixpkgs.hostPlatform = "aarch64-linux";
swapDevices = [];
swapDevices = [ ];
boot.loader = {
systemd-boot.enable = true;
@ -128,7 +128,7 @@
fileSystems."/mnt/hd" = {
device = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU-part1";
fsType = "ext4";
options = ["nofail"];
options = [ "nofail" ];
};
environment.systemPackages = with pkgs; [

17
hosts/sisko/disko.nix
View file

@ -1,15 +1,18 @@
let
emmc = "/dev/disk/by-id/mmc-SLD64G_0xf6be3ba0";
ssd = "/dev/disk/by-id/ata-CT240BX300SSD1_1739E1042F3C";
# hd1 = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550";
# hd2 = "/dev/disk/by-id/ata-WDC_WD10EADX-22TDHB0_WD-WCAV5V359530";
hd = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550-part1";
# old_hd = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU";
in {
in
# hd1 = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550";
# hd2 = "/dev/disk/by-id/ata-WDC_WD10EADX-22TDHB0_WD-WCAV5V359530";
# old_hd = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU";
{
disko.devices = {
nodev."/" = {
fsType = "tmpfs";
mountOptions = ["size=1024M" "defaults" "mode=755"];
mountOptions = [
"size=1024M"
"defaults"
"mode=755"
];
};
disk = {
ssd = {

6
hosts/test/default.nix
View file

@ -1,10 +1,8 @@
{
fleetModules,
lib,
config,
pkgs,
...
}: {
}:
{
imports =
fleetModules [
"common"

25
hosts/thinkpad/default.nix
View file

@ -1,10 +1,10 @@
{
config,
lib,
pkgs,
fleetModules,
...
}: {
}:
{
imports =
[
./zfs.nix
@ -97,10 +97,15 @@
];
};
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
# boot.kernelPackages = pkgs.linuxPackages_zen;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -126,8 +131,8 @@
useXkbConfig = true; # use xkbOptions in tty.
};
services.joycond.enable = true; #FIXME not here
services.udev.packages = [pkgs.joycond];
services.joycond.enable = true; # FIXME not here
services.udev.packages = [ pkgs.joycond ];
# Enable the X11 windowing system.
# services.xserver.enable = true;
@ -183,7 +188,7 @@
# services.openssh.enable = true;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [8000];
networking.firewall.allowedTCPPorts = [ 8000 ];
# networking.firewall.allowedUDPPorts = [ 5000 ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
@ -214,7 +219,7 @@
];
};
users.groups.input.members = ["ccr"];
users.groups.input.members = [ "ccr" ];
services.udev.extraRules = ''
Sunshine
KERNEL=="uinput", GROUP="input", MODE="0660", OPTIONS+="static_node=uinput"

44
hosts/thinkpad/hardware-configuration.nix
View file

@ -4,47 +4,67 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["uinput"];
boot.extraModulePackages = [];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "uinput" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "rpool/nixos/root";
fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"];
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/home" = {
device = "rpool/nixos/home";
fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"];
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/lib" = {
device = "rpool/nixos/var/lib";
fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"];
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/var/log" = {
device = "rpool/nixos/var/log";
fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"];
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/boot" = {
device = "bpool/nixos/root";
fsType = "zfs";
options = ["zfsutil" "X-mount.mkdir"];
options = [
"zfsutil"
"X-mount.mkdir"
];
};
fileSystems."/boot/efis/nvme-INTEL_SSDPEKKF010T8L_PHHP938405741P0D-part1" = {
@ -64,7 +84,7 @@
# };
swapDevices = [
{device = "/dev/disk/by-label/swap";}
{ device = "/dev/disk/by-label/swap"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

8
hosts/thinkpad/zfs.nix
View file

@ -1,10 +1,10 @@
{
config,
pkgs,
lib,
...
}: {
boot.supportedFilesystems = ["zfs"];
}:
{
boot.supportedFilesystems = [ "zfs" ];
networking.hostId = "adf0b5e7";
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.efi.canTouchEfiVariables = false;
@ -23,7 +23,7 @@
mount /boot/efi
'';
boot.loader.grub.extraInstallCommands = ''
export PATH=$PATH:${lib.makeBinPath [pkgs.coreutils]}
export PATH=$PATH:${lib.makeBinPath [ pkgs.coreutils ]}
ESP_MIRROR=$(mktemp -d)
cp -r /boot/efi/EFI $ESP_MIRROR
for i in /boot/efis/*; do

2
modules/adb/default.nix
View file

@ -1,4 +1,4 @@
{
programs.adb.enable = true;
ccr.extraGroups = ["adbusers"];
ccr.extraGroups = [ "adbusers" ];
}

7
modules/adguard-home/default.nix
View file

@ -6,6 +6,9 @@
openFirewall = true;
};
};
networking.firewall.allowedTCPPorts = [3000 53];
networking.firewall.allowedUDPPorts = [53];
networking.firewall.allowedTCPPorts = [
3000
53
];
networking.firewall.allowedUDPPorts = [ 53 ];
}

3
modules/atuin/default.nix
View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
services.atuin = {
enable = true;
openFirewall = false; # use only in the VPN

5
modules/audio/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
sound.enable = true;
hardware.pulseaudio = {
@ -6,5 +7,5 @@
package = pkgs.pulseaudioFull;
};
users.extraUsers.ccr.extraGroups = ["audio"];
users.extraUsers.ccr.extraGroups = [ "audio" ];
}

5
modules/auto-upgrade/default.nix
View file

@ -1,9 +1,8 @@
{
config,
options,
lib,
...
}: {
}:
{
system.autoUpgrade = {
enable = false;
flake = "github:aciceri/nixfleet#${config.networking.hostName}";

5
modules/battery/default.nix
View file

@ -1,10 +1,11 @@
{config, ...}: {
{ config, ... }:
{
services.tlp.enable = true;
services.upower.enable = true;
nixpkgs.overlays = [
(self: super: {
(_self: super: {
tlp = super.tlp.override {
enableRDW = config.networkmanager.enable;
};

6
modules/binfmt/default.nix
View file

@ -1,5 +1,9 @@
{
boot.binfmt.emulatedSystems = ["i686-linux" "aarch64-linux" "riscv64-linux"];
boot.binfmt.emulatedSystems = [
"i686-linux"
"aarch64-linux"
"riscv64-linux"
];
nix.extraOptions = ''
extra-platforms = aarch64-linux arm-linux i686-linux riscv64-linux
'';

7
modules/bluetooth/default.nix
View file

@ -2,7 +2,8 @@
pkgs,
config,
...
}: {
}:
{
services.blueman.enable = true;
hardware.pulseaudio.enable = true;
hardware.bluetooth = {
@ -19,6 +20,6 @@
};
};
};
services.dbus.packages = with pkgs; [blueman];
ccr.extraGroups = ["bluetooth"];
services.dbus.packages = with pkgs; [ blueman ];
ccr.extraGroups = [ "bluetooth" ];
}

9
modules/bubbleupnp/default.nix
View file

@ -2,10 +2,13 @@
virtualisation.oci-containers.containers = {
bubbleupnpserver = {
image = "bubblesoftapps/bubbleupnpserver";
ports = ["58050:58050"];
extraOptions = ["--network=host" "-device /dev/dri:/dev/dri"];
ports = [ "58050:58050" ];
extraOptions = [
"--network=host"
"-device /dev/dri:/dev/dri"
];
};
};
networking.firewall.allowedTCPPorts = [58050];
networking.firewall.allowedTCPPorts = [ 58050 ];
}

43
modules/ccr/default.nix
View file

@ -7,10 +7,12 @@
vpn,
options,
...
}: let
}:
let
cfg = config.ccr;
inherit (lib) types;
in {
in
{
options.ccr = {
enable = lib.mkEnableOption "ccr";
@ -31,12 +33,12 @@ in {
modules = lib.mkOption {
type = types.listOf types.str;
default = [];
default = [ ];
};
packages = lib.mkOption {
type = types.listOf types.package;
default = [];
default = [ ];
};
autologin = lib.mkOption {
@ -56,28 +58,41 @@ in {
extraGroups = lib.mkOption {
type = types.listOf types.str;
default = {};
default = { };
};
extraModules = lib.mkOption {
type = types.listOf types.deferredModule;
default = [];
default = [ ];
};
backupPaths = lib.mkOption {
type = types.listOf types.str;
default = [];
default = [ ];
};
};
config = lib.mkIf cfg.enable (lib.mkMerge [
config = lib.mkIf cfg.enable (
lib.mkMerge [
(lib.optionalAttrs (builtins.hasAttr "backup" options) {
backup.paths = cfg.backupPaths;
})
{
# FIXME shouldn't set these groups by default
ccr.extraGroups = ["wheel" "fuse" "video" "dialout" "systemd-journal" "camera"];
ccr.modules = ["shell" "git" "nix-index" "btop"];
ccr.extraGroups = [
"wheel"
"fuse"
"video"
"dialout"
"systemd-journal"
"camera"
];
ccr.modules = [
"shell"
"git"
"nix-index"
"btop"
];
users.users.${cfg.username} = {
inherit (config.ccr) hashedPassword extraGroups description;
@ -89,10 +104,7 @@ in {
programs.fish.enable = true;
services.getty.autologinUser =
if config.ccr.autologin
then cfg.username
else null;
services.getty.autologinUser = if config.ccr.autologin then cfg.username else null;
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
@ -114,5 +126,6 @@ in {
home.stateVersion = config.system.stateVersion;
};
}
]);
]
);
}

27
modules/cgit/config.nix
View file

@ -1,13 +1,15 @@
{
lib,
pkgs,
...
}: let
}:
let
repos-path = "/var/lib/cgit-repos";
cgit-setup-repos =
pkgs.writers.writePython3 "cgit-setup-repos" {
libraries = with pkgs.python3Packages; [PyGithub];
} ''
pkgs.writers.writePython3 "cgit-setup-repos"
{
libraries = with pkgs.python3Packages; [ PyGithub ];
}
''
from github import Github
from pathlib import Path
@ -22,7 +24,8 @@
f"repo.desc={repo.description}\n"
])
'';
in {
in
{
services.nginx.virtualHosts."git.aciceri.dev" = {
cgit = {
enable = true;
@ -31,10 +34,12 @@ in {
virtual-root = "/";
cache-size = 1000;
include = [
(builtins.toString (pkgs.writeText "cgit-extra" ''
(builtins.toString (
pkgs.writeText "cgit-extra" ''
source-filter=${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py
about-filter=${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh
''))
''
))
repos-path
];
};
@ -48,13 +53,13 @@ in {
Type = "oneshot";
RemainAfterExit = true;
};
wantedBy = ["multi-user.target"];
wantedBy = [ "multi-user.target" ];
script = builtins.toString cgit-setup-repos;
};
systemd.timers.cgit-setup-repos = {
wantedBy = ["timers.target"];
partOf = ["cgit-setup-repos.service"];
wantedBy = [ "timers.target" ];
partOf = [ "cgit-setup-repos.service" ];
timerConfig = {
OnCalendar = "*-*-* 4:00:00"; # daily at 4 AM
Unit = "cgit-setup-repos.service";

53
modules/cgit/default.nix
View file

@ -4,33 +4,42 @@
pkgs,
...
}:
with lib; let
with lib;
let
globalConfig = config;
settingsFormat = {
type = with lib.types; let
type =
with lib.types;
let
value =
oneOf [int str]
oneOf [
int
str
]
// {
description = "INI-like atom (int or string)";
};
values =
coercedTo value lib.singleton (listOf value)
// {
values = coercedTo value lib.singleton (listOf value) // {
description = value.description + " or a list of them for duplicate keys";
};
in
attrsOf values;
generate = name: values:
pkgs.writeText name (lib.generators.toKeyValue {listsAsDuplicateKeys = true;} values);
generate =
name: values:
pkgs.writeText name (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values);
};
in {
in
{
imports = [
../nginx-base
./config.nix
];
options.services.nginx.virtualHosts = mkOption {
type = types.attrsOf (types.submodule ({config, ...}: let
type = types.attrsOf (
types.submodule (
{ config, ... }:
let
cfg = config.cgit;
# These are the global options for this submodule, but for nicer UX they
@ -50,7 +59,8 @@ in {
# Remove the global options for serialization into cgitrc
settings = removeAttrs cfg (attrNames options);
in {
in
{
options.cgit = mkOption {
type = types.submodule {
freeformType = settingsFormat.type;
@ -61,7 +71,7 @@ in {
favicon = mkDefault "/favicon.ico";
};
};
default = {};
default = { };
example = literalExample ''
{
enable = true;
@ -87,7 +97,8 @@ in {
'';
};
config = let
config =
let
location = removeSuffix "/" cfg.location;
in
mkIf cfg.enable {
@ -112,26 +123,30 @@ in {
fastcgi_pass unix:${globalConfig.services.fcgiwrap.socketAddress};
''
+ (
if cfg.location == "/"
then ''
if cfg.location == "/" then
''
fastcgi_param PATH_INFO $uri;
''
else ''
else
''
fastcgi_split_path_info ^(${location}/)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
''
);
};
};
}));
}
)
);
};
config = let
config =
let
vhosts = config.services.nginx.virtualHosts;
in
mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) {
# make the cgitrc manpage available
environment.systemPackages = [pkgs.cgit-pink];
environment.systemPackages = [ pkgs.cgit-pink ];
services.fcgiwrap.enable = true;
};

3
modules/cloudflare-dyndns/default.nix
View file

@ -1,4 +1,5 @@
{config, ...}: {
{ config, ... }:
{
services.cloudflare-dyndns = {
enable = true;
ipv4 = true;

3
modules/common/default.nix
View file

@ -2,7 +2,8 @@
lib,
fleetModules,
...
}: {
}:
{
imports = fleetModules [
"nix"
"auto-upgrade"

5
modules/dbus/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
services.dbus.packages = [pkgs.dconf];
{ pkgs, ... }:
{
services.dbus.packages = [ pkgs.dconf ];
programs.dconf.enable = true;
}

9
modules/docker/default.nix
View file

@ -1,13 +1,16 @@
{
pkgs,
config,
...
}: {
}:
{
virtualisation.podman.enable = true;
# virtualisation.docker.enable = true;
environment.systemPackages = with pkgs; [
docker-compose
podman-compose
];
ccr.extraGroups = ["docker" "podman"];
ccr.extraGroups = [
"docker"
"podman"
];
}

Some files were not shown because too many files have changed in this diff Show more