diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml index ee456fc..a2224c0 100644 --- a/.forgejo/workflows/build.yaml +++ b/.forgejo/workflows/build.yaml @@ -9,7 +9,13 @@ jobs: name: Checkout repository - name: Attic login run: attic login nixfleet http://sisko.wg.aciceri.dev:8081 ${{secrets.ATTIC_NIXFLEET_TOKEN}} - - name: Build with nix + - name: Setup SSH + run: | + mkdir -p ~/.ssh + echo "${{secrets.FORGEJO_SSH_KEY}}" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + ssh-keyscan github.com >> ~/.ssh/known_hosts + - name: Build with nix (x86_64-linux) run: nix-fast-build --no-nom --systems "x86_64-linux aarch64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true - name: Report checks run: report-checks diff --git a/.forgejo/workflows/update-flake-lock.yaml b/.forgejo/workflows/update-flake-lock.yaml index 7a45fc4..abe16bd 100644 --- a/.forgejo/workflows/update-flake-lock.yaml +++ b/.forgejo/workflows/update-flake-lock.yaml @@ -1,7 +1,7 @@ name: update-flake-lock on: schedule: - - cron: "0 15 * * *" # daily at 15:00 + - cron: "0 15 * * 1" # weekly on Monday at 15:00 jobs: lockfile: diff --git a/checks/default.nix b/checks/default.nix index 5bca772..ae2c491 100644 --- a/checks/default.nix +++ b/checks/default.nix @@ -49,7 +49,7 @@ build = _: nc: nc.config.system.build.toplevel; in { - x86_64-linux = lib.mapAttrs build { inherit (self.nixosConfigurations) picard; }; + x86_64-linux = lib.mapAttrs build { inherit (self.nixosConfigurations) picard pike kirk; }; aarch64-linux = lib.mapAttrs build { inherit (self.nixosConfigurations) sisko; # pbp; }; diff --git a/flake.lock b/flake.lock index 31b4dc8..5071c58 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1745630506, - "narHash": "sha256-bHCFgGeu8XjWlVuaWzi3QONjDW3coZDqSHvnd4l7xus=", + "lastModified": 1747575206, + "narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=", "owner": "ryantm", "repo": "agenix", - "rev": "96e078c646b711aee04b82ba01aefbff87004ded", + "rev": "4835b1dc898959d8547a871ef484930675cb47f1", "type": "github" }, "original": { @@ -26,11 +26,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1747268376, - "narHash": "sha256-JDcdINnB1bfbUAy1eEgwIXLrfZeuntxuxTu7UWcQrQY=", + "lastModified": 1747519437, + "narHash": "sha256-uv9Wv59d+mckS2CkorOF484wp2G5TNGijdoBZ5RkAk0=", "owner": "catppuccin", "repo": "nix", - "rev": "7a6ccdeba6e761bec9601e2192983e6b9dff630c", + "rev": "3ba714046ee32373e88166e6e9474d6ae6a5b734", "type": "github" }, "original": { @@ -83,11 +83,11 @@ ] }, "locked": { - "lastModified": 1747274630, - "narHash": "sha256-87RJwXbfOHyzTB9LYagAQ6vOZhszCvd8Gvudu+gf3qo=", + "lastModified": 1747621015, + "narHash": "sha256-j0fo1rNxZvmFLMaE945UrbLJZAHTlQmq0/QMgOP4GTs=", "owner": "nix-community", "repo": "disko", - "rev": "ec7c109a4f794fce09aad87239eab7f66540b888", + "rev": "cec44d77d9dacf0c91d3d51aff128fefabce06ee", "type": "github" }, "original": { @@ -103,11 +103,11 @@ "pyproject-nix": "pyproject-nix" }, "locked": { - "lastModified": 1735160684, - "narHash": "sha256-n5CwhmqKxifuD4Sq4WuRP/h5LO6f23cGnSAuJemnd/4=", + "lastModified": 1747658429, + "narHash": "sha256-qZWuEdxmPx818qR61t3mMozJOvZSmTRUDPU4L3JeGgE=", "owner": "nix-community", "repo": "dream2nix", - "rev": "8ce6284ff58208ed8961681276f82c2f8f978ef4", + "rev": "6fd6d9188f32efd1e1656b3c3e63a67f9df7b636", "type": "github" }, "original": { @@ -122,11 +122,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1747300110, - "narHash": "sha256-mHePt7oDQepKT5jm4ZCjvohAIO0QPVVYZIIIn7VARKo=", + "lastModified": 1747618089, + "narHash": "sha256-mbzwxQlxNamIMErEfwWRZ+ECmlQzxJ4eJvOM6/fxV5s=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "d8949f8c77eadcc7b268f994361fd2055cfbf2cb", + "rev": "1b2bc802bbac29f4695e39fbf982944c0999b45d", "type": "github" }, "original": { @@ -282,11 +282,11 @@ ] }, "locked": { - "lastModified": 1746537231, - "narHash": "sha256-Wb2xeSyOsCoTCTj7LOoD6cdKLEROyFAArnYoS+noCWo=", + "lastModified": 1747372754, + "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "fa466640195d38ec97cf0493d6d6882bc4d14969", + "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", "type": "github" }, "original": { @@ -387,11 +387,11 @@ ] }, "locked": { - "lastModified": 1747279714, - "narHash": "sha256-UdxlE8yyrKiGq3bgGyJ78AdFwh+fuRAruKtyFY5Zq5I=", + "lastModified": 1747565775, + "narHash": "sha256-B6jmKHUEX1jxxcdoYHl7RVaeohtAVup8o3nuVkzkloA=", "owner": "nix-community", "repo": "home-manager", - "rev": "954615c510c9faa3ee7fb6607ff72e55905e69f2", + "rev": "97118a310eb8e13bc1b9b12d67267e55b7bee6c8", "type": "github" }, "original": { @@ -464,11 +464,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1747273354, - "narHash": "sha256-LUzJQ0T6XtlZLuFZ9ovLLCdzaCc4YhotPlMLoMcGD5w=", + "lastModified": 1747664434, + "narHash": "sha256-ph9fCCvzgZ1PNOu82SSoceX/tYZ5MfmX3PkBxBiNxwA=", "ref": "refs/heads/main", - "rev": "b7ce00fc55dea4fa1e282921beebff25e6b2d1f0", - "revCount": 17889, + "rev": "eb18a90afbe0ade000d957cda344a5bcb3d565d4", + "revCount": 17900, "type": "git", "url": "https://git@git.lix.systems/lix-project/lix" }, @@ -554,11 +554,11 @@ "nmd": "nmd" }, "locked": { - "lastModified": 1747158007, - "narHash": "sha256-uwRCd2RAAdMOvReceeaWHGp8RoGjFyIouQN053MsMSk=", + "lastModified": 1747382160, + "narHash": "sha256-nlHPjA5GH4wdwnAoOzCt7BVLUKtIAAW2ClNGz2OxTrs=", "owner": "nix-community", "repo": "nix-on-droid", - "rev": "7f68d674b30997434868c9e93784724fdbf37367", + "rev": "40b8c7465f78887279a0a3c743094fa6ea671ab1", "type": "github" }, "original": { @@ -647,11 +647,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1746957726, - "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=", + "lastModified": 1747485343, + "narHash": "sha256-YbsZyuRE1tobO9sv0PUwg81QryYo3L1F3R3rF9bcG38=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94", + "rev": "9b5ac7ad45298d58640540d0323ca217f32a6762", "type": "github" }, "original": { @@ -663,17 +663,17 @@ }, "nixpkgsSisko": { "locked": { - "lastModified": 1742288794, - "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", + "lastModified": 1747542820, + "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" }, "original": { "owner": "NixOS", "repo": "nixpkgs", - "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" } }, @@ -711,11 +711,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1747179050, - "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", + "lastModified": 1747542820, + "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" }, "original": { @@ -742,11 +742,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1747179050, - "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", + "lastModified": 1747542820, + "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" }, "original": { @@ -1009,11 +1009,11 @@ ] }, "locked": { - "lastModified": 1747299117, - "narHash": "sha256-JGjCVbxS+9t3tZ2IlPQ7sdqSM4c+KmIJOXVJPfWmVOU=", + "lastModified": 1747469671, + "narHash": "sha256-bo1ptiFoNqm6m1B2iAhJmWCBmqveLVvxom6xKmtuzjg=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "e758f27436367c23bcd63cd973fa5e39254b530e", + "rev": "ab0378b61b0d85e73a8ab05d5c6029b5bd58c9fb", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 440867f..145218e 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ inputs = { flakeParts.url = "github:hercules-ci/flake-parts"; - nixpkgsSisko.url = "github:NixOS/nixpkgs/b6eaf97c6960d97350c584de1b6dcff03c9daf42"; + nixpkgsSisko.url = "github:NixOS/nixpkgs/292fa7d4f6519c074f0a50394dbbe69859bb6043"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixosHardware.url = "github:NixOS/nixos-hardware"; homeManager = { diff --git a/hmModules/emacs/init.el b/hmModules/emacs/init.el index b142b0f..7959261 100644 --- a/hmModules/emacs/init.el +++ b/hmModules/emacs/init.el @@ -566,13 +566,16 @@ :mode "\\.hs\\'" :config (add-to-list 'eglot-server-programs - '(haskell-ts-mode . ("haskell-language-server-wrapper" "--lsp")))) + '(haskell-ts-mode . ("haskell-language-server" "--lsp")))) + +(use-package tidal + :custom ((tidal-interpreter "tidal"))) (use-package purescript-mode :custom ((project-vc-extra-root-markers '("spago.dhall"))) :hook ((purescript-mode . eglot-ensure) - (purescript-mode . turn-on-purescript-indentation) - (purescript-mode . (lambda () (setq project-vc-extra-root-markers '("spago.dhall")))))) + (purescript-mode . turn-on-purescript-indentation) + (purescript-mode . (lambda () (setq project-vc-extra-root-markers '("spago.dhall")))))) (use-package terraform-mode :after eglot @@ -596,6 +599,15 @@ (use-package gptscript-mode :mode "\\.gpt\\'") +(use-package gptscript-mode + :mode "\\.gpt\\'") + +(use-package typst-ts-mode + :config + (add-to-list 'eglot-server-programs + '(typst-ts-mode . ("tinymist" "lsp"))) + :mode "\\.typ\\'") + ;; FIXME ;; (use-package mmm-mode ;; :config @@ -613,7 +625,7 @@ (use-package paredit :delight :hook ((lisp-mode . enable-paredit-mode) - (emacs-lisp-mode . enable-paredit-mode))) + (emacs-lisp-mode . enable-paredit-mode))) (use-package aggressive-indent :hook ((lisp-mode . aggressive-indent-mode) @@ -1019,15 +1031,15 @@ This is meant to be an helper to be called from the window manager." :custom (gptel-model 'google/gemini-2.5-flash-preview) (gptel-backend (gptel-make-openai "OpenRouter" - :host "openrouter.ai" - :endpoint "/api/v1/chat/completions" - :key (lambda () (require 'f) (f-read-text (getenv "OPENAI_API_KEY_PATH"))) - :stream t - :models '(google/gemini-2.5-flash-preview)) - ) + :host "openrouter.ai" + :endpoint "/api/v1/chat/completions" + :key (lambda () (require 'f) (f-read-text (getenv "OPENAI_API_KEY_PATH"))) + :stream t + :models '(google/gemini-2.5-flash-preview)) + ) (gptel-default-mode 'org-mode) (gptel-org-branching-context nil) ;; this is cool but I don't feel comfortable with it - (gptel-use-tools nil) + (gptel-use-tools 't) :bind ("C-c a a" . gptel-add) @@ -1042,80 +1054,163 @@ This is meant to be an helper to be called from the window manager." ;; (add-hook 'gptel-post-response-functions 'gptel-end-of-response) ;; (add-hook 'gptel-post-stream-hook 'gptel-auto-scroll) - (setq gptel-tools (mapcar (lambda (tool) (apply #'gptel-make-tool tool)) - '(( - :name "create_file" - :function (lambda (path filename content) - (let ((full-path (expand-file-name filename path))) - (with-temp-buffer - (insert content) - (write-file full-path)) - (format-read "Created file %s in %s" filename path))) - :description "Create a new file with the specified content" - :args (list '(:name "path" - :type string - :description "The directory where to create the file") - '(:name "filename" - :type string - :description "The name of the file to create") - '(:name "content" - :type string - :description "The content to write to the file")) - :category "filesystem" - ) - ;; ( - ;; :name "run_command" - ;; :confirm 't - ;; :function (lambda (command) - ;; (shell-command-to-string command)) - ;; :description "Run arbitrary commands" - ;; :args (list '(:name "command" - ;; :type string - ;; :description "The content to run e.g. 'ls *' or 'fd '")) - ;; ) - ( - :name "get_weather" - :function (lambda (location) - (url-retrieve-synchronously "api.weather.com/..." - location unit)) - :description "Get the current weather in a given location" - :args (list '(:name "location" - :type string - :description "The city and state, e.g. San Francisco, CA") - '(:name "unit" - :type string - :enum ["celsius" "farenheit"] - :description - "The unit of temperature, either 'celsius' or 'fahrenheit" - :optional t - )) - ) - )) - ) + (defun ccr/edit-buffer (buffer-name old-string new-string) + "In BUFFER-NAME, replace OLD-STRING with NEW-STRING." + (with-current-buffer buffer-name + (let ((case-fold-search nil)) ;; Case-sensitive search + (save-excursion + (goto-char (point-min)) + (let ((count 0)) + (while (search-forward old-string nil t) + (setq count (1+ count))) + (if (= count 0) + (format "Error: Could not find text to replace in buffer %s" buffer-name) + (if (> count 1) + (format "Error: Found %d matches for the text to replace in buffer %s" count buffer-name) + (goto-char (point-min)) + (search-forward old-string) + (replace-match new-string t t) + (format "Successfully edited buffer %s" buffer-name)))))))) + + (defun ccr/replace-buffer (buffer-name content) + "Completely replace contents of BUFFER-NAME with CONTENT." + (with-current-buffer buffer-name + (erase-buffer) + (insert content) + (format "Buffer replaced: %s" buffer-name))) + + (setq gptel-tools `( + ,(gptel-make-tool + :function (lambda (url) + (with-current-buffer (url-retrieve-synchronously url) + (goto-char (point-min)) + (forward-paragraph) + (let ((dom (libxml-parse-html-region (point) (point-max)))) + (run-at-time 0 nil #'kill-buffer (current-buffer)) + (with-temp-buffer + (shr-insert-document dom) + (buffer-substring-no-properties (point-min) (point-max)))))) + :name "read_url" + :description "Fetch and read the contents of a URL" + :args (list '(:name "url" + :type string + :description "The URL to read")) + :category "web") + ,(gptel-make-tool + :function (lambda (filepath) + (with-temp-buffer + (insert-file-contents (expand-file-name filepath)) + (buffer-string))) + :name "read_file" + :description "Read and display the contents of a file" + :args (list '(:name "filepath" + :type string + :description "Path to the file to read. Supports relative paths and ~.")) + :category "filesystem") + ,(gptel-make-tool + :function (lambda (directory) + (mapconcat #'identity + (directory-files directory) + "\n")) + :name "list_directory" + :description "List the contents of a given directory" + :args (list '(:name "directory" + :type string + :description "The path to the directory to list")) + :category "filesystem") + ,(gptel-make-tool + :function (lambda () (mapcar 'buffer-name (buffer-list))) + :name "list_buffers" + :description "Return a list containing all the Emacs buffers" + :category "emacs") + ,(gptel-make-tool + :function (lambda (buffer) + (unless (buffer-live-p (get-buffer buffer)) + (error "Error: buffer %s is not live." buffer)) + (with-current-buffer buffer + (buffer-substring-no-properties (point-min) (point-max)))) + :name "read_buffer" + :description "Return the contents of an Emacs buffer" + :args (list '(:name "buffer" + :type string + :description "The name of the buffer whose contents are to be retrieved")) + :category "emacs") + ,(gptel-make-tool + :function (lambda (buffer text) + (with-current-buffer (get-buffer-create buffer) + (save-excursion + (goto-char (point-max)) + (insert text))) + (format "Appended text to buffer %s" buffer)) + :name "append_to_buffer" + :description "Append text to an Emacs buffer. If the buffer does not exist, it will be created." + :confirm t + :args (list '(:name "buffer" + :type string + :description "The name of the buffer to append text to.") + '(:name "text" + :type string + :description "The text to append to the buffer.")) + :category "emacs") + ,(gptel-make-tool + :name "EditBuffer" + :function #'ccr/edit-buffer + :description "Edits Emacs buffers" + :confirm t + :args '((:name "buffer_name" + :type string + :description "Name of the buffer to modify" + :required t) + (:name "old_string" + :type string + :description "Text to replace (must match exactly)" + :required t) + (:name "new_string" + :type string + :description "Text to replace old_string with" + :required t)) + :category "edit") + , + (gptel-make-tool + :name "ReplaceBuffer" + :function #'ccr/replace-buffer + :description "Completely overwrites buffer contents" + :confirm t + :args '((:name "buffer_name" + :type string + :description "Name of the buffer to overwrite" + :required t) + (:name "content" + :type string + :description "Content to write to the buffer" + :required t)) + :category "edit") + )) + (defun ccr/suggest-eshell-command () (interactive) (save-excursion (eshell-bol) (let ((start-pos (point)) - (end-pos (line-end-position))) - (gptel-request - (buffer-substring-no-properties start-pos end-pos) ;the prompt - :system "You are proficient with emacs shell (eshell), translate the following to something I could directly prompt to the shell. Your responses should only be code, without explanation or formatting or quoting." - :buffer (current-buffer) - :context (cons (set-marker (make-marker) start-pos) - (set-marker (make-marker) end-pos)) - :callback - (lambda (response info) - (if (not response) - (message "ChatGPT response failed with: %s" (plist-get info :status)) - (kill-region start-pos end-pos) - (insert response))))))) + (end-pos (line-end-position))) + (gptel-request + (buffer-substring-no-properties start-pos end-pos) ;the prompt + :system "You are proficient with emacs shell (eshell), translate the following to something I could directly prompt to the shell. Your responses should only be code, without explanation or formatting or quoting." + :buffer (current-buffer) + :context (cons (set-marker (make-marker) start-pos) + (set-marker (make-marker) end-pos)) + :callback + (lambda (response info) + (if (not response) + (message "ChatGPT response failed with: %s" (plist-get info :status)) + (kill-region start-pos end-pos) + (insert response))))))) (add-to-list 'display-buffer-alist '("^\\*ChatGPT\\*" - (display-buffer-full-frame) - (name . "floating"))) + (display-buffer-full-frame) + (name . "floating"))) (defun ccr/start-chatgpt () ;; Used from outside Emacs by emacsclient --eval (display-buffer (gptel "*ChatGPT*")) @@ -1131,9 +1226,9 @@ This is meant to be an helper to be called from the window manager." (require 'password-store-otp) ;; FIXME use `use-pacakge' idiomatic way :bind (("C-c p p" . password-store-copy) - ("C-c p o" . password-store-otp-token-copy) - ("C-c p e" . password-store-edit) - ("C-c p i" . password-store-insert))) + ("C-c p o" . password-store-otp-token-copy) + ("C-c p e" . password-store-edit) + ("C-c p i" . password-store-insert))) (use-package with-editor :init (shell-command-with-editor-mode +1)) diff --git a/hmModules/gpg/default.nix b/hmModules/gpg/default.nix index f245f26..abef97c 100644 --- a/hmModules/gpg/default.nix +++ b/hmModules/gpg/default.nix @@ -2,7 +2,7 @@ { services.gpg-agent = { enable = true; - pinentryPackage = pkgs.pinentry-rofi.override { + pinentry.package = pkgs.pinentry-rofi.override { rofi = pkgs.rofi-wayland; }; extraConfig = '' diff --git a/hmModules/jellyfin/default.nix b/hmModules/jellyfin/default.nix new file mode 100644 index 0000000..77d23c3 --- /dev/null +++ b/hmModules/jellyfin/default.nix @@ -0,0 +1,4 @@ +{ pkgs, ... }: +{ + home.packages = [ pkgs.jellyfin-media-player ]; +} diff --git a/hmModules/niri/config.kdl b/hmModules/niri/config.kdl index eecbd3b..06f54e1 100644 --- a/hmModules/niri/config.kdl +++ b/hmModules/niri/config.kdl @@ -19,7 +19,7 @@ input { touchpad { // off tap - // dwt + dwt // dwtp natural-scroll // accel-speed 0.2 diff --git a/hmModules/shell/catppuccin_mocha.omp.json b/hmModules/shell/catppuccin_mocha.omp.json new file mode 100644 index 0000000..c5c74c8 --- /dev/null +++ b/hmModules/shell/catppuccin_mocha.omp.json @@ -0,0 +1,61 @@ +{ + "$schema": "https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/main/themes/schema.json", + "palette": { + "os": "#ACB0BE", + "closer": "p:os", + "pink": "#F5C2E7", + "lavender": "#B4BEFE", + "blue": "#89B4FA" + }, + "blocks": [ + { + "alignment": "left", + "segments": [ + { + "foreground": "p:blue", + "style": "plain", + "template": "{{ .UserName }}@{{ .HostName }} ", + "type": "session" + }, + { + "foreground": "p:pink", + "properties": { + "folder_icon": "..\ue5fe..", + "home_icon": "~", + "style": "agnoster_short" + }, + "style": "plain", + "template": "{{ .Path }} ", + "type": "path" + }, + { + "foreground": "p:lavender", + "properties": { + "branch_icon": "\ue725 ", + "cherry_pick_icon": "\ue29b ", + "commit_icon": "\uf417 ", + "fetch_status": false, + "fetch_upstream_icon": false, + "merge_icon": "\ue727 ", + "no_commits_icon": "\uf0c3 ", + "rebase_icon": "\ue728 ", + "revert_icon": "\uf0e2 ", + "tag_icon": "\uf412 " + }, + "template": "{{ .HEAD }} ", + "style": "plain", + "type": "git" + }, + { + "style": "plain", + "foreground": "p:closer", + "template": "\uf105", + "type": "text" + } + ], + "type": "prompt" + } + ], + "final_space": true, + "version": 3 +} diff --git a/hmModules/shell/default.nix b/hmModules/shell/default.nix index c654977..6c7e5c1 100644 --- a/hmModules/shell/default.nix +++ b/hmModules/shell/default.nix @@ -84,7 +84,12 @@ programs.thefuck.enable = true; programs.oh-my-posh = { enable = true; - useTheme = "catppuccin_mocha"; + # same as "captuccin_mocha" but without the OS logo + settings = lib.mkForce ( + builtins.fromJSON ( + builtins.unsafeDiscardStringContext (builtins.readFile ./catppuccin_mocha.omp.json) + ) + ); }; programs.zellij.enableBashIntegration = false; diff --git a/hmModules/spotify/default.nix b/hmModules/spotify/default.nix index 59b2edd..5bc0a6d 100644 --- a/hmModules/spotify/default.nix +++ b/hmModules/spotify/default.nix @@ -9,18 +9,18 @@ in { home.packages = [ spotify-adblocked ]; - systemd.user.services.spotify-adblocked = { - Install.WantedBy = [ "graphical-session.target" ]; + # systemd.user.services.spotify-adblocked = { + # Install.WantedBy = [ "graphical-session.target" ]; - Unit = { - Description = "Spotify"; - PartOf = [ "graphical-session.target" ]; - }; + # Unit = { + # Description = "Spotify"; + # PartOf = [ "graphical-session.target" ]; + # }; - Service = { - ExecStart = lib.getExe spotify-adblocked; - Restart = "on-failure"; - RestartSec = 3; - }; - }; + # Service = { + # ExecStart = lib.getExe spotify-adblocked; + # Restart = "on-failure"; + # RestartSec = 3; + # }; + # }; } diff --git a/hosts/default.nix b/hosts/default.nix index 7ed6ca8..cf4fc6f 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -109,6 +109,7 @@ "home-assistant-token".owner = "prometheus"; "grafana-password".owner = "grafana"; "cloudflare-dyndns-api-token" = { }; + "cloudflare-api-tokens" = { }; "restic-hetzner-password" = { }; "hass-ssh-key".owner = "hass"; "sisko-attic-environment-file".owner = "atticd"; diff --git a/hosts/pike/default.nix b/hosts/pike/default.nix index e5e6ca6..2248933 100644 --- a/hosts/pike/default.nix +++ b/hosts/pike/default.nix @@ -89,6 +89,7 @@ "zoom" "pantalaimon" "gimp" + "jellyfin" ]; extraGroups = [ "plugdev" ]; backupPaths = [ ]; diff --git a/hosts/sisko/default.nix b/hosts/sisko/default.nix index 9daa84c..13a9b0d 100644 --- a/hosts/sisko/default.nix +++ b/hosts/sisko/default.nix @@ -36,6 +36,8 @@ "amule" "adguard-home" "garmin-grafana" + # "dump1090" + "arbi" ] ++ [ ./disko.nix diff --git a/lib/default.nix b/lib/default.nix index 4330d49..3d15451 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -4,6 +4,7 @@ ccr-ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIm9Sl/I+5G4g4f6iE4oCUJteP58v+wMIew9ZuLB+Gea"; oneplus8t = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO8da1Mf11vXFF0kVDgxocVoGwpHHMEs9emS9T+v8hLb oneplus8t"; hercules-ci-agent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPupm00BiveTIYF6CNwuMijF5VvEaPDMjvt+vMlAy+N hercules-ci-agent"; + forgejo-ci = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5mbqLoZ/0J45J7J+17XMGv/dXs3DGABJsnvDv4rgC9 forgjeo-ci"; }; hosts = { kirk = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAH49KzayIro3L1bteR7nwupMM/vKlDh05t5/DFD9/uz"; diff --git a/modules/amule/default.nix b/modules/amule/default.nix index 9752f8f..6416e9f 100644 --- a/modules/amule/default.nix +++ b/modules/amule/default.nix @@ -1,34 +1,46 @@ -{ config, lib, ... }: +{ config, pkgs, ... }: +let + rev = "966199fe1dccc9c6c7016bdb1d9582f27797bc02"; + amule-flake = builtins.getFlake "github:NixOS/nixpkgs/${rev}"; + inherit (amule-flake.legacyPackages.${pkgs.system}) amule-daemon amule-web; +in { - users.users.amule = { - isSystemUser = true; - group = "amule"; - extraGroups = [ "amule" ]; - home = config.services.amule.dataDir; - }; + disabledModules = [ "services/networking/amuled.nix" ]; + documentation.nixos.enable = false; + + imports = [ "${amule-flake}/nixos/modules/services/networking/amuled.nix" ]; - users.groups.amule = { }; services.amule = { - dataDir = "/mnt/hd/amule"; enable = true; - user = "amule"; + package = amule-daemon; + amuleWebPackage = amule-web; + openPeerPorts = true; + openWebServerPort = true; + # TODO the service is accessible only from the VPN + # however better using agenix + ExternalConnectPasswordFile = pkgs.writeText "password" "pippo"; + WebServerPasswordFile = pkgs.writeText "password" "pippo"; + settings = { + eMule = { + IncomingDir = "/mnt/hd/amule"; + TempDir = "/mnt/hd/amule/Temp"; + }; + WebServer = { + Enabled = 1; + }; + }; }; - # sometimes the service crashes with a segfeault without any reason... - systemd.services.amuled.serviceConfig.Restart = lib.mkForce "always"; - environment.persistence."/persist".directories = [ config.services.amule.dataDir ]; - networking.firewall = { - allowedTCPPorts = [ 4662 ]; - allowedUDPPortRanges = [ - { - from = 4665; - to = 4672; - } - ]; + services.nginx.virtualHosts."amule.sisko.wg.aciceri.dev" = { + forceSSL = true; + useACMEHost = "aciceri.dev"; + locations."/" = { + proxyPass = "http://localhost:${builtins.toString config.services.amule.settings.WebServer.Port}"; + }; + serverAliases = [ "amule.sisko.zt.aciceri.dev" ]; }; - } diff --git a/modules/arbi/default.nix b/modules/arbi/default.nix new file mode 100644 index 0000000..02ab9e5 --- /dev/null +++ b/modules/arbi/default.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: +let + rev = "d531730d9640160f0519ef4b3640f8da49dd96f8"; + arbi-flake = builtins.getFlake "git+ssh://git@github.com/aciceri/arbi.git?rev=${rev}"; +in +{ + imports = [ arbi-flake.nixosModules.arbi ]; + + services.arbi = { + enable = true; + log_level = "debug"; + configFile = pkgs.writeText "arbi-config.kdl" '' + endpoint "wss://eth-mainnet.g.alchemy.com/v2/" + pairs_file "pairs.json" + concurrency 4 + ''; + }; + + environment.persistence."/persist".directories = [ + config.services.arbi.dataDir + ]; +} diff --git a/modules/common/default.nix b/modules/common/default.nix index 5aa4549..f83e6e4 100644 --- a/modules/common/default.nix +++ b/modules/common/default.nix @@ -18,9 +18,10 @@ nixpkgs.config.allowUnfree = true; # Forgive me Mr. Stallman :( system.switch.enableNg = true; - environment.systemPackages = [ - pkgs.btop - pkgs.ncdu + environment.systemPackages = with pkgs; [ + btop + ncdu + git ]; # FIXME not the best place diff --git a/modules/dump1090/default.nix b/modules/dump1090/default.nix new file mode 100644 index 0000000..cf74a4e --- /dev/null +++ b/modules/dump1090/default.nix @@ -0,0 +1,31 @@ +{ + pkgs, + ... +}: +let + dump1090-flake = builtins.getFlake "github:NixOS/nixpkgs/541f05042033467730fb8cedb08355dc91b94c74"; + inherit (dump1090-flake.legacyPackages.${pkgs.system}) dump1090-fa; +in +{ + imports = [ "${dump1090-flake}/nixos/modules/services/misc/dump1090-fa.nix" ]; + + hardware.rtl-sdr.enable = true; + + disabledModules = [ "services/misc/dump10190-fa.nix" ]; + documentation.nixos.enable = false; + + services.dump1090-fa = { + enable = true; + package = dump1090-fa; + }; + + services.nginx.virtualHosts."dump1090.sisko.wg.aciceri.dev" = { + forceSSL = true; + useACMEHost = "aciceri.dev"; + locations = { + "/".alias = "${dump1090-fa}/share/dump1090/"; + "/data/".alias = "/run/dump1090-fa/"; + }; + serverAliases = [ "dump1090.sisko.zt.aciceri.dev" ]; + }; +} diff --git a/modules/forgejo-runners/default.nix b/modules/forgejo-runners/default.nix index 3234a46..f6d7682 100644 --- a/modules/forgejo-runners/default.nix +++ b/modules/forgejo-runners/default.nix @@ -17,6 +17,7 @@ let gnugrep gawk git + openssh nix bash jq @@ -38,15 +39,6 @@ let cp -a "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" $out/etc/ssl/certs/ca-bundle.crt ''; numInstances = 1; - pushToCache = pkgs.writeScript "push-to-cache.sh" '' - #!/bin/sh - set -eu - set -f # disable globbing - export IFS=' ' - - echo "Uploading paths" $OUT_PATHS - exec nix copy --to "s3://cache?profile=default®ion=eu-south-1&scheme=https&endpoint=cache.aciceri.dev" $OUT_PATHS - ''; in lib.mkMerge [ { @@ -80,7 +72,6 @@ lib.mkMerge [ cat < etc/nix/nix.conf accept-flake-config = true experimental-features = nix-command flakes - post-build-hook = ${pushToCache} include access-tokens NIX_CONFIG @@ -121,22 +112,9 @@ lib.mkMerge [ nix.settings.trusted-users = [ "nixuser" ]; } { - # Format of the token file: virtualisation = { podman.enable = true; }; - - # virtualisation.containers.storage.settings = { - # storage.driver = "zfs"; - # storage.graphroot = "/var/lib/containers/storage"; - # storage.runroot = "/run/containers/storage"; - # storage.options.zfs.fsname = "zroot/root/podman"; - # }; - - # virtualisation.containers.containersConf.settings = { - # # podman seems to not work with systemd-resolved - # containers.dns_servers = [ "8.8.8.8" "8.8.4.4" ]; - # }; } { systemd.services = diff --git a/modules/garmin-grafana/default.nix b/modules/garmin-grafana/default.nix index 90795e6..e75b15b 100644 --- a/modules/garmin-grafana/default.nix +++ b/modules/garmin-grafana/default.nix @@ -5,7 +5,8 @@ ... }: let - garmin-grafana-flake = builtins.getFlake "github:NixOS/nixpkgs/1f03fefb44665cd2377912033de22ffaba2be48d"; + rev = "f24579d13ee035af96d4a68b765af2aa4b1018b6"; + garmin-grafana-flake = builtins.getFlake "github:NixOS/nixpkgs/${rev}"; inherit (garmin-grafana-flake.legacyPackages.${pkgs.system}) garmin-grafana; in { diff --git a/modules/nginx-base/default.nix b/modules/nginx-base/default.nix index 5068162..a79716e 100644 --- a/modules/nginx-base/default.nix +++ b/modules/nginx-base/default.nix @@ -14,7 +14,7 @@ dnsProvider = "cloudflare"; dnsPropagationCheck = true; group = config.services.nginx.group; - environmentFile = config.age.secrets.cloudflare-dyndns-api-token.path; + environmentFile = config.age.secrets.cloudflare-api-tokens.path; }; }; }; diff --git a/modules/nix/default.nix b/modules/nix/default.nix index 1b2258d..000ede4 100644 --- a/modules/nix/default.nix +++ b/modules/nix/default.nix @@ -92,7 +92,7 @@ ]; protocol = "ssh-ng"; sshUser = "root"; - sshKey = "/home/${config.ccr.username}/.ssh/id_rsa"; + sshKey = "/home/${config.ccr.username}/.ssh/id_ed25519"; } ++ (lib.lists.optional (config.networking.hostName == "picard") { hostName = "mac.staging.mlabs.city?remote-program=/run/current-system/sw/bin/nix-store"; diff --git a/packages/emacs/packages.nix b/packages/emacs/packages.nix index 73c6e96..9ab2c44 100644 --- a/packages/emacs/packages.nix +++ b/packages/emacs/packages.nix @@ -206,6 +206,7 @@ let mixed-pitch visual-replace org-super-agenda + tidal # org-re-reveal # FIXME very not nice hash mismatch when building ] ) @@ -222,6 +223,9 @@ let eat corfu-terminal haskell-ts-mode + ]) + ++ (with epkgs; [ + typst-ts-mode # why this doesn't seem to be in elpaPackages? ]); in mainPackages ++ (builtins.attrValues extraPackages) diff --git a/secrets/cloudflare-api-tokens.age b/secrets/cloudflare-api-tokens.age new file mode 100644 index 0000000..57e68b8 --- /dev/null +++ b/secrets/cloudflare-api-tokens.age @@ -0,0 +1,17 @@ +age-encryption.org/v1 +-> ssh-rsa /AagBw +hD7PDjueXimBVI/rjcYxN77LHV2eGytKcUbmh17aSL1CNM+eriURFao3tj52Hiaz +3VMB6FxWUk9kzgjMPvf5WZukuZ2WbpPH8xlDV+6ZH7e/IzmjIfx8Ny14Mr1IF/Rx +TBiCIAM19/1/mR9MiIBW85bb+Bb/waWIZAgxW3N1RpqH5+vAVqx0iY3XRF5+0gOq +blP3yEw3QaL6FuY0+a+d/TnCsrz2Gi1Rba9oCUmkzOP96TsJYdN58Ut6nrHFkURK +mShL2xBMLmfA8Z5ep+D8ueyQbcYpeU3KHcIcRM6dRTwQKvWXAVkRt1nUGasKrO9Y +oJT9BrcxjtqgF/xhHRjWpamjFSI3mlJnJNEbruddDwQUccrJOvEzvqZ7GK0WoFX2 +HmhdDOiocMGWFeBPAKlNtU3+QmtZvhvOIgbjKhNxmCt1A/qxfvRk7Y2IDIBo+CFo +sKMrT1tCo4UYaJdZYl64XYNCQb3C2EfO7Exrq3d2urNidzUbr9OBx7CCI1nu375c +Qol9Kr28fLtxRuSZlrqIe9vKVYyLDPznrRlh6TmgqmMLIW70Y8cZwMtT8L8sOkcm +A8MoxpWFzK4BKo0Iqmw6eZ3nx/0LAzkz005ZEwrmi2W/XxOWJgBiaLmu7YwnoGq0 +gzwwvA5V5MT6Iy7FzkQpMi0h/H4MZ0mcbihKdPun85Q +-> ssh-ed25519 +vdRnA 23Gviu8hfWCEBPHP7xYIaOx34kFsxJJgJ/BNUDlb9Cg +ROiMY2gw/rpNBmJnlRVb7Qhi5+8TY3Velj8gEZcaedI +--- dhmvfQoCjuRUJtvXNI/eCjH0W+IeJm8bFRvYk1JihD0 +qMC,݈ԝ9-\KJ]J(Sn.Qp~Z$e"픒\'rSlu +UD<Սv]|/g[ W_>-fl8|wيlB[\.k(W{=w 3N}qG-wMb^Q{ \ No newline at end of file diff --git a/secrets/cloudflare-dyndns-api-token.age b/secrets/cloudflare-dyndns-api-token.age index 57e68b8..6f09f52 100644 Binary files a/secrets/cloudflare-dyndns-api-token.age and b/secrets/cloudflare-dyndns-api-token.age differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 8724ce7..7b341b1 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -92,6 +92,10 @@ with keys.users; deltaflyer pike ]; + "cloudflare-api-tokens.age".publicKeys = [ + ccr-ssh + sisko + ]; "cloudflare-dyndns-api-token.age".publicKeys = [ ccr-ssh sisko