Compare commits
1 commit
main
...
matrix-syn
Author | SHA1 | Date | |
---|---|---|---|
Antoine Martin | 471ad21c78 |
4
.git-crypt/.gitattributes
vendored
Normal file
4
.git-crypt/.gitattributes
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
# Do not edit this file. To specify the files to encrypt, create your own
|
||||
# .gitattributes file in the directory where your files are.
|
||||
* !filter !diff
|
||||
*.gpg binary
|
Binary file not shown.
4
.gitattributes
vendored
Normal file
4
.gitattributes
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
secrets/**/*.secret filter=git-crypt diff=git-crypt
|
||||
secrets/matrix-email-config.nix filter=git-crypt diff=git-crypt
|
||||
secrets/wireguard.nix filter=git-crypt diff=git-crypt
|
||||
home/secrets/*.secret filter=git-crypt diff=git-crypt
|
98
.github/workflows/cachix.yaml
vendored
98
.github/workflows/cachix.yaml
vendored
|
@ -1,98 +0,0 @@
|
|||
name: "Cachix"
|
||||
on:
|
||||
push:
|
||||
paths:
|
||||
- '**.nix'
|
||||
- '**.age'
|
||||
- 'pkgs/**'
|
||||
- 'flake.nix'
|
||||
- 'flake.lock'
|
||||
- '.github/workflows/cachix.yaml'
|
||||
jobs:
|
||||
format-check:
|
||||
name: Format check
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- uses: cachix/install-nix-action@v27
|
||||
|
||||
- name: Run alejandra
|
||||
run: nix develop --command alejandra --check .
|
||||
|
||||
flake-check:
|
||||
name: Flake check
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- uses: cachix/install-nix-action@v27
|
||||
|
||||
- uses: cachix/cachix-action@v15
|
||||
with:
|
||||
name: alarsyo
|
||||
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
|
||||
extraPullNames: "nix-community"
|
||||
|
||||
- name: Build package
|
||||
run: nix flake check
|
||||
|
||||
build-pkgs:
|
||||
name: Nix packages
|
||||
runs-on: ubuntu-latest
|
||||
needs: [ flake-check, format-check ]
|
||||
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
name:
|
||||
- grafanaDashboards/nginx
|
||||
- grafanaDashboards/node-exporter
|
||||
- kaleidoscope-udev-rules
|
||||
- sddm-sugar-candy
|
||||
- spot
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- uses: cachix/install-nix-action@v27
|
||||
|
||||
- uses: cachix/cachix-action@v15
|
||||
with:
|
||||
name: alarsyo
|
||||
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
|
||||
extraPullNames: "nix-community"
|
||||
|
||||
- name: Build package
|
||||
run: nix build -L .#"${{ matrix.name }}"
|
||||
|
||||
build-configs:
|
||||
name: NixOS configs
|
||||
runs-on: ubuntu-latest
|
||||
needs: [ build-pkgs ]
|
||||
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
name:
|
||||
- boreal
|
||||
- hades
|
||||
- talos
|
||||
- thanatos
|
||||
|
||||
steps:
|
||||
- name: Delete huge unnecessary tools folder
|
||||
run: rm -rf /opt/hostedtoolcache
|
||||
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- uses: cachix/install-nix-action@v27
|
||||
|
||||
- uses: cachix/cachix-action@v15
|
||||
with:
|
||||
name: alarsyo
|
||||
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
|
||||
extraPullNames: "nix-community"
|
||||
|
||||
- name: Build package
|
||||
run: nix build -L .#nixosConfigurations."${{ matrix.name }}".config.system.build.toplevel
|
17
.github/workflows/nur-update.yaml
vendored
17
.github/workflows/nur-update.yaml
vendored
|
@ -1,17 +0,0 @@
|
|||
name: "NUR"
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'main'
|
||||
paths:
|
||||
- 'pkgs/**'
|
||||
- '.github/workflows/nur-update.yaml'
|
||||
|
||||
jobs:
|
||||
update-nur:
|
||||
name: "Ping NUR repo hook"
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: curl nur endpoint
|
||||
run: |
|
||||
curl -XPOST https://nur-update.nix-community.org/update?repo=alarsyo
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1 +0,0 @@
|
|||
/result
|
53
README.org
53
README.org
|
@ -1,25 +1,46 @@
|
|||
#+title: NixOS configurations
|
||||
#+title: NixOS deployment configuration
|
||||
|
||||
Configuration for my computers! You may find here system configurations for
|
||||
various services I host, as well as my dotfiles for daily programs.
|
||||
* Services
|
||||
|
||||
** Packages
|
||||
** Bitwarden
|
||||
|
||||
Various packages of mine can be found in this repo. You can easily use these
|
||||
packages from Nix by [[https://github.com/nix-community/NUR][setting up the Nix User Repository]].
|
||||
Password manager, Rust lightweight version.
|
||||
|
||||
*** Flake
|
||||
** Borg backup
|
||||
|
||||
If you prefer, theses packages are also exposed as a *flake* in this repo:
|
||||
Creating daily backups to borgbase
|
||||
|
||||
- To list packages:
|
||||
** fail2ban
|
||||
|
||||
#+begin_src sh
|
||||
nix flake show
|
||||
#+end_src
|
||||
Keeping the bad guys away
|
||||
|
||||
- To install one of them:
|
||||
** Gitea
|
||||
|
||||
#+begin_src sh
|
||||
nix build github:alarsyo/nixos-config#$PACKAGE
|
||||
#+end_src
|
||||
Hosting for all my personal projects
|
||||
|
||||
** Jellyfin
|
||||
|
||||
Netflix but just for me
|
||||
|
||||
** Lohr
|
||||
|
||||
*** Setup
|
||||
|
||||
Needs manual SSH key and known hosts setup.
|
||||
|
||||
** Matrix
|
||||
|
||||
My Matrix homeserver at =alarsyo.net=. Also hosting an Element web client at
|
||||
[[https://chat.alarsyo.net][chat.alarsyo.net]].
|
||||
|
||||
** Miniflux
|
||||
|
||||
RSS reader
|
||||
|
||||
** Monitoring
|
||||
|
||||
Grafana and Prometheus are currently used as a glorified =htop=.
|
||||
|
||||
** Nextcloud
|
||||
|
||||
** Wireguard VPN
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./gui-programs.nix
|
||||
./networking.nix
|
||||
./nix.nix
|
||||
./programs.nix
|
||||
|
|
|
@ -1,95 +1,27 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
options,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
optional
|
||||
;
|
||||
in {
|
||||
options.my.gui = {
|
||||
enable = mkEnableOption "System has some kind of screen attached";
|
||||
isNvidia = mkEnableOption "System a NVIDIA GPU";
|
||||
};
|
||||
|
||||
config = mkIf config.my.gui.enable {
|
||||
my.displayManager.sddm.enable = true;
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
pinentryPackage = pkgs.pinentry-qt;
|
||||
};
|
||||
|
||||
services = {
|
||||
xserver = {
|
||||
enable = true;
|
||||
# NOTE: could use `mkOptionDefault` but this feels more explicit
|
||||
videoDrivers =
|
||||
if config.my.gui.isNvidia
|
||||
then ["nvidia"]
|
||||
else options.services.xserver.videoDrivers.default;
|
||||
xkb = {
|
||||
layout = "fr";
|
||||
variant = "us";
|
||||
};
|
||||
};
|
||||
|
||||
libinput = {
|
||||
enable = true;
|
||||
touchpad = {
|
||||
naturalScrolling = true;
|
||||
};
|
||||
};
|
||||
|
||||
logind.lidSwitch = "ignore";
|
||||
|
||||
printing = {
|
||||
enable = true;
|
||||
cups-pdf.enable = true;
|
||||
};
|
||||
|
||||
udev.packages = [pkgs.chrysalis];
|
||||
};
|
||||
|
||||
environment.systemPackages = builtins.attrValues {
|
||||
inherit
|
||||
(pkgs)
|
||||
arandr
|
||||
chrysalis
|
||||
discord
|
||||
environment.systemPackages = with pkgs; [
|
||||
alacritty
|
||||
feh
|
||||
ffmpeg
|
||||
gimp-with-plugins
|
||||
imagemagick
|
||||
gnome.nautilus
|
||||
mpv
|
||||
obs-studio
|
||||
pavucontrol
|
||||
spotify
|
||||
tdesktop
|
||||
thunderbird
|
||||
virt-manager
|
||||
xcolor
|
||||
zathura
|
||||
;
|
||||
|
||||
inherit (pkgs.libsForQt5) okular;
|
||||
};
|
||||
unstable.discord
|
||||
unstable.firefox
|
||||
unstable.element-desktop
|
||||
unstable.slack
|
||||
unstable.spotify
|
||||
unstable.tdesktop
|
||||
unstable.teams
|
||||
];
|
||||
|
||||
networking.networkmanager.enable = true;
|
||||
programs.nm-applet.enable = true;
|
||||
programs.steam.enable = true;
|
||||
|
||||
# this is necessary to set GTK stuff in home manager
|
||||
# FIXME: better interdependency between this and the home part
|
||||
programs.dconf.enable = true;
|
||||
|
||||
# NOTE: needed for home emacs configuration
|
||||
nixpkgs.config.input-fonts.acceptLicense = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
{lib, ...}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkOption
|
||||
types
|
||||
;
|
||||
in {
|
||||
options.my.networking.externalInterface = mkOption {
|
||||
{ lib, ... }:
|
||||
{
|
||||
options.my.networking.externalInterface = with lib; mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "eth0";
|
||||
|
|
27
base/nix.nix
27
base/nix.nix
|
@ -1,27 +1,28 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
nix = {
|
||||
package = pkgs.nixStable;
|
||||
package = pkgs.nixUnstable;
|
||||
extraOptions = ''
|
||||
experimental-features = nix-command flakes
|
||||
'';
|
||||
|
||||
gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
options = "--delete-older-than 60d";
|
||||
persistent = true;
|
||||
};
|
||||
trustedUsers = [ "@wheel" ];
|
||||
|
||||
settings = {
|
||||
experimental-features = ["nix-command" "flakes"];
|
||||
trusted-users = ["@wheel"];
|
||||
substituters = [
|
||||
binaryCaches = [
|
||||
"https://alarsyo.cachix.org"
|
||||
"https://nix-community.cachix.org"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
binaryCachePublicKeys = [
|
||||
"alarsyo.cachix.org-1:A6BmcaJek5+ZDWWv3fPteHhPm6U8liS9CbDbmegPfmk="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
];
|
||||
|
||||
gc = {
|
||||
automatic = true;
|
||||
dates = "03:15";
|
||||
options = "--delete-older-than 30d";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,49 +1,56 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
programs = {
|
||||
fish.enable = true;
|
||||
gnupg.agent = {
|
||||
enable = true;
|
||||
pinentryFlavor = "curses";
|
||||
};
|
||||
less.enable = true;
|
||||
mosh.enable = true;
|
||||
tmux.enable = true;
|
||||
ssh = {
|
||||
startAgent = true;
|
||||
extraConfig = ''
|
||||
AddKeysToAgent yes
|
||||
'';
|
||||
};
|
||||
|
||||
# setcap wrapper for network permissions
|
||||
bandwhich.enable = true;
|
||||
};
|
||||
|
||||
services.openssh = {
|
||||
settings = {
|
||||
PasswordAuthentication = false;
|
||||
PermitRootLogin = "no";
|
||||
StreamLocalBindUnlink = true;
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = builtins.attrValues {
|
||||
inherit
|
||||
(pkgs)
|
||||
environment.systemPackages = with pkgs; [
|
||||
# shell usage
|
||||
|
||||
bat
|
||||
fd
|
||||
file
|
||||
ripgrep
|
||||
sd
|
||||
tmux
|
||||
tokei
|
||||
tree
|
||||
wget
|
||||
pciutils
|
||||
usbutils
|
||||
# development
|
||||
|
||||
# development
|
||||
git
|
||||
git-crypt
|
||||
git-lfs
|
||||
gnumake
|
||||
gnupg
|
||||
pinentry-curses
|
||||
python3
|
||||
vim
|
||||
# terminal utilities
|
||||
clang_11
|
||||
llvmPackages_11.bintools
|
||||
|
||||
# terminal utilities
|
||||
bottom
|
||||
dogdns
|
||||
du-dust
|
||||
htop
|
||||
unzip
|
||||
zip
|
||||
;
|
||||
};
|
||||
stow
|
||||
tealdeer
|
||||
|
||||
# nix pkgs lookup
|
||||
nix-index
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,29 +1,22 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
secrets = config.my.secrets;
|
||||
in {
|
||||
in
|
||||
{
|
||||
users.mutableUsers = false;
|
||||
users.users.root = {
|
||||
hashedPasswordFile = config.age.secrets."users/root-hashed-password".path;
|
||||
hashedPassword = secrets.shadow-hashed-password-root;
|
||||
};
|
||||
users.users.alarsyo = {
|
||||
hashedPasswordFile = config.age.secrets."users/alarsyo-hashed-password".path;
|
||||
hashedPassword = secrets.shadow-hashed-password-alarsyo;
|
||||
isNormalUser = true;
|
||||
extraGroups = [
|
||||
"media"
|
||||
"networkmanager"
|
||||
"video" # for `light` permissions
|
||||
"docker"
|
||||
"wheel" # Enable ‘sudo’ for the user.
|
||||
"libvirtd"
|
||||
];
|
||||
shell = pkgs.fish;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMbf1C55Hgprm4Y7iNHae2UhZbLa6SNeurDTOyq2tr1G alarsyo@yubikey"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH3rrF3VSWI4n4cpguvlmLAaU3uftuX4AVV/39S/8GO9 alarsyo@thinkpad"
|
||||
];
|
||||
};
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
# Default configuration
|
||||
./base
|
||||
./base/gui-programs.nix
|
||||
|
||||
# Module definitions
|
||||
./modules
|
||||
|
@ -9,6 +11,9 @@
|
|||
# Service definitions
|
||||
./services
|
||||
|
||||
# Configuration secrets
|
||||
./secrets
|
||||
|
||||
# Host-specific config
|
||||
./hosts/boreal
|
||||
];
|
||||
|
|
295
flake.lock
295
flake.lock
|
@ -1,235 +1,65 @@
|
|||
{
|
||||
"nodes": {
|
||||
"agenix": {
|
||||
"inputs": {
|
||||
"darwin": "darwin",
|
||||
"home-manager": "home-manager",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"systems": "systems"
|
||||
},
|
||||
"emacs-overlay": {
|
||||
"locked": {
|
||||
"lastModified": 1716561646,
|
||||
"narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"darwin": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"agenix",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1700795494,
|
||||
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lnl7",
|
||||
"ref": "master",
|
||||
"repo": "nix-darwin",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"disko": {
|
||||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717032306,
|
||||
"narHash": "sha256-s3Sis+M1qTSVIehHrEKBzHBpqprIFJli5V6WojkJnYE=",
|
||||
"lastModified": 1623609074,
|
||||
"narHash": "sha256-5r7rpljW3Ck/8I6UFt1QlPUiB7Fa8E2KtRW9u83YC4Y=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "8ea5bcccc03111bdedaeaae9380dfab61e9deb33",
|
||||
"repo": "emacs-overlay",
|
||||
"rev": "d9baacb691afe81a61b5b9f5fd42473710c59581",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "master",
|
||||
"repo": "disko",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"ref": "main",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": "systems_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flakey-profile": {
|
||||
"locked": {
|
||||
"lastModified": 1712898590,
|
||||
"narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=",
|
||||
"owner": "lf-",
|
||||
"repo": "flakey-profile",
|
||||
"rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lf-",
|
||||
"repo": "flakey-profile",
|
||||
"repo": "emacs-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"agenix",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703113217,
|
||||
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
|
||||
"lastModified": 1622917919,
|
||||
"narHash": "sha256-9gAIwbQyLhK78bEV648k4tfLK6JkYiPk9QdTECpLuOE=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
|
||||
"rev": "148d85ee8303444fb0116943787aa0b1b25f94df",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-21.05",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1726989464,
|
||||
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-24.05",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"lix": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1729298361,
|
||||
"narHash": "sha256-hiGtfzxFkDc9TSYsb96Whg0vnqBVV7CUxyscZNhed0U=",
|
||||
"rev": "ad9d06f7838a25beec425ff406fe68721fef73be",
|
||||
"type": "tarball",
|
||||
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ad9d06f7838a25beec425ff406fe68721fef73be.tar.gz?rev=ad9d06f7838a25beec425ff406fe68721fef73be"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://git.lix.systems/lix-project/lix/archive/2.91.1.tar.gz"
|
||||
}
|
||||
},
|
||||
"lix-module": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_2",
|
||||
"flakey-profile": "flakey-profile",
|
||||
"lix": "lix",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729360442,
|
||||
"narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=",
|
||||
"rev": "9098ac95768f7006d7e070b88bae76939f6034e6",
|
||||
"type": "tarball",
|
||||
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz?rev=9098ac95768f7006d7e070b88bae76939f6034e6"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"
|
||||
}
|
||||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1731797098,
|
||||
"narHash": "sha256-UhWmEZhwJZmVZ1jfHZFzCg+ZLO9Tb/v3Y6LC0UNyeTo=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "672ac2ac86f7dff2f6f3406405bddecf960e0db6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "master",
|
||||
"repo": "nixos-hardware",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1703013332,
|
||||
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
|
||||
"lastModified": 1623576761,
|
||||
"narHash": "sha256-krXZQ0lObduC95f40K3JwIT//VIBpXBwVNclqh5njtE=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
|
||||
"rev": "1f91fd1040667e9265a760b0347f8bc416249da7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"ref": "nixos-21.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-unstable-small": {
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1729493358,
|
||||
"narHash": "sha256-Ti+Y9nWt5Fcs3JlarxLPgIOVlbqQo7jobz/qOwOaziM=",
|
||||
"lastModified": 1623589201,
|
||||
"narHash": "sha256-f29Rp2XFmfjtwldUyRvMz0X93/Nf6J8i4WBvVVKqCHs=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a5e6a9e979367ee14f65d9c38119c30272f8455f",
|
||||
"rev": "6aa2bb6a818d12d4cf296f736263011611cf2610",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -239,93 +69,12 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1716914467,
|
||||
"narHash": "sha256-KkT6YM/yNQqirtYj/frn6RRakliB8RDvGqVGGaNhdcU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "4a3fc4cf736b7d2d288d7a8bf775ac8d4c0920b4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1731797254,
|
||||
"narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-24.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"agenix": "agenix",
|
||||
"disko": "disko",
|
||||
"flake-utils": "flake-utils",
|
||||
"home-manager": "home-manager_2",
|
||||
"lix-module": "lix-module",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"nixpkgs-unstable-small": "nixpkgs-unstable-small"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_2": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_3": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
"emacs-overlay": "emacs-overlay",
|
||||
"home-manager": "home-manager",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
170
flake.nix
170
flake.nix
|
@ -5,128 +5,91 @@
|
|||
type = "github";
|
||||
owner = "NixOS";
|
||||
repo = "nixpkgs";
|
||||
ref = "nixos-24.05";
|
||||
ref = "nixos-21.05";
|
||||
};
|
||||
|
||||
nixpkgs-unstable-small = {
|
||||
nixpkgs-unstable = {
|
||||
type = "github";
|
||||
owner = "NixOS";
|
||||
repo = "nixpkgs";
|
||||
ref = "nixos-unstable-small";
|
||||
};
|
||||
|
||||
agenix = {
|
||||
emacs-overlay = {
|
||||
type = "github";
|
||||
owner = "ryantm";
|
||||
repo = "agenix";
|
||||
owner = "nix-community";
|
||||
repo = "emacs-overlay";
|
||||
ref = "master";
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
type = "github";
|
||||
owner = "nix-community";
|
||||
repo = "home-manager";
|
||||
ref = "release-24.05";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
flake-utils = {
|
||||
type = "github";
|
||||
owner = "numtide";
|
||||
repo = "flake-utils";
|
||||
ref = "main";
|
||||
};
|
||||
|
||||
nixos-hardware = {
|
||||
type = "github";
|
||||
owner = "NixOS";
|
||||
repo = "nixos-hardware";
|
||||
ref = "master";
|
||||
};
|
||||
|
||||
disko = {
|
||||
type = "github";
|
||||
owner = "nix-community";
|
||||
repo = "disko";
|
||||
ref = "master";
|
||||
};
|
||||
|
||||
lix-module = {
|
||||
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz";
|
||||
ref = "release-21.05";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
outputs = {
|
||||
self,
|
||||
outputs = { self,
|
||||
nixpkgs,
|
||||
home-manager,
|
||||
agenix,
|
||||
disko,
|
||||
lix-module,
|
||||
...
|
||||
} @ inputs:
|
||||
nixpkgs-unstable,
|
||||
emacs-overlay,
|
||||
home-manager }: {
|
||||
nixosConfigurations.poseidon = nixpkgs.lib.nixosSystem rec {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./poseidon.nix
|
||||
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
nixosModules = {
|
||||
home = {
|
||||
home-manager.backupFileExtension = "hm-backup";
|
||||
home-manager.useGlobalPkgs = true;
|
||||
home-manager.useUserPackages = true;
|
||||
home-manager.users.alarsyo = import ./home;
|
||||
home-manager.verbose = true;
|
||||
};
|
||||
};
|
||||
|
||||
overlays = import ./overlays;
|
||||
|
||||
nixosConfigurations = let
|
||||
system = "x86_64-linux";
|
||||
shared_overlays =
|
||||
[
|
||||
(self: super: {
|
||||
packages = import ./pkgs {pkgs = super;};
|
||||
}
|
||||
|
||||
{
|
||||
nixpkgs.overlays = [
|
||||
(final: prev: {
|
||||
# packages accessible through pkgs.unstable.package
|
||||
unstable = import inputs.nixpkgs-unstable-small {
|
||||
unstable = import nixpkgs-unstable {
|
||||
inherit system;
|
||||
config.allowUnfree = true;
|
||||
};
|
||||
})
|
||||
|
||||
agenix.overlays.default
|
||||
]
|
||||
++ builtins.attrValues self.overlays;
|
||||
sharedModules =
|
||||
[
|
||||
agenix.nixosModules.default
|
||||
home-manager.nixosModules.default
|
||||
lix-module.nixosModules.default
|
||||
{
|
||||
nixpkgs = {
|
||||
overlays = shared_overlays;
|
||||
config.permittedInsecurePackages = [];
|
||||
};
|
||||
hardware.enableRedistributableFirmware = true;
|
||||
];
|
||||
}
|
||||
]
|
||||
++ (nixpkgs.lib.attrValues self.nixosModules);
|
||||
in {
|
||||
hades = nixpkgs.lib.nixosSystem rec {
|
||||
inherit system;
|
||||
modules =
|
||||
[
|
||||
./hades.nix
|
||||
]
|
||||
++ sharedModules;
|
||||
];
|
||||
};
|
||||
|
||||
boreal = nixpkgs.lib.nixosSystem rec {
|
||||
inherit system;
|
||||
modules =
|
||||
[
|
||||
nixosConfigurations.boreal = nixpkgs.lib.nixosSystem rec {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./boreal.nix
|
||||
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.useGlobalPkgs = true;
|
||||
home-manager.useUserPackages = true;
|
||||
home-manager.users.alarsyo = import ./home;
|
||||
home-manager.verbose = true;
|
||||
}
|
||||
|
||||
{
|
||||
nixpkgs.overlays = [
|
||||
emacs-overlay.overlay
|
||||
|
||||
(self: super: {
|
||||
packages = import ./pkgs { pkgs = super; };
|
||||
|
||||
unstable = import nixpkgs-unstable {
|
||||
inherit system;
|
||||
config.allowUnfree = true;
|
||||
};
|
||||
|
||||
steam = self.unstable.steam;
|
||||
})
|
||||
|
||||
# uncomment this to build everything from scratch, fun but takes a
|
||||
# while
|
||||
#
|
||||
|
@ -135,42 +98,7 @@
|
|||
# })
|
||||
];
|
||||
}
|
||||
]
|
||||
++ sharedModules;
|
||||
};
|
||||
|
||||
talos = nixpkgs.lib.nixosSystem {
|
||||
inherit system;
|
||||
modules =
|
||||
[
|
||||
inputs.nixos-hardware.nixosModules.framework-13-7040-amd
|
||||
disko.nixosModules.default
|
||||
./talos.nix
|
||||
]
|
||||
++ sharedModules;
|
||||
};
|
||||
|
||||
thanatos = nixpkgs.lib.nixosSystem {
|
||||
inherit system;
|
||||
modules =
|
||||
[
|
||||
disko.nixosModules.default
|
||||
./thanatos.nix
|
||||
]
|
||||
++ sharedModules;
|
||||
};
|
||||
};
|
||||
}
|
||||
// inputs.flake-utils.lib.eachDefaultSystem (system: let
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
in {
|
||||
packages =
|
||||
inputs.flake-utils.lib.flattenTree
|
||||
(import ./pkgs {inherit pkgs;});
|
||||
devShells.default = pkgs.mkShellNoCC {
|
||||
buildInputs = [
|
||||
pkgs.alejandra
|
||||
];
|
||||
};
|
||||
});
|
||||
};
|
||||
}
|
||||
|
|
23
hades.nix
23
hades.nix
|
@ -1,23 +0,0 @@
|
|||
{...}: {
|
||||
imports = [
|
||||
# Default configuration
|
||||
./base
|
||||
|
||||
# Module definitions
|
||||
./modules
|
||||
|
||||
# Service definitions
|
||||
./services
|
||||
|
||||
# Host-specific config
|
||||
./hosts/hades
|
||||
];
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.05"; # Did you read the comment?
|
||||
}
|
|
@ -1,29 +1,16 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.my.home.alacritty;
|
||||
alacrittyTheme = config.my.theme.alacrittyTheme;
|
||||
in {
|
||||
options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // {default = config.my.home.x.enable;};
|
||||
in
|
||||
{
|
||||
options.my.home.alacritty.enable = lib.mkEnableOption "Alacritty terminal";
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
programs.alacritty = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
env = {
|
||||
WINIT_X11_SCALE_FACTOR = "1.0";
|
||||
};
|
||||
|
||||
window = {
|
||||
padding = {
|
||||
x = 8;
|
||||
|
@ -43,8 +30,9 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
home.packages = [pkgs.iosevka-bin];
|
||||
|
||||
home.packages = with pkgs; [
|
||||
iosevka-bin
|
||||
];
|
||||
# make sure font is discoverable
|
||||
fonts.fontconfig.enable = true;
|
||||
};
|
||||
|
|
28
home/bat.nix
28
home/bat.nix
|
@ -1,28 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
cfg = config.my.home.bat;
|
||||
batTheme = config.my.theme.batTheme;
|
||||
in {
|
||||
options.my.home.bat = {
|
||||
enable = (mkEnableOption "bat code display tool") // {default = true;};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.bat = {
|
||||
enable = true;
|
||||
|
||||
config = {
|
||||
theme = batTheme.name;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,34 +1,19 @@
|
|||
{config, ...}: {
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./alacritty.nix
|
||||
./bat.nix
|
||||
./direnv.nix
|
||||
./emacs.nix
|
||||
./env.nix
|
||||
./firefox.nix
|
||||
./fish
|
||||
./flameshot.nix
|
||||
./git.nix
|
||||
./gtk.nix
|
||||
./laptop.nix
|
||||
./mail.nix
|
||||
./rbw.nix
|
||||
./rofi.nix
|
||||
./ssh.nix
|
||||
./secrets
|
||||
./starship.nix
|
||||
./themes
|
||||
./tmux.nix
|
||||
./tridactyl.nix
|
||||
./x
|
||||
];
|
||||
|
||||
home.username = "alarsyo";
|
||||
home.stateVersion = "20.09";
|
||||
|
||||
home.sessionVariables = let
|
||||
gpgPackage = config.programs.gpg.package;
|
||||
in {
|
||||
BROWSER = "firefox";
|
||||
# FIXME: only set if gpg-agent not in use, otherwise home manager already does that
|
||||
SSH_AUTH_SOCK = "$(${gpgPackage}/bin/gpgconf --list-dirs agent-ssh-socket)";
|
||||
XDG_DATA_HOME = "$HOME/.local/share";
|
||||
};
|
||||
home.username = "alarsyo";
|
||||
}
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
cfg = config.my.home.direnv;
|
||||
in {
|
||||
options.my.home.direnv = {
|
||||
enable = (mkEnableOption "setup direnv usage") // {default = true;};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.direnv = {
|
||||
enable = true;
|
||||
nix-direnv = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,36 +1,17 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
in {
|
||||
options.my.home.emacs = {
|
||||
options.my.home.emacs = with lib; {
|
||||
enable = mkEnableOption "Emacs daemon configuration";
|
||||
};
|
||||
|
||||
config = mkIf config.my.home.emacs.enable {
|
||||
home.sessionPath = ["${config.xdg.configHome}/emacs/bin"];
|
||||
home.sessionVariables = {
|
||||
EDITOR = "emacsclient -t";
|
||||
};
|
||||
|
||||
home.packages = builtins.attrValues {
|
||||
inherit
|
||||
(pkgs)
|
||||
config = lib.mkIf config.my.home.emacs.enable {
|
||||
home.packages = with pkgs; [
|
||||
sqlite # needed by org-roam
|
||||
|
||||
# fonts used by my config
|
||||
|
||||
emacs-all-the-icons-fonts
|
||||
iosevka-bin
|
||||
;
|
||||
};
|
||||
];
|
||||
# make sure above fonts are discoverable
|
||||
fonts.fontconfig.enable = true;
|
||||
|
||||
|
@ -38,13 +19,11 @@ in {
|
|||
enable = true;
|
||||
# generate emacsclient desktop file
|
||||
client.enable = true;
|
||||
socketActivation.enable = true;
|
||||
};
|
||||
|
||||
programs.emacs = {
|
||||
enable = true;
|
||||
package = pkgs.emacs29-pgtk;
|
||||
extraPackages = epkgs: [epkgs.vterm epkgs.pdf-tools pkgs.lilypond epkgs.mu4e];
|
||||
package = pkgs.emacsPgtkGcc;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
{config, ...}: {
|
||||
{ config, ... }:
|
||||
{
|
||||
home.sessionPath = [
|
||||
"${config.xdg.configHome}/emacs/bin"
|
||||
"${config.home.homeDirectory}/.cargo/bin"
|
||||
"${config.home.homeDirectory}/.local/bin"
|
||||
];
|
||||
|
|
|
@ -1,29 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
cfg = config.my.home.firefox;
|
||||
in {
|
||||
options.my.home.firefox = {
|
||||
enable = (mkEnableOption "firefox config") // {default = config.my.home.x.enable;};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.firefox = {
|
||||
enable = true;
|
||||
package = pkgs.firefox.override {
|
||||
nativeMessagingHosts = [
|
||||
pkgs.tridactyl-native
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,37 +1,13 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.home.fish;
|
||||
in {
|
||||
options.my.home.fish.enable = (mkEnableOption "Fish shell") // {default = true;};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
home.sessionVariables = {
|
||||
# automatically prompt to run program in nix-shell if it's not installed
|
||||
NIX_AUTO_RUN = "1";
|
||||
NIX_AUTO_RUN_INTERACTIVE = "1";
|
||||
};
|
||||
in
|
||||
{
|
||||
options.my.home.fish.enable = lib.mkEnableOption "Fish shell";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellAliases = {
|
||||
"bt" = "bluetoothctl";
|
||||
};
|
||||
shellAbbrs = {
|
||||
"bton" = "bluetoothctl power on";
|
||||
"btoff" = "bluetoothctl power off";
|
||||
"btcon" = "bluetoothctl connect";
|
||||
"btdis" = "bluetoothctl disconnect";
|
||||
"btinfo" = "bluetoothctl info";
|
||||
};
|
||||
};
|
||||
|
||||
xdg.configFile."fish/functions" = { source = ./. + "/functions"; };
|
||||
|
|
|
@ -1,23 +0,0 @@
|
|||
function dock
|
||||
xrandr \
|
||||
--output eDP-1 --mode 1920x1080 --pos 0x120 --rotate normal \
|
||||
--output HDMI-1 --off \
|
||||
--output DP-1 --off \
|
||||
--output DP-2 --off \
|
||||
--output DP-3 --primary --mode 1920x1200 --pos 1920x0 --rotate normal \
|
||||
--output DP-4 --mode 1920x1200 --pos 3840x0 --rotate normal \
|
||||
--output DP-4 --off \
|
||||
--output DP-5 --off
|
||||
|
||||
i3-msg -q '[workspace="1"]' move workspace to output DP-3 2>/dev/null
|
||||
i3-msg -q '[workspace="2"]' move workspace to output DP-3 2>/dev/null
|
||||
i3-msg -q '[workspace="3"]' move workspace to output DP-3 2>/dev/null
|
||||
i3-msg -q '[workspace="4"]' move workspace to output DP-3 2>/dev/null
|
||||
i3-msg -q '[workspace="5"]' move workspace to output DP-3 2>/dev/null
|
||||
|
||||
i3-msg -q '[workspace="7"]' move workspace to output eDP-1 2>/dev/null
|
||||
|
||||
i3-msg -q '[workspace="8"]' move workspace to output DP-4 2>/dev/null
|
||||
i3-msg -q '[workspace="9"]' move workspace to output DP-4 2>/dev/null
|
||||
i3-msg -q '[workspace="10"]' move workspace to output DP-4 2>/dev/null
|
||||
end
|
|
@ -1,16 +0,0 @@
|
|||
function dock2
|
||||
xrandr \
|
||||
--output eDP-1 --mode 1920x1080 --pos 2560x0 --rotate normal \
|
||||
--output DP-1 --primary --mode 2560x1440 --pos 0x0 --rotate normal \
|
||||
--output HDMI-1 --off \
|
||||
--output DP-2 --off \
|
||||
--output HDMI-2 --off
|
||||
|
||||
i3-msg -q '[workspace="1"]' move workspace to output DP-1 2>/dev/null
|
||||
i3-msg -q '[workspace="2"]' move workspace to output DP-1 2>/dev/null
|
||||
i3-msg -q '[workspace="3"]' move workspace to output DP-1 2>/dev/null
|
||||
i3-msg -q '[workspace="4"]' move workspace to output DP-1 2>/dev/null
|
||||
i3-msg -q '[workspace="9"]' move workspace to output DP-1 2>/dev/null
|
||||
|
||||
i3-msg -q '[workspace="10"]' move workspace to output eDP-1 2>/dev/null
|
||||
end
|
|
@ -1,3 +0,0 @@
|
|||
function magit
|
||||
emacsclient --tty --eval '(magit-status)' --suppress-output
|
||||
end
|
|
@ -1,4 +1,7 @@
|
|||
function nfl
|
||||
set -l flags "--commit-lock-file"
|
||||
nix flake update $flags $argv
|
||||
for flake in $argv
|
||||
set -a flags "--update-input" "$flake"
|
||||
end
|
||||
nix flake lock $flags
|
||||
end
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
function undock
|
||||
xrandr \
|
||||
--output eDP-1 --primary --mode 1920x1080 --pos 0x0 --rotate normal \
|
||||
--output HDMI-1 --off \
|
||||
--output DP-1 --off \
|
||||
--output DP-2 --off \
|
||||
--output DP-3 --off \
|
||||
--output DP-4 --off \
|
||||
--output DP-5 --off
|
||||
end
|
|
@ -1,8 +0,0 @@
|
|||
function undock2
|
||||
xrandr \
|
||||
--output eDP-1 --primary --mode 1920x1080 --rotate normal \
|
||||
--output DP-1 --off \
|
||||
--output HDMI-1 --off \
|
||||
--output DP-2 --off \
|
||||
--output HDMI-2 --off
|
||||
end
|
|
@ -1,14 +0,0 @@
|
|||
function wake -d "Wake-on-WiFi shortcut" -a host
|
||||
if not set -q host[1]
|
||||
echo "Usage: wake HOSTNAME"
|
||||
return 1
|
||||
end
|
||||
|
||||
switch $host
|
||||
case boreal
|
||||
ssh -t pi@pi.alarsyo.net "bash -ic wakywaky"
|
||||
case *
|
||||
echo "Unknown host!"
|
||||
return 1
|
||||
end
|
||||
end
|
|
@ -1,21 +1,13 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.home.flameshot;
|
||||
in {
|
||||
options.my.home.flameshot = {
|
||||
in
|
||||
{
|
||||
options.my.home.flameshot = with lib; {
|
||||
enable = mkEnableOption "flameshot autolaunch";
|
||||
};
|
||||
|
||||
config.services.flameshot = mkIf cfg.enable {
|
||||
config.services.flameshot = lib.mkIf cfg.enable {
|
||||
enable = true;
|
||||
};
|
||||
}
|
||||
|
|
68
home/git.nix
68
home/git.nix
|
@ -1,68 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
cfg = config.my.home.git;
|
||||
in {
|
||||
options.my.home.git.enable = (mkEnableOption "Git configuration") // {default = true;};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.git = {
|
||||
enable = true;
|
||||
|
||||
delta = {
|
||||
enable = true;
|
||||
options = {
|
||||
syntax-theme = "Solarized (light)";
|
||||
};
|
||||
};
|
||||
lfs.enable = true;
|
||||
|
||||
userEmail = "antoine@alarsyo.net";
|
||||
userName = "Antoine Martin";
|
||||
|
||||
extraConfig = {
|
||||
commit = {verbose = true;};
|
||||
core = {editor = "vim";};
|
||||
init = {defaultBranch = "main";};
|
||||
pull = {rebase = true;};
|
||||
rerere = {enabled = true;};
|
||||
maintenance.prefetch.enabled = false;
|
||||
};
|
||||
|
||||
aliases = {
|
||||
push-wip = "push -o ci.skip";
|
||||
push-merge = "push -o merge_request.create -o merge_request.merge_when_pipeline_succeeds -o merge_request.remove_source_branch";
|
||||
push-mr = "push -o merge_request.create -o merge_request.remove_source_branch";
|
||||
};
|
||||
|
||||
includes = [
|
||||
{
|
||||
condition = "gitdir:~/work/lrde/";
|
||||
contents = {user = {email = "amartin@lrde.epita.fr";};};
|
||||
}
|
||||
{
|
||||
condition = "gitdir:~/work/prologin/";
|
||||
contents = {user = {email = "antoine.martin@prologin.org";};};
|
||||
}
|
||||
{
|
||||
condition = "gitdir:~/work/epita/";
|
||||
contents = {user = {email = "antoine4.martin@epita.fr";};};
|
||||
}
|
||||
];
|
||||
|
||||
ignores = [
|
||||
"/.direnv/"
|
||||
"/.envrc"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
36
home/gtk.nix
36
home/gtk.nix
|
@ -1,36 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
cfg = config.my.home.gtk;
|
||||
in {
|
||||
options.my.home.gtk = with lib; {
|
||||
enable = (mkEnableOption "GTK configuration") // {default = config.my.home.x.enable;};
|
||||
};
|
||||
|
||||
config.gtk = lib.mkIf cfg.enable {
|
||||
enable = true;
|
||||
|
||||
font = {
|
||||
package = pkgs.dejavu_fonts;
|
||||
name = "DejaVu Sans";
|
||||
};
|
||||
|
||||
gtk2 = {
|
||||
# No garbage polluting my $HOME
|
||||
configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
|
||||
};
|
||||
|
||||
iconTheme = {
|
||||
package = pkgs.gnome.gnome-themes-extra;
|
||||
name = "Adwaita";
|
||||
};
|
||||
|
||||
theme = {
|
||||
package = pkgs.gnome.gnome-themes-extra;
|
||||
name = "Adwaita";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,14 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
;
|
||||
in {
|
||||
options.my.home.laptop = {
|
||||
enable = mkEnableOption "Laptop settings";
|
||||
};
|
||||
}
|
189
home/mail.nix
189
home/mail.nix
|
@ -1,189 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mapAttrs
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
inherit
|
||||
(builtins)
|
||||
typeOf
|
||||
;
|
||||
|
||||
myName = "Antoine Martin";
|
||||
email_perso = "antoine@alarsyo.net";
|
||||
email_lrde = "amartin@lrde.epita.fr";
|
||||
email_prologin = "antoine.martin@prologin.org";
|
||||
|
||||
cfg = config.my.home.mail;
|
||||
|
||||
make_mbsync_channel = patterns:
|
||||
(
|
||||
if (typeOf patterns) == "list"
|
||||
then {
|
||||
inherit patterns;
|
||||
}
|
||||
else {
|
||||
farPattern = patterns.far;
|
||||
nearPattern = patterns.near;
|
||||
}
|
||||
)
|
||||
// {
|
||||
extraConfig = {
|
||||
Create = "Both";
|
||||
Expunge = "Both";
|
||||
Remove = "None";
|
||||
SyncState = "*";
|
||||
};
|
||||
};
|
||||
make_mbsync_channels = mapAttrs (_: value: make_mbsync_channel value);
|
||||
|
||||
gmail_far_near_patterns = {
|
||||
sent = {
|
||||
far = "[Gmail]/Sent Mail";
|
||||
near = "Sent";
|
||||
};
|
||||
drafts = {
|
||||
far = "[Gmail]/Drafts";
|
||||
near = "Drafts";
|
||||
};
|
||||
junk = {
|
||||
far = "[Gmail]/Spam";
|
||||
near = "Junk";
|
||||
};
|
||||
trash = {
|
||||
far = "[Gmail]/Trash";
|
||||
near = "Trash";
|
||||
};
|
||||
};
|
||||
gmail_mbsync_channels = make_mbsync_channels gmail_far_near_patterns;
|
||||
in {
|
||||
options.my.home.mail = {
|
||||
# I *could* read email in a terminal emacs client on a server, but in
|
||||
# practice I don't think it'll happen very often, so let's enable this only
|
||||
# when I'm on a machine with a Xorg server.
|
||||
enable = (mkEnableOption "email configuration") // {default = config.my.home.x.enable;};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
accounts.email = {
|
||||
maildirBasePath = "${config.home.homeDirectory}/.mail";
|
||||
accounts = {
|
||||
alarsyo = {
|
||||
address = email_perso;
|
||||
userName = email_perso;
|
||||
realName = myName;
|
||||
aliases = [
|
||||
"alarsyo@alarsyo.net"
|
||||
"antoine@amartin.email"
|
||||
];
|
||||
flavor = "plain"; # default setting
|
||||
passwordCommand = "${pkgs.rbw}/bin/rbw get webmail.migadu.com ${email_perso}";
|
||||
primary = true;
|
||||
mbsync = {
|
||||
enable = true;
|
||||
create = "both";
|
||||
expunge = "both";
|
||||
groups = {
|
||||
alarsyo-main.channels = make_mbsync_channels {
|
||||
main = ["INBOX" "Sent" "Drafts" "Junk" "Trash"];
|
||||
};
|
||||
alarsyo-full.channels = make_mbsync_channels {
|
||||
full = ["*" "!INBOX" "!Sent" "!Drafts" "!Junk" "!Trash"];
|
||||
};
|
||||
};
|
||||
};
|
||||
msmtp.enable = true;
|
||||
mu.enable = true;
|
||||
imap = {
|
||||
host = "imap.migadu.com";
|
||||
port = 993;
|
||||
tls.enable = true;
|
||||
};
|
||||
smtp = {
|
||||
host = "smtp.migadu.com";
|
||||
port = 465;
|
||||
tls.enable = true;
|
||||
};
|
||||
};
|
||||
lrde = {
|
||||
address = email_lrde;
|
||||
userName = "amartin";
|
||||
realName = myName;
|
||||
flavor = "plain"; # default setting
|
||||
passwordCommand = "${pkgs.rbw}/bin/rbw get lrde.epita.fr amartin";
|
||||
mbsync = {
|
||||
enable = true;
|
||||
create = "both";
|
||||
expunge = "both";
|
||||
patterns = ["*" "!Archives*"];
|
||||
extraConfig.account = {
|
||||
# otherwise mbsync tries GSSAPI, but I don't have Kerberos setup
|
||||
# on this machine
|
||||
AuthMechs = "LOGIN";
|
||||
};
|
||||
};
|
||||
msmtp.enable = true;
|
||||
mu.enable = true;
|
||||
imap = {
|
||||
host = "imap.lrde.epita.fr";
|
||||
port = 993;
|
||||
tls.enable = true;
|
||||
};
|
||||
smtp = {
|
||||
host = "smtp.lrde.epita.fr";
|
||||
port = 465;
|
||||
tls.enable = true;
|
||||
};
|
||||
};
|
||||
prologin = {
|
||||
address = email_prologin;
|
||||
userName = email_prologin;
|
||||
realName = myName;
|
||||
aliases = [
|
||||
"alarsyo@prologin.org"
|
||||
];
|
||||
flavor = "plain"; # default setting
|
||||
passwordCommand = "${pkgs.rbw}/bin/rbw get google.com ${email_prologin}-mailpass";
|
||||
primary = false;
|
||||
mbsync = {
|
||||
enable = true;
|
||||
create = "both";
|
||||
expunge = "both";
|
||||
groups = {
|
||||
prologin-main.channels =
|
||||
(make_mbsync_channels {
|
||||
main = ["INBOX" "membres@"];
|
||||
})
|
||||
// gmail_mbsync_channels;
|
||||
prologin-info.channels = make_mbsync_channels {
|
||||
info = ["info@" "info@gcc"];
|
||||
};
|
||||
};
|
||||
};
|
||||
msmtp.enable = true;
|
||||
mu.enable = true;
|
||||
imap = {
|
||||
host = "imap.gmail.com";
|
||||
port = 993;
|
||||
tls.enable = true;
|
||||
};
|
||||
smtp = {
|
||||
host = "smtp.gmail.com";
|
||||
port = 465;
|
||||
tls.enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
programs.mbsync.enable = true;
|
||||
programs.msmtp.enable = true;
|
||||
programs.mu.enable = true;
|
||||
};
|
||||
}
|
56
home/rbw.nix
56
home/rbw.nix
|
@ -1,56 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
cfg = config.my.home.mail;
|
||||
in {
|
||||
options.my.home.rbw = {
|
||||
enable = mkEnableOption "rbw configuration";
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.rbw = {
|
||||
enable = true;
|
||||
settings = {
|
||||
email = "antoine@alarsyo.net";
|
||||
base_url = "https://pass.alarsyo.net";
|
||||
lock_timeout = 60 * 60 * 12;
|
||||
pinentry = pkgs.pinentry-qt;
|
||||
};
|
||||
};
|
||||
|
||||
# `rbw-agent` should be launched on first call to `rbw`, so this shouldn't
|
||||
# be necessary.
|
||||
#
|
||||
# However, if for instance `rbw` if first called by the emacs-daemon (when
|
||||
# accessing an IMAP account password), then restarting the user service
|
||||
# associated to the emacs daemon also kills the rbw-agent it spawned,
|
||||
# resetting the lock status and prompting for a passphrase again.
|
||||
#
|
||||
# This user service makes sure the rbw-agent is started when the user
|
||||
# session launches.
|
||||
systemd.user.services.rbw = {
|
||||
Unit = {
|
||||
Description = "rbw agent autostart";
|
||||
After = "graphical-session.target";
|
||||
PartOf = "graphical-session.target";
|
||||
};
|
||||
|
||||
Install.WantedBy = ["graphical-session.target"];
|
||||
|
||||
Service = {
|
||||
ExecStart = "${pkgs.rbw}/bin/rbw-agent";
|
||||
Restart = "on-abort";
|
||||
Type = "forking";
|
||||
PIDFile = "%t/rbw/pidfile";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
cfg = config.my.home.rofi;
|
||||
in {
|
||||
options.my.home.rofi = {
|
||||
enable = (mkEnableOption "rofi configuration") // {default = config.my.home.x.enable;};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.rofi = {
|
||||
enable = true;
|
||||
|
||||
terminal = "${pkgs.alacritty}/bin/alacritty";
|
||||
};
|
||||
};
|
||||
}
|
BIN
home/secrets/bluetooth-mouse-mac-address.secret
Normal file
BIN
home/secrets/bluetooth-mouse-mac-address.secret
Normal file
Binary file not shown.
13
home/secrets/default.nix
Normal file
13
home/secrets/default.nix
Normal file
|
@ -0,0 +1,13 @@
|
|||
{ lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.my.secrets = mkOption {
|
||||
type = types.attrs;
|
||||
};
|
||||
|
||||
config.my.secrets = {
|
||||
# I'm not sure hiding this is very important, but it *seems* like a bad idea
|
||||
# to expose this
|
||||
bluetooth-mouse-mac-address = fileContents ./bluetooth-mouse-mac-address.secret;
|
||||
};
|
||||
}
|
62
home/ssh.nix
62
home/ssh.nix
|
@ -1,62 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
cfg = config.my.home.ssh;
|
||||
in {
|
||||
options.my.home.ssh = {
|
||||
enable = (mkEnableOption "ssh configuration") // {default = true;};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
|
||||
matchBlocks = let
|
||||
addGPGAgentForwarding = hostConf:
|
||||
{
|
||||
remoteForwards = [
|
||||
{
|
||||
# shhhh this is a path but it works
|
||||
bind.address = "/run/user/1000/gnupg/S.gpg-agent.ssh";
|
||||
host.address = "/run/user/1000/gnupg/S.gpg-agent.ssh";
|
||||
}
|
||||
];
|
||||
}
|
||||
// hostConf;
|
||||
in {
|
||||
boreal = addGPGAgentForwarding {hostname = "boreal.alarsyo.net";};
|
||||
hades = addGPGAgentForwarding {hostname = "hades.alarsyo.net";};
|
||||
thanatos = addGPGAgentForwarding {hostname = "thanatos.alarsyo.net";};
|
||||
pi = addGPGAgentForwarding {
|
||||
hostname = "pi.alarsyo.net";
|
||||
user = "pi";
|
||||
};
|
||||
|
||||
"thanatos.lrde.epita.fr" =
|
||||
lib.hm.dag.entryBefore ["*.lrde.epita.fr"]
|
||||
(addGPGAgentForwarding {
|
||||
user = "alarsyo";
|
||||
});
|
||||
|
||||
"*.lrde.epita.fr" = {
|
||||
user = "amartin";
|
||||
};
|
||||
|
||||
lrde-proxyjump = {
|
||||
host = "*.lrde.epita.fr !ssh.lrde.epita.fr";
|
||||
proxyJump = "ssh.lrde.epita.fr";
|
||||
};
|
||||
};
|
||||
|
||||
includes = ["prologin_config"];
|
||||
};
|
||||
};
|
||||
}
|
17
home/starship.nix
Normal file
17
home/starship.nix
Normal file
|
@ -0,0 +1,17 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.home.starship;
|
||||
in
|
||||
{
|
||||
options.my.home.starship.enable = lib.mkEnableOption "Starship.rs prompt";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
programs.starship = {
|
||||
enable = true;
|
||||
enableFishIntegration = true;
|
||||
settings = {
|
||||
add_newline = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,10 +1,6 @@
|
|||
{lib}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkOption
|
||||
types
|
||||
;
|
||||
|
||||
{ lib }:
|
||||
with lib;
|
||||
let
|
||||
mkColorOption = import ./color.nix { inherit lib; };
|
||||
|
||||
primaryColorModule = types.submodule {
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
{lib}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkOption
|
||||
types
|
||||
;
|
||||
in
|
||||
types.submodule {
|
||||
options = {
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,15 +1,6 @@
|
|||
{lib}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkOption
|
||||
types
|
||||
;
|
||||
|
||||
mkColorOption = {
|
||||
default ? "#000000",
|
||||
description ? "",
|
||||
}:
|
||||
mkOption {
|
||||
{ lib }:
|
||||
let
|
||||
mkColorOption = with lib; {default ? "#000000", description ? "" }: mkOption {
|
||||
inherit description default;
|
||||
example = "#abcdef";
|
||||
type = types.strMatching "#[0-9a-f]{6}";
|
||||
|
|
|
@ -1,24 +1,12 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkOption
|
||||
types
|
||||
;
|
||||
|
||||
{ config, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
themeType = types.submodule {
|
||||
options = {
|
||||
alacrittyTheme = mkOption {
|
||||
type = import ./alacritty.nix { inherit lib; };
|
||||
default = {};
|
||||
};
|
||||
batTheme = mkOption {
|
||||
type = import ./bat.nix {inherit lib;};
|
||||
default = {};
|
||||
};
|
||||
i3Theme = mkOption {
|
||||
type = import ./i3.nix { inherit lib; };
|
||||
default = {};
|
||||
|
@ -29,14 +17,15 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
options.my.theme = mkOption {
|
||||
type = themeType;
|
||||
default = {};
|
||||
};
|
||||
|
||||
options.my.themes = mkOption {
|
||||
type = types.attrsOf themeType;
|
||||
type = with types; attrsOf themeType;
|
||||
};
|
||||
|
||||
config.my.themes = {
|
||||
|
|
|
@ -1,10 +1,6 @@
|
|||
{lib}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkOption
|
||||
types
|
||||
;
|
||||
|
||||
{ lib }:
|
||||
with lib;
|
||||
let
|
||||
mkColorOption = import ./color.nix { inherit lib; };
|
||||
|
||||
barColorSetModule = types.submodule {
|
||||
|
@ -102,7 +98,8 @@ in
|
|||
background = "#900000";
|
||||
text = "#ffffff";
|
||||
};
|
||||
description = "Border, background and text color for the binding mode indicator";
|
||||
description =
|
||||
"Border, background and text color for the binding mode indicator";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,10 +1,6 @@
|
|||
{lib}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkOption
|
||||
types
|
||||
;
|
||||
|
||||
{ lib }:
|
||||
with lib;
|
||||
let
|
||||
mkColorOption = import ./color.nix { inherit lib; };
|
||||
in
|
||||
types.submodule {
|
||||
|
|
|
@ -1,24 +1,8 @@
|
|||
let
|
||||
inherit
|
||||
(import ./colors.nix)
|
||||
base0
|
||||
base00
|
||||
base01
|
||||
base02
|
||||
base03
|
||||
base1
|
||||
base2
|
||||
base3
|
||||
blue
|
||||
cyan
|
||||
green
|
||||
magenta
|
||||
orange
|
||||
red
|
||||
violet
|
||||
yellow
|
||||
;
|
||||
in {
|
||||
colors = import ./colors.nix;
|
||||
in
|
||||
with colors;
|
||||
{
|
||||
primary = {
|
||||
background = base3;
|
||||
foreground = base00;
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
{
|
||||
name = "Solarized (light)";
|
||||
}
|
|
@ -1,6 +1,5 @@
|
|||
{
|
||||
alacrittyTheme = import ./alacritty.nix;
|
||||
batTheme = import ./bat.nix;
|
||||
i3Theme = import ./i3.nix;
|
||||
i3BarTheme = import ./i3bar.nix;
|
||||
alacrittyTheme = import ./alacritty.nix;
|
||||
}
|
||||
|
|
|
@ -1,16 +1,8 @@
|
|||
let
|
||||
inherit
|
||||
(import ./colors.nix)
|
||||
base00
|
||||
base2
|
||||
base3
|
||||
blue
|
||||
magenta
|
||||
orange
|
||||
red
|
||||
yellow
|
||||
;
|
||||
in {
|
||||
colors = import ./colors.nix;
|
||||
in
|
||||
with colors;
|
||||
{
|
||||
bar = {
|
||||
background = base3;
|
||||
statusline = yellow;
|
||||
|
|
|
@ -1,15 +1,8 @@
|
|||
let
|
||||
inherit
|
||||
(import ./colors.nix)
|
||||
base00
|
||||
base2
|
||||
base3
|
||||
blue
|
||||
green
|
||||
red
|
||||
yellow
|
||||
;
|
||||
in {
|
||||
colors = import ./colors.nix;
|
||||
in
|
||||
with colors;
|
||||
{
|
||||
theme = {
|
||||
name = "solarized-light";
|
||||
overrides = {
|
||||
|
|
|
@ -1,44 +1,15 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.my.home.tmux;
|
||||
in {
|
||||
options.my.home.tmux = {
|
||||
enable = (mkEnableOption "tmux dotfiles") // {default = true;};
|
||||
in
|
||||
{
|
||||
options.my.home.tmux = with lib; {
|
||||
enable = mkEnableOption "tmux dotfiles";
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.tmux = {
|
||||
config.programs.tmux = lib.mkIf cfg.enable {
|
||||
enable = true;
|
||||
baseIndex = 1;
|
||||
terminal = "screen-256color";
|
||||
clock24 = true;
|
||||
|
||||
plugins = let
|
||||
inherit (pkgs) tmuxPlugins;
|
||||
in [
|
||||
{
|
||||
plugin = tmuxPlugins.cpu;
|
||||
extraConfig = ''
|
||||
set -g status-right 'CPU: #{cpu_percentage} | %a %d-%h %H:%M '
|
||||
'';
|
||||
}
|
||||
{
|
||||
plugin = tmuxPlugins.tmux-colors-solarized;
|
||||
extraConfig = ''
|
||||
set -g @colors-solarized 'light'
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
cfg = config.my.home.tridactyl;
|
||||
in {
|
||||
options.my.home.tridactyl = {
|
||||
enable = (mkEnableOption "tridactyl code display tool") // {default = config.my.home.firefox.enable;};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
xdg.configFile."tridactyl/tridactylrc".source = ./tridactylrc;
|
||||
};
|
||||
}
|
|
@ -1,43 +0,0 @@
|
|||
" -*- tridactylrc -*-
|
||||
|
||||
" This wipes all existing settings. This means that if a setting in this file is
|
||||
" removed, then it will return to default. In other words, this file serves as
|
||||
" as an enforced single point of truth for Tridactyl's configuration.
|
||||
sanitize tridactyllocal tridactylsync
|
||||
|
||||
" Ctrl-F should use the browser's native 'find' functionality.
|
||||
unbind <C-f>
|
||||
|
||||
" Tridactyl has an incomplete find mode
|
||||
bind / fillcmdline find
|
||||
bind ? fillcmdline find -?
|
||||
bind n findnext 1
|
||||
bind N findnext -1
|
||||
bind ,<Space> nohlsearch
|
||||
|
||||
" case insensitive if lowercase, case sensitive if using some uppercase letters
|
||||
set findcase smart
|
||||
|
||||
set modeindicatormodes {"ignore": "false"}
|
||||
|
||||
" New reddit is bad
|
||||
" autocmd DocStart ^http(s?)://www.reddit.com js tri.excmds.urlmodify("-t", "www", "old")
|
||||
|
||||
" Orange site / Reddit / Lobste.rs specific hints to toggle comments
|
||||
bind ;c hint -Jc [class*="expand"],[class="togg"],[class="comment_folder"]
|
||||
|
||||
" Use emacs as editor
|
||||
set editorcmd emacsclient -c
|
||||
|
||||
" copy all the things
|
||||
set yankto both
|
||||
|
||||
blacklistadd calendar.google.com
|
||||
blacklistadd jellyfin.alarsyo.net
|
||||
blacklistadd localhost
|
||||
blacklistadd netflix.com
|
||||
blacklistadd primevideo.com
|
||||
blacklistadd youtube.com
|
||||
|
||||
" prevent teams from crashing
|
||||
seturl teams.microsoft.com superignore true
|
|
@ -1,27 +1,17 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.my.home.x.cursor;
|
||||
in {
|
||||
options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // {default = config.my.home.x.enable;};
|
||||
in
|
||||
{
|
||||
options.my.home.x.cursor.enable = lib.mkEnableOption "X cursor";
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
home.pointerCursor = {
|
||||
config = lib.mkIf cfg.enable {
|
||||
xsession.pointerCursor = {
|
||||
package = pkgs.capitaine-cursors;
|
||||
name = "capitaine-cursors";
|
||||
# available sizes for capitaine-cursors are:
|
||||
# 24, 30, 36, 48, 60, 72
|
||||
size = 30;
|
||||
x11.enable = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,21 +1,12 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
;
|
||||
in {
|
||||
imports = [
|
||||
./cursor.nix
|
||||
./i3.nix
|
||||
./i3bar.nix
|
||||
];
|
||||
|
||||
options.my.home.x = {
|
||||
options.my.home.x = with lib; {
|
||||
enable = mkEnableOption "X server configuration";
|
||||
};
|
||||
}
|
||||
|
|
138
home/x/i3.nix
138
home/x/i3.nix
|
@ -1,17 +1,6 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
mkOptionDefault
|
||||
;
|
||||
|
||||
isEnabled = config.my.home.x.i3.enable;
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
isEnabled = config.my.home.x.enable;
|
||||
|
||||
myTerminal =
|
||||
# FIXME: fix when terminal is setup in home
|
||||
|
@ -26,20 +15,16 @@
|
|||
logoutMode = "[L]ogout, [S]uspend, [P]oweroff, [R]eboot";
|
||||
|
||||
i3Theme = config.my.theme.i3Theme;
|
||||
in {
|
||||
options.my.home.x.i3 = {
|
||||
enable = mkEnableOption "i3wm configuration";
|
||||
};
|
||||
|
||||
config = mkIf isEnabled {
|
||||
in
|
||||
{
|
||||
config = lib.mkIf isEnabled {
|
||||
my.home = {
|
||||
flameshot.enable = true;
|
||||
};
|
||||
|
||||
home.packages = [pkgs.betterlockscreen pkgs.playerctl];
|
||||
|
||||
# used to control music
|
||||
services.playerctld.enable = true;
|
||||
home.packages = with pkgs; [
|
||||
betterlockscreen
|
||||
];
|
||||
|
||||
xsession.windowManager.i3 = {
|
||||
enable = true;
|
||||
|
@ -47,22 +32,22 @@ in {
|
|||
config = {
|
||||
inherit modifier;
|
||||
|
||||
bars = let
|
||||
bars =
|
||||
let
|
||||
barConfigPath =
|
||||
config.xdg.configFile."i3status-rust/config-top.toml".target;
|
||||
in [
|
||||
in
|
||||
[
|
||||
{
|
||||
statusCommand = "i3status-rs ~/${barConfigPath}";
|
||||
statusCommand = "i3status-rs ${barConfigPath}";
|
||||
position = "top";
|
||||
fonts = {
|
||||
names = ["DejaVuSansMono" "FontAwesome6Free"];
|
||||
names = [ "DejaVuSansMono" "FontAwesome5Free" ];
|
||||
size = 9.0;
|
||||
};
|
||||
|
||||
colors = i3Theme.bar;
|
||||
|
||||
trayOutput = "primary";
|
||||
|
||||
# disable mouse scroll wheel in bar
|
||||
extraConfig = ''
|
||||
bindsym button4 nop
|
||||
|
@ -72,8 +57,7 @@ in {
|
|||
];
|
||||
|
||||
colors = {
|
||||
inherit
|
||||
(i3Theme)
|
||||
inherit (i3Theme)
|
||||
focused
|
||||
focusedInactive
|
||||
unfocused
|
||||
|
@ -93,11 +77,9 @@ in {
|
|||
size = 8.0;
|
||||
};
|
||||
|
||||
keybindings = mkOptionDefault {
|
||||
keybindings = lib.mkOptionDefault {
|
||||
"${modifier}+Shift+e" = ''mode "${logoutMode}"'';
|
||||
"${modifier}+b" = "exec --no-startup-id bluetoothctl power on";
|
||||
"${modifier}+i" = "exec emacsclient --create-frame";
|
||||
"${modifier}+o" = "exec emacsclient --create-frame --eval '(load \"${config.xdg.configHome}/doom/launch-agenda.el\")'";
|
||||
"${modifier}+i" = "exec emacsclient -c";
|
||||
|
||||
# Volume handling
|
||||
"XF86AudioRaiseVolume" = "exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
||||
|
@ -105,34 +87,17 @@ in {
|
|||
"XF86AudioMute" = "exec --no-startup-id pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||
"XF86AudioMicMute" = "exec --no-startup-id pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||
|
||||
# I need play-pause everywhere because somehow, keycode 172 seems to
|
||||
# be interpreted as pause everytime when sent by my keyboard. Ugh,
|
||||
# computers.
|
||||
"XF86AudioPlay" = "exec --no-startup-id playerctl play-pause";
|
||||
"XF86AudioPause" = "exec --no-startup-id playerctl play-pause";
|
||||
"XF86AudioPrev" = "exec --no-startup-id playerctl previous";
|
||||
"XF86AudioNext" = "exec --no-startup-id playerctl next";
|
||||
|
||||
"XF86MonBrightnessDown" = "exec --no-startup-id light -U 5";
|
||||
"XF86MonBrightnessUp" = "exec --no-startup-id light -A 5";
|
||||
"${modifier}+XF86MonBrightnessDown" = "exec --no-startup-id light -U 0.1";
|
||||
"${modifier}+XF86MonBrightnessUp" = "exec --no-startup-id light -A 0.1";
|
||||
|
||||
"${modifier}+l" = "exec --no-startup-id betterlockscreen --lock";
|
||||
"${modifier}+d" = "exec ${pkgs.rofi}/bin/rofi -show run";
|
||||
|
||||
"${modifier}+Shift+a" = ''exec --no-startup-id autorandr --change'';
|
||||
};
|
||||
|
||||
modes = let
|
||||
makeModeBindings = attrs:
|
||||
attrs
|
||||
// {
|
||||
modes =
|
||||
let
|
||||
makeModeBindings = attrs: attrs // {
|
||||
"Escape" = "mode default";
|
||||
"Return" = "mode default";
|
||||
};
|
||||
in
|
||||
mkOptionDefault {
|
||||
lib.mkOptionDefault {
|
||||
"${logoutMode}" = makeModeBindings {
|
||||
"l" = "exec --no-startup-id i3-msg exit, mode default";
|
||||
"s" = "exec --no-startup-id betterlockscreen --suspend, mode default";
|
||||
|
@ -141,6 +106,14 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
startup = [
|
||||
# FIXME: make it conditional on "nvidia" being part of video drivers
|
||||
{
|
||||
command = "nvidia-settings -a '[gpu:0]/GPUPowerMizerMode=1'";
|
||||
notification = false;
|
||||
}
|
||||
];
|
||||
|
||||
terminal = myTerminal;
|
||||
|
||||
assigns = {
|
||||
|
@ -150,57 +123,8 @@ in {
|
|||
];
|
||||
};
|
||||
|
||||
# TODO: make it configurable per machine
|
||||
workspaceOutputAssign = [
|
||||
{
|
||||
workspace = "1";
|
||||
output = ["DP-4" "eDP-1"];
|
||||
}
|
||||
{
|
||||
workspace = "2";
|
||||
output = ["DP-4" "eDP-1"];
|
||||
}
|
||||
{
|
||||
workspace = "3";
|
||||
output = ["DP-5" "eDP-1"];
|
||||
}
|
||||
{
|
||||
workspace = "4";
|
||||
output = ["DP-5" "eDP-1"];
|
||||
}
|
||||
{
|
||||
workspace = "5";
|
||||
output = ["DP-5" "eDP-1"];
|
||||
}
|
||||
|
||||
{
|
||||
workspace = "6";
|
||||
output = ["eDP-1"];
|
||||
}
|
||||
{
|
||||
workspace = "7";
|
||||
output = ["eDP-1"];
|
||||
}
|
||||
|
||||
{
|
||||
workspace = "8";
|
||||
output = ["DP-4" "eDP-1"];
|
||||
}
|
||||
{
|
||||
workspace = "9";
|
||||
output = ["DP-4" "eDP-1"];
|
||||
}
|
||||
{
|
||||
workspace = "10";
|
||||
output = ["DP-4" "eDP-1"];
|
||||
}
|
||||
];
|
||||
|
||||
window.commands = [
|
||||
{
|
||||
command = "border pixel 2";
|
||||
criteria = {class = "Alacritty";};
|
||||
}
|
||||
{ command = "border pixel 2"; criteria = { class = "Alacritty"; }; }
|
||||
|
||||
# NOTE: should be done with an assign command, but Spotify doesn't set
|
||||
# its class until after initialization, so has to be done this way.
|
||||
|
|
140
home/x/i3bar.nix
140
home/x/i3bar.nix
|
@ -1,50 +1,16 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
lists
|
||||
mkIf
|
||||
mkOption
|
||||
optional
|
||||
types
|
||||
;
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
isEnabled = config.my.home.x.enable;
|
||||
i3BarTheme = config.my.theme.i3BarTheme;
|
||||
cfg = config.my.home.x.i3bar;
|
||||
in {
|
||||
options.my.home.x.i3bar = {
|
||||
temperature.chip = mkOption {
|
||||
type = types.str;
|
||||
example = "coretemp-isa-*";
|
||||
default = "";
|
||||
};
|
||||
temperature.inputs = mkOption {
|
||||
type = types.listOf types.str;
|
||||
example = ["Core 0" "Core 1" "Core 2" "Core 3"];
|
||||
default = "";
|
||||
};
|
||||
|
||||
networking.throughput_interfaces = mkOption {
|
||||
type = types.listOf types.str;
|
||||
example = ["wlp1s0"];
|
||||
default = [];
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf isEnabled {
|
||||
home.packages = builtins.attrValues {
|
||||
inherit
|
||||
(pkgs)
|
||||
# FIXME: is this useful?
|
||||
in
|
||||
{
|
||||
|
||||
config = lib.mkIf isEnabled {
|
||||
home.packages = with pkgs; [
|
||||
iw # Used by `net` block
|
||||
lm_sensors # Used by `temperature` block
|
||||
font-awesome
|
||||
;
|
||||
};
|
||||
];
|
||||
|
||||
programs.i3status-rust = {
|
||||
enable = true;
|
||||
|
@ -52,102 +18,78 @@ in {
|
|||
bars = {
|
||||
top = {
|
||||
icons = "awesome5";
|
||||
settings.theme = {
|
||||
theme = i3BarTheme.theme.name;
|
||||
overrides = i3BarTheme.theme.overrides;
|
||||
};
|
||||
settings = i3BarTheme;
|
||||
|
||||
blocks =
|
||||
[
|
||||
blocks = [
|
||||
{
|
||||
block = "pomodoro";
|
||||
notify_cmd = "i3nag";
|
||||
blocking_cmd = true;
|
||||
length = 60;
|
||||
break_length = 10;
|
||||
use_nag = true;
|
||||
}
|
||||
{
|
||||
block = "disk_space";
|
||||
path = "/";
|
||||
alias = "/";
|
||||
info_type = "available";
|
||||
unit = "GB";
|
||||
interval = 60;
|
||||
warning = 20.0;
|
||||
alert = 10.0;
|
||||
alert_unit = "GB";
|
||||
}
|
||||
{
|
||||
block = "memory";
|
||||
format = " $icon $mem_used.eng(prefix:G)/$mem_total.eng(prefix:G) ";
|
||||
display_type = "memory";
|
||||
format_mem = "{mem_used;G}/{mem_total;G}";
|
||||
warning_mem = 70.0;
|
||||
critical_mem = 90.0;
|
||||
# don't show swap
|
||||
clickable = false;
|
||||
}
|
||||
{
|
||||
block = "cpu";
|
||||
interval = 1;
|
||||
format = " $icon $barchart ";
|
||||
format = "{barchart}";
|
||||
}
|
||||
{
|
||||
block = "temperature";
|
||||
collapsed = false;
|
||||
interval = 10;
|
||||
format = " $icon $max ";
|
||||
chip = cfg.temperature.chip;
|
||||
inputs = cfg.temperature.inputs;
|
||||
format = "{max}";
|
||||
# FIXME: specific to my AMD Ryzen CPU. Make this depend on
|
||||
# hostname or something else
|
||||
chip = "k10temp-pci-*";
|
||||
inputs = [ "Tccd1" ];
|
||||
}
|
||||
{
|
||||
block = "custom";
|
||||
# TODO: get service name programmatically somehow
|
||||
command = let
|
||||
systemctl = lib.getExe' pkgs.systemd "systemctl";
|
||||
in
|
||||
pkgs.writeShellScript "check-restic.sh" ''
|
||||
BACKUP_STATUS=Good
|
||||
if ${systemctl} is-failed --quiet restic-backups-backblaze.service; then
|
||||
BACKUP_STATUS=Critical
|
||||
fi
|
||||
echo "{\"state\": \"$BACKUP_STATUS\", \"text\": \"Backup\"}"
|
||||
'';
|
||||
json = true;
|
||||
interval = 60;
|
||||
block = "networkmanager";
|
||||
primary_only = true;
|
||||
}
|
||||
]
|
||||
++ (
|
||||
lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0)
|
||||
(map
|
||||
(interface: {
|
||||
block = "net";
|
||||
device = interface;
|
||||
interval = 1;
|
||||
missing_format = "";
|
||||
})
|
||||
cfg.networking.throughput_interfaces)
|
||||
)
|
||||
++ [
|
||||
{
|
||||
block = "net";
|
||||
format = " $icon {$ip|} {SSID: $ssid|}";
|
||||
theme_overrides = {
|
||||
idle_bg = {link = "good_bg";};
|
||||
idle_fg = {link = "good_fg";};
|
||||
};
|
||||
block = "bluetooth";
|
||||
mac = config.my.secrets.bluetooth-mouse-mac-address;
|
||||
hide_disconnected = true;
|
||||
format = "{percentage}";
|
||||
}
|
||||
{
|
||||
block = "music";
|
||||
player = "spotify";
|
||||
buttons = ["prev" "play" "next"];
|
||||
hide_when_empty = true;
|
||||
}
|
||||
{
|
||||
block = "sound";
|
||||
driver = "pulseaudio";
|
||||
}
|
||||
]
|
||||
++ (
|
||||
optional config.my.home.laptop.enable
|
||||
{
|
||||
block = "battery";
|
||||
format = " $icon $percentage ($power) ";
|
||||
}
|
||||
)
|
||||
++ [
|
||||
# {
|
||||
# block = "notify";
|
||||
# }
|
||||
{
|
||||
block = "time";
|
||||
interval = 5;
|
||||
format = " $icon $timestamp.datetime(f:'%a %d/%m %T', l:fr_FR) ";
|
||||
format = "%a %d/%m %T";
|
||||
locale = "fr_FR";
|
||||
timezone = "Europe/Paris";
|
||||
}
|
||||
];
|
||||
|
|
|
@ -1,35 +1,29 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
secrets = config.my.secrets;
|
||||
in
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
|
||||
./home.nix
|
||||
|
||||
./secrets.nix
|
||||
];
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages;
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
boot.tmp.useTmpfs = true;
|
||||
|
||||
boot.supportedFilesystems = {
|
||||
btrfs = true;
|
||||
ntfs = true;
|
||||
};
|
||||
|
||||
services.xserver.windowManager.i3.enable = true;
|
||||
boot.supportedFilesystems = [
|
||||
"btrfs"
|
||||
"ntfs"
|
||||
];
|
||||
|
||||
services.btrfs = {
|
||||
autoScrub = {
|
||||
|
@ -44,14 +38,25 @@
|
|||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
|
||||
# Per-interface useDHCP will be mandatory in the future, so this generated config
|
||||
# replicates the default behaviour.
|
||||
networking.interfaces.enp7s0.useDHCP = true;
|
||||
networking.interfaces.wlp3s0.useDHCP = true;
|
||||
|
||||
# List services that you want to enable:
|
||||
my.services = {
|
||||
restic-backup = {
|
||||
borg-backup = {
|
||||
enable = true;
|
||||
repo = "b2:boreal-backup";
|
||||
passwordFile = config.age.secrets."restic-backup/boreal-password".path;
|
||||
environmentFile = config.age.secrets."restic-backup/boreal-credentials".path;
|
||||
|
||||
repo = secrets.borg-backup.boreal-repo;
|
||||
# for a workstation, having backups spanning the last month should be
|
||||
# enough
|
||||
prune = {
|
||||
keep = {
|
||||
daily = 7;
|
||||
weekly = 4;
|
||||
};
|
||||
};
|
||||
paths = [
|
||||
"/home/alarsyo"
|
||||
];
|
||||
|
@ -59,11 +64,7 @@
|
|||
"/home/alarsyo/Downloads"
|
||||
|
||||
# Rust builds using half my storage capacity
|
||||
"/home/alarsyo/**/target"
|
||||
"/home/alarsyo/work/rust/build"
|
||||
|
||||
# don't backup nixpkgs
|
||||
"/home/alarsyo/work/nixpkgs"
|
||||
"/home/alarsyo/*/target"
|
||||
|
||||
# C build crap
|
||||
"*.a"
|
||||
|
@ -71,36 +72,58 @@
|
|||
"*.so"
|
||||
|
||||
# ignore all dotfiles as .config and .cache can become quite big
|
||||
"/home/alarsyo/.*"
|
||||
"re:^/home/alarsyo/\\."
|
||||
];
|
||||
};
|
||||
|
||||
pipewire.enable = true;
|
||||
|
||||
tailscale = {
|
||||
enable = true;
|
||||
useRoutingFeatures = "both";
|
||||
wireguard = {
|
||||
enable = false;
|
||||
iface = "wg";
|
||||
port = 51820;
|
||||
|
||||
net = {
|
||||
v4 = {
|
||||
subnet = "10.0.0";
|
||||
mask = 24;
|
||||
};
|
||||
v6 = {
|
||||
subnet = "fd42:42:42";
|
||||
mask = 64;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
openssh = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
my.gui = {
|
||||
enable = true;
|
||||
isNvidia = true;
|
||||
permitRootLogin = "no";
|
||||
passwordAuthentication = false;
|
||||
};
|
||||
|
||||
hardware = {
|
||||
bluetooth = {
|
||||
xserver = {
|
||||
enable = true;
|
||||
powerOnBoot = false;
|
||||
videoDrivers = [ "nvidia" ];
|
||||
windowManager.i3.enable = true;
|
||||
layout = "fr";
|
||||
xkbVariant = "us";
|
||||
libinput.enable = true;
|
||||
};
|
||||
nvidia = {
|
||||
open = true;
|
||||
modesetting.enable = true;
|
||||
};
|
||||
my.displayManager.sddm.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
chrysalis
|
||||
];
|
||||
|
||||
services.udev.packages = with pkgs; [
|
||||
packages.kaleidoscope-udev-rules
|
||||
];
|
||||
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
powerOnBoot = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,15 +1,11 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
||||
|
@ -17,14 +13,14 @@
|
|||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/1a942915-c1ae-4058-b99d-09d12d40dbd3";
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/1a942915-c1ae-4058-b99d-09d12d40dbd3";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=nixos" "compress=zstd:1" "noatime" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/17C7-368D";
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/17C7-368D";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
|
|
|
@ -1,36 +1,28 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
home-manager.users.alarsyo = {
|
||||
home.stateVersion = "20.09";
|
||||
|
||||
# Keyboard settings & i3 settings
|
||||
my.home.x.enable = true;
|
||||
my.home.x.i3.enable = true;
|
||||
my.home.x.i3bar.temperature.chip = "k10temp-pci-*";
|
||||
my.home.x.i3bar.temperature.inputs = ["Tccd1"];
|
||||
my.home.x.i3bar.networking.throughput_interfaces = ["enp8s0" "wlp4s0"];
|
||||
my.home.x.cursor.enable = true;
|
||||
my.home.alacritty.enable = true;
|
||||
my.home.emacs.enable = true;
|
||||
my.home.tmux.enable = true;
|
||||
my.home.starship.enable = false;
|
||||
my.home.fish.enable = true;
|
||||
|
||||
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
|
||||
|
||||
home.packages = builtins.attrValues {
|
||||
inherit
|
||||
(pkgs)
|
||||
home.packages = with pkgs; [
|
||||
blender
|
||||
|
||||
# some websites only work there :(
|
||||
|
||||
chromium
|
||||
darktable
|
||||
hugin
|
||||
enblend-enfuse
|
||||
|
||||
# dev
|
||||
|
||||
rustup
|
||||
;
|
||||
|
||||
inherit (pkgs.packages) spot;
|
||||
};
|
||||
unstable.beancount
|
||||
unstable.fava
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,23 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
options,
|
||||
...
|
||||
}: {
|
||||
config.age = {
|
||||
secrets = let
|
||||
toSecret = name: {...} @ attrs:
|
||||
{
|
||||
file = ./../../modules/secrets + "/${name}.age";
|
||||
}
|
||||
// attrs;
|
||||
in
|
||||
lib.mapAttrs toSecret {
|
||||
"restic-backup/boreal-credentials" = {};
|
||||
"restic-backup/boreal-password" = {};
|
||||
|
||||
"users/alarsyo-hashed-password" = {};
|
||||
"users/root-hashed-password" = {};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,169 +0,0 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
secrets = config.my.secrets;
|
||||
in {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
|
||||
./home.nix
|
||||
./secrets.nix
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = false;
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = false;
|
||||
devices = ["/dev/sda" "/dev/sdb"];
|
||||
};
|
||||
|
||||
boot.tmp.useTmpfs = true;
|
||||
|
||||
networking.hostName = "hades"; # Define your hostname.
|
||||
networking.domain = "alarsyo.net";
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.enp35s0.ipv4.addresses = [
|
||||
{
|
||||
address = "95.217.121.60";
|
||||
prefixLength = 26;
|
||||
}
|
||||
];
|
||||
networking.interfaces.enp35s0.ipv6.addresses = [
|
||||
{
|
||||
address = "2a01:4f9:4a:3649::2";
|
||||
prefixLength = 64;
|
||||
}
|
||||
];
|
||||
networking.defaultGateway = "95.217.121.1";
|
||||
networking.defaultGateway6 = {
|
||||
address = "fe80::1";
|
||||
interface = "enp35s0";
|
||||
};
|
||||
networking.nameservers = ["1.1.1.1" "1.0.0.1"];
|
||||
my.networking.externalInterface = "enp35s0";
|
||||
|
||||
# List services that you want to enable:
|
||||
my.services = {
|
||||
fail2ban.enable = true;
|
||||
|
||||
forgejo = {
|
||||
enable = true;
|
||||
privatePort = 8082;
|
||||
};
|
||||
|
||||
immich = {
|
||||
enable = true;
|
||||
port = 8089;
|
||||
};
|
||||
|
||||
jellyfin = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
lohr = {
|
||||
enable = true;
|
||||
port = 8083;
|
||||
};
|
||||
|
||||
matrix = {
|
||||
enable = true;
|
||||
secretConfigFile = config.age.secrets."matrix-synapse/secret-config".path;
|
||||
};
|
||||
|
||||
mealie = {
|
||||
enable = true;
|
||||
port = 8090;
|
||||
};
|
||||
|
||||
microbin = {
|
||||
enable = true;
|
||||
privatePort = 8088;
|
||||
passwordFile = config.age.secrets."microbin/secret-config".path;
|
||||
};
|
||||
|
||||
miniflux = {
|
||||
enable = true;
|
||||
adminCredentialsFile = config.age.secrets."miniflux/admin-credentials".path;
|
||||
privatePort = 8080;
|
||||
};
|
||||
|
||||
navidrome = {
|
||||
enable = true;
|
||||
musicFolder.path = "${config.services.nextcloud.home}/data/alarsyo/files/Musique/Songs";
|
||||
};
|
||||
|
||||
nextcloud = {
|
||||
enable = true;
|
||||
adminpassFile = config.age.secrets."nextcloud/admin-pass".path;
|
||||
};
|
||||
|
||||
nginx.enable = true;
|
||||
|
||||
paperless = {
|
||||
enable = true;
|
||||
port = 8085;
|
||||
passwordFile = config.age.secrets."paperless/admin-password".path;
|
||||
secretKeyFile = config.age.secrets."paperless/secret-key".path;
|
||||
};
|
||||
|
||||
pleroma = {
|
||||
enable = true;
|
||||
port = 8086;
|
||||
secretConfigFile = config.age.secrets."pleroma/pleroma-config".path;
|
||||
};
|
||||
|
||||
restic-backup = {
|
||||
enable = true;
|
||||
repo = "b2:hades-backup-alarsyo";
|
||||
passwordFile = config.age.secrets."restic-backup/hades-password".path;
|
||||
environmentFile = config.age.secrets."restic-backup/hades-credentials".path;
|
||||
paths = ["/home/alarsyo"];
|
||||
};
|
||||
|
||||
scribe = {
|
||||
enable = true;
|
||||
port = 8087;
|
||||
};
|
||||
|
||||
tailscale = {
|
||||
enable = true;
|
||||
useRoutingFeatures = "server";
|
||||
};
|
||||
|
||||
transmission = {
|
||||
enable = true;
|
||||
username = "alarsyo";
|
||||
};
|
||||
|
||||
vaultwarden = {
|
||||
enable = true;
|
||||
privatePort = 8081;
|
||||
websocketPort = 3012;
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
openssh.enable = true;
|
||||
vnstat.enable = true;
|
||||
};
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
docker-compose
|
||||
];
|
||||
|
||||
# Takes a long while to build
|
||||
documentation.nixos.enable = false;
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["ahci" "sd_mod"];
|
||||
boot.initrd.kernelModules = ["dm-snapshot"];
|
||||
boot.kernelModules = ["kvm-amd"];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/2a24010c-14bd-439b-b30b-d0e18db69952";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices = [];
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -1,6 +0,0 @@
|
|||
{config, ...}: {
|
||||
home-manager.users.alarsyo = {
|
||||
home.stateVersion = "22.05";
|
||||
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
|
||||
};
|
||||
}
|
|
@ -1,46 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
options,
|
||||
...
|
||||
}: {
|
||||
config.age = {
|
||||
secrets = let
|
||||
toSecret = name: {...} @ attrs:
|
||||
{
|
||||
file = ./../../modules/secrets + "/${name}.age";
|
||||
}
|
||||
// attrs;
|
||||
in
|
||||
lib.mapAttrs toSecret {
|
||||
"lohr/shared-secret" = {};
|
||||
|
||||
"matrix-synapse/secret-config" = {
|
||||
owner = "matrix-synapse";
|
||||
};
|
||||
|
||||
"microbin/secret-config" = {};
|
||||
|
||||
"miniflux/admin-credentials" = {};
|
||||
|
||||
"nextcloud/admin-pass" = {
|
||||
owner = "nextcloud";
|
||||
};
|
||||
|
||||
"ovh/credentials" = {};
|
||||
|
||||
"paperless/admin-password" = {};
|
||||
"paperless/secret-key" = {};
|
||||
|
||||
"pleroma/pleroma-config" = {
|
||||
owner = "pleroma";
|
||||
};
|
||||
|
||||
"restic-backup/hades-credentials" = {};
|
||||
"restic-backup/hades-password" = {};
|
||||
|
||||
"users/alarsyo-hashed-password" = {};
|
||||
"users/root-hashed-password" = {};
|
||||
};
|
||||
};
|
||||
}
|
152
hosts/poseidon/default.nix
Normal file
152
hosts/poseidon/default.nix
Normal file
|
@ -0,0 +1,152 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
secrets = config.my.secrets;
|
||||
in
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
|
||||
./home.nix
|
||||
];
|
||||
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
|
||||
|
||||
boot.supportedFilesystems = [ "btrfs" ];
|
||||
|
||||
services.btrfs = {
|
||||
autoScrub = {
|
||||
enable = true;
|
||||
fileSystems = [ "/" ];
|
||||
};
|
||||
};
|
||||
|
||||
networking.hostName = "poseidon"; # Define your hostname.
|
||||
networking.domain = "alarsyo.net";
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
|
||||
# Per-interface useDHCP will be mandatory in the future, so this generated config
|
||||
# replicates the default behaviour.
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.eno1.ipv4.addresses = [
|
||||
{
|
||||
address = "163.172.11.110";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
networking.defaultGateway = {
|
||||
address = "163.172.11.1";
|
||||
interface = "eno1";
|
||||
};
|
||||
networking.nameservers = [
|
||||
"62.210.16.6"
|
||||
"62.210.16.7"
|
||||
];
|
||||
my.networking.externalInterface = "eno1";
|
||||
|
||||
# List services that you want to enable:
|
||||
my.services = {
|
||||
bitwarden_rs = {
|
||||
enable = true;
|
||||
privatePort = 8081;
|
||||
websocketPort = 3012;
|
||||
};
|
||||
|
||||
borg-backup = {
|
||||
enable = true;
|
||||
repo = secrets.borg-backup.poseidon-repo;
|
||||
};
|
||||
|
||||
fail2ban = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
gitea = {
|
||||
enable = true;
|
||||
privatePort = 8082;
|
||||
};
|
||||
|
||||
jellyfin = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
lohr = {
|
||||
enable = true;
|
||||
port = 8083;
|
||||
};
|
||||
|
||||
miniflux = {
|
||||
enable = true;
|
||||
adminCredentialsFile = "${../../secrets/miniflux-admin-credentials.secret}";
|
||||
privatePort = 8080;
|
||||
};
|
||||
|
||||
matrix = {
|
||||
enable = true;
|
||||
registration_shared_secret = secrets.matrix-registration-shared-secret;
|
||||
emailConfig = secrets.matrixEmailConfig;
|
||||
};
|
||||
|
||||
monitoring = {
|
||||
enable = true;
|
||||
useACME = true;
|
||||
domain = "monitoring.${config.networking.domain}";
|
||||
};
|
||||
|
||||
nextcloud = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
postgresql-backup = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
tgv = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
transmission = {
|
||||
enable = true;
|
||||
username = "alarsyo";
|
||||
password = secrets.transmission-password;
|
||||
};
|
||||
|
||||
wireguard = {
|
||||
enable = true;
|
||||
iface = "wg";
|
||||
port = 51820;
|
||||
|
||||
net = {
|
||||
v4 = {
|
||||
subnet = "10.0.0";
|
||||
mask = 24;
|
||||
};
|
||||
v6 = {
|
||||
subnet = "fd42:42:42";
|
||||
mask = 64;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.email = "antoine97.martin@gmail.com";
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
services.openssh.permitRootLogin = "no";
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
# Takes a long while to build
|
||||
documentation.nixos.enable = false;
|
||||
}
|
36
hosts/poseidon/hardware-configuration.nix
Normal file
36
hosts/poseidon/hardware-configuration.nix
Normal file
|
@ -0,0 +1,36 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ahci" "usbhid" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/adcf0158-edfb-402f-82e7-61e4902af989";
|
||||
fsType = "btrfs";
|
||||
options = [
|
||||
"subvol=@nixos"
|
||||
"compress=zstd"
|
||||
"noatime"
|
||||
];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/ff54b622-0e26-4c6e-aa0c-ac2c1e12699a";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc"; }
|
||||
];
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
}
|
7
hosts/poseidon/home.nix
Normal file
7
hosts/poseidon/home.nix
Normal file
|
@ -0,0 +1,7 @@
|
|||
{ config, ... }:
|
||||
{
|
||||
home-manager.users.alarsyo = {
|
||||
my.home.tmux.enable = true;
|
||||
my.home.fish.enable = true;
|
||||
};
|
||||
}
|
|
@ -1,174 +0,0 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page, on
|
||||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./disko-config.nix
|
||||
|
||||
./home.nix
|
||||
./secrets.nix
|
||||
];
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_6_11;
|
||||
# Set Wi-Fi regulatory domain. Currently always set to '00' (world), and could
|
||||
# lead to bad Wi-Fi performance
|
||||
boot.kernelParams = ["cfg80211.ieee80211_regdom=FR"];
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [
|
||||
v4l2loopback
|
||||
];
|
||||
boot.extraModprobeConfig = ''
|
||||
options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1
|
||||
'';
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot = {
|
||||
enable = true;
|
||||
editor = false;
|
||||
consoleMode = "auto";
|
||||
};
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
boot.tmp.useTmpfs = true;
|
||||
|
||||
services.btrfs = {
|
||||
autoScrub = {
|
||||
enable = true;
|
||||
fileSystems = ["/"];
|
||||
};
|
||||
};
|
||||
|
||||
networking.hostName = "talos"; # Define your hostname.
|
||||
networking.domain = "alarsyo.net";
|
||||
# Pick only one of the below networking options.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
networking.networkmanager = {
|
||||
enable = true;
|
||||
wifi.powersave = true;
|
||||
};
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
# Configure network proxy if necessary
|
||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
|
||||
programs = {
|
||||
light.enable = true;
|
||||
};
|
||||
services = {
|
||||
fwupd.enable = true;
|
||||
openssh.enable = true;
|
||||
};
|
||||
virtualisation = {
|
||||
docker.enable = true;
|
||||
libvirtd.enable = false;
|
||||
virtualbox.host = {
|
||||
enable = false;
|
||||
};
|
||||
};
|
||||
|
||||
my.services = {
|
||||
tailscale = {
|
||||
enable = true;
|
||||
useRoutingFeatures = "client";
|
||||
};
|
||||
|
||||
pipewire.enable = true;
|
||||
|
||||
restic-backup = {
|
||||
enable = true;
|
||||
repo = "b2:talos-backup";
|
||||
passwordFile = config.age.secrets."restic-backup/talos-password".path;
|
||||
environmentFile = config.age.secrets."restic-backup/talos-credentials".path;
|
||||
|
||||
timerConfig = {
|
||||
OnCalendar = "*-*-* 13:00:00"; # laptop only gets used during the day
|
||||
};
|
||||
|
||||
paths = [
|
||||
"/home/alarsyo"
|
||||
];
|
||||
exclude = [
|
||||
"/home/alarsyo/Downloads"
|
||||
|
||||
# Rust builds using half my storage capacity
|
||||
"/home/alarsyo/**/target"
|
||||
"/home/alarsyo/work/rust/build"
|
||||
|
||||
# don't backup nixpkgs
|
||||
"/home/alarsyo/work/nixpkgs"
|
||||
|
||||
"/home/alarsyo/go"
|
||||
|
||||
# C build crap
|
||||
"*.a"
|
||||
"*.o"
|
||||
"*.so"
|
||||
|
||||
".direnv"
|
||||
|
||||
# test vms
|
||||
"*.qcow2"
|
||||
"*.vbox"
|
||||
"*.vdi"
|
||||
|
||||
# secrets stay offline
|
||||
"/home/alarsyo/**/secrets"
|
||||
|
||||
# ignore all dotfiles as .config and .cache can become quite big
|
||||
"/home/alarsyo/.*"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
my.gui.enable = true;
|
||||
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
powerOnBoot = false;
|
||||
settings.General.Experimental = true;
|
||||
};
|
||||
|
||||
# Configure console keymap
|
||||
console.keyMap = "us";
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
i18n.extraLocaleSettings = {
|
||||
LC_ADDRESS = "fr_FR.UTF-8";
|
||||
LC_IDENTIFICATION = "fr_FR.UTF-8";
|
||||
LC_MEASUREMENT = "fr_FR.UTF-8";
|
||||
LC_MONETARY = "fr_FR.UTF-8";
|
||||
LC_NAME = "fr_FR.UTF-8";
|
||||
LC_PAPER = "fr_FR.UTF-8";
|
||||
LC_TELEPHONE = "fr_FR.UTF-8";
|
||||
};
|
||||
|
||||
# Enable the KDE Plasma Desktop Environment.
|
||||
services.desktopManager.plasma6.enable = true;
|
||||
services.power-profiles-daemon.enable = true;
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.unstable.zed-editor
|
||||
pkgs.foot
|
||||
];
|
||||
|
||||
#programs.hyprland.enable = true;
|
||||
programs.sway = {
|
||||
enable = true;
|
||||
wrapperFeatures.gtk = true;
|
||||
};
|
||||
|
||||
# Copy the NixOS configuration file and link it from the resulting system
|
||||
# (/run/current-system/configuration.nix). This is useful in case you
|
||||
# accidentally delete configuration.nix.
|
||||
# system.copySystemConfiguration = true;
|
||||
}
|
|
@ -1,68 +0,0 @@
|
|||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
nvme0n1 = {
|
||||
type = "disk";
|
||||
device = "/dev/nvme0n1";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
size = "512M";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
luks = {
|
||||
size = "600G";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "crypted";
|
||||
# disable settings.keyFile if you want to use interactive password entry
|
||||
passwordFile = "/tmp/secret.key"; # Interactive
|
||||
settings = {
|
||||
allowDiscards = true;
|
||||
#keyFile = "/tmp/secret.key";
|
||||
};
|
||||
#additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-f"];
|
||||
subvolumes = {
|
||||
"@" = {
|
||||
mountpoint = "/";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"@home" = {
|
||||
mountpoint = "/home";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"@nix" = {
|
||||
mountpoint = "/nix";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"@persist" = {
|
||||
mountpoint = "/persist";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"@snapshots" = {};
|
||||
"@swap" = {
|
||||
mountpoint = "/.swapvol";
|
||||
swap.swapfile.size = "8G";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = ["kvm-amd"];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -1,129 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkOptionDefault
|
||||
;
|
||||
in {
|
||||
home-manager.users.alarsyo = {
|
||||
home.stateVersion = "23.11";
|
||||
|
||||
my.home.laptop.enable = true;
|
||||
|
||||
# Keyboard settings & i3 settings
|
||||
my.home.x.enable = true;
|
||||
my.home.x.i3bar.temperature.chip = "k10temp-pci-*";
|
||||
my.home.x.i3bar.temperature.inputs = ["Tctl"];
|
||||
my.home.x.i3bar.networking.throughput_interfaces = ["wlp1s0"];
|
||||
my.home.emacs.enable = true;
|
||||
|
||||
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
|
||||
|
||||
# TODO: place in global home conf
|
||||
services.dunst.enable = true;
|
||||
|
||||
home.packages = builtins.attrValues {
|
||||
inherit
|
||||
(pkgs)
|
||||
ansel
|
||||
chromium # some websites only work there :(
|
||||
zotero
|
||||
;
|
||||
|
||||
inherit
|
||||
(pkgs.packages)
|
||||
spot
|
||||
;
|
||||
};
|
||||
|
||||
wayland.windowManager.sway = {
|
||||
enable = true;
|
||||
swaynag.enable = true;
|
||||
wrapperFeatures.gtk = true;
|
||||
config = {
|
||||
modifier = "Mod4";
|
||||
input = {
|
||||
"type:keyboard" = {
|
||||
xkb_layout = "fr";
|
||||
xkb_variant = "us";
|
||||
};
|
||||
"type:touchpad" = {
|
||||
dwt = "enabled";
|
||||
tap = "enabled";
|
||||
middle_emulation = "enabled";
|
||||
natural_scroll = "enabled";
|
||||
};
|
||||
};
|
||||
output = {
|
||||
"eDP-1" = {
|
||||
scale = "1.5";
|
||||
};
|
||||
};
|
||||
fonts = {
|
||||
names = ["Iosevka Fixed" "FontAwesome6Free"];
|
||||
size = 9.0;
|
||||
};
|
||||
bars = [
|
||||
{
|
||||
mode = "dock";
|
||||
hiddenState = "hide";
|
||||
position = "top";
|
||||
workspaceButtons = true;
|
||||
workspaceNumbers = true;
|
||||
statusCommand = "${pkgs.i3status}/bin/i3status";
|
||||
fonts = {
|
||||
names = ["Iosevka Fixed" "FontAwesome6Free"];
|
||||
size = 9.0;
|
||||
};
|
||||
trayOutput = "primary";
|
||||
colors = {
|
||||
background = "#000000";
|
||||
statusline = "#ffffff";
|
||||
separator = "#666666";
|
||||
focusedWorkspace = {
|
||||
border = "#4c7899";
|
||||
background = "#285577";
|
||||
text = "#ffffff";
|
||||
};
|
||||
activeWorkspace = {
|
||||
border = "#333333";
|
||||
background = "#5f676a";
|
||||
text = "#ffffff";
|
||||
};
|
||||
inactiveWorkspace = {
|
||||
border = "#333333";
|
||||
background = "#222222";
|
||||
text = "#888888";
|
||||
};
|
||||
urgentWorkspace = {
|
||||
border = "#2f343a";
|
||||
background = "#900000";
|
||||
text = "#ffffff";
|
||||
};
|
||||
bindingMode = {
|
||||
border = "#2f343a";
|
||||
background = "#900000";
|
||||
text = "#ffffff";
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
keybindings = mkOptionDefault {
|
||||
"Mod4+i" = "exec emacsclient --create-frame";
|
||||
};
|
||||
};
|
||||
};
|
||||
programs = {
|
||||
fuzzel.enable = true;
|
||||
swaylock.enable = true;
|
||||
waybar = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,23 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
options,
|
||||
...
|
||||
}: {
|
||||
config.age = {
|
||||
secrets = let
|
||||
toSecret = name: {...} @ attrs:
|
||||
{
|
||||
file = ./../../modules/secrets + "/${name}.age";
|
||||
}
|
||||
// attrs;
|
||||
in
|
||||
lib.mapAttrs toSecret {
|
||||
"restic-backup/talos-credentials" = {};
|
||||
"restic-backup/talos-password" = {};
|
||||
|
||||
"users/alarsyo-hashed-password" = {};
|
||||
"users/root-hashed-password" = {};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,96 +0,0 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
secrets = config.my.secrets;
|
||||
in {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./disko-configuration.nix
|
||||
./home.nix
|
||||
./secrets.nix
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.tmp.useTmpfs = true;
|
||||
|
||||
networking.hostName = "thanatos"; # Define your hostname.
|
||||
networking.domain = "lrde.epita.fr";
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
# List services that you want to enable:
|
||||
my.services = {
|
||||
tailscale = {
|
||||
enable = true;
|
||||
useRoutingFeatures = "both";
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
gitlab-runner = {
|
||||
enable = true;
|
||||
settings = {
|
||||
concurrent = 4;
|
||||
};
|
||||
services = {
|
||||
nix = {
|
||||
authenticationTokenConfigFile = config.age.secrets."gitlab-runner/thanatos-nix-runner-env".path;
|
||||
dockerImage = "alpine";
|
||||
dockerVolumes = [
|
||||
"/nix/store:/nix/store:ro"
|
||||
"/nix/var/nix/db:/nix/var/nix/db:ro"
|
||||
"/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
|
||||
];
|
||||
dockerDisableCache = true;
|
||||
preBuildScript = pkgs.writeScript "setup-container" ''
|
||||
mkdir -p -m 0755 /nix/var/log/nix/drvs
|
||||
mkdir -p -m 0755 /nix/var/nix/gcroots
|
||||
mkdir -p -m 0755 /nix/var/nix/profiles
|
||||
mkdir -p -m 0755 /nix/var/nix/temproots
|
||||
mkdir -p -m 0755 /nix/var/nix/userpool
|
||||
mkdir -p -m 1777 /nix/var/nix/gcroots/per-user
|
||||
mkdir -p -m 1777 /nix/var/nix/profiles/per-user
|
||||
mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root
|
||||
mkdir -p -m 0700 "$HOME/.nix-defexpr"
|
||||
|
||||
. ${pkgs.nix}/etc/profile.d/nix.sh
|
||||
|
||||
${pkgs.nix}/bin/nix-env -i ${lib.concatStringsSep " " (with pkgs; [nix cacert git openssh])}
|
||||
|
||||
${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable
|
||||
${pkgs.nix}/bin/nix-channel --update nixpkgs
|
||||
|
||||
mkdir -p ~/.config/nix
|
||||
echo "experimental-features = nix-command flakes" > ~/.config/nix/nix.conf
|
||||
'';
|
||||
environmentVariables = {
|
||||
ENV = "/etc/profile";
|
||||
USER = "root";
|
||||
NIX_REMOTE = "daemon";
|
||||
PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
|
||||
NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
|
||||
};
|
||||
};
|
||||
default = {
|
||||
authenticationTokenConfigFile = config.age.secrets."gitlab-runner/thanatos-runner-env".path;
|
||||
dockerImage = "debian:stable";
|
||||
};
|
||||
};
|
||||
};
|
||||
openssh.enable = true;
|
||||
};
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
docker-compose
|
||||
];
|
||||
}
|
|
@ -1,52 +0,0 @@
|
|||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
main = {
|
||||
type = "disk";
|
||||
device = "/dev/disk/by-id/ata-CT250MX500SSD1_2301E69A20C4";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
boot = {
|
||||
size = "1M";
|
||||
type = "EF02"; # for grub MBR
|
||||
};
|
||||
ESP = {
|
||||
size = "512M";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
};
|
||||
root = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
subvolumes = {
|
||||
"/root" = {
|
||||
mountpoint = "/";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"/home" = {
|
||||
mountpoint = "/home";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"/nix" = {
|
||||
mountpoint = "/nix";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"/swap" = {
|
||||
mountpoint = "/.swapvol";
|
||||
swap.swapfile.size = "8G";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sr_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = ["kvm-intel"];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
|
@ -1,7 +0,0 @@
|
|||
{config, ...}: {
|
||||
home-manager.users.alarsyo = {
|
||||
home.stateVersion = "23.11";
|
||||
|
||||
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
|
||||
};
|
||||
}
|
|
@ -1,22 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
options,
|
||||
...
|
||||
}: {
|
||||
config.age = {
|
||||
secrets = let
|
||||
toSecret = name: {...} @ attrs:
|
||||
{
|
||||
file = ./../../modules/secrets + "/${name}.age";
|
||||
}
|
||||
// attrs;
|
||||
in
|
||||
lib.mapAttrs toSecret {
|
||||
"users/alarsyo-hashed-password" = {};
|
||||
"users/root-hashed-password" = {};
|
||||
"gitlab-runner/thanatos-runner-env" = {};
|
||||
"gitlab-runner/thanatos-nix-runner-env" = {};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,7 +1,6 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./sddm.nix
|
||||
./secrets
|
||||
./wakeonwlan.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,31 +1,23 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit
|
||||
(lib)
|
||||
mkEnableOption
|
||||
mkIf
|
||||
;
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.my.displayManager.sddm;
|
||||
in {
|
||||
options.my.displayManager.sddm.enable = mkEnableOption "SDDM setup";
|
||||
in
|
||||
{
|
||||
options.my.displayManager.sddm.enable = lib.mkEnableOption "SDDM setup";
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.displayManager.sddm = {
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.xserver.displayManager.sddm = {
|
||||
enable = true;
|
||||
theme = "catppuccin-latte";
|
||||
wayland.enable = true;
|
||||
theme = "sugar-candy";
|
||||
};
|
||||
|
||||
environment.systemPackages = [
|
||||
(pkgs.catppuccin-sddm.override
|
||||
{
|
||||
flavor = "latte";
|
||||
})
|
||||
environment.systemPackages = with pkgs; [
|
||||
packages.sddm-sugar-candy
|
||||
|
||||
# dependencies for sugar-candy theme
|
||||
libsForQt5.qt5.qtgraphicaleffects
|
||||
libsForQt5.qt5.qtquickcontrols2
|
||||
libsForQt5.qt5.qtsvg
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
options,
|
||||
...
|
||||
}: {
|
||||
}
|
|
@ -1,12 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 k2gHjw E972A3kem7+3ul2Ai8TV8EVkF9upClr46y1pbN+AfDY
|
||||
qZdZuv+F9c46uxKWYdBKp6AGkTA5IEjcBwDlBHpEbCU
|
||||
-> ssh-ed25519 pX8y2g WEBknhwaTqfVzaLQRg1tfEY/aGZDFnH0PvXOZ3pC1k8
|
||||
A23ELihRVsx8jhTcJAy3a1/saKWPc6ojf8HhPHj0niw
|
||||
-> ssh-ed25519 z6Eu8Q IsN3L8xlk8VwrqUByYiUhthAk06KCn6hcYlZrodk/Vg
|
||||
lX/SjRJIZEt1/Q6iLKFiUTHB4eH8ig4WJN79mU/AVUw
|
||||
-> &r29]-grease #}
|
||||
100ULy2nfLIOODMNPyvq0ATuGdVBAgwcXAs
|
||||
--- VkOZ7Vy9R4QPqvgAveJae/L4/nuDnQ/bAoN7UEKzxyw
|
||||
wQ{3É”3‘
|
||||
m2eÞ?×ò¥.M„<19>:Df)ïˆ;t{zR½ªo’ñ²›‡òE#c·çáéTE…Ú9¹H67ÊqAÜ_Lb}
|
Binary file not shown.
|
@ -1,7 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 k2gHjw naNq55qkAm47KXPJpYFDjVQuxPz2Ffpima5z1WEqRSA
|
||||
ETC3Hh4gglwYpiJCu/EGOUzjN3BJYk8yJshMeMkgYug
|
||||
-> ssh-ed25519 6UUuZw Azk9jDbUL/nO20lvzs0s36q/4ZcWSpkUbt1J/PE7A2M
|
||||
kPKHGLoWHDpFhsRr+CBteWKYsDw0dn/+IKbrh/5qMoE
|
||||
--- g1akMn28voSQByQR9/ArJ4CsQehcwJ7MfCco+k2fPWo
|
||||
› YMZÓíî:ú{R^n~ó½±ã¢ÊwPaª§h£8<C2A3>T'hcmªe(<28>‘ÝXx=7”‹‡Ë¢[äË4@b=“&ª®æYÅ;‘€Ü[„ª¹ØÁˆß¿kôk>ˆ5’4‚0ÞGâŒ÷ðÌŸ±Q<C2B1>Êë·±Ÿw¡
|
|
@ -1,10 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 k2gHjw R7jnkS7fFFSouPgvjrCnyfWNHOanOWKVUDp4Fd2xqFU
|
||||
MdWD5E8dWfDHqFNTDCqOlyMhwpfEtqhlpnx3opft70w
|
||||
-> ssh-ed25519 pX8y2g /CAWr94ucfxWKLWQPSQD2fl09TuUZELywWoZgHZS0AY
|
||||
NeDHZc2ooKl2Bp0nAEY9P/Apdramb2TpHWpx0jkceyk
|
||||
-> bzN-grease F &,%3jl~w &]8&d*N6 5UJ
|
||||
58BUbsIwRkkUrNoSbgbMo/o1tKttXP2YWIJs9cbfXrT6XcO+Km0g90LPbYCmsqTZ
|
||||
pr8TINM2Wd8RQw
|
||||
--- 7K7sEw2zIWhuR3intlPGFipaVhHli+tWHqmyobRjLYo
|
||||
oÔèÛ„Å[\ñ²û¸©lN/X•ô:<03>±Œu¥N¾Öó
kºƒ{ïÁmeÿ0A=,h_¤÷è,œ4S&‰ù<E280B0>9œ‚hÙ1/ÄÍž’¥é÷ypa³öz2Ñ€†íTº,©’Réâ€U
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,9 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 k2gHjw md0WbIE3MSWLqqerCD4ljh4U+4fWaOhKZxl9RQt+HDo
|
||||
8Wj+hn5wwzgA6D1zQEaP1WIfmmK6pXVy2ZX5OQ/N0pU
|
||||
-> ssh-ed25519 pX8y2g ByOhNTkxCHFkOQAOrID+bZEQzwesbnKluY6G5sSUhlg
|
||||
AybKPZKzELtvWTT/Kmc+zs7KC4GB9214GUdnWMhGnmo
|
||||
-> QK!x#/y-grease c|K1% \ug . >WFn:bI
|
||||
Cgx9qaPIUk1hGKtQYJ6kNk/+bHTJ
|
||||
--- YwtEWMiVxfvMGE1ngDiy/dALw/Y9YAxduaqlVgPNqdk
|
||||
ÿ¿zîóÑF(Ã8§?VÁJýæávH(kÔ‚9o\!£Ê¿ˆÐÓN7é@«àY#ÕÓ19êümùV¢}ŸZðضQWEÇ’þ}v/éƒ<® õ»æh‰¶T3†vN‚®”1
|
|
@ -1,7 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 k2gHjw XED7gkKAp1ioBegA7ryqULRF1BORpW74esfIGp9zPE8
|
||||
ANxnQN+tox9KYdZvNZFZvQxOymckldPQMhFnz6fSIBo
|
||||
-> ssh-ed25519 pX8y2g 9wgPqL6GoOxad5AAUmDAYj0h/57AEM8VsQKq1pGTtjM
|
||||
SxD++XJioZLpt6C8Xse5Nmz4wtL0Fb5NKWo5ijKpyv8
|
||||
--- 3qOJnkY3Uc4fIex9mgz2+w+su5dS7K7Tmtk1hiqkn9M
|
||||
ÁXª¨àeéˆaLQH2*ZÅTé¿ ‘®P;Ý(jCÌ€k‡viäµû<C2B5>ÿ’ħ¡à†kæ`™ô]mò<6D>ÿBñ,³±,ü÷?!¶{àŠ%eÙì(„Su¿-SŸD¢¾“=H#‡„¼Þq=ï<>Uùí;=OÍ<÷R¼ÇÎE±“<+&èdÂæ<18>>G+_oP¥Þ]ÿê¦RÄßL$Ö³\š°ü0ø¤N!þ"Áã&÷%Nž à<ËÃ,òv°1ÿ‘Ê‘Új1
|
|
@ -1,11 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 k2gHjw Cnh9E+IbDcTnJT0AmN1pFJ9PrT/bWswps3viYITN2yo
|
||||
DwsFW60Su9sble5QFEjX5QoWVl/lMBsqAPWK+AB9epw
|
||||
-> ssh-ed25519 pX8y2g fMdWosCSxRpJSA3VGDEyWzeQfTJD5sPnu38MrcJJ1A8
|
||||
g16EuuS95pIeUuLZfqXR4Mey2GKiXRlxA2KRLD1RVns
|
||||
-> s*.sKB4H-grease V9A)DG( T<yeD0a<
|
||||
kaz3Ejq54nizMyMabG2TBzJ/oy8VIUKxQcXgWjM6CZp+8j36y5LtnR7osDZRzs27
|
||||
Yf+Y52QuZWswmD+tC+VxaQUpdd+3xvv2MH7D5ih2tTXy9/wZFKWTvIsvKBKz7dOQ
|
||||
|
||||
--- Y6f3eO8mQAb/gAG4CnbxZa7L+FVBCd3v33tXf01pKLg
|
||||
kÆ«Ø<fÂÇEGuñ‰x#ô;ZÔ/@%:ºì(&&ºXVøø¹Û"ö¾Î‘ñö,y`~n]BÅïî=Š\v8Œø´Ç¸”ŸþcO(7˜ú<CB9C>¡eÍXÝ0éÎ
|
|
@ -1,9 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 k2gHjw CoGvifgWo1JvHjx3PKJa3jR3lKrvgvKnTTui1w6UR0I
|
||||
gcadr6WbTzyrPD3h3oDifFj/pMZKIzUfDXL6e6610Is
|
||||
-> ssh-ed25519 pX8y2g MBFa4xDU6CaH6amzlGTmFXIcAXLq2xykRd0WkeUEkQo
|
||||
91jV5LUuhvOVKSg2cz3TMKI2SaZvCTzXL/xyUWbYJAg
|
||||
-> lkH}'\W;-grease nZ K\MP7 HUsh
|
||||
vWwsKxuBXKwpTBkYERd7kPo
|
||||
--- xohFX48WGxRFVYQzdbSl7l2Go90FSUPH5ml6OalKJwQ
|
||||
ÍsüÈùÁòÆ€ã·Õ<12>¡ŸhÝÝõ¦!è,(ÒQlÁök¶þV×ä¬ÛóË~éýÔÍU
!ÂûB0 ~ÃÏA!2Ùnp€`²‹’ÕÍìL&¯±³{†}„3%{’[)<18>t…®/nÊjb^{<7B>ƒ1Gû[G0ß
¿×‘ò m›o˜Ÿˆ« È:naŸ¨Q®¥\âæômfG¾;ù(Sþ¶ŸÉÎå
|
Binary file not shown.
|
@ -1,10 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 YWMQkg B5tQXcUdu751YYA4Y8uRH/DgGDi24AsXEAKkCVfg+Ro
|
||||
21Gz0MsMCtWzUdVuaWdNwEU9Ts8lOQWCd7Ejf2tkxks
|
||||
-> ssh-ed25519 k2gHjw NIG04WnNgq5bnSl9KmvFyvpGdFlmOFtXzuYtrsFOKXM
|
||||
ZYZVyIM0jnhguRmfIpRtFg0StgYTlu/P9bgxBy9dbOg
|
||||
-> u5-grease
|
||||
MTgqDb6tqCuvdlXj9c2Y3XX1X7JfrdeKLM0EQ75ZJe+Hrntnpvn4fSlBr8QoOahm
|
||||
fg
|
||||
--- VzgNZ3/IBQVeYfOMGjnHPDRKoBDdxHth61pevk5+fLw
|
||||
ŒÙúDíï° ´&…<QØ+¨úþ‹éJoTÇ;US9.©âu'v¸œ,‘Ä@“úÿQKcë‚ÛzÑ>v¢€ÃN1›±tòÚ8›w<˜Îò“w°d<C2B0><64>>s:µG_øæÆšyø„u,þÅ%@J hñ"†Ev‡ÙX
|
Binary file not shown.
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue