steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

chore: nixfmt *

Browse source
This commit is contained in:
steveej 2022-10-31 11:04:38 +01:00
parent aae3fd4090
commit 47c5c9dc56
161 changed files with 2693 additions and 3029 deletions
Download patch file Download diff file Expand all files Collapse all files

14
_archive/environments/dev/cross.nix
View file

@ -1,6 +1,6 @@
import /home/steveej/src/github/NixOS/nixpkgs/default.nix { import /home/steveej/src/github/NixOS/nixpkgs/default.nix {
crossSystem = rec { crossSystem = rec {
config = "armv7l-unknown-linux-gnueabi"; config = "armv7l-unknown-linux-gnueabi";
bigEndian = false; bigEndian = false;
arch = "arm"; arch = "arm";
float = "hard"; float = "hard";
@ -21,12 +21,12 @@ import /home/steveej/src/github/NixOS/nixpkgs/default.nix {
kernelDTB = true; kernelDTB = true;
kernelAutoModules = false; kernelAutoModules = false;
kernelExtraConfig = '' kernelExtraConfig = ''
NAMESPACES y NAMESPACES y
BTRFS_FS y BTRFS_FS y
BTRFS_FS_POSIX_ACL y BTRFS_FS_POSIX_ACL y
OVERLAY_FS y OVERLAY_FS y
FUSE_FS y FUSE_FS y
''; '';
kernelTarget = "zImage"; kernelTarget = "zImage";
uboot = null; uboot = null;
}; };

37
_archive/environments/dev/go/default.nix
View file

@ -1,10 +1,5 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {} { gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs
, pkgs ? gitpkgs , name ? "generic", version, extraBuildInputs ? [ ], extraShellHook ? "" }:
, name ? "generic"
, version
, extraBuildInputs ? []
, extraShellHook ? ""
}:
let let
go = builtins.getAttr "go_${version}" pkgs; go = builtins.getAttr "go_${version}" pkgs;
commonVimRC = '' commonVimRC = ''
@ -55,21 +50,21 @@ let
" } " }
''; '';
buildInputs = with pkgs; [ buildInputs = with pkgs; [
glibc.out glibc.out
glibc.static glibc.static
go go
gotools gotools
#gotools.bin #gotools.bin
#gocode.bin #gocode.bin
#godef godef.bin #godef godef.bin
godep godep
#godep.bin #godep.bin
gox.bin gox.bin
#ginkgo ginkgo.bin #ginkgo ginkgo.bin
#gomega #gomega
# ( import ./vim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } ) # ( import ./vim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } )
# ( import ./neovim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } ) # ( import ./neovim-go.nix { pkgs=gitpkgs; commonRC=commonVimRC; } )
]; ];
in pkgs.stdenv.mkDerivation { in pkgs.stdenv.mkDerivation {

8
_archive/environments/dev/go/neovim-go.nix
View file

@ -1,4 +1,4 @@
{ commonRC, ... } @ args : { commonRC, ... }@args:
(import ../../pkg-configuration/vim-derivates/neovim.nix args // { (import ../../pkg-configuration/vim-derivates/neovim.nix args // {
additionalRC = commonRC + '' additionalRC = commonRC + ''
@ -7,9 +7,5 @@
let g:deoplete#enable_smart_case = 1 let g:deoplete#enable_smart_case = 1
" } " }
''; '';
additionalPlugins = [ additionalPlugins = [ "deoplete-go" "deoplete-nvim" "vim-go" ];
"deoplete-go"
"deoplete-nvim"
"vim-go"
];
}) })

34
_archive/environments/dev/pandoc.nix
View file

@ -1,23 +1,21 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {} { gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs
, pkgs ? gitpkgs , name ? "generic", version ? "Stable", extraBuildInputs ? [ ] }:
, name ? "generic" let commonVimRC = "";
, version ? "Stable"
, extraBuildInputs ? []
}:
let
commonVimRC = ''
'';
in pkgs.stdenv.mkDerivation { in pkgs.stdenv.mkDerivation {
inherit name; inherit name;
buildInputs = with pkgs; [ buildInputs = with pkgs;
( import ./vim-pandoc.nix { pkgs=gitpkgs; commonRC=commonVimRC; }) [
pandoc (import ./vim-pandoc.nix {
texlive.combined.scheme-medium pkgs = gitpkgs;
python27Packages.pandocfilters commonRC = commonVimRC;
python27Packages.htmltreediff })
python27Packages.html5lib pandoc
python27Packages.dbus-python texlive.combined.scheme-medium
] ++ extraBuildInputs; python27Packages.pandocfilters
python27Packages.htmltreediff
python27Packages.html5lib
python27Packages.dbus-python
] ++ extraBuildInputs;
shellHook = '' shellHook = ''
pandocname=pandoc_${pkgs.pandoc.version} pandocname=pandoc_${pkgs.pandoc.version}
setPS1 $pandocname setPS1 $pandocname

9
_archive/environments/dev/rkt.nix
View file

@ -1,9 +1,6 @@
{ { pkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }
pkgs ? import /home/steveej/src/github/NixOS/nixpkgs {}, , mkGoEnv ? import ./go.nix, rktPath, }:
mkGoEnv ? import ./go.nix, let
rktPath,
}:
let
rktBasebuildInputs = with pkgs; [ rktBasebuildInputs = with pkgs; [
glibc.out glibc.out
glibc.static glibc.static

33
_archive/environments/dev/rust/default.nix
View file

@ -1,10 +1,6 @@
{ gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs {} { gitpkgs ? import /home/steveej/src/github/NixOS/nixpkgs { }, pkgs ? gitpkgs
, pkgs ? gitpkgs , name ? "generic", version ? "Stable", extraBuildInputs ? [ ] }:
, name ? "generic" let
, version ? "Stable"
, extraBuildInputs ? []
}:
let
rustPackages = builtins.getAttr "rust${version}" pkgs; rustPackages = builtins.getAttr "rust${version}" pkgs;
rustc = rustPackages.rustc; rustc = rustPackages.rustc;
rustShellHook = { rustc, name }: '' rustShellHook = { rustc, name }: ''
@ -12,20 +8,21 @@ let
setPS1 $rustname setPS1 $rustname
unset name unset name
''; '';
commonVimRC = '' commonVimRC = "";
'';
in pkgs.stdenv.mkDerivation { in pkgs.stdenv.mkDerivation {
inherit name; inherit name;
buildInputs = with rustPackages;[ buildInputs = with rustPackages;
( import ./vim-rust.nix { pkgs=gitpkgs; commonRC=commonVimRC; [
(import ./vim-rust.nix {
pkgs = gitpkgs;
commonRC = commonVimRC;
inherit rustc; inherit rustc;
racerd=pkgs.rustracerd; racerd = pkgs.rustracerd;
}) })
rustc cargo rustc
] ++ [ cargo
pkgs.rustfmt ] ++ [ pkgs.rustfmt ] ++ extraBuildInputs;
] ++ extraBuildInputs; shellHook = (rustShellHook) {
shellHook = (rustShellHook){
inherit name; inherit name;
inherit rustc; inherit rustc;
}; };

27
_archive/environments/dev/vim-go.nix
View file

@ -1,20 +1,17 @@
{ commonRC, ... } @ args : { commonRC, ... }@args:
import ../../pkg-configuration/vim-derivates/vim.nix (args // { import ../../pkg-configuration/vim-derivates/vim.nix (args // {
name = "vim-for-go"; name = "vim-for-go";
additionalRC = commonRC + '' additionalRC = commonRC + ''
" Disable AutoComplPop. " Disable AutoComplPop.
let g:acp_enableAtStartup = 0 let g:acp_enableAtStartup = 0
" Use neocomplete. " Use neocomplete.
let g:neocomplete#enable_at_startup = 1 let g:neocomplete#enable_at_startup = 1
" Use smartcase. " Use smartcase.
let g:neocomplete#enable_smart_case = 1 let g:neocomplete#enable_smart_case = 1
if !exists('g:neocomplete#sources#omni#input_patterns') if !exists('g:neocomplete#sources#omni#input_patterns')
let g:neocomplete#sources#omni#input_patterns = {} let g:neocomplete#sources#omni#input_patterns = {}
endif endif
''; '';
additionalPlugins = [ additionalPlugins = [ "neocomplete" "vim-go" ];
"neocomplete"
"vim-go"
];
}) })

12
_archive/environments/dev/vim-pandoc.nix
View file

@ -1,6 +1,4 @@
{ commonRC { commonRC, ... }@args:
,
... } @ args :
import ../../pkg-configuration/vim-derivates/vim.nix (args // { import ../../pkg-configuration/vim-derivates/vim.nix (args // {
name = "vim-for-pandoc"; name = "vim-for-pandoc";
@ -13,10 +11,6 @@ import ../../pkg-configuration/vim-derivates/vim.nix (args // {
let g:syntastic_auto_loc_list = 1 let g:syntastic_auto_loc_list = 1
let g:syntastic_check_on_open = 1 let g:syntastic_check_on_open = 1
let g:syntastic_check_on_wq = 0 let g:syntastic_check_on_wq = 0
''; '';
additionalPlugins = [ additionalPlugins = [ "vim-pandoc" "vim-pandoc-syntax" "vimpreviewpandoc" ];
"vim-pandoc"
"vim-pandoc-syntax"
"vimpreviewpandoc"
];
}) })

11
_archive/environments/dev/vim-rust.nix
View file

@ -1,7 +1,4 @@
{ commonRC { commonRC, rustc, racerd, ... }@args:
, rustc
, racerd,
... } @ args :
import ../../pkg-configuration/vim-derivates/vim.nix (args // { import ../../pkg-configuration/vim-derivates/vim.nix (args // {
name = "vim-for-rust"; name = "vim-for-rust";
@ -39,8 +36,6 @@ import ../../pkg-configuration/vim-derivates/vim.nix (args // {
let g:ycm_rust_src_path = '${rustc.src}/src' let g:ycm_rust_src_path = '${rustc.src}/src'
let g:ycm_racerd_binary_path = '${racerd.out}/bin/racerd' let g:ycm_racerd_binary_path = '${racerd.out}/bin/racerd'
''; '';
additionalPlugins = [ additionalPlugins = [ "rust-vim" ];
"rust-vim"
];
}) })

69
_archive/environments/fhs/android.nix
View file

@ -1,40 +1,41 @@
{ pkgs ? import <nixpkgs> {} }: { pkgs ? import <nixpkgs> { } }:
(pkgs.buildFHSUserEnv { (pkgs.buildFHSUserEnv {
name = "devfhs"; name = "devfhs";
multiPkgs = pkgs: (with pkgs; [ multiPkgs = pkgs:
android-udev-rules (with pkgs; [
sudo android-udev-rules
gawk sudo
bzip2 gawk
file bzip2
gcc file
getopt gcc
git getopt
gnumake git
ncurses gnumake
openssl ncurses
patch openssl
perl patch
pkgconfig perl
python pkgconfig
openssh python
subversion openssh
unzip subversion
wget unzip
which wget
vim which
zlib vim
libusb zlib
libusb1 libusb
systemd libusb1
strace systemd
swt strace
xorg.libXtst swt
glib xorg.libXtst
gtk2 glib
gnome.gtk gtk2
]); gnome.gtk
]);
profile = '' profile = ''
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/lib:/lib64:/lib32:/usr/lib32:/usr/lib64:${pkgs.xorg.libXtst}/lib:${pkgs.glib}/lib:${pkgs.gtk2}/lib export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/lib:/lib64:/lib32:/usr/lib32:/usr/lib64:${pkgs.xorg.libXtst}/lib:${pkgs.glib}/lib:${pkgs.gtk2}/lib
''; '';

11
_archive/environments/fhs/vscode.nix
View file

@ -1,9 +1,10 @@
{ pkgs ? import <nixpkgs> {} }: { pkgs ? import <nixpkgs> { } }:
(pkgs.buildFHSUserEnv { (pkgs.buildFHSUserEnv {
name = "everydayFHS"; name = "everydayFHS";
targetPkgs = pkgs: (with pkgs; targetPkgs = pkgs:
[ which (with pkgs; [
which
gitFull gitFull
zsh zsh
file file
@ -28,9 +29,7 @@
zlib zlib
libsecret libsecret
]); ]);
multiPkgs = pkgs: (with pkgs; multiPkgs = pkgs: (with pkgs; [ ]);
[
]);
profile = '' profile = ''
export SHELL=/bin/zsh export SHELL=/bin/zsh
''; '';

4
_archive/nixos-configuration/common/pkg/neovim.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }@args:
, pkgs
, ... } @ args:
{ {
environment.systemPackages = [ environment.systemPackages = [

6
_archive/nixos-configuration/common/pkg/vim.nix
View file

@ -1,9 +1,9 @@
{ pkgs { pkgs, ... }@args:
, ... } @ args:
{ {
environment.systemPackages = [ environment.systemPackages = [
pkgs.xsel pkgs.xsel
(import ../../../pkg-configuration/vim-derivates/vim.nix (args // { name = "vim"; })) (import ../../../pkg-configuration/vim-derivates/vim.nix
(args // { name = "vim"; }))
]; ];
} }

6
_archive/nixos-configuration/common/user/steveej.nix
View file

@ -1,8 +1,6 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../passwords.crypt.nix; passwords = import ../passwords.crypt.nix;
keys = import ../keys.nix; keys = import ../keys.nix;
inherit (import ../lib) mkUser; inherit (import ../lib) mkUser;

3
default.nix
View file

@ -5,8 +5,7 @@
# commands such as: # commands such as:
# nix-build -A mypackage # nix-build -A mypackage
{ pkgs ? import <nixpkgs> {} }: { pkgs ? import <nixpkgs> { } }:
{ {
overlays = import ./nix/overlays; overlays = import ./nix/overlays;

101
nix/container-images/default.nix
View file

@ -1,11 +1,6 @@
{ pkgs ? import <nixpkgs> {} { pkgs ? import <nixpkgs> { } }:
}:
let
baseEnv = [
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
];
let baseEnv = [ "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
in rec { in rec {
@ -29,19 +24,12 @@ in rec {
interactive_base = pkgs.dockerTools.buildImage { interactive_base = pkgs.dockerTools.buildImage {
name = "interactive_base"; name = "interactive_base";
fromImage = base; fromImage = base;
contents = with pkgs; [ contents = with pkgs; [ procps zsh coreutils neovim ];
procps
zsh
coreutils
neovim
];
config = { config = { Cmd = [ "/bin/zsh" ]; };
Cmd = [ "/bin/zsh" ];
};
}; };
s3ql = let s3ql = let
entrypoint = pkgs.writeScript "entrypoint" '' entrypoint = pkgs.writeScript "entrypoint" ''
#!${pkgs.stdenv.shell} #!${pkgs.stdenv.shell}
@ -84,40 +72,37 @@ in rec {
# FIXME: touch .isbucket after mount # FIXME: touch .isbucket after mount
''; '';
in pkgs.dockerTools.buildImage { in pkgs.dockerTools.buildImage {
name = "s3ql"; name = "s3ql";
fromImage = interactive_base; fromImage = interactive_base;
contents = [ contents = [ pkgs.s3ql pkgs.fuse ];
pkgs.s3ql
pkgs.fuse
];
runAsRoot = '' runAsRoot = ''
#!${pkgs.stdenv.shell} #!${pkgs.stdenv.shell}
mkdir -p /usr/bin mkdir -p /usr/bin
cp -a ${pkgs.fuse}/bin/fusermount /usr/bin cp -a ${pkgs.fuse}/bin/fusermount /usr/bin
chmod +s /usr/bin/fusermount chmod +s /usr/bin/fusermount
echo user_allow_other >> /etc/fuse.conf echo user_allow_other >> /etc/fuse.conf
''; '';
config = { config = {
Env = baseEnv ++ [ Env = baseEnv ++ [
"HOME=/home/s3ql" "HOME=/home/s3ql"
"S3QL_CACHE_DIR=/var/cache/s3ql" "S3QL_CACHE_DIR=/var/cache/s3ql"
"S3QL_AUTHINFO2=/etc/s3ql/authinfo2" "S3QL_AUTHINFO2=/etc/s3ql/authinfo2"
"CONTAINER_ENTRYPOINT=${entrypoint}" "CONTAINER_ENTRYPOINT=${entrypoint}"
]; ];
Cmd = [ entrypoint ]; Cmd = [ entrypoint ];
Volumes = { Volumes = {
"/var/cache/s3ql" = {}; "/var/cache/s3ql" = { };
"/etc/s3ql/authinfo2" = {}; "/etc/s3ql/authinfo2" = { };
"/buckets" = {}; "/buckets" = { };
"/tmp" = {}; "/tmp" = { };
}; };
}; };
}; };
syncthing = let syncthing = let
entrypoint = pkgs.writeScript "entrypoint" '' entrypoint = pkgs.writeScript "entrypoint" ''
#!${pkgs.stdenv.shell} #!${pkgs.stdenv.shell}
set -x set -x
@ -140,19 +125,15 @@ in rec {
-gui-address=$SYNCTHING_GUI_ADDRESS \ -gui-address=$SYNCTHING_GUI_ADDRESS \
-no-browser -no-browser
''; '';
in pkgs.dockerTools.buildImage { in pkgs.dockerTools.buildImage {
name = "syncthing"; name = "syncthing";
fromImage = interactive_base; fromImage = interactive_base;
contents = pkgs.syncthing; contents = pkgs.syncthing;
config = { config = {
Env = baseEnv ++ [ Env = baseEnv ++ [ "SYNCTHING_HOME=/home/syncthing" ];
"SYNCTHING_HOME=/home/syncthing" Cmd = [ entrypoint ];
]; Volumes = { "/data" = { }; };
Cmd = [ entrypoint ];
Volumes = {
"/data" = {};
};
};
}; };
};
} }

15
nix/default.nix
View file

@ -3,25 +3,22 @@
let let
channelVersions = (import versionsPath); channelVersions = (import versionsPath);
mkChannelSource = name: mkChannelSource = name:
let let channelVersion = builtins.getAttr name channelVersions;
channelVersion = builtins.getAttr name channelVersions;
in builtins.fetchGit { in builtins.fetchGit {
# Descriptive name to make the store path easier to identify # Descriptive name to make the store path easier to identify
inherit name; inherit name;
inherit (channelVersion) url ref rev; inherit (channelVersion) url ref rev;
}; };
nixPath = builtins.concatStringsSep ":" (builtins.map (elemName: nixPath = builtins.concatStringsSep ":" (builtins.map (elemName:
let let
elem = builtins.getAttr elemName channelVersions; elem = builtins.getAttr elemName channelVersions;
elemPath = (mkChannelSource elemName); elemPath = (mkChannelSource elemName);
suffix = if builtins.hasAttr "suffix" elem then elem.suffix else ""; suffix = if builtins.hasAttr "suffix" elem then elem.suffix else "";
in in builtins.concatStringsSep "=" [ elemName elemPath ] + suffix)
builtins.concatStringsSep "=" [ elemName elemPath ] + suffix (builtins.attrNames channelVersions));
) (builtins.attrNames channelVersions)); pkgs = import (mkChannelSource "nixpkgs") { };
pkgs = import (mkChannelSource "nixpkgs") {};
in
{ in {
inherit nixPath; inherit nixPath;
channelSources = pkgs.writeText "channels.rc" '' channelSources = pkgs.writeText "channels.rc" ''
export NIX_PATH=${nixPath} export NIX_PATH=${nixPath}

450
nix/home-manager/configuration/graphical-fullblown.nix
View file

@ -1,16 +1,13 @@
{ pkgs }: { pkgs }:
let let zshCurried = import ../programs/zsh.nix { inherit pkgs; };
zshCurried = import ../programs/zsh.nix { inherit pkgs; };
in
{ pkgs in { pkgs, config, ... }:
, config
, ... }:
let let
# gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {}; # gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
unstablepkgs = import <channels-nixos-unstable-small> { config = config.nixpkgs.config; }; unstablepkgs =
import <channels-nixos-unstable-small> { config = config.nixpkgs.config; };
masterpkgs = import <nixpkgs-master> { config = config.nixpkgs.config; }; masterpkgs = import <nixpkgs-master> { config = config.nixpkgs.config; };
in { in {
@ -37,274 +34,255 @@ in {
gnutls = true; gnutls = true;
}; };
packageOverrides = pkgs: with pkgs; { packageOverrides = pkgs: with pkgs; { };
};
}; };
home.sessionVariables = { home.sessionVariables = {
# TODO: find a way to prevent using a store path for the current file # TODO: find a way to prevent using a store path for the current file
# HM_CONFIG_PATH=builtins.toString "${./.}"; # HM_CONFIG_PATH=builtins.toString "${./.}";
HM_CONFIG="graphical-fullblown"; HM_CONFIG = "graphical-fullblown";
GOPATH="$HOME/src/go"; GOPATH = "$HOME/src/go";
PATH=pkgs.lib.concatStringsSep ":" [ PATH = pkgs.lib.concatStringsSep ":" [ "$HOME/.local/bin" "$PATH" ];
"$HOME/.local/bin"
"$PATH"
];
}; };
home.packages = [] home.packages = [ ] ++ (with pkgs; [
++ (with pkgs; [ # Authentication
# Authentication cacert
cacert fprintd
fprintd openssl
openssl mkpasswd
mkpasswd
# Nix package related tools # Nix package related tools
patchelf patchelf
nix-index nix-index
nox nox
nix-prefetch-scripts nix-prefetch-scripts
nix-prefetch-github nix-prefetch-github
# Version Control Systems # Version Control Systems
pijul pijul
gitless gitless
gitRepo gitRepo
git-lfs git-lfs
# Process/System Administration # Process/System Administration
htop htop
gnome.gnome-tweaks gnome.gnome-tweaks
xorg.xhost xorg.xhost
dmidecode dmidecode
evtest evtest
# Archive Managers # Archive Managers
sshfs-fuse sshfs-fuse
xarchive xarchive
p7zip p7zip
zip zip
unzip unzip
gzip gzip
lzop lzop
# Password Management # Password Management
gnupg gnupg
yubikey-manager yubikey-manager
yubikey-manager-qt yubikey-manager-qt
yubikey-personalization yubikey-personalization
yubikey-personalization-gui yubikey-personalization-gui
gnome.gnome-keyring gnome.gnome-keyring
gnome.seahorse gnome.seahorse
# Language Support # Language Support
hunspellDicts.en-us hunspellDicts.en-us
hunspellDicts.de-de hunspellDicts.de-de
# Messaging/Communication # Messaging/Communication
signal-desktop signal-desktop
pidgin pidgin
hexchat hexchat
aspellDicts.en aspellDicts.en
aspellDicts.de aspellDicts.de
skypeforlinux skypeforlinux
unstablepkgs.jitsi-meet-electron unstablepkgs.jitsi-meet-electron
unstablepkgs.zoom-us unstablepkgs.zoom-us
thunderbird thunderbird
evolution # gnome4.glib_networking evolution # gnome4.glib_networking
kotatogram-desktop kotatogram-desktop
gnome.cheese gnome.cheese
masterpkgs.discord masterpkgs.discord
# Virtualization # Virtualization
virtmanager virtmanager
# (pkgs.lib.hiPrio qemu) # (pkgs.lib.hiPrio qemu)
# virtualbox # virtualbox
# vagrant # vagrant
# docker_compose # docker_compose
# unstablepkgs.kubernetes # unstablepkgs.kubernetes
# unstablepkgs.minikube # unstablepkgs.minikube
# unstablepkgs.openshift # unstablepkgs.openshift
# (unstablepkgs.minikube.overrideAttrs (oldAttrs: { # (unstablepkgs.minikube.overrideAttrs (oldAttrs: {
# patches = oldAttrs.patches ++ [ # patches = oldAttrs.patches ++ [
# (builtins.fetchurl { url ="https://patch-diff.githubusercontent.com/raw/kubernetes/minikube/pull/2517.diff"; }) # (builtins.fetchurl { url ="https://patch-diff.githubusercontent.com/raw/kubernetes/minikube/pull/2517.diff"; })
# ]; # ];
# })) # }))
appimage-run appimage-run
# Remote Control Tools
remmina
freerdp
teamviewer
rustdesk
# Remote Control Tools # Audio/Video Players
remmina ffmpeg
freerdp vlc
teamviewer audacity
rustdesk spotify
youtube-dl-light
libwebcam
# Audio/Video Players # Network Tools
ffmpeg openvpn
vlc tcpdump
audacity iftop
spotify iperf
youtube-dl-light bind
libwebcam socat
# 2019-03-05: broken on 19.03 linssid
iptraf-ng
ipmitool
# Network Tools # samba
openvpn iptables
tcpdump nftables
iftop wireshark
iperf
bind
socat
# 2019-03-05: broken on 19.03 linssid
iptraf-ng
ipmitool
# samba # Code Editors
iptables # unstablepkgs.atom
nftables xclip
wireshark xsel
# Code Editors # Image/Graphic/Design Tools
# unstablepkgs.atom gnome.eog
xclip gimp
xsel imagemagick
exiv2
graphviz
inkscape
# barcode
qrencode
zbar
feh
# digikam
# Image/Graphic/Design Tools # Modelling Tools
gnome.eog # plantuml
gimp # umlet
imagemagick # staruml
exiv2 # eclipses.eclipse-modeling
graphviz # dia
inkscape # astah-community
# barcode
qrencode
zbar
feh
# digikam
# Misc Development Tools
qrcode
# travis
jq
# prometheus
cdrtools
# Modelling Tools # Document Processing and Management
# plantuml # zathura
# umlet mendeley
# staruml # zotero
# eclipses.eclipse-modeling pandoc
# dia unstablepkgs.logseq
# astah-community
# Misc Development Tools # has an EOL version of electron
qrcode # obsidian
# travis
jq
# prometheus
cdrtools
# Document Processing and Management # LaTeX
# zathura perlPackages.YAMLTiny
mendeley perlPackages.FileHomeDir
# zotero perlPackages.UnicodeLineBreak
pandoc (texlive.combine {
unstablepkgs.logseq inherit (texlive)
scheme-small texlive-de texlive-en texlive-scripts collection-langgerman
# has an EOL version of electron latexindent latexmk
# obsidian
# LaTeX algorithms cm-super
perlPackages.YAMLTiny
perlPackages.FileHomeDir
perlPackages.UnicodeLineBreak
(texlive.combine {
inherit (texlive)
scheme-small
texlive-de
texlive-en
texlive-scripts
collection-langgerman
latexindent preprint enumitem draftwatermark everypage ulem placeins minted
latexmk ifplatform fvextra xstring framed;
})
algorithms pdftk
cm-super # broken as of 2021-04-24
# masterpdfeditor
preprint # File Synchronzation
enumitem # seafile-client
draftwatermark # grive2
everypage dropbox
ulem rsync
placeins
minted ifplatform fvextra xstring framed
;
})
pdftk # Filesystem Tools
# broken as of 2021-04-24 ntfs3g
# masterpdfeditor ddrescue
ncdu
woeusb
unetbootin
pcmanfm
hdparm
testdisk
binwalk
gptfdisk
gparted
smartmontools
# File Synchronzation ## Android
# seafile-client androidenv.androidPkgs_9_0.platform-tools
# grive2
dropbox
rsync
# Filesystem Tools ## Python
ntfs3g myPython
ddrescue
ncdu
woeusb
unetbootin
pcmanfm
hdparm
testdisk
binwalk
gptfdisk
gparted
smartmontools
## Android # Code generators
androidenv.androidPkgs_9_0.platform-tools # unstablepkgs.swagger-codegen
## Python # Misc Desktop Tools
myPython # TODO: this may be required if brightness control isn't working
# brightnessctl
ltunify
# solaar # TODO: conflicts with solar over udev rules
dex
# kitty
busyboxStatic
xorg.xbacklight
coreutils
lsof
x11_ssh_askpass
xdotool
xdg_utils
xdg-user-dirs
dconf
picocom
glib.dev # contains gdbus tool
alacritty
unstablepkgs.wally-cli
man-pages
# Code generators # Screen recording
# unstablepkgs.swagger-codegen # gtk-recordmydesktop # can't select the window
# qt-recordmydesktop
# vokoscreen
# shutter
# kazam # doesn't start
# xvidcap # doesn't keep the recording rectangle
obs-studio
screenkey
# shotcut
# openshot-qt
# Misc Desktop Tools unstablepkgs.ledger-live-desktop
# TODO: this may be required if brightness control isn't working
# brightnessctl
ltunify
# solaar # TODO: conflicts with solar over udev rules
dex
# kitty
busyboxStatic
xorg.xbacklight
coreutils
lsof
x11_ssh_askpass
xdotool
xdg_utils
xdg-user-dirs
dconf
picocom
glib.dev # contains gdbus tool
alacritty
unstablepkgs.wally-cli
man-pages
# Screen recording
# gtk-recordmydesktop # can't select the window
# qt-recordmydesktop
# vokoscreen
# shutter
# kazam # doesn't start
# xvidcap # doesn't keep the recording rectangle
obs-studio
screenkey
# shotcut
# openshot-qt
unstablepkgs.ledger-live-desktop
]); ]);
} }

159
nix/home-manager/configuration/graphical-gnome3.nix
View file

@ -1,15 +1,12 @@
{ pkgs }: { pkgs }:
let let zshCurried = import ../programs/zsh.nix { inherit pkgs; };
zshCurried = import ../programs/zsh.nix { inherit pkgs; };
in
{ pkgs in { pkgs, config, ... }:
, config,
... }:
let let
unstablepkgs = import <channels-nixos-unstable> { config = config.nixpkgs.config; }; unstablepkgs =
import <channels-nixos-unstable> { config = config.nixpkgs.config; };
in { in {
imports = [ imports = [
@ -30,100 +27,96 @@ in {
gnutls = true; gnutls = true;
}; };
packageOverrides = pkgs: with pkgs; { packageOverrides = pkgs: with pkgs; { };
};
}; };
home.sessionVariables = { home.sessionVariables = { };
};
home.packages = [ ] ++ (with pkgs; [
# Nix package related tools
patchelf
nix-index
nix-prefetch-scripts
home.packages = # Version Control Systems
[] ++ (with pkgs; [ gitless
# Nix package related tools
patchelf
nix-index
nix-prefetch-scripts
# Version Control Systems # Process/System Administration
gitless htop
gnome.gnome-tweaks
xorg.xhost
dmidecode
evtest
# Process/System Administration # Archive Managers
htop sshfs-fuse
gnome.gnome-tweaks xarchive
xorg.xhost p7zip
dmidecode zip
evtest unzip
gzip
lzop
# Archive Managers # Password Management
sshfs-fuse gnome.gnome-keyring
xarchive gnome.seahorse
p7zip
zip
unzip
gzip
lzop
# Password Management # Remote Control Tools
gnome.gnome-keyring remmina
gnome.seahorse freerdp
# Remote Control Tools # Network Tools
remmina openvpn
freerdp tcpdump
iftop
iperf
bind
socat
# Network Tools # samba
openvpn iptables
tcpdump nftables
iftop wireshark
iperf
bind
socat
# samba # Code Editors
iptables xclip
nftables xsel
wireshark unstablepkgs.vscode
# Code Editors # Image/Graphic/Design Tools
xclip gnome.eog
xsel gimp
unstablepkgs.vscode inkscape
# Image/Graphic/Design Tools # Misc Development Tools
gnome.eog qrcode
gimp jq
inkscape cdrtools
# Misc Development Tools # Document Processing and Management
qrcode zathura
jq
cdrtools
# Document Processing and Management # File Synchronzation
zathura rsync
# File Synchronzation # Filesystem Tools
rsync ntfs3g
ddrescue
ncdu
unstablepkgs.woeusb
unetbootin
pcmanfm
hdparm
testdisk
python38Packages.binwalk
gptfdisk
# Filesystem Tools ## Python
ntfs3g myPython
ddrescue
ncdu
unstablepkgs.woeusb
unetbootin
pcmanfm
hdparm
testdisk
python38Packages.binwalk
gptfdisk
## Python busyboxStatic
myPython
busyboxStatic # Virtualization
virtmanager
# Virtualization
virtmanager
]); ]);
} }

159
nix/home-manager/configuration/graphical-removable.nix
View file

@ -1,15 +1,12 @@
{ pkgs }: { pkgs }:
let let zshCurried = import ../programs/zsh.nix { inherit pkgs; };
zshCurried = import ../programs/zsh.nix { inherit pkgs; };
in
{ pkgs in { pkgs, config, ... }:
, config,
... }:
let let
unstablepkgs = import <channels-nixos-unstable> { config = config.nixpkgs.config; }; unstablepkgs =
import <channels-nixos-unstable> { config = config.nixpkgs.config; };
in { in {
imports = [ imports = [
@ -32,100 +29,96 @@ in {
gnutls = true; gnutls = true;
}; };
packageOverrides = pkgs: with pkgs; { packageOverrides = pkgs: with pkgs; { };
};
}; };
home.sessionVariables = { home.sessionVariables = { };
};
home.packages = [ ] ++ (with pkgs; [
# Nix package related tools
patchelf
nix-index
nix-prefetch-scripts
home.packages = # Version Control Systems
[] ++ (with pkgs; [ gitless
# Nix package related tools
patchelf
nix-index
nix-prefetch-scripts
# Version Control Systems # Process/System Administration
gitless htop
gnome.gnome-tweaks
xorg.xhost
dmidecode
evtest
# Process/System Administration # Archive Managers
htop sshfs-fuse
gnome.gnome-tweaks xarchive
xorg.xhost p7zip
dmidecode zip
evtest unzip
gzip
lzop
# Archive Managers # Password Management
sshfs-fuse gnome.gnome-keyring
xarchive gnome.seahorse
p7zip
zip
unzip
gzip
lzop
# Password Management # Remote Control Tools
gnome.gnome-keyring remmina
gnome.seahorse freerdp
# Remote Control Tools # Network Tools
remmina openvpn
freerdp tcpdump
iftop
iperf
bind
socat
# Network Tools # samba
openvpn iptables
tcpdump nftables
iftop wireshark
iperf
bind
socat
# samba # Code Editors
iptables xclip
nftables xsel
wireshark unstablepkgs.vscode
# Code Editors # Image/Graphic/Design Tools
xclip gnome.eog
xsel gimp
unstablepkgs.vscode inkscape
# Image/Graphic/Design Tools # Misc Development Tools
gnome.eog qrcode
gimp jq
inkscape cdrtools
# Misc Development Tools # Document Processing and Management
qrcode zathura
jq
cdrtools
# Document Processing and Management # File Synchronzation
zathura rsync
# File Synchronzation # Filesystem Tools
rsync ntfs3g
ddrescue
ncdu
unstablepkgs.woeusb
unetbootin
pcmanfm
hdparm
testdisk
binwalk
gptfdisk
# Filesystem Tools ## Python
ntfs3g myPython
ddrescue
ncdu
unstablepkgs.woeusb
unetbootin
pcmanfm
hdparm
testdisk
binwalk
gptfdisk
## Python busyboxStatic
myPython
busyboxStatic # Virtualization
virtmanager
# Virtualization
virtmanager
]); ]);
} }

24
nix/home-manager/configuration/text-minimal.nix
View file

@ -1,12 +1,8 @@
{ pkgs, extraPackages ? [] }: { pkgs, extraPackages ? [ ] }:
let let zshCurried = import ../programs/zsh.nix { inherit pkgs; };
zshCurried = import ../programs/zsh.nix { inherit pkgs; };
in
{ pkgs in { pkgs, config, ... }:
, config
, ... }:
let let
@ -18,18 +14,10 @@ in {
zshCurried zshCurried
]; ];
nixpkgs.config = { nixpkgs.config = { packageOverrides = pkgs: with pkgs; { }; };
packageOverrides = pkgs: with pkgs; {
};
};
home.sessionVariables = { home.sessionVariables = { };
};
home.packages = extraPackages home.packages = extraPackages
++ (with pkgs; [ ++ (with pkgs; [ iperf3 inetutils speedtest-cli ]);
iperf3
inetutils
speedtest-cli
]);
} }

13
nix/home-manager/lib.nix
View file

@ -1,7 +1,6 @@
{ { }:
}:
let let
in { in {
mkSimpleTrayService = { execStart }: { mkSimpleTrayService = { execStart }: {
@ -11,12 +10,8 @@ in {
PartOf = [ "graphical-session.target" ]; PartOf = [ "graphical-session.target" ];
}; };
Install = { Install = { WantedBy = [ "graphical-session.target" ]; };
WantedBy = [ "graphical-session.target" ];
};
Service = { Service = { ExecStart = execStart; };
ExecStart = execStart;
};
}; };
} }

35
nix/home-manager/profiles/common.nix
View file

@ -1,8 +1,6 @@
{ pkgs { pkgs, ... }:
, ...
}:
let let
in { in {
# TODO: re-enable this with the appropriate version # TODO: re-enable this with the appropriate version
# programs.home-manager.enable = true; # programs.home-manager.enable = true;
@ -18,9 +16,9 @@ in {
home.keyboard = { home.keyboard = {
layout = "us"; layout = "us";
variant = "altgr-intl"; variant = "altgr-intl";
options = [ options = [
"nodeadkeys" "nodeadkeys"
# "caps:swapescape" # "caps:swapescape"
]; ];
}; };
@ -36,19 +34,18 @@ in {
programs.command-not-found.enable = true; programs.command-not-found.enable = true;
programs.fzf.enable = true; programs.fzf.enable = true;
home.packages = home.packages = [ ] ++ (with pkgs; [
[] ++ (with pkgs; [ # git helpers
# git helpers git-crypt
git-crypt
vcsh vcsh
# Authentication # Authentication
cacert cacert
openssl openssl
mkpasswd mkpasswd
just just
ripgrep ripgrep
du-dust du-dust
]); ]);
} }

8
nix/home-manager/profiles/dotfiles.nix
View file

@ -1,10 +1,6 @@
{ pkgs { pkgs, config, ... }:
, config
, ...
}:
let let vcshActivationScript = pkgs.callPackage ./dotfiles/vcsh.nix { };
vcshActivationScript = pkgs.callPackage ./dotfiles/vcsh.nix {};
in { in {
# TODO: fix the dotfiles # TODO: fix the dotfiles

49
nix/home-manager/profiles/dotfiles/vcsh.tmpl.nix
View file

@ -1,39 +1,36 @@
{ pkgs { pkgs, repoHttps ? "https://gitlab.com/steveeJ/dotfiles.git"
, repoHttps ? "https://gitlab.com/steveeJ/dotfiles.git" , repoSsh ? "git@gitlab.com:/steveeJ/dotfiles.git", ... }:
, repoSsh ? "git@gitlab.com:/steveeJ/dotfiles.git"
, ...
}:
let let
repoBareLocal = pkgs.runCommand "fetchbare" { repoBareLocal = pkgs.runCommand "fetchbare" {
outputHashMode = "recursive"; outputHashMode = "recursive";
outputHashAlgo = "sha256"; outputHashAlgo = "sha256";
outputHash = "0000000000000000000000000000000000000000000000000000"; outputHash = "0000000000000000000000000000000000000000000000000000";
} '' } ''
( (
set -xe set -xe
export GIT_SSL_CAINFO=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt export GIT_SSL_CAINFO=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt
export SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt export SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt
${pkgs.git}/bin/git clone --mirror ${repoHttps} $out ${pkgs.git}/bin/git clone --mirror ${repoHttps} $out
) )
''; '';
in pkgs.writeScript "activation-script" '' in pkgs.writeScript "activation-script" ''
export HOST=$(hostname -s) export HOST=$(hostname -s)
function set_remotes { function set_remotes {
${pkgs.vcsh}/bin/vcsh dotfiles remote set-url origin $1 ${pkgs.vcsh}/bin/vcsh dotfiles remote set-url origin $1
${pkgs.vcsh}/bin/vcsh dotfiles remote set-url --push origin $2 ${pkgs.vcsh}/bin/vcsh dotfiles remote set-url --push origin $2
} }
if ! test -d $HOME/.config/vcsh/repo.d/dotfiles.git; then if ! test -d $HOME/.config/vcsh/repo.d/dotfiles.git; then
echo Cloning dotfiles for $HOST... echo Cloning dotfiles for $HOST...
${pkgs.vcsh}/bin/vcsh clone -b $HOST ${repoBareLocal} dotfiles ${pkgs.vcsh}/bin/vcsh clone -b $HOST ${repoBareLocal} dotfiles
set_remotes ${repoHttps} ${repoSsh} set_remotes ${repoHttps} ${repoSsh}
else else
set_remotes ${repoBareLocal} ${repoSsh} set_remotes ${repoBareLocal} ${repoSsh}
echo Updating dotfiles for $HOST... echo Updating dotfiles for $HOST...
${pkgs.vcsh}/bin/vcsh pull $HOST || true ${pkgs.vcsh}/bin/vcsh pull $HOST || true
set_remotes ${repoHttps} ${repoSsh} set_remotes ${repoHttps} ${repoSsh}
fi fi
'' ''

45
nix/home-manager/profiles/nix-channels.nix
View file

@ -1,28 +1,27 @@
{ pkgs { pkgs, config, ... }:
, config
, ...
}:
let let
in { in {
home.file.".nix-channels".text = '' home.file.".nix-channels".text = "";
'';
home.activation.removeExistingNixChannels = config.lib.dag.entryBefore ["checkLinkTargets"] '' home.activation.removeExistingNixChannels =
$DRY_RUN_CMD ${pkgs.writeScript "activation-script" '' config.lib.dag.entryBefore [ "checkLinkTargets" ] ''
set -ex $DRY_RUN_CMD ${
if test -f $HOME/.nix-channels; then pkgs.writeScript "activation-script" ''
echo Uninstalling available channels... set -ex
if test -f $HOME/.nix-channel; then if test -f $HOME/.nix-channels; then
while read url channel; do echo Uninstalling available channels...
nix-channel --remove $channel if test -f $HOME/.nix-channel; then
done < $HOME/.nix-channel while read url channel; do
fi nix-channel --remove $channel
echo Moving existing file away... done < $HOME/.nix-channel
touch $HOME/.nix-channels.dummy fi
mv --backup=numbered $HOME/.nix-channels.dummy $HOME/.nix-channels echo Moving existing file away...
rm $HOME/.nix-channels touch $HOME/.nix-channels.dummy
fi mv --backup=numbered $HOME/.nix-channels.dummy $HOME/.nix-channels
''}; rm $HOME/.nix-channels
''; fi
''
};
'';
} }

408
nix/home-manager/profiles/qtile-desktop.nix
View file

@ -1,16 +1,13 @@
{ pkgs { pkgs, ... }:
, ...
}:
let let
inherit (import ../lib.nix { }) inherit (import ../lib.nix { }) mkSimpleTrayService;
mkSimpleTrayService
;
audio = pkgs.writeShellScript "audio" '' audio = pkgs.writeShellScript "audio" ''
export PATH=${with pkgs; lib.makeBinPath [ export PATH=${
pulseaudio findutils gnugrep with pkgs;
]}:$PATH lib.makeBinPath [ pulseaudio findutils gnugrep ]
}:$PATH
export MUTEFILE=''${TEMPDIR:-/tmp}/.qtilemute export MUTEFILE=''${TEMPDIR:-/tmp}/.qtilemute
case $1 in case $1 in
@ -34,9 +31,7 @@ let
terminalCommand = "${pkgs.alacritty}/bin/alacritty"; terminalCommand = "${pkgs.alacritty}/bin/alacritty";
dpmsScript = pkgs.writeShellScript "dpmsScript" '' dpmsScript = pkgs.writeShellScript "dpmsScript" ''
export PATH=${with pkgs; lib.makeBinPath [ export PATH=${with pkgs; lib.makeBinPath [ xorg.xset ]}:$PATH
xorg.xset
]}:$PATH
set -xe set -xe
@ -59,9 +54,7 @@ let
''; '';
screenLockCommand = pkgs.writeShellScript "screenLock" '' screenLockCommand = pkgs.writeShellScript "screenLock" ''
export PATH=${with pkgs; lib.makeBinPath [ export PATH=${with pkgs; lib.makeBinPath [ i3lock ]}:$PATH
i3lock
]}:$PATH
revert() { revert() {
${dpmsScript} default ${dpmsScript} default
@ -82,186 +75,185 @@ let
''; '';
qtileConfig = pkgs.writeScript "qtile_config.py" '' qtileConfig = pkgs.writeScript "qtile_config.py" ''
from libqtile.config import Key, Screen, Group, Drag, Click from libqtile.config import Key, Screen, Group, Drag, Click
from libqtile.command import lazy from libqtile.command import lazy
from libqtile import layout, bar, widget from libqtile import layout, bar, widget
from libqtile import hook from libqtile import hook
import logging, os import logging, os
logger = logging.getLogger() logger = logging.getLogger()
logger.setLevel(logging.WARN) logger.setLevel(logging.WARN)
handler = logging.handlers.RotatingFileHandler( handler = logging.handlers.RotatingFileHandler(
os.path.join(os.getenv('TEMPDIR', default="/tmp"), '.qtilelog'), maxBytes=10240000, os.path.join(os.getenv('TEMPDIR', default="/tmp"), '.qtilelog'), maxBytes=10240000,
backupCount=7 backupCount=7
)
handler.setLevel(logging.WARN)
logger.addHandler(handler)
key_super = "mod4"
key_alt = "mod1"
key_control = "control"
keys = [
# https://github.com/qtile/qtile/blob/master/libqtile/backend/x11/xkeysyms.py
Key([key_super], "Return", lazy.spawn("${terminalCommand}")),
Key([key_super], "r", lazy.spawncmd()),
Key([key_super], "w", lazy.window.kill()),
Key([key_alt, key_super], "l", lazy.spawn('${pkgs.bash}/bin/sh -c "loginctl lock-session $XDG_SESSION_ID"')),
Key([key_alt, key_super], "s", lazy.spawn("${pkgs.systemd}/bin/systemctl suspend")),
Key([key_super, key_control], "r", lazy.spawn("${initScreen}")),
Key([key_super, key_control], "q", lazy.shutdown()),
# Toggle between different layouts as defined below
Key([key_super], "Tab", lazy.next_layout()),
# this is usefull when floating windows get buried
Key([key_super], "Escape", lazy.window.bring_to_front()),
# common to all layouts
Key([key_control, key_alt], "h", lazy.layout.grow_left()),
Key([key_control, key_alt], "j", lazy.layout.grow_down()),
Key([key_control, key_alt], "k", lazy.layout.grow_up()),
Key([key_control, key_alt], "l", lazy.layout.grow_right()),
Key([key_super], "n", lazy.layout.normalize()),
Key([key_super], "o", lazy.layout.maximize()),
# MonadTall keybindings
Key([key_super], "h", lazy.layout.left().when(layout="monad")),
Key([key_super], "l", lazy.layout.right().when(layout="monad")),
Key([key_super], "j", lazy.layout.down().when(layout="monad")),
Key([key_super], "k", lazy.layout.up().when(layout="monad")),
Key([key_super, key_control], "h", lazy.layout.shuffle_left().when(layout="monad")),
Key([key_super, key_control], "l", lazy.layout.shuffle_right().when(layout="monad")),
Key([key_super, key_control], "j", lazy.layout.shuffle_down().when(layout="monad")),
Key([key_super, key_control], "k", lazy.layout.shuffle_up().when(layout="monad")),
Key([key_super, key_control], "space", lazy.layout.toggle_split().when(layout="monad")),
# Stack
Key([key_super], "h", lazy.layout.previous().when(layout='stack')),
Key([key_super], "l", lazy.layout.next().when(layout='stack')),
Key([key_super], "j", lazy.layout.up().when(layout='stack')),
Key([key_super], "k", lazy.layout.down().when(layout='stack')),
Key([key_super, key_control], "j", lazy.layout.shuffle_up().when(layout='stack')),
Key([key_super, key_control], "k", lazy.layout.shuffle_down().when(layout='stack')),
Key([key_super, key_control], "h", lazy.layout.client_to_previous().when(layout='stack')),
Key([key_super, key_control], "l", lazy.layout.client_to_next().when(layout='stack')),
# Columns
Key([key_super], "h", lazy.layout.left().when(layout="columns")),
Key([key_super], "l", lazy.layout.right().when(layout="columns")),
Key([key_super], "j", lazy.layout.next().when(layout="columns")),
Key([key_super], "k", lazy.layout.previous().when(layout="columns")),
Key([key_super, key_control], "j", lazy.layout.shuffle_down().when(layout="columns")),
Key([key_super, key_control], "k", lazy.layout.shuffle_up().when(layout="columns")),
Key([key_super, key_control], "h", lazy.layout.shuffle_left().when(layout="columns")),
Key([key_super, key_control], "l", lazy.layout.shuffle_right().when(layout="columns")),
Key([key_super, key_control], "space", lazy.layout.toggle_split().when(layout="columns")),
# Max
Key([key_super], "j", lazy.layout.down().when(layout="max")),
Key([key_super], "k", lazy.layout.up().when(layout="max")),
# TODO: these are required to make the 'columns' layout work, but why?
Key([key_super], "j", lazy.layout.next()),
Key([key_super], "k", lazy.layout.previous()),
# Multimedia Keys
Key([], "XF86AudioPlay", lazy.spawn("${pkgs.playerctl}/bin/playerctl play-pause")),
Key([], "XF86AudioPrev", lazy.spawn("${pkgs.playerctl}/bin/playerctl previous")),
Key([], "XF86AudioNext", lazy.spawn("${pkgs.playerctl}/bin/playerctl next")),
# TODO: the next two don't work yet
Key([], "XF86AudioRewind", lazy.spawn("${pkgs.playerctl}/bin/playerctl offset 10-")),
Key([], "XF86BackForward", lazy.spawn("${pkgs.playerctl}/bin/playerctl offset 10+")),
Key([], "XF86AudioMute", lazy.spawn("${audio} mute")),
Key([], "XF86AudioLowerVolume", lazy.spawn("${audio} lower")),
Key([], "XF86AudioRaiseVolume", lazy.spawn("${audio} raise")),
Key([], "Print", lazy.spawn("${pkgs.flameshot}/bin/flameshot gui")),
]
groups = [Group(i) for i in "1234567890"]
for i in groups:
# super + letter of group = switch to group
keys.append(
Key([key_super], i.name, lazy.group[i.name].toscreen())
) )
handler.setLevel(logging.WARN)
logger.addHandler(handler)
# super + shift + letter of group = switch to & move focused window to group key_super = "mod4"
keys.append( key_alt = "mod1"
Key([key_super, key_control], i.name, lazy.window.togroup(i.name)) key_control = "control"
)
layouts = [ keys = [
layout.Columns(num_columns=3, border_focus='#00ff00', border_width=2), # https://github.com/qtile/qtile/blob/master/libqtile/backend/x11/xkeysyms.py
layout.Max(), Key([key_super], "Return", lazy.spawn("${terminalCommand}")),
# layout.Stack(num_stacks=3, border_focus='#00ff00', border_width=2, autosplit=True, previous_on_rm=True), Key([key_super], "r", lazy.spawncmd()),
# layout.Wmii(border_focus='#00ff00'), Key([key_super], "w", lazy.window.kill()),
# layout.MonadTall(ratio=0.6, border_focus='#00ff00'),
]
widget_defaults = dict( Key([key_alt, key_super], "l", lazy.spawn('${pkgs.bash}/bin/sh -c "loginctl lock-session $XDG_SESSION_ID"')),
font='Arial', Key([key_alt, key_super], "s", lazy.spawn("${pkgs.systemd}/bin/systemctl suspend")),
fontsize=16,
padding=3,
)
screens_count = 4 Key([key_super, key_control], "r", lazy.spawn("${initScreen}")),
screens = [] Key([key_super, key_control], "q", lazy.shutdown()),
for i in range(0, screens_count+1):
j = i+1 # Toggle between different layouts as defined below
widgets = [ Key([key_super], "Tab", lazy.next_layout()),
widget.TextBox("Screen %i" % j, name="Screen %i" % j),
widget.GroupBox(), # this is usefull when floating windows get buried
widget.WindowName(), Key([key_super], "Escape", lazy.window.bring_to_front()),
widget.Prompt(),
widget.CPUGraph(), # common to all layouts
widget.ThermalSensor(), Key([key_control, key_alt], "h", lazy.layout.grow_left()),
widget.Memory(), Key([key_control, key_alt], "j", lazy.layout.grow_down()),
widget.Net(interface='eth0'), Key([key_control, key_alt], "k", lazy.layout.grow_up()),
widget.Net(interface='wlan0'), Key([key_control, key_alt], "l", lazy.layout.grow_right()),
widget.Clock(format='%Y-%m-%d %a %I:%M %p'), Key([key_super], "n", lazy.layout.normalize()),
Key([key_super], "o", lazy.layout.maximize()),
# MonadTall keybindings
Key([key_super], "h", lazy.layout.left().when(layout="monad")),
Key([key_super], "l", lazy.layout.right().when(layout="monad")),
Key([key_super], "j", lazy.layout.down().when(layout="monad")),
Key([key_super], "k", lazy.layout.up().when(layout="monad")),
Key([key_super, key_control], "h", lazy.layout.shuffle_left().when(layout="monad")),
Key([key_super, key_control], "l", lazy.layout.shuffle_right().when(layout="monad")),
Key([key_super, key_control], "j", lazy.layout.shuffle_down().when(layout="monad")),
Key([key_super, key_control], "k", lazy.layout.shuffle_up().when(layout="monad")),
Key([key_super, key_control], "space", lazy.layout.toggle_split().when(layout="monad")),
# Stack
Key([key_super], "h", lazy.layout.previous().when(layout='stack')),
Key([key_super], "l", lazy.layout.next().when(layout='stack')),
Key([key_super], "j", lazy.layout.up().when(layout='stack')),
Key([key_super], "k", lazy.layout.down().when(layout='stack')),
Key([key_super, key_control], "j", lazy.layout.shuffle_up().when(layout='stack')),
Key([key_super, key_control], "k", lazy.layout.shuffle_down().when(layout='stack')),
Key([key_super, key_control], "h", lazy.layout.client_to_previous().when(layout='stack')),
Key([key_super, key_control], "l", lazy.layout.client_to_next().when(layout='stack')),
# Columns
Key([key_super], "h", lazy.layout.left().when(layout="columns")),
Key([key_super], "l", lazy.layout.right().when(layout="columns")),
Key([key_super], "j", lazy.layout.next().when(layout="columns")),
Key([key_super], "k", lazy.layout.previous().when(layout="columns")),
Key([key_super, key_control], "j", lazy.layout.shuffle_down().when(layout="columns")),
Key([key_super, key_control], "k", lazy.layout.shuffle_up().when(layout="columns")),
Key([key_super, key_control], "h", lazy.layout.shuffle_left().when(layout="columns")),
Key([key_super, key_control], "l", lazy.layout.shuffle_right().when(layout="columns")),
Key([key_super, key_control], "space", lazy.layout.toggle_split().when(layout="columns")),
# Max
Key([key_super], "j", lazy.layout.down().when(layout="max")),
Key([key_super], "k", lazy.layout.up().when(layout="max")),
# TODO: these are required to make the 'columns' layout work, but why?
Key([key_super], "j", lazy.layout.next()),
Key([key_super], "k", lazy.layout.previous()),
# Multimedia Keys
Key([], "XF86AudioPlay", lazy.spawn("${pkgs.playerctl}/bin/playerctl play-pause")),
Key([], "XF86AudioPrev", lazy.spawn("${pkgs.playerctl}/bin/playerctl previous")),
Key([], "XF86AudioNext", lazy.spawn("${pkgs.playerctl}/bin/playerctl next")),
# TODO: the next two don't work yet
Key([], "XF86AudioRewind", lazy.spawn("${pkgs.playerctl}/bin/playerctl offset 10-")),
Key([], "XF86BackForward", lazy.spawn("${pkgs.playerctl}/bin/playerctl offset 10+")),
Key([], "XF86AudioMute", lazy.spawn("${audio} mute")),
Key([], "XF86AudioLowerVolume", lazy.spawn("${audio} lower")),
Key([], "XF86AudioRaiseVolume", lazy.spawn("${audio} raise")),
Key([], "Print", lazy.spawn("${pkgs.flameshot}/bin/flameshot gui")),
] ]
if i is 0: groups = [Group(i) for i in "1234567890"]
widgets.insert(-1, widget.Systray())
screens.append(Screen(bottom=bar.Bar(widgets, 30))) for i in groups:
# super + letter of group = switch to group
keys.append(
Key([key_super], i.name, lazy.group[i.name].toscreen())
)
keys.append(Key([key_super, "shift"], "%i" % (i+1), lazy.to_screen(i))) # super + shift + letter of group = switch to & move focused window to group
keys.append(
Key([key_super, key_control], i.name, lazy.window.togroup(i.name))
)
dgroups_key_binder = None layouts = [
dgroups_app_rules = [] layout.Columns(num_columns=3, border_focus='#00ff00', border_width=2),
follow_mouse_focus = False layout.Max(),
bring_front_click = False # layout.Stack(num_stacks=3, border_focus='#00ff00', border_width=2, autosplit=True, previous_on_rm=True),
cursor_warp = False # layout.Wmii(border_focus='#00ff00'),
auto_fullscreen = True # layout.MonadTall(ratio=0.6, border_focus='#00ff00'),
auto_minimize = False ]
# focus_on_window_activation = "urgent"
widget_defaults = dict(
font='Arial',
fontsize=16,
padding=3,
)
screens_count = 4
screens = []
for i in range(0, screens_count+1):
j = i+1
widgets = [
widget.TextBox("Screen %i" % j, name="Screen %i" % j),
widget.GroupBox(),
widget.WindowName(),
widget.Prompt(),
widget.CPUGraph(),
widget.ThermalSensor(),
widget.Memory(),
widget.Net(interface='eth0'),
widget.Net(interface='wlan0'),
widget.Clock(format='%Y-%m-%d %a %I:%M %p'),
]
if i is 0:
widgets.insert(-1, widget.Systray())
screens.append(Screen(bottom=bar.Bar(widgets, 30)))
keys.append(Key([key_super, "shift"], "%i" % (i+1), lazy.to_screen(i)))
dgroups_key_binder = None
dgroups_app_rules = []
follow_mouse_focus = False
bring_front_click = False
cursor_warp = False
auto_fullscreen = True
auto_minimize = False
# focus_on_window_activation = "urgent"
# Drag floating layouts. # Drag floating layouts.
mouse = [ mouse = [
# Drag([key_super,key_control], "Button1", lazy.window.set_position_floating(), start=lazy.window.get_position()), # Drag([key_super,key_control], "Button1", lazy.window.set_position_floating(), start=lazy.window.get_position()),
# Drag([key_super,key_control], "Button2", lazy.window.set_size_floating(), start=lazy.window.get_size()), # Drag([key_super,key_control], "Button2", lazy.window.set_size_floating(), start=lazy.window.get_size()),
Click([key_super,key_control], "Button3", lazy.window.disable_floating()) Click([key_super,key_control], "Button3", lazy.window.disable_floating())
] ]
# disable any floating # disable any floating
@hook.subscribe.client_new @hook.subscribe.client_new
def disable_floating_for_all_new_windows(window): def disable_floating_for_all_new_windows(window):
window.floating = False window.floating = False
@hook.subscribe.client_new @hook.subscribe.client_new
def print_new_window(window): def print_new_window(window):
print("new window: ", window) print("new window: ", window)
''; '';
in { in {
systemd.user = { systemd.user = {
startServices = true; startServices = true;
services = { services = { };
};
}; };
services = { services = {
@ -306,50 +298,46 @@ in {
enable = true; enable = true;
settings = { settings = {
matches = let matches = let
playerctl = ''${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl''; playerctl = ''
${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl'';
in [ in [
{ {
trigger = ":vpos"; trigger = ":vpos";
replace = "{{output}}"; replace = "{{output}}";
vars = [ vars = [{
{ name = "output";
name = "output"; type = "script";
type = "script"; params = {
params = { args = [
args = [ (pkgs.writeScript "espanso" ''
(pkgs.writeScript "espanso" '' #! ${pkgs.python3}/bin/python
#! ${pkgs.python3}/bin/python import subprocess, os, math, datetime
import subprocess, os, math, datetime
id=str(os.getuid()) id=str(os.getuid())
result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True) result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True)
result.check_returncode() result.check_returncode()
position_secs = math.trunc(float(result.stdout)) position_secs = math.trunc(float(result.stdout))
position_human = datetime.timedelta(seconds=position_secs) position_human = datetime.timedelta(seconds=position_secs)
print("%s - %s" % (position_human, position_secs)) print("%s - %s" % (position_human, position_secs))
'') '')
]; ];
}; };
} }];
];
} }
{ {
trigger = ":vtit"; trigger = ":vtit";
replace = "{{output}}"; replace = "{{output}}";
vars = [ vars = [{
{ name = "output";
name = "output"; type = "script";
type = "script"; params = {
params = { args = [
args = [ (pkgs.writeShellScript "espanso"
(pkgs.writeShellScript "espanso" '' "${playerctl} metadata title")
${playerctl} metadata title'' ];
) };
]; }];
};
}
];
} }
{ {
trigger = ":dunno"; trigger = ":dunno";

19
nix/home-manager/programs/chromium.nix
View file

@ -1,15 +1,9 @@
{ { ... }:
...
}:
{ {
programs.chromium = { programs.chromium = { enable = true; };
enable = true;
};
programs.brave = { programs.brave = { enable = true; };
enable = true;
};
nixpkgs.config = { nixpkgs.config = {
chromium = { chromium = {
@ -18,11 +12,6 @@
}; };
}; };
programs.browserpass = { programs.browserpass = { browsers = [ "chromium" "brave" ]; };
browsers = [
"chromium"
"brave"
];
};
} }

34
nix/home-manager/programs/emacs.nix
View file

@ -1,24 +1,22 @@
{ pkgs, { pkgs, ... }:
...
}:
{ {
programs.emacs = { programs.emacs = {
enable = true; enable = true;
extraPackages = epkgs: (with epkgs; [ extraPackages = epkgs:
nix-mode (with epkgs; [
magit # ; Integrate git <C-x g> nix-mode
zerodark-theme # ; Nicolas' theme magit # ; Integrate git <C-x g>
undo-tree # ; <C-x u> to show the undo tree zerodark-theme # ; Nicolas' theme
# zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+> undo-tree # ; <C-x u> to show the undo tree
]) ++ (with epkgs.melpaPackages; [ # zoom-frm # ; increase/decrease font size for all buffers %lt;C-x C-+>
evil ]) ++ (with epkgs.melpaPackages; [ evil ]) ++ (with epkgs.elpaPackages; [
]) ++ (with epkgs.elpaPackages; [ auctex # ; LaTeX mode
auctex # ; LaTeX mode beacon # ; highlight my cursor when scrolling
beacon # ; highlight my cursor when scrolling nameless # ; hide current package name everywhere in elisp code
nameless # ; hide current package name everywhere in elisp code ]) ++ (with pkgs;
]) ++ (with pkgs; [ [
pkgs.notmuch # From main packages set pkgs.notmuch # From main packages set
]); ]);
}; };
} }

15
nix/home-manager/programs/firefox.nix
View file

@ -1,19 +1,14 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
programs.firefox = { programs.firefox = { enable = true; };
enable = true;
};
programs.browserpass = { programs.browserpass = {
enable = true; enable = true;
browsers = [ browsers = [ "firefox" ];
"firefox"
];
}; };
home.file.".mozilla/native-messaging-hosts/passff.json".source = "${pkgs.passff-host}/share/passff-host/passff.json"; home.file.".mozilla/native-messaging-hosts/passff.json".source =
"${pkgs.passff-host}/share/passff-host/passff.json";
} }

4
nix/home-manager/programs/holochain-launcher.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
home.packages = [ home.packages = [ pkgs.holochain-launcher ];
pkgs.holochain-launcher
];
} }

49
nix/home-manager/programs/homeshick.nix
View file

@ -1,38 +1,37 @@
{ pkgs { pkgs, config, ... }:
, config
, ...
}:
let let
# TODO: clean up the impurity in here # TODO: clean up the impurity in here
in { in {
home.sessionVariables = { home.sessionVariables = { HOMESHICK_DIR = "${pkgs.homeshick}"; };
HOMESHICK_DIR="${pkgs.homeshick}";
};
home.activation.bootstrapRepos = config.lib.dag.entryAfter ["writeBoundary"] '' home.activation.bootstrapRepos =
$DRY_RUN_CMD ${pkgs.writeScript "activation-script" '' config.lib.dag.entryAfter [ "writeBoundary" ] ''
set -e $DRY_RUN_CMD ${
echo home-manager path is ${config.home.path} pkgs.writeScript "activation-script" ''
echo home is $HOME set -e
echo home-manager path is ${config.home.path}
echo home is $HOME
source ${pkgs.homeshick}/homeshick.sh source ${pkgs.homeshick}/homeshick.sh
type homeshick type homeshick
# echo Updating homeshick # echo Updating homeshick
# ln -sfT ${pkgs.homeshick} "$HOMESICK_REPOS"/.homeshick # ln -sfT ${pkgs.homeshick} "$HOMESICK_REPOS"/.homeshick
# mv -Tf "$HOMESICK_REPOS"/{.,}homeshick # mv -Tf "$HOMESICK_REPOS"/{.,}homeshick
''}; ''
''; };
'';
nixpkgs.config = { nixpkgs.config = {
packageOverrides = pkgs: with pkgs; { packageOverrides = pkgs:
homeshick = builtins.fetchGit { with pkgs; {
url = "https://github.com/andsens/homeshick.git"; homeshick = builtins.fetchGit {
ref = "master"; url = "https://github.com/andsens/homeshick.git";
ref = "master";
};
}; };
};
}; };
} }

8
nix/home-manager/programs/libreoffice.nix
View file

@ -1,6 +1,4 @@
{ pkgs, { pkgs, ... }:
...
}:
{ {
home.sessionVariables = { home.sessionVariables = {
@ -8,7 +6,5 @@
SAL_USE_VCLPLUGIN = "gtk3"; SAL_USE_VCLPLUGIN = "gtk3";
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [ libreoffice-fresh ];
libreoffice-fresh
];
} }

205
nix/home-manager/programs/neovim.nix
View file

@ -1,13 +1,9 @@
{ pkgs, { pkgs, ... }:
...
}:
let let
in { in {
home.sessionVariables = { home.sessionVariables = { EDITOR = "nvim"; };
EDITOR = "nvim";
};
programs.neovim = { programs.neovim = {
enable = true; enable = true;
@ -16,116 +12,117 @@ in {
extraConfig = builtins.readFile ./neovim/vimrc; extraConfig = builtins.readFile ./neovim/vimrc;
plugins = with pkgs; [ plugins = with pkgs;
# yaml-folds [
{ # yaml-folds
plugin = vimUtils.buildVimPlugin { {
name = "vim-yaml-folds"; plugin = vimUtils.buildVimPlugin {
src = fetchFromGitHub { name = "vim-yaml-folds";
owner = "pedrohdz"; src = fetchFromGitHub {
repo = "vim-yaml-folds"; owner = "pedrohdz";
rev = "890ccd8e5370808d569e96dbb06cbeca2cf5993a"; repo = "vim-yaml-folds";
sha256 = "018z6xcwrq58q6lj6gwhrifjaxkmrlkkg0n86s6mjjlwkbs2qa4m"; rev = "890ccd8e5370808d569e96dbb06cbeca2cf5993a";
sha256 = "018z6xcwrq58q6lj6gwhrifjaxkmrlkkg0n86s6mjjlwkbs2qa4m";
};
buildInputs = [ zip vim ];
}; };
buildInputs = [ zip vim ]; }
};
}
{ {
plugin = vimUtils.buildVimPlugin { plugin = vimUtils.buildVimPlugin {
name = "vim-yaml"; name = "vim-yaml";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "stephpy"; owner = "stephpy";
repo = "vim-yaml"; repo = "vim-yaml";
rev = "e97e063b16eba4e593d620676a0a15fa98613979"; rev = "e97e063b16eba4e593d620676a0a15fa98613979";
sha256 = "0vqahbrnr43lxanpziyrmzaqqb3cmyny8ry1xvmy2xyd1larzfrk"; sha256 = "0vqahbrnr43lxanpziyrmzaqqb3cmyny8ry1xvmy2xyd1larzfrk";
}; };
}; };
} }
# broken 2021-06-08 # broken 2021-06-08
# { # {
# plugin = vimUtils.buildVimPlugin { # plugin = vimUtils.buildVimPlugin {
# name = "vim-markdown-toc"; # name = "vim-markdown-toc";
# src = fetchFromGitHub { # src = fetchFromGitHub {
# owner = "mzlogin"; # owner = "mzlogin";
# repo = "vim-markdown-toc"; # repo = "vim-markdown-toc";
# rev = "b7bb6c37033d3a6c93906af48dc0e689bd948638"; # rev = "b7bb6c37033d3a6c93906af48dc0e689bd948638";
# sha256 = "026xf2gid4qivwawh7if3nfk7zja9di0flhdzdx82lvil9x48lyz"; # sha256 = "026xf2gid4qivwawh7if3nfk7zja9di0flhdzdx82lvil9x48lyz";
# }; # };
# }; # };
# } # }
# broken 2021-06-08 # broken 2021-06-08
# { # {
# plugin = vimUtils.buildVimPlugin { # plugin = vimUtils.buildVimPlugin {
# name = "vim-perl"; # name = "vim-perl";
# src = fetchFromGitHub { # src = fetchFromGitHub {
# owner = "vim-perl"; # owner = "vim-perl";
# repo = "vim-perl"; # repo = "vim-perl";
# rev = "f330b5d474c44e6cfae22ba50868093dea3e9adb"; # rev = "f330b5d474c44e6cfae22ba50868093dea3e9adb";
# sha256 = "1dy40ixgixj0536c5ggra51b4yd1lbw4j6l0j5zc3diasb7m2gvr"; # sha256 = "1dy40ixgixj0536c5ggra51b4yd1lbw4j6l0j5zc3diasb7m2gvr";
# }; # };
# }; # };
# } # }
{ {
plugin = vimUtils.buildVimPlugin { plugin = vimUtils.buildVimPlugin {
name = "git-blame"; name = "git-blame";
src = fetchFromGitHub { src = fetchFromGitHub {
"owner" = "zivyangll"; "owner" = "zivyangll";
"repo" = "git-blame.vim"; "repo" = "git-blame.vim";
"rev" = "9d144b7bed5d8f1c9259551768b7f3b3d1294917"; "rev" = "9d144b7bed5d8f1c9259551768b7f3b3d1294917";
"sha256" = "06zb5xcc59k25rpwl46j82fcqckiznmj97v6i0mwlb8jhqqrhy9j"; "sha256" = "06zb5xcc59k25rpwl46j82fcqckiznmj97v6i0mwlb8jhqqrhy9j";
}; };
}; };
} }
] ] ++ (with pkgs.vimPlugins; [
++ (with pkgs.vimPlugins; [ delimitMate
delimitMate vim-airline
vim-airline vim-airline-themes
vim-airline-themes ctrlp
ctrlp vim-css-color
vim-css-color rainbow_parentheses
rainbow_parentheses vim-colorschemes
vim-colorschemes vim-colorstepper
vim-colorstepper vim-signify
vim-signify fugitive
fugitive vim-indent-guides
vim-indent-guides UltiSnips
UltiSnips fzfWrapper
fzfWrapper
ncm2 ncm2
ncm2-bufword ncm2-bufword
ncm2-path ncm2-path
ncm2-tmux ncm2-tmux
ncm2-ultisnips ncm2-ultisnips
nvim-yarp nvim-yarp
LanguageClient-neovim LanguageClient-neovim
Improved-AnsiEsc Improved-AnsiEsc
tabular tabular
# Nix # Nix
vim-addon-nix tlib vim-addon-nix
vim-addon-vim2nix tlib
vim-addon-vim2nix
# LaTeX # LaTeX
vim-latex-live-preview vim-latex-live-preview
vimtex vimtex
# YAML # YAML
vim-yaml vim-yaml
# markdown # markdown
vim-markdown vim-markdown
vim-markdown-toc vim-markdown-toc
# misc syntax support # misc syntax support
vim-bazel maktaba vim-bazel
]) maktaba
; ]);
}; };
} }

20
nix/home-manager/programs/pass.nix
View file

@ -1,23 +1,15 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
home.sessionVariables = { home.sessionVariables = {
# required by pass-otp # required by pass-otp
PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions"; PASSWORD_STORE_EXTENSIONS_DIR =
"$HOME/.nix-profile/lib/password-store/extensions";
PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; PASSWORD_STORE_ENABLE_EXTENSIONS = "true";
}; };
programs.browserpass = {
enable = true;
};
home.packages = with pkgs; [ programs.browserpass = { enable = true; };
pass
qtpass home.packages = with pkgs; [ pass qtpass rofi-pass gnupg ];
rofi-pass
gnupg
];
} }

86
nix/home-manager/programs/podman.nix
View file

@ -1,50 +1,48 @@
{ pkgs { pkgs, ... }:
, ...
}:
let let
cniConfigDir = let cniConfigDir = let
loopback = pkgs.writeText "00-loopback.conf" '' loopback = pkgs.writeText "00-loopback.conf" ''
{ {
"cniVersion": "0.3.0", "cniVersion": "0.3.0",
"type": "loopback" "type": "loopback"
} }
'';
podman-bridge = pkgs.writeText "87-podman-bridge.conflist" ''
{
"cniVersion": "0.3.0",
"name": "podman",
"plugins": [
{
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "10.88.0.0/16",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
'';
in pkgs.runCommand "cniConfig" {} ''
set -x
mkdir $out;
ln -s ${loopback} $out/${loopback.name}
ln -s ${podman-bridge} $out/${podman-bridge.name}
''; '';
podman-bridge = pkgs.writeText "87-podman-bridge.conflist" ''
{
"cniVersion": "0.3.0",
"name": "podman",
"plugins": [
{
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "10.88.0.0/16",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
'';
in pkgs.runCommand "cniConfig" { } ''
set -x
mkdir $out;
ln -s ${loopback} $out/${loopback.name}
ln -s ${podman-bridge} $out/${podman-bridge.name}
'';
containersConf = pkgs.writeText "containers.conf" '' containersConf = pkgs.writeText "containers.conf" ''
# containers.conf is the default configuration file for all tools using libpod to # containers.conf is the default configuration file for all tools using libpod to
# manage containers # manage containers
@ -107,9 +105,7 @@ let
default_network = "podman" default_network = "podman"
''; '';
in { in {
home.packages = with pkgs; [ home.packages = with pkgs; [ podman ];
podman
];
home.file.".config/containers/containers.conf".source = containersConf; home.file.".config/containers/containers.conf".source = containersConf;

14
nix/home-manager/programs/vscode/default.nix
View file

@ -462,20 +462,16 @@ let
sha256 = "1jmmbz3i0hxq5ka4rsk07mynxh3pkh5g736d9ryv1czhnrb06lwf"; sha256 = "1jmmbz3i0hxq5ka4rsk07mynxh3pkh5g736d9ryv1czhnrb06lwf";
} }
]; ];
in
{ in {
programs.vscode = { programs.vscode = {
enable = true; enable = true;
extensions = [] extensions = [ ] ++ packagedExtensions
++ packagedExtensions # ++ marketPlaceExtensions
# ++ marketPlaceExtensions ;
;
}; };
home.packages = [ home.packages = [ pkgs.nixpkgs-fmt ];
pkgs.nixpkgs-fmt
];
} }
# TODO: automate # TODO: automate

63
nix/home-manager/programs/zsh.nix
View file

@ -3,37 +3,36 @@
{ ... }: { ... }:
let let
just-plugin = just-plugin = let
let plugin_file = pkgs.writeText "_just" ''
plugin_file = pkgs.writeText "_just" '' #compdef just
#compdef just #autload
#autload
alias justl="\just --list" alias justl="\just --list"
alias juste="\just --evaluate" alias juste="\just --evaluate"
local subcmds=() local subcmds=()
while read -r line ; do while read -r line ; do
if [[ ! $line == Available* ]] ; if [[ ! $line == Available* ]] ;
then then
subcmds+=(''${line/[[:space:]]*\#/:}) subcmds+=(''${line/[[:space:]]*\#/:})
fi fi
done < <(just --list) done < <(just --list)
_describe 'command' subcmds _describe 'command' subcmds
''; '';
in pkgs.stdenv.mkDerivation { in pkgs.stdenv.mkDerivation {
name = "just-completions"; name = "just-completions";
version = "0.1.0"; version = "0.1.0";
phases = "installPhase"; phases = "installPhase";
installPhase = '' installPhase = ''
PLUGIN_PATH=$out/share/oh-my-zsh/plugins/just PLUGIN_PATH=$out/share/oh-my-zsh/plugins/just
mkdir -p $PLUGIN_PATH mkdir -p $PLUGIN_PATH
cp ${plugin_file} $PLUGIN_PATH/_just cp ${plugin_file} $PLUGIN_PATH/_just
chmod --recursive a-w $out chmod --recursive a-w $out
''; '';
}; };
in { in {
@ -43,8 +42,7 @@ in {
# will be called again by oh-my-zsh # will be called again by oh-my-zsh
enableCompletion = false; enableCompletion = false;
enableAutosuggestions = true; enableAutosuggestions = true;
initExtra = let initExtra = let inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")'';
inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")'';
in '' in ''
PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}%f.%F{red} ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f ' PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}%f.%F{red} ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f '
RPROMPT="" RPROMPT=""
@ -59,8 +57,8 @@ in {
${if builtins.hasAttr "homeshick" pkgs then '' ${if builtins.hasAttr "homeshick" pkgs then ''
source ${pkgs.homeshick}/homeshick.sh source ${pkgs.homeshick}/homeshick.sh
fpath=(${pkgs.homeshick}/completions $fpath) fpath=(${pkgs.homeshick}/completions $fpath)
'' else '' '' else
''} ""}
# Disable intercepting of ctrl-s and ctrl-q as flow control. # Disable intercepting of ctrl-s and ctrl-q as flow control.
stty stop ''' -ixoff -ixon stty stop ''' -ixoff -ixon
@ -117,10 +115,7 @@ in {
oh-my-zsh = { oh-my-zsh = {
enable = true; enable = true;
theme = "tjkirch"; theme = "tjkirch";
plugins = [ plugins = [ "git" "sudo" ];
"git"
"sudo"
];
}; };
}; };
} }

7
nix/ops/nano/configuration.nix
View file

@ -5,10 +5,9 @@
{ n, pkgs, ... }: { n, pkgs, ... }:
{ {
imports = imports = [ # Include the results of the hardware scan.
[ # Include the results of the hardware scan. ./hardware-configuration.nix
./hardware-configuration.nix ];
];
# Use the GRUB 2 boot loader. # Use the GRUB 2 boot loader.
boot.loader.grub.enable = true; boot.loader.grub.enable = true;

15
nix/ops/nano/hardware-configuration.nix
View file

@ -4,18 +4,17 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.availableKernelModules =
[ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/e02a410e-5044-440f-90e9-b573e51f1315"; device = "/dev/disk/by-uuid/e02a410e-5044-440f-90e9-b573e51f1315";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = [ ]; swapDevices = [ ];

31
nix/ops/nanos@kn.nix
View file

@ -1,26 +1,25 @@
{ nixpkgs ? import <nixpkgs> {} { nixpkgs ? import <nixpkgs> { }, nrNanos ? 1 # Number of nanos
, nrNanos ? 1 # Number of nanos
}: }:
let let
pkgs = nixpkgs; pkgs = nixpkgs;
webserver = { services.httpd.enable = true; webserver = {
services.httpd.adminAddr = "mail@stefanjunker.de"; services.httpd.enable = true;
services.httpd.documentRoot = "${pkgs.nixops}/share/doc/nixops/"; services.httpd.adminAddr = "mail@stefanjunker.de";
networking.firewall.allowedTCPPorts = [ 80 ]; services.httpd.documentRoot = "${pkgs.nixops}/share/doc/nixops/";
networking.firewall.allowedTCPPorts = [ 80 ];
}; };
mkNano = { n }: { mkNano = { n }: {
imports = [ imports = [
(import ./nano/configuration.nix {inherit pkgs n;}) (import ./nano/configuration.nix { inherit pkgs n; })
../configuration/common/user/root.nix ../configuration/common/user/root.nix
]; ];
deployment.targetEnv = "none"; deployment.targetEnv = "none";
deployment.targetHost = "nano${toString n}"; deployment.targetHost = "nano${toString n}";
}; };
mkNanos = n: nixpkgs.lib.nameValuePair "nano${toString n}" ( mkNanos = n:
mkNano { inherit n; } nixpkgs.lib.nameValuePair "nano${toString n}" (mkNano { inherit n; });
);
in nixpkgs.lib.listToAttrs (map mkNanos (nixpkgs.lib.range 0 (nrNanos - 1))) in nixpkgs.lib.listToAttrs (map mkNanos (nixpkgs.lib.range 0 (nrNanos - 1)))

65
nix/os/containers/backup-target.nix
View file

@ -1,20 +1,15 @@
{ hostAddress { hostAddress, localAddress, containerBackupCfg
, localAddress , sshPort ? containerBackupCfg.portInt }: {
, containerBackupCfg
, sshPort ? containerBackupCfg.portInt
}: {
config = { config, pkgs, lib, ... }: { config = { config, pkgs, lib, ... }: {
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
imports = [ imports = [ ../profiles/containers/configuration.nix ];
../profiles/containers/configuration.nix
];
networking.firewall.enable = false; networking.firewall.enable = false;
services.ddclientovh = { services.ddclientovh = {
enable = true; enable = true;
domain = containerBackupCfg.addr; domain = containerBackupCfg.addr;
}; };
services.openssh.enable = true; services.openssh.enable = true;
@ -28,26 +23,34 @@
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNI3H0BRSYOZ/MbTs9J80doJwSd1HymFOP5quNt0J48vxZ5FPVrT2FHpQiNrCcYbCKRsU4X8AiGUHiXC0PapQQ3JDkqp6WZoqBNDx6BI7RadyH1TqVQPlou3pQmCAogzfBInruR53YTDmQqXiPwfM0okPOXgiBNjDfZXOX4+CyUfkmZZwASoicTInqWGkn1sFnh4tyXIkgWflg0njlVmfkVvH71+evvKLYHtoNpVXazkQ0SXbyuW5f3mSta7TNkpC3HbBm+4n+WxYGySrlRLWQhTo+aoWUKk9h5zvECDNpwRtbqzt+bA9nKrdg180ceu8hruwvWNiC6PPA2GW9Z1+VKROviGu1C3dliE/pPCBtK+ZoRVv2CGE+pmAuQsB9Nif9tk5tY6HJhuLNxKYiMfQkiLsDYv6KdZXUIVK/4BIDkZuQNnjhdOQBLnea0ANOhutA9gnjxnsd3UT6ovfazg5gud7n3u4yBtzjTkRrqWZ63eM1NmUVOgMWHQ715pV+hJfOFGqzRBEe3g/p3bWNgpROBYJbG1H8l9DN7emG4FGWsb1HeNFwQ5lS0Zsezb7qzahr4vSmHNugVw7w8ONt5dPbPI9wQnWvkkuHH76P/NYy6OC6lHrN1rXyA1okqdPr06YAZnCot+Pqdgn/ijxgp06J3dtkhin+Q7PoQbGff3ERIw== bkp" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNI3H0BRSYOZ/MbTs9J80doJwSd1HymFOP5quNt0J48vxZ5FPVrT2FHpQiNrCcYbCKRsU4X8AiGUHiXC0PapQQ3JDkqp6WZoqBNDx6BI7RadyH1TqVQPlou3pQmCAogzfBInruR53YTDmQqXiPwfM0okPOXgiBNjDfZXOX4+CyUfkmZZwASoicTInqWGkn1sFnh4tyXIkgWflg0njlVmfkVvH71+evvKLYHtoNpVXazkQ0SXbyuW5f3mSta7TNkpC3HbBm+4n+WxYGySrlRLWQhTo+aoWUKk9h5zvECDNpwRtbqzt+bA9nKrdg180ceu8hruwvWNiC6PPA2GW9Z1+VKROviGu1C3dliE/pPCBtK+ZoRVv2CGE+pmAuQsB9Nif9tk5tY6HJhuLNxKYiMfQkiLsDYv6KdZXUIVK/4BIDkZuQNnjhdOQBLnea0ANOhutA9gnjxnsd3UT6ovfazg5gud7n3u4yBtzjTkRrqWZ63eM1NmUVOgMWHQ715pV+hJfOFGqzRBEe3g/p3bWNgpROBYJbG1H8l9DN7emG4FGWsb1HeNFwQ5lS0Zsezb7qzahr4vSmHNugVw7w8ONt5dPbPI9wQnWvkkuHH76P/NYy6OC6lHrN1rXyA1okqdPr06YAZnCot+Pqdgn/ijxgp06J3dtkhin+Q7PoQbGff3ERIw== bkp"
]; ];
packages = with pkgs; [ packages = with pkgs;
btrfsProgs [
# btrbk btrfsProgs
]; # btrbk
];
isSystemUser = true; isSystemUser = true;
}; };
security.sudo = { security.sudo = {
enable = true; enable = true;
extraRules = [ extraRules = [{
{ users = [ "bkp" ];
users = [ "bkp" ]; commands = [
commands = [ {
{ command = "/etc/profiles/per-user/bkp/bin/btrfs"; options = [ "NOPASSWD" ]; } command = "/etc/profiles/per-user/bkp/bin/btrfs";
{ command = "/run/current-system/sw/bin/readlink"; options = [ "NOPASSWD" ]; } options = [ "NOPASSWD" ];
{ command = "/run/current-system/sw/bin/test"; options = [ "NOPASSWD" ]; } }
]; {
} command = "/run/current-system/sw/bin/readlink";
]; options = [ "NOPASSWD" ];
}
{
command = "/run/current-system/sw/bin/test";
options = [ "NOPASSWD" ];
}
];
}];
}; };
}; };
@ -61,14 +64,12 @@
}; };
privateNetwork = true; privateNetwork = true;
forwardPorts = [ forwardPorts = [{
{ # ssh
# ssh containerPort = 22;
containerPort = 22; hostPort = sshPort;
hostPort = sshPort; protocol = "tcp";
protocol = "tcp"; }];
}
];
inherit hostAddress localAddress; inherit hostAddress localAddress;
} }

57
nix/os/containers/backup.nix
View file

@ -1,9 +1,4 @@
{ config { config, hostAddress, localAddress, subvolumes, targetPathSuffix ? "" }:
, hostAddress
, localAddress
, subvolumes
, targetPathSuffix ? ""
}:
let let
passwords = import ../../variables/passwords.crypt.nix; passwords = import ../../variables/passwords.crypt.nix;
@ -13,14 +8,9 @@ in {
config = { pkgs, ... }: { config = { pkgs, ... }: {
system.stateVersion = "20.03"; # Did you read the comment? system.stateVersion = "20.03"; # Did you read the comment?
imports = [ imports = [ ../profiles/containers/configuration.nix ];
../profiles/containers/configuration.nix
];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ btrfs-progs btrbk ];
btrfs-progs
btrbk
];
networking.firewall.enable = true; networking.firewall.enable = true;
@ -28,17 +18,11 @@ in {
enable = true; enable = true;
description = "bkp-sync service"; description = "bkp-sync service";
serviceConfig = { serviceConfig = { Type = "oneshot"; };
Type = "oneshot";
};
after = [ after = [ "bkp-run.service" ];
"bkp-run.service"
];
requires = [ requires = [ "bkp-run.service" ];
"bkp-run.service"
];
path = with pkgs; [ utillinux ]; path = with pkgs; [ utillinux ];
script = '' script = ''
@ -51,17 +35,13 @@ in {
enable = true; enable = true;
description = "bkp-run"; description = "bkp-run";
serviceConfig = { serviceConfig = { Type = "oneshot"; };
Type = "oneshot";
};
partOf = [ partOf = [ "bkp-sync.service" ];
"bkp-sync.service"
];
path = with pkgs; [ btrfs-progs btrbk coreutils ]; path = with pkgs; [ btrfs-progs btrbk coreutils ];
script = let script = let
btrbkConf = pkgs.writeText "cfg" '' btrbkConf = pkgs.writeText "cfg" ''
timestamp_format long timestamp_format long
ssh_identity ${passwords.storage.backupTarget.keyPath} ssh_identity ${passwords.storage.backupTarget.keyPath}
@ -78,7 +58,8 @@ in {
volume ${subvolumeParentDir} volume ${subvolumeParentDir}
target ${passwords.storage.backupTarget.target}/container-volumes/${targetPathSuffix} target ${passwords.storage.backupTarget.target}/container-volumes/${targetPathSuffix}
${builtins.foldl' (sum: elem: sum + " subvolume " + elem + "\n") "" subvolumes} ${builtins.foldl' (sum: elem: sum + " subvolume " + elem + "\n") ""
subvolumes}
''; '';
in '' in ''
#! ${pkgs.bash}/bin/bash #! ${pkgs.bash}/bin/bash
@ -95,10 +76,10 @@ in {
timerConfig = { timerConfig = {
# Obtained using `systemd-analyze calendar "Wed 23:00"` # Obtained using `systemd-analyze calendar "Wed 23:00"`
# OnCalendar = "Wed *-*-* 23:00:00"; # OnCalendar = "Wed *-*-* 23:00:00";
OnStartupSec="1m"; OnStartupSec = "1m";
Unit = "bkp-sync.service"; Unit = "bkp-sync.service";
OnUnitInactiveSec="2h"; OnUnitInactiveSec = "2h";
Persistent="true"; Persistent = "true";
}; };
}; };
}; };
@ -122,13 +103,13 @@ in {
}; };
}; };
allowedDevices = [ allowedDevices = [{
{ node = "/dev/fuse"; modifier = "rw"; } node = "/dev/fuse";
]; modifier = "rw";
}];
privateNetwork = true; privateNetwork = true;
forwardPorts = [ forwardPorts = [ ];
];
inherit hostAddress localAddress; inherit hostAddress localAddress;
} }

104
nix/os/containers/mailserver.nix
View file

@ -1,28 +1,20 @@
{ hostAddress { hostAddress, localAddress, imapsPort ? 993, sievePort ? 4190 }:
, localAddress
, imapsPort ? 993
, sievePort ? 4190
}:
let let passwords = import ../../variables/passwords.crypt.nix;
passwords = import ../../variables/passwords.crypt.nix;
in in {
{
config = { pkgs, ... }: { config = { pkgs, ... }: {
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
imports = [ imports =
../profiles/containers/configuration.nix [ ../profiles/containers/configuration.nix ../profiles/common/user.nix ];
../profiles/common/user.nix
];
networking.firewall.enable = false; networking.firewall.enable = false;
services.ddclientovh = { services.ddclientovh = {
enable = true; enable = true;
domain = "mailserver.svc.stefanjunker.de"; domain = "mailserver.svc.stefanjunker.de";
}; };
services.dovecot2 = { services.dovecot2 = {
@ -43,7 +35,7 @@ in
extraConfig = '' extraConfig = ''
auth_mechanisms = cram-md5 digest-md5 auth_mechanisms = cram-md5 digest-md5
auth_verbose = yes auth_verbose = yes
passdb { passdb {
driver = passwd-file driver = passwd-file
args = scheme=CRYPT username_format=%u /etc/dovecot/users args = scheme=CRYPT username_format=%u /etc/dovecot/users
@ -75,26 +67,26 @@ in
description = "Getmail service"; description = "Getmail service";
path = [ pkgs.getmail6 ]; path = [ pkgs.getmail6 ];
script = let script = let
rc = pkgs.writeText "mailATstefanjunker.de.getmail.rc" '' rc = pkgs.writeText "mailATstefanjunker.de.getmail.rc" ''
[options] [options]
verbose = 1 verbose = 1
read_all = 0 read_all = 0
delete_after = 30 delete_after = 30
[retriever] [retriever]
type = SimpleIMAPSSLRetriever type = SimpleIMAPSSLRetriever
server = ssl0.ovh.net server = ssl0.ovh.net
port = 993 port = 993
username = mail@stefanjunker.de username = mail@stefanjunker.de
password = ${passwords.email.mailStefanjunkerDe} password = ${passwords.email.mailStefanjunkerDe}
mailboxes = ('INBOX',) mailboxes = ('INBOX',)
[destination] [destination]
type = MDA_external type = MDA_external
path = ${pkgs.dovecot}/libexec/dovecot/dovecot-lda path = ${pkgs.dovecot}/libexec/dovecot/dovecot-lda
''; '';
in '' in ''
getmail --rcfile=${rc} --idle=INBOX getmail --rcfile=${rc} --idle=INBOX
''; '';
}; };
@ -108,45 +100,45 @@ in
serviceConfig.RestartSec = 1000; serviceConfig.RestartSec = 1000;
serviceConfig.Restart = "always"; serviceConfig.Restart = "always";
script = let script = let
rc = pkgs.writeText "schtifATweb.de.getmail.rc" '' rc = pkgs.writeText "schtifATweb.de.getmail.rc" ''
[options] [options]
verbose = 1 verbose = 1
read_all = 0 read_all = 0
delete_after = 30 delete_after = 30
[retriever] [retriever]
type = SimpleIMAPSSLRetriever type = SimpleIMAPSSLRetriever
server = imap.web.de server = imap.web.de
port = 993 port = 993
username = schtif username = schtif
password = ${passwords.email.schtifATwebDe} password = ${passwords.email.schtifATwebDe}
mailboxes = ('INBOX',) mailboxes = ('INBOX',)
[destination] [destination]
type = Maildir type = Maildir
path = ~/.maildir/ path = ~/.maildir/
''; '';
in '' in ''
getmail --rcfile=${rc} getmail --rcfile=${rc}
''; '';
};
}; };
};
autoStart = true; autoStart = true;
bindMounts = { bindMounts = {
"/etc/secrets/" = { "/etc/secrets/" = {
hostPath = "/var/lib/container-volumes/mailserver/etc-secrets"; hostPath = "/var/lib/container-volumes/mailserver/etc-secrets";
isReadOnly = false; isReadOnly = false;
}; };
"/home" = { "/home" = {
hostPath = "/var/lib/container-volumes/mailserver/home"; hostPath = "/var/lib/container-volumes/mailserver/home";
isReadOnly = false; isReadOnly = false;
}; };
}; };
privateNetwork = true ; privateNetwork = true;
forwardPorts = [ forwardPorts = [
{ {
# imaps # imaps

11
nix/os/containers/syncthing.nix
View file

@ -1,17 +1,12 @@
{ hostAddress { hostAddress, localAddress, syncthingPort ? 22000
, localAddress , syncthingLocalAnnouncePort ? 21027 }:
, syncthingPort ? 22000
, syncthingLocalAnnouncePort ? 21027
}:
{ {
config = { config, pkgs, ... }: { config = { config, pkgs, ... }: {
system.stateVersion = "20.05"; # Did you read the comment? system.stateVersion = "20.05"; # Did you read the comment?
imports = [ imports = [ ../profiles/containers/configuration.nix ];
../profiles/containers/configuration.nix
];
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [

37
nix/os/containers/webserver.nix
View file

@ -1,25 +1,17 @@
{ hostAddress { hostAddress, localAddress, httpPort ? 80, httpsPort ? 443 }:
, localAddress
, httpPort ? 80
, httpsPort ? 443
}:
let let passwords = import ../../variables/passwords.crypt.nix;
passwords = import ../../variables/passwords.crypt.nix; in {
in
{
config = { config, pkgs, lib, ... }: { config = { config, pkgs, lib, ... }: {
system.stateVersion = "22.05"; # Did you read the comment? system.stateVersion = "22.05"; # Did you read the comment?
imports = [ imports = [ ../profiles/containers/configuration.nix ];
../profiles/containers/configuration.nix
];
networking.firewall.enable = false; networking.firewall.enable = false;
services.ddclientovh = { services.ddclientovh = {
enable = true; enable = true;
domain = "www.stefanjunker.de"; domain = "www.stefanjunker.de";
}; };
security.acme = { security.acme = {
@ -58,20 +50,16 @@ in
# sslCertificate = "/etc/secrets/stefanjunker.de/nginx/nginx.crt"; # sslCertificate = "/etc/secrets/stefanjunker.de/nginx/nginx.crt";
# sslCertificateKey = "/etc/secrets/stefanjunker.de/nginx/nginx.key"; # sslCertificateKey = "/etc/secrets/stefanjunker.de/nginx/nginx.key";
locations."/fi" = { locations."/fi" = { index = "index.php"; };
index = "index.php";
};
locations."~ ^(.+\.php)(.*)$".extraConfig = '' locations."~ ^(.+.php)(.*)$".extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket}; fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket};
fastcgi_index index.php; fastcgi_index index.php;
''; '';
locations."/hedgedoc/" = { locations."/hedgedoc/" = { proxyPass = "http://127.0.0.1:3000/"; };
proxyPass = "http://127.0.0.1:3000/";
};
locations."/hedgedoc/socket.io/" = { locations."/hedgedoc/socket.io/" = {
proxyPass = "http://127.0.0.1:3000/socket.io/"; proxyPass = "http://127.0.0.1:3000/socket.io/";
@ -92,15 +80,14 @@ in
"pm.max_spare_servers" = 3; "pm.max_spare_servers" = 3;
"pm.max_requests" = 500; "pm.max_requests" = 500;
"php_admin_value[error_reporting]" = "E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED"; "php_admin_value[error_reporting]" =
"E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED";
}; };
}; };
# the custom php5 we're using here has no fpm-systemd, so the default `Type = "notify"` won't work # the custom php5 we're using here has no fpm-systemd, so the default `Type = "notify"` won't work
systemd.services."phpfpm-mypool" = { systemd.services."phpfpm-mypool" = {
serviceConfig = { serviceConfig = { Type = lib.mkForce "simple"; };
Type = lib.mkForce "simple";
};
}; };
services.mysql = { services.mysql = {

4
nix/os/devices/167.233.1.14/boot.nix
View file

@ -1,6 +1,4 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiSupport = lib.mkForce false; boot.loader.grub.efiSupport = lib.mkForce false;

3
nix/os/devices/167.233.1.14/configuration.nix
View file

@ -1,8 +1,7 @@
{ ... }: { ... }:
{ {
disabledModules = [ disabledModules = [ ];
];
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix

15
nix/os/devices/167.233.1.14/hw.nix
View file

@ -1,7 +1,7 @@
{ ... }: { ... }:
let let
stage1Modules = [ stage1Modules = [
"virtio_balloon" "virtio_balloon"
"virtio_scsi" "virtio_scsi"
"virtio_net" "virtio_net"
@ -18,8 +18,7 @@ let
"ata_generic" "ata_generic"
]; ];
in in {
{
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/354fb107-2f4a-42ad-80dd-9dddb61bfd02"; device = "/dev/disk/by-uuid/354fb107-2f4a-42ad-80dd-9dddb61bfd02";
fsType = "ext4"; fsType = "ext4";
@ -39,14 +38,12 @@ in
neededForBoot = true; neededForBoot = true;
}; };
swapDevices = [ { device = "/dev/disk/by-uuid/d16b5f4a-f38c-41c6-8aae-1625be815f9d"; } ]; swapDevices =
[{ device = "/dev/disk/by-uuid/d16b5f4a-f38c-41c6-8aae-1625be815f9d"; }];
boot.loader.grub = { boot.loader.grub = { device = "/dev/vda"; };
device = "/dev/vda";
};
boot.initrd.availableKernelModules = stage1Modules; boot.initrd.availableKernelModules = stage1Modules;
boot.initrd.kernelModules = stage1Modules; boot.initrd.kernelModules = stage1Modules;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

49
nix/os/devices/167.233.1.14/pkg.nix
View file

@ -1,30 +1,29 @@
{ config { config, pkgs, lib, ... }:
, pkgs
, lib
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
}; nixPath = (import ../../../default.nix {
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { versionsPath = ./versions.nix;
inherit pkgs; }).nixPath;
extraPackages = [ };
# required by vscode's remote-ssh plugin home-manager.users.steveej =
pkgs.nodejs import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs;
extraPackages = [
# required by vscode's remote-ssh plugin
pkgs.nodejs
# allow clipboard exchanges # allow clipboard exchanges
pkgs.xsel pkgs.xsel
pkgs.xclip pkgs.xclip
]; ];
}; };
nix.buildMachines = [ nix.buildMachines = [{
{ hostName = "localhost"; hostName = "localhost";
system = "x86_64-linux"; system = "x86_64-linux";
supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
maxJobs = 4; maxJobs = 4;
} }];
];
} }

44
nix/os/devices/167.233.1.14/system.nix
View file

@ -1,15 +1,9 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let keys = import ../../../variables/keys.nix;
keys = import ../../../variables/keys.nix;
in { in {
nix.binaryCaches = [ nix.binaryCaches = [ "https://cache.holo.host" ];
"https://cache.holo.host"
];
nix.binaryCachePublicKeys = [ nix.binaryCachePublicKeys = [
"cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE="
@ -32,11 +26,11 @@ in {
networking.interfaces.eth0 = { networking.interfaces.eth0 = {
mtu = 1400; mtu = 1400;
useDHCP = false; useDHCP = false;
ipv4.addresses = [ ipv4.addresses = [{
{ "address" = "167.233.1.14"; "prefixLength" = 29; } "address" = "167.233.1.14";
]; "prefixLength" = 29;
ipv6.addresses = [ }];
]; ipv6.addresses = [ ];
}; };
networking.defaultGateway = { networking.defaultGateway = {
@ -49,9 +43,7 @@ in {
interface = "eth0"; interface = "eth0";
}; };
networking.nameservers = [ networking.nameservers = [ "1.1.1.1" ];
"1.1.1.1"
];
networking.nat = { networking.nat = {
enable = true; enable = true;
@ -63,9 +55,7 @@ in {
# services.kubernetes.roles = ["master" "node"]; # services.kubernetes.roles = ["master" "node"];
# virtualization # virtualization
virtualisation = { virtualisation = { docker.enable = true; };
docker.enable = true;
};
services.spice-vdagentd.enable = true; services.spice-vdagentd.enable = true;
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
@ -79,25 +69,21 @@ in {
''; '';
}; };
systemd.services.sshd.serviceConfig = { systemd.services.sshd.serviceConfig = { TasksMax = 32; };
TasksMax = 32;
};
systemd.timers."sshd-status" = { systemd.timers."sshd-status" = {
description = "Timer to trigger sshd-status periodically"; description = "Timer to trigger sshd-status periodically";
enable = true; enable = true;
wantedBy = [ "timer.target" "multi-user.target" ]; wantedBy = [ "timer.target" "multi-user.target" ];
timerConfig = { timerConfig = {
OnActiveSec="360s"; OnActiveSec = "360s";
OnUnitActiveSec="360s"; OnUnitActiveSec = "360s";
AccuracySec="1s"; AccuracySec = "1s";
Unit = "sshd-status.service"; Unit = "sshd-status.service";
}; };
}; };
nix.gc = { nix.gc = { automatic = true; };
automatic = true;
};
networking.useHostResolvConf = true; networking.useHostResolvConf = true;

3
nix/os/devices/167.233.1.14/versions.nix
View file

@ -4,9 +4,8 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "e34c5379866833f41e2a36f309912fa675d687c7"; rev = "e34c5379866833f41e2a36f309912fa675d687c7";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-21.05" = { "channels-nixos-21.05" = {

35
nix/os/devices/167.233.1.14/versions.tmpl.nix
View file

@ -2,46 +2,61 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-21.05" = { "channels-nixos-21.05" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.05"; ref = "nixos-21.05";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-20.09" = { "channels-nixos-20.09" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-20.09"; ref = "nixos-20.09";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-20.03" = { "channels-nixos-20.03" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-20.03"; ref = "nixos-20.03";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.03 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.03 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-19.09" = { "channels-nixos-19.09" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-19.09"; ref = "nixos-19.09";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-19.09 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-19.09 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-21.05"; ref = "release-21.05";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-21.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

61
nix/os/devices/default.nix
View file

@ -1,45 +1,35 @@
{ dir { dir, pkgs ? import <channels-nixos-stable> { }
, pkgs ? import <channels-nixos-stable> {} , ownLib ? import ../lib/default.nix { }, gitRoot ?
, ownLib ? import ../lib/default.nix { } "$(git rev-parse --show-toplevel)"
, gitRoot ? "$(git rev-parse --show-toplevel)"
# FIXME: why do these need explicit mentioning? # FIXME: why do these need explicit mentioning?
, moreargs ? "" , moreargs ? "", rebuildarg ? "", ... }@args:
, rebuildarg ? ""
, ...
} @ args :
let let
rebuildargsSudo = [ "switch" "boot" ]; rebuildargsSudo = [ "switch" "boot" ];
rebuild = { rebuild = { gitRoot, rebuildarg ? "dry-activate", moreargs ? ""
gitRoot
, rebuildarg ? "dry-activate"
, moreargs ? ""
, ... , ... }:
}: pkgs.writeScript "script" '' pkgs.writeScript "script" ''
#!/usr/bin/env bash #!/usr/bin/env bash
set -xe set -xe
pushd ${gitRoot}/${dir} pushd ${gitRoot}/${dir}
export NIXOS_CONFIG="$PWD"/configuration.nix export NIXOS_CONFIG="$PWD"/configuration.nix
[[ -e "''${NIXOS_CONFIG}" ]] [[ -e "''${NIXOS_CONFIG}" ]]
if test -L result; then if test -L result; then
rm result rm result
fi fi
${if (builtins.elem rebuildarg rebuildargsSudo) ${if (builtins.elem rebuildarg rebuildargsSudo)
&& (builtins.match ".*--target-host.*" moreargs) == null && (builtins.match ".*--target-host.*" moreargs) == null then
then
"sudo -E \\" "sudo -E \\"
else else
"" ""}
} nixos-rebuild --show-trace -I nixos-config=''${NIXOS_CONFIG} ${rebuildarg} ${moreargs}
nixos-rebuild --show-trace -I nixos-config=''${NIXOS_CONFIG} ${rebuildarg} ${moreargs} '';
'';
in { in {
recipes = { recipes = {
@ -48,9 +38,8 @@ in {
inherit moreargs; inherit moreargs;
inherit rebuildarg; inherit rebuildarg;
} }
# // pkgs.lib.attrsets.optionalAttrs (moreargs != "") { inherit moreargs; } # // pkgs.lib.attrsets.optionalAttrs (moreargs != "") { inherit moreargs; }
# // pkgs.lib.attrsets.optionalAttrs (rebuildarg != "") { inherit rebuildarg; } # // pkgs.lib.attrsets.optionalAttrs (rebuildarg != "") { inherit rebuildarg; }
; ;
} // (import ./disk.nix (args // { inherit pkgs ownLib gitRoot; })) } // (import ./disk.nix (args // { inherit pkgs ownLib gitRoot; }));
;
} }

60
nix/os/devices/disk.nix
View file

@ -1,16 +1,12 @@
{ pkgs { pkgs, ownLib, dir, gitRoot, diskId ?
, ownLib (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix")
, dir { }).hardware.opinionatedDisk.diskId, encrypted ?
, gitRoot (import ((builtins.getEnv "PWD") + "/${dir}/hw.nix")
, diskId ? (import ((builtins.getEnv "PWD")+"/${dir}/hw.nix") {}).hardware.opinionatedDisk.diskId { }).hardware.opinionatedDisk.encrypted, previousDiskId ? ""
, encrypted ? (import ((builtins.getEnv "PWD")+"/${dir}/hw.nix") {}).hardware.opinionatedDisk.encrypted
, previousDiskId ? ""
, ... , ... }:
}:
let let mntRootVol = "/mnt/${diskId}-root";
mntRootVol="/mnt/${diskId}-root";
in rec { in rec {
diskMount = pkgs.writeScript "script" '' diskMount = pkgs.writeScript "script" ''
@ -18,14 +14,18 @@ in rec {
set -xe set -xe
echo Mounting ${diskId} echo Mounting ${diskId}
${pkgs.lib.strings.optionalString encrypted '' ${pkgs.lib.strings.optionalString encrypted ''
sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${ownLib.disk.luksName diskId} sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${
ownLib.disk.luksName diskId
}
''} ''}
sleep 1 sleep 1
sudo vgchange -ay ${ownLib.disk.volumeGroup diskId} sudo vgchange -ay ${ownLib.disk.volumeGroup diskId}
sudo mkdir -p /mnt sudo mkdir -p /mnt
sudo mkdir ${mntRootVol} sudo mkdir ${mntRootVol}
sudo mount ${ownLib.disk.rootFsDevice diskId} ${mntRootVol} sudo mount ${ownLib.disk.rootFsDevice diskId} ${mntRootVol}
sudo mount ${ownLib.disk.rootFsDevice diskId} ${mntRootVol}/nixos/home -o subvol=home sudo mount ${
ownLib.disk.rootFsDevice diskId
} ${mntRootVol}/nixos/home -o subvol=home
sudo mount ${ownLib.disk.bootFsDevice diskId} ${mntRootVol}/nixos/boot sudo mount ${ownLib.disk.bootFsDevice diskId} ${mntRootVol}/nixos/boot
''; '';
@ -62,7 +62,9 @@ in rec {
#!/usr/bin/env bash #!/usr/bin/env bash
set -xe set -xe
read -p "Continue to format ${ownLib.disk.bootGrubDevice diskId} (YES/n)? " choice read -p "Continue to format ${
ownLib.disk.bootGrubDevice diskId
} (YES/n)? " choice
case "$choice" in case "$choice" in
YES ) echo "Continuing in 3 seconds..."; sleep 3;; YES ) echo "Continuing in 3 seconds..."; sleep 3;;
n|N ) echo "Exiting..."; exit 0;; n|N ) echo "Exiting..."; exit 0;;
@ -76,16 +78,16 @@ in rec {
g g
n n
1 1
+1M +1M
n n
2 2
+512M +512M
n n
3 3
t t
1 1
4 4
@ -109,11 +111,15 @@ in rec {
${pkgs.lib.strings.optionalString encrypted '' ${pkgs.lib.strings.optionalString encrypted ''
# Encrypt # Encrypt
sudo cryptsetup luksFormat ${ownLib.disk.bootLuksDevice diskId} - sudo cryptsetup luksFormat ${ownLib.disk.bootLuksDevice diskId} -
sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${ownLib.disk.luksName diskId} sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${
ownLib.disk.luksName diskId
}
''} ''}
# LVM # LVM
sudo vgcreate ${ownLib.disk.volumeGroup diskId} ${ownLib.disk.lvmPv diskId encrypted} sudo vgcreate ${ownLib.disk.volumeGroup diskId} ${
ownLib.disk.lvmPv diskId encrypted
}
sudo lvcreate ${ownLib.disk.volumeGroup diskId} -L 2G -n swap sudo lvcreate ${ownLib.disk.volumeGroup diskId} -L 2G -n swap
sudo lvcreate ${ownLib.disk.volumeGroup diskId} -l 100%FREE -n root sudo lvcreate ${ownLib.disk.volumeGroup diskId} -l 100%FREE -n root
@ -137,7 +143,9 @@ in rec {
#!/usr/bin/env bash #!/usr/bin/env bash
set -xe set -xe
read -p "Continue to relabel ${ownLib.disk.bootGrubDevice diskId} (YES/n)?" choice read -p "Continue to relabel ${
ownLib.disk.bootGrubDevice diskId
} (YES/n)?" choice
case "$choice" in case "$choice" in
YES ) echo "Continuing in 3 seconds..."; sleep 3;; YES ) echo "Continuing in 3 seconds..."; sleep 3;;
n|N ) echo "Exiting..."; exit 0;; n|N ) echo "Exiting..."; exit 0;;
@ -168,9 +176,13 @@ in rec {
if test "${previousDiskId}"; then if test "${previousDiskId}"; then
${pkgs.lib.strings.optionalString encrypted '' ${
sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${ownLib.disk.luksName diskId} pkgs.lib.strings.optionalString encrypted ''
''} sudo cryptsetup luksOpen ${ownLib.disk.bootLuksDevice diskId} ${
ownLib.disk.luksName diskId
}
''
}
sync sync
sleep 1 sleep 1
if sudo vgs ${previousDiskId}; then if sudo vgs ${previousDiskId}; then

6
nix/os/devices/elias-e525/boot.nix
View file

@ -1,8 +1,6 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
} }

3
nix/os/devices/elias-e525/hw.nix
View file

@ -9,6 +9,5 @@
}; };
# boot.initrd.availableKernelModules = stage1Modules; # boot.initrd.availableKernelModules = stage1Modules;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

73
nix/os/devices/elias-e525/pkg.nix
View file

@ -1,45 +1,41 @@
{ pkgs { pkgs, lib, ... }:
, lib
, ...
}:
let let
homeEnv = keyboard: homeEnv = keyboard: {
{ imports = [
imports = [ (import ../../../home-manager/configuration/graphical-gnome3.nix {
(import ../../../home-manager/configuration/graphical-gnome3.nix { inherit pkgs; }) inherit pkgs;
]; })
];
home.keyboard = keyboard; home.keyboard = keyboard;
home.packages = with pkgs; [ home.packages = with pkgs; [
rhythmbox rhythmbox
lollypop lollypop
dia dia
kotatogram-desktop kotatogram-desktop
jitsi jitsi
]; ];
};
in
{
nixpkgs.config.packageOverrides = pkgs: with pkgs; {
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath;
}; };
services.gnome = in {
builtins.mapAttrs nixpkgs.config.packageOverrides = pkgs:
(attr: value: lib.mkForce value) with pkgs; {
{ nixPath = (import ../../../default.nix {
games.enable = true; versionsPath = ./versions.nix;
gnome-remote-desktop.enable = true; }).nixPath;
gnome-user-share.enable = true; };
rygel.enable = true;
sushi.enable = true; services.gnome = builtins.mapAttrs (attr: value: lib.mkForce value) {
tracker.enable = true; games.enable = true;
tracker-miners.enable = true; gnome-remote-desktop.enable = true;
} gnome-user-share.enable = true;
; rygel.enable = true;
sushi.enable = true;
tracker.enable = true;
tracker-miners.enable = true;
};
home-manager.users.steveej = homeEnv { home-manager.users.steveej = homeEnv {
layout = "en"; layout = "en";
@ -49,17 +45,16 @@ in
home-manager.users.elias = homeEnv { home-manager.users.elias = homeEnv {
layout = "de"; layout = "de";
options = []; options = [ ];
variant = ""; variant = "";
}; };
home-manager.users.justyna = homeEnv { home-manager.users.justyna = homeEnv {
layout = "de"; layout = "de";
options = []; options = [ ];
variant = ""; variant = "";
}; };
services.teamviewer.enable = true; services.teamviewer.enable = true;
system.stateVersion = "21.11"; system.stateVersion = "21.11";
} }

19
nix/os/devices/elias-e525/system.nix
View file

@ -1,13 +1,8 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let
in in {
{
# TASK: new device # TASK: new device
networking.hostName = "elias-e525"; # Define your hostname. networking.hostName = "elias-e525"; # Define your hostname.
@ -22,10 +17,7 @@ in
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [ mfcl3770cdw.driver mfcl3770cdw.cupswrapper ];
mfcl3770cdw.driver
mfcl3770cdw.cupswrapper
];
}; };
services.fprintd.enable = true; services.fprintd.enable = true;
@ -49,9 +41,8 @@ in
# udev.packages = [ pkgs.gnome3.gnome-settings-daemon ]; # udev.packages = [ pkgs.gnome3.gnome-settings-daemon ];
}; };
security.pki.certificateFiles = [ security.pki.certificateFiles =
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
];
services.xserver.videoDrivers = [ "modesetting" ]; services.xserver.videoDrivers = [ "modesetting" ];

4
nix/os/devices/elias-e525/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;

7
nix/os/devices/elias-e525/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";

23
nix/os/devices/elias-e525/versions.tmpl.nix
View file

@ -2,29 +2,34 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-21.11"; ref = "release-21.11";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

6
nix/os/devices/fwhost1/boot.nix
View file

@ -1,8 +1,6 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
} }

6
nix/os/devices/fwhost1/hw.nix
View file

@ -2,8 +2,7 @@
let let
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;
@ -12,6 +11,5 @@ in
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

24
nix/os/devices/fwhost1/pkg.nix
View file

@ -1,18 +1,18 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
}; nixPath = (import ../../../default.nix {
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { inherit pkgs; }; versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs;
};
environment.systemPackages = with pkgs; [ iw wirelesstools ];
environment.systemPackages = with pkgs; [
iw
wirelesstools
];
system.stateVersion = "21.11"; system.stateVersion = "21.11";
} }

20
nix/os/devices/fwhost1/system.nix
View file

@ -1,7 +1,4 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
@ -31,16 +28,25 @@ in {
# WAN interfaces, currently unused because the OPNsense guest acts as a router. # WAN interfaces, currently unused because the OPNsense guest acts as a router.
networking.vlans.wan1.id = 3; networking.vlans.wan1.id = 3;
networking.vlans.wan1.interface = "breth"; networking.vlans.wan1.interface = "breth";
networking.interfaces.wan1.ipv4.addresses = [{ address = "192.168.0.15"; prefixLength = 24; } ]; networking.interfaces.wan1.ipv4.addresses = [{
address = "192.168.0.15";
prefixLength = 24;
}];
networking.vlans.wan2.id = 4; networking.vlans.wan2.id = 4;
networking.vlans.wan2.interface = "breth"; networking.vlans.wan2.interface = "breth";
networking.interfaces.wan2.ipv4.addresses = [{ address = "172.16.0.15"; prefixLength = 12; } ]; networking.interfaces.wan2.ipv4.addresses = [{
address = "172.16.0.15";
prefixLength = 12;
}];
# Local interfaces, all accessed via VLAN tags on the main bridge # Local interfaces, all accessed via VLAN tags on the main bridge
networking.vlans.lan.id = 1; networking.vlans.lan.id = 1;
networking.vlans.lan.interface = "breth"; networking.vlans.lan.interface = "breth";
networking.interfaces.lan.ipv4.addresses = [{ address = "172.172.171.15"; prefixLength = 24; } ]; networking.interfaces.lan.ipv4.addresses = [{
address = "172.172.171.15";
prefixLength = 24;
}];
networking.vlans.dmz.id = 5; networking.vlans.dmz.id = 5;
networking.vlans.dmz.interface = "breth"; networking.vlans.dmz.interface = "breth";

7
nix/os/devices/fwhost1/user.nix
View file

@ -1,11 +1,8 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
inherit (import ../../lib/default.nix { }) mkUser; inherit (import ../../lib/default.nix { }) mkUser;
in { in { }
}

7
nix/os/devices/fwhost1/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {

23
nix/os/devices/fwhost1/versions.tmpl.nix
View file

@ -2,30 +2,35 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-21.11"; ref = "release-21.11";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

6
nix/os/devices/fwhost2/boot.nix
View file

@ -1,8 +1,6 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
} }

6
nix/os/devices/fwhost2/hw.nix
View file

@ -2,8 +2,7 @@
let let
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;
@ -12,6 +11,5 @@ in
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

24
nix/os/devices/fwhost2/pkg.nix
View file

@ -1,18 +1,18 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
}; nixPath = (import ../../../default.nix {
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { inherit pkgs; }; versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs;
};
environment.systemPackages = with pkgs; [ iw wirelesstools ];
environment.systemPackages = with pkgs; [
iw
wirelesstools
];
system.stateVersion = "21.11"; system.stateVersion = "21.11";
} }

21
nix/os/devices/fwhost2/system.nix
View file

@ -1,8 +1,4 @@
{ pkgs { pkgs, lib, config, utils, ... }:
, lib
, config
, utils
, ... }:
let let
keys = import ../../../variables/keys.nix; keys = import ../../../variables/keys.nix;
@ -32,16 +28,25 @@ in {
# WAN interfaces, currently unused because the OPNsense guest acts as a router. # WAN interfaces, currently unused because the OPNsense guest acts as a router.
networking.vlans.wan1.id = 3; networking.vlans.wan1.id = 3;
networking.vlans.wan1.interface = "breth"; networking.vlans.wan1.interface = "breth";
networking.interfaces.wan1.ipv4.addresses = [{ address = "192.168.0.16"; prefixLength = 24; } ]; networking.interfaces.wan1.ipv4.addresses = [{
address = "192.168.0.16";
prefixLength = 24;
}];
networking.vlans.wan2.id = 4; networking.vlans.wan2.id = 4;
networking.vlans.wan2.interface = "breth"; networking.vlans.wan2.interface = "breth";
networking.interfaces.wan2.ipv4.addresses = [{ address = "172.16.0.16"; prefixLength = 12; } ]; networking.interfaces.wan2.ipv4.addresses = [{
address = "172.16.0.16";
prefixLength = 12;
}];
# Local interfaces, all accessed via VLAN tags on the main bridge # Local interfaces, all accessed via VLAN tags on the main bridge
networking.vlans.lan.id = 1; networking.vlans.lan.id = 1;
networking.vlans.lan.interface = "breth"; networking.vlans.lan.interface = "breth";
networking.interfaces.lan.ipv4.addresses = [{ address = "172.172.171.16"; prefixLength = 24; } ]; networking.interfaces.lan.ipv4.addresses = [{
address = "172.172.171.16";
prefixLength = 24;
}];
networking.vlans.dmz.id = 5; networking.vlans.dmz.id = 5;
networking.vlans.dmz.interface = "breth"; networking.vlans.dmz.interface = "breth";

4
nix/os/devices/fwhost2/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;

7
nix/os/devices/fwhost2/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {

23
nix/os/devices/fwhost2/versions.tmpl.nix
View file

@ -2,30 +2,35 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-21.11"; ref = "release-21.11";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-21.11 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

4
nix/os/devices/srv0.home-ch.stefanjunker.de/boot.nix
View file

@ -1,6 +1,4 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiSupport = true; boot.loader.grub.efiSupport = true;

3
nix/os/devices/srv0.home-ch.stefanjunker.de/configuration.nix
View file

@ -1,8 +1,7 @@
{ ... }: { ... }:
{ {
disabledModules = [ disabledModules = [ ];
];
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix
../../modules/opinionatedDisk.nix ../../modules/opinionatedDisk.nix

8
nix/os/devices/srv0.home-ch.stefanjunker.de/hw.nix
View file

@ -1,7 +1,7 @@
{ ... }: { ... }:
let let
stage1Modules = [ stage1Modules = [
"aesni_intel" "aesni_intel"
"kvm-intel" "kvm-intel"
@ -20,8 +20,7 @@ let
"xhci_pci" "xhci_pci"
]; ];
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;
@ -31,6 +30,5 @@ in
boot.initrd.availableKernelModules = stage1Modules; boot.initrd.availableKernelModules = stage1Modules;
boot.initrd.kernelModules = stage1Modules; boot.initrd.kernelModules = stage1Modules;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

33
nix/os/devices/srv0.home-ch.stefanjunker.de/pkg.nix
View file

@ -1,22 +1,23 @@
{ config { config, pkgs, lib, ... }:
, pkgs
, lib
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
}; nixPath = (import ../../../default.nix {
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix { inherit pkgs; }; versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/text-minimal.nix {
inherit pkgs;
};
nix.buildMachines = [ nix.buildMachines = [{
{ hostName = "localhost"; hostName = "localhost";
system = "x86_64-linux"; system = "x86_64-linux";
supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
maxJobs = 4; maxJobs = 4;
} }];
];
# services.hydra = { # services.hydra = {
# enable = false; # enable = false;

27
nix/os/devices/srv0.home-ch.stefanjunker.de/system.nix
View file

@ -1,10 +1,6 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let keys = import ../../../variables/keys.nix;
keys = import ../../../variables/keys.nix;
in { in {
# TASK: new device # TASK: new device
@ -46,18 +42,12 @@ in {
# services.kubernetes.roles = ["master" "node"]; # services.kubernetes.roles = ["master" "node"];
# virtualization # virtualization
virtualisation = { virtualisation = { docker.enable = true; };
docker.enable = true;
};
nix.gc = { nix.gc = { automatic = true; };
automatic = true;
};
networking.useHostResolvConf = false; networking.useHostResolvConf = false;
services.resolved = { services.resolved = { enable = true; };
enable = true;
};
containers = { containers = {
mailserver = import ../../containers/mailserver.nix { mailserver = import ../../containers/mailserver.nix {
@ -87,12 +77,7 @@ in {
inherit config; inherit config;
hostAddress = "192.168.100.16"; hostAddress = "192.168.100.16";
localAddress = "192.168.100.17"; localAddress = "192.168.100.17";
subvolumes = [ subvolumes = [ "mailserver" "webserver" "backup" "syncthing" ];
"mailserver"
"webserver"
"backup"
"syncthing"
];
}; };
}; };

3
nix/os/devices/srv0.home-ch.stefanjunker.de/versions.nix
View file

@ -4,9 +4,8 @@ let
ref = "nixos-22.05"; ref = "nixos-22.05";
rev = "040c6d8374d090f46ab0e99f1f7c27a4529ecffd"; rev = "040c6d8374d090f46ab0e99f1f7c27a4529ecffd";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"nixpkgs-master" = { "nixpkgs-master" = {

15
nix/os/devices/srv0.home-ch.stefanjunker.de/versions.tmpl.nix
View file

@ -2,21 +2,26 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-22.05"; ref = "nixos-22.05";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-22.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-22.05"; ref = "release-22.05";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-22.05 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-22.05 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

2
nix/os/devices/steveej-nuc7pjyh-work/system.nix
View file

@ -3,7 +3,7 @@
let let
in { in {
services.udev.extraRules = ''SUBSYSTEM=="sgx", MODE="0660", GROUP="sgx"''; services.udev.extraRules = ''SUBSYSTEM=="sgx", MODE="0660", GROUP="sgx"'';
users.groups.sgx = {}; users.groups.sgx = { };
networking.hostName = "steveej-nuc7pjyh-work"; # Define your hostname. networking.hostName = "steveej-nuc7pjyh-work"; # Define your hostname.
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_sgx_latest; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_sgx_latest;
} }

19
nix/os/devices/steveej-nuc7pjyh-work/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;
@ -11,10 +9,19 @@ in {
users.extraUsers.sjunker = mkUser { users.extraUsers.sjunker = mkUser {
uid = 1001; uid = 1001;
openssh.authorizedKeys.keys = keys.users.steveej.openssh; openssh.authorizedKeys.keys = keys.users.steveej.openssh;
shell = pkgs.posh { image = "quay.io/enarx/fedora"; run_args = "-v /dev/sgx:/dev/sgx"; }; shell = pkgs.posh {
image = "quay.io/enarx/fedora";
run_args = "-v /dev/sgx:/dev/sgx";
};
extraGroups = [ "sgx" ]; extraGroups = [ "sgx" ];
subUidRanges = [{ startUid = 100000; count = 65536; }]; subUidRanges = [{
subGidRanges = [{ startGid = 100000; count = 65536; }]; startUid = 100000;
count = 65536;
}];
subGidRanges = [{
startGid = 100000;
count = 65536;
}];
}; };
} }

6
nix/os/devices/steveej-pa600/boot.nix
View file

@ -1,8 +1,6 @@
{ lib { lib, ... }:
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
} }

8
nix/os/devices/steveej-pa600/hw.nix
View file

@ -1,7 +1,7 @@
{ ... }: { ... }:
let let
stage1Modules = [ stage1Modules = [
"aesni_intel" "aesni_intel"
"kvm-intel" "kvm-intel"
"aes_x86_64" "aes_x86_64"
@ -10,8 +10,7 @@ let
"hxci_hcd" "hxci_hcd"
]; ];
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;
@ -21,6 +20,5 @@ in
# boot.initrd.availableKernelModules = stage1Modules; # boot.initrd.availableKernelModules = stage1Modules;
boot.initrd.kernelModules = stage1Modules; boot.initrd.kernelModules = stage1Modules;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = "";
'';
} }

18
nix/os/devices/steveej-pa600/pkg.nix
View file

@ -1,12 +1,16 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
}; nixPath = (import ../../../default.nix {
home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix { inherit pkgs; }; versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/graphical-fullblown.nix {
inherit pkgs;
};
services.teamviewer.enable = true; services.teamviewer.enable = true;
system.stateVersion = "20.09"; system.stateVersion = "20.09";
} }

19
nix/os/devices/steveej-pa600/system.nix
View file

@ -1,10 +1,6 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let keys = import ../../../variables/keys.nix;
keys = import ../../../variables/keys.nix;
in { in {
# TASK: new device # TASK: new device
@ -21,11 +17,7 @@ in {
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [ hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper ];
hplip
mfcl3770cdw.driver
mfcl3770cdw.cupswrapper
];
}; };
services.fprintd.enable = true; services.fprintd.enable = true;
@ -34,9 +26,8 @@ in {
sudo.fprintAuth = true; sudo.fprintAuth = true;
}; };
security.pki.certificateFiles = [ security.pki.certificateFiles =
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
];
services.xserver.videoDrivers = [ "modesetting" ]; services.xserver.videoDrivers = [ "modesetting" ];
services.xserver.serverFlagsSection = '' services.xserver.serverFlagsSection = ''

4
nix/os/devices/steveej-pa600/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;

7
nix/os/devices/steveej-pa600/versions.nix
View file

@ -4,13 +4,10 @@ let
ref = "nixos-20.09"; ref = "nixos-20.09";
rev = "e065200fc90175a8f6e50e76ef10a48786126e1c"; rev = "e065200fc90175a8f6e50e76ef10a48786126e1c";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";

23
nix/os/devices/steveej-pa600/versions.tmpl.nix
View file

@ -2,29 +2,34 @@ let
nixpkgs = { nixpkgs = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-20.09"; ref = "nixos-20.09";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";
rev = "<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"nixpkgs-master" = { "nixpkgs-master" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "master"; ref = "master";
rev = "<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
"home-manager-module" = { "home-manager-module" = {
url = "https://github.com/nix-community/home-manager"; url = "https://github.com/nix-community/home-manager";
ref = "release-20.09"; ref = "release-20.09";
rev = "<% git ls-remote https://github.com/nix-community/home-manager.git release-20.09 | awk '{ print $1 }' | tr -d '\n' -%>"; rev = ''
<% git ls-remote https://github.com/nix-community/home-manager.git release-20.09 | awk '{ print $1 }' | tr -d '
' -%>'';
}; };
} }

3
nix/os/devices/steveej-rmvbl-mmc-SL32G_0x259093f6/system.nix
View file

@ -1,5 +1,6 @@
{ ... }: { ... }:
{ {
networking.hostName = "steveej-rmvbl-mmc-SL32G_0x259093f6"; # Define your hostname. networking.hostName =
"steveej-rmvbl-mmc-SL32G_0x259093f6"; # Define your hostname.
} }

9
nix/os/devices/steveej-rmvbl-sdep0/configuration.nix
View file

@ -1,9 +1,12 @@
{ ... }: { ... }:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
}; nixPath = (import ../../../default.nix {
versionsPath = ./versions.nix;
}).nixPath;
};
imports = [ imports = [
../../profiles/common/configuration.nix ../../profiles/common/configuration.nix

17
nix/os/devices/steveej-rmvbl-sdep0/versions.nix
View file

@ -4,20 +4,17 @@ let
ref = "nixos-21.11"; ref = "nixos-21.11";
rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb"; rev = "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb";
}; };
in
{ in {
inherit nixpkgs; inherit nixpkgs;
nixos = nixpkgs // { nixos = nixpkgs // { suffix = "/nixos"; };
suffix = "/nixos";
};
"channels-nixos-stable" = nixpkgs; "channels-nixos-stable" = nixpkgs;
# "channels-nixos-21.05" = { # "channels-nixos-21.05" = {
# url = "https://github.com/NixOS/nixpkgs/"; # url = "https://github.com/NixOS/nixpkgs/";
# ref = "nixos-21.05"; # ref = "nixos-21.05";
# rev = "df123677560db3b0db7c19d71981b11091fbeaf6"; # rev = "df123677560db3b0db7c19d71981b11091fbeaf6";
# }; # };
"channels-nixos-unstable" = { "channels-nixos-unstable" = {
url = "https://github.com/NixOS/nixpkgs/"; url = "https://github.com/NixOS/nixpkgs/";
ref = "nixos-unstable"; ref = "nixos-unstable";

7
nix/os/devices/steveej-t14/boot.nix
View file

@ -1,10 +1,7 @@
{ lib { lib, pkgs, ... }:
, pkgs
, ...
}:
{ {
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true; boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce false; boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
} }

5
nix/os/devices/steveej-t14/hw.nix
View file

@ -1,7 +1,7 @@
{ ... }: { ... }:
let let
stage1Modules = [ stage1Modules = [
"aesni_intel" "aesni_intel"
"kvm_amd" "kvm_amd"
"nvme" "nvme"
@ -11,8 +11,7 @@ let
"e1000e" "e1000e"
]; ];
in in {
{
# TASK: new device # TASK: new device
hardware.opinionatedDisk = { hardware.opinionatedDisk = {
enable = true; enable = true;

18
nix/os/devices/steveej-t14/pkg.nix
View file

@ -1,12 +1,16 @@
{ pkgs { pkgs, ... }:
, ...
}:
{ {
nixpkgs.config.packageOverrides = pkgs: with pkgs; { nixpkgs.config.packageOverrides = pkgs:
nixPath = (import ../../../default.nix { versionsPath = ./versions.nix; }).nixPath; with pkgs; {
}; nixPath = (import ../../../default.nix {
home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix { inherit pkgs; }; versionsPath = ./versions.nix;
}).nixPath;
};
home-manager.users.steveej =
import ../../../home-manager/configuration/graphical-fullblown.nix {
inherit pkgs;
};
services.teamviewer.enable = true; services.teamviewer.enable = true;
system.stateVersion = "20.09"; system.stateVersion = "20.09";
} }

45
nix/os/devices/steveej-t14/system.nix
View file

@ -1,16 +1,10 @@
{ pkgs { pkgs, lib, config, ... }:
, lib
, config
, ... }:
let let keys = import ../../../variables/keys.nix;
keys = import ../../../variables/keys.nix;
in { in {
nix = { nix = {
binaryCaches = [ binaryCaches =
"https://holochain-ci.cachix.org" [ "https://holochain-ci.cachix.org" "https://cache.holo.host/" ];
"https://cache.holo.host/"
];
binaryCachePublicKeys = [ binaryCachePublicKeys = [
"holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8=" "holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8="
"cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE=" "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE="
@ -21,10 +15,11 @@ in {
# TASK: new device # TASK: new device
networking.hostName = "steveej-t14"; # Define your hostname. networking.hostName = "steveej-t14"; # Define your hostname.
networking.bridges."virbr1".interfaces = []; networking.bridges."virbr1".interfaces = [ ];
networking.interfaces."virbr1".ipv4.addresses = [ networking.interfaces."virbr1".ipv4.addresses = [{
{ address = "10.254.254.254"; prefixLength = 24; } address = "10.254.254.254";
]; prefixLength = 24;
}];
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
@ -40,11 +35,7 @@ in {
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [ hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper ];
hplip
mfcl3770cdw.driver
mfcl3770cdw.cupswrapper
];
}; };
services.fprintd.enable = true; services.fprintd.enable = true;
@ -55,12 +46,10 @@ in {
# virtualization # virtualization
virtualisation = { virtualisation = {
libvirtd = { libvirtd = { enable = true; };
enable = true;
};
virtualbox.host = { virtualbox.host = {
enable = false ; enable = false;
addNetworkInterface = false; addNetworkInterface = false;
}; };
@ -74,14 +63,10 @@ in {
# client min protocol = NT1 # client min protocol = NT1
''; '';
security.pki.certificateFiles =
[ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
security.pki.certificateFiles = [ services.xserver.videoDrivers = lib.mkForce [ "amdgpu" ];
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
];
services.xserver.videoDrivers = lib.mkForce [
"amdgpu"
];
services.xserver.serverFlagsSection = '' services.xserver.serverFlagsSection = ''
Option "BlankTime" "0" Option "BlankTime" "0"
Option "StandbyTime" "0" Option "StandbyTime" "0"

4
nix/os/devices/steveej-t14/user.nix
View file

@ -1,6 +1,4 @@
{ config { config, pkgs, ... }:
, pkgs
, ... }:
let let
passwords = import ../../../variables/passwords.crypt.nix; passwords = import ../../../variables/passwords.crypt.nix;

Some files were not shown because too many files have changed in this diff Show more