steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

WIP: x13s: install to nvme, refactor into module

Browse source
This commit is contained in:
steveej 2024-01-22 22:50:51 +01:00
parent 40416bd4de
commit a083c05b27
28 changed files with 1361 additions and 737 deletions
Download patch file Download diff file Expand all files Collapse all files

224
nix/home-manager/configuration/graphical-fullblown.nix
View file

@ -1,26 +1,23 @@
{ pkgs
, lib
, config
, # these come in via home-manager.extraSpecialArgs and are specific to each node
nodeFlake
, packages'
, # repoFlake,
# repoFlakeInputs',
...
, ...
}:
let
# pkgsMaster = nodeFlake.inputs.nixpkgs-master.legacyPackages.${pkgs.system};
pkgsUnstableSmall = import nodeFlake.inputs.nixpkgs-unstable-small { inherit (pkgs) system config; };
pkgs2211 = nodeFlake.inputs.nixpkgs-2211.legacyPackages.${pkgs.system};
in
{
imports = [
../profiles/common.nix
../profiles/dotfiles.nix
# ../profiles/dotfiles.nix
# FIXME: fix homeshick when no WAN connection is available
# ../programs/homeshick.nix
# ../profiles/gnome-desktop.nix
../profiles/sway-desktop.nix
# ../profiles/experimental-desktop.nix
../programs/redshift.nix
@ -28,7 +25,7 @@ in
../programs/gpg-agent.nix
../programs/pass.nix
../programs/espanso.nix
# ../programs/espanso.nix
../programs/firefox.nix
../programs/chromium.nix
@ -36,10 +33,6 @@ in
../programs/libreoffice.nix
../programs/neovim.nix
../programs/vscode
# TODO: bump these to 23.05 and make it work
(args: import ../programs/radicale.nix (args // { pkgs = pkgs2211; }))
# (args: import ../programs/espanso.nix (args // {pkgs = pkgs2211;}))
];
home.sessionVariables.HM_CONFIG = "graphical-fullblown";
@ -55,21 +48,19 @@ in
[ ]
++ (with pkgs; [
# Authentication
cacert
fprintd
openssl
mkpasswd
# cacert
# fprintd
# openssl
# mkpasswd
# Nix package related tools
patchelf
nix-index
# nix-index
nix-prefetch-scripts
# nix-prefetch-github
nix-tree
# Version Control Systems
gitFull
pijul
# gitless
gitRepo
git-lfs
@ -118,7 +109,9 @@ in
# FIXME: depends on insecure openssl 1.1.1t
# kotatogram-desktop
tdesktop
pkgsUnstableSmall.signal-desktop
#(let
# version = "6.20.0-beta.1";
#in
@ -138,7 +131,6 @@ in
# '';
# }))
pkgsUnstableSmall.session-desktop
# --add-flags "--enable-features=UseOzonePlatform"
# --add-flags "--ozone-platform=wayland"
# (pkgsUnstableSmall.session-desktop.overrideAttrs (old: {
@ -175,61 +167,51 @@ in
# }))
thunderbird
# gnome.cheese
discord
# Virtualization
# virtmanager
# Remote Control Tools
remmina
freerdp
teamviewer
pkgsUnstableSmall.rustdesk
# freerdp
# Audio/Video Players
ffmpeg
vlc
v4l-utils
audacity
spotify
# v4l-utils
# audacity
# spotify
yt-dlp
(writeShellScriptBin "youtube-dl-audio" "${yt-dlp}/bin/yt-dlp --extract-audio --audio-format best --audio-quality 9 \${@:?}")
libwebcam
# Network Tools
openvpn
tcpdump
iftop
iperf
bind
socat
# 2019-03-05: broken on 19.03 linssid
iptraf-ng
ipmitool
iptables
nftables
wireshark
wireguard-tools
nethogs
# Code Editing and Programming
xclip
xsel
pkgsUnstableSmall.lapce
pkgsUnstableSmall.helix
pkgsUnstableSmall.nil
# pkgsUnstableSmall.lapce
# pkgsUnstableSmall.helix
# pkgsUnstableSmall.nil
# Image/Graphic/Design Tools
gnome.eog
gimp
imagemagick
exiv2
graphviz
inkscape
qrencode
zbar
feh
# gimp
# imagemagick
# exiv2
# graphviz
# inkscape
# qrencode
# TODO: remove or move these: Modelling Tools
# plantuml
@ -240,62 +222,47 @@ in
# astah-community
# Misc Development Tools
qrcode
jq
cdrtools
# qrcode
# jq
# cdrtools
# Document Processing and Management
gnome.nautilus
xfce.thunar
pcmanfm
# mendeley
evince
(runCommand "logseq-wrapper"
{
nativeBuildInputs = [ makeWrapper ];
} ''
makeWrapper ${logseq}/bin/logseq $out/bin/logseq \
--set NIXOS_OZONE_WL ""
'')
# (logseq.override({ electron_25 = electron_26; }))
# File Synchronzation
maestral
maestral-gui
rsync
# Filesystem Tools
ntfs3g
ddrescue
ncdu
unetbootin
hdparm
testdisk
# ntfs3g
# ddrescue
# ncdu
# hdparm
# binwalk
gptfdisk
gparted
smartmontools
# gptfdisk
# gparted
# smartmontools
## Android
androidenv.androidPkgs_9_0.platform-tools
## Python
packages'.myPython
# packages'.myPython
# Misc Desktop Tools
ltunify
# ltunify
# dex
xorg.xbacklight
coreutils
lsof
xdotool
xdg_utils
xdg-user-dirs
dconf
picocom
glib.dev # contains gdbus tool
alacritty
wally-cli
# wally-cli
man-pages
# Screen recording
@ -311,64 +278,77 @@ in
# introduces python: screenkey
# avidemux # broken
handbrake
# handbrake
pkgsUnstableSmall.ledger-live-desktop
(banana-accounting.overrideDerivation (attrs:
with inputs'.nixpkgs-2211.legacyPackages; {
# dontWrapGApps = true;
srcs = builtins.fetchurl {
# hosted via https://web3.storage
url = "https://bafybeiabi4m2i4izummipbl5wzhwxjyjt2rylgsrahhkh7i63piwd37n4u.ipfs.w3s.link/mfpcksczayaqqx8fdacp0627zm36c001-bananaplus.tgz";
sha256 = "09666iqzqdw2526pf6bg5kd0hfw0wblw8ag636ki72dsiw6bmbf1";
};
# nativeBuildInputs =
# attrs.nativeBuildInputs
# ++ [
# qt5.qtbase
# qt5.wrapQtAppsHook
# ];
# buildInputs =
# attrs.buildInputs
# ++ [
# qt5.qtwayland
# ];
# preFixup =
# (attrs.preFixup or "")
# + ''
# qtWrapperArgs+=("''${gappsWrapperArgs[@]}")
# '';
}))
snes9x
snes9x-gtk
# snes9x
# snes9x-gtk
# this is a displaymanager!
# libretro.snes9x2010
# retroarchFull
]);
])
++ (lib.lists.optionals (!pkgs.stdenv.targetPlatform.isAarch64) [
(pkgs.banana-accounting.overrideDerivation
(attrs:
with nodeFlake.inputs'.nixpkgs-2211.legacyPackages; {
# dontWrapGApps = true;
srcs = builtins.fetchurl {
# hosted via https://web3.storage
url = "https://bafybeiabi4m2i4izummipbl5wzhwxjyjt2rylgsrahhkh7i63piwd37n4u.ipfs.w3s.link/mfpcksczayaqqx8fdacp0627zm36c001-bananaplus.tgz";
sha256 = "09666iqzqdw2526pf6bg5kd0hfw0wblw8ag636ki72dsiw6bmbf1";
};
# nativeBuildInputs =
# attrs.nativeBuildInputs
# ++ [
# qt5.qtbase
# qt5.wrapQtAppsHook
# ];
# buildInputs =
# attrs.buildInputs
# ++ [
# qt5.qtwayland
# ];
# preFixup =
# (attrs.preFixup or "")
# + ''
# qtWrapperArgs+=("''${gappsWrapperArgs[@]}")
# '';
})
)
pkgsUnstableSmall.ledger-live-desktop
(pkgs.runCommand "logseq-wrapper"
{
nativeBuildInputs = [ pkgs.makeWrapper ];
} ''
makeWrapper ${pkgs.logseq}/bin/logseq $out/bin/logseq \
--set NIXOS_OZONE_WL ""
'')
# (logseq.override({ electron_25 = electron_26; }))
# unsupported on aarch64-linux
pkgs.androidenv.androidPkgs_9_0.platform-tools
pkgs.teamviewer
pkgs.discord
pkgsUnstableSmall.session-desktop
pkgsUnstableSmall.rustdesk
])
;
systemd.user.startServices = true;
services.syncthing.enable = true;
services.udiskie = {
enable = true;
automount = true;
automount = false;
notify = true;
};
# FIXME: doesn't work as the service can't seem to control its started PID
services.dropbox = {
enable = false;
path = "${config.home.homeDirectory}/Dropbox-Hm";
};
# TODO: uncomment this when it's in stable home-manger
# programs.joshuto = {
# enable = true;

14
nix/home-manager/profiles/common.nix
View file

@ -1,4 +1,4 @@
{pkgs, ...}: {
{ pkgs, ... }: {
# TODO: re-enable this with the appropriate version?
# programs.home-manager.enable = true;
# programs.home-manager.path = https://github.com/rycee/home-manager/archive/445c0b1482c38172a9f8294ee16a7ca7462388e5.tar.gz;
@ -11,10 +11,16 @@
allowBroken = false;
allowUnfree = true;
permittedInsecurePackages = [];
permittedInsecurePackages = [ ];
};
nix.settings.experimental-features = ["nix-command" "flakes" "impure-derivations" "ca-derivations" "recursive-nix"];
nix.settings.experimental-features = [
"nix-command"
"flakes"
"impure-derivations"
"ca-derivations"
"recursive-nix"
];
nix.settings.sandbox = "relaxed";
home.keyboard = {
@ -40,7 +46,7 @@
programs.fzf.enable = true;
home.packages =
[]
[ ]
++ (with pkgs; [
htop
vcsh

10
nix/home-manager/profiles/wayland-desktop.nix
View file

@ -8,10 +8,7 @@
let
inherit (import ../lib.nix { }) mkSimpleTrayService;
nixpkgs-2211 = nodeFlake.inputs.nixpkgs-2211.legacyPackages.${pkgs.system};
nixpkgs-unstable-small = nodeFlake.inputs.nixpkgs-unstable-small.legacyPackages.${pkgs.system};
nixpkgs-wayland' = repoFlake.inputs.nixpkgs-wayland.packages.${pkgs.system};
wayprompt = nixpkgs-wayland'.wayprompt;
in
{
@ -43,7 +40,6 @@ in
wl-clipboard
wmctrl
wayprompt
nixpkgs-wayland'.shotman
# identifies key input syms
@ -63,7 +59,11 @@ in
# probably required by flameshot
# xdg-desktop-portal xdg-desktop-portal-wlr
# grim
];
] ++ (lib.lists.optionals (!pkgs.stdenv.isAarch64)
# TODO: broken on aarch64
[
]
);
home.sessionVariables = {
XDG_SESSION_TYPE = "wayland";

37
nix/home-manager/programs/chromium.nix
View file

@ -1,15 +1,16 @@
{
name,
lib,
...
}: let
{ name
, lib
, pkgs
, ...
}:
let
extensions =
[
#undetectable adblocker
{id = "gcfcpohokifjldeandkfjoboemihipmb";}
{ id = "gcfcpohokifjldeandkfjoboemihipmb"; }
# ublock origin
{id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";}
{ id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; }
# # YT ad block
# {id = "cmedhionkhpnakcndndgjdbohmhepckk";}
@ -18,15 +19,15 @@
# {id = "cfhdojbkjhnklbpkdaibdccddilifddb";}
# Cookie Notice Blocker
{id = "odhmfmnoejhihkmfebnolljiibpnednn";}
{ id = "odhmfmnoejhihkmfebnolljiibpnednn"; }
# i don't care about cookies
{id = "fihnjjcciajhdojfnbdddfaoknhalnja";}
{ id = "fihnjjcciajhdojfnbdddfaoknhalnja"; }
# NopeCHA
{id = "dknlfmjaanfblgfdfebhijalfmhmjjjo";}
{ id = "dknlfmjaanfblgfdfebhijalfmhmjjjo"; }
# h264ify
{id = "aleakchihdccplidncghkekgioiakgal";}
{ id = "aleakchihdccplidncghkekgioiakgal"; }
# clippy
# {id = "honbeilkanbghjimjoniipnnehlmhggk"}
@ -37,25 +38,27 @@
}
# cookie autodelete
{id = "fhcgjolkccmbidfldomjliifgaodjagh";}
{ id = "fhcgjolkccmbidfldomjliifgaodjagh"; }
# unhook
{ id = "khncfooichmfjbepaaaebmommgaepoid";}
{ id = "khncfooichmfjbepaaaebmommgaepoid"; }
]
++ (lib.lists.optionals ((builtins.match "^steveej.*" name) != null) [
# Vimium C
{id = "hfjbmagddngcpeloejdejnfgbamkjaeg";}
{ id = "hfjbmagddngcpeloejdejnfgbamkjaeg"; }
]);
in {
in
{
programs.chromium = {
enable = true;
inherit extensions;
};
programs.brave = {
enable = true;
# TODO: enable this on aarch64-linux
enable = true && !pkgs.stdenv.targetPlatform.isAarch64;
inherit extensions;
};
programs.browserpass = {browsers = ["chromium" "brave"];};
programs.browserpass = { browsers = [ "chromium" "brave" ]; };
}

89
nix/home-manager/programs/radicale.nix
View file

@ -1,10 +1,10 @@
{
config,
lib,
pkgs,
osConfig,
...
}: let
{ config
, lib
, pkgs
, osConfig
, ...
}:
let
libdecsync = pkgs.python3Packages.buildPythonPackage rec {
pname = "libdecsync";
version = "2.2.1";
@ -38,50 +38,53 @@
# pkgs.libxcrypt
];
propagatedBuildInputs = [libdecsync pkgs.python3Packages.setuptools];
propagatedBuildInputs = [ libdecsync pkgs.python3Packages.setuptools ];
};
radicale-decsync = pkgs.radicale.overrideAttrs (old: {
propagatedBuildInputs =
old.propagatedBuildInputs
++ [radicale-storage-decsync];
++ [ radicale-storage-decsync ];
});
mkRadicaleService = {
suffix,
port,
}: let
radicale-config = pkgs.writeText "radicale-config-${suffix}" ''
[server]
hosts = localhost:${builtins.toString port}
mkRadicaleService =
{ suffix
, port
,
}:
let
radicale-config = pkgs.writeText "radicale-config-${suffix}" ''
[server]
hosts = localhost:${builtins.toString port}
[auth]
type = htpasswd
htpasswd_filename = ${osConfig.sops.secrets.radicale_htpasswd.path}
htpasswd_encryption = bcrypt
[auth]
type = htpasswd
htpasswd_filename = ${osConfig.sops.secrets.radicale_htpasswd.path}
htpasswd_encryption = bcrypt
[storage]
type = radicale_storage_decsync
filesystem_folder = ${config.xdg.dataHome}/radicale-${suffix}
decsync_dir = ${config.xdg.dataHome}/decsync-${suffix}
'';
in {
systemd.user.services."radicale-${suffix}" = {
Unit.Description = "Radicale with DecSync (${suffix})";
Service = {
ExecStart = "${radicale-decsync}/bin/radicale -C ${radicale-config}";
Restart = "on-failure";
[storage]
type = radicale_storage_decsync
filesystem_folder = ${config.xdg.dataHome}/radicale-${suffix}
decsync_dir = ${config.xdg.dataHome}/decsync-${suffix}
'';
in
{
systemd.user.services."radicale-${suffix}" = {
Unit.Description = "Radicale with DecSync (${suffix})";
Service = {
ExecStart = "${radicale-decsync}/bin/radicale -C ${radicale-config}";
Restart = "on-failure";
};
Install.WantedBy = [ "default.target" ];
};
Install.WantedBy = ["default.target"];
};
};
in
builtins.foldl' (sum: cur: lib.recursiveUpdate sum (mkRadicaleService cur)) {} [
{
suffix = "personal";
port = 5232;
}
{
suffix = "family";
port = 5233;
}
]
builtins.foldl' (sum: cur: lib.recursiveUpdate sum (mkRadicaleService cur)) { } [
{
suffix = "personal";
port = 5232;
}
{
suffix = "family";
port = 5233;
}
]

118
nix/home-manager/programs/zsh.nix
View file

@ -1,29 +1,30 @@
{
config,
lib,
pkgs,
...
}: let
just-plugin = let
plugin_file = pkgs.writeText "_just" ''
#compdef just
#autload
{ config
, lib
, pkgs
, ...
}:
let
just-plugin =
let
plugin_file = pkgs.writeText "_just" ''
#compdef just
#autload
alias justl="\just --list"
alias juste="\just --evaluate"
alias justl="\just --list"
alias juste="\just --evaluate"
local subcmds=()
local subcmds=()
while read -r line ; do
if [[ ! $line == Available* ]] ;
then
subcmds+=(''${line/[[:space:]]*\#/:})
fi
done < <(just --list)
while read -r line ; do
if [[ ! $line == Available* ]] ;
then
subcmds+=(''${line/[[:space:]]*\#/:})
fi
done < <(just --list)
_describe 'command' subcmds
'';
in
_describe 'command' subcmds
'';
in
pkgs.stdenv.mkDerivation {
name = "just-completions";
version = "0.1.0";
@ -35,7 +36,8 @@
chmod --recursive a-w $out
'';
};
in {
in
{
programs.zsh = {
enable = true;
@ -46,47 +48,49 @@ in {
# will be called again by oh-my-zsh
enableCompletion = false;
enableAutosuggestions = true;
initExtra = let
inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")'';
in ''
PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}%f.%F{red} ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f '
RPROMPT=""
initExtra =
let
inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")'';
in
''
PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}%f.%F{red} ($?%))%f %F{blue}%~%f${inNixShell}%F{magenta}$(git_prompt_info)%f$prompt_newline%_%F{%(!.red.green)}$(prompt_char)%f '
RPROMPT=""
# Automatic rehash
zstyle ':completion:*' rehash true
# Automatic rehash
zstyle ':completion:*' rehash true
if [ -f $HOME/.shrc.d/sh_aliases ]; then
. $HOME/.shrc.d/sh_aliases
fi
if [ -f $HOME/.shrc.d/sh_aliases ]; then
. $HOME/.shrc.d/sh_aliases
fi
${
if builtins.hasAttr "homeshick" pkgs
then ''
source ${pkgs.homeshick}/homeshick.sh
fpath=(${pkgs.homeshick}/completions $fpath)
''
else ""
}
${
if builtins.hasAttr "homeshick" pkgs
then ''
source ${pkgs.homeshick}/homeshick.sh
fpath=(${pkgs.homeshick}/completions $fpath)
''
else ""
}
# Disable intercepting of ctrl-s and ctrl-q as flow control.
stty stop ''' -ixoff -ixon
# Disable intercepting of ctrl-s and ctrl-q as flow control.
stty stop ''' -ixoff -ixon
# don't cd into directories when executed
unsetopt AUTO_CD
# don't cd into directories when executed
unsetopt AUTO_CD
# print lines without termination
setopt PROMPT_CR
setopt PROMPT_SP
export PROMPT_EOL_MARK=""
# print lines without termination
setopt PROMPT_CR
setopt PROMPT_SP
export PROMPT_EOL_MARK=""
${lib.optionalString config.services.gpg-agent.enable ''
export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh"
''}
${lib.optionalString config.services.gpg-agent.enable ''
export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh"
''}
${lib.optionalString config.programs.neovim.enable ''
export EDITOR="nvim"
''}
'';
${lib.optionalString config.programs.neovim.enable ''
export EDITOR="nvim"
''}
'';
plugins = [
{
@ -119,7 +123,7 @@ in {
oh-my-zsh = {
enable = true;
theme = "tjkirch";
plugins = ["git" "sudo"];
plugins = [ "git" "sudo" ];
};
};
}