faukah/nichts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: faukah:main
Branches Tags
faukah:main
faukah:website
..
compare: faukah:website
Branches Tags
faukah:main
faukah:website

1 commit
main ... website

Author SHA1 Message Date
Bloxx12
e4ef026a0c website: init 2025-04-26 00:04:55 +02:00
225 changed files with 3674 additions and 9379 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.envrc
View file

@ -1 +1,4 @@
watch_file flake.nix
use flake use flake

207
.github/logo.svg vendored Normal file
View file

@ -0,0 +1,207 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="200"
height="200"
viewBox="0 0 501.56251 501.56249"
id="svg2"
version="1.1"
inkscape:version="1.3.2 (091e20ef0f, 2023-11-25)"
sodipodi:docname="nix-webring.svg"
inkscape:export-filename="nix-webring.png"
inkscape:export-xdpi="107.66355"
inkscape:export-ydpi="107.66355"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<defs
id="defs4">
<linearGradient
inkscape:collect="always"
id="linearGradient5562">
<stop
style="stop-color:#699ad7;stop-opacity:1"
offset="0"
id="stop5564" />
<stop
id="stop5566"
offset="0.24345198"
style="stop-color:#7eb1dd;stop-opacity:1" />
<stop
style="stop-color:#7ebae4;stop-opacity:1"
offset="1"
id="stop5568" />
</linearGradient>
<linearGradient
inkscape:collect="always"
id="linearGradient5053">
<stop
style="stop-color:#415e9a;stop-opacity:1"
offset="0"
id="stop5055" />
<stop
id="stop5057"
offset="0.23168644"
style="stop-color:#4a6baf;stop-opacity:1" />
<stop
style="stop-color:#5277c3;stop-opacity:1"
offset="1"
id="stop5059" />
</linearGradient>
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5053"
id="linearGradient4330"
gradientUnits="userSpaceOnUse"
gradientTransform="translate(864.69589,-1491.3405)"
x1="-584.19934"
y1="782.33563"
x2="-496.29703"
y2="937.71399" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient1"
gradientUnits="userSpaceOnUse"
gradientTransform="rotate(60,1285.574,-127.0267)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient2"
gradientUnits="userSpaceOnUse"
gradientTransform="rotate(-60,-541.80106,-249.3096)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5562"
id="linearGradient3"
gradientUnits="userSpaceOnUse"
gradientTransform="rotate(180,372.09351,-188.18095)"
x1="200.59668"
y1="351.41116"
x2="290.08701"
y2="506.18814" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5053"
id="linearGradient4"
gradientUnits="userSpaceOnUse"
gradientTransform="rotate(120,405.50413,279.20289)"
x1="-584.19934"
y1="782.33563"
x2="-496.29703"
y2="937.71399" />
<linearGradient
inkscape:collect="always"
xlink:href="#linearGradient5053"
id="linearGradient5"
gradientUnits="userSpaceOnUse"
gradientTransform="rotate(-120,-455.57263,-219.8159)"
x1="-584.19934"
y1="782.33563"
x2="-496.29703"
y2="937.71399" />
</defs>
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="0.70710678"
inkscape:cx="428.50671"
inkscape:cy="330.92597"
inkscape:document-units="px"
inkscape:current-layer="g2"
showgrid="false"
inkscape:window-width="2560"
inkscape:window-height="1404"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:snap-global="true"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0"
inkscape:showpageshadow="2"
inkscape:pagecheckerboard="0"
inkscape:deskcolor="#d1d1d1" />
<metadata
id="metadata7">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:groupmode="layer"
id="layer3"
inkscape:label="gradient-logo"
style="display:inline;opacity:1"
transform="translate(-156.41121,933.30685)">
<g
id="g2"
transform="matrix(0.99994059,0,0,0.99994059,-0.06321798,33.188377)"
style="stroke-width:1.00006">
<g
id="g5"
transform="matrix(1.5923554,0,0,1.5923554,-241.25483,424.14882)">
<path
sodipodi:nodetypes="cccccc"
inkscape:connector-curvature="0"
id="use3439-6"
d="m 353.65459,-797.57947 -75.33983,131.03333 -28.53475,-48.37004 14.05181,-24.82625 33.4638,-57.69041 z"
style="fill:url(#linearGradient1);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3.00018;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
<path
sodipodi:nodetypes="cccccc"
inkscape:connector-curvature="0"
id="use3445-0"
d="m 363.03058,-628.3791 150.65887,0.012 -27.6223,48.89684 -28.03684,-0.0386 -66.69326,-0.1353 z"
style="fill:url(#linearGradient2);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3.00018;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
<path
sodipodi:nodetypes="cccccc"
inkscape:connector-curvature="0"
id="use3449-5"
d="m 505.28844,-721.12473 -75.88193,-131.23275 56.15706,-0.5268 14.54791,25.05223 33.22946,57.8257 z"
style="fill:url(#linearGradient3);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3.00018;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:url(#linearGradient4330);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3.00018;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 309.54892,-710.38827 75.60056,130.67022 -56.15706,0.5268 -14.26654,-24.4897 -33.22946,-57.8256 z"
id="path4260-0"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccc" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:url(#linearGradient4);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3.00018;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 451.30201,-803.62004 -150.65887,-0.012 27.62231,-48.89684 28.03683,0.0386 66.69317,0.13525 z"
id="use4354-5"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccc" />
<path
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:url(#linearGradient5);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3.00018;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
d="m 460.90516,-633.96606 75.33983,-131.03333 28.53475,48.37004 -14.05181,24.82625 -33.46371,57.69035 z"
id="use4362-2"
inkscape:connector-curvature="0"
sodipodi:nodetypes="cccccc" />
</g>
</g>
</g>
</svg>
Side by side

After

Width:  |  Height:  |  Size: 8.7 KiB

1
.gitignore vendored
View file

@ -1,2 +1 @@
/.direnv /.direnv
.qmlls.ini

21
TODO.md Normal file
View file

@ -0,0 +1,21 @@
## Todo
This is a list of all the things I still have to fix/achive in this
configuration:
- [ ] Fix apparmor
- [ ] Lanzaboote
- [ ] Remove all `with`
- [ ] better documentation
- [ ] Fix greetd
- [ ] ClamAV
- [ ]
- [ ]
- [ ]
- [ ]
- [ ]
- [ ]
- [ ]
- [ ]
- [ ]
- [ ]

34
default.nix
View file

@ -1,34 +0,0 @@
let
inherit (builtins) filter mapAttrs;
# https://github.com/andir/npins?tab=readme-ov-file#using-the-nixpkgs-fetchers
src = import ./npins;
pkgs = import src.nixpkgs { };
sources = mapAttrs (_: v: v { inherit pkgs; }) src;
inherit (pkgs) lib;
inherit (lib.filesystem) listFilesRecursive;
inherit (lib.strings) hasSuffix;
mkSystem =
hostname:
import (src.nixpkgs + "/nixos/lib/eval-config.nix") {
specialArgs = {
inherit sources;
self = ./.;
};
modules = [
# This is used to pre-emptively set the hostPlatform for nixpkgs.
# Also, we set the system hostname here.
{ networking.hostName = hostname; }
./hosts/common.nix
./hosts/${hostname}
]
++ ((listFilesRecursive ./modules) |> filter (hasSuffix ".mod.nix"));
};
in
{
temperance = mkSystem "temperance";
hermit = mkSystem "hermit";
tower = mkSystem "tower";
}

8
docs/resizing.md Normal file
View file

@ -0,0 +1,8 @@
## Resizing images using imagemagick
I wanted to resize an image using imagemagick.
To do this I had to run:
`magick lain.png -crop 1072x1448^ -gravity center -quality 90 sca.png`
What does this do?

605
flake.lock generated Normal file
View file

@ -0,0 +1,605 @@
{
"nodes": {
"aquamarine": {
"inputs": {
"hyprutils": [
"hyprland",
"hyprutils"
],
"hyprwayland-scanner": [
"hyprland",
"hyprwayland-scanner"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1743265529,
"narHash": "sha256-QbjP15/2N+VJl0b5jxrrTc+VOt39aU4XrDvtP0Lz5ik=",
"owner": "hyprwm",
"repo": "aquamarine",
"rev": "1d2dbd72c2bbaceab031c592d4810f744741d203",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "aquamarine",
"type": "github"
}
},
"crane": {
"locked": {
"lastModified": 1741148495,
"narHash": "sha256-EV8KUaIZ2/CdBXlutXrHoZYbWPeB65p5kKZk71gvDRI=",
"owner": "ipetkov",
"repo": "crane",
"rev": "75390a36cd0c2cdd5f1aafd8a9f827d7107f2e53",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1740872218,
"narHash": "sha256-ZaMw0pdoUKigLpv9HiNDH2Pjnosg7NBYMJlHTIsHEUo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "3876f6b87db82f33775b1ef5ea343986105db764",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"hyprland",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"hyprcursor": {
"inputs": {
"hyprlang": [
"hyprland",
"hyprlang"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1742215578,
"narHash": "sha256-zfs71PXVVPEe56WEyNi2TJQPs0wabU4WAlq0XV7GcdE=",
"owner": "hyprwm",
"repo": "hyprcursor",
"rev": "2fd36421c21aa87e2fe3bee11067540ae612f719",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprcursor",
"type": "github"
}
},
"hyprgraphics": {
"inputs": {
"hyprutils": [
"hyprland",
"hyprutils"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1739049071,
"narHash": "sha256-3+7TpXMrbsUXSwgr5VAKAnmkzMb6JO+Rvc9XRb5NMg4=",
"owner": "hyprwm",
"repo": "hyprgraphics",
"rev": "175c6b29b6ff82100539e7c4363a35a02c74dd73",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprgraphics",
"type": "github"
}
},
"hyprland": {
"inputs": {
"aquamarine": "aquamarine",
"hyprcursor": "hyprcursor",
"hyprgraphics": "hyprgraphics",
"hyprland-protocols": "hyprland-protocols",
"hyprland-qtutils": "hyprland-qtutils",
"hyprlang": "hyprlang",
"hyprutils": "hyprutils",
"hyprwayland-scanner": "hyprwayland-scanner",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks": "pre-commit-hooks",
"systems": [
"systems"
],
"xdph": "xdph"
},
"locked": {
"lastModified": 1744214922,
"narHash": "sha256-136gjyhECXU5t9uFCpWsC4t50lUJnI4PJ9KZsNIaydg=",
"owner": "hyprwm",
"repo": "hyprland",
"rev": "0dc531c4a7d6849f2db61084497b3007e92f470b",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland",
"type": "github"
}
},
"hyprland-protocols": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1743714874,
"narHash": "sha256-yt8F7NhMFCFHUHy/lNjH/pjZyIDFNk52Q4tivQ31WFo=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "3a5c2bda1c1a4e55cc1330c782547695a93f05b2",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-protocols",
"type": "github"
}
},
"hyprland-qt-support": {
"inputs": {
"hyprlang": [
"hyprland",
"hyprland-qtutils",
"hyprlang"
],
"nixpkgs": [
"hyprland",
"hyprland-qtutils",
"nixpkgs"
],
"systems": [
"hyprland",
"hyprland-qtutils",
"systems"
]
},
"locked": {
"lastModified": 1737634706,
"narHash": "sha256-nGCibkfsXz7ARx5R+SnisRtMq21IQIhazp6viBU8I/A=",
"owner": "hyprwm",
"repo": "hyprland-qt-support",
"rev": "8810df502cdee755993cb803eba7b23f189db795",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-qt-support",
"type": "github"
}
},
"hyprland-qtutils": {
"inputs": {
"hyprland-qt-support": "hyprland-qt-support",
"hyprlang": [
"hyprland",
"hyprlang"
],
"hyprutils": [
"hyprland",
"hyprland-qtutils",
"hyprlang",
"hyprutils"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1739048983,
"narHash": "sha256-REhTcXq4qs3B3cCDtLlYDz0GZvmsBSh947Ub6pQWGTQ=",
"owner": "hyprwm",
"repo": "hyprland-qtutils",
"rev": "3504a293c8f8db4127cb0f7cfc1a318ffb4316f8",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-qtutils",
"type": "github"
}
},
"hyprlang": {
"inputs": {
"hyprutils": [
"hyprland",
"hyprutils"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1741191527,
"narHash": "sha256-kM+11Nch47Xwfgtw2EpRitJuORy4miwoMuRi5tyMBDY=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "72df3861f1197e41b078faa3e38eedd60e00018d",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprlang",
"type": "github"
}
},
"hyprutils": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1743950287,
"narHash": "sha256-/6IAEWyb8gC/NKZElxiHChkouiUOrVYNq9YqG0Pzm4Y=",
"owner": "hyprwm",
"repo": "hyprutils",
"rev": "f2dc70e448b994cef627a157ee340135bd68fbc6",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprutils",
"type": "github"
}
},
"hyprwayland-scanner": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1739870480,
"narHash": "sha256-SiDN5BGxa/1hAsqhgJsS03C3t2QrLgBT8u+ENJ0Qzwc=",
"owner": "hyprwm",
"repo": "hyprwayland-scanner",
"rev": "206367a08dc5ac4ba7ad31bdca391d098082e64b",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprwayland-scanner",
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1737831083,
"narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1741442524,
"narHash": "sha256-tVcxLDLLho8dWcO81Xj/3/ANLdVs0bGyCPyKjp70JWk=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "d8099586d9a84308ffedac07880e7f07a0180ff4",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lanzaboote",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1744098102,
"narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"hyprland",
"nixpkgs"
]
},
"locked": {
"lastModified": 1742649964,
"narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore_2",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1740915799,
"narHash": "sha256-JvQvtaphZNmeeV+IpHgNdiNePsIpHD5U/7QN5AeY44A=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "42b1ba089d2034d910566bf6b40830af6b8ec732",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"hyprland": "hyprland",
"impermanence": "impermanence",
"lanzaboote": "lanzaboote",
"nixpkgs": "nixpkgs",
"systems": "systems"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741228283,
"narHash": "sha256-VzqI+k/eoijLQ5am6rDFDAtFAbw8nltXfLBC6SIEJAE=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "38e9826bc4296c9daf18bc1e6aa299f3e932a403",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"xdph": {
"inputs": {
"hyprland-protocols": [
"hyprland",
"hyprland-protocols"
],
"hyprlang": [
"hyprland",
"hyprlang"
],
"hyprutils": [
"hyprland",
"hyprutils"
],
"hyprwayland-scanner": [
"hyprland",
"hyprwayland-scanner"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1741934139,
"narHash": "sha256-ZhTcTH9FoeAtbPfWGrhkH7RjLJZ7GeF18nygLAMR+WE=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "150b0b6f52bb422a1b232a53698606fe0320dde0",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

80
flake.nix
View file

@ -1,43 +1,53 @@
{ {
description = "My NixOS config flake"; description = "My NixOS config flake";
outputs = inputs: let
pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
eachSystem = inputs.nixpkgs.lib.genAttrs (import inputs.systems);
pkgsFor = inputs.nixpkgs.legacyPackages;
in {
nixosConfigurations = import ./hosts inputs;
# No inputs, take this flakers devShells.x86_64-linux.default = pkgs.callPackage ./shell.nix {};
outputs = formatter.x86_64-linux = pkgs.alejandra;
_:
let
sources = import ./npins;
nixpkgs =
(import sources.flake-compat {
src = sources.nixpkgs;
copySourceTreeToStore = false;
useBuiltinsFetchTree = true;
}).outputs;
inherit (nixpkgs) lib;
pkgsFor = nixpkgs.legacyPackages;
inputs = sources;
in
{
nixosConfigurations = import ./default.nix;
packages = lib.mapAttrs (_: pkgs: { packages = eachSystem (
inherit system: {
(import ./packages { inherit (import ./packages pkgsFor.${system}) fish helix kakoune;
inherit inputs pkgs sources; }
}) );
fish
kakoune
;
}) pkgsFor;
devShells = lib.mapAttrs (_: pkgs: {
default = pkgs.mkShellNoCC {
packages = [
(pkgs.callPackage (sources.npins + "/npins.nix") { })
];
env.NPINS_OVERRIDE_nichts = ".";
};
}) pkgsFor;
templates = import ./templates; apps = eachSystem (system: let
inherit (inputs.self.packages.${system}) fish helix;
in {
default = {
type = "app";
program = "${fish}/bin/fish";
};
helix = {
type = "app";
program = "${helix}/bin/hx";
};
});
};
inputs = {
# Unstable nixpkgs baby!
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
systems.url = "github:nix-systems/default-linux";
impermanence.url = "github:nix-community/impermanence";
# secure booting
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs.nixpkgs.follows = "nixpkgs";
}; };
hyprland = {
url = "github:hyprwm/hyprland";
inputs.nixpkgs.follows = "nixpkgs";
inputs.systems.follows = "systems";
};
};
} }

78
hosts/common.nix
View file

@ -3,48 +3,44 @@
# since these also get installed to server, # since these also get installed to server,
# which should have a small attack surface. # which should have a small attack surface.
{ {
lib, self,
pkgs, pkgs,
... ...
}: }: let
let inherit (self.packages.${pkgs.stdenv.system}) helix fish;
inherit (lib.meta) hiPrioSet; in {
in environment.systemPackages = builtins.attrValues {
{ inherit
environment.systemPackages = (pkgs)
builtins.attrValues { cachix
inherit (pkgs) calc
cachix difftastic
calc eza
delta gcc
difftastic git
eza httpie
gcc inetutils
git jujutsu
httpie just
inetutils lazygit
jujutsu links2
just linuxHeaders
lazygit neofetch
linuxHeaders microfetch
neofetch mprocs
microfetch nmap
mprocs polkit
nmap ripgrep
ripgrep smartmontools
smartmontools television
television trash-cli
trash-cli util-linux
util-linux wireguard-tools
w3m zip
wireguard-tools zoxide
zip ;
zoxide inherit helix fish;
; };
}
++ builtins.attrValues (hiPrioSet {
})
++ [ (lib.hiPrio pkgs.uutils-coreutils-noprefix) ];
# helix as the only editor, a reasonable choice. # helix as the only editor, a reasonable choice.
environment.variables.EDITOR = "hx"; environment.sessionVariables.EDITOR = pkgs.lib.getExe' helix "hx";
} }

60
hosts/default.nix
View file

@ -1,12 +1,7 @@
{ inputs: let
sources, inherit (inputs) self;
nixpkgs,
self,
...
}:
let
inherit (builtins) filter map toString; inherit (builtins) filter map toString;
inherit (nixpkgs) lib; inherit (inputs.nixpkgs) lib;
inherit (lib.attrsets) recursiveUpdate; inherit (lib.attrsets) recursiveUpdate;
inherit (lib.filesystem) listFilesRecursive; inherit (lib.filesystem) listFilesRecursive;
inherit (lib.lists) concatLists flatten singleton; inherit (lib.lists) concatLists flatten singleton;
@ -15,41 +10,44 @@ let
# NOTE: This was inspired by raf, and I find this # NOTE: This was inspired by raf, and I find this
# to be quite a sane way of managing all modules in my flake. # to be quite a sane way of managing all modules in my flake.
mkSystem = mkSystem = {
{ system,
system, hostname,
hostname, ...
... } @ args:
}@args:
nixosSystem { nixosSystem {
specialArgs = recursiveUpdate { specialArgs =
inherit lib; recursiveUpdate
inputs = sources; {
inherit self; inherit lib;
} args.specialArgs or { }; inherit inputs;
inherit self;
}
(args.specialArgs or {});
modules = concatLists [ modules = concatLists [
# This is used to pre-emptively set the hostPlatform for nixpkgs. # This is used to pre-emptively set the hostPlatform for nixpkgs.
# Also, we set the system hostname here. # Also, we set the system hostname here.
[
# self.nixosModules.user
]
(singleton { (singleton {
networking.hostName = hostname; networking.hostName = hostname;
nixpkgs.hostPlatform = system; nixpkgs.hostPlatform = system;
}) })
( (flatten (
concatLists [ concatLists [
# configuration for the host, passed as an argument.
(singleton ./${hostname}/default.nix) (singleton ./${hostname}/default.nix)
# common configuration, which all hosts share.
(singleton ./common.nix) (singleton ./common.nix)
# Import all files called module.nix from my modules directory. (
(map toString (listFilesRecursive ../modules) |> filter (hasSuffix "module.nix")) filter (hasSuffix "module.nix") (
(map toString (listFilesRecursive ../modules) |> filter (hasSuffix ".mod.nix")) map toString (listFilesRecursive ../modules)
)
)
] ]
|> flatten ))
)
]; ];
}; };
in in {
{
temperance = mkSystem { temperance = mkSystem {
system = "x86_64-linux"; system = "x86_64-linux";
hostname = "temperance"; hostname = "temperance";
@ -63,8 +61,4 @@ in
system = "aarch64-linux"; system = "aarch64-linux";
hostname = "tower"; hostname = "tower";
}; };
# world = mkSystem {
# system = "x86_64-linux";
# hostname = "world";
# };
} }

46
hosts/hermit/configuration.nix
View file

@ -2,49 +2,38 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: {
{
# Time Zone # Time Zone
time.timeZone = "Europe/Zurich"; time.timeZone = "Europe/Zurich";
# Select internationalisation properties. # Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
console.keyMap = "uk"; console.keyMap = "uk";
security.polkit.enable = true;
programs.kdeconnect.enable = false;
programs.nix-ld.enable = false;
boot.kernelPackages = pkgs.linuxPackages_xanmod_latest; boot.kernelPackages = pkgs.linuxPackages_xanmod_latest;
services = { services = {
fstrim.enable = lib.mkDefault true; fstrim.enable = lib.mkDefault true;
thermald.enable = true; thermald.enable = true;
}; auto-cpufreq.enable = true;
programs = { printing.enable = true;
nix-ld.enable = false; avahi = {
gnupg.agent = {
enable = true; enable = true;
pinentryPackage = pkgs.pinentry-qt; nssmdns4 = true;
openFirewall = true;
}; };
}; };
modules = { modules = {
wms.wayland.enable = true; desktops.hyprland.enable = true;
# desktops.niri.enable = true;
theming = {
gtk.enable = true;
quickshell.enable = true;
};
system = { system = {
systemType = "laptop"; boot.systemd-boot.enable = true;
isGraphical = true;
boot = {
systemd-boot.enable = true;
lanzaboote.enable = true;
};
impermanence.enable = false; impermanence.enable = false;
services = { services = {
owncloud.enable = true; owncloud.enable = true;
}; };
hardware = { hardware = {
nvidia.enable = false; nvidia.enable = true;
intel.enable = true; intel.enable = true;
bluetooth = { bluetooth = {
enable = true; enable = true;
@ -55,15 +44,19 @@
editors = { editors = {
helix.enable = true; helix.enable = true;
}; };
# nushell.enable = true;
# starship.enable = true;
terminals = {
foot.enable = true;
};
}; };
sound.enable = true; sound.enable = true;
}; };
services = { services = {
locate.enable = true; locate.enable = true;
kanata.enable = true; kanata.enable = true;
uwsm.enable = false; uwsm.enable = true;
greetd.enable = false; greetd.enable = true;
cups.enable = true;
media.mpd = { media.mpd = {
enable = true; enable = true;
@ -76,7 +69,6 @@
ssh.enable = true; ssh.enable = true;
btop.enable = true; btop.enable = true;
nh.enable = true; nh.enable = true;
thunar.enable = true;
}; };
}; };
system.stateVersion = "23.11"; system.stateVersion = "23.11";

20
hosts/hermit/filesystem/default.nix
View file

@ -1,7 +1,6 @@
{ {
config = { config = {
boot.initrd.luks.devices."cryptroot".device = boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/10318654-ed20-43f6-885d-35366a427581";
"/dev/disk/by-uuid/10318654-ed20-43f6-885d-35366a427581";
fileSystems = { fileSystems = {
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/5D7D-FC52"; device = "/dev/disk/by-uuid/5D7D-FC52";
@ -11,28 +10,17 @@
"/" = { "/" = {
device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e"; device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e";
fsType = "btrfs"; fsType = "btrfs";
options = [ options = ["compress=zstd" "noatime"];
"compress=zstd"
"noatime"
];
}; };
"/nix" = { "/nix" = {
device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e"; device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e";
fsType = "btrfs"; fsType = "btrfs";
options = [ options = ["subvol=nix" "compress=zstd" "noatime"];
"subvol=nix"
"compress=zstd"
"noatime"
];
}; };
"/home" = { "/home" = {
device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e"; device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e";
fsType = "btrfs"; fsType = "btrfs";
options = [ options = ["subvol=home" "compress=zstd" "noatime"];
"subvol=home"
"compress=zstd"
"noatime"
];
}; };
}; };
# swapDevices = [ # swapDevices = [

51
hosts/hermit/hardware-configuration.nix
View file

@ -6,53 +6,16 @@
lib, lib,
modulesPath, modulesPath,
... ...
}: }: {
{
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot = { boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
initrd = { boot.initrd.kernelModules = [];
availableKernelModules = [ boot.kernelModules = ["kvm-intel"];
"xhci_pci" boot.kernelParams = ["mem_sleep_default=deep"];
"ahci" boot.extraModulePackages = [];
"nvme"
"usb_storage"
"sd_mod"
"rtsx_pci_sdmmc"
];
kernelModules = [ ];
};
kernelModules = [ "kvm-intel" ];
blacklistedKernelModules = [
"nouveau"
"nvidia"
"nvidia_drm"
"nvidia_modeset"
];
kernelParams = [ "mem_sleep_default=deep" ];
extraModulePackages = [ ];
extraModprobeConfig = ''
blacklist nouveau
options nouveau modeset=0
'';
};
services.udev.extraRules = ''
# Remove NVIDIA USB xHCI Host Controller devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{power/control}="auto", ATTR{remove}="1"
# Remove NVIDIA USB Type-C UCSI devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{power/control}="auto", ATTR{remove}="1"
# Remove NVIDIA Audio devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{power/control}="auto", ATTR{remove}="1"
# Remove NVIDIA VGA/3D controller devices
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x03[0-9]*", ATTR{power/control}="auto", ATTR{remove}="1"
'';
# swapDevices = # swapDevices =
# [ { device = "/dev/disk/by-uuid/3518272e-1051-41e2-a7f0-f5c744e46789"; } # [ { device = "/dev/disk/by-uuid/3518272e-1051-41e2-a7f0-f5c744e46789"; }
@ -63,6 +26,8 @@
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp59s0.useDHCP = lib.mkDefault true;
# Enable firmware updates via `fwupdmgr`. # Enable firmware updates via `fwupdmgr`.
services.fwupd.enable = lib.mkDefault true; services.fwupd.enable = lib.mkDefault true;

2
hosts/hermit/hardware/default.nix
View file

@ -1 +1 @@
_: { imports = [ ./monitors.nix ]; } _: {imports = [./monitors.nix];}

6
hosts/hermit/kernel/default.nix
View file

@ -3,10 +3,8 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
xanmod_custom = callPackage ./xanmod.nix; xanmod_custom = callPackage ./xanmod.nix;
in in {
{
boot.kernelPackages = xanmod_custom; boot.kernelPackages = xanmod_custom;
} }

52
hosts/hermit/programs.nix
View file

@ -1,26 +1,29 @@
{pkgs, ...}: { {
self,
pkgs,
...
}: {
environment.systemPackages = builtins.attrValues { environment.systemPackages = builtins.attrValues {
inherit inherit
(pkgs) (pkgs)
abook
aerc
aichat
alsa-utils alsa-utils
anki anki
asciinema asciinema
bacon
brave
cachix cachix
calc calc
cargo-info # calibre
cbonsai cbonsai
cinny-desktop cinny-desktop
cmus cmus
comma
difftastic difftastic
dua element
element-desktop
emacs30-pgtk
evince evince
eza eza
fselect firefox
fftw
gcc gcc
gh gh
grc grc
@ -31,48 +34,67 @@
httpie httpie
hyperfine hyperfine
imagemagick imagemagick
img2pdf
impala impala
imv imv
inetutils inetutils
jujutsu jujutsu
just just
jrnl
keepassxc keepassxc
lazygit lazygit
libtool libtool
librewolf librewolf
links2 links2
linuxHeaders linuxHeaders
mprocs moc
mpv mpv
ncmpcpp
neofetch
networkmanagerapplet networkmanagerapplet
nicotine-plus
nil
nitch nitch
obsidian obsidian
swww
microfetch microfetch
nmap nmap
pamixer pamixer
pwvucontrol pavucontrol
pdfarranger pdfarranger
pdfpc pdfpc
pfetch pfetch
pidgin
playerctl playerctl
presenterm polkit
pulsemixer pulsemixer
python3
ripgrep ripgrep
rmpc rmpc
rusty-man
signal-desktop signal-desktop
smartmontools smartmontools
telegram-desktop telegram-desktop
texliveFull
tldr
thunderbird thunderbird
tor-browser
trash-cli trash-cli
typst typst
util-linux util-linux
v4l-utils v4l-utils
vesktop
vlc vlc
wiki-tui vscodium
weechat
wireguard-tools wireguard-tools
xournalpp xournalpp
zathura zapzap
zip
zoxide
kakoune
kakoune-lsp
television
; ;
inherit (self.packages.${pkgs.stdenv.system}) helix;
}; };
} }

38
hosts/temperance/configuration.nix
View file

@ -3,31 +3,46 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
{ inherit
(
pkgs.callPackage ./kernel/xanmod.nix {
inherit lib;
inherit
(pkgs)
stdenv
fetchFromGitHub
kernelPatches
buildLinux
variant
;
}
)
xanmod_blox
;
in {
# Time Zone # Time Zone
time.timeZone = "Europe/Zurich"; time.timeZone = "Europe/Zurich";
# Select internationalisation properties. # Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
console.keyMap = "us"; console.keyMap = "us";
security.polkit.enable = true;
# boot.kernelPackages = pkgs.linuxPackagesFor xanmod_blox; # boot.kernelPackages = pkgs.linuxPackagesFor xanmod_blox;
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_xanmod_latest;
programs.nix-ld.enable = true; programs.nix-ld.enable = true;
services = { services = {
fstrim.enable = lib.mkDefault true; fstrim.enable = lib.mkDefault true;
udisks2.enable = true; udisks2.enable = true;
system76-scheduler = {
enable = true;
};
}; };
virtualisation.docker.enable = true;
meta = { meta = {
mainUser.gitSigningKey = ""; mainUser.gitSigningKey = "";
}; };
modules = { modules = {
system = { system = {
isGraphical = true;
impermanence.enable = true; impermanence.enable = true;
boot = { boot = {
systemd-boot.enable = true; systemd-boot.enable = true;
@ -49,11 +64,10 @@
nvidia.enable = true; nvidia.enable = true;
}; };
}; };
desktops.niri.enable = true; desktops.hyprland.enable = true;
theming = { theming = {
gtk.enable = true; gtk.enable = true;
quickshell.enable = true;
}; };
services = { services = {
@ -65,8 +79,8 @@
enable = true; enable = true;
musicDirectory = "/home/${config.modules.other.system.username}/cloud/media/Music"; musicDirectory = "/home/${config.modules.other.system.username}/cloud/media/Music";
}; };
# uwsm.enable = true; uwsm.enable = true;
# greetd.enable = true; greetd.enable = true;
}; };
other = { other = {
system = { system = {
@ -75,8 +89,8 @@
}; };
programs = { programs = {
ssh.enable = true; ssh.enable = true;
btop.enable = true;
nh.enable = true; nh.enable = true;
thunar.enable = true;
}; };
}; };
} }

33
hosts/temperance/filesystem/default.nix
View file

@ -1,7 +1,6 @@
{ {
config = { config = {
boot.initrd.luks.devices."cryptroot".device = boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/96e8f3d6-8d2d-4e2d-abd9-3eb7f48fed02";
"/dev/disk/by-uuid/96e8f3d6-8d2d-4e2d-abd9-3eb7f48fed02";
fileSystems = { fileSystems = {
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/B3AC-9050"; device = "/dev/disk/by-uuid/B3AC-9050";
@ -11,49 +10,29 @@
"/" = { "/" = {
device = "none"; device = "none";
fsType = "tmpfs"; fsType = "tmpfs";
options = [ options = ["defaults" "size=40%" "mode=755"];
"defaults"
"size=40%"
"mode=755"
];
}; };
"/nix" = { "/nix" = {
device = "/dev/disk/by-uuid/f0569993-722e-4721-b0d9-8ac537a7a548"; device = "/dev/disk/by-uuid/f0569993-722e-4721-b0d9-8ac537a7a548";
fsType = "btrfs"; fsType = "btrfs";
options = [ options = ["subvol=nix" "compress=zstd" "noatime"];
"subvol=nix"
"compress=zstd"
"noatime"
];
}; };
"/persist" = { "/persist" = {
device = "/dev/disk/by-uuid/f0569993-722e-4721-b0d9-8ac537a7a548"; device = "/dev/disk/by-uuid/f0569993-722e-4721-b0d9-8ac537a7a548";
neededForBoot = true; neededForBoot = true;
fsType = "btrfs"; fsType = "btrfs";
options = [ options = ["subvol=persist" "compress=zstd" "noatime"];
"subvol=persist"
"compress=zstd"
"noatime"
];
}; };
"/home" = { "/home" = {
device = "/dev/disk/by-uuid/f0569993-722e-4721-b0d9-8ac537a7a548"; device = "/dev/disk/by-uuid/f0569993-722e-4721-b0d9-8ac537a7a548";
fsType = "btrfs"; fsType = "btrfs";
options = [ options = ["subvol=home" "compress=zstd" "noatime"];
"subvol=home"
"compress=zstd"
"noatime"
];
}; };
"/swap" = { "/swap" = {
device = "/dev/disk/by-uuid/f0569993-722e-4721-b0d9-8ac537a7a548"; device = "/dev/disk/by-uuid/f0569993-722e-4721-b0d9-8ac537a7a548";
fsType = "btrfs"; fsType = "btrfs";
options = [ options = ["subvol=swap" "compress=lzo" "noatime"];
"subvol=swap"
"compress=lzo"
"noatime"
];
}; };
}; };
swapDevices = [ swapDevices = [

25
hosts/temperance/hardware-configuration.nix
View file

@ -3,22 +3,13 @@
lib, lib,
modulesPath, modulesPath,
... ...
}: }: {
{ imports = [(modulesPath + "/installer/scan/not-detected.nix")];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = { boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "sd_mod"];
initrd.availableKernelModules = [ boot.initrd.kernelModules = [];
"xhci_pci" boot.kernelModules = [];
"ahci" boot.extraModulePackages = [];
"nvme"
"usbhid"
"sd_mod"
];
initrd.kernelModules = [ ];
kernelModules = [ ];
extraModulePackages = [ ];
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
@ -27,5 +18,7 @@
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

2
hosts/temperance/hardware/default.nix
View file

@ -1 +1 @@
_: { imports = [ ./monitors.nix ]; } _: {imports = [./monitors.nix];}

6
hosts/temperance/kernel/default.nix
View file

@ -3,10 +3,8 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
xanmod_custom = callPackage ./xanmod.nix; xanmod_custom = callPackage ./xanmod.nix;
in in {
{
boot.kernelPackages = xanmod_custom; boot.kernelPackages = xanmod_custom;
} }

6
hosts/temperance/kernel/unused.nix
View file

@ -1,10 +1,8 @@
{ lib, ... }: {lib, ...}: let
let
inherit (lib.kernel) no unset; inherit (lib.kernel) no unset;
inherit (lib.attrsets) mapAttrs; inherit (lib.attrsets) mapAttrs;
inherit (lib.modules) mkForce; inherit (lib.modules) mkForce;
in in {
{
boot.kernelPatches = [ boot.kernelPatches = [
{ {
name = "disable-unused-features"; name = "disable-unused-features";

15
hosts/temperance/kernel/xanmod.nix
View file

@ -4,8 +4,7 @@
buildLinux, buildLinux,
kernelPatches, kernelPatches,
... ...
}: }: let
let
pname = "linux-xanmod"; pname = "linux-xanmod";
version = "6.11.5"; version = "6.11.5";
vendorSuffix = "xanmod1"; vendorSuffix = "xanmod1";
@ -59,17 +58,17 @@ let
}; };
}) })
# 1:1 taken from raf's custom kernel, check out his config for this. # 1:1 taken from raf's custom kernel, check out his config for this.
.overrideAttrs .overrideAttrs (oa: {
(oa: { prePatch =
prePatch = oa.prePatch or "" + '' (oa.prePatch or "")
+ ''
# bragging rights # bragging rights
echo "Replacing localversion with custom suffix" echo "Replacing localversion with custom suffix"
substituteInPlace localversion \ substituteInPlace localversion \
--replace-fail "xanmod1" "blox" --replace-fail "xanmod1" "blox"
''; '';
}); });
in in {
{
inherit inherit
xanmod_blox xanmod_blox
; ;

46
hosts/temperance/programs.nix
View file

@ -1,19 +1,24 @@
{ pkgs, ... }: {pkgs, ...}: let
{ in {
environment.systemPackages = builtins.attrValues { environment.systemPackages = builtins.attrValues {
inherit (pkgs) inherit
(pkgs)
alsa-utils alsa-utils
anki anki
asciinema asciinema
beets beets
brave
bubblewrap bubblewrap
cachix cachix
calc calc
calibre calibre
carapace cinny-desktop
comma
digikam digikam
difftastic difftastic
dnsutils dnsutils
devenv
element-desktop
evince evince
gcc gcc
gh gh
@ -28,40 +33,48 @@
impala impala
imv imv
inetutils inetutils
inshellisense joplin-desktop
jujutsu jujutsu
julia
just just
keepassxc keepassxc
lazygit lazygit
librewolf librewolf
libtool libtool
logiops logiops
mergiraf
mpv mpv
nautilus nautilus
nextcloud-client
nheko
nicotine-plus nicotine-plus
obsidian obsidian
oculante swww
pandoc pandoc
pavucontrol pavucontrol
pdfarranger pdfarranger
picard picard
polkit
pulsemixer pulsemixer
python3
pwvucontrol pwvucontrol
qbittorrent qbittorrent
r2modman
radare2 radare2
ripgrep ripgrep
rmpc rmpc
ruby_3_2
signal-desktop signal-desktop
starship strawberry
telegram-desktop telegram-desktop
texliveFull
thunderbird thunderbird
topiary
tor-browser tor-browser
trash-cli trash-cli
tutanota-desktop
typst typst
vesktop vscodium
vivid walker
wayneko
wireguard-tools wireguard-tools
xdg-utils xdg-utils
xournalpp xournalpp
@ -69,13 +82,10 @@
zathura zathura
zotero zotero
zoxide zoxide
curl ;
git inherit
wget (pkgs.wineWowPackages)
unzip waylandFull
zip
util-linux
zed-editor
; ;
}; };
} }

18
hosts/tower/configuration.nix
View file

@ -2,15 +2,16 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: {
{
# Time Zone # Time Zone
time.timeZone = "Europe/Vienna"; time.timeZone = "Europe/Vienna";
# Select internationalisation properties. # Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
console.keyMap = "uk"; console.keyMap = "uk";
security.polkit.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest; # boot.kernelPackages = pkgs.linuxPackagesFor xanmod_blox;
# boot.kernelPackages = pkgs.linuxPackages_xanmod_latest;
programs.nix-ld.enable = true; programs.nix-ld.enable = true;
users.users."cr".openssh.authorizedKeys.keys = [ users.users."cr".openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPiRe9OH/VtWFWyy5QbAVcN7CLxr4zUtRCwmxD6aeN6" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPiRe9OH/VtWFWyy5QbAVcN7CLxr4zUtRCwmxD6aeN6"
@ -28,15 +29,8 @@
locate.enable = true; locate.enable = true;
}; };
system = { system = {
boot = { boot.grub.enable = true;
grub.enable = true; services.forgejo.enable = true;
timeout = 30;
};
services = {
forgejo.enable = true;
grafana.enable = true;
prometheus.enable = true;
};
programs = { programs = {
editors = { editors = {
helix.enable = true; helix.enable = true;

2
hosts/tower/filesystem/default.nix
View file

@ -8,7 +8,7 @@
"/" = { "/" = {
device = "/dev/disk/by-uuid/3a781f2e-290a-4609-9035-a93374459def"; device = "/dev/disk/by-uuid/3a781f2e-290a-4609-9035-a93374459def";
fsType = "ext4"; fsType = "ext4";
options = [ "noatime" ]; options = ["noatime"];
}; };
}; };
} }

19
hosts/tower/hardware-configuration.nix
View file

@ -2,24 +2,17 @@
lib, lib,
modulesPath, modulesPath,
... ...
}: }: {
{
imports = [ imports = [
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
]; ];
boot = { boot.initrd.availableKernelModules = ["xhci_pci" "virtio_scsi" "sr_mod"];
initrd.availableKernelModules = [ boot.initrd.kernelModules = [];
"xhci_pci" boot.kernelModules = [];
"virtio_scsi" boot.extraModulePackages = [];
"sr_mod"
];
initrd.kernelModules = [ ];
kernelModules = [ ];
extraModulePackages = [ ];
};
swapDevices = [ ]; swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

6
hosts/tower/programs.nix
View file

@ -1,7 +1,7 @@
{ pkgs, ... }: {pkgs, ...}: {
{
environment.systemPackages = builtins.attrValues { environment.systemPackages = builtins.attrValues {
inherit (pkgs) inherit
(pkgs)
; ;
}; };
} }

51
hosts/world/configuration.nix
View file

@ -1,51 +0,0 @@
{
lib,
pkgs,
...
}:
{
# Time Zone
time.timeZone = "Europe/Zurich";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console.keyMap = "uk";
programs.nix-ld.enable = false;
boot.kernelPackages = pkgs.linuxPackages_xanmod_latest;
services = {
fstrim.enable = lib.mkDefault true;
thermald.enable = true;
};
modules = {
desktops.hyprland.enable = true;
system = {
boot.systemd-boot.enable = true;
impermanence.enable = false;
hardware = {
intel.enable = true;
};
programs = {
editors = {
helix.enable = true;
};
terminals = {
foot.enable = true;
};
};
};
services = {
kanata.enable = true;
};
other = {
system.username = "cr";
};
programs = {
ssh.enable = true;
btop.enable = true;
nh.enable = true;
thunar.enable = true;
};
};
system.stateVersion = "23.11";
}

8
hosts/world/default.nix
View file

@ -1,8 +0,0 @@
_: {
imports = [
./configuration.nix
./programs.nix
./hardware-configuration.nix
./hardware
];
}

45
hosts/world/filesystem/default.nix
View file

@ -1,45 +0,0 @@
{
config = {
boot.initrd.luks.devices."cryptroot".device =
"/dev/disk/by-uuid/10318654-ed20-43f6-885d-35366a427581";
fileSystems = {
"/boot" = {
device = "/dev/disk/by-uuid/5D7D-FC52";
fsType = "vfat";
};
"/" = {
device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e";
fsType = "btrfs";
options = [
"compress=zstd"
"noatime"
];
};
"/nix" = {
device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e";
fsType = "btrfs";
options = [
"subvol=nix"
"compress=zstd"
"noatime"
];
};
"/home" = {
device = "/dev/disk/by-uuid/e353013b-8ac7-40ed-80f2-ddbea21b8d5e";
fsType = "btrfs";
options = [
"subvol=home"
"compress=zstd"
"noatime"
];
};
};
# swapDevices = [
# {
# device = "/swap/swapfile";
# size = (1024 * 16) + (1024 * 2);
# }
# ];
};
}

48
hosts/world/hardware-configuration.nix
View file

@ -1,48 +0,0 @@
{
config,
lib,
modulesPath,
...
}:
{
imports = [
# (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"sd_mod"
"rtsx_pci_sdmmc"
];
kernelModules = [ ];
};
kernelModules = [ "kvm-intel" ];
blacklistedKernelModules = [
"nouveau"
"nvidia"
"nvidia_drm"
"nvidia_modeset"
];
kernelParams = [ "mem_sleep_default=deep" ];
extraModulePackages = [ ];
extraModprobeConfig = ''
blacklist nouveau
options nouveau modeset=0
'';
};
# Earlier font setup
console.earlySetup = true;
# Enable firmware updates via `fwupdmgr`.
services.fwupd.enable = lib.mkDefault true;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

1
hosts/world/hardware/default.nix
View file

@ -1 +0,0 @@
_: { imports = [ ./monitors.nix ]; }

16
hosts/world/hardware/monitors.nix
View file

@ -1,16 +0,0 @@
_: {
modules.system.hardware.monitors = {
eDP-1 = {
resolution = {
x = 1920;
y = 1080;
};
scale = 1;
refreshRate = 60;
position = {
x = 1920;
y = 0;
};
};
};
}

41
hosts/world/programs.nix
View file

@ -1,41 +0,0 @@
{
self,
pkgs,
...
}:
{
environment.systemPackages = builtins.attrValues {
inherit (pkgs)
calc
comma
difftastic
evince
eza
gcc
gh
grc
gparted
git
httpie
imagemagick
img2pdf
imv
inetutils
jujutsu
just
lazygit
libtool
librewolf
linuxHeaders
mpv
networkmanagerapplet
microfetch
nmap
pfetch
ripgrep
smartmontools
util-linux
wireguard-tools
;
};
}

481
modules/home/dev/helix.hjem.nix
View file

@ -1,481 +0,0 @@
{
lib,
pkgs,
sources,
...
}:
let
inherit (lib.attrsets) mapAttrs' nameValuePair;
inherit (lib.meta) getExe;
helix = pkgs.helix.overrideAttrs (
finalAttrs: _: {
version = "25.07.2";
src = pkgs.fetchzip {
url = "https://github.com/bloxx12/helix/releases/download/${finalAttrs.version}/helix-${finalAttrs.version}-source.tar.xz";
hash = "sha256-ZNsQwFfPXe6oewajx1tl68W60kVo7q2SuvTgy/o1HKk=";
stripRoot = false;
};
doInstallCheck = false;
cargoDeps = pkgs.rustPlatform.fetchCargoVendor {
inherit (helix) src;
hash = "sha256-3poZSvIrkx8lguxxDeNfngW6+4hH8TV/LHcZx5W5aXg=";
};
}
);
toml = pkgs.formats.toml { };
languages =
let
inherit (lib.meta) getExe getExe';
nixfmt = pkgs.callPackage "${sources.nixfmt}/default.nix" { };
nil = pkgs.rustPlatform.buildRustPackage {
pname = "nil";
version = "unstable";
src = sources.nil;
cargoLock = {
lockFile = "${sources.nil}/Cargo.lock";
allowBuiltinFetchGit = false;
};
nativeBuildInputs = [ pkgs.nixVersions.latest ];
doInstallCheck = false;
meta.mainProgram = "nil";
};
new-deadnix = pkgs.deadnix.overrideAttrs (
_: _: {
version = "unstable-15-07-2025";
src = pkgs.fetchFromGitHub {
owner = "astro";
repo = "deadnix";
rev = "d75457b95d7cfa82fcd60970939f76fccfce19e5";
hash = "sha256-O/z2neAXL8JNkGosvxC+DyZnnJ8zYP9XHApxHVmlzfY=";
};
doInstallCheck = false;
cargoDeps = pkgs.rustPlatform.fetchCargoVendor {
inherit (new-deadnix) src;
hash = "sha256-O8yhqyPflOvQXAA19k1XpbrHysgV5VNWLBX0l5Q5GkM=";
};
meta.mainProgram = "nil";
}
);
in
{
language =
let
mark = lang: {
command = getExe pkgs.deno;
args = [
"fmt"
"-"
"--ext"
lang
];
};
in
[
{
name = "bash";
auto-format = true;
formatter = {
command = getExe pkgs.shfmt;
args = [
"-i"
"2"
];
};
}
{
name = "clojure";
injection-regex = "(clojure|clj|edn|boot|yuck)";
file-types = [
"clj"
"cljs"
"cljc"
"clje"
"cljr"
"cljx"
"edn"
"boot"
"yuck"
];
}
{
name = "cmake";
auto-format = true;
language-servers = [ "cmake-language-server" ];
formatter = {
command = getExe pkgs.cmake-format;
args = [ "-" ];
};
}
{
name = "javascript";
auto-format = true;
language-servers = [
"dprint"
"typescript-language-server"
];
}
{
name = "json";
formatter = mark "json";
}
{
name = "markdown";
auto-format = true;
formatter = mark "md";
language-servers = [ "taplo" ];
}
{
name = "nix";
language-servers = [
"nil"
"deadnix"
];
}
{
name = "qml";
language-servers = [ "qmlls" ];
}
{
name = "python";
auto-format = true;
language-servers = [
"basedpyright"
"ruff"
];
}
{
name = "typescript";
auto-format = true;
language-servers = [
"dprint"
"typescript-language-server"
];
}
{
name = "rust";
}
{
name = "c";
auto-format = true;
language-servers = [ "clangd" ];
}
{
name = "zig";
auto-format = true;
}
{
name = "c";
}
];
language-server = {
bash-language-server = {
command = getExe pkgs.bash-language-server;
args = [ "start" ];
};
rust-analyzer = {
command = getExe pkgs.rust-analyzer;
config.rust-analyzer = {
checkOnSave.command = "clippy";
procMacro.enable = true;
cargo = {
loadOutDirsFromCheck = true;
features = "all";
};
assist = {
preferSelf = true;
};
check = {
command = "clippy";
extraArgs = [
"--"
"-W"
"clippy::pedantic"
"-W"
"clippy::nursery"
"-W"
"clippy::perf"
];
};
lens = {
references = true;
methodReferences = true;
};
completion.autoimport.enable = true;
experimental.procAttrMacros = true;
interpret.tests = true;
};
};
clangd = {
command = "${pkgs.clang-tools}/bin/clangd";
clangd.fallbackFlags = [ "-std=c++2b" ];
};
cmake-language-server = {
command = getExe pkgs.cmake-language-server;
};
deno-lsp = {
command = getExe pkgs.deno;
args = [ "lsp" ];
environment.NO_COLOR = "1";
config.deno = {
enable = true;
lint = true;
unstable = true;
suggest = {
completeFunctionCalls = false;
imports = {
hosts."https://deno.land" = true;
};
};
inlayHints = {
enumMemberValues.enabled = true;
functionLikeReturnTypes.enabled = true;
parameterNames.enabled = "all";
parameterTypes.enabled = true;
propertyDeclarationTypes.enabled = true;
variableTypes.enabled = true;
};
};
};
dprint = {
command = getExe pkgs.dprint;
args = [ "lsp" ];
};
nil = {
command = getExe nil;
config.nil = {
formatting.command = [ "${getExe nixfmt}" ];
diagnostics = {
bindingEndHintMinLines = 10;
};
nix.flake = {
autoArchive = true;
autoEvalInputs = true;
nixpkgsInputName = "nixpkgs";
};
};
};
deadnix = {
command = getExe new-deadnix;
};
typescript-language-server = {
command = getExe pkgs.typescript-language-server;
args = [ "--stdio" ];
config = {
typescript-language-server.source = {
addMissingImports.ts = true;
fixAll.ts = true;
organizeImports.ts = true;
removeUnusedImports.ts = true;
sortImports.ts = true;
};
};
};
ruff = {
command = getExe pkgs.ruff;
args = [ "server" ];
};
qmlls.command = getExe' pkgs.kdePackages.qtdeclarative "qmlls";
basedpyright.command = "${pkgs.basedpyright}/bin/basedpyright-langserver";
vscode-css-language-server = {
command = "${pkgs.vscode-langservers-extracted}/bin/vscode-css-language-server";
args = [ "--stdio" ];
config = {
provideFormatter = true;
css.validate.enable = true;
scss.validate.enable = true;
};
};
zls = {
command = getExe pkgs.zls;
config = {
enable_build_on_save = true;
build_on_save_args = [
"check"
"-fincremental"
"--watch"
];
enable_autofix = false;
warn_style = true;
highlight_global_var_declarations = true;
};
};
};
};
themes = {
rose_pine_transparent = {
inherits = "rose_pine";
"ui.background" = { };
};
rose_pine_dawn_transparent = {
inherits = "rose_pine_dawn";
"ui.background" = { };
};
nightfox_transparent = {
inherits = "nightfox";
"ui.background" = { };
};
nord_transparent = {
inherits = "nord";
"ui.background" = { };
};
};
settings = {
theme = "gruvbox_dark_hard";
editor = {
cursorline = true;
color-modes = true;
true-color = true;
indent-guides.render = true;
lsp = {
enable = true;
auto-signature-help = true;
display-inlay-hints = true;
display-messages = true;
display-progress-messages = true;
snippets = true;
};
file-picker = {
hidden = false;
};
line-number = "relative";
completion-timeout = 5;
clipboard-provider = "wayland";
completion-trigger-len = 1;
completion-replace = true;
mouse = true;
bufferline = "multiple";
popup-border = "none";
soft-wrap.enable = true;
word-completion = {
enable = true;
trigger-length = 2;
};
cursor-shape = {
insert = "bar";
normal = "block";
select = "underline";
};
statusline = {
left = [
"spinner"
"diagnostics"
"file-name"
];
right = [
"file-base-name"
"position"
];
diagnostics = [
"warning"
"error"
];
workspace-diagnostics = [
"warning"
"error"
];
};
gutters.layout = [
"diff"
"diagnostics"
"line-numbers"
];
inline-diagnostics = {
cursor-line = "hint";
other-lines = "error";
};
};
keys = {
normal = {
space = {
g = [
":new"
":buffer-close!"
":redraw"
];
i = ":toggle lsp.display-inlay-hints";
};
esc = [
"collapse_selection"
"keep_primary_selection"
"normal_mode"
];
A-H = "goto_previous_buffer";
A-L = "goto_next_buffer";
A-w = ":buffer-close";
A-f = ":format";
A-r = ":reload";
A-x = "extend_to_line_bounds";
X = [
"extend_line_up"
"extend_to_line_bounds"
];
";" = "flip_selections";
"A-;" = "collapse_selection";
# Kakoune-like config
H = "extend_char_left";
J = "extend_line_down";
K = "extend_line_up";
L = "extend_char_right";
};
select = {
A-x = "extend_to_line_bounds";
X = [
"extend_line_up"
"extend_to_line_bounds"
];
g = {
e = "goto_file_end";
};
};
};
};
in
{
packages = builtins.attrValues {
inherit helix;
inherit (pkgs)
tinymist
taplo
kdlfmt
gopls
;
};
files = {
".config/helix/config.toml".source = toml.generate "helix-config.toml" settings;
".config/helix/languages.toml".source = toml.generate "helix-languages.toml" languages;
}
// mapAttrs' (
name: value:
nameValuePair ".config/helix/themes/${name}.toml" {
source = toml.generate "helix-theme-${name}.toml" value;
}
) themes;
}

36
modules/home/hjem.mod.nix
View file

@ -1,36 +0,0 @@
{
config,
lib,
pkgs,
sources,
...
}:
let
inherit (builtins) filter;
inherit (config.meta.mainUser) username;
inherit (lib.modules) mkForce;
inherit (lib.filesystem) listFilesRecursive;
inherit (lib.strings) hasSuffix;
in
{
imports = [ (sources.hjem + "/modules/nixos") ];
config = {
hjem = {
clobberByDefault = true;
linker = pkgs.smfh;
users.${username} = {
enable = true;
user = username;
directory = config.users.users.${username}.home;
clobberFiles = mkForce true;
};
extraModules = (listFilesRecursive ./.) |> filter (hasSuffix ".hjem.nix");
specialArgs = {
inherit sources;
};
};
};
}

1
modules/home/nushell/completions.nu
View file

@ -1 +0,0 @@

309
modules/home/nushell/config.nu
View file

@ -1,309 +0,0 @@
#! /usr/bin/env nu
$env.config = {
bracketed_paste: true
buffer_editor: "hx"
datetime_format: {}
edit_mode: vi
error_style: fancy
float_precision: 2
footer_mode: 25
render_right_prompt_on_last_line: false
show_banner: false
use_ansi_coloring: true
use_kitty_protocol: true
shell_integration: {
osc2: false
osc7: true
osc8: true
osc9_9: false
osc133: true
osc633: true
reset_application_mode: true
}
}
$env.config.color_config = {
binary: '#b48ead'
block: '#81a1c1'
cell-path: '#e5e9f0'
closure: '#88c0d0'
custom: '#8fbcbb'
duration: '#ebcb8b'
float: '#bf616a'
glob: '#8fbcbb'
int: '#b48ead'
list: '#88c0d0'
nothing: '#bf616a'
range: '#ebcb8b'
record: '#88c0d0'
string: '#a3be8c'
bool: {|| if $in { '#88c0d0' } else { '#ebcb8b' } }
datetime: {|| (date now) - $in |
if $in < 1hr {
{ fg: '#bf616a' attr: 'b' }
} else if $in < 6hr {
'#bf616a'
} else if $in < 1day {
'#ebcb8b'
} else if $in < 3day {
'#a3be8c'
} else if $in < 1wk {
{ fg: '#a3be8c' attr: 'b' }
} else if $in < 6wk {
'#88c0d0'
} else if $in < 52wk {
'#81a1c1'
} else { 'dark_gray' }
}
filesize: {|e|
if $e == 0b {
'#e5e9f0'
} else if $e < 1mb {
'#88c0d0'
} else {{ fg: '#81a1c1' }}
}
shape_and: { fg: '#b48ead' attr: 'b' }
shape_binary: { fg: '#b48ead' attr: 'b' }
shape_block: { fg: '#81a1c1' attr: 'b' }
shape_bool: '#88c0d0'
shape_closure: { fg: '#88c0d0' attr: 'b' }
shape_custom: '#a3be8c'
shape_datetime: { fg: '#88c0d0' attr: 'b' }
shape_directory: '#88c0d0'
shape_external: '#88c0d0'
shape_external_resolved: '#88c0d0'
shape_externalarg: { fg: '#a3be8c' attr: 'b' }
shape_filepath: '#88c0d0'
shape_flag: { fg: '#81a1c1' attr: 'b' }
shape_float: { fg: '#bf616a' attr: 'b' }
shape_garbage: { fg: '#FFFFFF' bg: '#FF0000' attr: 'b' }
shape_glob_interpolation: { fg: '#88c0d0' attr: 'b' }
shape_globpattern: { fg: '#88c0d0' attr: 'b' }
shape_int: { fg: '#b48ead' attr: 'b' }
shape_internalcall: { fg: '#88c0d0' attr: 'b' }
shape_keyword: { fg: '#b48ead' attr: 'b' }
shape_list: { fg: '#88c0d0' attr: 'b' }
shape_literal: '#81a1c1'
shape_match_pattern: '#a3be8c'
shape_matching_brackets: { attr: 'u' }
shape_nothing: '#bf616a'
shape_operator: '#ebcb8b'
shape_or: { fg: '#b48ead' attr: 'b' }
shape_pipe: { fg: '#b48ead' attr: 'b' }
shape_range: { fg: '#ebcb8b' attr: 'b' }
shape_raw_string: { fg: '#8fbcbb' attr: 'b' }
shape_record: { fg: '#88c0d0' attr: 'b' }
shape_redirection: { fg: '#b48ead' attr: 'b' }
shape_signature: { fg: '#a3be8c' attr: 'b' }
shape_string: '#a3be8c'
shape_string_interpolation: { fg: '#88c0d0' attr: 'b' }
shape_table: { fg: '#81a1c1' attr: 'b' }
shape_vardecl: { fg: '#81a1c1' attr: 'u' }
shape_variable: '#b48ead'
foreground: '#e5e9f0'
background: '#2e3440'
cursor: '#e5e9f0'
empty: '#81a1c1'
header: { fg: '#a3be8c' attr: 'b' }
hints: '#4c566a'
leading_trailing_space_bg: { attr: 'n' }
row_index: { fg: '#a3be8c' attr: 'b' }
search_result: { fg: '#bf616a' bg: '#e5e9f0' }
separator: '#e5e9f0'
}
$env.config.ls = {
clickable_links: true
use_ls_colors: true
}
$env.config.rm.always_trash = true
$env.config.table = {
header_on_separator: true
footer_inheritance: true
index_mode: always
mode: compact
missing_value_symbol: kek
padding: {left: 1 right: 1}
show_empty: false
trim: {
methodology: wrapping
truncating_suffix: "..."
wrapping_try_keep_words: true
}
}
$env.config.explore = {
command_bar_text: {fg: "#C4C9C6"}
highlight: {fg: black bg: yellow}
status: {
error: {fg: white bg: red}
warn: {}
info: {}
}
status_bar_background: {fg: "#1D1F21" bg: "#C4C9C6"}
table: {
split_line: {fg: "#404040"}
selected_cell: {bg: light_blue}
selected_row: {}
selected_column: {}
}
}
$env.config.history = {
file_format: sqlite
isolation: false
max_size: 100_000
sync_on_enter: true
}
$env.config.cursor_shape = {
vi_insert: line
vi_normal: block
}
$env.config.hooks = {
command_not_found: {|| }
pre_execution: [
{
let prompt = commandline | str trim
if ($prompt | is-empty) {
return
}
print $"(ansi title)($prompt) — nu(char bel)"
}
]
pre_prompt: [
{||
if not ($env.PWD | path join .envrc | path exists) {
return
}
if (which direnv | is-empty) {
return
}
direnv export json | from json | default {} | load-env
$env.PATH = $env.PATH | split row (char env_sep)
}
]
}
let menus = [
{
name: completion_menu
only_buffer_difference: false
marker: $"(ansi yellow)╋ "
type: {
layout: ide
min_completion_width: 0
max_completion_width: 150
max_completion_height: 25
padding: 0
border: false
cursor_offset: 0
description_mode: "prefer_right"
min_description_width: 0
max_description_width: 50
max_description_height: 10
description_offset: 1
correct_cursor_pos: true
}
style: {
text: white
selected_text: white_reverse
description_text: yellow
match_text: { attr: u }
selected_match_text: { attr: ur }
}
}
{
name: history_menu
only_buffer_difference: true
marker: $env.PROMPT_INDICATOR
type: {
layout: list
page_size: 10
}
style: {
text: white
selected_text: white_reverse
}
}
]
$env.config.menus = $env.config.menus
| where name not-in ($menus | get name)
| append $menus
$env.config.keybindings ++= [
{
name: copy_commandline
modifier: alt
keycode: char_c
mode: [vi_normal vi_insert]
event: {
send: executehostcommand
cmd: 'commandline | nu-highlight | $"```ansi\n($in)\n```" | wl-copy $in'
}
}
]
let env_vars_file = '/tmp/nushell-env-vars'
if not ($env_vars_file | path exists) {
open /etc/profile
| lines
| select 11
| str trim
| split column ' ' del path
| get path.0
| open $in
| str trim
| lines
| parse 'export {name}="{value}"'
| transpose --header-row --as-record
| tee { load-env $in }
| to nuon
| save --force $env_vars_file
} else {
open $env_vars_file
| from nuon
| load-env $in
}
def switch [] {
nh os switch --file ($env.NH_FLAKE | path join default.nix) (open /etc/hostname | str trim)
}
def --env y [...args] {
let tmp = (mktemp -t "yazi-cwd.XXXXXX")
yazi ...$args --cwd-file $tmp
let cwd = (open $tmp)
if $cwd != "" and $cwd != $env.PWD {
cd $cwd
}
rm -fp $tmp
}
# fix sudo by prepending /run/wrappers/bin to the PATH.
$env.PATH = ($env.PATH | split row (char esep) | prepend '/run/wrappers/bin')
$env.PATH = ($env.PATH | split row (char esep) | prepend '/etc/profiles/per-user/cr/bin')
carapace _carapace nushell
| save -f ($nu.user-autoload-dirs | path join carapace.nu)
source ./prompt.nu
source ./zoxide.nu

22
modules/home/nushell/nu.hjem.nix
View file

@ -1,22 +0,0 @@
{
pkgs,
...
}:
{
packages = with pkgs; [
nushell
inshellisense
carapace
];
environment.sessionVariables = {
CARAPACE_BRIDGES = "inshellisense,carapace,clap,bash";
CARAPACE_MATCH = 1;
};
files = {
".config/nushell/config.nu".source = ./config.nu;
".config/nushell/prompt.nu".source = ./prompt.nu;
".config/nushell/zoxide.nu".source = ./zoxide.nu;
};
}

73
modules/home/nushell/prompt.nu
View file

@ -1,73 +0,0 @@
use std null_device
export-env {
load-env {
PROMPT_COMMAND: {||
let exit_code = $env.LAST_EXIT_CODE
mut path_segment = $env.PWD | path basename
let exit_code_segment = if ($exit_code == 0) {
""
} else {
$"(ansi yellow)━┫(ansi red)($exit_code)(ansi yellow)┣━"
}
[$"(ansi yellow)┏" $exit_code_segment "━ " $path_segment "\n"] | str join
}
TRANSIENT_PROMPT_COMMAND: {||
let path_segment = $env.PWD | path basename
let exit_code_segment = if ($env.LAST_EXIT_CODE == 0) {
""
} else {
$"(ansi yellow)━┫(ansi red)($env.LAST_EXIT_CODE)(ansi yellow)┣━"
}
[$"(ansi yellow)━" $exit_code_segment "━ " $path_segment] | str join
}
PROMPT_INDICATOR_VI_INSERT: $"(ansi yellow)┃ "
PROMPT_INDICATOR_VI_NORMAL: $"(ansi yellow)┋ "
PROMPT_MULTILINE_INDICATOR: $"(ansi yellow)┃ "
TRANSIENT_PROMPT_INDICATOR_VI_INSERT: " "
TRANSIENT_PROMPT_INDICATOR_VI_NORMAL: " "
TRANSIENT_PROMPT_MULTILINE_INDICATOR: $"(ansi yellow)┃ "
config: (
$env.config? | default {} | merge {
render_right_prompt_on_last_line: true
}
)
PROMPT_COMMAND_RIGHT: {||
let jj_status = try {
jj --quiet --color always --ignore-working-copy log --no-graph --revisions @ --template '
separate(
" ",
if(empty, label("empty", "(empty)")),
coalesce(
surround(
"\"",
"\"",
if(
description.first_line().substr(0, 24).starts_with(description.first_line()),
description.first_line().substr(0, 24),
description.first_line().substr(0, 23) ++ "…"
)
),
label(if(empty, "empty"), description_placeholder)
),
bookmarks.join(", "),
change_id.shortest(),
commit_id.shortest(),
if(conflict, label("conflict", "(conflict)")),
if(divergent, label("divergent prefix", "(divergent)")),
if(hidden, label("hidden prefix", "(hidden)")),
)
' err> $null_device
} catch {
""
}
$jj_status
}
}
}

54
modules/home/nushell/zoxide.nu
View file

@ -1,54 +0,0 @@
# Initialize hook to add new entries to the database.
export-env {
$env.config = (
$env.config?
| default {}
| upsert hooks { default {} }
| upsert hooks.env_change { default {} }
| upsert hooks.env_change.PWD { default [] }
)
let __zoxide_hooked = (
$env.config.hooks.env_change.PWD | any { try { get __zoxide_hook } catch { false } }
)
if not $__zoxide_hooked {
$env.config.hooks.env_change.PWD = ($env.config.hooks.env_change.PWD | append {
__zoxide_hook: true,
code: {|_, dir| zoxide add -- $dir}
})
}
}
def zoxide_completions [context: string] {
let parts = $context | split row " " | skip 1
{
options: {
sort: false,
completion_algorithm: substring,
case_sensitive: false,
},
completions: (^zoxide query --list --exclude $env.PWD -- ...$parts | lines | first 10)
}
}
# Jump to a directory using only keywords.
def --env --wrapped __zoxide_z [...rest: string@zoxide_completions] {
let path = match $rest {
[] => {'~'},
[ '-' ] => {'-'},
[ $arg ] if ($arg | path expand | path type) == 'dir' => {$arg}
_ => {
zoxide query --exclude $env.PWD -- ...$rest | str trim -r -c "\n"
}
}
cd $path
}
# Jump to a directory using interactive search.
def --env --wrapped __zoxide_zi [...rest:string] {
cd $'(zoxide query --interactive -- ...$rest | str trim -r -c "\n")'
}
# =============================================================================
alias z = __zoxide_z
alias zi = __zoxide_zi

40
modules/home/programs/btop.hjem.nix
View file

@ -1,40 +0,0 @@
{
lib,
pkgs,
...
}:
let
inherit (builtins) attrValues;
inherit (lib.attrsets) mapAttrsToList;
inherit (lib.strings) concatStringsSep;
btop-settings = {
truecolor = "True";
vim_keys = "True";
rounded_corners = "True";
update_ms = "100";
graph_symbol = "braille";
cpu_single_graph = "True";
clock_format = "%X";
use_fstab = "True";
io_mode = "True";
net_sync = "True";
net_iface = "enp4s0";
log_level = "ERROR";
color_theme = "gruvbox_dark";
};
btop-no-desktop-entry = pkgs.btop.overrideAttrs (prev: {
postInstall = ''
${prev.postInstall or ""}
rm -rf $out/share/applications/*.desktop
'';
});
in
{
packages = attrValues { inherit btop-no-desktop-entry; };
files.".config/btop/btop.conf".text =
concatStringsSep "\n" <| mapAttrsToList (name: value: "${name} = ${toString value}") btop-settings;
}

69
modules/home/programs/ghostty.hjem.nix
View file

@ -1,69 +0,0 @@
{
lib,
osConfig,
pkgs,
...
}:
let
inherit (lib.lists) elem;
inherit (lib.meta) getExe;
inherit (lib.attrsets) mapAttrsToList;
inherit (lib.strings) concatStringsSep;
inherit (osConfig.meta.mainUser.defaultShell) name package;
# Shell integration for ghostty only supports
# bash, fish and zsh for now.
shell-integration =
if
elem name [
"bash"
"fish"
"zsh"
]
then
name
else
"none";
ghostty-settings = {
font-size = 14;
font-family = "JetBrainsMonoNerdFont";
app-notifications = "no-clipboard-copy";
background-opacity = 1.0;
bold-is-bright = "true";
confirm-close-surface = "false";
cursor-style-blink = "false";
gtk-single-instance = "true";
gtk-tabs-location = "bottom";
gtk-wide-tabs = false;
mouse-hide-while-typing = "true";
resize-overlay-duration = "0s";
shell-integration-features = "cursor,sudo,no-title";
term = "xterm-256color";
theme = "GruvboxDarkHard";
window-decoration = "none";
window-padding-balance = true;
window-padding-x = 8;
window-padding-y = 8;
window-theme = "ghostty";
cursor-style = "block";
# Whether to automatically copy selected text to the clipboard. true will prefer to copy to the selection clipboard, otherwise it will copy to the system clipboard.
# The value clipboard will always copy text to the selection clipboard as well as the system clipboard.
copy-on-select = "clipboard";
inherit shell-integration;
command = getExe package;
};
in
{
packages = builtins.attrValues {
inherit (pkgs) ghostty;
};
files.".config/ghostty/config".text =
concatStringsSep "\n"
<| mapAttrsToList (name: value: "${name} = ${toString value}") ghostty-settings;
}

92
modules/options/system/options.mod.nix → modules/options/system/module.nix
View file

@ -2,26 +2,49 @@
config, config,
lib, lib,
... ...
}: }: let
let
inherit (builtins) elemAt; inherit (builtins) elemAt;
inherit (lib.options) mkOption mkEnableOption; inherit (lib.options) mkOption mkEnableOption;
inherit (lib.types) inherit (lib.types) enum listOf str nullOr bool package;
enum in {
listOf imports = [
str # configuration options for nixos activation scripts
nullOr # ./activation.nix
bool
; # boot/impermanence mounts
inherit (lib.lists) elem; # ./boot.nix
# ./impermanence.nix
# network and overall hardening
./networking
# ./security.nix
# ./encryption.nix
# filesystems
# ./fs.nix
# package and program related options
# ./services
./programs
# monitor configuration
./monitors.nix
];
inherit (config.modules.system) systemType;
in
{
options.modules.system = { options.modules.system = {
mainUser = mkOption {
type = enum config.modules.system.users;
default = elemAt config.modules.system.users 0;
description = ''
The username of the main user for your system.
In case of a multiple systems, this will be the user with priority in ordered lists and enabled options.
'';
};
users = mkOption { users = mkOption {
type = listOf str; type = listOf str;
default = [ "cr" ]; default = ["charlie"];
description = "A list of users on the system."; description = "A list of users on the system.";
}; };
@ -34,37 +57,10 @@ in
''; '';
}; };
systemType = mkOption {
type = nullOr (enum [
"desktop"
"laptop"
"server"
]);
default = null;
description = ''
The type of the current system. This is used to determine whether things like graphical
environments and power-saving programs should be installed or not.
'';
};
isGraphical = mkOption {
type = bool;
default = elem systemType [
"desktop"
"laptop"
];
description = ''
Whether the current system is a graphical system.
'';
};
yubikeySupport = { yubikeySupport = {
enable = mkEnableOption "yubikey support"; enable = mkEnableOption "yubikey support";
deviceType = mkOption { deviceType = mkOption {
type = nullOr (enum [ type = nullOr (enum ["NFC5" "nano"]);
"NFC5"
"nano"
]);
default = null; default = null;
description = "A list of device models to enable Yubikey support for"; description = "A list of device models to enable Yubikey support for";
}; };
@ -76,7 +72,6 @@ in
impermanence = { impermanence = {
enable = mkEnableOption "Enable Impermanence"; enable = mkEnableOption "Enable Impermanence";
}; };
video = { video = {
enable = mkEnableOption "video drivers and programs that require a graphical user interface"; enable = mkEnableOption "video drivers and programs that require a graphical user interface";
nvidia = mkEnableOption "Nvidia graphics drivers"; nvidia = mkEnableOption "Nvidia graphics drivers";
@ -94,9 +89,18 @@ in
enable = mkEnableOption "printing"; enable = mkEnableOption "printing";
extraDrivers = mkOption { extraDrivers = mkOption {
type = listOf str; type = listOf str;
default = [ ]; default = [];
description = "A list of extra drivers to enable for printing"; description = "A list of extra drivers to enable for printing";
}; };
"3d" = {
enable = mkEnableOption "3D printing suite";
extraPrograms = mkOption {
type = listOf package;
default = [];
description = "A list of extra programs to enable for 3D printing";
};
};
}; };
}; };
} }

16
modules/options/system/monitors.mod.nix → modules/options/system/monitors.nix
View file

@ -1,18 +1,10 @@
{ lib, ... }: {lib, ...}: let
let
inherit (lib.options) mkOption; inherit (lib.options) mkOption;
inherit (lib.types) inherit (lib.types) submodule int ints number attrsOf;
submodule in {
int
ints
number
attrsOf
;
in
{
options.modules.system.hardware.monitors = mkOption { options.modules.system.hardware.monitors = mkOption {
description = "\n List of monitors to use\n "; description = "\n List of monitors to use\n ";
default = { }; default = {};
type = attrsOf (submodule { type = attrsOf (submodule {
options = { options = {
resolution = mkOption { resolution = mkOption {

7
modules/options/system/networking/default.nix Normal file
View file

@ -0,0 +1,7 @@
{lib, ...}: let
inherit (lib.options) mkEnableOption;
in {
options.modules.system.networking = {
nftbles.enable = mkEnableOption "Nftables firewall";
};
}

35
modules/options/system/programs.mod.nix → modules/options/system/programs/default.nix
View file

@ -1,9 +1,7 @@
{ lib, ... }: {lib, ...}: let
let
inherit (lib.types) str enum; inherit (lib.types) str enum;
inherit (lib.options) mkEnableOption mkOption; inherit (lib.options) mkEnableOption mkOption;
in in {
{
options.modules.system.programs = { options.modules.system.programs = {
editors = { editors = {
helix.enable = mkEnableOption "Helix text editor"; helix.enable = mkEnableOption "Helix text editor";
@ -29,42 +27,23 @@ in
}; };
default = { default = {
terminal = mkOption { terminal = mkOption {
type = enum [ type = enum ["foot" "kitty"];
"foot"
"kitty"
];
default = "foot"; default = "foot";
}; };
fileManager = mkOption { fileManager = mkOption {
type = enum [ type = enum ["thunar" "dolphin" "nemo"];
"thunar"
"dolphin"
"nemo"
];
default = "thunar"; default = "thunar";
}; };
browser = mkOption { browser = mkOption {
type = enum [ type = enum ["firefox" "librewolf" "chromium"];
"firefox"
"librewolf"
"chromium"
];
default = "firefox"; default = "firefox";
}; };
editor = mkOption { editor = mkOption {
type = enum [ type = enum ["neovim" "helix" "emacs"];
"neovim"
"helix"
"emacs"
];
default = "emacs"; default = "emacs";
}; };
launcher = mkOption { launcher = mkOption {
type = enum [ type = enum ["anyrun" "rofi" "wofi"];
"anyrun"
"rofi"
"wofi"
];
default = "anyrun"; default = "anyrun";
}; };
}; };

9
modules/other/git.mod.nix → modules/other/git.nix
View file

@ -1,8 +1,7 @@
{ pkgs, ... }: {pkgs, ...}: let
let key =
key = pkgs.writeText "signingkey" "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAAWEDj/Yib6Mqs016jx7rtecWpytwfVl28eoHtPYCM9TVLq81VIHJSN37lbkc/JjiXCdIJy2Ta3A3CVV5k3Z37NbgAu23oKA2OcHQNaRTLtqWlcBf9fk9suOkP1A3NzAqzivFpBnZm3ytaXwU8LBJqxOtNqZcFVruO6fZxJtg2uE34mAw=="; pkgs.writeText "signingkey" "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAAWEDj/Yib6Mqs016jx7rtecWpytwfVl28eoHtPYCM9TVLq81VIHJSN37lbkc/JjiXCdIJy2Ta3A3CVV5k3Z37NbgAu23oKA2OcHQNaRTLtqWlcBf9fk9suOkP1A3NzAqzivFpBnZm3ytaXwU8LBJqxOtNqZcFVruO6fZxJtg2uE34mAw==";
in in {
{
programs.git = { programs.git = {
enable = true; enable = true;
lfs.enable = true; lfs.enable = true;

8
modules/other/module.nix Normal file
View file

@ -0,0 +1,8 @@
_: {
imports = [
./system.nix
./xdg.nix
./git.nix
./users.nix
];
}

6
modules/other/system.mod.nix → modules/other/system.nix
View file

@ -1,9 +1,7 @@
{ lib, ... }: {lib, ...}: let
let
inherit (lib.options) mkOption; inherit (lib.options) mkOption;
inherit (lib.types) str; inherit (lib.types) str;
in in {
{
options.modules.other.system = { options.modules.other.system = {
username = mkOption { username = mkOption {
description = "username for this system"; description = "username for this system";

39
modules/other/users.mod.nix → modules/other/users.nix
View file

@ -2,21 +2,19 @@
config, config,
lib, lib,
pkgs, pkgs,
sources, self,
... ...
}: }: let
let
inherit (builtins) elemAt; inherit (builtins) elemAt;
inherit (lib.options) mkOption; inherit (lib.options) mkOption;
inherit (lib.types) listOf str package; inherit (lib.types) listOf str;
inherit (config.meta.mainUser) username; inherit (config.meta.mainUser) username;
in in {
{
imports = [ (sources.hjem + "/modules/nixos") ];
options.meta = { options.meta = {
users = mkOption { users = mkOption {
type = listOf str; type = listOf str;
default = [ "cr" ]; default = ["cr"];
description = '' description = ''
A list of users on a system. A list of users on a system.
''; '';
@ -29,36 +27,17 @@ in
The main user for each system. This is the first element of the list of users by default. The main user for each system. This is the first element of the list of users by default.
''; '';
}; };
gitSigningKey = mkOption { gitSigningKey = mkOption {
type = str; type = str;
description = '' description = ''
The main user's git signing key, used to automatically sing git commits with this key The main user's git signing key, used to automatically sing git commits with this key
''; '';
default = '' default = ''
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAAWEDj/Yib6Mqs016jx7rtecWpytwfVl28eoHtPYCM9TVLq81VIHJSN37lbkc/JjiXCdIJy2Ta3A3CVV5k3Z37NbgAu23oKA2OcHQNaRTLtqWlcBf9fk9suOkP1A3NzAqzivFpBnZm3ytaXwU8LBJqxOtNqZcFVruO6fZxJtg2uE34mAw== ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAAWEDj/Yib6Mqs016jx7rtecWpytwfVl28eoHtPYCM9TVLq81VIHJSN37lbkc/JjiXCdIJy2Ta3A3CVV5k3Z37NbgAu23oKA2OcHQNaRTLtqWlcBf9fk9suOkP1A3NzAqzivFpBnZm3ytaXwU8LBJqxOtNqZcFVruO6fZxJtg2uE34mAw== '';
'';
};
# TODO: clean this up and move it somewhere else.
defaultShell = {
name = mkOption {
type = str;
default = "nushell";
description = ''
The default shell of a user. This is not the main system shell, but the shell used in terminals.
'';
};
package = mkOption {
type = package;
default = pkgs.nushell;
};
}; };
}; };
}; };
config = { config = {
# environment.shells = [ pkgs.nushell ];
programs.zsh.enable = true;
users = { users = {
mutableUsers = true; mutableUsers = true;
users = { users = {
@ -73,8 +52,10 @@ in
"nix" "nix"
"docker" "docker"
]; ];
shell = pkgs.zsh; shell = self.packages.${pkgs.stdenv.system}.fish;
# hashedPasswordFile = "/etc/passwords/cr";
}; };
# root.hashedPasswordFile = "/persist/passwords/root";
}; };
}; };
}; };

74
modules/other/xdg.mod.nix
View file

@ -1,74 +0,0 @@
{
config,
pkgs,
...
}:
let
inherit (config.meta.mainUser) username;
primary_browser = "Librewolf.desktop";
mail_client = "thunderbird.desktop";
file_manager = "nautilus.desktop";
media_player = "mpv.desktop";
image_viewer = "imv.desktop";
text_editor = "helix.desktop";
terminal = "foot.desktop";
pdf_viewer = "zathura.desktop";
in
{
environment = {
systemPackages = [ pkgs.xdg-utils ];
variables = {
TERMINAL = "${terminal}";
XDG_CACHE_HOME = "/home/${username}/.config";
};
};
xdg = {
autostart.enable = true;
menus.enable = true;
icons.enable = true;
mime = {
enable = true;
defaultApplications = {
"text/html" = [ primary_browser ];
"x-scheme-handler/http" = [ primary_browser ];
"x-scheme-handler/https" = [ primary_browser ];
"x-scheme-handler/about" = [ primary_browser ];
"x-scheme-handler/unknown" = [ primary_browser ];
"x-scheme-handler/mailto" = [ mail_client ];
"message/rfc822" = [ mail_client ];
"x-scheme-handler/mid" = [ mail_client ];
"inode/directory" = [ file_manager ];
"audio/mp3" = [ media_player ];
"audio/ogg" = [ media_player ];
"audio/mpeg" = [ media_player ];
"audio/aac" = [ media_player ];
"audio/opus" = [ media_player ];
"audio/wav" = [ media_player ];
"audio/webm" = [ media_player ];
"audio/3gpp" = [ media_player ];
"audio/3gpp2" = [ media_player ];
"video/mp4" = [ media_player ];
"video/x-msvideo" = [ media_player ];
"video/mpeg" = [ media_player ];
"video/ogg" = [ media_player ];
"video/mp2t" = [ media_player ];
"video/webm" = [ media_player ];
"video/3gpp" = [ media_player ];
"video/3gpp2" = [ media_player ];
"image/png" = [ image_viewer ];
"image/jpeg" = [ image_viewer ];
"image/gif" = [ image_viewer ];
"image/avif" = [ image_viewer ];
"image/bmp" = [ image_viewer ];
"image/vnd.microsoft.icon" = [ image_viewer ];
"image/svg+xml" = [ image_viewer ];
"image/tiff" = [ image_viewer ];
"image/webp" = [ image_viewer ];
"text/plain" = [ text_editor ];
"application/pdf" = [ pdf_viewer ];
};
};
};
}

72
modules/other/xdg.nix Normal file
View file

@ -0,0 +1,72 @@
{
config,
pkgs,
...
}: let
inherit (config.meta.mainUser) username;
primary_browser = "Librewolf.desktop";
mail_client = "thunderbird.desktop";
file_manager = "nautilus.desktop";
media_player = "mpv.desktop";
image_viewer = "imv.desktop";
text_editor = "helix.desktop";
terminal = "foot.desktop";
pdf_viewer = "sioyek.desktop";
in {
environment = {
systemPackages = [pkgs.xdg-utils];
sessionVariables = {
TERMINAL = "${terminal}";
XDG_CACHE_HOME = "/home/${username}/.config";
};
};
xdg = {
autostart.enable = true;
menus.enable = true;
icons.enable = true;
mime = {
enable = true;
defaultApplications = {
"text/html" = [primary_browser];
"x-scheme-handler/http" = [primary_browser];
"x-scheme-handler/https" = [primary_browser];
"x-scheme-handler/about" = [primary_browser];
"x-scheme-handler/unknown" = [primary_browser];
"x-scheme-handler/mailto" = [mail_client];
"message/rfc822" = [mail_client];
"x-scheme-handler/mid" = [mail_client];
"inode/directory" = [file_manager];
"audio/mp3" = [media_player];
"audio/ogg" = [media_player];
"audio/mpeg" = [media_player];
"audio/aac" = [media_player];
"audio/opus" = [media_player];
"audio/wav" = [media_player];
"audio/webm" = [media_player];
"audio/3gpp" = [media_player];
"audio/3gpp2" = [media_player];
"video/mp4" = [media_player];
"video/x-msvideo" = [media_player];
"video/mpeg" = [media_player];
"video/ogg" = [media_player];
"video/mp2t" = [media_player];
"video/webm" = [media_player];
"video/3gpp" = [media_player];
"video/3gpp2" = [media_player];
"image/png" = [image_viewer];
"image/jpeg" = [image_viewer];
"image/gif" = [image_viewer];
"image/avif" = [image_viewer];
"image/bmp" = [image_viewer];
"image/vnd.microsoft.icon" = [image_viewer];
"image/svg+xml" = [image_viewer];
"image/tiff" = [image_viewer];
"image/webp" = [image_viewer];
"text/plain" = [text_editor];
"application/pdf" = [pdf_viewer];
};
};
};
}

8
modules/packages/hardware.nix Normal file
View file

@ -0,0 +1,8 @@
{
config,
lib,
pkgs,
...
}: let
in {
}

22
modules/packages/module.nix Normal file
View file

@ -0,0 +1,22 @@
{pkgs, ...}: {
imports = [
./hardware.nix
./wayland.nix
# ./media.nix
];
# These are some standard packages I want to have installed on every system, regardless of type or use case.
environment.systemPackages = builtins.attrValues {
inherit
(pkgs)
calc # Calculator device
coreutils-full # All of the GNU coreutils
curl # I sometimes need to curl stuff
git # take a guess
inetutils # internet stuff I need/want on every system.
wget
unzip # zipping and unzipping stuff
zip
util-linux
;
};
}

109
modules/packages/packages.mod.nix
View file

@ -1,109 +0,0 @@
{
lib,
pkgs,
sources,
...
}:
let
nixfmt = pkgs.callPackage "${sources.nixfmt}/default.nix" { };
comma = pkgs.callPackage (
_:
pkgs.rustPlatform.buildRustPackage {
pname = "comma";
version = "unstable";
src = sources.comma;
cargoLock = {
allowBuiltinFetchGit = true;
lockFile = "${sources.comma}/Cargo.lock";
};
nativeBuildInputs = [ pkgs.makeBinaryWrapper ];
doInstallCheck = false;
postInstall = ''
wrapProgram $out/bin/comma \
--prefix PATH : ${
lib.makeBinPath [
pkgs.fzy
pkgs.nix-index-unwrapped
]
}
ln -s $out/bin/comma $out/bin/,
'';
}
) { };
in
{
environment.systemPackages =
with pkgs;
[
universal-android-debloater
emacs-pgtk
# better cd
zoxide
ouch
# pipe viewer
pv
# hex editor
bvi
#better ls
eza
atuin
# better cat
bat
# clipboard
# yazi
serpl
diff-so-fancy
tig
direnv
sesh
mprocs
curlie
entr
procs
sd
# mult
glow
# dua-cli
dust
iamb
kondo
# better grep
ripgrep
# IP stuff
dig
# simply the best fetch tool out there
microfetch
fzf
element
difftastic
hexyl
yazi
gnumake
asciinema
inetutils
tokei
starship
wget
cpufetch
watchman
# yt-dlp # borked check phase
tealdeer
hyperfine
imagemagick
ffmpeg-full
# catimg
timg
nmap
fd
jq
rsync
figlet
unzip
zip
]
++ [
nixfmt
comma
];
}

15
modules/packages/wayland.nix Normal file
View file

@ -0,0 +1,15 @@
{
config,
lib,
pkgs,
...
}: {
# These are packages I only need in wayland environments, nowhere else.
environment.systemPackages = builtins.attrValues {
inherit
(pkgs)
wl-clipboard
grimblast
;
};
}

139
modules/programs/cli/jj.mod.nix
View file

@ -1,139 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib.meta) getExe;
toml = pkgs.formats.toml { };
jj-config = toml.generate "config.toml" {
user = {
name = "Bloxx12";
email = "charlie@charlieroot.dev";
};
ui = {
pager = [
"${getExe pkgs.bat}"
"--plain"
];
default-command = "log";
movement.edit = true;
diff.tool = [
"${getExe pkgs.difftastic}"
"--color"
"always"
"$left"
"$right"
];
};
# FIXME: do this with agenix
# "--scope" = [
# {
# "--when.repositories" = ["~/repos/projects/uni"];
# user = {
# # TODO
# name = "";
# email = "";
# };
# }
# {
# "--when.repositories" = ["~/repos/projects/uni/"];
# user = {
# # TODO
# name = "";
# email = "";
# };
# }
# ];
git.push-new-bookmarks = true;
signing = {
behaviour = "own";
backend = "ssh";
key = [
"ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAAWEDj/Yib6Mqs016jx7rtecWpytwfVl28eoHtPYCM9TVLq81VIHJSN37lbkc/JjiXCdIJy2Ta3A3CVV5k3Z37NbgAu23oKA2OcHQNaRTLtqWlcBf9fk9suOkP1A3NzAqzivFpBnZm3ytaXwU8LBJqxOtNqZcFVruO6fZxJtg2uE34mAw=="
];
};
aliases = {
c = [ "commit" ];
ci = [
"commit"
"--interactive"
];
e = [ "edit" ];
# "new bookmark"
nb = [
"bookmark"
"create"
"-r @-"
];
pull = [
"git"
"fetch"
];
push = [
"git"
"push"
"--allow-new"
];
r = [ "rebase" ];
s = [ "squash" ];
si = [
"squash"
"--interactive"
];
tug = [
"bookmark"
"move"
"--from"
"closest_bookmark(@-)"
"--to"
"@-"
];
};
revset-aliases = {
"closest_bookmark(to)" = "heads(::to & bookmarks())";
};
templates = {
draft_commit_description = ''
concat(
coalesce(description, "\n"),
surround(
"\nJJ: This commit contains the following changes:\n", "",
indent("JJ: ", diff.stat(72)),
),
"\nJJ: ignore-rest\n",
diff.git(),
)
'';
};
template-aliases = {
"format_short_id(id)" = "id.shortest()";
};
};
jj-wrapped = pkgs.symlinkJoin {
name = "jj-wrapped";
paths = [ pkgs.jj ];
nativeBuildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/mako --add-flags "\
--config ${jj-config}
'';
};
in
{
# environment.systemPackages = [jj-wrapped];
}

6
modules/programs/cli/module.nix Normal file
View file

@ -0,0 +1,6 @@
_: {
imports = [
./nh.nix
# ./beets.nix
];
}

15
modules/programs/cli/nh.mod.nix → modules/programs/cli/nh.nix
View file

@ -1,30 +1,21 @@
{ {
config, config,
lib, lib,
pkgs,
sources,
... ...
}: }: let
let
cfg = config.modules.programs.nh; cfg = config.modules.programs.nh;
inherit (config.modules.other.system) username; inherit (config.modules.other.system) username;
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption; inherit (lib.options) mkEnableOption;
nh = (pkgs.callPackage "${sources.nh}/package.nix" { }).overrideAttrs (_: { in {
doInstallCheck = false;
});
in
{
options.modules.programs.nh.enable = mkEnableOption "nh"; options.modules.programs.nh.enable = mkEnableOption "nh";
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.nh = { programs.nh = {
enable = true; enable = true;
package = nh;
clean.enable = true; clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3"; clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/home/${username}/repos/projects/nichts/main"; flake = "/home/${username}/repos/projects/nichts";
}; };
}; };
} }

7
modules/programs/cli/zodide.mod.nix
View file

@ -1,7 +0,0 @@
_: {
programs.zoxide = {
enable = true;
enableFishIntegration = true;
enableBashIntegration = true;
};
}

35
modules/programs/gui/bitwarden.mod.nix
View file

@ -1,35 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (config.modules.system) isGraphical;
inherit (lib.modules) mkIf;
bitwarden-desktop-wrapped = pkgs.symlinkJoin {
name = "bitwarden-desktop-wrapped";
paths = [ pkgs.bitwarden-desktop ];
nativeBuildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/bitwarden --set \
BITWARDEN_SSH_AUTH_SOCK /run/user/1000/ssh-agent.sock
'';
};
in
{
config = mkIf isGraphical {
environment = {
systemPackages = lib.attrValues {
inherit (pkgs)
bitwarden-cli
;
inherit bitwarden-desktop-wrapped;
};
# Set the ssh socket globally. This alows all applications and shells to use
# the ssh-agent.
variables."SSH_AUTH_SOCK" = "/run/user/1000/ssh-agent.sock";
};
};
}

245
modules/programs/gui/brave.mod.nix
View file

@ -1,245 +0,0 @@
{
lib,
pkgs,
...
}:
let
inherit (lib.lists) map;
inherit (lib.strings) concatStringsSep;
# https://peter.sh/experiments/chromium-command-line-switches/
flags = concatStringsSep " " [
"--no-first-run"
"--enable-gpu-rasterization"
"--force-dark-mode"
"--enable-smooth-scrolling"
"--enable-features=UseOzonePlatform"
"--ozone-platform=wayland"
"--user-agent='Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3'"
# https://source.chromium.org/chromium/chromium/src/+/main:headless/app/headless_shell_switches.cc;drc=3556fbff47c18193f4a39d2496596e89b8307a15;l=47-55
"--password-store=gnome-keyring"
];
brave-wrapped = pkgs.symlinkJoin {
name = "brave";
paths = [
pkgs.brave
];
nativeBuildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/brave --append-flags "${flags}"
'';
};
in
{
environment.systemPackages = [
brave-wrapped
];
programs.chromium = {
enable = true;
# This sets a bunch of flags to make Brave usable.
# This was made possible through several similar projects,
# which facilitated this process a lot:
# https://gist.github.com/yashgorana/869542b66d7188729716379abe7464e0
# https://github.com/yashgorana/chrome-debloat
# https://chromeenterprise.google/intl/en_ca/policies
extraOpts = {
BraveRewardsDisabled = true;
BraveWalletDisabled = true;
# Setting the policy to False prevents Google Chrome from showing
# product promotional content.
PromotionsEnabled = false;
TorDisabled = true;
BraveVPNDisabled = true;
BraveAIChatEnabled = false;
SyncDisabled = true;
# Setting the policy to False stops Google Chrome from ever checking if
# it's the default and turns user controls off for this option.
DefaultBrowserSettingEnabled = false;
# In background mode, a Google Chrome process is started on OS sign-in and keeps
# running when the last browser window is closed, allowing background apps and
# the browsing session to remain active.
BackgroundModeEnabled = false;
# By default the browser will show media recommendations that are personalized to the user.
# Setting this policy to Disabled will result in these recommendations being hidden from the user.
MediaRecommendationsEnabled = false;
# This policy controls the availability of the shopping list feature.
# If enabled, users will be presented with UI to track the price of
# the product displayed on the current page. The tracked product will
# be shown in the bookmarks side panel. If this policy is set to Enabled
# or not set, the shopping list feature will be available to users.
# If this policy is set to Disabled, the shopping list feature will be unavailable.
ShoppingListEnabled = false;
BraveSyncUrl = "";
PrivacySandboxFingerprintingProtectionEnabled = true;
PrivacySandboxIpProtectionEnabled = true;
DefaultSearchProviderEnabled = true;
DefaultSearchProviderName = "Kagi";
DefaultSearchProviderSearchURL = "https://kagi.com/search?q={searchTerms}";
DefaultSearchProviderNewTabURL = "https://kagi.com";
SearchSuggestEnabled = true;
DefaultSearchProviderSuggestURL = "https://kagi.com/api/autosuggest?q={searchTerms}";
# Prevents webpage elements that aren't from the domain
# that's in the browser's address bar from setting cookies.
BlockThirdPartyCookies = true;
DnsOverHttpsMode = "automatic";
MetricsReportingEnabled = false;
SafeBrowsingExtendedReportingEnabled = false;
# Setting the policy to Enabled means URL-keyed anonymized data collection,
# which sends URLs of pages the user visits to Google to make searches and
# browsing better, is always active.
# Setting the policy to Disabled results in no URL-keyed anonymized data collection.
UrlKeyedAnonymizedDataCollectionEnabled = false;
# Google Chrome in-product surveys collect user feedback for the browser.
# Survey responses are not associated with user accounts. When this policy
# is Enabled or not set, in-product surveys may be shown to users.
# When this policy is Disabled, in-product surveys are not shown to users.
FeedbackSurveysEnabled = false;
PasswordManagerEnabled = false;
# Disable sharing user credentials with other users
PasswordSharingEnabled = false;
# Disable leak detection for entered credentials
PasswordLeakDetectionEnabled = false;
AutofillAddressEnabled = false;
AutofillCreditCardEnabled = false;
ParcelTrackingEnabled = false;
# Setting the policy to 2 denies sites tracking the users' physical locationing.
DefaultGeolocationSetting = 2;
DefaultNotificationsSetting = 2;
# Setting the policy to BlockLocalFonts (value 2) automatically denies the local fonts
# permission to sites by default. This will limit the ability of sites to see
# information about local fonts.
DefaultLocalFontsSetting = 2;
# Setting the policy to 1 lets websites access and use sensors such as motion and light.
# Setting the policy to 2 denies access to sensors.
DefaultSensorsSetting = 2;
# Setting the policy to 3 lets websites ask for access to serial ports.
# Setting the policy to 2 denies access to serial ports.
DefaultSerialGuardSetting = 2;
# This policy allows to control the Related Website Sets feature enablement.
# This policy overrides the FirstPartySetsEnabled policy.
# When this policy is set to False, the Related Website Sets feature is disabled.
RelatedWebsiteSetsEnabled = false;
# This policy controls the sign-in behavior of the browser.
# It allows you to specify if the user can sign in to Google Chrome with
# their account and use account related services like Google Chrome Sync.
BrowserSignin = 0;
QuicAllowed = true;
# Setting the policy to Enabled turns the internal PDF viewer off in Google Chrome,
# treats PDF files as a download, and lets users open PDFs with the default application.
AlwaysOpenPdfExternally = true;
SpellcheckEnabled = false;
EnableDoNotTrack = true;
# If this policy is set to Disabled, Google Chrome will not allow guest profiles to be started.
# Guest logins are Google Chrome profiles where all windows are in incognito mode.
BrowserGuestModeEnabled = false;
# This policy controls which software stack is used to communicate with the DNS server:
# the Operating System DNS client, or Google Chrome's built-in DNS client. This policy
# does not affect which DNS servers are used: if, for example, the operating system is
# configured to use an enterprise DNS server, that same server would be used by the
# built-in DNS client. It also does not control if DNS-over-HTTPS is used; Google Chrome
# will always use the built-in resolver for DNS-over-HTTPS requests.
# If this policy is set to Disabled, the built-in DNS client will only be used when DNS-over-HTTPS is in use.
BuiltinDnsClientEnabled = false;
# Control if Manifest v2 extensions can be used by browser.
ExtensionManifestV2Availability = 2;
# Setting the policy to True means Google Chrome uses alternate error
# pages built into (such as "page not found"). Setting the policy to
# False means Google Chrome never uses alternate error pages.
AlternateErrorPagesEnabled = false;
"3rdparty" = {
extensions = {
# Ublock Origin
cjpalhdlnbpafiamejdnhcphjbkeiagm = {
toOverwrite = {
filterLists = [
# Default UBlock Origin filter lists
"user-filters"
"ublock-filters"
"ublock-badware"
"ublock-privacy"
"ublock-abuse"
"ublock-unbreak"
"easylist"
"easyprivacy"
"urlhaus-1"
"plowe-0"
"https://raw.githubusercontent.com/yokoffing/filterlists/refs/heads/main/privacy_essentials.txt"
"https://raw.githubusercontent.com/hagezi/dns-blocklists/refs/heads/main/adblock/pro.plus.mini.txt"
"https://raw.githubusercontent.com/DandelionSprout/adfilt/refs/heads/master/LegitimateURLShortener.txt"
"https://raw.githubusercontent.com/yokoffing/filterlists/refs/heads/main/annoyance_list.txt"
"https://raw.githubusercontent.com/DandelionSprout/adfilt/refs/heads/master/BrowseWebsitesWithoutLoggingIn.txt"
];
};
};
};
};
};
extensions = [
# NoScript
"doojmbjmlfjjnbmnoijecmcbfeoakpjm"
# KeePassXC-Browser
# "oboonakemofpalcgghocfoadofidjkkk"
# Bitwarden Password Manager
"nngceckbapebfimnlniiiahkandclblb"
# Catppuccin Mocha
"bkkmolkhemgaeaeggcmfbghljjjoofoh"
# Dark Reader
"eimadpbcbfnmbkopoojfekhnkhdbieeh"
# UBlock Origin
"cjpalhdlnbpafiamejdnhcphjbkeiagm"
# I still don't care about cookies
"edibdbjcniadpccecjdfdjjppcpchdlm"
# Sponsorblock
"mnjggcdmjocbbbhaepdhchncahnbgone"
# Decentraleyes
"ldpochfccmkkmhdbclfhpagapcfdljkj"
# Humble new tab page
"mfgdmpfihlmdekaclngibpjhdebndhdj"
];
};
networking.extraHosts =
concatStringsSep "\n"
<| map (addr: "localhost ${addr}") [
"rewards.brave.com"
"api.rewards.brave.com"
"grant.rewards.brave.com"
"variations.brave.com"
"laptop-updates.brave.com"
"static.brave.com"
"static1.brave.com"
"crlsets.brave.com"
"ads.brave.com"
"ads-admin.brave.com"
"ads-help.brave.com"
"referrals.brave.com"
"analytics.brave.com"
"search.anonymous.ads.brave.com"
"p3a.brave.com"
"variations.brave.com"
"star-randsrv.bsg.brave.com"
"usage-ping.brave.com"
];
}

19
modules/programs/gui/dolphin.mod.nix
View file

@ -1,19 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib.modules) mkIf;
inherit (config.modules.system) isGraphical;
in
{
config = mkIf isGraphical {
environment.systemPackages = with pkgs; [
kdePackages.dolphin
kdePackages.kio-fuse # to mount remote filesystems via FUSE
kdePackages.kio-extras # extra protocols support (sftp, fish and more)
];
};
}

143
modules/programs/gui/foot.mod.nix
View file

@ -1,143 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib.modules) mkIf;
inherit (config.meta.mainUser) username;
cfg = config.modules.system.programs.terminals.foot;
theme-colors = config.modules.style.colorScheme.colors;
foot-config = pkgs.writeText "foot.ini" (
lib.generators.toINI { } {
main = {
term = "xterm-256color";
app-id = "foot";
title = "foot";
locked-title = "no";
font = "JetBrainsMono Nerd Font Mono:size=14";
font-bold = "JetBrainsMono Nerd Font Mono:size=14:style=Bold";
line-height = 20;
letter-spacing = 0;
horizontal-letter-offset = 0;
vertical-letter-offset = 0;
box-drawings-uses-font-glyphs = "no";
dpi-aware = "no";
bold-text-in-bright = "no";
word-delimiters = ",`|:\"'()[]{}<>";
selection-target = "primary";
initial-window-size-chars = "104x36";
initial-window-mode = "windowed";
pad = "8x8 center";
resize-delay-ms = 100;
};
desktop-notifications.command = "${pkgs.libnotify}/bin/notify-send -a \${app-id} -i \${app-id} \${title} \${body}";
bell = {
urgent = "yes";
notify = "yes";
command = "${pkgs.libnotify}/bin/notify-send bell";
command-focused = "no";
};
scrollback = {
lines = 10000;
multiplier = 10.0;
indicator-position = "relative";
indicator-format = "line";
};
url = {
launch = "${pkgs.xdg-utils}/bin/xdg-open \${url}";
label-letters = "sadfjklewcmpgh";
osc8-underline = "always";
};
tweak = {
font-monospace-warn = "no";
sixel = "yes";
};
cursor = {
style = "beam";
blink = "no";
};
mouse = {
hide-when-typing = "yes"; # not really needed since we already enable this in Hyprland.
alternate-scroll-mode = "yes";
};
csd.preferred = "server";
key-bindings = {
scrollback-up-half-page = "Control+k";
scrollback-up-page = "Control+Shift+k";
scrollback-down-half-page = "Control+j";
scrollback-down-page = "Control+Shift+j";
};
mouse-bindings = {
selection-override-modifiers = "Shift";
primary-paste = "BTN_MIDDLE";
select-begin = "BTN_LEFT";
select-begin-block = "Control+BTN_LEFT";
select-extend = "BTN_RIGHT";
select-extend-character-wise = "Control+BTN_RIGHT";
select-word = "BTN_LEFT-2";
select-word-whitespace = "Control+BTN_LEFT-2";
};
colors = {
foreground = theme-colors.base05; # Text
background = theme-colors.base00; # Base
regular0 = theme-colors.base03; # Surface 1
regular1 = theme-colors.base08; # red
regular2 = theme-colors.base0B; # green
regular3 = theme-colors.base0A; # yellow
regular4 = theme-colors.base0D; # blue
regular5 = "f5c2e7"; # pink
regular6 = "94e2d5"; # teal
regular7 = "bac2de"; # Subtext 1
bright0 = theme-colors.base04; # Surface 2
bright1 = theme-colors.base08; # red
bright2 = theme-colors.base0B; # green
bright3 = theme-colors.base0A; # yellow
bright4 = "89b4fa"; # blue
bright5 = "f5c2e7"; # pink
bright6 = "94e2d5"; # teal
bright7 = "a6adc8"; # Subtext 0
selection-foreground = "cdd6f4";
selection-background = "414356";
search-box-no-match = "11111b f38ba8";
search-box-match = "cdd6f4 313244";
jump-labels = "11111b fab387";
urls = "89b4fa";
alpha = 0.9;
};
}
);
foot-wrapped = pkgs.symlinkJoin {
name = "foot-wrapped";
paths = [ pkgs.foot ];
nativeBuildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/foot --add-flags "--config=${foot-config} --working-directory=/home/${username}"
'';
};
in
{
config = mkIf cfg.enable {
environment.systemPackages = [ foot-wrapped ];
};
}

132
modules/programs/gui/foot.nix Normal file
View file

@ -0,0 +1,132 @@
{
config,
lib,
pkgs,
...
}: let
inherit (lib.modules) mkIf;
inherit (config.meta.mainUser) username;
cfg = config.modules.system.programs.terminals.foot;
colours = config.modules.style.colorScheme.colors;
foot-config = pkgs.writeText "foot.ini" (lib.generators.toINI {} {
main = {
term = "xterm-256color";
app-id = "foot";
title = "foot";
locked-title = "no";
font = "valiosevka:size=14";
font-bold = "valiosevka:size=14";
# font = "Iosevka Nerd Font:size=14";
# font-bold = "Iosevka Nerd Font:size=14";
line-height = 20;
letter-spacing = 0;
horizontal-letter-offset = 0;
vertical-letter-offset = 0;
box-drawings-uses-font-glyphs = "no";
dpi-aware = "no";
bold-text-in-bright = "no";
word-delimiters = ",`|:\"'()[]{}<>";
selection-target = "primary";
initial-window-size-chars = "104x36";
initial-window-mode = "windowed";
pad = "8x8 center";
resize-delay-ms = 100;
};
desktop-notifications.command = "${pkgs.libnotify}/bin/notify-send -a \${app-id} -i \${app-id} \${title} \${body}";
bell = {
urgent = "yes";
notify = "yes";
command = "${pkgs.libnotify}/bin/notify-send bell";
command-focused = "no";
};
scrollback = {
lines = 10000;
multiplier = 10.0;
indicator-position = "relative";
indicator-format = "line";
};
url = {
launch = "${pkgs.xdg-utils}/bin/xdg-open \${url}";
label-letters = "sadfjklewcmpgh";
osc8-underline = "always";
};
tweak = {
font-monospace-warn = "no";
sixel = "yes";
};
cursor = {
style = "beam";
blink = "no";
};
mouse = {
hide-when-typing = "yes"; # not really needed since we already enable this in Hyprland.
alternate-scroll-mode = "yes";
};
csd.preferred = "server";
key-bindings = {
scrollback-up-half-page = "Control+k";
scrollback-up-page = "Control+Shift+k";
scrollback-down-half-page = "Control+j";
scrollback-down-page = "Control+Shift+j";
};
mouse-bindings = {
selection-override-modifiers = "Shift";
primary-paste = "BTN_MIDDLE";
select-begin = "BTN_LEFT";
select-begin-block = "Control+BTN_LEFT";
select-extend = "BTN_RIGHT";
select-extend-character-wise = "Control+BTN_RIGHT";
select-word = "BTN_LEFT-2";
select-word-whitespace = "Control+BTN_LEFT-2";
};
colors = {
background = colours.base00; # base color
foreground = colours.base05; # text color
regular0 = colours.base03; # black
regular1 = colours.base08; # red
regular2 = colours.base0B; # green
regular3 = colours.base0A; # yellow
regular4 = colours.base0D; # blue
regular5 = colours.base0F; #magenta
regular6 = colours.base0C; #cyan
regular7 = colours.base06; #white
bright0 = colours.base04; # Surface 2
bright1 = colours.base08; # red
bright2 = colours.base0B; # green
bright3 = colours.base0A; # yellow
bright4 = colours.base0D; # blue
bright5 = colours.base0F; # pink
bright6 = colours.base0C; # teal
bright7 = colours.base07; # Subtext 0
alpha = 1.0;
};
});
foot-wrapped = pkgs.symlinkJoin {
name = "foot-wrapped";
paths = [pkgs.foot];
buildInputs = [pkgs.makeWrapper];
postBuild = ''
wrapProgram $out/bin/foot --add-flags "--config=${foot-config} --working-directory=/home/${username}"
'';
};
in {
config = mkIf cfg.enable {
environment.systemPackages = [foot-wrapped];
};
}

11
modules/programs/gui/fuzzel/module.nix Normal file
View file

@ -0,0 +1,11 @@
{
config,
lib,
pkgs,
...
}: let
in {
environment.systemPackages = builtins.attrValues {
inherit (pkgs) fuzzel;
};
}

8
modules/programs/gui/minecraft.nix
View file

@ -3,20 +3,18 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
inherit (lib.options) mkEnableOption; inherit (lib.options) mkEnableOption;
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
cfg = config.modules.programs.minecraft; cfg = config.modules.programs.minecraft;
in in {
{
options.modules.programs.minecraft = { options.modules.programs.minecraft = {
enable = mkEnableOption "minecraft"; enable = mkEnableOption "minecraft";
wayland = mkEnableOption "wayland"; wayland = mkEnableOption "wayland";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.prismlauncher ]; environment.systemPackages = [pkgs.prismlauncher];
}; };
} }

9
modules/programs/gui/module.nix Normal file
View file

@ -0,0 +1,9 @@
_: {
imports = [
./foot.nix
./steam.nix
# ./schizofox.nix
./minecraft.nix
./miniflux.nix
];
}

9
modules/programs/gui/spotify.mod.nix
View file

@ -1,9 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = [
pkgs.spotify
]
++ (with pkgs; [
sptlrx
]);
}

16
modules/programs/gui/steam.mod.nix → modules/programs/gui/steam.nix
View file

@ -3,14 +3,12 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption; inherit (lib.options) mkEnableOption;
cfg = config.modules.system.programs.steam; cfg = config.modules.system.programs.steam;
in in {
{
options.modules.system.programs.steam.enable = mkEnableOption "Steam games platform"; options.modules.system.programs.steam.enable = mkEnableOption "Steam games platform";
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.steam = { programs.steam = {
@ -21,20 +19,16 @@ in
SDL_VIDEODRIVER = "x11"; SDL_VIDEODRIVER = "x11";
}; };
extraLibraries = extraLibraries = p:
p:
builtins.attrValues { builtins.attrValues {
inherit (p) atk; inherit (p) atk;
}; };
}; };
gamescopeSession.enable = true; gamescopeSession.enable = true;
extraCompatPackages = [ pkgs.proton-ge-bin.steamcompattool ]; extraCompatPackages = [pkgs.proton-ge-bin.steamcompattool];
}; };
# See
services.udev.extraRules = ''
SUBSYSTEM=="input", ATTRS{idVendor}=="2dc8", ATTRS{idProduct}=="3106", MODE="0660", GROUP="input"
''; # See
# https://wiki.nixos.org/wiki/GameMode # https://wiki.nixos.org/wiki/GameMode
programs.gamemode.enable = true; programs.gamemode.enable = true;
}; };

40
modules/programs/gui/thunar.mod.nix
View file

@ -1,40 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption;
cfg = config.modules.programs.thunar;
in
{
options.modules.programs.thunar.enable = mkEnableOption "Thunar file manager";
config = mkIf cfg.enable {
programs.thunar = {
enable = true;
plugins = builtins.attrValues {
inherit (pkgs.xfce)
thunar-volman
thunar-vcs-plugin
thunar-archive-plugin
thunar-media-tags-plugin
;
};
};
services.gvfs = {
enable = true;
package = pkgs.gvfs;
};
# Archive management
programs.file-roller = {
enable = true;
package = pkgs.file-roller;
};
# image thumbnails
services.tumbler.enable = true;
};
}

23
modules/programs/gui/thunar/module.nix Normal file
View file

@ -0,0 +1,23 @@
{
config,
lib,
pkgs,
...
}: {
programs.thunar = {
enable = true;
plugins = builtins.attrValues {
inherit
(pkgs.xfce)
thunar-volman
thunar-vcs-plugin
thunar-archive-plugin
thunar-media-tags-plugin
;
};
};
services.gvfs = {
enable = true;
package = pkgs.gvfs;
};
}

7
modules/programs/other/direnv.mod.nix → modules/programs/other/direnv.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
config = { config = {
programs.direnv = { programs.direnv = {
enable = true; enable = true;
@ -11,8 +10,8 @@
# We want direnv to load in our nix dev shells # We want direnv to load in our nix dev shells
loadInNixShell = true; loadInNixShell = true;
enableBashIntegration = false; enableBashIntegration = true;
enableFishIntegration = false; enableFishIntegration = true;
}; };
}; };
} }

3
modules/programs/other/module.nix Normal file
View file

@ -0,0 +1,3 @@
_: {
imports = [./direnv.nix ./nix-index.nix];
}

2
modules/programs/other/nix-index.mod.nix → modules/programs/other/nix-index.nix
View file

@ -1,4 +1,4 @@
{ {pkgs, ...}: {
programs = { programs = {
# We have to disable this and use nix-index instead. (Rust >>> Pearl) # We have to disable this and use nix-index instead. (Rust >>> Pearl)
command-not-found = { command-not-found = {

40
modules/programs/tui/btop.nix Normal file
View file

@ -0,0 +1,40 @@
{
config,
lib,
pkgs,
...
}: let
inherit (lib.options) mkEnableOption;
inherit (lib.modules) mkIf;
cfg = config.modules.programs.btop;
btop-settings = pkgs.writeTextDir "btop/btop.conf" ''
truecolor = True
vim_keys = True
rounded_corners = True
update_ms = 100
graph_symbol = "braille"
cpu_single_graph = True
clock_format = "%X"
use_fstab = True
io_mode = True
net_sync = True
net_iface = "enp4s0"
log_level = "ERROR"
'';
btop-wrapped = pkgs.symlinkJoin {
name = "btop-wrapped";
paths = [pkgs.btop];
buildInputs = [pkgs.makeWrapper];
postBuild = ''
wrapProgram $out/bin/btop --set XDG_CONFIG_HOME "${btop-settings}"
'';
};
in {
options.modules.programs.btop.enable = mkEnableOption "btop";
config = mkIf cfg.enable {
environment.systemPackages = [btop-wrapped];
};
}

3
modules/programs/tui/module.nix Normal file
View file

@ -0,0 +1,3 @@
_: {
imports = [./btop.nix];
}

327
modules/programs/tui/zellij/config.kdl
View file

@ -1,327 +0,0 @@
// taken from https://lobste.rs/s/ft797a/why_zellij#c_4g7k3x
// Make the default layout compact and non-disturbing
default_layout "compact"
// do not pane frames
pane_frames false
// do not show startup tips
show_startup_tips false
// Choose the mode that zellij uses when starting up.
// Default: normal
//
default_mode "locked"
default_shell "fish"
theme "catppuccin-frappe"
// Toggle enabling the mouse mode. On certain configurations, or terminals this
// could potentially interfere with copying text.
// Default: true
//
mouse_mode true
// If you'd like to override the default keybindings completely, be sure to change "keybinds" to "keybinds clear-defaults=true"
keybinds clear-defaults=true {
scroll {
bind "Esc" "Ctrl s" {
SwitchToMode "Locked"
}
bind "e" {
EditScrollback
SwitchToMode "Locked"
}
bind "/" {
SwitchToMode "EnterSearch"
SearchInput 0
}
bind "Ctrl c" {
ScrollToBottom
SwitchToMode "Locked"
}
bind "j" "Down" {
ScrollDown
}
bind "k" "Up" {
ScrollUp
}
bind "Ctrl f" "PageDown" "Right" "l" {
PageScrollDown
}
bind "Ctrl b" "PageUp" "Left" "h" {
PageScrollUp
}
bind "d" {
HalfPageScrollDown
}
bind "u" {
HalfPageScrollUp
}
bind "g" {
ScrollToTop
}
bind "G" {
ScrollToBottom
}
}
search {
bind "Ctrl s" {
SwitchToMode "Locked"
}
bind "Esc" "Ctrl c" {
ScrollToBottom
SwitchToMode "Locked"
}
bind "j" "Down" {
ScrollDown
}
bind "k" "Up" {
ScrollUp
}
bind "Ctrl f" "PageDown" "Right" "l" {
PageScrollDown
}
bind "Ctrl b" "PageUp" "Left" "h" {
PageScrollUp
}
bind "d" {
HalfPageScrollDown
}
bind "u" {
HalfPageScrollUp
}
bind "n" {
Search "down"
}
bind "p" {
Search "up"
}
bind "c" {
SearchToggleOption "CaseSensitivity"
}
bind "w" {
SearchToggleOption "Wrap"
}
bind "o" {
SearchToggleOption "WholeWord"
}
}
entersearch {
bind "Ctrl c" "Esc" {
SwitchToMode "Scroll"
}
bind "Enter" {
SwitchToMode "Search"
}
}
renametab {
bind "Ctrl c" {
SwitchToMode "Locked"
}
bind "Esc" {
UndoRenameTab
SwitchToMode "Tmux"
}
}
renamepane {
bind "Ctrl c" {
SwitchToMode "Locked"
}
bind "Esc" {
UndoRenamePane
SwitchToMode "Tmux"
}
}
tmux {
bind "[" {
SwitchToMode "Scroll"
}
bind "Ctrl Space" {
Write 1
SwitchToMode "Locked"
}
bind "z" {
ToggleFocusFullscreen
SwitchToMode "Locked"
}
// manipulate tabs
bind "c" {
NewTab
SwitchToMode "Locked"
}
bind "K" {
CloseTab
SwitchToMode "Locked"
}
bind "R" {
SwitchToMode "RenameTab"
}
// switch modes
bind "/" {
SwitchToMode "EnterSearch"
SearchInput 0
}
// miscellaneous
bind "s" {
ToggleActiveSyncTab
SwitchToMode "Locked"
}
bind "m" {
ToggleMouseMode
SwitchToMode "Locked"
}
bind "y" {
Run "yazi"
SwitchToMode "Locked"
}
// create new pane
bind "Space" {
NewPane
SwitchToMode "Locked"
}
bind "-" "_" {
NewPane "Down"
SwitchToMode "Locked"
}
bind "|" "\\" {
NewPane "Right"
SwitchToMode "Locked"
}
bind "r" {
SwitchToMode "RenamePane"
}
// switch between tabs
bind "h" {
GoToPreviousTab
SwitchToMode "Locked"
}
bind "l" {
GoToNextTab
SwitchToMode "Locked"
}
bind "1" {
GoToTab 1
SwitchToMode "Locked"
}
bind "2" {
GoToTab 2
SwitchToMode "Locked"
}
bind "3" {
GoToTab 3
SwitchToMode "Locked"
}
bind "4" {
GoToTab 4
SwitchToMode "Locked"
}
bind "5" {
GoToTab 5
SwitchToMode "Locked"
}
bind "6" {
GoToTab 6
SwitchToMode "Locked"
}
bind "7" {
GoToTab 7
SwitchToMode "Locked"
}
bind "8" {
GoToTab 8
SwitchToMode "Locked"
}
bind "9" {
GoToTab 9
SwitchToMode "Locked"
}
// switch between panes
bind "Left" {
MoveFocus "Left"
}
bind "Right" {
MoveFocus "Right"
}
bind "Down" {
MoveFocus "Down"
}
bind "Up" {
MoveFocus "Up"
}
bind "Tab" {
FocusNextPane
}
// move panes
bind "H" {
MovePane "Left"
}
bind "J" {
MovePane "Down"
}
bind "K" {
MovePane "Up"
}
bind "L" {
MovePane "Right"
}
// manipulate panes
bind "W" {
CloseFocus
SwitchToMode "Locked"
}
// exit etc
bind "Enter" "Esc" {
SwitchToMode "Locked"
}
bind "d" {
Detach
SwitchToMode "Locked"
}
bind "Q" {
Quit
}
// resizing
bind "Ctrl h" {
Resize "Increase Left"
}
bind "Ctrl j" {
Resize "Increase Down"
}
bind "Ctrl k" {
Resize "Increase Up"
}
bind "Ctrl l" {
Resize "Increase Right"
}
}
shared {
bind "Alt n" {
NewPane
}
bind "Alt Ctrl h" {
MoveFocus "Left"
}
bind "Alt Ctrl j" {
MoveFocus "Down"
}
bind "Alt Ctrl l" {
MoveFocus "Right"
}
bind "Alt Ctrl k" {
MoveFocus "Up"
}
bind "Alt [" {
PreviousSwapLayout
}
bind "Alt ]" {
NextSwapLayout
}
bind "Alt =" "Alt +" {
Resize "Increase"
}
bind "Alt -" "Alt _" {
Resize "Decrease"
}
}
shared_except "tmux" {
bind "Ctrl Space" {
SwitchToMode "Tmux"
}
}
}

12
modules/programs/tui/zellij/module.nix Normal file
View file

@ -0,0 +1,12 @@
{pkgs, ...}: let
# I am patching zellij because of this issue:
# https://github.com/zellij-org/zellij/pull/2548
patched-zellij = pkgs.zellij.overrideAttrs (old: {
patches = [./zellij-good-scrolling.patch];
doCheck = false;
});
in {
environment.systemPackages = builtins.attrValues {
# inherit patched-zellij;
};
}

22
modules/programs/tui/zellij/zellij-good-scrolling.patch Normal file
View file

@ -0,0 +1,22 @@
--- a/zellij-server/src/panes/grid.rs
+++ b/zellij-server/src/panes/grid.rs
@@ -271,7 +271,7 @@ fn subtract_isize_from_usize(u: usize, i: isize) -> usize {
macro_rules! dump_screen {
($lines:expr) => {{
let mut is_first = true;
- let mut buf = "".to_owned();
+ let mut buf = String::with_capacity($lines.iter().map(|l| l.len()).sum());
for line in &$lines {
if line.is_canonical && !is_first {
@@ -280,8 +280,7 @@ macro_rules! dump_screen {
let s: String = (&line.columns).into_iter().map(|x| x.character).collect();
// Replace the spaces at the end of the line. Sometimes, the lines are
// collected with spaces until the end of the panel.
- let re = Regex::new("([^ ])[ ]*$").unwrap();
- buf.push_str(&(re.replace(&s, "${1}")));
+ buf.push_str(&s.trim_end_matches(' '));
is_first = false;
}
buf

17
modules/programs/tui/zellij/zellij.mod.nix
View file

@ -1,17 +0,0 @@
{ pkgs, ... }:
let
zellij-wrapped = pkgs.symlinkJoin {
name = "zellij-wrapped";
paths = [ pkgs.zellij ];
nativeBuildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/zellij --add-flags "\
--config ${./config.kdl}"
'';
};
in
{
environment.systemPackages = builtins.attrValues {
inherit zellij-wrapped;
};
}

35
modules/services/acme.mod.nix
View file

@ -1,35 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
mkAcmeCert = domain: {
# An acme system user is created. This user belongs to the acme group
# and the home directory is /var/lib/acme. This user will try to make the directory
# .well-known/acme-challenge/ under the webroot directory.
webroot = "/var/lib/acme";
# email to send updates to, we prefix "acme" and the
# name of the domain the certificate is for to it.
email = "charlie@charlieroot.dev";
group = "nginx";
};
in
{
security.acme = {
acceptTerms = true;
defaults = {
email = "charlie@charlieroot.dev";
# testing server, do not use in production, but DO use it for setting things up.
# it has much higher rate limits.
# server = "https://acme-staging-v02.api.letsencrypt.org/directory";
};
certs = {
# "copeberg.org" = mkAcmeCert "copeberg.org";
# "info.copeberg.org" = mkAcmeCert "info.copeberg.org";
# "mail.charlieroot.dev" = mkAcmeCert "mail.charlieroot.dev";
};
};
}

3
modules/services/firewall.nix Normal file
View file

@ -0,0 +1,3 @@
_: {
networking.nftables.enable = true;
}

169
modules/services/forgejo/forgejo.mod.nix
View file

@ -1,169 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (pkgs) fetchurl;
inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption;
inherit (config.services.forgejo) customDir user group;
cfg = config.modules.system.services.forgejo;
port = 3000;
domain = "copeberg.org";
img = ./img;
dataDir = "/srv/data/forgejo";
dumpDir = "/srv/data/forgejo-dump";
in
{
options.modules.system.services.forgejo.enable = mkEnableOption "forgejo";
config = mkIf cfg.enable {
modules.system.services = {
database.postgresql.enable = true;
nginx.enable = true;
};
networking.firewall.allowedTCPPorts = [
443
80
3000
];
services.nginx = {
enable = true;
virtualHosts.${domain} = {
addSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
};
# create the git user for forgejo
# NOTE: this is important and it will _not_ work otherwise.
users.users.git = {
home = dataDir;
useDefaultShell = true;
group = "git";
isSystemUser = true;
};
users.groups.git = { };
services.forgejo = {
enable = true;
package = pkgs.forgejo;
stateDir = dataDir;
user = "git";
group = "git";
database = {
createDatabase = true;
name = "git";
user = "git";
type = "postgres";
};
# Disable support for Git Large File Storage
lfs.enable = false;
settings = {
server = {
DOMAIN = domain;
# You need to specify this to remove the port from URLs in the web UI.
ROOT_URL = "https://${domain}/";
HTTP_PORT = port;
LANDING_PAGE = "home";
};
DEFAULT = {
APP_NAME = "Copeberg.org";
APP_SLOGAN = "Code and seethe.";
};
# disable registration by default.
service.DISABLE_REGISTRATION = true;
# Add support for actions, based on act: https://github.com/nektos/act
actions = {
ENABLED = false;
DEFAULT_ACTIONS_URL = "github";
};
ui = {
SHOW_USER_EMAIL = false;
THEMES = "codeberg-dark";
DEFAULT_THEME = "codeberg-dark";
};
# The glory of the old default branch name
repository = {
DEFAULT_BRANCH = "master";
};
"repository.signing" = {
SIGNING_KEY = "none";
};
};
dump = {
enable = false;
backupDir = dumpDir;
interval = "06:00";
type = "tar.xz";
};
};
systemd.tmpfiles.rules =
let
# no crawlers, thank you.
robots = pkgs.writeText "robots-txt" ''
User-agent: *
Disallow: /
'';
base-brand = fetchurl {
url = "https://codeberg.org/Codeberg-Infrastructure/forgejo/src/branch/codeberg-11/web_src/css/themes/codeberg/base-brand.css";
hash = "sha256-8gUmye/Z8H1Xe6U1CNAq907n3jt2TnPtzgpz6KhdiDU=";
};
dark-variables = fetchurl {
url = "https://codeberg.org/Codeberg-Infrastructure/forgejo/raw/branch/codeberg-11/web_src/css/themes/codeberg/dark-variables.css";
hash = "sha256-nCSJUOU9/R1fldoKXTTZmP7vmRjYUk/OKkbgrJ/NrXQ=";
};
theme-codeberg-dark = fetchurl {
url = "https://codeberg.org/Codeberg-Infrastructure/forgejo/raw/branch/codeberg-11/web_src/css/themes/theme-codeberg-dark.css";
hash = "sha256-KyXznH49koRGlzIDDqagN4PvFGD/zCX//wrctmtfgBs=";
};
in
[
"d '${customDir}/public' 0750 ${user} ${group} - -"
"d '${customDir}/public/assets' 0750 ${user} ${group} - -"
"d '${customDir}/public/assets/img' 0750 ${user} ${group} - -"
# Copeberg logo, thanks Raf <3
"f '${customDir}/public/assets/img/logo.svg' - - - - ${img}/logo.svg"
"f '${customDir}/public/assets/img/logo.png' - - - - ${img}/logo.png"
"f '${customDir}/public/assets/img/apple-touch-icon' - - - - ${img}/logo.png"
"f '${customDir}/public/assets/img/favicon.svg' - - - - ${img}/logo.svg"
"f '${customDir}/public/assets/img/favicon.png' - - - - ${img}/logo.png"
# Theming shenanigans
"d '${customDir}/public/assets' 0750 ${user} ${group} - -"
"d '${customDir}/public/assets/css' 0750 ${user} ${group} - -"
"d '${customDir}/public/assets/css/codeberg' 0750 ${user} ${group} - -"
"f '${customDir}/public/assets/css/theme-codeberg-dark.css' - - - - ${theme-codeberg-dark}"
"f '${customDir}/public/assets/css/codeberg/base-brand.css' - - - - ${base-brand}"
"f '${customDir}/public/assets/css/codeberg/dark-variables.css' - - - - ${dark-variables}"
# Templates
"d '${customDir}/templates' 0750 ${user} ${group} - -"
"d '${customDir}/templates/repo' 0750 ${user} ${group} - -"
# Home page
"f '${customDir}/templates/home.tmpl' - - - - ${./templates}/home.tmpl"
"f '${customDir}/templates/repo/header.tmpl' - - - - ${./templates/repo}/header.tmpl"
# Fuck off scrapers
"f ${customDir}/public/robots.txt - - - - ${robots.outPath}"
];
};
}

172
modules/services/forgejo/module.nix Normal file
View file

@ -0,0 +1,172 @@
{
config,
lib,
pkgs,
...
}: let
inherit (pkgs) fetchurl;
inherit (lib.modules) mkIf;
inherit (config.services.forgejo) customDir user group;
cfg = config.modules.system.services.forgejo;
port = 3000;
domain = "copeberg.org";
img = ./img;
acmeRoot = "/var/lib/acme/challenges-forgejo";
dataDir = "/srv/data/forgejo";
in {
options.modules.system.services.forgejo.enable = lib.mkEnableOption "forgejo";
config = mkIf cfg.enable {
modules.system.services = {
database.postgresql.enable = true;
nginx.enable = true;
};
networking.firewall.allowedTCPPorts = [
443
80
3000
];
services.nginx = {
enable = true;
virtualHosts.${domain} = {
addSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
};
security.acme = let
email = "charlie@charlieroot.dev";
in {
# testing server, do not use in production, but DO use it for setting things up.
# it has much higher rate limits.
# defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
certs = {
${domain} = {
webroot = acmeRoot;
inherit email;
group = "nginx";
};
};
};
# create the git user for forgejo
# NOTE: this is important and it will _not_ work otherwise.
users.users.git = {
home = dataDir;
useDefaultShell = true;
group = "git";
isSystemUser = true;
};
users.groups.git = {};
services.forgejo = {
enable = true;
package = pkgs.forgejo;
stateDir = dataDir;
user = "git";
group = "git";
database = {
createDatabase = true;
name = "git";
user = "git";
type = "postgres";
};
# Disable support for Git Large File Storage
lfs.enable = false;
settings = {
server = {
DOMAIN = domain;
# You need to specify this to remove the port from URLs in the web UI.
ROOT_URL = "https://${domain}/";
HTTP_PORT = port;
LANDING_PAGE = "home";
};
DEFAULT = {
APP_NAME = "Copeberg.org";
APP_SLOGAN = "Code and seethe.";
};
# disable registration by default.
service.DISABLE_REGISTRATION = true;
# Add support for actions, based on act: https://github.com/nektos/act
actions = {
ENABLED = false;
DEFAULT_ACTIONS_URL = "github";
};
ui = {
SHOW_USER_EMAIL = false;
THEMES = "codeberg-dark";
DEFAULT_THEME = "codeberg-dark";
};
# The glory of the old default branch name
repository = {
DEFAULT_BRANCH = "master";
};
"repository.signing" = {
SIGNING_KEY = "none";
};
};
};
systemd.tmpfiles.rules = let
# no crawlers, thank you.
robots = pkgs.writeText "robots-txt" ''
User-agent: *
Disallow: /
'';
base-brand = fetchurl {
url = "https://codeberg.org/Codeberg-Infrastructure/forgejo/raw/branch/codeberg-10/web_src/css/themes/codeberg/base-brand.css";
hash = "sha256-QJ775HpINf8klO3d/8h+tEw0vk34p19dWUCWWuVwcho=";
};
dark-variables = fetchurl {
url = "https://codeberg.org/Codeberg-Infrastructure/forgejo/raw/branch/codeberg-10/web_src/css/themes/codeberg/dark-variables.css";
hash = "sha256-nCSJUOU9/R1fldoKXTTZmP7vmRjYUk/OKkbgrJ/NrXQ=";
};
theme-codeberg-dark = fetchurl {
url = "https://codeberg.org/Codeberg-Infrastructure/forgejo/raw/branch/codeberg-10/web_src/css/themes/theme-codeberg-dark.css";
hash = "sha256-KyXznH49koRGlzIDDqagN4PvFGD/zCX//wrctmtfgBs=";
};
in [
"d '${customDir}/public' 0750 ${user} ${group} - -"
"d '${customDir}/public/assets' 0750 ${user} ${group} - -"
"d '${customDir}/public/assets/img' 0750 ${user} ${group} - -"
# Copeberg logo, thanks Raf <3
"L+ '${customDir}/public/assets/img/logo.svg' - - - - ${img}/logo.svg"
"L+ '${customDir}/public/assets/img/logo.png' - - - - ${img}/logo.png"
"L+ '${customDir}/public/assets/img/apple-touch-icon' - - - - ${img}/logo.png"
"L+ '${customDir}/public/assets/img/favicon.svg' - - - - ${img}/logo.svg"
"L+ '${customDir}/public/assets/img/favicon.png' - - - - ${img}/logo.png"
# Theming shenanigans
"d '${customDir}/public/assets' 0750 ${user} ${group} - -"
"d '${customDir}/public/assets/css' 0750 ${user} ${group} - -"
"d '${customDir}/public/assets/css/codeberg' 0750 ${user} ${group} - -"
"L+ '${customDir}/public/assets/css/theme-codeberg-dark.css' - - - - ${theme-codeberg-dark}"
"L+ '${customDir}/public/assets/css/codeberg/base-brand.css' - - - - ${base-brand}"
"L+ '${customDir}/public/assets/css/codeberg/dark-variables.css' - - - - ${dark-variables}"
# Templates
"d '${customDir}/templates' 0750 ${user} ${group} - -"
"d '${customDir}/templates/repo' 0750 ${user} ${group} - -"
# Home page
"L+ '${customDir}/templates/home.tmpl' - - - - ${./templates}/home.tmpl"
"L+ '${customDir}/templates/repo/header.tmpl' - - - - ${./templates/repo}/header.tmpl"
# Fuck off scrapers
"L+ ${customDir}/public/robots.txt - - - - ${robots.outPath}"
];
};
}

43
modules/services/forgejo/templates/home.tmpl
View file

@ -7,10 +7,49 @@
<h1 class="ui icon header title"> <h1 class="ui icon header title">
{{AppDisplayName}} {{AppDisplayName}}
</h1> </h1>
<h2>{{ctx.Locale.Tr "startpage.app_desc"}}</h2> <h2>A very painful Git service</h2>
</div> </div>
</div> </div>
</div> </div>
{{template "home_forgejo" .}} <div class="ui stackable middle very relaxed page grid">
<div class="eight wide center column">
<h1 class="hero ui icon header stackable">
<img class="logo" width="100" height="100" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
<p>Made with copious amounts of caffeeine</p>
</h1>
<p class="large">
<b>TODO</b>: Write some funny text here
</p>
</div>
<div class="eight wide center column stackable">
<h1 class="hero ui icon header">
<img class="logo" width="100" height="100" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
<p><it>I hate it here</it></p>
</h1>
<p class="large">
Bottom text
</p>
</div>
</div>
<div class="ui stackable middle very relaxed page grid">
<div class="eight wide center column">
<h1 class="hero ui icon header stackable">
<img class="logo" width="100" height="100" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
<p>Is this the real life?</p>
</h1>
<p class="large">
Something something fuck poettering
</p>
</div>
<div class="eight wide center column stackable">
<h1 class="hero ui icon header">
<img class="logo" width="100" height="100" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
<p>Open source or something</p>
</h1>
<p class="large">
I forgor
</p>
</div>
</div>
</div> </div>
{{template "base/footer" .}} {{template "base/footer" .}}

36
modules/services/forgejo/templates/home_forgejo.tmpl
View file

@ -1,36 +0,0 @@
<div class="ui stackable middle very relaxed page grid">
<div class="eight wide center column">
<h1 class="hero ui icon header">
{{svg "octicon-flame"}} {{ctx.Locale.Tr "startpage.install"}}
</h1>
<p class="large">
{{ctx.Locale.Tr "startpage.install_desc" "https://forgejo.org/download/#installation-from-binary" "https://forgejo.org/download/#container-image" "https://forgejo.org/download"}}
</p>
</div>
<div class="eight wide center column">
<h1 class="hero ui icon header">
{{svg "octicon-device-desktop"}} {{ctx.Locale.Tr "startpage.platform"}}
</h1>
<p class="large">
{{ctx.Locale.Tr "startpage.platform_desc"}}
</p>
</div>
</div>
<div class="ui stackable middle very relaxed page grid">
<div class="eight wide center column">
<h1 class="hero ui icon header">
{{svg "octicon-rocket"}} {{ctx.Locale.Tr "startpage.lightweight"}}
</h1>
<p class="large">
{{ctx.Locale.Tr "startpage.lightweight_desc"}}
</p>
</div>
<div class="eight wide center column">
<h1 class="hero ui icon header">
{{svg "octicon-code"}} {{ctx.Locale.Tr "startpage.license"}}
</h1>
<p class="large">
{{ctx.Locale.Tr "startpage.license_desc" "https://forgejo.org/download" "https://codeberg.org/forgejo/forgejo"}}
</p>
</div>
</div>

103
modules/services/grafana/grafana.mod.nix
View file

@ -1,103 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (builtins) fetchurl;
inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption;
cfg = config.modules.system.services.grafana;
domain = "info.copeberg.org";
port = 4021;
in
{
options.modules.system.services.grafana.enable = mkEnableOption "Grafana, a graphing service";
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ config.services.grafana.settings.server.http_port ];
modules.system.services.database.postgresql.enable = true;
services.grafana = {
enable = true;
package = pkgs.grafana;
settings = {
server = {
http_addr = "127.0.0.1";
http_port = port;
root_url = "https://${domain}";
inherit domain;
enforce_domain = true;
};
database = {
type = "postgres";
host = "/run/postgresql";
name = "grafana";
user = "grafana";
ssl_mode = "disable";
};
analytics = {
reporting_enabled = false;
check_for_updates = false;
};
users.allow_signup = false;
};
provision = {
enable = true;
datasources.settings = {
datasources = [
(mkIf config.modules.system.services.prometheus.enable {
name = "Prometheus";
type = "prometheus";
access = "proxy";
url = "http://127.0.0.1:${toString config.services.prometheus.port}";
isDefault = true;
})
(mkIf config.modules.system.services.database.postgresql.enable {
name = "PostgreSQL";
type = "postgres";
access = "proxy";
url = "127.0.0.1:${toString config.services.prometheus.exporters.postgres.port}";
})
];
};
dashboards.settings.providers = [
{
# taken from https://grafana.com/grafana/dashboards/1860-node-exporter-full/
name = "system-status";
options.path = fetchurl {
url = "https://grafana.com/api/dashboards/1860/revisions/40/download";
sha256 = "sha256-zTsS/UEX6W8+qK3l2GtvdDfmwS8eVnnyZxZ++LtRLBA=";
};
}
{
# taken from https://grafana.com/grafana/dashboards/9628-postgresql-database/
name = "PostgreSQL-status";
options.path = fetchurl {
url = "https://grafana.com/api/dashboards/9628/revisions/8/download";
sha256 = "sha256-UhusNAZbyt7fJV/DhFUK4FKOmnTpG0R15YO2r+nDnMc=";
};
}
];
};
};
services.nginx = {
enable = true;
virtualHosts.${domain} = {
addSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
};
};
}

50
modules/services/greetd.mod.nix → modules/services/greetd.nix
View file

@ -3,17 +3,13 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let cfg = config.modules.services.greetd;
inherit (lib.meta) getExe getExe'; uwsmEnabled = config.modules.services.uwsm.enable;
inherit (lib.modules) mkIf;
inherit (lib.options) mkOption mkEnableOption; inherit (lib.options) mkOption mkEnableOption;
inherit (lib.types) str listOf; inherit (lib.types) str listOf;
inherit (lib.modules) mkIf;
inherit (config.meta.mainUser) username; in {
cfg = config.modules.services.greetd;
in
{
options.modules.services.greetd = { options.modules.services.greetd = {
enable = mkEnableOption "greetd"; enable = mkEnableOption "greetd";
greeter = mkOption { greeter = mkOption {
@ -27,30 +23,26 @@ in
session = mkOption { session = mkOption {
description = "Which login session to start"; description = "Which login session to start";
type = str; type = str;
default = "niri"; default =
if uwsmEnabled
then "uwsm start Hyprland"
else "Hyprland";
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.greetd = services.greetd = {
let enable = true;
session = { package = pkgs.greetd;
command = '' settings.default_session = {
${getExe pkgs.greetd.tuigreet} \ command = ''
-c \"${cfg.session}\" \ ${pkgs.greetd.tuigreet}/bin/tuigreet \
-r -c \"${cfg.session}\" \
-t --time-format "DD.MM.YYYY" -r
--asteriks''; -t --time-format "DD.MM.YYYY"
user = "greeter"; --asteriks'';
};
in
{
enable = true;
vt = 7;
settings = {
default_session = session;
initial_session = session;
};
}; };
vt = 7;
};
}; };
} }

20
modules/services/kanata/kanata.mod.nix → modules/services/kanata/module.nix
View file

@ -2,24 +2,24 @@
config, config,
lib, lib,
... ...
}: }: let
let
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption; inherit (lib.options) mkEnableOption;
cfg = config.modules.services.kanata; cfg = config.modules.services.kanata;
in in {
{
options.modules.services.kanata.enable = mkEnableOption "kanata"; options.modules.services.kanata.enable = mkEnableOption "kanata";
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.kanata = { services.kanata = {
enable = true; enable = true;
keyboards.main = {
devices = [ keyboards.daskeyboard = {
"/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" devices = ["/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd"];
"/dev/input/by-path/platform-i8042-serio-0-event-kbd" config = builtins.readFile (./. + "/main.kbd");
"/dev/input/by-id/usb-Dell_Dell_USB_Keyboard-event-kbd" };
];
keyboards.laptop = {
devices = ["/dev/input/by-path/platform-i8042-serio-0-event-kbd"];
config = builtins.readFile (./. + "/main.kbd"); config = builtins.readFile (./. + "/main.kbd");
}; };
}; };

8
modules/services/locate.mod.nix → modules/services/locate.nix
View file

@ -3,16 +3,14 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
cfg = config.modules.services.locate; cfg = config.modules.services.locate;
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption; inherit (lib.options) mkEnableOption;
in in {
{
options.modules.services.locate.enable = mkEnableOption "Locate service"; options.modules.services.locate.enable = mkEnableOption "Locate service";
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.plocate ]; environment.systemPackages = [pkgs.plocate];
services.locate = { services.locate = {
enable = true; enable = true;
interval = "hourly"; interval = "hourly";

12
modules/services/mako.mod.nix → modules/services/mako.nix
View file

@ -1,9 +1,8 @@
{ pkgs, ... }: {pkgs, ...}: let
let
mako-wrapped = pkgs.symlinkJoin { mako-wrapped = pkgs.symlinkJoin {
name = "mako-wrapped"; name = "mako-wrapped";
paths = [ pkgs.mako ]; paths = [pkgs.mako];
nativeBuildInputs = [ pkgs.makeWrapper ]; buildInputs = [pkgs.makeWrapper];
postBuild = '' postBuild = ''
wrapProgram $out/bin/mako --add-flags "\ wrapProgram $out/bin/mako --add-flags "\
--font 'Lexend 11' \ --font 'Lexend 11' \
@ -13,7 +12,6 @@ let
--default-timeout 4000" --default-timeout 4000"
''; '';
}; };
in in {
{ environment.systemPackages = [mako-wrapped];
environment.systemPackages = [ mako-wrapped ];
} }

11
modules/services/module.nix Normal file
View file

@ -0,0 +1,11 @@
_: {
imports = [
./pipewire.nix
./locate.nix
./ssh.nix
./greetd.nix
./mako.nix
./mpd.nix
./firewall.nix
];
}

27
modules/services/monitoring/loki/loki.mod.nix
View file

@ -1,27 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption;
cfg = config.modules.system.services.loki;
port = 4026;
dataDir = "/srv/data/loki";
in
{
options.modules.system.services.loki.enable = mkEnableOption "Grafana, a graphing service";
config = mkIf cfg.enable {
services.loki = {
enable = true;
package = pkgs.loki;
configuration = {
};
};
};
}

8
modules/services/mpd.mod.nix → modules/services/mpd.nix
View file

@ -3,15 +3,13 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
cfg = config.modules.services.media.mpd; cfg = config.modules.services.media.mpd;
inherit (config.meta.mainUser) username; inherit (config.meta.mainUser) username;
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
inherit (lib.types) str; inherit (lib.types) str;
inherit (lib.options) mkOption mkEnableOption; inherit (lib.options) mkOption mkEnableOption;
in in {
{
options.modules.services = { options.modules.services = {
media = { media = {
mpd = { mpd = {
@ -26,7 +24,7 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# command line interface to mpd # command line interface to mpd
environment.systemPackages = [ pkgs.mpc ]; environment.systemPackages = [pkgs.mpc];
systemd.services.mpd.environment = { systemd.services.mpd.environment = {
# https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/609 # https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/609

7
modules/services/nginx.mod.nix → modules/services/nginx/module.nix
View file

@ -3,13 +3,11 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
inherit (lib.modules) mkIf mkDefault; inherit (lib.modules) mkIf mkDefault;
inherit (lib.options) mkEnableOption; inherit (lib.options) mkEnableOption;
cfg = config.modules.system.services.nginx; cfg = config.modules.system.services.nginx;
in in {
{
options.modules.system.services.nginx.enable = mkEnableOption "nginx"; options.modules.system.services.nginx.enable = mkEnableOption "nginx";
config = mkIf cfg.enable { config = mkIf cfg.enable {
security = { security = {
@ -27,6 +25,7 @@ in
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedZstdSettings = true;
# nginx defaults to a 1MB size limit for uploads, which # nginx defaults to a 1MB size limit for uploads, which
# *definitely* isn't enough for Git LFS. # *definitely* isn't enough for Git LFS.

29
modules/services/owncloud.mod.nix → modules/services/owncloud/module.nix
View file

@ -3,14 +3,12 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
inherit (lib.meta) getExe'; inherit (lib.meta) getExe';
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
cfg = config.modules.system.services.owncloud; cfg = config.modules.system.services.owncloud;
in in {
{
options.modules.system.services.owncloud.enable = lib.mkEnableOption "owncloud"; options.modules.system.services.owncloud.enable = lib.mkEnableOption "owncloud";
config = { config = {
@ -18,16 +16,33 @@ in
description = "Owncloud client service"; description = "Owncloud client service";
# makes the graphical session start this service when it starts # makes the graphical session start this service when it starts
wantedBy = [ "graphical-session.target" ]; wantedBy = ["graphical-session.target"];
# when graphical session restarts or gets stopped, this also gets restarted/stopped. # when graphical session restarts or gets stopped, this also gets restarted/stopped.
partOf = [ "graphical-session.target" ]; partOf = ["graphical-session.target"];
# gets started only after graphical session # gets started only after graphical session
after = [ "graphical-session.target" ]; after = ["graphical-session.target"];
serviceConfig = { serviceConfig = {
ExecStart = "${getExe' pkgs.owncloud-client "owncloud"}"; ExecStart = "${getExe' pkgs.owncloud-client "owncloud"}";
Restart = "always"; Restart = "always";
RestartSec = 30; RestartSec = 30;
# User = "cr";
# Group = "cr";
Keyringmode = "shared";
DevicePolicy = "closed";
PrivateDevices = true;
PrivateTmp = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectControlGroup = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectSystem = "strict";
SystemCallFilter = "~@clock @cpu-emulation @debug @obsolete @module @mount @raw-io @reboot @swap @privileged";
}; };
}; };
}; };

6
modules/services/pipewire.mod.nix → modules/services/pipewire.nix
View file

@ -2,12 +2,10 @@
config, config,
lib, lib,
... ...
}: }: let
let
cfg = config.modules.system.sound; cfg = config.modules.system.sound;
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
in in {
{
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.pulseaudio.enable = false; services.pulseaudio.enable = false;
services.pipewire = { services.pipewire = {

Some files were not shown because too many files have changed in this diff Show more