Commit graph

249 commits

Author SHA1 Message Date
teutat3s 4520dece5f
neovim: use nvfetcher for custom plugins 2022-10-18 16:55:51 +02:00
teutat3s d43bd80580
core: disable SSH passwordAuthentication by default 2022-10-05 11:58:26 +02:00
teutat3s f28d05e24e
Change user.publicKeys to a SSH keys string list 2022-10-05 11:57:51 +02:00
Benjamin Bädorf f3a5b2233a
Merge branch 'main' into feature/more-paranoia 2022-10-03 02:55:25 +00:00
Benjamin Bädorf 5da560ef56
Open up SSH by default 2022-10-03 04:55:14 +02:00
teutat3s b23e1e16a4
alacritty: improve selection and cursor colors 2022-10-03 04:11:16 +02:00
Benjamin Bädorf 6f3885d0ca
Remove doubled openssh configs in paranoia module 2022-10-03 04:07:48 +02:00
Benjamin Bädorf 8529a15177
Be more paranoid
The paranoia mode now also enables the firewall and closes down a couple
of small openSSH holes. `noexec` on the whole FS is left out as it will
make every existing PubSolarOS installation panic.
2022-10-03 04:03:09 +02:00
teutat3s 986680cc26
bootstrap iso: add PubSolarOS naming, drone pipeline
adjustments to include a symlink to the latest iso built
2022-10-03 01:30:34 +02:00
hensoko 1181cd6fea
Improve core module (#132)
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/132
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-10-02 01:17:34 +00:00
teutat3s 612e5e35c0
Fix swayidle, lock, waybar menu 2022-10-02 01:19:48 +02:00
teutat3s 1767dcb076
Fix swayidle service
- add missing \
- reference swaylock-bg script from pkgs
2022-09-01 14:38:10 +02:00
teutat3s c1b672fe70
Fix conflicting definition values, force use of
our defined value.

error: The option 'services.getty.autologinUser' has conflicting definition values:
       - In '/nix/store/zyh8f18z0m1r9jppvdcdivfvfxg0j3fv-source/nixos/modules/profiles/installation-device.nix': "nixos"
       - In '/nix/store/w82qigr5jqv9c6jhdrpdwixydk3rmbzw-source/modules/graphical': "pub-solar"
2022-08-29 11:55:20 +02:00
Benjamin Bädorf 8fc8ac2d58
Fix service startup for ci-runner 2022-08-25 15:25:34 +02:00
Benjamin Bädorf a643701e49
Merge branch 'main' into feature/ci-runner-onecommit 2022-08-25 13:20:52 +00:00
Benjamin Bädorf b16299965c
Merge pull request 'Fix hibernation' (#120) from fix/hibernation into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/120
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-08-25 09:58:20 +00:00
Benjamin Bädorf 6d1d683b23
Fix swayidle command, add hibernation on lid close, fix env
The swayidle command in the service was straight up broken, this commit
fixes that.

Environment Variables set in the `session-variables` file are now
correctly imported across the system. This fixes `EDITOR` defaulting to
`nano`.
2022-08-25 00:13:23 +02:00
Benjamin Bädorf 40799ed5b6
Merge pull request 'feature/pin-zsh-plugins-to-deterministic-versions' (#123) from feature/pin-zsh-plugins-to-deterministic-versions into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/123
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-24 22:05:08 +00:00
teutat3s de03f0f42f
zsh: correctly pin plugins to commits instead of
branch names, to prevent errors like:
error: hash mismatch in fixed-output derivation '/nix/store/n7w9jd46zx4rzy9a24abxv3lcx1ikn1j-source.drv':
         specified: sha256-0pzkKPdzyQXTe8usaSaM1Iivi2UHQrSJrh5V2pRd0Gg=
            got:    sha256-9vc4cMBCNOmPOyzGwnPeMrXXyQUq4pC9Du3AWl9+Rys=
2022-08-24 23:19:18 +02:00
teutat3s f7eda8ca1c
zsh: bundle plugins within our config 2022-08-24 23:19:13 +02:00
hensoko ad0402fd93
Merge pull request 'Disable NetworkManager-wait-online system service' (#121) from feature/disable-networkmanager-wait-online into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/121
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-24 20:50:45 +00:00
Hendrik Sokolowski 8efc4c2f9e
Use iwd as wifi backend
iwd is a lightweight wireless connection backend that was initiated by
developers of intel. It is supposed to be faster.
2022-08-24 21:49:59 +02:00
Hendrik Sokolowski 57f608ecde
Disable NetworkManager-wait-online system service
This service is presumably useful for devices that need to ensure there
is an active internet connection before starting other systemd units.
This is neither the case for end-user devices as the an active internet
connection is only needed after login nor the case for server-like
systems as they normally have a static / dhcp-based network configuration
which does not require switchable network configuration profiles.
2022-08-24 21:47:58 +02:00
Benjamin Bädorf dc8257f31f
Fix hibernation
The resumeDevice and kernel `resume` parameter were being used wrong.

Only `boot.resumeDevice` is necessary, and it should point at the _block
device_ that holds the swapfile. If you are running on encrypted
volumes, this means you will need to use the name of the *decrypted
block device* on which the swapfile sits.
2022-08-24 18:46:35 +02:00
teutat3s c63c3da345
nix: set nix.package to force overlays/
overrides.nix to apply

use nix as default version alias in devshell as well
2022-08-24 00:55:57 +02:00
Benjamin Bädorf 9c5bcc6a2f
Merge branch 'main' into feature/ci-runner-onecommit 2022-08-14 22:17:19 +02:00
Benjamin Bädorf 14ba701061
Don't use libvirt in ci-runner 2022-08-14 20:28:18 +02:00
Benjamin Bädorf c5362c0453
Fix path in drone runner exec 2022-08-14 20:25:43 +02:00
Benjamin Bädorf f9b7c9e3c9
Fix build 2022-08-14 20:09:38 +02:00
Benjamin Bädorf 46992c46d6
Add parameter for swapfile offset 2022-08-14 19:59:01 +02:00
Benjamin Bädorf ba6dfdcf53
Fix sway mode_system config import 2022-08-14 19:48:45 +02:00
Benjamin Bädorf 963212893e
Merge branch 'main' into feat/hibernate-always 2022-08-14 19:15:25 +02:00
Benjamin Bädorf aabe96a335
Fix hibernation config 2022-08-14 18:11:25 +02:00
Benjamin Bädorf 043178172b
Improve help and screen recording keybindings in sway
This commit shuffles around some sway keybindings and improves the
screen recording experience by adding a small wrapper around `slurp` and
`wf-recorder` conveniently called `record-screen`.

* `$mod+F5` now reload the sway configuration,
* `$mod+Ctrl+r` starts a screen recording (to stop it, go to workspace 7
  and kill the process),
* `record-screen` and the firefox sharing indicator are both on
  workspace 7 now, making it the "trash" workspace,
* `$mod+F1` and `$mod+Shift+h` now open Firefox with the docs of our
repository availabe under `help.local`.
* To not infuriate `qMasterPassword` users, that is now available under
`$mod+Shift+m` instead of `$mod+F1`.
2022-08-14 18:03:32 +02:00
Benjamin Bädorf 26803ccf4f
Merge branch 'feat/hibernate-always' of git.b12f.io:pub-solar/os into feat/hibernate-always 2022-08-14 17:20:14 +02:00
Benjamin Bädorf ca4262b84f
Fix hibernation enabling in paranoia mode 2022-08-14 17:20:09 +02:00
Benjamin Bädorf 63435d6e59
Merge branch 'main' into feature/ci-runner-onecommit 2022-08-14 15:18:58 +00:00
Benjamin Bädorf 932bd05c41
Merge branch 'main' into feat/hibernate-always 2022-08-14 15:18:01 +00:00
hensoko cb5c75b1cc
feature/terminal-life-lite-mode (#117)
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/117
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
2022-08-14 15:17:35 +00:00
Benjamin Bädorf 762e78677b
Fix hibernation enabling in paranoia mode 2022-08-14 17:15:50 +02:00
Benjamin Bädorf 4c0991c7e1
Put always hibernate behind a flag
Hibernation is now a core option:
```
pub-solar.core.hibernation.enable = true;
```

And there's a paranoia mode, that keeps the disk encrypted as much as
possible by enabling hibernation and removing the options for sleep,
screen locking.

Idle locking now hibernates, and it does it on very short notice.
2022-08-14 17:10:30 +02:00
teutat3s c400f58ce8
Merge branch 'main' into feature/ci-runner-onecommit 2022-08-14 16:33:57 +02:00
Benjamin Bädorf d3d4c6f498
Merge remote-tracking branch 'origin/main' into feat/hibernate-always 2022-08-14 16:28:59 +02:00
teutat3s 5dd0a5badb
Merge branch 'main' into fix/set-nix-dram-default 2022-08-14 15:54:51 +02:00
hensoko c43b96c4d5 Fix core module (#116)
Co-authored-by: Hendrik Sokolowski <hensoko@gssws.de>
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/116
Reviewed-by: teutat3s <teutates@mailbox.org>
2022-08-14 13:54:19 +00:00
Benjamin Bädorf 98a537d287
Merge branch 'main' into feat/hibernate-always 2022-08-14 15:27:01 +02:00
teutat3s 71a47f35b4
Merge branch 'main' into fix/set-nix-dram-default 2022-08-14 15:18:55 +02:00
Benjamin Bädorf e436443bd2 Merge pull request 'Rework of x-os module / core profile' (#115) from feature/integrate-core-profile-into-x-os-and-rename-x-os-to-core into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/115
Reviewed-by: Benjamin Bädorf <b12f@noreply.example.org>
2022-08-14 13:13:27 +00:00
teutat3s bf581d1e9c
nix-dram: remove nix-dram as default nix binary
nix-dram as default nix binary isn't worth the
maintenance work anymore, CI builds started
failing because of it:
https://ci.b12f.io/pub-solar/os/533/1/2

Automatic builds still happen each night and can be
checked in our fork of nix-dram:
https://github.com/pub-solar/nix-dram/actions

Users of nix-dram can continue to use it via devshells
or nix run github:dramforever/nix-dram -- --version
2022-08-14 15:12:23 +02:00
Hendrik Sokolowski 7785744d73 Move some packages from full to default set, move options for modules to
default.nix
2022-08-14 15:11:01 +02:00
Benjamin Bädorf e3bfdc71fc
Merge branch 'main' into feat/hibernate-always 2022-08-14 15:05:32 +02:00
Hendrik Sokolowski 4190818304 Rework of x-os module / core profile
* move core settings to x-os
* add option to only install a lite core
* rename x-os module to core
* remove core profile from flake.nix
2022-08-14 14:47:44 +02:00
Benjamin Bädorf be016c44fb Merge pull request 'Remove nonfree software' (#113) from feat/fucking-free into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/113
Reviewed-by: teutat3s <teutates@mailbox.org>
2022-08-14 12:47:32 +00:00
Benjamin Bädorf 552b2ee53e
Remove nonfree software
This commit removes the default, global `allowUnfree = true;` setting
and removes nonfree packages where I could find them. Tested by building
the `PubSolarOS` host once.
2022-08-14 14:15:02 +02:00
hensoko 18e9b4a009 feature/restructure-core-profile (#109)
Co-authored-by: Hendrik Sokolowski <hensoko@gssws.de>
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/109
Reviewed-by: Benjamin Bädorf <b12f@noreply.example.org>
Reviewed-by: teutat3s <teutates@mailbox.org>
2022-08-13 20:35:43 +00:00
Benjamin Bädorf e3d76f1999
Move ci-runner to user and add git, virsh and nix to path 2022-08-13 22:31:30 +02:00
Benjamin Bädorf 0b229a771e
Barebones ci-runner module
This adds a barebones CI-runner module with the following option:

`pub-solar.ci-runner.enable`

If enabled, this will start a systemd service on boot that runs
`drone-runner-exec`. The configuration expects you to have a file called
`secrets/drone-runner-exec-config` handled by agenix that gets put into
`/run/agenix/drone-runner-exec-config` and is owned by root.

This file should contain a configuration similar to the following:

```
CLIENT_DRONE_RPC_PROTO=https
CLIENT_DRONE_RPC_HOST=drone.company.com
CLIENT_DRONE_RPC_SECRET=super-duper-secret
```
2022-08-13 22:08:02 +02:00
teutat3s e11c91f86e
Merge branch 'main' into fix/neovim-cherry-picks 2022-08-13 17:35:16 +02:00
Benjamin Bädorf 93aaab2685
Make cryptroot optional 2022-08-13 12:32:37 +02:00
Benjamin Bädorf 9375fc4aae Merge pull request 'Add denols to nvim' (#88) from feature/denols into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/88
2022-08-12 22:45:13 +00:00
Benjamin Bädorf ebfd447037 Merge pull request 'Add Arduino module' (#98) from feature/arduino into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/98
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-08-12 22:44:28 +00:00
Benjamin Bädorf 6b396f0840 Merge branch 'main' into fix/neovim-cherry-picks 2022-08-12 20:52:57 +00:00
Benjamin Bädorf 1a7d0979c1 Merge pull request 'Add spotify as an audio option' (#99) from feature/spotify into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/99
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-08-12 20:43:03 +00:00
Benjamin Bädorf 06d2b07b09 Merge pull request 'Remove unused scream pulse service file' (#89) from refactor/remove-scream-pulse-service into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/89
2022-08-12 18:44:50 +00:00
Benjamin Bädorf 6150201e6e Merge pull request 'signal-desktop: works without workaround again' (#93) from social/revert-signal-fix into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/93
2022-08-12 18:44:32 +00:00
Benjamin Bädorf 8e634ad70b Merge pull request 'audio: remove mopidy-spotify, upstream abandonded support' (#95) from fix/audio-remove-mopidy-spotify into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/95
2022-08-12 18:33:26 +00:00
Benjamin Bädorf 45202d98ec
Add Arduino module
This adds a small arduino development module that installs development
tooling and adds the user to the `dialout` group.
2022-08-10 22:53:37 +02:00
Benjamin Bädorf bb53317daf
Add spotify as an audio option
Adds a `config.pub-solar.audio.spotify` option that when enabled
installs and configures `spotifyd` as a systemd daemon and `spotify-tui`
as the terminal-based UI.

After enabling, run `spt` in the terminal to open the UI.
2022-08-10 22:52:17 +02:00
teutat3s be0ae1a799
neovim: fix quoting, use vim.fn.stdpath to get
the neovim config directory path
2022-08-09 23:26:10 +02:00
teutat3s 0619a69f32
neovim: add vim-nixhash plugin 2022-08-09 23:25:33 +02:00
teutat3s 4339f04f7c
neovim: use vimagit from latest master commit 2022-08-09 23:25:12 +02:00
teutat3s 3142c58cf4
neovim, caddy: add json-schema, use tabs in
Caddyfiles, add vim-caddyfile
2022-08-09 23:23:55 +02:00
teutat3s 237a753474
audio: switch to wireplumber for pipewire configuration
https://nixos.wiki/wiki/PipeWire#Bluetooth_Configuration
2022-07-08 14:34:30 +02:00
teutat3s 6a5b09a26a
audio: remove mopidy-spotify, upstream abandonded support 2022-07-08 14:25:22 +02:00
teutat3s 3bd0b3c502
signal-desktop: works without workaround again
Also add --use-tray-icon flag, since it works now
2022-07-08 14:24:23 +02:00
Benjamin Bädorf 5094495a79
Less annoying 2022-06-04 20:29:09 +02:00
Benjamin Bädorf d84ee5d67a
Remove unused scream pulse service file 2022-06-04 19:42:13 +02:00
Benjamin Bädorf 63fe359cab
Add denols to nvim
In Deno projects `tsserver` is less than ideal. This PR starts `denols`
instead of `tsserver` if `nvim` finds the `NVIM_USE_DENOLS` variable
when reading the lsp config.
2022-06-04 19:41:28 +02:00
Benjamin Bädorf 6054a02ebf
Make sure we're all successful 2022-06-04 19:40:55 +02:00
Benjamin Bädorf c6d4a9f0dc Merge pull request 'Follow nixos release-22.05' (#87) from feature/nixos-22.05 into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/87
Reviewed-by: Benjamin Bädorf <b12f@noreply.example.org>
2022-06-04 00:58:58 +00:00
teutat3s 8e43046dee
nixos: follow release-22.05
home: follow release-22.05 branch

Fixes for upstream changes:

ag renamed to silver-searcher, extfat-utils is now exfat, lot's of
overrides no longer needed, as they're now in the release branch,
services.caddy.config split up into globalConfig and extraConfig
2022-06-02 10:13:17 +02:00
teutat3s 3fae0d93fa
graphical: move FF sharing indicator to sway ws 7
The Firefox sharing indicator sometimes doesn't like to float like it
should, and when it does, it usually floats over UI elements you'd like
to use.

Moving it to sway workspace 7 should get it mostly out of the way
2022-05-06 14:53:27 +02:00
Hendrik Sokolowski 3ce121ce60 Introduce option to enable autologin
This option allows to disable autologin which is enabled by default.
2022-05-03 19:26:02 +02:00
Hendrik Sokolowski 159ae86722 Start sway as a systemd user process again
After login on TTY1 sway was started by calling
    exec sway

See also b84d88fc92

Co-authored-by: Hendrik Sokolowski <hensoko@gssws.de>
2022-05-02 20:55:34 +02:00
Benjamin Bädorf 797e83f9aa Merge pull request 'zsh: precmd() don't echo trailing newline' (#78) from fix/zsh-precmd into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/78
Reviewed-by: Benjamin Bädorf <b12f@noreply.example.org>
2022-05-02 18:34:08 +00:00
teutat3s a772a91d7b
zsh: precmd() don't echo trailing newline 2022-05-02 01:30:09 +02:00
teutat3s 4712e535f9
sway: fix cursor not scaling correctly 2022-05-02 01:28:35 +02:00
Benjamin Bädorf 0c4987ede1
Add resume device 2022-05-01 17:29:34 +02:00
Benjamin Bädorf 4b828cd91f
Shorten time until hibernate 2022-05-01 17:04:29 +02:00
Benjamin Bädorf d2f8a2d837
Remove swaylock-bg from install list 2022-04-30 23:56:02 +02:00
Benjamin Bädorf 3024b14735
Merge branch 'main' into feat/hibernate-always 2022-04-30 22:55:32 +02:00
Benjamin Bädorf 0ecbdaa0bc
Merge branch 'main' into fix/shorten-home-to-tilde-zsh 2022-04-30 21:50:42 +02:00
Benjamin Bädorf 0acabe0624 Merge pull request 'tree-wide: gnome3 -> gnome, add hicolor-icon-theme' (#66) from fix/gnome3-to-gnome into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/66
Reviewed-by: Benjamin Bädorf <b12f@noreply.example.org>
2022-04-30 19:29:40 +00:00
teutat3s 4b915053b4
zsh: precmd() don't echo trailing newline 2022-04-30 20:58:06 +02:00
teutat3s 99ece3e3f1
Merge branch 'main' into fix/gnome3-to-gnome 2022-04-30 20:17:25 +02:00
Benjamin Bädorf e30974c1b2
Merge branch 'main' into feature/basic-iso 2022-04-30 19:51:38 +02:00
Benjamin Bädorf 84fa70513f
Improve terminal pwd title by shortening home to ~ 2022-04-30 18:28:11 +02:00
teutat3s 01fc42e15f
Merge branch 'main' into feature/neovim-improvements 2022-04-30 18:12:49 +02:00
teutat3s ed26820593
neovim: remove unneeded autocmd CursorHold 2022-04-30 18:11:43 +02:00
Benjamin Bädorf 003140fc54 Merge pull request 'Change terminal title to cwd' (#69) from feature/terminal-title-cwd into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/69
Reviewed-by: teutat3s <teutates@mailbox.org>
Reviewed-by: hensoko <hensoko@noreply.example.org>
2022-04-30 16:01:05 +00:00