Compare commits
2 commits
d67d75eda3
...
50c182d827
Author | SHA1 | Date | |
---|---|---|---|
b12f | 50c182d827 | ||
b12f | a1670dcb3d |
|
@ -6,7 +6,8 @@ end_of_line = lf
|
||||||
insert_final_newline = true
|
insert_final_newline = true
|
||||||
trim_trailing_whitespace = true
|
trim_trailing_whitespace = true
|
||||||
charset = utf-8
|
charset = utf-8
|
||||||
indent_style = tab
|
indent_style = space
|
||||||
|
indent_size = 2
|
||||||
|
|
||||||
# Ignore diffs/patches
|
# Ignore diffs/patches
|
||||||
[*.{diff,patch}]
|
[*.{diff,patch}]
|
||||||
|
@ -19,8 +20,8 @@ indent_style = unset
|
||||||
indent_size = unset
|
indent_size = unset
|
||||||
|
|
||||||
[{.*,secrets}/**]
|
[{.*,secrets}/**]
|
||||||
end_of_line = unset
|
end_of_line = false
|
||||||
insert_final_newline = unset
|
insert_final_newline = false
|
||||||
trim_trailing_whitespace = unset
|
trim_trailing_whitespace = unset
|
||||||
charset = unset
|
charset = unset
|
||||||
indent_style = unset
|
indent_style = unset
|
||||||
|
|
|
@ -65,7 +65,13 @@
|
||||||
./overlays
|
./overlays
|
||||||
];
|
];
|
||||||
|
|
||||||
perSystem = args@{ system, pkgs, lib, config, ... }: {
|
perSystem = args @ {
|
||||||
|
system,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
_module.args = {
|
_module.args = {
|
||||||
inherit inputs;
|
inherit inputs;
|
||||||
pkgs = import inputs.nixpkgs {
|
pkgs = import inputs.nixpkgs {
|
||||||
|
@ -103,7 +109,6 @@
|
||||||
terraform-backend-git
|
terraform-backend-git
|
||||||
|
|
||||||
deno
|
deno
|
||||||
denols
|
|
||||||
];
|
];
|
||||||
|
|
||||||
shellHook = ''
|
shellHook = ''
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
{ withSystem, self, inputs, ...}:
|
|
||||||
{
|
{
|
||||||
|
withSystem,
|
||||||
|
self,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
flake = {
|
flake = {
|
||||||
nixosConfigurations = {
|
nixosConfigurations = {
|
||||||
stroopwafel = self.nixos-flake.lib.mkLinuxSystem {
|
stroopwafel = self.nixos-flake.lib.mkLinuxSystem {
|
||||||
|
|
|
@ -1,11 +1,15 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
config,
|
||||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [
|
||||||
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "uas" "sd_mod"];
|
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "uas" "sd_mod"];
|
||||||
|
@ -21,41 +25,41 @@
|
||||||
"cryptdata".device = "/dev/sda1";
|
"cryptdata".device = "/dev/sda1";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" = {
|
||||||
{ device = "none";
|
device = "none";
|
||||||
fsType = "tmpfs";
|
fsType = "tmpfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/nix" =
|
fileSystems."/nix" = {
|
||||||
{ device = "/dev/disk/by-uuid/837cc93f-6d9a-4bfd-b089-29ac6d68127c";
|
device = "/dev/disk/by-uuid/837cc93f-6d9a-4bfd-b089-29ac6d68127c";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/persist" =
|
fileSystems."/persist" = {
|
||||||
{ device = "/dev/disk/by-uuid/a7711118-51b0-4d84-8f18-ef2e06084e05";
|
device = "/dev/disk/by-uuid/a7711118-51b0-4d84-8f18-ef2e06084e05";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/home" =
|
fileSystems."/home" = {
|
||||||
{ device = "/dev/disk/by-uuid/0965d496-ffad-4a8d-9de7-28af903baf16";
|
device = "/dev/disk/by-uuid/0965d496-ffad-4a8d-9de7-28af903baf16";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" =
|
fileSystems."/boot" = {
|
||||||
{ device = "/dev/disk/by-uuid/991E-79C1";
|
device = "/dev/disk/by-uuid/991E-79C1";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/data" =
|
fileSystems."/data" = {
|
||||||
{ device = "/dev/disk/by-uuid/5fc34ef4-207b-45fb-b846-dbb01080d9fe";
|
device = "/dev/disk/by-uuid/5fc34ef4-207b-45fb-b846-dbb01080d9fe";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices =
|
swapDevices = [
|
||||||
[ { device = "/dev/disk/by-uuid/0ef8dbbd-2832-4fb2-8a52-86682822f769"; }
|
{device = "/dev/disk/by-uuid/0ef8dbbd-2832-4fb2-8a52-86682822f769";}
|
||||||
];
|
];
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
|
|
@ -10,7 +10,12 @@
|
||||||
networking.interfaces.enp2s0f1.useDHCP = true;
|
networking.interfaces.enp2s0f1.useDHCP = true;
|
||||||
|
|
||||||
networking.interfaces.enp2s0f0 = {
|
networking.interfaces.enp2s0f0 = {
|
||||||
ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 64; } ];
|
ipv6.addresses = [
|
||||||
|
{
|
||||||
|
address = "2a02:908:5b1:e3c0:3::";
|
||||||
|
prefixLength = 64;
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Allow pub.solar restic backups
|
# Allow pub.solar restic backups
|
||||||
|
|
|
@ -9,7 +9,6 @@ with lib; let
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||||
in {
|
in {
|
||||||
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
# Use the systemd-boot EFI boot loader.
|
||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
|
@ -69,7 +69,9 @@ in {
|
||||||
"mta-sts.${hzDomain}" = {};
|
"mta-sts.${hzDomain}" = {};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts = builtins.foldl' (hosts: hostName: hosts // {
|
services.nginx.virtualHosts = builtins.foldl' (hosts: hostName:
|
||||||
|
hosts
|
||||||
|
// {
|
||||||
"mta-sts.${hostName}" = {
|
"mta-sts.${hostName}" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
useACMEHost = "mta-sts.${hostName}";
|
useACMEHost = "mta-sts.${hostName}";
|
||||||
|
|
|
@ -1,8 +1,13 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
|
||||||
{
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
(modulesPath + "/profiles/qemu-guest.nix")
|
||||||
];
|
];
|
||||||
|
@ -19,18 +24,18 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" = {
|
||||||
{ device = "zroot/root";
|
device = "zroot/root";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" =
|
fileSystems."/boot" = {
|
||||||
{ device = "/dev/disk/by-uuid/684A-5884";
|
device = "/dev/disk/by-uuid/684A-5884";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices =
|
swapDevices = [
|
||||||
[ { device = "/dev/disk/by-uuid/a7d1cbb8-7c9e-4c3d-841a-add867f47389"; }
|
{device = "/dev/disk/by-uuid/a7d1cbb8-7c9e-4c3d-841a-add867f47389";}
|
||||||
];
|
];
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
|
|
@ -17,8 +17,18 @@
|
||||||
# Network configuration (Hetzner uses static IP assignments, and we don't use DHCP here)
|
# Network configuration (Hetzner uses static IP assignments, and we don't use DHCP here)
|
||||||
networking.useDHCP = false;
|
networking.useDHCP = false;
|
||||||
networking.interfaces.enp1s0 = {
|
networking.interfaces.enp1s0 = {
|
||||||
ipv4.addresses = [{ address = "128.140.109.213"; prefixLength = 32; }];
|
ipv4.addresses = [
|
||||||
ipv6.addresses = [{ address = "2a01:4f8:c2c:b60::"; prefixLength = 64; }];
|
{
|
||||||
|
address = "128.140.109.213";
|
||||||
|
prefixLength = 32;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
ipv6.addresses = [
|
||||||
|
{
|
||||||
|
address = "2a01:4f8:c2c:b60::";
|
||||||
|
prefixLength = 64;
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
networking.defaultGateway = {
|
networking.defaultGateway = {
|
||||||
address = "172.31.1.1";
|
address = "172.31.1.1";
|
||||||
|
|
|
@ -133,5 +133,4 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,8 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
...
|
...
|
||||||
}: with lib; {
|
}:
|
||||||
|
with lib; {
|
||||||
boot.kernel.sysctl = {
|
boot.kernel.sysctl = {
|
||||||
"net.ipv4.ip_forward" = 1;
|
"net.ipv4.ip_forward" = 1;
|
||||||
"net.ipv6.conf.wg-private.forwarding" = 1;
|
"net.ipv6.conf.wg-private.forwarding" = 1;
|
||||||
|
@ -57,7 +58,8 @@
|
||||||
];
|
];
|
||||||
privateKeyFile = config.age.secrets.wg-private-key.path;
|
privateKeyFile = config.age.secrets.wg-private-key.path;
|
||||||
peers = [
|
peers = [
|
||||||
{ # pie
|
{
|
||||||
|
# pie
|
||||||
publicKey = "hPTXEqQ2GYEywdPNdZBacwB9KKcoFZ/heClxnqmizyw=";
|
publicKey = "hPTXEqQ2GYEywdPNdZBacwB9KKcoFZ/heClxnqmizyw=";
|
||||||
allowedIPs = [
|
allowedIPs = [
|
||||||
"10.13.12.2/32"
|
"10.13.12.2/32"
|
||||||
|
@ -66,7 +68,8 @@
|
||||||
persistentKeepalive = 30;
|
persistentKeepalive = 30;
|
||||||
dynamicEndpointRefreshSeconds = 30;
|
dynamicEndpointRefreshSeconds = 30;
|
||||||
}
|
}
|
||||||
{ # droppie
|
{
|
||||||
|
# droppie
|
||||||
publicKey = "qsnBMoj9Z16D8PJ5ummRtIfT5AiMpoF3SoOCo4sbyiw=";
|
publicKey = "qsnBMoj9Z16D8PJ5ummRtIfT5AiMpoF3SoOCo4sbyiw=";
|
||||||
allowedIPs = [
|
allowedIPs = [
|
||||||
"10.13.12.3/32"
|
"10.13.12.3/32"
|
||||||
|
@ -75,7 +78,8 @@
|
||||||
persistentKeepalive = 30;
|
persistentKeepalive = 30;
|
||||||
dynamicEndpointRefreshSeconds = 30;
|
dynamicEndpointRefreshSeconds = 30;
|
||||||
}
|
}
|
||||||
{ # chocolatebar
|
{
|
||||||
|
# chocolatebar
|
||||||
publicKey = "nk8EtGE/QsnSEm1lhLS3/w83nOBD2OGYhODIf92G91A=";
|
publicKey = "nk8EtGE/QsnSEm1lhLS3/w83nOBD2OGYhODIf92G91A=";
|
||||||
allowedIPs = [
|
allowedIPs = [
|
||||||
"10.13.12.5/32"
|
"10.13.12.5/32"
|
||||||
|
@ -84,7 +88,8 @@
|
||||||
persistentKeepalive = 30;
|
persistentKeepalive = 30;
|
||||||
dynamicEndpointRefreshSeconds = 30;
|
dynamicEndpointRefreshSeconds = 30;
|
||||||
}
|
}
|
||||||
{ # biolimo
|
{
|
||||||
|
# biolimo
|
||||||
publicKey = "4ymN7wwBuhF+h+5fFN0TqXmVyOe1AsWiTqRL0jJ3CDc=";
|
publicKey = "4ymN7wwBuhF+h+5fFN0TqXmVyOe1AsWiTqRL0jJ3CDc=";
|
||||||
allowedIPs = [
|
allowedIPs = [
|
||||||
"10.13.12.6/32"
|
"10.13.12.6/32"
|
||||||
|
@ -93,7 +98,8 @@
|
||||||
persistentKeepalive = 30;
|
persistentKeepalive = 30;
|
||||||
dynamicEndpointRefreshSeconds = 30;
|
dynamicEndpointRefreshSeconds = 30;
|
||||||
}
|
}
|
||||||
{ # stroopwafel
|
{
|
||||||
|
# stroopwafel
|
||||||
publicKey = "5iNRg13utOJ30pX2Z8SjwPNUFwfH2zonlbeYW2mKFkU=";
|
publicKey = "5iNRg13utOJ30pX2Z8SjwPNUFwfH2zonlbeYW2mKFkU=";
|
||||||
allowedIPs = [
|
allowedIPs = [
|
||||||
"10.13.12.8/32"
|
"10.13.12.8/32"
|
||||||
|
@ -102,7 +108,8 @@
|
||||||
persistentKeepalive = 30;
|
persistentKeepalive = 30;
|
||||||
dynamicEndpointRefreshSeconds = 30;
|
dynamicEndpointRefreshSeconds = 30;
|
||||||
}
|
}
|
||||||
{ # fp3
|
{
|
||||||
|
# fp3
|
||||||
publicKey = "wQJXFibxhWkyUbRPrPt5y/YfDnH3gDQ5a/PWoyxDfDI=";
|
publicKey = "wQJXFibxhWkyUbRPrPt5y/YfDnH3gDQ5a/PWoyxDfDI=";
|
||||||
allowedIPs = [
|
allowedIPs = [
|
||||||
"10.13.12.9/32"
|
"10.13.12.9/32"
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ flake, pkgs, ... }: {
|
{
|
||||||
|
flake,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
./configuration.nix
|
./configuration.nix
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
|
|
@ -1,6 +1,10 @@
|
||||||
# NOTE: this file was generated by the Mobile NixOS installer.
|
# NOTE: this file was generated by the Mobile NixOS installer.
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
{
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = {
|
"/" = {
|
||||||
device = "/dev/disk/by-uuid/51a668b8-fa2e-4d3e-ac3f-73ca002d0004";
|
device = "/dev/disk/by-uuid/51a668b8-fa2e-4d3e-ac3f-73ca002d0004";
|
||||||
|
|
|
@ -93,7 +93,10 @@ in {
|
||||||
storage.local.path = "/var/lib/authelia-b12f/db.sqlite3";
|
storage.local.path = "/var/lib/authelia-b12f/db.sqlite3";
|
||||||
access_control.default_policy = "two_factor";
|
access_control.default_policy = "two_factor";
|
||||||
session.cookies = [
|
session.cookies = [
|
||||||
{ domain = "b12f.io"; authelia_url = "https://auth.b12f.io"; }
|
{
|
||||||
|
domain = "b12f.io";
|
||||||
|
authelia_url = "https://auth.b12f.io";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
notifier.smtp = {
|
notifier.smtp = {
|
||||||
host = "mail.b12f.io";
|
host = "mail.b12f.io";
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
{ pkgs, adblock-unbound, ... }:
|
|
||||||
{
|
{
|
||||||
|
pkgs,
|
||||||
|
adblock-unbound,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
networking.firewall.allowedUDPPorts = [67 547];
|
networking.firewall.allowedUDPPorts = [67 547];
|
||||||
networking.firewall.extraInputRules = ''
|
networking.firewall.extraInputRules = ''
|
||||||
ip6 daddr ff02::1:2/128 udp dport 547 accept comment "DHCPv6 server"
|
ip6 daddr ff02::1:2/128 udp dport 547 accept comment "DHCPv6 server"
|
||||||
|
|
|
@ -1,9 +1,13 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
];
|
];
|
||||||
|
@ -21,21 +25,20 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" = {
|
||||||
{ device = "zroot/root";
|
device = "zroot/root";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" =
|
fileSystems."/boot" = {
|
||||||
{ device = "/dev/disk/by-uuid/0D5D-B809";
|
device = "/dev/disk/by-uuid/0D5D-B809";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices =
|
swapDevices = [
|
||||||
[ { device = "/dev/disk/by-uuid/af71e930-42ce-4174-a098-4ea5753b1ea9"; }
|
{device = "/dev/disk/by-uuid/af71e930-42ce-4174-a098-4ea5753b1ea9";}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,11 +15,20 @@
|
||||||
|
|
||||||
networking.interfaces.enabcm6e4ei0 = {
|
networking.interfaces.enabcm6e4ei0 = {
|
||||||
ipv4.addresses = [
|
ipv4.addresses = [
|
||||||
{ address = "192.168.178.2"; prefixLength = 32; }
|
{
|
||||||
|
address = "192.168.178.2";
|
||||||
|
prefixLength = 32;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
ipv6.addresses = [
|
ipv6.addresses = [
|
||||||
{ address = "2a02:908:5b1:e3c0:2::"; prefixLength = 128; }
|
{
|
||||||
{ address = "fe80:b12f:acab:1312:acab:2::"; prefixLength = 128; }
|
address = "2a02:908:5b1:e3c0:2::";
|
||||||
|
prefixLength = 128;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
address = "fe80:b12f:acab:1312:acab:2::";
|
||||||
|
prefixLength = 128;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -13,7 +13,8 @@ with lib; let
|
||||||
backupDir = "/var/lib/PaperlessBackup";
|
backupDir = "/var/lib/PaperlessBackup";
|
||||||
consumptionDir = "/var/lib/scandir";
|
consumptionDir = "/var/lib/scandir";
|
||||||
|
|
||||||
scan2paperless = with pkgs; writeShellScriptBin "scan2paperless" ''
|
scan2paperless = with pkgs;
|
||||||
|
writeShellScriptBin "scan2paperless" ''
|
||||||
DEVICE=$1
|
DEVICE=$1
|
||||||
NUM_PAGES=$2
|
NUM_PAGES=$2
|
||||||
NAME=$3
|
NAME=$3
|
||||||
|
|
|
@ -94,5 +94,4 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ pkgs, ... }:
|
{pkgs, ...}: {
|
||||||
{
|
|
||||||
services.cron = {
|
services.cron = {
|
||||||
enable = true;
|
enable = true;
|
||||||
systemCronJobs = [
|
systemCronJobs = [
|
||||||
|
|
|
@ -1,11 +1,15 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
config,
|
||||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [
|
||||||
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
|
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
|
||||||
|
@ -18,37 +22,37 @@
|
||||||
allowDiscards = true;
|
allowDiscards = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" = {
|
||||||
{ device = "none";
|
device = "none";
|
||||||
fsType = "tmpfs";
|
fsType = "tmpfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" =
|
fileSystems."/boot" = {
|
||||||
{ device = "/dev/disk/by-uuid/EC82-67F4";
|
device = "/dev/disk/by-uuid/EC82-67F4";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/home" =
|
fileSystems."/home" = {
|
||||||
{ device = "/dev/disk/by-uuid/0cc568f0-402d-4535-980a-ed3a1dc697b9";
|
device = "/dev/disk/by-uuid/0cc568f0-402d-4535-980a-ed3a1dc697b9";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
|
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
|
||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/nix" =
|
fileSystems."/nix" = {
|
||||||
{ device = "/dev/disk/by-uuid/e203d629-4d34-4147-bee6-919f0bfa25de";
|
device = "/dev/disk/by-uuid/e203d629-4d34-4147-bee6-919f0bfa25de";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/persist" =
|
fileSystems."/persist" = {
|
||||||
{ device = "/dev/disk/by-uuid/a0855aaa-76bf-445e-b0d1-ab1552e5496f";
|
device = "/dev/disk/by-uuid/a0855aaa-76bf-445e-b0d1-ab1552e5496f";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
|
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
|
||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices =
|
swapDevices = [
|
||||||
[ { device = "/dev/disk/by-uuid/761507ab-479d-414b-ac3e-2149564ca470"; }
|
{device = "/dev/disk/by-uuid/761507ab-479d-414b-ac3e-2149564ca470";}
|
||||||
];
|
];
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ lib }:
|
{lib}: hostnames: {
|
||||||
hostnames: {
|
|
||||||
"127.0.0.1" = hostnames;
|
"127.0.0.1" = hostnames;
|
||||||
"::1" = hostnames;
|
"::1" = hostnames;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ lib, inputs, ... }: {
|
{
|
||||||
|
lib,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
# Configuration common to all Linux systems
|
# Configuration common to all Linux systems
|
||||||
flake = {
|
flake = {
|
||||||
lib = let
|
lib = let
|
||||||
|
|
|
@ -4,8 +4,10 @@
|
||||||
*
|
*
|
||||||
* Licensed under the MIT license
|
* Licensed under the MIT license
|
||||||
*/
|
*/
|
||||||
|
{
|
||||||
{ lib, inputs }: let
|
lib,
|
||||||
|
inputs,
|
||||||
|
}: let
|
||||||
getFqdn = c: let
|
getFqdn = c: let
|
||||||
net = c.config.networking;
|
net = c.config.networking;
|
||||||
fqdn =
|
fqdn =
|
||||||
|
@ -58,7 +60,12 @@ in {
|
||||||
inherit system;
|
inherit system;
|
||||||
overlays = [
|
overlays = [
|
||||||
inputs.deploy-rs.overlay # or deploy-rs.overlays.default
|
inputs.deploy-rs.overlay # or deploy-rs.overlays.default
|
||||||
(self: super: { deploy-rs = { inherit (pkgs) deploy-rs; lib = super.deploy-rs.lib; }; })
|
(self: super: {
|
||||||
|
deploy-rs = {
|
||||||
|
inherit (pkgs) deploy-rs;
|
||||||
|
lib = super.deploy-rs.lib;
|
||||||
|
};
|
||||||
|
})
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
|
|
|
@ -1,6 +1,4 @@
|
||||||
{ lib }:
|
{lib}: attrList: let
|
||||||
attrList:
|
|
||||||
let
|
|
||||||
f = attrPath:
|
f = attrPath:
|
||||||
zipAttrsWith (
|
zipAttrsWith (
|
||||||
n: values:
|
n: values:
|
||||||
|
@ -13,4 +11,4 @@ let
|
||||||
else last values
|
else last values
|
||||||
);
|
);
|
||||||
in
|
in
|
||||||
f [] attrList;
|
f [] attrList
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
psCfg,
|
psCfg,
|
||||||
...
|
...
|
||||||
}: with pkgs;
|
}:
|
||||||
|
with pkgs;
|
||||||
''
|
''
|
||||||
# Set shut down, restart and locking features
|
# Set shut down, restart and locking features
|
||||||
''
|
''
|
||||||
|
|
|
@ -1,14 +1,17 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{
|
||||||
|
config,
|
||||||
with lib;
|
pkgs,
|
||||||
|
lib,
|
||||||
let
|
...
|
||||||
|
}:
|
||||||
|
with lib; let
|
||||||
cfg = config.services.invoiceplane;
|
cfg = config.services.invoiceplane;
|
||||||
eachSite = cfg.sites;
|
eachSite = cfg.sites;
|
||||||
user = "invoiceplane";
|
user = "invoiceplane";
|
||||||
webserver = config.services.${cfg.webserver};
|
webserver = config.services.${cfg.webserver};
|
||||||
|
|
||||||
invoiceplane-config = hostName: cfg: pkgs.writeText "ipconfig.php" ''
|
invoiceplane-config = hostName: cfg:
|
||||||
|
pkgs.writeText "ipconfig.php" ''
|
||||||
IP_URL=http://${hostName}
|
IP_URL=http://${hostName}
|
||||||
ENABLE_DEBUG=false
|
ENABLE_DEBUG=false
|
||||||
DISABLE_SETUP=false
|
DISABLE_SETUP=false
|
||||||
|
@ -16,7 +19,11 @@ let
|
||||||
DB_HOSTNAME=${cfg.database.host}
|
DB_HOSTNAME=${cfg.database.host}
|
||||||
DB_USERNAME=${cfg.database.user}
|
DB_USERNAME=${cfg.database.user}
|
||||||
# NOTE: file_get_contents adds newline at the end of returned string
|
# NOTE: file_get_contents adds newline at the end of returned string
|
||||||
DB_PASSWORD=${if cfg.database.passwordFile == null then "" else "trim(file_get_contents('${cfg.database.passwordFile}'),\"\\r\\n\")"}
|
DB_PASSWORD=${
|
||||||
|
if cfg.database.passwordFile == null
|
||||||
|
then ""
|
||||||
|
else "trim(file_get_contents('${cfg.database.passwordFile}'),\"\\r\\n\")"
|
||||||
|
}
|
||||||
DB_DATABASE=${cfg.database.name}
|
DB_DATABASE=${cfg.database.name}
|
||||||
DB_PORT=${toString cfg.database.port}
|
DB_PORT=${toString cfg.database.port}
|
||||||
SESS_EXPIRATION=864000
|
SESS_EXPIRATION=864000
|
||||||
|
@ -28,11 +35,13 @@ let
|
||||||
REMOVE_INDEXPHP=true
|
REMOVE_INDEXPHP=true
|
||||||
'';
|
'';
|
||||||
|
|
||||||
extraConfig = hostName: cfg: pkgs.writeText "extraConfig.php" ''
|
extraConfig = hostName: cfg:
|
||||||
|
pkgs.writeText "extraConfig.php" ''
|
||||||
${toString cfg.extraConfig}
|
${toString cfg.extraConfig}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
pkg = hostName: cfg: pkgs.stdenv.mkDerivation rec {
|
pkg = hostName: cfg:
|
||||||
|
pkgs.stdenv.mkDerivation rec {
|
||||||
pname = "invoiceplane-${hostName}";
|
pname = "invoiceplane-${hostName}";
|
||||||
version = src.version;
|
version = src.version;
|
||||||
src = pkgs.invoiceplane;
|
src = pkgs.invoiceplane;
|
||||||
|
@ -64,10 +73,12 @@ let
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
siteOpts = { lib, name, ... }:
|
siteOpts = {
|
||||||
{
|
lib,
|
||||||
|
name,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
options = {
|
options = {
|
||||||
|
|
||||||
enable = mkEnableOption (lib.mdDoc "InvoicePlane web application");
|
enable = mkEnableOption (lib.mdDoc "InvoicePlane web application");
|
||||||
|
|
||||||
stateDir = mkOption {
|
stateDir = mkOption {
|
||||||
|
@ -186,7 +197,6 @@ let
|
||||||
};
|
};
|
||||||
|
|
||||||
cron = {
|
cron = {
|
||||||
|
|
||||||
enable = mkOption {
|
enable = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
|
@ -202,14 +212,10 @@ let
|
||||||
type = types.str;
|
type = types.str;
|
||||||
description = lib.mdDoc "Cron key taken from the administration page.";
|
description = lib.mdDoc "Cron key taken from the administration page.";
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
disabledModules = [
|
disabledModules = [
|
||||||
"services/web-apps/invoiceplane.nix"
|
"services/web-apps/invoiceplane.nix"
|
||||||
];
|
];
|
||||||
|
@ -218,7 +224,6 @@ in
|
||||||
options = {
|
options = {
|
||||||
services.invoiceplane = mkOption {
|
services.invoiceplane = mkOption {
|
||||||
type = types.submodule {
|
type = types.submodule {
|
||||||
|
|
||||||
options.sites = mkOption {
|
options.sites = mkOption {
|
||||||
type = types.attrsOf (types.submodule siteOpts);
|
type = types.attrsOf (types.submodule siteOpts);
|
||||||
default = {};
|
default = {};
|
||||||
|
@ -237,53 +242,61 @@ in
|
||||||
default = {};
|
default = {};
|
||||||
description = lib.mdDoc "InvoicePlane configuration.";
|
description = lib.mdDoc "InvoicePlane configuration.";
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# implementation
|
# implementation
|
||||||
config = mkIf (eachSite != {}) (mkMerge [{
|
config = mkIf (eachSite != {}) (mkMerge [
|
||||||
|
{
|
||||||
assertions = flatten (mapAttrsToList (hostName: cfg:
|
assertions = flatten (mapAttrsToList (hostName: cfg: [
|
||||||
[{ assertion = cfg.database.createLocally -> cfg.database.user == user;
|
{
|
||||||
|
assertion = cfg.database.createLocally -> cfg.database.user == user;
|
||||||
message = ''services.invoiceplane.sites."${hostName}".database.user must be ${user} if the database is to be automatically provisioned'';
|
message = ''services.invoiceplane.sites."${hostName}".database.user must be ${user} if the database is to be automatically provisioned'';
|
||||||
}
|
}
|
||||||
{ assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
|
{
|
||||||
|
assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
|
||||||
message = ''services.invoiceplane.sites."${hostName}".database.passwordFile cannot be specified if services.invoiceplane.sites."${hostName}".database.createLocally is set to true.'';
|
message = ''services.invoiceplane.sites."${hostName}".database.passwordFile cannot be specified if services.invoiceplane.sites."${hostName}".database.createLocally is set to true.'';
|
||||||
}
|
}
|
||||||
{ assertion = cfg.cron.enable -> cfg.cron.key != null;
|
{
|
||||||
|
assertion = cfg.cron.enable -> cfg.cron.key != null;
|
||||||
message = ''services.invoiceplane.sites."${hostName}".cron.key must be set in order to use cron service.'';
|
message = ''services.invoiceplane.sites."${hostName}".cron.key must be set in order to use cron service.'';
|
||||||
}
|
}
|
||||||
]) eachSite);
|
])
|
||||||
|
eachSite);
|
||||||
|
|
||||||
services.mysql = mkIf (any (v: v.database.createLocally) (attrValues eachSite)) {
|
services.mysql = mkIf (any (v: v.database.createLocally) (attrValues eachSite)) {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = mkDefault pkgs.mariadb;
|
package = mkDefault pkgs.mariadb;
|
||||||
ensureDatabases = mapAttrsToList (hostName: cfg: cfg.database.name) eachSite;
|
ensureDatabases = mapAttrsToList (hostName: cfg: cfg.database.name) eachSite;
|
||||||
ensureUsers = mapAttrsToList (hostName: cfg:
|
ensureUsers =
|
||||||
{ name = cfg.database.user;
|
mapAttrsToList (
|
||||||
|
hostName: cfg: {
|
||||||
|
name = cfg.database.user;
|
||||||
ensurePermissions = {"${cfg.database.name}.*" = "ALL PRIVILEGES";};
|
ensurePermissions = {"${cfg.database.name}.*" = "ALL PRIVILEGES";};
|
||||||
}
|
}
|
||||||
) eachSite;
|
)
|
||||||
|
eachSite;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.phpfpm = {
|
services.phpfpm = {
|
||||||
phpPackage = pkgs.php81;
|
phpPackage = pkgs.php81;
|
||||||
pools = mapAttrs' (hostName: cfg: (
|
pools =
|
||||||
|
mapAttrs' (hostName: cfg: (
|
||||||
nameValuePair "invoiceplane-${hostName}" {
|
nameValuePair "invoiceplane-${hostName}" {
|
||||||
inherit user;
|
inherit user;
|
||||||
group = webserver.group;
|
group = webserver.group;
|
||||||
settings = {
|
settings =
|
||||||
|
{
|
||||||
"listen.owner" = webserver.user;
|
"listen.owner" = webserver.user;
|
||||||
"listen.group" = webserver.group;
|
"listen.group" = webserver.group;
|
||||||
} // cfg.poolConfig;
|
|
||||||
}
|
}
|
||||||
)) eachSite;
|
// cfg.poolConfig;
|
||||||
|
}
|
||||||
|
))
|
||||||
|
eachSite;
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
systemd.tmpfiles.rules = flatten (mapAttrsToList (hostName: cfg: [
|
systemd.tmpfiles.rules = flatten (mapAttrsToList (hostName: cfg: [
|
||||||
"d ${cfg.stateDir} 0750 ${user} ${webserver.group} - -"
|
"d ${cfg.stateDir} 0750 ${user} ${webserver.group} - -"
|
||||||
"f ${cfg.stateDir}/ipconfig.php 0750 ${user} ${webserver.group} - -"
|
"f ${cfg.stateDir}/ipconfig.php 0750 ${user} ${webserver.group} - -"
|
||||||
|
@ -294,18 +307,19 @@ in
|
||||||
"d ${cfg.stateDir}/uploads/temp 0750 ${user} ${webserver.group} - -"
|
"d ${cfg.stateDir}/uploads/temp 0750 ${user} ${webserver.group} - -"
|
||||||
"d ${cfg.stateDir}/uploads/temp/mpdf 0750 ${user} ${webserver.group} - -"
|
"d ${cfg.stateDir}/uploads/temp/mpdf 0750 ${user} ${webserver.group} - -"
|
||||||
"d ${cfg.stateDir}/tmp 0750 ${user} ${webserver.group} - -"
|
"d ${cfg.stateDir}/tmp 0750 ${user} ${webserver.group} - -"
|
||||||
]) eachSite);
|
])
|
||||||
|
eachSite);
|
||||||
|
|
||||||
systemd.services.invoiceplane-config = {
|
systemd.services.invoiceplane-config = {
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
script = concatStrings (mapAttrsToList (hostName: cfg:
|
script = concatStrings (mapAttrsToList (hostName: cfg: ''
|
||||||
''
|
|
||||||
mkdir -p ${cfg.stateDir}/logs \
|
mkdir -p ${cfg.stateDir}/logs \
|
||||||
${cfg.stateDir}/uploads
|
${cfg.stateDir}/uploads
|
||||||
if ! grep -q IP_URL "${cfg.stateDir}/ipconfig.php"; then
|
if ! grep -q IP_URL "${cfg.stateDir}/ipconfig.php"; then
|
||||||
cp "${invoiceplane-config hostName cfg}" "${cfg.stateDir}/ipconfig.php"
|
cp "${invoiceplane-config hostName cfg}" "${cfg.stateDir}/ipconfig.php"
|
||||||
fi
|
fi
|
||||||
'') eachSite);
|
'')
|
||||||
|
eachSite);
|
||||||
wantedBy = ["multi-user.target"];
|
wantedBy = ["multi-user.target"];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -313,13 +327,12 @@ in
|
||||||
group = webserver.group;
|
group = webserver.group;
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
|
|
||||||
# Cron service implementation
|
# Cron service implementation
|
||||||
|
|
||||||
systemd.timers = mapAttrs' (hostName: cfg: (
|
systemd.timers =
|
||||||
|
mapAttrs' (hostName: cfg: (
|
||||||
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
|
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
|
||||||
wantedBy = ["timers.target"];
|
wantedBy = ["timers.target"];
|
||||||
timerConfig = {
|
timerConfig = {
|
||||||
|
@ -328,7 +341,8 @@ in
|
||||||
Unit = "invoiceplane-cron-${hostName}.service";
|
Unit = "invoiceplane-cron-${hostName}.service";
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
)) eachSite;
|
))
|
||||||
|
eachSite;
|
||||||
|
|
||||||
systemd.services =
|
systemd.services =
|
||||||
mapAttrs' (hostName: cfg: (
|
mapAttrs' (hostName: cfg: (
|
||||||
|
@ -339,14 +353,15 @@ in
|
||||||
ExecStart = "${pkgs.curl}/bin/curl --header 'Host: ${hostName}' http://localhost/invoices/cron/recur/${cfg.cron.key}";
|
ExecStart = "${pkgs.curl}/bin/curl --header 'Host: ${hostName}' http://localhost/invoices/cron/recur/${cfg.cron.key}";
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
)) eachSite;
|
))
|
||||||
|
eachSite;
|
||||||
}
|
}
|
||||||
|
|
||||||
(mkIf (cfg.webserver == "caddy") {
|
(mkIf (cfg.webserver == "caddy") {
|
||||||
services.caddy = {
|
services.caddy = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts = mapAttrs' (hostName: cfg: (
|
virtualHosts =
|
||||||
|
mapAttrs' (hostName: cfg: (
|
||||||
nameValuePair "http://${hostName}" {
|
nameValuePair "http://${hostName}" {
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
root * ${pkg hostName cfg}
|
root * ${pkg hostName cfg}
|
||||||
|
@ -354,14 +369,16 @@ in
|
||||||
php_fastcgi unix/${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}
|
php_fastcgi unix/${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
)) eachSite;
|
))
|
||||||
|
eachSite;
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
(mkIf (cfg.webserver == "nginx") {
|
(mkIf (cfg.webserver == "nginx") {
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts = mapAttrs' (hostName: cfg: (
|
virtualHosts =
|
||||||
|
mapAttrs' (hostName: cfg: (
|
||||||
nameValuePair "${hostName}" {
|
nameValuePair "${hostName}" {
|
||||||
root = "${pkg hostName cfg}";
|
root = "${pkg hostName cfg}";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
|
@ -388,9 +405,9 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
)) eachSite;
|
))
|
||||||
|
eachSite;
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,7 +5,8 @@
|
||||||
flake,
|
flake,
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
nixpkgs.config.allowUnfreePredicate = pkg:
|
||||||
|
builtins.elem (lib.getName pkg) [
|
||||||
"steam"
|
"steam"
|
||||||
"steam-original"
|
"steam-original"
|
||||||
"steam-run"
|
"steam-run"
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
{ lib, config, ... }:
|
|
||||||
{
|
{
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
environment.persistence."/persist" = {
|
environment.persistence."/persist" = {
|
||||||
hideMounts = true;
|
hideMounts = true;
|
||||||
directories = [
|
directories = [
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ pkgs, ... }:
|
{pkgs, ...}: {
|
||||||
{
|
|
||||||
services.cron = {
|
services.cron = {
|
||||||
enable = true;
|
enable = true;
|
||||||
systemCronJobs = [
|
systemCronJobs = [
|
||||||
|
|
|
@ -16,11 +16,15 @@
|
||||||
services.printing.listenAddresses = ["localhost:631"];
|
services.printing.listenAddresses = ["localhost:631"];
|
||||||
services.printing.defaultShared = lib.mkDefault false;
|
services.printing.defaultShared = lib.mkDefault false;
|
||||||
|
|
||||||
services.printing.drivers = [
|
services.printing.drivers =
|
||||||
|
[
|
||||||
pkgs.gutenprint
|
pkgs.gutenprint
|
||||||
] ++ (if (pkgs.system == "x86_64-linux")
|
]
|
||||||
|
++ (
|
||||||
|
if (pkgs.system == "x86_64-linux")
|
||||||
then [pkgs.cups-brother-hl3140cw]
|
then [pkgs.cups-brother-hl3140cw]
|
||||||
else []);
|
else []
|
||||||
|
);
|
||||||
|
|
||||||
# environment.persistence."/persist" = {
|
# environment.persistence."/persist" = {
|
||||||
# directories = [
|
# directories = [
|
||||||
|
|
|
@ -21,7 +21,8 @@ in {
|
||||||
config = {
|
config = {
|
||||||
programs.command-not-found.enable = false;
|
programs.command-not-found.enable = false;
|
||||||
|
|
||||||
users.users."${psCfg.user.name}".packages = with pkgs; [
|
users.users."${psCfg.user.name}".packages = with pkgs;
|
||||||
|
[
|
||||||
asciinema
|
asciinema
|
||||||
bat
|
bat
|
||||||
blesh
|
blesh
|
||||||
|
@ -40,7 +41,10 @@ in {
|
||||||
screen
|
screen
|
||||||
watson
|
watson
|
||||||
jump
|
jump
|
||||||
] ++ (if cfg.full then [
|
]
|
||||||
|
++ (
|
||||||
|
if cfg.full
|
||||||
|
then [
|
||||||
# Nix specific utilities
|
# Nix specific utilities
|
||||||
alejandra
|
alejandra
|
||||||
manix
|
manix
|
||||||
|
@ -48,7 +52,9 @@ in {
|
||||||
nix-tree
|
nix-tree
|
||||||
nix-inspect
|
nix-inspect
|
||||||
nvd
|
nvd
|
||||||
] else []);
|
]
|
||||||
|
else []
|
||||||
|
);
|
||||||
|
|
||||||
home-manager.users."${psCfg.user.name}" = {
|
home-manager.users."${psCfg.user.name}" = {
|
||||||
xdg.dataFile."scripts/base16.sh".source = .local/share/scripts/base16.sh;
|
xdg.dataFile."scripts/base16.sh".source = .local/share/scripts/base16.sh;
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ ... }:
|
{...}: {
|
||||||
{
|
|
||||||
enable = true;
|
enable = true;
|
||||||
nix-direnv = {
|
nix-direnv = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ ... }:
|
{...}: {
|
||||||
{
|
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
|
|
|
@ -46,7 +46,8 @@ in {
|
||||||
# python3Full
|
# python3Full
|
||||||
];
|
];
|
||||||
|
|
||||||
plugins = with pkgs.vimPlugins; [
|
plugins = with pkgs.vimPlugins;
|
||||||
|
[
|
||||||
# The status bar in the bottom of the screen with the mode indication and file location
|
# The status bar in the bottom of the screen with the mode indication and file location
|
||||||
vim-airline
|
vim-airline
|
||||||
|
|
||||||
|
@ -96,7 +97,10 @@ in {
|
||||||
|
|
||||||
# Work with tags files
|
# Work with tags files
|
||||||
vim-gutentags
|
vim-gutentags
|
||||||
] ++ (if cfg.full then [
|
]
|
||||||
|
++ (
|
||||||
|
if cfg.full
|
||||||
|
then [
|
||||||
nvim-treesitter.withAllGrammars
|
nvim-treesitter.withAllGrammars
|
||||||
|
|
||||||
# Dependencies for nvim-lspconfig
|
# Dependencies for nvim-lspconfig
|
||||||
|
@ -114,7 +118,9 @@ in {
|
||||||
|
|
||||||
# JSON schemas
|
# JSON schemas
|
||||||
SchemaStore-nvim
|
SchemaStore-nvim
|
||||||
] else []);
|
]
|
||||||
|
else []
|
||||||
|
);
|
||||||
|
|
||||||
extraConfig = builtins.concatStringsSep "\n" ([
|
extraConfig = builtins.concatStringsSep "\n" ([
|
||||||
''
|
''
|
||||||
|
@ -130,8 +136,13 @@ in {
|
||||||
(builtins.readFile ./clipboard.vim)
|
(builtins.readFile ./clipboard.vim)
|
||||||
(builtins.readFile ./ui.vim)
|
(builtins.readFile ./ui.vim)
|
||||||
(builtins.readFile ./filetypes.vim)
|
(builtins.readFile ./filetypes.vim)
|
||||||
] ++ (if cfg.full then [
|
]
|
||||||
|
++ (
|
||||||
|
if cfg.full
|
||||||
|
then [
|
||||||
(builtins.readFile ./lsp.vim)
|
(builtins.readFile ./lsp.vim)
|
||||||
(builtins.readFile ./cmp.vim)
|
(builtins.readFile ./cmp.vim)
|
||||||
] else []));
|
]
|
||||||
|
else []
|
||||||
|
));
|
||||||
}
|
}
|
||||||
|
|
|
@ -62,13 +62,18 @@ telescope.setup{
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
pickers = {
|
||||||
|
find_files = {
|
||||||
|
-- `hidden = true` will still show the inside of `.git/` as it's not `.gitignore`d.
|
||||||
|
find_command = { "rg", "--files", "--hidden", "--glob", "!**/.git/*" },
|
||||||
|
},
|
||||||
|
},
|
||||||
extensions = {
|
extensions = {
|
||||||
fzf = {
|
fzf = {
|
||||||
fuzzy = true, -- false will only do exact matching
|
fuzzy = true, -- false will only do exact matching
|
||||||
override_generic_sorter = true, -- override the generic sorter
|
override_generic_sorter = true, -- override the generic sorter
|
||||||
override_file_sorter = true, -- override the file sorter
|
override_file_sorter = true, -- override the file sorter
|
||||||
case_mode = "smart_case", -- or "ignore_case" or "respect_case"
|
case_mode = "smart_case", -- or "ignore_case" or "respect_case"
|
||||||
-- the default case_mode is "smart_case"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -80,6 +85,7 @@ vim.keymap.set('n', '<leader>ff', builtin.find_files, {})
|
||||||
vim.keymap.set('n', '<leader>f/', builtin.live_grep, {})
|
vim.keymap.set('n', '<leader>f/', builtin.live_grep, {})
|
||||||
vim.keymap.set('n', '<leader>f?', builtin.builtin, {})
|
vim.keymap.set('n', '<leader>f?', builtin.builtin, {})
|
||||||
vim.keymap.set('n', '<leader>fb', builtin.buffers, {})
|
vim.keymap.set('n', '<leader>fb', builtin.buffers, {})
|
||||||
|
vim.keymap.set('n', '<leader>fr', builtin.command_history, {})
|
||||||
vim.keymap.set('n', '<leader>fc', builtin.commands, {})
|
vim.keymap.set('n', '<leader>fc', builtin.commands, {})
|
||||||
vim.keymap.set('n', '<leader>ft', builtin.treesitter, {})
|
vim.keymap.set('n', '<leader>ft', builtin.treesitter, {})
|
||||||
EOF
|
EOF
|
||||||
|
|
|
@ -82,10 +82,12 @@ with lib; {
|
||||||
then psCfg.user.password
|
then psCfg.user.password
|
||||||
else "";
|
else "";
|
||||||
openssh.authorizedKeys.keys =
|
openssh.authorizedKeys.keys =
|
||||||
flake.self.publicKeys ++
|
flake.self.publicKeys
|
||||||
(if psCfg.user.publicKeys != null
|
++ (
|
||||||
|
if psCfg.user.publicKeys != null
|
||||||
then psCfg.user.publicKeys
|
then psCfg.user.publicKeys
|
||||||
else []);
|
else []
|
||||||
|
);
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}:
|
}: let
|
||||||
let
|
|
||||||
cfg = config.pub-solar.wireguard.ehex;
|
cfg = config.pub-solar.wireguard.ehex;
|
||||||
in {
|
in {
|
||||||
options.pub-solar.wireguard.ehex = {
|
options.pub-solar.wireguard.ehex = {
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}:
|
}: let
|
||||||
let
|
|
||||||
cfg = config.pub-solar.wireguard.private;
|
cfg = config.pub-solar.wireguard.private;
|
||||||
in {
|
in {
|
||||||
options.pub-solar.wireguard.private = {
|
options.pub-solar.wireguard.private = {
|
||||||
|
@ -53,11 +52,18 @@ in {
|
||||||
mtu = 1300;
|
mtu = 1300;
|
||||||
ips = cfg.ownIPs;
|
ips = cfg.ownIPs;
|
||||||
privateKeyFile = cfg.privateKeyFile;
|
privateKeyFile = cfg.privateKeyFile;
|
||||||
postSetup = ""
|
postSetup =
|
||||||
+ (if cfg.useDNS then ''
|
""
|
||||||
|
+ (
|
||||||
|
if cfg.useDNS
|
||||||
|
then ''
|
||||||
printf "nameserver 10.13.12.7\nnameserver fd00:b12f:acab:1312:acab:7::" | resolvconf -a wg-private -m 0 -x
|
printf "nameserver 10.13.12.7\nnameserver fd00:b12f:acab:1312:acab:7::" | resolvconf -a wg-private -m 0 -x
|
||||||
'' else "")
|
''
|
||||||
+ (if cfg.fullTunnel then ''
|
else ""
|
||||||
|
)
|
||||||
|
+ (
|
||||||
|
if cfg.fullTunnel
|
||||||
|
then ''
|
||||||
defaultRoute=$(${pkgs.iproute2}/bin/ip r | ${pkgs.gnugrep}/bin/grep "default via" | head -n 1 | ${pkgs.gawk}/bin/awk '{ print $3 " " $4 " " $5 }')
|
defaultRoute=$(${pkgs.iproute2}/bin/ip r | ${pkgs.gnugrep}/bin/grep "default via" | head -n 1 | ${pkgs.gawk}/bin/awk '{ print $3 " " $4 " " $5 }')
|
||||||
ipv4=$(${pkgs.dnsutils}/bin/dig +short A vpn.b12f.io)
|
ipv4=$(${pkgs.dnsutils}/bin/dig +short A vpn.b12f.io)
|
||||||
${pkgs.iproute2}/bin/ip route add $ipv4 metric 256 via $defaultRoute
|
${pkgs.iproute2}/bin/ip route add $ipv4 metric 256 via $defaultRoute
|
||||||
|
@ -67,7 +73,9 @@ in {
|
||||||
ip -4 route replace default dev wg-private metric 512
|
ip -4 route replace default dev wg-private metric 512
|
||||||
ip -6 route delete default dev wg-private || true
|
ip -6 route delete default dev wg-private || true
|
||||||
ip -6 route replace default dev wg-private metric 512
|
ip -6 route replace default dev wg-private metric 512
|
||||||
'' else "");
|
''
|
||||||
|
else ""
|
||||||
|
);
|
||||||
postShutdown = lib.mkIf cfg.useDNS ''
|
postShutdown = lib.mkIf cfg.useDNS ''
|
||||||
resolvconf -d wg-private -f
|
resolvconf -d wg-private -f
|
||||||
'';
|
'';
|
||||||
|
@ -75,13 +83,19 @@ in {
|
||||||
{
|
{
|
||||||
# frikandel
|
# frikandel
|
||||||
publicKey = "p6YKNYBlySKfhTN+wbSsKdoNjzko/XSAiTAlCJzP1jA=";
|
publicKey = "p6YKNYBlySKfhTN+wbSsKdoNjzko/XSAiTAlCJzP1jA=";
|
||||||
allowedIPs = [
|
allowedIPs =
|
||||||
|
[
|
||||||
"10.13.12.0/24"
|
"10.13.12.0/24"
|
||||||
"fd00:b12f:acab:1312::/64"
|
"fd00:b12f:acab:1312::/64"
|
||||||
] ++ (if cfg.fullTunnel then [
|
]
|
||||||
|
++ (
|
||||||
|
if cfg.fullTunnel
|
||||||
|
then [
|
||||||
"0.0.0.0/0"
|
"0.0.0.0/0"
|
||||||
"::/0"
|
"::/0"
|
||||||
] else []);
|
]
|
||||||
|
else []
|
||||||
|
);
|
||||||
endpoint = "vpn.b12f.io:51899";
|
endpoint = "vpn.b12f.io:51899";
|
||||||
dynamicEndpointRefreshSeconds = 30;
|
dynamicEndpointRefreshSeconds = 30;
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}:
|
}: let
|
||||||
let
|
|
||||||
cfg = config.pub-solar.wireguard.pub-solar;
|
cfg = config.pub-solar.wireguard.pub-solar;
|
||||||
in {
|
in {
|
||||||
options.pub-solar.wireguard.pub-solar = {
|
options.pub-solar.wireguard.pub-solar = {
|
||||||
|
|
|
@ -3,8 +3,7 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}:
|
}: let
|
||||||
let
|
|
||||||
cfg = config.pub-solar.wireguard.tunnel;
|
cfg = config.pub-solar.wireguard.tunnel;
|
||||||
in {
|
in {
|
||||||
options.pub-solar.wireguard.tunnel = {
|
options.pub-solar.wireguard.tunnel = {
|
||||||
|
@ -73,11 +72,22 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.wireguard.interfaces = let
|
networking.wireguard.interfaces = let
|
||||||
splitEndpoint = (lib.strings.splitString ":" cfg.peer.endpoint);
|
splitEndpoint = lib.strings.splitString ":" cfg.peer.endpoint;
|
||||||
joinIPV6 = p: ip: p + (if (lib.stringLength ip > 0) then ":" else "") + ip;
|
joinIPV6 = p: ip:
|
||||||
|
p
|
||||||
|
+ (
|
||||||
|
if (lib.stringLength ip > 0)
|
||||||
|
then ":"
|
||||||
|
else ""
|
||||||
|
)
|
||||||
|
+ ip;
|
||||||
isIPV4 = lib.length splitEndpoint < 3;
|
isIPV4 = lib.length splitEndpoint < 3;
|
||||||
ipFlag = if isIPV4 then "-4" else "-6";
|
ipFlag =
|
||||||
endpointIP = (if isIPV4
|
if isIPV4
|
||||||
|
then "-4"
|
||||||
|
else "-6";
|
||||||
|
endpointIP = (
|
||||||
|
if isIPV4
|
||||||
then lib.elemAt splitEndpoint 0
|
then lib.elemAt splitEndpoint 0
|
||||||
else lib.lists.fold joinIPV6 "" ((lib.lists.take ((lib.length splitEndpoint) - 1)) splitEndpoint)
|
else lib.lists.fold joinIPV6 "" ((lib.lists.take ((lib.length splitEndpoint) - 1)) splitEndpoint)
|
||||||
);
|
);
|
||||||
|
@ -87,24 +97,36 @@ in {
|
||||||
listenPort = 51820;
|
listenPort = 51820;
|
||||||
ips = cfg.ownIPs;
|
ips = cfg.ownIPs;
|
||||||
privateKeyFile = cfg.privateKeyFile;
|
privateKeyFile = cfg.privateKeyFile;
|
||||||
postSetup = ''
|
postSetup =
|
||||||
|
''
|
||||||
defaultRoute=$(${pkgs.iproute2}/bin/ip ${ipFlag} r | ${pkgs.gnugrep}/bin/grep "default via" | head -n 1 | ${pkgs.gawk}/bin/awk '{ print $3 " " $4 " " $5 }')
|
defaultRoute=$(${pkgs.iproute2}/bin/ip ${ipFlag} r | ${pkgs.gnugrep}/bin/grep "default via" | head -n 1 | ${pkgs.gawk}/bin/awk '{ print $3 " " $4 " " $5 }')
|
||||||
${pkgs.iproute2}/bin/ip ${ipFlag} route add "${endpointIPStripped}${if isIPV4 then "/32" else "/128"}" metric 256 via $defaultRoute
|
${pkgs.iproute2}/bin/ip ${ipFlag} route add "${endpointIPStripped}${
|
||||||
|
if isIPV4
|
||||||
|
then "/32"
|
||||||
|
else "/128"
|
||||||
|
}" metric 256 via $defaultRoute
|
||||||
ip -4 route delete default dev wg-tunnel || true
|
ip -4 route delete default dev wg-tunnel || true
|
||||||
ip -4 route add default dev wg-tunnel metric 512
|
ip -4 route add default dev wg-tunnel metric 512
|
||||||
ip -6 route delete default dev wg-tunnel || true
|
ip -6 route delete default dev wg-tunnel || true
|
||||||
ip -6 route add default dev wg-tunnel metric 512
|
ip -6 route add default dev wg-tunnel metric 512
|
||||||
'' + (if cfg.useDNS
|
''
|
||||||
|
+ (
|
||||||
|
if cfg.useDNS
|
||||||
then ''printf "nameserver 10.64.0.1" | resolvconf -a wg-tunnel -m 0 -x''
|
then ''printf "nameserver 10.64.0.1" | resolvconf -a wg-tunnel -m 0 -x''
|
||||||
else "");
|
else ""
|
||||||
postShutdown = ''
|
);
|
||||||
|
postShutdown =
|
||||||
|
''
|
||||||
addedRoute=$(${pkgs.iproute2}/bin/ip ${ipFlag} r | ${pkgs.gnugrep}/bin/grep "${endpointIPStripped}" | head -n 1 | ${pkgs.gawk}/bin/awk '{ print $1 " " $2 " " $3 " " $4 " " $5 }')
|
addedRoute=$(${pkgs.iproute2}/bin/ip ${ipFlag} r | ${pkgs.gnugrep}/bin/grep "${endpointIPStripped}" | head -n 1 | ${pkgs.gawk}/bin/awk '{ print $1 " " $2 " " $3 " " $4 " " $5 }')
|
||||||
if [ -n "$addedRoute" ]; then
|
if [ -n "$addedRoute" ]; then
|
||||||
${pkgs.iproute2}/bin/ip ${ipFlag} route delete $addedRoute
|
${pkgs.iproute2}/bin/ip ${ipFlag} route delete $addedRoute
|
||||||
fi
|
fi
|
||||||
'' + (if cfg.useDNS
|
''
|
||||||
|
+ (
|
||||||
|
if cfg.useDNS
|
||||||
then ''resolvconf -d wg-tunnel -f''
|
then ''resolvconf -d wg-tunnel -f''
|
||||||
else "");
|
else ""
|
||||||
|
);
|
||||||
peers = [
|
peers = [
|
||||||
{
|
{
|
||||||
publicKey = cfg.peer.publicKey;
|
publicKey = cfg.peer.publicKey;
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
}: {
|
}: {
|
||||||
flake = {
|
flake = {
|
||||||
nixosModules = rec {
|
nixosModules = rec {
|
||||||
overlays = ({ ... }: {
|
overlays = {...}: {
|
||||||
nixpkgs.overlays = [
|
nixpkgs.overlays = [
|
||||||
inputs.deno2nix.overlays.default
|
inputs.deno2nix.overlays.default
|
||||||
inputs.nixd.overlays.default
|
inputs.nixd.overlays.default
|
||||||
|
@ -59,7 +59,7 @@
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
});
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,10 @@
|
||||||
# This file was generated by nvfetcher, please do not modify it manually.
|
# This file was generated by nvfetcher, please do not modify it manually.
|
||||||
{ fetchgit, fetchurl, fetchFromGitHub, dockerTools }:
|
|
||||||
{
|
{
|
||||||
|
fetchgit,
|
||||||
|
fetchurl,
|
||||||
|
fetchFromGitHub,
|
||||||
|
dockerTools,
|
||||||
|
}: {
|
||||||
b12f-io-nvfetcher = {
|
b12f-io-nvfetcher = {
|
||||||
pname = "b12f-io-nvfetcher";
|
pname = "b12f-io-nvfetcher";
|
||||||
version = "38adb94ce69d8807ea2e36f57abe08091192b31c";
|
version = "38adb94ce69d8807ea2e36f57abe08091192b31c";
|
||||||
|
|
|
@ -5,8 +5,14 @@ with prev; {
|
||||||
# then, call packages with `final.callPackage`
|
# then, call packages with `final.callPackage`
|
||||||
check-battery = writeShellScriptBin "check-battery" (import ./check-battery.nix final);
|
check-battery = writeShellScriptBin "check-battery" (import ./check-battery.nix final);
|
||||||
concourse = import ./concourse.nix final;
|
concourse = import ./concourse.nix final;
|
||||||
element-b12f = writeShellScriptBin "element-b12f" (import ./element-desktop.nix { inherit final; profile = "b12f"; });
|
element-b12f = writeShellScriptBin "element-b12f" (import ./element-desktop.nix {
|
||||||
element-mezza = writeShellScriptBin "element-mezza" (import ./element-desktop.nix { inherit final; profile = "mezza"; });
|
inherit final;
|
||||||
|
profile = "b12f";
|
||||||
|
});
|
||||||
|
element-mezza = writeShellScriptBin "element-mezza" (import ./element-desktop.nix {
|
||||||
|
inherit final;
|
||||||
|
profile = "mezza";
|
||||||
|
});
|
||||||
fetch-hostingde-invoices = import ./fetch-hostingde-invoices final;
|
fetch-hostingde-invoices = import ./fetch-hostingde-invoices final;
|
||||||
import-gtk-settings = writeShellScriptBin "import-gtk-settings" (import ./import-gtk-settings.nix final);
|
import-gtk-settings = writeShellScriptBin "import-gtk-settings" (import ./import-gtk-settings.nix final);
|
||||||
lgcl = writeShellScriptBin "lgcl" (import ./lgcl.nix final);
|
lgcl = writeShellScriptBin "lgcl" (import ./lgcl.nix final);
|
||||||
|
|
|
@ -1,4 +1,7 @@
|
||||||
{ final, profile }:
|
{
|
||||||
|
final,
|
||||||
|
profile,
|
||||||
|
}:
|
||||||
with final; ''
|
with final; ''
|
||||||
${element-desktop}/bin/element-desktop --profile=${profile}
|
${element-desktop}/bin/element-desktop --profile=${profile}
|
||||||
''
|
''
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
self: self.deno2nix.mkExecutable {
|
self:
|
||||||
|
self.deno2nix.mkExecutable {
|
||||||
pname = "fetch-hostingde-invoices";
|
pname = "fetch-hostingde-invoices";
|
||||||
version = "0.1.0";
|
version = "0.1.0";
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ lib, ... }:
|
{lib, ...}: {
|
||||||
{
|
|
||||||
flake = {
|
flake = {
|
||||||
publicKeys = [
|
publicKeys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== id_bbcom"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== id_bbcom"
|
||||||
|
|
|
@ -12,12 +12,19 @@ with lib; let
|
||||||
cacheHome = xdg.cacheHome;
|
cacheHome = xdg.cacheHome;
|
||||||
maildirBasePath = "/home/${psCfg.user.name}/Mail";
|
maildirBasePath = "/home/${psCfg.user.name}/Mail";
|
||||||
|
|
||||||
generateMailAccount = args@{ address, ... }: rec {
|
generateMailAccount = args @ {address, ...}:
|
||||||
|
rec {
|
||||||
inherit address;
|
inherit address;
|
||||||
realName = if (args ? "fullName") then args.fullName else psCfg.user.fullName;
|
realName =
|
||||||
|
if (args ? "fullName")
|
||||||
|
then args.fullName
|
||||||
|
else psCfg.user.fullName;
|
||||||
signature = {
|
signature = {
|
||||||
showSignature = "append";
|
showSignature = "append";
|
||||||
text = if (args ? "emptysignature") then "" else builtins.readFile (./.config/neomutt + "/${builtins.replaceStrings ["@"] ["_"] address}.signature");
|
text =
|
||||||
|
if (args ? "emptysignature")
|
||||||
|
then ""
|
||||||
|
else builtins.readFile (./.config/neomutt + "/${builtins.replaceStrings ["@"] ["_"] address}.signature");
|
||||||
};
|
};
|
||||||
|
|
||||||
folders = {
|
folders = {
|
||||||
|
@ -64,7 +71,12 @@ with lib; let
|
||||||
+Trash
|
+Trash
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
} // (if args ? "config" then args.config else {});
|
}
|
||||||
|
// (
|
||||||
|
if args ? "config"
|
||||||
|
then args.config
|
||||||
|
else {}
|
||||||
|
);
|
||||||
in {
|
in {
|
||||||
users.users."${psCfg.user.name}".packages = with pkgs; [
|
users.users."${psCfg.user.name}".packages = with pkgs; [
|
||||||
w3m
|
w3m
|
||||||
|
@ -86,7 +98,8 @@ in {
|
||||||
accounts.email = {
|
accounts.email = {
|
||||||
inherit maildirBasePath;
|
inherit maildirBasePath;
|
||||||
|
|
||||||
accounts = with flake.self.lib; lib.lists.foldr (item: set: (set // { "${item.address}" = generateMailAccount item; })) {} [
|
accounts = with flake.self.lib;
|
||||||
|
lib.lists.foldr (item: set: (set // {"${item.address}" = generateMailAccount item;})) {} [
|
||||||
{
|
{
|
||||||
address = mkEmailAddress "hello" "benjaminbaedorf.eu";
|
address = mkEmailAddress "hello" "benjaminbaedorf.eu";
|
||||||
host = "mail.hosting.de";
|
host = "mail.hosting.de";
|
||||||
|
@ -154,36 +167,133 @@ in {
|
||||||
enable = true;
|
enable = true;
|
||||||
binds = [
|
binds = [
|
||||||
# Moving around
|
# Moving around
|
||||||
{ map = ["generic"]; key = "g"; action = "noop"; }
|
{
|
||||||
{ map = ["generic"]; key = "gg"; action = "first-entry"; }
|
map = ["generic"];
|
||||||
{ map = ["generic" "index"]; key = "G"; action = "last-entry"; }
|
key = "g";
|
||||||
{ map = ["generic" "index"]; key = "i"; action = "previous-entry"; }
|
action = "noop";
|
||||||
{ map = ["generic" "index"]; key = "k"; action = "next-entry"; }
|
}
|
||||||
{ map = ["pager" "index"]; key = "d"; action = "noop"; }
|
{
|
||||||
{ map = ["pager" "index"]; key = "dd"; action = "delete-message"; }
|
map = ["generic"];
|
||||||
{ map = ["pager"]; key = "i"; action = "previous-line"; }
|
key = "gg";
|
||||||
{ map = ["pager"]; key = "k"; action = "next-line"; }
|
action = "first-entry";
|
||||||
{ map = ["pager"]; key = "I"; action = "previous-entry"; }
|
}
|
||||||
{ map = ["pager"]; key = "K"; action = "next-entry"; }
|
{
|
||||||
|
map = ["generic" "index"];
|
||||||
|
key = "G";
|
||||||
|
action = "last-entry";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["generic" "index"];
|
||||||
|
key = "i";
|
||||||
|
action = "previous-entry";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["generic" "index"];
|
||||||
|
key = "k";
|
||||||
|
action = "next-entry";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager" "index"];
|
||||||
|
key = "d";
|
||||||
|
action = "noop";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager" "index"];
|
||||||
|
key = "dd";
|
||||||
|
action = "delete-message";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager"];
|
||||||
|
key = "i";
|
||||||
|
action = "previous-line";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager"];
|
||||||
|
key = "k";
|
||||||
|
action = "next-line";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager"];
|
||||||
|
key = "I";
|
||||||
|
action = "previous-entry";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager"];
|
||||||
|
key = "K";
|
||||||
|
action = "next-entry";
|
||||||
|
}
|
||||||
|
|
||||||
{ map = ["pager"]; key = "r"; action = "noop"; }
|
{
|
||||||
{ map = ["pager"]; key = "rr"; action = "reply"; }
|
map = ["pager"];
|
||||||
{ map = ["pager"]; key = "ra"; action = "group-reply"; }
|
key = "r";
|
||||||
{ map = ["pager"]; key = "rn"; action = "group-chat-reply"; }
|
action = "noop";
|
||||||
{ map = ["pager"]; key = "rl"; action = "list-reply"; }
|
}
|
||||||
|
{
|
||||||
|
map = ["pager"];
|
||||||
|
key = "rr";
|
||||||
|
action = "reply";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager"];
|
||||||
|
key = "ra";
|
||||||
|
action = "group-reply";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager"];
|
||||||
|
key = "rn";
|
||||||
|
action = "group-chat-reply";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager"];
|
||||||
|
key = "rl";
|
||||||
|
action = "list-reply";
|
||||||
|
}
|
||||||
|
|
||||||
# Threads
|
# Threads
|
||||||
{ map = ["browser" "pager" "index"]; key = "N"; action = "search-opposite"; }
|
{
|
||||||
{ map = ["pager" "index"]; key = "dT"; action = "delete-thread"; }
|
map = ["browser" "pager" "index"];
|
||||||
{ map = ["pager" "index"]; key = "dt"; action = "delete-subthread"; }
|
key = "N";
|
||||||
{ map = ["pager" "index"]; key = "g"; action = "noop"; }
|
action = "search-opposite";
|
||||||
{ map = ["pager" "index"]; key = "gt"; action = "next-thread"; }
|
}
|
||||||
{ map = ["pager" "index"]; key = "gT"; action = "previous-thread"; }
|
{
|
||||||
{ map = ["index"]; key = "za"; action = "collapse-thread"; }
|
map = ["pager" "index"];
|
||||||
{ map = ["index"]; key = "zA"; action = "collapse-all"; }
|
key = "dT";
|
||||||
|
action = "delete-thread";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager" "index"];
|
||||||
|
key = "dt";
|
||||||
|
action = "delete-subthread";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager" "index"];
|
||||||
|
key = "g";
|
||||||
|
action = "noop";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager" "index"];
|
||||||
|
key = "gt";
|
||||||
|
action = "next-thread";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["pager" "index"];
|
||||||
|
key = "gT";
|
||||||
|
action = "previous-thread";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["index"];
|
||||||
|
key = "za";
|
||||||
|
action = "collapse-thread";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
map = ["index"];
|
||||||
|
key = "zA";
|
||||||
|
action = "collapse-all";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
macros = [
|
macros =
|
||||||
|
[
|
||||||
# Enable URL opening
|
# Enable URL opening
|
||||||
{
|
{
|
||||||
map = ["index" "pager"];
|
map = ["index" "pager"];
|
||||||
|
@ -212,7 +322,8 @@ in {
|
||||||
key = "\\Ca";
|
key = "\\Ca";
|
||||||
action = ''<tag-pattern>~N<enter><tag-prefix><clear-flag>N<untag-pattern>.<enter>" "Mark all as read'';
|
action = ''<tag-pattern>~N<enter><tag-prefix><clear-flag>N<untag-pattern>.<enter>" "Mark all as read'';
|
||||||
}
|
}
|
||||||
] ++ lib.lists.imap1 (i: address: {
|
]
|
||||||
|
++ lib.lists.imap1 (i: address: {
|
||||||
map = ["index" "pager"];
|
map = ["index" "pager"];
|
||||||
key = "<F${builtins.toString i}>";
|
key = "<F${builtins.toString i}>";
|
||||||
action = ''<sync-mailbox><enter-command>source ${configHome}/neomutt/${address}<enter><change-folder>!<enter>'';
|
action = ''<sync-mailbox><enter-command>source ${configHome}/neomutt/${address}<enter><change-folder>!<enter>'';
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ self, ... }:
|
{self, ...}: {
|
||||||
{
|
|
||||||
flake = {
|
flake = {
|
||||||
nixosModules = rec {
|
nixosModules = rec {
|
||||||
root = import ./root;
|
root = import ./root;
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
{...}:
|
{...}: {
|
||||||
{
|
|
||||||
users.users.root.hashedPassword = "$y$j9T$HihsChALx5fotahvDVhdC/$iQCGUr35quGDDEFg0SGjDBxWzU/kokgOVDX.weRvL80";
|
users.users.root.hashedPassword = "$y$j9T$HihsChALx5fotahvDVhdC/$iQCGUr35quGDDEFg0SGjDBxWzU/kokgOVDX.weRvL80";
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue