Compare commits

...

107 commits

Author SHA1 Message Date
b12f 196744c4b4
paperless: add state to hostingde invoice fetch script 2024-11-20 10:10:04 +01:00
b12f 01712acef7
ehex: add cloudflare-warp 2024-11-14 12:18:28 +01:00
b12f 9accabdc6a
ssh: separate mezza account for git.pub.solar 2024-11-12 22:30:16 +01:00
b12f dcfc8728b3
users/b12f: add momo emails 2024-11-12 22:15:12 +01:00
b12f 42ed7abf8a
modules/printing: add cups persistence back in 2024-11-12 22:12:12 +01:00
b12f 2fb9d847af
hosts/stroopwafel: use iwd for wireless networking 2024-11-12 22:11:29 +01:00
b12f d139443c59
users/b12f: add cat demo1-1 ssh host 2024-11-12 22:10:34 +01:00
b12f ecf15efb0e
modules/bluetooth: fix blueman-applet service config 2024-10-30 22:44:12 +01:00
b12f 757dceeec3
users/b12f: fix nextcloud-client service config 2024-10-30 22:43:50 +01:00
b12f 7f55c13245
users/b12f: add mezza ssh key 2024-10-30 22:43:29 +01:00
b12f cde6cb09fd
hosts/droppie: fix boot, remove unused services 2024-10-30 22:43:06 +01:00
b12f 06195facf3
modules/terminal-life: use new ts langserver 2024-10-30 18:17:05 +01:00
b12f d37db2b64f
modules/graphical: fix firefox idle-indicator on wayland 2024-10-26 22:07:27 +02:00
b12f 9a7d14a95f
modules/graphical: add wdisplay, bt config 2024-10-18 16:43:00 +02:00
b12f 3b2c24ab1e
flake: update nixpkgs inputs
Includes fix for FF RCE https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
2024-10-10 13:27:16 +02:00
b12f 0b8e4e2fab
modules/wireguard: use domain-specific DNS 2024-10-01 15:31:25 +02:00
b12f f721a54007
modules/wireguard: add momo network 2024-09-20 10:59:08 +02:00
b12f 67e5c533d9
modules/graphical: dedupe brightnessctl keybindings 2024-09-20 10:57:58 +02:00
b12f 32f46d4d7d
wireguard: add momo network 2024-09-13 15:45:20 +02:00
b12f edc1f68670
firefly: fix remote auth header config 2024-09-13 12:03:51 +02:00
b12f 3ed0b291f3
modules/terminal-life: improve neomutt theming 2024-09-12 17:05:20 +02:00
b12f ba78e0baf3
modules/terminal-life: remove unused base16 script 2024-09-12 13:59:25 +02:00
b12f 28933587b4
overlays: remove element-desktop electron 28 override 2024-09-12 13:59:05 +02:00
b12f 197f343bd5
hosts/pie: update authelia, firefly, invoiceplane 2024-09-12 13:58:32 +02:00
b12f fc71a1c816
pkgs: change invoice fetcher script to bash 2024-09-10 13:12:43 +02:00
b12f 01c0b30a98
frikandel: add disabled jellyfin and authelia forwards 2024-09-06 19:29:46 +02:00
b12f 7eb2b80e22
droppie: remove autostop 2024-09-06 19:29:34 +02:00
b12f f08bfc3145
pie/authelia: add jellyfin oidc config base 2024-09-06 19:29:08 +02:00
b12f ee324d57af
modules/terminal-life: use theme variables for fzf 2024-09-06 17:39:10 +02:00
b12f f015e9c6fa
pkgs/record-screen: hide wf-recorder 2024-09-06 17:38:43 +02:00
b12f 048e6a6bb4
hosts/frikandel: add jellyfin forward 2024-09-06 17:38:06 +02:00
b12f 451ed9928f
modules/graphical: move qt definition 2024-09-06 00:25:02 +02:00
b12f 3337c8665f
modules/graphical: fix sway screenrecord keybinding 2024-09-06 00:25:01 +02:00
b12f aca454bcfb
Merge branch 'main' of git.pub.solar:b12f/os 2024-09-05 17:30:39 +02:00
b12f 1cb9bd0cd3
modules/graphical: clean up sway config, fix screen recording 2024-09-05 01:22:56 +02:00
b12f cf857156cf
modules/graphical: add background to sway 2024-09-04 22:36:05 +02:00
b12f c62ed5a14b
modules/graphical: import sway theming file 2024-09-04 22:32:03 +02:00
b12f 165fa48bfa
style: improve theming with global variables 2024-09-04 22:28:41 +02:00
Benjamin Yule Bädorf 4fb46398d3
Merge branch 'main' of git.pub.solar:b12f/os 2024-08-30 14:58:47 +02:00
b12f 9fc9b6b5c8
modules/graphical: increase swaylock timings 2024-08-30 14:07:40 +02:00
b12f 286a0b32d1
mezza.biz: update website 2024-08-30 14:07:20 +02:00
b12f e3c1dca056
modules/wireguard: add new pub.solar hosts 2024-08-30 14:06:04 +02:00
b12f b0373ff19d
frikandel: deploy mezza.biz, update nixpkgs inputs 2024-08-24 21:39:20 +02:00
b12f 5d589621e8
graphical: add xbacklight 2024-08-24 21:12:05 +02:00
b12f b02770adea
modules/terminal-life: add nvim filetype handling for age secrets 2024-08-23 19:00:12 +02:00
b12f 483c486359
modules/terminal-life: update nvim keybindings 2024-08-23 18:59:52 +02:00
b12f 091767fbae
frikandel/email: make sure emails reach the right catch-all 2024-08-19 17:09:01 +02:00
b12f ddeed05da6
lint: lint with alejandra 2024-08-19 10:03:17 +02:00
b12f e630def7b6
overlays: use blesh from nixpkgs & lix instead of nix 2024-08-19 10:03:03 +02:00
b12f 8b860a4878
flake: update nixpkgs inputs 2024-08-19 10:02:42 +02:00
b12f 4ce7b4490c
cat: update hosts in ssh settings 2024-08-19 10:02:20 +02:00
b12f ff4af10e15
pkgs: update nvfetcher sources 2024-08-19 09:18:59 +02:00
b12f 50c182d827
terminal-life/nvim: lint vim files, add recent command telescope 2024-08-19 00:23:24 +02:00
b12f a1670dcb3d
lint: lint nix files with alejandra 2024-08-19 00:22:59 +02:00
b12f d67d75eda3
terminal-life: reduce nvim config, switch to telescope 2024-08-19 00:07:22 +02:00
b12f 6f3fce1d9f
user/b12f: don't use real name for all email addresses 2024-08-18 18:53:31 +02:00
b12f 9439ed4c44
email: add mail@b12f.io and mail@hzdomain 2024-08-16 21:33:49 +02:00
b12f 34050a14cc
pkgs: update nvfetcher packages 2024-08-16 19:03:16 +02:00
Benjamin Yule Bädorf 6bbc296337
wireguard: add tankstelle to pub.solar nodes 2024-08-16 10:54:55 +02:00
Benjamin Yule Bädorf 341491f7a7
networking: add frikandel initrd to hosts file 2024-08-16 10:54:06 +02:00
b12f b3800fb26f
terraform: halfway working DNS for hosting.de 2024-08-14 23:11:14 +02:00
b12f e712fd4515
deploy: take deploy-rs from cache 2024-08-14 10:35:17 +02:00
b12f b20b5d10b8
frikandel: rename wireguard secret 2024-08-14 10:35:03 +02:00
b12f 51e1b81040
yule: update email 2024-08-14 09:39:15 +02:00
b12f a3c77b42fb
terminal-life: use the user name instead of fullname for git 2024-08-14 09:38:05 +02:00
b12f fc64336279
printing: persist the right directory 2024-08-14 09:37:53 +02:00
b12f 1d1927d570
email: add hetzner email 2024-08-14 09:36:50 +02:00
Benjamin Yule Bädorf e64354a232
flake: update nixpkgs inputs 2024-08-09 16:14:27 +02:00
Benjamin Yule Bädorf 27f3ca7c0c
b12f: remove zoom 2024-07-16 10:26:18 +02:00
Benjamin Yule Bädorf 26e81588d6
wireguard: fix conflicting listening ports 2024-07-16 10:25:44 +02:00
Benjamin Yule Bädorf b5c30f5da7
boot: use hardened linux 6.6 LTS kernel 2024-07-02 09:42:57 +02:00
Benjamin Yule Bädorf 3d6c90a559
flake: update nixpkgs inputs 2024-07-01 18:38:53 +02:00
Benjamin Yule Bädorf c75a05d46a
printing: add cups directory to persistence 2024-07-01 18:38:28 +02:00
Benjamin Yule Bädorf eccda6cd08
osm: reenable openstreetmap on stroopwafel 2024-06-17 15:24:24 +02:00
Benjamin Yule Bädorf 45d6f56d1d
overlay: take ungoogled-chromium from 24.05 2024-06-17 15:24:09 +02:00
Benjamin Yule Bädorf ee611894f8
wireguard: remove with lib;, dedupe systemd service config 2024-06-17 15:23:32 +02:00
Benjamin Yule Bädorf 23af0457bb
flake: update nixpkgs inputs 2024-06-17 15:08:29 +02:00
Benjamin Yule Bädorf d016eee124
search: use search.pub.solar by default 2024-06-17 15:07:57 +02:00
Benjamin Yule Bädorf 9616093a21
wireguard: add ehex vpn 2024-06-11 14:57:33 +02:00
Benjamin Yule Bädorf b8a48cd704
nixos: more 24.05 fixes and updates 2024-06-03 12:30:14 +02:00
Benjamin Yule Bädorf 561361f771
email: update pub.solar mail host 2024-06-03 12:29:46 +02:00
Benjamin Yule Bädorf 46853a5bd2
dns: add stroopwafel and chocolatebar in wireguard 2024-06-03 12:29:05 +02:00
Benjamin Yule Bädorf dd16d7ddb7
nixos: update to 24.05 2024-06-02 23:47:00 +02:00
Benjamin Yule Bädorf 6c4990d40f
droppie: add /dev/sda1 2024-06-02 20:19:44 +02:00
Benjamin Yule Bädorf 3555a2a416
ssh: remove nistp SSH identity 2024-05-26 19:20:09 +02:00
Benjamin Yule Bädorf 6387f7a749
chocolatebar: don't use realtime kernel 2024-05-26 19:16:16 +02:00
Benjamin Yule Bädorf b9bc457494
secrets: add restic and rclone secret to chocolatebar 2024-05-26 19:11:26 +02:00
Benjamin Yule Bädorf 7e6dec32cc
yule: update password hash 2024-05-26 19:08:18 +02:00
Benjamin Yule Bädorf 948460ffc5
iso: open SSH port in firewall 2024-05-26 19:08:04 +02:00
Benjamin Yule Bädorf 6d62c706e9
public-keys: add id_bbcom as fallback 2024-05-26 19:07:14 +02:00
Benjamin Yule Bädorf 7ef1e0ec7b
flake: update nixpkgs inputs 2024-05-26 19:06:58 +02:00
Benjamin Yule Bädorf 7b4f1e0102
invoiceplane-templates: use https for fetching 2024-05-23 09:22:42 +02:00
Benjamin Yule Bädorf 70472a5c38
email: Add contact miom.space address 2024-05-19 14:18:08 +02:00
Benjamin Yule Bädorf 8b08a3afce
graphical: add wl-mirror 2024-05-16 11:36:55 +02:00
Benjamin Yule Bädorf 1bdbc70e98
flake: update nixpkgs inputs 2024-05-16 11:36:23 +02:00
Benjamin Yule Bädorf 1e40964857
home: reenable zoom :( 2024-04-26 15:22:48 +02:00
Benjamin Yule Bädorf ab956cf63a
nvim: show otherwise hidden characters 2024-04-19 10:56:31 +02:00
Benjamin Yule Bädorf 8ac837f481
desktop-extended: add nix-inspect 2024-04-15 16:22:06 +02:00
Benjamin Yule Bädorf 08eb16fc93
wireguard: make sure wg never blocks boot 2024-04-15 12:39:13 +02:00
Benjamin Yule Bädorf 54fc54285f
nvim: add filetypes for vto, add all treesitter grammars 2024-04-15 12:37:57 +02:00
Benjamin Yule Bädorf afa83a4e24
desktop-extended: add whalebird mastodon client 2024-04-15 12:37:31 +02:00
Benjamin Yule Bädorf 17ee75088a
email: add backups for local emails and maddy 2024-04-11 13:00:46 +02:00
Benjamin Yule Bädorf 5891c59c4f
paperless: add email creds to config 2024-04-09 20:15:39 +02:00
Benjamin Yule Bädorf cf485df2d2
firefly: fix auth proxying for importer 2024-04-09 20:15:14 +02:00
Benjamin Yule Bädorf e3fefc1cd1
Update invoiceplane template 2024-04-06 03:08:39 +02:00
Benjamin Yule Bädorf e79b99e3ed
authelia/invoiceplane: get working setup 2024-04-06 02:36:58 +02:00
Benjamin Yule Bädorf 9578d0fa1a
wireguard/ssh: add pub.solar wireguard config 2024-04-06 02:36:41 +02:00
210 changed files with 3898 additions and 3727 deletions

View file

@ -20,8 +20,8 @@ indent_style = unset
indent_size = unset
[{.*,secrets}/**]
end_of_line = unset
insert_final_newline = unset
end_of_line = false
insert_final_newline = false
trim_trailing_whitespace = unset
charset = unset
indent_style = unset

View file

@ -3,17 +3,17 @@
"adblock-unbound": {
"inputs": {
"adblockStevenBlack": "adblockStevenBlack",
"flake-utils": "flake-utils",
"lancache-domains": "lancache-domains",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1688055723,
"narHash": "sha256-8WtkSAr4qYA3o6kiOCESK3rHJmIsa6TMBrT3/Cbfvro=",
"lastModified": 1704832551,
"narHash": "sha256-6xS/ANMIh3b4Ia3Ubl9rtb3LVw9QldihnP3IvuG9zwQ=",
"owner": "MayNiklas",
"repo": "nixos-adblock-unbound",
"rev": "9356ccd526fdcf91bfee7f0ebebae831349d43cc",
"rev": "a5d3731836b1c2ca65834e07be03c02daca5b434",
"type": "github"
},
"original": {
@ -41,16 +41,18 @@
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
]
],
"systems": "systems"
},
"locked": {
"lastModified": 1682101079,
"narHash": "sha256-MdAhtjrLKnk2uiqun1FWABbKpLH090oeqCSiWemtuck=",
"lastModified": 1716561646,
"narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=",
"owner": "ryantm",
"repo": "agenix",
"rev": "2994d002dcff5353ca1ac48ec584c7f6589fe447",
"rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9",
"type": "github"
},
"original": {
@ -67,11 +69,11 @@
]
},
"locked": {
"lastModified": 1696360011,
"narHash": "sha256-HpPv27qMuPou4acXcZ8Klm7Zt0Elv9dgDvSJaomWb9Y=",
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "8b6ea26d5d2e8359d06278364f41fbc4b903b28a",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
@ -85,7 +87,7 @@
"inputs": {
"devshell": "devshell",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
},
"locked": {
@ -113,11 +115,11 @@
"utils": "utils"
},
"locked": {
"lastModified": 1695052866,
"narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
"lastModified": 1715699772,
"narHash": "sha256-sKhqIgucN5sI/7UQgBwsonzR4fONjfMr9OcHK/vPits=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
"rev": "b3ea6f333f9057b77efd9091119ba67089399ced",
"type": "github"
},
"original": {
@ -151,6 +153,27 @@
"type": "github"
}
},
"devshell_2": {
"inputs": {
"nixpkgs": [
"mezza-biz",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722113426,
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
"owner": "numtide",
"repo": "devshell",
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -170,11 +193,11 @@
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
@ -188,11 +211,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1693611461,
"narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=",
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
@ -206,11 +229,11 @@
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1709336216,
"narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=",
"lastModified": 1717285511,
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2",
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
"type": "github"
},
"original": {
@ -219,22 +242,58 @@
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_3"
},
"locked": {
"lastModified": 1722555600,
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_4"
},
"locked": {
"lastModified": 1714606777,
"narHash": "sha256-bMkNmAXLj8iyTvxaaD/StcLSadbj1chPcJOjtuVnLmA=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "4d34ce6412bc450b1d4208c953dc97c7fc764f1a",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-root": {
"locked": {
"lastModified": 1713493429,
"narHash": "sha256-ztz8JQkI08tjKnsTpfLqzWoKFQF4JGu2LRz8bkdnYUk=",
"owner": "srid",
"repo": "flake-root",
"rev": "bc748b93b86ee76e2032eecda33440ceb2532fcd",
"type": "github"
},
"original": {
"owner": "srid",
"repo": "flake-root",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
@ -252,31 +311,52 @@
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1710888565,
"narHash": "sha256-s9Hi4RHhc6yut4EcYD50sZWRDKsugBJHSbON8KFwoTw=",
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f33900124c23c4eca5831b9b5eb32ea5894375ce",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.11",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1716736833,
"narHash": "sha256-rNObca6dm7Qs524O4st8VJH6pZ/Xe1gxl+Rx6mcWYo0=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "a631666f5ec18271e86a5cde998cba68c33d9ac6",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1706639736,
"narHash": "sha256-CaG4j9+UwBDfinxxvJMo6yOonSmSo0ZgnbD7aj2Put0=",
"lastModified": 1708968331,
"narHash": "sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "cd13c2917eaa68e4c49fea0ff9cada45440d7045",
"rev": "a33ef102a02ce77d3e39c25197664b7a636f9c30",
"type": "github"
},
"original": {
@ -285,14 +365,73 @@
"type": "github"
}
},
"invoiceplane-template": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1712364633,
"narHash": "sha256-BfdaBTDA07ijUrK47aa8AMDTBB3nWYm74CBAwd/mllg=",
"ref": "refs/heads/main",
"rev": "8056309d6cf694647262a11415aceac68015cfd2",
"revCount": 22,
"type": "git",
"url": "https://git.pub.solar/b12f/invoiceplane-templates.git"
},
"original": {
"type": "git",
"url": "https://git.pub.solar/b12f/invoiceplane-templates.git"
}
},
"lancache-domains": {
"flake": false,
"locked": {
"lastModified": 1679999806,
"narHash": "sha256-oDZ2pSf8IgofRS4HaRppGcd4kHQj48AC9dkS++avYy8=",
"owner": "uklans",
"repo": "cache-domains",
"rev": "31b2ba1e0a7c419327cb97f589b508d78b9aecbf",
"type": "github"
},
"original": {
"owner": "uklans",
"repo": "cache-domains",
"type": "github"
}
},
"mezza-biz": {
"inputs": {
"devshell": "devshell_2",
"flake-parts": "flake-parts_3",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1724541053,
"narHash": "sha256-bQiwF08H8GEi7lxNiJKc4Gu42K7zYeDPPqRCNYVnp7U=",
"ref": "refs/heads/main",
"rev": "0ee615488dec2685cee6ed558cbfcf9840e92b94",
"revCount": 10,
"type": "git",
"url": "https://git.pub.solar/b12f/mezza.biz.git"
},
"original": {
"type": "git",
"url": "https://git.pub.solar/b12f/mezza.biz.git"
}
},
"mobile-nixos": {
"flake": false,
"locked": {
"lastModified": 1696124168,
"narHash": "sha256-EzGHYAR7rozQQLZEHbKEcb5VpUFGoxwEsM0OWfW4wqU=",
"lastModified": 1715627339,
"narHash": "sha256-HJ6V7hc64iBqXlZ8kH4sXmUzPH+0Hn6wYURmZmL5LFk=",
"owner": "nixos",
"repo": "mobile-nixos",
"rev": "7cee346c3f8e73b25b1cfbf7a086a7652c11e0f3",
"rev": "655c8830d5fe2eae79c8fc0bab8033b34c8456eb",
"type": "github"
},
"original": {
@ -306,11 +445,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1690426816,
"narHash": "sha256-vvOrLE6LlBVYigA1gSrlkknFwfuq9qmLA4h6ubiJ22g=",
"lastModified": 1716767591,
"narHash": "sha256-e7mG0KhSnMkdgIGPKw6Bs2B6D44B/GB6Zo0NgxFxJTc=",
"owner": "musnix",
"repo": "musnix",
"rev": "e651b06f8a3ac7d71486984100e8a79334da8329",
"rev": "65f1b5863ff6157d4870ed177e8ccd82e21127ad",
"type": "github"
},
"original": {
@ -321,15 +460,16 @@
},
"nixd": {
"inputs": {
"flake-parts": "flake-parts_2",
"flake-parts": "flake-parts_4",
"flake-root": "flake-root",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1710142672,
"narHash": "sha256-MRClVDHMGXglXpSR+RflwnrY/ngePqrxOwiwoh5/BtU=",
"lastModified": 1717293270,
"narHash": "sha256-twDibXDWwmySk6C/hFUpeBewB5heSyCDDHWOAeRSp40=",
"owner": "nix-community",
"repo": "nixd",
"rev": "eb40e5b315fafa1086f69be84918bbd9235e0a10",
"rev": "be5ad5ec113595e2900e6391a08cf0e4784a9cfe",
"type": "github"
},
"original": {
@ -341,11 +481,11 @@
},
"nixos-flake": {
"locked": {
"lastModified": 1692742948,
"narHash": "sha256-19LQQFGshuQNrrXZYVt+mWY0O3NbhEXeMy3MZwzYZGo=",
"lastModified": 1716406291,
"narHash": "sha256-qHjJ6alc4o3p51hrPp3JGdC5Pbz5EjF+UZq1HbK8av0=",
"owner": "srid",
"repo": "nixos-flake",
"rev": "2c25190ceacdaaae7e8afbecfa87096bb499a431",
"rev": "aa9100167350cbdffaa272b0fd382d7c23606b86",
"type": "github"
},
"original": {
@ -356,11 +496,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1686838567,
"narHash": "sha256-aqKCUD126dRlVSKV6vWuDCitfjFrZlkwNuvj5LtjRRU=",
"lastModified": 1717248095,
"narHash": "sha256-e8X2eWjAHJQT82AAN+mCI0B68cIDBJpqJ156+VRrFO0=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "429f232fe1dc398c5afea19a51aad6931ee0fb89",
"rev": "7b49d3967613d9aacac5b340ef158d493906ba79",
"type": "github"
},
"original": {
@ -387,30 +527,48 @@
},
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1693471703,
"narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85",
"type": "github"
"lastModified": 1717284937,
"narHash": "sha256-lIbdfCsf8LMFloheeE6N31+BMIeixqyQWbSr2vk79EQ=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
}
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1717284937,
"narHash": "sha256-lIbdfCsf8LMFloheeE6N31+BMIeixqyQWbSr2vk79EQ=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
}
},
"nixpkgs-lib_3": {
"locked": {
"lastModified": 1722555339,
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
}
},
"nixpkgs-lib_4": {
"locked": {
"dir": "lib",
"lastModified": 1709237383,
"narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
"lastModified": 1714253743,
"narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
"rev": "58a1abdbae3217ca6b702f03d3b35125d88a2994",
"type": "github"
},
"original": {
@ -423,11 +581,11 @@
},
"nixpkgs-master": {
"locked": {
"lastModified": 1711717242,
"narHash": "sha256-PW9J9sFw5DA4Fo3Cq4Soc+an6tjTS4VV2NxG6G0UMqw=",
"lastModified": 1728551786,
"narHash": "sha256-wO3aWtTYEdaDwUdbA2bj3PTBKu3idTolOOnrPnzRo8o=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "824952ff6b32b0019465b139b5c76d915ec074ea",
"rev": "565db77725e0d5b0b448ecf4998239c3fddd374a",
"type": "github"
},
"original": {
@ -439,11 +597,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1711523803,
"narHash": "sha256-UKcYiHWHQynzj6CN/vTcix4yd1eCu1uFdsuarupdCQQ=",
"lastModified": 1728492678,
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2726f127c15a4cc9810843b96cad73c7eb39e443",
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
"type": "github"
},
"original": {
@ -455,11 +613,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1690272529,
"narHash": "sha256-MakzcKXEdv/I4qJUtq/k/eG+rVmyOZLnYNC2w1mB59Y=",
"lastModified": 1716509168,
"narHash": "sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ef99fa5c5ed624460217c31ac4271cfb5cb2502c",
"rev": "bfb7a882678e518398ce9a31a881538679f6f092",
"type": "github"
},
"original": {
@ -471,11 +629,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1710097495,
"narHash": "sha256-B7Ea7q7hU7SE8wOPJ9oXEBjvB89yl2csaLjf5v/7jr8=",
"lastModified": 1714562304,
"narHash": "sha256-Mr3U37Rh6tH0FbaDFu0aZDwk9mPAe7ASaqDOGgLqqLU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d40e866b1f98698d454dad8f592fe7616ff705a4",
"rev": "bcd44e224fd68ce7d269b4f44d24c2220fd821e7",
"type": "github"
},
"original": {
@ -487,16 +645,16 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1711460390,
"narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
"lastModified": 1728500571,
"narHash": "sha256-dOymOQ3AfNI4Z337yEwHGohrVQb4yPODCW9MDUyAc4w=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
"rev": "d51c28603def282a24fa034bcb007e2bcb5b5dd0",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-23.11",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
@ -508,16 +666,15 @@
]
},
"locked": {
"lastModified": 1708706677,
"lastModified": 1708750443,
"narHash": "sha256-fUIT9v5FGy9KbbPKBVcxw2rwxqLZUVElqTtZWM7FiNI=",
"owner": "b12f",
"owner": "tfc",
"repo": "nixos-openstreetmap",
"rev": "9057f546a5762a6b1645a8d4c22f818e29908144",
"rev": "0fd30b016eb838395d85948b9ecf00ff59b4581d",
"type": "github"
},
"original": {
"owner": "b12f",
"ref": "flake-nixosmodule",
"owner": "tfc",
"repo": "nixos-openstreetmap",
"type": "github"
}
@ -530,8 +687,10 @@
"deploy-rs": "deploy-rs",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"home-manager": "home-manager",
"home-manager": "home-manager_2",
"impermanence": "impermanence",
"invoiceplane-template": "invoiceplane-template",
"mezza-biz": "mezza-biz",
"mobile-nixos": "mobile-nixos",
"musnix": "musnix",
"nixd": "nixd",
@ -540,16 +699,65 @@
"nixpkgs": "nixpkgs_4",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable",
"openstreetmap": "openstreetmap"
"openstreetmap": "openstreetmap",
"themes": "themes"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"themes": {
"locked": {
"lastModified": 1715166503,
"narHash": "sha256-eG3+PTzJntnMrO9J2fCtshU+XX18uI8iIjDKU9NkJXA=",
"owner": "RGBCube",
"repo": "ThemeNix",
"rev": "c188d0d729841f71f576dfb544e70c0340bf52a8",
"type": "github"
},
"original": {
"owner": "RGBCube",
"repo": "ThemeNix",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {

View file

@ -3,7 +3,7 @@
inputs = {
# Track channels with commits tested and built by hydra
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-master.url = "github:nixos/nixpkgs/master";
@ -12,9 +12,11 @@
flake-compat.url = "github:edolstra/flake-compat";
flake-compat.flake = false;
home-manager.url = "github:nix-community/home-manager/release-23.11";
home-manager.url = "github:nix-community/home-manager/release-24.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
themes.url = "github:RGBCube/ThemeNix";
flake-parts.url = "github:hercules-ci/flake-parts";
nixos-flake.url = "github:srid/nixos-flake";
@ -37,14 +39,20 @@
adblock-unbound.url = "github:MayNiklas/nixos-adblock-unbound";
adblock-unbound.inputs.nixpkgs.follows = "nixpkgs";
openstreetmap.url = "github:b12f/nixos-openstreetmap/flake-nixosmodule";
openstreetmap.url = "github:tfc/nixos-openstreetmap";
openstreetmap.inputs.nixpkgs.follows = "nixpkgs";
deno2nix.url = "github:SnO2WMaN/deno2nix";
invoiceplane-template.url = "git+https://git.pub.solar/b12f/invoiceplane-templates.git";
invoiceplane-template.inputs.nixpkgs.follows = "nixpkgs";
mezza-biz.url = "git+https://git.pub.solar/b12f/mezza.biz.git";
mezza-biz.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs@{ self, ... }:
inputs.flake-parts.lib.mkFlake { inherit inputs; } {
outputs = inputs @ {self, ...}:
inputs.flake-parts.lib.mkFlake {inherit inputs;} {
systems = [
"x86_64-linux"
"aarch64-linux"
@ -52,7 +60,9 @@
imports = [
inputs.nixos-flake.flakeModule
inputs.flake-parts.flakeModules.easyOverlay
./public-keys.nix
./theme.nix
./lib
./modules
./hosts
@ -60,14 +70,23 @@
./overlays
];
perSystem = args@{ system, pkgs, lib, config, ... }: {
perSystem = args @ {
system,
pkgs,
config,
...
}: {
packages = import ./pkgs args;
overlayAttrs = config.packages;
_module.args = {
inherit inputs;
pkgs = import inputs.nixpkgs {
inherit system;
overlays = with inputs; [
agenix.overlays.default
nixd.overlays.default
overlays = [
inputs.agenix.overlays.default
inputs.nixd.overlays.default
inputs.invoiceplane-template.overlays.default
];
};
};
@ -75,6 +94,7 @@
devShells.default = pkgs.mkShell {
packages = with pkgs; [
nix
nixd
agenix
age-plugin-yubikey
cachix
@ -91,6 +111,7 @@
deploy-rs
terraform-ls
opentofu
terraform-backend-git

View file

@ -1,19 +0,0 @@
# Touchpad controls
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
# Screen brightness controls
bindsym XF86MonBrightnessUp exec "brightnessctl -d intel_backlight set +10%; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ {print $4}')"
bindsym XF86MonBrightnessDown exec "brightnessctl -d intel_backlight set 10%-; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ { print $4}')"
# Keyboard backlight brightness controls
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
# Pulse Audio controls
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
# Media player controls
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"

View file

@ -25,7 +25,6 @@ in {
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
};
};

View file

@ -1,4 +1,4 @@
{ ... }: {
{...}: {
imports = [
./configuration.nix
./hardware-configuration.nix

View file

@ -1,19 +0,0 @@
# Touchpad controls
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
# Screen brightness controls
bindsym XF86MonBrightnessUp exec "brightnessctl -d intel_backlight set +10%; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ {print $4}')"
bindsym XF86MonBrightnessDown exec "brightnessctl -d intel_backlight set 10%-; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ { print $4}')"
# Keyboard backlight brightness controls
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
# Pulse Audio controls
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
# Media player controls
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"

View file

@ -10,7 +10,7 @@ with lib; let
in {
musnix = {
enable = true;
kernel.realtime = true;
kernel.realtime = false;
soundcardPciId = "0d:00.4";
};
@ -23,14 +23,12 @@ in {
];
};
environment.etc = {
"pipewire/pipewire.conf.d/92-low-latency.conf".text = ''
context.properties = {
default.clock.rate = 48000
default.clock.quantum = 32
default.clock.min-quantum = 32
default.clock.max-quantum = 32
}
'';
services.pipewire.extraConfig.pipewire."92-low-latency" = {
"context.properties" = {
"default.clock.rate" = 48000;
"default.clock.quantum" = 32;
"default.clock.min-quantum" = 32;
"default.clock.max-quantum" = 32;
};
};
}

View file

@ -29,7 +29,6 @@ in {
pub-solar.terminal-life.full = true;
environment.systemPackages = with pkgs; [
drone-docker-runner
stdenv.cc.cc.lib
hplip
uhk-agent

View file

@ -39,6 +39,6 @@ in {
];
};
networking.firewall.allowedUDPPorts = [ 34197 ];
networking.firewall.allowedTCPPorts = [ 34197 ];
networking.firewall.allowedUDPPorts = [34197];
networking.firewall.allowedTCPPorts = [34197];
}

View file

@ -1,8 +1,12 @@
{ withSystem, self, inputs, ...}:
{
self,
inputs,
...
}: {
flake = {
nixosConfigurations = {
stroopwafel = self.nixos-flake.lib.mkLinuxSystem {
nixpkgs.hostPlatform = "x86_64-linux";
imports = [
inputs.impermanence.nixosModules.impermanence
@ -65,8 +69,6 @@
self.nixosModules.base
./droppie
self.nixosModules.yule
self.nixosModules.acme
self.nixosModules.proxy
self.nixosModules.persistence
];
};
@ -137,7 +139,7 @@
self.nixosModules.graphical
self.nixosModules.audio
self.nixosModules.bluetooth
({ ... }: { pub-solar.graphical.wayland.software-renderer.enable = true; })
({...}: {pub-solar.graphical.wayland.software-renderer.enable = true;})
];
};
};

View file

@ -24,7 +24,7 @@ in {
};
systemd.timers."shutdown-after-backup" = {
enable = true;
enable = false;
timerConfig = {
OnCalendar = "*-*-* 02..11:05,15,25,35,45,55:00 Etc/UTC";
};

View file

@ -20,10 +20,11 @@ in {
boot.kernelParams = [
"boot.shell_on_fail=1"
"nomodeset"
# Hack so that network is considered up by boot.initrd.network and postCommands gets executed.
"ip=127.0.0.1:::::lo:none"
];
boot.initrd.availableKernelModules = [ "tg3" ];
boot.initrd.availableKernelModules = ["tg3"];
boot.initrd.network = {
enable = true;
ssh = {

View file

@ -5,7 +5,5 @@
./networking.nix
./backup-autostop.nix
./nginx.nix
./jellyfin.nix
];
}

View file

@ -1,57 +1,67 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "uas" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" "amdgpu" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "uas" "sd_mod"];
boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.initrd.luks.devices."cryptroot" = {
device = "/dev/sdb2";
allowDiscards = true;
boot.initrd.luks.devices = {
"cryptroot" = {
device = "/dev/disk/by-uuid/08330ff9-581a-41e1-b8fa-757dc4c90b16";
allowDiscards = true;
};
"cryptdata".device = "/dev/disk/by-uuid/bc9f00ea-027e-409b-87c9-ab5628683378";
};
fileSystems."/" =
{ device = "none";
fsType = "tmpfs";
};
fileSystems."/" = {
device = "none";
fsType = "tmpfs";
};
fileSystems."/media/internal" =
{ device = "/dev/disk/by-uuid/5cf314a8-82f4-4037-a724-62d2ff226cff";
fsType = "ext4";
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/837cc93f-6d9a-4bfd-b089-29ac6d68127c";
fsType = "ext4";
neededForBoot = true;
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/837cc93f-6d9a-4bfd-b089-29ac6d68127c";
fsType = "ext4";
};
fileSystems."/persist" = {
device = "/dev/disk/by-uuid/a7711118-51b0-4d84-8f18-ef2e06084e05";
fsType = "ext4";
neededForBoot = true;
};
fileSystems."/persist" =
{ device = "/dev/disk/by-uuid/a7711118-51b0-4d84-8f18-ef2e06084e05";
fsType = "ext4";
neededForBoot = true;
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/0965d496-ffad-4a8d-9de7-28af903baf16";
fsType = "ext4";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/0965d496-ffad-4a8d-9de7-28af903baf16";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/991E-79C1";
fsType = "vfat";
neededForBoot = true;
options = [ "fmask=0022" "dmask=0022" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/991E-79C1";
fsType = "vfat";
};
fileSystems."/data" = {
device = "/dev/disk/by-uuid/391db8c4-5654-4a5c-a5c8-e34811f54786";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/0ef8dbbd-2832-4fb2-8a52-86682822f769"; }
];
swapDevices = [
{device = "/dev/disk/by-uuid/0ef8dbbd-2832-4fb2-8a52-86682822f769";}
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

View file

@ -1,44 +0,0 @@
{
flake,
config,
pkgs,
lib,
...
}: {
environment.systemPackages = [
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
services.jellyfin = {
enable = true;
openFirewall = false;
};
# from https://jellyfin.org/docs/general/networking/index.html
networking.firewall.allowedUDPPorts = [ 1900 7359 ];
security.acme.certs = {
"media.b12f.io" = {};
};
services.nginx.virtualHosts = {
"media.b12f.io" = {
forceSSL = true;
useACMEHost = "media.b12f.io";
locations."/".proxyPass = "http://127.0.0.1:8096";
};
};
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
vaapiVdpau
libvdpau-va-gl
];
};
}

View file

@ -10,7 +10,12 @@
networking.interfaces.enp2s0f1.useDHCP = true;
networking.interfaces.enp2s0f0 = {
ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 64; } ];
ipv6.addresses = [
{
address = "2a02:908:5b1:e3c0:3::";
prefixLength = 64;
}
];
};
# Allow pub.solar restic backups

View file

@ -1,15 +0,0 @@
{
flake,
config,
pkgs,
lib,
...
}: {
services.nginx = {
defaultListenAddresses = [
"192.168.178.3"
"10.13.12.3"
"[fd00:b12f:acab:1312:acab:3::]"
];
};
}

View file

@ -0,0 +1,17 @@
{
flake,
config,
pkgs,
lib,
...
}: {
security.acme.certs = {
"auth.b12f.io" = {};
};
services.nginx.virtualHosts."auth.b12f.io" = {
forceSSL = true;
useACMEHost = "auth.b12f.io";
locations."/".proxyPass = "https://auth.b12f.io";
};
}

View file

@ -9,7 +9,6 @@ with lib; let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in {
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@ -19,13 +18,14 @@ in {
# Hack so that network is considered up by boot.initrd.network and postCommands gets executed.
"ip=127.0.0.1:::::lo:none"
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_net" ];
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_net"];
boot.initrd.network = {
enable = true;
ssh = {
enable = true;
port = 2222;
hostKeys = [ /boot/initrd-ssh-key ];
hostKeys = [/boot/initrd-ssh-key];
authorizedKeys = flake.self.publicKeys;
shell = "/bin/cryptsetup-askpass";
};
@ -43,7 +43,7 @@ in {
'';
};
boot.supportedFilesystems = [ "zfs" ];
boot.supportedFilesystems = ["zfs"];
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you

View file

@ -6,9 +6,10 @@
./networking.nix
./unbound.nix
./nginx.nix
./invoiceplane-proxy.nix
./wireguard.nix
./email.nix
./website.nix
# ./jellyfin-forward.nix
# ./authelia-forward.nix
];
}

View file

@ -5,9 +5,15 @@
lib,
...
}: let
# hzDomain = lib.concatStrings [ "hw" "dz" "z." "net" ];
hzDomain = lib.concatStrings ["hw" "dz" "z." "net"];
dkimDNSb12fio = ''
default._domainkey IN TXT ( "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyla9hW3TvoXvZQxwzaJ4SZ9ict1HU3E6+FWlwNIgE6tIpTCyRJtiSIUDqB8TLTIBoxIs+QQBXZi+QUi3Agu6OSY2RiV0EwO8+oOOqOD9pERftc/aqe51cXuv4kPqwvpXEBwrXFWVM+VxivEubUJ7eKkFyXJpelv0LslXv/MmYbUyed6dF+reOGZCsvnbiRv74qdxbAL/25j62E8WrnxzJwhUtx/JhdBOjsHBvuw9hy6rZsVJL9eXayWyGRV6qmsLRzsRSBs+mDrgmKk4dugADd11+A03ics3i8hplRoWDkqnNKz1qy4f5TsV6v9283IANrAzRfHwX8EvNiFsBz+ZCQIDAQAB" ) ;
default._domainkey IN TXT ( "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyla9hW3TvoXvZQxwzaJ4SZ9ict1HU3E6+FWlwNIgE6tIpTCyRJtiSIUDqB8TLTIBoxIs+QQBXZi+QUi3Agu6OSY2RiV0EwO8+oOOqOD9pERftc/aqe51cXuv4kPqwvpXEBwrXFWVM+VxivEubUJ7eKkFyXJpelv0LslXv/MmYbUyed6dF+reOGZCsvnbiRv74qdxbAL/25j62E8WrnxzJwhUtx/JhdBOjsHBvuw9hy6rZsVJL9eXayWyGRV6qmsLRzsRSBs+mDrgmKk4dugADd11+A03ics3i8hplRoWDkqnNKz1qy4f5TsV6v9283IANrAzRfHwX8EvNiFsBz+ZCQIDAQAB" ) ;
'';
dkimDNSmezzabiz = ''
default._domainkey IN TXT ( "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG8iuDq0eon2k7QlBJWGxwDiEv53iJQu2uqxOjr7Ul/nfQjuR6kVKs6oOVopnyFTGRpffrpSHHW1YUN5nF76p0fJphk4l+QmJP36/xweajsNU27PAkb88xG6yRKl28MCfPdMR96+Jobpei8S0UhqcskYs1aZybm7ci9ZuAMidziwIDAQAB" ) ;
'';
dkimDNShzDomain = ''
default._domainkey IN TXT ( "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvVA2XZno6g6qBdmxoLgX2Qmd883M6yV4YkE/VaNH6xcR0AcTo4hEYoAOPryfKn4FE/TYvyk/k2cyBKpMBn2qbVhwUavYQh/e9bweS2FKQvdzCUUoqXk04o2MqSXb2ZFwkUCtfrPcckBgpF754PDL4HMZGPnkMSdDX7bmYe37CWQIDAQAB") ;
'';
in {
age.secrets."b12f.io-dkim-private-rsa" = {
@ -23,19 +29,49 @@ in {
owner = "maddy";
};
users.users.maddy.extraGroups = [ "nginx" ];
security.acme.certs = {
"mail.b12f.io" = {
reloadServices = [ "maddy" ];
};
"b12f.io" = {
reloadServices = [ "maddy" ];
};
"mta-sts.b12f.io" = {};
age.secrets."mezza.biz-dkim-private-rsa" = {
file = "${flake.self}/secrets/mezza.biz-dkim-private-rsa.age";
path = "/var/lib/maddy/dkim_keys/mezza.biz_default.key";
mode = "400";
owner = "maddy";
};
services.nginx.virtualHosts = builtins.foldl' (hosts: hostName: hosts // {
age.secrets."mail@mezza.biz-password" = {
file = "${flake.self}/secrets/mail@mezza.biz-password.age";
mode = "400";
owner = "maddy";
};
age.secrets."hzdomain-dkim-private-rsa" = {
file = "${flake.self}/secrets/hzdomain-dkim-private-rsa.age";
path = "/var/lib/maddy/dkim_keys/hzdomain_default.key";
mode = "400";
owner = "maddy";
};
age.secrets."mail@hzdomain-password" = {
file = "${flake.self}/secrets/mail@hzdomain-password.age";
mode = "400";
owner = "maddy";
};
users.users.maddy.extraGroups = ["nginx"];
security.acme.certs = {
"mail.b12f.io".reloadServices = ["maddy"];
"b12f.io".reloadServices = ["maddy"];
"mta-sts.b12f.io" = {};
"mail.mezza.biz".reloadServices = ["maddy"];
"mezza.biz".reloadServices = ["maddy"];
"mta-sts.mezza.biz" = {};
"mail.${hzDomain}".reloadServices = ["maddy"];
"${hzDomain}".reloadServices = ["maddy"];
"mta-sts.${hzDomain}" = {};
};
services.nginx.virtualHosts = builtins.foldl' (hosts: hostName:
hosts
// {
"mta-sts.${hostName}" = {
forceSSL = true;
useACMEHost = "mta-sts.${hostName}";
@ -52,21 +88,23 @@ in {
tryFiles = "$uri $uri/ =404";
};
};
}) {} [ "b12f.io" ];
}) {} ["b12f.io" "mezza.biz" hzDomain];
systemd.tmpfiles.rules = [
"d '/run/maddy' 0750 maddy maddy - -"
];
system.activationScripts.makeMaddyDKIMDNS = lib.stringAfter [ "var" ] ''
system.activationScripts.makeMaddyDKIMDNS = lib.stringAfter ["var"] ''
mkdir -p /var/lib/maddy/dkim_keys
echo '${dkimDNSb12fio}' >> /var/lib/maddy/dkim_keys/b12f.io_default.dns
echo '${dkimDNSmezzabiz}' >> /var/lib/maddy/dkim_keys/mezza.biz_default.dns
echo '${dkimDNShzDomain}' >> /var/lib/maddy/dkim_keys/${hzDomain}_default.dns
chown -R maddy:maddy /var/lib/maddy
'';
networking.firewall.allowedTCPPorts = [ 25 ];
networking.firewall.interfaces.wg-private.allowedTCPPorts = [ 465 587 993 ];
networking.firewall.allowedTCPPorts = [25];
networking.firewall.interfaces.wg-private.allowedTCPPorts = [465 587 993];
services.maddy = {
enable = true;
@ -76,14 +114,22 @@ in {
localDomains = [
"b12f.io"
"mail.b12f.io"
"mezza.biz"
"mail.mezza.biz"
hzDomain
"mail.${hzDomain}"
];
ensureAccounts = [
"mail@b12f.io"
"mail@mezza.biz"
"mail@${hzDomain}"
];
ensureCredentials = {
# Do not use this in production. This will make passwords world-readable
# in the Nix store
"mail@b12f.io".passwordFile = config.age.secrets."mail@b12f.io-password".path;
"mail@mezza.biz".passwordFile = config.age.secrets."mail@mezza.biz-password".path;
"mail@${hzDomain}".passwordFile = config.age.secrets."mail@hzdomain-password".path;
};
tls = {
loader = "file";
@ -96,6 +142,22 @@ in {
keyPath = "${config.security.acme.certs."b12f.io".directory}/key.pem";
certPath = "${config.security.acme.certs."b12f.io".directory}/cert.pem";
}
{
keyPath = "${config.security.acme.certs."mail.mezza.biz".directory}/key.pem";
certPath = "${config.security.acme.certs."mail.mezza.biz".directory}/cert.pem";
}
{
keyPath = "${config.security.acme.certs."mezza.biz".directory}/key.pem";
certPath = "${config.security.acme.certs."mezza.biz".directory}/cert.pem";
}
{
keyPath = "${config.security.acme.certs."mail.${hzDomain}".directory}/key.pem";
certPath = "${config.security.acme.certs."mail.${hzDomain}".directory}/cert.pem";
}
{
keyPath = "${config.security.acme.certs."${hzDomain}".directory}/key.pem";
certPath = "${config.security.acme.certs."${hzDomain}".directory}/cert.pem";
}
];
};
config = ''
@ -145,7 +207,7 @@ in {
# replace rcpt to catchall and deliver it there
destination $(local_domains) {
modify {
replace_rcpt regexp ".*" "mail@$(primary_domain)"
replace_rcpt regexp "(.+)@(.+)" "mail@$2"
}
deliver_to &local_mailboxes
}
@ -251,5 +313,26 @@ in {
'';
};
systemd.services.rspamd.serviceConfig.SupplementaryGroups = [ "maddy" ];
systemd.services.rspamd.serviceConfig.SupplementaryGroups = ["maddy"];
age.secrets."rclone-pubsolar.conf" = {
file = "${flake.self}/secrets/rclone-pubsolar.conf.age";
mode = "400";
};
age.secrets."restic-password" = {
file = "${flake.self}/secrets/restic-password.age";
mode = "400";
};
services.restic.backups = {
maddy = {
paths = ["/var/lib/maddy"];
initialize = true;
passwordFile = config.age.secrets."restic-password".path;
# See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
repository = "rclone:cloud.pub.solar:/backups/Maddy";
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
};
};
}

View file

@ -1,16 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.initrd.luks.devices = {
cryptroot = {
@ -19,19 +24,19 @@
};
};
fileSystems."/" =
{ device = "zroot/root";
fsType = "zfs";
};
fileSystems."/" = {
device = "zroot/root";
fsType = "zfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/684A-5884";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/684A-5884";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/a7d1cbb8-7c9e-4c3d-841a-add867f47389"; }
];
swapDevices = [
{device = "/dev/disk/by-uuid/a7d1cbb8-7c9e-4c3d-841a-add867f47389";}
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

View file

@ -1,20 +0,0 @@
{
flake,
config,
pkgs,
lib,
...
}: {
security.acme.certs = {
"invoicing.b12f.io" = {};
};
services.nginx.virtualHosts = {
"invoicing.b12f.io" = {
forceSSL = true;
useACMEHost = "invoicing.b12f.io";
# This redirects to invoiceplane on pie
locations."/".proxyPass = "https://invoicing.b12f.io";
};
};
}

View file

@ -0,0 +1,17 @@
{
flake,
config,
pkgs,
lib,
...
}: {
security.acme.certs = {
"media.b12f.io" = {};
};
services.nginx.virtualHosts."media.b12f.io" = {
forceSSL = true;
useACMEHost = "media.b12f.io";
locations."/".proxyPass = "https://media.b12f.io";
};
}

View file

@ -8,6 +8,8 @@
networking.hostName = "frikandel";
networking.hostId = "44234773";
networking.nameservers = [
"10.13.12.7"
"fd00:b12f:acab:1312:acab:7::"
"193.110.81.0" #dns0.eu
"2a0f:fc80::" #dns0.eu
"185.253.5.0" #dns0.eu
@ -17,8 +19,18 @@
# Network configuration (Hetzner uses static IP assignments, and we don't use DHCP here)
networking.useDHCP = false;
networking.interfaces.enp1s0 = {
ipv4.addresses = [{ address = "128.140.109.213"; prefixLength = 32; }];
ipv6.addresses = [{ address = "2a01:4f8:c2c:b60::"; prefixLength = 64; }];
ipv4.addresses = [
{
address = "128.140.109.213";
prefixLength = 32;
}
];
ipv6.addresses = [
{
address = "2a01:4f8:c2c:b60::";
prefixLength = 64;
}
];
};
networking.defaultGateway = {
address = "172.31.1.1";
@ -29,5 +41,5 @@
interface = "enp1s0";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [80 443];
}

View file

@ -29,8 +29,8 @@
owner = "unbound";
};
networking.firewall.interfaces.wg-private.allowedUDPPorts = [ 53 ];
networking.firewall.interfaces.wg-private.allowedTCPPorts = [ 53 ];
networking.firewall.interfaces.wg-private.allowedUDPPorts = [53];
networking.firewall.interfaces.wg-private.allowedTCPPorts = [53];
services.resolved.enable = false;
services.unbound = {
@ -56,8 +56,15 @@
];
local-zone = [
"\"b12f.io\" transparent"
"\"pub.solar\" transparent"
];
local-data = [
"\"stroopwafel.b12f.io. 10800 IN A 10.13.12.5\""
"\"stroopwafel.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:5::\""
"\"chocolatebar.b12f.io. 10800 IN A 10.13.12.8\""
"\"chocolatebar.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:8::\""
"\"droppie.b12f.io. 10800 IN A 10.13.12.3\""
"\"droppie.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:3::\""
@ -90,6 +97,18 @@
"\"b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
"\"mail.b12f.io. 10800 IN A 10.13.12.7\""
"\"mail.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
"\"mezza.biz. 10800 IN A 10.13.12.7\""
"\"mezza.biz. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
"\"mail.mezza.biz. 10800 IN A 10.13.12.7\""
"\"mail.mezza.biz. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
"\"h${"w" + "dz" + "z.n"}et. 10800 IN A 10.13.12.7\""
"\"h${"w" + "dz" + "z.n"}et. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
"\"mail.h${"w" + "dz" + "z.n"}et. 10800 IN A 10.13.12.7\""
"\"mail.h${"w" + "dz" + "z.n"}et. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
"\"mezza.git.pub.solar. 10800 IN CNAME git.pub.solar\""
];
tls-cert-bundle = "/etc/ssl/certs/ca-certificates.crt";
@ -117,5 +136,4 @@
};
};
};
}

View file

@ -6,6 +6,7 @@
security.acme.certs = {
"benjaminbaedorf.eu" = {};
"b12f.io" = {};
"mezza.biz" = {};
};
services.nginx.virtualHosts = {
@ -25,5 +26,16 @@
tryFiles = "$uri $uri/ =404";
};
};
"mezza.biz" = {
forceSSL = true;
useACMEHost = "mezza.biz";
locations."/" = {
root = pkgs.mezza-biz;
index = "index.html";
tryFiles = "$uri $uri/ =404";
};
};
};
}

View file

@ -4,7 +4,8 @@
pkgs,
lib,
...
}: with lib; {
}:
with lib; {
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.wg-private.forwarding" = 1;
@ -16,10 +17,10 @@
enable = true;
enableIPv6 = true;
externalInterface = "enp1s0";
internalInterfaces = [ "wg-private" ];
internalInterfaces = ["wg-private"];
};
networking.firewall.allowedUDPPorts = [ 51899 ];
networking.firewall.allowedUDPPorts = [51899];
networking.firewall.extraForwardRules = [
"iifname { != wg-private } reject"
@ -27,7 +28,7 @@
];
systemd.services.wireguard-wg-private = {
after = [
wantedBy = [
"network.target"
"network-online.target"
"nss-lookup.target"
@ -44,7 +45,7 @@
};
};
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-frikandel-server.age";
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-frikandel.age";
# Enable WireGuard
networking.wireguard.interfaces = {
@ -57,7 +58,8 @@
];
privateKeyFile = config.age.secrets.wg-private-key.path;
peers = [
{ # pie
{
# pie
publicKey = "hPTXEqQ2GYEywdPNdZBacwB9KKcoFZ/heClxnqmizyw=";
allowedIPs = [
"10.13.12.2/32"
@ -66,7 +68,8 @@
persistentKeepalive = 30;
dynamicEndpointRefreshSeconds = 30;
}
{ # droppie
{
# droppie
publicKey = "qsnBMoj9Z16D8PJ5ummRtIfT5AiMpoF3SoOCo4sbyiw=";
allowedIPs = [
"10.13.12.3/32"
@ -75,7 +78,8 @@
persistentKeepalive = 30;
dynamicEndpointRefreshSeconds = 30;
}
{ # chocolatebar
{
# chocolatebar
publicKey = "nk8EtGE/QsnSEm1lhLS3/w83nOBD2OGYhODIf92G91A=";
allowedIPs = [
"10.13.12.5/32"
@ -84,7 +88,8 @@
persistentKeepalive = 30;
dynamicEndpointRefreshSeconds = 30;
}
{ # biolimo
{
# biolimo
publicKey = "4ymN7wwBuhF+h+5fFN0TqXmVyOe1AsWiTqRL0jJ3CDc=";
allowedIPs = [
"10.13.12.6/32"
@ -93,7 +98,8 @@
persistentKeepalive = 30;
dynamicEndpointRefreshSeconds = 30;
}
{ # stroopwafel
{
# stroopwafel
publicKey = "5iNRg13utOJ30pX2Z8SjwPNUFwfH2zonlbeYW2mKFkU=";
allowedIPs = [
"10.13.12.8/32"
@ -102,7 +108,8 @@
persistentKeepalive = 30;
dynamicEndpointRefreshSeconds = 30;
}
{ # fp3
{
# fp3
publicKey = "wQJXFibxhWkyUbRPrPt5y/YfDnH3gDQ5a/PWoyxDfDI=";
allowedIPs = [
"10.13.12.9/32"

View file

@ -4,6 +4,7 @@
...
}: {
isoImage.squashfsCompression = "gzip -Xcompression-level 1";
systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
systemd.services.sshd.wantedBy = lib.mkForce ["multi-user.target"];
networking.networkmanager.enable = false;
services.openssh.openFirewall = lib.mkForce true;
}

View file

@ -1,8 +1,12 @@
{ flake, pkgs, ... }: {
{
flake,
pkgs,
...
}: {
imports = [
./configuration.nix
./hardware-configuration.nix
((import "${flake.inputs.mobile-nixos}/lib/configuration.nix") { device = "pine64-pinephone"; })
((import "${flake.inputs.mobile-nixos}/lib/configuration.nix") {device = "pine64-pinephone";})
"${flake.inputs.mobile-nixos}/examples/phosh/phosh.nix"
];
}

View file

@ -1,6 +1,10 @@
# NOTE: this file was generated by the Mobile NixOS installer.
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/51a668b8-fa2e-4d3e-ac3f-73ca002d0004";

View file

@ -149,13 +149,12 @@ MAP_DEFAULT_ZOOM=6
#
# LDAP is no longer supported :(
#
AUTHENTICATION_GUARD=web
AUTHENTICATION_GUARD=remote_user_guard
#
# Remote user guard settings
#
AUTHENTICATION_GUARD_HEADER=REMOTE_USER
AUTHENTICATION_GUARD_EMAIL=
AUTHENTICATION_GUARD_HEADER=Remote-Email
#
# Firefly III supports webhooks. These are security sensitive and must be enabled manually first.

View file

@ -1,14 +1,22 @@
{
flake,
lib,
config,
pkgs,
flake,
...
}:
with lib; let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in {
disabledModules = [
"services/security/authelia.nix"
];
imports = [
"${flake.inputs.nixpkgs-master}/nixos/modules/services/security/authelia.nix"
];
age.secrets."authelia-storage-encryption-key" = {
file = "${flake.self}/secrets/authelia-storage-encryption-key.age";
mode = "400";
@ -27,6 +35,24 @@ in {
owner = "authelia-b12f";
};
age.secrets."authelia-oidc-issuer-private-key" = {
file = "${flake.self}/secrets/authelia-oidc-issuer-private-key.age";
mode = "400";
owner = "authelia-b12f";
};
age.secrets."authelia-oidc-hmac-secret" = {
file = "${flake.self}/secrets/authelia-oidc-hmac-secret.age";
mode = "400";
owner = "authelia-b12f";
};
age.secrets."authelia-jwks-private-key" = {
file = "${flake.self}/secrets/authelia-jwks-private-key.age";
mode = "400";
owner = "authelia-b12f";
};
age.secrets."authelia-users-file" = {
file = "${flake.self}/secrets/authelia-users-file.age";
mode = "400";
@ -47,10 +73,10 @@ in {
"auth.b12f.io" = {
forceSSL = true;
useACMEHost = "auth.b12f.io";
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}";
locations."/".proxyPass = "http://${config.services.authelia.instances.b12f.settings.server.address}";
locations."/".extraConfig = "include /etc/nginx/conf-available/proxy.conf;";
locations."/api/verify".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}";
locations."/api/authz".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}";
locations."/api/verify".proxyPass = "http://${config.services.authelia.instances.b12f.settings.server.address}";
locations."/api/authz".proxyPass = "http://${config.services.authelia.instances.b12f.settings.server.address}";
};
};
@ -61,6 +87,12 @@ in {
storageEncryptionKeyFile = config.age.secrets."authelia-storage-encryption-key".path;
sessionSecretFile = config.age.secrets."authelia-session-secret".path;
jwtSecretFile = config.age.secrets."authelia-jwt-secret".path;
oidcIssuerPrivateKeyFile = config.age.secrets."authelia-oidc-issuer-private-key".path;
oidcHmacSecretFile = config.age.secrets."authelia-oidc-hmac-secret".path;
};
environmentVariables = {
AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE = config.age.secrets."mail@b12f.io-password".path;
};
settings = {
@ -68,12 +100,12 @@ in {
default_2fa_method = "webauthn";
log.level = "debug";
server = {
port = 9092;
host = "127.0.0.1";
address = "127.0.0.1:9092";
endpoints.authz.auth-request.implementation = "AuthRequest";
};
authentication_backend = {
refresh_interval = "disable";
password_reset = { disable = true; };
password_reset.disable = true;
file = {
path = config.age.secrets."authelia-users-file".path;
watch = false;
@ -84,32 +116,61 @@ in {
totp.issuer = "auth.b12f.io";
storage.local.path = "/var/lib/authelia-b12f/db.sqlite3";
access_control.default_policy = "two_factor";
session = {
domain = "auth.b12f.io";
# authelia_url = "https://auth.b12f.io";
};
notifier.disable_startup_check = true;
session.cookies = [
{
domain = "b12f.io";
authelia_url = "https://auth.b12f.io";
}
];
notifier.smtp = {
host = "mail.b12f.io";
port = 587;
address = "submission://mail.b12f.io:587";
username = "mail@b12f.io";
sender = "auth.b12f.io <mail@b12f.io>";
identifier = "auth@b12f.io";
subject = "[auth.b12f.io] {title}";
};
identity_providers.oidc = {
authorization_policies = {
admins = {
default_policy = "deny";
rules = [{
policy = "two_factor";
subject = "group:admins";
}];
};
};
clients = [
{
client_id = "jellyfin";
client_secret = "$pbkdf2-sha512$310000$koY0g1AqL.fEeQUJcE48SA$b9G4p7qquc6M9rSTnR.Ac3Le9KS25zbTN0aNiXT4sxag7Kstu4Pt66/sVlAh3lIS4CGjLcPA2GvjhXnapC.ziQ";
public = false;
authorization_policy = "admins";
require_pkce = true;
pkce_challenge_method = "S256";
redirect_uris = [ "https://media.b12f.io/sso/OID/redirect/authelia" ];
scopes = [
"openid"
"profile"
"groups"
];
userinfo_signed_response_alg = "none";
token_endpoint_auth_method = "client_secret_post";
}
];
};
};
};
systemd.services.authelia-b12f.environment.AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE = config.age.secrets."mail@b12f.io-password".path;
systemd.services.authelia-b12f.preStart = "env";
services.restic.backups = {
authelia = {
paths = [ "/var/lib/authelia-b12f" ];
paths = ["/var/lib/authelia-b12f"];
initialize = true;
passwordFile = config.age.secrets."restic-password".path;
# See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
repository = "rclone:cloud.pub.solar:/backups/Authelia";
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
};
};
}

View file

@ -8,8 +8,8 @@
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in {
age.secrets."rclone-pie.conf" = {
file = "${flake.self}/secrets/rclone-pie.conf.age";
age.secrets."rclone-pubsolar.conf" = {
file = "${flake.self}/secrets/rclone-pubsolar.conf.age";
path = "/root/.config/rclone/rclone.conf";
mode = "400";
};

View file

@ -20,8 +20,7 @@ in {
boot.loader.systemd-boot.enable = false;
boot.loader.generic-extlinux-compatible.enable = false;
boot.supportedFilesystems = [ "zfs" ];
boot.kernelPackages = pkgs.linuxPackages_6_1_hardened;
boot.supportedFilesystems = ["zfs"];
boot.kernelParams = [
"boot.shell_on_fail=1"
@ -29,7 +28,7 @@ in {
"ip=127.0.0.1:::::lo:none"
];
# See https://discourse.nixos.org/t/ssh-and-network-in-initrd-on-raspberry-pi-4/6289/3
boot.initrd.availableKernelModules = [ "genet" ];
boot.initrd.availableKernelModules = ["genet"];
boot.initrd.network = {
enable = true;
ssh = {
@ -51,6 +50,10 @@ in {
'';
};
# Ran into this
# https://discourse.nixos.org/t/logrotate-config-fails-due-to-missing-group-30000/28501
services.logrotate.checkConfig = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave

View file

@ -1,6 +1,9 @@
{ pkgs, adblock-unbound, ... }:
{
networking.firewall.allowedUDPPorts = [ 67 547 ];
pkgs,
adblock-unbound,
...
}: {
networking.firewall.allowedUDPPorts = [67 547];
networking.firewall.extraInputRules = ''
ip6 daddr ff02::1:2/128 udp dport 547 accept comment "DHCPv6 server"
'';
@ -30,7 +33,7 @@
{
subnet = "192.168.178.0/24";
pools = [
{ pool = "192.168.178.2 - 192.168.178.255"; }
{pool = "192.168.178.2 - 192.168.178.255";}
];
option-data = [
@ -100,19 +103,19 @@
subnet = "2a02:908:5b1:e3c0::/64";
pools = [
{ pool = "2a02:908:5b1:e3c0::/72"; }
{pool = "2a02:908:5b1:e3c0::/72";}
];
ddns-qualifying-suffix = "local.";
option-data = [
{
name = "dns-servers";
data = "2a02:908:5b1:e3c0:2::";
name = "dns-servers";
data = "2a02:908:5b1:e3c0:2::";
}
{
name = "domain-search";
data = "local";
name = "domain-search";
data = "local";
}
];

View file

@ -39,6 +39,8 @@ in {
forceSSL = true;
useACMEHost = "firefly.b12f.io";
extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;";
# Make api calls skip the nginx proxy auth
locations."/api/v1".proxyPass = "http://127.0.0.1:8080";
locations."/".proxyPass = "http://127.0.0.1:8080";
locations."/".extraConfig = ''
include /etc/nginx/conf-available/proxy.conf;
@ -78,14 +80,14 @@ in {
volumes = [
"/var/lib/firefly/upload:/var/www/html/storage/upload"
];
extraOptions = [ "--network=firefly" ];
extraOptions = ["--network=firefly"];
environmentFiles = [
./.env.firefly
config.age.secrets."firefly-secrets.env".path
config.age.secrets."firefly-cron-secrets.env".path
];
ports = [ "127.0.0.1:8080:8080" ];
dependsOn = [ "firefly-db" ];
ports = ["127.0.0.1:8080:8080"];
dependsOn = ["firefly-db"];
};
containers."firefly-db" = {
@ -94,7 +96,7 @@ in {
volumes = [
"/var/lib/firefly/db:/var/lib/postgresql/data"
];
extraOptions = [ "--network=firefly" ];
extraOptions = ["--network=firefly"];
environmentFiles = [
config.age.secrets."firefly-db-secrets.env".path
];
@ -103,8 +105,8 @@ in {
containers."firefly-importer" = {
image = "fireflyiii/data-importer:latest";
autoStart = true;
extraOptions = [ "--network=firefly" ];
ports = [ "127.0.0.1:8081:8080" ];
extraOptions = ["--network=firefly"];
ports = ["127.0.0.1:8081:8080"];
environment = {
FIREFLY_III_URL = "https://firefly.b12f.io";
};
@ -112,7 +114,7 @@ in {
./.env.firefly-importer
config.age.secrets."firefly-importer-secrets.env".path
];
dependsOn = [ "firefly" ];
dependsOn = ["firefly"];
};
containers."firefly-cron" = {
@ -126,7 +128,7 @@ in {
environmentFiles = [
config.age.secrets."firefly-cron-secrets.env".path
];
extraOptions = [ "--network=firefly" ];
extraOptions = ["--network=firefly"];
};
};
};
@ -148,7 +150,7 @@ in {
backupPrepareCommand = ''
${pkgs.docker-client}/bin/docker exec -t firefly-db pg_dumpall -c -U firefly > "${backupDir}/postgres.sql"
'';
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
};
};
}

View file

@ -1,18 +1,22 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "uas" "usb_storage" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.supportedFilesystems = [ "zfs" ];
boot.initrd.availableKernelModules = ["xhci_pci" "usbhid" "uas" "usb_storage"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.supportedFilesystems = ["zfs"];
boot.initrd.luks.devices = {
cryptroot = {
@ -21,20 +25,19 @@
};
};
fileSystems."/" =
{ device = "zroot/root";
fsType = "zfs";
};
fileSystems."/" = {
device = "zroot/root";
fsType = "zfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/0D5D-B809";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/af71e930-42ce-4174-a098-4ea5753b1ea9"; }
];
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/0D5D-B809";
fsType = "vfat";
};
swapDevices = [
{device = "/dev/disk/by-uuid/af71e930-42ce-4174-a098-4ea5753b1ea9";}
];
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";

View file

@ -28,11 +28,6 @@ in {
"invoicing.b12f.io" = {
forceSSL = true;
useACMEHost = "invoicing.b12f.io";
extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;";
locations."/".extraConfig = ''
include /etc/nginx/conf-available/proxy.conf;
include /etc/nginx/conf-available/authelia-authrequest.conf;
'';
};
};
@ -49,6 +44,8 @@ in {
createLocally = false;
};
invoiceTemplates = [pkgs.invoiceplane-template];
extraConfig = ''
SETUP_COMPLETED=true
DISABLE_SETUP=true
@ -75,7 +72,7 @@ in {
containers."invoiceplane-db" = {
image = "mariadb:11";
autoStart = true;
ports = [ "127.0.0.1:3306:3306" ];
ports = ["127.0.0.1:3306:3306"];
volumes = [
"/var/lib/invoiceplane/db:/var/lib/mysql"
];
@ -104,7 +101,7 @@ in {
PW=$(cat ${config.age.secrets."invoiceplane-db-password".path})
${pkgs.docker-client}/bin/docker exec -t invoiceplane-db mariadb-dump --all-databases --password=$PW --user=invoiceplane > "${backupDir}/postgres.sql"
'';
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
};
};
}

View file

@ -15,16 +15,25 @@
networking.interfaces.enabcm6e4ei0 = {
ipv4.addresses = [
{ address = "192.168.178.2"; prefixLength = 32; }
{
address = "192.168.178.2";
prefixLength = 32;
}
];
ipv6.addresses = [
{ address = "2a02:908:5b1:e3c0:2::"; prefixLength = 128; }
{ address = "fe80:b12f:acab:1312:acab:2::"; prefixLength = 128; }
{
address = "2a02:908:5b1:e3c0:2::";
prefixLength = 128;
}
{
address = "fe80:b12f:acab:1312:acab:2::";
prefixLength = 128;
}
];
};
networking.hosts = {
"192.168.178.3" = [ "droppie-initrd.b12f.io" ];
"192.168.178.3" = ["droppie-initrd.b12f.io"];
};
services.openssh.allowSFTP = true;

View file

@ -13,34 +13,41 @@ with lib; let
backupDir = "/var/lib/PaperlessBackup";
consumptionDir = "/var/lib/scandir";
scan2paperless = with pkgs; writeShellScriptBin "scan2paperless" ''
DEVICE=$1
NUM_PAGES=$2
NAME=$3
scan2paperless = with pkgs;
writeShellScriptBin "scan2paperless" ''
DEVICE=$1
NUM_PAGES=$2
NAME=$3
if [ -z "''${DEVICE}" ] || [ -z "''${NUM_PAGES}" ] || [ -z "''${NAME}" ]; then
echo "Usage: scan2paperless <device> <num_pages> <name>"
exit 1
fi
if [ -z "''${DEVICE}" ] || [ -z "''${NUM_PAGES}" ] || [ -z "''${NAME}" ]; then
echo "Usage: scan2paperless <device> <num_pages> <name>"
exit 1
fi
tmpDir=$(${coreutils}/bin/mktemp -d)
files=()
tmpDir=$(${coreutils}/bin/mktemp -d)
files=()
for i in $(seq 1 $NUM_PAGES); do
fileName=$(${openssl}/bin/openssl rand -hex 12)
file="$tmpDir/$fileName.jpg"
echo "Start scanning page $i/$NUM_PAGES";
${sane-backends}/bin/scanimage -d $DEVICE --format=jpeg --resolution 300 --progress -o $file
echo "Finished scanning page $i";
files+=($file)
done
for i in $(seq 1 $NUM_PAGES); do
fileName=$(${openssl}/bin/openssl rand -hex 12)
file="$tmpDir/$fileName.jpg"
echo "Start scanning page $i/$NUM_PAGES";
${sane-backends}/bin/scanimage -d $DEVICE --format=jpeg --resolution 300 --progress -o $file
echo "Finished scanning page $i";
files+=($file)
done
pdf="${consumptionDir}/$NAME.pdf"
${python3Packages.img2pdf}/bin/img2pdf --output $pdf ''${files[@]}
pdf="${consumptionDir}/$NAME.pdf"
${python3Packages.img2pdf}/bin/img2pdf --output $pdf ''${files[@]}
echo "PDF written to $pdf"
'';
echo "PDF written to $pdf"
'';
in {
age.secrets."paperless.env" = {
file = "${flake.self}/secrets/paperless.env.age";
mode = "400";
owner = "paperless";
};
#################################
# Paperless service and proxy
#################################
@ -59,7 +66,7 @@ in {
include /etc/nginx/conf-available/proxy.conf;
include /etc/nginx/conf-available/authelia-authrequest.conf;
'';
};
};
};
services.paperless = {
@ -67,14 +74,17 @@ in {
consumptionDir = consumptionDir;
dataDir = dataDir;
address = "127.0.0.1";
extraConfig = {
settings = {
PAPERLESS_OCR_LANGUAGE = "nld+deu";
PAPERLESS_URL = "https://paperless.b12f.io";
PAPERLESS_DISABLE_REGULAR_LOGIN = "True";
PAPERLESS_ENABLE_HTTP_REMOTE_USER = "True";
PAPERLESS_EMAIL_TASK_CRON = "*/2 * * * *";
};
};
systemd.services.paperless-web.serviceConfig.EnvironmentFile = [config.age.secrets."paperless.env".path];
#################################
# Scanning
#################################
@ -111,7 +121,7 @@ in {
services.cron = {
enable = true;
systemCronJobs = [
"30 1 * * * paperless ${pkgs.fetch-hostingde-invoices}/bin/fetch-hostingde-invoices '${config.age.secrets."hosting-de-invoice-sync-api-key".path}' '${consumptionDir}'"
"30 1 * * * paperless ${pkgs.fetch-hostingde-invoices}/bin/fetch-hostingde-invoices '${config.age.secrets."hosting-de-invoice-sync-api-key".path}' '${consumptionDir}' /var/lib/fetch-hostingde-invoices/ids"
];
};
@ -124,11 +134,11 @@ in {
"d '${backupDir}' 0700 paperless users - -"
"d '${consumptionDir}' 0700 paperless users - -"
"d /tmp/paperless 0700 paperless users - -"
"d /var/lib/fetch-hostingde-invoices 0700 paperless users - -"
];
age.secrets."rclone-pie.conf" = {
file = "${flake.self}/secrets/rclone-pie.conf.age";
path = "/root/.config/rclone/rclone.conf";
age.secrets."rclone-pubsolar.conf" = {
file = "${flake.self}/secrets/rclone-pubsolar.conf.age";
mode = "400";
};
@ -139,13 +149,16 @@ in {
services.restic.backups = {
paperless = {
paths = [ backupDir ];
paths = [
backupDir
"/var/lib/fetch-hostingde-invoices"
];
initialize = true;
passwordFile = config.age.secrets."restic-password".path;
# See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
repository = "rclone:cloud.pub.solar:/backups/Paperless";
backupPrepareCommand = "${dataDir}/paperless-manage document_exporter ${backupDir} -c -p";
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
};
};
}

View file

@ -29,8 +29,8 @@
owner = "unbound";
};
networking.firewall.allowedUDPPorts = [ 53 ];
networking.firewall.allowedTCPPorts = [ 53 ];
networking.firewall.allowedUDPPorts = [53];
networking.firewall.allowedTCPPorts = [53];
services.resolved.enable = false;
services.unbound = {
@ -45,17 +45,17 @@
"::1"
"192.168.178.2"
"2a02:908:5b1:e3c0:2::"
"fd00:b12f:acab:1312:acab:2::"
];
access-control = [
"127.0.0.1/32 allow"
# Allow from local network
"192.168.178.0/24 allow"
"2a02:908:5b1:e3c0::/64 allow"
"fd00:b12f:acab:1312:acab::/64 allow"
# Allow from wireguard
"10.13.12.0/24 allow"
"192.168.178.0/24 allow"
"fd00:b12f:acab:1312::/64 allow"
];
local-zone = [
@ -66,7 +66,16 @@
"\"brwb8763f64a364.local. 10800 IN A 192.168.178.4\""
"\"pie.local. 10800 IN A 192.168.178.2\""
"\"pie.local. 10800 IN AAAA 2a02:908:5b1:e3c0:2::\""
"\"pie.local. 10800 IN AAAA fd00:b12f:acab:1312:acab:2::\""
"\"pie.b12f.io. 10800 IN A 192.168.178.2\""
"\"firefly.b12f.io. 10800 IN A 192.168.178.2\""
"\"firefly-importer.b12f.io. 10800 IN A 192.168.178.2\""
"\"paperless.b12f.io. 10800 IN A 192.168.178.2\""
"\"invoicing.b12f.io. 10800 IN A 192.168.178.2\""
"\"auth.b12f.io. 10800 IN A 192.168.178.2\""
"\"droppie.b12f.io. 10800 IN A 192.168.178.3\""
"\"media.b12f.io. 10800 IN A 192.168.178.3\""
"\"fritz.box. 10800 IN A 192.168.178.1\""
"\"fritz.box. 10800 IN AAAA fd00::3ea6:2fff:fe57:30b0\""
@ -79,7 +88,7 @@
{
name = ".";
forward-addr = [
"10.13.12.7"
"192.168.178.7"
"fd00:b12f:acab:1312:acab:7::"
];
}
@ -94,5 +103,4 @@
};
};
};
}

View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
services.cron = {
enable = true;
systemCronJobs = [

View file

@ -1,19 +0,0 @@
# Touchpad controls
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
# Screen brightness controls
bindsym XF86MonBrightnessUp exec "brightnessctl -d amdgpu_bl0 set +10%; notify-send $(brightnessctl -d amdgpu_bl0 i | awk '/Current/ {print $4}')"
bindsym XF86MonBrightnessDown exec "brightnessctl -d amdgpu_bl0 set 10%-; notify-send $(brightnessctl -d amdgpu_bl0 i | awk '/Current/ { print $4}')"
# Keyboard backlight brightness controls
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
# Pulse Audio controls
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
# Media player controls
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"

View file

@ -17,9 +17,9 @@ in {
boot.initrd.preLVMCommands = "udevadm trigger --settle";
boot.swraid.enable = true;
boot.swraid.mdadmConf = ''
DEVICE /dev/nvme0n1p2 /dev/nvme1n1p2
ARRAY /dev/md/nixos:root metadata=1.2 name=nixos:root UUID=67d1aa81:1b348887:c17a75e8:f2edf2bd
MAILADDR ${psCfg.user.email}
DEVICE /dev/nvme0n1p2 /dev/nvme1n1p2
ARRAY /dev/md/nixos:root metadata=1.2 name=nixos:root UUID=67d1aa81:1b348887:c17a75e8:f2edf2bd
MAILADDR ${psCfg.user.email}
'';
pub-solar.core.hibernation.enable = true;
@ -32,7 +32,6 @@ MAILADDR ${psCfg.user.email}
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
};
};

View file

@ -1,4 +1,4 @@
{ ... }: {
{...}: {
imports = [
./configuration.nix
./hardware-configuration.nix

View file

@ -1,55 +1,59 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.initrd.luks.devices."cryptroot" = {
device = "/dev/disk/by-id/md-name-nixos:root";
allowDiscards = true;
};
fileSystems."/" =
{ device = "none";
fsType = "tmpfs";
};
fileSystems."/" = {
device = "none";
fsType = "tmpfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/EC82-67F4";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/EC82-67F4";
fsType = "vfat";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/0cc568f0-402d-4535-980a-ed3a1dc697b9";
fsType = "ext4";
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
neededForBoot = true;
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/0cc568f0-402d-4535-980a-ed3a1dc697b9";
fsType = "ext4";
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
neededForBoot = true;
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/e203d629-4d34-4147-bee6-919f0bfa25de";
fsType = "ext4";
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/e203d629-4d34-4147-bee6-919f0bfa25de";
fsType = "ext4";
};
fileSystems."/persist" =
{ device = "/dev/disk/by-uuid/a0855aaa-76bf-445e-b0d1-ab1552e5496f";
fsType = "ext4";
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
neededForBoot = true;
};
fileSystems."/persist" = {
device = "/dev/disk/by-uuid/a0855aaa-76bf-445e-b0d1-ab1552e5496f";
fsType = "ext4";
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
neededForBoot = true;
};
swapDevices =
[ { device = "/dev/disk/by-uuid/761507ab-479d-414b-ac3e-2149564ca470"; }
];
swapDevices = [
{device = "/dev/disk/by-uuid/761507ab-479d-414b-ac3e-2149564ca470";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

View file

@ -6,7 +6,7 @@
...
}: {
networking.hostName = "stroopwafel";
networking.networkmanager.wifi.backend = "wpa_supplicant";
networking.wireless.iwd.enable = true;
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-stroopwafel.age";
@ -41,4 +41,23 @@
];
privateKeyFile = config.age.secrets.wg-pub-solar-key.path;
};
age.secrets.wg-momo-key.file = "${flake.self}/secrets/wg-momo-stroopwafel.age";
pub-solar.wireguard.momo = {
ownIPs = [
"10.30.30.200/32"
"fd00:3030:3030:3030:3030:200::/96"
];
privateKeyFile = config.age.secrets.wg-momo-key.path;
};
age.secrets.wg-ehex-key.file = "${flake.self}/secrets/wg-ehex-stroopwafel.age";
pub-solar.wireguard.ehex = {
ownIPs = [
"10.42.0.135/22"
];
privateKeyFile = config.age.secrets.wg-ehex-key.path;
};
}

View file

@ -6,7 +6,7 @@
...
}: {
services.openstreetmap = {
enable = false;
enable = true;
debug = true;
totalRamGb = 14;
};

View file

@ -1,5 +1,4 @@
{ lib }:
hostnames: {
{lib}: hostnames: {
"127.0.0.1" = hostnames;
"::1" = hostnames;
}

View file

@ -1,4 +1,8 @@
{ lib, inputs, ... }: {
{
lib,
inputs,
...
}: {
# Configuration common to all Linux systems
flake = {
lib = let
@ -10,7 +14,7 @@
#foo = callLibs ./foo.nix;
## In configs, they can be used under "lib.our"
deploy = import ./deploy.nix { inherit inputs lib; };
deploy = import ./deploy.nix {inherit inputs lib;};
addLocalHostname = callLibs ./add-local-hostname.nix;
recursiveMerge = callLibs ./recursive-merge.nix;
mkEmailAddress = account: domain: account + "@" + domain;

View file

@ -1,11 +1,13 @@
/*
* The contents of this file are adapted from digga
* https://github.com/divnix/digga
*
* Licensed under the MIT license
*/
{ lib, inputs }: let
* The contents of this file are adapted from digga
* https://github.com/divnix/digga
*
* Licensed under the MIT license
*/
{
lib,
inputs,
}: let
getFqdn = c: let
net = c.config.networking;
fqdn =
@ -17,43 +19,60 @@
in {
mkDeployNodes = systemConfigurations: extraConfig:
/*
*
Synopsis: mkNodes _systemConfigurations_ _extraConfig_
*
Synopsis: mkNodes _systemConfigurations_ _extraConfig_
Generate the `nodes` attribute expected by deploy-rs
where _systemConfigurations_ are `nodes`.
Generate the `nodes` attribute expected by deploy-rs
where _systemConfigurations_ are `nodes`.
_systemConfigurations_ should take the form of a flake's
_nixosConfigurations_. Note that deploy-rs does not currently support
deploying to darwin hosts.
_systemConfigurations_ should take the form of a flake's
_nixosConfigurations_. Note that deploy-rs does not currently support
deploying to darwin hosts.
_extraConfig_, if specified, will be merged into each of the
nodes' configurations.
_extraConfig_, if specified, will be merged into each of the
nodes' configurations.
Example _systemConfigurations_ input:
Example _systemConfigurations_ input:
```
{
hostname-1 = {
fastConnection = true;
sshOpts = [ "-p" "25" ];
};
hostname-2 = {
sshOpts = [ "-p" "19999" ];
sshUser = "root";
};
}
```
*
*/
```
{
hostname-1 = {
fastConnection = true;
sshOpts = [ "-p" "25" ];
};
hostname-2 = {
sshOpts = [ "-p" "19999" ];
sshUser = "root";
};
}
```
*
*/
lib.recursiveUpdate
(lib.mapAttrs
(
_: c: {
_: c: let
system = c.pkgs.stdenv.hostPlatform.system;
# Unmodified nixpkgs
pkgs = import inputs.nixpkgs {inherit system;};
# nixpkgs with deploy-rs overlay but force the nixpkgs package
deployPkgs = import inputs.nixpkgs {
inherit system;
overlays = [
inputs.deploy-rs.overlay # or deploy-rs.overlays.default
(self: super: {
deploy-rs = {
inherit (pkgs) deploy-rs;
lib = super.deploy-rs.lib;
};
})
];
};
in {
hostname = getFqdn c;
profiles.system = {
user = "root";
path = inputs.deploy-rs.lib.${c.pkgs.stdenv.hostPlatform.system}.activate.nixos c;
path = deployPkgs.deploy-rs.lib.activate.nixos c;
};
}
)

View file

@ -1,6 +1,4 @@
{ lib }:
attrList:
let
{lib}: attrList: let
f = attrPath:
zipAttrsWith (
n: values:
@ -13,4 +11,4 @@ let
else last values
);
in
f [] attrList;
f [] attrList

View file

@ -20,7 +20,6 @@ in {
# Needed for pactl cmd, until pw-cli is more mature (vol up/down hotkeys?)
pulseaudio
vimpc
spotify-tui
];
};

View file

@ -23,6 +23,18 @@
};
services.blueman.enable = true;
home-manager.users."${config.pub-solar.user.name}" = {
services.blueman-applet.enable = true;
systemd.user.services.blueman-applet = {
Unit = {
BindsTo = ["sway-session.target"];
After = lib.mkForce ["sway-session.target"];
Requires = lib.mkForce [ ];
};
Install.WantedBy = [ "sway-session.target" ];
};
};
environment.etc."wireplumber/bluetooth.lua.d/51-bluez-config.lua" = {
text = ''
bluez_monitor.properties = {

View file

@ -12,7 +12,7 @@ in {
loader.systemd-boot.enable = lib.mkDefault true;
# Use latest LTS linux kernel by default
kernelPackages = lib.mkDefault pkgs.linuxPackages_6_7_hardened;
kernelPackages = pkgs.linuxPackages_6_6_hardened;
# Support ntfs drives
supportedFilesystems = ["ntfs"];

View file

@ -10,8 +10,8 @@
systemd.services.systemd-networkd-wait-online.enable = lib.mkDefault false;
networking.hosts = {
"128.140.109.213" = [ "vpn.b12f.io" ];
"2a01:4f8:c2c:b60::" = [ "vpn.b12f.io" ];
"128.140.109.213" = [ "vpn.b12f.io" "frikandel-initrd.b12f.io" ];
"2a01:4f8:c2c:b60::" = [ "vpn.b12f.io" "frikandel-initrd.b12f.io" ];
};
networking.networkmanager = {
@ -38,7 +38,7 @@
};
# Don't expose SSH via public interfaces
networking.firewall.interfaces.wg-private.allowedTCPPorts = [ 22 ];
networking.firewall.interfaces.wg-private.allowedTCPPorts = [22];
# For rage encryption, all hosts need a ssh key pair
services.openssh = {

View file

@ -24,7 +24,7 @@ in {
enable = true;
enableSSHSupport = true;
enableExtraSocket = true;
pinentryFlavor = "gnome3";
pinentryPackage = pkgs.pinentry-gnome3;
};
home-manager.users."${psCfg.user.name}" = {

View file

@ -29,13 +29,6 @@ in {
element-desktop
element-b12f
element-mezza
# Nix specific utilities
alejandra
manix
nix-index
nix-tree
nvd
];
fonts = {

View file

@ -1,15 +0,0 @@
# This file is written by xdg-user-dirs-update
# If you want to change or add directories, just edit the line you're
# interested in. All local changes will be retained on the next run.
# Format is XDG_xxx_DIR="$HOME/yyy", where yyy is a shell-escaped
# homedir-relative path, or XDG_xxx_DIR="/yyy", where /yyy is an
# absolute path. No other format is supported.
XDG_DESKTOP_DIR="$HOME/"
XDG_DOWNLOAD_DIR="$HOME/Downloads"
XDG_TEMPLATES_DIR="$HOME/Templates"
XDG_PUBLICSHARE_DIR="$HOME/Public"
XDG_DOCUMENTS_DIR="$HOME/"
XDG_MUSIC_DIR="$HOME/"
XDG_PICTURES_DIR="$HOME/"
XDG_VIDEOS_DIR="$HOME/"

View file

@ -1,20 +1,3 @@
@define-color base00 #1a181a;
@define-color base01 #2d2a2e;
@define-color base02 #303030;
@define-color base03 #949494;
@define-color base04 #d3d1d4;
@define-color base05 #e3e1e4;
@define-color base06 #303030;
@define-color base07 #ff5f5f;
@define-color base08 #f85e84;
@define-color base09 #df5923;
@define-color base0A #e5c463;
@define-color base0B #9ecd6f;
@define-color base0C #ef9062;
@define-color base0D #7accd7;
@define-color base0E #ab9df2;
@define-color base0F #d70000;
* {
min-height: 0;
border: none;

View file

@ -1,18 +0,0 @@
Gtk/ButtonImages 1
Gtk/CanChangeAccels 1
Gtk/CursorThemeName "default"
Gtk/CursorThemeSize 0
Gtk/EnableEventSounds 0
Gtk/EnableInputFeedbackSounds 0
Gtk/FontName "Lato"
Gtk/ThemeName "Matcha-dark-aliz"
Gtk/IconThemeName "Papirus-Adapta-Nokto-Maia"
Gtk/MenuBarAccel "F10"
Gtk/MenuImages 1
Gtk/ToolbarIconSize 3
Gtk/ToolbarStyle "icons"
Xft/Antialias 1
Xft/DPI 102400
Xft/Hinting 1
Xft/HintStyle "hintslight"
Xft/RGBA "rgb"

View file

@ -9,8 +9,6 @@ usermodmap=$HOME/.config/xmodmap
sysresources=/etc/X11/xinit/.Xresources
sysmodmap=/etc/X11/xinit/.Xmodmap
DEFAULT_SESSION='i3 --shmlog-size 0'
xset -b
if [ -d $HOME/.fonts ]; then
@ -48,23 +46,8 @@ fi
get_session(){
local dbus_args=(--sh-syntax --exit-with-session)
case $1 in
awesome) dbus_args+=(awesome) ;;
bspwm) dbus_args+=(bspwm-session) ;;
budgie) dbus_args+=(budgie-desktop) ;;
cinnamon) dbus_args+=(cinnamon-session) ;;
deepin) dbus_args+=(startdde) ;;
enlightenment) dbus_args+=(enlightenment_start) ;;
fluxbox) dbus_args+=(startfluxbox) ;;
gnome) dbus_args+=(gnome-session) ;;
i3|i3wm) dbus_args+=(i3 --shmlog-size 0) ;;
jwm) dbus_args+=(jwm) ;;
kde) dbus_args+=(startkde) ;;
lxde) dbus_args+=(startlxde) ;;
lxqt) dbus_args+=(lxqt-session) ;;
mate) dbus_args+=(mate-session) ;;
xfce) dbus_args+=(xfce4-session) ;;
openbox) dbus_args+=(openbox-session) ;;
*) dbus_args+=($DEFAULT_SESSION) ;;
*) dbus_args+=(sway) ;;
esac
echo "dbus-launch ${dbus_args[*]}"

View file

@ -1,6 +1,6 @@
{
{ flake, ...}: with flake.self.theme.with0x; {
env = {
TERM = "xterm-256color";
TERM = "xterm-direct";
};
window = {
@ -30,9 +30,6 @@
multiplier = 3;
};
# When true, bold text is drawn using the bright variant of colors.
draw_bold_text_with_bright_colors = true;
font = {
# The normal (roman) font face to use.
normal = {
@ -68,7 +65,7 @@
};
};
key_bindings = [
keyboard.bindings = [
{
key = "V";
mods = "Control|Alt";
@ -162,10 +159,13 @@
# Base16 Burn 256 - alacritty color config
# Benjamin Bädorf
colors = {
# When true, bold text is drawn using the bright variant of colors.
draw_bold_text_with_bright_colors = true;
# Default colors
primary = {
background = "0x1a181a";
foreground = "0xe3e1e4";
background = base00;
foreground = base05;
};
# Cursor colors
@ -184,8 +184,8 @@
# Allowed values are CellForeground/CellBackground, which reference the
# affected cell, or hexadecimal colors like #ff00ff.
matches = {
foreground = "0xe5c463";
background = "0x1a181a";
foreground = base0A;
background = base00;
};
focused_match = {
foreground = "CellBackground";
@ -203,58 +203,58 @@
# Allowed values are CellForeground/CellBackground, which reference the
# affected cell, or hexadecimal colors like #ff00ff.
selection = {
text = "0x1a181a";
background = "0xf85e84";
text = base00;
background = base08;
};
# Normal colors
normal = {
black = "0x1a181a";
red = "0xf85e84";
green = "0x9ecd6f";
yellow = "0xe5c463";
blue = "0x7accd7";
magenta = "0xab9df2";
cyan = "0xef9062";
white = "0xe3e1e4";
black = base00;
red = base09;
green = base0B;
yellow = base0A;
blue = base0D;
magenta = base0E;
cyan = base0C;
white = base05;
};
# Bright colors
bright = {
black = "0x949494";
red = "0xf85e84";
green = "0x9ecd6f";
yellow = "0xe5c463";
blue = "0x7accd7";
magenta = "0xab9df2";
cyan = "0xef9062";
white = "0xff5f5f";
black = base00;
red = base0F;
green = base0B;
yellow = base0A;
blue = base0D;
magenta = base0E;
cyan = base0C;
white = base05;
};
indexed_colors = [
{
index = 16;
color = "0xdf5923";
color = base09;
}
{
index = 17;
color = "0xd70000";
color = base0F;
}
{
index = 18;
color = "0x2d2a2e";
color = base01;
}
{
index = 19;
color = "0x303030";
color = base02;
}
{
index = 20;
color = "0xd3d1d4";
color = base04;
}
{
index = 21;
color = "0x303030";
color = base02;
}
];
};

View file

@ -1,4 +1,4 @@
{
args@{
lib,
config,
pkgs,
@ -6,7 +6,7 @@
}:
with lib; let
psCfg = config.pub-solar;
yamlFormat = pkgs.formats.yaml {};
tomlFormat = pkgs.formats.toml {};
sessionVariables = {
WLR_RENDERER =
if psCfg.graphical.wayland.software-renderer.enable
@ -45,26 +45,16 @@ in {
glib
xdg-utils
];
xorg.xbacklight
etc = {
"xdg/PubSolar.conf".text = ''
[Qt]
style=GTK+
'';
};
desktop-file-utils
];
variables = sessionVariables;
};
services.getty.autologinUser = psCfg.user.name;
qt = {
enable = true;
platformTheme = "gtk2";
style = "gtk2";
};
# Required for running Gnome apps outside the Gnome DE, see https://nixos.wiki/wiki/GNOME#Running_GNOME_programs_outside_of_GNOME
programs.dconf.enable = true;
services.udev.packages = with pkgs; [gnome3.gnome-settings-daemon];
@ -92,31 +82,45 @@ in {
users.users."${psCfg.user.name}".packages = with pkgs; [
alacritty
firefox-wayland
flameshot
gnome.adwaita-icon-theme
gnome.eog
gnome.nautilus
gnome.seahorse
gnome.yelp
hicolor-icon-theme
keepassxc
libnotify
toggle-kbd-layout
vlc
wcwd
wdisplays
wl-mirror
];
qt = {
enable = true;
platformTheme = "gtk2";
style = "gtk2";
};
home-manager.users."${psCfg.user.name}" = {
home.file."xinitrc".source = ./.xinitrc;
xdg.configFile."alacritty/alacritty.yml".source = yamlFormat.generate "alacritty.yml" (import ./alacritty.nix);
xdg.configFile."alacritty/alacritty.toml".source = tomlFormat.generate "alacritty.toml" ((import ./alacritty.nix) args);
xdg.configFile."xmodmap".source = ./.config/xmodmap;
xdg.configFile."user-dirs.dirs".source = ./.config/user-dirs.dirs;
xdg.configFile."user-dirs.locale".source = ./.config/user-dirs.locale;
xdg.configFile."xsettingsd/xsettingsd.conf".source = ./.config/xsettingsd/xsettingsd.conf;
xdg.configFile."libinput-gestures.conf".source = ./.config/libinput-gestures.conf;
xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;
programs.firefox = {
enable = true;
package = pkgs.firefox-wayland;
};
dconf.settings = {
"org/gnome/desktop/interface" = {
color-scheme = "prefer-dark";
};
};
gtk = {
enable = true;
font.name = "Lato";
@ -134,13 +138,21 @@ in {
gtk-xft-hinting = "1";
gtk-xft-hintstyle = "hintfull";
gtk-xft-rgba = "rgb";
gtk-application-prefer-dark-theme = "true";
gtk-application-prefer-dark-theme = "1";
};
};
xresources.extraConfig = builtins.readFile ./.Xdefaults;
systemd.user.services.network-manager-applet = import ./network-manager-applet.service.nix pkgs;
services.network-manager-applet.enable = true;
systemd.user.services.network-manager-applet = {
Unit = {
BindsTo = ["sway-session.target"];
After = lib.mkForce ["sway-session.target"];
Requires = lib.mkForce [ ];
};
Install.WantedBy = [ "sway-session.target" ];
};
home.sessionVariables = sessionVariables;
systemd.user.sessionVariables = sessionVariables;

View file

@ -2,6 +2,7 @@
lib,
config,
pkgs,
flake,
...
}:
with lib; let
@ -10,20 +11,20 @@ in {
home-manager.users."${psCfg.user.name}" = {
services.mako = {
enable = true;
extraConfig = ''
extraConfig = with flake.self.theme.withHashtag; ''
padding=10
margin=5,5,0
default-timeout=5000
background-color=#1a181a
text-color=#e3e1e4
border-color=#ff5f5f
background-color=${base00}
text-color=${base05}
border-color=${base07}
font=Hack 14
[urgency=high]
background-color=#ff5f5f
text-color=#1a181a
border-color=#1a181a
background-color=${base07}
text-color=${base00}
border-color=${base00}
layer=overlay
font=Hack 14
'';

View file

@ -1,19 +0,0 @@
## Base16 Burn
# Author: Benjamin Bädorf
set $base00 #1a181a
set $base01 #2d2a2e
set $base02 #303030
set $base03 #949494
set $base04 #d3d1d4
set $base05 #e3e1e4
set $base06 #303030
set $base07 #ff5f5f
set $base08 #f85e84
set $base09 #df5923
set $base0A #e5c463
set $base0B #9ecd6f
set $base0C #ef9062
set $base0D #7accd7
set $base0E #ab9df2
set $base0F #d70000

View file

@ -1,43 +1,33 @@
# launch categorized menu
bindsym $mod+z exec --no-startup-id morc_menu
# switch keyboard input language
bindsym $mod+tab exec toggle-kbd-layout
################################################################################################
## sound-section - ##
################################################################################################
bindsym $mod+Ctrl+m exec pavucontrol
################################################################################################
# Quickstart application shortcuts
bindsym $mod+F1 exec psos help
bindsym $mod+Shift+h exec psos help
bindsym $mod+F2 exec firefox
bindsym $mod+F4 exec nautilus -w
bindsym $mod+Shift+F4 exec signal-desktop --use-tray-icon
bindsym $mod+Shift+m exec qMasterPassword
# Screenshots and screen recordings
# Screen capturing
bindsym $mod+Ctrl+p exec grim -g "$(slurp -d -b \#ffffff11)" ~/Pictures/Screenshots/$(date +%Y%m%d_%Hh%Mm%Ss)_grim.png
bindsym $mod+Shift+p exec grim ~/Pictures/Screenshots/$(date +%Y%m%d_%Hh%Mm%Ss)_grim.png
bindsym $mod+Ctrl+f exec "( pkill flameshot || true && flameshot & ) && ( sleep 0.5s && flameshot gui )"
bindsym $mod+Shift+p exec grim -g "$(slurp -d -b \#ffffff11 -o)" ~/Pictures/Screenshots/$(date +%Y%m%d_%Hh%Mm%Ss)_grim.png
bindsym $mod+Ctrl+r exec record-screen
bindsym $mod+Shift+r exec record-screen fullscreen
# Launcher
set $menu exec alacritty --class launcher -e env TERMINAL_COMMAND="alacritty -e" sway-launcher
bindsym $mod+Space exec $menu
set $mode_vncclient In VNCClient mode. Press $mod+Num_Lock or $mod+Shift+Escape to return.
bindsym $mod+Num_Lock mode "$mode_vncclient"
bindsym $mod+Shift+Escape mode "$mode_vncclient"
mode "$mode_vncclient" {
bindsym $mod+Num_Lock mode "default"
bindsym $mod+Shift+Escape mode "default"
}
# Pulse Audio controls
bindsym $mod+Ctrl+m exec pavucontrol
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 #increase sound volume
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 #decrease sound volume
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle # mute sound
# Media player controls
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"
# Screen brightness controls
bindsym XF86MonBrightnessUp exec "brightnessctl set +10%"
bindsym XF86MonBrightnessDown exec "brightnessctl set 10%-"
# Keyboard backlight brightness controls
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 33%-"
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +33%"

View file

@ -0,0 +1 @@
for_window [app_id=".*"] inhibit_idle fullscreen

View file

@ -1,40 +1,39 @@
{
pkgs,
psCfg,
config,
...
}: with pkgs;
''
# Set shut down, restart and locking features
''
+ (
if psCfg.core.hibernation.enable
then ''
set $mode_system (e)xit, (l)ock, (h)ibernate, (r)eboot, (Shift+s)hutdown
}: with pkgs; ''
# Set shut down, restart and locking features
''
else ''
set $mode_system (e)xit, (l)ock, (r)eboot, (Shift+s)hutdown
''
)
+ ''
bindsym $mod+0 mode "$mode_system"
+ (
if config.pub-solar.core.hibernation.enable
then ''
set $mode_system (e)xit, (l)ock, (h)ibernate, (r)eboot, (Shift+s)hutdown
''
else ''
set $mode_system (e)xit, (l)ock, (r)eboot, (Shift+s)hutdown
''
)
+ ''
bindsym $mod+0 mode "$mode_system"
mode "$mode_system" {
bindsym e exec ${sway}/bin/swaymsg exit, mode "default"
bindsym l exec ${swaylock-bg}/bin/swaylock-bg, mode "default"
''
+ (
if psCfg.core.hibernation.enable
then ''
bindsym h exec ${systemd}/bin/systemctl hibernate, mode "default"
mode "$mode_system" {
bindsym e exec ${sway}/bin/swaymsg exit, mode "default"
bindsym l exec ${swaylock-bg}/bin/swaylock-bg, mode "default"
''
else ""
)
+ ''
bindsym r exec ${systemd}/bin/systemctl reboot, mode "default"
bindsym Shift+s exec ${systemd}/bin/systemctl poweroff, mode "default"
+ (
if config.pub-solar.core.hibernation.enable
then ''
bindsym h exec ${systemd}/bin/systemctl hibernate, mode "default"
''
else ""
)
+ ''
bindsym r exec ${systemd}/bin/systemctl reboot, mode "default"
bindsym Shift+s exec ${systemd}/bin/systemctl poweroff, mode "default"
# exit system mode: "Enter" or "Escape"
bindsym Return mode "default"
bindsym Escape mode "default"
}
''
# exit system mode: "Enter" or "Escape"
bindsym Return mode "default"
bindsym Escape mode "default"
}
''

View file

@ -1,3 +1,21 @@
{ flake, ... }: with flake.self.theme.withHashtag; ''
set $base00 ${base00}
set $base01 ${base01}
set $base02 ${base02}
set $base03 ${base03}
set $base04 ${base04}
set $base05 ${base05}
set $base06 ${base06}
set $base07 ${base07}
set $base08 ${base08}
set $base09 ${base09}
set $base0A ${base0A}
set $base0B ${base0B}
set $base0C ${base0C}
set $base0D ${base0D}
set $base0E ${base0E}
set $base0F ${base0F}
# Border BG Text Ind Child Border
client.focused $base00 $base01 $base07 $base0D $base07
client.focused_inactive $base00 $base01 $base07 $base03 $base00
@ -14,3 +32,6 @@ exec_always import-gtk-settings \
# Workaround to fix cursor scaling, see https://github.com/swaywm/sway/issues/4112
seat seat0 xcursor_theme Adwaita
output * bg ~/.config/wallpaper.jpg fill
''

View file

@ -1,217 +1,227 @@
{
args@{
config,
pkgs,
...
}: ''
# Default config for sway
#
# Copy this to ~/.config/sway/config and edit it to your liking.
#
# Read `man 5 sway` for a complete reference.
}: let
applications = builtins.readFile ./config.d/applications.conf;
custom-keybindings = builtins.readFile ./config.d/custom-keybindings.conf;
gaps = builtins.readFile ./config.d/gaps.conf;
mode-system = import ./config.d/mode_system.conf.nix args;
systemd = builtins.readFile ./config.d/systemd.conf;
theme = import ./config.d/theme.conf.nix args;
in ''
# Default config for sway
#
# Copy this to ~/.config/sway/config and edit it to your liking.
#
# Read `man 5 sway` for a complete reference.
### Variables
#
# Logo key. Use Mod1 for Alt.
set $mod Mod4
# Home row direction keys, like vim
set $left j
set $down k
set $up i
set $right l
# Your preferred terminal emulator
set $term ${pkgs.alacritty}/bin/alacritty
# Your preferred application launcher
# Note: pass the final command to swaymsg so that the resulting window can be opened
# on the original workspace that the command was run on.
#set $menu dmenu_path | dmenu | xargs swaymsg exec bemenu-run --no-overlap
### Variables
#
# Logo key. Use Mod1 for Alt.
set $mod Mod4
# Home row direction keys, like vim
set $left j
set $down k
set $up i
set $right l
# Your preferred terminal emulator
set $term ${pkgs.alacritty}/bin/alacritty
# Your preferred application launcher
# Note: pass the final command to swaymsg so that the resulting window can be opened
# on the original workspace that the command was run on.
#set $menu dmenu_path | dmenu | xargs swaymsg exec bemenu-run --no-overlap
default_border pixel 1
default_border pixel 1
### Output configuration
#
# Default wallpaper (more resolutions are available in @datadir@/backgrounds/sway/)
output * bg ~/.config/wallpaper.jpg fill
### Key bindings
#
# Basics:
#
# Start a terminal
bindsym $mod+Return exec $term
### Key bindings
#
# Basics:
#
# Start a terminal
bindsym $mod+Return exec $term
# Start a terminal
bindsym $mod+Shift+Return exec sh -c '$term --working-directory $(wcwd)'
# Start a terminal
bindsym $mod+Shift+Return exec sh -c '$term --working-directory $(wcwd)'
# Kill focused window
bindsym $mod+Shift+q kill
# Kill focused window
bindsym $mod+Shift+q kill
# Drag floating windows by holding down $mod and left mouse button.
# Resize them with right mouse button + $mod.
# Despite the name, also works for non-floating windows.
# Change normal to inverse to use left mouse button for resizing and right
# mouse button for dragging.
floating_modifier $mod normal
# Drag floating windows by holding down $mod and left mouse button.
# Resize them with right mouse button + $mod.
# Despite the name, also works for non-floating windows.
# Change normal to inverse to use left mouse button for resizing and right
# mouse button for dragging.
floating_modifier $mod normal
# Reload the configuration file
bindsym $mod+F5 reload
# Reload the configuration file
bindsym $mod+F5 reload
#
# Moving around:
#
# Move your focus around
bindsym $mod+$left focus left
bindsym $mod+$down focus down
bindsym $mod+$up focus up
bindsym $mod+$right focus right
# Or use $mod+[up|down|left|right]
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
#
# Moving around:
#
# Move your focus around
bindsym $mod+$left focus left
bindsym $mod+$down focus down
bindsym $mod+$up focus up
bindsym $mod+$right focus right
# Or use $mod+[up|down|left|right]
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
# Move the focused window with the same, but add Shift
bindsym $mod+Shift+$left move left
bindsym $mod+Shift+$down move down
bindsym $mod+Shift+$up move up
bindsym $mod+Shift+$right move right
# Ditto, with arrow keys
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
#
# Workspaces:
#
# Move the focused window with the same, but add Shift
bindsym $mod+Shift+$left move left
bindsym $mod+Shift+$down move down
bindsym $mod+Shift+$up move up
bindsym $mod+Shift+$right move right
# Ditto, with arrow keys
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
#
# Workspaces:
#
# Workspace names
# to display names or symbols instead of plain workspace numbers you can use
# something like: set $ws1 1:mail
# set $ws2 2:
set $ws1 1
set $ws2 2
set $ws3 3
set $ws4 4
set $ws5 5
set $ws6 6
set $ws7 7
set $ws8 8
set $ws9 9
# Workspace names
# to display names or symbols instead of plain workspace numbers you can use
# something like: set $ws1 1:mail
# set $ws2 2:
set $ws1 1
set $ws2 2
set $ws3 3
set $ws4 4
set $ws5 5
set $ws6 6
set $ws7 7
set $ws8 8
set $ws9 9
# Switch to workspace
bindsym $mod+1 workspace 1
bindsym $mod+2 workspace 2
bindsym $mod+3 workspace 3
bindsym $mod+4 workspace 4
bindsym $mod+5 workspace 5
bindsym $mod+6 workspace 6
bindsym $mod+7 workspace 7
bindsym $mod+8 workspace 8
bindsym $mod+9 workspace 9
# Move focused container to workspace
bindsym $mod+Ctrl+1 move container to workspace $ws1
bindsym $mod+Ctrl+2 move container to workspace $ws2
bindsym $mod+Ctrl+3 move container to workspace $ws3
bindsym $mod+Ctrl+4 move container to workspace $ws4
bindsym $mod+Ctrl+5 move container to workspace $ws5
bindsym $mod+Ctrl+6 move container to workspace $ws6
bindsym $mod+Ctrl+7 move container to workspace $ws7
bindsym $mod+Ctrl+8 move container to workspace $ws8
bindsym $mod+Ctrl+9 move container to workspace $ws9
# Move focused container to workspace and move focus with it
bindsym $mod+Shift+1 move container to workspace 1; workspace $ws1
bindsym $mod+Shift+2 move container to workspace 2; workspace $ws2
bindsym $mod+Shift+3 move container to workspace 3; workspace $ws3
bindsym $mod+Shift+4 move container to workspace 4; workspace $ws4
bindsym $mod+Shift+5 move container to workspace 5; workspace $ws5
bindsym $mod+Shift+6 move container to workspace 6; workspace $ws6
bindsym $mod+Shift+7 move container to workspace 7; workspace $ws7
bindsym $mod+Shift+8 move container to workspace 8; workspace $ws8
bindsym $mod+Shift+9 move container to workspace 9; workspace $ws9
# Note: workspaces can have any name you want, not just numbers.
# We just use 1-10 as the default.
# Switch to workspace
bindsym $mod+1 workspace 1
bindsym $mod+2 workspace 2
bindsym $mod+3 workspace 3
bindsym $mod+4 workspace 4
bindsym $mod+5 workspace 5
bindsym $mod+6 workspace 6
bindsym $mod+7 workspace 7
bindsym $mod+8 workspace 8
bindsym $mod+9 workspace 9
# Move focused container to workspace
bindsym $mod+Ctrl+1 move container to workspace $ws1
bindsym $mod+Ctrl+2 move container to workspace $ws2
bindsym $mod+Ctrl+3 move container to workspace $ws3
bindsym $mod+Ctrl+4 move container to workspace $ws4
bindsym $mod+Ctrl+5 move container to workspace $ws5
bindsym $mod+Ctrl+6 move container to workspace $ws6
bindsym $mod+Ctrl+7 move container to workspace $ws7
bindsym $mod+Ctrl+8 move container to workspace $ws8
bindsym $mod+Ctrl+9 move container to workspace $ws9
# Move focused container to workspace and move focus with it
bindsym $mod+Shift+1 move container to workspace 1; workspace $ws1
bindsym $mod+Shift+2 move container to workspace 2; workspace $ws2
bindsym $mod+Shift+3 move container to workspace 3; workspace $ws3
bindsym $mod+Shift+4 move container to workspace 4; workspace $ws4
bindsym $mod+Shift+5 move container to workspace 5; workspace $ws5
bindsym $mod+Shift+6 move container to workspace 6; workspace $ws6
bindsym $mod+Shift+7 move container to workspace 7; workspace $ws7
bindsym $mod+Shift+8 move container to workspace 8; workspace $ws8
bindsym $mod+Shift+9 move container to workspace 9; workspace $ws9
# Note: workspaces can have any name you want, not just numbers.
# We just use 1-10 as the default.
#navigate workspaces next / previous
bindsym $mod+Ctrl+Right workspace next
bindsym $mod+Ctrl+Left workspace prev
#navigate workspaces next / previous
bindsym $mod+Ctrl+Right workspace next
bindsym $mod+Ctrl+Left workspace prev
# workspace back and forth (with/without active container)
workspace_auto_back_and_forth yes
bindsym $mod+b workspace back_and_forth
bindsym $mod+Shift+b move container to workspace back_and_forth; workspace back_and_forth
# workspace back and forth (with/without active container)
workspace_auto_back_and_forth yes
bindsym $mod+b workspace back_and_forth
bindsym $mod+Shift+b move container to workspace back_and_forth; workspace back_and_forth
#
# Layout stuff:
#
# Configure border style <normal|1pixel|pixel xx|none|pixel>
default_border pixel 1
default_floating_border normal
#
# Layout stuff:
#
# Configure border style <normal|1pixel|pixel xx|none|pixel>
default_border pixel 1
default_floating_border normal
# Hide borders
hide_edge_borders none
# Hide borders
hide_edge_borders none
# Font for window titles. Will also be used by the bar unless a different font
# is used in the bar {} block below.
font xft:Hack 16
# Font for window titles. Will also be used by the bar unless a different font
# is used in the bar {} block below.
font xft:Hack 16
# You can "split" the current object of your focus with
# $mod+b or $mod+v, for horizontal and vertical splits
# respectively.
bindsym $mod+h splith; exec notify-send 'tile horizontally'
bindsym $mod+v splitv; exec notify-send 'tile vertically'
# You can "split" the current object of your focus with
# $mod+b or $mod+v, for horizontal and vertical splits
# respectively.
bindsym $mod+h splith; exec notify-send 'tile horizontally'
bindsym $mod+v splitv; exec notify-send 'tile vertically'
# Switch the current container between different layout styles
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# Switch the current container between different layout styles
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# Make the current focus fullscreen
bindsym $mod+f fullscreen
# Make the current focus fullscreen
bindsym $mod+f fullscreen
# Toggle the current focus between tiling and floating mode
bindsym $mod+Shift+space floating toggle
# Toggle the current focus between tiling and floating mode
bindsym $mod+Shift+space floating toggle
# Swap focus between the tiling area and the floating area
bindsym $mod+t focus mode_toggle
# Swap focus between the tiling area and the floating area
bindsym $mod+t focus mode_toggle
# Move focus to the parent container
bindsym $mod+a focus parent
bindsym $mod+d focus child
#
# Scratchpad:
#
# Sway has a "scratchpad", which is a bag of holding for windows.
# You can send windows there and get them back later.
# Move focus to the parent container
bindsym $mod+a focus parent
bindsym $mod+d focus child
#
# Scratchpad:
#
# Sway has a "scratchpad", which is a bag of holding for windows.
# You can send windows there and get them back later.
# Move the currently focused window to the scratchpad
bindsym $mod+Shift+minus move scratchpad
# Move the currently focused window to the scratchpad
bindsym $mod+Shift+minus move scratchpad
# Show the next scratchpad window or hide the focused scratchpad window.
# If there are multiple scratchpad windows, this command cycles through them.
bindsym $mod+minus scratchpad show
#
# Resizing containers:
#
mode "resize" {
# left will shrink the containers width
# right will grow the containers width
# up will shrink the containers height
# down will grow the containers height
bindsym $left resize shrink width 10px
bindsym $down resize grow height 10px
bindsym $up resize shrink height 10px
bindsym $right resize grow width 10px
# Show the next scratchpad window or hide the focused scratchpad window.
# If there are multiple scratchpad windows, this command cycles through them.
bindsym $mod+minus scratchpad show
#
# Resizing containers:
#
mode "resize" {
# left will shrink the containers width
# right will grow the containers width
# up will shrink the containers height
# down will grow the containers height
bindsym $left resize shrink width 10px
bindsym $down resize grow height 10px
bindsym $up resize shrink height 10px
bindsym $right resize grow width 10px
# Ditto, with arrow keys
bindsym Left resize shrink width 10px
bindsym Down resize grow height 10px
bindsym Up resize shrink height 10px
bindsym Right resize grow width 10px
# Ditto, with arrow keys
bindsym Left resize shrink width 10px
bindsym Down resize grow height 10px
bindsym Up resize shrink height 10px
bindsym Right resize grow width 10px
# Return to default mode
bindsym Return mode "default"
bindsym Escape mode "default"
}
bindsym $mod+r mode "resize"
# Return to default mode
bindsym Return mode "default"
bindsym Escape mode "default"
}
bindsym $mod+r mode "resize"
include ~/.config/sway/config.d/*''
${applications}
${gaps}
${custom-keybindings}
${mode-system}
${systemd}
${theme}
include ~/.config/sway/config.d/*
''

View file

@ -1,4 +1,4 @@
{
args@{
lib,
config,
pkgs,
@ -42,6 +42,18 @@ in {
};
};
};
config.sway = {
# https://alex.dandrea.io/2024/07/20/fixing-idle-inhibitor-behaviour-in-firefox-with-wayland/
# Use xdg-desktop-portal-gtk for every portal interface...
default = "gtk";
# ... except for the ScreenCast, Screenshot and Secret
"org.freedesktop.impl.portal.ScreenCast" = "wlr";
"org.freedesktop.impl.portal.Screenshot" = "wlr";
# ignore inhibit bc gtk portal always returns as success,
# despite sway/the wlr portal not having an implementation,
# stopping firefox from using wayland idle-inhibit
"org.freedesktop.impl.portal.Inhibit" = "none";
};
extraPortals = with pkgs; [xdg-desktop-portal-gtk];
};
@ -60,8 +72,6 @@ in {
wl-clipboard
wf-recorder
brightnessctl
gammastep
geoclue2
xsettingsd
ydotool
@ -72,19 +82,19 @@ in {
wcwd
];
home-manager.users."${psCfg.user.name}" = {
systemd.user.services.sway = import ./sway.service.nix {inherit pkgs psCfg;};
systemd.user.services.xsettingsd = import ./xsettingsd.service.nix {inherit pkgs psCfg;};
systemd.user.targets.sway-session = import ./sway-session.target.nix {inherit pkgs psCfg;};
services.geoclue2.enable = true;
xdg.configFile."sway/config".text = import ./config/config.nix {inherit config pkgs;};
xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf;
xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf;
xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf;
xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix {inherit pkgs psCfg;};
xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
home-manager.users."${psCfg.user.name}" = {
systemd.user.services.sway = import ./sway.service.nix args;
systemd.user.targets.sway-session = import ./sway-session.target.nix args;
services.xsettingsd.enable = true;
services.gammastep = {
enable = true;
provider = "geoclue2";
};
xdg.configFile."sway/config".text = import ./config/config.nix args;
services.swayidle = with pkgs; {
enable = true;
@ -96,16 +106,16 @@ in {
];
timeouts = [
{
timeout = 120;
timeout = 300;
command = "${swaylock-bg}/bin/swaylock-bg";
}
{
timeout = 130;
timeout = 180;
command = "${sway}/bin/swaymsg \"output * dpms off\"";
resumeCommand = "${sway}/bin/swaymsg \"output * dpms on\"";
}
{
timeout = 300;
timeout = 600;
command = "${systemd}/bin/systemctl hibernate";
}
];

View file

@ -1,17 +0,0 @@
{pkgs, ...}: {
Unit = {
Description = "set color temperature of display according to time of day";
Documentation = ["man:gammastep(1)"];
BindsTo = ["sway-session.target"];
After = ["sway-session.target"];
# ConditionEnvironment requires systemd v247 to work correctly
ConditionEnvironment = ["WAYLAND_DISPLAY"];
};
Service = {
Type = "simple";
ExecStart = "${pkgs.gammastep}/bin/gammastep -l geoclue2 -m wayland -v";
};
Install = {
WantedBy = ["sway-session.target"];
};
}

View file

@ -1,18 +0,0 @@
{pkgs, ...}: {
Unit = {
Description = "X Settings Daemon";
Documentation = ["https://github.com/derat/xsettingsd/wiki/Installation"];
BindsTo = ["sway-session.target"];
After = ["sway-session.target"];
# ConditionEnvironment requires systemd v247 to work correctly
ConditionEnvironment = ["WAYLAND_DISPLAY"];
};
Service = {
Type = "simple";
ExecStart = "${pkgs.xsettingsd}/bin/xsettingsd";
ExecStop = "/run/current-system/sw/bin/env pkill xsettingsd";
};
Install = {
WantedBy = ["sway-session.target"];
};
}

View file

@ -2,13 +2,14 @@
lib,
config,
pkgs,
flake,
...
}:
with lib; let
psCfg = config.pub-solar;
in {
home-manager.users."${psCfg.user.name}" = {
programs.waybar = {
programs.waybar = with flake.self.theme.withHashtag; {
enable = true;
settings.main = {
layer = "top";
@ -46,10 +47,10 @@ in {
on-scroll = "-1";
on-click-right = "mode";
format = {
months = "<span color='#ffead3'><b>{}</b></span>";
days = "<span color='#ecc6d9'><b>{}</b></span>";
weekdays = "<span color='#ffcc66'><b>{}</b></span>";
today = "<span color='#ff6699'><b><u>{}</u></b></span>";
months = "<span color='#ffead3'><b>{}</b></span>";
days = "<span color='#ecc6d9'><b>{}</b></span>";
weekdays = "<span color='#ffcc66'><b>{}</b></span>";
today = "<span color='#ff6699'><b><u>{}</u></b></span>";
};
};
};
@ -88,7 +89,25 @@ in {
};
};
};
style = builtins.readFile ./.config/waybar/style.css;
style = ''
@define-color base00 ${base00};
@define-color base01 ${base01};
@define-color base02 ${base02};
@define-color base03 ${base03};
@define-color base04 ${base04};
@define-color base05 ${base05};
@define-color base06 ${base06};
@define-color base07 ${base07};
@define-color base08 ${base08};
@define-color base09 ${base09};
@define-color base0A ${base0A};
@define-color base0B ${base0B};
@define-color base0C ${base0C};
@define-color base0D ${base0D};
@define-color base0E ${base0E};
@define-color base0F ${base0F};
''+ builtins.readFile ./.config/waybar/style.css;
systemd.enable = true;
systemd.target = "sway-session.target";
};

View file

@ -1,215 +1,221 @@
{ config, pkgs, lib, ... }:
with lib;
let
{
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.services.invoiceplane;
eachSite = cfg.sites;
user = "invoiceplane";
webserver = config.services.${cfg.webserver};
invoiceplane-config = hostName: cfg: pkgs.writeText "ipconfig.php" ''
IP_URL=http://${hostName}
ENABLE_DEBUG=false
DISABLE_SETUP=false
REMOVE_INDEXPHP=false
DB_HOSTNAME=${cfg.database.host}
DB_USERNAME=${cfg.database.user}
# NOTE: file_get_contents adds newline at the end of returned string
DB_PASSWORD=${if cfg.database.passwordFile == null then "" else "trim(file_get_contents('${cfg.database.passwordFile}'),\"\\r\\n\")"}
DB_DATABASE=${cfg.database.name}
DB_PORT=${toString cfg.database.port}
SESS_EXPIRATION=864000
ENABLE_INVOICE_DELETION=false
DISABLE_READ_ONLY=false
ENCRYPTION_KEY=
ENCRYPTION_CIPHER=AES-256
SETUP_COMPLETED=false
REMOVE_INDEXPHP=true
'';
extraConfig = hostName: cfg: pkgs.writeText "extraConfig.php" ''
${toString cfg.extraConfig}
'';
pkg = hostName: cfg: pkgs.stdenv.mkDerivation rec {
pname = "invoiceplane-${hostName}";
version = src.version;
src = pkgs.invoiceplane;
postPhase = ''
# Patch index.php file to load additional config file
substituteInPlace index.php \
--replace "require('vendor/autoload.php');" "require('vendor/autoload.php'); \$dotenv = Dotenv\Dotenv::createImmutable(__DIR__, 'extraConfig.php'); \$dotenv->load();";
invoiceplane-config = hostName: cfg:
pkgs.writeText "ipconfig.php" ''
IP_URL=http://${hostName}
ENABLE_DEBUG=false
DISABLE_SETUP=false
REMOVE_INDEXPHP=false
DB_HOSTNAME=${cfg.database.host}
DB_USERNAME=${cfg.database.user}
# NOTE: file_get_contents adds newline at the end of returned string
DB_PASSWORD=${
if cfg.database.passwordFile == null
then ""
else "trim(file_get_contents('${cfg.database.passwordFile}'),\"\\r\\n\")"
}
DB_DATABASE=${cfg.database.name}
DB_PORT=${toString cfg.database.port}
SESS_EXPIRATION=864000
ENABLE_INVOICE_DELETION=false
DISABLE_READ_ONLY=false
ENCRYPTION_KEY=
ENCRYPTION_CIPHER=AES-256
SETUP_COMPLETED=false
REMOVE_INDEXPHP=true
'';
installPhase = ''
mkdir -p $out
cp -r * $out/
# symlink uploads and log directories
rm -r $out/uploads $out/application/logs $out/vendor/mpdf/mpdf/tmp
ln -sf ${cfg.stateDir}/uploads $out/
ln -sf ${cfg.stateDir}/logs $out/application/
ln -sf ${cfg.stateDir}/tmp $out/vendor/mpdf/mpdf/
# symlink the InvoicePlane config
ln -s ${cfg.stateDir}/ipconfig.php $out/ipconfig.php
# symlink the extraConfig file
ln -s ${extraConfig hostName cfg} $out/extraConfig.php
# symlink additional templates
${concatMapStringsSep "\n" (template: "cp -r ${template}/. $out/application/views/invoice_templates/pdf/") cfg.invoiceTemplates}
extraConfig = hostName: cfg:
pkgs.writeText "extraConfig.php" ''
${toString cfg.extraConfig}
'';
};
siteOpts = { lib, name, ... }:
{
options = {
pkg = hostName: cfg:
pkgs.stdenv.mkDerivation rec {
pname = "invoiceplane-${hostName}";
version = src.version;
src = pkgs.invoiceplane;
enable = mkEnableOption (lib.mdDoc "InvoicePlane web application");
postPhase = ''
# Patch index.php file to load additional config file
substituteInPlace index.php \
--replace "require('vendor/autoload.php');" "require('vendor/autoload.php'); \$dotenv = Dotenv\Dotenv::createImmutable(__DIR__, 'extraConfig.php'); \$dotenv->load();";
'';
stateDir = mkOption {
type = types.path;
default = "/var/lib/invoiceplane/${name}";
description = lib.mdDoc ''
This directory is used for uploads of attachments and cache.
The directory passed here is automatically created and permissions
adjusted as required.
'';
};
installPhase = ''
mkdir -p $out
cp -r * $out/
database = {
host = mkOption {
type = types.str;
default = "localhost";
description = lib.mdDoc "Database host address.";
};
# symlink uploads and log directories
rm -r $out/uploads $out/application/logs $out/vendor/mpdf/mpdf/tmp
ln -sf ${cfg.stateDir}/uploads $out/
ln -sf ${cfg.stateDir}/logs $out/application/
ln -sf ${cfg.stateDir}/tmp $out/vendor/mpdf/mpdf/
port = mkOption {
type = types.port;
default = 3306;
description = lib.mdDoc "Database host port.";
};
# symlink the InvoicePlane config
ln -s ${cfg.stateDir}/ipconfig.php $out/ipconfig.php
name = mkOption {
type = types.str;
default = "invoiceplane";
description = lib.mdDoc "Database name.";
};
# symlink the extraConfig file
ln -s ${extraConfig hostName cfg} $out/extraConfig.php
user = mkOption {
type = types.str;
default = "invoiceplane";
description = lib.mdDoc "Database user.";
};
# symlink additional templates
${concatMapStringsSep "\n" (template: "cp -r ${template}/. $out/application/views/invoice_templates/pdf/") cfg.invoiceTemplates}
'';
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/invoiceplane-dbpassword";
description = lib.mdDoc ''
A file containing the password corresponding to
{option}`database.user`.
'';
};
createLocally = mkOption {
type = types.bool;
default = true;
description = lib.mdDoc "Create the database and database user locally.";
};
};
invoiceTemplates = mkOption {
type = types.listOf types.path;
default = [];
description = lib.mdDoc ''
List of path(s) to respective template(s) which are copied from the 'invoice_templates/pdf' directory.
::: {.note}
These templates need to be packaged before use, see example.
:::
'';
example = literalExpression ''
let
# Let's package an example template
template-vtdirektmarketing = pkgs.stdenv.mkDerivation {
name = "vtdirektmarketing";
# Download the template from a public repository
src = pkgs.fetchgit {
url = "https://git.project-insanity.org/onny/invoiceplane-vtdirektmarketing.git";
sha256 = "1hh0q7wzsh8v8x03i82p6qrgbxr4v5fb05xylyrpp975l8axyg2z";
};
sourceRoot = ".";
# Installing simply means copying template php file to the output directory
installPhase = ""
mkdir -p $out
cp invoiceplane-vtdirektmarketing/vtdirektmarketing.php $out/
"";
};
# And then pass this package to the template list like this:
in [ template-vtdirektmarketing ]
'';
};
poolConfig = mkOption {
type = with types; attrsOf (oneOf [ str int bool ]);
default = {
"pm" = "dynamic";
"pm.max_children" = 32;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 2;
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
description = lib.mdDoc ''
Options for the InvoicePlane PHP pool. See the documentation on `php-fpm.conf`
for details on configuration directives.
'';
};
extraConfig = mkOption {
type = types.nullOr types.lines;
default = null;
example = ''
SETUP_COMPLETED=true
DISABLE_SETUP=true
IP_URL=https://invoice.example.com
'';
description = lib.mdDoc ''
InvoicePlane configuration. Refer to
<https://github.com/InvoicePlane/InvoicePlane/blob/master/ipconfig.php.example>
for details on supported values.
'';
};
cron = {
enable = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc ''
Enable cron service which periodically runs Invoiceplane tasks.
Requires key taken from the administration page. Refer to
<https://wiki.invoiceplane.com/en/1.0/modules/recurring-invoices>
on how to configure it.
'';
};
key = mkOption {
type = types.str;
description = lib.mdDoc "Cron key taken from the administration page.";
};
};
siteOpts = {
lib,
name,
...
}: {
options = {
enable = mkEnableOption (lib.mdDoc "InvoicePlane web application");
stateDir = mkOption {
type = types.path;
default = "/var/lib/invoiceplane/${name}";
description = lib.mdDoc ''
This directory is used for uploads of attachments and cache.
The directory passed here is automatically created and permissions
adjusted as required.
'';
};
database = {
host = mkOption {
type = types.str;
default = "localhost";
description = lib.mdDoc "Database host address.";
};
port = mkOption {
type = types.port;
default = 3306;
description = lib.mdDoc "Database host port.";
};
name = mkOption {
type = types.str;
default = "invoiceplane";
description = lib.mdDoc "Database name.";
};
user = mkOption {
type = types.str;
default = "invoiceplane";
description = lib.mdDoc "Database user.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
example = "/run/keys/invoiceplane-dbpassword";
description = lib.mdDoc ''
A file containing the password corresponding to
{option}`database.user`.
'';
};
createLocally = mkOption {
type = types.bool;
default = true;
description = lib.mdDoc "Create the database and database user locally.";
};
};
invoiceTemplates = mkOption {
type = types.listOf types.path;
default = [];
description = lib.mdDoc ''
List of path(s) to respective template(s) which are copied from the 'invoice_templates/pdf' directory.
::: {.note}
These templates need to be packaged before use, see example.
:::
'';
example = literalExpression ''
let
# Let's package an example template
template-vtdirektmarketing = pkgs.stdenv.mkDerivation {
name = "vtdirektmarketing";
# Download the template from a public repository
src = pkgs.fetchgit {
url = "https://git.project-insanity.org/onny/invoiceplane-vtdirektmarketing.git";
sha256 = "1hh0q7wzsh8v8x03i82p6qrgbxr4v5fb05xylyrpp975l8axyg2z";
};
sourceRoot = ".";
# Installing simply means copying template php file to the output directory
installPhase = ""
mkdir -p $out
cp invoiceplane-vtdirektmarketing/vtdirektmarketing.php $out/
"";
};
# And then pass this package to the template list like this:
in [ template-vtdirektmarketing ]
'';
};
poolConfig = mkOption {
type = with types; attrsOf (oneOf [str int bool]);
default = {
"pm" = "dynamic";
"pm.max_children" = 32;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 2;
"pm.max_spare_servers" = 4;
"pm.max_requests" = 500;
};
description = lib.mdDoc ''
Options for the InvoicePlane PHP pool. See the documentation on `php-fpm.conf`
for details on configuration directives.
'';
};
extraConfig = mkOption {
type = types.nullOr types.lines;
default = null;
example = ''
SETUP_COMPLETED=true
DISABLE_SETUP=true
IP_URL=https://invoice.example.com
'';
description = lib.mdDoc ''
InvoicePlane configuration. Refer to
<https://github.com/InvoicePlane/InvoicePlane/blob/master/ipconfig.php.example>
for details on supported values.
'';
};
cron = {
enable = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc ''
Enable cron service which periodically runs Invoiceplane tasks.
Requires key taken from the administration page. Refer to
<https://wiki.invoiceplane.com/en/1.0/modules/recurring-invoices>
on how to configure it.
'';
};
key = mkOption {
type = types.str;
description = lib.mdDoc "Cron key taken from the administration page.";
};
};
};
in
{
};
in {
disabledModules = [
"services/web-apps/invoiceplane.nix"
];
@ -218,7 +224,6 @@ in
options = {
services.invoiceplane = mkOption {
type = types.submodule {
options.sites = mkOption {
type = types.attrsOf (types.submodule siteOpts);
default = {};
@ -226,7 +231,7 @@ in
};
options.webserver = mkOption {
type = types.enum [ "caddy" "nginx" ];
type = types.enum ["caddy" "nginx"];
default = "caddy";
description = lib.mdDoc ''
Which webserver to use for virtual host management. Currently only
@ -237,160 +242,172 @@ in
default = {};
description = lib.mdDoc "InvoicePlane configuration.";
};
};
# implementation
config = mkIf (eachSite != {}) (mkMerge [{
config = mkIf (eachSite != {}) (mkMerge [
{
assertions = flatten (mapAttrsToList (hostName: cfg: [
{
assertion = cfg.database.createLocally -> cfg.database.user == user;
message = ''services.invoiceplane.sites."${hostName}".database.user must be ${user} if the database is to be automatically provisioned'';
}
{
assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
message = ''services.invoiceplane.sites."${hostName}".database.passwordFile cannot be specified if services.invoiceplane.sites."${hostName}".database.createLocally is set to true.'';
}
{
assertion = cfg.cron.enable -> cfg.cron.key != null;
message = ''services.invoiceplane.sites."${hostName}".cron.key must be set in order to use cron service.'';
}
])
eachSite);
assertions = flatten (mapAttrsToList (hostName: cfg:
[{ assertion = cfg.database.createLocally -> cfg.database.user == user;
message = ''services.invoiceplane.sites."${hostName}".database.user must be ${user} if the database is to be automatically provisioned'';
}
{ assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
message = ''services.invoiceplane.sites."${hostName}".database.passwordFile cannot be specified if services.invoiceplane.sites."${hostName}".database.createLocally is set to true.'';
}
{ assertion = cfg.cron.enable -> cfg.cron.key != null;
message = ''services.invoiceplane.sites."${hostName}".cron.key must be set in order to use cron service.'';
}
]) eachSite);
services.mysql = mkIf (any (v: v.database.createLocally) (attrValues eachSite)) {
enable = true;
package = mkDefault pkgs.mariadb;
ensureDatabases = mapAttrsToList (hostName: cfg: cfg.database.name) eachSite;
ensureUsers = mapAttrsToList (hostName: cfg:
{ name = cfg.database.user;
ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; };
}
) eachSite;
};
services.phpfpm = {
phpPackage = pkgs.php81;
pools = mapAttrs' (hostName: cfg: (
nameValuePair "invoiceplane-${hostName}" {
inherit user;
group = webserver.group;
settings = {
"listen.owner" = webserver.user;
"listen.group" = webserver.group;
} // cfg.poolConfig;
}
)) eachSite;
};
}
{
systemd.tmpfiles.rules = flatten (mapAttrsToList (hostName: cfg: [
"d ${cfg.stateDir} 0750 ${user} ${webserver.group} - -"
"f ${cfg.stateDir}/ipconfig.php 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/logs 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads/archive 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads/customer_files 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads/temp 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads/temp/mpdf 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/tmp 0750 ${user} ${webserver.group} - -"
]) eachSite);
systemd.services.invoiceplane-config = {
serviceConfig.Type = "oneshot";
script = concatStrings (mapAttrsToList (hostName: cfg:
''
mkdir -p ${cfg.stateDir}/logs \
${cfg.stateDir}/uploads
if ! grep -q IP_URL "${cfg.stateDir}/ipconfig.php"; then
cp "${invoiceplane-config hostName cfg}" "${cfg.stateDir}/ipconfig.php"
fi
'') eachSite);
wantedBy = [ "multi-user.target" ];
};
users.users.${user} = {
group = webserver.group;
isSystemUser = true;
};
}
{
# Cron service implementation
systemd.timers = mapAttrs' (hostName: cfg: (
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5m";
OnUnitActiveSec = "5m";
Unit = "invoiceplane-cron-${hostName}.service";
};
})
)) eachSite;
systemd.services =
mapAttrs' (hostName: cfg: (
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
serviceConfig = {
Type = "oneshot";
User = user;
ExecStart = "${pkgs.curl}/bin/curl --header 'Host: ${hostName}' http://localhost/invoices/cron/recur/${cfg.cron.key}";
};
})
)) eachSite;
}
(mkIf (cfg.webserver == "caddy") {
services.caddy = {
enable = true;
virtualHosts = mapAttrs' (hostName: cfg: (
nameValuePair "http://${hostName}" {
extraConfig = ''
root * ${pkg hostName cfg}
file_server
php_fastcgi unix/${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}
'';
}
)) eachSite;
};
})
(mkIf (cfg.webserver == "nginx") {
services.nginx = {
enable = true;
virtualHosts = mapAttrs' (hostName: cfg: (
nameValuePair "${hostName}" {
root = "${pkg hostName cfg}";
extraConfig = ''
index index.php index.html index.htm;
if (!-e $request_filename){
rewrite ^(.*)$ /index.php break;
services.mysql = mkIf (any (v: v.database.createLocally) (attrValues eachSite)) {
enable = true;
package = mkDefault pkgs.mariadb;
ensureDatabases = mapAttrsToList (hostName: cfg: cfg.database.name) eachSite;
ensureUsers =
mapAttrsToList (
hostName: cfg: {
name = cfg.database.user;
ensurePermissions = {"${cfg.database.name}.*" = "ALL PRIVILEGES";};
}
'';
)
eachSite;
};
locations = {
"/setup".extraConfig = ''
rewrite ^(.*)$ http://${hostName}/ redirect;
'';
services.phpfpm = {
phpPackage = pkgs.php81;
pools =
mapAttrs' (hostName: cfg: (
nameValuePair "invoiceplane-${hostName}" {
inherit user;
group = webserver.group;
settings =
{
"listen.owner" = webserver.user;
"listen.group" = webserver.group;
}
// cfg.poolConfig;
}
))
eachSite;
};
}
"~ .php$" = {
extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:${config.services.phpfpm.pools."invoiceplane-${hostName}".socket};
include ${pkgs.nginx}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf;
'';
{
systemd.tmpfiles.rules = flatten (mapAttrsToList (hostName: cfg: [
"d ${cfg.stateDir} 0750 ${user} ${webserver.group} - -"
"f ${cfg.stateDir}/ipconfig.php 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/logs 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads/archive 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads/customer_files 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads/temp 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/uploads/temp/mpdf 0750 ${user} ${webserver.group} - -"
"d ${cfg.stateDir}/tmp 0750 ${user} ${webserver.group} - -"
])
eachSite);
systemd.services.invoiceplane-config = {
serviceConfig.Type = "oneshot";
script = concatStrings (mapAttrsToList (hostName: cfg: ''
mkdir -p ${cfg.stateDir}/logs \
${cfg.stateDir}/uploads
if ! grep -q IP_URL "${cfg.stateDir}/ipconfig.php"; then
cp "${invoiceplane-config hostName cfg}" "${cfg.stateDir}/ipconfig.php"
fi
'')
eachSite);
wantedBy = ["multi-user.target"];
};
users.users.${user} = {
group = webserver.group;
isSystemUser = true;
};
}
{
# Cron service implementation
systemd.timers =
mapAttrs' (hostName: cfg: (
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
wantedBy = ["timers.target"];
timerConfig = {
OnBootSec = "5m";
OnUnitActiveSec = "5m";
Unit = "invoiceplane-cron-${hostName}.service";
};
};
}
)) eachSite;
};
})
})
))
eachSite;
systemd.services =
mapAttrs' (hostName: cfg: (
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
serviceConfig = {
Type = "oneshot";
User = user;
ExecStart = "${pkgs.curl}/bin/curl --header 'Host: ${hostName}' http://localhost/invoices/cron/recur/${cfg.cron.key}";
};
})
))
eachSite;
}
(mkIf (cfg.webserver == "caddy") {
services.caddy = {
enable = true;
virtualHosts =
mapAttrs' (hostName: cfg: (
nameValuePair "http://${hostName}" {
extraConfig = ''
root * ${pkg hostName cfg}
file_server
php_fastcgi unix/${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}
'';
}
))
eachSite;
};
})
(mkIf (cfg.webserver == "nginx") {
services.nginx = {
enable = true;
virtualHosts =
mapAttrs' (hostName: cfg: (
nameValuePair "${hostName}" {
root = "${pkg hostName cfg}";
extraConfig = ''
index index.php index.html index.htm;
if (!-e $request_filename){
rewrite ^(.*)$ /index.php break;
}
'';
locations = {
"/setup".extraConfig = ''
rewrite ^(.*)$ http://${hostName}/ redirect;
'';
"~ .php$" = {
extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:${config.services.phpfpm.pools."invoiceplane-${hostName}".socket};
include ${pkgs.nginx}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf;
'';
};
};
}
))
eachSite;
};
})
]);
}

View file

@ -5,16 +5,17 @@
flake,
...
}: {
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"steam"
"steam-original"
"steam-run"
"hplip"
"cups-brother-hl3140cw"
"uhk-agent"
"uhk-udev-rules"
"zoom"
];
nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [
"steam"
"steam-original"
"steam-run"
"hplip"
"cups-brother-hl3140cw"
"cloudflare-warp"
"uhk-agent"
"uhk-udev-rules"
];
nix = {
# Use default version alias for nix package

View file

@ -1,5 +1,8 @@
{ lib, config, ... }:
{
lib,
config,
...
}: {
environment.persistence."/persist" = {
hideMounts = true;
directories = [
@ -17,7 +20,7 @@
fileSystems."/etc/nixos" = {
device = "/home/${config.pub-solar.user.name}/Workspace/os";
options = [ "bind" ];
options = ["bind"];
};
systemd.tmpfiles.rules = [

View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
services.cron = {
enable = true;
systemCronJobs = [

View file

@ -7,7 +7,7 @@
}: {
services.avahi.enable = true;
services.avahi.ipv6 = true;
services.avahi.nssmdns = true;
services.avahi.nssmdns4 = true;
services.avahi.publish.enable = true;
services.avahi.publish.userServices = true;
@ -16,9 +16,19 @@
services.printing.listenAddresses = ["localhost:631"];
services.printing.defaultShared = lib.mkDefault false;
services.printing.drivers = [
pkgs.gutenprint
] ++ (if (pkgs.system == "x86_64-linux")
then [ pkgs.cups-brother-hl3140cw ]
else []);
services.printing.drivers =
[
pkgs.gutenprint
]
++ (
if (pkgs.system == "x86_64-linux")
then [pkgs.cups-brother-hl3140cw]
else []
);
environment.persistence."/persist" = {
directories = [
"/etc/lib/cups"
];
};
}

View file

@ -5,7 +5,7 @@
lib,
...
}: {
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [80 443];
services.nginx = {
enable = true;

View file

@ -1,12 +1,7 @@
## Headers
proxy_set_header Host $host;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-URI $request_uri;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
## Basic Proxy Configuration
client_body_buffer_size 128k;
@ -21,7 +16,7 @@ proxy_buffers 64 256k;
## Please read the following documentation before configuring this:
## https://www.authelia.com/integration/proxies/nginx/#trusted-proxies
set_real_ip_from 10.13.12.0/24;
set_real_ip_from fc00::/7;
set_real_ip_from fd00:b12f:acab:1312:acab::/80;
real_ip_header X-Forwarded-For;
real_ip_recursive on;

View file

@ -12,8 +12,8 @@ in '' [user]
else ""
}
${
if user.fullName != null
then "name = ${user.fullName}"
if user.name != null
then "name = ${user.name}"
else ""
}
${
@ -27,7 +27,19 @@ in '' [user]
[alias]
pol = pull
ack = -c color.grep.linenumber=\"bold yellow\"\n -c color.grep.filename=\"bold green\"\n -c color.grep.match=\"reverse yellow\"\n grep --break --heading --line-number
# define command which will be used when "nvim"is set as a merge tool
lg = "!f() { \
git log --all --color --graph --pretty=format:'%C(bold yellow)<sig>%G?</sig>%C(reset) %C(red)%h%C(reset) -%C(yellow)%d%C(reset) %s %C(green)(%cr) %C(blue)<%an>%C(reset)' | \
sed \
-e 's#<sig>G</sig>#Good#' \
-e 's#<sig>B</sig>#\\nBAD \\nBAD \\nBAD \\nBAD \\nBAD#' \
-e 's#<sig>U</sig>#Unknown#' \
-e 's#<sig>X</sig>#Expired#' \
-e 's#<sig>Y</sig>#Expired Key#' \
-e 's#<sig>R</sig>#Revoked#' \
-e 's#<sig>E</sig>#Missing Key#' \
-e 's#<sig>N</sig>#None#' | \
less -r; \
}; f"
[mergetool]
prompt = false

View file

@ -6,27 +6,27 @@
user = config.pub-solar.user;
xdg = config.home-manager.users."${user.name}".xdg;
in ''
# What happened?
#
# fix feat build chore ci docs style refactor perf test
#
# type!(optional scope): <summary> --------------#
#
# What happened?
#
# fix feat build chore ci docs style refactor perf test
#
# type!(optional scope): <summary> --------------#
#
# ^\n
# What exactly was done and why? --------------------------------------#
#
# ^\n
# What exactly was done and why? --------------------------------------#
#
# ^\n
#
# Any issue numbers or links?
#
# Ref: #123
# ^\n
#
# Any issue numbers or links?
#
# Ref: #123
# ^\n
#
# Co-authored-by: Example Name <email@example.com>
# ^\n
#
# Co-authored-by: Example Name <email@example.com>
''

View file

@ -1,126 +0,0 @@
#!/bin/sh
# base16-shell (https://github.com/chriskempson/base16-shell)
# Base16 Shell template by Chris Kempson (http://chriskempson.com)
# Burn scheme by Benjamin Bädorf
color00="1a/18/1a" # Base 00 - Black
color01="f8/5e/84" # Base 08 - Red
color02="9e/cd/6f" # Base 0B - Green
color03="e5/c4/63" # Base 0A - Yellow
color04="7a/cc/d7" # Base 0D - Blue
color05="ab/9d/f2" # Base 0E - Magenta
color06="ef/90/62" # Base 0C - Cyan
color07="e3/e1/e4" # Base 05 - White
color08="94/94/94" # Base 03 - Bright Black
color09=$color01 # Base 08 - Bright Red
color10=$color02 # Base 0B - Bright Green
color11=$color03 # Base 0A - Bright Yellow
color12=$color04 # Base 0D - Bright Blue
color13=$color05 # Base 0E - Bright Magenta
color14=$color06 # Base 0C - Bright Cyan
color15="ff/5f/5f" # Base 07 - Bright White
color16="df/59/23" # Base 09
color17="d7/00/00" # Base 0F
color18="2d/2a/2e" # Base 01
color19="30/30/30" # Base 02
color20="d3/d1/d4" # Base 04
color21="30/30/30" # Base 06
color_foreground="e3/e1/e4" # Base 05
color_background="1a/18/1a" # Base 00
if [ -n "$TMUX" ]; then
# Tell tmux to pass the escape sequences through
# (Source: http://permalink.gmane.org/gmane.comp.terminal-emulators.tmux.user/1324)
put_template() { printf '\033Ptmux;\033\033]4;%d;rgb:%s\033\033\\\033\\' $@; }
put_template_var() { printf '\033Ptmux;\033\033]%d;rgb:%s\033\033\\\033\\' $@; }
put_template_custom() { printf '\033Ptmux;\033\033]%s%s\033\033\\\033\\' $@; }
elif [ "${TERM%%[-.]*}" = "screen" ]; then
# GNU screen (screen, screen-256color, screen-256color-bce)
put_template() { printf '\033P\033]4;%d;rgb:%s\007\033\\' $@; }
put_template_var() { printf '\033P\033]%d;rgb:%s\007\033\\' $@; }
put_template_custom() { printf '\033P\033]%s%s\007\033\\' $@; }
elif [ "${TERM%%-*}" = "linux" ]; then
put_template() { [ $1 -lt 16 ] && printf "\e]P%x%s" $1 $(echo $2 | sed 's/\///g'); }
put_template_var() { true; }
put_template_custom() { true; }
else
put_template() { printf '\033]4;%d;rgb:%s\033\\' $@; }
put_template_var() { printf '\033]%d;rgb:%s\033\\' $@; }
put_template_custom() { printf '\033]%s%s\033\\' $@; }
fi
# 16 color space
put_template 0 $color00
put_template 1 $color01
put_template 2 $color02
put_template 3 $color03
put_template 4 $color04
put_template 5 $color05
put_template 6 $color06
put_template 7 $color07
put_template 8 $color08
put_template 9 $color09
put_template 10 $color10
put_template 11 $color11
put_template 12 $color12
put_template 13 $color13
put_template 14 $color14
put_template 15 $color15
# 256 color space
put_template 16 $color16
put_template 17 $color17
put_template 18 $color18
put_template 19 $color19
put_template 20 $color20
put_template 21 $color21
# foreground / background / cursor color
if [ -n "$ITERM_SESSION_ID" ]; then
# iTerm2 proprietary escape codes
put_template_custom Pg e3e1e4 # foreground
put_template_custom Ph 1a181a # background
put_template_custom Pi e3e1e4 # bold color
put_template_custom Pj 303030 # selection color
put_template_custom Pk e3e1e4 # selected text color
put_template_custom Pl e3e1e4 # cursor
put_template_custom Pm 1a181a # cursor text
else
put_template_var 10 $color_foreground
if [ "$BASE16_SHELL_SET_BACKGROUND" != false ]; then
put_template_var 11 $color_background
if [ "${TERM%%-*}" = "rxvt" ]; then
put_template_var 708 $color_background # internal border (rxvt)
fi
fi
put_template_custom 12 ";7" # cursor (reverse video)
fi
# clean up
unset -f put_template
unset -f put_template_var
unset -f put_template_custom
unset color00
unset color01
unset color02
unset color03
unset color04
unset color05
unset color06
unset color07
unset color08
unset color09
unset color10
unset color11
unset color12
unset color13
unset color14
unset color15
unset color16
unset color17
unset color18
unset color19
unset color20
unset color21
unset color_foreground
unset color_background

View file

@ -99,13 +99,11 @@ in {
vi = "nvim";
vim = "nvim";
mutt = "neomutt";
cat = "bat";
ls = "eza";
la = "eza --group-directories-first -lag";
wget = "wget --hsts-file=$XDG_CACHE_HOME/wget-hsts";
irssi = "irssi --config=$XDG_CONFIG_HOME/irssi/config --home=$XDG_DATA_HOME/irssi";
drone = "DRONE_TOKEN=$(secret-tool lookup drone token) drone";
no = "manix \"\" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --preview=\"manix '{}'\" | xargs manix";
myip = "dig +short myip.opendns.com @208.67.222.222 2>&1";
nnn = "nnn -d -e -H -r";
};
}

View file

@ -1,7 +1,8 @@
{
args@{
lib,
config,
pkgs,
flake,
...
}:
with lib; let
@ -19,33 +20,45 @@ in {
};
config = {
programs.command-not-found.enable = false;
programs.command-not-found.enable = true;
users.users."${psCfg.user.name}".packages = with pkgs; [
ack
asciinema
bat
blesh
eza
fd
jump
(nnn.overrideAttrs (o: {
patches =
(o.patches or [])
++ [
./nnn/0001-feat-use-wasd-keybindings-for-jkli.patch
];
}))
p
powerline
screen
silver-searcher
watson
];
users.users."${psCfg.user.name}".packages = with pkgs;
[
tealdeer
asciinema
blesh
eza
fd
ripgrep
(nnn.overrideAttrs (o: {
patches =
(o.patches or [])
++ [
./nnn/0001-feat-use-wasd-keybindings-for-jkli.patch
];
}))
p
powerline
screen
watson
jump
bat
]
++ (
if cfg.full
then [
# Nix specific utilities
alejandra
manix
nix-index
nix-tree
nix-inspect
nvd
]
else []
);
home-manager.users."${psCfg.user.name}" = {
xdg.dataFile."scripts/base16.sh".source = .local/share/scripts/base16.sh;
programs.less = {
enable = true;
keys = ''
@ -60,49 +73,26 @@ in {
# starship.toml has sane defaults that can be changed there
programs.starship = {
enable = true;
settings = import ./starship.toml.nix;
settings = import ./starship.toml.nix flake.self.theme.withHashtag;
};
programs.bash = import ./bash {
inherit config;
inherit pkgs;
inherit lib;
};
programs.bash = import ./bash args;
programs.fzf = import ./fzf {
inherit config;
inherit pkgs;
};
programs.fzf = import ./fzf args;
programs.neovim = import ./nvim {
inherit config;
inherit pkgs;
inherit lib;
};
programs.neovim = import ./nvim args;
# Ensure nvim backup directory gets created
# Workaround for E510: Can't make backup file (add ! to override)
xdg.dataFile."nvim/backup/.keep".text = "";
xdg.dataFile."nvim/json-schemas/.keep".text = "";
# Generated with:
# docker run -it --name caddy-json-schema registry.greenbaum.cloud/gc/caddy-l4:2.5.2 caddy json-schema -output /srv/caddy_schema.json
xdg.dataFile."nvim/json-schemas/caddy_schema.json".source = .local/share/nvim/json-schemas/caddy_schema.json;
xdg.dataFile."nvim/templates/.keep".text = "";
programs.git = import ./git {};
xdg.configFile."git/config".text = import ./.config/git/config.nix {
inherit config;
inherit pkgs;
};
xdg.configFile."git/gitmessage".text = import ./.config/git/gitmessage.nix {
inherit config;
inherit pkgs;
};
xdg.configFile."git/global_gitignore".text = import ./.config/git/global_gitignore.nix {
inherit config;
inherit pkgs;
};
programs.git = import ./git args;
xdg.configFile."git/config".text = import ./.config/git/config.nix args;
xdg.configFile."git/gitmessage".text = import ./.config/git/gitmessage.nix args;
xdg.configFile."git/global_gitignore".text = import ./.config/git/global_gitignore.nix args;
programs.direnv = import ./direnv {};
programs.direnv = import ./direnv args;
};
};
}

View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
enable = true;
nix-direnv = {
enable = true;

View file

@ -1,15 +1,17 @@
{
config,
pkgs,
flake,
...
}: {
enable = true;
defaultCommand = "fd --hidden --type f --exclude .git";
defaultOptions = [
"--color=bg+:#2d2a2e,bg:#1a181a,spinner:#ef9062,hl:#7accd7"
"--color=fg:#d3d1d4,header:#7accd7,info:#e5c463,pointer:#ef9062"
"--color=marker:#ef9062,fg+:#303030,prompt:#e5c463,hl+:#7accd7"
defaultOptions = with flake.self.theme.withHashtag; [
"--color=bg+:${base01},bg:${base00},spinner:${base0C},hl:${base0D}"
"--color=fg:${base04},header:${base0D},info:${base0A},pointer:${base0C}"
"--color=marker:${base0C},fg+:${base02},prompt:${base0A},hl+:${base0D}"
];
# Use ble.sh for completions, see
# modules/terminal-life/bash/default.nix -> bleopt complete_menu_style=desc
# and https://github.com/akinomyoga/ble.sh/wiki/Manual-%C2%A77-Completion

View file

@ -1,5 +1,4 @@
{ ... }:
{
{...}: {
enable = true;
extraConfig = {

View file

@ -0,0 +1,48 @@
lua <<EOF
local luasnip = require 'luasnip'
local cmp = require 'cmp'
cmp.setup {
snippet = {
expand = function(args)
require('luasnip').lsp_expand(args.body)
end,
},
mapping = {
['<C-p>'] = cmp.mapping.select_prev_item(),
['<C-n>'] = cmp.mapping.select_next_item(),
['<C-d>'] = cmp.mapping.scroll_docs(-4),
['<C-f>'] = cmp.mapping.scroll_docs(4),
['<C-Space>'] = cmp.mapping.complete(),
['<C-e>'] = cmp.mapping.close(),
['<CR>'] = cmp.mapping.confirm {
behavior = cmp.ConfirmBehavior.Replace,
select = true,
},
['<Tab>'] = function(fallback)
if cmp.visible() then
cmp.select_next_item()
elseif luasnip.expand_or_jumpable() then
luasnip.expand_or_jump()
else
fallback()
end
end,
['<S-Tab>'] = function(fallback)
if cmp.visible() then
cmp.select_prev_item()
elseif luasnip.jumpable(-1) then
luasnip.jump(-1)
else
fallback()
end
end,
},
sources = {
{ name = 'nvim_lsp' },
{ name = 'luasnip' },
},
}
EOF

View file

@ -7,8 +7,6 @@
psCfg = config.pub-solar;
cfg = config.pub-solar.terminal-life;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
preview-file = pkgs.writeShellScriptBin "preview-file" (import ./preview-file.nix pkgs);
in {
enable = true;
@ -20,176 +18,134 @@ in {
withRuby = true;
withPython3 = true;
extraPackages = with pkgs;
lib.mkIf (cfg.full) [
ansible-language-server
ccls
gopls
nixd
nodejs
nodePackages.bash-language-server
nodePackages.dockerfile-language-server-nodejs
nodePackages.svelte-language-server
nodePackages.typescript
nodePackages.typescript-language-server
nodePackages.vim-language-server
nodePackages.vue-language-server
nodePackages.vscode-langservers-extracted
nodePackages.yaml-language-server
python3Packages.python-lsp-server
python3Full
rust-analyzer
solargraph
terraform-ls
universal-ctags
];
plugins = with pkgs.vimPlugins; lib.mkIf cfg.full [
(pkgs.vimPlugins.nvim-treesitter.withPlugins (p: [
p.ini
p.json
p.json5
p.markdown
p.nix
p.toml
p.yaml
p.css
p.graphql
p.html
p.javascript
p.scss
p.tsx
p.typescript
p.vue
p.c
p.cpp
p.go
p.gomod
p.gosum
p.haskell
p.lua
p.php
p.python
p.ruby
p.rust
p.vim
p.vimdoc
p.passwd
p.sql
p.diff
p.gitcommit
p.gitignore
p.git_config
p.gitattributes
p.git_rebase
p.bash
p.dockerfile
p.make
p.ninja
p.terraform
]))
# Dependencies for nvim-lspconfig
nvim-cmp
cmp-nvim-lsp
cmp_luasnip
luasnip
# Quickstart configs for neovim LSP
lsp_extensions-nvim
nvim-lspconfig
# Collaborative editing in Neovim using built-in capabilities
instant-nvim-nvfetcher
# Search functionality behind :Ack
ack-vim
# The status bar in the bottom of the screen with the mode indication and file location
vim-airline
# Automatically load editorconfig files in repos to configure nvim settings
editorconfig-vim
# File browser. Use <leader>n to access
nnn-vim
# Highlight characters when using f, F, t, and T
quick-scope
# Get sudo in vim; :SudaWrite <optional filename>
suda-vim
# Undo history etc. per project
vim-workspace-nvfetcher
# JSON schemas
SchemaStore-nvim
# Work with tags files
vim-gutentags
# Neovim colorschemes / themes
sonokai
vim-hybrid-material
vim-airline-themes
vim-apprentice-nvfetcher
# Git integrations
# A Git wrapper so awesome, it should be illegal
fugitive
# Shows git diff markers in the sign column
vim-gitgutter
# GitHub extension for fugitive
vim-rhubarb
# Ease your git workflow within Vim
vimagit-nvfetcher
# FZF fuzzy finder
fzf-vim
fzfWrapper
# Make the yanked region apparent
vim-highlightedyank
# :Beautify Code beautifier
vim-beautify-nvfetcher
# Unload, delete or wipe a buffer without closing the window
vim-bufkill
# Defaults everyone can agree on
vim-sensible
# emmet for vim: http://emmet.io/
emmet-vim
# Caddyfile syntax support for Vim
vim-caddyfile-nvfetcher
extraPackages = with pkgs; [
ripgrep
nixd
universal-ctags
# ansible-language-server
# clang-tools
# gopls
# nodePackages.bash-language-server
# nodePackages.svelte-language-server
# nodePackages.typescript
# nodePackages.typescript-language-server
# nodePackages.vue-language-server
# nodePackages.vscode-langservers-extracted
# nginx-language-server
# lua-language-server
# cmake-language-server
# vim-language-server
# yaml-language-server
# python3Packages.python-lsp-server
# nodePackages.dockerfile-language-server-nodejs
# docker-compose-language-service
# rust-analyzer
# cargo
# solargraph
# terraform-ls
# python3Full
];
extraConfig = builtins.concatStringsSep "\n" [
''
" Persistent undo
set undofile
set undodir=${xdg.cacheHome}/nvim/undo
plugins = with pkgs.vimPlugins;
[
# The status bar in the bottom of the screen with the mode indication and file location
vim-airline
set backupdir=${xdg.dataHome}/nvim/backup
set directory=${xdg.dataHome}/nvim/swap/
''
(builtins.readFile ./init.vim)
(builtins.readFile ./plugins.vim)
(builtins.readFile ./clipboard.vim)
(builtins.readFile ./ui.vim)
(builtins.readFile ./quickfixopenall.vim)
(builtins.readFile ./lsp.vim)
''
" fzf with file preview
command! -bang -nargs=? -complete=dir Files
\ call fzf#vim#files(<q-args>, { 'options': ['--keep-right', '--cycle', '--layout', 'reverse', '--preview', '${preview-file}/bin/preview-file {}'] }, <bang>0)
''
];
# Automatically load editorconfig files in repos to configure nvim settings
editorconfig-vim
# File browser. Use <leader>n to access
nnn-vim
# Highlight characters when using f, F, t, and T
quick-scope
# Undo history etc. per project
vim-workspace-nvfetcher
# Neovim colorschemes / themes
sonokai
vim-hybrid-material
vim-airline-themes
vim-apprentice-nvfetcher
# Preview colors inline
nvim-colorizer-lua
# Git integrations
# A Git wrapper so awesome, it should be illegal
fugitive
# Shows git diff markers in the sign column
vim-gitgutter
# GitHub extension for fugitive
vim-rhubarb
# Ease your git workflow within Vim
vimagit-nvfetcher
# Telescope fuzzy finder
telescope-nvim
telescope-fzf-native-nvim
# Make the yanked region apparent
vim-highlightedyank
# :Beautify Code beautifier
vim-beautify-nvfetcher
# Unload, delete or wipe a buffer without closing the window
vim-bufkill
# Defaults everyone can agree on
vim-sensible
# Work with tags files
vim-gutentags
]
++ (
if cfg.full
then [
nvim-treesitter.withAllGrammars
# Dependencies for nvim-lspconfig
nvim-cmp
cmp-nvim-lsp
cmp_luasnip
luasnip
# Quickstart configs for neovim LSP
lsp_extensions-nvim
nvim-lspconfig
# Collaborative editing in Neovim using built-in capabilities
instant-nvim-nvfetcher
# JSON schemas
SchemaStore-nvim
]
else []
);
extraConfig = builtins.concatStringsSep "\n" ([
''
" Persistent undo
set undofile
set undodir=${xdg.cacheHome}/nvim/undo
set backupdir=${xdg.dataHome}/nvim/backup
set directory=${xdg.dataHome}/nvim/swap/
''
(builtins.readFile ./init.vim)
(builtins.readFile ./plugins.vim)
(builtins.readFile ./clipboard.vim)
(builtins.readFile ./ui.vim)
(builtins.readFile ./filetypes.vim)
]
++ (
if cfg.full
then [
(builtins.readFile ./lsp.vim)
(builtins.readFile ./cmp.vim)
]
else []
));
}

View file

@ -0,0 +1,10 @@
au BufRead,BufNewFile *.html.twig set filetype=html
au BufRead,BufNewFile *.vto set filetype=html
au BufRead,BufNewFile *.njk set filetype=html
au BufRead,BufNewFile *.age set filetype=age
autocmd FileType age setlocal noeol nofixeol
au! BufNewFile,BufReadPost *.{yaml,yml} set filetype=yaml
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab

View file

@ -9,11 +9,13 @@ set viminfo='100,<100,s20 " vim file history
set hidden
set expandtab
set shiftwidth=2
set tabstop=2
set number
set relativenumber
set mouse=
set listchars=tab:→\ ,nbsp:␣,trail:␣,extends:⟩,precedes:⟨
set list
set autoindent
set smartindent
@ -56,10 +58,6 @@ map <leader>wJ :wincmd H<CR>
map <leader>wK :wincmd J<CR>
map <leader>wL :wincmd L<CR>
map <leader>tj :tabprevious<CR>
map <leader>tl :tabnext<CR>
map <leader>tq :tabclose<CR>
" replay macro for each line of a visual selection
xnoremap @q :normal @q<CR>
xnoremap @@ :normal @@<CR>
@ -71,34 +69,13 @@ xnoremap p pgvy
inoremap jj <Esc>
" Open new buffer
nmap <leader>T :enew<cr>
" Move to the next buffer
nmap <leader>bn :enew<cr>
nmap <leader>l :bnext<CR>
" Move to the previous buffer
nmap <leader>bn :bnext<CR>
nmap <leader>j :bprevious<CR>
" Close the current buffer and move to the previous one
" This replicates the idea of closing a tab
nmap <leader>bp :bprevious<CR>
nmap <leader>q :bp <BAR> bd #<CR>
" Show all open buffers and their status
nmap <leader>bl :ls<CR>
" Mapping selecting mappings
nmap <leader><tab> <plug>(fzf-maps-n)
xmap <leader><tab> <plug>(fzf-maps-x)
omap <leader><tab> <plug>(fzf-maps-o)
nmap <c-p> :Files<CR>
imap <c-p> <ESC>:Files<CR>
" Insert mode completion
imap <c-x><c-k> <plug>(fzf-complete-word)
imap <c-x><c-f> <plug>(fzf-complete-path)
imap <c-x><c-j> <plug>(fzf-complete-file)
imap <c-x><c-l> <plug>(fzf-complete-line)
nmap <leader>bq :bp <BAR> bd #<CR>
" Clear quickfix shortcut
nmap <Leader>c :ccl<CR>
@ -108,7 +85,3 @@ nmap <Leader>c :ccl<CR>
if has("autocmd")
au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif
endif
nmap - :NnnPicker %<CR>
nmap <leader>n :NnnPicker %<CR>
nmap <leader>N :NnnPicker<CR>

View file

@ -1,258 +1,149 @@
" Set completeopt to have a better completion experience
" :help completeopt
" menuone: popup even when there's only one match
" noinsert: Do not insert text until a selection is made
" noselect: Do not select, force user to select one from the menu
set completeopt=menuone,noinsert,noselect
" Avoid showing extra messages when using completion
set shortmess+=c
function AddTemplate(tmpl_file)
exe "0read " . a:tmpl_file
set nomodified
6
endfunction
autocmd BufNewFile shell.nix call AddTemplate("$XDG_DATA_HOME/nvim/templates/shell.nix.tmpl")
" Configure neovim 0.6+ experimental LSPs
" https://github.com/neovim/nvim-lspconfig
" https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md
" https://github.com/neovim/nvim-lspconfig/wiki/UI-Customization
" https://gitlab.com/Iron_E/dotfiles/-/blob/master/.config/nvim/lua/_config/plugin/nvim_lsp.lua
lua <<EOF
local nvim_lsp = require('lspconfig')
-- Mappings (global)
-- See `:help vim.diagnostic.*` for documentation on any of the below functions
local opts = { noremap=true, silent=true }
vim.api.nvim_set_keymap('n', '<leader>e', '<cmd>lua vim.diagnostic.open_float()<CR>', opts)
vim.api.nvim_set_keymap('n', 'g[', '<cmd>lua vim.diagnostic.goto_prev()<CR>', opts)
vim.api.nvim_set_keymap('n', 'g]', '<cmd>lua vim.diagnostic.goto_next()<CR>', opts)
vim.api.nvim_set_keymap('n', '<leader>dq', '<cmd>lua vim.diagnostic.setloclist()<CR>', opts)
vim.api.nvim_set_keymap('n', '<leader>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
-- Set completeopt to have a better completion experience
vim.o.completeopt = 'menuone,noselect,noinsert'
vim.o.shortmess = vim.o.shortmess .. 'c'
vim.o.signcolumn = 'yes:2'
-- Use an on_attach function to only map the following keys
-- after the language server attaches to the current buffer
local on_attach = function(client, bufnr)
-- Enable completion triggered by <c-x><c-o>
vim.api.nvim_buf_set_option(bufnr, 'omnifunc', 'v:lua.vim.lsp.omnifunc')
local lspconfig = require('lspconfig')
-- Mappings (available if LSP is configured and attached to buffer)
-- See `:help vim.lsp.*` for documentation on any of the below functions
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gD', '<cmd>lua vim.lsp.buf.declaration()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gd', '<cmd>lua vim.lsp.buf.definition()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>D', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
-- Mappings (global)
-- See `:help vim.diagnostic.*` for documentation on any of the below functions
local opts = { noremap=true, silent=true }
vim.api.nvim_set_keymap('n', 'g[', '<cmd>lua vim.diagnostic.goto_prev()<CR>', opts)
vim.api.nvim_set_keymap('n', 'g]', '<cmd>lua vim.diagnostic.goto_next()<CR>', opts)
vim.api.nvim_set_keymap('n', '<leader>dq', '<cmd>lua vim.diagnostic.setloclist()<CR>', opts)
vim.api.nvim_set_keymap('n', '<leader>do', '<cmd>lua vim.diagnostic.open_float()<CR>', opts)
vim.api.nvim_set_keymap('n', '<leader>bf', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
-- Show diagnostic popup on cursor hold
vim.api.nvim_create_autocmd("CursorHold", {
buffer = bufnr,
callback = function()
local opts = {
focusable = false,
close_events = { "BufLeave", "CursorMoved", "InsertEnter", "FocusLost" },
border = 'rounded',
source = 'always',
prefix = ' ',
scope = 'cursor',
}
vim.diagnostic.open_float(nil, opts)
end
})
local on_attach = function(client, bufnr)
-- Enable completion triggered by <c-x><c-o>
vim.api.nvim_buf_set_option(bufnr, 'omnifunc', 'v:lua.vim.lsp.omnifunc')
end
-- Mappings (available if LSP is configured and attached to buffer)
-- See `:help vim.lsp.*` for documentation on any of the below functions
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gD', '<cmd>lua vim.lsp.buf.declaration()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gd', '<cmd>lua vim.lsp.buf.definition()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gT', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
-- Add additional capabilities supported by nvim-cmp
local capabilities = require('cmp_nvim_lsp').default_capabilities()
-- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
capabilities.textDocument.completion.completionItem.snippetSupport = true
-- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
capabilities.textDocument.completion.completionItem.snippetSupport = true
local use_denols_for_typescript = not(os.getenv('NVIM_USE_DENOLS') == nil)
for lsp_key, lsp_settings in pairs({
'ansiblels', ---------------------------- Ansible
'bashls', ------------------------------- Bash
'ccls', --------------------------------- C / C++ / Objective-C
'cssls', -------------------------------- CSS / SCSS / LESS
'dockerls', ----------------------------- Docker
['gopls'] = { --------------------------- Go
['settings'] = {
['gopls'] = {
['analyses'] = {
['unusedparams'] = true,
},
['staticcheck'] = true
},
},
},
'html', --------------------------------- HTML
['jdtls'] = { --------------------------- Java
['root_dir'] = nvim_lsp.util.root_pattern('.git', 'pom.xml', 'build.xml'),
['init_options'] = {
['jvm_args'] = {['java.format.settings.url'] = vim.fn.stdpath('config')..'/eclipse-formatter.xml'},
['workspace'] = vim.fn.stdpath('cache')..'/java-workspaces'
}
},
['jsonls'] = { -------------------------- JSON
['settings'] = {
['json'] = {
['schemas' ] = vim.list_extend(
{
{
['description'] = 'JSON schema for Caddy v2',
['fileMatch'] = { '*caddy*.json' },
['name'] = 'caddy_schema.json',
['url'] = vim.fn.stdpath('data')..'/json-schemas/caddy_schema.json',
},
},
require('schemastore').json.schemas()
),
['validate'] = { ['enable'] = true }
}
}
},
'nixd', --------------------------------- Nix
'phpactor', ----------------------------- PHP
'pylsp', -------------------------------- Python
'solargraph', --------------------------- Ruby
'rust_analyzer', ------------------------ Rust
['sqlls'] = {
['cmd'] = {vim.fn.stdpath('data')..'/nvm/versions/node/v12.19.0/bin/sql-language-server', 'up', '--method', 'stdio'}
},
['terraformls'] = { --------------------- Terraform
['filetypes'] = { 'terraform', 'hcl', 'tf' }
},
-- The TS/JS server is chosen depending on an environment variable,
-- since denols is nicer for Deno based projects
------------------------ Deno TS/JS
------------------------------------ Typescript / JavaScript
(use_denols_for_typescript and 'denols' or 'tsserver'),
'vuels', -------------------------------- Vue
'svelte', ------------------------------- Svelte
['yamlls'] = { -------------------------- YAML
['settings'] = {
['yaml'] = {
['schemas'] = {
['https://json.schemastore.org/github-workflow'] = '.github/workflows/*.{yml,yaml}',
['https://json.schemastore.org/github-action'] = '.github/action.{yml,yaml}',
['https://json.schemastore.org/drone'] = '*.drone.{yml,yaml}',
['https://json.schemastore.org/swagger-2.0'] = 'swagger.{yml,yaml}',
}
}
}
}
}) do -- Setup all of the language servers. †
if type(lsp_key) == 'number' then -- Enable the LSP with defaults.
-- The `lsp` is an index in this case.
nvim_lsp[lsp_settings].setup{
on_attach = on_attach,
flags = {
debounce_text_changes = 150,
},
capabilities = capabilities,
-- Show diagnostic popup on cursor hold
vim.api.nvim_create_autocmd("CursorHold", {
buffer = bufnr,
callback = function()
local opts = {
focusable = false,
close_events = { "BufLeave", "CursorMoved", "InsertEnter", "FocusLost" },
border = 'rounded',
source = 'always',
prefix = ' ',
scope = 'cursor',
}
else -- Use the LSP's configuration.
lsp_settings.on_attach = on_attach
lsp_settings.capabilities = capabilities
nvim_lsp[lsp_key].setup(lsp_settings)
vim.diagnostic.open_float(nil, opts)
end
end --
-- configure floating diagnostics appearance, symbols
local signs = { Error = " ", Warn = " ", Hint = " ", Info = " " }
for type, icon in pairs(signs) do
local hl = "DiagnosticSign" .. type
vim.fn.sign_define(hl, { text = icon, texthl = hl, numhl = hl })
end
-- Set completeopt to have a better completion experience
vim.o.completeopt = 'menuone,noselect'
-- luasnip setup
local luasnip = require 'luasnip'
-- nvim-cmp setup
local cmp = require 'cmp'
cmp.setup {
snippet = {
expand = function(args)
require('luasnip').lsp_expand(args.body)
end,
},
mapping = {
['<C-p>'] = cmp.mapping.select_prev_item(),
['<C-n>'] = cmp.mapping.select_next_item(),
['<C-d>'] = cmp.mapping.scroll_docs(-4),
['<C-f>'] = cmp.mapping.scroll_docs(4),
['<C-Space>'] = cmp.mapping.complete(),
['<C-e>'] = cmp.mapping.close(),
['<CR>'] = cmp.mapping.confirm {
behavior = cmp.ConfirmBehavior.Replace,
select = true,
},
['<Tab>'] = function(fallback)
if cmp.visible() then
cmp.select_next_item()
elseif luasnip.expand_or_jumpable() then
luasnip.expand_or_jump()
else
fallback()
end
end,
['<S-Tab>'] = function(fallback)
if cmp.visible() then
cmp.select_prev_item()
elseif luasnip.jumpable(-1) then
luasnip.jump(-1)
else
fallback()
end
end,
},
sources = {
{ name = 'nvim_lsp' },
{ name = 'luasnip' },
},
}
-- https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#denols
vim.g.markdown_fenced_languages = {
"ts=typescript"
}
-- Configure diagnostics
vim.diagnostic.config({
virtual_text = false,
signs = true,
underline = true,
update_in_insert = false,
severity_sort = false,
})
-- Change diagnostic symbols in the sign column (gutter)
local signs = { Error = " ", Warn = " ", Hint = " ", Info = " " }
for type, icon in pairs(signs) do
local hl = "DiagnosticSign" .. type
vim.fn.sign_define(hl, { text = icon, texthl = hl, numhl = hl })
end
EOF
end
" have a fixed column for the diagnostics to appear in
" this removes the jitter when warnings/errors flow in
set signcolumn=yes:2
local lspconfig = require 'lspconfig'
-- Add additional capabilities supported by nvim-cmp
local CAPABILITIES = require('cmp_nvim_lsp').default_capabilities()
--- Event handlers
local HANDLERS = {
-- TODO: replace with vim.lsp.protocol.Methods
["textDocument/hover"] = vim.lsp.with(vim.lsp.handlers.hover, FLOAT_CONFIG),
["textDocument/signatureHelp"] = vim.lsp.with(vim.lsp.handlers.signature_help, FLOAT_CONFIG),
}
-- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
CAPABILITIES.textDocument.completion.completionItem.snippetSupport = true
local function setup(lsp, config)
if config == nil then
config = {}
end
config.capabilities = CAPABILITIES
config.handlers = HANDLERS
config.on_attach = on_attach
lspconfig[lsp].setup(config)
end
setup('nixd')
setup('bashls')
setup('clangd')
setup('cssls')
setup('eslint')
setup('ts_ls')
setup('denols')
setup('vuels')
setup('svelte')
setup('html')
setup('yamlls')
setup('jsonls', {
json = {
schemas = require('schemastore').json.schemas(),
validate = {
enable = true
}
}
})
setup('gopls', {
settings = {
gopls = { semanticTokens = true }
}
})
setup('phpactor')
setup('pylsp')
setup('solargraph') -- ruby
setup('rust_analyzer', {
settings = {
['rust-analyzer'] = {
checkOnSave = { extraArgs = { "--target-dir", "/tmp/rust-analyzer-check" } },
diagnostics = { disabled = { 'inactive-code' } },
},
}
})
setup('sqlls')
setup('salt_ls')
setup('ansiblels')
setup('dockerls')
setup('docker_compose_language_service')
setup('terraformls')
-- https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#denols
vim.g.markdown_fenced_languages = {
"ts=typescript"
}
-- Configure diagnostics
vim.diagnostic.config({
virtual_text = false,
signs = true,
underline = true,
update_in_insert = false,
severity_sort = false,
})
-- Change diagnostic symbols in the sign column (gutter)
local signs = { Error = "x ", Warn = "! ", Hint = "? ", Info = "i " }
for type, icon in pairs(signs) do
local hl = "DiagnosticSign" .. type
vim.fn.sign_define(hl, { text = icon, texthl = hl, numhl = hl })
end
EOF

View file

@ -1,32 +1,8 @@
" Happy yaml configuration
au! BufNewFile,BufReadPost *.{yaml,yml} set filetype=yaml
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
let g:gutentags_file_list_command = 'git ls-files'
" quick-scope
" https://github.com/unblevable/quick-scope
let g:qs_highlight_on_keys = ['f', 'F', 't', 'T']
" Golang
" Go test, Def, Decls shortcut
nmap <Leader>got :GoTest<CR>:botright copen<CR>
autocmd FileType go nmap gd :GoDef<CR>
autocmd FileType go nmap gD :GoDecls<CR>
" Go formatting
autocmd FileType go setlocal noexpandtab shiftwidth=4 tabstop=4 softtabstop=4 nolist
" Caddyfile indentation
autocmd FileType caddyfile setlocal noexpandtab shiftwidth=8 tabstop=8 softtabstop=8 nolist
" vim-go disable text-objects
let g:go_textobj_enabled = 0
" disable vim-go :GoDef short cut (gd)
" this is handled by LanguageClient [LC]
let g:go_def_mapping_enabled = 0
" GitGutter and vim Magit
" inspired by: https://jakobgm.com/posts/vim/git-integration/
" Don't map gitgutter keys automatically, set them ourselves
@ -43,17 +19,11 @@ nmap <Leader>gu <Plug>(GitGutterUndoHunk) " git undo (chunk)
" Open vimagit pane
nnoremap <leader>gs :Magit<CR> " git status
" Push to remote
nnoremap <leader>gP :! git push<CR> " git Push
" Quick conflict resolution in git mergetool nvim
" http://vimcasts.org/episodes/fugitive-vim-resolving-merge-conflicts-with-vimdiff/
nmap <Leader>[ :diffget //2<CR>
nmap <Leader>] :diffget //3<CR>
" netrw
let g:netrw_fastbrowse=0
" Auto-FMT rust code on save
let g:rustfmt_autosave = 1
@ -66,22 +36,53 @@ let g:highlightedyank_highlight_duration = 200
" Markdown options
let g:vim_markdown_folding_disabled = 1
" Haskell options
let g:haskell_enable_quantification = 1 " to enable highlighting of `forall`
let g:haskell_enable_recursivedo = 1 " to enable highlighting of `mdo` and `rec`
let g:haskell_enable_arrowsyntax = 1 " to enable highlighting of `proc`
let g:haskell_enable_pattern_synonyms = 1 " to enable highlighting of `pattern`
let g:haskell_enable_typeroles = 1 " to enable highlighting of type roles
let g:haskell_enable_static_pointers = 1 " to enable highlighting of `static`
let g:haskell_backpack = 1 " to enable highlighting of backpack keywords
" Emmet
let g:user_emmet_leader_key='<c-n>'
" Ack
if executable('ag')
let g:ackprg = 'ag --hidden --vimgrep'
endif
" nnn
let g:nnn#command = 'nnn -d -e -H -r'
nmap - :NnnPicker %<CR>
nmap <leader>n :NnnPicker %<CR>
nmap <leader>N :NnnPicker<CR>
lua <<EOF
local actions = require("telescope.actions")
local telescope = require("telescope")
telescope.setup{
defaults = {
mappings = {
n = {
["k"] = actions.move_selection_next,
["i"] = actions.move_selection_previous,
["I"] = actions.move_to_top,
["K"] = actions.move_to_bottom,
["<C-c>"] = actions.close,
},
},
},
pickers = {
find_files = {
-- `hidden = true` will still show the inside of `.git/` as it's not `.gitignore`d.
find_command = { "rg", "--files", "--hidden", "--glob", "!**/.git/*" },
},
},
extensions = {
fzf = {
fuzzy = true, -- false will only do exact matching
override_generic_sorter = true, -- override the generic sorter
override_file_sorter = true, -- override the file sorter
case_mode = "smart_case", -- or "ignore_case" or "respect_case"
}
}
}
telescope.load_extension('fzf')
local builtin = require('telescope.builtin')
vim.keymap.set('n', '<leader>ff', builtin.find_files, {})
vim.keymap.set('n', '<leader>f/', builtin.live_grep, {})
vim.keymap.set('n', '<leader>f?', builtin.builtin, {})
vim.keymap.set('n', '<leader>fr', builtin.command_history, {})
vim.keymap.set('n', '<leader>fc', builtin.commands, {})
vim.keymap.set('n', '<leader>ft', builtin.treesitter, {})
require'colorizer'.setup()
EOF

View file

@ -1,36 +0,0 @@
self:
with self; ''
IFS=':' read -r -a INPUT <<< "$1"
FILE=''${INPUT[0]}
CENTER=''${INPUT[1]}
if [[ "$1" =~ ^[A-Za-z]:\\ ]]; then
FILE=$FILE:''${INPUT[1]}
CENTER=''${INPUT[2]}
fi
if [[ -n "$CENTER" && ! "$CENTER" =~ ^[0-9] ]]; then
exit 1
fi
CENTER=''${CENTER/[^0-9]*/}
FILE="''${FILE/#\~\//$HOME/}"
if [ ! -r "$FILE" ]; then
echo "File not found ''${FILE}"
exit 1
fi
if [ -z "$CENTER" ]; then
CENTER=0
fi
exec cat "$FILE" \
| sed -e '/[#|\/\/ ?]-- copyright/,/[#\/\/]++/c\\' \
| ${pkgs.coreutils}/bin/tr -s '\n' \
| ${pkgs.bat}/bin/bat \
--style="''${BAT_STYLE:-numbers}" \
--color=always \
--pager=never \
--file-name="''$FILE" \
--highlight-line=$CENTER
''

View file

@ -1,20 +0,0 @@
"Usage:
" 1. Perform a vimgrep search
" :vimgrep /def/ *.rb
" 2. Issue QuickFixOpenAll command
" :QuickFixOpenAll
function! QuickFixOpenAll()
if empty(getqflist())
return
endif
let s:prev_val = ""
for d in getqflist()
let s:curr_val = bufname(d.bufnr)
if (s:curr_val != s:prev_val)
exec "edit " . s:curr_val
endif
let s:prev_val = s:curr_val
endfor
endfunction
command! QuickFixOpenAll call QuickFixOpenAll()

Some files were not shown because too many files have changed in this diff Show more