Compare commits
107 commits
feat/authe
...
main
Author | SHA1 | Date | |
---|---|---|---|
b12f | 196744c4b4 | ||
b12f | 01712acef7 | ||
b12f | 9accabdc6a | ||
b12f | dcfc8728b3 | ||
b12f | 42ed7abf8a | ||
b12f | 2fb9d847af | ||
b12f | d139443c59 | ||
b12f | ecf15efb0e | ||
b12f | 757dceeec3 | ||
b12f | 7f55c13245 | ||
b12f | cde6cb09fd | ||
b12f | 06195facf3 | ||
b12f | d37db2b64f | ||
b12f | 9a7d14a95f | ||
b12f | 3b2c24ab1e | ||
b12f | 0b8e4e2fab | ||
b12f | f721a54007 | ||
b12f | 67e5c533d9 | ||
b12f | 32f46d4d7d | ||
b12f | edc1f68670 | ||
b12f | 3ed0b291f3 | ||
b12f | ba78e0baf3 | ||
b12f | 28933587b4 | ||
b12f | 197f343bd5 | ||
b12f | fc71a1c816 | ||
b12f | 01c0b30a98 | ||
b12f | 7eb2b80e22 | ||
b12f | f08bfc3145 | ||
b12f | ee324d57af | ||
b12f | f015e9c6fa | ||
b12f | 048e6a6bb4 | ||
b12f | 451ed9928f | ||
b12f | 3337c8665f | ||
b12f | aca454bcfb | ||
b12f | 1cb9bd0cd3 | ||
b12f | cf857156cf | ||
b12f | c62ed5a14b | ||
b12f | 165fa48bfa | ||
Benjamin Yule Bädorf | 4fb46398d3 | ||
b12f | 9fc9b6b5c8 | ||
b12f | 286a0b32d1 | ||
b12f | e3c1dca056 | ||
b12f | b0373ff19d | ||
b12f | 5d589621e8 | ||
b12f | b02770adea | ||
b12f | 483c486359 | ||
b12f | 091767fbae | ||
b12f | ddeed05da6 | ||
b12f | e630def7b6 | ||
b12f | 8b860a4878 | ||
b12f | 4ce7b4490c | ||
b12f | ff4af10e15 | ||
b12f | 50c182d827 | ||
b12f | a1670dcb3d | ||
b12f | d67d75eda3 | ||
b12f | 6f3fce1d9f | ||
b12f | 9439ed4c44 | ||
b12f | 34050a14cc | ||
Benjamin Yule Bädorf | 6bbc296337 | ||
Benjamin Yule Bädorf | 341491f7a7 | ||
b12f | b3800fb26f | ||
b12f | e712fd4515 | ||
b12f | b20b5d10b8 | ||
b12f | 51e1b81040 | ||
b12f | a3c77b42fb | ||
b12f | fc64336279 | ||
b12f | 1d1927d570 | ||
Benjamin Yule Bädorf | e64354a232 | ||
Benjamin Yule Bädorf | 27f3ca7c0c | ||
Benjamin Yule Bädorf | 26e81588d6 | ||
Benjamin Yule Bädorf | b5c30f5da7 | ||
Benjamin Yule Bädorf | 3d6c90a559 | ||
Benjamin Yule Bädorf | c75a05d46a | ||
Benjamin Yule Bädorf | eccda6cd08 | ||
Benjamin Yule Bädorf | 45d6f56d1d | ||
Benjamin Yule Bädorf | ee611894f8 | ||
Benjamin Yule Bädorf | 23af0457bb | ||
Benjamin Yule Bädorf | d016eee124 | ||
Benjamin Yule Bädorf | 9616093a21 | ||
Benjamin Yule Bädorf | b8a48cd704 | ||
Benjamin Yule Bädorf | 561361f771 | ||
Benjamin Yule Bädorf | 46853a5bd2 | ||
Benjamin Yule Bädorf | dd16d7ddb7 | ||
Benjamin Yule Bädorf | 6c4990d40f | ||
Benjamin Yule Bädorf | 3555a2a416 | ||
Benjamin Yule Bädorf | 6387f7a749 | ||
Benjamin Yule Bädorf | b9bc457494 | ||
Benjamin Yule Bädorf | 7e6dec32cc | ||
Benjamin Yule Bädorf | 948460ffc5 | ||
Benjamin Yule Bädorf | 6d62c706e9 | ||
Benjamin Yule Bädorf | 7ef1e0ec7b | ||
Benjamin Yule Bädorf | 7b4f1e0102 | ||
Benjamin Yule Bädorf | 70472a5c38 | ||
Benjamin Yule Bädorf | 8b08a3afce | ||
Benjamin Yule Bädorf | 1bdbc70e98 | ||
Benjamin Yule Bädorf | 1e40964857 | ||
Benjamin Yule Bädorf | ab956cf63a | ||
Benjamin Yule Bädorf | 8ac837f481 | ||
Benjamin Yule Bädorf | 08eb16fc93 | ||
Benjamin Yule Bädorf | 54fc54285f | ||
Benjamin Yule Bädorf | afa83a4e24 | ||
Benjamin Yule Bädorf | 17ee75088a | ||
Benjamin Yule Bädorf | 5891c59c4f | ||
Benjamin Yule Bädorf | cf485df2d2 | ||
Benjamin Yule Bädorf | e3fefc1cd1 | ||
Benjamin Yule Bädorf | e79b99e3ed | ||
Benjamin Yule Bädorf | 9578d0fa1a |
|
@ -20,8 +20,8 @@ indent_style = unset
|
|||
indent_size = unset
|
||||
|
||||
[{.*,secrets}/**]
|
||||
end_of_line = unset
|
||||
insert_final_newline = unset
|
||||
end_of_line = false
|
||||
insert_final_newline = false
|
||||
trim_trailing_whitespace = unset
|
||||
charset = unset
|
||||
indent_style = unset
|
||||
|
|
414
flake.lock
414
flake.lock
|
@ -3,17 +3,17 @@
|
|||
"adblock-unbound": {
|
||||
"inputs": {
|
||||
"adblockStevenBlack": "adblockStevenBlack",
|
||||
"flake-utils": "flake-utils",
|
||||
"lancache-domains": "lancache-domains",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1688055723,
|
||||
"narHash": "sha256-8WtkSAr4qYA3o6kiOCESK3rHJmIsa6TMBrT3/Cbfvro=",
|
||||
"lastModified": 1704832551,
|
||||
"narHash": "sha256-6xS/ANMIh3b4Ia3Ubl9rtb3LVw9QldihnP3IvuG9zwQ=",
|
||||
"owner": "MayNiklas",
|
||||
"repo": "nixos-adblock-unbound",
|
||||
"rev": "9356ccd526fdcf91bfee7f0ebebae831349d43cc",
|
||||
"rev": "a5d3731836b1c2ca65834e07be03c02daca5b434",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -41,16 +41,18 @@
|
|||
"agenix": {
|
||||
"inputs": {
|
||||
"darwin": "darwin",
|
||||
"home-manager": "home-manager",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
],
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1682101079,
|
||||
"narHash": "sha256-MdAhtjrLKnk2uiqun1FWABbKpLH090oeqCSiWemtuck=",
|
||||
"lastModified": 1716561646,
|
||||
"narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "2994d002dcff5353ca1ac48ec584c7f6589fe447",
|
||||
"rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -67,11 +69,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1696360011,
|
||||
"narHash": "sha256-HpPv27qMuPou4acXcZ8Klm7Zt0Elv9dgDvSJaomWb9Y=",
|
||||
"lastModified": 1700795494,
|
||||
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "8b6ea26d5d2e8359d06278364f41fbc4b903b28a",
|
||||
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -85,7 +87,7 @@
|
|||
"inputs": {
|
||||
"devshell": "devshell",
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-utils": "flake-utils_2",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs"
|
||||
},
|
||||
"locked": {
|
||||
|
@ -113,11 +115,11 @@
|
|||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1695052866,
|
||||
"narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
|
||||
"lastModified": 1715699772,
|
||||
"narHash": "sha256-sKhqIgucN5sI/7UQgBwsonzR4fONjfMr9OcHK/vPits=",
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
|
||||
"rev": "b3ea6f333f9057b77efd9091119ba67089399ced",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -151,6 +153,27 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"devshell_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"mezza-biz",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722113426,
|
||||
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
@ -170,11 +193,11 @@
|
|||
"flake-compat_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1673956053,
|
||||
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -188,11 +211,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1693611461,
|
||||
"narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=",
|
||||
"lastModified": 1717285511,
|
||||
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca",
|
||||
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -206,11 +229,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709336216,
|
||||
"narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=",
|
||||
"lastModified": 1717285511,
|
||||
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2",
|
||||
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -219,22 +242,58 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts_3": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": "nixpkgs-lib_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1722555600,
|
||||
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts_4": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": "nixpkgs-lib_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1714606777,
|
||||
"narHash": "sha256-bMkNmAXLj8iyTvxaaD/StcLSadbj1chPcJOjtuVnLmA=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "4d34ce6412bc450b1d4208c953dc97c7fc764f1a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-root": {
|
||||
"locked": {
|
||||
"lastModified": 1713493429,
|
||||
"narHash": "sha256-ztz8JQkI08tjKnsTpfLqzWoKFQF4JGu2LRz8bkdnYUk=",
|
||||
"owner": "srid",
|
||||
"repo": "flake-root",
|
||||
"rev": "bc748b93b86ee76e2032eecda33440ceb2532fcd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "srid",
|
||||
"repo": "flake-root",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1659877975,
|
||||
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"locked": {
|
||||
"lastModified": 1667395993,
|
||||
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
|
||||
|
@ -252,31 +311,52 @@
|
|||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"agenix",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710888565,
|
||||
"narHash": "sha256-s9Hi4RHhc6yut4EcYD50sZWRDKsugBJHSbON8KFwoTw=",
|
||||
"lastModified": 1703113217,
|
||||
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "f33900124c23c4eca5831b9b5eb32ea5894375ce",
|
||||
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-23.11",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1716736833,
|
||||
"narHash": "sha256-rNObca6dm7Qs524O4st8VJH6pZ/Xe1gxl+Rx6mcWYo0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "a631666f5ec18271e86a5cde998cba68c33d9ac6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-24.05",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"impermanence": {
|
||||
"locked": {
|
||||
"lastModified": 1706639736,
|
||||
"narHash": "sha256-CaG4j9+UwBDfinxxvJMo6yOonSmSo0ZgnbD7aj2Put0=",
|
||||
"lastModified": 1708968331,
|
||||
"narHash": "sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y=",
|
||||
"owner": "nix-community",
|
||||
"repo": "impermanence",
|
||||
"rev": "cd13c2917eaa68e4c49fea0ff9cada45440d7045",
|
||||
"rev": "a33ef102a02ce77d3e39c25197664b7a636f9c30",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -285,14 +365,73 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"invoiceplane-template": {
|
||||
"inputs": {
|
||||
"flake-parts": "flake-parts_2",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1712364633,
|
||||
"narHash": "sha256-BfdaBTDA07ijUrK47aa8AMDTBB3nWYm74CBAwd/mllg=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "8056309d6cf694647262a11415aceac68015cfd2",
|
||||
"revCount": 22,
|
||||
"type": "git",
|
||||
"url": "https://git.pub.solar/b12f/invoiceplane-templates.git"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.pub.solar/b12f/invoiceplane-templates.git"
|
||||
}
|
||||
},
|
||||
"lancache-domains": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1679999806,
|
||||
"narHash": "sha256-oDZ2pSf8IgofRS4HaRppGcd4kHQj48AC9dkS++avYy8=",
|
||||
"owner": "uklans",
|
||||
"repo": "cache-domains",
|
||||
"rev": "31b2ba1e0a7c419327cb97f589b508d78b9aecbf",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "uklans",
|
||||
"repo": "cache-domains",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"mezza-biz": {
|
||||
"inputs": {
|
||||
"devshell": "devshell_2",
|
||||
"flake-parts": "flake-parts_3",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1724541053,
|
||||
"narHash": "sha256-bQiwF08H8GEi7lxNiJKc4Gu42K7zYeDPPqRCNYVnp7U=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "0ee615488dec2685cee6ed558cbfcf9840e92b94",
|
||||
"revCount": 10,
|
||||
"type": "git",
|
||||
"url": "https://git.pub.solar/b12f/mezza.biz.git"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.pub.solar/b12f/mezza.biz.git"
|
||||
}
|
||||
},
|
||||
"mobile-nixos": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696124168,
|
||||
"narHash": "sha256-EzGHYAR7rozQQLZEHbKEcb5VpUFGoxwEsM0OWfW4wqU=",
|
||||
"lastModified": 1715627339,
|
||||
"narHash": "sha256-HJ6V7hc64iBqXlZ8kH4sXmUzPH+0Hn6wYURmZmL5LFk=",
|
||||
"owner": "nixos",
|
||||
"repo": "mobile-nixos",
|
||||
"rev": "7cee346c3f8e73b25b1cfbf7a086a7652c11e0f3",
|
||||
"rev": "655c8830d5fe2eae79c8fc0bab8033b34c8456eb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -306,11 +445,11 @@
|
|||
"nixpkgs": "nixpkgs_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1690426816,
|
||||
"narHash": "sha256-vvOrLE6LlBVYigA1gSrlkknFwfuq9qmLA4h6ubiJ22g=",
|
||||
"lastModified": 1716767591,
|
||||
"narHash": "sha256-e7mG0KhSnMkdgIGPKw6Bs2B6D44B/GB6Zo0NgxFxJTc=",
|
||||
"owner": "musnix",
|
||||
"repo": "musnix",
|
||||
"rev": "e651b06f8a3ac7d71486984100e8a79334da8329",
|
||||
"rev": "65f1b5863ff6157d4870ed177e8ccd82e21127ad",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -321,15 +460,16 @@
|
|||
},
|
||||
"nixd": {
|
||||
"inputs": {
|
||||
"flake-parts": "flake-parts_2",
|
||||
"flake-parts": "flake-parts_4",
|
||||
"flake-root": "flake-root",
|
||||
"nixpkgs": "nixpkgs_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710142672,
|
||||
"narHash": "sha256-MRClVDHMGXglXpSR+RflwnrY/ngePqrxOwiwoh5/BtU=",
|
||||
"lastModified": 1717293270,
|
||||
"narHash": "sha256-twDibXDWwmySk6C/hFUpeBewB5heSyCDDHWOAeRSp40=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixd",
|
||||
"rev": "eb40e5b315fafa1086f69be84918bbd9235e0a10",
|
||||
"rev": "be5ad5ec113595e2900e6391a08cf0e4784a9cfe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -341,11 +481,11 @@
|
|||
},
|
||||
"nixos-flake": {
|
||||
"locked": {
|
||||
"lastModified": 1692742948,
|
||||
"narHash": "sha256-19LQQFGshuQNrrXZYVt+mWY0O3NbhEXeMy3MZwzYZGo=",
|
||||
"lastModified": 1716406291,
|
||||
"narHash": "sha256-qHjJ6alc4o3p51hrPp3JGdC5Pbz5EjF+UZq1HbK8av0=",
|
||||
"owner": "srid",
|
||||
"repo": "nixos-flake",
|
||||
"rev": "2c25190ceacdaaae7e8afbecfa87096bb499a431",
|
||||
"rev": "aa9100167350cbdffaa272b0fd382d7c23606b86",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -356,11 +496,11 @@
|
|||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1686838567,
|
||||
"narHash": "sha256-aqKCUD126dRlVSKV6vWuDCitfjFrZlkwNuvj5LtjRRU=",
|
||||
"lastModified": 1717248095,
|
||||
"narHash": "sha256-e8X2eWjAHJQT82AAN+mCI0B68cIDBJpqJ156+VRrFO0=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "429f232fe1dc398c5afea19a51aad6931ee0fb89",
|
||||
"rev": "7b49d3967613d9aacac5b340ef158d493906ba79",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -387,30 +527,48 @@
|
|||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"dir": "lib",
|
||||
"lastModified": 1693471703,
|
||||
"narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85",
|
||||
"type": "github"
|
||||
"lastModified": 1717284937,
|
||||
"narHash": "sha256-lIbdfCsf8LMFloheeE6N31+BMIeixqyQWbSr2vk79EQ=",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"dir": "lib",
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib_2": {
|
||||
"locked": {
|
||||
"lastModified": 1717284937,
|
||||
"narHash": "sha256-lIbdfCsf8LMFloheeE6N31+BMIeixqyQWbSr2vk79EQ=",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib_3": {
|
||||
"locked": {
|
||||
"lastModified": 1722555339,
|
||||
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib_4": {
|
||||
"locked": {
|
||||
"dir": "lib",
|
||||
"lastModified": 1709237383,
|
||||
"narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
|
||||
"lastModified": 1714253743,
|
||||
"narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
|
||||
"rev": "58a1abdbae3217ca6b702f03d3b35125d88a2994",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -423,11 +581,11 @@
|
|||
},
|
||||
"nixpkgs-master": {
|
||||
"locked": {
|
||||
"lastModified": 1711717242,
|
||||
"narHash": "sha256-PW9J9sFw5DA4Fo3Cq4Soc+an6tjTS4VV2NxG6G0UMqw=",
|
||||
"lastModified": 1728551786,
|
||||
"narHash": "sha256-wO3aWtTYEdaDwUdbA2bj3PTBKu3idTolOOnrPnzRo8o=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "824952ff6b32b0019465b139b5c76d915ec074ea",
|
||||
"rev": "565db77725e0d5b0b448ecf4998239c3fddd374a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -439,11 +597,11 @@
|
|||
},
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1711523803,
|
||||
"narHash": "sha256-UKcYiHWHQynzj6CN/vTcix4yd1eCu1uFdsuarupdCQQ=",
|
||||
"lastModified": 1728492678,
|
||||
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "2726f127c15a4cc9810843b96cad73c7eb39e443",
|
||||
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -455,11 +613,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1690272529,
|
||||
"narHash": "sha256-MakzcKXEdv/I4qJUtq/k/eG+rVmyOZLnYNC2w1mB59Y=",
|
||||
"lastModified": 1716509168,
|
||||
"narHash": "sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ef99fa5c5ed624460217c31ac4271cfb5cb2502c",
|
||||
"rev": "bfb7a882678e518398ce9a31a881538679f6f092",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -471,11 +629,11 @@
|
|||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1710097495,
|
||||
"narHash": "sha256-B7Ea7q7hU7SE8wOPJ9oXEBjvB89yl2csaLjf5v/7jr8=",
|
||||
"lastModified": 1714562304,
|
||||
"narHash": "sha256-Mr3U37Rh6tH0FbaDFu0aZDwk9mPAe7ASaqDOGgLqqLU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "d40e866b1f98698d454dad8f592fe7616ff705a4",
|
||||
"rev": "bcd44e224fd68ce7d269b4f44d24c2220fd821e7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -487,16 +645,16 @@
|
|||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1711460390,
|
||||
"narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
|
||||
"lastModified": 1728500571,
|
||||
"narHash": "sha256-dOymOQ3AfNI4Z337yEwHGohrVQb4yPODCW9MDUyAc4w=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
|
||||
"rev": "d51c28603def282a24fa034bcb007e2bcb5b5dd0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-23.11",
|
||||
"ref": "nixos-24.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -508,16 +666,15 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708706677,
|
||||
"lastModified": 1708750443,
|
||||
"narHash": "sha256-fUIT9v5FGy9KbbPKBVcxw2rwxqLZUVElqTtZWM7FiNI=",
|
||||
"owner": "b12f",
|
||||
"owner": "tfc",
|
||||
"repo": "nixos-openstreetmap",
|
||||
"rev": "9057f546a5762a6b1645a8d4c22f818e29908144",
|
||||
"rev": "0fd30b016eb838395d85948b9ecf00ff59b4581d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "b12f",
|
||||
"ref": "flake-nixosmodule",
|
||||
"owner": "tfc",
|
||||
"repo": "nixos-openstreetmap",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -530,8 +687,10 @@
|
|||
"deploy-rs": "deploy-rs",
|
||||
"flake-compat": "flake-compat_2",
|
||||
"flake-parts": "flake-parts",
|
||||
"home-manager": "home-manager",
|
||||
"home-manager": "home-manager_2",
|
||||
"impermanence": "impermanence",
|
||||
"invoiceplane-template": "invoiceplane-template",
|
||||
"mezza-biz": "mezza-biz",
|
||||
"mobile-nixos": "mobile-nixos",
|
||||
"musnix": "musnix",
|
||||
"nixd": "nixd",
|
||||
|
@ -540,16 +699,65 @@
|
|||
"nixpkgs": "nixpkgs_4",
|
||||
"nixpkgs-master": "nixpkgs-master",
|
||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||
"openstreetmap": "openstreetmap"
|
||||
"openstreetmap": "openstreetmap",
|
||||
"themes": "themes"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_2": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"themes": {
|
||||
"locked": {
|
||||
"lastModified": 1715166503,
|
||||
"narHash": "sha256-eG3+PTzJntnMrO9J2fCtshU+XX18uI8iIjDKU9NkJXA=",
|
||||
"owner": "RGBCube",
|
||||
"repo": "ThemeNix",
|
||||
"rev": "c188d0d729841f71f576dfb544e70c0340bf52a8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "RGBCube",
|
||||
"repo": "ThemeNix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1667395993,
|
||||
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
|
||||
"lastModified": 1701680307,
|
||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
|
||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
39
flake.nix
39
flake.nix
|
@ -3,7 +3,7 @@
|
|||
|
||||
inputs = {
|
||||
# Track channels with commits tested and built by hydra
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
|
||||
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
nixpkgs-master.url = "github:nixos/nixpkgs/master";
|
||||
|
||||
|
@ -12,9 +12,11 @@
|
|||
flake-compat.url = "github:edolstra/flake-compat";
|
||||
flake-compat.flake = false;
|
||||
|
||||
home-manager.url = "github:nix-community/home-manager/release-23.11";
|
||||
home-manager.url = "github:nix-community/home-manager/release-24.05";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
themes.url = "github:RGBCube/ThemeNix";
|
||||
|
||||
flake-parts.url = "github:hercules-ci/flake-parts";
|
||||
nixos-flake.url = "github:srid/nixos-flake";
|
||||
|
||||
|
@ -37,14 +39,20 @@
|
|||
adblock-unbound.url = "github:MayNiklas/nixos-adblock-unbound";
|
||||
adblock-unbound.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
openstreetmap.url = "github:b12f/nixos-openstreetmap/flake-nixosmodule";
|
||||
openstreetmap.url = "github:tfc/nixos-openstreetmap";
|
||||
openstreetmap.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
deno2nix.url = "github:SnO2WMaN/deno2nix";
|
||||
|
||||
invoiceplane-template.url = "git+https://git.pub.solar/b12f/invoiceplane-templates.git";
|
||||
invoiceplane-template.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
mezza-biz.url = "git+https://git.pub.solar/b12f/mezza.biz.git";
|
||||
mezza-biz.inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
outputs = inputs@{ self, ... }:
|
||||
inputs.flake-parts.lib.mkFlake { inherit inputs; } {
|
||||
outputs = inputs @ {self, ...}:
|
||||
inputs.flake-parts.lib.mkFlake {inherit inputs;} {
|
||||
systems = [
|
||||
"x86_64-linux"
|
||||
"aarch64-linux"
|
||||
|
@ -52,7 +60,9 @@
|
|||
|
||||
imports = [
|
||||
inputs.nixos-flake.flakeModule
|
||||
inputs.flake-parts.flakeModules.easyOverlay
|
||||
./public-keys.nix
|
||||
./theme.nix
|
||||
./lib
|
||||
./modules
|
||||
./hosts
|
||||
|
@ -60,14 +70,23 @@
|
|||
./overlays
|
||||
];
|
||||
|
||||
perSystem = args@{ system, pkgs, lib, config, ... }: {
|
||||
perSystem = args @ {
|
||||
system,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
packages = import ./pkgs args;
|
||||
overlayAttrs = config.packages;
|
||||
|
||||
_module.args = {
|
||||
inherit inputs;
|
||||
pkgs = import inputs.nixpkgs {
|
||||
inherit system;
|
||||
overlays = with inputs; [
|
||||
agenix.overlays.default
|
||||
nixd.overlays.default
|
||||
overlays = [
|
||||
inputs.agenix.overlays.default
|
||||
inputs.nixd.overlays.default
|
||||
inputs.invoiceplane-template.overlays.default
|
||||
];
|
||||
};
|
||||
};
|
||||
|
@ -75,6 +94,7 @@
|
|||
devShells.default = pkgs.mkShell {
|
||||
packages = with pkgs; [
|
||||
nix
|
||||
nixd
|
||||
agenix
|
||||
age-plugin-yubikey
|
||||
cachix
|
||||
|
@ -91,6 +111,7 @@
|
|||
|
||||
deploy-rs
|
||||
|
||||
terraform-ls
|
||||
opentofu
|
||||
terraform-backend-git
|
||||
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
# Touchpad controls
|
||||
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
|
||||
|
||||
# Screen brightness controls
|
||||
bindsym XF86MonBrightnessUp exec "brightnessctl -d intel_backlight set +10%; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ {print $4}')"
|
||||
bindsym XF86MonBrightnessDown exec "brightnessctl -d intel_backlight set 10%-; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Keyboard backlight brightness controls
|
||||
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Pulse Audio controls
|
||||
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
|
||||
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
|
||||
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
|
||||
# Media player controls
|
||||
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
|
||||
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
|
||||
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"
|
|
@ -25,7 +25,6 @@ in {
|
|||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ ... }: {
|
||||
{...}: {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
# Touchpad controls
|
||||
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
|
||||
|
||||
# Screen brightness controls
|
||||
bindsym XF86MonBrightnessUp exec "brightnessctl -d intel_backlight set +10%; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ {print $4}')"
|
||||
bindsym XF86MonBrightnessDown exec "brightnessctl -d intel_backlight set 10%-; notify-send $(brightnessctl -d intel_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Keyboard backlight brightness controls
|
||||
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Pulse Audio controls
|
||||
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
|
||||
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
|
||||
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
|
||||
# Media player controls
|
||||
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
|
||||
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
|
||||
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"
|
|
@ -10,7 +10,7 @@ with lib; let
|
|||
in {
|
||||
musnix = {
|
||||
enable = true;
|
||||
kernel.realtime = true;
|
||||
kernel.realtime = false;
|
||||
soundcardPciId = "0d:00.4";
|
||||
};
|
||||
|
||||
|
@ -23,14 +23,12 @@ in {
|
|||
];
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
"pipewire/pipewire.conf.d/92-low-latency.conf".text = ''
|
||||
context.properties = {
|
||||
default.clock.rate = 48000
|
||||
default.clock.quantum = 32
|
||||
default.clock.min-quantum = 32
|
||||
default.clock.max-quantum = 32
|
||||
}
|
||||
'';
|
||||
services.pipewire.extraConfig.pipewire."92-low-latency" = {
|
||||
"context.properties" = {
|
||||
"default.clock.rate" = 48000;
|
||||
"default.clock.quantum" = 32;
|
||||
"default.clock.min-quantum" = 32;
|
||||
"default.clock.max-quantum" = 32;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -29,7 +29,6 @@ in {
|
|||
pub-solar.terminal-life.full = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
drone-docker-runner
|
||||
stdenv.cc.cc.lib
|
||||
hplip
|
||||
uhk-agent
|
||||
|
|
|
@ -39,6 +39,6 @@ in {
|
|||
];
|
||||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = [ 34197 ];
|
||||
networking.firewall.allowedTCPPorts = [ 34197 ];
|
||||
networking.firewall.allowedUDPPorts = [34197];
|
||||
networking.firewall.allowedTCPPorts = [34197];
|
||||
}
|
||||
|
|
|
@ -1,8 +1,12 @@
|
|||
{ withSystem, self, inputs, ...}:
|
||||
{
|
||||
self,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
flake = {
|
||||
nixosConfigurations = {
|
||||
stroopwafel = self.nixos-flake.lib.mkLinuxSystem {
|
||||
|
||||
nixpkgs.hostPlatform = "x86_64-linux";
|
||||
imports = [
|
||||
inputs.impermanence.nixosModules.impermanence
|
||||
|
@ -65,8 +69,6 @@
|
|||
self.nixosModules.base
|
||||
./droppie
|
||||
self.nixosModules.yule
|
||||
self.nixosModules.acme
|
||||
self.nixosModules.proxy
|
||||
self.nixosModules.persistence
|
||||
];
|
||||
};
|
||||
|
@ -137,7 +139,7 @@
|
|||
self.nixosModules.graphical
|
||||
self.nixosModules.audio
|
||||
self.nixosModules.bluetooth
|
||||
({ ... }: { pub-solar.graphical.wayland.software-renderer.enable = true; })
|
||||
({...}: {pub-solar.graphical.wayland.software-renderer.enable = true;})
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -24,7 +24,7 @@ in {
|
|||
};
|
||||
|
||||
systemd.timers."shutdown-after-backup" = {
|
||||
enable = true;
|
||||
enable = false;
|
||||
timerConfig = {
|
||||
OnCalendar = "*-*-* 02..11:05,15,25,35,45,55:00 Etc/UTC";
|
||||
};
|
||||
|
|
|
@ -20,10 +20,11 @@ in {
|
|||
|
||||
boot.kernelParams = [
|
||||
"boot.shell_on_fail=1"
|
||||
"nomodeset"
|
||||
# Hack so that network is considered up by boot.initrd.network and postCommands gets executed.
|
||||
"ip=127.0.0.1:::::lo:none"
|
||||
];
|
||||
boot.initrd.availableKernelModules = [ "tg3" ];
|
||||
boot.initrd.availableKernelModules = ["tg3"];
|
||||
boot.initrd.network = {
|
||||
enable = true;
|
||||
ssh = {
|
||||
|
|
|
@ -5,7 +5,5 @@
|
|||
|
||||
./networking.nix
|
||||
./backup-autostop.nix
|
||||
./nginx.nix
|
||||
./jellyfin.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,57 +1,67 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "uas" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" "amdgpu" ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "uas" "sd_mod"];
|
||||
boot.initrd.kernelModules = ["dm-snapshot"];
|
||||
boot.kernelModules = ["kvm-amd"];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
boot.initrd.luks.devices."cryptroot" = {
|
||||
device = "/dev/sdb2";
|
||||
allowDiscards = true;
|
||||
boot.initrd.luks.devices = {
|
||||
"cryptroot" = {
|
||||
device = "/dev/disk/by-uuid/08330ff9-581a-41e1-b8fa-757dc4c90b16";
|
||||
allowDiscards = true;
|
||||
};
|
||||
"cryptdata".device = "/dev/disk/by-uuid/bc9f00ea-027e-409b-87c9-ab5628683378";
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "none";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "none";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
|
||||
fileSystems."/media/internal" =
|
||||
{ device = "/dev/disk/by-uuid/5cf314a8-82f4-4037-a724-62d2ff226cff";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/nix" = {
|
||||
device = "/dev/disk/by-uuid/837cc93f-6d9a-4bfd-b089-29ac6d68127c";
|
||||
fsType = "ext4";
|
||||
neededForBoot = true;
|
||||
};
|
||||
|
||||
fileSystems."/nix" =
|
||||
{ device = "/dev/disk/by-uuid/837cc93f-6d9a-4bfd-b089-29ac6d68127c";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/persist" = {
|
||||
device = "/dev/disk/by-uuid/a7711118-51b0-4d84-8f18-ef2e06084e05";
|
||||
fsType = "ext4";
|
||||
neededForBoot = true;
|
||||
};
|
||||
|
||||
fileSystems."/persist" =
|
||||
{ device = "/dev/disk/by-uuid/a7711118-51b0-4d84-8f18-ef2e06084e05";
|
||||
fsType = "ext4";
|
||||
neededForBoot = true;
|
||||
};
|
||||
fileSystems."/home" = {
|
||||
device = "/dev/disk/by-uuid/0965d496-ffad-4a8d-9de7-28af903baf16";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "/dev/disk/by-uuid/0965d496-ffad-4a8d-9de7-28af903baf16";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/991E-79C1";
|
||||
fsType = "vfat";
|
||||
neededForBoot = true;
|
||||
options = [ "fmask=0022" "dmask=0022" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/991E-79C1";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/data" = {
|
||||
device = "/dev/disk/by-uuid/391db8c4-5654-4a5c-a5c8-e34811f54786";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/0ef8dbbd-2832-4fb2-8a52-86682822f769"; }
|
||||
];
|
||||
swapDevices = [
|
||||
{device = "/dev/disk/by-uuid/0ef8dbbd-2832-4fb2-8a52-86682822f769";}
|
||||
];
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
|
|
@ -1,44 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
environment.systemPackages = [
|
||||
pkgs.jellyfin
|
||||
pkgs.jellyfin-web
|
||||
pkgs.jellyfin-ffmpeg
|
||||
];
|
||||
|
||||
services.jellyfin = {
|
||||
enable = true;
|
||||
openFirewall = false;
|
||||
};
|
||||
|
||||
# from https://jellyfin.org/docs/general/networking/index.html
|
||||
networking.firewall.allowedUDPPorts = [ 1900 7359 ];
|
||||
|
||||
security.acme.certs = {
|
||||
"media.b12f.io" = {};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = {
|
||||
"media.b12f.io" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "media.b12f.io";
|
||||
locations."/".proxyPass = "http://127.0.0.1:8096";
|
||||
};
|
||||
};
|
||||
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
|
||||
extraPackages = with pkgs; [
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
];
|
||||
};
|
||||
}
|
|
@ -10,7 +10,12 @@
|
|||
networking.interfaces.enp2s0f1.useDHCP = true;
|
||||
|
||||
networking.interfaces.enp2s0f0 = {
|
||||
ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 64; } ];
|
||||
ipv6.addresses = [
|
||||
{
|
||||
address = "2a02:908:5b1:e3c0:3::";
|
||||
prefixLength = 64;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
# Allow pub.solar restic backups
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
services.nginx = {
|
||||
defaultListenAddresses = [
|
||||
"192.168.178.3"
|
||||
"10.13.12.3"
|
||||
"[fd00:b12f:acab:1312:acab:3::]"
|
||||
];
|
||||
};
|
||||
}
|
17
hosts/frikandel/authelia-forward.nix
Normal file
17
hosts/frikandel/authelia-forward.nix
Normal file
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
flake,
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
security.acme.certs = {
|
||||
"auth.b12f.io" = {};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."auth.b12f.io" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "auth.b12f.io";
|
||||
locations."/".proxyPass = "https://auth.b12f.io";
|
||||
};
|
||||
}
|
|
@ -9,7 +9,6 @@ with lib; let
|
|||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
@ -19,13 +18,14 @@ in {
|
|||
# Hack so that network is considered up by boot.initrd.network and postCommands gets executed.
|
||||
"ip=127.0.0.1:::::lo:none"
|
||||
];
|
||||
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_net" ];
|
||||
|
||||
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_net"];
|
||||
boot.initrd.network = {
|
||||
enable = true;
|
||||
ssh = {
|
||||
enable = true;
|
||||
port = 2222;
|
||||
hostKeys = [ /boot/initrd-ssh-key ];
|
||||
hostKeys = [/boot/initrd-ssh-key];
|
||||
authorizedKeys = flake.self.publicKeys;
|
||||
shell = "/bin/cryptsetup-askpass";
|
||||
};
|
||||
|
@ -43,7 +43,7 @@ in {
|
|||
'';
|
||||
};
|
||||
|
||||
boot.supportedFilesystems = [ "zfs" ];
|
||||
boot.supportedFilesystems = ["zfs"];
|
||||
|
||||
# Copy the NixOS configuration file and link it from the resulting system
|
||||
# (/run/current-system/configuration.nix). This is useful in case you
|
||||
|
|
|
@ -6,9 +6,10 @@
|
|||
./networking.nix
|
||||
./unbound.nix
|
||||
./nginx.nix
|
||||
./invoiceplane-proxy.nix
|
||||
./wireguard.nix
|
||||
./email.nix
|
||||
./website.nix
|
||||
# ./jellyfin-forward.nix
|
||||
# ./authelia-forward.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -5,9 +5,15 @@
|
|||
lib,
|
||||
...
|
||||
}: let
|
||||
# hzDomain = lib.concatStrings [ "hw" "dz" "z." "net" ];
|
||||
hzDomain = lib.concatStrings ["hw" "dz" "z." "net"];
|
||||
dkimDNSb12fio = ''
|
||||
default._domainkey IN TXT ( "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyla9hW3TvoXvZQxwzaJ4SZ9ict1HU3E6+FWlwNIgE6tIpTCyRJtiSIUDqB8TLTIBoxIs+QQBXZi+QUi3Agu6OSY2RiV0EwO8+oOOqOD9pERftc/aqe51cXuv4kPqwvpXEBwrXFWVM+VxivEubUJ7eKkFyXJpelv0LslXv/MmYbUyed6dF+reOGZCsvnbiRv74qdxbAL/25j62E8WrnxzJwhUtx/JhdBOjsHBvuw9hy6rZsVJL9eXayWyGRV6qmsLRzsRSBs+mDrgmKk4dugADd11+A03ics3i8hplRoWDkqnNKz1qy4f5TsV6v9283IANrAzRfHwX8EvNiFsBz+ZCQIDAQAB" ) ;
|
||||
default._domainkey IN TXT ( "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyla9hW3TvoXvZQxwzaJ4SZ9ict1HU3E6+FWlwNIgE6tIpTCyRJtiSIUDqB8TLTIBoxIs+QQBXZi+QUi3Agu6OSY2RiV0EwO8+oOOqOD9pERftc/aqe51cXuv4kPqwvpXEBwrXFWVM+VxivEubUJ7eKkFyXJpelv0LslXv/MmYbUyed6dF+reOGZCsvnbiRv74qdxbAL/25j62E8WrnxzJwhUtx/JhdBOjsHBvuw9hy6rZsVJL9eXayWyGRV6qmsLRzsRSBs+mDrgmKk4dugADd11+A03ics3i8hplRoWDkqnNKz1qy4f5TsV6v9283IANrAzRfHwX8EvNiFsBz+ZCQIDAQAB" ) ;
|
||||
'';
|
||||
dkimDNSmezzabiz = ''
|
||||
default._domainkey IN TXT ( "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG8iuDq0eon2k7QlBJWGxwDiEv53iJQu2uqxOjr7Ul/nfQjuR6kVKs6oOVopnyFTGRpffrpSHHW1YUN5nF76p0fJphk4l+QmJP36/xweajsNU27PAkb88xG6yRKl28MCfPdMR96+Jobpei8S0UhqcskYs1aZybm7ci9ZuAMidziwIDAQAB" ) ;
|
||||
'';
|
||||
dkimDNShzDomain = ''
|
||||
default._domainkey IN TXT ( "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvVA2XZno6g6qBdmxoLgX2Qmd883M6yV4YkE/VaNH6xcR0AcTo4hEYoAOPryfKn4FE/TYvyk/k2cyBKpMBn2qbVhwUavYQh/e9bweS2FKQvdzCUUoqXk04o2MqSXb2ZFwkUCtfrPcckBgpF754PDL4HMZGPnkMSdDX7bmYe37CWQIDAQAB") ;
|
||||
'';
|
||||
in {
|
||||
age.secrets."b12f.io-dkim-private-rsa" = {
|
||||
|
@ -23,19 +29,49 @@ in {
|
|||
owner = "maddy";
|
||||
};
|
||||
|
||||
users.users.maddy.extraGroups = [ "nginx" ];
|
||||
|
||||
security.acme.certs = {
|
||||
"mail.b12f.io" = {
|
||||
reloadServices = [ "maddy" ];
|
||||
};
|
||||
"b12f.io" = {
|
||||
reloadServices = [ "maddy" ];
|
||||
};
|
||||
"mta-sts.b12f.io" = {};
|
||||
age.secrets."mezza.biz-dkim-private-rsa" = {
|
||||
file = "${flake.self}/secrets/mezza.biz-dkim-private-rsa.age";
|
||||
path = "/var/lib/maddy/dkim_keys/mezza.biz_default.key";
|
||||
mode = "400";
|
||||
owner = "maddy";
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = builtins.foldl' (hosts: hostName: hosts // {
|
||||
age.secrets."mail@mezza.biz-password" = {
|
||||
file = "${flake.self}/secrets/mail@mezza.biz-password.age";
|
||||
mode = "400";
|
||||
owner = "maddy";
|
||||
};
|
||||
|
||||
age.secrets."hzdomain-dkim-private-rsa" = {
|
||||
file = "${flake.self}/secrets/hzdomain-dkim-private-rsa.age";
|
||||
path = "/var/lib/maddy/dkim_keys/hzdomain_default.key";
|
||||
mode = "400";
|
||||
owner = "maddy";
|
||||
};
|
||||
|
||||
age.secrets."mail@hzdomain-password" = {
|
||||
file = "${flake.self}/secrets/mail@hzdomain-password.age";
|
||||
mode = "400";
|
||||
owner = "maddy";
|
||||
};
|
||||
|
||||
users.users.maddy.extraGroups = ["nginx"];
|
||||
|
||||
security.acme.certs = {
|
||||
"mail.b12f.io".reloadServices = ["maddy"];
|
||||
"b12f.io".reloadServices = ["maddy"];
|
||||
"mta-sts.b12f.io" = {};
|
||||
"mail.mezza.biz".reloadServices = ["maddy"];
|
||||
"mezza.biz".reloadServices = ["maddy"];
|
||||
"mta-sts.mezza.biz" = {};
|
||||
"mail.${hzDomain}".reloadServices = ["maddy"];
|
||||
"${hzDomain}".reloadServices = ["maddy"];
|
||||
"mta-sts.${hzDomain}" = {};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = builtins.foldl' (hosts: hostName:
|
||||
hosts
|
||||
// {
|
||||
"mta-sts.${hostName}" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "mta-sts.${hostName}";
|
||||
|
@ -52,21 +88,23 @@ in {
|
|||
tryFiles = "$uri $uri/ =404";
|
||||
};
|
||||
};
|
||||
}) {} [ "b12f.io" ];
|
||||
}) {} ["b12f.io" "mezza.biz" hzDomain];
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '/run/maddy' 0750 maddy maddy - -"
|
||||
];
|
||||
|
||||
system.activationScripts.makeMaddyDKIMDNS = lib.stringAfter [ "var" ] ''
|
||||
system.activationScripts.makeMaddyDKIMDNS = lib.stringAfter ["var"] ''
|
||||
mkdir -p /var/lib/maddy/dkim_keys
|
||||
|
||||
echo '${dkimDNSb12fio}' >> /var/lib/maddy/dkim_keys/b12f.io_default.dns
|
||||
echo '${dkimDNSmezzabiz}' >> /var/lib/maddy/dkim_keys/mezza.biz_default.dns
|
||||
echo '${dkimDNShzDomain}' >> /var/lib/maddy/dkim_keys/${hzDomain}_default.dns
|
||||
chown -R maddy:maddy /var/lib/maddy
|
||||
'';
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 25 ];
|
||||
networking.firewall.interfaces.wg-private.allowedTCPPorts = [ 465 587 993 ];
|
||||
networking.firewall.allowedTCPPorts = [25];
|
||||
networking.firewall.interfaces.wg-private.allowedTCPPorts = [465 587 993];
|
||||
|
||||
services.maddy = {
|
||||
enable = true;
|
||||
|
@ -76,14 +114,22 @@ in {
|
|||
localDomains = [
|
||||
"b12f.io"
|
||||
"mail.b12f.io"
|
||||
"mezza.biz"
|
||||
"mail.mezza.biz"
|
||||
hzDomain
|
||||
"mail.${hzDomain}"
|
||||
];
|
||||
ensureAccounts = [
|
||||
"mail@b12f.io"
|
||||
"mail@mezza.biz"
|
||||
"mail@${hzDomain}"
|
||||
];
|
||||
ensureCredentials = {
|
||||
# Do not use this in production. This will make passwords world-readable
|
||||
# in the Nix store
|
||||
"mail@b12f.io".passwordFile = config.age.secrets."mail@b12f.io-password".path;
|
||||
"mail@mezza.biz".passwordFile = config.age.secrets."mail@mezza.biz-password".path;
|
||||
"mail@${hzDomain}".passwordFile = config.age.secrets."mail@hzdomain-password".path;
|
||||
};
|
||||
tls = {
|
||||
loader = "file";
|
||||
|
@ -96,6 +142,22 @@ in {
|
|||
keyPath = "${config.security.acme.certs."b12f.io".directory}/key.pem";
|
||||
certPath = "${config.security.acme.certs."b12f.io".directory}/cert.pem";
|
||||
}
|
||||
{
|
||||
keyPath = "${config.security.acme.certs."mail.mezza.biz".directory}/key.pem";
|
||||
certPath = "${config.security.acme.certs."mail.mezza.biz".directory}/cert.pem";
|
||||
}
|
||||
{
|
||||
keyPath = "${config.security.acme.certs."mezza.biz".directory}/key.pem";
|
||||
certPath = "${config.security.acme.certs."mezza.biz".directory}/cert.pem";
|
||||
}
|
||||
{
|
||||
keyPath = "${config.security.acme.certs."mail.${hzDomain}".directory}/key.pem";
|
||||
certPath = "${config.security.acme.certs."mail.${hzDomain}".directory}/cert.pem";
|
||||
}
|
||||
{
|
||||
keyPath = "${config.security.acme.certs."${hzDomain}".directory}/key.pem";
|
||||
certPath = "${config.security.acme.certs."${hzDomain}".directory}/cert.pem";
|
||||
}
|
||||
];
|
||||
};
|
||||
config = ''
|
||||
|
@ -145,7 +207,7 @@ in {
|
|||
# replace rcpt to catchall and deliver it there
|
||||
destination $(local_domains) {
|
||||
modify {
|
||||
replace_rcpt regexp ".*" "mail@$(primary_domain)"
|
||||
replace_rcpt regexp "(.+)@(.+)" "mail@$2"
|
||||
}
|
||||
deliver_to &local_mailboxes
|
||||
}
|
||||
|
@ -251,5 +313,26 @@ in {
|
|||
'';
|
||||
};
|
||||
|
||||
systemd.services.rspamd.serviceConfig.SupplementaryGroups = [ "maddy" ];
|
||||
systemd.services.rspamd.serviceConfig.SupplementaryGroups = ["maddy"];
|
||||
|
||||
age.secrets."rclone-pubsolar.conf" = {
|
||||
file = "${flake.self}/secrets/rclone-pubsolar.conf.age";
|
||||
mode = "400";
|
||||
};
|
||||
|
||||
age.secrets."restic-password" = {
|
||||
file = "${flake.self}/secrets/restic-password.age";
|
||||
mode = "400";
|
||||
};
|
||||
|
||||
services.restic.backups = {
|
||||
maddy = {
|
||||
paths = ["/var/lib/maddy"];
|
||||
initialize = true;
|
||||
passwordFile = config.age.secrets."restic-password".path;
|
||||
# See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
|
||||
repository = "rclone:cloud.pub.solar:/backups/Maddy";
|
||||
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,16 +1,21 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = [];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
cryptroot = {
|
||||
|
@ -19,19 +24,19 @@
|
|||
};
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "zroot/root";
|
||||
fsType = "zfs";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "zroot/root";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/684A-5884";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/684A-5884";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/a7d1cbb8-7c9e-4c3d-841a-add867f47389"; }
|
||||
];
|
||||
swapDevices = [
|
||||
{device = "/dev/disk/by-uuid/a7d1cbb8-7c9e-4c3d-841a-add867f47389";}
|
||||
];
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
}
|
||||
|
|
|
@ -1,20 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
security.acme.certs = {
|
||||
"invoicing.b12f.io" = {};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = {
|
||||
"invoicing.b12f.io" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "invoicing.b12f.io";
|
||||
# This redirects to invoiceplane on pie
|
||||
locations."/".proxyPass = "https://invoicing.b12f.io";
|
||||
};
|
||||
};
|
||||
}
|
17
hosts/frikandel/jellyfin-forward.nix
Normal file
17
hosts/frikandel/jellyfin-forward.nix
Normal file
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
flake,
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
security.acme.certs = {
|
||||
"media.b12f.io" = {};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."media.b12f.io" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "media.b12f.io";
|
||||
locations."/".proxyPass = "https://media.b12f.io";
|
||||
};
|
||||
}
|
|
@ -8,6 +8,8 @@
|
|||
networking.hostName = "frikandel";
|
||||
networking.hostId = "44234773";
|
||||
networking.nameservers = [
|
||||
"10.13.12.7"
|
||||
"fd00:b12f:acab:1312:acab:7::"
|
||||
"193.110.81.0" #dns0.eu
|
||||
"2a0f:fc80::" #dns0.eu
|
||||
"185.253.5.0" #dns0.eu
|
||||
|
@ -17,8 +19,18 @@
|
|||
# Network configuration (Hetzner uses static IP assignments, and we don't use DHCP here)
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.enp1s0 = {
|
||||
ipv4.addresses = [{ address = "128.140.109.213"; prefixLength = 32; }];
|
||||
ipv6.addresses = [{ address = "2a01:4f8:c2c:b60::"; prefixLength = 64; }];
|
||||
ipv4.addresses = [
|
||||
{
|
||||
address = "128.140.109.213";
|
||||
prefixLength = 32;
|
||||
}
|
||||
];
|
||||
ipv6.addresses = [
|
||||
{
|
||||
address = "2a01:4f8:c2c:b60::";
|
||||
prefixLength = 64;
|
||||
}
|
||||
];
|
||||
};
|
||||
networking.defaultGateway = {
|
||||
address = "172.31.1.1";
|
||||
|
@ -29,5 +41,5 @@
|
|||
interface = "enp1s0";
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
networking.firewall.allowedTCPPorts = [80 443];
|
||||
}
|
||||
|
|
|
@ -29,8 +29,8 @@
|
|||
owner = "unbound";
|
||||
};
|
||||
|
||||
networking.firewall.interfaces.wg-private.allowedUDPPorts = [ 53 ];
|
||||
networking.firewall.interfaces.wg-private.allowedTCPPorts = [ 53 ];
|
||||
networking.firewall.interfaces.wg-private.allowedUDPPorts = [53];
|
||||
networking.firewall.interfaces.wg-private.allowedTCPPorts = [53];
|
||||
services.resolved.enable = false;
|
||||
|
||||
services.unbound = {
|
||||
|
@ -56,8 +56,15 @@
|
|||
];
|
||||
local-zone = [
|
||||
"\"b12f.io\" transparent"
|
||||
"\"pub.solar\" transparent"
|
||||
];
|
||||
local-data = [
|
||||
"\"stroopwafel.b12f.io. 10800 IN A 10.13.12.5\""
|
||||
"\"stroopwafel.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:5::\""
|
||||
|
||||
"\"chocolatebar.b12f.io. 10800 IN A 10.13.12.8\""
|
||||
"\"chocolatebar.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:8::\""
|
||||
|
||||
"\"droppie.b12f.io. 10800 IN A 10.13.12.3\""
|
||||
"\"droppie.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:3::\""
|
||||
|
||||
|
@ -90,6 +97,18 @@
|
|||
"\"b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
|
||||
"\"mail.b12f.io. 10800 IN A 10.13.12.7\""
|
||||
"\"mail.b12f.io. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
|
||||
|
||||
"\"mezza.biz. 10800 IN A 10.13.12.7\""
|
||||
"\"mezza.biz. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
|
||||
"\"mail.mezza.biz. 10800 IN A 10.13.12.7\""
|
||||
"\"mail.mezza.biz. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
|
||||
|
||||
"\"h${"w" + "dz" + "z.n"}et. 10800 IN A 10.13.12.7\""
|
||||
"\"h${"w" + "dz" + "z.n"}et. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
|
||||
"\"mail.h${"w" + "dz" + "z.n"}et. 10800 IN A 10.13.12.7\""
|
||||
"\"mail.h${"w" + "dz" + "z.n"}et. 10800 IN AAAA fd00:b12f:acab:1312:acab:7::\""
|
||||
|
||||
"\"mezza.git.pub.solar. 10800 IN CNAME git.pub.solar\""
|
||||
];
|
||||
|
||||
tls-cert-bundle = "/etc/ssl/certs/ca-certificates.crt";
|
||||
|
@ -117,5 +136,4 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
security.acme.certs = {
|
||||
"benjaminbaedorf.eu" = {};
|
||||
"b12f.io" = {};
|
||||
"mezza.biz" = {};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = {
|
||||
|
@ -25,5 +26,16 @@
|
|||
tryFiles = "$uri $uri/ =404";
|
||||
};
|
||||
};
|
||||
|
||||
"mezza.biz" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "mezza.biz";
|
||||
|
||||
locations."/" = {
|
||||
root = pkgs.mezza-biz;
|
||||
index = "index.html";
|
||||
tryFiles = "$uri $uri/ =404";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -4,7 +4,8 @@
|
|||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: with lib; {
|
||||
}:
|
||||
with lib; {
|
||||
boot.kernel.sysctl = {
|
||||
"net.ipv4.ip_forward" = 1;
|
||||
"net.ipv6.conf.wg-private.forwarding" = 1;
|
||||
|
@ -16,10 +17,10 @@
|
|||
enable = true;
|
||||
enableIPv6 = true;
|
||||
externalInterface = "enp1s0";
|
||||
internalInterfaces = [ "wg-private" ];
|
||||
internalInterfaces = ["wg-private"];
|
||||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = [ 51899 ];
|
||||
networking.firewall.allowedUDPPorts = [51899];
|
||||
|
||||
networking.firewall.extraForwardRules = [
|
||||
"iifname { != wg-private } reject"
|
||||
|
@ -27,7 +28,7 @@
|
|||
];
|
||||
|
||||
systemd.services.wireguard-wg-private = {
|
||||
after = [
|
||||
wantedBy = [
|
||||
"network.target"
|
||||
"network-online.target"
|
||||
"nss-lookup.target"
|
||||
|
@ -44,7 +45,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-frikandel-server.age";
|
||||
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-frikandel.age";
|
||||
|
||||
# Enable WireGuard
|
||||
networking.wireguard.interfaces = {
|
||||
|
@ -57,7 +58,8 @@
|
|||
];
|
||||
privateKeyFile = config.age.secrets.wg-private-key.path;
|
||||
peers = [
|
||||
{ # pie
|
||||
{
|
||||
# pie
|
||||
publicKey = "hPTXEqQ2GYEywdPNdZBacwB9KKcoFZ/heClxnqmizyw=";
|
||||
allowedIPs = [
|
||||
"10.13.12.2/32"
|
||||
|
@ -66,7 +68,8 @@
|
|||
persistentKeepalive = 30;
|
||||
dynamicEndpointRefreshSeconds = 30;
|
||||
}
|
||||
{ # droppie
|
||||
{
|
||||
# droppie
|
||||
publicKey = "qsnBMoj9Z16D8PJ5ummRtIfT5AiMpoF3SoOCo4sbyiw=";
|
||||
allowedIPs = [
|
||||
"10.13.12.3/32"
|
||||
|
@ -75,7 +78,8 @@
|
|||
persistentKeepalive = 30;
|
||||
dynamicEndpointRefreshSeconds = 30;
|
||||
}
|
||||
{ # chocolatebar
|
||||
{
|
||||
# chocolatebar
|
||||
publicKey = "nk8EtGE/QsnSEm1lhLS3/w83nOBD2OGYhODIf92G91A=";
|
||||
allowedIPs = [
|
||||
"10.13.12.5/32"
|
||||
|
@ -84,7 +88,8 @@
|
|||
persistentKeepalive = 30;
|
||||
dynamicEndpointRefreshSeconds = 30;
|
||||
}
|
||||
{ # biolimo
|
||||
{
|
||||
# biolimo
|
||||
publicKey = "4ymN7wwBuhF+h+5fFN0TqXmVyOe1AsWiTqRL0jJ3CDc=";
|
||||
allowedIPs = [
|
||||
"10.13.12.6/32"
|
||||
|
@ -93,7 +98,8 @@
|
|||
persistentKeepalive = 30;
|
||||
dynamicEndpointRefreshSeconds = 30;
|
||||
}
|
||||
{ # stroopwafel
|
||||
{
|
||||
# stroopwafel
|
||||
publicKey = "5iNRg13utOJ30pX2Z8SjwPNUFwfH2zonlbeYW2mKFkU=";
|
||||
allowedIPs = [
|
||||
"10.13.12.8/32"
|
||||
|
@ -102,7 +108,8 @@
|
|||
persistentKeepalive = 30;
|
||||
dynamicEndpointRefreshSeconds = 30;
|
||||
}
|
||||
{ # fp3
|
||||
{
|
||||
# fp3
|
||||
publicKey = "wQJXFibxhWkyUbRPrPt5y/YfDnH3gDQ5a/PWoyxDfDI=";
|
||||
allowedIPs = [
|
||||
"10.13.12.9/32"
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
...
|
||||
}: {
|
||||
isoImage.squashfsCompression = "gzip -Xcompression-level 1";
|
||||
systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
|
||||
systemd.services.sshd.wantedBy = lib.mkForce ["multi-user.target"];
|
||||
networking.networkmanager.enable = false;
|
||||
services.openssh.openFirewall = lib.mkForce true;
|
||||
}
|
||||
|
|
|
@ -1,8 +1,12 @@
|
|||
{ flake, pkgs, ... }: {
|
||||
{
|
||||
flake,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
((import "${flake.inputs.mobile-nixos}/lib/configuration.nix") { device = "pine64-pinephone"; })
|
||||
((import "${flake.inputs.mobile-nixos}/lib/configuration.nix") {device = "pine64-pinephone";})
|
||||
"${flake.inputs.mobile-nixos}/examples/phosh/phosh.nix"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,6 +1,10 @@
|
|||
# NOTE: this file was generated by the Mobile NixOS installer.
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-uuid/51a668b8-fa2e-4d3e-ac3f-73ca002d0004";
|
||||
|
|
|
@ -149,13 +149,12 @@ MAP_DEFAULT_ZOOM=6
|
|||
#
|
||||
# LDAP is no longer supported :(
|
||||
#
|
||||
AUTHENTICATION_GUARD=web
|
||||
AUTHENTICATION_GUARD=remote_user_guard
|
||||
|
||||
#
|
||||
# Remote user guard settings
|
||||
#
|
||||
AUTHENTICATION_GUARD_HEADER=REMOTE_USER
|
||||
AUTHENTICATION_GUARD_EMAIL=
|
||||
AUTHENTICATION_GUARD_HEADER=Remote-Email
|
||||
|
||||
#
|
||||
# Firefly III supports webhooks. These are security sensitive and must be enabled manually first.
|
||||
|
|
|
@ -1,14 +1,22 @@
|
|||
{
|
||||
flake,
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
flake,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
disabledModules = [
|
||||
"services/security/authelia.nix"
|
||||
];
|
||||
|
||||
imports = [
|
||||
"${flake.inputs.nixpkgs-master}/nixos/modules/services/security/authelia.nix"
|
||||
];
|
||||
|
||||
age.secrets."authelia-storage-encryption-key" = {
|
||||
file = "${flake.self}/secrets/authelia-storage-encryption-key.age";
|
||||
mode = "400";
|
||||
|
@ -27,6 +35,24 @@ in {
|
|||
owner = "authelia-b12f";
|
||||
};
|
||||
|
||||
age.secrets."authelia-oidc-issuer-private-key" = {
|
||||
file = "${flake.self}/secrets/authelia-oidc-issuer-private-key.age";
|
||||
mode = "400";
|
||||
owner = "authelia-b12f";
|
||||
};
|
||||
|
||||
age.secrets."authelia-oidc-hmac-secret" = {
|
||||
file = "${flake.self}/secrets/authelia-oidc-hmac-secret.age";
|
||||
mode = "400";
|
||||
owner = "authelia-b12f";
|
||||
};
|
||||
|
||||
age.secrets."authelia-jwks-private-key" = {
|
||||
file = "${flake.self}/secrets/authelia-jwks-private-key.age";
|
||||
mode = "400";
|
||||
owner = "authelia-b12f";
|
||||
};
|
||||
|
||||
age.secrets."authelia-users-file" = {
|
||||
file = "${flake.self}/secrets/authelia-users-file.age";
|
||||
mode = "400";
|
||||
|
@ -47,10 +73,10 @@ in {
|
|||
"auth.b12f.io" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "auth.b12f.io";
|
||||
locations."/".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}";
|
||||
locations."/".proxyPass = "http://${config.services.authelia.instances.b12f.settings.server.address}";
|
||||
locations."/".extraConfig = "include /etc/nginx/conf-available/proxy.conf;";
|
||||
locations."/api/verify".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}";
|
||||
locations."/api/authz".proxyPass = "http://127.0.0.1:${builtins.toString config.services.authelia.instances.b12f.settings.server.port}";
|
||||
locations."/api/verify".proxyPass = "http://${config.services.authelia.instances.b12f.settings.server.address}";
|
||||
locations."/api/authz".proxyPass = "http://${config.services.authelia.instances.b12f.settings.server.address}";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -61,6 +87,12 @@ in {
|
|||
storageEncryptionKeyFile = config.age.secrets."authelia-storage-encryption-key".path;
|
||||
sessionSecretFile = config.age.secrets."authelia-session-secret".path;
|
||||
jwtSecretFile = config.age.secrets."authelia-jwt-secret".path;
|
||||
oidcIssuerPrivateKeyFile = config.age.secrets."authelia-oidc-issuer-private-key".path;
|
||||
oidcHmacSecretFile = config.age.secrets."authelia-oidc-hmac-secret".path;
|
||||
};
|
||||
|
||||
environmentVariables = {
|
||||
AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE = config.age.secrets."mail@b12f.io-password".path;
|
||||
};
|
||||
|
||||
settings = {
|
||||
|
@ -68,12 +100,12 @@ in {
|
|||
default_2fa_method = "webauthn";
|
||||
log.level = "debug";
|
||||
server = {
|
||||
port = 9092;
|
||||
host = "127.0.0.1";
|
||||
address = "127.0.0.1:9092";
|
||||
endpoints.authz.auth-request.implementation = "AuthRequest";
|
||||
};
|
||||
authentication_backend = {
|
||||
refresh_interval = "disable";
|
||||
password_reset = { disable = true; };
|
||||
password_reset.disable = true;
|
||||
file = {
|
||||
path = config.age.secrets."authelia-users-file".path;
|
||||
watch = false;
|
||||
|
@ -84,32 +116,61 @@ in {
|
|||
totp.issuer = "auth.b12f.io";
|
||||
storage.local.path = "/var/lib/authelia-b12f/db.sqlite3";
|
||||
access_control.default_policy = "two_factor";
|
||||
session = {
|
||||
domain = "auth.b12f.io";
|
||||
# authelia_url = "https://auth.b12f.io";
|
||||
};
|
||||
notifier.disable_startup_check = true;
|
||||
session.cookies = [
|
||||
{
|
||||
domain = "b12f.io";
|
||||
authelia_url = "https://auth.b12f.io";
|
||||
}
|
||||
];
|
||||
notifier.smtp = {
|
||||
host = "mail.b12f.io";
|
||||
port = 587;
|
||||
address = "submission://mail.b12f.io:587";
|
||||
username = "mail@b12f.io";
|
||||
sender = "auth.b12f.io <mail@b12f.io>";
|
||||
identifier = "auth@b12f.io";
|
||||
subject = "[auth.b12f.io] {title}";
|
||||
};
|
||||
identity_providers.oidc = {
|
||||
authorization_policies = {
|
||||
admins = {
|
||||
default_policy = "deny";
|
||||
rules = [{
|
||||
policy = "two_factor";
|
||||
subject = "group:admins";
|
||||
}];
|
||||
};
|
||||
};
|
||||
clients = [
|
||||
{
|
||||
client_id = "jellyfin";
|
||||
client_secret = "$pbkdf2-sha512$310000$koY0g1AqL.fEeQUJcE48SA$b9G4p7qquc6M9rSTnR.Ac3Le9KS25zbTN0aNiXT4sxag7Kstu4Pt66/sVlAh3lIS4CGjLcPA2GvjhXnapC.ziQ";
|
||||
public = false;
|
||||
authorization_policy = "admins";
|
||||
require_pkce = true;
|
||||
pkce_challenge_method = "S256";
|
||||
redirect_uris = [ "https://media.b12f.io/sso/OID/redirect/authelia" ];
|
||||
scopes = [
|
||||
"openid"
|
||||
"profile"
|
||||
"groups"
|
||||
];
|
||||
userinfo_signed_response_alg = "none";
|
||||
token_endpoint_auth_method = "client_secret_post";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.authelia-b12f.environment.AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE = config.age.secrets."mail@b12f.io-password".path;
|
||||
systemd.services.authelia-b12f.preStart = "env";
|
||||
|
||||
services.restic.backups = {
|
||||
authelia = {
|
||||
paths = [ "/var/lib/authelia-b12f" ];
|
||||
paths = ["/var/lib/authelia-b12f"];
|
||||
initialize = true;
|
||||
passwordFile = config.age.secrets."restic-password".path;
|
||||
# See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
|
||||
repository = "rclone:cloud.pub.solar:/backups/Authelia";
|
||||
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
|
||||
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
age.secrets."rclone-pie.conf" = {
|
||||
file = "${flake.self}/secrets/rclone-pie.conf.age";
|
||||
age.secrets."rclone-pubsolar.conf" = {
|
||||
file = "${flake.self}/secrets/rclone-pubsolar.conf.age";
|
||||
path = "/root/.config/rclone/rclone.conf";
|
||||
mode = "400";
|
||||
};
|
||||
|
|
|
@ -20,8 +20,7 @@ in {
|
|||
boot.loader.systemd-boot.enable = false;
|
||||
boot.loader.generic-extlinux-compatible.enable = false;
|
||||
|
||||
boot.supportedFilesystems = [ "zfs" ];
|
||||
boot.kernelPackages = pkgs.linuxPackages_6_1_hardened;
|
||||
boot.supportedFilesystems = ["zfs"];
|
||||
|
||||
boot.kernelParams = [
|
||||
"boot.shell_on_fail=1"
|
||||
|
@ -29,7 +28,7 @@ in {
|
|||
"ip=127.0.0.1:::::lo:none"
|
||||
];
|
||||
# See https://discourse.nixos.org/t/ssh-and-network-in-initrd-on-raspberry-pi-4/6289/3
|
||||
boot.initrd.availableKernelModules = [ "genet" ];
|
||||
boot.initrd.availableKernelModules = ["genet"];
|
||||
boot.initrd.network = {
|
||||
enable = true;
|
||||
ssh = {
|
||||
|
@ -51,6 +50,10 @@ in {
|
|||
'';
|
||||
};
|
||||
|
||||
# Ran into this
|
||||
# https://discourse.nixos.org/t/logrotate-config-fails-due-to-missing-group-30000/28501
|
||||
services.logrotate.checkConfig = false;
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
{ pkgs, adblock-unbound, ... }:
|
||||
{
|
||||
networking.firewall.allowedUDPPorts = [ 67 547 ];
|
||||
pkgs,
|
||||
adblock-unbound,
|
||||
...
|
||||
}: {
|
||||
networking.firewall.allowedUDPPorts = [67 547];
|
||||
networking.firewall.extraInputRules = ''
|
||||
ip6 daddr ff02::1:2/128 udp dport 547 accept comment "DHCPv6 server"
|
||||
'';
|
||||
|
@ -30,7 +33,7 @@
|
|||
{
|
||||
subnet = "192.168.178.0/24";
|
||||
pools = [
|
||||
{ pool = "192.168.178.2 - 192.168.178.255"; }
|
||||
{pool = "192.168.178.2 - 192.168.178.255";}
|
||||
];
|
||||
|
||||
option-data = [
|
||||
|
@ -100,19 +103,19 @@
|
|||
subnet = "2a02:908:5b1:e3c0::/64";
|
||||
|
||||
pools = [
|
||||
{ pool = "2a02:908:5b1:e3c0::/72"; }
|
||||
{pool = "2a02:908:5b1:e3c0::/72";}
|
||||
];
|
||||
|
||||
ddns-qualifying-suffix = "local.";
|
||||
|
||||
option-data = [
|
||||
{
|
||||
name = "dns-servers";
|
||||
data = "2a02:908:5b1:e3c0:2::";
|
||||
name = "dns-servers";
|
||||
data = "2a02:908:5b1:e3c0:2::";
|
||||
}
|
||||
{
|
||||
name = "domain-search";
|
||||
data = "local";
|
||||
name = "domain-search";
|
||||
data = "local";
|
||||
}
|
||||
];
|
||||
|
||||
|
|
|
@ -39,6 +39,8 @@ in {
|
|||
forceSSL = true;
|
||||
useACMEHost = "firefly.b12f.io";
|
||||
extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;";
|
||||
# Make api calls skip the nginx proxy auth
|
||||
locations."/api/v1".proxyPass = "http://127.0.0.1:8080";
|
||||
locations."/".proxyPass = "http://127.0.0.1:8080";
|
||||
locations."/".extraConfig = ''
|
||||
include /etc/nginx/conf-available/proxy.conf;
|
||||
|
@ -78,14 +80,14 @@ in {
|
|||
volumes = [
|
||||
"/var/lib/firefly/upload:/var/www/html/storage/upload"
|
||||
];
|
||||
extraOptions = [ "--network=firefly" ];
|
||||
extraOptions = ["--network=firefly"];
|
||||
environmentFiles = [
|
||||
./.env.firefly
|
||||
config.age.secrets."firefly-secrets.env".path
|
||||
config.age.secrets."firefly-cron-secrets.env".path
|
||||
];
|
||||
ports = [ "127.0.0.1:8080:8080" ];
|
||||
dependsOn = [ "firefly-db" ];
|
||||
ports = ["127.0.0.1:8080:8080"];
|
||||
dependsOn = ["firefly-db"];
|
||||
};
|
||||
|
||||
containers."firefly-db" = {
|
||||
|
@ -94,7 +96,7 @@ in {
|
|||
volumes = [
|
||||
"/var/lib/firefly/db:/var/lib/postgresql/data"
|
||||
];
|
||||
extraOptions = [ "--network=firefly" ];
|
||||
extraOptions = ["--network=firefly"];
|
||||
environmentFiles = [
|
||||
config.age.secrets."firefly-db-secrets.env".path
|
||||
];
|
||||
|
@ -103,8 +105,8 @@ in {
|
|||
containers."firefly-importer" = {
|
||||
image = "fireflyiii/data-importer:latest";
|
||||
autoStart = true;
|
||||
extraOptions = [ "--network=firefly" ];
|
||||
ports = [ "127.0.0.1:8081:8080" ];
|
||||
extraOptions = ["--network=firefly"];
|
||||
ports = ["127.0.0.1:8081:8080"];
|
||||
environment = {
|
||||
FIREFLY_III_URL = "https://firefly.b12f.io";
|
||||
};
|
||||
|
@ -112,7 +114,7 @@ in {
|
|||
./.env.firefly-importer
|
||||
config.age.secrets."firefly-importer-secrets.env".path
|
||||
];
|
||||
dependsOn = [ "firefly" ];
|
||||
dependsOn = ["firefly"];
|
||||
};
|
||||
|
||||
containers."firefly-cron" = {
|
||||
|
@ -126,7 +128,7 @@ in {
|
|||
environmentFiles = [
|
||||
config.age.secrets."firefly-cron-secrets.env".path
|
||||
];
|
||||
extraOptions = [ "--network=firefly" ];
|
||||
extraOptions = ["--network=firefly"];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -148,7 +150,7 @@ in {
|
|||
backupPrepareCommand = ''
|
||||
${pkgs.docker-client}/bin/docker exec -t firefly-db pg_dumpall -c -U firefly > "${backupDir}/postgres.sql"
|
||||
'';
|
||||
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
|
||||
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,18 +1,22 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "uas" "usb_storage" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.supportedFilesystems = [ "zfs" ];
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "usbhid" "uas" "usb_storage"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = [];
|
||||
boot.extraModulePackages = [];
|
||||
boot.supportedFilesystems = ["zfs"];
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
cryptroot = {
|
||||
|
@ -21,20 +25,19 @@
|
|||
};
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "zroot/root";
|
||||
fsType = "zfs";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "zroot/root";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/0D5D-B809";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/af71e930-42ce-4174-a098-4ea5753b1ea9"; }
|
||||
];
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/0D5D-B809";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [
|
||||
{device = "/dev/disk/by-uuid/af71e930-42ce-4174-a098-4ea5753b1ea9";}
|
||||
];
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
|
|
|
@ -28,11 +28,6 @@ in {
|
|||
"invoicing.b12f.io" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = "invoicing.b12f.io";
|
||||
extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;";
|
||||
locations."/".extraConfig = ''
|
||||
include /etc/nginx/conf-available/proxy.conf;
|
||||
include /etc/nginx/conf-available/authelia-authrequest.conf;
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -49,6 +44,8 @@ in {
|
|||
createLocally = false;
|
||||
};
|
||||
|
||||
invoiceTemplates = [pkgs.invoiceplane-template];
|
||||
|
||||
extraConfig = ''
|
||||
SETUP_COMPLETED=true
|
||||
DISABLE_SETUP=true
|
||||
|
@ -75,7 +72,7 @@ in {
|
|||
containers."invoiceplane-db" = {
|
||||
image = "mariadb:11";
|
||||
autoStart = true;
|
||||
ports = [ "127.0.0.1:3306:3306" ];
|
||||
ports = ["127.0.0.1:3306:3306"];
|
||||
volumes = [
|
||||
"/var/lib/invoiceplane/db:/var/lib/mysql"
|
||||
];
|
||||
|
@ -104,7 +101,7 @@ in {
|
|||
PW=$(cat ${config.age.secrets."invoiceplane-db-password".path})
|
||||
${pkgs.docker-client}/bin/docker exec -t invoiceplane-db mariadb-dump --all-databases --password=$PW --user=invoiceplane > "${backupDir}/postgres.sql"
|
||||
'';
|
||||
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
|
||||
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -15,16 +15,25 @@
|
|||
|
||||
networking.interfaces.enabcm6e4ei0 = {
|
||||
ipv4.addresses = [
|
||||
{ address = "192.168.178.2"; prefixLength = 32; }
|
||||
{
|
||||
address = "192.168.178.2";
|
||||
prefixLength = 32;
|
||||
}
|
||||
];
|
||||
ipv6.addresses = [
|
||||
{ address = "2a02:908:5b1:e3c0:2::"; prefixLength = 128; }
|
||||
{ address = "fe80:b12f:acab:1312:acab:2::"; prefixLength = 128; }
|
||||
{
|
||||
address = "2a02:908:5b1:e3c0:2::";
|
||||
prefixLength = 128;
|
||||
}
|
||||
{
|
||||
address = "fe80:b12f:acab:1312:acab:2::";
|
||||
prefixLength = 128;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
networking.hosts = {
|
||||
"192.168.178.3" = [ "droppie-initrd.b12f.io" ];
|
||||
"192.168.178.3" = ["droppie-initrd.b12f.io"];
|
||||
};
|
||||
|
||||
services.openssh.allowSFTP = true;
|
||||
|
|
|
@ -13,34 +13,41 @@ with lib; let
|
|||
backupDir = "/var/lib/PaperlessBackup";
|
||||
consumptionDir = "/var/lib/scandir";
|
||||
|
||||
scan2paperless = with pkgs; writeShellScriptBin "scan2paperless" ''
|
||||
DEVICE=$1
|
||||
NUM_PAGES=$2
|
||||
NAME=$3
|
||||
scan2paperless = with pkgs;
|
||||
writeShellScriptBin "scan2paperless" ''
|
||||
DEVICE=$1
|
||||
NUM_PAGES=$2
|
||||
NAME=$3
|
||||
|
||||
if [ -z "''${DEVICE}" ] || [ -z "''${NUM_PAGES}" ] || [ -z "''${NAME}" ]; then
|
||||
echo "Usage: scan2paperless <device> <num_pages> <name>"
|
||||
exit 1
|
||||
fi
|
||||
if [ -z "''${DEVICE}" ] || [ -z "''${NUM_PAGES}" ] || [ -z "''${NAME}" ]; then
|
||||
echo "Usage: scan2paperless <device> <num_pages> <name>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
tmpDir=$(${coreutils}/bin/mktemp -d)
|
||||
files=()
|
||||
tmpDir=$(${coreutils}/bin/mktemp -d)
|
||||
files=()
|
||||
|
||||
for i in $(seq 1 $NUM_PAGES); do
|
||||
fileName=$(${openssl}/bin/openssl rand -hex 12)
|
||||
file="$tmpDir/$fileName.jpg"
|
||||
echo "Start scanning page $i/$NUM_PAGES";
|
||||
${sane-backends}/bin/scanimage -d $DEVICE --format=jpeg --resolution 300 --progress -o $file
|
||||
echo "Finished scanning page $i";
|
||||
files+=($file)
|
||||
done
|
||||
for i in $(seq 1 $NUM_PAGES); do
|
||||
fileName=$(${openssl}/bin/openssl rand -hex 12)
|
||||
file="$tmpDir/$fileName.jpg"
|
||||
echo "Start scanning page $i/$NUM_PAGES";
|
||||
${sane-backends}/bin/scanimage -d $DEVICE --format=jpeg --resolution 300 --progress -o $file
|
||||
echo "Finished scanning page $i";
|
||||
files+=($file)
|
||||
done
|
||||
|
||||
pdf="${consumptionDir}/$NAME.pdf"
|
||||
${python3Packages.img2pdf}/bin/img2pdf --output $pdf ''${files[@]}
|
||||
pdf="${consumptionDir}/$NAME.pdf"
|
||||
${python3Packages.img2pdf}/bin/img2pdf --output $pdf ''${files[@]}
|
||||
|
||||
echo "PDF written to $pdf"
|
||||
'';
|
||||
echo "PDF written to $pdf"
|
||||
'';
|
||||
in {
|
||||
age.secrets."paperless.env" = {
|
||||
file = "${flake.self}/secrets/paperless.env.age";
|
||||
mode = "400";
|
||||
owner = "paperless";
|
||||
};
|
||||
|
||||
#################################
|
||||
# Paperless service and proxy
|
||||
#################################
|
||||
|
@ -59,7 +66,7 @@ in {
|
|||
include /etc/nginx/conf-available/proxy.conf;
|
||||
include /etc/nginx/conf-available/authelia-authrequest.conf;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.paperless = {
|
||||
|
@ -67,14 +74,17 @@ in {
|
|||
consumptionDir = consumptionDir;
|
||||
dataDir = dataDir;
|
||||
address = "127.0.0.1";
|
||||
extraConfig = {
|
||||
settings = {
|
||||
PAPERLESS_OCR_LANGUAGE = "nld+deu";
|
||||
PAPERLESS_URL = "https://paperless.b12f.io";
|
||||
PAPERLESS_DISABLE_REGULAR_LOGIN = "True";
|
||||
PAPERLESS_ENABLE_HTTP_REMOTE_USER = "True";
|
||||
PAPERLESS_EMAIL_TASK_CRON = "*/2 * * * *";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.paperless-web.serviceConfig.EnvironmentFile = [config.age.secrets."paperless.env".path];
|
||||
|
||||
#################################
|
||||
# Scanning
|
||||
#################################
|
||||
|
@ -111,7 +121,7 @@ in {
|
|||
services.cron = {
|
||||
enable = true;
|
||||
systemCronJobs = [
|
||||
"30 1 * * * paperless ${pkgs.fetch-hostingde-invoices}/bin/fetch-hostingde-invoices '${config.age.secrets."hosting-de-invoice-sync-api-key".path}' '${consumptionDir}'"
|
||||
"30 1 * * * paperless ${pkgs.fetch-hostingde-invoices}/bin/fetch-hostingde-invoices '${config.age.secrets."hosting-de-invoice-sync-api-key".path}' '${consumptionDir}' /var/lib/fetch-hostingde-invoices/ids"
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -124,11 +134,11 @@ in {
|
|||
"d '${backupDir}' 0700 paperless users - -"
|
||||
"d '${consumptionDir}' 0700 paperless users - -"
|
||||
"d /tmp/paperless 0700 paperless users - -"
|
||||
"d /var/lib/fetch-hostingde-invoices 0700 paperless users - -"
|
||||
];
|
||||
|
||||
age.secrets."rclone-pie.conf" = {
|
||||
file = "${flake.self}/secrets/rclone-pie.conf.age";
|
||||
path = "/root/.config/rclone/rclone.conf";
|
||||
age.secrets."rclone-pubsolar.conf" = {
|
||||
file = "${flake.self}/secrets/rclone-pubsolar.conf.age";
|
||||
mode = "400";
|
||||
};
|
||||
|
||||
|
@ -139,13 +149,16 @@ in {
|
|||
|
||||
services.restic.backups = {
|
||||
paperless = {
|
||||
paths = [ backupDir ];
|
||||
paths = [
|
||||
backupDir
|
||||
"/var/lib/fetch-hostingde-invoices"
|
||||
];
|
||||
initialize = true;
|
||||
passwordFile = config.age.secrets."restic-password".path;
|
||||
# See https://www.hosting.de/blog/verschluesselte-backups-mit-rclone-und-restic-in-nextcloud/
|
||||
repository = "rclone:cloud.pub.solar:/backups/Paperless";
|
||||
backupPrepareCommand = "${dataDir}/paperless-manage document_exporter ${backupDir} -c -p";
|
||||
rcloneConfigFile = config.age.secrets."rclone-pie.conf".path;
|
||||
rcloneConfigFile = config.age.secrets."rclone-pubsolar.conf".path;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -29,8 +29,8 @@
|
|||
owner = "unbound";
|
||||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = [ 53 ];
|
||||
networking.firewall.allowedTCPPorts = [ 53 ];
|
||||
networking.firewall.allowedUDPPorts = [53];
|
||||
networking.firewall.allowedTCPPorts = [53];
|
||||
services.resolved.enable = false;
|
||||
|
||||
services.unbound = {
|
||||
|
@ -45,17 +45,17 @@
|
|||
"::1"
|
||||
|
||||
"192.168.178.2"
|
||||
"2a02:908:5b1:e3c0:2::"
|
||||
"fd00:b12f:acab:1312:acab:2::"
|
||||
];
|
||||
access-control = [
|
||||
"127.0.0.1/32 allow"
|
||||
|
||||
# Allow from local network
|
||||
"192.168.178.0/24 allow"
|
||||
"2a02:908:5b1:e3c0::/64 allow"
|
||||
"fd00:b12f:acab:1312:acab::/64 allow"
|
||||
|
||||
# Allow from wireguard
|
||||
"10.13.12.0/24 allow"
|
||||
"192.168.178.0/24 allow"
|
||||
"fd00:b12f:acab:1312::/64 allow"
|
||||
];
|
||||
local-zone = [
|
||||
|
@ -66,7 +66,16 @@
|
|||
"\"brwb8763f64a364.local. 10800 IN A 192.168.178.4\""
|
||||
|
||||
"\"pie.local. 10800 IN A 192.168.178.2\""
|
||||
"\"pie.local. 10800 IN AAAA 2a02:908:5b1:e3c0:2::\""
|
||||
"\"pie.local. 10800 IN AAAA fd00:b12f:acab:1312:acab:2::\""
|
||||
"\"pie.b12f.io. 10800 IN A 192.168.178.2\""
|
||||
"\"firefly.b12f.io. 10800 IN A 192.168.178.2\""
|
||||
"\"firefly-importer.b12f.io. 10800 IN A 192.168.178.2\""
|
||||
"\"paperless.b12f.io. 10800 IN A 192.168.178.2\""
|
||||
"\"invoicing.b12f.io. 10800 IN A 192.168.178.2\""
|
||||
"\"auth.b12f.io. 10800 IN A 192.168.178.2\""
|
||||
|
||||
"\"droppie.b12f.io. 10800 IN A 192.168.178.3\""
|
||||
"\"media.b12f.io. 10800 IN A 192.168.178.3\""
|
||||
|
||||
"\"fritz.box. 10800 IN A 192.168.178.1\""
|
||||
"\"fritz.box. 10800 IN AAAA fd00::3ea6:2fff:fe57:30b0\""
|
||||
|
@ -79,7 +88,7 @@
|
|||
{
|
||||
name = ".";
|
||||
forward-addr = [
|
||||
"10.13.12.7"
|
||||
"192.168.178.7"
|
||||
"fd00:b12f:acab:1312:acab:7::"
|
||||
];
|
||||
}
|
||||
|
@ -94,5 +103,4 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
{pkgs, ...}: {
|
||||
services.cron = {
|
||||
enable = true;
|
||||
systemCronJobs = [
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
# Touchpad controls
|
||||
#bindsym XF86TouchpadToggle exec $HOME/Workspace/ben/toggletouchpad.sh # toggle touchpad
|
||||
|
||||
# Screen brightness controls
|
||||
bindsym XF86MonBrightnessUp exec "brightnessctl -d amdgpu_bl0 set +10%; notify-send $(brightnessctl -d amdgpu_bl0 i | awk '/Current/ {print $4}')"
|
||||
bindsym XF86MonBrightnessDown exec "brightnessctl -d amdgpu_bl0 set 10%-; notify-send $(brightnessctl -d amdgpu_bl0 i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Keyboard backlight brightness controls
|
||||
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 10%-; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +10%; notify-send $(brightnessctl -d smc::kbd_backlight i | awk '/Current/ { print $4}')"
|
||||
|
||||
# Pulse Audio controls
|
||||
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. up' #increase sound volume
|
||||
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 && notify-send 'Vol. down' #decrease sound volume
|
||||
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle && notify-send 'Mute sound' # mute sound
|
||||
# Media player controls
|
||||
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
|
||||
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
|
||||
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"
|
|
@ -17,9 +17,9 @@ in {
|
|||
boot.initrd.preLVMCommands = "udevadm trigger --settle";
|
||||
boot.swraid.enable = true;
|
||||
boot.swraid.mdadmConf = ''
|
||||
DEVICE /dev/nvme0n1p2 /dev/nvme1n1p2
|
||||
ARRAY /dev/md/nixos:root metadata=1.2 name=nixos:root UUID=67d1aa81:1b348887:c17a75e8:f2edf2bd
|
||||
MAILADDR ${psCfg.user.email}
|
||||
DEVICE /dev/nvme0n1p2 /dev/nvme1n1p2
|
||||
ARRAY /dev/md/nixos:root metadata=1.2 name=nixos:root UUID=67d1aa81:1b348887:c17a75e8:f2edf2bd
|
||||
MAILADDR ${psCfg.user.email}
|
||||
'';
|
||||
|
||||
pub-solar.core.hibernation.enable = true;
|
||||
|
@ -32,7 +32,6 @@ MAILADDR ${psCfg.user.email}
|
|||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ ... }: {
|
||||
{...}: {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
|
|
|
@ -1,55 +1,59 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
|
||||
boot.initrd.kernelModules = ["dm-snapshot"];
|
||||
boot.kernelModules = ["kvm-amd"];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
boot.initrd.luks.devices."cryptroot" = {
|
||||
device = "/dev/disk/by-id/md-name-nixos:root";
|
||||
allowDiscards = true;
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "none";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "none";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/EC82-67F4";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/EC82-67F4";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "/dev/disk/by-uuid/0cc568f0-402d-4535-980a-ed3a1dc697b9";
|
||||
fsType = "ext4";
|
||||
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
|
||||
neededForBoot = true;
|
||||
};
|
||||
fileSystems."/home" = {
|
||||
device = "/dev/disk/by-uuid/0cc568f0-402d-4535-980a-ed3a1dc697b9";
|
||||
fsType = "ext4";
|
||||
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
|
||||
neededForBoot = true;
|
||||
};
|
||||
|
||||
fileSystems."/nix" =
|
||||
{ device = "/dev/disk/by-uuid/e203d629-4d34-4147-bee6-919f0bfa25de";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/nix" = {
|
||||
device = "/dev/disk/by-uuid/e203d629-4d34-4147-bee6-919f0bfa25de";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/persist" =
|
||||
{ device = "/dev/disk/by-uuid/a0855aaa-76bf-445e-b0d1-ab1552e5496f";
|
||||
fsType = "ext4";
|
||||
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
|
||||
neededForBoot = true;
|
||||
};
|
||||
fileSystems."/persist" = {
|
||||
device = "/dev/disk/by-uuid/a0855aaa-76bf-445e-b0d1-ab1552e5496f";
|
||||
fsType = "ext4";
|
||||
# https://github.com/ryantm/agenix/issues/45#issuecomment-957865406
|
||||
neededForBoot = true;
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/761507ab-479d-414b-ac3e-2149564ca470"; }
|
||||
];
|
||||
swapDevices = [
|
||||
{device = "/dev/disk/by-uuid/761507ab-479d-414b-ac3e-2149564ca470";}
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
...
|
||||
}: {
|
||||
networking.hostName = "stroopwafel";
|
||||
networking.networkmanager.wifi.backend = "wpa_supplicant";
|
||||
networking.wireless.iwd.enable = true;
|
||||
|
||||
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-stroopwafel.age";
|
||||
|
||||
|
@ -41,4 +41,23 @@
|
|||
];
|
||||
privateKeyFile = config.age.secrets.wg-pub-solar-key.path;
|
||||
};
|
||||
|
||||
age.secrets.wg-momo-key.file = "${flake.self}/secrets/wg-momo-stroopwafel.age";
|
||||
|
||||
pub-solar.wireguard.momo = {
|
||||
ownIPs = [
|
||||
"10.30.30.200/32"
|
||||
"fd00:3030:3030:3030:3030:200::/96"
|
||||
];
|
||||
privateKeyFile = config.age.secrets.wg-momo-key.path;
|
||||
};
|
||||
|
||||
age.secrets.wg-ehex-key.file = "${flake.self}/secrets/wg-ehex-stroopwafel.age";
|
||||
|
||||
pub-solar.wireguard.ehex = {
|
||||
ownIPs = [
|
||||
"10.42.0.135/22"
|
||||
];
|
||||
privateKeyFile = config.age.secrets.wg-ehex-key.path;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
...
|
||||
}: {
|
||||
services.openstreetmap = {
|
||||
enable = false;
|
||||
enable = true;
|
||||
debug = true;
|
||||
totalRamGb = 14;
|
||||
};
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ lib }:
|
||||
hostnames: {
|
||||
{lib}: hostnames: {
|
||||
"127.0.0.1" = hostnames;
|
||||
"::1" = hostnames;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
{ lib, inputs, ... }: {
|
||||
{
|
||||
lib,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
# Configuration common to all Linux systems
|
||||
flake = {
|
||||
lib = let
|
||||
|
@ -10,7 +14,7 @@
|
|||
#foo = callLibs ./foo.nix;
|
||||
## In configs, they can be used under "lib.our"
|
||||
|
||||
deploy = import ./deploy.nix { inherit inputs lib; };
|
||||
deploy = import ./deploy.nix {inherit inputs lib;};
|
||||
addLocalHostname = callLibs ./add-local-hostname.nix;
|
||||
recursiveMerge = callLibs ./recursive-merge.nix;
|
||||
mkEmailAddress = account: domain: account + "@" + domain;
|
||||
|
|
|
@ -1,11 +1,13 @@
|
|||
/*
|
||||
* The contents of this file are adapted from digga
|
||||
* https://github.com/divnix/digga
|
||||
*
|
||||
* Licensed under the MIT license
|
||||
*/
|
||||
|
||||
{ lib, inputs }: let
|
||||
* The contents of this file are adapted from digga
|
||||
* https://github.com/divnix/digga
|
||||
*
|
||||
* Licensed under the MIT license
|
||||
*/
|
||||
{
|
||||
lib,
|
||||
inputs,
|
||||
}: let
|
||||
getFqdn = c: let
|
||||
net = c.config.networking;
|
||||
fqdn =
|
||||
|
@ -17,43 +19,60 @@
|
|||
in {
|
||||
mkDeployNodes = systemConfigurations: extraConfig:
|
||||
/*
|
||||
*
|
||||
Synopsis: mkNodes _systemConfigurations_ _extraConfig_
|
||||
*
|
||||
Synopsis: mkNodes _systemConfigurations_ _extraConfig_
|
||||
|
||||
Generate the `nodes` attribute expected by deploy-rs
|
||||
where _systemConfigurations_ are `nodes`.
|
||||
Generate the `nodes` attribute expected by deploy-rs
|
||||
where _systemConfigurations_ are `nodes`.
|
||||
|
||||
_systemConfigurations_ should take the form of a flake's
|
||||
_nixosConfigurations_. Note that deploy-rs does not currently support
|
||||
deploying to darwin hosts.
|
||||
_systemConfigurations_ should take the form of a flake's
|
||||
_nixosConfigurations_. Note that deploy-rs does not currently support
|
||||
deploying to darwin hosts.
|
||||
|
||||
_extraConfig_, if specified, will be merged into each of the
|
||||
nodes' configurations.
|
||||
_extraConfig_, if specified, will be merged into each of the
|
||||
nodes' configurations.
|
||||
|
||||
Example _systemConfigurations_ input:
|
||||
Example _systemConfigurations_ input:
|
||||
|
||||
```
|
||||
{
|
||||
hostname-1 = {
|
||||
fastConnection = true;
|
||||
sshOpts = [ "-p" "25" ];
|
||||
};
|
||||
hostname-2 = {
|
||||
sshOpts = [ "-p" "19999" ];
|
||||
sshUser = "root";
|
||||
};
|
||||
}
|
||||
```
|
||||
*
|
||||
*/
|
||||
```
|
||||
{
|
||||
hostname-1 = {
|
||||
fastConnection = true;
|
||||
sshOpts = [ "-p" "25" ];
|
||||
};
|
||||
hostname-2 = {
|
||||
sshOpts = [ "-p" "19999" ];
|
||||
sshUser = "root";
|
||||
};
|
||||
}
|
||||
```
|
||||
*
|
||||
*/
|
||||
lib.recursiveUpdate
|
||||
(lib.mapAttrs
|
||||
(
|
||||
_: c: {
|
||||
_: c: let
|
||||
system = c.pkgs.stdenv.hostPlatform.system;
|
||||
# Unmodified nixpkgs
|
||||
pkgs = import inputs.nixpkgs {inherit system;};
|
||||
# nixpkgs with deploy-rs overlay but force the nixpkgs package
|
||||
deployPkgs = import inputs.nixpkgs {
|
||||
inherit system;
|
||||
overlays = [
|
||||
inputs.deploy-rs.overlay # or deploy-rs.overlays.default
|
||||
(self: super: {
|
||||
deploy-rs = {
|
||||
inherit (pkgs) deploy-rs;
|
||||
lib = super.deploy-rs.lib;
|
||||
};
|
||||
})
|
||||
];
|
||||
};
|
||||
in {
|
||||
hostname = getFqdn c;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = inputs.deploy-rs.lib.${c.pkgs.stdenv.hostPlatform.system}.activate.nixos c;
|
||||
path = deployPkgs.deploy-rs.lib.activate.nixos c;
|
||||
};
|
||||
}
|
||||
)
|
||||
|
|
|
@ -1,6 +1,4 @@
|
|||
{ lib }:
|
||||
attrList:
|
||||
let
|
||||
{lib}: attrList: let
|
||||
f = attrPath:
|
||||
zipAttrsWith (
|
||||
n: values:
|
||||
|
@ -13,4 +11,4 @@ let
|
|||
else last values
|
||||
);
|
||||
in
|
||||
f [] attrList;
|
||||
f [] attrList
|
||||
|
|
|
@ -20,7 +20,6 @@ in {
|
|||
# Needed for pactl cmd, until pw-cli is more mature (vol up/down hotkeys?)
|
||||
pulseaudio
|
||||
vimpc
|
||||
spotify-tui
|
||||
];
|
||||
};
|
||||
|
||||
|
|
|
@ -23,6 +23,18 @@
|
|||
};
|
||||
|
||||
services.blueman.enable = true;
|
||||
home-manager.users."${config.pub-solar.user.name}" = {
|
||||
services.blueman-applet.enable = true;
|
||||
systemd.user.services.blueman-applet = {
|
||||
Unit = {
|
||||
BindsTo = ["sway-session.target"];
|
||||
After = lib.mkForce ["sway-session.target"];
|
||||
Requires = lib.mkForce [ ];
|
||||
};
|
||||
Install.WantedBy = [ "sway-session.target" ];
|
||||
};
|
||||
};
|
||||
|
||||
environment.etc."wireplumber/bluetooth.lua.d/51-bluez-config.lua" = {
|
||||
text = ''
|
||||
bluez_monitor.properties = {
|
||||
|
|
|
@ -12,7 +12,7 @@ in {
|
|||
loader.systemd-boot.enable = lib.mkDefault true;
|
||||
|
||||
# Use latest LTS linux kernel by default
|
||||
kernelPackages = lib.mkDefault pkgs.linuxPackages_6_7_hardened;
|
||||
kernelPackages = pkgs.linuxPackages_6_6_hardened;
|
||||
|
||||
# Support ntfs drives
|
||||
supportedFilesystems = ["ntfs"];
|
||||
|
|
|
@ -10,8 +10,8 @@
|
|||
systemd.services.systemd-networkd-wait-online.enable = lib.mkDefault false;
|
||||
|
||||
networking.hosts = {
|
||||
"128.140.109.213" = [ "vpn.b12f.io" ];
|
||||
"2a01:4f8:c2c:b60::" = [ "vpn.b12f.io" ];
|
||||
"128.140.109.213" = [ "vpn.b12f.io" "frikandel-initrd.b12f.io" ];
|
||||
"2a01:4f8:c2c:b60::" = [ "vpn.b12f.io" "frikandel-initrd.b12f.io" ];
|
||||
};
|
||||
|
||||
networking.networkmanager = {
|
||||
|
@ -38,7 +38,7 @@
|
|||
};
|
||||
|
||||
# Don't expose SSH via public interfaces
|
||||
networking.firewall.interfaces.wg-private.allowedTCPPorts = [ 22 ];
|
||||
networking.firewall.interfaces.wg-private.allowedTCPPorts = [22];
|
||||
|
||||
# For rage encryption, all hosts need a ssh key pair
|
||||
services.openssh = {
|
||||
|
|
|
@ -24,7 +24,7 @@ in {
|
|||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
enableExtraSocket = true;
|
||||
pinentryFlavor = "gnome3";
|
||||
pinentryPackage = pkgs.pinentry-gnome3;
|
||||
};
|
||||
|
||||
home-manager.users."${psCfg.user.name}" = {
|
||||
|
|
|
@ -29,13 +29,6 @@ in {
|
|||
element-desktop
|
||||
element-b12f
|
||||
element-mezza
|
||||
|
||||
# Nix specific utilities
|
||||
alejandra
|
||||
manix
|
||||
nix-index
|
||||
nix-tree
|
||||
nvd
|
||||
];
|
||||
|
||||
fonts = {
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
# This file is written by xdg-user-dirs-update
|
||||
# If you want to change or add directories, just edit the line you're
|
||||
# interested in. All local changes will be retained on the next run.
|
||||
# Format is XDG_xxx_DIR="$HOME/yyy", where yyy is a shell-escaped
|
||||
# homedir-relative path, or XDG_xxx_DIR="/yyy", where /yyy is an
|
||||
# absolute path. No other format is supported.
|
||||
|
||||
XDG_DESKTOP_DIR="$HOME/"
|
||||
XDG_DOWNLOAD_DIR="$HOME/Downloads"
|
||||
XDG_TEMPLATES_DIR="$HOME/Templates"
|
||||
XDG_PUBLICSHARE_DIR="$HOME/Public"
|
||||
XDG_DOCUMENTS_DIR="$HOME/"
|
||||
XDG_MUSIC_DIR="$HOME/"
|
||||
XDG_PICTURES_DIR="$HOME/"
|
||||
XDG_VIDEOS_DIR="$HOME/"
|
|
@ -1,20 +1,3 @@
|
|||
@define-color base00 #1a181a;
|
||||
@define-color base01 #2d2a2e;
|
||||
@define-color base02 #303030;
|
||||
@define-color base03 #949494;
|
||||
@define-color base04 #d3d1d4;
|
||||
@define-color base05 #e3e1e4;
|
||||
@define-color base06 #303030;
|
||||
@define-color base07 #ff5f5f;
|
||||
@define-color base08 #f85e84;
|
||||
@define-color base09 #df5923;
|
||||
@define-color base0A #e5c463;
|
||||
@define-color base0B #9ecd6f;
|
||||
@define-color base0C #ef9062;
|
||||
@define-color base0D #7accd7;
|
||||
@define-color base0E #ab9df2;
|
||||
@define-color base0F #d70000;
|
||||
|
||||
* {
|
||||
min-height: 0;
|
||||
border: none;
|
||||
|
|
|
@ -1,18 +0,0 @@
|
|||
Gtk/ButtonImages 1
|
||||
Gtk/CanChangeAccels 1
|
||||
Gtk/CursorThemeName "default"
|
||||
Gtk/CursorThemeSize 0
|
||||
Gtk/EnableEventSounds 0
|
||||
Gtk/EnableInputFeedbackSounds 0
|
||||
Gtk/FontName "Lato"
|
||||
Gtk/ThemeName "Matcha-dark-aliz"
|
||||
Gtk/IconThemeName "Papirus-Adapta-Nokto-Maia"
|
||||
Gtk/MenuBarAccel "F10"
|
||||
Gtk/MenuImages 1
|
||||
Gtk/ToolbarIconSize 3
|
||||
Gtk/ToolbarStyle "icons"
|
||||
Xft/Antialias 1
|
||||
Xft/DPI 102400
|
||||
Xft/Hinting 1
|
||||
Xft/HintStyle "hintslight"
|
||||
Xft/RGBA "rgb"
|
|
@ -9,8 +9,6 @@ usermodmap=$HOME/.config/xmodmap
|
|||
sysresources=/etc/X11/xinit/.Xresources
|
||||
sysmodmap=/etc/X11/xinit/.Xmodmap
|
||||
|
||||
DEFAULT_SESSION='i3 --shmlog-size 0'
|
||||
|
||||
xset -b
|
||||
|
||||
if [ -d $HOME/.fonts ]; then
|
||||
|
@ -48,23 +46,8 @@ fi
|
|||
get_session(){
|
||||
local dbus_args=(--sh-syntax --exit-with-session)
|
||||
case $1 in
|
||||
awesome) dbus_args+=(awesome) ;;
|
||||
bspwm) dbus_args+=(bspwm-session) ;;
|
||||
budgie) dbus_args+=(budgie-desktop) ;;
|
||||
cinnamon) dbus_args+=(cinnamon-session) ;;
|
||||
deepin) dbus_args+=(startdde) ;;
|
||||
enlightenment) dbus_args+=(enlightenment_start) ;;
|
||||
fluxbox) dbus_args+=(startfluxbox) ;;
|
||||
gnome) dbus_args+=(gnome-session) ;;
|
||||
i3|i3wm) dbus_args+=(i3 --shmlog-size 0) ;;
|
||||
jwm) dbus_args+=(jwm) ;;
|
||||
kde) dbus_args+=(startkde) ;;
|
||||
lxde) dbus_args+=(startlxde) ;;
|
||||
lxqt) dbus_args+=(lxqt-session) ;;
|
||||
mate) dbus_args+=(mate-session) ;;
|
||||
xfce) dbus_args+=(xfce4-session) ;;
|
||||
openbox) dbus_args+=(openbox-session) ;;
|
||||
*) dbus_args+=($DEFAULT_SESSION) ;;
|
||||
*) dbus_args+=(sway) ;;
|
||||
esac
|
||||
|
||||
echo "dbus-launch ${dbus_args[*]}"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
{ flake, ...}: with flake.self.theme.with0x; {
|
||||
env = {
|
||||
TERM = "xterm-256color";
|
||||
TERM = "xterm-direct";
|
||||
};
|
||||
|
||||
window = {
|
||||
|
@ -30,9 +30,6 @@
|
|||
multiplier = 3;
|
||||
};
|
||||
|
||||
# When true, bold text is drawn using the bright variant of colors.
|
||||
draw_bold_text_with_bright_colors = true;
|
||||
|
||||
font = {
|
||||
# The normal (roman) font face to use.
|
||||
normal = {
|
||||
|
@ -68,7 +65,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
key_bindings = [
|
||||
keyboard.bindings = [
|
||||
{
|
||||
key = "V";
|
||||
mods = "Control|Alt";
|
||||
|
@ -162,10 +159,13 @@
|
|||
# Base16 Burn 256 - alacritty color config
|
||||
# Benjamin Bädorf
|
||||
colors = {
|
||||
# When true, bold text is drawn using the bright variant of colors.
|
||||
draw_bold_text_with_bright_colors = true;
|
||||
|
||||
# Default colors
|
||||
primary = {
|
||||
background = "0x1a181a";
|
||||
foreground = "0xe3e1e4";
|
||||
background = base00;
|
||||
foreground = base05;
|
||||
};
|
||||
|
||||
# Cursor colors
|
||||
|
@ -184,8 +184,8 @@
|
|||
# Allowed values are CellForeground/CellBackground, which reference the
|
||||
# affected cell, or hexadecimal colors like #ff00ff.
|
||||
matches = {
|
||||
foreground = "0xe5c463";
|
||||
background = "0x1a181a";
|
||||
foreground = base0A;
|
||||
background = base00;
|
||||
};
|
||||
focused_match = {
|
||||
foreground = "CellBackground";
|
||||
|
@ -203,58 +203,58 @@
|
|||
# Allowed values are CellForeground/CellBackground, which reference the
|
||||
# affected cell, or hexadecimal colors like #ff00ff.
|
||||
selection = {
|
||||
text = "0x1a181a";
|
||||
background = "0xf85e84";
|
||||
text = base00;
|
||||
background = base08;
|
||||
};
|
||||
|
||||
# Normal colors
|
||||
normal = {
|
||||
black = "0x1a181a";
|
||||
red = "0xf85e84";
|
||||
green = "0x9ecd6f";
|
||||
yellow = "0xe5c463";
|
||||
blue = "0x7accd7";
|
||||
magenta = "0xab9df2";
|
||||
cyan = "0xef9062";
|
||||
white = "0xe3e1e4";
|
||||
black = base00;
|
||||
red = base09;
|
||||
green = base0B;
|
||||
yellow = base0A;
|
||||
blue = base0D;
|
||||
magenta = base0E;
|
||||
cyan = base0C;
|
||||
white = base05;
|
||||
};
|
||||
|
||||
# Bright colors
|
||||
bright = {
|
||||
black = "0x949494";
|
||||
red = "0xf85e84";
|
||||
green = "0x9ecd6f";
|
||||
yellow = "0xe5c463";
|
||||
blue = "0x7accd7";
|
||||
magenta = "0xab9df2";
|
||||
cyan = "0xef9062";
|
||||
white = "0xff5f5f";
|
||||
black = base00;
|
||||
red = base0F;
|
||||
green = base0B;
|
||||
yellow = base0A;
|
||||
blue = base0D;
|
||||
magenta = base0E;
|
||||
cyan = base0C;
|
||||
white = base05;
|
||||
};
|
||||
|
||||
indexed_colors = [
|
||||
{
|
||||
index = 16;
|
||||
color = "0xdf5923";
|
||||
color = base09;
|
||||
}
|
||||
{
|
||||
index = 17;
|
||||
color = "0xd70000";
|
||||
color = base0F;
|
||||
}
|
||||
{
|
||||
index = 18;
|
||||
color = "0x2d2a2e";
|
||||
color = base01;
|
||||
}
|
||||
{
|
||||
index = 19;
|
||||
color = "0x303030";
|
||||
color = base02;
|
||||
}
|
||||
{
|
||||
index = 20;
|
||||
color = "0xd3d1d4";
|
||||
color = base04;
|
||||
}
|
||||
{
|
||||
index = 21;
|
||||
color = "0x303030";
|
||||
color = base02;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{
|
||||
args@{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
|
@ -6,7 +6,7 @@
|
|||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
yamlFormat = pkgs.formats.yaml {};
|
||||
tomlFormat = pkgs.formats.toml {};
|
||||
sessionVariables = {
|
||||
WLR_RENDERER =
|
||||
if psCfg.graphical.wayland.software-renderer.enable
|
||||
|
@ -45,26 +45,16 @@ in {
|
|||
|
||||
glib
|
||||
xdg-utils
|
||||
];
|
||||
xorg.xbacklight
|
||||
|
||||
etc = {
|
||||
"xdg/PubSolar.conf".text = ''
|
||||
[Qt]
|
||||
style=GTK+
|
||||
'';
|
||||
};
|
||||
desktop-file-utils
|
||||
];
|
||||
|
||||
variables = sessionVariables;
|
||||
};
|
||||
|
||||
services.getty.autologinUser = psCfg.user.name;
|
||||
|
||||
qt = {
|
||||
enable = true;
|
||||
platformTheme = "gtk2";
|
||||
style = "gtk2";
|
||||
};
|
||||
|
||||
# Required for running Gnome apps outside the Gnome DE, see https://nixos.wiki/wiki/GNOME#Running_GNOME_programs_outside_of_GNOME
|
||||
programs.dconf.enable = true;
|
||||
services.udev.packages = with pkgs; [gnome3.gnome-settings-daemon];
|
||||
|
@ -92,31 +82,45 @@ in {
|
|||
|
||||
users.users."${psCfg.user.name}".packages = with pkgs; [
|
||||
alacritty
|
||||
firefox-wayland
|
||||
flameshot
|
||||
gnome.adwaita-icon-theme
|
||||
gnome.eog
|
||||
gnome.nautilus
|
||||
gnome.seahorse
|
||||
gnome.yelp
|
||||
hicolor-icon-theme
|
||||
keepassxc
|
||||
libnotify
|
||||
toggle-kbd-layout
|
||||
vlc
|
||||
wcwd
|
||||
wdisplays
|
||||
wl-mirror
|
||||
];
|
||||
|
||||
qt = {
|
||||
enable = true;
|
||||
platformTheme = "gtk2";
|
||||
style = "gtk2";
|
||||
};
|
||||
|
||||
home-manager.users."${psCfg.user.name}" = {
|
||||
home.file."xinitrc".source = ./.xinitrc;
|
||||
xdg.configFile."alacritty/alacritty.yml".source = yamlFormat.generate "alacritty.yml" (import ./alacritty.nix);
|
||||
xdg.configFile."alacritty/alacritty.toml".source = tomlFormat.generate "alacritty.toml" ((import ./alacritty.nix) args);
|
||||
xdg.configFile."xmodmap".source = ./.config/xmodmap;
|
||||
xdg.configFile."user-dirs.dirs".source = ./.config/user-dirs.dirs;
|
||||
xdg.configFile."user-dirs.locale".source = ./.config/user-dirs.locale;
|
||||
xdg.configFile."xsettingsd/xsettingsd.conf".source = ./.config/xsettingsd/xsettingsd.conf;
|
||||
xdg.configFile."libinput-gestures.conf".source = ./.config/libinput-gestures.conf;
|
||||
xdg.configFile."wallpaper.jpg".source = ./assets/wallpaper.jpg;
|
||||
|
||||
programs.firefox = {
|
||||
enable = true;
|
||||
package = pkgs.firefox-wayland;
|
||||
};
|
||||
|
||||
dconf.settings = {
|
||||
"org/gnome/desktop/interface" = {
|
||||
color-scheme = "prefer-dark";
|
||||
};
|
||||
};
|
||||
|
||||
gtk = {
|
||||
enable = true;
|
||||
font.name = "Lato";
|
||||
|
@ -134,13 +138,21 @@ in {
|
|||
gtk-xft-hinting = "1";
|
||||
gtk-xft-hintstyle = "hintfull";
|
||||
gtk-xft-rgba = "rgb";
|
||||
gtk-application-prefer-dark-theme = "true";
|
||||
gtk-application-prefer-dark-theme = "1";
|
||||
};
|
||||
};
|
||||
|
||||
xresources.extraConfig = builtins.readFile ./.Xdefaults;
|
||||
|
||||
systemd.user.services.network-manager-applet = import ./network-manager-applet.service.nix pkgs;
|
||||
services.network-manager-applet.enable = true;
|
||||
systemd.user.services.network-manager-applet = {
|
||||
Unit = {
|
||||
BindsTo = ["sway-session.target"];
|
||||
After = lib.mkForce ["sway-session.target"];
|
||||
Requires = lib.mkForce [ ];
|
||||
};
|
||||
Install.WantedBy = [ "sway-session.target" ];
|
||||
};
|
||||
|
||||
home.sessionVariables = sessionVariables;
|
||||
systemd.user.sessionVariables = sessionVariables;
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
flake,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
@ -10,20 +11,20 @@ in {
|
|||
home-manager.users."${psCfg.user.name}" = {
|
||||
services.mako = {
|
||||
enable = true;
|
||||
extraConfig = ''
|
||||
extraConfig = with flake.self.theme.withHashtag; ''
|
||||
padding=10
|
||||
margin=5,5,0
|
||||
default-timeout=5000
|
||||
|
||||
background-color=#1a181a
|
||||
text-color=#e3e1e4
|
||||
border-color=#ff5f5f
|
||||
background-color=${base00}
|
||||
text-color=${base05}
|
||||
border-color=${base07}
|
||||
font=Hack 14
|
||||
|
||||
[urgency=high]
|
||||
background-color=#ff5f5f
|
||||
text-color=#1a181a
|
||||
border-color=#1a181a
|
||||
background-color=${base07}
|
||||
text-color=${base00}
|
||||
border-color=${base00}
|
||||
layer=overlay
|
||||
font=Hack 14
|
||||
'';
|
||||
|
|
|
@ -1,19 +0,0 @@
|
|||
## Base16 Burn
|
||||
# Author: Benjamin Bädorf
|
||||
|
||||
set $base00 #1a181a
|
||||
set $base01 #2d2a2e
|
||||
set $base02 #303030
|
||||
set $base03 #949494
|
||||
set $base04 #d3d1d4
|
||||
set $base05 #e3e1e4
|
||||
set $base06 #303030
|
||||
set $base07 #ff5f5f
|
||||
set $base08 #f85e84
|
||||
set $base09 #df5923
|
||||
set $base0A #e5c463
|
||||
set $base0B #9ecd6f
|
||||
set $base0C #ef9062
|
||||
set $base0D #7accd7
|
||||
set $base0E #ab9df2
|
||||
set $base0F #d70000
|
|
@ -1,43 +1,33 @@
|
|||
# launch categorized menu
|
||||
bindsym $mod+z exec --no-startup-id morc_menu
|
||||
|
||||
# switch keyboard input language
|
||||
bindsym $mod+tab exec toggle-kbd-layout
|
||||
|
||||
################################################################################################
|
||||
## sound-section - ##
|
||||
################################################################################################
|
||||
|
||||
bindsym $mod+Ctrl+m exec pavucontrol
|
||||
|
||||
################################################################################################
|
||||
|
||||
# Quickstart application shortcuts
|
||||
bindsym $mod+F1 exec psos help
|
||||
bindsym $mod+Shift+h exec psos help
|
||||
|
||||
bindsym $mod+F2 exec firefox
|
||||
|
||||
bindsym $mod+F4 exec nautilus -w
|
||||
bindsym $mod+Shift+F4 exec signal-desktop --use-tray-icon
|
||||
|
||||
bindsym $mod+Shift+m exec qMasterPassword
|
||||
|
||||
# Screenshots and screen recordings
|
||||
# Screen capturing
|
||||
bindsym $mod+Ctrl+p exec grim -g "$(slurp -d -b \#ffffff11)" ~/Pictures/Screenshots/$(date +%Y%m%d_%Hh%Mm%Ss)_grim.png
|
||||
bindsym $mod+Shift+p exec grim ~/Pictures/Screenshots/$(date +%Y%m%d_%Hh%Mm%Ss)_grim.png
|
||||
bindsym $mod+Ctrl+f exec "( pkill flameshot || true && flameshot & ) && ( sleep 0.5s && flameshot gui )"
|
||||
bindsym $mod+Shift+p exec grim -g "$(slurp -d -b \#ffffff11 -o)" ~/Pictures/Screenshots/$(date +%Y%m%d_%Hh%Mm%Ss)_grim.png
|
||||
|
||||
bindsym $mod+Ctrl+r exec record-screen
|
||||
bindsym $mod+Shift+r exec record-screen fullscreen
|
||||
|
||||
# Launcher
|
||||
set $menu exec alacritty --class launcher -e env TERMINAL_COMMAND="alacritty -e" sway-launcher
|
||||
bindsym $mod+Space exec $menu
|
||||
|
||||
set $mode_vncclient In VNCClient mode. Press $mod+Num_Lock or $mod+Shift+Escape to return.
|
||||
bindsym $mod+Num_Lock mode "$mode_vncclient"
|
||||
bindsym $mod+Shift+Escape mode "$mode_vncclient"
|
||||
mode "$mode_vncclient" {
|
||||
bindsym $mod+Num_Lock mode "default"
|
||||
bindsym $mod+Shift+Escape mode "default"
|
||||
}
|
||||
# Pulse Audio controls
|
||||
bindsym $mod+Ctrl+m exec pavucontrol
|
||||
|
||||
bindsym XF86AudioRaiseVolume exec pactl set-sink-volume @DEFAULT_SINK@ +5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 #increase sound volume
|
||||
bindsym XF86AudioLowerVolume exec pactl set-sink-volume @DEFAULT_SINK@ -5%; exec pactl set-sink-mute @DEFAULT_SINK@ 0 #decrease sound volume
|
||||
bindsym XF86AudioMute exec pactl set-sink-mute @DEFAULT_SINK@ toggle # mute sound
|
||||
|
||||
# Media player controls
|
||||
bindsym XF86AudioPlay exec "playerctl play-pause; notify-send 'Play/Pause'"
|
||||
bindsym XF86AudioNext exec "playerctl next; notify-send 'Next'"
|
||||
bindsym XF86AudioPrev exec "playerctl previous; notify-send 'Prev.'"
|
||||
|
||||
# Screen brightness controls
|
||||
bindsym XF86MonBrightnessUp exec "brightnessctl set +10%"
|
||||
bindsym XF86MonBrightnessDown exec "brightnessctl set 10%-"
|
||||
|
||||
# Keyboard backlight brightness controls
|
||||
bindsym XF86KbdBrightnessDown exec "brightnessctl -d smc::kbd_backlight set 33%-"
|
||||
bindsym XF86KbdBrightnessUp exec "brightnessctl -d smc::kbd_backlight set +33%"
|
||||
|
|
1
modules/graphical/sway/config/config.d/keepalive.conf
Normal file
1
modules/graphical/sway/config/config.d/keepalive.conf
Normal file
|
@ -0,0 +1 @@
|
|||
for_window [app_id=".*"] inhibit_idle fullscreen
|
|
@ -1,40 +1,39 @@
|
|||
{
|
||||
pkgs,
|
||||
psCfg,
|
||||
config,
|
||||
...
|
||||
}: with pkgs;
|
||||
''
|
||||
# Set shut down, restart and locking features
|
||||
''
|
||||
+ (
|
||||
if psCfg.core.hibernation.enable
|
||||
then ''
|
||||
set $mode_system (e)xit, (l)ock, (h)ibernate, (r)eboot, (Shift+s)hutdown
|
||||
}: with pkgs; ''
|
||||
# Set shut down, restart and locking features
|
||||
''
|
||||
else ''
|
||||
set $mode_system (e)xit, (l)ock, (r)eboot, (Shift+s)hutdown
|
||||
''
|
||||
)
|
||||
+ ''
|
||||
bindsym $mod+0 mode "$mode_system"
|
||||
+ (
|
||||
if config.pub-solar.core.hibernation.enable
|
||||
then ''
|
||||
set $mode_system (e)xit, (l)ock, (h)ibernate, (r)eboot, (Shift+s)hutdown
|
||||
''
|
||||
else ''
|
||||
set $mode_system (e)xit, (l)ock, (r)eboot, (Shift+s)hutdown
|
||||
''
|
||||
)
|
||||
+ ''
|
||||
bindsym $mod+0 mode "$mode_system"
|
||||
|
||||
mode "$mode_system" {
|
||||
bindsym e exec ${sway}/bin/swaymsg exit, mode "default"
|
||||
bindsym l exec ${swaylock-bg}/bin/swaylock-bg, mode "default"
|
||||
''
|
||||
+ (
|
||||
if psCfg.core.hibernation.enable
|
||||
then ''
|
||||
bindsym h exec ${systemd}/bin/systemctl hibernate, mode "default"
|
||||
mode "$mode_system" {
|
||||
bindsym e exec ${sway}/bin/swaymsg exit, mode "default"
|
||||
bindsym l exec ${swaylock-bg}/bin/swaylock-bg, mode "default"
|
||||
''
|
||||
else ""
|
||||
)
|
||||
+ ''
|
||||
bindsym r exec ${systemd}/bin/systemctl reboot, mode "default"
|
||||
bindsym Shift+s exec ${systemd}/bin/systemctl poweroff, mode "default"
|
||||
+ (
|
||||
if config.pub-solar.core.hibernation.enable
|
||||
then ''
|
||||
bindsym h exec ${systemd}/bin/systemctl hibernate, mode "default"
|
||||
''
|
||||
else ""
|
||||
)
|
||||
+ ''
|
||||
bindsym r exec ${systemd}/bin/systemctl reboot, mode "default"
|
||||
bindsym Shift+s exec ${systemd}/bin/systemctl poweroff, mode "default"
|
||||
|
||||
# exit system mode: "Enter" or "Escape"
|
||||
bindsym Return mode "default"
|
||||
bindsym Escape mode "default"
|
||||
}
|
||||
''
|
||||
# exit system mode: "Enter" or "Escape"
|
||||
bindsym Return mode "default"
|
||||
bindsym Escape mode "default"
|
||||
}
|
||||
''
|
||||
|
|
|
@ -1,3 +1,21 @@
|
|||
{ flake, ... }: with flake.self.theme.withHashtag; ''
|
||||
set $base00 ${base00}
|
||||
set $base01 ${base01}
|
||||
set $base02 ${base02}
|
||||
set $base03 ${base03}
|
||||
set $base04 ${base04}
|
||||
set $base05 ${base05}
|
||||
set $base06 ${base06}
|
||||
set $base07 ${base07}
|
||||
set $base08 ${base08}
|
||||
set $base09 ${base09}
|
||||
set $base0A ${base0A}
|
||||
set $base0B ${base0B}
|
||||
set $base0C ${base0C}
|
||||
set $base0D ${base0D}
|
||||
set $base0E ${base0E}
|
||||
set $base0F ${base0F}
|
||||
|
||||
# Border BG Text Ind Child Border
|
||||
client.focused $base00 $base01 $base07 $base0D $base07
|
||||
client.focused_inactive $base00 $base01 $base07 $base03 $base00
|
||||
|
@ -14,3 +32,6 @@ exec_always import-gtk-settings \
|
|||
|
||||
# Workaround to fix cursor scaling, see https://github.com/swaywm/sway/issues/4112
|
||||
seat seat0 xcursor_theme Adwaita
|
||||
|
||||
output * bg ~/.config/wallpaper.jpg fill
|
||||
''
|
|
@ -1,217 +1,227 @@
|
|||
{
|
||||
args@{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: ''
|
||||
# Default config for sway
|
||||
#
|
||||
# Copy this to ~/.config/sway/config and edit it to your liking.
|
||||
#
|
||||
# Read `man 5 sway` for a complete reference.
|
||||
}: let
|
||||
applications = builtins.readFile ./config.d/applications.conf;
|
||||
custom-keybindings = builtins.readFile ./config.d/custom-keybindings.conf;
|
||||
gaps = builtins.readFile ./config.d/gaps.conf;
|
||||
mode-system = import ./config.d/mode_system.conf.nix args;
|
||||
systemd = builtins.readFile ./config.d/systemd.conf;
|
||||
theme = import ./config.d/theme.conf.nix args;
|
||||
in ''
|
||||
# Default config for sway
|
||||
#
|
||||
# Copy this to ~/.config/sway/config and edit it to your liking.
|
||||
#
|
||||
# Read `man 5 sway` for a complete reference.
|
||||
|
||||
### Variables
|
||||
#
|
||||
# Logo key. Use Mod1 for Alt.
|
||||
set $mod Mod4
|
||||
# Home row direction keys, like vim
|
||||
set $left j
|
||||
set $down k
|
||||
set $up i
|
||||
set $right l
|
||||
# Your preferred terminal emulator
|
||||
set $term ${pkgs.alacritty}/bin/alacritty
|
||||
# Your preferred application launcher
|
||||
# Note: pass the final command to swaymsg so that the resulting window can be opened
|
||||
# on the original workspace that the command was run on.
|
||||
#set $menu dmenu_path | dmenu | xargs swaymsg exec bemenu-run --no-overlap
|
||||
### Variables
|
||||
#
|
||||
# Logo key. Use Mod1 for Alt.
|
||||
set $mod Mod4
|
||||
# Home row direction keys, like vim
|
||||
set $left j
|
||||
set $down k
|
||||
set $up i
|
||||
set $right l
|
||||
# Your preferred terminal emulator
|
||||
set $term ${pkgs.alacritty}/bin/alacritty
|
||||
# Your preferred application launcher
|
||||
# Note: pass the final command to swaymsg so that the resulting window can be opened
|
||||
# on the original workspace that the command was run on.
|
||||
#set $menu dmenu_path | dmenu | xargs swaymsg exec bemenu-run --no-overlap
|
||||
|
||||
default_border pixel 1
|
||||
default_border pixel 1
|
||||
|
||||
### Output configuration
|
||||
#
|
||||
# Default wallpaper (more resolutions are available in @datadir@/backgrounds/sway/)
|
||||
output * bg ~/.config/wallpaper.jpg fill
|
||||
### Key bindings
|
||||
#
|
||||
# Basics:
|
||||
#
|
||||
# Start a terminal
|
||||
bindsym $mod+Return exec $term
|
||||
|
||||
### Key bindings
|
||||
#
|
||||
# Basics:
|
||||
#
|
||||
# Start a terminal
|
||||
bindsym $mod+Return exec $term
|
||||
# Start a terminal
|
||||
bindsym $mod+Shift+Return exec sh -c '$term --working-directory $(wcwd)'
|
||||
|
||||
# Start a terminal
|
||||
bindsym $mod+Shift+Return exec sh -c '$term --working-directory $(wcwd)'
|
||||
# Kill focused window
|
||||
bindsym $mod+Shift+q kill
|
||||
|
||||
# Kill focused window
|
||||
bindsym $mod+Shift+q kill
|
||||
# Drag floating windows by holding down $mod and left mouse button.
|
||||
# Resize them with right mouse button + $mod.
|
||||
# Despite the name, also works for non-floating windows.
|
||||
# Change normal to inverse to use left mouse button for resizing and right
|
||||
# mouse button for dragging.
|
||||
floating_modifier $mod normal
|
||||
|
||||
# Drag floating windows by holding down $mod and left mouse button.
|
||||
# Resize them with right mouse button + $mod.
|
||||
# Despite the name, also works for non-floating windows.
|
||||
# Change normal to inverse to use left mouse button for resizing and right
|
||||
# mouse button for dragging.
|
||||
floating_modifier $mod normal
|
||||
# Reload the configuration file
|
||||
bindsym $mod+F5 reload
|
||||
|
||||
# Reload the configuration file
|
||||
bindsym $mod+F5 reload
|
||||
#
|
||||
# Moving around:
|
||||
#
|
||||
# Move your focus around
|
||||
bindsym $mod+$left focus left
|
||||
bindsym $mod+$down focus down
|
||||
bindsym $mod+$up focus up
|
||||
bindsym $mod+$right focus right
|
||||
# Or use $mod+[up|down|left|right]
|
||||
bindsym $mod+Left focus left
|
||||
bindsym $mod+Down focus down
|
||||
bindsym $mod+Up focus up
|
||||
bindsym $mod+Right focus right
|
||||
|
||||
#
|
||||
# Moving around:
|
||||
#
|
||||
# Move your focus around
|
||||
bindsym $mod+$left focus left
|
||||
bindsym $mod+$down focus down
|
||||
bindsym $mod+$up focus up
|
||||
bindsym $mod+$right focus right
|
||||
# Or use $mod+[up|down|left|right]
|
||||
bindsym $mod+Left focus left
|
||||
bindsym $mod+Down focus down
|
||||
bindsym $mod+Up focus up
|
||||
bindsym $mod+Right focus right
|
||||
|
||||
# Move the focused window with the same, but add Shift
|
||||
bindsym $mod+Shift+$left move left
|
||||
bindsym $mod+Shift+$down move down
|
||||
bindsym $mod+Shift+$up move up
|
||||
bindsym $mod+Shift+$right move right
|
||||
# Ditto, with arrow keys
|
||||
bindsym $mod+Shift+Left move left
|
||||
bindsym $mod+Shift+Down move down
|
||||
bindsym $mod+Shift+Up move up
|
||||
bindsym $mod+Shift+Right move right
|
||||
#
|
||||
# Workspaces:
|
||||
#
|
||||
# Move the focused window with the same, but add Shift
|
||||
bindsym $mod+Shift+$left move left
|
||||
bindsym $mod+Shift+$down move down
|
||||
bindsym $mod+Shift+$up move up
|
||||
bindsym $mod+Shift+$right move right
|
||||
# Ditto, with arrow keys
|
||||
bindsym $mod+Shift+Left move left
|
||||
bindsym $mod+Shift+Down move down
|
||||
bindsym $mod+Shift+Up move up
|
||||
bindsym $mod+Shift+Right move right
|
||||
#
|
||||
# Workspaces:
|
||||
#
|
||||
|
||||
|
||||
# Workspace names
|
||||
# to display names or symbols instead of plain workspace numbers you can use
|
||||
# something like: set $ws1 1:mail
|
||||
# set $ws2 2:
|
||||
set $ws1 1
|
||||
set $ws2 2
|
||||
set $ws3 3
|
||||
set $ws4 4
|
||||
set $ws5 5
|
||||
set $ws6 6
|
||||
set $ws7 7
|
||||
set $ws8 8
|
||||
set $ws9 9
|
||||
# Workspace names
|
||||
# to display names or symbols instead of plain workspace numbers you can use
|
||||
# something like: set $ws1 1:mail
|
||||
# set $ws2 2:
|
||||
set $ws1 1
|
||||
set $ws2 2
|
||||
set $ws3 3
|
||||
set $ws4 4
|
||||
set $ws5 5
|
||||
set $ws6 6
|
||||
set $ws7 7
|
||||
set $ws8 8
|
||||
set $ws9 9
|
||||
|
||||
# Switch to workspace
|
||||
bindsym $mod+1 workspace 1
|
||||
bindsym $mod+2 workspace 2
|
||||
bindsym $mod+3 workspace 3
|
||||
bindsym $mod+4 workspace 4
|
||||
bindsym $mod+5 workspace 5
|
||||
bindsym $mod+6 workspace 6
|
||||
bindsym $mod+7 workspace 7
|
||||
bindsym $mod+8 workspace 8
|
||||
bindsym $mod+9 workspace 9
|
||||
# Move focused container to workspace
|
||||
bindsym $mod+Ctrl+1 move container to workspace $ws1
|
||||
bindsym $mod+Ctrl+2 move container to workspace $ws2
|
||||
bindsym $mod+Ctrl+3 move container to workspace $ws3
|
||||
bindsym $mod+Ctrl+4 move container to workspace $ws4
|
||||
bindsym $mod+Ctrl+5 move container to workspace $ws5
|
||||
bindsym $mod+Ctrl+6 move container to workspace $ws6
|
||||
bindsym $mod+Ctrl+7 move container to workspace $ws7
|
||||
bindsym $mod+Ctrl+8 move container to workspace $ws8
|
||||
bindsym $mod+Ctrl+9 move container to workspace $ws9
|
||||
# Move focused container to workspace and move focus with it
|
||||
bindsym $mod+Shift+1 move container to workspace 1; workspace $ws1
|
||||
bindsym $mod+Shift+2 move container to workspace 2; workspace $ws2
|
||||
bindsym $mod+Shift+3 move container to workspace 3; workspace $ws3
|
||||
bindsym $mod+Shift+4 move container to workspace 4; workspace $ws4
|
||||
bindsym $mod+Shift+5 move container to workspace 5; workspace $ws5
|
||||
bindsym $mod+Shift+6 move container to workspace 6; workspace $ws6
|
||||
bindsym $mod+Shift+7 move container to workspace 7; workspace $ws7
|
||||
bindsym $mod+Shift+8 move container to workspace 8; workspace $ws8
|
||||
bindsym $mod+Shift+9 move container to workspace 9; workspace $ws9
|
||||
# Note: workspaces can have any name you want, not just numbers.
|
||||
# We just use 1-10 as the default.
|
||||
# Switch to workspace
|
||||
bindsym $mod+1 workspace 1
|
||||
bindsym $mod+2 workspace 2
|
||||
bindsym $mod+3 workspace 3
|
||||
bindsym $mod+4 workspace 4
|
||||
bindsym $mod+5 workspace 5
|
||||
bindsym $mod+6 workspace 6
|
||||
bindsym $mod+7 workspace 7
|
||||
bindsym $mod+8 workspace 8
|
||||
bindsym $mod+9 workspace 9
|
||||
# Move focused container to workspace
|
||||
bindsym $mod+Ctrl+1 move container to workspace $ws1
|
||||
bindsym $mod+Ctrl+2 move container to workspace $ws2
|
||||
bindsym $mod+Ctrl+3 move container to workspace $ws3
|
||||
bindsym $mod+Ctrl+4 move container to workspace $ws4
|
||||
bindsym $mod+Ctrl+5 move container to workspace $ws5
|
||||
bindsym $mod+Ctrl+6 move container to workspace $ws6
|
||||
bindsym $mod+Ctrl+7 move container to workspace $ws7
|
||||
bindsym $mod+Ctrl+8 move container to workspace $ws8
|
||||
bindsym $mod+Ctrl+9 move container to workspace $ws9
|
||||
# Move focused container to workspace and move focus with it
|
||||
bindsym $mod+Shift+1 move container to workspace 1; workspace $ws1
|
||||
bindsym $mod+Shift+2 move container to workspace 2; workspace $ws2
|
||||
bindsym $mod+Shift+3 move container to workspace 3; workspace $ws3
|
||||
bindsym $mod+Shift+4 move container to workspace 4; workspace $ws4
|
||||
bindsym $mod+Shift+5 move container to workspace 5; workspace $ws5
|
||||
bindsym $mod+Shift+6 move container to workspace 6; workspace $ws6
|
||||
bindsym $mod+Shift+7 move container to workspace 7; workspace $ws7
|
||||
bindsym $mod+Shift+8 move container to workspace 8; workspace $ws8
|
||||
bindsym $mod+Shift+9 move container to workspace 9; workspace $ws9
|
||||
# Note: workspaces can have any name you want, not just numbers.
|
||||
# We just use 1-10 as the default.
|
||||
|
||||
#navigate workspaces next / previous
|
||||
bindsym $mod+Ctrl+Right workspace next
|
||||
bindsym $mod+Ctrl+Left workspace prev
|
||||
#navigate workspaces next / previous
|
||||
bindsym $mod+Ctrl+Right workspace next
|
||||
bindsym $mod+Ctrl+Left workspace prev
|
||||
|
||||
# workspace back and forth (with/without active container)
|
||||
workspace_auto_back_and_forth yes
|
||||
bindsym $mod+b workspace back_and_forth
|
||||
bindsym $mod+Shift+b move container to workspace back_and_forth; workspace back_and_forth
|
||||
# workspace back and forth (with/without active container)
|
||||
workspace_auto_back_and_forth yes
|
||||
bindsym $mod+b workspace back_and_forth
|
||||
bindsym $mod+Shift+b move container to workspace back_and_forth; workspace back_and_forth
|
||||
|
||||
#
|
||||
# Layout stuff:
|
||||
#
|
||||
# Configure border style <normal|1pixel|pixel xx|none|pixel>
|
||||
default_border pixel 1
|
||||
default_floating_border normal
|
||||
#
|
||||
# Layout stuff:
|
||||
#
|
||||
# Configure border style <normal|1pixel|pixel xx|none|pixel>
|
||||
default_border pixel 1
|
||||
default_floating_border normal
|
||||
|
||||
# Hide borders
|
||||
hide_edge_borders none
|
||||
# Hide borders
|
||||
hide_edge_borders none
|
||||
|
||||
# Font for window titles. Will also be used by the bar unless a different font
|
||||
# is used in the bar {} block below.
|
||||
font xft:Hack 16
|
||||
# Font for window titles. Will also be used by the bar unless a different font
|
||||
# is used in the bar {} block below.
|
||||
font xft:Hack 16
|
||||
|
||||
# You can "split" the current object of your focus with
|
||||
# $mod+b or $mod+v, for horizontal and vertical splits
|
||||
# respectively.
|
||||
bindsym $mod+h splith; exec notify-send 'tile horizontally'
|
||||
bindsym $mod+v splitv; exec notify-send 'tile vertically'
|
||||
# You can "split" the current object of your focus with
|
||||
# $mod+b or $mod+v, for horizontal and vertical splits
|
||||
# respectively.
|
||||
bindsym $mod+h splith; exec notify-send 'tile horizontally'
|
||||
bindsym $mod+v splitv; exec notify-send 'tile vertically'
|
||||
|
||||
# Switch the current container between different layout styles
|
||||
bindsym $mod+s layout stacking
|
||||
bindsym $mod+w layout tabbed
|
||||
bindsym $mod+e layout toggle split
|
||||
# Switch the current container between different layout styles
|
||||
bindsym $mod+s layout stacking
|
||||
bindsym $mod+w layout tabbed
|
||||
bindsym $mod+e layout toggle split
|
||||
|
||||
# Make the current focus fullscreen
|
||||
bindsym $mod+f fullscreen
|
||||
# Make the current focus fullscreen
|
||||
bindsym $mod+f fullscreen
|
||||
|
||||
# Toggle the current focus between tiling and floating mode
|
||||
bindsym $mod+Shift+space floating toggle
|
||||
# Toggle the current focus between tiling and floating mode
|
||||
bindsym $mod+Shift+space floating toggle
|
||||
|
||||
# Swap focus between the tiling area and the floating area
|
||||
bindsym $mod+t focus mode_toggle
|
||||
# Swap focus between the tiling area and the floating area
|
||||
bindsym $mod+t focus mode_toggle
|
||||
|
||||
# Move focus to the parent container
|
||||
bindsym $mod+a focus parent
|
||||
bindsym $mod+d focus child
|
||||
#
|
||||
# Scratchpad:
|
||||
#
|
||||
# Sway has a "scratchpad", which is a bag of holding for windows.
|
||||
# You can send windows there and get them back later.
|
||||
# Move focus to the parent container
|
||||
bindsym $mod+a focus parent
|
||||
bindsym $mod+d focus child
|
||||
#
|
||||
# Scratchpad:
|
||||
#
|
||||
# Sway has a "scratchpad", which is a bag of holding for windows.
|
||||
# You can send windows there and get them back later.
|
||||
|
||||
# Move the currently focused window to the scratchpad
|
||||
bindsym $mod+Shift+minus move scratchpad
|
||||
# Move the currently focused window to the scratchpad
|
||||
bindsym $mod+Shift+minus move scratchpad
|
||||
|
||||
# Show the next scratchpad window or hide the focused scratchpad window.
|
||||
# If there are multiple scratchpad windows, this command cycles through them.
|
||||
bindsym $mod+minus scratchpad show
|
||||
#
|
||||
# Resizing containers:
|
||||
#
|
||||
mode "resize" {
|
||||
# left will shrink the containers width
|
||||
# right will grow the containers width
|
||||
# up will shrink the containers height
|
||||
# down will grow the containers height
|
||||
bindsym $left resize shrink width 10px
|
||||
bindsym $down resize grow height 10px
|
||||
bindsym $up resize shrink height 10px
|
||||
bindsym $right resize grow width 10px
|
||||
# Show the next scratchpad window or hide the focused scratchpad window.
|
||||
# If there are multiple scratchpad windows, this command cycles through them.
|
||||
bindsym $mod+minus scratchpad show
|
||||
#
|
||||
# Resizing containers:
|
||||
#
|
||||
mode "resize" {
|
||||
# left will shrink the containers width
|
||||
# right will grow the containers width
|
||||
# up will shrink the containers height
|
||||
# down will grow the containers height
|
||||
bindsym $left resize shrink width 10px
|
||||
bindsym $down resize grow height 10px
|
||||
bindsym $up resize shrink height 10px
|
||||
bindsym $right resize grow width 10px
|
||||
|
||||
# Ditto, with arrow keys
|
||||
bindsym Left resize shrink width 10px
|
||||
bindsym Down resize grow height 10px
|
||||
bindsym Up resize shrink height 10px
|
||||
bindsym Right resize grow width 10px
|
||||
# Ditto, with arrow keys
|
||||
bindsym Left resize shrink width 10px
|
||||
bindsym Down resize grow height 10px
|
||||
bindsym Up resize shrink height 10px
|
||||
bindsym Right resize grow width 10px
|
||||
|
||||
# Return to default mode
|
||||
bindsym Return mode "default"
|
||||
bindsym Escape mode "default"
|
||||
}
|
||||
bindsym $mod+r mode "resize"
|
||||
# Return to default mode
|
||||
bindsym Return mode "default"
|
||||
bindsym Escape mode "default"
|
||||
}
|
||||
bindsym $mod+r mode "resize"
|
||||
|
||||
include ~/.config/sway/config.d/*''
|
||||
${applications}
|
||||
${gaps}
|
||||
${custom-keybindings}
|
||||
${mode-system}
|
||||
${systemd}
|
||||
${theme}
|
||||
|
||||
include ~/.config/sway/config.d/*
|
||||
''
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{
|
||||
args@{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
|
@ -42,6 +42,18 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
config.sway = {
|
||||
# https://alex.dandrea.io/2024/07/20/fixing-idle-inhibitor-behaviour-in-firefox-with-wayland/
|
||||
# Use xdg-desktop-portal-gtk for every portal interface...
|
||||
default = "gtk";
|
||||
# ... except for the ScreenCast, Screenshot and Secret
|
||||
"org.freedesktop.impl.portal.ScreenCast" = "wlr";
|
||||
"org.freedesktop.impl.portal.Screenshot" = "wlr";
|
||||
# ignore inhibit bc gtk portal always returns as success,
|
||||
# despite sway/the wlr portal not having an implementation,
|
||||
# stopping firefox from using wayland idle-inhibit
|
||||
"org.freedesktop.impl.portal.Inhibit" = "none";
|
||||
};
|
||||
extraPortals = with pkgs; [xdg-desktop-portal-gtk];
|
||||
};
|
||||
|
||||
|
@ -60,8 +72,6 @@ in {
|
|||
wl-clipboard
|
||||
wf-recorder
|
||||
brightnessctl
|
||||
gammastep
|
||||
geoclue2
|
||||
xsettingsd
|
||||
ydotool
|
||||
|
||||
|
@ -72,19 +82,19 @@ in {
|
|||
wcwd
|
||||
];
|
||||
|
||||
home-manager.users."${psCfg.user.name}" = {
|
||||
systemd.user.services.sway = import ./sway.service.nix {inherit pkgs psCfg;};
|
||||
systemd.user.services.xsettingsd = import ./xsettingsd.service.nix {inherit pkgs psCfg;};
|
||||
systemd.user.targets.sway-session = import ./sway-session.target.nix {inherit pkgs psCfg;};
|
||||
services.geoclue2.enable = true;
|
||||
|
||||
xdg.configFile."sway/config".text = import ./config/config.nix {inherit config pkgs;};
|
||||
xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf;
|
||||
xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf;
|
||||
xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf;
|
||||
xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
|
||||
xdg.configFile."sway/config.d/mode_system.conf".text = import ./config/config.d/mode_system.conf.nix {inherit pkgs psCfg;};
|
||||
xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
|
||||
xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
|
||||
home-manager.users."${psCfg.user.name}" = {
|
||||
systemd.user.services.sway = import ./sway.service.nix args;
|
||||
systemd.user.targets.sway-session = import ./sway-session.target.nix args;
|
||||
|
||||
services.xsettingsd.enable = true;
|
||||
services.gammastep = {
|
||||
enable = true;
|
||||
provider = "geoclue2";
|
||||
};
|
||||
|
||||
xdg.configFile."sway/config".text = import ./config/config.nix args;
|
||||
|
||||
services.swayidle = with pkgs; {
|
||||
enable = true;
|
||||
|
@ -96,16 +106,16 @@ in {
|
|||
];
|
||||
timeouts = [
|
||||
{
|
||||
timeout = 120;
|
||||
timeout = 300;
|
||||
command = "${swaylock-bg}/bin/swaylock-bg";
|
||||
}
|
||||
{
|
||||
timeout = 130;
|
||||
timeout = 180;
|
||||
command = "${sway}/bin/swaymsg \"output * dpms off\"";
|
||||
resumeCommand = "${sway}/bin/swaymsg \"output * dpms on\"";
|
||||
}
|
||||
{
|
||||
timeout = 300;
|
||||
timeout = 600;
|
||||
command = "${systemd}/bin/systemctl hibernate";
|
||||
}
|
||||
];
|
||||
|
|
|
@ -1,17 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
Unit = {
|
||||
Description = "set color temperature of display according to time of day";
|
||||
Documentation = ["man:gammastep(1)"];
|
||||
BindsTo = ["sway-session.target"];
|
||||
After = ["sway-session.target"];
|
||||
# ConditionEnvironment requires systemd v247 to work correctly
|
||||
ConditionEnvironment = ["WAYLAND_DISPLAY"];
|
||||
};
|
||||
Service = {
|
||||
Type = "simple";
|
||||
ExecStart = "${pkgs.gammastep}/bin/gammastep -l geoclue2 -m wayland -v";
|
||||
};
|
||||
Install = {
|
||||
WantedBy = ["sway-session.target"];
|
||||
};
|
||||
}
|
|
@ -1,18 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
Unit = {
|
||||
Description = "X Settings Daemon";
|
||||
Documentation = ["https://github.com/derat/xsettingsd/wiki/Installation"];
|
||||
BindsTo = ["sway-session.target"];
|
||||
After = ["sway-session.target"];
|
||||
# ConditionEnvironment requires systemd v247 to work correctly
|
||||
ConditionEnvironment = ["WAYLAND_DISPLAY"];
|
||||
};
|
||||
Service = {
|
||||
Type = "simple";
|
||||
ExecStart = "${pkgs.xsettingsd}/bin/xsettingsd";
|
||||
ExecStop = "/run/current-system/sw/bin/env pkill xsettingsd";
|
||||
};
|
||||
Install = {
|
||||
WantedBy = ["sway-session.target"];
|
||||
};
|
||||
}
|
|
@ -2,13 +2,14 @@
|
|||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
flake,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
in {
|
||||
home-manager.users."${psCfg.user.name}" = {
|
||||
programs.waybar = {
|
||||
programs.waybar = with flake.self.theme.withHashtag; {
|
||||
enable = true;
|
||||
settings.main = {
|
||||
layer = "top";
|
||||
|
@ -46,10 +47,10 @@ in {
|
|||
on-scroll = "-1";
|
||||
on-click-right = "mode";
|
||||
format = {
|
||||
months = "<span color='#ffead3'><b>{}</b></span>";
|
||||
days = "<span color='#ecc6d9'><b>{}</b></span>";
|
||||
weekdays = "<span color='#ffcc66'><b>{}</b></span>";
|
||||
today = "<span color='#ff6699'><b><u>{}</u></b></span>";
|
||||
months = "<span color='#ffead3'><b>{}</b></span>";
|
||||
days = "<span color='#ecc6d9'><b>{}</b></span>";
|
||||
weekdays = "<span color='#ffcc66'><b>{}</b></span>";
|
||||
today = "<span color='#ff6699'><b><u>{}</u></b></span>";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -88,7 +89,25 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
style = builtins.readFile ./.config/waybar/style.css;
|
||||
style = ''
|
||||
@define-color base00 ${base00};
|
||||
@define-color base01 ${base01};
|
||||
@define-color base02 ${base02};
|
||||
@define-color base03 ${base03};
|
||||
@define-color base04 ${base04};
|
||||
@define-color base05 ${base05};
|
||||
@define-color base06 ${base06};
|
||||
@define-color base07 ${base07};
|
||||
@define-color base08 ${base08};
|
||||
@define-color base09 ${base09};
|
||||
@define-color base0A ${base0A};
|
||||
@define-color base0B ${base0B};
|
||||
@define-color base0C ${base0C};
|
||||
@define-color base0D ${base0D};
|
||||
@define-color base0E ${base0E};
|
||||
@define-color base0F ${base0F};
|
||||
|
||||
''+ builtins.readFile ./.config/waybar/style.css;
|
||||
systemd.enable = true;
|
||||
systemd.target = "sway-session.target";
|
||||
};
|
||||
|
|
|
@ -1,215 +1,221 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
cfg = config.services.invoiceplane;
|
||||
eachSite = cfg.sites;
|
||||
user = "invoiceplane";
|
||||
webserver = config.services.${cfg.webserver};
|
||||
|
||||
invoiceplane-config = hostName: cfg: pkgs.writeText "ipconfig.php" ''
|
||||
IP_URL=http://${hostName}
|
||||
ENABLE_DEBUG=false
|
||||
DISABLE_SETUP=false
|
||||
REMOVE_INDEXPHP=false
|
||||
DB_HOSTNAME=${cfg.database.host}
|
||||
DB_USERNAME=${cfg.database.user}
|
||||
# NOTE: file_get_contents adds newline at the end of returned string
|
||||
DB_PASSWORD=${if cfg.database.passwordFile == null then "" else "trim(file_get_contents('${cfg.database.passwordFile}'),\"\\r\\n\")"}
|
||||
DB_DATABASE=${cfg.database.name}
|
||||
DB_PORT=${toString cfg.database.port}
|
||||
SESS_EXPIRATION=864000
|
||||
ENABLE_INVOICE_DELETION=false
|
||||
DISABLE_READ_ONLY=false
|
||||
ENCRYPTION_KEY=
|
||||
ENCRYPTION_CIPHER=AES-256
|
||||
SETUP_COMPLETED=false
|
||||
REMOVE_INDEXPHP=true
|
||||
'';
|
||||
|
||||
extraConfig = hostName: cfg: pkgs.writeText "extraConfig.php" ''
|
||||
${toString cfg.extraConfig}
|
||||
'';
|
||||
|
||||
pkg = hostName: cfg: pkgs.stdenv.mkDerivation rec {
|
||||
pname = "invoiceplane-${hostName}";
|
||||
version = src.version;
|
||||
src = pkgs.invoiceplane;
|
||||
|
||||
postPhase = ''
|
||||
# Patch index.php file to load additional config file
|
||||
substituteInPlace index.php \
|
||||
--replace "require('vendor/autoload.php');" "require('vendor/autoload.php'); \$dotenv = Dotenv\Dotenv::createImmutable(__DIR__, 'extraConfig.php'); \$dotenv->load();";
|
||||
invoiceplane-config = hostName: cfg:
|
||||
pkgs.writeText "ipconfig.php" ''
|
||||
IP_URL=http://${hostName}
|
||||
ENABLE_DEBUG=false
|
||||
DISABLE_SETUP=false
|
||||
REMOVE_INDEXPHP=false
|
||||
DB_HOSTNAME=${cfg.database.host}
|
||||
DB_USERNAME=${cfg.database.user}
|
||||
# NOTE: file_get_contents adds newline at the end of returned string
|
||||
DB_PASSWORD=${
|
||||
if cfg.database.passwordFile == null
|
||||
then ""
|
||||
else "trim(file_get_contents('${cfg.database.passwordFile}'),\"\\r\\n\")"
|
||||
}
|
||||
DB_DATABASE=${cfg.database.name}
|
||||
DB_PORT=${toString cfg.database.port}
|
||||
SESS_EXPIRATION=864000
|
||||
ENABLE_INVOICE_DELETION=false
|
||||
DISABLE_READ_ONLY=false
|
||||
ENCRYPTION_KEY=
|
||||
ENCRYPTION_CIPHER=AES-256
|
||||
SETUP_COMPLETED=false
|
||||
REMOVE_INDEXPHP=true
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r * $out/
|
||||
|
||||
# symlink uploads and log directories
|
||||
rm -r $out/uploads $out/application/logs $out/vendor/mpdf/mpdf/tmp
|
||||
ln -sf ${cfg.stateDir}/uploads $out/
|
||||
ln -sf ${cfg.stateDir}/logs $out/application/
|
||||
ln -sf ${cfg.stateDir}/tmp $out/vendor/mpdf/mpdf/
|
||||
|
||||
# symlink the InvoicePlane config
|
||||
ln -s ${cfg.stateDir}/ipconfig.php $out/ipconfig.php
|
||||
|
||||
# symlink the extraConfig file
|
||||
ln -s ${extraConfig hostName cfg} $out/extraConfig.php
|
||||
|
||||
# symlink additional templates
|
||||
${concatMapStringsSep "\n" (template: "cp -r ${template}/. $out/application/views/invoice_templates/pdf/") cfg.invoiceTemplates}
|
||||
extraConfig = hostName: cfg:
|
||||
pkgs.writeText "extraConfig.php" ''
|
||||
${toString cfg.extraConfig}
|
||||
'';
|
||||
};
|
||||
|
||||
siteOpts = { lib, name, ... }:
|
||||
{
|
||||
options = {
|
||||
pkg = hostName: cfg:
|
||||
pkgs.stdenv.mkDerivation rec {
|
||||
pname = "invoiceplane-${hostName}";
|
||||
version = src.version;
|
||||
src = pkgs.invoiceplane;
|
||||
|
||||
enable = mkEnableOption (lib.mdDoc "InvoicePlane web application");
|
||||
postPhase = ''
|
||||
# Patch index.php file to load additional config file
|
||||
substituteInPlace index.php \
|
||||
--replace "require('vendor/autoload.php');" "require('vendor/autoload.php'); \$dotenv = Dotenv\Dotenv::createImmutable(__DIR__, 'extraConfig.php'); \$dotenv->load();";
|
||||
'';
|
||||
|
||||
stateDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/invoiceplane/${name}";
|
||||
description = lib.mdDoc ''
|
||||
This directory is used for uploads of attachments and cache.
|
||||
The directory passed here is automatically created and permissions
|
||||
adjusted as required.
|
||||
'';
|
||||
};
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r * $out/
|
||||
|
||||
database = {
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
default = "localhost";
|
||||
description = lib.mdDoc "Database host address.";
|
||||
};
|
||||
# symlink uploads and log directories
|
||||
rm -r $out/uploads $out/application/logs $out/vendor/mpdf/mpdf/tmp
|
||||
ln -sf ${cfg.stateDir}/uploads $out/
|
||||
ln -sf ${cfg.stateDir}/logs $out/application/
|
||||
ln -sf ${cfg.stateDir}/tmp $out/vendor/mpdf/mpdf/
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 3306;
|
||||
description = lib.mdDoc "Database host port.";
|
||||
};
|
||||
# symlink the InvoicePlane config
|
||||
ln -s ${cfg.stateDir}/ipconfig.php $out/ipconfig.php
|
||||
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
default = "invoiceplane";
|
||||
description = lib.mdDoc "Database name.";
|
||||
};
|
||||
# symlink the extraConfig file
|
||||
ln -s ${extraConfig hostName cfg} $out/extraConfig.php
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "invoiceplane";
|
||||
description = lib.mdDoc "Database user.";
|
||||
};
|
||||
# symlink additional templates
|
||||
${concatMapStringsSep "\n" (template: "cp -r ${template}/. $out/application/views/invoice_templates/pdf/") cfg.invoiceTemplates}
|
||||
'';
|
||||
};
|
||||
|
||||
passwordFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
example = "/run/keys/invoiceplane-dbpassword";
|
||||
description = lib.mdDoc ''
|
||||
A file containing the password corresponding to
|
||||
{option}`database.user`.
|
||||
'';
|
||||
};
|
||||
|
||||
createLocally = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = lib.mdDoc "Create the database and database user locally.";
|
||||
};
|
||||
};
|
||||
|
||||
invoiceTemplates = mkOption {
|
||||
type = types.listOf types.path;
|
||||
default = [];
|
||||
description = lib.mdDoc ''
|
||||
List of path(s) to respective template(s) which are copied from the 'invoice_templates/pdf' directory.
|
||||
|
||||
::: {.note}
|
||||
These templates need to be packaged before use, see example.
|
||||
:::
|
||||
'';
|
||||
example = literalExpression ''
|
||||
let
|
||||
# Let's package an example template
|
||||
template-vtdirektmarketing = pkgs.stdenv.mkDerivation {
|
||||
name = "vtdirektmarketing";
|
||||
# Download the template from a public repository
|
||||
src = pkgs.fetchgit {
|
||||
url = "https://git.project-insanity.org/onny/invoiceplane-vtdirektmarketing.git";
|
||||
sha256 = "1hh0q7wzsh8v8x03i82p6qrgbxr4v5fb05xylyrpp975l8axyg2z";
|
||||
};
|
||||
sourceRoot = ".";
|
||||
# Installing simply means copying template php file to the output directory
|
||||
installPhase = ""
|
||||
mkdir -p $out
|
||||
cp invoiceplane-vtdirektmarketing/vtdirektmarketing.php $out/
|
||||
"";
|
||||
};
|
||||
# And then pass this package to the template list like this:
|
||||
in [ template-vtdirektmarketing ]
|
||||
'';
|
||||
};
|
||||
|
||||
poolConfig = mkOption {
|
||||
type = with types; attrsOf (oneOf [ str int bool ]);
|
||||
default = {
|
||||
"pm" = "dynamic";
|
||||
"pm.max_children" = 32;
|
||||
"pm.start_servers" = 2;
|
||||
"pm.min_spare_servers" = 2;
|
||||
"pm.max_spare_servers" = 4;
|
||||
"pm.max_requests" = 500;
|
||||
};
|
||||
description = lib.mdDoc ''
|
||||
Options for the InvoicePlane PHP pool. See the documentation on `php-fpm.conf`
|
||||
for details on configuration directives.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.nullOr types.lines;
|
||||
default = null;
|
||||
example = ''
|
||||
SETUP_COMPLETED=true
|
||||
DISABLE_SETUP=true
|
||||
IP_URL=https://invoice.example.com
|
||||
'';
|
||||
description = lib.mdDoc ''
|
||||
InvoicePlane configuration. Refer to
|
||||
<https://github.com/InvoicePlane/InvoicePlane/blob/master/ipconfig.php.example>
|
||||
for details on supported values.
|
||||
'';
|
||||
};
|
||||
|
||||
cron = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = lib.mdDoc ''
|
||||
Enable cron service which periodically runs Invoiceplane tasks.
|
||||
Requires key taken from the administration page. Refer to
|
||||
<https://wiki.invoiceplane.com/en/1.0/modules/recurring-invoices>
|
||||
on how to configure it.
|
||||
'';
|
||||
};
|
||||
|
||||
key = mkOption {
|
||||
type = types.str;
|
||||
description = lib.mdDoc "Cron key taken from the administration page.";
|
||||
};
|
||||
|
||||
};
|
||||
siteOpts = {
|
||||
lib,
|
||||
name,
|
||||
...
|
||||
}: {
|
||||
options = {
|
||||
enable = mkEnableOption (lib.mdDoc "InvoicePlane web application");
|
||||
|
||||
stateDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/invoiceplane/${name}";
|
||||
description = lib.mdDoc ''
|
||||
This directory is used for uploads of attachments and cache.
|
||||
The directory passed here is automatically created and permissions
|
||||
adjusted as required.
|
||||
'';
|
||||
};
|
||||
|
||||
database = {
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
default = "localhost";
|
||||
description = lib.mdDoc "Database host address.";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 3306;
|
||||
description = lib.mdDoc "Database host port.";
|
||||
};
|
||||
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
default = "invoiceplane";
|
||||
description = lib.mdDoc "Database name.";
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "invoiceplane";
|
||||
description = lib.mdDoc "Database user.";
|
||||
};
|
||||
|
||||
passwordFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
example = "/run/keys/invoiceplane-dbpassword";
|
||||
description = lib.mdDoc ''
|
||||
A file containing the password corresponding to
|
||||
{option}`database.user`.
|
||||
'';
|
||||
};
|
||||
|
||||
createLocally = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = lib.mdDoc "Create the database and database user locally.";
|
||||
};
|
||||
};
|
||||
|
||||
invoiceTemplates = mkOption {
|
||||
type = types.listOf types.path;
|
||||
default = [];
|
||||
description = lib.mdDoc ''
|
||||
List of path(s) to respective template(s) which are copied from the 'invoice_templates/pdf' directory.
|
||||
|
||||
::: {.note}
|
||||
These templates need to be packaged before use, see example.
|
||||
:::
|
||||
'';
|
||||
example = literalExpression ''
|
||||
let
|
||||
# Let's package an example template
|
||||
template-vtdirektmarketing = pkgs.stdenv.mkDerivation {
|
||||
name = "vtdirektmarketing";
|
||||
# Download the template from a public repository
|
||||
src = pkgs.fetchgit {
|
||||
url = "https://git.project-insanity.org/onny/invoiceplane-vtdirektmarketing.git";
|
||||
sha256 = "1hh0q7wzsh8v8x03i82p6qrgbxr4v5fb05xylyrpp975l8axyg2z";
|
||||
};
|
||||
sourceRoot = ".";
|
||||
# Installing simply means copying template php file to the output directory
|
||||
installPhase = ""
|
||||
mkdir -p $out
|
||||
cp invoiceplane-vtdirektmarketing/vtdirektmarketing.php $out/
|
||||
"";
|
||||
};
|
||||
# And then pass this package to the template list like this:
|
||||
in [ template-vtdirektmarketing ]
|
||||
'';
|
||||
};
|
||||
|
||||
poolConfig = mkOption {
|
||||
type = with types; attrsOf (oneOf [str int bool]);
|
||||
default = {
|
||||
"pm" = "dynamic";
|
||||
"pm.max_children" = 32;
|
||||
"pm.start_servers" = 2;
|
||||
"pm.min_spare_servers" = 2;
|
||||
"pm.max_spare_servers" = 4;
|
||||
"pm.max_requests" = 500;
|
||||
};
|
||||
description = lib.mdDoc ''
|
||||
Options for the InvoicePlane PHP pool. See the documentation on `php-fpm.conf`
|
||||
for details on configuration directives.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.nullOr types.lines;
|
||||
default = null;
|
||||
example = ''
|
||||
SETUP_COMPLETED=true
|
||||
DISABLE_SETUP=true
|
||||
IP_URL=https://invoice.example.com
|
||||
'';
|
||||
description = lib.mdDoc ''
|
||||
InvoicePlane configuration. Refer to
|
||||
<https://github.com/InvoicePlane/InvoicePlane/blob/master/ipconfig.php.example>
|
||||
for details on supported values.
|
||||
'';
|
||||
};
|
||||
|
||||
cron = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = lib.mdDoc ''
|
||||
Enable cron service which periodically runs Invoiceplane tasks.
|
||||
Requires key taken from the administration page. Refer to
|
||||
<https://wiki.invoiceplane.com/en/1.0/modules/recurring-invoices>
|
||||
on how to configure it.
|
||||
'';
|
||||
};
|
||||
|
||||
key = mkOption {
|
||||
type = types.str;
|
||||
description = lib.mdDoc "Cron key taken from the administration page.";
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
};
|
||||
in {
|
||||
disabledModules = [
|
||||
"services/web-apps/invoiceplane.nix"
|
||||
];
|
||||
|
@ -218,7 +224,6 @@ in
|
|||
options = {
|
||||
services.invoiceplane = mkOption {
|
||||
type = types.submodule {
|
||||
|
||||
options.sites = mkOption {
|
||||
type = types.attrsOf (types.submodule siteOpts);
|
||||
default = {};
|
||||
|
@ -226,7 +231,7 @@ in
|
|||
};
|
||||
|
||||
options.webserver = mkOption {
|
||||
type = types.enum [ "caddy" "nginx" ];
|
||||
type = types.enum ["caddy" "nginx"];
|
||||
default = "caddy";
|
||||
description = lib.mdDoc ''
|
||||
Which webserver to use for virtual host management. Currently only
|
||||
|
@ -237,160 +242,172 @@ in
|
|||
default = {};
|
||||
description = lib.mdDoc "InvoicePlane configuration.";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
# implementation
|
||||
config = mkIf (eachSite != {}) (mkMerge [{
|
||||
config = mkIf (eachSite != {}) (mkMerge [
|
||||
{
|
||||
assertions = flatten (mapAttrsToList (hostName: cfg: [
|
||||
{
|
||||
assertion = cfg.database.createLocally -> cfg.database.user == user;
|
||||
message = ''services.invoiceplane.sites."${hostName}".database.user must be ${user} if the database is to be automatically provisioned'';
|
||||
}
|
||||
{
|
||||
assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
|
||||
message = ''services.invoiceplane.sites."${hostName}".database.passwordFile cannot be specified if services.invoiceplane.sites."${hostName}".database.createLocally is set to true.'';
|
||||
}
|
||||
{
|
||||
assertion = cfg.cron.enable -> cfg.cron.key != null;
|
||||
message = ''services.invoiceplane.sites."${hostName}".cron.key must be set in order to use cron service.'';
|
||||
}
|
||||
])
|
||||
eachSite);
|
||||
|
||||
assertions = flatten (mapAttrsToList (hostName: cfg:
|
||||
[{ assertion = cfg.database.createLocally -> cfg.database.user == user;
|
||||
message = ''services.invoiceplane.sites."${hostName}".database.user must be ${user} if the database is to be automatically provisioned'';
|
||||
}
|
||||
{ assertion = cfg.database.createLocally -> cfg.database.passwordFile == null;
|
||||
message = ''services.invoiceplane.sites."${hostName}".database.passwordFile cannot be specified if services.invoiceplane.sites."${hostName}".database.createLocally is set to true.'';
|
||||
}
|
||||
{ assertion = cfg.cron.enable -> cfg.cron.key != null;
|
||||
message = ''services.invoiceplane.sites."${hostName}".cron.key must be set in order to use cron service.'';
|
||||
}
|
||||
]) eachSite);
|
||||
|
||||
services.mysql = mkIf (any (v: v.database.createLocally) (attrValues eachSite)) {
|
||||
enable = true;
|
||||
package = mkDefault pkgs.mariadb;
|
||||
ensureDatabases = mapAttrsToList (hostName: cfg: cfg.database.name) eachSite;
|
||||
ensureUsers = mapAttrsToList (hostName: cfg:
|
||||
{ name = cfg.database.user;
|
||||
ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; };
|
||||
}
|
||||
) eachSite;
|
||||
};
|
||||
|
||||
services.phpfpm = {
|
||||
phpPackage = pkgs.php81;
|
||||
pools = mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "invoiceplane-${hostName}" {
|
||||
inherit user;
|
||||
group = webserver.group;
|
||||
settings = {
|
||||
"listen.owner" = webserver.user;
|
||||
"listen.group" = webserver.group;
|
||||
} // cfg.poolConfig;
|
||||
}
|
||||
)) eachSite;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
{
|
||||
|
||||
systemd.tmpfiles.rules = flatten (mapAttrsToList (hostName: cfg: [
|
||||
"d ${cfg.stateDir} 0750 ${user} ${webserver.group} - -"
|
||||
"f ${cfg.stateDir}/ipconfig.php 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/logs 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads/archive 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads/customer_files 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads/temp 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads/temp/mpdf 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/tmp 0750 ${user} ${webserver.group} - -"
|
||||
]) eachSite);
|
||||
|
||||
systemd.services.invoiceplane-config = {
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = concatStrings (mapAttrsToList (hostName: cfg:
|
||||
''
|
||||
mkdir -p ${cfg.stateDir}/logs \
|
||||
${cfg.stateDir}/uploads
|
||||
if ! grep -q IP_URL "${cfg.stateDir}/ipconfig.php"; then
|
||||
cp "${invoiceplane-config hostName cfg}" "${cfg.stateDir}/ipconfig.php"
|
||||
fi
|
||||
'') eachSite);
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
|
||||
users.users.${user} = {
|
||||
group = webserver.group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
}
|
||||
{
|
||||
|
||||
# Cron service implementation
|
||||
|
||||
systemd.timers = mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnBootSec = "5m";
|
||||
OnUnitActiveSec = "5m";
|
||||
Unit = "invoiceplane-cron-${hostName}.service";
|
||||
};
|
||||
})
|
||||
)) eachSite;
|
||||
|
||||
systemd.services =
|
||||
mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = user;
|
||||
ExecStart = "${pkgs.curl}/bin/curl --header 'Host: ${hostName}' http://localhost/invoices/cron/recur/${cfg.cron.key}";
|
||||
};
|
||||
})
|
||||
)) eachSite;
|
||||
|
||||
}
|
||||
|
||||
(mkIf (cfg.webserver == "caddy") {
|
||||
services.caddy = {
|
||||
enable = true;
|
||||
virtualHosts = mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "http://${hostName}" {
|
||||
extraConfig = ''
|
||||
root * ${pkg hostName cfg}
|
||||
file_server
|
||||
php_fastcgi unix/${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}
|
||||
'';
|
||||
}
|
||||
)) eachSite;
|
||||
};
|
||||
})
|
||||
|
||||
(mkIf (cfg.webserver == "nginx") {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts = mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "${hostName}" {
|
||||
root = "${pkg hostName cfg}";
|
||||
extraConfig = ''
|
||||
index index.php index.html index.htm;
|
||||
|
||||
if (!-e $request_filename){
|
||||
rewrite ^(.*)$ /index.php break;
|
||||
services.mysql = mkIf (any (v: v.database.createLocally) (attrValues eachSite)) {
|
||||
enable = true;
|
||||
package = mkDefault pkgs.mariadb;
|
||||
ensureDatabases = mapAttrsToList (hostName: cfg: cfg.database.name) eachSite;
|
||||
ensureUsers =
|
||||
mapAttrsToList (
|
||||
hostName: cfg: {
|
||||
name = cfg.database.user;
|
||||
ensurePermissions = {"${cfg.database.name}.*" = "ALL PRIVILEGES";};
|
||||
}
|
||||
'';
|
||||
)
|
||||
eachSite;
|
||||
};
|
||||
|
||||
locations = {
|
||||
"/setup".extraConfig = ''
|
||||
rewrite ^(.*)$ http://${hostName}/ redirect;
|
||||
'';
|
||||
services.phpfpm = {
|
||||
phpPackage = pkgs.php81;
|
||||
pools =
|
||||
mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "invoiceplane-${hostName}" {
|
||||
inherit user;
|
||||
group = webserver.group;
|
||||
settings =
|
||||
{
|
||||
"listen.owner" = webserver.user;
|
||||
"listen.group" = webserver.group;
|
||||
}
|
||||
// cfg.poolConfig;
|
||||
}
|
||||
))
|
||||
eachSite;
|
||||
};
|
||||
}
|
||||
|
||||
"~ .php$" = {
|
||||
extraConfig = ''
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools."invoiceplane-${hostName}".socket};
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
include ${pkgs.nginx}/conf/fastcgi.conf;
|
||||
'';
|
||||
{
|
||||
systemd.tmpfiles.rules = flatten (mapAttrsToList (hostName: cfg: [
|
||||
"d ${cfg.stateDir} 0750 ${user} ${webserver.group} - -"
|
||||
"f ${cfg.stateDir}/ipconfig.php 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/logs 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads/archive 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads/customer_files 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads/temp 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/uploads/temp/mpdf 0750 ${user} ${webserver.group} - -"
|
||||
"d ${cfg.stateDir}/tmp 0750 ${user} ${webserver.group} - -"
|
||||
])
|
||||
eachSite);
|
||||
|
||||
systemd.services.invoiceplane-config = {
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = concatStrings (mapAttrsToList (hostName: cfg: ''
|
||||
mkdir -p ${cfg.stateDir}/logs \
|
||||
${cfg.stateDir}/uploads
|
||||
if ! grep -q IP_URL "${cfg.stateDir}/ipconfig.php"; then
|
||||
cp "${invoiceplane-config hostName cfg}" "${cfg.stateDir}/ipconfig.php"
|
||||
fi
|
||||
'')
|
||||
eachSite);
|
||||
wantedBy = ["multi-user.target"];
|
||||
};
|
||||
|
||||
users.users.${user} = {
|
||||
group = webserver.group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
}
|
||||
{
|
||||
# Cron service implementation
|
||||
|
||||
systemd.timers =
|
||||
mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
|
||||
wantedBy = ["timers.target"];
|
||||
timerConfig = {
|
||||
OnBootSec = "5m";
|
||||
OnUnitActiveSec = "5m";
|
||||
Unit = "invoiceplane-cron-${hostName}.service";
|
||||
};
|
||||
};
|
||||
}
|
||||
)) eachSite;
|
||||
};
|
||||
})
|
||||
})
|
||||
))
|
||||
eachSite;
|
||||
|
||||
systemd.services =
|
||||
mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "invoiceplane-cron-${hostName}" (mkIf cfg.cron.enable {
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = user;
|
||||
ExecStart = "${pkgs.curl}/bin/curl --header 'Host: ${hostName}' http://localhost/invoices/cron/recur/${cfg.cron.key}";
|
||||
};
|
||||
})
|
||||
))
|
||||
eachSite;
|
||||
}
|
||||
|
||||
(mkIf (cfg.webserver == "caddy") {
|
||||
services.caddy = {
|
||||
enable = true;
|
||||
virtualHosts =
|
||||
mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "http://${hostName}" {
|
||||
extraConfig = ''
|
||||
root * ${pkg hostName cfg}
|
||||
file_server
|
||||
php_fastcgi unix/${config.services.phpfpm.pools."invoiceplane-${hostName}".socket}
|
||||
'';
|
||||
}
|
||||
))
|
||||
eachSite;
|
||||
};
|
||||
})
|
||||
|
||||
(mkIf (cfg.webserver == "nginx") {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts =
|
||||
mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "${hostName}" {
|
||||
root = "${pkg hostName cfg}";
|
||||
extraConfig = ''
|
||||
index index.php index.html index.htm;
|
||||
|
||||
if (!-e $request_filename){
|
||||
rewrite ^(.*)$ /index.php break;
|
||||
}
|
||||
'';
|
||||
|
||||
locations = {
|
||||
"/setup".extraConfig = ''
|
||||
rewrite ^(.*)$ http://${hostName}/ redirect;
|
||||
'';
|
||||
|
||||
"~ .php$" = {
|
||||
extraConfig = ''
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools."invoiceplane-${hostName}".socket};
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
include ${pkgs.nginx}/conf/fastcgi.conf;
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
))
|
||||
eachSite;
|
||||
};
|
||||
})
|
||||
]);
|
||||
}
|
||||
|
|
|
@ -5,16 +5,17 @@
|
|||
flake,
|
||||
...
|
||||
}: {
|
||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
||||
"steam"
|
||||
"steam-original"
|
||||
"steam-run"
|
||||
"hplip"
|
||||
"cups-brother-hl3140cw"
|
||||
"uhk-agent"
|
||||
"uhk-udev-rules"
|
||||
"zoom"
|
||||
];
|
||||
nixpkgs.config.allowUnfreePredicate = pkg:
|
||||
builtins.elem (lib.getName pkg) [
|
||||
"steam"
|
||||
"steam-original"
|
||||
"steam-run"
|
||||
"hplip"
|
||||
"cups-brother-hl3140cw"
|
||||
"cloudflare-warp"
|
||||
"uhk-agent"
|
||||
"uhk-udev-rules"
|
||||
];
|
||||
|
||||
nix = {
|
||||
# Use default version alias for nix package
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
environment.persistence."/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
|
@ -17,7 +20,7 @@
|
|||
|
||||
fileSystems."/etc/nixos" = {
|
||||
device = "/home/${config.pub-solar.user.name}/Workspace/os";
|
||||
options = [ "bind" ];
|
||||
options = ["bind"];
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
{pkgs, ...}: {
|
||||
services.cron = {
|
||||
enable = true;
|
||||
systemCronJobs = [
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
}: {
|
||||
services.avahi.enable = true;
|
||||
services.avahi.ipv6 = true;
|
||||
services.avahi.nssmdns = true;
|
||||
services.avahi.nssmdns4 = true;
|
||||
services.avahi.publish.enable = true;
|
||||
services.avahi.publish.userServices = true;
|
||||
|
||||
|
@ -16,9 +16,19 @@
|
|||
services.printing.listenAddresses = ["localhost:631"];
|
||||
services.printing.defaultShared = lib.mkDefault false;
|
||||
|
||||
services.printing.drivers = [
|
||||
pkgs.gutenprint
|
||||
] ++ (if (pkgs.system == "x86_64-linux")
|
||||
then [ pkgs.cups-brother-hl3140cw ]
|
||||
else []);
|
||||
services.printing.drivers =
|
||||
[
|
||||
pkgs.gutenprint
|
||||
]
|
||||
++ (
|
||||
if (pkgs.system == "x86_64-linux")
|
||||
then [pkgs.cups-brother-hl3140cw]
|
||||
else []
|
||||
);
|
||||
|
||||
environment.persistence."/persist" = {
|
||||
directories = [
|
||||
"/etc/lib/cups"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
lib,
|
||||
...
|
||||
}: {
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
networking.firewall.allowedTCPPorts = [80 443];
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,12 +1,7 @@
|
|||
## Headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
proxy_set_header X-Forwarded-URI $request_uri;
|
||||
proxy_set_header X-Forwarded-Ssl on;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
## Basic Proxy Configuration
|
||||
client_body_buffer_size 128k;
|
||||
|
@ -21,7 +16,7 @@ proxy_buffers 64 256k;
|
|||
## Please read the following documentation before configuring this:
|
||||
## https://www.authelia.com/integration/proxies/nginx/#trusted-proxies
|
||||
set_real_ip_from 10.13.12.0/24;
|
||||
set_real_ip_from fc00::/7;
|
||||
set_real_ip_from fd00:b12f:acab:1312:acab::/80;
|
||||
|
||||
real_ip_header X-Forwarded-For;
|
||||
real_ip_recursive on;
|
||||
|
|
|
@ -12,8 +12,8 @@ in '' [user]
|
|||
else ""
|
||||
}
|
||||
${
|
||||
if user.fullName != null
|
||||
then "name = ${user.fullName}"
|
||||
if user.name != null
|
||||
then "name = ${user.name}"
|
||||
else ""
|
||||
}
|
||||
${
|
||||
|
@ -27,7 +27,19 @@ in '' [user]
|
|||
[alias]
|
||||
pol = pull
|
||||
ack = -c color.grep.linenumber=\"bold yellow\"\n -c color.grep.filename=\"bold green\"\n -c color.grep.match=\"reverse yellow\"\n grep --break --heading --line-number
|
||||
# define command which will be used when "nvim"is set as a merge tool
|
||||
lg = "!f() { \
|
||||
git log --all --color --graph --pretty=format:'%C(bold yellow)<sig>%G?</sig>%C(reset) %C(red)%h%C(reset) -%C(yellow)%d%C(reset) %s %C(green)(%cr) %C(blue)<%an>%C(reset)' | \
|
||||
sed \
|
||||
-e 's#<sig>G</sig>#Good#' \
|
||||
-e 's#<sig>B</sig>#\\nBAD \\nBAD \\nBAD \\nBAD \\nBAD#' \
|
||||
-e 's#<sig>U</sig>#Unknown#' \
|
||||
-e 's#<sig>X</sig>#Expired#' \
|
||||
-e 's#<sig>Y</sig>#Expired Key#' \
|
||||
-e 's#<sig>R</sig>#Revoked#' \
|
||||
-e 's#<sig>E</sig>#Missing Key#' \
|
||||
-e 's#<sig>N</sig>#None#' | \
|
||||
less -r; \
|
||||
}; f"
|
||||
|
||||
[mergetool]
|
||||
prompt = false
|
||||
|
|
|
@ -6,27 +6,27 @@
|
|||
user = config.pub-solar.user;
|
||||
xdg = config.home-manager.users."${user.name}".xdg;
|
||||
in ''
|
||||
# What happened?
|
||||
#
|
||||
# fix feat build chore ci docs style refactor perf test
|
||||
#
|
||||
# type!(optional scope): <summary> --------------#
|
||||
#
|
||||
# What happened?
|
||||
#
|
||||
# fix feat build chore ci docs style refactor perf test
|
||||
#
|
||||
# type!(optional scope): <summary> --------------#
|
||||
#
|
||||
|
||||
|
||||
# ^\n
|
||||
# What exactly was done and why? --------------------------------------#
|
||||
#
|
||||
# ^\n
|
||||
# What exactly was done and why? --------------------------------------#
|
||||
#
|
||||
|
||||
|
||||
# ^\n
|
||||
#
|
||||
# Any issue numbers or links?
|
||||
#
|
||||
# Ref: #123
|
||||
# ^\n
|
||||
#
|
||||
# Any issue numbers or links?
|
||||
#
|
||||
# Ref: #123
|
||||
|
||||
|
||||
# ^\n
|
||||
#
|
||||
# Co-authored-by: Example Name <email@example.com>
|
||||
# ^\n
|
||||
#
|
||||
# Co-authored-by: Example Name <email@example.com>
|
||||
''
|
||||
|
|
|
@ -1,126 +0,0 @@
|
|||
#!/bin/sh
|
||||
# base16-shell (https://github.com/chriskempson/base16-shell)
|
||||
# Base16 Shell template by Chris Kempson (http://chriskempson.com)
|
||||
# Burn scheme by Benjamin Bädorf
|
||||
|
||||
color00="1a/18/1a" # Base 00 - Black
|
||||
color01="f8/5e/84" # Base 08 - Red
|
||||
color02="9e/cd/6f" # Base 0B - Green
|
||||
color03="e5/c4/63" # Base 0A - Yellow
|
||||
color04="7a/cc/d7" # Base 0D - Blue
|
||||
color05="ab/9d/f2" # Base 0E - Magenta
|
||||
color06="ef/90/62" # Base 0C - Cyan
|
||||
color07="e3/e1/e4" # Base 05 - White
|
||||
color08="94/94/94" # Base 03 - Bright Black
|
||||
color09=$color01 # Base 08 - Bright Red
|
||||
color10=$color02 # Base 0B - Bright Green
|
||||
color11=$color03 # Base 0A - Bright Yellow
|
||||
color12=$color04 # Base 0D - Bright Blue
|
||||
color13=$color05 # Base 0E - Bright Magenta
|
||||
color14=$color06 # Base 0C - Bright Cyan
|
||||
color15="ff/5f/5f" # Base 07 - Bright White
|
||||
color16="df/59/23" # Base 09
|
||||
color17="d7/00/00" # Base 0F
|
||||
color18="2d/2a/2e" # Base 01
|
||||
color19="30/30/30" # Base 02
|
||||
color20="d3/d1/d4" # Base 04
|
||||
color21="30/30/30" # Base 06
|
||||
color_foreground="e3/e1/e4" # Base 05
|
||||
color_background="1a/18/1a" # Base 00
|
||||
|
||||
if [ -n "$TMUX" ]; then
|
||||
# Tell tmux to pass the escape sequences through
|
||||
# (Source: http://permalink.gmane.org/gmane.comp.terminal-emulators.tmux.user/1324)
|
||||
put_template() { printf '\033Ptmux;\033\033]4;%d;rgb:%s\033\033\\\033\\' $@; }
|
||||
put_template_var() { printf '\033Ptmux;\033\033]%d;rgb:%s\033\033\\\033\\' $@; }
|
||||
put_template_custom() { printf '\033Ptmux;\033\033]%s%s\033\033\\\033\\' $@; }
|
||||
elif [ "${TERM%%[-.]*}" = "screen" ]; then
|
||||
# GNU screen (screen, screen-256color, screen-256color-bce)
|
||||
put_template() { printf '\033P\033]4;%d;rgb:%s\007\033\\' $@; }
|
||||
put_template_var() { printf '\033P\033]%d;rgb:%s\007\033\\' $@; }
|
||||
put_template_custom() { printf '\033P\033]%s%s\007\033\\' $@; }
|
||||
elif [ "${TERM%%-*}" = "linux" ]; then
|
||||
put_template() { [ $1 -lt 16 ] && printf "\e]P%x%s" $1 $(echo $2 | sed 's/\///g'); }
|
||||
put_template_var() { true; }
|
||||
put_template_custom() { true; }
|
||||
else
|
||||
put_template() { printf '\033]4;%d;rgb:%s\033\\' $@; }
|
||||
put_template_var() { printf '\033]%d;rgb:%s\033\\' $@; }
|
||||
put_template_custom() { printf '\033]%s%s\033\\' $@; }
|
||||
fi
|
||||
|
||||
# 16 color space
|
||||
put_template 0 $color00
|
||||
put_template 1 $color01
|
||||
put_template 2 $color02
|
||||
put_template 3 $color03
|
||||
put_template 4 $color04
|
||||
put_template 5 $color05
|
||||
put_template 6 $color06
|
||||
put_template 7 $color07
|
||||
put_template 8 $color08
|
||||
put_template 9 $color09
|
||||
put_template 10 $color10
|
||||
put_template 11 $color11
|
||||
put_template 12 $color12
|
||||
put_template 13 $color13
|
||||
put_template 14 $color14
|
||||
put_template 15 $color15
|
||||
|
||||
# 256 color space
|
||||
put_template 16 $color16
|
||||
put_template 17 $color17
|
||||
put_template 18 $color18
|
||||
put_template 19 $color19
|
||||
put_template 20 $color20
|
||||
put_template 21 $color21
|
||||
|
||||
# foreground / background / cursor color
|
||||
if [ -n "$ITERM_SESSION_ID" ]; then
|
||||
# iTerm2 proprietary escape codes
|
||||
put_template_custom Pg e3e1e4 # foreground
|
||||
put_template_custom Ph 1a181a # background
|
||||
put_template_custom Pi e3e1e4 # bold color
|
||||
put_template_custom Pj 303030 # selection color
|
||||
put_template_custom Pk e3e1e4 # selected text color
|
||||
put_template_custom Pl e3e1e4 # cursor
|
||||
put_template_custom Pm 1a181a # cursor text
|
||||
else
|
||||
put_template_var 10 $color_foreground
|
||||
if [ "$BASE16_SHELL_SET_BACKGROUND" != false ]; then
|
||||
put_template_var 11 $color_background
|
||||
if [ "${TERM%%-*}" = "rxvt" ]; then
|
||||
put_template_var 708 $color_background # internal border (rxvt)
|
||||
fi
|
||||
fi
|
||||
put_template_custom 12 ";7" # cursor (reverse video)
|
||||
fi
|
||||
|
||||
# clean up
|
||||
unset -f put_template
|
||||
unset -f put_template_var
|
||||
unset -f put_template_custom
|
||||
unset color00
|
||||
unset color01
|
||||
unset color02
|
||||
unset color03
|
||||
unset color04
|
||||
unset color05
|
||||
unset color06
|
||||
unset color07
|
||||
unset color08
|
||||
unset color09
|
||||
unset color10
|
||||
unset color11
|
||||
unset color12
|
||||
unset color13
|
||||
unset color14
|
||||
unset color15
|
||||
unset color16
|
||||
unset color17
|
||||
unset color18
|
||||
unset color19
|
||||
unset color20
|
||||
unset color21
|
||||
unset color_foreground
|
||||
unset color_background
|
|
@ -99,13 +99,11 @@ in {
|
|||
vi = "nvim";
|
||||
vim = "nvim";
|
||||
mutt = "neomutt";
|
||||
cat = "bat";
|
||||
ls = "eza";
|
||||
la = "eza --group-directories-first -lag";
|
||||
wget = "wget --hsts-file=$XDG_CACHE_HOME/wget-hsts";
|
||||
irssi = "irssi --config=$XDG_CONFIG_HOME/irssi/config --home=$XDG_DATA_HOME/irssi";
|
||||
drone = "DRONE_TOKEN=$(secret-tool lookup drone token) drone";
|
||||
no = "manix \"\" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --preview=\"manix '{}'\" | xargs manix";
|
||||
myip = "dig +short myip.opendns.com @208.67.222.222 2>&1";
|
||||
nnn = "nnn -d -e -H -r";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
{
|
||||
args@{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
flake,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
@ -19,33 +20,45 @@ in {
|
|||
};
|
||||
|
||||
config = {
|
||||
programs.command-not-found.enable = false;
|
||||
programs.command-not-found.enable = true;
|
||||
|
||||
users.users."${psCfg.user.name}".packages = with pkgs; [
|
||||
ack
|
||||
asciinema
|
||||
bat
|
||||
blesh
|
||||
eza
|
||||
fd
|
||||
jump
|
||||
(nnn.overrideAttrs (o: {
|
||||
patches =
|
||||
(o.patches or [])
|
||||
++ [
|
||||
./nnn/0001-feat-use-wasd-keybindings-for-jkli.patch
|
||||
];
|
||||
}))
|
||||
p
|
||||
powerline
|
||||
screen
|
||||
silver-searcher
|
||||
watson
|
||||
];
|
||||
users.users."${psCfg.user.name}".packages = with pkgs;
|
||||
[
|
||||
tealdeer
|
||||
asciinema
|
||||
blesh
|
||||
eza
|
||||
fd
|
||||
ripgrep
|
||||
(nnn.overrideAttrs (o: {
|
||||
patches =
|
||||
(o.patches or [])
|
||||
++ [
|
||||
./nnn/0001-feat-use-wasd-keybindings-for-jkli.patch
|
||||
];
|
||||
}))
|
||||
p
|
||||
powerline
|
||||
screen
|
||||
watson
|
||||
jump
|
||||
bat
|
||||
]
|
||||
++ (
|
||||
if cfg.full
|
||||
then [
|
||||
# Nix specific utilities
|
||||
alejandra
|
||||
manix
|
||||
nix-index
|
||||
nix-tree
|
||||
nix-inspect
|
||||
nvd
|
||||
]
|
||||
else []
|
||||
);
|
||||
|
||||
home-manager.users."${psCfg.user.name}" = {
|
||||
xdg.dataFile."scripts/base16.sh".source = .local/share/scripts/base16.sh;
|
||||
|
||||
programs.less = {
|
||||
enable = true;
|
||||
keys = ''
|
||||
|
@ -60,49 +73,26 @@ in {
|
|||
# starship.toml has sane defaults that can be changed there
|
||||
programs.starship = {
|
||||
enable = true;
|
||||
settings = import ./starship.toml.nix;
|
||||
settings = import ./starship.toml.nix flake.self.theme.withHashtag;
|
||||
};
|
||||
|
||||
programs.bash = import ./bash {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
inherit lib;
|
||||
};
|
||||
programs.bash = import ./bash args;
|
||||
|
||||
programs.fzf = import ./fzf {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
};
|
||||
programs.fzf = import ./fzf args;
|
||||
|
||||
programs.neovim = import ./nvim {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
inherit lib;
|
||||
};
|
||||
programs.neovim = import ./nvim args;
|
||||
# Ensure nvim backup directory gets created
|
||||
# Workaround for E510: Can't make backup file (add ! to override)
|
||||
xdg.dataFile."nvim/backup/.keep".text = "";
|
||||
xdg.dataFile."nvim/json-schemas/.keep".text = "";
|
||||
# Generated with:
|
||||
# docker run -it --name caddy-json-schema registry.greenbaum.cloud/gc/caddy-l4:2.5.2 caddy json-schema -output /srv/caddy_schema.json
|
||||
xdg.dataFile."nvim/json-schemas/caddy_schema.json".source = .local/share/nvim/json-schemas/caddy_schema.json;
|
||||
xdg.dataFile."nvim/templates/.keep".text = "";
|
||||
|
||||
programs.git = import ./git {};
|
||||
xdg.configFile."git/config".text = import ./.config/git/config.nix {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
};
|
||||
xdg.configFile."git/gitmessage".text = import ./.config/git/gitmessage.nix {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
};
|
||||
xdg.configFile."git/global_gitignore".text = import ./.config/git/global_gitignore.nix {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
};
|
||||
programs.git = import ./git args;
|
||||
xdg.configFile."git/config".text = import ./.config/git/config.nix args;
|
||||
xdg.configFile."git/gitmessage".text = import ./.config/git/gitmessage.nix args;
|
||||
xdg.configFile."git/global_gitignore".text = import ./.config/git/global_gitignore.nix args;
|
||||
|
||||
programs.direnv = import ./direnv {};
|
||||
programs.direnv = import ./direnv args;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ ... }:
|
||||
{
|
||||
{...}: {
|
||||
enable = true;
|
||||
nix-direnv = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,15 +1,17 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
flake,
|
||||
...
|
||||
}: {
|
||||
enable = true;
|
||||
defaultCommand = "fd --hidden --type f --exclude .git";
|
||||
defaultOptions = [
|
||||
"--color=bg+:#2d2a2e,bg:#1a181a,spinner:#ef9062,hl:#7accd7"
|
||||
"--color=fg:#d3d1d4,header:#7accd7,info:#e5c463,pointer:#ef9062"
|
||||
"--color=marker:#ef9062,fg+:#303030,prompt:#e5c463,hl+:#7accd7"
|
||||
defaultOptions = with flake.self.theme.withHashtag; [
|
||||
"--color=bg+:${base01},bg:${base00},spinner:${base0C},hl:${base0D}"
|
||||
"--color=fg:${base04},header:${base0D},info:${base0A},pointer:${base0C}"
|
||||
"--color=marker:${base0C},fg+:${base02},prompt:${base0A},hl+:${base0D}"
|
||||
];
|
||||
|
||||
# Use ble.sh for completions, see
|
||||
# modules/terminal-life/bash/default.nix -> bleopt complete_menu_style=desc
|
||||
# and https://github.com/akinomyoga/ble.sh/wiki/Manual-%C2%A77-Completion
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ ... }:
|
||||
{
|
||||
{...}: {
|
||||
enable = true;
|
||||
|
||||
extraConfig = {
|
||||
|
|
48
modules/terminal-life/nvim/cmp.vim
Normal file
48
modules/terminal-life/nvim/cmp.vim
Normal file
|
@ -0,0 +1,48 @@
|
|||
lua <<EOF
|
||||
|
||||
local luasnip = require 'luasnip'
|
||||
|
||||
local cmp = require 'cmp'
|
||||
cmp.setup {
|
||||
snippet = {
|
||||
expand = function(args)
|
||||
require('luasnip').lsp_expand(args.body)
|
||||
end,
|
||||
},
|
||||
mapping = {
|
||||
['<C-p>'] = cmp.mapping.select_prev_item(),
|
||||
['<C-n>'] = cmp.mapping.select_next_item(),
|
||||
['<C-d>'] = cmp.mapping.scroll_docs(-4),
|
||||
['<C-f>'] = cmp.mapping.scroll_docs(4),
|
||||
['<C-Space>'] = cmp.mapping.complete(),
|
||||
['<C-e>'] = cmp.mapping.close(),
|
||||
['<CR>'] = cmp.mapping.confirm {
|
||||
behavior = cmp.ConfirmBehavior.Replace,
|
||||
select = true,
|
||||
},
|
||||
['<Tab>'] = function(fallback)
|
||||
if cmp.visible() then
|
||||
cmp.select_next_item()
|
||||
elseif luasnip.expand_or_jumpable() then
|
||||
luasnip.expand_or_jump()
|
||||
else
|
||||
fallback()
|
||||
end
|
||||
end,
|
||||
['<S-Tab>'] = function(fallback)
|
||||
if cmp.visible() then
|
||||
cmp.select_prev_item()
|
||||
elseif luasnip.jumpable(-1) then
|
||||
luasnip.jump(-1)
|
||||
else
|
||||
fallback()
|
||||
end
|
||||
end,
|
||||
},
|
||||
sources = {
|
||||
{ name = 'nvim_lsp' },
|
||||
{ name = 'luasnip' },
|
||||
},
|
||||
}
|
||||
|
||||
EOF
|
|
@ -7,8 +7,6 @@
|
|||
psCfg = config.pub-solar;
|
||||
cfg = config.pub-solar.terminal-life;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
|
||||
preview-file = pkgs.writeShellScriptBin "preview-file" (import ./preview-file.nix pkgs);
|
||||
in {
|
||||
enable = true;
|
||||
|
||||
|
@ -20,176 +18,134 @@ in {
|
|||
withRuby = true;
|
||||
withPython3 = true;
|
||||
|
||||
extraPackages = with pkgs;
|
||||
lib.mkIf (cfg.full) [
|
||||
ansible-language-server
|
||||
ccls
|
||||
gopls
|
||||
nixd
|
||||
nodejs
|
||||
nodePackages.bash-language-server
|
||||
nodePackages.dockerfile-language-server-nodejs
|
||||
nodePackages.svelte-language-server
|
||||
nodePackages.typescript
|
||||
nodePackages.typescript-language-server
|
||||
nodePackages.vim-language-server
|
||||
nodePackages.vue-language-server
|
||||
nodePackages.vscode-langservers-extracted
|
||||
nodePackages.yaml-language-server
|
||||
python3Packages.python-lsp-server
|
||||
python3Full
|
||||
rust-analyzer
|
||||
solargraph
|
||||
terraform-ls
|
||||
universal-ctags
|
||||
];
|
||||
|
||||
plugins = with pkgs.vimPlugins; lib.mkIf cfg.full [
|
||||
(pkgs.vimPlugins.nvim-treesitter.withPlugins (p: [
|
||||
p.ini
|
||||
p.json
|
||||
p.json5
|
||||
p.markdown
|
||||
p.nix
|
||||
p.toml
|
||||
p.yaml
|
||||
|
||||
p.css
|
||||
p.graphql
|
||||
p.html
|
||||
p.javascript
|
||||
p.scss
|
||||
p.tsx
|
||||
p.typescript
|
||||
p.vue
|
||||
|
||||
p.c
|
||||
p.cpp
|
||||
p.go
|
||||
p.gomod
|
||||
p.gosum
|
||||
p.haskell
|
||||
p.lua
|
||||
p.php
|
||||
p.python
|
||||
p.ruby
|
||||
p.rust
|
||||
|
||||
p.vim
|
||||
p.vimdoc
|
||||
|
||||
p.passwd
|
||||
p.sql
|
||||
|
||||
p.diff
|
||||
p.gitcommit
|
||||
p.gitignore
|
||||
p.git_config
|
||||
p.gitattributes
|
||||
p.git_rebase
|
||||
|
||||
p.bash
|
||||
p.dockerfile
|
||||
p.make
|
||||
p.ninja
|
||||
p.terraform
|
||||
]))
|
||||
|
||||
# Dependencies for nvim-lspconfig
|
||||
nvim-cmp
|
||||
cmp-nvim-lsp
|
||||
cmp_luasnip
|
||||
luasnip
|
||||
|
||||
# Quickstart configs for neovim LSP
|
||||
lsp_extensions-nvim
|
||||
nvim-lspconfig
|
||||
|
||||
# Collaborative editing in Neovim using built-in capabilities
|
||||
instant-nvim-nvfetcher
|
||||
|
||||
# Search functionality behind :Ack
|
||||
ack-vim
|
||||
|
||||
# The status bar in the bottom of the screen with the mode indication and file location
|
||||
vim-airline
|
||||
|
||||
# Automatically load editorconfig files in repos to configure nvim settings
|
||||
editorconfig-vim
|
||||
|
||||
# File browser. Use <leader>n to access
|
||||
nnn-vim
|
||||
|
||||
# Highlight characters when using f, F, t, and T
|
||||
quick-scope
|
||||
|
||||
# Get sudo in vim; :SudaWrite <optional filename>
|
||||
suda-vim
|
||||
|
||||
# Undo history etc. per project
|
||||
vim-workspace-nvfetcher
|
||||
|
||||
# JSON schemas
|
||||
SchemaStore-nvim
|
||||
|
||||
# Work with tags files
|
||||
vim-gutentags
|
||||
|
||||
# Neovim colorschemes / themes
|
||||
sonokai
|
||||
vim-hybrid-material
|
||||
vim-airline-themes
|
||||
vim-apprentice-nvfetcher
|
||||
|
||||
# Git integrations
|
||||
# A Git wrapper so awesome, it should be illegal
|
||||
fugitive
|
||||
# Shows git diff markers in the sign column
|
||||
vim-gitgutter
|
||||
# GitHub extension for fugitive
|
||||
vim-rhubarb
|
||||
# Ease your git workflow within Vim
|
||||
vimagit-nvfetcher
|
||||
|
||||
# FZF fuzzy finder
|
||||
fzf-vim
|
||||
fzfWrapper
|
||||
# Make the yanked region apparent
|
||||
vim-highlightedyank
|
||||
|
||||
# :Beautify Code beautifier
|
||||
vim-beautify-nvfetcher
|
||||
|
||||
# Unload, delete or wipe a buffer without closing the window
|
||||
vim-bufkill
|
||||
# Defaults everyone can agree on
|
||||
vim-sensible
|
||||
|
||||
# emmet for vim: http://emmet.io/
|
||||
emmet-vim
|
||||
# Caddyfile syntax support for Vim
|
||||
vim-caddyfile-nvfetcher
|
||||
extraPackages = with pkgs; [
|
||||
ripgrep
|
||||
nixd
|
||||
universal-ctags
|
||||
# ansible-language-server
|
||||
# clang-tools
|
||||
# gopls
|
||||
# nodePackages.bash-language-server
|
||||
# nodePackages.svelte-language-server
|
||||
# nodePackages.typescript
|
||||
# nodePackages.typescript-language-server
|
||||
# nodePackages.vue-language-server
|
||||
# nodePackages.vscode-langservers-extracted
|
||||
# nginx-language-server
|
||||
# lua-language-server
|
||||
# cmake-language-server
|
||||
# vim-language-server
|
||||
# yaml-language-server
|
||||
# python3Packages.python-lsp-server
|
||||
# nodePackages.dockerfile-language-server-nodejs
|
||||
# docker-compose-language-service
|
||||
# rust-analyzer
|
||||
# cargo
|
||||
# solargraph
|
||||
# terraform-ls
|
||||
# python3Full
|
||||
];
|
||||
|
||||
extraConfig = builtins.concatStringsSep "\n" [
|
||||
''
|
||||
" Persistent undo
|
||||
set undofile
|
||||
set undodir=${xdg.cacheHome}/nvim/undo
|
||||
plugins = with pkgs.vimPlugins;
|
||||
[
|
||||
# The status bar in the bottom of the screen with the mode indication and file location
|
||||
vim-airline
|
||||
|
||||
set backupdir=${xdg.dataHome}/nvim/backup
|
||||
set directory=${xdg.dataHome}/nvim/swap/
|
||||
''
|
||||
(builtins.readFile ./init.vim)
|
||||
(builtins.readFile ./plugins.vim)
|
||||
(builtins.readFile ./clipboard.vim)
|
||||
(builtins.readFile ./ui.vim)
|
||||
(builtins.readFile ./quickfixopenall.vim)
|
||||
(builtins.readFile ./lsp.vim)
|
||||
''
|
||||
" fzf with file preview
|
||||
command! -bang -nargs=? -complete=dir Files
|
||||
\ call fzf#vim#files(<q-args>, { 'options': ['--keep-right', '--cycle', '--layout', 'reverse', '--preview', '${preview-file}/bin/preview-file {}'] }, <bang>0)
|
||||
''
|
||||
];
|
||||
# Automatically load editorconfig files in repos to configure nvim settings
|
||||
editorconfig-vim
|
||||
|
||||
# File browser. Use <leader>n to access
|
||||
nnn-vim
|
||||
|
||||
# Highlight characters when using f, F, t, and T
|
||||
quick-scope
|
||||
|
||||
# Undo history etc. per project
|
||||
vim-workspace-nvfetcher
|
||||
|
||||
# Neovim colorschemes / themes
|
||||
sonokai
|
||||
vim-hybrid-material
|
||||
vim-airline-themes
|
||||
vim-apprentice-nvfetcher
|
||||
|
||||
# Preview colors inline
|
||||
nvim-colorizer-lua
|
||||
|
||||
# Git integrations
|
||||
# A Git wrapper so awesome, it should be illegal
|
||||
fugitive
|
||||
# Shows git diff markers in the sign column
|
||||
vim-gitgutter
|
||||
# GitHub extension for fugitive
|
||||
vim-rhubarb
|
||||
# Ease your git workflow within Vim
|
||||
vimagit-nvfetcher
|
||||
|
||||
# Telescope fuzzy finder
|
||||
telescope-nvim
|
||||
telescope-fzf-native-nvim
|
||||
|
||||
# Make the yanked region apparent
|
||||
vim-highlightedyank
|
||||
|
||||
# :Beautify Code beautifier
|
||||
vim-beautify-nvfetcher
|
||||
|
||||
# Unload, delete or wipe a buffer without closing the window
|
||||
vim-bufkill
|
||||
|
||||
# Defaults everyone can agree on
|
||||
vim-sensible
|
||||
|
||||
# Work with tags files
|
||||
vim-gutentags
|
||||
]
|
||||
++ (
|
||||
if cfg.full
|
||||
then [
|
||||
nvim-treesitter.withAllGrammars
|
||||
|
||||
# Dependencies for nvim-lspconfig
|
||||
nvim-cmp
|
||||
cmp-nvim-lsp
|
||||
cmp_luasnip
|
||||
luasnip
|
||||
|
||||
# Quickstart configs for neovim LSP
|
||||
lsp_extensions-nvim
|
||||
nvim-lspconfig
|
||||
|
||||
# Collaborative editing in Neovim using built-in capabilities
|
||||
instant-nvim-nvfetcher
|
||||
|
||||
# JSON schemas
|
||||
SchemaStore-nvim
|
||||
]
|
||||
else []
|
||||
);
|
||||
|
||||
extraConfig = builtins.concatStringsSep "\n" ([
|
||||
''
|
||||
" Persistent undo
|
||||
set undofile
|
||||
set undodir=${xdg.cacheHome}/nvim/undo
|
||||
|
||||
set backupdir=${xdg.dataHome}/nvim/backup
|
||||
set directory=${xdg.dataHome}/nvim/swap/
|
||||
''
|
||||
(builtins.readFile ./init.vim)
|
||||
(builtins.readFile ./plugins.vim)
|
||||
(builtins.readFile ./clipboard.vim)
|
||||
(builtins.readFile ./ui.vim)
|
||||
(builtins.readFile ./filetypes.vim)
|
||||
]
|
||||
++ (
|
||||
if cfg.full
|
||||
then [
|
||||
(builtins.readFile ./lsp.vim)
|
||||
(builtins.readFile ./cmp.vim)
|
||||
]
|
||||
else []
|
||||
));
|
||||
}
|
||||
|
|
10
modules/terminal-life/nvim/filetypes.vim
Normal file
10
modules/terminal-life/nvim/filetypes.vim
Normal file
|
@ -0,0 +1,10 @@
|
|||
au BufRead,BufNewFile *.html.twig set filetype=html
|
||||
au BufRead,BufNewFile *.vto set filetype=html
|
||||
au BufRead,BufNewFile *.njk set filetype=html
|
||||
|
||||
au BufRead,BufNewFile *.age set filetype=age
|
||||
autocmd FileType age setlocal noeol nofixeol
|
||||
|
||||
au! BufNewFile,BufReadPost *.{yaml,yml} set filetype=yaml
|
||||
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
|
||||
|
|
@ -9,11 +9,13 @@ set viminfo='100,<100,s20 " vim file history
|
|||
|
||||
set hidden
|
||||
|
||||
set expandtab
|
||||
set shiftwidth=2
|
||||
set tabstop=2
|
||||
set number
|
||||
set relativenumber
|
||||
set mouse=
|
||||
set listchars=tab:→\ ,nbsp:␣,trail:␣,extends:⟩,precedes:⟨
|
||||
set list
|
||||
|
||||
set autoindent
|
||||
set smartindent
|
||||
|
@ -56,10 +58,6 @@ map <leader>wJ :wincmd H<CR>
|
|||
map <leader>wK :wincmd J<CR>
|
||||
map <leader>wL :wincmd L<CR>
|
||||
|
||||
map <leader>tj :tabprevious<CR>
|
||||
map <leader>tl :tabnext<CR>
|
||||
map <leader>tq :tabclose<CR>
|
||||
|
||||
" replay macro for each line of a visual selection
|
||||
xnoremap @q :normal @q<CR>
|
||||
xnoremap @@ :normal @@<CR>
|
||||
|
@ -71,34 +69,13 @@ xnoremap p pgvy
|
|||
inoremap jj <Esc>
|
||||
|
||||
" Open new buffer
|
||||
nmap <leader>T :enew<cr>
|
||||
|
||||
" Move to the next buffer
|
||||
nmap <leader>bn :enew<cr>
|
||||
nmap <leader>l :bnext<CR>
|
||||
|
||||
" Move to the previous buffer
|
||||
nmap <leader>bn :bnext<CR>
|
||||
nmap <leader>j :bprevious<CR>
|
||||
|
||||
" Close the current buffer and move to the previous one
|
||||
" This replicates the idea of closing a tab
|
||||
nmap <leader>bp :bprevious<CR>
|
||||
nmap <leader>q :bp <BAR> bd #<CR>
|
||||
|
||||
" Show all open buffers and their status
|
||||
nmap <leader>bl :ls<CR>
|
||||
|
||||
" Mapping selecting mappings
|
||||
nmap <leader><tab> <plug>(fzf-maps-n)
|
||||
xmap <leader><tab> <plug>(fzf-maps-x)
|
||||
omap <leader><tab> <plug>(fzf-maps-o)
|
||||
|
||||
nmap <c-p> :Files<CR>
|
||||
imap <c-p> <ESC>:Files<CR>
|
||||
|
||||
" Insert mode completion
|
||||
imap <c-x><c-k> <plug>(fzf-complete-word)
|
||||
imap <c-x><c-f> <plug>(fzf-complete-path)
|
||||
imap <c-x><c-j> <plug>(fzf-complete-file)
|
||||
imap <c-x><c-l> <plug>(fzf-complete-line)
|
||||
nmap <leader>bq :bp <BAR> bd #<CR>
|
||||
|
||||
" Clear quickfix shortcut
|
||||
nmap <Leader>c :ccl<CR>
|
||||
|
@ -108,7 +85,3 @@ nmap <Leader>c :ccl<CR>
|
|||
if has("autocmd")
|
||||
au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif
|
||||
endif
|
||||
|
||||
nmap - :NnnPicker %<CR>
|
||||
nmap <leader>n :NnnPicker %<CR>
|
||||
nmap <leader>N :NnnPicker<CR>
|
||||
|
|
|
@ -1,258 +1,149 @@
|
|||
" Set completeopt to have a better completion experience
|
||||
" :help completeopt
|
||||
" menuone: popup even when there's only one match
|
||||
" noinsert: Do not insert text until a selection is made
|
||||
" noselect: Do not select, force user to select one from the menu
|
||||
set completeopt=menuone,noinsert,noselect
|
||||
|
||||
" Avoid showing extra messages when using completion
|
||||
set shortmess+=c
|
||||
|
||||
function AddTemplate(tmpl_file)
|
||||
exe "0read " . a:tmpl_file
|
||||
set nomodified
|
||||
6
|
||||
endfunction
|
||||
|
||||
autocmd BufNewFile shell.nix call AddTemplate("$XDG_DATA_HOME/nvim/templates/shell.nix.tmpl")
|
||||
|
||||
" Configure neovim 0.6+ experimental LSPs
|
||||
" https://github.com/neovim/nvim-lspconfig
|
||||
" https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md
|
||||
" https://github.com/neovim/nvim-lspconfig/wiki/UI-Customization
|
||||
" https://gitlab.com/Iron_E/dotfiles/-/blob/master/.config/nvim/lua/_config/plugin/nvim_lsp.lua
|
||||
|
||||
lua <<EOF
|
||||
local nvim_lsp = require('lspconfig')
|
||||
|
||||
-- Mappings (global)
|
||||
-- See `:help vim.diagnostic.*` for documentation on any of the below functions
|
||||
local opts = { noremap=true, silent=true }
|
||||
vim.api.nvim_set_keymap('n', '<leader>e', '<cmd>lua vim.diagnostic.open_float()<CR>', opts)
|
||||
vim.api.nvim_set_keymap('n', 'g[', '<cmd>lua vim.diagnostic.goto_prev()<CR>', opts)
|
||||
vim.api.nvim_set_keymap('n', 'g]', '<cmd>lua vim.diagnostic.goto_next()<CR>', opts)
|
||||
vim.api.nvim_set_keymap('n', '<leader>dq', '<cmd>lua vim.diagnostic.setloclist()<CR>', opts)
|
||||
vim.api.nvim_set_keymap('n', '<leader>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
|
||||
-- Set completeopt to have a better completion experience
|
||||
vim.o.completeopt = 'menuone,noselect,noinsert'
|
||||
vim.o.shortmess = vim.o.shortmess .. 'c'
|
||||
vim.o.signcolumn = 'yes:2'
|
||||
|
||||
-- Use an on_attach function to only map the following keys
|
||||
-- after the language server attaches to the current buffer
|
||||
local on_attach = function(client, bufnr)
|
||||
-- Enable completion triggered by <c-x><c-o>
|
||||
vim.api.nvim_buf_set_option(bufnr, 'omnifunc', 'v:lua.vim.lsp.omnifunc')
|
||||
local lspconfig = require('lspconfig')
|
||||
|
||||
-- Mappings (available if LSP is configured and attached to buffer)
|
||||
-- See `:help vim.lsp.*` for documentation on any of the below functions
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gD', '<cmd>lua vim.lsp.buf.declaration()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gd', '<cmd>lua vim.lsp.buf.definition()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>D', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
|
||||
-- Mappings (global)
|
||||
-- See `:help vim.diagnostic.*` for documentation on any of the below functions
|
||||
local opts = { noremap=true, silent=true }
|
||||
vim.api.nvim_set_keymap('n', 'g[', '<cmd>lua vim.diagnostic.goto_prev()<CR>', opts)
|
||||
vim.api.nvim_set_keymap('n', 'g]', '<cmd>lua vim.diagnostic.goto_next()<CR>', opts)
|
||||
vim.api.nvim_set_keymap('n', '<leader>dq', '<cmd>lua vim.diagnostic.setloclist()<CR>', opts)
|
||||
vim.api.nvim_set_keymap('n', '<leader>do', '<cmd>lua vim.diagnostic.open_float()<CR>', opts)
|
||||
vim.api.nvim_set_keymap('n', '<leader>bf', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
|
||||
|
||||
-- Show diagnostic popup on cursor hold
|
||||
vim.api.nvim_create_autocmd("CursorHold", {
|
||||
buffer = bufnr,
|
||||
callback = function()
|
||||
local opts = {
|
||||
focusable = false,
|
||||
close_events = { "BufLeave", "CursorMoved", "InsertEnter", "FocusLost" },
|
||||
border = 'rounded',
|
||||
source = 'always',
|
||||
prefix = ' ',
|
||||
scope = 'cursor',
|
||||
}
|
||||
vim.diagnostic.open_float(nil, opts)
|
||||
end
|
||||
})
|
||||
local on_attach = function(client, bufnr)
|
||||
-- Enable completion triggered by <c-x><c-o>
|
||||
vim.api.nvim_buf_set_option(bufnr, 'omnifunc', 'v:lua.vim.lsp.omnifunc')
|
||||
|
||||
end
|
||||
-- Mappings (available if LSP is configured and attached to buffer)
|
||||
-- See `:help vim.lsp.*` for documentation on any of the below functions
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gD', '<cmd>lua vim.lsp.buf.declaration()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gd', '<cmd>lua vim.lsp.buf.definition()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'gT', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
|
||||
vim.api.nvim_buf_set_keymap(bufnr, 'n', '<leader>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
|
||||
|
||||
-- Add additional capabilities supported by nvim-cmp
|
||||
local capabilities = require('cmp_nvim_lsp').default_capabilities()
|
||||
-- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
|
||||
capabilities.textDocument.completion.completionItem.snippetSupport = true
|
||||
|
||||
-- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
|
||||
capabilities.textDocument.completion.completionItem.snippetSupport = true
|
||||
|
||||
local use_denols_for_typescript = not(os.getenv('NVIM_USE_DENOLS') == nil)
|
||||
|
||||
for lsp_key, lsp_settings in pairs({
|
||||
'ansiblels', ---------------------------- Ansible
|
||||
'bashls', ------------------------------- Bash
|
||||
'ccls', --------------------------------- C / C++ / Objective-C
|
||||
'cssls', -------------------------------- CSS / SCSS / LESS
|
||||
'dockerls', ----------------------------- Docker
|
||||
['gopls'] = { --------------------------- Go
|
||||
['settings'] = {
|
||||
['gopls'] = {
|
||||
['analyses'] = {
|
||||
['unusedparams'] = true,
|
||||
},
|
||||
['staticcheck'] = true
|
||||
},
|
||||
},
|
||||
},
|
||||
'html', --------------------------------- HTML
|
||||
['jdtls'] = { --------------------------- Java
|
||||
['root_dir'] = nvim_lsp.util.root_pattern('.git', 'pom.xml', 'build.xml'),
|
||||
['init_options'] = {
|
||||
['jvm_args'] = {['java.format.settings.url'] = vim.fn.stdpath('config')..'/eclipse-formatter.xml'},
|
||||
['workspace'] = vim.fn.stdpath('cache')..'/java-workspaces'
|
||||
}
|
||||
},
|
||||
['jsonls'] = { -------------------------- JSON
|
||||
['settings'] = {
|
||||
['json'] = {
|
||||
['schemas' ] = vim.list_extend(
|
||||
{
|
||||
{
|
||||
['description'] = 'JSON schema for Caddy v2',
|
||||
['fileMatch'] = { '*caddy*.json' },
|
||||
['name'] = 'caddy_schema.json',
|
||||
['url'] = vim.fn.stdpath('data')..'/json-schemas/caddy_schema.json',
|
||||
},
|
||||
},
|
||||
require('schemastore').json.schemas()
|
||||
),
|
||||
['validate'] = { ['enable'] = true }
|
||||
}
|
||||
}
|
||||
},
|
||||
'nixd', --------------------------------- Nix
|
||||
'phpactor', ----------------------------- PHP
|
||||
'pylsp', -------------------------------- Python
|
||||
'solargraph', --------------------------- Ruby
|
||||
'rust_analyzer', ------------------------ Rust
|
||||
['sqlls'] = {
|
||||
['cmd'] = {vim.fn.stdpath('data')..'/nvm/versions/node/v12.19.0/bin/sql-language-server', 'up', '--method', 'stdio'}
|
||||
},
|
||||
['terraformls'] = { --------------------- Terraform
|
||||
['filetypes'] = { 'terraform', 'hcl', 'tf' }
|
||||
},
|
||||
|
||||
-- The TS/JS server is chosen depending on an environment variable,
|
||||
-- since denols is nicer for Deno based projects
|
||||
------------------------ Deno TS/JS
|
||||
------------------------------------ Typescript / JavaScript
|
||||
(use_denols_for_typescript and 'denols' or 'tsserver'),
|
||||
|
||||
'vuels', -------------------------------- Vue
|
||||
'svelte', ------------------------------- Svelte
|
||||
['yamlls'] = { -------------------------- YAML
|
||||
['settings'] = {
|
||||
['yaml'] = {
|
||||
['schemas'] = {
|
||||
['https://json.schemastore.org/github-workflow'] = '.github/workflows/*.{yml,yaml}',
|
||||
['https://json.schemastore.org/github-action'] = '.github/action.{yml,yaml}',
|
||||
['https://json.schemastore.org/drone'] = '*.drone.{yml,yaml}',
|
||||
['https://json.schemastore.org/swagger-2.0'] = 'swagger.{yml,yaml}',
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}) do -- Setup all of the language servers. †
|
||||
if type(lsp_key) == 'number' then -- Enable the LSP with defaults.
|
||||
-- The `lsp` is an index in this case.
|
||||
nvim_lsp[lsp_settings].setup{
|
||||
on_attach = on_attach,
|
||||
flags = {
|
||||
debounce_text_changes = 150,
|
||||
},
|
||||
capabilities = capabilities,
|
||||
-- Show diagnostic popup on cursor hold
|
||||
vim.api.nvim_create_autocmd("CursorHold", {
|
||||
buffer = bufnr,
|
||||
callback = function()
|
||||
local opts = {
|
||||
focusable = false,
|
||||
close_events = { "BufLeave", "CursorMoved", "InsertEnter", "FocusLost" },
|
||||
border = 'rounded',
|
||||
source = 'always',
|
||||
prefix = ' ',
|
||||
scope = 'cursor',
|
||||
}
|
||||
else -- Use the LSP's configuration.
|
||||
lsp_settings.on_attach = on_attach
|
||||
lsp_settings.capabilities = capabilities
|
||||
|
||||
nvim_lsp[lsp_key].setup(lsp_settings)
|
||||
vim.diagnostic.open_float(nil, opts)
|
||||
end
|
||||
end -- ‡
|
||||
|
||||
-- configure floating diagnostics appearance, symbols
|
||||
local signs = { Error = " ", Warn = " ", Hint = " ", Info = " " }
|
||||
for type, icon in pairs(signs) do
|
||||
local hl = "DiagnosticSign" .. type
|
||||
vim.fn.sign_define(hl, { text = icon, texthl = hl, numhl = hl })
|
||||
end
|
||||
|
||||
-- Set completeopt to have a better completion experience
|
||||
vim.o.completeopt = 'menuone,noselect'
|
||||
|
||||
-- luasnip setup
|
||||
local luasnip = require 'luasnip'
|
||||
|
||||
-- nvim-cmp setup
|
||||
local cmp = require 'cmp'
|
||||
cmp.setup {
|
||||
snippet = {
|
||||
expand = function(args)
|
||||
require('luasnip').lsp_expand(args.body)
|
||||
end,
|
||||
},
|
||||
mapping = {
|
||||
['<C-p>'] = cmp.mapping.select_prev_item(),
|
||||
['<C-n>'] = cmp.mapping.select_next_item(),
|
||||
['<C-d>'] = cmp.mapping.scroll_docs(-4),
|
||||
['<C-f>'] = cmp.mapping.scroll_docs(4),
|
||||
['<C-Space>'] = cmp.mapping.complete(),
|
||||
['<C-e>'] = cmp.mapping.close(),
|
||||
['<CR>'] = cmp.mapping.confirm {
|
||||
behavior = cmp.ConfirmBehavior.Replace,
|
||||
select = true,
|
||||
},
|
||||
['<Tab>'] = function(fallback)
|
||||
if cmp.visible() then
|
||||
cmp.select_next_item()
|
||||
elseif luasnip.expand_or_jumpable() then
|
||||
luasnip.expand_or_jump()
|
||||
else
|
||||
fallback()
|
||||
end
|
||||
end,
|
||||
['<S-Tab>'] = function(fallback)
|
||||
if cmp.visible() then
|
||||
cmp.select_prev_item()
|
||||
elseif luasnip.jumpable(-1) then
|
||||
luasnip.jump(-1)
|
||||
else
|
||||
fallback()
|
||||
end
|
||||
end,
|
||||
},
|
||||
sources = {
|
||||
{ name = 'nvim_lsp' },
|
||||
{ name = 'luasnip' },
|
||||
},
|
||||
}
|
||||
|
||||
-- https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#denols
|
||||
vim.g.markdown_fenced_languages = {
|
||||
"ts=typescript"
|
||||
}
|
||||
|
||||
-- Configure diagnostics
|
||||
vim.diagnostic.config({
|
||||
virtual_text = false,
|
||||
signs = true,
|
||||
underline = true,
|
||||
update_in_insert = false,
|
||||
severity_sort = false,
|
||||
})
|
||||
|
||||
-- Change diagnostic symbols in the sign column (gutter)
|
||||
local signs = { Error = " ", Warn = " ", Hint = " ", Info = " " }
|
||||
for type, icon in pairs(signs) do
|
||||
local hl = "DiagnosticSign" .. type
|
||||
vim.fn.sign_define(hl, { text = icon, texthl = hl, numhl = hl })
|
||||
end
|
||||
EOF
|
||||
end
|
||||
|
||||
" have a fixed column for the diagnostics to appear in
|
||||
" this removes the jitter when warnings/errors flow in
|
||||
set signcolumn=yes:2
|
||||
local lspconfig = require 'lspconfig'
|
||||
-- Add additional capabilities supported by nvim-cmp
|
||||
local CAPABILITIES = require('cmp_nvim_lsp').default_capabilities()
|
||||
|
||||
--- Event handlers
|
||||
local HANDLERS = {
|
||||
-- TODO: replace with vim.lsp.protocol.Methods
|
||||
["textDocument/hover"] = vim.lsp.with(vim.lsp.handlers.hover, FLOAT_CONFIG),
|
||||
["textDocument/signatureHelp"] = vim.lsp.with(vim.lsp.handlers.signature_help, FLOAT_CONFIG),
|
||||
}
|
||||
|
||||
-- vscode HTML lsp needs this https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#html
|
||||
CAPABILITIES.textDocument.completion.completionItem.snippetSupport = true
|
||||
|
||||
local function setup(lsp, config)
|
||||
if config == nil then
|
||||
config = {}
|
||||
end
|
||||
|
||||
config.capabilities = CAPABILITIES
|
||||
config.handlers = HANDLERS
|
||||
config.on_attach = on_attach
|
||||
lspconfig[lsp].setup(config)
|
||||
end
|
||||
|
||||
setup('nixd')
|
||||
setup('bashls')
|
||||
setup('clangd')
|
||||
setup('cssls')
|
||||
setup('eslint')
|
||||
setup('ts_ls')
|
||||
setup('denols')
|
||||
setup('vuels')
|
||||
setup('svelte')
|
||||
setup('html')
|
||||
setup('yamlls')
|
||||
setup('jsonls', {
|
||||
json = {
|
||||
schemas = require('schemastore').json.schemas(),
|
||||
validate = {
|
||||
enable = true
|
||||
}
|
||||
}
|
||||
})
|
||||
setup('gopls', {
|
||||
settings = {
|
||||
gopls = { semanticTokens = true }
|
||||
}
|
||||
})
|
||||
setup('phpactor')
|
||||
setup('pylsp')
|
||||
setup('solargraph') -- ruby
|
||||
setup('rust_analyzer', {
|
||||
settings = {
|
||||
['rust-analyzer'] = {
|
||||
checkOnSave = { extraArgs = { "--target-dir", "/tmp/rust-analyzer-check" } },
|
||||
diagnostics = { disabled = { 'inactive-code' } },
|
||||
},
|
||||
}
|
||||
})
|
||||
setup('sqlls')
|
||||
setup('salt_ls')
|
||||
setup('ansiblels')
|
||||
setup('dockerls')
|
||||
setup('docker_compose_language_service')
|
||||
setup('terraformls')
|
||||
|
||||
-- https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md#denols
|
||||
vim.g.markdown_fenced_languages = {
|
||||
"ts=typescript"
|
||||
}
|
||||
|
||||
-- Configure diagnostics
|
||||
vim.diagnostic.config({
|
||||
virtual_text = false,
|
||||
signs = true,
|
||||
underline = true,
|
||||
update_in_insert = false,
|
||||
severity_sort = false,
|
||||
})
|
||||
|
||||
-- Change diagnostic symbols in the sign column (gutter)
|
||||
local signs = { Error = "x ", Warn = "! ", Hint = "? ", Info = "i " }
|
||||
for type, icon in pairs(signs) do
|
||||
local hl = "DiagnosticSign" .. type
|
||||
vim.fn.sign_define(hl, { text = icon, texthl = hl, numhl = hl })
|
||||
end
|
||||
EOF
|
||||
|
|
|
@ -1,32 +1,8 @@
|
|||
" Happy yaml configuration
|
||||
au! BufNewFile,BufReadPost *.{yaml,yml} set filetype=yaml
|
||||
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
|
||||
|
||||
let g:gutentags_file_list_command = 'git ls-files'
|
||||
|
||||
" quick-scope
|
||||
" https://github.com/unblevable/quick-scope
|
||||
let g:qs_highlight_on_keys = ['f', 'F', 't', 'T']
|
||||
|
||||
" Golang
|
||||
" Go test, Def, Decls shortcut
|
||||
nmap <Leader>got :GoTest<CR>:botright copen<CR>
|
||||
autocmd FileType go nmap gd :GoDef<CR>
|
||||
autocmd FileType go nmap gD :GoDecls<CR>
|
||||
|
||||
" Go formatting
|
||||
autocmd FileType go setlocal noexpandtab shiftwidth=4 tabstop=4 softtabstop=4 nolist
|
||||
|
||||
" Caddyfile indentation
|
||||
autocmd FileType caddyfile setlocal noexpandtab shiftwidth=8 tabstop=8 softtabstop=8 nolist
|
||||
|
||||
" vim-go disable text-objects
|
||||
let g:go_textobj_enabled = 0
|
||||
|
||||
" disable vim-go :GoDef short cut (gd)
|
||||
" this is handled by LanguageClient [LC]
|
||||
let g:go_def_mapping_enabled = 0
|
||||
|
||||
" GitGutter and vim Magit
|
||||
" inspired by: https://jakobgm.com/posts/vim/git-integration/
|
||||
" Don't map gitgutter keys automatically, set them ourselves
|
||||
|
@ -43,17 +19,11 @@ nmap <Leader>gu <Plug>(GitGutterUndoHunk) " git undo (chunk)
|
|||
" Open vimagit pane
|
||||
nnoremap <leader>gs :Magit<CR> " git status
|
||||
|
||||
" Push to remote
|
||||
nnoremap <leader>gP :! git push<CR> " git Push
|
||||
|
||||
" Quick conflict resolution in git mergetool nvim
|
||||
" http://vimcasts.org/episodes/fugitive-vim-resolving-merge-conflicts-with-vimdiff/
|
||||
nmap <Leader>[ :diffget //2<CR>
|
||||
nmap <Leader>] :diffget //3<CR>
|
||||
|
||||
" netrw
|
||||
let g:netrw_fastbrowse=0
|
||||
|
||||
" Auto-FMT rust code on save
|
||||
let g:rustfmt_autosave = 1
|
||||
|
||||
|
@ -66,22 +36,53 @@ let g:highlightedyank_highlight_duration = 200
|
|||
" Markdown options
|
||||
let g:vim_markdown_folding_disabled = 1
|
||||
|
||||
" Haskell options
|
||||
let g:haskell_enable_quantification = 1 " to enable highlighting of `forall`
|
||||
let g:haskell_enable_recursivedo = 1 " to enable highlighting of `mdo` and `rec`
|
||||
let g:haskell_enable_arrowsyntax = 1 " to enable highlighting of `proc`
|
||||
let g:haskell_enable_pattern_synonyms = 1 " to enable highlighting of `pattern`
|
||||
let g:haskell_enable_typeroles = 1 " to enable highlighting of type roles
|
||||
let g:haskell_enable_static_pointers = 1 " to enable highlighting of `static`
|
||||
let g:haskell_backpack = 1 " to enable highlighting of backpack keywords
|
||||
|
||||
" Emmet
|
||||
let g:user_emmet_leader_key='<c-n>'
|
||||
|
||||
" Ack
|
||||
if executable('ag')
|
||||
let g:ackprg = 'ag --hidden --vimgrep'
|
||||
endif
|
||||
|
||||
" nnn
|
||||
let g:nnn#command = 'nnn -d -e -H -r'
|
||||
|
||||
nmap - :NnnPicker %<CR>
|
||||
nmap <leader>n :NnnPicker %<CR>
|
||||
nmap <leader>N :NnnPicker<CR>
|
||||
|
||||
lua <<EOF
|
||||
local actions = require("telescope.actions")
|
||||
local telescope = require("telescope")
|
||||
telescope.setup{
|
||||
defaults = {
|
||||
mappings = {
|
||||
n = {
|
||||
["k"] = actions.move_selection_next,
|
||||
["i"] = actions.move_selection_previous,
|
||||
["I"] = actions.move_to_top,
|
||||
["K"] = actions.move_to_bottom,
|
||||
["<C-c>"] = actions.close,
|
||||
},
|
||||
},
|
||||
},
|
||||
pickers = {
|
||||
find_files = {
|
||||
-- `hidden = true` will still show the inside of `.git/` as it's not `.gitignore`d.
|
||||
find_command = { "rg", "--files", "--hidden", "--glob", "!**/.git/*" },
|
||||
},
|
||||
},
|
||||
extensions = {
|
||||
fzf = {
|
||||
fuzzy = true, -- false will only do exact matching
|
||||
override_generic_sorter = true, -- override the generic sorter
|
||||
override_file_sorter = true, -- override the file sorter
|
||||
case_mode = "smart_case", -- or "ignore_case" or "respect_case"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
telescope.load_extension('fzf')
|
||||
|
||||
local builtin = require('telescope.builtin')
|
||||
vim.keymap.set('n', '<leader>ff', builtin.find_files, {})
|
||||
vim.keymap.set('n', '<leader>f/', builtin.live_grep, {})
|
||||
vim.keymap.set('n', '<leader>f?', builtin.builtin, {})
|
||||
vim.keymap.set('n', '<leader>fr', builtin.command_history, {})
|
||||
vim.keymap.set('n', '<leader>fc', builtin.commands, {})
|
||||
vim.keymap.set('n', '<leader>ft', builtin.treesitter, {})
|
||||
|
||||
require'colorizer'.setup()
|
||||
EOF
|
||||
|
|
|
@ -1,36 +0,0 @@
|
|||
self:
|
||||
with self; ''
|
||||
IFS=':' read -r -a INPUT <<< "$1"
|
||||
FILE=''${INPUT[0]}
|
||||
CENTER=''${INPUT[1]}
|
||||
|
||||
if [[ "$1" =~ ^[A-Za-z]:\\ ]]; then
|
||||
FILE=$FILE:''${INPUT[1]}
|
||||
CENTER=''${INPUT[2]}
|
||||
fi
|
||||
|
||||
if [[ -n "$CENTER" && ! "$CENTER" =~ ^[0-9] ]]; then
|
||||
exit 1
|
||||
fi
|
||||
CENTER=''${CENTER/[^0-9]*/}
|
||||
|
||||
FILE="''${FILE/#\~\//$HOME/}"
|
||||
if [ ! -r "$FILE" ]; then
|
||||
echo "File not found ''${FILE}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "$CENTER" ]; then
|
||||
CENTER=0
|
||||
fi
|
||||
|
||||
exec cat "$FILE" \
|
||||
| sed -e '/[#|\/\/ ?]-- copyright/,/[#\/\/]++/c\\' \
|
||||
| ${pkgs.coreutils}/bin/tr -s '\n' \
|
||||
| ${pkgs.bat}/bin/bat \
|
||||
--style="''${BAT_STYLE:-numbers}" \
|
||||
--color=always \
|
||||
--pager=never \
|
||||
--file-name="''$FILE" \
|
||||
--highlight-line=$CENTER
|
||||
''
|
|
@ -1,20 +0,0 @@
|
|||
"Usage:
|
||||
" 1. Perform a vimgrep search
|
||||
" :vimgrep /def/ *.rb
|
||||
" 2. Issue QuickFixOpenAll command
|
||||
" :QuickFixOpenAll
|
||||
function! QuickFixOpenAll()
|
||||
if empty(getqflist())
|
||||
return
|
||||
endif
|
||||
let s:prev_val = ""
|
||||
for d in getqflist()
|
||||
let s:curr_val = bufname(d.bufnr)
|
||||
if (s:curr_val != s:prev_val)
|
||||
exec "edit " . s:curr_val
|
||||
endif
|
||||
let s:prev_val = s:curr_val
|
||||
endfor
|
||||
endfunction
|
||||
|
||||
command! QuickFixOpenAll call QuickFixOpenAll()
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue