Reformat
This commit is contained in:
parent
6e84d7d3ef
commit
57123b08e1
13
cachix.nix
13
cachix.nix
|
@ -1,13 +1,14 @@
|
|||
# WARN: this file will get overwritten by $ cachix use <name>
|
||||
{ pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
folder = ./cachix;
|
||||
toImport = name: value: folder + ("/" + name);
|
||||
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
|
||||
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
|
||||
in
|
||||
{
|
||||
in {
|
||||
inherit imports;
|
||||
nix.binaryCaches = [ "https://cache.nixos.org/" ];
|
||||
nix.binaryCaches = ["https://cache.nixos.org/"];
|
||||
}
|
||||
|
|
|
@ -8,4 +8,3 @@
|
|||
];
|
||||
};
|
||||
}
|
||||
|
|
@ -8,4 +8,3 @@
|
|||
];
|
||||
};
|
||||
}
|
||||
|
|
@ -7,8 +7,7 @@ let
|
|||
# nixpkgs-channel = "nixos-unstable";
|
||||
# home-manager-channel = "home-manager-master";
|
||||
#};
|
||||
in
|
||||
rec {
|
||||
in rec {
|
||||
hera = nixos-21-11;
|
||||
apollo = nixos-21-11;
|
||||
zeus = nixos-21-11;
|
||||
|
|
|
@ -1,31 +1,29 @@
|
|||
{ pkgs }: {
|
||||
{pkgs}: {
|
||||
syncthing = {
|
||||
declarativeWith = hosts: path:
|
||||
let
|
||||
mkFolder = name: {
|
||||
path = "${path}/${name}";
|
||||
devices = hosts;
|
||||
};
|
||||
devices = {
|
||||
apollo.id = "BOTTTGS-QQUHWAK-IFBT3T2-HGHHUZ7-QHRZXC7-JC42VT7-67ZOJBE-WHDWEQX";
|
||||
zeus.id = "5BUZIS5-ESTYAJO-IQQD7EA-O3VGONJ-E74OHUJ-ZSLF4JK-6HS3UHG-4CQ5OAO";
|
||||
hera = {
|
||||
addresses = [ "tcp6://hera.m-0.eu" ];
|
||||
id = "TJHVUM6-RTB6V3D-JF4GIB2-TVDF2ST-5MTN6N2-ZDIWGF7-XZUCCFG-EQG5WA6";
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
devices = pkgs.lib.getAttrs hosts devices;
|
||||
folders = {
|
||||
science = mkFolder "science";
|
||||
documents = mkFolder "documents";
|
||||
audio = mkFolder "audio";
|
||||
video = mkFolder "video";
|
||||
images = mkFolder "images";
|
||||
books = mkFolder "books";
|
||||
tmp = mkFolder "tmp";
|
||||
declarativeWith = hosts: path: let
|
||||
mkFolder = name: {
|
||||
path = "${path}/${name}";
|
||||
devices = hosts;
|
||||
};
|
||||
devices = {
|
||||
apollo.id = "BOTTTGS-QQUHWAK-IFBT3T2-HGHHUZ7-QHRZXC7-JC42VT7-67ZOJBE-WHDWEQX";
|
||||
zeus.id = "5BUZIS5-ESTYAJO-IQQD7EA-O3VGONJ-E74OHUJ-ZSLF4JK-6HS3UHG-4CQ5OAO";
|
||||
hera = {
|
||||
addresses = ["tcp6://hera.m-0.eu"];
|
||||
id = "TJHVUM6-RTB6V3D-JF4GIB2-TVDF2ST-5MTN6N2-ZDIWGF7-XZUCCFG-EQG5WA6";
|
||||
};
|
||||
};
|
||||
in {
|
||||
devices = pkgs.lib.getAttrs hosts devices;
|
||||
folders = {
|
||||
science = mkFolder "science";
|
||||
documents = mkFolder "documents";
|
||||
audio = mkFolder "audio";
|
||||
video = mkFolder "video";
|
||||
images = mkFolder "images";
|
||||
books = mkFolder "books";
|
||||
tmp = mkFolder "tmp";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
config = {
|
||||
m-0.monitoring = [
|
||||
{
|
||||
|
@ -52,7 +53,7 @@ with lib;
|
|||
|
||||
options = {
|
||||
m-0.private = mkOption {
|
||||
default = { };
|
||||
default = {};
|
||||
type = types.attrs;
|
||||
};
|
||||
m-0.prefix = mkOption {
|
||||
|
@ -62,8 +63,8 @@ with lib;
|
|||
m-0.monitoring = mkOption {
|
||||
type = types.listOf (types.submodule {
|
||||
options = {
|
||||
name = mkOption { type = types.str; };
|
||||
host = mkOption { type = types.str; };
|
||||
name = mkOption {type = types.str;};
|
||||
host = mkOption {type = types.str;};
|
||||
container = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
|
@ -74,46 +75,43 @@ with lib;
|
|||
};
|
||||
};
|
||||
});
|
||||
default = [ ];
|
||||
default = [];
|
||||
};
|
||||
m-0.hosts = mkOption {
|
||||
type = types.attrs;
|
||||
default =
|
||||
let
|
||||
p = config.m-0.prefix;
|
||||
hera-p = "${p}::3";
|
||||
apollo-p = "${p}::1";
|
||||
wg-p = "${p}::100";
|
||||
v4-p = "10.0.0";
|
||||
in
|
||||
rec {
|
||||
hera = "${p}::1";
|
||||
vpn = rec {
|
||||
prefix = "fdc0:7";
|
||||
hera = "${prefix}::1";
|
||||
fluffy = "${prefix}::2";
|
||||
apollo = "${prefix}::5";
|
||||
zeus = "${prefix}::4";
|
||||
pegasus = "${prefix}::6";
|
||||
};
|
||||
hera-wg-host = "${p}::100:0:1";
|
||||
|
||||
hera-v4 = "213.136.94.190";
|
||||
|
||||
hera-wg = "${wg-p}:1";
|
||||
apollo-wg = "${wg-p}:2";
|
||||
zeus-wg = "${wg-p}:3";
|
||||
|
||||
hera-intern = "${hera-p}:1";
|
||||
chor-cloud = "${hera-p}:b";
|
||||
|
||||
apollo = apollo-wg;
|
||||
zeus = zeus-wg;
|
||||
|
||||
hera-intern-v4 = "${v4-p}.1";
|
||||
chor-cloud-intern-v4 = "${v4-p}.3";
|
||||
default = let
|
||||
p = config.m-0.prefix;
|
||||
hera-p = "${p}::3";
|
||||
apollo-p = "${p}::1";
|
||||
wg-p = "${p}::100";
|
||||
v4-p = "10.0.0";
|
||||
in rec {
|
||||
hera = "${p}::1";
|
||||
vpn = rec {
|
||||
prefix = "fdc0:7";
|
||||
hera = "${prefix}::1";
|
||||
fluffy = "${prefix}::2";
|
||||
apollo = "${prefix}::5";
|
||||
zeus = "${prefix}::4";
|
||||
pegasus = "${prefix}::6";
|
||||
};
|
||||
hera-wg-host = "${p}::100:0:1";
|
||||
|
||||
hera-v4 = "213.136.94.190";
|
||||
|
||||
hera-wg = "${wg-p}:1";
|
||||
apollo-wg = "${wg-p}:2";
|
||||
zeus-wg = "${wg-p}:3";
|
||||
|
||||
hera-intern = "${hera-p}:1";
|
||||
chor-cloud = "${hera-p}:b";
|
||||
|
||||
apollo = apollo-wg;
|
||||
zeus = zeus-wg;
|
||||
|
||||
hera-intern-v4 = "${v4-p}.1";
|
||||
chor-cloud-intern-v4 = "${v4-p}.3";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,19 +1,21 @@
|
|||
let
|
||||
restrictedPages = [
|
||||
"reddit.com"
|
||||
"github.com"
|
||||
"*.ccc.de"
|
||||
"haskell.org"
|
||||
"*.haskell.org"
|
||||
"*.nixos.org"
|
||||
"nixos.org"
|
||||
"matrix.org"
|
||||
"element.io"
|
||||
"youtube.*"
|
||||
"*.element.io"
|
||||
"chaos.social"
|
||||
"twitter.com"
|
||||
] ++ newsPages;
|
||||
restrictedPages =
|
||||
[
|
||||
"reddit.com"
|
||||
"github.com"
|
||||
"*.ccc.de"
|
||||
"haskell.org"
|
||||
"*.haskell.org"
|
||||
"*.nixos.org"
|
||||
"nixos.org"
|
||||
"matrix.org"
|
||||
"element.io"
|
||||
"youtube.*"
|
||||
"*.element.io"
|
||||
"chaos.social"
|
||||
"twitter.com"
|
||||
]
|
||||
++ newsPages;
|
||||
newsPages = [
|
||||
"zeit.de"
|
||||
"heise.de"
|
||||
|
@ -30,17 +32,14 @@ let
|
|||
"zdf.de"
|
||||
];
|
||||
|
||||
makeConfig = hostName: imports:
|
||||
{ ... }: {
|
||||
imports = imports ++ [ ./roles/default.nix ];
|
||||
m-0.hostName = hostName;
|
||||
nixpkgs.overlays = [ (_: _: (import ../channels.nix).${hostName}) ];
|
||||
};
|
||||
makeAutostart = name:
|
||||
{ config, ... }: {
|
||||
config.xdg.configFile."autostart/${name}.desktop".source =
|
||||
"${config.home.path}/share/applications/${name}.desktop";
|
||||
};
|
||||
makeConfig = hostName: imports: {...}: {
|
||||
imports = imports ++ [./roles/default.nix];
|
||||
m-0.hostName = hostName;
|
||||
nixpkgs.overlays = [(_: _: (import ../channels.nix).${hostName})];
|
||||
};
|
||||
makeAutostart = name: {config, ...}: {
|
||||
config.xdg.configFile."autostart/${name}.desktop".source = "${config.home.path}/share/applications/${name}.desktop";
|
||||
};
|
||||
on-my-machines = [
|
||||
./roles/on-my-machine.nix
|
||||
./roles/accounting.nix
|
||||
|
@ -53,9 +52,11 @@ let
|
|||
./roles/mode-switching.nix
|
||||
./roles/systemd-exporter.nix
|
||||
];
|
||||
daily-driver = name: extra:
|
||||
let
|
||||
all = extra ++ on-my-machines ++ [
|
||||
daily-driver = name: extra: let
|
||||
all =
|
||||
extra
|
||||
++ on-my-machines
|
||||
++ [
|
||||
(import ./roles/firefox.nix "http://localhost:7000")
|
||||
(makeAutostart "planning")
|
||||
(makeAutostart "unlock-ssh")
|
||||
|
@ -76,56 +77,65 @@ let
|
|||
./roles/wallpaper.nix
|
||||
./roles/zettelkasten.nix
|
||||
];
|
||||
orgaExtra = [
|
||||
./roles/accounting.nix
|
||||
./roles/mail-client.nix
|
||||
./roles/pythia.nix
|
||||
./roles/tinkering.nix
|
||||
];
|
||||
blockServer = import ./roles/block-server.nix;
|
||||
in
|
||||
{
|
||||
klausur = makeConfig name (
|
||||
all ++ [
|
||||
(blockServer restrictedPages)
|
||||
]
|
||||
);
|
||||
orga = makeConfig name (
|
||||
all ++ orgaExtra ++ [
|
||||
(blockServer restrictedPages)
|
||||
]
|
||||
);
|
||||
communication = makeConfig name (
|
||||
all ++ orgaExtra ++ [
|
||||
./roles/chat.nix
|
||||
(blockServer restrictedPages)
|
||||
]
|
||||
);
|
||||
code = makeConfig name (
|
||||
all ++ orgaExtra ++ [
|
||||
./roles/chat.nix
|
||||
(blockServer newsPages)
|
||||
]
|
||||
);
|
||||
leisure = makeConfig name (
|
||||
all ++ orgaExtra ++ [
|
||||
./roles/games.nix
|
||||
./roles/chat.nix
|
||||
./roles/leisure.nix
|
||||
(blockServer newsPages)
|
||||
]
|
||||
);
|
||||
unrestricted = makeConfig name (
|
||||
all ++ orgaExtra ++ [
|
||||
./roles/games.nix
|
||||
./roles/chat.nix
|
||||
./roles/leisure.nix
|
||||
(blockServer [ ])
|
||||
]
|
||||
);
|
||||
};
|
||||
in
|
||||
{
|
||||
orgaExtra = [
|
||||
./roles/accounting.nix
|
||||
./roles/mail-client.nix
|
||||
./roles/pythia.nix
|
||||
./roles/tinkering.nix
|
||||
];
|
||||
blockServer = import ./roles/block-server.nix;
|
||||
in {
|
||||
klausur = makeConfig name (
|
||||
all
|
||||
++ [
|
||||
(blockServer restrictedPages)
|
||||
]
|
||||
);
|
||||
orga = makeConfig name (
|
||||
all
|
||||
++ orgaExtra
|
||||
++ [
|
||||
(blockServer restrictedPages)
|
||||
]
|
||||
);
|
||||
communication = makeConfig name (
|
||||
all
|
||||
++ orgaExtra
|
||||
++ [
|
||||
./roles/chat.nix
|
||||
(blockServer restrictedPages)
|
||||
]
|
||||
);
|
||||
code = makeConfig name (
|
||||
all
|
||||
++ orgaExtra
|
||||
++ [
|
||||
./roles/chat.nix
|
||||
(blockServer newsPages)
|
||||
]
|
||||
);
|
||||
leisure = makeConfig name (
|
||||
all
|
||||
++ orgaExtra
|
||||
++ [
|
||||
./roles/games.nix
|
||||
./roles/chat.nix
|
||||
./roles/leisure.nix
|
||||
(blockServer newsPages)
|
||||
]
|
||||
);
|
||||
unrestricted = makeConfig name (
|
||||
all
|
||||
++ orgaExtra
|
||||
++ [
|
||||
./roles/games.nix
|
||||
./roles/chat.nix
|
||||
./roles/leisure.nix
|
||||
(blockServer [])
|
||||
]
|
||||
);
|
||||
};
|
||||
in {
|
||||
apollo = daily-driver "apollo" [
|
||||
./roles/battery.nix
|
||||
./roles/untrusted-env.nix
|
||||
|
@ -143,7 +153,8 @@ in
|
|||
./roles/headless.nix
|
||||
(import ./roles/state.nix "default")
|
||||
];
|
||||
hera.default = makeConfig "hera" (on-my-machines ++ [
|
||||
hera.default = makeConfig "hera" (on-my-machines
|
||||
++ [
|
||||
./roles/fetch-banking-timer.nix
|
||||
./roles/weechat
|
||||
./roles/mail-sort.nix
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, ... }: {
|
||||
{pkgs, ...}: {
|
||||
xdg.configFile."jali/config.py".source = pkgs.privateFile "jaliconfig.py";
|
||||
home.packages = builtins.attrValues pkgs.accounting-pkgs;
|
||||
}
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
{ pkgs, config, ... }: {
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
home.file.".arbtt/categorize.cfg".source = pkgs.privateValue (builtins.toFile "empty-file" "") "arbtt/default";
|
||||
}
|
||||
|
|
|
@ -1,19 +1,23 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
let
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
battery-watch = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "battery-watch";
|
||||
bins = [ pkgs.acpi ];
|
||||
imports = [
|
||||
"DBus.Notify"
|
||||
"Control.Concurrent"
|
||||
"Text.Megaparsec"
|
||||
"Text.Megaparsec.Char"
|
||||
"Text.Megaparsec.Char.Lexer"
|
||||
"Replace.Megaparsec"
|
||||
"Data.Maybe"
|
||||
];
|
||||
} ''
|
||||
{
|
||||
name = "battery-watch";
|
||||
bins = [pkgs.acpi];
|
||||
imports = [
|
||||
"DBus.Notify"
|
||||
"Control.Concurrent"
|
||||
"Text.Megaparsec"
|
||||
"Text.Megaparsec.Char"
|
||||
"Text.Megaparsec.Char.Lexer"
|
||||
"Replace.Megaparsec"
|
||||
"Data.Maybe"
|
||||
];
|
||||
} ''
|
||||
moderateLevel = 50 -- percent
|
||||
lowLevel = 20 -- percent
|
||||
criticalLevel = 8 -- percent
|
||||
|
@ -59,9 +63,7 @@ let
|
|||
where
|
||||
myNote = blankNote { body = Just $ Text [i|#{currentLevel}% remaining.|]}
|
||||
'';
|
||||
in
|
||||
{
|
||||
|
||||
in {
|
||||
systemd.user = {
|
||||
services.battery = {
|
||||
Unit.Description = "Watch battery state and warn user";
|
||||
|
@ -70,8 +72,7 @@ in
|
|||
Restart = "always";
|
||||
RestartSec = 60;
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
Install.WantedBy = ["default.target"];
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
{ pkgs, config, ... }: {
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
xdg.configFile."beets/config.yaml".text = builtins.toJSON {
|
||||
directory = config.services.mpd.musicDirectory;
|
||||
import.move = true;
|
||||
|
@ -7,22 +11,19 @@
|
|||
singleton = "$genre/%the{$artist}/singles/$title";
|
||||
comp = "$genre/%the{$artist}/$album%aunique{}/$track. $title";
|
||||
"genre:soundtrack" = "Soundtrack/$album%aunique{}/$track. $title";
|
||||
"genre::classical" =
|
||||
"$genre/%the{$composer}/$album%aunique{}/$track. $title";
|
||||
"genre::classical" = "$genre/%the{$composer}/$album%aunique{}/$track. $title";
|
||||
};
|
||||
plugins =
|
||||
"convert web mpdstats mpdupdate fromfilename the duplicates missing";
|
||||
plugins = "convert web mpdstats mpdupdate fromfilename the duplicates missing";
|
||||
convert = {
|
||||
auto = true;
|
||||
command =
|
||||
"${pkgs.ffmpeg}/bin/ffmpeg -i $source -y -vn -acodec libopus -ab 192k $dest";
|
||||
command = "${pkgs.ffmpeg}/bin/ffmpeg -i $source -y -vn -acodec libopus -ab 192k $dest";
|
||||
extension = "opus";
|
||||
never_convert_lossy_files = true;
|
||||
};
|
||||
};
|
||||
systemd.user.services.beets-mpdstats = {
|
||||
Unit.Description = "beets.io mpdstats recorder";
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
Install.WantedBy = ["default.target"];
|
||||
Service = {
|
||||
ExecStart = "${pkgs.beets}/bin/beet mpdstats";
|
||||
Restart = "always";
|
||||
|
|
|
@ -1,16 +1,22 @@
|
|||
list:
|
||||
{ pkgs, lib, ... }: {
|
||||
list: {
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
systemd.user.services.blockserver = {
|
||||
Unit.Description = "Serve a blocklist";
|
||||
Service =
|
||||
let
|
||||
blocklist = pkgs.writeTextDir "blocklist" (lib.concatStringsSep "\r\n" list);
|
||||
startpage = pkgs.writeTextDir "index.html" (builtins.readFile ./startpage.html);
|
||||
in
|
||||
{
|
||||
ExecStart = "${pkgs.python3}/bin/python -m http.server 8842 -d ${pkgs.symlinkJoin { name = "blockserver-dir"; paths = [ blocklist startpage ]; }}";
|
||||
Restart = "always";
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
Service = let
|
||||
blocklist = pkgs.writeTextDir "blocklist" (lib.concatStringsSep "\r\n" list);
|
||||
startpage = pkgs.writeTextDir "index.html" (builtins.readFile ./startpage.html);
|
||||
in {
|
||||
ExecStart = "${pkgs.python3}/bin/python -m http.server 8842 -d ${
|
||||
pkgs.symlinkJoin {
|
||||
name = "blockserver-dir";
|
||||
paths = [blocklist startpage];
|
||||
}
|
||||
}";
|
||||
Restart = "always";
|
||||
};
|
||||
Install.WantedBy = ["default.target"];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
{pkgs, ...}: {
|
||||
home.packages = builtins.attrValues
|
||||
{
|
||||
inherit (pkgs) discord signal-desktop tdesktop element-desktop;
|
||||
weechat = pkgs.writeShellScriptBin "weechat" "ssh -t hera 'TMUX_TMPDIR=/run/user/1000 tmux -L weechat attach'";
|
||||
};
|
||||
{
|
||||
inherit (pkgs) discord signal-desktop tdesktop element-desktop;
|
||||
weechat = pkgs.writeShellScriptBin "weechat" "ssh -t hera 'TMUX_TMPDIR=/run/user/1000 tmux -L weechat attach'";
|
||||
};
|
||||
xdg.configFile."Element/config.json".text = builtins.toJSON {
|
||||
settingDefaults.custom_themes = [
|
||||
{
|
||||
|
|
|
@ -1,29 +1,51 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
{
|
||||
imports = [ ./mpv ];
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
imports = [./mpv];
|
||||
home.packages = builtins.attrValues rec {
|
||||
zoom = pkgs.zoom-us.overrideAttrs (old: {
|
||||
postFixup = old.postFixup + ''
|
||||
wrapProgram $out/bin/zoom-us --unset XDG_SESSION_TYPE
|
||||
wrapProgram $out/bin/zoom --unset XDG_SESSION_TYPE
|
||||
'';
|
||||
postFixup =
|
||||
old.postFixup
|
||||
+ ''
|
||||
wrapProgram $out/bin/zoom-us --unset XDG_SESSION_TYPE
|
||||
wrapProgram $out/bin/zoom --unset XDG_SESSION_TYPE
|
||||
'';
|
||||
});
|
||||
|
||||
inherit (pkgs.gnome) nautilus;
|
||||
inherit (pkgs.xorg) xbacklight;
|
||||
inherit (pkgs)
|
||||
inherit
|
||||
(pkgs)
|
||||
# web
|
||||
chromium
|
||||
|
||||
mumble upower speedtest-cli acpi
|
||||
|
||||
mumble
|
||||
upower
|
||||
speedtest-cli
|
||||
acpi
|
||||
anki
|
||||
|
||||
# tools & office
|
||||
feh gimp imagemagick libreoffice-fresh xournal musescore handbrake evince
|
||||
abcde beets zbar
|
||||
|
||||
feh
|
||||
gimp
|
||||
imagemagick
|
||||
libreoffice-fresh
|
||||
xournal
|
||||
musescore
|
||||
handbrake
|
||||
evince
|
||||
abcde
|
||||
beets
|
||||
zbar
|
||||
# media
|
||||
ncpamixer pavucontrol deluge gmpc vlc youtubeDL syncplay;
|
||||
ncpamixer
|
||||
pavucontrol
|
||||
deluge
|
||||
gmpc
|
||||
vlc
|
||||
youtubeDL
|
||||
syncplay
|
||||
;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
./zsh
|
||||
./home-options.nix
|
||||
|
@ -9,7 +13,7 @@
|
|||
./neovim
|
||||
./nvd.nix
|
||||
];
|
||||
nixpkgs.overlays = import ../../overlays { inherit lib; };
|
||||
nixpkgs.overlays = import ../../overlays {inherit lib;};
|
||||
|
||||
news.display = "silent";
|
||||
|
||||
|
@ -60,7 +64,7 @@
|
|||
'';
|
||||
};
|
||||
password-store = {
|
||||
package = pkgs.pass-wayland.withExtensions (exts: [ exts.pass-update pkgs.pass-clip exts.pass-otp ]);
|
||||
package = pkgs.pass-wayland.withExtensions (exts: [exts.pass-update pkgs.pass-clip exts.pass-otp]);
|
||||
enable = true;
|
||||
settings.PASSWORD_STORE_DIR = "${config.home.homeDirectory}/git/password-store";
|
||||
};
|
||||
|
@ -120,81 +124,81 @@
|
|||
controlMaster = "auto";
|
||||
controlPersist = "120";
|
||||
enable = true;
|
||||
matchBlocks =
|
||||
let
|
||||
agHost = "fb04217.mathematik.tu-darmstadt.de";
|
||||
in
|
||||
{
|
||||
athene.hostname = "192.168.178.22";
|
||||
git-auto = {
|
||||
hostname = "hera.m-0.eu";
|
||||
user = "git";
|
||||
identityFile = "~/.ssh/id_auto_ed25519";
|
||||
};
|
||||
git = {
|
||||
hostname = "hera.m-0.eu";
|
||||
user = "git";
|
||||
};
|
||||
hera = {
|
||||
hostname = "hera.m-0.eu";
|
||||
user = "maralorn";
|
||||
};
|
||||
ag-forward = {
|
||||
hostname = agHost;
|
||||
proxyJump = "gw";
|
||||
user = "brandy";
|
||||
};
|
||||
ag = {
|
||||
hostname = agHost;
|
||||
user = "brandy";
|
||||
};
|
||||
gw = {
|
||||
hostname = "gwres4.mathematik.tu-darmstadt.de";
|
||||
user = "brandy";
|
||||
};
|
||||
shells = {
|
||||
hostname = "shells.darmstadt.ccc.de";
|
||||
user = "maralorn";
|
||||
};
|
||||
whisky = {
|
||||
hostname = "whisky.w17.io";
|
||||
user = "chaos";
|
||||
};
|
||||
kitchen = {
|
||||
hostname = "kitchen.w17.io";
|
||||
user = "chaos";
|
||||
};
|
||||
"door.w17.io".identityFile = "~/.ssh/door_rsa";
|
||||
matchBlocks = let
|
||||
agHost = "fb04217.mathematik.tu-darmstadt.de";
|
||||
in {
|
||||
athene.hostname = "192.168.178.22";
|
||||
git-auto = {
|
||||
hostname = "hera.m-0.eu";
|
||||
user = "git";
|
||||
identityFile = "~/.ssh/id_auto_ed25519";
|
||||
};
|
||||
git = {
|
||||
hostname = "hera.m-0.eu";
|
||||
user = "git";
|
||||
};
|
||||
hera = {
|
||||
hostname = "hera.m-0.eu";
|
||||
user = "maralorn";
|
||||
};
|
||||
ag-forward = {
|
||||
hostname = agHost;
|
||||
proxyJump = "gw";
|
||||
user = "brandy";
|
||||
};
|
||||
ag = {
|
||||
hostname = agHost;
|
||||
user = "brandy";
|
||||
};
|
||||
gw = {
|
||||
hostname = "gwres4.mathematik.tu-darmstadt.de";
|
||||
user = "brandy";
|
||||
};
|
||||
shells = {
|
||||
hostname = "shells.darmstadt.ccc.de";
|
||||
user = "maralorn";
|
||||
};
|
||||
whisky = {
|
||||
hostname = "whisky.w17.io";
|
||||
user = "chaos";
|
||||
};
|
||||
kitchen = {
|
||||
hostname = "kitchen.w17.io";
|
||||
user = "chaos";
|
||||
};
|
||||
"door.w17.io".identityFile = "~/.ssh/door_rsa";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
home = {
|
||||
packages = builtins.attrValues pkgs.home-pkgs ++ [
|
||||
(
|
||||
pkgs.writeShellScriptBin "unlock-ssh" ''
|
||||
SSH_ASKPASS="print-ssh-pw" DISPLAY="a" ssh-add < /dev/null
|
||||
''
|
||||
)
|
||||
(
|
||||
pkgs.writeShellScriptBin "print-radicle-pw"
|
||||
packages =
|
||||
builtins.attrValues pkgs.home-pkgs
|
||||
++ [
|
||||
(
|
||||
pkgs.writeShellScriptBin "unlock-ssh" ''
|
||||
SSH_ASKPASS="print-ssh-pw" DISPLAY="a" ssh-add < /dev/null
|
||||
''
|
||||
)
|
||||
(
|
||||
pkgs.writeShellScriptBin "print-radicle-pw"
|
||||
"pass show etc/radicle/${config.m-0.hostName}"
|
||||
)
|
||||
(
|
||||
pkgs.writeShellScriptBin "print-ssh-pw"
|
||||
)
|
||||
(
|
||||
pkgs.writeShellScriptBin "print-ssh-pw"
|
||||
"pass show eu/m-0/${config.m-0.hostName}.m-0.eu/ssh-key"
|
||||
)
|
||||
(
|
||||
pkgs.writeShellScriptBin "dingdingding" (builtins.readFile ./signal.sh)
|
||||
)
|
||||
];
|
||||
)
|
||||
(
|
||||
pkgs.writeShellScriptBin "dingdingding" (builtins.readFile ./signal.sh)
|
||||
)
|
||||
];
|
||||
sessionVariables = {
|
||||
PATH = "$HOME/.nix-profile/bin:$PATH";
|
||||
BROWSER = "firefox";
|
||||
EMAIL = "malte.brandy@maralorn.de";
|
||||
SUDO_ASKPASS = toString (
|
||||
pkgs.writeShellScript "print-sudo-pw"
|
||||
"pass show eu/m-0/${config.m-0.hostName}.m-0.eu/${config.home.username}"
|
||||
"pass show eu/m-0/${config.m-0.hostName}.m-0.eu/${config.home.username}"
|
||||
);
|
||||
};
|
||||
};
|
||||
|
@ -219,17 +223,17 @@
|
|||
mimeApps = {
|
||||
enable = true;
|
||||
defaultApplications = {
|
||||
"application/pdf" = [ "org.gnome.Evince.desktop" ];
|
||||
"x-scheme-handler/http" = [ "firefox.desktop" ];
|
||||
"x-scheme-handler/https" = [ "firefox.desktop" ];
|
||||
"x-scheme-handler/chrome" = [ "firefox.desktop" ];
|
||||
"text/html" = [ "firefox.desktop" ];
|
||||
"application/x-extension-htm" = [ "firefox.desktop" ];
|
||||
"application/x-extension-html" = [ "firefox.desktop" ];
|
||||
"application/x-extension-shtml" = [ "firefox.desktop" ];
|
||||
"application/xhtml+xml" = [ "firefox.desktop" ];
|
||||
"application/x-extension-xhtml" = [ "firefox.desktop" ];
|
||||
"application/x-extension-xht" = [ "firefox.desktop" ];
|
||||
"application/pdf" = ["org.gnome.Evince.desktop"];
|
||||
"x-scheme-handler/http" = ["firefox.desktop"];
|
||||
"x-scheme-handler/https" = ["firefox.desktop"];
|
||||
"x-scheme-handler/chrome" = ["firefox.desktop"];
|
||||
"text/html" = ["firefox.desktop"];
|
||||
"application/x-extension-htm" = ["firefox.desktop"];
|
||||
"application/x-extension-html" = ["firefox.desktop"];
|
||||
"application/x-extension-shtml" = ["firefox.desktop"];
|
||||
"application/xhtml+xml" = ["firefox.desktop"];
|
||||
"application/x-extension-xhtml" = ["firefox.desktop"];
|
||||
"application/x-extension-xht" = ["firefox.desktop"];
|
||||
};
|
||||
};
|
||||
userDirs = {
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
simpleDesktopItem = name: command:
|
||||
pkgs.makeDesktopItem {
|
||||
name = name;
|
||||
|
@ -15,8 +18,6 @@ let
|
|||
};
|
||||
superSimpleDesktopItem = name: simpleDesktopItem name name;
|
||||
terminalDesktopItem = name: namedTerminalDesktopItem name name;
|
||||
|
||||
in
|
||||
{
|
||||
home.packages = map superSimpleDesktopItem [ "kassandra2" ] ++ map terminalDesktopItem [ "unlock-ssh" ];
|
||||
in {
|
||||
home.packages = map superSimpleDesktopItem ["kassandra2"] ++ map terminalDesktopItem ["unlock-ssh"];
|
||||
}
|
||||
|
|
|
@ -1,12 +1,15 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let inherit (import ../../lib) colors;
|
||||
in
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
inherit (import ../../lib) colors;
|
||||
in {
|
||||
m-0.colors = colors;
|
||||
home = {
|
||||
packages = builtins.attrValues pkgs.desktop-pkgs;
|
||||
file.".zprofile".text =
|
||||
". $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh";
|
||||
file.".zprofile".text = ". $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh";
|
||||
};
|
||||
gtk = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, ... }: {
|
||||
{pkgs, ...}: {
|
||||
systemd.user = {
|
||||
services.fetch-banking = {
|
||||
Unit.Description = "Fetch banking";
|
||||
|
@ -23,7 +23,7 @@
|
|||
timers.fetch-banking = {
|
||||
Unit.Description = "Fetch banking";
|
||||
Timer.OnCalendar = "2/6:00"; # Every 6 hours from 2:00
|
||||
Install.WantedBy = [ "timers.target" ];
|
||||
Install.WantedBy = ["timers.target"];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
startpage: { pkgs, ... }: {
|
||||
startpage: {pkgs, ...}: {
|
||||
programs.firefox = {
|
||||
profiles.maralorn-default = {
|
||||
extraConfig = ""; # user.js
|
||||
|
@ -21,7 +21,7 @@ startpage: { pkgs, ... }: {
|
|||
};
|
||||
|
||||
programs.browserpass = {
|
||||
browsers = [ "firefox" ];
|
||||
browsers = ["firefox"];
|
||||
enable = true;
|
||||
};
|
||||
home.sessionVariables = {
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
gw2dir = "${config.home.homeDirectory}/volatile/GW2";
|
||||
wine = pkgs.wineWowPackages.staging;
|
||||
gw2env = ''
|
||||
|
@ -45,9 +49,7 @@ let
|
|||
cd "${gw2dir}/data/drive_c/Guild Wars 2"
|
||||
${wine}/bin/wine64 ./Gw2-64.exe $@ -autologin
|
||||
'';
|
||||
in
|
||||
{
|
||||
|
||||
in {
|
||||
#dconf.settings."org/gnome/settings-daemon/plugins/media-keys" = {
|
||||
#mic-mute = lib.mkForce [ ];
|
||||
#next = lib.mkForce [ ];
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
{ ... }: {
|
||||
{...}: {
|
||||
programs.git.signing.key = "6C3D12CD88CDF46C5EAF4D12226A2D41EF5378C9";
|
||||
}
|
||||
|
|
|
@ -1,16 +1,19 @@
|
|||
{ pkgs, lib, ... }@args:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
} @ args: let
|
||||
hotkeys = import ./hotkeys.nix args;
|
||||
mkTuple = lib.hm.gvariant.mkTuple;
|
||||
statusScript = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "status-script";
|
||||
bins = [ pkgs.notmuch pkgs.coreutils pkgs.git pkgs.playerctl pkgs.khal ];
|
||||
imports = [
|
||||
"Control.Exception"
|
||||
"System.Directory"
|
||||
];
|
||||
} ''
|
||||
{
|
||||
name = "status-script";
|
||||
bins = [pkgs.notmuch pkgs.coreutils pkgs.git pkgs.playerctl pkgs.khal];
|
||||
imports = [
|
||||
"Control.Exception"
|
||||
"System.Directory"
|
||||
];
|
||||
} ''
|
||||
data Mode = Klausur | Orga | Communication | Code | Leisure | Unrestricted deriving (Eq, Ord, Show, Enum, Bounded)
|
||||
modes = enumFrom Klausur
|
||||
getMode = do
|
||||
|
@ -46,17 +49,16 @@ let
|
|||
memptyIfFalse (length unpushed /= 0) (one [i|<span foreground='\#d2691e'>Unpushed: #{Text.intercalate " " unpushed}</span>|]) ++
|
||||
memptyIfFalse (length dirty /= 0) (one [i|<span foreground='\#ff7f50'>Dirty: #{Text.intercalate " " dirty}</span>|])
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
services.gpg-agent.pinentryFlavor = "gnome3";
|
||||
dconf.settings = {
|
||||
"org/gnome/desktop/wm/keybindings" = {
|
||||
switch-input-source = [ ];
|
||||
switch-input-source-backward = [ ];
|
||||
switch-applications = [ ];
|
||||
switch-applications-backward = [ ];
|
||||
cycle-windows = [ "<Super>Tab" ];
|
||||
cycle-windows-backward = [ "<Shift><Super>Tab" ];
|
||||
switch-input-source = [];
|
||||
switch-input-source-backward = [];
|
||||
switch-applications = [];
|
||||
switch-applications-backward = [];
|
||||
cycle-windows = ["<Super>Tab"];
|
||||
cycle-windows-backward = ["<Shift><Super>Tab"];
|
||||
};
|
||||
|
||||
"org/gnome/settings-daemon/plugins/color" = {
|
||||
|
@ -71,39 +73,37 @@ in
|
|||
};
|
||||
|
||||
"org/gnome/desktop/wm/keybindings" = {
|
||||
close = [ "<Super>q" ];
|
||||
close = ["<Super>q"];
|
||||
};
|
||||
|
||||
"org/gnome/shell/extensions/gtile" =
|
||||
let
|
||||
left = r: "0:${r} 1:${r},0:${r} 2:${r},0:${r} 3:${r},0:${r} 0:${r}, 1:${r} 1:${r}";
|
||||
right = r: "4:${r} 5:${r},3:${r} 5:${r},2:${r} 5:${r},5:${r} 5:${r}, 4:${r} 4:${r}";
|
||||
middle = r: "2:${r} 3:${r}, 1:${r} 4:${r}, 0:${r} 5:${r}, 1:${r} 3:${r}, 2:${r} 4:${r}, 2:${r} 2:${r}, 3:${r} 3:${r}";
|
||||
in
|
||||
{
|
||||
global-presets = true;
|
||||
grid-sizes = "6x2";
|
||||
preset-resize-1 = [ "<Control><Super>m" ];
|
||||
preset-resize-2 = [ "<Control><Super>comma" ];
|
||||
preset-resize-3 = [ "<Control><Super>period" ];
|
||||
preset-resize-4 = [ "<Control><Super>n" ];
|
||||
preset-resize-5 = [ "<Control><Super>r" ];
|
||||
preset-resize-6 = [ "<Control><Super>t" ];
|
||||
preset-resize-7 = [ "<Control><Super>h" ];
|
||||
preset-resize-8 = [ "<Control><Super>g" ];
|
||||
preset-resize-9 = [ "<Control><Super>f" ];
|
||||
resize1 = "6x2 ${left "1"}";
|
||||
resize2 = "6x2 ${middle "1"}";
|
||||
resize3 = "6x2 ${right "1"}";
|
||||
resize4 = "6x1 ${left "0"}";
|
||||
resize5 = "6x1 ${middle "0"}";
|
||||
resize6 = "6x1 ${right "0"}";
|
||||
resize7 = "6x2 ${left "0"}";
|
||||
resize8 = "6x2 ${middle "0"}";
|
||||
resize9 = "6x2 ${right "0"}";
|
||||
show-toggle-tiling-alt = [ "<Super>t" ];
|
||||
show-icon = false;
|
||||
};
|
||||
"org/gnome/shell/extensions/gtile" = let
|
||||
left = r: "0:${r} 1:${r},0:${r} 2:${r},0:${r} 3:${r},0:${r} 0:${r}, 1:${r} 1:${r}";
|
||||
right = r: "4:${r} 5:${r},3:${r} 5:${r},2:${r} 5:${r},5:${r} 5:${r}, 4:${r} 4:${r}";
|
||||
middle = r: "2:${r} 3:${r}, 1:${r} 4:${r}, 0:${r} 5:${r}, 1:${r} 3:${r}, 2:${r} 4:${r}, 2:${r} 2:${r}, 3:${r} 3:${r}";
|
||||
in {
|
||||
global-presets = true;
|
||||
grid-sizes = "6x2";
|
||||
preset-resize-1 = ["<Control><Super>m"];
|
||||
preset-resize-2 = ["<Control><Super>comma"];
|
||||
preset-resize-3 = ["<Control><Super>period"];
|
||||
preset-resize-4 = ["<Control><Super>n"];
|
||||
preset-resize-5 = ["<Control><Super>r"];
|
||||
preset-resize-6 = ["<Control><Super>t"];
|
||||
preset-resize-7 = ["<Control><Super>h"];
|
||||
preset-resize-8 = ["<Control><Super>g"];
|
||||
preset-resize-9 = ["<Control><Super>f"];
|
||||
resize1 = "6x2 ${left "1"}";
|
||||
resize2 = "6x2 ${middle "1"}";
|
||||
resize3 = "6x2 ${right "1"}";
|
||||
resize4 = "6x1 ${left "0"}";
|
||||
resize5 = "6x1 ${middle "0"}";
|
||||
resize6 = "6x1 ${right "0"}";
|
||||
resize7 = "6x2 ${left "0"}";
|
||||
resize8 = "6x2 ${middle "0"}";
|
||||
resize9 = "6x2 ${right "0"}";
|
||||
show-toggle-tiling-alt = ["<Super>t"];
|
||||
show-icon = false;
|
||||
};
|
||||
# Generated via dconf2nix: https://github.com/gvolpe/dconf2nix
|
||||
"org/gnome/desktop/a11y/keyboard" = {
|
||||
mousekeys-accel-time = 2000;
|
||||
|
@ -218,24 +218,22 @@ in
|
|||
};
|
||||
|
||||
"org/gnome/desktop/input-sources" = {
|
||||
sources = [ (mkTuple [ "xkb" "de+neo" ]) ]; # use neo
|
||||
sources = [(mkTuple ["xkb" "de+neo"])]; # use neo
|
||||
xkb-options = [
|
||||
"altwin:swap_lalt_lwin" # swap alt and win
|
||||
"lv3:menu_switch" # So that gnome-settings does not set it to ralt
|
||||
];
|
||||
};
|
||||
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/terminal" =
|
||||
{
|
||||
binding = "<Super>Return";
|
||||
command = "foot";
|
||||
name = "Terminal";
|
||||
};
|
||||
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/hotkeys" =
|
||||
{
|
||||
binding = "<Super>space";
|
||||
command = "foot ${pkgs.haskell-dialog}/bin/hotkeys ${pkgs.writeText "hotkeys.yaml" (builtins.toJSON hotkeys)}";
|
||||
name = "Hotkeys";
|
||||
};
|
||||
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/terminal" = {
|
||||
binding = "<Super>Return";
|
||||
command = "foot";
|
||||
name = "Terminal";
|
||||
};
|
||||
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/hotkeys" = {
|
||||
binding = "<Super>space";
|
||||
command = "foot ${pkgs.haskell-dialog}/bin/hotkeys ${pkgs.writeText "hotkeys.yaml" (builtins.toJSON hotkeys)}";
|
||||
name = "Hotkeys";
|
||||
};
|
||||
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/standby" = {
|
||||
binding = "<Super>F5";
|
||||
command = "systemctl suspend";
|
||||
|
@ -244,7 +242,7 @@ in
|
|||
|
||||
"org/gnome/shell/extensions/nothing-to-say" = {
|
||||
icon-visibility = "always";
|
||||
keybinding-toggle-mute = [ "<Primary><Shift>U+2113" ]; # Mouse key side middle
|
||||
keybinding-toggle-mute = ["<Primary><Shift>U+2113"]; # Mouse key side middle
|
||||
};
|
||||
"org/gnome/settings-daemon/plugins/media-keys" = {
|
||||
custom-keybindings = [
|
||||
|
@ -252,14 +250,14 @@ in
|
|||
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/hotkeys/"
|
||||
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/standby/"
|
||||
];
|
||||
next = [ "<Primary><Shift>dollar" ];
|
||||
play = [ "<Primary><Shift>guillemotleft" ];
|
||||
previous = [ "<Primary><Shift>EuroSign" ];
|
||||
screensaver = [ "<Primary>Escape" ];
|
||||
volume-down = [ "<Primary><Shift>section" ];
|
||||
volume-up = [ "<Primary><Shift>degree" ];
|
||||
area-screenshot-clip = [ "Print" ];
|
||||
screenshot = [ ];
|
||||
next = ["<Primary><Shift>dollar"];
|
||||
play = ["<Primary><Shift>guillemotleft"];
|
||||
previous = ["<Primary><Shift>EuroSign"];
|
||||
screensaver = ["<Primary>Escape"];
|
||||
volume-down = ["<Primary><Shift>section"];
|
||||
volume-up = ["<Primary><Shift>degree"];
|
||||
area-screenshot-clip = ["Print"];
|
||||
screenshot = [];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ ... }: {
|
||||
{...}: {
|
||||
services = {
|
||||
mpd = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
{ pkgs, ... }: {
|
||||
{pkgs, ...}: {
|
||||
services.gpg-agent.pinentryFlavor = "curses";
|
||||
}
|
||||
|
|
|
@ -1,17 +1,15 @@
|
|||
{ lib, ... }: {
|
||||
|
||||
{lib, ...}: {
|
||||
options = {
|
||||
m-0 = {
|
||||
hostName = lib.mkOption { type = lib.types.str; };
|
||||
hostName = lib.mkOption {type = lib.types.str;};
|
||||
terminal = lib.mkOption {
|
||||
default = "foot";
|
||||
type = lib.types.str;
|
||||
};
|
||||
colors = lib.mkOption {
|
||||
default = { };
|
||||
default = {};
|
||||
type = lib.types.attrs;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
{pkgs, ...}: {
|
||||
systemd.user.services.hoogle = {
|
||||
Unit.Description = "Hoogle server";
|
||||
Install.WantedBy = [ "graphical-session.target" ];
|
||||
Install.WantedBy = ["graphical-session.target"];
|
||||
Service = {
|
||||
ExecStart = "${pkgs.ghcWithPackages}/bin/hoogle server --local --links";
|
||||
Restart = "always";
|
||||
|
|
|
@ -1,17 +1,15 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
{pkgs, ...}: let
|
||||
fork = cmd: "fork ${cmd}";
|
||||
in
|
||||
[
|
||||
in [
|
||||
{
|
||||
Orga = [
|
||||
{ Kassandra = fork "planning"; }
|
||||
{ Kalendar = "calendar"; }
|
||||
{ Habitica = fork "firefox https://habitica.com"; }
|
||||
{ Tasks = "tasksh"; }
|
||||
{ Meditate = "meditate"; }
|
||||
{ Pythia = "pythia"; }
|
||||
{ Notes = "codium ~/git/notes"; }
|
||||
{Kassandra = fork "planning";}
|
||||
{Kalendar = "calendar";}
|
||||
{Habitica = fork "firefox https://habitica.com";}
|
||||
{Tasks = "tasksh";}
|
||||
{Meditate = "meditate";}
|
||||
{Pythia = "pythia";}
|
||||
{Notes = "codium ~/git/notes";}
|
||||
];
|
||||
}
|
||||
{
|
||||
|
@ -31,24 +29,22 @@ in
|
|||
};
|
||||
}
|
||||
{
|
||||
SSH =
|
||||
let
|
||||
ssh = host: "ssh ${host}";
|
||||
in
|
||||
[
|
||||
{ "hera via vpn" = ssh "hera.vpn.m-0.eu"; }
|
||||
{ "fluffy via vpn" = ssh "fluffy.vpn.m-0.eu"; }
|
||||
{ remote-builder = ssh "phoibe.cased.de -i /etc/nixos/private/id_ed25519-nix-builder"; }
|
||||
{ ag = ssh "ag-forward"; }
|
||||
{ gwres1 = ssh "gw"; }
|
||||
{ backup-server = ssh "borg.cysec.de"; }
|
||||
{ shells = ssh "shells"; }
|
||||
{ "bach (ved)" = ssh "bach.vocalensemble-darmstadt.de"; }
|
||||
{ "nixbuild.net" = "${pkgs.rlwrap}/bin/rlwrap ssh eu.nixbuild.net -i /etc/nixos/private/id_ed25519-nix-builder shell"; }
|
||||
{ "fluffy via local network" = ssh "fluffy.lo.m-0.eu"; }
|
||||
{ "hera via public v4" = ssh "hera-v4"; }
|
||||
{ "TU Tunnel" = "sshuttle --python python3.8 -r gw 130.83.0.0/16"; }
|
||||
];
|
||||
SSH = let
|
||||
ssh = host: "ssh ${host}";
|
||||
in [
|
||||
{"hera via vpn" = ssh "hera.vpn.m-0.eu";}
|
||||
{"fluffy via vpn" = ssh "fluffy.vpn.m-0.eu";}
|
||||
{remote-builder = ssh "phoibe.cased.de -i /etc/nixos/private/id_ed25519-nix-builder";}
|
||||
{ag = ssh "ag-forward";}
|
||||
{gwres1 = ssh "gw";}
|
||||
{backup-server = ssh "borg.cysec.de";}
|
||||
{shells = ssh "shells";}
|
||||
{"bach (ved)" = ssh "bach.vocalensemble-darmstadt.de";}
|
||||
{"nixbuild.net" = "${pkgs.rlwrap}/bin/rlwrap ssh eu.nixbuild.net -i /etc/nixos/private/id_ed25519-nix-builder shell";}
|
||||
{"fluffy via local network" = ssh "fluffy.lo.m-0.eu";}
|
||||
{"hera via public v4" = ssh "hera-v4";}
|
||||
{"TU Tunnel" = "sshuttle --python python3.8 -r gw 130.83.0.0/16";}
|
||||
];
|
||||
}
|
||||
{
|
||||
Sound = {
|
||||
|
@ -85,11 +81,11 @@ in
|
|||
VoxMachina = fork "mpv https://www.youtube.com/playlist?list=PL1tiwbzkOjQz7D0l_eLJGAISVtcL7oRu_";
|
||||
};
|
||||
}
|
||||
{ Passmenu = "pass clip -f"; }
|
||||
{ "Select Mode" = "select-mode"; }
|
||||
{Passmenu = "pass clip -f";}
|
||||
{"Select Mode" = "select-mode";}
|
||||
{
|
||||
Communication = [
|
||||
{ Matrix = fork "element-desktop"; }
|
||||
{Matrix = fork "element-desktop";}
|
||||
{
|
||||
Mail = {
|
||||
Open = "neomutt";
|
||||
|
@ -103,15 +99,15 @@ in
|
|||
Nixos = fork "mumble mumble://maralorn@lassul.us/nixos";
|
||||
};
|
||||
}
|
||||
{ Weechat = "weechat"; }
|
||||
{ Signal = fork "signal-desktop"; }
|
||||
{ Zoom = fork "zoom"; }
|
||||
{ Telegram = fork "telegram-desktop"; }
|
||||
{ Discord = fork "Discord"; }
|
||||
{ Tmate = "tmate"; }
|
||||
{Weechat = "weechat";}
|
||||
{Signal = fork "signal-desktop";}
|
||||
{Zoom = fork "zoom";}
|
||||
{Telegram = fork "telegram-desktop";}
|
||||
{Discord = fork "Discord";}
|
||||
{Tmate = "tmate";}
|
||||
];
|
||||
}
|
||||
{ "Monitor (htop)" = "htop"; }
|
||||
{"Monitor (htop)" = "htop";}
|
||||
{
|
||||
"W17" = {
|
||||
Summer = "ssh door@burbon.w17.io buzzer";
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
configPath = "${config.home.homeDirectory}/git/config";
|
||||
configGit = "${pkgs.git}/bin/git -C ${configPath}";
|
||||
script = pkgs.writeShellScript "hourly-maintenance" ''
|
||||
|
@ -13,8 +15,7 @@ let
|
|||
${pkgs.foot}/bin/foot --hold ${config.home.profileDirectory}/bin/maintenance
|
||||
fi
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
systemd.user = {
|
||||
services.maintenance = {
|
||||
Unit.Description = "Routine maintenance";
|
||||
|
@ -26,7 +27,7 @@ in
|
|||
timers.maintenance = {
|
||||
Unit.Description = "Hourly maintenance";
|
||||
Timer.OnCalendar = "hourly";
|
||||
Install.WantedBy = [ "timers.target" ];
|
||||
Install.WantedBy = ["timers.target"];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
dhallFiles = pkgs.runCommand "kassandra-config-src" { } ''
|
||||
{pkgs, ...}: let
|
||||
dhallFiles = pkgs.runCommand "kassandra-config-src" {} ''
|
||||
mkdir $out
|
||||
${pkgs.kassandra}/bin/kassandra2 print-types > $out/types.dhall
|
||||
ln -s ${./kassandra}/{config,backend}.dhall $out
|
||||
|
@ -10,24 +9,25 @@ let
|
|||
name = "kassandra-backend-config";
|
||||
code = "${dhallFiles}/backend.dhall : (${dhallFiles}/types.dhall).BackendConfig";
|
||||
source = true;
|
||||
dependencies = [ pkgs.dhallPackages.Prelude ];
|
||||
dependencies = [pkgs.dhallPackages.Prelude];
|
||||
};
|
||||
standalone = pkgs.dhallPackages.buildDhallPackage {
|
||||
name = "kassandra-standalone-config";
|
||||
code = "${dhallFiles}/config.dhall : (${dhallFiles}/types.dhall).StandaloneConfig";
|
||||
source = true;
|
||||
dependencies = [ pkgs.dhallPackages.Prelude ];
|
||||
dependencies = [pkgs.dhallPackages.Prelude];
|
||||
};
|
||||
|
||||
dhallResult = pkgs.runCommand "kassandra-config" { } ''
|
||||
dhallResult = pkgs.runCommand "kassandra-config" {} ''
|
||||
mkdir $out
|
||||
ln -s ${backend}/source.dhall $out/backend.dhall
|
||||
ln -s ${standalone}/source.dhall $out/config.dhall
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
xdg.configFile =
|
||||
if pkgs.withSecrets then {
|
||||
if pkgs.withSecrets
|
||||
then {
|
||||
kassandra.source = dhallResult.out;
|
||||
} else { };
|
||||
}
|
||||
else {};
|
||||
}
|
||||
|
|
|
@ -1,26 +1,25 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
calendars = pkgs.privateValue [ ] "calendars";
|
||||
{pkgs, ...}: let
|
||||
calendars = pkgs.privateValue [] "calendars";
|
||||
plans = pkgs.privateValue
|
||||
{
|
||||
"workDay" = "pass";
|
||||
"weekend" = "pass";
|
||||
}
|
||||
"plans";
|
||||
{
|
||||
"workDay" = "pass";
|
||||
"weekend" = "pass";
|
||||
}
|
||||
"plans";
|
||||
planning = pkgs.writeShellScriptBin "planning" ''
|
||||
create-plans; kassandra2
|
||||
'';
|
||||
ui = pkgs.writeShellScriptBin "calendar" ''
|
||||
create-plans; ikhal -d Serien
|
||||
create-plans; ikhal -d Serien
|
||||
'';
|
||||
createPlans = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "create-plans";
|
||||
bins = [ pkgs.khal pkgs.vdirsyncer ];
|
||||
imports = [
|
||||
"Data.Time"
|
||||
];
|
||||
} ''
|
||||
{
|
||||
name = "create-plans";
|
||||
bins = [pkgs.khal pkgs.vdirsyncer];
|
||||
imports = [
|
||||
"Data.Time"
|
||||
];
|
||||
} ''
|
||||
main = do
|
||||
today <- localDay . zonedTimeToLocalTime <$> getZonedTime
|
||||
[0..7] & fmap (`addDays` today) & mapM_ \day -> do
|
||||
|
@ -32,23 +31,33 @@ let
|
|||
else do
|
||||
${plans.workDay}
|
||||
'';
|
||||
in
|
||||
{
|
||||
home.packages = [ pkgs.khal createPlans planning ui ];
|
||||
in {
|
||||
home.packages = [pkgs.khal createPlans planning ui];
|
||||
xdg.configFile."khal/config".text = ''
|
||||
[locale]
|
||||
dateformat = "%Y-%m-%d"
|
||||
datetimeformat = "%Y-%m-%d %H:%M"
|
||||
timeformat = "%H:%M"
|
||||
[default]
|
||||
default_calendar = Standard
|
||||
[calendars]
|
||||
${pkgs.lib.concatMapStringsSep "\n" (
|
||||
{ name, readOnly ? false, ... }: ''
|
||||
[[${name}]]
|
||||
type = discover
|
||||
path = ~/.calendars/${name}/*
|
||||
readonly = ${if readOnly then "True" else "False"}''
|
||||
) calendars}
|
||||
[locale]
|
||||
dateformat = "%Y-%m-%d"
|
||||
datetimeformat = "%Y-%m-%d %H:%M"
|
||||
timeformat = "%H:%M"
|
||||
[default]
|
||||
default_calendar = Standard
|
||||
[calendars]
|
||||
${
|
||||
pkgs.lib.concatMapStringsSep "\n" (
|
||||
{
|
||||
name,
|
||||
readOnly ? false,
|
||||
...
|
||||
}: ''
|
||||
[[${name}]]
|
||||
type = discover
|
||||
path = ~/.calendars/${name}/*
|
||||
readonly = ${
|
||||
if readOnly
|
||||
then "True"
|
||||
else "False"
|
||||
}''
|
||||
)
|
||||
calendars
|
||||
}
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{ pkgs, ... }: {
|
||||
home.packages = [ pkgs.khard ];
|
||||
{pkgs, ...}: {
|
||||
home.packages = [pkgs.khard];
|
||||
xdg.configFile."khard/khard.conf".text = ''
|
||||
[addressbooks]
|
||||
[[Kontakte]]
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
serien = pkgs.writeShellScript "serien.rss" ''
|
||||
cat <<EOF
|
||||
<?xml version="1.0"?>
|
||||
|
@ -39,10 +43,9 @@ let
|
|||
urls-source "ocnews"
|
||||
ocnews-url "https://cloud.maralorn.de"
|
||||
ocnews-login "maralorn"
|
||||
ocnews-password "${(pkgs.privateValue { adminpass =""; } "nextcloud-admin").adminpass}"
|
||||
ocnews-password "${(pkgs.privateValue {adminpass = "";} "nextcloud-admin").adminpass}"
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
xdg.configFile."newsboat/urls".text = lib.concatStringsSep "\n" watchfeeds;
|
||||
home = {
|
||||
packages = builtins.attrValues {
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
{ pkgs, ... }: {
|
||||
home.packages = [ pkgs.neomutt ];
|
||||
{pkgs, ...}: {
|
||||
home.packages = [pkgs.neomutt];
|
||||
}
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
mail2task = pkgs.writeShellScript "mail2task" ''
|
||||
set -euo pipefail
|
||||
${pkgs.isync}/bin/mbsync hera:Move/todo
|
||||
|
@ -8,7 +12,11 @@ let
|
|||
${pkgs.mblaze}/bin/mlist ${maildir}/hera/Move/todo | ${pkgs.mblaze}/bin/mrefile ${unsorted}
|
||||
${pkgs.notmuch}/bin/notmuch new
|
||||
'';
|
||||
lists = pkgs.privateValue { sortLists = [ ]; stupidLists = [ ]; notifications = [ ]; } "mail/filters";
|
||||
lists = pkgs.privateValue {
|
||||
sortLists = [];
|
||||
stupidLists = [];
|
||||
notifications = [];
|
||||
} "mail/filters";
|
||||
maildir = config.accounts.email.maildirBasePath;
|
||||
# mhdr -h List-ID -d Maildir/hera/Archiv/unsortiert | sort | sed 's/^.*<\(.*\)>$/\1/' | uniq | xargs -I '{}' sh -c "notmuch count List:{} | sed 's/$/: {}/'" | sort
|
||||
# To find candidates
|
||||
|
@ -21,91 +29,94 @@ let
|
|||
toFolder (lib.concatStringsSep "." (lib.splitString "@" name));
|
||||
toFolder = name:
|
||||
lib.concatStringsSep "/" (lib.reverseList (lib.splitString "." name));
|
||||
simple = filter: target: { inherit filter target; };
|
||||
simple = filter: target: {inherit filter target;};
|
||||
notifications = notify:
|
||||
simple "from:${notify}" "notifications/${mailToFolder notify}";
|
||||
stupidList = list: simple "to:${list}" "list/${mailToFolder list}";
|
||||
simpleSortList = listName:
|
||||
simple "List:${listName}" "list/${toFolder listName}";
|
||||
};
|
||||
myFilters = builtins.map filter.simpleSortList lists.sortLists
|
||||
myFilters =
|
||||
builtins.map filter.simpleSortList lists.sortLists
|
||||
++ builtins.map filter.stupidList lists.stupidLists
|
||||
++ builtins.map filter.notifications lists.notifications;
|
||||
sortMail = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "sort-mail-archive";
|
||||
bins = [ pkgs.notmuch pkgs.coreutils pkgs.mblaze pkgs.findutils ];
|
||||
imports = [
|
||||
"Text.Megaparsec"
|
||||
"Text.Megaparsec.Char"
|
||||
"Text.Megaparsec.Char.Lexer"
|
||||
"qualified Data.List.NonEmpty as NE"
|
||||
"qualified Data.Text as T"
|
||||
"System.Environment (setEnv)"
|
||||
];
|
||||
} ''
|
||||
reScan = notmuch "new" "--quiet"
|
||||
{
|
||||
name = "sort-mail-archive";
|
||||
bins = [pkgs.notmuch pkgs.coreutils pkgs.mblaze pkgs.findutils];
|
||||
imports = [
|
||||
"Text.Megaparsec"
|
||||
"Text.Megaparsec.Char"
|
||||
"Text.Megaparsec.Char.Lexer"
|
||||
"qualified Data.List.NonEmpty as NE"
|
||||
"qualified Data.Text as T"
|
||||
"System.Environment (setEnv)"
|
||||
];
|
||||
} ''
|
||||
reScan = notmuch "new" "--quiet"
|
||||
|
||||
findFilterMail :: (Text,Text) -> IO (Maybe (LByteString, Text, Text))
|
||||
findFilterMail (filter_, target) = do
|
||||
files <- notmuch "search" "--output" "files" (toString filter_) "folder:${unsortedSuffix}" |> capture
|
||||
pure $ if (LBS.length files > 0) then Just (files, filter_, target) else Nothing
|
||||
findFilterMail :: (Text,Text) -> IO (Maybe (LByteString, Text, Text))
|
||||
findFilterMail (filter_, target) = do
|
||||
files <- notmuch "search" "--output" "files" (toString filter_) "folder:${unsortedSuffix}" |> capture
|
||||
pure $ if (LBS.length files > 0) then Just (files, filter_, target) else Nothing
|
||||
|
||||
executeFilterMail :: (LByteString, Text, Text) -> IO ()
|
||||
executeFilterMail (files, filter_, target) = do
|
||||
say [i|Sorting "#{filter_}" into #{target}|]
|
||||
writeOutput files |> mscan
|
||||
mmkdir ([i|${archive}/#{target}|] :: String)
|
||||
writeOutput files |> mrefile ([i|${archive}/#{target}|] :: String)
|
||||
executeFilterMail :: (LByteString, Text, Text) -> IO ()
|
||||
executeFilterMail (files, filter_, target) = do
|
||||
say [i|Sorting "#{filter_}" into #{target}|]
|
||||
writeOutput files |> mscan
|
||||
mmkdir ([i|${archive}/#{target}|] :: String)
|
||||
writeOutput files |> mrefile ([i|${archive}/#{target}|] :: String)
|
||||
|
||||
myFilters :: [(Text,Text)]
|
||||
myFilters = [${
|
||||
lib.concatStringsSep ","
|
||||
myFilters :: [(Text,Text)]
|
||||
myFilters = [${
|
||||
lib.concatStringsSep ","
|
||||
(
|
||||
builtins.map ({ filter, target }: ''("${filter}","${target}")'')
|
||||
myFilters
|
||||
builtins.map ({
|
||||
filter,
|
||||
target,
|
||||
}: ''("${filter}","${target}")'')
|
||||
myFilters
|
||||
)
|
||||
}]
|
||||
|
||||
filtersFromTo :: Text -> Maybe (Text,Text)
|
||||
filtersFromTo = filtersFromField "to" [toToName]
|
||||
toToName :: Text -> Maybe Text
|
||||
toToName (T.splitOn "@" -> [name, "maralorn.de"])
|
||||
| not (T.isInfixOf "randy" name) = Just . ("to/" <>) . T.intercalate "_" . T.splitOn "." $ name
|
||||
toToName _ = Nothing
|
||||
filtersFromField :: Text -> [Text-> Maybe Text] -> Text -> Maybe (Text,Text)
|
||||
filtersFromField field filters text = fmap ([i|#{field}:#{text}|],) . viaNonEmpty Relude.head . mapMaybe ($ text) $ filters
|
||||
filtersFromListIDs :: Text -> Maybe (Text,Text)
|
||||
filtersFromListIDs = filtersFromField "List" [githubNameFolderFromId, gitlabNameFolderFromId]
|
||||
githubNameFolderFromId :: Text -> Maybe Text
|
||||
githubNameFolderFromId (reverse . T.splitOn "." -> ("com":"github":org:name)) = Just [i|github/#{org}/#{T.intercalate "_" $ reverse name}|]
|
||||
githubNameFolderFromId _ = Nothing
|
||||
gitlabNameFolderFromId :: Text -> Maybe Text
|
||||
gitlabNameFolderFromId (reverse . T.splitOn "." -> ("de":"ccc":"darmstadt":"git":org:name1:name)) = Just [i|cda-gitlab/#{org}/#{T.intercalate "_" . toList . Relude.tail $ NE.reverse (name1:|name)}|]
|
||||
gitlabNameFolderFromId _ = Nothing
|
||||
filtersFromTo :: Text -> Maybe (Text,Text)
|
||||
filtersFromTo = filtersFromField "to" [toToName]
|
||||
toToName :: Text -> Maybe Text
|
||||
toToName (T.splitOn "@" -> [name, "maralorn.de"])
|
||||
| not (T.isInfixOf "randy" name) = Just . ("to/" <>) . T.intercalate "_" . T.splitOn "." $ name
|
||||
toToName _ = Nothing
|
||||
filtersFromField :: Text -> [Text-> Maybe Text] -> Text -> Maybe (Text,Text)
|
||||
filtersFromField field filters text = fmap ([i|#{field}:#{text}|],) . viaNonEmpty Relude.head . mapMaybe ($ text) $ filters
|
||||
filtersFromListIDs :: Text -> Maybe (Text,Text)
|
||||
filtersFromListIDs = filtersFromField "List" [githubNameFolderFromId, gitlabNameFolderFromId]
|
||||
githubNameFolderFromId :: Text -> Maybe Text
|
||||
githubNameFolderFromId (reverse . T.splitOn "." -> ("com":"github":org:name)) = Just [i|github/#{org}/#{T.intercalate "_" $ reverse name}|]
|
||||
githubNameFolderFromId _ = Nothing
|
||||
gitlabNameFolderFromId :: Text -> Maybe Text
|
||||
gitlabNameFolderFromId (reverse . T.splitOn "." -> ("de":"ccc":"darmstadt":"git":org:name1:name)) = Just [i|cda-gitlab/#{org}/#{T.intercalate "_" . toList . Relude.tail $ NE.reverse (name1:|name)}|]
|
||||
gitlabNameFolderFromId _ = Nothing
|
||||
|
||||
type Parser = Parsec Text Text
|
||||
listId :: Parser Text
|
||||
listId = manyTill anySingle (char '<') *> (toText <$> manyTill anySingle (char '>'))
|
||||
type Parser = Parsec Text Text
|
||||
listId :: Parser Text
|
||||
listId = manyTill anySingle (char '<') *> (toText <$> manyTill anySingle (char '>'))
|
||||
|
||||
main = do
|
||||
setEnv "MBLAZE_PAGER" "cat"
|
||||
setEnv "NOTMUCH_CONFIG" "${config.home.sessionVariables.NOTMUCH_CONFIG or ""}"
|
||||
reScan
|
||||
(listIDs,tos) <- concurrently (mhdr "-h" "List-ID" "-d" "${unsorted}" |> capture) (mhdr "-h" "To" "-d" "${unsorted}" "-A" |> capture)
|
||||
let listFilters = mapMaybe filtersFromListIDs . sortNub . mapMaybe (parseMaybe listId) . lines . decodeUtf8 $ listIDs
|
||||
toFilters = mapMaybe filtersFromTo . sortNub . fmap (\x -> maybe x Relude.id $ parseMaybe listId x) . lines . decodeUtf8 $ tos
|
||||
applicableFilters <- catMaybes <$> forConcurrently (listFilters <> myFilters <> toFilters) findFilterMail
|
||||
for_ applicableFilters executeFilterMail
|
||||
reScan
|
||||
main = do
|
||||
setEnv "MBLAZE_PAGER" "cat"
|
||||
setEnv "NOTMUCH_CONFIG" "${config.home.sessionVariables.NOTMUCH_CONFIG or ""}"
|
||||
reScan
|
||||
(listIDs,tos) <- concurrently (mhdr "-h" "List-ID" "-d" "${unsorted}" |> capture) (mhdr "-h" "To" "-d" "${unsorted}" "-A" |> capture)
|
||||
let listFilters = mapMaybe filtersFromListIDs . sortNub . mapMaybe (parseMaybe listId) . lines . decodeUtf8 $ listIDs
|
||||
toFilters = mapMaybe filtersFromTo . sortNub . fmap (\x -> maybe x Relude.id $ parseMaybe listId x) . lines . decodeUtf8 $ tos
|
||||
applicableFilters <- catMaybes <$> forConcurrently (listFilters <> myFilters <> toFilters) findFilterMail
|
||||
for_ applicableFilters executeFilterMail
|
||||
reScan
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
services.mbsync.postExec = "${sortMail}/bin/sort-mail-archive";
|
||||
accounts.email.accounts = lib.mkIf pkgs.withSecrets {
|
||||
hera.imapnotify = {
|
||||
onNotifyPost = "${mail2task}";
|
||||
boxes = [ "Move/todo" ];
|
||||
boxes = ["Move/todo"];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,17 +1,19 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
let
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
gpg = "6C3D12CD88CDF46C5EAF4D12226A2D41EF5378C9";
|
||||
name = "Malte Brandy";
|
||||
mail = "malte.brandy@maralorn.de";
|
||||
alternates = pkgs.privateValue [ ] "mail/alternates";
|
||||
alternates = pkgs.privateValue [] "mail/alternates";
|
||||
quick-mail-sync = pkgs.writeShellScriptBin "quick-mail-sync" ''
|
||||
${pkgs.isync}/bin/mbsync hera:INBOX,Code
|
||||
${pkgs.notmuch}/bin/notmuch new
|
||||
'';
|
||||
maildir = config.accounts.email.maildirBasePath;
|
||||
in
|
||||
{
|
||||
|
||||
in {
|
||||
services = {
|
||||
mbsync = {
|
||||
enable = true;
|
||||
|
@ -22,28 +24,27 @@ in
|
|||
};
|
||||
systemd.user.timers.mbsync.Timer.RandomizedDelaySec = "10m";
|
||||
|
||||
accounts.email.accounts = pkgs.privateValue { } "mail/accounts";
|
||||
systemd.user.services =
|
||||
let
|
||||
hasImapHost = name: account: account.imap != null;
|
||||
mkWatchService = name: account: {
|
||||
name = "watch-${name}-maildir";
|
||||
value = {
|
||||
Unit.Description = "Watch maildir for changes for account ${name}";
|
||||
Service = {
|
||||
ExecStart = toString (pkgs.writeShellScript "watch-${name}-maildir" ''
|
||||
while ${pkgs.coreutils}/bin/sleep 1s; do
|
||||
${quick-mail-sync}/bin/quick-mail-sync
|
||||
${pkgs.inotify-tools}/bin/inotifywait -e move,create,delete -r ${maildir}/${name}/Inbox ${maildir}/${name}/Code
|
||||
done
|
||||
'');
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
accounts.email.accounts = pkgs.privateValue {} "mail/accounts";
|
||||
systemd.user.services = let
|
||||
hasImapHost = name: account: account.imap != null;
|
||||
mkWatchService = name: account: {
|
||||
name = "watch-${name}-maildir";
|
||||
value = {
|
||||
Unit.Description = "Watch maildir for changes for account ${name}";
|
||||
Service = {
|
||||
ExecStart = toString (pkgs.writeShellScript "watch-${name}-maildir" ''
|
||||
while ${pkgs.coreutils}/bin/sleep 1s; do
|
||||
${quick-mail-sync}/bin/quick-mail-sync
|
||||
${pkgs.inotify-tools}/bin/inotifywait -e move,create,delete -r ${maildir}/${name}/Inbox ${maildir}/${name}/Code
|
||||
done
|
||||
'');
|
||||
};
|
||||
Install.WantedBy = ["default.target"];
|
||||
};
|
||||
in
|
||||
lib.mapAttrs' mkWatchService (lib.filterAttrs hasImapHost config.accounts.email.accounts) //
|
||||
{
|
||||
};
|
||||
in
|
||||
lib.mapAttrs' mkWatchService (lib.filterAttrs hasImapHost config.accounts.email.accounts)
|
||||
// {
|
||||
mbsync.Service = {
|
||||
Environment = "PATH=${pkgs.coreutils}/bin";
|
||||
Restart = "on-failure";
|
||||
|
@ -63,142 +64,141 @@ in
|
|||
${pkgs.notmuch}/bin/notmuch tag -spam -- "(not folder:/Junk|Spam|SPAM/) tag:spam"
|
||||
'';
|
||||
new = {
|
||||
tags = [ ];
|
||||
ignore = [ ".isyncuidmap.db" ];
|
||||
tags = [];
|
||||
ignore = [".isyncuidmap.db"];
|
||||
};
|
||||
maildir.synchronizeFlags = true;
|
||||
};
|
||||
};
|
||||
|
||||
home = {
|
||||
packages = [ quick-mail-sync ];
|
||||
file =
|
||||
let
|
||||
mutt_alternates = "@maralorn.de " + (builtins.concatStringsSep " " alternates);
|
||||
show-sidebar = pkgs.writeText "show-sidebar" ''
|
||||
set sidebar_visible=yes
|
||||
bind index <up> sidebar-prev
|
||||
bind index <down> sidebar-next
|
||||
bind index <pageup> sidebar-page-up
|
||||
bind index <pagedown> sidebar-page-down
|
||||
bind index <space> sidebar-open
|
||||
bind index <return> sidebar-open
|
||||
bind index <enter> sidebar-open
|
||||
'';
|
||||
hide-sidebar = pkgs.writeText "hide-sidebar" ''
|
||||
set sidebar_visible=no
|
||||
bind index <up> previous-undeleted
|
||||
bind index <down> next-undeleted
|
||||
bind index <pageup> previous-page
|
||||
bind index <pagedown> next-page
|
||||
bind index <space> display-message
|
||||
bind index <return> display-message
|
||||
bind index <enter> display-message
|
||||
'';
|
||||
mailcap = pkgs.writeText "mailcap" ''
|
||||
text/html; ${pkgs.lynx}/bin/lynx -assume_charset=%{charset} -display_charset=utf-8 -collapse_br_tags -dump %s; nametemplate=%s.html; copiousoutput
|
||||
application/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
image/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
video/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
audio/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
'';
|
||||
in
|
||||
{
|
||||
".neomuttrc".text = ''
|
||||
set editor = "vim"
|
||||
alternative_order text/plain text/html
|
||||
auto_view text/*
|
||||
auto_view message/*
|
||||
unset wait_key
|
||||
color normal default default
|
||||
packages = [quick-mail-sync];
|
||||
file = let
|
||||
mutt_alternates = "@maralorn.de " + (builtins.concatStringsSep " " alternates);
|
||||
show-sidebar = pkgs.writeText "show-sidebar" ''
|
||||
set sidebar_visible=yes
|
||||
bind index <up> sidebar-prev
|
||||
bind index <down> sidebar-next
|
||||
bind index <pageup> sidebar-page-up
|
||||
bind index <pagedown> sidebar-page-down
|
||||
bind index <space> sidebar-open
|
||||
bind index <return> sidebar-open
|
||||
bind index <enter> sidebar-open
|
||||
'';
|
||||
hide-sidebar = pkgs.writeText "hide-sidebar" ''
|
||||
set sidebar_visible=no
|
||||
bind index <up> previous-undeleted
|
||||
bind index <down> next-undeleted
|
||||
bind index <pageup> previous-page
|
||||
bind index <pagedown> next-page
|
||||
bind index <space> display-message
|
||||
bind index <return> display-message
|
||||
bind index <enter> display-message
|
||||
'';
|
||||
mailcap = pkgs.writeText "mailcap" ''
|
||||
text/html; ${pkgs.lynx}/bin/lynx -assume_charset=%{charset} -display_charset=utf-8 -collapse_br_tags -dump %s; nametemplate=%s.html; copiousoutput
|
||||
application/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
image/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
video/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
audio/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
'';
|
||||
in {
|
||||
".neomuttrc".text = ''
|
||||
set editor = "vim"
|
||||
alternative_order text/plain text/html
|
||||
auto_view text/*
|
||||
auto_view message/*
|
||||
unset wait_key
|
||||
color normal default default
|
||||
|
||||
macro index,pager a ":set confirmappend=no\n<save-message>=hera/Archiv/unsortiert\n:set confirmappend=yes\n" "move message to archive"
|
||||
macro index,pager s ":set confirmappend=no\n<save-message>=hera/Junk\n:set confirmappend=yes\n" "move message to spam"
|
||||
macro index,pager t ":set confirmappend=no\n<save-message>=hera/Move/todo\n:set confirmappend=yes\n" "move message to todo list"
|
||||
macro index,pager l ":set confirmappend=no\n<save-message>=hera/Move/readlater\n:set confirmappend=yes\n" "move message to readlater list"
|
||||
macro attach 'V' "<pipe-entry>iconv -c --to-code=UTF8 > ~/.cache/mutt/mail.html<enter><shell-escape>firefox ~/.cache/mutt/mail.html<enter>"
|
||||
macro index,pager a ":set confirmappend=no\n<save-message>=hera/Archiv/unsortiert\n:set confirmappend=yes\n" "move message to archive"
|
||||
macro index,pager s ":set confirmappend=no\n<save-message>=hera/Junk\n:set confirmappend=yes\n" "move message to spam"
|
||||
macro index,pager t ":set confirmappend=no\n<save-message>=hera/Move/todo\n:set confirmappend=yes\n" "move message to todo list"
|
||||
macro index,pager l ":set confirmappend=no\n<save-message>=hera/Move/readlater\n:set confirmappend=yes\n" "move message to readlater list"
|
||||
macro attach 'V' "<pipe-entry>iconv -c --to-code=UTF8 > ~/.cache/mutt/mail.html<enter><shell-escape>firefox ~/.cache/mutt/mail.html<enter>"
|
||||
|
||||
macro index,pager <F6> "<shell-escape>${pkgs.zsh}/bin/zsh -c '${pkgs.sieve-connect}/bin/sieve-connect -s ${config.accounts.email.accounts.hera.imap.host or ""} -u ${config.accounts.email.accounts.hera.userName or ""} --passwordfd 3 --edit --remotesieve filter 3<<(pass eu/m-0/hera/mail.hera.m-0.eu/maralorn)'\n"
|
||||
macro index,pager A "<pipe-message>${pkgs.khard}/bin/khard add-email<return>" "add sender to to khard"
|
||||
macro index,pager <F6> "<shell-escape>${pkgs.zsh}/bin/zsh -c '${pkgs.sieve-connect}/bin/sieve-connect -s ${config.accounts.email.accounts.hera.imap.host or ""} -u ${config.accounts.email.accounts.hera.userName or ""} --passwordfd 3 --edit --remotesieve filter 3<<(pass eu/m-0/hera/mail.hera.m-0.eu/maralorn)'\n"
|
||||
macro index,pager A "<pipe-message>${pkgs.khard}/bin/khard add-email<return>" "add sender to to khard"
|
||||
|
||||
set query_format="%4c %t %-70.70a %-70.70n %?e?(%e)?"
|
||||
set query_command = "${pkgs.notmuch}/bin/notmuch address --output=recipients --deduplicate=address '%s' | grep -i '%s'"
|
||||
bind editor <Tab> complete-query
|
||||
bind editor ^T complete
|
||||
set query_format="%4c %t %-70.70a %-70.70n %?e?(%e)?"
|
||||
set query_command = "${pkgs.notmuch}/bin/notmuch address --output=recipients --deduplicate=address '%s' | grep -i '%s'"
|
||||
bind editor <Tab> complete-query
|
||||
bind editor ^T complete
|
||||
|
||||
set delete = yes
|
||||
set crypt_use_gpgme = yes
|
||||
set crypt_replysignencrypted = yes
|
||||
set crypt_verify_sig = yes
|
||||
set pgp_use_gpg_agent = yes
|
||||
set pgp_auto_decode = yes
|
||||
set pgp_autosign = no
|
||||
set pgp_replysign = yes
|
||||
set pgp_replyencrypt = yes
|
||||
set pgp_sign_as="${gpg}"
|
||||
set pgp_default_key="${gpg}"
|
||||
set timeout = 5
|
||||
set ts_enabled = yes
|
||||
set delete = yes
|
||||
set crypt_use_gpgme = yes
|
||||
set crypt_replysignencrypted = yes
|
||||
set crypt_verify_sig = yes
|
||||
set pgp_use_gpg_agent = yes
|
||||
set pgp_auto_decode = yes
|
||||
set pgp_autosign = no
|
||||
set pgp_replysign = yes
|
||||
set pgp_replyencrypt = yes
|
||||
set pgp_sign_as="${gpg}"
|
||||
set pgp_default_key="${gpg}"
|
||||
set timeout = 5
|
||||
set ts_enabled = yes
|
||||
|
||||
set abort_noattach = ask-no
|
||||
set abort_noattach_regex = "(hängt an|anhäng|anhang|anbei|angehängt|attach|attached|attachments?)"
|
||||
set abort_unmodified = ask-yes
|
||||
set abort_noattach = ask-no
|
||||
set abort_noattach_regex = "(hängt an|anhäng|anhang|anbei|angehängt|attach|attached|attachments?)"
|
||||
set abort_unmodified = ask-yes
|
||||
|
||||
alternates ${mutt_alternates}
|
||||
set folder="${maildir}"
|
||||
mailboxes `find -L ${maildir} -type d -name Inbox -printf '"%h" '` `find -L ${maildir} -type d -name cur -printf '"%h" '`
|
||||
set sendmail="${pkgs.msmtp}/bin/msmtp --read-envelope-from"
|
||||
set sort=threads
|
||||
set sort_aux=last-date-received
|
||||
set realname="${name}"
|
||||
set from=fill-later
|
||||
set use_from=yes
|
||||
set fast_reply=yes
|
||||
set mailcap_path=${mailcap};
|
||||
set include=yes
|
||||
set edit_headers=yes
|
||||
set mbox_type=Maildir
|
||||
set spoolfile="${maildir}/hera/Archiv"
|
||||
set record="${maildir}/hera/Archiv/unsortiert"
|
||||
set postponed="${maildir}/hera/Drafts"
|
||||
set mail_check_stats=yes
|
||||
bind index / vfolder-from-query
|
||||
set header_cache = "~/.cache/neomutt"
|
||||
set date_format="!%y-%m-%d %H:%M"
|
||||
set mime_forward=yes
|
||||
set mime_forward_rest=yes
|
||||
alternates ${mutt_alternates}
|
||||
set folder="${maildir}"
|
||||
mailboxes `find -L ${maildir} -type d -name Inbox -printf '"%h" '` `find -L ${maildir} -type d -name cur -printf '"%h" '`
|
||||
set sendmail="${pkgs.msmtp}/bin/msmtp --read-envelope-from"
|
||||
set sort=threads
|
||||
set sort_aux=last-date-received
|
||||
set realname="${name}"
|
||||
set from=fill-later
|
||||
set use_from=yes
|
||||
set fast_reply=yes
|
||||
set mailcap_path=${mailcap};
|
||||
set include=yes
|
||||
set edit_headers=yes
|
||||
set mbox_type=Maildir
|
||||
set spoolfile="${maildir}/hera/Archiv"
|
||||
set record="${maildir}/hera/Archiv/unsortiert"
|
||||
set postponed="${maildir}/hera/Drafts"
|
||||
set mail_check_stats=yes
|
||||
bind index / vfolder-from-query
|
||||
set header_cache = "~/.cache/neomutt"
|
||||
set date_format="!%y-%m-%d %H:%M"
|
||||
set mime_forward=yes
|
||||
set mime_forward_rest=yes
|
||||
|
||||
macro index <F5> "!${quick-mail-sync}/bin/quick-mail-sync > /dev/null<enter>"
|
||||
macro index <F5> "!${quick-mail-sync}/bin/quick-mail-sync > /dev/null<enter>"
|
||||
|
||||
source "${hide-sidebar}"
|
||||
macro index <right> "<enter-command>source ${hide-sidebar}<enter>"
|
||||
macro index <left> "<enter-command>source ${show-sidebar}<enter>"
|
||||
set sidebar_folder_indent=no
|
||||
set sidebar_short_path=no
|
||||
set sidebar_component_depth=2
|
||||
set sidebar_width=60
|
||||
set sidebar_sort_method="alpha"
|
||||
set sidebar_indent_string=" "
|
||||
color sidebar_indicator black white
|
||||
color sidebar_highlight white blue
|
||||
set sidebar_format = "%B%* %?N?%N/?%S"
|
||||
source "${hide-sidebar}"
|
||||
macro index <right> "<enter-command>source ${hide-sidebar}<enter>"
|
||||
macro index <left> "<enter-command>source ${show-sidebar}<enter>"
|
||||
set sidebar_folder_indent=no
|
||||
set sidebar_short_path=no
|
||||
set sidebar_component_depth=2
|
||||
set sidebar_width=60
|
||||
set sidebar_sort_method="alpha"
|
||||
set sidebar_indent_string=" "
|
||||
color sidebar_indicator black white
|
||||
color sidebar_highlight white blue
|
||||
set sidebar_format = "%B%* %?N?%N/?%S"
|
||||
|
||||
set date_format="%F %R"
|
||||
set index_format="%Z %D %-15.15L %s"
|
||||
set date_format="%F %R"
|
||||
set index_format="%Z %D %-15.15L %s"
|
||||
|
||||
ignore *
|
||||
unignore from date cc bcc to subject list-unsubscribe
|
||||
ignore *
|
||||
unignore from date cc bcc to subject list-unsubscribe
|
||||
|
||||
alias f__0 ${name} <${mail}>
|
||||
${builtins.concatStringsSep "\n"
|
||||
alias f__0 ${name} <${mail}>
|
||||
${
|
||||
builtins.concatStringsSep "\n"
|
||||
(
|
||||
lib.imap1 (n: x: "alias f__${toString n} ${name} <${x}>")
|
||||
alternates
|
||||
)}
|
||||
send2-hook '~f fill-later' "push <edit-from><kill-line>f__<complete><search>${mail}<enter>"
|
||||
set query_command = "${pkgs.khard}/bin/khard email --parsable %s"
|
||||
'';
|
||||
};
|
||||
alternates
|
||||
)
|
||||
}
|
||||
send2-hook '~f fill-later' "push <edit-from><kill-line>f__<complete><search>${mail}<enter>"
|
||||
set query_command = "${pkgs.khard}/bin/khard email --parsable %s"
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,15 +1,19 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
let
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
mail2rss = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "mail2rss";
|
||||
bins = [ pkgs.notmuch pkgs.mblaze pkgs.isync pkgs.logfeed ];
|
||||
imports = [ "System.Environment (setEnv)" ];
|
||||
} ''
|
||||
{
|
||||
name = "mail2rss";
|
||||
bins = [pkgs.notmuch pkgs.mblaze pkgs.isync pkgs.logfeed];
|
||||
imports = ["System.Environment (setEnv)"];
|
||||
} ''
|
||||
main = do
|
||||
setEnv "NOTMUCH_CONFIG" "${
|
||||
config.home.sessionVariables.NOTMUCH_CONFIG or ""
|
||||
}"
|
||||
config.home.sessionVariables.NOTMUCH_CONFIG or ""
|
||||
}"
|
||||
mbsync "-a"
|
||||
notmuch "new" "--quiet"
|
||||
mail2rss "${config.accounts.email.maildirBasePath}" "hera/Move/readlater" &> Truncate "/var/www/rss/mails2.xml"
|
||||
|
@ -18,12 +22,11 @@ let
|
|||
mbsync "-a"
|
||||
notmuch "new" "--quiet"
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
systemd.user = {
|
||||
timers.mail2rss = {
|
||||
Timer.OnCalendar = "19:58";
|
||||
Install.WantedBy = [ "timers.target" ];
|
||||
Install.WantedBy = ["timers.target"];
|
||||
};
|
||||
services = {
|
||||
mail2rss = {
|
||||
|
|
|
@ -1,13 +1,16 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
inherit (config.m-0) hostName;
|
||||
modes = pkgs.lib.attrNames (import ../machines.nix).${hostName};
|
||||
modeFile = "${config.home.homeDirectory}/.mode";
|
||||
modeDir = "${config.home.homeDirectory}/.volatile/modes";
|
||||
configPath = "${config.home.homeDirectory}/git/config";
|
||||
configGit = "${pkgs.git}/bin/git -C ${configPath}";
|
||||
in
|
||||
{
|
||||
in {
|
||||
home.packages = builtins.attrValues rec {
|
||||
maintenance = pkgs.writeShellScriptBin "maintenance" ''
|
||||
set -e
|
||||
|
@ -16,7 +19,7 @@ in
|
|||
${updateModes}/bin/update-modes
|
||||
/run/wrappers/bin/sudo -A /run/current-system/sw/bin/update-system
|
||||
'';
|
||||
activateMode = pkgs.writeHaskellScript { name = "activate-mode"; } ''
|
||||
activateMode = pkgs.writeHaskellScript {name = "activate-mode";} ''
|
||||
getMode :: IO Text
|
||||
getMode = decodeUtf8 <$> (cat "${modeFile}" |> captureTrim)
|
||||
|
||||
|
@ -29,10 +32,10 @@ in
|
|||
whenM (elem wallpaperCmd <$> pathBins) $ exe wallpaperCmd
|
||||
'';
|
||||
updateModes = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "update-modes";
|
||||
bins = [ activateMode pkgs.git pkgs.nix-output-monitor ];
|
||||
} ''
|
||||
{
|
||||
name = "update-modes";
|
||||
bins = [activateMode pkgs.git pkgs.nix-output-monitor];
|
||||
} ''
|
||||
params = ["${configPath}/home-manager/target.nix", "-A", "${hostName}", "-o", "${modeDir}"]
|
||||
|
||||
main = do
|
||||
|
@ -45,10 +48,10 @@ in
|
|||
activate_mode
|
||||
'';
|
||||
quickUpdateMode = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "quick-update-mode";
|
||||
bins = [ updateModes pkgs.git pkgs.home-manager pkgs.nix-output-monitor ];
|
||||
} ''
|
||||
{
|
||||
name = "quick-update-mode";
|
||||
bins = [updateModes pkgs.git pkgs.home-manager pkgs.nix-output-monitor];
|
||||
} ''
|
||||
getMode :: IO Text
|
||||
getMode = decodeUtf8 <$> (cat "${modeFile}" |> captureTrim)
|
||||
|
||||
|
@ -60,19 +63,19 @@ in
|
|||
update_modes
|
||||
'';
|
||||
selectMode = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "select-mode";
|
||||
bins = [
|
||||
pkgs.dialog
|
||||
activateMode
|
||||
pkgs.ncurses
|
||||
pkgs.psmisc
|
||||
];
|
||||
} ''
|
||||
{
|
||||
name = "select-mode";
|
||||
bins = [
|
||||
pkgs.dialog
|
||||
activateMode
|
||||
pkgs.ncurses
|
||||
pkgs.psmisc
|
||||
];
|
||||
} ''
|
||||
main = do
|
||||
mode <- decodeUtf8 <$> (dialog "--menu" "Select Mode" "20" "80" "5" ${
|
||||
lib.concatStrings (map (mode: ''"${mode}" "" '') modes)
|
||||
} |!> captureTrim)
|
||||
lib.concatStrings (map (mode: ''"${mode}" "" '') modes)
|
||||
} |!> captureTrim)
|
||||
clear
|
||||
writeFile "${modeFile}" mode
|
||||
activate_mode
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
{ config, ... }:
|
||||
{
|
||||
{config, ...}: {
|
||||
xdg.configFile."monitors.xml".source = ./. + "/${config.m-0.hostName}-monitors.xml";
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{ pkgs, ... }: {
|
||||
home.packages = [ pkgs.ncmpcpp ];
|
||||
{pkgs, ...}: {
|
||||
home.packages = [pkgs.ncmpcpp];
|
||||
home.file.".ncmpcpp/config".text = ''
|
||||
ask_before_clearing_playlists=no
|
||||
mouse_support = yes
|
||||
|
|
|
@ -1,4 +1,9 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
services = {
|
||||
mpd = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
{ pkgs, ... }:
|
||||
let script = pkgs.runCommand "autosave.lua" { passthru.scriptName = "autosave.lua"; } ''
|
||||
mkdir -p $out/share/mpv/scripts/
|
||||
ln -s ${./autosave.lua} $out/share/mpv/scripts/autosave.lua
|
||||
'';
|
||||
in
|
||||
{
|
||||
{pkgs, ...}: let
|
||||
script = pkgs.runCommand "autosave.lua" {passthru.scriptName = "autosave.lua";} ''
|
||||
mkdir -p $out/share/mpv/scripts/
|
||||
ln -s ${./autosave.lua} $out/share/mpv/scripts/autosave.lua
|
||||
'';
|
||||
in {
|
||||
programs.mpv = {
|
||||
enable = true;
|
||||
config = {
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
list = builtins.attrValues;
|
||||
cocSettings = {
|
||||
"diagnostic.maxWindowHeight" = 60;
|
||||
|
@ -9,68 +12,70 @@ let
|
|||
languageserver = {
|
||||
nix = {
|
||||
command = "rnix-lsp";
|
||||
filetypes = [ "nix" ];
|
||||
filetypes = ["nix"];
|
||||
};
|
||||
haskell = {
|
||||
command = "haskell-language-server";
|
||||
args = [ "--lsp" "-d" "-l" "/tmp/LanguageServer.log" ];
|
||||
rootPatterns = [ ".hie-bios" "cabal.project" ];
|
||||
filetypes = [ "hs" "lhs" "haskell" ];
|
||||
args = ["--lsp" "-d" "-l" "/tmp/LanguageServer.log"];
|
||||
rootPatterns = [".hie-bios" "cabal.project"];
|
||||
filetypes = ["hs" "lhs" "haskell"];
|
||||
settings.languageServerHaskell.formattingProvider = "fourmolu";
|
||||
};
|
||||
};
|
||||
explorer.icon.enableNerdfont = true;
|
||||
explorer.file.child.template =
|
||||
"[git | 2] [selection | clip | 1] [indent][icon | 1] [diagnosticError & 1][diagnosticWarning & 1][filename omitCenter 1][modified][readonly] [linkIcon & 1][link growRight 1 omitCenter 5][size]";
|
||||
explorer.file.child.template = "[git | 2] [selection | clip | 1] [indent][icon | 1] [diagnosticError & 1][diagnosticWarning & 1][filename omitCenter 1][modified][readonly] [linkIcon & 1][link growRight 1 omitCenter 5][size]";
|
||||
};
|
||||
in
|
||||
{
|
||||
imports = [ ./spelling.nix ];
|
||||
in {
|
||||
imports = [./spelling.nix];
|
||||
programs.neovim = {
|
||||
enable = true;
|
||||
vimAlias = true;
|
||||
vimdiffAlias = true;
|
||||
extraConfig = builtins.readFile ./vimrc;
|
||||
plugins = list {
|
||||
inherit (pkgs.vimPlugins)
|
||||
inherit
|
||||
(pkgs.vimPlugins)
|
||||
# coc-tabnine (TODO: Why doesn‘t it work?)
|
||||
# TODO: tabnine config in home-manager
|
||||
# TODO: tabnine lsp: nix, rust, pandoc/latex lsp? was noch?
|
||||
|
||||
# ===
|
||||
# Basic IDE plugins
|
||||
coc-nvim airline
|
||||
coc-nvim
|
||||
airline
|
||||
# same word highlighting when not supported by language
|
||||
coc-highlight coc-explorer
|
||||
coc-highlight
|
||||
coc-explorer
|
||||
# searches
|
||||
coc-fzf fzf-vim
|
||||
|
||||
coc-fzf
|
||||
fzf-vim
|
||||
# general whitespace
|
||||
vim-trailing-whitespace vim-autoformat
|
||||
|
||||
vim-trailing-whitespace
|
||||
vim-autoformat
|
||||
# Git
|
||||
coc-git# statusline, numberline and explorer infos
|
||||
fugitive# various git commands
|
||||
|
||||
coc-git
|
||||
# statusline, numberline and explorer infos
|
||||
fugitive
|
||||
# various git commands
|
||||
# Commenting and Uncommenting
|
||||
nerdcommenter
|
||||
|
||||
# Theme
|
||||
papercolor-theme vim-airline-themes
|
||||
papercolor-theme
|
||||
vim-airline-themes
|
||||
LanguageTool-nvim
|
||||
|
||||
vim-css-color
|
||||
|
||||
vista-vim
|
||||
|
||||
# ===
|
||||
# Languages
|
||||
# haskell syntax highlighting
|
||||
haskell-vim vim-hoogle
|
||||
haskell-vim
|
||||
vim-hoogle
|
||||
# nix syntax highlighting
|
||||
vim-nix vim-markdown
|
||||
vim-nix
|
||||
vim-markdown
|
||||
# latex
|
||||
vimtex coc-vimtex# not sure if I need two
|
||||
vimtex
|
||||
coc-vimtex
|
||||
# not sure if I need two
|
||||
# ledger
|
||||
vim-ledger
|
||||
# rust
|
||||
|
@ -92,7 +97,7 @@ in
|
|||
};
|
||||
xdg.configFile."nvim/coc-settings.json".text = builtins.toJSON cocSettings;
|
||||
home = {
|
||||
packages = [ pkgs.languagetool ];
|
||||
packages = [pkgs.languagetool];
|
||||
sessionVariables = {
|
||||
EDITOR = "nvim";
|
||||
VISUAL = "nvim";
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ config, ... }:
|
||||
let
|
||||
{config, ...}: let
|
||||
nvim-spell-de-utf8-dictionary = builtins.fetchurl {
|
||||
url = "http://ftp.vim.org/vim/runtime/spell/de.utf-8.spl";
|
||||
sha256 = "1ld3hgv1kpdrl4fjc1wwxgk4v74k8lmbkpi1x7dnr19rldz11ivk";
|
||||
|
@ -19,8 +18,7 @@ let
|
|||
url = "http://ftp.vim.org/vim/runtime/spell/de.latin1.sug";
|
||||
sha256 = "0mz07d0a68fhxl9vmy1548vnbayvwv1pc24zhva9klgi84gssgwm";
|
||||
};
|
||||
in
|
||||
{
|
||||
in {
|
||||
home.file."${config.xdg.configHome}/nvim/spell/de.utf-8.spl".source = nvim-spell-de-utf8-dictionary;
|
||||
home.file."${config.xdg.configHome}/nvim/spell/de.utf-8.sug".source = nvim-spell-de-utf8-suggestions;
|
||||
home.file."${config.xdg.configHome}/nvim/spell/de.latin1.spl".source = nvim-spell-de-latin1-dictionary;
|
||||
|
|
|
@ -1,17 +1,16 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
{pkgs, ...}: let
|
||||
night-shutdown = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "night-shutdown";
|
||||
imports = [
|
||||
"Data.Time.LocalTime"
|
||||
"Data.Time.Format"
|
||||
"Data.Time.Clock"
|
||||
"Control.Concurrent"
|
||||
"Data.Functor"
|
||||
];
|
||||
bins = [ pkgs.libnotify pkgs.systemd ];
|
||||
} ''
|
||||
{
|
||||
name = "night-shutdown";
|
||||
imports = [
|
||||
"Data.Time.LocalTime"
|
||||
"Data.Time.Format"
|
||||
"Data.Time.Clock"
|
||||
"Control.Concurrent"
|
||||
"Data.Functor"
|
||||
];
|
||||
bins = [pkgs.libnotify pkgs.systemd];
|
||||
} ''
|
||||
interval = 5
|
||||
|
||||
main = forever $ do
|
||||
|
@ -28,11 +27,10 @@ let
|
|||
action
|
||||
threadDelay $ (interval - (minute `mod` interval)) * 60 * 1000000
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
systemd.user.services.night-shutdown = {
|
||||
Unit.Description = "Night Shutdown";
|
||||
Service.ExecStart = "${night-shutdown}/bin/night-shutdown";
|
||||
Install.WantedBy = [ "graphical-session.target" ];
|
||||
Install.WantedBy = ["graphical-session.target"];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,9 +1,12 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
dag = config.lib.dag;
|
||||
in
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
dag = config.lib.dag;
|
||||
in {
|
||||
home.activation.report-changes = dag.entryAnywhere ''
|
||||
if [[ -n "$oldGenPath" && "$oldGenPath" != "$newGenPath" ]]; then
|
||||
${pkgs.nvd}/bin/nvd diff $oldGenPath $newGenPath
|
||||
|
|
|
@ -1,4 +1,9 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
home = {
|
||||
username = "maralorn";
|
||||
homeDirectory = "/home/maralorn";
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
pythia-path = "${config.home.homeDirectory}/documents/pythia";
|
||||
pythia = pkgs.writeShellScriptBin "pythia" ''
|
||||
today=$(date +%Y-%m-%d)
|
||||
|
@ -101,5 +104,4 @@ let
|
|||
${hold}
|
||||
exit
|
||||
'';
|
||||
in
|
||||
{ home.packages = [ pythia meditate ]; }
|
||||
in {home.packages = [pythia meditate];}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ pkgs, ... }: {
|
||||
home.packages = [ pkgs.zotero ];
|
||||
{pkgs, ...}: {
|
||||
home.packages = [pkgs.zotero];
|
||||
programs.texlive = {
|
||||
enable = true;
|
||||
extraPackages = p: { inherit (p) scheme-full; };
|
||||
extraPackages = p: {inherit (p) scheme-full;};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
defaultMode: { lib, config, ... }:
|
||||
let
|
||||
defaultMode: {
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
# Persistent means that files get snapshoted and kept for a month
|
||||
# Volatile means that files just lay on the disk
|
||||
# Backups are organized independently on this system
|
||||
|
@ -34,27 +37,26 @@ let
|
|||
"git"
|
||||
"media"
|
||||
];
|
||||
persistentStateFiles = [ ".chpwd-recent-dirs" ".zsh_history" ];
|
||||
volatileStateFiles = [ ];
|
||||
volatileStateDirs = [ ".steam" ".local/share/Steam" ];
|
||||
persistentStateFiles = [".chpwd-recent-dirs" ".zsh_history"];
|
||||
volatileStateFiles = [];
|
||||
volatileStateDirs = [".steam" ".local/share/Steam"];
|
||||
mkLine = type: to: from: "${type} ${to} - - - - ${from}";
|
||||
mkEntry = type: persistence: name:
|
||||
let
|
||||
target = "/disk/${persistence}/maralorn/${name}";
|
||||
in
|
||||
[ (mkLine "L+" "${home}/${name}" target) (mkLine type target "") ];
|
||||
in
|
||||
{
|
||||
systemd.user.tmpfiles.rules = lib.concatLists
|
||||
mkEntry = type: persistence: name: let
|
||||
target = "/disk/${persistence}/maralorn/${name}";
|
||||
in [(mkLine "L+" "${home}/${name}" target) (mkLine type target "")];
|
||||
in {
|
||||
systemd.user.tmpfiles.rules =
|
||||
lib.concatLists
|
||||
(
|
||||
map (mkEntry "f" "volatile") volatileStateFiles ++ map (mkEntry "d" "volatile") volatileStateDirs ++ map (mkEntry "f" "persist") persistentStateFiles ++ map (mkEntry "d" "persist") persistentStateDirs
|
||||
) ++ [
|
||||
(mkLine "L+" "${home}/.password-store" "git/password-store")
|
||||
(mkLine "L+" "${home}/.volatile" "/disk/volatile/maralorn")
|
||||
(mkLine "L+" "${home}/.config/nixpkgs/home.nix" "${home}/git/config/home.nix")
|
||||
(mkLine "L+" "${home}/.persist" "/disk/persist/maralorn")
|
||||
(mkLine "f" "${home}/.mode" defaultMode)
|
||||
(mkLine "f" "${home}/.config/lazygit/state.yml" "startuppopupversion: 5")
|
||||
(mkLine "d" "${home}/.cache/mutt" "")
|
||||
];
|
||||
)
|
||||
++ [
|
||||
(mkLine "L+" "${home}/.password-store" "git/password-store")
|
||||
(mkLine "L+" "${home}/.volatile" "/disk/volatile/maralorn")
|
||||
(mkLine "L+" "${home}/.config/nixpkgs/home.nix" "${home}/git/config/home.nix")
|
||||
(mkLine "L+" "${home}/.persist" "/disk/persist/maralorn")
|
||||
(mkLine "f" "${home}/.mode" defaultMode)
|
||||
(mkLine "f" "${home}/.config/lazygit/state.yml" "startuppopupversion: 5")
|
||||
(mkLine "d" "${home}/.cache/mutt" "")
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,12 +1,11 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
{pkgs, ...}: {
|
||||
systemd.user = {
|
||||
services.prometheus-systemd-exporter = {
|
||||
Unit.Description = "Prometheus systemd exporter";
|
||||
Service = {
|
||||
ExecStart = "${pkgs.prometheus-systemd-exporter}/bin/systemd_exporter --collector.user";
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
Install.WantedBy = ["default.target"];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +1,10 @@
|
|||
{ lib, pkgs, config, ... }: {
|
||||
home.packages = [ pkgs.taskwarrior-git ];
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
home.packages = [pkgs.taskwarrior-git];
|
||||
home.file = {
|
||||
"add-git" = {
|
||||
target = ".task/hooks/on-add.git";
|
||||
|
|
|
@ -1,5 +1,10 @@
|
|||
{ lib, pkgs, config, ... }: {
|
||||
home.packages = [ pkgs.taskwarrior-git ];
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
home.packages = [pkgs.taskwarrior-git];
|
||||
services.taskwarrior-sync = {
|
||||
enable = true;
|
||||
frequency = "*:0/1";
|
||||
|
@ -16,7 +21,7 @@
|
|||
''
|
||||
);
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
Install.WantedBy = ["default.target"];
|
||||
};
|
||||
home.file = {
|
||||
"add-kassandra-notification" = {
|
||||
|
@ -38,11 +43,12 @@
|
|||
"modify-done-habitica-points" = {
|
||||
target = ".task/hooks/on-modify.habitica-points";
|
||||
executable = true;
|
||||
source = "${pkgs.writeHaskellScript
|
||||
source = "${
|
||||
pkgs.writeHaskellScript
|
||||
{
|
||||
name = "habitica-points";
|
||||
bins = [ pkgs.curl pkgs.jq pkgs.libnotify ];
|
||||
imports = [ "Data.Aeson" ];
|
||||
bins = [pkgs.curl pkgs.jq pkgs.libnotify];
|
||||
imports = ["Data.Aeson"];
|
||||
} ''
|
||||
|
||||
data Task = Task { status :: Text } deriving (Generic, FromJSON)
|
||||
|
@ -56,7 +62,8 @@
|
|||
result :: String <- curl "-XPOST" "-H" "x-api-user: dbd97aba-8b6b-4649-9dd4-dad284333925" "-H" "x-api-key: ${pkgs.privateValue "" "habitica-token"}" "https://habitica.com/api/v3/tasks/6e95cccd-06e1-466c-b871-643dff31423c/score/up" |> jq "-c" ".data._tmp" |> captureTrim <&> decodeUtf8
|
||||
notify_send "Task Completed!" result
|
||||
putTextLn newTask
|
||||
''}/bin/habitica-points";
|
||||
''
|
||||
}/bin/habitica-points";
|
||||
};
|
||||
};
|
||||
programs.taskwarrior = {
|
||||
|
@ -92,4 +99,3 @@
|
|||
'';
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,12 +1,10 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
{pkgs, ...}: let
|
||||
my-lib = import ../../lib;
|
||||
theme = my-lib.themes.default;
|
||||
in
|
||||
{
|
||||
in {
|
||||
home.sessionVariables.TERMINAL = "${pkgs.foot}/bin/foot";
|
||||
home.packages = [
|
||||
(pkgs.runCommandLocal "fake-gnome-terminal" { } ''
|
||||
(pkgs.runCommandLocal "fake-gnome-terminal" {} ''
|
||||
mkdir -p $out/bin
|
||||
ln -s ${pkgs.foot}/bin/foot $out/bin/gnome-terminal
|
||||
'')
|
||||
|
|
|
@ -1,9 +1,16 @@
|
|||
{ pkgs, ... }: {
|
||||
{pkgs, ...}: {
|
||||
home.packages = builtins.attrValues {
|
||||
inherit (pkgs.xorg) xev;
|
||||
inherit (pkgs)
|
||||
meld icedtea8_web octave filezilla nix-review gparted
|
||||
grafana-devel;
|
||||
inherit
|
||||
(pkgs)
|
||||
meld
|
||||
icedtea8_web
|
||||
octave
|
||||
filezilla
|
||||
nix-review
|
||||
gparted
|
||||
grafana-devel
|
||||
;
|
||||
};
|
||||
home.file = {
|
||||
".config/VSCodium/User/tasks.json".text = builtins.toJSON {
|
||||
|
@ -13,7 +20,7 @@
|
|||
"tasks" = [
|
||||
{
|
||||
"label" = "lazygit";
|
||||
"problemMatcher" = [ ];
|
||||
"problemMatcher" = [];
|
||||
"type" = "shell";
|
||||
"command" = "lazygit";
|
||||
}
|
||||
|
@ -62,7 +69,7 @@
|
|||
"extensions.autoUpdate" = false;
|
||||
"extensions.autoCheckUpdates" = false;
|
||||
"local-history.path" = "~/.volatile/vscode-local-history/";
|
||||
"projectManager.git.baseFolders" = [ "~/git/" ];
|
||||
"projectManager.git.baseFolders" = ["~/git/"];
|
||||
"ltex.enabled" = false;
|
||||
"memo.links.rules" = [
|
||||
{
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ ... }:
|
||||
{
|
||||
{...}: {
|
||||
dconf.settings = {
|
||||
"org/gnome/desktop/screensaver" = {
|
||||
lock-enabled = false;
|
||||
|
|
|
@ -1,8 +1,12 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
makeUnlocker = { name, hostName, pubKey, passPath }:
|
||||
let knownHosts = pkgs.writeText "KnownBootHosts" "${hostName} ${pubKey}";
|
||||
in
|
||||
{pkgs, ...}: let
|
||||
makeUnlocker = {
|
||||
name,
|
||||
hostName,
|
||||
pubKey,
|
||||
passPath,
|
||||
}: let
|
||||
knownHosts = pkgs.writeText "KnownBootHosts" "${hostName} ${pubKey}";
|
||||
in
|
||||
pkgs.writeShellScriptBin "unlock-${name}" ''
|
||||
echo "Waiting for host to come up";
|
||||
while true; do
|
||||
|
@ -14,12 +18,12 @@ let
|
|||
echo "Ping successful; Entering disk encryption password"
|
||||
${pkgs.pass}/bin/pass ${passPath} | ssh -4 root@${hostName} -o UserKnownHostsFile=${knownHosts} cryptsetup-askpass && echo "Unlocking of ${name} successful" || echo "Unlocking of ${name} failed"
|
||||
'';
|
||||
unlocker = [{
|
||||
name = "hera";
|
||||
hostName = "hera-v4";
|
||||
pubKey =
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCHkqWlFLtmIlTSKahr2PcL++K75YgfsSU6jwVYW5df3JCkowu/M16SIBxABxYSQrKej5uIz/OFCjqSxHJQ8D5wSYBvn2gYr/BbBcz4rfIJmZ55Od2jckaqlj/M8TtkuPPhsQG7S730vXxK5hbMT8iW5WWv8sIKY/WtaRbZOFMX/53WCLEHtnMu5zFJFWf92+mjIHSLyW8ggl1m525RUiaAfCge2vnuzIFq4kUqJxaWzxIvEWIncKWN10K/HMvdI+yOtbSen41uKedwSFhUFs3xHy1mJddYOrlcJQPt5zuuffZ/nTDVXMZoh5QNwg8ZlkkueVChaS1Y5STjb7cem1Mt";
|
||||
passPath = "eu/m-0/hera.m-0.eu/disk";
|
||||
}];
|
||||
in
|
||||
{ config = { home.packages = map makeUnlocker unlocker; }; }
|
||||
unlocker = [
|
||||
{
|
||||
name = "hera";
|
||||
hostName = "hera-v4";
|
||||
pubKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCHkqWlFLtmIlTSKahr2PcL++K75YgfsSU6jwVYW5df3JCkowu/M16SIBxABxYSQrKej5uIz/OFCjqSxHJQ8D5wSYBvn2gYr/BbBcz4rfIJmZ55Od2jckaqlj/M8TtkuPPhsQG7S730vXxK5hbMT8iW5WWv8sIKY/WtaRbZOFMX/53WCLEHtnMu5zFJFWf92+mjIHSLyW8ggl1m525RUiaAfCge2vnuzIFq4kUqJxaWzxIvEWIncKWN10K/HMvdI+yOtbSen41uKedwSFhUFs3xHy1mJddYOrlcJQPt5zuuffZ/nTDVXMZoh5QNwg8ZlkkueVChaS1Y5STjb7cem1Mt";
|
||||
passPath = "eu/m-0/hera.m-0.eu/disk";
|
||||
}
|
||||
];
|
||||
in {config = {home.packages = map makeUnlocker unlocker;};}
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ ... }:
|
||||
{
|
||||
{...}: {
|
||||
dconf.settings = {
|
||||
"org/gnome/desktop/screensaver" = {
|
||||
lock-enabled = true;
|
||||
|
|
|
@ -1,82 +1,99 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let
|
||||
addressbooks = pkgs.privateValue [ ] "addressbooks";
|
||||
calendars = pkgs.privateValue [ ] "calendars";
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
addressbooks = pkgs.privateValue [] "addressbooks";
|
||||
calendars = pkgs.privateValue [] "calendars";
|
||||
mkConfig = config:
|
||||
(pkgs.formats.ini { }).generate "vdirsyncer-config" (
|
||||
(pkgs.formats.ini {}).generate "vdirsyncer-config" (
|
||||
lib.mapAttrs
|
||||
(
|
||||
name: section:
|
||||
(lib.mapAttrs (name: option: builtins.toJSON option) section)
|
||||
)
|
||||
config
|
||||
(
|
||||
name: section: (lib.mapAttrs (name: option: builtins.toJSON option) section)
|
||||
)
|
||||
config
|
||||
);
|
||||
mkCalendar = { name, url, username, passwordPath, collections ? [ "from a" "from b" ], readOnly ? false, type ? "caldav" }:
|
||||
let
|
||||
pairName = "${name}_calendar";
|
||||
remoteName = "${pairName}_remote";
|
||||
localName = "${pairName}_local";
|
||||
in
|
||||
{
|
||||
"pair ${pairName}" = {
|
||||
a = localName;
|
||||
b = remoteName;
|
||||
inherit collections;
|
||||
conflict_resolution = "b wins";
|
||||
metadata = [ "color" ];
|
||||
};
|
||||
"storage ${localName}" = {
|
||||
type = "filesystem";
|
||||
path = "~/.calendars/${name}/";
|
||||
fileext = ".ics";
|
||||
};
|
||||
"storage ${remoteName}" = {
|
||||
mkCalendar = {
|
||||
name,
|
||||
url,
|
||||
username,
|
||||
passwordPath,
|
||||
collections ? ["from a" "from b"],
|
||||
readOnly ? false,
|
||||
type ? "caldav",
|
||||
}: let
|
||||
pairName = "${name}_calendar";
|
||||
remoteName = "${pairName}_remote";
|
||||
localName = "${pairName}_local";
|
||||
in {
|
||||
"pair ${pairName}" = {
|
||||
a = localName;
|
||||
b = remoteName;
|
||||
inherit collections;
|
||||
conflict_resolution = "b wins";
|
||||
metadata = ["color"];
|
||||
};
|
||||
"storage ${localName}" = {
|
||||
type = "filesystem";
|
||||
path = "~/.calendars/${name}/";
|
||||
fileext = ".ics";
|
||||
};
|
||||
"storage ${remoteName}" =
|
||||
{
|
||||
inherit type;
|
||||
inherit url;
|
||||
} // (
|
||||
if (type == "caldav") then {
|
||||
}
|
||||
// (
|
||||
if (type == "caldav")
|
||||
then {
|
||||
inherit username;
|
||||
"password.fetch" = [ "command" "${pkgs.pass}/bin/pass" passwordPath ];
|
||||
"password.fetch" = ["command" "${pkgs.pass}/bin/pass" passwordPath];
|
||||
read_only = readOnly;
|
||||
} else { }
|
||||
);
|
||||
};
|
||||
mkAddressbook = { name, url, username, passwordPath, collections ? [ "from a" "from b" ], readOnly ? false }:
|
||||
let
|
||||
pairName = "${name}_contacts";
|
||||
remoteName = "${pairName}_remote";
|
||||
localName = "${pairName}_local";
|
||||
in
|
||||
{
|
||||
"pair ${pairName}" = {
|
||||
a = localName;
|
||||
b = remoteName;
|
||||
inherit collections;
|
||||
conflict_resolution = "b wins";
|
||||
};
|
||||
"storage ${localName}" = {
|
||||
type = "filesystem";
|
||||
path = "~/.contacts/${name}/";
|
||||
fileext = ".vcf";
|
||||
};
|
||||
"storage ${remoteName}" = {
|
||||
type = "carddav";
|
||||
inherit url username;
|
||||
"password.fetch" = [ "command" "${pkgs.pass}/bin/pass" passwordPath ];
|
||||
read_only = readOnly;
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
xdg.configFile."vdirsyncer/config".source = mkConfig
|
||||
(
|
||||
pkgs.lib.fold (a: b: a // b)
|
||||
{
|
||||
general.status_path = "~/.vdirsyncer/status";
|
||||
}
|
||||
(map mkCalendar calendars ++ map mkAddressbook addressbooks)
|
||||
);
|
||||
home.packages = [ pkgs.vdirsyncer ];
|
||||
else {}
|
||||
);
|
||||
};
|
||||
mkAddressbook = {
|
||||
name,
|
||||
url,
|
||||
username,
|
||||
passwordPath,
|
||||
collections ? ["from a" "from b"],
|
||||
readOnly ? false,
|
||||
}: let
|
||||
pairName = "${name}_contacts";
|
||||
remoteName = "${pairName}_remote";
|
||||
localName = "${pairName}_local";
|
||||
in {
|
||||
"pair ${pairName}" = {
|
||||
a = localName;
|
||||
b = remoteName;
|
||||
inherit collections;
|
||||
conflict_resolution = "b wins";
|
||||
};
|
||||
"storage ${localName}" = {
|
||||
type = "filesystem";
|
||||
path = "~/.contacts/${name}/";
|
||||
fileext = ".vcf";
|
||||
};
|
||||
"storage ${remoteName}" = {
|
||||
type = "carddav";
|
||||
inherit url username;
|
||||
"password.fetch" = ["command" "${pkgs.pass}/bin/pass" passwordPath];
|
||||
read_only = readOnly;
|
||||
};
|
||||
};
|
||||
in {
|
||||
xdg.configFile."vdirsyncer/config".source = mkConfig
|
||||
(
|
||||
pkgs.lib.fold (a: b: a // b)
|
||||
{
|
||||
general.status_path = "~/.vdirsyncer/status";
|
||||
}
|
||||
(map mkCalendar calendars ++ map mkAddressbook addressbooks)
|
||||
);
|
||||
home.packages = [pkgs.vdirsyncer];
|
||||
|
||||
systemd.user = {
|
||||
services.watch-vdir = {
|
||||
|
@ -91,7 +108,7 @@ in
|
|||
''
|
||||
);
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
Install.WantedBy = ["default.target"];
|
||||
};
|
||||
services.vdirsyncer = {
|
||||
Unit.Description = "vdirsyncer sync";
|
||||
|
@ -105,7 +122,7 @@ in
|
|||
timers.vdirsyncer = {
|
||||
Unit.Description = "vdirsync sync timer";
|
||||
Timer.OnCalendar = "*:0/15";
|
||||
Install.WantedBy = [ "timers.target" ];
|
||||
Install.WantedBy = ["timers.target"];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,13 +1,16 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
modeFile = "${config.home.homeDirectory}/.mode";
|
||||
wallPapers = "${config.home.homeDirectory}/media/images/wallpapers";
|
||||
randomWallpaper = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "random-wallpaper";
|
||||
imports = [ "System.Random" ];
|
||||
bins = [ pkgs.coreutils pkgs.glib ];
|
||||
} ''
|
||||
{
|
||||
name = "random-wallpaper";
|
||||
imports = ["System.Random"];
|
||||
bins = [pkgs.coreutils pkgs.glib];
|
||||
} ''
|
||||
main = do
|
||||
mode <- cat "${modeFile}" |> captureTrim
|
||||
(lines . decodeUtf8 -> files) <- ls ([i|${wallPapers}/#{mode}|] :: String) |> captureTrim
|
||||
|
@ -18,21 +21,22 @@ let
|
|||
gsettings "set" "org.gnome.desktop.background" "picture-uri" new
|
||||
gsettings "set" "org.gnome.desktop.screensaver" "picture-uri" new
|
||||
'';
|
||||
in
|
||||
{
|
||||
home.packages = [ randomWallpaper ];
|
||||
in {
|
||||
home.packages = [randomWallpaper];
|
||||
systemd.user = {
|
||||
services.random-wallpaper = {
|
||||
Unit = { Description = "Random Wallpaper"; };
|
||||
Unit = {Description = "Random Wallpaper";};
|
||||
Service = {
|
||||
ExecStart = "${randomWallpaper}/bin/random-wallpaper";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
timers.random-wallpaper = {
|
||||
Timer = { OnCalendar = "*:00/30:00"; OnActiveSec = 1; };
|
||||
Install = { WantedBy = [ "timers.target" ]; };
|
||||
Timer = {
|
||||
OnCalendar = "*:00/30:00";
|
||||
OnActiveSec = 1;
|
||||
};
|
||||
Install = {WantedBy = ["timers.target"];};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,18 +1,21 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
with lib;
|
||||
let
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
weechat = pkgs.wrapWeechat pkgs.weechat-unwrapped {
|
||||
configure = { availablePlugins, ... }: {
|
||||
plugins = builtins.attrValues (availablePlugins // {
|
||||
configure = {availablePlugins, ...}: {
|
||||
plugins = builtins.attrValues (availablePlugins
|
||||
// {
|
||||
python = (availablePlugins.python.withPackages
|
||||
(ps: [ pkgs.weechatScripts.weechat-matrix ]));
|
||||
(ps: [pkgs.weechatScripts.weechat-matrix]));
|
||||
});
|
||||
scripts = [ pkgs.weechatScripts.weechat-matrix ];
|
||||
scripts = [pkgs.weechatScripts.weechat-matrix];
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
|
||||
in {
|
||||
home.file = {
|
||||
python_plugins = {
|
||||
target = ".weechat/python";
|
||||
|
@ -68,13 +71,15 @@ in
|
|||
[look]
|
||||
human_buffer_names = on
|
||||
[server]
|
||||
${lib.concatStringsSep "\n" (lib.mapAttrsToList
|
||||
${
|
||||
lib.concatStringsSep "\n" (lib.mapAttrsToList
|
||||
(server: serverConfig: ''
|
||||
${server}.address = "${serverConfig.address}"
|
||||
${server}.autoconnect = on
|
||||
${server}.username = "${serverConfig.user}"
|
||||
${server}.password = "${serverConfig.password}"
|
||||
'') (pkgs.privateValue { } "weechat/matrix"))}
|
||||
'') (pkgs.privateValue {} "weechat/matrix"))
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -82,14 +87,13 @@ in
|
|||
systemd.user = {
|
||||
timers.log2rss = {
|
||||
Timer.OnCalendar = "19:55";
|
||||
Install.WantedBy = [ "timers.target" ];
|
||||
Install.WantedBy = ["timers.target"];
|
||||
};
|
||||
services = {
|
||||
log2rss = {
|
||||
Unit.Description = "log2rss";
|
||||
Service = {
|
||||
ExecStart =
|
||||
"${pkgs.logfeed}/bin/log2rss /var/www/rss/chats.xml";
|
||||
ExecStart = "${pkgs.logfeed}/bin/log2rss /var/www/rss/chats.xml";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
|
@ -97,13 +101,11 @@ in
|
|||
Unit.Description = "Weechat Tmux Session";
|
||||
Service = {
|
||||
Type = "forking";
|
||||
ExecStart =
|
||||
"${pkgs.tmux}/bin/tmux -L weechat -2 new-session -d -s irc -n weechat '${weechat}/bin/weechat'";
|
||||
ExecStart = "${pkgs.tmux}/bin/tmux -L weechat -2 new-session -d -s irc -n weechat '${weechat}/bin/weechat'";
|
||||
Restart = "always";
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
Install.WantedBy = ["default.target"];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,9 +1,11 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
emanote = import (import ../../nix/sources.nix).emanote;
|
||||
in
|
||||
{
|
||||
imports = [ emanote.homeManagerModule ];
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
emanote = import (import ../../nix/sources.nix).emanote;
|
||||
in {
|
||||
imports = [emanote.homeManagerModule];
|
||||
services.emanote = {
|
||||
enable = true;
|
||||
# host = "127.0.0.1"; # default listen address is 127.0.0.1
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, ... }: {
|
||||
{pkgs, ...}: {
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
enableAutosuggestions = true;
|
||||
|
@ -18,7 +18,7 @@
|
|||
'';
|
||||
oh-my-zsh = {
|
||||
enable = true;
|
||||
plugins = [ "colored-man-pages" ];
|
||||
plugins = ["colored-man-pages"];
|
||||
};
|
||||
plugins = [
|
||||
# {
|
||||
|
|
|
@ -1,17 +1,17 @@
|
|||
let
|
||||
sources = import ../nix/sources.nix;
|
||||
inherit (import sources.nixos-unstable { }) lib pkgs;
|
||||
inherit (import sources.nixos-unstable {}) lib pkgs;
|
||||
modes = import ./machines.nix;
|
||||
home-manager = channel: import "${sources.${channel}}/home-manager/home-manager.nix";
|
||||
buildHomeManager = host: mode:
|
||||
(home-manager (import ../channels.nix).${host}.home-manager-channel {
|
||||
confPath = ../home.nix;
|
||||
confAttr = "${host}-${mode}";
|
||||
}).activationPackage;
|
||||
})
|
||||
.activationPackage;
|
||||
buildModesForHost = host: modes:
|
||||
pkgs.runCommandLocal "${host}-modes" { } ''
|
||||
pkgs.runCommandLocal "${host}-modes" {} ''
|
||||
mkdir $out
|
||||
${lib.concatStringsSep "\n" (lib.mapAttrsToList (mode: config:
|
||||
"ln -s ${buildHomeManager host mode} $out/${mode}") modes)}'';
|
||||
${lib.concatStringsSep "\n" (lib.mapAttrsToList (mode: config: "ln -s ${buildHomeManager host mode} $out/${mode}") modes)}'';
|
||||
in
|
||||
lib.mapAttrs buildModesForHost modes
|
||||
lib.mapAttrs buildModesForHost modes
|
||||
|
|
14
home.nix
14
home.nix
|
@ -1,13 +1,13 @@
|
|||
let
|
||||
inherit (import (import ./nix/sources.nix).nixos-unstable { }) lib;
|
||||
inherit (import (import ./nix/sources.nix).nixos-unstable {}) lib;
|
||||
modes = import home-manager/machines.nix;
|
||||
in
|
||||
lib.listToAttrs (lib.flatten (lib.mapAttrsToList
|
||||
lib.listToAttrs (lib.flatten (lib.mapAttrsToList
|
||||
(host: configs:
|
||||
lib.mapAttrsToList
|
||||
(mode: config: {
|
||||
name = "${host}-${mode}";
|
||||
value = config;
|
||||
})
|
||||
configs)
|
||||
(mode: config: {
|
||||
name = "${host}-${mode}";
|
||||
value = config;
|
||||
})
|
||||
configs)
|
||||
modes))
|
||||
|
|
|
@ -83,5 +83,4 @@ rec {
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
{ pkgs, nixos-rebuild }:
|
||||
let
|
||||
configPath = "/etc/nixos";
|
||||
in
|
||||
{
|
||||
pkgs,
|
||||
nixos-rebuild,
|
||||
}: let
|
||||
configPath = "/etc/nixos";
|
||||
in {
|
||||
update-system = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "update-system";
|
||||
bins = [ nixos-rebuild pkgs.nix-output-monitor pkgs.nvd ];
|
||||
} ''
|
||||
{
|
||||
name = "update-system";
|
||||
bins = [nixos-rebuild pkgs.nix-output-monitor pkgs.nvd];
|
||||
} ''
|
||||
main = do
|
||||
paths <- myNixPath "${configPath}"
|
||||
args <- getArgs
|
||||
|
|
279
nix/sources.nix
279
nix/sources.nix
|
@ -1,118 +1,156 @@
|
|||
# This file has been generated by Niv.
|
||||
|
||||
let
|
||||
|
||||
#
|
||||
# The fetchers. fetch_<type> fetches specs of type <type>.
|
||||
#
|
||||
|
||||
fetch_file = pkgs: name: spec:
|
||||
let
|
||||
name' = sanitizeName name + "-src";
|
||||
in
|
||||
if spec.builtin or true then
|
||||
builtins_fetchurl { inherit (spec) url sha256; name = name'; }
|
||||
fetch_file = pkgs: name: spec: let
|
||||
name' = sanitizeName name + "-src";
|
||||
in
|
||||
if spec.builtin or true
|
||||
then
|
||||
builtins_fetchurl {
|
||||
inherit (spec) url sha256;
|
||||
name = name';
|
||||
}
|
||||
else
|
||||
pkgs.fetchurl { inherit (spec) url sha256; name = name'; };
|
||||
pkgs.fetchurl {
|
||||
inherit (spec) url sha256;
|
||||
name = name';
|
||||
};
|
||||
|
||||
fetch_tarball = pkgs: name: spec:
|
||||
let
|
||||
name' = sanitizeName name + "-src";
|
||||
in
|
||||
if spec.builtin or true then
|
||||
builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
|
||||
fetch_tarball = pkgs: name: spec: let
|
||||
name' = sanitizeName name + "-src";
|
||||
in
|
||||
if spec.builtin or true
|
||||
then
|
||||
builtins_fetchTarball {
|
||||
name = name';
|
||||
inherit (spec) url sha256;
|
||||
}
|
||||
else
|
||||
pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
|
||||
pkgs.fetchzip {
|
||||
name = name';
|
||||
inherit (spec) url sha256;
|
||||
};
|
||||
|
||||
fetch_git = name: spec:
|
||||
let
|
||||
ref =
|
||||
if spec ? ref then spec.ref else
|
||||
if spec ? branch then "refs/heads/${spec.branch}" else
|
||||
if spec ? tag then "refs/tags/${spec.tag}" else
|
||||
abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
|
||||
in
|
||||
builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; };
|
||||
fetch_git = name: spec: let
|
||||
ref =
|
||||
if spec ? ref
|
||||
then spec.ref
|
||||
else if spec ? branch
|
||||
then "refs/heads/${spec.branch}"
|
||||
else if spec ? tag
|
||||
then "refs/tags/${spec.tag}"
|
||||
else abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
|
||||
in
|
||||
builtins.fetchGit {
|
||||
url = spec.repo;
|
||||
inherit (spec) rev;
|
||||
inherit ref;
|
||||
};
|
||||
|
||||
fetch_local = spec: spec.path;
|
||||
|
||||
fetch_builtin-tarball = name: throw
|
||||
''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
|
||||
$ niv modify ${name} -a type=tarball -a builtin=true'';
|
||||
fetch_builtin-tarball = name:
|
||||
throw
|
||||
'' [${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
|
||||
$ niv modify ${name} -a type=tarball -a builtin=true'';
|
||||
|
||||
fetch_builtin-url = name: throw
|
||||
''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
|
||||
$ niv modify ${name} -a type=file -a builtin=true'';
|
||||
fetch_builtin-url = name:
|
||||
throw
|
||||
'' [${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
|
||||
$ niv modify ${name} -a type=file -a builtin=true'';
|
||||
|
||||
#
|
||||
# Various helpers
|
||||
#
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695
|
||||
sanitizeName = name:
|
||||
sanitizeName = name: (
|
||||
concatMapStrings (s:
|
||||
if builtins.isList s
|
||||
then "-"
|
||||
else s)
|
||||
(
|
||||
concatMapStrings (s: if builtins.isList s then "-" else s)
|
||||
(
|
||||
builtins.split "[^[:alnum:]+._?=-]+"
|
||||
((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)
|
||||
)
|
||||
);
|
||||
builtins.split "[^[:alnum:]+._?=-]+"
|
||||
((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)
|
||||
)
|
||||
);
|
||||
|
||||
# The set of packages used when specs are fetched using non-builtins.
|
||||
mkPkgs = sources: system:
|
||||
let
|
||||
sourcesNixpkgs =
|
||||
import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; };
|
||||
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
|
||||
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
|
||||
in
|
||||
mkPkgs = sources: system: let
|
||||
sourcesNixpkgs =
|
||||
import (builtins_fetchTarball {inherit (sources.nixpkgs) url sha256;}) {inherit system;};
|
||||
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
|
||||
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
|
||||
in
|
||||
if builtins.hasAttr "nixpkgs" sources
|
||||
then sourcesNixpkgs
|
||||
else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
|
||||
import <nixpkgs> { }
|
||||
else if hasNixpkgsPath && !hasThisAsNixpkgsPath
|
||||
then import <nixpkgs> {}
|
||||
else
|
||||
abort
|
||||
''
|
||||
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
|
||||
add a package called "nixpkgs" to your sources.json.
|
||||
'';
|
||||
''
|
||||
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
|
||||
add a package called "nixpkgs" to your sources.json.
|
||||
'';
|
||||
|
||||
# The actual fetching function.
|
||||
fetch = pkgs: name: spec:
|
||||
|
||||
if ! builtins.hasAttr "type" spec then
|
||||
abort "ERROR: niv spec ${name} does not have a 'type' attribute"
|
||||
else if spec.type == "file" then fetch_file pkgs name spec
|
||||
else if spec.type == "tarball" then fetch_tarball pkgs name spec
|
||||
else if spec.type == "git" then fetch_git name spec
|
||||
else if spec.type == "local" then fetch_local spec
|
||||
else if spec.type == "builtin-tarball" then fetch_builtin-tarball name
|
||||
else if spec.type == "builtin-url" then fetch_builtin-url name
|
||||
else
|
||||
abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
|
||||
if !builtins.hasAttr "type" spec
|
||||
then abort "ERROR: niv spec ${name} does not have a 'type' attribute"
|
||||
else if spec.type == "file"
|
||||
then fetch_file pkgs name spec
|
||||
else if spec.type == "tarball"
|
||||
then fetch_tarball pkgs name spec
|
||||
else if spec.type == "git"
|
||||
then fetch_git name spec
|
||||
else if spec.type == "local"
|
||||
then fetch_local spec
|
||||
else if spec.type == "builtin-tarball"
|
||||
then fetch_builtin-tarball name
|
||||
else if spec.type == "builtin-url"
|
||||
then fetch_builtin-url name
|
||||
else abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
|
||||
|
||||
# If the environment variable NIV_OVERRIDE_${name} is set, then use
|
||||
# the path directly as opposed to the fetched source.
|
||||
replace = name: drv:
|
||||
let
|
||||
saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name;
|
||||
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
|
||||
in
|
||||
if ersatz == "" then drv else
|
||||
replace = name: drv: let
|
||||
saneName = stringAsChars (c:
|
||||
if isNull (builtins.match "[a-zA-Z0-9]" c)
|
||||
then "_"
|
||||
else c)
|
||||
name;
|
||||
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
|
||||
in
|
||||
if ersatz == ""
|
||||
then drv
|
||||
else
|
||||
# this turns the string into an actual Nix path (for both absolute and
|
||||
# relative paths)
|
||||
if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
|
||||
if builtins.substring 0 1 ersatz == "/"
|
||||
then /. + ersatz
|
||||
else /. + builtins.getEnv "PWD" + "/${ersatz}";
|
||||
|
||||
# Ports of functions for older nix versions
|
||||
|
||||
# a Nix version of mapAttrs if the built-in doesn't exist
|
||||
mapAttrs = builtins.mapAttrs or (
|
||||
f: set: with builtins;
|
||||
listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set))
|
||||
);
|
||||
mapAttrs =
|
||||
builtins.mapAttrs
|
||||
or (
|
||||
f: set:
|
||||
with builtins;
|
||||
listToAttrs (map (attr: {
|
||||
name = attr;
|
||||
value = f attr set.${attr};
|
||||
}) (attrNames set))
|
||||
);
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
|
||||
range = first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1);
|
||||
range = first: last:
|
||||
if first > last
|
||||
then []
|
||||
else builtins.genList (n: first + n) (last - first + 1);
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
|
||||
stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
|
||||
|
@ -123,55 +161,66 @@ let
|
|||
concatStrings = builtins.concatStringsSep "";
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331
|
||||
optionalAttrs = cond: as: if cond then as else { };
|
||||
optionalAttrs = cond: as:
|
||||
if cond
|
||||
then as
|
||||
else {};
|
||||
|
||||
# fetchTarball version that is compatible between all the versions of Nix
|
||||
builtins_fetchTarball = { url, name ? null, sha256 }@attrs:
|
||||
let
|
||||
inherit (builtins) lessThan nixVersion fetchTarball;
|
||||
in
|
||||
if lessThan nixVersion "1.12" then
|
||||
fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
|
||||
else
|
||||
fetchTarball attrs;
|
||||
builtins_fetchTarball = {
|
||||
url,
|
||||
name ? null,
|
||||
sha256,
|
||||
} @ attrs: let
|
||||
inherit (builtins) lessThan nixVersion fetchTarball;
|
||||
in
|
||||
if lessThan nixVersion "1.12"
|
||||
then fetchTarball ({inherit url;} // (optionalAttrs (!isNull name) {inherit name;}))
|
||||
else fetchTarball attrs;
|
||||
|
||||
# fetchurl version that is compatible between all the versions of Nix
|
||||
builtins_fetchurl = { url, name ? null, sha256 }@attrs:
|
||||
let
|
||||
inherit (builtins) lessThan nixVersion fetchurl;
|
||||
in
|
||||
if lessThan nixVersion "1.12" then
|
||||
fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
|
||||
else
|
||||
fetchurl attrs;
|
||||
builtins_fetchurl = {
|
||||
url,
|
||||
name ? null,
|
||||
sha256,
|
||||
} @ attrs: let
|
||||
inherit (builtins) lessThan nixVersion fetchurl;
|
||||
in
|
||||
if lessThan nixVersion "1.12"
|
||||
then fetchurl ({inherit url;} // (optionalAttrs (!isNull name) {inherit name;}))
|
||||
else fetchurl attrs;
|
||||
|
||||
# Create the final "sources" from the config
|
||||
mkSources = config:
|
||||
mapAttrs
|
||||
(
|
||||
name: spec:
|
||||
if builtins.hasAttr "outPath" spec
|
||||
then
|
||||
abort
|
||||
"The values in sources.json should not have an 'outPath' attribute"
|
||||
else
|
||||
spec // { outPath = replace name (fetch config.pkgs name spec); }
|
||||
)
|
||||
config.sources;
|
||||
(
|
||||
name: spec:
|
||||
if builtins.hasAttr "outPath" spec
|
||||
then
|
||||
abort
|
||||
"The values in sources.json should not have an 'outPath' attribute"
|
||||
else spec // {outPath = replace name (fetch config.pkgs name spec);}
|
||||
)
|
||||
config.sources;
|
||||
|
||||
# The "config" used by the fetchers
|
||||
mkConfig =
|
||||
{ sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
|
||||
, sources ? if isNull sourcesFile then { } else builtins.fromJSON (builtins.readFile sourcesFile)
|
||||
, system ? builtins.currentSystem
|
||||
, pkgs ? mkPkgs sources system
|
||||
}: rec {
|
||||
# The sources, i.e. the attribute set of spec name to spec
|
||||
inherit sources;
|
||||
|
||||
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
|
||||
inherit pkgs;
|
||||
};
|
||||
mkConfig = {
|
||||
sourcesFile ?
|
||||
if builtins.pathExists ./sources.json
|
||||
then ./sources.json
|
||||
else null,
|
||||
sources ?
|
||||
if isNull sourcesFile
|
||||
then {}
|
||||
else builtins.fromJSON (builtins.readFile sourcesFile),
|
||||
system ? builtins.currentSystem,
|
||||
pkgs ? mkPkgs sources system,
|
||||
}: rec {
|
||||
# The sources, i.e. the attribute set of spec name to spec
|
||||
inherit sources;
|
||||
|
||||
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
|
||||
inherit pkgs;
|
||||
};
|
||||
in
|
||||
mkSources (mkConfig { }) // { __functor = _: settings: mkSources (mkConfig settings); }
|
||||
mkSources (mkConfig {}) // {__functor = _: settings: mkSources (mkConfig settings);}
|
||||
|
|
|
@ -1,14 +1,15 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
|
||||
let
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
wireguard = import ../../../common/wireguard.nix;
|
||||
inherit (config.m-0) hosts prefix;
|
||||
nixos-hardware = (import ../../../nix/sources.nix).nixos-hardware;
|
||||
inherit (import ../../../common/common.nix { inherit pkgs; }) syncthing;
|
||||
vpn = (import ../../../private.nix).privateValue (_: _: { }) "vpn";
|
||||
in
|
||||
{
|
||||
|
||||
inherit (import ../../../common/common.nix {inherit pkgs;}) syncthing;
|
||||
vpn = (import ../../../private.nix).privateValue (_: _: {}) "vpn";
|
||||
in {
|
||||
imports = [
|
||||
"${nixos-hardware}/lenovo/thinkpad/t480s"
|
||||
./hardware-configuration.nix
|
||||
|
@ -19,7 +20,7 @@ in
|
|||
../../roles/standalone
|
||||
(vpn "apollo")
|
||||
];
|
||||
systemd.services.lenovo_fix.path = [ pkgs.kmod ];
|
||||
systemd.services.lenovo_fix.path = [pkgs.kmod];
|
||||
|
||||
networking = {
|
||||
hostName = "apollo";
|
||||
|
@ -36,12 +37,12 @@ in
|
|||
wireguard.interfaces = {
|
||||
m0wire = {
|
||||
allowedIPsAsRoutes = false;
|
||||
ips = [ "${hosts.apollo-wg}/112" "${hosts.vpn.apollo}/64" ];
|
||||
ips = ["${hosts.apollo-wg}/112" "${hosts.vpn.apollo}/64"];
|
||||
privateKeyFile = pkgs.privatePath "wireguard/apollo-private";
|
||||
peers = [
|
||||
{
|
||||
publicKey = wireguard.pub.hera;
|
||||
allowedIPs = [ "::/0" ];
|
||||
allowedIPs = ["::/0"];
|
||||
# endpoint =
|
||||
# "[${hosts.hera-wg-host}]:${builtins.toString wireguard.port}";
|
||||
endpoint = "[${hosts.hera-v4}]:${builtins.toString wireguard.port}";
|
||||
|
@ -49,8 +50,7 @@ in
|
|||
persistentKeepalive = 25;
|
||||
}
|
||||
];
|
||||
postSetup =
|
||||
[ "${pkgs.iproute}/bin/ip route add ${prefix}::/96 dev m0wire" ];
|
||||
postSetup = ["${pkgs.iproute}/bin/ip route add ${prefix}::/96 dev m0wire"];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -85,7 +85,7 @@ in
|
|||
upower.enable = true;
|
||||
printing = {
|
||||
enable = true;
|
||||
drivers = [ pkgs.gutenprint pkgs.hplip ];
|
||||
drivers = [pkgs.gutenprint pkgs.hplip];
|
||||
};
|
||||
udev.extraRules = ''
|
||||
ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness"
|
||||
|
@ -112,15 +112,16 @@ in
|
|||
firewallFilter = "-i m0wire -p tcp -m tcp -m multiport --dports 9100,9558";
|
||||
openFirewall = true;
|
||||
};
|
||||
syncthing = {
|
||||
enable = true;
|
||||
group = "users";
|
||||
user = "maralorn";
|
||||
openDefaultPorts = true;
|
||||
cert = pkgs.privatePath "syncthing/apollo/cert.pem";
|
||||
key = pkgs.privatePath "syncthing/apollo/key.pem";
|
||||
}
|
||||
// syncthing.declarativeWith [ "hera" "zeus" ] "/home/maralorn/media";
|
||||
syncthing =
|
||||
{
|
||||
enable = true;
|
||||
group = "users";
|
||||
user = "maralorn";
|
||||
openDefaultPorts = true;
|
||||
cert = pkgs.privatePath "syncthing/apollo/cert.pem";
|
||||
key = pkgs.privatePath "syncthing/apollo/key.pem";
|
||||
}
|
||||
// syncthing.declarativeWith ["hera" "zeus"] "/home/maralorn/media";
|
||||
xserver = {
|
||||
enable = true;
|
||||
displayManager = {
|
||||
|
|
|
@ -1,7 +1,10 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [<nixpkgs/nixos/modules/installer/scan/not-detected.nix>];
|
||||
|
||||
boot = {
|
||||
loader = {
|
||||
|
@ -19,20 +22,18 @@
|
|||
};
|
||||
};
|
||||
initrd = {
|
||||
luks.devices."nixos".device =
|
||||
"/dev/disk/by-uuid/78acaebe-952a-43b1-acc8-66c35a60577e";
|
||||
availableKernelModules =
|
||||
[ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||
luks.devices."nixos".device = "/dev/disk/by-uuid/78acaebe-952a-43b1-acc8-66c35a60577e";
|
||||
availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
|
||||
};
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
supportedFilesystems = [ "exfat" ];
|
||||
kernelModules = ["kvm-intel"];
|
||||
supportedFilesystems = ["exfat"];
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-uuid/ce5b0ac6-6eaf-45a6-b6c8-bd4958caf335";
|
||||
fsType = "btrfs";
|
||||
options = [ "compress=zstd" "autodefrag" "noatime" ];
|
||||
options = ["compress=zstd" "autodefrag" "noatime"];
|
||||
};
|
||||
"/boot/EFI" = {
|
||||
device = "/dev/disk/by-uuid/C4A6-3DB5";
|
||||
|
|
|
@ -1,12 +1,13 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
wireguard = import ../../../common/wireguard.nix;
|
||||
inherit (config.m-0) hosts prefix;
|
||||
localAddress = "fdc0:1::2";
|
||||
in
|
||||
{
|
||||
|
||||
in {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
../../roles
|
||||
|
@ -17,14 +18,12 @@ in
|
|||
../../roles/home-assistant
|
||||
];
|
||||
|
||||
fileSystems =
|
||||
let
|
||||
btrfsOptions = { options = [ "compress=zstd" "autodefrag" "noatime" ]; };
|
||||
in
|
||||
{
|
||||
"/disk" = { neededForBoot = true; } // btrfsOptions;
|
||||
"/nix" = btrfsOptions;
|
||||
};
|
||||
fileSystems = let
|
||||
btrfsOptions = {options = ["compress=zstd" "autodefrag" "noatime"];};
|
||||
in {
|
||||
"/disk" = {neededForBoot = true;} // btrfsOptions;
|
||||
"/nix" = btrfsOptions;
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
nixos.source = "/disk/persist/maralorn/git/config";
|
||||
|
@ -34,7 +33,7 @@ in
|
|||
systemd.services = {
|
||||
ensure-printers.serviceConfig.SuccessExitStatus = "0 1";
|
||||
activate-home-manager = {
|
||||
path = [ pkgs.nix pkgs.dbus ];
|
||||
path = [pkgs.nix pkgs.dbus];
|
||||
script = ''
|
||||
if [[ -e /home/maralorn/.mode ]]; then
|
||||
MODE="$(cat /home/maralorn/.mode)"
|
||||
|
@ -47,9 +46,9 @@ in
|
|||
Type = "oneshot";
|
||||
User = "maralorn";
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
# Try to avoid race conditions, when the user get’s logged in before activation was completed.
|
||||
before = [ "display-manager.service" ];
|
||||
before = ["display-manager.service"];
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -91,22 +90,32 @@ in
|
|||
hostName = "fluffy";
|
||||
domain = "lo.m-0.eu";
|
||||
firewall = {
|
||||
allowedUDPPorts = [ 631 ];
|
||||
allowedTCPPorts = [ 21 80 631 ];
|
||||
allowedTCPPortRanges = [{ from = 51000; to = 51999; }];
|
||||
allowedUDPPorts = [631];
|
||||
allowedTCPPorts = [21 80 631];
|
||||
allowedTCPPortRanges = [
|
||||
{
|
||||
from = 51000;
|
||||
to = 51999;
|
||||
}
|
||||
];
|
||||
};
|
||||
interfaces.enp1s0 = {
|
||||
ipv6.addresses = [{ address = localAddress; prefixLength = 64; }];
|
||||
ipv6.addresses = [
|
||||
{
|
||||
address = localAddress;
|
||||
prefixLength = 64;
|
||||
}
|
||||
];
|
||||
useDHCP = true;
|
||||
};
|
||||
wireguard.interfaces = {
|
||||
m0wire = {
|
||||
ips = [ "${hosts.vpn.fluffy}/64" ];
|
||||
ips = ["${hosts.vpn.fluffy}/64"];
|
||||
privateKeyFile = "/disk/persist/wireguard-private-key";
|
||||
peers = [
|
||||
{
|
||||
publicKey = wireguard.pub.hera;
|
||||
allowedIPs = [ "${hosts.vpn.prefix}::/64" ];
|
||||
allowedIPs = ["${hosts.vpn.prefix}::/64"];
|
||||
endpoint = "[${hosts.hera-wg-host}]:${builtins.toString wireguard.port}";
|
||||
presharedKeyFile = pkgs.privatePath "wireguard/psk";
|
||||
persistentKeepalive = 25;
|
||||
|
@ -139,8 +148,8 @@ in
|
|||
fwupd.enable = true;
|
||||
printing = {
|
||||
enable = true;
|
||||
allowFrom = [ "all" ];
|
||||
listenAddresses = [ "[${localAddress}]:631" ];
|
||||
allowFrom = ["all"];
|
||||
listenAddresses = ["[${localAddress}]:631"];
|
||||
extraConf = "ServerAlias *";
|
||||
defaultShared = true;
|
||||
};
|
||||
|
@ -190,5 +199,4 @@ in
|
|||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "21.11"; # Did you read the comment?
|
||||
|
||||
}
|
||||
|
|
|
@ -1,38 +1,38 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
|
||||
boot.kernelModules = ["kvm-intel"];
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/C617-5CCC";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/C617-5CCC";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/disk" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/9acbc122-e818-49fa-bc2e-de7d9f822d5a";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
fileSystems."/disk" = {
|
||||
device = "/dev/disk/by-uuid/9acbc122-e818-49fa-bc2e-de7d9f822d5a";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."crypted-nixos".device = "/dev/disk/by-uuid/020fde09-f651-45a2-9c6a-9b060edf967d";
|
||||
|
||||
fileSystems."/nix" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/9acbc122-e818-49fa-bc2e-de7d9f822d5a";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=nix" ];
|
||||
};
|
||||
fileSystems."/nix" = {
|
||||
device = "/dev/disk/by-uuid/9acbc122-e818-49fa-bc2e-de7d9f822d5a";
|
||||
fsType = "btrfs";
|
||||
options = ["subvol=nix"];
|
||||
};
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ pkgs, ... }: {
|
||||
|
||||
{pkgs, ...}: {
|
||||
m-0.server.initSSHKey = pkgs.privatePath "hera-boot-ssh-key";
|
||||
|
||||
boot = {
|
||||
|
@ -8,13 +7,12 @@
|
|||
version = 2;
|
||||
device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
|
||||
};
|
||||
supportedFilesystems = [ "exfat" ];
|
||||
kernelParams = [ "ip=213.136.94.190::213.136.94.1:255.255.255.0:hera" ];
|
||||
supportedFilesystems = ["exfat"];
|
||||
kernelParams = ["ip=213.136.94.190::213.136.94.1:255.255.255.0:hera"];
|
||||
initrd.luks.devices.root = {
|
||||
device = "/dev/disk/by-uuid/536fe284-36f2-425c-b0c5-a737280f9470";
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,23 +1,25 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
adminCreds = pkgs.privateValue
|
||||
{
|
||||
adminpass = "";
|
||||
dbpass = "";
|
||||
adminuser = "";
|
||||
} "nextcloud-admin";
|
||||
{
|
||||
adminpass = "";
|
||||
dbpass = "";
|
||||
adminuser = "";
|
||||
} "nextcloud-admin";
|
||||
inherit (config.m-0) hosts;
|
||||
certPath = "/var/lib/acme";
|
||||
nextcloudServices = hostname: {
|
||||
nextcloud-pg-backup = {
|
||||
script =
|
||||
let
|
||||
name = "nextcloud-psql-${hostname}";
|
||||
in
|
||||
''
|
||||
${config.services.postgresql.package}/bin/pg_dump nextcloud > /var/lib/db-backup-dumps/${name}
|
||||
'';
|
||||
script = let
|
||||
name = "nextcloud-psql-${hostname}";
|
||||
in ''
|
||||
${config.services.postgresql.package}/bin/pg_dump nextcloud > /var/lib/db-backup-dumps/${name}
|
||||
'';
|
||||
serviceConfig = {
|
||||
User = "nextcloud";
|
||||
Type = "oneshot";
|
||||
|
@ -25,37 +27,40 @@ let
|
|||
};
|
||||
prometheus-nginx-exporter.serviceConfig.RestartSec = 10;
|
||||
nextcloud-setup = {
|
||||
requires = [ "postgresql.service" "redis.service" ];
|
||||
after = [ "postgresql.service" "redis.service" ];
|
||||
requires = ["postgresql.service" "redis.service"];
|
||||
after = ["postgresql.service" "redis.service"];
|
||||
};
|
||||
};
|
||||
nextcloudConf = hostname:
|
||||
{
|
||||
enable = true;
|
||||
hostName = hostname;
|
||||
package = pkgs.nextcloud22;
|
||||
maxUploadSize = "10g";
|
||||
caching = {
|
||||
redis = true;
|
||||
apcu = false;
|
||||
memcached = false;
|
||||
};
|
||||
config = {
|
||||
dbtype = "pgsql";
|
||||
dbname = "nextcloud";
|
||||
dbuser = "nextcloud";
|
||||
dbhost = "localhost";
|
||||
defaultPhoneRegion = "DE";
|
||||
adminuser = "maralorn";
|
||||
dbpassFile = builtins.toFile "nextcloud-dbpass" adminCreds.dbpass;
|
||||
adminpassFile = builtins.toFile "nextcloud-adminpass" adminCreds.adminpass;
|
||||
};
|
||||
autoUpdateApps = {
|
||||
enable = true;
|
||||
startAt = "20:30";
|
||||
};
|
||||
nextcloudConf = hostname: {
|
||||
enable = true;
|
||||
hostName = hostname;
|
||||
package = pkgs.nextcloud22;
|
||||
maxUploadSize = "10g";
|
||||
caching = {
|
||||
redis = true;
|
||||
apcu = false;
|
||||
memcached = false;
|
||||
};
|
||||
nextcloud-container = { v6, v4, hostname }: {
|
||||
config = {
|
||||
dbtype = "pgsql";
|
||||
dbname = "nextcloud";
|
||||
dbuser = "nextcloud";
|
||||
dbhost = "localhost";
|
||||
defaultPhoneRegion = "DE";
|
||||
adminuser = "maralorn";
|
||||
dbpassFile = builtins.toFile "nextcloud-dbpass" adminCreds.dbpass;
|
||||
adminpassFile = builtins.toFile "nextcloud-adminpass" adminCreds.adminpass;
|
||||
};
|
||||
autoUpdateApps = {
|
||||
enable = true;
|
||||
startAt = "20:30";
|
||||
};
|
||||
};
|
||||
nextcloud-container = {
|
||||
v6,
|
||||
v4,
|
||||
hostname,
|
||||
}: {
|
||||
bindMounts = {
|
||||
"${certPath}" = {
|
||||
hostPath = certPath;
|
||||
|
@ -70,8 +75,8 @@ let
|
|||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "bridge";
|
||||
config = { pkgs, ... }: {
|
||||
imports = [ ../../roles ];
|
||||
config = {pkgs, ...}: {
|
||||
imports = [../../roles];
|
||||
|
||||
networking = {
|
||||
interfaces.eth0 = {
|
||||
|
@ -97,7 +102,7 @@ let
|
|||
address = hosts.hera-intern-v4;
|
||||
interface = "eth0";
|
||||
};
|
||||
firewall.allowedTCPPorts = [ 80 443 ];
|
||||
firewall.allowedTCPPorts = [80 443];
|
||||
};
|
||||
|
||||
systemd.services = nextcloudServices hostname;
|
||||
|
@ -113,35 +118,36 @@ let
|
|||
postgresql = {
|
||||
enable = true;
|
||||
package = pkgs.postgresql_14;
|
||||
ensureDatabases = [ "nextcloud" ];
|
||||
ensureDatabases = ["nextcloud"];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
mainHostName = "cloud.maralorn.de";
|
||||
in
|
||||
{
|
||||
in {
|
||||
systemd = {
|
||||
services = {
|
||||
"container@chor-cloud" = {
|
||||
#serviceConfig.RestartSec = 10;
|
||||
unitConfig = {
|
||||
#StartLimitIntervalSec = 30;
|
||||
#StartLimitBurst = 2;
|
||||
services =
|
||||
{
|
||||
"container@chor-cloud" = {
|
||||
#serviceConfig.RestartSec = 10;
|
||||
unitConfig = {
|
||||
#StartLimitIntervalSec = 30;
|
||||
#StartLimitBurst = 2;
|
||||
};
|
||||
};
|
||||
};
|
||||
rss-server = {
|
||||
serviceConfig = {
|
||||
WorkingDirectory = "/var/www/rss";
|
||||
ExecStart = "${pkgs.python3}/bin/python -m http.server 8842";
|
||||
rss-server = {
|
||||
serviceConfig = {
|
||||
WorkingDirectory = "/var/www/rss";
|
||||
ExecStart = "${pkgs.python3}/bin/python -m http.server 8842";
|
||||
};
|
||||
wantedBy = ["multi-user.target"];
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
} // nextcloudServices mainHostName;
|
||||
}
|
||||
// nextcloudServices mainHostName;
|
||||
};
|
||||
services = {
|
||||
nextcloud = nextcloudConf mainHostName;
|
||||
postgresql.ensureDatabases = [ "nextcloud" ];
|
||||
postgresql.ensureDatabases = ["nextcloud"];
|
||||
nginx = {
|
||||
enable = true;
|
||||
virtualHosts."cloud.maralorn.de" = {
|
||||
|
@ -197,5 +203,5 @@ in
|
|||
v4 = hosts.chor-cloud-intern-v4;
|
||||
};
|
||||
};
|
||||
users.users.nextcloud.extraGroups = [ "nginx" ];
|
||||
users.users.nextcloud.extraGroups = ["nginx"];
|
||||
}
|
||||
|
|
|
@ -1,11 +1,13 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
inherit (import ../../../common/common.nix { inherit pkgs; }) syncthing;
|
||||
backupJobs = pkgs.privateValue { } "borgbackup";
|
||||
backupJobNames = map (name: "borgbackup-job-${name}") (lib.attrNames backupJobs);
|
||||
in
|
||||
{
|
||||
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit (import ../../../common/common.nix {inherit pkgs;}) syncthing;
|
||||
backupJobs = pkgs.privateValue {} "borgbackup";
|
||||
backupJobNames = map (name: "borgbackup-job-${name}") (lib.attrNames backupJobs);
|
||||
in {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
../../roles
|
||||
|
@ -51,24 +53,22 @@ in
|
|||
java.enable = true;
|
||||
};
|
||||
nixpkgs.config.android_sdk.accept_license = true;
|
||||
systemd.services = {
|
||||
pg_backup =
|
||||
{
|
||||
systemd.services =
|
||||
{
|
||||
pg_backup = {
|
||||
script = lib.concatMapStringsSep "\n"
|
||||
(name: "${config.services.postgresql.package}/bin/pg_dump ${name} > /var/lib/db-backup-dumps/${name}")
|
||||
config.services.postgresql.ensureDatabases;
|
||||
(name: "${config.services.postgresql.package}/bin/pg_dump ${name} > /var/lib/db-backup-dumps/${name}")
|
||||
config.services.postgresql.ensureDatabases;
|
||||
serviceConfig = {
|
||||
User = "postgres";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
night-routines = {
|
||||
script =
|
||||
let
|
||||
night-routines = {
|
||||
script = let
|
||||
start = "${pkgs.systemd}/bin/systemctl start";
|
||||
container = "${pkgs.nixos-container}/bin/nixos-container run";
|
||||
in
|
||||
''
|
||||
in ''
|
||||
set -x
|
||||
set +e
|
||||
${start} pg_backup
|
||||
|
@ -82,12 +82,17 @@ in
|
|||
${start} synapse-cleanup
|
||||
${pkgs.laminar}/bin/laminarc queue bump-config
|
||||
'';
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
};
|
||||
startAt = "03:00";
|
||||
};
|
||||
startAt = "03:00";
|
||||
};
|
||||
} // lib.listToAttrs (map (name: { name = name; value = { serviceConfig.Type = "oneshot"; }; }) backupJobNames);
|
||||
}
|
||||
// lib.listToAttrs (map (name: {
|
||||
name = name;
|
||||
value = {serviceConfig.Type = "oneshot";};
|
||||
})
|
||||
backupJobNames);
|
||||
services = {
|
||||
postgresql = {
|
||||
enable = true;
|
||||
|
@ -98,23 +103,25 @@ in
|
|||
enable = true;
|
||||
fqdn = "hera.m-0.eu";
|
||||
listenHost = "::";
|
||||
organisations."maralorn.de".users = [ "maralorn" ];
|
||||
organisations."maralorn.de".users = ["maralorn"];
|
||||
};
|
||||
syncthing = {
|
||||
enable = true;
|
||||
group = "nginx";
|
||||
user = "maralorn";
|
||||
openDefaultPorts = true;
|
||||
cert = pkgs.privatePath "syncthing/hera/cert.pem";
|
||||
key = pkgs.privatePath "syncthing/hera/key.pem";
|
||||
} // syncthing.declarativeWith [ "apollo" "zeus" ] "/media";
|
||||
syncthing =
|
||||
{
|
||||
enable = true;
|
||||
group = "nginx";
|
||||
user = "maralorn";
|
||||
openDefaultPorts = true;
|
||||
cert = pkgs.privatePath "syncthing/hera/cert.pem";
|
||||
key = pkgs.privatePath "syncthing/hera/key.pem";
|
||||
}
|
||||
// syncthing.declarativeWith ["apollo" "zeus"] "/media";
|
||||
};
|
||||
boot.kernel.sysctl = { "fs.inotify.max_user_watches" = 204800; };
|
||||
systemd.tmpfiles.rules = [ "Z /media 0770 maralorn nginx - -" ];
|
||||
boot.kernel.sysctl = {"fs.inotify.max_user_watches" = 204800;};
|
||||
systemd.tmpfiles.rules = ["Z /media 0770 maralorn nginx - -"];
|
||||
nix.sshServe = {
|
||||
protocol = "ssh-ng";
|
||||
enable = true;
|
||||
keys = pkgs.privateValue [ ] "root-ssh-keys";
|
||||
keys = pkgs.privateValue [] "root-ssh-keys";
|
||||
};
|
||||
|
||||
users.users = {
|
||||
|
@ -122,12 +129,12 @@ in
|
|||
description = "choreutes";
|
||||
isNormalUser = true;
|
||||
uid = 1001;
|
||||
extraGroups = [ "wheel" "systemd-journal" ];
|
||||
extraGroups = ["wheel" "systemd-journal"];
|
||||
passwordFile = pkgs.privatePath "pam-login-password-choreutes";
|
||||
};
|
||||
ved-backup = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDSldCn4LJcIos8PVI7PJZSM5aQ8FoDPUzMTwSHm6NUl root@bach" ];
|
||||
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDSldCn4LJcIos8PVI7PJZSM5aQ8FoDPUzMTwSHm6NUl root@bach"];
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -136,5 +143,4 @@ in
|
|||
# servers. You should change this only after NixOS release notes say you
|
||||
# should.
|
||||
system.stateVersion = "18.03"; # Did you read the comment?
|
||||
|
||||
}
|
||||
|
|
|
@ -1,15 +1,17 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [<nixpkgs/nixos/modules/profiles/qemu-guest.nix>];
|
||||
|
||||
boot.initrd.availableKernelModules =
|
||||
[ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"];
|
||||
boot.kernelModules = [];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/8e92387a-6785-4b3c-bcdb-a4a423675173";
|
||||
|
@ -21,8 +23,7 @@
|
|||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[{ device = "/dev/disk/by-uuid/1e651bde-94b5-4fe2-9e6a-7af916d80057"; }];
|
||||
swapDevices = [{device = "/dev/disk/by-uuid/1e651bde-94b5-4fe2-9e6a-7af916d80057";}];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
}
|
||||
|
|
|
@ -1,10 +1,13 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
let
|
||||
certPath = "/var/lib/acme/hera.m-0.eu";
|
||||
nonMailboxDomains = [ "lists.maralorn.de" ];
|
||||
inherit (config.m-0) hosts;
|
||||
in
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
certPath = "/var/lib/acme/hera.m-0.eu";
|
||||
nonMailboxDomains = ["lists.maralorn.de"];
|
||||
inherit (config.m-0) hosts;
|
||||
in {
|
||||
m-0.monitoring = [
|
||||
{
|
||||
name = "postfix on hera";
|
||||
|
@ -12,7 +15,7 @@ in
|
|||
}
|
||||
];
|
||||
|
||||
imports = [ ../../roles "${(import ../../../nix/sources.nix).nixos-mailserver}" ];
|
||||
imports = [../../roles "${(import ../../../nix/sources.nix).nixos-mailserver}"];
|
||||
|
||||
services = {
|
||||
unbound.enable = true;
|
||||
|
@ -25,45 +28,43 @@ in
|
|||
};
|
||||
};
|
||||
rspamd.locals = {
|
||||
"multimap.conf".text =
|
||||
let
|
||||
allow-ip = builtins.toFile "allow-ip.map" ''
|
||||
'';
|
||||
allow-host = builtins.toFile "allow-host.map" ''
|
||||
gmx.de
|
||||
web.de
|
||||
google.com
|
||||
meteosafe.com # Wetterwarnungen
|
||||
# tu-darmstadt.de # Not safe because of spam via cda
|
||||
ccc.de
|
||||
discourse.cloud
|
||||
haskell.org
|
||||
github.com
|
||||
vocalensemble-darmstadt.de
|
||||
sit-mainz.info # Bistum Mainz
|
||||
'';
|
||||
in
|
||||
''
|
||||
# local.d/multimap.conf
|
||||
# allow lists
|
||||
LOCAL_AL_IP {
|
||||
type = "ip"; # matches IP of the host that performed message handoff (against radix map)
|
||||
map = "${allow-ip}";
|
||||
group = "local_al_ip";
|
||||
score = -15;
|
||||
description = "Submitting IP listed in local allow list";
|
||||
}
|
||||
LOCAL_AL_HOST {
|
||||
type = "hostname"; # matches reverse DNS name of the host that performed message handoff
|
||||
filter = "tld" ; # matches eSLD (effective second level domain - a second-level domain or something that’s effectively so like example.com or example.za.org)
|
||||
score = -15;
|
||||
map = "${allow-host}";
|
||||
description = "Submitting host RDNS listed in local allow list";
|
||||
}
|
||||
"multimap.conf".text = let
|
||||
allow-ip = builtins.toFile "allow-ip.map" ''
|
||||
'';
|
||||
allow-host = builtins.toFile "allow-host.map" ''
|
||||
gmx.de
|
||||
web.de
|
||||
google.com
|
||||
meteosafe.com # Wetterwarnungen
|
||||
# tu-darmstadt.de # Not safe because of spam via cda
|
||||
ccc.de
|
||||
discourse.cloud
|
||||
haskell.org
|
||||
github.com
|
||||
vocalensemble-darmstadt.de
|
||||
sit-mainz.info # Bistum Mainz
|
||||
'';
|
||||
in ''
|
||||
# local.d/multimap.conf
|
||||
# allow lists
|
||||
LOCAL_AL_IP {
|
||||
type = "ip"; # matches IP of the host that performed message handoff (against radix map)
|
||||
map = "${allow-ip}";
|
||||
group = "local_al_ip";
|
||||
score = -15;
|
||||
description = "Submitting IP listed in local allow list";
|
||||
}
|
||||
LOCAL_AL_HOST {
|
||||
type = "hostname"; # matches reverse DNS name of the host that performed message handoff
|
||||
filter = "tld" ; # matches eSLD (effective second level domain - a second-level domain or something that’s effectively so like example.com or example.za.org)
|
||||
score = -15;
|
||||
map = "${allow-host}";
|
||||
description = "Submitting host RDNS listed in local allow list";
|
||||
}
|
||||
'';
|
||||
};
|
||||
postfix = {
|
||||
networks = [ "[::1]/128" "127.0.0.1/32" "[${config.m-0.prefix}::]/64" "[${hosts.vpn.prefix}::]/64" "10.0.0.0/24" ];
|
||||
networks = ["[::1]/128" "127.0.0.1/32" "[${config.m-0.prefix}::]/64" "[${hosts.vpn.prefix}::]/64" "10.0.0.0/24"];
|
||||
transport = "email2matrix.maralorn.de smtp:[::1]:2525";
|
||||
config = {
|
||||
# Allow TLSv1 because we need to be able to receive mail from legacy servers.
|
||||
|
@ -83,9 +84,9 @@ in
|
|||
enableManageSieve = true;
|
||||
fqdn = "hera.m-0.eu";
|
||||
rewriteMessageId = true;
|
||||
domains = [ "m-0.eu" "maralorn.de" "choreutes.de" "mathechor.de" "lists.maralorn.de" "malte-und-clai.re" ];
|
||||
forwards = pkgs.privateValue { } "mail/forwards";
|
||||
loginAccounts = pkgs.privateValue { } "mail/users";
|
||||
domains = ["m-0.eu" "maralorn.de" "choreutes.de" "mathechor.de" "lists.maralorn.de" "malte-und-clai.re"];
|
||||
forwards = pkgs.privateValue {} "mail/forwards";
|
||||
loginAccounts = pkgs.privateValue {} "mail/users";
|
||||
hierarchySeparator = "/";
|
||||
certificateScheme = 1;
|
||||
certificateFile = "${certPath}/fullchain.pem";
|
||||
|
|
|
@ -1,19 +1,23 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
wireguard = import ../../../common/wireguard.nix;
|
||||
inherit (config.m-0) hosts;
|
||||
in
|
||||
{
|
||||
in {
|
||||
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
|
||||
networking = {
|
||||
hostName = "hera";
|
||||
domain = "m-0.eu";
|
||||
interfaces.ens18 = {
|
||||
proxyARP = true;
|
||||
ipv4.addresses = [{
|
||||
address = "213.136.94.190";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
ipv4.addresses = [
|
||||
{
|
||||
address = "213.136.94.190";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
ipv6.addresses = [
|
||||
{
|
||||
address = hosts.hera;
|
||||
|
@ -40,50 +44,54 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
bridges.bridge.interfaces = [ ];
|
||||
bridges.bridge.interfaces = [];
|
||||
interfaces.bridge = {
|
||||
proxyARP = true;
|
||||
ipv6.addresses = [{
|
||||
address = hosts.hera-intern;
|
||||
prefixLength = 112;
|
||||
}];
|
||||
ipv4.addresses = [{
|
||||
address = "10.0.0.1";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
ipv6.addresses = [
|
||||
{
|
||||
address = hosts.hera-intern;
|
||||
prefixLength = 112;
|
||||
}
|
||||
];
|
||||
ipv4.addresses = [
|
||||
{
|
||||
address = "10.0.0.1";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
};
|
||||
nat = {
|
||||
enable = true;
|
||||
externalInterface = "ens18";
|
||||
internalInterfaces = [ "bridge" ];
|
||||
internalInterfaces = ["bridge"];
|
||||
};
|
||||
nameservers = [ "213.136.95.10" "2a02:c207::1:53" "2a02:c207::2:53" ];
|
||||
firewall.allowedTCPPorts = [ 8666 ];
|
||||
firewall.allowedUDPPorts = [ wireguard.port ];
|
||||
nameservers = ["213.136.95.10" "2a02:c207::1:53" "2a02:c207::2:53"];
|
||||
firewall.allowedTCPPorts = [8666];
|
||||
firewall.allowedUDPPorts = [wireguard.port];
|
||||
wireguard.interfaces = {
|
||||
m0wire = {
|
||||
ips = [ "${hosts.hera-wg}/112" "${hosts.vpn.hera}/64" ];
|
||||
ips = ["${hosts.hera-wg}/112" "${hosts.vpn.hera}/64"];
|
||||
privateKeyFile = pkgs.privatePath "wireguard/hera-private";
|
||||
listenPort = wireguard.port;
|
||||
peers = [
|
||||
{
|
||||
publicKey = wireguard.pub.zeus;
|
||||
allowedIPs = [ "${hosts.zeus-wg}/128" "${hosts.vpn.zeus}/128" ];
|
||||
allowedIPs = ["${hosts.zeus-wg}/128" "${hosts.vpn.zeus}/128"];
|
||||
presharedKeyFile = pkgs.privatePath "wireguard/psk";
|
||||
}
|
||||
{
|
||||
publicKey = wireguard.pub.apollo;
|
||||
allowedIPs = [ "${hosts.apollo-wg}/128" "${hosts.vpn.apollo}/128" ];
|
||||
allowedIPs = ["${hosts.apollo-wg}/128" "${hosts.vpn.apollo}/128"];
|
||||
presharedKeyFile = pkgs.privatePath "wireguard/psk";
|
||||
}
|
||||
{
|
||||
publicKey = wireguard.pub.fluffy;
|
||||
allowedIPs = [ "${hosts.vpn.fluffy}/128" ];
|
||||
allowedIPs = ["${hosts.vpn.fluffy}/128"];
|
||||
presharedKeyFile = pkgs.privatePath "wireguard/psk";
|
||||
}
|
||||
{
|
||||
publicKey = wireguard.pub.pegasus;
|
||||
allowedIPs = [ "${hosts.vpn.pegasus}/128" ];
|
||||
allowedIPs = ["${hosts.vpn.pegasus}/128"];
|
||||
presharedKeyFile = pkgs.privatePath "wireguard/psk";
|
||||
}
|
||||
];
|
||||
|
@ -102,5 +110,4 @@ in
|
|||
'';
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,13 +1,18 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
locations."/".extraConfig = "return 301 https://blog.maralorn.de$request_uri;";
|
||||
in
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
m-0.monitoring = [{
|
||||
name = "hera-nginx";
|
||||
host = "hera-intern:9113";
|
||||
}];
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
locations."/".extraConfig = "return 301 https://blog.maralorn.de$request_uri;";
|
||||
in {
|
||||
networking.firewall.allowedTCPPorts = [80 443];
|
||||
m-0.monitoring = [
|
||||
{
|
||||
name = "hera-nginx";
|
||||
host = "hera-intern:9113";
|
||||
}
|
||||
];
|
||||
security.acme.certs."hera.m-0.eu".keyType = "rsa4096";
|
||||
services = {
|
||||
nginx = {
|
||||
|
@ -16,8 +21,7 @@ in
|
|||
"stream.maralorn.de" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".proxyPass =
|
||||
"http://[${config.m-0.hosts.apollo-wg}]:8123";
|
||||
locations."/".proxyPass = "http://[${config.m-0.hosts.apollo-wg}]:8123";
|
||||
};
|
||||
"tasks.maralorn.de" = {
|
||||
forceSSL = true;
|
||||
|
@ -28,7 +32,7 @@ in
|
|||
};
|
||||
};
|
||||
"hera.m-0.eu" = {
|
||||
serverAliases = [ "malte-und-clai.re" ];
|
||||
serverAliases = ["malte-und-clai.re"];
|
||||
default = true;
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
@ -51,5 +55,4 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,15 +1,16 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
wireguard = import ../../../common/wireguard.nix;
|
||||
inherit (config.m-0) hosts prefix;
|
||||
nixos-hardware = (import ../../../nix/sources.nix).nixos-hardware;
|
||||
nixos-unstable = (import ../../../nix/sources.nix).nixos-unstable;
|
||||
inherit (import ../../../common/common.nix { inherit pkgs; }) syncthing;
|
||||
vpn = (import ../../../private.nix).privateValue (_: _: { }) "vpn";
|
||||
in
|
||||
{
|
||||
|
||||
inherit (import ../../../common/common.nix {inherit pkgs;}) syncthing;
|
||||
vpn = (import ../../../private.nix).privateValue (_: _: {}) "vpn";
|
||||
in {
|
||||
imports = [
|
||||
"${nixos-hardware}/common/gpu/amd/sea-islands"
|
||||
./hardware-configuration.nix
|
||||
|
@ -22,20 +23,18 @@ in
|
|||
(vpn "zeus")
|
||||
];
|
||||
|
||||
fileSystems =
|
||||
let
|
||||
btrfsOptions = { options = [ "compress=zstd" "autodefrag" "noatime" ]; };
|
||||
in
|
||||
{
|
||||
"/disk" = { neededForBoot = true; } // btrfsOptions;
|
||||
"/boot" = btrfsOptions;
|
||||
"/nix" = btrfsOptions;
|
||||
"/home/maralorn/.config/pulse" = {
|
||||
mountPoint = "/home/maralorn/.config/pulse";
|
||||
device = "/disk/persist/maralorn/.config/pulse";
|
||||
options = [ "bind" ];
|
||||
};
|
||||
fileSystems = let
|
||||
btrfsOptions = {options = ["compress=zstd" "autodefrag" "noatime"];};
|
||||
in {
|
||||
"/disk" = {neededForBoot = true;} // btrfsOptions;
|
||||
"/boot" = btrfsOptions;
|
||||
"/nix" = btrfsOptions;
|
||||
"/home/maralorn/.config/pulse" = {
|
||||
mountPoint = "/home/maralorn/.config/pulse";
|
||||
device = "/disk/persist/maralorn/.config/pulse";
|
||||
options = ["bind"];
|
||||
};
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
nixos.source = "/disk/persist/maralorn/git/config";
|
||||
|
@ -43,7 +42,7 @@ in
|
|||
};
|
||||
|
||||
systemd.services."activate-home-manager" = {
|
||||
path = [ pkgs.nix pkgs.dbus ];
|
||||
path = [pkgs.nix pkgs.dbus];
|
||||
script = ''
|
||||
if [[ -e /home/maralorn/.mode ]]; then
|
||||
MODE="$(cat /home/maralorn/.mode)"
|
||||
|
@ -56,9 +55,9 @@ in
|
|||
Type = "oneshot";
|
||||
User = "maralorn";
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
# Try to avoid race conditions, when the user get’s logged in before activation was completed.
|
||||
before = [ "display-manager.service" ];
|
||||
before = ["display-manager.service"];
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
|
@ -90,7 +89,7 @@ in
|
|||
backgroundColor = "#000000";
|
||||
};
|
||||
};
|
||||
kernelParams = [ "amdgpu.cik_support=1" ];
|
||||
kernelParams = ["amdgpu.cik_support=1"];
|
||||
initrd = {
|
||||
luks.devices."crypted-nixos" = {
|
||||
# device defined in hardware-configuration.nix
|
||||
|
@ -112,24 +111,28 @@ in
|
|||
networkmanager.enable = false;
|
||||
interfaces.enp34s0 = {
|
||||
useDHCP = true;
|
||||
ipv6.addresses = [{ address = "fdc0:1::4"; prefixLength = 64; }];
|
||||
ipv6.addresses = [
|
||||
{
|
||||
address = "fdc0:1::4";
|
||||
prefixLength = 64;
|
||||
}
|
||||
];
|
||||
};
|
||||
wireguard.interfaces = {
|
||||
m0wire = {
|
||||
allowedIPsAsRoutes = false;
|
||||
ips = [ "${hosts.zeus-wg}/112" "${hosts.vpn.zeus}/64" ];
|
||||
ips = ["${hosts.zeus-wg}/112" "${hosts.vpn.zeus}/64"];
|
||||
privateKeyFile = "/disk/persist/wireguard-private-key";
|
||||
peers = [
|
||||
{
|
||||
publicKey = wireguard.pub.hera;
|
||||
allowedIPs = [ "::/0" ];
|
||||
allowedIPs = ["::/0"];
|
||||
endpoint = "[${hosts.hera-wg-host}]:${builtins.toString wireguard.port}";
|
||||
presharedKeyFile = pkgs.privatePath "wireguard/psk";
|
||||
persistentKeepalive = 25;
|
||||
}
|
||||
];
|
||||
postSetup =
|
||||
[ "${pkgs.iproute}/bin/ip route add ${prefix}::/96 dev m0wire" ];
|
||||
postSetup = ["${pkgs.iproute}/bin/ip route add ${prefix}::/96 dev m0wire"];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -153,7 +156,10 @@ in
|
|||
services = {
|
||||
pipewire.enable = lib.mkForce false;
|
||||
fwupd.enable = true;
|
||||
printing = { enable = true; clientConf = "ServerName fluffy.lo.m-0.eu"; };
|
||||
printing = {
|
||||
enable = true;
|
||||
clientConf = "ServerName fluffy.lo.m-0.eu";
|
||||
};
|
||||
fstrim.enable = true;
|
||||
snapper = {
|
||||
configs.persist = {
|
||||
|
@ -174,13 +180,15 @@ in
|
|||
firewallFilter = "-i m0wire -p tcp -m tcp -m multiport --dports 9100,9558";
|
||||
openFirewall = true;
|
||||
};
|
||||
syncthing = {
|
||||
enable = true;
|
||||
group = "users";
|
||||
user = "maralorn";
|
||||
openDefaultPorts = true;
|
||||
configDir = "/disk/persist/syncthing";
|
||||
} // syncthing.declarativeWith [ "hera" "apollo" ] "/disk/persist/maralorn/media";
|
||||
syncthing =
|
||||
{
|
||||
enable = true;
|
||||
group = "users";
|
||||
user = "maralorn";
|
||||
openDefaultPorts = true;
|
||||
configDir = "/disk/persist/syncthing";
|
||||
}
|
||||
// syncthing.declarativeWith ["hera" "apollo"] "/disk/persist/maralorn/media";
|
||||
xserver = {
|
||||
enable = true;
|
||||
displayManager = {
|
||||
|
@ -222,7 +230,7 @@ in
|
|||
support32Bit = true;
|
||||
tcp = {
|
||||
enable = true;
|
||||
anonymousClients.allowedIpRanges = [ "127.0.0.1" "::1" ];
|
||||
anonymousClients.allowedIpRanges = ["127.0.0.1" "::1"];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,53 +1,50 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = ["kvm-amd"];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
|
||||
fileSystems."/disk" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/ac20f7bf-387e-42b0-b3df-b14163f45913";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
fileSystems."/disk" = {
|
||||
device = "/dev/disk/by-uuid/ac20f7bf-387e-42b0-b3df-b14163f45913";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."crypted-nixos".device = "/dev/disk/by-uuid/2518e0e0-c263-40bc-b378-419832dc62cc";
|
||||
|
||||
fileSystems."/nix" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/ac20f7bf-387e-42b0-b3df-b14163f45913";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=nix" ];
|
||||
};
|
||||
fileSystems."/nix" = {
|
||||
device = "/dev/disk/by-uuid/ac20f7bf-387e-42b0-b3df-b14163f45913";
|
||||
fsType = "btrfs";
|
||||
options = ["subvol=nix"];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/ac20f7bf-387e-42b0-b3df-b14163f45913";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=boot" ];
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/ac20f7bf-387e-42b0-b3df-b14163f45913";
|
||||
fsType = "btrfs";
|
||||
options = ["subvol=boot"];
|
||||
};
|
||||
|
||||
fileSystems."/boot/efi" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/C41C-0C8E";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
fileSystems."/boot/efi" = {
|
||||
device = "/dev/disk/by-uuid/C41C-0C8E";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [];
|
||||
}
|
||||
|
|
|
@ -1 +1,4 @@
|
|||
{ url = "https://github.com/5etools-mirror-1/5etools-mirror-1.github.io/releases/download/v1.150.1/5etools-v1.150.1.zip"; sha256 = "05m5s2swlgs4g21j28hxyniga8mdx0vll2wh8bxcgfaryibqw90l"; }
|
||||
{
|
||||
url = "https://github.com/5etools-mirror-1/5etools-mirror-1.github.io/releases/download/v1.150.1/5etools-v1.150.1.zip";
|
||||
sha256 = "05m5s2swlgs4g21j28hxyniga8mdx0vll2wh8bxcgfaryibqw90l";
|
||||
}
|
||||
|
|
|
@ -1,18 +1,20 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
passwordFile = pkgs.privatePath "pam-login-password";
|
||||
openssh.authorizedKeys.keys = pkgs.privateValue [ ] "ssh-keys";
|
||||
in
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
passwordFile = pkgs.privatePath "pam-login-password";
|
||||
openssh.authorizedKeys.keys = pkgs.privateValue [] "ssh-keys";
|
||||
in {
|
||||
users.users = {
|
||||
maralorn = {
|
||||
description = "maralorn";
|
||||
isNormalUser = true;
|
||||
uid = 1000;
|
||||
extraGroups =
|
||||
[ "wheel" "systemd-journal" "networkmanager" "docker" "video" ];
|
||||
extraGroups = ["wheel" "systemd-journal" "networkmanager" "docker" "video"];
|
||||
inherit openssh passwordFile;
|
||||
};
|
||||
root = { inherit openssh passwordFile; };
|
||||
root = {inherit openssh passwordFile;};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,9 @@
|
|||
{ config, pkgs, lib, ... }: {
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
services = {
|
||||
nginx = {
|
||||
enable = true;
|
||||
|
@ -25,5 +30,4 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,7 +1,10 @@
|
|||
{ lib, config, ... }:
|
||||
let secretsFile = "/var/lib/luks-secret/key";
|
||||
in
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
secretsFile = "/var/lib/luks-secret/key";
|
||||
in {
|
||||
boot = {
|
||||
initrd = {
|
||||
luks.devices."nixos" = {
|
||||
|
|
|
@ -1,29 +1,31 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
fqdn = "${config.networking.hostName}.${config.networking.domain}";
|
||||
key_dir = config.security.acme.certs."${fqdn}".directory;
|
||||
in
|
||||
{
|
||||
users.users.turnserver.extraGroups = [ "nginx" ]; # For read access to certs;
|
||||
networking.firewall =
|
||||
let
|
||||
range = [{
|
||||
in {
|
||||
users.users.turnserver.extraGroups = ["nginx"]; # For read access to certs;
|
||||
networking.firewall = let
|
||||
range = [
|
||||
{
|
||||
from = config.services.coturn.min-port;
|
||||
to = config.services.coturn.max-port;
|
||||
}];
|
||||
ports = [
|
||||
config.services.coturn.listening-port
|
||||
config.services.coturn.alt-listening-port
|
||||
config.services.coturn.tls-listening-port
|
||||
config.services.coturn.alt-tls-listening-port
|
||||
];
|
||||
in
|
||||
{
|
||||
allowedUDPPortRanges = range;
|
||||
allowedTCPPortRanges = range;
|
||||
allowedTCPPorts = ports;
|
||||
allowedUDPPorts = ports;
|
||||
};
|
||||
}
|
||||
];
|
||||
ports = [
|
||||
config.services.coturn.listening-port
|
||||
config.services.coturn.alt-listening-port
|
||||
config.services.coturn.tls-listening-port
|
||||
config.services.coturn.alt-tls-listening-port
|
||||
];
|
||||
in {
|
||||
allowedUDPPortRanges = range;
|
||||
allowedTCPPortRanges = range;
|
||||
allowedTCPPorts = ports;
|
||||
allowedUDPPorts = ports;
|
||||
};
|
||||
security.acme.certs.${fqdn} = {
|
||||
postRun = "systemctl restart coturn.service";
|
||||
};
|
||||
|
@ -37,10 +39,12 @@ in
|
|||
max-port = 52100;
|
||||
pkey = "${key_dir}/key.pem";
|
||||
cert = "${key_dir}/fullchain.pem";
|
||||
static-auth-secret = (pkgs.privateValue { turn_shared_secret = ""; }
|
||||
"matrix/server-secrets").turn_shared_secret;
|
||||
static-auth-secret =
|
||||
(pkgs.privateValue {turn_shared_secret = "";}
|
||||
"matrix/server-secrets")
|
||||
.turn_shared_secret;
|
||||
realm = fqdn;
|
||||
listening-ips = [ config.m-0.hosts.hera config.m-0.hosts.hera-v4 ];
|
||||
listening-ips = [config.m-0.hosts.hera config.m-0.hosts.hera-v4];
|
||||
extraConfig = ''
|
||||
fingerprint
|
||||
|
||||
|
|
|
@ -1,12 +1,17 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
imports = [ ../../common ./admin.nix ../../cachix.nix ];
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
imports = [../../common ./admin.nix ../../cachix.nix];
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
|
||||
# For nixos-rebuild
|
||||
nixpkgs.overlays =
|
||||
[ (_: _: (import ../../channels.nix).${config.networking.hostName}) ]
|
||||
++ import ../../overlays { inherit lib; };
|
||||
[(_: _: (import ../../channels.nix).${config.networking.hostName})]
|
||||
++ import ../../overlays {inherit lib;};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
|
@ -14,10 +19,13 @@
|
|||
firewall.allowPing = true;
|
||||
useDHCP = false;
|
||||
hosts = lib.zipAttrs
|
||||
(
|
||||
lib.mapAttrsToList (host: ip: if builtins.typeOf ip == "set" then { } else { "${ip}" = "${host} ${host}.m-0.eu"; })
|
||||
config.m-0.hosts
|
||||
);
|
||||
(
|
||||
lib.mapAttrsToList (host: ip:
|
||||
if builtins.typeOf ip == "set"
|
||||
then {}
|
||||
else {"${ip}" = "${host} ${host}.m-0.eu";})
|
||||
config.m-0.hosts
|
||||
);
|
||||
};
|
||||
|
||||
security.acme = {
|
||||
|
@ -31,38 +39,39 @@
|
|||
};
|
||||
|
||||
environment = {
|
||||
etc = lib.mapAttrs'
|
||||
(name: value: lib.nameValuePair "nix-path/${name}" { source = value; })
|
||||
(lib.filterAttrs (name: value: name != "__functor") pkgs.sources) // {
|
||||
"nix-path/nixos".source = pkgs.sources.${pkgs.nixpkgs-channel};
|
||||
"nix-path/nixpkgs".source = pkgs.sources.${pkgs.nixpkgs-channel};
|
||||
"nix-path/home-manager".source =
|
||||
pkgs.sources.${pkgs.home-manager-channel};
|
||||
};
|
||||
etc =
|
||||
lib.mapAttrs'
|
||||
(name: value: lib.nameValuePair "nix-path/${name}" {source = value;})
|
||||
(lib.filterAttrs (name: value: name != "__functor") pkgs.sources)
|
||||
// {
|
||||
"nix-path/nixos".source = pkgs.sources.${pkgs.nixpkgs-channel};
|
||||
"nix-path/nixpkgs".source = pkgs.sources.${pkgs.nixpkgs-channel};
|
||||
"nix-path/home-manager".source =
|
||||
pkgs.sources.${pkgs.home-manager-channel};
|
||||
};
|
||||
variables =
|
||||
lib.genAttrs [ "CURL_CA_BUNDLE" "GIT_SSL_CAINFO" "SSL_CERT_FILE" ]
|
||||
(_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt");
|
||||
lib.genAttrs ["CURL_CA_BUNDLE" "GIT_SSL_CAINFO" "SSL_CERT_FILE"]
|
||||
(_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt");
|
||||
};
|
||||
|
||||
system.activationScripts =
|
||||
lib.mkIf (!pkgs.withSecrets) { text = "echo No secrets loaded!; exit 1;"; };
|
||||
lib.mkIf (!pkgs.withSecrets) {text = "echo No secrets loaded!; exit 1;";};
|
||||
|
||||
nix = {
|
||||
binaryCaches = lib.mkAfter (
|
||||
pkgs.privateValue [ ] "binary-caches"
|
||||
pkgs.privateValue [] "binary-caches"
|
||||
# ++ (
|
||||
# if config.networking.hostName != "hera" then [ "ssh-ng://nix-ssh@hera.m-0.eu?trusted=true&priority=100" ] else [ ]
|
||||
# )
|
||||
);
|
||||
binaryCachePublicKeys =
|
||||
[
|
||||
"ryantrinkle.com-1:JJiAKaRv9mWgpVAz8dwewnZe0AzzEAzPkagE9SP5NWI="
|
||||
"hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
|
||||
"nixbuild.net/maralorn-1:cpqv21sJgRL+ROaKY1Gr0k7AKolAKaP3S3iemGxK/30="
|
||||
];
|
||||
nixPath = [ "/etc/nix-path" ];
|
||||
trustedUsers = [ "maralorn" "laminar" ];
|
||||
buildMachines = pkgs.privateValue [ ] "remote-builders";
|
||||
binaryCachePublicKeys = [
|
||||
"ryantrinkle.com-1:JJiAKaRv9mWgpVAz8dwewnZe0AzzEAzPkagE9SP5NWI="
|
||||
"hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
|
||||
"nixbuild.net/maralorn-1:cpqv21sJgRL+ROaKY1Gr0k7AKolAKaP3S3iemGxK/30="
|
||||
];
|
||||
nixPath = ["/etc/nix-path"];
|
||||
trustedUsers = ["maralorn" "laminar"];
|
||||
buildMachines = pkgs.privateValue [] "remote-builders";
|
||||
extraOptions = ''
|
||||
experimental-features = nix-command flakes
|
||||
fallback = true
|
||||
|
@ -70,29 +79,28 @@
|
|||
builders-use-substitutes = true
|
||||
'';
|
||||
optimise = {
|
||||
dates = [ ];
|
||||
dates = [];
|
||||
automatic = true;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services =
|
||||
let
|
||||
hosts = builtins.attrNames config.services.nginx.virtualHosts;
|
||||
makeConfig = host: {
|
||||
name = "acme-${host}";
|
||||
value = {
|
||||
serviceConfig = {
|
||||
Restart = "on-failure";
|
||||
RestartSec = 600;
|
||||
};
|
||||
unitConfig = {
|
||||
StartLimitIntervalSec = 2400;
|
||||
StartLimitBurst = 3;
|
||||
};
|
||||
systemd.services = let
|
||||
hosts = builtins.attrNames config.services.nginx.virtualHosts;
|
||||
makeConfig = host: {
|
||||
name = "acme-${host}";
|
||||
value = {
|
||||
serviceConfig = {
|
||||
Restart = "on-failure";
|
||||
RestartSec = 600;
|
||||
};
|
||||
unitConfig = {
|
||||
StartLimitIntervalSec = 2400;
|
||||
StartLimitBurst = 3;
|
||||
};
|
||||
};
|
||||
in
|
||||
{ nix-optimise.serviceConfig.Type = "oneshot"; } // builtins.listToAttrs (map makeConfig hosts);
|
||||
};
|
||||
in
|
||||
{nix-optimise.serviceConfig.Type = "oneshot";} // builtins.listToAttrs (map makeConfig hosts);
|
||||
|
||||
services = {
|
||||
logind.killUserProcesses = false;
|
||||
|
@ -100,8 +108,8 @@
|
|||
prometheus.exporters = {
|
||||
node = {
|
||||
enable = true;
|
||||
enabledCollectors = [ "systemd" "logind" ];
|
||||
disabledCollectors = [ "timex" ];
|
||||
enabledCollectors = ["systemd" "logind"];
|
||||
disabledCollectors = ["timex"];
|
||||
};
|
||||
nginx = {
|
||||
enable = config.services.nginx.enable;
|
||||
|
@ -117,9 +125,11 @@
|
|||
};
|
||||
};
|
||||
programs = {
|
||||
command-not-found.dbPath = "${builtins.fetchTarball {
|
||||
url = "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz";
|
||||
}}/programs.sqlite";
|
||||
command-not-found.dbPath = "${
|
||||
builtins.fetchTarball {
|
||||
url = "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz";
|
||||
}
|
||||
}/programs.sqlite";
|
||||
zsh = {
|
||||
enable = true;
|
||||
autosuggestions.enable = true;
|
||||
|
|
|
@ -1,9 +1,8 @@
|
|||
{ ... }: {
|
||||
{...}: {
|
||||
services.earlyoom = {
|
||||
enableNotifications = true;
|
||||
freeSwapThreshold = 100;
|
||||
freeMemThreshold = 5;
|
||||
enable = true;
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
elementConfig = {
|
||||
default_server_config."m.homeserver" = {
|
||||
server_name = "maralorn.de";
|
||||
|
@ -8,20 +11,17 @@ let
|
|||
};
|
||||
integrations_ui_url = "";
|
||||
integgrations_rest_url = "";
|
||||
integrations_widgets_urls = [ ];
|
||||
roomDirectory.servers = [ "matrix.org" "maralorn.de" ];
|
||||
branding.welcomeBackgroundUrl =
|
||||
"https://cloud.maralorn.de/apps/theming/image/background";
|
||||
integrations_widgets_urls = [];
|
||||
roomDirectory.servers = ["matrix.org" "maralorn.de"];
|
||||
branding.welcomeBackgroundUrl = "https://cloud.maralorn.de/apps/theming/image/background";
|
||||
};
|
||||
in
|
||||
{
|
||||
in {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."element.maralorn.de" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = pkgs.element-web.override (old: { conf = elementConfig; });
|
||||
root = pkgs.element-web.override (old: {conf = elementConfig;});
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
default_mailbox = {
|
||||
MailboxName = "<missing>";
|
||||
MatrixRoomId = "<missing>";
|
||||
|
@ -11,36 +14,37 @@ let
|
|||
SkipMarkdown = false;
|
||||
};
|
||||
email2matrix-config = pkgs.writeText "email2matrix-config.json"
|
||||
(builtins.toJSON {
|
||||
Smtp = {
|
||||
ListenInterface = "[::1]:2525";
|
||||
Hostname = "email2matrix.maralorn.de";
|
||||
Workers = 10;
|
||||
};
|
||||
Matrix = {
|
||||
Mappings = [
|
||||
(default_mailbox // {
|
||||
MailboxName = "notify";
|
||||
MatrixRoomId = "!kTKVQjRwxjaoMQmcve:maralorn.de";
|
||||
})
|
||||
(default_mailbox // {
|
||||
MailboxName = "subjects";
|
||||
MatrixRoomId = "!kTKVQjRwxjaoMQmcve:maralorn.de";
|
||||
IgnoreBody = true;
|
||||
})
|
||||
(default_mailbox // {
|
||||
MailboxName = "weather";
|
||||
MatrixRoomId = "!ELeFcSrHXgMqOmwnxg:maralorn.de";
|
||||
})
|
||||
];
|
||||
};
|
||||
Misc = { Debug = true; };
|
||||
});
|
||||
in
|
||||
{
|
||||
(builtins.toJSON {
|
||||
Smtp = {
|
||||
ListenInterface = "[::1]:2525";
|
||||
Hostname = "email2matrix.maralorn.de";
|
||||
Workers = 10;
|
||||
};
|
||||
Matrix = {
|
||||
Mappings = [
|
||||
(default_mailbox
|
||||
// {
|
||||
MailboxName = "notify";
|
||||
MatrixRoomId = "!kTKVQjRwxjaoMQmcve:maralorn.de";
|
||||
})
|
||||
(default_mailbox
|
||||
// {
|
||||
MailboxName = "subjects";
|
||||
MatrixRoomId = "!kTKVQjRwxjaoMQmcve:maralorn.de";
|
||||
IgnoreBody = true;
|
||||
})
|
||||
(default_mailbox
|
||||
// {
|
||||
MailboxName = "weather";
|
||||
MatrixRoomId = "!ELeFcSrHXgMqOmwnxg:maralorn.de";
|
||||
})
|
||||
];
|
||||
};
|
||||
Misc = {Debug = true;};
|
||||
});
|
||||
in {
|
||||
systemd.services.email2matrix = {
|
||||
script =
|
||||
"${pkgs.email2matrix}/bin/devture-email2matrix --config ${email2matrix-config}";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
script = "${pkgs.email2matrix}/bin/devture-email2matrix --config ${email2matrix-config}";
|
||||
wantedBy = ["multi-user.target"];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
pkgs = import (import ../../nix/sources.nix)."nixos-19.09" { };
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
pkgs = import (import ../../nix/sources.nix)."nixos-19.09" {};
|
||||
|
||||
cfg = config.services.firefox.syncserver;
|
||||
|
||||
|
@ -35,12 +36,10 @@ let
|
|||
|
||||
user = "syncserver";
|
||||
group = "syncserver";
|
||||
in
|
||||
in {
|
||||
disabledModules = ["services/networking/firefox/sync-server.nix"];
|
||||
|
||||
{
|
||||
disabledModules = [ "services/networking/firefox/sync-server.nix" ];
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ nadrieril ];
|
||||
meta.maintainers = with lib.maintainers; [nadrieril];
|
||||
|
||||
options = {
|
||||
services.firefox.syncserver = {
|
||||
|
@ -132,14 +131,13 @@ in
|
|||
};
|
||||
|
||||
config = {
|
||||
|
||||
systemd.services.syncserver = {
|
||||
after = [ "network.target" ];
|
||||
after = ["network.target"];
|
||||
description = "Firefox Sync Server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
path = [
|
||||
pkgs.coreutils
|
||||
(pkgs.python.withPackages (ps: [ pkgs.syncserver ps.gunicorn ]))
|
||||
(pkgs.python.withPackages (ps: [pkgs.syncserver ps.gunicorn]))
|
||||
];
|
||||
|
||||
serviceConfig = {
|
||||
|
@ -148,30 +146,32 @@ in
|
|||
PermissionsStartOnly = true;
|
||||
};
|
||||
|
||||
preStart = ''
|
||||
if ! test -e ${cfg.privateConfig}; then
|
||||
mkdir -p $(dirname ${cfg.privateConfig})
|
||||
echo > ${cfg.privateConfig} '[syncserver]'
|
||||
preStart =
|
||||
''
|
||||
if ! test -e ${cfg.privateConfig}; then
|
||||
mkdir -p $(dirname ${cfg.privateConfig})
|
||||
echo > ${cfg.privateConfig} '[syncserver]'
|
||||
chmod 600 ${cfg.privateConfig}
|
||||
echo >> ${cfg.privateConfig} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')"
|
||||
fi
|
||||
chmod 600 ${cfg.privateConfig}
|
||||
echo >> ${cfg.privateConfig} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')"
|
||||
fi
|
||||
chmod 600 ${cfg.privateConfig}
|
||||
chmod 755 $(dirname ${cfg.privateConfig})
|
||||
chown ${user}:${group} ${cfg.privateConfig}
|
||||
chmod 755 $(dirname ${cfg.privateConfig})
|
||||
chown ${user}:${group} ${cfg.privateConfig}
|
||||
|
||||
'' + optionalString (cfg.sqlUri == defaultSqlUri) ''
|
||||
if ! test -e $(dirname ${defaultDbLocation}); then
|
||||
mkdir -m 700 -p $(dirname ${defaultDbLocation})
|
||||
chown ${user}:${group} $(dirname ${defaultDbLocation})
|
||||
fi
|
||||
''
|
||||
+ optionalString (cfg.sqlUri == defaultSqlUri) ''
|
||||
if ! test -e $(dirname ${defaultDbLocation}); then
|
||||
mkdir -m 700 -p $(dirname ${defaultDbLocation})
|
||||
chown ${user}:${group} $(dirname ${defaultDbLocation})
|
||||
fi
|
||||
|
||||
# Move previous database file if it exists
|
||||
oldDb="/var/db/firefox-sync-server.db"
|
||||
if test -f $oldDb; then
|
||||
mv $oldDb ${defaultDbLocation}
|
||||
chown ${user}:${group} ${defaultDbLocation}
|
||||
fi
|
||||
'';
|
||||
# Move previous database file if it exists
|
||||
oldDb="/var/db/firefox-sync-server.db"
|
||||
if test -f $oldDb; then
|
||||
mv $oldDb ${defaultDbLocation}
|
||||
chown ${user}:${group} ${defaultDbLocation}
|
||||
fi
|
||||
'';
|
||||
|
||||
script = ''
|
||||
gunicorn --paste ${syncServerIni}
|
||||
|
@ -183,7 +183,7 @@ in
|
|||
isSystemUser = true;
|
||||
};
|
||||
|
||||
users.groups.${group} = { };
|
||||
users.groups.${group} = {};
|
||||
|
||||
services = {
|
||||
firefox.syncserver = {
|
||||
|
@ -205,6 +205,5 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,36 +1,45 @@
|
|||
{ config, pkgs, lib, ... }: {
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
fonts = {
|
||||
fontconfig = {
|
||||
enable = true;
|
||||
cache32Bit = true;
|
||||
defaultFonts = {
|
||||
monospace = [ "JetBrainsMono Nerd Font" "DejaVu Sans Mono" ];
|
||||
sansSerif = [ "B612" "DejaVu Sans" ];
|
||||
serif = [ "Libertinus" "DejaVu Serif" ];
|
||||
monospace = ["JetBrainsMono Nerd Font" "DejaVu Sans Mono"];
|
||||
sansSerif = ["B612" "DejaVu Sans"];
|
||||
serif = ["Libertinus" "DejaVu Serif"];
|
||||
};
|
||||
};
|
||||
enableDefaultFonts = true;
|
||||
#fontDir.enable = true;
|
||||
fonts = builtins.attrValues {
|
||||
inherit (pkgs)
|
||||
nerdfonts# For all my terminal needs.
|
||||
libertinus# nice text font
|
||||
material-icons# icons in my app
|
||||
b612; # sans font, very good for displays
|
||||
inherit
|
||||
(pkgs)
|
||||
nerdfonts
|
||||
# For all my terminal needs.
|
||||
libertinus
|
||||
# nice text font
|
||||
material-icons
|
||||
# icons in my app
|
||||
b612
|
||||
; # sans font, very good for displays
|
||||
};
|
||||
};
|
||||
|
||||
# create a cache of the font sources, often slow internet connections make it painful to
|
||||
# re-download them after a few months
|
||||
environment.etc =
|
||||
let
|
||||
# fonts with src attributes
|
||||
font_sources = map (v: v.src) (lib.filter (v: v ? src) config.fonts.fonts);
|
||||
in
|
||||
environment.etc = let
|
||||
# fonts with src attributes
|
||||
font_sources = map (v: v.src) (lib.filter (v: v ? src) config.fonts.fonts);
|
||||
in
|
||||
builtins.listToAttrs (lib.imap0
|
||||
(n: v:
|
||||
lib.nameValuePair "src-cache/fonts/${toString n}" {
|
||||
source = builtins.toPath v;
|
||||
})
|
||||
font_sources);
|
||||
(n: v:
|
||||
lib.nameValuePair "src-cache/fonts/${toString n}" {
|
||||
source = builtins.toPath v;
|
||||
})
|
||||
font_sources);
|
||||
}
|
||||
|
|
|
@ -1,5 +1,9 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
name = "foundryvtt";
|
||||
stateDir = "/var/lib/${name}";
|
||||
dataDir = "${stateDir}/data";
|
||||
|
@ -15,11 +19,10 @@ let
|
|||
updateChannel = "release";
|
||||
};
|
||||
declarativeConfigFile = builtins.toFile "foundry-options.json" (builtins.toJSON config);
|
||||
in
|
||||
{
|
||||
in {
|
||||
config = {
|
||||
systemd.services.${name} = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
description = "Foundryvtt server";
|
||||
preStart = ''
|
||||
mkdir -p ${dataDir}
|
||||
|
@ -55,7 +58,7 @@ in
|
|||
enableACME = true;
|
||||
locations = {
|
||||
"/rules/" = {
|
||||
alias = "${pkgs.fetchzip (import ./5etools-url.nix // { stripRoot = false;})}/";
|
||||
alias = "${pkgs.fetchzip (import ./5etools-url.nix // {stripRoot = false;})}/";
|
||||
index = "index.html";
|
||||
};
|
||||
"/" = {
|
||||
|
|
|
@ -1,15 +1,19 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
gitoliteCfg = config.services.gitolite;
|
||||
post-update = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "post-update";
|
||||
bins = [ pkgs.git pkgs.laminar ];
|
||||
imports = [
|
||||
"System.Environment (lookupEnv)"
|
||||
"System.Directory (withCurrentDirectory)"
|
||||
];
|
||||
} ''
|
||||
{
|
||||
name = "post-update";
|
||||
bins = [pkgs.git pkgs.laminar];
|
||||
imports = [
|
||||
"System.Environment (lookupEnv)"
|
||||
"System.Directory (withCurrentDirectory)"
|
||||
];
|
||||
} ''
|
||||
checkout :: String -> IO FilePath
|
||||
checkout path = do
|
||||
(decodeUtf8 -> repoDir) <- mktemp "-d" |> captureTrim
|
||||
|
@ -88,14 +92,13 @@ let
|
|||
project-list=/var/lib/gitolite/projects.list
|
||||
scan-path=/var/lib/gitolite/repositories
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
systemd.tmpfiles.rules =
|
||||
lib.mkAfter
|
||||
[
|
||||
"z ${gitoliteCfg.dataDir}/.ssh/id_ed25519 0600 ${gitoliteCfg.user} ${gitoliteCfg.group} - -"
|
||||
"v /var/cache/cgit 0700 cgit ${gitoliteCfg.group} - -"
|
||||
];
|
||||
[
|
||||
"z ${gitoliteCfg.dataDir}/.ssh/id_ed25519 0600 ${gitoliteCfg.user} ${gitoliteCfg.group} - -"
|
||||
"v /var/cache/cgit 0700 cgit ${gitoliteCfg.group} - -"
|
||||
];
|
||||
users.users.cgit = {
|
||||
isSystemUser = true;
|
||||
group = gitoliteCfg.group;
|
||||
|
@ -119,8 +122,8 @@ in
|
|||
gitolite = {
|
||||
enable = true;
|
||||
user = "git";
|
||||
adminPubkey = builtins.elemAt (pkgs.privateValue [ "" ] "ssh-keys") 0;
|
||||
commonHooks = [ "${post-update}/bin/post-update" ];
|
||||
adminPubkey = builtins.elemAt (pkgs.privateValue [""] "ssh-keys") 0;
|
||||
commonHooks = ["${post-update}/bin/post-update"];
|
||||
extraGitoliteRc = ''
|
||||
$RC{UMASK} = 0027;
|
||||
$RC{GIT_CONFIG_KEYS} = 'gitweb\..*';
|
||||
|
@ -157,5 +160,4 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,28 +1,33 @@
|
|||
{ pkgs, config, ... }: {
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
#imports = [ modules/go-neb.nix ];
|
||||
|
||||
services.go-neb = {
|
||||
enable = true;
|
||||
baseUrl = "http://localhost";
|
||||
config = {
|
||||
clients = [{
|
||||
UserId = "@marabot:maralorn.de";
|
||||
AccessToken = pkgs.privateValue "" "matrix/marabot-token";
|
||||
HomeServerUrl = "https://matrix.maralorn.de";
|
||||
Sync = true;
|
||||
AutoJoinRooms = true;
|
||||
DisplayName = "marabot";
|
||||
}];
|
||||
realms = [ ];
|
||||
sessions = [ ];
|
||||
clients = [
|
||||
{
|
||||
UserId = "@marabot:maralorn.de";
|
||||
AccessToken = pkgs.privateValue "" "matrix/marabot-token";
|
||||
HomeServerUrl = "https://matrix.maralorn.de";
|
||||
Sync = true;
|
||||
AutoJoinRooms = true;
|
||||
DisplayName = "marabot";
|
||||
}
|
||||
];
|
||||
realms = [];
|
||||
sessions = [];
|
||||
services = [
|
||||
{
|
||||
ID = "alertmanager_service";
|
||||
Type = "alertmanager";
|
||||
UserId = "@marabot:maralorn.de";
|
||||
Config = {
|
||||
webhook_url =
|
||||
"http://localhost:4050/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2UK";
|
||||
webhook_url = "http://localhost:4050/services/hooks/YWxlcnRtYW5hZ2VyX3NlcnZpY2UK";
|
||||
rooms = {
|
||||
"!negVsngnYOmXYCLKiO:maralorn.de" = {
|
||||
text_template = ''
|
||||
|
@ -38,5 +43,4 @@
|
|||
];
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,34 +1,38 @@
|
|||
{ pkgs, lib, ... }:
|
||||
let
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
src = pkgs.fetchurl {
|
||||
url = "https://github.com/zgoat/goatcounter/releases/download/v2.0.4/goatcounter-v2.0.4-linux-amd64.gz";
|
||||
sha256 = "1h7hv5lk2gm3klbfbgwfa7xn31az9zmlryd8bqqq38lp5r56cpb4";
|
||||
};
|
||||
goatcounter-bin = pkgs.runCommand "goatcounter-bin" { } ''
|
||||
goatcounter-bin = pkgs.runCommand "goatcounter-bin" {} ''
|
||||
mkdir -p $out/bin
|
||||
gunzip -c ${src} > $out/bin/goatcounter
|
||||
chmod +x $out/bin/goatcounter
|
||||
'';
|
||||
goatcounter-token = pkgs.privateValue "" "goatcounter-token";
|
||||
in
|
||||
{
|
||||
environment.systemPackages = [ goatcounter-bin ];
|
||||
in {
|
||||
environment.systemPackages = [goatcounter-bin];
|
||||
users = {
|
||||
users.goatcounter = {
|
||||
isSystemUser = true;
|
||||
group = "goatcounter";
|
||||
};
|
||||
groups.goatcounter = { };
|
||||
groups.goatcounter = {};
|
||||
};
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
ensureUsers = [{
|
||||
name = "goatcounter";
|
||||
ensurePermissions = {
|
||||
"DATABASE goatcounter" = "ALL PRIVILEGES";
|
||||
};
|
||||
}];
|
||||
ensureDatabases = [ "goatcounter" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "goatcounter";
|
||||
ensurePermissions = {
|
||||
"DATABASE goatcounter" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
ensureDatabases = ["goatcounter"];
|
||||
};
|
||||
services.nginx = {
|
||||
appendHttpConfig = lib.mkAfter ''
|
||||
|
@ -45,8 +49,8 @@ in
|
|||
};
|
||||
systemd.services = {
|
||||
goatcounter = {
|
||||
requires = [ "postgresql.service" ];
|
||||
after = [ "postgresql.service" ];
|
||||
requires = ["postgresql.service"];
|
||||
after = ["postgresql.service"];
|
||||
serviceConfig = {
|
||||
User = "goatcounter";
|
||||
ExecStart = "${goatcounter-bin}/bin/goatcounter serve -db 'postgresql://host=/run/postgresql dbname=goatcounter' -listen *:8081 -tls http -automigrate";
|
||||
|
@ -54,11 +58,11 @@ in
|
|||
WatchdogSec = "20m";
|
||||
Restart = "always";
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
};
|
||||
goatcounter-feeder = {
|
||||
requires = [ "goatcounter.service" ];
|
||||
after = [ "goatcounter.service" ];
|
||||
requires = ["goatcounter.service"];
|
||||
after = ["goatcounter.service"];
|
||||
serviceConfig = {
|
||||
User = "nginx";
|
||||
Type = "oneshot";
|
||||
|
@ -78,7 +82,7 @@ in
|
|||
systemd.timers = {
|
||||
goatcounter-feeder = {
|
||||
timerConfig.OnCalendar = "minutely";
|
||||
wantedBy = [ "timers.target" ];
|
||||
wantedBy = ["timers.target"];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,13 +1,11 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
nur = import pkgs.sources.hexa-nur-packages { };
|
||||
{pkgs, ...}: let
|
||||
nur = import pkgs.sources.hexa-nur-packages {};
|
||||
|
||||
mkLovelaceModule = name: {
|
||||
url = "custom/${name}.js?${nur.hassLovelaceModules."${name}".version}";
|
||||
type = "module";
|
||||
};
|
||||
in
|
||||
{
|
||||
in {
|
||||
systemd.tmpfiles.rules = [
|
||||
# Lovelace Cards
|
||||
"d /run/hass 0700 nginx nginx"
|
||||
|
@ -32,4 +30,3 @@ in
|
|||
];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ lib: rec {
|
|||
${default}
|
||||
{% endif %}
|
||||
'';
|
||||
if' = condition: ifTrue: ifFalse: case ifFalse { ${condition} = ifTrue; };
|
||||
if' = condition: ifTrue: ifFalse: case ifFalse {${condition} = ifTrue;};
|
||||
or = lhs: rhs: "(${lhs} or ${rhs})";
|
||||
and = lhs: rhs: "(${lhs} and ${rhs})";
|
||||
isState = entity: state: "is_state('${entity}','${state}')";
|
||||
|
|
|
@ -1,30 +1,28 @@
|
|||
lib:
|
||||
let
|
||||
lib: let
|
||||
# name refers to an internal name
|
||||
# title refers to a human readable name
|
||||
# mode = { name, title, options = { <option_name> : { title , icon } } }
|
||||
in
|
||||
rec {
|
||||
in rec {
|
||||
jinja = import ./jinja.nix lib;
|
||||
tap_actions =
|
||||
let
|
||||
fromServiceAction = action:
|
||||
{
|
||||
action = "call-service";
|
||||
inherit (action) service;
|
||||
service_data = action.data or { } // {
|
||||
inherit (action) entity_id;
|
||||
};
|
||||
tap_actions = let
|
||||
fromServiceAction = action: {
|
||||
action = "call-service";
|
||||
inherit (action) service;
|
||||
service_data =
|
||||
action.data
|
||||
or {}
|
||||
// {
|
||||
inherit (action) entity_id;
|
||||
};
|
||||
in
|
||||
{
|
||||
setMode = mode: option: fromServiceAction (actions.setMode mode option);
|
||||
cycleMode = mode: fromServiceAction (actions.cycleMode mode);
|
||||
};
|
||||
in {
|
||||
setMode = mode: option: fromServiceAction (actions.setMode mode option);
|
||||
cycleMode = mode: fromServiceAction (actions.cycleMode mode);
|
||||
};
|
||||
actions = {
|
||||
notify = message: {
|
||||
service = "notify.notify";
|
||||
data = { inherit message; };
|
||||
data = {inherit message;};
|
||||
};
|
||||
cycleMode = mode: {
|
||||
service = "input_select.select_next";
|
||||
|
@ -32,63 +30,68 @@ rec {
|
|||
};
|
||||
setMode = mode: option: {
|
||||
service = "input_select.select_option";
|
||||
data = { inherit option; };
|
||||
data = {inherit option;};
|
||||
entity_id = util.modeSelectEntity mode;
|
||||
};
|
||||
};
|
||||
util = rec {
|
||||
mkIcon = name: "mdi:${name}";
|
||||
mkMode = name: options: { inherit name options; };
|
||||
mkMode = name: options: {inherit name options;};
|
||||
modeSelectEntity = mode: "input_select.${modeSelectName mode}";
|
||||
modeSelectName = mode: "mode_${mode.name}";
|
||||
modeBinarySensorName = mode: option: "${modeSelectName mode}_is_${option}";
|
||||
modeBinarySensorEntity = mode: option: "binary_sensor.${modeBinarySensorName mode option}";
|
||||
};
|
||||
triggers = rec {
|
||||
stateTrigger = entity: { platform = "state"; entity_id = entity; };
|
||||
stateTrigger = entity: {
|
||||
platform = "state";
|
||||
entity_id = entity;
|
||||
};
|
||||
modeSwitchTrigger = mode: stateTrigger (util.modeSelectEntity mode);
|
||||
};
|
||||
conditions = {
|
||||
modeIs = mode: option: { condition = "state"; entity_id = util.modeSelectEntity mode; state = option; };
|
||||
modeIs = mode: option: {
|
||||
condition = "state";
|
||||
entity_id = util.modeSelectEntity mode;
|
||||
state = option;
|
||||
};
|
||||
};
|
||||
modules = rec {
|
||||
mkHAConfig = attrs: {
|
||||
services.home-assistant.config = attrs;
|
||||
};
|
||||
mkModeSwitcher = mode: attrs: { ... }:
|
||||
let
|
||||
options = builtins.attrNames mode.options;
|
||||
in
|
||||
mkModeSwitcher = mode: attrs: {...}: let
|
||||
options = builtins.attrNames mode.options;
|
||||
in
|
||||
mkHAConfig {
|
||||
input_select.${util.modeSelectName mode} = {
|
||||
inherit options;
|
||||
name = mode.title;
|
||||
} // attrs;
|
||||
input_select.${util.modeSelectName mode} =
|
||||
{
|
||||
inherit options;
|
||||
name = mode.title;
|
||||
}
|
||||
// attrs;
|
||||
template = builtins.map (templates.binarySensorForMode mode) options;
|
||||
};
|
||||
};
|
||||
cards = {
|
||||
modeSwitcher = mode:
|
||||
let
|
||||
mkEntity = optionName: option:
|
||||
{
|
||||
entity = util.modeBinarySensorEntity mode optionName;
|
||||
name = option.title;
|
||||
inherit (option) icon;
|
||||
tap_action = tap_actions.setMode mode optionName;
|
||||
};
|
||||
in
|
||||
{
|
||||
type = "glance";
|
||||
inherit (mode) title;
|
||||
columns = builtins.length (builtins.attrNames mode.options);
|
||||
show_state = false;
|
||||
entities = lib.mapAttrsToList mkEntity mode.options;
|
||||
modeSwitcher = mode: let
|
||||
mkEntity = optionName: option: {
|
||||
entity = util.modeBinarySensorEntity mode optionName;
|
||||
name = option.title;
|
||||
inherit (option) icon;
|
||||
tap_action = tap_actions.setMode mode optionName;
|
||||
};
|
||||
in {
|
||||
type = "glance";
|
||||
inherit (mode) title;
|
||||
columns = builtins.length (builtins.attrNames mode.options);
|
||||
show_state = false;
|
||||
entities = lib.mapAttrsToList mkEntity mode.options;
|
||||
};
|
||||
};
|
||||
templates = rec {
|
||||
binarySensor = state: attrs: { binary_sensor = [ ({ inherit state; } // attrs) ]; };
|
||||
binarySensor = state: attrs: {binary_sensor = [({inherit state;} // attrs)];};
|
||||
binarySensorFromCondition = condition: binarySensor (jinja.if' condition "1" "0");
|
||||
binarySensorForMode = mode: option: binarySensorFromCondition (jinja.isState (util.modeSelectEntity mode) option) { name = util.modeBinarySensorName mode option; };
|
||||
binarySensorForMode = mode: option: binarySensorFromCondition (jinja.isState (util.modeSelectEntity mode) option) {name = util.modeBinarySensorName mode option;};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,12 +1,10 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
{pkgs, ...}: let
|
||||
serverPath = "/var/cache/gc-links/kassandra-server";
|
||||
in
|
||||
{
|
||||
in {
|
||||
systemd.services.kassandra = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
description = "Kassandra Server";
|
||||
path = [ pkgs.coreutils pkgs.taskwarrior ];
|
||||
path = [pkgs.coreutils pkgs.taskwarrior];
|
||||
serviceConfig = {
|
||||
WorkingDirectory = serverPath;
|
||||
ExecStart = "${serverPath}/backend -b '::1' ";
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue