From 59ef569e0e015e299ea2f9eaafb81ae7e0d395f1 Mon Sep 17 00:00:00 2001 From: Malte Brandy Date: Mon, 25 Nov 2019 02:09:57 +0100 Subject: [PATCH] Update pass and upgrade to sway --- common/secret/default.nix | Bin 4686 -> 4697 bytes home/default.nix | 2 +- home/desktop/default.nix | 248 +++++++++---- home/desktop/i3.nix | 215 ----------- home/desktop/ssh-agent.nix | 2 +- home/desktop/status-monitoring.toml | 57 +++ home/desktop/status.toml | 35 ++ home/desktop/sway.config | 28 ++ home/zsh/zshrc | 7 + hosts/apollo/configuration.nix | 7 - hosts/apollo/home.nix | 2 +- hosts/apollo/secret/jaliconfig.py | Bin 1976 -> 925 bytes hosts/hera/cloud.nix | 5 +- hosts/hera/nextcloud.nix | 558 ---------------------------- hosts/hera/nextcloud.xml | 115 ------ lib/default.nix | 1 + pkgs/default.nix | 26 +- pkgs/nvim/vimrc | 2 +- system/modules/laptop.nix | 39 +- system/standalone/admin.nix | 3 +- 20 files changed, 339 insertions(+), 1013 deletions(-) delete mode 100644 home/desktop/i3.nix create mode 100644 home/desktop/status-monitoring.toml create mode 100644 home/desktop/status.toml create mode 100644 home/desktop/sway.config delete mode 100644 hosts/hera/nextcloud.nix delete mode 100644 hosts/hera/nextcloud.xml diff --git a/common/secret/default.nix b/common/secret/default.nix index 430b36caf8898c2c20bdb839b1a2d9457f27a650..484f249cb0599713465f42c529ecbae3a9b43f5a 100644 GIT binary patch literal 4697 zcmV-f5~l3{M@dveQdv+`0I+gG4`uVlBZEb24XI$*&Nc-qWxcn43x4;7f;a^B*4~Kz zBJ>xy@EeJ(E_tSyHY)Sz#@Ec>I@=5Z#lR^4KzOV@lDOsLxLZu9$Y%CQX`f~J!?9kZJ{qR7b`cEy z{=#QsOpTSH5NcqVn-2inkc9uR)W|G)4JI2YF{?MaDLlYse7rfj|9Bub=n{ z>q>LXBPm9gz`VCk3rk`ULeVJ$!dddvgN+6E{ao@1@d4LQvm|NP*@K2P7{zE{KNTxN zE0zkl8$pw%Z5|7YzXzxN_W%zx1zVCvd4|9RKV&}@X^@tspnub{?=pvDo9On7DEKmP zd7_I>iX3R{t15LyYrz|kYraz^ ze9vJoJZssC9D@e&9?j0!RX%Ho_AW4S+TQ$a70P3OS=|V zpMm4ADbfco^HFEem-*M|$g$9aenq!f>61v^+DJRMbK%c4?CKx6n2)>*836kZz;WMw{5XoK=w!K`;| zcjxO=I?o^aX~`Zt)${>TyR`(9ZAfAcs~LpP#ZZ1W`vq)wRgn9rCUj^m2^lZkEWJF6CLmlxo=re-8^NlRBj+k8-_)tfI*{3PDxa$~4P+8Ae?9(tIQVFTs?@jyTBgtX}&A+aA0# zGB;Z6!*aRpG)W5qo%M>a^*U=O9AbZJO4y!(+H=NDfm~~za+RI#kb*)8Q7kUHh|*?W z6h5dg62*ln$|)kXD&mSc{q&Il^59G(uxX(#SUp|wY?9f0O>{yn^T5~vy(ZMXC4C5b zS4zuW;~EOwAG;qC`qLaIY_J#`31IO8=KHtFv5|PZylJZ{8tEV>4k_#XaA#+sftpwL z^drZgI-D-cEjE-O6p{EpY;Sl~N4rh%OlEPsDEwP>DRdS3vmB?KZ}p3VYitrE%=>7c<(4VmUQ$ONN9Y6~Aqt1}<9Q1Q%&~r&q$=8);j-)$h zon_KU6ZEBqhVZD8xUoVZOuOESTN;YXT6p+1CPr&VtnhVez5xFMz zD7J;_m+RYnn3c6iaZ&vARv(*gH%>)O-a!s8@TAV3!RoCKmUl=O@-`(xRXJFQTJHNz z13_tFdldesPqHb&i3}Y_=yQPnz2c^&`ojao9-;w)_ier(1!4B53WF=8+GwrsOurK7 z^wv=jOHBtDMkWGJ3vkj=P=4F8veh;F^Z46=LBcD_=7x0*O7;gHWNlw<0mTiq8W$<0 zfk*~_hllVSU{K#7=&93x5NzJa^aTrbe}TM8lRl*d&S-{<2qQBiifJDomXr+-1rTG6X%L4Nc>l%!+ri5vRs|RHdi#tb;I~>}xkn*l2n*MAz7ib~$ zteXi&fpT^Wwj>Fsg)8}2&vZ4m62OZ-2egdVaiGuv=gCeSgNw9z=@!CAM5Uuz+j%4|a$7|GU{mY29o>v@Bm^4V@th8ei%j z^V>tWzM*&xn?EXyF3A4#ytTO#E++|?irS568Wv#J#NvX}5igPE4(g3hF{2R{izRMQ z9?l|%#STjxEFF_U)m^{~W7#hpAQE_oI14)76ApHizf*t@X|~8F#?)#$2scpX#EXLS zn>7k~U_Wi6Mshz`2nC>eQmstWgjf$`+CZ&Slb~p63v?fCOv!=o;3*_q79?f5SJe%N zW@dJqIA4S)G~tz1_mT(dNwz7k|BpL3z~M8aEc+ILS9E0{q>hfwkqZ2Hu;inr_b||V z<{=QkBDScOhgb;9R(k#5Lc3iFfnLVO?u_ zb1LUSEJm_Q3L#{V2f-5>G1-2!SWT=WaYda9w*`8~Atzs)NWdo$)_hEh;Hk#E)w@ z?l6bYMHU#DO*}xd46&tT^~+;I&r{fPzL&6EDa|aGb%a(%P3JSMqfnY=XR`2FyjreuYvmlIgWCvbgMxV6mLbvT|ofc|0=howXzrB+MmlR&Zc5{sv9z z3ftd)$-_Ka$NL+<$;j7WNjyQ&A8?(d;XOAKM{7ci>5sCCASBWZVCew)uTNH*lv*gf zLAao)w+E5#LG3y&VPb~7`)kwr+JEra167|9PhJ*Xu_w_dS=~cf?Rj1jAncsd3cz@T zKs}JNhqi>(+#Ei?GPX)Yp^7=PLU3-we3UY;btglOU?~gEoR{7Nz!_hRtS@6=)gle- zZUrA~8E0&nl#!-(6SM;z+oO8i{@$0F|5v3&%U$X_;SleBmjz6ihL*;4__cvEPcG2qfF!%69Cyf0hku^C+icW41bAO>KKJl@AZ-DF*R40>f0A-j?PHW*=Qs+hKbI>R|Dw{?ub@a9Tvp=5ABe=?$GkwWkdW6v-K0g zp|~7hn!O|F|3Bng$x{o%N}Uuw+|As1Oc9XxVra@1sFv{Ko|_rIQMw%vF-5PUC$?L9(Cd|n=%qomngZ9&(; z#V+&<%G&qMc_6IjJ^df{X8ChaR{b;mjnq6#ZgDEX^Sg2DHD3a^F z!6}L292ziiPva!S`_Jh&a4SFr9UdeY5{Ryhm@OVz1LDK4+P z+wQ@@SBzmTxVEdQnJ?lzEM!s2pSd{=JhuTR{Vzb ztjLcV1FZAI(^9t?6n`V&G>4}WleUrSx!2uAqF@INwJJ`-0gd4D33kQWau1bZbR1Zg zGs+a7KzGnP7Map>f#?!FlOt=+E1LbJ^NL~u8fd?`Bu`MK9KX~L_?y1K+YNT}y zDY`w7XveJHwmHVXC3O*(%!&EM@>`p!Lvh=^MEGb-6wW*trH=t%XG^1qHl*tY$u7-t zO87j4`|5^^x&;u1jFztvuHX}RPWk;E5xSjp{qFe>jI0qA zIc&V$&-IV8LdgBja?%E4>X)~}7_jY>yU%QnO+<{-%eH+n{vulFXA+KmQRTSu_7jD0 zBim(;8V;^|nY7WWy~UQn31+g7j*%YN@(O?K+! zNXN)Gk*6JDHj>TL^igSMt=hDi|D|r<0ad@(@%&Lw3kIGvjFAqud)BOhK+*>|^vsrm zMHUZ{hz(acPUb*A!r4!)Fgd82y(V)S%23Y8w$a|<7>*>Yu0-kX_p#heqblTWxV5ye zq9dWOErPynNo^ypV~Df;_ppK~E>NkStE;(gU!c*N+OI40jJvo}5_Kjyz|H>rTe?uVNEbV|ZRiZo?rx0gQ1Q zWd@qS-mz_7EDcdN9v)G$6XdV+IpvGgtXfZ@y}l!mJSrly!w&07uez5ssEW!o6DZFB zaPcgqQpb)%_IFz`nvj?Bu${z$Gdq-$`U4s0#)=AD&P+0wGuT1B80h}keZ2^2ynVT6Gkz6DsO@&jpKU#`@S=z@~ z`MT#J_t#sAJ=htj$Q;O;iNw+Re2_C$b$6%sxKG_)UF6;MD-5yBpmxhN`R>HaJDkSKGb4+Tj?&wBJCsn8RQEq literal 4686 zcmV-U60z+7M@dveQdv+`00m8~GL}P}EAS+R8k90V`|wp#84yN$-T({xmD5x^7gp=8 zyvHE}nj?D=5WO31fm7A3iOjY*VKY@=9}pA<4c>R3uw26m{}k0@CrXma&iB`s)I^L} zd1K1h>5Z)GsK^NZ_Ghf1@M{}Ji;ukGfz;Oo8i9qlohU42&?ibyj1^KWQdcX4M_hO~)iyNde0M=6bp%5x z!83$UrjQqef!~NPWDSd@e0_7t-i}2`z_xN5$w1Qf7P&*^E2=P8a}g#enBk0RO)pnU zasfjmFqS7y7fp)y2|w#&Ghs~vA5iB1p;JO`2}BY3kx;>#Xh&DurptZgJCPY6M}x#_ z2em6c!Z1RPx+=h23j9`P4u_w8e%_A8dq14J1Z9FCMM(8J9DomdJXaalV|VjlwX;q9Zguj+`TGD{ib z@A?*&L0sR{mYC`Yy}rCbKgT51jGw~=i~xsgqGT(MdoAUbyzUaKCCf1ejmI3I#(bl` zpp0AC6X#jXlv(o}T7OuQR(v&5X=quhsH!dtG^O{Kl6M0T-S8q?o?vg%Yza&W$gOIeJF zXAZzKVz?6CkPc5xSd&X?(0|(v8cws(fQvSrpZ?`pO11l)vzjek+Xf0>hi)ms;zRDs zqQmuk+Q#p~sfhnQ#6a!Cj*l(GT$r5BH;)ucI*NXaRmYoM_1k_Vo6)wu9L@1pYVY8mhZB`%m{$umDephk_jU;pgx(EK;{*CVX>ftohOPe zB!jGWO&1*Z&uxJCT>>tPu#Y}+k*4>HipDRK1+Izs)1 z{E&NAE58~>!^tjnTZN{EiXgw;C3#cgR;6qQytQFNaqaH*BF1e6p^fR7W^8lhxRQX# z`fP^BQ#y@pjTUow#&G!W;G41LP+c&Eq-)%p2ZNVPY_BEVtR3V;exGOY-#Y0#mj5%8 z53?8AQAZ8P8()dfbb%ywLF5!wato8=ZV;CL1veTYkWp~s+i89H1^o4$`PDi}a18^L zC9bALvvG&-jh~0H7a2`Ufz&Kta3aU*J(Z|(x;Cgg%-|ld535Pr0Fp`MfZk{3Ov20u zs5HChQN8I|EK?a^=NMwihHFp>7%AV@$JrmA+IMtZG+8$$)SgH|ID*rSklO(H!f8kt z(Y2bqfA9m;LU$Ux?|0>kCGBcrVd~l>l{@yrRA)`8wRoXU!}~3EOR=0h)1aViB#pb% z6Xq2`0rY-@*N`thAIGw!xY5r7s(oG1J}_&~4LusD{zB3nB13M|s#d|x&PjD?0L(}# zFM-QWuI#a%A}>GTvWuGqPM>IVyjD3f&}xcU>Ux)b2|udwSXg{?5b;Ia+NPU)u;Ek@GXnPDvJPK!_&lbsw`N>0NWZM07RY+%DmgCO7vbTZw>n)Ch< zp|=W}lmFIm4tmc_R47mE?<=t{v zJ+PT;@f<0>?FHO~)mu_vz`VgOn>_?-Xrw2UhCh;8_g#%98Doxffc-~F6THv}zjOcg z@8MH0PJBb(J#E6Hh?4To-Na?N8;RkJE%dHvvP4iz>ix-{uu7w75w#1U|CSRYm#JRF z?ffC@tSt@QWrB?4V)PzV*l)5+vBvv5a8I37B6B1!nDT(`L4h#HE4ABZy$vk#fE|fF z$QLAG;K#-we{-HSMI}7KV+;YH7Vl=?;HHB&ha7{9YAIcA*QrO?yJd%WpfFB5Jc@UF zIKWH}4u^giU=Fm&h-zLvhvSJ6 z&5QstfT3cDY-T#)T(fB+eHi$XRBEvoz-{Fs2gp5<|qn^Ldci+ zA~(jKDn-9S&SBOkKn*m=3{wTe*`*KhcRdo#UF&==xyv-Pl8U~Rv};t#iP)wHlRO7v z>hg6_h~HJpUMDZ^tK}~dK6-jz@g*0oMPe3j1xqxHCH9Woap3j=C=S82m_N7A?9m9q zdiu@aqCy&q&uIR(10m@)$m-qO78JE@mnRrJ?|z(0XL z>qRZ3m<@xrdCD>q2lYoUc!7*jcGGf;6=AG6g6-KWQ|z9#{`O&X2JHt!;{hVRLsU)e3-Yk3C7&Q9?8eG3APBp?XDII$tiO*K&!PW(Uj zw3WzjkgNOL_09bi=4LWtThx^a*r+3Us{*GH)=?iIODNI6tzY%SDGI4J9Ew7P`lHls z89~QtjKlFM7GB^|C?Nu#J!3wx+QV-2lcWvERM=JeHFK&5X5XtvYMeHEzNM`f`#1X~ zE=lin;VFP@q35&R;pL3&cgb3jd=>XOM@Aq?LYc|AyO&rSXyKSvMMtsPR>|NO5-tx$ zl1)?|FAac55k^FO(kIA;3mgHZSQB3Vao#%5_VX z_6o>NWQ@tHf7qdS|L@!cBL?^kh_8K{gX_Z zK^iGIS#HLSA_362*J2?}0WjizOjpNge)$$7?X2)0;`Un3HPn9weLN5Q=Y7c5evYFR zH5-liAxqWe`KuJgG?tk&yU}a-9c-*+jex3m?fmQKore!9O`ya9wTFqsG|bk2ci;6n z<4>J_Jz9BE-U75RlOP#HqH90yt`T>!N`C;N=+0?{SjiiNIDH+#4uqgbSw}&1zfHdI zeJtJmK4KD2n?VNx$#0xieU`WO+h49#mVx9xt@)82?X;`M8cjc1YNNqwzWiODJDo-V zl)Ku`oiE;!v!PK>6=4p=H66tIF?Z71yFTJFyUgE0b5-OeX7Fi*TYx*eh&8*G!0Uz@ z`#lmO=;{DM*@j|={{zdx;KTVD-LWoNC8P9KY8#$}1(6nb;9A1!Cpc&?&2_#U=8qd8 zXkdiVgt)t(No*8{ysuD{y_4{c<#GQ0pdcbRjV z!-IvlEM_ir`Cf~G(19YFPEP2_+$y797C70aa38bFfeM6$J*m+{CqD1;o7B}WG_w5K z=)L5nDQ6fm7yQyUfgk@fSjTW;Nm7k-u%#@z=qol9oPv>$vnb@duqqU0cuo9`A?skd zO<)9-^PMJO@kKGR3Q=K+qKc4Ei7soz5`bG?!t~|i@`-Qeofvv$yy2*Mw$}nd$aBH` z3sT)A*KujOSH#Fr4jq`fMA4D446dMm=j+`Tn3b`W&H6vR{sHz%1ciu(q|q!*m&1e+ zlJCFN_Rol%W}!nXObME!tTKipf$kVVEUu8S&3S)1)eB!}Ps))esEH{wjcoy6+V3-F zz7hd+nJksp-eDKHLZFC`1WQoMF`bxEEZya|6GT)=Z_AiyI|Y%Utq(LOq;p{^#&PBC z67K*q3arD$*kTj!i-aVl^VV7&Z#q8ns6Lz8^Es}cIa-a_w^0?rirhn^4NP`oyct99 zfA9P^)?7Kn1dT%y3QR~PYGxq0MQ?y8Nw`#gJ$Z=>n_=Lg820lW^7{&DfPtDrrUm%J z5A|{4n_e@mz>}o5SR2y95&+zSueAm$_V$I**wi=JbDL)(3*VJ)l5IuRUh zN^0Ky2}-MX^>o^}_>?OVXRp7iF<1?Gu_Bfea&lG22zdi_i6&x`|4l%p_}JQ86l!kv z1T6Em#R0k%67xThe~5xrrbWu3h~Ji z>>0f%m#9T0vmQUgtgT>P5^sQOClJB2wbuH5%cUGD`gMH@w8Jg1!}erd+ya6|>Lucw zGl&bp+eZv{+iQr%`;UoHLsZ+)_=>@H*qR|vILZFUSUq(pB5(Anuz;E;IsKxG;u_{# zLw+Bo`cs`P(UCg%rYevcz>rK*EITxK^8x_=?)F+2=aKO>*F85a9R^iUzc;Vid?<8= zfmX<#9`#1at)=m*d!v3%e7qQZ2+)+$5As0q0L*9YKhUyg4L$@EQtk7Xaq>|LQS$tq zB4)dBrTRo5xj!kKak@H+=2tDW&-w)mN?8PU$lIIgvc0s`4-W?~MD~)ft-d%~?Qg(( zToAWqJT}Y+(|M^Lwarb=$02CsVaX?HqVc}w!2J1@4{IJ*0$RuIx=dbdN4)r8nK9M` zRVr6>V>FWWX@?(MAL0%j9$7&*!Un`IefUxT;P_# z(~XY@JrrfsVfvn^IHxM>E;ggS7O(7;y%g0|ohriTLs)$TOj4)K;e6^U!68NNix^GK zdKpjY%9Jtl2A;GV^rymWD9u;J#k@2ZZAsN(fqPDrm@Y23|JF9FZxs z;7)OEGX6IFtXSCS}jH5E*y+;4+BYi?I4CVQ+%bYGbne1&mJW=W<8aJq!3JFwfsQ@U_ Q^mvjSP8wwnD10nh%04m~g8%>k diff --git a/home/default.nix b/home/default.nix index cbff2c4b..99bad208 100644 --- a/home/default.nix +++ b/home/default.nix @@ -155,7 +155,7 @@ in { EMAIL = me.mail; SUDO_ASKPASS = let print-pw = pkgs.writeShellScriptBin "print-pw" - "pass show eu/m-0/${config.m-0.hostName}/user/${config.home.username}"; + "pass show eu/m-0/${config.m-0.hostName}.m-0.eu/${config.home.username}"; in "${print-pw}/bin/print-pw"; }; file.".config/nvim/coc-settings.json".text = builtins.toJSON { diff --git a/home/desktop/default.nix b/home/desktop/default.nix index abd5f5e1..6c149d11 100644 --- a/home/desktop/default.nix +++ b/home/desktop/default.nix @@ -1,8 +1,7 @@ { pkgs, lib, config, ... }: let inherit (import ../../pkgs) desktop-pkgs; in { - imports = - [ ./i3.nix ./rofi.nix ./ssh-agent.nix ./eventd.nix ./sleep-nag.nix ]; + imports = [ ./rofi.nix ./ssh-agent.nix ./eventd.nix ./sleep-nag.nix ]; m-0 = { workspaces = [ "tasks" @@ -38,73 +37,8 @@ in { "brightWhite" = "#ffffff"; }; }; - xsession.initExtra = "xsetroot -solid black"; - home = { - packages = builtins.attrValues desktop-pkgs; - keyboard = { - layout = "de"; - variant = "neo"; - options = [ "altwin:swap_lalt_lwin" ]; - }; - }; - programs.urxvt = let mkFont = size: name: "xft:${name}:size=${size}"; - in { - enable = true; - package = desktop-pkgs.urxvt; - fonts = map (mkFont "13") [ - "Inconsolata" - "Droid Sans Mono" - "DejaVu Sans Mono" - "Droid Sans Fallback" - "FreeSans" - ]; - keybindings = let - switchFont = size: - "command:\\033]710;${ - lib.concatStringsSep "," (map (mkFont size) [ - "Inconsolata" - "Droid Sans Mono" - "DejaVu Sans Mono" - "Droid Sans Fallback" - "FreeSans" - ]) - }\\007"; - in { - "C-1" = switchFont "10"; - "C-2" = switchFont "13"; - "C-3" = switchFont "16"; - "C-4" = switchFont "24"; - "C-f" = "matcher:select"; - "C-g" = "matcher:last"; - }; - extraConfig = { - tintColor = config.m-0.colors.background; - perl-ext = "default,matcher,clipboard-osc"; - url-launcher = "firefox"; - foreground = config.m-0.colors.foreground; - background = config.m-0.colors.background; - color0 = config.m-0.colors.black; - color1 = config.m-0.colors.red; - color2 = config.m-0.colors.green; - color3 = config.m-0.colors.yellow; - color4 = config.m-0.colors.blue; - color5 = config.m-0.colors.magenta; - color6 = config.m-0.colors.cyan; - color7 = config.m-0.colors.white; - color8 = config.m-0.colors.brightBlack; - color9 = config.m-0.colors.brightRed; - color10 = config.m-0.colors.brightGreen; - color11 = config.m-0.colors.brightYellow; - color12 = config.m-0.colors.brightBlue; - color13 = config.m-0.colors.brightMagenta; - color14 = config.m-0.colors.brightCyan; - color15 = config.m-0.colors.brightWhite; - }; - scroll = { - bar.enable = false; - lines = 0; - }; - }; + home = { packages = builtins.attrValues desktop-pkgs; }; + programs.browserpass.enable = true; gtk = { enable = true; iconTheme = { @@ -117,18 +51,172 @@ in { }; }; services = { - nextcloud-client.enable = true; - redshift = { + mpd = { enable = true; - temperature.day = 6500; - latitude = "49.86667"; - longitude = "8.65"; - }; - screen-locker = { - enable = true; - lockCmd = - "${pkgs.i3lock}/bin/i3lock -n -f -i ~/data/aktuell/media/bilder/lockscreen.png"; + network.listenAddress = "::1"; + musicDirectory = "${config.home.homeDirectory}/data/aktuell/media/musik"; + extraConfig = '' + audio_output { + type "pulse" + name "Pulseaudio" + server "localhost" + } + ''; }; + mpdris2.enable = true; }; - xsession.enable = true; + systemd.user.services.mpdris2 = { + Unit.Requires = [ "dbus.service" ]; + Install.WantedBy = [ "default.target" ]; + }; + xdg.configFile."sway/config".text = builtins.readFile ./sway.config + (let + inherit (config.m-0) colors workspaces terminal; + swayColors = { + focused = { + background = colors.blue; + border = colors.blue; + childBorder = colors.blue; + indicator = colors.green; + text = colors.foreground; + }; + focused_inactive = { + background = colors.background; + border = colors.background; + childBorder = colors.background; + indicator = colors.green; + text = colors.foreground; + }; + unfocused = { + background = colors.background; + border = colors.background; + childBorder = colors.background; + indicator = colors.green; + text = colors.foreground; + }; + urgent = { + background = colors.red; + border = colors.red; + childBorder = colors.red; + indicator = colors.green; + text = colors.foreground; + }; + }; + barColors = { + active_workspace = { + background = colors.blue; + border = colors.blue; + text = colors.white; + }; + binding_mode = { + background = colors.red; + border = colors.red; + text = colors.white; + }; + focused_workspace = { + background = colors.blue; + border = colors.blue; + text = colors.white; + }; + inactive_workspace = { + background = colors.background; + border = colors.background; + text = colors.white; + }; + }; + bindings = { + "XF86AudioMute" = "exec pactl set-sink-mute '@DEFAULT_SINK@' toggle"; + "XF86AudioLowerVolume" = + "exec pactl set-sink-volume '@DEFAULT_SINK@' -5%"; + "XF86AudioRaiseVolume" = + "exec pactl set-sink-volume '@DEFAULT_SINK@' +5%"; + "XF86AudioMicMute" = + "exec pactl set-source-mute '@DEFAULT_SOURCE@' toggle"; + "XF86MonBrightnessUp" = + "exec ${pkgs.brightnessctl}/bin/brightnessctl +5%"; + "XF86MonBrightnessDown" = + "exec ${pkgs.brightnessctl}/bin/brightnessctl +5%"; + "Tab" = "exec ${pkgs.skippy-xd}/bin/skippy-xd"; + "Left" = "focus left"; + "Down" = "focus down"; + "Up" = "focus up"; + "Right" = "focus right"; + "Shift+Left" = "move left"; + "Shift+Down" = "move down"; + "Shift+Up" = "move up"; + "Shift+Right" = "move right"; + "d" = "splith"; + "t" = "layout tabbed"; + "s" = "layout toggle split"; + "f" = "fullscreen"; + "Shift+space" = "floating toggle"; + "prior" = "focus parent"; + "next" = "focus child"; + "shift+q" = + "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; + "Return" = "exec ${terminal}"; + "q" = "kill"; + "space" = "exec hotkeys"; + "m" = "bar mode toggle monitoring"; + }; + workspaceBindings = builtins.foldl' (bindings: name: + let + number = toString ((builtins.length (builtins.attrNames bindings)) / 2); + in bindings // { + "${number}" = "workspace ${number}:${name}"; + "Shift+${number}" = "move container to workspace ${number}:${name}"; + }) { } workspaces; + bindingsConfig = lib.concatStringsSep "\n" (lib.mapAttrsToList + (binding: command: '' + bindsym $mod+${binding} ${command} + '') (bindings // workspaceBindings)); + in bindingsConfig + (lib.concatStringsSep "\n" (lib.mapAttrsToList (category: + { border, background, text, indicator, childBorder }: '' + client.${category} ${border}a0 ${background}c0 ${text} ${indicator} ${childBorder} + '') swayColors)) + '' + bar { + status_command i3status-rs ${./status.toml}; + status_padding 0 + status_edge_padding 0 + font monospace 9.5 + height 17 + strip_workspace_numbers yes + + mode hide + + colors { + statusline #ffffff + background #00000000 + ${ + lib.concatStringsSep "\n" (lib.mapAttrsToList (category: + { background, border, text }: '' + ${category} ${background}c0 ${border} ${text} + '') barColors) + } + } + } + bar { + id monitoring + status_command i3status-rs ${./status-monitoring.toml}; + status_padding 0 + status_edge_padding 0 + font monospace 9.5 + height 17 + workspace_buttons no + position top + modifier none + + mode invisible + + colors { + statusline #ffffff + background #00000000 + ${ + lib.concatStringsSep "\n" (lib.mapAttrsToList (category: + { background, border, text }: '' + ${category} ${background}c0 ${border} ${text} + '') barColors) + } + } + } + ''); } diff --git a/home/desktop/i3.nix b/home/desktop/i3.nix deleted file mode 100644 index a68257ed..00000000 --- a/home/desktop/i3.nix +++ /dev/null @@ -1,215 +0,0 @@ -{ pkgs, lib, config, ... }: -with lib; -let - inherit (config.m-0) colors workspaces terminal; - exec = "exec --no-startup-id"; - conkyCommon = '' - background = false, - border_width = 0, - cpu_avg_samples = 2, - draw_borders = false, - draw_graph_borders = true, - draw_outline = false, - draw_shades = false, - double_buffer = true, - use_xft = true, - font = 'Source Code Pro For Powerline:size=8', - gap_x = 0, - gap_y = 0, - minimum_width = 316, - maximum_width = 316, - net_avg_samples = 2, - no_buffers = true, - out_to_console = false, - out_to_stderr = false, - extra_newline = false, - own_window = true, - own_window_class = 'Conky', - own_window_type = 'override', - own_window_colour = "${config.m-0.colors.background}", - own_window_hints = 'undecorated,below,skip_taskbar,skip_pager,sticky', - stippled_borders = 0, - update_interval = 1.0, - ''; - conkyOrgaConfig = pkgs.writeText "conky.conf" '' - conky.config = { - alignment = 'top_right', - ${conkyCommon} - } - - conky.text = [[ - ''${font Source Code Pro For Powerline:bold:size=14}''${color #8888ff}$alignc''${exec date '+%a %_d. %B, %H:%M:%S'} - ''${font Source Code Pro For Powerline:size=12} - ''${color #d0d0d0}''${execpi 60 ${pkgs.gcal}/bin/gcal -K -s1 --iso-week-number=yes | sed -e 's|5\d/1|01|' | sed -ne '3,10p' | sed -e 's// ''${color}/' | sed 's/^/$alignc/'} - $font - $hr - ''${execi 5 cat ~/.kassandra_state | tail -n4} - $hr - ''${execi 5 cat ~/tmp/today.md} - ]] - ''; - conkyMPDConfig = pkgs.writeText "conky.conf" '' - conky.config = { - alignment = 'bottom_right', - ${conkyCommon} - mpd_host = "::0", - mpd_port = 6600 - } - - conky.text = [[ - MPD $mpd_status | Vol: $mpd_vol% | Ran: $mpd_random | Rep: $mpd_repeat - $mpd_smart - $mpd_album - $mpd_elapsed/$mpd_length ($mpd_percent%) $mpd_bar - ]] - - ''; - addMods = oldbindings: - builtins.foldl' (newbindings: key: - newbindings // { - "Mod4+${key}" = oldbindings.${key}; - "Mod3+Mod4+${key}" = oldbindings.${key}; - }) { } (builtins.attrNames oldbindings); -in { - - xsession = { - windowManager.i3 = { - enable = true; - extraConfig = '' - gaps right 320 - ''; - package = (import { }).i3-gaps; - config = let fonts = [ "Source Code Pro For Powerline 9" ]; - in { - startup = [ - { - command = "${pkgs.conky}/bin/conky -c ${conkyOrgaConfig}"; - notification = false; - } - { - command = "${pkgs.conky}/bin/conky -c ${conkyMPDConfig}"; - notification = false; - } - ]; - focus = { - followMouse = false; - forceWrapping = true; - }; - inherit fonts; - colors = { - focused = { - background = colors.blue; - border = colors.blue; - childBorder = colors.blue; - indicator = colors.green; - text = colors.foreground; - }; - focusedInactive = { - background = colors.background; - border = colors.background; - childBorder = colors.background; - indicator = colors.green; - text = colors.foreground; - }; - unfocused = { - background = colors.background; - border = colors.background; - childBorder = colors.background; - indicator = colors.green; - text = colors.foreground; - }; - urgent = { - background = colors.red; - border = colors.red; - childBorder = colors.red; - indicator = colors.green; - text = colors.foreground; - }; - }; - bars = [{ - mode = "hide"; - inherit fonts; - colors = { - separator = colors.white; - background = colors.background; - activeWorkspace = { - background = colors.blue; - border = colors.blue; - text = colors.white; - }; - bindingMode = { - background = colors.red; - border = colors.red; - text = colors.white; - }; - focusedWorkspace = { - background = colors.blue; - border = colors.blue; - text = colors.white; - }; - inactiveWorkspace = { - background = colors.background; - border = colors.background; - text = colors.white; - }; - }; - }]; - window = { - titlebar = false; - border = 1; - commands = [{ - command = "floating disable"; - criteria = { class = "Firefox"; }; - }]; - }; - - keybindings = { - "XF86AudioMute" = "exec pactl set-sink-mute '@DEFAULT_SINK@' toggle"; - "XF86AudioLowerVolume" = - "exec pactl set-sink-volume '@DEFAULT_SINK@' -5%"; - "XF86AudioRaiseVolume" = - "exec pactl set-sink-volume '@DEFAULT_SINK@' +5%"; - "XF86AudioMicMute" = - "exec pactl set-source-mute '@DEFAULT_SOURCE@' toggle"; - "XF86MonBrightnessUp" = "exec xbacklight +5"; - "XF86MonBrightnessDown" = "exec xbacklight -5"; - "XF86Display" = "${exec} ${pkgs.arandr}/bin/arandr"; - "Ctrl+Escape" = "${exec} loginctl lock-session;"; - } // addMods ({ - "Left" = "focus left"; - "Down" = "focus down"; - "Up" = "focus up"; - "Right" = "focus right"; - "Tab" = "${exec} ${pkgs.skippy-xd}/bin/skippy-xd"; - "Prior" = "focus parent"; - "Next" = "focus child"; - "Return" = "${exec} ${terminal}"; - "p" = "${exec} rofi-pass"; - "shift+Left" = "move left"; - "shift+Down" = "move down"; - "shift+Up" = "move up"; - "shift+Right" = "move right"; - "d" = "split h"; - "f" = "fullscreen toggle"; - "t" = "layout tabbed"; - "s" = "layout toggle split"; - "q" = "kill"; - "m" = "move workspace to output up"; - "n" = "move workspace to output right"; - "shift+space" = "floating toggle"; - "shift+q" = - "${exec} ${pkgs.i3}/bin/i3-nagbar -t warning -m 'do you want to exit i3?' -b 'yes' 'i3-msg exit'"; - "space" = "${exec} hotkeys"; - } // builtins.foldl' (bindings: name: - let - number = - toString ((builtins.length (builtins.attrNames bindings)) / 2); - in bindings // { - "${number}" = "workspace ${number}:${name}"; - "Shift+${number}" = "move container to workspace ${number}:${name}"; - }) { } workspaces); - }; - }; - }; - -} diff --git a/home/desktop/ssh-agent.nix b/home/desktop/ssh-agent.nix index 652db363..5b2db23d 100644 --- a/home/desktop/ssh-agent.nix +++ b/home/desktop/ssh-agent.nix @@ -2,7 +2,7 @@ xsession.initExtra = let cat-pw = pkgs.writeShellScriptBin "cat-ssh-pw" '' - pass eu/m-0/${config.m-0.hostName}/ssh + pass eu/m-0/${config.m-0.hostName}.m-0.eu/ssh-key ''; start-agent = pkgs.writeShellScriptBin "start-ssh-agent" '' ${pkgs.psmisc}/bin/killall -q ssh-agent diff --git a/home/desktop/status-monitoring.toml b/home/desktop/status-monitoring.toml new file mode 100644 index 00000000..3ca835f5 --- /dev/null +++ b/home/desktop/status-monitoring.toml @@ -0,0 +1,57 @@ +theme = "slick" +icons = "awesome" + +[[block]] +block = "speedtest" +bytes = false +interval = 1800 + +[[block]] +block = "temperature" +collapsed = false +interval = 10 +format = "{min}° min, {max}° max, {average}° avg" +chip = "*-isa-*" + +[[block]] +block = "net" +device = "wlp61s0" +ssid = true +ip = true +speed_up = true +speed_down = true +graph_up = true +graph_down = true +interval = 5 + +[[block]] +block = "net" +device = "enp0s31f6" +ssid = true +ip = true +speed_up = true +speed_down = true +graph_up = true +graph_down = true +interval = 5 + +[[block]] +block = "disk_space" +path = "/" +alias = "/" +info_type = "available" +unit = "GB" +interval = 60 +warning = 20.0 +alert = 10.0 + +[[block]] +block = "memory" +display_type = "memory" +format_mem = "{Mup}%" +format_swap = "{SUp}%" + +[[block]] +block = "load" +interval = 5 +format = "{1m}" diff --git a/home/desktop/status.toml b/home/desktop/status.toml new file mode 100644 index 00000000..87a0d751 --- /dev/null +++ b/home/desktop/status.toml @@ -0,0 +1,35 @@ +theme = "slick" +icons = "awesome" + +[[block]] +block = "music" +buttons = ["play", "next"] +max_width = 64 + +[[block]] +block = "net" +device = "wlp61s0" +ssid = true +ip = false +speed_up = false +speed_down = false +graph_up = false +graph_down = false +interval = 5 + +[[block]] +block = "sound" + +[[block]] +block = "backlight" +device = "intel_backlight" + +[[block]] +block = "battery" +driver = "upower" +format = "{percentage}% ({power}W) {time}" + +[[block]] +block = "time" +interval = 5 +format = "%F %a %T" diff --git a/home/desktop/sway.config b/home/desktop/sway.config new file mode 100644 index 00000000..36945fb9 --- /dev/null +++ b/home/desktop/sway.config @@ -0,0 +1,28 @@ +set $mod Mod4 +set $term ate +set $lock swaylock -e -F -l -s fill -f -i ~/.wallpaper.jpg + +exec my-ssh-add +exec swayidle -w \ + timeout 600 '$lock' \ + timeout 570 'swaymsg "output * dpms off"' \ + resume 'swaymsg "output * dpms on"' \ + before-sleep '$lock' + +output * bg ~/.wallpaper.jpg fill + +input type:keyboard { + xkb_layout de + xkb_variant neo + xkb_options altwin:swap_lalt_lwin +} + +focus_follows_mouse no +hide_edge_borders --i3 smart +titlebar_border_thickness 0 +titlebar_padding 1 +font monospace 9.5 +default_border pixel 1 +floating_modifier $mod normal + +bindsym ctrl+escape exec $lock diff --git a/home/zsh/zshrc b/home/zsh/zshrc index a7b6173c..58dcd8cf 100644 --- a/home/zsh/zshrc +++ b/home/zsh/zshrc @@ -1,3 +1,10 @@ +# If running from tty1 start sway +if [ "$(tty)" = "/dev/tty1" ]; then + . start-ssh-agent + exec sway +fi + +# If not in a tmux, start tmux if [[ -z "$TMUX" ]] { session=$(tmux ls | grep -v attached | head -1 | cut -f1 -d:) if [[ -n $session ]] { diff --git a/hosts/apollo/configuration.nix b/hosts/apollo/configuration.nix index 6560d42b..19034b6c 100644 --- a/hosts/apollo/configuration.nix +++ b/hosts/apollo/configuration.nix @@ -23,8 +23,6 @@ in { networking = { hostName = "apollo"; - firewall.allowedTCPPorts = [ 8888 ]; - firewall.allowedUDPPorts = [ 30000 ]; wireguard.interfaces = { m0wire = { allowedIPsAsRoutes = false; @@ -79,15 +77,10 @@ in { cleanupInterval = "15m"; snapshotInterval = "*:00/3:00"; }; - printing = { - enable = true; - drivers = [ pkgs.gutenprint pkgs.hplip ]; - }; prometheus.exporters.node = { firewallFilter = "-i m0wire -p tcp -m tcp --dport 9100"; openFirewall = true; }; - autorandr.enable = true; }; cdark_net = { diff --git a/hosts/apollo/home.nix b/hosts/apollo/home.nix index f8e59958..e0e25775 100644 --- a/hosts/apollo/home.nix +++ b/hosts/apollo/home.nix @@ -27,7 +27,7 @@ hostName = "hera-v4"; pubKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCHkqWlFLtmIlTSKahr2PcL++K75YgfsSU6jwVYW5df3JCkowu/M16SIBxABxYSQrKej5uIz/OFCjqSxHJQ8D5wSYBvn2gYr/BbBcz4rfIJmZ55Od2jckaqlj/M8TtkuPPhsQG7S730vXxK5hbMT8iW5WWv8sIKY/WtaRbZOFMX/53WCLEHtnMu5zFJFWf92+mjIHSLyW8ggl1m525RUiaAfCge2vnuzIFq4kUqJxaWzxIvEWIncKWN10K/HMvdI+yOtbSen41uKedwSFhUFs3xHy1mJddYOrlcJQPt5zuuffZ/nTDVXMZoh5QNwg8ZlkkueVChaS1Y5STjb7cem1Mt"; - passPath = "eu/m-0/hera/disk"; + passPath = "eu/m-0/hera.m-0.eu/disk"; }]; mail = { enable = true; diff --git a/hosts/apollo/secret/jaliconfig.py b/hosts/apollo/secret/jaliconfig.py index 97cbf394877e6314692de5404127c0600b55f47d..b72119fee9b70c8d24d6e2fa2a683fc6aab7392c 100644 GIT binary patch literal 925 zcmV;O17iFDM@dveQdv+`0EH1(7IoUcAJp3XPA(T{ZrWdWD^R*ds;5n(_1^>I!RIGw zqxH7x>U3rvnLzZU2hVIP6L7}Iq@4)x?K+lzVZPj`*X~@m%_p+XIgtKS$*;jUhoRy} z{ypS5X+odTvWX;qEfEz)OhA&cr%*IfrFc-zlrVs#9dDr%Ccr($a5dc^8&uJGJWg!W;7e24V_5TH`H8F99JaQb z*6O3Z#nBuyC95h=ca5}w;6}Ra5&{#jS%HZmkvC#&4vTE-;IK>8i4LU{1A+%yjS7vg zASg@`p*Pk;4Y$h(;s=)n_K}b(G}}`1-g+*66KZ~+27$~-c7IOYa9kME&+1QV$7&?? zhYP*|@#V!A7)TlI(%ehObt>?S*0m!$Aa`*vd4l+)9?!sO^xw2Lkm5*jndlg-O52|0ZTNL7C>N}`g-J8)pZsL=NHy_wTXPL&}uO%t@8o`vce|vBHUK;Wdct*1|?~Mf~a)Aw>qbgFU7!law z{6DnS9^*e;dG2ap3Q0*QeYhy#RKguihIebSg}cJ@>F-%h{W1N!)X5p<%CjTaC}Ymc literal 1976 zcmV;p2S@k-M@dveQdv+`0MA);l&PkwRMt(Qgyyvdu`;ok*FD(d|oX5c|v_+fJtn zexA1H7)@Q2Qw5Z^Y~}EepU)hSjr9MlzV6_UxfU}NmTm<{_v%6RHJfy=l!JKB9}!)s zMfItFEV6oe2>!{Yy}aw zDiS*5bpxuG=;eT591_c-}wpXLzUPBVW6E$=GAej zZ5GLUt?Q8Tmy@c{D<4)Cr<9I+w&A%XjYr^hCkLAKhkMjU_veLFaG`>D9k}sB#HT>v zPM;Je`ojzz({G1u8g7HfX;cm8N^#gMfrN+GY$j;)|ITV+y zhNhZ{u|5gRj#DvqhwS>KR0(_q+ecodaU2BiF_kI*xR@`*#tTxLH@Hr90o%Gyj9k4d zdy_9sg%gf9ylk&OhD=gsDKeNDn>W)h`O0$57)vxFHI(u*=p7L!gDyJN z9P*Qs;(t^n_-xY9fw0akSfr|>pE`(F;?=~pJG5bOblv*p4E@ApmRInjadA*#Rtq^7 zK@a(>%bgH`6m0bw)5Q1B1oZk(iGDK!fytn|eycZ%dJf;{zVMS>tMccsxq08&Bf~kc z9W#?M^l^vQkhvd;^{RgHqxejaj+<7eEk{$YI}4lTrb@Z9sBq#z(#PcyB0M3de*img zCR@p+5ZP1E-C9Nb^uzVcI+jRrU^YM``6@2X1ywyWg<$hlm1eR|pl-kdwvxOP#b46H_s zOu6`upR#IGB`KhkPmAtL zvhbk4)aPEZxh!tH27MN8 zH-}fPNwZ~gF~S^Sl&Au>79B-7hXP!2?0n;xL$mLO)c^+5W-+?ZE32!QMPF7L}k=X^xY&ZaY+Sp}!uv~IateH?Tq}vb*e*K43&V@1~bvOqSLXHk012Cm5 zIswndg?lxSKwd({+%bp(1kM-{9Qh4_v~_|e^heYUQrV_$2cBt_Q^9`BY#K7CBdr3W z{L6!C8S`l?xD@2XY-Ym4B{AJF)>FVf#yq@KXRs)W1rGMDp znY&@=!Cv?xc11Joe{A+{?FPf6d%b_4tzwTu930@?(nal?!s^*k10ef~waSQMXF@=` zk)&6Vm(2fk0Og!asBoEf4uHwGb)sME(qqlWK*B?2-YWVbip5{<*j+Sv?Pl#(b3QV= zHXO9sUFR6$ml;;&q+gPZj6;>1XoFT*HG*x&MhwJ4S?C2+jRQ)dS*)(B$y~;hT0Y{r zD(B=%05z8K)&{B``X>3Xctg-Y(-nQFzs!2Sv;5hta7oNH){6f^a^D@_Io zRCl4#&RLS3FF82^NT{Gs8F$w0t3i%Kq4nH3+=XF8z{DLdD44Y;Xurwe@hn(P{Eb

services.nginx.virtualHosts.<name>. - See for further information. - ''; - }; - - webfinger = mkOption { - type = types.bool; - default = false; - description = '' - Enable this option if you plan on using the webfinger plugin. - The appropriate nginx rewrite rules will be added to your configuration. - ''; - }; - - phpOptions = mkOption { - type = types.attrsOf types.str; - default = { - "short_open_tag" = "Off"; - "expose_php" = "Off"; - "error_reporting" = "E_ALL & ~E_DEPRECATED & ~E_STRICT"; - "display_errors" = "stderr"; - "opcache.enable_cli" = "1"; - "opcache.interned_strings_buffer" = "8"; - "opcache.max_accelerated_files" = "10000"; - "opcache.memory_consumption" = "128"; - "opcache.revalidate_freq" = "1"; - "opcache.fast_shutdown" = "1"; - "openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt"; - "catch_workers_output" = "yes"; - }; - description = '' - Options for PHP's php.ini file for nextcloud. - ''; - }; - - poolConfig = mkOption { - type = types.lines; - default = '' - pm = dynamic - pm.max_children = 32 - pm.start_servers = 2 - pm.min_spare_servers = 2 - pm.max_spare_servers = 4 - pm.max_requests = 500 - ''; - description = '' - Options for nextcloud's PHP pool. See the documentation on php-fpm.conf for details on configuration directives. - ''; - }; - - config = { - dbtype = mkOption { - type = types.enum [ "sqlite" "pgsql" "mysql" ]; - default = "sqlite"; - description = "Database type."; - }; - dbname = mkOption { - type = types.nullOr types.str; - default = "nextcloud"; - description = "Database name."; - }; - dbuser = mkOption { - type = types.nullOr types.str; - default = "nextcloud"; - description = "Database user."; - }; - dbpass = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - Database password. Use dbpassFile to avoid this - being world-readable in the /nix/store. - ''; - }; - dbpassFile = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - The full path to a file that contains the database password. - ''; - }; - dbhost = mkOption { - type = types.nullOr types.str; - default = "localhost"; - description = '' - Database host. - - Note: for using Unix authentication with PostgreSQL, this should be - set to /run/postgresql. - ''; - }; - dbport = mkOption { - type = with types; nullOr (either int str); - default = null; - description = "Database port."; - }; - dbtableprefix = mkOption { - type = types.nullOr types.str; - default = null; - description = "Table prefix in Nextcloud database."; - }; - adminuser = mkOption { - type = types.str; - default = "root"; - description = "Admin username."; - }; - adminpass = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - Admin password. Use adminpassFile to avoid this - being world-readable in the /nix/store. - ''; - }; - adminpassFile = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - The full path to a file that contains the admin's password. - ''; - }; - - extraTrustedDomains = mkOption { - type = types.listOf types.str; - default = [ ]; - description = '' - Trusted domains, from which the nextcloud installation will be - acessible. You don't need to add - services.nextcloud.hostname here. - ''; - }; - - overwriteProtocol = mkOption { - type = types.nullOr (types.enum [ "http" "https" ]); - default = null; - example = "https"; - - description = '' - Force Nextcloud to always use HTTPS i.e. for link generation. Nextcloud - uses the currently used protocol by default, but when behind a reverse-proxy, - it may use http for everything although Nextcloud - may be served via HTTPS. - ''; - }; - }; - - caching = { - apcu = mkOption { - type = types.bool; - default = true; - description = '' - Whether to load the APCu module into PHP. - ''; - }; - redis = mkOption { - type = types.bool; - default = false; - description = '' - Whether to load the Redis module into PHP. - You still need to enable Redis in your config.php. - See https://docs.nextcloud.com/server/14/admin_manual/configuration_server/caching_configuration.html - ''; - }; - memcached = mkOption { - type = types.bool; - default = false; - description = '' - Whether to load the Memcached module into PHP. - You still need to enable Memcached in your config.php. - See https://docs.nextcloud.com/server/14/admin_manual/configuration_server/caching_configuration.html - ''; - }; - }; - autoUpdateApps = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - Run a auto update of all installed apps from the nextcloud repository. - ''; - }; - startAt = mkOption { - type = with types; either str (listOf str); - default = "05:00:00"; - example = "Sun 14:00:00"; - description = '' - When to run the update. See `systemd.services..startAt`. - ''; - }; - }; - }; - - config = mkIf cfg.enable (mkMerge [ - { - assertions = let acfg = cfg.config; - in [ - { - assertion = !(acfg.dbpass != null && acfg.dbpassFile != null); - message = "Please specify no more than one of dbpass or dbpassFile"; - } - { - assertion = ((acfg.adminpass != null || acfg.adminpassFile != null) - && !(acfg.adminpass != null && acfg.adminpassFile != null)); - message = - "Please specify exactly one of adminpass or adminpassFile"; - } - ]; - } - - { - systemd.timers."nextcloud-cron" = { - wantedBy = [ "timers.target" ]; - timerConfig.OnBootSec = "5m"; - timerConfig.OnUnitActiveSec = "15m"; - timerConfig.Unit = "nextcloud-cron.service"; - }; - - systemd.services = { - "nextcloud-setup" = let - overrideConfig = pkgs.writeText "nextcloud-config.php" '' - [ - [ 'path' => '${cfg.home}/apps', 'url' => '/apps', 'writable' => false ], - [ 'path' => '${cfg.home}/store-apps', 'url' => '/store-apps', 'writable' => true ], - ], - 'datadirectory' => '${cfg.home}/data', - 'skeletondirectory' => '${cfg.skeletonDirectory}', - ${ - optionalString cfg.caching.apcu - "'memcache.local' => '\\OC\\Memcache\\APCu'," - } - 'log_type' => 'syslog', - 'log_level' => '${builtins.toString cfg.logLevel}', - ${ - optionalString (cfg.config.overwriteProtocol != null) - "'overwriteprotocol' => '${cfg.config.overwriteProtocol}'," - } - ]; - ''; - occInstallCmd = let - c = cfg.config; - adminpass = if c.adminpassFile != null then - ''"$(<"${toString c.adminpassFile}")"'' - else - ''"${toString c.adminpass}"''; - dbpass = if c.dbpassFile != null then - ''"$(<"${toString c.dbpassFile}")"'' - else if c.dbpass != null then - ''"${toString c.dbpass}"'' - else - null; - installFlags = concatStringsSep " \\\n " - (mapAttrsToList (k: v: "${k} ${toString v}") { - "--database" = ''"${c.dbtype}"''; - # The following attributes are optional depending on the type of - # database. Those that evaluate to null on the left hand side - # will be omitted. - ${if c.dbname != null then "--database-name" else null} = - ''"${c.dbname}"''; - ${if c.dbhost != null then "--database-host" else null} = - ''"${c.dbhost}"''; - ${if c.dbport != null then "--database-port" else null} = - ''"${toString c.dbport}"''; - ${if c.dbuser != null then "--database-user" else null} = - ''"${c.dbuser}"''; - ${ - if (any (x: x != null) [ c.dbpass c.dbpassFile ]) then - "--database-pass" - else - null - } = dbpass; - ${ - if c.dbtableprefix != null then - "--database-table-prefix" - else - null - } = ''"${toString c.dbtableprefix}"''; - "--admin-user" = ''"${c.adminuser}"''; - "--admin-pass" = adminpass; - "--data-dir" = ''"${cfg.home}/data"''; - }); - in '' - ${occ}/bin/nextcloud-occ maintenance:install \ - ${installFlags} - ''; - occSetTrustedDomainsCmd = concatStringsSep "\n" (imap0 (i: v: '' - ${occ}/bin/nextcloud-occ config:system:set trusted_domains \ - ${toString i} --value="${toString v}" - '') ([ cfg.hostName ] ++ cfg.config.extraTrustedDomains)); - - in { - wantedBy = [ "multi-user.target" ]; - before = [ "phpfpm-nextcloud.service" ]; - script = '' - chmod og+x ${cfg.home} - ln -sf ${pkgs.nextcloud}/apps ${cfg.home}/ - mkdir -p ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps - ln -sf ${overrideConfig} ${cfg.home}/config/override.config.php - - chown -R nextcloud:nginx ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps - - # Do not install if already installed - if [[ ! -e ${cfg.home}/config/config.php ]]; then - ${occInstallCmd} - fi - - ${occ}/bin/nextcloud-occ upgrade - - ${occ}/bin/nextcloud-occ config:system:delete trusted_domains - ${occSetTrustedDomainsCmd} - ''; - serviceConfig.Type = "oneshot"; - }; - "nextcloud-cron" = { - environment.NEXTCLOUD_CONFIG_DIR = "${cfg.home}/config"; - serviceConfig.Type = "oneshot"; - serviceConfig.User = "nextcloud"; - serviceConfig.ExecStart = - "${phpPackage}/bin/php -f ${pkgs.nextcloud}/cron.php"; - }; - "nextcloud-update-plugins" = mkIf cfg.autoUpdateApps.enable { - serviceConfig.Type = "oneshot"; - serviceConfig.ExecStart = "${occ}/bin/nextcloud-occ app:update --all"; - startAt = cfg.autoUpdateApps.startAt; - }; - }; - - services.phpfpm = { - pools.nextcloud = let - phpAdminValues = (toKeyValue (foldr (a: b: a // b) { } - (mapAttrsToList (k: v: { "php_admin_value[${k}]" = v; }) - phpOptions))); - in { - phpOptions = phpOptionsExtensions; - phpPackage = phpPackage; - listen = "/run/phpfpm/nextcloud"; - extraConfig = '' - listen.owner = nginx - listen.group = nginx - user = nextcloud - group = nginx - ${cfg.poolConfig} - env[NEXTCLOUD_CONFIG_DIR] = ${cfg.home}/config - env[PATH] = /run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin - ${phpAdminValues} - ''; - }; - }; - - users.extraUsers.nextcloud = { - home = "${cfg.home}"; - group = "nginx"; - createHome = true; - }; - - environment.systemPackages = [ occ ]; - } - - (mkIf cfg.nginx.enable { - services.nginx = { - enable = true; - virtualHosts = { - "${cfg.hostName}" = { - root = pkgs.nextcloud; - locations = { - "= /robots.txt" = { - priority = 100; - extraConfig = '' - allow all; - log_not_found off; - access_log off; - ''; - }; - "/" = { - priority = 200; - extraConfig = "rewrite ^ /index.php$request_uri;"; - }; - "~ ^/store-apps" = { - priority = 201; - extraConfig = "root ${cfg.home};"; - }; - "= /.well-known/carddav" = { - priority = 210; - extraConfig = "return 301 $scheme://$host/remote.php/dav;"; - }; - "= /.well-known/caldav" = { - priority = 210; - extraConfig = "return 301 $scheme://$host/remote.php/dav;"; - }; - "~ ^\\/(?:build|tests|config|lib|3rdparty|templates|data)\\/" = { - priority = 300; - extraConfig = "deny all;"; - }; - "~ ^\\/(?:\\.|autotest|occ|issue|indie|db_|console)" = { - priority = 300; - extraConfig = "deny all;"; - }; - "~ ^\\/(?:index|remote|public|cron|core/ajax\\/update|status|ocs\\/v[12]|updater\\/.+|ocs-provider\\/.+|ocm-provider\\/.+)\\.php(?:$|\\/)" = - { - priority = 500; - extraConfig = '' - include ${config.services.nginx.package}/conf/fastcgi.conf; - fastcgi_split_path_info ^(.+\.php)(\\/.*)$; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param HTTPS ${if cfg.https then "on" else "off"}; - fastcgi_param modHeadersAvailable true; - fastcgi_param front_controller_active true; - fastcgi_pass unix:/run/phpfpm/nextcloud; - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - fastcgi_read_timeout 120s; - ''; - }; - "~ ^\\/(?:updater|ocs-provider|ocm-provider)(?:$|\\/)".extraConfig = - '' - try_files $uri/ =404; - index index.php; - ''; - "~ \\.(?:css|js|woff2?|svg|gif)$".extraConfig = '' - try_files $uri /index.php$request_uri; - add_header Cache-Control "public, max-age=15778463"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - add_header Referrer-Policy no-referrer; - access_log off; - ''; - "~ \\.(?:png|html|ttf|ico|jpg|jpeg)$".extraConfig = '' - try_files $uri /index.php$request_uri; - access_log off; - ''; - }; - extraConfig = '' - more_set_headers "Content-Security-Policy: frame-ancestors 'self' https://*.mathechor.de"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - add_header Referrer-Policy no-referrer; - error_page 403 /core/templates/403.php; - error_page 404 /core/templates/404.php; - client_max_body_size ${cfg.maxUploadSize}; - fastcgi_buffers 64 4K; - fastcgi_hide_header X-Powered-By; - gzip on; - gzip_vary on; - gzip_comp_level 4; - gzip_min_length 256; - gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; - gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; - - ${optionalString cfg.webfinger '' - rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - ''} - ''; - }; - }; - }; - }) - ]); - - meta.doc = ./nextcloud.xml; -} diff --git a/hosts/hera/nextcloud.xml b/hosts/hera/nextcloud.xml deleted file mode 100644 index dfefa55c..00000000 --- a/hosts/hera/nextcloud.xml +++ /dev/null @@ -1,115 +0,0 @@ - - Nextcloud - - Nextcloud is an open-source, - self-hostable cloud platform. The server setup can be automated using - services.nextcloud. A - desktop client is packaged at pkgs.nextcloud-client. - -

- Basic usage - - - Nextcloud is a PHP-based application which requires an HTTP server - (services.nextcloud - optionally supports - services.nginx) - and a database (it's recommended to use - services.postgresql). - - - - A very basic configuration may look like this: -{ pkgs, ... }: -{ - services.nextcloud = { - enable = true; - hostName = "nextcloud.tld"; - nginx.enable = true; - config = { - dbtype = "pgsql"; - dbuser = "nextcloud"; - dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself - dbname = "nextcloud"; - adminpassFile = "/path/to/admin-pass-file"; - adminuser = "root"; - }; - }; - - services.postgresql = { - enable = true; - initialScript = pkgs.writeText "psql-init" '' - CREATE ROLE nextcloud WITH LOGIN; - CREATE DATABASE nextcloud WITH OWNER nextcloud; - ''; - }; - - # ensure that postgres is running *before* running the setup - systemd.services."nextcloud-setup" = { - requires = ["postgresql.service"]; - after = ["postgresql.service"]; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; -} - - - - The options hostName and nginx.enable - are used internally to configure an HTTP server using - PHP-FPM - and nginx. The config attribute set is - used for the config.php which is used for the - application's configuration. Beware: this isn't entirely pure - since the config is modified by the application's runtime! - - - - In case the application serves multiple hosts (those are checked with - $_SERVER['HTTP_HOST']) - those can be added using - services.nextcloud.config.extraTrustedDomains. - -
-
- Pitfalls - - - Unfortunately Nextcloud appears to be very stateful when it comes to - managing its own configuration. The config file lives in the home directory - of the nextcloud user (by default - /var/lib/nextcloud/config/config.php) and is also used to - track several states of the application (e.g. whether installed or not). - - - - Right now changes to the services.nextcloud.config - attribute set won't take effect after the first install (except - services.nextcloud.config.extraTrustedDomains) - since the actual configuration file is generated by the NextCloud installer - which also sets up critical parts such as the database structure. - - - - Warning: don't delete config.php! This file - tracks the application's state and a deletion can cause unwanted - side-effects! - - - - Warning: don't rerun nextcloud-occ - maintenance:install! This command tries to install the application - and can cause unwanted side-effects! - - - - The issues are known and reported in - #49783, - for now it's unfortunately necessary to manually work around these issues. - -
- diff --git a/lib/default.nix b/lib/default.nix index 5797dcbc..baee26ba 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -34,6 +34,7 @@ rec { p.hlint p.ghcid p.cabal-install + p.classy-prelude p.haskell-ci p.shake ]); diff --git a/pkgs/default.nix b/pkgs/default.nix index 1fc829cb..df04ba99 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -26,12 +26,25 @@ in rec { BACKGROUND_COLOR = colors.background; }; keybindings = { - DECREMENT_FONT = - "control+shift+minus"; # Das ist neo für control+minus, k.A. warum. + INCREMENT_FONT = "control+minus"; + DECREMENT_FONT = "control+plus"; }; }; }; + start-agent = pkgs.writeShellScriptBin "start-ssh-agent" '' + ${pkgs.psmisc}/bin/killall -q ssh-agent + eval `${pkgs.openssh}/bin/ssh-agent -s` + systemctl --user set-environment SSH_AUTH_SOCK="$SSH_AUTH_SOCK" + systemctl --user set-environment SSH_AGENT_PID="$SSH_AGENT_PID" + ''; + cat-pw = pkgs.writeShellScriptBin "cat-ssh-pw" '' + pass eu/m-0/$(hostname).m-0.eu/ssh-key + ''; + my-ssh-add = pkgs.writeShellScriptBin "my-ssh-add" '' + SSH_ASKPASS=${cat-pw}/bin/cat-ssh-pw ${pkgs.openssh}/bin/ssh-add < /dev/null + ''; + gitstatus = pkgs.callPackage ./powerlevel10k/gitstatus.nix { libgit2 = pkgs.libgit2.overrideAttrs (attrs: { src = pkgs.fetchFromGitHub { @@ -151,6 +164,8 @@ in rec { # web chromium + upower speedtest-cli + # communication signal-desktop tdesktop acpi dino mumble @@ -196,9 +211,12 @@ in rec { fi ''; desktop-pkgs = { - inherit urxvt terminal ate; - inherit (pkgs) xautolock; + inherit urxvt terminal ate start-agent my-ssh-add; inherit (pkgs.gnome3) dconf; + inherit (pkgs) + lm_sensors sway swaylock swayidle xwayland rofi i3status-rust waybar + dmenu; + }; home-pkgs = { nixfmt = import sources.nixfmt { }; diff --git a/pkgs/nvim/vimrc b/pkgs/nvim/vimrc index fa8710de..8f7d9b6d 100644 --- a/pkgs/nvim/vimrc +++ b/pkgs/nvim/vimrc @@ -40,7 +40,6 @@ nnoremap gT nnoremap gt let mapleader="," -hi CursorColumn ctermbg=black set winaltkeys=no set noai @@ -73,6 +72,7 @@ let g:autoformat_autoindent = 0 let g:autoformat_retab = 0 colorscheme PaperColor +hi Normal ctermbg=black " if hidden is not set, TextEdit might fail. set hidden diff --git a/system/modules/laptop.nix b/system/modules/laptop.nix index 344e2ace..45e5a657 100644 --- a/system/modules/laptop.nix +++ b/system/modules/laptop.nix @@ -13,13 +13,14 @@ in { }; }; config = mkIf config.m-0.laptop.enable { + networking = { networkmanager.enable = true; }; i18n.consoleKeyMap = "neo"; sound.enable = true; hardware.opengl = { - driSupport = true; - driSupport32Bit = true; + enable = true; + driSupport32Bit = true; # for gw2 }; hardware.pulseaudio = { enable = true; @@ -29,8 +30,19 @@ in { }; }; nixpkgs.config.allowUnfree = true; + security.pam.services.swaylock = { }; + programs.dconf.enable = true; services = { + upower.enable = true; + printing = { + enable = true; + drivers = [ pkgs.gutenprint pkgs.hplip ]; + }; + udev.extraRules = '' + ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness" + ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness" + ''; unbound = { enable = true; extraConfig = '' @@ -42,29 +54,6 @@ in { forward-addr: 172.23.0.53 ''; }; - mpd = { - enable = true; - user = me.user; - group = "users"; - network.listenAddress = "::1"; - musicDirectory = "/home/${me.user}/data/aktuell/media/musik"; - extraConfig = '' - audio_output { - type "pulse" - name "Pulseaudio" - server "localhost" - } - ''; - }; - xserver = { - enable = true; - layout = "de"; - xkbVariant = "neo"; - displayManager.auto = { - enable = true; - user = "maralorn"; - }; - }; }; }; } diff --git a/system/standalone/admin.nix b/system/standalone/admin.nix index b151a676..9fe50cd7 100644 --- a/system/standalone/admin.nix +++ b/system/standalone/admin.nix @@ -8,7 +8,8 @@ in { description = me.name; isNormalUser = true; uid = 1000; - extraGroups = [ "wheel" "systemd-journal" "networkmanager" "docker" ]; + extraGroups = + [ "wheel" "systemd-journal" "networkmanager" "docker" "video" ]; openssh.authorizedKeys.keys = me.keys; passwordFile = me.pw-file; };