Reformat
This commit is contained in:
parent
c36c483ab3
commit
a1bb4277b1
|
@ -1,13 +1,8 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
nix = {
|
nix = {
|
||||||
binaryCaches = [
|
binaryCaches = [ "https://all-hies.cachix.org" ];
|
||||||
"https://all-hies.cachix.org"
|
binaryCachePublicKeys =
|
||||||
];
|
[ "all-hies.cachix.org-1:JjrzAOEUsD9ZMt8fdFbzo3jNAyEWlPAwdVuHw4RD43k=" ];
|
||||||
binaryCachePublicKeys = [
|
|
||||||
"all-hies.cachix.org-1:JjrzAOEUsD9ZMt8fdFbzo3jNAyEWlPAwdVuHw4RD43k="
|
|
||||||
];
|
|
||||||
trustedUsers = [ "root" "maralorn" ];
|
trustedUsers = [ "root" "maralorn" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +1,8 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
nix = {
|
nix = {
|
||||||
binaryCaches = [
|
binaryCaches = [ "https://cachix.cachix.org" ];
|
||||||
"https://cachix.cachix.org"
|
binaryCachePublicKeys =
|
||||||
];
|
[ "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" ];
|
||||||
binaryCachePublicKeys = [
|
|
||||||
"cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
|
|
||||||
];
|
|
||||||
trustedUsers = [ "root" "maralorn" ];
|
trustedUsers = [ "root" "maralorn" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +1,8 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
nix = {
|
nix = {
|
||||||
binaryCaches = [
|
binaryCaches = [ "https://nixfmt.cachix.org" ];
|
||||||
"https://nixfmt.cachix.org"
|
binaryCachePublicKeys =
|
||||||
];
|
[ "nixfmt.cachix.org-1:uyEQg16IhCFeDpFV07aL+Dbmh18XHVUqpkk/35WAgJI=" ];
|
||||||
binaryCachePublicKeys = [
|
|
||||||
"nixfmt.cachix.org-1:uyEQg16IhCFeDpFV07aL+Dbmh18XHVUqpkk/35WAgJI="
|
|
||||||
];
|
|
||||||
trustedUsers = [ "root" "maralorn" ];
|
trustedUsers = [ "root" "maralorn" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,75 +4,70 @@ with lib;
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
imports = [ ./secret ];
|
imports = [ ./secret ];
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
m-0.monitoring = [ {
|
m-0.monitoring = [{
|
||||||
host = "apollo:9100";
|
host = "apollo:9100";
|
||||||
name = "apollo";
|
name = "apollo";
|
||||||
} ];
|
}];
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
options = {
|
|
||||||
m-0.private = mkOption {
|
|
||||||
default = {};
|
|
||||||
type = types.attrs;
|
|
||||||
};
|
};
|
||||||
m-0.prefix = mkOption {
|
|
||||||
default = "2a02:c207:3002:7584";
|
options = {
|
||||||
type = types.str;
|
m-0.private = mkOption {
|
||||||
};
|
default = { };
|
||||||
m-0.monitoring = mkOption {
|
type = types.attrs;
|
||||||
type = types.listOf (types.submodule {
|
};
|
||||||
options = {
|
m-0.prefix = mkOption {
|
||||||
name = mkOption {
|
default = "2a02:c207:3002:7584";
|
||||||
type = types.str;
|
type = types.str;
|
||||||
|
};
|
||||||
|
m-0.monitoring = mkOption {
|
||||||
|
type = types.listOf (types.submodule {
|
||||||
|
options = {
|
||||||
|
name = mkOption { type = types.str; };
|
||||||
|
host = mkOption { type = types.str; };
|
||||||
};
|
};
|
||||||
host = mkOption {
|
});
|
||||||
type = types.str;
|
default = [ ];
|
||||||
|
};
|
||||||
|
m-0.hosts = mkOption {
|
||||||
|
type = types.attrs;
|
||||||
|
default = let
|
||||||
|
p = config.m-0.prefix;
|
||||||
|
hera-p = "${p}::3";
|
||||||
|
apollo-p = "${p}::1";
|
||||||
|
wg-p = "${p}::100";
|
||||||
|
v4-p = "10.0.0";
|
||||||
|
in rec {
|
||||||
|
hera = "${p}::1";
|
||||||
|
|
||||||
|
hera-v4 = "213.136.94.190";
|
||||||
|
|
||||||
|
hera-wg = "${wg-p}:1";
|
||||||
|
apollo-wg = "${wg-p}:2";
|
||||||
|
|
||||||
|
hera-intern = "${hera-p}:1";
|
||||||
|
git = "${hera-p}:2";
|
||||||
|
borg = "${hera-p}:3";
|
||||||
|
dav = "${hera-p}:5";
|
||||||
|
blog = "${hera-p}:6";
|
||||||
|
chor = "${hera-p}:7";
|
||||||
|
matrix = "${hera-p}:8";
|
||||||
|
cloud = "${hera-p}:9";
|
||||||
|
web = "${hera-p}:a";
|
||||||
|
mathechor-cloud = "${hera-p}:b";
|
||||||
|
monitoring = "${hera-p}:c";
|
||||||
|
|
||||||
|
apollo = apollo-wg;
|
||||||
|
|
||||||
|
hera-intern-v4 = "${v4-p}.1";
|
||||||
|
cloud-intern-v4 = "${v4-p}.2";
|
||||||
|
mathechor-cloud-intern-v4 = "${v4-p}.3";
|
||||||
|
matrix-intern-v4 = "${v4-p}.4";
|
||||||
|
monitoring-intern-v4 = "${v4-p}.5";
|
||||||
};
|
};
|
||||||
};
|
|
||||||
});
|
|
||||||
default = [];
|
|
||||||
};
|
|
||||||
m-0.hosts = mkOption {
|
|
||||||
type = types.attrs;
|
|
||||||
default = let
|
|
||||||
p = config.m-0.prefix;
|
|
||||||
hera-p = "${p}::3";
|
|
||||||
apollo-p = "${p}::1";
|
|
||||||
wg-p = "${p}::100";
|
|
||||||
v4-p = "10.0.0";
|
|
||||||
in rec {
|
|
||||||
hera = "${p}::1";
|
|
||||||
|
|
||||||
hera-v4 = "213.136.94.190";
|
|
||||||
|
|
||||||
hera-wg = "${wg-p}:1";
|
|
||||||
apollo-wg = "${wg-p}:2";
|
|
||||||
|
|
||||||
hera-intern = "${hera-p}:1";
|
|
||||||
git = "${hera-p}:2";
|
|
||||||
borg = "${hera-p}:3";
|
|
||||||
dav = "${hera-p}:5";
|
|
||||||
blog = "${hera-p}:6";
|
|
||||||
chor = "${hera-p}:7";
|
|
||||||
matrix = "${hera-p}:8";
|
|
||||||
cloud = "${hera-p}:9";
|
|
||||||
web = "${hera-p}:a";
|
|
||||||
mathechor-cloud = "${hera-p}:b";
|
|
||||||
monitoring = "${hera-p}:c";
|
|
||||||
|
|
||||||
apollo = apollo-wg;
|
|
||||||
|
|
||||||
hera-intern-v4 = "${v4-p}.1";
|
|
||||||
cloud-intern-v4 = "${v4-p}.2";
|
|
||||||
mathechor-cloud-intern-v4 = "${v4-p}.3";
|
|
||||||
matrix-intern-v4 = "${v4-p}.4";
|
|
||||||
monitoring-intern-v4 = "${v4-p}.5";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,18 +1,25 @@
|
||||||
rec {
|
rec {
|
||||||
pkgs = import <nixpkgs> {};
|
pkgs = import <nixpkgs> { };
|
||||||
unstable = import <unstable> {};
|
unstable = import <unstable> { };
|
||||||
sources = import ../nix/sources.nix;
|
sources = import ../nix/sources.nix;
|
||||||
shh = unstable.haskell.lib.overrideCabal unstable.haskellPackages.shh (drv: {
|
shh = unstable.haskell.lib.overrideCabal unstable.haskellPackages.shh (drv: {
|
||||||
broken = false;
|
broken = false;
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
});
|
});
|
||||||
shh-extras = unstable.haskell.lib.overrideCabal unstable.haskellPackages.shh-extras (drv: {
|
shh-extras =
|
||||||
broken = false;
|
unstable.haskell.lib.overrideCabal unstable.haskellPackages.shh-extras
|
||||||
doCheck = false;
|
(drv: {
|
||||||
});
|
broken = false;
|
||||||
|
doCheck = false;
|
||||||
|
});
|
||||||
haskellList = list: ''["${builtins.concatStringsSep ''", "'' list}"]'';
|
haskellList = list: ''["${builtins.concatStringsSep ''", "'' list}"]'';
|
||||||
writeHaskellScript = { name ? "haskell-script", bins ? [pkgs.coreutils], libraries ? [], imports ? []}: code:
|
writeHaskellScript = { name ? "haskell-script", bins ? [ pkgs.coreutils ]
|
||||||
unstable.writers.writeHaskellBin name { libraries = libraries ++ [shh unstable.haskellPackages.string-interpolate ]; } ''
|
, libraries ? [ ], imports ? [ ] }:
|
||||||
|
code:
|
||||||
|
unstable.writers.writeHaskellBin name {
|
||||||
|
libraries = libraries
|
||||||
|
++ [ shh unstable.haskellPackages.string-interpolate ];
|
||||||
|
} ''
|
||||||
{-# LANGUAGE DeriveDataTypeable #-}
|
{-# LANGUAGE DeriveDataTypeable #-}
|
||||||
{-# LANGUAGE TemplateHaskell #-}
|
{-# LANGUAGE TemplateHaskell #-}
|
||||||
{-# LANGUAGE QuasiQuotes #-}
|
{-# LANGUAGE QuasiQuotes #-}
|
||||||
|
@ -37,9 +44,10 @@ rec {
|
||||||
'';
|
'';
|
||||||
get-niv-path = writeHaskellScript {
|
get-niv-path = writeHaskellScript {
|
||||||
name = "get-niv-path";
|
name = "get-niv-path";
|
||||||
bins = [pkgs.nix];
|
bins = [ pkgs.nix ];
|
||||||
imports = ["System.Console.CmdArgs.Implicit"];
|
imports = [ "System.Console.CmdArgs.Implicit" ];
|
||||||
libraries = [ unstable.haskellPackages.cmdargs unstable.haskellPackages.text ];
|
libraries =
|
||||||
|
[ unstable.haskellPackages.cmdargs unstable.haskellPackages.text ];
|
||||||
} ''
|
} ''
|
||||||
|
|
||||||
trimQuotation = pureProc $ LTE.encodeUtf8 . LT.dropAround ('"' ==) . LTE.decodeUtf8 . trim
|
trimQuotation = pureProc $ LTE.encodeUtf8 . LT.dropAround ('"' ==) . LTE.decodeUtf8 . trim
|
||||||
|
@ -49,7 +57,7 @@ rec {
|
||||||
let expr = [i|(import #{sources}).#{channel}|]
|
let expr = [i|(import #{sources}).#{channel}|]
|
||||||
nix_build ["-Q", "-E", expr, "--no-out-link"] &> devNull
|
nix_build ["-Q", "-E", expr, "--no-out-link"] &> devNull
|
||||||
nix_instantiate ["--eval", "-E", [i|toString #{expr}|]] |> trimQuotation
|
nix_instantiate ["--eval", "-E", [i|toString #{expr}|]] |> trimQuotation
|
||||||
'';
|
'';
|
||||||
home-manager = pkgs.callPackage <home-manager/home-manager> {};
|
home-manager = pkgs.callPackage <home-manager/home-manager> { };
|
||||||
gcRetentionDays = 5;
|
gcRetentionDays = 5;
|
||||||
}
|
}
|
||||||
|
|
170
common/pkgs.nix
170
common/pkgs.nix
|
@ -1,72 +1,46 @@
|
||||||
rec {
|
rec {
|
||||||
my-lib = import ../common/lib.nix;
|
my-lib = import ../common/lib.nix;
|
||||||
inherit (my-lib) pkgs unstable sources;
|
inherit (my-lib) pkgs unstable sources;
|
||||||
tasktree = pkgs.callPackage ../packages/tasktree {};
|
tasktree = pkgs.callPackage ../packages/tasktree { };
|
||||||
neovim = pkgs.neovim.override {
|
neovim = pkgs.neovim.override {
|
||||||
vimAlias = true;
|
vimAlias = true;
|
||||||
withPython3 = true;
|
withPython3 = true;
|
||||||
};
|
};
|
||||||
home-neovim = (import ../home-manager/nvim) neovim;
|
home-neovim = (import ../home-manager/nvim) neovim;
|
||||||
niv = (import sources.niv {}).niv;
|
niv = (import sources.niv { }).niv;
|
||||||
|
|
||||||
# pkgs assumed to be present on a non nixos host
|
# pkgs assumed to be present on a non nixos host
|
||||||
core-system-pkgs = {
|
core-system-pkgs = {
|
||||||
inherit neovim;
|
inherit neovim;
|
||||||
inherit (pkgs)
|
inherit (pkgs)
|
||||||
gitFull
|
gitFull gnumake python3 mkpasswd file wget curl wireguard gnupg mutt bind
|
||||||
gnumake
|
liboping psmisc unzip rename whois lsof;
|
||||||
python3
|
|
||||||
mkpasswd
|
|
||||||
file
|
|
||||||
wget
|
|
||||||
curl
|
|
||||||
wireguard
|
|
||||||
gnupg
|
|
||||||
mutt
|
|
||||||
bind
|
|
||||||
liboping
|
|
||||||
psmisc
|
|
||||||
unzip
|
|
||||||
rename
|
|
||||||
whois
|
|
||||||
lsof;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
extra-system-pkgs = {
|
extra-system-pkgs = {
|
||||||
lorri = import sources.lorri { src = sources.lorri; pkgs = unstable; };
|
lorri = import sources.lorri {
|
||||||
|
src = sources.lorri;
|
||||||
|
pkgs = unstable;
|
||||||
|
};
|
||||||
inherit niv;
|
inherit niv;
|
||||||
inherit (pkgs.gitAndTools) git-annex;
|
inherit (pkgs.gitAndTools) git-annex;
|
||||||
inherit (pkgs.rxvt_unicode) terminfo;
|
inherit (pkgs.rxvt_unicode) terminfo;
|
||||||
inherit (pkgs.pythonPackages) qrcode;
|
inherit (pkgs.pythonPackages) qrcode;
|
||||||
inherit (pkgs)
|
inherit (pkgs)
|
||||||
|
|
||||||
git-crypt
|
git-crypt htop tree pwgen borgbackup inotifyTools
|
||||||
htop
|
|
||||||
tree
|
|
||||||
pwgen
|
|
||||||
borgbackup
|
|
||||||
inotifyTools
|
|
||||||
|
|
||||||
direnv
|
direnv
|
||||||
|
|
||||||
socat
|
socat nmap tcpdump
|
||||||
nmap
|
|
||||||
tcpdump
|
|
||||||
|
|
||||||
tmux
|
tmux tig exa fzf ag fd bat
|
||||||
tig
|
|
||||||
exa
|
|
||||||
fzf
|
|
||||||
ag
|
|
||||||
fd
|
|
||||||
bat
|
|
||||||
|
|
||||||
ripgrep
|
ripgrep
|
||||||
|
|
||||||
ranger
|
ranger
|
||||||
|
|
||||||
pass
|
pass sshuttle;
|
||||||
sshuttle;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
laptop-home-pkgs = {
|
laptop-home-pkgs = {
|
||||||
|
@ -80,97 +54,75 @@ rec {
|
||||||
sleep 0.1s;
|
sleep 0.1s;
|
||||||
nmcli r wifi on;
|
nmcli r wifi on;
|
||||||
'';
|
'';
|
||||||
cachix = import sources.cachix {};
|
cachix = import sources.cachix { };
|
||||||
nixfmt = import sources.nixfmt {};
|
nixfmt = import sources.nixfmt { };
|
||||||
inherit (pkgs.gnome3) nautilus;
|
inherit (pkgs.gnome3) nautilus;
|
||||||
inherit (unstable.haskellPackages) brittany;
|
inherit (unstable.haskellPackages) brittany;
|
||||||
inherit (pkgs.xorg) xev xbacklight;
|
inherit (pkgs.xorg) xev xbacklight;
|
||||||
inherit (pkgs)
|
inherit (pkgs)
|
||||||
# web
|
# web
|
||||||
chromium
|
chromium
|
||||||
|
|
||||||
# communication
|
# communication
|
||||||
signal-desktop
|
signal-desktop tdesktop acpi dino mumble
|
||||||
tdesktop
|
|
||||||
acpi
|
|
||||||
dino
|
|
||||||
mumble
|
|
||||||
|
|
||||||
# config
|
# config
|
||||||
arandr
|
arandr
|
||||||
|
|
||||||
#dev
|
#dev
|
||||||
meld
|
meld icedtea8_web octave filezilla
|
||||||
icedtea8_web
|
|
||||||
octave
|
|
||||||
filezilla
|
|
||||||
|
|
||||||
# tools & office
|
# tools & office
|
||||||
feh
|
feh gimp imagemagick ghostscript libreoffice-fresh pandoc xournal
|
||||||
gimp
|
musescore handbrake evince
|
||||||
imagemagick
|
|
||||||
ghostscript
|
|
||||||
libreoffice-fresh
|
|
||||||
pandoc
|
|
||||||
xournal
|
|
||||||
musescore
|
|
||||||
handbrake
|
|
||||||
evince
|
|
||||||
|
|
||||||
|
networkmanagerapplet
|
||||||
|
# teamviewer
|
||||||
|
|
||||||
networkmanagerapplet
|
# media
|
||||||
# teamviewer
|
ncpamixer pavucontrol deluge mpd gmpc calibre mpv youtubeDL
|
||||||
|
|
||||||
# media
|
minetest;
|
||||||
ncpamixer
|
};
|
||||||
pavucontrol
|
|
||||||
deluge
|
|
||||||
mpd
|
|
||||||
gmpc
|
|
||||||
calibre
|
|
||||||
mpv
|
|
||||||
youtubeDL
|
|
||||||
|
|
||||||
minetest
|
|
||||||
;};
|
|
||||||
|
|
||||||
my-home-pkgs = {
|
my-home-pkgs = {
|
||||||
print215 = pkgs.writeShellScriptBin "print215" ''
|
print215 = pkgs.writeShellScriptBin "print215" ''
|
||||||
scp "$@" ag-forward:
|
scp "$@" ag-forward:
|
||||||
ssh ag-forward lpr -Zduplex -r "$@"
|
ssh ag-forward lpr -Zduplex -r "$@"
|
||||||
'';
|
'';
|
||||||
print215single = pkgs.writeShellScriptBin "print215single" ''
|
print215single = pkgs.writeShellScriptBin "print215single" ''
|
||||||
scp "$@" ag-forward:
|
scp "$@" ag-forward:
|
||||||
ssh ag-forward lpr -r "$@"
|
ssh ag-forward lpr -r "$@"
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
urxvt = pkgs.rxvt_unicode-with-plugins;
|
urxvt = pkgs.rxvt_unicode-with-plugins;
|
||||||
terminal = pkgs.writeShellScriptBin "terminal" ''
|
terminal = pkgs.writeShellScriptBin "terminal" ''
|
||||||
${urxvt}/bin/urxvtc "$@"
|
${urxvt}/bin/urxvtc "$@"
|
||||||
if [ $? -eq 2 ]; then
|
if [ $? -eq 2 ]; then
|
||||||
${urxvt}/bin/urxvtd -q -o -f
|
${urxvt}/bin/urxvtd -q -o -f
|
||||||
${urxvt}/bin/urxvtc "$@"
|
${urxvt}/bin/urxvtc "$@"
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
desktop-pkgs = {
|
desktop-pkgs = {
|
||||||
inherit urxvt tasktree terminal;
|
inherit urxvt tasktree terminal;
|
||||||
inherit (pkgs) xautolock;
|
inherit (pkgs) xautolock;
|
||||||
inherit (pkgs.gnome3) dconf;
|
inherit (pkgs.gnome3) dconf;
|
||||||
};
|
};
|
||||||
home-pkgs = {
|
home-pkgs = {
|
||||||
inherit (pkgs) ncmpcpp;
|
inherit (pkgs) ncmpcpp;
|
||||||
inherit (my-lib) shh;
|
inherit (my-lib) shh;
|
||||||
inherit home-neovim;
|
inherit home-neovim;
|
||||||
};
|
};
|
||||||
accounting-pkgs = {
|
accounting-pkgs = {
|
||||||
jali = pkgs.callPackage ../packages/jali {};
|
jali = pkgs.callPackage ../packages/jali { };
|
||||||
inherit (pkgs.haskellPackages) hledger hledger-ui;
|
inherit (pkgs.haskellPackages) hledger hledger-ui;
|
||||||
inherit (pkgs) ledger;
|
inherit (pkgs) ledger;
|
||||||
};
|
};
|
||||||
system-pkgs = core-system-pkgs // extra-system-pkgs // {
|
system-pkgs = core-system-pkgs // extra-system-pkgs // {
|
||||||
inherit (import ./test-lib.nix) test-system-config test-home-config test-and-bump-config;
|
inherit (import ./test-lib.nix)
|
||||||
|
test-system-config test-home-config test-and-bump-config;
|
||||||
inherit (import ../common/lib.nix) home-manager;
|
inherit (import ../common/lib.nix) home-manager;
|
||||||
};
|
};
|
||||||
foreign-home-pkgs = extra-system-pkgs;
|
foreign-home-pkgs = extra-system-pkgs;
|
||||||
eventd = pkgs.callPackage ../packages/eventd {};
|
eventd = pkgs.callPackage ../packages/eventd { };
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
|
@ -1,8 +1,8 @@
|
||||||
let
|
let
|
||||||
pkgs = import <nixpkgs> {};
|
pkgs = import <nixpkgs> { };
|
||||||
inherit (import ../common/lib.nix) writeHaskellScript get-niv-path home-manager unstable niv haskellList;
|
inherit (import ../common/lib.nix)
|
||||||
haskellBody = commandline:
|
writeHaskellScript get-niv-path home-manager unstable niv haskellList;
|
||||||
''
|
haskellBody = commandline: ''
|
||||||
getNivPath dir = readTrim . get_niv_path ([i|#{dir :: String}/nix/sources.nix|] :: String)
|
getNivPath dir = readTrim . get_niv_path ([i|#{dir :: String}/nix/sources.nix|] :: String)
|
||||||
|
|
||||||
getNivAssign dir name = fmap process . getNivPath dir $ name
|
getNivAssign dir name = fmap process . getNivPath dir $ name
|
||||||
|
@ -12,57 +12,65 @@ let
|
||||||
(configDir:hostname:args) <- getArgs
|
(configDir:hostname:args) <- getArgs
|
||||||
paths <- concat <$> mapM (getNivAssign configDir) ["nixpkgs", "unstable", "home-manager"]
|
paths <- concat <$> mapM (getNivAssign configDir) ["nixpkgs", "unstable", "home-manager"]
|
||||||
${commandline}
|
${commandline}
|
||||||
'';
|
'';
|
||||||
bins = [ get-niv-path pkgs.nix ];
|
bins = [ get-niv-path pkgs.nix ];
|
||||||
|
|
||||||
test-system-config = writeHaskellScript {
|
test-system-config = writeHaskellScript {
|
||||||
name = "test-system-config";
|
name = "test-system-config";
|
||||||
inherit bins;
|
inherit bins;
|
||||||
} (haskellBody
|
} (haskellBody ''
|
||||||
''
|
nix $ ["build", "-f", "<nixpkgs/nixos>", "system"] ++ paths ++ ["-I", [i|nixos-config=#{configDir}/hosts/#{hostname}/configuration.nix|], "-o", [i|result-system-#{hostname}|]] ++ args
|
||||||
nix $ ["build", "-f", "<nixpkgs/nixos>", "system"] ++ paths ++ ["-I", [i|nixos-config=#{configDir}/hosts/#{hostname}/configuration.nix|], "-o", [i|result-system-#{hostname}|]] ++ args
|
'');
|
||||||
'');
|
|
||||||
|
|
||||||
test-home-config = writeHaskellScript {
|
test-home-config = writeHaskellScript {
|
||||||
name = "test-home-config";
|
name = "test-home-config";
|
||||||
inherit bins;
|
inherit bins;
|
||||||
} (haskellBody
|
} (haskellBody ''
|
||||||
''
|
nix $ ["build", "-f", "<home-manager/home-manager/home-manager.nix>"] ++ paths ++ ["--argstr", "confPath", [i|#{configDir}/hosts/#{hostname}/home.nix|], "--argstr", "confAttr", "", "--out-link", [i|result-home-manager-#{hostname}|], "activationPackage"] ++ args
|
||||||
nix $ ["build", "-f", "<home-manager/home-manager/home-manager.nix>"] ++ paths ++ ["--argstr", "confPath", [i|#{configDir}/hosts/#{hostname}/home.nix|], "--argstr", "confAttr", "", "--out-link", [i|result-home-manager-#{hostname}|], "activationPackage"] ++ args
|
'');
|
||||||
'');
|
|
||||||
|
|
||||||
repoSrc = "git@hera.m-0.eu:nixos-config";
|
repoSrc = "git@hera.m-0.eu:nixos-config";
|
||||||
configPath = "/etc/nixos";
|
configPath = "/etc/nixos";
|
||||||
systems = ["apollo" "hera"];
|
systems = [ "apollo" "hera" ];
|
||||||
homes = ["apollo" "hera" "hephaistos"];
|
homes = [ "apollo" "hera" "hephaistos" ];
|
||||||
keys = ["default" "apollo" "hera"];
|
keys = [ "default" "apollo" "hera" ];
|
||||||
test-and-bump-config = writeHaskellScript {
|
test-and-bump-config = writeHaskellScript {
|
||||||
name = "test-and-bump-config";
|
name = "test-and-bump-config";
|
||||||
bins = [ test-system-config test-home-config pkgs.git pkgs.coreutils niv pkgs.git-crypt ];
|
bins = [
|
||||||
imports = [ "Control.Exception (bracket)" "System.Directory (withCurrentDirectory)" "Control.Monad (when)"];
|
test-system-config
|
||||||
|
test-home-config
|
||||||
|
pkgs.git
|
||||||
|
pkgs.coreutils
|
||||||
|
niv
|
||||||
|
pkgs.git-crypt
|
||||||
|
];
|
||||||
|
imports = [
|
||||||
|
"Control.Exception (bracket)"
|
||||||
|
"System.Directory (withCurrentDirectory)"
|
||||||
|
"Control.Monad (when)"
|
||||||
|
];
|
||||||
} ''
|
} ''
|
||||||
checkout :: IO FilePath
|
checkout :: IO FilePath
|
||||||
checkout = do
|
checkout = do
|
||||||
dir <- LBSC.unpack <$> (readTrim $ mktemp "-d")
|
dir <- LBSC.unpack <$> (readTrim $ mktemp "-d")
|
||||||
git "clone" "${repoSrc}" dir
|
git "clone" "${repoSrc}" dir
|
||||||
return dir
|
return dir
|
||||||
|
|
||||||
main = do
|
main = do
|
||||||
path <- readTrim pwd
|
path <- readTrim pwd
|
||||||
bracket checkout (rm "-rf") $ \dir -> do
|
bracket checkout (rm "-rf") $ \dir -> do
|
||||||
withCurrentDirectory dir $ do
|
withCurrentDirectory dir $ do
|
||||||
mapM_ (\x -> git_crypt "unlock" ([i|${configPath}/.git/git-crypt/keys/#{x}|] :: String)) ${haskellList keys}
|
mapM_ (\x -> git_crypt "unlock" ([i|${configPath}/.git/git-crypt/keys/#{x}|] :: String)) ${
|
||||||
ignoreFailure $ niv "update"
|
haskellList keys
|
||||||
mapM_ (test_system_config dir) ${haskellList systems}
|
}
|
||||||
mapM_ (test_home_config dir) ${haskellList homes}
|
ignoreFailure $ niv "update"
|
||||||
changed <- ((mempty /=) <$>) . readTrim $ git "-C" dir "status" "--porcelain"
|
mapM_ (test_system_config dir) ${haskellList systems}
|
||||||
when changed $ do
|
mapM_ (test_home_config dir) ${haskellList homes}
|
||||||
git "-C" dir "config" "user.email" "maralorn@maralorn.de"
|
changed <- ((mempty /=) <$>) . readTrim $ git "-C" dir "status" "--porcelain"
|
||||||
git "-C" dir "config" "user.name" "maralorn (nix-auto-updater)"
|
when changed $ do
|
||||||
git "-C" dir "commit" "-am" "Update dependencies with niv"
|
git "-C" dir "config" "user.email" "maralorn@maralorn.de"
|
||||||
git "-C" dir "push"
|
git "-C" dir "config" "user.name" "maralorn (nix-auto-updater)"
|
||||||
'';
|
git "-C" dir "commit" "-am" "Update dependencies with niv"
|
||||||
in
|
git "-C" dir "push"
|
||||||
{
|
'';
|
||||||
inherit test-system-config test-home-config test-and-bump-config;
|
in { inherit test-system-config test-home-config test-and-bump-config; }
|
||||||
}
|
|
||||||
|
|
|
@ -2,37 +2,31 @@
|
||||||
let
|
let
|
||||||
inherit (import ../common/pkgs.nix) eventd;
|
inherit (import ../common/pkgs.nix) eventd;
|
||||||
battery-watch = pkgs.writeScript "battery-watch" ''
|
battery-watch = pkgs.writeScript "battery-watch" ''
|
||||||
#!${pkgs.stdenv.shell}
|
#!${pkgs.stdenv.shell}
|
||||||
|
|
||||||
critical_level=20 #percent
|
critical_level=20 #percent
|
||||||
|
|
||||||
while true
|
while true
|
||||||
do
|
do
|
||||||
if [ "$(${pkgs.acpi}/bin/acpi -a | grep -o off)" == "off" ]; then
|
if [ "$(${pkgs.acpi}/bin/acpi -a | grep -o off)" == "off" ]; then
|
||||||
battery_level=`${pkgs.acpi}/bin/acpi -b | sed 's/.*[dg], //g;s/\%,.*//g'`
|
battery_level=`${pkgs.acpi}/bin/acpi -b | sed 's/.*[dg], //g;s/\%,.*//g'`
|
||||||
if [ $battery_level -le $critical_level ]; then
|
if [ $battery_level -le $critical_level ]; then
|
||||||
${eventd}/bin/eventc critical battery -d "title='Battery level is low!'" -d "message='Only $battery_level% of the charge remains.'"
|
${eventd}/bin/eventc critical battery -d "title='Battery level is low!'" -d "message='Only $battery_level% of the charge remains.'"
|
||||||
else
|
else
|
||||||
${eventd}/bin/eventc notification battery -d "title='Battery is discharging!'" -d "message='Only $battery_level% of the charge remains.'"
|
${eventd}/bin/eventc notification battery -d "title='Battery is discharging!'" -d "message='Only $battery_level% of the charge remains.'"
|
||||||
sleep 18m
|
sleep 18m
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
fi
|
sleep 2m
|
||||||
sleep 2m
|
done
|
||||||
done
|
'';
|
||||||
'';
|
|
||||||
in {
|
in {
|
||||||
|
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.battery = {
|
services.battery = {
|
||||||
Unit = {
|
Unit = { Description = "Watch battery state and warn user"; };
|
||||||
Description = "Watch battery state and warn user";
|
Service = { ExecStart = toString battery-watch; };
|
||||||
};
|
Install = { WantedBy = [ "graphical-session.target" ]; };
|
||||||
Service = {
|
|
||||||
ExecStart=toString battery-watch;
|
|
||||||
};
|
|
||||||
Install = {
|
|
||||||
WantedBy = [ "graphical-session.target" ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,131 +1,167 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, config, ... }:
|
||||||
let
|
let inherit (config.m-0.private) me meWork;
|
||||||
inherit (config.m-0.private) me meWork;
|
|
||||||
in {
|
in {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
./zsh
|
./zsh
|
||||||
./update-script.nix
|
./update-script.nix
|
||||||
./modules/taskwarrior.nix
|
./modules/taskwarrior.nix
|
||||||
./modules/force-copies.nix
|
./modules/force-copies.nix
|
||||||
./modules/accounting
|
./modules/accounting
|
||||||
./modules/rustdev.nix
|
./modules/rustdev.nix
|
||||||
./modules/latex.nix
|
./modules/latex.nix
|
||||||
./modules/mail.nix
|
./modules/mail.nix
|
||||||
./modules/home-options.nix
|
./modules/home-options.nix
|
||||||
./modules/unlock.nix
|
./modules/unlock.nix
|
||||||
./modules/weechat
|
./modules/weechat
|
||||||
./modules/bugwarrior.nix
|
./modules/bugwarrior.nix
|
||||||
./modules/pythia.nix
|
./modules/pythia.nix
|
||||||
../common
|
../common
|
||||||
];
|
];
|
||||||
|
|
||||||
|
programs = {
|
||||||
programs = {
|
home-manager.enable = true;
|
||||||
home-manager.enable = true;
|
direnv = {
|
||||||
direnv = {
|
enable = true;
|
||||||
enable = true;
|
enableZshIntegration = true;
|
||||||
enableZshIntegration = true;
|
|
||||||
};
|
|
||||||
tmux = {
|
|
||||||
enable = true;
|
|
||||||
extraConfig = ''
|
|
||||||
set default-terminal "screen-256color"
|
|
||||||
set -g set-titles on
|
|
||||||
set -g status off
|
|
||||||
set -g escape-time 1
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
git = {
|
|
||||||
aliases = {
|
|
||||||
sync = "!git pull -r && git push";
|
|
||||||
};
|
};
|
||||||
enable = true;
|
tmux = {
|
||||||
ignores = [
|
enable = true;
|
||||||
".syncthing*.tmp"
|
extraConfig = ''
|
||||||
"*.swp"
|
set default-terminal "screen-256color"
|
||||||
"*.autosave~"
|
set -g set-titles on
|
||||||
"*.aux"
|
set -g status off
|
||||||
"*.bbl"
|
set -g escape-time 1
|
||||||
"*.fls"
|
'';
|
||||||
"*.idx"
|
};
|
||||||
"*.ilg"
|
git = {
|
||||||
"*.ind"
|
aliases = { sync = "!git pull -r && git push"; };
|
||||||
"*.log"
|
enable = true;
|
||||||
"*.out"
|
ignores = [
|
||||||
"*.toc"
|
".syncthing*.tmp"
|
||||||
"*.bcf"
|
"*.swp"
|
||||||
"*.blg"
|
"*.autosave~"
|
||||||
"*.fdb*"
|
"*.aux"
|
||||||
"*.thm"
|
"*.bbl"
|
||||||
"*.run.xml"
|
"*.fls"
|
||||||
"*.slnc"
|
"*.idx"
|
||||||
"*.glade~"
|
"*.ilg"
|
||||||
"__pycache__"
|
"*.ind"
|
||||||
".hledger-web_client_session_key.aes"
|
"*.log"
|
||||||
".nix-gc-roots"
|
"*.out"
|
||||||
];
|
"*.toc"
|
||||||
userEmail = me.mail;
|
"*.bcf"
|
||||||
userName = me.name;
|
"*.blg"
|
||||||
};
|
"*.fdb*"
|
||||||
htop = {
|
"*.thm"
|
||||||
enable = true;
|
"*.run.xml"
|
||||||
hideThreads = true;
|
"*.slnc"
|
||||||
hideUserlandThreads = true;
|
"*.glade~"
|
||||||
highlightBaseName = true;
|
"__pycache__"
|
||||||
shadowOtherUsers = true;
|
".hledger-web_client_session_key.aes"
|
||||||
showProgramPath = false;
|
".nix-gc-roots"
|
||||||
treeView = true;
|
|
||||||
};
|
|
||||||
ssh = {
|
|
||||||
controlMaster = "auto";
|
|
||||||
controlPersist = "120";
|
|
||||||
enable = true;
|
|
||||||
matchBlocks = let
|
|
||||||
matheGwProxy = "ssh -q gw nc -q0 %h %p";
|
|
||||||
agHost = "fb04217.mathematik.tu-darmstadt.de";
|
|
||||||
in [
|
|
||||||
{ host = "charon"; hostname = "charon.olymp.space"; }
|
|
||||||
{ host = "hera"; hostname = "hera.m-0.eu"; forwardAgent = true; }
|
|
||||||
{ host = "ag-forward"; hostname = agHost; proxyCommand = matheGwProxy; user = meWork.user; }
|
|
||||||
{ host = "ag"; hostname = agHost; user = meWork.user; }
|
|
||||||
{ host = "gw"; hostname = "gwres4.mathematik.tu-darmstadt.de"; user = meWork.user; }
|
|
||||||
{ host = "shells"; hostname = "shells.darmstadt.ccc.de"; }
|
|
||||||
{ host = "vorstand"; hostname = "vorstand.darmstadt.ccc.de"; }
|
|
||||||
{ host = "*.darmstadt.ccc.de"; user = me.user; }
|
|
||||||
{ host = "whisky"; hostname = "whisky.w17.io"; user = "chaos"; }
|
|
||||||
{ host = "kitchen"; hostname = "kitchen.w17.io"; user = "chaos"; }
|
|
||||||
{ host = "door.w17.io"; identityFile = "~/.ssh/door_rsa";}
|
|
||||||
];
|
];
|
||||||
|
userEmail = me.mail;
|
||||||
|
userName = me.name;
|
||||||
|
};
|
||||||
|
htop = {
|
||||||
|
enable = true;
|
||||||
|
hideThreads = true;
|
||||||
|
hideUserlandThreads = true;
|
||||||
|
highlightBaseName = true;
|
||||||
|
shadowOtherUsers = true;
|
||||||
|
showProgramPath = false;
|
||||||
|
treeView = true;
|
||||||
|
};
|
||||||
|
ssh = {
|
||||||
|
controlMaster = "auto";
|
||||||
|
controlPersist = "120";
|
||||||
|
enable = true;
|
||||||
|
matchBlocks = let
|
||||||
|
matheGwProxy = "ssh -q gw nc -q0 %h %p";
|
||||||
|
agHost = "fb04217.mathematik.tu-darmstadt.de";
|
||||||
|
in [
|
||||||
|
{
|
||||||
|
host = "charon";
|
||||||
|
hostname = "charon.olymp.space";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "hera";
|
||||||
|
hostname = "hera.m-0.eu";
|
||||||
|
forwardAgent = true;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "ag-forward";
|
||||||
|
hostname = agHost;
|
||||||
|
proxyCommand = matheGwProxy;
|
||||||
|
user = meWork.user;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "ag";
|
||||||
|
hostname = agHost;
|
||||||
|
user = meWork.user;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "gw";
|
||||||
|
hostname = "gwres4.mathematik.tu-darmstadt.de";
|
||||||
|
user = meWork.user;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "shells";
|
||||||
|
hostname = "shells.darmstadt.ccc.de";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "vorstand";
|
||||||
|
hostname = "vorstand.darmstadt.ccc.de";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "*.darmstadt.ccc.de";
|
||||||
|
user = me.user;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "whisky";
|
||||||
|
hostname = "whisky.w17.io";
|
||||||
|
user = "chaos";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "kitchen";
|
||||||
|
hostname = "kitchen.w17.io";
|
||||||
|
user = "chaos";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
host = "door.w17.io";
|
||||||
|
identityFile = "~/.ssh/door_rsa";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
home = {
|
home = {
|
||||||
packages = builtins.attrValues (import ../common/pkgs.nix).home-pkgs;
|
packages = builtins.attrValues (import ../common/pkgs.nix).home-pkgs;
|
||||||
sessionVariables = {
|
sessionVariables = {
|
||||||
PATH = "$HOME/.cargo/bin:/etc/profiles/per-user/${config.home.username}/bin:$HOME/.nix-profile/bin:$PATH";
|
PATH =
|
||||||
BROWSER = "${pkgs.firefox}/bin/firefox";
|
"$HOME/.cargo/bin:/etc/profiles/per-user/${config.home.username}/bin:$HOME/.nix-profile/bin:$PATH";
|
||||||
EDITOR = "${pkgs.neovim}/bin/nvim";
|
BROWSER = "${pkgs.firefox}/bin/firefox";
|
||||||
TERMINAL = config.m-0.terminal;
|
EDITOR = "${pkgs.neovim}/bin/nvim";
|
||||||
EMAIL = me.mail;
|
TERMINAL = config.m-0.terminal;
|
||||||
SUDO_ASKPASS = let
|
EMAIL = me.mail;
|
||||||
print-pw = pkgs.writeShellScriptBin "print-pw" "pass show eu/m-0/${config.m-0.hostName}/user/${config.home.username}";
|
SUDO_ASKPASS = let
|
||||||
in
|
print-pw = pkgs.writeShellScriptBin "print-pw"
|
||||||
"${print-pw}/bin/print-pw";
|
"pass show eu/m-0/${config.m-0.hostName}/user/${config.home.username}";
|
||||||
|
in "${print-pw}/bin/print-pw";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
fonts.fontconfig.enableProfileFonts = true;
|
||||||
fonts.fontconfig.enableProfileFonts = true;
|
|
||||||
|
|
||||||
systemd.user.startServices = true;
|
systemd.user.startServices = true;
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
gpg-agent = {
|
gpg-agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
defaultCacheTtl = 31536000; # 1year
|
defaultCacheTtl = 31536000; # 1year
|
||||||
maxCacheTtl = 31536000; #1year
|
maxCacheTtl = 31536000; # 1year
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
|
xdg.enable = true;
|
||||||
xdg.enable = true;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,16 +1,9 @@
|
||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
let
|
let inherit (import ../../common/pkgs.nix) desktop-pkgs;
|
||||||
inherit (import ../../common/pkgs.nix) desktop-pkgs;
|
in {
|
||||||
in
|
|
||||||
{
|
|
||||||
|
|
||||||
imports = [
|
imports =
|
||||||
./i3.nix
|
[ ./i3.nix ./rofi.nix ./ssh-agent.nix ./eventd.nix ./sleep-nag.nix ];
|
||||||
./rofi.nix
|
|
||||||
./ssh-agent.nix
|
|
||||||
./eventd.nix
|
|
||||||
./sleep-nag.nix
|
|
||||||
];
|
|
||||||
m-0 = {
|
m-0 = {
|
||||||
workspaces = [
|
workspaces = [
|
||||||
"tasks"
|
"tasks"
|
||||||
|
@ -81,7 +74,7 @@ imports = [
|
||||||
color6 = config.m-0.colors.cyan;
|
color6 = config.m-0.colors.cyan;
|
||||||
color7 = config.m-0.colors.white;
|
color7 = config.m-0.colors.white;
|
||||||
color8 = config.m-0.colors.brightBlack;
|
color8 = config.m-0.colors.brightBlack;
|
||||||
color9= config.m-0.colors.brightRed;
|
color9 = config.m-0.colors.brightRed;
|
||||||
color10 = config.m-0.colors.brightGreen;
|
color10 = config.m-0.colors.brightGreen;
|
||||||
color11 = config.m-0.colors.brightYellow;
|
color11 = config.m-0.colors.brightYellow;
|
||||||
color12 = config.m-0.colors.brightBlue;
|
color12 = config.m-0.colors.brightBlue;
|
||||||
|
@ -116,7 +109,8 @@ imports = [
|
||||||
};
|
};
|
||||||
screen-locker = {
|
screen-locker = {
|
||||||
enable = true;
|
enable = true;
|
||||||
lockCmd = "${pkgs.i3lock}/bin/i3lock -n -f -i ~/data/aktuell/media/bilder/lockscreen.png";
|
lockCmd =
|
||||||
|
"${pkgs.i3lock}/bin/i3lock -n -f -i ~/data/aktuell/media/bilder/lockscreen.png";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
xsession.enable = true;
|
xsession.enable = true;
|
||||||
|
|
|
@ -13,22 +13,18 @@ in {
|
||||||
After = [ "graphical-session-pre.target" ];
|
After = [ "graphical-session-pre.target" ];
|
||||||
PartOf = [ "graphical-session.target" ];
|
PartOf = [ "graphical-session.target" ];
|
||||||
};
|
};
|
||||||
Install = {
|
Install = { WantedBy = [ "default.target" ]; };
|
||||||
WantedBy = [ "default.target" ];
|
|
||||||
};
|
|
||||||
Service = {
|
Service = {
|
||||||
Type="notify";
|
Type = "notify";
|
||||||
Sockets="eventd-control.socket eventd.socket";
|
Sockets = "eventd-control.socket eventd.socket";
|
||||||
ExecStart="${eventd}/bin/eventd --listen systemd";
|
ExecStart = "${eventd}/bin/eventd --listen systemd";
|
||||||
ExecReload="${eventd}/bin/eventdctl reload";
|
ExecReload = "${eventd}/bin/eventdctl reload";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
sockets = {
|
sockets = {
|
||||||
eventd-control = {
|
eventd-control = {
|
||||||
Unit = {
|
Unit = { Description = "eventd control socket"; };
|
||||||
Description = "eventd control socket";
|
|
||||||
};
|
|
||||||
Socket = {
|
Socket = {
|
||||||
Service = "eventd.service";
|
Service = "eventd.service";
|
||||||
SocketMode = "0600";
|
SocketMode = "0600";
|
||||||
|
@ -36,19 +32,17 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
eventd = {
|
eventd = {
|
||||||
Unit = {
|
Unit = { Description = "eventd sockets"; };
|
||||||
Description = "eventd sockets";
|
|
||||||
};
|
|
||||||
Socket = {
|
Socket = {
|
||||||
SocketMode = "0660";
|
SocketMode = "0660";
|
||||||
ListenStream= "%t/eventd/evp";
|
ListenStream = "%t/eventd/evp";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
xdg = {
|
xdg = {
|
||||||
configFile = {
|
configFile = {
|
||||||
"eventd/eventd.conf".text = lib.generators.toINI {} {
|
"eventd/eventd.conf".text = lib.generators.toINI { } {
|
||||||
"Queue default" = {
|
"Queue default" = {
|
||||||
Margin = 10;
|
Margin = 10;
|
||||||
Spacing = 2;
|
Spacing = 2;
|
||||||
|
@ -72,9 +66,7 @@ in {
|
||||||
Spacing = 1;
|
Spacing = 1;
|
||||||
Limit = 20;
|
Limit = 20;
|
||||||
};
|
};
|
||||||
Notification = {
|
Notification = { Text = "\${message}"; };
|
||||||
Text = "\${message}";
|
|
||||||
};
|
|
||||||
NotificationBubble = {
|
NotificationBubble = {
|
||||||
Padding = 10;
|
Padding = 10;
|
||||||
Radius = 0;
|
Radius = 0;
|
||||||
|
@ -88,77 +80,49 @@ in {
|
||||||
Colour = colors.foreground;
|
Colour = colors.foreground;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"eventd/notification.event".text = lib.generators.toINI {} {
|
"eventd/notification.event".text = lib.generators.toINI { } {
|
||||||
"Event notification *" = {
|
"Event notification *" = { Actions = "notification"; };
|
||||||
Actions = "notification";
|
"Event notification kassandra" = { Actions = "kassandra"; };
|
||||||
};
|
"Event command success" = { Actions = "command-success"; };
|
||||||
"Event notification kassandra" = {
|
"Event command failure" = { Actions = "command-failure"; };
|
||||||
Actions = "kassandra";
|
"Event critical *" = { Actions = "critical"; };
|
||||||
};
|
|
||||||
"Event command success" = {
|
|
||||||
Actions = "command-success";
|
|
||||||
};
|
|
||||||
"Event command failure" = {
|
|
||||||
Actions = "command-failure";
|
|
||||||
};
|
|
||||||
"Event critical *" = {
|
|
||||||
Actions = "critical";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
"eventd/command-success.action".text = lib.generators.toINI {} {
|
"eventd/command-success.action".text = lib.generators.toINI { } {
|
||||||
Action = {
|
Action = { Name = "command-success"; };
|
||||||
Name = "command-success";
|
|
||||||
};
|
|
||||||
Notification = {
|
Notification = {
|
||||||
Text="<b>\${command}</b>\\nsucceeded after \${time} @ \${host}";
|
Text = "<b>\${command}</b>\\nsucceeded after \${time} @ \${host}";
|
||||||
};
|
};
|
||||||
NotificationBubble = {
|
NotificationBubble = {
|
||||||
Colour = colors.black;
|
Colour = colors.black;
|
||||||
Queue = "command";
|
Queue = "command";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"eventd/command-failure.action".text = lib.generators.toINI {} {
|
"eventd/command-failure.action".text = lib.generators.toINI { } {
|
||||||
Action = {
|
Action = { Name = "command-failure"; };
|
||||||
Name = "command-failure";
|
|
||||||
};
|
|
||||||
Notification = {
|
Notification = {
|
||||||
Text="<b>\${command}</b>\\nfailed after \${time} @ \${host}";
|
Text = "<b>\${command}</b>\\nfailed after \${time} @ \${host}";
|
||||||
};
|
};
|
||||||
NotificationBubble = {
|
NotificationBubble = {
|
||||||
Queue = "critical";
|
Queue = "critical";
|
||||||
Colour = colors.red;
|
Colour = colors.red;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"eventd/critical.action".text = lib.generators.toINI {} {
|
"eventd/critical.action".text = lib.generators.toINI { } {
|
||||||
Action = {
|
Action = { Name = "critical"; };
|
||||||
Name = "critical";
|
Notification = { Text = "<b>\${title}</b>\${message/^/\\n}"; };
|
||||||
};
|
|
||||||
Notification = {
|
|
||||||
Text = "<b>\${title}</b>\${message/^/\\n}";
|
|
||||||
};
|
|
||||||
NotificationBubble = {
|
NotificationBubble = {
|
||||||
Queue = "critical";
|
Queue = "critical";
|
||||||
Colour = colors.red;
|
Colour = colors.red;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"eventd/kassandra.action".text = lib.generators.toINI {} {
|
"eventd/kassandra.action".text = lib.generators.toINI { } {
|
||||||
Action = {
|
Action = { Name = "kassandra"; };
|
||||||
Name = "kassandra";
|
Notification = { Text = "<b>\${title}</b>\${message/^/\\n}"; };
|
||||||
};
|
NotificationBubble = { Queue = "critical"; };
|
||||||
Notification = {
|
|
||||||
Text = "<b>\${title}</b>\${message/^/\\n}";
|
|
||||||
};
|
|
||||||
NotificationBubble = {
|
|
||||||
Queue = "critical";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
"eventd/notification.action".text = lib.generators.toINI {} {
|
"eventd/notification.action".text = lib.generators.toINI { } {
|
||||||
Action = {
|
Action = { Name = "notification"; };
|
||||||
Name = "notification";
|
Notification = { Text = "<b>\${title}</b>\${message/^/\\n}"; };
|
||||||
};
|
|
||||||
Notification = {
|
|
||||||
Text = "<b>\${title}</b>\${message/^/\\n}";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -4,33 +4,33 @@ let
|
||||||
inherit (config.m-0) colors workspaces terminal;
|
inherit (config.m-0) colors workspaces terminal;
|
||||||
exec = "exec --no-startup-id";
|
exec = "exec --no-startup-id";
|
||||||
conkyCommon = ''
|
conkyCommon = ''
|
||||||
background = true,
|
background = true,
|
||||||
border_width = 0,
|
border_width = 0,
|
||||||
cpu_avg_samples = 2,
|
cpu_avg_samples = 2,
|
||||||
draw_borders = false,
|
draw_borders = false,
|
||||||
draw_graph_borders = true,
|
draw_graph_borders = true,
|
||||||
draw_outline = false,
|
draw_outline = false,
|
||||||
draw_shades = false,
|
draw_shades = false,
|
||||||
double_buffer = true,
|
double_buffer = true,
|
||||||
use_xft = true,
|
use_xft = true,
|
||||||
font = 'Roboto Mono Nerd Font:size=8',
|
font = 'Roboto Mono Nerd Font:size=8',
|
||||||
gap_x = 0,
|
gap_x = 0,
|
||||||
gap_y = 0,
|
gap_y = 0,
|
||||||
minimum_width = 316,
|
minimum_width = 316,
|
||||||
maximum_width = 316,
|
maximum_width = 316,
|
||||||
net_avg_samples = 2,
|
net_avg_samples = 2,
|
||||||
no_buffers = true,
|
no_buffers = true,
|
||||||
out_to_console = false,
|
out_to_console = false,
|
||||||
out_to_stderr = false,
|
out_to_stderr = false,
|
||||||
extra_newline = false,
|
extra_newline = false,
|
||||||
own_window = true,
|
own_window = true,
|
||||||
own_window_class = 'Conky',
|
own_window_class = 'Conky',
|
||||||
own_window_type = 'override',
|
own_window_type = 'override',
|
||||||
own_window_colour = "${config.m-0.colors.background}",
|
own_window_colour = "${config.m-0.colors.background}",
|
||||||
own_window_hints = 'undecorated,below,skip_taskbar,skip_pager,sticky',
|
own_window_hints = 'undecorated,below,skip_taskbar,skip_pager,sticky',
|
||||||
stippled_borders = 0,
|
stippled_borders = 0,
|
||||||
update_interval = 1.0,
|
update_interval = 1.0,
|
||||||
'';
|
'';
|
||||||
conkyOrgaConfig = pkgs.writeText "conky.conf" ''
|
conkyOrgaConfig = pkgs.writeText "conky.conf" ''
|
||||||
conky.config = {
|
conky.config = {
|
||||||
alignment = 'top_right',
|
alignment = 'top_right',
|
||||||
|
@ -47,7 +47,7 @@ let
|
||||||
$hr
|
$hr
|
||||||
''${execi 5 cat ~/tmp/today.md}
|
''${execi 5 cat ~/tmp/today.md}
|
||||||
]]
|
]]
|
||||||
'';
|
'';
|
||||||
conkyMPDConfig = pkgs.writeText "conky.conf" ''
|
conkyMPDConfig = pkgs.writeText "conky.conf" ''
|
||||||
conky.config = {
|
conky.config = {
|
||||||
alignment = 'bottom_right',
|
alignment = 'bottom_right',
|
||||||
|
@ -63,22 +63,21 @@ let
|
||||||
$mpd_elapsed/$mpd_length ($mpd_percent%) $mpd_bar
|
$mpd_elapsed/$mpd_length ($mpd_percent%) $mpd_bar
|
||||||
]]
|
]]
|
||||||
|
|
||||||
'';
|
'';
|
||||||
addMods = oldbindings: builtins.foldl' (newbindings: key:
|
addMods = oldbindings:
|
||||||
|
builtins.foldl' (newbindings: key:
|
||||||
newbindings // {
|
newbindings // {
|
||||||
"Mod4+${key}" = oldbindings.${key};
|
"Mod4+${key}" = oldbindings.${key};
|
||||||
"Mod3+Mod4+${key}" = oldbindings.${key};
|
"Mod3+Mod4+${key}" = oldbindings.${key};
|
||||||
})
|
}) { } (builtins.attrNames oldbindings);
|
||||||
{}
|
|
||||||
(builtins.attrNames oldbindings);
|
|
||||||
in {
|
in {
|
||||||
|
|
||||||
xsession = {
|
xsession = {
|
||||||
windowManager.i3 = {
|
windowManager.i3 = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
gaps right 320
|
gaps right 320
|
||||||
'';
|
'';
|
||||||
package = pkgs.i3-gaps.overrideAttrs (oldattrs: rec {
|
package = pkgs.i3-gaps.overrideAttrs (oldattrs: rec {
|
||||||
name = "i3-gaps-next";
|
name = "i3-gaps-next";
|
||||||
version = "41264e54b7a3039ce46919851ac73e22ae29d207";
|
version = "41264e54b7a3039ce46919851ac73e22ae29d207";
|
||||||
|
@ -87,13 +86,19 @@ in {
|
||||||
sha256 = "10d80p8bsldx4pld76y8my1zyww03shkcg3fndsxkrkwhfpk0lbh";
|
sha256 = "10d80p8bsldx4pld76y8my1zyww03shkcg3fndsxkrkwhfpk0lbh";
|
||||||
};
|
};
|
||||||
postUnpack = ''
|
postUnpack = ''
|
||||||
echo -n "4.16.1" > ./i3-${version}/I3_VERSION
|
echo -n "4.16.1" > ./i3-${version}/I3_VERSION
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
config = {
|
config = {
|
||||||
startup = [
|
startup = [
|
||||||
{ command = "${pkgs.conky}/bin/conky -c ${conkyOrgaConfig}"; notification = false; }
|
{
|
||||||
{ command = "${pkgs.conky}/bin/conky -c ${conkyMPDConfig}"; notification = false; }
|
command = "${pkgs.conky}/bin/conky -c ${conkyOrgaConfig}";
|
||||||
|
notification = false;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
command = "${pkgs.conky}/bin/conky -c ${conkyMPDConfig}";
|
||||||
|
notification = false;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
focus = {
|
focus = {
|
||||||
followMouse = false;
|
followMouse = false;
|
||||||
|
@ -130,8 +135,7 @@ in {
|
||||||
text = colors.foreground;
|
text = colors.foreground;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
bars = [
|
bars = [{
|
||||||
{
|
|
||||||
mode = "hide";
|
mode = "hide";
|
||||||
colors = {
|
colors = {
|
||||||
separator = colors.white;
|
separator = colors.white;
|
||||||
|
@ -157,54 +161,60 @@ in {
|
||||||
text = colors.white;
|
text = colors.white;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
} ];
|
}];
|
||||||
window = {
|
window = {
|
||||||
titlebar = false;
|
titlebar = false;
|
||||||
border = 1;
|
border = 1;
|
||||||
commands = [ { command = "floating disable"; criteria = { class = "Firefox";};} ];
|
commands = [{
|
||||||
|
command = "floating disable";
|
||||||
|
criteria = { class = "Firefox"; };
|
||||||
|
}];
|
||||||
};
|
};
|
||||||
keybindings = {
|
keybindings = {
|
||||||
"XF86AudioMute" = "exec pactl set-sink-mute '@DEFAULT_SINK@' toggle";
|
"XF86AudioMute" = "exec pactl set-sink-mute '@DEFAULT_SINK@' toggle";
|
||||||
"XF86AudioLowerVolume" = "exec pactl set-sink-volume '@DEFAULT_SINK@' -5%";
|
"XF86AudioLowerVolume" =
|
||||||
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume '@DEFAULT_SINK@' +5%";
|
"exec pactl set-sink-volume '@DEFAULT_SINK@' -5%";
|
||||||
"XF86AudioMicMute" = "exec pactl set-source-mute '@DEFAULT_SOURCE@' toggle";
|
"XF86AudioRaiseVolume" =
|
||||||
"XF86MonBrightnessUp" = "exec xbacklight +5";
|
"exec pactl set-sink-volume '@DEFAULT_SINK@' +5%";
|
||||||
"XF86MonBrightnessDown" = "exec xbacklight -5";
|
"XF86AudioMicMute" =
|
||||||
"XF86Display" = "${exec} ${pkgs.arandr}/bin/arandr";
|
"exec pactl set-source-mute '@DEFAULT_SOURCE@' toggle";
|
||||||
"Ctrl+Escape" = "${exec} loginctl lock-session;";
|
"XF86MonBrightnessUp" = "exec xbacklight +5";
|
||||||
} //
|
"XF86MonBrightnessDown" = "exec xbacklight -5";
|
||||||
addMods ({
|
"XF86Display" = "${exec} ${pkgs.arandr}/bin/arandr";
|
||||||
"Left" = "focus left";
|
"Ctrl+Escape" = "${exec} loginctl lock-session;";
|
||||||
"Down" = "focus down";
|
} // addMods ({
|
||||||
"Up" = "focus up";
|
"Left" = "focus left";
|
||||||
"Right" = "focus right";
|
"Down" = "focus down";
|
||||||
"Tab" = "${exec} ${pkgs.skippy-xd}/bin/skippy-xd";
|
"Up" = "focus up";
|
||||||
"Prior" = "focus parent";
|
"Right" = "focus right";
|
||||||
"Next" = "focus child";
|
"Tab" = "${exec} ${pkgs.skippy-xd}/bin/skippy-xd";
|
||||||
"Return" = "${exec} ${terminal}";
|
"Prior" = "focus parent";
|
||||||
"p" = "${exec} rofi-pass";
|
"Next" = "focus child";
|
||||||
"shift+Left" = "move left";
|
"Return" = "${exec} ${terminal}";
|
||||||
"shift+Down" = "move down";
|
"p" = "${exec} rofi-pass";
|
||||||
"shift+Up" = "move up";
|
"shift+Left" = "move left";
|
||||||
"shift+Right" = "move right";
|
"shift+Down" = "move down";
|
||||||
"d" = "split h";
|
"shift+Up" = "move up";
|
||||||
"f" = "fullscreen toggle";
|
"shift+Right" = "move right";
|
||||||
"t" = "layout tabbed";
|
"d" = "split h";
|
||||||
"s" = "layout toggle split";
|
"f" = "fullscreen toggle";
|
||||||
"q" = "kill";
|
"t" = "layout tabbed";
|
||||||
"m" = "move workspace to output up";
|
"s" = "layout toggle split";
|
||||||
"n" = "move workspace to output right";
|
"q" = "kill";
|
||||||
"shift+space" = "floating toggle";
|
"m" = "move workspace to output up";
|
||||||
"shift+q" = "${exec} ${pkgs.i3}/bin/i3-nagbar -t warning -m 'do you want to exit i3?' -b 'yes' 'i3-msg exit'";
|
"n" = "move workspace to output right";
|
||||||
"space" = "${exec} hotkeys";
|
"shift+space" = "floating toggle";
|
||||||
} // builtins.foldl' (bindings: name: let
|
"shift+q" =
|
||||||
number = toString ((builtins.length (builtins.attrNames bindings)) / 2);
|
"${exec} ${pkgs.i3}/bin/i3-nagbar -t warning -m 'do you want to exit i3?' -b 'yes' 'i3-msg exit'";
|
||||||
in
|
"space" = "${exec} hotkeys";
|
||||||
bindings // {
|
} // builtins.foldl' (bindings: name:
|
||||||
"${number}" = "workspace ${number}:${name}";
|
let
|
||||||
"Shift+${number}" = "move container to workspace ${number}:${name}";
|
number =
|
||||||
}) {} workspaces
|
toString ((builtins.length (builtins.attrNames bindings)) / 2);
|
||||||
);
|
in bindings // {
|
||||||
|
"${number}" = "workspace ${number}:${name}";
|
||||||
|
"Shift+${number}" = "move container to workspace ${number}:${name}";
|
||||||
|
}) { } workspaces);
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,21 +1,16 @@
|
||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let inherit (config.m-0) colors workspaces terminal;
|
||||||
inherit (config.m-0) colors workspaces terminal;
|
|
||||||
in {
|
in {
|
||||||
|
|
||||||
home = {
|
home = { packages = with pkgs; [ rofi-pass ]; };
|
||||||
packages = with pkgs; [
|
|
||||||
rofi-pass
|
|
||||||
];
|
|
||||||
};
|
|
||||||
programs = {
|
programs = {
|
||||||
rofi = {
|
rofi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
rofi.modi: combi,window,drun,run,ssh,keys
|
rofi.modi: combi,window,drun,run,ssh,keys
|
||||||
rofi.combi-modi: window,drun,run
|
rofi.combi-modi: window,drun,run
|
||||||
'';
|
'';
|
||||||
borderWidth = 0;
|
borderWidth = 0;
|
||||||
separator = "none";
|
separator = "none";
|
||||||
fullscreen = false;
|
fullscreen = false;
|
||||||
|
@ -29,38 +24,38 @@ in {
|
||||||
font = "Monofur Nerd Font 10.5";
|
font = "Monofur Nerd Font 10.5";
|
||||||
colors = {
|
colors = {
|
||||||
window = {
|
window = {
|
||||||
background = "argb:c0${builtins.substring 1 6 colors.background}";
|
background = "argb:c0${builtins.substring 1 6 colors.background}";
|
||||||
border = colors.blue;
|
border = colors.blue;
|
||||||
separator = colors.blue;
|
separator = colors.blue;
|
||||||
};
|
};
|
||||||
rows = {
|
rows = {
|
||||||
normal = {
|
normal = {
|
||||||
background = colors.background;
|
background = colors.background;
|
||||||
foreground = colors.foreground;
|
foreground = colors.foreground;
|
||||||
backgroundAlt = colors.black;
|
backgroundAlt = colors.black;
|
||||||
highlight = {
|
highlight = {
|
||||||
background = colors.blue;
|
background = colors.blue;
|
||||||
foreground = colors.white;
|
foreground = colors.white;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
active = {
|
active = {
|
||||||
background = colors.background;
|
background = colors.background;
|
||||||
foreground = colors.foreground;
|
foreground = colors.foreground;
|
||||||
backgroundAlt = colors.black;
|
backgroundAlt = colors.black;
|
||||||
highlight = {
|
highlight = {
|
||||||
background = colors.blue;
|
background = colors.blue;
|
||||||
foreground = colors.white;
|
foreground = colors.white;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
urgent = {
|
urgent = {
|
||||||
background = colors.background;
|
background = colors.background;
|
||||||
foreground = colors.foreground;
|
foreground = colors.foreground;
|
||||||
backgroundAlt = colors.black;
|
backgroundAlt = colors.black;
|
||||||
highlight = {
|
highlight = {
|
||||||
background = colors.blue;
|
background = colors.blue;
|
||||||
foreground = colors.white;
|
foreground = colors.white;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,29 +2,23 @@
|
||||||
let
|
let
|
||||||
inherit (import ../../common/pkgs.nix) eventd;
|
inherit (import ../../common/pkgs.nix) eventd;
|
||||||
sleep-nag = pkgs.writeScript "sleep-nag" ''
|
sleep-nag = pkgs.writeScript "sleep-nag" ''
|
||||||
#!${pkgs.stdenv.shell}
|
#!${pkgs.stdenv.shell}
|
||||||
|
|
||||||
while true
|
while true
|
||||||
do
|
do
|
||||||
if [[ `date +%H` -ge 23 ]] || [[ `date +%H` -lt 6 ]]; then
|
if [[ `date +%H` -ge 23 ]] || [[ `date +%H` -lt 6 ]]; then
|
||||||
${eventd}/bin/eventc notification kassandra -d "title='Es ist $(date +%H:%M) Uhr: Zeit ins Bett zu gehen!'" -d "message='Du kannst das hier auch morgen tun!'"
|
${eventd}/bin/eventc notification kassandra -d "title='Es ist $(date +%H:%M) Uhr: Zeit ins Bett zu gehen!'" -d "message='Du kannst das hier auch morgen tun!'"
|
||||||
fi
|
fi
|
||||||
sleep 10m
|
sleep 10m
|
||||||
done
|
done
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
|
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.sleep-nag = {
|
services.sleep-nag = {
|
||||||
Unit = {
|
Unit = { Description = "Sleep nag"; };
|
||||||
Description = "Sleep nag";
|
Service = { ExecStart = toString sleep-nag; };
|
||||||
};
|
Install = { WantedBy = [ "graphical-session.target" ]; };
|
||||||
Service = {
|
|
||||||
ExecStart=toString sleep-nag;
|
|
||||||
};
|
|
||||||
Install = {
|
|
||||||
WantedBy = [ "graphical-session.target" ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ pkgs , config , lib, ... }:
|
{ pkgs, config, lib, ... }: {
|
||||||
{
|
|
||||||
|
|
||||||
xsession.initExtra = let
|
xsession.initExtra = let
|
||||||
cat-pw = pkgs.writeShellScriptBin "cat-ssh-pw" ''
|
cat-pw = pkgs.writeShellScriptBin "cat-ssh-pw" ''
|
||||||
|
@ -12,7 +11,6 @@
|
||||||
systemctl --user set-environment SSH_AGENT_PID="$SSH_AGENT_PID"
|
systemctl --user set-environment SSH_AGENT_PID="$SSH_AGENT_PID"
|
||||||
SSH_ASKPASS=${cat-pw}/bin/cat-ssh-pw ${pkgs.openssh}/bin/ssh-add & < /dev/null
|
SSH_ASKPASS=${cat-pw}/bin/cat-ssh-pw ${pkgs.openssh}/bin/ssh-add & < /dev/null
|
||||||
'';
|
'';
|
||||||
in
|
in ". ${start-agent}/bin/start-ssh-agent";
|
||||||
". ${start-agent}/bin/start-ssh-agent";
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,25 +1,21 @@
|
||||||
let
|
let
|
||||||
inherit (import ../common/lib.nix) home-manager writeHaskellScript get-niv-path;
|
inherit (import ../common/lib.nix)
|
||||||
in
|
home-manager writeHaskellScript get-niv-path;
|
||||||
{
|
in {
|
||||||
update-home = configPath: writeHaskellScript
|
update-home = configPath:
|
||||||
{
|
writeHaskellScript {
|
||||||
name = "update-home";
|
name = "update-home";
|
||||||
bins = [
|
bins = [ get-niv-path home-manager ];
|
||||||
get-niv-path
|
} ''
|
||||||
home-manager
|
|
||||||
];
|
|
||||||
}
|
|
||||||
''
|
|
||||||
|
|
||||||
getNivPath = get_niv_path "${configPath}/nix/sources.nix"
|
getNivPath = get_niv_path "${configPath}/nix/sources.nix"
|
||||||
|
|
||||||
getNivAssign name = (tag <$>) . readTrim . getNivPath $ name
|
getNivAssign name = (tag <$>) . readTrim . getNivPath $ name
|
||||||
where tag str = ["-I", [i|#{name}=#{str :: LBS.ByteString}|]]
|
where tag str = ["-I", [i|#{name}=#{str :: LBS.ByteString}|]]
|
||||||
|
|
||||||
main = do
|
main = do
|
||||||
args <- getArgs
|
args <- getArgs
|
||||||
paths <- concat <$> mapM getNivAssign ["home-manager", "nixpkgs", "unstable"]
|
paths <- concat <$> mapM getNivAssign ["home-manager", "nixpkgs", "unstable"]
|
||||||
home_manager $ paths ++ ["switch"] ++ args
|
home_manager $ paths ++ ["switch"] ++ args
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +1,13 @@
|
||||||
{ lib, pkgs, config, ...}:
|
{ lib, pkgs, config, ... }:
|
||||||
with lib;
|
with lib; {
|
||||||
{
|
|
||||||
|
|
||||||
options.m-0.accounting.enable = mkEnableOption "Accounting";
|
options.m-0.accounting.enable = mkEnableOption "Accounting";
|
||||||
options.m-0.accounting.config = mkOption {
|
options.m-0.accounting.config = mkOption { type = types.str; };
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf config.m-0.accounting.enable {
|
config = mkIf config.m-0.accounting.enable {
|
||||||
home.file.".config/jali/config.py".text = config.m-0.accounting.config;
|
home.file.".config/jali/config.py".text = config.m-0.accounting.config;
|
||||||
home.packages = builtins.attrValues (import ../../../common/pkgs.nix).accounting-pkgs;
|
home.packages =
|
||||||
};
|
builtins.attrValues (import ../../../common/pkgs.nix).accounting-pkgs;
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,61 +1,56 @@
|
||||||
{ config, lib, pkgs , ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let inherit (config.m-0.private) me gitlab github otrs;
|
||||||
inherit (config.m-0.private) me gitlab github otrs;
|
|
||||||
in {
|
in {
|
||||||
options.m-0.bugwarrior.enable = mkEnableOption "Sync tasks from issuetrackers";
|
options.m-0.bugwarrior.enable =
|
||||||
config = mkIf config.m-0.bugwarrior.enable {
|
mkEnableOption "Sync tasks from issuetrackers";
|
||||||
home.file.".config/bugwarrior/bugwarriorrc".text = ''
|
config = mkIf config.m-0.bugwarrior.enable {
|
||||||
[general]
|
home.file.".config/bugwarrior/bugwarriorrc".text = ''
|
||||||
targets=cda_gitlab,github
|
[general]
|
||||||
static_fields = priority, project
|
targets=cda_gitlab,github
|
||||||
|
static_fields = priority, project
|
||||||
|
|
||||||
[cda_gitlab]
|
[cda_gitlab]
|
||||||
service=gitlab
|
service=gitlab
|
||||||
gitlab.password=@oracle:eval:pass de/darmstadt/ccc/ldap
|
gitlab.password=@oracle:eval:pass de/darmstadt/ccc/ldap
|
||||||
gitlab.login=${me.user}
|
gitlab.login=${me.user}
|
||||||
gitlab.host=${gitlab.host}
|
gitlab.host=${gitlab.host}
|
||||||
gitlab.token=${gitlab.token}
|
gitlab.token=${gitlab.token}
|
||||||
gitlab.only_if_assigned=${me.user}
|
gitlab.only_if_assigned=${me.user}
|
||||||
gitlab.also_unassigned=True
|
gitlab.also_unassigned=True
|
||||||
gitlab.default_priority= L
|
gitlab.default_priority= L
|
||||||
gitlab.include_repos=cda/tasks, cda/chaos-darmstadt.de, cda/doku
|
gitlab.include_repos=cda/tasks, cda/chaos-darmstadt.de, cda/doku
|
||||||
gitlab.include_regex=(vorstand|jali|${me.user})/.*,
|
gitlab.include_regex=(vorstand|jali|${me.user})/.*,
|
||||||
gitlab.description_template = {{gitlabnamespace}}/{{gitlabrepo}} {{gitlabtype[:1]}}#{{gitlabnumber}}: {{gitlabtitle}}
|
gitlab.description_template = {{gitlabnamespace}}/{{gitlabrepo}} {{gitlabtype[:1]}}#{{gitlabnumber}}: {{gitlabtitle}}
|
||||||
gitlab.project_template =
|
gitlab.project_template =
|
||||||
|
|
||||||
[github]
|
[github]
|
||||||
service=github
|
service=github
|
||||||
github.login = ${me.user}
|
github.login = ${me.user}
|
||||||
github.username = ${me.user}
|
github.username = ${me.user}
|
||||||
github.token = ${github.token}
|
github.token = ${github.token}
|
||||||
github.description_template = {{githubrepo}} {{githubtype[:1]}}#{{githubnumber}}: {{githubtitle}}
|
github.description_template = {{githubrepo}} {{githubtype[:1]}}#{{githubnumber}}: {{githubtitle}}
|
||||||
github.include_user_issues = False
|
github.include_user_issues = False
|
||||||
github.include_user_repos = False
|
github.include_user_repos = False
|
||||||
github.query = is:open involves:maralorn archived:false -repo:maxtaco/coffee-script -repo:QMatrixClient/libqmatrixclient -repo:QMatrixClient/Quaternion -repo:trollhoehle/pythonlights -repo:MirakelX/mirakel-android
|
github.query = is:open involves:maralorn archived:false -repo:maxtaco/coffee-script -repo:QMatrixClient/libqmatrixclient -repo:QMatrixClient/Quaternion -repo:trollhoehle/pythonlights -repo:MirakelX/mirakel-android
|
||||||
github.default_priority= L
|
github.default_priority= L
|
||||||
github.project_template =
|
github.project_template =
|
||||||
'';
|
'';
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.bugwarrior = {
|
services.bugwarrior = {
|
||||||
Unit = {
|
Unit = { Description = "Run bugwarrior"; };
|
||||||
Description = "Run bugwarrior";
|
Service = {
|
||||||
|
Type = "oneshot";
|
||||||
|
Environment =
|
||||||
|
"PATH=${pkgs.taskwarrior}/bin:${pkgs.eventd}/bin:${pkgs.gnugrep}/bin";
|
||||||
|
ExecStart = "${pkgs.bugwarrior}/bin/bugwarrior-pull";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
Service = {
|
timers.bugwarrior = {
|
||||||
Type = "oneshot";
|
Timer = { OnCalendar = "hourly"; };
|
||||||
Environment=''PATH=${pkgs.taskwarrior}/bin:${pkgs.eventd}/bin:${pkgs.gnugrep}/bin'';
|
Install = { WantedBy = [ "timers.target" ]; };
|
||||||
ExecStart= "${pkgs.bugwarrior}/bin/bugwarrior-pull";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
timers.bugwarrior = {
|
|
||||||
Timer = {
|
|
||||||
OnCalendar = "hourly";
|
|
||||||
};
|
|
||||||
Install = {
|
|
||||||
WantedBy = [ "timers.target" ];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,16 +20,16 @@ let
|
||||||
echo "Overwriting $HOME/${path}"
|
echo "Overwriting $HOME/${path}"
|
||||||
cp --remove-destination -T $canonical $HOME/${path};
|
cp --remove-destination -T $canonical $HOME/${path};
|
||||||
'';
|
'';
|
||||||
in with lib;
|
in with lib; {
|
||||||
{
|
|
||||||
options.home.forceCopies.paths = mkOption {
|
options.home.forceCopies.paths = mkOption {
|
||||||
default = [];
|
default = [ ];
|
||||||
type = types.listOf types.str;
|
type = types.listOf types.str;
|
||||||
};
|
};
|
||||||
config.home.activation = {
|
config.home.activation = {
|
||||||
deleteForcedCopies = config.lib.dag.entryBefore ["checkLinkTargets"]
|
deleteForcedCopies = config.lib.dag.entryBefore [ "checkLinkTargets" ]
|
||||||
(builtins.concatStringsSep "\n" (builtins.map disableCollisionCheck paths));
|
(builtins.concatStringsSep "\n"
|
||||||
forceCopies = config.lib.dag.entryAfter ["linkGeneration"]
|
(builtins.map disableCollisionCheck paths));
|
||||||
|
forceCopies = config.lib.dag.entryAfter [ "linkGeneration" ]
|
||||||
(builtins.concatStringsSep "\n" (builtins.map copyPath paths));
|
(builtins.concatStringsSep "\n" (builtins.map copyPath paths));
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,25 +1,22 @@
|
||||||
{ lib, config, pkgs, ... }:
|
{ lib, config, pkgs, ... }:
|
||||||
with lib;
|
with lib; {
|
||||||
{
|
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
m-0 = {
|
m-0 = {
|
||||||
hostName = mkOption {
|
hostName = mkOption { type = types.str; };
|
||||||
type = types.str;
|
terminal = mkOption {
|
||||||
};
|
default = "urxvt";
|
||||||
terminal = mkOption {
|
type = types.str;
|
||||||
default = "urxvt";
|
};
|
||||||
type = types.str;
|
colors = mkOption {
|
||||||
};
|
default = { };
|
||||||
colors = mkOption {
|
type = types.attrs;
|
||||||
default = {};
|
};
|
||||||
type = types.attrs;
|
workspaces = mkOption {
|
||||||
};
|
default = [ "configure some workspaces" ];
|
||||||
workspaces = mkOption {
|
type = types.listOf types.str;
|
||||||
default = [ "configure some workspaces" ];
|
};
|
||||||
type = types.listOf types.str;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,25 +1,20 @@
|
||||||
{ lib, pkgs, config, ... }:
|
{ lib, pkgs, config, ... }:
|
||||||
with lib;
|
with lib; {
|
||||||
{
|
|
||||||
|
|
||||||
options.m-0.latex.enable = mkEnableOption "Latex";
|
options.m-0.latex.enable = mkEnableOption "Latex";
|
||||||
|
|
||||||
config = mkIf config.m-0.latex.enable {
|
config = mkIf config.m-0.latex.enable {
|
||||||
programs = {
|
programs = {
|
||||||
texlive = {
|
texlive = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraPackages = tpkgs: {inherit (tpkgs)
|
extraPackages = tpkgs: {
|
||||||
scheme-small
|
inherit (tpkgs)
|
||||||
pdfjam
|
scheme-small pdfjam latexmk collection-latexextra
|
||||||
latexmk
|
collection-bibtexextra collection-luatex collection-mathscience
|
||||||
collection-latexextra
|
collection-fontsextra;
|
||||||
collection-bibtexextra
|
};
|
||||||
collection-luatex
|
|
||||||
collection-mathscience
|
|
||||||
collection-fontsextra;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, config, pkgs, ...}:
|
{ lib, config, pkgs, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
mail = config.m-0.mail;
|
mail = config.m-0.mail;
|
||||||
|
@ -6,86 +6,80 @@ let
|
||||||
maildir = config.accounts.email.maildirBasePath;
|
maildir = config.accounts.email.maildirBasePath;
|
||||||
in {
|
in {
|
||||||
|
|
||||||
options.m-0.mail.enable = mkEnableOption "private-mail";
|
options.m-0.mail.enable = mkEnableOption "private-mail";
|
||||||
options.m-0.mail.accounts = mkOption {
|
options.m-0.mail.accounts = mkOption { type = types.attrs; };
|
||||||
type = types.attrs;
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf mail.enable {
|
config = mkIf mail.enable {
|
||||||
|
|
||||||
services.mbsync = {
|
services.mbsync = {
|
||||||
enable = true;
|
enable = true;
|
||||||
frequency = "*:0/30";
|
frequency = "*:0/30";
|
||||||
verbose = false;
|
verbose = false;
|
||||||
postExec = "${pkgs.notmuch}/bin/notmuch --config=${config.home.sessionVariables.NOTMUCH_CONFIG} new";
|
postExec =
|
||||||
};
|
"${pkgs.notmuch}/bin/notmuch --config=${config.home.sessionVariables.NOTMUCH_CONFIG} new";
|
||||||
|
|
||||||
accounts.email.accounts = config.m-0.mail.accounts;
|
|
||||||
|
|
||||||
systemd.user.services = let
|
|
||||||
mkService = name: account: let
|
|
||||||
configjs = pkgs.writeText "config.js" ''
|
|
||||||
var child_process = require('child_process');
|
|
||||||
|
|
||||||
function getStdout(cmd) {
|
|
||||||
var stdout = child_process.execSync(cmd);
|
|
||||||
return stdout.toString().trim();
|
|
||||||
}
|
|
||||||
|
|
||||||
exports.host = "${account.imap.host}"
|
|
||||||
exports.port = 993
|
|
||||||
exports.tls = true;
|
|
||||||
exports.tlsOptions = { "rejectUnauthorized": false };
|
|
||||||
exports.username = "${account.userName}";
|
|
||||||
exports.password = getStdout("${toString account.passwordCommand}");
|
|
||||||
exports.onNotify = "${pkgs.isync}/bin/mbsync ${name}"
|
|
||||||
exports.onNotifyPost = "${pkgs.notmuch}/bin/notmuch new"
|
|
||||||
exports.boxes = [ "Inbox" ];
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
{
|
|
||||||
Unit = {
|
|
||||||
Description = "Run imapnotify for imap account ${name}";
|
|
||||||
};
|
|
||||||
Service = {
|
|
||||||
ExecStart= "${pkgs.imapnotify}/bin/imapnotify -c ${configjs}";
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = "1min";
|
|
||||||
};
|
|
||||||
Install = {
|
|
||||||
WantedBy = [ "default.target" ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
mkServiceWithName = name: account: {
|
|
||||||
name = "imapnotify-${name}-inbox";
|
|
||||||
value = mkService name account;
|
|
||||||
};
|
|
||||||
hasImapHost = name: account: account.imap != null;
|
|
||||||
in
|
|
||||||
mapAttrs' mkServiceWithName (filterAttrs hasImapHost config.accounts.email.accounts);
|
|
||||||
|
|
||||||
programs.msmtp.enable = true;
|
accounts.email.accounts = config.m-0.mail.accounts;
|
||||||
programs.mbsync.enable = true;
|
|
||||||
programs.notmuch = {
|
systemd.user.services = let
|
||||||
enable = true;
|
mkService = name: account:
|
||||||
hooks.postInsert = ''
|
let
|
||||||
${pkgs.notmuch}/bin/notmuch tag +deleted -- "folder:/Trash/ (not tag:deleted)"
|
configjs = pkgs.writeText "config.js" ''
|
||||||
${pkgs.notmuch}/bin/notmuch tag -deleted -- "(not folder:/Trash/) tag:deleted"
|
var child_process = require('child_process');
|
||||||
${pkgs.notmuch}/bin/notmuch tag +spam -- "folder:/Junk|Spam|SPAM/ (not tag:spam)"
|
|
||||||
${pkgs.notmuch}/bin/notmuch tag -spam -- "(not folder:/Junk|Spam|SPAM/) tag:spam"
|
function getStdout(cmd) {
|
||||||
'';
|
var stdout = child_process.execSync(cmd);
|
||||||
new = {
|
return stdout.toString().trim();
|
||||||
tags = [];
|
}
|
||||||
ignore = [ ".isyncuidmap.db" ];
|
|
||||||
};
|
exports.host = "${account.imap.host}"
|
||||||
maildir.synchronizeFlags = true;
|
exports.port = 993
|
||||||
};
|
exports.tls = true;
|
||||||
home = {
|
exports.tlsOptions = { "rejectUnauthorized": false };
|
||||||
packages = with pkgs; [
|
exports.username = "${account.userName}";
|
||||||
neomutt
|
exports.password = getStdout("${toString account.passwordCommand}");
|
||||||
];
|
exports.onNotify = "${pkgs.isync}/bin/mbsync ${name}"
|
||||||
file = let
|
exports.onNotifyPost = "${pkgs.notmuch}/bin/notmuch new"
|
||||||
mutt_alternates = "@maralorn.de " + (builtins.concatStringsSep " " me.alternates);
|
exports.boxes = [ "Inbox" ];
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
Unit = { Description = "Run imapnotify for imap account ${name}"; };
|
||||||
|
Service = {
|
||||||
|
ExecStart = "${pkgs.imapnotify}/bin/imapnotify -c ${configjs}";
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "1min";
|
||||||
|
};
|
||||||
|
Install = { WantedBy = [ "default.target" ]; };
|
||||||
|
};
|
||||||
|
mkServiceWithName = name: account: {
|
||||||
|
name = "imapnotify-${name}-inbox";
|
||||||
|
value = mkService name account;
|
||||||
|
};
|
||||||
|
hasImapHost = name: account: account.imap != null;
|
||||||
|
in mapAttrs' mkServiceWithName
|
||||||
|
(filterAttrs hasImapHost config.accounts.email.accounts);
|
||||||
|
|
||||||
|
programs.msmtp.enable = true;
|
||||||
|
programs.mbsync.enable = true;
|
||||||
|
programs.notmuch = {
|
||||||
|
enable = true;
|
||||||
|
hooks.postInsert = ''
|
||||||
|
${pkgs.notmuch}/bin/notmuch tag +deleted -- "folder:/Trash/ (not tag:deleted)"
|
||||||
|
${pkgs.notmuch}/bin/notmuch tag -deleted -- "(not folder:/Trash/) tag:deleted"
|
||||||
|
${pkgs.notmuch}/bin/notmuch tag +spam -- "folder:/Junk|Spam|SPAM/ (not tag:spam)"
|
||||||
|
${pkgs.notmuch}/bin/notmuch tag -spam -- "(not folder:/Junk|Spam|SPAM/) tag:spam"
|
||||||
|
'';
|
||||||
|
new = {
|
||||||
|
tags = [ ];
|
||||||
|
ignore = [ ".isyncuidmap.db" ];
|
||||||
|
};
|
||||||
|
maildir.synchronizeFlags = true;
|
||||||
|
};
|
||||||
|
home = {
|
||||||
|
packages = with pkgs; [ neomutt ];
|
||||||
|
file = let
|
||||||
|
mutt_alternates = "@maralorn.de "
|
||||||
|
+ (builtins.concatStringsSep " " me.alternates);
|
||||||
show-sidebar = pkgs.writeText "show-sidebar" ''
|
show-sidebar = pkgs.writeText "show-sidebar" ''
|
||||||
set sidebar_visible=yes
|
set sidebar_visible=yes
|
||||||
bind index <up> sidebar-prev
|
bind index <up> sidebar-prev
|
||||||
|
@ -95,7 +89,7 @@ programs.notmuch = {
|
||||||
bind index <space> sidebar-open
|
bind index <space> sidebar-open
|
||||||
bind index <return> sidebar-open
|
bind index <return> sidebar-open
|
||||||
bind index <enter> sidebar-open
|
bind index <enter> sidebar-open
|
||||||
'';
|
'';
|
||||||
hide-sidebar = pkgs.writeText "hide-sidebar" ''
|
hide-sidebar = pkgs.writeText "hide-sidebar" ''
|
||||||
set sidebar_visible=no
|
set sidebar_visible=no
|
||||||
bind index <up> previous-undeleted
|
bind index <up> previous-undeleted
|
||||||
|
@ -105,7 +99,7 @@ programs.notmuch = {
|
||||||
bind index <space> display-message
|
bind index <space> display-message
|
||||||
bind index <return> display-message
|
bind index <return> display-message
|
||||||
bind index <enter> display-message
|
bind index <enter> display-message
|
||||||
'';
|
'';
|
||||||
mailcap = pkgs.writeText "mailcap" ''
|
mailcap = pkgs.writeText "mailcap" ''
|
||||||
text/html; ${pkgs.lynx}/bin/lynx -stdin -dump -force_html ; copiousoutput
|
text/html; ${pkgs.lynx}/bin/lynx -stdin -dump -force_html ; copiousoutput
|
||||||
application/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
application/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||||
|
@ -113,76 +107,78 @@ programs.notmuch = {
|
||||||
video/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
video/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||||
audio/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
audio/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
".neomuttrc".text = ''
|
".neomuttrc".text = ''
|
||||||
alternative_order text/plain text/html
|
alternative_order text/plain text/html
|
||||||
auto_view text/*
|
auto_view text/*
|
||||||
auto_view message/*
|
auto_view message/*
|
||||||
unset wait_key
|
unset wait_key
|
||||||
|
|
||||||
set query_format="%4c %t %-70.70a %-70.70n %?e?(%e)?"
|
set query_format="%4c %t %-70.70a %-70.70n %?e?(%e)?"
|
||||||
set query_command = "${pkgs.notmuch}/bin/notmuch address --output=recipients --deduplicate=address '%s' | grep -i '%s'"
|
set query_command = "${pkgs.notmuch}/bin/notmuch address --output=recipients --deduplicate=address '%s' | grep -i '%s'"
|
||||||
bind editor <Tab> complete-query
|
bind editor <Tab> complete-query
|
||||||
bind editor ^T complete
|
bind editor ^T complete
|
||||||
|
|
||||||
set crypt_use_gpgme = yes
|
set crypt_use_gpgme = yes
|
||||||
set pgp_use_gpg_agent = yes
|
set pgp_use_gpg_agent = yes
|
||||||
set pgp_auto_decode = yes
|
set pgp_auto_decode = yes
|
||||||
set pgp_autosign = yes
|
set pgp_autosign = yes
|
||||||
set pgp_replysign = yes
|
set pgp_replysign = yes
|
||||||
set pgp_replyencrypt = yes
|
set pgp_replyencrypt = yes
|
||||||
set crypt_replysignencrypted = yes
|
set crypt_replysignencrypted = yes
|
||||||
set crypt_verify_sig = yes
|
set crypt_verify_sig = yes
|
||||||
set pgp_sign_as="${me.gpg}"
|
set pgp_sign_as="${me.gpg}"
|
||||||
set pgp_use_gpg_agent = yes
|
set pgp_use_gpg_agent = yes
|
||||||
set pgp_default_key="${me.gpg}"
|
set pgp_default_key="${me.gpg}"
|
||||||
set timeout = 5
|
set timeout = 5
|
||||||
|
|
||||||
|
|
||||||
alternates ${mutt_alternates}
|
alternates ${mutt_alternates}
|
||||||
set folder="${maildir}"
|
set folder="${maildir}"
|
||||||
mailboxes `find ${maildir} -type d -name Inbox -printf '"%h" '` `find ${maildir} -type d -name cur -printf '"%h" '`
|
mailboxes `find ${maildir} -type d -name Inbox -printf '"%h" '` `find ${maildir} -type d -name cur -printf '"%h" '`
|
||||||
set sendmail="${pkgs.msmtp}/bin/msmtp --read-envelope-from"
|
set sendmail="${pkgs.msmtp}/bin/msmtp --read-envelope-from"
|
||||||
set sort=threads
|
set sort=threads
|
||||||
set sort_aux=date-sent
|
set sort_aux=date-sent
|
||||||
set realname="${me.name}"
|
set realname="${me.name}"
|
||||||
set from=fill-later
|
set from=fill-later
|
||||||
set use_from=yes
|
set use_from=yes
|
||||||
set fast_reply=yes
|
set fast_reply=yes
|
||||||
set mailcap_path=${mailcap};
|
set mailcap_path=${mailcap};
|
||||||
set include=yes
|
set include=yes
|
||||||
set edit_headers=yes
|
set edit_headers=yes
|
||||||
set mbox_type=Maildir
|
set mbox_type=Maildir
|
||||||
set spoolfile="${maildir}/hera/Inbox"
|
set spoolfile="${maildir}/hera/Inbox"
|
||||||
set record="${maildir}/hera/Archiv/unsortiert"
|
set record="${maildir}/hera/Archiv/unsortiert"
|
||||||
set postponed="${maildir}/hera/Drafts"
|
set postponed="${maildir}/hera/Drafts"
|
||||||
set mail_check_stats=yes
|
set mail_check_stats=yes
|
||||||
bind index / vfolder-from-query
|
bind index / vfolder-from-query
|
||||||
set header_cache = "~/.cache/neomutt"
|
set header_cache = "~/.cache/neomutt"
|
||||||
set date_format="!%y-%m-%d %H:%M"
|
set date_format="!%y-%m-%d %H:%M"
|
||||||
set mime_forward=yes
|
set mime_forward=yes
|
||||||
set mime_forward_rest=yes
|
set mime_forward_rest=yes
|
||||||
|
|
||||||
macro index <F5> "!systemctl --user start mbsync > /dev/null<enter>"
|
macro index <F5> "!systemctl --user start mbsync > /dev/null<enter>"
|
||||||
|
|
||||||
source "${hide-sidebar}"
|
source "${hide-sidebar}"
|
||||||
macro index <right> "<enter-command>source ${hide-sidebar}<enter>"
|
macro index <right> "<enter-command>source ${hide-sidebar}<enter>"
|
||||||
macro index <left> "<enter-command>source ${show-sidebar}<enter>"
|
macro index <left> "<enter-command>source ${show-sidebar}<enter>"
|
||||||
set sidebar_folder_indent=yes
|
set sidebar_folder_indent=yes
|
||||||
set sidebar_short_path=yes
|
set sidebar_short_path=yes
|
||||||
set sidebar_width=40
|
set sidebar_width=40
|
||||||
set sidebar_sort_method="alpha"
|
set sidebar_sort_method="alpha"
|
||||||
set sidebar_indent_string=" "
|
set sidebar_indent_string=" "
|
||||||
color sidebar_indicator black white
|
color sidebar_indicator black white
|
||||||
color sidebar_highlight white blue
|
color sidebar_highlight white blue
|
||||||
set sidebar_format = "%B%* %?N?%N/?%S"
|
set sidebar_format = "%B%* %?N?%N/?%S"
|
||||||
|
|
||||||
alias f__0 ${me.name} <${me.mail}>
|
alias f__0 ${me.name} <${me.mail}>
|
||||||
${builtins.concatStringsSep "\n" (lib.imap1 (n: x: "alias f__${toString n} ${me.name} <${x}>") me.alternates)}
|
${builtins.concatStringsSep "\n"
|
||||||
send2-hook '~f fill-later' "push <edit-from><kill-line>f__<complete><search>${me.mail}<enter>"
|
(lib.imap1 (n: x: "alias f__${toString n} ${me.name} <${x}>")
|
||||||
'';
|
me.alternates)}
|
||||||
|
send2-hook '~f fill-later' "push <edit-from><kill-line>f__<complete><search>${me.mail}<enter>"
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,117 +1,113 @@
|
||||||
{ lib, pkgs, config, ...}:
|
{ lib, pkgs, config, ... }:
|
||||||
with lib;
|
with lib; {
|
||||||
{
|
|
||||||
|
|
||||||
options.m-0.pythia.enable = mkEnableOption "Pythia";
|
options.m-0.pythia.enable = mkEnableOption "Pythia";
|
||||||
config = mkIf config.m-0.pythia.enable (let
|
config = mkIf config.m-0.pythia.enable (let
|
||||||
pythia-path = "${config.home.homeDirectory}/data/aktuell/pythia";
|
pythia-path = "${config.home.homeDirectory}/data/aktuell/pythia";
|
||||||
pythia = pkgs.writeShellScriptBin "pythia" ''
|
pythia = pkgs.writeShellScriptBin "pythia" ''
|
||||||
datei=${pythia-path}/$(date +%Y-%m-%d)
|
datei=${pythia-path}/$(date +%Y-%m-%d)
|
||||||
touch $datei
|
touch $datei
|
||||||
vim $datei
|
vim $datei
|
||||||
grep TODO: $datei | sed 's/TODO: //' | while read -r line; do task add "$line"; done && sed -i 's/TODO: /Notiert: /' $datei
|
grep TODO: $datei | sed 's/TODO: //' | while read -r line; do task add "$line"; done && sed -i 's/TODO: /Notiert: /' $datei
|
||||||
grep WEAK: $datei | sed 's/WEAK: //' >> ${pythia-path}/schwächen && sed -i 's/WEAK: /Schwäche: /' $datei
|
grep WEAK: $datei | sed 's/WEAK: //' >> ${pythia-path}/schwächen && sed -i 's/WEAK: /Schwäche: /' $datei
|
||||||
grep STRONG: $datei | sed 's/STRONG: //' >> ${pythia-path}/stärken && sed -i 's/STRONG: /Stärke: /' $datei
|
grep STRONG: $datei | sed 's/STRONG: //' >> ${pythia-path}/stärken && sed -i 's/STRONG: /Stärke: /' $datei
|
||||||
grep RULE: $datei | sed 's/RULE: //' >> ${pythia-path}/richtlinien && sed -i 's/RULE: /Richtlinie: /' $datei
|
grep RULE: $datei | sed 's/RULE: //' >> ${pythia-path}/richtlinien && sed -i 's/RULE: /Richtlinie: /' $datei
|
||||||
grep INDICATOR: $datei | sed 's/INDICATOR: //' >> ${pythia-path}/warnzeichen && sed -i 's/INDICATOR: /Warnzeichen: /' $datei
|
grep INDICATOR: $datei | sed 's/INDICATOR: //' >> ${pythia-path}/warnzeichen && sed -i 's/INDICATOR: /Warnzeichen: /' $datei
|
||||||
'';
|
|
||||||
printslow = pkgs.writeScriptBin "printslow" ''
|
|
||||||
#!${pkgs.python3}/bin/python
|
|
||||||
|
|
||||||
import fileinput
|
|
||||||
import sys
|
|
||||||
import time
|
|
||||||
|
|
||||||
for line in fileinput.input():
|
|
||||||
for letter in line:
|
|
||||||
print(letter, end="")
|
|
||||||
sys.stdout.flush()
|
|
||||||
time.sleep(0.1)
|
|
||||||
'';
|
'';
|
||||||
fortune = ''
|
printslow = pkgs.writeScriptBin "printslow" ''
|
||||||
${pkgs.fortune}/bin/fortune | ${run-printslow}
|
#!${pkgs.python3}/bin/python
|
||||||
echo
|
|
||||||
sleep 5s
|
|
||||||
'';
|
|
||||||
threefortunes = ''
|
|
||||||
echo Genieße drei Fortunes: | ${run-printslow}
|
|
||||||
echo
|
|
||||||
${fortune}
|
|
||||||
${fortune}
|
|
||||||
${fortune}
|
|
||||||
'';
|
|
||||||
run-pythia = "${pythia}/bin/pythia";
|
|
||||||
run-printslow = "${printslow}/bin/printslow";
|
|
||||||
hold = "echo -n '>'; read a;";
|
|
||||||
dong = "${pkgs.mpv}/bin/mpv dong.ogg &> /dev/null &";
|
|
||||||
meditate = pkgs.writeShellScriptBin "meditate" ''
|
|
||||||
cd ${pythia-path}
|
|
||||||
i3-msg fullscreen &> /dev/null
|
|
||||||
start=`${pkgs.taskwarrior}/bin/task calc now`
|
|
||||||
mpv background.ogg &> /dev/null &
|
|
||||||
${run-printslow} << EOF
|
|
||||||
Hallo Malte,
|
|
||||||
|
|
||||||
hier spricht Pythia.
|
import fileinput
|
||||||
|
import sys
|
||||||
|
import time
|
||||||
|
|
||||||
Herzlich willkommen zur Besinnung, Ruhefindung und Orientierung.
|
for line in fileinput.input():
|
||||||
|
for letter in line:
|
||||||
Bist Du bereit?
|
print(letter, end="")
|
||||||
EOF
|
sys.stdout.flush()
|
||||||
${hold}
|
time.sleep(0.1)
|
||||||
${run-printslow} << EOF
|
|
||||||
Gut, dann lass uns starten.
|
|
||||||
EOF
|
|
||||||
sleep 3s
|
|
||||||
${run-printslow} << EOF
|
|
||||||
|
|
||||||
Nimm Dir ein wenig Zeit um die Gedanken zu sammeln, die unerledigt sind.
|
|
||||||
|
|
||||||
EOF
|
|
||||||
sleep 1s
|
|
||||||
${run-pythia}
|
|
||||||
${run-printslow} << EOF
|
|
||||||
|
|
||||||
Nimm Dir nun mindestens 5 Minuten Auszeit um tief zu entspannen.
|
|
||||||
Achte auf Deine Atmung und Deinen Körper.
|
|
||||||
Beruhige Deine Gedanken und gehe in Dich.
|
|
||||||
|
|
||||||
EOF
|
|
||||||
${dong}
|
|
||||||
sleep 5m
|
|
||||||
${dong}
|
|
||||||
${hold}
|
|
||||||
${threefortunes}
|
|
||||||
${run-printslow} << EOF
|
|
||||||
Nun ist die Zeit für Reflektion und um an Deinem Credo zu arbeiten.
|
|
||||||
EOF
|
|
||||||
sleep 3s
|
|
||||||
${run-pythia}
|
|
||||||
${run-printslow} << EOF
|
|
||||||
Melde Dich, wenn Du bereit für Dein Credo bist.
|
|
||||||
EOF
|
|
||||||
${hold}
|
|
||||||
${run-printslow} credo
|
|
||||||
${hold}
|
|
||||||
${run-printslow} << EOF
|
|
||||||
|
|
||||||
Nun genieße die gewonne Energie um Dich auf die Zukunft vorzubereiten.
|
|
||||||
EOF
|
|
||||||
${hold}
|
|
||||||
${threefortunes}
|
|
||||||
${dong}
|
|
||||||
echo Dauer der Meditation | ${run-printslow}
|
|
||||||
${pkgs.taskwarrior}/bin/task calc now-$start
|
|
||||||
${pkgs.taskwarrior}/bin/task gen_id:meditation done
|
|
||||||
${hold}
|
|
||||||
exit
|
|
||||||
'';
|
'';
|
||||||
|
fortune = ''
|
||||||
|
${pkgs.fortune}/bin/fortune | ${run-printslow}
|
||||||
|
echo
|
||||||
|
sleep 5s
|
||||||
|
'';
|
||||||
|
threefortunes = ''
|
||||||
|
echo Genieße drei Fortunes: | ${run-printslow}
|
||||||
|
echo
|
||||||
|
${fortune}
|
||||||
|
${fortune}
|
||||||
|
${fortune}
|
||||||
|
'';
|
||||||
|
run-pythia = "${pythia}/bin/pythia";
|
||||||
|
run-printslow = "${printslow}/bin/printslow";
|
||||||
|
hold = "echo -n '>'; read a;";
|
||||||
|
dong = "${pkgs.mpv}/bin/mpv dong.ogg &> /dev/null &";
|
||||||
|
meditate = pkgs.writeShellScriptBin "meditate" ''
|
||||||
|
cd ${pythia-path}
|
||||||
|
i3-msg fullscreen &> /dev/null
|
||||||
|
start=`${pkgs.taskwarrior}/bin/task calc now`
|
||||||
|
mpv background.ogg &> /dev/null &
|
||||||
|
${run-printslow} << EOF
|
||||||
|
Hallo Malte,
|
||||||
|
|
||||||
|
hier spricht Pythia.
|
||||||
|
|
||||||
|
Herzlich willkommen zur Besinnung, Ruhefindung und Orientierung.
|
||||||
|
|
||||||
|
Bist Du bereit?
|
||||||
|
EOF
|
||||||
|
${hold}
|
||||||
|
${run-printslow} << EOF
|
||||||
|
Gut, dann lass uns starten.
|
||||||
|
EOF
|
||||||
|
sleep 3s
|
||||||
|
${run-printslow} << EOF
|
||||||
|
|
||||||
|
Nimm Dir ein wenig Zeit um die Gedanken zu sammeln, die unerledigt sind.
|
||||||
|
|
||||||
|
EOF
|
||||||
|
sleep 1s
|
||||||
|
${run-pythia}
|
||||||
|
${run-printslow} << EOF
|
||||||
|
|
||||||
|
Nimm Dir nun mindestens 5 Minuten Auszeit um tief zu entspannen.
|
||||||
|
Achte auf Deine Atmung und Deinen Körper.
|
||||||
|
Beruhige Deine Gedanken und gehe in Dich.
|
||||||
|
|
||||||
|
EOF
|
||||||
|
${dong}
|
||||||
|
sleep 5m
|
||||||
|
${dong}
|
||||||
|
${hold}
|
||||||
|
${threefortunes}
|
||||||
|
${run-printslow} << EOF
|
||||||
|
Nun ist die Zeit für Reflektion und um an Deinem Credo zu arbeiten.
|
||||||
|
EOF
|
||||||
|
sleep 3s
|
||||||
|
${run-pythia}
|
||||||
|
${run-printslow} << EOF
|
||||||
|
Melde Dich, wenn Du bereit für Dein Credo bist.
|
||||||
|
EOF
|
||||||
|
${hold}
|
||||||
|
${run-printslow} credo
|
||||||
|
${hold}
|
||||||
|
${run-printslow} << EOF
|
||||||
|
|
||||||
|
Nun genieße die gewonne Energie um Dich auf die Zukunft vorzubereiten.
|
||||||
|
EOF
|
||||||
|
${hold}
|
||||||
|
${threefortunes}
|
||||||
|
${dong}
|
||||||
|
echo Dauer der Meditation | ${run-printslow}
|
||||||
|
${pkgs.taskwarrior}/bin/task calc now-$start
|
||||||
|
${pkgs.taskwarrior}/bin/task gen_id:meditation done
|
||||||
|
${hold}
|
||||||
|
exit
|
||||||
|
'';
|
||||||
in {
|
in {
|
||||||
|
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [ pythia meditate ];
|
||||||
pythia
|
});
|
||||||
meditate
|
|
||||||
];
|
|
||||||
});
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +1,10 @@
|
||||||
{ lib, pkgs, config, ...}:
|
{ lib, pkgs, config, ... }:
|
||||||
with lib;
|
with lib; {
|
||||||
{
|
|
||||||
|
|
||||||
options.m-0.rustdev.enable = mkEnableOption "Rust Dev";
|
options.m-0.rustdev.enable = mkEnableOption "Rust Dev";
|
||||||
|
|
||||||
config = mkIf config.m-0.rustdev.enable {
|
config = mkIf config.m-0.rustdev.enable {
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [ rustup nix-prefetch-scripts gcc ];
|
||||||
rustup
|
};
|
||||||
nix-prefetch-scripts
|
|
||||||
gcc
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, pkgs, config, ...}:
|
{ lib, pkgs, config, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
tasksync = pkgs.writeShellScriptBin "tasksync" ''
|
tasksync = pkgs.writeShellScriptBin "tasksync" ''
|
||||||
|
@ -6,7 +6,9 @@ let
|
||||||
cd ${config.home.homeDirectory}/.task
|
cd ${config.home.homeDirectory}/.task
|
||||||
${pkgs.git}/bin/git add completed.data pending.data > /dev/null
|
${pkgs.git}/bin/git add completed.data pending.data > /dev/null
|
||||||
${pkgs.git}/bin/git commit -m 'Updating task data' > /dev/null
|
${pkgs.git}/bin/git commit -m 'Updating task data' > /dev/null
|
||||||
${pkgs.git}/bin/git pull -X ${if config.m-0.taskwarrior.git_active then "ours" else "theirs"} | ${pkgs.gnugrep}/bin/grep -v "Already up to date."
|
${pkgs.git}/bin/git pull -X ${
|
||||||
|
if config.m-0.taskwarrior.git_active then "ours" else "theirs"
|
||||||
|
} | ${pkgs.gnugrep}/bin/grep -v "Already up to date."
|
||||||
${pkgs.taskwarrior}/bin/task diagnostics | ${pkgs.gnugrep}/bin/grep "Found duplicate" | ${pkgs.gnused}/bin/sed 's/.*Found duplicate //' | ${pkgs.findutils}/bin/xargs -i ${pkgs.gnused}/bin/sed -i '0,/uuid:"{}"/{/uuid:"{}"/d}' completed.data > /dev/null
|
${pkgs.taskwarrior}/bin/task diagnostics | ${pkgs.gnugrep}/bin/grep "Found duplicate" | ${pkgs.gnused}/bin/sed 's/.*Found duplicate //' | ${pkgs.findutils}/bin/xargs -i ${pkgs.gnused}/bin/sed -i '0,/uuid:"{}"/{/uuid:"{}"/d}' completed.data > /dev/null
|
||||||
${pkgs.git}/bin/git add completed.data > /dev/null
|
${pkgs.git}/bin/git add completed.data > /dev/null
|
||||||
${pkgs.git}/bin/git commit -m 'Fixing duplicates' > /dev/null
|
${pkgs.git}/bin/git commit -m 'Fixing duplicates' > /dev/null
|
||||||
|
@ -14,192 +16,178 @@ let
|
||||||
true
|
true
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
options.m-0.taskwarrior.enable = mkEnableOption "Taskwarrior";
|
options.m-0.taskwarrior.enable = mkEnableOption "Taskwarrior";
|
||||||
options.m-0.taskwarrior.git_active = mkEnableOption "This machine will prefer its own state in case of a merge conflict, if enabled.";
|
options.m-0.taskwarrior.git_active = mkEnableOption
|
||||||
config = mkIf config.m-0.taskwarrior.enable {
|
"This machine will prefer its own state in case of a merge conflict, if enabled.";
|
||||||
systemd.user = {
|
config = mkIf config.m-0.taskwarrior.enable {
|
||||||
services.tasksync = {
|
systemd.user = {
|
||||||
Unit = {
|
services.tasksync = {
|
||||||
Description = "Update tasks";
|
Unit = { Description = "Update tasks"; };
|
||||||
|
Service = {
|
||||||
|
ExecStart = "${tasksync}/bin/tasksync";
|
||||||
|
Type = "oneshot";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
Service = {
|
timers.tasksync = {
|
||||||
ExecStart="${tasksync}/bin/tasksync";
|
Timer = { OnCalendar = "*:0/1"; };
|
||||||
Type="oneshot";
|
Install = { WantedBy = [ "timers.target" ]; };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
timers.tasksync = {
|
home = {
|
||||||
Timer = {
|
packages = [ pkgs.taskwarrior tasksync pkgs.tasksh ];
|
||||||
OnCalendar = "*:0/1";
|
file = {
|
||||||
};
|
".taskrc".text = ''
|
||||||
Install = {
|
data.location=~/.task
|
||||||
WantedBy = [ "timers.target" ];
|
default.command=default
|
||||||
};
|
alias.inbox=+PENDING -TAGGED limit:1
|
||||||
};
|
alias.inboxall=+PENDING -TAGGED
|
||||||
};
|
|
||||||
home = {
|
|
||||||
packages = [ pkgs.taskwarrior tasksync pkgs.tasksh ];
|
|
||||||
file = {
|
|
||||||
".taskrc".text = ''
|
|
||||||
data.location=~/.task
|
|
||||||
default.command=default
|
|
||||||
alias.inbox=+PENDING -TAGGED limit:1
|
|
||||||
alias.inboxall=+PENDING -TAGGED
|
|
||||||
|
|
||||||
verbose=blank,header,footnote,label,new-id,affected,edit,special,sync
|
verbose=blank,header,footnote,label,new-id,affected,edit,special,sync
|
||||||
nag=
|
nag=
|
||||||
|
|
||||||
report.default.columns=id,tags,priority,description,due,start.active,project
|
report.default.columns=id,tags,priority,description,due,start.active,project
|
||||||
report.default.description=List tasks
|
report.default.description=List tasks
|
||||||
report.default.filter=status:pending -BLOCKED
|
report.default.filter=status:pending -BLOCKED
|
||||||
report.default.labels=ID,Tags,,Beschreibung,Bis,Start,Projekt
|
report.default.labels=ID,Tags,,Beschreibung,Bis,Start,Projekt
|
||||||
report.default.sort=modified-
|
report.default.sort=modified-
|
||||||
|
|
||||||
uda.partof.type=string
|
uda.partof.type=string
|
||||||
uda.partof.label=Parent task
|
uda.partof.label=Parent task
|
||||||
uda.generated.type=string
|
uda.generated.type=string
|
||||||
uda.gen_name.type=string
|
uda.gen_name.type=string
|
||||||
uda.gen_name.label=Generator name
|
uda.gen_name.label=Generator name
|
||||||
uda.gen_id.type=string
|
uda.gen_id.type=string
|
||||||
uda.gen_id.label=Generator id
|
uda.gen_id.label=Generator id
|
||||||
uda.gen_orphan.type=string
|
uda.gen_orphan.type=string
|
||||||
uda.gen_orphan.label=Generated orphan behavior
|
uda.gen_orphan.label=Generated orphan behavior
|
||||||
uda.listposition.type=numeric
|
uda.listposition.type=numeric
|
||||||
|
|
||||||
# Bugwarrior UDAs
|
# Bugwarrior UDAs
|
||||||
uda.githubtitle.type=string
|
uda.githubtitle.type=string
|
||||||
uda.githubtitle.label=Github Title
|
uda.githubtitle.label=Github Title
|
||||||
uda.githubbody.type=string
|
uda.githubbody.type=string
|
||||||
uda.githubbody.label=Github Body
|
uda.githubbody.label=Github Body
|
||||||
uda.githubcreatedon.type=date
|
uda.githubcreatedon.type=date
|
||||||
uda.githubcreatedon.label=Github Created
|
uda.githubcreatedon.label=Github Created
|
||||||
uda.githubupdatedat.type=date
|
uda.githubupdatedat.type=date
|
||||||
uda.githubupdatedat.label=Github Updated
|
uda.githubupdatedat.label=Github Updated
|
||||||
uda.githubmilestone.type=string
|
uda.githubmilestone.type=string
|
||||||
uda.githubmilestone.label=Github Milestone
|
uda.githubmilestone.label=Github Milestone
|
||||||
uda.githubrepo.type=string
|
uda.githubrepo.type=string
|
||||||
uda.githubrepo.label=Github Repo Slug
|
uda.githubrepo.label=Github Repo Slug
|
||||||
uda.githuburl.type=string
|
uda.githuburl.type=string
|
||||||
uda.githuburl.label=Github URL
|
uda.githuburl.label=Github URL
|
||||||
uda.githubtype.type=string
|
uda.githubtype.type=string
|
||||||
uda.githubtype.label=Github Type
|
uda.githubtype.label=Github Type
|
||||||
uda.githubnumber.type=numeric
|
uda.githubnumber.type=numeric
|
||||||
uda.githubnumber.label=Github Issue/PR #
|
uda.githubnumber.label=Github Issue/PR #
|
||||||
uda.githubuser.type=string
|
uda.githubuser.type=string
|
||||||
uda.githubuser.label=Github User
|
uda.githubuser.label=Github User
|
||||||
uda.gitlabtitle.type=string
|
uda.gitlabtitle.type=string
|
||||||
uda.gitlabtitle.label=Gitlab Title
|
uda.gitlabtitle.label=Gitlab Title
|
||||||
uda.gitlabdescription.type=string
|
uda.gitlabdescription.type=string
|
||||||
uda.gitlabdescription.label=Gitlab Description
|
uda.gitlabdescription.label=Gitlab Description
|
||||||
uda.gitlabcreatedon.type=date
|
uda.gitlabcreatedon.type=date
|
||||||
uda.gitlabcreatedon.label=Gitlab Created
|
uda.gitlabcreatedon.label=Gitlab Created
|
||||||
uda.gitlabupdatedat.type=date
|
uda.gitlabupdatedat.type=date
|
||||||
uda.gitlabupdatedat.label=Gitlab Updated
|
uda.gitlabupdatedat.label=Gitlab Updated
|
||||||
uda.gitlabduedate.type=date
|
uda.gitlabduedate.type=date
|
||||||
uda.gitlabduedate.label=Gitlab Due Date
|
uda.gitlabduedate.label=Gitlab Due Date
|
||||||
uda.gitlabmilestone.type=string
|
uda.gitlabmilestone.type=string
|
||||||
uda.gitlabmilestone.label=Gitlab Milestone
|
uda.gitlabmilestone.label=Gitlab Milestone
|
||||||
uda.gitlaburl.type=string
|
uda.gitlaburl.type=string
|
||||||
uda.gitlaburl.label=Gitlab URL
|
uda.gitlaburl.label=Gitlab URL
|
||||||
uda.gitlabrepo.type=string
|
uda.gitlabrepo.type=string
|
||||||
uda.gitlabrepo.label=Gitlab Repo Slug
|
uda.gitlabrepo.label=Gitlab Repo Slug
|
||||||
uda.gitlabtype.type=string
|
uda.gitlabtype.type=string
|
||||||
uda.gitlabtype.label=Gitlab Type
|
uda.gitlabtype.label=Gitlab Type
|
||||||
uda.gitlabnumber.type=numeric
|
uda.gitlabnumber.type=numeric
|
||||||
uda.gitlabnumber.label=Gitlab Issue/MR #
|
uda.gitlabnumber.label=Gitlab Issue/MR #
|
||||||
uda.gitlabstate.type=string
|
uda.gitlabstate.type=string
|
||||||
uda.gitlabstate.label=Gitlab Issue/MR State
|
uda.gitlabstate.label=Gitlab Issue/MR State
|
||||||
uda.gitlabupvotes.type=numeric
|
uda.gitlabupvotes.type=numeric
|
||||||
uda.gitlabupvotes.label=Gitlab Upvotes
|
uda.gitlabupvotes.label=Gitlab Upvotes
|
||||||
uda.gitlabdownvotes.type=numeric
|
uda.gitlabdownvotes.type=numeric
|
||||||
uda.gitlabdownvotes.label=Gitlab Downvotes
|
uda.gitlabdownvotes.label=Gitlab Downvotes
|
||||||
uda.gitlabwip.type=numeric
|
uda.gitlabwip.type=numeric
|
||||||
uda.gitlabwip.label=Gitlab MR Work-In-Progress Flag
|
uda.gitlabwip.label=Gitlab MR Work-In-Progress Flag
|
||||||
uda.gitlabauthor.type=string
|
uda.gitlabauthor.type=string
|
||||||
uda.gitlabauthor.label=Gitlab Author
|
uda.gitlabauthor.label=Gitlab Author
|
||||||
uda.gitlabassignee.type=string
|
uda.gitlabassignee.type=string
|
||||||
uda.gitlabassignee.label=Gitlab Assignee
|
uda.gitlabassignee.label=Gitlab Assignee
|
||||||
uda.gitlabnamespace.type=string
|
uda.gitlabnamespace.type=string
|
||||||
uda.gitlabnamespace.label=Gitlab Namespace
|
uda.gitlabnamespace.label=Gitlab Namespace
|
||||||
uda.gitlabweight.type=numeric
|
uda.gitlabweight.type=numeric
|
||||||
uda.gitlabweight.label=Gitlab Weight
|
uda.gitlabweight.label=Gitlab Weight
|
||||||
# END Bugwarrior UDAs
|
# END Bugwarrior UDAs
|
||||||
'';
|
'';
|
||||||
taskwarrior-on-add-hook = {
|
taskwarrior-on-add-hook = {
|
||||||
target = ".task/hooks/on-add.eventd-notification";
|
target = ".task/hooks/on-add.eventd-notification";
|
||||||
text = ''
|
text = ''
|
||||||
#!${pkgs.python3}/bin/python
|
#!${pkgs.python3}/bin/python
|
||||||
import sys
|
import sys
|
||||||
import json
|
import json
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
input_string = sys.stdin.readline()
|
input_string = sys.stdin.readline()
|
||||||
original = json.loads(input_string)
|
original = json.loads(input_string)
|
||||||
command = ['eventc', 'task', 'add']
|
command = ['eventc', 'task', 'add']
|
||||||
for name, value in original.items():
|
for name, value in original.items():
|
||||||
command.append("-d")
|
|
||||||
if type(value) == list:
|
|
||||||
value = ', '.join(value)
|
|
||||||
command.append(name+"='"+str(value)+"'")
|
|
||||||
subprocess.Popen(command)
|
|
||||||
print(input_string)
|
|
||||||
'';
|
|
||||||
executable = true;
|
|
||||||
};
|
|
||||||
taskwarrior-on-modify-hook = {
|
|
||||||
target = ".task/hooks/on-modify.eventd-notification";
|
|
||||||
text = ''
|
|
||||||
#!${pkgs.python3}/bin/python
|
|
||||||
import sys
|
|
||||||
import json
|
|
||||||
import subprocess
|
|
||||||
|
|
||||||
input_string = sys.stdin.readline()
|
|
||||||
original = json.loads(input_string)
|
|
||||||
input_string = sys.stdin.readline()
|
|
||||||
new = json.loads(input_string)
|
|
||||||
command = ['eventc', 'task', 'modify']
|
|
||||||
for name in set(new.keys()).union(set(original.keys())):
|
|
||||||
if new.get(name) != original.get(name) or name == "description":
|
|
||||||
value = new.get(name, "")
|
|
||||||
command.append("-d")
|
command.append("-d")
|
||||||
if type(value) == list:
|
if type(value) == list:
|
||||||
value = ', '.join([str(item) for item in value])
|
value = ', '.join(value)
|
||||||
command.append(name+"='"+str(value)+"'")
|
command.append(name+"='"+str(value)+"'")
|
||||||
subprocess.Popen(command)
|
subprocess.Popen(command)
|
||||||
print(input_string)
|
print(input_string)
|
||||||
'';
|
'';
|
||||||
executable = true;
|
executable = true;
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
xdg = let
|
|
||||||
taskAction = name: template: {
|
|
||||||
"eventd/task-${name}.action".text = generators.toINI {} {
|
|
||||||
Action = {
|
|
||||||
Name = "task-${name}";
|
|
||||||
};
|
};
|
||||||
Notification = {
|
taskwarrior-on-modify-hook = {
|
||||||
Text = template;
|
target = ".task/hooks/on-modify.eventd-notification";
|
||||||
};
|
text = ''
|
||||||
NotificationBubble = {
|
#!${pkgs.python3}/bin/python
|
||||||
Queue = "tasks";
|
import sys
|
||||||
|
import json
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
input_string = sys.stdin.readline()
|
||||||
|
original = json.loads(input_string)
|
||||||
|
input_string = sys.stdin.readline()
|
||||||
|
new = json.loads(input_string)
|
||||||
|
command = ['eventc', 'task', 'modify']
|
||||||
|
for name in set(new.keys()).union(set(original.keys())):
|
||||||
|
if new.get(name) != original.get(name) or name == "description":
|
||||||
|
value = new.get(name, "")
|
||||||
|
command.append("-d")
|
||||||
|
if type(value) == list:
|
||||||
|
value = ', '.join([str(item) for item in value])
|
||||||
|
command.append(name+"='"+str(value)+"'")
|
||||||
|
subprocess.Popen(command)
|
||||||
|
print(input_string)
|
||||||
|
'';
|
||||||
|
executable = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
in {
|
xdg = let
|
||||||
configFile = {
|
taskAction = name: template: {
|
||||||
"eventd/task.event".text = generators.toINI {} {
|
"eventd/task-${name}.action".text = generators.toINI { } {
|
||||||
"Event task add" = {
|
Action = { Name = "task-${name}"; };
|
||||||
Actions = "task-new";
|
Notification = { Text = template; };
|
||||||
};
|
NotificationBubble = { Queue = "tasks"; };
|
||||||
"Event task modify" = {
|
|
||||||
Actions = "task-changed";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
} //
|
in {
|
||||||
taskAction "changed" "Changes in task:\\n<b>\${description}</b>\${status:+\\nStatus: }\${status}\${tags:+\\nTags: }\${tags}\${project:+\\nProject: }\${project}" //
|
configFile = {
|
||||||
taskAction "new" "New \${status} task\${tags:! in inbox}:\\n<b>\${description}</b>\${tags:+\\nTags: }\${tags}\${project:+\\nProject: }\${project}";
|
"eventd/task.event".text = generators.toINI { } {
|
||||||
|
"Event task add" = { Actions = "task-new"; };
|
||||||
|
"Event task modify" = { Actions = "task-changed"; };
|
||||||
|
};
|
||||||
|
} // taskAction "changed"
|
||||||
|
"Changes in task:\\n<b>\${description}</b>\${status:+\\nStatus: }\${status}\${tags:+\\nTags: }\${tags}\${project:+\\nProject: }\${project}"
|
||||||
|
// taskAction "new"
|
||||||
|
"New \${status} task\${tags:! in inbox}:\\n<b>\${description}</b>\${tags:+\\nTags: }\${tags}\${project:+\\nProject: }\${project}";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,32 +1,27 @@
|
||||||
{ pkgs, lib, config, ...}:
|
{ pkgs, lib, config, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
makeUnlocker = { name, hostName, pubKey, passPath }:
|
makeUnlocker = { name, hostName, pubKey, passPath }:
|
||||||
let
|
let knownHosts = pkgs.writeText "KnownBootHosts" "${hostName} ${pubKey}";
|
||||||
knownHosts = pkgs.writeText "KnownBootHosts" "${hostName} ${pubKey}";
|
in pkgs.writeShellScriptBin "unlock-${name}" ''
|
||||||
in
|
echo "Waiting for host to come up";
|
||||||
pkgs.writeShellScriptBin "unlock-${name}" ''
|
while true; do
|
||||||
echo "Waiting for host to come up";
|
echo -n .
|
||||||
while true; do
|
/run/wrappers/bin/ping -4 ${hostName} -c 1 -w 1 > /dev/null && break;
|
||||||
echo -n .
|
sleep 1s;
|
||||||
/run/wrappers/bin/ping -4 ${hostName} -c 1 -w 1 > /dev/null && break;
|
done;
|
||||||
sleep 1s;
|
echo
|
||||||
done;
|
echo "Ping successful; Entering disk encryption password"
|
||||||
echo
|
${pkgs.pass}/bin/pass ${passPath} | ssh -4 root@${hostName} -o UserKnownHostsFile=${knownHosts} cryptsetup-askpass && echo "Unlocking of ${name} successful" || echo "Unlocking of ${name} failed"
|
||||||
echo "Ping successful; Entering disk encryption password"
|
'';
|
||||||
${pkgs.pass}/bin/pass ${passPath} | ssh -4 root@${hostName} -o UserKnownHostsFile=${knownHosts} cryptsetup-askpass && echo "Unlocking of ${name} successful" || echo "Unlocking of ${name} failed"
|
in {
|
||||||
'';
|
|
||||||
in
|
|
||||||
{
|
|
||||||
|
|
||||||
options.m-0.unlocker = mkOption {
|
options.m-0.unlocker = mkOption {
|
||||||
default = [];
|
default = [ ];
|
||||||
type = types.listOf types.attrs;
|
type = types.listOf types.attrs;
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = { home.packages = map makeUnlocker config.m-0.unlocker; };
|
||||||
home.packages = map makeUnlocker config.m-0.unlocker;
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,107 +3,100 @@ with lib;
|
||||||
let
|
let
|
||||||
in {
|
in {
|
||||||
|
|
||||||
options.m-0.weechat = {
|
options.m-0.weechat = {
|
||||||
enable = mkEnableOption "Weechat";
|
enable = mkEnableOption "Weechat";
|
||||||
channels = mkOption {
|
channels = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "";
|
default = "";
|
||||||
};
|
|
||||||
user = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
pw = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf config.m-0.weechat.enable {
|
|
||||||
home.file = {
|
|
||||||
python_plugins = {
|
|
||||||
target = ".weechat/python";
|
|
||||||
source = ./plugins/python;
|
|
||||||
};
|
|
||||||
perl_plugins = {
|
|
||||||
target = ".weechat/perl";
|
|
||||||
source = ./plugins/perl;
|
|
||||||
};
|
|
||||||
plugins = {
|
|
||||||
target = ".weechat/plugins.conf";
|
|
||||||
text = ''
|
|
||||||
[var]
|
|
||||||
python.buffer_autohide.hide_inactive = on
|
|
||||||
python.buffer_autohide.hide_private = on
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
weechat = {
|
|
||||||
target = ".weechat/weechat.conf";
|
|
||||||
text = ''
|
|
||||||
[look]
|
|
||||||
buffer_notify_default = "highlight"
|
|
||||||
jump_current_to_previous_buffer = off
|
|
||||||
|
|
||||||
[color]
|
|
||||||
chat_nick_colors = "cyan,magenta,green,brown,lightblue,default,lightcyan,lightmagenta,lightgreen,blue,31,35,38,40,49,63,70,80,92,99,112,126,130,138,142,148,160,162,167,169,174,176,178,184,186,210,212,215,228"
|
|
||||||
|
|
||||||
[filter]
|
|
||||||
irc_smart = on;*;irc_smart_filter;*
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
logger = {
|
|
||||||
target = ".weechat/logger.conf";
|
|
||||||
text = ''
|
|
||||||
[look]
|
|
||||||
backlog = 1000
|
|
||||||
|
|
||||||
[file]
|
|
||||||
mask = "$name/%Y"
|
|
||||||
path = "${config.home.homeDirectory}/data/logs/"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
irc = {
|
|
||||||
target = ".weechat/irc.conf";
|
|
||||||
text = ''
|
|
||||||
[look]
|
|
||||||
color_nicks_in_nicklist = on
|
|
||||||
|
|
||||||
[server]
|
|
||||||
freenode.addresses = "chat.freenode.net/6697"
|
|
||||||
freenode.ssl = on
|
|
||||||
freenode.sasl_mechanism = plain
|
|
||||||
freenode.sasl_username = "${config.m-0.weechat.user}"
|
|
||||||
freenode.sasl_password = "${config.m-0.weechat.pw}"
|
|
||||||
freenode.autoconnect = on
|
|
||||||
freenode.username = "${config.m-0.weechat.user}"
|
|
||||||
freenode.autojoin = "#nixos,#matrix,#haskell"
|
|
||||||
|
|
||||||
[server]
|
|
||||||
hackint.addresses = "irc.hackint.org/6697"
|
|
||||||
hackint.ssl = on
|
|
||||||
hackint.sasl_mechanism = plain
|
|
||||||
hackint.sasl_username = "${config.m-0.weechat.user}"
|
|
||||||
hackint.sasl_password = "${config.m-0.weechat.pw}"
|
|
||||||
hackint.autoconnect = on
|
|
||||||
hackint.username = "${config.m-0.weechat.user}"
|
|
||||||
hackint.autojoin = "${config.m-0.weechat.channels}"
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
|
user = mkOption { type = types.str; };
|
||||||
|
pw = mkOption { type = types.str; };
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.user.services = {
|
config = mkIf config.m-0.weechat.enable {
|
||||||
weechat = {
|
home.file = {
|
||||||
Unit = {
|
python_plugins = {
|
||||||
Description = "Weechat Tmux Session";
|
target = ".weechat/python";
|
||||||
|
source = ./plugins/python;
|
||||||
};
|
};
|
||||||
Service = {
|
perl_plugins = {
|
||||||
Type = "forking";
|
target = ".weechat/perl";
|
||||||
ExecStart = "${pkgs.tmux}/bin/tmux -L weechat -2 new-session -d -s irc -n weechat '${pkgs.weechat}/bin/weechat'";
|
source = ./plugins/perl;
|
||||||
Restart = "always";
|
|
||||||
};
|
};
|
||||||
Install = {
|
plugins = {
|
||||||
WantedBy = [ "default.target" ];
|
target = ".weechat/plugins.conf";
|
||||||
|
text = ''
|
||||||
|
[var]
|
||||||
|
python.buffer_autohide.hide_inactive = on
|
||||||
|
python.buffer_autohide.hide_private = on
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
weechat = {
|
||||||
|
target = ".weechat/weechat.conf";
|
||||||
|
text = ''
|
||||||
|
[look]
|
||||||
|
buffer_notify_default = "highlight"
|
||||||
|
jump_current_to_previous_buffer = off
|
||||||
|
|
||||||
|
[color]
|
||||||
|
chat_nick_colors = "cyan,magenta,green,brown,lightblue,default,lightcyan,lightmagenta,lightgreen,blue,31,35,38,40,49,63,70,80,92,99,112,126,130,138,142,148,160,162,167,169,174,176,178,184,186,210,212,215,228"
|
||||||
|
|
||||||
|
[filter]
|
||||||
|
irc_smart = on;*;irc_smart_filter;*
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
logger = {
|
||||||
|
target = ".weechat/logger.conf";
|
||||||
|
text = ''
|
||||||
|
[look]
|
||||||
|
backlog = 1000
|
||||||
|
|
||||||
|
[file]
|
||||||
|
mask = "$name/%Y"
|
||||||
|
path = "${config.home.homeDirectory}/data/logs/"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
irc = {
|
||||||
|
target = ".weechat/irc.conf";
|
||||||
|
text = ''
|
||||||
|
[look]
|
||||||
|
color_nicks_in_nicklist = on
|
||||||
|
|
||||||
|
[server]
|
||||||
|
freenode.addresses = "chat.freenode.net/6697"
|
||||||
|
freenode.ssl = on
|
||||||
|
freenode.sasl_mechanism = plain
|
||||||
|
freenode.sasl_username = "${config.m-0.weechat.user}"
|
||||||
|
freenode.sasl_password = "${config.m-0.weechat.pw}"
|
||||||
|
freenode.autoconnect = on
|
||||||
|
freenode.username = "${config.m-0.weechat.user}"
|
||||||
|
freenode.autojoin = "#nixos,#matrix,#haskell"
|
||||||
|
|
||||||
|
[server]
|
||||||
|
hackint.addresses = "irc.hackint.org/6697"
|
||||||
|
hackint.ssl = on
|
||||||
|
hackint.sasl_mechanism = plain
|
||||||
|
hackint.sasl_username = "${config.m-0.weechat.user}"
|
||||||
|
hackint.sasl_password = "${config.m-0.weechat.pw}"
|
||||||
|
hackint.autoconnect = on
|
||||||
|
hackint.username = "${config.m-0.weechat.user}"
|
||||||
|
hackint.autojoin = "${config.m-0.weechat.channels}"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.user.services = {
|
||||||
|
weechat = {
|
||||||
|
Unit = { Description = "Weechat Tmux Session"; };
|
||||||
|
Service = {
|
||||||
|
Type = "forking";
|
||||||
|
ExecStart =
|
||||||
|
"${pkgs.tmux}/bin/tmux -L weechat -2 new-session -d -s irc -n weechat '${pkgs.weechat}/bin/weechat'";
|
||||||
|
Restart = "always";
|
||||||
|
};
|
||||||
|
Install = { WantedBy = [ "default.target" ]; };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,16 +6,9 @@ neovim.override {
|
||||||
customRC = builtins.readFile ./vimrc;
|
customRC = builtins.readFile ./vimrc;
|
||||||
packages.myVimPackage = {
|
packages.myVimPackage = {
|
||||||
start = builtins.attrValues {
|
start = builtins.attrValues {
|
||||||
inherit ((import <nixpkgs> {}).vimPlugins)
|
inherit ((import <nixpkgs> { }).vimPlugins)
|
||||||
vim-nix
|
vim-nix vimtex airline rust-vim fugitive vim-trailing-whitespace
|
||||||
vimtex
|
vim-pandoc vim-pandoc-syntax haskell-vim;
|
||||||
airline
|
|
||||||
rust-vim
|
|
||||||
fugitive
|
|
||||||
vim-trailing-whitespace
|
|
||||||
vim-pandoc
|
|
||||||
vim-pandoc-syntax
|
|
||||||
haskell-vim;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,14 +1,12 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{ pkgs, config, lib, ... }:
|
||||||
let
|
let
|
||||||
inherit (import ../common/lib.nix) writeHaskellScript;
|
inherit (import ../common/lib.nix) writeHaskellScript;
|
||||||
sources = import ../nix/sources.nix;
|
sources = import ../nix/sources.nix;
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
home = {
|
home = {
|
||||||
packages = builtins.attrValues (import ../common/pkgs.nix).foreign-home-pkgs;
|
packages =
|
||||||
sessionVariables = {
|
builtins.attrValues (import ../common/pkgs.nix).foreign-home-pkgs;
|
||||||
NIX_PATH = "$HOME/.nix-path";
|
sessionVariables = { NIX_PATH = "$HOME/.nix-path"; };
|
||||||
};
|
|
||||||
file = {
|
file = {
|
||||||
home-manager-source = {
|
home-manager-source = {
|
||||||
target = ".nix-path/home-manager";
|
target = ".nix-path/home-manager";
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{ pkgs, config, lib, ... }: {
|
||||||
{
|
|
||||||
home = {
|
home = {
|
||||||
username = "maralorn";
|
username = "maralorn";
|
||||||
homeDirectory = "/home/maralorn";
|
homeDirectory = "/home/maralorn";
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
let
|
let
|
||||||
morgenreport-script = pkgs.writeShellScriptBin "morgenreport" ''
|
morgenreport-script = pkgs.writeShellScriptBin "morgenreport" ''
|
||||||
cd $HOME/data/aktuell/media/ebooks/morgenreport/
|
cd $HOME/data/aktuell/media/ebooks/morgenreport/
|
||||||
DATE=`date +%Y-%m-%d`
|
DATE=`date +%Y-%m-%d`
|
||||||
PATH=$PATH:/run/wrappers/bin/
|
PATH=$PATH:/run/wrappers/bin/
|
||||||
|
@ -11,24 +11,18 @@ morgenreport-script = pkgs.writeShellScriptBin "morgenreport" ''
|
||||||
echo "File created, sending to kindle now …"
|
echo "File created, sending to kindle now …"
|
||||||
echo 'Siehe Anhang' | ${pkgs.mutt}/bin/mutt -s "Morgenreport $DATE" -a morgenreport-$DATE.mobi -- maralorn@kindle.com
|
echo 'Siehe Anhang' | ${pkgs.mutt}/bin/mutt -s "Morgenreport $DATE" -a morgenreport-$DATE.mobi -- maralorn@kindle.com
|
||||||
'';
|
'';
|
||||||
urls = [ "https://erdspektive.org/feed/" ];
|
urls = [ "https://erdspektive.org/feed/" ];
|
||||||
in {
|
in {
|
||||||
home.packages = [ morgenreport-script];
|
home.packages = [ morgenreport-script ];
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.morgenreport = {
|
services.morgenreport = {
|
||||||
Unit = {
|
Unit = { Description = "Send morgenreport to kindle"; };
|
||||||
Description = "Send morgenreport to kindle";
|
|
||||||
};
|
|
||||||
|
|
||||||
Service = {
|
Service = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ExecStart="/bin/sh ${morgenreport-script}/bin/morgenreport";
|
ExecStart = "/bin/sh ${morgenreport-script}/bin/morgenreport";
|
||||||
};
|
|
||||||
};
|
|
||||||
timers.morgenreport = {
|
|
||||||
Timer = {
|
|
||||||
OnCalendar = "20:00";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
timers.morgenreport = { Timer = { OnCalendar = "20:00"; }; };
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }: {
|
||||||
{
|
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.sort-mail =
|
services.sort-mail = let
|
||||||
let
|
|
||||||
sort-mail-script = pkgs.writeShellScriptBin "sort-mail" ''
|
sort-mail-script = pkgs.writeShellScriptBin "sort-mail" ''
|
||||||
${pkgs.isync}/bin/mbsync -a
|
${pkgs.isync}/bin/mbsync -a
|
||||||
|
|
||||||
|
@ -17,20 +15,14 @@
|
||||||
|
|
||||||
${pkgs.isync}/bin/mbsync -a
|
${pkgs.isync}/bin/mbsync -a
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
Unit = {
|
Unit = { Description = "Sort E-Mails"; };
|
||||||
Description = "Sort E-Mails";
|
|
||||||
};
|
|
||||||
|
|
||||||
Service = {
|
Service = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ExecStart="/bin/sh ${sort-mail-script}/bin/sort-mail";
|
ExecStart = "/bin/sh ${sort-mail-script}/bin/sort-mail";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
timers.sort-mail = { Timer = { OnCalendar = "minutely"; }; };
|
||||||
timers.sort-mail = {
|
|
||||||
Timer = {
|
|
||||||
OnCalendar = "minutely";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
let
|
let
|
||||||
path = https://github.com/rycee/home-manager/archive/release-17.09.tar.gz;
|
path = "https://github.com/rycee/home-manager/archive/release-17.09.tar.gz";
|
||||||
home-manager = (import ../../home-manager {
|
home-manager = (import ../../home-manager {
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
inherit path;
|
inherit path;
|
||||||
|
@ -8,13 +8,11 @@ let
|
||||||
in {
|
in {
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.update-hm = {
|
services.update-hm = {
|
||||||
Unit = {
|
Unit = { Description = "Update home-manager"; };
|
||||||
Description = "Update home-manager";
|
|
||||||
};
|
|
||||||
|
|
||||||
Service = {
|
Service = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ExecStart="${home-manager}/bin/home-manager switch";
|
ExecStart = "${home-manager}/bin/home-manager switch";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
timers.update-hm = {
|
timers.update-hm = {
|
||||||
|
|
|
@ -1,34 +1,29 @@
|
||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, lib, config, ... }:
|
||||||
let
|
let colors = config.common.colors;
|
||||||
colors = config.common.colors;
|
|
||||||
in {
|
in {
|
||||||
home = {
|
home = { packages = with pkgs; [ rxvt_unicode-with-plugins ]; };
|
||||||
packages = with pkgs; [
|
|
||||||
rxvt_unicode-with-plugins
|
|
||||||
];
|
|
||||||
};
|
|
||||||
xresources.properties = {
|
xresources.properties = {
|
||||||
"*transparent" = true;
|
"*transparent" = true;
|
||||||
"*tintColor" = colors.background;
|
"*tintColor" = colors.background;
|
||||||
"*scrollBar" = false;
|
"*scrollBar" = false;
|
||||||
"*urgentOnBell" = true;
|
"*urgentOnBell" = true;
|
||||||
"*background" = colors.background;
|
"*background" = colors.background;
|
||||||
"*foreground" = colors.foreground;
|
"*foreground" = colors.foreground;
|
||||||
"*color0" = colors.black;
|
"*color0" = colors.black;
|
||||||
"*color8" = colors.brightBlack;
|
"*color8" = colors.brightBlack;
|
||||||
"*color1" = colors.red;
|
"*color1" = colors.red;
|
||||||
"*color9" = colors.brightRed;
|
"*color9" = colors.brightRed;
|
||||||
"*color2" = colors.green;
|
"*color2" = colors.green;
|
||||||
"*color10" = colors.brightGreen;
|
"*color10" = colors.brightGreen;
|
||||||
"*color3" = colors.yellow;
|
"*color3" = colors.yellow;
|
||||||
"*color11" = colors.brightYellow;
|
"*color11" = colors.brightYellow;
|
||||||
"*color4" = colors.blue;
|
"*color4" = colors.blue;
|
||||||
"*color12" = colors.brightBlue;
|
"*color12" = colors.brightBlue;
|
||||||
"*color5" = colors.magenta;
|
"*color5" = colors.magenta;
|
||||||
"*color13" = colors.brightMagenta;
|
"*color13" = colors.brightMagenta;
|
||||||
"*color6" = colors.cyan;
|
"*color6" = colors.cyan;
|
||||||
"*color14" = colors.brightCyan;
|
"*color14" = colors.brightCyan;
|
||||||
"*color7" = colors.white;
|
"*color7" = colors.white;
|
||||||
"*color15" = colors.brightWhite;
|
"*color15" = colors.brightWhite;
|
||||||
"*boldFont" = "";
|
"*boldFont" = "";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,18 +1,21 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{ pkgs, config, lib, ... }:
|
||||||
let
|
let
|
||||||
inherit (import ../common/lib.nix) writeHaskellScript get-niv-path gcRetentionDays;
|
inherit (import ../common/lib.nix)
|
||||||
|
writeHaskellScript get-niv-path gcRetentionDays;
|
||||||
inherit (import ./lib.nix) update-home;
|
inherit (import ./lib.nix) update-home;
|
||||||
configPath = "/home/${config.home.username}/git/nixos/config";
|
configPath = "/home/${config.home.username}/git/nixos/config";
|
||||||
home-maintenance = writeHaskellScript
|
home-maintenance = writeHaskellScript {
|
||||||
{ name = "home-maintenance"; imports = [ ]; bins = [ (update-home configPath) pkgs.nix pkgs.git];} ''
|
name = "home-maintenance";
|
||||||
|
imports = [ ];
|
||||||
|
bins = [ (update-home configPath) pkgs.nix pkgs.git ];
|
||||||
|
} ''
|
||||||
main = do
|
main = do
|
||||||
git "-C" "${configPath}" "pull"
|
git "-C" "${configPath}" "pull"
|
||||||
update_home
|
update_home
|
||||||
nix_collect_garbage "--delete-older-than" "${toString gcRetentionDays}d"
|
nix_collect_garbage "--delete-older-than" "${toString gcRetentionDays}d"
|
||||||
nix "optimise-store"
|
nix "optimise-store"
|
||||||
'';
|
'';
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
home = {
|
home = {
|
||||||
packages = builtins.attrValues {
|
packages = builtins.attrValues {
|
||||||
inherit home-maintenance get-niv-path;
|
inherit home-maintenance get-niv-path;
|
||||||
|
|
|
@ -1,26 +1,18 @@
|
||||||
{ config, lib, pkgs , ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
let
|
let inherit (import ../common/pkgs.nix) eventd;
|
||||||
inherit (import ../common/pkgs.nix) eventd;
|
in {
|
||||||
in
|
|
||||||
{
|
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.update_tasks = {
|
services.update_tasks = {
|
||||||
Unit = {
|
Unit = { Description = "Update taskwarrior tasks"; };
|
||||||
Description = "Update taskwarrior tasks";
|
|
||||||
};
|
|
||||||
Service = {
|
Service = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
Environment="PATH=${pkgs.taskwarrior}/bin:${eventd}/bin";
|
Environment = "PATH=${pkgs.taskwarrior}/bin:${eventd}/bin";
|
||||||
ExecStart= "${config.home.homeDirectory}/.cargo/bin/update_tasks";
|
ExecStart = "${config.home.homeDirectory}/.cargo/bin/update_tasks";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
timers.update_tasks = {
|
timers.update_tasks = {
|
||||||
Timer = {
|
Timer = { OnCalendar = "hourly"; };
|
||||||
OnCalendar = "hourly";
|
Install = { WantedBy = [ "timers.target" ]; };
|
||||||
};
|
|
||||||
Install = {
|
|
||||||
WantedBy = [ "timers.target" ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,20 +1,20 @@
|
||||||
{pkgs, ... }: {
|
{ pkgs, ... }: {
|
||||||
|
|
||||||
programs = {
|
programs = {
|
||||||
zsh = {
|
zsh = {
|
||||||
enable = true;
|
|
||||||
enableAutosuggestions = true;
|
|
||||||
enableCompletion = true;
|
|
||||||
history = {
|
|
||||||
save = 100000;
|
|
||||||
size = 100000;
|
|
||||||
};
|
|
||||||
initExtra = builtins.readFile ./zshrc;
|
|
||||||
oh-my-zsh = {
|
|
||||||
enable = true;
|
enable = true;
|
||||||
plugins = [ "colored-man-pages" "git-prompt" ];
|
enableAutosuggestions = true;
|
||||||
|
enableCompletion = true;
|
||||||
|
history = {
|
||||||
|
save = 100000;
|
||||||
|
size = 100000;
|
||||||
|
};
|
||||||
|
initExtra = builtins.readFile ./zshrc;
|
||||||
|
oh-my-zsh = {
|
||||||
|
enable = true;
|
||||||
|
plugins = [ "colored-man-pages" "git-prompt" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,116 +8,115 @@ let
|
||||||
nixos-hardware = (import ../../nix/sources.nix).nixos-hardware;
|
nixos-hardware = (import ../../nix/sources.nix).nixos-hardware;
|
||||||
in {
|
in {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
"${nixos-hardware}/lenovo/thinkpad"
|
"${nixos-hardware}/lenovo/thinkpad"
|
||||||
"${nixos-hardware}/common/pc/ssd"
|
"${nixos-hardware}/common/pc/ssd"
|
||||||
"${(builtins.fetchGit "ssh://git@git.darmstadt.ccc.de/cdark.net/nixdark")}"
|
"${(builtins.fetchGit "ssh://git@git.darmstadt.ccc.de/cdark.net/nixdark")}"
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
../../system
|
../../system
|
||||||
../../system/fonts.nix
|
../../system/fonts.nix
|
||||||
../../system/standalone.nix
|
../../system/standalone.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "apollo";
|
hostName = "apollo";
|
||||||
firewall.allowedTCPPorts = [ 8888 ];
|
firewall.allowedTCPPorts = [ 8888 ];
|
||||||
firewall.allowedUDPPorts = [ 30000 ];
|
firewall.allowedUDPPorts = [ 30000 ];
|
||||||
wireguard.interfaces = {
|
wireguard.interfaces = {
|
||||||
m0wire = {
|
m0wire = {
|
||||||
allowedIPsAsRoutes = false;
|
allowedIPsAsRoutes = false;
|
||||||
ips = [ "${hosts.apollo-wg}/112" ];
|
ips = [ "${hosts.apollo-wg}/112" ];
|
||||||
privateKeyFile = "/etc/nixos/hosts/apollo/secret/wireguard-private";
|
privateKeyFile = "/etc/nixos/hosts/apollo/secret/wireguard-private";
|
||||||
peers = [
|
peers = [{
|
||||||
{
|
|
||||||
publicKey = wireguard.pub.hera;
|
publicKey = wireguard.pub.hera;
|
||||||
allowedIPs = [ "::/0" ];
|
allowedIPs = [ "::/0" ];
|
||||||
endpoint = "${hosts.hera-v4}:${builtins.toString wireguard.port}";
|
endpoint = "${hosts.hera-v4}:${builtins.toString wireguard.port}";
|
||||||
presharedKeyFile = "/etc/nixos/common/secret/wireguard-psk";
|
presharedKeyFile = "/etc/nixos/common/secret/wireguard-psk";
|
||||||
persistentKeepalive = 25;
|
persistentKeepalive = 25;
|
||||||
}
|
}];
|
||||||
];
|
postSetup =
|
||||||
postSetup = [ "${pkgs.iproute}/bin/ip route add ${prefix}::/64 dev m0wire" ];
|
[ "${pkgs.iproute}/bin/ip route add ${prefix}::/64 dev m0wire" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
m-0 = {
|
m-0 = { laptop.enable = true; };
|
||||||
laptop.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
#let
|
#let
|
||||||
#secretsFile = "/var/lib/luks-secret/key";
|
#secretsFile = "/var/lib/luks-secret/key";
|
||||||
#secretsInitrd = "/boot/grub/secrets-initrd.gz";
|
#secretsInitrd = "/boot/grub/secrets-initrd.gz";
|
||||||
#in
|
#in
|
||||||
#{
|
#{
|
||||||
#imports = [
|
#imports = [
|
||||||
|
|
||||||
#({lib, config, ...}: lib.mkIf (builtins.pathExists secretsFile) {
|
#({lib, config, ...}: lib.mkIf (builtins.pathExists secretsFile) {
|
||||||
#boot.initrd.luks.devices."root" = {
|
#boot.initrd.luks.devices."root" = {
|
||||||
#fallbackToPassword = true;
|
#fallbackToPassword = true;
|
||||||
#keyFile = secretsFile;
|
#keyFile = secretsFile;
|
||||||
#};
|
#};
|
||||||
## copy the secret into the additional initramfs. `null` means same path
|
## copy the secret into the additional initramfs. `null` means same path
|
||||||
#boot.initrd.secrets."${secretsFile}" = null;
|
#boot.initrd.secrets."${secretsFile}" = null;
|
||||||
#})
|
#})
|
||||||
|
|
||||||
#({lib, config, ...}: lib.mkIf (config.boot.loader.grub.enable && config.boot.initrd.secrets != {}) {
|
#({lib, config, ...}: lib.mkIf (config.boot.loader.grub.enable && config.boot.initrd.secrets != {}) {
|
||||||
#boot.loader = {
|
#boot.loader = {
|
||||||
#supportsInitrdSecrets = lib.mkForce true;
|
#supportsInitrdSecrets = lib.mkForce true;
|
||||||
#grub.extraInitrd = secretsInitrd;
|
#grub.extraInitrd = secretsInitrd;
|
||||||
#grub.extraPrepareConfig = ''
|
#grub.extraPrepareConfig = ''
|
||||||
#${config.system.build.initialRamdiskSecretAppender}/bin/append-initrd-secrets ${secretsInitrd}
|
#${config.system.build.initialRamdiskSecretAppender}/bin/append-initrd-secrets ${secretsInitrd}
|
||||||
#'';
|
#'';
|
||||||
#};
|
#};
|
||||||
#})
|
#})
|
||||||
#];
|
#];
|
||||||
#}
|
#}
|
||||||
|
|
||||||
|
# Use the systemd-boot EFI boot loader.
|
||||||
# Use the systemd-boot EFI boot loader.
|
boot = {
|
||||||
boot = {
|
loader = {
|
||||||
loader = {
|
|
||||||
efi = {
|
efi = {
|
||||||
canTouchEfiVariables = true;
|
canTouchEfiVariables = true;
|
||||||
efiSysMountPoint = "/boot/EFI";
|
efiSysMountPoint = "/boot/EFI";
|
||||||
};
|
};
|
||||||
grub = {
|
grub = {
|
||||||
enable = true;
|
enable = true;
|
||||||
version = 2;
|
version = 2;
|
||||||
device = "nodev";
|
device = "nodev";
|
||||||
efiSupport = true;
|
efiSupport = true;
|
||||||
enableCryptodisk = true;
|
enableCryptodisk = true;
|
||||||
gfxmodeEfi = "1024x768";
|
gfxmodeEfi = "1024x768";
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
supportedFilesystems = [ "exfat" ];
|
supportedFilesystems = [ "exfat" ];
|
||||||
};
|
|
||||||
|
|
||||||
services = {
|
|
||||||
prometheus.exporters.node.firewallFilter = "-i m0wire -p tcp -m tcp --dport 9100";
|
|
||||||
autorandr.enable = true;
|
|
||||||
borgbackup.jobs.data = {
|
|
||||||
doInit = false;
|
|
||||||
startAt = [];
|
|
||||||
exclude = [
|
|
||||||
"/home/${me.user}/data/aktuell/media"
|
|
||||||
"/home/${me.user}/data/.stversions"
|
|
||||||
];
|
|
||||||
encryption.mode = "none";
|
|
||||||
paths = "/home/${me.user}/data";
|
|
||||||
repo = "borg@borg:.";
|
|
||||||
compression = "zstd,5";
|
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
cdark_net = {
|
services = {
|
||||||
enable = true;
|
prometheus.exporters.node.firewallFilter =
|
||||||
hostName = "${me.user}_${config.networking.hostName}";
|
"-i m0wire -p tcp -m tcp --dport 9100";
|
||||||
ed25519PrivateKeyFile = /etc/nixos/hosts + "/${config.networking.hostName}" + /secret/tinc/ed25519_key.priv;
|
autorandr.enable = true;
|
||||||
hostsDirectory = (builtins.fetchGit "ssh://git@git.darmstadt.ccc.de/cdark.net/hosts");
|
borgbackup.jobs.data = {
|
||||||
ip6address = "fd23:42:cda:4342::2";
|
doInit = false;
|
||||||
ip4address = "172.20.71.2";
|
startAt = [ ];
|
||||||
};
|
exclude = [
|
||||||
|
"/home/${me.user}/data/aktuell/media"
|
||||||
|
"/home/${me.user}/data/.stversions"
|
||||||
|
];
|
||||||
|
encryption.mode = "none";
|
||||||
|
paths = "/home/${me.user}/data";
|
||||||
|
repo = "borg@borg:.";
|
||||||
|
compression = "zstd,5";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
cdark_net = {
|
||||||
|
enable = true;
|
||||||
|
hostName = "${me.user}_${config.networking.hostName}";
|
||||||
|
ed25519PrivateKeyFile = /etc/nixos/hosts + "/${config.networking.hostName}"
|
||||||
|
+ /secret/tinc/ed25519_key.priv;
|
||||||
|
hostsDirectory =
|
||||||
|
(builtins.fetchGit "ssh://git@git.darmstadt.ccc.de/cdark.net/hosts");
|
||||||
|
ip6address = "fd23:42:cda:4342::2";
|
||||||
|
ip4address = "172.20.71.2";
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,29 +4,28 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
|
||||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
boot.initrd.availableKernelModules =
|
||||||
|
[ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" = {
|
||||||
{ device = "/dev/disk/by-uuid/ce5b0ac6-6eaf-45a6-b6c8-bd4958caf335";
|
device = "/dev/disk/by-uuid/ce5b0ac6-6eaf-45a6-b6c8-bd4958caf335";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.initrd.luks.devices."nixos".device = "/dev/disk/by-uuid/78acaebe-952a-43b1-acc8-66c35a60577e";
|
boot.initrd.luks.devices."nixos".device =
|
||||||
|
"/dev/disk/by-uuid/78acaebe-952a-43b1-acc8-66c35a60577e";
|
||||||
|
|
||||||
fileSystems."/boot/EFI" =
|
fileSystems."/boot/EFI" = {
|
||||||
{ device = "/dev/disk/by-uuid/C4A6-3DB5";
|
device = "/dev/disk/by-uuid/C4A6-3DB5";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices =
|
swapDevices =
|
||||||
[ { device = "/dev/disk/by-uuid/b80468d0-d834-419f-8985-c6fa2274909e"; }
|
[{ device = "/dev/disk/by-uuid/b80468d0-d834-419f-8985-c6fa2274909e"; }];
|
||||||
];
|
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 8;
|
nix.maxJobs = lib.mkDefault 8;
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||||
|
|
|
@ -1,40 +1,41 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, config, ... }: {
|
||||||
{
|
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
../../home-manager
|
../../home-manager
|
||||||
../../home-manager/on-my-machine.nix
|
../../home-manager/on-my-machine.nix
|
||||||
../../home-manager/battery.nix
|
../../home-manager/battery.nix
|
||||||
../../home-manager/update_tasks.nix
|
../../home-manager/update_tasks.nix
|
||||||
../../home-manager/desktop
|
../../home-manager/desktop
|
||||||
];
|
];
|
||||||
|
|
||||||
home.packages = builtins.attrValues (import ../../common/pkgs.nix).laptop-home-pkgs;
|
home.packages =
|
||||||
|
builtins.attrValues (import ../../common/pkgs.nix).laptop-home-pkgs;
|
||||||
|
|
||||||
m-0 = {
|
m-0 = {
|
||||||
hostName = "apollo";
|
hostName = "apollo";
|
||||||
latex.enable = true;
|
latex.enable = true;
|
||||||
accounting = {
|
accounting = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = builtins.readFile secret/jaliconfig.py;
|
config = builtins.readFile secret/jaliconfig.py;
|
||||||
|
};
|
||||||
|
rustdev.enable = true;
|
||||||
|
taskwarrior = {
|
||||||
|
enable = true;
|
||||||
|
git_active = true;
|
||||||
|
};
|
||||||
|
pythia.enable = true;
|
||||||
|
unlocker = [{
|
||||||
|
name = "hera";
|
||||||
|
hostName = "hera-v4";
|
||||||
|
pubKey =
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCHkqWlFLtmIlTSKahr2PcL++K75YgfsSU6jwVYW5df3JCkowu/M16SIBxABxYSQrKej5uIz/OFCjqSxHJQ8D5wSYBvn2gYr/BbBcz4rfIJmZ55Od2jckaqlj/M8TtkuPPhsQG7S730vXxK5hbMT8iW5WWv8sIKY/WtaRbZOFMX/53WCLEHtnMu5zFJFWf92+mjIHSLyW8ggl1m525RUiaAfCge2vnuzIFq4kUqJxaWzxIvEWIncKWN10K/HMvdI+yOtbSen41uKedwSFhUFs3xHy1mJddYOrlcJQPt5zuuffZ/nTDVXMZoh5QNwg8ZlkkueVChaS1Y5STjb7cem1Mt";
|
||||||
|
passPath = "eu/m-0/hera/disk";
|
||||||
|
}];
|
||||||
|
mail = {
|
||||||
|
enable = true;
|
||||||
|
accounts = config.m-0.private.mail_accounts;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
rustdev.enable = true;
|
|
||||||
taskwarrior = {
|
|
||||||
enable = true;
|
|
||||||
git_active = true;
|
|
||||||
};
|
|
||||||
pythia.enable = true;
|
|
||||||
unlocker = [ {
|
|
||||||
name = "hera";
|
|
||||||
hostName = "hera-v4";
|
|
||||||
pubKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCHkqWlFLtmIlTSKahr2PcL++K75YgfsSU6jwVYW5df3JCkowu/M16SIBxABxYSQrKej5uIz/OFCjqSxHJQ8D5wSYBvn2gYr/BbBcz4rfIJmZ55Od2jckaqlj/M8TtkuPPhsQG7S730vXxK5hbMT8iW5WWv8sIKY/WtaRbZOFMX/53WCLEHtnMu5zFJFWf92+mjIHSLyW8ggl1m525RUiaAfCge2vnuzIFq4kUqJxaWzxIvEWIncKWN10K/HMvdI+yOtbSen41uKedwSFhUFs3xHy1mJddYOrlcJQPt5zuuffZ/nTDVXMZoh5QNwg8ZlkkueVChaS1Y5STjb7cem1Mt";
|
|
||||||
passPath = "eu/m-0/hera/disk";
|
|
||||||
} ];
|
|
||||||
mail = {
|
|
||||||
enable = true;
|
|
||||||
accounts = config.m-0.private.mail_accounts;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
home.file.".ncmpcpp/config".text = ''
|
home.file.".ncmpcpp/config".text = ''
|
||||||
ask_before_clearing_playlists=no
|
ask_before_clearing_playlists=no
|
||||||
|
@ -46,9 +47,7 @@ m-0 = {
|
||||||
user_interface = alternative
|
user_interface = alternative
|
||||||
'';
|
'';
|
||||||
programs = {
|
programs = {
|
||||||
firefox = {
|
firefox = { enable = true; };
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
git = {
|
git = {
|
||||||
signing = {
|
signing = {
|
||||||
signByDefault = true;
|
signByDefault = true;
|
||||||
|
@ -65,74 +64,80 @@ m-0 = {
|
||||||
network-manager-applet.enable = true;
|
network-manager-applet.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.autorandr = {
|
programs.autorandr = {
|
||||||
enable = true;
|
enable = true;
|
||||||
hooks = {
|
hooks = {
|
||||||
postswitch = {
|
postswitch = {
|
||||||
"restart-i3" = "${pkgs.i3}/bin/i3-msg restart";
|
"restart-i3" = "${pkgs.i3}/bin/i3-msg restart";
|
||||||
"update-background" = "${pkgs.systemd}/bin/systemctl --user restart random-background.service";
|
"update-background" =
|
||||||
};
|
"${pkgs.systemd}/bin/systemctl --user restart random-background.service";
|
||||||
};
|
|
||||||
profiles = {
|
|
||||||
"home" = {
|
|
||||||
fingerprint = {
|
|
||||||
"DP-2-2" = "00ffffffffffff00046997244a2e00001615010380351e782a6045a6564a9c25125054bf6f00714f814081809500b300d1c081c08100023a801871382d40582c4500132b2100001e000000ff0042364c4d54463031313835300a000000fd00324b1e5011000a202020202020000000fc00415355532056573234380a20200052";
|
|
||||||
"eDP-1" = "00ffffffffffff0006af362300000000001b0104a51f117802f4f5a4544d9c270f505400000001010101010101010101010101010101e65f00a0a0a040503020350035ae100000180000000f0000000000000000000000000020000000fe0041554f0a202020202020202020000000fe004231343051414e30322e33200a00b2";
|
|
||||||
"DP-2-1" = "00ffffffffffff0005b70000570500000a120103082a1a782ae5b5a355499927135054bfef809500950f8140718f01010101010101019a29a0d05184223050983600a4001100001c000000ff003030313336370a202020202020000000fd00374b1e500e000a202020202020000000fc0058313931305744530a2020202000bf";
|
|
||||||
};
|
|
||||||
config = {
|
|
||||||
eDP-1 = {
|
|
||||||
enable = true;
|
|
||||||
primary = true;
|
|
||||||
position = "0x0";
|
|
||||||
mode = "2560x1440";
|
|
||||||
};
|
|
||||||
DP-2-2 = {
|
|
||||||
enable = true;
|
|
||||||
position = "4000x0";
|
|
||||||
mode = "1920x1080";
|
|
||||||
};
|
|
||||||
DP-2-1 = {
|
|
||||||
enable = true;
|
|
||||||
position = "2560x0";
|
|
||||||
mode = "1440x900";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"work" = {
|
profiles = {
|
||||||
fingerprint = {
|
"home" = {
|
||||||
"DP-2" = "00ffffffffffff0009d1ce7845540000101a01030e351e782e6b35a455559f270c5054a56b80d1c081c081008180a9c0b30001010101023a801871382d40582c4500132b2100001e000000ff005334473034343238534c300a20000000fd00324c1e5315000a202020202020000000fc0042656e5120474c323436300a2000e2";
|
fingerprint = {
|
||||||
"eDP-1" = "00ffffffffffff0006af362300000000001b0104a51f117802f4f5a4544d9c270f505400000001010101010101010101010101010101e65f00a0a0a040503020350035ae100000180000000f0000000000000000000000000020000000fe0041554f0a202020202020202020000000fe004231343051414e30322e33200a00b2";
|
"DP-2-2" =
|
||||||
};
|
"00ffffffffffff00046997244a2e00001615010380351e782a6045a6564a9c25125054bf6f00714f814081809500b300d1c081c08100023a801871382d40582c4500132b2100001e000000ff0042364c4d54463031313835300a000000fd00324b1e5011000a202020202020000000fc00415355532056573234380a20200052";
|
||||||
config = {
|
"eDP-1" =
|
||||||
eDP-1 = {
|
"00ffffffffffff0006af362300000000001b0104a51f117802f4f5a4544d9c270f505400000001010101010101010101010101010101e65f00a0a0a040503020350035ae100000180000000f0000000000000000000000000020000000fe0041554f0a202020202020202020000000fe004231343051414e30322e33200a00b2";
|
||||||
enable = true;
|
"DP-2-1" =
|
||||||
primary = true;
|
"00ffffffffffff0005b70000570500000a120103082a1a782ae5b5a355499927135054bfef809500950f8140718f01010101010101019a29a0d05184223050983600a4001100001c000000ff003030313336370a202020202020000000fd00374b1e500e000a202020202020000000fc0058313931305744530a2020202000bf";
|
||||||
position = "0x0";
|
|
||||||
mode = "2560x1440";
|
|
||||||
};
|
};
|
||||||
DP-2 = {
|
config = {
|
||||||
enable = true;
|
eDP-1 = {
|
||||||
position = "2560x0";
|
enable = true;
|
||||||
mode = "1920x1080";
|
primary = true;
|
||||||
|
position = "0x0";
|
||||||
|
mode = "2560x1440";
|
||||||
|
};
|
||||||
|
DP-2-2 = {
|
||||||
|
enable = true;
|
||||||
|
position = "4000x0";
|
||||||
|
mode = "1920x1080";
|
||||||
|
};
|
||||||
|
DP-2-1 = {
|
||||||
|
enable = true;
|
||||||
|
position = "2560x0";
|
||||||
|
mode = "1440x900";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
"work" = {
|
||||||
"default" = {
|
fingerprint = {
|
||||||
fingerprint = {
|
"DP-2" =
|
||||||
"eDP-1" = "00ffffffffffff0006af362300000000001b0104a51f117802f4f5a4544d9c270f505400000001010101010101010101010101010101e65f00a0a0a040503020350035ae100000180000000f0000000000000000000000000020000000fe0041554f0a202020202020202020000000fe004231343051414e30322e33200a00b2";
|
"00ffffffffffff0009d1ce7845540000101a01030e351e782e6b35a455559f270c5054a56b80d1c081c081008180a9c0b30001010101023a801871382d40582c4500132b2100001e000000ff005334473034343238534c300a20000000fd00324c1e5315000a202020202020000000fc0042656e5120474c323436300a2000e2";
|
||||||
|
"eDP-1" =
|
||||||
|
"00ffffffffffff0006af362300000000001b0104a51f117802f4f5a4544d9c270f505400000001010101010101010101010101010101e65f00a0a0a040503020350035ae100000180000000f0000000000000000000000000020000000fe0041554f0a202020202020202020000000fe004231343051414e30322e33200a00b2";
|
||||||
|
};
|
||||||
|
config = {
|
||||||
|
eDP-1 = {
|
||||||
|
enable = true;
|
||||||
|
primary = true;
|
||||||
|
position = "0x0";
|
||||||
|
mode = "2560x1440";
|
||||||
|
};
|
||||||
|
DP-2 = {
|
||||||
|
enable = true;
|
||||||
|
position = "2560x0";
|
||||||
|
mode = "1920x1080";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
config = {
|
"default" = {
|
||||||
eDP-1 = {
|
fingerprint = {
|
||||||
enable = true;
|
"eDP-1" =
|
||||||
primary = true;
|
"00ffffffffffff0006af362300000000001b0104a51f117802f4f5a4544d9c270f505400000001010101010101010101010101010101e65f00a0a0a040503020350035ae100000180000000f0000000000000000000000000020000000fe0041554f0a202020202020202020000000fe004231343051414e30322e33200a00b2";
|
||||||
position = "0x0";
|
};
|
||||||
mode = "2560x1440";
|
config = {
|
||||||
|
eDP-1 = {
|
||||||
|
enable = true;
|
||||||
|
primary = true;
|
||||||
|
position = "0x0";
|
||||||
|
mode = "2560x1440";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
|
@ -1,18 +1,17 @@
|
||||||
{config, lib, ...}:
|
{ config, lib, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let me = config.m-0.private.me;
|
||||||
me = config.m-0.private.me;
|
|
||||||
in {
|
in {
|
||||||
|
|
||||||
boot.kernel.sysctl = { "fs.inotify.max_user_watches" = 204800; };
|
boot.kernel.sysctl = { "fs.inotify.max_user_watches" = 204800; };
|
||||||
services = mkIf config.m-0.standalone.enable {
|
services = mkIf config.m-0.standalone.enable {
|
||||||
syncthing = {
|
syncthing = {
|
||||||
dataDir = "/home/${me.user}/.config/syncthing";
|
dataDir = "/home/${me.user}/.config/syncthing";
|
||||||
enable = true;
|
enable = true;
|
||||||
group = "users";
|
group = "users";
|
||||||
user = me.user;
|
user = me.user;
|
||||||
openDefaultPorts = true;
|
openDefaultPorts = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,80 +1,76 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, config, ... }: {
|
||||||
{
|
imports = [ ../../home-manager ../../home-manager/on-foreign-machine.nix ];
|
||||||
imports = [
|
|
||||||
../../home-manager
|
|
||||||
../../home-manager/on-foreign-machine.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
systemd.user.systemctlPath = "/usr/bin/systemctl";
|
systemd.user.systemctlPath = "/usr/bin/systemctl";
|
||||||
|
|
||||||
|
m-0 = {
|
||||||
m-0 = {
|
hostName = "fb04217";
|
||||||
hostName = "fb04217";
|
#latex.enable = true;
|
||||||
#latex.enable = true;
|
#taskwarrior = {
|
||||||
#taskwarrior = {
|
# enable = true;
|
||||||
# enable = true;
|
# git_active = true;
|
||||||
# git_active = true;
|
#};
|
||||||
#};
|
#update_tasks.enable = true;
|
||||||
#update_tasks.enable = true;
|
#eventd.enable = true;
|
||||||
#eventd.enable = true;
|
#pythia.enable = true;
|
||||||
#pythia.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
home = {
|
|
||||||
username = "brandy";
|
|
||||||
homeDirectory = "/home/brandy";
|
|
||||||
language = {
|
|
||||||
base = "C.UTF-8";
|
|
||||||
address = "C.UTF-8";
|
|
||||||
monetary = "C.UTF-8";
|
|
||||||
paper = "C.UTF-8";
|
|
||||||
time = "C.UTF-8";
|
|
||||||
};
|
};
|
||||||
sessionVariables = {
|
|
||||||
LANGUAGE="en_US";
|
home = {
|
||||||
LC_CTYPE="C.UTF-8";
|
username = "brandy";
|
||||||
LC_NUMERIC="C.UTF-8";
|
homeDirectory = "/home/brandy";
|
||||||
LC_COLLATE="C.UTF-8";
|
language = {
|
||||||
LC_MESSAGES="C.UTF-8";
|
base = "C.UTF-8";
|
||||||
LC_NAME="C.UTF-8";
|
address = "C.UTF-8";
|
||||||
LC_TELEPHONE="C.UTF-8";
|
monetary = "C.UTF-8";
|
||||||
LC_MEASUREMENT="C.UTF-8";
|
paper = "C.UTF-8";
|
||||||
LC_IDENTIFICATION="C.UTF-8";
|
time = "C.UTF-8";
|
||||||
};
|
};
|
||||||
forceCopies.paths = [ "bin/proot" "bin/with-nix" "bin/run-in-nix" ".bashrc" ".zshrc" ];
|
sessionVariables = {
|
||||||
file = {
|
LANGUAGE = "en_US";
|
||||||
".bashrc".text = ''
|
LC_CTYPE = "C.UTF-8";
|
||||||
[ -z "$PS1" ] && return
|
LC_NUMERIC = "C.UTF-8";
|
||||||
unset __HM_SESS_VARS_SOURCED
|
LC_COLLATE = "C.UTF-8";
|
||||||
if [[ -z "$NIX_PATH" ]]
|
LC_MESSAGES = "C.UTF-8";
|
||||||
then
|
LC_NAME = "C.UTF-8";
|
||||||
exec ~/bin/with-nix zsh
|
LC_TELEPHONE = "C.UTF-8";
|
||||||
else
|
LC_MEASUREMENT = "C.UTF-8";
|
||||||
exec zsh
|
LC_IDENTIFICATION = "C.UTF-8";
|
||||||
fi
|
};
|
||||||
'';
|
forceCopies.paths =
|
||||||
"bin" = {
|
[ "bin/proot" "bin/with-nix" "bin/run-in-nix" ".bashrc" ".zshrc" ];
|
||||||
source = ./bootstrap-bin;
|
file = {
|
||||||
recursive = true;
|
".bashrc".text = ''
|
||||||
|
[ -z "$PS1" ] && return
|
||||||
|
unset __HM_SESS_VARS_SOURCED
|
||||||
|
if [[ -z "$NIX_PATH" ]]
|
||||||
|
then
|
||||||
|
exec ~/bin/with-nix zsh
|
||||||
|
else
|
||||||
|
exec zsh
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
"bin" = {
|
||||||
|
source = ./bootstrap-bin;
|
||||||
|
recursive = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
packages = [
|
packages = [
|
||||||
(pkgs.writeShellScriptBin "maintenance" ''
|
(pkgs.writeShellScriptBin "maintenance" ''
|
||||||
set -e
|
set -e
|
||||||
cd ~/git/nixos/nixpkgs
|
cd ~/git/nixos/nixpkgs
|
||||||
git checkout nixos-local
|
git checkout nixos-local
|
||||||
git pull --no-edit upstream nixos-19.03
|
git pull --no-edit upstream nixos-19.03
|
||||||
git pull --no-edit origin nixos-maralorn
|
git pull --no-edit origin nixos-maralorn
|
||||||
cd ~/git/nixos/home-manager
|
cd ~/git/nixos/home-manager
|
||||||
git checkout home-manager-local
|
git checkout home-manager-local
|
||||||
git pull --no-edit upstream release-19.03
|
git pull --no-edit upstream release-19.03
|
||||||
git pull --no-edit origin home-manager-maralorn
|
git pull --no-edit origin home-manager-maralorn
|
||||||
home-manager switch
|
home-manager switch
|
||||||
nix-collect-garbage --delete-older-than 5d
|
nix-collect-garbage --delete-older-than 5d
|
||||||
nix-store --optimise
|
nix-store --optimise
|
||||||
'')
|
'')
|
||||||
] ++ ((import ../../common/pkgs.nix).);
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,12 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }: {
|
||||||
{
|
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.nix-gc = {
|
services.nix-gc = {
|
||||||
Unit = {
|
Unit = { Description = "Collect garbage"; };
|
||||||
Description = "Collect garbage";
|
|
||||||
};
|
|
||||||
|
|
||||||
Service = {
|
Service = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ExecStart="${pkgs.nix}/bin/nix-collect-garbage --delete-older-than 5d";
|
ExecStart =
|
||||||
|
"${pkgs.nix}/bin/nix-collect-garbage --delete-older-than 5d";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
timers.nix-gc = {
|
timers.nix-gc = {
|
||||||
|
|
|
@ -1,14 +1,11 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }: {
|
||||||
{
|
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.nix-update = {
|
services.nix-update = {
|
||||||
Unit = {
|
Unit = { Description = "Update nix-channel"; };
|
||||||
Description = "Update nix-channel";
|
|
||||||
};
|
|
||||||
|
|
||||||
Service = {
|
Service = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ExecStart="${pkgs.nix}/bin/nix-channel --update";
|
ExecStart = "${pkgs.nix}/bin/nix-channel --update";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
timers.nix-update = {
|
timers.nix-update = {
|
||||||
|
|
|
@ -1,18 +1,18 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }: {
|
||||||
{
|
|
||||||
systemd.user = {
|
systemd.user = {
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
Unit = {
|
Unit = {
|
||||||
Description = "Syncthing";
|
Description = "Syncthing";
|
||||||
ConditionHost = "fb04217";
|
ConditionHost = "fb04217";
|
||||||
Wants= "syncthing-inotify.service";
|
Wants = "syncthing-inotify.service";
|
||||||
};
|
};
|
||||||
|
|
||||||
Service = {
|
Service = {
|
||||||
ExecStart="${pkgs.syncthing}/bin/syncthing -no-browser -no-restart -logflags=0";
|
ExecStart =
|
||||||
Restart="on-failure";
|
"${pkgs.syncthing}/bin/syncthing -no-browser -no-restart -logflags=0";
|
||||||
SuccessExitStatus="3 4";
|
Restart = "on-failure";
|
||||||
RestartForceExitStatus="3 4";
|
SuccessExitStatus = "3 4";
|
||||||
|
RestartForceExitStatus = "3 4";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,33 +1,30 @@
|
||||||
{ ... }:
|
{ ... }: {
|
||||||
{
|
|
||||||
|
|
||||||
m-0.server.initSSHKey = ./secret/boot_rsa;
|
m-0.server.initSSHKey = ./secret/boot_rsa;
|
||||||
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
# Use the systemd-boot EFI boot loader.
|
||||||
boot = {
|
boot = {
|
||||||
loader = {
|
loader = {
|
||||||
grub = {
|
grub = {
|
||||||
enable = true;
|
enable = true;
|
||||||
version = 2;
|
version = 2;
|
||||||
device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
|
device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
supportedFilesystems = [ "exfat" ];
|
||||||
|
kernelParams = [ "ip=213.136.94.190::213.136.94.1:255.255.255.0:hera" ];
|
||||||
|
initrd = {
|
||||||
|
postMountCommands = ''
|
||||||
|
ip address flush dev eth0
|
||||||
|
ip link set eth0 down
|
||||||
|
'';
|
||||||
|
luks.devices = [{
|
||||||
|
name = "root";
|
||||||
|
device = "/dev/disk/by-uuid/536fe284-36f2-425c-b0c5-a737280f9470";
|
||||||
|
preLVM = true;
|
||||||
|
allowDiscards = true;
|
||||||
|
}];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
supportedFilesystems = [ "exfat" ];
|
|
||||||
kernelParams = [ "ip=213.136.94.190::213.136.94.1:255.255.255.0:hera" ];
|
|
||||||
initrd = {
|
|
||||||
postMountCommands = ''
|
|
||||||
ip address flush dev eth0
|
|
||||||
ip link set eth0 down
|
|
||||||
'';
|
|
||||||
luks.devices = [
|
|
||||||
{
|
|
||||||
name = "root";
|
|
||||||
device = "/dev/disk/by-uuid/536fe284-36f2-425c-b0c5-a737280f9470";
|
|
||||||
preLVM = true;
|
|
||||||
allowDiscards = true;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,20 +1,25 @@
|
||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
let
|
let me = config.m-0.private.me;
|
||||||
me = config.m-0.private.me;
|
|
||||||
in {
|
in {
|
||||||
containers.borg = {
|
containers.borg = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
privateNetwork = true;
|
privateNetwork = true;
|
||||||
hostBridge = "bridge";
|
hostBridge = "bridge";
|
||||||
config = { pkgs, ... }: {
|
config = { pkgs, ... }: {
|
||||||
imports = [../../system];
|
imports = [ ../../system ];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
interfaces.eth0 = {
|
interfaces.eth0 = {
|
||||||
ipv6.addresses = [{ address = config.m-0.hosts.borg; prefixLength = 112; }];
|
ipv6.addresses = [{
|
||||||
|
address = config.m-0.hosts.borg;
|
||||||
|
prefixLength = 112;
|
||||||
|
}];
|
||||||
};
|
};
|
||||||
inherit (config.networking) nameservers;
|
inherit (config.networking) nameservers;
|
||||||
defaultGateway6 = { address = config.m-0.hosts.hera-intern; interface = "eth0"; };
|
defaultGateway6 = {
|
||||||
|
address = config.m-0.hosts.hera-intern;
|
||||||
|
interface = "eth0";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
|
|
|
@ -3,25 +3,34 @@ with lib;
|
||||||
let
|
let
|
||||||
inherit (config.m-0.private) me cloud;
|
inherit (config.m-0.private) me cloud;
|
||||||
inherit (config.m-0) hosts;
|
inherit (config.m-0) hosts;
|
||||||
nextcloud-container = { v6, v4, hostname , news-updater ? false}: {
|
nextcloud-container = { v6, v4, hostname, news-updater ? false }: {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
privateNetwork = true;
|
privateNetwork = true;
|
||||||
hostBridge = "bridge";
|
hostBridge = "bridge";
|
||||||
config = { pkgs, ... }: {
|
config = { pkgs, ... }: {
|
||||||
disabledModules = [ "services/web-apps/nextcloud.nix" ];
|
disabledModules = [ "services/web-apps/nextcloud.nix" ];
|
||||||
imports = [
|
imports = [ ../../system ./nextcloud.nix ];
|
||||||
../../system
|
|
||||||
./nextcloud.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
interfaces.eth0 = {
|
interfaces.eth0 = {
|
||||||
ipv6.addresses = [{ address = v6; prefixLength = 112; }];
|
ipv6.addresses = [{
|
||||||
ipv4.addresses = [{ address = v4; prefixLength = 24; }];
|
address = v6;
|
||||||
|
prefixLength = 112;
|
||||||
|
}];
|
||||||
|
ipv4.addresses = [{
|
||||||
|
address = v4;
|
||||||
|
prefixLength = 24;
|
||||||
|
}];
|
||||||
};
|
};
|
||||||
inherit (config.networking) nameservers;
|
inherit (config.networking) nameservers;
|
||||||
defaultGateway6 = { address = hosts.hera-intern; interface = "eth0"; };
|
defaultGateway6 = {
|
||||||
defaultGateway = { address = hosts.hera-intern-v4; interface = "eth0"; };
|
address = hosts.hera-intern;
|
||||||
|
interface = "eth0";
|
||||||
|
};
|
||||||
|
defaultGateway = {
|
||||||
|
address = hosts.hera-intern-v4;
|
||||||
|
interface = "eth0";
|
||||||
|
};
|
||||||
firewall.allowedTCPPorts = [ 80 443 ];
|
firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -58,9 +67,7 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
redis = {
|
redis = { enable = true; };
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
postgresql = {
|
postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -71,10 +78,10 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
systemd = {
|
systemd = {
|
||||||
services ={
|
services = {
|
||||||
"nextcloud-setup"= {
|
"nextcloud-setup" = {
|
||||||
requires = ["postgresql.service"];
|
requires = [ "postgresql.service" ];
|
||||||
after = ["postgresql.service"];
|
after = [ "postgresql.service" ];
|
||||||
};
|
};
|
||||||
"nextcloud-news-updater" = mkIf news-updater {
|
"nextcloud-news-updater" = mkIf news-updater {
|
||||||
startAt = "20:00";
|
startAt = "20:00";
|
||||||
|
@ -82,15 +89,15 @@ let
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
User = "nextcloud";
|
User = "nextcloud";
|
||||||
ExecStart = let
|
ExecStart = let
|
||||||
config = pkgs.writeText "updater.ini" (generators.toINI {} {
|
config = pkgs.writeText "updater.ini" (generators.toINI { } {
|
||||||
updater = {
|
updater = {
|
||||||
user = cloud.adminuser;
|
user = cloud.adminuser;
|
||||||
password = cloud.adminpass;
|
password = cloud.adminpass;
|
||||||
url = "https://${hostname}/";
|
url = "https://${hostname}/";
|
||||||
mode = "singlerun";
|
mode = "singlerun";
|
||||||
};});
|
};
|
||||||
in
|
});
|
||||||
"${pkgs.nextcloud-news-updater}/bin/nextcloud-news-updater -c ${config}";
|
in "${pkgs.nextcloud-news-updater}/bin/nextcloud-news-updater -c ${config}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -100,10 +107,22 @@ let
|
||||||
|
|
||||||
in {
|
in {
|
||||||
m-0.monitoring = [
|
m-0.monitoring = [
|
||||||
{ name = "mathechor-cloud"; host = "mathechor-cloud:9100"; }
|
{
|
||||||
{ name = "mathechor-cloud-nginx"; host = "mathechor-cloud:9113"; }
|
name = "mathechor-cloud";
|
||||||
{ name = "cloud"; host = "cloud:9100"; }
|
host = "mathechor-cloud:9100";
|
||||||
{ name = "cloud-nginx"; host = "cloud:9113"; }
|
}
|
||||||
|
{
|
||||||
|
name = "mathechor-cloud-nginx";
|
||||||
|
host = "mathechor-cloud:9113";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "cloud";
|
||||||
|
host = "cloud:9100";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "cloud-nginx";
|
||||||
|
host = "cloud:9113";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
containers = {
|
containers = {
|
||||||
chor-cloud = nextcloud-container {
|
chor-cloud = nextcloud-container {
|
||||||
|
|
|
@ -3,57 +3,56 @@
|
||||||
# You need pw-files for every configured user in ./secret/pw-useralias for login to work.
|
# You need pw-files for every configured user in ./secret/pw-useralias for login to work.
|
||||||
# dropbearkey -t rsa -f /etc/nixos/hosts/<hostname>/secret/boot_rsa
|
# dropbearkey -t rsa -f /etc/nixos/hosts/<hostname>/secret/boot_rsa
|
||||||
|
|
||||||
let
|
let inherit (config.m-0.private) me;
|
||||||
inherit (config.m-0.private) me;
|
|
||||||
in {
|
in {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
../../system
|
../../system
|
||||||
../../system/test-timer.nix
|
../../system/test-timer.nix
|
||||||
../../system/standalone.nix
|
../../system/standalone.nix
|
||||||
../../system/server.nix
|
../../system/server.nix
|
||||||
../../system/git.nix
|
../../system/git.nix
|
||||||
./borg.nix
|
./borg.nix
|
||||||
./mail.nix
|
./mail.nix
|
||||||
./boot.nix
|
./boot.nix
|
||||||
./cloud.nix
|
./cloud.nix
|
||||||
./web.nix
|
./web.nix
|
||||||
./monitoring.nix
|
./monitoring.nix
|
||||||
./network.nix
|
./network.nix
|
||||||
./matrix.nix
|
./matrix.nix
|
||||||
./secret
|
./secret
|
||||||
];
|
];
|
||||||
|
|
||||||
nix.sshServe = {
|
nix.sshServe = {
|
||||||
enable = true;
|
enable = true;
|
||||||
keys = me.keys;
|
keys = me.keys;
|
||||||
protocol = "ssh-ng";
|
protocol = "ssh-ng";
|
||||||
};
|
|
||||||
|
|
||||||
services = {
|
|
||||||
borgbackup.jobs.data = {
|
|
||||||
doInit = false;
|
|
||||||
encryption.mode = "none";
|
|
||||||
paths = "/home/${me.user}/data";
|
|
||||||
repo = "borg@borg:.";
|
|
||||||
compression = "zstd,5";
|
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
users.users.choreutes = {
|
services = {
|
||||||
linger = true;
|
borgbackup.jobs.data = {
|
||||||
description = "choreutes";
|
doInit = false;
|
||||||
isNormalUser = true;
|
encryption.mode = "none";
|
||||||
uid = 1001;
|
paths = "/home/${me.user}/data";
|
||||||
extraGroups = [ "wheel" "systemd-journal" ];
|
repo = "borg@borg:.";
|
||||||
passwordFile = "/etc/nixos/hosts/hera/secret/pw-choreutes";
|
compression = "zstd,5";
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# This value determines the NixOS release with which your system is to be
|
users.users.choreutes = {
|
||||||
# compatible, in order to avoid breaking some software such as database
|
linger = true;
|
||||||
# servers. You should change this only after NixOS release notes say you
|
description = "choreutes";
|
||||||
# should.
|
isNormalUser = true;
|
||||||
system.stateVersion = "18.03"; # Did you read the comment?
|
uid = 1001;
|
||||||
|
extraGroups = [ "wheel" "systemd-journal" ];
|
||||||
|
passwordFile = "/etc/nixos/hosts/hera/secret/pw-choreutes";
|
||||||
|
};
|
||||||
|
|
||||||
|
# This value determines the NixOS release with which your system is to be
|
||||||
|
# compatible, in order to avoid breaking some software such as database
|
||||||
|
# servers. You should change this only after NixOS release notes say you
|
||||||
|
# should.
|
||||||
|
system.stateVersion = "18.03"; # Did you read the comment?
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,27 +4,25 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
|
||||||
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
|
boot.initrd.availableKernelModules =
|
||||||
|
[ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
|
||||||
boot.kernelModules = [ ];
|
boot.kernelModules = [ ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" = {
|
||||||
{ device = "/dev/disk/by-uuid/8e92387a-6785-4b3c-bcdb-a4a423675173";
|
device = "/dev/disk/by-uuid/8e92387a-6785-4b3c-bcdb-a4a423675173";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" =
|
fileSystems."/boot" = {
|
||||||
{ device = "/dev/disk/by-uuid/3D8A-20F0";
|
device = "/dev/disk/by-uuid/3D8A-20F0";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices =
|
swapDevices =
|
||||||
[ { device = "/dev/disk/by-uuid/1e651bde-94b5-4fe2-9e6a-7af916d80057"; }
|
[{ device = "/dev/disk/by-uuid/1e651bde-94b5-4fe2-9e6a-7af916d80057"; }];
|
||||||
];
|
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 4;
|
nix.maxJobs = lib.mkDefault 4;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,28 +1,24 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, config, ... }: {
|
||||||
{
|
|
||||||
|
|
||||||
imports = [
|
imports =
|
||||||
../../home-manager
|
[ ../../home-manager ../../home-manager/on-my-machine.nix ./secret ];
|
||||||
../../home-manager/on-my-machine.nix
|
|
||||||
./secret
|
|
||||||
];
|
|
||||||
|
|
||||||
m-0 = {
|
m-0 = {
|
||||||
hostName = "hera";
|
hostName = "hera";
|
||||||
taskwarrior.enable = false;
|
taskwarrior.enable = false;
|
||||||
bugwarrior.enable = false;
|
bugwarrior.enable = false;
|
||||||
rustdev.enable = false;
|
rustdev.enable = false;
|
||||||
eventd.enable = false;
|
eventd.enable = false;
|
||||||
mail = {
|
mail = {
|
||||||
enable = true;
|
enable = true;
|
||||||
accounts = config.m-0.private.mail_accounts;
|
accounts = config.m-0.private.mail_accounts;
|
||||||
|
};
|
||||||
|
weechat = {
|
||||||
|
enable = true;
|
||||||
|
user = config.m-0.private.hackint.user;
|
||||||
|
pw = config.m-0.private.hackint.hackint_pw;
|
||||||
|
channels = config.m-0.private.hackint.channels;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
weechat = {
|
|
||||||
enable = true;
|
|
||||||
user = config.m-0.private.hackint.user;
|
|
||||||
pw = config.m-0.private.hackint.hackint_pw;
|
|
||||||
channels = config.m-0.private.hackint.channels;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,91 +2,97 @@
|
||||||
let
|
let
|
||||||
certPath = "/var/lib/acme/hera.m-0.eu";
|
certPath = "/var/lib/acme/hera.m-0.eu";
|
||||||
inherit (config.services.prometheus.exporters.node) firewallFilter;
|
inherit (config.services.prometheus.exporters.node) firewallFilter;
|
||||||
in
|
in {
|
||||||
{
|
networking.firewall = {
|
||||||
networking.firewall = {
|
allowedTCPPorts = [ 25 143 587 993 ];
|
||||||
allowedTCPPorts = [ 25 143 587 993 ];
|
extraCommands = ''
|
||||||
extraCommands = ''
|
ip6tables -A nixos-fw -s ${config.m-0.prefix}::/64 -p tcp -m tcp --dport 9101 -j nixos-fw-accept
|
||||||
ip6tables -A nixos-fw -s ${config.m-0.prefix}::/64 -p tcp -m tcp --dport 9101 -j nixos-fw-accept
|
ip6tables -A nixos-fw -s ${config.m-0.prefix}::/64 -p tcp -m tcp --dport 9154 -j nixos-fw-accept
|
||||||
ip6tables -A nixos-fw -s ${config.m-0.prefix}::/64 -p tcp -m tcp --dport 9154 -j nixos-fw-accept
|
ip6tables -A nixos-fw -s ${config.m-0.prefix}::/64 -p tcp -m tcp --dport 9166 -j nixos-fw-accept
|
||||||
ip6tables -A nixos-fw -s ${config.m-0.prefix}::/64 -p tcp -m tcp --dport 9166 -j nixos-fw-accept
|
iptables -A nixos-fw -s 10.0.0.0/24 -p tcp -m tcp --dport 8842 -j nixos-fw-accept
|
||||||
iptables -A nixos-fw -s 10.0.0.0/24 -p tcp -m tcp --dport 8842 -j nixos-fw-accept
|
'';
|
||||||
'';
|
};
|
||||||
};
|
|
||||||
|
|
||||||
m-0.monitoring = [
|
m-0.monitoring = [
|
||||||
{ name = "mail-server"; host = "hera-intern:9101"; }
|
{
|
||||||
{ name = "postfix"; host = "hera-intern:9154"; }
|
name = "mail-server";
|
||||||
{ name = "dovecot"; host = "hera-intern:9166"; }
|
host = "hera-intern:9101";
|
||||||
];
|
}
|
||||||
|
{
|
||||||
|
name = "postfix";
|
||||||
|
host = "hera-intern:9154";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "dovecot";
|
||||||
|
host = "hera-intern:9166";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
containers.mail = {
|
containers.mail = {
|
||||||
bindMounts = { "${certPath}" = { hostPath = certPath; }; };
|
bindMounts = { "${certPath}" = { hostPath = certPath; }; };
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
config = { pkgs, lib, ... }: {
|
config = { pkgs, lib, ... }: {
|
||||||
imports = [
|
imports =
|
||||||
../../system
|
[ ../../system "${(import ../../nix/sources.nix).nixos-mailserver}" ];
|
||||||
"${(import ../../nix/sources.nix).nixos-mailserver}"
|
services.prometheus.exporters = {
|
||||||
];
|
node.port = 9101;
|
||||||
services.prometheus.exporters = {
|
postfix = {
|
||||||
node.port = 9101;
|
enable = true;
|
||||||
postfix = {
|
openFirewall = true;
|
||||||
enable = true;
|
inherit firewallFilter;
|
||||||
openFirewall = true;
|
systemd.enable = true;
|
||||||
inherit firewallFilter;
|
};
|
||||||
systemd.enable = true;
|
dovecot = {
|
||||||
};
|
enable = true;
|
||||||
dovecot = {
|
openFirewall = true;
|
||||||
enable = true;
|
inherit firewallFilter;
|
||||||
openFirewall = true;
|
|
||||||
inherit firewallFilter;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
systemd.services = {
|
|
||||||
atomail = {
|
|
||||||
script =
|
|
||||||
let
|
|
||||||
atomail = pkgs.fetchFromGitHub {
|
|
||||||
owner = "remko";
|
|
||||||
repo = "atomail";
|
|
||||||
rev = "f079966cb808f51fcc67be91b609942cdb49898a";
|
|
||||||
sha256 = "0a4j4xajn2yysgcb17jmb6ak148kk0kwf7khml7dbnh7807fv9b6";
|
|
||||||
};
|
|
||||||
in ''
|
|
||||||
${pkgs.python}/bin/python ${atomail}/atomail.py --title "Readlater-E-Mails" --uri="http://hera-intern-v4:8842/rss.xml" /var/www/rss.xml --mode=maildir --file "/var/vmail/maralorn.de/malte.brandy/.Move.readlater/" --max-items=100
|
|
||||||
${pkgs.rsync}/bin/rsync -a /var/vmail/maralorn.de/malte.brandy/.Move.readlater/cur/ /var/vmail/maralorn.de/malte.brandy/.Archiv.unsortiert/cur --remove-source-files
|
|
||||||
'';
|
|
||||||
startAt = "19:58:00";
|
|
||||||
serviceConfig.Type = "oneshot";
|
|
||||||
};
|
|
||||||
rss-server = {
|
|
||||||
preStart = "mkdir -p /var/www";
|
|
||||||
serviceConfig = {
|
|
||||||
WorkingDirectory = "/var/www";
|
|
||||||
ExecStart = "${pkgs.python3}/bin/python -m http.server 8842";
|
|
||||||
};
|
};
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
};
|
};
|
||||||
};
|
systemd.services = {
|
||||||
services.postfix.networks = [ "[${config.m-0.prefix}::]/64" "10.0.0.0/24" ];
|
atomail = {
|
||||||
mailserver = {
|
script = let
|
||||||
enable = true;
|
atomail = pkgs.fetchFromGitHub {
|
||||||
enableImapSsl = true;
|
owner = "remko";
|
||||||
fqdn = "hera.m-0.eu";
|
repo = "atomail";
|
||||||
domains = [ "m-0.eu" "maralorn.de" "choreutes.de" "mathechor.de" ];
|
rev = "f079966cb808f51fcc67be91b609942cdb49898a";
|
||||||
loginAccounts = config.m-0.private.mailUsers;
|
sha256 = "0a4j4xajn2yysgcb17jmb6ak148kk0kwf7khml7dbnh7807fv9b6";
|
||||||
hierarchySeparator = "/";
|
};
|
||||||
certificateScheme = 1;
|
in ''
|
||||||
certificateFile = "${certPath}/fullchain.pem";
|
${pkgs.python}/bin/python ${atomail}/atomail.py --title "Readlater-E-Mails" --uri="http://hera-intern-v4:8842/rss.xml" /var/www/rss.xml --mode=maildir --file "/var/vmail/maralorn.de/malte.brandy/.Move.readlater/" --max-items=100
|
||||||
keyFile = "${certPath}/key.pem";
|
${pkgs.rsync}/bin/rsync -a /var/vmail/maralorn.de/malte.brandy/.Move.readlater/cur/ /var/vmail/maralorn.de/malte.brandy/.Archiv.unsortiert/cur --remove-source-files
|
||||||
extraVirtualAliases = config.m-0.private.lists;
|
'';
|
||||||
policydSPFExtraConfig = ''
|
startAt = "19:58:00";
|
||||||
Mail_From_reject = False
|
serviceConfig.Type = "oneshot";
|
||||||
HELO_Whitelist = hosteurope.de
|
};
|
||||||
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1,130.83.0.0/16
|
rss-server = {
|
||||||
'';
|
preStart = "mkdir -p /var/www";
|
||||||
|
serviceConfig = {
|
||||||
|
WorkingDirectory = "/var/www";
|
||||||
|
ExecStart = "${pkgs.python3}/bin/python -m http.server 8842";
|
||||||
|
};
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.postfix.networks =
|
||||||
|
[ "[${config.m-0.prefix}::]/64" "10.0.0.0/24" ];
|
||||||
|
mailserver = {
|
||||||
|
enable = true;
|
||||||
|
enableImapSsl = true;
|
||||||
|
fqdn = "hera.m-0.eu";
|
||||||
|
domains = [ "m-0.eu" "maralorn.de" "choreutes.de" "mathechor.de" ];
|
||||||
|
loginAccounts = config.m-0.private.mailUsers;
|
||||||
|
hierarchySeparator = "/";
|
||||||
|
certificateScheme = 1;
|
||||||
|
certificateFile = "${certPath}/fullchain.pem";
|
||||||
|
keyFile = "${certPath}/key.pem";
|
||||||
|
extraVirtualAliases = config.m-0.private.lists;
|
||||||
|
policydSPFExtraConfig = ''
|
||||||
|
Mail_From_reject = False
|
||||||
|
HELO_Whitelist = hosteurope.de
|
||||||
|
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1,130.83.0.0/16
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,171 +3,202 @@ let
|
||||||
hostName = "matrix.maralorn.de";
|
hostName = "matrix.maralorn.de";
|
||||||
inherit (config.m-0) hosts;
|
inherit (config.m-0) hosts;
|
||||||
inherit (../../common/lib.nix) unstable;
|
inherit (../../common/lib.nix) unstable;
|
||||||
in
|
in {
|
||||||
{
|
networking.firewall.allowedTCPPorts = [ 3478 8448 ];
|
||||||
networking.firewall.allowedTCPPorts = [ 3478 8448 ];
|
|
||||||
|
|
||||||
m-0.monitoring = [
|
m-0.monitoring = [
|
||||||
{ name = "matrix"; host = "matrix:9100"; }
|
{
|
||||||
{ name = "matrix-nginx"; host = "matrix:9113"; }
|
name = "matrix";
|
||||||
];
|
host = "matrix:9100";
|
||||||
|
}
|
||||||
services.coturn = {
|
{
|
||||||
enable = true;
|
name = "matrix-nginx";
|
||||||
pkey = "/var/lib/acme/hera.m-0.eu/key.pem";
|
host = "matrix:9113";
|
||||||
cert = "/var/lib/acme/hera.m-0.eu/fullchain.pem";
|
}
|
||||||
no-tcp = true;
|
|
||||||
static-auth-secret = config.m-0.private.turn_secret;
|
|
||||||
realm = "maralorn.de";
|
|
||||||
use-auth-secret = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
containers.matrix = {
|
|
||||||
autoStart = true;
|
|
||||||
privateNetwork = true;
|
|
||||||
hostBridge = "bridge";
|
|
||||||
config = { pkgs, lib, ... }: {
|
|
||||||
imports = [
|
|
||||||
../../system
|
|
||||||
];
|
];
|
||||||
networking = {
|
|
||||||
interfaces.eth0 = {
|
services.coturn = {
|
||||||
ipv6.addresses = [{ address = hosts.matrix; prefixLength = 112; }];
|
enable = true;
|
||||||
ipv4.addresses = [{ address = hosts.matrix-intern-v4; prefixLength = 24; }];
|
pkey = "/var/lib/acme/hera.m-0.eu/key.pem";
|
||||||
|
cert = "/var/lib/acme/hera.m-0.eu/fullchain.pem";
|
||||||
|
no-tcp = true;
|
||||||
|
static-auth-secret = config.m-0.private.turn_secret;
|
||||||
|
realm = "maralorn.de";
|
||||||
|
use-auth-secret = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
containers.matrix = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostBridge = "bridge";
|
||||||
|
config = { pkgs, lib, ... }: {
|
||||||
|
imports = [ ../../system ];
|
||||||
|
networking = {
|
||||||
|
interfaces.eth0 = {
|
||||||
|
ipv6.addresses = [{
|
||||||
|
address = hosts.matrix;
|
||||||
|
prefixLength = 112;
|
||||||
|
}];
|
||||||
|
ipv4.addresses = [{
|
||||||
|
address = hosts.matrix-intern-v4;
|
||||||
|
prefixLength = 24;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
inherit (config.networking) nameservers;
|
||||||
|
defaultGateway6 = {
|
||||||
|
address = hosts.hera-intern;
|
||||||
|
interface = "eth0";
|
||||||
|
};
|
||||||
|
defaultGateway = {
|
||||||
|
address = hosts.hera-intern-v4;
|
||||||
|
interface = "eth0";
|
||||||
|
};
|
||||||
|
firewall.allowedTCPPorts = [ 80 443 8448 ];
|
||||||
};
|
};
|
||||||
inherit (config.networking) nameservers;
|
m-0.riot = {
|
||||||
defaultGateway6 = { address = hosts.hera-intern; interface = "eth0"; };
|
|
||||||
defaultGateway = { address = hosts.hera-intern-v4; interface = "eth0"; };
|
|
||||||
firewall.allowedTCPPorts = [ 80 443 8448 ];
|
|
||||||
};
|
|
||||||
m-0.riot = {
|
|
||||||
enable = true;
|
|
||||||
hostname = "riot.maralorn.de";
|
|
||||||
config = {
|
|
||||||
default_hs_url = "https://matrix.maralorn.de";
|
|
||||||
default_is_url = "https://vector.im";
|
|
||||||
integrations_ui_url = "";
|
|
||||||
integrations_rest_url = "";
|
|
||||||
integrations_widgets_urls = [];
|
|
||||||
bug_report_endpoint_url = "https://riot.im/bugreports/submit";
|
|
||||||
welcomeUserId = "@riot-bot:matrix.org";
|
|
||||||
piwik = false;
|
|
||||||
features = {
|
|
||||||
feature_lazyloading = "enable";
|
|
||||||
feature_room_breadcrumbs = "enable";
|
|
||||||
};
|
|
||||||
roomDirectory = {
|
|
||||||
servers = [ "matrix.org" "maralorn.de" ];
|
|
||||||
};
|
|
||||||
branding = {
|
|
||||||
welcomeBackgroundUrl = "https://cloud.maralorn.de/apps/theming/image/background";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
services = {
|
|
||||||
nginx = {
|
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts."${hostName}" = {
|
hostname = "riot.maralorn.de";
|
||||||
forceSSL = true;
|
config = {
|
||||||
enableACME = true;
|
default_hs_url = "https://matrix.maralorn.de";
|
||||||
locations = {
|
default_is_url = "https://vector.im";
|
||||||
"/" = {
|
integrations_ui_url = "";
|
||||||
proxyPass = "http://[::1]:8008";
|
integrations_rest_url = "";
|
||||||
extraConfig = ''
|
integrations_widgets_urls = [ ];
|
||||||
proxy_http_version 1.1;
|
bug_report_endpoint_url = "https://riot.im/bugreports/submit";
|
||||||
proxy_set_header X-Forwarded-For $remote_addr;
|
welcomeUserId = "@riot-bot:matrix.org";
|
||||||
'';
|
piwik = false;
|
||||||
};
|
features = {
|
||||||
|
feature_lazyloading = "enable";
|
||||||
|
feature_room_breadcrumbs = "enable";
|
||||||
|
};
|
||||||
|
roomDirectory = { servers = [ "matrix.org" "maralorn.de" ]; };
|
||||||
|
branding = {
|
||||||
|
welcomeBackgroundUrl =
|
||||||
|
"https://cloud.maralorn.de/apps/theming/image/background";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
services = {
|
||||||
# Postgres
|
nginx = {
|
||||||
postgresql = {
|
enable = true;
|
||||||
enable = true;
|
virtualHosts."${hostName}" = {
|
||||||
};
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
# Synapse
|
locations = {
|
||||||
matrix-synapse = {
|
"/" = {
|
||||||
enable = true;
|
proxyPass = "http://[::1]:8008";
|
||||||
enable_metrics = true;
|
extraConfig = ''
|
||||||
server_name = "maralorn.de";
|
proxy_http_version 1.1;
|
||||||
public_baseurl = "https://${hostName}";
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||||||
url_preview_enabled = true;
|
'';
|
||||||
database_type = "psycopg2";
|
};
|
||||||
max_upload_size = "30M";
|
};
|
||||||
create_local_database = false;
|
};
|
||||||
dynamic_thumbnails = true;
|
};
|
||||||
macaroon_secret_key = config.m-0.private.macaroon_secret;
|
|
||||||
turn_uris = [ "turn:hera.m-0.eu:3478?transport=udp" ];
|
# Postgres
|
||||||
turn_shared_secret = config.m-0.private.turn_secret;
|
postgresql = { enable = true; };
|
||||||
turn_user_lifetime = "5h";
|
|
||||||
allow_guest_access = true;
|
# Synapse
|
||||||
logConfig = ''
|
matrix-synapse = {
|
||||||
version: 1
|
enable = true;
|
||||||
|
enable_metrics = true;
|
||||||
formatters:
|
server_name = "maralorn.de";
|
||||||
journal_fmt:
|
public_baseurl = "https://${hostName}";
|
||||||
format: '%(name)s: [%(request)s] %(message)s'
|
url_preview_enabled = true;
|
||||||
|
database_type = "psycopg2";
|
||||||
filters:
|
max_upload_size = "30M";
|
||||||
context:
|
create_local_database = false;
|
||||||
(): synapse.util.logcontext.LoggingContextFilter
|
dynamic_thumbnails = true;
|
||||||
request: ""
|
macaroon_secret_key = config.m-0.private.macaroon_secret;
|
||||||
|
turn_uris = [ "turn:hera.m-0.eu:3478?transport=udp" ];
|
||||||
handlers:
|
turn_shared_secret = config.m-0.private.turn_secret;
|
||||||
journal:
|
turn_user_lifetime = "5h";
|
||||||
class: systemd.journal.JournalHandler
|
allow_guest_access = true;
|
||||||
formatter: journal_fmt
|
logConfig = ''
|
||||||
filters: [context]
|
version: 1
|
||||||
SYSLOG_IDENTIFIER: synapse
|
|
||||||
|
formatters:
|
||||||
disable_existing_loggers: True
|
journal_fmt:
|
||||||
|
format: '%(name)s: [%(request)s] %(message)s'
|
||||||
loggers:
|
|
||||||
synapse:
|
filters:
|
||||||
level: WARN
|
context:
|
||||||
synapse.storage.SQL:
|
(): synapse.util.logcontext.LoggingContextFilter
|
||||||
level: WARN
|
request: ""
|
||||||
|
|
||||||
root:
|
handlers:
|
||||||
level: WARN
|
journal:
|
||||||
handlers: [journal]
|
class: systemd.journal.JournalHandler
|
||||||
'';
|
formatter: journal_fmt
|
||||||
database_args = {
|
filters: [context]
|
||||||
user = "matrix-synapse";
|
SYSLOG_IDENTIFIER: synapse
|
||||||
database = "matrix-synapse";
|
|
||||||
cp_min = 5;
|
disable_existing_loggers: True
|
||||||
cp_max = 10;
|
|
||||||
|
loggers:
|
||||||
|
synapse:
|
||||||
|
level: WARN
|
||||||
|
synapse.storage.SQL:
|
||||||
|
level: WARN
|
||||||
|
|
||||||
|
root:
|
||||||
|
level: WARN
|
||||||
|
handlers: [journal]
|
||||||
|
'';
|
||||||
|
database_args = {
|
||||||
|
user = "matrix-synapse";
|
||||||
|
database = "matrix-synapse";
|
||||||
|
cp_min = 5;
|
||||||
|
cp_max = 10;
|
||||||
|
};
|
||||||
|
report_stats = true;
|
||||||
|
tls_certificate_path = "/var/lib/acme/${hostName}/fullchain.pem";
|
||||||
|
tls_private_key_path = "/var/lib/acme/${hostName}/key.pem";
|
||||||
|
listeners = [
|
||||||
|
{
|
||||||
|
port = 8448;
|
||||||
|
bind_address = "::";
|
||||||
|
resources = [
|
||||||
|
{
|
||||||
|
compress = true;
|
||||||
|
names = [ "client" ];
|
||||||
|
}
|
||||||
|
{
|
||||||
|
compress = false;
|
||||||
|
names = [ "federation" ];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
x_forwarded = false;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
port = 8008;
|
||||||
|
bind_address = "::1";
|
||||||
|
resources = [
|
||||||
|
{
|
||||||
|
compress = false;
|
||||||
|
names = [ "client" ];
|
||||||
|
}
|
||||||
|
{
|
||||||
|
compress = false;
|
||||||
|
names = [ "federation" ];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
x_forwarded = true;
|
||||||
|
tls = false;
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
report_stats = true;
|
|
||||||
tls_certificate_path = "/var/lib/acme/${hostName}/fullchain.pem";
|
|
||||||
tls_private_key_path = "/var/lib/acme/${hostName}/key.pem";
|
|
||||||
listeners = [
|
|
||||||
{
|
|
||||||
port = 8448;
|
|
||||||
bind_address = "::";
|
|
||||||
resources = [ { compress = true; names = [ "client" ]; } { compress = false; names = [ "federation" ]; } ];
|
|
||||||
x_forwarded = false;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
port = 8008;
|
|
||||||
bind_address = "::1";
|
|
||||||
resources = [ { compress = false; names = [ "client" ]; } { compress = false; names = [ "federation" ]; } ];
|
|
||||||
x_forwarded = true;
|
|
||||||
tls = false;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
};
|
security.acme.certs = {
|
||||||
security.acme.certs = {
|
"${hostName}" = {
|
||||||
"${hostName}" = {
|
group = "matrix-synapse";
|
||||||
group = "matrix-synapse";
|
allowKeysForGroup = true;
|
||||||
allowKeysForGroup = true;
|
postRun =
|
||||||
postRun = "systemctl reload nginx.service; systemctl restart matrix-synapse.service";
|
"systemctl reload nginx.service; systemctl restart matrix-synapse.service";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,38 +1,51 @@
|
||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
let
|
let inherit (config.m-0) hosts;
|
||||||
inherit (config.m-0) hosts;
|
in {
|
||||||
in
|
services.prometheus.exporters.node = {
|
||||||
{
|
firewallFilter = "! -i ens18 -p tcp -m tcp --dport 9100";
|
||||||
services.prometheus.exporters.node = {
|
};
|
||||||
firewallFilter = "! -i ens18 -p tcp -m tcp --dport 9100";
|
m-0.monitoring = [
|
||||||
};
|
{
|
||||||
m-0.monitoring = [
|
name = "hera";
|
||||||
{ name = "hera"; host = "hera-intern:9100"; }
|
host = "hera-intern:9100";
|
||||||
{ name = "monitoring-container"; host = "localhost:9100"; }
|
}
|
||||||
];
|
{
|
||||||
|
name = "monitoring-container";
|
||||||
|
host = "localhost:9100";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
containers.monitoring = {
|
containers.monitoring = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
privateNetwork = true;
|
privateNetwork = true;
|
||||||
hostBridge = "bridge";
|
hostBridge = "bridge";
|
||||||
config = { pkgs, lib, ... }: {
|
config = { pkgs, lib, ... }: {
|
||||||
imports = [
|
imports = [ ../../system ];
|
||||||
../../system
|
networking = {
|
||||||
];
|
interfaces.eth0 = {
|
||||||
networking = {
|
ipv6.addresses = [{
|
||||||
interfaces.eth0 = {
|
address = hosts.monitoring;
|
||||||
ipv6.addresses = [{ address = hosts.monitoring; prefixLength = 112; }];
|
prefixLength = 112;
|
||||||
ipv4.addresses = [{ address = hosts.monitoring-intern-v4; prefixLength = 24; }];
|
}];
|
||||||
|
ipv4.addresses = [{
|
||||||
|
address = hosts.monitoring-intern-v4;
|
||||||
|
prefixLength = 24;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
inherit (config.networking) nameservers;
|
||||||
|
defaultGateway6 = {
|
||||||
|
address = hosts.hera-intern;
|
||||||
|
interface = "eth0";
|
||||||
|
};
|
||||||
|
defaultGateway = {
|
||||||
|
address = hosts.hera-intern-v4;
|
||||||
|
interface = "eth0";
|
||||||
|
};
|
||||||
|
firewall.allowedTCPPorts = [ 9090 9093 ];
|
||||||
};
|
};
|
||||||
inherit (config.networking) nameservers;
|
services.prometheus = {
|
||||||
defaultGateway6 = { address = hosts.hera-intern; interface = "eth0"; };
|
enable = true;
|
||||||
defaultGateway = { address = hosts.hera-intern-v4; interface = "eth0"; };
|
rules = [''
|
||||||
firewall.allowedTCPPorts = [ 9090 9093 ];
|
|
||||||
};
|
|
||||||
services.prometheus = {
|
|
||||||
enable = true;
|
|
||||||
rules = [
|
|
||||||
''
|
|
||||||
ALERT node_down
|
ALERT node_down
|
||||||
IF (up{name!="apollo"} == 0)
|
IF (up{name!="apollo"} == 0)
|
||||||
FOR 5m
|
FOR 5m
|
||||||
|
@ -123,51 +136,44 @@ containers.monitoring = {
|
||||||
summary="{{$labels.alias}}: Running out of swap soon.",
|
summary="{{$labels.alias}}: Running out of swap soon.",
|
||||||
description="{{$labels.alias}} is using 80% of its swap space for at least 10 minutes now."
|
description="{{$labels.alias}} is using 80% of its swap space for at least 10 minutes now."
|
||||||
}
|
}
|
||||||
''
|
''];
|
||||||
];
|
scrapeConfigs = [{
|
||||||
scrapeConfigs = [
|
|
||||||
{
|
|
||||||
job_name = "nodes";
|
job_name = "nodes";
|
||||||
static_configs = map (entry: {
|
static_configs = map (entry: {
|
||||||
targets = [ entry.host ];
|
targets = [ entry.host ];
|
||||||
labels = {"name" = entry.name; };
|
labels = { "name" = entry.name; };
|
||||||
}) config.m-0.monitoring;
|
}) config.m-0.monitoring;
|
||||||
}
|
}];
|
||||||
];
|
alertmanagerURL = [ "http://localhost:9093" ];
|
||||||
alertmanagerURL = [ "http://localhost:9093" ];
|
alertmanager = {
|
||||||
alertmanager = {
|
enable = true;
|
||||||
enable = true;
|
listenAddress = "0.0.0.0";
|
||||||
listenAddress = "0.0.0.0";
|
configuration = {
|
||||||
configuration = {
|
"global" = {
|
||||||
"global" = {
|
"smtp_smarthost" = "hera.m-0.eu:587";
|
||||||
"smtp_smarthost" = "hera.m-0.eu:587";
|
"smtp_from" = "alertmanager@m-0.eu";
|
||||||
"smtp_from" = "alertmanager@m-0.eu";
|
"smtp_auth_username" = "alertmanager@m-0.eu";
|
||||||
"smtp_auth_username" = "alertmanager@m-0.eu";
|
"smtp_auth_password" = config.m-0.private.alertmanager-mail-pw;
|
||||||
"smtp_auth_password" = config.m-0.private.alertmanager-mail-pw;
|
};
|
||||||
};
|
"route" = {
|
||||||
"route" = {
|
"group_by" = [ "alertname" "alias" ];
|
||||||
"group_by" = [ "alertname" "alias" ];
|
"group_wait" = "30s";
|
||||||
"group_wait" = "30s";
|
"group_interval" = "2m";
|
||||||
"group_interval" = "2m";
|
"repeat_interval" = "4h";
|
||||||
"repeat_interval" = "4h";
|
"receiver" = "team-admins";
|
||||||
"receiver" = "team-admins";
|
};
|
||||||
};
|
"receivers" = [{
|
||||||
"receivers" = [
|
|
||||||
{
|
|
||||||
"name" = "team-admins";
|
"name" = "team-admins";
|
||||||
"email_configs" = [
|
"email_configs" = [{
|
||||||
{
|
"to" = "malte.brandy@maralorn.de";
|
||||||
"to" = "malte.brandy@maralorn.de";
|
"send_resolved" = true;
|
||||||
"send_resolved" = true;
|
}];
|
||||||
}
|
}];
|
||||||
];
|
};
|
||||||
}
|
};
|
||||||
];
|
exporters.node.enable = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
exporters.node.enable = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,67 +1,78 @@
|
||||||
{ pkgs, config, ... }:
|
{ pkgs, config, ... }:
|
||||||
let
|
let
|
||||||
inherit (config.m-0) hosts;
|
inherit (config.m-0) hosts;
|
||||||
inherit (config.m-0.private) wireguard;
|
inherit (config.m-0.private) wireguard;
|
||||||
in
|
in {
|
||||||
{
|
networking = {
|
||||||
networking = {
|
hostName = "hera";
|
||||||
hostName = "hera";
|
interfaces.ens18 = {
|
||||||
interfaces.ens18 = {
|
proxyARP = true;
|
||||||
proxyARP = true;
|
ipv4.addresses = [{
|
||||||
ipv4.addresses = [{ address = "213.136.94.190"; prefixLength = 24; }];
|
address = "213.136.94.190";
|
||||||
ipv6.addresses = [{ address = hosts.hera; prefixLength = 128; }];
|
prefixLength = 24;
|
||||||
};
|
}];
|
||||||
defaultGateway = "213.136.94.1";
|
ipv6.addresses = [{
|
||||||
defaultGateway6 = { address = "fe80::1"; interface = "ens18"; };
|
address = hosts.hera;
|
||||||
|
prefixLength = 128;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
defaultGateway = "213.136.94.1";
|
||||||
|
defaultGateway6 = {
|
||||||
|
address = "fe80::1";
|
||||||
|
interface = "ens18";
|
||||||
|
};
|
||||||
|
|
||||||
firewall = {
|
firewall = {
|
||||||
extraCommands = ''
|
extraCommands = ''
|
||||||
ip6tables -A FORWARD -p ipv6-icmp -j ACCEPT
|
ip6tables -A FORWARD -p ipv6-icmp -j ACCEPT
|
||||||
ip6tables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
|
ip6tables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
|
||||||
ip6tables -A FORWARD ! -s ${config.m-0.prefix}::/64 -j DROP
|
ip6tables -A FORWARD ! -s ${config.m-0.prefix}::/64 -j DROP
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
bridges.bridge.interfaces = [ ];
|
||||||
bridges.bridge.interfaces = [ ];
|
interfaces.bridge = {
|
||||||
interfaces.bridge = {
|
proxyARP = true;
|
||||||
proxyARP = true;
|
ipv6.addresses = [{
|
||||||
ipv6.addresses = [{ address = hosts.hera-intern; prefixLength = 112; }];
|
address = hosts.hera-intern;
|
||||||
ipv4.addresses = [{ address = "10.0.0.1"; prefixLength = 24; }];
|
prefixLength = 112;
|
||||||
};
|
}];
|
||||||
nat = {
|
ipv4.addresses = [{
|
||||||
enable = true;
|
address = "10.0.0.1";
|
||||||
externalInterface = "ens18";
|
prefixLength = 24;
|
||||||
internalInterfaces = [ "bridge" ];
|
}];
|
||||||
};
|
};
|
||||||
nameservers = [ "213.136.95.10" "2a02:c207::1:53" "2a02:c207::2:53" ];
|
nat = {
|
||||||
firewall.allowedUDPPorts = [ wireguard.port ];
|
enable = true;
|
||||||
wireguard.interfaces = {
|
externalInterface = "ens18";
|
||||||
m0wire = {
|
internalInterfaces = [ "bridge" ];
|
||||||
ips = [ "${hosts.hera-wg}/112" ];
|
};
|
||||||
privateKeyFile = "/etc/nixos/hosts/hera/secret/wireguard-private";
|
nameservers = [ "213.136.95.10" "2a02:c207::1:53" "2a02:c207::2:53" ];
|
||||||
listenPort = wireguard.port;
|
firewall.allowedUDPPorts = [ wireguard.port ];
|
||||||
peers = [
|
wireguard.interfaces = {
|
||||||
{
|
m0wire = {
|
||||||
|
ips = [ "${hosts.hera-wg}/112" ];
|
||||||
|
privateKeyFile = "/etc/nixos/hosts/hera/secret/wireguard-private";
|
||||||
|
listenPort = wireguard.port;
|
||||||
|
peers = [{
|
||||||
publicKey = wireguard.pub.apollo;
|
publicKey = wireguard.pub.apollo;
|
||||||
allowedIPs = [ "${hosts.apollo-wg}/128" ];
|
allowedIPs = [ "${hosts.apollo-wg}/128" ];
|
||||||
presharedKeyFile = "/etc/nixos/common/secret/wireguard-psk";
|
presharedKeyFile = "/etc/nixos/common/secret/wireguard-psk";
|
||||||
}
|
}];
|
||||||
];
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
services = {
|
||||||
services = {
|
ndppd = {
|
||||||
ndppd = {
|
enable = true;
|
||||||
enable = true;
|
configFile = pkgs.writeText "ndppd.conf" ''
|
||||||
configFile = pkgs.writeText "ndppd.conf" ''
|
proxy ens18 {
|
||||||
proxy ens18 {
|
rule ${config.m-0.prefix}::/64 {
|
||||||
rule ${config.m-0.prefix}::/64 {
|
static
|
||||||
static
|
}
|
||||||
}
|
}
|
||||||
}
|
'';
|
||||||
'';
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,13 +9,16 @@ let
|
||||||
phpPackages = pkgs.php73Packages;
|
phpPackages = pkgs.php73Packages;
|
||||||
|
|
||||||
toKeyValue = generators.toKeyValue {
|
toKeyValue = generators.toKeyValue {
|
||||||
mkKeyValue = generators.mkKeyValueDefault {} " = ";
|
mkKeyValue = generators.mkKeyValueDefault { } " = ";
|
||||||
};
|
};
|
||||||
|
|
||||||
phpOptionsExtensions = ''
|
phpOptionsExtensions = ''
|
||||||
${optionalString cfg.caching.apcu "extension=${phpPackages.apcu}/lib/php/extensions/apcu.so"}
|
${optionalString cfg.caching.apcu
|
||||||
${optionalString cfg.caching.redis "extension=${phpPackages.redis}/lib/php/extensions/redis.so"}
|
"extension=${phpPackages.apcu}/lib/php/extensions/apcu.so"}
|
||||||
${optionalString cfg.caching.memcached "extension=${phpPackages.memcached}/lib/php/extensions/memcached.so"}
|
${optionalString cfg.caching.redis
|
||||||
|
"extension=${phpPackages.redis}/lib/php/extensions/redis.so"}
|
||||||
|
${optionalString cfg.caching.memcached
|
||||||
|
"extension=${phpPackages.memcached}/lib/php/extensions/memcached.so"}
|
||||||
extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
|
extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
|
||||||
zend_extension = opcache.so
|
zend_extension = opcache.so
|
||||||
opcache.enable = 1
|
opcache.enable = 1
|
||||||
|
@ -57,7 +60,8 @@ in {
|
||||||
https = mkOption {
|
https = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
description = "Enable if there is a TLS terminating proxy in front of nextcloud.";
|
description =
|
||||||
|
"Enable if there is a TLS terminating proxy in front of nextcloud.";
|
||||||
};
|
};
|
||||||
|
|
||||||
maxUploadSize = mkOption {
|
maxUploadSize = mkOption {
|
||||||
|
@ -208,7 +212,7 @@ in {
|
||||||
|
|
||||||
extraTrustedDomains = mkOption {
|
extraTrustedDomains = mkOption {
|
||||||
type = types.listOf types.str;
|
type = types.listOf types.str;
|
||||||
default = [];
|
default = [ ];
|
||||||
description = ''
|
description = ''
|
||||||
Trusted domains, from which the nextcloud installation will be
|
Trusted domains, from which the nextcloud installation will be
|
||||||
acessible. You don't need to add
|
acessible. You don't need to add
|
||||||
|
@ -277,18 +281,24 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable (mkMerge [
|
config = mkIf cfg.enable (mkMerge [
|
||||||
{ assertions = let acfg = cfg.config; in [
|
{
|
||||||
{ assertion = !(acfg.dbpass != null && acfg.dbpassFile != null);
|
assertions = let acfg = cfg.config;
|
||||||
message = "Please specify no more than one of dbpass or dbpassFile";
|
in [
|
||||||
}
|
{
|
||||||
{ assertion = ((acfg.adminpass != null || acfg.adminpassFile != null)
|
assertion = !(acfg.dbpass != null && acfg.dbpassFile != null);
|
||||||
&& !(acfg.adminpass != null && acfg.adminpassFile != null));
|
message = "Please specify no more than one of dbpass or dbpassFile";
|
||||||
message = "Please specify exactly one of adminpass or adminpassFile";
|
}
|
||||||
}
|
{
|
||||||
];
|
assertion = ((acfg.adminpass != null || acfg.adminpassFile != null)
|
||||||
|
&& !(acfg.adminpass != null && acfg.adminpassFile != null));
|
||||||
|
message =
|
||||||
|
"Please specify exactly one of adminpass or adminpassFile";
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
{ systemd.timers."nextcloud-cron" = {
|
{
|
||||||
|
systemd.timers."nextcloud-cron" = {
|
||||||
wantedBy = [ "timers.target" ];
|
wantedBy = [ "timers.target" ];
|
||||||
timerConfig.OnBootSec = "5m";
|
timerConfig.OnBootSec = "5m";
|
||||||
timerConfig.OnUnitActiveSec = "15m";
|
timerConfig.OnUnitActiveSec = "15m";
|
||||||
|
@ -306,78 +316,98 @@ in {
|
||||||
],
|
],
|
||||||
'datadirectory' => '${cfg.home}/data',
|
'datadirectory' => '${cfg.home}/data',
|
||||||
'skeletondirectory' => '${cfg.skeletonDirectory}',
|
'skeletondirectory' => '${cfg.skeletonDirectory}',
|
||||||
${optionalString cfg.caching.apcu "'memcache.local' => '\\OC\\Memcache\\APCu',"}
|
${
|
||||||
|
optionalString cfg.caching.apcu
|
||||||
|
"'memcache.local' => '\\OC\\Memcache\\APCu',"
|
||||||
|
}
|
||||||
'log_type' => 'syslog',
|
'log_type' => 'syslog',
|
||||||
'log_level' => '${builtins.toString cfg.logLevel}',
|
'log_level' => '${builtins.toString cfg.logLevel}',
|
||||||
${optionalString (cfg.config.overwriteProtocol != null) "'overwriteprotocol' => '${cfg.config.overwriteProtocol}',"}
|
${
|
||||||
|
optionalString (cfg.config.overwriteProtocol != null)
|
||||||
|
"'overwriteprotocol' => '${cfg.config.overwriteProtocol}',"
|
||||||
|
}
|
||||||
];
|
];
|
||||||
'';
|
'';
|
||||||
occInstallCmd = let
|
occInstallCmd = let
|
||||||
c = cfg.config;
|
c = cfg.config;
|
||||||
adminpass = if c.adminpassFile != null
|
adminpass = if c.adminpassFile != null then
|
||||||
then ''"$(<"${toString c.adminpassFile}")"''
|
''"$(<"${toString c.adminpassFile}")"''
|
||||||
else ''"${toString c.adminpass}"'';
|
else
|
||||||
dbpass = if c.dbpassFile != null
|
''"${toString c.adminpass}"'';
|
||||||
then ''"$(<"${toString c.dbpassFile}")"''
|
dbpass = if c.dbpassFile != null then
|
||||||
else if c.dbpass != null
|
''"$(<"${toString c.dbpassFile}")"''
|
||||||
then ''"${toString c.dbpass}"''
|
else if c.dbpass != null then
|
||||||
else null;
|
''"${toString c.dbpass}"''
|
||||||
|
else
|
||||||
|
null;
|
||||||
installFlags = concatStringsSep " \\\n "
|
installFlags = concatStringsSep " \\\n "
|
||||||
(mapAttrsToList (k: v: "${k} ${toString v}") {
|
(mapAttrsToList (k: v: "${k} ${toString v}") {
|
||||||
"--database" = ''"${c.dbtype}"'';
|
"--database" = ''"${c.dbtype}"'';
|
||||||
# The following attributes are optional depending on the type of
|
# The following attributes are optional depending on the type of
|
||||||
# database. Those that evaluate to null on the left hand side
|
# database. Those that evaluate to null on the left hand side
|
||||||
# will be omitted.
|
# will be omitted.
|
||||||
${if c.dbname != null then "--database-name" else null} = ''"${c.dbname}"'';
|
${if c.dbname != null then "--database-name" else null} =
|
||||||
${if c.dbhost != null then "--database-host" else null} = ''"${c.dbhost}"'';
|
''"${c.dbname}"'';
|
||||||
${if c.dbport != null then "--database-port" else null} = ''"${toString c.dbport}"'';
|
${if c.dbhost != null then "--database-host" else null} =
|
||||||
${if c.dbuser != null then "--database-user" else null} = ''"${c.dbuser}"'';
|
''"${c.dbhost}"'';
|
||||||
${if (any (x: x != null) [c.dbpass c.dbpassFile])
|
${if c.dbport != null then "--database-port" else null} =
|
||||||
then "--database-pass" else null} = dbpass;
|
''"${toString c.dbport}"'';
|
||||||
${if c.dbtableprefix != null
|
${if c.dbuser != null then "--database-user" else null} =
|
||||||
then "--database-table-prefix" else null} = ''"${toString c.dbtableprefix}"'';
|
''"${c.dbuser}"'';
|
||||||
"--admin-user" = ''"${c.adminuser}"'';
|
${
|
||||||
"--admin-pass" = adminpass;
|
if (any (x: x != null) [ c.dbpass c.dbpassFile ]) then
|
||||||
"--data-dir" = ''"${cfg.home}/data"'';
|
"--database-pass"
|
||||||
});
|
else
|
||||||
in ''
|
null
|
||||||
${occ}/bin/nextcloud-occ maintenance:install \
|
} = dbpass;
|
||||||
${installFlags}
|
${
|
||||||
'';
|
if c.dbtableprefix != null then
|
||||||
occSetTrustedDomainsCmd = concatStringsSep "\n" (imap0
|
"--database-table-prefix"
|
||||||
(i: v: ''
|
else
|
||||||
${occ}/bin/nextcloud-occ config:system:set trusted_domains \
|
null
|
||||||
${toString i} --value="${toString v}"
|
} = ''"${toString c.dbtableprefix}"'';
|
||||||
'') ([ cfg.hostName ] ++ cfg.config.extraTrustedDomains));
|
"--admin-user" = ''"${c.adminuser}"'';
|
||||||
|
"--admin-pass" = adminpass;
|
||||||
|
"--data-dir" = ''"${cfg.home}/data"'';
|
||||||
|
});
|
||||||
|
in ''
|
||||||
|
${occ}/bin/nextcloud-occ maintenance:install \
|
||||||
|
${installFlags}
|
||||||
|
'';
|
||||||
|
occSetTrustedDomainsCmd = concatStringsSep "\n" (imap0 (i: v: ''
|
||||||
|
${occ}/bin/nextcloud-occ config:system:set trusted_domains \
|
||||||
|
${toString i} --value="${toString v}"
|
||||||
|
'') ([ cfg.hostName ] ++ cfg.config.extraTrustedDomains));
|
||||||
|
|
||||||
in {
|
in {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
before = [ "phpfpm-nextcloud.service" ];
|
before = [ "phpfpm-nextcloud.service" ];
|
||||||
script = ''
|
script = ''
|
||||||
chmod og+x ${cfg.home}
|
chmod og+x ${cfg.home}
|
||||||
ln -sf ${pkgs.nextcloud}/apps ${cfg.home}/
|
ln -sf ${pkgs.nextcloud}/apps ${cfg.home}/
|
||||||
mkdir -p ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps
|
mkdir -p ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps
|
||||||
ln -sf ${overrideConfig} ${cfg.home}/config/override.config.php
|
ln -sf ${overrideConfig} ${cfg.home}/config/override.config.php
|
||||||
|
|
||||||
chown -R nextcloud:nginx ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps
|
chown -R nextcloud:nginx ${cfg.home}/config ${cfg.home}/data ${cfg.home}/store-apps
|
||||||
|
|
||||||
# Do not install if already installed
|
# Do not install if already installed
|
||||||
if [[ ! -e ${cfg.home}/config/config.php ]]; then
|
if [[ ! -e ${cfg.home}/config/config.php ]]; then
|
||||||
${occInstallCmd}
|
${occInstallCmd}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
${occ}/bin/nextcloud-occ upgrade
|
${occ}/bin/nextcloud-occ upgrade
|
||||||
|
|
||||||
${occ}/bin/nextcloud-occ config:system:delete trusted_domains
|
${occ}/bin/nextcloud-occ config:system:delete trusted_domains
|
||||||
${occSetTrustedDomainsCmd}
|
${occSetTrustedDomainsCmd}
|
||||||
'';
|
'';
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
};
|
};
|
||||||
"nextcloud-cron" = {
|
"nextcloud-cron" = {
|
||||||
environment.NEXTCLOUD_CONFIG_DIR = "${cfg.home}/config";
|
environment.NEXTCLOUD_CONFIG_DIR = "${cfg.home}/config";
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
serviceConfig.User = "nextcloud";
|
serviceConfig.User = "nextcloud";
|
||||||
serviceConfig.ExecStart = "${phpPackage}/bin/php -f ${pkgs.nextcloud}/cron.php";
|
serviceConfig.ExecStart =
|
||||||
|
"${phpPackage}/bin/php -f ${pkgs.nextcloud}/cron.php";
|
||||||
};
|
};
|
||||||
"nextcloud-update-plugins" = mkIf cfg.autoUpdateApps.enable {
|
"nextcloud-update-plugins" = mkIf cfg.autoUpdateApps.enable {
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
|
@ -388,25 +418,24 @@ in {
|
||||||
|
|
||||||
services.phpfpm = {
|
services.phpfpm = {
|
||||||
pools.nextcloud = let
|
pools.nextcloud = let
|
||||||
phpAdminValues = (toKeyValue
|
phpAdminValues = (toKeyValue (foldr (a: b: a // b) { }
|
||||||
(foldr (a: b: a // b) {}
|
(mapAttrsToList (k: v: { "php_admin_value[${k}]" = v; })
|
||||||
(mapAttrsToList (k: v: { "php_admin_value[${k}]" = v; })
|
phpOptions)));
|
||||||
phpOptions)));
|
in {
|
||||||
in {
|
phpOptions = phpOptionsExtensions;
|
||||||
phpOptions = phpOptionsExtensions;
|
phpPackage = phpPackage;
|
||||||
phpPackage = phpPackage;
|
listen = "/run/phpfpm/nextcloud";
|
||||||
listen = "/run/phpfpm/nextcloud";
|
extraConfig = ''
|
||||||
extraConfig = ''
|
listen.owner = nginx
|
||||||
listen.owner = nginx
|
listen.group = nginx
|
||||||
listen.group = nginx
|
user = nextcloud
|
||||||
user = nextcloud
|
group = nginx
|
||||||
group = nginx
|
${cfg.poolConfig}
|
||||||
${cfg.poolConfig}
|
env[NEXTCLOUD_CONFIG_DIR] = ${cfg.home}/config
|
||||||
env[NEXTCLOUD_CONFIG_DIR] = ${cfg.home}/config
|
env[PATH] = /run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin
|
||||||
env[PATH] = /run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin
|
${phpAdminValues}
|
||||||
${phpAdminValues}
|
'';
|
||||||
'';
|
};
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
users.extraUsers.nextcloud = {
|
users.extraUsers.nextcloud = {
|
||||||
|
@ -457,7 +486,8 @@ in {
|
||||||
priority = 300;
|
priority = 300;
|
||||||
extraConfig = "deny all;";
|
extraConfig = "deny all;";
|
||||||
};
|
};
|
||||||
"~ ^\\/(?:index|remote|public|cron|core/ajax\\/update|status|ocs\\/v[12]|updater\\/.+|ocs-provider\\/.+|ocm-provider\\/.+)\\.php(?:$|\\/)" = {
|
"~ ^\\/(?:index|remote|public|cron|core/ajax\\/update|status|ocs\\/v[12]|updater\\/.+|ocs-provider\\/.+|ocm-provider\\/.+)\\.php(?:$|\\/)" =
|
||||||
|
{
|
||||||
priority = 500;
|
priority = 500;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
include ${config.services.nginx.package}/conf/fastcgi.conf;
|
include ${config.services.nginx.package}/conf/fastcgi.conf;
|
||||||
|
@ -472,10 +502,11 @@ in {
|
||||||
fastcgi_read_timeout 120s;
|
fastcgi_read_timeout 120s;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
"~ ^\\/(?:updater|ocs-provider|ocm-provider)(?:$|\\/)".extraConfig = ''
|
"~ ^\\/(?:updater|ocs-provider|ocm-provider)(?:$|\\/)".extraConfig =
|
||||||
try_files $uri/ =404;
|
''
|
||||||
index index.php;
|
try_files $uri/ =404;
|
||||||
'';
|
index index.php;
|
||||||
|
'';
|
||||||
"~ \\.(?:css|js|woff2?|svg|gif)$".extraConfig = ''
|
"~ \\.(?:css|js|woff2?|svg|gif)$".extraConfig = ''
|
||||||
try_files $uri /index.php$request_uri;
|
try_files $uri /index.php$request_uri;
|
||||||
add_header Cache-Control "public, max-age=15778463";
|
add_header Cache-Control "public, max-age=15778463";
|
||||||
|
|
Binary file not shown.
|
@ -2,104 +2,120 @@
|
||||||
let
|
let
|
||||||
inherit (config.m-0) hosts;
|
inherit (config.m-0) hosts;
|
||||||
certPath = "/var/lib/acme/hera.m-0.eu";
|
certPath = "/var/lib/acme/hera.m-0.eu";
|
||||||
in
|
in {
|
||||||
{
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
m-0.monitoring = [
|
||||||
m-0.monitoring = [
|
{
|
||||||
{ name = "web"; host = "web:9100"; }
|
name = "web";
|
||||||
{ name = "web-nginx"; host = "web:9113"; }
|
host = "web:9100";
|
||||||
];
|
|
||||||
services.sniproxy = {
|
|
||||||
enable = true;
|
|
||||||
config = ''
|
|
||||||
error_log {
|
|
||||||
syslog daemon
|
|
||||||
priority warn
|
|
||||||
}
|
}
|
||||||
access_log {
|
{
|
||||||
syslog daemon
|
name = "web-nginx";
|
||||||
priority error
|
host = "web:9113";
|
||||||
}
|
}
|
||||||
listen 80 {
|
];
|
||||||
proto http
|
services.sniproxy = {
|
||||||
}
|
enable = true;
|
||||||
listen 443 {
|
config = ''
|
||||||
proto tls
|
error_log {
|
||||||
}
|
syslog daemon
|
||||||
listen 8448 {
|
priority warn
|
||||||
proto tls
|
}
|
||||||
table matrix
|
access_log {
|
||||||
|
syslog daemon
|
||||||
|
priority error
|
||||||
|
}
|
||||||
|
listen 80 {
|
||||||
|
proto http
|
||||||
|
}
|
||||||
|
listen 443 {
|
||||||
|
proto tls
|
||||||
|
}
|
||||||
|
listen 8448 {
|
||||||
|
proto tls
|
||||||
|
table matrix
|
||||||
|
|
||||||
fallback ${hosts.matrix}:8448
|
fallback ${hosts.matrix}:8448
|
||||||
}
|
}
|
||||||
table {
|
table {
|
||||||
cloud.maralorn.de ${hosts.cloud}
|
cloud.maralorn.de ${hosts.cloud}
|
||||||
cloud.mathechor.de ${hosts.mathechor-cloud}
|
cloud.mathechor.de ${hosts.mathechor-cloud}
|
||||||
matrix.maralorn.de ${hosts.matrix}
|
matrix.maralorn.de ${hosts.matrix}
|
||||||
riot.maralorn.de ${hosts.matrix}
|
riot.maralorn.de ${hosts.matrix}
|
||||||
.* ${hosts.web}
|
.* ${hosts.web}
|
||||||
}
|
}
|
||||||
table matrix {
|
table matrix {
|
||||||
.* ${hosts.matrix}
|
.* ${hosts.matrix}
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
containers.web = {
|
containers.web = {
|
||||||
bindMounts = { "${certPath}" = { hostPath = certPath; isReadOnly = false; }; };
|
bindMounts = {
|
||||||
autoStart = true;
|
"${certPath}" = {
|
||||||
privateNetwork = true;
|
hostPath = certPath;
|
||||||
hostBridge = "bridge";
|
isReadOnly = false;
|
||||||
config = { pkgs, lib, ... }: {
|
|
||||||
imports = [../../system];
|
|
||||||
networking = {
|
|
||||||
interfaces.eth0 = {
|
|
||||||
ipv6.addresses = [{ address = config.m-0.hosts.web; prefixLength = 112; }];
|
|
||||||
};
|
|
||||||
inherit (config.networking) nameservers;
|
|
||||||
defaultGateway6 = { address = config.m-0.hosts.hera-intern; interface = "eth0"; };
|
|
||||||
firewall.allowedTCPPorts = [ 80 443 ];
|
|
||||||
};
|
|
||||||
m-0 = {
|
|
||||||
blog.enable = true;
|
|
||||||
mathechor-de = {
|
|
||||||
enable = true;
|
|
||||||
password = config.m-0.private.mathechor-pw;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
services = {
|
autoStart = true;
|
||||||
nginx = {
|
privateNetwork = true;
|
||||||
enable = true;
|
hostBridge = "bridge";
|
||||||
virtualHosts."hera.m-0.eu" = {
|
config = { pkgs, lib, ... }: {
|
||||||
enableACME = true;
|
imports = [ ../../system ];
|
||||||
forceSSL = true;
|
networking = {
|
||||||
locations = {
|
interfaces.eth0 = {
|
||||||
"/" = {
|
ipv6.addresses = [{
|
||||||
extraConfig = ''
|
address = config.m-0.hosts.web;
|
||||||
return 200 "Hello there. I hope you are having a very nice day! If you don't know what to find here, you probably don't care about this domain.";
|
prefixLength = 112;
|
||||||
'';
|
}];
|
||||||
|
};
|
||||||
|
inherit (config.networking) nameservers;
|
||||||
|
defaultGateway6 = {
|
||||||
|
address = config.m-0.hosts.hera-intern;
|
||||||
|
interface = "eth0";
|
||||||
|
};
|
||||||
|
firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
};
|
||||||
|
m-0 = {
|
||||||
|
blog.enable = true;
|
||||||
|
mathechor-de = {
|
||||||
|
enable = true;
|
||||||
|
password = config.m-0.private.mathechor-pw;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services = {
|
||||||
|
nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts."hera.m-0.eu" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
locations = {
|
||||||
|
"/" = {
|
||||||
|
extraConfig = ''
|
||||||
|
return 200 "Hello there. I hope you are having a very nice day! If you don't know what to find here, you probably don't care about this domain.";
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
virtualHosts."maralorn.de" = {
|
||||||
virtualHosts."maralorn.de" = {
|
enableACME = true;
|
||||||
enableACME = true;
|
forceSSL = true;
|
||||||
forceSSL = true;
|
locations = {
|
||||||
locations = {
|
"/.well-known/matrix/server" = {
|
||||||
"/.well-known/matrix/server" = {
|
extraConfig = ''
|
||||||
extraConfig = ''
|
default_type application/json;
|
||||||
default_type application/json;
|
return 200 "{\"m.server\": \"matrix.maralorn.de:443\"}";
|
||||||
return 200 "{\"m.server\": \"matrix.maralorn.de:443\"}";
|
'';
|
||||||
'';
|
};
|
||||||
};
|
"/" = {
|
||||||
"/" = {
|
extraConfig = ''
|
||||||
extraConfig = ''
|
return 200 "Hello there. I hope you are having a very nice day! If you don't know what to find here, you probably don't care about this domain.";
|
||||||
return 200 "Hello there. I hope you are having a very nice day! If you don't know what to find here, you probably don't care about this domain.";
|
'';
|
||||||
'';
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,61 +1,57 @@
|
||||||
# This file has been generated by Niv.
|
# This file has been generated by Niv.
|
||||||
|
|
||||||
# A record, from name to path, of the third-party packages
|
# A record, from name to path, of the third-party packages
|
||||||
with rec
|
with rec {
|
||||||
{
|
pkgs = if hasNixpkgsPath then
|
||||||
pkgs =
|
if hasThisAsNixpkgsPath then
|
||||||
if hasNixpkgsPath
|
import (builtins_fetchTarball { inherit (sources_nixpkgs) url sha256; })
|
||||||
then
|
{ }
|
||||||
if hasThisAsNixpkgsPath
|
|
||||||
then import (builtins_fetchTarball { inherit (sources_nixpkgs) url sha256; }) {}
|
|
||||||
else import <nixpkgs> {}
|
|
||||||
else
|
else
|
||||||
import (builtins_fetchTarball { inherit (sources_nixpkgs) url sha256; }) {};
|
import <nixpkgs> { }
|
||||||
|
else
|
||||||
|
import (builtins_fetchTarball { inherit (sources_nixpkgs) url sha256; })
|
||||||
|
{ };
|
||||||
|
|
||||||
sources_nixpkgs =
|
sources_nixpkgs = if builtins.hasAttr "nixpkgs" sources then
|
||||||
if builtins.hasAttr "nixpkgs" sources
|
sources.nixpkgs
|
||||||
then sources.nixpkgs
|
else
|
||||||
else abort
|
abort ''
|
||||||
''
|
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
|
||||||
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
|
add a package called "nixpkgs" to your sources.json.
|
||||||
add a package called "nixpkgs" to your sources.json.
|
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# fetchTarball version that is compatible between all the versions of Nix
|
# fetchTarball version that is compatible between all the versions of Nix
|
||||||
builtins_fetchTarball =
|
builtins_fetchTarball = { url, sha256 }@attrs:
|
||||||
{ url, sha256 }@attrs:
|
let inherit (builtins) lessThan nixVersion fetchTarball;
|
||||||
let
|
in if lessThan nixVersion "1.12" then
|
||||||
inherit (builtins) lessThan nixVersion fetchTarball;
|
fetchTarball { inherit url; }
|
||||||
in
|
else
|
||||||
if lessThan nixVersion "1.12" then
|
fetchTarball attrs;
|
||||||
fetchTarball { inherit url; }
|
|
||||||
else
|
|
||||||
fetchTarball attrs;
|
|
||||||
|
|
||||||
# fetchurl version that is compatible between all the versions of Nix
|
# fetchurl version that is compatible between all the versions of Nix
|
||||||
builtins_fetchurl =
|
builtins_fetchurl = { url, sha256 }@attrs:
|
||||||
{ url, sha256 }@attrs:
|
let inherit (builtins) lessThan nixVersion fetchurl;
|
||||||
let
|
in if lessThan nixVersion "1.12" then
|
||||||
inherit (builtins) lessThan nixVersion fetchurl;
|
fetchurl { inherit url; }
|
||||||
in
|
else
|
||||||
if lessThan nixVersion "1.12" then
|
fetchurl attrs;
|
||||||
fetchurl { inherit url; }
|
|
||||||
else
|
|
||||||
fetchurl attrs;
|
|
||||||
|
|
||||||
# A wrapper around pkgs.fetchzip that has inspectable arguments,
|
# A wrapper around pkgs.fetchzip that has inspectable arguments,
|
||||||
# annoyingly this means we have to specify them
|
# annoyingly this means we have to specify them
|
||||||
fetchzip = { url, sha256 }@attrs: pkgs.fetchzip attrs;
|
fetchzip = { url, sha256 }@attrs: pkgs.fetchzip attrs;
|
||||||
|
|
||||||
hasNixpkgsPath = (builtins.tryEval <nixpkgs>).success;
|
hasNixpkgsPath = (builtins.tryEval <nixpkgs>).success;
|
||||||
hasThisAsNixpkgsPath =
|
hasThisAsNixpkgsPath = (builtins.tryEval <nixpkgs>).success && <nixpkgs>
|
||||||
(builtins.tryEval <nixpkgs>).success && <nixpkgs> == ./.;
|
== ./.;
|
||||||
|
|
||||||
sources = builtins.fromJSON (builtins.readFile ./sources.json);
|
sources = builtins.fromJSON (builtins.readFile ./sources.json);
|
||||||
|
|
||||||
mapAttrs = builtins.mapAttrs or
|
mapAttrs = builtins.mapAttrs or (f: set:
|
||||||
(f: set: with builtins;
|
with builtins;
|
||||||
listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set)));
|
listToAttrs (map (attr: {
|
||||||
|
name = attr;
|
||||||
|
value = f attr set.${attr};
|
||||||
|
}) (attrNames set)));
|
||||||
|
|
||||||
# borrowed from nixpkgs
|
# borrowed from nixpkgs
|
||||||
functionArgs = f: f.__functionArgs or (builtins.functionArgs f);
|
functionArgs = f: f.__functionArgs or (builtins.functionArgs f);
|
||||||
|
@ -64,10 +60,11 @@ with rec
|
||||||
in f (auto // args);
|
in f (auto // args);
|
||||||
|
|
||||||
getFetcher = spec:
|
getFetcher = spec:
|
||||||
let fetcherName =
|
let
|
||||||
if builtins.hasAttr "type" spec
|
fetcherName = if builtins.hasAttr "type" spec then
|
||||||
then builtins.getAttr "type" spec
|
builtins.getAttr "type" spec
|
||||||
else "builtin-tarball";
|
else
|
||||||
|
"builtin-tarball";
|
||||||
in builtins.getAttr fetcherName {
|
in builtins.getAttr fetcherName {
|
||||||
"tarball" = fetchzip;
|
"tarball" = fetchzip;
|
||||||
"builtin-tarball" = builtins_fetchTarball;
|
"builtin-tarball" = builtins_fetchTarball;
|
||||||
|
@ -77,13 +74,9 @@ with rec
|
||||||
};
|
};
|
||||||
# NOTE: spec must _not_ have an "outPath" attribute
|
# NOTE: spec must _not_ have an "outPath" attribute
|
||||||
mapAttrs (_: spec:
|
mapAttrs (_: spec:
|
||||||
if builtins.hasAttr "outPath" spec
|
if builtins.hasAttr "outPath" spec then
|
||||||
then abort
|
abort "The values in sources.json should not have an 'outPath' attribute"
|
||||||
"The values in sources.json should not have an 'outPath' attribute"
|
else if builtins.hasAttr "url" spec && builtins.hasAttr "sha256" spec then
|
||||||
else
|
spec // { outPath = callFunctionWith spec (getFetcher spec) { }; }
|
||||||
if builtins.hasAttr "url" spec && builtins.hasAttr "sha256" spec
|
else
|
||||||
then
|
spec) sources
|
||||||
spec //
|
|
||||||
{ outPath = callFunctionWith spec (getFetcher spec) { }; }
|
|
||||||
else spec
|
|
||||||
) sources
|
|
||||||
|
|
|
@ -1,4 +1,7 @@
|
||||||
{ fetchFromGitHub, stdenv, ninja, meson, pkgconfig, glib, cairo, gdk_pixbuf, glib_networking, pango, libudev, xorg, libxslt, docbook_xml_xslt, git, libuuid, dbus, libsoup, docbook_xml_dtd_45, docbook5_xsl, gettext, autoconf, libtool, utillinux, libxkbcommon }:
|
{ fetchFromGitHub, stdenv, ninja, meson, pkgconfig, glib, cairo, gdk_pixbuf
|
||||||
|
, glib_networking, pango, libudev, xorg, libxslt, docbook_xml_xslt, git, libuuid
|
||||||
|
, dbus, libsoup, docbook_xml_dtd_45, docbook5_xsl, gettext, autoconf, libtool
|
||||||
|
, utillinux, libxkbcommon }:
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
name = "eventd";
|
name = "eventd";
|
||||||
version = "d7c7ba59aa6b225b3e2b8aebdd853137c05d8445";
|
version = "d7c7ba59aa6b225b3e2b8aebdd853137c05d8445";
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{ aqbanking, python36Packages, fetchgit }:
|
{ aqbanking, python36Packages, fetchgit }:
|
||||||
with python36Packages; buildPythonApplication rec {
|
with python36Packages;
|
||||||
|
buildPythonApplication rec {
|
||||||
name = "${pname}-${version}";
|
name = "${pname}-${version}";
|
||||||
pname = "jali";
|
pname = "jali";
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,26 +1,29 @@
|
||||||
{ pkgs, fetchFromGitHub, defaultCrateOverrides, makeDesktopItem, atk , pango, gnome3, cairo, gdk_pixbuf, glib, ... }:
|
{ pkgs, fetchFromGitHub, defaultCrateOverrides, makeDesktopItem, atk, pango
|
||||||
((pkgs.callPackage ./Cargo.nix {}).tasktree_0_1_0 {}).override {
|
, gnome3, cairo, gdk_pixbuf, glib, ... }:
|
||||||
|
((pkgs.callPackage ./Cargo.nix { }).tasktree_0_1_0 { }).override {
|
||||||
crateOverrides = defaultCrateOverrides // {
|
crateOverrides = defaultCrateOverrides // {
|
||||||
atk-sys = attr: { buildInputs = [ atk ]; };
|
atk-sys = attr: { buildInputs = [ atk ]; };
|
||||||
pango-sys = attr: { buildInputs = [ pango glib ]; };
|
pango-sys = attr: { buildInputs = [ pango glib ]; };
|
||||||
gio = attr: { buildInputs = [ glib ]; };
|
gio = attr: { buildInputs = [ glib ]; };
|
||||||
gdk-sys = attr: { buildInputs = [ gdk_pixbuf glib cairo pango ]; };
|
gdk-sys = attr: { buildInputs = [ gdk_pixbuf glib cairo pango ]; };
|
||||||
gtk-sys = attr: { buildInputs = [ gdk_pixbuf glib cairo pango atk gnome3.gtk ]; };
|
gtk-sys = attr: {
|
||||||
|
buildInputs = [ gdk_pixbuf glib cairo pango atk gnome3.gtk ];
|
||||||
|
};
|
||||||
gdk = attr: { buildInputs = [ cairo gnome3.gtk gdk_pixbuf pango ]; };
|
gdk = attr: { buildInputs = [ cairo gnome3.gtk gdk_pixbuf pango ]; };
|
||||||
gtk = attr: { buildInputs = [ cairo atk gnome3.gtk gdk_pixbuf pango ]; };
|
gtk = attr: { buildInputs = [ cairo atk gnome3.gtk gdk_pixbuf pango ]; };
|
||||||
tasktree = attrs:
|
tasktree = attrs:
|
||||||
let
|
let
|
||||||
desktopItem = makeDesktopItem {
|
desktopItem = makeDesktopItem {
|
||||||
name = "tasktree";
|
name = "tasktree";
|
||||||
exec = "tasktree";
|
exec = "tasktree";
|
||||||
icon = "tasktree";
|
icon = "tasktree";
|
||||||
comment = "A taskwarrior UI";
|
comment = "A taskwarrior UI";
|
||||||
desktopName = "Tasktree";
|
desktopName = "Tasktree";
|
||||||
genericName = "Tasktree";
|
genericName = "Tasktree";
|
||||||
categories = "Office;";
|
categories = "Office;";
|
||||||
};
|
};
|
||||||
version = "abb312f";
|
version = "abb312f";
|
||||||
in {
|
in {
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
rev = version;
|
rev = version;
|
||||||
owner = "maralorn";
|
owner = "maralorn";
|
||||||
|
@ -30,12 +33,12 @@
|
||||||
depsSha256 = "14acvigygrrqyvxra2n01vpadc3mcf8981jrggpvwfbz58jrsa7h";
|
depsSha256 = "14acvigygrrqyvxra2n01vpadc3mcf8981jrggpvwfbz58jrsa7h";
|
||||||
cargoSha256 = "14acvigygrrqyvxra2n01vpadc3mcf8981jrggpvwfbz58jrsa7h";
|
cargoSha256 = "14acvigygrrqyvxra2n01vpadc3mcf8981jrggpvwfbz58jrsa7h";
|
||||||
|
|
||||||
postInstall = ''
|
postInstall = ''
|
||||||
mkdir -p $out/share/applications
|
mkdir -p $out/share/applications
|
||||||
ln -s ${desktopItem}/share/applications/* $out/share/applications/
|
ln -s ${desktopItem}/share/applications/* $out/share/applications/
|
||||||
rm $out/lib/link
|
rm $out/lib/link
|
||||||
'';
|
'';
|
||||||
buildInputs = [ cairo atk gnome3.gtk gdk_pixbuf pango ];
|
buildInputs = [ cairo atk gnome3.gtk gdk_pixbuf pango ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{config, lib, ...}:
|
{ config, lib, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let me = config.m-0.private.me;
|
||||||
me = config.m-0.private.me;
|
|
||||||
in {
|
in {
|
||||||
users.users = {
|
users.users = {
|
||||||
"${me.user}" = {
|
"${me.user}" = {
|
||||||
|
@ -13,8 +12,6 @@ in {
|
||||||
openssh.authorizedKeys.keys = me.keys;
|
openssh.authorizedKeys.keys = me.keys;
|
||||||
passwordFile = me.pw-file;
|
passwordFile = me.pw-file;
|
||||||
};
|
};
|
||||||
root = {
|
root = { passwordFile = me.pw-file; };
|
||||||
passwordFile = me.pw-file;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{ pkgs, config, lib, ... }:
|
||||||
let
|
let
|
||||||
inherit (import ../common/lib.nix) sources;
|
inherit (import ../common/lib.nix) sources;
|
||||||
me = config.m-0.private.me;
|
me = config.m-0.private.me;
|
||||||
|
@ -15,23 +15,21 @@ in {
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
|
||||||
i18n = {
|
i18n = { defaultLocale = "en_US.UTF-8"; };
|
||||||
defaultLocale = "en_US.UTF-8";
|
|
||||||
};
|
|
||||||
|
|
||||||
time.timeZone = "Europe/Berlin";
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
firewall.allowPing = true;
|
firewall.allowPing = true;
|
||||||
useDHCP = false;
|
useDHCP = false;
|
||||||
hosts = lib.zipAttrs (lib.mapAttrsToList (host: ip: {"${ip}" = "${host} ${host}.m-0.eu";} ) config.m-0.hosts);
|
hosts = lib.zipAttrs
|
||||||
|
(lib.mapAttrsToList (host: ip: { "${ip}" = "${host} ${host}.m-0.eu"; })
|
||||||
|
config.m-0.hosts);
|
||||||
};
|
};
|
||||||
|
|
||||||
users = {
|
users = {
|
||||||
mutableUsers = false;
|
mutableUsers = false;
|
||||||
users.root = {
|
users.root = { openssh.authorizedKeys.keys = me.keys; };
|
||||||
openssh.authorizedKeys.keys = me.keys;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
|
@ -43,10 +41,11 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
binaryCaches = [ "https://cache.nixos.org/" "https://nixcache.reflex-frp.org" ];
|
binaryCaches =
|
||||||
binaryCachePublicKeys = [ "ryantrinkle.com-1:JJiAKaRv9mWgpVAz8dwewnZe0AzzEAzPkagE9SP5NWI=" ];
|
[ "https://cache.nixos.org/" "https://nixcache.reflex-frp.org" ];
|
||||||
|
binaryCachePublicKeys =
|
||||||
|
[ "ryantrinkle.com-1:JJiAKaRv9mWgpVAz8dwewnZe0AzzEAzPkagE9SP5NWI=" ];
|
||||||
nixPath = [ "/etc/nix-path" ];
|
nixPath = [ "/etc/nix-path" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -7,7 +7,8 @@
|
||||||
antialias = true;
|
antialias = true;
|
||||||
cache32Bit = true;
|
cache32Bit = true;
|
||||||
defaultFonts = {
|
defaultFonts = {
|
||||||
monospace = [ "Source Code Pro For Powerline" "Roboto Mono" "DejaVu Sans Mono" ];
|
monospace =
|
||||||
|
[ "Source Code Pro For Powerline" "Roboto Mono" "DejaVu Sans Mono" ];
|
||||||
sansSerif = [ "Roboto Regular" "DejaVu Sans" ];
|
sansSerif = [ "Roboto Regular" "DejaVu Sans" ];
|
||||||
serif = [ "Roboto Slab Regular" "DejaVu Serif" ];
|
serif = [ "Roboto Slab Regular" "DejaVu Serif" ];
|
||||||
};
|
};
|
||||||
|
@ -20,44 +21,22 @@
|
||||||
enableFontDir = true;
|
enableFontDir = true;
|
||||||
fonts = builtins.attrValues {
|
fonts = builtins.attrValues {
|
||||||
inherit (pkgs)
|
inherit (pkgs)
|
||||||
anonymousPro
|
anonymousPro arkpandora_ttf caladea carlito comfortaa comic-relief
|
||||||
arkpandora_ttf
|
crimson dejavu_fonts google-fonts inconsolata iosevka
|
||||||
caladea
|
liberationsansnarrow liberation_ttf libertine mononoki montserrat
|
||||||
carlito
|
nerdfonts norwester-font opensans-ttf powerline-fonts roboto sampradaya
|
||||||
comfortaa
|
source-code-pro source-sans-pro source-serif-pro tai-ahom tempora_lgc
|
||||||
comic-relief
|
terminus_font theano ubuntu_font_family;
|
||||||
crimson
|
|
||||||
dejavu_fonts
|
|
||||||
google-fonts
|
|
||||||
inconsolata
|
|
||||||
iosevka
|
|
||||||
liberationsansnarrow
|
|
||||||
liberation_ttf
|
|
||||||
libertine
|
|
||||||
mononoki
|
|
||||||
montserrat
|
|
||||||
nerdfonts
|
|
||||||
norwester-font
|
|
||||||
opensans-ttf
|
|
||||||
powerline-fonts
|
|
||||||
roboto
|
|
||||||
sampradaya
|
|
||||||
source-code-pro
|
|
||||||
source-sans-pro
|
|
||||||
source-serif-pro
|
|
||||||
tai-ahom
|
|
||||||
tempora_lgc
|
|
||||||
terminus_font
|
|
||||||
theano
|
|
||||||
ubuntu_font_family;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
# create a cache of the font sources, often slow internet connections make it painful to
|
# create a cache of the font sources, often slow internet connections make it painful to
|
||||||
# re-download them after a few months
|
# re-download them after a few months
|
||||||
environment.etc = let
|
environment.etc = let
|
||||||
# fonts with src attributes
|
# fonts with src attributes
|
||||||
font_sources = map (v: v.src) (lib.filter (v: v ? src) config.fonts.fonts);
|
font_sources = map (v: v.src) (lib.filter (v: v ? src) config.fonts.fonts);
|
||||||
in builtins.listToAttrs (lib.imap0 (n: v: lib.nameValuePair "src-cache/fonts/${toString n}" { source = builtins.toPath v; }) font_sources);
|
in builtins.listToAttrs (lib.imap0 (n: v:
|
||||||
|
lib.nameValuePair "src-cache/fonts/${toString n}" {
|
||||||
|
source = builtins.toPath v;
|
||||||
|
}) font_sources);
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,12 +2,14 @@
|
||||||
let
|
let
|
||||||
inherit (import ../common/lib.nix) writeHaskellScript haskellList;
|
inherit (import ../common/lib.nix) writeHaskellScript haskellList;
|
||||||
me = config.m-0.private.me;
|
me = config.m-0.private.me;
|
||||||
test-command = ["${pkgs.systemd}/bin/systemctl" "start" "test-and-bump-config.service"];
|
test-command =
|
||||||
upgrade-command = ["${pkgs.systemd}/bin/systemctl" "start" "system-maintenance.service"];
|
[ "${pkgs.systemd}/bin/systemctl" "start" "test-and-bump-config.service" ];
|
||||||
|
upgrade-command =
|
||||||
|
[ "${pkgs.systemd}/bin/systemctl" "start" "system-maintenance.service" ];
|
||||||
post-update = writeHaskellScript {
|
post-update = writeHaskellScript {
|
||||||
name = "post-update";
|
name = "post-update";
|
||||||
bins = [ pkgs.git pkgs.nix ];
|
bins = [ pkgs.git pkgs.nix ];
|
||||||
imports = [ "System.Environment (lookupEnv)" "Data.Foldable (for_)"];
|
imports = [ "System.Environment (lookupEnv)" "Data.Foldable (for_)" ];
|
||||||
} ''
|
} ''
|
||||||
main = do
|
main = do
|
||||||
mirror <- lookupEnv "GL_OPTION_MIRROR"
|
mirror <- lookupEnv "GL_OPTION_MIRROR"
|
||||||
|
@ -26,17 +28,26 @@ let
|
||||||
exe "sudo" ${haskellList upgrade-command};
|
exe "sudo" ${haskellList upgrade-command};
|
||||||
writeOutput "Done";
|
writeOutput "Done";
|
||||||
'';
|
'';
|
||||||
in
|
in {
|
||||||
{
|
users.users.git.linger =
|
||||||
users.users.git.linger = true; # Frequent restarting of the systemd-user-unit leads to errors
|
true; # Frequent restarting of the systemd-user-unit leads to errors
|
||||||
security.sudo.extraRules = [ { commands = [
|
security.sudo.extraRules = [{
|
||||||
{ command = builtins.concatStringsSep " " test-command; options = [ "NOPASSWD" ]; }
|
commands = [
|
||||||
{ command = builtins.concatStringsSep " " upgrade-command; options = [ "NOPASSWD" ]; }
|
{
|
||||||
]; users = [ "git" ]; } ];
|
command = builtins.concatStringsSep " " test-command;
|
||||||
services.gitolite = {
|
options = [ "NOPASSWD" ];
|
||||||
enable = true;
|
}
|
||||||
user = "git";
|
{
|
||||||
adminPubkey = builtins.elemAt me.keys 0;
|
command = builtins.concatStringsSep " " upgrade-command;
|
||||||
commonHooks = [ "${post-update}/bin/post-update" ];
|
options = [ "NOPASSWD" ];
|
||||||
};
|
}
|
||||||
|
];
|
||||||
|
users = [ "git" ];
|
||||||
|
}];
|
||||||
|
services.gitolite = {
|
||||||
|
enable = true;
|
||||||
|
user = "git";
|
||||||
|
adminPubkey = builtins.elemAt me.keys 0;
|
||||||
|
commonHooks = [ "${post-update}/bin/post-update" ];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,28 +1,23 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
with lib;
|
with lib; {
|
||||||
{
|
options = { m-0.server.initSSHKey = mkOption { type = types.path; }; };
|
||||||
options = {
|
|
||||||
m-0.server.initSSHKey = mkOption {
|
|
||||||
type = types.path;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
boot.initrd = {
|
boot.initrd = {
|
||||||
network = {
|
network = {
|
||||||
enable = true;
|
|
||||||
ssh = {
|
|
||||||
enable = true;
|
enable = true;
|
||||||
authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
|
ssh = {
|
||||||
|
enable = true;
|
||||||
|
authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
|
||||||
|
|
||||||
# generate file with
|
# generate file with
|
||||||
# nix-shell -p dropbear
|
# nix-shell -p dropbear
|
||||||
# dropbearkey -t rsa -f boot_rsa
|
# dropbearkey -t rsa -f boot_rsa
|
||||||
hostRSAKey = config.m-0.server.initSSHKey;
|
hostRSAKey = config.m-0.server.initSSHKey;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
postMountCommands = "ip link set eth0 down";
|
||||||
};
|
};
|
||||||
postMountCommands = "ip link set eth0 down";
|
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,51 +3,51 @@ with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
|
|
||||||
page = pkgs.stdenv.mkDerivation {
|
page = pkgs.stdenv.mkDerivation {
|
||||||
name = "blog.maralorn.de";
|
name = "blog.maralorn.de";
|
||||||
src = builtins.fetchGit "git@hera:blog";
|
src = builtins.fetchGit "git@hera:blog";
|
||||||
buildInputs = [ (pkgs.python3.withPackages (ps: [ps.pelican ps.markdown])) ];
|
buildInputs =
|
||||||
LC_ALL="en_US.UTF-8";
|
[ (pkgs.python3.withPackages (ps: [ ps.pelican ps.markdown ])) ];
|
||||||
LOCALE_ARCHIVE="${pkgs.glibcLocales}/lib/locale/locale-archive";
|
LC_ALL = "en_US.UTF-8";
|
||||||
buildPhase = ''
|
LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
|
||||||
make html
|
buildPhase = ''
|
||||||
'';
|
make html
|
||||||
installPhase = ''
|
'';
|
||||||
mkdir $out
|
installPhase = ''
|
||||||
cp -r output/* $out
|
mkdir $out
|
||||||
'';
|
cp -r output/* $out
|
||||||
};
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
m-0.blog = {
|
m-0.blog = {
|
||||||
enable = mkOption {
|
enable = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf config.m-0.blog.enable {
|
config = mkIf config.m-0.blog.enable {
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
nginx = {
|
nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts."blog.maralorn.de" = {
|
virtualHosts."blog.maralorn.de" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations = {
|
locations = {
|
||||||
"/" = {
|
"/" = {
|
||||||
root = "${page}";
|
root = "${page}";
|
||||||
index = "index.html";
|
index = "index.html";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,8 +5,7 @@ let
|
||||||
|
|
||||||
me = config.m-0.private.me;
|
me = config.m-0.private.me;
|
||||||
|
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
options = {
|
options = {
|
||||||
m-0.laptop.enable = mkOption {
|
m-0.laptop.enable = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
|
@ -14,9 +13,7 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = mkIf config.m-0.laptop.enable {
|
config = mkIf config.m-0.laptop.enable {
|
||||||
networking = {
|
networking = { networkmanager.enable = true; };
|
||||||
networkmanager.enable = true;
|
|
||||||
};
|
|
||||||
i18n.consoleKeyMap = "neo";
|
i18n.consoleKeyMap = "neo";
|
||||||
|
|
||||||
sound.enable = true;
|
sound.enable = true;
|
||||||
|
@ -47,18 +44,18 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
mpd = {
|
mpd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
user = me.user;
|
user = me.user;
|
||||||
group = "users";
|
group = "users";
|
||||||
network.listenAddress = "::1";
|
network.listenAddress = "::1";
|
||||||
musicDirectory = "/home/${me.user}/data/aktuell/media/musik";
|
musicDirectory = "/home/${me.user}/data/aktuell/media/musik";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
audio_output {
|
audio_output {
|
||||||
type "pulse"
|
type "pulse"
|
||||||
name "Pulseaudio"
|
name "Pulseaudio"
|
||||||
server "localhost"
|
server "localhost"
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
xserver = {
|
xserver = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -12,11 +12,14 @@ let
|
||||||
|
|
||||||
dataDir = "/var/lib/systemd/linger";
|
dataDir = "/var/lib/systemd/linger";
|
||||||
|
|
||||||
lingeringUsers = map (u: u.name) (attrValues (flip filterAttrs config.users.users (n: u: u.linger)));
|
lingeringUsers = map (u: u.name)
|
||||||
|
(attrValues (flip filterAttrs config.users.users (n: u: u.linger)));
|
||||||
|
|
||||||
lingeringUsersFile = builtins.toFile "lingering-users"
|
lingeringUsersFile = builtins.toFile "lingering-users" (concatStrings (map
|
||||||
(concatStrings (map (s: "${s}\n")
|
(s: ''
|
||||||
(sort (a: b: a < b) lingeringUsers))); # this sorting is important for `comm` to work correctly
|
${s}
|
||||||
|
'') (sort (a: b: a < b)
|
||||||
|
lingeringUsers))); # this sorting is important for `comm` to work correctly
|
||||||
|
|
||||||
updateLingering = pkgs.writeScript "update-lingering" ''
|
updateLingering = pkgs.writeScript "update-lingering" ''
|
||||||
# Stop when the system is not running, e.g. during nixos-install
|
# Stop when the system is not running, e.g. during nixos-install
|
||||||
|
@ -26,14 +29,10 @@ let
|
||||||
echo "$lingering" | comm -3 -2 ${lingeringUsersFile} - | xargs -r ${pkgs.systemd}/bin/loginctl enable-linger
|
echo "$lingering" | comm -3 -2 ${lingeringUsersFile} - | xargs -r ${pkgs.systemd}/bin/loginctl enable-linger
|
||||||
'';
|
'';
|
||||||
|
|
||||||
in
|
in {
|
||||||
|
|
||||||
{
|
|
||||||
options = {
|
options = {
|
||||||
users.users = mkOption {
|
users.users = mkOption {
|
||||||
options = [{
|
options = [{ linger = mkEnableOption "lingering for the user"; }];
|
||||||
linger = mkEnableOption "lingering for the user";
|
|
||||||
}];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -3,73 +3,72 @@ with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
|
|
||||||
me = config.m-0.private.me;
|
me = config.m-0.private.me;
|
||||||
page = pkgs.stdenv.mkDerivation {
|
page = pkgs.stdenv.mkDerivation {
|
||||||
name = "mathechor.de";
|
name = "mathechor.de";
|
||||||
src = builtins.fetchGit "git@hera:mathechor.de";
|
src = builtins.fetchGit "git@hera:mathechor.de";
|
||||||
buildInputs = [ pkgs.pandoc pkgs.python3 ];
|
buildInputs = [ pkgs.pandoc pkgs.python3 ];
|
||||||
LC_ALL="en_US.UTF-8";
|
LC_ALL = "en_US.UTF-8";
|
||||||
LOCALE_ARCHIVE="${pkgs.glibcLocales}/lib/locale/locale-archive";
|
LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
mkdir $out
|
mkdir $out
|
||||||
cp -r intern/output $out/intern
|
cp -r intern/output $out/intern
|
||||||
cp -r public/output $out/public
|
cp -r public/output $out/public
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
m-0.mathechor-de = {
|
m-0.mathechor-de = {
|
||||||
enable = mkOption {
|
enable = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
};
|
};
|
||||||
password = mkOption {
|
password = mkOption { type = types.str; };
|
||||||
type = types.str;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf config.m-0.mathechor-de.enable {
|
config = mkIf config.m-0.mathechor-de.enable {
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
nginx = {
|
nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts."mathechor.de" = {
|
virtualHosts."mathechor.de" = {
|
||||||
serverAliases = ["www.mathechor.de"];
|
serverAliases = [ "www.mathechor.de" ];
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations = {
|
locations = {
|
||||||
"/" = {
|
"/" = {
|
||||||
root = "${page}/public";
|
root = "${page}/public";
|
||||||
index = "index.html";
|
index = "index.html";
|
||||||
extraConfig = "location ~* \.(otf)$ {add_header Access-Control-Allow-Origin *;}";
|
extraConfig =
|
||||||
|
"location ~* .(otf)$ {add_header Access-Control-Allow-Origin *;}";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
virtualHosts."intern.mathechor.de" = {
|
||||||
virtualHosts."intern.mathechor.de" = {
|
forceSSL = true;
|
||||||
forceSSL = true;
|
enableACME = true;
|
||||||
enableACME = true;
|
basicAuth.mathechor = config.m-0.mathechor-de.password;
|
||||||
basicAuth.mathechor = config.m-0.mathechor-de.password;
|
locations = {
|
||||||
locations = {
|
"/" = {
|
||||||
"/" = {
|
root = "${page}/intern";
|
||||||
root = "${page}/intern";
|
index = "index.html";
|
||||||
index = "index.html";
|
};
|
||||||
};
|
"/mathechor.ics" = {
|
||||||
"/mathechor.ics" = {
|
proxyPass =
|
||||||
proxyPass = "https://cloud.mathechor.de/remote.php/dav/public-calendars/nebsfFTzQKGSSsDc?export";
|
"https://cloud.mathechor.de/remote.php/dav/public-calendars/nebsfFTzQKGSSsDc?export";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_ssl_name cloud.mathechor.de;
|
proxy_ssl_name cloud.mathechor.de;
|
||||||
proxy_ssl_server_name on;
|
proxy_ssl_server_name on;
|
||||||
'';
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,43 +1,37 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let cfg = config.m-0.riot;
|
||||||
cfg = config.m-0.riot;
|
in {
|
||||||
in
|
|
||||||
{
|
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
m-0.riot = {
|
m-0.riot = {
|
||||||
enable = mkOption {
|
enable = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
};
|
};
|
||||||
hostname = mkOption {
|
hostname = mkOption { type = types.str; };
|
||||||
type = types.str;
|
config = mkOption { type = types.attrs; };
|
||||||
};
|
|
||||||
config = mkOption {
|
|
||||||
type = types.attrs;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
services = {
|
services = {
|
||||||
nginx = {
|
nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts."${cfg.hostname}" = {
|
virtualHosts."${cfg.hostname}" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
root = (import <unstable> {}).riot-web;
|
root = (import <unstable> { }).riot-web;
|
||||||
locations."/config.json" = {
|
locations."/config.json" = {
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
default_type application/json;
|
default_type application/json;
|
||||||
return 200 '${builtins.toJSON cfg.config}';
|
return 200 '${builtins.toJSON cfg.config}';
|
||||||
'';
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,20 +1,23 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }: {
|
||||||
{
|
|
||||||
|
|
||||||
imports = [ ./init_ssh.nix ];
|
imports = [ ./init_ssh.nix ];
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
systemd.services."system-maintenance" = {
|
systemd.services."system-maintenance" = {
|
||||||
startAt = "2:45";
|
startAt = "2:45";
|
||||||
environment.NIX_PATH = "/etc/nix-path:nixos-config=/etc/nixos/configuration.nix";
|
environment.NIX_PATH =
|
||||||
path = [ pkgs.git ];
|
"/etc/nix-path:nixos-config=/etc/nixos/configuration.nix";
|
||||||
restartIfChanged = false;
|
path = [ pkgs.git ];
|
||||||
unitConfig.X-StopOnRemoval = false;
|
restartIfChanged = false;
|
||||||
serviceConfig = {
|
unitConfig.X-StopOnRemoval = false;
|
||||||
Type = "oneshot";
|
serviceConfig = {
|
||||||
ExecStart = "${(import ./update-lib.nix config.system.build.nixos-rebuild).system-maintenance}/bin/system-maintenance";
|
Type = "oneshot";
|
||||||
|
ExecStart = "${
|
||||||
|
(import ./update-lib.nix
|
||||||
|
config.system.build.nixos-rebuild).system-maintenance
|
||||||
|
}/bin/system-maintenance";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{ pkgs, config, lib, ... }:
|
||||||
with lib;
|
with lib; {
|
||||||
{
|
|
||||||
|
|
||||||
imports = [ ./admin.nix ];
|
imports = [ ./admin.nix ];
|
||||||
|
|
||||||
|
@ -12,24 +11,20 @@ with lib;
|
||||||
mutableUsers = false;
|
mutableUsers = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
security.sudo.extraConfig = "
|
security.sudo.extraConfig =
|
||||||
Defaults timestamp_type=global, timestamp_timeout=15
|
"\n Defaults timestamp_type=global, timestamp_timeout=15\n ";
|
||||||
";
|
|
||||||
|
|
||||||
services = {
|
services = { sshd.enable = true; };
|
||||||
sshd.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
nix.nixPath = [ "nixos-config=/etc/nixos/configuration.nix" ];
|
nix.nixPath = [ "nixos-config=/etc/nixos/configuration.nix" ];
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
# Put these into an extra file so the essential packages can also be included on non selfadminstrated systems from home-manager
|
# Put these into an extra file so the essential packages can also be included on non selfadminstrated systems from home-manager
|
||||||
systemPackages = builtins.attrValues ({
|
systemPackages = builtins.attrValues ({
|
||||||
inherit (import ./update-lib.nix config.system.build.nixos-rebuild) update-system system-maintenance;
|
inherit (import ./update-lib.nix config.system.build.nixos-rebuild)
|
||||||
} // (import ../common/pkgs.nix).system-pkgs);
|
update-system system-maintenance;
|
||||||
sessionVariables = {
|
} // (import ../common/pkgs.nix).system-pkgs);
|
||||||
TERMINFO = "/run/current-system/sw/share/terminfo";
|
sessionVariables = { TERMINFO = "/run/current-system/sw/share/terminfo"; };
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
programs = {
|
programs = {
|
||||||
|
|
|
@ -1,12 +1,13 @@
|
||||||
{ pkgs, config, lib, ... }:
|
{ pkgs, config, lib, ... }: {
|
||||||
{
|
|
||||||
systemd.services."test-and-bump-config" = {
|
systemd.services."test-and-bump-config" = {
|
||||||
startAt = "20:30";
|
startAt = "20:30";
|
||||||
path = [ pkgs.nix pkgs.gnutar pkgs.gzip pkgs.git pkgs.git-crypt ];
|
path = [ pkgs.nix pkgs.gnutar pkgs.gzip pkgs.git pkgs.git-crypt ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
WorkingDirectory = "/var/cache/gc-links";
|
WorkingDirectory = "/var/cache/gc-links";
|
||||||
ExecStart = "${(import ../common/test-lib.nix).test-and-bump-config}/bin/test-and-bump-config";
|
ExecStart = "${
|
||||||
|
(import ../common/test-lib.nix).test-and-bump-config
|
||||||
|
}/bin/test-and-bump-config";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
nixos-rebuild:
|
nixos-rebuild:
|
||||||
let
|
let
|
||||||
pkgs = import <nixpkgs> {};
|
pkgs = import <nixpkgs> { };
|
||||||
inherit (import ../common/lib.nix) writeHaskellScript get-niv-path home-manager gcRetentionDays;
|
inherit (import ../common/lib.nix)
|
||||||
|
writeHaskellScript get-niv-path home-manager gcRetentionDays;
|
||||||
configPath = "/etc/nixos";
|
configPath = "/etc/nixos";
|
||||||
update-system = writeHaskellScript {
|
update-system = writeHaskellScript {
|
||||||
name = "update-system";
|
name = "update-system";
|
||||||
bins = [ get-niv-path nixos-rebuild ];
|
bins = [ get-niv-path nixos-rebuild ];
|
||||||
}
|
} ''
|
||||||
''
|
|
||||||
getNivPath = readTrim . get_niv_path "${configPath}/nix/sources.nix"
|
getNivPath = readTrim . get_niv_path "${configPath}/nix/sources.nix"
|
||||||
|
|
||||||
getNivAssign name = tag <$> getNivPath name
|
getNivAssign name = tag <$> getNivPath name
|
||||||
|
@ -17,16 +17,15 @@ let
|
||||||
paths <- fmap concat . mapM getNivAssign $ ["nixpkgs", "unstable", "home-manager"]
|
paths <- fmap concat . mapM getNivAssign $ ["nixpkgs", "unstable", "home-manager"]
|
||||||
args <- getArgs
|
args <- getArgs
|
||||||
nixos_rebuild (paths ++ ["switch"] ++ args)
|
nixos_rebuild (paths ++ ["switch"] ++ args)
|
||||||
'';
|
'';
|
||||||
system-maintenance = writeHaskellScript
|
system-maintenance = writeHaskellScript {
|
||||||
{ name = "system-maintenance"; bins = [ pkgs.nix pkgs.git update-system ];} ''
|
name = "system-maintenance";
|
||||||
|
bins = [ pkgs.nix pkgs.git update-system ];
|
||||||
|
} ''
|
||||||
main = do
|
main = do
|
||||||
git "-C" "${configPath}" "pull"
|
git "-C" "${configPath}" "pull"
|
||||||
update_system
|
update_system
|
||||||
nix_collect_garbage "--delete-older-than" "${toString gcRetentionDays}d"
|
nix_collect_garbage "--delete-older-than" "${toString gcRetentionDays}d"
|
||||||
nix "optimise-store"
|
nix "optimise-store"
|
||||||
'';
|
'';
|
||||||
in
|
in { inherit update-system system-maintenance; }
|
||||||
{
|
|
||||||
inherit update-system system-maintenance;
|
|
||||||
}
|
|
||||||
|
|
Loading…
Reference in a new issue