commit edf2c2f5916bc87fd1c112b0f80e1df365b16429
parent b83cc51a6df91f35db23060e192c67ac082a36d7
Author: Katja Ramona Sophie Kwast (zaphyra) <git@zaphyra.eu>
Date: Fri, 14 Nov 2025 12:36:06 +0100
parent b83cc51a6df91f35db23060e192c67ac082a36d7
Author: Katja Ramona Sophie Kwast (zaphyra) <git@zaphyra.eu>
Date: Fri, 14 Nov 2025 12:36:06 +0100
Merge branch 'main' into wip/zaphyra/main
184 files changed, 2527 insertions(+), 1631 deletions(-)
M
|
155
+------------------------------------------------------------------------------
M
|
195
+++++++++++++++++++++++++++++++++++++++++++++++++------------------------------
M
|
356
+++++++++++++++----------------------------------------------------------------
M
|
59
+++++++++++++++++++++++++++++++++--------------------------
M
|
355
++++++++++++++++++++++++++++++++++++++++---------------------------------------
A
|
138
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M
|
135
+++++++++++++++++++++++++++++++++++++++----------------------------------------
M
|
172
+++++++++++++++++++++++++++++++++++++++++--------------------------------------
M
|
120
++++++++++++++++++++++++++++++++++++++++---------------------------------------
M
|
75
+++++++++++++++++++++++++++++++++++++++------------------------------------
M
|
72
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
M
|
124
++++++++++++++++++++++++++++++++++++++++---------------------------------------
M
|
85
++++++++++++++++++++++++++++++++++++++++---------------------------------------
A
|
89
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A
|
180
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A
|
96
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M
|
94
++++++++++++++++++++++++++++++++++++++++----------------------------------------
A
|
205
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/.gitignore b/.gitignore @@ -2,7 +2,7 @@ *.qcow2 # Nix output -result +result* # nixos-anywhere extra-files tmp \ No newline at end of file
diff --git a/.sops.yaml b/.sops.yaml @@ -1,17 +1,19 @@ keys: - &void AB27F5D1136B20D3149FBCC00389451731A3ADDD - &zaphyra BFE6386C8D66BCD4DAE14FC895F0FE7CD7E6A022 + - &eximius age1lkdpl26w3wyaes75hg6wwc2p3puqv24d4xyuf5xc9q9u9we0jq6q8lvz8f - &huntii age1laajqafnm4ft2m73wq7yqug4ts04ddn59wlqs4t30upeqa35dpdqu8fu3n - &haueri age1enkp0mlswl30s4h7z4qvyha4cmc2n2exs0v97276q5mx0jc86ggs7g2dyq - &morio age1wpffcr5p88a2x9dzx5v3sq4jqurvygu94fx773n229fqk4p95qzs840cmn - &novus age1tud4lvpmpx5nqceyp09ls9ej8l80zlh29d8cpjxcajfnnyy85fvqs63snm - - &pratorum age13f7t27x326hamq39qps2ygrftq3ylyn2nx8xga2kqaxgra2p748sphmetv - &polaris age1qyqy5we7zua06ppj654rgd6t7kyw3gem6hnexna98j60klyus4zq68cjlz + - &pratorum age13f7t27x326hamq39qps2ygrftq3ylyn2nx8xga2kqaxgra2p748sphmetv creation_rules: - path_regex: secrets/common\.yaml$ key_groups: - age: + - *eximius - *huntii - *haueri - *morio @@ -19,7 +21,14 @@ creation_rules: - *polaris - *pratorum pgp: + - *void - *zaphyra + - path_regex: secrets/eximius\.yaml$ + key_groups: + - age: + - *eximius + pgp: + - *void - path_regex: secrets/huntii\.yaml$ key_groups: - age:
diff --git a/config/home/common/home.nix b/config/home/common/home.nix @@ -1,6 +1,5 @@ { inputs, - lib, ... }: @@ -8,12 +7,11 @@ imports = [ inputs.impermanence.homeManagerModules.impermanence - #inputs.niriFlake.homeModules.config + #inputs.stylix.homeModules.stylix + inputs.niriFlake.homeModules.config inputs.sopsNix.homeManagerModules.sops - #inputs.sherlock.homeManagerModules.default - #inputs.tgcNUR.homeManagerModules.default + inputs.airpodsctl.homeManagerModules.kairpodsd + inputs.tgcNUR.homeManagerModules.default ]; - home.stateVersion = lib.mkDefault "25.05"; - }
diff --git a/config/home/common/programs/gpg.nix b/config/home/common/programs/gpg.nix @@ -19,11 +19,12 @@ { # emilyyy@jagudev.net source = inputs.self.resources.pgp."A9D363EA211BA9CB03D1B773AA59E255A3896073"; + trust = 4; } { # hannah@totient.eu source = inputs.self.resources.pgp."AB27F5D1136B20D3149FBCC00389451731A3ADDD"; - trust = 4; + #trust = 4; } { #izzie@haaien.xyz @@ -47,17 +48,16 @@ } { # kontakt@governikus.com - source = ( - pkgs.fetchurl { - url = "https://www.governikus.de/wp-content/uploads/2023/06/governikusPubKey.asc"; - sha256 = "sha256-eU7g+c2CAYGLxHCRb0qsnL3CvKgK3lWcKcgrS1WFwz0="; - } - ); + source = pkgs.fetchurl { + url = "https://www.governikus.de/wp-content/uploads/2023/06/governikusPubKey.asc"; + sha256 = "sha256-eU7g+c2CAYGLxHCRb0qsnL3CvKgK3lWcKcgrS1WFwz0="; + }; trust = 3; } { # lmv@lmv.me source = inputs.self.resources.pgp."2C754046341AB6A0C3F0EF6F23100DF8D68F4FA6"; + trust = 4; } ]; };
diff --git a/config/home/common/programs/ssh.nix b/config/home/common/programs/ssh.nix @@ -1,3 +1,5 @@ +_: + { config = {
diff --git a/config/home/common/programs/starship.nix b/config/home/common/programs/starship.nix @@ -1,163 +1,10 @@ -{ - lib, - ... -}: +_: { config = { programs.starship = { enable = true; - - settings = - let - lang = symbol: style: format: { inherit symbol style format; }; - - in - { - format = lib.concatStrings [ - "[](color_orange)" - "$os" - "$username" - "[](bg:color_yellow fg:color_orange)" - "$directory" - "[](fg:color_yellow bg:color_aqua)" - "$git_branch" - "$git_status" - "[](fg:color_aqua bg:color_blue)" - "$c" - "$rust" - "$golang" - "$nodejs" - "$php" - "$java" - "$kotlin" - "$haskell" - "$python" - "[](fg:color_blue bg:color_bg3)" - "$docker_context" - "$conda" - "[](fg:color_bg3 bg:color_bg1)" - "$time" - "[ ](fg:color_bg1)" - "$line_break$character" - ]; - - add_newline = false; - - palette = "gruvbox_dark"; - - palettes.gruvbox_dark = { - color_fg0 = "#fbf1c7"; - color_bg1 = "#3c3836"; - color_bg3 = "#665c54"; - color_blue = "#458588"; - color_aqua = "#689d6a"; - color_green = "#98971a"; - color_orange = "#d65d0e"; - color_purple = "#b16286"; - color_red = "#cc241d"; - color_yellow = "#d79921"; - }; - - os = { - disabled = false; - style = "bg:color_orange fg:color_fg0"; - - symbols = { - Windows = ""; - Ubuntu = ""; - SUSE = ""; - Raspbian = ""; - Mint = ""; - Macos = ""; - Manjaro = ""; - Linux = ""; - Gentoo = ""; - Fedora = ""; - Alpine = ""; - Amazon = ""; - Android = ""; - Arch = ""; - Artix = ""; - CentOS = ""; - Debian = ""; - Redhat = ""; - RedHatEnterprise = ""; - }; - }; - - username = { - show_always = true; - style_user = "bg:color_orange fg:color_fg0"; - style_root = "bg:color_orange fg:color_fg0"; - format = "[ $user ]($style)"; - }; - - directory = { - style = "fg:color_fg0 bg:color_yellow"; - format = "[ $path ]($style)"; - truncation_length = 3; - truncation_symbol = "…/"; - - substitutions = { - "Documents" = " "; - "Downloads" = " "; - "Music" = " "; - "Pictures" = " "; - "Developer" = " "; - }; - }; - - line_break.disabled = false; - status.disabled = false; - - git_branch = { - symbol = ""; - style = "bg:color_aqua"; - format = "[[ $symbol $branch ](fg:color_fg0 bg:color_aqua)]($style)"; - }; - - git_status = { - style = "bg:color_aqua"; - format = "[[($all_status$ahead_behind )](fg:color_fg0 bg:color_aqua)]($style)"; - }; - - conda = { - style = "bg:color_bg3"; - format = "[[ $symbol( $environment) ](fg:#83a598 bg:color_bg3)]($style)"; - }; - - time = { - disabled = false; - time_format = "%R"; - style = "bg:color_bg1"; - format = "[[ $time ](fg:color_fg0 bg:color_bg1)]($style)"; - }; - - character = { - disabled = false; - success_symbol = "[](bold fg:color_green)"; - error_symbol = "[](bold fg:color_red)"; - vimcmd_symbol = "[](bold fg:color_green)"; - vimcmd_replace_one_symbol = "[](bold fg:color_purple)"; - vimcmd_replace_symbol = "[](bold fg:color_purple)"; - vimcmd_visual_symbol = "[](bold fg:color_yellow)"; - }; - - nodejs = lang "" "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - c = lang " " "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - rust = lang "" "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - golang = lang "" "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - php = lang "" "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - java = lang " " "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - kotlin = lang "" "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - haskell = lang "" "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - python = lang "" "bg:color_blue" "[[ $symbol( $version) ](fg:color_fg0 bg:color_blue)]($style)"; - docker_context = - lang "" "bg:color_bg3" - "[[ $symbol( $context) ](fg:#83a598 bg:color_bg3)]($style)"; - }; }; };
diff --git a/config/home/void/home.nix b/config/home/void/home.nix @@ -1,6 +1,8 @@ { - lib, homeManagerModules, + + lib, + pkgs, ... }: @@ -15,4 +17,15 @@ (lib.attrValues void.services) ]; + home = { + packages = with pkgs; [ + thunderbird + ]; + shellAliases = { + ",," = "comma -s"; + }; + }; + programs.nh.enable = true; + programs.librewolf.enable = true; + }
diff --git a/config/home/void/impermanence.nix b/config/home/void/impermanence.nix @@ -0,0 +1,28 @@ +_: + +{ + + home.persistence."/nix/persist/home/void" = { + enable = false; + allowOther = true; + removePrefixDirectory = true; + directories = + let + symlink = path: { + method = "symlink"; + directory = path; + }; + in + [ + (symlink "syncthing/Documents") + (symlink "syncthing/Bahn-Richtlinien") + (symlink "syncthing/Videos") + (symlink "syncthing/Pictures") + (symlink "syncthing/Music") + (symlink "syncthing/Audiobooks") + (symlink "data/Downloads") + (symlink "data/proj") + ]; + }; + +}
diff --git a/config/home/void/programs/eza.nix b/config/home/void/programs/eza.nix @@ -1,3 +1,5 @@ +_: + { config = {
diff --git a/config/home/void/programs/fish.nix b/config/home/void/programs/fish.nix @@ -1,7 +1,9 @@ +_: + { config = { - home.persistence."/nix/persist/home/zaphyra".directories = [ + home.persistence."/nix/persist/home/void".directories = [ "fish/.local/share/fish" ];
diff --git a/config/home/void/programs/fuzzel.nix b/config/home/void/programs/fuzzel.nix @@ -0,0 +1,33 @@ +_: + +{ + + programs.fuzzel = { + enable = true; + settings = { + main = { + launch-prefix = "app2unit --fuzzel-compat --"; + dpi-aware = false; + horizontal-pad = 15; + vertical-pad = 15; + inner-pad = 5; + }; + border = { + width = 2; + radius = 6; + }; + #colors = { + # background = "#000000f0"; # Background color + # text = "#d8daddff"; # Text (foreground) color of unselected entries + # prompt = "#d8daddff"; # Text (foreground) color of prompt character(s) + # input = "#d8daddff"; # Text (foreground) color of input string + # match = "#d8daddff"; # Text (foreground) color of the matched substring + # selection = "#b2a4d4ff"; # Background color of the selected entry + # selection-text = "#000000ff"; # Text (foreground) color of the selected entry + # selection-match = "#b7d4edf2"; # Text (foreground) color of the matched substring of the selected entry + # border = "#b2a4d4ff"; # The color of the match count stats printed at the right-hand side of the input prompt + #}; + }; + }; + +}
diff --git a/config/home/void/programs/git.nix b/config/home/void/programs/git.nix @@ -1,4 +1,8 @@ -{ lib, pkgs, ... }: +{ + lib, + pkgs, + ... +}: let inherit (lib) mkIf mkMerge; in
diff --git a/config/home/void/programs/gpg.nix b/config/home/void/programs/gpg.nix @@ -1,3 +1,5 @@ +_: + { config = {
diff --git a/config/home/void/programs/kitty.nix b/config/home/void/programs/kitty.nix @@ -1,10 +1,11 @@ +_: + { config = { programs.kitty = { enable = true; settings = { term = "xterm-256color"; - background_opacity = "0.75"; enableGitIntegration = true; }; };
diff --git a/config/home/void/programs/ssh.nix b/config/home/void/programs/ssh.nix @@ -1,3 +1,5 @@ +_: + { config = {
diff --git a/config/home/void/programs/sway.nix b/config/home/void/programs/sway.nix @@ -12,9 +12,9 @@ let DOCK_R = "Lenovo Group Limited T23d-10 V90B7ALM"; DOCK_L = "Lenovo Group Limited T23d-10 V90B7AL8"; - ws_2 = "'2: code'"; - ws_3 = "'3: librewolf'"; - ws_4 = "'4: matrix'"; + ws_2 = "'2 dev'"; + ws_3 = "'3 web'"; + ws_4 = "'4 com'"; inherit (wayland.windowManager.sway.config) modifier; @@ -22,10 +22,31 @@ in { config = { + #gtk = { + #enable = true; + #cursorTheme = { + # name = "adwaita"; + # size = 20; + #}; + #iconTheme = { + # name = "Papirus-Dark"; + # package = pkgs.papirus-icon-theme; + #}; + #theme = { + # name = "adwaita"; + # package = pkgs.gnome-themes-extra; + #}; + #}; + + #qt = { + # enable = true; + # platformTheme.name = "adwaita"; + # style.name = "adwaita"; + #}; + home = { packages = with pkgs; [ grim - pulseaudio # for pactl slurp wl-clipboard ]; @@ -38,84 +59,110 @@ in feh.enable = true; }; - wayland.windowManager.sway = { - enable = true; - extraConfig = '' - exec element-desktop - ''; - extraOptions = [ "--unsupported-gpu" ]; - config = { - assigns = { - "${ws_2}" = [ { "app_id" = "code"; } ]; - "${ws_3}" = [ { "app_id" = "librewolf"; } ]; - "${ws_4}" = [ { "app_id" = "Element"; } ]; - }; - bars = [ - { - command = "waybar"; - mode = "hide"; - } - ]; - gaps = { - inner = 8; - outer = 3; - }; - input."*" = { - xkb_layout = "de"; - }; - keybindings = mkOptionDefault { - "${modifier}+2" = "workspace ${ws_2}"; - "${modifier}+3" = "workspace ${ws_3}"; - "${modifier}+4" = "workspace ${ws_4}"; + wayland = { + systemd.target = "sway-session.target"; + windowManager.sway = { + enable = true; + extraConfig = '' + exec element-desktop + ''; + #extraOptions = [ "--unsupported-gpu" ]; + config = { + assigns = { + "${ws_2}" = [ { "app_id" = "code"; } ]; + "${ws_3}" = [ { "app_id" = "librewolf"; } ]; + "${ws_4}" = [ { "app_id" = "Element"; } ]; + }; + bars = [ + { + command = "waybar"; + mode = "hide"; + } + ]; + #colors = { + # focused = { + # background = "#B2A4D4"; + # border = "#B2A4D4"; + # indicator = "#ffffff"; + # childBorder = "#B2A4D4"; + # text = "#000000"; + # }; + #}; + gaps = { + inner = 2; + #outer = 2; + }; + input = { + "12951:6505:ZSA_Technology_Labs_Moonlander_Mark_I".xkb_variant = "''"; + "type:keyboard" = { + xkb_layout = "gb"; + xkb_variant = "colemak_dh"; + }; + "type:touchpad" = { + tap = "enabled"; + natural_scroll = "enabled"; + }; + }; + keybindings = mkOptionDefault { + "${modifier}+2" = "workspace ${ws_2}"; + "${modifier}+3" = "workspace ${ws_3}"; + "${modifier}+4" = "workspace ${ws_4}"; - "${modifier}+Shift+2" = "move container to workspace ${ws_2}"; - "${modifier}+Shift+3" = "move container to workspace ${ws_3}"; - "${modifier}+Shift+4" = "move container to workspace ${ws_4}"; + "${modifier}+Shift+2" = "move container to workspace ${ws_2}"; + "${modifier}+Shift+3" = "move container to workspace ${ws_3}"; + "${modifier}+Shift+4" = "move container to workspace ${ws_4}"; - "${modifier}+Shift+Delete" = "exec 'swaymsg exit'"; - "${modifier}+L" = "exec 'swaylock -f --grace 0'"; - "XF86MonBrightnessDown" = "exec brightnessctl 10%-"; - "XF86MonBrightnessUp" = "exec brightnessctl +10%"; - "XF86AudioRaiseVolume" = "exec 'pactl set-sink-volume @DEFAULT_SINK@ +1%'"; - "XF86AudioLowerVolume" = "exec 'pactl set-sink-volume @DEFAULT_SINK@ -1%'"; - "XF86AudioMute" = "exec 'pactl set-sink-mute @DEFAULT_SINK@ toggle'"; - }; - modifier = "Mod4"; - output."*" = { - bg = "${inputs.self.resources.void.background} fill"; - }; - terminal = "kitty"; - window.titlebar = false; - workspaceOutputAssign = ( - (map - (n: { - output = DOCK_L; - workspace = n; - }) - [ - "6" - "7" - "8" - "9" - "10" - ] - ) - ++ - map + "${modifier}+Shift+Delete" = "exec 'swaymsg exit'"; + "${modifier}+Delete" = "exec 'swaylock -f --grace 0'"; + "--locked XF86MonBrightnessDown" = + "exec '${pkgs.brightnessctl}/bin/brightnessctl set --min-value=19200 10%-'"; + "--locked XF86MonBrightnessUp" = "exec '${pkgs.brightnessctl}/bin/brightnessctl set 10%+'"; + "--locked XF86AudioRaiseVolume" = + "exec '${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_SINK@ 5%+'"; + "--locked XF86AudioLowerVolume" = + "exec '${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_SINK@ 5%-'"; + "--locked XF86AudioMute" = "exec '${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_SINK@ toggle'"; + "Print" = "exec '${pkgs.slurp}/bin/slurp | ${pkgs.grim}/bin/grim'"; + "${modifier}+Tab" = "exec ${pkgs.swayr}/bin/swayr switch-window"; + }; + menu = "${pkgs.fuzzel}/bin/fuzzel"; + modifier = "Mod4"; + output."*" = { + bg = "${inputs.self.resources.void.background} fill"; + }; + terminal = "kitty"; + window.titlebar = false; + workspaceOutputAssign = + (map (n: { - output = DOCK_R; + output = DOCK_L; workspace = n; }) [ - "1" - ws_2 - ws_3 - ws_4 - "5" + "6" + "7" + "8" + "9" + "10" ] - ); + ) + ++ + map + (n: { + output = DOCK_R; + workspace = n; + }) + [ + "1" + ws_2 + ws_3 + ws_4 + "5" + ]; + }; + wrapperFeatures.gtk = true; + #xwayland = false; }; - wrapperFeatures.gtk = true; }; };
diff --git a/config/home/void/programs/swaylock.nix b/config/home/void/programs/swaylock.nix @@ -1,8 +1,8 @@ { - inputs, pkgs, ... }: + { config = { @@ -13,10 +13,10 @@ clock = true; fade-in = 5; grace = 5; - image = inputs.self.resources.void.background; + #image = inputs.self.resources.void.background; indicator = true; indicator-radius = 100; - ring-color = "00497A"; + #ring-color = "00497A"; show-failed-attempts = true; }; };
diff --git a/config/home/void/programs/swayr.nix b/config/home/void/programs/swayr.nix @@ -0,0 +1,30 @@ +{ + config, + ... +}: + +{ + + config = { + + programs.swayr = { + enable = true; + extraConfig = '' + [format] + window_format = "{app_name} - {title} - Workspace: {workspace_name}\u0000icon\u001f{app_icon}" + ''; # We do this here because `settings` does weird string escapism shenanigans that break backslashes; '\\' -> '\\\\' + settings = { + menu = { + executable = "${config.programs.fuzzel.package}/bin/fuzzel"; + args = [ + "--dmenu" + "--lines=30" + "--prompt=Select Window: " + "--width=150" + ]; + }; + }; + systemd.enable = true; + }; + }; +}
diff --git a/config/home/void/programs/waybar.nix b/config/home/void/programs/waybar.nix @@ -3,6 +3,7 @@ pkgs, ... }: + { config = { @@ -38,13 +39,14 @@ "clock" ]; modules-right = [ - "pulseaudio" + "wireplumber" "cpu" "memory" "temperature" "backlight" "battery" "tray" + "power-profiles-daemon" "custom/power" ]; "sway/workspaces" = { @@ -53,24 +55,30 @@ idle_inhibitor = { format = "{icon}"; format-icons = { - activated = ""; - deactivated = ""; + activated = ""; + deactivated = ""; }; }; keyboard-state = { capslock = true; format = "{name} {icon} "; format-icons = { - locked = " "; - unlocked = ""; + locked = ""; + unlocked = ""; }; }; network = { interval = 5; - format-wifi = " {essid} ({signalStrength}%)"; - format-ethernet = " {ifname}"; - format-disconnected = "No connection"; - format-alt = " {ipaddr}/{cidr}"; + format-wifi = "{icon} {essid} ({signalStrength}%)"; + format-ethernet = " {ifname}"; + format-disconnected = " No connection"; + format-alt = " {ipaddr}/{cidr}"; + format-icons = [ + "" + "" + "" + "" + ]; tooltip = false; }; "sway/mode" = { @@ -80,39 +88,39 @@ tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>"; format = "{:%a, %d %b, %H:%M}"; }; - pulseaudio = { + wireplumber = { reverse-scrolling = 1; format = "{volume}% {icon} {format_source}"; format-bluetooth = "{volume}% {icon} {format_source}"; - format-bluetooth-muted = " {icon} {format_source}"; - format-muted = "婢 {format_source}"; + format-bluetooth-muted = " {icon} {format_source}"; + format-muted = " {format_source}"; format-source = "{volume}% "; format-source-muted = ""; format-icons = { - headphone = ""; - hands-free = ""; - headset = ""; - phone = ""; - portable = ""; - car = ""; + headphone = ""; + hands-free = ""; # FIXME: Find proper Icon for this + headset = ""; + phone = ""; + portable = ""; + car = ""; default = [ - "奄" - "奔" - "墳" + "" + "" + "" ]; }; - on-click = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; - on-click-right = "${pkgs.pavucontrol}/bin/pavucontrol"; + on-click = "${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_SINK@ toggle"; + on-click-right = "${pkgs.pwvucontrol}/bin/pwvucontrol"; min-length = 13; }; "cpu" = { - format = "{usage}% "; - format-alt = "{load} "; + format = "{usage}% "; + format-alt = "{load} "; interval = 3; tooltip = false; }; "memory" = { - format = "{}% "; + format = "{}% "; interval = 3; tooltip = false; }; @@ -133,66 +141,54 @@ device = "intel_backlight"; format = "{percent}% {icon}"; format-icons = [ - "" - "" - "" - "" - "" - "" - "" + "" + "" + "" + "" + "" + "" + "" ]; min-length = 7; }; battery = { states = { warning = 30; - critical = 15; + critical = 20; }; format = "{capacity}% {icon}"; - format-charging = "{capacity}% "; + format-charging = "{capacity}% "; format-plugged = "{capacity}% "; format-alt = "{time} {icon}"; format-icons = [ - "" - "" - "" - "" - "" - "" - "" - "" - "" - "" + "" + "" + "" + "" + "" + "" + "" + "" + "" + "" ]; - on-update = pkgs.writeShellScript "check-battery" '' - #!/usr/bin/env sh - - PATH=$PATH:${pkgs.coreutils-full}/bin:${pkgs.libnotify}/bin - - bat=/sys/class/power_supply/BAT0 - CRIT=''${1:-15} - - FILE=~/.config/waybar/scripts/notified - - stat=$(cat $bat/status) - perc=$(cat $bat/capacity) - - if [[ $perc -le $CRIT ]] && [[ $stat == "Discharging" ]]; then - if [[ ! -f "$FILE" ]]; then - notify-send --urgency=critical --icon=dialog-warning "Battery Low" "Current charge: $perc%" - touch $FILE - fi - elif [[ -f "$FILE" ]]; then - rm $FILE - fi - ''; + full-at = 80; }; tray = { icon-size = 16; spacing = 0; }; + power-profiles-daemon = { + format = "{icon}"; + format-icons = { + default = "D"; + performance = ""; + balanced = ""; + power-saver = ""; + }; + }; "custom/power" = { - format = "⏻"; + format = ""; tooltip = false; menu = "on-click"; menu-file = "$HOME/.config/waybar/power_menu.xml"; @@ -205,229 +201,7 @@ }; } ]; - style = '' - * { - border: none; - border-radius: 0; - font-family: MesloLGS NF; - min-height: 20px; - padding: 5px; - } - - window#waybar { - background: transparent; - } - - window#waybar.hidden { - opacity: 0.2; - } - - #workspaces { - margin-right: 8px; - border-radius: 10px; - transition: none; - background: #383c4a; - } - - #workspaces button { - transition: none; - color: #7c818c; - background: transparent; - padding: 0px; - font-size: 18px; - } - - #workspaces button.persistent { - color: #7c818c; - font-size: 12px; - } - - /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ - #workspaces button:hover { - transition: none; - box-shadow: inherit; - text-shadow: inherit; - border-radius: inherit; - color: #383c4a; - background: #7c818c; - } - - #workspaces button.focused { - color: white; - } - - #idle_inhibitor { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #idle_inhibitor.activated { - color: #383c4a; - background: #ffffff; - } - - #keyboard-state { - margin-right: 8px; - padding-left: 16px; - padding-right: 8px; - border-radius: 10px 10px 10px 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #mode { - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #network { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #clock { - padding-left: 16px; - padding-right: 16px; - border-radius: 10px 10px 10px 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #pulseaudio { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #pulseaudio.muted { - background-color: #90b1b1; - color: #2a5c45; - } - - #cpu { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #memory { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #temperature { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #temperature.critical { - background-color: #eb4d4b; - } - - #backlight { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #battery { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #battery.charging { - color: #ffffff; - background-color: #26A65B; - } - - #battery.warning:not(.charging) { - background-color: #ffbe61; - color: black; - } - - #battery.critical:not(.charging) { - background-color: #f53c3c; - color: #ffffff; - animation-name: blink; - animation-duration: 0.5s; - animation-timing-function: linear; - animation-iteration-count: infinite; - animation-direction: alternate; - } - - #tray { - margin-right: 8px; - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - #custom-power { - padding-left: 16px; - padding-right: 16px; - border-radius: 10px; - transition: none; - color: #ffffff; - background: #383c4a; - } - - @keyframes blink { - to { - background-color: #ffffff; - color: #000000; - } - } - ''; - systemd = { - enable = true; - target = "sway-session.target"; - }; + style = builtins.readFile inputs.self.resources.void.programs.waybar.style; }; };
diff --git a/config/home/void/services/gpg-agent.nix b/config/home/void/services/gpg-agent.nix @@ -1,4 +1,9 @@ { + pkgs, + ... +}: + +{ config = { services.gpg-agent = { @@ -8,6 +13,10 @@ "333BB4DAF37CAE63207F463D32EBD69BE5C74E75" "E6EE9F928448B4CBFE3BC4D7ED86FD11FD70C867" ]; + pinentry = { + package = pkgs.pinentry-all; + program = "pinentry-gnome3"; + }; }; };
diff --git a/config/home/void/services/kanshi.nix b/config/home/void/services/kanshi.nix @@ -1,3 +1,5 @@ +_: + { config = {
diff --git a/config/home/void/services/swayidle.nix b/config/home/void/services/swayidle.nix @@ -1,29 +1,48 @@ { config, + lib, + pkgs, ... }: + +let + inherit (lib) getExe getExe'; +in + { config = { services.swayidle = { enable = true; - systemdTarget = "sway-session.target"; timeouts = [ { + timeout = 30; + command = "${getExe pkgs.brightnessctl} set -s $[ $(${getExe pkgs.brightnessctl} get) / 10 ]"; + resumeCommand = "${getExe pkgs.brightnessctl} -r"; + } + { timeout = 90; - command = "${config.programs.swaylock.package}/bin/swaylock -f"; + command = "${getExe' config.wayland.windowManager.sway.package "swaymsg"} 'output * power off'"; + resumeCommand = "${getExe' config.wayland.windowManager.sway.package "swaymsg"} 'output * power on'"; } { - timeout = 95; - command = "${config.wayland.windowManager.sway.package}/bin/swaymsg 'output * power off'"; - resumeCommand = "${config.wayland.windowManager.sway.package}/bin/swaymsg 'output * power on'"; + timeout = 120; + command = "${getExe' pkgs.systemd "loginctl"} lock-session"; } ]; events = [ { event = "before-sleep"; - # Invoke swaylock instantaneously and without animations that inhibit sleep. - command = "${config.programs.swaylock.package}/bin/swaylock -f --grace 0 --fade-in 0"; + # Invoke swaylock instantaneously and without animations that delay sleep. + command = "${getExe config.programs.swaylock.package} -f --grace 0 --fade-in 0"; + } + { + event = "lock"; + command = "${getExe config.programs.swaylock.package} -f --grace 0"; + } + { + event = "unlock"; + command = "${getExe' pkgs.procps "pkill"} -10 swaylock"; } ]; };
diff --git a/config/home/void/services/syncthing.nix b/config/home/void/services/syncthing.nix @@ -0,0 +1,12 @@ +_: + +{ + + services.syncthing = { + enable = true; + overrideDevices = false; + overrideFolders = false; + tray.enable = true; + }; + +}
diff --git a/config/home/zaphyra/configure/fonts.nix b/config/home/zaphyra/configure/fonts.nix @@ -1,4 +1,8 @@ -{ lib, pkgs, ... }: +{ + lib, + pkgs, + ... +}: let adwaita-fonts-nerd = pkgs.stdenvNoCC.mkDerivation {
diff --git a/config/home/zaphyra/configure/gnome.nix b/config/home/zaphyra/configure/gnome.nix @@ -21,32 +21,34 @@ in services.gnome-keyring ]; - home.persistence."/nix/persist/home/${config.home.username}".directories = [ - "dconf/.config/dconf" - "gnome/.local/share/gnome-shell" - ]; + home = { + persistence."/nix/persist/home/${config.home.username}".directories = [ + "dconf/.config/dconf" + "gnome/.local/share/gnome-shell" + ]; + + sessionVariables = { + QT_QPA_PLATFORMTHEME = "gnome"; + }; - home.sessionVariables = { - QT_QPA_PLATFORMTHEME = "gnome"; + packages = + with pkgs; + [ + gnome-power-manager + refine + + xdg-utils + qgnomeplatform + wl-clipboard-x11 + # look and feel from libadwaita ported to GTK-3 + adw-gtk3 + ] + ++ (with pkgs.gnomeExtensions; [ + battery-time-percentage-compact + caffeine + ]); }; - home.packages = - with pkgs; - [ - gnome-power-manager - refine - - xdg-utils - qgnomeplatform - wl-clipboard-x11 - # look and feel from libadwaita ported to GTK-3 - adw-gtk3 - ] - ++ (with pkgs.gnomeExtensions; [ - battery-time-percentage-compact - caffeine - ]); - gtk = { enable = true;
diff --git a/config/home/zaphyra/configure/xdg.nix b/config/home/zaphyra/configure/xdg.nix @@ -1,4 +1,7 @@ -{ config, ... }: +{ + config, + ... +}: {
diff --git a/config/home/zaphyra/gnomeExtensions/bluetoothBatteryMeter.nix b/config/home/zaphyra/gnomeExtensions/bluetoothBatteryMeter.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/gnomeExtensions/dash-to-dock.nix b/config/home/zaphyra/gnomeExtensions/dash-to-dock.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/gnomeExtensions/emoji-copy.nix b/config/home/zaphyra/gnomeExtensions/emoji-copy.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/gnomeExtensions/just-perfection.nix b/config/home/zaphyra/gnomeExtensions/just-perfection.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/gnomeExtensions/pip-on-top.nix b/config/home/zaphyra/gnomeExtensions/pip-on-top.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/gnomeExtensions/search-light.nix b/config/home/zaphyra/gnomeExtensions/search-light.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/gnomeExtensions/space-bar.nix b/config/home/zaphyra/gnomeExtensions/space-bar.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/impermanence.nix b/config/home/zaphyra/impermanence.nix @@ -1,4 +1,4 @@ -{ ... }: +_: {
diff --git a/config/home/zaphyra/programs/airpodsctl.nix b/config/home/zaphyra/programs/airpodsctl.nix @@ -1,5 +1,4 @@ { - inputs, config, pkgs, ...
diff --git a/config/home/zaphyra/programs/alacritty.nix b/config/home/zaphyra/programs/alacritty.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/apostrophe.nix b/config/home/zaphyra/programs/apostrophe.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/bat.nix b/config/home/zaphyra/programs/bat.nix @@ -1,4 +1,4 @@ -{ ... }: +_: {
diff --git a/config/home/zaphyra/programs/bitwarden-cli.nix b/config/home/zaphyra/programs/bitwarden-cli.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/celluloid.nix b/config/home/zaphyra/programs/celluloid.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/chawan.nix b/config/home/zaphyra/programs/chawan.nix @@ -1,4 +1,4 @@ -{ ... }: +_: {
diff --git a/config/home/zaphyra/programs/cozy.nix b/config/home/zaphyra/programs/cozy.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/deploymentUtilities.nix b/config/home/zaphyra/programs/deploymentUtilities.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/eza.nix b/config/home/zaphyra/programs/eza.nix @@ -1,6 +1,4 @@ -{ - ... -}: +_: {
diff --git a/config/home/zaphyra/programs/firefox.nix b/config/home/zaphyra/programs/firefox.nix @@ -8,18 +8,20 @@ { - home.persistence."/nix/persist/home/${config.home.username}".directories = [ - "firefox/.mozilla/firefox/" - "firefox/.cache/mozilla/firefox" - ]; - - home.sessionVariables = { - BROWSER = "firefox"; - }; + home = { + persistence."/nix/persist/home/${config.home.username}".directories = [ + "firefox/.mozilla/firefox/" + "firefox/.cache/mozilla/firefox" + ]; + + sessionVariables = { + BROWSER = "firefox"; + }; - home.file."firefox-gnome-theme" = { - source = inputs.firefoxGnomeTheme; - target = ".mozilla/firefox/${config.home.username}/chrome/firefox-gnome-theme"; + file."firefox-gnome-theme" = { + source = inputs.firefoxGnomeTheme; + target = ".mozilla/firefox/${config.home.username}/chrome/firefox-gnome-theme"; + }; }; programs.firefox = { @@ -99,18 +101,23 @@ DNSOverHTTPS.Locked = true; # enable tracking protection - EnableTrackingProtection.Cryptomining = true; - EnableTrackingProtection.Fingerprinting = true; - EnableTrackingProtection.Value = true; - EnableTrackingProtection.Locked = true; - - UserMessaging.ExtensionRecommendations = false; - UserMessaging.FeatureRecommendations = false; - UserMessaging.UrlbarInterventions = false; - UserMessaging.SkipOnboarding = true; - UserMessaging.MoreFromMozilla = false; - UserMessaging.FirefoxLabs = false; - UserMessaging.Locked = true; + EnableTrackingProtection = { + + Cryptomining = true; + Fingerprinting = true; + Value = true; + Locked = true; + }; + + UserMessaging = { + ExtensionRecommendations = false; + FeatureRecommendations = false; + UrlbarInterventions = false; + SkipOnboarding = true; + MoreFromMozilla = false; + FirefoxLabs = false; + Locked = true; + }; Handlers.schemes = let @@ -174,7 +181,7 @@ }; } // (lib.mapAttrs - (name: value: { + (_name: value: { Status = "locked"; Value = value; }) @@ -279,10 +286,10 @@ ] [ (lib.map (config: { - name = (lib.elemAt config 1); + name = lib.elemAt config 1; value = { installation_mode = "normal_installed"; - default_area = (lib.elemAt config 0); + default_area = lib.elemAt config 0; install_url = "https://addons.mozilla.org/firefox/downloads/latest/${lib.elemAt config 1}/latest.xpi"; }; }))
diff --git a/config/home/zaphyra/programs/fractal.nix b/config/home/zaphyra/programs/fractal.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/fuzzel.nix b/config/home/zaphyra/programs/fuzzel.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +_: let colors = import ../colors.nix;
diff --git a/config/home/zaphyra/programs/ghostty.nix b/config/home/zaphyra/programs/ghostty.nix @@ -1,4 +1,4 @@ -{ ... }: +_: {
diff --git a/config/home/zaphyra/programs/git.nix b/config/home/zaphyra/programs/git.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/gnome-calendar.nix b/config/home/zaphyra/programs/gnome-calendar.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + ... +}: let gnome-online-accounts = pkgs.gnome-online-accounts.overrideAttrs (prevAttrs: {
diff --git a/config/home/zaphyra/programs/gnome-obfuscate.nix b/config/home/zaphyra/programs/gnome-obfuscate.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/gnome-text-editor.nix b/config/home/zaphyra/programs/gnome-text-editor.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/gpg.nix b/config/home/zaphyra/programs/gpg.nix @@ -1,5 +1,4 @@ { - lib, pkgs, ... }:
diff --git a/config/home/zaphyra/programs/gtklock.nix b/config/home/zaphyra/programs/gtklock.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/helix.nix b/config/home/zaphyra/programs/helix.nix @@ -1,4 +1,8 @@ -{ lib, pkgs, ... }: +{ + lib, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/htop.nix b/config/home/zaphyra/programs/htop.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/imv.nix b/config/home/zaphyra/programs/imv.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/languages/golang.nix b/config/home/zaphyra/programs/languages/golang.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/languages/javascript.nix b/config/home/zaphyra/programs/languages/javascript.nix @@ -1,4 +1,8 @@ -{ lib, pkgs, ... }: +{ + lib, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/languages/nimlang.nix b/config/home/zaphyra/programs/languages/nimlang.nix @@ -1,4 +1,8 @@ -{ lib, pkgs, ... }: +{ + lib, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/languages/nix.nix b/config/home/zaphyra/programs/languages/nix.nix @@ -1,4 +1,8 @@ -{ lib, pkgs, ... }: +{ + lib, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/libreoffice.nix b/config/home/zaphyra/programs/libreoffice.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/loupe.nix b/config/home/zaphyra/programs/loupe.nix @@ -1,4 +1,8 @@ -{ lib, pkgs, ... }: +{ + lib, + pkgs, + ... +}: { @@ -17,7 +21,7 @@ "image/svg+xml-compressed" "image/avif" "image/heic" - ] (name: [ "org.gnome.Loupe.desktop" ]); + ] (_name: [ "org.gnome.Loupe.desktop" ]); associations.added = lib.genAttrs [ "image/jpeg" "image/png" @@ -29,7 +33,7 @@ "image/svg+xml-compressed" "image/avif" "image/heic" - ] (name: [ "org.gnome.Loupe.desktop" ]); + ] (_name: [ "org.gnome.Loupe.desktop" ]); }; }
diff --git a/config/home/zaphyra/programs/mcfly.nix b/config/home/zaphyra/programs/mcfly.nix @@ -1,4 +1,7 @@ -{ config, ... }: +{ + config, + ... +}: {
diff --git a/config/home/zaphyra/programs/micro.nix b/config/home/zaphyra/programs/micro.nix @@ -17,7 +17,7 @@ type = lib.types.str; }; options = lib.mkOption { - type = (pkgs.formats.json { }).type; + inherit ((pkgs.formats.json { })) type; default = { }; }; }; @@ -25,192 +25,195 @@ ); }; - # config.programs.sherlock.settings.ignore = "Micro"; - config.programs.micro = { - enable = true; - package = - if systemConfig.modules.presets.graphical.enable then pkgs.micro-with-wl-clipboard else pkgs.micro; - settings = { - "*.nix".tabstospaces = true; - "*.nix".tabmovement = true; - "*.nix".tabsize = 2; + config = { + programs = { + micro = { + enable = true; + package = + if systemConfig.modules.presets.graphical.enable then pkgs.micro-with-wl-clipboard else pkgs.micro; + settings = { + "*.nix".tabstospaces = true; + "*.nix".tabmovement = true; + "*.nix".tabsize = 2; - "*.nim".tabstospaces = true; - "*.nim".tabmovement = true; - "*.nim".tabsize = 2; + "*.nim".tabstospaces = true; + "*.nim".tabmovement = true; + "*.nim".tabsize = 2; - clipboard = "terminal"; + clipboard = "terminal"; - scrollbar = true; - eofnewline = false; - wordwrap = true; - softwrap = true; + scrollbar = true; + eofnewline = false; + wordwrap = true; + softwrap = true; - ignorecase = true; - savehistory = false; + ignorecase = true; + savehistory = false; - "lsp.formatOnSave" = true; - "lsp.tabcompletion" = true; - "lsp.autocompleteDetails" = false; - "lsp.server" = - if systemConfig.modules.presets.graphical.enable != true then - "" - else - (lib.concatMapAttrsStringSep "," ( - name: value: - lib.concatStringsSep "=" ( - [ - name - value.command - ] - ++ (lib.optionals (lib.hasAttr "options" value) [ - (builtins.toJSON (value.options)) - ]) - ) - ) config.programs.micro.lsp-servers); + "lsp.formatOnSave" = true; + "lsp.tabcompletion" = true; + "lsp.autocompleteDetails" = false; + "lsp.server" = + if !systemConfig.modules.presets.graphical.enable then + "" + else + (lib.concatMapAttrsStringSep "," ( + name: value: + lib.concatStringsSep "=" ( + [ + name + value.command + ] + ++ (lib.optionals (lib.hasAttr "options" value) [ + (builtins.toJSON value.options) + ]) + ) + ) config.programs.micro.lsp-servers); + }; + }; }; - }; - config.home = { - sessionVariables.EDITOR = "micro"; - shellAliases.nano = "micro"; - file = { - # keybindings - "${config.xdg.configHome}/micro/bindings.json".source = pkgs.writeText "micro-keybindings.json" ( - builtins.toJSON { - "Alt-," = "PreviousTab"; - "Alt-." = "NextTab"; - "Alt-Backspace" = "DeleteWordLeft"; - "Alt-CtrlH" = "DeleteWordLeft"; - "Alt-F" = "FindLiteral"; - "Alt-[" = "DiffPrevious|CursorStart"; - "Alt-]" = "DiffNext|CursorEnd"; - "Alt-a" = "StartOfLine"; - "Alt-b" = "WordLeft"; - "Alt-c" = "RemoveAllMultiCursors"; - "Alt-e" = "EndOfLine"; - "Alt-f" = "WordRight"; - "Alt-g" = "ToggleKeyMenu"; - "Alt-m" = "SpawnMultiCursorSelect"; - "Alt-n" = "SpawnMultiCursor"; - "Alt-p" = "RemoveMultiCursor"; - "Alt-x" = "SkipMultiCursor"; - "Alt-{" = "ParagraphPrevious"; - "Alt-}" = "ParagraphNext"; - "AltDown" = "MoveLinesDown"; - "AltLeft" = "StartOfTextToggle"; - "AltRight" = "EndOfLine"; - "AltShiftDown" = "SpawnMultiCursorDown"; - "AltShiftLeft" = "SelectToStartOfTextToggle"; - "AltShiftRight" = "SelectToEndOfLine"; - "AltShiftUp" = "SpawnMultiCursorUp"; - "AltUp" = "MoveLinesUp"; - "Backspace" = "Backspace"; - "Backtab" = "OutdentSelection|OutdentLine"; - "Ctrl-MouseLeft" = "MouseMultiCursor"; - "Ctrl-a" = "SelectAll"; - "Ctrl-b" = "ShellMode"; - "Ctrl-c" = "Copy|CopyLine"; - "Ctrl-d" = "DuplicateLine"; - "Ctrl-e" = "CommandMode"; - "Ctrl-f" = "Find"; - "Ctrl-g" = "ToggleHelp"; - "Ctrl-h" = "Backspace"; - "Ctrl-j" = "PlayMacro"; - "Ctrl-k" = "CutLine"; - "Ctrl-l" = "command-edit:goto "; - "Ctrl-n" = "FindNext"; - "Ctrl-o" = "OpenFile"; - "Ctrl-p" = "FindPrevious"; - "Ctrl-q" = "Quit"; - "Ctrl-r" = "ToggleRuler"; - "Ctrl-s" = "Save"; - "Ctrl-t" = "AddTab"; - "Ctrl-u" = "ToggleMacro"; - "Ctrl-v" = "Paste"; - "Ctrl-w" = "NextSplit"; - "Ctrl-x" = "Cut|CutLine"; - "Ctrl-y" = "Redo"; - "Ctrl-z" = "Undo"; - "CtrlDown" = "CursorEnd"; - "CtrlEnd" = "CursorEnd"; - "CtrlHome" = "CursorStart"; - "CtrlPageDown" = "NextTab"; - "CtrlPageUp" = "PreviousTab"; - "AltPageDown" = "NextTab"; - "AltPageUp" = "PreviousTab"; - "CtrlShiftDown" = "SelectToEnd"; - "CtrlShiftLeft" = "SelectWordLeft"; - "CtrlShiftRight" = "SelectWordRight"; - "CtrlShiftUp" = "SelectToStart"; - "CtrlUp" = "CursorStart"; - "Delete" = "Delete"; - "Down" = "CursorDown"; - "End" = "EndOfLine"; - "Enter" = "InsertNewline"; - "Esc" = "Escape"; - "F10" = "Quit"; - "F2" = "Save"; - "F3" = "Find"; - "F4" = "Quit"; - "F7" = "Find"; - "Home" = "StartOfText"; - "Insert" = "ToggleOverwriteMode"; - "Left" = "CursorLeft"; - "MouseLeft" = "MousePress"; - "MouseLeftDrag" = "MouseDrag"; - "MouseLeftRelease" = "MouseRelease"; - "MouseMiddle" = "PastePrimary"; - "MouseWheelDown" = "ScrollDown"; - "MouseWheelUp" = "ScrollUp"; - "PageDown" = "CursorPageDown"; - "PageUp" = "CursorPageUp"; - "Right" = "CursorRight"; - "ShiftDown" = "SelectDown"; - "ShiftEnd" = "SelectToEndOfLine"; - "ShiftHome" = "SelectToStartOfTextToggle"; - "ShiftLeft" = "SelectLeft"; - "ShiftPageDown" = "SelectPageDown"; - "ShiftPageUp" = "SelectPageUp"; - "ShiftRight" = "SelectRight"; - "ShiftUp" = "SelectUp"; - "Tab" = "Autocomplete|IndentSelection|InsertTab"; - "Up" = "CursorUp"; + home = { + sessionVariables.EDITOR = "micro"; + shellAliases.nano = "micro"; + file = { + # keybindings + "${config.xdg.configHome}/micro/bindings.json".source = pkgs.writeText "micro-keybindings.json" ( + builtins.toJSON { + "Alt-," = "PreviousTab"; + "Alt-." = "NextTab"; + "Alt-Backspace" = "DeleteWordLeft"; + "Alt-CtrlH" = "DeleteWordLeft"; + "Alt-F" = "FindLiteral"; + "Alt-[" = "DiffPrevious|CursorStart"; + "Alt-]" = "DiffNext|CursorEnd"; + "Alt-a" = "StartOfLine"; + "Alt-b" = "WordLeft"; + "Alt-c" = "RemoveAllMultiCursors"; + "Alt-e" = "EndOfLine"; + "Alt-f" = "WordRight"; + "Alt-g" = "ToggleKeyMenu"; + "Alt-m" = "SpawnMultiCursorSelect"; + "Alt-n" = "SpawnMultiCursor"; + "Alt-p" = "RemoveMultiCursor"; + "Alt-x" = "SkipMultiCursor"; + "Alt-{" = "ParagraphPrevious"; + "Alt-}" = "ParagraphNext"; + "AltDown" = "MoveLinesDown"; + "AltLeft" = "StartOfTextToggle"; + "AltRight" = "EndOfLine"; + "AltShiftDown" = "SpawnMultiCursorDown"; + "AltShiftLeft" = "SelectToStartOfTextToggle"; + "AltShiftRight" = "SelectToEndOfLine"; + "AltShiftUp" = "SpawnMultiCursorUp"; + "AltUp" = "MoveLinesUp"; + "Backspace" = "Backspace"; + "Backtab" = "OutdentSelection|OutdentLine"; + "Ctrl-MouseLeft" = "MouseMultiCursor"; + "Ctrl-a" = "SelectAll"; + "Ctrl-b" = "ShellMode"; + "Ctrl-c" = "Copy|CopyLine"; + "Ctrl-d" = "DuplicateLine"; + "Ctrl-e" = "CommandMode"; + "Ctrl-f" = "Find"; + "Ctrl-g" = "ToggleHelp"; + "Ctrl-h" = "Backspace"; + "Ctrl-j" = "PlayMacro"; + "Ctrl-k" = "CutLine"; + "Ctrl-l" = "command-edit:goto "; + "Ctrl-n" = "FindNext"; + "Ctrl-o" = "OpenFile"; + "Ctrl-p" = "FindPrevious"; + "Ctrl-q" = "Quit"; + "Ctrl-r" = "ToggleRuler"; + "Ctrl-s" = "Save"; + "Ctrl-t" = "AddTab"; + "Ctrl-u" = "ToggleMacro"; + "Ctrl-v" = "Paste"; + "Ctrl-w" = "NextSplit"; + "Ctrl-x" = "Cut|CutLine"; + "Ctrl-y" = "Redo"; + "Ctrl-z" = "Undo"; + "CtrlDown" = "CursorEnd"; + "CtrlEnd" = "CursorEnd"; + "CtrlHome" = "CursorStart"; + "CtrlPageDown" = "NextTab"; + "CtrlPageUp" = "PreviousTab"; + "AltPageDown" = "NextTab"; + "AltPageUp" = "PreviousTab"; + "CtrlShiftDown" = "SelectToEnd"; + "CtrlShiftLeft" = "SelectWordLeft"; + "CtrlShiftRight" = "SelectWordRight"; + "CtrlShiftUp" = "SelectToStart"; + "CtrlUp" = "CursorStart"; + "Delete" = "Delete"; + "Down" = "CursorDown"; + "End" = "EndOfLine"; + "Enter" = "InsertNewline"; + "Esc" = "Escape"; + "F10" = "Quit"; + "F2" = "Save"; + "F3" = "Find"; + "F4" = "Quit"; + "F7" = "Find"; + "Home" = "StartOfText"; + "Insert" = "ToggleOverwriteMode"; + "Left" = "CursorLeft"; + "MouseLeft" = "MousePress"; + "MouseLeftDrag" = "MouseDrag"; + "MouseLeftRelease" = "MouseRelease"; + "MouseMiddle" = "PastePrimary"; + "MouseWheelDown" = "ScrollDown"; + "MouseWheelUp" = "ScrollUp"; + "PageDown" = "CursorPageDown"; + "PageUp" = "CursorPageUp"; + "Right" = "CursorRight"; + "ShiftDown" = "SelectDown"; + "ShiftEnd" = "SelectToEndOfLine"; + "ShiftHome" = "SelectToStartOfTextToggle"; + "ShiftLeft" = "SelectLeft"; + "ShiftPageDown" = "SelectPageDown"; + "ShiftPageUp" = "SelectPageUp"; + "ShiftRight" = "SelectRight"; + "ShiftUp" = "SelectUp"; + "Tab" = "Autocomplete|IndentSelection|InsertTab"; + "Up" = "CursorUp"; - # plugins - "Alt-/" = "lua:comment.comment"; - "Alt-d" = "command:definition"; - # "Alt-f" = "command:format"; - "Alt-k" = "command:hover"; - "Alt-r" = "command:references"; - "CtrlSpace" = "command:lspcompletion"; - "CtrlUnderscore" = "lua:comment.comment"; - "F1" = "command:cheat"; - # "F4" = "command:jumptag"; - "F5" = "lua:wc.wordCount"; - } - ); + # plugins + "Alt-/" = "lua:comment.comment"; + "Alt-d" = "command:definition"; + # "Alt-f" = "command:format"; + "Alt-k" = "command:hover"; + "Alt-r" = "command:references"; + "CtrlSpace" = "command:lspcompletion"; + "CtrlUnderscore" = "lua:comment.comment"; + "F1" = "command:cheat"; + # "F4" = "command:jumptag"; + "F5" = "lua:wc.wordCount"; + } + ); - # plugins - "${config.xdg.configHome}/micro/plug/lsp".source = pkgs.fetchFromGitHub { - owner = "AndCake"; - repo = "micro-plugin-lsp"; - rev = "v0.6.3"; - sha256 = "sha256-rZ9Vw9WPGNaJBGHKU40F6cBIYQ1JFtSKPDrheazKkPY="; - }; + # plugins + "${config.xdg.configHome}/micro/plug/lsp".source = pkgs.fetchFromGitHub { + owner = "AndCake"; + repo = "micro-plugin-lsp"; + rev = "v0.6.3"; + sha256 = "sha256-rZ9Vw9WPGNaJBGHKU40F6cBIYQ1JFtSKPDrheazKkPY="; + }; - "${config.xdg.configHome}/micro/plug/detectindent".source = pkgs.fetchFromGitHub { - owner = "dmaluka"; - repo = "micro-detectindent"; - rev = "v1.1.0"; - sha256 = "sha256-5bKEkOnhz0pyBR2UNw5vvYiTtpd96fBPTYW9jnETvq4="; - }; + "${config.xdg.configHome}/micro/plug/detectindent".source = pkgs.fetchFromGitHub { + owner = "dmaluka"; + repo = "micro-detectindent"; + rev = "v1.1.0"; + sha256 = "sha256-5bKEkOnhz0pyBR2UNw5vvYiTtpd96fBPTYW9jnETvq4="; + }; - "${config.xdg.configHome}/micro/plug/wc".source = pkgs.fetchFromGitHub { - owner = "adamnpeace"; - repo = "micro-wc-plugin"; - rev = "b2c9957e521770eadc1ecae9d54c0a30f40a0a3d"; - sha256 = "sha256-Z6MC2cet8+7XHv41G+SlAZViCqlh/9dk0CSt7HklnTg="; + "${config.xdg.configHome}/micro/plug/wc".source = pkgs.fetchFromGitHub { + owner = "adamnpeace"; + repo = "micro-wc-plugin"; + rev = "b2c9957e521770eadc1ecae9d54c0a30f40a0a3d"; + sha256 = "sha256-Z6MC2cet8+7XHv41G+SlAZViCqlh/9dk0CSt7HklnTg="; + }; }; }; };
diff --git a/config/home/zaphyra/programs/nautilus.nix b/config/home/zaphyra/programs/nautilus.nix @@ -43,7 +43,7 @@ "application/x-bzip2-compressed-tar" "application/vnd.rar;application/zstd" "application/x-zstd-compressed-tar" - ] (name: [ "org.gnome.Nautilus.desktop" ]); + ] (_name: [ "org.gnome.Nautilus.desktop" ]); gtk.gtk4.extraCss = '' /* remove 'starred' in nautilus side-panel */
diff --git a/config/home/zaphyra/programs/networkManagerDmenu.nix b/config/home/zaphyra/programs/networkManagerDmenu.nix @@ -1,4 +1,8 @@ -{ pkgs, lib, ... }: +{ + pkgs, + lib, + ... +}: {
diff --git a/config/home/zaphyra/programs/niri.nix b/config/home/zaphyra/programs/niri.nix @@ -1,8 +1,6 @@ { - inputs, config, lib, - pkgs, ... }: @@ -51,7 +49,7 @@ position = "top"; }; } - // (lib.genAttrs [ "preset-column-widths" "preset-window-heights" ] (name: [ + // (lib.genAttrs [ "preset-column-widths" "preset-window-heights" ] (_name: [ { proportion = 1.0; } { proportion = 0.75; } { proportion = 0.5; } @@ -78,7 +76,7 @@ } { geometry-corner-radius = lib.genAttrs [ "bottom-left" "bottom-right" "top-left" "top-right" ] ( - name: 6.0 + _name: 6.0 ); clip-to-geometry = true; }
diff --git a/config/home/zaphyra/programs/nmgui.nix b/config/home/zaphyra/programs/nmgui.nix @@ -1,6 +1,4 @@ { - config, - lib, pkgs, ... }:
diff --git a/config/home/zaphyra/programs/ocrmypdf.nix b/config/home/zaphyra/programs/ocrmypdf.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/overskride.nix b/config/home/zaphyra/programs/overskride.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/papers.nix b/config/home/zaphyra/programs/papers.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/password-store.nix b/config/home/zaphyra/programs/password-store.nix @@ -1,4 +1,7 @@ -{ pkgs, lib, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/pdfarranger.nix b/config/home/zaphyra/programs/pdfarranger.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/pipewire.nix b/config/home/zaphyra/programs/pipewire.nix @@ -1,6 +1,5 @@ { config, - lib, pkgs, ... }:
diff --git a/config/home/zaphyra/programs/plattenalbum.nix b/config/home/zaphyra/programs/plattenalbum.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/profanity.nix b/config/home/zaphyra/programs/profanity.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/shellUtilities.nix b/config/home/zaphyra/programs/shellUtilities.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/ssh.nix b/config/home/zaphyra/programs/ssh.nix @@ -1,4 +1,7 @@ -{ config, ... }: +{ + config, + ... +}: {
diff --git a/config/home/zaphyra/programs/tmux.nix b/config/home/zaphyra/programs/tmux.nix @@ -1,4 +1,4 @@ -{ ... }: +_: {
diff --git a/config/home/zaphyra/programs/typst.nix b/config/home/zaphyra/programs/typst.nix @@ -1,4 +1,8 @@ -{ lib, pkgs, ... }: +{ + lib, + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/yazi.nix b/config/home/zaphyra/programs/yazi.nix @@ -1,4 +1,4 @@ -{ ... }: +_: {
diff --git a/config/home/zaphyra/programs/zathura.nix b/config/home/zaphyra/programs/zathura.nix @@ -1,4 +1,7 @@ -{ pkgs, ... }: +{ + pkgs, + ... +}: {
diff --git a/config/home/zaphyra/programs/zoxide.nix b/config/home/zaphyra/programs/zoxide.nix @@ -1,4 +1,7 @@ -{ config, ... }: +{ + config, + ... +}: {
diff --git a/config/home/zaphyra/services/batsignal.nix b/config/home/zaphyra/services/batsignal.nix @@ -1,4 +1,4 @@ -{ ... }: +_: {
diff --git a/config/home/zaphyra/services/gnome-keyring.nix b/config/home/zaphyra/services/gnome-keyring.nix @@ -1,4 +1,7 @@ -{ config, ... }: +{ + config, + ... +}: {
diff --git a/config/home/zaphyra/services/mako.nix b/config/home/zaphyra/services/mako.nix @@ -1,4 +1,8 @@ -{ pkgs, lib, ... }: +{ + pkgs, + lib, + ... +}: {
diff --git a/config/home/zaphyra/services/shaderbg.nix b/config/home/zaphyra/services/shaderbg.nix @@ -1,15 +1,20 @@ -{ inputs, ... }: +{ + inputs, + ... +}: { tgc.services.shaderbg = { enable = true; - systemd.enable = true; - systemd.extraArgs = [ - "--fps" - "10" - ]; - systemd.shaderFile = inputs.self.resources.shaders.background1; + systemd = { + enable = true; + extraArgs = [ + "--fps" + "10" + ]; + shaderFile = inputs.self.resources.shaders.background1; + }; }; }
diff --git a/config/home/zaphyra/services/syncthing.nix b/config/home/zaphyra/services/syncthing.nix @@ -1,4 +1,4 @@ -{ config, ... }: +_: { @@ -8,7 +8,7 @@ cert = ""; key = ""; - settings = {}; + settings = { }; }; }
diff --git a/config/home/zaphyra/services/wlsunset.nix b/config/home/zaphyra/services/wlsunset.nix @@ -1,4 +1,4 @@ -{ ... }: +_: {
diff --git a/config/nixos/dns.nix b/config/nixos/dns.nix @@ -51,7 +51,7 @@ in # serve records defined in all host configs dns.allZones = lib.mkMerge ( lib.mapAttrsToList ( - hostName: hostConfig: hostConfig.config.dns.zones + _hostName: hostConfig: hostConfig.config.dns.zones ) inputs.self.nixosConfigurations ); };
diff --git a/config/nixos/modules/boot/plymouth.nix b/config/nixos/modules/boot/plymouth.nix @@ -32,7 +32,7 @@ in ]; plymouth = { enable = true; - inherit (cfg) theme; + #inherit (cfg) theme; }; }; };
diff --git a/config/nixos/modules/filesystem/impermanence.nix b/config/nixos/modules/filesystem/impermanence.nix @@ -1,16 +1,13 @@ { - pov, povSelf, hostConfig, config, lib, - pkgs, ... }: let inherit (lib) types; - cfgFilesystem = lib.getAttrFromPath pov config; cfg = lib.getAttrFromPath povSelf config; perms = { user = lib.mkOption { @@ -49,7 +46,8 @@ in (submodule { options = { directory = lib.mkOption { type = types.str; }; - } // perms; + } + // perms; }) ]); }; @@ -66,7 +64,8 @@ in type = with types; nullOr (submodule perms); default = null; }; - } // perms; + } + // perms; }) ]); }; @@ -78,7 +77,10 @@ in (lib.mkIf cfg.home.enable { assertions = [ { - assertion = builtins.elem config.modules.filesystem.rootDisk.type [ "btrfs" "zfs" ]; + assertion = builtins.elem config.modules.filesystem.rootDisk.type [ + "btrfs" + "zfs" + ]; message = '' Impermanence is currently only available for BTRFS and ZFS. ''; @@ -91,7 +93,10 @@ in (lib.mkIf cfg.system.enable { assertions = [ { - assertion = builtins.elem config.modules.filesystem.rootDisk.type [ "btrfs" "zfs" ]; + assertion = builtins.elem config.modules.filesystem.rootDisk.type [ + "btrfs" + "zfs" + ]; message = '' Impermanence is currently only available for BTRFS and ZFS. ''; @@ -167,10 +172,12 @@ in "/var/log" "/var/lib/nixos" "/var/lib/systemd/coredump" - ] ++ cfg.system.dirs; + ] + ++ cfg.system.dirs; files = [ "/etc/machine-id" - ] ++ cfg.system.files; + ] + ++ cfg.system.files; }; #zaphyra: hack to persist `/var/lib/private/<service>` (see https://github.com/nix-community/impermanence/issues/213)
diff --git a/config/nixos/modules/filesystem/root.nix.bak b/config/nixos/modules/filesystem/root.nix.bak @@ -0,0 +1,138 @@ +{ + povSelf, + hostConfig, + config, + lib, + pkgs, + ... +}: + +let + inherit (lib) types; + cfg = lib.getAttrFromPath povSelf config; + users = lib.pipe config.modules.users [ + (lib.mapAttrsToList (name: value: if value.enable then name else null)) + (lib.filter (element: !builtins.isNull element)) + ]; + part = + name: content: + if cfg.encrypt then + { + type = "luks"; + settings.allowDiscards = true; + inherit name content; + } + else + content; +in +{ + + options = { + enable = { + type = types.bool; + default = false; + }; + disks = { + type = types.listOf types.path; + }; + type = { + type = types.enum [ + "lvm" + "zfs" + ]; + }; + encrypt = { + type = types.bool; + default = false; + }; + parts = { + home = { + type = types.bool; + default = false; + }; + homePerUser = { + type = types.bool; + default = cfg.parts.home; + }; + nix = { + type = types.bool; + default = true; + }; + tmp = { + type = types.bool; + default = false; + }; + system = { + type = types.bool; + default = false; + }; + }; + reservedSpace = { + type = types.nullOr types.str; + default = "8G"; + }; + swap = { + enable = { + type = types.bool; + default = false; + }; + size = { + type = types.strMatching "[0-9]+[KMGTP]"; + }; + }; + }; + + config = lib.mkIf cfg.enable { + disko.devices = { + disk = listToAttrs (imap0 (i: device: { name = "${hostConfig.hostName}-dsk${toString i}"; value = { + inherit device; + content = { + type = "gpt"; + partitions = { + boot = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + # FIXME: Multidisk? + mountpoint = "/boot"; + mountOptions = [ + "umask=0077" + "dmask=0077" + "nofail" + ]; + }; + }; + cryptroot = { + size = "100%"; + content = { + type = "luks"; + settings = { + allowDiscards = true; # FIXME: If disk is an SSD?? + }; + content = { + type = "lvm_pv"; # FIXME: Or ZFS? + vg = hostConfig.hostName; + }; + }; + }; + }; + }; + }) cfg.disks); + lvm_vg = { + ${hostConfig.hostName} = { + lvs = { + swap = { + size = cfg.swap.size; + content.type = "swap"; + }; + root = {}; + nix = {}; + persist = {}; + home = {}; + }; + }; + }; + }; +}
diff --git a/config/nixos/modules/filesystem/rootDisk.nix b/config/nixos/modules/filesystem/rootDisk.nix @@ -3,7 +3,6 @@ hostConfig, config, lib, - pkgs, ... }: @@ -317,76 +316,74 @@ in }) { - root.content = ( - lib.mkMerge [ - (lib.mkIf (cfg.type == "ext4") ( - part "root" { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - } - )) - (lib.mkIf (cfg.type == "btrfs") ( - part "root" { - type = "btrfs"; - subvolumes = lib.mkMerge [ - { - "/${hostConfig.hostName}/root" = { - mountpoint = "/"; - }; - } - (lib.mkIf cfg.parts.nix { - "/${hostConfig.hostName}/nix" = { - mountOptions = [ - "compress=zstd" - "noatime" - ]; - mountpoint = "/nix"; - }; - }) - (lib.mkIf cfg.parts.system { - "/${hostConfig.hostName}/persist" = { - mountOptions = [ - "compress=zstd" - "noatime" - ]; - mountpoint = "/nix/persist"; - }; - }) - (lib.mkIf (cfg.parts.home && !cfg.parts.homePerUser) { - "/${hostConfig.hostName}/home" = { - mountOptions = [ "compress=zstd" ]; - mountpoint = "/home"; - }; - }) - (lib.mkIf cfg.parts.homePerUser ( - lib.listToAttrs ( - lib.map (user: { - name = + root.content = lib.mkMerge [ + (lib.mkIf (cfg.type == "ext4") ( + part "root" { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + } + )) + (lib.mkIf (cfg.type == "btrfs") ( + part "root" { + type = "btrfs"; + subvolumes = lib.mkMerge [ + { + "/${hostConfig.hostName}/root" = { + mountpoint = "/"; + }; + } + (lib.mkIf cfg.parts.nix { + "/${hostConfig.hostName}/nix" = { + mountOptions = [ + "compress=zstd" + "noatime" + ]; + mountpoint = "/nix"; + }; + }) + (lib.mkIf cfg.parts.system { + "/${hostConfig.hostName}/persist" = { + mountOptions = [ + "compress=zstd" + "noatime" + ]; + mountpoint = "/nix/persist"; + }; + }) + (lib.mkIf (cfg.parts.home && !cfg.parts.homePerUser) { + "/${hostConfig.hostName}/home" = { + mountOptions = [ "compress=zstd" ]; + mountpoint = "/home"; + }; + }) + (lib.mkIf cfg.parts.homePerUser ( + lib.listToAttrs ( + lib.map (user: { + name = + if config.modules.filesystem.impermanence.home.enable then + "/${hostConfig.hostName}/persist/home/${user}" + else + "/${hostConfig.hostName}/home/${user}"; + value = { + mountOptions = [ "compress=zstd" ]; + mountpoint = if config.modules.filesystem.impermanence.home.enable then - "/${hostConfig.hostName}/persist/home/${user}" + "/nix/persist/home/${user}" else - "/${hostConfig.hostName}/home/${user}"; - value = { - mountOptions = [ "compress=zstd" ]; - mountpoint = - if config.modules.filesystem.impermanence.home.enable then - "/nix/persist/home/${user}" - else - "/home/${user}"; - }; - }) users - ) - )) - ]; - } - )) - (lib.mkIf (cfg.type == "zfs") { - type = "zfs"; - pool = hostConfig.hostName; - }) - ] - ); + "/home/${user}"; + }; + }) users + ) + )) + ]; + } + )) + (lib.mkIf (cfg.type == "zfs") { + type = "zfs"; + pool = hostConfig.hostName; + }) + ]; } ( if cfg.swap.enable then
diff --git a/config/nixos/modules/font.nix b/config/nixos/modules/font.nix @@ -2,7 +2,6 @@ povSelf, config, lib, - pkgs, ... }: @@ -24,10 +23,6 @@ in fontDir.enable = true; enableGhostscriptFonts = true; enableDefaultPackages = true; - packages = with pkgs; [ - dejavu_fonts - meslo-lgs-nf - ]; }; };
diff --git a/config/nixos/modules/gnomeMinimal.nix b/config/nixos/modules/gnomeMinimal.nix @@ -28,7 +28,7 @@ in default = { }; }; settings = { - type = settingsFormat.type; + inherit (settingsFormat) type; default = { }; }; }; @@ -38,7 +38,7 @@ in let configFile = settingsFormat.generate "custom.conf" cfg.gdm.settings; - nixos-background-info = pkgs.writeTextFile rec { + nixos-background-info = pkgs.writeTextFile { name = "nixos-background-info"; destination = "/share/gnome-background-properties/nixos.xml"; text = '' @@ -135,9 +135,9 @@ in # Change hardcoded paths to nix store paths. (prev.replaceVars inputs.self.resources.patches.gdm-fix-paths { - coreutils = final.coreutils; - plymouth = final.plymouth; - dbus = final.dbus; + inherit (final) coreutils; + inherit (final) plymouth; + inherit (final) dbus; }) ]; postPatch = '' @@ -217,13 +217,15 @@ in }; services = { - gnome.gnome-settings-daemon.enable = true; - gnome.glib-networking.enable = true; udisks2.enable = true; libinput.enable = true; accounts-daemon.enable = true; - gnome.at-spi2-core.enable = lib.mkDefault true; - gnome.gnome-keyring.enable = lib.mkDefault true; + gnome = { + gnome-settings-daemon.enable = true; + glib-networking.enable = true; + at-spi2-core.enable = lib.mkDefault true; + gnome-keyring.enable = lib.mkDefault true; + }; pipewire.enable = lib.mkDefault true; hardware.bolt.enable = lib.mkDefault true; colord.enable = lib.mkDefault true; @@ -248,14 +250,14 @@ in udev.packages = [ pkgs.mutter ]; dbus.packages = [ pkgs.gdm ]; - geoclue2.enable = lib.mkDefault true; - geoclue2.enableDemoAgent = false; # GNOME has its own geoclue agent - geoclue2.appConfig = - lib.genAttrs [ "gnome-datetime-panel" "gnome-color-panel" "org.gnome.Shell" ] - (name: { - isAllowed = true; - isSystem = true; - }); + geoclue2 = { + enable = lib.mkDefault true; + enableDemoAgent = false; # GNOME has its own geoclue agent + appConfig = lib.genAttrs [ "gnome-datetime-panel" "gnome-color-panel" "org.gnome.Shell" ] (_name: { + isAllowed = true; + isSystem = true; + }); + }; }; programs = { @@ -270,12 +272,14 @@ in mime.enable = true; icons.enable = true; - portal.enable = true; - portal.configPackages = lib.mkDefault [ pkgs.gnome-session ]; - portal.extraPortals = with pkgs; [ - xdg-desktop-portal-gnome - xdg-desktop-portal-gtk - ]; + portal = { + enable = true; + configPackages = lib.mkDefault [ pkgs.gnome-session ]; + extraPortals = with pkgs; [ + xdg-desktop-portal-gnome + xdg-desktop-portal-gtk + ]; + }; }; systemd = { @@ -292,73 +296,75 @@ in # We dont use the upstream gdm service # it has to be disabled since the gdm package has it # https://github.com/NixOS/nixpkgs/issues/108672 - services.gdm.enable = false; + services = { + gdm.enable = false; - services.display-manager = { - description = "Display Manager"; + display-manager = { + description = "Display Manager"; - wants = [ - "systemd-machined.service" - "accounts-daemon.service" - ]; - conflicts = [ - "getty@${pkgs.gdm.initialVT}.service" - "plymouth-quit.service" - ]; - onFailure = [ "plymouth-quit.service" ]; - wantedBy = [ "multi-user.target" ]; - after = [ - "systemd-logind.service" - "systemd-user-sessions.service" - "systemd-machined.service" - "getty@${pkgs.gdm.initialVT}.service" - "acpid.service" - "plymouth-quit.service" - "plymouth-start.service" - ]; + wants = [ + "systemd-machined.service" + "accounts-daemon.service" + ]; + conflicts = [ + "getty@${pkgs.gdm.initialVT}.service" + "plymouth-quit.service" + ]; + onFailure = [ "plymouth-quit.service" ]; + wantedBy = [ "multi-user.target" ]; + after = [ + "systemd-logind.service" + "systemd-user-sessions.service" + "systemd-machined.service" + "getty@${pkgs.gdm.initialVT}.service" + "acpid.service" + "plymouth-quit.service" + "plymouth-start.service" + ]; - path = [ pkgs.gnome-session ]; - environment = { - XDG_DATA_DIRS = lib.makeSearchPath "share" ( - with pkgs; - [ - gdm - gnome-session.sessions - gnome-control-center # for accessibility icon - adwaita-icon-theme - hicolor-icon-theme - ] - ); - }; + path = [ pkgs.gnome-session ]; + environment = { + XDG_DATA_DIRS = lib.makeSearchPath "share" ( + with pkgs; + [ + gdm + gnome-session.sessions + gnome-control-center # for accessibility icon + adwaita-icon-theme + hicolor-icon-theme + ] + ); + }; - serviceConfig = { - KillMode = "mixed"; - IgnoreSIGPIPE = "no"; - BusName = "org.gnome.DisplayManager"; - StandardError = "inherit"; - ExecStart = "${pkgs.gdm}/bin/gdm"; - ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID"; - KeyringMode = "shared"; - EnvironmentFile = "-/etc/locale.conf"; - Restart = "always"; - RestartSec = "200ms"; - SyslogIdentifier = "display-manager"; - }; + serviceConfig = { + KillMode = "mixed"; + IgnoreSIGPIPE = "no"; + BusName = "org.gnome.DisplayManager"; + StandardError = "inherit"; + ExecStart = "${pkgs.gdm}/bin/gdm"; + ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID"; + KeyringMode = "shared"; + EnvironmentFile = "-/etc/locale.conf"; + Restart = "always"; + RestartSec = "200ms"; + SyslogIdentifier = "display-manager"; + }; - restartIfChanged = false; + restartIfChanged = false; - # Stop restarting if the display manager stops (crashes) 2 times in one minute. - startLimitIntervalSec = 30; - startLimitBurst = 3; - }; + # Stop restarting if the display manager stops (crashes) 2 times in one minute. + startLimitIntervalSec = 30; + startLimitBurst = 3; + }; - # Prevent nixos-rebuild switch from bringing down the graphical - # session. (If multi-user.target wants plymouth-quit.service which - # conflicts display-manager.service, then when nixos-rebuild - # switch starts multi-user.target, display-manager.service is - # stopped so plymouth-quit.service can be started.) - services.plymouth-quit = lib.mkIf config.boot.plymouth.enable { - wantedBy = lib.mkForce [ ]; + # Prevent nixos-rebuild switch from bringing down the graphical + # session. (If multi-user.target wants plymouth-quit.service which + # conflicts display-manager.service, then when nixos-rebuild + # switch starts multi-user.target, display-manager.service is + # stopped so plymouth-quit.service can be started.) + plymouth-quit = lib.mkIf config.boot.plymouth.enable { + wantedBy = lib.mkForce [ ]; + }; }; };
diff --git a/config/nixos/modules/hardware/fprint.nix b/config/nixos/modules/hardware/fprint.nix @@ -1,7 +1,5 @@ { - inputs, povSelf, - hostConfig, config, lib, pkgs,
diff --git a/config/nixos/modules/hardware/quirks.nix b/config/nixos/modules/hardware/quirks.nix @@ -1,6 +1,5 @@ { povSelf, - hostConfig, config, lib, ...
diff --git a/config/nixos/modules/hardware/smartcard.nix b/config/nixos/modules/hardware/smartcard.nix @@ -1,6 +1,5 @@ { povSelf, - hostConfig, config, lib, pkgs,
diff --git a/config/nixos/modules/hardware/video/intel.nix b/config/nixos/modules/hardware/video/intel.nix @@ -18,13 +18,19 @@ in }; config = lib.mkIf cfg.enable { - boot.initrd.kernelModules = [ "i915" ]; + hardware.intelgpu.driver = "xe"; + + services.xserver.videoDrivers = [ "intel" ]; + + environment.systemPackages = [ pkgs.vulkan-validation-layers ]; hardware.graphics = { enable = true; + enable32Bit = true; extraPackages = with pkgs; [ + libvdpau-va-gl vpl-gpu-rt - intel-media-driver + libva ]; }; };
diff --git a/config/nixos/modules/homeManager.nix b/config/nixos/modules/homeManager.nix @@ -26,17 +26,18 @@ in { home-manager = { useGlobalPkgs = true; + useUserPackages = true; extraSpecialArgs = { inherit (inputs.self) homeManagerModules; - inputs = inputs; + inherit inputs; systemConfig = config; }; sharedModules = [ { home.sessionVariables = { - NIXPKGS_PATH = NIXPKGS_PATH; + inherit NIXPKGS_PATH; NIX_PATH = "nixpkgs=${NIXPKGS_PATH}"; }; }
diff --git a/config/nixos/modules/networking/dn42.nix b/config/nixos/modules/networking/dn42.nix @@ -76,11 +76,9 @@ in config = lib.mkIf cfg.enable { networking.firewall.allowedUDPPorts = lib.mapAttrsToList ( - name: peerConfig: peerConfig.listenPort + _name: peerConfig: peerConfig.listenPort ) cfg.peerings; - systemd.services.systemd-networkd.after = [ "sops-install-secrets.service" ]; - sops.secrets = lib.pipe cfg.peerings [ (lib.mapAttrsToList ( name: peerConfig: @@ -101,65 +99,69 @@ in lib.listToAttrs ]; - systemd.network = { - netdevs = lib.mapAttrs' ( - name: peerConfig: - lib.nameValuePair "20-dn42${name}" { - netdevConfig = { - Kind = "wireguard"; - Name = "dn42${name}"; - }; - wireguardConfig = { - ListenPort = peerConfig.listenPort; - PrivateKeyFile = config.sops.secrets."dn42/peerings/${name}/wgPrivateKey".path; - } - // (lib.optionalAttrs peerConfig.hasPresharedKey { - PresharedKeyFile = config.sops.secrets."dn42/peerings/${name}/wgPresharedKey".path; - }); - wireguardPeers = [ - { - PersistentKeepalive = 30; - Endpoint = lib.mkIf (!builtins.isNull peerConfig.endpoint) peerConfig.endpoint; - PublicKey = peerConfig.publicKey; - AllowedIPs = [ - "fd00::/8" - peerConfig.remoteLinkLocalAddress - ]; + systemd = { + network = { + netdevs = lib.mapAttrs' ( + name: peerConfig: + lib.nameValuePair "20-dn42${name}" { + netdevConfig = { + Kind = "wireguard"; + Name = "dn42${name}"; + }; + wireguardConfig = { + ListenPort = peerConfig.listenPort; + PrivateKeyFile = config.sops.secrets."dn42/peerings/${name}/wgPrivateKey".path; } - ]; - } - ) cfg.peerings; + // (lib.optionalAttrs peerConfig.hasPresharedKey { + PresharedKeyFile = config.sops.secrets."dn42/peerings/${name}/wgPresharedKey".path; + }); + wireguardPeers = [ + { + PersistentKeepalive = 30; + Endpoint = lib.mkIf (!builtins.isNull peerConfig.endpoint) peerConfig.endpoint; + PublicKey = peerConfig.publicKey; + AllowedIPs = [ + "fd00::/8" + peerConfig.remoteLinkLocalAddress + ]; + } + ]; + } + ) cfg.peerings; - networks = lib.mapAttrs' ( - name: peerConfig: - lib.nameValuePair "20-dn42${name}" { - matchConfig.Name = "dn42${name}"; - linkConfig.RequiredForOnline = "no"; + networks = lib.mapAttrs' ( + name: peerConfig: + lib.nameValuePair "20-dn42${name}" { + matchConfig.Name = "dn42${name}"; + linkConfig.RequiredForOnline = "no"; - address = [ peerConfig.localLinkLocalAddress ]; - routes = [ { Destination = "${peerConfig.remoteLinkLocalAddress}/128"; } ]; + address = [ peerConfig.localLinkLocalAddress ]; + routes = [ { Destination = "${peerConfig.remoteLinkLocalAddress}/128"; } ]; - networkConfig = { - IPv6Forwarding = true; - IPv6AcceptRA = false; - DHCP = false; - }; - } - ) cfg.peerings; - }; - - systemd.services.stayrtr = { - wantedBy = [ - "multi-user.target" - "bird.service" - ]; - serviceConfig.DynamicUser = true; - serviceConfig.ExecStart = '' - ${lib.getExe pkgs.stayrtr} \ - -bind [::1]:8282 \ - -cache=https://dn42.burble.com/roa/dn42_roa_46.json \ - -checktime=false - ''; + networkConfig = { + IPv6Forwarding = true; + IPv6AcceptRA = false; + DHCP = false; + }; + } + ) cfg.peerings; + }; + services = { + systemd-networkd.after = [ "sops-install-secrets.service" ]; + stayrtr = { + wantedBy = [ + "multi-user.target" + "bird.service" + ]; + serviceConfig.DynamicUser = true; + serviceConfig.ExecStart = '' + ${lib.getExe pkgs.stayrtr} \ + -bind [::1]:8282 \ + -cache=https://dn42.burble.com/roa/dn42_roa_46.json \ + -checktime=false + ''; + }; + }; }; services.bird = { @@ -289,7 +291,7 @@ in }; ${lib.concatStringsSep "\n" ( - lib.mapAttrsToList (name: peerConfig: '' + lib.mapAttrsToList (name: _peerConfig: '' interface "${name}"; '') cfg.babel.peerings )}
diff --git a/config/nixos/modules/nix/disableChannels.nix b/config/nixos/modules/nix/disableChannels.nix @@ -2,7 +2,6 @@ povSelf, config, lib, - pkgs, ... }:
diff --git a/config/nixos/modules/presets/base.nix b/config/nixos/modules/presets/base.nix @@ -24,12 +24,12 @@ in boot.kernel.sysctl."kernel.sysrq" = lib.mkDefault 1; # make things more declerative - services.userborn.enable = lib.mkDefault true; - users.mutableUsers = lib.mkForce false; + #services.userborn.enable = lib.mkDefault true; + #users.mutableUsers = lib.mkForce false; networking = { hostId = builtins.substring 0 8 (builtins.hashString "sha256" hostConfig.hostName); - hostName = hostConfig.hostName; + inherit (hostConfig) hostName; domain = lib.mkDefault hostConfig.domain; useNetworkd = lib.mkDefault true; @@ -42,8 +42,10 @@ in hardware.enableRedistributableFirmware = true; modules = { - boot.enable = lib.mkDefault true; - boot.type = lib.mkDefault "uefi"; + boot = { + enable = lib.mkDefault true; + type = lib.mkDefault "uefi"; + }; locale.enable = lib.mkDefault true; unfree.enable = lib.mkDefault true; @@ -77,6 +79,10 @@ in }; }; + programs = { + command-not-found.enable = false; # Not usable without channels; use nix-index instead. + }; + services = { dbus.implementation = "broker"; #fstrim.enable = lib.mkDefault true; @@ -85,7 +91,6 @@ in security.sudo.extraConfig = "Defaults lecture=\"never\""; # "We trust you have received the usual lecture from the local System Administrator." system = { - switch.enableNg = true; # thanks piegames (https://git.darmstadt.ccc.de/piegames/home-config/-/blob/master/modules/generic.nix#L84) activationScripts = { diff = {
diff --git a/config/nixos/modules/presets/graphical/enable.nix b/config/nixos/modules/presets/graphical/enable.nix @@ -17,7 +17,7 @@ in }; config = lib.mkIf cfg { - environment.sessionVariables = { + environment.sessionVariables = { _JAVA_AWT_WM_NONREPARENTING = "1"; NIXOS_OZONE_WL = "1"; SDL_VIDEODRIVER = "wayland"; # Can break some native games @@ -32,6 +32,7 @@ in }; font.enable = true; homeManager.enable = lib.mkDefault true; + programs.nixUtilities.enable = lib.mkDefault true; }; };
diff --git a/config/nixos/modules/presets/graphical/type.nix b/config/nixos/modules/presets/graphical/type.nix @@ -1,12 +1,9 @@ { - povSelf, - config, lib, ... }: let inherit (lib) types; - cfg = lib.getAttrFromPath povSelf config; in { @@ -16,6 +13,7 @@ in types.enum [ "gnomeMinimal" "niri" + "sway" ] ); default = null;
diff --git a/config/nixos/modules/presets/graphical/typeGnomeMinimal.nix b/config/nixos/modules/presets/graphical/typeGnomeMinimal.nix @@ -6,7 +6,6 @@ ... }: let - inherit (lib) types; cfg = lib.getAttrFromPath pov config; in @@ -14,7 +13,7 @@ in config = lib.mkIf (cfg.enable && (cfg.type == "gnomeMinimal")) { nixpkgs.overlays = [ - (final: prev: { + (_final: prev: { # patch gdm to automaticly select the first user gnome-shell = prev.gnome-shell.overrideAttrs (prevAttrs: { patches = prevAttrs.patches ++ [ inputs.self.resources.patches.gdm-autoselect-user ];
diff --git a/config/nixos/modules/presets/graphical/typeSway.nix b/config/nixos/modules/presets/graphical/typeSway.nix @@ -0,0 +1,43 @@ +{ + pov, + config, + lib, + ... +}: +let + cfg = lib.getAttrFromPath pov config; + +in +{ + + config = lib.mkIf (cfg.enable && (cfg.type == "sway")) { + modules = { + #hardware.bluetooth.enable = true; + networking.NetworkManager.enable = true; # TODO: why is this *here*? + + services = { + #udisks2.enable = true; + #gvfs.enable = true; + + upower.enable = true; + power-profiles-daemon.enable = true; + + #swaylock.enable = lib.mkDefault true; + greetd = { + enable = lib.mkDefault true; + greeter = lib.mkDefault "regreet"; + autoLogin.command = lib.mkDefault "sway"; + }; + }; + }; + + security.polkit.enable = true; + + programs = { + #dconf.enable = true; + #niri.enable = true; + #niri.package = pkgs.unstable.niri; + }; + }; + +}
diff --git a/config/nixos/modules/presets/minimal.nix b/config/nixos/modules/presets/minimal.nix @@ -1,10 +1,7 @@ { povSelf, - pkgs, lib, config, - hostConfig, - modulesPath, ... }: let @@ -60,4 +57,4 @@ in }; -}- \ No newline at end of file +}
diff --git a/config/nixos/modules/presets/netcup.nix b/config/nixos/modules/presets/netcup.nix @@ -1,6 +1,5 @@ { povSelf, - pkgs, lib, config, hostConfig,
diff --git a/config/nixos/modules/presets/networkManagerProfiles/cccdaWifi.nix b/config/nixos/modules/presets/networkManagerProfiles/cccdaWifi.nix @@ -3,7 +3,6 @@ pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/networkManagerProfiles/grogHomeWifi.nix b/config/nixos/modules/presets/networkManagerProfiles/grogHomeWifi.nix @@ -1,10 +1,8 @@ { povSelf, inputs, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/networkManagerProfiles/voidHomeWifi.nix b/config/nixos/modules/presets/networkManagerProfiles/voidHomeWifi.nix @@ -1,10 +1,8 @@ { povSelf, inputs, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/networkManagerProfiles/voidPhoneWifi.nix b/config/nixos/modules/presets/networkManagerProfiles/voidPhoneWifi.nix @@ -1,10 +1,8 @@ { povSelf, inputs, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/networkManagerProfiles/zaphyraHomeWifi.nix b/config/nixos/modules/presets/networkManagerProfiles/zaphyraHomeWifi.nix @@ -1,10 +1,8 @@ { povSelf, inputs, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/networkManagerProfiles/zaphyraPhoneWifi.nix b/config/nixos/modules/presets/networkManagerProfiles/zaphyraPhoneWifi.nix @@ -1,10 +1,8 @@ { povSelf, inputs, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/void/enable.nix b/config/nixos/modules/presets/void/enable.nix @@ -1,9 +1,7 @@ { povSelf, - pkgs, lib, config, - hostConfig, ... }: let @@ -19,9 +17,14 @@ in }; config = lib.mkIf cfg { + boot.bcache.enable = false; fonts.fontconfig.defaultFonts = { monospace = [ "MesloLGS NF" ]; }; + modules.hardware.smartcard.enable = lib.mkDefault config.modules.presets.graphical.enable; + programs = { + nix-index.enable = true; + }; }; }
diff --git a/config/nixos/modules/presets/void/stylix.nix b/config/nixos/modules/presets/void/stylix.nix @@ -0,0 +1,49 @@ +{ + config, + inputs, + lib, + pkgs, + ... +}: + +{ + + config = lib.mkIf (config.modules.presets.void.enable && config.modules.presets.graphical.enable) { + home-manager.sharedModules = [ + { + dconf.settings."org/gnome/desktop/interface".color-scheme = lib.mkForce "prefer-dark"; + stylix.targets.librewolf = { + #colorTheme.enable = true; + profileNames = [ "default" ]; + }; + } + ]; + stylix = { + enable = true; + base16Scheme = "${pkgs.base16-schemes}/share/themes/catppuccin-mocha.yaml"; + image = inputs.self.resources.void.background; + fonts = { + serif = { + #package = pkgs.roboto; + #name = "Roboto Serif"; + }; + sansSerif = { + #package = pkgs.roboto; + #name = "Roboto Sans"; + }; + monospace = { + package = pkgs.nerd-fonts.fira-code; + name = "FiraCode Nerd Font"; + }; + }; + iconTheme = { + enable = true; + package = pkgs.papirus-icon-theme; + dark = "Papirus-Dark"; + light = "Papirus-Light"; + }; + opacity.terminal = 0.9; + }; + }; + +}
diff --git a/config/nixos/modules/presets/zaphyra/dn42.nix b/config/nixos/modules/presets/zaphyra/dn42.nix @@ -1,7 +1,5 @@ { - inputs, povSelf, - pkgs, lib, config, hostConfig,
diff --git a/config/nixos/modules/presets/zaphyra/dnsServer.nix b/config/nixos/modules/presets/zaphyra/dnsServer.nix @@ -1,10 +1,8 @@ { inputs, povSelf, - pkgs, lib, config, - hostConfig, dnsNix, ... }: @@ -111,12 +109,8 @@ in inherit SOA NS CAA; subdomains = { - ns1 = ( - host inputs.self.hosts.morio.networking.ip4Address inputs.self.hosts.morio.networking.ip6Address - ); - ns2 = ( - host inputs.self.hosts.novus.networking.ip4Address inputs.self.hosts.novus.networking.ip6Address - ); + ns1 = host inputs.self.hosts.morio.networking.ip4Address inputs.self.hosts.morio.networking.ip6Address; + ns2 = host inputs.self.hosts.novus.networking.ip4Address inputs.self.hosts.novus.networking.ip6Address; _atproto.TXT = [ "did=did:plc:zaeuok3fmh2pcp4cjiicku4i" ]; }; @@ -148,7 +142,7 @@ in dns = { enable = true; - allZones = allZones; + inherit allZones; }; modules.services = { @@ -156,7 +150,7 @@ in enable = true; primary = cfg.isPrimary; zones = lib.mkIf cfg.isPrimary ( - lib.mapAttrs (name: value: { + lib.mapAttrs (_name: value: { file = value; journal-content = "all"; zonefile-sync = -1;
diff --git a/config/nixos/modules/presets/zaphyra/enable.nix b/config/nixos/modules/presets/zaphyra/enable.nix @@ -90,18 +90,16 @@ in }; certs."${config.networking.fqdn}" = { group = lib.mkIf config.services.nginx.enable "nginx"; - extraDomainNames = ( - lib.pipe config.services.nginx.virtualHosts [ - (lib.mapAttrsToList ( - key: config: [ - (if config ? serverAliases then config.serverAliases else [ ]) - key - ] - )) - lib.flatten - (lib.filter (domain: !(lib.hasSuffix "dn42" domain))) - ] - ); + extraDomainNames = lib.pipe config.services.nginx.virtualHosts [ + (lib.mapAttrsToList ( + key: config: [ + (config.serverAliases or [ ]) + key + ] + )) + lib.flatten + (lib.filter (domain: !(lib.hasSuffix "dn42" domain))) + ]; }; }; };
diff --git a/config/nixos/modules/presets/zaphyra/mailServer.nix b/config/nixos/modules/presets/zaphyra/mailServer.nix @@ -130,7 +130,7 @@ in }; }; } - // (lib.mapAttrs (domain: dkimKey: { + // (lib.mapAttrs (_domain: dkimKey: { inherit MX TXT; subdomains = { @@ -245,7 +245,8 @@ in domains = [ cfg.primaryDomain - ] ++ (lib.attrNames cfg.extraDomains); + ] + ++ (lib.attrNames cfg.extraDomains); loginAccounts = { "katja@zaphyra.eu" = {
diff --git a/config/nixos/modules/presets/zaphyra/mautrixBridges/signal.nix b/config/nixos/modules/presets/zaphyra/mautrixBridges/signal.nix @@ -20,8 +20,8 @@ in config = lib.mkIf cfg.enable { assertions = [ { - assertion = config.modules.websites."continuwuity.zaphyra.eu".enable == true; - message = "The option 'modules.websites.\"continuwuity.zaphyra.eu\"' must be enabled in order to use this module."; + assertion = config.modules.websites."grapevine.zaphyra.eu".enable; + message = "The option 'modules.websites.\"grapevine.zaphyra.eu\"' must be enabled in order to use this module."; } ]; @@ -68,7 +68,7 @@ in cleanup_on_logout = { enabled = true; } - // (lib.genAttrs [ "manual" "bad_credentials" ] (name: { + // (lib.genAttrs [ "manual" "bad_credentials" ] (_name: { shared_has_users = "delete"; shared_no_users = "delete"; relayed = "delete";
diff --git a/config/nixos/modules/presets/zaphyra/mautrixBridges/telegram.nix b/config/nixos/modules/presets/zaphyra/mautrixBridges/telegram.nix @@ -3,7 +3,6 @@ pkgs, lib, config, - hostConfig, ... }: let @@ -21,8 +20,8 @@ in config = lib.mkIf cfg.enable { assertions = [ { - assertion = config.modules.websites."continuwuity.zaphyra.eu".enable == true; - message = "The option 'modules.websites.\"continuwuity.zaphyra.eu\"' must be enabled in order to use this module."; + assertion = config.modules.websites."grapevine.zaphyra.eu".enable; + message = "The option 'modules.websites.\"grapevine.zaphyra.eu\"' must be enabled in order to use this module."; } ]; @@ -71,7 +70,7 @@ in cleanup_on_logout = { enabled = true; } - // (lib.genAttrs [ "manual" "bad_credentials" ] (name: { + // (lib.genAttrs [ "manual" "bad_credentials" ] (_name: { shared_has_users = "delete"; shared_no_users = "delete"; relayed = "delete";
diff --git a/config/nixos/modules/presets/zaphyra/mautrixBridges/whatsapp.nix b/config/nixos/modules/presets/zaphyra/mautrixBridges/whatsapp.nix @@ -3,7 +3,6 @@ pkgs, lib, config, - hostConfig, ... }: let @@ -21,8 +20,8 @@ in config = lib.mkIf cfg.enable { assertions = [ { - assertion = config.modules.websites."continuwuity.zaphyra.eu".enable == true; - message = "The option 'modules.websites.\"continuwuity.zaphyra.eu\"' must be enabled in order to use this module."; + assertion = config.modules.websites."grapevine.zaphyra.eu".enable; + message = "The option 'modules.websites.\"grapevine.zaphyra.eu\"' must be enabled in order to use this module."; } ]; @@ -41,9 +40,11 @@ in url_previews = true; history_sync = { request_full_sync = true; - full_sync_config.days_limit = 1000; - full_sync_config.size_mb_limit = 1024; - full_sync_config.storage_quota_mb = 1024; + full_sync_config = { + days_limit = 1000; + size_mb_limit = 1024; + storage_quota_mb = 1024; + }; }; }; @@ -80,7 +81,7 @@ in cleanup_on_logout = { enabled = true; } - // (lib.genAttrs [ "manual" "bad_credentials" ] (name: { + // (lib.genAttrs [ "manual" "bad_credentials" ] (_name: { shared_has_users = "delete"; shared_no_users = "delete"; relayed = "delete";
diff --git a/config/nixos/modules/presets/zaphyra/networkManagerProfiles/dn42.nix b/config/nixos/modules/presets/zaphyra/networkManagerProfiles/dn42.nix @@ -1,9 +1,7 @@ { povSelf, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/zaphyra/router/enable.nix b/config/nixos/modules/presets/zaphyra/router/enable.nix @@ -4,7 +4,6 @@ pkgs, lib, config, - hostConfig, ... }: let @@ -50,43 +49,47 @@ in }; services = { - avahi.enable = true; - avahi.reflector = true; - avahi.allowInterfaces = [ "brlan" ]; - - kresd.enable = true; - kresd.listenPlain = [ - "10.0.0.1:53" - "[fd6b:6174:6a61::5]:53" - ]; - kresd.extraConfig = '' - require 'math' - math.randomseed(os.time()) - - modules.load('dns64') - modules.load('view') - - dns64.config('64:ff9b::') - - -- disable dns64 for all IPv4 source addresses - view:addr('0.0.0.0/0', policy.all(policy.FLAGS('DNS64_DISABLE'))) - - dns_providers = { - { -- Quad9 - '9.9.9.9', '149.112.112.112' - }, - { -- Cloudflare - '1.1.1.1', '1.0.0.1' - }, - { -- Google - '8.8.8.8', '8.8.4.4' + avahi = { + enable = true; + reflector = true; + allowInterfaces = [ "brlan" ]; + }; + + kresd = { + enable = true; + listenPlain = [ + "10.0.0.1:53" + "[fd6b:6174:6a61::5]:53" + ]; + extraConfig = '' + require 'math' + math.randomseed(os.time()) + + modules.load('dns64') + modules.load('view') + + dns64.config('64:ff9b::') + + -- disable dns64 for all IPv4 source addresses + view:addr('0.0.0.0/0', policy.all(policy.FLAGS('DNS64_DISABLE'))) + + dns_providers = { + { -- Quad9 + '9.9.9.9', '149.112.112.112' + }, + { -- Cloudflare + '1.1.1.1', '1.0.0.1' + }, + { -- Google + '8.8.8.8', '8.8.4.4' + } } - } - policy.add(function (request, query) - return policy.FORWARD(dns_providers[math.random(1, #dns_providers)]) - end) - ''; + policy.add(function (request, query) + return policy.FORWARD(dns_providers[math.random(1, #dns_providers)]) + end) + ''; + }; }; };
diff --git a/config/nixos/modules/presets/zaphyra/router/pppd.nix b/config/nixos/modules/presets/zaphyra/router/pppd.nix @@ -1,10 +1,7 @@ { povSelf, - pkgs, lib, config, - hostConfig, - utils, ... }: let
diff --git a/config/nixos/modules/presets/zaphyra/router/systemd-networkd.nix b/config/nixos/modules/presets/zaphyra/router/systemd-networkd.nix @@ -1,6 +1,5 @@ { povSelf, - pkgs, lib, config, hostConfig,
diff --git a/config/nixos/modules/presets/zaphyra/smarthome/enable.nix b/config/nixos/modules/presets/zaphyra/smarthome/enable.nix @@ -1,10 +1,7 @@ { - inputs, pov, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/zaphyra/smarthome/mosqitto.nix b/config/nixos/modules/presets/zaphyra/smarthome/mosqitto.nix @@ -1,9 +1,7 @@ { povSelf, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/zaphyra/smarthome/telegraf.nix b/config/nixos/modules/presets/zaphyra/smarthome/telegraf.nix @@ -1,9 +1,7 @@ { povSelf, - pkgs, lib, config, - hostConfig, ... }: let
diff --git a/config/nixos/modules/presets/zaphyra/syncthing.nix b/config/nixos/modules/presets/zaphyra/syncthing.nix @@ -1,10 +1,8 @@ { inputs, povSelf, - pkgs, lib, config, - hostConfig, ... }: let @@ -70,7 +68,7 @@ in }; }; - isCurrentHost = key: value: key != config.networking.hostName; + isCurrentHost = key: _value: key != config.networking.hostName; deviceNames = lib.pipe syncthingDevices [ (lib.filterAttrs isCurrentHost) @@ -82,16 +80,14 @@ in (lib.pipe syncthingDevices [ (lib.filterAttrs isCurrentHost) (lib.filterAttrs ( - name: value: + name: _value: let syncthingCfg = inputs.self.zaphyraHosts."${name}".config.modules.presets.zaphyra.syncthing; in - ( - if (inputs.self.zaphyraHosts ? name) then - if (syncthingCfg.enable) then lib.elem share syncthingCfg.enabledShares else false - else - false - ) + if (inputs.self.zaphyraHosts ? name) then + if syncthingCfg.enable then lib.elem share syncthingCfg.enabledShares else false + else + false )) builtins.attrNames ]); @@ -100,7 +96,7 @@ in folders = let - dataDir = config.services.syncthing.dataDir; + inherit (config.services.syncthing) dataDir; in { @@ -171,9 +167,9 @@ in in { - sops.secrets = lib.genAttrs [ "syncthing/cert" "syncthing/key" ] (name: { + sops.secrets = lib.genAttrs [ "syncthing/cert" "syncthing/key" ] (_name: { owner = cfg.user; - group = cfg.group; + inherit (cfg) group; }); services.syncthing = { @@ -181,14 +177,14 @@ in openDefaultPorts = true; guiAddress = "[::1]:8384"; - user = cfg.user; - group = cfg.group; + inherit (cfg) user; + inherit (cfg) group; cert = config.sops.secrets."syncthing/cert".path; key = config.sops.secrets."syncthing/key".path; - dataDir = cfg.dataDir; - configDir = cfg.configDir; + inherit (cfg) dataDir; + inherit (cfg) configDir; settings.devices = devices; settings.folders = folders;
diff --git a/config/nixos/modules/programs/nixUtilities.nix b/config/nixos/modules/programs/nixUtilities.nix @@ -0,0 +1,31 @@ +{ + config, + lib, + pkgs, + povSelf, + ... +}: + +let + inherit (lib) types; + cfg = lib.getAttrFromPath povSelf config; + +in +{ + + options.enable = { + type = types.bool; + default = false; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = with pkgs; [ + deadnix + nixfmt-rfc-style + nixfmt-tree + nixd + statix + ]; + }; + +}
diff --git a/config/nixos/modules/programs/steam.nix b/config/nixos/modules/programs/steam.nix @@ -1,6 +1,5 @@ { povSelf, - pkgs, lib, config, ...
diff --git a/config/nixos/modules/programs/yubikey.nix b/config/nixos/modules/programs/yubikey.nix @@ -1,10 +1,8 @@ { - inputs, povSelf, config, lib, pkgs, - homeManagerModules, ... }: let
diff --git a/config/nixos/modules/services/earlyoom.nix b/config/nixos/modules/services/earlyoom.nix @@ -30,18 +30,17 @@ in services.earlyoom = { enable = true; enableNotifications = true; - extraArgs = - [ - "--ignore-root-user" - ] - ++ (lib.optionals (cfg.avoid != [ ]) [ - "--avoid" - "(^|/)(${lib.concatStringsSep "|" cfg.avoid})$" - ]) - ++ (lib.optionals (cfg.prefer != [ ]) [ - "--prefer" - "(^|/)(${lib.concatStringsSep "|" cfg.prefer})$" - ]); + extraArgs = [ + "--ignore-root-user" + ] + ++ (lib.optionals (cfg.avoid != [ ]) [ + "--avoid" + "(^|/)(${lib.concatStringsSep "|" cfg.avoid})$" + ]) + ++ (lib.optionals (cfg.prefer != [ ]) [ + "--prefer" + "(^|/)(${lib.concatStringsSep "|" cfg.prefer})$" + ]); }; };
diff --git a/config/nixos/modules/services/gitolite.nix b/config/nixos/modules/services/gitolite.nix @@ -110,8 +110,8 @@ in { directory = cfg.dataDir; mode = "0755"; - user = cfg.user; - group = cfg.group; + inherit (cfg) user; + inherit (cfg) group; } ]; @@ -122,7 +122,7 @@ in users.users.${cfg.user} = { home = cfg.dataDir; uid = config.ids.uids.gitolite; - group = cfg.group; + inherit (cfg) group; extraGroups = [ "ssh" ]; useDefaultShell = true; packages = [
diff --git a/config/nixos/modules/services/greetd.nix b/config/nixos/modules/services/greetd.nix @@ -1,8 +1,8 @@ { - povSelf, config, lib, pkgs, + povSelf, ... }: @@ -20,6 +20,7 @@ in }; greeter = { type = types.enum [ + "regreet" "tuigreet" ]; default = "tuigreet"; @@ -40,7 +41,7 @@ in security.pam.services.greetd = { fprintAuth = false; # This would break gnome-keyring auto unlocking fprintAuthSkipLidClose = false; - enableGnomeKeyring = true; + #enableGnomeKeyring = true; }; services.greetd = { @@ -57,6 +58,73 @@ in }; }; }) + (lib.mkIf (cfg.greeter == "regreet") { + modules.filesystem.impermanence.system.dirs = [ + { + directory = "/var/cache/regreet"; + mode = "755"; + user = "greeter"; + group = "greeter"; + } + ]; + + systemd.tmpfiles.settings."greetd" = { + "/var/cache/regreet" = { + d = { + mode = "755"; + user = "greeter"; + group = "greeter"; + }; + }; + }; + + programs.regreet = { + enable = true; + cageArgs = [ ]; + settings = { + env = { + XKB_DEFAULT_LAYOUT = "gb"; + XKB_DEFAULT_VARIANT = "colemak_dh"; + }; + GTK = { + # Whether to use the dark theme + application_prefer_dark_theme = lib.mkForce true; + }; + + commands = { + # The command used to reboot the system + reboot = [ + "systemctl" + "reboot" + ]; + + # The command used to shut down the system + poweroff = [ + "systemctl" + "poweroff" + ]; + }; + + appearance = { + # The message that initially displays on startup + greeting_msg = "Welcome back to ${config.networking.hostName}!"; + }; + }; + }; + + services.greetd = { + enable = true; + settings = { + default_session = { + #command = '' + # ${pkgs.sway}/bin/sway --config ${swayConfig} + #''; + user = "greeter"; + }; + }; + }; + + }) (lib.mkIf (cfg.greeter == "tuigreet") { modules.filesystem.impermanence.system.dirs = [ {
diff --git a/config/nixos/modules/services/gtklock.nix b/config/nixos/modules/services/gtklock.nix @@ -26,13 +26,17 @@ in { systemd.user.services = { gtklock = lib.mkDefault { - Unit.OnSuccess = [ "unlock.target" ]; - Unit.PartOf = [ "lock.target" ]; - Unit.After = [ "lock.target" ]; + Unit = { + OnSuccess = [ "unlock.target" ]; + PartOf = [ "lock.target" ]; + After = [ "lock.target" ]; + }; Install.WantedBy = [ "lock.target" ]; - Service.ExecStart = lib.getExe pkgs.gtklock; - Service.Restart = "on-failure"; - Service.RestartSec = 0; + Service = { + ExecStart = lib.getExe pkgs.gtklock; + Restart = "on-failure"; + RestartSec = 0; + }; }; }; }
diff --git a/config/nixos/modules/services/knot.nix b/config/nixos/modules/services/knot.nix @@ -15,14 +15,14 @@ let isPrimary: (lib.pipe inputs.self.nixosConfigurations [ (lib.filterAttrs ( - hostName: hostConfig: + _hostName: hostConfig: let cfgModule = lib.getAttrFromPath povSelf hostConfig.config; in - (cfgModule.enable && cfgModule.primary == isPrimary) + cfgModule.enable && cfgModule.primary == isPrimary )) (lib.mapAttrsToList ( - hostName: hostConfig: [ + hostName: _hostConfig: [ (lib.mkIf (inputs.self.hosts."${hostName}".networking.ip6Address != "") inputs.self.hosts."${hostName}".networking.ip6Address ) @@ -34,29 +34,27 @@ let lib.flatten ]); - dnsServerSecondaries = ( - lib.pipe inputs.self.nixosConfigurations [ - (lib.filterAttrs ( - hostName: hostConfig: - let - cfgModule = lib.getAttrFromPath povSelf hostConfig.config; - in - (cfgModule.enable && !cfgModule.primary) - )) - (lib.mapAttrs ( - hostName: hostConfig: { - address = [ - (lib.mkIf (inputs.self.hosts."${hostName}".networking.ip6Address != "") - inputs.self.hosts."${hostName}".networking.ip6Address - ) - (lib.mkIf (inputs.self.hosts."${hostName}".networking.ip4Address != "") - inputs.self.hosts."${hostName}".networking.ip4Address - ) - ]; - } - )) - ] - ); + dnsServerSecondaries = lib.pipe inputs.self.nixosConfigurations [ + (lib.filterAttrs ( + _hostName: hostConfig: + let + cfgModule = lib.getAttrFromPath povSelf hostConfig.config; + in + cfgModule.enable && !cfgModule.primary + )) + (lib.mapAttrs ( + hostName: _hostConfig: { + address = [ + (lib.mkIf (inputs.self.hosts."${hostName}".networking.ip6Address != "") + inputs.self.hosts."${hostName}".networking.ip6Address + ) + (lib.mkIf (inputs.self.hosts."${hostName}".networking.ip4Address != "") + inputs.self.hosts."${hostName}".networking.ip4Address + ) + ]; + } + )) + ]; in { @@ -83,12 +81,12 @@ in }; zones = { - type = (pkgs.formats.yaml { }).type; + inherit ((pkgs.formats.yaml { })) type; default = { }; }; extraACL = { - type = (pkgs.formats.yaml { }).type; + inherit ((pkgs.formats.yaml { })) type; default = { }; }; }; @@ -210,7 +208,7 @@ in } ) // (lib.mapAttrs ( - name: zone: + _name: zone: zone // { template = "nixZone";
diff --git a/config/nixos/modules/services/knotACME.nix b/config/nixos/modules/services/knotACME.nix @@ -38,7 +38,7 @@ in generateACMERecord = recordName: ((builtins.hashString "sha1" recordName) + ".${cfg.zone}."); nodesWithACMERecords = lib.filterAttrs ( - hostName: nodeCfg: nodeCfg.config.security.acme.certs != { } + _hostName: nodeCfg: nodeCfg.config.security.acme.certs != { } ) inputs.self.zaphyraHosts; getAllDomainsPerNode = @@ -74,17 +74,15 @@ in in { - dns.allZones = ( - lib.pipe cfg.zones [ - (lib.map ( - element: - lib.nameValuePair element { - subdomains = generateACMERecordsPerZone element; - } - )) - lib.listToAttrs - ] - ); + dns.allZones = lib.pipe cfg.zones [ + (lib.map ( + element: + lib.nameValuePair element { + subdomains = generateACMERecordsPerZone element; + } + )) + lib.listToAttrs + ]; systemd.services.knot = let
diff --git a/config/nixos/modules/services/openssh.nix b/config/nixos/modules/services/openssh.nix @@ -36,7 +36,9 @@ in }; }; - systemd.services.sops-install-secrets.after = lib.mkIf config.modules.filesystem.impermanence.system.enable [ "nix-persist.mount" ]; + systemd.services.sops-install-secrets.after = + lib.mkIf config.modules.filesystem.impermanence.system.enable + [ "nix-persist.mount" ]; # this is required because the secrets need to be decryped before the users get created # but the impermanence bind-mounts get created _after_ the user creation...
diff --git a/config/nixos/modules/services/prosody.nix b/config/nixos/modules/services/prosody.nix @@ -65,19 +65,20 @@ in networking.firewall.allowedTCPPorts = [ 5269 5222 - ] ++ config.services.prosody.httpsPorts; + ] + ++ config.services.prosody.httpsPorts; modules.filesystem.impermanence.system.dirs = [ { directory = config.services.prosody.dataDir; mode = "755"; - user = config.services.prosody.user; - group = config.services.prosody.group; + inherit (config.services.prosody) user; + inherit (config.services.prosody) group; } ]; security.acme.certs."${cfg.domain}" = { - group = config.services.prosody.group; + inherit (config.services.prosody) group; reloadServices = [ "prosody.service" ]; extraDomainNames = [ "xmpp.${cfg.domain}"
diff --git a/config/nixos/modules/services/rcloneResticServer.nix b/config/nixos/modules/services/rcloneResticServer.nix @@ -77,14 +77,13 @@ in virtualHosts."${cfg.nginx.domain}" = { locations."/" = { proxyPass = "http://[::1]:${toString cfg.port}/"; - extraConfig = - '' - client_max_body_size 10G; - '' - + lib.optionalString (cfg.nginx.basicAuthFile != null) '' - auth_basic Auth; - auth_basic_user_file ${cfg.nginx.basicAuthFile}; - ''; + extraConfig = '' + client_max_body_size 10G; + '' + + lib.optionalString (cfg.nginx.basicAuthFile != null) '' + auth_basic Auth; + auth_basic_user_file ${cfg.nginx.basicAuthFile}; + ''; }; }; };
diff --git a/config/nixos/modules/services/resticBackup.nix b/config/nixos/modules/services/resticBackup.nix @@ -124,9 +124,7 @@ in target: lib.nameValuePair "${element.name}-${target}" { initialize = true; - user = element.value.user; - passwordFile = element.value.passwordFile; - timerConfig = element.value.timerConfig; + inherit (element.value) user passwordFile timerConfig; repository = cfg.targets."${target}".repository + "/${config.networking.hostName}-${element.name}"; paths = lib.mkMerge [ element.value.paths @@ -142,7 +140,7 @@ in lib.map (element: "/tmp/influxBuckets/${element}") element.value.influxBuckets )) ]; - backupPrepareCommand = ( + backupPrepareCommand = element.value.runBeforeBackup + #dump postgresql databases @@ -173,8 +171,7 @@ in ${pkgs.influxdb2}/bin/influx backup --compression=none --bucket=${db} /tmp/influxBuckets/${db} [ $(du -b /tmp/influxBuckets/${db} | cut -f1) -gt "50" ] || exit 1 '') element.value.influxBuckets - )) - ); + )); } ) element.value.targets) else
diff --git a/config/nixos/modules/services/swaylock.nix b/config/nixos/modules/services/swaylock.nix @@ -27,13 +27,17 @@ in { systemd.user.services = { swaylock = lib.mkDefault { - Unit.OnSuccess = [ "unlock.target" ]; - Unit.PartOf = [ "lock.target" ]; - Unit.After = [ "lock.target" ]; + Unit = { + OnSuccess = [ "unlock.target" ]; + PartOf = [ "lock.target" ]; + After = [ "lock.target" ]; + }; Install.WantedBy = [ "lock.target" ]; - Service.ExecStart = lib.getExe pkgs.swaylock; - Service.Restart = "on-failure"; - Service.RestartSec = 0; + Service = { + ExecStart = lib.getExe pkgs.swaylock; + Restart = "on-failure"; + RestartSec = 0; + }; }; }; }
diff --git a/config/nixos/modules/services/vnstat.nix b/config/nixos/modules/services/vnstat.nix @@ -1,5 +1,4 @@ { - inputs, povSelf, config, lib,
diff --git a/config/nixos/modules/sops.nix b/config/nixos/modules/sops.nix @@ -3,7 +3,6 @@ povSelf, config, lib, - pkgs, ... }:
diff --git a/config/nixos/modules/users/void.nix b/config/nixos/modules/users/void.nix @@ -1,5 +1,4 @@ { - inputs, povSelf, config, lib, @@ -23,7 +22,7 @@ in { sops.secrets.voidPassword = { neededForUsers = true; - sopsFile = inputs.self.sopsSecrets.common; + #sopsFile = inputs.self.sopsSecrets.common; }; users.users.void = { @@ -37,6 +36,7 @@ in "docker" "input" "networkmanager" + "seat" "ssh" "tss" "video" @@ -49,15 +49,18 @@ in } (lib.mkIf config.modules.homeManager.enable { - home-manager.users.void.imports = lib.concatLists [ - [ - homeManagerModules.void.home - ] + home-manager.users.void.imports = + with homeManagerModules.void; + lib.concatLists [ + [ + home + impermanence # FIXME + ] - (lib.optionals config.modules.filesystem.impermanence.home.enable [ - #homeManagerModules.void.impermanence # FIXME: implement impermanence - ]) - ]; + (lib.optionals config.modules.filesystem.impermanence.home.enable [ + homeManagerModules.void.impermanence # FIXME: implement impermanence + ]) + ]; }) ] );
diff --git a/config/nixos/modules/websites/bikemap.zaphyra.eu.nix b/config/nixos/modules/websites/bikemap.zaphyra.eu.nix @@ -1,6 +1,5 @@ { povSelf, - hostConfig, config, pkgs, lib, @@ -40,7 +39,7 @@ in { assertions = [ { - assertion = config.modules.services.gitolite.enable == true; + assertion = config.modules.services.gitolite.enable; message = "The option 'modules.services.gitolite.enable' must be enabled in order to use this module."; } ]; @@ -52,13 +51,13 @@ in directory = "/var/lib/bikemap"; mode = "0755"; user = "bikemap"; - group = config.modules.services.gitolite.group; + inherit (config.modules.services.gitolite) group; } ]; users.users."bikemap" = { isSystemUser = true; - group = config.modules.services.gitolite.group; + inherit (config.modules.services.gitolite) group; createHome = true; homeMode = "755"; home = "/var/lib/bikemap";
diff --git a/config/nixos/modules/websites/dav.zaphyra.eu.nix b/config/nixos/modules/websites/dav.zaphyra.eu.nix @@ -1,8 +1,6 @@ { povSelf, - hostConfig, config, - pkgs, lib, ... }: @@ -72,9 +70,11 @@ in web.type = "internal"; storage.filesystem_folder = "/var/lib/radicale"; headers.Access-Control-Allow-Origin = "*"; - auth.type = "htpasswd"; - auth.htpasswd_filename = config.sops.secrets.radicaleUsers.path; - auth.htpasswd_encryption = "plain"; + auth = { + type = "htpasswd"; + htpasswd_filename = config.sops.secrets.radicaleUsers.path; + htpasswd_encryption = "plain"; + }; }; }; nginx = {
diff --git a/config/nixos/modules/websites/fedi.ctu.cx.nix b/config/nixos/modules/websites/fedi.ctu.cx.nix @@ -25,7 +25,7 @@ in config = lib.mkIf cfg.enable { assertions = [ { - assertion = cfgWebsites."ctu.cx".enable == true; + assertion = cfgWebsites."ctu.cx".enable; message = "The option 'modules.websites.\"ctu.cx\"' must be enabled in order to use this module."; } ]; @@ -42,8 +42,8 @@ in systemd.tmpfiles.settings.gotosocial = { "/var/lib/gotosocial/storage".d = { - user = config.tgc.services.gotosocial.user; - group = config.tgc.services.gotosocial.group; + inherit (config.tgc.services.gotosocial) user; + inherit (config.tgc.services.gotosocial) group; mode = "750"; age = "-"; }; @@ -54,15 +54,15 @@ in { directory = config.tgc.services.gotosocial.stateDir; mode = "0755"; - user = config.tgc.services.gotosocial.user; - group = config.tgc.services.gotosocial.group; + inherit (config.tgc.services.gotosocial) user; + inherit (config.tgc.services.gotosocial) group; } ]; services.resticBackup.paths = { gotosocial = { enable = true; - user = config.tgc.services.gotosocial.user; + inherit (config.tgc.services.gotosocial) user; passwordFile = config.sops.secrets."resticPasswords/gotosocial".path; sqliteDatabases = [ (lib.mkIf ( @@ -83,7 +83,7 @@ in tgc.services.gotosocial = { enable = true; package = pkgs.tgc.gotosocial-unstable; - group = config.services.nginx.group; + inherit (config.services.nginx) group; environmentFile = config.sops.secrets."environments/gotosocial".path; settings = { protocol = "https";
diff --git a/config/nixos/modules/websites/fedi.home.ctu.cx.nix b/config/nixos/modules/websites/fedi.home.ctu.cx.nix @@ -29,8 +29,8 @@ in systemd.tmpfiles.settings.gotosocial = { "/var/lib/gotosocial/storage".d = { - user = config.tgc.services.gotosocial.user; - group = config.tgc.services.gotosocial.group; + inherit (config.tgc.services.gotosocial) user; + inherit (config.tgc.services.gotosocial) group; mode = "750"; age = "-"; }; @@ -41,16 +41,16 @@ in { directory = config.tgc.services.gotosocial.stateDir; mode = "0755"; - user = config.tgc.services.gotosocial.user; - group = config.tgc.services.gotosocial.group; + inherit (config.tgc.services.gotosocial) user; + inherit (config.tgc.services.gotosocial) group; } ]; services.resticBackup.paths = { gotosocial = { enable = true; - #package = pkgs.tgc.gotosocial-unstable; - user = config.tgc.services.gotosocial.user; + package = pkgs.tgc.gotosocial-unstable; + inherit (config.tgc.services.gotosocial) user; passwordFile = config.sops.secrets."resticPasswords/gotosocial".path; sqliteDatabases = [ (lib.mkIf ( @@ -70,8 +70,8 @@ in tgc.services.gotosocial = { enable = true; - group = config.services.nginx.group; package = pkgs.tgc.gotosocial-unstable; + inherit (config.services.nginx) group; settings = { protocol = "https";
diff --git a/config/nixos/modules/websites/flauschehorn.zaphyra.eu.nix b/config/nixos/modules/websites/flauschehorn.zaphyra.eu.nix @@ -1,6 +1,5 @@ { povSelf, - hostConfig, config, pkgs, lib,
diff --git a/config/nixos/modules/websites/git.zaphyra.eu.nix b/config/nixos/modules/websites/git.zaphyra.eu.nix @@ -1,6 +1,5 @@ { povSelf, - hostConfig, config, lib, pkgs, @@ -205,7 +204,7 @@ in enable = true; user = "git"; group = "git"; - adminPubkey = cfg.adminPubkey; + inherit (cfg) adminPubkey; extraGitoliteRc = '' $RC{GIT_CONFIG_KEYS} = ".*";
diff --git a/config/nixos/modules/websites/grafana.infra.zaphyra.eu.nix b/config/nixos/modules/websites/grafana.infra.zaphyra.eu.nix @@ -1,9 +1,7 @@ { - inputs, povSelf, config, lib, - pkgs, ... }:
diff --git a/config/nixos/modules/websites/grapevine.zaphyra.eu.nix b/config/nixos/modules/websites/grapevine.zaphyra.eu.nix @@ -34,7 +34,7 @@ in assertions = [ { - assertion = cfgWebsites."zaphyra.eu".enable == true; + assertion = cfgWebsites."zaphyra.eu".enable; message = "The option 'modules.websites.\"zaphyra.eu\"' must be enabled in order to use this module."; } ]; @@ -132,7 +132,7 @@ in kTLS = true; locations = { "/_matrix" = { - proxyPass = "http://[${grapevineListen.address}]:${toString (grapevineListen.port)}"; + proxyPass = "http://[${grapevineListen.address}]:${toString grapevineListen.port}"; proxyWebsockets = true; }; "/".root = pkgs.cinny.override {
diff --git a/config/nixos/modules/websites/gts.zaphyra.eu.nix b/config/nixos/modules/websites/gts.zaphyra.eu.nix @@ -25,7 +25,7 @@ in config = lib.mkIf cfg.enable { assertions = [ { - assertion = cfgWebsites."zaphyra.eu".enable == true; + assertion = cfgWebsites."zaphyra.eu".enable; message = "The option 'modules.websites.\"zaphyra.eu\"' must be enabled in order to use this module."; } ]; @@ -45,8 +45,8 @@ in systemd.tmpfiles.settings.gotosocial = { "/var/lib/gotosocial/storage".d = { - user = config.tgc.services.gotosocial.user; - group = config.tgc.services.gotosocial.group; + inherit (config.tgc.services.gotosocial) user; + inherit (config.tgc.services.gotosocial) group; mode = "750"; age = "-"; }; @@ -57,15 +57,15 @@ in { directory = config.tgc.services.gotosocial.stateDir; mode = "0755"; - user = config.tgc.services.gotosocial.user; - group = config.tgc.services.gotosocial.group; + inherit (config.tgc.services.gotosocial) user; + inherit (config.tgc.services.gotosocial) group; } ]; services.resticBackup.paths = { gotosocial = { enable = true; - user = config.tgc.services.gotosocial.user; + inherit (config.tgc.services.gotosocial) user; passwordFile = config.sops.secrets."resticPasswords/gotosocial".path; sqliteDatabases = [ (lib.mkIf ( @@ -86,7 +86,7 @@ in tgc.services.gotosocial = { enable = true; package = pkgs.tgc.gotosocial-unstable; - group = config.services.nginx.group; + inherit (config.services.nginx) group; environmentFile = config.sops.secrets.gotosocialEnv.path; settings = { protocol = "https";
diff --git a/config/nixos/modules/websites/ip.zaphyra.eu.nix b/config/nixos/modules/websites/ip.zaphyra.eu.nix @@ -28,79 +28,81 @@ in config = lib.mkIf cfg.enable { dns.zones."${cfg.domain}".subdomains = { - "ip" = (dnsNix.combinators.host hostConfig.networking.ip4Address hostConfig.networking.ip6Address); + "ip" = dnsNix.combinators.host hostConfig.networking.ip4Address hostConfig.networking.ip6Address; "ip4".A = [ hostConfig.networking.ip4Address ]; "ip6".AAAA = [ hostConfig.networking.ip6Address ]; }; - services.nginx.virtualHosts."ip.${cfg.domain}" = { - useACMEHost = "${config.networking.fqdn}"; - forceSSL = true; - kTLS = true; - locations."/" = { - extraConfig = "types { } default_type 'text/html; charset=utf-8';"; - return = '' - 200 ' - <!DOCTYPE html> - <html> - <head> - <title>ip.${cfg.domain}</title> - </head> - <body> - <h1>ip.${cfg.domain}</h1> - <ul> - <li><span style="user-select: none;"><b>IPv6:</b> </span><span id="ip6">Loading...</span></li> - <li><span style="user-select: none;"><b>IPv4:</b> </span><span id="ip4">Loading...</span></li> - </ul> - <p>Use bash and curl: <code>curl ip{4,6}.${cfg.domain}</code></p> - <p><small>Because any other "Whats my IP?"-tool sucks. <a href="https://git.clerie.de/clerie/ip.clerie.de">Host yourself :3</a></small></p> + services.nginx.virtualHosts = { + "ip.${cfg.domain}" = { + useACMEHost = "${config.networking.fqdn}"; + forceSSL = true; + kTLS = true; + locations."/" = { + extraConfig = "types { } default_type 'text/html; charset=utf-8';"; + return = '' + 200 ' + <!DOCTYPE html> + <html> + <head> + <title>ip.${cfg.domain}</title> + </head> + <body> + <h1>ip.${cfg.domain}</h1> + <ul> + <li><span style="user-select: none;"><b>IPv6:</b> </span><span id="ip6">Loading...</span></li> + <li><span style="user-select: none;"><b>IPv4:</b> </span><span id="ip4">Loading...</span></li> + </ul> + <p>Use bash and curl: <code>curl ip{4,6}.${cfg.domain}</code></p> + <p><small>Because any other "Whats my IP?"-tool sucks. <a href="https://git.clerie.de/clerie/ip.clerie.de">Host yourself :3</a></small></p> - <script> - window.addEventListener("DOMContentLoaded", (event) => { - [ "ip6", "ip4" ].forEach(async (ipVersion) => { - try { - const url = "https://" + ipVersion + ".${cfg.domain}/"; - const response = await fetch(url + ((/\?/).test(url) ? "&" : "?") + (new Date()).getTime()); - if(response.status != 200) { + <script> + window.addEventListener("DOMContentLoaded", (event) => { + [ "ip6", "ip4" ].forEach(async (ipVersion) => { + try { + const url = "https://" + ipVersion + ".${cfg.domain}/"; + const response = await fetch(url + ((/\?/).test(url) ? "&" : "?") + (new Date()).getTime()); + if(response.status != 200) { + document.getElementById(ipVersion).innerText = "Error!"; + } else { + document.getElementById(ipVersion).innerText = await response.text(); + } + } catch { document.getElementById(ipVersion).innerText = "Error!"; - } else { - document.getElementById(ipVersion).innerText = await response.text(); } - } catch { - document.getElementById(ipVersion).innerText = "Error!"; - } + }); }); - }); - </script> - </body> - </html>' - ''; + </script> + </body> + </html>' + ''; + }; }; - }; - services.nginx.virtualHosts."ip4.${cfg.domain}" = { - useACMEHost = "${config.networking.fqdn}"; - forceSSL = true; - kTLS = true; - locations."/" = { - return = "200 '$remote_addr\n'"; - extraConfig = '' - types { } default_type "text/plain; charset=utf-8"; - add_header Access-Control-Allow-Origin *; - ''; + "ip4.${cfg.domain}" = { + useACMEHost = "${config.networking.fqdn}"; + forceSSL = true; + kTLS = true; + locations."/" = { + return = "200 '$remote_addr\n'"; + extraConfig = '' + types { } default_type "text/plain; charset=utf-8"; + add_header Access-Control-Allow-Origin *; + ''; + }; }; - }; - services.nginx.virtualHosts."ip6.${cfg.domain}" = { - useACMEHost = "${config.networking.fqdn}"; - forceSSL = true; - kTLS = true; - locations."/" = { - return = "200 '$remote_addr\n'"; - extraConfig = '' - types { } default_type "text/plain; charset=utf-8"; - add_header Access-Control-Allow-Origin *; - ''; + "ip6.${cfg.domain}" = { + useACMEHost = "${config.networking.fqdn}"; + forceSSL = true; + kTLS = true; + locations."/" = { + return = "200 '$remote_addr\n'"; + extraConfig = '' + types { } default_type "text/plain; charset=utf-8"; + add_header Access-Control-Allow-Origin *; + ''; + }; }; }; };
diff --git a/config/nixos/modules/websites/katja.wtf.nix b/config/nixos/modules/websites/katja.wtf.nix @@ -2,7 +2,6 @@ povSelf, hostConfig, config, - pkgs, lib, dnsNix, ...
diff --git a/config/nixos/modules/websites/oeffi.zaphyra.eu.nix b/config/nixos/modules/websites/oeffi.zaphyra.eu.nix @@ -1,6 +1,5 @@ { povSelf, - hostConfig, config, pkgs, lib, @@ -78,47 +77,49 @@ in large_client_header_buffers 4 16k; ''; - locations."/db/vehicle-sequence".extraConfig = '' - proxy_ssl_server_name on; - proxy_ssl_name www.bahn.de; - proxy_set_header Host www.bahn.de; - proxy_hide_header 'set-cookie'; - proxy_pass https://www.bahn.de/web/api/reisebegleitung/wagenreihung/vehicle-sequence$is_args$args; - ''; - - locations."~ ^/db/vendo/(?<vendotarget>[a-z]+)(/([^\\r\\n].*))?$".extraConfig = '' - if ($vendopath = no) { - return 400; - } - - if ($vendotarget = 'trip') { - set $vendopath '$vendopath$2'; - } - - if ($vendotarget = 'location') { - set $vendopath '$vendopath$2'; - } - - set $vendodomain 'app.vendo.noncd.db.de'; - - proxy_ssl_server_name on; - proxy_ssl_name $vendodomain; - proxy_set_header Host $vendodomain; - proxy_hide_header 'set-cookie'; - proxy_pass https://$vendodomain$vendopath; - ''; - - locations."~ ^/hafas/(?<hafastarget>.*)$".extraConfig = '' - if ($hafasurl = no) { - return 400; - } - - proxy_ssl_server_name on; - proxy_ssl_name $hafasurl; - proxy_set_header Host $hafasurl; - proxy_hide_header 'set-cookie'; - proxy_pass https://$hafasurl$hafaspath; - ''; + locations = { + "/db/vehicle-sequence".extraConfig = '' + proxy_ssl_server_name on; + proxy_ssl_name www.bahn.de; + proxy_set_header Host www.bahn.de; + proxy_hide_header 'set-cookie'; + proxy_pass https://www.bahn.de/web/api/reisebegleitung/wagenreihung/vehicle-sequence$is_args$args; + ''; + + "~ ^/db/vendo/(?<vendotarget>[a-z]+)(/([^\\r\\n].*))?$".extraConfig = '' + if ($vendopath = no) { + return 400; + } + + if ($vendotarget = 'trip') { + set $vendopath '$vendopath$2'; + } + + if ($vendotarget = 'location') { + set $vendopath '$vendopath$2'; + } + + set $vendodomain 'app.vendo.noncd.db.de'; + + proxy_ssl_server_name on; + proxy_ssl_name $vendodomain; + proxy_set_header Host $vendodomain; + proxy_hide_header 'set-cookie'; + proxy_pass https://$vendodomain$vendopath; + ''; + + "~ ^/hafas/(?<hafastarget>.*)$".extraConfig = '' + if ($hafasurl = no) { + return 400; + } + + proxy_ssl_server_name on; + proxy_ssl_name $hafasurl; + proxy_set_header Host $hafasurl; + proxy_hide_header 'set-cookie'; + proxy_pass https://$hafasurl$hafaspath; + ''; + }; }; }; };
diff --git a/config/nixos/modules/websites/prometheus.infra.zaphyra.eu.nix b/config/nixos/modules/websites/prometheus.infra.zaphyra.eu.nix @@ -1,10 +1,8 @@ { inputs, povSelf, - hostConfig, config, lib, - dnsNix, ... }: @@ -55,12 +53,10 @@ in metrics_path = "/node-exporter"; static_configs = [ { - targets = ( - lib.mapAttrsToList ( - name: host: - lib.mkIf host.config.modules.services.prometheusExporters.enable host.config.modules.services.prometheusExporters.domain - ) inputs.self.zaphyraHosts - ); + targets = lib.mapAttrsToList ( + _name: host: + lib.mkIf host.config.modules.services.prometheusExporters.enable host.config.modules.services.prometheusExporters.domain + ) inputs.self.zaphyraHosts; } ]; } @@ -71,12 +67,10 @@ in metrics_path = "/systemd-exporter"; static_configs = [ { - targets = ( - lib.mapAttrsToList ( - name: host: - lib.mkIf host.config.modules.services.prometheusExporters.enable host.config.modules.services.prometheusExporters.domain - ) inputs.self.zaphyraHosts - ); + targets = lib.mapAttrsToList ( + _name: host: + lib.mkIf host.config.modules.services.prometheusExporters.enable host.config.modules.services.prometheusExporters.domain + ) inputs.self.zaphyraHosts; } ]; }
diff --git a/config/nixos/modules/websites/restic.pratorum.infra.zaphyra.eu.nix b/config/nixos/modules/websites/restic.pratorum.infra.zaphyra.eu.nix @@ -1,9 +1,7 @@ { povSelf, - hostConfig, config, lib, - dnsNix, ... }:
diff --git a/config/nixos/modules/websites/things.zaphyra.eu.nix b/config/nixos/modules/websites/things.zaphyra.eu.nix @@ -1,8 +1,6 @@ { povSelf, - hostConfig, config, - pkgs, lib, ... }:
diff --git a/config/nixos/modules/websites/vault.zaphyra.eu.nix b/config/nixos/modules/websites/vault.zaphyra.eu.nix @@ -1,6 +1,5 @@ { povSelf, - hostConfig, config, pkgs, lib,
diff --git a/config/nixos/modules/websites/zaphyra.dn42.nix b/config/nixos/modules/websites/zaphyra.dn42.nix @@ -1,10 +1,8 @@ { povSelf, - hostConfig, config, pkgs, lib, - dnsNix, ... }:
diff --git a/config/nixosModules.nix b/config/nixosModules.nix @@ -17,7 +17,7 @@ let ( _: lib.mapAttrs ( - name: value: + _name: value: ( if value ? option then ( @@ -30,15 +30,13 @@ let ( (lib.removeAttrs value [ "options" ]) // { - nixosOptions = ( - lib.mapAttrsRecursiveCond (element: !(element ? type)) ( - path: value: lib.mkOption value - ) value.options - ); + nixosOptions = lib.mapAttrsRecursiveCond (element: !(element ? type)) ( + _path: value: lib.mkOption value + ) value.options; } ) else - (value) + value ) ) ) @@ -61,7 +59,7 @@ let in { - options = modules.options; + inherit (modules) options; config = lib.mkMerge ( lib.pipe (lib.removeAttrs modules [ "options" ]) [
diff --git a/flake.nix b/flake.nix @@ -34,8 +34,8 @@ formatter = tgcLib.forAllSystems { body = pkgs: pkgs.nixfmt-rfc-style; }; - checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks inputs.self.deploy) ( - nixpkgsLib.filterAttrs (key: value: nixpkgsLib.hasSuffix "linux" key) inputs.deploy-rs.lib + checks = builtins.mapAttrs (_system: deployLib: deployLib.deployChecks inputs.self.deploy) ( + nixpkgsLib.filterAttrs (key: _value: nixpkgsLib.hasSuffix "linux" key) inputs.deploy-rs.lib ); resources = loadDir [ @@ -63,7 +63,7 @@ inputs.tgcNUR.overlays.nixpkgsUnstable inputs.tgcNUR.overlays.tuigreet inputs.tgcNUR.overlays.swaylock-plugin-fprintd - (final: prev: { sherlock-launcher = inputs.sherlock.packages.${prev.system}.default; }) + (_final: prev: { sherlock-launcher = inputs.sherlock.packages.${prev.system}.default; }) ]; hosts = loadDir importLoader ./hosts; @@ -71,7 +71,7 @@ nixosConfigurations = builtins.mapAttrs ( hostName: hostConfig: (if !hostConfig.nixpkgsStable then unstableNixpkgsLib.nixosSystem else nixpkgsLib.nixosSystem) { - system = hostConfig.system; + inherit (hostConfig) system; specialArgs = { inherit inputs; @@ -98,17 +98,19 @@ } ( - if !hostConfig.nixpkgsStable then - [ - inputs.homeManagerUnstable.nixosModules.default - inputs.diskoUnstable.nixosModules.default - inputs.simpleNixosMailserverUnstable.nixosModules.default - ] - else + if hostConfig.nixpkgsStable then [ inputs.homeManager.nixosModules.default inputs.disko.nixosModules.default inputs.simpleNixosMailserver.nixosModules.default + inputs.stylix.nixosModules.stylix + ] + else + [ + inputs.homeManagerUnstable.nixosModules.default + inputs.diskoUnstable.nixosModules.default + inputs.simpleNixosMailserverUnstable.nixosModules.default + inputs.stylixUnstable.nixosModules.stylix ] ) @@ -127,15 +129,13 @@ } ) inputs.self.hosts; - zaphyraHosts = ( - nixpkgsLib.filterAttrs ( - name: value: - if (builtins.isNull value.config.networking.domain) then - false - else - nixpkgsLib.hasSuffix "zaphyra.eu" value.config.networking.domain - ) inputs.self.nixosConfigurations - ); + zaphyraHosts = nixpkgsLib.filterAttrs ( + _name: value: + if (builtins.isNull value.config.networking.domain) then + false + else + nixpkgsLib.hasSuffix "zaphyra.eu" value.config.networking.domain + ) inputs.self.nixosConfigurations; homeConfigurations = builtins.listToAttrs ( builtins.map @@ -198,7 +198,7 @@ deploy = { activationTimeout = 600; confirmTimeout = 240; - nodes = builtins.mapAttrs (nodeName: node: { + nodes = builtins.mapAttrs (_nodeName: node: { hostname = node.config.networking.fqdn; sshUser = "root"; sshOpts = [ @@ -241,6 +241,12 @@ sopsNix.url = "github:Mic92/sops-nix"; sopsNix.inputs.nixpkgs.follows = "nixpkgs"; + stylix.url = "github:nix-community/stylix/release-25.05"; + stylix.inputs.nixpkgs.follows = "nixpkgs"; + + stylixUnstable.url = "github:nix-community/stylix"; + stylixUnstable.inputs.nixpkgs.follows = "nixpkgsUnstable"; + disko.url = "github:nix-community/disko"; disko.inputs.nixpkgs.follows = "nixpkgs"; @@ -294,8 +300,7 @@ flake-parts.follows = "flakeParts"; }; - #tgcNUR.url = "git+https://git.transgirl.cafe/zaphyra/tgc-nix-user-repository"; - tgcNUR.url = "git+file:///home/zaphyra/proj/tgc-nix-user-repository"; + tgcNUR.url = "git+https://git.transgirl.cafe/zaphyra/tgc-nix-user-repository"; tgcNUR.inputs = { nixpkgs.follows = "nixpkgs"; nixpkgsUnstable.follows = "nixpkgsUnstable";
diff --git a/hosts/empty/default.nix b/hosts/empty/default.nix @@ -12,11 +12,15 @@ { config = { # Minimal options to pass assertions. - boot.enableContainers = false; - boot.loader.grub.enable = false; - boot.initrd.includeDefaultModules = false; - boot.initrd.kernelModules = lib.mkOverride 0 [ ]; - boot.initrd.systemd.enable = true; + boot = { + enableContainers = false; + loader.grub.enable = false; + initrd = { + includeDefaultModules = false; + kernelModules = lib.mkOverride 0 [ ]; + systemd.enable = true; + }; + }; documentation = { doc.enable = false; info.enable = false; @@ -24,7 +28,7 @@ nixos.enable = false; }; nixpkgs.overlays = [ - (final: prev: { + (_final: prev: { systemd = prev.systemd.override { withAcl = false; withAnalyze = false; @@ -60,9 +64,11 @@ security.sudo.enable = false; services.userborn.enable = true; nix.channel.enable = false; - system.disableInstallerTools = true; - system.forbiddenDependenciesRegexes = [ "perl" ]; - system.etc.overlay.enable = true; + system = { + disableInstallerTools = true; + forbiddenDependenciesRegexes = [ "perl" ]; + etc.overlay.enable = true; + }; systemd.coredump.enable = false; environment.defaultPackages = lib.mkOverride 0 [ ]; fileSystems."/" = {
diff --git a/hosts/eximius/configuration.nix b/hosts/eximius/configuration.nix @@ -0,0 +1,89 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + +{ + pkgs, + ... +}: + +{ + # Use latest kernel. + boot.kernelPackages = pkgs.linuxPackages_latest; + + hardware.bluetooth = { + enable = true; + powerOnBoot = false; + }; + + #networking.hostName = "eximius"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + #time.timeZone = "Europe/Berlin"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + #i18n.defaultLocale = "en_GB.UTF-8"; + console = { + # font = "Lat2-Terminus16"; + keyMap = "mod-dh-iso-uk"; + # useXkbConfig = true; # use xkb.options in tty. + }; + + powerManagement.powertop.enable = true; + + virtualisation.podman.enable = true; + + services = { + blueman.enable = true; + upower.enable = true; + power-profiles-daemon.enable = true; + seatd.enable = true; + mullvad-vpn = { + enable = true; + package = pkgs.mullvad-vpn; + }; + syncthing = { + enable = false; + user = "void"; + group = "users"; + dataDir = "/home/void"; + openDefaultPorts = true; + }; + }; + + users.defaultUserShell = pkgs.fish; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.void = { + isNormalUser = true; + extraGroups = [ + "networkmanager" + "wheel" + ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + comma + kitty + librewolf + keepassxc + monero-cli + monero-gui + element-desktop + ]; + }; + + programs.fish.enable = true; + programs.sway = { + enable = true; + extraPackages = [ ]; + wrapperFeatures.gtk = true; + }; + + #environment.systemPackages = [pkgs.swaylock]; +}
diff --git a/hosts/eximius/default.nix b/hosts/eximius/default.nix @@ -0,0 +1,180 @@ +{ + + system = "x86_64-linux"; + nixpkgsStable = false; + + domain = "eukaryote.eu"; + + #sshPubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBGgd/59d8wyU9kE6iRSMvTmev8z5dq4YtjeBlEoAI4S"; + + hardware = { + cpuVendor = "intel"; + allowHibernation = true; + }; + + networking = { + #hasDN42 = true; + dn42Address = "fd49:7a7a:6965:c0::6cd4"; + }; + + configuration = + { + inputs, + ... + }: + { + + imports = [ + ./configuration.nix + ./hardware-configuration.nix + inputs.nixos-hardware.nixosModules.framework-intel-core-ultra-series1 + ]; + + home-manager.sharedModules = [ + { + wayland.windowManager.sway.config = { + seat."*".xcursor_theme = "Adwaita 20"; + output."eDP-1".scale = "1.5"; + }; + } + ]; + + boot.initrd.systemd.emergencyAccess = true; + boot.kernelParams = [ + "resume=/dev/eximius/swap" + ]; + + #sops.secrets."environments/networkManagerProfiles/cccdaWifi" = { }; + + sops.age.keyFile = "/var/lib/sops-nix/age/keys.txt"; + + modules = { + + filesystem = { + #impermanence.system.enable = true; + #impermanence.home.enable = true; + rootDisk = { + #enable = true; + encrypt = true; + type = "btrfs"; + path = "/dev/disk/by-id/nvme-CT1000P3PSSD8_2342444001E2"; + #reservedSpace = "3G"; + parts = { + nix = true; + }; + swap = { + enable = true; + size = "24G"; + }; + }; + }; + + hardware = { + bluetooth.enable = true; + cpu.updateMicrocode = true; + fprint.enable = true; + fprint.disableOnLidClose = true; + thunderbolt.enable = true; + #quirks.thinkpad.enable = true; + video.intel.enable = true; + }; + + presets = { + base.enable = true; + graphical.enable = true; + graphical.type = "sway"; + void.enable = true; + + #networkManagerProfiles = { + # voidPhoneWifi.enable = true; + # voidHomeWifi.enable = true; + # zaphyraPhoneWifi.enable = true; + # zaphyraHomeWifi.enable = true; + # grogHomeWifi.enable = true; + # cccdaWifi = { + # enable = true; + # username = "zaphyra"; + # envFile = config.sops.secrets."environments/networkManagerProfiles/cccdaWifi".path; + # }; + #}; + }; + + services = { + earlyoom.enable = true; + greetd.autoLogin = { + enable = true; + user = "void"; + }; + systemd-oomd.enable = true; + }; + + programs = { + #AusweisApp.enable = true; + steam.enable = true; + yubikey.enable = true; + }; + + users.void.enable = true; + }; + + networking = { + useNetworkd = false; + #hosts."127.0.0.1" = [ config.networking.fqdn ]; + }; + + # nixpkgs.overlays = [ + # (self: super: { mesa = pkgs.callPackage inputs.self.resources.mesa {}; }) + # ]; + + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; + gamescopeSession.enable = true; + protontricks.enable = true; + }; + + services = { + hardware.bolt.enable = true; + resolved.enable = true; + logind.settings.Login.HandlePowerKey = "hibernate"; + keyd = { + enable = true; + keyboards.builtin = { + ids = [ "0001:0001" ]; + settings = { + main = { + capslock = "layer(shift)"; + leftshift = "capslock"; + rightcontrol = "layer(rightcontrol)"; + }; + rightcontrol = { + q = "!"; + w = "@"; + e = "#"; + r = "$"; + t = "%"; + + y = "^"; + u = "&"; + i = "*"; + o = "("; + p = ")"; + }; + }; + }; + }; + printing.enable = true; + avahi = { + enable = true; + nssmdns4 = true; + publish.enable = true; + publish.userServices = true; + }; + }; + + system.stateVersion = "25.11"; + home-manager.users.void.home.stateVersion = "25.11"; + }; + +}
diff --git a/hosts/eximius/hardware-configuration.nix b/hosts/eximius/hardware-configuration.nix @@ -0,0 +1,96 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + initrd.availableKernelModules = [ + "xhci_pci" + "nvme" + ]; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + + initrd = { + kernelModules = [ "dm-snapshot" ]; + luks.devices.cryptroot = { + device = "/dev/disk/by-partlabel/disk-eximius-root"; + }; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/eximius/root"; + fsType = "btrfs"; + options = [ "subvol=nixos" ]; + }; + + "/nix" = { + device = "/dev/eximius/nix"; + fsType = "xfs"; + }; + + "/data" = { + device = "/dev/eximius/persist"; + fsType = "btrfs"; + }; + + "/home" = { + device = "/dev/eximius/home"; + fsType = "btrfs"; + options = [ + "acl" + "nofail" + ]; + }; + + "/boot" = { + device = "/dev/disk/by-partlabel/disk-eximius-boot"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + "/etc/nixos" = { + device = "/dev/eximius/persist"; + fsType = "btrfs"; + options = [ "subvol=etc/nixos" ]; + }; + + "/var/lib/sbctl" = { + device = "/dev/eximius/persist"; + fsType = "btrfs"; + options = [ "subvol=var/lib/sbctl" ]; + }; + }; + + swapDevices = [ + { + device = "/dev/eximius/swap"; + options = [ "nofail" ]; + } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp170s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +}
diff --git a/hosts/haueri/default.nix b/hosts/haueri/default.nix @@ -31,12 +31,11 @@ }; boot.initrd.systemd.emergencyAccess = true; - # boot.kernel.sysctl."power.pm_async" = false; + # boot.loader.efi.canTouchEfiVariables = true; sops.secrets."environments/networkManagerProfiles/cccdaWifi" = { }; modules = { - boot.secureboot = false; filesystem = { impermanence.system.enable = true; impermanence.home.enable = true; @@ -59,10 +58,6 @@ hardware = { video.intel.enable = true; cpu.updateMicrocode = true; - fprint.enable = true; - fprint.disableOnLidClose = true; - - quirks.thinkpad.enable = true; }; presets = { @@ -113,11 +108,23 @@ hosts."127.0.0.1" = [ config.networking.fqdn ]; }; - hardware.bluetooth.settings = { - General.Experimental = true; + hardware = { + sensor.iio.enable = true; + bluetooth.settings = { + General.Experimental = true; + }; }; + programs.adb.enable = true; services = { + iio-niri = { + enable = true; + + extraArgs = [ + "--monitor" + "eDP-1" + ]; + }; #userborn.enable = false; resolved.enable = true; printing.enable = true; @@ -129,6 +136,8 @@ }; gnome.at-spi2-core.enable = false; pipewire.raopOpenFirewall = true; + fwupd.enable = true; + fwupd.extraRemotes = [ "lvfs-testing" ]; }; system.stateVersion = "25.05";
diff --git a/hosts/morio/default.nix b/hosts/morio/default.nix @@ -31,7 +31,6 @@ { inputs, config, - pkgs, ... }: { @@ -76,9 +75,11 @@ syncthing.enable = false; dnsServer.enable = true; mailServer.enable = true; - mautrixBridges.signal.enable = true; - mautrixBridges.whatsapp.enable = true; - mautrixBridges.telegram.enable = true; + mautrixBridges = { + signal.enable = true; + whatsapp.enable = true; + telegram.enable = true; + }; }; };
diff --git a/hosts/novus/default.nix b/hosts/novus/default.nix @@ -31,8 +31,6 @@ { inputs, config, - lib, - pkgs, ... }: {
diff --git a/hosts/polaris/default.nix b/hosts/polaris/default.nix @@ -28,10 +28,6 @@ configuration = { inputs, - hostConfig, - config, - lib, - pkgs, ... }: {
diff --git a/hosts/pratorum/default.nix b/hosts/pratorum/default.nix @@ -40,19 +40,23 @@ ./floractl.nix ]; - boot.initrd.systemd.emergencyAccess = true; - boot.initrd.availableKernelModules = [ - "nvme" - "ehci_pci" - "xhci_pci" - "ahci" - "usbhid" - "usb_storage" - "sd_mod" - ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/e6ad3c7a-f1a5-4e10-a9f6-53e39297b1a3"; + boot = { + initrd = { + systemd.emergencyAccess = true; + availableKernelModules = [ + "nvme" + "ehci_pci" + "xhci_pci" + "ahci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + luks.devices."root".device = "/dev/disk/by-uuid/e6ad3c7a-f1a5-4e10-a9f6-53e39297b1a3"; + }; + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + }; fileSystems."/" = { device = "/dev/disk/by-uuid/d9856f85-c995-4d85-a614-cb2977fea1de";
diff --git a/resources/patchedNixpkgsModules/pam.nix b/resources/patchedNixpkgsModules/pam.nix @@ -2294,16 +2294,17 @@ in a malicious process can then edit such an authorized_keys file and bypass the ssh-agent-based authentication. See https://github.com/NixOS/nixpkgs/issues/31611 '' - ++ lib.optional - ( - with config.security.pam.rssh; - enable && settings.auth_key_file or null != null && settings.authorized_keys_command or null != null - ) - '' - security.pam.rssh.settings.auth_key_file will be ignored as - security.pam.rssh.settings.authorized_keys_command has been specified. - Explictly set the former to null to silence this warning. - ''; + ++ + lib.optional + ( + with config.security.pam.rssh; + enable && settings.auth_key_file or null != null && settings.authorized_keys_command or null != null + ) + '' + security.pam.rssh.settings.auth_key_file will be ignored as + security.pam.rssh.settings.authorized_keys_command has been specified. + Explictly set the former to null to silence this warning. + ''; environment.systemPackages = # Include the PAM modules in the system path mostly for the manpages. @@ -2334,46 +2335,45 @@ in environment.etc = lib.mapAttrs' makePAMService enabledServices; - security.pam.services = - { - other.text = '' - auth required pam_warn.so - auth required pam_deny.so - account required pam_warn.so - account required pam_deny.so - password required pam_warn.so - password required pam_deny.so - session required pam_warn.so - session required pam_deny.so - ''; + security.pam.services = { + other.text = '' + auth required pam_warn.so + auth required pam_deny.so + account required pam_warn.so + account required pam_deny.so + password required pam_warn.so + password required pam_deny.so + session required pam_warn.so + session required pam_deny.so + ''; - # Most of these should be moved to specific modules. - i3lock.enable = lib.mkDefault config.programs.i3lock.enable; - i3lock-color.enable = lib.mkDefault config.programs.i3lock.enable; - vlock.enable = lib.mkDefault config.console.enable; - xlock.enable = lib.mkDefault config.services.xserver.enable; - xscreensaver.enable = lib.mkDefault config.services.xscreensaver.enable; - - runuser = { - rootOK = true; - unixAuth = false; - setEnvironment = false; - }; + # Most of these should be moved to specific modules. + i3lock.enable = lib.mkDefault config.programs.i3lock.enable; + i3lock-color.enable = lib.mkDefault config.programs.i3lock.enable; + vlock.enable = lib.mkDefault config.console.enable; + xlock.enable = lib.mkDefault config.services.xserver.enable; + xscreensaver.enable = lib.mkDefault config.services.xscreensaver.enable; + + runuser = { + rootOK = true; + unixAuth = false; + setEnvironment = false; + }; - /* - FIXME: should runuser -l start a systemd session? Currently - it complains "Cannot create session: Already running in a - session". - */ - runuser-l = { - rootOK = true; - unixAuth = false; - }; - } - // lib.optionalAttrs (config.security.pam.enableFscrypt) { - # Allow fscrypt to verify login passphrase - fscrypt = { }; + /* + FIXME: should runuser -l start a systemd session? Currently + it complains "Cannot create session: Already running in a + session". + */ + runuser-l = { + rootOK = true; + unixAuth = false; }; + } + // lib.optionalAttrs (config.security.pam.enableFscrypt) { + # Allow fscrypt to verify login passphrase + fscrypt = { }; + }; security.apparmor.includes."abstractions/pam" = lib.concatMapStrings (name: "r ${config.environment.etc."pam.d/${name}".source},\n") (
diff --git a/resources/void/programs/waybar/style.css b/resources/void/programs/waybar/style.css @@ -0,0 +1,205 @@ +* { + border: none; + border-radius: 0; + /* font-family: Fira Code; */ + min-height: 20px; + padding: 5px; +} +window#waybar { + background: transparent; +} +window#waybar.hidden { + opacity: 0.2; +} +#workspaces { + margin-right: 8px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#workspaces button { + transition: none; + color: @base04; + background: transparent; + padding: 0px; + font-size: 18px; +} +#workspaces button.persistent { + color: @base04; + font-size: 12px; +} +/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ +#workspaces button:hover { + transition: none; + box-shadow: inherit; + text-shadow: inherit; + border-radius: inherit; + color: @base02; + background: #7c818c; +} +#workspaces button.focused { + color: @base05; +} +#idle_inhibitor { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#idle_inhibitor.activated { + color: @base00; + background: @base0E; +} +#keyboard-state { + margin-right: 8px; + padding-left: 16px; + padding-right: 8px; + border-radius: 10px 10px 10px 10px; + transition: none; + color: @base05; + background: @base02; +} +#keyboard-state label.locked { + color: @base00; + background: @base0D; +} +#mode { + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#network { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#clock { + padding-left: 16px; + padding-right: 16px; + border-radius: 10px 10px 10px 10px; + transition: none; + color: @base05; + background: @base02; +} +#wireplumber { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#wireplumber.muted { + background-color: @base03; + color: @base08; +} +#cpu { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#memory { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#temperature { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#temperature.critical { + background-color: @base08; +} +#backlight { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#battery { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#battery.charging { + color: @base05; + background-color: @base0B; +} +#battery.warning:not(.charging) { + background-color: @base09; + color: @base00; +} +#battery.critical:not(.charging) { + background-color: @base08; + color: @base00; + animation-name: blink; + animation-duration: 0.5s; + animation-timing-function: linear; + animation-iteration-count: infinite; + animation-direction: alternate; +} +#tray { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#power-profiles-daemon { + margin-right: 8px; + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +#custom-power { + padding-left: 16px; + padding-right: 16px; + border-radius: 10px; + transition: none; + color: @base05; + background: @base02; +} +@keyframes blink { + to { + background-color: @base05; + color: #000000; + } +} +
diff --git a/secrets/eximius.yaml b/secrets/eximius.yaml @@ -0,0 +1,28 @@ +voidPassword: ENC[AES256_GCM,data:iaZ7Tilcrmc7JdKSFxpJ55lXtSOqTnw8Y8zzxzgJoj+rDXsEVz9ilxVvw6RRE3bhCYsP7lvOXc8oFLX2MQOGavF7rlIRHO6T8g==,iv:yvV+GOCCWF3IGRMqXeRK6Oi1F5yqq/Jj6ZkyrPHGaHE=,tag:NigKN87jGjedsecf16zQhg==,type:str] +sops: + age: + - recipient: age1lkdpl26w3wyaes75hg6wwc2p3puqv24d4xyuf5xc9q9u9we0jq6q8lvz8f + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOT1dvdVlqaGV0MjNUSVhj + Q3ZJMGR2OHhYYUVXSUFLTEZuNTBnaWtUb3dBClVXS2tsSzgvUEJkVlNiNlk1S1RI + czJQV09LcHJNOU5WZHN2TFRyNmtlR3MKLS0tIENsL2h5SjFTUnVLd3lCejVDZnJk + YVFQRGZRK3lVWlZrWm9KU3BHOElkK3MKORf4RgUNw4XdagWzBh/k6lqf3Zv6C+Vo + VbAmIsW6zJe3WPR/kZleUD92SnZA73skCLy6CaJKVgKU0jQFWSxUBA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-10-01T10:23:50Z" + mac: ENC[AES256_GCM,data:/SrARrT5kOZJsAUuP7wIxfgF4iYJW0q+6Wd6P/GR4a+6mz640IFCvjC6RbfRHUOmYMB9Hf9cWnxgZaMaqBkQf96J/GGIgTardxwMh917C8iiAR8wtOcx3ndBQCgg5vU7XdWm1GlCGs+PJ3vgeL6pumz2ZhFthkpEY+eCtMHxJ1k=,iv:wxpTioCp8t4NNNR7SDgCGel2EveSqAnye2A7wD4d1U8=,tag:F8Xe/LYFoRVHygEvrjd7Kw==,type:str] + pgp: + - created_at: "2025-10-01T10:43:14Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hF4D3Q9NEB9zpDESAQdAW+m/XozTtV23R02QxTxpH6Now+yT4dVaL3NFsFs1YCYw + VL2s5EEM4keAuyn1ZexBci1r5I/ActQxq/NC1PyvNvHjUxWGbqnKNe6kDuU69lNO + 0l4Bsid2JwX5DWPg6SiC/Cg8L4Rnlw5sRe3moYKvyg3LdXTip2PpkRTt1wTKPxqh + dQ/7V7NI4qBaE0pW5aHR708S+JZC9Uh0EGLeulbkGMAGKTEuzlSLyJX8SZgka+91 + =q/NN + -----END PGP MESSAGE----- + fp: AB27F5D1136B20D3149FBCC00389451731A3ADDD + unencrypted_suffix: _unencrypted + version: 3.10.2
diff --git a/secrets/zaphyra/sieve.yaml b/secrets/zaphyra/sieve.yaml @@ -4,36 +4,25 @@ sops: - recipient: age1wpffcr5p88a2x9dzx5v3sq4jqurvygu94fx773n229fqk4p95qzs840cmn enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsTDJSRzI0ZkFCM29lMmJj - THNMb0F5SklUbXltTnNjT3pMd2hGZkNBekZzCnlrTGFpdzBucThCbnp4VW5qTisz - ZDdueG84bDhYb28rMjlRL2pERGhLbnMKLS0tIG5Xd08yL0crK3pRck4vcC92Rkwr - WlRxTDhwTmJLV012aXRLTDROSVFmL00KjqNd3ZPDmVpRvltq7WZLXRdznFaMMXT4 - DXucNg0l4L3eNGVqHj7jylpK/K0E8qn5zVTI0BRxLojonQAikFm/2w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzcXc4d1BxcER3cVNGa2cw + R21WZTJYb3dnM0lXOTN4cy9SdGh1WGl3eDFrCnpib1BwdzMrczZiZ3hiaU9qTEtC + bVYxT1NURWdMdjhNMkFSd0JWM1RibUEKLS0tIHZza0ExbHBiK3BOSGlHaDIxaDlp + MmtvS1VYeWtZRFRxQ0ZYWksrb1hLcDAKwDMF/ps6CsJFZQMbC2xluDXNCvoy3JhQ + HIJ3MhE+t1072emdkdMV32myvhLDrqjgVRq9emSRtLoqJi7kGgfO6w== -----END AGE ENCRYPTED FILE----- lastmodified: "2025-05-24T11:26:16Z" mac: ENC[AES256_GCM,data:KQP4IvHkCVWUYoWmvThQ6MageJzohS/O+039Kg6MvPeWiLbPdIEJH9GHG1bvXZ47Xl3cPVlQwJBQ24g2iqYFkGRnwVpnJ4mz2v2fp4JaTP8DJdAAJS4Xl4pseMsatvbFL8ZVNVBXvbbbYGvWzE/muMQv8xZ6em+AwwACNjtPWV4=,iv:CJIeT6eYh1Oku4N6lC/ESBiyPtE7m2ffka1S9x2YHzU=,tag:HKkRE5+VSgxrn+QsoKykKQ==,type:str] pgp: - - created_at: "2025-06-16T13:07:16Z" + - created_at: "2025-11-12T14:51:05Z" enc: |- -----BEGIN PGP MESSAGE----- - hF4DfdBfTP3jZzQSAQdAwMC+8SP6GLKtuM/48DUHdLQB4d+eOEEcQjhkf1ubPjMw - OIijBS1UWxcX12Cvsq2fZ1bnJYGGdN7fkrwGMKKiCjBAK7wuqDJcuAZJYPP4nzS0 - 0l4Bk8JWqyXZ0G3sRRNAhb/sbJYNwB88igDpxErqiSvjhwlHxSxqRvyrOuwptYYa - vD6OVzmiD7nvXv4spNLWmoeFBS8GSH+/IYObwz06/vJbKvieKRR10gkkhNnHh7Yx - =D8wp + hF4DfdBfTP3jZzQSAQdAxIb5Nel67yYrxtBuTHQI7s0dgJglBNMISS2HP/3HfCIw + DOhNTgFgf3bfDKH1p/7i6YHfMn5CI9jQTtj1alOdyzygioutYaNI6DJU3qhD2hZU + 0l4BUOBSWFxsLHZ07vKBu+j89ryvMPkbWoNBv0I0goSVN1JEJDFDxTvcUgXctq0Z + DESk+850m1QCvezSnH3cC/LKZ3ePWVqPdHz6UbfYFjdK+FhY7CMqY2iTYa23ApSQ + =//B1 -----END PGP MESSAGE----- fp: BFE6386C8D66BCD4DAE14FC895F0FE7CD7E6A022 - - created_at: "2025-06-16T13:07:16Z" - enc: |- - -----BEGIN PGP MESSAGE----- - - hF4DaBViTd9dOpwSAQdA9w51QzHk9EFaruOqirieCVTb76SxmnoWdDbS5GTsay4w - LeR9CoG+EoIoUFtxxWJ+1KjOVVnNj02z2LO8AkNKdoHc6JEHAL02fXM3O5FwBzzj - 0l4Bg7yI3fD7iU5Aa7uTjGRZ3K4oS/abbJKDqnMOoCMMwW1Ipk2DjH1DdkW+JOi+ - ueQLjYxjDPRrdxRnLWiOVxCGke717hkkZOweCvwO8Vu+AhoZhEoXvVlE4zeihoZ1 - =K2tb - -----END PGP MESSAGE----- - fp: 321EFA52CF155E9FD646279E0FB0CA11985EB5F6 unencrypted_suffix: _unencrypted version: 3.9.4
diff --git a/statix.toml b/statix.toml @@ -0,0 +1,6 @@ +disabled = [ + 'collapsible_let_in' +] +nix_version = '2.4' +ignore = ['.direnv', 'resources' ] +