nullbite/nixfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reformat repository with Alejandra

Browse Source
This commit is contained in:
NullBite 2025-02-25 16:53:02 -05:00
parent b8f5793ac0
commit 783055b885
Signed by: nullbite
GPG Key ID: 6C4D545385D4925A
113 changed files with 2348 additions and 1841 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
default.nix
View File

@ -1,4 +1,5 @@
(import (
import
( (
let let
lock = builtins.fromJSON (builtins.readFile ./flake.lock); lock = builtins.fromJSON (builtins.readFile ./flake.lock);
@ -9,5 +10,6 @@
sha256 = lock.nodes.${nodeName}.locked.narHash; sha256 = lock.nodes.${nodeName}.locked.narHash;
} }
) )
{ src = ./.; } {src = ./.;}
).defaultNix )
.defaultNix

2
flake/home.nix
View File

@ -1 +1 @@
{ ... }: { } {...}: {}

2
flake/packages.nix
View File

@ -1,2 +1,2 @@
{ ... }: { {...}: {
} }

3
home/common/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./wm ./wm
./nodm.nix ./nodm.nix

11
home/common/nix.nix
View File

@ -1,5 +1,12 @@
{ pkgs, lib, config, osConfig ? { }, options, nixpkgs, ... }: {
let pkgs,
lib,
config,
osConfig ? {},
options,
nixpkgs,
...
}: let
cfg = config.nixfiles.common.nix; cfg = config.nixfiles.common.nix;
standalone = !(osConfig ? home-manager); standalone = !(osConfig ? home-manager);
in { in {

27
home/common/nodm.nix
View File

@ -1,18 +1,23 @@
{ lib, pkgs, config, osConfig ? {}, options, ... }:
let
cfg = config.nixfiles.common.nodm;
in
{ {
lib,
pkgs,
config,
osConfig ? {},
options,
...
}: let
cfg = config.nixfiles.common.nodm;
in {
config = let config = let
hyprland="${config.wayland.windowManager.hyprland.finalPackage}/bin/Hyprland"; hyprland = "${config.wayland.windowManager.hyprland.finalPackage}/bin/Hyprland";
tty="${pkgs.coreutils}/bin/tty"; tty = "${pkgs.coreutils}/bin/tty";
initCommands = initCommands = ''
''
if [[ "$(${tty})" == "/dev/tty1" && -z "''${WAYLAND_DISPLAY:+x}" ]] ; then if [[ "$(${tty})" == "/dev/tty1" && -z "''${WAYLAND_DISPLAY:+x}" ]] ; then
${hyprland} ${hyprland}
fi fi
''; '';
in lib.mkIf (cfg.enable && config.wayland.windowManager.hyprland.enable) { in
lib.mkIf (cfg.enable && config.wayland.windowManager.hyprland.enable) {
# auto start Hyprland on tty1 # auto start Hyprland on tty1
programs.zsh.initExtra = initCommands; programs.zsh.initExtra = initCommands;
programs.bash.initExtra = initCommands; programs.bash.initExtra = initCommands;
@ -22,7 +27,9 @@ in
enable = lib.mkOption { enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
description = "Whether to automatically start a desktop session on TTY1, behaving like a rudimentary display manager."; description = "Whether to automatically start a desktop session on TTY1, behaving like a rudimentary display manager.";
default = osConfig ? systemd default =
osConfig
? systemd
&& config.nixfiles.meta.graphical && config.nixfiles.meta.graphical
&& (!( && (!(
(osConfig.systemd.services.display-manager.enable or false) (osConfig.systemd.services.display-manager.enable or false)

22
home/common/shell.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
inherit (lib) mkOption mkEnableOption mkIf mkDefault; inherit (lib) mkOption mkEnableOption mkIf mkDefault;
cfg = config.nixfiles.common.shell; cfg = config.nixfiles.common.shell;
@ -8,10 +12,11 @@ let
history | sed 's:^ \+[0-9]\+ \+::' | grep '^,' | cut -d' ' -f2- | sed 's:^\(-[^ ]\+ \?\)\+::g' | grep . | cut -d' ' -f1 | sort | uniq -c | sort -g history | sed 's:^ \+[0-9]\+ \+::' | grep '^,' | cut -d' ' -f2- | sed 's:^\(-[^ ]\+ \?\)\+::g' | grep . | cut -d' ' -f1 | sort | uniq -c | sort -g
} }
''; '';
in in {
{
options.nixfiles.common.shell = { options.nixfiles.common.shell = {
enable = lib.mkEnableOption "" // { enable =
lib.mkEnableOption ""
// {
description = "Whether to enable the nixfiles shell configuration."; description = "Whether to enable the nixfiles shell configuration.";
}; };
}; };
@ -43,11 +48,13 @@ in
}; };
programs.zsh = { programs.zsh = {
enable = mkDefault true; enable = mkDefault true;
initExtra = '' initExtra =
''
export HOME_MANAGER_MANAGED=true export HOME_MANAGER_MANAGED=true
[[ -e ~/dotfiles/shell/.zshrc ]] && . ~/dotfiles/shell/.zshrc ]] [[ -e ~/dotfiles/shell/.zshrc ]] && . ~/dotfiles/shell/.zshrc ]]
unset HOME_MANAGER_MANAGED unset HOME_MANAGER_MANAGED
'' + common_functions "zsh"; ''
+ common_functions "zsh";
oh-my-zsh = { oh-my-zsh = {
enable = mkDefault true; enable = mkDefault true;
theme = "robbyrussell"; theme = "robbyrussell";
@ -59,6 +66,5 @@ in
]; ];
}; };
}; };
}; };
} }

38
home/common/theme.nix
View File

@ -1,13 +1,20 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.theming; cfg = config.nixfiles.theming;
mkDefaultStylix = lib.mkOverride 999; mkDefaultStylix = lib.mkOverride 999;
toCaps = s: with lib.strings; with builtins; toCaps = s:
(toUpper (substring 0 1 s)) + toLower (substring 1 ((stringLength s)-1) s); with lib.strings;
with builtins;
(toUpper (substring 0 1 s)) + toLower (substring 1 ((stringLength s) - 1) s);
inherit (lib.strings) toUpper toLower; inherit (lib.strings) toUpper toLower;
mkCtp = flavor: accent: with pkgs; { mkCtp = flavor: accent:
with pkgs; {
names = { names = {
cursors = "catppuccin-${toLower flavor}-${toLower accent}-cursors"; cursors = "catppuccin-${toLower flavor}-${toLower accent}-cursors";
icons = "Papirus-Dark"; icons = "Papirus-Dark";
@ -21,9 +28,18 @@ let
}; };
packages = { packages = {
cursors = catppuccin-cursors."${toLower flavor}${toCaps accent}"; cursors = catppuccin-cursors."${toLower flavor}${toCaps accent}";
kvantum = catppuccin-kvantum.override { variant = toLower flavor; accent = toLower accent; }; kvantum = catppuccin-kvantum.override {
icons = catppuccin-papirus-folders.override { flavor = toLower flavor; accent = toLower accent; }; variant = toLower flavor;
gtk = catppuccin-gtk.override { variant = toLower flavor; accents = [ (toLower accent) ]; }; accent = toLower accent;
};
icons = catppuccin-papirus-folders.override {
flavor = toLower flavor;
accent = toLower accent;
};
gtk = catppuccin-gtk.override {
variant = toLower flavor;
accents = [(toLower accent)];
};
}; };
}; };
@ -54,9 +70,11 @@ in {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
fonts.fontconfig.enable = lib.mkDefault true; fonts.fontconfig.enable = lib.mkDefault true;
home.packages = with pkgs; [ home.packages = with pkgs;
[
ubuntu_font_family ubuntu_font_family
] ++ lib.mapAttrsToList (k: v: v) ctp.packages; ]
++ lib.mapAttrsToList (k: v: v) ctp.packages;
gtk = { gtk = {
enable = true; enable = true;

33
home/common/wm/default.nix
View File

@ -1,17 +1,22 @@
{ pkgs, lib, config, osConfig ? {}, options, ...}: {
let pkgs,
lib,
config,
osConfig ? {},
options,
...
}: let
cfg = config.nixfiles.common.wm; cfg = config.nixfiles.common.wm;
inherit (lib) mkDefault; inherit (lib) mkDefault;
mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v); mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v);
in in {
{
options.nixfiles.common.wm = { options.nixfiles.common.wm = {
enable = lib.mkEnableOption "common window manager config"; enable = lib.mkEnableOption "common window manager config";
autostart = lib.mkOption { autostart = lib.mkOption {
description = "List of window manager agnostic commnads to run at window manager startup"; description = "List of window manager agnostic commnads to run at window manager startup";
type = lib.types.listOf lib.types.str; type = lib.types.listOf lib.types.str;
default = [ ]; default = [];
example = [ "steam -silent" ]; example = ["steam -silent"];
}; };
}; };
@ -51,8 +56,14 @@ in
nwg-displays nwg-displays
# very consistent (ok it's actually a little better now) # very consistent (ok it's actually a little better now)
(catppuccin-papirus-folders.override {accent = "mauve"; flavor = "mocha"; }) (catppuccin-papirus-folders.override {
(pkgs.catppuccin-kvantum.override {accent = "mauve"; variant = "mocha"; }) accent = "mauve";
flavor = "mocha";
})
(pkgs.catppuccin-kvantum.override {
accent = "mauve";
variant = "mocha";
})
catppuccin-cursors.mochaMauve catppuccin-cursors.mochaMauve
arc-theme arc-theme
@ -73,13 +84,13 @@ in
}; };
}; };
# File associations # File associations
xdg.mimeApps = { xdg.mimeApps = {
enable = true; enable = true;
defaultApplications = let defaultApplications = let
defaultBrowser = [ "firefox.desktop" ]; defaultBrowser = ["firefox.desktop"];
in mkOverrideEach 50 { in
mkOverrideEach 50 {
"x-scheme-handler/https" = defaultBrowser; "x-scheme-handler/https" = defaultBrowser;
"x-scheme-handler/http" = defaultBrowser; "x-scheme-handler/http" = defaultBrowser;
"text/html" = defaultBrowser; "text/html" = defaultBrowser;

14
home/common/wm/keybinds.nix
View File

@ -1,12 +1,16 @@
{ pkgs, config, lib, outputs, ... }: {
let pkgs,
config,
lib,
outputs,
...
}: let
df = lib.mkDefault; df = lib.mkDefault;
mkxf = with lib; mapAttrs' (name: value: nameValuePair ("XF86" + name) (value)); mkxf = with lib; mapAttrs' (name: value: nameValuePair ("XF86" + name) value);
# not rewriting this rn # not rewriting this rn
keysetting = "${outputs.packages.${pkgs.system}.wm-helpers}/bin/keysetting"; keysetting = "${outputs.packages.${pkgs.system}.wm-helpers}/bin/keysetting";
in in {
{
options.nixfiles.common.wm = { options.nixfiles.common.wm = {
keybinds = lib.mkOption { keybinds = lib.mkOption {
description = '' description = ''

22
home/default.nix
View File

@ -1,10 +1,18 @@
{ pkgs, config, lib, options, osConfig ? { }, nixpkgs, home-manager, inputs, ... }@args: {
let pkgs,
config,
lib,
options,
osConfig ? {},
nixpkgs,
home-manager,
inputs,
...
} @ args: let
isStandalone = osConfig ? home-manager; isStandalone = osConfig ? home-manager;
cfg = config.nixfiles; cfg = config.nixfiles;
flakeType = cfg.lib.types.flake; flakeType = cfg.lib.types.flake;
in in {
{
imports = [ imports = [
./common ./common
./package-sets ./package-sets
@ -25,7 +33,7 @@ in
lib = lib.mkOption { lib = lib.mkOption {
description = "nixfiles library"; description = "nixfiles library";
default = (import ../lib/nixfiles) { inherit pkgs; }; default = (import ../lib/nixfiles) {inherit pkgs;};
readOnly = true; readOnly = true;
}; };
@ -53,13 +61,13 @@ in
meta.graphical = lib.mkOption { meta.graphical = lib.mkOption {
description = "Whether to enable graphical home-manager applications"; description = "Whether to enable graphical home-manager applications";
type = lib.types.bool; type = lib.types.bool;
default = (osConfig ? services && osConfig.services.xserver.enable); default = osConfig ? services && osConfig.services.xserver.enable;
example = true; example = true;
}; };
meta.wayland = lib.mkOption { meta.wayland = lib.mkOption {
description = "Whether to prefer wayland packages and configuration"; description = "Whether to prefer wayland packages and configuration";
type = lib.types.bool; type = lib.types.bool;
default = (lib.hasAttrByPath [ "nixfiles" "meta" "wayland" ] osConfig) && osConfig.nixfiles.meta.wayland; default = (lib.hasAttrByPath ["nixfiles" "meta" "wayland"] osConfig) && osConfig.nixfiles.meta.wayland;
example = true; example = true;
}; };

44
home/package-sets/communication.nix
View File

@ -1,10 +1,16 @@
{ pkgs, lib, config, osConfig ? {}, inputs, ... }: {
let pkgs,
lib,
config,
osConfig ? {},
inputs,
...
}: let
cfg = config.nixfiles.packageSets.communication; cfg = config.nixfiles.packageSets.communication;
rustdesk-pkg = if (lib.strings.hasInfix "23.11" lib.version) then rustdesk-pkg =
inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.rustdesk-flutter if (lib.strings.hasInfix "23.11" lib.version)
else then inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.rustdesk-flutter
pkgs.rustdesk-flutter; else pkgs.rustdesk-flutter;
vesktop-ozone-cmd = let vesktop-ozone-cmd = let
extraFlags = lib.optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu"; extraFlags = lib.optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu";
@ -17,23 +23,21 @@ let
done done
exec "$@" exec "$@"
''; '';
in in {
{
options.nixfiles.packageSets.communication = { options.nixfiles.packageSets.communication = {
enable = lib.mkEnableOption "communication package set"; enable = lib.mkEnableOption "communication package set";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
xdg.desktopEntries.vesktop = lib.mkIf config.nixfiles.meta.graphical { xdg.desktopEntries.vesktop = lib.mkIf config.nixfiles.meta.graphical {
categories= ["Network" "InstantMessaging" "Chat"]; categories = ["Network" "InstantMessaging" "Chat"];
exec=vesktop-ozone-cmd + " %U"; exec = vesktop-ozone-cmd + " %U";
genericName="Internet Messenger"; genericName = "Internet Messenger";
icon="vesktop"; icon = "vesktop";
name="Vesktop"; name = "Vesktop";
type="Application"; type = "Application";
settings = { settings = {
StartupWMClass="Vesktop"; StartupWMClass = "Vesktop";
Keywords="discord;vencord;electron;chat"; Keywords = "discord;vencord;electron;chat";
}; };
}; };
@ -41,7 +45,8 @@ in
(waitNet + " " + vesktop-ozone-cmd + " --start-minimized") (waitNet + " " + vesktop-ozone-cmd + " --start-minimized")
]; ];
home.packages = with pkgs; lib.optionals config.nixfiles.meta.graphical [ home.packages = with pkgs;
lib.optionals config.nixfiles.meta.graphical [
element-desktop element-desktop
telegram-desktop telegram-desktop
signal-desktop signal-desktop
@ -50,7 +55,8 @@ in
rustdesk-pkg rustdesk-pkg
tor-browser tor-browser
onionshare onionshare
] ++ [ ]
++ [
irssi irssi
]; ];
}; };

3
home/package-sets/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./communication.nix ./communication.nix
./dev.nix ./dev.nix

12
home/package-sets/dev.nix
View File

@ -1,8 +1,12 @@
{ pkgs, lib, config, osConfig ? {}, ... }:
let
cfg = config.nixfiles.packageSets.dev;
in
{ {
pkgs,
lib,
config,
osConfig ? {},
...
}: let
cfg = config.nixfiles.packageSets.dev;
in {
options.nixfiles.packageSets.dev = { options.nixfiles.packageSets.dev = {
enable = lib.mkEnableOption "development package set"; enable = lib.mkEnableOption "development package set";
}; };

36
home/package-sets/multimedia.nix
View File

@ -1,11 +1,15 @@
{ config, lib, pkgs, osConfig ? { }, ...}: {
let config,
lib,
pkgs,
osConfig ? {},
...
}: let
cfg = config.nixfiles.packageSets.multimedia; cfg = config.nixfiles.packageSets.multimedia;
inherit (lib) optionals mkEnableOption mkIf; inherit (lib) optionals mkEnableOption mkIf;
default = osConfig ? nixfiles && osConfig.nixfiles.packageSets.multimedia.enable; default = osConfig ? nixfiles && osConfig.nixfiles.packageSets.multimedia.enable;
mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v); mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v);
in in {
{
options.nixfiles.packageSets.multimedia = { options.nixfiles.packageSets.multimedia = {
enable = lib.mkOption { enable = lib.mkOption {
description = "Whether to enable multimedia packages"; description = "Whether to enable multimedia packages";
@ -16,7 +20,8 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; optionals config.nixfiles.meta.graphical [ home.packages = with pkgs;
optionals config.nixfiles.meta.graphical [
mpv mpv
gimp gimp
krita krita
@ -27,7 +32,8 @@ in
picard picard
spicetify-cli spicetify-cli
(kodi.withPackages (_: [])) # this is required to get python libs (kodi.withPackages (_: [])) # this is required to get python libs
] ++ [ ]
++ [
yt-dlp yt-dlp
gallery-dl gallery-dl
imagemagick imagemagick
@ -39,18 +45,18 @@ in
xdg.mimeApps.defaultApplications = lib.mkMerge [ xdg.mimeApps.defaultApplications = lib.mkMerge [
# project files # project files
(mkOverrideEach 100 { (mkOverrideEach 100 {
"image/x-xcf" = [ "gimp.desktop" ]; "image/x-xcf" = ["gimp.desktop"];
"image/x-compressed-xcf" = [ "gimp.desktop" ]; "image/x-compressed-xcf" = ["gimp.desktop"];
"image/x-krita" = [ "krita.desktop" ]; "image/x-krita" = ["krita.desktop"];
"application/x-audacity-project" = [ "audacity.desktop" ]; "application/x-audacity-project" = ["audacity.desktop"];
"application/x-audacity-project+sqlite3" = [ "audacity.desktop" ]; "application/x-audacity-project+sqlite3" = ["audacity.desktop"];
"image/svg+xml" = [ "org.inkscape.Inkscape.desktop" ]; "image/svg+xml" = ["org.inkscape.Inkscape.desktop"];
"image/svg+xml-compressed" = [ "org.inkscape.Inkscape.desktop" ]; "image/svg+xml-compressed" = ["org.inkscape.Inkscape.desktop"];
}) })
# general files # general files
(with pkgs; mkOverrideEach 150 (config.lib.xdg.mimeAssociations [ nomacs mpv ])) (with pkgs; mkOverrideEach 150 (config.lib.xdg.mimeAssociations [nomacs mpv]))
# rest of the files # rest of the files
(with pkgs; mkOverrideEach 200 (config.lib.xdg.mimeAssociations [ inkscape gimp audacity ])) (with pkgs; mkOverrideEach 200 (config.lib.xdg.mimeAssociations [inkscape gimp audacity]))
]; ];
}; };
} }

21
home/package-sets/productivity.nix
View File

@ -1,11 +1,15 @@
{ pkgs, lib, config, ... }: {
let pkgs,
lib,
config,
...
}: let
cfg = config.nixfiles.packageSets.productivity; cfg = config.nixfiles.packageSets.productivity;
inherit (lib) optionals; inherit (lib) optionals;
in in {
{
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
home.packages = with pkgs; optionals config.nixfiles.meta.graphical [ home.packages = with pkgs;
optionals config.nixfiles.meta.graphical [
libreoffice-fresh libreoffice-fresh
obsidian obsidian
anki anki
@ -13,19 +17,20 @@ in
# mapping/GIS # mapping/GIS
qgis qgis
josm josm
] ++ [ ]
++ [
pandoc pandoc
]; ];
xdg.desktopEntries.obsidian = lib.mkIf config.nixfiles.meta.graphical { xdg.desktopEntries.obsidian = lib.mkIf config.nixfiles.meta.graphical {
categories = [ "Office" ]; categories = ["Office"];
comment = "Knowledge base"; comment = "Knowledge base";
exec = let exec = let
extraFlags = with lib.strings; extraFlags = with lib.strings;
optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu"; optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu";
in "env NIXOS_OZONE_WL=1 obsidian${extraFlags} %u"; in "env NIXOS_OZONE_WL=1 obsidian${extraFlags} %u";
icon = "obsidian"; icon = "obsidian";
mimeType = [ "x-scheme-handler/obsidian" ]; mimeType = ["x-scheme-handler/obsidian"];
name = "Obsidian"; name = "Obsidian";
type = "Application"; type = "Application";
}; };

39
home/profile/base.nix
View File

@ -1,8 +1,12 @@
{ lib, pkgs, config, osConfig ? { }, ... }:
let
cfg = config.nixfiles.profile.base;
in
{ {
lib,
pkgs,
config,
osConfig ? {},
...
}: let
cfg = config.nixfiles.profile.base;
in {
# imports = [ # imports = [
# ./comma.nix # ./comma.nix
# ]; # ];
@ -31,7 +35,8 @@ in
"${config.home.profileDirectory}/share/terminfo" "${config.home.profileDirectory}/share/terminfo"
"/usr/share/terminfo" "/usr/share/terminfo"
]; ];
in builtins.concatStringsSep ":" terminfo-dirs; in
builtins.concatStringsSep ":" terminfo-dirs;
}) })
]; ];
@ -47,8 +52,9 @@ in
# presense of ~/.gitconfig. git will read from both files, and `git config` # presense of ~/.gitconfig. git will read from both files, and `git config`
# will not write to ~/.gitconfig when the managed config exists unless # will not write to ~/.gitconfig when the managed config exists unless
# ~/.gitconfig also exists # ~/.gitconfig also exists
home.activation.git-create-gitconfig = lib.mkIf config.programs.git.enable home.activation.git-create-gitconfig =
(lib.hm.dag.entryAfter [ "writeBoundary" ] '' lib.mkIf config.programs.git.enable
(lib.hm.dag.entryAfter ["writeBoundary"] ''
_nixfiles_git_create_gitconfig () { _nixfiles_git_create_gitconfig () {
if ! [[ -a "$HOME/.gitconfig" ]] ; then if ! [[ -a "$HOME/.gitconfig" ]] ; then
touch "$HOME/.gitconfig" touch "$HOME/.gitconfig"
@ -64,16 +70,18 @@ in
# defaultTerminal = # defaultTerminal =
# if config.programs.kitty.enable then "kitty" # if config.programs.kitty.enable then "kitty"
# else null; # else null;
in { in {
enable = lib.mkDefault true; enable = lib.mkDefault true;
settings = lib.mkMerge [{ settings = lib.mkMerge [
{
use_preview_script = lib.mkDefault true; use_preview_script = lib.mkDefault true;
preview_files = lib.mkDefault true; preview_files = lib.mkDefault true;
} (lib.mkIf (!(isNull defaultTerminal)) { }
(lib.mkIf (!(isNull defaultTerminal)) {
preview_images = lib.mkDefault true; preview_images = lib.mkDefault true;
preview_images_method = lib.mkDefault defaultTerminal; preview_images_method = lib.mkDefault defaultTerminal;
})]; })
];
}; };
programs.keychain = { programs.keychain = {
@ -83,7 +91,8 @@ in
extraFlags = [ extraFlags = [
"--quiet" "--quiet"
"--systemd" "--systemd"
"--inherit" "any-once" "--inherit"
"any-once"
"--noask" "--noask"
]; ];
}; };
@ -100,7 +109,8 @@ in
neofetch-hyfetch-shim = writeShellScriptBin "neofetch" '' neofetch-hyfetch-shim = writeShellScriptBin "neofetch" ''
exec "${pkgs.hyfetch}/bin/neowofetch" "$@" exec "${pkgs.hyfetch}/bin/neowofetch" "$@"
''; '';
in [ in
[
# nix stuff # nix stuff
nvd nvd
nix-tree nix-tree
@ -165,7 +175,8 @@ in
zoxide zoxide
asciinema asciinema
mtr mtr
] ++ builtins.map (x: lib.hiPrio x) [ ]
++ builtins.map (x: lib.hiPrio x) [
# terminfo (just the ones i'm likely to use) # terminfo (just the ones i'm likely to use)
kitty.terminfo kitty.terminfo
alacritty.terminfo alacritty.terminfo

3
home/profile/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./base.nix ./base.nix
./pc.nix ./pc.nix

12
home/profile/pc.nix
View File

@ -1,9 +1,13 @@
{ pkgs, config, osConfig ? {}, lib, ...}: {
let pkgs,
config,
osConfig ? {},
lib,
...
}: let
cfg = config.nixfiles.profile.pc; cfg = config.nixfiles.profile.pc;
default = osConfig ? nixfiles && osConfig.nixfiles.profile.pc.enable; default = osConfig ? nixfiles && osConfig.nixfiles.profile.pc.enable;
in in {
{
options.nixfiles.profile.pc.enable = lib.mkOption { options.nixfiles.profile.pc.enable = lib.mkOption {
description = "Whether to enable the personal computer profile"; description = "Whether to enable the personal computer profile";
type = lib.types.bool; type = lib.types.bool;

15
home/programs/comma.nix
View File

@ -1,8 +1,12 @@
{ lib, pkgs, config, inputs, ... } @args:
let
cfg = config.nixfiles.programs.comma;
in
{ {
lib,
pkgs,
config,
inputs,
...
} @ args: let
cfg = config.nixfiles.programs.comma;
in {
imports = [ imports = [
inputs.nix-index-database.hmModules.nix-index inputs.nix-index-database.hmModules.nix-index
]; ];
@ -13,7 +17,8 @@ in
config = { config = {
programs.nix-index.symlinkToCacheHome = lib.mkDefault cfg.enable; programs.nix-index.symlinkToCacheHome = lib.mkDefault cfg.enable;
home.packages = with pkgs; lib.optionals cfg.enable [ home.packages = with pkgs;
lib.optionals cfg.enable [
comma comma
]; ];
}; };

3
home/programs/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./comma.nix ./comma.nix
./mopidy.nix ./mopidy.nix

8
home/programs/dunst.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.programs.dunst; cfg = config.nixfiles.programs.dunst;
mkd = lib.mkDefault; mkd = lib.mkDefault;
in { in {

21
home/programs/hypridle.nix
View File

@ -1,21 +1,25 @@
{ pkgs, config, lib, ... }: {
let pkgs,
config,
lib,
...
}: let
cfg = config.nixfiles.services.hypridle; cfg = config.nixfiles.services.hypridle;
inherit (lib.types) str int; inherit (lib.types) str int;
in in {
{
options.nixfiles.services.hypridle = { options.nixfiles.services.hypridle = {
enable = lib.mkEnableOption "the hypridle configuration"; enable = lib.mkEnableOption "the hypridle configuration";
timeouts = let timeouts = let
mkTimeout = timeout: desc: lib.mkOption { mkTimeout = timeout: desc:
lib.mkOption {
description = "${desc}"; description = "${desc}";
type = int; type = int;
default = timeout; default = timeout;
}; };
in { in {
dpms = mkTimeout (300) "DPMS timeout"; dpms = mkTimeout 300 "DPMS timeout";
lock = mkTimeout (360) "Lock timeout"; lock = mkTimeout 360 "Lock timeout";
locked-dpms = mkTimeout (10) "DPMS timeout while locked"; locked-dpms = mkTimeout 10 "DPMS timeout while locked";
}; };
commands = { commands = {
dpms-off = lib.mkOption { dpms-off = lib.mkOption {
@ -57,7 +61,6 @@ in
lock-dpms = pkgs.writeShellScript "lock-dpms" '' lock-dpms = pkgs.writeShellScript "lock-dpms" ''
${pkgs.procps}/bin/pgrep -x swaylock > /dev/null && "${dpms-wrapped}" ${pkgs.procps}/bin/pgrep -x swaylock > /dev/null && "${dpms-wrapped}"
''; '';
in [ in [
{ {
timeout = cfg.timeouts.dpms; timeout = cfg.timeouts.dpms;

15
home/programs/mopidy.nix
View File

@ -1,8 +1,13 @@
{ lib, pkgs, config, outputs, osConfig ? {}, ... }:
let
cfg = config.nixfiles.programs.mopidy;
in
{ {
lib,
pkgs,
config,
outputs,
osConfig ? {},
...
}: let
cfg = config.nixfiles.programs.mopidy;
in {
options.nixfiles.programs.mopidy = { options.nixfiles.programs.mopidy = {
enable = lib.mkEnableOption "mopidy configuration"; enable = lib.mkEnableOption "mopidy configuration";
}; };
@ -38,7 +43,7 @@ in
]; ];
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [
(ncmpcpp.override { visualizerSupport = true; }) (ncmpcpp.override {visualizerSupport = true;})
]; ];
}; };
} }

11
home/programs/neovim.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
cfg = config.nixfiles.programs.neovim;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.programs.neovim;
in {
options.nixfiles.programs.neovim.enable = lib.mkEnableOption "the Neovim configuration"; options.nixfiles.programs.neovim.enable = lib.mkEnableOption "the Neovim configuration";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
programs.neovim = { programs.neovim = {

6
home/root.nix
View File

@ -1,8 +1,12 @@
# Configuration for root user. # Configuration for root user.
# TODO this file is sorta an exception to my repo organization, it should # TODO this file is sorta an exception to my repo organization, it should
# probably be somewhere else. # probably be somewhere else.
{ config, lib, pkgs, ... }@args:
{ {
config,
lib,
pkgs,
...
} @ args: {
imports = [ imports = [
./. ./.
]; ];

3
home/sessions/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./hyprland ./hyprland
./plasma.nix ./plasma.nix

53
home/sessions/hyprland/default.nix
View File

@ -1,5 +1,12 @@
{ lib, pkgs, config, osConfig ? {}, outputs, inputs, ... }@args: {
let lib,
pkgs,
config,
osConfig ? {},
outputs,
inputs,
...
} @ args: let
cfg = config.nixfiles.sessions.hyprland; cfg = config.nixfiles.sessions.hyprland;
mkd = lib.mkDefault; mkd = lib.mkDefault;
hyprland-pkg = config.wayland.windowManager.hyprland.finalPackage; hyprland-pkg = config.wayland.windowManager.hyprland.finalPackage;
@ -24,13 +31,15 @@ let
lock-cmd = "${swaylock}"; lock-cmd = "${swaylock}";
mkKittyHdrop = name: command: let mkKittyHdrop = name: command: let
class = if builtins.isNull (builtins.match "[[:alnum:]_]+" name) then throw "mkKittyHdrop: window name should be an alphanumeric string" else "kitty-${name}"; class =
if builtins.isNull (builtins.match "[[:alnum:]_]+" name)
then throw "mkKittyHdrop: window name should be an alphanumeric string"
else "kitty-${name}";
wrappedCommand = pkgs.writeShellScript "hdrop-${name}" '' wrappedCommand = pkgs.writeShellScript "hdrop-${name}" ''
exec bash -c ${lib.escapeShellArg command} exec bash -c ${lib.escapeShellArg command}
''; '';
in "hdrop -f -c ${class} 'kitty --class=${class} ${wrappedCommand}'"; in "hdrop -f -c ${class} 'kitty --class=${class} ${wrappedCommand}'";
# lock-cmd = let # lock-cmd = let
# cmd = pkgs.writeShellScript "lock-script" '' # cmd = pkgs.writeShellScript "lock-script" ''
# ${swayidle} -w timeout 10 '${hyprctl} dispatch dpms off' resume '${hyprctl} dispatch dpms on' & # ${swayidle} -w timeout 10 '${hyprctl} dispatch dpms off' resume '${hyprctl} dispatch dpms on' &
@ -48,7 +57,7 @@ let
resume 'hyprctl dispatch dpms on' resume 'hyprctl dispatch dpms on'
''; '';
hypr-dispatcher-package = pkgs.callPackage ./dispatcher { hyprland = hyprland-pkg; }; hypr-dispatcher-package = pkgs.callPackage ./dispatcher {hyprland = hyprland-pkg;};
hypr-dispatcher = "${hypr-dispatcher-package}/bin/hypr-dispatcher"; hypr-dispatcher = "${hypr-dispatcher-package}/bin/hypr-dispatcher";
wallpaper-package = "${pkgs.nixfiles-assets}"; wallpaper-package = "${pkgs.nixfiles-assets}";
@ -56,7 +65,8 @@ let
wallpaper-cmd = "${swaybg} -i ${wallpaper-package}/share/wallpapers/${wallpaper}"; wallpaper-cmd = "${swaybg} -i ${wallpaper-package}/share/wallpapers/${wallpaper}";
# https://github.com/flatpak/xdg-desktop-portal-gtk/issues/440#issuecomment-1900520919 # https://github.com/flatpak/xdg-desktop-portal-gtk/issues/440#issuecomment-1900520919
xdpg-workaround = pkgs.writeShellScript "xdg-desktop-portal-gtk-workaround" xdpg-workaround =
pkgs.writeShellScript "xdg-desktop-portal-gtk-workaround"
'' ''
${pkgs.coreutils}/bin/sleep 3 ${pkgs.coreutils}/bin/sleep 3
${pkgs.systemd}/bin/systemctl --user import-environment PATH ${pkgs.systemd}/bin/systemctl --user import-environment PATH
@ -65,19 +75,20 @@ let
bar-cmd = "${pkgs.waybar}/bin/waybar"; bar-cmd = "${pkgs.waybar}/bin/waybar";
# Hyprland workspace configuration # Hyprland workspace configuration
mainWorkspaces = builtins.genList (x: x+1) (9 ++ [0]); mainWorkspaces = builtins.genList (x: x + 1) (9 ++ [0]);
workspaceName = key: let workspaceName = key: let
inherit (builtins) hasAttr; inherit (builtins) hasAttr;
keyNames = { keyNames = {
"0" = "10"; "0" = "10";
}; };
in in
if hasAttr key keyNames then keyNames."${key}" else key; if hasAttr key keyNames
then keyNames."${key}"
else key;
inherit (outputs.packages.${pkgs.system}) wm-helpers; inherit (outputs.packages.${pkgs.system}) wm-helpers;
keysetting = "${wm-helpers}/bin/keysetting"; keysetting = "${wm-helpers}/bin/keysetting";
in in {
{
# FIXME this is temporary just to get it working, need to make wm-common an # FIXME this is temporary just to get it working, need to make wm-common an
# option first # option first
# imports = [ # imports = [
@ -88,7 +99,10 @@ in
enable = lib.mkOption { enable = lib.mkOption {
description = "Whether to enable hyprland."; description = "Whether to enable hyprland.";
type = lib.types.bool; type = lib.types.bool;
default = if (builtins.hasAttr "home-manager" osConfig) then osConfig.nixfiles.sessions.hyprland.enable else false; default =
if (builtins.hasAttr "home-manager" osConfig)
then osConfig.nixfiles.sessions.hyprland.enable
else false;
example = true; example = true;
}; };
@ -133,7 +147,6 @@ in
enable = true; enable = true;
package = lib.mkIf (osConfig ? programs) (lib.mkDefault osConfig.programs.hyprland.package); package = lib.mkIf (osConfig ? programs) (lib.mkDefault osConfig.programs.hyprland.package);
settings = { settings = {
# enable debug logging # enable debug logging
debug.disable_logs = mkd false; debug.disable_logs = mkd false;
@ -150,8 +163,10 @@ in
exec-once = let exec-once = let
wrapScope = cmd: "systemd-run --user --scope -- ${cmd}"; wrapScope = cmd: "systemd-run --user --scope -- ${cmd}";
in (lib.optional cfg.autolock lock-cmd) ++ (map wrapScope config.nixfiles.common.wm.autostart) ++ in
[ (lib.optional cfg.autolock lock-cmd)
++ (map wrapScope config.nixfiles.common.wm.autostart)
++ [
wallpaper-cmd wallpaper-cmd
notifydaemon notifydaemon
polkit-agent polkit-agent
@ -166,7 +181,6 @@ in
# Some default env vars. # Some default env vars.
# env = mkd "XCURSOR_SIZE,24"; # env = mkd "XCURSOR_SIZE,24";
# For all categories, see https://wiki.hyprland.org/Configuring/Variables/ # For all categories, see https://wiki.hyprland.org/Configuring/Variables/
input = { input = {
kb_layout = mkd "us"; kb_layout = mkd "us";
@ -263,7 +277,8 @@ in
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more # See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more # Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
bind = [ bind =
[
"$mod, Q, exec, ${terminal}" "$mod, Q, exec, ${terminal}"
"$mod, Return, exec, ${terminal}" "$mod, Return, exec, ${terminal}"
"$mod, C, killactive, " "$mod, C, killactive, "
@ -345,11 +360,13 @@ in
# edit this file # edit this file
("$mod SHIFT, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim " ("$mod SHIFT, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim "
+ lib.escapeShellArg (config.nixfiles.path + "/home/sessions/hyprland/default.nix")) + lib.escapeShellArg (config.nixfiles.path + "/home/sessions/hyprland/default.nix"))
] ++ lib.optional config.nixfiles.programs.mopidy.enable ]
++ lib.optional config.nixfiles.programs.mopidy.enable
"$mod CTRL, n, exec, ${mkKittyHdrop "ncmpcpp" "ncmpcpp"}"; "$mod CTRL, n, exec, ${mkKittyHdrop "ncmpcpp" "ncmpcpp"}";
# repeat, ignore mods # repeat, ignore mods
bindei = lib.mapAttrsToList (keysym: command: ",${keysym}, exec, ${command}") config.nixfiles.common.wm.finalKeybinds bindei =
lib.mapAttrsToList (keysym: command: ",${keysym}, exec, ${command}") config.nixfiles.common.wm.finalKeybinds
++ [ ++ [
]; ];

17
home/sessions/hyprland/dispatcher/default.nix
View File

@ -1,19 +1,20 @@
{ lib, {
lib,
stdenvNoCC, stdenvNoCC,
socat, socat,
coreutils, coreutils,
hyprland, hyprland,
makeShellWrapper }: makeShellWrapper,
let }: let
wrappedPath = lib.makeBinPath [ coreutils socat hyprland ]; wrappedPath = lib.makeBinPath [coreutils socat hyprland];
in in
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
name = "hyprland-dispatcher"; name = "hyprland-dispatcher";
phases = [ "installPhase" ]; phases = ["installPhase"];
nativeBuildInputs = [ makeShellWrapper ]; nativeBuildInputs = [makeShellWrapper];
src = ./.; src = ./.;
installPhase = '' installPhase = ''
install -Dm555 $src/dispatcher.sh $out/bin/hypr-dispatcher install -Dm555 $src/dispatcher.sh $out/bin/hypr-dispatcher
wrapProgramShell $out/bin/hypr-dispatcher --prefix PATH : "${wrappedPath}" wrapProgramShell $out/bin/hypr-dispatcher --prefix PATH : "${wrappedPath}"
''; '';
} }

18
home/sessions/plasma.nix
View File

@ -1,9 +1,13 @@
{ pkgs, config, lib, osConfig ? {}, ... }: {
let pkgs,
config,
lib,
osConfig ? {},
...
}: let
inherit (lib) mkOption mkEnableOption; inherit (lib) mkOption mkEnableOption;
cfg = config.nixfiles.sessions.plasma; cfg = config.nixfiles.sessions.plasma;
in in {
{
options.nixfiles.sessions.plasma = { options.nixfiles.sessions.plasma = {
enable = lib.mkOption { enable = lib.mkOption {
description = "Whether to enable the Plasma session home configuration."; description = "Whether to enable the Plasma session home configuration.";
@ -13,10 +17,10 @@ in
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# TODO make this a generic implementation # TODO make this a generic implementation
home.packages = let home.packages = let
startupScript = pkgs.writeShellScript "autostart-script" startupScript =
pkgs.writeShellScript "autostart-script"
(lib.concatStringsSep "\n" (lib.concatStringsSep "\n"
(builtins.map (x: "sh -c ${lib.escapeShellArg x} &") config.nixfiles.common.wm.autostart)); (builtins.map (x: "sh -c ${lib.escapeShellArg x} &") config.nixfiles.common.wm.autostart));
@ -30,6 +34,6 @@ in
mkdir -p $out/etc/xdg/autostart mkdir -p $out/etc/xdg/autostart
ln -s "${desktopFilePkg}/share/applications/${name}.desktop" "$out/etc/xdg/autostart/" ln -s "${desktopFilePkg}/share/applications/${name}.desktop" "$out/etc/xdg/autostart/"
''; '';
in [ autostartPkg ]; in [autostartPkg];
}; };
} }

7
home/standalone.nix
View File

@ -1,7 +1,12 @@
# Home Manager default nixfiles entrypoint. This serves as an alternative to # Home Manager default nixfiles entrypoint. This serves as an alternative to
# default.nix, which sets up some more appropriate options for home-manager # default.nix, which sets up some more appropriate options for home-manager
{ inputs, pkgs, config, lib, ... }:
{ {
inputs,
pkgs,
config,
lib,
...
}: {
imports = [ imports = [
./. ./.
inputs.stylix.homeManagerModules.stylix inputs.stylix.homeManagerModules.stylix

9
home/stylix.nix
View File

@ -1,6 +1,11 @@
{ pkgs, lib, config, inputs, ... }@args:
{ {
imports = [ ]; pkgs,
lib,
config,
inputs,
...
} @ args: {
imports = [];
config = { config = {
stylix = lib.mkMerge [ stylix = lib.mkMerge [
{ {

12
hosts/nixos-wsl/configuration.nix
View File

@ -1,5 +1,10 @@
{ pkgs, config, lib, vars, ... }:
{ {
pkgs,
config,
lib,
vars,
...
}: {
config = { config = {
networking.hostName = "nixos-wsl"; networking.hostName = "nixos-wsl";
@ -26,7 +31,7 @@
RemainAfterExit = true; RemainAfterExit = true;
}; };
description = "WSL startup workaround"; description = "WSL startup workaround";
wantedBy = [ "default.target" ]; wantedBy = ["default.target"];
}; };
}; };
@ -42,10 +47,9 @@
noto-fonts-cjk-sans noto-fonts-cjk-sans
]; ];
fileSystems."/mnt/wsl/instances/NixOS" = { fileSystems."/mnt/wsl/instances/NixOS" = {
device = "/"; device = "/";
options = [ "bind" ]; options = ["bind"];
}; };
# standard disclaimer don't change this for any reason whatsoever # standard disclaimer don't change this for any reason whatsoever

7
hosts/nixos-wsl/home.nix
View File

@ -1,5 +1,10 @@
{ pkgs, lib, config, osConfig ? {}, ... }:
{ {
pkgs,
lib,
config,
osConfig ? {},
...
}: {
config = { config = {
nixfiles = { nixfiles = {
profile.base.enable = true; profile.base.enable = true;

15
hosts/nullbox/backup.nix
View File

@ -1,20 +1,22 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
inherit (lib) escapeShellArg; inherit (lib) escapeShellArg;
secret = name: config.age.secrets."${name}".path; secret = name: config.age.secrets."${name}".path;
fs = config.fileSystems."/srv/mcserver"; fs = config.fileSystems."/srv/mcserver";
in in {
{
config = { config = {
age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age; age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age;
age.secrets.restic-password.file = ../../secrets/restic-password.age; age.secrets.restic-password.file = ../../secrets/restic-password.age;
systemd.services.restic-backups-system = { systemd.services.restic-backups-system = {
path = with pkgs; [ btrfs-progs ]; path = with pkgs; [btrfs-progs];
}; };
services.restic.backups.system = { services.restic.backups.system = {
# create an atomic backup # create an atomic backup
backupPrepareCommand = '' backupPrepareCommand = ''
set -Eeuxo pipefail set -Eeuxo pipefail
@ -47,7 +49,6 @@ in
"--tag=auto" "--tag=auto"
"--group-by=host,tag" "--group-by=host,tag"
]; ];
}; };
}; };
} }

32
hosts/nullbox/configuration.nix
View File

@ -2,13 +2,15 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, lib, pkgs, inputs, ... }:
{ {
config,
imports = lib,
[ # Include the results of the hardware scan. pkgs,
inputs,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
# Encryption # Encryption
./luks.nix ./luks.nix
@ -20,32 +22,30 @@
]; ];
config = { config = {
fileSystems = lib.mkMerge [ fileSystems = lib.mkMerge [
{ {
"/ntfs" = { "/ntfs" = {
fsType = "ntfs-3g"; fsType = "ntfs-3g";
device = "/dev/disk/by-uuid/6AC23F0FC23EDF4F"; device = "/dev/disk/by-uuid/6AC23F0FC23EDF4F";
options = [ "auto_cache" "nofail" ]; options = ["auto_cache" "nofail"];
}; };
"/.btrfsroot" = { "/.btrfsroot" = {
options = [ "subvol=/" ]; options = ["subvol=/"];
}; };
} }
(lib.genAttrs [ "/.btrfsroot" "/" "/home" "/nix" ] ( fs: { (lib.genAttrs ["/.btrfsroot" "/" "/home" "/nix"] (fs: {
options = [ "compress=zstd" ]; options = ["compress=zstd"];
})) }))
]; ];
specialisation.hyprland.configuration = { specialisation.hyprland.configuration = {
system.nixos.tags = [ "Hyprland" ]; system.nixos.tags = ["Hyprland"];
nixfiles = { nixfiles = {
session = "hyprland"; session = "hyprland";
}; };
}; };
hardware.cpu.intel.updateMicrocode = true; hardware.cpu.intel.updateMicrocode = true;
services.udev.extraRules = '' services.udev.extraRules = ''
@ -62,7 +62,7 @@
workarounds.nvidiaPrimary = true; workarounds.nvidiaPrimary = true;
programs.greetd = { programs.greetd = {
settings = { settings = {
randr = [ "--output" "HDMI-A-3" "--off" ]; randr = ["--output" "HDMI-A-3" "--off"];
autologin = false; autologin = false;
autologinUser = "nullbite"; autologinUser = "nullbite";
autolock = false; autolock = false;
@ -118,7 +118,6 @@
# boot.loader.efi.canTouchEfiVariables = true; # boot.loader.efi.canTouchEfiVariables = true;
# see custom-hardware-configuration.nix # see custom-hardware-configuration.nix
# networking.hostName = "nixos"; # Define your hostname. # networking.hostName = "nixos"; # Define your hostname.
networking.hostName = "nullbox"; networking.hostName = "nullbox";
# Pick only one of the below networking options. # Pick only one of the below networking options.
@ -128,7 +127,6 @@
# Set your time zone. # Set your time zone.
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
# Copy the NixOS configuration file and link it from the resulting system # Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you # (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix. # accidentally delete configuration.nix.
@ -142,6 +140,4 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?
}; };
} }

74
hosts/nullbox/hardware-configuration.nix
View File

@ -1,72 +1,76 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@root" ]; options = ["subvol=nixos/@root"];
}; };
fileSystems."/nix" = fileSystems."/nix" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@nix" ]; options = ["subvol=nixos/@nix"];
}; };
fileSystems."/.btrfsroot" = fileSystems."/.btrfsroot" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
}; };
fileSystems."/home" = fileSystems."/home" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = ["subvol=@home"];
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/F4D6-20B6"; device = "/dev/disk/by-uuid/F4D6-20B6";
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/srv/mcserver-old" = fileSystems."/srv/mcserver-old" = {
{ device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c"; device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@mcserver" ]; options = ["subvol=@mcserver"];
}; };
fileSystems."/srv/mcserver-old/.snapshots" = fileSystems."/srv/mcserver-old/.snapshots" = {
{ device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c"; device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=snapshots/@mcserver" ]; options = ["subvol=snapshots/@mcserver"];
}; };
fileSystems."/srv/mcserver" = fileSystems."/srv/mcserver" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@mcserver" ]; options = ["subvol=@mcserver"];
}; };
fileSystems."/srv/mcserver/.snapshots" = fileSystems."/srv/mcserver/.snapshots" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=snapshots/@mcserver" ]; options = ["subvol=snapshots/@mcserver"];
}; };
swapDevices = swapDevices = [
[ { device = "/dev/disk/by-uuid/4b86cbd6-6fc5-47d4-9d44-35eec59cb785"; } {device = "/dev/disk/by-uuid/4b86cbd6-6fc5-47d4-9d44-35eec59cb785";}
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

6
hosts/nullbox/home.nix
View File

@ -1,5 +1,9 @@
{ lib, pkgs, osConfig, ... }:
{ {
lib,
pkgs,
osConfig,
...
}: {
imports = [ imports = [
]; ];

57
hosts/nullbox/impermanence.nix
View File

@ -1,11 +1,16 @@
{ pkgs, config, lib, ... }: {
let pkgs,
config,
lib,
...
}: let
inherit (lib) escapeShellArg; inherit (lib) escapeShellArg;
# (wip) more configurable than old one, will be used by volatile btrfs module # (wip) more configurable than old one, will be used by volatile btrfs module
mkBtrfsInit = { volatileRoot ? "/volatile", mkBtrfsInit = {
volatileRoot ? "/volatile",
oldRoots ? "/old_roots", oldRoots ? "/old_roots",
volume }: volume,
'' }: ''
mkdir -p /btrfs_tmp mkdir -p /btrfs_tmp
mount ${escapeShellArg volume} /btrfs_tmp -o subvol=/ mount ${escapeShellArg volume} /btrfs_tmp -o subvol=/
@ -34,7 +39,7 @@ in {
neededForBoot = true; neededForBoot = true;
device = root_vol; device = root_vol;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/nixos/@persist" ]; options = ["subvol=/nixos/@persist"];
}; };
# TODO volatile btrfs module # TODO volatile btrfs module
@ -47,7 +52,7 @@ in {
fileSystems."/" = lib.mkForce { fileSystems."/" = lib.mkForce {
device = root_vol; device = root_vol;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/nixos/volatile" ]; options = ["subvol=/nixos/volatile"];
}; };
# agenix fix # agenix fix
@ -74,15 +79,24 @@ in {
# probably NEVER be excluded removed. # probably NEVER be excluded removed.
"/var/lib/nixos/" "/var/lib/nixos/"
# password files for user.user.<name>.hashedPasswordFile # password files for user.user.<name>.hashedPasswordFile
{ directory = "/etc/passfile"; mode = "0700"; } {
directory = "/etc/passfile";
mode = "0700";
}
# persistent non-declarative config # persistent non-declarative config
"/etc/nixos" "/etc/nixos"
"/etc/ssh" "/etc/ssh"
{ directory = "/etc/wireguard"; mode = "0700"; } {
directory = "/etc/wireguard";
mode = "0700";
}
# let's keep the root home dir as well # let's keep the root home dir as well
{ directory = "/root"; mode = "0700"; } {
directory = "/root";
mode = "0700";
}
# system state # system state
"/etc/NetworkManager/system-connections" "/etc/NetworkManager/system-connections"
@ -93,14 +107,29 @@ in {
"/var/lib/power-profiles-daemon" "/var/lib/power-profiles-daemon"
"/var/lib/systemd/rfkill" "/var/lib/systemd/rfkill"
"/var/lib/systemd/timesync" "/var/lib/systemd/timesync"
{ directory = "/var/lib/tailscale"; mode = "0700"; } {
directory = "/var/lib/tailscale";
mode = "0700";
}
"/var/lib/unbound" "/var/lib/unbound"
"/var/db/sudo/lectured" "/var/db/sudo/lectured"
# remember login stuff # remember login stuff
{ directory = "/var/cache/tuigreet"; user = "greeter"; group = "greeter"; } {
{ directory = "/var/cache/regreet"; user = "greeter"; group = "greeter"; } directory = "/var/cache/tuigreet";
{ directory = "/var/lib/regreet"; user = "greeter"; group = "greeter"; } user = "greeter";
group = "greeter";
}
{
directory = "/var/cache/regreet";
user = "greeter";
group = "greeter";
}
{
directory = "/var/lib/regreet";
user = "greeter";
group = "greeter";
}
]; ];
files = [ files = [

13
hosts/nullbox/luks.nix
View File

@ -1,8 +1,11 @@
{ pkgs, config, lib, ... }:
let
usb = "903D-DF5B";
in
{ {
pkgs,
config,
lib,
...
}: let
usb = "903D-DF5B";
in {
config = { config = {
# cryptsetup # cryptsetup
boot.initrd.kernelModules = ["uas" "usbcore" "usb_storage"]; boot.initrd.kernelModules = ["uas" "usbcore" "usb_storage"];
@ -16,7 +19,7 @@ in
mount -n -t vfat -o ro `findfs UUID=${usb}` /key mount -n -t vfat -o ro `findfs UUID=${usb}` /key
''; '';
device="/dev/disk/by-uuid/85b5f22e-0fa5-4f0d-8fba-f800a0b41671"; device = "/dev/disk/by-uuid/85b5f22e-0fa5-4f0d-8fba-f800a0b41671";
keyFile = "/key/image.png"; # yes it's literally an image file. bite me keyFile = "/key/image.png"; # yes it's literally an image file. bite me
allowDiscards = true; allowDiscards = true;
fallbackToPassword = true; fallbackToPassword = true;

37
hosts/nullbox/mcserver.nix
View File

@ -1,18 +1,21 @@
{ pkgs, lib, config, ... }:
let
cfg = config.services.minecraft-servers;
in
{ {
pkgs,
lib,
config,
...
}: let
cfg = config.services.minecraft-servers;
in {
config = { config = {
fileSystems = { fileSystems = {
"/srv/mcserver".options = [ "compress=zstd" "nofail" ]; "/srv/mcserver".options = ["compress=zstd" "nofail"];
"/srv/mcserver/.snapshots".options = [ "compress=zstd" "nofail" ]; "/srv/mcserver/.snapshots".options = ["compress=zstd" "nofail"];
}; };
networking.firewall.trustedInterfaces = [ "wg0" ]; networking.firewall.trustedInterfaces = ["wg0"];
users = { users = {
users = { users = {
nullbite.extraGroups = [ "minecraft" ]; nullbite.extraGroups = ["minecraft"];
}; };
}; };
@ -45,7 +48,8 @@ in
nulllite-staging = let nulllite-staging = let
commit = "b8c639a"; commit = "b8c639a";
packHash = "sha256-HTDVIkcBf0DyLbSCuU08/HnEQuesi3cmXXhB4y4lyko="; packHash = "sha256-HTDVIkcBf0DyLbSCuU08/HnEQuesi3cmXXhB4y4lyko=";
in pkgs.fetchPackwizModpack { in
pkgs.fetchPackwizModpack {
url = "https://gitea.protogen.io/nullbite/nulllite/raw/commit/${commit}/pack.toml"; url = "https://gitea.protogen.io/nullbite/nulllite/raw/commit/${commit}/pack.toml";
inherit packHash; inherit packHash;
}; };
@ -55,8 +59,8 @@ in
enable = true; enable = true;
autoStart = false; autoStart = false;
modpack = nulllite-staging; modpack = nulllite-staging;
modpackSymlinks = [ "mods" ]; modpackSymlinks = ["mods"];
modpackFiles = [ "config/" ]; modpackFiles = ["config/"];
serverProperties.server-port = 25574; serverProperties.server-port = 25574;
serverProperties.motd = "staging server"; serverProperties.motd = "staging server";
}; };
@ -65,8 +69,8 @@ in
enable = true; enable = true;
autoStart = true; autoStart = true;
modpack = pkgs.modpacks.notlite; modpack = pkgs.modpacks.notlite;
modpackSymlinks = [ "config/yosbr" "config/quilt-loader-overrides.json" "mods" ]; modpackSymlinks = ["config/yosbr" "config/quilt-loader-overrides.json" "mods"];
modpackFiles = [ "kubejs/" ]; modpackFiles = ["kubejs/"];
serverProperties = { serverProperties = {
motd = "owo what's this (nix notlite edition)"; motd = "owo what's this (nix notlite edition)";
server-port = 25567; server-port = 25567;
@ -76,11 +80,10 @@ in
level-seed = "8555431723250870652"; level-seed = "8555431723250870652";
level-type = "bclib:normal"; level-type = "bclib:normal";
}; };
}; };
minecraft-nixtest = let minecraft-nixtest = let
self = cfg.servers.minecraft-nixtest; self = cfg.servers.minecraft-nixtest;
package = pkgs.quiltServers.quilt-1_20_1.override { loaderVersion = "0.21.0"; }; package = pkgs.quiltServers.quilt-1_20_1.override {loaderVersion = "0.21.0";};
in { in {
useRecommendedDefaults = true; useRecommendedDefaults = true;
enable = false; enable = false;
@ -92,8 +95,8 @@ in
NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4"; NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4";
Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12"; Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12";
}; };
modpackSymlinks = [ "mods" ]; modpackSymlinks = ["mods"];
modpackFiles = [ "config/" "kubejs/" ]; modpackFiles = ["config/" "kubejs/"];
serverProperties = rec { serverProperties = rec {
motd = "owo what's this (nix edition)"; motd = "owo what's this (nix edition)";
server-port = 25568; server-port = 25568;

6
hosts/nullbox/unbound.nix
View File

@ -1,5 +1,9 @@
{ pkgs, lib, config, ... }:
{ {
pkgs,
lib,
config,
...
}: {
config = { config = {
networking.networkmanager.dns = "none"; networking.networkmanager.dns = "none";
services.unbound.enable = true; services.unbound.enable = true;

72
hosts/rpi4/authelia.nix
View File

@ -3,10 +3,10 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
inherit (lib) types mkIf optionalString; inherit (lib) types mkIf optionalString;
inherit (builtins) inherit
(builtins)
isNull isNull
any any
all all
@ -20,22 +20,18 @@ let
"regular" "regular"
"basic" "basic"
]; ];
getUpstreamFromInstance = getUpstreamFromInstance = instance: let
instance:
let
inherit (config.services.authelia.instances.${instance}.settings) server; inherit (config.services.authelia.instances.${instance}.settings) server;
port = server.port or 9091; port = server.port or 9091;
host = server.host or "127.0.0.1"; host = server.host or "127.0.0.1";
targetHost = targetHost =
if host == "0.0.0.0" then if host == "0.0.0.0"
"127.0.0.1" then "127.0.0.1"
else if lib.hasInfix ":" host then else if lib.hasInfix ":" host
throw "TODO IPv6 not supported in Authelia server address (hard to parse, can't tell if it is [::])." then throw "TODO IPv6 not supported in Authelia server address (hard to parse, can't tell if it is [::])."
else else host;
host; in "http://${targetHost}:${toString port}";
in
"http://${targetHost}:${toString port}";
# use this when reverse proxying to authelia (and only authelia because i # use this when reverse proxying to authelia (and only authelia because i
# like the nixos recommended proxy settings better) # like the nixos recommended proxy settings better)
@ -116,9 +112,7 @@ let
proxy_set_header X-Forwarded-URI $request_uri; proxy_set_header X-Forwarded-URI $request_uri;
''; '';
genAuthConfig = genAuthConfig = method: let
method:
let
snippet_regular = '' snippet_regular = ''
## Configure the redirection when the authz failure occurs. Lines starting ## Configure the redirection when the authz failure occurs. Lines starting
## with 'Modern Method' and 'Legacy Method' should be commented / ## with 'Modern Method' and 'Legacy Method' should be commented /
@ -134,8 +128,7 @@ let
## redirect to the $redirection_url. ## redirect to the $redirection_url.
error_page 401 =302 $redirection_url; error_page 401 =302 $redirection_url;
''; '';
in in ''
''
## Send a subrequest to Authelia to verify if the user is authenticated and ## Send a subrequest to Authelia to verify if the user is authenticated and
# has permission to access the resource. # has permission to access the resource.
@ -156,22 +149,21 @@ let
${optionalString (method == "regular") snippet_regular} ${optionalString (method == "regular") snippet_regular}
''; '';
genAuthConfigPkg = genAuthConfigPkg = method: pkgs.writeText "authelia-authrequest-${method}.conf" (genAuthConfig method);
method: pkgs.writeText "authelia-authrequest-${method}.conf" (genAuthConfig method); in {
in
{
# authelia # authelia
options.services.nginx = options.services.nginx = let
let mkAttrsOfSubmoduleOpt = module: lib.mkOption {type = with types; attrsOf (submodule module);};
mkAttrsOfSubmoduleOpt = module: lib.mkOption { type = with types; attrsOf (submodule module); };
# make system config accessible from submodules # make system config accessible from submodules
systemConfig = config; systemConfig = config;
# submodule definitions # submodule definitions
vhostModule = vhostModule = {
{ name, config, ... }@attrs: name,
{ config,
...
} @ attrs: {
options = { options = {
locations = mkAttrsOfSubmoduleOpt (genLocationModule attrs); locations = mkAttrsOfSubmoduleOpt (genLocationModule attrs);
authelia = { authelia = {
@ -235,8 +227,7 @@ in
forceSSL = lib.mkIf (!(isNull config.authelia.endpoint.upstream)) true; forceSSL = lib.mkIf (!(isNull config.authelia.endpoint.upstream)) true;
# authelia nginx internal endpoints # authelia nginx internal endpoints
locations = locations = let
let
api = "${config.authelia.upstream}/api/authz/auth-request"; api = "${config.authelia.upstream}/api/authz/auth-request";
in in
lib.mkMerge [ lib.mkMerge [
@ -278,13 +269,13 @@ in
}; };
}; };
genLocationModule = genLocationModule = vhostAttrs: {
vhostAttrs: name,
{ name, config, ... }: config,
let ...
}: let
vhostConfig = vhostAttrs.config; vhostConfig = vhostAttrs.config;
in in {
{
options.authelia.method = lib.mkOption { options.authelia.method = lib.mkOption {
description = '' description = ''
Authelia authentication method to use for this location. Authelia authentication method to use for this location.
@ -308,15 +299,12 @@ in
''; '';
}; };
}; };
in {
in
{
virtualHosts = mkAttrsOfSubmoduleOpt vhostModule; virtualHosts = mkAttrsOfSubmoduleOpt vhostModule;
}; };
# TODO check if any vhosts have authelia configured # TODO check if any vhosts have authelia configured
config = config = let
let
# TODO later, there are only assertions here # TODO later, there are only assertions here
configured = any ( configured = any (
vhost: (!(isNull vhost.authelia.upstream)) || (!(isNull vhost.authelia.endpoint.upstream)) vhost: (!(isNull vhost.authelia.upstream)) || (!(isNull vhost.authelia.endpoint.upstream))

12
hosts/rpi4/backup.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
secret = name: config.age.secrets."${name}".path;
in
{ {
config,
lib,
pkgs,
...
}: let
secret = name: config.age.secrets."${name}".path;
in {
config = { config = {
age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age; age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age;
age.secrets.restic-password.file = ../../secrets/restic-password.age; age.secrets.restic-password.file = ../../secrets/restic-password.age;
@ -38,7 +41,6 @@ in
"--tag=auto" "--tag=auto"
"--group-by=host,tag" "--group-by=host,tag"
]; ];
}; };
}; };
} }

26
hosts/rpi4/configuration.nix
View File

@ -1,12 +1,14 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on # your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
{ {
imports = config,
[ # Include the results of the hardware scan. lib,
pkgs,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./services.nix ./services.nix
@ -24,8 +26,9 @@
"/opt/hassio" "/opt/hassio"
"/opt/hassio/.snapshots" "/opt/hassio/.snapshots"
]; ];
fn = (x: { options = [ "compress=zstd" "commit=300" "noatime" ];}); fn = x: {options = ["compress=zstd" "commit=300" "noatime"];};
in lib.genAttrs mounts fn; in
lib.genAttrs mounts fn;
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default) # Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false; boot.loader.grub.enable = false;
@ -64,7 +67,7 @@
"wg0" "wg0"
"tailscale0" "tailscale0"
]; ];
networking.firewall.allowedUDPPorts = [ 51820 ]; networking.firewall.allowedUDPPorts = [51820];
services.openssh = { services.openssh = {
enable = true; enable = true;
@ -94,9 +97,6 @@
# Enable the X11 windowing system. # Enable the X11 windowing system.
# services.xserver.enable = true; # services.xserver.enable = true;
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.xkb.layout = "us"; # services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape"; # services.xserver.xkb.options = "eurosign:e,caps:escape";
@ -126,7 +126,7 @@
# }; # };
users.users.nullbite = { users.users.nullbite = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; extraGroups = ["wheel"];
uid = 1000; uid = 1000;
}; };
@ -182,6 +182,4 @@
# #
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.11"; # Did you read the comment? system.stateVersion = "24.11"; # Did you read the comment?
} }

45
hosts/rpi4/gitea.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.gitea;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.services.gitea;
in {
config = { config = {
services.gitea = { services.gitea = {
enable = true; enable = true;
@ -32,19 +35,37 @@ in
DEFAULT_THEME = "catppuccin-mocha-pink"; DEFAULT_THEME = "catppuccin-mocha-pink";
THEMES = let THEMES = let
ctpAttrs = { ctpAttrs = {
flavor = [ "latte" "frappe" "macchiato" "mocha" ]; flavor = ["latte" "frappe" "macchiato" "mocha"];
accent = [ "rosewater" "flamingo" "pink" "mauve" accent = [
"red" "maroon" "peach" "yellow" "green" "teal" "rosewater"
"sky" "sapphire" "blue" ]; "flamingo"
"pink"
"mauve"
"red"
"maroon"
"peach"
"yellow"
"green"
"teal"
"sky"
"sapphire"
"blue"
];
}; };
ctpThemes = lib.mapCartesianProduct ctpThemes =
( { flavor, accent }: "catppuccin-${flavor}-${accent}" ) lib.mapCartesianProduct
({
flavor,
accent,
}: "catppuccin-${flavor}-${accent}")
ctpAttrs; ctpAttrs;
in lib.concatStringsSep "," ([ in
lib.concatStringsSep "," ([
"gitea" "gitea"
"arc-green" "arc-green"
"auto" "auto"
] ++ ctpThemes); ]
++ ctpThemes);
}; };
}; };
}; };

78
hosts/rpi4/hardware-configuration.nix
View File

@ -1,74 +1,77 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" ]; boot.initrd.availableKernelModules = ["xhci_pci"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ ]; boot.kernelModules = [];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/.btrfsroot" = fileSystems."/.btrfsroot" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/" ]; options = ["subvol=/"];
}; };
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@" ]; options = ["subvol=nixos/@"];
}; };
fileSystems."/nix" = fileSystems."/nix" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@nix" ]; options = ["subvol=nixos/@nix"];
}; };
fileSystems."/home" = fileSystems."/home" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = ["subvol=@home"];
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/18e0dfd8-78bd-478d-9df8-1c28bc0b55df"; device = "/dev/disk/by-uuid/18e0dfd8-78bd-478d-9df8-1c28bc0b55df";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/srv/syncthing" = fileSystems."/srv/syncthing" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@syncthing" ]; options = ["subvol=/@syncthing"];
}; };
fileSystems."/srv/media" = fileSystems."/srv/media" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@media" ]; options = ["subvol=/@media"];
}; };
fileSystems."/opt/hassio" = fileSystems."/opt/hassio" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@hassio" ]; options = ["subvol=/@hassio"];
}; };
fileSystems."/opt/hassio/.snapshots" = fileSystems."/opt/hassio/.snapshots" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/snapshots/@hassio" ]; options = ["subvol=/snapshots/@hassio"];
}; };
swapDevices = [
swapDevices = {device = "/dev/disk/by-uuid/b8e046b3-28a2-47c5-b305-24be5be42eff";}
[ { device = "/dev/disk/by-uuid/b8e046b3-28a2-47c5-b305-24be5be42eff"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -81,4 +84,3 @@
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
} }

3
hosts/rpi4/home.nix
View File

@ -1,5 +1,4 @@
{ config, ... }: {config, ...}: {
{
config = { config = {
nixfiles.profile.base.enable = true; nixfiles.profile.base.enable = true;
programs.keychain.enable = false; programs.keychain.enable = false;

16
hosts/rpi4/media-sync.nix
View File

@ -1,11 +1,15 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
in { in {
config = { config = {
nixfiles.programs.syncthing.enable = true; nixfiles.programs.syncthing.enable = true;
systemd.timers.gallery-dl = { systemd.timers.gallery-dl = {
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
timerConfig = { timerConfig = {
OnBootSec = "5m"; OnBootSec = "5m";
OnUnitActiveSec = "13"; OnUnitActiveSec = "13";
@ -13,7 +17,7 @@ in {
}; };
}; };
systemd.services.gallery-dl = { systemd.services.gallery-dl = {
path = with pkgs; [ bash coreutils findutils gallery-dl ]; path = with pkgs; [bash coreutils findutils gallery-dl];
serviceConfig = { serviceConfig = {
# none of your fucking business # none of your fucking business
# TODO move this into an agenix secret probably # TODO move this into an agenix secret probably
@ -24,14 +28,14 @@ in {
}; };
systemd.timers.gallery-dl-dedup = { systemd.timers.gallery-dl-dedup = {
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
timerConfig = { timerConfig = {
OnCalendar = "03:00"; OnCalendar = "03:00";
RandomizedDelaySec = "3h"; RandomizedDelaySec = "3h";
}; };
}; };
systemd.services.gallery-dl-dedup = { systemd.services.gallery-dl-dedup = {
path = with pkgs ; [ bash coreutils rmlint ]; path = with pkgs; [bash coreutils rmlint];
serviceConfig = { serviceConfig = {
# likewise # likewise
ExecStart = "/srv/gallery-dl-dedup.sh"; ExecStart = "/srv/gallery-dl-dedup.sh";

116
hosts/rpi4/services.nix
View File

@ -1,15 +1,17 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
inherit (config.age) secrets; inherit (config.age) secrets;
inherit (builtins) toString; inherit (builtins) toString;
in in {
{
imports = [ imports = [
./gitea.nix ./gitea.nix
./authelia.nix ./authelia.nix
]; ];
config = { config = {
age.secrets.cloudflaredns = { age.secrets.cloudflaredns = {
file = ../../secrets/cloudflare-dns.age; file = ../../secrets/cloudflare-dns.age;
group = "secrets"; group = "secrets";
@ -63,7 +65,7 @@ in
}; };
users.groups.secrets = {}; users.groups.secrets = {};
users.users.acme.extraGroups = [ "secrets" ]; users.users.acme.extraGroups = ["secrets"];
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
@ -97,16 +99,18 @@ in
}; };
}; };
users.users.nginx.extraGroups = [ "acme" ]; users.users.nginx.extraGroups = ["acme"];
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
80 443 80
443
# this is needed for node to work for some reason # this is needed for node to work for some reason
8123 8123
]; ];
users.groups.authelia-shared = { }; users.groups.authelia-shared = {};
services.authelia.instances = lib.mapAttrs (inst: opts: { services.authelia.instances =
lib.mapAttrs (inst: opts: {
enable = true; enable = true;
group = "authelia-shared"; group = "authelia-shared";
secrets = { secrets = {
@ -157,7 +161,7 @@ in
users.users."${config.services.authelia.instances.main.user}".extraGroups = let users.users."${config.services.authelia.instances.main.user}".extraGroups = let
name = config.services.redis.servers.authelia.user; name = config.services.redis.servers.authelia.user;
in [ name ]; in [name];
services.nginx = { services.nginx = {
enable = true; enable = true;
@ -171,7 +175,13 @@ in
virtualHosts = let virtualHosts = let
useACMEHost = "protogen.io"; useACMEHost = "protogen.io";
mkProxy = args@{ upstream ? "http://127.0.0.1:${builtins.toString args.port}", auth ? false, authelia ? false, extraConfig ? {}, ... }: mkProxy = args @ {
upstream ? "http://127.0.0.1:${builtins.toString args.port}",
auth ? false,
authelia ? false,
extraConfig ? {},
...
}:
lib.mkMerge [ lib.mkMerge [
{ {
inherit useACMEHost; inherit useACMEHost;
@ -199,14 +209,24 @@ in
# }; # };
# }; # };
mkAuthProxy = port: mkProxy { inherit port; authelia = true; }; mkAuthProxy = port:
mkProxy {
inherit port;
authelia = true;
};
mkReverseProxy = port: mkProxy { inherit port; }; mkReverseProxy = port: mkProxy {inherit port;};
in (lib.mapAttrs (domain: instance: { forceSSL = true; inherit useACMEHost; authelia.endpoint = { inherit instance; };}) { in
(lib.mapAttrs (domain: instance: {
forceSSL = true;
inherit useACMEHost;
authelia.endpoint = {inherit instance;};
}) {
"auth.protogen.io" = "main"; "auth.protogen.io" = "main";
"auth.nbt.sh" = "main"; "auth.nbt.sh" = "main";
"auth.proot.link" = "main"; "auth.proot.link" = "main";
}) // { })
// {
"changedetection.protogen.io" = mkReverseProxy 5000; "changedetection.protogen.io" = mkReverseProxy 5000;
# firefly # firefly
@ -237,7 +257,11 @@ in
"paper.protogen.io" = mkReverseProxy config.services.paperless.port; "paper.protogen.io" = mkReverseProxy config.services.paperless.port;
# octoprint (proxy_addr is 10.10.1.8) # octoprint (proxy_addr is 10.10.1.8)
"print.protogen.io" = lib.mkMerge [ (mkProxy { authelia = true; upstream = "http://10.10.1.8:80"; }) "print.protogen.io" = lib.mkMerge [
(mkProxy {
authelia = true;
upstream = "http://10.10.1.8:80";
})
{ {
locations."/webcam" = { locations."/webcam" = {
proxyPass = "http://10.10.1.8:80$request_uri"; proxyPass = "http://10.10.1.8:80$request_uri";
@ -245,14 +269,19 @@ in
basicAuthFile = config.age.secrets.htpasswd-cam.path; basicAuthFile = config.age.secrets.htpasswd-cam.path;
authelia.method = null; authelia.method = null;
}; };
}]; }
];
# searx auth 8088 (none for /favicon.ico, /autocompleter, /opensearch.xml) # searx auth 8088 (none for /favicon.ico, /autocompleter, /opensearch.xml)
"search.protogen.io".locations."/".return = "302 https://searx.protogen.io$request_uri"; "search.protogen.io".locations."/".return = "302 https://searx.protogen.io$request_uri";
"searx.protogen.io" = let "searx.protogen.io" = let
port = 8088; port = 8088;
in mkProxy { authelia = true; inherit port; extraConfig = { in
locations = lib.genAttrs [ "/favicon.ico" "/autocompleter" "/opensearch.xml" ] (attr: { mkProxy {
authelia = true;
inherit port;
extraConfig = {
locations = lib.genAttrs ["/favicon.ico" "/autocompleter" "/opensearch.xml"] (attr: {
proxyPass = "http://localhost:${builtins.toString port}"; proxyPass = "http://localhost:${builtins.toString port}";
proxyWebsockets = true; proxyWebsockets = true;
authelia.method = null; authelia.method = null;
@ -260,11 +289,19 @@ in
auth_basic off; auth_basic off;
''; '';
}); });
};}; };
};
# URL shortener # URL shortener
"nbt.sh" = mkProxy { port = 8090; extraConfig.serverAliases = [ "proot.link" ]; }; "nbt.sh" = mkProxy {
"admin.nbt.sh" = mkProxy { authelia = true; port = 8091; extraConfig.serverAliases = [ "admin.proot.link" ]; }; port = 8090;
extraConfig.serverAliases = ["proot.link"];
};
"admin.nbt.sh" = mkProxy {
authelia = true;
port = 8091;
extraConfig.serverAliases = ["admin.proot.link"];
};
# uptime # uptime
"uptime.protogen.io" = mkReverseProxy 3001; "uptime.protogen.io" = mkReverseProxy 3001;
@ -302,7 +339,7 @@ in
# main site # main site
"protogen.io" = { "protogen.io" = {
serverAliases = [ "x.protogen.io" ]; serverAliases = ["x.protogen.io"];
useACMEHost = "protogen.io"; useACMEHost = "protogen.io";
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
@ -320,7 +357,7 @@ in
locations."/" = { locations."/" = {
return = "302 https://protogen.io$request_uri"; return = "302 https://protogen.io$request_uri";
}; };
serverAliases = [ "www.nullbite.com" "nullbite.dev" "www.nullbite.dev" "www.protogen.io" "nullbite.xyz" "www.nullbite.xyz" ]; serverAliases = ["www.nullbite.com" "nullbite.dev" "www.nullbite.dev" "www.protogen.io" "nullbite.xyz" "www.nullbite.xyz"];
}; };
# show blank page for unknown hosts # show blank page for unknown hosts
@ -332,16 +369,14 @@ in
return = "404"; return = "404";
}; };
}; };
}; };
}; };
# https://gethomepage.dev # https://gethomepage.dev
services.homepage-dashboard = let services.homepage-dashboard = let
entry = name: value: { "${name}" = value; }; entry = name: value: {"${name}" = value;};
makeBookmark = name: {...}@attrs: entry name [ attrs ]; makeBookmark = name: {...} @ attrs: entry name [attrs];
makeBookmark' = name: icon: abbr: href: makeBookmark name ({ inherit abbr href; } // lib.optionalAttrs (icon != null) { inherit icon; }); makeBookmark' = name: icon: abbr: href: makeBookmark name ({inherit abbr href;} // lib.optionalAttrs (icon != null) {inherit icon;});
in { in {
enable = true; enable = true;
listenPort = 8089; listenPort = 8089;
@ -369,10 +404,12 @@ in
]; ];
services = let services = let
service = name: subdomain: icon: {...}@attrs: entry name ({ service = name: subdomain: icon: {...} @ attrs:
entry name ({
href = "https://${subdomain}.protogen.io"; href = "https://${subdomain}.protogen.io";
inherit icon; inherit icon;
} // attrs); }
// attrs);
basicService = name: subdomain: icon: service name subdomain icon {}; basicService = name: subdomain: icon: service name subdomain icon {};
in [ in [
(entry "unsorted" [ (entry "unsorted" [
@ -389,10 +426,14 @@ in
(basicService "SearXNG" "searx" "searxng") (basicService "SearXNG" "searx" "searxng")
(basicService "TheLounge" "lounge" "thelounge") (basicService "TheLounge" "lounge" "thelounge")
(basicService "Paperless" "paper" "paperless-ngx") (basicService "Paperless" "paper" "paperless-ngx")
(entry "Shlink" { href = "https://admin.nbt.sh"; icon = "shlink"; }) (entry "Shlink" {
href = "https://admin.nbt.sh";
icon = "shlink";
})
(basicService "Create Track Map" "trackmap" "") (basicService "Create Track Map" "trackmap" "")
((x: service x x x { ((x:
service x x x {
widget = { widget = {
}; };
}) "changedetection") }) "changedetection")
@ -443,7 +484,7 @@ in
}; };
# needed for mDNS in Home Assistant # needed for mDNS in Home Assistant
networking.firewall.allowedUDPPorts = [ 5353 ]; networking.firewall.allowedUDPPorts = [5353];
systemd.services.redlib.environment = { systemd.services.redlib.environment = {
REDLIB_DEFAULT_SUBSCRIPTIONS = lib.pipe ./reddit-subscriptions.txt [ REDLIB_DEFAULT_SUBSCRIPTIONS = lib.pipe ./reddit-subscriptions.txt [
@ -488,13 +529,12 @@ in
PAPERLESS_URL = "https://paper.protogen.io"; PAPERLESS_URL = "https://paper.protogen.io";
PAPERLESS_TIKA_ENABLED = true; PAPERLESS_TIKA_ENABLED = true;
PAPERLESS_TIKA_ENDPOINT = "http://localhost:${toString config.services.tika.port}"; PAPERLESS_TIKA_ENDPOINT = "http://localhost:${toString config.services.tika.port}";
PAPERLESS_TIKA_GOTENBERG_ENDPOINT = PAPERLESS_TIKA_GOTENBERG_ENDPOINT = "http://localhost:${toString config.services.gotenberg.port}";
"http://localhost:${toString config.services.gotenberg.port}";
}; };
}; };
users.users."${config.services.paperless.user}".extraGroups = let users.users."${config.services.paperless.user}".extraGroups = let
name = config.services.redis.servers.paperless.group; name = config.services.redis.servers.paperless.group;
in [ name ]; in [name];
services.gotenberg = { services.gotenberg = {
enable = true; enable = true;

48
hosts/slab/configuration.nix
View File

@ -2,12 +2,15 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on # your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, vars, ... }:
{ {
imports = config,
[ # Include the results of the hardware scan. lib,
pkgs,
vars,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
../../system # nixfiles modules ../../system # nixfiles modules
@ -15,7 +18,6 @@
./supergfxd.nix ./supergfxd.nix
]; ];
config = { config = {
# nix.settings.experimental-features = ["nix-command" "flakes" ]; # nix.settings.experimental-features = ["nix-command" "flakes" ];
@ -26,18 +28,24 @@
device = "/dev/disk/by-uuid/028A49020517BEA9"; device = "/dev/disk/by-uuid/028A49020517BEA9";
}; };
"/.btrfsroot" = { "/.btrfsroot" = {
options = [ "subvol=/" ]; options = ["subvol=/"];
}; };
} }
# Lanzaboote workaround (nix-community/lanzaboote#173) # Lanzaboote workaround (nix-community/lanzaboote#173)
(lib.mkIf config.boot.lanzaboote.enable { (lib.mkIf config.boot.lanzaboote.enable {
"/efi/EFI/Linux" = { device = "/boot/EFI/Linux"; options = [ "bind" ]; }; "/efi/EFI/Linux" = {
"/efi/EFI/nixos" = { device = "/boot/EFI/nixos"; options = [ "bind" ]; }; device = "/boot/EFI/Linux";
options = ["bind"];
};
"/efi/EFI/nixos" = {
device = "/boot/EFI/nixos";
options = ["bind"];
};
}) })
(lib.genAttrs [ "/.btrfsroot" "/" "/home" "/nix" ] ( fs: { (lib.genAttrs ["/.btrfsroot" "/" "/home" "/nix"] (fs: {
options = [ "compress=zstd" ]; options = ["compress=zstd"];
})) }))
]; ];
@ -51,7 +59,7 @@
# }; # };
specialisation.hyprland.configuration = { specialisation.hyprland.configuration = {
system.nixos.tags = [ "Hyprland" ]; system.nixos.tags = ["Hyprland"];
nixfiles.session = "hyprland"; nixfiles.session = "hyprland";
}; };
@ -91,21 +99,20 @@
}; };
}; };
networking.hostName = "slab"; networking.hostName = "slab";
boot.initrd.systemd.enable = true; boot.initrd.systemd.enable = true;
boot.plymouth.enable = true; boot.plymouth.enable = true;
boot.kernelParams = [ "quiet" ]; boot.kernelParams = ["quiet"];
# annoying ACPI bug # annoying ACPI bug
boot.consoleLogLevel = 2; boot.consoleLogLevel = 2;
# cryptsetup # cryptsetup
boot.initrd.luks.devices = { boot.initrd.luks.devices = {
lvmroot = { lvmroot = {
device="/dev/disk/by-uuid/2872c0f0-e544-45f0-9b6c-ea022af7805a"; device = "/dev/disk/by-uuid/2872c0f0-e544-45f0-9b6c-ea022af7805a";
allowDiscards = true; allowDiscards = true;
fallbackToPassword = lib.mkIf (!config.boot.initrd.systemd.enable) true; fallbackToPassword = lib.mkIf (!config.boot.initrd.systemd.enable) true;
preLVM = true; preLVM = true;
@ -138,7 +145,7 @@
}; };
# GPS data from my phone # GPS data from my phone
services.gpsd.devices = lib.mkIf config.nixfiles.hardware.gps.enable [ "tcp://pixel.magpie-moth.ts.net:6000" ]; services.gpsd.devices = lib.mkIf config.nixfiles.hardware.gps.enable ["tcp://pixel.magpie-moth.ts.net:6000"];
# systemd power/suspend configuration # systemd power/suspend configuration
systemd.targets = lib.genAttrs ["suspend" "hybrid-sleep" "suspend-then-hibernate"] (_: { systemd.targets = lib.genAttrs ["suspend" "hybrid-sleep" "suspend-then-hibernate"] (_: {
@ -164,7 +171,6 @@
# boot.loader.efi.canTouchEfiVariables = true; # boot.loader.efi.canTouchEfiVariables = true;
# see custom-hardware-configuration.nix # see custom-hardware-configuration.nix
# networking.hostName = "nixos"; # Define your hostname. # networking.hostName = "nixos"; # Define your hostname.
# Pick only one of the below networking options. # Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
@ -195,11 +201,9 @@
# services.xserver.displayManager.sddm.enable = true; # services.xserver.displayManager.sddm.enable = true;
# services.xserver.desktopManager.plasma5.enable = true; # services.xserver.desktopManager.plasma5.enable = true;
# Enable flatpak # Enable flatpak
# services.flatpak.enable = true; # services.flatpak.enable = true;
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.xkb.layout = "us"; # services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape"; # services.xserver.xkb.options = "eurosign:e,caps:escape";
@ -219,7 +223,6 @@
# jack.enable = true; # jack.enable = true;
# }; # };
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
@ -244,7 +247,6 @@
# shell = pkgs.zsh; # shell = pkgs.zsh;
# }; # };
# shell config # shell config
# programs.zsh.enable = true; # programs.zsh.enable = true;
# programs.fzf = { # programs.fzf = {
@ -296,7 +298,7 @@
# }}} # }}}
# Open ports in the firewall. # Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22 ]; networking.firewall.allowedTCPPorts = [22];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
@ -313,7 +315,5 @@
# Before changing this value read the documentation for this option # Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?
}; };
} }

58
hosts/slab/hardware-configuration.nix
View File

@ -1,53 +1,57 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "sdhci_pci" ]; boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "sdhci_pci"];
boot.initrd.kernelModules = [ "dm-snapshot" "amdgpu" ]; boot.initrd.kernelModules = ["dm-snapshot" "amdgpu"];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@" ]; options = ["subvol=nixos/@"];
}; };
fileSystems."/nix" = fileSystems."/nix" = {
{ device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@nix" ]; options = ["subvol=nixos/@nix"];
}; };
fileSystems."/home" = fileSystems."/home" = {
{ device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = ["subvol=@home"];
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/50D3-45F0"; device = "/dev/disk/by-uuid/50D3-45F0";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ]; options = ["fmask=0022" "dmask=0022"];
}; };
fileSystems."/efi" = fileSystems."/efi" = {
{ device = "/dev/disk/by-uuid/4E1B-8BEE"; device = "/dev/disk/by-uuid/4E1B-8BEE";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ]; options = ["fmask=0022" "dmask=0022"];
}; };
swapDevices = swapDevices = [
[ { device = "/dev/disk/by-uuid/9360890a-4050-4326-bf5f-8fa2bdc6744a"; } {device = "/dev/disk/by-uuid/9360890a-4050-4326-bf5f-8fa2bdc6744a";}
]; ];
fileSystems."/.btrfsroot" = fileSystems."/.btrfsroot" = {
{ device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec";
fsType = "btrfs"; fsType = "btrfs";
}; };

13
hosts/slab/home.nix
View File

@ -1,5 +1,10 @@
{ lib, pkgs, osConfig, config, ... }:
{ {
lib,
pkgs,
osConfig,
config,
...
}: {
imports = [ imports = [
../../home ../../home
]; ];
@ -9,7 +14,7 @@
profile.base.enable = true; profile.base.enable = true;
common.wm.keybinds = { common.wm.keybinds = {
Launch1="playerctl play-pause"; # ROG key Launch1 = "playerctl play-pause"; # ROG key
# Launch3="true"; # AURA fn key # Launch3="true"; # AURA fn key
# Launch4="true"; # fan control fn key # Launch4="true"; # fan control fn key
}; };
@ -17,8 +22,8 @@
home.stateVersion = "23.11"; home.stateVersion = "23.11";
# TODO mkif stylix.enable; danth/stylix#216 # TODO mkif stylix.enable; danth/stylix#216
home.pointerCursor = lib.mkIf (config.nixfiles.theming.enable && !config.stylix.enable) { size = 32; }; home.pointerCursor = lib.mkIf (config.nixfiles.theming.enable && !config.stylix.enable) {size = 32;};
stylix.cursor = { size = 32; }; stylix.cursor = {size = 32;};
nixfiles.theming.catppuccin.themeDPI = "hdpi"; nixfiles.theming.catppuccin.themeDPI = "hdpi";

13
hosts/slab/nvidia-optimus.nix
View File

@ -1,11 +1,13 @@
{ config, lib, pkgs, ... }:
{ {
config,
lib,
pkgs,
...
}: {
services.supergfxd.enable = true; services.supergfxd.enable = true;
specialisation = { specialisation = {
nvidia.configuration = { nvidia.configuration = {
system.nixos.tags = [ "NVIDIA" ]; system.nixos.tags = ["NVIDIA"];
nixfiles.supergfxd.profile = "Hybrid"; nixfiles.supergfxd.profile = "Hybrid";
@ -30,7 +32,8 @@
package = let package = let
stable = config.boot.kernelPackages.nvidiaPackages.stable; stable = config.boot.kernelPackages.nvidiaPackages.stable;
version = stable; version = stable;
in version; in
version;
prime = { prime = {
offload = { offload = {

12
hosts/slab/supergfxd.nix
View File

@ -1,5 +1,10 @@
{ pkgs, lib, config, options, ... }@args: {
let pkgs,
lib,
config,
options,
...
} @ args: let
gfx = { gfx = {
Integrated = { Integrated = {
supergfxd = pkgs.writeText "supergfxd-integrated" '' supergfxd = pkgs.writeText "supergfxd-integrated" ''
@ -69,7 +74,8 @@ let
isKeyInAttrset = let isKeyInAttrset = let
getKeys = attrset: lib.mapAttrsToList (name: _: name) attrset; getKeys = attrset: lib.mapAttrsToList (name: _: name) attrset;
isInList = key: list: lib.any (x: x == key) list; isInList = key: list: lib.any (x: x == key) list;
in key: attrset: isInList key (getKeys attrset); in
key: attrset: isInList key (getKeys attrset);
inherit (lib) mkIf mkOption types; inherit (lib) mkIf mkOption types;
in { in {

38
lib/nixfiles/minecraft.nix
View File

@ -1,14 +1,19 @@
{ pkgs, ... }: {pkgs, ...}: let
let
inherit (pkgs) lib; inherit (pkgs) lib;
in in {
{ mkServer = {
mkServer = { modpack ? null, modpackSymlinks ? [], modpackFiles ? [], jvmOpts ? null, ...}@opts: let modpack ? null,
modpackSymlinks ? [],
modpackFiles ? [],
jvmOpts ? null,
...
} @ opts: let
# log4j exploit is bad and scary and i have no idea if this is still needed # log4j exploit is bad and scary and i have no idea if this is still needed
# but it's best to be on the safe side # but it's best to be on the safe side
jvmOptsPatched = let jvmOptsPatched = let
requiredJvmOpts = "-Dlog4j2.formatMsgNoLookups=true"; requiredJvmOpts = "-Dlog4j2.formatMsgNoLookups=true";
in if (!(builtins.isNull jvmOpts)) in
if (!(builtins.isNull jvmOpts))
then requiredJvmOpts + " " + jvmOpts then requiredJvmOpts + " " + jvmOpts
else requiredJvmOpts; else requiredJvmOpts;
@ -17,14 +22,21 @@ in
serverPackage = let serverPackage = let
mcVersion = modpack.manifest.versions.minecraft; mcVersion = modpack.manifest.versions.minecraft;
fixedVersion = lib.replaceStrings [ "." ] [ "_" ] mcVersion; fixedVersion = lib.replaceStrings ["."] ["_"] mcVersion;
quiltVersion = modpack.manifest.versions.quilt or null; quiltVersion = modpack.manifest.versions.quilt or null;
fabricVersion = modpack.manifest.versions.fabric or null; fabricVersion = modpack.manifest.versions.fabric or null;
loader = if (!(builtins.isNull quiltVersion)) then "quilt" else "fabric"; loader =
loaderVersion = if loader == "quilt" then quiltVersion else fabricVersion; if (!(builtins.isNull quiltVersion))
in pkgs.minecraftServers."${loader}-${fixedVersion}".override { inherit loaderVersion; }; then "quilt"
else "fabric";
in lib.mkMerge [ loaderVersion =
if loader == "quilt"
then quiltVersion
else fabricVersion;
in
pkgs.minecraftServers."${loader}-${fixedVersion}".override {inherit loaderVersion;};
in
lib.mkMerge [
(lib.mkIf (!(builtins.isNull modpack)) { (lib.mkIf (!(builtins.isNull modpack)) {
inherit symlinks files; inherit symlinks files;
package = lib.mkDefault serverPackage; package = lib.mkDefault serverPackage;
@ -62,6 +74,6 @@ in
difficulty = lib.mkDefault "hard"; difficulty = lib.mkDefault "hard";
}; };
} }
(builtins.removeAttrs opts [ "modpack" "modpackSymlinks" "modpackFiles" "jvmOpts" ]) (builtins.removeAttrs opts ["modpack" "modpackSymlinks" "modpackFiles" "jvmOpts"])
]; ];
} }

3
modules/home-manager/default.nix
View File

@ -1,2 +1 @@
_: _: {}
{}

3
modules/nixos/default.nix
View File

@ -1,3 +1,2 @@
{...}@moduleInputs: {...} @ moduleInputs: {
{
} }

3
overlays/default.nix
View File

@ -12,7 +12,8 @@ in {
./modpacks.nix ./modpacks.nix
]; ];
config.flake.overlays = { config.flake.overlays = {
default = with cfg; composeManyExtensions [ default = with cfg;
composeManyExtensions [
backports backports
mitigations mitigations
]; ];

18
pkgs/apps.nix
View File

@ -1,9 +1,15 @@
{ packages, system, ... }:
let _packages = packages; in
let
packages = _packages.${system};
mkApp = program: { type = "app"; inherit program; };
in
{ {
packages,
system,
...
}: let
_packages = packages;
in let
packages = _packages.${system};
mkApp = program: {
type = "app";
inherit program;
};
in {
keysetting = mkApp "${packages.wm-helpers}/bin/keysetting"; keysetting = mkApp "${packages.wm-helpers}/bin/keysetting";
} }

15
pkgs/atool-wrapped/default.nix
View File

@ -1,4 +1,5 @@
{ lib, {
lib,
atool, atool,
makeBinaryWrapper, makeBinaryWrapper,
stdenvNoCC, stdenvNoCC,
@ -14,14 +15,14 @@
p7zip, p7zip,
unrar, unrar,
lha, lha,
unfree ? false }: unfree ? false,
let }: let
wrappedPath = lib.makeBinPath ([lzip plzip lzop xz zip unzip arj rpm cpio p7zip] ++ lib.optionals unfree [unrar lha]); wrappedPath = lib.makeBinPath ([lzip plzip lzop xz zip unzip arj rpm cpio p7zip] ++ lib.optionals unfree [unrar lha]);
in in
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
name = "atool-wrapped"; name = "atool-wrapped";
phases = [ "installPhase" ]; phases = ["installPhase"];
nativeBuildInputs = [ makeBinaryWrapper ]; nativeBuildInputs = [makeBinaryWrapper];
src = ./.; src = ./.;
installPhase = '' installPhase = ''
# symlinking them doesn't work for some reason so i have to build multiple # symlinking them doesn't work for some reason so i have to build multiple
@ -34,4 +35,4 @@ stdenvNoCC.mkDerivation {
mkdir -p "$out/share" mkdir -p "$out/share"
ln -s "${atool}/share/man" "$out/share/man" ln -s "${atool}/share/man" "$out/share/man"
''; '';
} }

7
pkgs/cofi/shell.nix
View File

@ -1,10 +1,9 @@
{ pkgs ? import <nixpkgs> {} }: {pkgs ? import <nixpkgs> {}}: let
let
rofi-dmenu-wrapped = pkgs.writeShellScript "rofi-dmenu" '' rofi-dmenu-wrapped = pkgs.writeShellScript "rofi-dmenu" ''
exec "${pkgs.rofi-wayland}/bin/rofi" -dmenu "$@" exec "${pkgs.rofi-wayland}/bin/rofi" -dmenu "$@"
''; '';
in in
pkgs.mkShell { pkgs.mkShell {
shellHook = '' shellHook = ''
export COMMA_PICKER="${rofi-dmenu-wrapped}" export COMMA_PICKER="${rofi-dmenu-wrapped}"
''; '';
@ -13,4 +12,4 @@ pkgs.mkShell {
libnotify libnotify
comma comma
]; ];
} }

7
pkgs/cross-seed/default.nix
View File

@ -1,5 +1,8 @@
{ lib, buildNpmPackage, fetchFromGitHub }: {
lib,
buildNpmPackage,
fetchFromGitHub,
}:
buildNpmPackage rec { buildNpmPackage rec {
pname = "cross-seed"; pname = "cross-seed";
version = "6.11.0"; version = "6.11.0";

20
pkgs/default.nix
View File

@ -1,17 +1,15 @@
{ pkgs, ... }: {pkgs, ...}: let
let
inherit (pkgs) callPackage callPackages; inherit (pkgs) callPackage callPackages;
mopidyPackages = callPackages ./mopidy { mopidyPackages = callPackages ./mopidy {
python = pkgs.python3; python = pkgs.python3;
}; };
in in {
{ inherit (mopidyPackages) mopidy-autoplay;
inherit (mopidyPackages) mopidy-autoplay ; google-fonts = callPackage ./google-fonts {};
google-fonts = callPackage ./google-fonts { }; wm-helpers = callPackage ./wm-helpers {};
wm-helpers = callPackage ./wm-helpers { }; atool = callPackage ./atool-wrapped {};
atool = callPackage ./atool-wrapped { }; nixfiles-assets = callPackage ./nixfiles-assets {};
nixfiles-assets = callPackage ./nixfiles-assets { }; redlib = callPackage ./redlib {};
redlib = callPackage ./redlib { }; cross-seed = callPackage ./cross-seed {};
cross-seed = callPackage ./cross-seed { };
} }

32
pkgs/google-fonts/default.nix
View File

@ -1,9 +1,9 @@
{ lib {
, stdenvNoCC lib,
, fetchFromGitHub stdenvNoCC,
, fonts ? [] fetchFromGitHub,
fonts ? [],
}: }:
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
pname = "google-fonts"; pname = "google-fonts";
version = "unstable-2023-10-20"; version = "unstable-2023-10-20";
@ -11,7 +11,7 @@ stdenvNoCC.mkDerivation {
# Adobe Blank is split out in a separate output, # Adobe Blank is split out in a separate output,
# because it causes crashes with `libfontconfig`. # because it causes crashes with `libfontconfig`.
# It has an absurd number of symbols # It has an absurd number of symbols
outputs = [ "out" "adobeBlank" ]; outputs = ["out" "adobeBlank"];
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "google"; owner = "google";
@ -45,26 +45,32 @@ stdenvNoCC.mkDerivation {
# FamilyName.ttf. This installs all fonts if fonts is empty and otherwise # FamilyName.ttf. This installs all fonts if fonts is empty and otherwise
# only the specified fonts by FamilyName. # only the specified fonts by FamilyName.
fonts = map (font: builtins.replaceStrings [" "] [""] font) fonts; fonts = map (font: builtins.replaceStrings [" "] [""] font) fonts;
installPhase = '' installPhase =
''
adobeBlankDest=$adobeBlank/share/fonts/truetype adobeBlankDest=$adobeBlank/share/fonts/truetype
install -m 444 -Dt $adobeBlankDest ofl/adobeblank/AdobeBlank-Regular.ttf install -m 444 -Dt $adobeBlankDest ofl/adobeblank/AdobeBlank-Regular.ttf
rm -r ofl/adobeblank rm -r ofl/adobeblank
dest=$out/share/fonts/truetype dest=$out/share/fonts/truetype
'' + (if fonts == [] then '' ''
+ (
if fonts == []
then ''
find . -name '*.ttf' -exec install -m 444 -Dt $dest '{}' + find . -name '*.ttf' -exec install -m 444 -Dt $dest '{}' +
'' else '' ''
else ''
for font in $fonts; do for font in $fonts; do
find . \( -name "$font-*.ttf" -o -name "$font[*.ttf" -o -name "$font.ttf" \) -exec install -m 444 -Dt $dest '{}' + find . \( -name "$font-*.ttf" -o -name "$font[*.ttf" -o -name "$font.ttf" \) -exec install -m 444 -Dt $dest '{}' +
done done
''); ''
);
meta = with lib; { meta = with lib; {
homepage = "https://fonts.google.com"; homepage = "https://fonts.google.com";
description = "Font files available from Google Fonts"; description = "Font files available from Google Fonts";
license = with licenses; [ asl20 ofl ufl ]; license = with licenses; [asl20 ofl ufl];
platforms = platforms.all; platforms = platforms.all;
hydraPlatforms = []; hydraPlatforms = [];
maintainers = with maintainers; [ manveru ]; maintainers = with maintainers; [manveru];
sourceProvenance = [ sourceTypes.binaryBytecode ]; sourceProvenance = [sourceTypes.binaryBytecode];
}; };
} }

9
pkgs/lucem/update.nix
View File

@ -1,9 +1,11 @@
{ nixpkgs ? <nixpkgs>, pkgs ? (import nixpkgs) { } }: {
let nixpkgs ? <nixpkgs>,
pkgs ? (import nixpkgs) {},
}: let
inherit (pkgs) callPackage fetchFromSourcehut fetchFromGitHub lib; inherit (pkgs) callPackage fetchFromSourcehut fetchFromGitHub lib;
inherit (lib) escapeShellArg; inherit (lib) escapeShellArg;
lucem = pkgs.callPackage ./. { }; lucem = pkgs.callPackage ./. {};
nim_lk_patched = pkgs.nim_lk.overrideAttrs (final: prev: { nim_lk_patched = pkgs.nim_lk.overrideAttrs (final: prev: {
src = pkgs.fetchFromSourcehut { src = pkgs.fetchFromSourcehut {
@ -16,7 +18,6 @@ let
./nim_lk-rev-order-fix.patch ./nim_lk-rev-order-fix.patch
]; ];
}); });
in in
pkgs.stdenvNoCC.mkDerivation { pkgs.stdenvNoCC.mkDerivation {
name = "lucem-lock.json"; name = "lucem-lock.json";

12
pkgs/mopidy/autoplay.nix
View File

@ -1,5 +1,9 @@
{ lib, python3Packages, fetchPypi, mopidy }: {
lib,
python3Packages,
fetchPypi,
mopidy,
}:
# based on mopidy/jellyfin.nix # based on mopidy/jellyfin.nix
python3Packages.buildPythonApplication rec { python3Packages.buildPythonApplication rec {
pname = "mopidy-autoplay"; pname = "mopidy-autoplay";
@ -11,11 +15,11 @@ python3Packages.buildPythonApplication rec {
sha256 = "sha256-E2Q+Cn2LWSbfoT/gFzUfChwl67Mv17uKmX2woFz/3YM="; sha256 = "sha256-E2Q+Cn2LWSbfoT/gFzUfChwl67Mv17uKmX2woFz/3YM=";
}; };
propagatedBuildInputs = [ mopidy ]; propagatedBuildInputs = [mopidy];
# no tests implemented # no tests implemented
doCheck = false; doCheck = false;
pythonImportsCheck = [ "mopidy_autoplay" ]; pythonImportsCheck = ["mopidy_autoplay"];
meta = with lib; { meta = with lib; {
homepage = "https://codeberg.org/sph/mopidy-autoplay"; homepage = "https://codeberg.org/sph/mopidy-autoplay";

14
pkgs/mopidy/default.nix
View File

@ -1,10 +1,14 @@
{ lib, newScope, python }: {
lib,
newScope,
python,
}:
# i have no idea what this is but there's some conflict if i don't do this # i have no idea what this is but there's some conflict if i don't do this
# based on https://github.com/NixOS/nixpkgs/blob/77f0d2095a8271fdb6e0d08c90a7d93631fd2748/pkgs/applications/audio/mopidy/default.nix # based on https://github.com/NixOS/nixpkgs/blob/77f0d2095a8271fdb6e0d08c90a7d93631fd2748/pkgs/applications/audio/mopidy/default.nix
lib.makeScope newScope (self: with self; { lib.makeScope newScope (self:
with self; {
inherit python; inherit python;
pythonPackages = python.pkgs; pythonPackages = python.pkgs;
mopidy-autoplay = callPackage ./autoplay.nix { }; mopidy-autoplay = callPackage ./autoplay.nix {};
}) })

13
pkgs/nixfiles-assets/default.nix
View File

@ -1,5 +1,8 @@
{ lib, stdenvNoCC, fetchFromGitea }: {
let lib,
stdenvNoCC,
fetchFromGitea,
}: let
src = fetchFromGitea { src = fetchFromGitea {
domain = "gitea.protogen.io"; domain = "gitea.protogen.io";
owner = "nullbite"; owner = "nullbite";
@ -10,11 +13,11 @@ let
fetchLFS = true; fetchLFS = true;
}; };
in in
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
pname = "nixfiles-assets"; pname = "nixfiles-assets";
version = src.rev; version = src.rev;
inherit src; inherit src;
phases = [ "installPhase" ]; phases = ["installPhase"];
installPhase = '' installPhase = ''
cd $src cd $src
pwd pwd
@ -22,4 +25,4 @@ stdenvNoCC.mkDerivation {
mkdir -p $out/share/ mkdir -p $out/share/
cp -a wallpapers $out/share/ cp -a wallpapers $out/share/
''; '';
} }

23
pkgs/redlib/default.nix
View File

@ -1,11 +1,12 @@
{ lib {
, stdenv lib,
, cacert stdenv,
, nixosTests cacert,
, rustPlatform nixosTests,
, fetchFromGitHub rustPlatform,
, darwin fetchFromGitHub,
, nix-update-script darwin,
nix-update-script,
}: }:
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "redlib"; pname = "redlib";
@ -58,7 +59,7 @@ rustPlatform.buildRustPackage rec {
env = { env = {
SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
GIT_HASH=src.rev; GIT_HASH = src.rev;
}; };
doCheck = false; doCheck = false;
@ -67,7 +68,7 @@ rustPlatform.buildRustPackage rec {
inherit (nixosTests) redlib; inherit (nixosTests) redlib;
}; };
passthru.updateScript = nix-update-script { extraArgs = [ "--version=branch=main" ]; }; passthru.updateScript = nix-update-script {extraArgs = ["--version=branch=main"];};
meta = { meta = {
changelog = "https://github.com/redlib-org/redlib/releases/tag/v${version}"; changelog = "https://github.com/redlib-org/redlib/releases/tag/v${version}";
@ -75,6 +76,6 @@ rustPlatform.buildRustPackage rec {
homepage = "https://github.com/redlib-org/redlib"; homepage = "https://github.com/redlib-org/redlib";
license = lib.licenses.agpl3Only; license = lib.licenses.agpl3Only;
mainProgram = "redlib"; mainProgram = "redlib";
maintainers = with lib.maintainers; [ soispha ]; maintainers = with lib.maintainers; [soispha];
}; };
} }

16
pkgs/wm-helpers/default.nix
View File

@ -1,6 +1,12 @@
{ pkgs, lib, cap-volume ? true, unmute ? true, ...}: {
let pkgs,
keysetting = pkgs.writeShellScriptBin "keysetting" lib,
cap-volume ? true,
unmute ? true,
...
}: let
keysetting =
pkgs.writeShellScriptBin "keysetting"
'' ''
wpctl=${pkgs.wireplumber}/bin/wpctl wpctl=${pkgs.wireplumber}/bin/wpctl
notify_send=${pkgs.libnotify}/bin/notify-send notify_send=${pkgs.libnotify}/bin/notify-send
@ -73,7 +79,7 @@ let
esac esac
''; '';
in in
pkgs.symlinkJoin { pkgs.symlinkJoin {
name = "wm-helpers"; name = "wm-helpers";
paths = keysetting; paths = keysetting;
} }

30
secrets/secrets.nix
View File

@ -12,22 +12,20 @@ let
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0enlNbo1V5q0yq6n90gRPsNznoQ/KLEjeo1yOAUyJwPi35cw+b3p4DRN7T55DcSivKKE9Hyh6bpaQWFJSLyP5jAtDrYkuUfNx5GkgrquMwMvwzk3Z+h2/J/WgDyKQZXtm9LHYTgiW8jDU1lBiks39IqCAGrCTLAmAHSaJ39A4ZpJwu6zZ9sQqT22E/UpFm5MBezdZbm8V0G+beX+y3+pp8Kag7goGNY+rgTgx7REDz3jzZz3FBP+CxKoo1H8HHz78RDqBb8HKpVQYNQkwvIBeczKawRHIkJO2Mk+1mc6Ta6beA9+Uyf+puxco2xl6BOnDInvnhWJIRXOJuR5P8/YWprE1o4ixF2N95D2GlJ618V7faEovu/sNj8qIvfA66OF1gG+LOfNAl+u2+3V8ewATF493F0q04zhenoH1ZdrsACJfL8tK9Ev9056ImR6aSJ5BjqCk0tMmnLKTZ7q3R2LoKnB1r/TXe10OH7rx5BDAt4OmD8a5QS0RvVgK3O/iMW0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0enlNbo1V5q0yq6n90gRPsNznoQ/KLEjeo1yOAUyJwPi35cw+b3p4DRN7T55DcSivKKE9Hyh6bpaQWFJSLyP5jAtDrYkuUfNx5GkgrquMwMvwzk3Z+h2/J/WgDyKQZXtm9LHYTgiW8jDU1lBiks39IqCAGrCTLAmAHSaJ39A4ZpJwu6zZ9sQqT22E/UpFm5MBezdZbm8V0G+beX+y3+pp8Kag7goGNY+rgTgx7REDz3jzZz3FBP+CxKoo1H8HHz78RDqBb8HKpVQYNQkwvIBeczKawRHIkJO2Mk+1mc6Ta6beA9+Uyf+puxco2xl6BOnDInvnhWJIRXOJuR5P8/YWprE1o4ixF2N95D2GlJ618V7faEovu/sNj8qIvfA66OF1gG+LOfNAl+u2+3V8ewATF493F0q04zhenoH1ZdrsACJfL8tK9Ev9056ImR6aSJ5BjqCk0tMmnLKTZ7q3R2LoKnB1r/TXe10OH7rx5BDAt4OmD8a5QS0RvVgK3O/iMW0="
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSAD3bCc9ZHGqU+HoCtp69uU3Px5bbVYYrHbLS3AS1Xku9rPKE/oUU/fz8/AZxp6dLuKhPjQjLzgbFjM0rK57fiOPqBnlw3eAiIymrlB03ALLV3y+GF2OhVf2rkcPkUxjK978dwS9bxgty6WzPAoSjNwilzgf2CcLcHyIzDwwzWCndM9jtpXbUbLhOH6CvsvygBD7j06wakLOorTS+cAFecUvaUkDr6gSu6zpM29DcFiq8T1VoWhBzwC/9IKnxV/XqaZBM3Em7NfPQIzYWcD9A5+Holj2I6jcTSd9xIdMhD4Miqm8IdojPkP2NuVfD9AMxn0ccwbROG/zliyXtcxRj8b3jEquBKuN+yGqF5hexmKlhHmHua9NwhsWnGWjOWWSaPtsp3WOM/fEc7cWpVWZ+W8V5LbdWEY3Ke52Cz35QbOSml09H/gIzsMxZbiZvkJB4PvWKf0FoyZ8ojJWIaGP1/LQdXNMWorqy7tWp3sAw3JcMsR0ezJ3YoI6Y6FOIdL0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSAD3bCc9ZHGqU+HoCtp69uU3Px5bbVYYrHbLS3AS1Xku9rPKE/oUU/fz8/AZxp6dLuKhPjQjLzgbFjM0rK57fiOPqBnlw3eAiIymrlB03ALLV3y+GF2OhVf2rkcPkUxjK978dwS9bxgty6WzPAoSjNwilzgf2CcLcHyIzDwwzWCndM9jtpXbUbLhOH6CvsvygBD7j06wakLOorTS+cAFecUvaUkDr6gSu6zpM29DcFiq8T1VoWhBzwC/9IKnxV/XqaZBM3Em7NfPQIzYWcD9A5+Holj2I6jcTSd9xIdMhD4Miqm8IdojPkP2NuVfD9AMxn0ccwbROG/zliyXtcxRj8b3jEquBKuN+yGqF5hexmKlhHmHua9NwhsWnGWjOWWSaPtsp3WOM/fEc7cWpVWZ+W8V5LbdWEY3Ke52Cz35QbOSml09H/gIzsMxZbiZvkJB4PvWKf0FoyZ8ojJWIaGP1/LQdXNMWorqy7tWp3sAw3JcMsR0ezJ3YoI6Y6FOIdL0="
]; ];
in in {
{ "cloudflare-dns.age".publicKeys = [rpi4] ++ all-user;
"cloudflare-dns.age".publicKeys = [ rpi4 ] ++ all-user; "wireguard-rpi4.age".publicKeys = [rpi4] ++ all-user;
"wireguard-rpi4.age".publicKeys = [ rpi4 ] ++ all-user; "htpasswd.age".publicKeys = [rpi4] ++ all-user;
"htpasswd.age".publicKeys = [ rpi4 ] ++ all-user; "htpasswd-cam.age".publicKeys = [rpi4] ++ all-user;
"htpasswd-cam.age".publicKeys = [ rpi4 ] ++ all-user; "authelia-users.age".publicKeys = [rpi4] ++ all-user;
"authelia-users.age".publicKeys = [ rpi4 ] ++ all-user; "authelia-storage.age".publicKeys = [rpi4] ++ all-user;
"authelia-storage.age".publicKeys = [ rpi4 ] ++ all-user; "authelia-jwt.age".publicKeys = [rpi4] ++ all-user;
"authelia-jwt.age".publicKeys = [ rpi4 ] ++ all-user; "authelia-session.age".publicKeys = [rpi4] ++ all-user;
"authelia-session.age".publicKeys = [ rpi4 ] ++ all-user; "homepage.age".publicKeys = [rpi4] ++ all-user;
"homepage.age".publicKeys = [ rpi4 ] ++ all-user; "paperless-admin.age".publicKeys = [rpi4] ++ all-user;
"paperless-admin.age".publicKeys = [ rpi4 ] ++ all-user;
"restic-rclone.age".publicKeys = [ rpi4 nullbox slab ] ++ all-user; "restic-rclone.age".publicKeys = [rpi4 nullbox slab] ++ all-user;
"restic-password.age".publicKeys = [ rpi4 nullbox slab ] ++ all-user; "restic-password.age".publicKeys = [rpi4 nullbox slab] ++ all-user;
"anki-user.age".publicKeys = [ rpi4 ] ++ all-user; "anki-user.age".publicKeys = [rpi4] ++ all-user;
} }

11
system/cachix.nix
View File

@ -1,8 +1,11 @@
{ pkgs, lib, config, ... }:
let
cfg = config.nixfiles.cachix;
in
{ {
pkgs,
lib,
config,
...
}: let
cfg = config.nixfiles.cachix;
in {
options.nixfiles.cachix.enable = lib.mkOption { options.nixfiles.cachix.enable = lib.mkOption {
description = "Whether to enable the Cachix derivation cache"; description = "Whether to enable the Cachix derivation cache";
type = lib.types.bool; type = lib.types.bool;

53
system/common/bootnext.nix
View File

@ -1,11 +1,16 @@
{ config, lib, pkgs, options, ... }: {
let config,
lib,
pkgs,
options,
...
}: let
inherit (lib) types escapeShellArg; inherit (lib) types escapeShellArg;
cfg = config.nixfiles.common.bootnext; cfg = config.nixfiles.common.bootnext;
bootNextScriptMain = pkgs.writeShellScript "bootnext-wrapped" '' bootNextScriptMain = pkgs.writeShellScript "bootnext-wrapped" ''
set -Eeuxo pipefail set -Eeuxo pipefail
PATH=${lib.escapeShellArg (with pkgs; lib.makeBinPath [ gnugrep coreutils efibootmgr ])} PATH=${lib.escapeShellArg (with pkgs; lib.makeBinPath [gnugrep coreutils efibootmgr])}
export PATH export PATH
function do_bootnext() { function do_bootnext() {
@ -19,9 +24,10 @@ let
case "$1" in case "$1" in
${lib.concatStringsSep "\n" ( ${lib.concatStringsSep "\n" (
lib.mapAttrsToList (name: value: lib.mapAttrsToList (
" ${escapeShellArg name}) do_bootnext ${escapeShellArg value.efiPartUUID} ${escapeShellArg value.name} ;;" name: value: " ${escapeShellArg name}) do_bootnext ${escapeShellArg value.efiPartUUID} ${escapeShellArg value.name} ;;"
) cfg.entries )
cfg.entries
)} )}
*) echo "Boot entry \"$1\" not configured."; exit 1;; *) echo "Boot entry \"$1\" not configured."; exit 1;;
esac esac
@ -49,18 +55,17 @@ let
bootnextDesktopEntries = pkgs.symlinkJoin { bootnextDesktopEntries = pkgs.symlinkJoin {
name = "bootnext-desktop-entries"; name = "bootnext-desktop-entries";
paths = lib.mapAttrsToList (name: value: pkgs.makeDesktopItem { paths = lib.mapAttrsToList (name: value:
pkgs.makeDesktopItem {
name = "bootnext-reboot-${name}"; name = "bootnext-reboot-${name}";
desktopName = "Reboot into ${value.desktopEntry.name}"; desktopName = "Reboot into ${value.desktopEntry.name}";
comment = "Select the entry defined by the `${name}` configuration in the bootnext script and then reboot."; comment = "Select the entry defined by the `${name}` configuration in the bootnext script and then reboot.";
icon = "${value.desktopEntry.icon}"; icon = "${value.desktopEntry.icon}";
keywords = [ "bootnext" "reboot" "${name}" "${value.desktopEntry.name}" ]; keywords = ["bootnext" "reboot" "${name}" "${value.desktopEntry.name}"];
exec = "${desktopWrapper} ${name}"; exec = "${desktopWrapper} ${name}";
}) (lib.filterAttrs (_: value: value.desktopEntry.enable) cfg.entries); }) (lib.filterAttrs (_: value: value.desktopEntry.enable) cfg.entries);
}; };
in {
in
{
options = { options = {
nixfiles.common.bootnext = { nixfiles.common.bootnext = {
enable = lib.mkOption { enable = lib.mkOption {
@ -71,17 +76,23 @@ in
default = false; default = false;
example = true; example = true;
}; };
enableDesktopEntries = lib.mkEnableOption "generation of bootnext Desktop entries" // { default = true; }; enableDesktopEntries = lib.mkEnableOption "generation of bootnext Desktop entries" // {default = true;};
entries = let entries = let
entryModule = {name, config, ... }: { entryModule = {
name,
config,
...
}: {
options = let options = let
uuidType = with types; lib.mkOptionType { uuidType = with types;
lib.mkOptionType {
name = "uuid"; name = "uuid";
description = "UUID"; description = "UUID";
descriptionClass = "noun"; descriptionClass = "noun";
check = let check = let
uuidRegex = "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}$"; uuidRegex = "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}$";
in x: str.check x && (builtins.match uuidRegex x) != null; in
x: str.check x && (builtins.match uuidRegex x) != null;
inherit (str) merge; inherit (str) merge;
}; };
in { in {
@ -116,7 +127,8 @@ in
}; };
}; };
}; };
in lib.mkOption { in
lib.mkOption {
description = "bootnext entry"; description = "bootnext entry";
type = with types; attrsOf (submodule entryModule); type = with types; attrsOf (submodule entryModule);
}; };
@ -124,14 +136,17 @@ in
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = [ bootNextScript ] ++ lib.optional cfg.enableDesktopEntries bootnextDesktopEntries; environment.systemPackages = [bootNextScript] ++ lib.optional cfg.enableDesktopEntries bootnextDesktopEntries;
security.sudo.extraRules = lib.mkAfter [ security.sudo.extraRules = lib.mkAfter [
{ {
commands = [ commands = [
{ command = "${bootNextScriptMain}"; options = [ "NOPASSWD" ]; } {
command = "${bootNextScriptMain}";
options = ["NOPASSWD"];
}
]; ];
groups = [ "wheel" ]; groups = ["wheel"];
} }
]; ];
}; };

15
system/common/busybox.nix
View File

@ -1,8 +1,14 @@
{ config, pkgs, lib, ... }: {
let config,
pkgs,
lib,
...
}: let
cfg = config.nixfiles.common.busybox; cfg = config.nixfiles.common.busybox;
in { in {
options.nixfiles.common.busybox.enable = lib.mkEnableOption "" // { options.nixfiles.common.busybox.enable =
lib.mkEnableOption ""
// {
description = '' description = ''
Whether to install Busybox into the system environment as a very low Whether to install Busybox into the system environment as a very low
priority fallback for common commands. This should *never* override a priority fallback for common commands. This should *never* override a
@ -11,7 +17,8 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; lib.mkOrder 50 [ environment.systemPackages = with pkgs;
lib.mkOrder 50 [
busybox busybox
]; ];
}; };

3
system/common/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./me.nix ./me.nix
./remote.nix ./remote.nix

13
system/common/me.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ...}:
let
cfg = config.nixfiles.common.me;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.common.me;
in {
options.nixfiles.common.me = { options.nixfiles.common.me = {
enable = lib.mkEnableOption "my user account"; enable = lib.mkEnableOption "my user account";
}; };
@ -12,7 +15,7 @@ in
uid = 1000; uid = 1000;
group = "nullbite"; group = "nullbite";
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ] ++ lib.optional config.nixfiles.packageSets.fun.enable "input"; extraGroups = ["wheel"] ++ lib.optional config.nixfiles.packageSets.fun.enable "input";
packages = with pkgs; [ packages = with pkgs; [
keychain keychain
]; ];

25
system/common/nix.nix
View File

@ -1,8 +1,14 @@
{ pkgs, lib, config, options, inputs, nixpkgs, ... }:
let
cfg = config.nixfiles.common.nix;
in
{ {
pkgs,
lib,
config,
options,
inputs,
nixpkgs,
...
}: let
cfg = config.nixfiles.common.nix;
in {
options.nixfiles.common.nix = { options.nixfiles.common.nix = {
enable = lib.mkEnableOption "common Nix configuration"; enable = lib.mkEnableOption "common Nix configuration";
registerNixpkgs = lib.mkOption { registerNixpkgs = lib.mkOption {
@ -11,7 +17,8 @@ in
example = "true"; example = "true";
description = "Whether to register the Nixpkgs revision used by Nixfiles to the system's flake registry and make it tye system's <nixpkgs> channel"; description = "Whether to register the Nixpkgs revision used by Nixfiles to the system's flake registry and make it tye system's <nixpkgs> channel";
}; };
/* # TODO /*
# TODO
register = lib.mkOption { register = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = cfg.enable; default = cfg.enable;
@ -22,8 +29,7 @@ in
}; };
config = lib.mkMerge [ config = lib.mkMerge [
( lib.mkIf cfg.registerNixpkgs { (lib.mkIf cfg.registerNixpkgs {
# this makes modern nix tools use the system's version of nixpkgs # this makes modern nix tools use the system's version of nixpkgs
nix.registry = { nix.registry = {
# this keeps nixfiles-assets in the store so i can save some GitHub LFS # this keeps nixfiles-assets in the store so i can save some GitHub LFS
@ -58,10 +64,9 @@ in
# compatibility becasue once `, vkcube` couldn't find the correct opengl # compatibility becasue once `, vkcube` couldn't find the correct opengl
# driver or something (also it reduces the download size of temporary shell # driver or something (also it reduces the download size of temporary shell
# closures) # closures)
nix.nixPath = [ "nixpkgs=${nixpkgs}" ] ++ options.nix.nixPath.default; nix.nixPath = ["nixpkgs=${nixpkgs}"] ++ options.nix.nixPath.default;
}) })
( lib.mkIf cfg.enable { (lib.mkIf cfg.enable {
# direnv is a tool to automatically load shell environments upon entering # direnv is a tool to automatically load shell environments upon entering
# a directory. nix-direnv has an extensionn to keep nix shells in the # a directory. nix-direnv has an extensionn to keep nix shells in the
# system's gcroots so shells can be used after a gc without rebuilding. # system's gcroots so shells can be used after a gc without rebuilding.

15
system/common/remote.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
cfg = config.nixfiles.common.remoteAccess;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.common.remoteAccess;
in {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
@ -10,7 +13,6 @@ in
enable = true; enable = true;
openFirewall = true; openFirewall = true;
settings = { settings = {
}; };
}; };
@ -27,5 +29,6 @@ in
networking.wireguard.enable = true; networking.wireguard.enable = true;
}; };
options = { options = {
nixfiles.common.remoteAccess.enable = lib.mkEnableOption "remote access options" ; }; nixfiles.common.remoteAccess.enable = lib.mkEnableOption "remote access options";
};
} }

12
system/common/wm.nix
View File

@ -1,9 +1,13 @@
{ pkgs, lib, config, options, ...}: {
let pkgs,
lib,
config,
options,
...
}: let
inherit (lib) mkDefault mkIf mkEnableOption; inherit (lib) mkDefault mkIf mkEnableOption;
cfg = config.nixfiles.common.wm; cfg = config.nixfiles.common.wm;
in in {
{
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Common options for standalone window managers; many of these (or # Common options for standalone window managers; many of these (or
# alternatives thereof) are pulled in by desktop environments. # alternatives thereof) are pulled in by desktop environments.

17
system/default.nix
View File

@ -1,4 +1,14 @@
{ pkgs, config, lib, options, nixpkgs, home-manager, inputs, utils, ... }@args: {
pkgs,
config,
lib,
options,
nixpkgs,
home-manager,
inputs,
utils,
...
} @ args:
# ^ all these args are yucky and non-portable, replace them with a module # ^ all these args are yucky and non-portable, replace them with a module
# called from the scope of the flake that brings relevant # called from the scope of the flake that brings relevant
# inputs/outputs/overlays/etc into scope. this might even make nixfiles # inputs/outputs/overlays/etc into scope. this might even make nixfiles
@ -6,8 +16,7 @@
let let
cfg = config.nixfiles; cfg = config.nixfiles;
flakeType = cfg.lib.types.flake; flakeType = cfg.lib.types.flake;
in in {
{
imports = [ imports = [
./common ./common
./hardware ./hardware
@ -50,7 +59,7 @@ in
lib = lib.mkOption { lib = lib.mkOption {
description = "nixfiles library"; description = "nixfiles library";
default = (import ../lib/nixfiles) { inherit pkgs; }; default = (import ../lib/nixfiles) {inherit pkgs;};
readOnly = true; readOnly = true;
type = lib.types.attrs; type = lib.types.attrs;
}; };

6
system/fragments/debugging.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ...}:
{ {
config,
lib,
pkgs,
...
}: {
environment = { environment = {
enableDebugInfo = true; enableDebugInfo = true;
systemPackages = with pkgs; [ systemPackages = with pkgs; [

32
system/hardware/binfmt.nix
View File

@ -1,23 +1,28 @@
{ pkgs, config, lib, options, ... }: {
let pkgs,
config,
configForSystem = (system: lib,
let options,
riscv = [ "riscv32-linux" "riscv64-linux" ]; ...
arm = [ "armv6l-linux" "armv7l-linux" "aarch64-linux" ]; }: let
x86 = [ "i686-linux" "x86_64-linux" ]; configForSystem = (
windows = [ "x86_64-windows" "i686-windows" ]; system: let
riscv = ["riscv32-linux" "riscv64-linux"];
arm = ["armv6l-linux" "armv7l-linux" "aarch64-linux"];
x86 = ["i686-linux" "x86_64-linux"];
windows = ["x86_64-windows" "i686-windows"];
systems = { systems = {
x86_64-linux = riscv ++ arm; x86_64-linux = riscv ++ arm;
aarch64-linux = riscv; aarch64-linux = riscv;
}; };
in in
if (systems ? "${system}") then systems."${system}" else [] if (systems ? "${system}")
then systems."${system}"
else []
); );
emulatedSystems = configForSystem "${pkgs.system}"; emulatedSystems = configForSystem "${pkgs.system}";
cfg = config.nixfiles.binfmt; cfg = config.nixfiles.binfmt;
in in {
{
options.nixfiles.binfmt = { options.nixfiles.binfmt = {
enable = lib.mkOption { enable = lib.mkOption {
description = "Whether to configure default binfmt emulated systems for the current architecture"; description = "Whether to configure default binfmt emulated systems for the current architecture";
@ -29,7 +34,8 @@ in
config = let config = let
enable = cfg.enable && (builtins.length emulatedSystems) > 0; enable = cfg.enable && (builtins.length emulatedSystems) > 0;
in lib.mkMerge [ in
lib.mkMerge [
(lib.mkIf enable { (lib.mkIf enable {
boot.binfmt = {inherit emulatedSystems;}; boot.binfmt = {inherit emulatedSystems;};
}) })

11
system/hardware/bluetooth.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ...}:
let
cfg = config.nixfiles.hardware.bluetooth;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.hardware.bluetooth;
in {
options.nixfiles.hardware.bluetooth = { options.nixfiles.hardware.bluetooth = {
enable = lib.mkEnableOption "Bluetooth"; enable = lib.mkEnableOption "Bluetooth";
}; };

3
system/hardware/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./bluetooth.nix ./bluetooth.nix
./nvidia.nix ./nvidia.nix

15
system/hardware/gps.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
cfg = config.nixfiles.hardware.gps;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.hardware.gps;
in {
options = { options = {
nixfiles.hardware.gps = { nixfiles.hardware.gps = {
enable = lib.mkEnableOption "GPS configuration"; enable = lib.mkEnableOption "GPS configuration";
@ -34,8 +37,8 @@ in
socat socat
]; ];
description = "gpsd to Geoclue2 GPS data bridge"; description = "gpsd to Geoclue2 GPS data bridge";
before = [ "geoclue.service" ]; before = ["geoclue.service"];
wantedBy = [ "geoclue.service" "multi-user.target" ]; wantedBy = ["geoclue.service" "multi-user.target"];
serviceConfig = { serviceConfig = {
RuntimeDirectory = "gpsd-nmea"; RuntimeDirectory = "gpsd-nmea";
ExecStart = pkgs.writeShellScript "gpsd-nmea-bridge" '' ExecStart = pkgs.writeShellScript "gpsd-nmea-bridge" ''

19
system/hardware/nvidia.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ...}: {
let config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.hardware.nvidia; cfg = config.nixfiles.hardware.nvidia;
rcu_patch = pkgs.fetchpatch { rcu_patch = pkgs.fetchpatch {
@ -24,10 +28,9 @@ let
settingsSha256 = "sha256-9wqoDEWY4I7weWW05F4igj1Gj9wjHsREFMztfEmqm10="; settingsSha256 = "sha256-9wqoDEWY4I7weWW05F4igj1Gj9wjHsREFMztfEmqm10=";
persistencedSha256 = "sha256-d0Q3Lk80JqkS1B54Mahu2yY/WocOqFFbZVBh+ToGhaE="; persistencedSha256 = "sha256-d0Q3Lk80JqkS1B54Mahu2yY/WocOqFFbZVBh+ToGhaE=";
patches = [ rcu_patch ]; patches = [rcu_patch];
}; };
in in {
{
# imports = [ # imports = [
# ../opengl.nix # ../opengl.nix
# ]; # ];
@ -41,10 +44,9 @@ in
nixfiles.hardware.opengl.enable = true; nixfiles.hardware.opengl.enable = true;
boot.kernelParams = [ "nvidia-drm.fbdev=1" ]; boot.kernelParams = ["nvidia-drm.fbdev=1"];
hardware.nvidia = { hardware.nvidia = {
# Modesetting is required. # Modesetting is required.
modesetting.enable = lib.mkDefault true; modesetting.enable = lib.mkDefault true;
@ -71,7 +73,8 @@ in
# Optionally, you may need to select the appropriate driver version for your specific GPU. # Optionally, you may need to select the appropriate driver version for your specific GPU.
package = let package = let
inherit (config.boot.kernelPackages.nvidiaPackages) production stable latest beta; inherit (config.boot.kernelPackages.nvidiaPackages) production stable latest beta;
in lib.mkDefault latest; in
lib.mkDefault latest;
}; };
}; };
} }

25
system/hardware/opengl.nix
View File

@ -1,24 +1,31 @@
{ config, lib, pkgs, ...}:
let
cfg = config.nixfiles.hardware.opengl;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.hardware.opengl;
in {
options.nixfiles.hardware.opengl.enable = lib.mkEnableOption "OpenGL configuration"; options.nixfiles.hardware.opengl.enable = lib.mkEnableOption "OpenGL configuration";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = let environment.systemPackages = let
offload-enabled = config.hardware.nvidia.prime.offload.enableOffloadCmd; offload-enabled = config.hardware.nvidia.prime.offload.enableOffloadCmd;
glxinfo = lib.getExe' pkgs.glxinfo "glxinfo"; glxinfo = lib.getExe' pkgs.glxinfo "glxinfo";
auto-offload = pkgs.writeShellScriptBin "auto-offload" ( auto-offload = pkgs.writeShellScriptBin "auto-offload" (
(if offload-enabled then '' (
if offload-enabled
then ''
if nvidia-offload ${glxinfo} > /dev/null 2>&1 ; then if nvidia-offload ${glxinfo} > /dev/null 2>&1 ; then
exec nvidia-offload "$@" exec nvidia-offload "$@"
fi fi
'' else "")
+
'' ''
else ""
)
+ ''
exec "$@" exec "$@"
''); ''
in [ auto-offload ]; );
in [auto-offload];
# Enable OpenGL # Enable OpenGL
hardware.graphics = { hardware.graphics = {
enable = true; enable = true;

25
system/hardware/sound.nix
View File

@ -1,9 +1,13 @@
{ config, lib, pkgs, inputs, ...}: {
let config,
lib,
pkgs,
inputs,
...
}: let
cfg = config.nixfiles.hardware.sound; cfg = config.nixfiles.hardware.sound;
inherit (lib) optionals mkEnableOption mkIf mkDefault; inherit (lib) optionals mkEnableOption mkIf mkDefault;
in in {
{
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
@ -18,7 +22,8 @@ in
}; };
}; };
config = lib.mkMerge [(mkIf cfg.enable { config = lib.mkMerge [
(mkIf cfg.enable {
security.rtkit.enable = mkDefault true; security.rtkit.enable = mkDefault true;
services.pipewire = { services.pipewire = {
enable = true; enable = true;
@ -37,20 +42,22 @@ in
}; };
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
[
qpwgraph qpwgraph
easyeffects easyeffects
] ++ optionals config.services.pipewire.pulse.enable [ ]
++ optionals config.services.pipewire.pulse.enable [
pavucontrol pavucontrol
ncpamixer ncpamixer
pulsemixer pulsemixer
]; ];
}) })
({ {
# use alsa-ucm-conf from unstable (fixes Scarlett Solo channels) # use alsa-ucm-conf from unstable (fixes Scarlett Solo channels)
nixpkgs.overlays = lib.optional cfg.useUnstableUcmConf (final: prev: { nixpkgs.overlays = lib.optional cfg.useUnstableUcmConf (final: prev: {
inherit (inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}) alsa-ucm-conf; inherit (inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}) alsa-ucm-conf;
}); });
}) }
]; ];
} }

37
system/minecraft.nix
View File

@ -1,10 +1,19 @@
{ config, lib, pkgs, inputs, ... }:
{ {
config,
lib,
pkgs,
inputs,
...
}: {
imports = [ imports = [
inputs.nix-minecraft.nixosModules.minecraft-servers inputs.nix-minecraft.nixosModules.minecraft-servers
]; ];
options.services.minecraft-servers.servers = let options.services.minecraft-servers.servers = let
serverModule = { name, config, ... }: { serverModule = {
name,
config,
...
}: {
options = { options = {
useRecommendedDefaults = lib.mkOption { useRecommendedDefaults = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
@ -21,13 +30,13 @@
modpackFiles = lib.mkOption { modpackFiles = lib.mkOption {
description = "List of files from modpack to copy into server directory"; description = "List of files from modpack to copy into server directory";
type = with lib.types; listOf str; type = with lib.types; listOf str;
default = [ ]; default = [];
}; };
modpackSymlinks = lib.mkOption { modpackSymlinks = lib.mkOption {
description = "List of files from modpack to symlink into server directory"; description = "List of files from modpack to symlink into server directory";
type = with lib.types; listOf str; type = with lib.types; listOf str;
default = [ ]; default = [];
}; };
}; };
@ -75,18 +84,26 @@
inherit (config) modpack; inherit (config) modpack;
mcVersion = modpack.manifest.versions.minecraft; mcVersion = modpack.manifest.versions.minecraft;
fixedVersion = lib.replaceStrings [ "." ] [ "_" ] mcVersion; fixedVersion = lib.replaceStrings ["."] ["_"] mcVersion;
quiltVersion = modpack.manifest.versions.quilt or null; quiltVersion = modpack.manifest.versions.quilt or null;
fabricVersion = modpack.manifest.versions.fabric or null; fabricVersion = modpack.manifest.versions.fabric or null;
loader = if (!(builtins.isNull quiltVersion)) then "quilt" else "fabric"; loader =
loaderVersion = if loader == "quilt" then quiltVersion else fabricVersion; if (!(builtins.isNull quiltVersion))
then "quilt"
else "fabric";
loaderVersion =
if loader == "quilt"
then quiltVersion
else fabricVersion;
serverPackage = pkgs.minecraftServers."${loader}-${fixedVersion}".override { inherit loaderVersion; }; serverPackage = pkgs.minecraftServers."${loader}-${fixedVersion}".override {inherit loaderVersion;};
in lib.mkDefault serverPackage; in
lib.mkDefault serverPackage;
}) })
]; ];
}; };
in lib.mkOption { in
lib.mkOption {
type = with lib.types; attrsOf (submodule serverModule); type = with lib.types; attrsOf (submodule serverModule);
}; };
} }

21
system/mitigations.nix
View File

@ -1,5 +1,11 @@
{ pkgs, config, lib, inputs, nixpkgs, ... }: {
let pkgs,
config,
lib,
inputs,
nixpkgs,
...
}: let
p5 = config.services.xserver.desktopManager.plasma5.enable; p5 = config.services.xserver.desktopManager.plasma5.enable;
p6 = config.services.desktopManager.plasma6.enable; p6 = config.services.desktopManager.plasma6.enable;
@ -7,8 +13,11 @@ let
# kernel update # kernel update
newKernelPackages = let newKernelPackages = let
pkgs-new = import inputs.nixpkgs-unstable { inherit (pkgs) system; config.allowUnfree = true; }; pkgs-new = import inputs.nixpkgs-unstable {
in pkgs-new.linuxPackages_latest; inherit (pkgs) system;
in config.allowUnfree = true;
{ };
in
pkgs-new.linuxPackages_latest;
in {
} }

3
system/package-sets/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./gaming.nix ./gaming.nix
./multimedia.nix ./multimedia.nix

21
system/package-sets/fun.nix
View File

@ -1,14 +1,17 @@
{ pkgs, config, lib, ...}:
let
cfg = config.nixfiles.packageSets.fun;
in
{ {
pkgs,
config,
lib,
...
}: let
cfg = config.nixfiles.packageSets.fun;
in {
options.nixfiles.packageSets.fun = { options.nixfiles.packageSets.fun = {
enable = lib.mkEnableOption "fun package set"; enable = lib.mkEnableOption "fun package set";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
[
cowsay cowsay
uwufetch uwufetch
fortune fortune
@ -18,9 +21,11 @@ in
figlet figlet
aalib aalib
asciiquarium asciiquarium
] ++ lib.optionals config.services.xserver.enable [ ]
++ lib.optionals config.services.xserver.enable [
oneko oneko
] ++ lib.optionals config.services.pipewire.enable [ ]
++ lib.optionals config.services.pipewire.enable [
bucklespring-libinput bucklespring-libinput
espeak espeak
]; ];

19
system/package-sets/multimedia.nix
View File

@ -1,21 +1,26 @@
{ config, lib, pkgs, ...}: {
let config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.packageSets.multimedia; cfg = config.nixfiles.packageSets.multimedia;
inherit (lib) optional optionals mkEnableOption mkIf; inherit (lib) optional optionals mkEnableOption mkIf;
nvidiaEnabled = (lib.elem "nvidia" config.services.xserver.videoDrivers); nvidiaEnabled = lib.elem "nvidia" config.services.xserver.videoDrivers;
in in {
{
options.nixfiles.packageSets.multimedia = { options.nixfiles.packageSets.multimedia = {
enable = mkEnableOption "multimedia packages"; enable = mkEnableOption "multimedia packages";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs; optionals config.services.xserver.enable [ environment.systemPackages = with pkgs;
optionals config.services.xserver.enable [
mpv mpv
gimp gimp
krita krita
inkscape inkscape
obs-studio obs-studio
] ++ [ ]
++ [
gallery-dl gallery-dl
yt-dlp yt-dlp
imagemagick imagemagick

19
system/profile/base.nix
View File

@ -1,8 +1,14 @@
{ config, lib, pkgs, options, inputs, outputs, ...}@args:
let
cfg = config.nixfiles.profile.base;
in
{ {
config,
lib,
pkgs,
options,
inputs,
outputs,
...
} @ args: let
cfg = config.nixfiles.profile.base;
in {
options.nixfiles.profile.base = { options.nixfiles.profile.base = {
enable = lib.mkEnableOption "base config"; enable = lib.mkEnableOption "base config";
}; };
@ -10,7 +16,6 @@ in
# to delete this # to delete this
config = lib.mkMerge [ config = lib.mkMerge [
(lib.mkIf cfg.enable { (lib.mkIf cfg.enable {
nixfiles.common = { nixfiles.common = {
# Enable my account # Enable my account
me.enable = lib.mkDefault true; me.enable = lib.mkDefault true;
@ -30,7 +35,7 @@ in
}; };
# Enable flakes # Enable flakes
nix.settings.experimental-features = ["nix-command" "flakes" ]; nix.settings.experimental-features = ["nix-command" "flakes"];
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
@ -124,7 +129,7 @@ in
]; ];
# Needed for Kvantum themes to be detected # Needed for Kvantum themes to be detected
environment.pathsToLink = [ "/share/Kvantum" ]; environment.pathsToLink = ["/share/Kvantum"];
# allow for more interactive authentication # allow for more interactive authentication
security.polkit.enable = lib.mkDefault true; security.polkit.enable = lib.mkDefault true;

3
system/profile/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./base.nix ./base.nix
./pc.nix ./pc.nix

15
system/profile/pc.nix
View File

@ -1,10 +1,15 @@
{ pkgs, config, lib, ... }: {
let pkgs,
config,
lib,
...
}: let
cfg = config.nixfiles.profile.pc; cfg = config.nixfiles.profile.pc;
inherit (lib) mkDefault; inherit (lib) mkDefault;
in in {
{ options.nixfiles.profile.pc.enable =
options.nixfiles.profile.pc.enable = lib.mkEnableOption "minimal PC profile" // { lib.mkEnableOption "minimal PC profile"
// {
description = '' description = ''
Whether to enable the minimal PC profile. This profile configures basic Whether to enable the minimal PC profile. This profile configures basic
system configuration for physical PCs, such as enabling sound and system configuration for physical PCs, such as enabling sound and

10
system/profile/server.nix
View File

@ -1,10 +1,12 @@
{ config, lib, ... }: {
let config,
lib,
...
}: let
cfg = config.nixfiles.profile.server; cfg = config.nixfiles.profile.server;
inherit (lib) mkEnableOption mkDefault; inherit (lib) mkEnableOption mkDefault;
inherit (lib.types) bool int str; inherit (lib.types) bool int str;
in in {
{
options.nixfiles.profile.server.enable = mkEnableOption "server profile"; options.nixfiles.profile.server.enable = mkEnableOption "server profile";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {

18
system/profile/workstation.nix
View File

@ -1,11 +1,15 @@
{ pkgs, config, lib, ... }: {
let pkgs,
config,
lib,
...
}: let
cfg = config.nixfiles.profile.workstation; cfg = config.nixfiles.profile.workstation;
inherit (lib) mkDefault; inherit (lib) mkDefault;
in in {
{ options.nixfiles.profile.workstation.enable =
options.nixfiles.profile.workstation.enable = lib.mkEnableOption "workstation (featureful PC) profile" // lib.mkEnableOption "workstation (featureful PC) profile"
{ // {
description = '' description = ''
Whether to enable the workstation (featureful PC) profile. This profile Whether to enable the workstation (featureful PC) profile. This profile
enables the base PC profile, as well as installs and configures various enables the base PC profile, as well as installs and configures various
@ -37,7 +41,7 @@ in
nerd-fonts.fira-code nerd-fonts.fira-code
font-awesome font-awesome
noto-fonts-cjk-sans noto-fonts-cjk-sans
(google-fonts.override { fonts = [ "NovaSquare" ];}) (google-fonts.override {fonts = ["NovaSquare"];})
]; ];
# TODO this should be defined in home-manager or not at all probably # TODO this should be defined in home-manager or not at all probably

15
system/programs/android.nix
View File

@ -1,14 +1,19 @@
{ config, lib, pkgs, outputs, vars, ...}@args:
let
cfg = config.nixfiles.programs.adb;
in
{ {
config,
lib,
pkgs,
outputs,
vars,
...
} @ args: let
cfg = config.nixfiles.programs.adb;
in {
options.nixfiles.programs.adb = { options.nixfiles.programs.adb = {
enable = lib.mkEnableOption "adb configuration"; enable = lib.mkEnableOption "adb configuration";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
programs.adb.enable = true; programs.adb.enable = true;
users.users.${vars.username}.extraGroups = [ "adbusers" ]; users.users.${vars.username}.extraGroups = ["adbusers"];
}; };
} }

Some files were not shown because too many files have changed in this diff Show More