nullbite/nixfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reformat repository with Alejandra

Browse Source
This commit is contained in:
NullBite 2025-02-25 16:53:02 -05:00
parent b8f5793ac0
commit 783055b885
Signed by: nullbite
GPG Key ID: 6C4D545385D4925A
113 changed files with 2348 additions and 1841 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
default.nix
View File

@ -1,13 +1,15 @@
(import (
import
( (
let let
lock = builtins.fromJSON (builtins.readFile ./flake.lock); lock = builtins.fromJSON (builtins.readFile ./flake.lock);
nodeName = lock.nodes.root.inputs.flake-compat; nodeName = lock.nodes.root.inputs.flake-compat;
in in
fetchTarball { fetchTarball {
url = lock.nodes.${nodeName}.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.${nodeName}.locked.rev}.tar.gz"; url = lock.nodes.${nodeName}.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.${nodeName}.locked.rev}.tar.gz";
sha256 = lock.nodes.${nodeName}.locked.narHash; sha256 = lock.nodes.${nodeName}.locked.narHash;
} }
) )
{ src = ./.; } {src = ./.;}
).defaultNix )
.defaultNix

2
flake/home.nix
View File

@ -1 +1 @@
{ ... }: { } {...}: {}

2
flake/packages.nix
View File

@ -1,2 +1,2 @@
{ ... }: { {...}: {
} }

3
home/common/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./wm ./wm
./nodm.nix ./nodm.nix

11
home/common/nix.nix
View File

@ -1,5 +1,12 @@
{ pkgs, lib, config, osConfig ? { }, options, nixpkgs, ... }: {
let pkgs,
lib,
config,
osConfig ? {},
options,
nixpkgs,
...
}: let
cfg = config.nixfiles.common.nix; cfg = config.nixfiles.common.nix;
standalone = !(osConfig ? home-manager); standalone = !(osConfig ? home-manager);
in { in {

43
home/common/nodm.nix
View File

@ -1,28 +1,35 @@
{ lib, pkgs, config, osConfig ? {}, options, ... }:
let
cfg = config.nixfiles.common.nodm;
in
{ {
lib,
pkgs,
config,
osConfig ? {},
options,
...
}: let
cfg = config.nixfiles.common.nodm;
in {
config = let config = let
hyprland="${config.wayland.windowManager.hyprland.finalPackage}/bin/Hyprland"; hyprland = "${config.wayland.windowManager.hyprland.finalPackage}/bin/Hyprland";
tty="${pkgs.coreutils}/bin/tty"; tty = "${pkgs.coreutils}/bin/tty";
initCommands = initCommands = ''
'' if [[ "$(${tty})" == "/dev/tty1" && -z "''${WAYLAND_DISPLAY:+x}" ]] ; then
if [[ "$(${tty})" == "/dev/tty1" && -z "''${WAYLAND_DISPLAY:+x}" ]] ; then ${hyprland}
${hyprland} fi
fi '';
''; in
in lib.mkIf (cfg.enable && config.wayland.windowManager.hyprland.enable) { lib.mkIf (cfg.enable && config.wayland.windowManager.hyprland.enable) {
# auto start Hyprland on tty1 # auto start Hyprland on tty1
programs.zsh.initExtra = initCommands; programs.zsh.initExtra = initCommands;
programs.bash.initExtra = initCommands; programs.bash.initExtra = initCommands;
}; };
options.nixfiles.common.nodm = { options.nixfiles.common.nodm = {
enable = lib.mkOption { enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
description = "Whether to automatically start a desktop session on TTY1, behaving like a rudimentary display manager."; description = "Whether to automatically start a desktop session on TTY1, behaving like a rudimentary display manager.";
default = osConfig ? systemd default =
osConfig
? systemd
&& config.nixfiles.meta.graphical && config.nixfiles.meta.graphical
&& (!( && (!(
(osConfig.systemd.services.display-manager.enable or false) (osConfig.systemd.services.display-manager.enable or false)

32
home/common/shell.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
inherit (lib) mkOption mkEnableOption mkIf mkDefault; inherit (lib) mkOption mkEnableOption mkIf mkDefault;
cfg = config.nixfiles.common.shell; cfg = config.nixfiles.common.shell;
@ -8,12 +12,13 @@ let
history | sed 's:^ \+[0-9]\+ \+::' | grep '^,' | cut -d' ' -f2- | sed 's:^\(-[^ ]\+ \?\)\+::g' | grep . | cut -d' ' -f1 | sort | uniq -c | sort -g history | sed 's:^ \+[0-9]\+ \+::' | grep '^,' | cut -d' ' -f2- | sed 's:^\(-[^ ]\+ \?\)\+::g' | grep . | cut -d' ' -f1 | sort | uniq -c | sort -g
} }
''; '';
in in {
{
options.nixfiles.common.shell = { options.nixfiles.common.shell = {
enable = lib.mkEnableOption "" // { enable =
description = "Whether to enable the nixfiles shell configuration."; lib.mkEnableOption ""
}; // {
description = "Whether to enable the nixfiles shell configuration.";
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -43,11 +48,13 @@ in
}; };
programs.zsh = { programs.zsh = {
enable = mkDefault true; enable = mkDefault true;
initExtra = '' initExtra =
export HOME_MANAGER_MANAGED=true ''
[[ -e ~/dotfiles/shell/.zshrc ]] && . ~/dotfiles/shell/.zshrc ]] export HOME_MANAGER_MANAGED=true
unset HOME_MANAGER_MANAGED [[ -e ~/dotfiles/shell/.zshrc ]] && . ~/dotfiles/shell/.zshrc ]]
'' + common_functions "zsh"; unset HOME_MANAGER_MANAGED
''
+ common_functions "zsh";
oh-my-zsh = { oh-my-zsh = {
enable = mkDefault true; enable = mkDefault true;
theme = "robbyrussell"; theme = "robbyrussell";
@ -59,6 +66,5 @@ in
]; ];
}; };
}; };
}; };
} }

68
home/common/theme.nix
View File

@ -1,35 +1,51 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.theming; cfg = config.nixfiles.theming;
mkDefaultStylix = lib.mkOverride 999; mkDefaultStylix = lib.mkOverride 999;
toCaps = s: with lib.strings; with builtins; toCaps = s:
(toUpper (substring 0 1 s)) + toLower (substring 1 ((stringLength s)-1) s); with lib.strings;
with builtins;
(toUpper (substring 0 1 s)) + toLower (substring 1 ((stringLength s) - 1) s);
inherit (lib.strings) toUpper toLower; inherit (lib.strings) toUpper toLower;
mkCtp = flavor: accent: with pkgs; { mkCtp = flavor: accent:
names = { with pkgs; {
cursors = "catppuccin-${toLower flavor}-${toLower accent}-cursors"; names = {
icons = "Papirus-Dark"; cursors = "catppuccin-${toLower flavor}-${toLower accent}-cursors";
gtk = let icons = "Papirus-Dark";
base = "Catppuccin-${toCaps flavor}-Standard-${toCaps accent}-Dark"; gtk = let
in { base = "Catppuccin-${toCaps flavor}-Standard-${toCaps accent}-Dark";
normal = "${base}"; in {
hdpi = "${base}-hdpi"; normal = "${base}";
xhdpi = "${base}-xhdpi"; hdpi = "${base}-hdpi";
xhdpi = "${base}-xhdpi";
};
};
packages = {
cursors = catppuccin-cursors."${toLower flavor}${toCaps accent}";
kvantum = catppuccin-kvantum.override {
variant = toLower flavor;
accent = toLower accent;
};
icons = catppuccin-papirus-folders.override {
flavor = toLower flavor;
accent = toLower accent;
};
gtk = catppuccin-gtk.override {
variant = toLower flavor;
accents = [(toLower accent)];
};
}; };
}; };
packages = {
cursors = catppuccin-cursors."${toLower flavor}${toCaps accent}";
kvantum = catppuccin-kvantum.override { variant = toLower flavor; accent = toLower accent; };
icons = catppuccin-papirus-folders.override { flavor = toLower flavor; accent = toLower accent; };
gtk = catppuccin-gtk.override { variant = toLower flavor; accents = [ (toLower accent) ]; };
};
};
ctp = with cfg.catppuccin; mkCtp flavor accent; ctp = with cfg.catppuccin; mkCtp flavor accent;
in { in {
options.nixfiles.theming = { options.nixfiles.theming = {
enable = lib.mkEnableOption "nixfiles theming options"; enable = lib.mkEnableOption "nixfiles theming options";
catppuccin = { catppuccin = {
@ -54,9 +70,11 @@ in {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
fonts.fontconfig.enable = lib.mkDefault true; fonts.fontconfig.enable = lib.mkDefault true;
home.packages = with pkgs; [ home.packages = with pkgs;
ubuntu_font_family [
] ++ lib.mapAttrsToList (k: v: v) ctp.packages; ubuntu_font_family
]
++ lib.mapAttrsToList (k: v: v) ctp.packages;
gtk = { gtk = {
enable = true; enable = true;

45
home/common/wm/default.nix
View File

@ -1,17 +1,22 @@
{ pkgs, lib, config, osConfig ? {}, options, ...}: {
let pkgs,
lib,
config,
osConfig ? {},
options,
...
}: let
cfg = config.nixfiles.common.wm; cfg = config.nixfiles.common.wm;
inherit (lib) mkDefault; inherit (lib) mkDefault;
mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v); mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v);
in in {
{
options.nixfiles.common.wm = { options.nixfiles.common.wm = {
enable = lib.mkEnableOption "common window manager config"; enable = lib.mkEnableOption "common window manager config";
autostart = lib.mkOption { autostart = lib.mkOption {
description = "List of window manager agnostic commnads to run at window manager startup"; description = "List of window manager agnostic commnads to run at window manager startup";
type = lib.types.listOf lib.types.str; type = lib.types.listOf lib.types.str;
default = [ ]; default = [];
example = [ "steam -silent" ]; example = ["steam -silent"];
}; };
}; };
@ -51,8 +56,14 @@ in
nwg-displays nwg-displays
# very consistent (ok it's actually a little better now) # very consistent (ok it's actually a little better now)
(catppuccin-papirus-folders.override {accent = "mauve"; flavor = "mocha"; }) (catppuccin-papirus-folders.override {
(pkgs.catppuccin-kvantum.override {accent = "mauve"; variant = "mocha"; }) accent = "mauve";
flavor = "mocha";
})
(pkgs.catppuccin-kvantum.override {
accent = "mauve";
variant = "mocha";
})
catppuccin-cursors.mochaMauve catppuccin-cursors.mochaMauve
arc-theme arc-theme
@ -73,19 +84,19 @@ in
}; };
}; };
# File associations # File associations
xdg.mimeApps = { xdg.mimeApps = {
enable = true; enable = true;
defaultApplications = let defaultApplications = let
defaultBrowser = [ "firefox.desktop" ]; defaultBrowser = ["firefox.desktop"];
in mkOverrideEach 50 { in
"x-scheme-handler/https" = defaultBrowser; mkOverrideEach 50 {
"x-scheme-handler/http" = defaultBrowser; "x-scheme-handler/https" = defaultBrowser;
"text/html" = defaultBrowser; "x-scheme-handler/http" = defaultBrowser;
"application/xhtml+xml" = defaultBrowser; "text/html" = defaultBrowser;
"application/pdf" = defaultBrowser; "application/xhtml+xml" = defaultBrowser;
}; "application/pdf" = defaultBrowser;
};
}; };
# this makes xdg.mimeApps overwrite mimeapps.list if it has been touched by something else # this makes xdg.mimeApps overwrite mimeapps.list if it has been touched by something else
xdg.configFile."mimeapps.list" = { xdg.configFile."mimeapps.list" = {

14
home/common/wm/keybinds.nix
View File

@ -1,12 +1,16 @@
{ pkgs, config, lib, outputs, ... }: {
let pkgs,
config,
lib,
outputs,
...
}: let
df = lib.mkDefault; df = lib.mkDefault;
mkxf = with lib; mapAttrs' (name: value: nameValuePair ("XF86" + name) (value)); mkxf = with lib; mapAttrs' (name: value: nameValuePair ("XF86" + name) value);
# not rewriting this rn # not rewriting this rn
keysetting = "${outputs.packages.${pkgs.system}.wm-helpers}/bin/keysetting"; keysetting = "${outputs.packages.${pkgs.system}.wm-helpers}/bin/keysetting";
in in {
{
options.nixfiles.common.wm = { options.nixfiles.common.wm = {
keybinds = lib.mkOption { keybinds = lib.mkOption {
description = '' description = ''

22
home/default.nix
View File

@ -1,10 +1,18 @@
{ pkgs, config, lib, options, osConfig ? { }, nixpkgs, home-manager, inputs, ... }@args: {
let pkgs,
config,
lib,
options,
osConfig ? {},
nixpkgs,
home-manager,
inputs,
...
} @ args: let
isStandalone = osConfig ? home-manager; isStandalone = osConfig ? home-manager;
cfg = config.nixfiles; cfg = config.nixfiles;
flakeType = cfg.lib.types.flake; flakeType = cfg.lib.types.flake;
in in {
{
imports = [ imports = [
./common ./common
./package-sets ./package-sets
@ -25,7 +33,7 @@ in
lib = lib.mkOption { lib = lib.mkOption {
description = "nixfiles library"; description = "nixfiles library";
default = (import ../lib/nixfiles) { inherit pkgs; }; default = (import ../lib/nixfiles) {inherit pkgs;};
readOnly = true; readOnly = true;
}; };
@ -53,13 +61,13 @@ in
meta.graphical = lib.mkOption { meta.graphical = lib.mkOption {
description = "Whether to enable graphical home-manager applications"; description = "Whether to enable graphical home-manager applications";
type = lib.types.bool; type = lib.types.bool;
default = (osConfig ? services && osConfig.services.xserver.enable); default = osConfig ? services && osConfig.services.xserver.enable;
example = true; example = true;
}; };
meta.wayland = lib.mkOption { meta.wayland = lib.mkOption {
description = "Whether to prefer wayland packages and configuration"; description = "Whether to prefer wayland packages and configuration";
type = lib.types.bool; type = lib.types.bool;
default = (lib.hasAttrByPath [ "nixfiles" "meta" "wayland" ] osConfig) && osConfig.nixfiles.meta.wayland; default = (lib.hasAttrByPath ["nixfiles" "meta" "wayland"] osConfig) && osConfig.nixfiles.meta.wayland;
example = true; example = true;
}; };

64
home/package-sets/communication.nix
View File

@ -1,10 +1,16 @@
{ pkgs, lib, config, osConfig ? {}, inputs, ... }: {
let pkgs,
lib,
config,
osConfig ? {},
inputs,
...
}: let
cfg = config.nixfiles.packageSets.communication; cfg = config.nixfiles.packageSets.communication;
rustdesk-pkg = if (lib.strings.hasInfix "23.11" lib.version) then rustdesk-pkg =
inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.rustdesk-flutter if (lib.strings.hasInfix "23.11" lib.version)
else then inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.rustdesk-flutter
pkgs.rustdesk-flutter; else pkgs.rustdesk-flutter;
vesktop-ozone-cmd = let vesktop-ozone-cmd = let
extraFlags = lib.optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu"; extraFlags = lib.optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu";
@ -17,23 +23,21 @@ let
done done
exec "$@" exec "$@"
''; '';
in in {
{
options.nixfiles.packageSets.communication = { options.nixfiles.packageSets.communication = {
enable = lib.mkEnableOption "communication package set"; enable = lib.mkEnableOption "communication package set";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
xdg.desktopEntries.vesktop = lib.mkIf config.nixfiles.meta.graphical { xdg.desktopEntries.vesktop = lib.mkIf config.nixfiles.meta.graphical {
categories= ["Network" "InstantMessaging" "Chat"]; categories = ["Network" "InstantMessaging" "Chat"];
exec=vesktop-ozone-cmd + " %U"; exec = vesktop-ozone-cmd + " %U";
genericName="Internet Messenger"; genericName = "Internet Messenger";
icon="vesktop"; icon = "vesktop";
name="Vesktop"; name = "Vesktop";
type="Application"; type = "Application";
settings = { settings = {
StartupWMClass="Vesktop"; StartupWMClass = "Vesktop";
Keywords="discord;vencord;electron;chat"; Keywords = "discord;vencord;electron;chat";
}; };
}; };
@ -41,17 +45,19 @@ in
(waitNet + " " + vesktop-ozone-cmd + " --start-minimized") (waitNet + " " + vesktop-ozone-cmd + " --start-minimized")
]; ];
home.packages = with pkgs; lib.optionals config.nixfiles.meta.graphical [ home.packages = with pkgs;
element-desktop lib.optionals config.nixfiles.meta.graphical [
telegram-desktop element-desktop
signal-desktop telegram-desktop
thunderbird signal-desktop
vesktop thunderbird
rustdesk-pkg vesktop
tor-browser rustdesk-pkg
onionshare tor-browser
] ++ [ onionshare
irssi ]
]; ++ [
irssi
];
}; };
} }

3
home/package-sets/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./communication.nix ./communication.nix
./dev.nix ./dev.nix

12
home/package-sets/dev.nix
View File

@ -1,8 +1,12 @@
{ pkgs, lib, config, osConfig ? {}, ... }:
let
cfg = config.nixfiles.packageSets.dev;
in
{ {
pkgs,
lib,
config,
osConfig ? {},
...
}: let
cfg = config.nixfiles.packageSets.dev;
in {
options.nixfiles.packageSets.dev = { options.nixfiles.packageSets.dev = {
enable = lib.mkEnableOption "development package set"; enable = lib.mkEnableOption "development package set";
}; };

70
home/package-sets/multimedia.nix
View File

@ -1,11 +1,15 @@
{ config, lib, pkgs, osConfig ? { }, ...}: {
let config,
lib,
pkgs,
osConfig ? {},
...
}: let
cfg = config.nixfiles.packageSets.multimedia; cfg = config.nixfiles.packageSets.multimedia;
inherit (lib) optionals mkEnableOption mkIf; inherit (lib) optionals mkEnableOption mkIf;
default = osConfig ? nixfiles && osConfig.nixfiles.packageSets.multimedia.enable; default = osConfig ? nixfiles && osConfig.nixfiles.packageSets.multimedia.enable;
mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v); mkOverrideEach = pri: lib.mapAttrs (_:v: lib.mkOverride pri v);
in in {
{
options.nixfiles.packageSets.multimedia = { options.nixfiles.packageSets.multimedia = {
enable = lib.mkOption { enable = lib.mkOption {
description = "Whether to enable multimedia packages"; description = "Whether to enable multimedia packages";
@ -16,41 +20,43 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; optionals config.nixfiles.meta.graphical [ home.packages = with pkgs;
mpv optionals config.nixfiles.meta.graphical [
gimp mpv
krita gimp
inkscape krita
obs-studio inkscape
nomacs obs-studio
audacity nomacs
picard audacity
spicetify-cli picard
(kodi.withPackages (_: [])) # this is required to get python libs spicetify-cli
] ++ [ (kodi.withPackages (_: [])) # this is required to get python libs
yt-dlp ]
gallery-dl ++ [
imagemagick yt-dlp
pngquant gallery-dl
ffmpeg imagemagick
gifski pngquant
]; ffmpeg
gifski
];
xdg.mimeApps.defaultApplications = lib.mkMerge [ xdg.mimeApps.defaultApplications = lib.mkMerge [
# project files # project files
(mkOverrideEach 100 { (mkOverrideEach 100 {
"image/x-xcf" = [ "gimp.desktop" ]; "image/x-xcf" = ["gimp.desktop"];
"image/x-compressed-xcf" = [ "gimp.desktop" ]; "image/x-compressed-xcf" = ["gimp.desktop"];
"image/x-krita" = [ "krita.desktop" ]; "image/x-krita" = ["krita.desktop"];
"application/x-audacity-project" = [ "audacity.desktop" ]; "application/x-audacity-project" = ["audacity.desktop"];
"application/x-audacity-project+sqlite3" = [ "audacity.desktop" ]; "application/x-audacity-project+sqlite3" = ["audacity.desktop"];
"image/svg+xml" = [ "org.inkscape.Inkscape.desktop" ]; "image/svg+xml" = ["org.inkscape.Inkscape.desktop"];
"image/svg+xml-compressed" = [ "org.inkscape.Inkscape.desktop" ]; "image/svg+xml-compressed" = ["org.inkscape.Inkscape.desktop"];
}) })
# general files # general files
(with pkgs; mkOverrideEach 150 (config.lib.xdg.mimeAssociations [ nomacs mpv ])) (with pkgs; mkOverrideEach 150 (config.lib.xdg.mimeAssociations [nomacs mpv]))
# rest of the files # rest of the files
(with pkgs; mkOverrideEach 200 (config.lib.xdg.mimeAssociations [ inkscape gimp audacity ])) (with pkgs; mkOverrideEach 200 (config.lib.xdg.mimeAssociations [inkscape gimp audacity]))
]; ];
}; };
} }

53
home/package-sets/productivity.nix
View File

@ -1,33 +1,38 @@
{ pkgs, lib, config, ... }: {
let pkgs,
lib,
config,
...
}: let
cfg = config.nixfiles.packageSets.productivity; cfg = config.nixfiles.packageSets.productivity;
inherit (lib) optionals; inherit (lib) optionals;
in in {
{
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
home.packages = with pkgs; optionals config.nixfiles.meta.graphical [ home.packages = with pkgs;
libreoffice-fresh optionals config.nixfiles.meta.graphical [
obsidian libreoffice-fresh
anki obsidian
anki
# mapping/GIS # mapping/GIS
qgis qgis
josm josm
] ++ [ ]
pandoc ++ [
]; pandoc
];
xdg.desktopEntries.obsidian = lib.mkIf config.nixfiles.meta.graphical { xdg.desktopEntries.obsidian = lib.mkIf config.nixfiles.meta.graphical {
categories = [ "Office" ]; categories = ["Office"];
comment = "Knowledge base"; comment = "Knowledge base";
exec = let exec = let
extraFlags = with lib.strings; extraFlags = with lib.strings;
optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu"; optionalString config.nixfiles.workarounds.nvidiaPrimary " --disable-gpu";
in "env NIXOS_OZONE_WL=1 obsidian${extraFlags} %u"; in "env NIXOS_OZONE_WL=1 obsidian${extraFlags} %u";
icon = "obsidian"; icon = "obsidian";
mimeType = [ "x-scheme-handler/obsidian" ]; mimeType = ["x-scheme-handler/obsidian"];
name = "Obsidian"; name = "Obsidian";
type = "Application"; type = "Application";
}; };
}; };

173
home/profile/base.nix
View File

@ -1,8 +1,12 @@
{ lib, pkgs, config, osConfig ? { }, ... }:
let
cfg = config.nixfiles.profile.base;
in
{ {
lib,
pkgs,
config,
osConfig ? {},
...
}: let
cfg = config.nixfiles.profile.base;
in {
# imports = [ # imports = [
# ./comma.nix # ./comma.nix
# ]; # ];
@ -31,7 +35,8 @@ in
"${config.home.profileDirectory}/share/terminfo" "${config.home.profileDirectory}/share/terminfo"
"/usr/share/terminfo" "/usr/share/terminfo"
]; ];
in builtins.concatStringsSep ":" terminfo-dirs; in
builtins.concatStringsSep ":" terminfo-dirs;
}) })
]; ];
@ -47,8 +52,9 @@ in
# presense of ~/.gitconfig. git will read from both files, and `git config` # presense of ~/.gitconfig. git will read from both files, and `git config`
# will not write to ~/.gitconfig when the managed config exists unless # will not write to ~/.gitconfig when the managed config exists unless
# ~/.gitconfig also exists # ~/.gitconfig also exists
home.activation.git-create-gitconfig = lib.mkIf config.programs.git.enable home.activation.git-create-gitconfig =
(lib.hm.dag.entryAfter [ "writeBoundary" ] '' lib.mkIf config.programs.git.enable
(lib.hm.dag.entryAfter ["writeBoundary"] ''
_nixfiles_git_create_gitconfig () { _nixfiles_git_create_gitconfig () {
if ! [[ -a "$HOME/.gitconfig" ]] ; then if ! [[ -a "$HOME/.gitconfig" ]] ; then
touch "$HOME/.gitconfig" touch "$HOME/.gitconfig"
@ -64,16 +70,18 @@ in
# defaultTerminal = # defaultTerminal =
# if config.programs.kitty.enable then "kitty" # if config.programs.kitty.enable then "kitty"
# else null; # else null;
in { in {
enable = lib.mkDefault true; enable = lib.mkDefault true;
settings = lib.mkMerge [{ settings = lib.mkMerge [
use_preview_script = lib.mkDefault true; {
preview_files = lib.mkDefault true; use_preview_script = lib.mkDefault true;
} (lib.mkIf (!(isNull defaultTerminal)) { preview_files = lib.mkDefault true;
preview_images = lib.mkDefault true; }
preview_images_method = lib.mkDefault defaultTerminal; (lib.mkIf (!(isNull defaultTerminal)) {
})]; preview_images = lib.mkDefault true;
preview_images_method = lib.mkDefault defaultTerminal;
})
];
}; };
programs.keychain = { programs.keychain = {
@ -83,7 +91,8 @@ in
extraFlags = [ extraFlags = [
"--quiet" "--quiet"
"--systemd" "--systemd"
"--inherit" "any-once" "--inherit"
"any-once"
"--noask" "--noask"
]; ];
}; };
@ -100,77 +109,79 @@ in
neofetch-hyfetch-shim = writeShellScriptBin "neofetch" '' neofetch-hyfetch-shim = writeShellScriptBin "neofetch" ''
exec "${pkgs.hyfetch}/bin/neowofetch" "$@" exec "${pkgs.hyfetch}/bin/neowofetch" "$@"
''; '';
in [ in
# nix stuff [
nvd # nix stuff
nix-tree nvd
nh nix-tree
nix-output-monitor nh
attic-client nix-output-monitor
nix-fast-build attic-client
nix-fast-build
git git
git-lfs git-lfs
stow stow
curl curl
# shell # shell
ripgrep ripgrep
fd fd
bat bat
moreutils moreutils
grc grc
fzf fzf
pv pv
jq jq
lsof lsof
xxd xxd
shellcheck shellcheck
# for icat on all systems # for icat on all systems
kitty.kitten kitty.kitten
# pretty # pretty
hyfetch hyfetch
neofetch-hyfetch-shim neofetch-hyfetch-shim
fastfetch fastfetch
# files # files
restic restic
rclone rclone
rmlint rmlint
ncdu ncdu
# compression # compression
atool-wrapped atool-wrapped
lzip lzip
plzip plzip
lzop lzop
xz xz
zip zip
unzip unzip
arj arj
rpm rpm
cpio cpio
p7zip p7zip
# other utilities # other utilities
tmux tmux
tmuxp tmuxp
openssh openssh
autossh autossh
mosh mosh
btop btop
htop htop
zoxide zoxide
asciinema asciinema
mtr mtr
] ++ builtins.map (x: lib.hiPrio x) [ ]
# terminfo (just the ones i'm likely to use) ++ builtins.map (x: lib.hiPrio x) [
kitty.terminfo # terminfo (just the ones i'm likely to use)
alacritty.terminfo kitty.terminfo
termite.terminfo alacritty.terminfo
tmux.terminfo termite.terminfo
]; tmux.terminfo
];
}; };
} }

3
home/profile/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./base.nix ./base.nix
./pc.nix ./pc.nix

12
home/profile/pc.nix
View File

@ -1,9 +1,13 @@
{ pkgs, config, osConfig ? {}, lib, ...}: {
let pkgs,
config,
osConfig ? {},
lib,
...
}: let
cfg = config.nixfiles.profile.pc; cfg = config.nixfiles.profile.pc;
default = osConfig ? nixfiles && osConfig.nixfiles.profile.pc.enable; default = osConfig ? nixfiles && osConfig.nixfiles.profile.pc.enable;
in in {
{
options.nixfiles.profile.pc.enable = lib.mkOption { options.nixfiles.profile.pc.enable = lib.mkOption {
description = "Whether to enable the personal computer profile"; description = "Whether to enable the personal computer profile";
type = lib.types.bool; type = lib.types.bool;

19
home/programs/comma.nix
View File

@ -1,8 +1,12 @@
{ lib, pkgs, config, inputs, ... } @args:
let
cfg = config.nixfiles.programs.comma;
in
{ {
lib,
pkgs,
config,
inputs,
...
} @ args: let
cfg = config.nixfiles.programs.comma;
in {
imports = [ imports = [
inputs.nix-index-database.hmModules.nix-index inputs.nix-index-database.hmModules.nix-index
]; ];
@ -13,8 +17,9 @@ in
config = { config = {
programs.nix-index.symlinkToCacheHome = lib.mkDefault cfg.enable; programs.nix-index.symlinkToCacheHome = lib.mkDefault cfg.enable;
home.packages = with pkgs; lib.optionals cfg.enable [ home.packages = with pkgs;
comma lib.optionals cfg.enable [
]; comma
];
}; };
} }

3
home/programs/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./comma.nix ./comma.nix
./mopidy.nix ./mopidy.nix

8
home/programs/dunst.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.programs.dunst; cfg = config.nixfiles.programs.dunst;
mkd = lib.mkDefault; mkd = lib.mkDefault;
in { in {

29
home/programs/hypridle.nix
View File

@ -1,21 +1,25 @@
{ pkgs, config, lib, ... }: {
let pkgs,
config,
lib,
...
}: let
cfg = config.nixfiles.services.hypridle; cfg = config.nixfiles.services.hypridle;
inherit (lib.types) str int; inherit (lib.types) str int;
in in {
{
options.nixfiles.services.hypridle = { options.nixfiles.services.hypridle = {
enable = lib.mkEnableOption "the hypridle configuration"; enable = lib.mkEnableOption "the hypridle configuration";
timeouts = let timeouts = let
mkTimeout = timeout: desc: lib.mkOption { mkTimeout = timeout: desc:
description = "${desc}"; lib.mkOption {
type = int; description = "${desc}";
default = timeout; type = int;
}; default = timeout;
};
in { in {
dpms = mkTimeout (300) "DPMS timeout"; dpms = mkTimeout 300 "DPMS timeout";
lock = mkTimeout (360) "Lock timeout"; lock = mkTimeout 360 "Lock timeout";
locked-dpms = mkTimeout (10) "DPMS timeout while locked"; locked-dpms = mkTimeout 10 "DPMS timeout while locked";
}; };
commands = { commands = {
dpms-off = lib.mkOption { dpms-off = lib.mkOption {
@ -57,7 +61,6 @@ in
lock-dpms = pkgs.writeShellScript "lock-dpms" '' lock-dpms = pkgs.writeShellScript "lock-dpms" ''
${pkgs.procps}/bin/pgrep -x swaylock > /dev/null && "${dpms-wrapped}" ${pkgs.procps}/bin/pgrep -x swaylock > /dev/null && "${dpms-wrapped}"
''; '';
in [ in [
{ {
timeout = cfg.timeouts.dpms; timeout = cfg.timeouts.dpms;

15
home/programs/mopidy.nix
View File

@ -1,8 +1,13 @@
{ lib, pkgs, config, outputs, osConfig ? {}, ... }:
let
cfg = config.nixfiles.programs.mopidy;
in
{ {
lib,
pkgs,
config,
outputs,
osConfig ? {},
...
}: let
cfg = config.nixfiles.programs.mopidy;
in {
options.nixfiles.programs.mopidy = { options.nixfiles.programs.mopidy = {
enable = lib.mkEnableOption "mopidy configuration"; enable = lib.mkEnableOption "mopidy configuration";
}; };
@ -38,7 +43,7 @@ in
]; ];
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [
(ncmpcpp.override { visualizerSupport = true; }) (ncmpcpp.override {visualizerSupport = true;})
]; ];
}; };
} }

11
home/programs/neovim.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
cfg = config.nixfiles.programs.neovim;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.programs.neovim;
in {
options.nixfiles.programs.neovim.enable = lib.mkEnableOption "the Neovim configuration"; options.nixfiles.programs.neovim.enable = lib.mkEnableOption "the Neovim configuration";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
programs.neovim = { programs.neovim = {

8
home/root.nix
View File

@ -1,8 +1,12 @@
# Configuration for root user. # Configuration for root user.
# TODO this file is sorta an exception to my repo organization, it should # TODO this file is sorta an exception to my repo organization, it should
# probably be somewhere else. # probably be somewhere else.
{ config, lib, pkgs, ... }@args: {
{ config,
lib,
pkgs,
...
} @ args: {
imports = [ imports = [
./. ./.
]; ];

3
home/sessions/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./hyprland ./hyprland
./plasma.nix ./plasma.nix

231
home/sessions/hyprland/default.nix
View File

@ -1,5 +1,12 @@
{ lib, pkgs, config, osConfig ? {}, outputs, inputs, ... }@args: {
let lib,
pkgs,
config,
osConfig ? {},
outputs,
inputs,
...
} @ args: let
cfg = config.nixfiles.sessions.hyprland; cfg = config.nixfiles.sessions.hyprland;
mkd = lib.mkDefault; mkd = lib.mkDefault;
hyprland-pkg = config.wayland.windowManager.hyprland.finalPackage; hyprland-pkg = config.wayland.windowManager.hyprland.finalPackage;
@ -24,13 +31,15 @@ let
lock-cmd = "${swaylock}"; lock-cmd = "${swaylock}";
mkKittyHdrop = name: command: let mkKittyHdrop = name: command: let
class = if builtins.isNull (builtins.match "[[:alnum:]_]+" name) then throw "mkKittyHdrop: window name should be an alphanumeric string" else "kitty-${name}"; class =
if builtins.isNull (builtins.match "[[:alnum:]_]+" name)
then throw "mkKittyHdrop: window name should be an alphanumeric string"
else "kitty-${name}";
wrappedCommand = pkgs.writeShellScript "hdrop-${name}" '' wrappedCommand = pkgs.writeShellScript "hdrop-${name}" ''
exec bash -c ${lib.escapeShellArg command} exec bash -c ${lib.escapeShellArg command}
''; '';
in "hdrop -f -c ${class} 'kitty --class=${class} ${wrappedCommand}'"; in "hdrop -f -c ${class} 'kitty --class=${class} ${wrappedCommand}'";
# lock-cmd = let # lock-cmd = let
# cmd = pkgs.writeShellScript "lock-script" '' # cmd = pkgs.writeShellScript "lock-script" ''
# ${swayidle} -w timeout 10 '${hyprctl} dispatch dpms off' resume '${hyprctl} dispatch dpms on' & # ${swayidle} -w timeout 10 '${hyprctl} dispatch dpms off' resume '${hyprctl} dispatch dpms on' &
@ -48,7 +57,7 @@ let
resume 'hyprctl dispatch dpms on' resume 'hyprctl dispatch dpms on'
''; '';
hypr-dispatcher-package = pkgs.callPackage ./dispatcher { hyprland = hyprland-pkg; }; hypr-dispatcher-package = pkgs.callPackage ./dispatcher {hyprland = hyprland-pkg;};
hypr-dispatcher = "${hypr-dispatcher-package}/bin/hypr-dispatcher"; hypr-dispatcher = "${hypr-dispatcher-package}/bin/hypr-dispatcher";
wallpaper-package = "${pkgs.nixfiles-assets}"; wallpaper-package = "${pkgs.nixfiles-assets}";
@ -56,7 +65,8 @@ let
wallpaper-cmd = "${swaybg} -i ${wallpaper-package}/share/wallpapers/${wallpaper}"; wallpaper-cmd = "${swaybg} -i ${wallpaper-package}/share/wallpapers/${wallpaper}";
# https://github.com/flatpak/xdg-desktop-portal-gtk/issues/440#issuecomment-1900520919 # https://github.com/flatpak/xdg-desktop-portal-gtk/issues/440#issuecomment-1900520919
xdpg-workaround = pkgs.writeShellScript "xdg-desktop-portal-gtk-workaround" xdpg-workaround =
pkgs.writeShellScript "xdg-desktop-portal-gtk-workaround"
'' ''
${pkgs.coreutils}/bin/sleep 3 ${pkgs.coreutils}/bin/sleep 3
${pkgs.systemd}/bin/systemctl --user import-environment PATH ${pkgs.systemd}/bin/systemctl --user import-environment PATH
@ -65,19 +75,20 @@ let
bar-cmd = "${pkgs.waybar}/bin/waybar"; bar-cmd = "${pkgs.waybar}/bin/waybar";
# Hyprland workspace configuration # Hyprland workspace configuration
mainWorkspaces = builtins.genList (x: x+1) (9 ++ [0]); mainWorkspaces = builtins.genList (x: x + 1) (9 ++ [0]);
workspaceName = key: let workspaceName = key: let
inherit (builtins) hasAttr; inherit (builtins) hasAttr;
keyNames = { keyNames = {
"0" = "10"; "0" = "10";
}; };
in in
if hasAttr key keyNames then keyNames."${key}" else key; if hasAttr key keyNames
then keyNames."${key}"
else key;
inherit (outputs.packages.${pkgs.system}) wm-helpers; inherit (outputs.packages.${pkgs.system}) wm-helpers;
keysetting = "${wm-helpers}/bin/keysetting"; keysetting = "${wm-helpers}/bin/keysetting";
in in {
{
# FIXME this is temporary just to get it working, need to make wm-common an # FIXME this is temporary just to get it working, need to make wm-common an
# option first # option first
# imports = [ # imports = [
@ -88,7 +99,10 @@ in
enable = lib.mkOption { enable = lib.mkOption {
description = "Whether to enable hyprland."; description = "Whether to enable hyprland.";
type = lib.types.bool; type = lib.types.bool;
default = if (builtins.hasAttr "home-manager" osConfig) then osConfig.nixfiles.sessions.hyprland.enable else false; default =
if (builtins.hasAttr "home-manager" osConfig)
then osConfig.nixfiles.sessions.hyprland.enable
else false;
example = true; example = true;
}; };
@ -133,7 +147,6 @@ in
enable = true; enable = true;
package = lib.mkIf (osConfig ? programs) (lib.mkDefault osConfig.programs.hyprland.package); package = lib.mkIf (osConfig ? programs) (lib.mkDefault osConfig.programs.hyprland.package);
settings = { settings = {
# enable debug logging # enable debug logging
debug.disable_logs = mkd false; debug.disable_logs = mkd false;
@ -150,15 +163,17 @@ in
exec-once = let exec-once = let
wrapScope = cmd: "systemd-run --user --scope -- ${cmd}"; wrapScope = cmd: "systemd-run --user --scope -- ${cmd}";
in (lib.optional cfg.autolock lock-cmd) ++ (map wrapScope config.nixfiles.common.wm.autostart) ++ in
[ (lib.optional cfg.autolock lock-cmd)
wallpaper-cmd ++ (map wrapScope config.nixfiles.common.wm.autostart)
notifydaemon ++ [
polkit-agent wallpaper-cmd
idle-cmd notifydaemon
xdpg-workaround polkit-agent
bar-cmd idle-cmd
]; xdpg-workaround
bar-cmd
];
# Source a file (multi-file configs) # Source a file (multi-file configs)
# source = ~/.config/hypr/myColors.conf # source = ~/.config/hypr/myColors.conf
@ -166,14 +181,13 @@ in
# Some default env vars. # Some default env vars.
# env = mkd "XCURSOR_SIZE,24"; # env = mkd "XCURSOR_SIZE,24";
# For all categories, see https://wiki.hyprland.org/Configuring/Variables/ # For all categories, see https://wiki.hyprland.org/Configuring/Variables/
input = { input = {
kb_layout = mkd "us"; kb_layout = mkd "us";
# kb_variant = # kb_variant =
# kb_model = # kb_model =
# kb_options = # kb_options =
# kb_rules = # kb_rules =
kb_options = [ kb_options = [
"compose:ralt" "compose:ralt"
]; ];
@ -240,18 +254,18 @@ in
}; };
master = { master = {
# See https://wiki.hyprland.org/Configuring/Master-Layout/ for more # See https://wiki.hyprland.org/Configuring/Master-Layout/ for more
# new_is_master = mkd "true"; # new_is_master = mkd "true";
}; };
gestures = { gestures = {
# See https://wiki.hyprland.org/Configuring/Variables/ for more # See https://wiki.hyprland.org/Configuring/Variables/ for more
workspace_swipe = mkd "false"; workspace_swipe = mkd "false";
}; };
misc = { misc = {
# See https://wiki.hyprland.org/Configuring/Variables/ for more # See https://wiki.hyprland.org/Configuring/Variables/ for more
force_default_wallpaper = mkd 0; # Set to 0 to disable the anime mascot wallpapers force_default_wallpaper = mkd 0; # Set to 0 to disable the anime mascot wallpapers
}; };
"$mod" = mkd "SUPER"; "$mod" = mkd "SUPER";
@ -263,95 +277,98 @@ in
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more # See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more # Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
bind = [ bind =
"$mod, Q, exec, ${terminal}" [
"$mod, Return, exec, ${terminal}" "$mod, Q, exec, ${terminal}"
"$mod, C, killactive, " "$mod, Return, exec, ${terminal}"
"$mod, M, exit, " "$mod, C, killactive, "
"$mod, E, exec, ${files}" "$mod, M, exit, "
"$mod, V, togglefloating, " "$mod, E, exec, ${files}"
# run rofi in scope to help oomd not kill everything "$mod, V, togglefloating, "
"$mod, R, exec, systemd-run --user --scope -- ${rofi} -show drun" # run rofi in scope to help oomd not kill everything
"$mod, P, pseudo," # dwindle" "$mod, R, exec, systemd-run --user --scope -- ${rofi} -show drun"
"$mod, O, togglesplit," # dwindle" "$mod, P, pseudo," # dwindle"
"$mod, O, togglesplit," # dwindle"
"$mod, f, fullscreen" "$mod, f, fullscreen"
"$mod SHIFT, f, fullscreenstate, -1 2" "$mod SHIFT, f, fullscreenstate, -1 2"
"$mod CTRL, f, fullscreen, 1" "$mod CTRL, f, fullscreen, 1"
# Move focus with mod + arrow keys # Move focus with mod + arrow keys
"$mod, left, movefocus, l" "$mod, left, movefocus, l"
"$mod, right, movefocus, r" "$mod, right, movefocus, r"
"$mod, up, movefocus, u" "$mod, up, movefocus, u"
"$mod, down, movefocus, d" "$mod, down, movefocus, d"
"$mod, h, movefocus, l" "$mod, h, movefocus, l"
"$mod, j, movefocus, d" "$mod, j, movefocus, d"
"$mod, k, movefocus, u" "$mod, k, movefocus, u"
"$mod, l, movefocus, r" "$mod, l, movefocus, r"
"$mod SHIFT, h, swapwindow, l" "$mod SHIFT, h, swapwindow, l"
"$mod SHIFT, j, swapwindow, d" "$mod SHIFT, j, swapwindow, d"
"$mod SHIFT, k, swapwindow, u" "$mod SHIFT, k, swapwindow, u"
"$mod SHIFT, l, swapwindow, r" "$mod SHIFT, l, swapwindow, r"
# Switch workspaces with mod + [0-9] # Switch workspaces with mod + [0-9]
"$mod, 1, workspace, 1" "$mod, 1, workspace, 1"
"$mod, 2, workspace, 2" "$mod, 2, workspace, 2"
"$mod, 3, workspace, 3" "$mod, 3, workspace, 3"
"$mod, 4, workspace, 4" "$mod, 4, workspace, 4"
"$mod, 5, workspace, 5" "$mod, 5, workspace, 5"
"$mod, 6, workspace, 6" "$mod, 6, workspace, 6"
"$mod, 7, workspace, 7" "$mod, 7, workspace, 7"
"$mod, 8, workspace, 8" "$mod, 8, workspace, 8"
"$mod, 9, workspace, 9" "$mod, 9, workspace, 9"
"$mod, 0, workspace, 10" "$mod, 0, workspace, 10"
#] ++ map () [] ++ TODO reconfigure these with workspace helper function #] ++ map () [] ++ TODO reconfigure these with workspace helper function
#[ #[
# Move active window to a workspace with mod + SHIFT + [0-9] # Move active window to a workspace with mod + SHIFT + [0-9]
"$mod SHIFT, 1, movetoworkspace, 1" "$mod SHIFT, 1, movetoworkspace, 1"
"$mod SHIFT, 2, movetoworkspace, 2" "$mod SHIFT, 2, movetoworkspace, 2"
"$mod SHIFT, 3, movetoworkspace, 3" "$mod SHIFT, 3, movetoworkspace, 3"
"$mod SHIFT, 4, movetoworkspace, 4" "$mod SHIFT, 4, movetoworkspace, 4"
"$mod SHIFT, 5, movetoworkspace, 5" "$mod SHIFT, 5, movetoworkspace, 5"
"$mod SHIFT, 6, movetoworkspace, 6" "$mod SHIFT, 6, movetoworkspace, 6"
"$mod SHIFT, 7, movetoworkspace, 7" "$mod SHIFT, 7, movetoworkspace, 7"
"$mod SHIFT, 8, movetoworkspace, 8" "$mod SHIFT, 8, movetoworkspace, 8"
"$mod SHIFT, 9, movetoworkspace, 9" "$mod SHIFT, 9, movetoworkspace, 9"
"$mod SHIFT, 0, movetoworkspace, 10" "$mod SHIFT, 0, movetoworkspace, 10"
# TODO find a different keybind for this because damn you muscle memory # TODO find a different keybind for this because damn you muscle memory
# # Example special workspace (scratchpad) # # Example special workspace (scratchpad)
# "$mod, S, togglespecialworkspace, magic" # "$mod, S, togglespecialworkspace, magic"
# "$mod SHIFT, S, movetoworkspace, special:magic" # "$mod SHIFT, S, movetoworkspace, special:magic"
"$mod SHIFT, S, exec, ${grimblast} copy area" "$mod SHIFT, S, exec, ${grimblast} copy area"
"$mod CONTROL SHIFT, S, exec, ${grimblast} copy output" "$mod CONTROL SHIFT, S, exec, ${grimblast} copy output"
",Print, exec, ${grimblast} copy output" ",Print, exec, ${grimblast} copy output"
# lock screen # lock screen
"$mod SHIFT, x, exec, ${lock-cmd}" "$mod SHIFT, x, exec, ${lock-cmd}"
# volume mixer # volume mixer
"$mod CTRL, v, exec, ${mkKittyHdrop "pulsemixer" "pulsemixer"}" "$mod CTRL, v, exec, ${mkKittyHdrop "pulsemixer" "pulsemixer"}"
# Scroll through existing workspaces with mod + scroll # Scroll through existing workspaces with mod + scroll
"$mod, mouse_down, workspace, e+1" "$mod, mouse_down, workspace, e+1"
"$mod, mouse_up, workspace, e-1" "$mod, mouse_up, workspace, e-1"
# show this file (help) # show this file (help)
# ("$mod, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim '+set nomodifiable' '+noremap q :q<CR>' " # ("$mod, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim '+set nomodifiable' '+noremap q :q<CR>' "
# + lib.escapeShellArg (args.vars.self.outPath + "/home/sessions/hyprland/default.nix")) # + lib.escapeShellArg (args.vars.self.outPath + "/home/sessions/hyprland/default.nix"))
# edit this file # edit this file
("$mod SHIFT, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim " ("$mod SHIFT, slash, exec, ${terminal} -e ${pkgs.neovim}/bin/nvim "
+ lib.escapeShellArg (config.nixfiles.path + "/home/sessions/hyprland/default.nix")) + lib.escapeShellArg (config.nixfiles.path + "/home/sessions/hyprland/default.nix"))
] ++ lib.optional config.nixfiles.programs.mopidy.enable ]
++ lib.optional config.nixfiles.programs.mopidy.enable
"$mod CTRL, n, exec, ${mkKittyHdrop "ncmpcpp" "ncmpcpp"}"; "$mod CTRL, n, exec, ${mkKittyHdrop "ncmpcpp" "ncmpcpp"}";
# repeat, ignore mods # repeat, ignore mods
bindei = lib.mapAttrsToList (keysym: command: ",${keysym}, exec, ${command}") config.nixfiles.common.wm.finalKeybinds bindei =
++ [ lib.mapAttrsToList (keysym: command: ",${keysym}, exec, ${command}") config.nixfiles.common.wm.finalKeybinds
]; ++ [
];
bindm = [ bindm = [
# Move/resize windows with mod + LMB/RMB and dragging # Move/resize windows with mod + LMB/RMB and dragging

29
home/sessions/hyprland/dispatcher/default.nix
View File

@ -1,19 +1,20 @@
{ lib, {
lib,
stdenvNoCC, stdenvNoCC,
socat, socat,
coreutils, coreutils,
hyprland, hyprland,
makeShellWrapper }: makeShellWrapper,
let }: let
wrappedPath = lib.makeBinPath [ coreutils socat hyprland ]; wrappedPath = lib.makeBinPath [coreutils socat hyprland];
in in
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
name = "hyprland-dispatcher"; name = "hyprland-dispatcher";
phases = [ "installPhase" ]; phases = ["installPhase"];
nativeBuildInputs = [ makeShellWrapper ]; nativeBuildInputs = [makeShellWrapper];
src = ./.; src = ./.;
installPhase = '' installPhase = ''
install -Dm555 $src/dispatcher.sh $out/bin/hypr-dispatcher install -Dm555 $src/dispatcher.sh $out/bin/hypr-dispatcher
wrapProgramShell $out/bin/hypr-dispatcher --prefix PATH : "${wrappedPath}" wrapProgramShell $out/bin/hypr-dispatcher --prefix PATH : "${wrappedPath}"
''; '';
} }

20
home/sessions/plasma.nix
View File

@ -1,9 +1,13 @@
{ pkgs, config, lib, osConfig ? {}, ... }: {
let pkgs,
config,
lib,
osConfig ? {},
...
}: let
inherit (lib) mkOption mkEnableOption; inherit (lib) mkOption mkEnableOption;
cfg = config.nixfiles.sessions.plasma; cfg = config.nixfiles.sessions.plasma;
in in {
{
options.nixfiles.sessions.plasma = { options.nixfiles.sessions.plasma = {
enable = lib.mkOption { enable = lib.mkOption {
description = "Whether to enable the Plasma session home configuration."; description = "Whether to enable the Plasma session home configuration.";
@ -13,12 +17,12 @@ in
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# TODO make this a generic implementation # TODO make this a generic implementation
home.packages = let home.packages = let
startupScript = pkgs.writeShellScript "autostart-script" startupScript =
pkgs.writeShellScript "autostart-script"
(lib.concatStringsSep "\n" (lib.concatStringsSep "\n"
(builtins.map (x: "sh -c ${lib.escapeShellArg x} &") config.nixfiles.common.wm.autostart)); (builtins.map (x: "sh -c ${lib.escapeShellArg x} &") config.nixfiles.common.wm.autostart));
name = "home-manager-autostart"; name = "home-manager-autostart";
desktopFilePkg = pkgs.makeDesktopItem { desktopFilePkg = pkgs.makeDesktopItem {
@ -30,6 +34,6 @@ in
mkdir -p $out/etc/xdg/autostart mkdir -p $out/etc/xdg/autostart
ln -s "${desktopFilePkg}/share/applications/${name}.desktop" "$out/etc/xdg/autostart/" ln -s "${desktopFilePkg}/share/applications/${name}.desktop" "$out/etc/xdg/autostart/"
''; '';
in [ autostartPkg ]; in [autostartPkg];
}; };
} }

7
home/standalone.nix
View File

@ -1,7 +1,12 @@
# Home Manager default nixfiles entrypoint. This serves as an alternative to # Home Manager default nixfiles entrypoint. This serves as an alternative to
# default.nix, which sets up some more appropriate options for home-manager # default.nix, which sets up some more appropriate options for home-manager
{ inputs, pkgs, config, lib, ... }:
{ {
inputs,
pkgs,
config,
lib,
...
}: {
imports = [ imports = [
./. ./.
inputs.stylix.homeManagerModules.stylix inputs.stylix.homeManagerModules.stylix

9
home/stylix.nix
View File

@ -1,6 +1,11 @@
{ pkgs, lib, config, inputs, ... }@args:
{ {
imports = [ ]; pkgs,
lib,
config,
inputs,
...
} @ args: {
imports = [];
config = { config = {
stylix = lib.mkMerge [ stylix = lib.mkMerge [
{ {

12
hosts/nixos-wsl/configuration.nix
View File

@ -1,5 +1,10 @@
{ pkgs, config, lib, vars, ... }:
{ {
pkgs,
config,
lib,
vars,
...
}: {
config = { config = {
networking.hostName = "nixos-wsl"; networking.hostName = "nixos-wsl";
@ -26,7 +31,7 @@
RemainAfterExit = true; RemainAfterExit = true;
}; };
description = "WSL startup workaround"; description = "WSL startup workaround";
wantedBy = [ "default.target" ]; wantedBy = ["default.target"];
}; };
}; };
@ -42,10 +47,9 @@
noto-fonts-cjk-sans noto-fonts-cjk-sans
]; ];
fileSystems."/mnt/wsl/instances/NixOS" = { fileSystems."/mnt/wsl/instances/NixOS" = {
device = "/"; device = "/";
options = [ "bind" ]; options = ["bind"];
}; };
# standard disclaimer don't change this for any reason whatsoever # standard disclaimer don't change this for any reason whatsoever

9
hosts/nixos-wsl/home.nix
View File

@ -1,7 +1,12 @@
{ pkgs, lib, config, osConfig ? {}, ... }:
{ {
pkgs,
lib,
config,
osConfig ? {},
...
}: {
config = { config = {
nixfiles = { nixfiles = {
profile.base.enable = true; profile.base.enable = true;
packageSets.dev.enable = true; packageSets.dev.enable = true;
packageSets.multimedia.enable = true; packageSets.multimedia.enable = true;

17
hosts/nullbox/backup.nix
View File

@ -1,20 +1,22 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
inherit (lib) escapeShellArg; inherit (lib) escapeShellArg;
secret = name: config.age.secrets."${name}".path; secret = name: config.age.secrets."${name}".path;
fs = config.fileSystems."/srv/mcserver"; fs = config.fileSystems."/srv/mcserver";
in in {
{
config = { config = {
age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age; age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age;
age.secrets.restic-password.file = ../../secrets/restic-password.age; age.secrets.restic-password.file = ../../secrets/restic-password.age;
systemd.services.restic-backups-system = { systemd.services.restic-backups-system = {
path = with pkgs; [ btrfs-progs ]; path = with pkgs; [btrfs-progs];
}; };
services.restic.backups.system = { services.restic.backups.system = {
# create an atomic backup # create an atomic backup
backupPrepareCommand = '' backupPrepareCommand = ''
set -Eeuxo pipefail set -Eeuxo pipefail
@ -47,7 +49,6 @@ in
"--tag=auto" "--tag=auto"
"--group-by=host,tag" "--group-by=host,tag"
]; ];
}; };
}; };
} }

50
hosts/nullbox/configuration.nix
View File

@ -1,51 +1,51 @@
# vim: set ts=2 sw=2 et: # vim: set ts=2 sw=2 et:
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ config, lib, pkgs, inputs, ... }:
{ {
config,
lib,
pkgs,
inputs,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
# Encryption
./luks.nix
./mcserver.nix
imports = ./impermanence.nix
[ # Include the results of the hardware scan.
./hardware-configuration.nix
# Encryption
./luks.nix
./mcserver.nix
./impermanence.nix ./backup.nix
];
./backup.nix
];
config = { config = {
fileSystems = lib.mkMerge [ fileSystems = lib.mkMerge [
{ {
"/ntfs" = { "/ntfs" = {
fsType = "ntfs-3g"; fsType = "ntfs-3g";
device = "/dev/disk/by-uuid/6AC23F0FC23EDF4F"; device = "/dev/disk/by-uuid/6AC23F0FC23EDF4F";
options = [ "auto_cache" "nofail" ]; options = ["auto_cache" "nofail"];
}; };
"/.btrfsroot" = { "/.btrfsroot" = {
options = [ "subvol=/" ]; options = ["subvol=/"];
}; };
} }
(lib.genAttrs [ "/.btrfsroot" "/" "/home" "/nix" ] ( fs: { (lib.genAttrs ["/.btrfsroot" "/" "/home" "/nix"] (fs: {
options = [ "compress=zstd" ]; options = ["compress=zstd"];
})) }))
]; ];
specialisation.hyprland.configuration = { specialisation.hyprland.configuration = {
system.nixos.tags = [ "Hyprland" ]; system.nixos.tags = ["Hyprland"];
nixfiles = { nixfiles = {
session = "hyprland"; session = "hyprland";
}; };
}; };
hardware.cpu.intel.updateMicrocode = true; hardware.cpu.intel.updateMicrocode = true;
services.udev.extraRules = '' services.udev.extraRules = ''
@ -62,7 +62,7 @@
workarounds.nvidiaPrimary = true; workarounds.nvidiaPrimary = true;
programs.greetd = { programs.greetd = {
settings = { settings = {
randr = [ "--output" "HDMI-A-3" "--off" ]; randr = ["--output" "HDMI-A-3" "--off"];
autologin = false; autologin = false;
autologinUser = "nullbite"; autologinUser = "nullbite";
autolock = false; autolock = false;
@ -118,7 +118,6 @@
# boot.loader.efi.canTouchEfiVariables = true; # boot.loader.efi.canTouchEfiVariables = true;
# see custom-hardware-configuration.nix # see custom-hardware-configuration.nix
# networking.hostName = "nixos"; # Define your hostname. # networking.hostName = "nixos"; # Define your hostname.
networking.hostName = "nullbox"; networking.hostName = "nullbox";
# Pick only one of the below networking options. # Pick only one of the below networking options.
@ -126,8 +125,7 @@
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone. # Set your time zone.
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
# Copy the NixOS configuration file and link it from the resulting system # Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you # (/run/current-system/configuration.nix). This is useful in case you
@ -142,6 +140,4 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?
}; };
} }

114
hosts/nullbox/hardware-configuration.nix
View File

@ -1,73 +1,77 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@root" ]; options = ["subvol=nixos/@root"];
}; };
fileSystems."/nix" = fileSystems."/nix" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@nix" ]; options = ["subvol=nixos/@nix"];
}; };
fileSystems."/.btrfsroot" = fileSystems."/.btrfsroot" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
}; };
fileSystems."/home" = fileSystems."/home" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = ["subvol=@home"];
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/F4D6-20B6"; device = "/dev/disk/by-uuid/F4D6-20B6";
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/srv/mcserver-old" = fileSystems."/srv/mcserver-old" = {
{ device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c"; device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@mcserver" ]; options = ["subvol=@mcserver"];
}; };
fileSystems."/srv/mcserver-old/.snapshots" = fileSystems."/srv/mcserver-old/.snapshots" = {
{ device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c"; device = "/dev/disk/by-uuid/7204ff85-6404-4bd7-ba0d-3fb23a5cf52c";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=snapshots/@mcserver" ]; options = ["subvol=snapshots/@mcserver"];
}; };
fileSystems."/srv/mcserver" = fileSystems."/srv/mcserver" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@mcserver" ]; options = ["subvol=@mcserver"];
}; };
fileSystems."/srv/mcserver/.snapshots" = fileSystems."/srv/mcserver/.snapshots" = {
{ device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5"; device = "/dev/disk/by-uuid/e36d1ab4-d18b-434e-80b5-0efca0652eb5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=snapshots/@mcserver" ]; options = ["subvol=snapshots/@mcserver"];
}; };
swapDevices = swapDevices = [
[ { device = "/dev/disk/by-uuid/4b86cbd6-6fc5-47d4-9d44-35eec59cb785"; } {device = "/dev/disk/by-uuid/4b86cbd6-6fc5-47d4-9d44-35eec59cb785";}
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

6
hosts/nullbox/home.nix
View File

@ -1,5 +1,9 @@
{ lib, pkgs, osConfig, ... }:
{ {
lib,
pkgs,
osConfig,
...
}: {
imports = [ imports = [
]; ];

59
hosts/nullbox/impermanence.nix
View File

@ -1,11 +1,16 @@
{ pkgs, config, lib, ... }: {
let pkgs,
config,
lib,
...
}: let
inherit (lib) escapeShellArg; inherit (lib) escapeShellArg;
# (wip) more configurable than old one, will be used by volatile btrfs module # (wip) more configurable than old one, will be used by volatile btrfs module
mkBtrfsInit = { volatileRoot ? "/volatile", mkBtrfsInit = {
oldRoots ? "/old_roots", volatileRoot ? "/volatile",
volume }: oldRoots ? "/old_roots",
'' volume,
}: ''
mkdir -p /btrfs_tmp mkdir -p /btrfs_tmp
mount ${escapeShellArg volume} /btrfs_tmp -o subvol=/ mount ${escapeShellArg volume} /btrfs_tmp -o subvol=/
@ -34,7 +39,7 @@ in {
neededForBoot = true; neededForBoot = true;
device = root_vol; device = root_vol;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/nixos/@persist" ]; options = ["subvol=/nixos/@persist"];
}; };
# TODO volatile btrfs module # TODO volatile btrfs module
@ -47,7 +52,7 @@ in {
fileSystems."/" = lib.mkForce { fileSystems."/" = lib.mkForce {
device = root_vol; device = root_vol;
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/nixos/volatile" ]; options = ["subvol=/nixos/volatile"];
}; };
# agenix fix # agenix fix
@ -74,15 +79,24 @@ in {
# probably NEVER be excluded removed. # probably NEVER be excluded removed.
"/var/lib/nixos/" "/var/lib/nixos/"
# password files for user.user.<name>.hashedPasswordFile # password files for user.user.<name>.hashedPasswordFile
{ directory = "/etc/passfile"; mode = "0700"; } {
directory = "/etc/passfile";
mode = "0700";
}
# persistent non-declarative config # persistent non-declarative config
"/etc/nixos" "/etc/nixos"
"/etc/ssh" "/etc/ssh"
{ directory = "/etc/wireguard"; mode = "0700"; } {
directory = "/etc/wireguard";
mode = "0700";
}
# let's keep the root home dir as well # let's keep the root home dir as well
{ directory = "/root"; mode = "0700"; } {
directory = "/root";
mode = "0700";
}
# system state # system state
"/etc/NetworkManager/system-connections" "/etc/NetworkManager/system-connections"
@ -93,14 +107,29 @@ in {
"/var/lib/power-profiles-daemon" "/var/lib/power-profiles-daemon"
"/var/lib/systemd/rfkill" "/var/lib/systemd/rfkill"
"/var/lib/systemd/timesync" "/var/lib/systemd/timesync"
{ directory = "/var/lib/tailscale"; mode = "0700"; } {
directory = "/var/lib/tailscale";
mode = "0700";
}
"/var/lib/unbound" "/var/lib/unbound"
"/var/db/sudo/lectured" "/var/db/sudo/lectured"
# remember login stuff # remember login stuff
{ directory = "/var/cache/tuigreet"; user = "greeter"; group = "greeter"; } {
{ directory = "/var/cache/regreet"; user = "greeter"; group = "greeter"; } directory = "/var/cache/tuigreet";
{ directory = "/var/lib/regreet"; user = "greeter"; group = "greeter"; } user = "greeter";
group = "greeter";
}
{
directory = "/var/cache/regreet";
user = "greeter";
group = "greeter";
}
{
directory = "/var/lib/regreet";
user = "greeter";
group = "greeter";
}
]; ];
files = [ files = [

13
hosts/nullbox/luks.nix
View File

@ -1,8 +1,11 @@
{ pkgs, config, lib, ... }:
let
usb = "903D-DF5B";
in
{ {
pkgs,
config,
lib,
...
}: let
usb = "903D-DF5B";
in {
config = { config = {
# cryptsetup # cryptsetup
boot.initrd.kernelModules = ["uas" "usbcore" "usb_storage"]; boot.initrd.kernelModules = ["uas" "usbcore" "usb_storage"];
@ -16,7 +19,7 @@ in
mount -n -t vfat -o ro `findfs UUID=${usb}` /key mount -n -t vfat -o ro `findfs UUID=${usb}` /key
''; '';
device="/dev/disk/by-uuid/85b5f22e-0fa5-4f0d-8fba-f800a0b41671"; device = "/dev/disk/by-uuid/85b5f22e-0fa5-4f0d-8fba-f800a0b41671";
keyFile = "/key/image.png"; # yes it's literally an image file. bite me keyFile = "/key/image.png"; # yes it's literally an image file. bite me
allowDiscards = true; allowDiscards = true;
fallbackToPassword = true; fallbackToPassword = true;

43
hosts/nullbox/mcserver.nix
View File

@ -1,18 +1,21 @@
{ pkgs, lib, config, ... }:
let
cfg = config.services.minecraft-servers;
in
{ {
pkgs,
lib,
config,
...
}: let
cfg = config.services.minecraft-servers;
in {
config = { config = {
fileSystems = { fileSystems = {
"/srv/mcserver".options = [ "compress=zstd" "nofail" ]; "/srv/mcserver".options = ["compress=zstd" "nofail"];
"/srv/mcserver/.snapshots".options = [ "compress=zstd" "nofail" ]; "/srv/mcserver/.snapshots".options = ["compress=zstd" "nofail"];
}; };
networking.firewall.trustedInterfaces = [ "wg0" ]; networking.firewall.trustedInterfaces = ["wg0"];
users = { users = {
users = { users = {
nullbite.extraGroups = [ "minecraft" ]; nullbite.extraGroups = ["minecraft"];
}; };
}; };
@ -45,18 +48,19 @@ in
nulllite-staging = let nulllite-staging = let
commit = "b8c639a"; commit = "b8c639a";
packHash = "sha256-HTDVIkcBf0DyLbSCuU08/HnEQuesi3cmXXhB4y4lyko="; packHash = "sha256-HTDVIkcBf0DyLbSCuU08/HnEQuesi3cmXXhB4y4lyko=";
in pkgs.fetchPackwizModpack { in
url = "https://gitea.protogen.io/nullbite/nulllite/raw/commit/${commit}/pack.toml"; pkgs.fetchPackwizModpack {
inherit packHash; url = "https://gitea.protogen.io/nullbite/nulllite/raw/commit/${commit}/pack.toml";
}; inherit packHash;
};
in { in {
nulllite-staging = { nulllite-staging = {
useRecommendedDefaults = true; useRecommendedDefaults = true;
enable = true; enable = true;
autoStart = false; autoStart = false;
modpack = nulllite-staging; modpack = nulllite-staging;
modpackSymlinks = [ "mods" ]; modpackSymlinks = ["mods"];
modpackFiles = [ "config/" ]; modpackFiles = ["config/"];
serverProperties.server-port = 25574; serverProperties.server-port = 25574;
serverProperties.motd = "staging server"; serverProperties.motd = "staging server";
}; };
@ -65,8 +69,8 @@ in
enable = true; enable = true;
autoStart = true; autoStart = true;
modpack = pkgs.modpacks.notlite; modpack = pkgs.modpacks.notlite;
modpackSymlinks = [ "config/yosbr" "config/quilt-loader-overrides.json" "mods" ]; modpackSymlinks = ["config/yosbr" "config/quilt-loader-overrides.json" "mods"];
modpackFiles = [ "kubejs/" ]; modpackFiles = ["kubejs/"];
serverProperties = { serverProperties = {
motd = "owo what's this (nix notlite edition)"; motd = "owo what's this (nix notlite edition)";
server-port = 25567; server-port = 25567;
@ -76,11 +80,10 @@ in
level-seed = "8555431723250870652"; level-seed = "8555431723250870652";
level-type = "bclib:normal"; level-type = "bclib:normal";
}; };
}; };
minecraft-nixtest = let minecraft-nixtest = let
self = cfg.servers.minecraft-nixtest; self = cfg.servers.minecraft-nixtest;
package = pkgs.quiltServers.quilt-1_20_1.override { loaderVersion = "0.21.0"; }; package = pkgs.quiltServers.quilt-1_20_1.override {loaderVersion = "0.21.0";};
in { in {
useRecommendedDefaults = true; useRecommendedDefaults = true;
enable = false; enable = false;
@ -92,8 +95,8 @@ in
NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4"; NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4";
Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12"; Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12";
}; };
modpackSymlinks = [ "mods" ]; modpackSymlinks = ["mods"];
modpackFiles = [ "config/" "kubejs/" ]; modpackFiles = ["config/" "kubejs/"];
serverProperties = rec { serverProperties = rec {
motd = "owo what's this (nix edition)"; motd = "owo what's this (nix edition)";
server-port = 25568; server-port = 25568;

6
hosts/nullbox/unbound.nix
View File

@ -1,5 +1,9 @@
{ pkgs, lib, config, ... }:
{ {
pkgs,
lib,
config,
...
}: {
config = { config = {
networking.networkmanager.dns = "none"; networking.networkmanager.dns = "none";
services.unbound.enable = true; services.unbound.enable = true;

398
hosts/rpi4/authelia.nix
View File

@ -3,10 +3,10 @@
lib, lib,
pkgs, pkgs,
... ...
}: }: let
let
inherit (lib) types mkIf optionalString; inherit (lib) types mkIf optionalString;
inherit (builtins) inherit
(builtins)
isNull isNull
any any
all all
@ -20,22 +20,18 @@ let
"regular" "regular"
"basic" "basic"
]; ];
getUpstreamFromInstance = getUpstreamFromInstance = instance: let
instance: inherit (config.services.authelia.instances.${instance}.settings) server;
let port = server.port or 9091;
inherit (config.services.authelia.instances.${instance}.settings) server; host = server.host or "127.0.0.1";
port = server.port or 9091;
host = server.host or "127.0.0.1";
targetHost = targetHost =
if host == "0.0.0.0" then if host == "0.0.0.0"
"127.0.0.1" then "127.0.0.1"
else if lib.hasInfix ":" host then else if lib.hasInfix ":" host
throw "TODO IPv6 not supported in Authelia server address (hard to parse, can't tell if it is [::])." then throw "TODO IPv6 not supported in Authelia server address (hard to parse, can't tell if it is [::])."
else else host;
host; in "http://${targetHost}:${toString port}";
in
"http://${targetHost}:${toString port}";
# use this when reverse proxying to authelia (and only authelia because i # use this when reverse proxying to authelia (and only authelia because i
# like the nixos recommended proxy settings better) # like the nixos recommended proxy settings better)
@ -116,212 +112,204 @@ let
proxy_set_header X-Forwarded-URI $request_uri; proxy_set_header X-Forwarded-URI $request_uri;
''; '';
genAuthConfig = genAuthConfig = method: let
method: snippet_regular = ''
let ## Configure the redirection when the authz failure occurs. Lines starting
snippet_regular = '' ## with 'Modern Method' and 'Legacy Method' should be commented /
## Configure the redirection when the authz failure occurs. Lines starting ## uncommented as pairs. The modern method uses the session cookies
## with 'Modern Method' and 'Legacy Method' should be commented / ## configuration's authelia_url value to determine the redirection URL here.
## uncommented as pairs. The modern method uses the session cookies ## It's much simpler and compatible with the mutli-cookie domain easily.
## configuration's authelia_url value to determine the redirection URL here.
## It's much simpler and compatible with the mutli-cookie domain easily.
## Modern Method: Set the $redirection_url to the Location header of the ## Modern Method: Set the $redirection_url to the Location header of the
## response to the Authz endpoint. ## response to the Authz endpoint.
auth_request_set $redirection_url $upstream_http_location; auth_request_set $redirection_url $upstream_http_location;
## Modern Method: When there is a 401 response code from the authz endpoint ## Modern Method: When there is a 401 response code from the authz endpoint
## redirect to the $redirection_url. ## redirect to the $redirection_url.
error_page 401 =302 $redirection_url; error_page 401 =302 $redirection_url;
'';
in
''
## Send a subrequest to Authelia to verify if the user is authenticated and
# has permission to access the resource.
auth_request /internal/authelia/authz${optionalString (method == "basic") "/basic"};
## Save the upstream metadata response headers from Authelia to variables.
auth_request_set $user $upstream_http_remote_user;
auth_request_set $groups $upstream_http_remote_groups;
auth_request_set $name $upstream_http_remote_name;
auth_request_set $email $upstream_http_remote_email;
## Inject the metadata response headers from the variables into the request
## made to the backend.
proxy_set_header Remote-User $user;
proxy_set_header Remote-Groups $groups;
proxy_set_header Remote-Name $name;
proxy_set_header Remote-Email $email;
${optionalString (method == "regular") snippet_regular}
''; '';
genAuthConfigPkg = in ''
method: pkgs.writeText "authelia-authrequest-${method}.conf" (genAuthConfig method); ## Send a subrequest to Authelia to verify if the user is authenticated and
in # has permission to access the resource.
{
auth_request /internal/authelia/authz${optionalString (method == "basic") "/basic"};
## Save the upstream metadata response headers from Authelia to variables.
auth_request_set $user $upstream_http_remote_user;
auth_request_set $groups $upstream_http_remote_groups;
auth_request_set $name $upstream_http_remote_name;
auth_request_set $email $upstream_http_remote_email;
## Inject the metadata response headers from the variables into the request
## made to the backend.
proxy_set_header Remote-User $user;
proxy_set_header Remote-Groups $groups;
proxy_set_header Remote-Name $name;
proxy_set_header Remote-Email $email;
${optionalString (method == "regular") snippet_regular}
'';
genAuthConfigPkg = method: pkgs.writeText "authelia-authrequest-${method}.conf" (genAuthConfig method);
in {
# authelia # authelia
options.services.nginx = options.services.nginx = let
let mkAttrsOfSubmoduleOpt = module: lib.mkOption {type = with types; attrsOf (submodule module);};
mkAttrsOfSubmoduleOpt = module: lib.mkOption { type = with types; attrsOf (submodule module); };
# make system config accessible from submodules # make system config accessible from submodules
systemConfig = config; systemConfig = config;
# submodule definitions # submodule definitions
vhostModule = vhostModule = {
{ name, config, ... }@attrs: name,
{ config,
options = { ...
locations = mkAttrsOfSubmoduleOpt (genLocationModule attrs); } @ attrs: {
authelia = { options = {
endpoint = { locations = mkAttrsOfSubmoduleOpt (genLocationModule attrs);
instance = lib.mkOption { authelia = {
description = '' endpoint = {
Local Authelia instance to act as the authentication endpoint. instance = lib.mkOption {
This virtualHost will be configured to provide the description = ''
public-facing authentication service. Local Authelia instance to act as the authentication endpoint.
''; This virtualHost will be configured to provide the
type = with types; nullOr str; public-facing authentication service.
default = null; '';
}; type = with types; nullOr str;
upstream = lib.mkOption { default = null;
description = '' };
Internal URL of the Authelia endpoint to forward authentication upstream = lib.mkOption {
requests to. description = ''
''; Internal URL of the Authelia endpoint to forward authentication
type = with types; nullOr str; requests to.
default = null; '';
}; type = with types; nullOr str;
}; default = null;
instance = lib.mkOption {
description = ''
Local Authelia instance to use. Setting this option will
automatically configure Authelia on the specified virtualHost
with the given instance of Authelia.
'';
type = with types; nullOr str;
default = null;
};
upstream = lib.mkOption {
description = ''
Internal URL of the Authelia endpoint to forward authorization
requests to. This should not be the public-facing authentication
endpoint URL.
'';
type = with types; nullOr str;
default = null;
};
method = lib.mkOption {
description = ''
Default Authelia authentication method to use for all locations
in this virtualHost. Authentication is disabled by default for
all locations if this is set to `null`.
'';
type = with types; nullOr (enum validAuthMethods);
default = "regular";
example = "basic";
};
}; };
}; };
config = { instance = lib.mkOption {
authelia.upstream = mkIf (!(isNull config.authelia.instance)) (
getUpstreamFromInstance config.authelia.instance
);
authelia.endpoint.upstream = mkIf (!(isNull config.authelia.endpoint.instance)) (
getUpstreamFromInstance config.authelia.endpoint.instance
);
forceSSL = lib.mkIf (!(isNull config.authelia.endpoint.upstream)) true;
# authelia nginx internal endpoints
locations =
let
api = "${config.authelia.upstream}/api/authz/auth-request";
in
lib.mkMerge [
(lib.mkIf (!(isNull config.authelia.upstream)) {
# just setup both, they can't be accessed externally anyways.
"/internal/authelia/authz" = {
proxyPass = api;
recommendedProxySettings = false;
extraConfig = ''
include ${autheliaLocationConfig};
'';
};
"/internal/authelia/authz/basic" = {
proxyPass = "${api}/basic";
recommendedProxySettings = false;
extraConfig = ''
include ${autheliaBasicLocationConfig};
'';
};
})
(lib.mkIf (!(isNull config.authelia.endpoint.upstream)) {
"/" = {
extraConfig = ''
include "${autheliaProxyConfig}";
'';
proxyPass = "${config.authelia.endpoint.upstream}";
recommendedProxySettings = false;
};
"= /api/verify" = {
proxyPass = "${config.authelia.endpoint.upstream}";
recommendedProxySettings = false;
};
"/api/authz" = {
proxyPass = "${config.authelia.endpoint.upstream}";
recommendedProxySettings = false;
};
})
];
};
};
genLocationModule =
vhostAttrs:
{ name, config, ... }:
let
vhostConfig = vhostAttrs.config;
in
{
options.authelia.method = lib.mkOption {
description = '' description = ''
Authelia authentication method to use for this location. Local Authelia instance to use. Setting this option will
Authentication is disabled for this location if this is set to automatically configure Authelia on the specified virtualHost
`null`. with the given instance of Authelia.
'';
type = with types; nullOr str;
default = null;
};
upstream = lib.mkOption {
description = ''
Internal URL of the Authelia endpoint to forward authorization
requests to. This should not be the public-facing authentication
endpoint URL.
'';
type = with types; nullOr str;
default = null;
};
method = lib.mkOption {
description = ''
Default Authelia authentication method to use for all locations
in this virtualHost. Authentication is disabled by default for
all locations if this is set to `null`.
''; '';
type = with types; nullOr (enum validAuthMethods); type = with types; nullOr (enum validAuthMethods);
default = vhostConfig.authelia.method; default = "regular";
example = "basic"; example = "basic";
}; };
config = };
lib.mkIf };
( config = {
(!(lib.strings.hasPrefix "/internal/authelia/" name)) authelia.upstream = mkIf (!(isNull config.authelia.instance)) (
&& (!(isNull vhostConfig.authelia.upstream)) getUpstreamFromInstance config.authelia.instance
&& (!(isNull config.authelia.method)) );
) authelia.endpoint.upstream = mkIf (!(isNull config.authelia.endpoint.instance)) (
{ getUpstreamFromInstance config.authelia.endpoint.instance
);
forceSSL = lib.mkIf (!(isNull config.authelia.endpoint.upstream)) true;
# authelia nginx internal endpoints
locations = let
api = "${config.authelia.upstream}/api/authz/auth-request";
in
lib.mkMerge [
(lib.mkIf (!(isNull config.authelia.upstream)) {
# just setup both, they can't be accessed externally anyways.
"/internal/authelia/authz" = {
proxyPass = api;
recommendedProxySettings = false;
extraConfig = '' extraConfig = ''
include ${genAuthConfigPkg config.authelia.method}; include ${autheliaLocationConfig};
''; '';
}; };
}; "/internal/authelia/authz/basic" = {
proxyPass = "${api}/basic";
in recommendedProxySettings = false;
{ extraConfig = ''
virtualHosts = mkAttrsOfSubmoduleOpt vhostModule; include ${autheliaBasicLocationConfig};
'';
};
})
(lib.mkIf (!(isNull config.authelia.endpoint.upstream)) {
"/" = {
extraConfig = ''
include "${autheliaProxyConfig}";
'';
proxyPass = "${config.authelia.endpoint.upstream}";
recommendedProxySettings = false;
};
"= /api/verify" = {
proxyPass = "${config.authelia.endpoint.upstream}";
recommendedProxySettings = false;
};
"/api/authz" = {
proxyPass = "${config.authelia.endpoint.upstream}";
recommendedProxySettings = false;
};
})
];
};
}; };
genLocationModule = vhostAttrs: {
name,
config,
...
}: let
vhostConfig = vhostAttrs.config;
in {
options.authelia.method = lib.mkOption {
description = ''
Authelia authentication method to use for this location.
Authentication is disabled for this location if this is set to
`null`.
'';
type = with types; nullOr (enum validAuthMethods);
default = vhostConfig.authelia.method;
example = "basic";
};
config =
lib.mkIf
(
(!(lib.strings.hasPrefix "/internal/authelia/" name))
&& (!(isNull vhostConfig.authelia.upstream))
&& (!(isNull config.authelia.method))
)
{
extraConfig = ''
include ${genAuthConfigPkg config.authelia.method};
'';
};
};
in {
virtualHosts = mkAttrsOfSubmoduleOpt vhostModule;
};
# TODO check if any vhosts have authelia configured # TODO check if any vhosts have authelia configured
config = config = let
let # TODO later, there are only assertions here
# TODO later, there are only assertions here configured = any (
configured = any ( vhost: (!(isNull vhost.authelia.upstream)) || (!(isNull vhost.authelia.endpoint.upstream))
vhost: (!(isNull vhost.authelia.upstream)) || (!(isNull vhost.authelia.endpoint.upstream)) ) (attrValues nginx.virtualHosts);
) (attrValues nginx.virtualHosts); in
in
mkIf true { mkIf true {
assertions = [ assertions = [
{ {

14
hosts/rpi4/backup.nix
View File

@ -1,10 +1,13 @@
{ config, lib, pkgs, ... }:
let
secret = name: config.age.secrets."${name}".path;
in
{ {
config,
lib,
pkgs,
...
}: let
secret = name: config.age.secrets."${name}".path;
in {
config = { config = {
age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age; age.secrets.restic-rclone.file = ../../secrets/restic-rclone.age;
age.secrets.restic-password.file = ../../secrets/restic-password.age; age.secrets.restic-password.file = ../../secrets/restic-password.age;
services.restic.backups.system = { services.restic.backups.system = {
rcloneConfigFile = secret "restic-rclone"; rcloneConfigFile = secret "restic-rclone";
@ -38,7 +41,6 @@ in
"--tag=auto" "--tag=auto"
"--group-by=host,tag" "--group-by=host,tag"
]; ];
}; };
}; };
} }

44
hosts/rpi4/configuration.nix
View File

@ -1,19 +1,21 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on # your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
{ {
imports = config,
[ # Include the results of the hardware scan. lib,
./hardware-configuration.nix pkgs,
./services.nix ...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
./services.nix
./media-sync.nix ./media-sync.nix
./backup.nix ./backup.nix
]; ];
fileSystems = let fileSystems = let
mounts = [ mounts = [
@ -24,8 +26,9 @@
"/opt/hassio" "/opt/hassio"
"/opt/hassio/.snapshots" "/opt/hassio/.snapshots"
]; ];
fn = (x: { options = [ "compress=zstd" "commit=300" "noatime" ];}); fn = x: {options = ["compress=zstd" "commit=300" "noatime"];};
in lib.genAttrs mounts fn; in
lib.genAttrs mounts fn;
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default) # Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false; boot.loader.grub.enable = false;
@ -64,7 +67,7 @@
"wg0" "wg0"
"tailscale0" "tailscale0"
]; ];
networking.firewall.allowedUDPPorts = [ 51820 ]; networking.firewall.allowedUDPPorts = [51820];
services.openssh = { services.openssh = {
enable = true; enable = true;
@ -94,9 +97,6 @@
# Enable the X11 windowing system. # Enable the X11 windowing system.
# services.xserver.enable = true; # services.xserver.enable = true;
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.xkb.layout = "us"; # services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape"; # services.xserver.xkb.options = "eurosign:e,caps:escape";
@ -124,11 +124,11 @@
# tree # tree
# ]; # ];
# }; # };
users.users.nullbite = { users.users.nullbite = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; extraGroups = ["wheel"];
uid = 1000; uid = 1000;
}; };
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
@ -182,6 +182,4 @@
# #
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.11"; # Did you read the comment? system.stateVersion = "24.11"; # Did you read the comment?
} }

51
hosts/rpi4/gitea.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.gitea;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.services.gitea;
in {
config = { config = {
services.gitea = { services.gitea = {
enable = true; enable = true;
@ -32,19 +35,37 @@ in
DEFAULT_THEME = "catppuccin-mocha-pink"; DEFAULT_THEME = "catppuccin-mocha-pink";
THEMES = let THEMES = let
ctpAttrs = { ctpAttrs = {
flavor = [ "latte" "frappe" "macchiato" "mocha" ]; flavor = ["latte" "frappe" "macchiato" "mocha"];
accent = [ "rosewater" "flamingo" "pink" "mauve" accent = [
"red" "maroon" "peach" "yellow" "green" "teal" "rosewater"
"sky" "sapphire" "blue" ]; "flamingo"
"pink"
"mauve"
"red"
"maroon"
"peach"
"yellow"
"green"
"teal"
"sky"
"sapphire"
"blue"
];
}; };
ctpThemes = lib.mapCartesianProduct ctpThemes =
( { flavor, accent }: "catppuccin-${flavor}-${accent}" ) lib.mapCartesianProduct
({
flavor,
accent,
}: "catppuccin-${flavor}-${accent}")
ctpAttrs; ctpAttrs;
in lib.concatStringsSep "," ([ in
"gitea" lib.concatStringsSep "," ([
"arc-green" "gitea"
"auto" "arc-green"
] ++ ctpThemes); "auto"
]
++ ctpThemes);
}; };
}; };
}; };

118
hosts/rpi4/hardware-configuration.nix
View File

@ -1,75 +1,78 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" ]; boot.initrd.availableKernelModules = ["xhci_pci"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ ]; boot.kernelModules = [];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/.btrfsroot" = fileSystems."/.btrfsroot" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/" ]; options = ["subvol=/"];
}; };
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@" ]; options = ["subvol=nixos/@"];
}; };
fileSystems."/nix" = fileSystems."/nix" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@nix" ]; options = ["subvol=nixos/@nix"];
}; };
fileSystems."/home" = fileSystems."/home" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = ["subvol=@home"];
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/18e0dfd8-78bd-478d-9df8-1c28bc0b55df"; device = "/dev/disk/by-uuid/18e0dfd8-78bd-478d-9df8-1c28bc0b55df";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/srv/syncthing" = fileSystems."/srv/syncthing" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@syncthing" ]; options = ["subvol=/@syncthing"];
}; };
fileSystems."/srv/media" = fileSystems."/srv/media" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@media" ]; options = ["subvol=/@media"];
}; };
fileSystems."/opt/hassio" = fileSystems."/opt/hassio" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@hassio" ]; options = ["subvol=/@hassio"];
}; };
fileSystems."/opt/hassio/.snapshots" = fileSystems."/opt/hassio/.snapshots" = {
{ device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5"; device = "/dev/disk/by-uuid/112535b6-4318-4d26-812b-7baf0d65dae5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/snapshots/@hassio" ]; options = ["subvol=/snapshots/@hassio"];
}; };
swapDevices = [
swapDevices = {device = "/dev/disk/by-uuid/b8e046b3-28a2-47c5-b305-24be5be42eff";}
[ { device = "/dev/disk/by-uuid/b8e046b3-28a2-47c5-b305-24be5be42eff"; } ];
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
@ -81,4 +84,3 @@
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
} }

3
hosts/rpi4/home.nix
View File

@ -1,5 +1,4 @@
{ config, ... }: {config, ...}: {
{
config = { config = {
nixfiles.profile.base.enable = true; nixfiles.profile.base.enable = true;
programs.keychain.enable = false; programs.keychain.enable = false;

16
hosts/rpi4/media-sync.nix
View File

@ -1,11 +1,15 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
in { in {
config = { config = {
nixfiles.programs.syncthing.enable = true; nixfiles.programs.syncthing.enable = true;
systemd.timers.gallery-dl = { systemd.timers.gallery-dl = {
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
timerConfig = { timerConfig = {
OnBootSec = "5m"; OnBootSec = "5m";
OnUnitActiveSec = "13"; OnUnitActiveSec = "13";
@ -13,7 +17,7 @@ in {
}; };
}; };
systemd.services.gallery-dl = { systemd.services.gallery-dl = {
path = with pkgs; [ bash coreutils findutils gallery-dl ]; path = with pkgs; [bash coreutils findutils gallery-dl];
serviceConfig = { serviceConfig = {
# none of your fucking business # none of your fucking business
# TODO move this into an agenix secret probably # TODO move this into an agenix secret probably
@ -24,14 +28,14 @@ in {
}; };
systemd.timers.gallery-dl-dedup = { systemd.timers.gallery-dl-dedup = {
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
timerConfig = { timerConfig = {
OnCalendar = "03:00"; OnCalendar = "03:00";
RandomizedDelaySec = "3h"; RandomizedDelaySec = "3h";
}; };
}; };
systemd.services.gallery-dl-dedup = { systemd.services.gallery-dl-dedup = {
path = with pkgs ; [ bash coreutils rmlint ]; path = with pkgs; [bash coreutils rmlint];
serviceConfig = { serviceConfig = {
# likewise # likewise
ExecStart = "/srv/gallery-dl-dedup.sh"; ExecStart = "/srv/gallery-dl-dedup.sh";

460
hosts/rpi4/services.nix
View File

@ -1,15 +1,17 @@
{ config, lib, pkgs, ... }: {
let config,
lib,
pkgs,
...
}: let
inherit (config.age) secrets; inherit (config.age) secrets;
inherit (builtins) toString; inherit (builtins) toString;
in in {
{
imports = [ imports = [
./gitea.nix ./gitea.nix
./authelia.nix ./authelia.nix
]; ];
config = { config = {
age.secrets.cloudflaredns = { age.secrets.cloudflaredns = {
file = ../../secrets/cloudflare-dns.age; file = ../../secrets/cloudflare-dns.age;
group = "secrets"; group = "secrets";
@ -63,7 +65,7 @@ in
}; };
users.groups.secrets = {}; users.groups.secrets = {};
users.users.acme.extraGroups = [ "secrets" ]; users.users.acme.extraGroups = ["secrets"];
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
@ -97,57 +99,59 @@ in
}; };
}; };
users.users.nginx.extraGroups = [ "acme" ]; users.users.nginx.extraGroups = ["acme"];
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
80 443 80
443
# this is needed for node to work for some reason # this is needed for node to work for some reason
8123 8123
]; ];
users.groups.authelia-shared = { }; users.groups.authelia-shared = {};
services.authelia.instances = lib.mapAttrs (inst: opts: { services.authelia.instances =
enable = true; lib.mapAttrs (inst: opts: {
group = "authelia-shared"; enable = true;
secrets = { group = "authelia-shared";
jwtSecretFile = config.age.secrets.authelia-jwt.path; secrets = {
storageEncryptionKeyFile = config.age.secrets.authelia-storage.path; jwtSecretFile = config.age.secrets.authelia-jwt.path;
sessionSecretFile = config.age.secrets.authelia-session.path; storageEncryptionKeyFile = config.age.secrets.authelia-storage.path;
}; sessionSecretFile = config.age.secrets.authelia-session.path;
settings = { };
access_control.default_policy = "one_factor"; settings = {
storage.local.path = "/var/lib/authelia-${inst}/db.sqlite"; access_control.default_policy = "one_factor";
session.cookies = [ storage.local.path = "/var/lib/authelia-${inst}/db.sqlite";
{ session.cookies = [
domain = "protogen.io"; {
authelia_url = "https://auth.protogen.io"; domain = "protogen.io";
default_redirection_url = "https://searx.protogen.io"; authelia_url = "https://auth.protogen.io";
} default_redirection_url = "https://searx.protogen.io";
{ }
domain = "nbt.sh"; {
authelia_url = "https://auth.nbt.sh"; domain = "nbt.sh";
default_redirection_url = "https://admin.nbt.sh"; authelia_url = "https://auth.nbt.sh";
} default_redirection_url = "https://admin.nbt.sh";
{ }
domain = "proot.link"; {
authelia_url = "https://auth.proot.link"; domain = "proot.link";
default_redirection_url = "https://admin.proot.link"; authelia_url = "https://auth.proot.link";
} default_redirection_url = "https://admin.proot.link";
]; }
session.redis = { ];
host = config.services.redis.servers.authelia.unixSocket; session.redis = {
host = config.services.redis.servers.authelia.unixSocket;
};
notifier.filesystem.filename = "/var/lib/authelia-${inst}/notification.txt";
authentication_backend.file.path = config.age.secrets.authelia-users.path;
server.port = lib.mkIf (opts ? port) (opts.port or null);
theme = "auto";
};
}) {
main = {
domain = "protogen.io";
# port = 9091 # default
}; };
notifier.filesystem.filename = "/var/lib/authelia-${inst}/notification.txt";
authentication_backend.file.path = config.age.secrets.authelia-users.path;
server.port = lib.mkIf (opts ? port) (opts.port or null);
theme = "auto";
}; };
}) {
main = {
domain = "protogen.io";
# port = 9091 # default
};
};
services.redis = { services.redis = {
servers.authelia = { servers.authelia = {
@ -157,7 +161,7 @@ in
users.users."${config.services.authelia.instances.main.user}".extraGroups = let users.users."${config.services.authelia.instances.main.user}".extraGroups = let
name = config.services.redis.servers.authelia.user; name = config.services.redis.servers.authelia.user;
in [ name ]; in [name];
services.nginx = { services.nginx = {
enable = true; enable = true;
@ -171,24 +175,30 @@ in
virtualHosts = let virtualHosts = let
useACMEHost = "protogen.io"; useACMEHost = "protogen.io";
mkProxy = args@{ upstream ? "http://127.0.0.1:${builtins.toString args.port}", auth ? false, authelia ? false, extraConfig ? {}, ... }: mkProxy = args @ {
lib.mkMerge [ upstream ? "http://127.0.0.1:${builtins.toString args.port}",
{ auth ? false,
inherit useACMEHost; authelia ? false,
forceSSL = true; extraConfig ? {},
locations."/" = { ...
proxyPass = upstream; }:
proxyWebsockets = true; lib.mkMerge [
}; {
} inherit useACMEHost;
(lib.mkIf auth { forceSSL = true;
basicAuthFile = config.age.secrets.htpasswd.path; locations."/" = {
}) proxyPass = upstream;
(lib.mkIf authelia { proxyWebsockets = true;
authelia.instance = lib.mkDefault "main"; };
}) }
extraConfig (lib.mkIf auth {
]; basicAuthFile = config.age.secrets.htpasswd.path;
})
(lib.mkIf authelia {
authelia.instance = lib.mkDefault "main";
})
extraConfig
];
# mkReverseProxy = port: { # mkReverseProxy = port: {
# inherit useACMEHost; # inherit useACMEHost;
@ -199,149 +209,174 @@ in
# }; # };
# }; # };
mkAuthProxy = port: mkProxy { inherit port; authelia = true; }; mkAuthProxy = port:
mkProxy {
mkReverseProxy = port: mkProxy { inherit port; }; inherit port;
in (lib.mapAttrs (domain: instance: { forceSSL = true; inherit useACMEHost; authelia.endpoint = { inherit instance; };}) { authelia = true;
"auth.protogen.io" = "main";
"auth.nbt.sh" = "main";
"auth.proot.link" = "main";
}) // {
"changedetection.protogen.io" = mkReverseProxy 5000;
# firefly
"firefly.protogen.io" = mkReverseProxy 8083;
"firefly-import.protogen.io" = mkAuthProxy 8084;
"gitea.protogen.io" = mkReverseProxy 3000;
# home assistant
"hass.protogen.io" = mkReverseProxy 8123;
"node.protogen.io" = mkReverseProxy 1880;
"z2m.protogen.io" = mkAuthProxy 8124;
"vsc-hass.protogen.io" = mkReverseProxy 1881;
# jellyfin
"room.protogen.io" = mkReverseProxy 8096;
"deemix.protogen.io" = mkAuthProxy 6595;
# libreddit auth 8087
"libreddit.protogen.io" = {
locations."/".return = "302 https://redlib.protogen.io$request_uri";
forceSSL = true;
useACMEHost = "protogen.io";
};
"redlib.protogen.io" = mkAuthProxy 8087;
"rss.protogen.io" = mkReverseProxy 8082;
"blahaj.protogen.io" = mkReverseProxy 8086;
"paper.protogen.io" = mkReverseProxy config.services.paperless.port;
# octoprint (proxy_addr is 10.10.1.8)
"print.protogen.io" = lib.mkMerge [ (mkProxy { authelia = true; upstream = "http://10.10.1.8:80"; })
{
locations."/webcam" = {
proxyPass = "http://10.10.1.8:80$request_uri";
proxyWebsockets = true;
basicAuthFile = config.age.secrets.htpasswd-cam.path;
authelia.method = null;
}; };
}];
# searx auth 8088 (none for /favicon.ico, /autocompleter, /opensearch.xml) mkReverseProxy = port: mkProxy {inherit port;};
"search.protogen.io".locations."/".return = "302 https://searx.protogen.io$request_uri"; in
"searx.protogen.io" = let (lib.mapAttrs (domain: instance: {
port = 8088; forceSSL = true;
in mkProxy { authelia = true; inherit port; extraConfig = { inherit useACMEHost;
locations = lib.genAttrs [ "/favicon.ico" "/autocompleter" "/opensearch.xml" ] (attr: { authelia.endpoint = {inherit instance;};
proxyPass = "http://localhost:${builtins.toString port}"; }) {
proxyWebsockets = true; "auth.protogen.io" = "main";
authelia.method = null; "auth.nbt.sh" = "main";
extraConfig = '' "auth.proot.link" = "main";
auth_basic off; })
''; // {
}); "changedetection.protogen.io" = mkReverseProxy 5000;
};};
# URL shortener # firefly
"nbt.sh" = mkProxy { port = 8090; extraConfig.serverAliases = [ "proot.link" ]; }; "firefly.protogen.io" = mkReverseProxy 8083;
"admin.nbt.sh" = mkProxy { authelia = true; port = 8091; extraConfig.serverAliases = [ "admin.proot.link" ]; }; "firefly-import.protogen.io" = mkAuthProxy 8084;
# uptime "gitea.protogen.io" = mkReverseProxy 3000;
"uptime.protogen.io" = mkReverseProxy 3001;
"kuma.protogen.io".locations."/".return = "301 https://uptime.protogen.io";
"anki.protogen.io" = mkReverseProxy config.services.anki-sync-server.port; # home assistant
"hass.protogen.io" = mkReverseProxy 8123;
"node.protogen.io" = mkReverseProxy 1880;
"z2m.protogen.io" = mkAuthProxy 8124;
"vsc-hass.protogen.io" = mkReverseProxy 1881;
# homepage # jellyfin
"home.protogen.io" = mkAuthProxy 8089; "room.protogen.io" = mkReverseProxy 8096;
"deemix.protogen.io" = mkAuthProxy 6595;
"lounge.protogen.io" = mkAuthProxy 9000; # libreddit auth 8087
"libreddit.protogen.io" = {
"trackmap.protogen.io" = let locations."/".return = "302 https://redlib.protogen.io$request_uri";
root = pkgs.modpacks.notlite-ctm-static; forceSSL = true;
in { useACMEHost = "protogen.io";
useACMEHost = "protogen.io";
forceSSL = true;
authelia.instance = "main";
locations."/" = {
inherit root;
extraConfig = ''
autoindex off;
'';
}; };
locations."/api/" = { "redlib.protogen.io" = mkAuthProxy 8087;
proxyPass = "http://10.10.0.3:3876"; "rss.protogen.io" = mkReverseProxy 8082;
proxyWebsockets = true; "blahaj.protogen.io" = mkReverseProxy 8086;
extraConfig = '' "paper.protogen.io" = mkReverseProxy config.services.paperless.port;
chunked_transfer_encoding off;
proxy_buffering off; # octoprint (proxy_addr is 10.10.1.8)
proxy_cache off; "print.protogen.io" = lib.mkMerge [
''; (mkProxy {
authelia = true;
upstream = "http://10.10.1.8:80";
})
{
locations."/webcam" = {
proxyPass = "http://10.10.1.8:80$request_uri";
proxyWebsockets = true;
basicAuthFile = config.age.secrets.htpasswd-cam.path;
authelia.method = null;
};
}
];
# searx auth 8088 (none for /favicon.ico, /autocompleter, /opensearch.xml)
"search.protogen.io".locations."/".return = "302 https://searx.protogen.io$request_uri";
"searx.protogen.io" = let
port = 8088;
in
mkProxy {
authelia = true;
inherit port;
extraConfig = {
locations = lib.genAttrs ["/favicon.ico" "/autocompleter" "/opensearch.xml"] (attr: {
proxyPass = "http://localhost:${builtins.toString port}";
proxyWebsockets = true;
authelia.method = null;
extraConfig = ''
auth_basic off;
'';
});
};
};
# URL shortener
"nbt.sh" = mkProxy {
port = 8090;
extraConfig.serverAliases = ["proot.link"];
};
"admin.nbt.sh" = mkProxy {
authelia = true;
port = 8091;
extraConfig.serverAliases = ["admin.proot.link"];
};
# uptime
"uptime.protogen.io" = mkReverseProxy 3001;
"kuma.protogen.io".locations."/".return = "301 https://uptime.protogen.io";
"anki.protogen.io" = mkReverseProxy config.services.anki-sync-server.port;
# homepage
"home.protogen.io" = mkAuthProxy 8089;
"lounge.protogen.io" = mkAuthProxy 9000;
"trackmap.protogen.io" = let
root = pkgs.modpacks.notlite-ctm-static;
in {
useACMEHost = "protogen.io";
forceSSL = true;
authelia.instance = "main";
locations."/" = {
inherit root;
extraConfig = ''
autoindex off;
'';
};
locations."/api/" = {
proxyPass = "http://10.10.0.3:3876";
proxyWebsockets = true;
extraConfig = ''
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
'';
};
};
# main site
"protogen.io" = {
serverAliases = ["x.protogen.io"];
useACMEHost = "protogen.io";
forceSSL = true;
locations."/" = {
root = "/srv/http";
extraConfig = ''
autoindex on;
'';
};
};
# fallback for known hosts
"nullbite.com" = {
forceSSL = true;
useACMEHost = "protogen.io";
locations."/" = {
return = "302 https://protogen.io$request_uri";
};
serverAliases = ["www.nullbite.com" "nullbite.dev" "www.nullbite.dev" "www.protogen.io" "nullbite.xyz" "www.nullbite.xyz"];
};
# show blank page for unknown hosts
"localhost" = {
default = true;
addSSL = true;
useACMEHost = "protogen.io";
locations."/" = {
return = "404";
};
}; };
}; };
# main site
"protogen.io" = {
serverAliases = [ "x.protogen.io" ];
useACMEHost = "protogen.io";
forceSSL = true;
locations."/" = {
root = "/srv/http";
extraConfig = ''
autoindex on;
'';
};
};
# fallback for known hosts
"nullbite.com" = {
forceSSL = true;
useACMEHost = "protogen.io";
locations."/" = {
return = "302 https://protogen.io$request_uri";
};
serverAliases = [ "www.nullbite.com" "nullbite.dev" "www.nullbite.dev" "www.protogen.io" "nullbite.xyz" "www.nullbite.xyz" ];
};
# show blank page for unknown hosts
"localhost" = {
default = true;
addSSL = true;
useACMEHost = "protogen.io";
locations."/" = {
return = "404";
};
};
};
}; };
# https://gethomepage.dev # https://gethomepage.dev
services.homepage-dashboard = let services.homepage-dashboard = let
entry = name: value: { "${name}" = value; }; entry = name: value: {"${name}" = value;};
makeBookmark = name: {...}@attrs: entry name [ attrs ]; makeBookmark = name: {...} @ attrs: entry name [attrs];
makeBookmark' = name: icon: abbr: href: makeBookmark name ({ inherit abbr href; } // lib.optionalAttrs (icon != null) { inherit icon; }); makeBookmark' = name: icon: abbr: href: makeBookmark name ({inherit abbr href;} // lib.optionalAttrs (icon != null) {inherit icon;});
in { in {
enable = true; enable = true;
listenPort = 8089; listenPort = 8089;
@ -369,10 +404,12 @@ in
]; ];
services = let services = let
service = name: subdomain: icon: {...}@attrs: entry name ({ service = name: subdomain: icon: {...} @ attrs:
href = "https://${subdomain}.protogen.io"; entry name ({
inherit icon; href = "https://${subdomain}.protogen.io";
} // attrs); inherit icon;
}
// attrs);
basicService = name: subdomain: icon: service name subdomain icon {}; basicService = name: subdomain: icon: service name subdomain icon {};
in [ in [
(entry "unsorted" [ (entry "unsorted" [
@ -389,13 +426,17 @@ in
(basicService "SearXNG" "searx" "searxng") (basicService "SearXNG" "searx" "searxng")
(basicService "TheLounge" "lounge" "thelounge") (basicService "TheLounge" "lounge" "thelounge")
(basicService "Paperless" "paper" "paperless-ngx") (basicService "Paperless" "paper" "paperless-ngx")
(entry "Shlink" { href = "https://admin.nbt.sh"; icon = "shlink"; }) (entry "Shlink" {
href = "https://admin.nbt.sh";
icon = "shlink";
})
(basicService "Create Track Map" "trackmap" "") (basicService "Create Track Map" "trackmap" "")
((x: service x x x { ((x:
widget = { service x x x {
}; widget = {
}) "changedetection") };
}) "changedetection")
(service "Uptime Kuma" "uptime" "uptime-kuma" { (service "Uptime Kuma" "uptime" "uptime-kuma" {
widget = { widget = {
@ -443,7 +484,7 @@ in
}; };
# needed for mDNS in Home Assistant # needed for mDNS in Home Assistant
networking.firewall.allowedUDPPorts = [ 5353 ]; networking.firewall.allowedUDPPorts = [5353];
systemd.services.redlib.environment = { systemd.services.redlib.environment = {
REDLIB_DEFAULT_SUBSCRIPTIONS = lib.pipe ./reddit-subscriptions.txt [ REDLIB_DEFAULT_SUBSCRIPTIONS = lib.pipe ./reddit-subscriptions.txt [
@ -488,13 +529,12 @@ in
PAPERLESS_URL = "https://paper.protogen.io"; PAPERLESS_URL = "https://paper.protogen.io";
PAPERLESS_TIKA_ENABLED = true; PAPERLESS_TIKA_ENABLED = true;
PAPERLESS_TIKA_ENDPOINT = "http://localhost:${toString config.services.tika.port}"; PAPERLESS_TIKA_ENDPOINT = "http://localhost:${toString config.services.tika.port}";
PAPERLESS_TIKA_GOTENBERG_ENDPOINT = PAPERLESS_TIKA_GOTENBERG_ENDPOINT = "http://localhost:${toString config.services.gotenberg.port}";
"http://localhost:${toString config.services.gotenberg.port}";
}; };
}; };
users.users."${config.services.paperless.user}".extraGroups = let users.users."${config.services.paperless.user}".extraGroups = let
name = config.services.redis.servers.paperless.group; name = config.services.redis.servers.paperless.group;
in [ name ]; in [name];
services.gotenberg = { services.gotenberg = {
enable = true; enable = true;

60
hosts/slab/configuration.nix
View File

@ -1,20 +1,22 @@
# vim: set ts=2 sw=2 et foldmethod=marker: # vim: set ts=2 sw=2 et foldmethod=marker:
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on # your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, vars, ... }:
{ {
imports = config,
[ # Include the results of the hardware scan. lib,
./hardware-configuration.nix pkgs,
vars,
../../system # nixfiles modules ...
./nvidia-optimus.nix }: {
./supergfxd.nix imports = [
]; # Include the results of the hardware scan.
./hardware-configuration.nix
../../system # nixfiles modules
./nvidia-optimus.nix
./supergfxd.nix
];
config = { config = {
# nix.settings.experimental-features = ["nix-command" "flakes" ]; # nix.settings.experimental-features = ["nix-command" "flakes" ];
@ -26,18 +28,24 @@
device = "/dev/disk/by-uuid/028A49020517BEA9"; device = "/dev/disk/by-uuid/028A49020517BEA9";
}; };
"/.btrfsroot" = { "/.btrfsroot" = {
options = [ "subvol=/" ]; options = ["subvol=/"];
}; };
} }
# Lanzaboote workaround (nix-community/lanzaboote#173) # Lanzaboote workaround (nix-community/lanzaboote#173)
(lib.mkIf config.boot.lanzaboote.enable { (lib.mkIf config.boot.lanzaboote.enable {
"/efi/EFI/Linux" = { device = "/boot/EFI/Linux"; options = [ "bind" ]; }; "/efi/EFI/Linux" = {
"/efi/EFI/nixos" = { device = "/boot/EFI/nixos"; options = [ "bind" ]; }; device = "/boot/EFI/Linux";
options = ["bind"];
};
"/efi/EFI/nixos" = {
device = "/boot/EFI/nixos";
options = ["bind"];
};
}) })
(lib.genAttrs [ "/.btrfsroot" "/" "/home" "/nix" ] ( fs: { (lib.genAttrs ["/.btrfsroot" "/" "/home" "/nix"] (fs: {
options = [ "compress=zstd" ]; options = ["compress=zstd"];
})) }))
]; ];
@ -51,7 +59,7 @@
# }; # };
specialisation.hyprland.configuration = { specialisation.hyprland.configuration = {
system.nixos.tags = [ "Hyprland" ]; system.nixos.tags = ["Hyprland"];
nixfiles.session = "hyprland"; nixfiles.session = "hyprland";
}; };
@ -91,21 +99,20 @@
}; };
}; };
networking.hostName = "slab"; networking.hostName = "slab";
boot.initrd.systemd.enable = true; boot.initrd.systemd.enable = true;
boot.plymouth.enable = true; boot.plymouth.enable = true;
boot.kernelParams = [ "quiet" ]; boot.kernelParams = ["quiet"];
# annoying ACPI bug # annoying ACPI bug
boot.consoleLogLevel = 2; boot.consoleLogLevel = 2;
# cryptsetup # cryptsetup
boot.initrd.luks.devices = { boot.initrd.luks.devices = {
lvmroot = { lvmroot = {
device="/dev/disk/by-uuid/2872c0f0-e544-45f0-9b6c-ea022af7805a"; device = "/dev/disk/by-uuid/2872c0f0-e544-45f0-9b6c-ea022af7805a";
allowDiscards = true; allowDiscards = true;
fallbackToPassword = lib.mkIf (!config.boot.initrd.systemd.enable) true; fallbackToPassword = lib.mkIf (!config.boot.initrd.systemd.enable) true;
preLVM = true; preLVM = true;
@ -138,7 +145,7 @@
}; };
# GPS data from my phone # GPS data from my phone
services.gpsd.devices = lib.mkIf config.nixfiles.hardware.gps.enable [ "tcp://pixel.magpie-moth.ts.net:6000" ]; services.gpsd.devices = lib.mkIf config.nixfiles.hardware.gps.enable ["tcp://pixel.magpie-moth.ts.net:6000"];
# systemd power/suspend configuration # systemd power/suspend configuration
systemd.targets = lib.genAttrs ["suspend" "hybrid-sleep" "suspend-then-hibernate"] (_: { systemd.targets = lib.genAttrs ["suspend" "hybrid-sleep" "suspend-then-hibernate"] (_: {
@ -164,7 +171,6 @@
# boot.loader.efi.canTouchEfiVariables = true; # boot.loader.efi.canTouchEfiVariables = true;
# see custom-hardware-configuration.nix # see custom-hardware-configuration.nix
# networking.hostName = "nixos"; # Define your hostname. # networking.hostName = "nixos"; # Define your hostname.
# Pick only one of the below networking options. # Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
@ -195,10 +201,8 @@
# services.xserver.displayManager.sddm.enable = true; # services.xserver.displayManager.sddm.enable = true;
# services.xserver.desktopManager.plasma5.enable = true; # services.xserver.desktopManager.plasma5.enable = true;
# Enable flatpak # Enable flatpak
# services.flatpak.enable = true; # services.flatpak.enable = true;
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.xkb.layout = "us"; # services.xserver.xkb.layout = "us";
@ -218,7 +222,6 @@
# pulse.enable = true; # pulse.enable = true;
# jack.enable = true; # jack.enable = true;
# }; # };
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
@ -244,7 +247,6 @@
# shell = pkgs.zsh; # shell = pkgs.zsh;
# }; # };
# shell config # shell config
# programs.zsh.enable = true; # programs.zsh.enable = true;
# programs.fzf = { # programs.fzf = {
@ -296,7 +298,7 @@
# }}} # }}}
# Open ports in the firewall. # Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22 ]; networking.firewall.allowedTCPPorts = [22];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;
@ -313,7 +315,5 @@
# Before changing this value read the documentation for this option # Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?
}; };
} }

86
hosts/slab/hardware-configuration.nix
View File

@ -1,55 +1,59 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "sdhci_pci" ]; boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "sdhci_pci"];
boot.initrd.kernelModules = [ "dm-snapshot" "amdgpu" ]; boot.initrd.kernelModules = ["dm-snapshot" "amdgpu"];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@" ]; options = ["subvol=nixos/@"];
}; };
fileSystems."/nix" = fileSystems."/nix" = {
{ device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos/@nix" ]; options = ["subvol=nixos/@nix"];
}; };
fileSystems."/home" = fileSystems."/home" = {
{ device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = ["subvol=@home"];
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/50D3-45F0"; device = "/dev/disk/by-uuid/50D3-45F0";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ]; options = ["fmask=0022" "dmask=0022"];
}; };
fileSystems."/efi" = fileSystems."/efi" = {
{ device = "/dev/disk/by-uuid/4E1B-8BEE"; device = "/dev/disk/by-uuid/4E1B-8BEE";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ]; options = ["fmask=0022" "dmask=0022"];
}; };
swapDevices = swapDevices = [
[ { device = "/dev/disk/by-uuid/9360890a-4050-4326-bf5f-8fa2bdc6744a"; } {device = "/dev/disk/by-uuid/9360890a-4050-4326-bf5f-8fa2bdc6744a";}
]; ];
fileSystems."/.btrfsroot" = fileSystems."/.btrfsroot" = {
{ device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec"; device = "/dev/disk/by-uuid/9c2a06d8-bff5-4587-95a6-e25495e9c4ec";
fsType = "btrfs"; fsType = "btrfs";
}; };
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

13
hosts/slab/home.nix
View File

@ -1,5 +1,10 @@
{ lib, pkgs, osConfig, config, ... }:
{ {
lib,
pkgs,
osConfig,
config,
...
}: {
imports = [ imports = [
../../home ../../home
]; ];
@ -9,7 +14,7 @@
profile.base.enable = true; profile.base.enable = true;
common.wm.keybinds = { common.wm.keybinds = {
Launch1="playerctl play-pause"; # ROG key Launch1 = "playerctl play-pause"; # ROG key
# Launch3="true"; # AURA fn key # Launch3="true"; # AURA fn key
# Launch4="true"; # fan control fn key # Launch4="true"; # fan control fn key
}; };
@ -17,8 +22,8 @@
home.stateVersion = "23.11"; home.stateVersion = "23.11";
# TODO mkif stylix.enable; danth/stylix#216 # TODO mkif stylix.enable; danth/stylix#216
home.pointerCursor = lib.mkIf (config.nixfiles.theming.enable && !config.stylix.enable) { size = 32; }; home.pointerCursor = lib.mkIf (config.nixfiles.theming.enable && !config.stylix.enable) {size = 32;};
stylix.cursor = { size = 32; }; stylix.cursor = {size = 32;};
nixfiles.theming.catppuccin.themeDPI = "hdpi"; nixfiles.theming.catppuccin.themeDPI = "hdpi";

19
hosts/slab/nvidia-optimus.nix
View File

@ -1,11 +1,13 @@
{ config, lib, pkgs, ... }:
{ {
config,
lib,
pkgs,
...
}: {
services.supergfxd.enable = true; services.supergfxd.enable = true;
specialisation = { specialisation = {
nvidia.configuration = { nvidia.configuration = {
system.nixos.tags = [ "NVIDIA" ]; system.nixos.tags = ["NVIDIA"];
nixfiles.supergfxd.profile = "Hybrid"; nixfiles.supergfxd.profile = "Hybrid";
@ -15,9 +17,9 @@
hardware.nvidia = { hardware.nvidia = {
# Use the NVidia open source kernel module (not to be confused with the # Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver). # independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of # Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at: # supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+ # Only available from driver 515.43.04+
# Currently alpha-quality/buggy, so false is currently the recommended setting. # Currently alpha-quality/buggy, so false is currently the recommended setting.
open = false; open = false;
@ -30,7 +32,8 @@
package = let package = let
stable = config.boot.kernelPackages.nvidiaPackages.stable; stable = config.boot.kernelPackages.nvidiaPackages.stable;
version = stable; version = stable;
in version; in
version;
prime = { prime = {
offload = { offload = {

14
hosts/slab/supergfxd.nix
View File

@ -1,5 +1,10 @@
{ pkgs, lib, config, options, ... }@args: {
let pkgs,
lib,
config,
options,
...
} @ args: let
gfx = { gfx = {
Integrated = { Integrated = {
supergfxd = pkgs.writeText "supergfxd-integrated" '' supergfxd = pkgs.writeText "supergfxd-integrated" ''
@ -69,7 +74,8 @@ let
isKeyInAttrset = let isKeyInAttrset = let
getKeys = attrset: lib.mapAttrsToList (name: _: name) attrset; getKeys = attrset: lib.mapAttrsToList (name: _: name) attrset;
isInList = key: list: lib.any (x: x == key) list; isInList = key: list: lib.any (x: x == key) list;
in key: attrset: isInList key (getKeys attrset); in
key: attrset: isInList key (getKeys attrset);
inherit (lib) mkIf mkOption types; inherit (lib) mkIf mkOption types;
in { in {
@ -83,7 +89,7 @@ in {
}; };
config = { config = {
environment.etc = mkIf (!(builtins.isNull cfg.profile)) { environment.etc = mkIf (!(builtins.isNull cfg.profile)) {
# TODO actually configure the system settings here # TODO actually configure the system settings here
"supergfxd.conf" = { "supergfxd.conf" = {
source = gfx.${cfg.profile}.supergfxd; source = gfx.${cfg.profile}.supergfxd;

102
lib/nixfiles/minecraft.nix
View File

@ -1,14 +1,19 @@
{ pkgs, ... }: {pkgs, ...}: let
let
inherit (pkgs) lib; inherit (pkgs) lib;
in in {
{ mkServer = {
mkServer = { modpack ? null, modpackSymlinks ? [], modpackFiles ? [], jvmOpts ? null, ...}@opts: let modpack ? null,
modpackSymlinks ? [],
modpackFiles ? [],
jvmOpts ? null,
...
} @ opts: let
# log4j exploit is bad and scary and i have no idea if this is still needed # log4j exploit is bad and scary and i have no idea if this is still needed
# but it's best to be on the safe side # but it's best to be on the safe side
jvmOptsPatched = let jvmOptsPatched = let
requiredJvmOpts = "-Dlog4j2.formatMsgNoLookups=true"; requiredJvmOpts = "-Dlog4j2.formatMsgNoLookups=true";
in if (!(builtins.isNull jvmOpts)) in
if (!(builtins.isNull jvmOpts))
then requiredJvmOpts + " " + jvmOpts then requiredJvmOpts + " " + jvmOpts
else requiredJvmOpts; else requiredJvmOpts;
@ -17,51 +22,58 @@ in
serverPackage = let serverPackage = let
mcVersion = modpack.manifest.versions.minecraft; mcVersion = modpack.manifest.versions.minecraft;
fixedVersion = lib.replaceStrings [ "." ] [ "_" ] mcVersion; fixedVersion = lib.replaceStrings ["."] ["_"] mcVersion;
quiltVersion = modpack.manifest.versions.quilt or null; quiltVersion = modpack.manifest.versions.quilt or null;
fabricVersion = modpack.manifest.versions.fabric or null; fabricVersion = modpack.manifest.versions.fabric or null;
loader = if (!(builtins.isNull quiltVersion)) then "quilt" else "fabric"; loader =
loaderVersion = if loader == "quilt" then quiltVersion else fabricVersion; if (!(builtins.isNull quiltVersion))
in pkgs.minecraftServers."${loader}-${fixedVersion}".override { inherit loaderVersion; }; then "quilt"
else "fabric";
loaderVersion =
if loader == "quilt"
then quiltVersion
else fabricVersion;
in
pkgs.minecraftServers."${loader}-${fixedVersion}".override {inherit loaderVersion;};
in
lib.mkMerge [
(lib.mkIf (!(builtins.isNull modpack)) {
inherit symlinks files;
package = lib.mkDefault serverPackage;
})
{
autoStart = lib.mkDefault true;
jvmOpts = jvmOptsPatched;
whitelist = lib.mkDefault {
NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4";
Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12";
YzumThreeEye = "3dad78e8-6979-404f-820e-952ce20964a0";
};
serverProperties = {
# allows no chat reports to run
enforce-secure-profile = lib.mkDefault false;
in lib.mkMerge [ # whitelist
(lib.mkIf (!(builtins.isNull modpack)) { white-list = lib.mkDefault true;
inherit symlinks files; enforce-whitelist = lib.mkDefault true;
package = lib.mkDefault serverPackage;
})
{
autoStart = lib.mkDefault true;
jvmOpts = jvmOptsPatched;
whitelist = lib.mkDefault {
NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4";
Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12";
YzumThreeEye = "3dad78e8-6979-404f-820e-952ce20964a0";
};
serverProperties = {
# allows no chat reports to run
enforce-secure-profile = lib.mkDefault false;
# whitelist motd = lib.mkDefault "owo what's this (nix preset edition)";
white-list = lib.mkDefault true; enable-rcon = lib.mkDefault false;
enforce-whitelist = lib.mkDefault true;
motd = lib.mkDefault "owo what's this (nix preset edition)"; # btrfs performance fix
enable-rcon = lib.mkDefault false; sync-chunk-writes = lib.mkDefault false;
# btrfs performance fix # this helps with some mod support. disable it on public servers.
sync-chunk-writes = lib.mkDefault false; allow-flight = lib.mkDefault true;
# this helps with some mod support. disable it on public servers. # no telemetry
allow-flight = lib.mkDefault true; snooper-enabled = lib.mkDefault false;
# no telemetry # other preferred settings
snooper-enabled = lib.mkDefault false; pvp = lib.mkDefault true;
difficulty = lib.mkDefault "hard";
# other preferred settings };
pvp = lib.mkDefault true; }
difficulty = lib.mkDefault "hard"; (builtins.removeAttrs opts ["modpack" "modpackSymlinks" "modpackFiles" "jvmOpts"])
}; ];
}
(builtins.removeAttrs opts [ "modpack" "modpackSymlinks" "modpackFiles" "jvmOpts" ])
];
} }

3
modules/home-manager/default.nix
View File

@ -1,2 +1 @@
_: _: {}
{}

3
modules/nixos/default.nix
View File

@ -1,3 +1,2 @@
{...}@moduleInputs: {...} @ moduleInputs: {
{
} }

9
overlays/default.nix
View File

@ -12,9 +12,10 @@ in {
./modpacks.nix ./modpacks.nix
]; ];
config.flake.overlays = { config.flake.overlays = {
default = with cfg; composeManyExtensions [ default = with cfg;
backports composeManyExtensions [
mitigations backports
]; mitigations
];
}; };
} }

18
pkgs/apps.nix
View File

@ -1,9 +1,15 @@
{ packages, system, ... }:
let _packages = packages; in
let
packages = _packages.${system};
mkApp = program: { type = "app"; inherit program; };
in
{ {
packages,
system,
...
}: let
_packages = packages;
in let
packages = _packages.${system};
mkApp = program: {
type = "app";
inherit program;
};
in {
keysetting = mkApp "${packages.wm-helpers}/bin/keysetting"; keysetting = mkApp "${packages.wm-helpers}/bin/keysetting";
} }

39
pkgs/atool-wrapped/default.nix
View File

@ -1,4 +1,5 @@
{ lib, {
lib,
atool, atool,
makeBinaryWrapper, makeBinaryWrapper,
stdenvNoCC, stdenvNoCC,
@ -14,24 +15,24 @@
p7zip, p7zip,
unrar, unrar,
lha, lha,
unfree ? false }: unfree ? false,
let }: let
wrappedPath = lib.makeBinPath ([lzip plzip lzop xz zip unzip arj rpm cpio p7zip] ++ lib.optionals unfree [unrar lha]); wrappedPath = lib.makeBinPath ([lzip plzip lzop xz zip unzip arj rpm cpio p7zip] ++ lib.optionals unfree [unrar lha]);
in in
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
name = "atool-wrapped"; name = "atool-wrapped";
phases = [ "installPhase" ]; phases = ["installPhase"];
nativeBuildInputs = [ makeBinaryWrapper ]; nativeBuildInputs = [makeBinaryWrapper];
src = ./.; src = ./.;
installPhase = '' installPhase = ''
# symlinking them doesn't work for some reason so i have to build multiple # symlinking them doesn't work for some reason so i have to build multiple
for i in atool acat adiff als apack arepack aunpack ; do for i in atool acat adiff als apack arepack aunpack ; do
makeBinaryWrapper "${atool}/bin/$i" "$out/bin/$i" \ makeBinaryWrapper "${atool}/bin/$i" "$out/bin/$i" \
--inherit-argv0 --prefix PATH : "${wrappedPath}" --inherit-argv0 --prefix PATH : "${wrappedPath}"
done done
# i have no idea if this is the "right" way to do this # i have no idea if this is the "right" way to do this
mkdir -p "$out/share" mkdir -p "$out/share"
ln -s "${atool}/share/man" "$out/share/man" ln -s "${atool}/share/man" "$out/share/man"
''; '';
} }

23
pkgs/cofi/shell.nix
View File

@ -1,16 +1,15 @@
{ pkgs ? import <nixpkgs> {} }: {pkgs ? import <nixpkgs> {}}: let
let
rofi-dmenu-wrapped = pkgs.writeShellScript "rofi-dmenu" '' rofi-dmenu-wrapped = pkgs.writeShellScript "rofi-dmenu" ''
exec "${pkgs.rofi-wayland}/bin/rofi" -dmenu "$@" exec "${pkgs.rofi-wayland}/bin/rofi" -dmenu "$@"
''; '';
in in
pkgs.mkShell { pkgs.mkShell {
shellHook = '' shellHook = ''
export COMMA_PICKER="${rofi-dmenu-wrapped}" export COMMA_PICKER="${rofi-dmenu-wrapped}"
''; '';
nativeBuildInputs = with pkgs; [ nativeBuildInputs = with pkgs; [
rofi-wayland rofi-wayland
libnotify libnotify
comma comma
]; ];
} }

7
pkgs/cross-seed/default.nix
View File

@ -1,5 +1,8 @@
{ lib, buildNpmPackage, fetchFromGitHub }: {
lib,
buildNpmPackage,
fetchFromGitHub,
}:
buildNpmPackage rec { buildNpmPackage rec {
pname = "cross-seed"; pname = "cross-seed";
version = "6.11.0"; version = "6.11.0";

20
pkgs/default.nix
View File

@ -1,17 +1,15 @@
{ pkgs, ... }: {pkgs, ...}: let
let
inherit (pkgs) callPackage callPackages; inherit (pkgs) callPackage callPackages;
mopidyPackages = callPackages ./mopidy { mopidyPackages = callPackages ./mopidy {
python = pkgs.python3; python = pkgs.python3;
}; };
in in {
{ inherit (mopidyPackages) mopidy-autoplay;
inherit (mopidyPackages) mopidy-autoplay ; google-fonts = callPackage ./google-fonts {};
google-fonts = callPackage ./google-fonts { }; wm-helpers = callPackage ./wm-helpers {};
wm-helpers = callPackage ./wm-helpers { }; atool = callPackage ./atool-wrapped {};
atool = callPackage ./atool-wrapped { }; nixfiles-assets = callPackage ./nixfiles-assets {};
nixfiles-assets = callPackage ./nixfiles-assets { }; redlib = callPackage ./redlib {};
redlib = callPackage ./redlib { }; cross-seed = callPackage ./cross-seed {};
cross-seed = callPackage ./cross-seed { };
} }

48
pkgs/google-fonts/default.nix
View File

@ -1,9 +1,9 @@
{ lib {
, stdenvNoCC lib,
, fetchFromGitHub stdenvNoCC,
, fonts ? [] fetchFromGitHub,
fonts ? [],
}: }:
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
pname = "google-fonts"; pname = "google-fonts";
version = "unstable-2023-10-20"; version = "unstable-2023-10-20";
@ -11,7 +11,7 @@ stdenvNoCC.mkDerivation {
# Adobe Blank is split out in a separate output, # Adobe Blank is split out in a separate output,
# because it causes crashes with `libfontconfig`. # because it causes crashes with `libfontconfig`.
# It has an absurd number of symbols # It has an absurd number of symbols
outputs = [ "out" "adobeBlank" ]; outputs = ["out" "adobeBlank"];
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "google"; owner = "google";
@ -45,26 +45,32 @@ stdenvNoCC.mkDerivation {
# FamilyName.ttf. This installs all fonts if fonts is empty and otherwise # FamilyName.ttf. This installs all fonts if fonts is empty and otherwise
# only the specified fonts by FamilyName. # only the specified fonts by FamilyName.
fonts = map (font: builtins.replaceStrings [" "] [""] font) fonts; fonts = map (font: builtins.replaceStrings [" "] [""] font) fonts;
installPhase = '' installPhase =
adobeBlankDest=$adobeBlank/share/fonts/truetype ''
install -m 444 -Dt $adobeBlankDest ofl/adobeblank/AdobeBlank-Regular.ttf adobeBlankDest=$adobeBlank/share/fonts/truetype
rm -r ofl/adobeblank install -m 444 -Dt $adobeBlankDest ofl/adobeblank/AdobeBlank-Regular.ttf
dest=$out/share/fonts/truetype rm -r ofl/adobeblank
'' + (if fonts == [] then '' dest=$out/share/fonts/truetype
find . -name '*.ttf' -exec install -m 444 -Dt $dest '{}' + ''
'' else '' + (
for font in $fonts; do if fonts == []
find . \( -name "$font-*.ttf" -o -name "$font[*.ttf" -o -name "$font.ttf" \) -exec install -m 444 -Dt $dest '{}' + then ''
done find . -name '*.ttf' -exec install -m 444 -Dt $dest '{}' +
''); ''
else ''
for font in $fonts; do
find . \( -name "$font-*.ttf" -o -name "$font[*.ttf" -o -name "$font.ttf" \) -exec install -m 444 -Dt $dest '{}' +
done
''
);
meta = with lib; { meta = with lib; {
homepage = "https://fonts.google.com"; homepage = "https://fonts.google.com";
description = "Font files available from Google Fonts"; description = "Font files available from Google Fonts";
license = with licenses; [ asl20 ofl ufl ]; license = with licenses; [asl20 ofl ufl];
platforms = platforms.all; platforms = platforms.all;
hydraPlatforms = []; hydraPlatforms = [];
maintainers = with maintainers; [ manveru ]; maintainers = with maintainers; [manveru];
sourceProvenance = [ sourceTypes.binaryBytecode ]; sourceProvenance = [sourceTypes.binaryBytecode];
}; };
} }

9
pkgs/lucem/update.nix
View File

@ -1,9 +1,11 @@
{ nixpkgs ? <nixpkgs>, pkgs ? (import nixpkgs) { } }: {
let nixpkgs ? <nixpkgs>,
pkgs ? (import nixpkgs) {},
}: let
inherit (pkgs) callPackage fetchFromSourcehut fetchFromGitHub lib; inherit (pkgs) callPackage fetchFromSourcehut fetchFromGitHub lib;
inherit (lib) escapeShellArg; inherit (lib) escapeShellArg;
lucem = pkgs.callPackage ./. { }; lucem = pkgs.callPackage ./. {};
nim_lk_patched = pkgs.nim_lk.overrideAttrs (final: prev: { nim_lk_patched = pkgs.nim_lk.overrideAttrs (final: prev: {
src = pkgs.fetchFromSourcehut { src = pkgs.fetchFromSourcehut {
@ -16,7 +18,6 @@ let
./nim_lk-rev-order-fix.patch ./nim_lk-rev-order-fix.patch
]; ];
}); });
in in
pkgs.stdenvNoCC.mkDerivation { pkgs.stdenvNoCC.mkDerivation {
name = "lucem-lock.json"; name = "lucem-lock.json";

22
pkgs/mopidy/autoplay.nix
View File

@ -1,5 +1,9 @@
{ lib, python3Packages, fetchPypi, mopidy }: {
lib,
python3Packages,
fetchPypi,
mopidy,
}:
# based on mopidy/jellyfin.nix # based on mopidy/jellyfin.nix
python3Packages.buildPythonApplication rec { python3Packages.buildPythonApplication rec {
pname = "mopidy-autoplay"; pname = "mopidy-autoplay";
@ -11,15 +15,15 @@ python3Packages.buildPythonApplication rec {
sha256 = "sha256-E2Q+Cn2LWSbfoT/gFzUfChwl67Mv17uKmX2woFz/3YM="; sha256 = "sha256-E2Q+Cn2LWSbfoT/gFzUfChwl67Mv17uKmX2woFz/3YM=";
}; };
propagatedBuildInputs = [ mopidy ]; propagatedBuildInputs = [mopidy];
# no tests implemented # no tests implemented
doCheck = false; doCheck = false;
pythonImportsCheck = [ "mopidy_autoplay" ]; pythonImportsCheck = ["mopidy_autoplay"];
meta = with lib; { meta = with lib; {
homepage = "https://codeberg.org/sph/mopidy-autoplay"; homepage = "https://codeberg.org/sph/mopidy-autoplay";
description = "Mopidy extension to automatically pick up where you left off and start playing the last track from the position before Mopidy was shut down."; description = "Mopidy extension to automatically pick up where you left off and start playing the last track from the position before Mopidy was shut down.";
license = licenses.asl20; license = licenses.asl20;
}; };
} }

18
pkgs/mopidy/default.nix
View File

@ -1,10 +1,14 @@
{ lib, newScope, python }: {
lib,
newScope,
python,
}:
# i have no idea what this is but there's some conflict if i don't do this # i have no idea what this is but there's some conflict if i don't do this
# based on https://github.com/NixOS/nixpkgs/blob/77f0d2095a8271fdb6e0d08c90a7d93631fd2748/pkgs/applications/audio/mopidy/default.nix # based on https://github.com/NixOS/nixpkgs/blob/77f0d2095a8271fdb6e0d08c90a7d93631fd2748/pkgs/applications/audio/mopidy/default.nix
lib.makeScope newScope (self: with self; { lib.makeScope newScope (self:
inherit python; with self; {
pythonPackages = python.pkgs; inherit python;
pythonPackages = python.pkgs;
mopidy-autoplay = callPackage ./autoplay.nix { }; mopidy-autoplay = callPackage ./autoplay.nix {};
}) })

33
pkgs/nixfiles-assets/default.nix
View File

@ -1,5 +1,8 @@
{ lib, stdenvNoCC, fetchFromGitea }: {
let lib,
stdenvNoCC,
fetchFromGitea,
}: let
src = fetchFromGitea { src = fetchFromGitea {
domain = "gitea.protogen.io"; domain = "gitea.protogen.io";
owner = "nullbite"; owner = "nullbite";
@ -10,16 +13,16 @@ let
fetchLFS = true; fetchLFS = true;
}; };
in in
stdenvNoCC.mkDerivation { stdenvNoCC.mkDerivation {
pname = "nixfiles-assets"; pname = "nixfiles-assets";
version = src.rev; version = src.rev;
inherit src; inherit src;
phases = [ "installPhase" ]; phases = ["installPhase"];
installPhase = '' installPhase = ''
cd $src cd $src
pwd pwd
ls ls
mkdir -p $out/share/ mkdir -p $out/share/
cp -a wallpapers $out/share/ cp -a wallpapers $out/share/
''; '';
} }

23
pkgs/redlib/default.nix
View File

@ -1,11 +1,12 @@
{ lib {
, stdenv lib,
, cacert stdenv,
, nixosTests cacert,
, rustPlatform nixosTests,
, fetchFromGitHub rustPlatform,
, darwin fetchFromGitHub,
, nix-update-script darwin,
nix-update-script,
}: }:
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "redlib"; pname = "redlib";
@ -58,7 +59,7 @@ rustPlatform.buildRustPackage rec {
env = { env = {
SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt"; SSL_CERT_FILE = "${cacert}/etc/ssl/certs/ca-bundle.crt";
GIT_HASH=src.rev; GIT_HASH = src.rev;
}; };
doCheck = false; doCheck = false;
@ -67,7 +68,7 @@ rustPlatform.buildRustPackage rec {
inherit (nixosTests) redlib; inherit (nixosTests) redlib;
}; };
passthru.updateScript = nix-update-script { extraArgs = [ "--version=branch=main" ]; }; passthru.updateScript = nix-update-script {extraArgs = ["--version=branch=main"];};
meta = { meta = {
changelog = "https://github.com/redlib-org/redlib/releases/tag/v${version}"; changelog = "https://github.com/redlib-org/redlib/releases/tag/v${version}";
@ -75,6 +76,6 @@ rustPlatform.buildRustPackage rec {
homepage = "https://github.com/redlib-org/redlib"; homepage = "https://github.com/redlib-org/redlib";
license = lib.licenses.agpl3Only; license = lib.licenses.agpl3Only;
mainProgram = "redlib"; mainProgram = "redlib";
maintainers = with lib.maintainers; [ soispha ]; maintainers = with lib.maintainers; [soispha];
}; };
} }

140
pkgs/wm-helpers/default.nix
View File

@ -1,79 +1,85 @@
{ pkgs, lib, cap-volume ? true, unmute ? true, ...}: {
let pkgs,
keysetting = pkgs.writeShellScriptBin "keysetting" lib,
'' cap-volume ? true,
wpctl=${pkgs.wireplumber}/bin/wpctl unmute ? true,
notify_send=${pkgs.libnotify}/bin/notify-send ...
brightnessctl=${pkgs.brightnessctl}/bin/brightnessctl }: let
cut=${pkgs.coreutils}/bin/cut keysetting =
grep=${pkgs.gnugrep}/bin/grep pkgs.writeShellScriptBin "keysetting"
tr=${pkgs.coreutils}/bin/tr ''
bc=${pkgs.bc}/bin/bc wpctl=${pkgs.wireplumber}/bin/wpctl
notify_send=${pkgs.libnotify}/bin/notify-send
brightnessctl=${pkgs.brightnessctl}/bin/brightnessctl
cut=${pkgs.coreutils}/bin/cut
grep=${pkgs.gnugrep}/bin/grep
tr=${pkgs.coreutils}/bin/tr
bc=${pkgs.bc}/bin/bc
cap_volume=${pkgs.coreutils}/bin/${lib.boolToString cap-volume} cap_volume=${pkgs.coreutils}/bin/${lib.boolToString cap-volume}
unmute=${pkgs.coreutils}/bin/${lib.boolToString unmute} unmute=${pkgs.coreutils}/bin/${lib.boolToString unmute}
notify-send () { notify-send () {
$notify_send -h string:x-canonical-private-synchronous:keysetting "$@" $notify_send -h string:x-canonical-private-synchronous:keysetting "$@"
} }
getvol () { getvol () {
echo "$(wpctl get-volume @DEFAULT_SINK@ | $tr -dc '[:digit:].')*100/1" | $bc echo "$(wpctl get-volume @DEFAULT_SINK@ | $tr -dc '[:digit:].')*100/1" | $bc
} }
notifyvol () { notifyvol () {
message="Volume: $(getvol)%" message="Volume: $(getvol)%"
if $wpctl get-volume @DEFAULT_SINK@ | $grep MUTED > /dev/null ; then if $wpctl get-volume @DEFAULT_SINK@ | $grep MUTED > /dev/null ; then
message="$message [MUTED]" message="$message [MUTED]"
fi fi
notify-send "$message" notify-send "$message"
} }
setvol () { setvol () {
$wpctl set-volume @DEFAULT_SINK@ "$1" $wpctl set-volume @DEFAULT_SINK@ "$1"
notifyvol notifyvol
} }
volup () { volup () {
if $unmute ; then if $unmute ; then
$wpctl set-mute @DEFAULT_SINK@ 0 $wpctl set-mute @DEFAULT_SINK@ 0
fi fi
if $cap_volume && [[ $(( $(getvol) + 5 )) -gt 100 ]] ; then if $cap_volume && [[ $(( $(getvol) + 5 )) -gt 100 ]] ; then
setvol 1 setvol 1
return return
fi fi
setvol 5%+ setvol 5%+
# notifyvol # notifyvol
} }
voldown () { voldown () {
if $unmute ; then if $unmute ; then
$wpctl set-mute @DEFAULT_SINK@ 0 $wpctl set-mute @DEFAULT_SINK@ 0
fi fi
setvol 5%- setvol 5%-
# notifyvol # notifyvol
} }
notifybright () { notifybright () {
notify-send "Brightness: $(($($brightnessctl g)*100/$($brightnessctl m)))%" notify-send "Brightness: $(($($brightnessctl g)*100/$($brightnessctl m)))%"
} }
setbright () { setbright () {
$brightnessctl s "$1" $brightnessctl s "$1"
notifybright notifybright
} }
case "$1" in case "$1" in
volumeup) volup ;; volumeup) volup ;;
volumedown) voldown ;; volumedown) voldown ;;
mute) $wpctl set-mute @DEFAULT_SINK@ toggle; notifyvol;; mute) $wpctl set-mute @DEFAULT_SINK@ toggle; notifyvol;;
monup) setbright 5%+;; monup) setbright 5%+;;
mondown) setbright 5%-;; mondown) setbright 5%-;;
esac esac
''; '';
in in
pkgs.symlinkJoin { pkgs.symlinkJoin {
name = "wm-helpers"; name = "wm-helpers";
paths = keysetting; paths = keysetting;
} }

30
secrets/secrets.nix
View File

@ -12,22 +12,20 @@ let
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0enlNbo1V5q0yq6n90gRPsNznoQ/KLEjeo1yOAUyJwPi35cw+b3p4DRN7T55DcSivKKE9Hyh6bpaQWFJSLyP5jAtDrYkuUfNx5GkgrquMwMvwzk3Z+h2/J/WgDyKQZXtm9LHYTgiW8jDU1lBiks39IqCAGrCTLAmAHSaJ39A4ZpJwu6zZ9sQqT22E/UpFm5MBezdZbm8V0G+beX+y3+pp8Kag7goGNY+rgTgx7REDz3jzZz3FBP+CxKoo1H8HHz78RDqBb8HKpVQYNQkwvIBeczKawRHIkJO2Mk+1mc6Ta6beA9+Uyf+puxco2xl6BOnDInvnhWJIRXOJuR5P8/YWprE1o4ixF2N95D2GlJ618V7faEovu/sNj8qIvfA66OF1gG+LOfNAl+u2+3V8ewATF493F0q04zhenoH1ZdrsACJfL8tK9Ev9056ImR6aSJ5BjqCk0tMmnLKTZ7q3R2LoKnB1r/TXe10OH7rx5BDAt4OmD8a5QS0RvVgK3O/iMW0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0enlNbo1V5q0yq6n90gRPsNznoQ/KLEjeo1yOAUyJwPi35cw+b3p4DRN7T55DcSivKKE9Hyh6bpaQWFJSLyP5jAtDrYkuUfNx5GkgrquMwMvwzk3Z+h2/J/WgDyKQZXtm9LHYTgiW8jDU1lBiks39IqCAGrCTLAmAHSaJ39A4ZpJwu6zZ9sQqT22E/UpFm5MBezdZbm8V0G+beX+y3+pp8Kag7goGNY+rgTgx7REDz3jzZz3FBP+CxKoo1H8HHz78RDqBb8HKpVQYNQkwvIBeczKawRHIkJO2Mk+1mc6Ta6beA9+Uyf+puxco2xl6BOnDInvnhWJIRXOJuR5P8/YWprE1o4ixF2N95D2GlJ618V7faEovu/sNj8qIvfA66OF1gG+LOfNAl+u2+3V8ewATF493F0q04zhenoH1ZdrsACJfL8tK9Ev9056ImR6aSJ5BjqCk0tMmnLKTZ7q3R2LoKnB1r/TXe10OH7rx5BDAt4OmD8a5QS0RvVgK3O/iMW0="
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSAD3bCc9ZHGqU+HoCtp69uU3Px5bbVYYrHbLS3AS1Xku9rPKE/oUU/fz8/AZxp6dLuKhPjQjLzgbFjM0rK57fiOPqBnlw3eAiIymrlB03ALLV3y+GF2OhVf2rkcPkUxjK978dwS9bxgty6WzPAoSjNwilzgf2CcLcHyIzDwwzWCndM9jtpXbUbLhOH6CvsvygBD7j06wakLOorTS+cAFecUvaUkDr6gSu6zpM29DcFiq8T1VoWhBzwC/9IKnxV/XqaZBM3Em7NfPQIzYWcD9A5+Holj2I6jcTSd9xIdMhD4Miqm8IdojPkP2NuVfD9AMxn0ccwbROG/zliyXtcxRj8b3jEquBKuN+yGqF5hexmKlhHmHua9NwhsWnGWjOWWSaPtsp3WOM/fEc7cWpVWZ+W8V5LbdWEY3Ke52Cz35QbOSml09H/gIzsMxZbiZvkJB4PvWKf0FoyZ8ojJWIaGP1/LQdXNMWorqy7tWp3sAw3JcMsR0ezJ3YoI6Y6FOIdL0=" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSAD3bCc9ZHGqU+HoCtp69uU3Px5bbVYYrHbLS3AS1Xku9rPKE/oUU/fz8/AZxp6dLuKhPjQjLzgbFjM0rK57fiOPqBnlw3eAiIymrlB03ALLV3y+GF2OhVf2rkcPkUxjK978dwS9bxgty6WzPAoSjNwilzgf2CcLcHyIzDwwzWCndM9jtpXbUbLhOH6CvsvygBD7j06wakLOorTS+cAFecUvaUkDr6gSu6zpM29DcFiq8T1VoWhBzwC/9IKnxV/XqaZBM3Em7NfPQIzYWcD9A5+Holj2I6jcTSd9xIdMhD4Miqm8IdojPkP2NuVfD9AMxn0ccwbROG/zliyXtcxRj8b3jEquBKuN+yGqF5hexmKlhHmHua9NwhsWnGWjOWWSaPtsp3WOM/fEc7cWpVWZ+W8V5LbdWEY3Ke52Cz35QbOSml09H/gIzsMxZbiZvkJB4PvWKf0FoyZ8ojJWIaGP1/LQdXNMWorqy7tWp3sAw3JcMsR0ezJ3YoI6Y6FOIdL0="
]; ];
in in {
{ "cloudflare-dns.age".publicKeys = [rpi4] ++ all-user;
"cloudflare-dns.age".publicKeys = [ rpi4 ] ++ all-user; "wireguard-rpi4.age".publicKeys = [rpi4] ++ all-user;
"wireguard-rpi4.age".publicKeys = [ rpi4 ] ++ all-user; "htpasswd.age".publicKeys = [rpi4] ++ all-user;
"htpasswd.age".publicKeys = [ rpi4 ] ++ all-user; "htpasswd-cam.age".publicKeys = [rpi4] ++ all-user;
"htpasswd-cam.age".publicKeys = [ rpi4 ] ++ all-user; "authelia-users.age".publicKeys = [rpi4] ++ all-user;
"authelia-users.age".publicKeys = [ rpi4 ] ++ all-user; "authelia-storage.age".publicKeys = [rpi4] ++ all-user;
"authelia-storage.age".publicKeys = [ rpi4 ] ++ all-user; "authelia-jwt.age".publicKeys = [rpi4] ++ all-user;
"authelia-jwt.age".publicKeys = [ rpi4 ] ++ all-user; "authelia-session.age".publicKeys = [rpi4] ++ all-user;
"authelia-session.age".publicKeys = [ rpi4 ] ++ all-user; "homepage.age".publicKeys = [rpi4] ++ all-user;
"homepage.age".publicKeys = [ rpi4 ] ++ all-user; "paperless-admin.age".publicKeys = [rpi4] ++ all-user;
"paperless-admin.age".publicKeys = [ rpi4 ] ++ all-user;
"restic-rclone.age".publicKeys = [ rpi4 nullbox slab ] ++ all-user; "restic-rclone.age".publicKeys = [rpi4 nullbox slab] ++ all-user;
"restic-password.age".publicKeys = [ rpi4 nullbox slab ] ++ all-user; "restic-password.age".publicKeys = [rpi4 nullbox slab] ++ all-user;
"anki-user.age".publicKeys = [ rpi4 ] ++ all-user; "anki-user.age".publicKeys = [rpi4] ++ all-user;
} }

11
system/cachix.nix
View File

@ -1,8 +1,11 @@
{ pkgs, lib, config, ... }:
let
cfg = config.nixfiles.cachix;
in
{ {
pkgs,
lib,
config,
...
}: let
cfg = config.nixfiles.cachix;
in {
options.nixfiles.cachix.enable = lib.mkOption { options.nixfiles.cachix.enable = lib.mkOption {
description = "Whether to enable the Cachix derivation cache"; description = "Whether to enable the Cachix derivation cache";
type = lib.types.bool; type = lib.types.bool;

73
system/common/bootnext.nix
View File

@ -1,11 +1,16 @@
{ config, lib, pkgs, options, ... }: {
let config,
lib,
pkgs,
options,
...
}: let
inherit (lib) types escapeShellArg; inherit (lib) types escapeShellArg;
cfg = config.nixfiles.common.bootnext; cfg = config.nixfiles.common.bootnext;
bootNextScriptMain = pkgs.writeShellScript "bootnext-wrapped" '' bootNextScriptMain = pkgs.writeShellScript "bootnext-wrapped" ''
set -Eeuxo pipefail set -Eeuxo pipefail
PATH=${lib.escapeShellArg (with pkgs; lib.makeBinPath [ gnugrep coreutils efibootmgr ])} PATH=${lib.escapeShellArg (with pkgs; lib.makeBinPath [gnugrep coreutils efibootmgr])}
export PATH export PATH
function do_bootnext() { function do_bootnext() {
@ -19,9 +24,10 @@ let
case "$1" in case "$1" in
${lib.concatStringsSep "\n" ( ${lib.concatStringsSep "\n" (
lib.mapAttrsToList (name: value: lib.mapAttrsToList (
" ${escapeShellArg name}) do_bootnext ${escapeShellArg value.efiPartUUID} ${escapeShellArg value.name} ;;" name: value: " ${escapeShellArg name}) do_bootnext ${escapeShellArg value.efiPartUUID} ${escapeShellArg value.name} ;;"
) cfg.entries )
cfg.entries
)} )}
*) echo "Boot entry \"$1\" not configured."; exit 1;; *) echo "Boot entry \"$1\" not configured."; exit 1;;
esac esac
@ -49,18 +55,17 @@ let
bootnextDesktopEntries = pkgs.symlinkJoin { bootnextDesktopEntries = pkgs.symlinkJoin {
name = "bootnext-desktop-entries"; name = "bootnext-desktop-entries";
paths = lib.mapAttrsToList (name: value: pkgs.makeDesktopItem { paths = lib.mapAttrsToList (name: value:
pkgs.makeDesktopItem {
name = "bootnext-reboot-${name}"; name = "bootnext-reboot-${name}";
desktopName = "Reboot into ${value.desktopEntry.name}"; desktopName = "Reboot into ${value.desktopEntry.name}";
comment = "Select the entry defined by the `${name}` configuration in the bootnext script and then reboot."; comment = "Select the entry defined by the `${name}` configuration in the bootnext script and then reboot.";
icon = "${value.desktopEntry.icon}"; icon = "${value.desktopEntry.icon}";
keywords = [ "bootnext" "reboot" "${name}" "${value.desktopEntry.name}" ]; keywords = ["bootnext" "reboot" "${name}" "${value.desktopEntry.name}"];
exec = "${desktopWrapper} ${name}"; exec = "${desktopWrapper} ${name}";
}) (lib.filterAttrs (_: value: value.desktopEntry.enable) cfg.entries); }) (lib.filterAttrs (_: value: value.desktopEntry.enable) cfg.entries);
}; };
in {
in
{
options = { options = {
nixfiles.common.bootnext = { nixfiles.common.bootnext = {
enable = lib.mkOption { enable = lib.mkOption {
@ -71,19 +76,25 @@ in
default = false; default = false;
example = true; example = true;
}; };
enableDesktopEntries = lib.mkEnableOption "generation of bootnext Desktop entries" // { default = true; }; enableDesktopEntries = lib.mkEnableOption "generation of bootnext Desktop entries" // {default = true;};
entries = let entries = let
entryModule = {name, config, ... }: { entryModule = {
name,
config,
...
}: {
options = let options = let
uuidType = with types; lib.mkOptionType { uuidType = with types;
name = "uuid"; lib.mkOptionType {
description = "UUID"; name = "uuid";
descriptionClass = "noun"; description = "UUID";
check = let descriptionClass = "noun";
uuidRegex = "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}$"; check = let
in x: str.check x && (builtins.match uuidRegex x) != null; uuidRegex = "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}$";
inherit (str) merge; in
}; x: str.check x && (builtins.match uuidRegex x) != null;
inherit (str) merge;
};
in { in {
efiPartUUID = lib.mkOption { efiPartUUID = lib.mkOption {
description = "UUID of EFI partition containing boot entry"; description = "UUID of EFI partition containing boot entry";
@ -116,22 +127,26 @@ in
}; };
}; };
}; };
in lib.mkOption { in
description = "bootnext entry"; lib.mkOption {
type = with types; attrsOf (submodule entryModule); description = "bootnext entry";
}; type = with types; attrsOf (submodule entryModule);
};
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = [ bootNextScript ] ++ lib.optional cfg.enableDesktopEntries bootnextDesktopEntries; environment.systemPackages = [bootNextScript] ++ lib.optional cfg.enableDesktopEntries bootnextDesktopEntries;
security.sudo.extraRules = lib.mkAfter [ security.sudo.extraRules = lib.mkAfter [
{ {
commands = [ commands = [
{ command = "${bootNextScriptMain}"; options = [ "NOPASSWD" ]; } {
command = "${bootNextScriptMain}";
options = ["NOPASSWD"];
}
]; ];
groups = [ "wheel" ]; groups = ["wheel"];
} }
]; ];
}; };

31
system/common/busybox.nix
View File

@ -1,18 +1,25 @@
{ config, pkgs, lib, ... }: {
let config,
pkgs,
lib,
...
}: let
cfg = config.nixfiles.common.busybox; cfg = config.nixfiles.common.busybox;
in { in {
options.nixfiles.common.busybox.enable = lib.mkEnableOption "" // { options.nixfiles.common.busybox.enable =
description = '' lib.mkEnableOption ""
Whether to install Busybox into the system environment as a very low // {
priority fallback for common commands. This should *never* override a description = ''
user-installed package. Whether to install Busybox into the system environment as a very low
''; priority fallback for common commands. This should *never* override a
}; user-installed package.
'';
};
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; lib.mkOrder 50 [ environment.systemPackages = with pkgs;
busybox lib.mkOrder 50 [
]; busybox
];
}; };
} }

3
system/common/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./me.nix ./me.nix
./remote.nix ./remote.nix

13
system/common/me.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ...}:
let
cfg = config.nixfiles.common.me;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.common.me;
in {
options.nixfiles.common.me = { options.nixfiles.common.me = {
enable = lib.mkEnableOption "my user account"; enable = lib.mkEnableOption "my user account";
}; };
@ -12,7 +15,7 @@ in
uid = 1000; uid = 1000;
group = "nullbite"; group = "nullbite";
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ] ++ lib.optional config.nixfiles.packageSets.fun.enable "input"; extraGroups = ["wheel"] ++ lib.optional config.nixfiles.packageSets.fun.enable "input";
packages = with pkgs; [ packages = with pkgs; [
keychain keychain
]; ];

25
system/common/nix.nix
View File

@ -1,8 +1,14 @@
{ pkgs, lib, config, options, inputs, nixpkgs, ... }:
let
cfg = config.nixfiles.common.nix;
in
{ {
pkgs,
lib,
config,
options,
inputs,
nixpkgs,
...
}: let
cfg = config.nixfiles.common.nix;
in {
options.nixfiles.common.nix = { options.nixfiles.common.nix = {
enable = lib.mkEnableOption "common Nix configuration"; enable = lib.mkEnableOption "common Nix configuration";
registerNixpkgs = lib.mkOption { registerNixpkgs = lib.mkOption {
@ -11,7 +17,8 @@ in
example = "true"; example = "true";
description = "Whether to register the Nixpkgs revision used by Nixfiles to the system's flake registry and make it tye system's <nixpkgs> channel"; description = "Whether to register the Nixpkgs revision used by Nixfiles to the system's flake registry and make it tye system's <nixpkgs> channel";
}; };
/* # TODO /*
# TODO
register = lib.mkOption { register = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = cfg.enable; default = cfg.enable;
@ -22,8 +29,7 @@ in
}; };
config = lib.mkMerge [ config = lib.mkMerge [
( lib.mkIf cfg.registerNixpkgs { (lib.mkIf cfg.registerNixpkgs {
# this makes modern nix tools use the system's version of nixpkgs # this makes modern nix tools use the system's version of nixpkgs
nix.registry = { nix.registry = {
# this keeps nixfiles-assets in the store so i can save some GitHub LFS # this keeps nixfiles-assets in the store so i can save some GitHub LFS
@ -58,10 +64,9 @@ in
# compatibility becasue once `, vkcube` couldn't find the correct opengl # compatibility becasue once `, vkcube` couldn't find the correct opengl
# driver or something (also it reduces the download size of temporary shell # driver or something (also it reduces the download size of temporary shell
# closures) # closures)
nix.nixPath = [ "nixpkgs=${nixpkgs}" ] ++ options.nix.nixPath.default; nix.nixPath = ["nixpkgs=${nixpkgs}"] ++ options.nix.nixPath.default;
}) })
( lib.mkIf cfg.enable { (lib.mkIf cfg.enable {
# direnv is a tool to automatically load shell environments upon entering # direnv is a tool to automatically load shell environments upon entering
# a directory. nix-direnv has an extensionn to keep nix shells in the # a directory. nix-direnv has an extensionn to keep nix shells in the
# system's gcroots so shells can be used after a gc without rebuilding. # system's gcroots so shells can be used after a gc without rebuilding.

15
system/common/remote.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
cfg = config.nixfiles.common.remoteAccess;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.common.remoteAccess;
in {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
@ -10,7 +13,6 @@ in
enable = true; enable = true;
openFirewall = true; openFirewall = true;
settings = { settings = {
}; };
}; };
@ -27,5 +29,6 @@ in
networking.wireguard.enable = true; networking.wireguard.enable = true;
}; };
options = { options = {
nixfiles.common.remoteAccess.enable = lib.mkEnableOption "remote access options" ; }; nixfiles.common.remoteAccess.enable = lib.mkEnableOption "remote access options";
};
} }

12
system/common/wm.nix
View File

@ -1,9 +1,13 @@
{ pkgs, lib, config, options, ...}: {
let pkgs,
lib,
config,
options,
...
}: let
inherit (lib) mkDefault mkIf mkEnableOption; inherit (lib) mkDefault mkIf mkEnableOption;
cfg = config.nixfiles.common.wm; cfg = config.nixfiles.common.wm;
in in {
{
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Common options for standalone window managers; many of these (or # Common options for standalone window managers; many of these (or
# alternatives thereof) are pulled in by desktop environments. # alternatives thereof) are pulled in by desktop environments.

17
system/default.nix
View File

@ -1,4 +1,14 @@
{ pkgs, config, lib, options, nixpkgs, home-manager, inputs, utils, ... }@args: {
pkgs,
config,
lib,
options,
nixpkgs,
home-manager,
inputs,
utils,
...
} @ args:
# ^ all these args are yucky and non-portable, replace them with a module # ^ all these args are yucky and non-portable, replace them with a module
# called from the scope of the flake that brings relevant # called from the scope of the flake that brings relevant
# inputs/outputs/overlays/etc into scope. this might even make nixfiles # inputs/outputs/overlays/etc into scope. this might even make nixfiles
@ -6,8 +16,7 @@
let let
cfg = config.nixfiles; cfg = config.nixfiles;
flakeType = cfg.lib.types.flake; flakeType = cfg.lib.types.flake;
in in {
{
imports = [ imports = [
./common ./common
./hardware ./hardware
@ -50,7 +59,7 @@ in
lib = lib.mkOption { lib = lib.mkOption {
description = "nixfiles library"; description = "nixfiles library";
default = (import ../lib/nixfiles) { inherit pkgs; }; default = (import ../lib/nixfiles) {inherit pkgs;};
readOnly = true; readOnly = true;
type = lib.types.attrs; type = lib.types.attrs;
}; };

6
system/fragments/debugging.nix
View File

@ -1,5 +1,9 @@
{ config, lib, pkgs, ...}:
{ {
config,
lib,
pkgs,
...
}: {
environment = { environment = {
enableDebugInfo = true; enableDebugInfo = true;
systemPackages = with pkgs; [ systemPackages = with pkgs; [

40
system/hardware/binfmt.nix
View File

@ -1,23 +1,28 @@
{ pkgs, config, lib, options, ... }: {
let pkgs,
config,
configForSystem = (system: lib,
let options,
riscv = [ "riscv32-linux" "riscv64-linux" ]; ...
arm = [ "armv6l-linux" "armv7l-linux" "aarch64-linux" ]; }: let
x86 = [ "i686-linux" "x86_64-linux" ]; configForSystem = (
windows = [ "x86_64-windows" "i686-windows" ]; system: let
riscv = ["riscv32-linux" "riscv64-linux"];
arm = ["armv6l-linux" "armv7l-linux" "aarch64-linux"];
x86 = ["i686-linux" "x86_64-linux"];
windows = ["x86_64-windows" "i686-windows"];
systems = { systems = {
x86_64-linux = riscv ++ arm; x86_64-linux = riscv ++ arm;
aarch64-linux = riscv; aarch64-linux = riscv;
}; };
in in
if (systems ? "${system}") then systems."${system}" else [] if (systems ? "${system}")
then systems."${system}"
else []
); );
emulatedSystems = configForSystem "${pkgs.system}"; emulatedSystems = configForSystem "${pkgs.system}";
cfg = config.nixfiles.binfmt; cfg = config.nixfiles.binfmt;
in in {
{
options.nixfiles.binfmt = { options.nixfiles.binfmt = {
enable = lib.mkOption { enable = lib.mkOption {
description = "Whether to configure default binfmt emulated systems for the current architecture"; description = "Whether to configure default binfmt emulated systems for the current architecture";
@ -29,9 +34,10 @@ in
config = let config = let
enable = cfg.enable && (builtins.length emulatedSystems) > 0; enable = cfg.enable && (builtins.length emulatedSystems) > 0;
in lib.mkMerge [ in
(lib.mkIf enable { lib.mkMerge [
boot.binfmt = {inherit emulatedSystems;}; (lib.mkIf enable {
}) boot.binfmt = {inherit emulatedSystems;};
]; })
];
} }

11
system/hardware/bluetooth.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ...}:
let
cfg = config.nixfiles.hardware.bluetooth;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.hardware.bluetooth;
in {
options.nixfiles.hardware.bluetooth = { options.nixfiles.hardware.bluetooth = {
enable = lib.mkEnableOption "Bluetooth"; enable = lib.mkEnableOption "Bluetooth";
}; };

3
system/hardware/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./bluetooth.nix ./bluetooth.nix
./nvidia.nix ./nvidia.nix

39
system/hardware/gps.nix
View File

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
let
cfg = config.nixfiles.hardware.gps;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.hardware.gps;
in {
options = { options = {
nixfiles.hardware.gps = { nixfiles.hardware.gps = {
enable = lib.mkEnableOption "GPS configuration"; enable = lib.mkEnableOption "GPS configuration";
@ -28,21 +31,21 @@ in
# this could probably be a systemd socket but i don't know how to make those # this could probably be a systemd socket but i don't know how to make those
systemd.services.gpsd-nmea-bridge = lib.mkIf cfg.gpsdBridge { systemd.services.gpsd-nmea-bridge = lib.mkIf cfg.gpsdBridge {
path = with pkgs; [ path = with pkgs; [
gpsd gpsd
coreutils coreutils
socat socat
]; ];
description = "gpsd to Geoclue2 GPS data bridge"; description = "gpsd to Geoclue2 GPS data bridge";
before = [ "geoclue.service" ]; before = ["geoclue.service"];
wantedBy = [ "geoclue.service" "multi-user.target" ]; wantedBy = ["geoclue.service" "multi-user.target"];
serviceConfig = { serviceConfig = {
RuntimeDirectory = "gpsd-nmea"; RuntimeDirectory = "gpsd-nmea";
ExecStart = pkgs.writeShellScript "gpsd-nmea-bridge" '' ExecStart = pkgs.writeShellScript "gpsd-nmea-bridge" ''
exec socat -U UNIX-LISTEN:''${RUNTIME_DIRECTORY}/nmea.sock,fork,reuseaddr,mode=777 SYSTEM:'gpspipe -Br | stdbuf -oL tail -n+4' exec socat -U UNIX-LISTEN:''${RUNTIME_DIRECTORY}/nmea.sock,fork,reuseaddr,mode=777 SYSTEM:'gpspipe -Br | stdbuf -oL tail -n+4'
''; '';
};
}; };
};
services.gpsd.enable = lib.mkIf cfg.gpsdBridge true; services.gpsd.enable = lib.mkIf cfg.gpsdBridge true;
}; };
} }

31
system/hardware/nvidia.nix
View File

@ -1,7 +1,11 @@
{ config, lib, pkgs, ...}: {
let config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.hardware.nvidia; cfg = config.nixfiles.hardware.nvidia;
rcu_patch = pkgs.fetchpatch { rcu_patch = pkgs.fetchpatch {
url = "https://github.com/gentoo/gentoo/raw/c64caf53/x11-drivers/nvidia-drivers/files/nvidia-drivers-470.223.02-gpl-pfn_valid.patch"; url = "https://github.com/gentoo/gentoo/raw/c64caf53/x11-drivers/nvidia-drivers/files/nvidia-drivers-470.223.02-gpl-pfn_valid.patch";
hash = "sha256-eZiQQp2S/asE7MfGvfe6dA/kdCvek9SYa/FFGp24dVg="; hash = "sha256-eZiQQp2S/asE7MfGvfe6dA/kdCvek9SYa/FFGp24dVg=";
@ -11,8 +15,8 @@ let
version = "555.42.02"; version = "555.42.02";
sha256_64bit = "sha256-k7cI3ZDlKp4mT46jMkLaIrc2YUx1lh1wj/J4SVSHWyk="; sha256_64bit = "sha256-k7cI3ZDlKp4mT46jMkLaIrc2YUx1lh1wj/J4SVSHWyk=";
sha256_aarch64 = lib.fakeSha256; sha256_aarch64 = lib.fakeSha256;
openSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA="; openSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA=";
settingsSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA="; settingsSha256 = "sha256-rtDxQjClJ+gyrCLvdZlT56YyHQ4sbaL+d5tL4L4VfkA=";
persistencedSha256 = lib.fakeSha256; persistencedSha256 = lib.fakeSha256;
}; };
@ -24,10 +28,9 @@ let
settingsSha256 = "sha256-9wqoDEWY4I7weWW05F4igj1Gj9wjHsREFMztfEmqm10="; settingsSha256 = "sha256-9wqoDEWY4I7weWW05F4igj1Gj9wjHsREFMztfEmqm10=";
persistencedSha256 = "sha256-d0Q3Lk80JqkS1B54Mahu2yY/WocOqFFbZVBh+ToGhaE="; persistencedSha256 = "sha256-d0Q3Lk80JqkS1B54Mahu2yY/WocOqFFbZVBh+ToGhaE=";
patches = [ rcu_patch ]; patches = [rcu_patch];
}; };
in in {
{
# imports = [ # imports = [
# ../opengl.nix # ../opengl.nix
# ]; # ];
@ -41,10 +44,9 @@ in
nixfiles.hardware.opengl.enable = true; nixfiles.hardware.opengl.enable = true;
boot.kernelParams = [ "nvidia-drm.fbdev=1" ]; boot.kernelParams = ["nvidia-drm.fbdev=1"];
hardware.nvidia = { hardware.nvidia = {
# Modesetting is required. # Modesetting is required.
modesetting.enable = lib.mkDefault true; modesetting.enable = lib.mkDefault true;
@ -56,9 +58,9 @@ in
# Use the NVidia open source kernel module (not to be confused with the # Use the NVidia open source kernel module (not to be confused with the
# independent third-party "nouveau" open source driver). # independent third-party "nouveau" open source driver).
# Support is limited to the Turing and later architectures. Full list of # Support is limited to the Turing and later architectures. Full list of
# supported GPUs is at: # supported GPUs is at:
# https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# Only available from driver 515.43.04+ # Only available from driver 515.43.04+
# Currently alpha-quality/buggy, so false is currently the recommended setting. # Currently alpha-quality/buggy, so false is currently the recommended setting.
open = lib.mkDefault (!(lib.versionOlder config.hardware.nvidia.package.version "560")); open = lib.mkDefault (!(lib.versionOlder config.hardware.nvidia.package.version "560"));
@ -71,7 +73,8 @@ in
# Optionally, you may need to select the appropriate driver version for your specific GPU. # Optionally, you may need to select the appropriate driver version for your specific GPU.
package = let package = let
inherit (config.boot.kernelPackages.nvidiaPackages) production stable latest beta; inherit (config.boot.kernelPackages.nvidiaPackages) production stable latest beta;
in lib.mkDefault latest; in
lib.mkDefault latest;
}; };
}; };
} }

35
system/hardware/opengl.nix
View File

@ -1,24 +1,31 @@
{ config, lib, pkgs, ...}:
let
cfg = config.nixfiles.hardware.opengl;
in
{ {
config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.hardware.opengl;
in {
options.nixfiles.hardware.opengl.enable = lib.mkEnableOption "OpenGL configuration"; options.nixfiles.hardware.opengl.enable = lib.mkEnableOption "OpenGL configuration";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = let environment.systemPackages = let
offload-enabled = config.hardware.nvidia.prime.offload.enableOffloadCmd; offload-enabled = config.hardware.nvidia.prime.offload.enableOffloadCmd;
glxinfo = lib.getExe' pkgs.glxinfo "glxinfo"; glxinfo = lib.getExe' pkgs.glxinfo "glxinfo";
auto-offload = pkgs.writeShellScriptBin "auto-offload" ( auto-offload = pkgs.writeShellScriptBin "auto-offload" (
(if offload-enabled then '' (
if nvidia-offload ${glxinfo} > /dev/null 2>&1 ; then if offload-enabled
exec nvidia-offload "$@" then ''
fi if nvidia-offload ${glxinfo} > /dev/null 2>&1 ; then
'' else "") exec nvidia-offload "$@"
+ fi
'' ''
exec "$@" else ""
''); )
in [ auto-offload ]; + ''
exec "$@"
''
);
in [auto-offload];
# Enable OpenGL # Enable OpenGL
hardware.graphics = { hardware.graphics = {
enable = true; enable = true;

75
system/hardware/sound.nix
View File

@ -1,9 +1,13 @@
{ config, lib, pkgs, inputs, ...}: {
let config,
lib,
pkgs,
inputs,
...
}: let
cfg = config.nixfiles.hardware.sound; cfg = config.nixfiles.hardware.sound;
inherit (lib) optionals mkEnableOption mkIf mkDefault; inherit (lib) optionals mkEnableOption mkIf mkDefault;
in in {
{
# Enable sound. # Enable sound.
# sound.enable = true; # sound.enable = true;
# hardware.pulseaudio.enable = true; # hardware.pulseaudio.enable = true;
@ -18,39 +22,42 @@ in
}; };
}; };
config = lib.mkMerge [(mkIf cfg.enable { config = lib.mkMerge [
security.rtkit.enable = mkDefault true; (mkIf cfg.enable {
services.pipewire = { security.rtkit.enable = mkDefault true;
enable = true; services.pipewire = {
alsa.enable = mkDefault true; enable = true;
alsa.support32Bit = mkDefault config.services.pipewire.alsa.enable; alsa.enable = mkDefault true;
pulse.enable = mkDefault true; alsa.support32Bit = mkDefault config.services.pipewire.alsa.enable;
jack.enable = mkDefault true; pulse.enable = mkDefault true;
extraConfig.pipewire = { jack.enable = mkDefault true;
# this should fix the extreme audio crackling in WINE extraConfig.pipewire = {
# note: this increases audio latency to 960/48000 (20ms) # this should fix the extreme audio crackling in WINE
"10-clock-config" = { # note: this increases audio latency to 960/48000 (20ms)
"context.properties" = { "10-clock-config" = {
"default.clock.min-quantum" = 960; "context.properties" = {
"default.clock.min-quantum" = 960;
};
}; };
}; };
}; };
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
qpwgraph [
easyeffects qpwgraph
] ++ optionals config.services.pipewire.pulse.enable [ easyeffects
pavucontrol ]
ncpamixer ++ optionals config.services.pipewire.pulse.enable [
pulsemixer pavucontrol
]; ncpamixer
}) pulsemixer
({ ];
# use alsa-ucm-conf from unstable (fixes Scarlett Solo channels) })
nixpkgs.overlays = lib.optional cfg.useUnstableUcmConf (final: prev: { {
inherit (inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}) alsa-ucm-conf; # use alsa-ucm-conf from unstable (fixes Scarlett Solo channels)
}); nixpkgs.overlays = lib.optional cfg.useUnstableUcmConf (final: prev: {
}) inherit (inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}) alsa-ucm-conf;
});
}
]; ];
} }

45
system/minecraft.nix
View File

@ -1,10 +1,19 @@
{ config, lib, pkgs, inputs, ... }:
{ {
config,
lib,
pkgs,
inputs,
...
}: {
imports = [ imports = [
inputs.nix-minecraft.nixosModules.minecraft-servers inputs.nix-minecraft.nixosModules.minecraft-servers
]; ];
options.services.minecraft-servers.servers = let options.services.minecraft-servers.servers = let
serverModule = { name, config, ... }: { serverModule = {
name,
config,
...
}: {
options = { options = {
useRecommendedDefaults = lib.mkOption { useRecommendedDefaults = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
@ -21,13 +30,13 @@
modpackFiles = lib.mkOption { modpackFiles = lib.mkOption {
description = "List of files from modpack to copy into server directory"; description = "List of files from modpack to copy into server directory";
type = with lib.types; listOf str; type = with lib.types; listOf str;
default = [ ]; default = [];
}; };
modpackSymlinks = lib.mkOption { modpackSymlinks = lib.mkOption {
description = "List of files from modpack to symlink into server directory"; description = "List of files from modpack to symlink into server directory";
type = with lib.types; listOf str; type = with lib.types; listOf str;
default = [ ]; default = [];
}; };
}; };
@ -37,8 +46,8 @@
jvmOpts = "-Dlog4j2.formatMsgNoLookups=true"; jvmOpts = "-Dlog4j2.formatMsgNoLookups=true";
whitelist = lib.mkDefault { whitelist = lib.mkDefault {
NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4"; NullBite = "e24e8e0e-7540-4126-b737-90043155bcd4";
Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12"; Silveere = "468554f1-27cd-4ea1-9308-3dd14a9b1a12";
YzumThreeEye = "3dad78e8-6979-404f-820e-952ce20964a0"; YzumThreeEye = "3dad78e8-6979-404f-820e-952ce20964a0";
}; };
@ -75,18 +84,26 @@
inherit (config) modpack; inherit (config) modpack;
mcVersion = modpack.manifest.versions.minecraft; mcVersion = modpack.manifest.versions.minecraft;
fixedVersion = lib.replaceStrings [ "." ] [ "_" ] mcVersion; fixedVersion = lib.replaceStrings ["."] ["_"] mcVersion;
quiltVersion = modpack.manifest.versions.quilt or null; quiltVersion = modpack.manifest.versions.quilt or null;
fabricVersion = modpack.manifest.versions.fabric or null; fabricVersion = modpack.manifest.versions.fabric or null;
loader = if (!(builtins.isNull quiltVersion)) then "quilt" else "fabric"; loader =
loaderVersion = if loader == "quilt" then quiltVersion else fabricVersion; if (!(builtins.isNull quiltVersion))
then "quilt"
else "fabric";
loaderVersion =
if loader == "quilt"
then quiltVersion
else fabricVersion;
serverPackage = pkgs.minecraftServers."${loader}-${fixedVersion}".override { inherit loaderVersion; }; serverPackage = pkgs.minecraftServers."${loader}-${fixedVersion}".override {inherit loaderVersion;};
in lib.mkDefault serverPackage; in
lib.mkDefault serverPackage;
}) })
]; ];
}; };
in lib.mkOption { in
type = with lib.types; attrsOf (submodule serverModule); lib.mkOption {
}; type = with lib.types; attrsOf (submodule serverModule);
};
} }

21
system/mitigations.nix
View File

@ -1,5 +1,11 @@
{ pkgs, config, lib, inputs, nixpkgs, ... }: {
let pkgs,
config,
lib,
inputs,
nixpkgs,
...
}: let
p5 = config.services.xserver.desktopManager.plasma5.enable; p5 = config.services.xserver.desktopManager.plasma5.enable;
p6 = config.services.desktopManager.plasma6.enable; p6 = config.services.desktopManager.plasma6.enable;
@ -7,8 +13,11 @@ let
# kernel update # kernel update
newKernelPackages = let newKernelPackages = let
pkgs-new = import inputs.nixpkgs-unstable { inherit (pkgs) system; config.allowUnfree = true; }; pkgs-new = import inputs.nixpkgs-unstable {
in pkgs-new.linuxPackages_latest; inherit (pkgs) system;
in config.allowUnfree = true;
{ };
in
pkgs-new.linuxPackages_latest;
in {
} }

3
system/package-sets/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./gaming.nix ./gaming.nix
./multimedia.nix ./multimedia.nix

47
system/package-sets/fun.nix
View File

@ -1,28 +1,33 @@
{ pkgs, config, lib, ...}:
let
cfg = config.nixfiles.packageSets.fun;
in
{ {
pkgs,
config,
lib,
...
}: let
cfg = config.nixfiles.packageSets.fun;
in {
options.nixfiles.packageSets.fun = { options.nixfiles.packageSets.fun = {
enable = lib.mkEnableOption "fun package set"; enable = lib.mkEnableOption "fun package set";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
cowsay [
uwufetch cowsay
fortune uwufetch
pipes fortune
hollywood pipes
sl hollywood
figlet sl
aalib figlet
asciiquarium aalib
] ++ lib.optionals config.services.xserver.enable [ asciiquarium
oneko ]
] ++ lib.optionals config.services.pipewire.enable [ ++ lib.optionals config.services.xserver.enable [
bucklespring-libinput oneko
espeak ]
]; ++ lib.optionals config.services.pipewire.enable [
bucklespring-libinput
espeak
];
}; };
} }

43
system/package-sets/multimedia.nix
View File

@ -1,28 +1,33 @@
{ config, lib, pkgs, ...}: {
let config,
lib,
pkgs,
...
}: let
cfg = config.nixfiles.packageSets.multimedia; cfg = config.nixfiles.packageSets.multimedia;
inherit (lib) optional optionals mkEnableOption mkIf; inherit (lib) optional optionals mkEnableOption mkIf;
nvidiaEnabled = (lib.elem "nvidia" config.services.xserver.videoDrivers); nvidiaEnabled = lib.elem "nvidia" config.services.xserver.videoDrivers;
in in {
{
options.nixfiles.packageSets.multimedia = { options.nixfiles.packageSets.multimedia = {
enable = mkEnableOption "multimedia packages"; enable = mkEnableOption "multimedia packages";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs; optionals config.services.xserver.enable [ environment.systemPackages = with pkgs;
mpv optionals config.services.xserver.enable [
gimp mpv
krita gimp
inkscape krita
obs-studio inkscape
] ++ [ obs-studio
gallery-dl ]
yt-dlp ++ [
imagemagick gallery-dl
pngquant yt-dlp
gifski imagemagick
ffmpeg pngquant
]; gifski
ffmpeg
];
# needed for NVENC to work in OBS Studio and FFmpeg # needed for NVENC to work in OBS Studio and FFmpeg
boot.kernelModules = optional nvidiaEnabled "nvidia_uvm"; boot.kernelModules = optional nvidiaEnabled "nvidia_uvm";

23
system/profile/base.nix
View File

@ -1,16 +1,21 @@
{ config, lib, pkgs, options, inputs, outputs, ...}@args:
let
cfg = config.nixfiles.profile.base;
in
{ {
config,
lib,
pkgs,
options,
inputs,
outputs,
...
} @ args: let
cfg = config.nixfiles.profile.base;
in {
options.nixfiles.profile.base = { options.nixfiles.profile.base = {
enable = lib.mkEnableOption "base config"; enable = lib.mkEnableOption "base config";
}; };
# TODO was gonna add something but i forgor and now i'm too lazy # TODO was gonna add something but i forgor and now i'm too lazy
# to delete this # to delete this
config = lib.mkMerge [ config = lib.mkMerge [
(lib.mkIf cfg.enable { (lib.mkIf cfg.enable {
nixfiles.common = { nixfiles.common = {
# Enable my account # Enable my account
me.enable = lib.mkDefault true; me.enable = lib.mkDefault true;
@ -30,7 +35,7 @@ in
}; };
# Enable flakes # Enable flakes
nix.settings.experimental-features = ["nix-command" "flakes" ]; nix.settings.experimental-features = ["nix-command" "flakes"];
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
@ -124,7 +129,7 @@ in
]; ];
# Needed for Kvantum themes to be detected # Needed for Kvantum themes to be detected
environment.pathsToLink = [ "/share/Kvantum" ]; environment.pathsToLink = ["/share/Kvantum"];
# allow for more interactive authentication # allow for more interactive authentication
security.polkit.enable = lib.mkDefault true; security.polkit.enable = lib.mkDefault true;

3
system/profile/default.nix
View File

@ -1,5 +1,4 @@
{...}: {...}: {
{
imports = [ imports = [
./base.nix ./base.nix
./pc.nix ./pc.nix

29
system/profile/pc.nix
View File

@ -1,16 +1,21 @@
{ pkgs, config, lib, ... }: {
let pkgs,
config,
lib,
...
}: let
cfg = config.nixfiles.profile.pc; cfg = config.nixfiles.profile.pc;
inherit (lib) mkDefault; inherit (lib) mkDefault;
in in {
{ options.nixfiles.profile.pc.enable =
options.nixfiles.profile.pc.enable = lib.mkEnableOption "minimal PC profile" // { lib.mkEnableOption "minimal PC profile"
description = '' // {
Whether to enable the minimal PC profile. This profile configures basic description = ''
system configuration for physical PCs, such as enabling sound and Whether to enable the minimal PC profile. This profile configures basic
Bluetooth support. system configuration for physical PCs, such as enabling sound and
''; Bluetooth support.
}; '';
};
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
nixfiles.profile.base.enable = lib.mkDefault true; nixfiles.profile.base.enable = lib.mkDefault true;
@ -20,7 +25,7 @@ in
# Pick only one of the below networking options. # Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# FIXME find somewhere else to put this # FIXME find somewhere else to put this
networking.networkmanager.enable = lib.mkDefault true; # Easiest to use and most distros use this by default. networking.networkmanager.enable = lib.mkDefault true; # Easiest to use and most distros use this by default.
# contains icons for bootnext desktop entries (the Windows icon); there's # contains icons for bootnext desktop entries (the Windows icon); there's
# probably no reason to *not* include this. # probably no reason to *not* include this.

10
system/profile/server.nix
View File

@ -1,10 +1,12 @@
{ config, lib, ... }: {
let config,
lib,
...
}: let
cfg = config.nixfiles.profile.server; cfg = config.nixfiles.profile.server;
inherit (lib) mkEnableOption mkDefault; inherit (lib) mkEnableOption mkDefault;
inherit (lib.types) bool int str; inherit (lib.types) bool int str;
in in {
{
options.nixfiles.profile.server.enable = mkEnableOption "server profile"; options.nixfiles.profile.server.enable = mkEnableOption "server profile";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {

30
system/profile/workstation.nix
View File

@ -1,17 +1,21 @@
{ pkgs, config, lib, ... }: {
let pkgs,
config,
lib,
...
}: let
cfg = config.nixfiles.profile.workstation; cfg = config.nixfiles.profile.workstation;
inherit (lib) mkDefault; inherit (lib) mkDefault;
in in {
{ options.nixfiles.profile.workstation.enable =
options.nixfiles.profile.workstation.enable = lib.mkEnableOption "workstation (featureful PC) profile" // lib.mkEnableOption "workstation (featureful PC) profile"
{ // {
description = '' description = ''
Whether to enable the workstation (featureful PC) profile. This profile Whether to enable the workstation (featureful PC) profile. This profile
enables the base PC profile, as well as installs and configures various enables the base PC profile, as well as installs and configures various
other programs for a more complete computing experience. other programs for a more complete computing experience.
''; '';
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
nixfiles.profile.pc.enable = lib.mkDefault true; nixfiles.profile.pc.enable = lib.mkDefault true;
nixfiles.packageSets.multimedia.enable = lib.mkDefault true; nixfiles.packageSets.multimedia.enable = lib.mkDefault true;
@ -37,7 +41,7 @@ in
nerd-fonts.fira-code nerd-fonts.fira-code
font-awesome font-awesome
noto-fonts-cjk-sans noto-fonts-cjk-sans
(google-fonts.override { fonts = [ "NovaSquare" ];}) (google-fonts.override {fonts = ["NovaSquare"];})
]; ];
# TODO this should be defined in home-manager or not at all probably # TODO this should be defined in home-manager or not at all probably

15
system/programs/android.nix
View File

@ -1,14 +1,19 @@
{ config, lib, pkgs, outputs, vars, ...}@args:
let
cfg = config.nixfiles.programs.adb;
in
{ {
config,
lib,
pkgs,
outputs,
vars,
...
} @ args: let
cfg = config.nixfiles.programs.adb;
in {
options.nixfiles.programs.adb = { options.nixfiles.programs.adb = {
enable = lib.mkEnableOption "adb configuration"; enable = lib.mkEnableOption "adb configuration";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
programs.adb.enable = true; programs.adb.enable = true;
users.users.${vars.username}.extraGroups = [ "adbusers" ]; users.users.${vars.username}.extraGroups = ["adbusers"];
}; };
} }

Some files were not shown because too many files have changed in this diff Show More