From b29ddd5e659c75c9a96f335bf8dfade318fd7fa3 Mon Sep 17 00:00:00 2001 From: Natsu Kagami Date: Thu, 3 Apr 2025 13:59:50 +0200 Subject: [PATCH] Massive nixfmt reformatting --- cachix.nix | 6 +- cachix/natsukagami.nix | 1 - common.nix | 35 +- darwin/brew.nix | 11 +- darwin/configuration.nix | 13 +- flake.nix | 199 +++-- home/common-linux.nix | 93 ++- home/common.nix | 8 +- home/fish/fish.nix | 24 +- home/fish/tide/default.nix | 48 +- home/kagami-pc-home.nix | 85 ++- home/kakoune.nix | 60 +- home/macbook-home.nix | 7 +- home/macbook-nixos.nix | 23 +- home/modules/X11/xfce4-notifyd.nix | 7 +- home/modules/linux/graphical/alacritty.nix | 18 +- home/modules/linux/graphical/default.nix | 166 ++-- home/modules/linux/graphical/wayland.nix | 125 +-- home/modules/linux/graphical/x11.nix | 13 +- home/modules/linux/graphical/x11/hidpi.nix | 7 +- home/modules/linux/graphical/x11/i3.nix | 171 +++-- .../linux/graphical/x11/i3/screenshot.nix | 9 +- home/modules/monitors.nix | 77 +- home/modules/programs/my-broot.nix | 18 +- home/modules/programs/my-kakoune/default.nix | 35 +- .../programs/my-kakoune/fish-session.nix | 7 +- .../programs/my-kakoune/tree-sitter.nix | 146 ++-- home/modules/programs/my-kitty/darwin.nix | 11 +- home/modules/programs/my-kitty/default.nix | 62 +- home/modules/programs/my-kitty/linux.nix | 7 +- home/modules/programs/my-kitty/tabs.nix | 61 +- home/modules/programs/my-niri.nix | 335 ++++++-- home/modules/programs/my-sway/default.nix | 394 ++++++---- home/modules/programs/my-sway/ibus.nix | 31 +- home/modules/programs/my-waybar.nix | 721 +++++++++--------- home/modules/programs/openconnect-epfl.nix | 13 +- home/nki-framework.nix | 23 +- home/nki-x1c1.nix | 48 +- home/osu/default.nix | 8 +- kagami-air-m1/configuration.nix | 48 +- kagami-air-m1/hardware-configuration.nix | 38 +- modules/cloud/authentik/default.nix | 36 +- modules/cloud/bitwarden/default.nix | 7 +- modules/cloud/conduit/default.nix | 171 +++-- modules/cloud/conduit/heisenbridge.nix | 44 +- modules/cloud/firezone/default.nix | 20 +- modules/cloud/gotosocial/default.nix | 58 +- modules/cloud/mail/default.nix | 20 +- modules/cloud/postgresql/default.nix | 7 +- modules/cloud/traefik/certs-dumper.nix | 7 +- modules/cloud/traefik/config.nix | 246 +++--- modules/cloud/traefik/dashboard.nix | 10 +- modules/cloud/traefik/default.nix | 36 +- modules/cloud/writefreely/default.nix | 8 +- modules/common/linux/default.nix | 362 +++++---- modules/my-tinc/default.nix | 136 ++-- modules/my-tinc/hosts.nix | 43 +- modules/personal/fonts/default.nix | 121 +-- modules/personal/fonts/mounting.nix | 13 +- modules/personal/u2f.nix | 7 +- modules/services/edns/default.nix | 28 +- modules/services/nix-build-farm/default.nix | 16 +- modules/services/nix-build-farm/hosts.nix | 24 +- modules/services/nix-cache/default.nix | 16 +- modules/services/swaylock.nix | 7 +- nki-framework/configuration.nix | 34 +- nki-framework/hardware-configuration.nix | 80 +- nki-framework/wireless.nix | 3 +- nki-home/audio/default.nix | 8 +- nki-home/configuration.nix | 133 ++-- nki-home/hardware-configuration.nix | 68 +- nki-home/peertube-runner.nix | 44 +- nki-personal-do/configuration.nix | 66 +- nki-personal-do/gitea.nix | 38 +- nki-personal-do/grist.nix | 29 +- nki-personal-do/hardware-configuration.nix | 20 +- nki-personal-do/headscale.nix | 26 +- nki-personal-do/invidious.nix | 39 +- nki-personal-do/miniflux.nix | 24 +- nki-personal-do/n8n.nix | 11 +- nki-personal-do/n8n/plugins/package.nix | 3 +- nki-personal-do/outline.nix | 20 +- nki-personal-do/owncast.nix | 7 +- nki-personal-do/peertube.nix | 27 +- nki-personal-do/phanpy.nix | 18 +- nki-personal-do/synapse.nix | 73 +- nki-personal-do/vikunja.nix | 23 +- nki-personal-do/writefreely.nix | 19 +- nki-personal-do/writefreely/module.nix | 276 ++++--- nki-x1c1/configuration.nix | 29 +- nki-x1c1/hardware-configuration.nix | 54 +- nki-yoga-g8/configuration.nix | 22 +- nki-yoga-g8/hardware-configuration.nix | 45 +- overlay.nix | 73 +- packages/aarch64-linux/typora.nix | 70 +- packages/aarch64-linux/zotero.nix | 22 +- packages/common/epfl-cups-drivers/default.nix | 4 +- packages/common/kak-tree-sitter/default.nix | 26 +- packages/common/nki-kakoune/default.nix | 43 +- packages/common/nki-kakoune/faces.nix | 11 +- .../common/nki-kakoune/kaktex/default.nix | 9 +- packages/common/nki-kakoune/lsp.nix | 387 ++++++++-- packages/common/nki-kakoune/plugins.nix | 79 +- packages/common/nki-kakoune/rc.nix | 15 +- packages/common/nki-kakoune/themes.nix | 8 +- packages/common/nki-kakoune/utils.nix | 17 +- packages/common/suwako-cursors/default.nix | 1 - packages/common/ttaenc.nix | 3 +- packages/common/vikunja.nix | 29 +- 109 files changed, 4323 insertions(+), 2368 deletions(-) diff --git a/cachix.nix b/cachix.nix index ecd2d39..338e8f2 100644 --- a/cachix.nix +++ b/cachix.nix @@ -1,4 +1,3 @@ - # WARN: this file will get overwritten by $ cachix use { pkgs, lib, ... }: @@ -7,7 +6,8 @@ let toImport = name: value: folder + ("/" + name); filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key; imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); -in { +in +{ inherit imports; - nix.settings.substituters = ["https://cache.nixos.org/"]; + nix.settings.substituters = [ "https://cache.nixos.org/" ]; } diff --git a/cachix/natsukagami.nix b/cachix/natsukagami.nix index 55a7d5a..fa0b752 100644 --- a/cachix/natsukagami.nix +++ b/cachix/natsukagami.nix @@ -1,4 +1,3 @@ - { nix = { settings = { diff --git a/common.nix b/common.nix index d0173c7..4d437a8 100644 --- a/common.nix +++ b/common.nix @@ -1,16 +1,33 @@ let # Default shell - defaultShell = { lib, pkgs, config, ... }: with lib; { - environment.shells = with pkgs; [ bash fish ]; - users.users = mkMerge [ - { nki.shell = pkgs.bash; } - # (mkIf (builtins.hasAttr "natsukagami" config.users.users) { natsukagami.shell = pkgs.fish; }) - ]; - }; + defaultShell = + { + lib, + pkgs, + config, + ... + }: + with lib; + { + environment.shells = with pkgs; [ + bash + fish + ]; + users.users = mkMerge [ + { nki.shell = pkgs.bash; } + # (mkIf (builtins.hasAttr "natsukagami" config.users.users) { natsukagami.shell = pkgs.fish; }) + ]; + }; in # Common stuff -{ lib, pkgs, config, ... }: -with lib; { +{ + lib, + pkgs, + config, + ... +}: +with lib; +{ imports = [ # defaultShell ./modules/services/nix-cache diff --git a/darwin/brew.nix b/darwin/brew.nix index 81e25de..72aba81 100644 --- a/darwin/brew.nix +++ b/darwin/brew.nix @@ -1,11 +1,14 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; { homebrew.enable = true; - homebrew.brewPrefix = - if pkgs.stdenv.isAarch64 then "/opt/homebrew/bin" - else "/usr/local/bin"; + homebrew.brewPrefix = if pkgs.stdenv.isAarch64 then "/opt/homebrew/bin" else "/usr/local/bin"; homebrew.onActivation.cleanup = "zap"; homebrew.onActivation.upgrade = true; diff --git a/darwin/configuration.nix b/darwin/configuration.nix index db2df03..3e1d595 100644 --- a/darwin/configuration.nix +++ b/darwin/configuration.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { imports = [ @@ -7,8 +12,10 @@ ]; # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget - environment.systemPackages = - with pkgs; [ podman qemu ]; + environment.systemPackages = with pkgs; [ + podman + qemu + ]; environment.shells = with pkgs; [ fish ]; diff --git a/flake.nix b/flake.nix index df2774f..4429d4f 100644 --- a/flake.nix +++ b/flake.nix @@ -61,86 +61,120 @@ secrets.url = "git+ssh://git@github.com/natsukagami/nix-deploy-secrets"; }; - outputs = { self, darwin, nixpkgs, nixpkgs-unstable, home-manager, deploy-rs, sops-nix, ... }@inputs: + outputs = + { + self, + darwin, + nixpkgs, + nixpkgs-unstable, + home-manager, + deploy-rs, + sops-nix, + ... + }@inputs: let overlays = import ./overlay.nix inputs; lib = nixpkgs.lib; - applyOverlays = { ... }: { - nixpkgs.overlays = lib.mkAfter overlays; - }; - - nixpkgsAsRegistry_ = stable: { lib, ... }: { - imports = [ applyOverlays ]; - nix.registry.current-system.flake = self; - nix.registry.nixpkgs-unstable.flake = nixpkgs-unstable; - nixpkgs.config.allowUnfree = true; - nix.nixPath = lib.mkDefault [ - "nixpkgs-unstable=${nixpkgs-unstable}" - ]; - }; - - osuStable = { pkgs, ... }: { - nix.settings = { - substituters = [ "https://nix-gaming.cachix.org" ]; - trusted-public-keys = [ "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" ]; + applyOverlays = + { ... }: + { + nixpkgs.overlays = lib.mkAfter overlays; }; - environment.systemPackages = [ inputs.nix-gaming.packages.${pkgs.hostPlatform.system}.osu-stable ]; - programs.gamemode = { - enable = true; - enableRenice = true; - settings = { - general = { - renice = 10; - }; - custom = { - start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'"; - end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'"; + nixpkgsAsRegistry_ = + stable: + { lib, ... }: + { + imports = [ applyOverlays ]; + nix.registry.current-system.flake = self; + nix.registry.nixpkgs-unstable.flake = nixpkgs-unstable; + nixpkgs.config.allowUnfree = true; + nix.nixPath = lib.mkDefault [ + "nixpkgs-unstable=${nixpkgs-unstable}" + ]; + }; + + osuStable = + { pkgs, ... }: + { + nix.settings = { + substituters = [ "https://nix-gaming.cachix.org" ]; + trusted-public-keys = [ "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" ]; + }; + environment.systemPackages = [ inputs.nix-gaming.packages.${pkgs.hostPlatform.system}.osu-stable ]; + programs.gamemode = { + enable = true; + enableRenice = true; + settings = { + general = { + renice = 10; + }; + + custom = { + start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'"; + end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'"; + }; }; }; }; - }; # Common Nix modules - common-nix = stable: { ... }: { - imports = [ - (nixpkgsAsRegistry_ stable) - ./common.nix - sops-nix.nixosModules.sops - inputs.lix-module.nixosModules.default - ]; - config.nix.settings.extra-deprecated-features = [ "url-literals" ]; # So lix won't complain - }; - common-nixos = stable: { ... }: { - imports = [ - ./modules/my-tinc - ./modules/common/linux - (common-nix stable) - inputs.secrets.nixosModules.common - inputs.nix-gaming.nixosModules.pipewireLowLatency - inputs.niri.nixosModules.niri - ]; - }; + common-nix = + stable: + { ... }: + { + imports = [ + (nixpkgsAsRegistry_ stable) + ./common.nix + sops-nix.nixosModules.sops + inputs.lix-module.nixosModules.default + ]; + config.nix.settings.extra-deprecated-features = [ "url-literals" ]; # So lix won't complain + }; + common-nixos = + stable: + { ... }: + { + imports = [ + ./modules/my-tinc + ./modules/common/linux + (common-nix stable) + inputs.secrets.nixosModules.common + inputs.nix-gaming.nixosModules.pipewireLowLatency + inputs.niri.nixosModules.niri + ]; + }; - mkPersonalSystem = nixpkgs-module: system: { configuration - , homeManagerUsers ? { } - , extraModules ? [ ] - , includeCommonModules ? true - , - }: + mkPersonalSystem = + nixpkgs-module: system: + { + configuration, + homeManagerUsers ? { }, + extraModules ? [ ], + includeCommonModules ? true, + }: let home-manager-module = - if nixpkgs-module == inputs.nixpkgs then inputs.home-manager - else if nixpkgs-module == inputs.nixpkgs-unstable then inputs.home-manager-unstable - else builtins.abort "Unknown nixpkgs module, use `nixpkgs` or `nixpkgs-unstable`"; + if nixpkgs-module == inputs.nixpkgs then + inputs.home-manager + else if nixpkgs-module == inputs.nixpkgs-unstable then + inputs.home-manager-unstable + else + builtins.abort "Unknown nixpkgs module, use `nixpkgs` or `nixpkgs-unstable`"; in nixpkgs-module.lib.nixosSystem { inherit system; modules = - (if includeCommonModules then [ - (common-nixos nixpkgs-module) - ] else [ ]) ++ [ + ( + if includeCommonModules then + [ + (common-nixos nixpkgs-module) + ] + else + [ ] + ) + ++ [ configuration # Home Manager home-manager-module.nixosModules.home-manager @@ -149,7 +183,8 @@ home-manager.useUserPackages = true; home-manager.users = homeManagerUsers; } - ] ++ extraModules; + ] + ++ extraModules; }; in @@ -186,14 +221,17 @@ homeManagerUsers.nki = import ./home/nki-x1c1.nix; extraModules = [ inputs.lanzaboote.nixosModules.lanzaboote - ({ ... }: { - # Sets up secure boot - boot.loader.systemd-boot.enable = lib.mkForce false; - boot.lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; - }; - }) + ( + { ... }: + { + # Sets up secure boot + boot.loader.systemd-boot.enable = lib.mkForce false; + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + } + ) ]; }; # framework configuration @@ -203,14 +241,17 @@ extraModules = [ inputs.lanzaboote.nixosModules.lanzaboote inputs.nixos-hardware.nixosModules.framework-13-7040-amd - ({ ... }: { - # Sets up secure boot - boot.loader.systemd-boot.enable = lib.mkForce false; - boot.lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; - }; - }) + ( + { ... }: + { + # Sets up secure boot + boot.loader.systemd-boot.enable = lib.mkForce false; + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + } + ) ]; }; # macbook nixos diff --git a/home/common-linux.nix b/home/common-linux.nix index d348f23..3edbaf9 100644 --- a/home/common-linux.nix +++ b/home/common-linux.nix @@ -1,24 +1,34 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let - kwallet = { pkgs, lib, ... }: { - home.packages = with pkgs; [ kdePackages.kwallet kdePackages.ksshaskpass ]; - home.sessionVariables = { - # https://wiki.archlinux.org/title/KDE_Wallet#Using_the_KDE_Wallet_to_store_ssh_key_passphrases - SSH_ASKPASS = lib.getExe pkgs.kdePackages.ksshaskpass; - SSH_ASKPASS_REQUIRE = "prefer"; + kwallet = + { pkgs, lib, ... }: + { + home.packages = with pkgs; [ + kdePackages.kwallet + kdePackages.ksshaskpass + ]; + home.sessionVariables = { + # https://wiki.archlinux.org/title/KDE_Wallet#Using_the_KDE_Wallet_to_store_ssh_key_passphrases + SSH_ASKPASS = lib.getExe pkgs.kdePackages.ksshaskpass; + SSH_ASKPASS_REQUIRE = "prefer"; + }; + # Enable this for sway + wayland.windowManager.sway.config.startup = [ + { command = "${pkgs.kdePackages.kwallet-pam}/libexec/pam_kwallet_init"; } + ]; + # Automatic dbus activation + xdg.dataFile."dbus-1/services/org.freedesktop.secrets.service".text = '' + [D-BUS Service] + Name=org.freedesktop.secrets + Exec=${pkgs.kdePackages.kwallet}/bin/kwalletd6 + ''; }; - # Enable this for sway - wayland.windowManager.sway.config.startup = [ - { command = "${pkgs.kdePackages.kwallet-pam}/libexec/pam_kwallet_init"; } - ]; - # Automatic dbus activation - xdg.dataFile."dbus-1/services/org.freedesktop.secrets.service".text = '' - [D-BUS Service] - Name=org.freedesktop.secrets - Exec=${pkgs.kdePackages.kwallet}/bin/kwalletd6 - ''; - }; in { imports = [ @@ -27,33 +37,34 @@ in ./modules/X11/xfce4-notifyd.nix kwallet ]; - config = (mkIf pkgs.stdenv.isLinux { - home.packages = with pkgs; [ - psmisc # killall and friends - file # Query file type - zip - python3 + config = ( + mkIf pkgs.stdenv.isLinux { + home.packages = with pkgs; [ + psmisc # killall and friends + file # Query file type + zip + python3 - pinentry-gnome3 # until pinentry-qt introduces caching - ]; + pinentry-gnome3 # until pinentry-qt introduces caching + ]; - systemd.user.startServices = "sd-switch"; + systemd.user.startServices = "sd-switch"; - # Audio stuff! - # services.easyeffects.enable = true; + # Audio stuff! + # services.easyeffects.enable = true; - # Bluetooth controls - # services.mpris-proxy.enable = true; + # Bluetooth controls + # services.mpris-proxy.enable = true; - # Owncloud - services.owncloud-client.enable = true; - services.owncloud-client.package = pkgs.owncloud-client.overrideAttrs (attrs: { - buildInputs = attrs.buildInputs ++ [ pkgs.qt6.qtwayland ]; - }); - systemd.user.services.owncloud-client.Unit.After = [ "graphical-session.target" ]; + # Owncloud + services.owncloud-client.enable = true; + services.owncloud-client.package = pkgs.owncloud-client.overrideAttrs (attrs: { + buildInputs = attrs.buildInputs ++ [ pkgs.qt6.qtwayland ]; + }); + systemd.user.services.owncloud-client.Unit.After = [ "graphical-session.target" ]; - # UDisks automounter - services.udiskie.enable = true; - }); + # UDisks automounter + services.udiskie.enable = true; + } + ); } - diff --git a/home/common.nix b/home/common.nix index 466a7e0..64b5137 100644 --- a/home/common.nix +++ b/home/common.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { imports = [ @@ -52,7 +57,6 @@ $pdf_previewer = '${lib.getExe' pkgs.xdg-utils "xdg-open"}'; ''; - home.sessionVariables = { # Bat theme BAT_THEME = "GitHub"; diff --git a/home/fish/fish.nix b/home/fish/fish.nix index 58babb5..88b19de 100644 --- a/home/fish/fish.nix +++ b/home/fish/fish.nix @@ -1,4 +1,10 @@ -{ config, options, pkgs, lib, ... }: +{ + config, + options, + pkgs, + lib, + ... +}: with lib; let @@ -157,7 +163,6 @@ in }; }; - tide = { enable = true; leftItems = options.programs.fish.tide.leftItems.default; @@ -172,10 +177,7 @@ in }; everywhereAbbrs = { - lsports = - if pkgs.stdenv.isDarwin - then "lsof -i -P | grep LISTEN" - else "ss -tulp"; + lsports = if pkgs.stdenv.isDarwin then "lsof -i -P | grep LISTEN" else "ss -tulp"; }; shellInit = '' @@ -234,11 +236,11 @@ in bind -M default gl end-of-line # Everywhere abbrs - ${ - concatStringsSep "\n" - (mapAttrsToList (k: v: "abbr --add --position anywhere -- ${k} ${escapeShellArg v}") - config.programs.fish.everywhereAbbrs) - } + ${concatStringsSep "\n" ( + mapAttrsToList ( + k: v: "abbr --add --position anywhere -- ${k} ${escapeShellArg v}" + ) config.programs.fish.everywhereAbbrs + )} # Replace today with actual today abbr --add --position anywhere today -f echo-today diff --git a/home/fish/tide/default.nix b/home/fish/tide/default.nix index 2ac4b4c..3d878ae 100644 --- a/home/fish/tide/default.nix +++ b/home/fish/tide/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let @@ -42,25 +47,38 @@ in leftItems = mkOption { type = types.listOf types.str; description = "The list of left-items. Note that `newline` and `character` is not included here and will always appear last"; - default = [ "os" "context" "pwd" "git" ]; + default = [ + "os" + "context" + "pwd" + "git" + ]; }; }; config.programs.fish = let - tideItems = attrsets.mapAttrs' (name: def: { name = "_tide_item_${name}"; value = def; }); + tideItems = attrsets.mapAttrs' ( + name: def: { + name = "_tide_item_${name}"; + value = def; + } + ); in mkIf cfg.enable { - functions = tideItems ({ - nix_shell = '' - # In a Nix Shell - if set -qx DIRENV_FILE && test -f $DIRENV_FILE && rg -q "^use flake" $DIRENV_FILE - set -U tide_nix_shell_color "FFA500" - set -U tide_nix_shell_bg_color normal - _tide_print_item nix_shell "❄" - end - ''; - } // cfg.items); + functions = tideItems ( + { + nix_shell = '' + # In a Nix Shell + if set -qx DIRENV_FILE && test -f $DIRENV_FILE && rg -q "^use flake" $DIRENV_FILE + set -U tide_nix_shell_color "FFA500" + set -U tide_nix_shell_bg_color normal + _tide_print_item nix_shell "❄" + end + ''; + } + // cfg.items + ); plugins = [ { name = "tide"; @@ -78,7 +96,9 @@ in config.xdg.configFile."fish/tide/init.fish" = { text = '' # Configure tide items - set -U tide_left_prompt_items ${concatMapStringsSep " " escapeShellArg cfg.leftItems} newline character + set -U tide_left_prompt_items ${ + concatMapStringsSep " " escapeShellArg cfg.leftItems + } newline character set -U tide_right_prompt_items ${concatMapStringsSep " " escapeShellArg cfg.rightItems} time ''; diff --git a/home/kagami-pc-home.nix b/home/kagami-pc-home.nix index b5bab2b..8574de0 100644 --- a/home/kagami-pc-home.nix +++ b/home/kagami-pc-home.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: { imports = [ @@ -14,19 +19,22 @@ home.homeDirectory = "/home/nki"; # More packages - home.packages = (with pkgs; [ - # Gaming stuff - wineWowPackages.full - # wine-lol - winetricks - lutris - steam + home.packages = ( + with pkgs; + [ + # Gaming stuff + wineWowPackages.full + # wine-lol + winetricks + lutris + steam - # Manage tlmc - flacon - ttaenc - picard - ]); + # Manage tlmc + flacon + ttaenc + picard + ] + ); # Enable X11 configuration linux.graphical.type = "wayland"; @@ -46,12 +54,24 @@ # 144hz adaptive refresh ON! nki.programs.kitty.enable = true; nki.programs.kitty.fontSize = 14; - programs.my-waybar.makeBars = with config.common.monitors; barWith: [ - # For primary - (barWith { extraSettings = { output = [ home_4k.meta.connection ]; }; }) - # For secondary, hide mpd - (barWith { showMedia = false; showConnectivity = false; extraSettings = { output = [ home_1440.meta.connection ]; }; }) - ]; + programs.my-waybar.makeBars = + with config.common.monitors; + barWith: [ + # For primary + (barWith { + extraSettings = { + output = [ home_4k.meta.connection ]; + }; + }) + # For secondary, hide mpd + (barWith { + showMedia = false; + showConnectivity = false; + extraSettings = { + output = [ home_1440.meta.connection ]; + }; + }) + ]; # Yellow light! services.wlsunset = { @@ -72,10 +92,28 @@ # ncmpcpp programs.ncmpcpp.enable = true; programs.ncmpcpp.bindings = [ - { key = "j"; command = "scroll_down"; } - { key = "k"; command = "scroll_up"; } - { key = "J"; command = [ "select_item" "scroll_down" ]; } - { key = "K"; command = [ "select_item" "scroll_up" ]; } + { + key = "j"; + command = "scroll_down"; + } + { + key = "k"; + command = "scroll_up"; + } + { + key = "J"; + command = [ + "select_item" + "scroll_down" + ]; + } + { + key = "K"; + command = [ + "select_item" + "scroll_up" + ]; + } ]; programs.ncmpcpp.settings = { # General @@ -133,4 +171,3 @@ # changes in each release. home.stateVersion = "21.05"; } - diff --git a/home/kakoune.nix b/home/kakoune.nix index 09898c3..5f8e6eb 100644 --- a/home/kakoune.nix +++ b/home/kakoune.nix @@ -68,7 +68,15 @@ in in { grammar.src = src; - grammar.compile.args = [ "-c" "-fpic" "../parser.c" "../scanner.c" "../unicode.h" "-I" ".." ]; + grammar.compile.args = [ + "-c" + "-fpic" + "../parser.c" + "../scanner.c" + "../unicode.h" + "-I" + ".." + ]; queries.src = src; queries.path = "queries"; }; @@ -79,9 +87,24 @@ in rev = "0e36bed171768908f331ff7dff9d956bae016efb"; hash = "sha256-bpiT3FraOZhJaoiFWAoVJX1O+plnIi8aXOW2LwyU23M="; }; - grammar.compile.args = [ "-c" "-fpic" "../scanner.cc" "../parser.c" "-I" ".." ]; - grammar.link.args = [ "-shared" "-fpic" "scanner.o" "parser.o" ]; - grammar.link.flags = [ "-O3" "-lstdc++" ]; + grammar.compile.args = [ + "-c" + "-fpic" + "../scanner.cc" + "../parser.c" + "-I" + ".." + ]; + grammar.link.args = [ + "-shared" + "-fpic" + "scanner.o" + "parser.o" + ]; + grammar.link.flags = [ + "-O3" + "-lstdc++" + ]; queries.src = pkgs.fetchFromGitHub { owner = "helix-editor"; @@ -115,8 +138,18 @@ in go = { grammar.src = tree-sitter-go; - grammar.compile.args = [ "-c" "-fpic" "../parser.c" "-I" ".." ]; - grammar.link.args = [ "-shared" "-fpic" "parser.o" ]; + grammar.compile.args = [ + "-c" + "-fpic" + "../parser.c" + "-I" + ".." + ]; + grammar.link.args = [ + "-shared" + "-fpic" + "parser.o" + ]; queries.src = tree-sitter-go; queries.path = "queries"; }; @@ -132,11 +165,20 @@ in in { grammar.src = src; - grammar.compile.args = [ "-c" "-fpic" "../parser.c" "-I" ".." ]; - grammar.link.args = [ "-shared" "-fpic" "parser.o" ]; + grammar.compile.args = [ + "-c" + "-fpic" + "../parser.c" + "-I" + ".." + ]; + grammar.link.args = [ + "-shared" + "-fpic" + "parser.o" + ]; queries.src = src; queries.path = "queries"; }; }; } - diff --git a/home/macbook-home.nix b/home/macbook-home.nix index 6a0ac4e..ddc2fbf 100644 --- a/home/macbook-home.nix +++ b/home/macbook-home.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { imports = [ ./common.nix ]; diff --git a/home/macbook-nixos.nix b/home/macbook-nixos.nix index ee48625..567ad81 100644 --- a/home/macbook-nixos.nix +++ b/home/macbook-nixos.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let discord = pkgs.armcord.override { nss = pkgs.nss_latest; }; @@ -30,15 +35,18 @@ in ''; # More packages - home.packages = (with pkgs; [ - mate.mate-terminal + home.packages = ( + with pkgs; + [ + mate.mate-terminal - firefox-wayland + firefox-wayland - discord + discord - typora - ]); + typora + ] + ); # Graphical set up linux.graphical.type = "wayland"; @@ -125,4 +133,3 @@ in # changes in each release. home.stateVersion = "21.05"; } - diff --git a/home/modules/X11/xfce4-notifyd.nix b/home/modules/X11/xfce4-notifyd.nix index 8acd107..739fbdc 100644 --- a/home/modules/X11/xfce4-notifyd.nix +++ b/home/modules/X11/xfce4-notifyd.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let diff --git a/home/modules/linux/graphical/alacritty.nix b/home/modules/linux/graphical/alacritty.nix index a0a4e11..8bdecd1 100644 --- a/home/modules/linux/graphical/alacritty.nix +++ b/home/modules/linux/graphical/alacritty.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let @@ -28,7 +33,10 @@ in }; shell = { program = "/bin/sh"; - args = [ "-ic" "${config.programs.fish.package}/bin/fish" ]; + args = [ + "-ic" + "${config.programs.fish.package}/bin/fish" + ]; }; colors = { # Default colors @@ -57,7 +65,11 @@ in }; key_bindings = [ - { key = "C"; mods = "Alt|Control"; action = "SpawnNewInstance"; } + { + key = "C"; + mods = "Alt|Control"; + action = "SpawnNewInstance"; + } ]; }; }; diff --git a/home/modules/linux/graphical/default.nix b/home/modules/linux/graphical/default.nix index 1d0f143..d99e821 100644 --- a/home/modules/linux/graphical/default.nix +++ b/home/modules/linux/graphical/default.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: with lib; let cfg = config.linux.graphical; @@ -17,34 +22,56 @@ let end ''; - mkPackageWithDesktopOption = opts: mkOption ({ - type = types.submodule { - options = { - package = mkOption { - type = types.package; - description = "The package for " + description; + mkPackageWithDesktopOption = + opts: + mkOption ( + { + type = types.submodule { + options = { + package = mkOption { + type = types.package; + description = "The package for " + description; + }; + desktopFile = mkOption { + type = types.nullOr types.str; + default = null; + description = "The desktop file name for " + description + ", defaults to [packagename].desktop"; + }; + }; }; - desktopFile = mkOption { - type = types.nullOr types.str; - default = null; - description = "The desktop file name for " + description + ", defaults to [packagename].desktop"; - }; - }; - }; - } // opts); + } + // opts + ); - desktopFileOf = cfg: if cfg.desktopFile == null then "${cfg.package}/share/applications/${cfg.package.pname}.desktop" else cfg.desktopFile; + desktopFileOf = + cfg: + if cfg.desktopFile == null then + "${cfg.package}/share/applications/${cfg.package.pname}.desktop" + else + cfg.desktopFile; in { - imports = [ ./x11.nix ./wayland.nix ./alacritty.nix ]; + imports = [ + ./x11.nix + ./wayland.nix + ./alacritty.nix + ]; options.linux.graphical = { type = mkOption { - type = types.nullOr (types.enum [ "x11" "wayland" ]); + type = types.nullOr ( + types.enum [ + "x11" + "wayland" + ] + ); description = "Enable linux graphical configurations, with either 'x11' or 'wayland'"; default = null; }; wallpaper = mkOption { - type = types.oneOf [ types.str types.path ]; + type = types.oneOf [ + types.str + types.path + ]; description = "Path to the wallpaper file"; default = ""; }; @@ -59,52 +86,61 @@ in }; defaults = { webBrowser = mkPackageWithDesktopOption { description = "default web browser"; }; - terminal = mkPackageWithDesktopOption { description = "default terminal"; default.package = pkgs.kitty; }; - discord = mkPackageWithDesktopOption { description = "Discord client"; default.package = pkgs.vesktop; }; + terminal = mkPackageWithDesktopOption { + description = "default terminal"; + default.package = pkgs.kitty; + }; + discord = mkPackageWithDesktopOption { + description = "Discord client"; + default.package = pkgs.vesktop; + }; }; }; config = mkIf (cfg.type != null) { # Packages - home.packages = (with pkgs; [ - cfg.defaults.webBrowser.package - cfg.defaults.terminal.package + home.packages = ( + with pkgs; + [ + cfg.defaults.webBrowser.package + cfg.defaults.terminal.package - ## GUI stuff - evince # PDF reader - gparted - vscode - feh # For images? - deluge # Torrent client - pavucontrol # PulseAudio control panel - sublime-music # For navidrome - # cinny-desktop - gajim - vivaldi - # Audio - qpwgraph # Pipewire graph - audacity - vlc + ## GUI stuff + evince # PDF reader + gparted + vscode + feh # For images? + deluge # Torrent client + pavucontrol # PulseAudio control panel + sublime-music # For navidrome + # cinny-desktop + gajim + vivaldi + # Audio + qpwgraph # Pipewire graph + audacity + vlc - unstable.zotero - libreoffice + unstable.zotero + libreoffice - mpv # for anki - anki-bin + mpv # for anki + anki-bin - # Chat stuff - tdesktop - whatsapp-for-linux - slack - zoom-us + # Chat stuff + tdesktop + whatsapp-for-linux + slack + zoom-us - - ## CLI stuff - dex # .desktop file management, startup - # sct # Display color temperature - xdg-utils # Open stuff - wifi-indicator - ] ++ cfg.startup); + ## CLI stuff + dex # .desktop file management, startup + # sct # Display color temperature + xdg-utils # Open stuff + wifi-indicator + ] + ++ cfg.startup + ); # OBS programs.obs-studio = { @@ -129,7 +165,10 @@ in xdg.mimeApps.enable = true; xdg.mimeApps.associations.added = { - "x-scheme-handler/mailto" = [ "thunderbird.desktop" "org.gnome.Evolution.desktop" ]; + "x-scheme-handler/mailto" = [ + "thunderbird.desktop" + "org.gnome.Evolution.desktop" + ]; "application/pdf" = [ "org.gnome.Evince.desktop" ]; "text/plain" = [ "kakoune.desktop" ]; @@ -154,7 +193,10 @@ in }; xdg.mimeApps.defaultApplications = { # Email - "x-scheme-handler/mailto" = [ "thunderbird.desktop" "org.gnome.Evolution.desktop" ]; + "x-scheme-handler/mailto" = [ + "thunderbird.desktop" + "org.gnome.Evolution.desktop" + ]; "x-scheme-handler/webcal" = [ "thunderbird.desktop" ]; "x-scheme-handler/webcals" = [ "thunderbird.desktop" ]; @@ -246,7 +288,10 @@ in ## Qt qt.enable = true; qt.platformTheme.name = "kde"; - qt.platformTheme.package = with pkgs.kdePackages; [ plasma-integration systemsettings ]; + qt.platformTheme.package = with pkgs.kdePackages; [ + plasma-integration + systemsettings + ]; qt.style.package = [ pkgs.kdePackages.breeze ]; qt.style.name = "Breeze"; @@ -267,7 +312,8 @@ in }; autoStartup = listToAttrs (map f cfg.startup); in - autoStartup // { + autoStartup + // { ## Polkit UI "autostart/polkit.desktop".text = '' ${builtins.readFile "${pkgs.pantheon.pantheon-agent-polkit}/etc/xdg/autostart/io.elementary.desktop.agent-polkit.desktop"} @@ -304,5 +350,3 @@ in }; }; } - - diff --git a/home/modules/linux/graphical/wayland.nix b/home/modules/linux/graphical/wayland.nix index 3f4fcf6..df956a8 100644 --- a/home/modules/linux/graphical/wayland.nix +++ b/home/modules/linux/graphical/wayland.nix @@ -1,40 +1,60 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let - notificationModule = { config, pkgs, lib, ... }: + notificationModule = + { + config, + pkgs, + lib, + ... + }: let swaync = pkgs.swaynotificationcenter; in - with lib; mkIf (config.linux.graphical.type == "wayland") { + with lib; + mkIf (config.linux.graphical.type == "wayland") { services.swaync = { enable = true; - settings.widgets = [ "inhibitors" "title" "dnd" "mpris" "notifications" ]; + settings.widgets = [ + "inhibitors" + "title" + "dnd" + "mpris" + "notifications" + ]; style = ./swaync.css; }; programs.my-waybar = { - extraSettings = [{ - modules-right = mkAfter [ "custom/swaync" ]; - modules."custom/swaync" = { - tooltip = false; - format = "{icon} {}"; - format-icons = { - notification = ""; - none = ""; - dnd-notification = ""; - dnd-none = ""; - inhibited-notification = ""; - inhibited-none = ""; - dnd-inhibited-notification = ""; - dnd-inhibited-none = ""; + extraSettings = [ + { + modules-right = mkAfter [ "custom/swaync" ]; + modules."custom/swaync" = { + tooltip = false; + format = "{icon} {}"; + format-icons = { + notification = ""; + none = ""; + dnd-notification = ""; + dnd-none = ""; + inhibited-notification = ""; + inhibited-none = ""; + dnd-inhibited-notification = ""; + dnd-inhibited-none = ""; + }; + return-type = "json"; + # exec-if = "which swaync-client"; + exec = "${swaync}/bin/swaync-client -swb"; + on-click = "${swaync}/bin/swaync-client -t -sw"; + on-click-right = "${swaync}/bin/swaync-client -d -sw"; + escape = true; }; - return-type = "json"; - # exec-if = "which swaync-client"; - exec = "${swaync}/bin/swaync-client -swb"; - on-click = "${swaync}/bin/swaync-client -t -sw"; - on-click-right = "${swaync}/bin/swaync-client -d -sw"; - escape = true; - }; - }]; + } + ]; extraStyle = mkAfter '' #custom-swaync { background: #F0FFFF; @@ -44,32 +64,43 @@ let }; }; - plasmaModule = { pkgs, ... }: { - home.packages = with pkgs.kdePackages; [ - discover - kmail - kontact - akonadi - kdepim-runtime - kmail-account-wizard - akonadi-import-wizard - ]; - xdg.configFile."plasma-workspace/env/wayland.sh".source = pkgs.writeScript "plasma-wayland-env.sh" '' - export NIXOS_OZONE_WL=1 - ''; - xdg.dataFile."dbus-1/services/org.freedesktop.Notifications.service".source = "${pkgs.kdePackages.plasma-workspace}/share/dbus-1/services/org.kde.plasma.Notifications.service"; - }; + plasmaModule = + { pkgs, ... }: + { + home.packages = with pkgs.kdePackages; [ + discover + kmail + kontact + akonadi + kdepim-runtime + kmail-account-wizard + akonadi-import-wizard + ]; + xdg.configFile."plasma-workspace/env/wayland.sh".source = + pkgs.writeScript "plasma-wayland-env.sh" '' + export NIXOS_OZONE_WL=1 + ''; + xdg.dataFile."dbus-1/services/org.freedesktop.Notifications.service".source = + "${pkgs.kdePackages.plasma-workspace}/share/dbus-1/services/org.kde.plasma.Notifications.service"; + }; rofi-rbw-script = pkgs.writeShellApplication { name = "rofi-rbw-script"; - runtimeInputs = with pkgs; [ rofi wtype rofi-rbw ]; + runtimeInputs = with pkgs; [ + rofi + wtype + rofi-rbw + ]; text = "rofi-rbw"; meta.mainProgram = "rofi-rbw-script"; }; in with lib; { - imports = [ notificationModule plasmaModule ]; + imports = [ + notificationModule + plasmaModule + ]; config = mkIf (config.linux.graphical.type == "wayland") { # Additional packages home.packages = with pkgs; [ @@ -92,7 +123,12 @@ with lib; font = "monospace"; terminal = "${lib.getExe config.programs.kitty.package}"; theme = "Paper"; - plugins = with pkgs; [ rofi-bluetooth rofi-calc rofi-rbw rofi-power-menu ]; + plugins = with pkgs; [ + rofi-bluetooth + rofi-calc + rofi-rbw + rofi-power-menu + ]; }; home.sessionVariables = { @@ -129,4 +165,3 @@ with lib; # }; }; } - diff --git a/home/modules/linux/graphical/x11.nix b/home/modules/linux/graphical/x11.nix index 800e27a..3960cb7 100644 --- a/home/modules/linux/graphical/x11.nix +++ b/home/modules/linux/graphical/x11.nix @@ -1,10 +1,18 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.linux.graphical; in with lib; { - imports = [ ./x11/hidpi.nix ./x11/i3.nix ]; + imports = [ + ./x11/hidpi.nix + ./x11/i3.nix + ]; options.linux.graphical.hasDE = mkOption { type = types.bool; description = "When enabled, disable stuff that already comes with a DE"; @@ -43,4 +51,3 @@ with lib; }; }; } - diff --git a/home/modules/linux/graphical/x11/hidpi.nix b/home/modules/linux/graphical/x11/hidpi.nix index 2ec8e09..267da7b 100644 --- a/home/modules/linux/graphical/x11/hidpi.nix +++ b/home/modules/linux/graphical/x11/hidpi.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let diff --git a/home/modules/linux/graphical/x11/i3.nix b/home/modules/linux/graphical/x11/i3.nix index b92c7dc..58e923c 100644 --- a/home/modules/linux/graphical/x11/i3.nix +++ b/home/modules/linux/graphical/x11/i3.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let @@ -18,12 +23,14 @@ let "10: 10" ]; wsAttrs = builtins.listToAttrs ( - map - (i: { name = toString (remainder i 10); value = builtins.elemAt workspaces (i - 1); }) - (range 1 11) + map (i: { + name = toString (remainder i 10); + value = builtins.elemAt workspaces (i - 1); + }) (range 1 11) ); remainder = x: y: x - (builtins.div x y) * y; - range = from: to: + range = + from: to: let f = cur: if cur == to then [ ] else [ cur ] ++ f (cur + 1); in @@ -40,27 +47,55 @@ in xsession.windowManager.i3 = { enable = true; config.assigns = { - "${wsAttrs."1"}" = [{ class = "^firefox$"; }]; - "${wsAttrs."2"}" = [{ class = "^discord$"; }]; + "${wsAttrs."1"}" = [ { class = "^firefox$"; } ]; + "${wsAttrs."2"}" = [ { class = "^discord$"; } ]; }; - config.bars = [{ - command = "${pkgs.i3-gaps}/bin/i3bar -t"; - statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ~/.config/i3status-rust/config-default.toml"; - position = "top"; - colors = { - background = "#00000080"; - statusline = "#ffffff"; - separator = "#666666"; + config.bars = [ + { + command = "${pkgs.i3-gaps}/bin/i3bar -t"; + statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ~/.config/i3status-rust/config-default.toml"; + position = "top"; + colors = { + background = "#00000080"; + statusline = "#ffffff"; + separator = "#666666"; - focusedWorkspace = { background = "#4c7899"; border = "#285577"; text = "#ffffff"; }; - activeWorkspace = { background = "#333333"; border = "#5f676a"; text = "#ffffff"; }; - inactiveWorkspace = { background = "#333333"; border = "#222222"; text = "#888888"; }; - urgentWorkspace = { background = "#2f343a"; border = "#900000"; text = "#ffffff"; }; - bindingMode = { background = "#2f343a"; border = "#900000"; text = "#ffffff"; }; - }; - }]; + focusedWorkspace = { + background = "#4c7899"; + border = "#285577"; + text = "#ffffff"; + }; + activeWorkspace = { + background = "#333333"; + border = "#5f676a"; + text = "#ffffff"; + }; + inactiveWorkspace = { + background = "#333333"; + border = "#222222"; + text = "#888888"; + }; + urgentWorkspace = { + background = "#2f343a"; + border = "#900000"; + text = "#ffffff"; + }; + bindingMode = { + background = "#2f343a"; + border = "#900000"; + text = "#ffffff"; + }; + }; + } + ]; config.focus.newWindow = "none"; - config.fonts = { names = [ "FantasqueSansMono Nerd Font Mono" "monospace" ]; size = 11.0; }; + config.fonts = { + names = [ + "FantasqueSansMono Nerd Font Mono" + "monospace" + ]; + size = 11.0; + }; config.gaps.outer = 5; config.gaps.inner = 5; config.gaps.smartGaps = true; @@ -69,53 +104,57 @@ in config.window.titlebar = false; # Keybindings - config.keybindings = lib.mkOptionDefault ({ - ## vim-style movements - "${mod}+h" = "focus left"; - "${mod}+j" = "focus down"; - "${mod}+k" = "focus up"; - "${mod}+l" = "focus right"; - "${mod}+Shift+h" = "move left"; - "${mod}+Shift+j" = "move down"; - "${mod}+Shift+k" = "move up"; - "${mod}+Shift+l" = "move right"; - ## Splits - "${mod}+v" = "split v"; - "${mod}+Shift+v" = "split h"; - ## Run - "${mod}+r" = "exec ${pkgs.dmenu}/bin/dmenu_run"; - "${mod}+d" = "exec i3-dmenu-desktop --dmenu='${pkgs.dmenu}/bin/dmenu -i'"; - } // ( - builtins.listToAttrs (lib.flatten (map - (key: [ - { - name = "${mod}+${key}"; - value = "workspace ${builtins.getAttr key wsAttrs}"; - } - { - name = "${mod}+Shift+${key}"; - value = "move to workspace ${builtins.getAttr key wsAttrs}"; - } - ]) - (builtins.attrNames wsAttrs)) - ))); + config.keybindings = lib.mkOptionDefault ( + { + ## vim-style movements + "${mod}+h" = "focus left"; + "${mod}+j" = "focus down"; + "${mod}+k" = "focus up"; + "${mod}+l" = "focus right"; + "${mod}+Shift+h" = "move left"; + "${mod}+Shift+j" = "move down"; + "${mod}+Shift+k" = "move up"; + "${mod}+Shift+l" = "move right"; + ## Splits + "${mod}+v" = "split v"; + "${mod}+Shift+v" = "split h"; + ## Run + "${mod}+r" = "exec ${pkgs.dmenu}/bin/dmenu_run"; + "${mod}+d" = "exec i3-dmenu-desktop --dmenu='${pkgs.dmenu}/bin/dmenu -i'"; + } + // (builtins.listToAttrs ( + lib.flatten ( + map (key: [ + { + name = "${mod}+${key}"; + value = "workspace ${builtins.getAttr key wsAttrs}"; + } + { + name = "${mod}+Shift+${key}"; + value = "move to workspace ${builtins.getAttr key wsAttrs}"; + } + ]) (builtins.attrNames wsAttrs) + ) + )) + ); # Workspace config.defaultWorkspace = "workspace ${builtins.getAttr "1" wsAttrs}"; - config.startup = [ - { command = "firefox"; } - { command = "discord"; } - { command = "dex -ae i3"; } - { command = "ibus-daemon -drxR"; } - ] ++ - ( - if (config.linux.graphical.wallpaper != "") - then [{ command = "${pkgs.feh}/bin/feh --bg-fill ${config.linux.graphical.wallpaper}"; }] - else [ ] - ); + config.startup = + [ + { command = "firefox"; } + { command = "discord"; } + { command = "dex -ae i3"; } + { command = "ibus-daemon -drxR"; } + ] + ++ ( + if (config.linux.graphical.wallpaper != "") then + [ { command = "${pkgs.feh}/bin/feh --bg-fill ${config.linux.graphical.wallpaper}"; } ] + else + [ ] + ); }; - # i3status programs.i3status-rust.enable = true; programs.i3status-rust.bars.default = { @@ -154,5 +193,3 @@ in }; }; } - - diff --git a/home/modules/linux/graphical/x11/i3/screenshot.nix b/home/modules/linux/graphical/x11/i3/screenshot.nix index ab1a580..dba2f89 100644 --- a/home/modules/linux/graphical/x11/i3/screenshot.nix +++ b/home/modules/linux/graphical/x11/i3/screenshot.nix @@ -1,9 +1,14 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; { xsession.windowManager.i3.config = mkIf (config.linux.graphical.x11.enablei3) { - startup = [{ command = "${pkgs.flameshot}/bin/flameshot"; }]; + startup = [ { command = "${pkgs.flameshot}/bin/flameshot"; } ]; keybindings = mkOptionDefault { "Print" = "exec ${pkgs.flameshot}/bin/flameshot gui"; }; }; } diff --git a/home/modules/monitors.nix b/home/modules/monitors.nix index f9180a5..eb36d55 100644 --- a/home/modules/monitors.nix +++ b/home/modules/monitors.nix @@ -1,24 +1,42 @@ # A monitor list and common sway set up -{ config, pkgs, lib, ... }: with lib; +{ + config, + pkgs, + lib, + ... +}: +with lib; let monitors = { # Internal "framework" = { name = "BOE 0x0BCA Unknown"; - meta.mode = { width = 2256; height = 1504; refresh = 60.0; }; + meta.mode = { + width = 2256; + height = 1504; + refresh = 60.0; + }; scale = 1.25; }; "yoga" = { name = "AU Optronics 0xD291 Unknown"; meta.connection = "eDP-1"; - meta.mode = { width = 1920; height = 1080; refresh = 60.026; }; + meta.mode = { + width = 1920; + height = 1080; + refresh = 60.026; + }; scale = 1; }; # External ## Work @ EPFL "work" = { name = "LG Electronics LG ULTRAFINE 301MAXSGHD10"; - meta.mode = { width = 3840; height = 2160; refresh = 60.0; }; + meta.mode = { + width = 3840; + height = 2160; + refresh = 60.0; + }; scale = 1.25; }; "home_4k" = { @@ -27,8 +45,15 @@ let adaptive_sync = "on"; meta = { connection = "DP-2"; - mode = { width = 3840; height = 2160; refresh = 60.0; }; - fixedPosition = { x = 0; y = 0; }; + mode = { + width = 3840; + height = 2160; + refresh = 60.0; + }; + fixedPosition = { + x = 0; + y = 0; + }; niriName = "PNP(AOC) U28G2G6B PPYP2JA000013"; }; }; @@ -37,15 +62,26 @@ let adaptive_sync = "on"; meta = { connection = "DP-3"; - mode = { width = 2560; height = 1440; refresh = 165.0; }; - fixedPosition = { x = 2560; y = 0; }; + mode = { + width = 2560; + height = 1440; + refresh = 165.0; + }; + fixedPosition = { + x = 2560; + y = 0; + }; niriName = "PNP(AOC) Q27G2G3R3B VXJP6HA000442"; }; }; "viewsonic_1080" = { name = "ViewSonic Corporation XG2402 SERIES V4K182501054"; - meta.mode = { width = 1920; height = 1080; refresh = 144.0; }; + meta.mode = { + width = 1920; + height = 1080; + refresh = 144.0; + }; adaptive_sync = "on"; }; @@ -53,13 +89,21 @@ let eachMonitor = _name: monitor: { name = monitor.name; - value = builtins.removeAttrs monitor [ "scale" "name" "meta" ] // (lib.optionalAttrs (monitor ? scale) { - scale = toString monitor.scale; - }) // { - mode = with monitor.meta.mode; "${toString width}x${toString height}@${toString refresh}Hz"; - } // (lib.optionalAttrs (monitor.meta ? fixedPosition) { - position = with monitor.meta.fixedPosition; "${toString x} ${toString y}"; - }); + value = + builtins.removeAttrs monitor [ + "scale" + "name" + "meta" + ] + // (lib.optionalAttrs (monitor ? scale) { + scale = toString monitor.scale; + }) + // { + mode = with monitor.meta.mode; "${toString width}x${toString height}@${toString refresh}Hz"; + } + // (lib.optionalAttrs (monitor.meta ? fixedPosition) { + position = with monitor.meta.fixedPosition; "${toString x} ${toString y}"; + }); }; in { @@ -73,4 +117,3 @@ in mapAttrs' eachMonitor config.common.monitors ); } - diff --git a/home/modules/programs/my-broot.nix b/home/modules/programs/my-broot.nix index 89a71bf..7b3eb3b 100644 --- a/home/modules/programs/my-broot.nix +++ b/home/modules/programs/my-broot.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let @@ -91,10 +96,13 @@ in # Add an extra syntax_color config xdg.configFile."broot/conf.toml".source = mkOverride 1 ( - tomlFormat.generate "broot-config" (with config.programs.broot; { - inherit (settings) verbs modal skin; - syntax_theme = "base16-ocean.light"; - }) + tomlFormat.generate "broot-config" ( + with config.programs.broot; + { + inherit (settings) verbs modal skin; + syntax_theme = "base16-ocean.light"; + } + ) ); }; } diff --git a/home/modules/programs/my-kakoune/default.nix b/home/modules/programs/my-kakoune/default.nix index 18d6dec..050a53a 100644 --- a/home/modules/programs/my-kakoune/default.nix +++ b/home/modules/programs/my-kakoune/default.nix @@ -1,11 +1,20 @@ -{ config, options, pkgs, lib, ... }: +{ + config, + options, + pkgs, + lib, + ... +}: with lib; let cfg = config.programs.my-kakoune; in { - imports = [ ./fish-session.nix ./tree-sitter.nix ]; + imports = [ + ./fish-session.nix + ./tree-sitter.nix + ]; options.programs.my-kakoune = { enable = mkEnableOption "My version of the kakoune configuration"; @@ -38,7 +47,11 @@ in let kakouneFaces = let - txt = strings.concatStringsSep "\n" (builtins.attrValues (builtins.mapAttrs (name: face: "face global ${name} \"${face}\"") cfg.extraFaces)); + txt = strings.concatStringsSep "\n" ( + builtins.attrValues ( + builtins.mapAttrs (name: face: "face global ${name} \"${face}\"") cfg.extraFaces + ) + ); in pkgs.writeText "faces.kak" txt; in @@ -51,15 +64,13 @@ in # Load faces source ${kakouneFaces} ''; - } // lib.mapAttrs' - (name: attrs: { - name = "kak/autoload/${name}"; - value = attrs // { - target = "kak/autoload/${name}"; - }; - }) - cfg.autoloadFile; + } + // lib.mapAttrs' (name: attrs: { + name = "kak/autoload/${name}"; + value = attrs // { + target = "kak/autoload/${name}"; + }; + }) cfg.autoloadFile; xdg.dataFile."kak".source = "${cfg.package}/share/kak"; }; } - diff --git a/home/modules/programs/my-kakoune/fish-session.nix b/home/modules/programs/my-kakoune/fish-session.nix index 1f497f4..777261b 100644 --- a/home/modules/programs/my-kakoune/fish-session.nix +++ b/home/modules/programs/my-kakoune/fish-session.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let diff --git a/home/modules/programs/my-kakoune/tree-sitter.nix b/home/modules/programs/my-kakoune/tree-sitter.nix index 07f12cf..12c1aac 100644 --- a/home/modules/programs/my-kakoune/tree-sitter.nix +++ b/home/modules/programs/my-kakoune/tree-sitter.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let cfg = config.programs.my-kakoune.tree-sitter; @@ -14,14 +19,44 @@ let default = "src"; }; grammar.compile = { - command = mkOption { type = types.str; default = "${pkgs.gcc}/bin/gcc"; }; - args = mkOption { type = types.listOf types.str; default = [ "-c" "-fpic" "../parser.c" "../scanner.c" "-I" ".." ]; }; - flags = mkOption { type = types.listOf types.str; default = [ "-O3" ]; }; + command = mkOption { + type = types.str; + default = "${pkgs.gcc}/bin/gcc"; + }; + args = mkOption { + type = types.listOf types.str; + default = [ + "-c" + "-fpic" + "../parser.c" + "../scanner.c" + "-I" + ".." + ]; + }; + flags = mkOption { + type = types.listOf types.str; + default = [ "-O3" ]; + }; }; grammar.link = { - command = mkOption { type = types.str; default = "${pkgs.gcc}/bin/gcc"; }; - args = mkOption { type = types.listOf types.str; default = [ "-shared" "-fpic" "parser.o" "scanner.o" ]; }; - flags = mkOption { type = types.listOf types.str; default = [ "-O3" ]; }; + command = mkOption { + type = types.str; + default = "${pkgs.gcc}/bin/gcc"; + }; + args = mkOption { + type = types.listOf types.str; + default = [ + "-shared" + "-fpic" + "parser.o" + "scanner.o" + ]; + }; + flags = mkOption { + type = types.listOf types.str; + default = [ "-O3" ]; + }; }; queries.src = mkOption { type = types.package; @@ -34,12 +69,27 @@ let }; }; mkGrammarPackage = - { name - , src - , grammarPath ? "src" - , grammarCompileArgs ? [ "-O3" "-c" "-fpic" "../parser.c" "../scanner.c" "-I" ".." ] - , grammarLinkArgs ? [ "-shared" "-fpic" "parser.o" "scanner.o" ] - }: pkgs.stdenv.mkDerivation { + { + name, + src, + grammarPath ? "src", + grammarCompileArgs ? [ + "-O3" + "-c" + "-fpic" + "../parser.c" + "../scanner.c" + "-I" + ".." + ], + grammarLinkArgs ? [ + "-shared" + "-fpic" + "parser.o" + "scanner.o" + ], + }: + pkgs.stdenv.mkDerivation { inherit src; name = "kak-tree-sitter-grammar-${name}.so"; version = "latest"; @@ -215,43 +265,54 @@ in toTs = name: "ts_${strings.concatStringsSep "_" (strings.splitString "." name)}"; toScm = name: strings.concatStringsSep "." (strings.splitString "_" name); - definedFaces = attrsets.mapAttrs' (name: value: { inherit value; name = toTs name; }) allGroups; - aliasFaces = attrsets.mapAttrs' (name: value: { name = toTs name; value = "@${toTs value}"; }) aliases; + definedFaces = attrsets.mapAttrs' (name: value: { + inherit value; + name = toTs name; + }) allGroups; + aliasFaces = attrsets.mapAttrs' (name: value: { + name = toTs name; + value = "@${toTs value}"; + }) aliases; faces = attrsets.recursiveUpdate definedFaces aliasFaces; toml = pkgs.formats.toml { }; - toLanguageConf = name: lang: with lang; { - grammar = { - source.local.path = mkGrammarPackage { - inherit name; - src = grammar.src; - grammarPath = grammar.path; - grammarCompileArgs = grammar.compile.flags ++ grammar.compile.args; - grammarLinkArgs = grammar.link.flags ++ grammar.link.args; + toLanguageConf = + name: lang: with lang; { + grammar = { + source.local.path = mkGrammarPackage { + inherit name; + src = grammar.src; + grammarPath = grammar.path; + grammarCompileArgs = grammar.compile.flags ++ grammar.compile.args; + grammarLinkArgs = grammar.link.flags ++ grammar.link.args; + }; + compile = grammar.compile.command; + compile_args = grammar.compile.args; + compile_flags = grammar.compile.flags; + link = grammar.link.command; + link_args = grammar.link.args ++ [ + "-o" + "${name}.so" + ]; + link_flags = grammar.link.flags; + }; + queries = rec { + path = if queries.path == null then "runtime/queries/${name}" else queries.path; + source.local.path = "${queries.src}/${path}"; }; - compile = grammar.compile.command; - compile_args = grammar.compile.args; - compile_flags = grammar.compile.flags; - link = grammar.link.command; - link_args = grammar.link.args ++ [ "-o" "${name}.so" ]; - link_flags = grammar.link.flags; }; - queries = rec { - path = if queries.path == null then "runtime/queries/${name}" else queries.path; - source.local.path = "${queries.src}/${path}"; - }; - }; in mkIf cfg.enable { - assertions = with lib.asserts; ([ ] - ++ attrsets.mapAttrsToList - (name: _: { - assertion = (! (builtins.hasAttr name allGroups)); - message = "${name} was both defined and aliased"; - }) - aliases - ); + assertions = + with lib.asserts; + ( + [ ] + ++ attrsets.mapAttrsToList (name: _: { + assertion = (!(builtins.hasAttr name allGroups)); + message = "${name} was both defined and aliased"; + }) aliases + ); home.packages = [ cfg.package ]; xdg.configFile."kak-tree-sitter/config.toml" = { @@ -271,4 +332,3 @@ in }; } - diff --git a/home/modules/programs/my-kitty/darwin.nix b/home/modules/programs/my-kitty/darwin.nix index d90f12e..c634cba 100644 --- a/home/modules/programs/my-kitty/darwin.nix +++ b/home/modules/programs/my-kitty/darwin.nix @@ -1,9 +1,15 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.nki.programs.kitty; cmd = "cmd"; in -with lib; { +with lib; +{ programs.kitty = mkIf (cfg.enable && pkgs.stdenv.isDarwin) { # Darwin-specific setup @@ -24,4 +30,3 @@ with lib; { }; }; } - diff --git a/home/modules/programs/my-kitty/default.nix b/home/modules/programs/my-kitty/default.nix index 45801dd..42812c2 100644 --- a/home/modules/programs/my-kitty/default.nix +++ b/home/modules/programs/my-kitty/default.nix @@ -1,21 +1,41 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.nki.programs.kitty; - theme = { lib, options, config, ... }: { - programs.kitty = lib.mkIf config.nki.programs.kitty.enable ( - if builtins.hasAttr "themeFile" options.programs.kitty then { - themeFile = "ayu_light"; - } else { - theme = "Ayu Light"; - } - ); - }; + theme = + { + lib, + options, + config, + ... + }: + { + programs.kitty = lib.mkIf config.nki.programs.kitty.enable ( + if builtins.hasAttr "themeFile" options.programs.kitty then + { + themeFile = "ayu_light"; + } + else + { + theme = "Ayu Light"; + } + ); + }; in with lib; { - imports = [ theme ./darwin.nix ./linux.nix ./tabs.nix ]; + imports = [ + theme + ./darwin.nix + ./linux.nix + ./tabs.nix + ]; options.nki.programs.kitty = { enable = mkEnableOption "Enable kitty"; @@ -73,14 +93,17 @@ with lib; let # Background color and transparency background = - if isNull cfg.background then { - background_opacity = "0.93"; - dynamic_background_opacity = true; - } else { - background_image = "${cfg.background}"; - background_image_layout = "scaled"; - background_tint = "0.85"; - }; + if isNull cfg.background then + { + background_opacity = "0.93"; + dynamic_background_opacity = true; + } + else + { + background_image = "${cfg.background}"; + background_image_layout = "scaled"; + background_tint = "0.85"; + }; in mkMerge [ background @@ -123,4 +146,3 @@ with lib; ''; }; } - diff --git a/home/modules/programs/my-kitty/linux.nix b/home/modules/programs/my-kitty/linux.nix index e30b774..0007412 100644 --- a/home/modules/programs/my-kitty/linux.nix +++ b/home/modules/programs/my-kitty/linux.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.nki.programs.kitty; in diff --git a/home/modules/programs/my-kitty/tabs.nix b/home/modules/programs/my-kitty/tabs.nix index 2adcbdf..0aa54c6 100644 --- a/home/modules/programs/my-kitty/tabs.nix +++ b/home/modules/programs/my-kitty/tabs.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.nki.programs.kitty; @@ -7,33 +12,33 @@ in with lib; { programs.kitty = mkIf cfg.enableTabs { - keybindings = { - "${cmd}+t" = "new_tab_with_cwd"; - "${cmd}+shift+t" = "new_tab"; - "${cmd}+shift+o" = "launch --cwd=current --location=vsplit"; - "${cmd}+o" = "launch --cwd=current --location=hsplit"; - "${cmd}+r" = "start_resizing_window"; - "${cmd}+shift+r" = "layout_action rotate"; - ## Move the active window in the indicated direction - "${cmd}+shift+h" = "move_window left"; - "${cmd}+shift+k" = "move_window up"; - "${cmd}+shift+j" = "move_window down"; - "${cmd}+shift+l" = "move_window right"; - ## Switch focus to the neighboring window in the indicated direction - "${cmd}+h" = "neighboring_window left"; - "${cmd}+k" = "neighboring_window up"; - "${cmd}+j" = "neighboring_window down "; - "${cmd}+l" = "neighboring_window right"; - ## Detach window to its own tab - "${cmd}+shift+d" = "detach_window new-tab"; - ## Change layout to fullscreen (stack) and back - "${cmd}+f" = "toggle_layout stack"; - } - # Tab bindings - // builtins.listToAttrs - (map - (x: attrsets.nameValuePair "${cmd}+${toString x}" "goto_tab ${toString x}") - (lists.range 1 9)); + keybindings = + { + "${cmd}+t" = "new_tab_with_cwd"; + "${cmd}+shift+t" = "new_tab"; + "${cmd}+shift+o" = "launch --cwd=current --location=vsplit"; + "${cmd}+o" = "launch --cwd=current --location=hsplit"; + "${cmd}+r" = "start_resizing_window"; + "${cmd}+shift+r" = "layout_action rotate"; + ## Move the active window in the indicated direction + "${cmd}+shift+h" = "move_window left"; + "${cmd}+shift+k" = "move_window up"; + "${cmd}+shift+j" = "move_window down"; + "${cmd}+shift+l" = "move_window right"; + ## Switch focus to the neighboring window in the indicated direction + "${cmd}+h" = "neighboring_window left"; + "${cmd}+k" = "neighboring_window up"; + "${cmd}+j" = "neighboring_window down "; + "${cmd}+l" = "neighboring_window right"; + ## Detach window to its own tab + "${cmd}+shift+d" = "detach_window new-tab"; + ## Change layout to fullscreen (stack) and back + "${cmd}+f" = "toggle_layout stack"; + } + # Tab bindings + // builtins.listToAttrs ( + map (x: attrsets.nameValuePair "${cmd}+${toString x}" "goto_tab ${toString x}") (lists.range 1 9) + ); settings = { # Tab settings tab_bar_edge = "top"; diff --git a/home/modules/programs/my-niri.nix b/home/modules/programs/my-niri.nix index dd4f7e1..f459f04 100644 --- a/home/modules/programs/my-niri.nix +++ b/home/modules/programs/my-niri.nix @@ -1,4 +1,10 @@ -{ config, osConfig, lib, pkgs, ... }: +{ + config, + osConfig, + lib, + pkgs, + ... +}: let cfg = config.programs.my-niri; @@ -26,16 +32,33 @@ in lock-command = lib.mkOption { type = lib.types.listOf lib.types.str; description = "The command to lock the screen"; - default = [ "${pkgs.swaylock}/bin/swaylock" ] - ++ (if wallpaper == "" then [ "" ] else [ "-i" "${wallpaper}" "-s" "fill" ]) - ++ [ "-l" "-k" ]; + default = + [ "${pkgs.swaylock}/bin/swaylock" ] + ++ ( + if wallpaper == "" then + [ "" ] + else + [ + "-i" + "${wallpaper}" + "-s" + "fill" + ] + ) + ++ [ + "-l" + "-k" + ]; }; workspaces = lib.mkOption { - type = lib.types.attrsOf - (lib.types.submodule { + type = lib.types.attrsOf ( + lib.types.submodule { options = { - name = lib.mkOption { type = lib.types.str; description = "workspace name"; }; + name = lib.mkOption { + type = lib.types.str; + description = "workspace name"; + }; fixed = lib.mkOption { type = lib.types.bool; default = true; @@ -47,7 +70,8 @@ in description = "Default monitor to spawn workspace in"; }; }; - }); + } + ); description = "A mapping of ordering to workspace names, for fixed workspaces"; }; }; @@ -55,17 +79,39 @@ in config = lib.mkIf cfg.enable { programs.my-niri.workspaces = { # Default workspaces, always there - "01" = { name = "🌏 web"; }; - "02" = { name = "💬 chat"; }; - "03" = { name = "⚙️ code"; }; - "04" = { name = "🎶 music"; }; - "05" = { name = "🔧 extra"; }; - "06" = { name = "🧰 6"; }; - "07" = { name = "🔩 7"; }; - "08" = { name = "🛠️ 8"; }; - "09" = { name = "🔨 9"; }; - "10" = { name = "🎲 misc"; }; - "99" = { name = "📧 Email"; }; + "01" = { + name = "🌏 web"; + }; + "02" = { + name = "💬 chat"; + }; + "03" = { + name = "⚙️ code"; + }; + "04" = { + name = "🎶 music"; + }; + "05" = { + name = "🔧 extra"; + }; + "06" = { + name = "🧰 6"; + }; + "07" = { + name = "🔩 7"; + }; + "08" = { + name = "🛠️ 8"; + }; + "09" = { + name = "🔨 9"; + }; + "10" = { + name = "🎲 misc"; + }; + "99" = { + name = "📧 Email"; + }; }; systemd.user.services.swaync.Install.WantedBy = [ "niri.service" ]; systemd.user.services.swaync.Unit.After = [ "niri.service" ]; @@ -84,7 +130,10 @@ in Unit = { Description = "XWayland Client for niri"; PartOf = [ "xwayland.target" ]; - Before = [ "xwayland.target" "xdg-desktop-autostart.target" ]; + Before = [ + "xwayland.target" + "xdg-desktop-autostart.target" + ]; After = [ "niri.service" ]; }; Install.WantedBy = [ "niri.service" ]; @@ -97,16 +146,20 @@ in }; programs.niri.settings = { - environment = { - QT_QPA_PLATFORM = "wayland"; - QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; - QT_IM_MODULE = "fcitx"; - # export NIXOS_OZONE_WL=1 # Until text-input is merged - DISPLAY = xwayland-display; - } // lib.optionalAttrs osConfig.services.desktopManager.plasma6.enable { - XDG_MENU_PREFIX = "plasma-"; + environment = + { + QT_QPA_PLATFORM = "wayland"; + QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; + QT_IM_MODULE = "fcitx"; + # export NIXOS_OZONE_WL=1 # Until text-input is merged + DISPLAY = xwayland-display; + } + // lib.optionalAttrs osConfig.services.desktopManager.plasma6.enable { + XDG_MENU_PREFIX = "plasma-"; + }; + input.keyboard.xkb = { + layout = "jp"; }; - input.keyboard.xkb = { layout = "jp"; }; input.touchpad = lib.mkIf cfg.enableLaptop { tap = true; dwt = true; @@ -138,9 +191,25 @@ in spawn-at-startup = [ # Wallpaper - { command = [ (lib.getExe pkgs.swaybg) "-i" "${wallpaper}" "-m" "fill" ]; } + { + command = [ + (lib.getExe pkgs.swaybg) + "-i" + "${wallpaper}" + "-m" + "fill" + ]; + } # Waybar - { command = [ "systemctl" "--user" "start" "xdg-desktop-portal-gtk.service" "xdg-desktop-portal.service" ]; } + { + command = [ + "systemctl" + "--user" + "start" + "xdg-desktop-portal-gtk.service" + "xdg-desktop-portal.service" + ]; + } ]; layout = { @@ -154,11 +223,24 @@ in focus-ring = { width = 4; - active.gradient = { from = "#00447AFF"; to = "#71C4FFAA"; angle = 45; }; + active.gradient = { + from = "#00447AFF"; + to = "#71C4FFAA"; + angle = 45; + }; inactive.color = "#505050"; }; border.enable = false; - struts = let v = 8; in { left = v; right = v; bottom = v; top = v; }; + struts = + let + v = 8; + in + { + left = v; + right = v; + bottom = v; + top = v; + }; }; prefer-no-csd = true; @@ -166,18 +248,31 @@ in workspaces = let fixedWorkspaces = lib.filterAttrs (_: w: w.fixed) cfg.workspaces; - workspaceConfig = lib.mapAttrs - (_: w: { inherit (w) name; } // (lib.optionalAttrs (w.monitor != null) { + workspaceConfig = lib.mapAttrs ( + _: w: + { + inherit (w) name; + } + // (lib.optionalAttrs (w.monitor != null) { open-on-output = w.monitor; - })) - fixedWorkspaces; + }) + ) fixedWorkspaces; in workspaceConfig; window-rules = [ # Rounded Corners { - geometry-corner-radius = let v = 8.0; in { bottom-left = v; bottom-right = v; top-left = v; top-right = v; }; + geometry-corner-radius = + let + v = 8.0; + in + { + bottom-left = v; + bottom-right = v; + top-left = v; + top-right = v; + }; clip-to-geometry = true; } # Workspace assignments @@ -185,9 +280,18 @@ in open-on-workspace = cfg.workspaces."01".name; open-maximized = true; matches = [ - { at-startup = true; app-id = "^firefox$"; } - { at-startup = true; app-id = "^librewolf$"; } - { at-startup = true; app-id = "^zen$"; } + { + at-startup = true; + app-id = "^firefox$"; + } + { + at-startup = true; + app-id = "^librewolf$"; + } + { + at-startup = true; + app-id = "^zen$"; + } ]; } { @@ -225,7 +329,7 @@ in # xwaylandvideobridge { - matches = [{ app-id = "^xwaylandvideobridge$"; }]; + matches = [ { app-id = "^xwaylandvideobridge$"; } ]; open-floating = true; focus-ring.enable = false; opacity = 0.0; @@ -242,15 +346,15 @@ in # Kitty dimming { - matches = [{ app-id = "kitty"; }]; - excludes = [{ is-focused = true; }]; + matches = [ { app-id = "kitty"; } ]; + excludes = [ { is-focused = true; } ]; opacity = 0.95; } ]; layer-rules = [ { - matches = [{ namespace = "^swaync-.*"; }]; + matches = [ { namespace = "^swaync-.*"; } ]; block-out-from = "screen-capture"; } ]; @@ -268,14 +372,38 @@ in "Mod+Shift+P".action = spawn "rofi-rbw-script"; # Audio and Volume - "XF86AudioPrev" = { action = spawn playerctl "previous"; allow-when-locked = true; }; - "XF86AudioPlay" = { action = spawn playerctl "play-pause"; allow-when-locked = true; }; - "Shift+XF86AudioPlay" = { action = spawn playerctl "stop"; allow-when-locked = true; }; - "XF86AudioNext" = { action = spawn playerctl "next"; allow-when-locked = true; }; - "XF86AudioRecord" = { action = spawn amixer "-q" "set" "Capture" "toggle"; allow-when-locked = true; }; - "XF86AudioMute" = { action = spawn amixer "-q" "set" "Master" "toggle"; allow-when-locked = true; }; - "XF86AudioLowerVolume" = { action = spawn amixer "-q" "set" "Master" "3%-"; allow-when-locked = true; }; - "XF86AudioRaiseVolume" = { action = spawn amixer "-q" "set" "Master" "3%+"; allow-when-locked = true; }; + "XF86AudioPrev" = { + action = spawn playerctl "previous"; + allow-when-locked = true; + }; + "XF86AudioPlay" = { + action = spawn playerctl "play-pause"; + allow-when-locked = true; + }; + "Shift+XF86AudioPlay" = { + action = spawn playerctl "stop"; + allow-when-locked = true; + }; + "XF86AudioNext" = { + action = spawn playerctl "next"; + allow-when-locked = true; + }; + "XF86AudioRecord" = { + action = spawn amixer "-q" "set" "Capture" "toggle"; + allow-when-locked = true; + }; + "XF86AudioMute" = { + action = spawn amixer "-q" "set" "Master" "toggle"; + allow-when-locked = true; + }; + "XF86AudioLowerVolume" = { + action = spawn amixer "-q" "set" "Master" "3%-"; + allow-when-locked = true; + }; + "XF86AudioRaiseVolume" = { + action = spawn amixer "-q" "set" "Master" "3%+"; + allow-when-locked = true; + }; # Backlight "XF86MonBrightnessDown".action = spawn brightnessctl "s" "10%-"; @@ -320,10 +448,22 @@ in "Mod+Ctrl+O".action = move-workspace-up; # Mouse bindings - "Mod+WheelScrollDown" = { action = focus-workspace-down; cooldown-ms = 150; }; - "Mod+WheelScrollUp" = { action = focus-workspace-up; cooldown-ms = 150; }; - "Mod+Ctrl+WheelScrollDown" = { action = move-column-to-workspace-down; cooldown-ms = 150; }; - "Mod+Ctrl+WheelScrollUp" = { action = move-column-to-workspace-up; cooldown-ms = 150; }; + "Mod+WheelScrollDown" = { + action = focus-workspace-down; + cooldown-ms = 150; + }; + "Mod+WheelScrollUp" = { + action = focus-workspace-up; + cooldown-ms = 150; + }; + "Mod+Ctrl+WheelScrollDown" = { + action = move-column-to-workspace-down; + cooldown-ms = 150; + }; + "Mod+Ctrl+WheelScrollUp" = { + action = move-column-to-workspace-up; + cooldown-ms = 150; + }; "Mod+WheelScrollRight".action = focus-column-right; "Mod+WheelScrollLeft".action = focus-column-left; @@ -338,26 +478,66 @@ in # # For example, with 2 workspaces + 1 empty, indices 3, 4, 5 and so on # will all refer to the 3rd workspace. - "Mod+1" = lib.mkIf cfg.workspaces."01".fixed { action = focus-workspace (cfg.workspaces."01".name); }; - "Mod+2" = lib.mkIf cfg.workspaces."02".fixed { action = focus-workspace (cfg.workspaces."02".name); }; - "Mod+3" = lib.mkIf cfg.workspaces."03".fixed { action = focus-workspace (cfg.workspaces."03".name); }; - "Mod+4" = lib.mkIf cfg.workspaces."04".fixed { action = focus-workspace (cfg.workspaces."04".name); }; - "Mod+5" = lib.mkIf cfg.workspaces."05".fixed { action = focus-workspace (cfg.workspaces."05".name); }; - "Mod+6" = lib.mkIf cfg.workspaces."06".fixed { action = focus-workspace (cfg.workspaces."06".name); }; - "Mod+7" = lib.mkIf cfg.workspaces."07".fixed { action = focus-workspace (cfg.workspaces."07".name); }; - "Mod+8" = lib.mkIf cfg.workspaces."08".fixed { action = focus-workspace (cfg.workspaces."08".name); }; - "Mod+9" = lib.mkIf cfg.workspaces."09".fixed { action = focus-workspace (cfg.workspaces."09".name); }; - "Mod+0" = lib.mkIf cfg.workspaces."10".fixed { action = focus-workspace (cfg.workspaces."10".name); }; - "Mod+Shift+1" = lib.mkIf cfg.workspaces."01".fixed { action = move-column-to-workspace (cfg.workspaces."01".name); }; - "Mod+Shift+2" = lib.mkIf cfg.workspaces."02".fixed { action = move-column-to-workspace (cfg.workspaces."02".name); }; - "Mod+Shift+3" = lib.mkIf cfg.workspaces."03".fixed { action = move-column-to-workspace (cfg.workspaces."03".name); }; - "Mod+Shift+4" = lib.mkIf cfg.workspaces."04".fixed { action = move-column-to-workspace (cfg.workspaces."04".name); }; - "Mod+Shift+5" = lib.mkIf cfg.workspaces."05".fixed { action = move-column-to-workspace (cfg.workspaces."05".name); }; - "Mod+Shift+6" = lib.mkIf cfg.workspaces."06".fixed { action = move-column-to-workspace (cfg.workspaces."06".name); }; - "Mod+Shift+7" = lib.mkIf cfg.workspaces."07".fixed { action = move-column-to-workspace (cfg.workspaces."07".name); }; - "Mod+Shift+8" = lib.mkIf cfg.workspaces."08".fixed { action = move-column-to-workspace (cfg.workspaces."08".name); }; - "Mod+Shift+9" = lib.mkIf cfg.workspaces."09".fixed { action = move-column-to-workspace (cfg.workspaces."09".name); }; - "Mod+Shift+0" = lib.mkIf cfg.workspaces."10".fixed { action = move-column-to-workspace (cfg.workspaces."10".name); }; + "Mod+1" = lib.mkIf cfg.workspaces."01".fixed { + action = focus-workspace (cfg.workspaces."01".name); + }; + "Mod+2" = lib.mkIf cfg.workspaces."02".fixed { + action = focus-workspace (cfg.workspaces."02".name); + }; + "Mod+3" = lib.mkIf cfg.workspaces."03".fixed { + action = focus-workspace (cfg.workspaces."03".name); + }; + "Mod+4" = lib.mkIf cfg.workspaces."04".fixed { + action = focus-workspace (cfg.workspaces."04".name); + }; + "Mod+5" = lib.mkIf cfg.workspaces."05".fixed { + action = focus-workspace (cfg.workspaces."05".name); + }; + "Mod+6" = lib.mkIf cfg.workspaces."06".fixed { + action = focus-workspace (cfg.workspaces."06".name); + }; + "Mod+7" = lib.mkIf cfg.workspaces."07".fixed { + action = focus-workspace (cfg.workspaces."07".name); + }; + "Mod+8" = lib.mkIf cfg.workspaces."08".fixed { + action = focus-workspace (cfg.workspaces."08".name); + }; + "Mod+9" = lib.mkIf cfg.workspaces."09".fixed { + action = focus-workspace (cfg.workspaces."09".name); + }; + "Mod+0" = lib.mkIf cfg.workspaces."10".fixed { + action = focus-workspace (cfg.workspaces."10".name); + }; + "Mod+Shift+1" = lib.mkIf cfg.workspaces."01".fixed { + action = move-column-to-workspace (cfg.workspaces."01".name); + }; + "Mod+Shift+2" = lib.mkIf cfg.workspaces."02".fixed { + action = move-column-to-workspace (cfg.workspaces."02".name); + }; + "Mod+Shift+3" = lib.mkIf cfg.workspaces."03".fixed { + action = move-column-to-workspace (cfg.workspaces."03".name); + }; + "Mod+Shift+4" = lib.mkIf cfg.workspaces."04".fixed { + action = move-column-to-workspace (cfg.workspaces."04".name); + }; + "Mod+Shift+5" = lib.mkIf cfg.workspaces."05".fixed { + action = move-column-to-workspace (cfg.workspaces."05".name); + }; + "Mod+Shift+6" = lib.mkIf cfg.workspaces."06".fixed { + action = move-column-to-workspace (cfg.workspaces."06".name); + }; + "Mod+Shift+7" = lib.mkIf cfg.workspaces."07".fixed { + action = move-column-to-workspace (cfg.workspaces."07".name); + }; + "Mod+Shift+8" = lib.mkIf cfg.workspaces."08".fixed { + action = move-column-to-workspace (cfg.workspaces."08".name); + }; + "Mod+Shift+9" = lib.mkIf cfg.workspaces."09".fixed { + action = move-column-to-workspace (cfg.workspaces."09".name); + }; + "Mod+Shift+0" = lib.mkIf cfg.workspaces."10".fixed { + action = move-column-to-workspace (cfg.workspaces."10".name); + }; "Mod+asciicircum".action = focus-workspace (cfg.workspaces."99".name); "Mod+Shift+asciicircum".action = move-column-to-workspace (cfg.workspaces."99".name); @@ -392,4 +572,3 @@ in }; }; } - diff --git a/home/modules/programs/my-sway/default.nix b/home/modules/programs/my-sway/default.nix index 956f5a1..efa6fe4 100644 --- a/home/modules/programs/my-sway/default.nix +++ b/home/modules/programs/my-sway/default.nix @@ -1,4 +1,11 @@ -{ pkgs, lib, options, config, osConfig, ... }: +{ + pkgs, + lib, + options, + config, + osConfig, + ... +}: with lib; let cfg = config.programs.my-sway; @@ -22,12 +29,14 @@ let mail = "📧 Email"; }; wsAttrs = builtins.listToAttrs ( - map - (i: { name = toString (remainder i 10); value = builtins.elemAt workspaces (i - 1); }) - (range 1 11) + map (i: { + name = toString (remainder i 10); + value = builtins.elemAt workspaces (i - 1); + }) (range 1 11) ); remainder = x: y: x - (builtins.div x y) * y; - range = from: to: + range = + from: to: let f = cur: if cur == to then [ ] else [ cur ] ++ f (cur + 1); in @@ -64,7 +73,10 @@ in default = true; }; wallpaper = mkOption { - type = types.oneOf [ types.path types.str ]; + type = types.oneOf [ + types.path + types.str + ]; description = "Path to the wallpaper to be used"; default = config.linux.graphical.wallpaper; }; @@ -83,14 +95,20 @@ in lockCmd = mkOption { type = types.str; description = "The screen lock command"; - default = "${pkgs.swaylock}/bin/swaylock" + default = + "${pkgs.swaylock}/bin/swaylock" + (if cfg.wallpaper == "" then "" else " -i ${cfg.wallpaper} -s fill") + " -l -k"; }; }; config.systemd.user.targets.sway-session = mkIf cfg.enable { - Unit.Before = [ "tray.target" "xwayland.target" "xdg-desktop-portal.service" "xdg-desktop-autostart.target" ]; + Unit.Before = [ + "tray.target" + "xwayland.target" + "xdg-desktop-portal.service" + "xdg-desktop-autostart.target" + ]; Unit.Upholds = [ "waybar.service" ]; Unit.Wants = [ "xdg-desktop-autostart.target" ]; }; @@ -107,13 +125,16 @@ in enable = true; package = cfg.package; systemd.enable = true; - systemd.variables = options.wayland.windowManager.sway.systemd.variables.default ++ [ - "PATH" # for portals - "XDG_DATA_DIRS" # For extra icons - "XDG_DATA_HOME" # For extra icons - ] ++ lib.optionals osConfig.services.desktopManager.plasma6.enable [ - "XDG_MENU_PREFIX" - ]; + systemd.variables = + options.wayland.windowManager.sway.systemd.variables.default + ++ [ + "PATH" # for portals + "XDG_DATA_DIRS" # For extra icons + "XDG_DATA_HOME" # For extra icons + ] + ++ lib.optionals osConfig.services.desktopManager.plasma6.enable [ + "XDG_MENU_PREFIX" + ]; # systemd.extraCommands = options.wayland.windowManager.sway.systemd.extraCommands.default # ++ [ # "systemctl --user restart xdg-desktop-portal.service" @@ -137,7 +158,8 @@ in ### Seats # # Cursor - seat."*".xcursor_theme = "${config.home.pointerCursor.name} ${toString config.home.pointerCursor.size}"; + seat."*".xcursor_theme = + "${config.home.pointerCursor.name} ${toString config.home.pointerCursor.size}"; ### Programs # @@ -158,110 +180,120 @@ in # # Main modifier modifier = mod; - keybindings = { - ### Default Bindings - # - ## App management - "${mod}+Return" = "exec ${swayCfg.config.terminal}"; - "${mod}+Shift+q" = "kill"; - "${mod}+d" = "exec ${swayCfg.config.menu}"; - ## Windowing - # Focus - "${mod}+${swayCfg.config.left}" = "focus left"; - "${mod}+${swayCfg.config.down}" = "focus down"; - "${mod}+${swayCfg.config.up}" = "focus up"; - "${mod}+${swayCfg.config.right}" = "focus right"; - "${mod}+Left" = "focus left"; - "${mod}+Down" = "focus down"; - "${mod}+Up" = "focus up"; - "${mod}+Right" = "focus right"; - # Move - "${mod}+Shift+${swayCfg.config.left}" = "move left"; - "${mod}+Shift+${swayCfg.config.down}" = "move down"; - "${mod}+Shift+${swayCfg.config.up}" = "move up"; - "${mod}+Shift+${swayCfg.config.right}" = "move right"; - "${mod}+Shift+Left" = "move left"; - "${mod}+Shift+Down" = "move down"; - "${mod}+Shift+Up" = "move up"; - "${mod}+Shift+Right" = "move right"; - # Toggles - "${mod}+f" = "fullscreen toggle"; - "${mod}+a" = "focus parent"; - # Layouts - "${mod}+s" = "layout stacking"; - "${mod}+w" = "layout tabbed"; - "${mod}+e" = "layout toggle split"; - # Floating - "${mod}+Shift+space" = "floating toggle"; - # Scratchpad - "${mod}+Shift+minus" = "move scratchpad"; - # Resize - "${mod}+r" = "mode resize"; - "${mod}+minus" = "scratchpad show"; - ## Reload and exit - "${mod}+Shift+c" = "reload"; - "${mod}+Shift+e" = - "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; - # Launcher - "${mod}+space" = "exec rofi -show drun"; - "${mod}+tab" = "exec ${./rofi-window.py}"; - "${mod}+shift+p" = "exec rofi-rbw-script"; - } // { - ## Splits - "${mod}+v" = "split v"; - "${mod}+Shift+v" = "split h"; - ## Run - "${mod}+r" = "exec ${config.wayland.windowManager.sway.config.menu}"; - "${mod}+Shift+r" = "mode resize"; - ## Screenshot - "Print" = "exec ${screenshotScript}/bin/screenshot"; - "Shift+Print" = "exec ${screenshotEditScript}/bin/screenshot"; - ## Locking - "${mod}+semicolon" = "exec ${cfg.lockCmd}"; - ## Multimedia - "XF86AudioPrev" = "exec ${playerctl} previous"; - "XF86AudioPlay" = "exec ${playerctl} play-pause"; - "Shift+XF86AudioPlay" = "exec ${playerctl} stop"; - "XF86AudioNext" = "exec ${playerctl} next"; - "XF86AudioRecord" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Capture toggle"; - "XF86AudioMute" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master toggle"; - "XF86AudioLowerVolume" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master 3%-"; - "XF86AudioRaiseVolume" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master 3%+"; - ## Backlight - "XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 10%-"; - "XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 10%+"; - "Shift+XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl -d kbd_backlight s 25%-"; - "Shift+XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl -d kbd_backlight s 25%+"; - } // - # Map the workspaces - (builtins.listToAttrs (lib.flatten (map - (key: [ + keybindings = + { + ### Default Bindings + # + ## App management + "${mod}+Return" = "exec ${swayCfg.config.terminal}"; + "${mod}+Shift+q" = "kill"; + "${mod}+d" = "exec ${swayCfg.config.menu}"; + ## Windowing + # Focus + "${mod}+${swayCfg.config.left}" = "focus left"; + "${mod}+${swayCfg.config.down}" = "focus down"; + "${mod}+${swayCfg.config.up}" = "focus up"; + "${mod}+${swayCfg.config.right}" = "focus right"; + "${mod}+Left" = "focus left"; + "${mod}+Down" = "focus down"; + "${mod}+Up" = "focus up"; + "${mod}+Right" = "focus right"; + # Move + "${mod}+Shift+${swayCfg.config.left}" = "move left"; + "${mod}+Shift+${swayCfg.config.down}" = "move down"; + "${mod}+Shift+${swayCfg.config.up}" = "move up"; + "${mod}+Shift+${swayCfg.config.right}" = "move right"; + "${mod}+Shift+Left" = "move left"; + "${mod}+Shift+Down" = "move down"; + "${mod}+Shift+Up" = "move up"; + "${mod}+Shift+Right" = "move right"; + # Toggles + "${mod}+f" = "fullscreen toggle"; + "${mod}+a" = "focus parent"; + # Layouts + "${mod}+s" = "layout stacking"; + "${mod}+w" = "layout tabbed"; + "${mod}+e" = "layout toggle split"; + # Floating + "${mod}+Shift+space" = "floating toggle"; + # Scratchpad + "${mod}+Shift+minus" = "move scratchpad"; + # Resize + "${mod}+r" = "mode resize"; + "${mod}+minus" = "scratchpad show"; + ## Reload and exit + "${mod}+Shift+c" = "reload"; + "${mod}+Shift+e" = + "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; + # Launcher + "${mod}+space" = "exec rofi -show drun"; + "${mod}+tab" = "exec ${./rofi-window.py}"; + "${mod}+shift+p" = "exec rofi-rbw-script"; + } + // { + ## Splits + "${mod}+v" = "split v"; + "${mod}+Shift+v" = "split h"; + ## Run + "${mod}+r" = "exec ${config.wayland.windowManager.sway.config.menu}"; + "${mod}+Shift+r" = "mode resize"; + ## Screenshot + "Print" = "exec ${screenshotScript}/bin/screenshot"; + "Shift+Print" = "exec ${screenshotEditScript}/bin/screenshot"; + ## Locking + "${mod}+semicolon" = "exec ${cfg.lockCmd}"; + ## Multimedia + "XF86AudioPrev" = "exec ${playerctl} previous"; + "XF86AudioPlay" = "exec ${playerctl} play-pause"; + "Shift+XF86AudioPlay" = "exec ${playerctl} stop"; + "XF86AudioNext" = "exec ${playerctl} next"; + "XF86AudioRecord" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Capture toggle"; + "XF86AudioMute" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master toggle"; + "XF86AudioLowerVolume" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master 3%-"; + "XF86AudioRaiseVolume" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master 3%+"; + ## Backlight + "XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 10%-"; + "XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 10%+"; + "Shift+XF86MonBrightnessDown" = + "exec ${pkgs.brightnessctl}/bin/brightnessctl -d kbd_backlight s 25%-"; + "Shift+XF86MonBrightnessUp" = + "exec ${pkgs.brightnessctl}/bin/brightnessctl -d kbd_backlight s 25%+"; + } + // + # Map the workspaces + (builtins.listToAttrs ( + lib.flatten ( + map (key: [ + { + name = "${mod}+${key}"; + value = "workspace ${builtins.getAttr key wsAttrs}"; + } + { + name = "${mod}+Shift+${key}"; + value = "move to workspace ${builtins.getAttr key wsAttrs}"; + } + ]) (builtins.attrNames wsAttrs) + ) + )) + // { + # Extra workspaces + "${mod}+asciicircum" = "workspace ${extraWorkspaces.mail}"; + "${mod}+shift+asciicircum" = "move to workspace ${extraWorkspaces.mail}"; + } + // + # Move workspaces between outputs { - name = "${mod}+${key}"; - value = "workspace ${builtins.getAttr key wsAttrs}"; - } - { - name = "${mod}+Shift+${key}"; - value = "move to workspace ${builtins.getAttr key wsAttrs}"; - } - ]) - (builtins.attrNames wsAttrs)) - )) // - { - # Extra workspaces - "${mod}+asciicircum" = "workspace ${extraWorkspaces.mail}"; - "${mod}+shift+asciicircum" = "move to workspace ${extraWorkspaces.mail}"; - } // - # Move workspaces between outputs - { - "${mod}+ctrl+h" = "move workspace to output left"; - "${mod}+ctrl+l" = "move workspace to output right"; - }; + "${mod}+ctrl+h" = "move workspace to output left"; + "${mod}+ctrl+l" = "move workspace to output right"; + }; ### Fonts # fonts = { - names = [ "monospace" "FontAwesome5Free" ]; + names = [ + "monospace" + "FontAwesome5Free" + ]; size = cfg.fontSize; }; @@ -298,21 +330,31 @@ in ]; }; # Commands - window.commands = [ - { criteria = { title = ".*"; }; command = "inhibit_idle fullscreen"; } - ] ++ ( - # Floating assignments - let - criterias = [ - { app_id = ".*float.*"; } - { app_id = "org\\.freedesktop\\.impl\\.portal\\.desktop\\..*"; } - { class = ".*float.*"; } - { title = "Extension: .*Bitwarden.*"; } - ]; - toCommand = criteria: { inherit criteria; command = "floating enable"; }; - in - map toCommand criterias - ); + window.commands = + [ + { + criteria = { + title = ".*"; + }; + command = "inhibit_idle fullscreen"; + } + ] + ++ ( + # Floating assignments + let + criterias = [ + { app_id = ".*float.*"; } + { app_id = "org\\.freedesktop\\.impl\\.portal\\.desktop\\..*"; } + { class = ".*float.*"; } + { title = "Extension: .*Bitwarden.*"; } + ]; + toCommand = criteria: { + inherit criteria; + command = "floating enable"; + }; + in + map toCommand criterias + ); # Focus focus.followMouse = true; focus.mouseWarping = true; @@ -334,36 +376,50 @@ in # swaynag swaynag.enable = true; # Environment Variables - extraSessionCommands = '' - export QT_QPA_PLATFORM=wayland - export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" - export QT_IM_MODULE=fcitx - export GTK_IM_MODULE=fcitx # Til text-input is merged - # export NIXOS_OZONE_WL=1 # Until text-input is merged + extraSessionCommands = + '' + export QT_QPA_PLATFORM=wayland + export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" + export QT_IM_MODULE=fcitx + export GTK_IM_MODULE=fcitx # Til text-input is merged + # export NIXOS_OZONE_WL=1 # Until text-input is merged - '' + (if config.services.gnome-keyring.enable then '' - # gnome-keyring - if type gnome-keyring-daemon >/dev/null; then - eval `gnome-keyring-daemon` - export SSH_AUTH_SOCK - fi - '' else "") + lib.optionalString osConfig.services.desktopManager.plasma6.enable '' - export XDG_MENU_PREFIX=plasma- - ''; + '' + + ( + if config.services.gnome-keyring.enable then + '' + # gnome-keyring + if type gnome-keyring-daemon >/dev/null; then + eval `gnome-keyring-daemon` + export SSH_AUTH_SOCK + fi + '' + else + "" + ) + + lib.optionalString osConfig.services.desktopManager.plasma6.enable '' + export XDG_MENU_PREFIX=plasma- + ''; # Extra wrapperFeatures.base = true; wrapperFeatures.gtk = true; extraConfig = - (if cfg.enableLaptop then '' - # Lock screen on lid close - bindswitch lid:off exec ${cfg.lockCmd} + ( + if cfg.enableLaptop then + '' + # Lock screen on lid close + bindswitch lid:off exec ${cfg.lockCmd} - # Gesture bindings - bindgesture swipe:3:right workspace prev - bindgesture swipe:3:left workspace next - bindgesture swipe:3:up exec ${./rofi-window.py} - '' else "") + '' + # Gesture bindings + bindgesture swipe:3:right workspace prev + bindgesture swipe:3:left workspace next + bindgesture swipe:3:up exec ${./rofi-window.py} + '' + else + "" + ) + + '' ## swayfx stuff # Rounded corners corner_radius 5 @@ -378,10 +434,10 @@ in # Blur for_window [app_id=".*kitty.*"] blur enable blur_xray disable - '' + '' + '' + + '' # Enable portal stuff - exec ${pkgs.writeShellScript "start-portals.sh" '' - ''} + exec ${pkgs.writeShellScript "start-portals.sh" ''''} ''; }; @@ -393,20 +449,28 @@ in # { timeout = 15 * 60; command = cfg.lockCmd; } ]; events = [ - { event = "lock"; command = cfg.lockCmd; } - { event = "before-sleep"; command = cfg.lockCmd; } + { + event = "lock"; + command = cfg.lockCmd; + } + { + event = "before-sleep"; + command = cfg.lockCmd; + } ]; }; - config.home.packages = mkIf cfg.enable (with pkgs; [ - # Needed for QT_QPA_PLATFORM - kdePackages.qtwayland - # For waybar - font-awesome - ]); + config.home.packages = mkIf cfg.enable ( + with pkgs; + [ + # Needed for QT_QPA_PLATFORM + kdePackages.qtwayland + # For waybar + font-awesome + ] + ); config.programs.rofi = mkIf cfg.enable { font = lib.mkForce "monospace ${toString cfg.fontSize}"; }; } - diff --git a/home/modules/programs/my-sway/ibus.nix b/home/modules/programs/my-sway/ibus.nix index 8e89474..4e7cf50 100644 --- a/home/modules/programs/my-sway/ibus.nix +++ b/home/modules/programs/my-sway/ibus.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let cfg = config.programs.my-sway; @@ -6,15 +11,22 @@ let # Set up an ibus script ibusNext = ( let - input-methods = [ "xkb:us::eng" "mozc-jp" "Bamboo" ]; - next = m: + input-methods = [ + "xkb:us::eng" + "mozc-jp" + "Bamboo" + ]; + next = + m: let - nextRec = l: - if (length l == 1) - then head input-methods - else if (m == head l) - then (head (tail l)) - else nextRec (tail l); + nextRec = + l: + if (length l == 1) then + head input-methods + else if (m == head l) then + (head (tail l)) + else + nextRec (tail l); in nextRec input-methods; changeTo = m: '' @@ -52,4 +64,3 @@ in }; }; } - diff --git a/home/modules/programs/my-waybar.nix b/home/modules/programs/my-waybar.nix index 191cbcb..282a64f 100644 --- a/home/modules/programs/my-waybar.nix +++ b/home/modules/programs/my-waybar.nix @@ -1,4 +1,9 @@ -{ lib, config, pkgs, ... }: +{ + lib, + config, + pkgs, + ... +}: let cfg = config.programs.my-waybar; in @@ -47,382 +52,418 @@ in }; config.programs.waybar = let - barWith = { showMedia ? true, showConnectivity ? true, extraSettings ? { }, ... }: lib.mkMerge ([{ - layer = "top"; - position = "top"; - modules-left = [ - "sway/workspaces" - "sway/mode" - "sway/window" - "niri/workspaces" - "niri/window" - ]; - modules-center = [ - ]; - modules-right = - lib.optional showMedia (if cfg.enableMpd then "mpd" else "custom/media") - ++ [ - "tray" - "pulseaudio" - ] ++ lib.optionals showConnectivity [ - "bluetooth" - "network" - ] ++ [ - "cpu" - "memory" - "temperature" - ] ++ lib.optionals cfg.enableLaptopBars [ "battery" "battery#bat2" ] - ++ [ - "clock" - ]; + barWith = + { + showMedia ? true, + showConnectivity ? true, + extraSettings ? { }, + ... + }: + lib.mkMerge ( + [ + { + layer = "top"; + position = "top"; + modules-left = [ + "sway/workspaces" + "sway/mode" + "sway/window" + "niri/workspaces" + "niri/window" + ]; + modules-center = [ + ]; + modules-right = + lib.optional showMedia (if cfg.enableMpd then "mpd" else "custom/media") + ++ [ + "tray" + "pulseaudio" + ] + ++ lib.optionals showConnectivity [ + "bluetooth" + "network" + ] + ++ [ + "cpu" + "memory" + "temperature" + ] + ++ lib.optionals cfg.enableLaptopBars [ + "battery" + "battery#bat2" + ] + ++ [ + "clock" + ]; - modules = { - "sway/workspaces" = { - format = "{name}"; - }; - "sway/mode" = { - format = "{}"; - }; - "sway/window" = { - max-length = 70; - format = "{title}"; - "rewrite" = { - "(.*) — Mozilla Firefox" = "[🌎] $1"; - "(.*) - Mozilla Thunderbird" = "[📧] $1"; - "(.*) - Kakoune" = "[⌨️] $1"; - "(.*) - fish" = "[>_] $1"; - "(.*) - Discord" = "[🗨️] $1"; - # ArmCord thing - "• Discord \\| (.*)" = "[🗨️] $1"; - "\\((\\d+)\\) Discord \\| (.*)" = "[🗨️] {$1} $2"; - }; - }; - "niri/window" = { - format = "{title}"; - "rewrite" = { - "(.*) — Mozilla Firefox" = "[🌎] $1"; - "(.*) - Mozilla Thunderbird" = "[📧] $1"; - "(.*) - Kakoune" = "[⌨️] $1"; - "(.*) - fish" = "[>_] $1"; - "(.*) - Discord" = "[🗨️] $1"; - # ArmCord thing - "• Discord \\| (.*)" = "[🗨️] $1"; - "\\((\\d+)\\) Discord \\| (.*)" = "[🗨️] {$1} $2"; - }; - }; - "tray" = { - icon-size = 21; - spacing = 10; - }; - "clock" = { - # format = "{:📅 %Y-%m-%d | 🕰️ %H:%M [%Z]}"; - format = "📅 {0:%Y-%m-%d} |️ 🕰️ {0:%H:%M [%Z]}"; - tooltip-format = "\n{calendar}"; - timezones = [ - "Europe/Zurich" - "America/Toronto" - "Asia/Tokyo" - "Asia/Ho_Chi_Minh" - ]; - calendar = { - mode = "year"; - mode-mon-col = 3; - weeks-pos = "right"; - on-scroll = 1; - on-click-right = "mode"; - format = { - months = "{}"; - days = "{}"; - weeks = "W{}"; - weekdays = "日 月 火 水 木 金 土"; # See https://github.com/Alexays/Waybar/issues/3132 - today = "{}"; + modules = { + "sway/workspaces" = { + format = "{name}"; + }; + "sway/mode" = { + format = "{}"; + }; + "sway/window" = { + max-length = 70; + format = "{title}"; + "rewrite" = { + "(.*) — Mozilla Firefox" = "[🌎] $1"; + "(.*) - Mozilla Thunderbird" = "[📧] $1"; + "(.*) - Kakoune" = "[⌨️] $1"; + "(.*) - fish" = "[>_] $1"; + "(.*) - Discord" = "[🗨️] $1"; + # ArmCord thing + "• Discord \\| (.*)" = "[🗨️] $1"; + "\\((\\d+)\\) Discord \\| (.*)" = "[🗨️] {$1} $2"; + }; + }; + "niri/window" = { + format = "{title}"; + "rewrite" = { + "(.*) — Mozilla Firefox" = "[🌎] $1"; + "(.*) - Mozilla Thunderbird" = "[📧] $1"; + "(.*) - Kakoune" = "[⌨️] $1"; + "(.*) - fish" = "[>_] $1"; + "(.*) - Discord" = "[🗨️] $1"; + # ArmCord thing + "• Discord \\| (.*)" = "[🗨️] $1"; + "\\((\\d+)\\) Discord \\| (.*)" = "[🗨️] {$1} $2"; + }; + }; + "tray" = { + icon-size = 21; + spacing = 10; + }; + "clock" = { + # format = "{:📅 %Y-%m-%d | 🕰️ %H:%M [%Z]}"; + format = "📅 {0:%Y-%m-%d} |️ 🕰️ {0:%H:%M [%Z]}"; + tooltip-format = "\n{calendar}"; + timezones = [ + "Europe/Zurich" + "America/Toronto" + "Asia/Tokyo" + "Asia/Ho_Chi_Minh" + ]; + calendar = { + mode = "year"; + mode-mon-col = 3; + weeks-pos = "right"; + on-scroll = 1; + on-click-right = "mode"; + format = { + months = "{}"; + days = "{}"; + weeks = "W{}"; + weekdays = "日 月 火 水 木 金 土"; # See https://github.com/Alexays/Waybar/issues/3132 + today = "{}"; + }; + }; + actions = { + on-click-middle = "mode"; + on-click-right = "tz_up"; + on-scroll-up = "shift_up"; + on-scroll-down = "shift_down"; + }; + }; + "cpu" = { + format = "{usage}% "; + }; + "memory" = { + format = "{}% "; + }; + "temperature" = { + # thermal-zone = 2; + # hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input"; + critical-threshold = 80; + # format-critical = "{temperatureC}°C "; + format = "{temperatureC}°C "; + }; + "backlight" = { + # device = "acpi_video1"; + format = "{percent}% {icon}"; + states = [ + 0 + 50 + ]; + format-icons = [ + "" + "" + ]; + }; + "battery" = lib.mkIf cfg.enableLaptopBars { + states = { + good = 95; + warning = 30; + critical = 15; + }; + format = "{capacity}% {icon}"; + # format-good = ""; # An empty format will hide the module + # format-full = ""; + format-icons = [ + "" + "" + "" + "" + "" + ]; + }; + "battery#bat2" = lib.mkIf cfg.enableLaptopBars { + bat = "BAT2"; + }; + "network" = { + # interface = wlp2s0 # (Optional) To force the use of this interface + format-wifi = "{essid} ({signalStrength}%) "; + format-ethernet = "{ifname} "; + format-disconnected = "Disconnected ⚠"; + interval = 7; + on-click = "${cfg.terminal} ${lib.getExe' pkgs.iwd "iwctl"}"; + }; + "bluetooth" = { + format = " {status}"; + format-connected = " {device_alias}"; + format-connected-battery = " {device_alias} {device_battery_percentage}%"; + # format-device-preference= [ "device1", "device2" ], // preference list deciding the displayed devic; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + on-click = "${pkgs.blueman}/bin/blueman-manager"; + }; + "pulseaudio" = { + # scroll-step = 1; + format = "{volume}% {icon}"; + format-bluetooth = "{volume}% {icon}"; + format-muted = ""; + format-icons = { + headphones = ""; + handsfree = ""; + headset = ""; + phone = ""; + portable = ""; + car = ""; + default = [ + "" + "" + ]; + }; + on-click = "${pkgs.pavucontrol}/bin/pavucontrol"; + }; + "mpd" = { + "format" = + "{stateIcon} {consumeIcon}{randomIcon}{repeatIcon}{singleIcon}{artist} - {album} - {title} ({elapsedTime:%M:%S}/{totalTime:%M:%S}) 🎧"; + "format-disconnected" = "Disconnected 🎧"; + "format-stopped" = "{consumeIcon}{randomIcon}{repeatIcon}{singleIcon}Stopped 🎧"; + "interval" = 2; + "consume-icons" = { + "on" = " "; # Icon shows only when "consume" is on + }; + "random-icons" = { + "off" = " "; # Icon grayed out when "random" is off; + "on" = " "; + }; + "repeat-icons" = { + "on" = " "; + }; + "single-icons" = { + "on" = "1 "; + }; + "state-icons" = { + "paused" = ""; + "playing" = ""; + }; + "tooltip-format" = "MPD (connected)"; + "tooltip-format-disconnected" = "MPD (disconnected)"; + "on-click" = "${pkgs.mpc_cli}/bin/mpc toggle"; + "on-click-right" = "${pkgs.mpc_cli}/bin/mpc stop"; + "on-click-middle" = "${cfg.terminal} --class=kitty_ncmpcpp ${pkgs.ncmpcpp}/bin/ncmpcpp"; + }; + "custom/media" = { + "format" = "{icon}{}"; + "return-type" = "json"; + "format-icons" = { + "Playing" = " "; + "Paused" = " "; + }; + "max-length" = 80; + "exec" = + "${lib.getExe pkgs.playerctl} -a metadata --format '{\"text\": \"{{artist}} - {{markup_escape(title)}}\", \"tooltip\": \"{{playerName}} : {{markup_escape(title)}}\", \"alt\": \"{{status}}\", \"class\": \"{{status}}\"}' -F"; + "on-click" = "${lib.getExe pkgs.playerctl} play-pause"; + }; }; - }; - actions = { - on-click-middle = "mode"; - on-click-right = "tz_up"; - on-scroll-up = "shift_up"; - on-scroll-down = "shift_down"; - }; - }; - "cpu" = { - format = "{usage}% "; - }; - "memory" = { - format = "{}% "; - }; - "temperature" = { - # thermal-zone = 2; - # hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input"; - critical-threshold = 80; - # format-critical = "{temperatureC}°C "; - format = "{temperatureC}°C "; - }; - "backlight" = { - # device = "acpi_video1"; - format = "{percent}% {icon}"; - states = [ 0 50 ]; - format-icons = [ "" "" ]; - }; - "battery" = lib.mkIf cfg.enableLaptopBars { - states = { - good = 95; - warning = 30; - critical = 15; - }; - format = "{capacity}% {icon}"; - # format-good = ""; # An empty format will hide the module - # format-full = ""; - format-icons = [ "" "" "" "" "" ]; - }; - "battery#bat2" = lib.mkIf cfg.enableLaptopBars { - bat = "BAT2"; - }; - "network" = { - # interface = wlp2s0 # (Optional) To force the use of this interface - format-wifi = "{essid} ({signalStrength}%) "; - format-ethernet = "{ifname} "; - format-disconnected = "Disconnected ⚠"; - interval = 7; - on-click = "${cfg.terminal} ${lib.getExe' pkgs.iwd "iwctl"}"; - }; - "bluetooth" = { - format = " {status}"; - format-connected = " {device_alias}"; - format-connected-battery = " {device_alias} {device_battery_percentage}%"; - # format-device-preference= [ "device1", "device2" ], // preference list deciding the displayed devic; - tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; - tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; - tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; - tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; - on-click = "${pkgs.blueman}/bin/blueman-manager"; - }; - "pulseaudio" = { - # scroll-step = 1; - format = "{volume}% {icon}"; - format-bluetooth = "{volume}% {icon}"; - format-muted = ""; - format-icons = { - headphones = ""; - handsfree = ""; - headset = ""; - phone = ""; - portable = ""; - car = ""; - default = [ "" "" ]; - }; - on-click = "${pkgs.pavucontrol}/bin/pavucontrol"; - }; - "mpd" = { - "format" = "{stateIcon} {consumeIcon}{randomIcon}{repeatIcon}{singleIcon}{artist} - {album} - {title} ({elapsedTime:%M:%S}/{totalTime:%M:%S}) 🎧"; - "format-disconnected" = "Disconnected 🎧"; - "format-stopped" = "{consumeIcon}{randomIcon}{repeatIcon}{singleIcon}Stopped 🎧"; - "interval" = 2; - "consume-icons" = { - "on" = " "; # Icon shows only when "consume" is on - }; - "random-icons" = { - "off" = " "; # Icon grayed out when "random" is off; - "on" = " "; - }; - "repeat-icons" = { - "on" = " "; - }; - "single-icons" = { - "on" = "1 "; - }; - "state-icons" = { - "paused" = ""; - "playing" = ""; - }; - "tooltip-format" = "MPD (connected)"; - "tooltip-format-disconnected" = "MPD (disconnected)"; - "on-click" = "${pkgs.mpc_cli}/bin/mpc toggle"; - "on-click-right" = "${pkgs.mpc_cli}/bin/mpc stop"; - "on-click-middle" = "${cfg.terminal} --class=kitty_ncmpcpp ${pkgs.ncmpcpp}/bin/ncmpcpp"; - }; - "custom/media" = { - "format" = "{icon}{}"; - "return-type" = "json"; - "format-icons" = { - "Playing" = " "; - "Paused" = " "; - }; - "max-length" = 80; - "exec" = "${lib.getExe pkgs.playerctl} -a metadata --format '{\"text\": \"{{artist}} - {{markup_escape(title)}}\", \"tooltip\": \"{{playerName}} : {{markup_escape(title)}}\", \"alt\": \"{{status}}\", \"class\": \"{{status}}\"}' -F"; - "on-click" = "${lib.getExe pkgs.playerctl} play-pause"; - }; - }; - }] ++ - cfg.extraSettings - ++ [ extraSettings ]); + } + ] + ++ cfg.extraSettings + ++ [ extraSettings ] + ); in lib.mkIf cfg.enable { enable = true; systemd.enable = true; systemd.target = "sway-session.target"; settings = cfg.makeBars barWith; - style = '' - * { - border: none; - border-radius: 0; - font-family: monospace, 'Font Awesome 5', 'Symbols Nerd Font Mono', 'SFNS Display', Helvetica, Arial, sans-serif; - font-size: ${toString (cfg.fontSize * 1.1)}px; - min-height: 0; - } + style = + '' + * { + border: none; + border-radius: 0; + font-family: monospace, 'Font Awesome 5', 'Symbols Nerd Font Mono', 'SFNS Display', Helvetica, Arial, sans-serif; + font-size: ${toString (cfg.fontSize * 1.1)}px; + min-height: 0; + } - window#waybar { - background: rgba(43, 48, 59, 0.8); - border-bottom: 3px solid rgba(100, 114, 125, 0.5); - color: #ffffff; - } + window#waybar { + background: rgba(43, 48, 59, 0.8); + border-bottom: 3px solid rgba(100, 114, 125, 0.5); + color: #ffffff; + } - window#waybar.hidden { - opacity: 0.0; - } - /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ - #workspaces button { - padding: 0 5px; - background: transparent; - color: #ffffff; - border-bottom: 3px solid transparent; - } + window#waybar.hidden { + opacity: 0.0; + } + /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ + #workspaces button { + padding: 0 5px; + background: transparent; + color: #ffffff; + border-bottom: 3px solid transparent; + } - #workspaces button.focused { - background: #64727D; - border-bottom: 3px solid #ffffff; - } + #workspaces button.focused { + background: #64727D; + border-bottom: 3px solid #ffffff; + } - #workspaces button.urgent { - background-color: #eb4d4b; - } + #workspaces button.urgent { + background-color: #eb4d4b; + } - #window, #sway, #sway-window { - padding-left: 1em; - margin-bottom: 0.4em; - } + #window, #sway, #sway-window { + padding-left: 1em; + margin-bottom: 0.4em; + } - #mode { - background: #64727D; - border-bottom: 3px solid #ffffff; - } + #mode { + background: #64727D; + border-bottom: 3px solid #ffffff; + } - /* #clock, #battery, #cpu, #memory, #temperature, #backlight, #network, #pulseaudio, #bluetooth, #custom-media, #tray, #mode, #idle_inhibitor, #mpd { */ - .modules-right > * > * { - margin: 0.2em 0 0.4em 0; - padding: 0.2em 0.5em; - border: 1px solid rgba(0, 0, 0, 0.25); - border-radius: 0.3em; - } + /* #clock, #battery, #cpu, #memory, #temperature, #backlight, #network, #pulseaudio, #bluetooth, #custom-media, #tray, #mode, #idle_inhibitor, #mpd { */ + .modules-right > * > * { + margin: 0.2em 0 0.4em 0; + padding: 0.2em 0.5em; + border: 1px solid rgba(0, 0, 0, 0.25); + border-radius: 0.3em; + } - .modules-right > *:not(:last-child) > * { - margin-right: 0.4em; - } + .modules-right > *:not(:last-child) > * { + margin-right: 0.4em; + } - #clock { - background-color: #64727D; - } + #clock { + background-color: #64727D; + } - #battery { - background-color: #ffffff; - color: #000000; - } + #battery { + background-color: #ffffff; + color: #000000; + } - #battery.charging { - color: #ffffff; - background-color: #26A65B; - } + #battery.charging { + color: #ffffff; + background-color: #26A65B; + } - @keyframes blink { - to { - background-color: #ffffff; - color: #000000; - } - } + @keyframes blink { + to { + background-color: #ffffff; + color: #000000; + } + } - #battery.critical:not(.charging) { - background: #f53c3c; - color: #ffffff; - animation-name: blink; - animation-duration: 0.5s; - animation-timing-function: linear; - animation-iteration-count: infinite; - animation-direction: alternate; - } + #battery.critical:not(.charging) { + background: #f53c3c; + color: #ffffff; + animation-name: blink; + animation-duration: 0.5s; + animation-timing-function: linear; + animation-iteration-count: infinite; + animation-direction: alternate; + } - #cpu { - background: #2ecc71; - color: #000000; - } + #cpu { + background: #2ecc71; + color: #000000; + } - #memory { - background: #9b59b6; - } + #memory { + background: #9b59b6; + } - #backlight { - background: #90b1b1; - } + #backlight { + background: #90b1b1; + } - #network { - background: #2980b9; - } + #network { + background: #2980b9; + } - #network.disconnected { - background: #f53c3c; - } + #network.disconnected { + background: #f53c3c; + } - #pulseaudio { - background: #f1c40f; - color: #000000; - } + #pulseaudio { + background: #f1c40f; + color: #000000; + } - #pulseaudio.muted { - background: #90b1b1; - } + #pulseaudio.muted { + background: #90b1b1; + } - #bluetooth { - background: DarkSlateBlue; - color: white; - } + #bluetooth { + background: DarkSlateBlue; + color: white; + } - #custom-media { - background: #66cc99; - color: #2a5c45; - } + #custom-media { + background: #66cc99; + color: #2a5c45; + } - .custom-spotify { - background: #66cc99; - } + .custom-spotify { + background: #66cc99; + } - .custom-vlc { - background: #ffa000; - } + .custom-vlc { + background: #ffa000; + } - #temperature { - background: #f0932b; - } + #temperature { + background: #f0932b; + } - #temperature.critical { - background: #eb4d4b; - } + #temperature.critical { + background: #eb4d4b; + } - #tray { - background-color: #2980b9; - } + #tray { + background-color: #2980b9; + } - #idle_inhibitor { - background-color: #2d3436; - } + #idle_inhibitor { + background-color: #2d3436; + } - #idle_inhibitor.activated { - background-color: #ecf0f1; - color: #2d3436; - } + #idle_inhibitor.activated { + background-color: #ecf0f1; + color: #2d3436; + } - #mpd { - background-color: teal; - color: white; - } - '' + cfg.extraStyle; + #mpd { + background-color: teal; + color: white; + } + '' + + cfg.extraStyle; }; } diff --git a/home/modules/programs/openconnect-epfl.nix b/home/modules/programs/openconnect-epfl.nix index 85d5601..457ca59 100644 --- a/home/modules/programs/openconnect-epfl.nix +++ b/home/modules/programs/openconnect-epfl.nix @@ -1,8 +1,16 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let openconnect-epfl = pkgs.writeShellApplication { name = "openconnect-epfl"; - runtimeInputs = with pkgs; [ openconnect rbw ]; + runtimeInputs = with pkgs; [ + openconnect + rbw + ]; text = '' METHOD="Microsoft Entra ID" RBW_ENTRY="EPFL Microsoft Auth" @@ -20,4 +28,3 @@ in { home.packages = [ openconnect-epfl ]; } - diff --git a/home/nki-framework.nix b/home/nki-framework.nix index d927a08..47d0bb3 100644 --- a/home/nki-framework.nix +++ b/home/nki-framework.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: { imports = [ @@ -56,9 +61,11 @@ powerprofilesctl set $new_profile ''; in - [{ - modules."battery"."on-click" = change-mode; - }]; + [ + { + modules."battery"."on-click" = change-mode; + } + ]; # input-remapping xdg.configFile."autostart/input-remapper-autoload.desktop".source = @@ -75,7 +82,7 @@ settings = [ { profile.name = "undocked"; - profile.outputs = [{ criteria = "eDP-1"; }]; + profile.outputs = [ { criteria = "eDP-1"; } ]; } { profile.name = "work-both"; @@ -85,7 +92,10 @@ position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}"; status = "enable"; } - { criteria = work.name; position = "1920,0"; } + { + criteria = work.name; + position = "1920,0"; + } ]; } { @@ -111,4 +121,3 @@ # changes in each release. home.stateVersion = "21.05"; } - diff --git a/home/nki-x1c1.nix b/home/nki-x1c1.nix index 07c4fd3..2bf173a 100644 --- a/home/nki-x1c1.nix +++ b/home/nki-x1c1.nix @@ -1,4 +1,10 @@ -{ pkgs, options, config, lib, ... }: +{ + pkgs, + options, + config, + lib, + ... +}: let iio-sway = pkgs.stdenv.mkDerivation { @@ -11,7 +17,11 @@ let hash = "sha256-JGacKajslCOvd/BFfFSf7s1/hgF6rJqJ6H6xNnsuMb4="; }; buildInputs = with pkgs; [ dbus ]; - nativeBuildInputs = with pkgs; [ meson ninja pkg-config ]; + nativeBuildInputs = with pkgs; [ + meson + ninja + pkg-config + ]; meta.mainProgram = "iio-sway"; }; in @@ -31,10 +41,13 @@ in home.homeDirectory = "/home/nki"; # More packages - home.packages = (with pkgs; [ - # Note-taking - rnote - ]); + home.packages = ( + with pkgs; + [ + # Note-taking + rnote + ] + ); # Graphical set up linux.graphical.type = "wayland"; @@ -65,7 +78,9 @@ in programs.my-niri.enable = true; programs.my-niri.enableLaptop = true; # Assign some of the workspaces to big screen - programs.my-niri.workspaces = lib.genAttrs [ "06" "07" "08" "09" "10" ] (_: { monitor = config.common.monitors.work.name; }); + programs.my-niri.workspaces = lib.genAttrs [ "06" "07" "08" "09" "10" ] (_: { + monitor = config.common.monitors.work.name; + }); programs.niri.settings = { # input.keyboard.xkb.options = "ctrl:swapcaps"; input.mouse = lib.mkForce { @@ -110,19 +125,29 @@ in settings = [ { profile.name = "undocked"; - profile.outputs = [{ criteria = "eDP-1"; }]; + profile.outputs = [ { criteria = "eDP-1"; } ]; } { profile.name = "work-both"; profile.outputs = [ - { criteria = "eDP-1"; position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}"; status = "enable"; } - { criteria = work.name; position = "1920,0"; } + { + criteria = "eDP-1"; + position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}"; + status = "enable"; + } + { + criteria = work.name; + position = "1920,0"; + } ]; } { profile.name = "work-one"; profile.outputs = [ - { criteria = "eDP-1"; status = "disable"; } + { + criteria = "eDP-1"; + status = "disable"; + } { criteria = work.name; } ]; } @@ -139,4 +164,3 @@ in # changes in each release. home.stateVersion = "21.05"; } - diff --git a/home/osu/default.nix b/home/osu/default.nix index 93b073b..0ef64a5 100644 --- a/home/osu/default.nix +++ b/home/osu/default.nix @@ -2,7 +2,9 @@ let # osu-pkg = pkgs.unstable.osu-lazer-bin; - osu-pkg = with pkgs; with lib; + osu-pkg = + with pkgs; + with lib; appimageTools.wrapType2 rec { pname = "osu-lazer-bin"; version = "2025.321.0"; @@ -13,7 +15,8 @@ let extraPkgs = pkgs: with pkgs; [ icu ]; extraInstallCommands = - let contents = appimageTools.extract { inherit pname version src; }; + let + contents = appimageTools.extract { inherit pname version src; }; in '' mv -v $out/bin/${pname} $out/bin/osu\! @@ -30,4 +33,3 @@ in xdg.mimeApps.defaultApplications."x-scheme-handler/osu" = "osu!.desktop"; # home.packages = [ pkgs.osu-lazer ]; } - diff --git a/kagami-air-m1/configuration.nix b/kagami-air-m1/configuration.nix index 05b9cc3..e444af6 100644 --- a/kagami-air-m1/configuration.nix +++ b/kagami-air-m1/configuration.nix @@ -2,25 +2,40 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Encrypted DNS - ../modules/services/edns - # Override base mesa - ({ ... }: { nixpkgs.overlays = lib.mkBefore [ (final: prev: { mesa = prev.mesa.override { enableOpenCL = true; meson = final.unstable.meson; }; }) ]; }) - ]; + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Fonts + ../modules/personal/fonts + # Encrypted DNS + ../modules/services/edns + # Override base mesa + ( + { ... }: + { + nixpkgs.overlays = lib.mkBefore [ + (final: prev: { + mesa = prev.mesa.override { + enableOpenCL = true; + meson = final.unstable.meson; + }; + }) + ]; + } + ) + ]; # time.timeZone = lib.mkForce "Asia/Ho_Chi_Minh"; services.xserver.desktopManager.plasma5.enable = true; - # Asahi kernel configuration hardware.asahi = { peripheralFirmwareDirectory = ./firmware; @@ -46,9 +61,9 @@ hash = "sha256-IcKKe1RA8sCaUfWK71ELzF15YaBS3DjoYhNMIWiQ5Jw="; }; - patches = lib.forEach attrs.patches (p: - if lib.hasSuffix "opencl.patch" p - then ./mesa-asahi-edge/opencl.patch else p); + patches = lib.forEach attrs.patches ( + p: if lib.hasSuffix "opencl.patch" p then ./mesa-asahi-edge/opencl.patch else p + ); }); }) ]; @@ -145,4 +160,3 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.05"; # Did you read the comment? } - diff --git a/kagami-air-m1/hardware-configuration.nix b/kagami-air-m1/hardware-configuration.nix index 6e7a6a0..5c974e5 100644 --- a/kagami-air-m1/hardware-configuration.nix +++ b/kagami-air-m1/hardware-configuration.nix @@ -1,33 +1,39 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; boot.initrd.availableKernelModules = [ "usb_storage" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/ebb6bf2e-2d7f-4fa6-88cb-751fdd174ef9"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/ebb6bf2e-2d7f-4fa6-88cb-751fdd174ef9"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/19BC-1BE8"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/19BC-1BE8"; + fsType = "vfat"; + }; swapDevices = [ - { device = "/swap"; size = 16 * 1024; } + { + device = "/swap"; + size = 16 * 1024; + } ]; # nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; diff --git a/modules/cloud/authentik/default.nix b/modules/cloud/authentik/default.nix index 4a3d262..4d73bca 100644 --- a/modules/cloud/authentik/default.nix +++ b/modules/cloud/authentik/default.nix @@ -1,11 +1,15 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let cfg = config.cloud.authentik; - mkImage = - { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; + mkImage = { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; # If we can pullImage we can just do # mkImage = pkgs.dockerTools.pullImage; @@ -62,7 +66,10 @@ in image = images.postgresql; restart = "unless-stopped"; healthcheck = { - test = [ "CMD-SHELL" "pg_isready -d $\${POSTGRES_DB} -U $\${POSTGRES_USER}" ]; + test = [ + "CMD-SHELL" + "pg_isready -d $\${POSTGRES_DB} -U $\${POSTGRES_USER}" + ]; start_period = "20s"; interval = "30s"; retries = 5; @@ -73,14 +80,20 @@ in POSTGRES_USER = "authentik"; POSTGRES_DB = "authentik"; }; - env_file = [ cfg.envFile "${postgresEnv}" ]; + env_file = [ + cfg.envFile + "${postgresEnv}" + ]; }; services.redis.service = { image = images.redis; command = "--save 60 1 --loglevel warning"; restart = "unless-stopped"; healthcheck = { - test = [ "CMD-SHELL" "redis-cli ping | grep PONG" ]; + test = [ + "CMD-SHELL" + "redis-cli ping | grep PONG" + ]; start_period = "20s"; interval = "30s"; retries = 5; @@ -102,7 +115,10 @@ in AUTHENTIK_POSTGRESQL__USER = "authentik"; AUTHENTIK_POSTGRESQL__NAME = "authentik"; }; - env_file = [ cfg.envFile "${authentikEnv}" ]; + env_file = [ + cfg.envFile + "${authentikEnv}" + ]; ports = [ "127.0.0.1:${toString cfg.port}:9000" ]; @@ -124,7 +140,10 @@ in AUTHENTIK_POSTGRESQL__USER = "authentik"; AUTHENTIK_POSTGRESQL__NAME = "authentik"; }; - env_file = [ cfg.envFile "${authentikEnv}" ]; + env_file = [ + cfg.envFile + "${authentikEnv}" + ]; user = "root"; }; docker-compose.volumes = { @@ -134,4 +153,3 @@ in }; }; } - diff --git a/modules/cloud/bitwarden/default.nix b/modules/cloud/bitwarden/default.nix index ae8c182..23dc6ca 100644 --- a/modules/cloud/bitwarden/default.nix +++ b/modules/cloud/bitwarden/default.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: with lib; let diff --git a/modules/cloud/conduit/default.nix b/modules/cloud/conduit/default.nix index c4ad7cd..155a3d6 100644 --- a/modules/cloud/conduit/default.nix +++ b/modules/cloud/conduit/default.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let cfg = config.cloud.conduit; @@ -33,95 +38,105 @@ with lib; }; instances = mkOption { - type = types.attrsOf (types.submodule { - options = { - host = mkOption { - type = types.str; + type = types.attrsOf ( + types.submodule { + options = { + host = mkOption { + type = types.str; + }; + server_name = mkOption { + type = types.str; + default = ""; + }; + port = mkOption { + type = types.int; + }; + noCloudflare = mkOption { + type = types.bool; + default = false; + }; + allow_registration = mkOption { + type = types.bool; + default = false; + }; + well-known_port = mkOption { + type = types.int; + }; }; - server_name = mkOption { - type = types.str; - default = ""; - }; - port = mkOption { - type = types.int; - }; - noCloudflare = mkOption { - type = types.bool; - default = false; - }; - allow_registration = mkOption { - type = types.bool; - default = false; - }; - well-known_port = mkOption { - type = types.int; - }; - }; - }); + } + ); }; }; - config.systemd.services = mkIf cfg.enable - (lib.attrsets.mapAttrs' - (name: instance: lib.attrsets.nameValuePair "matrix-conduit-${name}" - ( - let - srvName = "matrix-conduit-${name}"; - format = pkgs.formats.toml { }; - server_name = if instance.server_name == "" then instance.host else instance.server_name; - configFile = format.generate "conduit.toml" (lib.attrsets.recursiveUpdate defaultConfig { + config.systemd.services = mkIf cfg.enable ( + lib.attrsets.mapAttrs' ( + name: instance: + lib.attrsets.nameValuePair "matrix-conduit-${name}" ( + let + srvName = "matrix-conduit-${name}"; + format = pkgs.formats.toml { }; + server_name = if instance.server_name == "" then instance.host else instance.server_name; + configFile = format.generate "conduit.toml" ( + lib.attrsets.recursiveUpdate defaultConfig { global.server_name = server_name; global.port = instance.port; global.allow_registration = instance.allow_registration; global.database_path = "/mnt/data/${srvName}/"; global.well_known_client = "https://${instance.host}"; global.well_known_server = "${instance.host}:443"; - }); - in - { - description = "Conduit Matrix Server (for ${server_name})"; - documentation = [ "https://gitlab.com/famedly/conduit/" ]; - wantedBy = [ "multi-user.target" ]; - environment = { CONDUIT_CONFIG = configFile; }; - serviceConfig = { - DynamicUser = true; - User = "${srvName}"; - LockPersonality = true; - MemoryDenyWriteExecute = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - PrivateDevices = true; - PrivateMounts = true; - PrivateUsers = true; - RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; - RestrictNamespaces = true; - RestrictRealtime = true; - SystemCallArchitectures = "native"; - SystemCallFilter = [ - "@system-service" - "~@privileged" - ]; - # StateDirectory = "/mnt/data/${srvName}"; - BindPaths = [ "/mnt/data/${srvName}" ]; - ExecStart = "${cfg.package}/bin/conduit"; - Restart = "on-failure"; - RestartSec = 10; - StartLimitBurst = 5; - }; - } - )) - cfg.instances); + } + ); + in + { + description = "Conduit Matrix Server (for ${server_name})"; + documentation = [ "https://gitlab.com/famedly/conduit/" ]; + wantedBy = [ "multi-user.target" ]; + environment = { + CONDUIT_CONFIG = configFile; + }; + serviceConfig = { + DynamicUser = true; + User = "${srvName}"; + LockPersonality = true; + MemoryDenyWriteExecute = true; + ProtectClock = true; + ProtectControlGroups = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + PrivateDevices = true; + PrivateMounts = true; + PrivateUsers = true; + RestrictAddressFamilies = [ + "AF_INET" + "AF_INET6" + ]; + RestrictNamespaces = true; + RestrictRealtime = true; + SystemCallArchitectures = "native"; + SystemCallFilter = [ + "@system-service" + "~@privileged" + ]; + # StateDirectory = "/mnt/data/${srvName}"; + BindPaths = [ "/mnt/data/${srvName}" ]; + ExecStart = "${cfg.package}/bin/conduit"; + Restart = "on-failure"; + RestartSec = 10; + StartLimitBurst = 5; + }; + } + ) + ) cfg.instances + ); config.cloud.traefik.hosts = mkIf cfg.enable ( - (lib.attrsets.mapAttrs' - (name: instance: lib.attrsets.nameValuePair "conduit-${name}" ({ + (lib.attrsets.mapAttrs' ( + name: instance: + lib.attrsets.nameValuePair "conduit-${name}" ({ inherit (instance) host port noCloudflare; - })) - cfg.instances) + }) + ) cfg.instances) ); } - diff --git a/modules/cloud/conduit/heisenbridge.nix b/modules/cloud/conduit/heisenbridge.nix index c220423..18be631 100644 --- a/modules/cloud/conduit/heisenbridge.nix +++ b/modules/cloud/conduit/heisenbridge.nix @@ -1,9 +1,15 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let cfg = config.cloud.conduit.heisenbridge; cfgConduit = config.cloud.conduit; in -with lib; { +with lib; +{ options.cloud.conduit.heisenbridge = { enable = mkEnableOption "Enable heisenbridge for conduit"; package = mkPackageOption pkgs "heisenbridge" { }; @@ -23,17 +29,26 @@ with lib; { }; config = mkIf cfg.enable ( let - cfgFile = if cfg.port == null then cfg.appserviceFile else - pkgs.runCommand "heisenbridge-config" { } '' - cp ${cfg.appserviceFile} $out - ${pkgs.sd}/bin/sd '^url: .*$' "url: http://127.0.0.1:${cfg.port}" - ''; - listenArgs = lists.optionals (cfg.port != null) [ "--listen-port" (toString cfg.port) ]; + cfgFile = + if cfg.port == null then + cfg.appserviceFile + else + pkgs.runCommand "heisenbridge-config" { } '' + cp ${cfg.appserviceFile} $out + ${pkgs.sd}/bin/sd '^url: .*$' "url: http://127.0.0.1:${cfg.port}" + ''; + listenArgs = lists.optionals (cfg.port != null) [ + "--listen-port" + (toString cfg.port) + ]; in { systemd.services.heisenbridge = { description = "Matrix<->IRC bridge"; - requires = [ "matrix-conduit-nkagami.service" "matrix-synapse.service" ]; # So the registration file can be used by Synapse + requires = [ + "matrix-conduit-nkagami.service" + "matrix-synapse.service" + ]; # So the registration file can be used by Synapse wantedBy = [ "multi-user.target" ]; serviceConfig = rec { @@ -77,12 +92,18 @@ with lib; { RemoveIPC = true; UMask = "0077"; - CapabilityBoundingSet = [ "CAP_CHOWN" ] ++ optional (cfg.port != null && cfg.port < 1024) "CAP_NET_BIND_SERVICE"; + CapabilityBoundingSet = [ + "CAP_CHOWN" + ] ++ optional (cfg.port != null && cfg.port < 1024) "CAP_NET_BIND_SERVICE"; AmbientCapabilities = CapabilityBoundingSet; NoNewPrivileges = true; LockPersonality = true; RestrictRealtime = true; - SystemCallFilter = [ "@system-service" "~@privileged" "@chown" ]; + SystemCallFilter = [ + "@system-service" + "~@privileged" + "@chown" + ]; SystemCallArchitectures = "native"; RestrictAddressFamilies = "AF_INET AF_INET6"; }; @@ -97,4 +118,3 @@ with lib; { } ); } - diff --git a/modules/cloud/firezone/default.nix b/modules/cloud/firezone/default.nix index 3a5a2c4..3624162 100644 --- a/modules/cloud/firezone/default.nix +++ b/modules/cloud/firezone/default.nix @@ -1,11 +1,15 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let cfg = config.cloud.firezone; - mkImage = - { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; + mkImage = { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; # If we can pullImage we can just do # mkImage = pkgs.dockerTools.pullImage; @@ -48,7 +52,10 @@ in image = images.postgresql; restart = "unless-stopped"; healthcheck = { - test = [ "CMD-SHELL" "pg_isready -d $\${POSTGRES_DB} -U $\${POSTGRES_USER}" ]; + test = [ + "CMD-SHELL" + "pg_isready -d $\${POSTGRES_DB} -U $\${POSTGRES_USER}" + ]; start_period = "20s"; interval = "30s"; retries = 5; @@ -89,7 +96,10 @@ in driver = "bridge"; ipam.config = [ { subnet = "172.25.0.0/16"; } - { subnet = "2001:3990:3990::/64"; gateway = "2001:3990:3990::1"; } + { + subnet = "2001:3990:3990::/64"; + gateway = "2001:3990:3990::1"; + } ]; }; }; diff --git a/modules/cloud/gotosocial/default.nix b/modules/cloud/gotosocial/default.nix index 745dc62..4595d26 100644 --- a/modules/cloud/gotosocial/default.nix +++ b/modules/cloud/gotosocial/default.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let cfg = config.cloud.gotosocial; @@ -41,13 +46,21 @@ in # Postgres cloud.postgresql.databases = [ dbUser ]; # Traefik - cloud.traefik.hosts = { gotosocial = { inherit (cfg) host port; }; } // - (if cfg.accountDomain != cfg.host && cfg.accountDomain != "" then { - gotosocial-wellknown = { - inherit (cfg) port; - filter = "Host(`${cfg.accountDomain}`) && (PathPrefix(`/.well-known/webfinger`) || PathPrefix(`/.well-known/nodeinfo`) || PathPrefix(`/.well-known/host-meta`))"; - }; - } else { }); + cloud.traefik.hosts = + { + gotosocial = { inherit (cfg) host port; }; + } + // ( + if cfg.accountDomain != cfg.host && cfg.accountDomain != "" then + { + gotosocial-wellknown = { + inherit (cfg) port; + filter = "Host(`${cfg.accountDomain}`) && (PathPrefix(`/.well-known/webfinger`) || PathPrefix(`/.well-known/nodeinfo`) || PathPrefix(`/.well-known/host-meta`))"; + }; + } + else + { } + ); # The service itself services.gotosocial = { enable = true; @@ -60,7 +73,10 @@ in bind-address = "localhost"; port = cfg.port; # Instance - instance-languages = [ "en-ca" "vi" ]; + instance-languages = [ + "en-ca" + "vi" + ]; # Accounts accounts-registration-open = false; accounts-allow-custom-css = true; @@ -73,15 +89,23 @@ in web-template-base-dir = "${cfg.package}/share/gotosocial/web/template"; web-asset-base-dir = "${cfg.package}/share/gotosocial/web/assets"; # Media - media-emoji-remote-max-size = 256 * 1024 /* bytes */; - media-emoji-local-max-size = 256 * 1024 /* bytes */; + media-emoji-remote-max-size = + 256 * 1024 # bytes + ; + media-emoji-local-max-size = + 256 * 1024 # bytes + ; media-remote-cache-days = 7; media-cleanup-from = "00:00"; media-cleanup-every = "24h"; # OIDC oidc-enabled = true; oidc-idp-name = "DTTH"; - oidc-scopes = [ "openid" "email" "profile" ]; + oidc-scopes = [ + "openid" + "email" + "profile" + ]; # HTTP Client http-client.block-ips = [ "11.0.0.0/24" ]; # Advanced @@ -92,8 +116,14 @@ in # instance-inject-mastodon-version = true; }; }; - systemd.services.gotosocial.requires = mkAfter [ "postgresql.service" "arion-authentik.service" ]; - systemd.services.gotosocial.after = mkAfter [ "postgresql.service" "arion-authentik.service" ]; + systemd.services.gotosocial.requires = mkAfter [ + "postgresql.service" + "arion-authentik.service" + ]; + systemd.services.gotosocial.after = mkAfter [ + "postgresql.service" + "arion-authentik.service" + ]; systemd.services.gotosocial.unitConfig = { RequiresMountsFor = [ storageLocation ]; ReadWritePaths = [ storageLocation ]; diff --git a/modules/cloud/mail/default.nix b/modules/cloud/mail/default.nix index 0232c8d..0195044 100644 --- a/modules/cloud/mail/default.nix +++ b/modules/cloud/mail/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let @@ -238,7 +243,12 @@ in # MTA-STS server services.nginx.enable = true; services.nginx.virtualHosts.maddy-mta-sts = { - listen = [{ addr = "127.0.0.1"; port = mtaStsPort; }]; + listen = [ + { + addr = "127.0.0.1"; + port = mtaStsPort; + } + ]; root = mtaStsDir; }; @@ -273,7 +283,10 @@ in # maddy itself systemd.services."${name}" = { - after = [ "network.target" "traefik-certs-dumper.service" ]; + after = [ + "network.target" + "traefik-certs-dumper.service" + ]; wantedBy = [ "multi-user.target" ]; requires = [ "postgresql.service" ]; @@ -327,7 +340,6 @@ in KillMode = "mixed"; KillSignal = "SIGTERM"; - # Required to bind on ports lower than 1024. AmbientCapabilities = "CAP_NET_BIND_SERVICE"; CapabilityBoundingSet = "CAP_NET_BIND_SERVICE"; diff --git a/modules/cloud/postgresql/default.nix b/modules/cloud/postgresql/default.nix index 98038ab..6e664d3 100644 --- a/modules/cloud/postgresql/default.nix +++ b/modules/cloud/postgresql/default.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let diff --git a/modules/cloud/traefik/certs-dumper.nix b/modules/cloud/traefik/certs-dumper.nix index f78a831..7d300c2 100644 --- a/modules/cloud/traefik/certs-dumper.nix +++ b/modules/cloud/traefik/certs-dumper.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let diff --git a/modules/cloud/traefik/config.nix b/modules/cloud/traefik/config.nix index eaebfc0..6741298 100644 --- a/modules/cloud/traefik/config.nix +++ b/modules/cloud/traefik/config.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: with lib; let @@ -9,126 +14,169 @@ let }; # Copied from traefik.nix - jsonValue = with types; + jsonValue = + with types; let - valueType = nullOr - (oneOf [ + valueType = + nullOr (oneOf [ bool int float str (lazyAttrsOf valueType) (listOf valueType) - ]) // { - description = "JSON value"; - emptyValue.value = { }; - }; + ]) + // { + description = "JSON value"; + emptyValue.value = { }; + }; in valueType; - hostType = with types; submodule { - options = { - host = mkOption { - type = str; - description = "The host for the router filter"; - }; - path = mkOption { - type = nullOr str; - default = null; - description = "The path for the router filter (exact path is matched)"; - }; - filter = mkOption { - type = nullOr str; - default = null; - description = "The filter syntax for the router. Overrides `host` and `path` if provided"; - }; - localHost = mkOption { - type = types.nullOr types.str; - description = "The local host of the service. Must be an IP if protocol is TCP. Default to localhost/127.0.0.1"; - default = null; - }; - port = mkOption { - type = types.port; - description = "The port that the service is listening on"; - }; - entrypoints = mkOption { - type = listOf (enum [ "http" "https" "smtp-submission" "smtp-submission-ssl" "imap" "wireguard" ]); - default = [ "https" ]; - description = "The entrypoints that will serve the host"; - }; - middlewares = mkOption { - type = listOf jsonValue; - default = [ ]; - description = "The middlewares to be used with the host."; - }; - protocol = mkOption { - type = enum [ "http" "tcp" "udp" ]; - default = "http"; - description = "The protocol of the router and service"; - }; - tlsPassthrough = mkOption { - type = types.bool; - default = true; - description = "Sets the TCP passthrough value. Defaults to `true` if the connection is tcp"; - }; - noCloudflare = mkOption { - type = types.bool; - default = false; - description = "Bypasses the client cert requirement, enable if you don't route things through cloudflare"; + hostType = + with types; + submodule { + options = { + host = mkOption { + type = str; + description = "The host for the router filter"; + }; + path = mkOption { + type = nullOr str; + default = null; + description = "The path for the router filter (exact path is matched)"; + }; + filter = mkOption { + type = nullOr str; + default = null; + description = "The filter syntax for the router. Overrides `host` and `path` if provided"; + }; + localHost = mkOption { + type = types.nullOr types.str; + description = "The local host of the service. Must be an IP if protocol is TCP. Default to localhost/127.0.0.1"; + default = null; + }; + port = mkOption { + type = types.port; + description = "The port that the service is listening on"; + }; + entrypoints = mkOption { + type = listOf (enum [ + "http" + "https" + "smtp-submission" + "smtp-submission-ssl" + "imap" + "wireguard" + ]); + default = [ "https" ]; + description = "The entrypoints that will serve the host"; + }; + middlewares = mkOption { + type = listOf jsonValue; + default = [ ]; + description = "The middlewares to be used with the host."; + }; + protocol = mkOption { + type = enum [ + "http" + "tcp" + "udp" + ]; + default = "http"; + description = "The protocol of the router and service"; + }; + tlsPassthrough = mkOption { + type = types.bool; + default = true; + description = "Sets the TCP passthrough value. Defaults to `true` if the connection is tcp"; + }; + noCloudflare = mkOption { + type = types.bool; + default = false; + description = "Bypasses the client cert requirement, enable if you don't route things through cloudflare"; + }; }; }; - }; # Returns the filter given a host configuration - filterOfHost = host: + filterOfHost = + host: let hostFilter = if host.protocol == "http" then "Host" else "HostSNI"; in - if host.filter != null then host.filter - else if host.path == null then "${hostFilter}(`${host.host}`)" - else "${hostFilter}(`${host.host}`) && Path(`${host.path}`)"; + if host.filter != null then + host.filter + else if host.path == null then + "${hostFilter}(`${host.host}`)" + else + "${hostFilter}(`${host.host}`) && Path(`${host.path}`)"; # Turns a host configuration into dynamic traefik configuration hostToConfig = name: host: { - "${host.protocol}" = { - routers."${name}-router" = (if (host.protocol != "udp") then { - rule = filterOfHost host; - tls = { certResolver = "le"; } - // (if host.protocol == "tcp" then { passthrough = if (host ? tlsPassthrough) then host.tlsPassthrough else true; } else { }) - // (if host.noCloudflare then tlsNoCloudflare else { }); - } else { }) // { - entryPoints = host.entrypoints; - service = "${name}-service"; - } // ( - if host.protocol == "http" then - { middlewares = lists.imap0 (id: m: "${name}-middleware-${toString id}") host.middlewares; } - else if host.middlewares == [ ] then + "${host.protocol}" = + { + routers."${name}-router" = + ( + if (host.protocol != "udp") then + { + rule = filterOfHost host; + tls = + { + certResolver = "le"; + } + // ( + if host.protocol == "tcp" then + { passthrough = if (host ? tlsPassthrough) then host.tlsPassthrough else true; } + else + { } + ) + // (if host.noCloudflare then tlsNoCloudflare else { }); + } + else + { } + ) + // { + entryPoints = host.entrypoints; + service = "${name}-service"; + } + // ( + if host.protocol == "http" then + { middlewares = lists.imap0 (id: m: "${name}-middleware-${toString id}") host.middlewares; } + else if host.middlewares == [ ] then + { } + else + abort "Cannot have middlewares on non-http routers" + ); + services."${name}-service".loadBalancer.servers = [ + ( + let + localhost = + if isNull host.localHost then + (if host.protocol == "http" then "localhost" else "127.0.0.1") + else + host.localHost; + in + if host.protocol == "http" then + { url = "http://${localhost}:${toString host.port}"; } + else + { address = "${localhost}:${toString host.port}"; } + ) + ]; + } + // ( + if (host.middlewares != [ ]) then + { + middlewares = builtins.listToAttrs ( + lists.imap0 (id: v: { + name = "${name}-middleware-${toString id}"; + value = v; + }) host.middlewares + ); + } + else { } - else abort "Cannot have middlewares on non-http routers" ); - services."${name}-service".loadBalancer.servers = [ - ( - let - localhost = - if isNull host.localHost then - ( - if host.protocol == "http" then "localhost" - else "127.0.0.1" - ) else host.localHost; - in - if host.protocol == "http" then - { url = "http://${localhost}:${toString host.port}"; } - else { address = "${localhost}:${toString host.port}"; } - ) - ]; - } // (if (host.middlewares != [ ]) then { - middlewares = builtins.listToAttrs (lists.imap0 - (id: v: { - name = "${name}-middleware-${toString id}"; - value = v; - }) - host.middlewares); - } else { }); }; tlsConfig = { diff --git a/modules/cloud/traefik/dashboard.nix b/modules/cloud/traefik/dashboard.nix index 4c99159..a8c7f4f 100644 --- a/modules/cloud/traefik/dashboard.nix +++ b/modules/cloud/traefik/dashboard.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let @@ -28,7 +33,8 @@ in # Dynamic configuration # --------------------- ## Middleware - services.traefik.dynamicConfigOptions.http.middlewares.dashboard-auth.basicAuth.usersFile = cfg.usersFile; + services.traefik.dynamicConfigOptions.http.middlewares.dashboard-auth.basicAuth.usersFile = + cfg.usersFile; ## Router services.traefik.dynamicConfigOptions.http.routers.dashboard = { rule = "Host(`${cfg.host}`)"; diff --git a/modules/cloud/traefik/default.nix b/modules/cloud/traefik/default.nix index 6a98728..98e8175 100644 --- a/modules/cloud/traefik/default.nix +++ b/modules/cloud/traefik/default.nix @@ -1,22 +1,29 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let # Copied from traefik.nix - jsonValue = with types; + jsonValue = + with types; let - valueType = nullOr - (oneOf [ + valueType = + nullOr (oneOf [ bool int float str (lazyAttrsOf valueType) (listOf valueType) - ]) // { - description = "JSON value"; - emptyValue.value = { }; - }; + ]) + // { + description = "JSON value"; + emptyValue.value = { }; + }; in valueType; @@ -41,7 +48,11 @@ let cfg = config.cloud.traefik; in { - imports = [ ./config.nix ./dashboard.nix ./certs-dumper.nix ]; + imports = [ + ./config.nix + ./dashboard.nix + ./certs-dumper.nix + ]; options.cloud.traefik = { cloudflareKeyFile = mkOption { type = types.path; @@ -104,7 +115,12 @@ in config.systemd.services.traefik.environment.CF_DNS_API_TOKEN_FILE = cfg.cloudflareKeyFile; # Set up firewall to allow traefik traffic. - config.networking.firewall.allowedTCPPorts = [ 443 993 587 465 ]; + config.networking.firewall.allowedTCPPorts = [ + 443 + 993 + 587 + 465 + ]; config.networking.firewall.allowedUDPPorts = [ 443 # QUIC 51820 # Wireguard diff --git a/modules/cloud/writefreely/default.nix b/modules/cloud/writefreely/default.nix index d4babcc..d26de4a 100644 --- a/modules/cloud/writefreely/default.nix +++ b/modules/cloud/writefreely/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let cfg = config.cloud.writefreely; @@ -62,4 +67,3 @@ in } ); } - diff --git a/modules/common/linux/default.nix b/modules/common/linux/default.nix index 9b62044..927cef8 100644 --- a/modules/common/linux/default.nix +++ b/modules/common/linux/default.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let @@ -6,118 +11,142 @@ let # Modules modules = { - adb = { config, ... }: mkIf config.common.linux.enable { - services.udev.packages = with pkgs; [ android-udev-rules ]; - programs.adb.enable = true; - users.users.${config.common.linux.username}.extraGroups = [ "adbusers" ]; - }; - ios = { config, pkgs, ... }: mkIf config.common.linux.enable { - services.usbmuxd.enable = true; - services.usbmuxd.package = pkgs.usbmuxd2; - environment.systemPackages = with pkgs; [ - libimobiledevice - ifuse - ]; - users.users.${config.common.linux.username}.extraGroups = [ config.services.usbmuxd.group ]; - systemd.network.networks."05-ios-tethering" = { - matchConfig.Driver = "ipheth"; - networkConfig.DHCP = "yes"; - linkConfig.RequiredForOnline = "no"; + adb = + { config, ... }: + mkIf config.common.linux.enable { + services.udev.packages = with pkgs; [ android-udev-rules ]; + programs.adb.enable = true; + users.users.${config.common.linux.username}.extraGroups = [ "adbusers" ]; }; - }; - - graphics = { config, pkgs, ... }: { - hardware.graphics.enable = true; - hardware.graphics.enable32Bit = true; - # Monitor backlight - hardware.i2c.enable = true; - services.ddccontrol.enable = true; - environment.systemPackages = [ pkgs.luminance pkgs.ddcutil ]; - }; - - accounts = { pkgs, ... }: mkIf (config.common.linux.enable && !pkgs.stdenv.isAarch64) { - environment.systemPackages = [ pkgs.glib (pkgs.gnome-control-center or pkgs.gnome.gnome-control-center) ]; - services.accounts-daemon.enable = true; - services.gnome.gnome-online-accounts.enable = true; - # programs.evolution.enable = true; - # programs.evolution.plugins = with pkgs; [ evolution-ews ]; - # services.gnome.evolution-data-server.enable = true; - # services.gnome.evolution-data-server.plugins = with pkgs; [ evolution-ews ]; - }; - - wlr = { lib, config, ... }: mkIf config.common.linux.enable { - # swaync disable notifications on screencast - xdg.portal.wlr.settings.screencast = { - exec_before = ''which swaync-client && swaync-client --inhibitor-add "xdg-desktop-portal-wlr" || true''; - exec_after = ''which swaync-client && swaync-client --inhibitor-remove "xdg-desktop-portal-wlr" || true''; + ios = + { config, pkgs, ... }: + mkIf config.common.linux.enable { + services.usbmuxd.enable = true; + services.usbmuxd.package = pkgs.usbmuxd2; + environment.systemPackages = with pkgs; [ + libimobiledevice + ifuse + ]; + users.users.${config.common.linux.username}.extraGroups = [ config.services.usbmuxd.group ]; + systemd.network.networks."05-ios-tethering" = { + matchConfig.Driver = "ipheth"; + networkConfig.DHCP = "yes"; + linkConfig.RequiredForOnline = "no"; + }; }; - # Niri stuff - # https://github.com/sodiboo/niri-flake/blob/main/docs.md - programs.niri.enable = true; - programs.niri.package = pkgs.niri-stable; - # Override gnome-keyring disabling - services.gnome.gnome-keyring.enable = lib.mkForce false; - }; - - logitech = { pkgs, ... }: mkIf cfg.enable { - services.ratbagd.enable = true; - environment.systemPackages = with pkgs; [ piper ]; - }; - - kwallet = { pkgs, lib, ... }: mkIf cfg.enable { - environment.systemPackages = [ pkgs.kdePackages.kwallet ]; - services.dbus.packages = [ pkgs.kdePackages.kwallet ]; - xdg.portal = { - extraPortals = [ pkgs.kdePackages.kwallet ]; + graphics = + { config, pkgs, ... }: + { + hardware.graphics.enable = true; + hardware.graphics.enable32Bit = true; + # Monitor backlight + hardware.i2c.enable = true; + services.ddccontrol.enable = true; + environment.systemPackages = [ + pkgs.luminance + pkgs.ddcutil + ]; }; - }; - virtualisation = { pkgs, ... }: mkIf cfg.enable { - virtualisation.podman = { + accounts = + { pkgs, ... }: + mkIf (config.common.linux.enable && !pkgs.stdenv.isAarch64) { + environment.systemPackages = [ + pkgs.glib + (pkgs.gnome-control-center or pkgs.gnome.gnome-control-center) + ]; + services.accounts-daemon.enable = true; + services.gnome.gnome-online-accounts.enable = true; + # programs.evolution.enable = true; + # programs.evolution.plugins = with pkgs; [ evolution-ews ]; + # services.gnome.evolution-data-server.enable = true; + # services.gnome.evolution-data-server.plugins = with pkgs; [ evolution-ews ]; + }; + + wlr = + { lib, config, ... }: + mkIf config.common.linux.enable { + # swaync disable notifications on screencast + xdg.portal.wlr.settings.screencast = { + exec_before = ''which swaync-client && swaync-client --inhibitor-add "xdg-desktop-portal-wlr" || true''; + exec_after = ''which swaync-client && swaync-client --inhibitor-remove "xdg-desktop-portal-wlr" || true''; + }; + + # Niri stuff + # https://github.com/sodiboo/niri-flake/blob/main/docs.md + programs.niri.enable = true; + programs.niri.package = pkgs.niri-stable; + # Override gnome-keyring disabling + services.gnome.gnome-keyring.enable = lib.mkForce false; + }; + + logitech = + { pkgs, ... }: + mkIf cfg.enable { + services.ratbagd.enable = true; + environment.systemPackages = with pkgs; [ piper ]; + }; + + kwallet = + { pkgs, lib, ... }: + mkIf cfg.enable { + environment.systemPackages = [ pkgs.kdePackages.kwallet ]; + services.dbus.packages = [ pkgs.kdePackages.kwallet ]; + xdg.portal = { + extraPortals = [ pkgs.kdePackages.kwallet ]; + }; + }; + + virtualisation = + { pkgs, ... }: + mkIf cfg.enable { + virtualisation.podman = { + enable = true; + extraPackages = [ pkgs.slirp4netns ]; + dockerCompat = true; + defaultNetwork.settings.dns_enabled = true; + }; + + virtualisation.oci-containers.backend = "podman"; + + virtualisation.virtualbox.host.enable = false; + users.extraGroups.vboxusers.members = [ cfg.username ]; + }; + }; + + rt-audio = + { pkgs, ... }: + mkIf cfg.enable { + services.pipewire.lowLatency = { + # enable this module enable = true; - extraPackages = [ pkgs.slirp4netns ]; - dockerCompat = true; - defaultNetwork.settings.dns_enabled = true; + # defaults (no need to be set unless modified) + quantum = 32; + rate = 44100; }; + security.rtkit.enable = true; - virtualisation.oci-containers.backend = "podman"; - - virtualisation.virtualbox.host.enable = false; - users.extraGroups.vboxusers.members = [ cfg.username ]; + # Real time configurations + boot.kernel.sysctl = { + "vm.swappiness" = 10; + "fs.inotify.max_user_watches" = 524288; + }; + security.pam.loginLimits = [ + { + domain = "@audio"; + item = "rtprio"; + type = "-"; + value = "90"; + } + { + domain = "@audio"; + item = "memlock"; + type = "-"; + value = "unlimited"; + } + ]; }; - }; - - rt-audio = { pkgs, ... }: mkIf cfg.enable { - services.pipewire.lowLatency = { - # enable this module - enable = true; - # defaults (no need to be set unless modified) - quantum = 32; - rate = 44100; - }; - security.rtkit.enable = true; - - # Real time configurations - boot.kernel.sysctl = { - "vm.swappiness" = 10; - "fs.inotify.max_user_watches" = 524288; - }; - security.pam.loginLimits = [ - { - domain = "@audio"; - item = "rtprio"; - type = "-"; - value = "90"; - } - { - domain = "@audio"; - item = "memlock"; - type = "-"; - value = "unlimited"; - } - ]; - }; in { imports = with modules; [ @@ -155,23 +184,30 @@ in dnsServers = mkOption { type = types.listOf types.str; description = "DNS server list"; - default = [ "1.1.1.1" "2606:4700:4700:1111" ]; + default = [ + "1.1.1.1" + "2606:4700:4700:1111" + ]; }; networks = mkOption { - type = types.attrsOf (types.submodule { - options.match = mkOption { - type = types.str; - description = "The interface name to match"; - }; - options.isRequired = mkOption { - type = types.bool; - description = "Require this interface to be connected for network-online.target"; - default = false; - }; - }); + type = types.attrsOf ( + types.submodule { + options.match = mkOption { + type = types.str; + description = "The interface name to match"; + }; + options.isRequired = mkOption { + type = types.bool; + description = "Require this interface to be connected for network-online.target"; + default = false; + }; + } + ); description = "Network configuration"; default = { - default = { match = "*"; }; + default = { + match = "*"; + }; }; }; }; @@ -196,18 +232,16 @@ in }; boot.initrd.systemd.enable = builtins.length (builtins.attrNames (cfg.luksDevices)) > 0; # LUKS devices - boot.initrd.luks.devices = builtins.mapAttrs - (name: path: { - device = path; - preLVM = true; - allowDiscards = true; + boot.initrd.luks.devices = builtins.mapAttrs (name: path: { + device = path; + preLVM = true; + allowDiscards = true; - crypttabExtraOpts = [ - "tpm2-device=auto" - "fido2-device=auto" - ]; - }) - cfg.luksDevices; + crypttabExtraOpts = [ + "tpm2-device=auto" + "fido2-device=auto" + ]; + }) cfg.luksDevices; ## Hardware-related @@ -251,7 +285,10 @@ in ]; shell = pkgs.fish; }; - nix.settings.trusted-users = [ "root" cfg.username ]; + nix.settings.trusted-users = [ + "root" + cfg.username + ]; ## Network configuration systemd.network.enable = true; @@ -262,13 +299,11 @@ in networking.hostName = cfg.networking.hostname; networking.wireless.iwd.enable = true; networking.wireless.iwd.settings.General.EnableNetworkConfiguration = true; - systemd.network.networks = builtins.mapAttrs - (name: cfg: { - matchConfig.Name = cfg.match; - networkConfig.DHCP = "yes"; - linkConfig.RequiredForOnline = if cfg.isRequired then "yes" else "no"; - }) - cfg.networking.networks; + systemd.network.networks = builtins.mapAttrs (name: cfg: { + matchConfig.Name = cfg.match; + networkConfig.DHCP = "yes"; + linkConfig.RequiredForOnline = if cfg.isRequired then "yes" else "no"; + }) cfg.networking.networks; # Leave DNS to systemd-resolved services.resolved.enable = true; services.resolved.domains = cfg.networking.dnsServers; @@ -285,19 +320,26 @@ in console.keyMap = "jp106"; # Console key layout i18n.defaultLocale = "ja_JP.UTF-8"; # Input methods (only fcitx5 works reliably on Wayland) - i18n.inputMethod = { - fcitx5.waylandFrontend = true; - fcitx5.addons = with pkgs; [ - fcitx5-mozc - fcitx5-unikey - fcitx5-gtk - ]; - } // (if config.system.nixos.release == "24.05" then { - enabled = "fcitx5"; - } else { - enable = true; - type = "fcitx5"; - }); + i18n.inputMethod = + { + fcitx5.waylandFrontend = true; + fcitx5.addons = with pkgs; [ + fcitx5-mozc + fcitx5-unikey + fcitx5-gtk + ]; + } + // ( + if config.system.nixos.release == "24.05" then + { + enabled = "fcitx5"; + } + else + { + enable = true; + type = "fcitx5"; + } + ); # Default packages environment.systemPackages = with pkgs; [ @@ -335,7 +377,10 @@ in programs.gamescope = { enable = true; # capSysNice = true; # https://github.com/NixOS/nixpkgs/issues/351516 - args = [ "--adaptive-sync" "--rt" ]; + args = [ + "--adaptive-sync" + "--rt" + ]; }; ## Services @@ -353,11 +398,22 @@ in wlr.enable = true; xdgOpenUsePortal = true; # gtk portal needed to make gtk apps happy - extraPortals = [ pkgs.kdePackages.xdg-desktop-portal-kde pkgs.xdg-desktop-portal-gtk ]; + extraPortals = [ + pkgs.kdePackages.xdg-desktop-portal-kde + pkgs.xdg-desktop-portal-gtk + ]; - config.sway.default = [ "wlr" "kde" "kwallet" ]; + config.sway.default = [ + "wlr" + "kde" + "kwallet" + ]; config.niri = { - default = [ "kde" "gnome" "gtk" ]; + default = [ + "kde" + "gnome" + "gtk" + ]; # "org.freedesktop.impl.portal.Access" = "gtk"; # "org.freedesktop.impl.portal.Notification" = "gtk"; "org.freedesktop.impl.portal.ScreenCast" = "gnome"; diff --git a/modules/my-tinc/default.nix b/modules/my-tinc/default.nix index 1b89ae2..02beeb6 100644 --- a/modules/my-tinc/default.nix +++ b/modules/my-tinc/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let @@ -36,72 +41,89 @@ in }; }; - config = mkIf cfg.enable (builtins.seq - (mkIf (isNull cfg.rsaPrivateKey && isNull cfg.ed25519PrivateKey) (builtins.abort "one of the keys must be defined")) - ( - let - networkName = "my-tinc"; + config = mkIf cfg.enable ( + builtins.seq + (mkIf (isNull cfg.rsaPrivateKey && isNull cfg.ed25519PrivateKey) ( + builtins.abort "one of the keys must be defined" + )) + ( + let + networkName = "my-tinc"; - myHost = builtins.getAttr cfg.hostName hosts; - myMeshIp = myHost.subnetAddr; - in - { - # Scripts that set up the tinc services - environment.etc = { - "tinc/${networkName}/tinc-up".source = pkgs.writeScript "tinc-up-${networkName}" '' - #!${pkgs.stdenv.shell} - ${pkgs.nettools}/bin/ifconfig $INTERFACE ${myMeshIp} netmask 255.255.255.0 - ''; - "tinc/${networkName}/tinc-down".source = pkgs.writeScript "tinc-down-${networkName}" '' - #!${pkgs.stdenv.shell} - /run/wrappers/bin/sudo ${pkgs.nettools}/bin/ifconfig $INTERFACE down - ''; - }; + myHost = builtins.getAttr cfg.hostName hosts; + myMeshIp = myHost.subnetAddr; + in + { + # Scripts that set up the tinc services + environment.etc = { + "tinc/${networkName}/tinc-up".source = pkgs.writeScript "tinc-up-${networkName}" '' + #!${pkgs.stdenv.shell} + ${pkgs.nettools}/bin/ifconfig $INTERFACE ${myMeshIp} netmask 255.255.255.0 + ''; + "tinc/${networkName}/tinc-down".source = pkgs.writeScript "tinc-down-${networkName}" '' + #!${pkgs.stdenv.shell} + /run/wrappers/bin/sudo ${pkgs.nettools}/bin/ifconfig $INTERFACE down + ''; + }; - # Allow the tinc service to call ifconfig without sudo password. - security.sudo.extraRules = [ - { - users = [ "tinc.${networkName}" ]; - commands = [ + # Allow the tinc service to call ifconfig without sudo password. + security.sudo.extraRules = [ + { + users = [ "tinc.${networkName}" ]; + commands = [ + { + command = "${pkgs.nettools}/bin/ifconfig"; + options = [ "NOPASSWD" ]; + } + ]; + } + ]; + + # simple interface setup + # ---------------------- + networking.interfaces."tinc.${networkName}".ipv4.addresses = [ + { + address = myMeshIp; + prefixLength = 24; + } + ]; + + # firewall + networking.firewall.allowedUDPPorts = [ 655 ]; + networking.firewall.allowedTCPPorts = [ 655 ]; + networking.firewall.interfaces."tinc.${networkName}" = { + allowedUDPPortRanges = [ { - command = "${pkgs.nettools}/bin/ifconfig"; - options = [ "NOPASSWD" ]; + from = 0; + to = 65535; } ]; - } - ]; + allowedTCPPortRanges = [ + { + from = 0; + to = 65535; + } + ]; + }; - # simple interface setup - # ---------------------- - networking.interfaces."tinc.${networkName}".ipv4.addresses = [{ address = myMeshIp; prefixLength = 24; }]; + # configure tinc service + # ---------------------- + services.tinc.networks."${networkName}" = { - # firewall - networking.firewall.allowedUDPPorts = [ 655 ]; - networking.firewall.allowedTCPPorts = [ 655 ]; - networking.firewall.interfaces."tinc.${networkName}" = { - allowedUDPPortRanges = [{ from = 0; to = 65535; }]; - allowedTCPPortRanges = [{ from = 0; to = 65535; }]; - }; + name = cfg.hostName; # who are we in this network. + debugLevel = 3; # the debug level for journal -u tinc.private + chroot = false; # otherwise addresses can't be a DNS + interfaceType = "tap"; # tun might also work. - # configure tinc service - # ---------------------- - services.tinc.networks."${networkName}" = { + bindToAddress = "* ${toString cfg.bindPort}"; - name = cfg.hostName; # who are we in this network. + ed25519PrivateKeyFile = cfg.ed25519PrivateKey; + rsaPrivateKeyFile = cfg.rsaPrivateKey; - debugLevel = 3; # the debug level for journal -u tinc.private - chroot = false; # otherwise addresses can't be a DNS - interfaceType = "tap"; # tun might also work. - - bindToAddress = "* ${toString cfg.bindPort}"; - - ed25519PrivateKeyFile = cfg.ed25519PrivateKey; - rsaPrivateKeyFile = cfg.rsaPrivateKey; - - settings.ExperimentalProtocol = "yes"; - }; - } - ) + settings.ExperimentalProtocol = "yes"; + }; + } + ) ); } diff --git a/modules/my-tinc/hosts.nix b/modules/my-tinc/hosts.nix index 58f375b..40e9987 100644 --- a/modules/my-tinc/hosts.nix +++ b/modules/my-tinc/hosts.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let @@ -6,30 +11,34 @@ let cfg = config.services.my-tinc; - mapAttrs = f: attrs: builtins.listToAttrs ( - map (name: { inherit name; value = f name (builtins.getAttr name attrs); }) (builtins.attrNames attrs) - ); + mapAttrs = + f: attrs: + builtins.listToAttrs ( + map (name: { + inherit name; + value = f name (builtins.getAttr name attrs); + }) (builtins.attrNames attrs) + ); in { config = mkIf cfg.enable { # All hosts we know of - services.tinc.networks.my-tinc.hostSettings = mapAttrs - (name: host: { - addresses = if (host ? address) then [{ address = host.address; }] else [ ]; - subnets = [{ address = host.subnetAddr; }]; - rsaPublicKey = mkIf (host ? "rsaPublicKey") host.rsaPublicKey; - settings.Ed25519PublicKey = mkIf (host ? "ed25519PublicKey") host.ed25519PublicKey; - }) - hosts; + services.tinc.networks.my-tinc.hostSettings = mapAttrs (name: host: { + addresses = if (host ? address) then [ { address = host.address; } ] else [ ]; + subnets = [ { address = host.subnetAddr; } ]; + rsaPublicKey = mkIf (host ? "rsaPublicKey") host.rsaPublicKey; + settings.Ed25519PublicKey = mkIf (host ? "ed25519PublicKey") host.ed25519PublicKey; + }) hosts; # Add all of them to host nki.services.edns = { enable = true; - cloaking-rules = - (lib.attrsets.mapAttrs' - (name: host: { name = "${name}.tinc"; value = host.subnetAddr; }) - hosts) - ; + cloaking-rules = ( + lib.attrsets.mapAttrs' (name: host: { + name = "${name}.tinc"; + value = host.subnetAddr; + }) hosts + ); }; }; } diff --git a/modules/personal/fonts/default.nix b/modules/personal/fonts/default.nix index 99203d3..64da72c 100644 --- a/modules/personal/fonts/default.nix +++ b/modules/personal/fonts/default.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: with lib; let @@ -11,46 +16,76 @@ in { imports = [ ./mounting.nix ]; # Fonts - config.fonts = { - packages = with pkgs; mkForce [ - noto-fonts-emoji-blob-bin - ibm-plex - nerd-fonts - noto-fonts - (pkgs.noto-fonts-cjk-sans or pkgs.noto-fonts-cjk) - merriweather - corefonts - font-awesome - hack-font # for Plasma - ]; - } // (if pkgs.stdenv.isLinux then { - enableDefaultPackages = false; - fontconfig = { - defaultFonts = { - emoji = lib.mkBefore [ "Blobmoji" ]; - serif = lib.mkBefore [ "IBM Plex Serif" "IBM Plex Sans JP" "IBM Plex Sans KR" "Blobmoji" ]; - sansSerif = lib.mkBefore [ "IBM Plex Sans" "IBM Plex Sans JP" "IBM Plex Sans KR" "Blobmoji" ]; - monospace = lib.mkBefore [ "IBM Plex Mono" "Font Awesome 6 Free" "Symbols Nerd Font" "Blobmoji" "IBM Plex Sans JP" ]; - }; - localConf = '' - - - - - system-ui - - IBM Plex Sans - IBM Plex Sans JP - IBM Plex Sans KR - Blobmoji - - - - ''; - }; - fontDir.enable = true; - } else { }) // (if pkgs.stdenv.isDarwin then { - fontDir.enable = true; - } else { }); + config.fonts = + { + packages = + with pkgs; + mkForce [ + noto-fonts-emoji-blob-bin + ibm-plex + nerd-fonts + noto-fonts + (pkgs.noto-fonts-cjk-sans or pkgs.noto-fonts-cjk) + merriweather + corefonts + font-awesome + hack-font # for Plasma + ]; + } + // ( + if pkgs.stdenv.isLinux then + { + enableDefaultPackages = false; + fontconfig = { + defaultFonts = { + emoji = lib.mkBefore [ "Blobmoji" ]; + serif = lib.mkBefore [ + "IBM Plex Serif" + "IBM Plex Sans JP" + "IBM Plex Sans KR" + "Blobmoji" + ]; + sansSerif = lib.mkBefore [ + "IBM Plex Sans" + "IBM Plex Sans JP" + "IBM Plex Sans KR" + "Blobmoji" + ]; + monospace = lib.mkBefore [ + "IBM Plex Mono" + "Font Awesome 6 Free" + "Symbols Nerd Font" + "Blobmoji" + "IBM Plex Sans JP" + ]; + }; + localConf = '' + + + + + system-ui + + IBM Plex Sans + IBM Plex Sans JP + IBM Plex Sans KR + Blobmoji + + + + ''; + }; + fontDir.enable = true; + } + else + { } + ) + // ( + if pkgs.stdenv.isDarwin then + { + fontDir.enable = true; + } + else + { } + ); } - diff --git a/modules/personal/fonts/mounting.nix b/modules/personal/fonts/mounting.nix index 4d0208a..ed3111c 100644 --- a/modules/personal/fonts/mounting.nix +++ b/modules/personal/fonts/mounting.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: lib.mkIf pkgs.stdenv.isLinux { system.fsPackages = [ pkgs.bindfs ]; fileSystems = @@ -6,7 +11,11 @@ lib.mkIf pkgs.stdenv.isLinux { mkRoSymBind = path: { device = path; fsType = "fuse.bindfs"; - options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ]; + options = [ + "ro" + "resolve-symlinks" + "x-gvfs-hide" + ]; }; aggregatedIcons = pkgs.buildEnv { name = "system-icons"; diff --git a/modules/personal/u2f.nix b/modules/personal/u2f.nix index 549c59a..fa10d4b 100644 --- a/modules/personal/u2f.nix +++ b/modules/personal/u2f.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let diff --git a/modules/services/edns/default.nix b/modules/services/edns/default.nix index c668093..7674eff 100644 --- a/modules/services/edns/default.nix +++ b/modules/services/edns/default.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let @@ -34,7 +39,10 @@ in # Sources sources.public_resolvers = { - urls = [ "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" ]; + urls = [ + "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" + "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" + ]; cache_file = "/var/lib/dnscrypt-proxy/public_resolvers.md"; minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; }; @@ -44,14 +52,22 @@ in # Anonymized DNS anonymized_dns.routes = [ - { server_name = "*"; via = [ "anon-plan9-dns" "anon-v.dnscrypt.up-ipv4" ]; } + { + server_name = "*"; + via = [ + "anon-plan9-dns" + "anon-v.dnscrypt.up-ipv4" + ]; + } ]; anonymized_dns.skip_incompatible = true; # Cloaking rules - cloaking_rules = pkgs.writeText "cloaking_rules.txt" (lib.strings.concatStringsSep - "\n" - (lib.attrsets.mapAttrsToList (name: ip: "${name} ${ip}") cfg.cloaking-rules)); + cloaking_rules = pkgs.writeText "cloaking_rules.txt" ( + lib.strings.concatStringsSep "\n" ( + lib.attrsets.mapAttrsToList (name: ip: "${name} ${ip}") cfg.cloaking-rules + ) + ); }; }; }; diff --git a/modules/services/nix-build-farm/default.nix b/modules/services/nix-build-farm/default.nix index 54b6559..3c51da1 100644 --- a/modules/services/nix-build-farm/default.nix +++ b/modules/services/nix-build-farm/default.nix @@ -40,20 +40,24 @@ in in { nix.distributedBuilds = true; - nix.buildMachines = lib.mapAttrsToList - (name: host: { + nix.buildMachines = lib.mapAttrsToList ( + name: host: + { hostName = host.host; sshUser = build-user; sshKey = cfg.privateKeyFile; - } // host.builder) - otherBuilders; + } + // host.builder + ) otherBuilders; users = mkIf (isBuilder host) { users.${build-user} = { description = "Nix build farm user"; group = build-user; isNormalUser = true; - openssh.authorizedKeys.keys = lib.mapAttrsToList (_: host: ''from="${cfg.ipAddrs}" ${host.pubKey}'') otherHosts; + openssh.authorizedKeys.keys = lib.mapAttrsToList ( + _: host: ''from="${cfg.ipAddrs}" ${host.pubKey}'' + ) otherHosts; }; groups.${build-user} = { }; }; @@ -62,5 +66,3 @@ in } ); } - - diff --git a/modules/services/nix-build-farm/hosts.nix b/modules/services/nix-build-farm/hosts.nix index 8271634..5f4a7f9 100644 --- a/modules/services/nix-build-farm/hosts.nix +++ b/modules/services/nix-build-farm/hosts.nix @@ -10,10 +10,18 @@ builder = { publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUhiVTh2NlNBa0kyOTBCc1QzVG1IRVVJQWdXcVFyNm9jRmpjakRRczRoT2ggcm9vdEBrYWdhbWlQQwo="; - systems = [ "x86_64-linux" "aarch64-linux" ]; + systems = [ + "x86_64-linux" + "aarch64-linux" + ]; maxJobs = 16; speedFactor = 2; - supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; + supportedFeatures = [ + "nixos-test" + "benchmark" + "big-parallel" + "kvm" + ]; }; }; @@ -28,10 +36,18 @@ builder = { publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUdOUlBCVFRkNTVVMXY1U1Jac0FjYVdhS3JGZTY0ZjIxOVViODVTQ2NWd28gcm9vdEBua2ktZnJhbWV3b3JrCg=="; - systems = [ "x86_64-linux" "aarch64-linux" ]; + systems = [ + "x86_64-linux" + "aarch64-linux" + ]; maxJobs = 16; speedFactor = 3; - supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; + supportedFeatures = [ + "nixos-test" + "benchmark" + "big-parallel" + "kvm" + ]; }; }; } diff --git a/modules/services/nix-cache/default.nix b/modules/services/nix-cache/default.nix index 1928ef0..bbf2601 100644 --- a/modules/services/nix-cache/default.nix +++ b/modules/services/nix-cache/default.nix @@ -1,6 +1,18 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: -with { inherit (lib) mkEnableOption mkOption types mkIf; }; +with { + inherit (lib) + mkEnableOption + mkOption + types + mkIf + ; +}; let cfg = config.nki.services.nix-cache; diff --git a/modules/services/swaylock.nix b/modules/services/swaylock.nix index 5aa73e0..82f3754 100644 --- a/modules/services/swaylock.nix +++ b/modules/services/swaylock.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let cfg = config.services.swaylock; diff --git a/nki-framework/configuration.nix b/nki-framework/configuration.nix index 2b34a6a..f1aee13 100644 --- a/nki-framework/configuration.nix +++ b/nki-framework/configuration.nix @@ -2,26 +2,32 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Encrypted DNS - ../modules/services/edns - # Wireless card - ./wireless.nix - ]; + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Fonts + ../modules/personal/fonts + # Encrypted DNS + ../modules/services/edns + # Wireless card + ./wireless.nix + ]; # Sops common.linux.sops.enable = true; common.linux.sops.file = ./secrets.yaml; - sops.secrets."nix-build-farm/private-key" = { mode = "0400"; }; + sops.secrets."nix-build-farm/private-key" = { + mode = "0400"; + }; services.nix-build-farm.hostname = "framework"; services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path; @@ -94,7 +100,6 @@ bindPort = 6565; }; - # Secrets # sops.defaultSopsFile = ./secrets.yaml; # sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; @@ -129,4 +134,3 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.05"; # Did you read the comment? } - diff --git a/nki-framework/hardware-configuration.nix b/nki-framework/hardware-configuration.nix index c814573..d972738 100644 --- a/nki-framework/hardware-configuration.nix +++ b/nki-framework/hardware-configuration.nix @@ -1,15 +1,26 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "thunderbolt" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.kernelParams = [ @@ -18,12 +29,14 @@ "resume_offset=5776640" # btrfs inspect-internal map-swapfile -r /var/swapfile ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; - fsType = "btrfs"; - options = [ "subvol=root" "compress=zstd" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; + fsType = "btrfs"; + options = [ + "subvol=root" + "compress=zstd" + ]; + }; services.btrfs.autoScrub = { enable = true; interval = "monthly"; @@ -31,28 +44,35 @@ common.linux.luksDevices."cryptroot" = "/dev/disk/by-uuid/94226aae-6d1c-401a-bfad-3aa5f371a365"; - fileSystems."/home" = - { - device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; - fsType = "btrfs"; - options = [ "subvol=home" "compress=zstd" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; + fsType = "btrfs"; + options = [ + "subvol=home" + "compress=zstd" + ]; + }; - fileSystems."/nix" = - { - device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; - fsType = "btrfs"; - options = [ "subvol=nix" "compress=zstd" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; + fsType = "btrfs"; + options = [ + "subvol=nix" + "compress=zstd" + ]; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/6A0E-4D23"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/6A0E-4D23"; + fsType = "vfat"; + }; swapDevices = [ - { device = "/var/swapfile"; size = 32 * 1024; priority = 10; } + { + device = "/var/swapfile"; + size = 32 * 1024; + priority = 10; + } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/nki-framework/wireless.nix b/nki-framework/wireless.nix index c0b09aa..30b1fdd 100644 --- a/nki-framework/wireless.nix +++ b/nki-framework/wireless.nix @@ -1,4 +1,5 @@ -{ pkgs, lib, ... }: { +{ pkgs, lib, ... }: +{ environment.systemPackages = with pkgs; [ iw ]; # Disable power_save on boot services.udev.packages = [ diff --git a/nki-home/audio/default.nix b/nki-home/audio/default.nix index 2d149c8..4a25566 100644 --- a/nki-home/audio/default.nix +++ b/nki-home/audio/default.nix @@ -1,4 +1,10 @@ -{ config, pkgs, lib, ... }: { +{ + config, + pkgs, + lib, + ... +}: +{ environment.etc = { "wireplumber/wireplumber.conf.d/51-sdac.conf".source = ./sdac.conf.json; }; diff --git a/nki-home/configuration.nix b/nki-home/configuration.nix index 5adebe4..ef8fc7b 100644 --- a/nki-home/configuration.nix +++ b/nki-home/configuration.nix @@ -2,33 +2,39 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ lib, config, pkgs, ... }: +{ + lib, + config, + pkgs, + ... +}: with lib; let - openrazer = { pkgs, ... }: { - # Razer stuff - hardware.openrazer = { - enable = true; - users = [ "nki" ]; + openrazer = + { pkgs, ... }: + { + # Razer stuff + hardware.openrazer = { + enable = true; + users = [ "nki" ]; + }; + environment.systemPackages = with pkgs; [ polychromatic ]; }; - environment.systemPackages = with pkgs; [ polychromatic ]; - }; in { - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Encrypted DNS - ../modules/services/edns - # Other services - ../modules/personal/u2f.nix - ./peertube-runner.nix - openrazer - ]; + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Fonts + ../modules/personal/fonts + # Encrypted DNS + ../modules/services/edns + # Other services + ../modules/personal/u2f.nix + ./peertube-runner.nix + openrazer + ]; # Kernel boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_stable; @@ -43,35 +49,48 @@ in common.linux.sops.file = ./secrets.yaml; # Nix cache server - sops.secrets."nix-cache/private-key" = { owner = "harmonia"; group = "harmonia"; mode = "0600"; }; + sops.secrets."nix-cache/private-key" = { + owner = "harmonia"; + group = "harmonia"; + mode = "0600"; + }; nki.services.nix-cache = { enableServer = true; privateKeyFile = config.sops.secrets."nix-cache/private-key".path; }; - sops.secrets."nix-build-farm/private-key" = { mode = "0400"; }; + sops.secrets."nix-build-farm/private-key" = { + mode = "0400"; + }; services.nix-build-farm.hostname = "home"; services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path; # Networking - common.linux.networking = - { - hostname = "kagamiPC"; # Define your hostname. - networks = { - "10-wired" = { - match = "enp*"; - isRequired = true; - }; - "20-wireless".match = "wlan*"; + common.linux.networking = { + hostname = "kagamiPC"; # Define your hostname. + networks = { + "10-wired" = { + match = "enp*"; + isRequired = true; }; - dnsServers = [ "127.0.0.1" ]; + "20-wireless".match = "wlan*"; }; + dnsServers = [ "127.0.0.1" ]; + }; nki.services.edns.enable = true; nki.services.edns.ipv6 = true; ## DTTH Wireguard # - sops.secrets."dtth-wg/private-key" = { owner = "root"; group = "systemd-network"; mode = "0640"; }; - sops.secrets."dtth-wg/preshared-key" = { owner = "root"; group = "systemd-network"; mode = "0640"; }; + sops.secrets."dtth-wg/private-key" = { + owner = "root"; + group = "systemd-network"; + mode = "0640"; + }; + sops.secrets."dtth-wg/preshared-key" = { + owner = "root"; + group = "systemd-network"; + mode = "0640"; + }; systemd.network.netdevs."10-dtth-wg" = { netdevConfig = { Kind = "wireguard"; @@ -81,25 +100,36 @@ in wireguardConfig = { PrivateKeyFile = config.sops.secrets."dtth-wg/private-key".path; }; - wireguardPeers = [{ - PublicKey = "+7iI4jwmM1Qr+/DKB1Hv8JgFkGu7lSV0PAoo+O5d3yQ="; - PresharedKeyFile = config.sops.secrets."dtth-wg/preshared-key".path; - AllowedIPs = [ "100.64.0.0/10" "fd00::/106" ]; - Endpoint = "vpn.dtth.ch:51820"; - PersistentKeepalive = 25; - }]; + wireguardPeers = [ + { + PublicKey = "+7iI4jwmM1Qr+/DKB1Hv8JgFkGu7lSV0PAoo+O5d3yQ="; + PresharedKeyFile = config.sops.secrets."dtth-wg/preshared-key".path; + AllowedIPs = [ + "100.64.0.0/10" + "fd00::/106" + ]; + Endpoint = "vpn.dtth.ch:51820"; + PersistentKeepalive = 25; + } + ]; }; systemd.network.networks."dtth-wg" = { matchConfig.Name = "dtth-wg"; - address = [ "100.73.146.80/32" "fd00::33:105b/128" ]; + address = [ + "100.73.146.80/32" + "fd00::33:105b/128" + ]; DHCP = "no"; routes = [ - { Destination = "100.64.0.0/10"; Scope = "link"; } + { + Destination = "100.64.0.0/10"; + Scope = "link"; + } { Destination = "fd00::/106"; } ]; }; - # Define a user account. + # Define a user account. common.linux.username = "nki"; services.getty.autologinUser = "nki"; @@ -117,7 +147,11 @@ in ntfsMount = path: { device = path; fsType = "ntfs"; - options = [ "rw" "uid=${toString config.users.users.nki.uid}" "nofail" ]; + options = [ + "rw" + "uid=${toString config.users.users.nki.uid}" + "nofail" + ]; }; in { @@ -149,7 +183,6 @@ in bindPort = 6565; }; - # Music server services.navidrome.enable = true; services.navidrome.settings = { @@ -157,7 +190,10 @@ in MusicFolder = "/mnt/Stuff/Music"; }; systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = lib.mkAfter [ "/etc" ]; - networking.firewall.allowedTCPPorts = [ 4533 8000 ]; + networking.firewall.allowedTCPPorts = [ + 4533 + 8000 + ]; # Printers services.printing.enable = true; @@ -201,4 +237,3 @@ in virtualisation.spiceUSBRedirection.enable = true; } - diff --git a/nki-home/hardware-configuration.nix b/nki-home/hardware-configuration.nix index 35a97ec..de0dabf 100644 --- a/nki-home/hardware-configuration.nix +++ b/nki-home/hardware-configuration.nix @@ -1,42 +1,57 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ./audio - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ./audio + ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" "amdgpu" ]; + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ + "dm-snapshot" + "amdgpu" + ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/32a74827-4624-43ef-b066-b52e1f11793d"; - fsType = "ext4"; - }; - fileSystems."/home/nki/Projects" = - { - device = "/dev/disk/by-uuid/025cb533-e21b-47f2-b7d5-322b7b95b831"; - fsType = "btrfs"; - options = [ "compress=zstd" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/32a74827-4624-43ef-b066-b52e1f11793d"; + fsType = "ext4"; + }; + fileSystems."/home/nki/Projects" = { + device = "/dev/disk/by-uuid/025cb533-e21b-47f2-b7d5-322b7b95b831"; + fsType = "btrfs"; + options = [ "compress=zstd" ]; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/549C-7877"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/549C-7877"; + fsType = "vfat"; + }; fileSystems."/mnt/steam" = { device = "/dev/disk/by-uuid/d1db9f65-6add-4714-b9d7-16e16f687396"; fsType = "btrfs"; - options = [ "compress=zstd" "subvol=steam" ]; + options = [ + "compress=zstd" + "subvol=steam" + ]; encrypted = { enable = true; label = "encdata"; @@ -45,8 +60,7 @@ }; }; - swapDevices = - [{ device = "/dev/disk/by-uuid/561f6441-1915-4059-a5e1-76a449b0c9bf"; }]; + swapDevices = [ { device = "/dev/disk/by-uuid/561f6441-1915-4059-a5e1-76a449b0c9bf"; } ]; # bluetooth usb hardware.firmware = [ pkgs.rtl8761b-firmware ]; diff --git a/nki-home/peertube-runner.nix b/nki-home/peertube-runner.nix index 5845046..73172b1 100644 --- a/nki-home/peertube-runner.nix +++ b/nki-home/peertube-runner.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let user = "peertube-runner-nodejs"; instance = "systemd-instance"; @@ -27,8 +32,8 @@ in runnerName = "kagamipc" ''; - environment.etc."${user}/${instance}/config.toml".source = config.sops.templates."peertube-config.toml".path; - + environment.etc."${user}/${instance}/config.toml".source = + config.sops.templates."peertube-config.toml".path; systemd.services.peertube-runner = { description = "PeerTube runner daemon"; @@ -36,20 +41,19 @@ in after = [ "network.target" ]; requires = [ ]; - serviceConfig = - { - ExecStart = "${lib.getExe' pkgs.peertube.runner "peertube-runner"} server --id ${instance}"; - User = user; - RuntimeDirectory = user; - StateDirectory = user; - CacheDirectory = user; - # Hardening - ProtectSystem = "full"; - PrivateDevices = false; - NoNewPrivileges = true; - ProtectHome = true; - CapabilityBoundingSet = "~CAP_SYS_ADMIN"; - }; + serviceConfig = { + ExecStart = "${lib.getExe' pkgs.peertube.runner "peertube-runner"} server --id ${instance}"; + User = user; + RuntimeDirectory = user; + StateDirectory = user; + CacheDirectory = user; + # Hardening + ProtectSystem = "full"; + PrivateDevices = false; + NoNewPrivileges = true; + ProtectHome = true; + CapabilityBoundingSet = "~CAP_SYS_ADMIN"; + }; environment = { NODE_ENV = "production"; @@ -61,7 +65,9 @@ in XDG_STATE_HOME = "/var/lib"; }; - path = with pkgs; [ nodejs ffmpeg ]; + path = with pkgs; [ + nodejs + ffmpeg + ]; }; } - diff --git a/nki-personal-do/configuration.nix b/nki-personal-do/configuration.nix index 6cffe4c..3cf6d35 100644 --- a/nki-personal-do/configuration.nix +++ b/nki-personal-do/configuration.nix @@ -1,4 +1,10 @@ -{ pkgs, config, lib, ... }: { +{ + pkgs, + config, + lib, + ... +}: +{ imports = [ ./hardware-configuration.nix @@ -88,13 +94,19 @@ services.my-tinc.rsaPrivateKey = config.sops.secrets."tinc/rsa-private-key".path; services.my-tinc.ed25519PrivateKey = config.sops.secrets."tinc/ed25519-private-key".path; - sops.secrets."nix-build-farm/private-key" = { mode = "0400"; }; + sops.secrets."nix-build-farm/private-key" = { + mode = "0400"; + }; services.nix-build-farm.hostname = "home"; services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path; # Set up traefik - sops.secrets.cloudflare-dns-api-token = { owner = "traefik"; }; - sops.secrets.traefik-dashboard-users = { owner = "traefik"; }; + sops.secrets.cloudflare-dns-api-token = { + owner = "traefik"; + }; + sops.secrets.traefik-dashboard-users = { + owner = "traefik"; + }; cloud.traefik.cloudflareKeyFile = config.sops.secrets.cloudflare-dns-api-token.path; cloud.traefik.dashboard = { enable = true; @@ -108,9 +120,19 @@ settings.HOST = "127.0.0.1"; settings.PORT = "16904"; }; - cloud.traefik.hosts.uptime-kuma = { host = "status.nkagami.me"; port = 16904; noCloudflare = true; }; - cloud.traefik.hosts.uptime-kuma-dtth = { host = "status.dtth.ch"; port = 16904; }; - cloud.traefik.hosts.uptime-kuma-codefun = { host = "status.codefun.vn"; port = 16904; }; + cloud.traefik.hosts.uptime-kuma = { + host = "status.nkagami.me"; + port = 16904; + noCloudflare = true; + }; + cloud.traefik.hosts.uptime-kuma-dtth = { + host = "status.dtth.ch"; + port = 16904; + }; + cloud.traefik.hosts.uptime-kuma-codefun = { + host = "status.codefun.vn"; + port = 16904; + }; # Bitwarden sops.secrets.vaultwarden-env = { }; @@ -120,7 +142,9 @@ virtualisation.arion.backend = "docker"; # Conduit - sops.secrets.heisenbridge = { owner = "heisenbridge"; }; + sops.secrets.heisenbridge = { + owner = "heisenbridge"; + }; cloud.conduit.enable = true; cloud.conduit.instances = { "nkagami" = { @@ -155,7 +179,10 @@ }; # Mail - sops.secrets.mail-users = { owner = "maddy"; reloadUnits = [ "maddy.service" ]; }; + sops.secrets.mail-users = { + owner = "maddy"; + reloadUnits = [ "maddy.service" ]; + }; cloud.mail = { enable = true; debug = true; @@ -177,7 +204,10 @@ sops.secrets.authentik-env = { }; cloud.authentik.enable = true; cloud.authentik.envFile = config.sops.secrets.authentik-env.path; - cloud.traefik.hosts.authentik = { host = "auth.dtth.ch"; port = config.cloud.authentik.port; }; + cloud.traefik.hosts.authentik = { + host = "auth.dtth.ch"; + port = config.cloud.authentik.port; + }; # Firezone sops.secrets.firezone-env = { }; @@ -197,14 +227,18 @@ }; # GoToSocial - sops.secrets.gts-env = { restartUnits = [ "gotosocial.service" ]; }; + sops.secrets.gts-env = { + restartUnits = [ "gotosocial.service" ]; + }; cloud.gotosocial = { enable = true; envFile = config.sops.secrets.gts-env.path; }; # Grist - sops.secrets."grist/env" = { restartUnits = [ "arion-grist.service" ]; }; + sops.secrets."grist/env" = { + restartUnits = [ "arion-grist.service" ]; + }; cloud.grist = { enable = true; envFile = config.sops.secrets."grist/env".path; @@ -212,9 +246,12 @@ dataDir = "/mnt/data/grist"; }; - # ntfy - cloud.traefik.hosts.ntfy-sh = { host = "ntfy.nkagami.me"; port = 11161; noCloudflare = true; }; + cloud.traefik.hosts.ntfy-sh = { + host = "ntfy.nkagami.me"; + port = 11161; + noCloudflare = true; + }; services.ntfy-sh = { enable = true; settings = { @@ -238,4 +275,3 @@ mkdir -p /var/lib/ntfy-sh/attachments ''; } - diff --git a/nki-personal-do/gitea.nix b/nki-personal-do/gitea.nix index 4410deb..957ec8f 100644 --- a/nki-personal-do/gitea.nix +++ b/nki-personal-do/gitea.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let user = "gitea"; @@ -126,7 +131,11 @@ in }; repository = { DEFAULT_PRIVATE = "private"; - PREFERRED_LICENSES = strings.concatStringsSep "," [ "AGPL-3.0-or-later" "GPL-3.0-or-later" "Apache-2.0" ]; + PREFERRED_LICENSES = strings.concatStringsSep "," [ + "AGPL-3.0-or-later" + "GPL-3.0-or-later" + "Apache-2.0" + ]; # DISABLE_HTTP_GIT = true; DEFAULT_BRANCH = "master"; ENABLE_PUSH_CREATE_USER = true; @@ -216,18 +225,17 @@ in environment.GNUPGHOME = "${config.services.gitea.stateDir}/.gnupg"; # https://github.com/NixOS/nixpkgs/commit/93c1d370db28ad4573fb9890c90164ba55391ce7 serviceConfig.SystemCallFilter = mkForce "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @setuid @swap"; - preStart = - '' - # Import the signing subkey - if cat ${config.services.forgejo.stateDir}/.gnupg/gpg.conf | grep -q ${signingKey}; then - echo "Keys already imported" - # imported - else - echo "Import your keys!" - ${pkgs.gnupg}/bin/gpg --quiet --import ${secrets."gitea/signing-key".path} - echo "trusted-key ${signingKey}" >> ${config.services.forgejo.stateDir}/.gnupg/gpg.conf - exit 1 - fi - ''; + preStart = '' + # Import the signing subkey + if cat ${config.services.forgejo.stateDir}/.gnupg/gpg.conf | grep -q ${signingKey}; then + echo "Keys already imported" + # imported + else + echo "Import your keys!" + ${pkgs.gnupg}/bin/gpg --quiet --import ${secrets."gitea/signing-key".path} + echo "trusted-key ${signingKey}" >> ${config.services.forgejo.stateDir}/.gnupg/gpg.conf + exit 1 + fi + ''; }; } diff --git a/nki-personal-do/grist.nix b/nki-personal-do/grist.nix index 93813d7..52923ed 100644 --- a/nki-personal-do/grist.nix +++ b/nki-personal-do/grist.nix @@ -1,11 +1,15 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let cfg = config.cloud.grist; - mkImage = - { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; + mkImage = { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; # If we can pullImage we can just do # mkImage = pkgs.dockerTools.pullImage; @@ -24,7 +28,12 @@ let }; }; defaultEnv = { - GRIST_HIDE_UI_ELEMENTS = lib.concatStringsSep "," [ "helpCenter" "billing" "multiAccounts" "supportGrist" ]; + GRIST_HIDE_UI_ELEMENTS = lib.concatStringsSep "," [ + "helpCenter" + "billing" + "multiAccounts" + "supportGrist" + ]; GRIST_PAGE_TITLE_SUFFIX = " - DTTH Grist"; GRIST_FORCE_LOGIN = "true"; GRIST_WIDGET_LIST_URL = "https://github.com/gristlabs/grist-widget/releases/download/latest/manifest.json"; @@ -60,7 +69,11 @@ in allowedWebhookDomains = mkOption { type = types.listOf types.str; description = "List of domains to be allowed in webhooks"; - default = [ "dtth.ch" "nkagami.me" "discord.com" ]; + default = [ + "dtth.ch" + "nkagami.me" + "discord.com" + ]; }; defaultEmail = mkOption { type = types.str; @@ -105,7 +118,10 @@ in command = "--save 60 1 --loglevel warning"; restart = "unless-stopped"; healthcheck = { - test = [ "CMD-SHELL" "valkey-cli ping | grep PONG" ]; + test = [ + "CMD-SHELL" + "valkey-cli ping | grep PONG" + ]; start_period = "20s"; interval = "30s"; retries = 5; @@ -124,4 +140,3 @@ in }; }; } - diff --git a/nki-personal-do/hardware-configuration.nix b/nki-personal-do/hardware-configuration.nix index 33d4e0f..7597e13 100644 --- a/nki-personal-do/hardware-configuration.nix +++ b/nki-personal-do/hardware-configuration.nix @@ -2,11 +2,25 @@ { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot.loader.grub.device = "/dev/sda"; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "xen_blkfront" + "vmw_pvscsi" + ]; boot.initrd.kernelModules = [ "nvme" ]; - fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; # swap - swapDevices = [{ device = "/var/swapfile"; size = 4 * 1024; priority = 1024; }]; + swapDevices = [ + { + device = "/var/swapfile"; + size = 4 * 1024; + priority = 1024; + } + ]; zramSwap.enable = true; # volumes services.btrfs.autoScrub.enable = true; diff --git a/nki-personal-do/headscale.nix b/nki-personal-do/headscale.nix index ddcd5db..26ab0d6 100644 --- a/nki-personal-do/headscale.nix +++ b/nki-personal-do/headscale.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let secrets = config.sops.secrets; @@ -7,9 +12,14 @@ let webuiPort = 19877; in rec { - sops.secrets."headscale/client_secret" = { owner = "headscale"; }; + sops.secrets."headscale/client_secret" = { + owner = "headscale"; + }; sops.secrets."headscale/webui-env" = { }; - sops.secrets."headscale/derp-servers/vnm" = { owner = "headscale"; name = "headscale/derp-servers/vnm.yaml"; }; + sops.secrets."headscale/derp-servers/vnm" = { + owner = "headscale"; + name = "headscale/derp-servers/vnm.yaml"; + }; # database cloud.postgresql.databases = [ "headscale" ]; # traefik @@ -27,8 +37,14 @@ rec { noCloudflare = true; }; - systemd.services.headscale.requires = [ "postgresql.service" "arion-authentik.service" ]; - systemd.services.headscale.after = [ "postgresql.service" "arion-authentik.service" ]; + systemd.services.headscale.requires = [ + "postgresql.service" + "arion-authentik.service" + ]; + systemd.services.headscale.after = [ + "postgresql.service" + "arion-authentik.service" + ]; services.headscale = { enable = true; inherit port; diff --git a/nki-personal-do/invidious.nix b/nki-personal-do/invidious.nix index 6169757..2d60035 100644 --- a/nki-personal-do/invidious.nix +++ b/nki-personal-do/invidious.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let ipv6-rotator = let @@ -11,7 +16,14 @@ let in pkgs.writeShellApplication { name = "smart-ipv6-rotator"; - runtimeInputs = [ (pkgs.python3.withPackages (p: with p; [ pyroute2 requests ])) ]; + runtimeInputs = [ + (pkgs.python3.withPackages ( + p: with p; [ + pyroute2 + requests + ] + )) + ]; text = '' if [ -z "$IPV6_ROTATOR_RANGE" ]; then echo "Range required" @@ -22,10 +34,17 @@ let }; in { - sops.secrets."invidious" = { mode = "0444"; }; - sops.secrets."invidious-rotator-env" = { mode = "0444"; }; + sops.secrets."invidious" = { + mode = "0444"; + }; + sops.secrets."invidious-rotator-env" = { + mode = "0444"; + }; cloud.postgresql.databases = [ "invidious" ]; - cloud.traefik.hosts.invidious = { host = "invi.dtth.ch"; port = 61191; }; + cloud.traefik.hosts.invidious = { + host = "invi.dtth.ch"; + port = 61191; + }; services.invidious = { enable = true; domain = "invi.dtth.ch"; @@ -54,8 +73,13 @@ in }; systemd.timers.smart-ipv6-rotator = { description = "Rotate ipv6 routes to Google"; - timerConfig = { OnCalendar = "*-*-* 00,06,12,18:00:00"; }; - wantedBy = [ "invidious.service" "timers.target" ]; + timerConfig = { + OnCalendar = "*-*-* 00,06,12,18:00:00"; + }; + wantedBy = [ + "invidious.service" + "timers.target" + ]; unitConfig = { }; }; systemd.services.smart-ipv6-rotator = { @@ -68,4 +92,3 @@ in }; }; } - diff --git a/nki-personal-do/miniflux.nix b/nki-personal-do/miniflux.nix index b8f3bcf..91b4e1d 100644 --- a/nki-personal-do/miniflux.nix +++ b/nki-personal-do/miniflux.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: with lib; let user = "miniflux"; @@ -42,7 +47,10 @@ in systemd.services.miniflux = { description = "Miniflux service"; wantedBy = [ "multi-user.target" ]; - after = [ "network.target" "postgresql.service" ]; + after = [ + "network.target" + "postgresql.service" + ]; requires = [ "postgresql.service" ]; serviceConfig = { @@ -72,16 +80,22 @@ in ProtectKernelModules = true; ProtectKernelTunables = true; ProtectProc = "invisible"; - RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; + RestrictAddressFamilies = [ + "AF_INET" + "AF_INET6" + "AF_UNIX" + ]; RestrictNamespaces = true; RestrictRealtime = true; RestrictSUIDSGID = true; SystemCallArchitectures = "native"; - SystemCallFilter = [ "@system-service" "~@privileged" ]; + SystemCallFilter = [ + "@system-service" + "~@privileged" + ]; UMask = "0077"; }; environment = configEnv; }; } - diff --git a/nki-personal-do/n8n.nix b/nki-personal-do/n8n.nix index 2ffad56..7da504e 100644 --- a/nki-personal-do/n8n.nix +++ b/nki-personal-do/n8n.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let secrets = config.sops.secrets; @@ -12,7 +17,9 @@ let plugins = pkgs.callPackage ./n8n/plugins/package.nix { }; in { - sops.secrets."n8n/env" = { reloadUnits = [ "n8n.service" ]; }; + sops.secrets."n8n/env" = { + reloadUnits = [ "n8n.service" ]; + }; cloud.postgresql.databases = [ db ]; cloud.traefik.hosts.n8n = { inherit port host; diff --git a/nki-personal-do/n8n/plugins/package.nix b/nki-personal-do/n8n/plugins/package.nix index 3cf4ef4..a984d03 100644 --- a/nki-personal-do/n8n/plugins/package.nix +++ b/nki-personal-do/n8n/plugins/package.nix @@ -1,4 +1,5 @@ -{ nodejs, importNpmLock }: importNpmLock.buildNodeModules { +{ nodejs, importNpmLock }: +importNpmLock.buildNodeModules { inherit nodejs; npmRoot = ./.; } diff --git a/nki-personal-do/outline.nix b/nki-personal-do/outline.nix index de5e64c..ec59add 100644 --- a/nki-personal-do/outline.nix +++ b/nki-personal-do/outline.nix @@ -1,7 +1,14 @@ -{ config, pkgs, ... }: { - sops.secrets.authentik-oidc-client-secret = { owner = "outline"; }; - sops.secrets."outline/smtp-password" = { owner = "outline"; }; - sops.secrets."outline/s3-secret-key" = { owner = "outline"; }; +{ config, pkgs, ... }: +{ + sops.secrets.authentik-oidc-client-secret = { + owner = "outline"; + }; + sops.secrets."outline/smtp-password" = { + owner = "outline"; + }; + sops.secrets."outline/s3-secret-key" = { + owner = "outline"; + }; services.outline = { enable = true; @@ -52,5 +59,8 @@ AWS_S3_R2 = "true"; AWS_S3_R2_PUBLIC_URL = "https://s3.wiki.dtth.ch"; }; - cloud.traefik.hosts.outline = { host = "wiki.dtth.ch"; port = 18729; }; + cloud.traefik.hosts.outline = { + host = "wiki.dtth.ch"; + port = 18729; + }; } diff --git a/nki-personal-do/owncast.nix b/nki-personal-do/owncast.nix index 01de844..59482d5 100644 --- a/nki-personal-do/owncast.nix +++ b/nki-personal-do/owncast.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: +{ + pkgs, + config, + lib, + ... +}: let host = "owncast.nkagami.me"; port = 61347; diff --git a/nki-personal-do/peertube.nix b/nki-personal-do/peertube.nix index e5c78c9..2a9dbee 100644 --- a/nki-personal-do/peertube.nix +++ b/nki-personal-do/peertube.nix @@ -1,4 +1,9 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let secrets = config.sops.secrets; cfg = config.services.peertube; @@ -9,8 +14,14 @@ let port = 19878; in { - sops.secrets."peertube" = { owner = cfg.user; restartUnits = [ "peertube.service" ]; }; - sops.secrets."peertube-env" = { owner = cfg.user; restartUnits = [ "peertube.service" ]; }; + sops.secrets."peertube" = { + owner = cfg.user; + restartUnits = [ "peertube.service" ]; + }; + sops.secrets."peertube-env" = { + owner = cfg.user; + restartUnits = [ "peertube.service" ]; + }; # database cloud.postgresql.databases = [ "peertube" ]; # traefik @@ -61,7 +72,9 @@ in }; # Trust proxy - settings.trust_proxy = [ "loopback" ] ++ config.services.traefik.staticConfigOptions.entrypoints.https.forwardedHeaders.trustedIPs; + settings.trust_proxy = [ + "loopback" + ] ++ config.services.traefik.staticConfigOptions.entrypoints.https.forwardedHeaders.trustedIPs; # Federation settings.federation = { @@ -70,7 +83,10 @@ in videos.cleanup_remote_interactions = true; }; - dataDirs = [ "/var/lib/peertube" "/mnt/data/peertube" ]; + dataDirs = [ + "/var/lib/peertube" + "/mnt/data/peertube" + ]; }; systemd.services.peertube = { @@ -90,4 +106,3 @@ in }; }; } - diff --git a/nki-personal-do/phanpy.nix b/nki-personal-do/phanpy.nix index b2c1438..d54a511 100644 --- a/nki-personal-do/phanpy.nix +++ b/nki-personal-do/phanpy.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let host = "social.dtth.ch"; port = 61010; @@ -6,11 +11,12 @@ in { cloud.traefik.hosts.phanpy = { inherit host port; }; services.nginx.virtualHosts.phanpy = { - listen = [{ - inherit port; - addr = "127.0.0.1"; - }]; + listen = [ + { + inherit port; + addr = "127.0.0.1"; + } + ]; root = "${pkgs.dtth-phanpy}/lib/phanpy"; }; } - diff --git a/nki-personal-do/synapse.nix b/nki-personal-do/synapse.nix index e6a058b..36e6632 100644 --- a/nki-personal-do/synapse.nix +++ b/nki-personal-do/synapse.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let port = 61001; user = "matrix-synapse"; @@ -10,7 +15,9 @@ in { sops.secrets."matrix-synapse-dtth/oidc-config".owner = user; sops.secrets."matrix-synapse-dtth/appservice-discord".owner = user; - sops.secrets.matrix-discord-bridge = { mode = "0644"; }; + sops.secrets.matrix-discord-bridge = { + mode = "0644"; + }; cloud.postgresql.databases = [ user ]; cloud.traefik.hosts.matrix-synapse = { @@ -29,20 +36,33 @@ in enable = true; withJemalloc = true; dataDir = "${config.fileSystems.data.mountPoint}/matrix-synapse-dtth"; - extras = [ "systemd" "url-preview" "oidc" "postgres" ]; + extras = [ + "systemd" + "url-preview" + "oidc" + "postgres" + ]; settings = { server_name = "dtth.ch"; enable_registration = false; public_baseurl = "https://${host}/"; - listeners = [{ - inherit port; - x_forwarded = true; - tls = false; - resources = [ - { names = [ "client" "federation" ]; compress = false; } - ]; - }]; + listeners = [ + { + inherit port; + x_forwarded = true; + tls = false; + resources = [ + { + names = [ + "client" + "federation" + ]; + compress = false; + } + ]; + } + ]; database = { name = "psycopg2"; args = { @@ -96,25 +116,32 @@ in }; services.nginx.virtualHosts.synapse-dtth-wellknown = { - listen = [{ addr = "127.0.0.1"; port = port + 1; }]; + listen = [ + { + addr = "127.0.0.1"; + port = port + 1; + } + ]; # Check https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md # for the file structure. - root = pkgs.symlinkJoin - { - name = "well-known-files-for-synapse"; - paths = [ - (pkgs.writeTextDir ".well-known/matrix/client" (builtins.toJSON { + root = pkgs.symlinkJoin { + name = "well-known-files-for-synapse"; + paths = [ + (pkgs.writeTextDir ".well-known/matrix/client" ( + builtins.toJSON { "m.homeserver".base_url = "https://${host}"; - })) - (pkgs.writeTextDir ".well-known/matrix/server" (builtins.toJSON { + } + )) + (pkgs.writeTextDir ".well-known/matrix/server" ( + builtins.toJSON { "m.server" = "${host}:443"; - })) - ]; - }; + } + )) + ]; + }; # Enable CORS from anywhere since we want all clients to find us out extraConfig = '' add_header 'Access-Control-Allow-Origin' "*"; ''; }; } - diff --git a/nki-personal-do/vikunja.nix b/nki-personal-do/vikunja.nix index 10afe17..62cfd26 100644 --- a/nki-personal-do/vikunja.nix +++ b/nki-personal-do/vikunja.nix @@ -1,4 +1,9 @@ -{ pkgs, lib, config, ... }: +{ + pkgs, + lib, + config, + ... +}: let secrets = config.sops.secrets; @@ -9,8 +14,12 @@ let storageMount = "/mnt/data/vikunja"; in { - sops.secrets."vikunja/env" = { restartUnits = [ "vikunja.service" ]; }; - sops.secrets."vikunja/provider-clientsecret" = { restartUnits = [ "vikunja.service" ]; }; + sops.secrets."vikunja/env" = { + restartUnits = [ "vikunja.service" ]; + }; + sops.secrets."vikunja/provider-clientsecret" = { + restartUnits = [ "vikunja.service" ]; + }; cloud.postgresql.databases = [ user ]; cloud.traefik.hosts.vikunja = { inherit port host; @@ -23,7 +32,6 @@ in }; users.groups."${user}" = { }; - services.vikunja = { inherit port; enable = true; @@ -81,7 +89,11 @@ in }; systemd.services.vikunja = { - serviceConfig.LoadCredential = [ "VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHENTIK_CLIENTSECRET_FILE:${secrets."vikunja/provider-clientsecret".path}" ]; + serviceConfig.LoadCredential = [ + "VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHENTIK_CLIENTSECRET_FILE:${ + secrets."vikunja/provider-clientsecret".path + }" + ]; serviceConfig.User = user; serviceConfig.DynamicUser = lib.mkForce false; serviceConfig.ReadWritePaths = [ storageMount ]; @@ -96,4 +108,3 @@ in mode = "0700"; }; } - diff --git a/nki-personal-do/writefreely.nix b/nki-personal-do/writefreely.nix index ce89430..9072df2 100644 --- a/nki-personal-do/writefreely.nix +++ b/nki-personal-do/writefreely.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: with lib; let host = "blog.dtth.ch"; @@ -11,7 +16,9 @@ in # traefik cloud.traefik.hosts.writefreely-dtth = { inherit host port; }; - sops.secrets."writefreely-oauth-secret" = { owner = user; }; + sops.secrets."writefreely-oauth-secret" = { + owner = user; + }; users.users.${user} = { isSystemUser = true; @@ -65,16 +72,18 @@ in tokenEndpoint = "/application/o/token/"; inspectEndpoint = "/application/o/userinfo/"; authEndpoint = "/application/o/authorize/"; - scopes = [ "email" "openid" "profile" ]; + scopes = [ + "email" + "openid" + "profile" + ]; mapUserId = "nickname"; mapUsername = "preferred_username"; mapDisplayName = "name"; }; - database.type = "sqlite3"; admin.name = "nki"; }; } - diff --git a/nki-personal-do/writefreely/module.nix b/nki-personal-do/writefreely/module.nix index 9ffb339..b7f33ae 100644 --- a/nki-personal-do/writefreely/module.nix +++ b/nki-personal-do/writefreely/module.nix @@ -1,21 +1,36 @@ -{ config, lib, pkgs, ... }: +{ + config, + lib, + pkgs, + ... +}: let inherit (builtins) toString; - inherit (lib) types mkIf mkOption mkDefault; - inherit (lib) optional optionals optionalAttrs optionalString; + inherit (lib) + types + mkIf + mkOption + mkDefault + ; + inherit (lib) + optional + optionals + optionalAttrs + optionalString + ; inherit (pkgs) sqlite; format = pkgs.formats.ini { - mkKeyValue = key: value: + mkKeyValue = + key: value: let - value' = lib.optionalString (value != null) - (if builtins.isBool value then - if value == true then "true" else "false" - else - toString value); - in "${key} = ${value'}"; + value' = lib.optionalString (value != null) ( + if builtins.isBool value then if value == true then "true" else "false" else toString value + ); + in + "${key} = ${value'}"; }; cfg = config.nki.services.writefreely; @@ -31,49 +46,58 @@ let host = cfg.settings.app.host or "${hostProtocol}://${cfg.host}"; }; - database = if cfg.database.type == "sqlite3" then { - type = "sqlite3"; - filename = cfg.settings.database.filename or "writefreely.db"; - database = cfg.database.name; - } else { - type = "mysql"; - username = cfg.database.user; - password = "#dbpass#"; - database = cfg.database.name; - host = cfg.database.host; - port = cfg.database.port; - tls = cfg.database.tls; - }; + database = + if cfg.database.type == "sqlite3" then + { + type = "sqlite3"; + filename = cfg.settings.database.filename or "writefreely.db"; + database = cfg.database.name; + } + else + { + type = "mysql"; + username = cfg.database.user; + password = "#dbpass#"; + database = cfg.database.name; + host = cfg.database.host; + port = cfg.database.port; + tls = cfg.database.tls; + }; server = cfg.settings.server or { } // { bind = cfg.settings.server.bind or "localhost"; gopher_port = cfg.settings.server.gopher_port or 0; autocert = !cfg.nginx.enable && cfg.acme.enable; - templates_parent_dir = - cfg.settings.server.templates_parent_dir or cfg.package.src; + templates_parent_dir = cfg.settings.server.templates_parent_dir or cfg.package.src; static_parent_dir = cfg.settings.server.static_parent_dir or assets; - pages_parent_dir = - cfg.settings.server.pages_parent_dir or cfg.package.src; + pages_parent_dir = cfg.settings.server.pages_parent_dir or cfg.package.src; keys_parent_dir = cfg.settings.server.keys_parent_dir or cfg.stateDir; }; - "oauth.generic" = cfg.settings."oauth.generic" or { } // (if cfg.oauth.enable then { - client_id = cfg.oauth.clientId; - client_secret = "#oauth_client_secret#"; - host = cfg.oauth.host; - display_name = cfg.oauth.displayName; - callback_proxy = cfg.oauth.callbackProxy; - callback_proxy_api = cfg.oauth.callbackProxyApi; - token_endpoint = cfg.oauth.tokenEndpoint; - inspect_endpoint = cfg.oauth.inspectEndpoint; - auth_endpoint = cfg.oauth.authEndpoint; - scope = lib.concatStringsSep " " cfg.oauth.scopes; - allow_disconnect = cfg.oauth.allowDisconnect; - map_user_id = cfg.oauth.mapUserId; - map_username = cfg.oauth.mapUsername; - map_display_name = cfg.oauth.mapDisplayName; - map_email = cfg.oauth.mapEmail; - } else { }); + "oauth.generic" = + cfg.settings."oauth.generic" or { } + // ( + if cfg.oauth.enable then + { + client_id = cfg.oauth.clientId; + client_secret = "#oauth_client_secret#"; + host = cfg.oauth.host; + display_name = cfg.oauth.displayName; + callback_proxy = cfg.oauth.callbackProxy; + callback_proxy_api = cfg.oauth.callbackProxyApi; + token_endpoint = cfg.oauth.tokenEndpoint; + inspect_endpoint = cfg.oauth.inspectEndpoint; + auth_endpoint = cfg.oauth.authEndpoint; + scope = lib.concatStringsSep " " cfg.oauth.scopes; + allow_disconnect = cfg.oauth.allowDisconnect; + map_user_id = cfg.oauth.mapUserId; + map_username = cfg.oauth.mapUsername; + map_display_name = cfg.oauth.mapDisplayName; + map_email = cfg.oauth.mapEmail; + } + else + { } + ); }; configFile = format.generate "config.ini" settings; @@ -104,13 +128,9 @@ let withConfigFile = text: '' db_pass=${ - optionalString (cfg.database.passwordFile != null) - "$(head -n1 ${cfg.database.passwordFile})" - } - oauth_client_secret=${ - optionalString cfg.oauth.enable - "$(head -n1 ${cfg.oauth.clientSecretFile})" + optionalString (cfg.database.passwordFile != null) "$(head -n1 ${cfg.database.passwordFile})" } + oauth_client_secret=${optionalString cfg.oauth.enable "$(head -n1 ${cfg.oauth.clientSecretFile})"} cp -f ${configFile} '${cfg.stateDir}/config.ini' sed -e "s,#dbpass#,$db_pass,g" -i '${cfg.stateDir}/config.ini' @@ -120,7 +140,8 @@ let ${text} ''; - withMysql = text: + withMysql = + text: withConfigFile '' query () { local result=$(${config.services.mysql.package}/bin/mysql \ @@ -139,7 +160,8 @@ let ${text} ''; - withSqlite = text: + withSqlite = + text: withConfigFile '' query () { local result=$(${sqlite}/bin/sqlite3 \ @@ -152,10 +174,10 @@ let ${text} ''; -in { +in +{ options.nki.services.writefreely = { - enable = - lib.mkEnableOption "Writefreely, build a digital writing community"; + enable = lib.mkEnableOption "Writefreely, build a digital writing community"; package = lib.mkOption { type = lib.types.package; @@ -223,7 +245,10 @@ in { database = { type = mkOption { - type = types.enum [ "sqlite3" "mysql" ]; + type = types.enum [ + "sqlite3" + "mysql" + ]; default = "sqlite3"; description = "The database provider to use."; }; @@ -416,13 +441,11 @@ in { } { assertion = isMysqlLocal -> cfg.database.passwordFile != null; - message = - "services.writefreely.database.passwordFile must be set if services.writefreely.database.createLocally is set to true"; + message = "services.writefreely.database.passwordFile must be set if services.writefreely.database.createLocally is set to true"; } { assertion = isSqlite -> !cfg.database.createLocally; - message = - "services.writefreely.database.createLocally has no use when services.writefreely.database.type is set to sqlite3"; + message = "services.writefreely.database.createLocally has no use when services.writefreely.database.type is set to sqlite3"; } ]; @@ -435,8 +458,7 @@ in { }; }; - groups = - optionalAttrs (cfg.group == "writefreely") { writefreely = { }; }; + groups = optionalAttrs (cfg.group == "writefreely") { writefreely = { }; }; }; systemd.tmpfiles.settings."10-writefreely".${cfg.stateDir}.d = { @@ -445,7 +467,8 @@ in { }; systemd.services.writefreely = { - after = [ "network.target" ] + after = + [ "network.target" ] ++ optional isSqlite "writefreely-sqlite-init.service" ++ optional isMysql "writefreely-mysql-init.service" ++ optional isMysqlLocal "mysql.service"; @@ -458,10 +481,8 @@ in { WorkingDirectory = cfg.stateDir; Restart = "always"; RestartSec = 20; - ExecStart = - "${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' serve"; - AmbientCapabilities = - optionalString (settings.server.port < 1024) "cap_net_bind_service"; + ExecStart = "${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' serve"; + AmbientCapabilities = optionalString (settings.server.port < 1024) "cap_net_bind_service"; }; preStart = '' @@ -485,31 +506,32 @@ in { User = cfg.user; Group = cfg.group; WorkingDirectory = cfg.stateDir; - ReadOnlyPaths = optional (cfg.admin.initialPasswordFile != null) - cfg.admin.initialPasswordFile; + ReadOnlyPaths = optional (cfg.admin.initialPasswordFile != null) cfg.admin.initialPasswordFile; }; - script = let - migrateDatabase = optionalString cfg.database.migrate '' - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate - ''; + script = + let + migrateDatabase = optionalString cfg.database.migrate '' + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate + ''; - createAdmin = optionalString (cfg.admin.name != null) '' - if [[ $(query "SELECT COUNT(*) FROM users") == 0 ]]; then - admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile}) + createAdmin = optionalString (cfg.admin.name != null) '' + if [[ $(query "SELECT COUNT(*) FROM users") == 0 ]]; then + admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile}) - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass + fi + ''; + in + withSqlite '' + if ! test -f '${settings.database.filename}'; then + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init fi + + ${migrateDatabase} + + ${createAdmin} ''; - in withSqlite '' - if ! test -f '${settings.database.filename}'; then - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init - fi - - ${migrateDatabase} - - ${createAdmin} - ''; }; systemd.services.writefreely-mysql-init = mkIf isMysql { @@ -521,57 +543,61 @@ in { User = cfg.user; Group = cfg.group; WorkingDirectory = cfg.stateDir; - ReadOnlyPaths = optional isMysqlLocal cfg.database.passwordFile - ++ optional (cfg.admin.initialPasswordFile != null) - cfg.admin.initialPasswordFile; + ReadOnlyPaths = + optional isMysqlLocal cfg.database.passwordFile + ++ optional (cfg.admin.initialPasswordFile != null) cfg.admin.initialPasswordFile; }; - script = let - updateUser = optionalString isMysqlLocal '' - # WriteFreely currently *requires* a password for authentication, so we - # need to update the user in MySQL accordingly. By default MySQL users - # authenticate with auth_socket or unix_socket. - # See: https://github.com/writefreely/writefreely/issues/568 - ${config.services.mysql.package}/bin/mysql --skip-column-names --execute "ALTER USER '${cfg.database.user}'@'localhost' IDENTIFIED VIA unix_socket OR mysql_native_password USING PASSWORD('$db_pass'); FLUSH PRIVILEGES;" - ''; + script = + let + updateUser = optionalString isMysqlLocal '' + # WriteFreely currently *requires* a password for authentication, so we + # need to update the user in MySQL accordingly. By default MySQL users + # authenticate with auth_socket or unix_socket. + # See: https://github.com/writefreely/writefreely/issues/568 + ${config.services.mysql.package}/bin/mysql --skip-column-names --execute "ALTER USER '${cfg.database.user}'@'localhost' IDENTIFIED VIA unix_socket OR mysql_native_password USING PASSWORD('$db_pass'); FLUSH PRIVILEGES;" + ''; - migrateDatabase = optionalString cfg.database.migrate '' - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate - ''; + migrateDatabase = optionalString cfg.database.migrate '' + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate + ''; - createAdmin = optionalString (cfg.admin.name != null) '' - if [[ $(query 'SELECT COUNT(*) FROM users') == 0 ]]; then - admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile}) - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass + createAdmin = optionalString (cfg.admin.name != null) '' + if [[ $(query 'SELECT COUNT(*) FROM users') == 0 ]]; then + admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile}) + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass + fi + ''; + in + withMysql '' + ${updateUser} + + if [[ $(query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '${cfg.database.name}'") == 0 ]]; then + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init fi + + ${migrateDatabase} + + ${createAdmin} ''; - in withMysql '' - ${updateUser} - - if [[ $(query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '${cfg.database.name}'") == 0 ]]; then - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init - fi - - ${migrateDatabase} - - ${createAdmin} - ''; }; services.mysql = mkIf isMysqlLocal { enable = true; package = mkDefault pkgs.mariadb; ensureDatabases = [ cfg.database.name ]; - ensureUsers = [{ - name = cfg.database.user; - ensurePermissions = { - "${cfg.database.name}.*" = "ALL PRIVILEGES"; - # WriteFreely requires the use of passwords, so we need permissions - # to `ALTER` the user to add password support and also to reload - # permissions so they can be used. - "*.*" = "CREATE USER, RELOAD"; - }; - }]; + ensureUsers = [ + { + name = cfg.database.user; + ensurePermissions = { + "${cfg.database.name}.*" = "ALL PRIVILEGES"; + # WriteFreely requires the use of passwords, so we need permissions + # to `ALTER` the user to add password support and also to reload + # permissions so they can be used. + "*.*" = "CREATE USER, RELOAD"; + }; + } + ]; }; services.nginx = lib.mkIf cfg.nginx.enable { diff --git a/nki-x1c1/configuration.nix b/nki-x1c1/configuration.nix index 43d62e5..731032f 100644 --- a/nki-x1c1/configuration.nix +++ b/nki-x1c1/configuration.nix @@ -5,15 +5,14 @@ { config, pkgs, ... }: { - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Some PAM stuff - ../modules/services/swaylock.nix - ]; + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Fonts + ../modules/personal/fonts + # Some PAM stuff + ../modules/services/swaylock.nix + ]; # Use the latest kernel boot.kernelPackages = pkgs.linuxPackages_latest; @@ -54,7 +53,6 @@ services.xserver.enable = true; services.xserver.autorun = false; - # Enable the Plasma 5 Desktop Environment. # services.xserver.displayManager.sddm.enable = true; # services.xserver.desktopManager.plasma5.enable = true; @@ -65,13 +63,18 @@ fi ''; - # Configure keymap in X11 # services.xserver.layout = "us"; # services.xserver.xkbOptions = "eurosign:e"; i18n.inputMethod.enabled = "ibus"; - i18n.inputMethod.ibus.engines = (with pkgs.ibus-engines; [ bamboo mozc libpinyin ]); - + i18n.inputMethod.ibus.engines = ( + with pkgs.ibus-engines; + [ + bamboo + mozc + libpinyin + ] + ); # Enable CUPS to print documents. # services.printing.enable = true; diff --git a/nki-x1c1/hardware-configuration.nix b/nki-x1c1/hardware-configuration.nix index d710fdc..9931e88 100644 --- a/nki-x1c1/hardware-configuration.nix +++ b/nki-x1c1/hardware-configuration.nix @@ -1,39 +1,47 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ehci_pci" + "ahci" + "usb_storage" + "sd_mod" + "sdhci_pci" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/bc8b0807-c3d6-4893-bcc2-02f059a51a80"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/bc8b0807-c3d6-4893-bcc2-02f059a51a80"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/885D-D058"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/885D-D058"; + fsType = "vfat"; + }; - fileSystems."/home" = - { - device = "/dev/disk/by-uuid/a981870f-db1d-4441-81da-f1bab1ecc37c"; - fsType = "btrfs"; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/a981870f-db1d-4441-81da-f1bab1ecc37c"; + fsType = "btrfs"; + }; - swapDevices = - [{ device = "/dev/disk/by-uuid/2694d189-2ff6-4719-a449-367c52ed3ad6"; }]; + swapDevices = [ { device = "/dev/disk/by-uuid/2694d189-2ff6-4719-a449-367c52ed3ad6"; } ]; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/nki-yoga-g8/configuration.nix b/nki-yoga-g8/configuration.nix index 3baaf24..4954b17 100644 --- a/nki-yoga-g8/configuration.nix +++ b/nki-yoga-g8/configuration.nix @@ -5,22 +5,23 @@ { config, pkgs, ... }: { - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Encrypted DNS - ../modules/services/edns - ]; + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Fonts + ../modules/personal/fonts + # Encrypted DNS + ../modules/services/edns + ]; # Secrets common.linux.sops.enable = true; common.linux.sops.file = ./secrets.yaml; # Build farm - sops.secrets."nix-build-farm/private-key" = { mode = "0400"; }; + sops.secrets."nix-build-farm/private-key" = { + mode = "0400"; + }; services.nix-build-farm.hostname = "yoga"; services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path; @@ -141,4 +142,3 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.05"; # Did you read the comment? } - diff --git a/nki-yoga-g8/hardware-configuration.nix b/nki-yoga-g8/hardware-configuration.nix index f45b630..74fc03a 100644 --- a/nki-yoga-g8/hardware-configuration.nix +++ b/nki-yoga-g8/hardware-configuration.nix @@ -1,15 +1,24 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "nvme" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; @@ -19,11 +28,10 @@ "resume_offset=9731998" # btrfs inspect-internal map-swapfile -r /var/swapfile ]; - fileSystems."/" = - { - device = "/dev/disk/by-uuid/b32d27bf-9df6-43c1-8b93-c0693811bf5b"; - fsType = "btrfs"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/b32d27bf-9df6-43c1-8b93-c0693811bf5b"; + fsType = "btrfs"; + }; services.btrfs.autoScrub = { enable = true; interval = "monthly"; @@ -31,14 +39,17 @@ common.linux.luksDevices."nixroot" = "/dev/disk/by-uuid/09114015-79bc-4a40-bf60-b4022e969acb"; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/E820-D6C7"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/E820-D6C7"; + fsType = "vfat"; + }; swapDevices = [ - { device = "/var/swapfile"; size = 32 * 1024; priority = 10; } + { + device = "/var/swapfile"; + size = 32 * 1024; + priority = 10; + } ]; boot.blacklistedKernelModules = [ diff --git a/overlay.nix b/overlay.nix index f430c2b..c40e057 100644 --- a/overlay.nix +++ b/overlay.nix @@ -1,9 +1,18 @@ { nixpkgs, nixpkgs-unstable, ... }@inputs: let overlay-unstable = final: prev: { - stable = import nixpkgs { config.allowUnfree = true; system = prev.system; }; - unstable = import nixpkgs-unstable { config.allowUnfree = true; system = prev.system; }; - x86 = import nixpkgs-unstable { system = prev.system; config.allowUnsupportedSystem = true; }; + stable = import nixpkgs { + config.allowUnfree = true; + system = prev.system; + }; + unstable = import nixpkgs-unstable { + config.allowUnfree = true; + system = prev.system; + }; + x86 = import nixpkgs-unstable { + system = prev.system; + config.allowUnsupportedSystem = true; + }; }; overlay-needs-unstable = final: prev: { # Typst updates really quickly. @@ -50,19 +59,20 @@ let input-remapper = final.unstable.input-remapper; - kakoune-unwrapped = - prev.kakoune-unwrapped.overrideAttrs (attrs: { - version = "r${builtins.substring 0 6 inputs.kakoune.rev}"; - src = inputs.kakoune; - patches = [ - # patches in the original package was already applied - ]; - }); - - librewolf = (prev.librewolf.override { - nativeMessagingHosts = with final; [ kdePackages.plasma-browser-integration ]; + kakoune-unwrapped = prev.kakoune-unwrapped.overrideAttrs (attrs: { + version = "r${builtins.substring 0 6 inputs.kakoune.rev}"; + src = inputs.kakoune; + patches = [ + # patches in the original package was already applied + ]; }); + librewolf = ( + prev.librewolf.override { + nativeMessagingHosts = with final; [ kdePackages.plasma-browser-integration ]; + } + ); + vikunja = # builtins.seq # (final.lib.assertMsg (prev.vikunja.version == "0.24.5") "Vikunja probably doesn't need custom versions anymore") @@ -71,20 +81,28 @@ let luminance = prev.luminance.overrideAttrs (attrs: { nativeBuildInputs = attrs.nativeBuildInputs ++ [ final.wrapGAppsHook ]; buildInputs = attrs.buildInputs ++ [ final.glib ]; - postInstall = attrs.postInstall + '' - glib-compile-schemas $out/share/glib-2.0/schemas - ''; + postInstall = + attrs.postInstall + + '' + glib-compile-schemas $out/share/glib-2.0/schemas + ''; }); vesktop = prev.vesktop.overrideAttrs (attrs: { postFixup = let - flagToReplace = if final.lib.hasInfix "--enable-wayland-ime=true" attrs.postFixup then "--enable-wayland-ime=true" else "--enable-wayland-ime"; + flagToReplace = + if final.lib.hasInfix "--enable-wayland-ime=true" attrs.postFixup then + "--enable-wayland-ime=true" + else + "--enable-wayland-ime"; in - builtins.replaceStrings [ "NIXOS_OZONE_WL" flagToReplace ] [ "WAYLAND_DISPLAY" "${flagToReplace} --wayland-text-input-version=3" ] attrs.postFixup; + builtins.replaceStrings + [ "NIXOS_OZONE_WL" flagToReplace ] + [ "WAYLAND_DISPLAY" "${flagToReplace} --wayland-text-input-version=3" ] + attrs.postFixup; }); - editline-lix = assert final.lib.assertMsg (final.lix.version == "2.92.0") "we only need to patch this for 2.92"; final.editline.overrideAttrs (prev: { @@ -106,7 +124,9 @@ let }; overlay-packages = final: prev: { - kak-tree-sitter = final.callPackage ./packages/common/kak-tree-sitter { rustPlatform = final.unstable.rustPlatform; }; + kak-tree-sitter = final.callPackage ./packages/common/kak-tree-sitter { + rustPlatform = final.unstable.rustPlatform; + }; kak-lsp = final.unstable.rustPlatform.buildRustPackage { name = "kak-lsp"; @@ -129,9 +149,14 @@ let zen-browser-bin = inputs.zen-browser.packages.${final.stdenv.system}.zen-browser.override { inherit (inputs.zen-browser.packages.${final.stdenv.system}) zen-browser-unwrapped; - wrapFirefox = opts: final.wrapFirefox (opts // { - nativeMessagingHosts = with final; [ kdePackages.plasma-browser-integration ]; - }); + wrapFirefox = + opts: + final.wrapFirefox ( + opts + // { + nativeMessagingHosts = with final; [ kdePackages.plasma-browser-integration ]; + } + ); # zen-browser-unwrapped = final.callPackage inputs.zen-browser.packages.${final.stdenv.system}.zen-browser-unwrapped.override { # sources = inputs.zen-browser.inputs; # }; diff --git a/packages/aarch64-linux/typora.nix b/packages/aarch64-linux/typora.nix index 3b31db3..a6704a5 100644 --- a/packages/aarch64-linux/typora.nix +++ b/packages/aarch64-linux/typora.nix @@ -1,4 +1,10 @@ -{ pkgs, runCommand, zstd, lib, buildFHSEnvChroot }: +{ + pkgs, + runCommand, + zstd, + lib, + buildFHSEnvChroot, +}: let typora-tar = builtins.fetchurl { @@ -13,35 +19,39 @@ let in buildFHSEnvChroot { name = "typora"; - targetPkgs = pkgs: with pkgs; [ - glib - nss - nspr - at-spi2-atk - cups - dbus - gtk3 - pango - cairo - mesa - expat - libdrm - libxkbcommon - alsa-lib - freefont_ttf - liberation_ttf - wayland - libglvnd - electron - ] ++ (with pkgs.xorg; [ - libX11 - libXcomposite - libXdamage - libXext - libXfixes - libXrandr - libxcb - ]); + targetPkgs = + pkgs: + with pkgs; + [ + glib + nss + nspr + at-spi2-atk + cups + dbus + gtk3 + pango + cairo + mesa + expat + libdrm + libxkbcommon + alsa-lib + freefont_ttf + liberation_ttf + wayland + libglvnd + electron + ] + ++ (with pkgs.xorg; [ + libX11 + libXcomposite + libXdamage + libXext + libXfixes + libXrandr + libxcb + ]); extraBuildCommands = '' # ldd ${typora-src}/bin/Typora-linux-arm64/Typora && false ''; diff --git a/packages/aarch64-linux/zotero.nix b/packages/aarch64-linux/zotero.nix index 43c08d7..22bb4a5 100644 --- a/packages/aarch64-linux/zotero.nix +++ b/packages/aarch64-linux/zotero.nix @@ -1,4 +1,10 @@ -{ pkgs, runCommandLocal, zstd, lib, buildFHSEnvChroot }: +{ + pkgs, + runCommandLocal, + zstd, + lib, + buildFHSEnvChroot, +}: let zotero-tar = builtins.fetchurl { @@ -14,7 +20,19 @@ let in buildFHSEnvChroot { name = "zotero"; - targetPkgs = pkgs: with pkgs; [ gtk3 dbus-glib libstartup_notification libpaper ] ++ (with pkgs.xorg; [ libX11 libXt ]); + targetPkgs = + pkgs: + with pkgs; + [ + gtk3 + dbus-glib + libstartup_notification + libpaper + ] + ++ (with pkgs.xorg; [ + libX11 + libXt + ]); runScript = "env QT_SCALE_FACTOR=2 ${zotero-src}/usr/lib/zotero/zotero"; extraInstallCommands = '' diff --git a/packages/common/epfl-cups-drivers/default.nix b/packages/common/epfl-cups-drivers/default.nix index d811be0..f5b77a1 100644 --- a/packages/common/epfl-cups-drivers/default.nix +++ b/packages/common/epfl-cups-drivers/default.nix @@ -1,6 +1,6 @@ -{ pkgs, runCommand, ... }: runCommand "epfl-cups-drivers" { } '' +{ pkgs, runCommand, ... }: +runCommand "epfl-cups-drivers" { } '' mkdir -p $out/share/cups/model cp ${./PPD-C5860-bw-EN.PPD} $out/share/cups/model cp ${./PPD-C5860-color-EN.PPD} $out/share/cups/model '' - diff --git a/packages/common/kak-tree-sitter/default.nix b/packages/common/kak-tree-sitter/default.nix index ff395ff..7cb49dd 100644 --- a/packages/common/kak-tree-sitter/default.nix +++ b/packages/common/kak-tree-sitter/default.nix @@ -1,4 +1,13 @@ -{ lib, rustPlatform, fetchFromSourcehut, symlinkJoin, clang, git, writeText, ... }: +{ + lib, + rustPlatform, + fetchFromSourcehut, + symlinkJoin, + clang, + git, + writeText, + ... +}: let src = fetchFromSourcehut { owner = "~hadronized"; @@ -12,9 +21,17 @@ let pname = "kak-tree-sitter"; version = "1.1.3"; cargoHash = "sha256-1OwPfl1446SYt1556jwR9mvWOWEv+ab+wH7GZQeS4/E="; - cargoBuildOptions = [ "--package" "kak-tree-sitter" "--package" "ktsctl" ]; + cargoBuildOptions = [ + "--package" + "kak-tree-sitter" + "--package" + "ktsctl" + ]; - nativeBuildInputs = [ clang git ]; + nativeBuildInputs = [ + clang + git + ]; patches = [ # Allow absolute-path style repos @@ -31,7 +48,7 @@ let + .trim_start_matches(":/") + .trim_start_matches("/"), ); - + self.runtime_dir.join("sources").join(url_dir) '') ]; @@ -40,4 +57,3 @@ let }; in kak-tree-sitter - diff --git a/packages/common/nki-kakoune/default.nix b/packages/common/nki-kakoune/default.nix index f4851af..7607d87 100644 --- a/packages/common/nki-kakoune/default.nix +++ b/packages/common/nki-kakoune/default.nix @@ -1,25 +1,32 @@ -{ callPackage, kakoune, kakoune-unwrapped, ... }: +{ + callPackage, + kakoune, + kakoune-unwrapped, + ... +}: let lsp = callPackage ./lsp.nix { }; rc = (callPackage ./rc.nix { }); in (kakoune.override { - plugins = callPackage ./plugins.nix { } + plugins = + callPackage ./plugins.nix { } ++ callPackage ./themes.nix { } ++ [ - (callPackage ./kaktex { }) - (callPackage ./faces.nix { }) - rc - lsp.plugin - ]; -}).overrideAttrs (attrs: { - buildCommand = '' - ${attrs.buildCommand or ""} - # location of kak binary is used to find ../share/kak/autoload, - # unless explicitly overriden with KAKOUNE_RUNTIME - rm "$out/bin/kak" - makeWrapper "${kakoune-unwrapped}/bin/kak" "$out/bin/kak" \ - --set KAKOUNE_RUNTIME "$out/share/kak" \ - --suffix PATH ":" "${lsp.extraPaths}" - ''; -}) + (callPackage ./kaktex { }) + (callPackage ./faces.nix { }) + rc + lsp.plugin + ]; +}).overrideAttrs + (attrs: { + buildCommand = '' + ${attrs.buildCommand or ""} + # location of kak binary is used to find ../share/kak/autoload, + # unless explicitly overriden with KAKOUNE_RUNTIME + rm "$out/bin/kak" + makeWrapper "${kakoune-unwrapped}/bin/kak" "$out/bin/kak" \ + --set KAKOUNE_RUNTIME "$out/share/kak" \ + --suffix PATH ":" "${lsp.extraPaths}" + ''; + }) diff --git a/packages/common/nki-kakoune/faces.nix b/packages/common/nki-kakoune/faces.nix index 367472c..2bca586 100644 --- a/packages/common/nki-kakoune/faces.nix +++ b/packages/common/nki-kakoune/faces.nix @@ -1,7 +1,7 @@ -{ callPackage, ... } : +{ callPackage, ... }: let -utils = callPackage ./utils.nix { }; -faces = { + utils = callPackage ./utils.nix { }; + faces = { Default = "%opt{text},%opt{base}"; BufferPadding = "%opt{base},%opt{base}"; MenuForeground = "%opt{blue},white+bF"; @@ -27,5 +27,6 @@ faces = { format_specifier = "+i@string"; mutable_variable = "+i@variable"; class = "+b@variable"; -}; -in utils.mkFacesScript "default-faces" faces + }; +in +utils.mkFacesScript "default-faces" faces diff --git a/packages/common/nki-kakoune/kaktex/default.nix b/packages/common/nki-kakoune/kaktex/default.nix index a8005d5..3f6aa9c 100644 --- a/packages/common/nki-kakoune/kaktex/default.nix +++ b/packages/common/nki-kakoune/kaktex/default.nix @@ -1,4 +1,11 @@ -{ fish, lib, writeScript, writeTextDir, kakouneUtils, ... }: +{ + fish, + lib, + writeScript, + writeTextDir, + kakouneUtils, + ... +}: let kaktex-script = writeScript "kaktex" '' #!/usr/bin/env ${lib.getExe fish} diff --git a/packages/common/nki-kakoune/lsp.nix b/packages/common/nki-kakoune/lsp.nix index 7ca6afd..07d7952 100644 --- a/packages/common/nki-kakoune/lsp.nix +++ b/packages/common/nki-kakoune/lsp.nix @@ -35,46 +35,83 @@ let languageServers = let - vscodeServerWith = { name, extraFileTypes ? [ ] }: { - name = "vscode-${name}-language-server"; - value = { - args = [ "--stdio" ]; - command = "vscode-${name}-language-server"; - filetypes = [ name ] ++ extraFileTypes; - roots = [ "package.json" ".git" ]; - package = nodePackages.vscode-langservers-extracted; + vscodeServerWith = + { + name, + extraFileTypes ? [ ], + }: + { + name = "vscode-${name}-language-server"; + value = { + args = [ "--stdio" ]; + command = "vscode-${name}-language-server"; + filetypes = [ name ] ++ extraFileTypes; + roots = [ + "package.json" + ".git" + ]; + package = nodePackages.vscode-langservers-extracted; + }; }; - }; in { ccls = { - args = [ "-v=2" "-log-file=/tmp/ccls.log" ]; + args = [ + "-v=2" + "-log-file=/tmp/ccls.log" + ]; package = ccls; command = "ccls"; - filetypes = [ "c" "cpp" ]; - roots = [ "compile_commands.json" ".cquery" ".git" ]; + filetypes = [ + "c" + "cpp" + ]; + roots = [ + "compile_commands.json" + ".cquery" + ".git" + ]; }; gopls = { command = "gopls"; package = gopls; filetypes = [ "go" ]; offset_encoding = "utf-8"; - roots = [ "Gopkg.toml" "go.mod" ".git" ".hg" ]; - settings = { gopls = { hoverKind = "SynopsisDocumentation"; semanticTokens = true; }; }; + roots = [ + "Gopkg.toml" + "go.mod" + ".git" + ".hg" + ]; + settings = { + gopls = { + hoverKind = "SynopsisDocumentation"; + semanticTokens = true; + }; + }; settings_section = "gopls"; }; haskell-language-server = { args = [ "--lsp" ]; command = "haskell-language-server-wrapper"; filetypes = [ "haskell" ]; - roots = [ "Setup.hs" "stack.yaml" "*.cabal" "package.yaml" ]; + roots = [ + "Setup.hs" + "stack.yaml" + "*.cabal" + "package.yaml" + ]; settings_section = "haskell"; }; nil = { command = "nil"; package = nil; filetypes = [ "nix" ]; - roots = [ "flake.nix" "shell.nix" ".git" ]; + roots = [ + "flake.nix" + "shell.nix" + ".git" + ]; settings.nil = { formatting.command = [ "${lib.getExe nixfmt-rfc-style}" ]; }; @@ -84,21 +121,43 @@ let package = python311Packages.python-lsp-server; filetypes = [ "python" ]; offset_encoding = "utf-8"; - roots = [ "requirements.txt" "setup.py" ".git" ".hg" ]; + roots = [ + "requirements.txt" + "setup.py" + ".git" + ".hg" + ]; }; # Spellchecking server ltex-ls = { command = "ltex-ls"; args = [ "--log-file=/tmp" ]; - filetypes = [ "latex" "typst" ]; - roots = [ "main.tex" "main.typ" ".git" ]; + filetypes = [ + "latex" + "typst" + ]; + roots = [ + "main.tex" + "main.typ" + ".git" + ]; package = ltex-ls; }; tailwind = { command = "tailwindcss-language-server"; args = [ "--stdio" ]; - filetypes = [ "html" "css" "javascript" "typescript" "templ" ]; - roots = [ "tailwind.config.{js,cjs,mjs,ts}" "package.json" ".git" ]; + filetypes = [ + "html" + "css" + "javascript" + "typescript" + "templ" + ]; + roots = [ + "tailwind.config.{js,cjs,mjs,ts}" + "package.json" + ".git" + ]; settings_section = "tailwindCSS"; settings.tailwindCSS = { validate = "warning"; @@ -115,12 +174,20 @@ let typescript-language-server = { args = [ "--stdio" ]; command = "typescript-language-server"; - filetypes = [ "typescript" "javascript" ]; + filetypes = [ + "typescript" + "javascript" + ]; roots = [ "package.json" ]; package = nodePackages.typescript-language-server; }; fsautocomplete = { - args = [ "--adaptive-lsp-server-enabled" "--project-graph-enabled" "--source-text-factory" "RoslynSourceText" ]; + args = [ + "--adaptive-lsp-server-enabled" + "--project-graph-enabled" + "--source-text-factory" + "RoslynSourceText" + ]; command = "fsautocomplete"; filetypes = [ "fsharp" ]; roots = [ "*.fsproj" ]; @@ -133,7 +200,11 @@ let metals = { command = "metals"; filetypes = [ "scala" ]; - roots = [ "build.sbt" "build.sc" "build.mill" ]; + roots = [ + "build.sbt" + "build.sc" + "build.mill" + ]; settings_section = "metals"; settings.metals = { inlayHints.inferredTypes.enable = true; @@ -143,18 +214,30 @@ let icons = "unicode"; isHttpEnabled = true; statusBarProvider = "log-message"; - compilerOptions = { overrideDefFormat = "unicode"; }; + compilerOptions = { + overrideDefFormat = "unicode"; + }; }; package = metals; }; texlab = { command = "texlab"; filetypes = [ "latex" ]; - roots = [ "main.tex" "all.tex" ".git" ]; + roots = [ + "main.tex" + "all.tex" + ".git" + ]; settings_section = "texlab"; settings.texlab = { build.executable = "latexmk"; - build.args = [ "-pdf" "-shell-escape" "-interaction=nonstopmode" "-synctex=1" "%f" ]; + build.args = [ + "-pdf" + "-shell-escape" + "-interaction=nonstopmode" + "-synctex=1" + "%f" + ]; build.forwardSearchAfter = true; build.onSave = true; @@ -174,7 +257,10 @@ let tinymist = { command = "tinymist"; filetypes = [ "typst" ]; - roots = [ "main.typ" ".git" ]; + roots = [ + "main.typ" + ".git" + ]; settings_section = "tinymist"; settings.tinymist = { exportPdf = "onSave"; @@ -185,14 +271,20 @@ let marksman = { command = "marksman"; filetypes = [ "markdown" ]; - roots = [ ".marksman.toml" ".git" ]; + roots = [ + ".marksman.toml" + ".git" + ]; package = marksman; }; templ = { command = "templ"; args = [ "lsp" ]; filetypes = [ "templ" ]; - roots = [ "go.mod" ".git" ]; + roots = [ + "go.mod" + ".git" + ]; package = templ; }; rust-analyzer = { @@ -203,78 +295,202 @@ let package = rust-analyzer; }; - } // (builtins.listToAttrs (builtins.map - (ft: vscodeServerWith { - name = ft; - extraFileTypes = if ft == "json" then [ ] else [ "templ" ]; - }) [ "html" "css" "json" ])); + } + // (builtins.listToAttrs ( + builtins.map + ( + ft: + vscodeServerWith { + name = ft; + extraFileTypes = if ft == "json" then [ ] else [ "templ" ]; + } + ) + [ + "html" + "css" + "json" + ] + )); faces = [ ## Items # (Rust) Macros - { face = "attribute"; token = "attribute"; } - { face = "attribute"; token = "derive"; } - { face = "macro"; token = "macro"; } # Function-like Macro + { + face = "attribute"; + token = "attribute"; + } + { + face = "attribute"; + token = "derive"; + } + { + face = "macro"; + token = "macro"; + } # Function-like Macro # Keyword and Fixed Tokens - { face = "keyword"; token = "keyword"; } - { face = "operator"; token = "operator"; } + { + face = "keyword"; + token = "keyword"; + } + { + face = "operator"; + token = "operator"; + } # Functions and Methods - { face = "function"; token = "function"; } - { face = "method"; token = "method"; } + { + face = "function"; + token = "function"; + } + { + face = "method"; + token = "method"; + } # Constants - { face = "string"; token = "string"; } - { face = "format_specifier"; token = "formatSpecifier"; } + { + face = "string"; + token = "string"; + } + { + face = "format_specifier"; + token = "formatSpecifier"; + } # Variables - { face = "variable"; token = "variable"; modifiers = [ "readonly" ]; } - { face = "mutable_variable"; token = "variable"; } - { face = "module"; token = "namespace"; } - { face = "variable"; token = "type_parameter"; } - { face = "class"; token = "enum"; } - { face = "class"; token = "struct"; } - { face = "class"; token = "trait"; } - { face = "class"; token = "union"; } - { face = "class"; token = "class"; } + { + face = "variable"; + token = "variable"; + modifiers = [ "readonly" ]; + } + { + face = "mutable_variable"; + token = "variable"; + } + { + face = "module"; + token = "namespace"; + } + { + face = "variable"; + token = "type_parameter"; + } + { + face = "class"; + token = "enum"; + } + { + face = "class"; + token = "struct"; + } + { + face = "class"; + token = "trait"; + } + { + face = "class"; + token = "union"; + } + { + face = "class"; + token = "class"; + } ## Comments - { face = "documentation"; token = "comment"; modifiers = [ "documentation" ]; } - { face = "comment"; token = "comment"; } + { + face = "documentation"; + token = "comment"; + modifiers = [ "documentation" ]; + } + { + face = "comment"; + token = "comment"; + } # Typst - { face = "header"; token = "heading"; } - { face = "ts_markup_link_url"; token = "link"; } - { face = "ts_markup_link_uri"; token = "ref"; } - { face = "ts_markup_link_label"; token = "label"; } - { face = "ts_property"; token = "pol"; } - { face = "ts_markup_list_checked"; token = "marker"; } - { face = "ts_constant_builtin_boolean"; token = "bool"; } - { face = "ts_keyword_control"; token = "delim"; } - { face = "ts_number"; token = "text"; modifiers = [ "math" ]; } - { face = "ts_markup_bold"; token = "text"; modifiers = [ "strong" ]; } - { face = "ts_markup_italic"; token = "text"; modifiers = [ "emph" ]; } + { + face = "header"; + token = "heading"; + } + { + face = "ts_markup_link_url"; + token = "link"; + } + { + face = "ts_markup_link_uri"; + token = "ref"; + } + { + face = "ts_markup_link_label"; + token = "label"; + } + { + face = "ts_property"; + token = "pol"; + } + { + face = "ts_markup_list_checked"; + token = "marker"; + } + { + face = "ts_constant_builtin_boolean"; + token = "bool"; + } + { + face = "ts_keyword_control"; + token = "delim"; + } + { + face = "ts_number"; + token = "text"; + modifiers = [ "math" ]; + } + { + face = "ts_markup_bold"; + token = "text"; + modifiers = [ "strong" ]; + } + { + face = "ts_markup_italic"; + token = "text"; + modifiers = [ "emph" ]; + } ]; raw = { - server = { timeout = 1800; }; + server = { + timeout = 1800; + }; snippet_support = false; verbosity = 255; }; }; - per-lang-config = lang: + per-lang-config = + lang: let toml = formats.toml { }; servers = lib.filterAttrs (_: server: builtins.elem lang server.filetypes) config.languageServers; - serverSettings = lib.mapAttrs - (name: server: builtins.removeAttrs - (server // { - root_globs = server.roots; - }) [ "package" "filetypes" "roots" ]) - servers; + serverSettings = lib.mapAttrs ( + name: server: + builtins.removeAttrs + ( + server + // { + root_globs = server.roots; + } + ) + [ + "package" + "filetypes" + "roots" + ] + ) servers; serversToml = toml.generate "kak-lsp-${lang}.toml" serverSettings; lang-id = - if builtins.hasAttr lang config.languageIDs then '' - set-option buffer lsp_language_id ${config.languageIDs.${lang}} - '' else "# No lang-id remap needed"; + if builtins.hasAttr lang config.languageIDs then + '' + set-option buffer lsp_language_id ${config.languageIDs.${lang}} + '' + else + "# No lang-id remap needed"; in '' # LSP Configuration for ${lang} @@ -288,14 +504,18 @@ let lang-config = let - langs = lib.unique (lib.flatten (lib.mapAttrsToList (_: server: server.filetypes) config.languageServers)); + langs = lib.unique ( + lib.flatten (lib.mapAttrsToList (_: server: server.filetypes) config.languageServers) + ); in lib.concatMapStringsSep "\n" per-lang-config langs; faces-config = let - mapFace = face: + mapFace = + face: let - modifiers = if builtins.hasAttr "modifiers" face then ", modifiers=${builtins.toJSON face.modifiers}" else ""; + modifiers = + if builtins.hasAttr "modifiers" face then ", modifiers=${builtins.toJSON face.modifiers}" else ""; in "{face=${builtins.toJSON face.face}, token=${builtins.toJSON face.token}${modifiers}}"; faces = lib.concatMapStringsSep ",\n " mapFace config.faces; @@ -319,9 +539,9 @@ let # language_ids = config.languageIDs; # } // config.raw); - serverPackages = - builtins.filter (v: v != null) - (lib.mapAttrsToList (_: serv: serv.package or null) config.languageServers); + serverPackages = builtins.filter (v: v != null) ( + lib.mapAttrsToList (_: serv: serv.package or null) config.languageServers + ); in { extraPaths = lib.makeBinPath (serverPackages ++ [ kak-lsp ]); @@ -385,4 +605,3 @@ in } ''; } - diff --git a/packages/common/nki-kakoune/plugins.nix b/packages/common/nki-kakoune/plugins.nix index 3e54937..71ed978 100644 --- a/packages/common/nki-kakoune/plugins.nix +++ b/packages/common/nki-kakoune/plugins.nix @@ -1,37 +1,57 @@ -{ pkgs, symlinkJoin, writeTextDir, kakouneUtils, ... }: +{ + pkgs, + symlinkJoin, + writeTextDir, + kakouneUtils, + ... +}: with { inherit (kakouneUtils) buildKakounePluginFrom2Nix; }; let toDir = name: file: writeTextDir name (builtins.readFile file); - writeActivationScript = script: writeTextDir "on-load.kak" '' - hook global KakBegin .* %{ - ${script} - } - ''; + writeActivationScript = + script: + writeTextDir "on-load.kak" '' + hook global KakBegin .* %{ + ${script} + } + ''; - writeModuleWrapper = name: script: writeTextDir "module.kak" '' - provide-module ${name} %◍ - ${script} - ◍ - ''; + writeModuleWrapper = + name: script: + writeTextDir "module.kak" '' + provide-module ${name} %◍ + ${script} + ◍ + ''; - kakounePlugin = { name, src, wrapAsModule ? false, activationScript ? null, ... }@attrs: + kakounePlugin = + { + name, + src, + wrapAsModule ? false, + activationScript ? null, + ... + }@attrs: let module = if wrapAsModule then writeModuleWrapper name (builtins.readFile src) else src; in buildKakounePluginFrom2Nix { pname = name; version = attrs.version or "latest"; - src = if activationScript == null then module else - symlinkJoin { - name = "${name}-src"; - paths = [ + src = + if activationScript == null then module - (writeActivationScript activationScript) - ]; - }; + else + symlinkJoin { + name = "${name}-src"; + paths = [ + module + (writeActivationScript activationScript) + ]; + }; }; in builtins.map kakounePlugin [ @@ -129,12 +149,14 @@ builtins.map kakounePlugin [ } { name = "racket.kak"; - src = (builtins.fetchTree { - type = "git"; - url = "https://bitbucket.org/KJ_Duncan/kakoune-racket.kak.git"; - rev = "e397042009b46916ff089d79166ec0e8ca813a18"; - narHash = "sha256-IcxFmvG0jqpMCG/dT9crVRgPgMGKkic6xwrnW5z4+bc="; - }) + "/rc"; + src = + (builtins.fetchTree { + type = "git"; + url = "https://bitbucket.org/KJ_Duncan/kakoune-racket.kak.git"; + rev = "e397042009b46916ff089d79166ec0e8ca813a18"; + narHash = "sha256-IcxFmvG0jqpMCG/dT9crVRgPgMGKkic6xwrnW5z4+bc="; + }) + + "/rc"; } # { # name = "kakoune-discord"; @@ -142,13 +164,14 @@ builtins.map kakounePlugin [ # } rec { name = "kakoune-mirror"; - src = pkgs.fetchFromGitHub - { + src = + pkgs.fetchFromGitHub { owner = "Delapouite"; repo = "kakoune-mirror"; rev = "5710635f440bcca914d55ff2ec1bfcba9efe0f15"; sha256 = "sha256-uslx4zZhvjUylrPWvTOugsKYKKpF0EEz1drc1Ckrpjk="; - } + "/mirror.kak"; + } + + "/mirror.kak"; wrapAsModule = true; activationScript = '' require-module ${name} diff --git a/packages/common/nki-kakoune/rc.nix b/packages/common/nki-kakoune/rc.nix index ac579c9..e227146 100644 --- a/packages/common/nki-kakoune/rc.nix +++ b/packages/common/nki-kakoune/rc.nix @@ -1,10 +1,11 @@ -{ lib -, fish -, writeScript -, writeTextDir -, prependRc ? "" -, appendRc ? "" -, ... +{ + lib, + fish, + writeScript, + writeTextDir, + prependRc ? "", + appendRc ? "", + ... }: let diff --git a/packages/common/nki-kakoune/themes.nix b/packages/common/nki-kakoune/themes.nix index 5c24299..0e762c8 100644 --- a/packages/common/nki-kakoune/themes.nix +++ b/packages/common/nki-kakoune/themes.nix @@ -1,9 +1,13 @@ { writeTextDir, ... }: let themes = [ - { name = "catppuccin-latte"; src = ./themes/catppuccin-latte.kak; } + { + name = "catppuccin-latte"; + src = ./themes/catppuccin-latte.kak; + } ]; - themeToColorscheme = { name, src }: writeTextDir "share/kak/colors/${name}.kak" (builtins.readFile src); + themeToColorscheme = + { name, src }: writeTextDir "share/kak/colors/${name}.kak" (builtins.readFile src); in builtins.map themeToColorscheme themes diff --git a/packages/common/nki-kakoune/utils.nix b/packages/common/nki-kakoune/utils.nix index 0307bc6..06bc3c5 100644 --- a/packages/common/nki-kakoune/utils.nix +++ b/packages/common/nki-kakoune/utils.nix @@ -1,7 +1,12 @@ -{ lib, writeTextDir, ... }: { - mkFacesScript = name: faces: writeTextDir "share/kak/autoload/${name}/faces.kak" '' - hook global KakBegin .* %{ - ${lib.concatStringsSep "\n" (builtins.attrValues (builtins.mapAttrs (name: face: " face global ${name} \"${face}\"") faces))} - } - ''; +{ lib, writeTextDir, ... }: +{ + mkFacesScript = + name: faces: + writeTextDir "share/kak/autoload/${name}/faces.kak" '' + hook global KakBegin .* %{ + ${lib.concatStringsSep "\n" ( + builtins.attrValues (builtins.mapAttrs (name: face: " face global ${name} \"${face}\"") faces) + )} + } + ''; } diff --git a/packages/common/suwako-cursors/default.nix b/packages/common/suwako-cursors/default.nix index 0a7380b..cc304d7 100644 --- a/packages/common/suwako-cursors/default.nix +++ b/packages/common/suwako-cursors/default.nix @@ -3,4 +3,3 @@ runCommandLocal "suwako-cursors" { } '' mkdir -p $out/share/icons ${unzip}/bin/unzip ${./Suwako.zip} -d $out/share/icons '' - diff --git a/packages/common/ttaenc.nix b/packages/common/ttaenc.nix index e4cd61b..e6a2674 100644 --- a/packages/common/ttaenc.nix +++ b/packages/common/ttaenc.nix @@ -1,4 +1,5 @@ -{ stdenv, lib }: stdenv.mkDerivation rec { +{ stdenv, lib }: +stdenv.mkDerivation rec { name = "ttaenc"; version = "3.4.1"; diff --git a/packages/common/vikunja.nix b/packages/common/vikunja.nix index 93fb842..0fcf849 100644 --- a/packages/common/vikunja.nix +++ b/packages/common/vikunja.nix @@ -1,4 +1,16 @@ -{ lib, fetchFromGitHub, stdenv, nodejs, pnpm, buildGoModule, mage, writeShellScriptBin, nixosTests, autoPatchelfHook, musl }: +{ + lib, + fetchFromGitHub, + stdenv, + nodejs, + pnpm, + buildGoModule, + mage, + writeShellScriptBin, + nixosTests, + autoPatchelfHook, + musl, +}: let version = "0.24.5-git"; @@ -16,7 +28,12 @@ let sourceRoot = "${finalAttrs.src.name}/frontend"; pnpmDeps = pnpm.fetchDeps { - inherit (finalAttrs) pname version src sourceRoot; + inherit (finalAttrs) + pname + version + src + sourceRoot + ; hash = "sha256-sOCaJDBgEMID+lN5plQpSqaGBIUs5h2tAwDzhtOH53o="; }; @@ -52,7 +69,8 @@ let }); # Injects a `t.Skip()` into a given test since there's apparently no other way to skip tests here. - skipTest = lineOffset: testCase: file: + skipTest = + lineOffset: testCase: file: let jumpAndAppend = lib.concatStringsSep ";" (lib.replicate (lineOffset - 1) "n" ++ [ "a" ]); in @@ -77,7 +95,10 @@ buildGoModule { fi ''; in - [ fakeGit mage ]; + [ + fakeGit + mage + ]; vendorHash = "sha256-UWjlivF9ySXCAr84A1trCJ/n9pB98ZhEyG11qz3PL7g=";