diff --git a/.sops.yaml b/.sops.yaml index 85a230f..836a896 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -4,8 +4,6 @@ keys: - &nki_pc age1tt0peqg8zdfh74m5sdgwsczcqh036nhgmwvkqnvywll88uvmm9xs433rhm - &nkagami_main age1n8tnmmgredzltzwkspag7aufhrn6034ny8ysjeulhkwdnf7vqqaqec4mg5 - &nkagami_do age1z2h24mjt80fryqupajkh3kg5r4sjgw65uqy489xeqxhqj8u2a9fsm3ff36 - - &nki_yoga age1vhjhmxura35apu5zdwg5ur5r40xay45ld9szh07dy0ph9chgsu7shfm4h9 - - &nki_framework age188tgu3psvywk6shq85mk2q0jdjwd0tcswzwlwu5pa5n3pndx75dq090z59 creation_rules: - path_regex: kagami-air-m1/secrets\.yaml$ key_groups: @@ -18,20 +16,9 @@ creation_rules: - *nki_pc - *nkagami_main - *nkagami_do - - *nki_framework - - path_regex: nki-home/secrets\.yaml$ + - path_regex: nki-home/secrets/secrets\.yaml$ key_groups: - age: - *nki_pc - *nkagami_main - *nkagami_do - - path_regex: nki-yoga-g8/secrets\.yaml$ - key_groups: - - age: - - *nki_yoga - - age1axvjllyv2gutngwmp3pvp4xtq2gqneldaq2c4nrzmaye0uwmk9lqsealdv # The machine itself - - path_regex: nki-framework/secrets\.yaml$ - key_groups: - - age: - - *nki_framework - - age1vgh6kvee8lvxylm7z86fpl3xzjyjs4u3zdfkyf064rjvxk9fpumsew7n27 # The machine itself diff --git a/cachix.nix b/cachix.nix index 338e8f2..ecd2d39 100644 --- a/cachix.nix +++ b/cachix.nix @@ -1,3 +1,4 @@ + # WARN: this file will get overwritten by $ cachix use { pkgs, lib, ... }: @@ -6,8 +7,7 @@ let toImport = name: value: folder + ("/" + name); filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key; imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); -in -{ +in { inherit imports; - nix.settings.substituters = [ "https://cache.nixos.org/" ]; + nix.settings.substituters = ["https://cache.nixos.org/"]; } diff --git a/cachix/natsukagami.nix b/cachix/natsukagami.nix index fa0b752..55a7d5a 100644 --- a/cachix/natsukagami.nix +++ b/cachix/natsukagami.nix @@ -1,3 +1,4 @@ + { nix = { settings = { diff --git a/common.nix b/common.nix index 55915ae..506ea92 100644 --- a/common.nix +++ b/common.nix @@ -1,43 +1,24 @@ let # Default shell - defaultShell = - { - lib, - pkgs, - config, - ... - }: - with lib; - { - environment.shells = with pkgs; [ - bash - fish - ]; - users.users = mkMerge [ - { nki.shell = pkgs.bash; } - # (mkIf (builtins.hasAttr "natsukagami" config.users.users) { natsukagami.shell = pkgs.fish; }) - ]; - }; + defaultShell = { lib, pkgs, config, ... }: with lib; { + environment.shells = with pkgs; [ bash fish ]; + users.users = mkMerge [ + { nki.shell = pkgs.bash; } + # (mkIf (builtins.hasAttr "natsukagami" config.users.users) { natsukagami.shell = pkgs.fish; }) + ]; + }; in # Common stuff -{ - lib, - pkgs, - config, - ... -}: -with lib; -{ +{ lib, pkgs, config, ... }: +with lib; { imports = [ # defaultShell - ./modules/services/nix-cache - ./modules/services/nix-build-farm ]; ## Packages # Nix options # Always have flakes enabled! nix.extraOptions = '' - experimental-features = nix-command flakes + experimental-features = nix-command flakes repl-flake ''; } diff --git a/darwin/brew.nix b/darwin/brew.nix deleted file mode 100644 index 72aba81..0000000 --- a/darwin/brew.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: - -with lib; -{ - homebrew.enable = true; - homebrew.brewPrefix = if pkgs.stdenv.isAarch64 then "/opt/homebrew/bin" else "/usr/local/bin"; - homebrew.onActivation.cleanup = "zap"; - homebrew.onActivation.upgrade = true; - - # All needed taps - homebrew.taps = [ - "homebrew/bundle" - "homebrew/cask" - "homebrew/core" - "homebrew/services" - ]; - - homebrew.brews = [ - # CLI tools - "pinentry-mac" # UI for Pin Entry on gpg Mac - - { - name = "d-bus"; - restart_service = "changed"; - } - - # U2F - "pam-u2f" - ]; - - homebrew.casks = [ - "blackhole-2ch" - "finicky" - "inkscape" - "yt-music" - "eloston-chromium" - - # CLI, but doesn't yet work on Nix - # "sage" - ]; - - # We don't really need to keep track of all these - homebrew.masApps = { - # # Safari Extensions - # "Keepa - Price Tracker" = 1533805339; - # "Vimari" = 1480933944; - # "Bitwarden" = 1352778147; - # "Save to Pocket" = 1477385213; - # "AdGuard for Safari" = 1440147259; - # "Refined GitHub" = 1519867270; - - # # Productivity - # # "GoodNotes" = 1444383602; - # "Amphetamine" = 937984704; # Turns off auto display dimming and sleep for some time - # "Session Pal" = 1515213004; - # "Flow" = 1423210932; - # # "Taskheat" = 1431995750; # Always shown outdated! - # "Hidden Bar" = 1452453066; - - # # Development - # "Developer" = 640199958; - # # "Xcode" = 497799835; - - # # Chat - # "Messenger" = 1480068668; - # "LINE" = 539883307; - # "Slack" = 803453959; - - # # Office - # "Keynote" = 409183694; - # "Microsoft Excel" = 462058435; - # "The Unarchiver" = 425424353; - # "Numbers" = 409203825; - # "Pages" = 409201541; - # ## Multimedia - # "DaVinci Resolve" = 571213070; - # "GarageBand" = 682658836; - # "iMovie" = 408981434; - }; -} diff --git a/darwin/configuration.nix b/darwin/configuration.nix deleted file mode 100644 index 3e1d595..0000000 --- a/darwin/configuration.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -{ - imports = [ - ../modules/personal/fonts - ./brew.nix - ]; - # List packages installed in system profile. To search by name, run: - # $ nix-env -qaP | grep wget - environment.systemPackages = with pkgs; [ - podman - qemu - ]; - - environment.shells = with pkgs; [ fish ]; - - # Use a custom configuration.nix location. - # $ darwin-rebuild switch -I darwin-config=$HOME/.config/nixpkgs/darwin/configuration.nix - # environment.darwinConfig = "$HOME/.config/nixpkgs/darwin/configuration.nix"; - - # Auto upgrade nix package and the daemon service. - # services.nix-daemon.enable = true; - - # Create /etc/bashrc that loads the nix-darwin environment. - programs.zsh.enable = true; # default shell on catalina - programs.fish.enable = true; - - ## Networking related settings - networking.hostName = "nki-macbook"; - - environment.variables = { - EDITOR = ""; # don't set it by default - - # Homebrew stuff - # LLVM! - # To use the bundled libc++ please add the following LDFLAGS: - LDFLAGS = lib.concatStringsSep " " [ - "-L/opt/homebrew/opt/llvm/lib" - "-Wl,-rpath,/opt/homebrew/opt/llvm/lib" - "-L/opt/homebrew/opt/llvm/lib" - "$LDFLAGS" - ]; - CPPFLAGS = "-I/opt/homebrew/opt/llvm/include $CPPFLAGS"; - }; - - environment.systemPath = lib.mkBefore [ - # Missing from MacOS - "/usr/local/bin" - # LaTeX - "/usr/local/texlive/2021/bin/universal-darwin" - # Go - "/usr/local/go/bin" - # Ruby - "/opt/homebrew/opt/ruby@2.7/bin" - # .NET - "/usr/local/share/dotnet" - # LLVM! - "/opt/homebrew/opt/llvm/bin" - ]; - - # Used for backwards compatibility, please read the changelog before changing. - # $ darwin-rebuild changelog - system.stateVersion = 4; - - # Font configuration - - users.users.nki = { - name = "nki"; - home = "/Users/nki"; - shell = "${config.home-manager.users.nki.programs.fish.package}/bin/fish"; - }; -} diff --git a/flake.lock b/flake.lock index f460f8e..32e016d 100644 --- a/flake.lock +++ b/flake.lock @@ -4,19 +4,19 @@ "inputs": { "flake-parts": "flake-parts", "haskell-flake": "haskell-flake", - "nixpkgs": "nixpkgs" + "hercules-ci-effects": "hercules-ci-effects", + "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1733918199, - "narHash": "sha256-hSuGa8Hh67EHr2x812Ay6WFyFT2BGKn+zk+FJWeKXPg=", + "lastModified": 1692787336, + "narHash": "sha256-WabgeYsUiMRbpb1bCT3oY6GJEciZQIf3tYD8RQAUf2c=", "owner": "hercules-ci", "repo": "arion", - "rev": "9f01fb79f61f53fe31d5ef831e420ab9ad252b99", + "rev": "28902d348807c494115177595f812a3e54cc913b", "type": "github" }, "original": { "owner": "hercules-ci", - "ref": "v0.2.2.0", "repo": "arion", "type": "github" } @@ -25,17 +25,16 @@ "inputs": { "crane": "crane", "flake-compat": "flake-compat", - "flake-parts": "flake-parts_2", - "nix-github-actions": "nix-github-actions", - "nixpkgs": "nixpkgs_2", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_3", "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1738524606, - "narHash": "sha256-hPYEJ4juK3ph7kbjbvv7PlU1D9pAkkhl+pwx8fZY53U=", + "lastModified": 1707922053, + "narHash": "sha256-wSZjK+rOXn+UQiP1NbdNn5/UW6UcBxjvlqr2wh++MbM=", "owner": "zhaofengli", "repo": "attic", - "rev": "ff8a897d1f4408ebbf4d45fa9049c06b3e1e3f4e", + "rev": "6eabc3f02fae3683bffab483e614bebfcd476b21", "type": "github" }, "original": { @@ -51,21 +50,21 @@ "crane": "crane_2", "fenix": "fenix", "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "nix-filter": "nix-filter", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1747073949, - "narHash": "sha256-cLPfgRchYLJXA13Xr1Yg3v+O/7SvxWYIAxaKvnsm7HM=", + "lastModified": 1718214198, + "narHash": "sha256-/qKPeE2Ptweaf+rHOvdW0TUDLwN9D93MMgDoU4fTzEA=", "owner": "famedly", "repo": "conduit", - "rev": "ff7b2af80db5e5dd2dddc02e42e8fd27abb6955f", + "rev": "7a5b8930134cf7ea5ff9880e6fa468b2b3e05c98", "type": "gitlab" }, "original": { "owner": "famedly", - "ref": "v0.10.3", + "ref": "v0.8.0", "repo": "conduit", "type": "gitlab" } @@ -79,11 +78,11 @@ ] }, "locked": { - "lastModified": 1722960479, - "narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=", + "lastModified": 1702918879, + "narHash": "sha256-tWJqzajIvYcaRWxn+cLUB9L9Pv4dQ3Bfit/YjU5ze3g=", "owner": "ipetkov", "repo": "crane", - "rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4", + "rev": "7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb", "type": "github" }, "original": { @@ -93,31 +92,40 @@ } }, "crane_2": { + "inputs": { + "nixpkgs": [ + "conduit", + "nixpkgs" + ] + }, "locked": { - "lastModified": 1741481578, - "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "lastModified": 1713721181, + "narHash": "sha256-Vz1KRVTzU3ClBfyhOj8gOehZk21q58T1YsXC30V23PU=", "owner": "ipetkov", "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "rev": "55f4939ac59ff8f89c6a4029730a2d49ea09105f", "type": "github" }, "original": { "owner": "ipetkov", + "ref": "master", "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", "type": "github" } }, "crane_3": { "inputs": { - "nixpkgs": "nixpkgs_4" + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_5", + "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1724006180, - "narHash": "sha256-PVxPj0Ga2fMYMtcT9ARCthF+4U71YkOT7ZjgD/vf1Aw=", + "lastModified": 1697334144, + "narHash": "sha256-gcOxnHEgBcn8mGXgNkTvZ1BLAANZZj+IZzb9QnQt7bc=", "owner": "ipetkov", "repo": "crane", - "rev": "7ce92819802bc583b7e82ebc08013a530f22209f", + "rev": "4dcf584de14beff8dd0c030ac54e185fd3b72023", "type": "github" }, "original": { @@ -128,14 +136,29 @@ }, "crane_4": { "inputs": { - "nixpkgs": "nixpkgs_7" + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "rust-overlay": [ + "lanzaboote", + "rust-overlay" + ] }, "locked": { - "lastModified": 1717535930, - "narHash": "sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU=", + "lastModified": 1681177078, + "narHash": "sha256-ZNIjBDou2GOabcpctiQykEQVkI8BDwk7TyvlWlI4myE=", "owner": "ipetkov", "repo": "crane", - "rev": "55e7754ec31dac78980c8be45f8a28e80e370946", + "rev": "0c9f468ff00576577d83f5019a66c557ede5acf6", "type": "github" }, "original": { @@ -144,31 +167,31 @@ "type": "github" } }, - "darwin": { + "crane_5": { "inputs": { "nixpkgs": [ - "nixpkgs-unstable" + "youmubot", + "nixpkgs" ] }, "locked": { - "lastModified": 1696360011, - "narHash": "sha256-HpPv27qMuPou4acXcZ8Klm7Zt0Elv9dgDvSJaomWb9Y=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "8b6ea26d5d2e8359d06278364f41fbc4b903b28a", + "lastModified": 1718730147, + "narHash": "sha256-QmD6B6FYpuoCqu6ZuPJH896ItNquDkn0ulQlOn4ykN8=", + "owner": "ipetkov", + "repo": "crane", + "rev": "32c21c29b034d0a93fdb2379d6fabc40fc3d0e6c", "type": "github" }, "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", + "owner": "ipetkov", + "repo": "crane", "type": "github" } }, "deploy-rs": { "inputs": { - "flake-compat": "flake-compat_3", - "nixpkgs": "nixpkgs_5", + "flake-compat": "flake-compat_4", + "nixpkgs": "nixpkgs_6", "utils": "utils" }, "locked": { @@ -187,22 +210,21 @@ }, "dtth-phanpy": { "inputs": { - "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_6" + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1745270739, - "narHash": "sha256-w1HoYlSEyeS2iptP9t+1Vuady11fmRYA7za6QTfxKs4=", - "ref": "dtth-fork", - "rev": "294e5954832aec76e67d596a79d25c47514f7f9b", - "revCount": 3563, + "lastModified": 1719154855, + "narHash": "sha256-uLV3PAVG+eZVnfVkRmHABGi7vRW/q8qvDafw3VzmFgk=", + "ref": "refs/heads/dtth-fork", + "rev": "97978f4a6556e69b826e15f7d2c3c4079a1c1c47", + "revCount": 2662, "type": "git", - "url": "ssh://gitea@git.dtth.ch/nki-dtth/phanpy" + "url": "ssh://gitea@git.dtth.ch/nki/phanpy?branch=dtth-fork" }, "original": { - "ref": "dtth-fork", "type": "git", - "url": "ssh://gitea@git.dtth.ch/nki-dtth/phanpy" + "url": "ssh://gitea@git.dtth.ch/nki/phanpy?branch=dtth-fork" } }, "fenix": { @@ -214,11 +236,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1745735608, - "narHash": "sha256-L0jzm815XBFfF2wCFmR+M1CF+beIEFj6SxlqVKF59Ec=", + "lastModified": 1709619709, + "narHash": "sha256-l6EPVJfwfelWST7qWQeP6t/TDK3HHv5uUB1b2vw4mOQ=", "owner": "nix-community", "repo": "fenix", - "rev": "c39a78eba6ed2a022cc3218db90d485077101496", + "rev": "c8943ea9e98d41325ff57d4ec14736d330b321b2", "type": "github" }, "original": { @@ -230,11 +252,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "owner": "edolstra", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { @@ -246,11 +268,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -262,11 +284,11 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "lastModified": 1696267196, + "narHash": "sha256-AAQ/2sD+0D18bb8hKuEEVpHUYD1GmO2Uh/taFamn6XQ=", "owner": "edolstra", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "4f910c9827911b1ec2bf26b5a062cd09f8d89f85", "type": "github" }, "original": { @@ -292,16 +314,17 @@ } }, "flake-compat_5": { + "flake": false, "locked": { - "lastModified": 1688025799, - "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=", - "owner": "nix-community", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", "repo": "flake-compat", - "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { - "owner": "nix-community", + "owner": "edolstra", "repo": "flake-compat", "type": "github" } @@ -314,11 +337,11 @@ ] }, "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "lastModified": 1675933616, + "narHash": "sha256-/rczJkJHtx16IFxMmAWu5nNYcSXNg1YYXTHoGjLrLUA=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "rev": "47478a4a003e745402acf63be7f9a092d51b83d7", "type": "github" }, "original": { @@ -329,39 +352,36 @@ }, "flake-parts_2": { "inputs": { - "nixpkgs-lib": [ - "conduit", - "attic", - "nixpkgs" - ] + "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", + "lastModified": 1688466019, + "narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", + "rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec", "type": "github" }, "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" + "id": "flake-parts", + "type": "indirect" } }, "flake-parts_3": { "inputs": { "nixpkgs-lib": [ - "lanzaboote", + "arion", + "hercules-ci-effects", + "hercules-ci-agent", "nixpkgs" ] }, "locked": { - "lastModified": 1717285511, - "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "lastModified": 1688466019, + "narHash": "sha256-VeM2akYrBYMsb4W/MmBo1zmaMfgbL4cH3Pu8PGyIwJ0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "rev": "8e8d955c22df93dbe24f19ea04f47a74adbdc5ec", "type": "github" }, "original": { @@ -372,14 +392,35 @@ }, "flake-parts_4": { "inputs": { - "nixpkgs-lib": "nixpkgs-lib" + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] }, "locked": { - "lastModified": 1736143030, - "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", + "lastModified": 1680392223, + "narHash": "sha256-n3g7QFr85lDODKt250rkZj2IFS3i4/8HBU2yKHO3tqw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", + "rev": "dcc36e45d054d7bb554c9cdab69093debd91a0b5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_5": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_2" + }, + "locked": { + "lastModified": 1706830856, + "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", "type": "github" }, "original": { @@ -389,15 +430,30 @@ } }, "flake-utils": { - "inputs": { - "systems": "systems" - }, "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_10": { + "inputs": { + "systems": "systems_9" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -408,14 +464,14 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_3" + "systems": "systems" }, "locked": { - "lastModified": 1726560853, - "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { @@ -426,7 +482,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_4" + "systems": "systems_2" }, "locked": { "lastModified": 1694529238, @@ -444,14 +500,14 @@ }, "flake-utils_4": { "inputs": { - "systems": "systems_5" + "systems": "systems_4" }, "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -462,14 +518,14 @@ }, "flake-utils_5": { "inputs": { - "systems": "systems_6" + "systems": "systems_5" }, "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -479,6 +535,24 @@ } }, "flake-utils_6": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_7": { "inputs": { "systems": "systems_7" }, @@ -496,13 +570,16 @@ "type": "github" } }, - "flake-utils_7": { + "flake-utils_8": { + "inputs": { + "systems": "systems_8" + }, "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -511,16 +588,13 @@ "type": "github" } }, - "flake-utils_8": { - "inputs": { - "systems": "systems_8" - }, + "flake-utils_9": { "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", "type": "github" }, "original": { @@ -553,11 +627,11 @@ ] }, "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "lastModified": 1660459072, + "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", "owner": "hercules-ci", "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", "type": "github" }, "original": { @@ -582,6 +656,64 @@ "type": "github" } }, + "haskell-flake_2": { + "locked": { + "lastModified": 1684780604, + "narHash": "sha256-2uMZsewmRn7rRtAnnQNw1lj0uZBMh4m6Cs/7dV5YF08=", + "owner": "srid", + "repo": "haskell-flake", + "rev": "74210fa80a49f1b6f67223debdbf1494596ff9f2", + "type": "github" + }, + "original": { + "owner": "srid", + "ref": "0.3.0", + "repo": "haskell-flake", + "type": "github" + } + }, + "hercules-ci-agent": { + "inputs": { + "flake-parts": "flake-parts_3", + "haskell-flake": "haskell-flake_2", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1688568579, + "narHash": "sha256-ON0M56wtY/TIIGPkXDlJboAmuYwc73Hi8X9iJGtxOhM=", + "owner": "hercules-ci", + "repo": "hercules-ci-agent", + "rev": "367dd8cd649b57009a6502e878005a1e54ad78c5", + "type": "github" + }, + "original": { + "id": "hercules-ci-agent", + "type": "indirect" + } + }, + "hercules-ci-effects": { + "inputs": { + "flake-parts": "flake-parts_2", + "hercules-ci-agent": "hercules-ci-agent", + "nixpkgs": [ + "arion", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1689397210, + "narHash": "sha256-fVxZnqxMbsDkB4GzGAs/B41K0wt/e+B/fLxmTFF/S20=", + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "rev": "0a63bfa3f00a3775ea3a6722b247880f1ffe91ce", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -589,16 +721,16 @@ ] }, "locked": { - "lastModified": 1746171682, - "narHash": "sha256-EyXUNSa+H+YvGVuQJP1nZskXAowxKYp79RNUsNdQTj4=", + "lastModified": 1716736833, + "narHash": "sha256-rNObca6dm7Qs524O4st8VJH6pZ/Xe1gxl+Rx6mcWYo0=", "owner": "nix-community", "repo": "home-manager", - "rev": "50eee705bbdbac942074a8c120e8194185633675", + "rev": "a631666f5ec18271e86a5cde998cba68c33d9ac6", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.11", + "ref": "release-24.05", "repo": "home-manager", "type": "github" } @@ -610,11 +742,11 @@ ] }, "locked": { - "lastModified": 1746981801, - "narHash": "sha256-+Bfr0KqZV6gZdA7e2kupeoawozaLIHLuiPtC54uxbFc=", + "lastModified": 1719037157, + "narHash": "sha256-aOKd8+mhBsLQChCu1mn/W5ww79ta5cXVE59aJFrifM8=", "owner": "nix-community", "repo": "home-manager", - "rev": "ff915842e4a2e63c4c8c5c08c6870b9d5b3c3ee9", + "rev": "cd886711998fe5d9ff7979fdd4b4cbd17b1f1511", "type": "github" }, "original": { @@ -626,16 +758,15 @@ "kak-lsp": { "flake": false, "locked": { - "lastModified": 1742457498, - "narHash": "sha256-2jD0meehUNGvmywOY4D9CwP1qswD7QCPlctLBjngzvE=", + "lastModified": 1719761259, + "narHash": "sha256-2cnjweEU/NgQffF2gav9b6EIXmV9TcSd7214FzW7ekY=", "owner": "kakoune-lsp", "repo": "kakoune-lsp", - "rev": "30dfe2873dae089981d63d3405323a8e9def0468", + "rev": "484b19c2e373988ee5ab9afc54ecd6383b8da9bc", "type": "github" }, "original": { "owner": "kakoune-lsp", - "ref": "v18.1.3", "repo": "kakoune-lsp", "type": "github" } @@ -643,11 +774,11 @@ "kakoune": { "flake": false, "locked": { - "lastModified": 1743226963, - "narHash": "sha256-JIqhzigex0YR+ll6OpgP176EFu4F49G/ZDp5ek3Y/hQ=", + "lastModified": 1719405481, + "narHash": "sha256-IkPZSkEJQixpylRGqLO330oZ50CS0Aq0JqMvU5B+Abo=", "owner": "mawww", "repo": "kakoune", - "rev": "c7d688f578c7b58989fc04e7bb1e9b5a939a5730", + "rev": "80fcfebca8c62ace6cf2af9487784486af07d2d5", "type": "github" }, "original": { @@ -659,25 +790,26 @@ "lanzaboote": { "inputs": { "crane": "crane_4", - "flake-compat": "flake-compat_4", - "flake-parts": "flake-parts_3", + "flake-compat": "flake-compat_5", + "flake-parts": "flake-parts_4", + "flake-utils": "flake-utils_6", "nixpkgs": [ "nixpkgs" ], "pre-commit-hooks-nix": "pre-commit-hooks-nix", - "rust-overlay": "rust-overlay" + "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1737639419, - "narHash": "sha256-AEEDktApTEZ5PZXNDkry2YV2k6t0dTgLPEmAZbnigXU=", + "lastModified": 1682802423, + "narHash": "sha256-Fb5TeRTdvUlo/5Yi2d+FC8a6KoRLk2h1VE0/peMhWPs=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "a65905a09e2c43ff63be8c0e86a93712361f871e", + "rev": "64b903ca87d18cef2752c19c098af275c6e51d63", "type": "github" }, "original": { "owner": "nix-community", - "ref": "v0.4.2", + "ref": "v0.3.0", "repo": "lanzaboote", "type": "github" } @@ -685,20 +817,20 @@ "lix": { "flake": false, "locked": { - "lastModified": 1746827285, - "narHash": "sha256-hsFe4Tsqqg4l+FfQWphDtjC79WzNCZbEFhHI8j2KJzw=", - "rev": "47aad376c87e2e65967f17099277428e4b3f8e5a", + "lastModified": 1720626042, + "narHash": "sha256-f8k+BezKdJfmE+k7zgBJiohtS3VkkriycdXYsKOm3sc=", + "rev": "2a4376be20d70feaa2b0e640c5041fb66ddc67ed", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/47aad376c87e2e65967f17099277428e4b3f8e5a.tar.gz?rev=47aad376c87e2e65967f17099277428e4b3f8e5a" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2a4376be20d70feaa2b0e640c5041fb66ddc67ed.tar.gz" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.93.0.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/2.90.0.tar.gz" } }, "lix-module": { "inputs": { - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_7", "flakey-profile": "flakey-profile", "lix": "lix", "nixpkgs": [ @@ -706,20 +838,20 @@ ] }, "locked": { - "lastModified": 1746838955, - "narHash": "sha256-11R4K3iAx4tLXjUs+hQ5K90JwDABD/XHhsM9nkeS5N8=", - "rev": "cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc", + "lastModified": 1720641669, + "narHash": "sha256-yEO2cGNgzm9x/XxiDQI+WckSWnZX63R8aJLBRSXtYNE=", + "rev": "5c48c833c15bb80d127a398a8c2484d42fdd8257", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc.tar.gz?rev=cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/5c48c833c15bb80d127a398a8c2484d42fdd8257.tar.gz" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz" } }, "mpd-mpris": { "inputs": { - "flake-utils": "flake-utils_6", + "flake-utils": "flake-utils_8", "nixpkgs": [ "nixpkgs" ] @@ -738,69 +870,13 @@ "type": "github" } }, - "niri": { - "inputs": { - "niri-stable": "niri-stable", - "niri-unstable": "niri-unstable", - "nixpkgs": "nixpkgs_8", - "nixpkgs-stable": "nixpkgs-stable_3", - "xwayland-satellite-stable": "xwayland-satellite-stable", - "xwayland-satellite-unstable": "xwayland-satellite-unstable" - }, - "locked": { - "lastModified": 1743644801, - "narHash": "sha256-z8x/j/RuDBo/5lNt3XYatKRpIMFMHVE2HK7TKVxYn+c=", - "owner": "sodiboo", - "repo": "niri-flake", - "rev": "f3fca85fe72c70d58f44f4c6ad2f27a91aa54d0d", - "type": "github" - }, - "original": { - "owner": "sodiboo", - "repo": "niri-flake", - "type": "github" - } - }, - "niri-stable": { - "flake": false, - "locked": { - "lastModified": 1740117926, - "narHash": "sha256-mTTHA0RAaQcdYe+9A3Jx77cmmyLFHmRoZdd8RpWa+m8=", - "owner": "YaLTeR", - "repo": "niri", - "rev": "b94a5db8790339cf9134873d8b490be69e02ac71", - "type": "github" - }, - "original": { - "owner": "YaLTeR", - "ref": "v25.02", - "repo": "niri", - "type": "github" - } - }, - "niri-unstable": { - "flake": false, - "locked": { - "lastModified": 1743492917, - "narHash": "sha256-OqLDg0Ody1HX23hgjvjIkfZPNhYKxbkj/ONcDjdD4Ik=", - "owner": "YaLTeR", - "repo": "niri", - "rev": "60034a57efd9c8130b05797b37cbc187a8c13145", - "type": "github" - }, - "original": { - "owner": "YaLTeR", - "repo": "niri", - "type": "github" - } - }, "nix-filter": { "locked": { - "lastModified": 1731533336, - "narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=", + "lastModified": 1705332318, + "narHash": "sha256-kcw1yFeJe9N4PjQji9ZeX47jg0p9A0DuU4djKvg1a7I=", "owner": "numtide", "repo": "nix-filter", - "rev": "f7653272fd234696ae94229839a99b73c9ab7de0", + "rev": "3449dc925982ad46246cfc36469baf66e1b64f17", "type": "github" }, "original": { @@ -811,16 +887,15 @@ }, "nix-gaming": { "inputs": { - "flake-parts": "flake-parts_4", - "nixpkgs": "nixpkgs_9", - "umu": "umu" + "flake-parts": "flake-parts_5", + "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1737337163, - "narHash": "sha256-Z9hc25iV+jhH0AlvsrG65KqLEd726/HVvalSiqNQLqA=", + "lastModified": 1716686274, + "narHash": "sha256-4JiRUWtoEMrfq38jG4O+NP6rcQIhKxEclnSkHvywnf0=", "owner": "fufexan", "repo": "nix-gaming", - "rev": "e5559b3a91433c21eb64792b78134582b3bd77f2", + "rev": "83a47c12d3493f7eb876250d0298d1566a965ce4", "type": "github" }, "original": { @@ -829,35 +904,13 @@ "type": "github" } }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "conduit", - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1729742964, - "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-github-actions", - "type": "github" - } - }, "nixos-hardware": { "locked": { - "lastModified": 1741792691, - "narHash": "sha256-f0BVt1/cvA0DQ/q3rB+HY4g4tKksd03ZkzI4xehC2Ew=", + "lastModified": 1719007440, + "narHash": "sha256-ll9zg1P0W8cMk1Co1BOQOrICr9dDgUw+ZL3mGy5GnOg=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "e1f12151258b12c567f456d8248e4694e9390613", + "rev": "e6d40db8924c3a663e1f76e0daed09510fea51c3", "type": "github" }, "original": { @@ -866,35 +919,13 @@ "type": "github" } }, - "nixos-m1": { - "inputs": { - "flake-compat": "flake-compat_5", - "nixpkgs": [ - "nixpkgs" - ], - "rust-overlay": "rust-overlay_2" - }, - "locked": { - "lastModified": 1700436815, - "narHash": "sha256-+txRDmFuI/dW/ZmacfDrqSsKiWTNLmRygej25u2ojNM=", - "owner": "tpwrules", - "repo": "nixos-apple-silicon", - "rev": "14b327ca47703c376ebb82ba16dc42ca2baa57d8", - "type": "github" - }, - "original": { - "owner": "tpwrules", - "repo": "nixos-apple-silicon", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1733212471, - "narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=", + "lastModified": 1688322751, + "narHash": "sha256-eW62dC5f33oKZL7VWlomttbUnOTHrAbte9yNUNW8rbk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "55d15ad12a74eb7d4646254e13638ad0c4128776", + "rev": "0fbe93c5a7cac99f90b60bdf5f149383daaa615f", "type": "github" }, "original": { @@ -906,39 +937,47 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1735774519, - "narHash": "sha256-CewEm1o2eVAnoqb6Ml+Qi9Gg/EfNAxbRx1lANGVyoLI=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + "dir": "lib", + "lastModified": 1688049487, + "narHash": "sha256-100g4iaKC9MalDjUW9iN6Jl/OocTDtXdeAj7pEGIRh4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4bc72cae107788bf3f24f30db2e2f685c9298dc9", + "type": "github" }, "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/e9b51731911566bbf7e4895475a87fe06961de0b.tar.gz" + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib_2": { + "locked": { + "dir": "lib", + "lastModified": 1706550542, + "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs-stable": { "locked": { - "lastModified": 1724316499, - "narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=", + "lastModified": 1702780907, + "narHash": "sha256-blbrBBXjjZt6OKTcYX1jpe9SRof2P9ZYWPzq22tzXAA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1710695816, - "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "rev": "1e2e384c5b7c50dbf8e9c441a9e58d85f408b01f", "type": "github" }, "original": { @@ -948,29 +987,29 @@ "type": "github" } }, - "nixpkgs-stable_3": { + "nixpkgs-stable_2": { "locked": { - "lastModified": 1743576891, - "narHash": "sha256-vXiKURtntURybE6FMNFAVpRPr8+e8KoLPrYs9TGuAKc=", + "lastModified": 1678872516, + "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "44a69ed688786e98a101f02b712c313f1ade37ab", + "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1746576598, - "narHash": "sha256-FshoQvr6Aor5SnORVvh/ZdJ1Sa2U4ZrIMwKBX5k2wu0=", + "lastModified": 1721559948, + "narHash": "sha256-cFgdjyK/VBM3hB1RfFHXcI/VOCBVAv813s1upHKX7bI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b3582c75c7f21ce0b429898980eddbbf05c68e55", + "rev": "c19d62ad2265b16e2199c5feb4650fe459ca1c46", "type": "github" }, "original": { @@ -982,43 +1021,27 @@ }, "nixpkgs_10": { "locked": { - "lastModified": 1746810718, - "narHash": "sha256-VljtYzyttmvkWUKTVJVW93qAsJsrBbgAzy7DdnJaQfI=", + "lastModified": 1713128889, + "narHash": "sha256-aB90ZqzosyRDpBh+rILIcyP5lao8SKz8Sr2PSWvZrzk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0c0bf9c057382d5f6f63d54fd61f1abd5e1c2f63", + "rev": "2748d22b45a99fb2deafa5f11c7531c212b2cefa", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-24.11", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_11": { "locked": { - "lastModified": 1743315132, - "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", + "lastModified": 1718530797, + "narHash": "sha256-pup6cYwtgvzDpvpSCFh1TEUjw2zkNpk8iolbKnyFmmU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "52faf482a3889b7619003c0daec593a1912fddc1", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_12": { - "locked": { - "lastModified": 1747179050, - "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", + "rev": "b60ebf54c15553b393d144357375ea956f89e9a9", "type": "github" }, "original": { @@ -1030,27 +1053,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1726042813, - "narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=", + "lastModified": 1676300157, + "narHash": "sha256-1HjRzfp6LOLfcj/HJHdVKWAkX9QRAouoh6AjzJiIerU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "159be5db480d1df880a0135ca0bfed84c2f88353", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1745526057, - "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "f771eb401a46846c1aebd20552521b233dd7e18b", + "rev": "545c7a31e5dedea4a6d372712a18e00ce097d462", "type": "github" }, "original": { @@ -1060,13 +1067,13 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { - "lastModified": 1722640603, - "narHash": "sha256-TcXjLVNd3VeH1qKPH335Tc4RbFDbZQX+d7rqnDUoRaY=", + "lastModified": 1702539185, + "narHash": "sha256-KnIRG5NMdLIpEkZTnN5zovNYc0hhXjAgv6pfd5Z4c7U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "81610abc161d4021b29199aa464d6a1a521e0cc9", + "rev": "aa9d4729cbc99dabacb50e3994dcefb3ea0f7447", "type": "github" }, "original": { @@ -1076,7 +1083,39 @@ "type": "github" } }, + "nixpkgs_4": { + "locked": { + "lastModified": 1718160348, + "narHash": "sha256-9YrUjdztqi4Gz8n3mBuqvCkMo4ojrA6nASwyIKWMpus=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "57d6973abba7ea108bac64ae7629e7431e0199b6", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs_5": { + "locked": { + "lastModified": 1696261572, + "narHash": "sha256-s8TtSYJ1LBpuITXjbPLUPyxzAKw35LhETcajJjCS5f0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0c7ffbc66e6d78c50c38e717ec91a2a14e0622fb", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { "locked": { "lastModified": 1702272962, "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", @@ -1092,13 +1131,13 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { - "lastModified": 1728492678, - "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", + "lastModified": 1719075281, + "narHash": "sha256-CyyxvOwFf12I91PBWz43iGT1kjsf5oi6ax7CrvaMyAo=", "owner": "nixOS", "repo": "nixpkgs", - "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", + "rev": "a71e967ef3694799d0c418c98332f7ff4cc5f6af", "type": "github" }, "original": { @@ -1108,45 +1147,13 @@ "type": "github" } }, - "nixpkgs_7": { - "locked": { - "lastModified": 1738452225, - "narHash": "sha256-Qmwx3FXM0x0pdjibwTk/uRbayqDrs3EwmRJe7tQWu48=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "6c4e0724e0a785a20679b1bca3a46bfce60f05b6", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_8": { "locked": { - "lastModified": 1743583204, - "narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=", + "lastModified": 1708751719, + "narHash": "sha256-0uWOKSpXJXmXswOvDM5Vk3blB74apFB6rNGWV5IjoN0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_9": { - "locked": { - "lastModified": 1737003892, - "narHash": "sha256-RCzJE9wKByLCXmRBp+z8LK9EgdW+K+W/DXnJS4S/NVo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "ae06b9c2d83cb5c8b12d7d0e32692e93d1379713", + "rev": "f63ce824cd2f036216eb5f637dfef31e1a03ee89", "type": "github" }, "original": { @@ -1156,12 +1163,47 @@ "type": "github" } }, + "nixpkgs_9": { + "locked": { + "lastModified": 1720954236, + "narHash": "sha256-1mEKHp4m9brvfQ0rjCca8P1WHpymK3TOr3v34ydv9bs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "53e81e790209e41f0c1efa9ff26ff2fd7ab35e27", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nur": { + "locked": { + "lastModified": 1697363080, + "narHash": "sha256-/49Rh5mohp0ZD6HaNbDn9oIsLt+d7Tzbc/BGkb/7o+g=", + "owner": "nix-community", + "repo": "NUR", + "rev": "5771ba6f22db037b037a8bdd82acc5467c965c7e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, "pre-commit-hooks-nix": { "inputs": { "flake-compat": [ "lanzaboote", "flake-compat" ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], "gitignore": "gitignore", "nixpkgs": [ "lanzaboote", @@ -1170,11 +1212,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1717664902, - "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=", + "lastModified": 1681413034, + "narHash": "sha256-/t7OjNQcNkeWeSq/CFLYVBfm+IEnkjoSm9iKvArnUUI=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1", + "rev": "d3de8f69ca88fb6f8b09e5b598be5ac98d28ede5", "type": "github" }, "original": { @@ -1188,10 +1230,9 @@ "arion": "arion", "conduit": "conduit", "crane": "crane_3", - "darwin": "darwin", "deploy-rs": "deploy-rs", "dtth-phanpy": "dtth-phanpy", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_5", "home-manager": "home-manager", "home-manager-unstable": "home-manager-unstable", "kak-lsp": "kak-lsp", @@ -1199,27 +1240,25 @@ "lanzaboote": "lanzaboote", "lix-module": "lix-module", "mpd-mpris": "mpd-mpris", - "niri": "niri", "nix-gaming": "nix-gaming", "nixos-hardware": "nixos-hardware", - "nixos-m1": "nixos-m1", - "nixpkgs": "nixpkgs_10", + "nixpkgs": "nixpkgs_9", "nixpkgs-unstable": "nixpkgs-unstable", - "rust-overlay": "rust-overlay_3", + "nur": "nur", "secrets": "secrets", "sops-nix": "sops-nix", - "youmubot": "youmubot", - "zen-browser": "zen-browser" + "swayfx": "swayfx", + "youmubot": "youmubot" } }, "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1745694049, - "narHash": "sha256-fxvRYH/tS7hGQeg9zCVh5RBcSWT+JGJet7RA8Ss+rC0=", + "lastModified": 1709571018, + "narHash": "sha256-ISFrxHxE0J5g7lDAscbK88hwaT5uewvWoma9TlFmRzM=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "d8887c0758bbd2d5f752d5bd405d4491e90e7ed6", + "rev": "9f14343f9ee24f53f17492c5f9b653427e2ad15e", "type": "github" }, "original": { @@ -1231,18 +1270,21 @@ }, "rust-overlay": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": [ + "crane", + "flake-utils" + ], "nixpkgs": [ - "lanzaboote", + "crane", "nixpkgs" ] }, "locked": { - "lastModified": 1717813066, - "narHash": "sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28=", + "lastModified": 1696299134, + "narHash": "sha256-RS77cAa0N+Sfj5EmKbm5IdncNXaBCE1BSSQvUE8exvo=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "6dc3e45fe4aee36efeed24d64fc68b1f989d5465", + "rev": "611ccdceed92b4d94ae75328148d84ee4a5b462d", "type": "github" }, "original": { @@ -1252,13 +1294,22 @@ } }, "rust-overlay_2": { - "flake": false, + "inputs": { + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, "locked": { - "lastModified": 1686795910, - "narHash": "sha256-jDa40qRZ0GRQtP9EMZdf+uCbvzuLnJglTUI2JoHfWDc=", + "lastModified": 1682129965, + "narHash": "sha256-1KRPIorEL6pLpJR04FwAqqnt4Tzcm4MqD84yhlD+XSk=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "5c2b97c0a9bc5217fc3dfb1555aae0fb756d99f9", + "rev": "2c417c0460b788328220120c698630947547ee83", "type": "github" }, "original": { @@ -1267,50 +1318,27 @@ "type": "github" } }, - "rust-overlay_3": { + "scenefx": { "inputs": { - "nixpkgs": [ - "nixpkgs" - ] + "nixpkgs": "nixpkgs_10" }, "locked": { - "lastModified": 1734747996, - "narHash": "sha256-0DUuObdcPITVOMMymq2y6YlM++QEWXZO3cTm6RGYgL8=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "f9086701f5f3d36b8e5f4a3b9c93579ebc2581e6", + "lastModified": 1715160751, + "narHash": "sha256-S8m7phTU7QYgAq4B0hjH5WdtTjHDcNVhYfPFdhbty+A=", + "owner": "wlrfx", + "repo": "scenefx", + "rev": "2ec3505248e819191c37cb831197629f373326fb", "type": "github" }, "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "rust-overlay_4": { - "inputs": { - "nixpkgs": [ - "youmubot", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1743475035, - "narHash": "sha256-uLjVsb4Rxnp1zmFdPCDmdODd4RY6ETOeRj0IkC0ij/4=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "bee11c51c2cda3ac57c9e0149d94b86cc1b00d13", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", + "owner": "wlrfx", + "repo": "scenefx", "type": "github" } }, "secrets": { "inputs": { - "flake-utils": "flake-utils_7" + "flake-utils": "flake-utils_9" }, "locked": { "lastModified": 1693981285, @@ -1349,6 +1377,27 @@ "type": "github" } }, + "swayfx": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "scenefx": "scenefx" + }, + "locked": { + "lastModified": 1715273144, + "narHash": "sha256-x8z/sjtJPojvaXiOUDvADiSU/QmSo8cqKQ1X4g+5dw4=", + "owner": "WillPower3309", + "repo": "swayfx", + "rev": "3c621dec7d653231f960d377fcb3ceeed55953e2", + "type": "github" + }, + "original": { + "owner": "WillPower3309", + "repo": "swayfx", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -1469,34 +1518,24 @@ "type": "github" } }, - "umu": { - "inputs": { - "nixpkgs": [ - "nix-gaming", - "nixpkgs" - ] - }, + "systems_9": { "locked": { - "dir": "packaging/nix", - "lastModified": 1737484151, - "narHash": "sha256-pONHsVIyIHbjyv51JQW3Nv9JeuqiVEuINyH+HnN4f8Q=", - "ref": "refs/heads/main", - "rev": "0cac244cc89ee69bf33ad60a3953cfde188ee8a6", - "revCount": 907, - "submodules": true, - "type": "git", - "url": "https://github.com/Open-Wine-Components/umu-launcher/" + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" }, "original": { - "dir": "packaging/nix", - "submodules": true, - "type": "git", - "url": "https://github.com/Open-Wine-Components/umu-launcher/" + "owner": "nix-systems", + "repo": "default", + "type": "github" } }, "utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { "lastModified": 1701680307, @@ -1512,51 +1551,18 @@ "type": "github" } }, - "xwayland-satellite-stable": { - "flake": false, - "locked": { - "lastModified": 1739246919, - "narHash": "sha256-/hBM43/Gd0/tW+egrhlWgOIISeJxEs2uAOIYVpfDKeU=", - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "rev": "44590a416d4a3e8220e19e29e0b6efe64a80315d", - "type": "github" - }, - "original": { - "owner": "Supreeeme", - "ref": "v0.5.1", - "repo": "xwayland-satellite", - "type": "github" - } - }, - "xwayland-satellite-unstable": { - "flake": false, - "locked": { - "lastModified": 1743346993, - "narHash": "sha256-i7rWd/5BcqLgQEtB5L/6gKN5R5GUJcmm34F+iBivH60=", - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "rev": "45c055696437a08e3989d9b91d9c617b84cc2bc3", - "type": "github" - }, - "original": { - "owner": "Supreeeme", - "repo": "xwayland-satellite", - "type": "github" - } - }, "youmubot": { "inputs": { - "flake-utils": "flake-utils_8", - "nixpkgs": "nixpkgs_11", - "rust-overlay": "rust-overlay_4" + "crane": "crane_5", + "flake-utils": "flake-utils_10", + "nixpkgs": "nixpkgs_11" }, "locked": { - "lastModified": 1747089814, - "narHash": "sha256-jxW/kxkPWAg39JOgRNhK+FwKlIi3TjQOe44Rx7Ow9TM=", + "lastModified": 1720930588, + "narHash": "sha256-Ue3ZRLUU/VoN0SUOCcAwR5LZJac9UgaSA9To//rP7fU=", "owner": "natsukagami", "repo": "youmubot", - "rev": "cdd85dae7148d56ee16c4b02ed248fc7f7e7f5a4", + "rev": "dc02b4b7e280a8d5f129b5f43636407a2e4b96ea", "type": "github" }, "original": { @@ -1564,24 +1570,6 @@ "repo": "youmubot", "type": "github" } - }, - "zen-browser": { - "inputs": { - "nixpkgs": "nixpkgs_12" - }, - "locked": { - "lastModified": 1747282003, - "narHash": "sha256-UlCfXNncIYwUvPxHngoH6pY4fiZlU8Z2Ve/gUEn6h+o=", - "owner": "youwen5", - "repo": "zen-browser-flake", - "rev": "952ca99903f19a7096a3709f2938d9c7840a5f91", - "type": "github" - }, - "original": { - "owner": "youwen5", - "repo": "zen-browser-flake", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index c41a040..6cf679d 100644 --- a/flake.nix +++ b/flake.nix @@ -2,12 +2,10 @@ description = "nki's systems"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; nixos-hardware.url = "github:nixos/nixos-hardware"; - darwin.url = "github:lnl7/nix-darwin/master"; - darwin.inputs.nixpkgs.follows = "nixpkgs-unstable"; - home-manager.url = "github:nix-community/home-manager/release-24.11"; + home-manager.url = "github:nix-community/home-manager/release-24.05"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager-unstable.url = "github:nix-community/home-manager"; home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable"; @@ -15,166 +13,113 @@ sops-nix.inputs.nixpkgs.follows = "nixpkgs-unstable"; sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs"; deploy-rs.url = "github:Serokell/deploy-rs"; + nur.url = "github:nix-community/NUR"; # --- Secure boot lanzaboote = { - url = "github:nix-community/lanzaboote/v0.4.2"; + url = github:nix-community/lanzaboote/v0.3.0; inputs.nixpkgs.follows = "nixpkgs"; }; # --- Build tools - flake-utils.url = "github:numtide/flake-utils"; - crane.url = "github:ipetkov/crane"; - rust-overlay = { - url = "github:oxalica/rust-overlay"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - arion.url = "github:hercules-ci/arion/v0.2.2.0"; + flake-utils.url = github:numtide/flake-utils; + crane.url = github:ipetkov/crane; + arion.url = github:hercules-ci/arion; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; # --- # Imported apps youmubot.url = "github:natsukagami/youmubot"; - mpd-mpris = { - url = "github:natsukagami/mpd-mpris"; + swayfx = { + url = github:WillPower3309/swayfx; inputs.nixpkgs.follows = "nixpkgs"; }; - dtth-phanpy.url = "git+ssh://gitea@git.dtth.ch/nki-dtth/phanpy?ref=dtth-fork"; - conduit.url = "gitlab:famedly/conduit/v0.10.3"; - nix-gaming.url = "github:fufexan/nix-gaming"; - zen-browser.url = "github:youwen5/zen-browser-flake"; - niri.url = "github:sodiboo/niri-flake"; + mpd-mpris = { + url = github:natsukagami/mpd-mpris; + inputs.nixpkgs.follows = "nixpkgs"; + }; + dtth-phanpy.url = "git+ssh://gitea@git.dtth.ch/nki/phanpy?branch=dtth-fork"; + conduit.url = "gitlab:famedly/conduit/v0.8.0"; + nix-gaming.url = github:fufexan/nix-gaming; # --- Sources - kakoune.url = "github:mawww/kakoune"; + kakoune.url = github:mawww/kakoune; kakoune.flake = false; - kak-lsp.url = "github:kakoune-lsp/kakoune-lsp/v18.1.3"; + kak-lsp.url = github:kakoune-lsp/kakoune-lsp; kak-lsp.flake = false; - nixos-m1.url = "github:tpwrules/nixos-apple-silicon"; - nixos-m1.inputs.nixpkgs.follows = "nixpkgs"; # --- # DEPLOYMENT ONLY! secrets secrets.url = "git+ssh://git@github.com/natsukagami/nix-deploy-secrets"; }; - outputs = - { - self, - darwin, - nixpkgs, - nixpkgs-unstable, - home-manager, - deploy-rs, - sops-nix, - ... - }@inputs: + outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, deploy-rs, sops-nix, nur, ... }@inputs: let overlays = import ./overlay.nix inputs; lib = nixpkgs.lib; - applyOverlays = - { ... }: - { - nixpkgs.overlays = lib.mkAfter overlays; - }; + applyOverlays = { ... }: { + nixpkgs.overlays = lib.mkBefore overlays; + }; - nixpkgsAsRegistry_ = - stable: - { lib, ... }: - { - imports = [ applyOverlays ]; - nix.registry.current-system.flake = self; - nix.registry.nixpkgs-unstable.flake = nixpkgs-unstable; - nixpkgs.config.allowUnfree = true; - nix.nixPath = lib.mkDefault [ - "nixpkgs-unstable=${nixpkgs-unstable}" - ]; - }; + nixpkgsAsRegistry_ = stable: { lib, ... }: { + imports = [ applyOverlays ]; + nix.registry.current-system.flake = self; + nix.registry.nixpkgs-unstable.flake = nixpkgs-unstable; + nixpkgs.config.allowUnfree = true; + nix.nixPath = lib.mkDefault [ + "nixpkgs-unstable=${nixpkgs-unstable}" + ]; + }; - osuStable = - { pkgs, ... }: - { - nix.settings = { - substituters = [ "https://nix-gaming.cachix.org" ]; - trusted-public-keys = [ "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" ]; - }; - environment.systemPackages = [ inputs.nix-gaming.packages.${pkgs.hostPlatform.system}.osu-stable ]; - programs.gamemode = { - enable = true; - enableRenice = true; - settings = { - general = { - renice = 10; - }; - - custom = { - start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'"; - end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'"; - }; - }; - }; + osuStable = { pkgs, ... }: { + nix.settings = { + substituters = [ "https://nix-gaming.cachix.org" ]; + trusted-public-keys = [ "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" ]; }; + environment.systemPackages = [ inputs.nix-gaming.packages.${pkgs.hostPlatform.system}.osu-stable ]; + }; # Common Nix modules - common-nix = - stable: - { ... }: - { - imports = [ - (nixpkgsAsRegistry_ stable) - ./common.nix - sops-nix.nixosModules.sops - inputs.lix-module.nixosModules.default - ]; - config.nix.settings.extra-deprecated-features = [ "url-literals" ]; # So lix won't complain - }; - common-nixos = - stable: - { ... }: - { - imports = [ - ./modules/my-tinc - ./modules/common/linux - (common-nix stable) - inputs.secrets.nixosModules.common - inputs.nix-gaming.nixosModules.pipewireLowLatency - inputs.niri.nixosModules.niri - ]; - }; + common-nix = stable: { ... }: { + imports = [ + (nixpkgsAsRegistry_ stable) + ./common.nix + sops-nix.nixosModules.sops + inputs.lix-module.nixosModules.default + ]; + }; + common-nixos = stable: { ... }: { + imports = [ + ./modules/my-tinc + ./modules/common/linux + (common-nix stable) + inputs.secrets.nixosModules.common + inputs.nix-gaming.nixosModules.pipewireLowLatency + ]; + }; - mkPersonalSystem = - nixpkgs-module: system: - { - configuration, - homeManagerUsers ? { }, - extraModules ? [ ], - includeCommonModules ? true, - }: + mkPersonalSystem = nixpkgs-module: system: { configuration + , homeManagerUsers ? { } + , extraModules ? [ ] + , includeCommonModules ? true + , + }: let home-manager-module = - if nixpkgs-module == inputs.nixpkgs then - inputs.home-manager - else if nixpkgs-module == inputs.nixpkgs-unstable then - inputs.home-manager-unstable - else - builtins.abort "Unknown nixpkgs module, use `nixpkgs` or `nixpkgs-unstable`"; + if nixpkgs-module == inputs.nixpkgs then inputs.home-manager + else if nixpkgs-module == inputs.nixpkgs-unstable then inputs.home-manager-unstable + else builtins.abort "Unknown nixpkgs module, use `nixpkgs` or `nixpkgs-unstable`"; in nixpkgs-module.lib.nixosSystem { inherit system; modules = - ( - if includeCommonModules then - [ - (common-nixos nixpkgs-module) - ] - else - [ ] - ) - ++ [ + (if includeCommonModules then [ + (common-nixos nixpkgs-module) + ] else [ ]) ++ [ configuration # Home Manager home-manager-module.nixosModules.home-manager @@ -183,63 +128,16 @@ home-manager.useUserPackages = true; home-manager.users = homeManagerUsers; } - ] - ++ extraModules; - }; - - kakoune-unwrapped-from-pkgs = - pkgs: - pkgs.kakoune-unwrapped.overrideAttrs (attrs: { - version = "r${builtins.substring 0 6 inputs.kakoune.rev}"; - src = inputs.kakoune; - patches = [ - # patches in the original package was already applied - ]; - }); - nki-kakoune-from-pkgs = - pkgs: - pkgs.callPackage ./packages/common/nki-kakoune { - kakoune-unwrapped = kakoune-unwrapped-from-pkgs pkgs; + ] ++ extraModules; }; in { - overlays = { - default = lib.composeManyExtensions overlays; - kakoune = final: prev: { - kakoune-unwrapped = kakoune-unwrapped-from-pkgs prev; - nki-kakoune = final.callPackage ./packages/common/nki-kakoune { }; - }; - }; + overlays.default = lib.composeManyExtensions overlays; packages.x86_64-linux.deploy-rs = deploy-rs.packages.x86_64-linux.default; apps.x86_64-linux.deploy-rs = deploy-rs.apps.x86_64-linux.default; - packages.x86_64-linux.nki-kakoune = nki-kakoune-from-pkgs ( - import nixpkgs-unstable { system = "x86_64-linux"; } - ); - packages.aarch64-linux.nki-kakoune = nki-kakoune-from-pkgs ( - import nixpkgs-unstable { system = "aarch64-linux"; } - ); - packages.aarch64-darwin.nki-kakoune = nki-kakoune-from-pkgs ( - import nixpkgs-unstable { system = "aarch64-darwin"; } - ); - - # MacBook configuration: nix-darwin + home-manager - darwinConfigurations."nki-macbook" = darwin.lib.darwinSystem rec { - system = "aarch64-darwin"; - modules = [ - (common-nix nixpkgs-unstable) - ./darwin/configuration.nix - inputs.home-manager.darwinModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.nki = import ./home/macbook-home.nix; - } - ]; - }; - # Home configuration nixosConfigurations."kagamiPC" = mkPersonalSystem nixpkgs-unstable "x86_64-linux" { configuration = ./nki-home/configuration.nix; @@ -252,17 +150,14 @@ homeManagerUsers.nki = import ./home/nki-x1c1.nix; extraModules = [ inputs.lanzaboote.nixosModules.lanzaboote - ( - { ... }: - { - # Sets up secure boot - boot.loader.systemd-boot.enable = lib.mkForce false; - boot.lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; - }; - } - ) + ({ ... }: { + # Sets up secure boot + boot.loader.systemd-boot.enable = lib.mkForce false; + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + }) ]; }; # framework configuration @@ -272,25 +167,16 @@ extraModules = [ inputs.lanzaboote.nixosModules.lanzaboote inputs.nixos-hardware.nixosModules.framework-13-7040-amd - ( - { ... }: - { - # Sets up secure boot - boot.loader.systemd-boot.enable = lib.mkForce false; - boot.lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; - }; - } - ) + ({ ... }: { + # Sets up secure boot + boot.loader.systemd-boot.enable = lib.mkForce false; + boot.lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + }) ]; }; - # macbook nixos - nixosConfigurations."kagami-air-m1" = mkPersonalSystem nixpkgs "aarch64-linux" { - configuration = ./kagami-air-m1/configuration.nix; - homeManagerUsers.nki = import ./home/macbook-nixos.nix; - extraModules = [ inputs.nixos-m1.nixosModules.apple-silicon-support ]; - }; # DigitalOcean node nixosConfigurations."nki-personal-do" = mkPersonalSystem nixpkgs "x86_64-linux" { @@ -312,8 +198,8 @@ # This is highly advised, and will prevent many possible mistakes checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; - } - // (inputs.flake-utils.lib.eachDefaultSystem (system: { - formatter = nixpkgs.legacyPackages.${system}.nixfmt-rfc-style; + } // (inputs.flake-utils.lib.eachDefaultSystem (system: { + formatter = nixpkgs.legacyPackages.${system}.nixpkgs-fmt; })); } + diff --git a/home/common-linux.nix b/home/common-linux.nix index 3edbaf9..947d612 100644 --- a/home/common-linux.nix +++ b/home/common-linux.nix @@ -1,70 +1,57 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let - kwallet = - { pkgs, lib, ... }: - { - home.packages = with pkgs; [ - kdePackages.kwallet - kdePackages.ksshaskpass - ]; - home.sessionVariables = { - # https://wiki.archlinux.org/title/KDE_Wallet#Using_the_KDE_Wallet_to_store_ssh_key_passphrases - SSH_ASKPASS = lib.getExe pkgs.kdePackages.ksshaskpass; - SSH_ASKPASS_REQUIRE = "prefer"; - }; - # Enable this for sway - wayland.windowManager.sway.config.startup = [ - { command = "${pkgs.kdePackages.kwallet-pam}/libexec/pam_kwallet_init"; } - ]; - # Automatic dbus activation - xdg.dataFile."dbus-1/services/org.freedesktop.secrets.service".text = '' - [D-BUS Service] - Name=org.freedesktop.secrets - Exec=${pkgs.kdePackages.kwallet}/bin/kwalletd6 - ''; + kwallet = { pkgs, lib, ... }: { + home.packages = with pkgs; [ kdePackages.kwallet kdePackages.ksshaskpass ]; + home.sessionVariables = { + # https://wiki.archlinux.org/title/KDE_Wallet#Using_the_KDE_Wallet_to_store_ssh_key_passphrases + SSH_ASKPASS = lib.getExe pkgs.kdePackages.ksshaskpass; + SSH_ASKPASS_REQUIRE = "prefer"; }; + # Enable this for sway + wayland.windowManager.sway.config.startup = [ + { command = "${pkgs.kdePackages.kwallet-pam}/libexec/pam_kwallet_init"; } + ]; + # Automatic dbus activation + xdg.dataFile."dbus-1/services/org.freedesktop.secrets.service".text = '' + [D-BUS Service] + Name=org.freedesktop.secrets + Exec=${pkgs.kdePackages.kwallet}/bin/kwalletd6 + ''; + }; in { imports = [ ./modules/monitors.nix ./modules/linux/graphical ./modules/X11/xfce4-notifyd.nix + ./modules/programs/discord.nix kwallet ]; - config = ( - mkIf pkgs.stdenv.isLinux { - home.packages = with pkgs; [ - psmisc # killall and friends - file # Query file type - zip - python3 + config = (mkIf pkgs.stdenv.isLinux { + home.packages = with pkgs; [ + psmisc # killall and friends + file # Query file type - pinentry-gnome3 # until pinentry-qt introduces caching - ]; + pinentry-gnome3 # until pinentry-qt introduces caching + ]; - systemd.user.startServices = "sd-switch"; + systemd.user.startServices = "sd-switch"; - # Audio stuff! - # services.easyeffects.enable = true; + # Audio stuff! + services.easyeffects.enable = true; - # Bluetooth controls - # services.mpris-proxy.enable = true; + # Bluetooth controls + # services.mpris-proxy.enable = true; - # Owncloud - services.owncloud-client.enable = true; - services.owncloud-client.package = pkgs.owncloud-client.overrideAttrs (attrs: { - buildInputs = attrs.buildInputs ++ [ pkgs.qt6.qtwayland ]; - }); - systemd.user.services.owncloud-client.Unit.After = [ "graphical-session.target" ]; + # Owncloud + services.owncloud-client.enable = true; + services.owncloud-client.package = pkgs.owncloud-client.overrideAttrs (attrs: { + buildInputs = attrs.buildInputs ++ [ pkgs.qt6.qtwayland ]; + }); - # UDisks automounter - services.udiskie.enable = true; - } - ); + # UDisks automounter + services.udiskie.enable = true; + }); } + diff --git a/home/common.nix b/home/common.nix index 1732ed9..b646fc1 100644 --- a/home/common.nix +++ b/home/common.nix @@ -1,18 +1,11 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, ... }: { imports = [ - ./kakoune.nix + ./kakoune/kak.nix ./fish/fish.nix ./modules/programs/my-broot.nix - ./modules/programs/my-waybar.nix ./modules/programs/my-sway - ./modules/programs/my-niri.nix ./modules/programs/my-kitty ./modules/programs/openconnect-epfl.nix ./common-linux.nix @@ -21,9 +14,8 @@ # Let Home Manager install and manage itself. programs.home-manager.enable = true; - # Temporarily disable the manuals - manual.html.enable = false; - # manual.manpage.enable = false; + # Enable the manual so we don't have to load it + manual.html.enable = true; # Packages that are not in programs section home.packages = with pkgs; [ @@ -33,16 +25,11 @@ ripgrep openssh tea # gitea CLI (gh-like) - glab # gitlab CLI fx # JSON viewer glow # Markdown viewer nix-output-monitor # Nice nix output formatting - unstable.scala-next ## PDF Processors poppler_utils - # TeX - texlive.combined.scheme-full - inkscape # for TeX svg ## htop replacement htop-vim ## Bitwarden @@ -53,9 +40,6 @@ zstd atool ]; - home.file.".latexmkrc".text = '' - $pdf_previewer = '${lib.getExe' pkgs.xdg-utils "xdg-open"}'; - ''; home.sessionVariables = { # Bat theme @@ -118,9 +102,8 @@ .envrc .kakrc ''}"; - commit.verbose = true; safe.directory = "*"; - merge.conflictstyle = "zdiff3"; + merge.conflictstyle = "diff3"; }; }; diff --git a/home/config.nix b/home/config.nix index 1dd1750..ce46830 100644 --- a/home/config.nix +++ b/home/config.nix @@ -1,3 +1,8 @@ { allowUnfree = true; + packageOverrides = pkgs: { + nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { + inherit pkgs; + }; + }; } diff --git a/home/fish/fish.nix b/home/fish/fish.nix index 9cb4b9b..753ff05 100644 --- a/home/fish/fish.nix +++ b/home/fish/fish.nix @@ -1,10 +1,4 @@ -{ - config, - options, - pkgs, - lib, - ... -}: +{ config, options, pkgs, lib, ... }: with lib; let @@ -19,9 +13,6 @@ let if which sway &>/dev/null set -a CHOICES "sway" end - if which niri-session &>/dev/null - set -a CHOICES "Niri" - end if which startplasma-wayland &>/dev/null set -a CHOICES "KDE Plasma" end @@ -31,8 +22,6 @@ let case "sway" systemctl --user unset-environment NIXOS_OZONE_WL exec sway - case "Niri" - exec niri-session case "KDE Plasma" exec ${pkgs.kdePackages.plasma-workspace}/libexec/plasma-dbus-run-session-if-needed startplasma-wayland case '*' @@ -64,7 +53,8 @@ in functions = { rebuild = { body = '' - pls nixos-rebuild --flake ~/.config/nixpkgs -L --log-format internal-json -v $argv \ + command sudo -v && \ + command sudo nixos-rebuild --flake ~/.config/nixpkgs -L --log-format internal-json -v $argv \ &| ${pkgs.nix-output-monitor}/bin/nom --json ''; wraps = "nixos-rebuild"; @@ -72,18 +62,19 @@ in # Simplify nix usage! nx = { body = '' - argparse -s 'h/help' 'impure' 'u/unstable' 'g/git' -- $argv - if set -q _flag_help || test (count $argv) -eq 0 - echo "nx [--impure] [-u/--unstable/-g/--git] {package} [args...]" - return 1 + set impure + if test $argv[1] = "--impure" + set impure "--impure" + set argv $argv[2..] + end + if test (count $argv) -gt 0 + nix run $impure nixpkgs#$argv[1] -- $argv[2..] else - set -q _flag_impure && set impure "--impure" - set nixpkgs "nixpkgs" - set -q _flag_unstable && set nixpkgs "nixpkgs-unstable" - set -q _flag_git && set nixpkgs "github:nixOS/nixpkgs/nixpkgs-unstable" - nix run $impure $nixpkgs"#"$argv[1] -- $argv[2..] + echo "nx [--impure] {package} [args...]" + return 1 end ''; + wraps = "nix run"; description = "Runs an app from the nixpkgs store."; }; @@ -91,35 +82,25 @@ in description = "Spawns a shell from the given nixpkgs packages"; wraps = "nix shell"; body = '' - function help - echo "nsh [--impure] [--impure] [-u/--unstable/-g/--git] {package}* [-c command args...]" + set impure + if test $argv[1] = "--impure" + set impure "--impure" + set argv $argv[2..] end - argparse -s 'h/help' 'impure' 'u/unstable' 'g/git' -- $argv - if set -q _flag_help || test (count $argv) -eq 0 - help - return 0 - end - set packages $argv - set minusc (contains -i -- "-c" $argv) - if test -n "$minusc" - if test $minusc -eq 1 - help + if test (count $argv) -gt 0 + set minusc (contains -i -- "-c" $argv) + if test -z $minusc + nix shell $impure nixpkgs#$argv -c fish + else if test $minusc -eq (count $argv) + echo "nsh [--impure] {packages} [-c command args...]" return 1 + else + nix shell $impure nixpkgs#$argv[..(math $minusc - 1)] $argv[$minusc..] end - set packages $argv[..(math $minusc - 1)] - set argv $argv[(math $minusc + 1)..] else - set argv "fish" "-i" - end - if test (count $packages) -eq 0 - help + echo "nsh [--impure] {packages} [-c command args...]" return 1 end - set -q _flag_impure && set impure "--impure" - set nixpkgs "nixpkgs" - set -q _flag_unstable && set nixpkgs "nixpkgs-unstable" - set -q _flag_git && set nixpkgs "github:nixOS/nixpkgs/nixpkgs-unstable" - nix shell $impure $nixpkgs"#"$packages --command $argv ''; }; # Grep stuff @@ -137,32 +118,9 @@ in }; echo-today = "date +%F"; newfile = "mkdir -p (dirname $argv[-1]) && touch $argv"; - - # pls - pls = { - wraps = "sudo"; - body = '' - set -l cmd "`"(string join " " -- $argv)"`" - echo "I-It's not like I'm gonna run "$cmd" for you or a-anything! Baka >:C" >&2 - # Send a notification on password prompt - if command sudo -vn 2>/dev/null - # nothing to do, user already authenticated - else - # throw a notification - set notif_id (kitten notify -P \ - -p ${./haruka.png} \ - -a "pls" \ - -u critical \ - "A-a command requires your p-password" \ - (printf "I-I need your p-password to r-run the following c-command:\n\n%s" $cmd)) - command sudo -v -p "P-password please: " - kitten notify -i $notif_id "" - end - command sudo $argv - ''; - }; }; + tide = { enable = true; leftItems = options.programs.fish.tide.leftItems.default; @@ -173,12 +131,14 @@ in cat = "bat --theme=GitHub "; catp = "bat --theme=GitHub -p "; l = "exa -l --color=always "; - e = "$EDITOR"; "cp+" = "rsync -avzP"; }; everywhereAbbrs = { - lsports = if pkgs.stdenv.isDarwin then "lsof -i -P | grep LISTEN" else "ss -tulp"; + lsports = + if pkgs.stdenv.isDarwin + then "lsof -i -P | grep LISTEN" + else "ss -tulp"; }; shellInit = '' @@ -208,6 +168,13 @@ in echo (__original_fish_title) - fish end + # Set up an editor alias + if test -n "$EDITOR" + alias e="$EDITOR" + else + alias e="kak" + end + # Source iTerm2 integration if test -e ~/.iterm2_shell_integration.fish; and test $__CFBundleIdentifier = "com.googlecode.iterm2" source ~/.iterm2_shell_integration.fish @@ -230,11 +197,11 @@ in bind -M default gl end-of-line # Everywhere abbrs - ${concatStringsSep "\n" ( - mapAttrsToList ( - k: v: "abbr --add --position anywhere -- ${k} ${escapeShellArg v}" - ) config.programs.fish.everywhereAbbrs - )} + ${ + concatStringsSep "\n" + (mapAttrsToList (k: v: "abbr --add --position anywhere -- ${k} ${escapeShellArg v}") + config.programs.fish.everywhereAbbrs) + } # Replace today with actual today abbr --add --position anywhere today -f echo-today @@ -286,8 +253,8 @@ in target = ".config/fish/conf.d/change_cmd.fish"; }; "fish/pls.fish" = { - source = ./pls_extra.fish; - target = ".config/fish/conf.d/pls_extra.fish"; + source = ./. + "/pls.fish"; + target = ".config/fish/conf.d/pls.fish"; }; }; } diff --git a/home/fish/haruka.png b/home/fish/haruka.png deleted file mode 100644 index c75ddd9..0000000 Binary files a/home/fish/haruka.png and /dev/null differ diff --git a/home/fish/pls.fish b/home/fish/pls.fish new file mode 100644 index 0000000..35080d7 --- /dev/null +++ b/home/fish/pls.fish @@ -0,0 +1,155 @@ +alias sue="pls -e" + +function pls + set -l cmd "`"(string join " " -- $argv)"`" + echo "I-It's not like I'm gonna run "$cmd" for you or a-anything! Baka >:C" >&2 + # Send a notification on password prompt + if command sudo -vn 2>/dev/null + # nothing to do, user already authenticated + else + # throw a notification + # notify-send -t 3000 -u critical -i ~/Downloads/harukablush.jpg -h "STRING:command:"$cmd "A-a command requires your p-password" (printf "I-I need your p-password to r-run the following c-command: %s" $cmd) + end + command sudo $argv +end + +function sudo + echo "Not polite enough." +end + +function __fish_prepend_pls -d "Prepend 'pls ' to the beginning of the current commandline" + # If there is no commandline, insert the last item from history + # and *then* toggle + if not commandline | string length -q + commandline -r "$history[1]" + end + + set -l cmd (commandline -po) + set -l cursor (commandline -C) + + if test "$cmd[1]" = e + commandline -C 0 + commandline -i "su" + commandline -C (math $cursor + 2) + else if test "$cmd[1]" = sue + commandline -r (string sub --start=3 (commandline -p)) + commandline -C -- (math $cursor - 2) + else if test "$cmd[1]" != pls + commandline -C 0 + commandline -i "pls " + commandline -C (math $cursor + 4) + else + commandline -r (string sub --start=5 (commandline -p)) + commandline -C -- (math $cursor - 4) + end +end + +bind --preset -e -M insert \es +bind -M insert \es __fish_prepend_pls + +function __fish_man_page + # Get all commandline tokens not starting with "-" + set -l args (commandline -po | string match -rv '^-') + + # If commandline is empty, exit. + if not set -q args[1] + printf \a + return + end + + #Skip `pls` and display then manpage of following command + while set -q args[2] + and string match -qr -- '^(pls|.*=.*)$' $args[1] + set -e args[1] + end + + # If there are at least two tokens not starting with "-", the second one might be a subcommand. + # Try "man first-second" and fall back to "man first" if that doesn't work out. + set -l maincmd (basename $args[1]) + if set -q args[2] + # HACK: If stderr is not attached to a terminal `less` (the default pager) + # wouldn't use the alternate screen. + # But since we don't know what pager it is, and because `man` is totally underspecified, + # the best we can do is to *try* the man page, and assume that `man` will return false if it fails. + # See #7863. + if man "$maincmd-$args[2]" &>/dev/null + man "$maincmd-$args[2]" + else if man "$maincmd" &>/dev/null + man "$maincmd" + else + printf \a + end + else + if man "$maincmd" &>/dev/null + man "$maincmd" + else + printf \a + end + end + + commandline -f repaint +end + +# +# Completion for pls +# + +function __fish_pls_print_remaining_args + set -l tokens (commandline -opc) (commandline -ct) + set -e tokens[1] + # These are all the options mentioned in the man page for Todd Miller's "pls.ws" pls (in that order). + # If any other implementation has different options, this should be harmless, since they shouldn't be used anyway. + set -l opts A/askpass b/background C/close-from= E/preserve-env='?' + # Note that "-h" is both "--host" (which takes an option) and "--help" (which doesn't). + # But `-h` as `--help` only counts when it's the only argument (`pls -h`), + # so any argument completion after that should take it as "--host". + set -a opts e/edit g/group= H/set-home h/host= 1-help + set -a opts i/login K/remove-timestamp k/reset-timestamp l/list n/non-interactive + set -a opts P/preserve-groups p/prompt= S/stdin s/shell U/other-user= + set -a opts u/user= T/command-timeout= V/version v/validate + argparse -s $opts -- $tokens 2>/dev/null + # The remaining argv is the subcommand with all its options, which is what + # we want. + if test -n "$argv" + and not string match -qr '^-' $argv[1] + string join0 -- $argv + return 0 + else + return 1 + end +end + +function __fish_pls_no_subcommand + not __fish_pls_print_remaining_args >/dev/null +end + +function __fish_complete_pls_subcommand + set -l args (__fish_pls_print_remaining_args | string split0) + set -lx -a PATH /usr/local/sbin /sbin /usr/sbin + __fish_complete_subcommand --commandline $args +end + +# All these options should be valid for GNU and OSX pls +complete -c pls -n __fish_no_arguments -s h -d "Display help and exit" +complete -c pls -n __fish_no_arguments -s V -d "Display version information and exit" +complete -c pls -n __fish_pls_no_subcommand -s A -d "Ask for password via the askpass or \$SSH_ASKPASS program" +complete -c pls -n __fish_pls_no_subcommand -s C -d "Close all file descriptors greater or equal to the given number" -xa "0 1 2 255" +complete -c pls -n __fish_pls_no_subcommand -s E -d "Preserve environment" +complete -c pls -n __fish_pls_no_subcommand -s H -d "Set home" +complete -c pls -n __fish_pls_no_subcommand -s K -d "Remove the credential timestamp entirely" +complete -c pls -n __fish_pls_no_subcommand -s P -d "Preserve group vector" +complete -c pls -n __fish_pls_no_subcommand -s S -d "Read password from stdin" +complete -c pls -n __fish_pls_no_subcommand -s b -d "Run command in the background" +complete -c pls -n __fish_pls_no_subcommand -s e -rF -d Edit +complete -c pls -n __fish_pls_no_subcommand -s g -a "(__fish_complete_groups)" -x -d "Run command as group" +complete -c pls -n __fish_pls_no_subcommand -s i -d "Run a login shell" +complete -c pls -n __fish_pls_no_subcommand -s k -d "Reset or ignore the credential timestamp" +complete -c pls -n __fish_pls_no_subcommand -s l -d "List the allowed and forbidden commands for the given user" +complete -c pls -n __fish_pls_no_subcommand -s n -d "Do not prompt for a password - if one is needed, fail" +complete -c pls -n __fish_pls_no_subcommand -s p -d "Specify a custom password prompt" +complete -c pls -n __fish_pls_no_subcommand -s s -d "Run the given command in a shell" +complete -c pls -n __fish_pls_no_subcommand -s u -a "(__fish_complete_users)" -x -d "Run command as user" +complete -c pls -n __fish_pls_no_subcommand -s v -n __fish_no_arguments -d "Validate the credentials, extending timeout" + +# Complete the command we are executed under pls +complete -c pls -x -n 'not __fish_seen_argument -s e' -a "(__fish_complete_pls_subcommand)" diff --git a/home/fish/pls_extra.fish b/home/fish/pls_extra.fish deleted file mode 100644 index 3aac0ef..0000000 --- a/home/fish/pls_extra.fish +++ /dev/null @@ -1,47 +0,0 @@ -alias sue="pls -e" - -function sudo - echo "Not polite enough." -end - -bind --preset -M visual \es 'fish_commandline_prepend pls' -bind -M insert \es 'fish_commandline_prepend pls' - -function __fish_man_page - # Get all commandline tokens not starting with "-", up to and including the cursor's - set -l args (string match -rv '^-|^$' -- (commandline -cpx && commandline -t)) - - # If commandline is empty, exit. - if not set -q args[1] - printf \a - return - end - - # Skip leading commands and display the manpage of following command - while set -q args[2] - and string match -qr -- '^(and|begin|builtin|caffeinate|command|doas|entr|env|exec|if|mosh|nice|not|or|pipenv|prime-run|setsid|sudo|pls|systemd-nspawn|time|watch|while|xargs|.*=.*)$' $args[1] - set -e args[1] - end - - # If there are at least two tokens not starting with "-", the second one might be a subcommand. - # Try "man first-second" and fall back to "man first" if that doesn't work out. - set -l maincmd (path basename $args[1]) - # HACK: If stderr is not attached to a terminal `less` (the default pager) - # wouldn't use the alternate screen. - # But since we don't know what pager it is, and because `man` is totally underspecified, - # the best we can do is to *try* the man page, and assume that `man` will return false if it fails. - # See #7863. - if set -q args[2] - and not string match -q -- '*/*' $args[2] - and man "$maincmd-$args[2]" &>/dev/null - man "$maincmd-$args[2]" - else - if man "$maincmd" &>/dev/null - man "$maincmd" - else - printf \a - end - end - - commandline -f repaint -end diff --git a/home/fish/tide/default.nix b/home/fish/tide/default.nix index 3d878ae..2ac4b4c 100644 --- a/home/fish/tide/default.nix +++ b/home/fish/tide/default.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let @@ -47,38 +42,25 @@ in leftItems = mkOption { type = types.listOf types.str; description = "The list of left-items. Note that `newline` and `character` is not included here and will always appear last"; - default = [ - "os" - "context" - "pwd" - "git" - ]; + default = [ "os" "context" "pwd" "git" ]; }; }; config.programs.fish = let - tideItems = attrsets.mapAttrs' ( - name: def: { - name = "_tide_item_${name}"; - value = def; - } - ); + tideItems = attrsets.mapAttrs' (name: def: { name = "_tide_item_${name}"; value = def; }); in mkIf cfg.enable { - functions = tideItems ( - { - nix_shell = '' - # In a Nix Shell - if set -qx DIRENV_FILE && test -f $DIRENV_FILE && rg -q "^use flake" $DIRENV_FILE - set -U tide_nix_shell_color "FFA500" - set -U tide_nix_shell_bg_color normal - _tide_print_item nix_shell "❄" - end - ''; - } - // cfg.items - ); + functions = tideItems ({ + nix_shell = '' + # In a Nix Shell + if set -qx DIRENV_FILE && test -f $DIRENV_FILE && rg -q "^use flake" $DIRENV_FILE + set -U tide_nix_shell_color "FFA500" + set -U tide_nix_shell_bg_color normal + _tide_print_item nix_shell "❄" + end + ''; + } // cfg.items); plugins = [ { name = "tide"; @@ -96,9 +78,7 @@ in config.xdg.configFile."fish/tide/init.fish" = { text = '' # Configure tide items - set -U tide_left_prompt_items ${ - concatMapStringsSep " " escapeShellArg cfg.leftItems - } newline character + set -U tide_left_prompt_items ${concatMapStringsSep " " escapeShellArg cfg.leftItems} newline character set -U tide_right_prompt_items ${concatMapStringsSep " " escapeShellArg cfg.rightItems} time ''; diff --git a/home/images/wallpaper-macbook.jpg b/home/images/wallpaper-macbook.jpg deleted file mode 100644 index 0517cac..0000000 Binary files a/home/images/wallpaper-macbook.jpg and /dev/null differ diff --git a/home/kagami-pc-home.nix b/home/kagami-pc-home.nix index 8574de0..0218c17 100644 --- a/home/kagami-pc-home.nix +++ b/home/kagami-pc-home.nix @@ -1,16 +1,11 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: { imports = [ # Common configuration ./common.nix # osu! - ./osu + ./osu.nix ]; # Home Manager needs a bit of information about you and the @@ -19,59 +14,61 @@ home.homeDirectory = "/home/nki"; # More packages - home.packages = ( - with pkgs; - [ - # Gaming stuff - wineWowPackages.full - # wine-lol - winetricks - lutris - steam + home.packages = (with pkgs; [ + # CLI stuff + zip + # TeX + texlive.combined.scheme-full + inkscape # for TeX svg - # Manage tlmc - flacon - ttaenc - picard - ] - ); + # Gaming stuff + wineWowPackages.full + # wine-lol + winetricks + lutris + steam + + # Manage tlmc + flacon + ttaenc + picard + ]); # Enable X11 configuration linux.graphical.type = "wayland"; linux.graphical.wallpaper = ./images/pixiv_18776904.png; - linux.graphical.defaults.webBrowser.package = pkgs.zen-browser-bin; - linux.graphical.defaults.webBrowser.desktopFile = "zen.desktop"; - programs.my-niri.enable = true; - programs.my-niri.enableLaptop = false; + linux.graphical.defaults.webBrowser = "librewolf.desktop"; programs.my-sway.enable = true; programs.my-sway.fontSize = 15.0; - programs.my-sway.enableLaptop = false; - programs.my-waybar.fontSize = 15.0; - programs.my-waybar.enableMpd = true; + programs.my-sway.enableLaptopBars = false; + programs.my-sway.enableMpd = true; # Keyboard options wayland.windowManager.sway.config.input."type:keyboard".xkb_layout = "jp"; wayland.windowManager.sway.config.input."type:pointer".accel_profile = "flat"; # 144hz adaptive refresh ON! + wayland.windowManager.sway.config.output = + let + scale = 1.5; + top_x = builtins.ceil (3840 / scale); + top_y = 0; + in + with config.common.monitors; { + ${home_4k.name} = { + scale = toString scale; + position = "0 0"; + }; + ${home_1440.name} = { + position = "${toString top_x} ${toString top_y}"; + }; + }; nki.programs.kitty.enable = true; nki.programs.kitty.fontSize = 14; - programs.my-waybar.makeBars = - with config.common.monitors; - barWith: [ - # For primary - (barWith { - extraSettings = { - output = [ home_4k.meta.connection ]; - }; - }) - # For secondary, hide mpd - (barWith { - showMedia = false; - showConnectivity = false; - extraSettings = { - output = [ home_1440.meta.connection ]; - }; - }) - ]; + programs.my-sway.waybar.makeBars = with config.common.monitors; barWith: [ + # For primary + (barWith { extraSettings = { output = [ home_4k.name ]; }; }) + # For secondary, hide mpd + (barWith { showMedia = false; showConnectivity = false; extraSettings = { output = [ home_1440.name ]; }; }) + ]; # Yellow light! services.wlsunset = { @@ -92,28 +89,10 @@ # ncmpcpp programs.ncmpcpp.enable = true; programs.ncmpcpp.bindings = [ - { - key = "j"; - command = "scroll_down"; - } - { - key = "k"; - command = "scroll_up"; - } - { - key = "J"; - command = [ - "select_item" - "scroll_down" - ]; - } - { - key = "K"; - command = [ - "select_item" - "scroll_up" - ]; - } + { key = "j"; command = "scroll_down"; } + { key = "k"; command = "scroll_up"; } + { key = "J"; command = [ "select_item" "scroll_down" ]; } + { key = "K"; command = [ "select_item" "scroll_up" ]; } ]; programs.ncmpcpp.settings = { # General @@ -171,3 +150,4 @@ # changes in each release. home.stateVersion = "21.05"; } + diff --git a/home/kakoune.nix b/home/kakoune.nix deleted file mode 100644 index 5f8e6eb..0000000 --- a/home/kakoune.nix +++ /dev/null @@ -1,184 +0,0 @@ -{ pkgs, lib, ... }: -let - -in -{ - imports = [ ./modules/programs/my-kakoune ]; - - home.packages = with pkgs; [ - # ctags for peneira - universal-ctags - # tree-sitter for kak - kak-tree-sitter - ]; - - # xdg.configFile."kak-tree-sitter/config.toml".source = ./kak-tree-sitter.toml; - - # Enable the kakoune package. - programs.my-kakoune.enable = true; - programs.my-kakoune.enable-fish-session = true; - programs.my-kakoune.tree-sitter.extraAliases = { - # Scala stuff - method = "function"; - module = "namespace"; - function_call = "function"; - method_call = "method"; - - boolean = "constant_builtin_boolean"; - number = "constant_numeric"; - float = "constant_numeric_float"; - - type_qualifier = "keyword_special"; - storageclass = "keyword_storage_modifier"; - conditional = "keyword_conditional"; - include = "keyword_control_import"; - }; - programs.my-kakoune.tree-sitter.languages = - let - tree-sitter-go = pkgs.fetchFromGitHub { - owner = "tree-sitter"; - repo = "tree-sitter-go"; - rev = "v0.20.0"; - hash = "sha256-G7d8CHCyKDAb9j6ijRfHk/HlgPqSI+uvkuRIRRvjkHI="; - }; - in - { - scala = - let - src = pkgs.fetchFromGitHub { - owner = "tree-sitter"; - repo = "tree-sitter-scala"; - rev = "70afdd5632d57dd63a960972ab25945e353a52f6"; - hash = "sha256-bi0Lqo/Zs2Uaz1efuKAARpEDg5Hm59oUe7eSXgL1Wow="; - }; - in - { - grammar.src = src; - queries.src = src; - queries.path = "queries/scala"; - }; - haskell = - let - src = pkgs.fetchFromGitHub { - owner = "tree-sitter"; - repo = "tree-sitter-haskell"; - rev = "ba0bfb0e5d8e9e31c160d287878c6f26add3ec08"; - hash = "sha256-ZSOF0CLOn82GwU3xgvFefmh/AD2j5zz8I0t5YPwfan0="; - }; - in - { - grammar.src = src; - grammar.compile.args = [ - "-c" - "-fpic" - "../parser.c" - "../scanner.c" - "../unicode.h" - "-I" - ".." - ]; - queries.src = src; - queries.path = "queries"; - }; - yaml = { - grammar.src = pkgs.fetchFromGitHub { - owner = "ikatyang"; - repo = "tree-sitter-yaml"; - rev = "0e36bed171768908f331ff7dff9d956bae016efb"; - hash = "sha256-bpiT3FraOZhJaoiFWAoVJX1O+plnIi8aXOW2LwyU23M="; - }; - grammar.compile.args = [ - "-c" - "-fpic" - "../scanner.cc" - "../parser.c" - "-I" - ".." - ]; - grammar.link.args = [ - "-shared" - "-fpic" - "scanner.o" - "parser.o" - ]; - grammar.link.flags = [ - "-O3" - "-lstdc++" - ]; - - queries.src = pkgs.fetchFromGitHub { - owner = "helix-editor"; - repo = "helix"; - rev = "dbd248fdfa680373d94fbc10094a160aafa0f7a7"; - hash = "sha256-wk8qVUDFXhAOi1Ibc6iBMzDCXb6t+YiWZcTd0IJybqc="; - }; - queries.path = "runtime/queries/yaml"; - }; - - templ = - let - src = pkgs.fetchFromGitHub { - owner = "vrischmann"; - repo = "tree-sitter-templ"; - rev = "4519e3ec9ca92754ca25659bb1fd410d5e0f8d88"; - hash = "sha256-ic5SlqDEZoYakrJFe0H9GdzravqovlL5sTaHjyhe74M="; - }; - in - { - grammar.src = src; - queries.src = pkgs.runCommandLocal "templ-tree-sitter-queries" { } '' - mkdir -p $out/queries - # copy most stuff from tree-sitter-templ - install -m644 ${src}/queries/templ/* $out/queries - # override inherited files - cat ${tree-sitter-go}/queries/highlights.scm ${src}/queries/templ/highlights.scm > $out/queries/highlights.scm - ''; - queries.path = "queries"; - }; - - go = { - grammar.src = tree-sitter-go; - grammar.compile.args = [ - "-c" - "-fpic" - "../parser.c" - "-I" - ".." - ]; - grammar.link.args = [ - "-shared" - "-fpic" - "parser.o" - ]; - queries.src = tree-sitter-go; - queries.path = "queries"; - }; - - hylo = - let - src = pkgs.fetchFromGitHub { - owner = "natsukagami"; - repo = "tree-sitter-hylo"; - rev = "494cbdff0d13cbc67348316af2efa0286dbddf6f"; - hash = "sha256-R5UeoglCTl0do3VDJ/liCTeqbxU9slvmVKNRA/el2VY="; - }; - in - { - grammar.src = src; - grammar.compile.args = [ - "-c" - "-fpic" - "../parser.c" - "-I" - ".." - ]; - grammar.link.args = [ - "-shared" - "-fpic" - "parser.o" - ]; - queries.src = src; - queries.path = "queries"; - }; - }; -} diff --git a/packages/common/nki-kakoune/autoload/latex.kak b/home/kakoune/autoload/latex.kak similarity index 100% rename from packages/common/nki-kakoune/autoload/latex.kak rename to home/kakoune/autoload/latex.kak diff --git a/packages/common/nki-kakoune/autoload/markdown.kak b/home/kakoune/autoload/markdown.kak similarity index 100% rename from packages/common/nki-kakoune/autoload/markdown.kak rename to home/kakoune/autoload/markdown.kak diff --git a/packages/common/nki-kakoune/themes/catppuccin-latte.kak b/home/kakoune/catppuccin-latte.kak similarity index 100% rename from packages/common/nki-kakoune/themes/catppuccin-latte.kak rename to home/kakoune/catppuccin-latte.kak diff --git a/home/kakoune/kak.nix b/home/kakoune/kak.nix new file mode 100644 index 0000000..c39fca2 --- /dev/null +++ b/home/kakoune/kak.nix @@ -0,0 +1,515 @@ +{ pkgs, lib, ... }: + +let + kak-lsp-frontend = { pkgs, lib, ... }: + let + langserver = name: { + name = "vscode-${name}-language-server"; + value = { + args = [ "--stdio" ]; + command = "vscode-${name}-language-server"; + filetypes = [ name ]; + roots = [ "package.json" ".git" ]; + }; + package = pkgs.nodePackages.vscode-langservers-extracted; + }; + + tailwind = { + command = "tailwindcss-language-server"; + args = [ "--stdio" ]; + filetypes = [ "html" "css" "javascript" "typescript" "templ" ]; + roots = [ "tailwind.config.{js,cjs,mjs,ts}" "package.json" ".git" ]; + settings_section = "tailwindCSS"; + settings.tailwindCSS = { + validate = "warning"; + userLanguages.templ = "html"; + }; + package = pkgs.tailwindcss-language-server; + }; + + templModule = { pkgs, lib, ... }: { + programs.kak-lsp.languageServers."vscode-html-language-server".filetypes = [ "templ" ]; + programs.kak-lsp.languageServers."tailwindcss-language-server".filetypes = [ "templ" ]; + programs.kak-lsp.languageServers.templ = { + command = "templ"; + args = [ "lsp" ]; + filetypes = [ "templ" ]; + roots = [ "go.mod" ".git" ]; + package = pkgs.unstable.templ; + }; + + }; + + in + { + imports = [ templModule ]; + + programs.kak-lsp.languageServers = (builtins.listToAttrs (map langserver [ "html" "css" "json" ])) // { + tailwindcss-language-server = tailwind; + }; + }; + + ltexLsp = { pkgs, lib, ... }: { + programs.kak-lsp.languageServers.ltex-ls = { + command = "ltex-ls"; + args = [ "--log-file=/tmp" ]; + filetypes = [ "latex" "typst" ]; + roots = [ "main.tex" "main.typ" ".git" ]; + package = pkgs.ltex-ls; + }; + }; + +in +{ + imports = [ ../modules/programs/my-kakoune ./kaktex.nix kak-lsp-frontend ltexLsp ]; + + home.packages = with pkgs; [ + # ctags for peneira + universal-ctags + # tree-sitter for kak + kak-tree-sitter + ]; + + # xdg.configFile."kak-tree-sitter/config.toml".source = ./kak-tree-sitter.toml; + + # Enable the kakoune package. + programs.my-kakoune.enable = true; + programs.my-kakoune.enable-fish-session = true; + programs.kak-lsp.enable = true; + programs.kak-lsp.semanticTokens.additionalFaces = [ + # Typst + { face = "header"; token = "heading"; } + { face = "ts_markup_link_url"; token = "link"; } + { face = "ts_markup_link_uri"; token = "ref"; } + { face = "ts_markup_link_label"; token = "label"; } + { face = "ts_property"; token = "pol"; } + { face = "ts_markup_list_checked"; token = "marker"; } + { face = "ts_constant_builtin_boolean"; token = "bool"; } + { face = "ts_keyword_control"; token = "delim"; } + { face = "ts_number"; token = "text"; modifiers = [ "math" ]; } + { face = "ts_markup_bold"; token = "text"; modifiers = [ "strong" ]; } + { face = "ts_markup_italic"; token = "text"; modifiers = [ "emph" ]; } + ]; + + programs.kak-lsp.languageServers.elixir-ls = { + args = [ ]; + command = "elixir-ls"; + filetypes = [ "elixir" ]; + roots = [ "mix.exs" ]; + }; + programs.kak-lsp.languageServers.typescript-language-server = { + args = [ "--stdio" ]; + command = "typescript-language-server"; + filetypes = [ "typescript" "javascript" ]; + roots = [ "package.json" ]; + package = pkgs.nodePackages.typescript-language-server; + }; + programs.kak-lsp.languageServers.fsautocomplete = { + args = [ "--adaptive-lsp-server-enabled" "--project-graph-enabled" "--source-text-factory" "RoslynSourceText" ]; + command = "fsautocomplete"; + filetypes = [ "fsharp" ]; + roots = [ "*.fsproj" ]; + settings_section = "FSharp"; + settings.FSharp = { + AutomaticWorkspaceInit = true; + }; + }; + programs.kak-lsp.languageServers.metals = { + command = "metals"; + filetypes = [ "scala" ]; + roots = [ "build.sbt" "build.sc" ]; + settings_section = "metals"; + settings.metals = { + enableSemanticHighlighting = true; + showInferredType = true; + decorationProvider = true; + inlineDecorationProvider = true; + # From kakoune-lsp's own options + icons = "unicode"; + isHttpEnabled = true; + statusBarProvider = "log-message"; + compilerOptions = { overrideDefFormat = "unicode"; }; + }; + package = pkgs.metals; + }; + programs.kak-lsp.languageServers.texlab = { + command = "texlab"; + filetypes = [ "latex" ]; + roots = [ "main.tex" "all.tex" ".git" ]; + settings_section = "texlab"; + settings.texlab = { + build.executable = "latexmk"; + build.args = [ "-pdf" "-shell-escape" "-interaction=nonstopmode" "-synctex=1" "%f" ]; + + build.forwardSearchAfter = true; + build.onSave = true; + + forwardSearch = + (if pkgs.stdenv.isDarwin then { + executable = "/Applications/Skim.app/Contents/SharedSupport/displayline"; + args = [ "-r" "-g" "%l" "%p" "%f" ]; + } else + { + executable = "${pkgs.zathura}/bin/zathura"; + args = [ "--synctex-forward" "%l:1:%f" "%p" "-x" "${./kaktex} jump %%{input} %%{line} %%{column}" ]; + }); + }; + package = pkgs.texlab; + }; + programs.kak-lsp.languageServers.typst-lsp = { + command = "typst-lsp"; + filetypes = [ "typst" ]; + roots = [ "main.typ" ".git" ]; + settings_section = "typst-lsp"; + settings.typst-lsp = { + experimentalFormatterMode = "on"; + }; + }; + programs.kak-lsp.languageServers.marksman = { + command = "marksman"; + filetypes = [ "markdown" ]; + roots = [ ".marksman.toml" ".git" ]; + package = pkgs.marksman; + }; + programs.kak-lsp.languageServers.rust-analyzer = { + args = [ ]; + command = "rust-analyzer"; + filetypes = [ "rust" ]; + roots = [ "Cargo.toml" ]; + package = pkgs.rust-analyzer; + }; + + programs.my-kakoune.tree-sitter.extraAliases = { + # Scala stuff + method = "function"; + module = "namespace"; + function_call = "function"; + method_call = "method"; + + boolean = "constant_builtin_boolean"; + number = "constant_numeric"; + float = "constant_numeric_float"; + + type_qualifier = "keyword_special"; + storageclass = "keyword_storage_modifier"; + conditional = "keyword_conditional"; + include = "keyword_control_import"; + }; + programs.my-kakoune.tree-sitter.languages = + let + tree-sitter-go = pkgs.fetchFromGitHub { + owner = "tree-sitter"; + repo = "tree-sitter-go"; + rev = "v0.20.0"; + hash = "sha256-G7d8CHCyKDAb9j6ijRfHk/HlgPqSI+uvkuRIRRvjkHI="; + }; + in + { + scala = + let + src = pkgs.fetchFromGitHub { + owner = "tree-sitter"; + repo = "tree-sitter-scala"; + rev = "70afdd5632d57dd63a960972ab25945e353a52f6"; + hash = "sha256-bi0Lqo/Zs2Uaz1efuKAARpEDg5Hm59oUe7eSXgL1Wow="; + }; + in + { + grammar.src = src; + queries.src = src; + queries.path = "queries/scala"; + }; + haskell = + let + src = pkgs.fetchFromGitHub { + owner = "tree-sitter"; + repo = "tree-sitter-haskell"; + rev = "ba0bfb0e5d8e9e31c160d287878c6f26add3ec08"; + hash = "sha256-ZSOF0CLOn82GwU3xgvFefmh/AD2j5zz8I0t5YPwfan0="; + }; + in + { + grammar.src = src; + grammar.compile.args = [ "-c" "-fpic" "../parser.c" "../scanner.c" "../unicode.h" "-I" ".." ]; + queries.src = src; + queries.path = "queries"; + }; + yaml = { + grammar.src = pkgs.fetchFromGitHub { + owner = "ikatyang"; + repo = "tree-sitter-yaml"; + rev = "0e36bed171768908f331ff7dff9d956bae016efb"; + hash = "sha256-bpiT3FraOZhJaoiFWAoVJX1O+plnIi8aXOW2LwyU23M="; + }; + grammar.compile.args = [ "-c" "-fpic" "../scanner.cc" "../parser.c" "-I" ".." ]; + grammar.link.args = [ "-shared" "-fpic" "scanner.o" "parser.o" ]; + grammar.link.flags = [ "-O3" "-lstdc++" ]; + + queries.src = pkgs.fetchFromGitHub { + owner = "helix-editor"; + repo = "helix"; + rev = "dbd248fdfa680373d94fbc10094a160aafa0f7a7"; + hash = "sha256-wk8qVUDFXhAOi1Ibc6iBMzDCXb6t+YiWZcTd0IJybqc="; + }; + queries.path = "runtime/queries/yaml"; + }; + + templ = + let + src = pkgs.fetchFromGitHub { + owner = "vrischmann"; + repo = "tree-sitter-templ"; + rev = "044ad200092170727650fa6d368df66a8da98f9d"; + hash = "sha256-hJuB3h5pp+LLfP0/7bAYH0uLVo+OQk5jpzJb3J9BNkY="; + }; + in + { + grammar.src = src; + queries.src = pkgs.runCommandLocal "templ-tree-sitter-queries" { } '' + mkdir -p $out/queries + # copy most stuff from tree-sitter-templ + install -m644 ${src}/queries/templ/* $out/queries + # override inherited files + cat ${tree-sitter-go}/queries/highlights.scm ${src}/queries/templ/highlights.scm > $out/queries/highlights.scm + ''; + queries.path = "queries"; + }; + + go = { + grammar.src = tree-sitter-go; + grammar.compile.args = [ "-c" "-fpic" "../parser.c" "-I" ".." ]; + grammar.link.args = [ "-shared" "-fpic" "parser.o" ]; + queries.src = tree-sitter-go; + queries.path = "queries"; + }; + + hylo = + let + src = pkgs.fetchFromGitHub { + owner = "natsukagami"; + repo = "tree-sitter-hylo"; + rev = "494cbdff0d13cbc67348316af2efa0286dbddf6f"; + hash = "sha256-R5UeoglCTl0do3VDJ/liCTeqbxU9slvmVKNRA/el2VY="; + }; + in + { + grammar.src = src; + grammar.compile.args = [ "-c" "-fpic" "../parser.c" "-I" ".." ]; + grammar.link.args = [ "-shared" "-fpic" "parser.o" ]; + queries.src = src; + queries.path = "queries"; + }; + }; + + programs.my-kakoune.package = pkgs.kakoune; + programs.my-kakoune.rc = + builtins.readFile ./kakrc + '' + + # Source any settings in the current working directory, + # recursive upwards + evaluate-commands %sh{ + ${pkgs.writeScript "source-pwd" (builtins.readFile ./source-pwd)} + } + ''; + + programs.my-kakoune.extraFaces = { + Default = "%opt{text},%opt{base}"; + BufferPadding = "%opt{base},%opt{base}"; + MenuForeground = "%opt{blue},white+bF"; + MenuBackground = "%opt{sky},white+F"; + Information = "%opt{sky},white"; + # Markdown help color scheme + InfoDefault = "Information"; + InfoBlock = "@block"; + InfoBlockQuote = "+i@block"; + InfoBullet = "@bullet"; + InfoHeader = "@header"; + InfoLink = "@link"; + InfoLinkMono = "+b@mono"; + InfoMono = "@mono"; + InfoRule = "+b@Information"; + InfoDiagnosticError = "@DiagnosticError"; + InfoDiagnosticHint = "@DiagnosticHint"; + InfoDiagnosticInformation = "@Information"; + InfoDiagnosticWarning = "@DiagnosticWarning"; + # Extra faces + macro = "+u@function"; + method = "@function"; + format_specifier = "+i@string"; + mutable_variable = "+i@variable"; + class = "+b@variable"; + }; + programs.my-kakoune.autoload = [ + # My own scripts + { + name = "latex.kak"; + src = ./autoload/latex.kak; + } + { + name = "markdown.kak"; + src = ./autoload/markdown.kak; + } + + # Plugins + { + name = "luar"; + src = pkgs.fetchFromGitHub { + owner = "gustavo-hms"; + repo = "luar"; + rev = "2f430316f8fc4d35db6c93165e2e77dc9f3d0450"; + sha256 = "sha256-vHn/V3sfzaxaxF8OpA5jPEuPstOVwOiQrogdSGtT6X4="; + }; + activationScript = '' + # Enable luar + require-module luar + # Use luajit + set-option global luar_interpreter ${pkgs.luajit}/bin/luajit + ''; + } + { + name = "peneira"; + src = pkgs.fetchFromGitHub { + owner = "natsukagami"; + repo = "peneira"; + rev = "743b9971472853a752475e7c070ce99089c6840c"; + sha256 = "sha256-E4ndbF9YC1p0KrvSuGgwmG1Y2IGTuGKJo/AuMixhzlM="; + }; + activationScript = '' + require-module peneira + + # Change selection color + set-face global PeneiraSelected @PrimarySelection + + # Buffers list + define-command -hidden peneira-buffers %{ + peneira 'buffers: ' %{ printf '%s\n' $kak_quoted_buflist } %{ + buffer %arg{1} + } + } + + # Grep in the current location + define-command peneira-grep %{ + peneira 'line: ' "rg -n ." %{ + lua %arg{1} %{ + local file, line = arg[1]:match("([^:]+):(%d+):") + kak.edit(file, line) + } + } + } + + # A peneira menu + declare-user-mode fuzzy-match-menu + + map -docstring "Switch to buffer" global fuzzy-match-menu b ": peneira-buffers" + map -docstring "Symbols" global fuzzy-match-menu s ": peneira-symbols" + map -docstring "Lines" global fuzzy-match-menu l ": peneira-lines" + map -docstring "Lines in the current directory" global fuzzy-match-menu g ": peneira-grep" + map -docstring "Files in project" global fuzzy-match-menu f ": peneira-files" + map -docstring "Files in currently opening file's directory" global fuzzy-match-menu F ": peneira-local-files" + + # Bind menu to user mode + map -docstring "Fuzzy matching" global user f ": enter-user-mode fuzzy-match-menu" + ''; + } + { + name = "kakoune-focus"; + src = pkgs.fetchFromGitHub { + owner = "caksoylar"; + repo = "kakoune-focus"; + rev = "949c0557cd4c476822acfa026ca3c50f3d38a3c0"; + sha256 = "sha256-ZV7jlLJQyL420YG++iC9rq1SMjo3WO5hR9KVvJNUiCs="; + }; + activationScript = '' + map global user ': focus-toggle' -docstring "toggle selections focus" + ''; + } + { + name = "kakoune-inc-dec"; + src = pkgs.fetchFromGitLab { + owner = "Screwtapello"; + repo = "kakoune-inc-dec"; + rev = "7bfe9c51"; + sha256 = "0f33wqxqbfygxypf348jf1fiscac161wf2xvnh8zwdd3rq5yybl0"; + }; + } + { + name = "racket.kak"; + src = (builtins.fetchTree { + type = "git"; + url = "https://bitbucket.org/KJ_Duncan/kakoune-racket.kak.git"; + rev = "e397042009b46916ff089d79166ec0e8ca813a18"; + narHash = "sha256-IcxFmvG0jqpMCG/dT9crVRgPgMGKkic6xwrnW5z4+bc="; + }) + "/rc"; + } + # { + # name = "kakoune-discord"; + # src = (builtins.getFlake "github:natsukagami/kakoune-discord/03f95e40d6efd8fd3de7bca31653d43de2dcfc5f").packages.${pkgs.system}.kakoune-discord-rc + "/rc"; + # } + rec { + name = "kakoune-mirror"; + src = pkgs.fetchFromGitHub + { + owner = "Delapouite"; + repo = "kakoune-mirror"; + rev = "5710635f440bcca914d55ff2ec1bfcba9efe0f15"; + sha256 = "sha256-uslx4zZhvjUylrPWvTOugsKYKKpF0EEz1drc1Ckrpjk="; + } + "/mirror.kak"; + wrapAsModule = true; + activationScript = '' + require-module ${name} + + # Bind to ${name} + map global normal ': enter-user-mode -lock mirror' + ''; + } + { + name = "unicode-math"; + src = pkgs.fetchFromGitHub { + owner = "natsukagami"; + repo = "kakoune-unicode-math"; + rev = "08dff25da2b86ee0b0777091992bc7fb28c3cb1d"; + # sha256 = lib.fakeSha256; + sha256 = "sha256-j0L1ARex1i2ma8sGLYwgkfAbh0jWKh/6QGHFaxPXIKc="; + fetchSubmodules = true; + }; + activationScript = '' + require-module unicode-math + + # Bind to the menu + map global insert ': insert-unicode ' + ''; + } + { + name = "kakoune-buffers"; + src = pkgs.fetchFromGitHub { + owner = "Delapouite"; + repo = "kakoune-buffers"; + rev = "6b2081f5b7d58c72de319a5cba7bf628b6802881"; + sha256 = "sha256-jOSrzGcLJjLK1GiTSsl2jLmQMPbPxjycR0pwF5t/eV0="; + }; + activationScript = '' + # Suggested hook + + hook global WinDisplay .* info-buffers + + # Suggested mappings + + map global user b ':enter-buffers-mode' -docstring 'buffers…' + map global normal ^ ':enter-buffers-mode' -docstring 'buffers…' + map global user B ':enter-user-mode -lock buffers' -docstring 'buffers (lock)…' + + # Suggested aliases + + alias global bd delete-buffer + alias global bf buffer-first + alias global bl buffer-last + alias global bo buffer-only + alias global bo! buffer-only-force + ''; + } + ]; + programs.my-kakoune.themes = { + catppuccin-latte = ./catppuccin-latte.kak; + }; +} + diff --git a/packages/common/nki-kakoune/kakrc b/home/kakoune/kakrc similarity index 63% rename from packages/common/nki-kakoune/kakrc rename to home/kakoune/kakrc index a444ae6..10b5bed 100644 --- a/packages/common/nki-kakoune/kakrc +++ b/home/kakoune/kakrc @@ -1,3 +1,6 @@ +# Enable kak-tree-sitter +eval %sh{test -z "$WE_STARTED_KAK" && kak-tree-sitter --kakoune -d --server --init $kak_session} +map global normal ": enter-user-mode tree-sitter" # ## Set some color overrides # set global kts_yellow "rgb:e2b75e" # set global kts_teal "rgb:008080" @@ -5,7 +8,6 @@ # set global kts_sky "rgb:6aa622" # Color scheme colorscheme catppuccin-latte -set-face global module "%opt{sapphire}" set global base "default" # Set indentation guides @@ -60,13 +62,7 @@ map global normal D ": delete-current-brackets" # Tab sizes hook global InsertChar \t %{ exec -draft -itersel h@ } set global tabstop 2 -set global indentwidth 2 - -# Language-specific tabstop with override -hook global WinSetOption filetype=(rust) %{ - set window tabstop 4 - set window indentwidth 4 -} +set global indentwidth 2 # Ctrl + a in insert mode = esc map global insert '' @@ -88,6 +84,47 @@ hook global InsertCompletionHide .* %{ unmap window insert } +# Enable LSP +try %{ + eval %sh{test -z "$WE_STARTED_KAK" && kak-lsp --kakoune -s $kak_session} + set-option global lsp_cmd "kak-lsp -s %val{session}" +} +hook global WinSetOption filetype=(racket|rust|python|go|javascript|typescript|c|cpp|tex|latex|fsharp|ocaml|haskell|nix|scala|typst|html|css|json|markdown|templ|elixir) %{ + lsp-enable-window + map window lsp N -docstring "Display the next message request" ": lsp-show-message-request-next" + map window normal ": enter-user-mode lsp" + map window normal ": lsp-hover" + map window normal ": lsp-hover-buffer" + # lsp-auto-hover-insert-mode-enable + set window lsp_hover_anchor true + map global insert ':try lsp-snippets-select-next-placeholders catch %{ execute-keys -with-hooks tab> }' -docstring 'Select next snippet placeholder' + map global object a 'lsp-object' -docstring 'LSP any symbol' + map global object 'lsp-object' -docstring 'LSP any symbol' + map global object f 'lsp-object Function Method' -docstring 'LSP function or method' + map global object t 'lsp-object Class Interface Struct' -docstring 'LSP class interface or struct' + map global object d 'lsp-diagnostic-object --include-warnings' -docstring 'LSP errors and warnings' + map global object D 'lsp-diagnostic-object' -docstring 'LSP errors' +} + +hook global WinSetOption filetype=(racket|rust|python|go|javascript|typescript|c|cpp|tex|latex|haskell|nix|fsharp|templ) %{ + # Format the document if possible + hook window BufWritePre .* %{ lsp-formatting-sync } +} + +hook global WinSetOption filetype=(rust|scala|fsharp) %{ + # Enable inlay hints + lsp-inlay-hints-enable window +} + +hook global WinSetOption filetype=(rust|go|fsharp|typst|scala) %{ + hook window -group semantic-tokens BufReload .* lsp-semantic-tokens + hook window -group semantic-tokens NormalIdle .* lsp-semantic-tokens + hook window -group semantic-tokens InsertIdle .* lsp-semantic-tokens + hook -once -always window WinSetOption filetype=.* %{ + remove-hooks window semantic-tokens + } +} + # in Insert mode moves to end of line. map global insert 'A' @@ -112,6 +149,14 @@ hook global WinSetOption filetype=(rust) %{ set-option buffer makecmd "cargo check" } +hook global WinSetOption filetype=(scala) %{ + # Format the document if possible + hook -group scala-fmt window BufWritePre .* %{ lsp-formatting-sync } + + set window tabstop 2 + set window indentwidth 2 +} + hook global WinSetOption filetype=(typst) %{ set-option window comment_line "//" set-option window comment_block_begin "/*" @@ -126,6 +171,15 @@ hook global WinSetOption filetype=(typst) %{ hook -once -always window WinSetOption filetype=.* %{ remove-hooks window markdown-.+ } } + +define-command -params 0 -docstring "Set up build" scala-build-connect %{ + lsp-execute-command 'build-connect' '"[]"' +} + +define-command -params 0 -docstring "Import build" scala-build-import %{ + lsp-execute-command 'build-import' '"[]"' +} + def -hidden insert-c-n %{ try %{ lsp-snippets-select-next-placeholders @@ -149,7 +203,7 @@ hook global BufCreate .*[.]md %{ add-highlighter buffer/ wrap } -hook global BufCreate .*[.](sc|sbt|mill) %{ +hook global BufCreate .*[.](sc|sbt) %{ set-option buffer filetype scala } diff --git a/packages/common/nki-kakoune/kaktex/kaktex.fish b/home/kakoune/kaktex similarity index 96% rename from packages/common/nki-kakoune/kaktex/kaktex.fish rename to home/kakoune/kaktex index bb6690b..bdcf722 100755 --- a/packages/common/nki-kakoune/kaktex/kaktex.fish +++ b/home/kakoune/kaktex @@ -1,3 +1,5 @@ +#!/usr/bin/env fish + function usage echo "Usage: " echo " kaktex set [client] [session]" diff --git a/home/kakoune/kaktex.nix b/home/kakoune/kaktex.nix new file mode 100644 index 0000000..1256c79 --- /dev/null +++ b/home/kakoune/kaktex.nix @@ -0,0 +1,14 @@ +{ config, pkgs, lib, ... }: + +{ + # Source kaktex whenever we have a tex file + programs.my-kakoune.rc = '' + hook global WinSetOption filetype=(tex|latex) %{ + hook window WinDisplay '.*' %{ + eval %sh{ + ${./kaktex} set $kak_client $kak_session + } + } + } + ''; +} diff --git a/packages/common/nki-kakoune/source-pwd.fish b/home/kakoune/source-pwd similarity index 91% rename from packages/common/nki-kakoune/source-pwd.fish rename to home/kakoune/source-pwd index aa9aa37..35e5b0f 100755 --- a/packages/common/nki-kakoune/source-pwd.fish +++ b/home/kakoune/source-pwd @@ -1,3 +1,5 @@ +#!/usr/bin/env fish + if test (pwd) = "/home/natsukagami/.config/kak" exit 0 end diff --git a/home/macbook-home.nix b/home/macbook-home.nix deleted file mode 100644 index ddc2fbf..0000000 --- a/home/macbook-home.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -{ - imports = [ ./common.nix ]; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; - - # Home Manager needs a bit of information about you and the - # paths it should manage. - home.username = "nki"; - home.homeDirectory = "/Users/nki"; - - # Additional packages to be used only on this MacBook. - home.packages = with pkgs; [ - anki-bin - ]; - - # Additional settings for programs - programs.fish.shellAliases = { - brew64 = "arch -x86_64 /usr/local/bin/brew"; - }; - nki.programs.kitty.enable = true; - nki.programs.kitty.package = pkgs.hello; # We install kitty for ourselves - nki.programs.kitty.background = ./images/chise-bg.png; - - home.sessionPath = [ - # Personal .bin - "$HOME/.bin" - "$HOME/.local/bin" - - # Rust - "$HOME/.cargo/bin" - # Haskell - "$HOME/.cabal/bin" - "$HOME/.ghcup/bin" - # Go - "$HOME/go/bin" - # Node.js - "$HOME/.local/opt/node/bin" - # Ruby - "$HOME/.gem/bin" - "$HOME/.gem/ruby/2.7.0/bin" - ]; - - home.sessionVariables = { - VISUAL = "$EDITOR"; - - # Other C++ stuff - LIBRARY_PATH = lib.concatStringsSep ":" [ - "$LIBRARY_PATH" - "$HOME/.local/share/lib" - ]; - CPATH = lib.concatStringsSep ":" [ - "$CPATH" - "$HOME/.local/share/include" - ]; - - # Ruby - GEM_HOME = "$HOME/.gem"; - - # .NET - DOTNET_CLI_TELEMETRY_OPTOUT = "true"; - - # Override home-manager package path to first - PATH = "/etc/profiles/per-user/${config.home.username}/bin:$PATH"; - }; - - # This value determines the Home Manager release that your - # configuration is compatible with. This helps avoid breakage - # when a new Home Manager release introduces backwards - # incompatible changes. - # - # You can update Home Manager without changing this value. See - # the Home Manager release notes for a list of state version - # changes in each release. - home.stateVersion = "21.11"; -} diff --git a/home/macbook-nixos.nix b/home/macbook-nixos.nix deleted file mode 100644 index 567ad81..0000000 --- a/home/macbook-nixos.nix +++ /dev/null @@ -1,135 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: - -let - discord = pkgs.armcord.override { nss = pkgs.nss_latest; }; -in -{ - imports = [ - # Common configuration - ./common.nix - # We use our own firefox - # ./firefox.nix - # osu! - # ./osu - - ]; - - # Home Manager needs a bit of information about you and the - # paths it should manage. - home.username = "nki"; - home.homeDirectory = "/home/nki"; - - nki.programs.kitty.enable = true; - nki.programs.kitty.fontSize = 16; - programs.fish.shellInit = lib.mkAfter '' - set -eg MESA_GL_VERSION_OVERRIDE - set -eg MESA_GLSL_VERSION_OVERRIDE - - # export GNOME_KEYRING_CONTROL=/run/user/1001/keyring - # export SSH_AUTH_SOCK=/run/user/1001/keyring/ssh - ''; - - # More packages - home.packages = ( - with pkgs; - [ - mate.mate-terminal - - firefox-wayland - - discord - - typora - ] - ); - - # Graphical set up - linux.graphical.type = "wayland"; - linux.graphical.wallpaper = ./images/wallpaper-macbook.jpg; - # Enable sway - programs.my-sway.enable = true; - programs.my-sway.fontSize = 14.0; - programs.my-sway.enableLaptop = true; - programs.my-waybar.enableMpd = false; - programs.my-sway.discord = "${discord}/bin/armcord"; - # Keyboard options - wayland.windowManager.sway.config.input."type:keyboard".xkb_layout = "jp"; - wayland.windowManager.sway.config.output."eDP-1" = { - mode = "2560x1600@60Hz"; - scale = "1.25"; - subpixel = "vrgb"; - }; - wayland.windowManager.sway.config.input."1452:641:Apple_Internal_Keyboard_/_Trackpad" = { - # Keyboard stuff - xkb_layout = "jp"; - repeat_delay = "300"; - repeat_rate = "15"; - # Trackpad stuff - accel_profile = "adaptive"; - drag = "enabled"; - dwt = "enabled"; - middle_emulation = "enabled"; - natural_scroll = "enabled"; - scroll_factor = "2.5"; - pointer_accel = "0.5"; - tap = "disabled"; - }; - - # Kitty - # nki.programs.kitty = { - # enable = true; - # fontSize = 22; - # enableTabs = false; - # }; - - # Yellow light! - services.wlsunset = { - enable = true; - # # Waterloo - # latitude = "43.3"; - # longitude = "-80.3"; - - # Lausanne - latitude = "46.31"; - longitude = "6.38"; - }; - - home.file.".gnupg/gpg-agent.conf" = { - text = '' - pinentry-program ${pkgs.pinentry-gnome3}/bin/pinentry-gnome3 - ''; - onChange = '' - echo "Reloading gpg-agent" - echo RELOADAGENT | gpg-connect-agent - ''; - }; - - # Autostart - xdg.configFile."autostart/input-remapper-autoload.desktop".source = - "${pkgs.input-remapper}/share/applications/input-remapper-autoload.desktop"; - - # Multiple screen setup - # services.kanshi = { - # enable = true; - # profiles.undocked.outputs = [{ criteria = "LVDS-1"; }]; - # profiles.docked-hdmi.outputs = [ - # { criteria = "LVDS-1"; status = "disable"; } - # { criteria = "HDMI-A-1"; } - # ]; - # }; - - # This value determines the Home Manager release that your - # configuration is compatible with. This helps avoid breakage - # when a new Home Manager release introduces backwards - # incompatible changes. - # - # You can update Home Manager without changing this value. See - # the Home Manager release notes for a list of state version - # changes in each release. - home.stateVersion = "21.05"; -} diff --git a/home/modules/X11/xfce4-notifyd.nix b/home/modules/X11/xfce4-notifyd.nix index 739fbdc..8acd107 100644 --- a/home/modules/X11/xfce4-notifyd.nix +++ b/home/modules/X11/xfce4-notifyd.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let diff --git a/home/modules/linux/graphical/alacritty.nix b/home/modules/linux/graphical/alacritty.nix index 8bdecd1..a0a4e11 100644 --- a/home/modules/linux/graphical/alacritty.nix +++ b/home/modules/linux/graphical/alacritty.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let @@ -33,10 +28,7 @@ in }; shell = { program = "/bin/sh"; - args = [ - "-ic" - "${config.programs.fish.package}/bin/fish" - ]; + args = [ "-ic" "${config.programs.fish.package}/bin/fish" ]; }; colors = { # Default colors @@ -65,11 +57,7 @@ in }; key_bindings = [ - { - key = "C"; - mods = "Alt|Control"; - action = "SpawnNewInstance"; - } + { key = "C"; mods = "Alt|Control"; action = "SpawnNewInstance"; } ]; }; }; diff --git a/home/modules/linux/graphical/default.nix b/home/modules/linux/graphical/default.nix index cf794e9..dc1ad15 100644 --- a/home/modules/linux/graphical/default.nix +++ b/home/modules/linux/graphical/default.nix @@ -1,9 +1,4 @@ -{ - pkgs, - lib, - config, - ... -}: +{ pkgs, lib, config, ... }: with lib; let cfg = config.linux.graphical; @@ -21,126 +16,80 @@ let echo $wifi_output end ''; - - mkPackageWithDesktopOption = - opts: - mkOption ( - { - type = types.submodule { - options = { - package = mkOption { - type = types.package; - description = "The package for " + description; - }; - desktopFile = mkOption { - type = types.nullOr types.str; - default = null; - description = "The desktop file name for " + description + ", defaults to [packagename].desktop"; - }; - }; - }; - } - // opts - ); - - desktopFileOf = - cfg: - if cfg.desktopFile == null then - "${cfg.package}/share/applications/${cfg.package.pname}.desktop" - else - cfg.desktopFile; in { - imports = [ - ./x11.nix - ./wayland.nix - ./alacritty.nix - ]; + imports = [ ./x11.nix ./wayland.nix ./alacritty.nix ]; options.linux.graphical = { type = mkOption { - type = types.nullOr ( - types.enum [ - "x11" - "wayland" - ] - ); + type = types.nullOr (types.enum [ "x11" "wayland" ]); description = "Enable linux graphical configurations, with either 'x11' or 'wayland'"; default = null; }; wallpaper = mkOption { - type = types.oneOf [ - types.str - types.path - ]; + type = types.oneOf [ types.str types.path ]; description = "Path to the wallpaper file"; default = ""; }; startup = mkOption { type = types.listOf types.package; description = "List of packages to include in ~/.config/autostart"; - default = [ - cfg.defaults.webBrowser.package - pkgs.thunderbird-latest - cfg.defaults.discord.package + default = with pkgs; [ + librewolf + thunderbird + vesktop + premid ]; }; - defaults = { - webBrowser = mkPackageWithDesktopOption { description = "default web browser"; }; - terminal = mkPackageWithDesktopOption { - description = "default terminal"; - default.package = pkgs.kitty; - }; - discord = mkPackageWithDesktopOption { - description = "Discord client"; - default.package = pkgs.vesktop; - }; + defaults.webBrowser = mkOption { + type = types.str; + default = "librewolf.desktop"; + description = "Desktop file of the default web browser"; }; }; config = mkIf (cfg.type != null) { # Packages - home.packages = ( - with pkgs; - [ - cfg.defaults.webBrowser.package - cfg.defaults.terminal.package + home.packages = (with pkgs; [ + ## GUI stuff + evince # PDF reader + gparted + vscode + feh # For images? + deluge # Torrent client + pavucontrol # PulseAudio control panel + cinnamon.nemo # File manager + thunderbird # Email + sublime-music # For navidrome + cinny-desktop + gajim + vivaldi + # Audio + qpwgraph # Pipewire graph - ## GUI stuff - evince # PDF reader - gparted - vscode - feh # For images? - deluge # Torrent client - pavucontrol # PulseAudio control panel - sublime-music # For navidrome - # cinny-desktop - gajim - vivaldi - # Audio - qpwgraph # Pipewire graph - audacity - vlc + zotero_7 + libreoffice - unstable.zotero - libreoffice + mpv # for anki + anki-bin - mpv # for anki - anki-bin + tdesktop + whatsapp-for-linux - # Chat stuff - tdesktop - whatsapp-for-linux - slack - zoom-us + librewolf - ## CLI stuff - dex # .desktop file management, startup - # sct # Display color temperature - xdg-utils # Open stuff - wifi-indicator - ] - ++ cfg.startup - ); + ## CLI stuff + dex # .desktop file management, startup + # sct # Display color temperature + xdg-utils # Open stuff + wifi-indicator + ] ++ (if pkgs.stdenv.isAarch64 then [ ] else [ + gnome.cheese # Webcam check, expensive + # Chat stuff + slack + ])); + + nki.programs.discord.enable = pkgs.stdenv.isx86_64; + nki.programs.discord.package = pkgs.vesktop; # OBS programs.obs-studio = { @@ -152,6 +101,15 @@ in ]; }; + # Yellow light! + services.wlsunset = { + enable = true; + + # Lausanne + latitude = "46.31"; + longitude = "6.38"; + }; + # Cursor home.pointerCursor = { package = pkgs.suwako-cursors; @@ -165,10 +123,7 @@ in xdg.mimeApps.enable = true; xdg.mimeApps.associations.added = { - "x-scheme-handler/mailto" = [ - "thunderbird.desktop" - "org.gnome.Evolution.desktop" - ]; + "x-scheme-handler/mailto" = [ "thunderbird.desktop" "org.gnome.Evolution.desktop" ]; "application/pdf" = [ "org.gnome.Evince.desktop" ]; "text/plain" = [ "kakoune.desktop" ]; @@ -180,23 +135,10 @@ in "x-scheme-handler/feed" = [ "thunderbird.desktop" ]; "application/rss+xml" = [ "thunderbird.desktop" ]; "application/x-extension-rss" = [ "thunderbird.desktop" ]; - "x-scheme-handler/tg2" = [ "org.telegram.desktop.desktop" ]; - "x-scheme-handler/tonsite2" = [ "org.telegram.desktop.desktop" ]; - - # Other browser stuff - "application/x-extension-htm" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-html" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-shtml" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/xhtml+xml" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-xhtml" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-xht" = [ (desktopFileOf cfg.defaults.webBrowser) ]; }; xdg.mimeApps.defaultApplications = { # Email - "x-scheme-handler/mailto" = [ - "thunderbird.desktop" - "org.gnome.Evolution.desktop" - ]; + "x-scheme-handler/mailto" = [ "thunderbird.desktop" "org.gnome.Evolution.desktop" ]; "x-scheme-handler/webcal" = [ "thunderbird.desktop" ]; "x-scheme-handler/webcals" = [ "thunderbird.desktop" ]; @@ -210,21 +152,14 @@ in "application/x-extension-rss" = [ "thunderbird.desktop" ]; # Default web browser stuff - "text/html" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "x-scheme-handler/chrome" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "x-scheme-handler/about" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "x-scheme-handler/unknown" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "x-scheme-handler/http" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "x-scheme-handler/https" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "x-scheme-handler/ftp" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "x-scheme-handler/ftps" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "x-scheme-handler/file" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-htm" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-html" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-shtml" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/xhtml+xml" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-xhtml" = [ (desktopFileOf cfg.defaults.webBrowser) ]; - "application/x-extension-xht" = [ (desktopFileOf cfg.defaults.webBrowser) ]; + "text/html" = [ cfg.defaults.webBrowser ]; + "x-scheme-handler/about" = [ cfg.defaults.webBrowser ]; + "x-scheme-handler/unknown" = [ cfg.defaults.webBrowser ]; + "x-scheme-handler/http" = [ cfg.defaults.webBrowser ]; + "x-scheme-handler/https" = [ cfg.defaults.webBrowser ]; + "x-scheme-handler/ftp" = [ cfg.defaults.webBrowser ]; + "x-scheme-handler/ftps" = [ cfg.defaults.webBrowser ]; + "x-scheme-handler/file" = [ cfg.defaults.webBrowser ]; # Torrent "application/x-bittorrent" = [ "deluge.desktop" ]; @@ -236,20 +171,13 @@ in # Files "inode/directory" = [ "dolphin.desktop" ]; - - # Telegram - "x-scheme-handler/tg2" = "org.telegram.desktop.desktop"; - "x-scheme-handler/tonsite2" = "org.telegram.desktop.desktop"; - - # Discord - "x-scheme-handler/discord" = [ (desktopFileOf cfg.defaults.discord) ]; }; # Add one for kakoune xdg.desktopEntries."kakoune" = { name = "Kakoune"; genericName = "Text Editor"; - exec = ''${lib.getExe pkgs.kitty} --class kitty-float -o initial_window_width=150c -o initial_window_height=40c ${pkgs.writeShellScript "editor.sh" '' + exec = ''kitty --class kitty-float -o initial_window_width=150c -o initial_window_height=40c ${pkgs.writeShellScript "editor.sh" '' $EDITOR "$@" ''} %U''; # exec = "kakoune %U"; @@ -288,13 +216,11 @@ in ## Qt qt.enable = true; qt.platformTheme.name = "kde"; - qt.platformTheme.package = with pkgs.kdePackages; [ - plasma-integration - systemsettings - ]; + qt.platformTheme.package = with pkgs.kdePackages; [ plasma-integration systemsettings ]; qt.style.package = [ pkgs.kdePackages.breeze ]; qt.style.name = "Breeze"; + xdg.configFile = let f = pkg: { @@ -312,8 +238,7 @@ in }; autoStartup = listToAttrs (map f cfg.startup); in - autoStartup - // { + autoStartup // { ## Polkit UI "autostart/polkit.desktop".text = '' ${builtins.readFile "${pkgs.pantheon.pantheon-agent-polkit}/etc/xdg/autostart/io.elementary.desktop.agent-polkit.desktop"} @@ -328,25 +253,7 @@ in # dconf.settings."desktop/ibus/general/hotkey" = { # triggers = hm.gvariant.mkArray hm.gvariant.type.string [ "z" ]; # }; - - # Some graphical targets - systemd.user.targets = { - # For system trays, usually after graphical-session and graphical-session-pre - tray = { - Unit.Description = lib.mkDefault "System tray"; - Unit.After = [ "graphical-session-pre.target" ]; - Unit.Before = [ "graphical-session.target" ]; - Unit.BindsTo = [ "graphical-session.target" ]; - Install.WantedBy = [ "graphical-session.target" ]; - }; - # XWayland target - xwayland = { - Unit.Description = "XWayland support"; - Unit.After = [ "graphical-session-pre.target" ]; - Unit.Before = [ "graphical-session.target" ]; - Unit.BindsTo = [ "graphical-session.target" ]; - Install.WantedBy = [ "graphical-session.target" ]; - }; - }; }; } + + diff --git a/home/modules/linux/graphical/wayland.nix b/home/modules/linux/graphical/wayland.nix index 42fe7e5..7073057 100644 --- a/home/modules/linux/graphical/wayland.nix +++ b/home/modules/linux/graphical/wayland.nix @@ -1,60 +1,42 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: let - notificationModule = - { - config, - pkgs, - lib, - ... - }: + notificationModule = { config, pkgs, lib, ... }: let swaync = pkgs.swaynotificationcenter; in - with lib; - mkIf (config.linux.graphical.type == "wayland") { + with lib; mkIf (config.linux.graphical.type == "wayland") { services.swaync = { enable = true; - settings.widgets = [ - "inhibitors" - "title" - "dnd" - "mpris" - "notifications" - ]; + settings.widgets = [ "inhibitors" "title" "dnd" "mpris" "notifications" ]; style = ./swaync.css; }; + systemd.user.services.swaync.Install.WantedBy = lib.mkForce [ "sway-session.target" ]; + systemd.user.services.swaync.Unit.PartOf = lib.mkForce [ "sway-session.target" ]; - programs.my-waybar = { - extraSettings = [ - { - modules-right = mkAfter [ "custom/swaync" ]; - modules."custom/swaync" = { - tooltip = false; - format = "{icon} {}"; - format-icons = { - notification = ""; - none = ""; - dnd-notification = ""; - dnd-none = ""; - inhibited-notification = ""; - inhibited-none = ""; - dnd-inhibited-notification = ""; - dnd-inhibited-none = ""; - }; - return-type = "json"; - # exec-if = "which swaync-client"; - exec = "${swaync}/bin/swaync-client -swb"; - on-click = "${swaync}/bin/swaync-client -t -sw"; - on-click-right = "${swaync}/bin/swaync-client -d -sw"; - escape = true; + programs.my-sway.waybar = { + extraSettings = { + modules-right = mkAfter [ "custom/swaync" ]; + modules."custom/swaync" = { + tooltip = false; + format = "{icon} {}"; + format-icons = { + notification = ""; + none = ""; + dnd-notification = ""; + dnd-none = ""; + inhibited-notification = ""; + inhibited-none = ""; + dnd-inhibited-notification = ""; + dnd-inhibited-none = ""; }; - } - ]; + return-type = "json"; + # exec-if = "which swaync-client"; + exec = "${swaync}/bin/swaync-client -swb"; + on-click = "${swaync}/bin/swaync-client -t -sw"; + on-click-right = "${swaync}/bin/swaync-client -d -sw"; + escape = true; + }; + }; extraStyle = mkAfter '' #custom-swaync { background: #F0FFFF; @@ -64,55 +46,29 @@ let }; }; - plasmaModule = - { pkgs, ... }: - { - home.packages = with pkgs.kdePackages; [ - discover - kmail - kontact - akonadi - kdepim-runtime - kmail-account-wizard - akonadi-import-wizard - ]; - xdg.configFile."plasma-workspace/env/wayland.sh".source = - pkgs.writeScript "plasma-wayland-env.sh" '' - export NIXOS_OZONE_WL=1 - ''; - xdg.dataFile."dbus-1/services/org.freedesktop.Notifications.service".source = - "${pkgs.kdePackages.plasma-workspace}/share/dbus-1/services/org.kde.plasma.Notifications.service"; - }; - - rofi-rbw-script = pkgs.writeTextFile rec { - name = "rofi-rbw-script"; - text = '' - #!/usr/bin/env fish - set -a PATH ${ - lib.concatMapStringsSep " " (p: "${lib.getBin p}/bin") [ - config.programs.rofi.package - pkgs.ydotool - pkgs.rofi-rbw - ] - } - rofi-rbw + plasmaModule = { pkgs, ... }: { + home.packages = with pkgs.kdePackages; [ + discover + kmail + kontact + akonadi + kdepim-runtime + kmail-account-wizard + akonadi-import-wizard + ]; + xdg.configFile."plasma-workspace/env/wayland.sh".source = pkgs.writeScript "plasma-wayland-env.sh" '' + export NIXOS_OZONE_WL=1 ''; - executable = true; - destination = "/bin/${name}"; - meta.mainProgram = name; + xdg.dataFile."dbus-1/services/org.freedesktop.Notifications.service".source = "${pkgs.kdePackages.plasma-workspace}/share/dbus-1/services/org.kde.plasma.Notifications.service"; }; in with lib; { - imports = [ - notificationModule - plasmaModule - ]; + imports = [ notificationModule plasmaModule ]; config = mkIf (config.linux.graphical.type == "wayland") { # Additional packages home.packages = with pkgs; [ wl-clipboard # Clipboard management - rofi-rbw-script # Mimic the clipboard stuff in MacOS (pkgs.writeShellScriptBin "pbcopy" '' @@ -123,34 +79,10 @@ with lib; '') ]; - programs.rofi = { - enable = true; - package = pkgs.rofi-wayland; - cycle = true; - font = "monospace"; - terminal = "${lib.getExe config.programs.kitty.package}"; - theme = "Paper"; - plugins = with pkgs; [ - rofi-bluetooth - rofi-calc - rofi-rbw - rofi-power-menu - ]; - }; - home.sessionVariables = { ANKI_WAYLAND = "1"; }; - # Yellow light! - services.wlsunset = { - enable = true; - - # Lausanne - latitude = "46.31"; - longitude = "6.38"; - }; - # Notification system # services.dunst = { # enable = true; @@ -170,5 +102,9 @@ with lib; # settings.experimental.per_monitor_dpi = "true"; # }; + + # Forward wallpaper settings to sway + programs.my-sway.wallpaper = config.linux.graphical.wallpaper; }; } + diff --git a/home/modules/linux/graphical/x11.nix b/home/modules/linux/graphical/x11.nix index 3960cb7..800e27a 100644 --- a/home/modules/linux/graphical/x11.nix +++ b/home/modules/linux/graphical/x11.nix @@ -1,18 +1,10 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: let cfg = config.linux.graphical; in with lib; { - imports = [ - ./x11/hidpi.nix - ./x11/i3.nix - ]; + imports = [ ./x11/hidpi.nix ./x11/i3.nix ]; options.linux.graphical.hasDE = mkOption { type = types.bool; description = "When enabled, disable stuff that already comes with a DE"; @@ -51,3 +43,4 @@ with lib; }; }; } + diff --git a/home/modules/linux/graphical/x11/hidpi.nix b/home/modules/linux/graphical/x11/hidpi.nix index 267da7b..2ec8e09 100644 --- a/home/modules/linux/graphical/x11/hidpi.nix +++ b/home/modules/linux/graphical/x11/hidpi.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let diff --git a/home/modules/linux/graphical/x11/i3.nix b/home/modules/linux/graphical/x11/i3.nix index 58e923c..b92c7dc 100644 --- a/home/modules/linux/graphical/x11/i3.nix +++ b/home/modules/linux/graphical/x11/i3.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let @@ -23,14 +18,12 @@ let "10: 10" ]; wsAttrs = builtins.listToAttrs ( - map (i: { - name = toString (remainder i 10); - value = builtins.elemAt workspaces (i - 1); - }) (range 1 11) + map + (i: { name = toString (remainder i 10); value = builtins.elemAt workspaces (i - 1); }) + (range 1 11) ); remainder = x: y: x - (builtins.div x y) * y; - range = - from: to: + range = from: to: let f = cur: if cur == to then [ ] else [ cur ] ++ f (cur + 1); in @@ -47,55 +40,27 @@ in xsession.windowManager.i3 = { enable = true; config.assigns = { - "${wsAttrs."1"}" = [ { class = "^firefox$"; } ]; - "${wsAttrs."2"}" = [ { class = "^discord$"; } ]; + "${wsAttrs."1"}" = [{ class = "^firefox$"; }]; + "${wsAttrs."2"}" = [{ class = "^discord$"; }]; }; - config.bars = [ - { - command = "${pkgs.i3-gaps}/bin/i3bar -t"; - statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ~/.config/i3status-rust/config-default.toml"; - position = "top"; - colors = { - background = "#00000080"; - statusline = "#ffffff"; - separator = "#666666"; + config.bars = [{ + command = "${pkgs.i3-gaps}/bin/i3bar -t"; + statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ~/.config/i3status-rust/config-default.toml"; + position = "top"; + colors = { + background = "#00000080"; + statusline = "#ffffff"; + separator = "#666666"; - focusedWorkspace = { - background = "#4c7899"; - border = "#285577"; - text = "#ffffff"; - }; - activeWorkspace = { - background = "#333333"; - border = "#5f676a"; - text = "#ffffff"; - }; - inactiveWorkspace = { - background = "#333333"; - border = "#222222"; - text = "#888888"; - }; - urgentWorkspace = { - background = "#2f343a"; - border = "#900000"; - text = "#ffffff"; - }; - bindingMode = { - background = "#2f343a"; - border = "#900000"; - text = "#ffffff"; - }; - }; - } - ]; + focusedWorkspace = { background = "#4c7899"; border = "#285577"; text = "#ffffff"; }; + activeWorkspace = { background = "#333333"; border = "#5f676a"; text = "#ffffff"; }; + inactiveWorkspace = { background = "#333333"; border = "#222222"; text = "#888888"; }; + urgentWorkspace = { background = "#2f343a"; border = "#900000"; text = "#ffffff"; }; + bindingMode = { background = "#2f343a"; border = "#900000"; text = "#ffffff"; }; + }; + }]; config.focus.newWindow = "none"; - config.fonts = { - names = [ - "FantasqueSansMono Nerd Font Mono" - "monospace" - ]; - size = 11.0; - }; + config.fonts = { names = [ "FantasqueSansMono Nerd Font Mono" "monospace" ]; size = 11.0; }; config.gaps.outer = 5; config.gaps.inner = 5; config.gaps.smartGaps = true; @@ -104,57 +69,53 @@ in config.window.titlebar = false; # Keybindings - config.keybindings = lib.mkOptionDefault ( - { - ## vim-style movements - "${mod}+h" = "focus left"; - "${mod}+j" = "focus down"; - "${mod}+k" = "focus up"; - "${mod}+l" = "focus right"; - "${mod}+Shift+h" = "move left"; - "${mod}+Shift+j" = "move down"; - "${mod}+Shift+k" = "move up"; - "${mod}+Shift+l" = "move right"; - ## Splits - "${mod}+v" = "split v"; - "${mod}+Shift+v" = "split h"; - ## Run - "${mod}+r" = "exec ${pkgs.dmenu}/bin/dmenu_run"; - "${mod}+d" = "exec i3-dmenu-desktop --dmenu='${pkgs.dmenu}/bin/dmenu -i'"; - } - // (builtins.listToAttrs ( - lib.flatten ( - map (key: [ - { - name = "${mod}+${key}"; - value = "workspace ${builtins.getAttr key wsAttrs}"; - } - { - name = "${mod}+Shift+${key}"; - value = "move to workspace ${builtins.getAttr key wsAttrs}"; - } - ]) (builtins.attrNames wsAttrs) - ) - )) - ); + config.keybindings = lib.mkOptionDefault ({ + ## vim-style movements + "${mod}+h" = "focus left"; + "${mod}+j" = "focus down"; + "${mod}+k" = "focus up"; + "${mod}+l" = "focus right"; + "${mod}+Shift+h" = "move left"; + "${mod}+Shift+j" = "move down"; + "${mod}+Shift+k" = "move up"; + "${mod}+Shift+l" = "move right"; + ## Splits + "${mod}+v" = "split v"; + "${mod}+Shift+v" = "split h"; + ## Run + "${mod}+r" = "exec ${pkgs.dmenu}/bin/dmenu_run"; + "${mod}+d" = "exec i3-dmenu-desktop --dmenu='${pkgs.dmenu}/bin/dmenu -i'"; + } // ( + builtins.listToAttrs (lib.flatten (map + (key: [ + { + name = "${mod}+${key}"; + value = "workspace ${builtins.getAttr key wsAttrs}"; + } + { + name = "${mod}+Shift+${key}"; + value = "move to workspace ${builtins.getAttr key wsAttrs}"; + } + ]) + (builtins.attrNames wsAttrs)) + ))); # Workspace config.defaultWorkspace = "workspace ${builtins.getAttr "1" wsAttrs}"; - config.startup = - [ - { command = "firefox"; } - { command = "discord"; } - { command = "dex -ae i3"; } - { command = "ibus-daemon -drxR"; } - ] - ++ ( - if (config.linux.graphical.wallpaper != "") then - [ { command = "${pkgs.feh}/bin/feh --bg-fill ${config.linux.graphical.wallpaper}"; } ] - else - [ ] - ); + config.startup = [ + { command = "firefox"; } + { command = "discord"; } + { command = "dex -ae i3"; } + { command = "ibus-daemon -drxR"; } + ] ++ + ( + if (config.linux.graphical.wallpaper != "") + then [{ command = "${pkgs.feh}/bin/feh --bg-fill ${config.linux.graphical.wallpaper}"; }] + else [ ] + ); }; + # i3status programs.i3status-rust.enable = true; programs.i3status-rust.bars.default = { @@ -193,3 +154,5 @@ in }; }; } + + diff --git a/home/modules/linux/graphical/x11/i3/screenshot.nix b/home/modules/linux/graphical/x11/i3/screenshot.nix index dba2f89..ab1a580 100644 --- a/home/modules/linux/graphical/x11/i3/screenshot.nix +++ b/home/modules/linux/graphical/x11/i3/screenshot.nix @@ -1,14 +1,9 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; { xsession.windowManager.i3.config = mkIf (config.linux.graphical.x11.enablei3) { - startup = [ { command = "${pkgs.flameshot}/bin/flameshot"; } ]; + startup = [{ command = "${pkgs.flameshot}/bin/flameshot"; }]; keybindings = mkOptionDefault { "Print" = "exec ${pkgs.flameshot}/bin/flameshot gui"; }; }; } diff --git a/home/modules/monitors.nix b/home/modules/monitors.nix index eb36d55..70b7013 100644 --- a/home/modules/monitors.nix +++ b/home/modules/monitors.nix @@ -1,87 +1,36 @@ # A monitor list and common sway set up -{ - config, - pkgs, - lib, - ... -}: -with lib; +{ config, pkgs, lib, ... }: with lib; let monitors = { # Internal "framework" = { name = "BOE 0x0BCA Unknown"; - meta.mode = { - width = 2256; - height = 1504; - refresh = 60.0; - }; + mode = "2256x1504@60Hz"; scale = 1.25; }; - "yoga" = { - name = "AU Optronics 0xD291 Unknown"; - meta.connection = "eDP-1"; - meta.mode = { - width = 1920; - height = 1080; - refresh = 60.026; - }; - scale = 1; - }; # External ## Work @ EPFL "work" = { name = "LG Electronics LG ULTRAFINE 301MAXSGHD10"; - meta.mode = { - width = 3840; - height = 2160; - refresh = 60.0; - }; + mode = "3840x2160@60Hz"; scale = 1.25; }; "home_4k" = { name = "AOC U28G2G6B PPYP2JA000013"; + mode = "3840x2160@60Hz"; scale = 1.5; adaptive_sync = "on"; - meta = { - connection = "DP-2"; - mode = { - width = 3840; - height = 2160; - refresh = 60.0; - }; - fixedPosition = { - x = 0; - y = 0; - }; - niriName = "PNP(AOC) U28G2G6B PPYP2JA000013"; - }; + # render_bit_depth = "10"; }; "home_1440" = { name = "AOC Q27G2G3R3B VXJP6HA000442"; + mode = "2560x1440@165Hz"; adaptive_sync = "on"; - meta = { - connection = "DP-3"; - mode = { - width = 2560; - height = 1440; - refresh = 165.0; - }; - fixedPosition = { - x = 2560; - y = 0; - }; - niriName = "PNP(AOC) Q27G2G3R3B VXJP6HA000442"; - }; }; "viewsonic_1080" = { name = "ViewSonic Corporation XG2402 SERIES V4K182501054"; - meta.mode = { - width = 1920; - height = 1080; - refresh = 144.0; - }; + mode = "1920x1080@144Hz"; adaptive_sync = "on"; }; @@ -89,21 +38,9 @@ let eachMonitor = _name: monitor: { name = monitor.name; - value = - builtins.removeAttrs monitor [ - "scale" - "name" - "meta" - ] - // (lib.optionalAttrs (monitor ? scale) { - scale = toString monitor.scale; - }) - // { - mode = with monitor.meta.mode; "${toString width}x${toString height}@${toString refresh}Hz"; - } - // (lib.optionalAttrs (monitor.meta ? fixedPosition) { - position = with monitor.meta.fixedPosition; "${toString x} ${toString y}"; - }); + value = builtins.removeAttrs monitor [ "scale" "name" ] // (if monitor ? scale then { + scale = toString monitor.scale; + } else { }); }; in { @@ -117,3 +54,4 @@ in mapAttrs' eachMonitor config.common.monitors ); } + diff --git a/home/modules/programs/discord.nix b/home/modules/programs/discord.nix new file mode 100644 index 0000000..0b2eb52 --- /dev/null +++ b/home/modules/programs/discord.nix @@ -0,0 +1,27 @@ +{ config, pkgs, lib, ... }: + +with lib; +let + cfg = config.nki.programs.discord; +in +{ + options.nki.programs.discord = { + enable = mkEnableOption "Enable discord"; + + basePackage = mkOption { + type = types.package; + default = pkgs.discord; + description = "The base Discord package that will get patched"; + }; + + package = mkOption { + type = types.package; + default = cfg.basePackage.override { nss = pkgs.nss_latest; }; + description = "The actual package to use"; + }; + }; + + config = mkIf cfg.enable { + home.packages = [ cfg.package ]; + }; +} diff --git a/home/modules/programs/my-broot.nix b/home/modules/programs/my-broot.nix index 7b3eb3b..89a71bf 100644 --- a/home/modules/programs/my-broot.nix +++ b/home/modules/programs/my-broot.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let @@ -96,13 +91,10 @@ in # Add an extra syntax_color config xdg.configFile."broot/conf.toml".source = mkOverride 1 ( - tomlFormat.generate "broot-config" ( - with config.programs.broot; - { - inherit (settings) verbs modal skin; - syntax_theme = "base16-ocean.light"; - } - ) + tomlFormat.generate "broot-config" (with config.programs.broot; { + inherit (settings) verbs modal skin; + syntax_theme = "base16-ocean.light"; + }) ); }; } diff --git a/home/modules/programs/my-kakoune/default.nix b/home/modules/programs/my-kakoune/default.nix index 050a53a..125484a 100644 --- a/home/modules/programs/my-kakoune/default.nix +++ b/home/modules/programs/my-kakoune/default.nix @@ -1,26 +1,40 @@ -{ - config, - options, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let cfg = config.programs.my-kakoune; + + autoloadModule = types.submodule { + options = { + name = mkOption { + type = types.str; + description = "Name of the autoload script/folder. It might affect kakoune's load order."; + }; + src = mkOption { + type = types.path; + description = "Path to the autoload script/folder."; + }; + wrapAsModule = mkOption { + type = types.bool; + default = false; + description = "Wrap the given source file in a `provide-module` command. Fails if the `src` is not a single file."; + }; + activationScript = mkOption { + type = types.nullOr types.lines; + default = null; + description = "Add an activation script to the module. It will be wrapped in a `hook global KakBegin .*` wrapper."; + }; + }; + }; in { - imports = [ - ./fish-session.nix - ./tree-sitter.nix - ]; + imports = [ ./kak-lsp.nix ./fish-session.nix ./tree-sitter.nix ]; options.programs.my-kakoune = { enable = mkEnableOption "My version of the kakoune configuration"; package = mkOption { type = types.package; - default = pkgs.nki-kakoune; + default = pkgs.kakoune; description = "The kakoune package to be installed"; }; rc = mkOption { @@ -28,16 +42,22 @@ in default = ""; description = "Content of the kakrc file. A line-concatenated string"; }; + autoload = mkOption { + type = types.listOf autoloadModule; + default = [ ]; + description = "Sources to autoload"; + }; + themes = mkOption { + type = types.attrsOf types.path; + default = { }; + description = "Themes to load"; + }; + extraFaces = mkOption { type = types.attrsOf types.str; default = { }; description = "Extra faces to include"; }; - autoloadFile = mkOption { - type = options.xdg.configFile.type; - default = { }; - description = "Extra autoload files"; - }; }; config = mkIf cfg.enable { @@ -45,18 +65,44 @@ in xdg.configFile = let + kakouneAutoload = { name, src, wrapAsModule ? false, activationScript ? null }: + [ + (if !wrapAsModule then { + name = "kak/autoload/${name}"; + value.source = src; + } else { + name = "kak/autoload/${name}/module.kak"; + value.text = '' + provide-module ${name} %◍ + ${readFile src} + ◍ + ''; + }) + ] ++ (if activationScript == null then [ ] else [{ + name = "kak/autoload/on-load/${name}.kak"; + value.text = '' + hook global KakBegin .* %{ + ${activationScript} + } + ''; + }]); + + kakouneThemes = builtins.listToAttrs (builtins.attrValues ( + builtins.mapAttrs + (name: src: { + name = "kak/colors/${name}.kak"; + value.source = src; + }) + cfg.themes + )); + kakouneFaces = let - txt = strings.concatStringsSep "\n" ( - builtins.attrValues ( - builtins.mapAttrs (name: face: "face global ${name} \"${face}\"") cfg.extraFaces - ) - ); + txt = strings.concatStringsSep "\n" (builtins.attrValues (builtins.mapAttrs (name: face: "face global ${name} \"${face}\"") cfg.extraFaces)); in pkgs.writeText "faces.kak" txt; in { - "kak/autoload/builtin".source = "${cfg.package}/share/kak/autoload"; # kakrc "kak/kakrc".text = '' ${cfg.rc} @@ -64,13 +110,15 @@ in # Load faces source ${kakouneFaces} ''; - } - // lib.mapAttrs' (name: attrs: { - name = "kak/autoload/${name}"; - value = attrs // { - target = "kak/autoload/${name}"; - }; - }) cfg.autoloadFile; - xdg.dataFile."kak".source = "${cfg.package}/share/kak"; + } // + (builtins.listToAttrs (lib.lists.flatten (map kakouneAutoload ([ + # include the original autoload files + { + name = "rc"; + src = "${cfg.package}/share/kak/autoload/rc"; + } + ] ++ cfg.autoload)))) + // kakouneThemes; }; } + diff --git a/home/modules/programs/my-kakoune/fish-session.nix b/home/modules/programs/my-kakoune/fish-session.nix index 2996fb9..1f497f4 100644 --- a/home/modules/programs/my-kakoune/fish-session.nix +++ b/home/modules/programs/my-kakoune/fish-session.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let @@ -30,8 +25,9 @@ in echo "New kakoune session started (pid = $last_pid, session name = $kak_session)." # Rebind $VISUAL, $EDITOR and e command - set -gx VISUAL kak -c $kak_session - set -gx EDITOR kak -c $kak_session + set -gx VISUAL "kak -c $kak_session" + set -gx EDITOR "kak -c $kak_session" + alias e="kak -c $kak_session" ''; kill-kak-session = '' @@ -46,6 +42,7 @@ in # Rebind $VISUAL, $EDITOR and e command set -gx VISUAL "kak" set -gx EDITOR "kak" + alias e="kak" ''; }; programs.fish.tide = { diff --git a/home/modules/programs/my-kakoune/kak-lsp.nix b/home/modules/programs/my-kakoune/kak-lsp.nix new file mode 100644 index 0000000..eaf3b6b --- /dev/null +++ b/home/modules/programs/my-kakoune/kak-lsp.nix @@ -0,0 +1,213 @@ +{ config, pkgs, lib, ... }: + +with lib; +let + lspConfig = + { + language_ids = { + c = "c_cpp"; + cpp = "c_cpp"; + javascript = "javascriptreact"; + typescript = "typescriptreact"; + protobuf = "proto"; + sh = "shellscript"; + }; + + language_servers = { + ccls = { + args = [ "-v=2" "-log-file=/tmp/ccls.log" ]; + command = "ccls"; + filetypes = [ "c" "cpp" ]; + roots = [ "compile_commands.json" ".cquery" ".git" ]; + }; + gopls = { + command = "gopls"; + filetypes = [ "go" ]; + offset_encoding = "utf-8"; + roots = [ "Gopkg.toml" "go.mod" ".git" ".hg" ]; + settings = { gopls = { hoverKind = "SynopsisDocumentation"; semanticTokens = true; }; }; + settings_section = "gopls"; + }; + haskell-language-server = { + args = [ "--lsp" ]; + command = "haskell-language-server-wrapper"; + filetypes = [ "haskell" ]; + roots = [ "Setup.hs" "stack.yaml" "*.cabal" "package.yaml" ]; + settings_section = "haskell"; + }; + nil = { + command = "${pkgs.nil}/bin/nil"; + filetypes = [ "nix" ]; + roots = [ "flake.nix" "shell.nix" ".git" ]; + settings.nil = { + formatting.command = [ "${getExe pkgs.nixpkgs-fmt}" ]; + }; + }; + pyls = { + command = "pyls"; + filetypes = [ "python" ]; + offset_encoding = "utf-8"; + roots = [ "requirements.txt" "setup.py" ".git" ".hg" ]; + }; + }; + semantic_tokens.faces = [ + ## Items + # (Rust) Macros + { face = "attribute"; token = "attribute"; } + { face = "attribute"; token = "derive"; } + { face = "macro"; token = "macro"; } # Function-like Macro + # Keyword and Fixed Tokens + { face = "keyword"; token = "keyword"; } + { face = "operator"; token = "operator"; } + # Functions and Methods + { face = "function"; token = "function"; } + { face = "method"; token = "method"; } + # Constants + { face = "string"; token = "string"; } + { face = "format_specifier"; token = "formatSpecifier"; } + # Variables + { face = "variable"; token = "variable"; modifiers = [ "readonly" ]; } + { face = "mutable_variable"; token = "variable"; } + { face = "module"; token = "namespace"; } + { face = "variable"; token = "type_parameter"; } + { face = "class"; token = "enum"; } + { face = "class"; token = "struct"; } + { face = "class"; token = "trait"; } + { face = "class"; token = "union"; } + { face = "class"; token = "class"; } + + ## Comments + { face = "documentation"; token = "comment"; modifiers = [ "documentation" ]; } + { face = "comment"; token = "comment"; } + ]; + server = { timeout = 1800; }; + snippet_support = false; + verbosity = 255; + }; + + languageServerOption = types.submodule { + options = { + filetypes = mkOption { + type = types.listOf types.str; + description = "The list of filetypes to assign the language to"; + }; + roots = mkOption { + type = types.listOf types.str; + description = "The list of root filenames that are used to determine the project root"; + }; + command = mkOption { + type = types.str; + description = "The LSP server command to be called."; + }; + args = mkOption { + type = types.listOf types.str; + default = [ ]; + description = "The arguments passed onto the LSP server."; + }; + offset_encoding = mkOption { + type = types.nullOr (types.enum [ "utf-8" ]); + default = null; + description = "The offset encoding used by the LSP server."; + }; + settings_section = mkOption { + type = types.nullOr types.str; + default = null; + description = "The settings section to be sent to LSP server."; + }; + settings = mkOption { + type = types.nullOr (types.attrsOf types.anything); + default = null; + description = "Additional settings to be passed to the LSP server."; + }; + package = mkOption { + type = types.nullOr types.package; + default = null; + description = "The default package of the language server. Will be appended as the ending segments of the PATH to kak-lsp"; + }; + }; + }; + + cfg = config.programs.kak-lsp; + + serverPackages = + filter (v: v != null) + (lib.mapAttrsToList (_: serv: serv.package) cfg.languageServers); + + wrappedPackage = pkgs.symlinkJoin { + name = "kak-lsp-wrapped"; + nativeBuildInputs = [ pkgs.makeWrapper ]; + paths = [ cfg.package ]; + postBuild = '' + wrapProgram $out/bin/kak-lsp --suffix PATH ":" ${lib.makeBinPath serverPackages} + ''; + }; +in +{ + options.programs.kak-lsp = { + enable = mkEnableOption "Enable kak-lsp support"; + + package = mkOption { + type = types.package; + default = pkgs.kak-lsp; + }; + + enableSnippets = mkOption { + type = types.bool; + default = false; + description = "Enable snippet support"; + }; + + semanticTokens.faces = mkOption { + type = types.listOf types.anything; + default = lspConfig.semantic_tokens.faces; + description = "The semantic tokens faces mapping given to kak"; + }; + semanticTokens.additionalFaces = mkOption { + type = types.listOf types.anything; + default = [ ]; + description = "The semantic tokens faces mapping given to kak"; + }; + + serverTimeout = mkOption { + type = types.int; + default = 1000; + description = "Server timeout"; + }; + + languageServers = mkOption { + type = types.attrsOf languageServerOption; + default = { }; + description = "The language options"; + }; + + languageIds = mkOption { + type = types.attrsOf types.str; + default = { }; + description = "Language IDs to be sent to the LSP"; + }; + }; + + config = mkIf cfg.enable + { + home.packages = [ wrappedPackage ]; + + # Configurations + xdg.configFile."kak-lsp/kak-lsp.toml" = + let + toml = pkgs.formats.toml { }; + toLspConfig = lib.filterAttrsRecursive (n: v: n != "package" && v != null); + in + { + source = toml.generate "config.toml" + { + semantic_tokens.faces = cfg.semanticTokens.faces ++ cfg.semanticTokens.additionalFaces; + server.timeout = cfg.serverTimeout; + snippet_support = cfg.enableSnippets; + verbosity = 255; + language_server = toLspConfig (lspConfig.language_servers // cfg.languageServers); + language_ids = lspConfig.language_ids // cfg.languageIds; + }; + }; + }; +} + diff --git a/home/modules/programs/my-kakoune/tree-sitter.nix b/home/modules/programs/my-kakoune/tree-sitter.nix index 12c1aac..4304ca5 100644 --- a/home/modules/programs/my-kakoune/tree-sitter.nix +++ b/home/modules/programs/my-kakoune/tree-sitter.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let cfg = config.programs.my-kakoune.tree-sitter; @@ -19,44 +14,14 @@ let default = "src"; }; grammar.compile = { - command = mkOption { - type = types.str; - default = "${pkgs.gcc}/bin/gcc"; - }; - args = mkOption { - type = types.listOf types.str; - default = [ - "-c" - "-fpic" - "../parser.c" - "../scanner.c" - "-I" - ".." - ]; - }; - flags = mkOption { - type = types.listOf types.str; - default = [ "-O3" ]; - }; + command = mkOption { type = types.str; default = "${pkgs.gcc}/bin/gcc"; }; + args = mkOption { type = types.listOf types.str; default = [ "-c" "-fpic" "../parser.c" "../scanner.c" "-I" ".." ]; }; + flags = mkOption { type = types.listOf types.str; default = [ "-O3" ]; }; }; grammar.link = { - command = mkOption { - type = types.str; - default = "${pkgs.gcc}/bin/gcc"; - }; - args = mkOption { - type = types.listOf types.str; - default = [ - "-shared" - "-fpic" - "parser.o" - "scanner.o" - ]; - }; - flags = mkOption { - type = types.listOf types.str; - default = [ "-O3" ]; - }; + command = mkOption { type = types.str; default = "${pkgs.gcc}/bin/gcc"; }; + args = mkOption { type = types.listOf types.str; default = [ "-shared" "-fpic" "parser.o" "scanner.o" ]; }; + flags = mkOption { type = types.listOf types.str; default = [ "-O3" ]; }; }; queries.src = mkOption { type = types.package; @@ -68,42 +33,6 @@ let }; }; }; - mkGrammarPackage = - { - name, - src, - grammarPath ? "src", - grammarCompileArgs ? [ - "-O3" - "-c" - "-fpic" - "../parser.c" - "../scanner.c" - "-I" - ".." - ], - grammarLinkArgs ? [ - "-shared" - "-fpic" - "parser.o" - "scanner.o" - ], - }: - pkgs.stdenv.mkDerivation { - inherit src; - name = "kak-tree-sitter-grammar-${name}.so"; - version = "latest"; - buildPhase = '' - mkdir ${grammarPath}/build - cd ${grammarPath}/build - $CC ${lib.concatStringsSep " " grammarCompileArgs} - $CC ${lib.concatStringsSep " " grammarLinkArgs} -o ${name}.so - ''; - installPhase = '' - cp ${name}.so $out - ''; - }; - in { options.programs.my-kakoune.tree-sitter = { @@ -265,54 +194,53 @@ in toTs = name: "ts_${strings.concatStringsSep "_" (strings.splitString "." name)}"; toScm = name: strings.concatStringsSep "." (strings.splitString "_" name); - definedFaces = attrsets.mapAttrs' (name: value: { - inherit value; - name = toTs name; - }) allGroups; - aliasFaces = attrsets.mapAttrs' (name: value: { - name = toTs name; - value = "@${toTs value}"; - }) aliases; + definedFaces = attrsets.mapAttrs' (name: value: { inherit value; name = toTs name; }) allGroups; + aliasFaces = attrsets.mapAttrs' (name: value: { name = toTs name; value = "@${toTs value}"; }) aliases; faces = attrsets.recursiveUpdate definedFaces aliasFaces; toml = pkgs.formats.toml { }; - toLanguageConf = - name: lang: with lang; { - grammar = { - source.local.path = mkGrammarPackage { - inherit name; - src = grammar.src; - grammarPath = grammar.path; - grammarCompileArgs = grammar.compile.flags ++ grammar.compile.args; - grammarLinkArgs = grammar.link.flags ++ grammar.link.args; - }; - compile = grammar.compile.command; - compile_args = grammar.compile.args; - compile_flags = grammar.compile.flags; - link = grammar.link.command; - link_args = grammar.link.args ++ [ - "-o" - "${name}.so" - ]; - link_flags = grammar.link.flags; - }; - queries = rec { - path = if queries.path == null then "runtime/queries/${name}" else queries.path; - source.local.path = "${queries.src}/${path}"; - }; + srcName = src: lib.removePrefix "/nix/store/" src.outPath; + mkGitRepo = src: pkgs.runCommandLocal "${src.name}-git" { } '' + cp -r --no-preserve=all ${src} $out + cd $out + if ! test -d $out/.git; then + ${lib.getExe pkgs.git} init -b ${srcName src} + ${lib.getExe pkgs.git} config user.email "a@b.com" + ${lib.getExe pkgs.git} config user.name "a" + ${lib.getExe pkgs.git} add . + ${lib.getExe pkgs.git} commit -m "Just making a git commit" + fi + ''; + + toLanguageConf = name: lang: with lang; { + grammar = { + inherit (grammar) path; + source.git.url = "${mkGitRepo grammar.src}"; + source.git.pin = "${srcName grammar.src}"; + compile = grammar.compile.command; + compile_args = grammar.compile.args; + compile_flags = grammar.compile.flags; + link = grammar.link.command; + link_args = grammar.link.args ++ [ "-o" "${name}.so" ]; + link_flags = grammar.link.flags; }; + queries = { + source.git.url = "${mkGitRepo queries.src}"; + source.git.pin = "${srcName queries.src}"; + path = if queries.path == null then "runtime/queries/${name}" else queries.path; + }; + }; in mkIf cfg.enable { - assertions = - with lib.asserts; - ( - [ ] - ++ attrsets.mapAttrsToList (name: _: { - assertion = (!(builtins.hasAttr name allGroups)); - message = "${name} was both defined and aliased"; - }) aliases - ); + assertions = with lib.asserts; ([ ] + ++ attrsets.mapAttrsToList + (name: _: { + assertion = (! (builtins.hasAttr name allGroups)); + message = "${name} was both defined and aliased"; + }) + aliases + ); home.packages = [ cfg.package ]; xdg.configFile."kak-tree-sitter/config.toml" = { @@ -321,14 +249,15 @@ in features = cfg.features; language = builtins.mapAttrs toLanguageConf cfg.languages; }; + + onChange = '' + export PATH=$PATH:${lib.getBin pkgs.gcc} + ${cfg.package}/bin/ktsctl sync -a + ''; }; programs.my-kakoune.extraFaces = faces; - programs.my-kakoune.autoloadFile."kak-tree-sitter.kak".text = '' - # Enable kak-tree-sitter - eval %sh{kak-tree-sitter --kakoune -d --server --init $kak_session} - map global normal ": enter-user-mode tree-sitter" - ''; }; } + diff --git a/home/modules/programs/my-kitty/darwin.nix b/home/modules/programs/my-kitty/darwin.nix deleted file mode 100644 index c634cba..0000000 --- a/home/modules/programs/my-kitty/darwin.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: -let - cfg = config.nki.programs.kitty; - cmd = "cmd"; -in -with lib; -{ - programs.kitty = mkIf (cfg.enable && pkgs.stdenv.isDarwin) { - - # Darwin-specific setup - darwinLaunchOptions = [ - "--single-instance" - "--start-as=fullscreen" - ]; - - # Tabs and layouts keybindings - keybindings = { - # Backslash - "0x5d" = "send_text all \\u005c"; - }; - - settings = { - # MacOS specific - macos_option_as_alt = "left"; - }; - }; -} diff --git a/home/modules/programs/my-kitty/default.nix b/home/modules/programs/my-kitty/default.nix index 41b42ad..f7ce676 100644 --- a/home/modules/programs/my-kitty/default.nix +++ b/home/modules/programs/my-kitty/default.nix @@ -1,49 +1,14 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: let cfg = config.nki.programs.kitty; - - theme = - { - lib, - options, - config, - ... - }: - { - programs.kitty = lib.mkIf config.nki.programs.kitty.enable ( - if builtins.hasAttr "themeFile" options.programs.kitty then - { - themeFile = "ayu_light"; - } - else - { - theme = "Ayu Light"; - } - ); - }; in with lib; { - imports = [ - theme - ./darwin.nix - ./linux.nix - ./tabs.nix - ]; + imports = [ ./linux.nix ./tabs.nix ]; options.nki.programs.kitty = { enable = mkEnableOption "Enable kitty"; - setDefault = mkOption { - type = types.bool; - description = "Set kitty as default terminal"; - default = true; - }; package = mkOption { type = types.package; @@ -76,105 +41,69 @@ with lib; }; }; - config = mkIf cfg.enable { - linux.graphical = mkIf cfg.setDefault { - defaults.terminal.package = cfg.package; - }; - programs.kitty = { - enable = true; + config.programs.kitty = mkIf cfg.enable { + enable = true; - package = cfg.package; + package = cfg.package; - font.package = pkgs.fantasque-sans-mono; - font.name = "Fantasque Sans Mono"; - font.size = cfg.fontSize; + font.package = pkgs.fantasque-sans-mono; + font.name = "Fantasque Sans Mono"; + font.size = cfg.fontSize; - settings = - let - # Background color and transparency - background = - if isNull cfg.background then - { - background_opacity = "0.93"; - dynamic_background_opacity = true; - } - else - { - background_image = "${cfg.background}"; - background_image_layout = "scaled"; - background_tint = "0.85"; - }; - in - mkMerge [ - background - { - # Scrollback (128MBs) - scrollback_pager_history_size = 128; + theme = "Ayu Light"; - # Disable Shell integration (leave it for Nix) - shell_integration = "no-rc"; - - # Allow remote control (for kakoune integration) - allow_remote_control = true; - - # Mouse focus - focus_follows_mouse = true; - } - ]; - - keybindings = { - "${cfg.cmd}+shift+equal" = "no_op"; # Not possible with a JIS keyboard - "${cfg.cmd}+shift+^" = "change_font_size all +2.0"; # ... so use ^ instead - - ## Clear screen - "${cfg.cmd}+backspace" = "clear_terminal to_cursor active"; - "${cfg.cmd}+shift+backspace" = "clear_terminal reset active"; - - ## Command scrolling - "${cfg.cmd}+shift+j" = "scroll_to_prompt 1"; - "${cfg.cmd}+shift+k" = "scroll_to_prompt -1"; - }; - - extraConfig = - let - # Nerd Fonts glyph map - glyphMap = pkgs.fetchurl { - url = "https://raw.githubusercontent.com/Sharparam/dotfiles/main/kitty/.config/kitty/font-nerd-symbols.conf"; - hash = "sha256-1OaDWLC3y8ASD2ttRWWgPEpRnfKXu6H6vS3cFVpzT0o="; + settings = + let + # Background color and transparency + background = + if isNull cfg.background then { + background_opacity = "0.85"; + dynamic_background_opacity = true; + } else { + background_image = "${cfg.background}"; + background_image_layout = "scaled"; + background_tint = "0.85"; }; - in - '' - include ${glyphMap} - ''; + in + mkMerge [ + background + { + # Scrollback (128MBs) + scrollback_pager_history_size = 128; + + # Disable Shell integration (leave it for Nix) + shell_integration = "no-rc"; + + # Allow remote control (for kakoune integration) + allow_remote_control = true; + + # Mouse focus + focus_follows_mouse = true; + } + ]; + + keybindings = { + "${cfg.cmd}+shift+equal" = "no_op"; # Not possible with a JIS keyboard + "${cfg.cmd}+shift+^" = "change_font_size all +2.0"; # ... so use ^ instead + + ## Clear screen + "${cfg.cmd}+backspace" = "clear_terminal to_cursor active"; + "${cfg.cmd}+shift+backspace" = "clear_terminal reset active"; + ## Hints + "${cfg.cmd}+shift+p>n" = "kitten hints --type=linenum --linenum-action=tab kak {path} +{line}"; }; - # Open protocol - xdg.configFile."kitty/open-actions.conf".text = '' - protocol file - fragment_matches [0-9]+ - action launch --type=overlay --cwd=current -- $\{EDITOR} +$\{FRAGMENT} -- $\{FILE_PATH} - - # Open HTML files with xdg-open - protocol file - mime text/html - action launch xdg-open $\{FILE_PATH} - - # Open text files without fragments in the editor - protocol file - mime text/* - action launch --type=overlay --cwd=current -- $\{EDITOR} -- $\{FILE_PATH} - - # Open other files with xdg-open - protocol file - action launch xdg-open $\{FILE_PATH} - ''; - - programs.fish.shellAliases = { - "ssh+" = "kitten ssh"; - "clip" = "kitten clipboard"; - "eg" = "kitten hyperlinked-grep"; - "icat" = "kitten icat"; - "notify" = "kitten notify"; - }; + extraConfig = + let + # Nerd Fonts glyph map + glyphMap = pkgs.fetchurl { + url = "https://raw.githubusercontent.com/Sharparam/dotfiles/main/kitty/.config/kitty/font-nerd-symbols.conf"; + hash = "sha256-1OaDWLC3y8ASD2ttRWWgPEpRnfKXu6H6vS3cFVpzT0o="; + }; + in + '' + include ${glyphMap} + ''; }; } + diff --git a/home/modules/programs/my-kitty/linux.nix b/home/modules/programs/my-kitty/linux.nix index 0007412..e30b774 100644 --- a/home/modules/programs/my-kitty/linux.nix +++ b/home/modules/programs/my-kitty/linux.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: let cfg = config.nki.programs.kitty; in diff --git a/home/modules/programs/my-kitty/tabs.nix b/home/modules/programs/my-kitty/tabs.nix index 0aa54c6..2adcbdf 100644 --- a/home/modules/programs/my-kitty/tabs.nix +++ b/home/modules/programs/my-kitty/tabs.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: let cfg = config.nki.programs.kitty; @@ -12,33 +7,33 @@ in with lib; { programs.kitty = mkIf cfg.enableTabs { - keybindings = - { - "${cmd}+t" = "new_tab_with_cwd"; - "${cmd}+shift+t" = "new_tab"; - "${cmd}+shift+o" = "launch --cwd=current --location=vsplit"; - "${cmd}+o" = "launch --cwd=current --location=hsplit"; - "${cmd}+r" = "start_resizing_window"; - "${cmd}+shift+r" = "layout_action rotate"; - ## Move the active window in the indicated direction - "${cmd}+shift+h" = "move_window left"; - "${cmd}+shift+k" = "move_window up"; - "${cmd}+shift+j" = "move_window down"; - "${cmd}+shift+l" = "move_window right"; - ## Switch focus to the neighboring window in the indicated direction - "${cmd}+h" = "neighboring_window left"; - "${cmd}+k" = "neighboring_window up"; - "${cmd}+j" = "neighboring_window down "; - "${cmd}+l" = "neighboring_window right"; - ## Detach window to its own tab - "${cmd}+shift+d" = "detach_window new-tab"; - ## Change layout to fullscreen (stack) and back - "${cmd}+f" = "toggle_layout stack"; - } - # Tab bindings - // builtins.listToAttrs ( - map (x: attrsets.nameValuePair "${cmd}+${toString x}" "goto_tab ${toString x}") (lists.range 1 9) - ); + keybindings = { + "${cmd}+t" = "new_tab_with_cwd"; + "${cmd}+shift+t" = "new_tab"; + "${cmd}+shift+o" = "launch --cwd=current --location=vsplit"; + "${cmd}+o" = "launch --cwd=current --location=hsplit"; + "${cmd}+r" = "start_resizing_window"; + "${cmd}+shift+r" = "layout_action rotate"; + ## Move the active window in the indicated direction + "${cmd}+shift+h" = "move_window left"; + "${cmd}+shift+k" = "move_window up"; + "${cmd}+shift+j" = "move_window down"; + "${cmd}+shift+l" = "move_window right"; + ## Switch focus to the neighboring window in the indicated direction + "${cmd}+h" = "neighboring_window left"; + "${cmd}+k" = "neighboring_window up"; + "${cmd}+j" = "neighboring_window down "; + "${cmd}+l" = "neighboring_window right"; + ## Detach window to its own tab + "${cmd}+shift+d" = "detach_window new-tab"; + ## Change layout to fullscreen (stack) and back + "${cmd}+f" = "toggle_layout stack"; + } + # Tab bindings + // builtins.listToAttrs + (map + (x: attrsets.nameValuePair "${cmd}+${toString x}" "goto_tab ${toString x}") + (lists.range 1 9)); settings = { # Tab settings tab_bar_edge = "top"; diff --git a/home/modules/programs/my-niri.nix b/home/modules/programs/my-niri.nix deleted file mode 100644 index 42c59a9..0000000 --- a/home/modules/programs/my-niri.nix +++ /dev/null @@ -1,583 +0,0 @@ -{ - config, - osConfig, - lib, - pkgs, - ... -}: -let - cfg = config.programs.my-niri; - - sh = config.lib.niri.actions.spawn "sh" "-c"; - playerctl = lib.getExe pkgs.playerctl; - amixer = lib.getExe' pkgs.alsa-utils "amixer"; - brightnessctl = lib.getExe pkgs.brightnessctl; - app-menu = "${pkgs.dmenu}/bin/dmenu_path | ${pkgs.bemenu}/bin/bemenu | ${pkgs.findutils}/bin/xargs niri msg action spawn --"; - - wallpaper = config.linux.graphical.wallpaper; - - xwayland-display = ":0"; - - # Override for lack of per-keyboard layout - ydotool-en = pkgs.writeScriptBin "ydotool" '' - #!/usr/bin/env sh - niri msg action switch-layout 1 && fcitx5-remote -c # us - ${lib.getExe pkgs.ydotool} "$@" - niri msg action switch-layout 0 # ja - ''; - -in -{ - options.programs.my-niri = { - enable = lib.mkEnableOption "My own niri configuration"; - - enableLaptop = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable laptop options"; - }; - - lock-command = lib.mkOption { - type = lib.types.listOf lib.types.str; - description = "The command to lock the screen"; - default = - [ "${pkgs.swaylock}/bin/swaylock" ] - ++ ( - if wallpaper == "" then - [ "" ] - else - [ - "-i" - "${wallpaper}" - "-s" - "fill" - ] - ) - ++ [ - "-l" - "-k" - ]; - }; - - workspaces = lib.mkOption { - type = lib.types.attrsOf ( - lib.types.submodule { - options = { - name = lib.mkOption { - type = lib.types.str; - description = "workspace name"; - }; - fixed = lib.mkOption { - type = lib.types.bool; - default = true; - description = "whether workspace always exists"; - }; - monitor = lib.mkOption { - type = lib.types.nullOr lib.types.str; - default = null; - description = "Default monitor to spawn workspace in"; - }; - }; - } - ); - description = "A mapping of ordering to workspace names, for fixed workspaces"; - }; - }; - - config = lib.mkIf cfg.enable { - home.packages = [ ydotool-en ]; - programs.my-niri.workspaces = { - # Default workspaces, always there - "01" = { - name = "🌏 web"; - }; - "02" = { - name = "💬 chat"; - }; - "03" = { - name = "⚙️ code"; - }; - "04" = { - name = "🎶 music"; - }; - "05" = { - name = "🔧 extra"; - }; - "06" = { - name = "🧰 6"; - }; - "07" = { - name = "🔩 7"; - }; - "08" = { - name = "🛠️ 8"; - }; - "09" = { - name = "🔨 9"; - }; - "10" = { - name = "🎲 misc"; - }; - "99" = { - name = "📧 Email"; - }; - }; - systemd.user.services.swaync.Install.WantedBy = [ "niri.service" ]; - systemd.user.services.swaync.Unit.After = [ "niri.service" ]; - systemd.user.targets.tray.Unit.After = [ "niri.service" ]; - systemd.user.targets.xwayland.Unit.After = [ "niri.service" ]; - - programs.my-waybar = { - enable = true; - enableLaptopBars = lib.mkDefault cfg.enableLaptop; - }; - systemd.user.services.waybar.Unit.After = [ "niri.service" ]; - systemd.user.services.waybar.Install.WantedBy = [ "niri.service" ]; - - # xwayland-satellite - systemd.user.services.niri-xwayland-satellite = lib.mkIf cfg.enable { - Unit = { - Description = "XWayland Client for niri"; - PartOf = [ "xwayland.target" ]; - Before = [ - "xwayland.target" - "xdg-desktop-autostart.target" - ]; - After = [ "niri.service" ]; - }; - Install.WantedBy = [ "niri.service" ]; - Install.UpheldBy = [ "niri.service" ]; - Service.Slice = "session.slice"; - Service.Type = "notify"; - Service.ExecStart = "${lib.getExe pkgs.xwayland-satellite} ${xwayland-display}"; - Service.ExecStartPost = [ "systemctl --user set-environment DISPLAY=${xwayland-display}" ]; - Service.ExecStopPost = [ "systemctl --user unset-environment" ]; - }; - - programs.niri.settings = { - environment = - { - QT_QPA_PLATFORM = "wayland"; - QT_WAYLAND_DISABLE_WINDOWDECORATION = "1"; - QT_IM_MODULE = "fcitx"; - # export NIXOS_OZONE_WL=1 # Until text-input is merged - DISPLAY = xwayland-display; - } - // lib.optionalAttrs osConfig.services.desktopManager.plasma6.enable { - XDG_MENU_PREFIX = "plasma-"; - }; - input.keyboard.xkb = { - layout = "jp,us"; - }; - input.touchpad = lib.mkIf cfg.enableLaptop { - tap = true; - dwt = true; - natural-scroll = true; - middle-emulation = true; - }; - input.mouse = { - accel-profile = "flat"; - }; - input.warp-mouse-to-focus = true; - input.focus-follows-mouse = { - enable = true; - max-scroll-amount = "0%"; - }; - - outputs = - let - eachMonitor = _: monitor: { - name = monitor.meta.niriName or monitor.name; # Niri might not find the monitor by name - value = { - mode = monitor.meta.mode; - position = monitor.meta.fixedPosition or null; - scale = monitor.scale or 1; - variable-refresh-rate = (monitor.adaptive_sync or "off") == "on"; - }; - }; - in - lib.mapAttrs' eachMonitor config.common.monitors; - - spawn-at-startup = [ - # Wallpaper - { - command = [ - (lib.getExe pkgs.swaybg) - "-i" - "${wallpaper}" - "-m" - "fill" - ]; - } - # Waybar - { - command = [ - "systemctl" - "--user" - "start" - "xdg-desktop-portal-gtk.service" - "xdg-desktop-portal.service" - ]; - } - ]; - - layout = { - gaps = 16; - preset-column-widths = [ - { proportion = 1. / 3.; } - { proportion = 1. / 2.; } - { proportion = 2. / 3.; } - ]; - default-column-width.proportion = 1. / 2.; - - focus-ring = { - width = 4; - active.gradient = { - from = "#00447AFF"; - to = "#71C4FFAA"; - angle = 45; - }; - inactive.color = "#505050"; - }; - border.enable = false; - struts = - let - v = 8; - in - { - left = v; - right = v; - bottom = v; - top = v; - }; - }; - - prefer-no-csd = true; - - workspaces = - let - fixedWorkspaces = lib.filterAttrs (_: w: w.fixed) cfg.workspaces; - workspaceConfig = lib.mapAttrs ( - _: w: - { - inherit (w) name; - } - // (lib.optionalAttrs (w.monitor != null) { - open-on-output = w.monitor; - }) - ) fixedWorkspaces; - in - workspaceConfig; - - window-rules = [ - # Rounded Corners - { - geometry-corner-radius = - let - v = 8.0; - in - { - bottom-left = v; - bottom-right = v; - top-left = v; - top-right = v; - }; - clip-to-geometry = true; - } - # Workspace assignments - { - open-on-workspace = cfg.workspaces."01".name; - open-maximized = true; - matches = [ - { - at-startup = true; - app-id = "^firefox$"; - } - { - at-startup = true; - app-id = "^librewolf$"; - } - { - at-startup = true; - app-id = "^zen$"; - } - ]; - } - { - open-on-workspace = cfg.workspaces."02".name; - open-maximized = true; - matches = [ - { title = "^((d|D)iscord|((A|a)rm(c|C)ord))$"; } - { title = "VencordDesktop"; } - { app-id = "VencordDesktop"; } - { title = "vesktop"; } - { app-id = "vesktop"; } - - { title = "Slack"; } - ]; - } - { - open-on-workspace = cfg.workspaces."99".name; - open-maximized = true; - matches = [ - { app-id = "thunderbird"; } - { app-id = "evolution"; } - ]; - } - # Floating - { - open-floating = true; - matches = [ - { app-id = ".*float.*"; } - { app-id = "org\\.freedesktop\\.impl\\.portal\\.desktop\\..*"; } - { title = ".*float.*"; } - { title = "Extension: .*Bitwarden.*"; } - { app-id = "Rofi"; } - ]; - } - - # xwaylandvideobridge - { - matches = [ { app-id = "^xwaylandvideobridge$"; } ]; - open-floating = true; - focus-ring.enable = false; - opacity = 0.0; - default-floating-position = { - x = 0; - y = 0; - relative-to = "bottom-right"; - }; - min-width = 1; - max-width = 1; - min-height = 1; - max-height = 1; - } - - # Kitty dimming - { - matches = [ { app-id = "kitty"; } ]; - excludes = [ { is-focused = true; } ]; - opacity = 0.95; - } - ]; - - layer-rules = [ - { - matches = [ { namespace = "^swaync-.*"; } ]; - block-out-from = "screen-capture"; - } - ]; - - binds = with config.lib.niri.actions; { - # Mod-Shift-/, which is usually the same as Mod-?, - # shows a list of important hotkeys. - "Mod+Shift+Slash".action = show-hotkey-overlay; - - # Some basic spawns - "Mod+Return".action = spawn (lib.getExe config.linux.graphical.defaults.terminal.package); - "Mod+Space".action = spawn "rofi" "-show" "drun"; - "Mod+R".action = sh app-menu; - "Mod+Semicolon".action = spawn cfg.lock-command; - "Mod+Shift+P".action = spawn "rofi-rbw-script"; - - # Audio and Volume - "XF86AudioPrev" = { - action = spawn playerctl "previous"; - allow-when-locked = true; - }; - "XF86AudioPlay" = { - action = spawn playerctl "play-pause"; - allow-when-locked = true; - }; - "Shift+XF86AudioPlay" = { - action = spawn playerctl "stop"; - allow-when-locked = true; - }; - "XF86AudioNext" = { - action = spawn playerctl "next"; - allow-when-locked = true; - }; - "XF86AudioRecord" = { - action = spawn amixer "-q" "set" "Capture" "toggle"; - allow-when-locked = true; - }; - "XF86AudioMute" = { - action = spawn amixer "-q" "set" "Master" "toggle"; - allow-when-locked = true; - }; - "XF86AudioLowerVolume" = { - action = spawn amixer "-q" "set" "Master" "3%-"; - allow-when-locked = true; - }; - "XF86AudioRaiseVolume" = { - action = spawn amixer "-q" "set" "Master" "3%+"; - allow-when-locked = true; - }; - - # Backlight - "XF86MonBrightnessDown".action = spawn brightnessctl "s" "10%-"; - "XF86MonBrightnessUp".action = spawn brightnessctl "s" "10%+"; - "Shift+XF86MonBrightnessDown".action = spawn brightnessctl "-d" "kbd_backlight" "s" "25%-"; - "Shift+XF86MonBrightnessUp".action = spawn brightnessctl "-d" "kbd_backlight" "s" "25%+"; - - "Mod+Shift+Q".action = close-window; - - "Mod+Left".action = focus-column-or-monitor-left; - "Mod+Right".action = focus-column-or-monitor-right; - "Mod+Up".action = focus-window-or-workspace-up; - "Mod+Down".action = focus-window-or-workspace-down; - "Mod+H".action = focus-column-or-monitor-left; - "Mod+L".action = focus-column-or-monitor-right; - "Mod+K".action = focus-window-or-workspace-up; - "Mod+J".action = focus-window-or-workspace-down; - - "Mod+Shift+Left".action = move-column-left-or-to-monitor-left; - "Mod+Shift+Right".action = move-column-right-or-to-monitor-right; - "Mod+Shift+Up".action = move-window-up-or-to-workspace-up; - "Mod+Shift+Down".action = move-window-down-or-to-workspace-down; - "Mod+Shift+H".action = move-column-left-or-to-monitor-left; - "Mod+Shift+L".action = move-column-right-or-to-monitor-right; - "Mod+Shift+K".action = move-window-up-or-to-workspace-up; - "Mod+Shift+J".action = move-window-down-or-to-workspace-down; - - "Mod+Bracketleft".action = focus-column-first; - "Mod+Bracketright".action = focus-column-last; - "Mod+Shift+Bracketleft".action = move-column-to-first; - "Mod+Shift+Bracketright".action = move-column-to-last; - - # For compat with my current sway - "Mod+Ctrl+H".action = move-workspace-to-monitor-left; - "Mod+Ctrl+L".action = move-workspace-to-monitor-right; - - "Mod+I".action = focus-workspace-down; - "Mod+O".action = focus-workspace-up; - "Mod+Shift+I".action = move-column-to-workspace-down; - "Mod+Shift+O".action = move-column-to-workspace-up; - "Mod+Ctrl+I".action = move-workspace-down; - "Mod+Ctrl+O".action = move-workspace-up; - - # Mouse bindings - "Mod+WheelScrollDown" = { - action = focus-workspace-down; - cooldown-ms = 150; - }; - "Mod+WheelScrollUp" = { - action = focus-workspace-up; - cooldown-ms = 150; - }; - "Mod+Ctrl+WheelScrollDown" = { - action = move-column-to-workspace-down; - cooldown-ms = 150; - }; - "Mod+Ctrl+WheelScrollUp" = { - action = move-column-to-workspace-up; - cooldown-ms = 150; - }; - - "Mod+WheelScrollRight".action = focus-column-right; - "Mod+WheelScrollLeft".action = focus-column-left; - "Mod+Ctrl+WheelScrollRight".action = move-column-right; - "Mod+Ctrl+WheelScrollLeft".action = move-column-left; - - # You can refer to workspaces by index. However, keep in mind that - # niri is a dynamic workspace system, so these commands are kind of - # "best effort". Trying to refer to a workspace index bigger than - # the current workspace count will instead refer to the bottommost - # (empty) workspace. - # - # For example, with 2 workspaces + 1 empty, indices 3, 4, 5 and so on - # will all refer to the 3rd workspace. - "Mod+1" = lib.mkIf cfg.workspaces."01".fixed { - action = focus-workspace (cfg.workspaces."01".name); - }; - "Mod+2" = lib.mkIf cfg.workspaces."02".fixed { - action = focus-workspace (cfg.workspaces."02".name); - }; - "Mod+3" = lib.mkIf cfg.workspaces."03".fixed { - action = focus-workspace (cfg.workspaces."03".name); - }; - "Mod+4" = lib.mkIf cfg.workspaces."04".fixed { - action = focus-workspace (cfg.workspaces."04".name); - }; - "Mod+5" = lib.mkIf cfg.workspaces."05".fixed { - action = focus-workspace (cfg.workspaces."05".name); - }; - "Mod+6" = lib.mkIf cfg.workspaces."06".fixed { - action = focus-workspace (cfg.workspaces."06".name); - }; - "Mod+7" = lib.mkIf cfg.workspaces."07".fixed { - action = focus-workspace (cfg.workspaces."07".name); - }; - "Mod+8" = lib.mkIf cfg.workspaces."08".fixed { - action = focus-workspace (cfg.workspaces."08".name); - }; - "Mod+9" = lib.mkIf cfg.workspaces."09".fixed { - action = focus-workspace (cfg.workspaces."09".name); - }; - "Mod+0" = lib.mkIf cfg.workspaces."10".fixed { - action = focus-workspace (cfg.workspaces."10".name); - }; - "Mod+Shift+1" = lib.mkIf cfg.workspaces."01".fixed { - action = move-column-to-workspace (cfg.workspaces."01".name); - }; - "Mod+Shift+2" = lib.mkIf cfg.workspaces."02".fixed { - action = move-column-to-workspace (cfg.workspaces."02".name); - }; - "Mod+Shift+3" = lib.mkIf cfg.workspaces."03".fixed { - action = move-column-to-workspace (cfg.workspaces."03".name); - }; - "Mod+Shift+4" = lib.mkIf cfg.workspaces."04".fixed { - action = move-column-to-workspace (cfg.workspaces."04".name); - }; - "Mod+Shift+5" = lib.mkIf cfg.workspaces."05".fixed { - action = move-column-to-workspace (cfg.workspaces."05".name); - }; - "Mod+Shift+6" = lib.mkIf cfg.workspaces."06".fixed { - action = move-column-to-workspace (cfg.workspaces."06".name); - }; - "Mod+Shift+7" = lib.mkIf cfg.workspaces."07".fixed { - action = move-column-to-workspace (cfg.workspaces."07".name); - }; - "Mod+Shift+8" = lib.mkIf cfg.workspaces."08".fixed { - action = move-column-to-workspace (cfg.workspaces."08".name); - }; - "Mod+Shift+9" = lib.mkIf cfg.workspaces."09".fixed { - action = move-column-to-workspace (cfg.workspaces."09".name); - }; - "Mod+Shift+0" = lib.mkIf cfg.workspaces."10".fixed { - action = move-column-to-workspace (cfg.workspaces."10".name); - }; - - "Mod+asciicircum".action = focus-workspace (cfg.workspaces."99".name); - "Mod+Shift+asciicircum".action = move-column-to-workspace (cfg.workspaces."99".name); - - "Mod+Tab".action = focus-workspace-previous; - - "Mod+Comma".action = consume-or-expel-window-left; - "Mod+Period".action = consume-or-expel-window-right; - - "Mod+W".action = switch-preset-column-width; - "Mod+Shift+W".action = switch-preset-window-height; - "Mod+Ctrl+W".action = reset-window-height; - "Mod+F".action = maximize-column; - "Mod+Shift+F".action = fullscreen-window; - "Mod+E".action = center-column; - - "Mod+Minus".action = set-column-width "-10%"; - "Mod+At".action = set-column-width "+10%"; - "Mod+Shift+Minus".action = set-window-height "-10%"; - "Mod+Shift+At".action = set-window-height "+10%"; - - "Mod+V".action = switch-focus-between-floating-and-tiling; - "Mod+Shift+V".action = toggle-window-floating; - "Mod+Shift+Space".action = toggle-window-floating; # Sway compat - - "Print".action = screenshot; - "Ctrl+Print".action.screenshot-screen = [ ]; - "Shift+Print".action = screenshot-window; - - "Mod+Shift+E".action = quit; - }; - }; - }; -} diff --git a/home/modules/programs/my-sway/default.nix b/home/modules/programs/my-sway/default.nix index efa6fe4..ed10524 100644 --- a/home/modules/programs/my-sway/default.nix +++ b/home/modules/programs/my-sway/default.nix @@ -1,11 +1,4 @@ -{ - pkgs, - lib, - options, - config, - osConfig, - ... -}: +{ pkgs, lib, options, config, ... }: with lib; let cfg = config.programs.my-sway; @@ -29,14 +22,12 @@ let mail = "📧 Email"; }; wsAttrs = builtins.listToAttrs ( - map (i: { - name = toString (remainder i 10); - value = builtins.elemAt workspaces (i - 1); - }) (range 1 11) + map + (i: { name = toString (remainder i 10); value = builtins.elemAt workspaces (i - 1); }) + (range 1 11) ); remainder = x: y: x - (builtins.div x y) * y; - range = - from: to: + range = from: to: let f = cur: if cur == to then [ ] else [ cur ] ++ f (cur + 1); in @@ -53,16 +44,22 @@ let ${pkgs.grim}/bin/grim -g (${pkgs.slurp}/bin/slurp) - | ${pkgs.swappy}/bin/swappy -f - ''; - playerctl = "${pkgs.playerctl}/bin/playerctl"; - terminalCmd = lib.getExe config.linux.graphical.defaults.terminal.package; + rofi-rbw-script = pkgs.writeShellApplication { + name = "rofi-rbw-script"; + runtimeInputs = with pkgs; [ rofi wtype rofi-rbw ]; + text = "rofi-rbw"; + }; + + ignored-devices = [ "Surface_Headphones" ]; + playerctl = "${pkgs.playerctl}/bin/playerctl --ignore-player=${strings.concatStringsSep "," ignored-devices}"; + in { # imports = [ ./ibus.nix ]; options.programs.my-sway = { enable = mkEnableOption "Enable the sway configuration"; - package = mkPackageOption pkgs "swayfx" { }; fontSize = mkOption { type = types.float; description = "The default font size"; @@ -73,72 +70,69 @@ in default = true; }; wallpaper = mkOption { - type = types.oneOf [ - types.path - types.str - ]; + type = types.oneOf [ types.path types.str ]; description = "Path to the wallpaper to be used"; - default = config.linux.graphical.wallpaper; + default = ""; + }; + terminal = mkOption { + type = types.str; + description = "The command to the terminal emulator to be used"; + default = "${config.programs.kitty.package}/bin/kitty"; }; browser = mkOption { type = types.str; description = "The command for the browser"; - default = lib.getExe config.linux.graphical.defaults.webBrowser.package; - }; - - enableLaptop = lib.mkOption { - type = lib.types.bool; - description = "Whether to enable laptop-specific stuff"; - default = true; + default = "${pkgs.firefox-wayland}/bin/firefox"; }; lockCmd = mkOption { type = types.str; description = "The screen lock command"; - default = - "${pkgs.swaylock}/bin/swaylock" + default = "${pkgs.swaylock}/bin/swaylock" + (if cfg.wallpaper == "" then "" else " -i ${cfg.wallpaper} -s fill") + " -l -k"; }; - }; + enableLaptopBars = mkOption { + type = types.bool; + description = "Whether to enable laptop-specific bars (battery)"; + default = true; + }; + enableMpd = mkOption { + type = types.bool; + description = "Whether to enable mpd on waybar"; + default = false; + }; - config.systemd.user.targets.sway-session = mkIf cfg.enable { - Unit.Before = [ - "tray.target" - "xwayland.target" - "xdg-desktop-portal.service" - "xdg-desktop-autostart.target" - ]; - Unit.Upholds = [ "waybar.service" ]; - Unit.Wants = [ "xdg-desktop-autostart.target" ]; + waybar = { + makeBars = mkOption { + type = types.raw; + description = "Create bars with the barWith function, return a list of bars"; + default = barWith: [ (barWith { }) ]; + }; + extraSettings = mkOption { + type = types.raw; + description = "Extra settings to be included with every default bar"; + default = { }; + }; + extraStyle = mkOption { + type = types.str; + description = "Additional style for the default waybar"; + default = ""; + }; + }; }; - # Enable waybar - config.programs.my-waybar = mkIf cfg.enable { - enable = true; - fontSize = mkDefault cfg.fontSize; - enableLaptopBars = mkDefault cfg.enableLaptop; - }; - config.systemd.user.services.swaync.Install.WantedBy = mkIf cfg.enable [ "sway-session.target" ]; - config.wayland.windowManager.sway = mkIf cfg.enable { enable = true; - package = cfg.package; systemd.enable = true; - systemd.variables = - options.wayland.windowManager.sway.systemd.variables.default - ++ [ - "PATH" # for portals - "XDG_DATA_DIRS" # For extra icons - "XDG_DATA_HOME" # For extra icons - ] - ++ lib.optionals osConfig.services.desktopManager.plasma6.enable [ - "XDG_MENU_PREFIX" - ]; - # systemd.extraCommands = options.wayland.windowManager.sway.systemd.extraCommands.default - # ++ [ - # "systemctl --user restart xdg-desktop-portal.service" - # ]; + systemd.variables = options.wayland.windowManager.sway.systemd.variables.default ++ [ + "PATH" # for portals + "XDG_DATA_DIRS" # For extra icons + "XDG_DATA_HOME" # For extra icons + ]; + systemd.extraCommands = options.wayland.windowManager.sway.systemd.extraCommands.default ++ [ + "systemctl --user restart xdg-desktop-portal.service" + ]; checkConfig = false; # Not working atm config = { @@ -158,20 +152,19 @@ in ### Seats # # Cursor - seat."*".xcursor_theme = - "${config.home.pointerCursor.name} ${toString config.home.pointerCursor.size}"; + seat."*".xcursor_theme = "${config.home.pointerCursor.name} ${toString config.home.pointerCursor.size}"; ### Programs # # Terminal - terminal = terminalCmd; + terminal = cfg.terminal; menu = "${pkgs.dmenu}/bin/dmenu_path | ${pkgs.bemenu}/bin/bemenu | ${pkgs.findutils}/bin/xargs swaymsg exec --"; # Startup startup = [ - # # Dex for autostart - # { command = "${pkgs.dex}/bin/dex -ae sway"; } - # # Waybar - # { command = "systemctl --user restart waybar"; always = true; } + # Dex for autostart + { command = "${pkgs.dex}/bin/dex -ae sway"; } + # Waybar + { command = "systemctl --user restart waybar"; always = true; } # IME { command = "fcitx5"; } ]; @@ -180,120 +173,110 @@ in # # Main modifier modifier = mod; - keybindings = - { - ### Default Bindings - # - ## App management - "${mod}+Return" = "exec ${swayCfg.config.terminal}"; - "${mod}+Shift+q" = "kill"; - "${mod}+d" = "exec ${swayCfg.config.menu}"; - ## Windowing - # Focus - "${mod}+${swayCfg.config.left}" = "focus left"; - "${mod}+${swayCfg.config.down}" = "focus down"; - "${mod}+${swayCfg.config.up}" = "focus up"; - "${mod}+${swayCfg.config.right}" = "focus right"; - "${mod}+Left" = "focus left"; - "${mod}+Down" = "focus down"; - "${mod}+Up" = "focus up"; - "${mod}+Right" = "focus right"; - # Move - "${mod}+Shift+${swayCfg.config.left}" = "move left"; - "${mod}+Shift+${swayCfg.config.down}" = "move down"; - "${mod}+Shift+${swayCfg.config.up}" = "move up"; - "${mod}+Shift+${swayCfg.config.right}" = "move right"; - "${mod}+Shift+Left" = "move left"; - "${mod}+Shift+Down" = "move down"; - "${mod}+Shift+Up" = "move up"; - "${mod}+Shift+Right" = "move right"; - # Toggles - "${mod}+f" = "fullscreen toggle"; - "${mod}+a" = "focus parent"; - # Layouts - "${mod}+s" = "layout stacking"; - "${mod}+w" = "layout tabbed"; - "${mod}+e" = "layout toggle split"; - # Floating - "${mod}+Shift+space" = "floating toggle"; - # Scratchpad - "${mod}+Shift+minus" = "move scratchpad"; - # Resize - "${mod}+r" = "mode resize"; - "${mod}+minus" = "scratchpad show"; - ## Reload and exit - "${mod}+Shift+c" = "reload"; - "${mod}+Shift+e" = - "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; - # Launcher - "${mod}+space" = "exec rofi -show drun"; - "${mod}+tab" = "exec ${./rofi-window.py}"; - "${mod}+shift+p" = "exec rofi-rbw-script"; - } - // { - ## Splits - "${mod}+v" = "split v"; - "${mod}+Shift+v" = "split h"; - ## Run - "${mod}+r" = "exec ${config.wayland.windowManager.sway.config.menu}"; - "${mod}+Shift+r" = "mode resize"; - ## Screenshot - "Print" = "exec ${screenshotScript}/bin/screenshot"; - "Shift+Print" = "exec ${screenshotEditScript}/bin/screenshot"; - ## Locking - "${mod}+semicolon" = "exec ${cfg.lockCmd}"; - ## Multimedia - "XF86AudioPrev" = "exec ${playerctl} previous"; - "XF86AudioPlay" = "exec ${playerctl} play-pause"; - "Shift+XF86AudioPlay" = "exec ${playerctl} stop"; - "XF86AudioNext" = "exec ${playerctl} next"; - "XF86AudioRecord" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Capture toggle"; - "XF86AudioMute" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master toggle"; - "XF86AudioLowerVolume" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master 3%-"; - "XF86AudioRaiseVolume" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master 3%+"; - ## Backlight - "XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 10%-"; - "XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 10%+"; - "Shift+XF86MonBrightnessDown" = - "exec ${pkgs.brightnessctl}/bin/brightnessctl -d kbd_backlight s 25%-"; - "Shift+XF86MonBrightnessUp" = - "exec ${pkgs.brightnessctl}/bin/brightnessctl -d kbd_backlight s 25%+"; - } - // - # Map the workspaces - (builtins.listToAttrs ( - lib.flatten ( - map (key: [ - { - name = "${mod}+${key}"; - value = "workspace ${builtins.getAttr key wsAttrs}"; - } - { - name = "${mod}+Shift+${key}"; - value = "move to workspace ${builtins.getAttr key wsAttrs}"; - } - ]) (builtins.attrNames wsAttrs) - ) - )) - // { - # Extra workspaces - "${mod}+asciicircum" = "workspace ${extraWorkspaces.mail}"; - "${mod}+shift+asciicircum" = "move to workspace ${extraWorkspaces.mail}"; - } - // - # Move workspaces between outputs + keybindings = { + ### Default Bindings + # + ## App management + "${mod}+Return" = "exec ${swayCfg.config.terminal}"; + "${mod}+Shift+q" = "kill"; + "${mod}+d" = "exec ${swayCfg.config.menu}"; + ## Windowing + # Focus + "${mod}+${swayCfg.config.left}" = "focus left"; + "${mod}+${swayCfg.config.down}" = "focus down"; + "${mod}+${swayCfg.config.up}" = "focus up"; + "${mod}+${swayCfg.config.right}" = "focus right"; + "${mod}+Left" = "focus left"; + "${mod}+Down" = "focus down"; + "${mod}+Up" = "focus up"; + "${mod}+Right" = "focus right"; + # Move + "${mod}+Shift+${swayCfg.config.left}" = "move left"; + "${mod}+Shift+${swayCfg.config.down}" = "move down"; + "${mod}+Shift+${swayCfg.config.up}" = "move up"; + "${mod}+Shift+${swayCfg.config.right}" = "move right"; + "${mod}+Shift+Left" = "move left"; + "${mod}+Shift+Down" = "move down"; + "${mod}+Shift+Up" = "move up"; + "${mod}+Shift+Right" = "move right"; + # Toggles + "${mod}+f" = "fullscreen toggle"; + "${mod}+a" = "focus parent"; + # Layouts + "${mod}+s" = "layout stacking"; + "${mod}+w" = "layout tabbed"; + "${mod}+e" = "layout toggle split"; + # Floating + "${mod}+Shift+space" = "floating toggle"; + # Scratchpad + "${mod}+Shift+minus" = "move scratchpad"; + # Resize + "${mod}+r" = "mode resize"; + "${mod}+minus" = "scratchpad show"; + ## Reload and exit + "${mod}+Shift+c" = "reload"; + "${mod}+Shift+e" = + "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; + # Launcher + "${mod}+space" = "exec rofi -show drun"; + "${mod}+tab" = "exec ${./rofi-window.py}"; + "${mod}+shift+p" = "exec ${lib.getExe rofi-rbw-script}"; + } // { + ## Splits + "${mod}+v" = "split v"; + "${mod}+Shift+v" = "split h"; + ## Run + "${mod}+r" = "exec ${config.wayland.windowManager.sway.config.menu}"; + "${mod}+Shift+r" = "mode resize"; + ## Screenshot + "Print" = "exec ${screenshotScript}/bin/screenshot"; + "Shift+Print" = "exec ${screenshotEditScript}/bin/screenshot"; + ## Locking + "${mod}+semicolon" = "exec ${cfg.lockCmd}"; + ## Multimedia + "XF86AudioPrev" = "exec ${playerctl} previous"; + "XF86AudioPlay" = "exec ${playerctl} play-pause"; + "Shift+XF86AudioPlay" = "exec ${playerctl} stop"; + "XF86AudioNext" = "exec ${playerctl} next"; + "XF86AudioRecord" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Capture toggle"; + "XF86AudioMute" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master toggle"; + "XF86AudioLowerVolume" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master 3%-"; + "XF86AudioRaiseVolume" = "exec ${pkgs.alsa-utils}/bin/amixer -q set Master 3%+"; + ## Backlight + "XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 10%-"; + "XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl s 10%+"; + "Shift+XF86MonBrightnessDown" = "exec ${pkgs.brightnessctl}/bin/brightnessctl -d kbd_backlight s 25%-"; + "Shift+XF86MonBrightnessUp" = "exec ${pkgs.brightnessctl}/bin/brightnessctl -d kbd_backlight s 25%+"; + } // + # Map the workspaces + (builtins.listToAttrs (lib.flatten (map + (key: [ { - "${mod}+ctrl+h" = "move workspace to output left"; - "${mod}+ctrl+l" = "move workspace to output right"; - }; + name = "${mod}+${key}"; + value = "workspace ${builtins.getAttr key wsAttrs}"; + } + { + name = "${mod}+Shift+${key}"; + value = "move to workspace ${builtins.getAttr key wsAttrs}"; + } + ]) + (builtins.attrNames wsAttrs)) + )) // + { + # Extra workspaces + "${mod}+asciicircum" = "workspace ${extraWorkspaces.mail}"; + "${mod}+shift+asciicircum" = "move to workspace ${extraWorkspaces.mail}"; + } // + # Move workspaces between outputs + { + "${mod}+ctrl+h" = "move workspace to output left"; + "${mod}+ctrl+l" = "move workspace to output right"; + }; ### Fonts # fonts = { - names = [ - "monospace" - "FontAwesome5Free" - ]; + names = [ "monospace" "FontAwesome5Free" ]; size = cfg.fontSize; }; @@ -311,9 +294,7 @@ in # Assigning windows to workspaces assigns = { "${builtins.elemAt workspaces 0}" = [ - { app_id = "^firefox$"; } - { app_id = "^librewolf$"; } - { app_id = "^zen$"; } + { class = "^firefox$"; } ]; "${builtins.elemAt workspaces 1}" = [ { class = "^((d|D)iscord|((A|a)rm(c|C)ord))$"; } @@ -321,8 +302,6 @@ in { app_id = "VencordDesktop"; } { class = "vesktop"; } { app_id = "vesktop"; } - - { class = "Slack"; } ]; ${extraWorkspaces.mail} = [ { app_id = "thunderbird"; } @@ -330,31 +309,21 @@ in ]; }; # Commands - window.commands = - [ - { - criteria = { - title = ".*"; - }; - command = "inhibit_idle fullscreen"; - } - ] - ++ ( - # Floating assignments - let - criterias = [ - { app_id = ".*float.*"; } - { app_id = "org\\.freedesktop\\.impl\\.portal\\.desktop\\..*"; } - { class = ".*float.*"; } - { title = "Extension: .*Bitwarden.*"; } - ]; - toCommand = criteria: { - inherit criteria; - command = "floating enable"; - }; - in - map toCommand criterias - ); + window.commands = [ + { criteria = { title = ".*"; }; command = "inhibit_idle fullscreen"; } + ] ++ ( + # Floating assignments + let + criterias = [ + { app_id = ".*float.*"; } + { app_id = "org\\.freedesktop\\.impl\\.portal\\.desktop\\..*"; } + { class = ".*float.*"; } + { title = "Extension: .*Bitwarden.*"; } + ]; + toCommand = criteria: { inherit criteria; command = "floating enable"; }; + in + map toCommand criterias + ); # Focus focus.followMouse = true; focus.mouseWarping = true; @@ -376,50 +345,34 @@ in # swaynag swaynag.enable = true; # Environment Variables - extraSessionCommands = - '' - export QT_QPA_PLATFORM=wayland - export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" - export QT_IM_MODULE=fcitx - export GTK_IM_MODULE=fcitx # Til text-input is merged - # export NIXOS_OZONE_WL=1 # Until text-input is merged + extraSessionCommands = '' + export QT_QPA_PLATFORM=wayland + export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" + export QT_IM_MODULE=fcitx + export GTK_IM_MODULE=fcitx # Til text-input is merged + # export NIXOS_OZONE_WL=1 # Until text-input is merged - '' - + ( - if config.services.gnome-keyring.enable then - '' - # gnome-keyring - if type gnome-keyring-daemon >/dev/null; then - eval `gnome-keyring-daemon` - export SSH_AUTH_SOCK - fi - '' - else - "" - ) - + lib.optionalString osConfig.services.desktopManager.plasma6.enable '' - export XDG_MENU_PREFIX=plasma- - ''; + '' + (if config.services.gnome-keyring.enable then '' + # gnome-keyring + if type gnome-keyring-daemon >/dev/null; then + eval `gnome-keyring-daemon` + export SSH_AUTH_SOCK + fi + '' else ""); # Extra wrapperFeatures.base = true; wrapperFeatures.gtk = true; extraConfig = - ( - if cfg.enableLaptop then - '' - # Lock screen on lid close - bindswitch lid:off exec ${cfg.lockCmd} + (if cfg.enableLaptopBars then '' + # Lock screen on lid close + bindswitch lid:off exec ${cfg.lockCmd} - # Gesture bindings - bindgesture swipe:3:right workspace prev - bindgesture swipe:3:left workspace next - bindgesture swipe:3:up exec ${./rofi-window.py} - '' - else - "" - ) - + '' + # Gesture bindings + bindgesture swipe:3:right workspace prev + bindgesture swipe:3:left workspace next + bindgesture swipe:3:up exec ${./rofi-window.py} + '' else "") + '' ## swayfx stuff # Rounded corners corner_radius 5 @@ -434,10 +387,10 @@ in # Blur for_window [app_id=".*kitty.*"] blur enable blur_xray disable - '' - + '' + '' + '' # Enable portal stuff - exec ${pkgs.writeShellScript "start-portals.sh" ''''} + exec ${pkgs.writeShellScript "start-portals.sh" '' + ''} ''; }; @@ -449,28 +402,388 @@ in # { timeout = 15 * 60; command = cfg.lockCmd; } ]; events = [ - { - event = "lock"; - command = cfg.lockCmd; - } - { - event = "before-sleep"; - command = cfg.lockCmd; - } + { event = "lock"; command = cfg.lockCmd; } + { event = "before-sleep"; command = cfg.lockCmd; } ]; }; - config.home.packages = mkIf cfg.enable ( - with pkgs; - [ - # Needed for QT_QPA_PLATFORM - kdePackages.qtwayland - # For waybar - font-awesome - ] - ); + config.programs.waybar = + let + barWith = { showMedia ? true, showConnectivity ? true, extraSettings ? { }, ... }: (mkMerge [{ + position = "top"; + modules-left = [ + "sway/workspaces" + "sway/mode" + "sway/window" + ]; + modules-center = [ + ]; + modules-right = + lib.optional showMedia (if cfg.enableMpd then "mpd" else "custom/media") + ++ [ + "tray" + "pulseaudio" + ] ++ lib.optionals showConnectivity [ + "bluetooth" + "network" + ] ++ [ + "cpu" + "memory" + "temperature" + ] ++ lib.optionals cfg.enableLaptopBars [ "battery" "battery#bat2" ] + ++ [ + "clock" + ]; + modules = { + "sway/workspaces" = { + format = "{name}"; + }; + "sway/mode" = { + format = "{}"; + }; + "sway/window" = { + max-length = 70; + format = "{title}"; + "rewrite" = { + "(.*) — Mozilla Firefox" = "[🌎] $1"; + "(.*) - Mozilla Thunderbird" = "[📧] $1"; + "(.*) - Kakoune" = "[⌨️] $1"; + "(.*) - fish" = "[>_] $1"; + "(.*) - Discord" = "[🗨️] $1"; + # ArmCord thing + "• Discord \\| (.*)" = "[🗨️] $1"; + "\\((\\d+)\\) Discord \\| (.*)" = "[🗨️] {$1} $2"; + }; + }; + "tray" = { + icon-size = 21; + spacing = 10; + }; + "clock" = { + # format = "{:📅 %Y-%m-%d | 🕰️ %H:%M [%Z]}"; + format = "📅 {0:%Y-%m-%d} |️ 🕰️ {0:%H:%M [%Z]}"; + tooltip-format = "\n{calendar}"; + timezones = [ + "Europe/Zurich" + "America/Toronto" + "Asia/Tokyo" + "Asia/Ho_Chi_Minh" + ]; + calendar = { + mode = "year"; + mode-mon-col = 3; + weeks-pos = "right"; + on-scroll = 1; + on-click-right = "mode"; + format = { + months = "{}"; + days = "{}"; + weeks = "W{}"; + weekdays = "日 月 火 水 木 金 土"; # See https://github.com/Alexays/Waybar/issues/3132 + today = "{}"; + }; + }; + actions = { + on-click-middle = "mode"; + on-click-right = "tz_up"; + on-scroll-up = "shift_up"; + on-scroll-down = "shift_down"; + }; + }; + "cpu" = { + format = "{usage}% "; + }; + "memory" = { + format = "{}% "; + }; + "temperature" = { + # thermal-zone = 2; + # hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input"; + critical-threshold = 80; + # format-critical = "{temperatureC}°C "; + format = "{temperatureC}°C "; + }; + "backlight" = { + # device = "acpi_video1"; + format = "{percent}% {icon}"; + states = [ 0 50 ]; + format-icons = [ "" "" ]; + }; + "battery" = mkIf cfg.enableLaptopBars { + states = { + good = 95; + warning = 30; + critical = 15; + }; + format = "{capacity}% {icon}"; + # format-good = ""; # An empty format will hide the module + # format-full = ""; + format-icons = [ "" "" "" "" "" ]; + }; + "battery#bat2" = mkIf cfg.enableLaptopBars { + bat = "BAT2"; + }; + "network" = { + # interface = wlp2s0 # (Optional) To force the use of this interface + format-wifi = "{essid} ({signalStrength}%) "; + format-ethernet = "{ifname}: {ipaddr}/{cidr} "; + format-disconnected = "Disconnected ⚠"; + interval = 7; + }; + "bluetooth" = { + format = " {status}"; + format-connected = " {device_alias}"; + format-connected-battery = " {device_alias} {device_battery_percentage}%"; + # format-device-preference= [ "device1", "device2" ], // preference list deciding the displayed devic; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + on-click = "${pkgs.blueman}/bin/blueman-manager"; + }; + "pulseaudio" = { + # scroll-step = 1; + format = "{volume}% {icon}"; + format-bluetooth = "{volume}% {icon}"; + format-muted = ""; + format-icons = { + headphones = ""; + handsfree = ""; + headset = ""; + phone = ""; + portable = ""; + car = ""; + default = [ "" "" ]; + }; + on-click = "${pkgs.pavucontrol}/bin/pavucontrol"; + }; + "mpd" = { + "format" = "{stateIcon} {consumeIcon}{randomIcon}{repeatIcon}{singleIcon}{artist} - {album} - {title} ({elapsedTime:%M:%S}/{totalTime:%M:%S}) 🎧"; + "format-disconnected" = "Disconnected 🎧"; + "format-stopped" = "{consumeIcon}{randomIcon}{repeatIcon}{singleIcon}Stopped 🎧"; + "interval" = 2; + "consume-icons" = { + "on" = " "; # Icon shows only when "consume" is on + }; + "random-icons" = { + "off" = " "; # Icon grayed out when "random" is off; + "on" = " "; + }; + "repeat-icons" = { + "on" = " "; + }; + "single-icons" = { + "on" = "1 "; + }; + "state-icons" = { + "paused" = ""; + "playing" = ""; + }; + "tooltip-format" = "MPD (connected)"; + "tooltip-format-disconnected" = "MPD (disconnected)"; + "on-click" = "${pkgs.mpc_cli}/bin/mpc toggle"; + "on-click-right" = "${pkgs.mpc_cli}/bin/mpc stop"; + "on-click-middle" = "${cfg.terminal} --class=kitty_ncmpcpp ${pkgs.ncmpcpp}/bin/ncmpcpp"; + }; + "custom/media" = { + "format" = "{icon}{}"; + "return-type" = "json"; + "format-icons" = { + "Playing" = " "; + "Paused" = " "; + }; + "max-length" = 80; + "exec" = "${playerctl} -a metadata --format '{\"text\": \"{{artist}} - {{markup_escape(title)}}\", \"tooltip\": \"{{playerName}} : {{markup_escape(title)}}\", \"alt\": \"{{status}}\", \"class\": \"{{status}}\"}' -F"; + "on-click" = "${playerctl} play-pause"; + }; + }; + } + cfg.waybar.extraSettings + extraSettings]); + in + mkIf cfg.enable { + enable = true; + systemd.enable = true; + systemd.target = "sway-session.target"; + settings = cfg.waybar.makeBars barWith; + style = '' + * { + border: none; + border-radius: 0; + font-family: monospace, 'Font Awesome 5', 'Symbols Nerd Font Mono', 'SFNS Display', Helvetica, Arial, sans-serif; + font-size: ${toString (cfg.fontSize * 1.1)}px; + min-height: 0; + } + + window#waybar { + background: rgba(43, 48, 59, 0.8); + border-bottom: 3px solid rgba(100, 114, 125, 0.5); + color: #ffffff; + } + + window#waybar.hidden { + opacity: 0.0; + } + /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ + #workspaces button { + padding: 0 5px; + background: transparent; + color: #ffffff; + border-bottom: 3px solid transparent; + } + + #workspaces button.focused { + background: #64727D; + border-bottom: 3px solid #ffffff; + } + + #workspaces button.urgent { + background-color: #eb4d4b; + } + + #window, #sway, #sway-window { + padding-left: 1em; + margin-bottom: 0.4em; + } + + #mode { + background: #64727D; + border-bottom: 3px solid #ffffff; + } + + /* #clock, #battery, #cpu, #memory, #temperature, #backlight, #network, #pulseaudio, #bluetooth, #custom-media, #tray, #mode, #idle_inhibitor, #mpd { */ + .modules-right > * > * { + margin: 0.2em 0 0.4em 0; + padding: 0.2em 0.5em; + border: 1px solid rgba(0, 0, 0, 0.25); + border-radius: 0.3em; + } + + .modules-right > *:not(:last-child) > * { + margin-right: 0.4em; + } + + #clock { + background-color: #64727D; + } + + #battery { + background-color: #ffffff; + color: #000000; + } + + #battery.charging { + color: #ffffff; + background-color: #26A65B; + } + + @keyframes blink { + to { + background-color: #ffffff; + color: #000000; + } + } + + #battery.critical:not(.charging) { + background: #f53c3c; + color: #ffffff; + animation-name: blink; + animation-duration: 0.5s; + animation-timing-function: linear; + animation-iteration-count: infinite; + animation-direction: alternate; + } + + #cpu { + background: #2ecc71; + color: #000000; + } + + #memory { + background: #9b59b6; + } + + #backlight { + background: #90b1b1; + } + + #network { + background: #2980b9; + } + + #network.disconnected { + background: #f53c3c; + } + + #pulseaudio { + background: #f1c40f; + color: #000000; + } + + #pulseaudio.muted { + background: #90b1b1; + } + + #bluetooth { + background: DarkSlateBlue; + color: white; + } + + #custom-media { + background: #66cc99; + color: #2a5c45; + } + + .custom-spotify { + background: #66cc99; + } + + .custom-vlc { + background: #ffa000; + } + + #temperature { + background: #f0932b; + } + + #temperature.critical { + background: #eb4d4b; + } + + #tray { + background-color: #2980b9; + } + + #idle_inhibitor { + background-color: #2d3436; + } + + #idle_inhibitor.activated { + background-color: #ecf0f1; + color: #2d3436; + } + + #mpd { + background-color: teal; + color: white; + } + '' + cfg.waybar.extraStyle; + }; + config.home.packages = mkIf cfg.enable (with pkgs; [ + # Needed for QT_QPA_PLATFORM + kdePackages.qtwayland + # For waybar + font-awesome + ]); config.programs.rofi = mkIf cfg.enable { - font = lib.mkForce "monospace ${toString cfg.fontSize}"; + enable = true; + package = pkgs.rofi-wayland; + cycle = true; + font = "monospace ${toString cfg.fontSize}"; + terminal = cfg.terminal; + theme = "Paper"; + plugins = with pkgs; [ rofi-bluetooth rofi-calc rofi-rbw rofi-power-menu ]; }; } + diff --git a/home/modules/programs/my-sway/ibus.nix b/home/modules/programs/my-sway/ibus.nix index 4e7cf50..8e89474 100644 --- a/home/modules/programs/my-sway/ibus.nix +++ b/home/modules/programs/my-sway/ibus.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let cfg = config.programs.my-sway; @@ -11,22 +6,15 @@ let # Set up an ibus script ibusNext = ( let - input-methods = [ - "xkb:us::eng" - "mozc-jp" - "Bamboo" - ]; - next = - m: + input-methods = [ "xkb:us::eng" "mozc-jp" "Bamboo" ]; + next = m: let - nextRec = - l: - if (length l == 1) then - head input-methods - else if (m == head l) then - (head (tail l)) - else - nextRec (tail l); + nextRec = l: + if (length l == 1) + then head input-methods + else if (m == head l) + then (head (tail l)) + else nextRec (tail l); in nextRec input-methods; changeTo = m: '' @@ -64,3 +52,4 @@ in }; }; } + diff --git a/home/modules/programs/my-waybar.nix b/home/modules/programs/my-waybar.nix deleted file mode 100644 index 282a64f..0000000 --- a/home/modules/programs/my-waybar.nix +++ /dev/null @@ -1,469 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: -let - cfg = config.programs.my-waybar; -in -{ - options.programs.my-waybar = { - enable = lib.mkEnableOption "custom configuration for waybar"; - fontSize = lib.mkOption { - type = lib.types.float; - description = "The default font size"; - }; - terminal = lib.mkOption { - type = lib.types.str; - description = "The command to the terminal emulator to be used"; - default = "${lib.getExe config.linux.graphical.defaults.terminal.package}"; - }; - - enableLaptopBars = lib.mkOption { - type = lib.types.bool; - description = "Whether to enable laptop-specific bars (battery)"; - default = true; - }; - enableMpd = lib.mkOption { - type = lib.types.bool; - description = "Whether to enable mpd on waybar"; - default = false; - }; - - makeBars = lib.mkOption { - type = lib.types.raw; - description = "Create bars with the barWith function, return a list of bars"; - default = barWith: [ (barWith { }) ]; - }; - extraSettings = lib.mkOption { - type = lib.types.listOf lib.types.raw; - description = "Extra settings to be included with every default bar"; - default = [ ]; - }; - extraStyle = lib.mkOption { - type = lib.types.lines; - description = "Additional style for the default waybar"; - default = ""; - }; - }; - config.systemd.user.services.waybar = lib.mkIf cfg.enable { - Unit.Before = [ "tray.target" ]; - }; - config.programs.waybar = - let - barWith = - { - showMedia ? true, - showConnectivity ? true, - extraSettings ? { }, - ... - }: - lib.mkMerge ( - [ - { - layer = "top"; - position = "top"; - modules-left = [ - "sway/workspaces" - "sway/mode" - "sway/window" - "niri/workspaces" - "niri/window" - ]; - modules-center = [ - ]; - modules-right = - lib.optional showMedia (if cfg.enableMpd then "mpd" else "custom/media") - ++ [ - "tray" - "pulseaudio" - ] - ++ lib.optionals showConnectivity [ - "bluetooth" - "network" - ] - ++ [ - "cpu" - "memory" - "temperature" - ] - ++ lib.optionals cfg.enableLaptopBars [ - "battery" - "battery#bat2" - ] - ++ [ - "clock" - ]; - - modules = { - "sway/workspaces" = { - format = "{name}"; - }; - "sway/mode" = { - format = "{}"; - }; - "sway/window" = { - max-length = 70; - format = "{title}"; - "rewrite" = { - "(.*) — Mozilla Firefox" = "[🌎] $1"; - "(.*) - Mozilla Thunderbird" = "[📧] $1"; - "(.*) - Kakoune" = "[⌨️] $1"; - "(.*) - fish" = "[>_] $1"; - "(.*) - Discord" = "[🗨️] $1"; - # ArmCord thing - "• Discord \\| (.*)" = "[🗨️] $1"; - "\\((\\d+)\\) Discord \\| (.*)" = "[🗨️] {$1} $2"; - }; - }; - "niri/window" = { - format = "{title}"; - "rewrite" = { - "(.*) — Mozilla Firefox" = "[🌎] $1"; - "(.*) - Mozilla Thunderbird" = "[📧] $1"; - "(.*) - Kakoune" = "[⌨️] $1"; - "(.*) - fish" = "[>_] $1"; - "(.*) - Discord" = "[🗨️] $1"; - # ArmCord thing - "• Discord \\| (.*)" = "[🗨️] $1"; - "\\((\\d+)\\) Discord \\| (.*)" = "[🗨️] {$1} $2"; - }; - }; - "tray" = { - icon-size = 21; - spacing = 10; - }; - "clock" = { - # format = "{:📅 %Y-%m-%d | 🕰️ %H:%M [%Z]}"; - format = "📅 {0:%Y-%m-%d} |️ 🕰️ {0:%H:%M [%Z]}"; - tooltip-format = "\n{calendar}"; - timezones = [ - "Europe/Zurich" - "America/Toronto" - "Asia/Tokyo" - "Asia/Ho_Chi_Minh" - ]; - calendar = { - mode = "year"; - mode-mon-col = 3; - weeks-pos = "right"; - on-scroll = 1; - on-click-right = "mode"; - format = { - months = "{}"; - days = "{}"; - weeks = "W{}"; - weekdays = "日 月 火 水 木 金 土"; # See https://github.com/Alexays/Waybar/issues/3132 - today = "{}"; - }; - }; - actions = { - on-click-middle = "mode"; - on-click-right = "tz_up"; - on-scroll-up = "shift_up"; - on-scroll-down = "shift_down"; - }; - }; - "cpu" = { - format = "{usage}% "; - }; - "memory" = { - format = "{}% "; - }; - "temperature" = { - # thermal-zone = 2; - # hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input"; - critical-threshold = 80; - # format-critical = "{temperatureC}°C "; - format = "{temperatureC}°C "; - }; - "backlight" = { - # device = "acpi_video1"; - format = "{percent}% {icon}"; - states = [ - 0 - 50 - ]; - format-icons = [ - "" - "" - ]; - }; - "battery" = lib.mkIf cfg.enableLaptopBars { - states = { - good = 95; - warning = 30; - critical = 15; - }; - format = "{capacity}% {icon}"; - # format-good = ""; # An empty format will hide the module - # format-full = ""; - format-icons = [ - "" - "" - "" - "" - "" - ]; - }; - "battery#bat2" = lib.mkIf cfg.enableLaptopBars { - bat = "BAT2"; - }; - "network" = { - # interface = wlp2s0 # (Optional) To force the use of this interface - format-wifi = "{essid} ({signalStrength}%) "; - format-ethernet = "{ifname} "; - format-disconnected = "Disconnected ⚠"; - interval = 7; - on-click = "${cfg.terminal} ${lib.getExe' pkgs.iwd "iwctl"}"; - }; - "bluetooth" = { - format = " {status}"; - format-connected = " {device_alias}"; - format-connected-battery = " {device_alias} {device_battery_percentage}%"; - # format-device-preference= [ "device1", "device2" ], // preference list deciding the displayed devic; - tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; - tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; - tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; - tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; - on-click = "${pkgs.blueman}/bin/blueman-manager"; - }; - "pulseaudio" = { - # scroll-step = 1; - format = "{volume}% {icon}"; - format-bluetooth = "{volume}% {icon}"; - format-muted = ""; - format-icons = { - headphones = ""; - handsfree = ""; - headset = ""; - phone = ""; - portable = ""; - car = ""; - default = [ - "" - "" - ]; - }; - on-click = "${pkgs.pavucontrol}/bin/pavucontrol"; - }; - "mpd" = { - "format" = - "{stateIcon} {consumeIcon}{randomIcon}{repeatIcon}{singleIcon}{artist} - {album} - {title} ({elapsedTime:%M:%S}/{totalTime:%M:%S}) 🎧"; - "format-disconnected" = "Disconnected 🎧"; - "format-stopped" = "{consumeIcon}{randomIcon}{repeatIcon}{singleIcon}Stopped 🎧"; - "interval" = 2; - "consume-icons" = { - "on" = " "; # Icon shows only when "consume" is on - }; - "random-icons" = { - "off" = " "; # Icon grayed out when "random" is off; - "on" = " "; - }; - "repeat-icons" = { - "on" = " "; - }; - "single-icons" = { - "on" = "1 "; - }; - "state-icons" = { - "paused" = ""; - "playing" = ""; - }; - "tooltip-format" = "MPD (connected)"; - "tooltip-format-disconnected" = "MPD (disconnected)"; - "on-click" = "${pkgs.mpc_cli}/bin/mpc toggle"; - "on-click-right" = "${pkgs.mpc_cli}/bin/mpc stop"; - "on-click-middle" = "${cfg.terminal} --class=kitty_ncmpcpp ${pkgs.ncmpcpp}/bin/ncmpcpp"; - }; - "custom/media" = { - "format" = "{icon}{}"; - "return-type" = "json"; - "format-icons" = { - "Playing" = " "; - "Paused" = " "; - }; - "max-length" = 80; - "exec" = - "${lib.getExe pkgs.playerctl} -a metadata --format '{\"text\": \"{{artist}} - {{markup_escape(title)}}\", \"tooltip\": \"{{playerName}} : {{markup_escape(title)}}\", \"alt\": \"{{status}}\", \"class\": \"{{status}}\"}' -F"; - "on-click" = "${lib.getExe pkgs.playerctl} play-pause"; - }; - }; - } - ] - ++ cfg.extraSettings - ++ [ extraSettings ] - ); - in - lib.mkIf cfg.enable { - enable = true; - systemd.enable = true; - systemd.target = "sway-session.target"; - settings = cfg.makeBars barWith; - style = - '' - * { - border: none; - border-radius: 0; - font-family: monospace, 'Font Awesome 5', 'Symbols Nerd Font Mono', 'SFNS Display', Helvetica, Arial, sans-serif; - font-size: ${toString (cfg.fontSize * 1.1)}px; - min-height: 0; - } - - window#waybar { - background: rgba(43, 48, 59, 0.8); - border-bottom: 3px solid rgba(100, 114, 125, 0.5); - color: #ffffff; - } - - window#waybar.hidden { - opacity: 0.0; - } - /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ - #workspaces button { - padding: 0 5px; - background: transparent; - color: #ffffff; - border-bottom: 3px solid transparent; - } - - #workspaces button.focused { - background: #64727D; - border-bottom: 3px solid #ffffff; - } - - #workspaces button.urgent { - background-color: #eb4d4b; - } - - #window, #sway, #sway-window { - padding-left: 1em; - margin-bottom: 0.4em; - } - - #mode { - background: #64727D; - border-bottom: 3px solid #ffffff; - } - - /* #clock, #battery, #cpu, #memory, #temperature, #backlight, #network, #pulseaudio, #bluetooth, #custom-media, #tray, #mode, #idle_inhibitor, #mpd { */ - .modules-right > * > * { - margin: 0.2em 0 0.4em 0; - padding: 0.2em 0.5em; - border: 1px solid rgba(0, 0, 0, 0.25); - border-radius: 0.3em; - } - - .modules-right > *:not(:last-child) > * { - margin-right: 0.4em; - } - - #clock { - background-color: #64727D; - } - - #battery { - background-color: #ffffff; - color: #000000; - } - - #battery.charging { - color: #ffffff; - background-color: #26A65B; - } - - @keyframes blink { - to { - background-color: #ffffff; - color: #000000; - } - } - - #battery.critical:not(.charging) { - background: #f53c3c; - color: #ffffff; - animation-name: blink; - animation-duration: 0.5s; - animation-timing-function: linear; - animation-iteration-count: infinite; - animation-direction: alternate; - } - - #cpu { - background: #2ecc71; - color: #000000; - } - - #memory { - background: #9b59b6; - } - - #backlight { - background: #90b1b1; - } - - #network { - background: #2980b9; - } - - #network.disconnected { - background: #f53c3c; - } - - #pulseaudio { - background: #f1c40f; - color: #000000; - } - - #pulseaudio.muted { - background: #90b1b1; - } - - #bluetooth { - background: DarkSlateBlue; - color: white; - } - - #custom-media { - background: #66cc99; - color: #2a5c45; - } - - .custom-spotify { - background: #66cc99; - } - - .custom-vlc { - background: #ffa000; - } - - #temperature { - background: #f0932b; - } - - #temperature.critical { - background: #eb4d4b; - } - - #tray { - background-color: #2980b9; - } - - #idle_inhibitor { - background-color: #2d3436; - } - - #idle_inhibitor.activated { - background-color: #ecf0f1; - color: #2d3436; - } - - #mpd { - background-color: teal; - color: white; - } - '' - + cfg.extraStyle; - }; -} diff --git a/home/modules/programs/openconnect-epfl.nix b/home/modules/programs/openconnect-epfl.nix index d7a043a..228660b 100644 --- a/home/modules/programs/openconnect-epfl.nix +++ b/home/modules/programs/openconnect-epfl.nix @@ -1,25 +1,16 @@ -{ - pkgs, - lib, - config, - ... -}: +{ pkgs, lib, config, ... }: let openconnect-epfl = pkgs.writeShellApplication { name = "openconnect-epfl"; - runtimeInputs = with pkgs; [ - openconnect - rbw - ]; + runtimeInputs = with pkgs; [ openconnect rbw ]; text = '' - RBW_ENTRY="EPFL Microsoft Auth" - GASPAR_PASSWORD=$(rbw get "$RBW_ENTRY") - GASPAR_TOKEN=$(rbw code "$RBW_ENTRY") + GASPAR_PASSWORD=$(rbw get gaspar) + GASPAR_TOKEN=$(rbw code gaspar) - printf "%s\n" "$GASPAR_PASSWORD" "$GASPAR_TOKEN" | command sudo openconnect \ + printf "%s\n%s\n" "$GASPAR_PASSWORD" "$GASPAR_TOKEN" | sudo openconnect \ --passwd-on-stdin \ - -u "pham" \ - --useragent='AnyConnect' \ + -u pham \ + --useragent='AnyConnect' \ "https://vpn.epfl.ch" ''; }; @@ -27,3 +18,4 @@ in { home.packages = [ openconnect-epfl ]; } + diff --git a/home/nki-framework.nix b/home/nki-framework.nix index 082977f..097a175 100644 --- a/home/nki-framework.nix +++ b/home/nki-framework.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: { imports = [ @@ -12,7 +7,7 @@ # We use our own firefox # ./firefox.nix # osu! - ./osu + ./osu.nix ]; # Home Manager needs a bit of information about you and the @@ -20,14 +15,26 @@ home.username = "nki"; home.homeDirectory = "/home/nki"; + # More packages + home.packages = (with pkgs; [ + # CLI stuff + python3 + zip + # TeX + texlive.combined.scheme-full + # Note-taking + rnote + ]); + # Graphical set up linux.graphical.type = "wayland"; linux.graphical.wallpaper = ./images/wallpaper_0.png; - linux.graphical.defaults.webBrowser.package = pkgs.zen-browser-bin; - linux.graphical.defaults.webBrowser.desktopFile = "zen.desktop"; + linux.graphical.defaults.webBrowser = "librewolf.desktop"; # Enable sway programs.my-sway.enable = true; programs.my-sway.fontSize = 14.0; + programs.my-sway.terminal = "${config.programs.kitty.package}/bin/kitty"; + programs.my-sway.browser = "librewolf"; wayland.windowManager.sway.config = { # Keyboard support input."*".xkb_layout = "jp"; @@ -41,31 +48,6 @@ tap = "enabled"; }; }; - programs.my-niri.enable = true; - programs.my-niri.enableLaptop = true; - programs.my-niri.workspaces = lib.genAttrs [ "04" "05" "06" "07" "08" "09" ] (_: { - fixed = false; - }); - programs.niri.settings = { - input.keyboard.xkb.options = "ctrl:swapcaps"; - }; - programs.my-waybar.extraSettings = - let - change-mode = pkgs.writeScript "change-mode" '' - #!/usr/bin/env ${lib.getExe pkgs.fish} - set -ax PATH ${lib.getBin pkgs.power-profiles-daemon} ${lib.getBin config.programs.rofi.package} ${lib.getBin pkgs.ripgrep} - - set profiles (powerprofilesctl list | rg "^[ *] (\S+):" -r '$1') - set selected_index (math (contains -i (powerprofilesctl get) $profiles) - 1) - set new_profile (printf "%s\n" $profiles | rofi -dmenu -p "Switch to power profile" -a $selected_index) - powerprofilesctl set $new_profile - ''; - in - [ - { - modules."battery"."on-click" = change-mode; - } - ]; # input-remapping xdg.configFile."autostart/input-remapper-autoload.desktop".source = @@ -79,35 +61,16 @@ # Multiple screen setup services.kanshi = with config.common.monitors; { enable = true; - settings = [ - { - profile.name = "undocked"; - profile.outputs = [ { criteria = "eDP-1"; } ]; - } - { - profile.name = "work-both"; - profile.outputs = [ - { - criteria = "eDP-1"; - position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}"; - status = "enable"; - } - { - criteria = work.name; - position = "1920,0"; - } - ]; - } - { - profile.name = "work-one"; - profile.outputs = [ - { - criteria = "eDP-1"; - status = "disable"; - } - ]; - } - { output.criteria = config.common.monitors.work.name; } + profiles.undocked.outputs = [{ + criteria = "eDP-1"; + }]; + profiles.work-both.outputs = [ + { criteria = "eDP-1"; position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}"; status = "enable"; } + { criteria = work.name; position = "1920,0"; } + ]; + profiles.work-one.outputs = [ + { criteria = "eDP-1"; status = "disable"; } + { criteria = config.common.monitors.work.name; } ]; }; @@ -121,3 +84,4 @@ # changes in each release. home.stateVersion = "21.05"; } + diff --git a/home/nki-x1c1.nix b/home/nki-x1c1.nix index 2bf173a..49f0ed0 100644 --- a/home/nki-x1c1.nix +++ b/home/nki-x1c1.nix @@ -1,30 +1,5 @@ -{ - pkgs, - options, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: -let - iio-sway = pkgs.stdenv.mkDerivation { - name = "iio-sway"; - version = "0.0.1"; - src = pkgs.fetchFromGitHub { - owner = "okeri"; - repo = "iio-sway"; - rev = "e07477d1b2478fede1446e97424a94c80767819d"; - hash = "sha256-JGacKajslCOvd/BFfFSf7s1/hgF6rJqJ6H6xNnsuMb4="; - }; - buildInputs = with pkgs; [ dbus ]; - nativeBuildInputs = with pkgs; [ - meson - ninja - pkg-config - ]; - meta.mainProgram = "iio-sway"; - }; -in { imports = [ # Common configuration @@ -32,7 +7,7 @@ in # We use our own firefox # ./firefox.nix # osu! - ./osu + ./osu.nix ]; # Home Manager needs a bit of information about you and the @@ -41,23 +16,25 @@ in home.homeDirectory = "/home/nki"; # More packages - home.packages = ( - with pkgs; - [ - # Note-taking - rnote - ] - ); + home.packages = (with pkgs; [ + # CLI stuff + python3 + zip + # TeX + texlive.combined.scheme-full + # Note-taking + rnote + ]); # Graphical set up linux.graphical.type = "wayland"; linux.graphical.wallpaper = ./images/wallpaper_0.png; - linux.graphical.startup = options.linux.graphical.startup.default ++ [ pkgs.slack ]; - linux.graphical.defaults.webBrowser.package = pkgs.zen-browser-bin; - linux.graphical.defaults.webBrowser.desktopFile = "zen.desktop"; + linux.graphical.defaults.webBrowser = "librewolf.desktop"; # Enable sway programs.my-sway.enable = true; programs.my-sway.fontSize = 14.0; + programs.my-sway.terminal = "${config.programs.kitty.package}/bin/kitty"; + programs.my-sway.browser = "librewolf"; wayland.windowManager.sway.config = { # Keyboard support input."*".xkb_layout = "jp"; @@ -72,28 +49,25 @@ in startup = [ # rotation - { command = "${lib.getExe iio-sway}"; } + ( + let + iio-sway = pkgs.stdenv.mkDerivation { + name = "iio-sway"; + version = "0.0.1"; + src = pkgs.fetchFromGitHub { + owner = "okeri"; + repo = "iio-sway"; + rev = "e07477d1b2478fede1446e97424a94c80767819d"; + hash = "sha256-JGacKajslCOvd/BFfFSf7s1/hgF6rJqJ6H6xNnsuMb4="; + }; + buildInputs = with pkgs; [ dbus ]; + nativeBuildInputs = with pkgs; [ meson ninja pkg-config ]; + }; + in + { command = "${iio-sway}/bin/iio-sway"; } + ) ]; }; - programs.my-niri.enable = true; - programs.my-niri.enableLaptop = true; - # Assign some of the workspaces to big screen - programs.my-niri.workspaces = lib.genAttrs [ "06" "07" "08" "09" "10" ] (_: { - monitor = config.common.monitors.work.name; - }); - programs.niri.settings = { - # input.keyboard.xkb.options = "ctrl:swapcaps"; - input.mouse = lib.mkForce { - # Make M575 fast for now - accel-profile = "adaptive"; - accel-speed = 0.4; - }; - input.touch.map-to-output = "eDP-1"; - switch-events = with config.lib.niri.actions; { - tablet-mode-on.action = spawn "systemctl" "--user" "kill" "--signal" "SIGUSR2" "wvkbd"; - tablet-mode-off.action = spawn "systemctl" "--user" "kill" "--signal" "SIGUSR1" "wvkbd"; - }; - }; ## Virtual keyboard systemd.user.services.wvkbd = { Unit = { @@ -122,35 +96,14 @@ in # Multiple screen setup services.kanshi = with config.common.monitors; { enable = true; - settings = [ - { - profile.name = "undocked"; - profile.outputs = [ { criteria = "eDP-1"; } ]; - } - { - profile.name = "work-both"; - profile.outputs = [ - { - criteria = "eDP-1"; - position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}"; - status = "enable"; - } - { - criteria = work.name; - position = "1920,0"; - } - ]; - } - { - profile.name = "work-one"; - profile.outputs = [ - { - criteria = "eDP-1"; - status = "disable"; - } - { criteria = work.name; } - ]; - } + profiles.undocked.outputs = [{ criteria = "LVDS-1"; }]; + profiles.work-both.outputs = [ + { criteria = "eDP-1"; position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}"; status = "enable"; } + { criteria = work.name; position = "1920,0"; } + ]; + profiles.work-one.outputs = [ + { criteria = "eDP-1"; status = "disable"; } + { criteria = config.common.monitors.work.name; } ]; }; @@ -164,3 +117,4 @@ in # changes in each release. home.stateVersion = "21.05"; } + diff --git a/home/osu.nix b/home/osu.nix new file mode 100644 index 0000000..4acafb0 --- /dev/null +++ b/home/osu.nix @@ -0,0 +1,33 @@ +{ pkgs, lib, ... }: + +let + osu-pkg = pkgs.unstable.osu-lazer-bin; + # osu-pkg = with pkgs; with lib; + # appimageTools.wrapType2 rec { + # pname = "osu-lazer-bin"; + # version = "2024.312.1"; + # src = pkgs.fetchurl { + # url = "https://github.com/ppy/osu/releases/download/${version}/osu.AppImage"; + # hash = "sha256-1dzgs1p3/pf4eCdKvQ9JxowN+oBPBNaZv5e6qHeFPEM="; + # }; + + # extraPkgs = pkgs: with pkgs; [ icu ]; + + # extraInstallCommands = + # let contents = appimageTools.extract { inherit pname version src; }; + # in + # '' + # mv -v $out/bin/${pname}-${version} $out/bin/osu\! + # install -m 444 -D ${contents}/osu\!.desktop -t $out/share/applications + # for i in 16 32 48 64 96 128 256 512 1024; do + # install -D ${contents}/osu\!.png $out/share/icons/hicolor/''${i}x$i/apps/osu\!.png + # done + # ''; + # }; +in +{ + home.packages = [ osu-pkg ]; + xdg.mimeApps.defaultApplications."x-scheme-handler/osu" = "osu!.desktop"; + # home.packages = [ pkgs.osu-lazer ]; +} + diff --git a/home/osu/default.nix b/home/osu/default.nix deleted file mode 100644 index 9cbdcf5..0000000 --- a/home/osu/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ pkgs, lib, ... }: - -let - # osu-pkg = pkgs.unstable.osu-lazer-bin; - osu-pkg = - with pkgs; - with lib; - appimageTools.wrapType2 rec { - pname = "osu-lazer-bin"; - version = "2025.424.0"; - src = fetchurl { - url = "https://github.com/ppy/osu/releases/download/${version}/osu.AppImage"; - hash = "sha256-8nOoSkNbzEFpDj0FivCYI20tZzT02YHcKZblfEfh+Zo="; - }; - extraPkgs = pkgs: with pkgs; [ icu ]; - - extraInstallCommands = - let - contents = appimageTools.extract { inherit pname version src; }; - in - '' - mv -v $out/bin/${pname} $out/bin/osu\! - install -m 444 -D ${contents}/osu\!.desktop -t $out/share/applications - install -m 444 -D ${./mimetypes.xml} $out/share/mime/packages/${pname}.xml - for i in 16 32 48 64 96 128 256 512 1024; do - install -D ${contents}/osu.png $out/share/icons/hicolor/''${i}x$i/apps/osu.png - done - ''; - }; -in -{ - home.packages = [ osu-pkg ]; - xdg.mimeApps.defaultApplications."x-scheme-handler/osu" = "osu!.desktop"; - # home.packages = [ pkgs.osu-lazer ]; -} diff --git a/home/osu/mimetypes.xml b/home/osu/mimetypes.xml deleted file mode 100644 index fa7ec94..0000000 --- a/home/osu/mimetypes.xml +++ /dev/null @@ -1,29 +0,0 @@ - - - - - osu! Beatmap Archive - - - - - - osu! Skin Archive - - - - - osu! Beatmap - - - - - osu! Storyboard - - - - - osu! Replay - - - diff --git a/kagami-air-m1/configuration.nix b/kagami-air-m1/configuration.nix deleted file mode 100644 index e444af6..0000000 --- a/kagami-air-m1/configuration.nix +++ /dev/null @@ -1,162 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ - config, - pkgs, - lib, - ... -}: - -{ - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Encrypted DNS - ../modules/services/edns - # Override base mesa - ( - { ... }: - { - nixpkgs.overlays = lib.mkBefore [ - (final: prev: { - mesa = prev.mesa.override { - enableOpenCL = true; - meson = final.unstable.meson; - }; - }) - ]; - } - ) - ]; - - # time.timeZone = lib.mkForce "Asia/Ho_Chi_Minh"; - services.xserver.desktopManager.plasma5.enable = true; - - # Asahi kernel configuration - hardware.asahi = { - peripheralFirmwareDirectory = ./firmware; - use4KPages = false; - withRust = true; - addEdgeKernelConfig = true; - useExperimentalGPUDriver = true; - experimentalGPUInstallMode = "overlay"; - }; - # Override mesa - nixpkgs.overlays = lib.mkAfter [ - (final: prev: { - mesa-asahi-edge = prev.mesa-asahi-edge.overrideAttrs (attrs: { - version = "24.0.0"; - # buildInputs = attrs.buildInputs ++ (with pkgslw; [ libclc cmake (spirv-llvm-translator.override { inherit (llvmPackages_15) llvm; }) ]); - # nativeBuildInputs = attrs.nativeBuildInputs ++ (with pkgs; [ pkgs.unstable.spirv-llvm-translator ]); - src = final.fetchFromGitLab { - # latest release - domain = "gitlab.freedesktop.org"; - owner = "asahi"; - repo = "mesa"; - rev = "asahi-20231121"; - hash = "sha256-IcKKe1RA8sCaUfWK71ELzF15YaBS3DjoYhNMIWiQ5Jw="; - }; - - patches = lib.forEach attrs.patches ( - p: if lib.hasSuffix "opencl.patch" p then ./mesa-asahi-edge/opencl.patch else p - ); - }); - }) - ]; - ## Additional mesa-related packages - environment.systemPackages = with pkgs; [ SDL2 ]; - - # Power Management - services.upower = { - enable = true; - criticalPowerAction = "PowerOff"; - - usePercentageForPolicy = true; - percentageCritical = 3; - percentageLow = 10; - }; - services.logind.lidSwitch = "suspend"; - - # Printing - services.printing.drivers = with pkgs; [ epfl-cups-drivers ]; - - # Enable touchpad support (enabled default in most desktopManager). - services.libinput.enable = true; - # Keyboard - services.input-remapper.enable = true; - services.input-remapper.serviceWantedBy = [ "multi-user.target" ]; - hardware.uinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - common.linux.username = "nki"; - - # Enable sway on login. - environment.loginShellInit = '' - if [ -z $DISPLAY ] && [ "$(tty)" = "/dev/tty1" ]; then - exec sway - fi - ''; - - # Networking - common.linux.networking = { - hostname = "kagami-air-m1"; - networks."10-wired".match = "enp*"; - networks."20-wireless".match = "wlan*"; - dnsServers = [ "127.0.0.1" ]; - }; - nki.services.edns.enable = true; - nki.services.edns.ipv6 = true; - - # Secrets - sops.defaultSopsFile = ./secrets.yaml; - sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - - ## tinc - sops.secrets."tinc/ed25519-private-key" = { }; - services.my-tinc = { - enable = true; - hostName = "macbooknix"; - ed25519PrivateKey = config.sops.secrets."tinc/ed25519-private-key".path; - bindPort = 6565; - }; - - services.dbus.packages = with pkgs; [ gcr ]; - - # Power Management - powerManagement = { - enable = true; - # powerDownCommands = '' - # /run/current-system/sw/bin/rmmod brcmfmac # Disable wifi - # /run/current-system/sw/bin/rmmod hci_bcm4377 # Disable bluetooth - # ''; - # resumeCommands = '' - # /run/current-system/sw/bin/modprobe brcmfmac # Enable wifi - # /run/current-system/sw/bin/modprobe hci_bcm4377 # Enable bluetooth - # /run/current-system/sw/bin/systemctl restart iwd - # /run/current-system/sw/bin/systemctl restart bluetooth - # ''; - }; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.05"; # Did you read the comment? -} diff --git a/kagami-air-m1/extract_firmware.sh b/kagami-air-m1/extract_firmware.sh deleted file mode 100755 index 3149301..0000000 --- a/kagami-air-m1/extract_firmware.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/env bash - -mkdir -p firmware && cp /boot/asahi/{all_firmware.tar.gz,kernelcache*} firmware diff --git a/kagami-air-m1/firmware/all_firmware.tar.gz b/kagami-air-m1/firmware/all_firmware.tar.gz deleted file mode 100755 index 1c09e00..0000000 Binary files a/kagami-air-m1/firmware/all_firmware.tar.gz and /dev/null differ diff --git a/kagami-air-m1/firmware/kernelcache.release.mac13g b/kagami-air-m1/firmware/kernelcache.release.mac13g deleted file mode 100755 index db5e091..0000000 Binary files a/kagami-air-m1/firmware/kernelcache.release.mac13g and /dev/null differ diff --git a/kagami-air-m1/hardware-configuration.nix b/kagami-air-m1/hardware-configuration.nix deleted file mode 100644 index 5c974e5..0000000 --- a/kagami-air-m1/hardware-configuration.nix +++ /dev/null @@ -1,41 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "usb_storage" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/ebb6bf2e-2d7f-4fa6-88cb-751fdd174ef9"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/19BC-1BE8"; - fsType = "vfat"; - }; - - swapDevices = [ - { - device = "/swap"; - size = 16 * 1024; - } - ]; - - # nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; -} diff --git a/kagami-air-m1/mesa-asahi-edge/opencl.patch b/kagami-air-m1/mesa-asahi-edge/opencl.patch deleted file mode 100644 index d04b08c..0000000 --- a/kagami-air-m1/mesa-asahi-edge/opencl.patch +++ /dev/null @@ -1,66 +0,0 @@ -diff --git a/meson.build b/meson.build -index 04d89987311..babfe440973 100644 ---- a/meson.build -+++ b/meson.build -@@ -1812,7 +1812,7 @@ endif - - dep_clang = null_dep - if with_clc -- llvm_libdir = dep_llvm.get_variable(cmake : 'LLVM_LIBRARY_DIR', configtool: 'libdir') -+ llvm_libdir = get_option('clang-libdir') - - dep_clang = cpp.find_library('clang-cpp', dirs : llvm_libdir, required : false) - -diff --git a/meson_options.txt b/meson_options.txt -index e885ba61a8a..29ce0270479 100644 ---- a/meson_options.txt -+++ b/meson_options.txt -@@ -1,6 +1,12 @@ - # Copyright © 2017-2019 Intel Corporation - # SPDX-License-Identifier: MIT - -+option( -+ 'clang-libdir', -+ type : 'string', -+ value : '', -+ description : 'Locations to search for clang libraries.' -+) - option( - 'platforms', - type : 'array', -diff --git a/src/gallium/targets/opencl/meson.build b/src/gallium/targets/opencl/meson.build -index 7c14135898e..74dc6850603 100644 ---- a/src/gallium/targets/opencl/meson.build -+++ b/src/gallium/targets/opencl/meson.build -@@ -39,7 +39,8 @@ if dep_llvm.version().version_compare('>=10.0.0') - polly_isl_dep = cpp.find_library('PollyISL', dirs : llvm_libdir, required : false) - endif - --dep_clang = cpp.find_library('clang-cpp', dirs : llvm_libdir, required : false) -+clang_libdir = get_option('clang-libdir') -+dep_clang = cpp.find_library('clang-cpp', dirs : clang_libdir, required : false) - - # meson will return clang-cpp from system dirs if it's not found in llvm_libdir - linker_rpath_arg = '-Wl,--rpath=@0@'.format(llvm_libdir) -@@ -123,7 +124,7 @@ if with_opencl_icd - configuration : _config, - input : 'mesa.icd.in', - output : 'mesa.icd', -- install : true, -+ install : false, - install_tag : 'runtime', - install_dir : join_paths(get_option('sysconfdir'), 'OpenCL', 'vendors'), - ) -diff --git a/src/gallium/targets/rusticl/meson.build b/src/gallium/targets/rusticl/meson.build -index b2963fe6dfa..99d6d801b94 100644 ---- a/src/gallium/targets/rusticl/meson.build -+++ b/src/gallium/targets/rusticl/meson.build -@@ -76,7 +76,7 @@ configure_file( - configuration : _config, - input : 'rusticl.icd.in', - output : 'rusticl.icd', -- install : true, -+ install : false, - install_tag : 'runtime', - install_dir : join_paths(get_option('sysconfdir'), 'OpenCL', 'vendors'), - ) diff --git a/kagami-air-m1/secrets.yaml b/kagami-air-m1/secrets.yaml deleted file mode 100644 index 4eb59bf..0000000 --- a/kagami-air-m1/secrets.yaml +++ /dev/null @@ -1,31 +0,0 @@ -tinc: - ed25519-private-key: ENC[AES256_GCM,data:Cc86FPxUK+MEHTDKtbSOb4WE8WrK9sPI5fQ0oyYPkLzKqn0ZeHlTyeXZD9THTWDyW9Ky5q0rIk7HxjFkLZMid5x3d/EcovSvpx2dyIzYGX2EiVfAbkF4v2JqXrnfdF/EQSF+Z9G6P2elPdXlXu7dUEqe3XsFFdKwe80EIzItO+b3BE3P3Xt9NxbkCRj3zHSuVlt5v81WzLkUTtPLwOcQafwrZ3Engi9Yrjyh58ufGYQyBItTdwlKblv42XahiOqhJ8QXBGiMCFY=,iv:h88X3PT/G1QV4GcD07IvLcMyM7WLRMuBMMYQ6Z1YOgE=,tag:aK2dCizwThbJt8woLKS9UQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age169v95f5fqx0sg5mjpp63sumrj9sma9se203ra2c05qa67h2h2drs3tvdph - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHQ0ZFampRSm5BbTVpUk9o - MUhLenM0czVDM1NUWFFsTGxZUllKMjNOU3pZCm00eUZjRFU3bTZnbnNVR2RnMVl2 - UEV2c1VXNDRhRklIZmpnN2dLczJPVGcKLS0tIGVlTkkrWXVTbFVJS1h4YnZRKzNn - dFJYaEErRWFJZXpnWVY1dk4zbnMxK3cKZ0aiD0ZusCWnjfhEsuVNO8XZrwupDANu - GUf03lwpLiOx6OehK2wR0pfMEfmbDOP6+o673Sw9PcreEPvUovh82Q== - -----END AGE ENCRYPTED FILE----- - - recipient: age10dd4t507h3ey68l2alu7z94s5lw0kshjq9lre5sv2vehrm9hg4rqk2let7 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAraHhUUXlpb3UvNWdkc3ZP - bFdNU0NaaStxR2c4SEY2NFByKzVGa1BkWXpjCmVlMmF3eUdid3RSMjVTUlJOM0hS - eHByVGtiUzBEZGRVRjg1TENPQlpPNjQKLS0tIG11cWFUU3JNeFY4cCt3d2ZUWmpl - dnZKYUIvM1N2eGFubkgzdUVESEVCYm8KGIEl6MKIc7Xsg9MePOgLovSBWh7b0BX/ - aUXZm+elav6a7dmPSXqA7/ZSUtxZqD3sYF06YnABEhO+wQ5McArkFg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-10-17T11:24:18Z" - mac: ENC[AES256_GCM,data:nJLJXWvJpZRzvDuIiXiFQE2V4IYKtkFLR0U0KnTz7V9e/k+i4x53rMf8HuvKCxbWiJl/YdmxAEj0j+K8UPQv2G5OCG84qO0AUUXik2rHsd8WAv3EweS9WWSu0lgzf5U9ZdUuwZacmoU2khDmfXeZ5NTF/+eVDSDp3hZ+hTiJDFM=,iv:iEW9jecRfiT7vLYffNsFSI4wE/Ok5aNjOZfV1dTtt5Q=,tag:Gw7VpSbn17O75jNN3t8deg==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/modules/cloud/authentik/default.nix b/modules/cloud/authentik/default.nix index 5568482..e6bb4da 100644 --- a/modules/cloud/authentik/default.nix +++ b/modules/cloud/authentik/default.nix @@ -1,15 +1,11 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let cfg = config.cloud.authentik; - mkImage = { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; + mkImage = + { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; # If we can pullImage we can just do # mkImage = pkgs.dockerTools.pullImage; @@ -26,8 +22,8 @@ let }; authentik = mkImage { imageName = "ghcr.io/goauthentik/server"; - finalImageTag = "2025.4.0"; - imageDigest = "sha256:74d32bd24d8e08a83fb5d6444b2c25f8e8c58f42457875c60b076af050e65c6a"; + finalImageTag = "2024.4.2"; + imageDigest = "sha256:a2e592a08eb3c9e3435aa4e6585d60cc1eb54850da9d1498d56a131bbfbe03ff"; }; }; authentikEnv = pkgs.writeText "authentik.env" '' @@ -52,24 +48,13 @@ in }; config = mkIf cfg.enable { - systemd.services.arion-authentik = { - serviceConfig.EnvironmentFile = cfg.envFile; - serviceConfig.Type = "notify"; - serviceConfig.NotifyAccess = "all"; - serviceConfig.TimeoutSec = 300; - script = lib.mkBefore '' - ${lib.getExe pkgs.wait4x} http http://127.0.0.1:${toString cfg.port} --expect-status-code 200 -t 0 -q -- systemd-notify --ready & - ''; - }; + systemd.services.arion-authentik.serviceConfig.EnvironmentFile = cfg.envFile; virtualisation.arion.projects.authentik.settings = { services.postgresql.service = { image = images.postgresql; restart = "unless-stopped"; healthcheck = { - test = [ - "CMD-SHELL" - "pg_isready -d $\${POSTGRES_DB} -U $\${POSTGRES_USER}" - ]; + test = [ "CMD-SHELL" "pg_isready -d $\${POSTGRES_DB} -U $\${POSTGRES_USER}" ]; start_period = "20s"; interval = "30s"; retries = 5; @@ -80,20 +65,14 @@ in POSTGRES_USER = "authentik"; POSTGRES_DB = "authentik"; }; - env_file = [ - cfg.envFile - "${postgresEnv}" - ]; + env_file = [ cfg.envFile "${postgresEnv}" ]; }; services.redis.service = { image = images.redis; command = "--save 60 1 --loglevel warning"; restart = "unless-stopped"; healthcheck = { - test = [ - "CMD-SHELL" - "redis-cli ping | grep PONG" - ]; + test = [ "CMD-SHELL" "redis-cli ping | grep PONG" ]; start_period = "20s"; interval = "30s"; retries = 5; @@ -115,14 +94,10 @@ in AUTHENTIK_POSTGRESQL__USER = "authentik"; AUTHENTIK_POSTGRESQL__NAME = "authentik"; }; - env_file = [ - cfg.envFile - "${authentikEnv}" - ]; + env_file = [ cfg.envFile "${authentikEnv}" ]; ports = [ "127.0.0.1:${toString cfg.port}:9000" ]; - }; services.worker.service = { image = images.authentik; @@ -140,11 +115,7 @@ in AUTHENTIK_POSTGRESQL__USER = "authentik"; AUTHENTIK_POSTGRESQL__NAME = "authentik"; }; - env_file = [ - cfg.envFile - "${authentikEnv}" - ]; - user = "root"; + env_file = [ cfg.envFile "${authentikEnv}" ]; }; docker-compose.volumes = { database.driver = "local"; @@ -153,3 +124,4 @@ in }; }; } + diff --git a/modules/cloud/bitwarden/default.nix b/modules/cloud/bitwarden/default.nix index 23dc6ca..ae8c182 100644 --- a/modules/cloud/bitwarden/default.nix +++ b/modules/cloud/bitwarden/default.nix @@ -1,9 +1,4 @@ -{ - pkgs, - lib, - config, - ... -}: +{ pkgs, lib, config, ... }: with lib; let diff --git a/modules/cloud/conduit/default.nix b/modules/cloud/conduit/default.nix index 155a3d6..08fe655 100644 --- a/modules/cloud/conduit/default.nix +++ b/modules/cloud/conduit/default.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: let cfg = config.cloud.conduit; @@ -38,105 +33,142 @@ with lib; }; instances = mkOption { - type = types.attrsOf ( - types.submodule { - options = { - host = mkOption { - type = types.str; - }; - server_name = mkOption { - type = types.str; - default = ""; - }; - port = mkOption { - type = types.int; - }; - noCloudflare = mkOption { - type = types.bool; - default = false; - }; - allow_registration = mkOption { - type = types.bool; - default = false; - }; - well-known_port = mkOption { - type = types.int; - }; + type = types.attrsOf (types.submodule { + options = { + host = mkOption { + type = types.str; }; - } - ); + server_name = mkOption { + type = types.str; + default = ""; + }; + port = mkOption { + type = types.int; + }; + noCloudflare = mkOption { + type = types.bool; + default = false; + }; + allow_registration = mkOption { + type = types.bool; + default = false; + }; + well-known_port = mkOption { + type = types.int; + }; + }; + }); }; }; - config.systemd.services = mkIf cfg.enable ( - lib.attrsets.mapAttrs' ( - name: instance: - lib.attrsets.nameValuePair "matrix-conduit-${name}" ( - let - srvName = "matrix-conduit-${name}"; - format = pkgs.formats.toml { }; - server_name = if instance.server_name == "" then instance.host else instance.server_name; - configFile = format.generate "conduit.toml" ( - lib.attrsets.recursiveUpdate defaultConfig { + config.systemd.services = mkIf cfg.enable + (lib.attrsets.mapAttrs' + (name: instance: lib.attrsets.nameValuePair "matrix-conduit-${name}" + ( + let + srvName = "matrix-conduit-${name}"; + format = pkgs.formats.toml { }; + server_name = if instance.server_name == "" then instance.host else instance.server_name; + configFile = format.generate "conduit.toml" (lib.attrsets.recursiveUpdate defaultConfig { global.server_name = server_name; global.port = instance.port; global.allow_registration = instance.allow_registration; global.database_path = "/mnt/data/${srvName}/"; - global.well_known_client = "https://${instance.host}"; - global.well_known_server = "${instance.host}:443"; - } - ); - in - { - description = "Conduit Matrix Server (for ${server_name})"; - documentation = [ "https://gitlab.com/famedly/conduit/" ]; - wantedBy = [ "multi-user.target" ]; - environment = { - CONDUIT_CONFIG = configFile; - }; - serviceConfig = { - DynamicUser = true; - User = "${srvName}"; - LockPersonality = true; - MemoryDenyWriteExecute = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - PrivateDevices = true; - PrivateMounts = true; - PrivateUsers = true; - RestrictAddressFamilies = [ - "AF_INET" - "AF_INET6" - ]; - RestrictNamespaces = true; - RestrictRealtime = true; - SystemCallArchitectures = "native"; - SystemCallFilter = [ - "@system-service" - "~@privileged" - ]; - # StateDirectory = "/mnt/data/${srvName}"; - BindPaths = [ "/mnt/data/${srvName}" ]; - ExecStart = "${cfg.package}/bin/conduit"; - Restart = "on-failure"; - RestartSec = 10; - StartLimitBurst = 5; - }; - } - ) - ) cfg.instances - ); + }); + in + { + description = "Conduit Matrix Server (for ${server_name})"; + documentation = [ "https://gitlab.com/famedly/conduit/" ]; + wantedBy = [ "multi-user.target" ]; + environment = { CONDUIT_CONFIG = configFile; }; + serviceConfig = { + DynamicUser = true; + User = "${srvName}"; + LockPersonality = true; + MemoryDenyWriteExecute = true; + ProtectClock = true; + ProtectControlGroups = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + PrivateDevices = true; + PrivateMounts = true; + PrivateUsers = true; + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; + RestrictNamespaces = true; + RestrictRealtime = true; + SystemCallArchitectures = "native"; + SystemCallFilter = [ + "@system-service" + "~@privileged" + ]; + # StateDirectory = "/mnt/data/${srvName}"; + BindPaths = [ "/mnt/data/${srvName}" ]; + ExecStart = "${cfg.package}/bin/conduit"; + Restart = "on-failure"; + RestartSec = 10; + StartLimitBurst = 5; + }; + } + )) + cfg.instances); + + # Serving .well-known files + # This is a single .well-known/matrix/server file that points to the server, + # which is NOT on port 8448 since Cloudflare doesn't allow us to route HTTPS + # through that port. + config.services.nginx = mkIf cfg.enable + { + enable = true; + virtualHosts = lib.attrsets.mapAttrs' + (name: instance: lib.attrsets.nameValuePair "conduit-${name}-well-known" { + listen = [{ addr = "127.0.0.1"; port = instance.well-known_port; }]; + # Check https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md + # for the file structure. + root = pkgs.symlinkJoin + { + name = "well-known-files-for-conduit-${name}"; + paths = [ + (pkgs.writeTextDir ".well-known/matrix/client" (builtins.toJSON { + "m.homeserver".base_url = "https://${instance.host}"; + "org.matrix.msc3575.proxy".url = "https://${instance.host}"; + })) + (pkgs.writeTextDir ".well-known/matrix/server" (builtins.toJSON { + "m.server" = "${instance.host}:443"; + })) + ]; + }; + extraConfig = + # Enable CORS from anywhere since we want all clients to find us out + '' + add_header 'Access-Control-Allow-Origin' "*"; + '' + + # Force returning values to be JSON data + '' + default_type application/json; + ''; + }) + cfg.instances; + }; config.cloud.traefik.hosts = mkIf cfg.enable ( - (lib.attrsets.mapAttrs' ( - name: instance: - lib.attrsets.nameValuePair "conduit-${name}" ({ + (lib.attrsets.mapAttrs' + (name: instance: lib.attrsets.nameValuePair "conduit-${name}" ({ inherit (instance) host port noCloudflare; - }) - ) cfg.instances) + })) + cfg.instances) + // (lib.attrsets.mapAttrs' + (name: instance: lib.attrsets.nameValuePair "conduit-${name}-well-known" ( + let + server_name = if instance.server_name == "" then instance.host else instance.server_name; + in + { + port = instance.well-known_port; + filter = "Host(`${server_name}`) && PathPrefix(`/.well-known`)"; + } + )) + cfg.instances) ); } + diff --git a/modules/cloud/conduit/heisenbridge.nix b/modules/cloud/conduit/heisenbridge.nix index 18be631..1db1040 100644 --- a/modules/cloud/conduit/heisenbridge.nix +++ b/modules/cloud/conduit/heisenbridge.nix @@ -1,15 +1,9 @@ -{ - pkgs, - lib, - config, - ... -}: +{ pkgs, lib, config, ... }: let cfg = config.cloud.conduit.heisenbridge; cfgConduit = config.cloud.conduit; in -with lib; -{ +with lib; { options.cloud.conduit.heisenbridge = { enable = mkEnableOption "Enable heisenbridge for conduit"; package = mkPackageOption pkgs "heisenbridge" { }; @@ -29,26 +23,17 @@ with lib; }; config = mkIf cfg.enable ( let - cfgFile = - if cfg.port == null then - cfg.appserviceFile - else - pkgs.runCommand "heisenbridge-config" { } '' - cp ${cfg.appserviceFile} $out - ${pkgs.sd}/bin/sd '^url: .*$' "url: http://127.0.0.1:${cfg.port}" - ''; - listenArgs = lists.optionals (cfg.port != null) [ - "--listen-port" - (toString cfg.port) - ]; + cfgFile = if cfg.port == null then cfg.appserviceFile else + pkgs.runCommand "heisenbridge-config" { } '' + cp ${cfg.appserviceFile} $out + ${pkgs.sd}/bin/sd '^url: .*$' "url: http://127.0.0.1:${cfg.port}" + ''; + listenArgs = lists.optionals (cfg.port != null) [ "--listen-port" (toString cfg.port) ]; in { systemd.services.heisenbridge = { description = "Matrix<->IRC bridge"; - requires = [ - "matrix-conduit-nkagami.service" - "matrix-synapse.service" - ]; # So the registration file can be used by Synapse + requires = [ "matrix-synapse.service" ]; # So the registration file can be used by Synapse wantedBy = [ "multi-user.target" ]; serviceConfig = rec { @@ -92,18 +77,12 @@ with lib; RemoveIPC = true; UMask = "0077"; - CapabilityBoundingSet = [ - "CAP_CHOWN" - ] ++ optional (cfg.port != null && cfg.port < 1024) "CAP_NET_BIND_SERVICE"; + CapabilityBoundingSet = [ "CAP_CHOWN" ] ++ optional (cfg.port != null && cfg.port < 1024) "CAP_NET_BIND_SERVICE"; AmbientCapabilities = CapabilityBoundingSet; NoNewPrivileges = true; LockPersonality = true; RestrictRealtime = true; - SystemCallFilter = [ - "@system-service" - "~@privileged" - "@chown" - ]; + SystemCallFilter = [ "@system-service" "~@privileged" "@chown" ]; SystemCallArchitectures = "native"; RestrictAddressFamilies = "AF_INET AF_INET6"; }; @@ -118,3 +97,4 @@ with lib; } ); } + diff --git a/modules/cloud/firezone/default.nix b/modules/cloud/firezone/default.nix index 3624162..3a5a2c4 100644 --- a/modules/cloud/firezone/default.nix +++ b/modules/cloud/firezone/default.nix @@ -1,15 +1,11 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let cfg = config.cloud.firezone; - mkImage = { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; + mkImage = + { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; # If we can pullImage we can just do # mkImage = pkgs.dockerTools.pullImage; @@ -52,10 +48,7 @@ in image = images.postgresql; restart = "unless-stopped"; healthcheck = { - test = [ - "CMD-SHELL" - "pg_isready -d $\${POSTGRES_DB} -U $\${POSTGRES_USER}" - ]; + test = [ "CMD-SHELL" "pg_isready -d $\${POSTGRES_DB} -U $\${POSTGRES_USER}" ]; start_period = "20s"; interval = "30s"; retries = 5; @@ -96,10 +89,7 @@ in driver = "bridge"; ipam.config = [ { subnet = "172.25.0.0/16"; } - { - subnet = "2001:3990:3990::/64"; - gateway = "2001:3990:3990::1"; - } + { subnet = "2001:3990:3990::/64"; gateway = "2001:3990:3990::1"; } ]; }; }; diff --git a/modules/cloud/gotosocial/default.nix b/modules/cloud/gotosocial/default.nix index 4b44ba4..9b7bc32 100644 --- a/modules/cloud/gotosocial/default.nix +++ b/modules/cloud/gotosocial/default.nix @@ -1,20 +1,14 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let cfg = config.cloud.gotosocial; dbUser = "gotosocial"; - storageLocation = "/mnt/data/gotosocial"; in { options.cloud.gotosocial = { enable = mkEnableOption "Enable our local GtS server"; - package = mkPackageOption pkgs "gotosocial-dtth" { }; + package = mkPackageOption pkgs "gotosocial" { }; host = mkOption { type = types.str; description = "The GtS host"; @@ -46,21 +40,13 @@ in # Postgres cloud.postgresql.databases = [ dbUser ]; # Traefik - cloud.traefik.hosts = - { - gotosocial = { inherit (cfg) host port; }; - } - // ( - if cfg.accountDomain != cfg.host && cfg.accountDomain != "" then - { - gotosocial-wellknown = { - inherit (cfg) port; - filter = "Host(`${cfg.accountDomain}`) && (PathPrefix(`/.well-known/webfinger`) || PathPrefix(`/.well-known/nodeinfo`) || PathPrefix(`/.well-known/host-meta`))"; - }; - } - else - { } - ); + cloud.traefik.hosts = { gotosocial = { inherit (cfg) host port; }; } // + (if cfg.accountDomain != cfg.host && cfg.accountDomain != "" then { + gotosocial-wellknown = { + inherit (cfg) port; + filter = "Host(`${cfg.accountDomain}`) && (PathPrefix(`/.well-known/webfinger`) || PathPrefix(`/.well-known/nodeinfo`) || PathPrefix(`/.well-known/host-meta`))"; + }; + } else { }); # The service itself services.gotosocial = { enable = true; @@ -73,10 +59,7 @@ in bind-address = "localhost"; port = cfg.port; # Instance - instance-languages = [ - "en-ca" - "vi" - ]; + instance-languages = [ "en-ca" "vi" ]; # Accounts accounts-registration-open = false; accounts-allow-custom-css = true; @@ -89,49 +72,20 @@ in web-template-base-dir = "${cfg.package}/share/gotosocial/web/template"; web-asset-base-dir = "${cfg.package}/share/gotosocial/web/assets"; # Media - media-emoji-remote-max-size = - 256 * 1024 # bytes - ; - media-emoji-local-max-size = - 256 * 1024 # bytes - ; - media-remote-cache-days = 7; - media-cleanup-from = "00:00"; - media-cleanup-every = "24h"; + media-emoji-remote-max-size = 256 * 1024 /* bytes */; + media-emoji-local-max-size = 256 * 1024 /* bytes */; # OIDC oidc-enabled = true; oidc-idp-name = "DTTH"; - oidc-scopes = [ - "openid" - "email" - "profile" - ]; + oidc-scopes = [ "openid" "email" "profile" ]; # HTTP Client http-client.block-ips = [ "11.0.0.0/24" ]; # Advanced advanced-rate-limit-requests = 0; - # Storage - storage-backend = "local"; - storage-local-base-path = "${storageLocation}/storage"; # instance-inject-mastodon-version = true; }; }; - systemd.services.gotosocial.requires = mkAfter [ - "postgresql.service" - "arion-authentik.service" - ]; - systemd.services.gotosocial.after = mkAfter [ - "postgresql.service" - "arion-authentik.service" - ]; - systemd.services.gotosocial.unitConfig = { - RequiresMountsFor = [ storageLocation ]; - ReadWritePaths = [ storageLocation ]; - }; - systemd.tmpfiles.settings."10-gotosocial".${storageLocation}.d = { - user = dbUser; - group = dbUser; - mode = "0700"; - }; + systemd.services.gotosocial.requires = mkAfter [ "minio.service" "postgresql.service" ]; + systemd.services.gotosocial.after = mkAfter [ "minio.service" "postgresql.service" ]; }; } diff --git a/modules/cloud/mail/default.nix b/modules/cloud/mail/default.nix index 0195044..0232c8d 100644 --- a/modules/cloud/mail/default.nix +++ b/modules/cloud/mail/default.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let @@ -243,12 +238,7 @@ in # MTA-STS server services.nginx.enable = true; services.nginx.virtualHosts.maddy-mta-sts = { - listen = [ - { - addr = "127.0.0.1"; - port = mtaStsPort; - } - ]; + listen = [{ addr = "127.0.0.1"; port = mtaStsPort; }]; root = mtaStsDir; }; @@ -283,10 +273,7 @@ in # maddy itself systemd.services."${name}" = { - after = [ - "network.target" - "traefik-certs-dumper.service" - ]; + after = [ "network.target" "traefik-certs-dumper.service" ]; wantedBy = [ "multi-user.target" ]; requires = [ "postgresql.service" ]; @@ -340,6 +327,7 @@ in KillMode = "mixed"; KillSignal = "SIGTERM"; + # Required to bind on ports lower than 1024. AmbientCapabilities = "CAP_NET_BIND_SERVICE"; CapabilityBoundingSet = "CAP_NET_BIND_SERVICE"; diff --git a/modules/cloud/outline/r2.patch b/modules/cloud/outline/r2.patch deleted file mode 100644 index 15fd15f..0000000 --- a/modules/cloud/outline/r2.patch +++ /dev/null @@ -1,178 +0,0 @@ -diff --git a/.env.sample b/.env.sample -index 51046501d..6daf60347 100644 ---- a/.env.sample -+++ b/.env.sample -@@ -66,6 +66,8 @@ AWS_S3_UPLOAD_BUCKET_URL=http://s3:4569 - AWS_S3_UPLOAD_BUCKET_NAME=bucket_name_here - AWS_S3_FORCE_PATH_STYLE=true - AWS_S3_ACL=private -+AWS_S3_R2=true -+AWS_S3_R2_PUBLIC_URL=http://s3:4569 - - # –––––––––––––– AUTHENTICATION –––––––––––––– - -diff --git a/app/utils/files.ts b/app/utils/files.ts -index 16b66a2c4..c56ffd2b2 100644 ---- a/app/utils/files.ts -+++ b/app/utils/files.ts -@@ -88,8 +88,13 @@ export const uploadFile = async ( - xhr.addEventListener("loadend", () => { - resolve(xhr.readyState === 4 && xhr.status >= 200 && xhr.status < 400); - }); -- xhr.open("POST", data.uploadUrl, true); -- xhr.send(formData); -+ xhr.open(data.method, data.uploadUrl, true); -+ xhr.setRequestHeader("Content-Type", file.type); -+ if (data.method === "POST") { -+ xhr.send(formData); -+ } else { -+ xhr.send(file); -+ } - }); - - if (!success) { -diff --git a/server/env.ts b/server/env.ts -index 5b420f2e1..4ea1e8d3c 100644 ---- a/server/env.ts -+++ b/server/env.ts -@@ -519,6 +519,14 @@ export class Environment { - environment.AWS_S3_UPLOAD_BUCKET_NAME - ); - -+ @IsOptional() -+ public AWS_S3_R2 = this.toBoolean(environment.AWS_S3_R2 ?? "false"); -+ -+ @IsOptional() -+ public AWS_S3_R2_PUBLIC_URL = this.toOptionalString( -+ environment.AWS_S3_R2_PUBLIC_URL -+ ); -+ - /** - * Whether to force path style URLs for S3 objects, this is required for some - * S3-compatible storage providers. -diff --git a/server/routes/api/attachments/attachments.ts b/server/routes/api/attachments/attachments.ts -index d2288c215..72251962c 100644 ---- a/server/routes/api/attachments/attachments.ts -+++ b/server/routes/api/attachments/attachments.ts -@@ -3,6 +3,7 @@ import { v4 as uuidv4 } from "uuid"; - import { AttachmentPreset } from "@shared/types"; - import { bytesToHumanReadable, getFileNameFromUrl } from "@shared/utils/files"; - import { AttachmentValidation } from "@shared/validations"; -+import env from "@server/env"; - import { createContext } from "@server/context"; - import { - AuthorizationError, -@@ -83,16 +84,30 @@ router.post( - userId: user.id, - }); - -- const presignedPost = await FileStorage.getPresignedPost( -- key, -- acl, -- maxUploadSize, -- contentType -- ); -+ let uploadUrl; -+ let method; -+ let presignedPost = { -+ fields: {}, -+ }; -+ if (env.AWS_S3_R2) { -+ uploadUrl = await FileStorage.getPresignedPut(key); -+ method = "PUT"; -+ } else { -+ uploadUrl = FileStorage.getUploadUrl(); -+ method = "POST"; -+ -+ presignedPost = await FileStorage.getPresignedPost( -+ key, -+ acl, -+ maxUploadSize, -+ contentType -+ ); -+ } - - ctx.body = { - data: { -- uploadUrl: FileStorage.getUploadUrl(), -+ uploadUrl, -+ method, - form: { - "Cache-Control": "max-age=31557600", - "Content-Type": contentType, -diff --git a/server/storage/files/BaseStorage.ts b/server/storage/files/BaseStorage.ts -index 339262cc5..03f658271 100644 ---- a/server/storage/files/BaseStorage.ts -+++ b/server/storage/files/BaseStorage.ts -@@ -26,6 +26,8 @@ export default abstract class BaseStorage { - contentType: string - ): Promise>; - -+ public abstract getPresignedPut(key: string): Promise; -+ - /** - * Returns a promise that resolves with a stream for reading a file from the storage provider. - * -diff --git a/server/storage/files/LocalStorage.ts b/server/storage/files/LocalStorage.ts -index 83cf98c50..324e60dd9 100644 ---- a/server/storage/files/LocalStorage.ts -+++ b/server/storage/files/LocalStorage.ts -@@ -30,6 +30,10 @@ export default class LocalStorage extends BaseStorage { - }); - } - -+ public async getPresignedPut(key: string) { -+ return this.getUrlForKey(key); -+ } -+ - public getUploadUrl() { - return "/api/files.create"; - } -diff --git a/server/storage/files/S3Storage.ts b/server/storage/files/S3Storage.ts -index beba39ab2..4f0fe09a9 100644 ---- a/server/storage/files/S3Storage.ts -+++ b/server/storage/files/S3Storage.ts -@@ -4,6 +4,7 @@ import { - S3Client, - DeleteObjectCommand, - GetObjectCommand, -+ PutObjectCommand, - ObjectCannedACL, - } from "@aws-sdk/client-s3"; - import { Upload } from "@aws-sdk/lib-storage"; -@@ -58,6 +59,16 @@ export default class S3Storage extends BaseStorage { - return createPresignedPost(this.client, params); - } - -+ public async getPresignedPut(key: string) { -+ const params = { -+ Bucket: env.AWS_S3_UPLOAD_BUCKET_NAME, -+ Key: key, -+ }; -+ -+ const command = new PutObjectCommand(params); -+ return await getSignedUrl(this.client, command, { expiresIn: 3600 }); -+ } -+ - private getPublicEndpoint(isServerUpload?: boolean) { - if (env.AWS_S3_ACCELERATE_URL) { - return env.AWS_S3_ACCELERATE_URL; -@@ -137,10 +148,17 @@ export default class S3Storage extends BaseStorage { - ); - } - -+ public getR2ObjectUrl = async (key: string) => -+ env.AWS_S3_R2_PUBLIC_URL + "/" + key; -+ - public getSignedUrl = async ( - key: string, - expiresIn = S3Storage.defaultSignedUrlExpires - ) => { -+ if (env.AWS_S3_R2) { -+ return this.getR2ObjectUrl(key); -+ } -+ - const isDocker = env.AWS_S3_UPLOAD_BUCKET_URL.match(/http:\/\/s3:/); - const params = { - Bucket: this.getBucket(), - diff --git a/modules/cloud/postgresql/default.nix b/modules/cloud/postgresql/default.nix index 6e664d3..1a84647 100644 --- a/modules/cloud/postgresql/default.nix +++ b/modules/cloud/postgresql/default.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let @@ -36,13 +31,6 @@ in ensureDatabases = cfg.databases; ensureUsers = (map userFromDatabase cfg.databases); - - dataDir = "/mnt/data/postgresql/${config.services.postgresql.package.psqlSchema}"; - }; - - config.systemd.services.postgresql.serviceConfig = { - StateDirectory = "postgresql postgresql ${config.services.postgresql.dataDir}"; - StateDirectoryMode = "0750"; }; # Backup settings diff --git a/modules/cloud/traefik/certs-dumper.nix b/modules/cloud/traefik/certs-dumper.nix index 7d300c2..f78a831 100644 --- a/modules/cloud/traefik/certs-dumper.nix +++ b/modules/cloud/traefik/certs-dumper.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let diff --git a/modules/cloud/traefik/config.nix b/modules/cloud/traefik/config.nix index 6741298..eaebfc0 100644 --- a/modules/cloud/traefik/config.nix +++ b/modules/cloud/traefik/config.nix @@ -1,9 +1,4 @@ -{ - pkgs, - lib, - config, - ... -}: +{ pkgs, lib, config, ... }: with lib; let @@ -14,169 +9,126 @@ let }; # Copied from traefik.nix - jsonValue = - with types; + jsonValue = with types; let - valueType = - nullOr (oneOf [ + valueType = nullOr + (oneOf [ bool int float str (lazyAttrsOf valueType) (listOf valueType) - ]) - // { - description = "JSON value"; - emptyValue.value = { }; - }; + ]) // { + description = "JSON value"; + emptyValue.value = { }; + }; in valueType; - hostType = - with types; - submodule { - options = { - host = mkOption { - type = str; - description = "The host for the router filter"; - }; - path = mkOption { - type = nullOr str; - default = null; - description = "The path for the router filter (exact path is matched)"; - }; - filter = mkOption { - type = nullOr str; - default = null; - description = "The filter syntax for the router. Overrides `host` and `path` if provided"; - }; - localHost = mkOption { - type = types.nullOr types.str; - description = "The local host of the service. Must be an IP if protocol is TCP. Default to localhost/127.0.0.1"; - default = null; - }; - port = mkOption { - type = types.port; - description = "The port that the service is listening on"; - }; - entrypoints = mkOption { - type = listOf (enum [ - "http" - "https" - "smtp-submission" - "smtp-submission-ssl" - "imap" - "wireguard" - ]); - default = [ "https" ]; - description = "The entrypoints that will serve the host"; - }; - middlewares = mkOption { - type = listOf jsonValue; - default = [ ]; - description = "The middlewares to be used with the host."; - }; - protocol = mkOption { - type = enum [ - "http" - "tcp" - "udp" - ]; - default = "http"; - description = "The protocol of the router and service"; - }; - tlsPassthrough = mkOption { - type = types.bool; - default = true; - description = "Sets the TCP passthrough value. Defaults to `true` if the connection is tcp"; - }; - noCloudflare = mkOption { - type = types.bool; - default = false; - description = "Bypasses the client cert requirement, enable if you don't route things through cloudflare"; - }; + hostType = with types; submodule { + options = { + host = mkOption { + type = str; + description = "The host for the router filter"; + }; + path = mkOption { + type = nullOr str; + default = null; + description = "The path for the router filter (exact path is matched)"; + }; + filter = mkOption { + type = nullOr str; + default = null; + description = "The filter syntax for the router. Overrides `host` and `path` if provided"; + }; + localHost = mkOption { + type = types.nullOr types.str; + description = "The local host of the service. Must be an IP if protocol is TCP. Default to localhost/127.0.0.1"; + default = null; + }; + port = mkOption { + type = types.port; + description = "The port that the service is listening on"; + }; + entrypoints = mkOption { + type = listOf (enum [ "http" "https" "smtp-submission" "smtp-submission-ssl" "imap" "wireguard" ]); + default = [ "https" ]; + description = "The entrypoints that will serve the host"; + }; + middlewares = mkOption { + type = listOf jsonValue; + default = [ ]; + description = "The middlewares to be used with the host."; + }; + protocol = mkOption { + type = enum [ "http" "tcp" "udp" ]; + default = "http"; + description = "The protocol of the router and service"; + }; + tlsPassthrough = mkOption { + type = types.bool; + default = true; + description = "Sets the TCP passthrough value. Defaults to `true` if the connection is tcp"; + }; + noCloudflare = mkOption { + type = types.bool; + default = false; + description = "Bypasses the client cert requirement, enable if you don't route things through cloudflare"; }; }; + }; # Returns the filter given a host configuration - filterOfHost = - host: + filterOfHost = host: let hostFilter = if host.protocol == "http" then "Host" else "HostSNI"; in - if host.filter != null then - host.filter - else if host.path == null then - "${hostFilter}(`${host.host}`)" - else - "${hostFilter}(`${host.host}`) && Path(`${host.path}`)"; + if host.filter != null then host.filter + else if host.path == null then "${hostFilter}(`${host.host}`)" + else "${hostFilter}(`${host.host}`) && Path(`${host.path}`)"; # Turns a host configuration into dynamic traefik configuration hostToConfig = name: host: { - "${host.protocol}" = - { - routers."${name}-router" = - ( - if (host.protocol != "udp") then - { - rule = filterOfHost host; - tls = - { - certResolver = "le"; - } - // ( - if host.protocol == "tcp" then - { passthrough = if (host ? tlsPassthrough) then host.tlsPassthrough else true; } - else - { } - ) - // (if host.noCloudflare then tlsNoCloudflare else { }); - } - else - { } - ) - // { - entryPoints = host.entrypoints; - service = "${name}-service"; - } - // ( - if host.protocol == "http" then - { middlewares = lists.imap0 (id: m: "${name}-middleware-${toString id}") host.middlewares; } - else if host.middlewares == [ ] then - { } - else - abort "Cannot have middlewares on non-http routers" - ); - services."${name}-service".loadBalancer.servers = [ - ( - let - localhost = - if isNull host.localHost then - (if host.protocol == "http" then "localhost" else "127.0.0.1") - else - host.localHost; - in - if host.protocol == "http" then - { url = "http://${localhost}:${toString host.port}"; } - else - { address = "${localhost}:${toString host.port}"; } - ) - ]; - } - // ( - if (host.middlewares != [ ]) then - { - middlewares = builtins.listToAttrs ( - lists.imap0 (id: v: { - name = "${name}-middleware-${toString id}"; - value = v; - }) host.middlewares - ); - } - else + "${host.protocol}" = { + routers."${name}-router" = (if (host.protocol != "udp") then { + rule = filterOfHost host; + tls = { certResolver = "le"; } + // (if host.protocol == "tcp" then { passthrough = if (host ? tlsPassthrough) then host.tlsPassthrough else true; } else { }) + // (if host.noCloudflare then tlsNoCloudflare else { }); + } else { }) // { + entryPoints = host.entrypoints; + service = "${name}-service"; + } // ( + if host.protocol == "http" then + { middlewares = lists.imap0 (id: m: "${name}-middleware-${toString id}") host.middlewares; } + else if host.middlewares == [ ] then { } + else abort "Cannot have middlewares on non-http routers" ); + services."${name}-service".loadBalancer.servers = [ + ( + let + localhost = + if isNull host.localHost then + ( + if host.protocol == "http" then "localhost" + else "127.0.0.1" + ) else host.localHost; + in + if host.protocol == "http" then + { url = "http://${localhost}:${toString host.port}"; } + else { address = "${localhost}:${toString host.port}"; } + ) + ]; + } // (if (host.middlewares != [ ]) then { + middlewares = builtins.listToAttrs (lists.imap0 + (id: v: { + name = "${name}-middleware-${toString id}"; + value = v; + }) + host.middlewares); + } else { }); }; tlsConfig = { diff --git a/modules/cloud/traefik/dashboard.nix b/modules/cloud/traefik/dashboard.nix index a8c7f4f..4c99159 100644 --- a/modules/cloud/traefik/dashboard.nix +++ b/modules/cloud/traefik/dashboard.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let @@ -33,8 +28,7 @@ in # Dynamic configuration # --------------------- ## Middleware - services.traefik.dynamicConfigOptions.http.middlewares.dashboard-auth.basicAuth.usersFile = - cfg.usersFile; + services.traefik.dynamicConfigOptions.http.middlewares.dashboard-auth.basicAuth.usersFile = cfg.usersFile; ## Router services.traefik.dynamicConfigOptions.http.routers.dashboard = { rule = "Host(`${cfg.host}`)"; diff --git a/modules/cloud/traefik/default.nix b/modules/cloud/traefik/default.nix index 98e8175..6a98728 100644 --- a/modules/cloud/traefik/default.nix +++ b/modules/cloud/traefik/default.nix @@ -1,29 +1,22 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let # Copied from traefik.nix - jsonValue = - with types; + jsonValue = with types; let - valueType = - nullOr (oneOf [ + valueType = nullOr + (oneOf [ bool int float str (lazyAttrsOf valueType) (listOf valueType) - ]) - // { - description = "JSON value"; - emptyValue.value = { }; - }; + ]) // { + description = "JSON value"; + emptyValue.value = { }; + }; in valueType; @@ -48,11 +41,7 @@ let cfg = config.cloud.traefik; in { - imports = [ - ./config.nix - ./dashboard.nix - ./certs-dumper.nix - ]; + imports = [ ./config.nix ./dashboard.nix ./certs-dumper.nix ]; options.cloud.traefik = { cloudflareKeyFile = mkOption { type = types.path; @@ -115,12 +104,7 @@ in config.systemd.services.traefik.environment.CF_DNS_API_TOKEN_FILE = cfg.cloudflareKeyFile; # Set up firewall to allow traefik traffic. - config.networking.firewall.allowedTCPPorts = [ - 443 - 993 - 587 - 465 - ]; + config.networking.firewall.allowedTCPPorts = [ 443 993 587 465 ]; config.networking.firewall.allowedUDPPorts = [ 443 # QUIC 51820 # Wireguard diff --git a/modules/cloud/writefreely/default.nix b/modules/cloud/writefreely/default.nix index d26de4a..d4babcc 100644 --- a/modules/cloud/writefreely/default.nix +++ b/modules/cloud/writefreely/default.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let cfg = config.cloud.writefreely; @@ -67,3 +62,4 @@ in } ); } + diff --git a/modules/common/linux/default.nix b/modules/common/linux/default.nix index 602ba6e..8f8f430 100644 --- a/modules/common/linux/default.nix +++ b/modules/common/linux/default.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let @@ -11,203 +6,105 @@ let # Modules modules = { - adb = - { config, ... }: - mkIf config.common.linux.enable { - services.udev.packages = with pkgs; [ android-udev-rules ]; - programs.adb.enable = true; - users.users.${config.common.linux.username}.extraGroups = [ "adbusers" ]; + adb = { config, ... }: mkIf config.common.linux.enable { + services.udev.packages = with pkgs; [ android-udev-rules ]; + programs.adb.enable = true; + users.users.${config.common.linux.username}.extraGroups = [ "adbusers" ]; + }; + ios = { config, pkgs, ... }: mkIf config.common.linux.enable { + services.avahi.enable = true; + services.usbmuxd.enable = true; + services.usbmuxd.package = pkgs.usbmuxd2; + environment.systemPackages = with pkgs; [ + libimobiledevice + ifuse + ]; + users.users.${config.common.linux.username}.extraGroups = [ config.services.usbmuxd.group ]; + systemd.network.networks."05-ios-tethering" = { + matchConfig.Driver = "ipheth"; + networkConfig.DHCP = "yes"; + linkConfig.RequiredForOnline = "no"; }; - ios = - { config, pkgs, ... }: - mkIf config.common.linux.enable { - services.usbmuxd.enable = true; - services.usbmuxd.package = pkgs.usbmuxd2; - environment.systemPackages = with pkgs; [ - libimobiledevice - ifuse - ]; - users.users.${config.common.linux.username}.extraGroups = [ config.services.usbmuxd.group ]; - systemd.network.networks."05-ios-tethering" = { - matchConfig.Driver = "ipheth"; - networkConfig.DHCP = "yes"; - linkConfig.RequiredForOnline = "no"; - }; + }; + + accounts = { pkgs, ... }: mkIf (config.common.linux.enable && !pkgs.stdenv.isAarch64) { + environment.systemPackages = with pkgs.gnome; [ pkgs.glib gnome-control-center ]; + services.accounts-daemon.enable = true; + services.gnome.gnome-online-accounts.enable = true; + # programs.evolution.enable = true; + # programs.evolution.plugins = with pkgs; [ evolution-ews ]; + # services.gnome.evolution-data-server.enable = true; + # services.gnome.evolution-data-server.plugins = with pkgs; [ evolution-ews ]; + }; + + wlr = { ... }: mkIf config.common.linux.enable { + # swaync disable notifications on screencast + xdg.portal.wlr.settings.screencast = { + exec_before = ''which swaync-client && swaync-client --inhibitor-add "xdg-desktop-portal-wlr" || true''; + exec_after = ''which swaync-client && swaync-client --inhibitor-remove "xdg-desktop-portal-wlr" || true''; + }; + }; + + logitech = { pkgs, ... }: mkIf cfg.enable { + services.ratbagd.enable = true; + environment.systemPackages = with pkgs; [ piper ]; + }; + + kwallet = { pkgs, lib, ... }: mkIf cfg.enable { + environment.systemPackages = [ pkgs.kdePackages.kwallet ]; + services.dbus.packages = [ pkgs.kdePackages.kwallet ]; + xdg.portal = { + extraPortals = [ pkgs.kdePackages.kwallet ]; + }; + }; + + virtualisation = { pkgs, ... }: mkIf cfg.enable { + virtualisation.podman = { + enable = true; + dockerCompat = true; + defaultNetwork.settings.dns_enabled = true; }; - graphics = - { config, pkgs, ... }: - { - hardware.graphics.enable = true; - hardware.graphics.enable32Bit = true; - # Monitor backlight - hardware.i2c.enable = true; - services.ddccontrol.enable = true; - environment.systemPackages = [ - pkgs.luminance - pkgs.ddcutil - ]; - }; + virtualisation.oci-containers.backend = "podman"; - accounts = - { pkgs, ... }: - mkIf (config.common.linux.enable && !pkgs.stdenv.isAarch64) { - environment.systemPackages = [ - pkgs.glib - (pkgs.gnome-control-center or pkgs.gnome.gnome-control-center) - ]; - services.accounts-daemon.enable = true; - services.gnome.gnome-online-accounts.enable = true; - # programs.evolution.enable = true; - # programs.evolution.plugins = with pkgs; [ evolution-ews ]; - # services.gnome.evolution-data-server.enable = true; - # services.gnome.evolution-data-server.plugins = with pkgs; [ evolution-ews ]; - }; - - wlr = - { lib, config, ... }: - mkIf config.common.linux.enable { - # swaync disable notifications on screencast - xdg.portal.wlr.settings.screencast = { - exec_before = ''which swaync-client && swaync-client --inhibitor-add "xdg-desktop-portal-wlr" || true''; - exec_after = ''which swaync-client && swaync-client --inhibitor-remove "xdg-desktop-portal-wlr" || true''; - }; - - # Niri stuff - # https://github.com/sodiboo/niri-flake/blob/main/docs.md - programs.niri.enable = true; - programs.niri.package = pkgs.niri-stable; - # Override gnome-keyring disabling - services.gnome.gnome-keyring.enable = lib.mkForce false; - # ydotool - programs.ydotool.enable = true; - users.extraGroups.${config.programs.ydotool.group}.members = [ cfg.username ]; - - }; - - logitech = - { pkgs, ... }: - mkIf cfg.enable { - services.ratbagd.enable = true; - environment.systemPackages = with pkgs; [ piper ]; - }; - - kwallet = - { pkgs, lib, ... }: - mkIf cfg.enable { - environment.systemPackages = [ pkgs.kdePackages.kwallet ]; - services.dbus.packages = [ pkgs.kdePackages.kwallet ]; - xdg.portal = { - extraPortals = [ pkgs.kdePackages.kwallet ]; - }; - }; - - virtualisation = - { pkgs, ... }: - mkIf cfg.enable { - virtualisation.podman = { - enable = true; - extraPackages = [ pkgs.slirp4netns ]; - dockerCompat = true; - defaultNetwork.settings.dns_enabled = true; - }; - - virtualisation.oci-containers.backend = "podman"; - - virtualisation.virtualbox.host.enable = false; - users.extraGroups.vboxusers.members = [ cfg.username ]; - }; - - nix-ld = - { pkgs, ... }: - { - programs.nix-ld = { - enable = true; - libraries = with pkgs; [ - ncurses - llvmPackages.libcxx - glibc - sqlite - ]; - }; - }; + virtualisation.virtualbox.host.enable = false; + users.extraGroups.vboxusers.members = [ cfg.username ]; + }; }; - rt-audio = - { pkgs, ... }: - mkIf cfg.enable { - services.pipewire.lowLatency = { - # enable this module - enable = true; - # defaults (no need to be set unless modified) - quantum = 32; - rate = 44100; - }; - security.rtkit.enable = true; - - # Real time configurations - boot.kernel.sysctl = { - "vm.swappiness" = 10; - "fs.inotify.max_user_watches" = 524288; - }; - security.pam.loginLimits = [ - { - domain = "@audio"; - item = "rtprio"; - type = "-"; - value = "90"; - } - { - domain = "@audio"; - item = "memlock"; - type = "-"; - value = "unlimited"; - } - ]; + rt-audio = { pkgs, ... }: mkIf cfg.enable { + services.pipewire.lowLatency = { + # enable this module + enable = true; + # defaults (no need to be set unless modified) + quantum = 32; + rate = 48000; }; + security.rtkit.enable = true; - tailscale = - { config, ... }: - { - options.common.linux = { - tailscale = { - firewall.allowPorts = mkOption { - type = types.listOf types.port; - description = "List of ports to allow tailscale to pass through"; - default = [ ]; - }; - }; - }; - config = - let - cfg = config.common.linux.tailscale; - in - { - # Enable tailscale - services.tailscale.enable = true; - networking.firewall.interfaces."tailscale0" = { - allowedUDPPorts = cfg.firewall.allowPorts; - allowedTCPPorts = cfg.firewall.allowPorts; - }; - }; + # Real time configurations + boot.kernel.sysctl = { + "vm.swappiness" = 10; + "fs.inotify.max_user_watches" = 524288; }; + security.pam.loginLimits = [ + { + domain = "@audio"; + item = "rtprio"; + type = "-"; + value = "90"; + } + { + domain = "@audio"; + item = "memlock"; + type = "-"; + value = "unlimited"; + } + ]; + }; in { - imports = with modules; [ - ./sops.nix - - adb - ios - graphics - wlr - logitech - kwallet - virtualisation - accounts - rt-audio - nix-ld - tailscale - ]; + imports = with modules; [ adb ios wlr logitech kwallet virtualisation accounts rt-audio ]; options.common.linux = { enable = mkOption { @@ -230,30 +127,23 @@ in dnsServers = mkOption { type = types.listOf types.str; description = "DNS server list"; - default = [ - "1.1.1.1" - "2606:4700:4700:1111" - ]; + default = [ "1.1.1.1" "2606:4700:4700:1111" ]; }; networks = mkOption { - type = types.attrsOf ( - types.submodule { - options.match = mkOption { - type = types.str; - description = "The interface name to match"; - }; - options.isRequired = mkOption { - type = types.bool; - description = "Require this interface to be connected for network-online.target"; - default = false; - }; - } - ); + type = types.attrsOf (types.submodule { + options.match = mkOption { + type = types.str; + description = "The interface name to match"; + }; + options.isRequired = mkOption { + type = types.bool; + description = "Require this interface to be connected for network-online.target"; + default = false; + }; + }); description = "Network configuration"; default = { - default = { - match = "*"; - }; + default = { match = "*"; }; }; }; }; @@ -278,16 +168,18 @@ in }; boot.initrd.systemd.enable = builtins.length (builtins.attrNames (cfg.luksDevices)) > 0; # LUKS devices - boot.initrd.luks.devices = builtins.mapAttrs (name: path: { - device = path; - preLVM = true; - allowDiscards = true; + boot.initrd.luks.devices = builtins.mapAttrs + (name: path: { + device = path; + preLVM = true; + allowDiscards = true; - crypttabExtraOpts = [ - "tpm2-device=auto" - "fido2-device=auto" - ]; - }) cfg.luksDevices; + crypttabExtraOpts = [ + "tpm2-device=auto" + "fido2-device=auto" + ]; + }) + cfg.luksDevices; ## Hardware-related @@ -326,15 +218,10 @@ in "wheel" # Enable ‘sudo’ for the user. "plugdev" # Enable openrazer-daemon privileges "audio" - "video" - "input" ]; shell = pkgs.fish; }; - nix.settings.trusted-users = [ - "root" - cfg.username - ]; + nix.settings.trusted-users = [ "root" cfg.username ]; ## Network configuration systemd.network.enable = true; @@ -345,11 +232,13 @@ in networking.hostName = cfg.networking.hostname; networking.wireless.iwd.enable = true; networking.wireless.iwd.settings.General.EnableNetworkConfiguration = true; - systemd.network.networks = builtins.mapAttrs (name: cfg: { - matchConfig.Name = cfg.match; - networkConfig.DHCP = "yes"; - linkConfig.RequiredForOnline = if cfg.isRequired then "yes" else "no"; - }) cfg.networking.networks; + systemd.network.networks = builtins.mapAttrs + (name: cfg: { + matchConfig.Name = cfg.match; + networkConfig.DHCP = "yes"; + linkConfig.RequiredForOnline = if cfg.isRequired then "yes" else "no"; + }) + cfg.networking.networks; # Leave DNS to systemd-resolved services.resolved.enable = true; services.resolved.domains = cfg.networking.dnsServers; @@ -357,44 +246,24 @@ in # Firewall: only open to SSH now networking.firewall.allowedTCPPorts = [ 22 ]; networking.firewall.allowedUDPPorts = [ 22 ]; - # Network namespaces management - systemd.services."netns@" = { - description = "Network namespace %I"; - before = [ "network.target" ]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStart = "${pkgs.iproute2}/bin/ip netns add %I"; - ExecStop = "${pkgs.iproute2}/bin/ip netns del %I"; - }; - }; + # Enable tailscale + services.tailscale.enable = true; ## Time and Region - time.timeZone = lib.mkDefault "Europe/Zurich"; + time.timeZone = "Europe/Zurich"; # Select internationalisation properties. console.keyMap = "jp106"; # Console key layout i18n.defaultLocale = "ja_JP.UTF-8"; # Input methods (only fcitx5 works reliably on Wayland) - i18n.inputMethod = - { - fcitx5.waylandFrontend = true; - fcitx5.addons = with pkgs; [ - fcitx5-mozc - fcitx5-unikey - fcitx5-gtk - ]; - } - // ( - if config.system.nixos.release == "24.05" then - { - enabled = "fcitx5"; - } - else - { - enable = true; - type = "fcitx5"; - } - ); + i18n.inputMethod = { + enabled = "fcitx5"; + fcitx5.waylandFrontend = true; + fcitx5.addons = with pkgs; [ + fcitx5-mozc + fcitx5-unikey + fcitx5-gtk + ]; + }; # Default packages environment.systemPackages = with pkgs; [ @@ -420,23 +289,12 @@ in programs.kdeconnect.enable = true; # Flatpaks are useful... sometimes... services.flatpak.enable = true; - # AppImages should run - programs.appimage = { - enable = true; - binfmt = true; - }; # DConf for GNOME configurations programs.dconf.enable = true; # Gaming! (not for ARM64) - programs.steam.enable = true; - programs.gamescope = { - enable = true; - # capSysNice = true; # https://github.com/NixOS/nixpkgs/issues/351516 - args = [ - "--adaptive-sync" - "--rt" - ]; - }; + programs.steam.enable = !pkgs.stdenv.isAarch64; + hardware.opengl.enable = true; + hardware.opengl.driSupport32Bit = !pkgs.stdenv.isAarch64; # For 32 bit applications ## Services # OpenSSH so you can SSH to me @@ -453,28 +311,9 @@ in wlr.enable = true; xdgOpenUsePortal = true; # gtk portal needed to make gtk apps happy - extraPortals = [ - pkgs.kdePackages.xdg-desktop-portal-kde - pkgs.xdg-desktop-portal-gtk - ]; + extraPortals = [ pkgs.kdePackages.xdg-desktop-portal-kde pkgs.xdg-desktop-portal-gtk ]; - config.sway.default = [ - "wlr" - "kde" - "kwallet" - ]; - config.niri = { - default = [ - "kde" - "gnome" - "gtk" - ]; - # "org.freedesktop.impl.portal.Access" = "gtk"; - # "org.freedesktop.impl.portal.Notification" = "gtk"; - "org.freedesktop.impl.portal.ScreenCast" = "gnome"; - "org.freedesktop.impl.portal.Secret" = "kwallet"; - "org.freedesktop.impl.portal.FileChooser" = "kde"; - }; + config.sway.default = [ "wlr" "kde" "kwallet" ]; }; # D-Bus services.dbus.packages = with pkgs; [ gcr ]; @@ -485,8 +324,5 @@ in EDITOR = "kak"; VISUAL = "kak"; }; - - # Trust my own cert - security.pki.certificateFiles = [ ../../../nki-home/cert.pem ]; }; } diff --git a/modules/common/linux/sops.nix b/modules/common/linux/sops.nix deleted file mode 100644 index 587d3a6..0000000 --- a/modules/common/linux/sops.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, lib, ... }: -with { inherit (lib) types mkOption mkEnableOption; }; -let - cfg = config.common.linux.sops; -in -{ - options.common.linux.sops = { - enable = mkEnableOption "Enable sops configuration"; - file = mkOption { - type = types.path; - description = "Path to the default sops file"; - }; - }; - config = lib.mkIf cfg.enable { - sops.defaultSopsFile = cfg.file; - sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - }; -} diff --git a/modules/my-tinc/default.nix b/modules/my-tinc/default.nix index 02beeb6..f3e2682 100644 --- a/modules/my-tinc/default.nix +++ b/modules/my-tinc/default.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let @@ -39,91 +34,75 @@ in default = 655; description = "The port to listen on"; }; + + meshIp = mkOption { + type = types.str; + description = "The mesh ip to be assigned by hostname"; + }; }; - config = mkIf cfg.enable ( - builtins.seq - (mkIf (isNull cfg.rsaPrivateKey && isNull cfg.ed25519PrivateKey) ( - builtins.abort "one of the keys must be defined" - )) - ( - let - networkName = "my-tinc"; + config = mkIf cfg.enable (builtins.seq + (mkIf (isNull cfg.rsaPrivateKey && isNull cfg.ed25519PrivateKey) (builtins.abort "one of the keys must be defined")) + ( + let + networkName = "my-tinc"; - myHost = builtins.getAttr cfg.hostName hosts; - myMeshIp = myHost.subnetAddr; - in - { - # Scripts that set up the tinc services - environment.etc = { - "tinc/${networkName}/tinc-up".source = pkgs.writeScript "tinc-up-${networkName}" '' - #!${pkgs.stdenv.shell} - ${pkgs.nettools}/bin/ifconfig $INTERFACE ${myMeshIp} netmask 255.255.255.0 - ''; - "tinc/${networkName}/tinc-down".source = pkgs.writeScript "tinc-down-${networkName}" '' - #!${pkgs.stdenv.shell} - /run/wrappers/bin/sudo ${pkgs.nettools}/bin/ifconfig $INTERFACE down - ''; - }; + myHost = builtins.getAttr cfg.hostName hosts; + myMeshIp = myHost.subnetAddr; + in + { + services.my-tinc.meshIp = myMeshIp; + # Scripts that set up the tinc services + environment.etc = { + "tinc/${networkName}/tinc-up".source = pkgs.writeScript "tinc-up-${networkName}" '' + #!${pkgs.stdenv.shell} + ${pkgs.nettools}/bin/ifconfig $INTERFACE ${myMeshIp} netmask 255.255.255.0 + ''; + "tinc/${networkName}/tinc-down".source = pkgs.writeScript "tinc-down-${networkName}" '' + #!${pkgs.stdenv.shell} + /run/wrappers/bin/sudo ${pkgs.nettools}/bin/ifconfig $INTERFACE down + ''; + }; - # Allow the tinc service to call ifconfig without sudo password. - security.sudo.extraRules = [ - { - users = [ "tinc.${networkName}" ]; - commands = [ - { - command = "${pkgs.nettools}/bin/ifconfig"; - options = [ "NOPASSWD" ]; - } - ]; - } - ]; - - # simple interface setup - # ---------------------- - networking.interfaces."tinc.${networkName}".ipv4.addresses = [ - { - address = myMeshIp; - prefixLength = 24; - } - ]; - - # firewall - networking.firewall.allowedUDPPorts = [ 655 ]; - networking.firewall.allowedTCPPorts = [ 655 ]; - networking.firewall.interfaces."tinc.${networkName}" = { - allowedUDPPortRanges = [ + # Allow the tinc service to call ifconfig without sudo password. + security.sudo.extraRules = [ + { + users = [ "tinc.${networkName}" ]; + commands = [ { - from = 0; - to = 65535; + command = "${pkgs.nettools}/bin/ifconfig"; + options = [ "NOPASSWD" ]; } ]; - allowedTCPPortRanges = [ - { - from = 0; - to = 65535; - } - ]; - }; + } + ]; - # configure tinc service - # ---------------------- - services.tinc.networks."${networkName}" = { + # simple interface setup + # ---------------------- + networking.interfaces."tinc.${networkName}".ipv4.addresses = [{ address = myMeshIp; prefixLength = 24; }]; - name = cfg.hostName; # who are we in this network. + # firewall + networking.firewall.allowedUDPPorts = [ 655 ]; + networking.firewall.allowedTCPPorts = [ 655 ]; - debugLevel = 3; # the debug level for journal -u tinc.private - chroot = false; # otherwise addresses can't be a DNS - interfaceType = "tap"; # tun might also work. + # configure tinc service + # ---------------------- + services.tinc.networks."${networkName}" = { - bindToAddress = "* ${toString cfg.bindPort}"; + name = cfg.hostName; # who are we in this network. - ed25519PrivateKeyFile = cfg.ed25519PrivateKey; - rsaPrivateKeyFile = cfg.rsaPrivateKey; + debugLevel = 3; # the debug level for journal -u tinc.private + chroot = false; # otherwise addresses can't be a DNS + interfaceType = "tap"; # tun might also work. - settings.ExperimentalProtocol = "yes"; - }; - } - ) + bindToAddress = "* ${toString cfg.bindPort}"; + + ed25519PrivateKeyFile = cfg.ed25519PrivateKey; + rsaPrivateKeyFile = cfg.rsaPrivateKey; + + settings.ExperimentalProtocol = "yes"; + }; + } + ) ); } diff --git a/modules/my-tinc/hosts.nix b/modules/my-tinc/hosts.nix index 40e9987..da75547 100644 --- a/modules/my-tinc/hosts.nix +++ b/modules/my-tinc/hosts.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let @@ -11,34 +6,27 @@ let cfg = config.services.my-tinc; - mapAttrs = - f: attrs: - builtins.listToAttrs ( - map (name: { - inherit name; - value = f name (builtins.getAttr name attrs); - }) (builtins.attrNames attrs) - ); + mapAttrs = f: attrs: builtins.listToAttrs ( + map (name: { inherit name; value = f name (builtins.getAttr name attrs); }) (builtins.attrNames attrs) + ); in { config = mkIf cfg.enable { # All hosts we know of - services.tinc.networks.my-tinc.hostSettings = mapAttrs (name: host: { - addresses = if (host ? address) then [ { address = host.address; } ] else [ ]; - subnets = [ { address = host.subnetAddr; } ]; - rsaPublicKey = mkIf (host ? "rsaPublicKey") host.rsaPublicKey; - settings.Ed25519PublicKey = mkIf (host ? "ed25519PublicKey") host.ed25519PublicKey; - }) hosts; + services.tinc.networks.my-tinc.hostSettings = mapAttrs + (name: host: { + addresses = if (host ? address) then [{ address = host.address; }] else [ ]; + subnets = [{ address = host.subnetAddr; }]; + rsaPublicKey = mkIf (host ? "rsaPublicKey") host.rsaPublicKey; + settings.Ed25519PublicKey = mkIf (host ? "ed25519PublicKey") host.ed25519PublicKey; + }) + hosts; # Add all of them to host - nki.services.edns = { - enable = true; - cloaking-rules = ( - lib.attrsets.mapAttrs' (name: host: { - name = "${name}.tinc"; - value = host.subnetAddr; - }) hosts - ); - }; + networking.extraHosts = lib.strings.concatStringsSep + "\n" + (lib.attrsets.mapAttrsToList + (name: host: "${host.subnetAddr} ${name}.tinc") + hosts); }; } diff --git a/modules/my-tinc/hosts/default.nix b/modules/my-tinc/hosts/default.nix index abae21d..3951a24 100644 --- a/modules/my-tinc/hosts/default.nix +++ b/modules/my-tinc/hosts/default.nix @@ -12,24 +12,4 @@ rsaPublicKey = builtins.readFile ./nki-home.pub; ed25519PublicKey = "Ts5OdPtBNLIRfosoYRcb6Z2iwWyOz/VKTKB9J0p5LlH"; }; - - macbook = { - subnetAddr = "11.0.0.3"; - rsaPublicKey = builtins.readFile ./nki-macbook.pub; - ed25519PublicKey = "lkNkBTl5GmcQFrtA7F1nN2gq5gFK7KuGqHUN8fiJU7H"; - }; - macbooknix = { - subnetAddr = "11.0.0.4"; - ed25519PublicKey = "6MN5LVE4juavv8qJW2dTN4t/haKCADWquAQj/ADF7iN"; - }; - - yoga = { - subnetAddr = "11.0.0.5"; - ed25519PublicKey = "n+gIZjuuTPxi0OBqw2oOcmXd3loOHG+GQHBMXNlgyqI"; - }; - - framework = { - subnetAddr = "11.0.0.6"; - ed25519PublicKey = "YL7NA6Ydv/3FBfSzOPvyHlGweAViPvsG3b0Zh8L0NzF"; - }; } diff --git a/modules/my-tinc/hosts/nki-macbook.pub b/modules/my-tinc/hosts/nki-macbook.pub deleted file mode 100644 index 7c5f30c..0000000 --- a/modules/my-tinc/hosts/nki-macbook.pub +++ /dev/null @@ -1,25 +0,0 @@ - ------BEGIN RSA PUBLIC KEY----- -MIIECgKCBAEArruSM+4etKvZ2dWeBP8nA1lQeY/T3gBD7JMdHqG/BlEmEkEW2jrq -1UpABXEh5MyZ2ekSG5xr9awmVdybxauC0NPiDGxfknctS4F23asK0q5XjcnPtnln -cBhq7RPKdX1oGDyWrL4pVHOX+6cRZ6IsQemxfXlm3chl/5ore9b728wrU/FpkBBL -5gnzI3vtPWlBhrGxQOVobdLI4EYtFfbXV/IOqoe+5po8iYCliUQGF88R0V57YYpK -YXjuVtANMvoRsT5N7OJgoLjGeHEVXB0Umjfci+gbt+u+bKt0eBODFsawFWJCxxpY -cgbHtAViHZLSL5MTOlSBaW6tKsR/LrDUOCKu27Ccf7ZGG6U3O32ZI95+rsmuo+y7 -DicZuW/YnvLomy+/XxzBvMYhDgQAMrOZTzCj6fjyie3FsdUHB2ydUhAkpvQMgBZM -6m0F5kancKNXaSXv82AaJrEclqo3DjAAtOy8jS/t7JyjwUh6LdKjjt68dmbq8weK -y9IZxQun/X+fEK4W2YVxm/nftJSPv/j1qsxakzuSHOAeQggLiOIcJi2aMftrfJJS -9DNqoDHy1cf0I9hH6VLcwx+fk4RkDdr7+SupKjFmhSz0ZlL80uc3I4yJg+cN+4rW -E5HFS+nxDQ1fwbH/pC5fXgvNTyepzqs+zTOKCjzezqGP4fgfCTODt6uXpuc52smY -agUfYd5fOW+RLrAP/Z1vvFBI26RBrOpfIFYEgAsRfx5iHI/SUxu3FDSl+cewiQ3k -AIvD+wGEpTI64nZr7sgF/rUR5mTrS51+3eWm9SHLF9R5hYHHe2HWILBvNu9YLQdI -pQmNmu4H32/gNP8HnSm8I1zDChB84o+FnjyZ0EhTDOdg6BemssvoWnuQ+CoUsmyZ -lB+A8bUIaFYaGtx46ESdSzHJVWV25P6vVgXbqS2OqC2Slkc8RWYKfoHLvJg28zT0 -A5naep3YWymXXhzsUXeEuyc68GZvF8BFV13XTiiULy3ZCjlBGA9xZoc4lLKdKXNk -Y/q908RHu2BUB3z6eeVKGDCGD9E/jiK+NpBWtrPmuBNTz4cC2cbjhx17j7dLF/wa -JY2iCeRCfNhTkE7oP9uWf5nUrUU/DlUdz4DC6JNHeo2hmLNjNQLBx+2ExtAdcF1g -4WhDnuKtrMTedRqwQLVE7FNW9iwBDpCQlmGkg+JE0+qdQBaoKDco/l2npSVVWjCU -5eeB+xCZd25gPFDUQtGYt6Pux/6E0+3wLr2flGODfYHEGLsGlUIisIEs2WrISxcd -5bSDrFh23GUsOZdruUA1GDgXu5+DUFhEriZDDWYzl5Zf83qqLgYP/RZuX5VWQ8Ge -PGw+fTnj/IneKgrhg8YgZCmK9j4hh+KMPwIDAQAB ------END RSA PUBLIC KEY----- diff --git a/modules/personal/fonts/default.nix b/modules/personal/fonts/default.nix index 64da72c..95978ec 100644 --- a/modules/personal/fonts/default.nix +++ b/modules/personal/fonts/default.nix @@ -1,91 +1,49 @@ -{ - pkgs, - lib, - config, - ... -}: +{ pkgs, lib, ... }: with lib; -let - nerd-fonts = - if builtins.hasAttr "nerd-fonts" pkgs then - pkgs.nerd-fonts.symbols-only - else - pkgs.nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; }; -in { imports = [ ./mounting.nix ]; # Fonts - config.fonts = - { - packages = - with pkgs; - mkForce [ - noto-fonts-emoji-blob-bin - ibm-plex - nerd-fonts - noto-fonts - (pkgs.noto-fonts-cjk-sans or pkgs.noto-fonts-cjk) - merriweather - corefonts - font-awesome - hack-font # for Plasma - ]; - } - // ( - if pkgs.stdenv.isLinux then - { - enableDefaultPackages = false; - fontconfig = { - defaultFonts = { - emoji = lib.mkBefore [ "Blobmoji" ]; - serif = lib.mkBefore [ - "IBM Plex Serif" - "IBM Plex Sans JP" - "IBM Plex Sans KR" - "Blobmoji" - ]; - sansSerif = lib.mkBefore [ - "IBM Plex Sans" - "IBM Plex Sans JP" - "IBM Plex Sans KR" - "Blobmoji" - ]; - monospace = lib.mkBefore [ - "IBM Plex Mono" - "Font Awesome 6 Free" - "Symbols Nerd Font" - "Blobmoji" - "IBM Plex Sans JP" - ]; - }; - localConf = '' - - - - - system-ui - - IBM Plex Sans - IBM Plex Sans JP - IBM Plex Sans KR - Blobmoji - - - - ''; - }; - fontDir.enable = true; - } - else - { } - ) - // ( - if pkgs.stdenv.isDarwin then - { - fontDir.enable = true; - } - else - { } - ); + config.fonts = { + packages = with pkgs; mkForce [ + noto-fonts-emoji-blob-bin + ibm-plex + (nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; }) + noto-fonts + noto-fonts-cjk + merriweather + corefonts + font-awesome + hack-font # for Plasma + ]; + } // (if pkgs.stdenv.isLinux then { + enableDefaultPackages = false; + fontconfig = { + defaultFonts = { + emoji = lib.mkBefore [ "Blobmoji" ]; + serif = lib.mkBefore [ "IBM Plex Serif" "IBM Plex Sans JP" "IBM Plex Sans KR" "Blobmoji" ]; + sansSerif = lib.mkBefore [ "IBM Plex Sans" "IBM Plex Sans JP" "IBM Plex Sans KR" "Blobmoji" ]; + monospace = lib.mkBefore [ "IBM Plex Mono" "Font Awesome 6 Free" "Symbols Nerd Font" "Blobmoji" "IBM Plex Sans JP" ]; + }; + localConf = '' + + + + + system-ui + + IBM Plex Sans + IBM Plex Sans JP + IBM Plex Sans KR + Blobmoji + + + + ''; + }; + fontDir.enable = true; + } else { }) // (if pkgs.stdenv.isDarwin then { + fontDir.enable = true; + } else { }); } + diff --git a/modules/personal/fonts/mounting.nix b/modules/personal/fonts/mounting.nix index ed3111c..86f2881 100644 --- a/modules/personal/fonts/mounting.nix +++ b/modules/personal/fonts/mounting.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: lib.mkIf pkgs.stdenv.isLinux { system.fsPackages = [ pkgs.bindfs ]; fileSystems = @@ -11,17 +6,13 @@ lib.mkIf pkgs.stdenv.isLinux { mkRoSymBind = path: { device = path; fsType = "fuse.bindfs"; - options = [ - "ro" - "resolve-symlinks" - "x-gvfs-hide" - ]; + options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ]; }; aggregatedIcons = pkgs.buildEnv { name = "system-icons"; paths = with pkgs; [ #libsForQt5.breeze-qt5 # for plasma - (pkgs.gnome-themes-extra or gnome.gnome-themes-extra) # Until 24.11 + gnome.gnome-themes-extra ]; pathsToLink = [ "/share/icons" ]; }; diff --git a/modules/personal/u2f.nix b/modules/personal/u2f.nix index fa10d4b..df1272b 100644 --- a/modules/personal/u2f.nix +++ b/modules/personal/u2f.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let @@ -21,7 +16,7 @@ in security.pam = mkIf pkgs.stdenv.isLinux { u2f = { enable = true; - settings.cue = true; + cue = true; }; # Services diff --git a/modules/services/edns/default.nix b/modules/services/edns/default.nix index 7674eff..e713903 100644 --- a/modules/services/edns/default.nix +++ b/modules/services/edns/default.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let @@ -13,11 +8,6 @@ in options.nki.services.edns = { enable = mkEnableOption "Enable encrypted DNS"; ipv6 = mkEnableOption "Enable ipv6"; - cloaking-rules = mkOption { - type = types.attrsOf types.str; - default = { }; - description = "A set of domain -> ip mapping for cloaking_rules"; - }; }; config = mkIf cfg.enable { @@ -39,10 +29,7 @@ in # Sources sources.public_resolvers = { - urls = [ - "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" - "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" - ]; + urls = [ "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" ]; cache_file = "/var/lib/dnscrypt-proxy/public_resolvers.md"; minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; }; @@ -52,22 +39,9 @@ in # Anonymized DNS anonymized_dns.routes = [ - { - server_name = "*"; - via = [ - "anon-plan9-dns" - "anon-v.dnscrypt.up-ipv4" - ]; - } + { server_name = "*"; via = [ "anon-plan9-dns" "anon-v.dnscrypt.up-ipv4" ]; } ]; anonymized_dns.skip_incompatible = true; - - # Cloaking rules - cloaking_rules = pkgs.writeText "cloaking_rules.txt" ( - lib.strings.concatStringsSep "\n" ( - lib.attrsets.mapAttrsToList (name: ip: "${name} ${ip}") cfg.cloaking-rules - ) - ); }; }; }; diff --git a/modules/services/nix-build-farm/default.nix b/modules/services/nix-build-farm/default.nix deleted file mode 100644 index de774c7..0000000 --- a/modules/services/nix-build-farm/default.nix +++ /dev/null @@ -1,71 +0,0 @@ -{ config, lib, ... }: -with { inherit (lib) mkOption types mkIf; }; -let - cfg = config.services.nix-build-farm; - hosts = import ./hosts.nix; - - build-user = "nix-builder"; - - isBuilder = host: host ? "builder"; - allBuilders = lib.filterAttrs (_: isBuilder) hosts; -in -{ - options.services.nix-build-farm = { - enable = mkOption { - type = types.bool; - default = true; - description = "Whether to enable nix-build-farm as a client"; - }; - hostname = mkOption { - type = types.enum (builtins.attrNames hosts); - description = "The hostname as listed in ./hosts.nix file"; - }; - privateKeyFile = mkOption { - type = types.path; - description = "The path to the private SSH key file"; - }; - - ipAddrs = mkOption { - type = types.str; - description = "The ip addresses to limit access to"; - default = "11.0.0.*"; - }; - }; - - config = mkIf cfg.enable ( - let - host = hosts.${cfg.hostname}; - otherHosts = lib.filterAttrs (name: _: name != cfg.hostname) hosts; - otherBuilders = lib.filterAttrs (name: _: name != cfg.hostname) allBuilders; - in - { - nix.distributedBuilds = true; - nix.buildMachines = lib.mapAttrsToList ( - name: host: - { - hostName = host.host; - sshUser = build-user; - sshKey = cfg.privateKeyFile; - } - // host.builder - ) otherBuilders; - nix.extraOptions = '' - builders-use-substitutes = true - ''; # allow builders to fetch built artifacts - - users = mkIf (isBuilder host) { - users.${build-user} = { - description = "Nix build farm user"; - group = build-user; - isNormalUser = true; - openssh.authorizedKeys.keys = lib.mapAttrsToList ( - _: host: ''from="${cfg.ipAddrs}" ${host.pubKey}'' - ) otherHosts; - }; - groups.${build-user} = { }; - }; - - nix.settings.trusted-users = mkIf (isBuilder host) [ build-user ]; - } - ); -} diff --git a/modules/services/nix-build-farm/hosts.nix b/modules/services/nix-build-farm/hosts.nix deleted file mode 100644 index 5f4a7f9..0000000 --- a/modules/services/nix-build-farm/hosts.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ - cloud = { - host = "cloud.tinc"; - pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE87ddj0fTH0NuvJz0dT5ln7v7zbafXqDVdM2A4ddOb0 root@nki-personal-do"; - }; - - home = { - host = "home.tinc"; - pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6N1uTxnbo73tyzD9X7d7OgPeoOpY7JmQaHASjSWFPI nki@kagamiPC"; - - builder = { - publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUhiVTh2NlNBa0kyOTBCc1QzVG1IRVVJQWdXcVFyNm9jRmpjakRRczRoT2ggcm9vdEBrYWdhbWlQQwo="; - systems = [ - "x86_64-linux" - "aarch64-linux" - ]; - maxJobs = 16; - speedFactor = 2; - supportedFeatures = [ - "nixos-test" - "benchmark" - "big-parallel" - "kvm" - ]; - }; - }; - - yoga = { - host = "yoga.tinc"; - pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE6ZrO/xIdmwBCUx80cscBSpJBBTp55OHGrXYBGRXKAw nki@nki-yoga-g8"; - }; - - framework = { - host = "framework.tinc"; - pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH/g472MaT7YySUhBjxClfmMjpn98qYnKXDKlzWHYwuO nki@nki-framework"; - - builder = { - publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUdOUlBCVFRkNTVVMXY1U1Jac0FjYVdhS3JGZTY0ZjIxOVViODVTQ2NWd28gcm9vdEBua2ktZnJhbWV3b3JrCg=="; - systems = [ - "x86_64-linux" - "aarch64-linux" - ]; - maxJobs = 16; - speedFactor = 3; - supportedFeatures = [ - "nixos-test" - "benchmark" - "big-parallel" - "kvm" - ]; - }; - }; -} diff --git a/modules/services/nix-cache/cache-pub-key.pem b/modules/services/nix-cache/cache-pub-key.pem deleted file mode 100644 index c4a0c58..0000000 --- a/modules/services/nix-cache/cache-pub-key.pem +++ /dev/null @@ -1 +0,0 @@ -nix.home.tinc:zG2uDy0MbLY0wLuoVH/qKzTD6hTfKZufA2cWDSTCZMA= \ No newline at end of file diff --git a/modules/services/nix-cache/default.nix b/modules/services/nix-cache/default.nix deleted file mode 100644 index 53e2d1a..0000000 --- a/modules/services/nix-cache/default.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -with { - inherit (lib) - mkEnableOption - mkOption - types - mkIf - ; -}; -let - cfg = config.nki.services.nix-cache; - - bindAddr = "127.0.0.1:5000"; -in -{ - options.nki.services.nix-cache = { - enableClient = mkOption { - type = types.bool; - default = !cfg.enableServer; - description = "Enable nix-cache client"; - }; - enableServer = mkEnableOption "Enable nix-cache server"; - - host = mkOption { - type = types.str; - default = "nix.home.tinc"; - }; - - publicKey = mkOption { - type = types.str; - default = builtins.readFile ./cache-pub-key.pem; - }; - - privateKeyFile = mkOption { - type = types.path; - description = "Path to the private key .pem file"; - }; - sslCertificate = mkOption { - type = types.path; - description = "Path to the private key .pem file"; - }; - sslCertificateKey = mkOption { - type = types.path; - description = "Path to the private key .pem file"; - }; - }; - - config = { - nix.settings = mkIf cfg.enableClient { - substituters = lib.mkAfter [ "https://${cfg.host}" ]; - trusted-public-keys = [ cfg.publicKey ]; - }; - - services.harmonia = mkIf cfg.enableServer { - enable = true; - signKeyPaths = [ cfg.privateKeyFile ]; - settings = { - bind = bindAddr; - priority = 45; - }; - }; - - services.nginx = mkIf cfg.enableServer { - enable = true; - recommendedProxySettings = true; - virtualHosts = { - # ... existing hosts config etc. ... - "${cfg.host}" = { - forceSSL = true; - sslCertificate = cfg.sslCertificate; - sslCertificateKey = cfg.sslCertificateKey; - locations."/".proxyPass = "http://${bindAddr}"; - }; - }; - }; - }; -} diff --git a/modules/services/swaylock.nix b/modules/services/swaylock.nix index 82f3754..5aa73e0 100644 --- a/modules/services/swaylock.nix +++ b/modules/services/swaylock.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let cfg = config.services.swaylock; diff --git a/nki-framework/configuration.nix b/nki-framework/configuration.nix index b556437..5cc4265 100644 --- a/nki-framework/configuration.nix +++ b/nki-framework/configuration.nix @@ -2,41 +2,25 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Encrypted DNS - ../modules/services/edns - # Wireless card - ./wireless.nix - ]; - - time.timeZone = lib.mkForce "America/Toronto"; - - # Sops - common.linux.sops.enable = true; - common.linux.sops.file = ./secrets.yaml; - - sops.secrets."nix-build-farm/private-key" = { - mode = "0400"; - }; - services.nix-build-farm.hostname = "framework"; - services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path; + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Fonts + ../modules/personal/fonts + # Encrypted DNS + ../modules/services/edns + # Wireless card + ./wireless.nix + ]; # services.xserver.enable = true; # services.xserver.displayManager.sddm.enable = true; # services.xserver.displayManager.sddm.wayland.enable = true; - services.desktopManager.plasma6.enable = true; + services.xserver.desktopManager.plasma6.enable = true; # Power Management services.upower = { @@ -50,13 +34,13 @@ services.power-profiles-daemon.enable = true; # powerManagement.enable = true; # powerManagement.powertop.enable = true; - services.logind.lidSwitch = "suspend-then-hibernate"; + services.logind.lidSwitch = "suspend"; # Printing services.printing.drivers = with pkgs; [ epfl-cups-drivers ]; # Enable touchpad support (enabled default in most desktopManager). - services.libinput.enable = true; + services.xserver.libinput.enable = true; # Keyboard services.input-remapper.enable = true; services.input-remapper.serviceWantedBy = [ "multi-user.target" ]; @@ -93,15 +77,6 @@ security.pam.services.swaylock.fprintAuth = true; security.pam.services.login.fprintAuth = true; - # tinc network - sops.secrets."tinc-private-key" = { }; - services.my-tinc = { - enable = true; - hostName = "framework"; - ed25519PrivateKey = config.sops.secrets."tinc-private-key".path; - bindPort = 6565; - }; - # Secrets # sops.defaultSopsFile = ./secrets.yaml; # sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; @@ -117,9 +92,6 @@ services.dbus.packages = with pkgs; [ gcr ]; - services.avahi.enable = true; - networking.firewall.allowedTCPPorts = [ 8010 ]; - # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; @@ -139,3 +111,4 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.05"; # Did you read the comment? } + diff --git a/nki-framework/hardware-configuration.nix b/nki-framework/hardware-configuration.nix index d972738..500765a 100644 --- a/nki-framework/hardware-configuration.nix +++ b/nki-framework/hardware-configuration.nix @@ -1,42 +1,32 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: +{ config, lib, pkgs, modulesPath, ... }: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "thunderbolt" - "usb_storage" - "sd_mod" - ]; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; boot.kernelParams = [ + # See https://community.frame.work/t/tracking-graphical-corruption-in-fedora-39-amd-3-03-bios/39073/143 + "amdgpu.sg_display=0" # Hibernation "resume=UUID=fa8aaf51-b99f-4fb4-9230-8c0957d8af3f" "resume_offset=5776640" # btrfs inspect-internal map-swapfile -r /var/swapfile ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; - fsType = "btrfs"; - options = [ - "subvol=root" - "compress=zstd" - ]; - }; + fileSystems."/" = + { + device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; + fsType = "btrfs"; + options = [ "subvol=root" "compress=zstd" ]; + }; services.btrfs.autoScrub = { enable = true; interval = "monthly"; @@ -44,35 +34,28 @@ common.linux.luksDevices."cryptroot" = "/dev/disk/by-uuid/94226aae-6d1c-401a-bfad-3aa5f371a365"; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; - fsType = "btrfs"; - options = [ - "subvol=home" - "compress=zstd" - ]; - }; + fileSystems."/home" = + { + device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; + fsType = "btrfs"; + options = [ "subvol=home" "compress=zstd" ]; + }; - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; - fsType = "btrfs"; - options = [ - "subvol=nix" - "compress=zstd" - ]; - }; + fileSystems."/nix" = + { + device = "/dev/disk/by-uuid/fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress=zstd" ]; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/6A0E-4D23"; - fsType = "vfat"; - }; + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/6A0E-4D23"; + fsType = "vfat"; + }; swapDevices = [ - { - device = "/var/swapfile"; - size = 32 * 1024; - priority = 10; - } + { device = "/var/swapfile"; size = 32 * 1024; priority = 10; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/nki-framework/secrets.yaml b/nki-framework/secrets.yaml deleted file mode 100644 index 942e29b..0000000 --- a/nki-framework/secrets.yaml +++ /dev/null @@ -1,32 +0,0 @@ -tinc-private-key: ENC[AES256_GCM,data:cKtOFrF5FRSHWxe/QxH5O9GAba1WcWeCwW1IOzmbgdtFufRoWbCtYeaLP+WQhQ70z6xobiY9DN8Jrh7mDptKSsfKrrx2SH5JrdpsoINhLMbetXq7E29+q6CkS8NlLgE/KyV8eFjQySNsYiA/+Efq9xj9e1wOmHBDsND/jgiJDkA1qsEIFZg/vuv8LdoRY3TV/oKJ4pao9+70G4H+8Ef1sMZHGNe9qJ94Wa71nNX2fTSjKH5YBbRijMAePWr/IeCpZ9Phs7RqjBs=,iv:l0iB136X7nLVblQjFi7K4f42JKSxdsiLIRy5GPzK1nc=,tag:HAgkvWkl0Rx62ejGZckdKA==,type:str] -nix-build-farm: - private-key: ENC[AES256_GCM,data:w56sobHrhvVcKbuK15Yj20EqgFrR/5pNy/rcQjlZCiFEfgPC6ZrbsxziIdMTOX+Q4DyllKCKo+g/MIKm5S+s+nIff509ODlILhTtXlZvZlnT9+wvm5oN3WQCdkkqOr1gNnErPupfMxA6V35tNvNBCeomYuM8Xb7TuH4I1fXa5GFeT0Tnp5A2WqWoS1MzXz34CxlKXvoL6i4w7nUngt5zaGr9oMZbSa0pHxEzIhXk6h/lE864QlJid7q/mDok9gh2R80WvArGtNNj9PrT6cNKYIFuXo7vITkSkT3vo9BLflg5sgRxy4+7rBaRla0ziihQvZLtworwo6aNDvEqPqYfiX0TMYPpEWvJpp/HGDJy+Po7b0ZZkwSza+tB0J79vFH2h11Px1XSwXdq757Bn9G4OTb5oKWS5ycBU4xTnnHQBjYTSooFxYyTAvfKNEsB8AHKSuQRZgtVhWoOSPpJ6YL94ClUIT+DTaNmQjwouqNatf/nif+N/FCar8JWZDE+FX1TBu0yLmJie/f0LCdCQx+6IVdyXg7oVCoNiGg0,iv:TeSxlVc0WlOMMUtv/uq3f7JvW/kNCM7LjguhZxL51a4=,tag:m1iuk4pAX/yugM0ObzkJHQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age188tgu3psvywk6shq85mk2q0jdjwd0tcswzwlwu5pa5n3pndx75dq090z59 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmL2Z1RzBWaTI1TDl6WDNa - NTNVdEhTSFU5enNlTGVNWTI5anBZb1BtaVhjCm1BRnJDSXl1cWdBRUs1VnREVjBU - QWZxdkgzdm9JL0k5WmhDL1RCNTltdm8KLS0tIFhvQTlKMDZiVklTRWd4TzVmc2ll - bmpjcWdBV1doZml2NjlzQzdQczJ3alEKBMRP3POxtPIqBWnrvxY/++5jtVE70Uxa - EVfhsUO76A/hzyxfzpLEy1QGFE+DB/zlU0CK7HkNGPD2TrBHbzkPJA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1vgh6kvee8lvxylm7z86fpl3xzjyjs4u3zdfkyf064rjvxk9fpumsew7n27 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2MUxQU0dZOGRaekF4MWdo - T0krcERtRTJndFR1RHZmL0t6MjBxMW5PSENNCkR6SUhxQ0FoaEhuaWpiUzJ0MnJE - RXRERzVhL0lRVW1iRUlac0c5OHZsckEKLS0tIC9VM1dNZTNzdkFnMWk2YUwvcDNB - TDZnVjBaVzZBem5lZDB1MW4xQ0RmZ28K6d7mF+f3ZyilXlSIQGT2pBrTWuYLccE1 - rYIJjHjFft/2wPX2gAW9VTiwfMT3lKJhJRqNdoie5phV5BZhkb3D9w== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-17T14:58:10Z" - mac: ENC[AES256_GCM,data:ZCrzXDttLxYUvdLiqM5I17Ys6O3zoOVKq8xP78VaLb3AAoV4RGGQxixKVQ6K9h84e8bFymh512BR7xKa9fqebxTyL1XCqPkRaSZy0aWjbc6QCaK+JD4yqivgO/x5x2xgMpX/ZhPFzKNLpMga61bnm6plvF8ocG+wOqYvj3vL0Ss=,iv:QZ8YJD7h2QD2jqVKo4bg0rwpZSTyyNw6zZDcBfClKPo=,tag:PH2XnTqxV2irymg2+Z+Egg==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.0 diff --git a/nki-framework/wireless.nix b/nki-framework/wireless.nix index 30b1fdd..c0b09aa 100644 --- a/nki-framework/wireless.nix +++ b/nki-framework/wireless.nix @@ -1,5 +1,4 @@ -{ pkgs, lib, ... }: -{ +{ pkgs, lib, ... }: { environment.systemPackages = with pkgs; [ iw ]; # Disable power_save on boot services.udev.packages = [ diff --git a/nki-home/audio/default.nix b/nki-home/audio/default.nix index 4a25566..99a7463 100644 --- a/nki-home/audio/default.nix +++ b/nki-home/audio/default.nix @@ -1,11 +1,5 @@ -{ - config, - pkgs, - lib, - ... -}: -{ +{ config, pkgs, lib, ... }: { environment.etc = { - "wireplumber/wireplumber.conf.d/51-sdac.conf".source = ./sdac.conf.json; + "wireplumber/main.lua.d/51-sdac.lua".source = ./sdac.lua; }; } diff --git a/nki-home/audio/sdac.conf.json b/nki-home/audio/sdac.conf.json deleted file mode 100644 index 489eb9f..0000000 --- a/nki-home/audio/sdac.conf.json +++ /dev/null @@ -1,19 +0,0 @@ -monitor.alsa.rules = [ - { - matches = [ - { - device.name = "alsa_output.usb-Grace_Design_SDAC-00.*" - } - ] - actions = { - update-props = { - # audio.format = "S24_3LE" - audio.rate = 88200 - api.alsa.period-size = 2 - api.alsa.headroom = 0 - api.alsa.disable-batch = true - } - } - } -] - diff --git a/nki-home/audio/sdac.lua b/nki-home/audio/sdac.lua index fcf6d7b..2c172d6 100644 --- a/nki-home/audio/sdac.lua +++ b/nki-home/audio/sdac.lua @@ -6,7 +6,7 @@ rule = { }, apply_properties = { ["audio.format"] = "S24_3LE", - ["audio.rate"] = 44100, + ["audio.rate"] = 96000, ["api.alsa.period-size"] = 2, ["api.alsa.headroom"] = 0, ["api.alsa.disable-batch"] = true diff --git a/nki-home/cert.pem b/nki-home/cert.pem deleted file mode 100644 index c8f9b91..0000000 --- a/nki-home/cert.pem +++ /dev/null @@ -1,34 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIF6TCCA9GgAwIBAgIUBPEviSorTJodh/6ufW892x/PvqIwDQYJKoZIhvcNAQEL -BQAwVjELMAkGA1UEBhMCQ0gxDTALBgNVBAgMBFZhdWQxETAPBgNVBAcMCExhdXNh -bm5lMREwDwYDVQQKDAhadW1pbGFuZDESMBAGA1UEAwwJenVtaS5sYW5kMB4XDTI1 -MDQxMTIwMjgxMVoXDTM1MDQwOTIwMjgxMVowVjELMAkGA1UEBhMCQ0gxDTALBgNV -BAgMBFZhdWQxETAPBgNVBAcMCExhdXNhbm5lMREwDwYDVQQKDAhadW1pbGFuZDES -MBAGA1UEAwwJenVtaS5sYW5kMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC -AgEAifTbCEo08BH/ZVtcRQoB/rDwl3UQMoFxZUlZYtKHAyZZcaRO2OV7rMlb1gxq -aZ++NB+nVvgr1NHcAsiBhMz2O5gZC+NK+zmnC4Fp3EXtFGto/NYNf7V7x6t36Jf8 -WscId+q+PApcG+QUGsxZXcJnHZPvrWSdaP2lftGs9GuoWCDdupZCE1UKku72UYQa -yYxEfsrlAgioqEupId0HgVDc267axAwcRdIXrvVkL7zLhawa6/bTL+PmtPPRTnYq -23/uqeIf5n8HmfoPTw+NiqQMx1q0R/wfz1F9pXddPRM/XlzMZ6WIVj5oLNkWU9mk -vkrVQGFl/EfHFjyGoDBxcroT/ZqBF8hz7NzGb7s/Tfext/jOcM6TczAhXsH+8qZS -ufGeSNBuR5c4lr+zrae7u5zyBfURGdHaag9yz6g9QE2+pm7MLqVBjL30qot5lHEU -1frrI6FzY2WTioyduK23ulPpAND83TkXNxPwLNVg0utCyq2VC/gRLAgSL5+YFR7U -+HtOYY3BakrbZWzHP2vzZC3LaE9rZZhl4PiiojwSmiU0PnnyV68eYZwG83xv9vUE -Df/kfBr3pEsXgeD8pRcMOnkcIzjXSbQe9oyAE7ZhKGkIkaRlx4NrtibsRynmXGXV -EbPOiIHE8AVUe7+a3bvzBnlWTOMcmMf9B0YU3+sHCD8vbesCAwEAAaOBrjCBqzAd -BgNVHQ4EFgQUAZhG1lLB8c9DAHgIIabVuK94r60wHwYDVR0jBBgwFoAUAZhG1lLB -8c9DAHgIIabVuK94r60wDwYDVR0TAQH/BAUwAwEB/zBYBgNVHREEUTBPhwR/AAAB -gglsb2NhbGhvc3SCCWhvbWUudGluY4ILKi5ob21lLnRpbmOCEGthZ2FtaXBjLmR0 -dGgudHOCEioua2FnYW1pcGMuZHR0aC50czANBgkqhkiG9w0BAQsFAAOCAgEAb0jD -RUaKAIvUwYFqY4m1sgQWGFqB/Cv1dlBGZexYRRt0glEIsmFXDzvOOfrYTm18faG7 -eo/pERMYUc7IdHPA/DDC6eAwCUvSZgDi6TJ0jy2GqwOB84MlsUyK7UFGURk7Np2X -RxkiU0Q5wcI4y5p3Njh1pgpbVfArLYwRvWYuvWwYpdZCVIT4rprVoOfAnV2QsCi/ -DJFc64kxePZxJ2CX1neWi81jVcy35wbObAyfBcktkD3ySkr2pWKDkVr6slAU+lmq -u4eCPwqKqh+bns4ndX65eX2YkKRLBEpF3KVxrPKtc3I6BUUldXIEZ7JY7mtcugO7 -oDNd5QOY5feO3qI+ULnEmNDbonFMHKEO7Xb7ggWtuXiyrOCU1J/Xykk/VJfZxP// -lcacNjB3ZOj4gBTfNbycQiana5Vhop9k5gn7ft4A+ohLekxjIE/lZYThfalc2+lw -Rrr4tJzpNFhe8SHtg8ubQM74VtTnPy67N1KVO3CPqv4HDrmLnxLh1CP3GeQzq0M3 -4Dzg7F+Z8cH0ALmGnBNHacffgZ9Beg9fkJ+J54r+ESHBzTrEebt6QCrsCNZShOMT -xgjqVru6hDqdzKHjb02jv+z55yw26KOt7HpjLfXisWk9vs11jp6TphTa7zFdCmPZ -E93m8rI+0lj1jZS2h+8hNUq3UdkLswVTIiXlZqg= ------END CERTIFICATE----- diff --git a/nki-home/configuration.nix b/nki-home/configuration.nix index 8ed5a96..a0d071a 100644 --- a/nki-home/configuration.nix +++ b/nki-home/configuration.nix @@ -2,322 +2,176 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ - lib, - config, - pkgs, - ... -}: +{ lib, config, pkgs, ... }: with lib; -let - openrazer = - { pkgs, ... }: - { - # Razer stuff - hardware.openrazer = { - enable = true; - users = [ "nki" ]; - }; - environment.systemPackages = with pkgs; [ polychromatic ]; - }; -in { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Encrypted DNS - ../modules/services/edns - # Other services - ../modules/personal/u2f.nix - ./peertube-runner.nix - ./deluge.nix - ./minecraft.nix - openrazer - ]; + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # secret management + ./secrets + # Fonts + ../modules/personal/fonts + # Encrypted DNS + ../modules/services/edns + # Other services + ../modules/personal/u2f.nix + ./peertube-runner.nix + ]; - config = mkMerge [ + # Kernel + boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_stable; + + # Plasma! + services.desktopManager.plasma6.enable = true; + + + ## Encryption + # Kernel modules needed for mounting USB VFAT devices in initrd stage + common.linux.luksDevices.root = "/dev/disk/by-uuid/7c6e40a8-900b-4f85-9712-2b872caf1892"; + + # Networking + common.linux.networking = { - - # Kernel - boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_stable; - - # Plasma! - services.desktopManager.plasma6.enable = true; - - ## Encryption - # Kernel modules needed for mounting USB VFAT devices in initrd stage - common.linux.luksDevices.root = "/dev/disk/by-uuid/7c6e40a8-900b-4f85-9712-2b872caf1892"; - common.linux.sops.enable = true; - common.linux.sops.file = ./secrets.yaml; - - # Nix cache server - sops.secrets."nix-cache/private-key" = { - owner = "harmonia"; - group = "harmonia"; - mode = "0600"; - }; - nki.services.nix-cache = { - enableServer = true; - privateKeyFile = config.sops.secrets."nix-cache/private-key".path; - sslCertificate = ./cert.pem; - sslCertificateKey = config.sops.secrets."nginx/key.pem".path; - }; - - sops.secrets."nix-build-farm/private-key" = { - mode = "0400"; - }; - services.nix-build-farm.hostname = "home"; - services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path; - - # Networking - common.linux.networking = { - hostname = "kagamiPC"; # Define your hostname. - networks = { - "10-wired" = { - match = "enp*"; - isRequired = true; - }; - "20-wireless".match = "wlan*"; + hostname = "kagamiPC"; # Define your hostname. + networks = { + "10-wired" = { + match = "enp*"; + isRequired = true; }; - dnsServers = [ "127.0.0.1" ]; + "20-wireless".match = "wlan*"; }; - nki.services.edns.enable = true; - nki.services.edns.ipv6 = true; - ## DTTH Wireguard - # - sops.secrets."wg-dtth/private-key" = { - owner = "root"; - group = "systemd-network"; - mode = "0640"; + dnsServers = [ "127.0.0.1" ]; + }; + nki.services.edns.enable = true; + nki.services.edns.ipv6 = true; + ## DTTH Wireguard + # + sops.secrets."dtth-wg/private-key" = { owner = "root"; group = "systemd-network"; mode = "0640"; }; + sops.secrets."dtth-wg/preshared-key" = { owner = "root"; group = "systemd-network"; mode = "0640"; }; + systemd.network.netdevs."10-dtth-wg" = { + netdevConfig = { + Kind = "wireguard"; + Name = "dtth-wg"; + MTUBytes = "1280"; + }; + wireguardConfig = { + PrivateKeyFile = config.sops.secrets."dtth-wg/private-key".path; + }; + wireguardPeers = [{ + wireguardPeerConfig = { + PublicKey = "+7iI4jwmM1Qr+/DKB1Hv8JgFkGu7lSV0PAoo+O5d3yQ="; + PresharedKeyFile = config.sops.secrets."dtth-wg/preshared-key".path; + AllowedIPs = [ "100.64.0.0/10" "fd00::/106" ]; + Endpoint = "vpn.dtth.ch:51820"; + PersistentKeepalive = 25; }; - sops.secrets."wg-dtth/preshared-key" = { - owner = "root"; - group = "systemd-network"; - mode = "0640"; + }]; + }; + systemd.network.networks."dtth-wg" = { + matchConfig.Name = "dtth-wg"; + address = [ "100.73.146.80/32" "fd00::33:105b/128" ]; + DHCP = "no"; + routes = [ + { routeConfig = { Destination = "100.64.0.0/10"; Scope = "link"; }; } + { routeConfig.Destination = "fd00::/106"; } + ]; + }; + + # Define a user account. + common.linux.username = "nki"; + services.getty.autologinUser = "nki"; + + ## Hardware + # Peripherals + hardware.opentabletdriver.enable = true; + # Enable razer daemon + hardware.openrazer.enable = true; + hardware.openrazer.keyStatistics = true; + hardware.openrazer.verboseLogging = true; + + # Mounting disks! + fileSystems = + let + ntfsMount = path: { + device = path; + fsType = "ntfs"; + options = [ "rw" "uid=${toString config.users.users.nki.uid}" "nofail" ]; }; - systemd.network.netdevs."10-wg-dtth" = { - netdevConfig = { - Kind = "wireguard"; - Name = "wg-dtth"; - MTUBytes = "1280"; - }; - wireguardConfig = { - PrivateKeyFile = config.sops.secrets."wg-dtth/private-key".path; - }; - wireguardPeers = [ - { - PublicKey = "+7iI4jwmM1Qr+/DKB1Hv8JgFkGu7lSV0PAoo+O5d3yQ="; - PresharedKeyFile = config.sops.secrets."wg-dtth/preshared-key".path; - AllowedIPs = [ - "100.64.0.0/10" - "fd00::/106" - ]; - Endpoint = "vpn.dtth.ch:51820"; - PersistentKeepalive = 25; - } - ]; - }; - systemd.network.networks."wg-dtth" = { - matchConfig.Name = "wg-dtth"; - address = [ - "100.73.146.80/32" - "fd00::33:105b/128" - ]; - DHCP = "no"; - routes = [ - { - Destination = "100.64.0.0/10"; - Scope = "link"; - } - { Destination = "fd00::/106"; } - ]; - }; - - # Define a user account. - common.linux.username = "nki"; - services.getty.autologinUser = "nki"; - - ## Hardware - # Peripherals - hardware.opentabletdriver.enable = true; - # Enable razer daemon - hardware.openrazer.enable = true; - hardware.openrazer.keyStatistics = true; - hardware.openrazer.verboseLogging = true; - - # Mounting disks! - fileSystems = - let - ntfsMount = path: { - device = path; - fsType = "ntfs"; - options = [ - "rw" - "uid=${toString config.users.users.nki.uid}" - "nofail" - ]; - }; - in - { - "/mnt/Data" = ntfsMount "/dev/disk/by-uuid/A90680F8BBE62FE3"; - "/mnt/Stuff" = ntfsMount "/dev/disk/by-uuid/717BF2EE20BB8A62"; - "/mnt/Shared" = ntfsMount "/dev/disk/by-uuid/76AC086BAC0827E7"; - "/mnt/osu" = ntfsMount "/dev/disk/by-uuid/530D3E1648CD1C26"; - }; - - # PAM - personal.u2f.enable = true; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.11"; # Did you read the comment? - - # tinc network - sops.secrets."tinc/ed25519-private-key" = { }; - sops.secrets."tinc/rsa-private-key" = { }; - services.my-tinc = { - enable = true; - hostName = "home"; - rsaPrivateKey = config.sops.secrets."tinc/rsa-private-key".path; - ed25519PrivateKey = config.sops.secrets."tinc/ed25519-private-key".path; - bindPort = 6565; - }; - - # Music server - services.navidrome.enable = true; - services.navidrome.settings = { - Address = "11.0.0.2"; - MusicFolder = "/mnt/Stuff/Music"; - }; - systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = lib.mkAfter [ "/etc" ]; - networking.firewall.allowedTCPPorts = [ - 4533 - 8000 - ]; - - # Printers - services.printing.enable = true; - - # mpd - services.mpd = { - enable = true; - user = "nki"; - startWhenNeeded = true; - extraConfig = '' - audio_output { - type "pipewire" - name "pipewire local" - dsd "yes" - } - ''; - }; - systemd.services.mpd.environment = { - # https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/609 - XDG_RUNTIME_DIR = "/run/user/1000"; # User-id 1000 must match above user. MPD will look inside this directory for the PipeWire socket. - }; - sops.secrets."scrobble/lastfm" = { }; - sops.secrets."scrobble/listenbrainz" = { }; - services.mpdscribble = { - enable = true; - endpoints."last.fm" = { - username = "natsukagami"; - passwordFile = config.sops.secrets."scrobble/lastfm".path; - }; - endpoints."listenbrainz" = { - username = "natsukagami"; - passwordFile = config.sops.secrets."scrobble/listenbrainz".path; - }; - }; - - programs.virt-manager.enable = true; - - users.groups.libvirtd.members = [ "nki" ]; - - virtualisation.libvirtd.enable = true; - - virtualisation.spiceUSBRedirection.enable = true; - } + in { - sops.secrets."nginx/key.pem" = { - owner = "nginx"; - reloadUnits = [ "nginx.service" ]; - }; - security.dhparams.enable = true; - security.dhparams.params.nginx.bits = 4096; - systemd.services.nginx.requires = [ "dhparams-gen-nginx.service" ]; - # Nginx HTTPS - services.nginx = { - clientMaxBodySize = "256M"; - sslDhparam = config.security.dhparams.params.nginx.path; - defaultListen = [ - { - addr = "0.0.0.0"; - ssl = true; - extraParameters = [ - ]; - } - ]; - }; - common.linux.tailscale.firewall.allowPorts = [ 443 ]; - } - { - # LLM poop - services.ollama = { - enable = true; - loadModels = [ - "deepseek-r1:14b" - "gemma3:12b" - ]; - acceleration = "rocm"; - rocmOverrideGfx = "10.3.0"; - }; - systemd.services.ollama = { - serviceConfig.LimitMEMLOCK = "${toString (16 * 1024 * 1024 * 1024)}"; - }; - services.open-webui = { - enable = true; - port = 5689; - openFirewall = true; - host = "127.0.0.1"; - environment = { - ANONYMIZED_TELEMETRY = "False"; - DO_NOT_TRACK = "True"; - SCARF_NO_ANALYTICS = "True"; - ENV = "prod"; - ENABLE_SIGNUP = "false"; - }; - }; - systemd.services.open-webui.path = [ - pkgs.ffmpeg - ]; - services.nginx = { - enable = true; - recommendedProxySettings = true; - virtualHosts = { - # ... existing hosts config etc. ... - "llm" = { - serverAliases = [ - "llm.home.tinc" - "llm.kagamipc.dtth.ts" - ]; - forceSSL = true; - sslCertificate = ./cert.pem; - sslCertificateKey = config.sops.secrets."nginx/key.pem".path; - locations."/" = { - proxyPass = "http://127.0.0.1:5689"; - proxyWebsockets = true; - }; - }; - }; - }; - environment.systemPackages = [ pkgs.nvtopPackages.amd ]; - } - ]; + "/mnt/Data" = ntfsMount "/dev/disk/by-uuid/A90680F8BBE62FE3"; + "/mnt/Stuff" = ntfsMount "/dev/disk/by-uuid/717BF2EE20BB8A62"; + "/mnt/Shared" = ntfsMount "/dev/disk/by-uuid/76AC086BAC0827E7"; + "/mnt/osu" = ntfsMount "/dev/disk/by-uuid/530D3E1648CD1C26"; + }; + + # PAM + personal.u2f.enable = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + # tinc network + sops.secrets."tinc/ed25519-private-key" = { }; + sops.secrets."tinc/rsa-private-key" = { }; + services.my-tinc = { + enable = true; + hostName = "home"; + rsaPrivateKey = config.sops.secrets."tinc/rsa-private-key".path; + ed25519PrivateKey = config.sops.secrets."tinc/ed25519-private-key".path; + bindPort = 6565; + }; + + + # Music server + services.navidrome.enable = true; + services.navidrome.settings = { + Address = "11.0.0.2"; + MusicFolder = "/mnt/Stuff/Music"; + }; + systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = lib.mkAfter [ "/etc" ]; + networking.firewall.allowedTCPPorts = [ 4533 8000 ]; + + # Printers + services.printing.enable = true; + + # mpd + services.mpd = { + enable = true; + user = "nki"; + startWhenNeeded = true; + extraConfig = '' + audio_output { + type "pipewire" + name "pipewire local" + dsd "yes" + } + ''; + }; + systemd.services.mpd.environment = { + # https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/609 + XDG_RUNTIME_DIR = "/run/user/1000"; # User-id 1000 must match above user. MPD will look inside this directory for the PipeWire socket. + }; + sops.secrets."scrobble/lastfm" = { }; + sops.secrets."scrobble/listenbrainz" = { }; + services.mpdscribble = { + enable = true; + endpoints."last.fm" = { + username = "natsukagami"; + passwordFile = config.sops.secrets."scrobble/lastfm".path; + }; + endpoints."listenbrainz" = { + username = "natsukagami"; + passwordFile = config.sops.secrets."scrobble/listenbrainz".path; + }; + }; } + diff --git a/nki-home/deluge.nix b/nki-home/deluge.nix deleted file mode 100644 index 9bce401..0000000 --- a/nki-home/deluge.nix +++ /dev/null @@ -1,105 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: -let - wg = "wgdeluge"; - webui-port = "58846"; -in -{ - services.deluge = { - enable = true; - web.enable = true; - }; - - sops.secrets."wg-deluge.conf" = { - owner = "root"; - mode = "0400"; - reloadUnits = [ "${wg}.service" ]; - }; - # setting up wireguard interface within network namespace - systemd.services.${wg} = - let - ip = lib.getExe' pkgs.iproute2 "ip"; - wireguard = lib.getExe pkgs.wireguard-tools; - in - { - description = "WireGuard network interface for Deluge"; - bindsTo = [ "netns@${wg}.service" ]; - requires = [ - "network-online.target" - "dnscrypt-proxy2.service" - ]; - after = [ - "netns@${wg}.service" - "dnscrypt-proxy2.service" - ]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStart = pkgs.writers.writeBash "wg-up" '' - set -e - ${ip} link add ${wg} type wireguard - ${ip} link set ${wg} netns ${wg} - ${ip} -n ${wg} address add "100.123.50.189/32" dev ${wg} - ${ip} netns exec ${wg} \ - ${wireguard} setconf ${wg} ${config.sops.secrets."wg-deluge.conf".path} - ${ip} -n ${wg} link set ${wg} up - # need to set lo up as network namespace is started with lo down - ${ip} -n ${wg} link set lo up - ${ip} -n ${wg} route add default dev ${wg} - # ${ip} -n ${wg} -6 route add default dev ${wg} - ''; - ExecStop = pkgs.writers.writeBash "wg-down" '' - ${ip} -n ${wg} route del default dev ${wg} - # ${ip} -n ${wg} -6 route del default dev ${wg} - ${ip} -n ${wg} link del ${wg} - ${ip} link del ${wg} - ''; - }; - }; - - # binding deluged to network namespace - systemd.services.deluged.bindsTo = [ "netns@${wg}.service" ]; - systemd.services.deluged.requires = [ - "network-online.target" - "${wg}.service" - ]; - systemd.services.deluged.after = [ - "${wg}.service" - ]; - systemd.services.deluged.serviceConfig.NetworkNamespacePath = [ "/var/run/netns/${wg}" ]; - - # allowing delugeweb to access deluged in network namespace, a socket is necesarry - systemd.sockets."proxy-to-deluged" = { - enable = true; - description = "Socket for Proxy to Deluge Daemon"; - listenStreams = [ "${webui-port}" ]; - wantedBy = [ "sockets.target" ]; - }; - - # creating proxy service on socket, which forwards the same port from the root namespace to the isolated namespace - systemd.services."proxy-to-deluged" = { - enable = true; - description = "Proxy to Deluge Daemon in Network Namespace"; - requires = [ - "deluged.service" - "proxy-to-deluged.socket" - ]; - after = [ - "deluged.service" - "proxy-to-deluged.socket" - ]; - unitConfig = { - JoinsNamespaceOf = "deluged.service"; - }; - serviceConfig = { - User = "deluge"; - Group = "deluge"; - ExecStart = "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd --exit-idle-time=5min 127.0.0.1:${webui-port}"; - PrivateNetwork = "yes"; - }; - }; -} diff --git a/nki-home/hardware-configuration.nix b/nki-home/hardware-configuration.nix index 4c6481c..72a263d 100644 --- a/nki-home/hardware-configuration.nix +++ b/nki-home/hardware-configuration.nix @@ -1,70 +1,44 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: +{ config, lib, pkgs, modulesPath, ... }: -let - from-encdata = subvol: { - device = "/dev/disk/by-uuid/d1db9f65-6add-4714-b9d7-16e16f687396"; - fsType = "btrfs"; - options = [ - "compress=zstd" - "subvol=${subvol}" +{ + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + ./audio ]; - encrypted = { - enable = true; - label = "encdata"; - blkDev = "/dev/disk/by-uuid/6544f506-9a22-479c-8bfc-aee1b9e0deda"; - keyFile = "/sysroot/var/crypto/key_data"; - }; - }; -in -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ./audio - ]; - boot.initrd.availableKernelModules = [ - "nvme" - "xhci_pci" - "ahci" - "usbhid" - "usb_storage" - "sd_mod" - ]; - boot.initrd.kernelModules = [ - "dm-snapshot" - "amdgpu" - ]; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" "amdgpu" ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/32a74827-4624-43ef-b066-b52e1f11793d"; - fsType = "ext4"; - }; - fileSystems."/home/nki/Projects" = { - device = "/dev/disk/by-uuid/025cb533-e21b-47f2-b7d5-322b7b95b831"; - fsType = "btrfs"; - options = [ "compress=zstd" ]; - }; + fileSystems."/" = + { + device = "/dev/disk/by-uuid/32a74827-4624-43ef-b066-b52e1f11793d"; + fsType = "ext4"; + }; + fileSystems."/home/nki/Projects" = + { + device = "/dev/disk/by-uuid/025cb533-e21b-47f2-b7d5-322b7b95b831"; + fsType = "btrfs"; + options = [ "compress=zstd" ]; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/549C-7877"; - fsType = "vfat"; - }; + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/549C-7877"; + fsType = "vfat"; + }; - fileSystems."/mnt/steam" = from-encdata "steam"; - fileSystems."/nix" = from-encdata "nix"; + swapDevices = + [{ device = "/dev/disk/by-uuid/561f6441-1915-4059-a5e1-76a449b0c9bf"; }]; - swapDevices = [ { device = "/dev/disk/by-uuid/561f6441-1915-4059-a5e1-76a449b0c9bf"; } ]; + # GPU options + services.xserver.videoDrivers = [ "amdgpu" ]; + hardware.opengl.enable = true; # bluetooth usb hardware.firmware = [ pkgs.rtl8761b-firmware ]; diff --git a/nki-home/minecraft.nix b/nki-home/minecraft.nix deleted file mode 100644 index 72541c0..0000000 --- a/nki-home/minecraft.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ - pkgs, - lib, - ... -}: -let - dataDir = "/mnt/steam/mc/"; - javaOpts = "-Xms4096M -Xmx4096M -XX:+AlwaysPreTouch -XX:+DisableExplicitGC -XX:+ParallelRefProcEnabled -XX:+PerfDisableSharedMem -XX:+UnlockExperimentalVMOptions -XX:+UseG1GC -XX:G1HeapRegionSize=8M -XX:G1HeapWastePercent=5 -XX:G1MaxNewSizePercent=40 -XX:G1MixedGCCountTarget=4 -XX:G1MixedGCLiveThresholdPercent=90 -XX:G1NewSizePercent=30 -XX:G1RSetUpdatingPauseTimePercent=5 -XX:G1ReservePercent=20 -XX:InitiatingHeapOccupancyPercent=15 -XX:MaxGCPauseMillis=200 -XX:MaxTenuringThreshold=1 -XX:SurvivorRatio=32 -Dusing.aikars.flags=https://mcflags.emc.gs -Daikars.new.flags=true"; - name = "paper-mc"; - socketName = "${name}.stdin"; - socket = "/run/${socketName}"; - - console = pkgs.writeScriptBin "papermc-console" '' - #!${lib.getExe pkgs.python3} - # https://github.com/AtomicSponge/paper-systemd/blob/main/minecraft-console.py - - import curses - import subprocess - import threading - - def run_journalctl(win): - process = subprocess.Popen(['journalctl', '-u', '${name}', '--follow'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) - while True: - line = process.stdout.readline() - if not line: - break - win.addstr(line.decode()) - win.refresh() - - def input_commands(win): - with open('${socket}', 'a') as f: - while True: - win.clear() - win.addstr("Enter command (Ctrl-C to exit): ") - curses.echo() - win.move(1, 0) - command = win.getstr().decode() - f.write(command + "\n") - f.flush() - curses.noecho() - win.clear() - - def main(stdscr): - try: - curses.curs_set(1) - stdscr.clear() - - height, width = stdscr.getmaxyx() - journal_height = int(height * 0.9) - input_height = height - journal_height - - journal_win = stdscr.subwin(journal_height, width, 0, 0) - journal_win.scrollok(True) - input_win = stdscr.subwin(input_height, width, journal_height, 0) - - thread = threading.Thread(target=run_journalctl, args=(journal_win,)) - thread.daemon = True - thread.start() - - input_commands(input_win) - - except KeyboardInterrupt: - stdscr.clear() - stdscr.refresh() - finally: - curses.endwin() - - if __name__ == "__main__": - curses.wrapper(main) - ''; -in -{ - environment.systemPackages = [ console ]; - users.users.${name} = { - isSystemUser = true; - group = name; - }; - users.users.nki.extraGroups = [ name ]; - users.groups.${name} = { - }; - systemd.sockets.${name} = { - partOf = [ "${name}.service" ]; - socketConfig.ListenFIFO = "%t/${socketName}"; - }; - systemd.services.${name} = { - description = "Minecraft Server"; - serviceConfig = { - Type = "simple"; - WorkingDirectory = dataDir; - User = name; - Restart = "on-failure"; - Sockets = "${name}.socket"; - StandardInput = "socket"; - StandardOutput = "journal"; - StandardError = "journal"; - ReadWritePaths = [ dataDir ]; - }; - environment.JAVA_OPTS = javaOpts; - script = "${lib.getExe pkgs.papermc}"; - preStop = "echo stop > ${socket}"; - wantedBy = [ "multi-user.target" ]; - }; -} diff --git a/nki-home/peertube-runner.nix b/nki-home/peertube-runner.nix index 73172b1..5845046 100644 --- a/nki-home/peertube-runner.nix +++ b/nki-home/peertube-runner.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: let user = "peertube-runner-nodejs"; instance = "systemd-instance"; @@ -32,8 +27,8 @@ in runnerName = "kagamipc" ''; - environment.etc."${user}/${instance}/config.toml".source = - config.sops.templates."peertube-config.toml".path; + environment.etc."${user}/${instance}/config.toml".source = config.sops.templates."peertube-config.toml".path; + systemd.services.peertube-runner = { description = "PeerTube runner daemon"; @@ -41,19 +36,20 @@ in after = [ "network.target" ]; requires = [ ]; - serviceConfig = { - ExecStart = "${lib.getExe' pkgs.peertube.runner "peertube-runner"} server --id ${instance}"; - User = user; - RuntimeDirectory = user; - StateDirectory = user; - CacheDirectory = user; - # Hardening - ProtectSystem = "full"; - PrivateDevices = false; - NoNewPrivileges = true; - ProtectHome = true; - CapabilityBoundingSet = "~CAP_SYS_ADMIN"; - }; + serviceConfig = + { + ExecStart = "${lib.getExe' pkgs.peertube.runner "peertube-runner"} server --id ${instance}"; + User = user; + RuntimeDirectory = user; + StateDirectory = user; + CacheDirectory = user; + # Hardening + ProtectSystem = "full"; + PrivateDevices = false; + NoNewPrivileges = true; + ProtectHome = true; + CapabilityBoundingSet = "~CAP_SYS_ADMIN"; + }; environment = { NODE_ENV = "production"; @@ -65,9 +61,7 @@ in XDG_STATE_HOME = "/var/lib"; }; - path = with pkgs; [ - nodejs - ffmpeg - ]; + path = with pkgs; [ nodejs ffmpeg ]; }; } + diff --git a/nki-home/secrets/default.nix b/nki-home/secrets/default.nix new file mode 100644 index 0000000..cb76173 --- /dev/null +++ b/nki-home/secrets/default.nix @@ -0,0 +1,6 @@ +{ config, pkgs, ... }: + +{ + sops.defaultSopsFile = ./secrets.yaml; + sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; +} diff --git a/nki-home/secrets.yaml b/nki-home/secrets/secrets.yaml similarity index 63% rename from nki-home/secrets.yaml rename to nki-home/secrets/secrets.yaml index 4d7a0e7..9fede5f 100644 --- a/nki-home/secrets.yaml +++ b/nki-home/secrets/secrets.yaml @@ -8,19 +8,16 @@ windscribe: scrobble: lastfm: ENC[AES256_GCM,data:+3G9zwmAu/B9omG0KUT0b5G+lJ4=,iv:ubrE4A35si9f6+m2sAino4SfOf9F4g2UjtF2Yy9n2e4=,tag:A/e6GECfIZuX2bVGPo9qyA==,type:str] listenbrainz: ENC[AES256_GCM,data:FNSJnYEQd+LgInmdyqcaAQG6imiJS/OPBEe2fBKQGKBjpCLy,iv:qhloVpcwcGwRDn6vOujgmvelbPl2korhELfyf5BvdjM=,tag:WnLaMUtHsxBaXNTAKwchkQ==,type:str] -wg-dtth: - private-key: ENC[AES256_GCM,data:a//pmovhmjh73YBHmae/91oVtWFmbiuh87gz6busqi7XcEZEn3KiYszuiMI=,iv:hLw5nqJDGDdiT9CfwDShXGRP6qoTWvfReq7qPs9x0n4=,tag:+b3cMjuVJTsz73wnlPW02Q==,type:str] - preshared-key: ENC[AES256_GCM,data:go9dm+FTEq7k0ec936ay1loTJZV8espqTFpGzqAQa9TzMnB1AD/JJHLMENQ=,iv:LjXD3ySLJVkerQH5J7ylSGATykTT6jEObuJc4vUnh28=,tag:qYO5r72tjothlT16Y8Ms0Q==,type:str] +dtth-wg: + private-key: ENC[AES256_GCM,data:ySxPGzOplKwNLxRnPNw7If7xzxMwRkwTasT7FaQE9n5YB04R+gaQVjDqPqg=,iv:f5t94bUoo9sCGGwWytiuhg5jcKjzRjbR3Q0OIM28VDU=,tag:fJos9Hb9XytQbfGaPMa1/A==,type:str] + preshared-key: ENC[AES256_GCM,data:96q0ZfvPz4pb53XvTGameVkcETamYH8Xbv69672RBdacH6QjRCCVvPnBTfA=,iv:Q2Yonb07/Uu6KidhMgRX4zJuNU1ZySNC7g/5TwpMU80=,tag:1qQQdk20yIQlGZmX+/25RA==,type:str] peertube: dtth-key: ENC[AES256_GCM,data:Gu7qOisVBZrFXKBr51165FJ7Ej4hV+lIf3AMC02R3UFNXOnTHF2xC8E=,iv:F83FuD1VjZEJFMcx3gkQuKCpJmYdHtO15fRHkYdMxJM=,tag:ScH42Tr5ZsIo9JMnXhylSw==,type:str] -nix-cache: - private-key: ENC[AES256_GCM,data:4sbfIQb10Y50CrZbgjN+1iXEbXTpDqMbIB/yA3WlaAqhLtb8HKib5aZX3DLoxFbVihJcztQsvBBgEAhT9iMijoksaT9qzBQ5yIn4NGCfFem1DK8DQdjhTLMCVTyMFCT7hQHu/2Sd7w==,iv:zTSxuKOtOLekOBKBvl9MScD/Bo1Hviqq/n8Saa+1Cgo=,tag:fx73fCDPY9d07V3KKMw3DA==,type:str] -nix-build-farm: - private-key: ENC[AES256_GCM,data:m5neeWCEdaZ1MRhNwTptfDIgv3ABNlYyNil3oTD81Jbe/6WxWaS5Q++CRlHCjc2hOoHsWsZixw8iGZVTA+QXgH6B9C6A4oOAhgR9m92EGTEfFw0qxQbdzs7U98Yonx/N8SApUycZZB/EU81+MrDNY4GGzCiO6s00/vZLkDTYnqRFgbo+8KTG0BQTl4q+VYP2q3l0wy+Ivz5CWPmbz42Xdin/sBnjeFHKDuof4iZZnN3i8gUJ/mMw3lbdiHd6A8DL0G5Ut46ljzMC2aMsZOATCID3mPOPgI0xIetDofPJLDqVsNqptRHo8WB+KwDidvl222f5F7JqdSqgAMOJYPscrX0odufApiJfg5bbXBygvrDfAlPSruW7GsWGoKAhw0qC4NC/j+qYCwhS0qdorCLnIy3zzMtA6HkHtE675hy7/7oLj7k9Y8MhE4PxztjXTmDazaVCtKhnA/DpaxP2mH84gfCkJFD1YF9jtPm+P3e+46FwkW+WnHaA2L+H7Evava30DLEBhh5y9Gd1A3JN4isn,iv:7KUWg7+GWgmGJkbIvsy9gtccZBb+1Y5uDWhXQFk0obk=,tag:qJdM684XPHxecLVxVb5pgw==,type:str] -wg-deluge.conf: ENC[AES256_GCM,data:CjCqgC1458C6odMtcWigE9tZwci4bJYyk+2fVTpP2OnHYwAp38bt0TbBLwgytMqKfB5EpJZLdbeTSoL33MhT2MD4gWBuDH1++p59l9213LS+9mF6gxG/RksrnnLvz9Pnk5J19qOz1PDxm6t8ZF2qu5qAHY83CF+k32G04/p2Nl04bDllAmMUlGGHJ5TXvXCSRcNU/2tWYv/sC4SwfUfpMjRbSKJUQSTEXnQsPaKsf+fq3mhj1a/xT6zJ6sxwDAGQ3PwIY8xTDf5ucS9ULPO9Zn27NUBoFmS1g0fJd+ZCJJYIWkG2uYDf+ldu/Ag95BduHX7Juf3GolhVd24hZzaIq3LeME99+T3SYA4LBkAaASnBvrVOXmFavHPKhFfbZ1DG0mO7S2M+Ticz+dUktjTXCh/Fe4uwf2R82PieuPhNng==,iv:AKleoSHG6qKEMJ7vIFsQ+X7d/jaXt+d0kg3LnbeWrRc=,tag:zrtqRIxEBbpSh9Ryj8cwqw==,type:str] -nginx: - key.pem: ENC[AES256_GCM,data:ObYnicx/H4tj6DAKiXERL9TZjP+1lDRqGB+qekiirAEpjKOJ4FpD9vd82ffDoxIbANAl6lKwzZDsEO6tdejl1OgZcPNTXsLkXQ6nurek92qCew0bzfca2Nn49DiwDOS+c1l5oKBHePKC8sCV8A5YH69fMWIHsvJDJaD7Ltu6xyP5MG/b2UYTsUnhHOM03PSLQV+PYXE63MzqLV2Det5sFxh0jY+551gq2lUAJoYNagmoQEfxjwBOntIepIXudarWf8Nl5QoPxQ90eji97E7LPbFn3pKR6mHDzyvfE6gsaStDUEtByJGMAzmUFvcCTqSH6Lj2iCfyBJY9qENOtZ8etwHkf4ddllF2PZxrxv4DOQuhcvOxWcl9gd1UqwcbD06hTjI1KbXSgxm9KP5PjGCNxkBjeOaUOqRn++3MQeuAR2eiASEa8x6AQGDOaAcqqtff92/akpTcE4d+hLnSfo1dfaptDppr5BiuhivpPY54WQJm/YODHSnUGdXc3CaZtPHIAqdRCuMplIyRpg6HPAHRbeCp826mHZeYFNzavCoF3lSVokBONk2VjOpKS2coUGQGe+JllH2Na2a4qjHPNQOLaZaIVdrr/Qn0mPrtXSArOz9nAOeL7fLYDlFdrCcFUdrXw+YWjhjU++dQuN6tMXAb4upOOuQfcALfTq7YBZLIj92dR1CP5hdMXKM//TZVLhnipcwk7xCpJENZrFqjuqnQlVNiq25mgOK4zoAqnq65E3sYCTzhe4F89Ce01PmTKmsMnLfP/ubDu499N68w5Qe95rKSL1OXRSjrLab8LS8CUib/yAGCIitGAAtQ9ck/cI96+WqyPG8wcbU/zVamB7SY8b/VC8fEUcgIztHWPK9Km+Q6ywHvQQlihpJJYKBjAUBXFN36VDcYLV5XsM1LpQgX8DaLLeJzC1NPnf8hf0YJW9EpMLq5EjqAkccFxvpeX2mGLE9GarqTX/ZISEFcL4Lf+ktrVQ5vL0DukjL5X5fr7IslHwQlr8Ci7ihDwLTy/4sJWe6LSOBCkYEvx4ZRO1k/XwtnVCoYPGrHI76ow39Hzg8mYeAdurpHOMo4g5rZmiBv5A2f5jGtg2rKaVVMxGigZB1sQGI+b9CmLEypJPPl3XAnOPDIIzPG5eMdIAQK7AzXUqNs12EVX8ZzGjD7/zCq/cKXA+CeO+LFst7ixIM2hOZIctHSd/I/FbYOAnCuHfYc5dy4pkGBJjXCyYc/7ONG0O5I1T2FIgtFUr0MfO0P6JDB+ICpmmrIvNJBmc7nNaakx2gxitZjM2/K+MUsxmnE5pdHFB4fmKamIb7o4LeJcs86Y+RI1b0dli8Hp7HEMVz7L5yJnddIggiu8MrOJtPnZe0Oej7FWp76KhBD64oPveGPnLWdB9d0ZEg0BL40pEubuHuNRHmNn1MCmsdDQz4wfrMUTW/S3QQS8LJ12pIVqxld7uvvwiQkRB58oR22dwsjpE63awfErOtY5ZYBrY9u34Pt2Op3TxLBUUP1uGGanSAC07Xkj7HMMQ4g+e83843itqRbDLNCYz75aIjHAjWogpKo5XTX2itpw+k4ZtDKGzlUi4e7VQjLNt7J+74uuZuHqVxoaHSRlrQE2F5Tueh4Njlux3cEYO3s3yDrvysAZF1yZG7zToGCCu3faa7cLkQCdkvFNqiG+V2AVslzW+0WS5m7IVmkMxnGKgigWiFlIpsP0gB7ihSo/T9DP7iUni6/Y85/AKdzNxb3EfSOwewbReVZZ5K9ag7+iYs0sq+Z4e3L/+xIOSTulsCFlGhOURtU3ef3vbHeIuRxEYuk1lTZInNbQTSwOZaGRCzYRH1ZVDml6aNobeFxD67h5j9nBZTqIxlQMC2hjUX4KUwS693659cQTG8PimxuDdnOfNdTQ5/n2FHRXQMpAK4l3JakoOO2y9lwITizTYWj2Hvls6Dhcxa+WrzexA0LZZc7okA5LfvHeq8969MQGJP2qXZ3/NZXvp0CSg3m328yC4PYYr6J4feI3vwNTtRZd6vkOFLRe/dsZSaDFIPhF2bjjXQ3sbZRtHYnEVYVVQ8ndEnhSzOVwFMP7l43xNiYDBh/NHU6sGH4187pn7GATDViwPsfBa8lhzyDd0kGn3wTsBs4QNH1zNpFEfJEwo77PQC1zUtwDoxa5coBesLh9NUoB/i0thLR0wUBH9x4H/z0lkgljH3MAPejH+ybx/9ZXtnNHYPHvVeptvBymy8QXxy4x8ZQf2Vt8IvPLpacCC44kowNd51YrVg5jKUzgb3TNlBZnhuOj2JmKCf+SU52c8jPDUIzP8ysuljTSlyre7rU6XP0PHDbvbc1L0cyRSopnqu8ztr7h3OgAUrswcXFz1/pgUpfqZ0DF9PmS2MLhbXvV6cKXVC/7ZXByE9ToE/Q/1+FT+3U0Gq0n7UjzHPLA9BspPjJd4VaRhI4gfhx2M71DTARAcYLkJW+0g2wKdnGVVa0OsfKwhe4UF8v3otjWHXQwZ0NKconROsk8v3yYFPGbUtEPNeInXGFQdkgr6MYMz5jdQ+D1ZWMLhlWagVN/iZDiGIGyHCq0MgYwGRKG7HjeQZ7Lv2Bf3WYM2cFtpsHdj6NjYdO+3DMLq3aABjrBNyjZM0+8jofL4i5FT7HjD7+NTmt5dHPX0LRwl1/6tgidnoSBbGVGpxp5k5CDUNTLDZpVxjG73YQeOPWt0/VL+whRovawuO2kSJt06UIQME86k9B644pvUWo/WVeo9rtZaVjJaFjdDIkaHvYvC66KSoJ1qpns53R3AFW76AIsOJDP+WN+tFCh4TWVRqtauhVabexTERQ+ctb304w4B931HeJ/L1q8AAzL6vNiV87I1++RJamR8Rp+B70OWotuy/2psJFXv1qKEoUmdp8N5wOS8YGlA7ssgK8/wQxwv1Yahi6sw/cHLW74Mc5czwzbZeECOFO49STczBGonpD8sKkGDEYTR2o96nYNUWnoe5b1eo058YrV73hUxNmvMj5q+wj9M1VLMmLTHuKIh5oXw0bQUdhirs7gNtZtREX2H69ax/2c8Q4FxjAlZlKtGVVmsKSkCLUdhINDGZbIOht3LO/uok1NscI+lvWMsajEWlBOmOnH0539CJ7xjuzzqYAja+hDpr0WvCvOWLPwbI0aq00Is6mICuEu9vB8nfiBwIlA/we6qBjULnXrPh39zfhoQZNetNivJU85wBR/8cz0voSrf4/Or8GkzfdyADDG4PM3vUepJuyTjF5zo+ZQCgMHujxxv/mMk1riOGq02nYZCYRdUXwJyTxTkogagwv59cDQJHqnDG9b9iZOuevG4kSWNn3srLb7HDcqT0sQpSa8ulAPZopFgbX7Hy0KY0eOahkTG9wXPYACFeaXs2+2d9HBeuH6fonMHCL06OQ6dcqKysWe6HrED71nn+kuu9LO7mbLBSekPpJkH2P86ipg8ZBYVK94G21fn9Lbr0/xp6lsgAkuwBIJ7w1QgwKlCXuItpHTFOq1TToTxh99ZyK8MkYgMSz5oYdgBEelaxbknR/nYLQAOYwOvfg+fCkz3HcDr+/SRC6niQ1c2sZP9rOe3DR9Dzr8yzWHoFjkuRMoBMz+6LbjYBW2ieT4iUAmpWydB9F/N1a4MvyT18J4+Gxc/Ugp/AufRq/xmMKKtqp/D7nj8l/N+9wAmaYakvbNfDf00bm7qhIg8nnoWI7LbiI/l3djtSEPxWqyI+IMwKx+lXhvoTdio/aIcjiM1FKdh9bkn466Qjp4Jw7dQh0Au1cv5RMq4XFAF/ob2oNdW1lflPPwp8+G0Rkx8btIoPGXzlR5Qmd1K17PouBP5haOSxptn2g9kqpcsdAGyHnqOdnL/mY1SrwJIGLIMkXffJsf837IQaD8PUhO1DHUV3hZ9MPc0hZL2oRPBBnw+5dOCSfFDzvxjo7Bj9W1OFRo5ETJz1OWBhj7TRn8zMr4wvfxdHB8aFAjEhypTmVtmSLPUB6NTZo4HqGfWVCMfYum5sfLi0u2hpAmRIGQOChURtv1o3KPhzIpBxXz9e3/+Ro8RxITV+s5ATKFsb8EJp4hYbrg84MFVicg29+Ds4ET+WfSAD/1U0wdKVzZt30Fnh31vQPEBoTwjwESZDnprKc5fAD9koW8gZK1WP0dypbXbTnSx76l04Kyncr+L3/kaC4i6q1zw3QEtseecGNNUQHTioM+HLuEtuWE7eg6UXsZ0lFqx3Avd7i0Nu9fIlS2yaG2hln/yiEx9ifh1hcidziu4TKFgjh/AKRQDYGHguvfdCwfBWIHeyrzWFztp/kwYCinwqHnBujUqaJqa+qFhCp8exrP1KVzeu7PkRwGIAwfJx43WPjBgMsbm7GsBYrkWHXYceBCmjgProdgK0=,iv:G7JThXxOrVYpQatcvkjmhOGSs+griXoSzrpqqYwh2TA=,tag:U4Yj8MC4nOUcc/8bvC90WQ==,type:str] sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] age: - recipient: age1tt0peqg8zdfh74m5sdgwsczcqh036nhgmwvkqnvywll88uvmm9xs433rhm enc: | @@ -49,7 +46,8 @@ sops: bUhIT0Z2b1dVWGNyS1hRVFRyZTA4d00KchP7EhSOMwBl5vFuuskzosRoi8jUu1sw hVjJNF2a40ewgkQgVAoWEzirHbknbQORzmepDDRth7Bve3UQU64+GA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-04-13T14:21:06Z" - mac: ENC[AES256_GCM,data:gkVuyr5PSqumXYWK5WsMfPHPQHbXHIFoUgGokh6xEHTacmxABvNroQiMZYrSvbHVSUxy06Ao8VWRK1tPPSjbsxBD5T7X0yXDLGkmPQpQWSRy+Zb1hQaV0Osp2p4yGGseNJxBmWOGWdmJGOwCAoj8tnS/EOGo+128dJyzrvD9F4Q=,iv:RQ/cM1eySv+KVLD/MGSs3E1RXMLFJR+6O1hOie8bskU=,tag:fT6jXRSMpCexYV1m5FbbDQ==,type:str] + lastmodified: "2024-04-18T13:34:51Z" + mac: ENC[AES256_GCM,data:cinVE1pHSgjCRPIDwANzR0oHw7zdN8DVDQKkhXT5j+dGiaFzNvLoYyMcEsjoxAjEdup3YMo+Vg6I4C94AUCrTn7N9BGjnGFVQz3m9q13zORi1+HWam0VItBzJm1iIo8x0PPs79OBaIHVUFAz8r4DW46P/LQISl9MQSDpCCTjVVk=,iv:2VAehWaoh2lNZM8jlmt+dqo5eeHfcr++eAdQfm/tCcM=,tag:QSnbObe3046AnFpK3Y01Eg==,type:str] + pgp: [] unencrypted_suffix: _unencrypted - version: 3.10.1 + version: 3.8.1 diff --git a/nki-personal-do/configuration.nix b/nki-personal-do/configuration.nix index 68ae0c2..1e2b881 100644 --- a/nki-personal-do/configuration.nix +++ b/nki-personal-do/configuration.nix @@ -1,10 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: -{ +{ pkgs, config, lib, ... }: { imports = [ ./hardware-configuration.nix @@ -18,9 +12,6 @@ ../modules/cloud/conduit ../modules/cloud/gotosocial - # Encrypted DNS - ../modules/services/edns - ./headscale.nix ./gitea.nix ./miniflux.nix @@ -30,15 +21,8 @@ ./invidious.nix ./owncast.nix ./peertube.nix - ./outline.nix - ./vikunja.nix - ./n8n.nix - ./ntfy.nix - ./grist.nix ]; - system.stateVersion = "21.11"; - common.linux.enable = false; # Don't enable the "common linux" module, this is a special machine. # Personal user @@ -70,19 +54,21 @@ ]; virtualisation.docker.enable = true; - virtualisation.docker.extraOptions = "--data-root /mnt/data/docker"; services.do-agent.enable = true; + system.autoUpgrade = { + enable = true; + allowReboot = true; + flake = "github:natsukagami/nix-home#nki-personal-do"; + }; + nix = { extraOptions = '' experimental-features = nix-command flakes ''; }; - nki.services.edns.enable = true; - nki.services.edns.ipv6 = true; - # Secret management sops.defaultSopsFile = ./secrets/secrets.yaml; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; @@ -95,19 +81,9 @@ services.my-tinc.rsaPrivateKey = config.sops.secrets."tinc/rsa-private-key".path; services.my-tinc.ed25519PrivateKey = config.sops.secrets."tinc/ed25519-private-key".path; - sops.secrets."nix-build-farm/private-key" = { - mode = "0400"; - }; - services.nix-build-farm.hostname = "home"; - services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path; - # Set up traefik - sops.secrets.cloudflare-dns-api-token = { - owner = "traefik"; - }; - sops.secrets.traefik-dashboard-users = { - owner = "traefik"; - }; + sops.secrets.cloudflare-dns-api-token = { owner = "traefik"; }; + sops.secrets.traefik-dashboard-users = { owner = "traefik"; }; cloud.traefik.cloudflareKeyFile = config.sops.secrets.cloudflare-dns-api-token.path; cloud.traefik.dashboard = { enable = true; @@ -121,19 +97,9 @@ settings.HOST = "127.0.0.1"; settings.PORT = "16904"; }; - cloud.traefik.hosts.uptime-kuma = { - host = "status.nkagami.me"; - port = 16904; - noCloudflare = true; - }; - cloud.traefik.hosts.uptime-kuma-dtth = { - host = "status.dtth.ch"; - port = 16904; - }; - cloud.traefik.hosts.uptime-kuma-codefun = { - host = "status.codefun.vn"; - port = 16904; - }; + cloud.traefik.hosts.uptime-kuma = { host = "status.nkagami.me"; port = 16904; noCloudflare = true; }; + cloud.traefik.hosts.uptime-kuma-dtth = { host = "status.dtth.ch"; port = 16904; }; + cloud.traefik.hosts.uptime-kuma-codefun = { host = "status.codefun.vn"; port = 16904; }; # Bitwarden sops.secrets.vaultwarden-env = { }; @@ -143,9 +109,7 @@ virtualisation.arion.backend = "docker"; # Conduit - sops.secrets.heisenbridge = { - owner = "heisenbridge"; - }; + sops.secrets.heisenbridge = { owner = "heisenbridge"; }; cloud.conduit.enable = true; cloud.conduit.instances = { "nkagami" = { @@ -180,10 +144,7 @@ }; # Mail - sops.secrets.mail-users = { - owner = "maddy"; - reloadUnits = [ "maddy.service" ]; - }; + sops.secrets.mail-users = { owner = "maddy"; }; cloud.mail = { enable = true; debug = true; @@ -205,10 +166,7 @@ sops.secrets.authentik-env = { }; cloud.authentik.enable = true; cloud.authentik.envFile = config.sops.secrets.authentik-env.path; - cloud.traefik.hosts.authentik = { - host = "auth.dtth.ch"; - port = config.cloud.authentik.port; - }; + cloud.traefik.hosts.authentik = { host = "auth.dtth.ch"; port = config.cloud.authentik.port; }; # Firezone sops.secrets.firezone-env = { }; @@ -227,26 +185,97 @@ protocol = "udp"; }; - # GoToSocial - sops.secrets.gts-env = { - restartUnits = [ "gotosocial.service" ]; + + # Outline + sops.secrets.minio-secret-key = { owner = "root"; mode = "0444"; }; + sops.secrets.authentik-oidc-client-secret = { owner = "outline"; }; + sops.secrets."outline/smtp-password" = { owner = "outline"; }; + services.outline = { + enable = true; + package = pkgs.outline.overrideAttrs (attrs: { + patches = if builtins.hasAttr "patches" attrs then attrs.patches else [ ] ++ [ ../modules/cloud/outline/dtth-wiki.patch ]; + }); + databaseUrl = "postgres://outline:outline@localhost/outline?sslmode=disable"; + redisUrl = "local"; + publicUrl = "https://wiki.dtth.ch"; + port = 18729; + storage = { + accessKey = "minio"; + secretKeyFile = config.sops.secrets.minio-secret-key.path; + region = config.services.minio.region; + uploadBucketUrl = "https://s3.dtth.ch"; + uploadBucketName = "dtth-outline"; + uploadMaxSize = 50 * 1024 * 1000; + }; + maximumImportSize = 50 * 1024 * 1000; + + oidcAuthentication = { + clientId = "3a0c10e00cdcb4a1194315577fa208a747c1a5f7"; + clientSecretFile = config.sops.secrets.authentik-oidc-client-secret.path; + authUrl = "https://auth.dtth.ch/application/o/authorize/"; + tokenUrl = "https://auth.dtth.ch/application/o/token/"; + userinfoUrl = "https://auth.dtth.ch/application/o/userinfo/"; + displayName = "DTTH Account"; + }; + + smtp = { + fromEmail = "DTTH Wiki "; + replyEmail = ""; + host = "mx1.nkagami.me"; + username = "dtth.wiki@nkagami.me"; + passwordFile = config.sops.secrets."outline/smtp-password".path; + port = 465; + secure = true; + }; + + forceHttps = false; }; + cloud.postgresql.databases = [ "outline" ]; + systemd.services.outline.requires = [ "postgresql.service" ]; + cloud.traefik.hosts.outline = { host = "wiki.dtth.ch"; port = 18729; }; + + # GoToSocial + sops.secrets.gts-env = { }; cloud.gotosocial = { enable = true; envFile = config.sops.secrets.gts-env.path; }; - # Grist - sops.secrets."grist/env" = { - restartUnits = [ "arion-grist.service" ]; - }; - cloud.grist = { + # Minio + sops.secrets.minio-credentials = { }; + services.minio = { enable = true; - envFile = config.sops.secrets."grist/env".path; - host = "tables.dtth.ch"; - dataDir = "/mnt/data/grist"; + listenAddress = ":61929"; + consoleAddress = ":62929"; + rootCredentialsFile = config.sops.secrets.minio-credentials.path; + dataDir = lib.mkForce [ "/mnt/data/minio" ]; }; + cloud.traefik.hosts.minio = { host = "s3.dtth.ch"; port = 61929; }; + system.stateVersion = "21.11"; - # Trust my own cert - security.pki.certificateFiles = [ ../nki-home/cert.pem ]; + # ntfy + cloud.traefik.hosts.ntfy-sh = { host = "ntfy.nkagami.me"; port = 11161; noCloudflare = true; }; + services.ntfy-sh = { + enable = true; + settings = { + listen-http = "127.0.0.1:11161"; + cache-file = "/var/lib/ntfy-sh/cache.db"; + auth-file = "/var/lib/ntfy-sh/auth.db"; + auth-default-access = "deny-all"; + behind-proxy = true; + base-url = "https://ntfy.nkagami.me"; + attachment-cache-dir = "/var/lib/ntfy-sh/attachments"; + enable-login = true; + enable-reservations = true; + upstream-base-url = "https://ntfy.sh"; + }; + }; + systemd.services.ntfy-sh.serviceConfig = { + WorkingDirectory = "/var/lib/ntfy-sh"; + StateDirectory = "ntfy-sh"; + }; + systemd.services.ntfy-sh.preStart = '' + mkdir -p /var/lib/ntfy-sh/attachments + ''; } + diff --git a/nki-personal-do/gitea.nix b/nki-personal-do/gitea.nix index 957ec8f..43ec634 100644 --- a/nki-personal-do/gitea.nix +++ b/nki-personal-do/gitea.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let user = "gitea"; @@ -103,7 +98,6 @@ in }; users.groups.${user} = { }; sops.secrets."gitea/signing-key".owner = user; - sops.secrets."gitea/minio-secret-key".owner = user; sops.secrets."gitea/mailer-password".owner = user; # database cloud.postgresql.databases = [ user ]; @@ -117,10 +111,11 @@ in services.forgejo = { enable = true; - package = pkgs.forgejo; inherit user; + appName = "DTTHgit"; + settings = { server = { DOMAIN = host; @@ -131,11 +126,7 @@ in }; repository = { DEFAULT_PRIVATE = "private"; - PREFERRED_LICENSES = strings.concatStringsSep "," [ - "AGPL-3.0-or-later" - "GPL-3.0-or-later" - "Apache-2.0" - ]; + PREFERRED_LICENSES = strings.concatStringsSep "," [ "AGPL-3.0-or-later" "GPL-3.0-or-later" "Apache-2.0" ]; # DISABLE_HTTP_GIT = true; DEFAULT_BRANCH = "master"; ENABLE_PUSH_CREATE_USER = true; @@ -145,7 +136,7 @@ in }; "repository.signing" = { SIGNING_KEY = signingKey; - SIGNING_NAME = "DTTHgit"; + SIGNING_NAME = "DTTHGit"; SIGNING_EMAIL = "dtth-gitea@nkagami.me"; }; ui.THEMES = default-themes + "," + themes; @@ -185,24 +176,13 @@ in PATH = "${pkgs.git}/bin/git"; }; - storage = { - STORAGE_TYPE = "minio"; - MINIO_USE_SSL = "true"; - MINIO_ENDPOINT = "60c0807121eb35ef52cdcd4a33735fa6.r2.cloudflarestorage.com"; - MINIO_ACCESS_KEY_ID = "704c29ade7a8b438b77ab520da2799ca"; - MINIO_BUCKET = "dtth-gitea"; - MINIO_LOCATION = "auto"; - MINIO_CHECKSUM_ALGORITHM = "md5"; # R2 moment - }; - federation.ENABLED = true; - DEFAULT.APP_NAME = "DTTHGit"; + }; stateDir = "/mnt/data/gitea"; - secrets.mailer.PASSWD = secrets."gitea/mailer-password".path; - secrets.storage.MINIO_SECRET_ACCESS_KEY = config.sops.secrets."gitea/minio-secret-key".path; + mailerPasswordFile = secrets."gitea/mailer-password".path; database = { inherit user; @@ -227,13 +207,13 @@ in serviceConfig.SystemCallFilter = mkForce "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @setuid @swap"; preStart = '' # Import the signing subkey - if cat ${config.services.forgejo.stateDir}/.gnupg/gpg.conf | grep -q ${signingKey}; then + if cat ${config.services.gitea.stateDir}/.gnupg/gpg.conf | grep -q ${signingKey}; then echo "Keys already imported" # imported else echo "Import your keys!" ${pkgs.gnupg}/bin/gpg --quiet --import ${secrets."gitea/signing-key".path} - echo "trusted-key ${signingKey}" >> ${config.services.forgejo.stateDir}/.gnupg/gpg.conf + echo "trusted-key ${signingKey}" >> ${config.services.gitea.stateDir}/.gnupg/gpg.conf exit 1 fi ''; diff --git a/nki-personal-do/grist.nix b/nki-personal-do/grist.nix deleted file mode 100644 index 77c2847..0000000 --- a/nki-personal-do/grist.nix +++ /dev/null @@ -1,142 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: - -with lib; -let - cfg = config.cloud.grist; - - mkImage = { imageName, imageDigest, ... }: "${imageName}@${imageDigest}"; - # If we can pullImage we can just do - # mkImage = pkgs.dockerTools.pullImage; - - images = { - # https://hub.docker.com/r/gristlabs/grist/tags - grist = mkImage { - imageName = "docker.io/gristlabs/grist-oss"; - finalImageTag = "1.5.1"; - imageDigest = "sha256:fe12125036a2f034430e56ca37f4258b5e489c98eb351fbfd63a771f69f4fa86"; - }; - # https://hub.docker.com/r/valkey/valkey/tags - valkey = mkImage { - imageName = "docker.io/valkey/valkey"; - finalImageTag = "8.0.2-alpine"; - imageDigest = "sha256:0fae58181c223280867e8b6d9d5fa29fca507770aeb6819f36d059cab73fa2fd"; - }; - }; - defaultEnv = { - GRIST_HIDE_UI_ELEMENTS = lib.concatStringsSep "," [ - "helpCenter" - "billing" - "multiAccounts" - "supportGrist" - ]; - GRIST_PAGE_TITLE_SUFFIX = " - DTTH Grist"; - GRIST_FORCE_LOGIN = "true"; - GRIST_WIDGET_LIST_URL = "https://github.com/gristlabs/grist-widget/releases/download/latest/manifest.json"; - GRIST_EXTERNAL_ATTACHMENTS_MODE = "snapshots"; - - GRIST_SANDBOX_FLAVOR = "gvisor"; - PYTHON_VERSION = "3"; - PYTHON_VERSION_ON_CREATION = "3"; - }; -in -{ - options.cloud.grist = { - enable = mkEnableOption "Grist database server"; - envFile = mkOption { - type = types.path; - description = "Path to an environment file that specifies GRIST_SESSION_SECRET and others"; - }; - host = mkOption { - type = types.str; - description = "Exposed hostname"; - }; - port = mkOption { - type = types.int; - description = "Exposed port"; - default = 9674; - }; - dataDir = mkOption { - type = types.str; - description = "Path to the data directory"; - }; - - settings = { - allowedWebhookDomains = mkOption { - type = types.listOf types.str; - description = "List of domains to be allowed in webhooks"; - default = [ - "dtth.ch" - "nkagami.me" - "discord.com" - ]; - }; - defaultEmail = mkOption { - type = types.str; - description = "Default email address for admin user"; - default = "nki@nkagami.me"; - }; - }; - }; - - config = mkIf cfg.enable { - cloud.traefik.hosts.grist = { - inherit (cfg) port host; - }; - systemd.services.arion-grist = { - serviceConfig.Type = "notify"; - serviceConfig.NotifyAccess = "all"; - serviceConfig.TimeoutSec = 300; - script = lib.mkBefore '' - ${lib.getExe pkgs.wait4x} http http://127.0.0.1:${toString cfg.port} -t 0 -q -- systemd-notify --ready & - ''; - unitConfig.RequiresMountsFor = [ cfg.dataDir ]; - unitConfig.ReadWritePaths = [ cfg.dataDir ]; - }; - virtualisation.arion.projects.grist.settings = { - services.grist-server.service = { - image = images.grist; - restart = "unless-stopped"; - volumes = [ "${cfg.dataDir}:/persist" ]; - environment = defaultEnv // { - APP_HOME_URL = "https://${cfg.host}"; - ALLOWED_WEBHOOK_DOMAINS = lib.concatStringsSep "," cfg.settings.allowedWebhookDomains; - GRIST_DEFAULT_EMAIL = cfg.settings.defaultEmail; - REDIS_URL = "redis://valkey/1"; - }; - env_file = [ cfg.envFile ]; - ports = [ - "127.0.0.1:${toString cfg.port}:8484" - ]; - }; - services.valkey.service = { - image = images.valkey; - command = "--save 60 1 --loglevel warning"; - restart = "unless-stopped"; - healthcheck = { - test = [ - "CMD-SHELL" - "valkey-cli ping | grep PONG" - ]; - start_period = "20s"; - interval = "30s"; - retries = 5; - timeout = "3s"; - }; - volumes = [ "valkey:/data" ]; - }; - docker-compose.volumes = { - valkey.driver = "local"; - }; - }; - systemd.tmpfiles.settings."10-grist".${cfg.dataDir}.d = { - user = "root"; - group = "root"; - mode = "0700"; - }; - }; -} diff --git a/nki-personal-do/hardware-configuration.nix b/nki-personal-do/hardware-configuration.nix index 7597e13..f2a2b10 100644 --- a/nki-personal-do/hardware-configuration.nix +++ b/nki-personal-do/hardware-configuration.nix @@ -2,32 +2,16 @@ { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot.loader.grub.device = "/dev/sda"; - boot.initrd.availableKernelModules = [ - "ata_piix" - "uhci_hcd" - "xen_blkfront" - "vmw_pvscsi" - ]; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; boot.initrd.kernelModules = [ "nvme" ]; - fileSystems."/" = { - device = "/dev/sda1"; - fsType = "ext4"; - }; + fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; # swap - swapDevices = [ - { - device = "/var/swapfile"; - size = 4 * 1024; - priority = 1024; - } - ]; + swapDevices = [{ device = "/var/swapfile"; size = 4 * 1024; priority = 1024; }]; zramSwap.enable = true; # volumes - services.btrfs.autoScrub.enable = true; fileSystems.data = { - device = "/dev/disk/by-id/scsi-0HC_Volume_101470796"; - fsType = "btrfs"; + device = "/dev/disk/by-id/scsi-0HC_Volume_31812942"; + fsType = "ext4"; mountPoint = "/mnt/data"; - options = [ "compress=zstd" ]; }; } diff --git a/nki-personal-do/headscale.nix b/nki-personal-do/headscale.nix index abebf6a..acb6da1 100644 --- a/nki-personal-do/headscale.nix +++ b/nki-personal-do/headscale.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: let secrets = config.sops.secrets; @@ -12,14 +7,9 @@ let webuiPort = 19877; in rec { - sops.secrets."headscale/client_secret" = { - owner = "headscale"; - }; + sops.secrets."headscale/client_secret" = { owner = "headscale"; }; sops.secrets."headscale/webui-env" = { }; - sops.secrets."headscale/derp-servers/vnm" = { - owner = "headscale"; - name = "headscale/derp-servers/vnm.yaml"; - }; + sops.secrets."headscale/derp-servers/vnm" = { owner = "headscale"; name = "headscale/derp-servers/vnm.yaml"; }; # database cloud.postgresql.databases = [ "headscale" ]; # traefik @@ -37,14 +27,7 @@ rec { noCloudflare = true; }; - systemd.services.headscale.requires = [ - "postgresql.service" - "arion-authentik.service" - ]; - systemd.services.headscale.after = [ - "postgresql.service" - "arion-authentik.service" - ]; + systemd.services.headscale.requires = [ "postgresql.service" ]; services.headscale = { enable = true; inherit port; @@ -52,32 +35,23 @@ rec { settings = { server_url = "https://hs.dtth.ch"; - database.type = "postgres"; - database.postgres = { - host = "/var/run/postgresql"; # find out yourself - user = "headscale"; - name = "headscale"; - }; + db_type = "postgres"; + db_host = "/var/run/postgresql"; # find out yourself + db_user = "headscale"; + db_name = "headscale"; - dns = { - base_domain = "dtth.ts"; - extra_records = [ - { - name = "llm.kagamipc.dtth.ts"; - type = "A"; - value = "100.64.0.1"; - } - ]; + dns_config = { + base_domain = host; }; noise = { private_key_path = "/var/lib/headscale/noise_private.key"; }; - prefixes = { - v6 = "fd7a:115c:a1e0::/48"; - v4 = "100.64.0.0/10"; - }; + ip_prefixes = [ + "fd7a:115c:a1e0::/48" + "100.64.0.0/10" + ]; derp.paths = [ secrets."headscale/derp-servers/vnm".path @@ -94,4 +68,23 @@ rec { }; environment.etc."headscale/config.yaml".mode = "0644"; + virtualisation.arion.projects.headscale-webui.settings = { + services.webui.service = { + image = "ghcr.io/ifargle/headscale-webui@sha256:b4f02337281853648b071301af4329b4e4fc9189d77ced2eb2fbb78204321cab"; + restart = "unless-stopped"; + + environment = { + TZ = "Europe/Zurich"; + COLOR = "blue-gray"; + HS_SERVER = "https://hs.dtth.ch"; + SCRIPT_NAME = "/admin"; + }; + env_file = [ secrets."headscale/webui-env".path ]; + ports = [ "127.0.0.1:${toString webuiPort}:5000" ]; + volumes = [ + "/var/lib/headscale/webui:/data" + "/etc/headscale:/etc/headscale:ro" + ]; + }; + }; } diff --git a/nki-personal-do/invidious.nix b/nki-personal-do/invidious.nix index 2d60035..6169757 100644 --- a/nki-personal-do/invidious.nix +++ b/nki-personal-do/invidious.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: let ipv6-rotator = let @@ -16,14 +11,7 @@ let in pkgs.writeShellApplication { name = "smart-ipv6-rotator"; - runtimeInputs = [ - (pkgs.python3.withPackages ( - p: with p; [ - pyroute2 - requests - ] - )) - ]; + runtimeInputs = [ (pkgs.python3.withPackages (p: with p; [ pyroute2 requests ])) ]; text = '' if [ -z "$IPV6_ROTATOR_RANGE" ]; then echo "Range required" @@ -34,17 +22,10 @@ let }; in { - sops.secrets."invidious" = { - mode = "0444"; - }; - sops.secrets."invidious-rotator-env" = { - mode = "0444"; - }; + sops.secrets."invidious" = { mode = "0444"; }; + sops.secrets."invidious-rotator-env" = { mode = "0444"; }; cloud.postgresql.databases = [ "invidious" ]; - cloud.traefik.hosts.invidious = { - host = "invi.dtth.ch"; - port = 61191; - }; + cloud.traefik.hosts.invidious = { host = "invi.dtth.ch"; port = 61191; }; services.invidious = { enable = true; domain = "invi.dtth.ch"; @@ -73,13 +54,8 @@ in }; systemd.timers.smart-ipv6-rotator = { description = "Rotate ipv6 routes to Google"; - timerConfig = { - OnCalendar = "*-*-* 00,06,12,18:00:00"; - }; - wantedBy = [ - "invidious.service" - "timers.target" - ]; + timerConfig = { OnCalendar = "*-*-* 00,06,12,18:00:00"; }; + wantedBy = [ "invidious.service" "timers.target" ]; unitConfig = { }; }; systemd.services.smart-ipv6-rotator = { @@ -92,3 +68,4 @@ in }; }; } + diff --git a/nki-personal-do/miniflux.nix b/nki-personal-do/miniflux.nix index 91b4e1d..f8157da 100644 --- a/nki-personal-do/miniflux.nix +++ b/nki-personal-do/miniflux.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: with lib; let user = "miniflux"; @@ -47,10 +42,7 @@ in systemd.services.miniflux = { description = "Miniflux service"; wantedBy = [ "multi-user.target" ]; - after = [ - "network.target" - "postgresql.service" - ]; + after = [ "network.target" ]; requires = [ "postgresql.service" ]; serviceConfig = { @@ -80,22 +72,16 @@ in ProtectKernelModules = true; ProtectKernelTunables = true; ProtectProc = "invisible"; - RestrictAddressFamilies = [ - "AF_INET" - "AF_INET6" - "AF_UNIX" - ]; + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictNamespaces = true; RestrictRealtime = true; RestrictSUIDSGID = true; SystemCallArchitectures = "native"; - SystemCallFilter = [ - "@system-service" - "~@privileged" - ]; + SystemCallFilter = [ "@system-service" "~@privileged" ]; UMask = "0077"; }; environment = configEnv; }; } + diff --git a/nki-personal-do/n8n.nix b/nki-personal-do/n8n.nix deleted file mode 100644 index 7da504e..0000000 --- a/nki-personal-do/n8n.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - secrets = config.sops.secrets; - - host = "n8n.dtth.ch"; - db = "n8n"; - user = db; - port = 23412; - - dataFolder = "/mnt/data/n8n"; - - plugins = pkgs.callPackage ./n8n/plugins/package.nix { }; -in -{ - sops.secrets."n8n/env" = { - reloadUnits = [ "n8n.service" ]; - }; - cloud.postgresql.databases = [ db ]; - cloud.traefik.hosts.n8n = { - inherit port host; - }; - - # users - users.users."${user}" = { - group = "${user}"; - isSystemUser = true; - }; - users.groups."${user}" = { }; - - services.n8n = { - enable = true; - webhookUrl = "https://${host}"; - }; - - systemd.services.n8n = { - environment = { - # Database - DB_TYPE = "postgresdb"; - DB_POSTGRESDB_DATABASE = db; - DB_POSTGRESDB_HOST = "/var/run/postgresql"; - DB_POSTGRESDB_USER = db; - # Deployment - N8N_EDITOR_BASE_URL = "https://${host}"; - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS = "true"; - N8N_USER_FOLDER = lib.mkForce dataFolder; - HOME = lib.mkForce dataFolder; - N8N_HOST = host; - N8N_PORT = toString port; - N8N_LISTEN_ADDRESS = "127.0.0.1"; - N8N_HIRING_BANNER_ENABLED = "false"; - N8N_PROXY_HOPS = "1"; - # Logs - N8N_LOG_LEVEL = "debug"; - # License - N8N_HIDE_USAGE_PAGE = "true"; - # Security - N8N_BLOCK_ENV_ACCESS_IN_NODE = "true"; - # Timezone - GENERIC_TIMEZONE = "Europe/Berlin"; - }; - serviceConfig = { - EnvironmentFile = [ secrets."n8n/env".path ]; - User = user; - DynamicUser = lib.mkForce false; - ReadWritePaths = [ dataFolder ]; - # ReadOnlyPaths = [ "/var/run/postgresql" ]; - }; - unitConfig.RequiresMountsFor = [ dataFolder ]; - }; - systemd.tmpfiles.settings."10-n8n" = { - ${dataFolder}.d = { - user = user; - group = user; - mode = "0700"; - }; - "${dataFolder}/.n8n/nodes"."L+" = { - argument = "${plugins}"; - }; - }; -} diff --git a/nki-personal-do/n8n/plugins/.gitignore b/nki-personal-do/n8n/plugins/.gitignore deleted file mode 100644 index 3c3629e..0000000 --- a/nki-personal-do/n8n/plugins/.gitignore +++ /dev/null @@ -1 +0,0 @@ -node_modules diff --git a/nki-personal-do/n8n/plugins/package-lock.json b/nki-personal-do/n8n/plugins/package-lock.json deleted file mode 100644 index a310e3b..0000000 --- a/nki-personal-do/n8n/plugins/package-lock.json +++ /dev/null @@ -1,1678 +0,0 @@ -{ - "name": "n8n-plugins", - "version": "1.0.0", - "lockfileVersion": 3, - "requires": true, - "packages": { - "": { - "name": "n8n-plugins", - "version": "1.0.0", - "dependencies": { - "n8n-nodes-turndown-html-to-markdown": "^1.0.5", - "n8n-nodes-vikunja": "^0.2.0" - } - }, - "node_modules/@mixmark-io/domino": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@mixmark-io/domino/-/domino-2.2.0.tgz", - "integrity": "sha512-Y28PR25bHXUg88kCV7nivXrP2Nj2RueZ3/l/jdx6J9f8J4nsEGcgX0Qe6lt7Pa+J79+kPiJU3LguR6O/6zrLOw==", - "license": "BSD-2-Clause" - }, - "node_modules/@n8n_io/riot-tmpl": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/@n8n_io/riot-tmpl/-/riot-tmpl-4.0.0.tgz", - "integrity": "sha512-/xw8HQgYQlBCrt3IKpNSSB1CgpP7XArw1QTRjP+KEw+OHT8XGvHxXrW9VGdUu9RwDnzm/LFu+dNLeDmwJMeOwQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "eslint-config-riot": "^1.0.0" - } - }, - "node_modules/@n8n/tournament": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/@n8n/tournament/-/tournament-1.0.5.tgz", - "integrity": "sha512-IPBHa7gC0wwHVct/dnBquHz+uMCDZaZ05cor1D/rjlwaOe/PVu5mtoZaPHYuR98R3W1/IyxC5PuBd0JizDP9gg==", - "license": "Apache-2.0", - "peer": true, - "dependencies": { - "@n8n_io/riot-tmpl": "^4.0.1", - "ast-types": "^0.16.1", - "esprima-next": "^5.8.4", - "recast": "^0.22.0" - }, - "engines": { - "node": ">=20.15", - "pnpm": ">=9.5" - } - }, - "node_modules/@n8n/tournament/node_modules/@n8n_io/riot-tmpl": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/@n8n_io/riot-tmpl/-/riot-tmpl-4.0.1.tgz", - "integrity": "sha512-/zdRbEfTFjsm1NqnpPQHgZTkTdbp5v3VUxGeMA9098sps8jRCTraQkc3AQstJgHUm7ylBXJcIVhnVeLUMWAfwQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "eslint-config-riot": "^1.0.0" - } - }, - "node_modules/@n8n/tournament/node_modules/ast-types": { - "version": "0.16.1", - "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.16.1.tgz", - "integrity": "sha512-6t10qk83GOG8p0vKmaCr8eiilZwO171AvbROMtvvNiwrTly62t+7XkA8RdIIVbpMhCASAsxgAzdRSwh6nw/5Dg==", - "license": "MIT", - "peer": true, - "dependencies": { - "tslib": "^2.0.1" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@n8n/tournament/node_modules/recast": { - "version": "0.22.0", - "resolved": "https://registry.npmjs.org/recast/-/recast-0.22.0.tgz", - "integrity": "sha512-5AAx+mujtXijsEavc5lWXBPQqrM4+Dl5qNH96N2aNeuJFUzpiiToKPsxQD/zAIJHspz7zz0maX0PCtCTFVlixQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "assert": "^2.0.0", - "ast-types": "0.15.2", - "esprima": "~4.0.0", - "source-map": "~0.6.1", - "tslib": "^2.0.1" - }, - "engines": { - "node": ">= 4" - } - }, - "node_modules/@n8n/tournament/node_modules/recast/node_modules/ast-types": { - "version": "0.15.2", - "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.15.2.tgz", - "integrity": "sha512-c27loCv9QkZinsa5ProX751khO9DJl/AcB5c2KNtA6NRvHKS0PgLfcftz72KVq504vB0Gku5s2kUZzDBvQWvHg==", - "license": "MIT", - "peer": true, - "dependencies": { - "tslib": "^2.0.1" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "license": "MIT", - "peer": true, - "dependencies": { - "color-convert": "^2.0.1" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/assert": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/assert/-/assert-2.1.0.tgz", - "integrity": "sha512-eLHpSK/Y4nhMJ07gDaAzoX/XAKS8PSaojml3M0DM4JpV1LAi5JOJ/p6H/XWrl8L+DzVEvVCW1z3vWAaB9oTsQw==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.2", - "is-nan": "^1.3.2", - "object-is": "^1.1.5", - "object.assign": "^4.1.4", - "util": "^0.12.5" - } - }, - "node_modules/ast-types": { - "version": "0.15.2", - "resolved": "https://registry.npmjs.org/ast-types/-/ast-types-0.15.2.tgz", - "integrity": "sha512-c27loCv9QkZinsa5ProX751khO9DJl/AcB5c2KNtA6NRvHKS0PgLfcftz72KVq504vB0Gku5s2kUZzDBvQWvHg==", - "license": "MIT", - "peer": true, - "dependencies": { - "tslib": "^2.0.1" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==", - "license": "MIT", - "peer": true - }, - "node_modules/available-typed-arrays": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz", - "integrity": "sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "possible-typed-array-names": "^1.0.0" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/axios": { - "version": "1.7.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz", - "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==", - "license": "MIT", - "peer": true, - "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" - } - }, - "node_modules/call-bind": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.8.tgz", - "integrity": "sha512-oKlSFMcMwpUg2ednkhQ454wfWiU/ul3CkJe/PEHcTKuiX6RpbehUiFMXu13HalGZxfUwCQzZG747YXBn1im9ww==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind-apply-helpers": "^1.0.0", - "es-define-property": "^1.0.0", - "get-intrinsic": "^1.2.4", - "set-function-length": "^1.2.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/call-bind-apply-helpers": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.1.tgz", - "integrity": "sha512-BhYE+WDaywFg2TBWYNXAE+8B1ATnThNBqXHP5nQu0jWJdVvY2hvkpyB3qOmtmDePiS5/BDQ8wASEWGMWRG148g==", - "license": "MIT", - "peer": true, - "dependencies": { - "es-errors": "^1.3.0", - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/call-bound": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.2.tgz", - "integrity": "sha512-0lk0PHFe/uz0vl527fG9CgdE9WdafjDbCXvBbs+LUv000TVt2Jjhqbs4Jwm8gz070w8xXyEAxrPOMullsxXeGg==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.8", - "get-intrinsic": "^1.2.5" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/callsites": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", - "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/charenc": { - "version": "0.0.2", - "resolved": "https://registry.npmjs.org/charenc/-/charenc-0.0.2.tgz", - "integrity": "sha512-yrLQ/yVUFXkzg7EDQsPieE/53+0RlaWTs+wBrvW36cyilJ2SaDWfl4Yj7MtLTXleV9uEKefbAGUPv2/iWSooRA==", - "license": "BSD-3-Clause", - "peer": true, - "engines": { - "node": "*" - } - }, - "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "license": "ISC", - "peer": true, - "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "color-name": "~1.1.4" - }, - "engines": { - "node": ">=7.0.0" - } - }, - "node_modules/color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "license": "MIT", - "peer": true - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "license": "MIT", - "peer": true, - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/crypt": { - "version": "0.0.2", - "resolved": "https://registry.npmjs.org/crypt/-/crypt-0.0.2.tgz", - "integrity": "sha512-mCxBlsHFYh9C+HVpiEacem8FEBnMXgU9gy4zmNC+SXAZNB/1idgp/aulFJ4FgCi7GPEVbfyng092GqL2k2rmow==", - "license": "BSD-3-Clause", - "peer": true, - "engines": { - "node": "*" - } - }, - "node_modules/deep-equal": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/deep-equal/-/deep-equal-2.2.0.tgz", - "integrity": "sha512-RdpzE0Hv4lhowpIUKKMJfeH6C1pXdtT1/it80ubgWqwI3qpuxUBpC1S4hnHg+zjnuOoDkzUtUCEEkG+XG5l3Mw==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.2", - "es-get-iterator": "^1.1.2", - "get-intrinsic": "^1.1.3", - "is-arguments": "^1.1.1", - "is-array-buffer": "^3.0.1", - "is-date-object": "^1.0.5", - "is-regex": "^1.1.4", - "is-shared-array-buffer": "^1.0.2", - "isarray": "^2.0.5", - "object-is": "^1.1.5", - "object-keys": "^1.1.1", - "object.assign": "^4.1.4", - "regexp.prototype.flags": "^1.4.3", - "side-channel": "^1.0.4", - "which-boxed-primitive": "^1.0.2", - "which-collection": "^1.0.1", - "which-typed-array": "^1.1.9" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/define-data-property": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", - "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", - "license": "MIT", - "peer": true, - "dependencies": { - "es-define-property": "^1.0.0", - "es-errors": "^1.3.0", - "gopd": "^1.0.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/define-properties": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.2.1.tgz", - "integrity": "sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==", - "license": "MIT", - "peer": true, - "dependencies": { - "define-data-property": "^1.0.1", - "has-property-descriptors": "^1.0.0", - "object-keys": "^1.1.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/dunder-proto": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.0.tgz", - "integrity": "sha512-9+Sj30DIu+4KvHqMfLUGLFYL2PkURSYMVXJyXe92nFRvlYq5hBjLEhblKB+vkd/WVlUYMWigiY07T91Fkk0+4A==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind-apply-helpers": "^1.0.0", - "es-errors": "^1.3.0", - "gopd": "^1.2.0" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "license": "MIT", - "peer": true - }, - "node_modules/es-define-property": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", - "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/es-errors": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", - "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/es-get-iterator": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/es-get-iterator/-/es-get-iterator-1.1.3.tgz", - "integrity": "sha512-sPZmqHBe6JIiTfN5q2pEi//TwxmAFHwj/XEuYjTuse78i8KxaqMTTzxPoFKuzRpDpTJ+0NAbpfenkmH2rePtuw==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.1.3", - "has-symbols": "^1.0.3", - "is-arguments": "^1.1.1", - "is-map": "^2.0.2", - "is-set": "^2.0.2", - "is-string": "^1.0.7", - "isarray": "^2.0.5", - "stop-iteration-iterator": "^1.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/es-object-atoms": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.0.0.tgz", - "integrity": "sha512-MZ4iQ6JwHOBQjahnjwaC1ZtIBH+2ohjamzAO3oaHcXYup7qxjF2fixyH+Q71voWHeOkI2q/TnJao/KfXYIZWbw==", - "license": "MIT", - "peer": true, - "dependencies": { - "es-errors": "^1.3.0" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/escalade": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", - "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/eslint-config-riot": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/eslint-config-riot/-/eslint-config-riot-1.0.0.tgz", - "integrity": "sha512-NB/L/1Y30qyJcG5xZxCJKW/+bqyj+llbcCwo9DEz8bESIP0SLTOQ8T1DWCCFc+wJ61AMEstj4511PSScqMMfCw==", - "license": "MIT", - "peer": true - }, - "node_modules/esprima": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", - "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", - "license": "BSD-2-Clause", - "peer": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/esprima-next": { - "version": "5.8.4", - "resolved": "https://registry.npmjs.org/esprima-next/-/esprima-next-5.8.4.tgz", - "integrity": "sha512-8nYVZ4ioIH4Msjb/XmhnBdz5WRRBaYqevKa1cv9nGJdCehMbzZCPNEEnqfLCZVetUVrUPEcb5IYyu1GG4hFqgg==", - "license": "BSD-2-Clause", - "peer": true, - "bin": { - "esparse": "bin/esparse.js", - "esvalidate": "bin/esvalidate.js" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/follow-redirects": { - "version": "1.15.9", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.9.tgz", - "integrity": "sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==", - "funding": [ - { - "type": "individual", - "url": "https://github.com/sponsors/RubenVerborgh" - } - ], - "license": "MIT", - "peer": true, - "engines": { - "node": ">=4.0" - }, - "peerDependenciesMeta": { - "debug": { - "optional": true - } - } - }, - "node_modules/for-each": { - "version": "0.3.3", - "resolved": "https://registry.npmjs.org/for-each/-/for-each-0.3.3.tgz", - "integrity": "sha512-jqYfLp7mo9vIyQf8ykW2v7A+2N4QjeCeI5+Dz9XraiO1ign81wjiH7Fb9vSOWvQfNtmSa4H2RoQTrrXivdUZmw==", - "license": "MIT", - "peer": true, - "dependencies": { - "is-callable": "^1.1.3" - } - }, - "node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "license": "MIT", - "peer": true, - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "license": "MIT", - "peer": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/functions-have-names": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/functions-have-names/-/functions-have-names-1.2.3.tgz", - "integrity": "sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ==", - "license": "MIT", - "peer": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/get-caller-file": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", - "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "license": "ISC", - "peer": true, - "engines": { - "node": "6.* || 8.* || >= 10.*" - } - }, - "node_modules/get-intrinsic": { - "version": "1.2.6", - "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.6.tgz", - "integrity": "sha512-qxsEs+9A+u85HhllWJJFicJfPDhRmjzoYdl64aMWW9yRIJmSyxdn8IEkuIM530/7T+lv0TIHd8L6Q/ra0tEoeA==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind-apply-helpers": "^1.0.1", - "dunder-proto": "^1.0.0", - "es-define-property": "^1.0.1", - "es-errors": "^1.3.0", - "es-object-atoms": "^1.0.0", - "function-bind": "^1.1.2", - "gopd": "^1.2.0", - "has-symbols": "^1.1.0", - "hasown": "^2.0.2", - "math-intrinsics": "^1.0.0" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/gopd": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", - "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/has-bigints": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/has-bigints/-/has-bigints-1.0.2.tgz", - "integrity": "sha512-tSvCKtBr9lkF0Ex0aQiP9N+OpV4zi2r/Nee5VkRDbaqv35RLYMzbwQfFSZZH0kR+Rd6302UJZ2p/bJCEoR3VoQ==", - "license": "MIT", - "peer": true, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/has-property-descriptors": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", - "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", - "license": "MIT", - "peer": true, - "dependencies": { - "es-define-property": "^1.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/has-symbols": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", - "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/has-tostringtag": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", - "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", - "license": "MIT", - "peer": true, - "dependencies": { - "has-symbols": "^1.0.3" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", - "license": "ISC", - "peer": true - }, - "node_modules/internal-slot": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/internal-slot/-/internal-slot-1.0.7.tgz", - "integrity": "sha512-NGnrKwXzSms2qUUih/ILZ5JBqNTSa1+ZmP6flaIp6KmSElgE9qdndzS3cqjrDovwFdmwsGsLdeFgB6suw+1e9g==", - "license": "MIT", - "peer": true, - "dependencies": { - "es-errors": "^1.3.0", - "hasown": "^2.0.0", - "side-channel": "^1.0.4" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/is-arguments": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/is-arguments/-/is-arguments-1.1.1.tgz", - "integrity": "sha512-8Q7EARjzEnKpt/PCD7e1cgUS0a6X8u5tdSiMqXhojOdoV9TsMsiO+9VLC5vAmO8N7/GmXn7yjR8qnA6bVAEzfA==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.2", - "has-tostringtag": "^1.0.0" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-array-buffer": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/is-array-buffer/-/is-array-buffer-3.0.4.tgz", - "integrity": "sha512-wcjaerHw0ydZwfhiKbXJWLDY8A7yV7KhjQOpb83hGgGfId/aQa4TOvwyzn2PuswW2gPCYEL/nEAiSVpdOj1lXw==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.2.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-bigint": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-bigint/-/is-bigint-1.1.0.tgz", - "integrity": "sha512-n4ZT37wG78iz03xPRKJrHTdZbe3IicyucEtdRsV5yglwc3GyUfbAfpSeD0FJ41NbUNSt5wbhqfp1fS+BgnvDFQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "has-bigints": "^1.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-boolean-object": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/is-boolean-object/-/is-boolean-object-1.2.0.tgz", - "integrity": "sha512-kR5g0+dXf/+kXnqI+lu0URKYPKgICtHGGNCDSB10AaUFj3o/HkB3u7WfpRBJGFopxxY0oH3ux7ZsDjLtK7xqvw==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.7", - "has-tostringtag": "^1.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-buffer": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", - "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", - "license": "MIT", - "peer": true - }, - "node_modules/is-callable": { - "version": "1.2.7", - "resolved": "https://registry.npmjs.org/is-callable/-/is-callable-1.2.7.tgz", - "integrity": "sha512-1BC0BVFhS/p0qtw6enp8e+8OD0UrK0oFLztSjNzhcKA3WDuJxxAPXzPuPtKkjEY9UUoEWlX/8fgKeu2S8i9JTA==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-date-object": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/is-date-object/-/is-date-object-1.0.5.tgz", - "integrity": "sha512-9YQaSxsAiSwcvS33MBk3wTCVnWK+HhF8VZR2jRxehM16QcVOdHqPn4VPHmRK4lSr38n9JriurInLcP90xsYNfQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "has-tostringtag": "^1.0.0" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-fullwidth-code-point": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", - "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=8" - } - }, - "node_modules/is-generator-function": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/is-generator-function/-/is-generator-function-1.0.10.tgz", - "integrity": "sha512-jsEjy9l3yiXEQ+PsXdmBwEPcOxaXWLspKdplFUVI9vq1iZgIekeC0L167qeu86czQaxed3q/Uzuw0swL0irL8A==", - "license": "MIT", - "peer": true, - "dependencies": { - "has-tostringtag": "^1.0.0" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-map": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/is-map/-/is-map-2.0.3.tgz", - "integrity": "sha512-1Qed0/Hr2m+YqxnM09CjA2d/i6YZNfF6R2oRAOj36eUdS6qIV/huPJNSEpKbupewFs+ZsJlxsjjPbc0/afW6Lw==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-nan": { - "version": "1.3.2", - "resolved": "https://registry.npmjs.org/is-nan/-/is-nan-1.3.2.tgz", - "integrity": "sha512-E+zBKpQ2t6MEo1VsonYmluk9NxGrbzpeeLC2xIViuO2EjU2xsXsBPwTr3Ykv9l08UYEVEdWeRZNouaZqF6RN0w==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.0", - "define-properties": "^1.1.3" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-number-object": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-number-object/-/is-number-object-1.1.0.tgz", - "integrity": "sha512-KVSZV0Dunv9DTPkhXwcZ3Q+tUc9TsaE1ZwX5J2WMvsSGS6Md8TFPun5uwh0yRdrNerI6vf/tbJxqSx4c1ZI1Lw==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.7", - "has-tostringtag": "^1.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-regex": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.2.1.tgz", - "integrity": "sha512-MjYsKHO5O7mCsmRGxWcLWheFqN9DJ/2TmngvjKXihe6efViPqc274+Fx/4fYj/r03+ESvBdTXK0V6tA3rgez1g==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bound": "^1.0.2", - "gopd": "^1.2.0", - "has-tostringtag": "^1.0.2", - "hasown": "^2.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-set": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/is-set/-/is-set-2.0.3.tgz", - "integrity": "sha512-iPAjerrse27/ygGLxw+EBR9agv9Y6uLeYVJMu+QNCoouJ1/1ri0mGrcWpfCqFZuzzx3WjtwxG098X+n4OuRkPg==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-shared-array-buffer": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/is-shared-array-buffer/-/is-shared-array-buffer-1.0.3.tgz", - "integrity": "sha512-nA2hv5XIhLR3uVzDDfCIknerhx8XUKnstuOERPNNIinXG7v9u+ohXF67vxm4TPTEPU6lm61ZkwP3c9PCB97rhg==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.7" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-string": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-string/-/is-string-1.1.0.tgz", - "integrity": "sha512-PlfzajuF9vSo5wErv3MJAKD/nqf9ngAs1NFQYm16nUYFO2IzxJ2hcm+IOCg+EEopdykNNUhVq5cz35cAUxU8+g==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.7", - "has-tostringtag": "^1.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-symbol": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-symbol/-/is-symbol-1.1.0.tgz", - "integrity": "sha512-qS8KkNNXUZ/I+nX6QT8ZS1/Yx0A444yhzdTKxCzKkNjQ9sHErBxJnJAgh+f5YhusYECEcjo4XcyH87hn6+ks0A==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.7", - "has-symbols": "^1.0.3", - "safe-regex-test": "^1.0.3" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-typed-array": { - "version": "1.1.13", - "resolved": "https://registry.npmjs.org/is-typed-array/-/is-typed-array-1.1.13.tgz", - "integrity": "sha512-uZ25/bUAlUY5fR4OKT4rZQEBrzQWYV9ZJYGGsUmEJ6thodVJ1HX64ePQ6Z0qPWP+m+Uq6e9UugrE38jeYsDSMw==", - "license": "MIT", - "peer": true, - "dependencies": { - "which-typed-array": "^1.1.14" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-weakmap": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/is-weakmap/-/is-weakmap-2.0.2.tgz", - "integrity": "sha512-K5pXYOm9wqY1RgjpL3YTkF39tni1XajUIkawTLUo9EZEVUFga5gSQJF8nNS7ZwJQ02y+1YCNYcMh+HIf1ZqE+w==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/is-weakset": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/is-weakset/-/is-weakset-2.0.3.tgz", - "integrity": "sha512-LvIm3/KWzS9oRFHugab7d+M/GcBXuXX5xZkzPmN+NxihdQlZUQ4dWuSV1xR/sq6upL1TJEDrfBgRepHFdBtSNQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.7", - "get-intrinsic": "^1.2.4" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/isarray": { - "version": "2.0.5", - "resolved": "https://registry.npmjs.org/isarray/-/isarray-2.0.5.tgz", - "integrity": "sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw==", - "license": "MIT", - "peer": true - }, - "node_modules/jmespath": { - "version": "0.16.0", - "resolved": "https://registry.npmjs.org/jmespath/-/jmespath-0.16.0.tgz", - "integrity": "sha512-9FzQjJ7MATs1tSpnco1K6ayiYE3figslrXA72G2HQ/n76RzvYlofyi5QM+iX4YRs/pu3yzxlVQSST23+dMDknw==", - "license": "Apache-2.0", - "peer": true, - "engines": { - "node": ">= 0.6.0" - } - }, - "node_modules/js-base64": { - "version": "3.7.2", - "resolved": "https://registry.npmjs.org/js-base64/-/js-base64-3.7.2.tgz", - "integrity": "sha512-NnRs6dsyqUXejqk/yv2aiXlAvOs56sLkX6nUdeaNezI5LFFLlsZjOThmwnrcwh5ZZRwZlCMnVAY3CvhIhoVEKQ==", - "license": "BSD-3-Clause", - "peer": true - }, - "node_modules/jssha": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/jssha/-/jssha-3.3.1.tgz", - "integrity": "sha512-VCMZj12FCFMQYcFLPRm/0lOBbLi8uM2BhXPTqw3U4YAfs4AZfiApOoBLoN8cQE60Z50m1MYMTQVCfgF/KaCVhQ==", - "license": "BSD-3-Clause", - "peer": true, - "engines": { - "node": "*" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", - "license": "MIT", - "peer": true - }, - "node_modules/luxon": { - "version": "3.4.4", - "resolved": "https://registry.npmjs.org/luxon/-/luxon-3.4.4.tgz", - "integrity": "sha512-zobTr7akeGHnv7eBOXcRgMeCP6+uyYsczwmeRCauvpvaAltgNyTbLH/+VaEAPUeWBT+1GuNmz4wC/6jtQzbbVA==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=12" - } - }, - "node_modules/marked": { - "version": "11.2.0", - "resolved": "https://registry.npmjs.org/marked/-/marked-11.2.0.tgz", - "integrity": "sha512-HR0m3bvu0jAPYiIvLUUQtdg1g6D247//lvcekpHO1WMvbwDlwSkZAX9Lw4F4YHE1T0HaaNve0tuAWuV1UJ6vtw==", - "license": "MIT", - "bin": { - "marked": "bin/marked.js" - }, - "engines": { - "node": ">= 18" - } - }, - "node_modules/math-intrinsics": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.0.0.tgz", - "integrity": "sha512-4MqMiKP90ybymYvsut0CH2g4XWbfLtmlCkXmtmdcDCxNB+mQcu1w/1+L/VD7vi/PSv7X2JYV7SCcR+jiPXnQtA==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/md5": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/md5/-/md5-2.3.0.tgz", - "integrity": "sha512-T1GITYmFaKuO91vxyoQMFETst+O71VUPEU3ze5GNzDm0OWdP8v1ziTaAEPUr/3kLsY3Sftgz242A1SetQiDL7g==", - "license": "BSD-3-Clause", - "peer": true, - "dependencies": { - "charenc": "0.0.2", - "crypt": "0.0.2", - "is-buffer": "~1.1.6" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "license": "MIT", - "peer": true, - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/n8n-nodes-turndown-html-to-markdown": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/n8n-nodes-turndown-html-to-markdown/-/n8n-nodes-turndown-html-to-markdown-1.0.5.tgz", - "integrity": "sha512-Vd0ro0DFmF+vdYCURtD9YDIWzvLF5lU+4NhnvlZuJrpiuH2RlFtM1STs379KqfWZeIffbvXlF+wfioZ0BGwsuw==", - "license": "MIT", - "dependencies": { - "marked": "^11.0.0", - "turndown": "^7.1.2" - } - }, - "node_modules/n8n-nodes-vikunja": { - "version": "0.2.0", - "resolved": "https://registry.npmjs.org/n8n-nodes-vikunja/-/n8n-nodes-vikunja-0.2.0.tgz", - "integrity": "sha512-ivRnezLO5kD17IjTKI2jFB/FCrJlEIjDsn9Dnrcefec9lspShUz/O8YQMifbsNk80JHwBRzRl+EEnHaThxCXwA==", - "license": "MIT", - "peerDependencies": { - "n8n-workflow": "*" - } - }, - "node_modules/n8n-workflow": { - "version": "1.70.0", - "resolved": "https://registry.npmjs.org/n8n-workflow/-/n8n-workflow-1.70.0.tgz", - "integrity": "sha512-suA+HJfpsggRAegtz8TQbgRgyPBgnDSVdacJJsaijH6lYaTb5yw3/bhiY/SvdfJdLzZ/E4UCswsSCVGfAGEs3A==", - "license": "SEE LICENSE IN LICENSE.md", - "peer": true, - "dependencies": { - "@n8n_io/riot-tmpl": "4.0.0", - "@n8n/tournament": "1.0.5", - "ast-types": "0.15.2", - "axios": "1.7.4", - "callsites": "3.1.0", - "deep-equal": "2.2.0", - "esprima-next": "5.8.4", - "form-data": "4.0.0", - "jmespath": "0.16.0", - "js-base64": "3.7.2", - "jssha": "3.3.1", - "lodash": "4.17.21", - "luxon": "3.4.4", - "md5": "2.3.0", - "recast": "0.21.5", - "title-case": "3.0.3", - "transliteration": "2.3.5", - "xml2js": "0.6.2" - } - }, - "node_modules/object-inspect": { - "version": "1.13.3", - "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.3.tgz", - "integrity": "sha512-kDCGIbxkDSXE3euJZZXzc6to7fCrKHNI/hSRQnRuQ+BWjFNzZwiFF8fj/6o2t2G9/jTj8PSIYTfCLelLZEeRpA==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/object-is": { - "version": "1.1.6", - "resolved": "https://registry.npmjs.org/object-is/-/object-is-1.1.6.tgz", - "integrity": "sha512-F8cZ+KfGlSGi09lJT7/Nd6KJZ9ygtvYC0/UYYLI9nmQKLMnydpB9yvbv9K1uSkEu7FU9vYPmVwLg328tX+ot3Q==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.7", - "define-properties": "^1.2.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/object-keys": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz", - "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/object.assign": { - "version": "4.1.5", - "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.5.tgz", - "integrity": "sha512-byy+U7gp+FVwmyzKPYhW2h5l3crpmGsxl7X2s8y43IgxvG4g3QZ6CffDtsNQy1WsmZpQbO+ybo0AlW7TY6DcBQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.5", - "define-properties": "^1.2.1", - "has-symbols": "^1.0.3", - "object-keys": "^1.1.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/possible-typed-array-names": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/possible-typed-array-names/-/possible-typed-array-names-1.0.0.tgz", - "integrity": "sha512-d7Uw+eZoloe0EHDIYoe+bQ5WXnGMOpmiZFTuMWCwpjzzkL2nTjcKiAk4hh8TjnGye2TwWOk3UXucZ+3rbmBa8Q==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/proxy-from-env": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", - "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==", - "license": "MIT", - "peer": true - }, - "node_modules/recast": { - "version": "0.21.5", - "resolved": "https://registry.npmjs.org/recast/-/recast-0.21.5.tgz", - "integrity": "sha512-hjMmLaUXAm1hIuTqOdeYObMslq/q+Xff6QE3Y2P+uoHAg2nmVlLBps2hzh1UJDdMtDTMXOFewK6ky51JQIeECg==", - "license": "MIT", - "peer": true, - "dependencies": { - "ast-types": "0.15.2", - "esprima": "~4.0.0", - "source-map": "~0.6.1", - "tslib": "^2.0.1" - }, - "engines": { - "node": ">= 4" - } - }, - "node_modules/regexp.prototype.flags": { - "version": "1.5.3", - "resolved": "https://registry.npmjs.org/regexp.prototype.flags/-/regexp.prototype.flags-1.5.3.tgz", - "integrity": "sha512-vqlC04+RQoFalODCbCumG2xIOvapzVMHwsyIGM/SIE8fRhFFsXeH8/QQ+s0T0kDAhKc4k30s73/0ydkHQz6HlQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.7", - "define-properties": "^1.2.1", - "es-errors": "^1.3.0", - "set-function-name": "^2.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/safe-regex-test": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/safe-regex-test/-/safe-regex-test-1.0.3.tgz", - "integrity": "sha512-CdASjNJPvRa7roO6Ra/gLYBTzYzzPyyBXxIMdGW3USQLyjWEls2RgW5UBTXaQVp+OrpeCK3bLem8smtmheoRuw==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bind": "^1.0.6", - "es-errors": "^1.3.0", - "is-regex": "^1.1.4" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/sax": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/sax/-/sax-1.4.1.tgz", - "integrity": "sha512-+aWOz7yVScEGoKNd4PA10LZ8sk0A/z5+nXQG5giUO5rprX9jgYsTdov9qCchZiPIZezbZH+jRut8nPodFAX4Jg==", - "license": "ISC", - "peer": true - }, - "node_modules/set-function-length": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", - "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", - "license": "MIT", - "peer": true, - "dependencies": { - "define-data-property": "^1.1.4", - "es-errors": "^1.3.0", - "function-bind": "^1.1.2", - "get-intrinsic": "^1.2.4", - "gopd": "^1.0.1", - "has-property-descriptors": "^1.0.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/set-function-name": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/set-function-name/-/set-function-name-2.0.2.tgz", - "integrity": "sha512-7PGFlmtwsEADb0WYyvCMa1t+yke6daIG4Wirafur5kcf+MhUnPms1UeR0CKQdTZD81yESwMHbtn+TR+dMviakQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "define-data-property": "^1.1.4", - "es-errors": "^1.3.0", - "functions-have-names": "^1.2.3", - "has-property-descriptors": "^1.0.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/side-channel": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz", - "integrity": "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==", - "license": "MIT", - "peer": true, - "dependencies": { - "es-errors": "^1.3.0", - "object-inspect": "^1.13.3", - "side-channel-list": "^1.0.0", - "side-channel-map": "^1.0.1", - "side-channel-weakmap": "^1.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/side-channel-list": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.0.tgz", - "integrity": "sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==", - "license": "MIT", - "peer": true, - "dependencies": { - "es-errors": "^1.3.0", - "object-inspect": "^1.13.3" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/side-channel-map": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/side-channel-map/-/side-channel-map-1.0.1.tgz", - "integrity": "sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bound": "^1.0.2", - "es-errors": "^1.3.0", - "get-intrinsic": "^1.2.5", - "object-inspect": "^1.13.3" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/side-channel-weakmap": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz", - "integrity": "sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A==", - "license": "MIT", - "peer": true, - "dependencies": { - "call-bound": "^1.0.2", - "es-errors": "^1.3.0", - "get-intrinsic": "^1.2.5", - "object-inspect": "^1.13.3", - "side-channel-map": "^1.0.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/source-map": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "license": "BSD-3-Clause", - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/stop-iteration-iterator": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/stop-iteration-iterator/-/stop-iteration-iterator-1.0.0.tgz", - "integrity": "sha512-iCGQj+0l0HOdZ2AEeBADlsRC+vsnDsZsbdSiH1yNSjcfKM7fdpCMfqAL/dwF5BLiw/XhRft/Wax6zQbhq2BcjQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "internal-slot": "^1.0.4" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "license": "MIT", - "peer": true, - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "license": "MIT", - "peer": true, - "dependencies": { - "ansi-regex": "^5.0.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/title-case": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/title-case/-/title-case-3.0.3.tgz", - "integrity": "sha512-e1zGYRvbffpcHIrnuqT0Dh+gEJtDaxDSoG4JAIpq4oDFyooziLBIiYQv0GBT4FUAnUop5uZ1hiIAj7oAF6sOCA==", - "license": "MIT", - "peer": true, - "dependencies": { - "tslib": "^2.0.3" - } - }, - "node_modules/transliteration": { - "version": "2.3.5", - "resolved": "https://registry.npmjs.org/transliteration/-/transliteration-2.3.5.tgz", - "integrity": "sha512-HAGI4Lq4Q9dZ3Utu2phaWgtm3vB6PkLUFqWAScg/UW+1eZ/Tg6Exo4oC0/3VUol/w4BlefLhUUSVBr/9/ZGQOw==", - "license": "MIT", - "peer": true, - "dependencies": { - "yargs": "^17.5.1" - }, - "bin": { - "slugify": "dist/bin/slugify", - "transliterate": "dist/bin/transliterate" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/tslib": { - "version": "2.8.1", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", - "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==", - "license": "0BSD", - "peer": true - }, - "node_modules/turndown": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/turndown/-/turndown-7.2.0.tgz", - "integrity": "sha512-eCZGBN4nNNqM9Owkv9HAtWRYfLA4h909E/WGAWWBpmB275ehNhZyk87/Tpvjbp0jjNl9XwCsbe6bm6CqFsgD+A==", - "license": "MIT", - "dependencies": { - "@mixmark-io/domino": "^2.2.0" - } - }, - "node_modules/util": { - "version": "0.12.5", - "resolved": "https://registry.npmjs.org/util/-/util-0.12.5.tgz", - "integrity": "sha512-kZf/K6hEIrWHI6XqOFUiiMa+79wE/D8Q+NCNAWclkyg3b4d2k7s0QGepNjiABc+aR3N1PAyHL7p6UcLY6LmrnA==", - "license": "MIT", - "peer": true, - "dependencies": { - "inherits": "^2.0.3", - "is-arguments": "^1.0.4", - "is-generator-function": "^1.0.7", - "is-typed-array": "^1.1.3", - "which-typed-array": "^1.1.2" - } - }, - "node_modules/which-boxed-primitive": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/which-boxed-primitive/-/which-boxed-primitive-1.1.0.tgz", - "integrity": "sha512-Ei7Miu/AXe2JJ4iNF5j/UphAgRoma4trE6PtisM09bPygb3egMH3YLW/befsWb1A1AxvNSFidOFTB18XtnIIng==", - "license": "MIT", - "peer": true, - "dependencies": { - "is-bigint": "^1.1.0", - "is-boolean-object": "^1.2.0", - "is-number-object": "^1.1.0", - "is-string": "^1.1.0", - "is-symbol": "^1.1.0" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/which-collection": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/which-collection/-/which-collection-1.0.2.tgz", - "integrity": "sha512-K4jVyjnBdgvc86Y6BkaLZEN933SwYOuBFkdmBu9ZfkcAbdVbpITnDmjvZ/aQjRXQrv5EPkTnD1s39GiiqbngCw==", - "license": "MIT", - "peer": true, - "dependencies": { - "is-map": "^2.0.3", - "is-set": "^2.0.3", - "is-weakmap": "^2.0.2", - "is-weakset": "^2.0.3" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/which-typed-array": { - "version": "1.1.16", - "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.16.tgz", - "integrity": "sha512-g+N+GAWiRj66DngFwHvISJd+ITsyphZvD1vChfVg6cEdnzy53GzB3oy0fUNlvhz7H7+MiqhYr26qxQShCpKTTQ==", - "license": "MIT", - "peer": true, - "dependencies": { - "available-typed-arrays": "^1.0.7", - "call-bind": "^1.0.7", - "for-each": "^0.3.3", - "gopd": "^1.0.1", - "has-tostringtag": "^1.0.2" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "license": "MIT", - "peer": true, - "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, - "node_modules/xml2js": { - "version": "0.6.2", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", - "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", - "license": "MIT", - "peer": true, - "dependencies": { - "sax": ">=0.6.0", - "xmlbuilder": "~11.0.0" - }, - "engines": { - "node": ">=4.0.0" - } - }, - "node_modules/xmlbuilder": { - "version": "11.0.1", - "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", - "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=4.0" - } - }, - "node_modules/y18n": { - "version": "5.0.8", - "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", - "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "license": "ISC", - "peer": true, - "engines": { - "node": ">=10" - } - }, - "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "license": "MIT", - "peer": true, - "dependencies": { - "cliui": "^8.0.1", - "escalade": "^3.1.1", - "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", - "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "license": "ISC", - "peer": true, - "engines": { - "node": ">=12" - } - } - } -} diff --git a/nki-personal-do/n8n/plugins/package.json b/nki-personal-do/n8n/plugins/package.json deleted file mode 100644 index 808dc54..0000000 --- a/nki-personal-do/n8n/plugins/package.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "name": "n8n-plugins", - "version": "1.0.0", - "dependencies": { - "n8n-nodes-turndown-html-to-markdown": "^1.0.5", - "n8n-nodes-vikunja": "^0.2.0" - } -} diff --git a/nki-personal-do/n8n/plugins/package.nix b/nki-personal-do/n8n/plugins/package.nix deleted file mode 100644 index a984d03..0000000 --- a/nki-personal-do/n8n/plugins/package.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ nodejs, importNpmLock }: -importNpmLock.buildNodeModules { - inherit nodejs; - npmRoot = ./.; -} diff --git a/nki-personal-do/nextcloud.nix b/nki-personal-do/nextcloud.nix new file mode 100644 index 0000000..2bb15f2 --- /dev/null +++ b/nki-personal-do/nextcloud.nix @@ -0,0 +1,67 @@ +{ lib, pkgs, config, ... }: +with lib; +let + user = "nextcloud"; + host = "cloud.dtth.ch"; + port = 61155; + + secrets = config.sops.secrets; +in +{ + sops.secrets."nextcloud/admin-password" = { owner = user; }; + sops.secrets."nextcloud/minio-secret-key" = { owner = user; key = "minio-secret-key"; }; + # database + cloud.postgresql.databases = [ user ]; + # traefik + cloud.traefik.hosts.nextcloud = { + inherit port host; + }; + systemd.services.nextcloud.requires = [ "postgresql.service" ]; + services.nextcloud = { + enable = true; + hostName = host; + package = pkgs.nextcloud26; + enableBrokenCiphersForSSE = false; + + home = "/mnt/data/nextcloud"; + https = true; + database.createLocally = false; + + extraApps = with pkgs.nextcloud26Packages.apps; { + inherit calendar contacts deck forms groupfolders news tasks; + sociallogin = pkgs.fetchNextcloudApp rec { + url = "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.4.3/release.tar.gz"; + sha256 = "sha256-ZKwtF9j9WFIk3MZgng9DmN00A73S2Rb4qbehL9adaZo="; + }; + }; + + config = { + # Database + dbtype = "pgsql"; + dbname = user; + dbuser = user; + dbhost = "/run/postgresql"; + # User + adminuser = "nki"; + adminpassFile = secrets."nextcloud/admin-password".path; + # General + overwriteProtocol = "https"; + defaultPhoneRegion = "VN"; + + objectstore.s3 = { + enable = true; + bucket = "nextcloud-dtth"; + autocreate = true; + key = "minio"; + secretFile = config.sops.secrets."nextcloud/minio-secret-key".path; + hostname = "s3.dtth.ch"; + port = 443; + useSsl = true; + usePathStyle = true; + region = "us-east-1"; + }; + }; + }; + services.nginx.virtualHosts.${host}.listen = [{ inherit port; addr = "127.0.0.1"; }]; +} + diff --git a/nki-personal-do/ntfy.nix b/nki-personal-do/ntfy.nix deleted file mode 100644 index 8299403..0000000 --- a/nki-personal-do/ntfy.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ - config, - lib, - ... -}: -{ - - sops.secrets."ntfy/env" = { - reloadUnits = [ "ntfy-sh.service" ]; - }; - - # ntfy - cloud.traefik.hosts.ntfy-sh = { - host = "ntfy.nkagami.me"; - port = 11161; - noCloudflare = true; - }; - services.ntfy-sh = { - enable = true; - settings = { - listen-http = "127.0.0.1:11161"; - cache-file = "/var/lib/ntfy-sh/cache.db"; - auth-file = "/var/lib/ntfy-sh/auth.db"; - auth-default-access = "deny-all"; - behind-proxy = true; - base-url = "https://ntfy.nkagami.me"; - attachment-cache-dir = "/var/lib/ntfy-sh/attachments"; - enable-login = true; - enable-reservations = true; - upstream-base-url = "https://ntfy.sh"; - }; - }; - systemd.services.ntfy-sh = { - serviceConfig = { - WorkingDirectory = "%S"; - StateDirectory = "ntfy-sh"; - CacheDirectory = "ntfy-sh"; - EnvironmentFile = [ config.sops.secrets."ntfy/env".path ]; - PreStart = '' - mkdir -p "$(pwd)/attachments" - ''; - }; - }; -} diff --git a/nki-personal-do/outline.nix b/nki-personal-do/outline.nix deleted file mode 100644 index ec59add..0000000 --- a/nki-personal-do/outline.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, pkgs, ... }: -{ - sops.secrets.authentik-oidc-client-secret = { - owner = "outline"; - }; - sops.secrets."outline/smtp-password" = { - owner = "outline"; - }; - sops.secrets."outline/s3-secret-key" = { - owner = "outline"; - }; - - services.outline = { - enable = true; - package = pkgs.outline.overrideAttrs (attrs: { - patches = attrs.patches or [ ] ++ [ - ../modules/cloud/outline/dtth-wiki.patch - ../modules/cloud/outline/r2.patch - ]; - }); - databaseUrl = "postgres://outline:outline@localhost/outline?sslmode=disable"; - redisUrl = "local"; - publicUrl = "https://wiki.dtth.ch"; - port = 18729; - storage = { - accessKey = "6ef730e13f172d2ed6ed77f0b5b9bad9"; - secretKeyFile = config.sops.secrets."outline/s3-secret-key".path; - region = "auto"; - uploadBucketUrl = "https://60c0807121eb35ef52cdcd4a33735fa6.r2.cloudflarestorage.com"; - uploadBucketName = "dtth-outline"; - uploadMaxSize = 50 * 1024 * 1000; - }; - maximumImportSize = 50 * 1024 * 1000; - - oidcAuthentication = { - clientId = "3a0c10e00cdcb4a1194315577fa208a747c1a5f7"; - clientSecretFile = config.sops.secrets.authentik-oidc-client-secret.path; - authUrl = "https://auth.dtth.ch/application/o/authorize/"; - tokenUrl = "https://auth.dtth.ch/application/o/token/"; - userinfoUrl = "https://auth.dtth.ch/application/o/userinfo/"; - displayName = "DTTH Account"; - }; - - smtp = { - fromEmail = "DTTH Wiki "; - replyEmail = ""; - host = "mx1.nkagami.me"; - username = "dtth.wiki@nkagami.me"; - passwordFile = config.sops.secrets."outline/smtp-password".path; - port = 465; - secure = true; - }; - - forceHttps = false; - }; - cloud.postgresql.databases = [ "outline" ]; - systemd.services.outline.requires = [ "postgresql.service" ]; - systemd.services.outline.environment = { - AWS_S3_R2 = "true"; - AWS_S3_R2_PUBLIC_URL = "https://s3.wiki.dtth.ch"; - }; - cloud.traefik.hosts.outline = { - host = "wiki.dtth.ch"; - port = 18729; - }; -} diff --git a/nki-personal-do/owncast.nix b/nki-personal-do/owncast.nix index 59482d5..01de844 100644 --- a/nki-personal-do/owncast.nix +++ b/nki-personal-do/owncast.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - lib, - ... -}: +{ pkgs, config, lib, ... }: let host = "owncast.nkagami.me"; port = 61347; diff --git a/nki-personal-do/peertube.nix b/nki-personal-do/peertube.nix index 2a9dbee..a390d90 100644 --- a/nki-personal-do/peertube.nix +++ b/nki-personal-do/peertube.nix @@ -1,27 +1,14 @@ -{ - config, - lib, - pkgs, - ... -}: +{ config, lib, pkgs, ... }: let secrets = config.sops.secrets; cfg = config.services.peertube; - user = "peertube"; host = "peertube.dtth.ch"; - dataFolder = "/mnt/data/peertube"; port = 19878; in { - sops.secrets."peertube" = { - owner = cfg.user; - restartUnits = [ "peertube.service" ]; - }; - sops.secrets."peertube-env" = { - owner = cfg.user; - restartUnits = [ "peertube.service" ]; - }; + sops.secrets."peertube" = { owner = cfg.user; restartUnits = [ "peertube.service" ]; }; + sops.secrets."peertube-env" = { owner = cfg.user; restartUnits = [ "peertube.service" ]; }; # database cloud.postgresql.databases = [ "peertube" ]; # traefik @@ -70,11 +57,15 @@ in settings.client.videos = { resumable_upload.max_chunk_size = "90MB"; }; + settings.storage = { + storyboards = "/var/lib/peertube/storage/storyboards/"; + tmp = "/mnt/data/peertube/tmp/"; + tmp_persistent = "/mnt/data/peertube/tmp_persistent/"; + web_videos = "/mnt/data/peertube/web-videos/"; + }; # Trust proxy - settings.trust_proxy = [ - "loopback" - ] ++ config.services.traefik.staticConfigOptions.entrypoints.https.forwardedHeaders.trustedIPs; + settings.trust_proxy = [ "loopback" ] ++ config.services.traefik.staticConfigOptions.entrypoints.https.forwardedHeaders.trustedIPs; # Federation settings.federation = { @@ -83,26 +74,7 @@ in videos.cleanup_remote_interactions = true; }; - dataDirs = [ - "/var/lib/peertube" - "/mnt/data/peertube" - ]; - }; - - systemd.services.peertube = { - requires = [ "arion-authentik.service" ]; - after = [ "arion-authentik.service" ]; - unitConfig.RequiresMountsFor = [ dataFolder ]; - }; - systemd.tmpfiles.settings."10-peertube" = { - # The service hard-codes a lot of paths here, so it's nicer if we just symlink - "/var/lib/peertube"."L+" = { - argument = dataFolder; - }; - ${dataFolder}."d" = { - user = user; - group = user; - mode = "0700"; - }; + dataDirs = [ "/var/lib/peertube" "/mnt/data/peertube" ]; }; } + diff --git a/nki-personal-do/phanpy.nix b/nki-personal-do/phanpy.nix index d54a511..b2c1438 100644 --- a/nki-personal-do/phanpy.nix +++ b/nki-personal-do/phanpy.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: let host = "social.dtth.ch"; port = 61010; @@ -11,12 +6,11 @@ in { cloud.traefik.hosts.phanpy = { inherit host port; }; services.nginx.virtualHosts.phanpy = { - listen = [ - { - inherit port; - addr = "127.0.0.1"; - } - ]; + listen = [{ + inherit port; + addr = "127.0.0.1"; + }]; root = "${pkgs.dtth-phanpy}/lib/phanpy"; }; } + diff --git a/nki-personal-do/secrets/secrets.yaml b/nki-personal-do/secrets/secrets.yaml index 2be5c88..374f850 100644 --- a/nki-personal-do/secrets/secrets.yaml +++ b/nki-personal-do/secrets/secrets.yaml @@ -2,19 +2,20 @@ tinc: ed25519-private-key: ENC[AES256_GCM,data:HE5xtTb9BVn+5icNDivyvo4gXMXyd0dYjXyKsLfpf/6CDgYZzpBeCTEriedBnyFDqHHCuarS6Y6Tqc2DdeZ3dN1WeaLXFKYxpCGWKHu7Zjp/aZavpdYcqYJvr8GVy+bsImzg9P1lR2h8V+KdQAaT+RgnoiIQPY0f95JO9RmcJSog9h8j1UBixWdNK3n9sDAE+cstI3MUFr93u1vy1wRV/Nt9Aktcz+TAagM55YD/bep00rG3HIYr1y8+gjhKM+zovEQQOvTg+0I=,iv:JJT6kd3laU/e79YJSl0MQRG0iFHSvdlMJAbKwYDVH3A=,tag:EQp8i7OaEtxhVM5lRC8Vyw==,type:str] rsa-private-key: ENC[AES256_GCM,data:fDCdIxS48TG0Uil9n0/2d0HLfNXK2YsaP+6MC0BtP+y+Qbd7zSAfehDRnzO+1tQ9kc7qKnuO49DVybdJO41J7lG+zn9uhU+rnUOHmgOg4AejO4znSNz2ZVo4y7GIGH7HB4WWs/OJApkt9ja//PXf8VNxZx9aYKhL7rLYYmnmm64IMx8Ip3WHCwgSm9V//yBHDchSSxmnVc1CId9Tp7yJjgHNz8X2UpSdSUlowhhAOVEgmjkLmJ3XxlNS7rifcXREBvEENdauMcefw38h90tfgO9oU6STev7UOT4B4p/IqQjBt9eKDuQ+w7VpyaWHqRy0uQlCfiknXxL6I77N3+HgeQKgicJBXxlbO1/1tMMAPd8Kf/Dqg1mo44VwqKgBgZ1KfQYf4PNz/EIMCYtsivmbk7DKYyIFivPdJJSzm5sKzKCZvWpaJagvRrP4uxadh8l5HxihiU1eaGAx51MC7Rw1/9b5/dI3Hs5kCUUuEycE0piXaUpEyFii5N9/lT4dFGIF/L6CpElZeUjyO3G4TCP+YM+RW/acyLJNMS4sFDRjLNMdE99F68xQXYukYvv2CjR8QKf2SFrrydSLPHCQ1vZlkwz8VZ/lsAUIoalmqRm7mlsFglyn2j3g3GNbxX7Sn+CylmdhQhCa7S9Alt5+PlJeiYiV/k/MY0qtdF2KghKM+LA3vLoO36JcYhirAjGCabwoSL3UXdzN4rRPA/twly9MhHK4S6hEk9Nh7+waIqbeG/Fyq2BNMy/ZQb6E9TJarqEnK0JUZYxKdtIwl/1KCqasiKXA06+Yt9d0PepX71KWYjaWET1ZfmqLPvDa2/PgmmSNXz3sV8tEBl5bcjmwHk1Nvh7K6B1tNVE74TUgRRGFgbofbuo8XHfhICVmleaemllHHeVO2EwTNUWRHkoktrfyOzIuP1QI4jxIiLjx/ONp3xWfDVw0cpYtMOs1QAWzkEV+YSDyOcVLifYP+5B5Htj2PTfsAV7ptZFdQI2U1Fm0uivRWzkdEeVSrcnnuPHdGdYhrqU6Er67xgqXI7L1Oc+ku0rVXu/zIiA5XEYKWDd1Da8WgwMRgC5XqOl4VaEHDgs2MCIxF+QKQg9PQRy1p033w9BWDyAKxaDxJZaaPRS6UVKjuxDUSlons/kRMwQ3XsoPF5gTFfapX71lxvg+0GkLVh3RLRgEvTvfA5UoZz1tCDChGIZyLsFU6yBtUd5FMhRLMnup3ujdLgkk2ekxZ3iykeuNPSIz4QjrLSzq8htcNbmXxWuD9EYjFii1AnCUlWX1+o9c+hyV7A6rkugIZJ1aop0TWtoQoEhMN6nbdi/uImqh++Ez0iGlybTr5ynu5oRAjvrCMwHT6u8HolBdqPQP213fWvNNaIbLbUNRyYbZRlNrSa8DeSU/BIGEzfCfG0b9UF4ggES4V261ighdM/sDwwT7D10IKpAPYiupigY0x2Lb+s7LBGUcXcxcWR9kHpYM2CpyNUtVApbR79xoR83nTe0h9sVFYp+XkV7qF9QjY3Pq7CTqKWJJdiPOHvU1vPAIFAmygj5SRuhCXuQvrJTzX8Dpe0hfXNH31CmniESuP7veAmTcxL3DPHANRY0Lf5/NEbQAdOmxCSxmbfFKB/03xAy5X5q/OvL2XEfDmOmYXQV2wD097Co7ENbq7R6eHY6rutg5Szz5giGwSgC6Fszviw963faaol1d4KtqLCdRXhV26nKraHuwnhB9UR5CyY3LLsx6fpvQoa+nKzJMaiUyzhJSaXPb+IJgPcEBOFAdXm/hW/eSM7ZoQ40CNue6hWzO0BnKbPcE7dUEcWgKV0R8e1G9amxFaPOQ3hw4EoxCUH4g155tao42dnDx9/CDIaqEcDGwwP26/JKO9c6yRMjPwwOr3/hr8hJtUPXQPJ/LyolEx1PiHGJWveiKVIJ85uplf/L971Vwm98C8WTqiPi2AmO29pNbOd1u/6+fi453x3O9CUb5w8fxney4dFaSTf5wOGSIGuas4XOwNAAupeaIyuA3BCX0ormcd1gzT1B/ujq0biRceD+YLRaPWswoKtoe3t8wrOmDi9u14AePaKdh6/qE6w/3a9NNC7qp7A8srQ1R/BSWiQ9UBmS49kjkmiHW9qLdbz30K/k1P4W5byqtoOG/2GK78fksqey8Y0852+roE0MhV27XAJD5RFViev+XPJfpHLNjAz/DotdKTASfbmSYFK3iRhzvgZMaSOmmX0xyMSsEn54Zt1RgG0NNxqJTzZgdkrRUlILe/Efeno4Z1JEUjGowGba67kUsXw94xBKzxz61rPxe90dXsa81wdkzYg4CnFRXmHvt62/9yv1KSyYPUqRhCheRwuMpmd2cf6/O9zrwSdipcZT/6vucbOZFT/nG8CWZCA3fUisD6f3kyDIG/nDzDsa3qaSsYzUFm7PMsnm2nBd2Mjy/U9rotrrfAkVmVwzue3l8r2QCnrZBhYQgDFxqDB9odKC4dFYzvb1LLzpRkdf0k4sT3hFw2Can8taEhYu+L4OYPvm/f06ngJvEHxiZLbvkA4G6483scLQWHJt+80SlgAVOPXWe9VluJmrf2v/ZXYfTL6goUTrzykU2fsSjTgeTBIwTON+kjW2d6dvxcnpJNPGPdXsbAAVvSJ1/TEa1gHyvMvZGyxvtuWhHWs+wmDHLURW6BE/RXqx+NmfM6M+WTP0ueF4DCs6IrxCcXjCY7nFeL3pd1TpuSK+kuLwdYS6s/7fLd6pIcKtZl4UzoTqt/QlgFAlhfJKA8F1Rc6k0r57ESmElCgynZ/9JbEDQA//1LU54bAmfuoYY20HBjKYzoPWCp1xcWMKaiCD6ff+qPZ++L93rDzGXtOk2iuv8s6+Y/SsorbKKphRt6LGKdfHV/hw302si6QAWa0L9kURKnr5mKeLGJfweoBP41Lwd7upKx18/2fEpYCGndJ7uTfyDqmaKJwZeqkwg+K2Z+WiPYh+RlCilsc2fQyi5TokpPpi+BTC30j3ylob7rdZOm4eFkTdx/khwqygg6XRhUt2Y8MHeDW3oPCaSWFvulz/qyne94xMVOzKBK03tNXaLHOSnRzyIL5qSMZAMyoJOEBALVkPnHOpNS8eutWmKf/eFcN903oKA4hKUrn9qWMdcHXwEvwyVwOvveJgL1ws6jOPFvUc9zhtyQ5MUlW66UymFp9NSKiCkDeIsjCPiBSoyp8JYj4pXnzGG+nR3f0VLocfA/jseH3rVU2qLauM5iNnoObCuupDkvhECHZs9Zy2ksJgftxD5ezTZ6AgUB9SeMqxbU2m6jZFfU7Uak0+YcSUK8tsspzhtNRRptYj1J88S/YtIuaBH4fA6Z2QPZ6q6Jk6+uSJ0JeQ/DbQbCcPcPsU+5fd0rRJHNnk0UTyTM5QnLfDcS0H5+bwupPR8EwO6vncLBYvAhmoQygFBJHp6qKzAZuat3Yd83PN/JIbzu1ceHrt4ewSyPoBZ0Wo57N9+QV6Kqr0GFMv2ZajQEs6QDFpbFL1VF89R02H3BGgpimQNURk12wL4kB5J9wF5Mj4U7jFkVkdrQeVMr3YLgzT4a8Wrfvxo+IItCHQEFiFFwqCAlIsUtm4lVBhu4Hz0OXn//ZbQEzPp78IQG/BV568EfKYl7DNzeRrLojGCUv/GjgjZf2cGY4h7EdYWWjKFEytRk9fbdOv3QPlClDbCwFW9k73G1h0C8k/VYIAQdr5esPWFb/rJBdiIK7BlqvLezXWfuozbDXWzjYMGs+pLqmjKOzfLOnR2jI8nEavrhLR6ok+iPnmd+yoDx6zchmqKvoVzqzz9KfaYOPU51/VQeyPgBiK7/+C8Bx+8323sUEbD8jp+1VMwb5hSdfJTdlB6MmAwf9NgdodjRPDzHCoYAQoTI7A6UnWoq3yOKV2+tfZiwusxgHRTuSrjqNUukDgKHDjz38YRaD3sr4ZA3Zr20ZUkIia3G68KPwlKWu5/2qdYCm4u/48qZjbZsBHKGtrvlukq9XQVLgPbGB4U4dzmJHS4gByMWJ36nBR5ye4YalSM+dgTuNe+vxSl3lKZ1BKfGXEv3AdjQcHrp0IDxsXlgBnVJC3SNW/aXhK6c+JYAsfwAMpcPQoaZXwBmp6sbl8lmb4WuQlrbCTR43G5JY0TZhmWeLHoG7u52ZVolpnpOIixB7EVBEaCXTZVgEZRSEKVV1wvKyjqzzqtFIp7nqCYSjdFSVyylaKhxeZ7+hnTY9ExJFBYforsJh/JxRS53I117gRO4SvNC4tbYHrGl7PJZ6tFaYwy8Th51YG2i6j8ch21k0bntOrmXr7y+R3DIek7nUmeOSaIuyCB+YsUMXJ/uje2RcO4FAY7Psig+r6OSawv7efjlqScw1hcY42xY3FgU74YdpaArlI5g8h3qSDWPXcMaazef9WGS4T7jkqm2hb+mP5PeHrVBvXNz0bSknWE7G09vU3Wr1oP4MA3JRbcOWP5NREuospcBT6fxLjiEzALAs9RQZN2sREiUkOgr9x08SHPwGEv/ZgBjeL9SJ84t/A0SxdhmKUmvZb8h2IeVPxtmgBx7BBGYpd2suV5wa2yl3SU7TR/Y87ZU082w57afYuESpTbzkM31JT3MbJnPryfPtFJuUvugropCtGwAw7wwGFNHIrLdXKvxpb8Mi61wDVg+SkUBT5nP5C/XRilDPjJiGrrNB1U4++CKF63g69UJwsjBwm3jLnik7CVnMS6mK9chcuZ4F9i9b4ASFCS+CXbOHO3hzTPV+sd+HPFumz8RvMJUbLSJJpPc8fZHEmhbvvRnWaqIA7/6UwoL2lpNArCBjROunRvN2M2VuAmTowynp6q4vglK1iVrH7oFvA6HBZcn8n+lC4zddpuuD3WQDI3O3trR9qgoELbtv8q2RQrXhynUGOdoW3sxwvt3zZd/CZcmvMfDyvT3dsAYPxChtO+RXsQ7PKjPcHmJ48Fq4JJMSANzRpfvaWgszaXiy0pAyGobQO3AR9sPQ2vFEkZml87P9anIabBlYNWbDOIL9e/dJAQC/ELnkBqkbvYe6jjtk6YcO8PODdaAzdHgwfPxb2536ghq67gGcOtL+RlwXgMAXvT7YGgQjiJ9c90Up09tRiurpHCRKWPSFngNkwMWaj7LlcspBWABUwD14hOgOtFQr0xFlWY8VoUgtblrDNuSzEMse+X8bdY1gXEQmgsx+KLj7zD0o1/kyvTxhWs1fuiC3HMulhBsp8Ub6FQ9oMmxIaaogagLWI7eQOeafgQD9ASZpr3QuHzhpm90w8s3zIutKJpn+GFa47dVu0oLrjNIlzCRY/LOfNGjA3GWndmi+2yD+MjKE4P1GK609jGOZR+dYGYonQ55hrJIDA1ufFafc9GFeAsUbGQCDY3tDjylahX6+ZGMpMmpdkpAJlj9skI3osbP7Efr+5Kd5xEHIWn7Vn2XybgHe+MrM8gm+YVp+hS/1LtcIiMBfZVvkAy/0B2rfQYRADaRGCgq4eo30W4UT5B7PHZWT/Tja8AmvWDcvuuolvx7Zfn19smZWhIbvMlKk0n+C8nFAOU95lr4N9NdU893wsPCB12cOno3/aZ1wE3iE35xPRiIin7P4wq9q3MHIyJLA8bXo3tyn88Jrxe+KRlYtMc1WHyKtLFejLoXv9CLmBb5TVYJ3rMBCMrci1OquQ2CAAzKiBjSZwZLe6CVVV5PW7hUiqFbiQBxORoLUF0bKn1nMmklixufWdaaDu8lZls2zYzEXhwlTQgYb8izoReMhRdO3MBNVuZfDl+xsPTQ/SubskJgT1NlbivcHID7mrsUueeXReCqWLzfWez1ZRIiQNvvxZ4C/Bp7O+Pm8WiJCh94XMnrx7eDP3f3OKtd/zqs15RBTcUnKsCxmcx3VmbW5pu42okvcjIcVTPt7hKLFb+Pvgd3nGiMczYlict/pkf5TX6yPDqW82B6UtLWuh9Keskxhr6Vg+0/+oNZyg8Pg9RjHrTkIhYBU3WMpUQhpi3oQvCN5DZMsH7IGXUPRV2AsRwcLdKuf8zgiDqNr+cZcxhts5wAt+3G12/c3NrWCATLvfTt6GcZh1O4k9U3CGvBl4w7bgBtJKL3P46b5bPBNy9C1DnvfEqtGK7Fdg2RNEyT2Lk3+6DJbu+waaw49zSj41I8fP3O4Oh5G9KLbaMvLzfs+DFGUTRmQAOShERLTU+CdXxhp+xl46LlGsS8Gwb3kdqp3GFJpoA/CCAdrW4C1RTxnZqHFDbQECEmNt9jDHrWLIKkPS2yLNUwoTx3yc1FKJr2+vaSM4VYbOhJ3h9i5ifd2qhSkEdHq8yl7BSuLhh0asE6nymlAHHbFHAtQwBFNBAtRcqIzmkkbOGjl07Sc5ey3WT6Lbuz/pa2U0HczHgpYQrtO0PPmumMjC7g2uj04lQ4RStOlug/V0kHv9BXl8LwYlAHtJNkaHQ/5IFSKRFRMr/hWecdZdU4Yvhr+JWS2JCOfV7wlANgQrhaNmFRoESKZfvI4Nm5kXo7+H0I+G3f+eiEMLjrHzs1q+OvxthVoC5+pO81ZYrXI+CUv+yOLufsjlluJsUtRhiNC7ch4Aqq5n6JTq35Z/kxua7YuyGY2wc7Dw+AY25wVqeShco2Mzrnd/SXB1osGl+5lKw2tbFCuCvA/6jatVhxBp0Cr4TsrI/KF/LQHI83O9caVCk7auV4eG64O8noOFk/hh9P8c+uqDG3rwwP3aLS/KLaR1OJSxdZ3/orNBb81YnxfzWL0uceBD6MDNJFVFnwsw/OQs9IX+VxU8ICF+o7tjUVFDm17ghzJ+jGUjOYUJfsVpT/5zFv7Us1uu9cSbhDJdmizARstP1eYfRBAqoUJC+o4nlJK6yv1vs1mZYt8HKx9OWx5l/H0SCdOvjSDUhgwLuQUXghK/sh33IKnOhQf2IeqqDC9Vx2hu3tfq85yArvN1eADrhEMLjCTmYm0R8dU9BgU2OYp72yth8zvaH4P1hc8tOavKDud4NsNeEE9i4tzjAFuH2BmmYgGyktyRE3nLBnP2eHFU7t7/96f/HwUofIgFo2cYESF+CWHU1eLuKSoBBDKRatbT9fR7FBPkHPQFfXW8fnBQnKmb6+ua0ddSGDK6OKXATW5aOfp4Y8Bu5Docey6CE9ybGJo+9ZK3jHrYTLJhkgAauS1Plig0lzfQrPfXD6vq8VxpZxmeQtumoQQocyOnuhTMUx/bsCzC3KW/cVy256gDi38+i53wEvebu/rRusqFTEIQ6qipR+XqcfunL4MoBwOQ286ZheaEFnsRP1nz3y3hnpdqMn7b7sDmJ35CIdADpPdwXOJZhkUk494aiXnMZMvgwQRQMSmhQm7vUXbZ/Tuanke2RMEuUdM22dDeKZAXQb8Xwaa8PGhwFznT4v69275bHTcdyHR4TPiHijQmQXc/rDMyKSA9kSMcn7YpKAyWAGJy5UaWlURaZF+Z7MjvSJKdXwOkwh/Q/xPu8TJhRLbppW6m+hnC15ZQeeXYnGR647tHu0o9eXFOHU5GR2khJNI/xUofDLTvx/Q8jVkllcYe7wkaClC+osy0rj9AhuPfYX0GzI4SIaNsUz1HUZsve/dlyvtROWyoA1VmKufIUy22rhjYUToiHfAQkit2tA5f6XmoPxkLtPDa7sLUu14FmePW7gQ8dkQgAp3PeJ8eszAQyu7X/gU0WlMTW90VXnpZpeGQ/9xmzo4V5FhHJrdJTmSkkLXyywKwMSQqMKvQGty52AodvjLwt1gBxTxgIFbgfGb5iwKxNfzhx1S/YJ561AsWihvFDTgoWVguwlff77y+IFXwy0QSIEuzPhqxvZWmRNx+aUyYT+L+TpTOGGK3Y74CDKjJ6DUvSbUqnd1FqntFSadG01dU/TcWzwjr97cupKybJab+9QbypQ0AngLvcjYFE6fHb1KRcXxli3kpfn4g/RWK/ZBcPi2iTbE9n8/98CnmxoZ7TWOYDCDPAeY3Gmkop6q/bhLw2m7r2u7nTubCbwyhMZTWjYgz/avmsfUsjfSK+3RKuORY00tdUpkWu9eVomxXFQiGO4ygk1fdMcKpvG0Olbj4Lbh0oxiuSYy28X7wBG1eE+SBk/3wWDtTVhNo+bZNmVHmApsw6RhNS9Cqo4zkwnFpadfqQOysw95xS2W5IAnNVHZLsC5/eNagc0dgFHmE8lm8XD3Hywp+3plI6Eko5eVH40rzSj8zgst4Q2+v/FhLOdFJW5pr9DgN7dCK0DMY6v4XzaLfvENJmIViJjL/6kAgyxbO+kaWycsCGdU3p1KL9OtArqJy15Pz/UHsf0NZjC5/gAJF1peuAjRbob6ljzlkbi28fbpJRy5NPRgDmX3hnAxsNUKc6HYWBm2K2yfAwSky28N9MfN0R2WunM5VzvJurhqD8XGOwqPBj1Bim+LAfZdAU1tFhg8dMkMEEZfQrQpTvmgAklKR+3enIoFkOxT2DC6Jw9DKMlOPpYLEKExKiuwzBJPmOV83yPZd+J6H8LRzuAdTjpITSlWfNNTbvngQOwgfZ9yEWpJ4XOvCdz4K+,iv:NggGOw2tAGuxLrryL6pb12FkCzFdplXaKiq/IP0gGcs=,tag:rEeKIvhfFksNGCRo+BE4ug==,type:str] authentik-oidc-client-secret: ENC[AES256_GCM,data:lD/xyU87nik68JX+T2H3Gw5ZqsSGzXWX1RjqWskiNu68b5uCFjhRRQ+C3A9P59Xp1pVGamEYx8J4P+hs35Xf0Y9yG/ATiOwkV5k4o7n1d3gkvNwVY/9NaQuNr3KdvjZf8Z5WmGCQkKHvYyq0e89Z9IPe7ML44zQ8qV7Jcn/q3eM=,iv:M3RHdROf+Juxnvd8SiTrjXP8ZirtkcKye8tBpIZphvc=,tag:0BFwX0e0DIj0I3xAU6PbpQ==,type:str] +minio-credentials: ENC[AES256_GCM,data:J4msUueIfNf/ExBe9c85Tf/VEDBQiICWga6swbCuE6e8polpjlRZxTa65k47g4IjEvLJ94jp1LrtH248QdB2QFqQtaOo+IjQ1Yu6,iv:7rjGHctLC1bxNjI8yF1Fuiw6xPXsmyGoANIxanF7H4I=,tag:2+tWwlO8HdAOwLgz7XFf3w==,type:str] +minio-secret-key: ENC[AES256_GCM,data:FkF4hFiW7s5gYbMbdemsmhduYDtb/aqMoUgP+CWI3rw=,iv:6syOMYtryL1Yw4UqIyuLcp2FM/dWLaVNA3UlPdeSZTQ=,tag:GPkHq0d7rvzKbg2BKrmB5w==,type:str] cloudflare-dns-api-token: ENC[AES256_GCM,data:2ny3JehpK30fTUDKrbzHv1QOczriChRyMQn6kNPULpUJ+eVwdptLvg==,iv:8wNAn3oawzLez7sO4ZvhFXcaZIpFVKgKCvTBlszFHn8=,tag:fRaO+u/5MtAWnTiy2Zwh0Q==,type:str] #ENC[AES256_GCM,data:KWrVRQg+cLm5MUdfsYrh7hkI4CWkl4Z0sDj0769eebeXDy+veixrQrxh1ZW+ro3WLwoIdU/IH5DPM4TWYn2qoM5aDHjGX764pr1x,iv:uZHBsGvSHv9vd/Wragl1dYNJ+8vCcMit2K3SrMFlz7s=,tag:7z4LyADfQvXsM2vvtWru8w==,type:comment] traefik-dashboard-users: ENC[AES256_GCM,data:kviapOq+xzxhjryse+5DaZbXRS/LEYyjqqFbHymXAZVEkWlu0T5pZ2bxSNCbXN+tXnb0u+6YPgGCaRNPLW74AF1hO8W8QqlLDA==,iv:41bwPyFQcuOLILTjLWUu5Kcnct/MaIIJsMbllc+n7Y0=,tag:17HyUjfRUcLGb0FrUm1O2A==,type:str] -mail-users: ENC[AES256_GCM,data:4ugvUKK1Hxlnt/bTrAe7pEt5Ehla6yfCzeeZkwaXGN0rlYO3zIFz2paajuFDVoZ1UOntxgdoL/bmS55SkvinQybzQqK+1HUb5N4esODZyJkf8qhacBjjUnDq2sK0GXmoWRoR36ny4haRTbfzTxoVph+Y81P6+T7etnMuARM55i/kWCTcKyin9WKkllLF8vEi6MdbvDj5fwVSxKYQZk2Ti4xY+hCGkEUFL3S2l4Hgbzt2irV0ccjU4+GXSrRepFWSakvDl0fuQf0N3oXMQWCYkRqsoPdtV/n1+C1all9HWtA4XNcnNHlPk7bbi51gO3fSQwmayrgsqO4QAIKY2oJMCrMOabvSjRF8pjR/WFqEMN6fLOCByPYTtej2JEDZ0mg/uQIuIh+Us+QIO/ulMSK+Cq4WTBsmN0V9tYucp1vNv2xzuLUN4GkHc0tRZ6jIVPFUCIGEgw9x7qVPNqFPgr4RFzGGP12746+UwHqDuBIz4od47aQMNrXJOD9xbX7mp54bqwkdASIP/5iBAsnzRDhg/9hHMkJrhPjzrGC4feVNYzI9yo+v0cOPworKYuSfk6KYX5SGu2HgcgCG7zGRL4/NoytNwDGoqBKWA81Xuyp9+vMFF//nm5bKQH6Zt2gVaMViyqKZrTkITrOZMaMKVkOeiJdQQpsM1jqU5ygsrHIq9jc8BJ2MbK8WW2wlfovAo2MNtSN68LknoWiMbEuRXIcC8rhvdVX9C++XT/JQH+kHwg==,iv:059jHrKniQmw2H45FDz/5DJqeTzKdsg9a51pX3FxvHE=,tag:aCMJOFv8PWtz80ouUqUCGA==,type:str] +mail-users: ENC[AES256_GCM,data:qKLi42k8LT6ojxbPXQgbi6FlI2I6ge6qJn0aNj/Lp9iRjjnnuArdsLJTfBMB7rPUyKWELa7jPrh8cHzJZZX7PsaXt1x07tQrVitKY6aDMpmb0pdU5TsvRTNhMV8lNWDrQeDXMV3hfigFXDU9YYRowllTJn8Uh5m20oGm8xjQrc55pPd2mDRWUt8WdJYGIYvXJ4Dyc+kXwibFC5xb0+7sLIPOcL8SkurMk0v2E63oBvoR089ZOhgWZ2DtqsUF7cGMcEDj6D6GcH2tlIkhTXo/na0b6caK6/mSIHbz/cfeVD/kdphC+q9edqm5UAAm5SaBDsar5vrXZcgQfD3/iEDHpqfdNJQv7Jt1l4vfwSY6nx3BgjggAZpL7YKXME+5Qqrp/epSegailDled5GUOlXKtomzixTA4OsgTjhMFPPOR/GiBuNIbYoGWnnR6Zs6l9Nw5ITJXKFgwNQTZVkndvQcr1Bw6nQqBDXt1qgmTdKTtNkrWEfgyYBnJtQW6qS+rZL8RB1x9Rjnu5PE+ao4YzrZEnKcenlWRh7+1GUdkRPm5qJWAMnuT1LkBdUx4bUPGf1D8iQ12kMLa5NnMQMq4Yek,iv:fTsBB5yZYi47dk8JIDs1JmgtnK8dOhkNt481vqAU+ME=,tag:pAXBSgzPB8nDdAO9YXM02A==,type:str] youmubot-env: ENC[AES256_GCM,data:EQ9e6lmCrjofHiHyN5Qe4b2oplP9/3JKl0vuFp54Hw9aYIS7j3nqzWLCvV54ZK7j1PcQ+CQorjeCVMV0TUy1f1Pf3qjrLkdOdV7ICq540gdfXOeXuhAx2EILpGkwIYOdKmTMSO3l2QkOlM02RNOn1lq/DogAydkEq7gJ7qSWnUEr45oNCa1+LamH8vcbDmIyzUWWXyA5EQ==,iv:fnNGZ6OaZ4D71SvWPRynsMpO1IsvxjQ3XtrswNSY+Wo=,tag:cN/ZnKrjSfD6AbU9pYNl+Q==,type:str] outline: smtp-password: ENC[AES256_GCM,data:zpIi6jVB2Y7ksBOR8SGFgjOD1x3aS6dKa6taLKB8v2l9p92iWDti75qgB1puglmmq8mCzz8KXLrM0Bv7W8GWRg==,iv:6tKINzQcApmNuIbNn0kSzFJtwn3rky/uFG2Ff3lazUk=,tag:kjB6qB87tRQVpy32Pt3D5A==,type:str] - s3-secret-key: ENC[AES256_GCM,data:dH1Uh3G3RNqITOvsecOW0my3xM3H6xhKYONcwORNPBZmlvSWYvhZUxkOghlH9sYHLIU4yb31QO7npi01Sn3kww==,iv:cV4xqzS5/3HseODY3hS/ycjI6HccsrSGz5Dh9exqNIA=,tag:FMGR9NiTn5S2fTxNSQYBDw==,type:str] heisenbridge: ENC[AES256_GCM,data:rJY7gpcOY8nODR3KlYW1rEs54mKxr+AjNBeg1/2vTG0Gzpuvjgbnn5UVJS+P8uej/P4HfeFtlQSFZCEy8cXcwvwq97ppVliCGL4GMLRWaFmop35feC8t2ovh79cy/vKC7drASeGvWYNUmGRjboPuKA8W5LARa0HVDPGDLIEMVgJfYry/YKR3gsGmLzU7Mx1yLO6M/EFOJQJc84bSuu+CPSZcyUVF4SSNBiaDU5/NazlqaA9KWL6Xzu1MD2LEYdEFkRfitNgYj2m2gLd9voyGV4cfaCqJvYjJPwuZeZUoqCpDnom2JoV29q/Yq/gmyumPgOvriGxLsYBqV14MaCcE6KXE2uLicD+I/5or1AxepVDVjG9NoSgho1HpLvpRhMSCeXLk9+U+ykH3QA+0M+VVu9pswMMVQifnTtXZRM6pWxOnRVAzGf2tGDo4jy36S7pHaRn7SJcrljjWLfwHuNiu7E2uZhMrkcCjnjcBA9Xrb3drDQYVHya7XcoD4wOBHBDvVZwhYkNdkS3oYkom8A==,iv:fO1onfon3EdSNC/LjN1aWxpHBYq5aa0F/h0V6gl88ac=,tag:NL9p2nhIlEqgOdvUDM19Dg==,type:str] matrix-discord-bridge: ENC[AES256_GCM,data:/rlSjD6inKfak7HKKghH5ays5RjKmb9czGsoIOYHyTZC4A5EMucCbfn8DL1gkYXgvRHJ+QglGX/BGo5ebaxSj6nF60+aW87UG31KggOt5kkMuWsPsjvrufoc5IlNfWnXIWmqf8cdC01hmHEp7biUpI8CcfEZiD9OkOxbZcRfYqW+ttnzplFniRBjGPVZfL5g4DBbuJen5MuOrrMDo5CT+78n,iv:r9VBbDCAAElisCaDehrB6PhJHsaaHjdrk3103lmBT7o=,tag:WoNMMfyMifsL56yWq3MUOg==,type:str] authentik-env: ENC[AES256_GCM,data:CjxTaqIcpBX7ea9L3tgJDELr8HBPJdxXsrOfhsiH4cXwCEzktsNKHjF7l95ZFgI5O08q4Vlbln5Dg4xPEx33nwUesEbQrT5d+n+2YaAxmm/WInrYzF+jB7HYTXASb3rY9PWgd2C3v+YPBkJetHlTUc/k19Q7lOQRNw==,iv:cG8Bi2eCsS+v94tSJBsqp+bjVLzXZvvwX1QVVSYExL8=,tag:VmbfcxCcfi3IpKjg3f8QPw==,type:str] firezone-env: ENC[AES256_GCM,data:Guwc3ovHJyr0m0gsvcJeYDXxOsccv6ZMBJSjWa87F7BZwCXLanMetz8b/GAxe/+0qT8IBKCDvLS7B5v2DM5SYOZD2tQWnrwjU90Pjji2RZhZZy7Pc1kAmhLA6ddpBKGJTLcGxWkTnWOcv8qWEwmfNpgT+kUIDLmjQz2pIMUXiXBpheQyPLWBvIIgrBT8QxkX81LHSUDNG29r7olJv1t4oox58r/PKxnfzUkX7lMhZdIpDMbxdWCU6/F2R483YIaFAaL1BuhCkK/QbuqOPRL7yIGID+W1a0JvKsRc2oPPU7WAWyGA3CLwmJka2sTvHrxosMgY/eZYfCWDtRno6q+OA+LI5ZfFu0weA9dpiUkWLGJ2auSZtiL0Sa5D0VHxZlG2m0iD7o3bcIWUi65cb2olcABn3NikMglw6PCWXxM7E5hqAbpvwcN5JeIkTTesI6xthzT9eoUak5SSvdThrwSlc3dvMqOvmRVGD/wR8T9GcKIZoNT7wOvgltecpDbYPNgwKimHhBloMON/qKXuIaYV1dP1XQ10MMpSM1vUZl/JD24pDjFXH8XkZK6owVI2tRTTRZajQT2uB73oVN8EMPFHPdI3uwyH72NycQojIzXmDvMI/UXNsYWArWZyTwGpHbE0pr+I9rXch78pJYKvlIVFTqicE/NceeOm8bMO1O7qofk1/yiIE8RVjs7YrNNahcBrNI+97lvBNLmk9zpWU0YFtfmyDb/XxBsepwj++QY+3gJ5331ohp9BK5Ypr9pp1WRt9syKv2cwFMBIcHKMCji43NW1MqBj/2bgKGfoNAyCUaJqZ9yRcb1TwHyulvEVhJUAOeUxPHdJeA==,iv:6kPPn4Zl1lhxaEtRqq2BcMW7d1zKy/HUJzXdAgkPv7E=,tag:VaVIWg4RbOE7tnimOuqhGw==,type:str] -gts-env: ENC[AES256_GCM,data:qcoDQh23XApyXPwvzMTGb2x2sMgis9SqFU2NRuR4O2puPYEb7ShTYCNSHBNje11w8WAsLmXnbY+kke7bIFIsgb7JOPBKvRvV5TumH2eBuiEAwW98erEU+s+7ArY68OIIhuyX+pViVlvj6rMHzS91zr5IE9hA3tWpdSQ5gb/LyZhcxJgK4cksLIkDNSZFn87qVGEpYChsM5jbbQq2zk39e0AmJpeLUVgLmydMhI6A6UnclW2n+43W+SOUMl9IwB1SrXA8sFphOLsyUfxG2Ne0L4QFtnywUxPln+COSHmC6Qd+yZdF7O9leQoWEWg7d0OvjFkZCrF4HryMIYIgRk7WGTuazcN6FtQHY4tiCePCx3DBy8TxDMg8vAd1WJsEca/9LeBNl6fzfJ/ZoTCbCvtI3SyiqNCxwIwpXrnUykwszs+KdnVKnfMSACs9aP0I1JCdxKyMWWFwCV5VGrRZh/3JQst/GLOiw58EbtwmavlGYjaaUM+JzcCDIWmZbF5G7P10SPgu/931FBchN1+r9jcbEUXemfE1Oit1J2pgAmRh/6Y7kSbj+8rtvOIxVVxoKidVETUJ/W92NsWRpgdSrcFy7W0nu55ufZOzEHLFKsEoSGZL1IlLh4iw0iC0xtCcgiR/cRZQNd7igkV6T+HT64kkjPy2WI3Ei60gkqjoxDT60Sxd1UlBr1ge0dI+SY8XOq4mgvBXWQynjNDdKZOzVIT0Z/o9cBjx1nZUA5Bw5fmTKw+sF/68lHqeRCyNNhUaOLOzH0SH5CbKUayRFYxvyjW3UAAFvqoFkOODAFOMtjDZ+vfHDtJ/I5GpR8HdeQ6ewMwltVc+8Hkn0PtSDRBN+e2Bh90pQdnzHn8OCFQrx3cnHK6r6g+Zvbq3nEKeEHXLSNw7Z5qUL35xhO7rOMteUdTVIrV4GE78jAKyCuKttcjkNao3HjDAA7RePxUJ90h4OU/fq2MLcSqV0Yo3DIXtTN8=,iv:B7VIq/i6RgqSC/aV5GrLazbnBeGtq3twisSf60VAjfM=,tag:V4eAGJqPbZQTEwS7ieZBog==,type:str] +gts-env: ENC[AES256_GCM,data:7Pf2O3zDrqA96LbwQeVO4prWAu/xgiKxvwPP4I7zsam04kgN+CLyEMNmzQ2EQSFRkr4qriJTo/PX12lZH+hPnwfCjmnGnYJeDwW2cD4sxz8/y+EYBpul6J76vlEALorw9s2O7CEA+PXBsfjNqjzdBMVXxh4zvhFBqwvbDNlUOeuS+xLanf4XHxNXEcbgfL8QCnE84yhzah4f2dS0jLvSK9jngHc3ozmRyS0bWtVGJ5MWuPFw/8p1AUbeFDI1DdDJBl0aEwBR6zPboH85zcdgUge+IrTyy+7ZycJeFmnugdfCubUhasJ6xvjxpwSBaufieOZCghJuCaTllMedS9fYkZsfPl/U0M8rE6+7uBVsKyM/H1QlFPMNV4QtlaEEKIVtSkD8n89JaJ+Pt4VXzcKmZUBPucdgcx6QvqDi9UAg0IdyIfV/9awTsp3v22GoGD9J6Nf5qjl48jxOGDKyl9XQfJyw86gZHRLa1liGpuc2BCHsKeZIK3uxkCw22aHQaBliIJAnh7BAtf4dVlbNM8H7UjXKIeFV3BIwkobNRsFIYEitmAxJTAdcJeyr2q8vndKQ8bNuRO1N1H1uD+NjUvdMX22YehC7rLBNbuLh6uc64XONFTX63xYZzDpJ5RNUHoPwik+IONa5jo+Ym9Jmy39/NOWEx1fh629v/2nwY0k7o2WH3tYbcwvmmO5wLajC9DF+RIASQAfAM2oX2ec6WFR3KrKnSquo9pqpMnAsaZ5ZSEXb50uUxRWqnzX+m+CoDmMwwKvsEjtSyydA8Gz+UGtIiDgndC1eoamkKuceTm67EZ87ThLEtoVkBY3e/agRFC0yLiY3C3VcUuGwKObfoxje2Awt6GgSUY47cZp1T/MjajBCbpI4VVxCPqg30cqL07vxlMAH5e/n3qG3d4O6r7hTi1jto8qi9jvt3uGAnmqPalD7MdXayq3XxwuwQ3cZwsfE/+MiYvADhgerKa6Z32wDcDItzzb9NIQCQvhhXJ8YUdkOyFviUGS7u4Hhe9SDyw==,iv:bZscSruEqVFtphcrk9BmepnUkgf9pnJA66Xc1KQyKZo=,tag:b+35RaqsUC8KR5aoU5sl5A==,type:str] headscale: client_secret: ENC[AES256_GCM,data:MLW0z2stjhXgxb4poAYr7LzrLzTNj5HqJzsyzOvYpKpKbyfx7SEdeZidG+m3ROuaN4PVsdpJblFjsvozzQlDQYRJZo8q+kpPvUPvhU0Ejya/XBO/sFcJKzulpfr4j3rK7FSKh2V6PiB8m9mvLziHfDmgL30le0wDD9uCNWkaHVo=,iv:1hRwI1NG2yO6igBsEGCg2Qn/po97ZhsyAEZOMKP3EZc=,tag:FV+RXBKyq+EJRsKT+DZ6lQ==,type:str] webui-env: ENC[AES256_GCM,data:F4fGd5szjEGYqseq15VF8Emdd5oXKAlj+O7jET7BpD/w0/M162KgXQ/xN/uzO5Bh/euzedMrair0c8SQKO/06Ko9cj35lclaSrnBiwHSDIkFvuoITvLeSVSR4W3dsui91Dh8GCCYO8JAZQnpqClls6kHBOO2FYVwF06zg8Coxli9cKkPdeJKLDEnPGUb2UpLoP0dieanNFc3YNIavlXwkgt4/hxEoKHJplTYrilekBtZjD998SyvubhhVKHTH/VhTgxodXgnbI3sV1a3uJCrUKWt79NwHu5TUd+C2/gZqAniCbo4AX8=,iv:87cme6ToLFR4eF5apZauIm3Q6HR3Z8EM3GkQxo06oNI=,tag:dbXLQhw6qn/DyYJ3/UeDiw==,type:str] @@ -22,7 +23,6 @@ headscale: vnm: ENC[AES256_GCM,data:F6rAV5ZZvtUvFC6sF8M9gKVrcnUZGl0IwWzTDyLXITQ/QeXC9VU9ypGSz5a9GAZ78tPgHtUJ2fJFEEpteMz9Ru2/Imh112NrGf1INqvDKCnX0j+3P1Fms/aXdehETPVSprNl0C2u03ygFNX5tjyNDYysI7Bqsu8MtkRkBFjm8x52VPXiLsrK80Gctt9OhBz4Zc9G3RcluMfVr6y2RZHIsJgVgXWm5rG8WQHTsB67D3Uz9c63KOkQ+Ib/5ERtJ7RwjBGollQlFhUSMgc0m6ftmNUt6xNbMnt16bJVUtm3rRD9S+2bkfXObCp7FpqIWBCIYF89,iv:ScBU0FV5wZSlc/p7SSe3PMVRddLEgLeQ8/ghVsw4TM0=,tag:XwvlBiVzl+FTiQOGScVLag==,type:str] gitea: mailer-password: ENC[AES256_GCM,data:LDW0bpbfanBa2QjqdgtKu6F+zG84xaGuLg1cs6eTJbg=,iv:Kle+czR9Xqi45qWjYJIjRhq87rG2PNoNF6YQ7tQ+HJA=,tag:WUuPgwdnz8F2WtFsgcrw/Q==,type:str] - minio-secret-key: ENC[AES256_GCM,data:IRuaRgOgR+7LMSLwg9NxxSqUCbze8qu9cPWJllsA6GTNmllEHrlKA6ywZrlTlVmS16fkmQWCCi5wjZmltw6UCg==,iv:zCtqGkS195f7/ikwnjhYPTxqmUV2y+kI4OMT1OjMtCw=,tag:wMLfU8+zau7VTxRArfm1sg==,type:str] signing-key: ENC[AES256_GCM,data:64tLU6rVcCq6CSfVGtFfSc8m89gHFHwGQ4JSHw8p7GqlB7ioHrJVu8o+6u6UPERMfkcHsTG2gTwh7wpblF//bk1+TRyYWSuDnIGl1G7+6FVmJbvLyGJBck0NauW4s5Keiqr2qg38i3y9qy7kPaJGz/2J6cYYSQxB9xy8mtdoxwypGf+zxu1teiUnKmWa89i941s2FZZ+FoQvQCZs/7En3YnxNiDM+lXR4wqbPZPROlYHaVDOgeACBgq8GwNdgAFF7qRLdjxMGgjS3jjlD4QCJlEO6UbqVEBEK7pf4Or4kx/RM2A0rgGNUPpwKu/b5xGTUkA0X7TcZNIcLJ2zred0JIEj0bM7MNrkBIQovHEYLT3m33W1zKTTBC2lgPh90I/tPauIOb1hWHzgjM+LpV8bPkGXIk3BmoxW8eCiFmSjfvxdyS6WVJ6lGOIhaFNl59LyKsljyUmYcauig7/T+ylGyWiPViXuYB4fWxWr1t7Tb6DgY2fJdl5KQHLkDoAylHQ6pOb0l2YUGw1+vvHocMA9KTJeTnhTWAPZLOIFbfZL8sxrWRlpuZvvKdXlOjzKwVgCzWudYJ4jUoPSCmvxpnuCpiPbqaoZyA3Vyx7UCTN7UhKRb99jxEqdTrDPwRL0VlVZUQgLDTMPXHjdoOan06wXmDJEDRDBFsrrpna9wY1uvyPGBBpZ+uQZdxPZfXKQ8HRVHS1dKfyvdIaG/eYUrimF9euhYKYGPH02S6UcU+yQXw5B12HBxLDwS0oF3yWXfTMBsgejWFAuyQkQVJJjAi/Zs+9HJ3FQqr4vl/hUclv/X2XURuPc/jjYziNuOAn6yGhXuNC713SzUOnZlDgEcCkm8DHn5hQ/W4rZGUbSq+y/HUk8GA6XSw8u8H7KDQFnV4l4Chg1cKAf0YSXeinJ2x/RA9GXBvC5FVOM/Cx95arxS57vD578Rkdf/c7UQmuH+6X9YTX8MHVgkpHAGJ+bu2UnQ/hjAvGW6kee4jqefybCTxJm7qcSz1JrG6rS+S+9ZFj8BrXLcSIRlvxotg+FmBjdlqJMj5i0w+cR2f2zXPsmeDC0gmSTV7mYNz9+uMv708xwm26e4/rTT0hS+szLzzz/Ygm9yAkLf9lIS3457IWEjF+LCs9SEq3jfkx5zqpWfOpBCQU9rYKJhvjCVK6a1Hb2PfO4klkuwSNFPwyMHDlEqNmIVUf6uM5p8RVEQy07GsE4ycNtgicC32JGpkotcaU1ByQVbqRXlqJqMJnUEbnWH6qf3Em+wi8eBHmPf1BNjdP3f9BOle+H17/SdKssRbA8o4qQAGVkFzfjybMIh0onB1e15Rt5TUrRDxQAZG+uIsrHEiEOCDED846wO9apeV7wuOKXv2USDhybQhIctcuwxFGQEZWtGGrKzWTlK82Qb8FUM44x2HFj1SK7mIQbU20TcL2bd3b1OZ2kQe16CaT9R0BkpRlPLfiA1ZD7+3DdCyOJxTjutCQgaI1ONQuWn47rDOMbyqZhxs+Gj6bormGEWVRXQpV4VTknN/GyFB2aWQmZF8hGpEBl/t8IfOXDs56kN2Z8W2eKzHZz9u11HQ0eJ05LX2xz5DB+22UZT4bGK6Y3vJtB0+27r7G7hh79Fkapggm61xh3+D593epyW6Ix4hN29KrJWz/s93gi/g==,iv:LlUhINacJf7haxl7i0QI9ALdOFLdLJGbsXgszKVJOVg=,tag:ALkAcUmPFHp8wpI7DVYbiw==,type:str] nextcloud: admin-password: ENC[AES256_GCM,data:wDL8xCv8/mFQniIRQOR+zl1kArSUXc2KAfCP1jmnidLOYwC4X0d8V60s0hAXCO1gUxNTETjbjBkGlENpvQm8dL94DIshCMyMxFc5gUmrF9qc+omOPT5HF82FgaHnN9N6sH3r19SfoXkMtBROj1V6xlU/lVqx+CiJCSCBfbllYkY=,iv:DGFlXNRXey0dIQVzsg0qkPGxDG+36tcg0BXUQzHfANk=,tag:HdpNO+ikmXo7wtahYwtkDg==,type:str] @@ -40,18 +40,11 @@ invidious: ENC[AES256_GCM,data:pCRlBaHRJyOHj2t04V6DkGVAPuAc8hz+Sn24nQ3IvcXNIdaYi invidious-rotator-env: ENC[AES256_GCM,data:Q5c/sga+Nn0C7bKkTphob3tWNvKE1Zz0CIbXIayc73cfEsUgOIZdrm8BlAW7,iv:f0ccZsjNJ9UQCcfN/lZQdtxSg9ADFuykb8qw07c1xFI=,tag:4mUzgOHOE16FPhSTlbx+Rw==,type:str] peertube: ENC[AES256_GCM,data:YWySVZVTC26qPMcgSV5v4Vp1u69jGt7VV2ElQBSxvG/R589PCJRDgBqjjLBLMrrnP/wo6o6xNoyLCSfzMQYoFnM=,iv:97gNEJ84u4Mt5GTlVV29MNHUHQRkaMK47ULNUx+HTUE=,tag:LGVWeaTaSQ3GgaIpav66EA==,type:str] peertube-env: ENC[AES256_GCM,data:ZrWBwSfMuepIYTzHVCCSnpsXb+MTcOfklI0O/UdcGaR3RzO1R+/wXQcFlV46g9dvKLMOaH7bxrHeWxqPh/7hlPEYFYwlbwcX31MGiSeRyeR5YtVi0CmhiGRA3l8X5NMCpvZmNhnjYNuri/My86SMkjhuaFQ5+BjYISoJ5WnbNSqE9qgQKuJVu64hsOgaQQbmaBL/LU7Pv/vushbNg421kdbRnzCPcc3IzkVzsFsgYH2fdEJa3gE8M63eLn99PbA+e5cWEwGNkuoNuro2tnaMaX1PM6iTF+q0A8HbiEioNMRIdD9czatgF7EwKgCFNu44cm2lp/c5qj+Lm/nC,iv:+MjpreGr9M+Oe5DrDe5SIBKtLuIqtb0a50YvGhDZT2Y=,tag:gYGlMcgWwa1ZpbQb4XfMmQ==,type:str] -nix-build-farm: - private-key: ENC[AES256_GCM,data:bYQ5TAHgJ8rZmmnp0ZW9pM3p6e2ewAqz9+clp2lDnvPsU/YHr/POSW+UESvulT0UDI8t5th71py2G4BG3z9PdPaWw2iSm6hW3VITYCGYvLbF2yK6anSkww0ilpjwm5NXKJLTiPehkAqsZlZsAxeYw5bF0+7JjeH9+49jLOXtGD0uFSf5M3wVZcObzSYsdGaNKGYkokBYeZii1tdwZvAuUKKZ1eOvDAz5v6hjqZA7brDWr5IZXNCqRZOdyGQ5g3UP4o5XFnl57d1RAmKPK9WaTCjbi0hMfms4zldqGeXTRDAhvqMH2w/BY7KvgIOr+aQelTvQbOciq+DaZbzNgdI5gqrSUA19EEL04Qu/gjoVGwMhZ7Lq9+yS2Lb+xdhmn/99sbcRjaRqqjgzHRvbyirPT9EuEAdrijyuZzY9kASv8LN/Q8cawRZNk2vf0M8Qzg0F7iw2kcDrf+dwdcyrrAbg2XDlGsFBckBcPKA44PkOPtFLHZRU9pSpd15rL1JIes6m2YX7AmJFP2+FA5WjXQoqF+CRhBVUWXaXAmcq,iv:7Uqnu2xEcHotczRzIcDfq9bM7wNXdz0Fg2HNpxlV1/Q=,tag:w5aLsT9LN92+83rdP2YJTg==,type:str] -vikunja: - env: ENC[AES256_GCM,data:wHwLaX7z31Ogee0fSIJ4EpP/FUHOmj8lESqPacmrgokf9+2NpG8OKt99csDiYM9EEq2S3P70N6r+Dhzxob53lmQhNK8JuvZqrZ1HxgvMXirjnkXl0LGqVHBM4QdMvxVkICRNc1GMrG6ZY4OBQkn5did1ZZiCuXFC/ByuNTqBNHXoZmZMrewF9MFY+wfGx7+gIYzZ5JF1sgkTqtBdnAiUT2t9AaYNc8qjoZvNj3sgMb35/tKG0CYpt0vz6QuMQwOBJNrRkh2lV7YgTcr1tOkTc2FvRoLLyDykl8fjUf9KDcJLz672E90D0rRA5oHp/Lk28sSThh9WAM0skJofjXMOpq9ScsljWovUuizXUVCg5O/79EyhI7zPX6M3C/415sWdmGLYcRYRq7Ww1IoRgi2j9nCDLstHSMgF1igRWnsBEIFISCmSURMHOZNMkxWsxJ+0HJoMX9bmoZLLMrkjCqyPi/1r0X90aforkmA2xB+pC8rvYBKSxXYt8Nfu6KOK1JsmKTMmmC1R1dswuXvt/qCCH0yf0tl7GrGACKkDerDXVDZj4+SygkXM2bQF/L/KjQI7UspSdmGUmAvjhX31Zt1qZoYa2E2gabBWSGgXDuNixgbL/twaUA1CcA+ZPVBH0oAlOCc0dLXy0OZSn2U4IV1NH//66s1cmWEQQs4GKxhXzABiBvYaSj45LQtnEo2/HaifKhBWPxkjY9fW85Hy4Bgock4ReHYKsCF0LbsgKZhZ+WQp9mjTGLKxmRJJskwSEgxLmjK+AC2FK8zq2COMQ/eOxHe9OxEwjiQs5xCwnYXt2wOMHcxg3yoBCkTxoqMLs11kWORqcXzyoW1rV5W5DHk8K+7a4N385arHyg9+9S2FtfFUL46/GPcqf7lw5qgCDP/An5lPQZxA7/ItLzxFkviSx+e/cNl3UMTdx2aX4dn4L2cv54GuXDMHVHw++onJJnqn97aczK4O5y0=,iv:4T7vftUcSOS84MpZUOM9ODA36GSrKeW5TClQM3GN2mk=,tag:5mzK4NsmmrYERRn+Vb01Eg==,type:str] - provider-clientsecret: ENC[AES256_GCM,data:/fN1rH2CKoaivhespd+/KamERjBQOdwR7QQ+hoB+pQ3ZSrBVIKbLMWyOJe8f7rVwXAByqDxQIZJEVPjcjhWSU1eicwpu57FBx+/xJLFazspTVZ+5XKyAwR+UxTHDGAgtFV00QHN53l7ygg4joWWko4IPN1JIpNIASaIWWzpsrIo=,iv:NLsZcmE1kKlzV7B/XPVfENMWlpQtOpESH0ByX1KQ8IQ=,tag:P+ZmsKq0KJAeRTTbvbduMg==,type:str] -n8n: - env: ENC[AES256_GCM,data:LA/6tMfGgX0cDNfhIZ+n2Ay+6OW5gPPebcXQnfO3qQJSjMjf9vwauF2+W3KpIvM1Dsg3hyNEwqLNRn/28bgWC/qpBpgU2/gVI2n5oxcQaYGgnS/jB0nZWXvORVTnXjH0R+HBFCWgMJe7v+o0EeBH6kni/Nc9geb8paRkxZOGVKeJQy9K4OB2CN6FVO9KeR7gpeQpsh5V5SVW1MoND2tpCOiIK7d0uM6OHF/7p2RFrEEAarvJssj/dZRHjA/jALuqbQ6UDAaAppqlkEgIdZdFEfgebfCWR4e4aWjznW1DGOQQYtg4k/Kj8J/df8CWXX+lUO+9nTo/lhhcH395w+CRE8GUwze15yxQppUwqyLKdYwgmpK1tFnLP/W/As2f97c1fBB9rXrZYOUEIq4GspHOTPgjzcRfWOxX8cMKG69EmeZ3mWPsIDaC1ZvkVQjjcH/o9aC7QeFCwPfcy+mgI+9RjAaCw7qdig1CwgQabAaCd2hzQ4FTXBFJoZRfYZ1v3Rdwe8zqMivIcw2AHv6kYx6c9A==,iv:KmyJ/CLAGrYfzHjSWygtgA/+am9fUrKnOsGRPgV9QfU=,tag:G3LhfdSujcaC9ZZFUse0DQ==,type:str] -grist: - env: ENC[AES256_GCM,data:eT4eFHMU6UgCr/lNbdqFivzZgNREHcM4b/7ZEoKYWWNssrgIJybLm709BG8Q8/kKnBHaFUlczRQNvjS/nexZ3LymMeiXEHcuxC7lEM5otMqKzYFar2Z4YzPaUWGGezYcYBK56Ia5CF8TdWDdTbgnaSBY6R2ViJYTvS3QSdK6AhWfgGrdTVbye2lL6b11TrfI4vC25DhHJbrhFCXf995Q4nnwoACGAQ+Pkk6dsuYme4plV4WfZ8w61Y4SyNhdWYPp/rsJiAQkPajVCFjfZhH6cQCxVmSVn4c59H8MFx4qTbbXCKp3tXV5eQPWQBri5rc1XXAxgHKyrBUpx3QiYI6UDjGbf6hjXPSEWHQPXFLiLVPgH0CjXZeyxcYsr2ZLcOF87grUTR+CcxbiP4CshuJbvKyWiQ4ISOAm3m84XjXNVqn2WEf4ndqpNEG8H+BVbQ9RrGvrdlJqcrqD6rNzw0y+4SEiVPpv1NQ5M7+f+SABO8S2T4BFp95fvX2DmR/z+c9g2xiAOmZDFMzjG97rPrKuZq8+b+H3jlBZ4mxUBiz7l0c3NJ1RGtIUgr+idYGMwpSyh4C1a6LEzlW72F4vF5e5sEyWAHApRGxQCIMAP7ACBotMYgIKSPAzwThHtoTcUdBlDiQw8blsU/1c/FzkpAF5kotyNnk4vJea0H1yZ7NSz12E61qH6utG1YW5BZzZn+TKj7RfPEqzFE1POA0H8v1egE0bu1ClrYDX112iGEGI4IQHXMOu2p15O0/D+Y+QBOhpDwQWbgDXTf3ZMS2tyBtOiYT//ejfExYzV99V9t86xqmAvHODc69WC5nzWUp7SqkLLTP6gBUPSrkPs4ugZRE0q3STOmcnfxGkgpW94oj+jcZZY5supmYWK6zvJsPF9mn6,iv:pfIiOiWVEl0wEK03gnWj+ZKxOBwtBtf1hqzYOSpTm10=,tag:il0r2A/Z8q88sAiVgsuEEA==,type:str] -ntfy: - env: ENC[AES256_GCM,data:lo12e5wag1SBafkS7u7K4+Z5eJ/T26aijYVAl62oA+6bQSzQbmRqqDe6+4uXHvmAf6Fy5Lv3sZDnLiju2//A5kZ/rkiisIfOX6fVXzhVHE7yA+Pn1upfo3tdZQRCNENX0i77smjydpAZZpJsPdJ3JZT0DKItu88G0P9HmxhkFazfDY/08YucySmAQ7HS24gu1VId+4b2DMMKSJeyOb4rF0Ms33pdkhsC9UzGz8JwbMYqD6JDz6fl6gMXffA1iD+chaAsHyFczd80w1IiBE4PHCs0as9LoWCCq1i4nYC4TROWad02pa2HXH/5FW770JBrWfH1e2j8Zf/CmPtuusBw/cPp7yeS3LjRXhViHo993CgF+sczmppM1fbzQlycsAgZcJ9G5zofN1EBlmGDbMiqs5Vk8C1wLLnLtkUc3fHGYCaXWLGNH8xv3vqo5uzDiVk=,iv:nNiwSPSvRCGlg97kaqMAzwToT2LqedHxBq/XQzflgA8=,tag:OpZAHBwn8O7FACWnXfS4cw==,type:str] sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] age: - recipient: age1tt0peqg8zdfh74m5sdgwsczcqh036nhgmwvkqnvywll88uvmm9xs433rhm enc: | @@ -80,7 +73,8 @@ sops: by9kZFlTRVdCZFkxYTVVb0RIRk8zUlkKCqMw9oL9RaYBV5Hhy3o8Nm5xmGrPH8Sd hv36sxRFFNZT/DCKaHaSRbT3mfpBZSTXJt1dgl4nZe6whH54t/1KmA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-04-25T18:32:59Z" - mac: ENC[AES256_GCM,data:egH9C4GA/8eKymtFlrC895LD/LstUUj8aAUQLjXARIdv/Dznz4cZlHcp35FXmjtgY2EAiMxDvqz94ewe4KXFwKrWYBeSle7RcaP1Ba59jyEEEAMLUpVTbDvvzBJkWgv1TkqXt+dEivqQRwmtbx4nd2sQlxr0Cz4NxrnEufP0Jg4=,iv:adO0n7PKZ66WJw4o63quBpB8YD/cj94KEyYxayC0A5k=,tag://FAL0E1ZExsXoA+7BlrcA==,type:str] + lastmodified: "2024-06-11T20:55:31Z" + mac: ENC[AES256_GCM,data:IdpNGX3E2TwGnmHhc7HXPjBEaYC7jO1dnEHQGoVra+scnKO66nt6uD2wK91G2wvdp2ekkR4qnF9/NYbpOt2vbzyaZG0xMHTr1w1Y5oqxzbTUned9sWjpsL2lCHpg4FQ+dImim05N76Qcna7gC5Y9wyh78/eB177SJ5mTEnyZhwE=,iv:3kjluCoHIMEQOTuDJbQZJWl3BLWzp/UqcC8jmlkVyDE=,tag:nmqkhmqXKB5/LKX7RpQB6g==,type:str] + pgp: [] unencrypted_suffix: _unencrypted - version: 3.10.1 + version: 3.8.1 diff --git a/nki-personal-do/synapse.nix b/nki-personal-do/synapse.nix index 36e6632..e6a058b 100644 --- a/nki-personal-do/synapse.nix +++ b/nki-personal-do/synapse.nix @@ -1,9 +1,4 @@ -{ - pkgs, - lib, - config, - ... -}: +{ pkgs, lib, config, ... }: let port = 61001; user = "matrix-synapse"; @@ -15,9 +10,7 @@ in { sops.secrets."matrix-synapse-dtth/oidc-config".owner = user; sops.secrets."matrix-synapse-dtth/appservice-discord".owner = user; - sops.secrets.matrix-discord-bridge = { - mode = "0644"; - }; + sops.secrets.matrix-discord-bridge = { mode = "0644"; }; cloud.postgresql.databases = [ user ]; cloud.traefik.hosts.matrix-synapse = { @@ -36,33 +29,20 @@ in enable = true; withJemalloc = true; dataDir = "${config.fileSystems.data.mountPoint}/matrix-synapse-dtth"; - extras = [ - "systemd" - "url-preview" - "oidc" - "postgres" - ]; + extras = [ "systemd" "url-preview" "oidc" "postgres" ]; settings = { server_name = "dtth.ch"; enable_registration = false; public_baseurl = "https://${host}/"; - listeners = [ - { - inherit port; - x_forwarded = true; - tls = false; - resources = [ - { - names = [ - "client" - "federation" - ]; - compress = false; - } - ]; - } - ]; + listeners = [{ + inherit port; + x_forwarded = true; + tls = false; + resources = [ + { names = [ "client" "federation" ]; compress = false; } + ]; + }]; database = { name = "psycopg2"; args = { @@ -116,32 +96,25 @@ in }; services.nginx.virtualHosts.synapse-dtth-wellknown = { - listen = [ - { - addr = "127.0.0.1"; - port = port + 1; - } - ]; + listen = [{ addr = "127.0.0.1"; port = port + 1; }]; # Check https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md # for the file structure. - root = pkgs.symlinkJoin { - name = "well-known-files-for-synapse"; - paths = [ - (pkgs.writeTextDir ".well-known/matrix/client" ( - builtins.toJSON { + root = pkgs.symlinkJoin + { + name = "well-known-files-for-synapse"; + paths = [ + (pkgs.writeTextDir ".well-known/matrix/client" (builtins.toJSON { "m.homeserver".base_url = "https://${host}"; - } - )) - (pkgs.writeTextDir ".well-known/matrix/server" ( - builtins.toJSON { + })) + (pkgs.writeTextDir ".well-known/matrix/server" (builtins.toJSON { "m.server" = "${host}:443"; - } - )) - ]; - }; + })) + ]; + }; # Enable CORS from anywhere since we want all clients to find us out extraConfig = '' add_header 'Access-Control-Allow-Origin' "*"; ''; }; } + diff --git a/nki-personal-do/vikunja.nix b/nki-personal-do/vikunja.nix deleted file mode 100644 index 62cfd26..0000000 --- a/nki-personal-do/vikunja.nix +++ /dev/null @@ -1,110 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: -let - secrets = config.sops.secrets; - - host = "kanban.dtth.ch"; - user = "vikunja"; - port = 12785; - - storageMount = "/mnt/data/vikunja"; -in -{ - sops.secrets."vikunja/env" = { - restartUnits = [ "vikunja.service" ]; - }; - sops.secrets."vikunja/provider-clientsecret" = { - restartUnits = [ "vikunja.service" ]; - }; - cloud.postgresql.databases = [ user ]; - cloud.traefik.hosts.vikunja = { - inherit port host; - }; - - # users - users.users."${user}" = { - group = "${user}"; - isSystemUser = true; - }; - users.groups."${user}" = { }; - - services.vikunja = { - inherit port; - enable = true; - - frontendScheme = "https"; - frontendHostname = host; - - environmentFiles = [ secrets."vikunja/env".path ]; - - database = { - type = "postgres"; - host = "/var/run/postgresql"; - user = user; - database = user; - }; - - settings = { - service = { - publicurl = "https://${host}"; - enableregistration = false; - enablepublicteams = true; - }; - mailer = { - enabled = true; - host = "mx1.nkagami.me"; - port = 465; - forcessl = true; - }; - files.basepath = lib.mkForce storageMount; - migration = { - todoist.enable = true; - trello.enable = true; - }; - backgrounds.providers.unsplash.enabled = true; - auth = { - local.enabled = false; - openid = { - enabled = true; - providers.authentik = { - name = "DTTH Discord Account"; - authurl = "https://auth.dtth.ch/application/o/vikunja/"; - logouturl = "https://auth.dtth.ch/application/o/vikunja/end-session/"; - clientid = "GvCIBtdE2ZRbAo5BJzw4FbZjer7umJlaROT1Pvlp"; - scope = "openid profile email vikunja_scope"; - }; - }; - }; - defaultsettings = { - avatar_provider = "gravatar"; - week_start = 1; - language = "VN"; - timezone = "Asia/Ho_Chi_Minh"; - }; - }; - }; - - systemd.services.vikunja = { - serviceConfig.LoadCredential = [ - "VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHENTIK_CLIENTSECRET_FILE:${ - secrets."vikunja/provider-clientsecret".path - }" - ]; - serviceConfig.User = user; - serviceConfig.DynamicUser = lib.mkForce false; - serviceConfig.ReadWritePaths = [ storageMount ]; - environment.VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHENTIK_CLIENTSECRET_FILE = "%d/VIKUNJA_AUTH_OPENID_PROVIDERS_AUTHENTIK_CLIENTSECRET_FILE"; - unitConfig = { - RequiresMountsFor = [ storageMount ]; - }; - }; - systemd.tmpfiles.settings."10-vikunja".${storageMount}.d = { - user = user; - group = user; - mode = "0700"; - }; -} diff --git a/nki-personal-do/writefreely.nix b/nki-personal-do/writefreely.nix index 9072df2..ce89430 100644 --- a/nki-personal-do/writefreely.nix +++ b/nki-personal-do/writefreely.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: +{ config, pkgs, lib, ... }: with lib; let host = "blog.dtth.ch"; @@ -16,9 +11,7 @@ in # traefik cloud.traefik.hosts.writefreely-dtth = { inherit host port; }; - sops.secrets."writefreely-oauth-secret" = { - owner = user; - }; + sops.secrets."writefreely-oauth-secret" = { owner = user; }; users.users.${user} = { isSystemUser = true; @@ -72,18 +65,16 @@ in tokenEndpoint = "/application/o/token/"; inspectEndpoint = "/application/o/userinfo/"; authEndpoint = "/application/o/authorize/"; - scopes = [ - "email" - "openid" - "profile" - ]; + scopes = [ "email" "openid" "profile" ]; mapUserId = "nickname"; mapUsername = "preferred_username"; mapDisplayName = "name"; }; + database.type = "sqlite3"; admin.name = "nki"; }; } + diff --git a/nki-personal-do/writefreely/module.nix b/nki-personal-do/writefreely/module.nix index b7f33ae..9ffb339 100644 --- a/nki-personal-do/writefreely/module.nix +++ b/nki-personal-do/writefreely/module.nix @@ -1,36 +1,21 @@ -{ - config, - lib, - pkgs, - ... -}: +{ config, lib, pkgs, ... }: let inherit (builtins) toString; - inherit (lib) - types - mkIf - mkOption - mkDefault - ; - inherit (lib) - optional - optionals - optionalAttrs - optionalString - ; + inherit (lib) types mkIf mkOption mkDefault; + inherit (lib) optional optionals optionalAttrs optionalString; inherit (pkgs) sqlite; format = pkgs.formats.ini { - mkKeyValue = - key: value: + mkKeyValue = key: value: let - value' = lib.optionalString (value != null) ( - if builtins.isBool value then if value == true then "true" else "false" else toString value - ); - in - "${key} = ${value'}"; + value' = lib.optionalString (value != null) + (if builtins.isBool value then + if value == true then "true" else "false" + else + toString value); + in "${key} = ${value'}"; }; cfg = config.nki.services.writefreely; @@ -46,58 +31,49 @@ let host = cfg.settings.app.host or "${hostProtocol}://${cfg.host}"; }; - database = - if cfg.database.type == "sqlite3" then - { - type = "sqlite3"; - filename = cfg.settings.database.filename or "writefreely.db"; - database = cfg.database.name; - } - else - { - type = "mysql"; - username = cfg.database.user; - password = "#dbpass#"; - database = cfg.database.name; - host = cfg.database.host; - port = cfg.database.port; - tls = cfg.database.tls; - }; + database = if cfg.database.type == "sqlite3" then { + type = "sqlite3"; + filename = cfg.settings.database.filename or "writefreely.db"; + database = cfg.database.name; + } else { + type = "mysql"; + username = cfg.database.user; + password = "#dbpass#"; + database = cfg.database.name; + host = cfg.database.host; + port = cfg.database.port; + tls = cfg.database.tls; + }; server = cfg.settings.server or { } // { bind = cfg.settings.server.bind or "localhost"; gopher_port = cfg.settings.server.gopher_port or 0; autocert = !cfg.nginx.enable && cfg.acme.enable; - templates_parent_dir = cfg.settings.server.templates_parent_dir or cfg.package.src; + templates_parent_dir = + cfg.settings.server.templates_parent_dir or cfg.package.src; static_parent_dir = cfg.settings.server.static_parent_dir or assets; - pages_parent_dir = cfg.settings.server.pages_parent_dir or cfg.package.src; + pages_parent_dir = + cfg.settings.server.pages_parent_dir or cfg.package.src; keys_parent_dir = cfg.settings.server.keys_parent_dir or cfg.stateDir; }; - "oauth.generic" = - cfg.settings."oauth.generic" or { } - // ( - if cfg.oauth.enable then - { - client_id = cfg.oauth.clientId; - client_secret = "#oauth_client_secret#"; - host = cfg.oauth.host; - display_name = cfg.oauth.displayName; - callback_proxy = cfg.oauth.callbackProxy; - callback_proxy_api = cfg.oauth.callbackProxyApi; - token_endpoint = cfg.oauth.tokenEndpoint; - inspect_endpoint = cfg.oauth.inspectEndpoint; - auth_endpoint = cfg.oauth.authEndpoint; - scope = lib.concatStringsSep " " cfg.oauth.scopes; - allow_disconnect = cfg.oauth.allowDisconnect; - map_user_id = cfg.oauth.mapUserId; - map_username = cfg.oauth.mapUsername; - map_display_name = cfg.oauth.mapDisplayName; - map_email = cfg.oauth.mapEmail; - } - else - { } - ); + "oauth.generic" = cfg.settings."oauth.generic" or { } // (if cfg.oauth.enable then { + client_id = cfg.oauth.clientId; + client_secret = "#oauth_client_secret#"; + host = cfg.oauth.host; + display_name = cfg.oauth.displayName; + callback_proxy = cfg.oauth.callbackProxy; + callback_proxy_api = cfg.oauth.callbackProxyApi; + token_endpoint = cfg.oauth.tokenEndpoint; + inspect_endpoint = cfg.oauth.inspectEndpoint; + auth_endpoint = cfg.oauth.authEndpoint; + scope = lib.concatStringsSep " " cfg.oauth.scopes; + allow_disconnect = cfg.oauth.allowDisconnect; + map_user_id = cfg.oauth.mapUserId; + map_username = cfg.oauth.mapUsername; + map_display_name = cfg.oauth.mapDisplayName; + map_email = cfg.oauth.mapEmail; + } else { }); }; configFile = format.generate "config.ini" settings; @@ -128,9 +104,13 @@ let withConfigFile = text: '' db_pass=${ - optionalString (cfg.database.passwordFile != null) "$(head -n1 ${cfg.database.passwordFile})" + optionalString (cfg.database.passwordFile != null) + "$(head -n1 ${cfg.database.passwordFile})" + } + oauth_client_secret=${ + optionalString cfg.oauth.enable + "$(head -n1 ${cfg.oauth.clientSecretFile})" } - oauth_client_secret=${optionalString cfg.oauth.enable "$(head -n1 ${cfg.oauth.clientSecretFile})"} cp -f ${configFile} '${cfg.stateDir}/config.ini' sed -e "s,#dbpass#,$db_pass,g" -i '${cfg.stateDir}/config.ini' @@ -140,8 +120,7 @@ let ${text} ''; - withMysql = - text: + withMysql = text: withConfigFile '' query () { local result=$(${config.services.mysql.package}/bin/mysql \ @@ -160,8 +139,7 @@ let ${text} ''; - withSqlite = - text: + withSqlite = text: withConfigFile '' query () { local result=$(${sqlite}/bin/sqlite3 \ @@ -174,10 +152,10 @@ let ${text} ''; -in -{ +in { options.nki.services.writefreely = { - enable = lib.mkEnableOption "Writefreely, build a digital writing community"; + enable = + lib.mkEnableOption "Writefreely, build a digital writing community"; package = lib.mkOption { type = lib.types.package; @@ -245,10 +223,7 @@ in database = { type = mkOption { - type = types.enum [ - "sqlite3" - "mysql" - ]; + type = types.enum [ "sqlite3" "mysql" ]; default = "sqlite3"; description = "The database provider to use."; }; @@ -441,11 +416,13 @@ in } { assertion = isMysqlLocal -> cfg.database.passwordFile != null; - message = "services.writefreely.database.passwordFile must be set if services.writefreely.database.createLocally is set to true"; + message = + "services.writefreely.database.passwordFile must be set if services.writefreely.database.createLocally is set to true"; } { assertion = isSqlite -> !cfg.database.createLocally; - message = "services.writefreely.database.createLocally has no use when services.writefreely.database.type is set to sqlite3"; + message = + "services.writefreely.database.createLocally has no use when services.writefreely.database.type is set to sqlite3"; } ]; @@ -458,7 +435,8 @@ in }; }; - groups = optionalAttrs (cfg.group == "writefreely") { writefreely = { }; }; + groups = + optionalAttrs (cfg.group == "writefreely") { writefreely = { }; }; }; systemd.tmpfiles.settings."10-writefreely".${cfg.stateDir}.d = { @@ -467,8 +445,7 @@ in }; systemd.services.writefreely = { - after = - [ "network.target" ] + after = [ "network.target" ] ++ optional isSqlite "writefreely-sqlite-init.service" ++ optional isMysql "writefreely-mysql-init.service" ++ optional isMysqlLocal "mysql.service"; @@ -481,8 +458,10 @@ in WorkingDirectory = cfg.stateDir; Restart = "always"; RestartSec = 20; - ExecStart = "${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' serve"; - AmbientCapabilities = optionalString (settings.server.port < 1024) "cap_net_bind_service"; + ExecStart = + "${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' serve"; + AmbientCapabilities = + optionalString (settings.server.port < 1024) "cap_net_bind_service"; }; preStart = '' @@ -506,32 +485,31 @@ in User = cfg.user; Group = cfg.group; WorkingDirectory = cfg.stateDir; - ReadOnlyPaths = optional (cfg.admin.initialPasswordFile != null) cfg.admin.initialPasswordFile; + ReadOnlyPaths = optional (cfg.admin.initialPasswordFile != null) + cfg.admin.initialPasswordFile; }; - script = - let - migrateDatabase = optionalString cfg.database.migrate '' - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate - ''; - - createAdmin = optionalString (cfg.admin.name != null) '' - if [[ $(query "SELECT COUNT(*) FROM users") == 0 ]]; then - admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile}) - - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass - fi - ''; - in - withSqlite '' - if ! test -f '${settings.database.filename}'; then - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init - fi - - ${migrateDatabase} - - ${createAdmin} + script = let + migrateDatabase = optionalString cfg.database.migrate '' + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate ''; + + createAdmin = optionalString (cfg.admin.name != null) '' + if [[ $(query "SELECT COUNT(*) FROM users") == 0 ]]; then + admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile}) + + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass + fi + ''; + in withSqlite '' + if ! test -f '${settings.database.filename}'; then + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init + fi + + ${migrateDatabase} + + ${createAdmin} + ''; }; systemd.services.writefreely-mysql-init = mkIf isMysql { @@ -543,61 +521,57 @@ in User = cfg.user; Group = cfg.group; WorkingDirectory = cfg.stateDir; - ReadOnlyPaths = - optional isMysqlLocal cfg.database.passwordFile - ++ optional (cfg.admin.initialPasswordFile != null) cfg.admin.initialPasswordFile; + ReadOnlyPaths = optional isMysqlLocal cfg.database.passwordFile + ++ optional (cfg.admin.initialPasswordFile != null) + cfg.admin.initialPasswordFile; }; - script = - let - updateUser = optionalString isMysqlLocal '' - # WriteFreely currently *requires* a password for authentication, so we - # need to update the user in MySQL accordingly. By default MySQL users - # authenticate with auth_socket or unix_socket. - # See: https://github.com/writefreely/writefreely/issues/568 - ${config.services.mysql.package}/bin/mysql --skip-column-names --execute "ALTER USER '${cfg.database.user}'@'localhost' IDENTIFIED VIA unix_socket OR mysql_native_password USING PASSWORD('$db_pass'); FLUSH PRIVILEGES;" - ''; - - migrateDatabase = optionalString cfg.database.migrate '' - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate - ''; - - createAdmin = optionalString (cfg.admin.name != null) '' - if [[ $(query 'SELECT COUNT(*) FROM users') == 0 ]]; then - admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile}) - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass - fi - ''; - in - withMysql '' - ${updateUser} - - if [[ $(query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '${cfg.database.name}'") == 0 ]]; then - ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init - fi - - ${migrateDatabase} - - ${createAdmin} + script = let + updateUser = optionalString isMysqlLocal '' + # WriteFreely currently *requires* a password for authentication, so we + # need to update the user in MySQL accordingly. By default MySQL users + # authenticate with auth_socket or unix_socket. + # See: https://github.com/writefreely/writefreely/issues/568 + ${config.services.mysql.package}/bin/mysql --skip-column-names --execute "ALTER USER '${cfg.database.user}'@'localhost' IDENTIFIED VIA unix_socket OR mysql_native_password USING PASSWORD('$db_pass'); FLUSH PRIVILEGES;" ''; + + migrateDatabase = optionalString cfg.database.migrate '' + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db migrate + ''; + + createAdmin = optionalString (cfg.admin.name != null) '' + if [[ $(query 'SELECT COUNT(*) FROM users') == 0 ]]; then + admin_pass=$(head -n1 ${cfg.admin.initialPasswordFile}) + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' --create-admin ${cfg.admin.name}:$admin_pass + fi + ''; + in withMysql '' + ${updateUser} + + if [[ $(query "SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '${cfg.database.name}'") == 0 ]]; then + ${cfg.package}/bin/writefreely -c '${cfg.stateDir}/config.ini' db init + fi + + ${migrateDatabase} + + ${createAdmin} + ''; }; services.mysql = mkIf isMysqlLocal { enable = true; package = mkDefault pkgs.mariadb; ensureDatabases = [ cfg.database.name ]; - ensureUsers = [ - { - name = cfg.database.user; - ensurePermissions = { - "${cfg.database.name}.*" = "ALL PRIVILEGES"; - # WriteFreely requires the use of passwords, so we need permissions - # to `ALTER` the user to add password support and also to reload - # permissions so they can be used. - "*.*" = "CREATE USER, RELOAD"; - }; - } - ]; + ensureUsers = [{ + name = cfg.database.user; + ensurePermissions = { + "${cfg.database.name}.*" = "ALL PRIVILEGES"; + # WriteFreely requires the use of passwords, so we need permissions + # to `ALTER` the user to add password support and also to reload + # permissions so they can be used. + "*.*" = "CREATE USER, RELOAD"; + }; + }]; }; services.nginx = lib.mkIf cfg.nginx.enable { diff --git a/nki-x1c1/configuration.nix b/nki-x1c1/configuration.nix index 731032f..43d62e5 100644 --- a/nki-x1c1/configuration.nix +++ b/nki-x1c1/configuration.nix @@ -5,14 +5,15 @@ { config, pkgs, ... }: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Some PAM stuff - ../modules/services/swaylock.nix - ]; + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Fonts + ../modules/personal/fonts + # Some PAM stuff + ../modules/services/swaylock.nix + ]; # Use the latest kernel boot.kernelPackages = pkgs.linuxPackages_latest; @@ -53,6 +54,7 @@ services.xserver.enable = true; services.xserver.autorun = false; + # Enable the Plasma 5 Desktop Environment. # services.xserver.displayManager.sddm.enable = true; # services.xserver.desktopManager.plasma5.enable = true; @@ -63,18 +65,13 @@ fi ''; + # Configure keymap in X11 # services.xserver.layout = "us"; # services.xserver.xkbOptions = "eurosign:e"; i18n.inputMethod.enabled = "ibus"; - i18n.inputMethod.ibus.engines = ( - with pkgs.ibus-engines; - [ - bamboo - mozc - libpinyin - ] - ); + i18n.inputMethod.ibus.engines = (with pkgs.ibus-engines; [ bamboo mozc libpinyin ]); + # Enable CUPS to print documents. # services.printing.enable = true; diff --git a/nki-x1c1/hardware-configuration.nix b/nki-x1c1/hardware-configuration.nix index 9931e88..d20fa3c 100644 --- a/nki-x1c1/hardware-configuration.nix +++ b/nki-x1c1/hardware-configuration.nix @@ -1,47 +1,41 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: +{ config, lib, pkgs, modulesPath, ... }: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ehci_pci" - "ahci" - "usb_storage" - "sd_mod" - "sdhci_pci" - ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/bc8b0807-c3d6-4893-bcc2-02f059a51a80"; - fsType = "ext4"; - }; + fileSystems."/" = + { + device = "/dev/disk/by-uuid/bc8b0807-c3d6-4893-bcc2-02f059a51a80"; + fsType = "ext4"; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/885D-D058"; - fsType = "vfat"; - }; + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/885D-D058"; + fsType = "vfat"; + }; - fileSystems."/home" = { - device = "/dev/disk/by-uuid/a981870f-db1d-4441-81da-f1bab1ecc37c"; - fsType = "btrfs"; - }; + fileSystems."/home" = + { + device = "/dev/disk/by-uuid/a981870f-db1d-4441-81da-f1bab1ecc37c"; + fsType = "btrfs"; + }; - swapDevices = [ { device = "/dev/disk/by-uuid/2694d189-2ff6-4719-a449-367c52ed3ad6"; } ]; + swapDevices = + [{ device = "/dev/disk/by-uuid/2694d189-2ff6-4719-a449-367c52ed3ad6"; }]; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + hardware.opengl.enable = true; } diff --git a/nki-yoga-g8/configuration.nix b/nki-yoga-g8/configuration.nix index 07cd4bf..5f31ae5 100644 --- a/nki-yoga-g8/configuration.nix +++ b/nki-yoga-g8/configuration.nix @@ -2,38 +2,20 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # Fonts - ../modules/personal/fonts - # Encrypted DNS - ../modules/services/edns - ]; + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Fonts + ../modules/personal/fonts + # Encrypted DNS + ../modules/services/edns + ]; - # Secrets - common.linux.sops.enable = true; - common.linux.sops.file = ./secrets.yaml; - - # Build farm - sops.secrets."nix-build-farm/private-key" = { - mode = "0400"; - }; - services.nix-build-farm.hostname = "yoga"; - services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path; - - ## tinc - sops.secrets."tinc-private-key" = { }; - services.my-tinc = { - enable = true; - hostName = "yoga"; - ed25519PrivateKey = config.sops.secrets."tinc-private-key".path; - }; - - services.desktopManager.plasma6.enable = true; + services.xserver.desktopManager.plasma6.enable = true; # Power Management services.upower = { @@ -71,7 +53,7 @@ services.printing.drivers = with pkgs; [ epfl-cups-drivers ]; # Enable touchpad support (enabled default in most desktopManager). - services.libinput.enable = true; + services.xserver.libinput.enable = true; # Keyboard services.input-remapper.enable = true; services.input-remapper.serviceWantedBy = [ "multi-user.target" ]; @@ -108,15 +90,6 @@ security.pam.services.swaylock.fprintAuth = true; security.pam.services.login.fprintAuth = true; - users.users.kannaaa3 = { - isNormalUser = true; - extraGroups = [ ]; - openssh.authorizedKeys.keys = [ - ''ssh-rsa AAAB3NzaC1yc2EAAAADAQABAAACAQDjuBvHgNnIK6SuihcBWyLHhRpWOg6gGJuoMFhhZYWbyWJDSxUtyZyjDtGXVynDxlmRESyJSk8zFi22HMutVP6CkXGMVwkYRO9c45FvPAsnQh99I/YAlWGQpCHDLKm2FumCZ44GR9zm+Zc2jIYx/StmHl+B+Y/eSRtTIf+WelQorE2l8vUecbTwt2mKzEuDbtSP07Tz1bSbY5nRgnZznbmDGrc5ckTpQBdvun2oWlvh8TM8EXcZtYCl+36mym2LOQiIj4V38kLvQ/sACA8O9kL9stN0TfVg7dl6f8zu5no6EBVd97Oh7ywmbtsbbjwBcmMPaJavGmBBkBjadUvlvpZyJASsm0MITH38SkTUUsYH3BGeFr+h1Aaoce1fD8xIQcK2EYTQHHqJEd/J8wKjiJHxt29+i/6m+4W1wzZNb03Oj/g1N57rWmjaU286Kse2Twftzvkencr7Dc41YTip1VfYRfSPpimlhe2qNGbn4V7U6/MPoHvta7n/3X/LSWy6kvsFCHF2EMi67do6r2w3aE4d6Qh9ViFPhTxbayq5GIxDSWjzOclp0GIw41ZtkTaT2o7KXkA0FUu+d9xrlcAmfzWOj1D3rUAts3U8mFtdIVhmNv+WR5QaBOs8zVvcfY3HuZvO66ttP2QeIZEHpLFg+20huqxc9Mk0C3lBXxzBfj9O7Q== cin@cin-2410'' - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEtKxChFFrNRfkEHm59gHSXOpTyXYNUaDTQ/CYzNwMpe cinnabar1337@gmail.com" - ]; - }; - # Secrets # sops.defaultSopsFile = ./secrets.yaml; # sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; @@ -151,3 +124,4 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.05"; # Did you read the comment? } + diff --git a/nki-yoga-g8/hardware-configuration.nix b/nki-yoga-g8/hardware-configuration.nix index 74fc03a..f45b630 100644 --- a/nki-yoga-g8/hardware-configuration.nix +++ b/nki-yoga-g8/hardware-configuration.nix @@ -1,24 +1,15 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: +{ config, lib, pkgs, modulesPath, ... }: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "thunderbolt" - "nvme" - ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; @@ -28,10 +19,11 @@ "resume_offset=9731998" # btrfs inspect-internal map-swapfile -r /var/swapfile ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/b32d27bf-9df6-43c1-8b93-c0693811bf5b"; - fsType = "btrfs"; - }; + fileSystems."/" = + { + device = "/dev/disk/by-uuid/b32d27bf-9df6-43c1-8b93-c0693811bf5b"; + fsType = "btrfs"; + }; services.btrfs.autoScrub = { enable = true; interval = "monthly"; @@ -39,17 +31,14 @@ common.linux.luksDevices."nixroot" = "/dev/disk/by-uuid/09114015-79bc-4a40-bf60-b4022e969acb"; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/E820-D6C7"; - fsType = "vfat"; - }; + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/E820-D6C7"; + fsType = "vfat"; + }; swapDevices = [ - { - device = "/var/swapfile"; - size = 32 * 1024; - priority = 10; - } + { device = "/var/swapfile"; size = 32 * 1024; priority = 10; } ]; boot.blacklistedKernelModules = [ diff --git a/nki-yoga-g8/secrets.yaml b/nki-yoga-g8/secrets.yaml deleted file mode 100644 index 521434f..0000000 --- a/nki-yoga-g8/secrets.yaml +++ /dev/null @@ -1,32 +0,0 @@ -tinc-private-key: ENC[AES256_GCM,data:lzmisexQPfRlIMGqbmb+uqGtOPceQ3CJGlVOeOC6nbP/IDwkufSWtxugYmUwi9IJKwO0mldijiKWuG3p9005H++8567hhPy/bU7fA4vyVC+3UVGW6l0mE+yKQXTyI7kzxkXMCK5a4Q4rUJj544vU6pt75/mytfg+Cox2woGZAHZvJ/pRuHDe2t3R6w3EYYTu6x1w5azGnFvCOVdR6XPsGJA2p3oRnEpz64L7KD2QOdtm0YsfMnorH9FbvkZgNr927VbRnBRJ1QM=,iv:4K4w6ruQxtRGjmFnWszlXZKp36TuTTnrB0sDEE/tmrM=,tag:NBP897Sw84bvZTvo/+fVfA==,type:str] -nix-build-farm: - private-key: ENC[AES256_GCM,data:etqFl2T2atN2djxqktFRtrTGqsC61A+ZUd2yS0PLm5KPO2s2/k6XqQGac9rUWP86C1YGpTJhUMzYuOPGW4yNc0YmoeHVslxBR7nX8pubXabZNdB2YMm/yAgsdeeflo4slbxJ6+00eH0iCrtWcHtWbZafHnxojborZABOvCsODdx/ahJ4J9aHqf22cAqe9iJY3L0TgE+iazKS8OO+C/PTaQiV02NZjP8GajRMXzPVoYT7wz3u0t0q0m/t8FkhMIDl9QKL+kFUDeLEGoCBzR57JXLZiW1gJsRxbkP8hVIB3s4TQnhasxqQQlCJuqBSNFl/cGdBm/ADm/yi78VHQG7rUxUrFVDL4Aoidjp6GyoojLIEpdQjtlvC7RCLNpTibV6B71EB3obpjMmmIwfoDLT4jEWhXNx3b8DnMoa0Qh4ba+HBJf+XKA93B0qOJWwJzj4qH9uqBK3xPOGTkqQMmd9M1HYrStTcI/JUX0WvEMwk8xI8MZN/TsLij4w5i6NCwSqa8Dn2lyLK0BGp5C8RT8R4k6U2ieyY6lmxsGIe,iv:703rM/FQz65upd1JWTHNsjAXh2BeoknkALShKuHUsis=,tag:yAB6KJqpm1mOFT5GzKRPBw==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1vhjhmxura35apu5zdwg5ur5r40xay45ld9szh07dy0ph9chgsu7shfm4h9 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBseVN3ODV1YkZnNms0Y09l - dUFBK1EyOTEydWg5KzAwcjZVSG8yYlRDWlhRCklLS2ZJNlBvSlEyOGF2ZFg2UGVW - UC9LN0hxdmtGN3JlOWJaTU5hbGwvc2MKLS0tIGM1NGZxd1NoTXNacEJqMVlsbTdi - MytuNUNydmJYWFYyQk9DaHVuVk85cjAKScucMPO8pyMlSxFw09NqzqVmDYVEh5xT - 4fSTAsMwIiuOyV7jvHYORxKWNMLr5t6fnj8+OFq5qUc//jNWf9pVuA== - -----END AGE ENCRYPTED FILE----- - - recipient: age1axvjllyv2gutngwmp3pvp4xtq2gqneldaq2c4nrzmaye0uwmk9lqsealdv - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYNXp6MWZGb2dGdW1ML2xq - ZWMvSVdWalQ5Z2NzTWd3Z1AweXlXZnRwUWtRCkY1VFhPS0NtbFZKU0VCMlAvSmhG - N2NmdWxTUEpMb05Ld3p6MzhhRkdBc3cKLS0tIGQ0TmFxdk1GV205azRzZ0hUWitj - eitNc1E2SzY5bkUxNWtNczRsWWJaU2MKUIu9GT7zu0MvvnXxiQfLW9pQcxFKOwPm - VRU2k3XQkYjSDZX29DxrOzaPS/L3OYNyBYMyOW8GyMa2V12lMH6lPQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-16T14:17:07Z" - mac: ENC[AES256_GCM,data:qrMyVDLhtK4URqrHFBx+08PMrFyfib4iH0y7iAeVB/oFGazjm3O5MeS9fNYJeONghuelux69nh2FRfSJHG/moEBcWlL68R4xbCb4he528P+n7mQnR54BNFJdT2oOra4bqO9n/4m2UA8jmA0veoqSrZUVjnmjftqOedjnRESY1L8=,iv:jql79ItwPcJg/nnbsUywOzWz/UJy0ZpY04pvEF290c4=,tag:XKrToym2dXdippnivoK1/Q==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/overlay.nix b/overlay.nix index d40fc5f..c6ae0d2 100644 --- a/overlay.nix +++ b/overlay.nix @@ -1,154 +1,91 @@ -{ nixpkgs, nixpkgs-unstable, ... }@inputs: +{ nixpkgs, nixpkgs-unstable, nur, ... }@inputs: let overlay-unstable = final: prev: { - stable = import nixpkgs { - config.allowUnfree = true; - system = prev.system; - }; - unstable = import nixpkgs-unstable { - config.allowUnfree = true; - system = prev.system; - }; - x86 = import nixpkgs-unstable { - system = prev.system; - config.allowUnsupportedSystem = true; - }; + unstable = import nixpkgs-unstable { config.allowUnfree = true; system = prev.system; }; + x86 = import nixpkgs-unstable { system = prev.system; config.allowUnsupportedSystem = true; }; }; overlay-needs-unstable = final: prev: { # Typst updates really quickly. typst = final.unstable.typst; typst-lsp = final.unstable.typst-lsp; - # Update to v7 beforehand - peertube = - assert (builtins.compareVersions prev.peertube.version "7.0.1" <= 0); - final.unstable.peertube; + + # Until 0.35 is in + kitty = final.unstable.kitty; }; overlay-imported = final: prev: { - # sway = prev.sway.override { sway-unwrapped = final.swayfx-unwrapped; }; + sway = prev.sway.override { sway-unwrapped = final.swayfx-unwrapped; }; deploy-rs = inputs.deploy-rs.packages.default; dtth-phanpy = inputs.dtth-phanpy.packages.${final.system}.default; matrix-conduit = inputs.conduit.packages.${final.system}.default; - youmubot = inputs.youmubot.packages.${final.system}.youmubot; # A list of source-style inputs. sources = final.lib.attrsets.filterAttrs (name: f: !(builtins.hasAttr "outputs" f)) inputs; }; overlay-versioning = final: prev: { + gotosocial = prev.gotosocial.overrideAttrs (attrs: rec { + version = "0.16.0"; + ldflags = [ + "-s" + "-w" + "-X main.Version=${version}" + ]; + doCheck = false; + + web-assets = final.fetchurl { + url = "https://github.com/superseriousbusiness/gotosocial/releases/download/v${version}/gotosocial_${version}_web-assets.tar.gz"; + hash = "sha256-aZQpd5KvoZvXEMVzGbWrtGsc+P1JStjZ6U5mX6q7Vb0="; + }; + src = final.fetchFromGitHub { + owner = "superseriousbusiness"; + repo = "gotosocial"; + rev = "v${version}"; + hash = "sha256-QoG09+jmq5e5vxDVtkhY35098W/9B1HsYTuUnz43LV4="; + }; + postInstall = '' + tar xf ${web-assets} + mkdir -p $out/share/gotosocial + mv web $out/share/gotosocial/ + ''; + }); input-remapper = final.unstable.input-remapper; - kakoune-unwrapped = prev.kakoune-unwrapped.overrideAttrs (attrs: { - version = "r${builtins.substring 0 6 inputs.kakoune.rev}"; - src = inputs.kakoune; - patches = [ - # patches in the original package was already applied + kakoune-unwrapped = + prev.kakoune-unwrapped.overrideAttrs (attrs: { + version = "r${builtins.substring 0 6 inputs.kakoune.rev}"; + src = inputs.kakoune; + patches = [ + # patches in the original package was already applied + ]; + }); + + swayfx-unwrapped = prev.swayfx-unwrapped.overrideAttrs (attrs: { + patches = (attrs.patches or [ ]) ++ [ + (final.fetchurl { + url = "https://patch-diff.githubusercontent.com/raw/WillPower3309/swayfx/pull/315.patch"; + hash = "sha256-zamOLHUjlzRs8PytPTAzEsdzgVtK+HVziHgrhwPcB+E="; + }) ]; }); - librewolf = ( - prev.librewolf.override { - nativeMessagingHosts = with final; [ kdePackages.plasma-browser-integration ]; - } - ); - - vikunja = - # builtins.seq - # (final.lib.assertMsg (prev.vikunja.version == "0.24.5") "Vikunja probably doesn't need custom versions anymore") - (final.callPackage ./packages/common/vikunja.nix { }); - - luminance = prev.luminance.overrideAttrs (attrs: { - nativeBuildInputs = attrs.nativeBuildInputs ++ [ final.wrapGAppsHook ]; - buildInputs = attrs.buildInputs ++ [ final.glib ]; - postInstall = - attrs.postInstall - + '' - glib-compile-schemas $out/share/glib-2.0/schemas - ''; + librewolf = (prev.librewolf.override { + nativeMessagingHosts = with final; [ kdePackages.plasma-browser-integration ]; }); - vesktop = prev.vesktop.overrideAttrs (attrs: { - postFixup = - let - flagToReplace = - if final.lib.hasInfix "--enable-wayland-ime=true" attrs.postFixup then - "--enable-wayland-ime=true" - else - "--enable-wayland-ime"; - in - builtins.replaceStrings - [ "NIXOS_OZONE_WL" flagToReplace ] - [ "WAYLAND_DISPLAY" "${flagToReplace} --wayland-text-input-version=3" ] - attrs.postFixup; - }); - - rofi-wayland-unwrapped = - assert final.lib.assertMsg - (builtins.compareVersions prev.rofi-wayland-unwrapped.version "1.7.8+wayland1" <= 0) - "We only need this for https://github.com/lbonn/rofi/commit/f2f22e7edc635f7e4022afcf81a411776268c1c3. Use upstream package instead"; - if prev.rofi-wayland-unwrapped.version == "1.7.8+wayland1" then - prev.rofi-wayland-unwrapped.overrideAttrs (prev: { - src = final.fetchFromGitHub { - owner = "lbonn"; - repo = "rofi"; - rev = "3bec3fac59394a475d162e72d5be2fb042115274"; - fetchSubmodules = true; - hash = "sha256-xkf5HWXvzanT9tCDHbVpgUAmQlqmrPMlnv6MbcN0k9E="; - }; + # Add desktop file to premid + premid = final.symlinkJoin { + name = prev.premid.name; + paths = [ + prev.premid + (final.makeDesktopItem { + name = prev.premid.name; + desktopName = "PreMID"; + exec = "${final.lib.getExe prev.premid} --no-sandbox %U"; + icon = "premid"; }) - else - prev.rofi-wayland-unwrapped; - - python312 = prev.python312.override { - packageOverrides = pfinal: pprev: { - langchain = - assert final.lib.assertMsg ( - pprev.langchain.version == "0.3.25" || pprev.langchain.version == "0.3.24-fix" - ) "Revert to 0.3.24 has been applied, remove overlay"; - pprev.langchain.overrideAttrs ( - afinal: aprev: { - version = "0.3.24-fix"; - src = final.fetchFromGitHub { - owner = "langchain-ai"; - repo = "langchain"; - tag = "langchain==${afinal.version}"; - hash = "sha256-Up/pH2TxLPiPO49oIa2ZlNeH3TyN9sZSlNsqOIRmlxc="; - }; - } - ); - }; + ]; }; - - open-webui = - assert final.lib.assertMsg ( - builtins.compareVersions prev.open-webui.version "0.6.9" == -1 - ) "open-webui >=0.6.9 is upstream, remove overlay to upgrade"; - prev.open-webui.overrideAttrs ( - afinal: aprev: { - version = "0.6.9"; - src = final.fetchFromGitHub { - owner = "open-webui"; - repo = "open-webui"; - rev = "v${afinal.version}"; - hash = "sha256-Eib5UpPPQHXHOBVWrsNH1eEJrF8Vx9XshGYUnnAehpM="; - }; - - makeWrapperArgs = [ "--set FRONTEND_BUILD_DIR ${afinal.passthru.frontend}/share/open-webui" ]; - - passthru.frontend = aprev.passthru.frontend.overrideAttrs ( - fafinal: faprev: { - src = afinal.src; - version = afinal.version; - npmDepsHash = "sha256-Vcc8ExET53EVtNUhb4JoxYIUWoQ++rVTpxUPgcZ+GNI="; - npmDeps = final.fetchNpmDeps { - inherit (fafinal) src; - name = "${fafinal.pname}-${fafinal.version}-npm-deps"; - hash = fafinal.npmDepsHash; - }; - } - ); - } - ); }; overlay-libs = final: prev: { @@ -156,48 +93,64 @@ let }; overlay-packages = final: prev: { - kak-tree-sitter = final.callPackage ./packages/common/kak-tree-sitter { - rustPlatform = final.unstable.rustPlatform; - }; + kak-tree-sitter = final.callPackage ./packages/common/kak-tree-sitter.nix { rustPlatform = final.unstable.rustPlatform; }; - kak-lsp = final.unstable.rustPlatform.buildRustPackage { - name = "kak-lsp"; - src = inputs.kak-lsp; - cargoLock.lockFile = "${inputs.kak-lsp}/Cargo.lock"; - buildInputs = [ final.libiconv ]; - - meta.mainProgram = "kak-lsp"; - }; - - zen-browser-bin = inputs.zen-browser.packages.${final.stdenv.system}.zen-browser.override { - inherit (inputs.zen-browser.packages.${final.stdenv.system}) zen-browser-unwrapped; - wrapFirefox = - opts: - final.wrapFirefox ( - opts - // { - nativeMessagingHosts = with final; [ kdePackages.plasma-browser-integration ]; - } - ); - # zen-browser-unwrapped = final.callPackage inputs.zen-browser.packages.${final.stdenv.system}.zen-browser-unwrapped.override { - # sources = inputs.zen-browser.inputs; - # }; - }; + kak-lsp = + let + src = inputs.kak-lsp; + cargoArtifacts = final.libs.crane.buildDepsOnly { inherit src; }; + in + final.libs.crane.buildPackage { + inherit src cargoArtifacts; + buildInputs = with final; [ libiconv ]; + }; }; + + overlay-aarch64-linux = final: prev: + let + optionalOverride = pkg: alt: + if prev.stdenv.isLinux && prev.stdenv.isAarch64 then alt else pkg; + in + { + # See https://github.com/sharkdp/fd/issues/1085 + fd = optionalOverride prev.fd (prev.fd.overrideAttrs (attrs: { + preBuild = '' + export JEMALLOC_SYS_WITH_LG_PAGE=16 + ''; + })); + # See https://www.reddit.com/r/AsahiLinux/comments/zqejue/kitty_not_working_with_mesaasahiedge/ + kitty = optionalOverride prev.kitty (final.writeShellApplication { + name = "kitty"; + runtimeInputs = [ ]; + text = '' + MESA_GL_VERSION_OVERRIDE=3.3 MESA_GLSL_VERSION_OVERRIDE=330 ${prev.kitty}/bin/kitty "$@" + ''; + }); + # Zotero does not have their own aarch64-linux build + zotero = optionalOverride prev.zotero (final.callPackage ./packages/aarch64-linux/zotero.nix { }); + # Typora for aarch64-linux only + typora = optionalOverride + (builtins.abort "no support for non-aarch64-linux") + (final.callPackage ./packages/aarch64-linux/typora.nix { }); + }; in [ + inputs.swayfx.overlays.default inputs.mpd-mpris.overlays.default - inputs.rust-overlay.overlays.default - inputs.niri.overlays.niri + inputs.youmubot.overlays.default + (import ./overlays/openrazer) overlay-unstable overlay-needs-unstable overlay-packages overlay-imported overlay-versioning overlay-libs + overlay-aarch64-linux + nur.overlay (import ./packages/common) # Bug fixes ] # we assign the overlay created before to the overlays of nixpkgs. + diff --git a/overlays/openrazer/default.nix b/overlays/openrazer/default.nix new file mode 100644 index 0000000..dfcff64 --- /dev/null +++ b/overlays/openrazer/default.nix @@ -0,0 +1,31 @@ +final: prev: +let + version = "3.3.0"; + src = final.fetchFromGitHub { + owner = "openrazer"; + repo = "openrazer"; + rev = "v${version}"; + sha256 = "sha256-lElE1nIiJ5fk2DupHu43tmxRjRsS5xeL1Yz/LuRlgtM="; + }; +in +rec +{ + openrazer-daemon = prev.openrazer-daemon.overrideAttrs (old: { + inherit src version; + }); + + python3 = prev.python3.override { + packageOverrides = self: super: { + openrazer-daemon = super.openrazer-daemon.overrideAttrs (old: { + inherit src version; + }); + }; + }; + python3Packages = python3.pkgs; + + linuxPackages_latest = prev.linuxPackages_latest.extend (self: super: { + openrazer = super.openrazer.overrideAttrs (old: { + inherit src version; + }); + }); +} diff --git a/packages/aarch64-linux/typora.nix b/packages/aarch64-linux/typora.nix index a6704a5..3b31db3 100644 --- a/packages/aarch64-linux/typora.nix +++ b/packages/aarch64-linux/typora.nix @@ -1,10 +1,4 @@ -{ - pkgs, - runCommand, - zstd, - lib, - buildFHSEnvChroot, -}: +{ pkgs, runCommand, zstd, lib, buildFHSEnvChroot }: let typora-tar = builtins.fetchurl { @@ -19,39 +13,35 @@ let in buildFHSEnvChroot { name = "typora"; - targetPkgs = - pkgs: - with pkgs; - [ - glib - nss - nspr - at-spi2-atk - cups - dbus - gtk3 - pango - cairo - mesa - expat - libdrm - libxkbcommon - alsa-lib - freefont_ttf - liberation_ttf - wayland - libglvnd - electron - ] - ++ (with pkgs.xorg; [ - libX11 - libXcomposite - libXdamage - libXext - libXfixes - libXrandr - libxcb - ]); + targetPkgs = pkgs: with pkgs; [ + glib + nss + nspr + at-spi2-atk + cups + dbus + gtk3 + pango + cairo + mesa + expat + libdrm + libxkbcommon + alsa-lib + freefont_ttf + liberation_ttf + wayland + libglvnd + electron + ] ++ (with pkgs.xorg; [ + libX11 + libXcomposite + libXdamage + libXext + libXfixes + libXrandr + libxcb + ]); extraBuildCommands = '' # ldd ${typora-src}/bin/Typora-linux-arm64/Typora && false ''; diff --git a/packages/aarch64-linux/zotero.nix b/packages/aarch64-linux/zotero.nix index 22bb4a5..43c08d7 100644 --- a/packages/aarch64-linux/zotero.nix +++ b/packages/aarch64-linux/zotero.nix @@ -1,10 +1,4 @@ -{ - pkgs, - runCommandLocal, - zstd, - lib, - buildFHSEnvChroot, -}: +{ pkgs, runCommandLocal, zstd, lib, buildFHSEnvChroot }: let zotero-tar = builtins.fetchurl { @@ -20,19 +14,7 @@ let in buildFHSEnvChroot { name = "zotero"; - targetPkgs = - pkgs: - with pkgs; - [ - gtk3 - dbus-glib - libstartup_notification - libpaper - ] - ++ (with pkgs.xorg; [ - libX11 - libXt - ]); + targetPkgs = pkgs: with pkgs; [ gtk3 dbus-glib libstartup_notification libpaper ] ++ (with pkgs.xorg; [ libX11 libXt ]); runScript = "env QT_SCALE_FACTOR=2 ${zotero-src}/usr/lib/zotero/zotero"; extraInstallCommands = '' diff --git a/packages/common/default.nix b/packages/common/default.nix index 4180a0b..be4ba2a 100644 --- a/packages/common/default.nix +++ b/packages/common/default.nix @@ -2,6 +2,4 @@ final: prev: { epfl-cups-drivers = final.callPackage ./epfl-cups-drivers { }; ttaenc = final.callPackage ./ttaenc.nix { }; suwako-cursors = final.callPackage ./suwako-cursors { }; - nki-kakoune = final.callPackage ./nki-kakoune { }; - gotosocial-dtth = final.callPackage ./gotosocial { }; } diff --git a/packages/common/epfl-cups-drivers/default.nix b/packages/common/epfl-cups-drivers/default.nix index f5b77a1..d811be0 100644 --- a/packages/common/epfl-cups-drivers/default.nix +++ b/packages/common/epfl-cups-drivers/default.nix @@ -1,6 +1,6 @@ -{ pkgs, runCommand, ... }: -runCommand "epfl-cups-drivers" { } '' +{ pkgs, runCommand, ... }: runCommand "epfl-cups-drivers" { } '' mkdir -p $out/share/cups/model cp ${./PPD-C5860-bw-EN.PPD} $out/share/cups/model cp ${./PPD-C5860-color-EN.PPD} $out/share/cups/model '' + diff --git a/packages/common/gotosocial/default.nix b/packages/common/gotosocial/default.nix deleted file mode 100644 index a399d68..0000000 --- a/packages/common/gotosocial/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ - gotosocial, - fetchurl, - fetchgit, - ... -}: -gotosocial.overrideAttrs ( - finalAttrs: prevAttrs: { - pname = "gotosocial-dtth"; - version = "0.19.1"; - ldflags = [ - "-s" - "-w" - "-X main.Version=${finalAttrs.version}" - ]; - doCheck = false; - web-assets = fetchurl { - url = "https://codeberg.org/superseriousbusiness/gotosocial/releases/download/v${finalAttrs.version}/gotosocial_${finalAttrs.version}_web-assets.tar.gz"; - hash = "sha256-UtxFm8ZSpIGXruBdanSF1lkA7Gs1FJNhoqzDTqSNYUM="; - }; - src = fetchgit { - url = "https://codeberg.org/superseriousbusiness/gotosocial.git"; - rev = "v${finalAttrs.version}"; - hash = "sha256-RhJRdRxTdbZwIAGD3gH0mjDfCvdS7xkRxcUd1ArsNoo="; - }; - } -) diff --git a/packages/common/kak-tree-sitter/default.nix b/packages/common/kak-tree-sitter.nix similarity index 64% rename from packages/common/kak-tree-sitter/default.nix rename to packages/common/kak-tree-sitter.nix index 0fcef3f..3e0c6a9 100644 --- a/packages/common/kak-tree-sitter/default.nix +++ b/packages/common/kak-tree-sitter.nix @@ -1,38 +1,20 @@ -{ - lib, - rustPlatform, - fetchFromSourcehut, - symlinkJoin, - clang, - git, - writeText, - ... -}: +{ lib, rustPlatform, fetchFromSourcehut, symlinkJoin, clang, git, writeText, ... }: let src = fetchFromSourcehut { owner = "~hadronized"; repo = "kak-tree-sitter"; - rev = "kak-tree-sitter-v1.1.3"; - hash = "sha256-vQZ+zQgwIw5ZBdIuMDD37rIdhe+WpNBmq0TciXBNiSU="; + rev = "kak-tree-sitter-v1.1.2"; + hash = "sha256-wBWfSyR8LGtug/mCD0bJ4lbdN3trIA/03AnCxZoEOSA="; }; kak-tree-sitter = rustPlatform.buildRustPackage { inherit src; pname = "kak-tree-sitter"; - version = "1.1.3"; - cargoLock.lockFile = "${src}/Cargo.lock"; + version = "1.1.2"; + cargoHash = "sha256-OQPUWqJAts8DbFNSsC/CmMCbuZ9TVxRTR05O7oiodKI="; + cargoBuildOptions = [ "--package" "kak-tree-sitter" "--package" "ktsctl" ]; - cargoBuildOptions = [ - "--package" - "kak-tree-sitter" - "--package" - "ktsctl" - ]; - - nativeBuildInputs = [ - clang - git - ]; + nativeBuildInputs = [ clang git ]; patches = [ # Allow absolute-path style repos @@ -49,12 +31,11 @@ let + .trim_start_matches(":/") + .trim_start_matches("/"), ); - + self.runtime_dir.join("sources").join(url_dir) '') ]; - - meta.mainProgram = "kak-tree-sitter"; }; in kak-tree-sitter + diff --git a/packages/common/nki-kakoune/default.nix b/packages/common/nki-kakoune/default.nix deleted file mode 100644 index a013a07..0000000 --- a/packages/common/nki-kakoune/default.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ - callPackage, - kakoune, - kakoune-unwrapped, - nki-kak-util ? callPackage ./utils.nix { }, - nki-kak-lsp ? callPackage ./lsp.nix { }, - nki-kak-rc ? callPackage ./rc.nix { }, - nki-kak-plugins ? callPackage ./plugins.nix { util = nki-kak-util; }, - nki-kak-kaktex ? callPackage ./kaktex { }, - nki-kak-themes ? callPackage ./themes.nix { }, - nki-kak-faces ? callPackage ./faces.nix { util = nki-kak-util; }, - ... -}: -(kakoune.override { - kakoune = kakoune-unwrapped; - plugins = - nki-kak-plugins - ++ nki-kak-themes - ++ [ - nki-kak-kaktex - nki-kak-faces - nki-kak-rc - nki-kak-lsp.plugin - ]; -}).overrideAttrs - (attrs: { - buildCommand = '' - ${attrs.buildCommand or ""} - # location of kak binary is used to find ../share/kak/autoload, - # unless explicitly overriden with KAKOUNE_RUNTIME - rm "$out/bin/kak" - makeWrapper "${kakoune-unwrapped}/bin/kak" "$out/bin/kak" \ - --set KAKOUNE_RUNTIME "$out/share/kak" \ - --suffix PATH ":" "${nki-kak-lsp.extraPaths}" - ''; - - passthru = { - lsp = nki-kak-lsp; - rc = nki-kak-rc; - plugins = nki-kak-plugins; - kaktex = nki-kak-kaktex; - themes = nki-kak-themes; - faces = nki-kak-faces; - util = nki-kak-util; - }; - }) diff --git a/packages/common/nki-kakoune/faces.nix b/packages/common/nki-kakoune/faces.nix deleted file mode 100644 index 8a3ff87..0000000 --- a/packages/common/nki-kakoune/faces.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ - callPackage, - utils ? callPackage ./utils.nix { }, - ... -}: -let - faces = { - Default = "%opt{text},%opt{base}"; - BufferPadding = "%opt{base},%opt{base}"; - MenuForeground = "%opt{blue},white+bF"; - MenuBackground = "%opt{sky},white+F"; - Information = "%opt{sky},white"; - # Markdown help color scheme - InfoDefault = "Information"; - InfoBlock = "@block"; - InfoBlockQuote = "+i@block"; - InfoBullet = "@bullet"; - InfoHeader = "@header"; - InfoLink = "@link"; - InfoLinkMono = "+b@mono"; - InfoMono = "@mono"; - InfoRule = "+b@Information"; - InfoDiagnosticError = "@DiagnosticError"; - InfoDiagnosticHint = "@DiagnosticHint"; - InfoDiagnosticInformation = "@Information"; - InfoDiagnosticWarning = "@DiagnosticWarning"; - # Extra faces - macro = "+u@function"; - method = "@function"; - format_specifier = "+i@string"; - mutable_variable = "+i@variable"; - class = "+b@variable"; - }; -in -utils.mkFacesScript "default-faces" faces diff --git a/packages/common/nki-kakoune/kaktex/default.nix b/packages/common/nki-kakoune/kaktex/default.nix deleted file mode 100644 index 3f6aa9c..0000000 --- a/packages/common/nki-kakoune/kaktex/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - fish, - lib, - writeScript, - writeTextDir, - kakouneUtils, - ... -}: -let - kaktex-script = writeScript "kaktex" '' - #!/usr/bin/env ${lib.getExe fish} - - ${builtins.readFile ./kaktex.fish} - ''; - kaktex = writeTextDir "kaktex.kak" '' - hook global WinSetOption filetype=(tex|latex) %{ - hook window WinDisplay '.*' %{ - eval %sh{ - ${kaktex-script} set $kak_client $kak_session - } - } - } - ''; -in -kakouneUtils.buildKakounePluginFrom2Nix { - pname = "kaktex"; - version = "latest"; - src = kaktex; -} diff --git a/packages/common/nki-kakoune/lsp.nix b/packages/common/nki-kakoune/lsp.nix deleted file mode 100644 index ff23dd3..0000000 --- a/packages/common/nki-kakoune/lsp.nix +++ /dev/null @@ -1,616 +0,0 @@ -{ - lib, - writeTextDir, - formats, - kak-lsp, - # LSP packages - ccls, - gopls, - nil, - nixfmt-rfc-style, - python311Packages, - ltex-ls, - nodePackages, - tailwindcss-language-server, - fsautocomplete, - metals, - texlab, - tinymist, - marksman, - templ, - rust-analyzer, - overrideConfig ? (baseConfig: baseConfig), - extraSetup ? "", - ... -}: -let - # Configuration for kak-lsp - config = - let - baseConfig = { - languageIDs = { - c = "c_cpp"; - cpp = "c_cpp"; - javascript = "javascriptreact"; - typescript = "typescriptreact"; - protobuf = "proto"; - sh = "shellscript"; - }; - - languageServers = - let - vscodeServerWith = - { - name, - extraFileTypes ? [ ], - }: - { - name = "vscode-${name}-language-server"; - value = { - args = [ "--stdio" ]; - command = "vscode-${name}-language-server"; - filetypes = [ name ] ++ extraFileTypes; - roots = [ - "package.json" - ".git" - ]; - package = nodePackages.vscode-langservers-extracted; - }; - }; - in - { - ccls = { - args = [ - "-v=2" - "-log-file=/tmp/ccls.log" - ]; - package = ccls; - command = "ccls"; - filetypes = [ - "c" - "cpp" - ]; - roots = [ - "compile_commands.json" - ".cquery" - ".git" - ]; - }; - gopls = { - command = "gopls"; - package = gopls; - filetypes = [ "go" ]; - offset_encoding = "utf-8"; - roots = [ - "Gopkg.toml" - "go.mod" - ".git" - ".hg" - ]; - settings = { - gopls = { - hoverKind = "SynopsisDocumentation"; - semanticTokens = true; - }; - }; - settings_section = "gopls"; - }; - haskell-language-server = { - args = [ "--lsp" ]; - command = "haskell-language-server-wrapper"; - filetypes = [ "haskell" ]; - roots = [ - "Setup.hs" - "stack.yaml" - "*.cabal" - "package.yaml" - ]; - settings_section = "haskell"; - }; - nil = { - command = "nil"; - package = nil; - filetypes = [ "nix" ]; - roots = [ - "flake.nix" - "shell.nix" - ".git" - ]; - settings.nil = { - formatting.command = [ "${lib.getExe nixfmt-rfc-style}" ]; - }; - }; - pylsp = { - command = "pylsp"; - package = python311Packages.python-lsp-server; - filetypes = [ "python" ]; - offset_encoding = "utf-8"; - roots = [ - "requirements.txt" - "setup.py" - ".git" - ".hg" - ]; - }; - # Spellchecking server - ltex-ls = { - command = "ltex-ls"; - args = [ "--log-file=/tmp" ]; - filetypes = [ - "latex" - "typst" - ]; - roots = [ - "main.tex" - "main.typ" - ".git" - ]; - package = ltex-ls; - }; - tailwind = { - command = "tailwindcss-language-server"; - args = [ "--stdio" ]; - filetypes = [ - "html" - "css" - "javascript" - "typescript" - "templ" - ]; - roots = [ - "tailwind.config.{js,cjs,mjs,ts}" - "package.json" - ".git" - ]; - settings_section = "tailwindCSS"; - settings.tailwindCSS = { - validate = "warning"; - userLanguages.templ = "html"; - }; - package = tailwindcss-language-server; - }; - elixir-ls = { - args = [ ]; - command = "elixir-ls"; - filetypes = [ "elixir" ]; - roots = [ "mix.exs" ]; - }; - typescript-language-server = { - args = [ "--stdio" ]; - command = "typescript-language-server"; - filetypes = [ - "typescript" - "javascript" - ]; - roots = [ "package.json" ]; - package = nodePackages.typescript-language-server; - }; - fsautocomplete = { - args = [ - "--adaptive-lsp-server-enabled" - "--project-graph-enabled" - "--source-text-factory" - "RoslynSourceText" - ]; - command = "fsautocomplete"; - filetypes = [ "fsharp" ]; - roots = [ "*.fsproj" ]; - settings_section = "FSharp"; - settings.FSharp = { - AutomaticWorkspaceInit = true; - }; - package = fsautocomplete; - }; - metals = { - command = "metals"; - filetypes = [ "scala" ]; - roots = [ - "build.sbt" - "build.sc" - "build.mill" - ]; - settings_section = "metals"; - settings.metals = { - inlayHints.inferredTypes.enable = true; - inlayHints.typeParameters.enable = true; - inlayHints.hintsInPatternMatch.enable = true; - # From kakoune-lsp's own options - icons = "unicode"; - isHttpEnabled = true; - statusBarProvider = "log-message"; - compilerOptions = { - overrideDefFormat = "unicode"; - }; - }; - package = metals; - }; - texlab = { - command = "texlab"; - filetypes = [ "latex" ]; - roots = [ - "main.tex" - "all.tex" - ".git" - ]; - settings_section = "texlab"; - settings.texlab = { - build.executable = "latexmk"; - build.args = [ - "-pdf" - "-shell-escape" - "-interaction=nonstopmode" - "-synctex=1" - "%f" - ]; - - build.forwardSearchAfter = true; - build.onSave = true; - - # forwardSearch = - # (if pkgs.stdenv.isDarwin then { - # executable = "/Applications/Skim.app/Contents/SharedSupport/displayline"; - # args = [ "-r" "-g" "%l" "%p" "%f" ]; - # } else - # { - # executable = "${pkgs.zathura}/bin/zathura"; - # args = [ "--synctex-forward" "%l:1:%f" "%p" "-x" "${./kaktex} jump %%{input} %%{line} %%{column}" ]; - # }); - }; - package = texlab; - }; - tinymist = { - command = "tinymist"; - filetypes = [ "typst" ]; - roots = [ - "main.typ" - ".git" - ]; - settings_section = "tinymist"; - settings.tinymist = { - exportPdf = "onSave"; - formatterMode = "typstfmt"; - }; - package = tinymist; - }; - marksman = { - command = "marksman"; - filetypes = [ "markdown" ]; - roots = [ - ".marksman.toml" - ".git" - ]; - package = marksman; - }; - templ = { - command = "templ"; - args = [ "lsp" ]; - filetypes = [ "templ" ]; - roots = [ - "go.mod" - ".git" - ]; - package = templ; - }; - rust-analyzer = { - args = [ ]; - command = "rust-analyzer"; - filetypes = [ "rust" ]; - roots = [ "Cargo.toml" ]; - package = rust-analyzer; - }; - - } - // (builtins.listToAttrs ( - builtins.map - ( - ft: - vscodeServerWith { - name = ft; - extraFileTypes = if ft == "json" then [ ] else [ "templ" ]; - } - ) - [ - "html" - "css" - "json" - ] - )); - - faces = [ - ## Items - # (Rust) Macros - { - face = "attribute"; - token = "attribute"; - } - { - face = "attribute"; - token = "derive"; - } - { - face = "macro"; - token = "macro"; - } # Function-like Macro - # Keyword and Fixed Tokens - { - face = "keyword"; - token = "keyword"; - } - { - face = "operator"; - token = "operator"; - } - # Functions and Methods - { - face = "function"; - token = "function"; - } - { - face = "method"; - token = "method"; - } - # Constants - { - face = "string"; - token = "string"; - } - { - face = "format_specifier"; - token = "formatSpecifier"; - } - # Variables - { - face = "variable"; - token = "variable"; - modifiers = [ "readonly" ]; - } - { - face = "mutable_variable"; - token = "variable"; - } - { - face = "module"; - token = "namespace"; - } - { - face = "variable"; - token = "type_parameter"; - } - { - face = "class"; - token = "enum"; - } - { - face = "class"; - token = "struct"; - } - { - face = "class"; - token = "trait"; - } - { - face = "class"; - token = "union"; - } - { - face = "class"; - token = "class"; - } - - ## Comments - { - face = "documentation"; - token = "comment"; - modifiers = [ "documentation" ]; - } - { - face = "comment"; - token = "comment"; - } - - # Typst - { - face = "header"; - token = "heading"; - } - { - face = "ts_markup_link_url"; - token = "link"; - } - { - face = "ts_markup_link_uri"; - token = "ref"; - } - { - face = "ts_markup_link_label"; - token = "label"; - } - { - face = "ts_property"; - token = "pol"; - } - { - face = "ts_markup_list_checked"; - token = "marker"; - } - { - face = "ts_constant_builtin_boolean"; - token = "bool"; - } - { - face = "ts_keyword_control"; - token = "delim"; - } - { - face = "ts_number"; - token = "text"; - modifiers = [ "math" ]; - } - { - face = "ts_markup_bold"; - token = "text"; - modifiers = [ "strong" ]; - } - { - face = "ts_markup_italic"; - token = "text"; - modifiers = [ "emph" ]; - } - ]; - - raw = { - server = { - timeout = 1800; - }; - snippet_support = false; - verbosity = 255; - }; - }; - in - overrideConfig baseConfig; - - per-lang-config = - lang: - let - toml = formats.toml { }; - servers = lib.filterAttrs (_: server: builtins.elem lang server.filetypes) config.languageServers; - serverSettings = lib.mapAttrs ( - name: server: - builtins.removeAttrs - ( - server - // { - root_globs = server.roots; - } - ) - [ - "package" - "filetypes" - "roots" - ] - ) servers; - serversToml = toml.generate "kak-lsp-${lang}.toml" serverSettings; - lang-id = - if builtins.hasAttr lang config.languageIDs then - '' - set-option buffer lsp_language_id ${config.languageIDs.${lang}} - '' - else - "# No lang-id remap needed"; - in - '' - # LSP Configuration for ${lang} - hook -group lsp-filetype-${lang} global BufSetOption filetype=(?:${lang}) %{ - set-option buffer lsp_servers %{ - ${builtins.readFile serversToml} - } - ${lang-id} - } - ''; - - lang-config = - let - langs = lib.unique ( - lib.flatten (lib.mapAttrsToList (_: server: server.filetypes) config.languageServers) - ); - in - lib.concatMapStringsSep "\n" per-lang-config langs; - faces-config = - let - mapFace = - face: - let - modifiers = - if builtins.hasAttr "modifiers" face then ", modifiers=${builtins.toJSON face.modifiers}" else ""; - in - "{face=${builtins.toJSON face.face}, token=${builtins.toJSON face.token}${modifiers}}"; - faces = lib.concatMapStringsSep ",\n " mapFace config.faces; - in - '' - set-option global lsp_semantic_tokens %{ - [ - ${faces} - ] - } - ''; - - # kak-lsp-config = - # let - # toml = formats.toml { }; - # toLspConfig = builtins.mapAttrs (_: attrs: builtins.removeAttrs attrs [ "package" ]); - # in - # toml.generate "kak-lsp.toml" ({ - # semantic_tokens.faces = config.faces; - # language_server = toLspConfig config.languageServers; - # language_ids = config.languageIDs; - # } // config.raw); - - serverPackages = builtins.filter (v: v != null) ( - lib.mapAttrsToList (_: serv: serv.package or null) config.languageServers - ); -in -{ - extraPaths = lib.makeBinPath (serverPackages ++ [ kak-lsp ]); - plugin = writeTextDir "share/kak/autoload/kak-lsp.kak" '' - hook global KakBegin .* %{ - try %{ - eval %sh{kak-lsp --kakoune -s $kak_session} - } - - lsp-enable - map global lsp N -docstring "Display the next message request" ": lsp-show-message-request-next" - map global normal ": enter-user-mode lsp" - map global normal ": lsp-hover" - map global normal ": lsp-hover-buffer" - # lsp-auto-hover-insert-mode-enable - set global lsp_hover_anchor true - map global insert ':try lsp-snippets-select-next-placeholders catch %{ execute-keys -with-hooks tab> }' -docstring 'Select next snippet placeholder' - map global object a 'lsp-object' -docstring 'LSP any symbol' - map global object 'lsp-object' -docstring 'LSP any symbol' - map global object f 'lsp-object Function Method' -docstring 'LSP function or method' - map global object t 'lsp-object Class Interface Struct' -docstring 'LSP class interface or struct' - map global object d 'lsp-diagnostic-object --include-warnings' -docstring 'LSP errors and warnings' - map global object D 'lsp-diagnostic-object' -docstring 'LSP errors' - - hook global WinSetOption filetype=(racket|rust|python|go|javascript|typescript|c|cpp|tex|latex|haskell|nix|fsharp|templ|scala) %{ - # Format the document if possible - hook window -group lsp-formatting BufWritePre .* %{ lsp-formatting-sync } - } - - hook global WinSetOption filetype=(rust|scala|fsharp) %{ - # Enable inlay hints - lsp-inlay-hints-enable window - } - - hook global WinSetOption filetype=(rust|go|fsharp|typst|scala) %{ - hook window -group semantic-tokens BufReload .* lsp-semantic-tokens - hook window -group semantic-tokens NormalIdle .* lsp-semantic-tokens - hook window -group semantic-tokens InsertIdle .* lsp-semantic-tokens - hook -once -always window WinSetOption filetype=.* %{ - remove-hooks window semantic-tokens - } - } - - define-command -params 0 -docstring "Set up build" scala-build-connect %{ - lsp-execute-command 'build-connect' '[]' - } - - define-command -params 0 -docstring "Change bsp build server" scala-bsp-switch %{ - lsp-execute-command 'bsp-switch' '[]' - } - - define-command -params 0 -docstring "Import build" scala-build-import %{ - lsp-execute-command 'build-import' '[]' - } - - ## Language settings - ${lang-config} - - ## Faces - ${faces-config} - - ## Extra setup - ${extraSetup} - } - ''; -} diff --git a/packages/common/nki-kakoune/plugins.nix b/packages/common/nki-kakoune/plugins.nix deleted file mode 100644 index bf1ef22..0000000 --- a/packages/common/nki-kakoune/plugins.nix +++ /dev/null @@ -1,179 +0,0 @@ -{ - callPackage, - utils ? callPackage ./utils.nix { }, - fetchFromGitHub, - fetchFromGitLab, - luajit, - ... -}: -with { - inherit (utils) toDir writeModuleWrapper kakounePlugin; -}; -builtins.map kakounePlugin [ - # My own scripts - { - name = "latex.kak"; - src = toDir "latex.kak" ./autoload/latex.kak; - } - { - name = "markdown.kak"; - src = toDir "markdown.kak" ./autoload/markdown.kak; - } - - # Plugins - { - name = "luar"; - src = fetchFromGitHub { - owner = "gustavo-hms"; - repo = "luar"; - rev = "2f430316f8fc4d35db6c93165e2e77dc9f3d0450"; - sha256 = "sha256-vHn/V3sfzaxaxF8OpA5jPEuPstOVwOiQrogdSGtT6X4="; - }; - activationScript = '' - # Enable luar - require-module luar - # Use luajit - set-option global luar_interpreter ${luajit}/bin/luajit - ''; - } - { - name = "peneira"; - src = fetchFromGitHub { - owner = "gustavo-hms"; - repo = "peneira"; - rev = "b56dd10bb4771da327b05a9071b3ee9a092f9788"; - sha256 = "sha256-rZBZ+ks9aaefmjl6GAAwg/HQqDbMEp+zkevMbJ1QeUI="; - }; - activationScript = '' - require-module peneira - - # Change selection color - set-face global PeneiraSelected @PrimarySelection - - # Buffers list - define-command -hidden peneira-buffers %{ - peneira 'buffers: ' %{ printf '%s\n' $kak_quoted_buflist } %{ - buffer %arg{1} - } - } - - # Grep in the current location - define-command peneira-grep %{ - peneira 'line: ' %{ rg -n . . } %{ - lua %arg{1} %{ - local file, line = arg[1]:match("([^:]+):(%d+):") - kak.edit(file, line) - } - } - } - - # A peneira menu - declare-user-mode fuzzy-match-menu - - map -docstring "Switch to buffer" global fuzzy-match-menu b ": peneira-buffers" - map -docstring "Symbols" global fuzzy-match-menu s ": peneira-symbols" - map -docstring "Lines" global fuzzy-match-menu l ": peneira-lines" - map -docstring "Lines in the current directory" global fuzzy-match-menu g ": peneira-grep" - map -docstring "Files in project" global fuzzy-match-menu f ": peneira-files" - map -docstring "Files in currently opening file's directory" global fuzzy-match-menu F ": peneira-local-files" - - # Bind menu to user mode - map -docstring "Fuzzy matching" global user f ": enter-user-mode fuzzy-match-menu" - ''; - } - { - name = "kakoune-focus"; - src = fetchFromGitHub { - owner = "caksoylar"; - repo = "kakoune-focus"; - rev = "949c0557cd4c476822acfa026ca3c50f3d38a3c0"; - sha256 = "sha256-ZV7jlLJQyL420YG++iC9rq1SMjo3WO5hR9KVvJNUiCs="; - }; - activationScript = '' - map global user ': focus-toggle' -docstring "toggle selections focus" - ''; - } - { - name = "kakoune-inc-dec"; - src = fetchFromGitLab { - owner = "Screwtapello"; - repo = "kakoune-inc-dec"; - rev = "7bfe9c51"; - sha256 = "0f33wqxqbfygxypf348jf1fiscac161wf2xvnh8zwdd3rq5yybl0"; - }; - } - { - name = "racket.kak"; - src = - (builtins.fetchTree { - type = "git"; - url = "https://bitbucket.org/KJ_Duncan/kakoune-racket.kak.git"; - rev = "e397042009b46916ff089d79166ec0e8ca813a18"; - narHash = "sha256-IcxFmvG0jqpMCG/dT9crVRgPgMGKkic6xwrnW5z4+bc="; - }) - + "/rc"; - } - rec { - name = "kakoune-mirror"; - src = - fetchFromGitHub { - owner = "Delapouite"; - repo = "kakoune-mirror"; - rev = "5710635f440bcca914d55ff2ec1bfcba9efe0f15"; - sha256 = "sha256-uslx4zZhvjUylrPWvTOugsKYKKpF0EEz1drc1Ckrpjk="; - } - + "/mirror.kak"; - wrapAsModule = true; - activationScript = '' - require-module ${name} - - # Bind to ${name} - map global normal ': enter-user-mode -lock mirror' - ''; - } - { - name = "unicode-math"; - src = fetchFromGitHub { - owner = "natsukagami"; - repo = "kakoune-unicode-math"; - rev = "08dff25da2b86ee0b0777091992bc7fb28c3cb1d"; - # sha256 = lib.fakeSha256; - sha256 = "sha256-j0L1ARex1i2ma8sGLYwgkfAbh0jWKh/6QGHFaxPXIKc="; - fetchSubmodules = true; - }; - activationScript = '' - require-module unicode-math - - # Bind to the menu - map global insert ': insert-unicode ' - ''; - } - { - name = "kakoune-buffers"; - src = fetchFromGitHub { - owner = "Delapouite"; - repo = "kakoune-buffers"; - rev = "6b2081f5b7d58c72de319a5cba7bf628b6802881"; - sha256 = "sha256-jOSrzGcLJjLK1GiTSsl2jLmQMPbPxjycR0pwF5t/eV0="; - }; - activationScript = '' - # Suggested hook - - hook global WinDisplay .* info-buffers - - # Suggested mappings - - map global user b ':enter-buffers-mode' -docstring 'buffers…' - map global normal ^ ':enter-buffers-mode' -docstring 'buffers…' - map global user B ':enter-user-mode -lock buffers' -docstring 'buffers (lock)…' - - # Suggested aliases - - alias global bd delete-buffer - alias global bf buffer-first - alias global bl buffer-last - alias global bo buffer-only - alias global bo! buffer-only-force - ''; - } -] diff --git a/packages/common/nki-kakoune/rc.nix b/packages/common/nki-kakoune/rc.nix deleted file mode 100644 index e227146..0000000 --- a/packages/common/nki-kakoune/rc.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - lib, - fish, - writeScript, - writeTextDir, - prependRc ? "", - appendRc ? "", - ... -}: - -let - source-pwd = writeScript "source-pwd" '' - #!/usr/bin/env ${lib.getExe fish} - - ${builtins.readFile ./source-pwd.fish} - ''; -in -writeTextDir "share/kak/kakrc.local" '' - ${prependRc} - ${builtins.readFile ./kakrc} - ${appendRc} - - # Source any settings in the current working directory, - # recursive upwards - evaluate-commands %sh{ - ${source-pwd} - } -'' diff --git a/packages/common/nki-kakoune/themes.nix b/packages/common/nki-kakoune/themes.nix deleted file mode 100644 index 0e762c8..0000000 --- a/packages/common/nki-kakoune/themes.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ writeTextDir, ... }: -let - themes = [ - { - name = "catppuccin-latte"; - src = ./themes/catppuccin-latte.kak; - } - ]; - - themeToColorscheme = - { name, src }: writeTextDir "share/kak/colors/${name}.kak" (builtins.readFile src); -in -builtins.map themeToColorscheme themes diff --git a/packages/common/nki-kakoune/utils.nix b/packages/common/nki-kakoune/utils.nix deleted file mode 100644 index f26f6d7..0000000 --- a/packages/common/nki-kakoune/utils.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ - lib, - writeTextDir, - kakouneUtils, - symlinkJoin, - ... -}: -with { - inherit (kakouneUtils) buildKakounePluginFrom2Nix; -}; -rec { - mkFacesScript = - name: faces: - writeTextDir "share/kak/autoload/${name}/faces.kak" '' - hook global KakBegin .* %{ - ${lib.concatStringsSep "\n" ( - builtins.attrValues (builtins.mapAttrs (name: face: " face global ${name} \"${face}\"") faces) - )} - } - ''; - - toDir = name: file: writeTextDir name (builtins.readFile file); - - writeActivationScript = - script: - writeTextDir "on-load.kak" '' - hook global KakBegin .* %{ - ${script} - } - ''; - - writeModuleWrapper = - name: script: - writeTextDir "module.kak" '' - provide-module ${name} %◍ - ${script} - ◍ - ''; - - kakounePlugin = - { - name, - src, - wrapAsModule ? false, - activationScript ? null, - ... - }@attrs: - let - module = if wrapAsModule then writeModuleWrapper name (builtins.readFile src) else src; - in - buildKakounePluginFrom2Nix { - pname = name; - version = attrs.version or "latest"; - src = - if activationScript == null then - module - else - symlinkJoin { - name = "${name}-src"; - paths = [ - module - (writeActivationScript activationScript) - ]; - }; - }; -} diff --git a/packages/common/suwako-cursors/default.nix b/packages/common/suwako-cursors/default.nix index cc304d7..0a7380b 100644 --- a/packages/common/suwako-cursors/default.nix +++ b/packages/common/suwako-cursors/default.nix @@ -3,3 +3,4 @@ runCommandLocal "suwako-cursors" { } '' mkdir -p $out/share/icons ${unzip}/bin/unzip ${./Suwako.zip} -d $out/share/icons '' + diff --git a/packages/common/ttaenc.nix b/packages/common/ttaenc.nix index e6a2674..e4cd61b 100644 --- a/packages/common/ttaenc.nix +++ b/packages/common/ttaenc.nix @@ -1,5 +1,4 @@ -{ stdenv, lib }: -stdenv.mkDerivation rec { +{ stdenv, lib }: stdenv.mkDerivation rec { name = "ttaenc"; version = "3.4.1"; diff --git a/packages/common/vikunja.nix b/packages/common/vikunja.nix deleted file mode 100644 index 0fcf849..0000000 --- a/packages/common/vikunja.nix +++ /dev/null @@ -1,149 +0,0 @@ -{ - lib, - fetchFromGitHub, - stdenv, - nodejs, - pnpm, - buildGoModule, - mage, - writeShellScriptBin, - nixosTests, - autoPatchelfHook, - musl, -}: - -let - version = "0.24.5-git"; - src = fetchFromGitHub { - owner = "go-vikunja"; - repo = "vikunja"; - rev = "e57f04ec23e9ff8aa9877d2ea7d571c2a44790b0"; - hash = "sha256-W6o1h6XBPvT1lH1zO5N7HcodksKill5eqSuaFl2kfuY="; - }; - - frontend = stdenv.mkDerivation (finalAttrs: { - pname = "vikunja-frontend"; - inherit version src; - - sourceRoot = "${finalAttrs.src.name}/frontend"; - - pnpmDeps = pnpm.fetchDeps { - inherit (finalAttrs) - pname - version - src - sourceRoot - ; - hash = "sha256-sOCaJDBgEMID+lN5plQpSqaGBIUs5h2tAwDzhtOH53o="; - }; - - nativeBuildInputs = [ - nodejs - pnpm.configHook - autoPatchelfHook - ]; - - buildInputs = [ - musl # For sass-embedded - ]; - - doCheck = true; - dontAutoPatchelf = true; - - # See https://github.com/sass/embedded-host-node/issues/334 - preBuild = '' - autoPatchelf node_modules/.pnpm/sass-embedded* - ''; - - postBuild = '' - pnpm run build - ''; - - checkPhase = '' - pnpm run test:unit --run - ''; - - installPhase = '' - cp -r dist/ $out - ''; - }); - - # Injects a `t.Skip()` into a given test since there's apparently no other way to skip tests here. - skipTest = - lineOffset: testCase: file: - let - jumpAndAppend = lib.concatStringsSep ";" (lib.replicate (lineOffset - 1) "n" ++ [ "a" ]); - in - '' - sed -i -e '/${testCase}/{ - ${jumpAndAppend} t.Skip(); - }' ${file} - ''; -in -buildGoModule { - inherit src version; - pname = "vikunja"; - - nativeBuildInputs = - let - fakeGit = writeShellScriptBin "git" '' - if [[ $@ = "describe --tags --always --abbrev=10" ]]; then - echo "${version}" - else - >&2 echo "Unknown command: $@" - exit 1 - fi - ''; - in - [ - fakeGit - mage - ]; - - vendorHash = "sha256-UWjlivF9ySXCAr84A1trCJ/n9pB98ZhEyG11qz3PL7g="; - - inherit frontend; - - prePatch = '' - cp -r ${frontend} frontend/dist - ''; - - postConfigure = '' - # These tests need internet, so we skip them. - ${skipTest 1 "TestConvertTrelloToVikunja" "pkg/modules/migration/trello/trello_test.go"} - ${skipTest 1 "TestConvertTodoistToVikunja" "pkg/modules/migration/todoist/todoist_test.go"} - ''; - - buildPhase = '' - runHook preBuild - - # Fixes "mkdir /homeless-shelter: permission denied" - "Error: error compiling magefiles" during build - export HOME=$(mktemp -d) - mage build:build - - runHook postBuild - ''; - - checkPhase = '' - mage test:unit - mage test:integration - ''; - - installPhase = '' - runHook preInstall - install -Dt $out/bin vikunja - runHook postInstall - ''; - - passthru.tests.vikunja = nixosTests.vikunja; - - meta = { - changelog = "https://kolaente.dev/vikunja/api/src/tag/v${version}/CHANGELOG.md"; - description = "Todo-app to organize your life"; - homepage = "https://vikunja.io/"; - license = lib.licenses.agpl3Plus; - maintainers = with lib.maintainers; [ leona ]; - mainProgram = "vikunja"; - platforms = lib.platforms.linux; - }; -}