Compare commits
No commits in common. "master" and "24.05" have entirely different histories.
15
.sops.yaml
15
.sops.yaml
|
@ -4,8 +4,6 @@ keys:
|
||||||
- &nki_pc age1tt0peqg8zdfh74m5sdgwsczcqh036nhgmwvkqnvywll88uvmm9xs433rhm
|
- &nki_pc age1tt0peqg8zdfh74m5sdgwsczcqh036nhgmwvkqnvywll88uvmm9xs433rhm
|
||||||
- &nkagami_main age1n8tnmmgredzltzwkspag7aufhrn6034ny8ysjeulhkwdnf7vqqaqec4mg5
|
- &nkagami_main age1n8tnmmgredzltzwkspag7aufhrn6034ny8ysjeulhkwdnf7vqqaqec4mg5
|
||||||
- &nkagami_do age1z2h24mjt80fryqupajkh3kg5r4sjgw65uqy489xeqxhqj8u2a9fsm3ff36
|
- &nkagami_do age1z2h24mjt80fryqupajkh3kg5r4sjgw65uqy489xeqxhqj8u2a9fsm3ff36
|
||||||
- &nki_yoga age1vhjhmxura35apu5zdwg5ur5r40xay45ld9szh07dy0ph9chgsu7shfm4h9
|
|
||||||
- &nki_framework age188tgu3psvywk6shq85mk2q0jdjwd0tcswzwlwu5pa5n3pndx75dq090z59
|
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: kagami-air-m1/secrets\.yaml$
|
- path_regex: kagami-air-m1/secrets\.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
|
@ -18,20 +16,9 @@ creation_rules:
|
||||||
- *nki_pc
|
- *nki_pc
|
||||||
- *nkagami_main
|
- *nkagami_main
|
||||||
- *nkagami_do
|
- *nkagami_do
|
||||||
- *nki_framework
|
- path_regex: nki-home/secrets/secrets\.yaml$
|
||||||
- path_regex: nki-home/secrets\.yaml$
|
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
- *nki_pc
|
- *nki_pc
|
||||||
- *nkagami_main
|
- *nkagami_main
|
||||||
- *nkagami_do
|
- *nkagami_do
|
||||||
- path_regex: nki-yoga-g8/secrets\.yaml$
|
|
||||||
key_groups:
|
|
||||||
- age:
|
|
||||||
- *nki_yoga
|
|
||||||
- age1axvjllyv2gutngwmp3pvp4xtq2gqneldaq2c4nrzmaye0uwmk9lqsealdv # The machine itself
|
|
||||||
- path_regex: nki-framework/secrets\.yaml$
|
|
||||||
key_groups:
|
|
||||||
- age:
|
|
||||||
- *nki_framework
|
|
||||||
- age1vgh6kvee8lvxylm7z86fpl3xzjyjs4u3zdfkyf064rjvxk9fpumsew7n27 # The machine itself
|
|
||||||
|
|
|
@ -13,8 +13,6 @@ in
|
||||||
with lib; {
|
with lib; {
|
||||||
imports = [
|
imports = [
|
||||||
# defaultShell
|
# defaultShell
|
||||||
./modules/services/nix-cache
|
|
||||||
./modules/services/nix-build-farm
|
|
||||||
];
|
];
|
||||||
|
|
||||||
## Packages
|
## Packages
|
||||||
|
|
447
flake.lock
447
flake.lock
|
@ -55,16 +55,16 @@
|
||||||
"nixpkgs": "nixpkgs_4"
|
"nixpkgs": "nixpkgs_4"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728224242,
|
"lastModified": 1718214198,
|
||||||
"narHash": "sha256-mQLfRAun2G/LDnw3jyFGJbOqpxh2PL8IGzFELRfAgAI=",
|
"narHash": "sha256-/qKPeE2Ptweaf+rHOvdW0TUDLwN9D93MMgDoU4fTzEA=",
|
||||||
"owner": "famedly",
|
"owner": "famedly",
|
||||||
"repo": "conduit",
|
"repo": "conduit",
|
||||||
"rev": "f8d7ef04e664580e882bac852877b68e7bd3ab1e",
|
"rev": "7a5b8930134cf7ea5ff9880e6fa468b2b3e05c98",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "famedly",
|
"owner": "famedly",
|
||||||
"ref": "v0.9.0",
|
"ref": "v0.8.0",
|
||||||
"repo": "conduit",
|
"repo": "conduit",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
}
|
}
|
||||||
|
@ -115,14 +115,17 @@
|
||||||
},
|
},
|
||||||
"crane_3": {
|
"crane_3": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": "nixpkgs_5"
|
"flake-compat": "flake-compat_3",
|
||||||
|
"flake-utils": "flake-utils_3",
|
||||||
|
"nixpkgs": "nixpkgs_5",
|
||||||
|
"rust-overlay": "rust-overlay"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724006180,
|
"lastModified": 1697334144,
|
||||||
"narHash": "sha256-PVxPj0Ga2fMYMtcT9ARCthF+4U71YkOT7ZjgD/vf1Aw=",
|
"narHash": "sha256-gcOxnHEgBcn8mGXgNkTvZ1BLAANZZj+IZzb9QnQt7bc=",
|
||||||
"owner": "ipetkov",
|
"owner": "ipetkov",
|
||||||
"repo": "crane",
|
"repo": "crane",
|
||||||
"rev": "7ce92819802bc583b7e82ebc08013a530f22209f",
|
"rev": "4dcf584de14beff8dd0c030ac54e185fd3b72023",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -172,11 +175,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724377159,
|
"lastModified": 1718730147,
|
||||||
"narHash": "sha256-ixjje1JO8ucKT41hs6n2NCde1Vc0+Zc2p2gUbJpCsMw=",
|
"narHash": "sha256-QmD6B6FYpuoCqu6ZuPJH896ItNquDkn0ulQlOn4ykN8=",
|
||||||
"owner": "ipetkov",
|
"owner": "ipetkov",
|
||||||
"repo": "crane",
|
"repo": "crane",
|
||||||
"rev": "3e47b7a86c19142bd3675da49d6acef488b4dac1",
|
"rev": "32c21c29b034d0a93fdb2379d6fabc40fc3d0e6c",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -208,7 +211,7 @@
|
||||||
},
|
},
|
||||||
"deploy-rs": {
|
"deploy-rs": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_3",
|
"flake-compat": "flake-compat_4",
|
||||||
"nixpkgs": "nixpkgs_6",
|
"nixpkgs": "nixpkgs_6",
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
|
@ -228,22 +231,21 @@
|
||||||
},
|
},
|
||||||
"dtth-phanpy": {
|
"dtth-phanpy": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_3",
|
"flake-utils": "flake-utils_4",
|
||||||
"nixpkgs": "nixpkgs_7"
|
"nixpkgs": "nixpkgs_7"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728598146,
|
"lastModified": 1719154855,
|
||||||
"narHash": "sha256-8zAvVSR3chBSJ7YKW+MYC1mrDxtZDFBPVobfO4KPXzg=",
|
"narHash": "sha256-uLV3PAVG+eZVnfVkRmHABGi7vRW/q8qvDafw3VzmFgk=",
|
||||||
"ref": "dtth-fork",
|
"ref": "refs/heads/dtth-fork",
|
||||||
"rev": "fc6bd96aef92d7796d9c7663ac23e3fa837f8ddb",
|
"rev": "97978f4a6556e69b826e15f7d2c3c4079a1c1c47",
|
||||||
"revCount": 3218,
|
"revCount": 2662,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://gitea@git.dtth.ch/nki/phanpy"
|
"url": "ssh://gitea@git.dtth.ch/nki/phanpy?branch=dtth-fork"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"ref": "dtth-fork",
|
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://gitea@git.dtth.ch/nki/phanpy"
|
"url": "ssh://gitea@git.dtth.ch/nki/phanpy?branch=dtth-fork"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fenix": {
|
"fenix": {
|
||||||
|
@ -301,6 +303,22 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_3": {
|
"flake-compat_3": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696267196,
|
||||||
|
"narHash": "sha256-AAQ/2sD+0D18bb8hKuEEVpHUYD1GmO2Uh/taFamn6XQ=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "4f910c9827911b1ec2bf26b5a062cd09f8d89f85",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat_4": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696426674,
|
"lastModified": 1696426674,
|
||||||
|
@ -316,7 +334,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_4": {
|
"flake-compat_5": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1673956053,
|
"lastModified": 1673956053,
|
||||||
|
@ -332,7 +350,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_5": {
|
"flake-compat_6": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1688025799,
|
"lastModified": 1688025799,
|
||||||
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
|
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
|
||||||
|
@ -434,11 +452,11 @@
|
||||||
"nixpkgs-lib": "nixpkgs-lib_2"
|
"nixpkgs-lib": "nixpkgs-lib_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1722555600,
|
"lastModified": 1706830856,
|
||||||
"narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
|
"narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
|
"rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -462,6 +480,24 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-utils_10": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_9"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1710146030,
|
||||||
|
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-utils_2": {
|
"flake-utils_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems"
|
"systems": "systems"
|
||||||
|
@ -482,25 +518,7 @@
|
||||||
},
|
},
|
||||||
"flake-utils_3": {
|
"flake-utils_3": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_3"
|
"systems": "systems_2"
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1726560853,
|
|
||||||
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_4": {
|
|
||||||
"inputs": {
|
|
||||||
"systems": "systems_4"
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694529238,
|
"lastModified": 1694529238,
|
||||||
|
@ -516,16 +534,34 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-utils_4": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_4"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1710146030,
|
||||||
|
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-utils_5": {
|
"flake-utils_5": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_5"
|
"systems": "systems_5"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681202837,
|
"lastModified": 1694529238,
|
||||||
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -539,11 +575,11 @@
|
||||||
"systems": "systems_6"
|
"systems": "systems_6"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1710146030,
|
"lastModified": 1681202837,
|
||||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -571,21 +607,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_8": {
|
"flake-utils_8": {
|
||||||
"locked": {
|
|
||||||
"lastModified": 1659877975,
|
|
||||||
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_9": {
|
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_8"
|
"systems": "systems_8"
|
||||||
},
|
},
|
||||||
|
@ -603,6 +624,21 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-utils_9": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1659877975,
|
||||||
|
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flakey-profile": {
|
"flakey-profile": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1712898590,
|
"lastModified": 1712898590,
|
||||||
|
@ -742,11 +778,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728337164,
|
"lastModified": 1719037157,
|
||||||
"narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=",
|
"narHash": "sha256-aOKd8+mhBsLQChCu1mn/W5ww79ta5cXVE59aJFrifM8=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "038630363e7de57c36c417fd2f5d7c14773403e4",
|
"rev": "cd886711998fe5d9ff7979fdd4b4cbd17b1f1511",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -758,11 +794,11 @@
|
||||||
"kak-lsp": {
|
"kak-lsp": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1723206901,
|
"lastModified": 1719761259,
|
||||||
"narHash": "sha256-wPCu/VxAMIB+zI0+eDq7lJ/rHJZfe0whYzdoiwrixCc=",
|
"narHash": "sha256-2cnjweEU/NgQffF2gav9b6EIXmV9TcSd7214FzW7ekY=",
|
||||||
"owner": "kakoune-lsp",
|
"owner": "kakoune-lsp",
|
||||||
"repo": "kakoune-lsp",
|
"repo": "kakoune-lsp",
|
||||||
"rev": "ebd370f43cb6e7af634e5f8cadb99cc8c16e1efe",
|
"rev": "484b19c2e373988ee5ab9afc54ecd6383b8da9bc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -790,14 +826,14 @@
|
||||||
"lanzaboote": {
|
"lanzaboote": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"crane": "crane_4",
|
"crane": "crane_4",
|
||||||
"flake-compat": "flake-compat_4",
|
"flake-compat": "flake-compat_5",
|
||||||
"flake-parts": "flake-parts_4",
|
"flake-parts": "flake-parts_4",
|
||||||
"flake-utils": "flake-utils_5",
|
"flake-utils": "flake-utils_6",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1682802423,
|
"lastModified": 1682802423,
|
||||||
|
@ -817,20 +853,20 @@
|
||||||
"lix": {
|
"lix": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729298361,
|
"lastModified": 1720626042,
|
||||||
"narHash": "sha256-hiGtfzxFkDc9TSYsb96Whg0vnqBVV7CUxyscZNhed0U=",
|
"narHash": "sha256-f8k+BezKdJfmE+k7zgBJiohtS3VkkriycdXYsKOm3sc=",
|
||||||
"rev": "ad9d06f7838a25beec425ff406fe68721fef73be",
|
"rev": "2a4376be20d70feaa2b0e640c5041fb66ddc67ed",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ad9d06f7838a25beec425ff406fe68721fef73be.tar.gz?rev=ad9d06f7838a25beec425ff406fe68721fef73be"
|
"url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/2a4376be20d70feaa2b0e640c5041fb66ddc67ed.tar.gz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://git.lix.systems/lix-project/lix/archive/2.91.1.tar.gz"
|
"url": "https://git.lix.systems/lix-project/lix/archive/2.90.0.tar.gz"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"lix-module": {
|
"lix-module": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_6",
|
"flake-utils": "flake-utils_7",
|
||||||
"flakey-profile": "flakey-profile",
|
"flakey-profile": "flakey-profile",
|
||||||
"lix": "lix",
|
"lix": "lix",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -838,20 +874,20 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729360442,
|
"lastModified": 1720641669,
|
||||||
"narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=",
|
"narHash": "sha256-yEO2cGNgzm9x/XxiDQI+WckSWnZX63R8aJLBRSXtYNE=",
|
||||||
"rev": "9098ac95768f7006d7e070b88bae76939f6034e6",
|
"rev": "5c48c833c15bb80d127a398a8c2484d42fdd8257",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz?rev=9098ac95768f7006d7e070b88bae76939f6034e6"
|
"url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/5c48c833c15bb80d127a398a8c2484d42fdd8257.tar.gz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"
|
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"mpd-mpris": {
|
"mpd-mpris": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_7",
|
"flake-utils": "flake-utils_8",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
|
@ -888,15 +924,14 @@
|
||||||
"nix-gaming": {
|
"nix-gaming": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-parts": "flake-parts_5",
|
"flake-parts": "flake-parts_5",
|
||||||
"nixpkgs": "nixpkgs_8",
|
"nixpkgs": "nixpkgs_8"
|
||||||
"umu": "umu"
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1723945279,
|
"lastModified": 1716686274,
|
||||||
"narHash": "sha256-3W+/u3v/e0dTOxht6wW6pL+kr44e8Amb8A1Z3Bx8BUE=",
|
"narHash": "sha256-4JiRUWtoEMrfq38jG4O+NP6rcQIhKxEclnSkHvywnf0=",
|
||||||
"owner": "fufexan",
|
"owner": "fufexan",
|
||||||
"repo": "nix-gaming",
|
"repo": "nix-gaming",
|
||||||
"rev": "bcf8116981cc332c2734d4c82a034f115780853d",
|
"rev": "83a47c12d3493f7eb876250d0298d1566a965ce4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -922,11 +957,11 @@
|
||||||
},
|
},
|
||||||
"nixos-m1": {
|
"nixos-m1": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_5",
|
"flake-compat": "flake-compat_6",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"rust-overlay": "rust-overlay_2"
|
"rust-overlay": "rust-overlay_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1700436815,
|
"lastModified": 1700436815,
|
||||||
|
@ -978,14 +1013,20 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-lib_2": {
|
"nixpkgs-lib_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1722555339,
|
"dir": "lib",
|
||||||
"narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=",
|
"lastModified": 1706550542,
|
||||||
"type": "tarball",
|
"narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=",
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "97b17f32362e475016f942bbdfda4a4a72a8a652",
|
||||||
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"dir": "lib",
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz"
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-stable": {
|
"nixpkgs-stable": {
|
||||||
|
@ -1022,11 +1063,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1730272153,
|
"lastModified": 1720750130,
|
||||||
"narHash": "sha256-B5WRZYsRlJgwVHIV6DvidFN7VX7Fg9uuwkRW9Ha8z+w=",
|
"narHash": "sha256-y2wc7CdK0vVSIbx7MdVoZzuMcUoLvZXm+pQf2RIr1OU=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53",
|
"rev": "6794d064edc69918bb0fc0e0eda33ece324be17a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1038,11 +1079,27 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_10": {
|
"nixpkgs_10": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724224976,
|
"lastModified": 1713128889,
|
||||||
"narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=",
|
"narHash": "sha256-aB90ZqzosyRDpBh+rILIcyP5lao8SKz8Sr2PSWvZrzk=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "c374d94f1536013ca8e92341b540eba4c22f9c62",
|
"rev": "2748d22b45a99fb2deafa5f11c7531c212b2cefa",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "nixpkgs-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_11": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1718530797,
|
||||||
|
"narHash": "sha256-pup6cYwtgvzDpvpSCFh1TEUjw2zkNpk8iolbKnyFmmU=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "b60ebf54c15553b393d144357375ea956f89e9a9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1102,11 +1159,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_5": {
|
"nixpkgs_5": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1722640603,
|
"lastModified": 1696261572,
|
||||||
"narHash": "sha256-TcXjLVNd3VeH1qKPH335Tc4RbFDbZQX+d7rqnDUoRaY=",
|
"narHash": "sha256-s8TtSYJ1LBpuITXjbPLUPyxzAKw35LhETcajJjCS5f0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "81610abc161d4021b29199aa464d6a1a521e0cc9",
|
"rev": "0c7ffbc66e6d78c50c38e717ec91a2a14e0622fb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1134,11 +1191,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_7": {
|
"nixpkgs_7": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728492678,
|
"lastModified": 1719075281,
|
||||||
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
|
"narHash": "sha256-CyyxvOwFf12I91PBWz43iGT1kjsf5oi6ax7CrvaMyAo=",
|
||||||
"owner": "nixOS",
|
"owner": "nixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
|
"rev": "a71e967ef3694799d0c418c98332f7ff4cc5f6af",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1150,11 +1207,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_8": {
|
"nixpkgs_8": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1723856861,
|
"lastModified": 1708751719,
|
||||||
"narHash": "sha256-OTDg91+Zzs2SpU3csK4xVdSQFoG8cK1lNUwKmTqERyE=",
|
"narHash": "sha256-0uWOKSpXJXmXswOvDM5Vk3blB74apFB6rNGWV5IjoN0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "cd7b95ee3725af7113bacbce91dd6549cee58ca5",
|
"rev": "f63ce824cd2f036216eb5f637dfef31e1a03ee89",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1166,11 +1223,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_9": {
|
"nixpkgs_9": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1730137625,
|
"lastModified": 1720954236,
|
||||||
"narHash": "sha256-9z8oOgFZiaguj+bbi3k4QhAD6JabWrnv7fscC/mt0KE=",
|
"narHash": "sha256-1mEKHp4m9brvfQ0rjCca8P1WHpymK3TOr3v34ydv9bs=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "64b80bfb316b57cdb8919a9110ef63393d74382a",
|
"rev": "53e81e790209e41f0c1efa9ff26ff2fd7ab35e27",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -1180,6 +1237,21 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nur": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1697363080,
|
||||||
|
"narHash": "sha256-/49Rh5mohp0ZD6HaNbDn9oIsLt+d7Tzbc/BGkb/7o+g=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "NUR",
|
||||||
|
"rev": "5771ba6f22db037b037a8bdd82acc5467c965c7e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "NUR",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"pre-commit-hooks-nix": {
|
"pre-commit-hooks-nix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": [
|
"flake-compat": [
|
||||||
|
@ -1219,7 +1291,7 @@
|
||||||
"darwin": "darwin",
|
"darwin": "darwin",
|
||||||
"deploy-rs": "deploy-rs",
|
"deploy-rs": "deploy-rs",
|
||||||
"dtth-phanpy": "dtth-phanpy",
|
"dtth-phanpy": "dtth-phanpy",
|
||||||
"flake-utils": "flake-utils_4",
|
"flake-utils": "flake-utils_5",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"home-manager-unstable": "home-manager-unstable",
|
"home-manager-unstable": "home-manager-unstable",
|
||||||
"kak-lsp": "kak-lsp",
|
"kak-lsp": "kak-lsp",
|
||||||
|
@ -1232,9 +1304,10 @@
|
||||||
"nixos-m1": "nixos-m1",
|
"nixos-m1": "nixos-m1",
|
||||||
"nixpkgs": "nixpkgs_9",
|
"nixpkgs": "nixpkgs_9",
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||||
"rust-overlay": "rust-overlay_3",
|
"nur": "nur",
|
||||||
"secrets": "secrets",
|
"secrets": "secrets",
|
||||||
"sops-nix": "sops-nix",
|
"sops-nix": "sops-nix",
|
||||||
|
"swayfx": "swayfx",
|
||||||
"youmubot": "youmubot"
|
"youmubot": "youmubot"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -1256,6 +1329,31 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"rust-overlay": {
|
"rust-overlay": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": [
|
||||||
|
"crane",
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
|
"nixpkgs": [
|
||||||
|
"crane",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696299134,
|
||||||
|
"narHash": "sha256-RS77cAa0N+Sfj5EmKbm5IdncNXaBCE1BSSQvUE8exvo=",
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"rev": "611ccdceed92b4d94ae75328148d84ee4a5b462d",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "oxalica",
|
||||||
|
"repo": "rust-overlay",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"rust-overlay_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": [
|
"flake-utils": [
|
||||||
"lanzaboote",
|
"lanzaboote",
|
||||||
|
@ -1280,7 +1378,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"rust-overlay_2": {
|
"rust-overlay_3": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1686795910,
|
"lastModified": 1686795910,
|
||||||
|
@ -1296,50 +1394,27 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"rust-overlay_3": {
|
"scenefx": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": "nixpkgs_10"
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724466314,
|
"lastModified": 1715160751,
|
||||||
"narHash": "sha256-ltKuK6shQ64uej1mYNtBsDYxttUNFiv9AcHqk0+0NQM=",
|
"narHash": "sha256-S8m7phTU7QYgAq4B0hjH5WdtTjHDcNVhYfPFdhbty+A=",
|
||||||
"owner": "oxalica",
|
"owner": "wlrfx",
|
||||||
"repo": "rust-overlay",
|
"repo": "scenefx",
|
||||||
"rev": "2b5b3edd96ef336b00622dcabc13788fdef9e3ca",
|
"rev": "2ec3505248e819191c37cb831197629f373326fb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "oxalica",
|
"owner": "wlrfx",
|
||||||
"repo": "rust-overlay",
|
"repo": "scenefx",
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"rust-overlay_4": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"youmubot",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1724466314,
|
|
||||||
"narHash": "sha256-ltKuK6shQ64uej1mYNtBsDYxttUNFiv9AcHqk0+0NQM=",
|
|
||||||
"owner": "oxalica",
|
|
||||||
"repo": "rust-overlay",
|
|
||||||
"rev": "2b5b3edd96ef336b00622dcabc13788fdef9e3ca",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "oxalica",
|
|
||||||
"repo": "rust-overlay",
|
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"secrets": {
|
"secrets": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_8"
|
"flake-utils": "flake-utils_9"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1693981285,
|
"lastModified": 1693981285,
|
||||||
|
@ -1378,6 +1453,27 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"swayfx": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"scenefx": "scenefx"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1715273144,
|
||||||
|
"narHash": "sha256-x8z/sjtJPojvaXiOUDvADiSU/QmSo8cqKQ1X4g+5dw4=",
|
||||||
|
"owner": "WillPower3309",
|
||||||
|
"repo": "swayfx",
|
||||||
|
"rev": "3c621dec7d653231f960d377fcb3ceeed55953e2",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "WillPower3309",
|
||||||
|
"repo": "swayfx",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"systems": {
|
"systems": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
|
@ -1498,34 +1594,24 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"umu": {
|
"systems_9": {
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nix-gaming",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "packaging/nix",
|
"lastModified": 1681028828,
|
||||||
"lastModified": 1723697867,
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
"narHash": "sha256-LTfbJXR8x35oZ8Mo3R0WTVEp9toWpVfzD21xCSr64IM=",
|
"owner": "nix-systems",
|
||||||
"ref": "refs/heads/main",
|
"repo": "default",
|
||||||
"rev": "c71a45ad53036f4c668bcbe1be7a49f9d3460151",
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
"revCount": 699,
|
"type": "github"
|
||||||
"submodules": true,
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://github.com/Open-Wine-Components/umu-launcher/"
|
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"dir": "packaging/nix",
|
"owner": "nix-systems",
|
||||||
"submodules": true,
|
"repo": "default",
|
||||||
"type": "git",
|
"type": "github"
|
||||||
"url": "https://github.com/Open-Wine-Components/umu-launcher/"
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"utils": {
|
"utils": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_2"
|
"systems": "systems_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1701680307,
|
"lastModified": 1701680307,
|
||||||
|
@ -1544,16 +1630,15 @@
|
||||||
"youmubot": {
|
"youmubot": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"crane": "crane_5",
|
"crane": "crane_5",
|
||||||
"flake-utils": "flake-utils_9",
|
"flake-utils": "flake-utils_10",
|
||||||
"nixpkgs": "nixpkgs_10",
|
"nixpkgs": "nixpkgs_11"
|
||||||
"rust-overlay": "rust-overlay_4"
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1730740980,
|
"lastModified": 1720930588,
|
||||||
"narHash": "sha256-Z/RLbhlBxdNPZt/DeROPBV7bLQgpmamjcB0rdQrQoNw=",
|
"narHash": "sha256-Ue3ZRLUU/VoN0SUOCcAwR5LZJac9UgaSA9To//rP7fU=",
|
||||||
"owner": "natsukagami",
|
"owner": "natsukagami",
|
||||||
"repo": "youmubot",
|
"repo": "youmubot",
|
||||||
"rev": "803d718c7ad34d3780ae6c2911ca0682b2417cc4",
|
"rev": "dc02b4b7e280a8d5f129b5f43636407a2e4b96ea",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
35
flake.nix
35
flake.nix
|
@ -15,6 +15,7 @@
|
||||||
sops-nix.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
sops-nix.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||||
sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
|
sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
|
||||||
deploy-rs.url = "github:Serokell/deploy-rs";
|
deploy-rs.url = "github:Serokell/deploy-rs";
|
||||||
|
nur.url = "github:nix-community/NUR";
|
||||||
|
|
||||||
# --- Secure boot
|
# --- Secure boot
|
||||||
lanzaboote = {
|
lanzaboote = {
|
||||||
|
@ -25,29 +26,25 @@
|
||||||
# --- Build tools
|
# --- Build tools
|
||||||
flake-utils.url = github:numtide/flake-utils;
|
flake-utils.url = github:numtide/flake-utils;
|
||||||
crane.url = github:ipetkov/crane;
|
crane.url = github:ipetkov/crane;
|
||||||
rust-overlay = {
|
|
||||||
url = "github:oxalica/rust-overlay";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
arion.url = github:hercules-ci/arion;
|
arion.url = github:hercules-ci/arion;
|
||||||
lix-module = {
|
lix-module = {
|
||||||
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz";
|
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
# ---
|
# ---
|
||||||
# Imported apps
|
# Imported apps
|
||||||
youmubot.url = "github:natsukagami/youmubot";
|
youmubot.url = "github:natsukagami/youmubot";
|
||||||
# swayfx = {
|
swayfx = {
|
||||||
# url = github:WillPower3309/swayfx;
|
url = github:WillPower3309/swayfx;
|
||||||
# inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
# };
|
};
|
||||||
mpd-mpris = {
|
mpd-mpris = {
|
||||||
url = github:natsukagami/mpd-mpris;
|
url = github:natsukagami/mpd-mpris;
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
dtth-phanpy.url = "git+ssh://gitea@git.dtth.ch/nki/phanpy?ref=dtth-fork";
|
dtth-phanpy.url = "git+ssh://gitea@git.dtth.ch/nki/phanpy?branch=dtth-fork";
|
||||||
conduit.url = "gitlab:famedly/conduit/v0.9.0";
|
conduit.url = "gitlab:famedly/conduit/v0.8.0";
|
||||||
nix-gaming.url = github:fufexan/nix-gaming;
|
nix-gaming.url = github:fufexan/nix-gaming;
|
||||||
|
|
||||||
# --- Sources
|
# --- Sources
|
||||||
|
@ -63,7 +60,7 @@
|
||||||
secrets.url = "git+ssh://git@github.com/natsukagami/nix-deploy-secrets";
|
secrets.url = "git+ssh://git@github.com/natsukagami/nix-deploy-secrets";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { self, darwin, nixpkgs, nixpkgs-unstable, home-manager, deploy-rs, sops-nix, ... }@inputs:
|
outputs = { self, darwin, nixpkgs, nixpkgs-unstable, home-manager, deploy-rs, sops-nix, nur, ... }@inputs:
|
||||||
let
|
let
|
||||||
overlays = import ./overlay.nix inputs;
|
overlays = import ./overlay.nix inputs;
|
||||||
lib = nixpkgs.lib;
|
lib = nixpkgs.lib;
|
||||||
|
@ -88,20 +85,6 @@
|
||||||
trusted-public-keys = [ "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" ];
|
trusted-public-keys = [ "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" ];
|
||||||
};
|
};
|
||||||
environment.systemPackages = [ inputs.nix-gaming.packages.${pkgs.hostPlatform.system}.osu-stable ];
|
environment.systemPackages = [ inputs.nix-gaming.packages.${pkgs.hostPlatform.system}.osu-stable ];
|
||||||
programs.gamemode = {
|
|
||||||
enable = true;
|
|
||||||
enableRenice = true;
|
|
||||||
settings = {
|
|
||||||
general = {
|
|
||||||
renice = 10;
|
|
||||||
};
|
|
||||||
|
|
||||||
custom = {
|
|
||||||
start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'";
|
|
||||||
end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# Common Nix modules
|
# Common Nix modules
|
||||||
|
|
|
@ -9,6 +9,13 @@
|
||||||
./modules/programs/my-kitty
|
./modules/programs/my-kitty
|
||||||
./modules/programs/openconnect-epfl.nix
|
./modules/programs/openconnect-epfl.nix
|
||||||
./common-linux.nix
|
./common-linux.nix
|
||||||
|
|
||||||
|
# PATH Overrides
|
||||||
|
({ config, lib, ... }: {
|
||||||
|
home.sessionPath = lib.mkBefore [
|
||||||
|
"${config.home.homeDirectory}/.bin/overrides"
|
||||||
|
];
|
||||||
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
# Let Home Manager install and manage itself.
|
# Let Home Manager install and manage itself.
|
||||||
|
@ -28,7 +35,6 @@
|
||||||
fx # JSON viewer
|
fx # JSON viewer
|
||||||
glow # Markdown viewer
|
glow # Markdown viewer
|
||||||
nix-output-monitor # Nice nix output formatting
|
nix-output-monitor # Nice nix output formatting
|
||||||
unstable.scala-next
|
|
||||||
## PDF Processors
|
## PDF Processors
|
||||||
poppler_utils
|
poppler_utils
|
||||||
## htop replacement
|
## htop replacement
|
||||||
|
|
|
@ -1,3 +1,8 @@
|
||||||
{
|
{
|
||||||
allowUnfree = true;
|
allowUnfree = true;
|
||||||
|
packageOverrides = pkgs: {
|
||||||
|
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
|
||||||
|
inherit pkgs;
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -53,7 +53,8 @@ in
|
||||||
functions = {
|
functions = {
|
||||||
rebuild = {
|
rebuild = {
|
||||||
body = ''
|
body = ''
|
||||||
pls nixos-rebuild --flake ~/.config/nixpkgs -L --log-format internal-json -v $argv \
|
command sudo -v && \
|
||||||
|
command sudo nixos-rebuild --flake ~/.config/nixpkgs -L --log-format internal-json -v $argv \
|
||||||
&| ${pkgs.nix-output-monitor}/bin/nom --json
|
&| ${pkgs.nix-output-monitor}/bin/nom --json
|
||||||
'';
|
'';
|
||||||
wraps = "nixos-rebuild";
|
wraps = "nixos-rebuild";
|
||||||
|
@ -61,18 +62,19 @@ in
|
||||||
# Simplify nix usage!
|
# Simplify nix usage!
|
||||||
nx = {
|
nx = {
|
||||||
body = ''
|
body = ''
|
||||||
argparse -s 'h/help' 'impure' 'u/unstable' 'g/git' -- $argv
|
set impure
|
||||||
if set -q _flag_help || test (count $argv) -eq 0
|
if test $argv[1] = "--impure"
|
||||||
echo "nx [--impure] [-u/--unstable/-g/--git] {package} [args...]"
|
set impure "--impure"
|
||||||
return 1
|
set argv $argv[2..]
|
||||||
|
end
|
||||||
|
if test (count $argv) -gt 0
|
||||||
|
nix run $impure nixpkgs#$argv[1] -- $argv[2..]
|
||||||
else
|
else
|
||||||
set -q _flag_impure && set impure "--impure"
|
echo "nx [--impure] {package} [args...]"
|
||||||
set nixpkgs "nixpkgs"
|
return 1
|
||||||
set -q _flag_unstable && set nixpkgs "nixpkgs-unstable"
|
|
||||||
set -q _flag_git && set nixpkgs "github:nixOS/nixpkgs/nixpkgs-unstable"
|
|
||||||
nix run $impure $nixpkgs"#"$argv[1] -- $argv[2..]
|
|
||||||
end
|
end
|
||||||
'';
|
'';
|
||||||
|
wraps = "nix run";
|
||||||
description = "Runs an app from the nixpkgs store.";
|
description = "Runs an app from the nixpkgs store.";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -80,35 +82,25 @@ in
|
||||||
description = "Spawns a shell from the given nixpkgs packages";
|
description = "Spawns a shell from the given nixpkgs packages";
|
||||||
wraps = "nix shell";
|
wraps = "nix shell";
|
||||||
body = ''
|
body = ''
|
||||||
function help
|
set impure
|
||||||
echo "nsh [--impure] [--impure] [-u/--unstable/-g/--git] {package}* [-c command args...]"
|
if test $argv[1] = "--impure"
|
||||||
|
set impure "--impure"
|
||||||
|
set argv $argv[2..]
|
||||||
end
|
end
|
||||||
argparse -s 'h/help' 'impure' 'u/unstable' 'g/git' -- $argv
|
if test (count $argv) -gt 0
|
||||||
if set -q _flag_help || test (count $argv) -eq 0
|
set minusc (contains -i -- "-c" $argv)
|
||||||
help
|
if test -z $minusc
|
||||||
return 0
|
nix shell $impure nixpkgs#$argv -c fish
|
||||||
end
|
else if test $minusc -eq (count $argv)
|
||||||
set packages $argv
|
echo "nsh [--impure] {packages} [-c command args...]"
|
||||||
set minusc (contains -i -- "-c" $argv)
|
|
||||||
if test -n "$minusc"
|
|
||||||
if test $minusc -eq 1
|
|
||||||
help
|
|
||||||
return 1
|
return 1
|
||||||
|
else
|
||||||
|
nix shell $impure nixpkgs#$argv[..(math $minusc - 1)] $argv[$minusc..]
|
||||||
end
|
end
|
||||||
set packages $argv[..(math $minusc - 1)]
|
|
||||||
set argv $argv[(math $minusc + 1)..]
|
|
||||||
else
|
else
|
||||||
set argv "fish" "-i"
|
echo "nsh [--impure] {packages} [-c command args...]"
|
||||||
end
|
|
||||||
if test (count $packages) -eq 0
|
|
||||||
help
|
|
||||||
return 1
|
return 1
|
||||||
end
|
end
|
||||||
set -q _flag_impure && set impure "--impure"
|
|
||||||
set nixpkgs "nixpkgs"
|
|
||||||
set -q _flag_unstable && set nixpkgs "nixpkgs-unstable"
|
|
||||||
set -q _flag_git && set nixpkgs "github:nixOS/nixpkgs/nixpkgs-unstable"
|
|
||||||
nix shell $impure $nixpkgs"#"$packages --command $argv
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
# Grep stuff
|
# Grep stuff
|
||||||
|
@ -126,30 +118,6 @@ in
|
||||||
};
|
};
|
||||||
echo-today = "date +%F";
|
echo-today = "date +%F";
|
||||||
newfile = "mkdir -p (dirname $argv[-1]) && touch $argv";
|
newfile = "mkdir -p (dirname $argv[-1]) && touch $argv";
|
||||||
|
|
||||||
# pls
|
|
||||||
pls = {
|
|
||||||
wraps = "sudo";
|
|
||||||
body = ''
|
|
||||||
set -l cmd "`"(string join " " -- $argv)"`"
|
|
||||||
echo "I-It's not like I'm gonna run "$cmd" for you or a-anything! Baka >:C" >&2
|
|
||||||
# Send a notification on password prompt
|
|
||||||
if command sudo -vn 2>/dev/null
|
|
||||||
# nothing to do, user already authenticated
|
|
||||||
else
|
|
||||||
# throw a notification
|
|
||||||
set notif_id (kitten notify -P \
|
|
||||||
-p ${./haruka.png} \
|
|
||||||
-a "pls" \
|
|
||||||
-u critical \
|
|
||||||
"A-a command requires your p-password" \
|
|
||||||
(printf "I-I need your p-password to r-run the following c-command:\n\n%s" $cmd))
|
|
||||||
command sudo -v -p "P-password please: "
|
|
||||||
kitten notify -i $notif_id ""
|
|
||||||
end
|
|
||||||
command sudo $argv
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -178,9 +146,6 @@ in
|
||||||
if test -e /opt/homebrew/bin/brew
|
if test -e /opt/homebrew/bin/brew
|
||||||
/opt/homebrew/bin/brew shellenv | source
|
/opt/homebrew/bin/brew shellenv | source
|
||||||
end
|
end
|
||||||
|
|
||||||
# Override PATH
|
|
||||||
set --export --prepend PATH ~/.bin/overrides ~/.local/bin
|
|
||||||
'';
|
'';
|
||||||
|
|
||||||
interactiveShellInit = ''
|
interactiveShellInit = ''
|
||||||
|
@ -285,8 +250,8 @@ in
|
||||||
target = ".config/fish/conf.d/change_cmd.fish";
|
target = ".config/fish/conf.d/change_cmd.fish";
|
||||||
};
|
};
|
||||||
"fish/pls.fish" = {
|
"fish/pls.fish" = {
|
||||||
source = ./pls_extra.fish;
|
source = ./. + "/pls.fish";
|
||||||
target = ".config/fish/conf.d/pls_extra.fish";
|
target = ".config/fish/conf.d/pls.fish";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 30 KiB |
155
home/fish/pls.fish
Normal file
155
home/fish/pls.fish
Normal file
|
@ -0,0 +1,155 @@
|
||||||
|
alias sue="pls -e"
|
||||||
|
|
||||||
|
function pls
|
||||||
|
set -l cmd "`"(string join " " -- $argv)"`"
|
||||||
|
echo "I-It's not like I'm gonna run "$cmd" for you or a-anything! Baka >:C" >&2
|
||||||
|
# Send a notification on password prompt
|
||||||
|
if command sudo -vn 2>/dev/null
|
||||||
|
# nothing to do, user already authenticated
|
||||||
|
else
|
||||||
|
# throw a notification
|
||||||
|
# notify-send -t 3000 -u critical -i ~/Downloads/harukablush.jpg -h "STRING:command:"$cmd "A-a command requires your p-password" (printf "I-I need your p-password to r-run the following c-command: %s" $cmd)
|
||||||
|
end
|
||||||
|
command sudo $argv
|
||||||
|
end
|
||||||
|
|
||||||
|
function sudo
|
||||||
|
echo "Not polite enough."
|
||||||
|
end
|
||||||
|
|
||||||
|
function __fish_prepend_pls -d "Prepend 'pls ' to the beginning of the current commandline"
|
||||||
|
# If there is no commandline, insert the last item from history
|
||||||
|
# and *then* toggle
|
||||||
|
if not commandline | string length -q
|
||||||
|
commandline -r "$history[1]"
|
||||||
|
end
|
||||||
|
|
||||||
|
set -l cmd (commandline -po)
|
||||||
|
set -l cursor (commandline -C)
|
||||||
|
|
||||||
|
if test "$cmd[1]" = e
|
||||||
|
commandline -C 0
|
||||||
|
commandline -i "su"
|
||||||
|
commandline -C (math $cursor + 2)
|
||||||
|
else if test "$cmd[1]" = sue
|
||||||
|
commandline -r (string sub --start=3 (commandline -p))
|
||||||
|
commandline -C -- (math $cursor - 2)
|
||||||
|
else if test "$cmd[1]" != pls
|
||||||
|
commandline -C 0
|
||||||
|
commandline -i "pls "
|
||||||
|
commandline -C (math $cursor + 4)
|
||||||
|
else
|
||||||
|
commandline -r (string sub --start=5 (commandline -p))
|
||||||
|
commandline -C -- (math $cursor - 4)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
bind --preset -e -M insert \es
|
||||||
|
bind -M insert \es __fish_prepend_pls
|
||||||
|
|
||||||
|
function __fish_man_page
|
||||||
|
# Get all commandline tokens not starting with "-"
|
||||||
|
set -l args (commandline -po | string match -rv '^-')
|
||||||
|
|
||||||
|
# If commandline is empty, exit.
|
||||||
|
if not set -q args[1]
|
||||||
|
printf \a
|
||||||
|
return
|
||||||
|
end
|
||||||
|
|
||||||
|
#Skip `pls` and display then manpage of following command
|
||||||
|
while set -q args[2]
|
||||||
|
and string match -qr -- '^(pls|.*=.*)$' $args[1]
|
||||||
|
set -e args[1]
|
||||||
|
end
|
||||||
|
|
||||||
|
# If there are at least two tokens not starting with "-", the second one might be a subcommand.
|
||||||
|
# Try "man first-second" and fall back to "man first" if that doesn't work out.
|
||||||
|
set -l maincmd (basename $args[1])
|
||||||
|
if set -q args[2]
|
||||||
|
# HACK: If stderr is not attached to a terminal `less` (the default pager)
|
||||||
|
# wouldn't use the alternate screen.
|
||||||
|
# But since we don't know what pager it is, and because `man` is totally underspecified,
|
||||||
|
# the best we can do is to *try* the man page, and assume that `man` will return false if it fails.
|
||||||
|
# See #7863.
|
||||||
|
if man "$maincmd-$args[2]" &>/dev/null
|
||||||
|
man "$maincmd-$args[2]"
|
||||||
|
else if man "$maincmd" &>/dev/null
|
||||||
|
man "$maincmd"
|
||||||
|
else
|
||||||
|
printf \a
|
||||||
|
end
|
||||||
|
else
|
||||||
|
if man "$maincmd" &>/dev/null
|
||||||
|
man "$maincmd"
|
||||||
|
else
|
||||||
|
printf \a
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
commandline -f repaint
|
||||||
|
end
|
||||||
|
|
||||||
|
#
|
||||||
|
# Completion for pls
|
||||||
|
#
|
||||||
|
|
||||||
|
function __fish_pls_print_remaining_args
|
||||||
|
set -l tokens (commandline -opc) (commandline -ct)
|
||||||
|
set -e tokens[1]
|
||||||
|
# These are all the options mentioned in the man page for Todd Miller's "pls.ws" pls (in that order).
|
||||||
|
# If any other implementation has different options, this should be harmless, since they shouldn't be used anyway.
|
||||||
|
set -l opts A/askpass b/background C/close-from= E/preserve-env='?'
|
||||||
|
# Note that "-h" is both "--host" (which takes an option) and "--help" (which doesn't).
|
||||||
|
# But `-h` as `--help` only counts when it's the only argument (`pls -h`),
|
||||||
|
# so any argument completion after that should take it as "--host".
|
||||||
|
set -a opts e/edit g/group= H/set-home h/host= 1-help
|
||||||
|
set -a opts i/login K/remove-timestamp k/reset-timestamp l/list n/non-interactive
|
||||||
|
set -a opts P/preserve-groups p/prompt= S/stdin s/shell U/other-user=
|
||||||
|
set -a opts u/user= T/command-timeout= V/version v/validate
|
||||||
|
argparse -s $opts -- $tokens 2>/dev/null
|
||||||
|
# The remaining argv is the subcommand with all its options, which is what
|
||||||
|
# we want.
|
||||||
|
if test -n "$argv"
|
||||||
|
and not string match -qr '^-' $argv[1]
|
||||||
|
string join0 -- $argv
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
function __fish_pls_no_subcommand
|
||||||
|
not __fish_pls_print_remaining_args >/dev/null
|
||||||
|
end
|
||||||
|
|
||||||
|
function __fish_complete_pls_subcommand
|
||||||
|
set -l args (__fish_pls_print_remaining_args | string split0)
|
||||||
|
set -lx -a PATH /usr/local/sbin /sbin /usr/sbin
|
||||||
|
__fish_complete_subcommand --commandline $args
|
||||||
|
end
|
||||||
|
|
||||||
|
# All these options should be valid for GNU and OSX pls
|
||||||
|
complete -c pls -n __fish_no_arguments -s h -d "Display help and exit"
|
||||||
|
complete -c pls -n __fish_no_arguments -s V -d "Display version information and exit"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s A -d "Ask for password via the askpass or \$SSH_ASKPASS program"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s C -d "Close all file descriptors greater or equal to the given number" -xa "0 1 2 255"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s E -d "Preserve environment"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s H -d "Set home"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s K -d "Remove the credential timestamp entirely"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s P -d "Preserve group vector"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s S -d "Read password from stdin"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s b -d "Run command in the background"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s e -rF -d Edit
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s g -a "(__fish_complete_groups)" -x -d "Run command as group"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s i -d "Run a login shell"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s k -d "Reset or ignore the credential timestamp"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s l -d "List the allowed and forbidden commands for the given user"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s n -d "Do not prompt for a password - if one is needed, fail"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s p -d "Specify a custom password prompt"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s s -d "Run the given command in a shell"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s u -a "(__fish_complete_users)" -x -d "Run command as user"
|
||||||
|
complete -c pls -n __fish_pls_no_subcommand -s v -n __fish_no_arguments -d "Validate the credentials, extending timeout"
|
||||||
|
|
||||||
|
# Complete the command we are executed under pls
|
||||||
|
complete -c pls -x -n 'not __fish_seen_argument -s e' -a "(__fish_complete_pls_subcommand)"
|
|
@ -1,47 +0,0 @@
|
||||||
alias sue="pls -e"
|
|
||||||
|
|
||||||
function sudo
|
|
||||||
echo "Not polite enough."
|
|
||||||
end
|
|
||||||
|
|
||||||
bind --preset -M visual \es 'fish_commandline_prepend pls'
|
|
||||||
bind -M insert \es 'fish_commandline_prepend pls'
|
|
||||||
|
|
||||||
function __fish_man_page
|
|
||||||
# Get all commandline tokens not starting with "-", up to and including the cursor's
|
|
||||||
set -l args (string match -rv '^-|^$' -- (commandline -cpx && commandline -t))
|
|
||||||
|
|
||||||
# If commandline is empty, exit.
|
|
||||||
if not set -q args[1]
|
|
||||||
printf \a
|
|
||||||
return
|
|
||||||
end
|
|
||||||
|
|
||||||
# Skip leading commands and display the manpage of following command
|
|
||||||
while set -q args[2]
|
|
||||||
and string match -qr -- '^(and|begin|builtin|caffeinate|command|doas|entr|env|exec|if|mosh|nice|not|or|pipenv|prime-run|setsid|sudo|pls|systemd-nspawn|time|watch|while|xargs|.*=.*)$' $args[1]
|
|
||||||
set -e args[1]
|
|
||||||
end
|
|
||||||
|
|
||||||
# If there are at least two tokens not starting with "-", the second one might be a subcommand.
|
|
||||||
# Try "man first-second" and fall back to "man first" if that doesn't work out.
|
|
||||||
set -l maincmd (path basename $args[1])
|
|
||||||
# HACK: If stderr is not attached to a terminal `less` (the default pager)
|
|
||||||
# wouldn't use the alternate screen.
|
|
||||||
# But since we don't know what pager it is, and because `man` is totally underspecified,
|
|
||||||
# the best we can do is to *try* the man page, and assume that `man` will return false if it fails.
|
|
||||||
# See #7863.
|
|
||||||
if set -q args[2]
|
|
||||||
and not string match -q -- '*/*' $args[2]
|
|
||||||
and man "$maincmd-$args[2]" &>/dev/null
|
|
||||||
man "$maincmd-$args[2]"
|
|
||||||
else
|
|
||||||
if man "$maincmd" &>/dev/null
|
|
||||||
man "$maincmd"
|
|
||||||
else
|
|
||||||
printf \a
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
commandline -f repaint
|
|
||||||
end
|
|
|
@ -272,7 +272,7 @@ in
|
||||||
# override inherited files
|
# override inherited files
|
||||||
cat ${tree-sitter-go}/queries/highlights.scm ${src}/queries/templ/highlights.scm > $out/queries/highlights.scm
|
cat ${tree-sitter-go}/queries/highlights.scm ${src}/queries/templ/highlights.scm > $out/queries/highlights.scm
|
||||||
'';
|
'';
|
||||||
queries.path = "queries";
|
queries.path = "queries/templ";
|
||||||
};
|
};
|
||||||
|
|
||||||
go = {
|
go = {
|
||||||
|
@ -282,23 +282,6 @@ in
|
||||||
queries.src = tree-sitter-go;
|
queries.src = tree-sitter-go;
|
||||||
queries.path = "queries";
|
queries.path = "queries";
|
||||||
};
|
};
|
||||||
|
|
||||||
hylo =
|
|
||||||
let
|
|
||||||
src = pkgs.fetchFromGitHub {
|
|
||||||
owner = "natsukagami";
|
|
||||||
repo = "tree-sitter-hylo";
|
|
||||||
rev = "494cbdff0d13cbc67348316af2efa0286dbddf6f";
|
|
||||||
hash = "sha256-R5UeoglCTl0do3VDJ/liCTeqbxU9slvmVKNRA/el2VY=";
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
grammar.src = src;
|
|
||||||
grammar.compile.args = [ "-c" "-fpic" "../parser.c" "-I" ".." ];
|
|
||||||
grammar.link.args = [ "-shared" "-fpic" "parser.o" ];
|
|
||||||
queries.src = src;
|
|
||||||
queries.path = "queries";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.my-kakoune.package = pkgs.kakoune;
|
programs.my-kakoune.package = pkgs.kakoune;
|
||||||
|
|
|
@ -64,12 +64,6 @@ hook global InsertChar \t %{ exec -draft -itersel h@ }
|
||||||
set global tabstop 2
|
set global tabstop 2
|
||||||
set global indentwidth 2
|
set global indentwidth 2
|
||||||
|
|
||||||
# Language-specific tabstop with override
|
|
||||||
hook global WinSetOption filetype=(rust) %{
|
|
||||||
set window tabstop 4
|
|
||||||
set window indentwidth 4
|
|
||||||
}
|
|
||||||
|
|
||||||
# Ctrl + a in insert mode = esc
|
# Ctrl + a in insert mode = esc
|
||||||
map global insert <c-a> '<esc>'
|
map global insert <c-a> '<esc>'
|
||||||
|
|
||||||
|
@ -158,6 +152,9 @@ hook global WinSetOption filetype=(rust) %{
|
||||||
hook global WinSetOption filetype=(scala) %{
|
hook global WinSetOption filetype=(scala) %{
|
||||||
# Format the document if possible
|
# Format the document if possible
|
||||||
hook -group scala-fmt window BufWritePre .* %{ lsp-formatting-sync }
|
hook -group scala-fmt window BufWritePre .* %{ lsp-formatting-sync }
|
||||||
|
|
||||||
|
set window tabstop 2
|
||||||
|
set window indentwidth 2
|
||||||
}
|
}
|
||||||
|
|
||||||
hook global WinSetOption filetype=(typst) %{
|
hook global WinSetOption filetype=(typst) %{
|
||||||
|
@ -217,12 +214,7 @@ hook global BufCreate .*[.]typ %{
|
||||||
|
|
||||||
hook global BufCreate .*[.]templ %{
|
hook global BufCreate .*[.]templ %{
|
||||||
set-option buffer filetype templ
|
set-option buffer filetype templ
|
||||||
set-option buffer comment_line "//"
|
set-option window comment_line "//"
|
||||||
}
|
|
||||||
|
|
||||||
hook global BufCreate .*[.]hylo %{
|
|
||||||
set-option buffer filetype hylo
|
|
||||||
set-option buffer comment_line "//"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
hook global BufOpenFile .* %{
|
hook global BufOpenFile .* %{
|
||||||
|
|
|
@ -3,7 +3,6 @@ with lib;
|
||||||
let
|
let
|
||||||
cfg = config.linux.graphical;
|
cfg = config.linux.graphical;
|
||||||
|
|
||||||
thunderbird = pkgs.thunderbird-128;
|
|
||||||
vscode = with pkgs; if stdenv.isAarch64 then unstable.vscode else unstable.vscode-fhs;
|
vscode = with pkgs; if stdenv.isAarch64 then unstable.vscode else unstable.vscode-fhs;
|
||||||
|
|
||||||
wifi-indicator = pkgs.writeScriptBin "wifi-indicator" ''
|
wifi-indicator = pkgs.writeScriptBin "wifi-indicator" ''
|
||||||
|
@ -58,25 +57,23 @@ in
|
||||||
feh # For images?
|
feh # For images?
|
||||||
deluge # Torrent client
|
deluge # Torrent client
|
||||||
pavucontrol # PulseAudio control panel
|
pavucontrol # PulseAudio control panel
|
||||||
|
cinnamon.nemo # File manager
|
||||||
thunderbird # Email
|
thunderbird # Email
|
||||||
sublime-music # For navidrome
|
sublime-music # For navidrome
|
||||||
# cinny-desktop
|
cinny-desktop
|
||||||
gajim
|
gajim
|
||||||
vivaldi
|
vivaldi
|
||||||
# Audio
|
# Audio
|
||||||
qpwgraph # Pipewire graph
|
qpwgraph # Pipewire graph
|
||||||
|
|
||||||
unstable.zotero
|
zotero_7
|
||||||
libreoffice
|
libreoffice
|
||||||
|
|
||||||
mpv # for anki
|
mpv # for anki
|
||||||
anki-bin
|
anki-bin
|
||||||
|
|
||||||
# Chat stuff
|
|
||||||
tdesktop
|
tdesktop
|
||||||
whatsapp-for-linux
|
whatsapp-for-linux
|
||||||
slack
|
|
||||||
zoom-us
|
|
||||||
|
|
||||||
librewolf
|
librewolf
|
||||||
|
|
||||||
|
@ -85,7 +82,11 @@ in
|
||||||
# sct # Display color temperature
|
# sct # Display color temperature
|
||||||
xdg-utils # Open stuff
|
xdg-utils # Open stuff
|
||||||
wifi-indicator
|
wifi-indicator
|
||||||
]);
|
] ++ (if pkgs.stdenv.isAarch64 then [ ] else [
|
||||||
|
gnome.cheese # Webcam check, expensive
|
||||||
|
# Chat stuff
|
||||||
|
slack
|
||||||
|
]));
|
||||||
|
|
||||||
nki.programs.discord.enable = pkgs.stdenv.isx86_64;
|
nki.programs.discord.enable = pkgs.stdenv.isx86_64;
|
||||||
nki.programs.discord.package = pkgs.vesktop;
|
nki.programs.discord.package = pkgs.vesktop;
|
||||||
|
|
|
@ -14,7 +14,7 @@ let
|
||||||
systemd.user.services.swaync.Unit.PartOf = lib.mkForce [ "sway-session.target" ];
|
systemd.user.services.swaync.Unit.PartOf = lib.mkForce [ "sway-session.target" ];
|
||||||
|
|
||||||
programs.my-sway.waybar = {
|
programs.my-sway.waybar = {
|
||||||
extraSettings = [{
|
extraSettings = {
|
||||||
modules-right = mkAfter [ "custom/swaync" ];
|
modules-right = mkAfter [ "custom/swaync" ];
|
||||||
modules."custom/swaync" = {
|
modules."custom/swaync" = {
|
||||||
tooltip = false;
|
tooltip = false;
|
||||||
|
@ -36,7 +36,7 @@ let
|
||||||
on-click-right = "${swaync}/bin/swaync-client -d -sw";
|
on-click-right = "${swaync}/bin/swaync-client -d -sw";
|
||||||
escape = true;
|
escape = true;
|
||||||
};
|
};
|
||||||
}];
|
};
|
||||||
extraStyle = mkAfter ''
|
extraStyle = mkAfter ''
|
||||||
#custom-swaync {
|
#custom-swaync {
|
||||||
background: #F0FFFF;
|
background: #F0FFFF;
|
||||||
|
|
|
@ -2,20 +2,11 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.nki.programs.kitty;
|
cfg = config.nki.programs.kitty;
|
||||||
|
cmd = if pkgs.stdenv.isDarwin then "cmd" else "ctrl";
|
||||||
theme = { lib, options, config, ... }: {
|
|
||||||
programs.kitty = lib.mkIf config.nki.programs.kitty.enable (
|
|
||||||
if builtins.hasAttr "themeFile" options.programs.kitty then {
|
|
||||||
themeFile = "ayu_light";
|
|
||||||
} else {
|
|
||||||
theme = "Ayu Light";
|
|
||||||
}
|
|
||||||
);
|
|
||||||
};
|
|
||||||
in
|
in
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
imports = [ theme ./darwin.nix ./linux.nix ./tabs.nix ];
|
imports = [ ./darwin.nix ./linux.nix ./tabs.nix ];
|
||||||
|
|
||||||
options.nki.programs.kitty = {
|
options.nki.programs.kitty = {
|
||||||
enable = mkEnableOption "Enable kitty";
|
enable = mkEnableOption "Enable kitty";
|
||||||
|
@ -60,6 +51,8 @@ with lib;
|
||||||
font.name = "Fantasque Sans Mono";
|
font.name = "Fantasque Sans Mono";
|
||||||
font.size = cfg.fontSize;
|
font.size = cfg.fontSize;
|
||||||
|
|
||||||
|
theme = "Ayu Light";
|
||||||
|
|
||||||
settings =
|
settings =
|
||||||
let
|
let
|
||||||
# Background color and transparency
|
# Background color and transparency
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ pkgs, lib, options, config, osConfig, ... }:
|
{ pkgs, lib, options, config, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
cfg = config.programs.my-sway;
|
cfg = config.programs.my-sway;
|
||||||
|
@ -110,12 +110,12 @@ in
|
||||||
default = barWith: [ (barWith { }) ];
|
default = barWith: [ (barWith { }) ];
|
||||||
};
|
};
|
||||||
extraSettings = mkOption {
|
extraSettings = mkOption {
|
||||||
type = types.listOf types.raw;
|
type = types.raw;
|
||||||
description = "Extra settings to be included with every default bar";
|
description = "Extra settings to be included with every default bar";
|
||||||
default = [ ];
|
default = { };
|
||||||
};
|
};
|
||||||
extraStyle = mkOption {
|
extraStyle = mkOption {
|
||||||
type = types.lines;
|
type = types.str;
|
||||||
description = "Additional style for the default waybar";
|
description = "Additional style for the default waybar";
|
||||||
default = "";
|
default = "";
|
||||||
};
|
};
|
||||||
|
@ -129,11 +129,8 @@ in
|
||||||
"PATH" # for portals
|
"PATH" # for portals
|
||||||
"XDG_DATA_DIRS" # For extra icons
|
"XDG_DATA_DIRS" # For extra icons
|
||||||
"XDG_DATA_HOME" # For extra icons
|
"XDG_DATA_HOME" # For extra icons
|
||||||
] ++ lib.optionals osConfig.services.desktopManager.plasma6.enable [
|
|
||||||
"XDG_MENU_PREFIX"
|
|
||||||
];
|
];
|
||||||
systemd.extraCommands = options.wayland.windowManager.sway.systemd.extraCommands.default
|
systemd.extraCommands = options.wayland.windowManager.sway.systemd.extraCommands.default ++ [
|
||||||
++ [
|
|
||||||
"systemctl --user restart xdg-desktop-portal.service"
|
"systemctl --user restart xdg-desktop-portal.service"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -361,9 +358,7 @@ in
|
||||||
eval `gnome-keyring-daemon`
|
eval `gnome-keyring-daemon`
|
||||||
export SSH_AUTH_SOCK
|
export SSH_AUTH_SOCK
|
||||||
fi
|
fi
|
||||||
'' else "") + lib.optionalString osConfig.services.desktopManager.plasma6.enable ''
|
'' else "");
|
||||||
export XDG_MENU_PREFIX=plasma-
|
|
||||||
'';
|
|
||||||
# Extra
|
# Extra
|
||||||
wrapperFeatures.base = true;
|
wrapperFeatures.base = true;
|
||||||
wrapperFeatures.gtk = true;
|
wrapperFeatures.gtk = true;
|
||||||
|
@ -414,7 +409,7 @@ in
|
||||||
|
|
||||||
config.programs.waybar =
|
config.programs.waybar =
|
||||||
let
|
let
|
||||||
barWith = { showMedia ? true, showConnectivity ? true, extraSettings ? { }, ... }: mkMerge ([{
|
barWith = { showMedia ? true, showConnectivity ? true, extraSettings ? { }, ... }: (mkMerge [{
|
||||||
position = "top";
|
position = "top";
|
||||||
modules-left = [
|
modules-left = [
|
||||||
"sway/workspaces"
|
"sway/workspaces"
|
||||||
|
@ -425,7 +420,7 @@ in
|
||||||
];
|
];
|
||||||
modules-right =
|
modules-right =
|
||||||
lib.optional showMedia (if cfg.enableMpd then "mpd" else "custom/media")
|
lib.optional showMedia (if cfg.enableMpd then "mpd" else "custom/media")
|
||||||
++ [
|
++ [
|
||||||
"tray"
|
"tray"
|
||||||
"pulseaudio"
|
"pulseaudio"
|
||||||
] ++ lib.optionals showConnectivity [
|
] ++ lib.optionals showConnectivity [
|
||||||
|
@ -436,7 +431,7 @@ in
|
||||||
"memory"
|
"memory"
|
||||||
"temperature"
|
"temperature"
|
||||||
] ++ lib.optionals cfg.enableLaptopBars [ "battery" "battery#bat2" ]
|
] ++ lib.optionals cfg.enableLaptopBars [ "battery" "battery#bat2" ]
|
||||||
++ [
|
++ [
|
||||||
"clock"
|
"clock"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -603,9 +598,9 @@ in
|
||||||
"on-click" = "${playerctl} play-pause";
|
"on-click" = "${playerctl} play-pause";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}] ++
|
}
|
||||||
cfg.waybar.extraSettings
|
cfg.waybar.extraSettings
|
||||||
++ [ extraSettings ]);
|
extraSettings]);
|
||||||
in
|
in
|
||||||
mkIf cfg.enable {
|
mkIf cfg.enable {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -4,15 +4,13 @@ let
|
||||||
name = "openconnect-epfl";
|
name = "openconnect-epfl";
|
||||||
runtimeInputs = with pkgs; [ openconnect rbw ];
|
runtimeInputs = with pkgs; [ openconnect rbw ];
|
||||||
text = ''
|
text = ''
|
||||||
METHOD="Microsoft Entra ID"
|
GASPAR_PASSWORD=$(rbw get gaspar)
|
||||||
RBW_ENTRY="EPFL Microsoft Auth"
|
GASPAR_TOKEN=$(rbw code gaspar)
|
||||||
GASPAR_PASSWORD=$(rbw get "$RBW_ENTRY")
|
|
||||||
GASPAR_TOKEN=$(rbw code "$RBW_ENTRY")
|
|
||||||
|
|
||||||
printf "\n%s\n%s\n%s\n" "$METHOD" "$GASPAR_PASSWORD" "$GASPAR_TOKEN" | command sudo openconnect \
|
printf "%s\n%s\n" "$GASPAR_PASSWORD" "$GASPAR_TOKEN" | sudo openconnect \
|
||||||
--passwd-on-stdin \
|
--passwd-on-stdin \
|
||||||
-u "pham" \
|
-u pham \
|
||||||
--useragent='AnyConnect' \
|
--useragent='AnyConnect' \
|
||||||
"https://vpn.epfl.ch"
|
"https://vpn.epfl.ch"
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
|
@ -48,21 +48,6 @@
|
||||||
tap = "enabled";
|
tap = "enabled";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
programs.my-sway.waybar.extraSettings =
|
|
||||||
let
|
|
||||||
change-mode = pkgs.writeScript "change-mode" ''
|
|
||||||
#!/usr/bin/env ${lib.getExe pkgs.fish}
|
|
||||||
set -ax PATH ${lib.getBin pkgs.power-profiles-daemon} ${lib.getBin pkgs.rofi} ${lib.getBin pkgs.ripgrep}
|
|
||||||
|
|
||||||
set profiles (powerprofilesctl list | rg "^[ *] (\S+):" -r '$1')
|
|
||||||
set selected_index (math (contains -i (powerprofilesctl get) $profiles) - 1)
|
|
||||||
set new_profile (printf "%s\n" $profiles | rofi -dmenu -p "Switch to power profile" -a $selected_index)
|
|
||||||
powerprofilesctl set $new_profile
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
[{
|
|
||||||
modules."battery"."on-click" = change-mode;
|
|
||||||
}];
|
|
||||||
|
|
||||||
# input-remapping
|
# input-remapping
|
||||||
xdg.configFile."autostart/input-remapper-autoload.desktop".source =
|
xdg.configFile."autostart/input-remapper-autoload.desktop".source =
|
||||||
|
@ -76,32 +61,16 @@
|
||||||
# Multiple screen setup
|
# Multiple screen setup
|
||||||
services.kanshi = with config.common.monitors; {
|
services.kanshi = with config.common.monitors; {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = [
|
profiles.undocked.outputs = [{
|
||||||
{
|
criteria = "eDP-1";
|
||||||
profile.name = "undocked";
|
}];
|
||||||
profile.outputs = [{ criteria = "eDP-1"; }];
|
profiles.work-both.outputs = [
|
||||||
}
|
{ criteria = "eDP-1"; position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}"; status = "enable"; }
|
||||||
{
|
{ criteria = work.name; position = "1920,0"; }
|
||||||
profile.name = "work-both";
|
];
|
||||||
profile.outputs = [
|
profiles.work-one.outputs = [
|
||||||
{
|
{ criteria = "eDP-1"; status = "disable"; }
|
||||||
criteria = "eDP-1";
|
{ criteria = config.common.monitors.work.name; }
|
||||||
position = "0,${toString (builtins.floor ((2160 / work.scale - 1200) + 1200 / 3))}";
|
|
||||||
status = "enable";
|
|
||||||
}
|
|
||||||
{ criteria = work.name; position = "1920,0"; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
profile.name = "work-one";
|
|
||||||
profile.outputs = [
|
|
||||||
{
|
|
||||||
criteria = "eDP-1";
|
|
||||||
status = "disable";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{ output.criteria = config.common.monitors.work.name; }
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
43
home/osu.nix
43
home/osu.nix
|
@ -1,28 +1,29 @@
|
||||||
{ pkgs, lib, ... }:
|
{ pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
# osu-pkg = pkgs.unstable.osu-lazer-bin;
|
osu-pkg = pkgs.unstable.osu-lazer-bin;
|
||||||
osu-pkg = with pkgs; with lib;
|
# osu-pkg = with pkgs; with lib;
|
||||||
appimageTools.wrapType2 rec {
|
# appimageTools.wrapType2 rec {
|
||||||
pname = "osu-lazer-bin";
|
# pname = "osu-lazer-bin";
|
||||||
version = "2024.1009.1";
|
# version = "2024.312.1";
|
||||||
src = fetchurl {
|
# src = pkgs.fetchurl {
|
||||||
url = "https://github.com/ppy/osu/releases/download/${version}/osu.AppImage";
|
# url = "https://github.com/ppy/osu/releases/download/${version}/osu.AppImage";
|
||||||
sha256 = "sha256-2H2SPcUm/H/0D9BqBiTFvaCwd0c14/r+oWhyeZdNpoU=";
|
# hash = "sha256-1dzgs1p3/pf4eCdKvQ9JxowN+oBPBNaZv5e6qHeFPEM=";
|
||||||
};
|
# };
|
||||||
extraPkgs = pkgs: with pkgs; [ icu ];
|
|
||||||
|
|
||||||
extraInstallCommands =
|
# extraPkgs = pkgs: with pkgs; [ icu ];
|
||||||
let contents = appimageTools.extract { inherit pname version src; };
|
|
||||||
in
|
# extraInstallCommands =
|
||||||
''
|
# let contents = appimageTools.extract { inherit pname version src; };
|
||||||
mv -v $out/bin/${pname} $out/bin/osu\!
|
# in
|
||||||
install -m 444 -D ${contents}/osu\!.desktop -t $out/share/applications
|
# ''
|
||||||
for i in 16 32 48 64 96 128 256 512 1024; do
|
# mv -v $out/bin/${pname}-${version} $out/bin/osu\!
|
||||||
install -D ${contents}/osu\!.png $out/share/icons/hicolor/''${i}x$i/apps/osu\!.png
|
# install -m 444 -D ${contents}/osu\!.desktop -t $out/share/applications
|
||||||
done
|
# for i in 16 32 48 64 96 128 256 512 1024; do
|
||||||
'';
|
# install -D ${contents}/osu\!.png $out/share/icons/hicolor/''${i}x$i/apps/osu\!.png
|
||||||
};
|
# done
|
||||||
|
# '';
|
||||||
|
# };
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
home.packages = [ osu-pkg ];
|
home.packages = [ osu-pkg ];
|
||||||
|
|
|
@ -70,7 +70,7 @@
|
||||||
services.printing.drivers = with pkgs; [ epfl-cups-drivers ];
|
services.printing.drivers = with pkgs; [ epfl-cups-drivers ];
|
||||||
|
|
||||||
# Enable touchpad support (enabled default in most desktopManager).
|
# Enable touchpad support (enabled default in most desktopManager).
|
||||||
services.libinput.enable = true;
|
services.xserver.libinput.enable = true;
|
||||||
# Keyboard
|
# Keyboard
|
||||||
services.input-remapper.enable = true;
|
services.input-remapper.enable = true;
|
||||||
services.input-remapper.serviceWantedBy = [ "multi-user.target" ];
|
services.input-remapper.serviceWantedBy = [ "multi-user.target" ];
|
||||||
|
|
|
@ -22,8 +22,8 @@ let
|
||||||
};
|
};
|
||||||
authentik = mkImage {
|
authentik = mkImage {
|
||||||
imageName = "ghcr.io/goauthentik/server";
|
imageName = "ghcr.io/goauthentik/server";
|
||||||
finalImageTag = "2024.8.2";
|
finalImageTag = "2024.4.2";
|
||||||
imageDigest = "sha256:71984fdbb7a9414f5172bb446104d3fe4ab1ab412c8b3343bb97b04449dd53eb";
|
imageDigest = "sha256:a2e592a08eb3c9e3435aa4e6585d60cc1eb54850da9d1498d56a131bbfbe03ff";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
authentikEnv = pkgs.writeText "authentik.env" ''
|
authentikEnv = pkgs.writeText "authentik.env" ''
|
||||||
|
@ -48,14 +48,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
systemd.services.arion-authentik = {
|
systemd.services.arion-authentik.serviceConfig.EnvironmentFile = cfg.envFile;
|
||||||
serviceConfig.EnvironmentFile = cfg.envFile;
|
|
||||||
serviceConfig.Type = "notify";
|
|
||||||
serviceConfig.NotifyAccess = "all";
|
|
||||||
script = lib.mkBefore ''
|
|
||||||
${lib.getExe pkgs.wait4x} http http://127.0.0.1:${toString cfg.port} --expect-status-code 200 -t 0 -q -- systemd-notify --ready &
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
virtualisation.arion.projects.authentik.settings = {
|
virtualisation.arion.projects.authentik.settings = {
|
||||||
services.postgresql.service = {
|
services.postgresql.service = {
|
||||||
image = images.postgresql;
|
image = images.postgresql;
|
||||||
|
|
|
@ -74,8 +74,6 @@ with lib;
|
||||||
global.port = instance.port;
|
global.port = instance.port;
|
||||||
global.allow_registration = instance.allow_registration;
|
global.allow_registration = instance.allow_registration;
|
||||||
global.database_path = "/mnt/data/${srvName}/";
|
global.database_path = "/mnt/data/${srvName}/";
|
||||||
global.well_known_client = "https://${instance.host}";
|
|
||||||
global.well_known_server = "${instance.host}:443";
|
|
||||||
});
|
});
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -116,12 +114,61 @@ with lib;
|
||||||
))
|
))
|
||||||
cfg.instances);
|
cfg.instances);
|
||||||
|
|
||||||
|
# Serving .well-known files
|
||||||
|
# This is a single .well-known/matrix/server file that points to the server,
|
||||||
|
# which is NOT on port 8448 since Cloudflare doesn't allow us to route HTTPS
|
||||||
|
# through that port.
|
||||||
|
config.services.nginx = mkIf cfg.enable
|
||||||
|
{
|
||||||
|
enable = true;
|
||||||
|
virtualHosts = lib.attrsets.mapAttrs'
|
||||||
|
(name: instance: lib.attrsets.nameValuePair "conduit-${name}-well-known" {
|
||||||
|
listen = [{ addr = "127.0.0.1"; port = instance.well-known_port; }];
|
||||||
|
# Check https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md
|
||||||
|
# for the file structure.
|
||||||
|
root = pkgs.symlinkJoin
|
||||||
|
{
|
||||||
|
name = "well-known-files-for-conduit-${name}";
|
||||||
|
paths = [
|
||||||
|
(pkgs.writeTextDir ".well-known/matrix/client" (builtins.toJSON {
|
||||||
|
"m.homeserver".base_url = "https://${instance.host}";
|
||||||
|
"org.matrix.msc3575.proxy".url = "https://${instance.host}";
|
||||||
|
}))
|
||||||
|
(pkgs.writeTextDir ".well-known/matrix/server" (builtins.toJSON {
|
||||||
|
"m.server" = "${instance.host}:443";
|
||||||
|
}))
|
||||||
|
];
|
||||||
|
};
|
||||||
|
extraConfig =
|
||||||
|
# Enable CORS from anywhere since we want all clients to find us out
|
||||||
|
''
|
||||||
|
add_header 'Access-Control-Allow-Origin' "*";
|
||||||
|
'' +
|
||||||
|
# Force returning values to be JSON data
|
||||||
|
''
|
||||||
|
default_type application/json;
|
||||||
|
'';
|
||||||
|
})
|
||||||
|
cfg.instances;
|
||||||
|
};
|
||||||
|
|
||||||
config.cloud.traefik.hosts = mkIf cfg.enable (
|
config.cloud.traefik.hosts = mkIf cfg.enable (
|
||||||
(lib.attrsets.mapAttrs'
|
(lib.attrsets.mapAttrs'
|
||||||
(name: instance: lib.attrsets.nameValuePair "conduit-${name}" ({
|
(name: instance: lib.attrsets.nameValuePair "conduit-${name}" ({
|
||||||
inherit (instance) host port noCloudflare;
|
inherit (instance) host port noCloudflare;
|
||||||
}))
|
}))
|
||||||
cfg.instances)
|
cfg.instances)
|
||||||
|
// (lib.attrsets.mapAttrs'
|
||||||
|
(name: instance: lib.attrsets.nameValuePair "conduit-${name}-well-known" (
|
||||||
|
let
|
||||||
|
server_name = if instance.server_name == "" then instance.host else instance.server_name;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
port = instance.well-known_port;
|
||||||
|
filter = "Host(`${server_name}`) && PathPrefix(`/.well-known`)";
|
||||||
|
}
|
||||||
|
))
|
||||||
|
cfg.instances)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -33,7 +33,7 @@ with lib; {
|
||||||
{
|
{
|
||||||
systemd.services.heisenbridge = {
|
systemd.services.heisenbridge = {
|
||||||
description = "Matrix<->IRC bridge";
|
description = "Matrix<->IRC bridge";
|
||||||
requires = [ "matrix-conduit-nkagami.service" "matrix-synapse.service" ]; # So the registration file can be used by Synapse
|
requires = [ "matrix-synapse.service" ]; # So the registration file can be used by Synapse
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
serviceConfig = rec {
|
serviceConfig = rec {
|
||||||
|
|
|
@ -4,7 +4,6 @@ let
|
||||||
cfg = config.cloud.gotosocial;
|
cfg = config.cloud.gotosocial;
|
||||||
|
|
||||||
dbUser = "gotosocial";
|
dbUser = "gotosocial";
|
||||||
storageLocation = "/mnt/data/gotosocial";
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.cloud.gotosocial = {
|
options.cloud.gotosocial = {
|
||||||
|
@ -75,9 +74,6 @@ in
|
||||||
# Media
|
# Media
|
||||||
media-emoji-remote-max-size = 256 * 1024 /* bytes */;
|
media-emoji-remote-max-size = 256 * 1024 /* bytes */;
|
||||||
media-emoji-local-max-size = 256 * 1024 /* bytes */;
|
media-emoji-local-max-size = 256 * 1024 /* bytes */;
|
||||||
media-remote-cache-days = 7;
|
|
||||||
media-cleanup-from = "00:00";
|
|
||||||
media-cleanup-every = "24h";
|
|
||||||
# OIDC
|
# OIDC
|
||||||
oidc-enabled = true;
|
oidc-enabled = true;
|
||||||
oidc-idp-name = "DTTH";
|
oidc-idp-name = "DTTH";
|
||||||
|
@ -86,22 +82,10 @@ in
|
||||||
http-client.block-ips = [ "11.0.0.0/24" ];
|
http-client.block-ips = [ "11.0.0.0/24" ];
|
||||||
# Advanced
|
# Advanced
|
||||||
advanced-rate-limit-requests = 0;
|
advanced-rate-limit-requests = 0;
|
||||||
# Storage
|
|
||||||
storage-backend = "local";
|
|
||||||
storage-local-base-path = "${storageLocation}/storage";
|
|
||||||
# instance-inject-mastodon-version = true;
|
# instance-inject-mastodon-version = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
systemd.services.gotosocial.requires = mkAfter [ "postgresql.service" "arion-authentik.service" ];
|
systemd.services.gotosocial.requires = mkAfter [ "minio.service" "postgresql.service" ];
|
||||||
systemd.services.gotosocial.after = mkAfter [ "postgresql.service" "arion-authentik.service" ];
|
systemd.services.gotosocial.after = mkAfter [ "minio.service" "postgresql.service" ];
|
||||||
systemd.services.gotosocial.unitConfig = {
|
|
||||||
RequiresMountsFor = [ storageLocation ];
|
|
||||||
ReadWritePaths = [ storageLocation ];
|
|
||||||
};
|
|
||||||
systemd.tmpfiles.settings."10-gotosocial".${storageLocation}.d = {
|
|
||||||
user = dbUser;
|
|
||||||
group = dbUser;
|
|
||||||
mode = "0700";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,183 +0,0 @@
|
||||||
commit 8c7f8c28fabc174a71499a4737579b24b5c4b244
|
|
||||||
Author: Natsu Kagami <nki@nkagami.me>
|
|
||||||
Date: Mon Oct 21 02:17:36 2024 +0200
|
|
||||||
|
|
||||||
Support R2
|
|
||||||
|
|
||||||
diff --git a/.env.sample b/.env.sample
|
|
||||||
index eb57ad85c..94ffcee07 100644
|
|
||||||
--- a/.env.sample
|
|
||||||
+++ b/.env.sample
|
|
||||||
@@ -66,6 +66,8 @@ AWS_S3_UPLOAD_BUCKET_URL=http://s3:4569
|
|
||||||
AWS_S3_UPLOAD_BUCKET_NAME=bucket_name_here
|
|
||||||
AWS_S3_FORCE_PATH_STYLE=true
|
|
||||||
AWS_S3_ACL=private
|
|
||||||
+AWS_S3_R2=true
|
|
||||||
+AWS_S3_R2_PUBLIC_URL=http://s3:4569
|
|
||||||
|
|
||||||
# –––––––––––––– AUTHENTICATION ––––––––––––––
|
|
||||||
|
|
||||||
diff --git a/app/utils/files.ts b/app/utils/files.ts
|
|
||||||
index 6607a6b12..5138f68ad 100644
|
|
||||||
--- a/app/utils/files.ts
|
|
||||||
+++ b/app/utils/files.ts
|
|
||||||
@@ -63,8 +63,13 @@ export const uploadFile = async (
|
|
||||||
xhr.addEventListener("loadend", () => {
|
|
||||||
resolve(xhr.readyState === 4 && xhr.status >= 200 && xhr.status < 400);
|
|
||||||
});
|
|
||||||
- xhr.open("POST", data.uploadUrl, true);
|
|
||||||
- xhr.send(formData);
|
|
||||||
+ xhr.open(data.method, data.uploadUrl, true);
|
|
||||||
+ xhr.setRequestHeader("Content-Type", file.type);
|
|
||||||
+ if (data.method === "POST") {
|
|
||||||
+ xhr.send(formData);
|
|
||||||
+ } else {
|
|
||||||
+ xhr.send(file);
|
|
||||||
+ }
|
|
||||||
});
|
|
||||||
|
|
||||||
if (!success) {
|
|
||||||
diff --git a/server/env.ts b/server/env.ts
|
|
||||||
index 5b420f2e1..4ea1e8d3c 100644
|
|
||||||
--- a/server/env.ts
|
|
||||||
+++ b/server/env.ts
|
|
||||||
@@ -519,6 +519,14 @@ export class Environment {
|
|
||||||
environment.AWS_S3_UPLOAD_BUCKET_NAME
|
|
||||||
);
|
|
||||||
|
|
||||||
+ @IsOptional()
|
|
||||||
+ public AWS_S3_R2 = this.toBoolean(environment.AWS_S3_R2 ?? "false");
|
|
||||||
+
|
|
||||||
+ @IsOptional()
|
|
||||||
+ public AWS_S3_R2_PUBLIC_URL = this.toOptionalString(
|
|
||||||
+ environment.AWS_S3_R2_PUBLIC_URL
|
|
||||||
+ );
|
|
||||||
+
|
|
||||||
/**
|
|
||||||
* Whether to force path style URLs for S3 objects, this is required for some
|
|
||||||
* S3-compatible storage providers.
|
|
||||||
diff --git a/server/routes/api/attachments/attachments.ts b/server/routes/api/attachments/attachments.ts
|
|
||||||
index 5e6c27594..b7620f440 100644
|
|
||||||
--- a/server/routes/api/attachments/attachments.ts
|
|
||||||
+++ b/server/routes/api/attachments/attachments.ts
|
|
||||||
@@ -3,6 +3,7 @@ import { v4 as uuidv4 } from "uuid";
|
|
||||||
import { AttachmentPreset } from "@shared/types";
|
|
||||||
import { bytesToHumanReadable } from "@shared/utils/files";
|
|
||||||
import { AttachmentValidation } from "@shared/validations";
|
|
||||||
+import env from "@server/env";
|
|
||||||
import { AuthorizationError, ValidationError } from "@server/errors";
|
|
||||||
import auth from "@server/middlewares/authentication";
|
|
||||||
import { rateLimiter } from "@server/middlewares/rateLimiter";
|
|
||||||
@@ -90,16 +91,30 @@ router.post(
|
|
||||||
{ transaction }
|
|
||||||
);
|
|
||||||
|
|
||||||
- const presignedPost = await FileStorage.getPresignedPost(
|
|
||||||
- key,
|
|
||||||
- acl,
|
|
||||||
- maxUploadSize,
|
|
||||||
- contentType
|
|
||||||
- );
|
|
||||||
+ let uploadUrl;
|
|
||||||
+ let method;
|
|
||||||
+ let presignedPost = {
|
|
||||||
+ fields: {},
|
|
||||||
+ };
|
|
||||||
+ if (env.AWS_S3_R2) {
|
|
||||||
+ uploadUrl = await FileStorage.getPresignedPut(key);
|
|
||||||
+ method = "PUT";
|
|
||||||
+ } else {
|
|
||||||
+ uploadUrl = FileStorage.getUploadUrl();
|
|
||||||
+ method = "POST";
|
|
||||||
+
|
|
||||||
+ presignedPost = await FileStorage.getPresignedPost(
|
|
||||||
+ key,
|
|
||||||
+ acl,
|
|
||||||
+ maxUploadSize,
|
|
||||||
+ contentType
|
|
||||||
+ );
|
|
||||||
+ }
|
|
||||||
|
|
||||||
ctx.body = {
|
|
||||||
data: {
|
|
||||||
- uploadUrl: FileStorage.getUploadUrl(),
|
|
||||||
+ uploadUrl,
|
|
||||||
+ method,
|
|
||||||
form: {
|
|
||||||
"Cache-Control": "max-age=31557600",
|
|
||||||
"Content-Type": contentType,
|
|
||||||
diff --git a/server/storage/files/BaseStorage.ts b/server/storage/files/BaseStorage.ts
|
|
||||||
index ce0287ebc..a1931c83d 100644
|
|
||||||
--- a/server/storage/files/BaseStorage.ts
|
|
||||||
+++ b/server/storage/files/BaseStorage.ts
|
|
||||||
@@ -26,6 +26,8 @@ export default abstract class BaseStorage {
|
|
||||||
contentType: string
|
|
||||||
): Promise<Partial<PresignedPost>>;
|
|
||||||
|
|
||||||
+ public abstract getPresignedPut(key: string): Promise<string>;
|
|
||||||
+
|
|
||||||
/**
|
|
||||||
* Returns a promise that resolves with a stream for reading a file from the storage provider.
|
|
||||||
*
|
|
||||||
diff --git a/server/storage/files/LocalStorage.ts b/server/storage/files/LocalStorage.ts
|
|
||||||
index 83cf98c50..324e60dd9 100644
|
|
||||||
--- a/server/storage/files/LocalStorage.ts
|
|
||||||
+++ b/server/storage/files/LocalStorage.ts
|
|
||||||
@@ -30,6 +30,10 @@ export default class LocalStorage extends BaseStorage {
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
+ public async getPresignedPut(key: string) {
|
|
||||||
+ return this.getUrlForKey(key);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
public getUploadUrl() {
|
|
||||||
return "/api/files.create";
|
|
||||||
}
|
|
||||||
diff --git a/server/storage/files/S3Storage.ts b/server/storage/files/S3Storage.ts
|
|
||||||
index a42442e0c..d55ef5472 100644
|
|
||||||
--- a/server/storage/files/S3Storage.ts
|
|
||||||
+++ b/server/storage/files/S3Storage.ts
|
|
||||||
@@ -4,6 +4,7 @@ import {
|
|
||||||
S3Client,
|
|
||||||
DeleteObjectCommand,
|
|
||||||
GetObjectCommand,
|
|
||||||
+ PutObjectCommand,
|
|
||||||
ObjectCannedACL,
|
|
||||||
} from "@aws-sdk/client-s3";
|
|
||||||
import { Upload } from "@aws-sdk/lib-storage";
|
|
||||||
@@ -58,6 +59,16 @@ export default class S3Storage extends BaseStorage {
|
|
||||||
return createPresignedPost(this.client, params);
|
|
||||||
}
|
|
||||||
|
|
||||||
+ public async getPresignedPut(key: string) {
|
|
||||||
+ const params = {
|
|
||||||
+ Bucket: env.AWS_S3_UPLOAD_BUCKET_NAME,
|
|
||||||
+ Key: key,
|
|
||||||
+ };
|
|
||||||
+
|
|
||||||
+ const command = new PutObjectCommand(params);
|
|
||||||
+ return await getSignedUrl(this.client, command, { expiresIn: 3600 });
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
private getPublicEndpoint(isServerUpload?: boolean) {
|
|
||||||
if (env.AWS_S3_ACCELERATE_URL) {
|
|
||||||
return env.AWS_S3_ACCELERATE_URL;
|
|
||||||
@@ -137,10 +148,17 @@ export default class S3Storage extends BaseStorage {
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
+ public getR2ObjectUrl = async (key: string) =>
|
|
||||||
+ env.AWS_S3_R2_PUBLIC_URL + "/" + key;
|
|
||||||
+
|
|
||||||
public getSignedUrl = async (
|
|
||||||
key: string,
|
|
||||||
expiresIn = S3Storage.defaultSignedUrlExpires
|
|
||||||
) => {
|
|
||||||
+ if (env.AWS_S3_R2) {
|
|
||||||
+ return this.getR2ObjectUrl(key);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
const isDocker = env.AWS_S3_UPLOAD_BUCKET_URL.match(/http:\/\/s3:/);
|
|
||||||
const params = {
|
|
||||||
Bucket: this.getBucket(),
|
|
|
@ -31,13 +31,6 @@ in
|
||||||
ensureDatabases = cfg.databases;
|
ensureDatabases = cfg.databases;
|
||||||
|
|
||||||
ensureUsers = (map userFromDatabase cfg.databases);
|
ensureUsers = (map userFromDatabase cfg.databases);
|
||||||
|
|
||||||
dataDir = "/mnt/data/postgresql/${config.services.postgresql.package.psqlSchema}";
|
|
||||||
};
|
|
||||||
|
|
||||||
config.systemd.services.postgresql.serviceConfig = {
|
|
||||||
StateDirectory = "postgresql postgresql ${config.services.postgresql.dataDir}";
|
|
||||||
StateDirectoryMode = "0750";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# Backup settings
|
# Backup settings
|
||||||
|
|
|
@ -12,6 +12,7 @@ let
|
||||||
users.users.${config.common.linux.username}.extraGroups = [ "adbusers" ];
|
users.users.${config.common.linux.username}.extraGroups = [ "adbusers" ];
|
||||||
};
|
};
|
||||||
ios = { config, pkgs, ... }: mkIf config.common.linux.enable {
|
ios = { config, pkgs, ... }: mkIf config.common.linux.enable {
|
||||||
|
services.avahi.enable = true;
|
||||||
services.usbmuxd.enable = true;
|
services.usbmuxd.enable = true;
|
||||||
services.usbmuxd.package = pkgs.usbmuxd2;
|
services.usbmuxd.package = pkgs.usbmuxd2;
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -26,19 +27,8 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
graphics = { config, ... }: {
|
|
||||||
hardware =
|
|
||||||
if config.system.nixos.release == "24.05" then {
|
|
||||||
opengl.enable = true;
|
|
||||||
opengl.driSupport32Bit = true;
|
|
||||||
} else {
|
|
||||||
graphics.enable = true;
|
|
||||||
graphics.enable32Bit = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
accounts = { pkgs, ... }: mkIf (config.common.linux.enable && !pkgs.stdenv.isAarch64) {
|
accounts = { pkgs, ... }: mkIf (config.common.linux.enable && !pkgs.stdenv.isAarch64) {
|
||||||
environment.systemPackages = [ pkgs.glib (pkgs.gnome-control-center or pkgs.gnome.gnome-control-center) ];
|
environment.systemPackages = with pkgs.gnome; [ pkgs.glib gnome-control-center ];
|
||||||
services.accounts-daemon.enable = true;
|
services.accounts-daemon.enable = true;
|
||||||
services.gnome.gnome-online-accounts.enable = true;
|
services.gnome.gnome-online-accounts.enable = true;
|
||||||
# programs.evolution.enable = true;
|
# programs.evolution.enable = true;
|
||||||
|
@ -114,19 +104,7 @@ let
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = with modules; [
|
imports = with modules; [ adb ios wlr logitech kwallet virtualisation accounts rt-audio ];
|
||||||
./sops.nix
|
|
||||||
|
|
||||||
adb
|
|
||||||
ios
|
|
||||||
graphics
|
|
||||||
wlr
|
|
||||||
logitech
|
|
||||||
kwallet
|
|
||||||
virtualisation
|
|
||||||
accounts
|
|
||||||
rt-audio
|
|
||||||
];
|
|
||||||
|
|
||||||
options.common.linux = {
|
options.common.linux = {
|
||||||
enable = mkOption {
|
enable = mkOption {
|
||||||
|
@ -209,6 +187,7 @@ in
|
||||||
services.fwupd.enable = true;
|
services.fwupd.enable = true;
|
||||||
|
|
||||||
# Enable sound.
|
# Enable sound.
|
||||||
|
sound.enable = true;
|
||||||
services.pipewire = {
|
services.pipewire = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# alsa is optional
|
# alsa is optional
|
||||||
|
@ -272,24 +251,20 @@ in
|
||||||
services.tailscale.enable = true;
|
services.tailscale.enable = true;
|
||||||
|
|
||||||
## Time and Region
|
## Time and Region
|
||||||
time.timeZone = lib.mkDefault "Europe/Zurich";
|
time.timeZone = "Europe/Zurich";
|
||||||
# Select internationalisation properties.
|
# Select internationalisation properties.
|
||||||
console.keyMap = "jp106"; # Console key layout
|
console.keyMap = "jp106"; # Console key layout
|
||||||
i18n.defaultLocale = "ja_JP.UTF-8";
|
i18n.defaultLocale = "ja_JP.UTF-8";
|
||||||
# Input methods (only fcitx5 works reliably on Wayland)
|
# Input methods (only fcitx5 works reliably on Wayland)
|
||||||
i18n.inputMethod = {
|
i18n.inputMethod = {
|
||||||
|
enabled = "fcitx5";
|
||||||
fcitx5.waylandFrontend = true;
|
fcitx5.waylandFrontend = true;
|
||||||
fcitx5.addons = with pkgs; [
|
fcitx5.addons = with pkgs; [
|
||||||
fcitx5-mozc
|
fcitx5-mozc
|
||||||
fcitx5-unikey
|
fcitx5-unikey
|
||||||
fcitx5-gtk
|
fcitx5-gtk
|
||||||
];
|
];
|
||||||
} // (if config.system.nixos.release == "24.05" then {
|
};
|
||||||
enabled = "fcitx5";
|
|
||||||
} else {
|
|
||||||
enable = true;
|
|
||||||
type = "fcitx5";
|
|
||||||
});
|
|
||||||
|
|
||||||
# Default packages
|
# Default packages
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -319,6 +294,8 @@ in
|
||||||
programs.dconf.enable = true;
|
programs.dconf.enable = true;
|
||||||
# Gaming! (not for ARM64)
|
# Gaming! (not for ARM64)
|
||||||
programs.steam.enable = !pkgs.stdenv.isAarch64;
|
programs.steam.enable = !pkgs.stdenv.isAarch64;
|
||||||
|
hardware.opengl.enable = true;
|
||||||
|
hardware.opengl.driSupport32Bit = !pkgs.stdenv.isAarch64; # For 32 bit applications
|
||||||
|
|
||||||
## Services
|
## Services
|
||||||
# OpenSSH so you can SSH to me
|
# OpenSSH so you can SSH to me
|
||||||
|
|
|
@ -1,18 +0,0 @@
|
||||||
{ config, lib, ... }:
|
|
||||||
with { inherit (lib) types mkOption mkEnableOption; };
|
|
||||||
let
|
|
||||||
cfg = config.common.linux.sops;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.common.linux.sops = {
|
|
||||||
enable = mkEnableOption "Enable sops configuration";
|
|
||||||
file = mkOption {
|
|
||||||
type = types.path;
|
|
||||||
description = "Path to the default sops file";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
sops.defaultSopsFile = cfg.file;
|
|
||||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -34,6 +34,11 @@ in
|
||||||
default = 655;
|
default = 655;
|
||||||
description = "The port to listen on";
|
description = "The port to listen on";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
meshIp = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = "The mesh ip to be assigned by hostname";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable (builtins.seq
|
config = mkIf cfg.enable (builtins.seq
|
||||||
|
@ -46,6 +51,7 @@ in
|
||||||
myMeshIp = myHost.subnetAddr;
|
myMeshIp = myHost.subnetAddr;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
services.my-tinc.meshIp = myMeshIp;
|
||||||
# Scripts that set up the tinc services
|
# Scripts that set up the tinc services
|
||||||
environment.etc = {
|
environment.etc = {
|
||||||
"tinc/${networkName}/tinc-up".source = pkgs.writeScript "tinc-up-${networkName}" ''
|
"tinc/${networkName}/tinc-up".source = pkgs.writeScript "tinc-up-${networkName}" ''
|
||||||
|
@ -78,11 +84,6 @@ in
|
||||||
# firewall
|
# firewall
|
||||||
networking.firewall.allowedUDPPorts = [ 655 ];
|
networking.firewall.allowedUDPPorts = [ 655 ];
|
||||||
networking.firewall.allowedTCPPorts = [ 655 ];
|
networking.firewall.allowedTCPPorts = [ 655 ];
|
||||||
networking.firewall.interfaces."tinc.${networkName}" = {
|
|
||||||
allowedUDPPortRanges = [{ from = 0; to = 65535; }];
|
|
||||||
allowedTCPPortRanges = [{ from = 0; to = 65535; }];
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
# configure tinc service
|
# configure tinc service
|
||||||
# ----------------------
|
# ----------------------
|
||||||
|
|
|
@ -23,13 +23,10 @@ in
|
||||||
hosts;
|
hosts;
|
||||||
|
|
||||||
# Add all of them to host
|
# Add all of them to host
|
||||||
nki.services.edns = {
|
networking.extraHosts = lib.strings.concatStringsSep
|
||||||
enable = true;
|
"\n"
|
||||||
cloaking-rules =
|
(lib.attrsets.mapAttrsToList
|
||||||
(lib.attrsets.mapAttrs'
|
(name: host: "${host.subnetAddr} ${name}.tinc")
|
||||||
(name: host: { name = "${name}.tinc"; value = host.subnetAddr; })
|
hosts);
|
||||||
hosts)
|
|
||||||
;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,14 +22,4 @@
|
||||||
subnetAddr = "11.0.0.4";
|
subnetAddr = "11.0.0.4";
|
||||||
ed25519PublicKey = "6MN5LVE4juavv8qJW2dTN4t/haKCADWquAQj/ADF7iN";
|
ed25519PublicKey = "6MN5LVE4juavv8qJW2dTN4t/haKCADWquAQj/ADF7iN";
|
||||||
};
|
};
|
||||||
|
|
||||||
yoga = {
|
|
||||||
subnetAddr = "11.0.0.5";
|
|
||||||
ed25519PublicKey = "n+gIZjuuTPxi0OBqw2oOcmXd3loOHG+GQHBMXNlgyqI";
|
|
||||||
};
|
|
||||||
|
|
||||||
framework = {
|
|
||||||
subnetAddr = "11.0.0.6";
|
|
||||||
ed25519PublicKey = "YL7NA6Ydv/3FBfSzOPvyHlGweAViPvsG3b0Zh8L0NzF";
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,7 @@ with lib;
|
||||||
ibm-plex
|
ibm-plex
|
||||||
(nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
|
(nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
|
||||||
noto-fonts
|
noto-fonts
|
||||||
(pkgs.noto-fonts-cjk-sans or pkgs.noto-fonts-cjk)
|
noto-fonts-cjk
|
||||||
merriweather
|
merriweather
|
||||||
corefonts
|
corefonts
|
||||||
font-awesome
|
font-awesome
|
||||||
|
|
|
@ -12,7 +12,7 @@ lib.mkIf pkgs.stdenv.isLinux {
|
||||||
name = "system-icons";
|
name = "system-icons";
|
||||||
paths = with pkgs; [
|
paths = with pkgs; [
|
||||||
#libsForQt5.breeze-qt5 # for plasma
|
#libsForQt5.breeze-qt5 # for plasma
|
||||||
(pkgs.gnome-themes-extra or gnome.gnome-themes-extra) # Until 24.11
|
gnome.gnome-themes-extra
|
||||||
];
|
];
|
||||||
pathsToLink = [ "/share/icons" ];
|
pathsToLink = [ "/share/icons" ];
|
||||||
};
|
};
|
||||||
|
|
|
@ -16,7 +16,7 @@ in
|
||||||
security.pam = mkIf pkgs.stdenv.isLinux {
|
security.pam = mkIf pkgs.stdenv.isLinux {
|
||||||
u2f = {
|
u2f = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings.cue = true;
|
cue = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Services
|
# Services
|
||||||
|
|
|
@ -8,11 +8,6 @@ in
|
||||||
options.nki.services.edns = {
|
options.nki.services.edns = {
|
||||||
enable = mkEnableOption "Enable encrypted DNS";
|
enable = mkEnableOption "Enable encrypted DNS";
|
||||||
ipv6 = mkEnableOption "Enable ipv6";
|
ipv6 = mkEnableOption "Enable ipv6";
|
||||||
cloaking-rules = mkOption {
|
|
||||||
type = types.attrsOf types.str;
|
|
||||||
default = { };
|
|
||||||
description = "A set of domain -> ip mapping for cloaking_rules";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
@ -47,11 +42,6 @@ in
|
||||||
{ server_name = "*"; via = [ "anon-plan9-dns" "anon-v.dnscrypt.up-ipv4" ]; }
|
{ server_name = "*"; via = [ "anon-plan9-dns" "anon-v.dnscrypt.up-ipv4" ]; }
|
||||||
];
|
];
|
||||||
anonymized_dns.skip_incompatible = true;
|
anonymized_dns.skip_incompatible = true;
|
||||||
|
|
||||||
# Cloaking rules
|
|
||||||
cloaking_rules = pkgs.writeText "cloaking_rules.txt" (lib.strings.concatStringsSep
|
|
||||||
"\n"
|
|
||||||
(lib.attrsets.mapAttrsToList (name: ip: "${name} ${ip}") cfg.cloaking-rules));
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,66 +0,0 @@
|
||||||
{ config, lib, ... }:
|
|
||||||
with { inherit (lib) mkOption types mkIf; };
|
|
||||||
let
|
|
||||||
cfg = config.services.nix-build-farm;
|
|
||||||
hosts = import ./hosts.nix;
|
|
||||||
|
|
||||||
build-user = "nix-builder";
|
|
||||||
|
|
||||||
isBuilder = host: host ? "builder";
|
|
||||||
allBuilders = lib.filterAttrs (_: isBuilder) hosts;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.services.nix-build-farm = {
|
|
||||||
enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = true;
|
|
||||||
description = "Whether to enable nix-build-farm as a client";
|
|
||||||
};
|
|
||||||
hostname = mkOption {
|
|
||||||
type = types.enum (builtins.attrNames hosts);
|
|
||||||
description = "The hostname as listed in ./hosts.nix file";
|
|
||||||
};
|
|
||||||
privateKeyFile = mkOption {
|
|
||||||
type = types.path;
|
|
||||||
description = "The path to the private SSH key file";
|
|
||||||
};
|
|
||||||
|
|
||||||
ipAddrs = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
description = "The ip addresses to limit access to";
|
|
||||||
default = "11.0.0.*";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = mkIf cfg.enable (
|
|
||||||
let
|
|
||||||
host = hosts.${cfg.hostname};
|
|
||||||
otherHosts = lib.filterAttrs (name: _: name != cfg.hostname) hosts;
|
|
||||||
otherBuilders = lib.filterAttrs (name: _: name != cfg.hostname) allBuilders;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
nix.distributedBuilds = true;
|
|
||||||
nix.buildMachines = lib.mapAttrsToList
|
|
||||||
(name: host: {
|
|
||||||
hostName = host.host;
|
|
||||||
sshUser = build-user;
|
|
||||||
sshKey = cfg.privateKeyFile;
|
|
||||||
} // host.builder)
|
|
||||||
otherBuilders;
|
|
||||||
|
|
||||||
users = mkIf (isBuilder host) {
|
|
||||||
users.${build-user} = {
|
|
||||||
description = "Nix build farm user";
|
|
||||||
group = build-user;
|
|
||||||
isNormalUser = true;
|
|
||||||
openssh.authorizedKeys.keys = lib.mapAttrsToList (_: host: ''from="${cfg.ipAddrs}" ${host.pubKey}'') otherHosts;
|
|
||||||
};
|
|
||||||
groups.${build-user} = { };
|
|
||||||
};
|
|
||||||
|
|
||||||
nix.settings.trusted-users = mkIf (isBuilder host) [ build-user ];
|
|
||||||
}
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
@ -1,37 +0,0 @@
|
||||||
{
|
|
||||||
cloud = {
|
|
||||||
host = "cloud.tinc";
|
|
||||||
pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE87ddj0fTH0NuvJz0dT5ln7v7zbafXqDVdM2A4ddOb0 root@nki-personal-do";
|
|
||||||
};
|
|
||||||
|
|
||||||
home = {
|
|
||||||
host = "home.tinc";
|
|
||||||
pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK6N1uTxnbo73tyzD9X7d7OgPeoOpY7JmQaHASjSWFPI nki@kagamiPC";
|
|
||||||
|
|
||||||
builder = {
|
|
||||||
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUhiVTh2NlNBa0kyOTBCc1QzVG1IRVVJQWdXcVFyNm9jRmpjakRRczRoT2ggcm9vdEBrYWdhbWlQQwo=";
|
|
||||||
systems = [ "x86_64-linux" "aarch64-linux" ];
|
|
||||||
maxJobs = 16;
|
|
||||||
speedFactor = 2;
|
|
||||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
yoga = {
|
|
||||||
host = "yoga.tinc";
|
|
||||||
pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE6ZrO/xIdmwBCUx80cscBSpJBBTp55OHGrXYBGRXKAw nki@nki-yoga-g8";
|
|
||||||
};
|
|
||||||
|
|
||||||
framework = {
|
|
||||||
host = "framework.tinc";
|
|
||||||
pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH/g472MaT7YySUhBjxClfmMjpn98qYnKXDKlzWHYwuO nki@nki-framework";
|
|
||||||
|
|
||||||
builder = {
|
|
||||||
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUdOUlBCVFRkNTVVMXY1U1Jac0FjYVdhS3JGZTY0ZjIxOVViODVTQ2NWd28gcm9vdEBua2ktZnJhbWV3b3JrCg==";
|
|
||||||
systems = [ "x86_64-linux" "aarch64-linux" ];
|
|
||||||
maxJobs = 16;
|
|
||||||
speedFactor = 3;
|
|
||||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1 +0,0 @@
|
||||||
nix.home.tinc:zG2uDy0MbLY0wLuoVH/qKzTD6hTfKZufA2cWDSTCZMA=
|
|
|
@ -1,60 +0,0 @@
|
||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
with { inherit (lib) mkEnableOption mkOption types mkIf; };
|
|
||||||
let
|
|
||||||
cfg = config.nki.services.nix-cache;
|
|
||||||
|
|
||||||
bindAddr = "127.0.0.1:5000";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.nki.services.nix-cache = {
|
|
||||||
enableClient = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = !cfg.enableServer;
|
|
||||||
description = "Enable nix-cache client";
|
|
||||||
};
|
|
||||||
enableServer = mkEnableOption "Enable nix-cache server";
|
|
||||||
|
|
||||||
host = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "nix.home.tinc";
|
|
||||||
};
|
|
||||||
|
|
||||||
publicKey = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = builtins.readFile ./cache-pub-key.pem;
|
|
||||||
};
|
|
||||||
|
|
||||||
privateKeyFile = mkOption {
|
|
||||||
type = types.path;
|
|
||||||
description = "Path to the private key .pem file";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = {
|
|
||||||
nix.settings = mkIf cfg.enableClient {
|
|
||||||
substituters = lib.mkAfter [ "http://${cfg.host}" ];
|
|
||||||
trusted-public-keys = [ cfg.publicKey ];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.harmonia = mkIf cfg.enableServer {
|
|
||||||
enable = true;
|
|
||||||
signKeyPath = cfg.privateKeyFile;
|
|
||||||
settings = {
|
|
||||||
bind = bindAddr;
|
|
||||||
priority = 45;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.nginx = mkIf cfg.enableServer {
|
|
||||||
enable = true;
|
|
||||||
recommendedProxySettings = true;
|
|
||||||
virtualHosts = {
|
|
||||||
# ... existing hosts config etc. ...
|
|
||||||
"${cfg.host}" = {
|
|
||||||
locations."/".proxyPass = "http://${bindAddr}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -17,18 +17,10 @@
|
||||||
./wireless.nix
|
./wireless.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# Sops
|
|
||||||
common.linux.sops.enable = true;
|
|
||||||
common.linux.sops.file = ./secrets.yaml;
|
|
||||||
|
|
||||||
sops.secrets."nix-build-farm/private-key" = { mode = "0400"; };
|
|
||||||
services.nix-build-farm.hostname = "framework";
|
|
||||||
services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path;
|
|
||||||
|
|
||||||
# services.xserver.enable = true;
|
# services.xserver.enable = true;
|
||||||
# services.xserver.displayManager.sddm.enable = true;
|
# services.xserver.displayManager.sddm.enable = true;
|
||||||
# services.xserver.displayManager.sddm.wayland.enable = true;
|
# services.xserver.displayManager.sddm.wayland.enable = true;
|
||||||
services.desktopManager.plasma6.enable = true;
|
services.xserver.desktopManager.plasma6.enable = true;
|
||||||
|
|
||||||
# Power Management
|
# Power Management
|
||||||
services.upower = {
|
services.upower = {
|
||||||
|
@ -42,13 +34,13 @@
|
||||||
services.power-profiles-daemon.enable = true;
|
services.power-profiles-daemon.enable = true;
|
||||||
# powerManagement.enable = true;
|
# powerManagement.enable = true;
|
||||||
# powerManagement.powertop.enable = true;
|
# powerManagement.powertop.enable = true;
|
||||||
services.logind.lidSwitch = "suspend-then-hibernate";
|
services.logind.lidSwitch = "suspend";
|
||||||
|
|
||||||
# Printing
|
# Printing
|
||||||
services.printing.drivers = with pkgs; [ epfl-cups-drivers ];
|
services.printing.drivers = with pkgs; [ epfl-cups-drivers ];
|
||||||
|
|
||||||
# Enable touchpad support (enabled default in most desktopManager).
|
# Enable touchpad support (enabled default in most desktopManager).
|
||||||
services.libinput.enable = true;
|
services.xserver.libinput.enable = true;
|
||||||
# Keyboard
|
# Keyboard
|
||||||
services.input-remapper.enable = true;
|
services.input-remapper.enable = true;
|
||||||
services.input-remapper.serviceWantedBy = [ "multi-user.target" ];
|
services.input-remapper.serviceWantedBy = [ "multi-user.target" ];
|
||||||
|
@ -85,16 +77,6 @@
|
||||||
security.pam.services.swaylock.fprintAuth = true;
|
security.pam.services.swaylock.fprintAuth = true;
|
||||||
security.pam.services.login.fprintAuth = true;
|
security.pam.services.login.fprintAuth = true;
|
||||||
|
|
||||||
# tinc network
|
|
||||||
sops.secrets."tinc-private-key" = { };
|
|
||||||
services.my-tinc = {
|
|
||||||
enable = true;
|
|
||||||
hostName = "framework";
|
|
||||||
ed25519PrivateKey = config.sops.secrets."tinc-private-key".path;
|
|
||||||
bindPort = 6565;
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
# Secrets
|
# Secrets
|
||||||
# sops.defaultSopsFile = ./secrets.yaml;
|
# sops.defaultSopsFile = ./secrets.yaml;
|
||||||
# sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
# sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
|
|
|
@ -12,8 +12,10 @@
|
||||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
|
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ ];
|
||||||
boot.kernelModules = [ "kvm-amd" ];
|
boot.kernelModules = [ "kvm-amd" ];
|
||||||
boot.kernelPackages = pkgs.linuxPackages; # until mesa fixed
|
boot.extraModulePackages = [ ];
|
||||||
boot.kernelParams = [
|
boot.kernelParams = [
|
||||||
|
# See https://community.frame.work/t/tracking-graphical-corruption-in-fedora-39-amd-3-03-bios/39073/143
|
||||||
|
"amdgpu.sg_display=0"
|
||||||
# Hibernation
|
# Hibernation
|
||||||
"resume=UUID=fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"
|
"resume=UUID=fa8aaf51-b99f-4fb4-9230-8c0957d8af3f"
|
||||||
"resume_offset=5776640" # btrfs inspect-internal map-swapfile -r /var/swapfile
|
"resume_offset=5776640" # btrfs inspect-internal map-swapfile -r /var/swapfile
|
||||||
|
|
|
@ -1,32 +0,0 @@
|
||||||
tinc-private-key: ENC[AES256_GCM,data:cKtOFrF5FRSHWxe/QxH5O9GAba1WcWeCwW1IOzmbgdtFufRoWbCtYeaLP+WQhQ70z6xobiY9DN8Jrh7mDptKSsfKrrx2SH5JrdpsoINhLMbetXq7E29+q6CkS8NlLgE/KyV8eFjQySNsYiA/+Efq9xj9e1wOmHBDsND/jgiJDkA1qsEIFZg/vuv8LdoRY3TV/oKJ4pao9+70G4H+8Ef1sMZHGNe9qJ94Wa71nNX2fTSjKH5YBbRijMAePWr/IeCpZ9Phs7RqjBs=,iv:l0iB136X7nLVblQjFi7K4f42JKSxdsiLIRy5GPzK1nc=,tag:HAgkvWkl0Rx62ejGZckdKA==,type:str]
|
|
||||||
nix-build-farm:
|
|
||||||
private-key: ENC[AES256_GCM,data:w56sobHrhvVcKbuK15Yj20EqgFrR/5pNy/rcQjlZCiFEfgPC6ZrbsxziIdMTOX+Q4DyllKCKo+g/MIKm5S+s+nIff509ODlILhTtXlZvZlnT9+wvm5oN3WQCdkkqOr1gNnErPupfMxA6V35tNvNBCeomYuM8Xb7TuH4I1fXa5GFeT0Tnp5A2WqWoS1MzXz34CxlKXvoL6i4w7nUngt5zaGr9oMZbSa0pHxEzIhXk6h/lE864QlJid7q/mDok9gh2R80WvArGtNNj9PrT6cNKYIFuXo7vITkSkT3vo9BLflg5sgRxy4+7rBaRla0ziihQvZLtworwo6aNDvEqPqYfiX0TMYPpEWvJpp/HGDJy+Po7b0ZZkwSza+tB0J79vFH2h11Px1XSwXdq757Bn9G4OTb5oKWS5ycBU4xTnnHQBjYTSooFxYyTAvfKNEsB8AHKSuQRZgtVhWoOSPpJ6YL94ClUIT+DTaNmQjwouqNatf/nif+N/FCar8JWZDE+FX1TBu0yLmJie/f0LCdCQx+6IVdyXg7oVCoNiGg0,iv:TeSxlVc0WlOMMUtv/uq3f7JvW/kNCM7LjguhZxL51a4=,tag:m1iuk4pAX/yugM0ObzkJHQ==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age188tgu3psvywk6shq85mk2q0jdjwd0tcswzwlwu5pa5n3pndx75dq090z59
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmL2Z1RzBWaTI1TDl6WDNa
|
|
||||||
NTNVdEhTSFU5enNlTGVNWTI5anBZb1BtaVhjCm1BRnJDSXl1cWdBRUs1VnREVjBU
|
|
||||||
QWZxdkgzdm9JL0k5WmhDL1RCNTltdm8KLS0tIFhvQTlKMDZiVklTRWd4TzVmc2ll
|
|
||||||
bmpjcWdBV1doZml2NjlzQzdQczJ3alEKBMRP3POxtPIqBWnrvxY/++5jtVE70Uxa
|
|
||||||
EVfhsUO76A/hzyxfzpLEy1QGFE+DB/zlU0CK7HkNGPD2TrBHbzkPJA==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
- recipient: age1vgh6kvee8lvxylm7z86fpl3xzjyjs4u3zdfkyf064rjvxk9fpumsew7n27
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2MUxQU0dZOGRaekF4MWdo
|
|
||||||
T0krcERtRTJndFR1RHZmL0t6MjBxMW5PSENNCkR6SUhxQ0FoaEhuaWpiUzJ0MnJE
|
|
||||||
RXRERzVhL0lRVW1iRUlac0c5OHZsckEKLS0tIC9VM1dNZTNzdkFnMWk2YUwvcDNB
|
|
||||||
TDZnVjBaVzZBem5lZDB1MW4xQ0RmZ28K6d7mF+f3ZyilXlSIQGT2pBrTWuYLccE1
|
|
||||||
rYIJjHjFft/2wPX2gAW9VTiwfMT3lKJhJRqNdoie5phV5BZhkb3D9w==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2024-08-17T14:58:10Z"
|
|
||||||
mac: ENC[AES256_GCM,data:ZCrzXDttLxYUvdLiqM5I17Ys6O3zoOVKq8xP78VaLb3AAoV4RGGQxixKVQ6K9h84e8bFymh512BR7xKa9fqebxTyL1XCqPkRaSZy0aWjbc6QCaK+JD4yqivgO/x5x2xgMpX/ZhPFzKNLpMga61bnm6plvF8ocG+wOqYvj3vL0Ss=,iv:QZ8YJD7h2QD2jqVKo4bg0rwpZSTyyNw6zZDcBfClKPo=,tag:PH2XnTqxV2irymg2+Z+Egg==,type:str]
|
|
||||||
pgp: []
|
|
||||||
unencrypted_suffix: _unencrypted
|
|
||||||
version: 3.9.0
|
|
|
@ -10,6 +10,8 @@ with lib;
|
||||||
[
|
[
|
||||||
# Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
# secret management
|
||||||
|
./secrets
|
||||||
# Fonts
|
# Fonts
|
||||||
../modules/personal/fonts
|
../modules/personal/fonts
|
||||||
# Encrypted DNS
|
# Encrypted DNS
|
||||||
|
@ -25,22 +27,10 @@ with lib;
|
||||||
# Plasma!
|
# Plasma!
|
||||||
services.desktopManager.plasma6.enable = true;
|
services.desktopManager.plasma6.enable = true;
|
||||||
|
|
||||||
|
|
||||||
## Encryption
|
## Encryption
|
||||||
# Kernel modules needed for mounting USB VFAT devices in initrd stage
|
# Kernel modules needed for mounting USB VFAT devices in initrd stage
|
||||||
common.linux.luksDevices.root = "/dev/disk/by-uuid/7c6e40a8-900b-4f85-9712-2b872caf1892";
|
common.linux.luksDevices.root = "/dev/disk/by-uuid/7c6e40a8-900b-4f85-9712-2b872caf1892";
|
||||||
common.linux.sops.enable = true;
|
|
||||||
common.linux.sops.file = ./secrets.yaml;
|
|
||||||
|
|
||||||
# Nix cache server
|
|
||||||
sops.secrets."nix-cache/private-key" = { owner = "harmonia"; group = "harmonia"; mode = "0600"; };
|
|
||||||
nki.services.nix-cache = {
|
|
||||||
enableServer = true;
|
|
||||||
privateKeyFile = config.sops.secrets."nix-cache/private-key".path;
|
|
||||||
};
|
|
||||||
|
|
||||||
sops.secrets."nix-build-farm/private-key" = { mode = "0400"; };
|
|
||||||
services.nix-build-farm.hostname = "home";
|
|
||||||
services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path;
|
|
||||||
|
|
||||||
# Networking
|
# Networking
|
||||||
common.linux.networking =
|
common.linux.networking =
|
||||||
|
@ -71,11 +61,13 @@ with lib;
|
||||||
PrivateKeyFile = config.sops.secrets."dtth-wg/private-key".path;
|
PrivateKeyFile = config.sops.secrets."dtth-wg/private-key".path;
|
||||||
};
|
};
|
||||||
wireguardPeers = [{
|
wireguardPeers = [{
|
||||||
PublicKey = "+7iI4jwmM1Qr+/DKB1Hv8JgFkGu7lSV0PAoo+O5d3yQ=";
|
wireguardPeerConfig = {
|
||||||
PresharedKeyFile = config.sops.secrets."dtth-wg/preshared-key".path;
|
PublicKey = "+7iI4jwmM1Qr+/DKB1Hv8JgFkGu7lSV0PAoo+O5d3yQ=";
|
||||||
AllowedIPs = [ "100.64.0.0/10" "fd00::/106" ];
|
PresharedKeyFile = config.sops.secrets."dtth-wg/preshared-key".path;
|
||||||
Endpoint = "vpn.dtth.ch:51820";
|
AllowedIPs = [ "100.64.0.0/10" "fd00::/106" ];
|
||||||
PersistentKeepalive = 25;
|
Endpoint = "vpn.dtth.ch:51820";
|
||||||
|
PersistentKeepalive = 25;
|
||||||
|
};
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
systemd.network.networks."dtth-wg" = {
|
systemd.network.networks."dtth-wg" = {
|
||||||
|
@ -83,8 +75,8 @@ with lib;
|
||||||
address = [ "100.73.146.80/32" "fd00::33:105b/128" ];
|
address = [ "100.73.146.80/32" "fd00::33:105b/128" ];
|
||||||
DHCP = "no";
|
DHCP = "no";
|
||||||
routes = [
|
routes = [
|
||||||
{ Destination = "100.64.0.0/10"; Scope = "link"; }
|
{ routeConfig = { Destination = "100.64.0.0/10"; Scope = "link"; }; }
|
||||||
{ Destination = "fd00::/106"; }
|
{ routeConfig.Destination = "fd00::/106"; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -36,6 +36,10 @@
|
||||||
swapDevices =
|
swapDevices =
|
||||||
[{ device = "/dev/disk/by-uuid/561f6441-1915-4059-a5e1-76a449b0c9bf"; }];
|
[{ device = "/dev/disk/by-uuid/561f6441-1915-4059-a5e1-76a449b0c9bf"; }];
|
||||||
|
|
||||||
|
# GPU options
|
||||||
|
services.xserver.videoDrivers = [ "amdgpu" ];
|
||||||
|
hardware.opengl.enable = true;
|
||||||
|
|
||||||
# bluetooth usb
|
# bluetooth usb
|
||||||
hardware.firmware = [ pkgs.rtl8761b-firmware ];
|
hardware.firmware = [ pkgs.rtl8761b-firmware ];
|
||||||
}
|
}
|
||||||
|
|
6
nki-home/secrets/default.nix
Normal file
6
nki-home/secrets/default.nix
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
sops.defaultSopsFile = ./secrets.yaml;
|
||||||
|
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
|
}
|
|
@ -13,10 +13,6 @@ dtth-wg:
|
||||||
preshared-key: ENC[AES256_GCM,data:96q0ZfvPz4pb53XvTGameVkcETamYH8Xbv69672RBdacH6QjRCCVvPnBTfA=,iv:Q2Yonb07/Uu6KidhMgRX4zJuNU1ZySNC7g/5TwpMU80=,tag:1qQQdk20yIQlGZmX+/25RA==,type:str]
|
preshared-key: ENC[AES256_GCM,data:96q0ZfvPz4pb53XvTGameVkcETamYH8Xbv69672RBdacH6QjRCCVvPnBTfA=,iv:Q2Yonb07/Uu6KidhMgRX4zJuNU1ZySNC7g/5TwpMU80=,tag:1qQQdk20yIQlGZmX+/25RA==,type:str]
|
||||||
peertube:
|
peertube:
|
||||||
dtth-key: ENC[AES256_GCM,data:Gu7qOisVBZrFXKBr51165FJ7Ej4hV+lIf3AMC02R3UFNXOnTHF2xC8E=,iv:F83FuD1VjZEJFMcx3gkQuKCpJmYdHtO15fRHkYdMxJM=,tag:ScH42Tr5ZsIo9JMnXhylSw==,type:str]
|
dtth-key: ENC[AES256_GCM,data:Gu7qOisVBZrFXKBr51165FJ7Ej4hV+lIf3AMC02R3UFNXOnTHF2xC8E=,iv:F83FuD1VjZEJFMcx3gkQuKCpJmYdHtO15fRHkYdMxJM=,tag:ScH42Tr5ZsIo9JMnXhylSw==,type:str]
|
||||||
nix-cache:
|
|
||||||
private-key: ENC[AES256_GCM,data:4sbfIQb10Y50CrZbgjN+1iXEbXTpDqMbIB/yA3WlaAqhLtb8HKib5aZX3DLoxFbVihJcztQsvBBgEAhT9iMijoksaT9qzBQ5yIn4NGCfFem1DK8DQdjhTLMCVTyMFCT7hQHu/2Sd7w==,iv:zTSxuKOtOLekOBKBvl9MScD/Bo1Hviqq/n8Saa+1Cgo=,tag:fx73fCDPY9d07V3KKMw3DA==,type:str]
|
|
||||||
nix-build-farm:
|
|
||||||
private-key: ENC[AES256_GCM,data:m5neeWCEdaZ1MRhNwTptfDIgv3ABNlYyNil3oTD81Jbe/6WxWaS5Q++CRlHCjc2hOoHsWsZixw8iGZVTA+QXgH6B9C6A4oOAhgR9m92EGTEfFw0qxQbdzs7U98Yonx/N8SApUycZZB/EU81+MrDNY4GGzCiO6s00/vZLkDTYnqRFgbo+8KTG0BQTl4q+VYP2q3l0wy+Ivz5CWPmbz42Xdin/sBnjeFHKDuof4iZZnN3i8gUJ/mMw3lbdiHd6A8DL0G5Ut46ljzMC2aMsZOATCID3mPOPgI0xIetDofPJLDqVsNqptRHo8WB+KwDidvl222f5F7JqdSqgAMOJYPscrX0odufApiJfg5bbXBygvrDfAlPSruW7GsWGoKAhw0qC4NC/j+qYCwhS0qdorCLnIy3zzMtA6HkHtE675hy7/7oLj7k9Y8MhE4PxztjXTmDazaVCtKhnA/DpaxP2mH84gfCkJFD1YF9jtPm+P3e+46FwkW+WnHaA2L+H7Evava30DLEBhh5y9Gd1A3JN4isn,iv:7KUWg7+GWgmGJkbIvsy9gtccZBb+1Y5uDWhXQFk0obk=,tag:qJdM684XPHxecLVxVb5pgw==,type:str]
|
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -50,8 +46,8 @@ sops:
|
||||||
bUhIT0Z2b1dVWGNyS1hRVFRyZTA4d00KchP7EhSOMwBl5vFuuskzosRoi8jUu1sw
|
bUhIT0Z2b1dVWGNyS1hRVFRyZTA4d00KchP7EhSOMwBl5vFuuskzosRoi8jUu1sw
|
||||||
hVjJNF2a40ewgkQgVAoWEzirHbknbQORzmepDDRth7Bve3UQU64+GA==
|
hVjJNF2a40ewgkQgVAoWEzirHbknbQORzmepDDRth7Bve3UQU64+GA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-08-16T13:59:20Z"
|
lastmodified: "2024-04-18T13:34:51Z"
|
||||||
mac: ENC[AES256_GCM,data:ncT8fbtEb9ZcLcftXwgAKJRPPSG4TRHFMArtVgWNmIjDRcCNNT7ICa+9Dl8DAYKRJ+8pgelV9StIg2f7rvypHYlckontEP5nwSFzEApLItG3AZXewTC8VPoDYb4T8/OWKDoa5kBMvGrDr1bFP/CZz7H8No+k5TV7fVExsw0PHpg=,iv:vxbkeJtHkOAq7NcaZEIOMV3qGEqBUg/vpJYumBBfY70=,tag:T0yw2x1O5Tp0UllLpcFryg==,type:str]
|
mac: ENC[AES256_GCM,data:cinVE1pHSgjCRPIDwANzR0oHw7zdN8DVDQKkhXT5j+dGiaFzNvLoYyMcEsjoxAjEdup3YMo+Vg6I4C94AUCrTn7N9BGjnGFVQz3m9q13zORi1+HWam0VItBzJm1iIo8x0PPs79OBaIHVUFAz8r4DW46P/LQISl9MQSDpCCTjVVk=,iv:2VAehWaoh2lNZM8jlmt+dqo5eeHfcr++eAdQfm/tCcM=,tag:QSnbObe3046AnFpK3Y01Eg==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.9.0
|
version: 3.8.1
|
|
@ -12,9 +12,6 @@
|
||||||
../modules/cloud/conduit
|
../modules/cloud/conduit
|
||||||
../modules/cloud/gotosocial
|
../modules/cloud/gotosocial
|
||||||
|
|
||||||
# Encrypted DNS
|
|
||||||
../modules/services/edns
|
|
||||||
|
|
||||||
./headscale.nix
|
./headscale.nix
|
||||||
./gitea.nix
|
./gitea.nix
|
||||||
./miniflux.nix
|
./miniflux.nix
|
||||||
|
@ -24,11 +21,8 @@
|
||||||
./invidious.nix
|
./invidious.nix
|
||||||
./owncast.nix
|
./owncast.nix
|
||||||
./peertube.nix
|
./peertube.nix
|
||||||
./outline.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
system.stateVersion = "21.11";
|
|
||||||
|
|
||||||
common.linux.enable = false; # Don't enable the "common linux" module, this is a special machine.
|
common.linux.enable = false; # Don't enable the "common linux" module, this is a special machine.
|
||||||
|
|
||||||
# Personal user
|
# Personal user
|
||||||
|
@ -63,15 +57,18 @@
|
||||||
|
|
||||||
services.do-agent.enable = true;
|
services.do-agent.enable = true;
|
||||||
|
|
||||||
|
system.autoUpgrade = {
|
||||||
|
enable = true;
|
||||||
|
allowReboot = true;
|
||||||
|
flake = "github:natsukagami/nix-home#nki-personal-do";
|
||||||
|
};
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
experimental-features = nix-command flakes
|
experimental-features = nix-command flakes
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
nki.services.edns.enable = true;
|
|
||||||
nki.services.edns.ipv6 = true;
|
|
||||||
|
|
||||||
# Secret management
|
# Secret management
|
||||||
sops.defaultSopsFile = ./secrets/secrets.yaml;
|
sops.defaultSopsFile = ./secrets/secrets.yaml;
|
||||||
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
|
@ -84,10 +81,6 @@
|
||||||
services.my-tinc.rsaPrivateKey = config.sops.secrets."tinc/rsa-private-key".path;
|
services.my-tinc.rsaPrivateKey = config.sops.secrets."tinc/rsa-private-key".path;
|
||||||
services.my-tinc.ed25519PrivateKey = config.sops.secrets."tinc/ed25519-private-key".path;
|
services.my-tinc.ed25519PrivateKey = config.sops.secrets."tinc/ed25519-private-key".path;
|
||||||
|
|
||||||
sops.secrets."nix-build-farm/private-key" = { mode = "0400"; };
|
|
||||||
services.nix-build-farm.hostname = "home";
|
|
||||||
services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path;
|
|
||||||
|
|
||||||
# Set up traefik
|
# Set up traefik
|
||||||
sops.secrets.cloudflare-dns-api-token = { owner = "traefik"; };
|
sops.secrets.cloudflare-dns-api-token = { owner = "traefik"; };
|
||||||
sops.secrets.traefik-dashboard-users = { owner = "traefik"; };
|
sops.secrets.traefik-dashboard-users = { owner = "traefik"; };
|
||||||
|
@ -192,13 +185,74 @@
|
||||||
protocol = "udp";
|
protocol = "udp";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# Outline
|
||||||
|
sops.secrets.minio-secret-key = { owner = "root"; mode = "0444"; };
|
||||||
|
sops.secrets.authentik-oidc-client-secret = { owner = "outline"; };
|
||||||
|
sops.secrets."outline/smtp-password" = { owner = "outline"; };
|
||||||
|
services.outline = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.outline.overrideAttrs (attrs: {
|
||||||
|
patches = if builtins.hasAttr "patches" attrs then attrs.patches else [ ] ++ [ ../modules/cloud/outline/dtth-wiki.patch ];
|
||||||
|
});
|
||||||
|
databaseUrl = "postgres://outline:outline@localhost/outline?sslmode=disable";
|
||||||
|
redisUrl = "local";
|
||||||
|
publicUrl = "https://wiki.dtth.ch";
|
||||||
|
port = 18729;
|
||||||
|
storage = {
|
||||||
|
accessKey = "minio";
|
||||||
|
secretKeyFile = config.sops.secrets.minio-secret-key.path;
|
||||||
|
region = config.services.minio.region;
|
||||||
|
uploadBucketUrl = "https://s3.dtth.ch";
|
||||||
|
uploadBucketName = "dtth-outline";
|
||||||
|
uploadMaxSize = 50 * 1024 * 1000;
|
||||||
|
};
|
||||||
|
maximumImportSize = 50 * 1024 * 1000;
|
||||||
|
|
||||||
|
oidcAuthentication = {
|
||||||
|
clientId = "3a0c10e00cdcb4a1194315577fa208a747c1a5f7";
|
||||||
|
clientSecretFile = config.sops.secrets.authentik-oidc-client-secret.path;
|
||||||
|
authUrl = "https://auth.dtth.ch/application/o/authorize/";
|
||||||
|
tokenUrl = "https://auth.dtth.ch/application/o/token/";
|
||||||
|
userinfoUrl = "https://auth.dtth.ch/application/o/userinfo/";
|
||||||
|
displayName = "DTTH Account";
|
||||||
|
};
|
||||||
|
|
||||||
|
smtp = {
|
||||||
|
fromEmail = "DTTH Wiki <dtth.wiki@nkagami.me>";
|
||||||
|
replyEmail = "";
|
||||||
|
host = "mx1.nkagami.me";
|
||||||
|
username = "dtth.wiki@nkagami.me";
|
||||||
|
passwordFile = config.sops.secrets."outline/smtp-password".path;
|
||||||
|
port = 465;
|
||||||
|
secure = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
forceHttps = false;
|
||||||
|
};
|
||||||
|
cloud.postgresql.databases = [ "outline" ];
|
||||||
|
systemd.services.outline.requires = [ "postgresql.service" ];
|
||||||
|
cloud.traefik.hosts.outline = { host = "wiki.dtth.ch"; port = 18729; };
|
||||||
|
|
||||||
# GoToSocial
|
# GoToSocial
|
||||||
sops.secrets.gts-env = { restartUnits = [ "gotosocial.service" ]; };
|
sops.secrets.gts-env = { };
|
||||||
cloud.gotosocial = {
|
cloud.gotosocial = {
|
||||||
enable = true;
|
enable = true;
|
||||||
envFile = config.sops.secrets.gts-env.path;
|
envFile = config.sops.secrets.gts-env.path;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Minio
|
||||||
|
sops.secrets.minio-credentials = { };
|
||||||
|
services.minio = {
|
||||||
|
enable = true;
|
||||||
|
listenAddress = ":61929";
|
||||||
|
consoleAddress = ":62929";
|
||||||
|
rootCredentialsFile = config.sops.secrets.minio-credentials.path;
|
||||||
|
dataDir = lib.mkForce [ "/mnt/data/minio" ];
|
||||||
|
};
|
||||||
|
cloud.traefik.hosts.minio = { host = "s3.dtth.ch"; port = 61929; };
|
||||||
|
system.stateVersion = "21.11";
|
||||||
|
|
||||||
# ntfy
|
# ntfy
|
||||||
cloud.traefik.hosts.ntfy-sh = { host = "ntfy.nkagami.me"; port = 11161; noCloudflare = true; };
|
cloud.traefik.hosts.ntfy-sh = { host = "ntfy.nkagami.me"; port = 11161; noCloudflare = true; };
|
||||||
services.ntfy-sh = {
|
services.ntfy-sh = {
|
||||||
|
|
|
@ -98,7 +98,6 @@ in
|
||||||
};
|
};
|
||||||
users.groups.${user} = { };
|
users.groups.${user} = { };
|
||||||
sops.secrets."gitea/signing-key".owner = user;
|
sops.secrets."gitea/signing-key".owner = user;
|
||||||
sops.secrets."gitea/minio-secret-key".owner = user;
|
|
||||||
sops.secrets."gitea/mailer-password".owner = user;
|
sops.secrets."gitea/mailer-password".owner = user;
|
||||||
# database
|
# database
|
||||||
cloud.postgresql.databases = [ user ];
|
cloud.postgresql.databases = [ user ];
|
||||||
|
@ -115,6 +114,8 @@ in
|
||||||
|
|
||||||
inherit user;
|
inherit user;
|
||||||
|
|
||||||
|
appName = "DTTHgit";
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
server = {
|
server = {
|
||||||
DOMAIN = host;
|
DOMAIN = host;
|
||||||
|
@ -135,7 +136,7 @@ in
|
||||||
};
|
};
|
||||||
"repository.signing" = {
|
"repository.signing" = {
|
||||||
SIGNING_KEY = signingKey;
|
SIGNING_KEY = signingKey;
|
||||||
SIGNING_NAME = "DTTHgit";
|
SIGNING_NAME = "DTTHGit";
|
||||||
SIGNING_EMAIL = "dtth-gitea@nkagami.me";
|
SIGNING_EMAIL = "dtth-gitea@nkagami.me";
|
||||||
};
|
};
|
||||||
ui.THEMES = default-themes + "," + themes;
|
ui.THEMES = default-themes + "," + themes;
|
||||||
|
@ -175,19 +176,8 @@ in
|
||||||
PATH = "${pkgs.git}/bin/git";
|
PATH = "${pkgs.git}/bin/git";
|
||||||
};
|
};
|
||||||
|
|
||||||
storage = {
|
|
||||||
STORAGE_TYPE = "minio";
|
|
||||||
MINIO_USE_SSL = "true";
|
|
||||||
MINIO_ENDPOINT = "60c0807121eb35ef52cdcd4a33735fa6.r2.cloudflarestorage.com";
|
|
||||||
MINIO_ACCESS_KEY_ID = "704c29ade7a8b438b77ab520da2799ca";
|
|
||||||
MINIO_SECRET_ACCESS_KEY = "#miniosecretkey#";
|
|
||||||
MINIO_BUCKET = "dtth-gitea";
|
|
||||||
MINIO_LOCATION = "auto";
|
|
||||||
MINIO_CHECKSUM_ALGORITHM = "md5"; # R2 moment
|
|
||||||
};
|
|
||||||
|
|
||||||
federation.ENABLED = true;
|
federation.ENABLED = true;
|
||||||
DEFAULT.APP_NAME = "DTTHGit";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
stateDir = "/mnt/data/gitea";
|
stateDir = "/mnt/data/gitea";
|
||||||
|
@ -215,25 +205,17 @@ in
|
||||||
environment.GNUPGHOME = "${config.services.gitea.stateDir}/.gnupg";
|
environment.GNUPGHOME = "${config.services.gitea.stateDir}/.gnupg";
|
||||||
# https://github.com/NixOS/nixpkgs/commit/93c1d370db28ad4573fb9890c90164ba55391ce7
|
# https://github.com/NixOS/nixpkgs/commit/93c1d370db28ad4573fb9890c90164ba55391ce7
|
||||||
serviceConfig.SystemCallFilter = mkForce "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @setuid @swap";
|
serviceConfig.SystemCallFilter = mkForce "~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @setuid @swap";
|
||||||
preStart =
|
preStart = ''
|
||||||
let
|
# Import the signing subkey
|
||||||
configFile = "${config.services.forgejo.customDir}/conf/app.ini";
|
if cat ${config.services.gitea.stateDir}/.gnupg/gpg.conf | grep -q ${signingKey}; then
|
||||||
in
|
echo "Keys already imported"
|
||||||
''
|
# imported
|
||||||
# Update minio secret key
|
else
|
||||||
chmod u+w ${configFile} && \
|
echo "Import your keys!"
|
||||||
${lib.getExe pkgs.replace-secret} '#miniosecretkey#' '${config.sops.secrets."gitea/minio-secret-key".path}' '${configFile}' && \
|
${pkgs.gnupg}/bin/gpg --quiet --import ${secrets."gitea/signing-key".path}
|
||||||
chmod u-w ${configFile}
|
echo "trusted-key ${signingKey}" >> ${config.services.gitea.stateDir}/.gnupg/gpg.conf
|
||||||
# Import the signing subkey
|
exit 1
|
||||||
if cat ${config.services.forgejo.stateDir}/.gnupg/gpg.conf | grep -q ${signingKey}; then
|
fi
|
||||||
echo "Keys already imported"
|
'';
|
||||||
# imported
|
|
||||||
else
|
|
||||||
echo "Import your keys!"
|
|
||||||
${pkgs.gnupg}/bin/gpg --quiet --import ${secrets."gitea/signing-key".path}
|
|
||||||
echo "trusted-key ${signingKey}" >> ${config.services.forgejo.stateDir}/.gnupg/gpg.conf
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,11 +9,9 @@
|
||||||
swapDevices = [{ device = "/var/swapfile"; size = 4 * 1024; priority = 1024; }];
|
swapDevices = [{ device = "/var/swapfile"; size = 4 * 1024; priority = 1024; }];
|
||||||
zramSwap.enable = true;
|
zramSwap.enable = true;
|
||||||
# volumes
|
# volumes
|
||||||
services.btrfs.autoScrub.enable = true;
|
|
||||||
fileSystems.data = {
|
fileSystems.data = {
|
||||||
device = "/dev/disk/by-id/scsi-0HC_Volume_101470796";
|
device = "/dev/disk/by-id/scsi-0HC_Volume_31812942";
|
||||||
fsType = "btrfs";
|
fsType = "ext4";
|
||||||
mountPoint = "/mnt/data";
|
mountPoint = "/mnt/data";
|
||||||
options = [ "compress=zstd" ];
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
67
nki-personal-do/nextcloud.nix
Normal file
67
nki-personal-do/nextcloud.nix
Normal file
|
@ -0,0 +1,67 @@
|
||||||
|
{ lib, pkgs, config, ... }:
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
user = "nextcloud";
|
||||||
|
host = "cloud.dtth.ch";
|
||||||
|
port = 61155;
|
||||||
|
|
||||||
|
secrets = config.sops.secrets;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
sops.secrets."nextcloud/admin-password" = { owner = user; };
|
||||||
|
sops.secrets."nextcloud/minio-secret-key" = { owner = user; key = "minio-secret-key"; };
|
||||||
|
# database
|
||||||
|
cloud.postgresql.databases = [ user ];
|
||||||
|
# traefik
|
||||||
|
cloud.traefik.hosts.nextcloud = {
|
||||||
|
inherit port host;
|
||||||
|
};
|
||||||
|
systemd.services.nextcloud.requires = [ "postgresql.service" ];
|
||||||
|
services.nextcloud = {
|
||||||
|
enable = true;
|
||||||
|
hostName = host;
|
||||||
|
package = pkgs.nextcloud26;
|
||||||
|
enableBrokenCiphersForSSE = false;
|
||||||
|
|
||||||
|
home = "/mnt/data/nextcloud";
|
||||||
|
https = true;
|
||||||
|
database.createLocally = false;
|
||||||
|
|
||||||
|
extraApps = with pkgs.nextcloud26Packages.apps; {
|
||||||
|
inherit calendar contacts deck forms groupfolders news tasks;
|
||||||
|
sociallogin = pkgs.fetchNextcloudApp rec {
|
||||||
|
url = "https://github.com/zorn-v/nextcloud-social-login/releases/download/v5.4.3/release.tar.gz";
|
||||||
|
sha256 = "sha256-ZKwtF9j9WFIk3MZgng9DmN00A73S2Rb4qbehL9adaZo=";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
# Database
|
||||||
|
dbtype = "pgsql";
|
||||||
|
dbname = user;
|
||||||
|
dbuser = user;
|
||||||
|
dbhost = "/run/postgresql";
|
||||||
|
# User
|
||||||
|
adminuser = "nki";
|
||||||
|
adminpassFile = secrets."nextcloud/admin-password".path;
|
||||||
|
# General
|
||||||
|
overwriteProtocol = "https";
|
||||||
|
defaultPhoneRegion = "VN";
|
||||||
|
|
||||||
|
objectstore.s3 = {
|
||||||
|
enable = true;
|
||||||
|
bucket = "nextcloud-dtth";
|
||||||
|
autocreate = true;
|
||||||
|
key = "minio";
|
||||||
|
secretFile = config.sops.secrets."nextcloud/minio-secret-key".path;
|
||||||
|
hostname = "s3.dtth.ch";
|
||||||
|
port = 443;
|
||||||
|
useSsl = true;
|
||||||
|
usePathStyle = true;
|
||||||
|
region = "us-east-1";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts.${host}.listen = [{ inherit port; addr = "127.0.0.1"; }];
|
||||||
|
}
|
||||||
|
|
|
@ -1,56 +0,0 @@
|
||||||
{ config, pkgs, ... }: {
|
|
||||||
sops.secrets.authentik-oidc-client-secret = { owner = "outline"; };
|
|
||||||
sops.secrets."outline/smtp-password" = { owner = "outline"; };
|
|
||||||
sops.secrets."outline/s3-secret-key" = { owner = "outline"; };
|
|
||||||
|
|
||||||
services.outline = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.outline.overrideAttrs (attrs: {
|
|
||||||
patches = attrs.patches or [ ] ++ [
|
|
||||||
../modules/cloud/outline/dtth-wiki.patch
|
|
||||||
../modules/cloud/outline/r2.patch
|
|
||||||
];
|
|
||||||
});
|
|
||||||
databaseUrl = "postgres://outline:outline@localhost/outline?sslmode=disable";
|
|
||||||
redisUrl = "local";
|
|
||||||
publicUrl = "https://wiki.dtth.ch";
|
|
||||||
port = 18729;
|
|
||||||
storage = {
|
|
||||||
accessKey = "6ef730e13f172d2ed6ed77f0b5b9bad9";
|
|
||||||
secretKeyFile = config.sops.secrets."outline/s3-secret-key".path;
|
|
||||||
region = "auto";
|
|
||||||
uploadBucketUrl = "https://60c0807121eb35ef52cdcd4a33735fa6.r2.cloudflarestorage.com";
|
|
||||||
uploadBucketName = "dtth-outline";
|
|
||||||
uploadMaxSize = 50 * 1024 * 1000;
|
|
||||||
};
|
|
||||||
maximumImportSize = 50 * 1024 * 1000;
|
|
||||||
|
|
||||||
oidcAuthentication = {
|
|
||||||
clientId = "3a0c10e00cdcb4a1194315577fa208a747c1a5f7";
|
|
||||||
clientSecretFile = config.sops.secrets.authentik-oidc-client-secret.path;
|
|
||||||
authUrl = "https://auth.dtth.ch/application/o/authorize/";
|
|
||||||
tokenUrl = "https://auth.dtth.ch/application/o/token/";
|
|
||||||
userinfoUrl = "https://auth.dtth.ch/application/o/userinfo/";
|
|
||||||
displayName = "DTTH Account";
|
|
||||||
};
|
|
||||||
|
|
||||||
smtp = {
|
|
||||||
fromEmail = "DTTH Wiki <dtth.wiki@nkagami.me>";
|
|
||||||
replyEmail = "";
|
|
||||||
host = "mx1.nkagami.me";
|
|
||||||
username = "dtth.wiki@nkagami.me";
|
|
||||||
passwordFile = config.sops.secrets."outline/smtp-password".path;
|
|
||||||
port = 465;
|
|
||||||
secure = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
forceHttps = false;
|
|
||||||
};
|
|
||||||
cloud.postgresql.databases = [ "outline" ];
|
|
||||||
systemd.services.outline.requires = [ "postgresql.service" ];
|
|
||||||
systemd.services.outline.environment = {
|
|
||||||
AWS_S3_R2 = "true";
|
|
||||||
AWS_S3_R2_PUBLIC_URL = "https://s3.wiki.dtth.ch";
|
|
||||||
};
|
|
||||||
cloud.traefik.hosts.outline = { host = "wiki.dtth.ch"; port = 18729; };
|
|
||||||
}
|
|
File diff suppressed because one or more lines are too long
|
@ -36,4 +36,6 @@
|
||||||
[{ device = "/dev/disk/by-uuid/2694d189-2ff6-4719-a449-367c52ed3ad6"; }];
|
[{ device = "/dev/disk/by-uuid/2694d189-2ff6-4719-a449-367c52ed3ad6"; }];
|
||||||
|
|
||||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
|
||||||
|
hardware.opengl.enable = true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,24 +15,7 @@
|
||||||
../modules/services/edns
|
../modules/services/edns
|
||||||
];
|
];
|
||||||
|
|
||||||
# Secrets
|
services.xserver.desktopManager.plasma6.enable = true;
|
||||||
common.linux.sops.enable = true;
|
|
||||||
common.linux.sops.file = ./secrets.yaml;
|
|
||||||
|
|
||||||
# Build farm
|
|
||||||
sops.secrets."nix-build-farm/private-key" = { mode = "0400"; };
|
|
||||||
services.nix-build-farm.hostname = "yoga";
|
|
||||||
services.nix-build-farm.privateKeyFile = config.sops.secrets."nix-build-farm/private-key".path;
|
|
||||||
|
|
||||||
## tinc
|
|
||||||
sops.secrets."tinc-private-key" = { };
|
|
||||||
services.my-tinc = {
|
|
||||||
enable = true;
|
|
||||||
hostName = "yoga";
|
|
||||||
ed25519PrivateKey = config.sops.secrets."tinc-private-key".path;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.desktopManager.plasma6.enable = true;
|
|
||||||
|
|
||||||
# Power Management
|
# Power Management
|
||||||
services.upower = {
|
services.upower = {
|
||||||
|
|
|
@ -1,32 +0,0 @@
|
||||||
tinc-private-key: ENC[AES256_GCM,data:lzmisexQPfRlIMGqbmb+uqGtOPceQ3CJGlVOeOC6nbP/IDwkufSWtxugYmUwi9IJKwO0mldijiKWuG3p9005H++8567hhPy/bU7fA4vyVC+3UVGW6l0mE+yKQXTyI7kzxkXMCK5a4Q4rUJj544vU6pt75/mytfg+Cox2woGZAHZvJ/pRuHDe2t3R6w3EYYTu6x1w5azGnFvCOVdR6XPsGJA2p3oRnEpz64L7KD2QOdtm0YsfMnorH9FbvkZgNr927VbRnBRJ1QM=,iv:4K4w6ruQxtRGjmFnWszlXZKp36TuTTnrB0sDEE/tmrM=,tag:NBP897Sw84bvZTvo/+fVfA==,type:str]
|
|
||||||
nix-build-farm:
|
|
||||||
private-key: ENC[AES256_GCM,data:etqFl2T2atN2djxqktFRtrTGqsC61A+ZUd2yS0PLm5KPO2s2/k6XqQGac9rUWP86C1YGpTJhUMzYuOPGW4yNc0YmoeHVslxBR7nX8pubXabZNdB2YMm/yAgsdeeflo4slbxJ6+00eH0iCrtWcHtWbZafHnxojborZABOvCsODdx/ahJ4J9aHqf22cAqe9iJY3L0TgE+iazKS8OO+C/PTaQiV02NZjP8GajRMXzPVoYT7wz3u0t0q0m/t8FkhMIDl9QKL+kFUDeLEGoCBzR57JXLZiW1gJsRxbkP8hVIB3s4TQnhasxqQQlCJuqBSNFl/cGdBm/ADm/yi78VHQG7rUxUrFVDL4Aoidjp6GyoojLIEpdQjtlvC7RCLNpTibV6B71EB3obpjMmmIwfoDLT4jEWhXNx3b8DnMoa0Qh4ba+HBJf+XKA93B0qOJWwJzj4qH9uqBK3xPOGTkqQMmd9M1HYrStTcI/JUX0WvEMwk8xI8MZN/TsLij4w5i6NCwSqa8Dn2lyLK0BGp5C8RT8R4k6U2ieyY6lmxsGIe,iv:703rM/FQz65upd1JWTHNsjAXh2BeoknkALShKuHUsis=,tag:yAB6KJqpm1mOFT5GzKRPBw==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age1vhjhmxura35apu5zdwg5ur5r40xay45ld9szh07dy0ph9chgsu7shfm4h9
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBseVN3ODV1YkZnNms0Y09l
|
|
||||||
dUFBK1EyOTEydWg5KzAwcjZVSG8yYlRDWlhRCklLS2ZJNlBvSlEyOGF2ZFg2UGVW
|
|
||||||
UC9LN0hxdmtGN3JlOWJaTU5hbGwvc2MKLS0tIGM1NGZxd1NoTXNacEJqMVlsbTdi
|
|
||||||
MytuNUNydmJYWFYyQk9DaHVuVk85cjAKScucMPO8pyMlSxFw09NqzqVmDYVEh5xT
|
|
||||||
4fSTAsMwIiuOyV7jvHYORxKWNMLr5t6fnj8+OFq5qUc//jNWf9pVuA==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
- recipient: age1axvjllyv2gutngwmp3pvp4xtq2gqneldaq2c4nrzmaye0uwmk9lqsealdv
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYNXp6MWZGb2dGdW1ML2xq
|
|
||||||
ZWMvSVdWalQ5Z2NzTWd3Z1AweXlXZnRwUWtRCkY1VFhPS0NtbFZKU0VCMlAvSmhG
|
|
||||||
N2NmdWxTUEpMb05Ld3p6MzhhRkdBc3cKLS0tIGQ0TmFxdk1GV205azRzZ0hUWitj
|
|
||||||
eitNc1E2SzY5bkUxNWtNczRsWWJaU2MKUIu9GT7zu0MvvnXxiQfLW9pQcxFKOwPm
|
|
||||||
VRU2k3XQkYjSDZX29DxrOzaPS/L3OYNyBYMyOW8GyMa2V12lMH6lPQ==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2024-08-16T14:17:07Z"
|
|
||||||
mac: ENC[AES256_GCM,data:qrMyVDLhtK4URqrHFBx+08PMrFyfib4iH0y7iAeVB/oFGazjm3O5MeS9fNYJeONghuelux69nh2FRfSJHG/moEBcWlL68R4xbCb4he528P+n7mQnR54BNFJdT2oOra4bqO9n/4m2UA8jmA0veoqSrZUVjnmjftqOedjnRESY1L8=,iv:jql79ItwPcJg/nnbsUywOzWz/UJy0ZpY04pvEF290c4=,tag:XKrToym2dXdippnivoK1/Q==,type:str]
|
|
||||||
pgp: []
|
|
||||||
unencrypted_suffix: _unencrypted
|
|
||||||
version: 3.8.1
|
|
65
overlay.nix
65
overlay.nix
|
@ -1,7 +1,6 @@
|
||||||
{ nixpkgs, nixpkgs-unstable, ... }@inputs:
|
{ nixpkgs, nixpkgs-unstable, nur, ... }@inputs:
|
||||||
let
|
let
|
||||||
overlay-unstable = final: prev: {
|
overlay-unstable = final: prev: {
|
||||||
stable = import nixpkgs { config.allowUnfree = true; system = prev.system; };
|
|
||||||
unstable = import nixpkgs-unstable { config.allowUnfree = true; system = prev.system; };
|
unstable = import nixpkgs-unstable { config.allowUnfree = true; system = prev.system; };
|
||||||
x86 = import nixpkgs-unstable { system = prev.system; config.allowUnsupportedSystem = true; };
|
x86 = import nixpkgs-unstable { system = prev.system; config.allowUnsupportedSystem = true; };
|
||||||
};
|
};
|
||||||
|
@ -25,7 +24,7 @@ let
|
||||||
|
|
||||||
overlay-versioning = final: prev: {
|
overlay-versioning = final: prev: {
|
||||||
gotosocial = prev.gotosocial.overrideAttrs (attrs: rec {
|
gotosocial = prev.gotosocial.overrideAttrs (attrs: rec {
|
||||||
version = "0.17.1";
|
version = "0.16.0";
|
||||||
ldflags = [
|
ldflags = [
|
||||||
"-s"
|
"-s"
|
||||||
"-w"
|
"-w"
|
||||||
|
@ -35,13 +34,13 @@ let
|
||||||
|
|
||||||
web-assets = final.fetchurl {
|
web-assets = final.fetchurl {
|
||||||
url = "https://github.com/superseriousbusiness/gotosocial/releases/download/v${version}/gotosocial_${version}_web-assets.tar.gz";
|
url = "https://github.com/superseriousbusiness/gotosocial/releases/download/v${version}/gotosocial_${version}_web-assets.tar.gz";
|
||||||
hash = "sha256-rGntLlIbgfCtdqpD7tnvAY8qwF+BpYbQWfAGMhdOTgY=";
|
hash = "sha256-aZQpd5KvoZvXEMVzGbWrtGsc+P1JStjZ6U5mX6q7Vb0=";
|
||||||
};
|
};
|
||||||
src = final.fetchFromGitHub {
|
src = final.fetchFromGitHub {
|
||||||
owner = "superseriousbusiness";
|
owner = "superseriousbusiness";
|
||||||
repo = "gotosocial";
|
repo = "gotosocial";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
hash = "sha256-oWWsCs9jgd244yzWhgLkuHp7kY0BQ8+Ay6KpuBVG+U8=";
|
hash = "sha256-QoG09+jmq5e5vxDVtkhY35098W/9B1HsYTuUnz43LV4=";
|
||||||
};
|
};
|
||||||
postInstall = ''
|
postInstall = ''
|
||||||
tar xf ${web-assets}
|
tar xf ${web-assets}
|
||||||
|
@ -87,13 +86,6 @@ let
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# https://github.com/NixOS/nixpkgs/issues/334822
|
|
||||||
vulkan-validation-layers = prev.vulkan-validation-layers.overrideAttrs (attrs: {
|
|
||||||
buildInputs = attrs.buildInputs ++ [
|
|
||||||
final.spirv-tools
|
|
||||||
];
|
|
||||||
});
|
|
||||||
};
|
};
|
||||||
|
|
||||||
overlay-libs = final: prev: {
|
overlay-libs = final: prev: {
|
||||||
|
@ -116,24 +108,39 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
overlay-rust-is-dumb = final: prev: {
|
overlay-aarch64-linux = final: prev:
|
||||||
# Use stable delta compiled with old Rust version
|
let
|
||||||
delta = final.stable.delta;
|
optionalOverride = pkg: alt:
|
||||||
deepfilternet = final.stable.deepfilternet;
|
if prev.stdenv.isLinux && prev.stdenv.isAarch64 then alt else pkg;
|
||||||
harmonia = final.callPackage
|
in
|
||||||
(import
|
{
|
||||||
(builtins.fetchurl {
|
# See https://github.com/sharkdp/fd/issues/1085
|
||||||
url = "https://raw.githubusercontent.com/Mic92/nixpkgs/63f91202f5cd071187ede5e5ffc56003cb442876/pkgs/by-name/ha/harmonia/package.nix";
|
fd = optionalOverride prev.fd (prev.fd.overrideAttrs (attrs: {
|
||||||
sha256 = "1mz211c0bxn116ix0j5xx4wlglpbkfg7d3npw1z8hg9gc0vbj2xb";
|
preBuild = ''
|
||||||
}))
|
export JEMALLOC_SYS_WITH_LG_PAGE=16
|
||||||
{ };
|
'';
|
||||||
};
|
}));
|
||||||
|
# See https://www.reddit.com/r/AsahiLinux/comments/zqejue/kitty_not_working_with_mesaasahiedge/
|
||||||
|
kitty = optionalOverride prev.kitty (final.writeShellApplication {
|
||||||
|
name = "kitty";
|
||||||
|
runtimeInputs = [ ];
|
||||||
|
text = ''
|
||||||
|
MESA_GL_VERSION_OVERRIDE=3.3 MESA_GLSL_VERSION_OVERRIDE=330 ${prev.kitty}/bin/kitty "$@"
|
||||||
|
'';
|
||||||
|
});
|
||||||
|
# Zotero does not have their own aarch64-linux build
|
||||||
|
zotero = optionalOverride prev.zotero (final.callPackage ./packages/aarch64-linux/zotero.nix { });
|
||||||
|
# Typora for aarch64-linux only
|
||||||
|
typora = optionalOverride
|
||||||
|
(builtins.abort "no support for non-aarch64-linux")
|
||||||
|
(final.callPackage ./packages/aarch64-linux/typora.nix { });
|
||||||
|
};
|
||||||
|
|
||||||
|
overlay-asahi = inputs.nixos-m1.overlays.default;
|
||||||
in
|
in
|
||||||
[
|
[
|
||||||
# inputs.swayfx.inputs.scenefx.overlays.override
|
inputs.swayfx.overlays.default
|
||||||
# inputs.swayfx.overlays.override
|
|
||||||
inputs.mpd-mpris.overlays.default
|
inputs.mpd-mpris.overlays.default
|
||||||
inputs.rust-overlay.overlays.default
|
|
||||||
inputs.youmubot.overlays.default
|
inputs.youmubot.overlays.default
|
||||||
|
|
||||||
(import ./overlays/openrazer)
|
(import ./overlays/openrazer)
|
||||||
|
@ -143,7 +150,9 @@ in
|
||||||
overlay-imported
|
overlay-imported
|
||||||
overlay-versioning
|
overlay-versioning
|
||||||
overlay-libs
|
overlay-libs
|
||||||
overlay-rust-is-dumb
|
overlay-asahi
|
||||||
|
overlay-aarch64-linux
|
||||||
|
nur.overlay
|
||||||
|
|
||||||
(import ./packages/common)
|
(import ./packages/common)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue