lib/default.nix

{ lib, pkgs }:
let
  machines = import ./machines.nix;
in
{
  tmpfilesConfig =
    {
      type,
      path,
      mode ? "-",
      user ? "-",
      group ? "-",
      age ? "-",
      argument ? "-",
    }:
    "${type} '${path}' ${mode} ${user} ${group} ${age} ${argument}";

  restic =
    let
      host = "zaatar.r";
      port = 3571;
    in
    {
      inherit host port;
      repository = "rest:http://${host}:${toString port}/";
    };

  remoteDir = "/home/kfm/remote";

  firewall = {
    accept =
      {
        source,
        protocol,
        dport,
      }:
      "nixos-fw -s ${lib.escapeShellArg source} -p ${lib.escapeShellArg protocol} --dport ${lib.escapeShellArg (toString dport)} -j nixos-fw-accept";
    addRules = lib.concatMapStringsSep "\n" (rule: "iptables -A ${rule}");
    removeRules = lib.concatMapStringsSep "\n" (rule: "iptables -D ${rule} || true");
  };

  serveHtml = file: pkgs: ''
    default_type "text/html";
    root ${
      pkgs.linkFarm "www" [
        {
          name = "index.html";
          path = file;
        }
      ]
    };
    index index.html;
  '';

  sshPort = 22022;

  theme = {
    gtk = {
      name = "Adwaita-dark";
      package = pkgs.gnome-themes-extra;
    };
    icon = {
      name = "Adwaita";
      package = pkgs.adwaita-icon-theme;
    };
    cursor = {
      name = "capitaine-cursors-white";
      package = pkgs.capitaine-cursors;
    };
  };

  retiolumAddresses = lib.mapAttrs (_: v: { inherit (v.retiolum) ipv4 ipv6; }) (
    lib.filterAttrs (_: v: v ? "retiolum") machines
  );
  externalNetwork = lib.mapAttrs (_: v: v.externalIp) (
    lib.filterAttrs (_: v: v ? "externalIp") machines
  );
  localAddresses = lib.mapAttrs (_: v: v.internalIp) (
    lib.filterAttrs (_: v: v ? "internalIp") machines
  );
  myceliumAddresses = lib.mapAttrs (_: v: v.mycelium.ipv6) (
    lib.filterAttrs (_: v: v ? "mycelium") machines
  );
  syncthingIds = lib.mapAttrs (_: v: { id = v.syncthingId; }) (
    lib.filterAttrs (_: v: v ? "syncthingId") machines
  );

  email =
    let
      thunderbirdProfile = "donnervogel";
    in
    {
      inherit thunderbirdProfile;
      defaults = {
        thunderbird = {
          enable = true;
          profiles = [ thunderbirdProfile ];
        };
        aerc.enable = true;
        realName = "Kierán Meinhardt";
        folders.inbox = "INBOX";
      };
    };

  machines = machines;

  kieran = {
    github = "kmein";
    email = "kmein@posteo.de";
    name = "Kierán Meinhardt";
    pronouns = builtins.concatStringsSep "/" [
      "er"
      "he"
      "is"
      "οὗτος"
      "هو"
      "ⲛ̄ⲧⲟϥ"
      "он"
      "han"
      "सः"
    ];
    sshKeys = [
      machines.fatteh.sshKey
      machines.manakish.sshKey
      machines.kabsa.sshKey
    ];
  };

  ignorePaths = [
    "*~"
    ".stack-work/"
    "__pycache__/"
    ".mypy_cache/"
    "*.py[co]"
    "*.o"
    "*.hi"
    "*.aux"
    "*.bbl"
    "*.bcf"
    "*.blg"
    "*.fdb_latexmk"
    "*.fls"
    "*.out"
    "*.run.xml"
    "*.toc"
    "*.bbl"
    "*.class"
    "*.dyn_hi"
    "*.dyn_o"
    "dist/"
    ".envrc"
    ".direnv/"
    "dist-newstyle/"
    ".history"
  ];
}
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								{ lib, pkgs }:
 								let
-												systems -> machines

											
										
										
											2025-12-28 12:49:10 +01:00
+								  machines = import ./machines.nix;
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								in
-												chore: format

											
										
										
											2023-07-25 16:17:40 +02:00
+								{
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  tmpfilesConfig =
 								    {
 								      type,
 								      path,
 								      mode ? "-",
 								      user ? "-",
 								      group ? "-",
 								      age ? "-",
 								      argument ? "-",
 								    }:
 								    "${type} '${path}' ${mode} ${user} ${group} ${age} ${argument}";
-												feat: tmpfiles.d helper function

											
										
										
											2021-03-23 21:00:21 +01:00
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  restic =
 								    let
 								      host = "zaatar.r";
 								      port = 3571;
 								    in
 								    {
 								      inherit host port;
 								      repository = "rest:http://${host}:${toString port}/";
 								    };
-												feat(restic): run on makanek, prometheus

											
										
										
											2022-01-18 23:28:53 +01:00
-												feat: mount network devices under ~/remote

											
										
										
											2024-04-08 08:17:52 +02:00
+								  remoteDir = "/home/kfm/remote";
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  firewall = {
 								    accept =
 								      {
 								        source,
 								        protocol,
 								        dport,
 								      }:
 								      "nixos-fw -s ${lib.escapeShellArg source} -p ${lib.escapeShellArg protocol} --dport ${lib.escapeShellArg (toString dport)} -j nixos-fw-accept";
-												feat(mpd-fm): open mpd port to local network, removing the need for a password

											
										
										
											2021-04-08 19:25:05 +02:00
+								    addRules = lib.concatMapStringsSep "\n" (rule: "iptables -A ${rule}");
 								    removeRules = lib.concatMapStringsSep "\n" (rule: "iptables -D ${rule} || true");
 								  };
-												feat: add serveHtml helper

											
										
										
											2021-10-11 20:02:17 +02:00
+								  serveHtml = file: pkgs: ''
 								    default_type "text/html";
-												chore: format with alejandra

											
										
										
											2022-03-10 21:52:12 +01:00
+								    root ${
-												feat(passport): init for makanek

											
										
										
											2022-05-22 11:47:59 +02:00
+								      pkgs.linkFarm "www" [
-												chore: format with alejandra

											
										
										
											2022-03-10 21:52:12 +01:00
+								        {
 								          name = "index.html";
 								          path = file;
 								        }
 								      ]
 								    };
-												feat: add serveHtml helper

											
										
										
											2021-10-11 20:02:17 +02:00
+								    index index.html;
 								  '';
-												chore: organize

use read-made spotifyd module
move sshPort to niveum lib (used also from deploy.nix)
factor out sshd config, use from toum
factor out urlwatch
access scardanelli locally
mpd: configure webradio playlist
scardanelli: use cage for kiosk
toum: use wifi config
toum: use spacetime, dont redeclare
toum: use ssh config

											
										
										
											2020-10-28 21:43:33 +01:00
+								  sshPort = 22022;
-												chore: move module/constants.nix to lib/default.nix

											
										
										
											2020-10-30 11:05:26 +01:00
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  theme = {
-												chore: move module/constants.nix to lib/default.nix

											
										
										
											2020-10-30 11:05:26 +01:00
+								    gtk = {
 								      name = "Adwaita-dark";
-												upgrade to 24.11

											
										
										
											2024-12-13 13:42:16 +01:00
+								      package = pkgs.gnome-themes-extra;
-												chore: move module/constants.nix to lib/default.nix

											
										
										
											2020-10-30 11:05:26 +01:00
+								    };
 								    icon = {
 								      name = "Adwaita";
-												upgrade to 24.11

											
										
										
											2024-12-13 13:42:16 +01:00
+								      package = pkgs.adwaita-icon-theme;
-												chore: move module/constants.nix to lib/default.nix

											
										
										
											2020-10-30 11:05:26 +01:00
+								    };
 								    cursor = {
 								      name = "capitaine-cursors-white";
 								      package = pkgs.capitaine-cursors;
 								    };
 								  };
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  retiolumAddresses = lib.mapAttrs (_: v: { inherit (v.retiolum) ipv4 ipv6; }) (
-												systems -> machines

											
										
										
											2025-12-28 12:49:10 +01:00
+								    lib.filterAttrs (_: v: v ? "retiolum") machines
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  );
 								  externalNetwork = lib.mapAttrs (_: v: v.externalIp) (
-												systems -> machines

											
										
										
											2025-12-28 12:49:10 +01:00
+								    lib.filterAttrs (_: v: v ? "externalIp") machines
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  );
 								  localAddresses = lib.mapAttrs (_: v: v.internalIp) (
-												systems -> machines

											
										
										
											2025-12-28 12:49:10 +01:00
+								    lib.filterAttrs (_: v: v ? "internalIp") machines
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  );
 								  myceliumAddresses = lib.mapAttrs (_: v: v.mycelium.ipv6) (
-												systems -> machines

											
										
										
											2025-12-28 12:49:10 +01:00
+								    lib.filterAttrs (_: v: v ? "mycelium") machines
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  );
 								  syncthingIds = lib.mapAttrs (_: v: { id = v.syncthingId; }) (
-												systems -> machines

											
										
										
											2025-12-28 12:49:10 +01:00
+								    lib.filterAttrs (_: v: v ? "syncthingId") machines
-												remove specialArgs niveum and niveumLib, add overlay

											
										
										
											2025-12-25 14:00:03 +01:00
+								  );
-												feat: manage retiolum addresses globally, declaratively share moodle

											
										
										
											2021-10-12 11:51:55 +02:00
-												move keyboard files to config

											
										
										
											2025-12-25 14:35:28 +01:00
+								  email =
 								    let
 								      thunderbirdProfile = "donnervogel";
 								    in
 								    {
 								      inherit thunderbirdProfile;
 								      defaults = {
 								        thunderbird = {
 								          enable = true;
 								          profiles = [ thunderbirdProfile ];
 								        };
 								        aerc.enable = true;
 								        realName = "Kierán Meinhardt";
 								        folders.inbox = "INBOX";
 								      };
 								    };
-												chore: move module/constants.nix to lib/default.nix

											
										
										
											2020-10-30 11:05:26 +01:00
-												systems -> machines

											
										
										
											2025-12-28 12:49:10 +01:00
+								  machines = machines;
-												fix(mail): run muchsync from master, sync to wilde and manakish

											
										
										
											2021-02-23 20:52:39 +01:00
-												chore: move module/constants.nix to lib/default.nix

											
										
										
											2020-10-30 11:05:26 +01:00
+								  kieran = {
 								    github = "kmein";
 								    email = "kmein@posteo.de";
 								    name = "Kierán Meinhardt";
-												move keyboard files to config

											
										
										
											2025-12-25 14:35:28 +01:00
+								    pronouns = builtins.concatStringsSep "/" [
 								      "er"
 								      "he"
 								      "is"
 								      "οὗτος"
 								      "هو"
 								      "ⲛ̄ⲧⲟϥ"
 								      "он"
 								      "han"
 								      "सः"
 								    ];
-												feat: do not depend on github for ssh keys bc insecure

											
										
										
											2024-03-24 12:11:35 +01:00
+								    sshKeys = [
-												systems -> machines

											
										
										
											2025-12-28 12:49:10 +01:00
+								      machines.fatteh.sshKey
 								      machines.manakish.sshKey
 								      machines.kabsa.sshKey
-												feat: do not depend on github for ssh keys bc insecure

											
										
										
											2024-03-24 12:11:35 +01:00
+								    ];
-												chore: move module/constants.nix to lib/default.nix

											
										
										
											2020-10-30 11:05:26 +01:00
+								  };
 								  ignorePaths = [
 								    "*~"
 								    ".stack-work/"
 								    "__pycache__/"
 								    ".mypy_cache/"
 								    "*.py[co]"
 								    "*.o"
 								    "*.hi"
 								    "*.aux"
 								    "*.bbl"
 								    "*.bcf"
 								    "*.blg"
 								    "*.fdb_latexmk"
 								    "*.fls"
 								    "*.out"
 								    "*.run.xml"
 								    "*.toc"
 								    "*.bbl"
 								    "*.class"
 								    "*.dyn_hi"
 								    "*.dyn_o"
 								    "dist/"
 								    ".envrc"
 								    ".direnv/"
 								    "dist-newstyle/"
 								    ".history"
 								  ];
-												feat(lib): add localAddresses

											
										
										
											2020-10-24 13:27:36 +02:00
+								}