kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 18:21:07 +01:00
Code Releases Activity

feat: fix secrets permissions, move ./packages to flake outputs

Browse Source
This commit is contained in:
Kierán Meinhardt
2023-02-24 23:10:45 +01:00
parent c51db2b53c
commit c9af430f31
118 changed files with 1201 additions and 2107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
configs/aerc.nix
View File

@@ -21,30 +21,44 @@ in {
email-password-cock = {
file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fysi = {
file = ../secrets/email-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-posteo = {
file = ../secrets/email-password-posteo.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhark = {
file = ../secrets/email-password-meinhark.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhaki = {
file = ../secrets/email-password-meinhaki.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-dslalewa = {
file = ../secrets/email-password-dslalewa.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fsklassp = {
file = ../secrets/email-password-fsklassp.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};

7
configs/cloud.nix
View File

@@ -96,7 +96,12 @@ in {
'')
];
age.secrets.mega-password.file = ../secrets/mega-password.age;
age.secrets.mega-password = {
file = ../secrets/mega-password.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
fileSystems."/media/moodle" = {
device = "zaatar.r:/moodle";

24
configs/default.nix
View File

@@ -2,12 +2,11 @@
pkgs,
lib,
config,
options,
niveumPackages,
...
}: let
inherit (lib.strings) makeBinPath;
inherit (import ../lib) localAddresses kieran;
scripts = import ../packages/scripts {inherit config pkgs lib;};
defaultApplications = (import ../lib).defaultApplications {inherit pkgs;};
in {
imports = [
@@ -27,10 +26,6 @@ in {
allowUnfree = true;
packageOverrides = pkgs: {
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"'';
gfs-fonts = pkgs.callPackage ../packages/gfs-fonts.nix {};
tocharian-font = pkgs.callPackage ../packages/tocharian-font.nix {};
iolanguage = pkgs.callPackage ../packages/iolanguage.nix {};
ix = pkgs.callPackage ../packages/ix.nix {};
};
permittedInsecurePackages = [
"qtwebkit-5.212.0-alpha4"
@@ -43,7 +38,20 @@ in {
boot.loader.timeout = 1;
}
{
age.secrets.di-fm-key.file = ../secrets/di-fm-key.age;
age.secrets = {
di-fm-key = {
file = ../secrets/di-fm-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
restic = {
file = ../secrets/restic.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
}
{
home-manager.users.me = {
@@ -88,7 +96,7 @@ in {
cd "$(mktemp -d)"
pwd
'';
swallow = command: "${scripts.swallow}/bin/swallow ${command}";
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
in {
"ß" = "${pkgs.util-linux}/bin/setsid";
cat = "${pkgs.bat}/bin/bat --style=plain";

25
configs/flameshot.nix
View File

@@ -2,10 +2,7 @@
lib,
pkgs,
...
}: let
inherit (import <niveum/lib>) defaultApplications;
flameshot-once = pkgs.callPackage <stockholm/krebs/5pkgs/simple/flameshot-once> {};
in {
}: {
home-manager.users.me = {
services.flameshot = {
enable = true;
@@ -19,25 +16,7 @@ in {
showHelp = false;
squareMagnifier = true;
uploadWithoutConfirmation = true;
buttons = lib.concatStringsSep " " [
"TYPE_ARROW"
"TYPE_CIRCLE"
"TYPE_CIRCLECOUNT"
"TYPE_COPY"
"TYPE_DRAWER"
"TYPE_EXIT"
"TYPE_IMAGEUPLOADER"
"TYPE_MARKER"
"TYPE_MOVESELECTION"
"TYPE_PENCIL"
"TYPE_PIXELATE"
"TYPE_RECTANGLE"
"TYPE_SAVE"
"TYPE_SELECTION"
# "TYPE_SELECTIONINDICATOR"
"TYPE_TEXT"
"TYPE_UNDO"
];
buttons = ''@Variant(\0\0\0\x7f\0\0\0\vQList<int>\0\0\0\0\x10\0\0\0\x2\0\0\0\x5\0\0\0\x13\0\0\0\xa\0\0\0\x1\0\0\0\xc\0\0\0\xd\0\0\0\x6\0\0\0\x8\0\0\0\0\0\0\0\xf\0\0\0\x4\0\0\0\xb\0\0\0\x3\0\0\0\x12\0\0\0\x9)'';
};
};
};

10
configs/fonts.nix
View File

@@ -1,4 +1,8 @@
{pkgs, ...}: let
{
pkgs,
niveumPackages,
...
}: let
zip-font = name: arguments: let
directory = pkgs.fetchzip arguments;
in
@@ -76,7 +80,7 @@ in {
font-awesome
galatia-sil
gentium
gfs-fonts
niveumPackages.gfs-fonts
gyre-fonts
ibm-plex
jetbrains-mono
@@ -96,7 +100,7 @@ in {
source-sans-pro
source-serif-pro
theano
tocharian-font
niveumPackages.tocharian-font
vistafonts
vollkorn
zilla-slab

4
configs/git.nix
View File

@@ -2,10 +2,10 @@
pkgs,
config,
lib,
inputs,
...
}: let
inherit (import ../lib) kieran ignorePaths;
git-preview = pkgs.callPackage ../packages/git-preview.nix {};
in {
environment.systemPackages = [
pkgs.mr
@@ -19,7 +19,7 @@ in {
pkgs.gitstats
pkgs.patch
pkgs.patchutils
git-preview
inputs.self.packages.x86_64-linux.git-preview
];
environment.shellAliases = {

38
configs/i3.nix
View File

@@ -2,12 +2,12 @@
config,
pkgs,
lib,
niveumPackages,
...
}: let
inherit (import ../lib) defaultApplications colours;
scripts = import ../packages/scripts {inherit config pkgs lib;};
klem = import ../packages/scripts/klem.nix {
inherit pkgs lib;
klem = niveumPackages.klem.override {
config.dmenu = "${pkgs.dmenu}/bin/dmenu -i -p klem";
config.scripts = {
"p.r" = pkgs.writers.writeDash "p.r" ''
${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \
@@ -36,10 +36,10 @@
${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
'';
"ipa" = pkgs.writers.writeDash "ipa" ''
${scripts.ipa}/bin/ipa
${niveumPackages.ipa}/bin/ipa
'';
"betacode" = pkgs.writers.writeDash "betacode" ''
${scripts.betacode}/bin/betacode
${niveumPackages.betacode}/bin/betacode
'';
"curl" = pkgs.writers.writeDash "curl" ''
${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
@@ -60,14 +60,14 @@ in {
age.secrets = {
github-token-i3status-rust = {
file = ../secrets/github-token-i3status-rust.age;
owner = "kfm";
group = "users";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
openweathermap-api-key = {
file = ../secrets/openweathermap-api-key.age;
owner = "kfm";
group = "users";
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
@@ -254,9 +254,9 @@ in {
"${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}";
"${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}";
"${modifier}+y" = "exec ${(defaultApplications pkgs).browser}";
"${modifier}+0" = "exec ${scripts.menu-calc}/bin/=";
"${modifier}+0" = "exec ${niveumPackages.menu-calc}/bin/=";
"${modifier}+Shift+w" = "exec ${scripts.k-lock}/bin/k-lock";
"${modifier}+Shift+w" = "exec ${niveumPackages.k-lock}/bin/k-lock";
"${modifier}+d" = "exec ${pkgs.writers.writeDash "run" ''exec rofi -modi run,ssh,window -show run''}";
"${modifier}+Shift+d" = "exec ${
pkgs.writers.writeDash "notemenu" ''
@@ -279,16 +279,22 @@ in {
}";
"${modifier}+p" = "exec rofi-pass";
"${modifier}+Shift+p" = "exec rofi-pass --insert";
"${modifier}+u" = "exec ${scripts.unicodmenu}/bin/unicodmenu";
"${modifier}+u" = "exec ${niveumPackages.unicodmenu}/bin/unicodmenu";
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F7" = "exec ${scripts.showkeys-toggle}/bin/showkeys-toggle";
"${modifier}+F7" = "exec ${pkgs.writers.writeDash "showkeys-toggle" ''
if ${pkgs.procps}/bin/pgrep screenkey; then
exec ${pkgs.procps}/bin/pkill screenkey
else
exec ${pkgs.screenkey}/bin/screenkey
fi
''}";
"${modifier}+F8" = "exec switch-theme toggle";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
"${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
"${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";
"${modifier}+F12" = "exec ${klem}/bin/klem";
"Print" = "exec flameshot-once";
"Print" = "exec flameshot gui";
"XF86AudioLowerVolume" = "exec ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 5";
@@ -298,9 +304,9 @@ in {
"XF86AudioNext" = "exec ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${scripts.k-lock}/bin/k-lock";
"XF86ScreenSaver" = "exec ${niveumPackages.k-lock}/bin/k-lock";
"XF86Display" = "exec ${scripts.dmenurandr}/bin/dmenurandr";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenurandr";
# key names detected with xorg.xev:
# XF86WakeUp (fn twice)

14
configs/khal.nix
View File

@@ -17,8 +17,18 @@
};
in {
age.secrets = {
nextcloud-password-kieran.file = ../secrets/nextcloud-password-kieran.age;
nextcloud-password-fysi.file = ../secrets/nextcloud-password-fysi.age;
nextcloud-password-kieran = {
file = ../secrets/nextcloud-password-kieran.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
nextcloud-password-fysi = {
file = ../secrets/nextcloud-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
environment.systemPackages = [

6
configs/mpv.nix
View File

@@ -2,10 +2,10 @@
pkgs,
lib,
config,
niveumPackages,
...
}: let
scripts = import ../packages/scripts {inherit config pkgs lib;};
swallow = command: "${scripts.swallow}/bin/swallow ${command}";
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
in {
environment.shellAliases.smpv = swallow "mpv";
@@ -37,7 +37,7 @@ in {
};
scripts = [
pkgs.mpvScripts.youtube-quality
(pkgs.callPackage ../packages/mpv-visualizer.nix {})
niveumPackages.mpv-visualizer
];
};
};

32
configs/neovim.nix
View File

@@ -1,25 +1,13 @@
{pkgs, ...}: {
{
pkgs,
niveumPackages,
...
}: {
environment.variables.EDITOR = pkgs.lib.mkForce "nvim";
environment.shellAliases.vi = "nvim";
environment.shellAliases.vim = "nvim";
environment.shellAliases.view = "nvim -R";
nixpkgs.config.packageOverrides = pkgs: {
vimPlugins =
pkgs.vimPlugins
// {
cheat-sh-vim = pkgs.callPackage ../packages/vimPlugins/cheat-sh.nix {};
vim-fetch = pkgs.callPackage ../packages/vimPlugins/vim-fetch.nix {};
vim-colors-paramount = pkgs.callPackage ../packages/vimPlugins/vim-colors-paramount.nix {};
vim-256noir = pkgs.callPackage ../packages/vimPlugins/vim-256noir.nix {};
icalendar-vim = pkgs.callPackage ../packages/vimPlugins/icalendar-vim.nix {};
jq-vim = pkgs.callPackage ../packages/vimPlugins/jq-vim.nix {};
vim-fsharp = pkgs.callPackage ../packages/vimPlugins/vim-fsharp.nix {};
vim-reason-plus = pkgs.callPackage ../packages/vimPlugins/vim-reason-plus.nix {};
vim-mail = pkgs.callPackage ../packages/vimPlugins/vim-mail.nix {};
};
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
(pkgs.neovim.override {
@@ -34,11 +22,11 @@
undotree
tabular
# vimwiki
vim-colors-paramount
niveumPackages.vimPlugins-vim-colors-paramount
vim-commentary
vim-css-color
vim-eunuch
vim-fetch
niveumPackages.vimPlugins-vim-fetch
vim-fugitive
vim-gitgutter
vim-repeat
@@ -61,8 +49,8 @@
elm-vim
emmet-vim
haskell-vim
icalendar-vim
jq-vim
niveumPackages.vimPlugins-icalendar-vim
niveumPackages.vimPlugins-jq-vim
rust-vim
typescript-vim
vim-javascript
@@ -71,7 +59,7 @@
vimtex
vim-pandoc
vim-pandoc-syntax
vim-256noir
niveumPackages.vimPlugins-vim-256noir
];
};
};

2
configs/newsboat.nix
View File

@@ -4,8 +4,6 @@
lib,
...
}: let
scripts = import <niveum/packages/scripts> {inherit pkgs lib;};
ytdl-format = "'bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best'";
youtube-download = "${pkgs.ts}/bin/ts ${pkgs.yt-dlp}/bin/yt-dlp -f ${ytdl-format} --add-metadata";

133
configs/packages.nix
View File

@@ -3,17 +3,10 @@
pkgs,
lib,
inputs,
niveumPackages,
...
}: let
hc = pkgs.callPackage ../packages/hc.nix {};
worldradio = pkgs.callPackage ../packages/worldradio.nix {};
pandoc-doc = pkgs.callPackage ../packages/man/pandoc.nix {};
dic = pkgs.callPackage ../packages/dic.nix {};
untilport = pkgs.callPackage ../packages/untilport.nix {};
cyberlocker-tools = pkgs.callPackage ../packages/cyberlocker-tools.nix {};
kpaste = pkgs.callPackage ../packages/kpaste.nix {};
scripts = import ../packages/scripts {inherit config pkgs lib;};
zoteroStyle = {
name,
@@ -141,60 +134,58 @@ in {
okular # the word is nucular
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
hc # print files as qr codes
niveumPackages.hc # print files as qr codes
yt-dlp
espeak
bc # calculator
pari # gp -- better calculator
rink # unit converter
scripts.auc
scripts.stackoverflow
scripts.infschmv
scripts.qrpaste
scripts.ttspaste
scripts.new-mac # get a new mac address
scripts.scanned
scripts.default-gateway
scripts.showkeys-toggle
scripts.kirciuoklis
scripts.favicon
scripts.heuretes
scripts.ipa # XSAMPA to IPA converter
scripts.playlist
scripts.mpv-tv
scripts.devanagari
scripts.betacode # ancient greek betacode to unicode converter
scripts.meteo
scripts.mahlzeit
scripts.vimv
scripts.swallow # window swallowing
scripts.literature-quote
niveumPackages.auc
niveumPackages.cheat-sh
niveumPackages.infschmv
niveumPackages.qrpaste
niveumPackages.ttspaste
niveumPackages.new-mac # get a new mac address
niveumPackages.scanned
niveumPackages.default-gateway
niveumPackages.kirciuoklis
niveumPackages.image-convert-favicon
niveumPackages.heuretes
niveumPackages.ipa # XSAMPA to IPA converter
niveumPackages.pls
niveumPackages.mpv-tv
niveumPackages.devanagari
niveumPackages.betacode # ancient greek betacode to unicode converter
niveumPackages.meteo
niveumPackages.mahlzeit
niveumPackages.vimv
niveumPackages.swallow # window swallowing
niveumPackages.literature-quote
jless # less(1) for json
scripts.notetags
scripts.booksplit
scripts.dmenurandr
scripts.interdimensional-cable
scripts.dmenubluetooth
scripts.manual-sort
scripts.dns-sledgehammer
niveumPackages.booksplit
niveumPackages.dmenu-randr
niveumPackages.dmenu-bluetooth
niveumPackages.manual-sort
niveumPackages.dns-sledgehammer
ts
scripts.vg
scripts.fkill
scripts.wttr
scripts.unicodmenu
scripts.closest
scripts.trans
scripts.mpv-radio
niveumPackages.vg
niveumPackages.fkill
niveumPackages.wttr
niveumPackages.unicodmenu
niveumPackages.closest
niveumPackages.trans
(niveumPackages.mpv-radio.override {
di-fm-key-file = config.age.secrets.di-fm-key.path;
})
# kmein.slide
termdown
scripts.tolino-screensaver
scripts.rfc
scripts.tag
scripts.timer
python3Packages.eyeD3
scripts.menu-calc
niveumPackages.image-convert-tolino
niveumPackages.rfc
niveumPackages.tag
niveumPackages.timer
niveumPackages.menu-calc
nix-prefetch-git
scripts.nix-git
niveumPackages.nix-git
nixfmt
par
qrencode
@@ -213,35 +204,20 @@ in {
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
(pkgs.writers.writeDashBin "alarm" ''
set -efu
export PATH=${lib.makeBinPath [pkgs.coreutils pkgs.bc inputs.scripts.packages.x86_64-linux.rusty-jeep]}
for i in `seq 8000 1000 10000`; do
echo $i 100
done | rusty-jeep
echo 'if you heard that sound, then goto sleep..^_^'
echo sleep "$@"
sleep "$@"
echo 'wake up!'
while :; do
echo $(echo "($(od -tu -An -N 2 /dev/urandom)%1000)+500"|bc) $(echo "($(od -tu -An -N 2 /dev/urandom)%500)+100"|bc)
done | rusty-jeep 1
'')
inputs.scripts.packages.x86_64-linux.alarm
spotify
ncspot
playerctl
nix-index
scripts.nix-index-update
niveumPackages.nix-index-update
#krebs
dic
cyberlocker-tools
untilport
kpaste
niveumPackages.dic
niveumPackages.cyberlocker-tools
niveumPackages.untilport
niveumPackages.kpaste
config.nur.repos.mic92.ircsink
(python3.withPackages (py: [
@@ -269,14 +245,14 @@ in {
latexrun
(aspellWithDicts (dict: [dict.de dict.en dict.en-computers]))
# haskellPackages.pandoc-citeproc
scripts.text2pdf
niveumPackages.text2pdf
lowdown
glow # markdown to term
libreoffice
# gnumeric
dia
pandoc
pandoc-doc
niveumPackages.man-pandoc
# proselint
asciidoctor
wordnet
@@ -291,7 +267,12 @@ in {
'')
];
age.secrets.home-assistant-token.file = ../secrets/home-assistant-token.age;
age.secrets.home-assistant-token = {
file = ../secrets/home-assistant-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
home-manager.users.me.xdg.configFile."pycodestyle".text = ''
[pycodestyle]

8
configs/telegram-bots/literature-quote.nix
View File

@@ -2,17 +2,15 @@
pkgs,
config,
lib,
niveumPackages,
...
}: let
scripts = import ../../packages/scripts {inherit config pkgs lib;};
inherit (scripts) literature-quote;
in {
}: {
niveum.telegramBots.quotebot = {
enable = true;
time = "08/6:00";
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = ["-1001760262519"];
command = "${literature-quote}/bin/literature-quote";
command = "${niveumPackages.literature-quote}/bin/literature-quote";
parseMode = "Markdown";
};

7
configs/traadfri.nix
View File

@@ -21,7 +21,12 @@ in {
'')
];
age.secrets.traadfri-key.file = ../secrets/traadfri-key.age;
age.secrets.traadfri-key = {
file = ../secrets/traadfri-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
niveum.traadfri = {
enable = true;