kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-19 19:41:08 +01:00
Code Releases Activity

Compare commits

base: kfm:228d93f399be3f4e02bc77cd6d3c7c75635a9ca8
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:flakes
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

1 Commits
228d93f399 ... flakes

Author SHA1 Message Date
Kierán Meinhardt
06c1be9e09 wip: flakes 2021-12-29 17:41:53 +01:00
405 changed files with 9240 additions and 16846 deletions
Expand all files Collapse all files

29
.bin/anki-poem.sh
View File

@@ -1,29 +0,0 @@
#!/bin/sh
file="${1?please supply a poetry file}"
[ -f "$file" ] || {
echo "'$file' is no file"
exit 1
}
poem="$(mktemp)"
clean () {
rm "$poem"
}
trap clean EXIT
sed '/^$/d' "$file" > "$poem"
htmlize() {
awk 'ORS="<br/>"' \
| head -c -5 # remove final <br/> characters
}
for line_number in $(seq 1 "$(wc -l "$poem" | cut -d' ' -f1)"); do
if [ "$line_number" -gt 3 ] && [ "$line_number" -gt 1 ]; then
sed -n "$((line_number - 3)),$((line_number - 1))p" "$poem"
else
sed -n "1,$((line_number - 1))p" "$poem"
fi | htmlize
printf '\t'
sed -n "${line_number},+1p" "$poem" | htmlize
printf '\n'
done

54
.bin/avesta.sed
View File

@@ -1,54 +0,0 @@
#!/usr/bin/env -S sed -f
s/ā̊/𐬃/g
s//𐬝/g
s/ṣ̌/𐬴/g
s/š́/𐬳/g
s/ą̄/𐬅/g
s/ŋᵛ/𐬤/g
s/ə̄/𐬇/g
s/ŋ́/𐬣/g
s//𐬒/g
s/xᵛ/𐬓/g
s/a/𐬀/g
s/ā/𐬁/g
s/å/𐬂/g
s/ą/𐬄/g
s/ə/𐬆/g
s/e/𐬈/g
s/ē/𐬉/g
s/o/𐬊/g
s/ō/𐬋/g
s/i/𐬌/g
s/ī/𐬍/g
s/u/𐬎/g
s/ū/𐬏/g
s/k/𐬐/g
s/x/𐬑/g
s/g/𐬔/g
s/ġ/𐬕/g
s/γ/𐬖/g
s/c/𐬗/g
s/j/𐬘/g
s/t/𐬙/g
s/θ/𐬚/g
s/d/𐬛/g
s/δ/𐬜/g
s/p/𐬞/g
s/f/𐬟/g
s/b/𐬠/g
s/β/𐬡/g
s/ŋ/𐬢/g
s/n/𐬥/g
s/ń/𐬦/g
s//𐬧/g
s/m/𐬨/g
s//𐬩/g
s//𐬫/g
s/y/𐬪/g
s/v/𐬬/g
s/r/𐬭/g
s/s/𐬯/g
s/z/𐬰/g
s/š/𐬱/g
s/ž/𐬲/g
s/h/𐬵/g

19
.bin/calendars.sh
View File

@@ -1,19 +0,0 @@
#!/bin/sh
directory="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$directory"
}
year=$(date +%Y)
output=/tmp/$year.pdf
for month in $(seq 1 12); do
printf "\r%d" "$month" 1>&2
astrolog -zN Berlin -qm "$month" "$year" -X -K -XA -Xr -Xm -Xb -Xo "$(printf "%s/%02d.bmp" "$directory" "$month")" -Xw 1080 720 2>/dev/null
done
printf "\r"
convert "$directory/*.bmp" "$output"
echo "$output"

43
.bin/dummy-alert
View File

@@ -1,43 +0,0 @@
#!/bin/bash
name=$RANDOM
url='http://localhost:9093/api/v1/alerts'
echo "firing up alert $name"
# change url o
curl -XPOST $url -d "[{
\"status\": \"firing\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""
echo "press enter to resolve alert"
read
echo "sending resolve"
curl -XPOST $url -d "[{
\"status\": \"resolved\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""

5
.bin/json2csv.jq
View File

@@ -1,5 +0,0 @@
#!/usr/bin/env -S jq -r -f
(map(keys) | add | unique) as $cols
| map(. as $row | $cols | map($row[.])) as $rows
| $cols, $rows[]
| @csv

1
.bin/mud.sh
View File

@@ -1 +0,0 @@
ssh mud@hotdog.r -t "MUD_NICKNAME=$LOGNAME mud"

6
.bin/mushakkil.sh
View File

@@ -1,6 +0,0 @@
#!/bin/sh
curl -sSL 'https://diac.alsharekh.org/Diac/DiacText' \
-H "Content-Type: application/json" \
--data-raw "$(jq --raw-input '{word: ., type: 1}')" \
--compressed \
| jq -r .diacWord

65
.bin/prospekte.sh
View File

@@ -1,65 +0,0 @@
#!/bin/sh
lidl() {
echo LIDL
curl -sSL 'https://endpoints.lidl-flyer.com/v3/region-overview/lidl/de-DE/0.json' \
| jq -r '
.categories
| map(select(.name == "Filial-Angebote") | .subcategories | map(.flyers))
| flatten
| flatten
| .[]
| .pdfUrl
'
}
aldi_nord() {
echo ALDI nord
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-aktuell/GetPDF.ashx'
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-vorschau/GetPDF.ashx'
}
rewe_berlin() {(
store_id=662366923
publisher_id=1062
echo REWE
curl -sSL 'https://www.bonialserviceswidget.de/de/stores/'$store_id'/brochures?storeId='$store_id'&publisherId='$publisher_id | while read -r brochure_id; do
curl -sSL 'https://www.bonialserviceswidget.de/de/v5/brochureDetails/'"$brochure_id"'?publisherId='$publisher_id | jq -r .pdfUrl
done
)}
kaufland() {(
region_code=8920
echo KAUFLAND
curl -sSL https://filiale.kaufland.de/prospekte.html | htmlq --attribute href '.flyer a' | grep -Eo 'DE_de_KDZ[^/]*' | sed "s/_3000_/_${region_code}_/" | while read -r flyer_id; do
curl -sSL "https://endpoints.leaflets.kaufland.com/v3/$flyer_id/flyer.json?regionCode=$region_code" | jq -r .flyer.pdfUrl
done
)}
netto_schwarz() {
echo 'NETTO (schwarz)'
curl -sSL 'https://squid-api.tjek.com/v2/catalogs?dealer_ids=90f2VL&order_by=created' \
| jq -r '.[] | .id' \
| while read -r flyer_id; do
curl -sSL "https://squid-api.tjek.com/v2/catalogs/$flyer_id/download" \
| jq -r .pdf_url
done
}
dir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$dir"
}
prospekt_url="$( (
lidl
aldi_nord
rewe_berlin
kaufland
netto_schwarz
) | fzf)"
curl -sSL "$prospekt_url" -o "$dir/prospekt.pdf"
zathura "$dir/prospekt.pdf"

16
.bin/screencap.sh
View File

@@ -1,16 +0,0 @@
#! /usr/bin/env nix-shell
#! nix-shell -i sh -p coreutils byzanz xorg.xwininfo gnused
# shellcheck shell=sh
# ref https://gist.github.com/aforemny/0994cb7f06ea30d56c8b9681ff5d2054
set -eux
eval "$(xwininfo | \
sed -n -e 's/^ \+Absolute upper-left X: \+\([0-9]\+\).*/x=\1/p' \
-e 's/^ \+Absolute upper-left Y: \+\([0-9]\+\).*/y=\1/p' \
-e 's/^ \+Width: \+\([0-9]\+\).*/w=\1/p' \
-e 's/^ \+Height: \+\([0-9]\+\).*/h=\1/p')"
trap "pkill -f 'sleep 360d'" INT
byzanz-record -e "sleep 360d" -c -x $x -y $y -w $w -h $h "$@"

49
.bin/space.py
View File

@@ -1,49 +0,0 @@
import ephem
from datetime import datetime, date, timedelta
now = datetime.now()
limit = now + timedelta(days=365)
def events_until(limit):
initial_date = ephem.Date(datetime.now())
events = {}
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_full_moon(now)
events[now] = "🌕"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_new_moon(now)
events[now] = "🌑"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_vernal_equinox(now)
events[now] = "spring equinox"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_autumnal_equinox(now)
events[now] = "fall equinox"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_winter_solstice(now)
events[now] = "winter solstice"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_summer_solstice(now)
events[now] = "summer solstice"
return events
events = events_until(limit)
for date, event in sorted(events.items(), key=lambda x: x[0]):
if ephem.localtime(date) < limit:
print(ephem.localtime(date), event)

50
.bin/toposort.nix
View File

@@ -1,50 +0,0 @@
let
lib = import <nixpkgs/lib>;
in rec {
inherit lib;
input = [
{
x = ["pool" "zfs"];
y = ["mdadm" "raid1"];
}
{
x = ["pool" "zfs"];
y = ["disk" "sda"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdb"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdc"];
}
];
outNodes = node: graph:
lib.unique
(builtins.map (e: e.y)
(builtins.filter (v: v.x == node) graph));
vertices = graph:
lib.unique
(builtins.map (x: x.y) graph ++ builtins.map (x: x.x) graph);
deleteVertex = node: graph: (builtins.filter (v: v.x != node && v.y != node) graph);
findSink = graph:
lib.findFirst
(v: outNodes v graph == [])
(lib.trace graph (builtins.abort "No sink found"))
(vertices graph);
topSort = graph:
if graph == []
then []
else if builtins.length graph == 1
then let only = builtins.head graph; in [only.y only.x]
else let sink = findSink graph; in [sink] ++ topSort (deleteVertex sink graph);
output = topSort input;
}

18
.bin/ttrss-unread
View File

@@ -1,18 +0,0 @@
#/usr/bin/env -S deno run -A:q
set -x
session_cache="$HOME/.cache/tt-rss.session"
ttrss_endpoint=https://feed.kmein.de/api/
ttrss_user=k
ttrss_password=$(pass shared/tt-rss/password)
login() {
if [ -f "$session_cache" ]; then
session_id="$(cat "$session_cache")"
else
session_id="$(curl -d '{"op":"login","user":"'"$ttrss_user"'","password":"'"$ttrss_password"'"}' "$ttrss_endpoint" | jq -r .content.session_id)"
echo "$session_id" > "$session_cache"
fi
}
login
curl -d '{"sid":"'"$session_id"'","op":"getUnread"}' "$ttrss_endpoint" | jq .content

16
.bin/tuesday-1800
View File

@@ -1,16 +0,0 @@
#!/bin/sh
set -efux
expected_max_results=1024 # the upper bound on the number of restaurants
radius=250
echo '[out:json];node(id:260050809)->.cbase;
(
node(around.cbase:'$radius')[amenity=fast_food];
node(around.cbase:'$radius')[amenity=restaurant];
);out;' \
| curl -sSL -d @- -X POST http://overpass-api.de/api/interpreter \
| jq --argjson random "$(shuf -i 0-$expected_max_results -n 1)" '
.elements
| length as $length
| .[$random % $length]
'

8
.bin/unicode
View File

@@ -1,8 +0,0 @@
import sys
import unicodedata
for index, character in enumerate(sys.stdin.read().strip()):
try:
print(index, character, hex(ord(character)), unicodedata.category(character), unicodedata.name(character))
except:
print(index, character, hex(ord(character)))

26
.bin/watson2fdf.sh
View File

@@ -1,26 +0,0 @@
project=Filli
year=2022
for month in Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec; do
from="$(date +%F -d "$month 1, $year")"
to="$(date +%F -d "$month 1, $year + 1 month")"
watson report --json --from "$from" --to "$to" --project "$project"
done | jq --slurp '
def in_array($arr):
. as $value | any($arr[]; . == $value);
map(
["engadin-app","fysiweb","val-muestair","mia-engiadina","ol"] as $official_projects
| (.timespan.from | .[0:7]) as $timespan
| .projects | .[0]
| .time as $total_time
| .tags
| select(. != null)
| map(select(.name | in_array($official_projects)))
| (map(.time)|add) as $official_time
| map({key:.name, value:.time}) | from_entries
| .other |= ($total_time - $official_time)
| map_values(. / (60*60) | ceil)
| .month |= $timespan
)
'

19
.github/workflows/flake.yml vendored
View File

@@ -1,19 +0,0 @@
name: Update flake.lock
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '0 0 * * 0' # runs weekly on Sunday at 00:00
jobs:
lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install Nix
uses: cachix/install-nix-action@v16
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v3

37
.github/workflows/niveum.yml vendored
View File

@@ -1,37 +0,0 @@
name: CI
on:
push:
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
system: [makanek,manakish,kabsa,zaatar,ful,fatteh]
steps:
- uses: actions/checkout@v3
- name: Install QEMU (ARM)
run: sudo apt-get install -y qemu-user-static
if: ${{ matrix.system == 'ful' }}
- name: Install Nix (ARM)
uses: cachix/install-nix-action@v16
if: ${{ matrix.system == 'ful' }}
with:
extra_nix_config: |
system = aarch64-linux
- name: Install Nix (x86_64)
uses: cachix/install-nix-action@v16
if: ${{ matrix.system != 'ful' }}
- name: nixos-rebuild dry-build
run: |
# remove secrets: ref https://stackoverflow.com/questions/1260748/how-do-i-remove-a-submodule/36593218
git submodule deinit -f secrets
rm -rf .git/modules/secrets
git rm -f secrets
# recreate secrets
mkdir secrets
cat secrets.txt | while read -r path; do touch $path; done
git add secrets
nix run nixpkgs#nixos-rebuild -- dry-build --flake $GITHUB_WORKSPACE#${{matrix.system}}

12
.gitmodules vendored
View File

@@ -1,3 +1,9 @@
[submodule "secrets"] [submodule "submodules/menstruation-telegram"]
path = secrets path = submodules/menstruation-telegram
url = ssh://gitea@code.kmein.de:22022/kfm/niveum-secrets.git url = https://github.com/kmein/menstruation-telegram
[submodule "submodules/menstruation-backend"]
path = submodules/menstruation-backend
url = https://github.com/kmein/menstruation.rs
[submodule "submodules/nur-packages"]
path = submodules/nur-packages
url = git@github.com:kmein/nur-packages.git

11
.versions/home-manager.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/nix-community/home-manager.git",
"rev": "697cc8c68ed6a606296efbbe9614c32537078756",
"date": "2021-12-19T00:59:29+01:00",
"path": "/nix/store/fb46bv10azrag2jjlzhil6j11f4x8glw-home-manager",
"sha256": "1c8gxm86zshr2zj9dvr02qs7y3m46gqavr6wyv01r09jfd99dxz9",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/krops.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.krebsco.de/krops",
"rev": "cccebf3ff7a53336b3f106cb96dddd5892d427ed",
"date": "2021-03-23T22:47:37+01:00",
"path": "/nix/store/mz13xxnil35lwsf90hwnrm2agir7hb51-krops",
"sha256": "07mg3iaqjf1w49vmwfchi7b1w55bh7rvsbgicp2m47gnj9alwdb6",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nix-writers.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.krebsco.de/nix-writers",
"rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71",
"date": "2019-04-02T20:05:33+02:00",
"path": "/nix/store/wm5zhsha1a2iy0d582nlfi7604ayd1vz-nix-writers",
"sha256": "0xdivaca1hgbxs79jw9sv4gk4f81vy8kcyaff56hh2dgq2awyvw4",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs-mozilla.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/mozilla/nixpkgs-mozilla",
"rev": "7c1e8b1dd6ed0043fb4ee0b12b815256b0b9de6f",
"date": "2021-12-07T09:28:33-05:00",
"path": "/nix/store/pqwcw589i2y2w2116wn3ifl834adjsa0-nixpkgs-mozilla",
"sha256": "1a71nfw7d36vplf89fp65vgj3s66np1dc0hqnqgj5gbdnpm1bihl",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs-unstable.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/NixOS/nixpkgs.git",
"rev": "f01adc7b35a8f80e82f3466e6d873b8b9c8f1b28",
"date": "2021-12-22T23:05:28+01:00",
"path": "/nix/store/zhfrvg77dzpc3hq02v9zv20dfgqwpzk6-nixpkgs",
"sha256": "17iyf2iiizi7c1wr71day3wvgalbkkm2zgc9lpy7y42rl4frq9sf",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/NixOS/nixpkgs.git",
"rev": "9ab7d12287ced0e1b4c03b61c781901f178d9d77",
"date": "2021-12-21T10:09:48+01:00",
"path": "/nix/store/minmlh0avkwvvc3p7flhpbglp13kr585-nixpkgs",
"sha256": "0bbd2pgcyavqn5wgq0xp8p67lha0kv9iqnh49i9w5fb5g29q7i30",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/retiolum.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/krebs/retiolum",
"rev": "b72b0a987767b587c79cba8499b5114d69fceeef",
"date": "2021-12-28T19:46:45+00:00",
"path": "/nix/store/kyaqwf89v6id9mda92x4b0hf778j987x-retiolum",
"sha256": "19hjzzlfk1m9ign33w4ppqgmg23v7c6k8l0fm7f33spq8982w7rb",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/stockholm.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.lassul.us/stockholm",
"rev": "576c05cf3a0ceddefa29c2d0073108177c3cfa52",
"date": "2021-12-22T13:59:46+01:00",
"path": "/nix/store/yx1j5pardgd9114f0cf3c4xjfq6r4yfv-stockholm",
"sha256": "18napi4k8i2iizrismlp9ha3ga6c3n2dvrhijy59kl1jxqrsaq9l",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

4
README.md
View File

@@ -7,6 +7,4 @@
> 2. Transf., _snow-white, snowy_ (mostly poet.): a similitudine sic: Corpore niveum candorem, aspectu igneum ardorem assequebatur, Auct. Her. 4, 33, 44: lacerti, Verg. A. 8, 387: lac, id. E. 2, 20: hanc si capite niveae agnae exorari judicas, Sen. Q. N. 2, 36: Briseis niveo colore, Hor. C. 2, 4, 3: vestis, Ov. M. 10, 432: candidior nivei folio, Galatea, ligustri, id. ib. 13, 789: dens, id. H. 18, 18: quā notam duxit niveus videri, Hor. C. 4, 2, 59: panis, Juv. 5, 70: flumen, _clear, pellucid_, Sen. Hippol. 504: undae, Mart. 7, 32, 11: tribuni, _clothed in white togas_, Calp. Ecl. 7, 29; so, Quirites, Juv. 10, 45. > 2. Transf., _snow-white, snowy_ (mostly poet.): a similitudine sic: Corpore niveum candorem, aspectu igneum ardorem assequebatur, Auct. Her. 4, 33, 44: lacerti, Verg. A. 8, 387: lac, id. E. 2, 20: hanc si capite niveae agnae exorari judicas, Sen. Q. N. 2, 36: Briseis niveo colore, Hor. C. 2, 4, 3: vestis, Ov. M. 10, 432: candidior nivei folio, Galatea, ligustri, id. ib. 13, 789: dens, id. H. 18, 18: quā notam duxit niveus videri, Hor. C. 4, 2, 59: panis, Juv. 5, 70: flumen, _clear, pellucid_, Sen. Hippol. 504: undae, Mart. 7, 32, 11: tribuni, _clothed in white togas_, Calp. Ecl. 7, 29; so, Quirites, Juv. 10, 45.
## Pressestimmen ## Pressestimmen
> das ist ja pure poesie —[riotbib](https://github.com/riotbib/) > das ist ja pure poesie —[xkey](https://github.com/riotbib)
> Deine Configs sind wunderschön <3 —[flxai](https://github.com/flxai/)

102
configs/admin-essentials.nix
View File

@@ -1,102 +0,0 @@
{
pkgs,
niveumPackages,
lib,
...
}: let
darwin = lib.strings.hasSuffix "-darwin" pkgs.system;
in {
environment.systemPackages =
[
pkgs.htop
pkgs.w3m
pkgs.wget
# ARCHIVE TOOLS
pkgs.unzip
pkgs.unrar
pkgs.p7zip
pkgs.zip
# MONITORS
pkgs.iftop # interface bandwidth monitor
pkgs.lsof # list open files
# SHELL
pkgs.sqlite
pkgs.fd # better find
pkgs.tree
pkgs.parallel # for parallel, since moreutils shadows task spooler
pkgs.ripgrep # better grep
pkgs.rlwrap
pkgs.progress # display progress bars for pipes
pkgs.file # determine file type
pkgs.gdu # ncurses disk usage (ncdu is broken)
pkgs.rmlint # remove duplicate files
pkgs.jq # json toolkit
pkgs.jless # less(1) for json
pkgs.fq # toolkit for yaml, xml and binaries
pkgs.bc # calculator
pkgs.pari # gp -- better calculator
pkgs.ts
niveumPackages.vimv
niveumPackages.vg
niveumPackages.fkill
niveumPackages.cyberlocker-tools
niveumPackages.untilport
niveumPackages.kpaste
# HARDWARE
pkgs.pciutils # for lspci
]
++ lib.optionals (!darwin) [
pkgs.usbutils # for lsusb
pkgs.lshw # for lshw
pkgs.iotop # I/O load monitor
pkgs.psmisc # for killall, pstree
];
environment.shellAliases = let
take = pkgs.writers.writeDash "take" ''
mkdir "$1" && cd "$1"
'';
cdt = pkgs.writers.writeDash "cdt" ''
cd "$(mktemp -d)"
pwd
'';
wcd = pkgs.writers.writeDash "wcd" ''
cd "$(readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname)/.."
'';
where = pkgs.writers.writeDash "where" ''
readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname
'';
in
{
nixi = "nix repl '<nixpkgs>'";
take = "source ${take}";
wcd = "source ${wcd}";
where = "source ${where}";
# temporary files and directories
cdt = "source ${cdt}";
vit = "$EDITOR $(mktemp)";
# file safety
mv = "${pkgs.coreutils}/bin/mv --interactive";
rm = "${pkgs.coreutils}/bin/rm --interactive";
cp = "${pkgs.coreutils}/bin/cp --interactive";
# colours
cat = "${pkgs.bat}/bin/bat --theme=ansi --style=plain";
l = "${pkgs.coreutils}/bin/ls --color=auto --time-style=long-iso --almost-all";
ls = "${pkgs.coreutils}/bin/ls --color=auto --time-style=long-iso";
ll = "${pkgs.coreutils}/bin/ls --color=auto --time-style=long-iso -l";
la = "${pkgs.coreutils}/bin/ls --color=auto --time-style=long-iso --almost-all -l";
}
// (
if darwin
then {}
else {
"ß" = "${pkgs.util-linux}/bin/setsid";
ip = "${pkgs.iproute2}/bin/ip -c";
# systemd
s = "${pkgs.systemd}/bin/systemctl";
us = "${pkgs.systemd}/bin/systemctl --user";
j = "${pkgs.systemd}/bin/journalctl";
uj = "${pkgs.systemd}/bin/journalctl --user";
}
);
}

302
configs/aerc.nix
View File

@@ -1,302 +0,0 @@
{
pkgs,
config,
lib,
niveumPackages,
...
}: let
inherit (import ../lib/email.nix) defaults thunderbirdProfile;
in {
age.secrets = {
email-password-cock = {
file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-posteo = {
file = ../secrets/email-password-posteo.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
accounts.email.maildirBasePath = "${config.users.users.me.home}/state/Maildir";
services.mbsync = {
enable = true;
frequency = "daily";
preExec = "${pkgs.coreutils}/bin/mkdir -p ${config.home-manager.users.me.accounts.email.maildirBasePath}";
postExec = "${pkgs.notmuch}/bin/notmuch new";
};
programs.notmuch = {
enable = true;
extraConfig = {
database.path = config.home-manager.users.me.accounts.email.maildirBasePath;
new.tags = "";
user.name = defaults.realName;
user.primary_email = config.home-manager.users.me.accounts.email.accounts.posteo.address;
};
};
programs.mbsync = {
enable = true;
extraConfig = lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: ''
IMAPAccount ${name}
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host ${account.imap.host}
PassCmd "${toString account.passwordCommand}"
User ${account.userName}
SSLType IMAPS
${lib.optionalString (lib.isInt account.imap.port) "Port ${toString account.imap.port}"}
IMAPStore ${name}-remote
Account ${name}
MaildirStore ${name}-local
Path ${config.home-manager.users.me.accounts.email.maildirBasePath}/${name}/
SubFolders Verbatim
Channel ${name}
Create Near
Expunge None
Far :${name}-remote:
Near :${name}-local:
Patterns *
Remove None
SyncState *
'')
config.home-manager.users.me.accounts.email.accounts);
};
accounts.email.accounts = {
cock =
lib.recursiveUpdate defaults
rec {
address = "2210@cock.li";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-cock.path}";
realName = "";
imap.host = "mail.cock.li";
smtp.host = imap.host;
};
posteo =
lib.recursiveUpdate defaults
rec {
address = "kieran.meinhardt@posteo.net";
aliases = ["kmein@posteo.de"];
userName = address;
imap.host = "posteo.de";
imap.port = 993;
imap.tls.enable = true;
smtp.host = imap.host;
smtp.port = 465;
smtp.tls.enable = true;
primary = true;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-posteo.path}";
himalaya = {
enable = true;
settings.backend = "imap";
};
aerc.extraAccounts.pgp-key-id = "9EDE82CC72A343A95266D0F444857074A3ACC8B7";
};
};
programs.himalaya.enable = true;
programs.thunderbird = {
enable = true;
settings = {
};
profiles.${thunderbirdProfile} = {
isDefault = true;
settings = {
"mail.default_send_format" = 1;
"msgcompose.default_colors" = false;
"msgcompose.text_color" = config.lib.stylix.colors.withHashtag.base00;
"msgcompose.background_color" = config.lib.stylix.colors.withHashtag.base05;
};
userChrome = ''
'';
userContent = ''
'';
withExternalGnupg = false;
};
};
programs.aerc = {
enable = true;
extraBinds = {
# Binds are of the form <key sequence> = <command to run>
# To use '=' in a key sequence, substitute it with "Eq": "<Ctrl+Eq>"
# If you wish to bind #, you can wrap the key sequence in quotes: "#" = quit
global = {
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab <Enter>";
"<C-t>" = ":term<Enter>";
"?" = ":help keys<Enter>";
};
messages = {
q = ":quit<Enter>";
j = ":next <Enter>";
"<Down>" = ":next<Enter>";
"<C-d>" = ":next 50%<Enter>";
"<C-f>" = ":next 100%<Enter>";
"<PgDn>" = ":next 100%<Enter>";
k = ":prev <Enter>";
"<Up>" = ":prev<Enter>";
"<C-u>" = ":prev 50%<Enter>";
"<C-b>" = ":prev 100%<Enter>";
"<PgUp>" = ":prev 100%<Enter>";
g = ":select 0 <Enter>";
G = ":select -1<Enter>";
J = ":next-folder <Enter>";
K = ":prev-folder<Enter>";
H = ":collapse-folder<Enter>";
L = ":expand-folder<Enter>";
"<space>" = ":read -t<Enter>:next<Enter>";
v = ":mark -t<Enter>";
V = ":mark -v<Enter>";
F = ":flag -t<Enter>";
T = ":toggle-threads<Enter>";
"<Enter>" = ":view<Enter>";
d = ":prompt 'Delete? ' 'delete-message'<Enter>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
C = ":compose<Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
c = ":cf<space>";
"$" = ":term<space>";
"!" = ":term<space>";
"|" = ":pipe<space>";
"/" = ":search<space>";
"\\" = ":filter <space>";
n = ":next-result<Enter>";
N = ":prev-result<Enter>";
"<Esc>" = ":clear<Enter>";
"*" = ":filter -x Flagged<Enter>";
};
view = {
tr = ":pipe ${niveumPackages.trans}/bin/trans -show-original n -b -no-autocorrect<Enter>"; # https://man.sr.ht/~rjarry/aerc/integrations/translator.md
"/" = ":toggle-key-passthrough <Enter> /";
q = ":close<Enter>";
O = ":open<Enter>";
S = ":save<space>";
"|" = ":pipe<space>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
"<C-l>" = ":open-link <space>";
f = ":forward <Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
H = ":toggle-headers<Enter>";
"<C-k>" = ":prev-part<Enter>";
"<C-j>" = ":next-part<Enter>";
J = ":next <Enter>";
K = ":prev<Enter>";
};
"view::passthrough" = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<Esc>" = ":toggle-key-passthrough<Enter>";
};
compose = {
# Keybindings used when the embedded terminal is not selected in the compose
# view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<tab>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::editor" = {
# Keybindings used when the embedded terminal is selected in the compose view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::review" = {
# Keybindings used when reviewing a message to be sent
y = ":send <Enter>";
n = ":abort<Enter>";
p = ":postpone<Enter>";
q = ":choose -o d discard abort -o p postpone postpone<Enter>";
e = ":edit<Enter>";
a = ":attach<space>";
d = ":detach<space>";
};
terminal = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
};
extraConfig = {
ui.sort = "-r date";
ui.timestamp-format = "2006-01-02 15:04";
ui.mouse-enabled = true;
ui.spinner = ". , .";
general.unsafe-accounts-conf = true;
general.pgp-provider = "gpg";
viewer = {pager = "${pkgs.less}/bin/less -R";};
compose = {
# address-book-cmd = "khard email --remove-first-line --parsable '%s'";
no-attachment-warning = "(attach|attached|attachments?|anbei|Anhang|angehängt|beigefügt)";
};
filters = {
"text/plain" = "${pkgs.aerc}/libexec/aerc/filters/colorize";
"text/calendar" = "${pkgs.aerc}/libexec/aerc/filters/calendar";
"text/html" = "${pkgs.aerc}/libexec/aerc/filters/html"; # Requires w3m, dante
# "text/html" =
# "${pkgs.aerc}/share/aerc/filters/html | ${pkgs.aerc}/share/aerc/filters/colorize";
# "text/*" =
# ''${pkgs.bat}/bin/bat -fP --theme=ansi --file-name="$AERC_FILENAME "'';
"message/delivery-status" = "${pkgs.aerc}/libexec/aerc/filters/colorize";
"message/rfc822" = "${pkgs.aerc}/libexec/aerc/filters/colorize";
"application/x-sh" = "${pkgs.bat}/bin/bat -fP -l sh";
};
openers = let
as-pdf = pkgs.writers.writeDash "as-pdf" ''
d=$(mktemp -d)
trap clean EXIT
clean() {
rm -rf "$d"
}
${pkgs.libreoffice}/bin/libreoffice --headless --convert-to pdf "$1" --outdir "$d"
${pkgs.zathura}/bin/zathura "$d"/*.pdf
'';
in {
"image/*" = "${pkgs.nsxiv}/bin/nsxiv";
"application/pdf" = "${pkgs.zathura}/bin/zathura";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = toString as-pdf;
"application/vnd.oasis.opendocument.text" = toString as-pdf;
"video/*" = "${pkgs.mpv}/bin/mpv";
"audio/*" = "${pkgs.mpv}/bin/mpv";
};
};
templates = {
# new_message = "hello!";
};
};
};
}

76
configs/alacritty.nix
View File

@@ -1,21 +1,28 @@
{ pkgs, lib, config, ... }:
{ {
pkgs, environment.variables.TERMINAL = "alacritty";
lib,
config, environment.systemPackages = [
... pkgs.alacritty
}: let ];
alacritty-cfg = theme:
(pkgs.formats.yaml {}).generate "alacritty.yml" { home-manager.users.me.xdg.configFile =
bell = { let
animation = "EaseOut"; inherit (import <niveum/lib>) colours;
duration = 100; colourNames = [ "black" "red" "green" "yellow" "blue" "magenta" "cyan" "white" ];
color = "#ffffff"; colourPairs = lib.getAttrs colourNames colours;
in {
"alacritty/alacritty.yml".source = (pkgs.formats.yaml {}).generate "alacritty.yml" {
background_opacity = 0.9;
colors = {
primary = { inherit (colours) background foreground; };
normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
}; };
font = { font = {
normal.family = "Monospace"; normal.family = "Monospace";
size = 6; size = 6;
}; };
live_config_reload = true;
key_bindings = [ key_bindings = [
{ {
key = "Plus"; key = "Plus";
@@ -33,51 +40,6 @@
action = "ResetFontSize"; action = "ResetFontSize";
} }
]; ];
colors = let
colourNames = ["black" "red" "green" "yellow" "blue" "magenta" "cyan" "white"];
colourPairs = lib.getAttrs colourNames theme;
in {
primary = {inherit (theme) background foreground;};
cursor = {inherit (theme) cursor;};
normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
};
};
alacritty-pkg = pkgs.symlinkJoin {
name = "alacritty";
paths = [
(pkgs.writers.writeDashBin "alacritty" ''
${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml msg create-window "$@" ||
${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml "$@"
'')
pkgs.alacritty
];
};
in {
environment.variables.TERMINAL = "alacritty";
home-manager.users.me = {
programs.alacritty = {
enable = true;
settings = {
keyboard.bindings = [
{
key = "Plus";
mods = "Control";
action = "IncreaseFontSize";
}
{
key = "Minus";
mods = "Control";
action = "DecreaseFontSize";
}
{
key = "Key0";
mods = "Control";
action = "ResetFontSize";
}
];
};
}; };
}; };
} }

5
configs/android.nix
View File

@@ -1,5 +0,0 @@
{
programs.adb.enable = true;
users.users.me.extraGroups = ["adbusers"];
}

51
configs/backup.nix
View File

@@ -1,51 +0,0 @@
{
pkgs,
config,
...
}: let
inherit (import ../lib) restic;
in {
services.restic.backups.niveum = {
initialize = true;
inherit (restic) repository;
timerConfig = {
OnCalendar = "8:00";
RandomizedDelaySec = "1h";
};
passwordFile = config.age.secrets.restic.path;
extraBackupArgs = [
"--exclude=/home/kfm/sync/src/nixpkgs/.git"
"--exclude=node_modules"
"--exclude=.parcel-cache"
];
paths = [
"/home/kfm/sync"
"/home/kfm/state"
"/home/kfm/cloud"
"/home/kfm/mobile"
"/home/kfm/.gnupg"
"/home/kfm/.ssh"
];
};
systemd.services.restic-backups-niveum.serviceConfig = {
Restart = "on-failure";
RestartSec = "15s";
StartLimitIntervalSec = "1m"; # don't try more than 4 times
StartLimitBurst = 4;
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "restic-niveum" ''
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} "$@"
'')
(pkgs.writers.writeDashBin "restic-mount" ''
mountdir=$(mktemp -d)
trap clean EXIT
clean() {
rm -r "$mountdir"
}
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} mount "$mountdir"
'')
];
}

4
configs/bash.nix
View File

@@ -1,7 +1,7 @@
{pkgs, ...}: { {
programs.bash = { programs.bash = {
promptInit = '' promptInit = ''
PS1="$(${pkgs.ncurses}/bin/tput bold)\w \$([[ \$? == 0 ]] && echo \"\[\033[1;32m\]\" || echo \"\[\033[1;31m\]\")\$$(${pkgs.ncurses}/bin/tput sgr0) "''; PS1="$(tput bold)\w \$([[ \$? == 0 ]] && echo \"\[\033[1;32m\]\" || echo \"\[\033[1;31m\]\")\$$(tput sgr0) "'';
interactiveShellInit = '' interactiveShellInit = ''
set -o vi set -o vi
''; '';

9
configs/tlp.nix → configs/battery.nix
View File

@@ -1,14 +1,11 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
boot.extraModulePackages = with config.boot.kernelPackages; [ boot.extraModulePackages = with config.boot.kernelPackages; [
tp_smapi tp_smapi
acpi_call acpi_call
]; ];
boot.kernelModules = ["tp_smapi" "acpi_call"]; boot.kernelModules = [ "tp_smapi" "acpi_call" ];
environment.systemPackages = [pkgs.tpacpi-bat pkgs.powertop]; environment.systemPackages = [ pkgs.tpacpi-bat ];
services.tlp = { services.tlp = {
enable = true; enable = true;

11
configs/beets.nix Normal file
View File

@@ -0,0 +1,11 @@
{ lib, pkgs, ... }:
{
environment.systemPackages = [ pkgs.beets ];
home-manager.users.me.xdg.configFile = {
"beets/config.yaml".source = (pkgs.formats.yaml {}).generate "config.yaml" {
directory = "~/cloud/syncthing/music";
library = "~/cloud/syncthing/common/music.db";
plugins = toString [ "fetchart" "lastgenre" ];
};
};
}

13
configs/bluetooth.nix
View File

@@ -1,14 +1,11 @@
{pkgs, ...}: { { pkgs, lib, ... }: {
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
settings.general = { settings.General.Enable =
enable = "Source,Sink,Media,Socket"; lib.concatStringsSep "," [ "Source" "Sink" "Media" "Socket" ];
};
}; };
services.blueman.enable = true; environment.systemPackages = [ pkgs.blueman ];
# environment.systemPackages = [pkgs.blueman]; home-manager.users.me = { services.blueman-applet.enable = false; };
home-manager.users.me = {services.blueman-applet.enable = true;};
} }

80
configs/browser.nix
View File

@@ -1,80 +0,0 @@
{
pkgs,
config,
...
}: let
inherit (import ../lib) tmpfilesConfig;
in {
home-manager.users.me = {
programs.firefox = {
enable = true;
profiles = let
defaultSettings = {
"beacon.enabled" = false;
"browser.bookmarks.showMobileBookmarks" = true;
"browser.newtab.preload" = false;
"browser.search.isUS" = false;
"browser.search.region" = "DE";
"browser.send_pings" = false;
"browser.shell.checkDefaultBrowser" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.uidensity" = 1;
"browser.urlbar.placeholderName" = "Search";
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"distribution.searchplugins.defaultLocale" = "de-DE";
"general.smoothScroll" = true;
"identity.fxaccounts.account.device.name" = config.networking.hostName;
"network.cookie.cookieBehavior" = 1;
"privacy.donottrackheader.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.pbmode.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.declinedEngines" = "passwords";
"services.sync.engine.passwords" = false;
"signon.autofillForms" = false;
"signon.rememberSignons" = false;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.cachedClientID" = "";
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
"ui.prefersReducedMotion" = 1;
};
in {
default = {
id = 0;
isDefault = true;
settings = defaultSettings;
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
# ublock-origin
# darkreader
# sponsorblock
# consent-o-matic
# i-dont-care-about-cookies
# # auto-tab-discard TODO what is this
# ];
userChrome = ''
#TabsToolbar {
visibility: collapse !important;
}
'';
};
};
};
};
environment.variables.BROWSER = "firefox";
}

57
configs/bvg.nix Normal file
View File

@@ -0,0 +1,57 @@
{ pkgs, lib, ... }:
let
inherit (import <niveum/lib>) serveHtml;
stations = [
900068204 # A/M
900068302 # KAS
900068203 # B-P
];
fahrplan = pkgs.writeText "fahrplan.html" ''
<!DOCTYPE html>
<title>Fahrplan</title>
<link
rel="icon"
type="image/x-icon"
href="https://mobil.bvg.de/Fahrinfo/img/ua_xhtml/logo.gif"
/>
<style>
body {
margin: 0;
--bvg-yellow: #f0d722;
}
#fahrplan {
display: flex;
height: 100vh;
width: 100%;
flex-direction: row;
}
#fahrplan iframe {
flex-grow: 1;
border: none;
}
#fahrplan iframe + iframe {
border-left: 2px solid var(--bvg-yellow);
}
</style>
<body>
<div id="fahrplan">
${lib.concatMapStrings (station: ''
<iframe scrolling="no" src="https://mobil.bvg.de/Fahrinfo/bin/stboard.bin/dox?ld=0.1&input=${toString station}&boardType=depRT&start=yes"></iframe>
'') stations}
</div>
</body>
'';
in
{
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."bvg.kmein.r" = {
locations."/".extraConfig = serveHtml fahrplan pkgs;
};
}

4
configs/ccc.nix
View File

@@ -1,4 +1,4 @@
{pkgs, ...}: { pkgs, ... }:
# https://paste.sr.ht/~erictapen/11716989e489b600f237041b6d657fdf0ee17b34 # https://paste.sr.ht/~erictapen/11716989e489b600f237041b6d657fdf0ee17b34
let let
certificate = pkgs.stdenv.mkDerivation rec { certificate = pkgs.stdenv.mkDerivation rec {
@@ -7,7 +7,7 @@ let
1,/DST Root CA X3/d 1,/DST Root CA X3/d
1,/-----END CERTIFICATE-----/p 1,/-----END CERTIFICATE-----/p
''; '';
nativeBuildInputs = with pkgs; [cacert gnused]; nativeBuildInputs = with pkgs; [ cacert gnused ];
phases = "installPhase"; phases = "installPhase";
installPhase = '' installPhase = ''
${pkgs.gnused}/bin/sed -n -f $src ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt > $out ${pkgs.gnused}/bin/sed -n -f $src ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt > $out

16
configs/chromium.nix Normal file
View File

@@ -0,0 +1,16 @@
{ pkgs, ... }: {
programs.chromium = {
enable = true;
extensions = [
"nngceckbapebfimnlniiiahkandclblb" # BitWarden
# "ihlenndgcmojhcghmfjfneahoeklbjjh" # cVim
# "fpnmgdkabkmnadcjpehmlllkndpkmiak" # Wayback Machine
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
"khncfooichmfjbepaaaebmommgaepoid" # Remove YouTube Recommended Videos
];
};
environment.systemPackages = [ pkgs.chromium pkgs.brave ];
environment.variables.BROWSER = "brave";
}

7
configs/clipboard.nix
View File

@@ -1,7 +0,0 @@
{
config,
pkgs,
...
}: {
services.clipmenu.enable = true;
}

138
configs/cloud.nix
View File

@@ -1,63 +1,12 @@
{ { config, lib, pkgs, ... }: {
config, system.activationScripts.home-symlinks = ''
lib, ln -sfn ${config.users.users.me.home}/cloud/syncthing/common/mahlzeit ${config.users.users.me.home}/mahlzeit
pkgs, ln -sfn ${config.users.users.me.home}/cloud/Seafile/Wiki ${config.users.users.me.home}/notes
... ln -sfn ${config.users.users.me.home}/cloud/Seafile/Uni ${config.users.users.me.home}/uni
}: let '';
inherit (import ../lib) tmpfilesConfig;
in {
systemd.user.tmpfiles.users.me.rules = map tmpfilesConfig [
{
type = "d";
mode = "0755";
age = "7d";
path = "${config.users.users.me.home}/sync/Downloads";
}
{
type = "d";
mode = "0755";
age = "7d";
path = "${config.users.users.me.home}/cloud/nextcloud/tmp";
}
] ++ map (path: tmpfilesConfig {
type = "L+";
user = config.users.users.me.name;
group = config.users.users.me.group;
mode = "0755";
argument = "${config.users.users.me.home}/sync/${path}";
path = "${config.users.users.me.home}/${path}";
}) [".ssh" ".gnupg" ".pki" ".local/share/aerc"];
services.gnome.gnome-keyring.enable = true;
security.pam.services.lightdm.enableGnomeKeyring = true;
home-manager.users.me = { home-manager.users.me = {
services.nextcloud-client = { services.nextcloud-client.enable = true;
enable = true;
startInBackground = true;
};
};
systemd.user.services.nextcloud-syncer = {
enable = false;
wants = ["network-online.target"];
wantedBy = ["default.target"];
startAt = "*:00/10";
script = let
kieran = {
user = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path;
endpoint = "https://cloud.kmein.de";
target = "${config.users.users.me.home}/notes";
};
in ''
mkdir -p ${lib.escapeShellArg kieran.target}
${pkgs.nextcloud-client}/bin/nextcloudcmd --non-interactive --user ${kieran.user} --password "$(cat ${kieran.passwordFile})" --path /Notes ${lib.escapeShellArg kieran.target} ${kieran.endpoint}
'';
serviceConfig = {
Type = "oneshot";
Restart = "on-failure";
};
}; };
environment.systemPackages = [ environment.systemPackages = [
@@ -65,68 +14,41 @@ in {
set -efu set -efu
book="$({ book="$({
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/syncthing/library -type f ${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/syncthing/library -type f
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/nextcloud/Books -type f ${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/Seafile/Books -type f
} | ${pkgs.fzf}/bin/fzf)" } | ${pkgs.fzf}/bin/fzf)"
exec ${pkgs.zathura}/bin/zathura "$book" ${pkgs.zathura}/bin/zathura "$book"
'') '')
(let
kieran = {
user = "kieran.meinhardt@gmail.com";
passwordFile = config.age.secrets.mega-password.path;
};
megatools = command: ''${pkgs.megatools}/bin/megatools ${command} --username ${lib.escapeShellArg kieran.user} --password "$(cat ${kieran.passwordFile})"'';
in
pkgs.writers.writeDashBin "book-mega" ''
set -efu
selection="$(${megatools "ls"} | ${pkgs.fzf}/bin/fzf)"
test -n "$selection" || exit 1
tmpdir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$tmpdir"
}
(
cd "$tmpdir"
${megatools "get"} "$selection"
exec ${pkgs.zathura}/bin/zathura "$(basename "$selection")"
)
'')
]; ];
age.secrets.mega-password = { fileSystems."/media/moodle" = {
file = ../secrets/mega-password.age; device = "zaatar.r:/moodle";
owner = config.users.users.me.name; fsType = "nfs";
group = config.users.users.me.group; options = [
mode = "400"; "x-systemd.idle-timeout=600"
"noauto"
"x-systemd.automount"
];
}; };
services.syncthing = { services.syncthing = rec {
enable = true; enable = true;
user = "kfm"; user = "kfm";
openDefaultPorts = true; openDefaultPorts = true;
configDir = "/home/kfm/.config/syncthing"; configDir = "/home/kfm/.config/syncthing";
dataDir = "/home/kfm/.config/syncthing"; dataDir = "/home/kfm/.config/syncthing";
cert = config.age.secrets.syncthing-cert.path; cert = toString <system-secrets/syncthing/cert.pem>;
key = config.age.secrets.syncthing-key.path; key = toString <system-secrets/syncthing/key.pem>;
settings = { inherit ((import <niveum/lib>).syncthing) devices;
inherit ((import ../lib).syncthing) devices; folders =
folders = { let cloud-dir = "${config.users.users.me.home}/cloud";
"${config.users.users.me.home}/sync" = { in {
devices = ["kabsa" "manakish" "fatteh"]; "${cloud-dir}/syncthing/common".devices = [ "kabsa" "manakish" ];
label = "sync"; "${cloud-dir}/syncthing/library".devices = [ "kabsa" "manakish" "heym" ];
versioning.type = "trashcan"; "${cloud-dir}/syncthing/mundoiu".devices = [ "kabsa" "manakish" "heym" ];
versioning.params.cleanoutDays = 100; "${cloud-dir}/syncthing/music" = {
}; devices = [ "kabsa" "manakish" "heym" "zaatar" ];
"${config.users.users.me.home}/mobile" = { id = "music";
devices = ["kabsa" "manakish" "fatteh" "kibbeh"];
id = "mobile";
label = "mobile";
versioning.type = "trashcan";
versioning.params.cleanoutDays = 100;
}; };
}; };
};
}; };
} }

8
configs/compton.nix Normal file
View File

@@ -0,0 +1,8 @@
{
services.compton = {
enable = true;
shadow = true;
menuOpacity = 0.9;
shadowOpacity = 0.3;
};
}

37
configs/copyq.nix Normal file
View File

@@ -0,0 +1,37 @@
{ config, pkgs, ... }:
let
copyqConfig = pkgs.writers.writeDash "copyq-config" ''
${pkgs.copyq}/bin/copyq config check_clipboard true
${pkgs.copyq}/bin/copyq config check_selection false
${pkgs.copyq}/bin/copyq config copy_clipboard true
${pkgs.copyq}/bin/copyq config copy_selection false
${pkgs.copyq}/bin/copyq config activate_closes true
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
${pkgs.copyq}/bin/copyq config clipboard_tab \&clipboard
${pkgs.copyq}/bin/copyq config disable_tray false
${pkgs.copyq}/bin/copyq config hide_tabs false
${pkgs.copyq}/bin/copyq config hide_toolbar false
${pkgs.copyq}/bin/copyq config item_popup_interval true
${pkgs.copyq}/bin/copyq config maxitems 1000
${pkgs.copyq}/bin/copyq config move true
${pkgs.copyq}/bin/copyq config text_wrap true
'';
in {
environment.systemPackages = [ pkgs.copyq ];
systemd.user.services.copyq = {
wantedBy = [ "graphical-session.target" ];
environment = {
DISPLAY = ":${toString config.services.xserver.display}";
};
serviceConfig = {
SyslogIdentifier = "copyq";
ExecStart = "${pkgs.copyq}/bin/copyq";
ExecStartPost = copyqConfig;
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
}

299
configs/default.nix
View File

@@ -1,57 +1,39 @@
{ { inputs, pkgs, lib, config, options, ... }:
pkgs, let
lib,
config,
niveumPackages,
unstablePackages,
inputs,
...
}: let
inherit (lib.strings) makeBinPath; inherit (lib.strings) makeBinPath;
inherit (import ../lib) localAddresses kieran remoteDir; inherit (import <niveum/lib>) localAddresses kieran;
defaultApplications = (import ../lib).defaultApplications {inherit pkgs;};
in { in {
imports = [ imports = [
inputs.self.nixosModules.system-dependent ../modules/system-dependent.nix
inputs.self.nixosModules.power-action
{ {
boot.supportedFilesystems = ["ntfs"]; boot.supportedFilesystems = [ "ntfs" ];
}
{
nix.nixPath = [
"/var/src"
];
} }
{ {
nixpkgs = { nixpkgs = {
config = { config = {
allowUnfree = true; allowUnfree = true;
packageOverrides = pkgs: { packageOverrides = pkgs: {
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"''; gfs-fonts = pkgs.callPackage <niveum/packages/gfs-fonts.nix> {};
iolanguage = pkgs.callPackage <niveum/packages/iolanguage.nix> { };
ix = pkgs.callPackage <niveum/packages/ix.nix> { };
}; };
permittedInsecurePackages = [
"qtwebkit-5.212.0-alpha4"
"zotero-6.0.26"
"electron-25.9.0"
];
}; };
overlays = [
(self: super: {
scripts = import <niveum/packages/scripts> { pkgs = super; inherit lib; };
})
];
}; };
} }
{ {
boot.tmp.cleanOnBoot = true; boot.cleanTmpDir = true;
boot.loader.timeout = 1; boot.loader.timeout = 1;
} }
{
age.secrets = {
di-fm-key = {
file = ../secrets/di-fm-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
restic = {
file = ../secrets/restic.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
}
{ {
home-manager.users.me = { home-manager.users.me = {
programs.zathura = { programs.zathura = {
@@ -63,17 +45,6 @@ in {
}; };
}; };
} }
{
environment.systemPackages = [
pkgs.capitaine-cursors
];
stylix.cursor = {
name = "capitaine-cursors-white";
package = pkgs.capitaine-cursors;
size = 12;
};
}
{ {
users.mutableUsers = false; users.mutableUsers = false;
@@ -82,56 +53,101 @@ in {
users.users.me = { users.users.me = {
name = "kfm"; name = "kfm";
description = kieran.name; description = kieran.name;
hashedPasswordFile = config.age.secrets.kfm-password.path; hashedPassword =
"$6$w9hXyGFl/.IZBXk$5OiWzS1G.5hImhh1YQmZiCXYNAJhi3X6Y3uSLupJNYYXPLMsQpx2fwF4Xr2uYzGMV8Foqh8TgUavx1APD9rcb/";
isNormalUser = true; isNormalUser = true;
uid = 1000; uid = 1000;
extraGroups = ["pipewire" "audio"];
};
nix.settings.trusted-users = [ config.users.users.me.name ];
age.secrets = {
kfm-password.file = ../secrets/kfm-password.age;
}; };
home-manager.users.me.xdg.enable = true; home-manager.users.me.xdg.enable = true;
home-manager.users.me.dconf.enable = false;
} }
{ {
environment.interactiveShellInit = "export PATH=$PATH"; sound.enable = true;
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
extraModules = [ pkgs.pulseaudio-modules-bt ];
# copy server:/run/pulse/.config/pulse/cookie to client:~/.config/pulse/cookie to authenticate a client machine
zeroconf.discovery.enable = true;
extraConfig = ''
load-module ${toString [
"module-tunnel-sink-new"
"server=zaatar.r"
"sink_name=zaatar"
"channels=2"
"rate=44100"
]}
'';
};
users.users.me.extraGroups = [ "audio" ];
environment.systemPackages = [ pkgs.pavucontrol pkgs.ncpamixer pkgs.pamixer pkgs.pulsemixer ];
}
{
environment.interactiveShellInit =
"export PATH=$PATH:$HOME/projects/niveum";
environment.shellAliases = let environment.shellAliases = let
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}"; wcd = pkgs.writers.writeDash "wcd" ''
cd "$(readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname)/.."
'';
where = pkgs.writers.writeDash "where" ''
readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname
'';
take = pkgs.writers.writeDash "take" ''
mkdir "$1" && cd "$1"
'';
swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
in { in {
o = "${pkgs.xdg-utils}/bin/xdg-open"; "ß" = "${pkgs.utillinux}/bin/setsid";
cat = "${pkgs.bat}/bin/bat --style=plain";
chromium-incognito =
"chromium --user-data-dir=$(mktemp -d /tmp/chr.XXXXXX) --no-first-run --incognito";
cp = "cp --interactive";
ip = "${pkgs.iproute}/bin/ip -c";
l = "ls --color=auto --time-style=long-iso --almost-all";
ls = "ls --color=auto --time-style=long-iso";
ll = "ls --color=auto --time-style=long-iso -l";
la = "ls --color=auto --time-style=long-iso --almost-all -l";
mv = "mv --interactive";
nixi = "nix repl '<nixpkgs>'";
ns = "nix-shell --run zsh"; ns = "nix-shell --run zsh";
o = "${pkgs.xdg_utils}/bin/xdg-open";
pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in"; pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in";
pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out"; pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out";
rm = "rm --interactive";
s = "${pkgs.systemd}/bin/systemctl";
take = "source ${take}";
tmux = "${pkgs.tmux}/bin/tmux -2"; tmux = "${pkgs.tmux}/bin/tmux -2";
sxiv = swallow "${pkgs.nsxiv}/bin/nsxiv"; sxiv = swallow "${pkgs.sxiv}/bin/sxiv";
zathura = swallow "${pkgs.zathura}/bin/zathura"; zathura = swallow "${pkgs.zathura}/bin/zathura";
yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link us = "${pkgs.systemd}/bin/systemctl --user";
yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -xic"; # Download with audio wcd = "source ${wcd}";
im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
where = "source ${where}";
yt =
"${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -ic"; # Download video link
yta =
"${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -xic"; # Download with audio
}; };
} }
{ i18n.defaultLocale = "en_GB.UTF-8"; }
{ {
i18n = {
defaultLocale = "en_DK.UTF-8";
supportedLocales = ["all"];
};
}
{
services.displayManager = {
autoLogin = {
enable = true;
user = config.users.users.me.name;
};
};
services.xserver = { services.xserver = {
enable = true; enable = true;
displayManager.lightdm = { displayManager = {
enable = true; autoLogin = {
greeters.gtk = {
enable = true; enable = true;
indicators = ["~spacer" "~host" "~spacer" "~session" "~power"]; user = config.users.users.me.name;
};
lightdm = {
enable = true;
greeters.gtk = {
enable = true;
indicators = [ "~spacer" "~host" "~spacer" "~session" "~power" ];
};
}; };
}; };
}; };
@@ -139,34 +155,24 @@ in {
{ {
security.wrappers = { security.wrappers = {
pmount = { pmount = {
setuid = true;
owner = "root"; owner = "root";
group = "root"; group = "users";
source = "${pkgs.pmount}/bin/pmount"; source = "${pkgs.pmount}/bin/pmount";
}; };
pumount = { pumount = {
setuid = true;
owner = "root"; owner = "root";
group = "root"; group = "users";
source = "${pkgs.pmount}/bin/pumount"; source = "${pkgs.pmount}/bin/pumount";
}; };
}; };
} }
{programs.command-not-found.enable = true;} { programs.command-not-found.enable = true; }
{ {
home-manager.users.me = { programs.gnupg.agent.enable = true;
services.gpg-agent = rec {
enable = true;
enableZshIntegration = true;
defaultCacheTtl = 2 * 60 * 60;
maxCacheTtl = 4 * defaultCacheTtl;
pinentryPackage = pkgs.pinentry-rofi;
};
};
environment.systemPackages = [ environment.systemPackages = [
pkgs.gnupg pkgs.gnupg
(pkgs.pass.withExtensions (e: [e.pass-otp e.pass-import e.pass-genphrase])) (pkgs.pass.withExtensions (e: [e.pass-otp]))
]; ];
} }
{ {
@@ -179,127 +185,66 @@ in {
}; };
} }
{ {
networking.hosts = networking.hosts = lib.mapAttrs' (name: address: {
lib.mapAttrs' (name: address: { name = address;
name = address; value = [ "${name}.local" ];
value = ["${name}.local"]; }) localAddresses;
})
localAddresses;
} }
{
home-manager.users.me.home.stateVersion = "22.05";
home-manager.backupFileExtension = "bak";
}
{
systemd.user.services.udiskie = {
after = ["udisks2.service"];
wants = ["udisks2.service"];
wantedBy = ["graphical-session.target"];
serviceConfig = {
ExecStart = "${pkgs.udiskie}/bin/udiskie --verbose --no-config --notify";
};
};
services.udisks2.enable = true;
programs.dconf.enable = true;
home-manager.users.me = {
dconf.enable = true;
dconf.settings = {
# Change the default terminal for Nemo
"org/cinnamon/desktop/applications/terminal".exec = defaultApplications.terminal;
};
};
}
./android.nix
./admin-essentials.nix
./stylix.nix
./alacritty.nix ./alacritty.nix
./backup.nix
./bash.nix ./bash.nix
./beets.nix
./bluetooth.nix ./bluetooth.nix
./aerc.nix
./ccc.nix ./ccc.nix
# ./kleiter.nix
./khal.nix ./khal.nix
./browser.nix ./chromium.nix
./clipboard.nix
./cloud.nix ./cloud.nix
./copyq.nix
./compton.nix
./direnv.nix ./direnv.nix
./docker.nix ./docker.nix
./dunst.nix ./dunst.nix
./flix.nix ./flix.nix
./fonts.nix ./fonts.nix
./fzf.nix ./fzf.nix
./gaslight.nix
./git.nix ./git.nix
./hledger.nix ./hledger.nix
./htop.nix ./htop.nix
./hu-berlin.nix ./hu-berlin.nix
./fu-berlin.nix
./fysi.nix
./i3.nix ./i3.nix
./i3status-rust.nix
./keyboard.nix ./keyboard.nix
./kdeconnect.nix
{home-manager.users.me.home.file.".XCompose".source = ../lib/keyboards/XCompose;}
./lb.nix ./lb.nix
./mpv.nix ./mpv.nix
./mime.nix ./mime.nix
./nano.nix
./neovim.nix ./neovim.nix
./neomutt.nix
./nix.nix ./nix.nix
./newsboat.nix ./newsboat.nix
./flameshot.nix ./flameshot-once.nix
./packages.nix ./packages
./picom.nix ./power-action.nix
./stardict.nix
./polkit.nix
./printing.nix ./printing.nix
./openweathermap.nix
./wallpaper.nix
./redshift.nix ./redshift.nix
./retiolum.nix ./retiolum.nix
./rofi.nix ./rofi.nix
./spacetime.nix ./spacetime.nix
./seafile.nix
./ssh.nix ./ssh.nix
./sshd.nix ./sshd.nix
./sound.nix
./sudo.nix ./sudo.nix
./sxiv.nix
./theming.nix
./tmux.nix ./tmux.nix
# ./tor.nix
./traadfri.nix
./unclutter.nix ./unclutter.nix
./version.nix
./vscode.nix ./vscode.nix
./watson.nix ./watson.nix
./wallpaper.nix
./zsh.nix ./zsh.nix
./tor.nix
./stw-berlin.nix
./mastodon-bot.nix
{
fileSystems."${remoteDir}/fritz" = {
device = "//192.168.178.1/FRITZ.NAS/Backup";
fsType = "cifs";
options = [
"username=ftpuser"
"password=ftppassword"
"noauto"
"nounix"
"rw"
# "noserverino" # ref https://askubuntu.com/a/1265165
"uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
};
}
{
home-manager.users.me = {
xdg.userDirs = rec {
enable = true;
documents = "${config.users.users.me.home}/cloud/nextcloud/Documents";
desktop = "/tmp";
download = "${config.users.users.me.home}/sync/Downloads";
music = "${config.users.users.me.home}/mobile/audio";
pictures = "${config.users.users.me.home}/cloud/nextcloud/Bilder";
publicShare = "${config.users.users.me.home}/cloud/nextcloud/tmp";
videos = pictures;
};
};
}
]; ];
} }

23
configs/direnv.nix
View File

@@ -1,4 +1,5 @@
{pkgs, ...}: let { pkgs, ... }:
let
nixify = pkgs.writers.writeDashBin "nixify" '' nixify = pkgs.writers.writeDashBin "nixify" ''
set -efuC set -efuC
@@ -10,25 +11,25 @@
cat > shell.nix <<'EOF' cat > shell.nix <<'EOF'
{ pkgs ? import <nixpkgs> {} }: { pkgs ? import <nixpkgs> {} }:
pkgs.mkShell { pkgs.mkShell {
packages = []; buildInputs = [];
} }
EOF EOF
''${EDITOR:-vim} shell.nix ''${EDITOR:-vim} shell.nix
fi fi
''; '';
in { in {
environment.systemPackages = [pkgs.direnv nixify]; environment.systemPackages = [ pkgs.direnv nixify ];
home-manager.users.me.programs.direnv = { home-manager.users.me.programs.direnv = {
enable = true; enable = true;
stdlib = builtins.readFile "${ stdlib = builtins.readFile ("${
pkgs.fetchFromGitHub { pkgs.fetchFromGitHub {
owner = "Mic92"; owner = "Mic92";
repo = "dotfiles"; repo = "dotfiles";
rev = "a0a9b7e358fa70a85cd468f8ca1fbb02ae0a91df"; rev = "a0a9b7e358fa70a85cd468f8ca1fbb02ae0a91df";
sha256 = "1y9h5s1lf59sczsm0ksq2x1yhl98ba9lwk5yil3q53rg7n4574pg"; sha256 = "1y9h5s1lf59sczsm0ksq2x1yhl98ba9lwk5yil3q53rg7n4574pg";
} }
}/home/.direnvrc"; }/home/.direnvrc");
}; };
programs.zsh.interactiveShellInit = '' programs.zsh.interactiveShellInit = ''

15
configs/distrobump.nix
View File

@@ -1,15 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
(import <stockholm/makefu/3modules/bump-distrowatch.nix> {
inherit lib config;
pkgs = pkgs // {writeDash = pkgs.writers.writeDash;};
})
];
makefu.distrobump.enable = false;
}

10
configs/docker.nix
View File

@@ -1,8 +1,4 @@
{ { lib, pkgs, ... }: {
lib,
pkgs,
...
}: {
virtualisation.docker = { virtualisation.docker = {
enable = true; enable = true;
# for ICE wifi, ref https://gist.github.com/sunsided/7840e89ff4e11b64a2d7503fafa0290c # for ICE wifi, ref https://gist.github.com/sunsided/7840e89ff4e11b64a2d7503fafa0290c
@@ -11,6 +7,6 @@
"--fixed-cidr=172.39.1.0/25" "--fixed-cidr=172.39.1.0/25"
]; ];
}; };
users.users.me.extraGroups = ["docker"]; users.users.me.extraGroups = [ "docker" ];
environment.systemPackages = [pkgs.docker pkgs.docker-compose]; environment.systemPackages = [ pkgs.docker pkgs.docker_compose ];
} }

38
configs/dunst.nix
View File

@@ -1,34 +1,23 @@
{ { config, pkgs, ... }:
config, let
pkgs, inherit (import <niveum/lib>) defaultApplications colours theme;
...
}: let
inherit (import ../lib) defaultApplications theme;
sgr = code: string: ''\u001b[${code}m${string}\u001b[0m'';
in { in {
environment.systemPackages = [
(pkgs.writers.writeDashBin "notifications" ''
${pkgs.dunst}/bin/dunstctl history \
| ${pkgs.jq}/bin/jq -r '
.data[]
| map("${sgr "90" ''\(.appname.data)''} ${sgr "1" ''\(.summary.data)''} ${sgr "31" ''\(.body.data | gsub("\n"; " | "))''}")
| join("\n")'
'')
];
home-manager.users.me.services.dunst = { home-manager.users.me.services.dunst = {
enable = true; enable = true;
iconTheme = (theme pkgs).icon; iconTheme = (theme pkgs).icon;
settings = { settings = {
global = { global = {
transparency = 10; transparency = 10;
font = "Monospace 8";
geometry = "200x5-30+20"; geometry = "200x5-30+20";
frame_color = colours.foreground;
follow = "mouse"; follow = "mouse";
indicate_hidden = true; indicate_hidden = true;
notification_height = 0; notification_height = 0;
separator_height = 2; separator_height = 2;
padding = 8; padding = 8;
horizontal_padding = 8; horizontal_padding = 8;
separator_color = "auto";
sort = true; sort = true;
markup = "full"; markup = "full";
format = "%a\\n<b>%s</b>\\n%b"; format = "%a\\n<b>%s</b>\\n%b";
@@ -51,13 +40,22 @@ in {
mouse_right_click = "close_current"; mouse_right_click = "close_current";
mouse_middle_click = "close_all"; mouse_middle_click = "close_all";
}; };
urgency_low = { urgency_low = rec {
frame_color = background;
background = colours.foreground;
foreground = colours.background;
timeout = 5; timeout = 5;
}; };
urgency_normal = { urgency_normal = rec {
frame_color = background;
background = colours.foreground;
foreground = colours.background;
timeout = 10; timeout = 10;
}; };
urgency_critical = { urgency_critical = rec {
frame_color = background;
background = colours.red.dark;
foreground = colours.background;
timeout = 0; timeout = 0;
}; };
}; };

24
configs/flameshot-once.nix Normal file
View File

@@ -0,0 +1,24 @@
{ lib, pkgs, ... }:
let
inherit (import <niveum/lib>) defaultApplications;
flameshot-once = pkgs.callPackage <stockholm/krebs/5pkgs/simple/flameshot-once> {};
in {
nixpkgs.overlays = [
(self: super: {
write =
super.callPackage <stockholm/krebs/5pkgs/simple/xwaitforwindow.nix> { };
})
];
environment.systemPackages = [
(flameshot-once.override {
config.imgur = {
enable = true;
createUrl = "http://p.r/image";
deleteUrl = "http://p.r/image/delete/%1";
xdg-open.browser = (defaultApplications pkgs).browser;
};
config.timeout = 1000;
})
];
}

23
configs/flameshot.nix
View File

@@ -1,23 +0,0 @@
{
lib,
pkgs,
...
}: {
home-manager.users.me = {
services.flameshot = {
enable = true;
settings.General = {
autoCloseIdleDaemon = true;
drawColor = "#ff0000";
drawThickness = 2;
checkForUpdates = false;
showDesktopNotification = true;
disabledTrayIcon = true;
showHelp = false;
squareMagnifier = true;
uploadWithoutConfirmation = true;
buttons = ''@Variant(\0\0\0\x7f\0\0\0\vQList<int>\0\0\0\0\x10\0\0\0\x2\0\0\0\x5\0\0\0\x13\0\0\0\xa\0\0\0\x1\0\0\0\xc\0\0\0\xd\0\0\0\x6\0\0\0\x8\0\0\0\0\0\0\0\xf\0\0\0\x4\0\0\0\xb\0\0\0\x3\0\0\0\x12\0\0\0\x9)'';
};
};
};
}

47
configs/flix.nix
View File

@@ -1,19 +1,14 @@
{ { config, pkgs, ... }:
config, let
pkgs,
...
}: let
flixLocation = "/media/flix"; flixLocation = "/media/flix";
flixLocationNew = "/media/flix-new";
cacheLocation = "/var/cache/flix"; cacheLocation = "/var/cache/flix";
indexFilename = "index"; indexFilename = "index";
indexFilenameNew = "index-new";
flixUser = "flix"; flixUser = "flix";
flixGroup = "users"; flixGroup = "users";
inherit (import ../lib) tmpfilesConfig; inherit (import <niveum/lib>) tmpfilesConfig;
in { in {
fileSystems.${flixLocation} = { fileSystems.${flixLocation} = {
device = "prism.r:/export/download"; device = "prism.r:/export";
fsType = "nfs"; fsType = "nfs";
options = [ options = [
"noauto" "noauto"
@@ -23,25 +18,12 @@ in {
"x-systemd.device-timeout=1" "x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min" "x-systemd.idle-timeout=1min"
"x-systemd.requires=tinc.retiolum.service" "x-systemd.requires=tinc.retiolum.service"
"x-systemd.requires=wpa_supplicant.service"
"user" "user"
"_netdev" "_netdev"
]; ];
}; };
fileSystems.${flixLocationNew} = {
device = "//yellow.r/public";
fsType = "cifs";
options = [
"guest"
"nofail"
"noauto"
"ro"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
};
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
(tmpfilesConfig { (tmpfilesConfig {
type = "d"; type = "d";
@@ -54,11 +36,8 @@ in {
systemd.services.flix-index = { systemd.services.flix-index = {
description = "Flix indexing service"; description = "Flix indexing service";
wants = ["network-online.target"]; wants = [ "network-online.target" ];
script = '' script = "cp ${flixLocation}/download/index ./${indexFilename}";
cp ${flixLocation}/index ./${indexFilename}
cp ${flixLocationNew}/index ./${indexFilenameNew}
'';
startAt = "hourly"; startAt = "hourly";
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
@@ -88,11 +67,13 @@ in {
'') '')
(pkgs.writers.writeDashBin "flixmenu" '' (pkgs.writers.writeDashBin "flixmenu" ''
set -efu set -efu
( cd "${flixLocation}/download"
${pkgs.gnused}/bin/sed 's#^\.#${flixLocation}#' ${cacheLocation}/${indexFilename}
${pkgs.gnused}/bin/sed 's#^\.#${flixLocationNew}#' ${cacheLocation}/${indexFilenameNew} [ -f "${cacheLocation}/${indexFilename}" ] || exit 1
) | ${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.util-linux}/bin/setsid ${pkgs.xdg-utils}/bin/xdg-open '{}' ${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" < ${cacheLocation}/${indexFilename} \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.utillinux}/bin/setsid ${pkgs.xdg_utils}/bin/xdg-open '{}'
'') '')
]; ];
} }

148
configs/fonts.nix
View File

@@ -1,145 +1,41 @@
{ { pkgs, ... }: {
pkgs, nixpkgs.config.joypixels.acceptLicense = true;
niveumPackages,
...
}: let
zip-font = name: arguments: let
directory = pkgs.fetchzip arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/{truetype,opentype,woff}
${pkgs.findutils}/bin/find ${directory} -name '*.ttf' -exec install '{}' $out/share/fonts/truetype \;
${pkgs.findutils}/bin/find ${directory} -name '*.otf' -exec install '{}' $out/share/fonts/opentype \;
${pkgs.findutils}/bin/find ${directory} -name '*.woff' -exec install '{}' $out/share/fonts/woff \;
'';
simple-ttf = name: arguments: let
file = pkgs.fetchurl arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/truetype
install ${file} $out/share/fonts/truetype
'';
egyptianHiero = zip-font "EgyptianHiero" {
url = "https://github.com/MKilani/Djehuty/archive/master.zip";
sha256 = "sha256-KbY4vedm757NWfDlgmNhslbZd+2Vs+o5PjtMMGDt61Y=";
};
brill = zip-font "Brill" {
url = "https://brill.com/fileasset/The_Brill_Typeface_Package_v_4_0.zip";
stripRoot = false;
hash = "sha256-ugmEIkeBzD/4C9wkVfbctEtnzI8Kw+YD6KGcbk4BAf4=";
};
antinoou = zip-font "Antinoou" {
url = "https://www.evertype.com/fonts/coptic/AntinoouFont.zip";
sha256 = "0jwihj08n4yrshcx07dnaml2x9yws6dgyjkvg19jqbz17drbp3sw";
stripRoot = false;
};
newGardiner = zip-font "NewGardiner" {
url = "https://mjn.host.cs.st-andrews.ac.uk/egyptian/fonts/NewGardiner.zip";
hash = "sha256-nP0y4ILt+0mlkDRdCNSeO2Gequ8wyix/qQdmujTNw3Y=";
stripRoot = false;
};
newAthenaUnicode = zip-font "NewAthenaUnicode" {
url = "https://classicalstudies.org/sites/default/files/userfiles/files/NAU5_005.zip";
sha256 = "1g7qk9gl4nq2dz41bvck1nzilhin44j8691cxax3dlp77bbn9bxr";
};
jsesh = simple-ttf "JSesh" {
url = "http://files.qenherkhopeshef.org/jsesh/JSeshFont.ttf";
sha256 = "1203jrk2xzvgckcc5hx88kja1i3h8gm1wiyla5j6gspc0hbv56ry";
};
egyptianTextBeta = simple-ttf "EgyptianText-1.0beta" {
url = "http://c.krebsco.de/EgyptianText-v1.0-beta.ttf";
sha256 = "0cfjbk7xxnxhlp6v922psm5j1xzrv6wfk226ji2wz2yfrnkbcbsv";
};
coranica = simple-ttf "Coranica" {
url = "https://corpuscoranicum.de/fonts/coranica_1164.ttf";
sha256 = "0igi8q8b2p38x9jq8c98afsl7bf8rj32zj2052yyjgj9r88y4yi5";
};
koineGreek = simple-ttf "KoineGreek.ttf" {
url = "https://github.com/Center-for-New-Testament-Restoration/font/raw/af83eed50105344edaa5e5eddaf87696e271468c/KoineGreek.ttf";
hash = "sha256-YtC+nj7+Jl8k00rqAAqySYc8iTAOL7PixXc+LfSmnS0=";
};
egyptianText = simple-ttf "EgyptianText" {
url = "https://github.com/microsoft/font-tools/raw/1092cb23520967830001a0807eb21d6a44dda522/EgyptianOpenType/font/eot.ttf";
sha256 = "1n294vhcx90270pnsw1dbk6izd61fjvbnjrh4hcf98ff3s540x0c";
};
in {
fonts = { fonts = {
enableDefaultPackages = true; enableDefaultFonts = true;
fontDir.enable = true; fontDir.enable = true;
packages = with pkgs; [ fonts = with pkgs; [
alegreya alegreya
alegreya-sans alegreya-sans
amiri
annapurna-sil
antinoou
cantarell-fonts
cardo
charis-sil
doulos-sil
newAthenaUnicode
coranica
corefonts corefonts
crimson
eb-garamond eb-garamond
ipaexfont
jsesh
egyptianHiero
egyptianText
egyptianTextBeta
font-awesome_6
etBook
newGardiner
junicode
koineGreek
brill
ezra-sil
fira fira
font-awesome font-awesome-ttf
galatia-sil
gentium
# niveumPackages.gfs-fonts
gyre-fonts
ibm-plex ibm-plex
jetbrains-mono inconsolata
libertinus iosevka
libre-bodoni libertine
lmodern lmodern
merriweather
ocr-a
roboto
roboto-mono
noto-fonts noto-fonts
noto-fonts-cjk noto-fonts-cjk
noto-fonts-emoji noto-fonts-emoji
roboto
roboto-mono
roboto-slab roboto-slab
scheherazade-new
source-code-pro source-code-pro
source-sans-pro
source-serif-pro source-serif-pro
theano source-sans-pro
niveumPackages.tocharian-font ubuntu_font_family
vistafonts gfs-fonts
vollkorn jetbrains-mono
zilla-slab twemoji-color-font
]; # google-fonts league-of-moveable-type joypixels
fontconfig.defaultFonts = rec { ];
monospace = ["Noto Sans Mono"] ++ emoji; fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Naskh Arabic" "Noto Serif Devanagari"]; monospace = [ "JetBrains Mono" "JoyPixels" ];
sansSerif = ["Noto Sans Display" "Noto Naskh Arabic" "Noto Sans Hebrew" "Noto Sans Devanagari" "Noto Sans CJK JP" "Noto Sans Coptic"]; serif = [ "Roboto Slab" ];
emoji = ["Noto Color Emoji"]; sansSerif = [ "Roboto" "Noto Sans" ];
emoji = [ "JoyPixels" ];
}; };
# xelatex fails with woff files
# ref https://tex.stackexchange.com/questions/392144/xelatex-and-fontspec-crash-trying-to-find-woff-file-for-some-fonts-but-not-other
fontconfig.localConf = ''
<fontconfig>
<!-- Reject WOFF fonts We don't register WOFF(2) fonts with fontconfig because of the W3C spec -->
<selectfont>
<rejectfont>
<glob>*.woff*</glob>
</rejectfont>
</selectfont>
</fontconfig>
'';
}; };
} }

141
configs/fu-berlin.nix
View File

@@ -1,141 +0,0 @@
{
config,
pkgs,
lib,
...
}: let
username = "meinhak99";
inherit (import ../lib/email.nix) defaults pronouns;
inherit (import ../lib) remoteDir;
fu-defaults = rec {
imap.host = "mail.zedat.fu-berlin.de";
imap.port = 993;
imap.tls.enable = true;
smtp.host = imap.host;
smtp.port = 465;
smtp.tls.enable = true;
folders.drafts = "Entwürfe";
folders.sent = "Gesendet";
folders.trash = "Papierkorb";
};
in {
home-manager.users.me = {
programs.ssh = {
matchBlocks = {
fu-berlin = {
user = username;
hostname = "login.zedat.fu-berlin.de";
setEnv.TERM = "xterm";
};
};
};
accounts.email.accounts = {
fu-student =
lib.recursiveUpdate defaults
(lib.recursiveUpdate fu-defaults
rec {
userName = "meinhak99";
address = "kieran.meinhardt@fu-berlin.de";
aliases = ["${userName}@fu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhak99.path}";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
${defaults.realName}
${pronouns}
---
Studentische Hilfskraft / ZODIAC
Freie Universität Berlin
Telefon: +49 30 838 58118
Arnimallee 10, Raum 106, 14195 Berlin
'';
};
himalaya = {
enable = true;
settings.backend = "imap";
};
});
};
};
age.secrets = {
email-password-meinhak99 = {
file = ../secrets/email-password-meinhak99.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
fu-sftp-key = {
file = ../secrets/fu-sftp-key.age;
owner = "root";
group = "root";
mode = "400";
};
};
# if it fails with "connection reset by peer" run `sudo sshfs ... ... -o ...` manually
# it needs to say 'yes' to the server's fingerprint
system.fsPackages = [ pkgs.sshfs ];
# https://www.zedat.fu-berlin.de/tip4u_157.pdf
fileSystems = let
fu-berlin-cifs-options = [
"uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}"
"rw"
"nounix"
"domain=fu-berlin"
"noauto"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
firstCharacter = lib.strings.substring 0 1;
home-directory-mount = user: {
"${remoteDir}/fu/${user}/home" = {
device = "${user}@login.zedat.fu-berlin.de:/home/${firstCharacter user}/${user}";
fsType = "sshfs";
options = [
"allow_other"
"_netdev"
"x-systemd.automount"
"reconnect"
"ServerAliveInterval=15"
"IdentityFile=${config.age.secrets.fu-sftp-key.path}"
];
};
};
in {
"${remoteDir}/fu/zodiac" = {
device = "//trove.storage.fu-berlin.de/GESCHKULT";
fsType = "cifs";
options =
fu-berlin-cifs-options
++ [
"credentials=${config.age.secrets.cifs-credentials-zodiac.path}"
];
};
} // home-directory-mount "meinhak99"
// home-directory-mount "xm7234fu";
age.secrets = {
cifs-credentials-zodiac.file = ../secrets/cifs-credentials-zodiac.age;
};
systemd.services.fu-vpn = {
enable = true;
wants = ["network-online.target"];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhak99.path}";
script = ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then
cat "$CREDENTIALS_DIRECTORY/password" | ${pkgs.openconnect}/bin/openconnect vpn.fu-berlin.de --user ${username} --passwd-on-stdin
fi
'';
};
}

55
configs/fysi.nix
View File

@@ -1,55 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
inherit (import ../lib/email.nix) defaults;
sshIdentity = name: "${config.users.users.me.home}/.ssh/${name}";
in {
age.secrets = {
email-password-fysi = {
file = ../secrets/email-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
accounts.email.accounts = {
fysi =
lib.recursiveUpdate defaults
rec {
address = "kieran@fysi.tech";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-fysi.path}";
flavor = "fastmail.com";
};
};
programs.ssh.matchBlocks = rec {
"nextcloud.fysi.dev" = {
hostname = "116.203.82.203";
user = "root";
};
"lingua.miaengiadina.ch" = {
hostname = "135.181.85.233";
user = "root";
};
"cms-dev.woc2023.app".identityFile = sshIdentity "fysiweb";
"cms-master.woc2023.app".identityFile = sshIdentity "fysiweb";
"fysi-dev1" = {
hostname = "94.130.229.139";
user = "root";
identityFile = sshIdentity "fysiweb";
};
${fysi-dev1.hostname} = fysi-dev1;
"fysi-shared0" = {
hostname = "49.12.205.235";
user = "root";
identityFile = sshIdentity "fysiweb";
};
};
};
}

42
configs/fzf.nix
View File

@@ -1,22 +1,32 @@
{pkgs, ...}: { { pkgs, lib, ... }: {
programs.fzf = { environment = {
fuzzyCompletion = true; systemPackages = [ pkgs.fzf ];
keybindings = true; variables = {
}; FZF_DEFAULT_OPTS =
lib.escapeShellArgs [ "--height=40%" "--layout=reverse" ];
home-manager.users.me = { FZF_ALT_C_COMMAND = "${pkgs.fd}/bin/fd --type d";
programs.fzf = rec { FZF_ALT_C_OPTS = lib.escapeShellArgs [
enable = true; "--preview='${pkgs.tree}/bin/tree -L 1 \"{}\"'"
defaultCommand = "${pkgs.fd}/bin/fd --type f --strip-cwd-prefix --follow --no-ignore-vcs --exclude .git";
defaultOptions = ["--height=40%"];
changeDirWidgetCommand = "${pkgs.fd}/bin/fd --type d";
changeDirWidgetOptions = [
"--preview='${pkgs.tree}/bin/tree -L 1 {}'"
"--bind=space:toggle-preview" "--bind=space:toggle-preview"
"--preview-window=hidden" "--preview-window=hidden"
]; ];
fileWidgetCommand = defaultCommand; FZF_CTRL_T_COMMAND = "${pkgs.fd}/bin/fd --type f";
fileWidgetOptions = ["--preview='head -$LINES {}'"]; FZF_CTRL_T_OPTS =
lib.escapeShellArgs [ "--preview='${pkgs.bat}/bin/bat \"{}\"'" ];
}; };
}; };
programs.zsh.interactiveShellInit = ''
if [[ $options[zle] = on ]]; then
. ${pkgs.fzf}/share/fzf/completion.zsh
. ${pkgs.fzf}/share/fzf/key-bindings.zsh
fi
'';
programs.bash.interactiveShellInit = ''
if [[ :$SHELLOPTS: =~ :(vi|emacs): ]]; then
. ${pkgs.fzf}/share/fzf/completion.bash
. ${pkgs.fzf}/share/fzf/key-bindings.bash
fi
'';
} }

6
systems/zaatar/gaslight.nix → configs/gaslight.nix
View File

@@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writers.writeDashBin "gaslight-stream" '' (pkgs.writers.writeDashBin "gaslight-stream" ''
${pkgs.ffmpeg}/bin/ffmpeg -r 14 -s 640x480 -f video4linux2 -i /dev/video0 -f alsa -i default -c:v libx264 -preset ultrafast -c:a aac -f avi - ${pkgs.ffmpeg}/bin/ffmpeg -r 14 -s 640x480 -f video4linux2 -i /dev/video0 -f alsa -i default -c:v libx264 -preset ultrafast -c:a aac -f avi -
@@ -15,9 +16,10 @@
'') '')
]; ];
} }
/* /*
ssh machine gaslight-stream | mpv - ssh machine gaslight-stream | mpv -
ssh machine gaslight-say "blablabla" ssh machine gaslight-say "blablabla"
*/
*/

88
configs/git.nix
View File

@@ -1,23 +1,20 @@
{ pkgs, config, lib, ... }:
let
inherit (import <niveum/lib>) kieran ignorePaths;
in
{ {
pkgs,
inputs,
...
}: let
inherit (import ../lib) kieran ignorePaths;
in {
environment.systemPackages = [ environment.systemPackages = [
pkgs.mr pkgs.mr
pkgs.gitFull pkgs.git
pkgs.git-crypt pkgs.gitAndTools.gitflow
pkgs.gitflow pkgs.gitAndTools.hub
pkgs.gh pkgs.gitAndTools.gh
pkgs.git-extras pkgs.gitAndTools.git-extras
# pkgs.git-trim pkgs.gitAndTools.git-trim
pkgs.git-absorb
pkgs.gitstats pkgs.gitstats
pkgs.patch pkgs.patch
pkgs.patchutils pkgs.patchutils
inputs.self.packages.${pkgs.system}.git-preview pkgs.git-preview
]; ];
environment.shellAliases = { environment.shellAliases = {
@@ -26,9 +23,40 @@ in {
}; };
home-manager.users.me = { home-manager.users.me = {
home.file.".mrconfig".text = let
prependPath = prefix:
lib.attrsets.mapAttrs'
(path: lib.attrsets.nameValuePair "${prefix}/${path}");
git = url: { checkout = "git clone ${url}"; };
github = owner: repo: git "git@github.com:${owner}/${repo}";
keybase = owner: repo: git "keybase://private/${owner}/${repo}";
in lib.generators.toINI { } ({
DEFAULT = { git_gc = ''git gc "$@"''; };
} // prependPath "projects" {
"menstruation.rs" = github "kmein" "menstruation.rs";
brockman = github "kmein" "brockman";
challenges = github "kmein" "challenges";
conlangs = github "kmein" "conlangs";
ledger = keybase "kmein" "ledger";
mahlzeit = github "kmein" "mahlzeit";
menstruation-telegram = github "kmein" "menstruation-telegram";
meteora = github "kmein" "meteora";
modernizr = github "kmein" "modernizr";
niveum = github "kmein" "niveum";
nixpkgs = github "NixOS" "nixpkgs";
poetry = github "kmein" "poetry";
quotes = github "kmein" "quotes";
sphinx = github "kmein" "sphinx";
stockholm = git "https://cgit.krebsco.de/stockholm";
telebots = github "kmein" "telebots";
traadfri = github "kmein" "traadfri";
wissen = github "kmein" "wissen";
zen = github "kmein" "zen";
});
programs.git = { programs.git = {
enable = true; enable = true;
package = pkgs.gitFull; package = pkgs.gitAndTools.gitFull;
userName = kieran.name; userName = kieran.name;
userEmail = kieran.email; userEmail = kieran.email;
aliases = { aliases = {
@@ -42,21 +70,33 @@ in {
diffs = "diff --staged"; diffs = "diff --staged";
last = "log -1 HEAD"; last = "log -1 HEAD";
logs = "log --pretty=oneline"; logs = "log --pretty=oneline";
graph = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all"; graph =
"log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
}; };
ignores = ignorePaths; ignores = ignorePaths;
extraConfig = { extraConfig = {
pull.ff = "only"; pull.ff = "only";
rebase.autoStash = true; rebase.autoStash = true;
merge.autoStash = true; merge.autoStash = true;
push.autoSetupRemote = true; core.pager =
"${pkgs.gitAndTools.diff-so-fancy}/bin/diff-so-fancy | ${pkgs.less}/bin/less --tabs=4 -RFX";
# # ref https://github.com/dandavison/delta color = {
# core.pager = "${pkgs.delta}/bin/delta"; ui = true;
# interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only"; diff = {
# delta.navigate = true; meta = "11";
# merge.conflictStyle = "diff3"; frag = "magenta bold";
# diff.colorMoved = "default"; commit = "yellow bold";
old = "red bold";
new = "green bold";
whitespace = "red reverse";
};
diff-highlight = {
oldNormal = "red bold";
oldHighlight = "red bold 52";
newNormal = "green bold";
newHighlight = "green bold 22";
};
};
}; };
}; };
}; };

13
configs/gitea.nix Normal file
View File

@@ -0,0 +1,13 @@
{
services.gitea = {
enable = true;
disableRegistration = true;
rootUrl = "https://code.kmein.de";
appName = "code.kmein.de";
};
services.nginx.virtualHosts."code.kmein.de" = {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = "proxy_pass http://localhost:3000;";
};
}

5
configs/gnome.nix
View File

@@ -1,5 +0,0 @@
{
services.xserver.enable = true;
services.xserver.displayManager.lightdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
}

61
configs/hass/default.nix Normal file
View File

@@ -0,0 +1,61 @@
{ config, pkgs, lib, ... }:
let
inherit (import ./lib.nix) triggers;
inherit (import <niveum/lib>) localAddresses;
in
{
imports = [
./zigbee.nix
./frontend.nix
];
services.home-assistant = {
enable = true;
configWritable = true;
lovelaceConfigWritable = true;
openFirewall = true;
config = {
homeassistant = {
name = "Toum";
latitude = config.location.latitude;
longitude = config.location.longitude;
elevation = 90; # TODO find out how high I live
unit_system = "metric";
time_zone = config.time.timeZone;
};
config = {};
discovery = {};
system_health = {};
history = {};
# tradfri.host = localAddresses.tradfri; # dont use until python3Packages.pytradfri is packaged
sun = {};
mobile_app = {};
shopping_list = {};
sensor = [
{
platform = "dwd_weather_warnings";
region_name = "Berlin";
}
];
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "albrecht";
password = lib.strings.fileContents <system-secrets/mosquitto>;
keepalive = 60;
protocol = "3.1";
discovery = true;
birth_message = {
topic = "/hass/status";
payload = "online";
};
will_message = {
topic = "/hass/status";
payload = "offline";
};
};
};
};
}

37
configs/hass/frontend.nix Normal file
View File

@@ -0,0 +1,37 @@
let
inherit (import ./lib.nix) triggers;
in
{
services.home-assistant.config = {
frontend = {
themes = {
day_theme = import ./themes/clear.nix;
night_theme = import ./themes/clear-dark.nix;
};
};
automation = [
{
alias = "Night Theme";
hide_entity = true;
trigger = triggers.night;
action = [
{
service = "frontend.set_theme";
data.name = "night_theme";
}
];
}
{
alias = "Day Theme";
hide_entity = true;
trigger = triggers.day;
action = [
{
service = "frontend.set_theme";
data.name = "day_theme";
}
];
}
];
};
}

16
configs/hass/lib.nix Normal file
View File

@@ -0,0 +1,16 @@
{
triggers = {
night = {
platform = "numeric_state";
entity_id = "sun.sun";
value_template = "{{ state.attributes.elevation }}";
below = -4.0;
};
day = {
platform = "numeric_state";
entity_id = "sun.sun";
value_template = "{{ state.attributes.elevation }}";
above = 0;
};
};
}

72
configs/hass/themes/clear-dark.nix Normal file
View File

@@ -0,0 +1,72 @@
rec {
# Colors
text-color = "#DADADB"; # Grey text
text-medium-light-color = "#A0A2A8"; # Medium-light grey text
text-medium-color = "#80828A"; # Medium grey text
text-dark-color = "#6A6B74"; # Dark grey text
accent-color = "#008bef"; # Blue
accent-medium-color = "#2484C9"; # Decent blue
background-color = "#3b4049"; # Dark grey background
background-color-2 = "#484E59"; # Light grey background
background-card-color = "#434952"; # Grey background
border-color = "#383C46"; # Grey border
# Header
app-header-background-color = "#363941"; # Background color
# Text
primary-color = text-color;
text-primary-color = text-color;
# Left Menu
paper-listbox-background-color = background-color; # Background
sidebar-icon-color = text-medium-color; # icons
sidebar-selected-icon-color = text-medium-light-color; # Selected row icon and background (15%)
sidebar-selected-text-color = text-color; # Selected row label
# UI
paper-card-header-color = text-color; # Title in settings
primary-background-color = background-color; # Background (also title background in left menu)
mdc-theme-primary = accent-medium-color; # Action Buttons (save, restart etc.)
card-background-color = background-card-color; # Entity Registry Background
# Card
paper-card-background-color = background-card-color; # Background
dark-primary-color = text-color;
primary-text-color = text-color;
paper-listbox-color = text-color;
light-primary-color = text-dark-color;
secondary-text-color = text-medium-color;
disabled-text-color = text-dark-color;
paper-dialog-button-color = text-color;
secondary-background-color = background-color-2; # Background more info title
# Icons
paper-item-icon-color = text-dark-color; # Off
paper-item-icon-active-color = accent-color; # On
# Switches
switch-checked-button-color = text-medium-light-color; # Knob On
switch-unchecked-button-color = text-medium-light-color; # Knob Off
switch-checked-track-color = "#009FFF"; # Background On
switch-unchecked-track-color = "#767682"; # Background Off
# Slider
paper-slider-active-color = accent-color; # Line On
paper-slider-knob-color = text-medium-light-color; # Knob On
paper-slider-container-color = text-dark-color; # Line Off
paper-slider-knob-start-color = text-medium-light-color; # Knob Off
# Badges
label-badge-text-color = text-color;
label-badge-background-color = "rgba(54, 57, 65, 0.6)";
# Shadows
ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
# HACS
hacs-badge-color = accent-color; # New Badge
hacs-status-installed = text-color; # Installed Icon
hacs-status-pending-restart = text-dark-color; # Restart Icon
hacs-status-pending-update = accent-color;
}

52
configs/hass/themes/clear.nix Normal file
View File

@@ -0,0 +1,52 @@
rec {
text-color = "#636B75"; # Grey text
text-medium-color = "#8c96a5"; # Medium grey text
text-light-color = "#BAC0C6"; # Light grey text
accent-color = "#00a1ff"; # Blue
background-color = "#F7F8F9"; # Light grey background
background-color-2 = "#F4F5F6"; # Light grey background
background-card-color = "rgba(255,255,255,1.0)"; # White background
border-color = "#E8E8E8"; # Light grey border
# Header
primary-color = text-color; # Background
text-primary-color = "#FFF"; # Text
# Left Menu
paper-listbox-background-color = background-color; # Background
# TODO = Text and Icons
# UI
paper-card-header-color = text-color; # Title in settings
primary-background-color = background-color; # Background color (also title background in left menu)
# Card
paper-card-background-color = background-card-color; # Background
dark-primary-color = text-color;
primary-text-color = text-color;
paper-listbox-color = text-color;
light-primary-color = text-light-color;
secondary-text-color = text-medium-color;
disabled-text-color = text-light-color;
paper-dialog-button-color = text-color;
secondary-background-color = background-color-2; # Background more info title
# Icons
paper-item-icon-color = text-light-color; # Off
paper-item-icon-active-color = accent-color; # On
# Switches
switch-checked-button-color = "#FFF"; # Knob On
switch-unchecked-button-color = "#FFF"; # Knob Off
switch-checked-track-color = "#0077FF"; # Background On
switch-unchecked-track-color = disabled-text-color; # Background Off
# Slider
paper-slider-active-color = accent-color; # Line On
paper-slider-container-color = "#e5e7ea"; # Line Off
paper-slider-knob-color = text-light-color; # Knob On
paper-slider-knob-start-color = text-light-color; # Knob Off
# Shadows
ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
}

102
configs/hass/zigbee.nix Normal file
View File

@@ -0,0 +1,102 @@
{ config, pkgs, lib, ... }:
let
inherit (import <niveum/lib>) localAddresses;
in
{
services.zigbee2mqtt = {
enable = true;
config = {
permit_join = false;
homeassistant = true;
serial = {
port = "/dev/ttyACM0";
disable_led = true;
};
mqtt = {
discovery = true;
base_topic = "zigbee";
server = "mqtt://${localAddresses.toum}";
user = "albrecht";
password = lib.strings.fileContents <system-secrets/mosquitto>;
};
};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users."albrecht" = {
password = lib.strings.fileContents <system-secrets/mosquitto>;
acl = [ "topic readwrite #" ];
};
};
networking.firewall.allowedTCPPorts = [ 1883 ];
environment.systemPackages = [ pkgs.mosquitto ];
services.home-assistant = {
config = {
switch = [
{
platform = "mqtt";
name = "zigbee2mqtt_join";
state_topic = "/zigbee2mqtt/bridge/config/permit_join";
command_topic = "/zigbee2mqtt/bridge/config/permit_join";
payload_on = "true";
payload_off = "false";
}
];
timer.zigbee_permit_join = {
name = "Zigbee Time remaining";
duration = 120;
};
automation = [
# Automation to start timer when enable join is turned on
{
id = "zigbee_join_enabled";
alias = "";
hide_entity = "true";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "on";
};
action = {
service = "timer.start";
entity_id = "timer.zigbee_permit_join";
};
}
# Automation to stop timer when switch turned off and turn off switch when timer finished
{
id = "zigbee_join_disabled";
hide_entity = "true";
trigger = [
{
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.zigbee_permit_join";
}
{
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "off";
}
];
action = [
{
service = "timer.cancel";
data.entity_id = "timer.zigbee_permit_join";
}
{
service = "switch.turn_off";
entity_id = "switch.zigbee2mqtt_join";
}
];
}
];
};
};
}

81
configs/hedgedoc.nix Normal file
View File

@@ -0,0 +1,81 @@
{ config, pkgs, ... }:
let
backupLocation = "/var/lib/codimd-backup";
stateLocation = "/var/lib/codimd/state.sqlite";
nixpkgs-unstable = import <nixpkgs-unstable> {};
domain = "pad.kmein.de";
in
{
imports = [ <stockholm/krebs/3modules/permown.nix> ];
services.nginx.virtualHosts.${domain} = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "https://localhost:3091";
proxyWebsockets = true;
};
};
security.acme.certs.${domain}.group = "hedgecert";
users.groups.hedgecert.members = [ "codimd" "nginx" ];
security.dhparams = {
enable = true;
params.hedgedoc = {};
};
services.hedgedoc = {
enable = true;
configuration = {
allowOrigin = [ domain ];
allowAnonymous = true;
allowGravatar = false;
allowFreeURL = true;
db = {
dialect = "sqlite";
storage = stateLocation;
};
port = 3091;
domain = domain;
useSSL = true;
protocolUseSSL = true;
sslCAPath = [ "/etc/ssl/certs/ca-certificates.crt" ];
sslCertPath = "/var/lib/acme/${domain}/cert.pem";
sslKeyPath = "/var/lib/acme/${domain}/key.pem";
dhParamPath = config.security.dhparams.params.hedgedoc.path;
};
};
krebs.permown.${backupLocation} = { owner = "codimd"; group = "codimd"; umask = "0002"; };
systemd.services.hedgedoc-backup = {
description = "Hedgedoc backup service";
script = ''
${nixpkgs-unstable.sqlite}/bin/sqlite3 -json ${stateLocation} "select shortid, alias, ownerId, content from Notes" \
| ${pkgs.writers.writePython3 "hedgedoc-json-to-fs.py" {} ''
import json
import pathlib
import sys
for note in json.load(sys.stdin):
user_directory = pathlib.Path()
if note["ownerId"]:
user_directory = pathlib.Path(note["ownerId"])
user_directory.mkdir(exist_ok=True)
file_path = user_directory / (
(note["alias"] if note["alias"] else note["shortid"]) + ".md"
)
file_path.write_text(note["content"])
print(f" {file_path}", file=sys.stderr)
''}
'';
startAt = "hourly";
serviceConfig = {
Type = "oneshot";
User = "codimd";
Group = "codimd";
WorkingDirectory = backupLocation;
};
};
}

38
configs/hledger.nix
View File

@@ -1,26 +1,14 @@
{ { config, pkgs, ... }: {
pkgs, imports = [ ../modules/hledger.nix ];
...
}: let niveum.hledger = {
ledgerDirectory = "/home/kfm/sync/src/ledger"; enable = true;
hora = pkgs.callPackage ../packages/hora.nix { timeLedger = "${ledgerDirectory}/time.timeclock"; }; ledgerFile = "$HOME/projects/ledger/all.journal";
in { server = {
environment.systemPackages = let enable = false;
git = "${pkgs.git}/bin/git -C ${ledgerDirectory}"; user = config.users.users.me;
in [ package = pkgs.hledger-web;
hora };
pkgs.hledger package = pkgs.hledger;
(pkgs.writers.writeDashBin "hledger-git" '' };
if [ "$1" = entry ]; then
${pkgs.hledger}/bin/hledger balance -V > "${ledgerDirectory}/balance.txt"
${git} add balance.txt
${git} commit --all --message="$(date -Im)"
else
${git} $*
fi
'')
(pkgs.writers.writeDashBin "hledger-edit" ''
$EDITOR ${ledgerDirectory}/current.journal
'')
];
} }

6
configs/htop.nix
View File

@@ -20,10 +20,10 @@
show_thread_names = false; show_thread_names = false;
sort_descending = true; sort_descending = true;
sort_key = "PERCENT_CPU"; sort_key = "PERCENT_CPU";
tree_view = false; tree_view = true;
update_process_names = false; update_process_names = false;
right_meters = ["Uptime" "Tasks" "LoadAverage" "Battery"]; right_meters = [ "Uptime" "Tasks" "LoadAverage" "Battery" ];
left_meters = ["LeftCPUs2" "RightCPUs2" "Memory" "Swap"]; left_meters = [ "LeftCPUs2" "RightCPUs2" "Memory" "Swap" ];
}; };
}; };
}; };

146
configs/hu-berlin.nix
View File

@@ -1,123 +1,55 @@
{ { config, pkgs, lib, ... }:
config, let
pkgs, inherit (lib.strings) fileContents;
lib, inherit (import <niveum/lib>) sshPort;
... eduroam = {
}: let identity = fileContents <secrets/eduroam/identity>;
inherit (import ../lib/email.nix) defaults pronouns; password = fileContents <secrets/eduroam/password>;
inherit (import ../lib) remoteDir;
hu-defaults = {
imap.host = "mailbox.cms.hu-berlin.de";
imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 25;
smtp.tls.useStartTls = true;
}; };
hu-berlin-cifs-options = [ hu-berlin-cifs-options = [
"uid=${toString config.users.users.me.uid}" "uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}" "gid=${toString config.users.groups.users.gid}"
"sec=ntlmv2" "sec=ntlmv2"
"workgroup=german" "workgroup=german"
"credentials=${config.age.secrets.cifs-credentials-hu-berlin.path}" "username=meinhaki"
"password=${lib.strings.fileContents <secrets/mail/meinhaki>}"
"noauto" "noauto"
"x-systemd.requires=openvpn-hu-berlin.service"
"x-systemd.automount" "x-systemd.automount"
"x-systemd.device-timeout=1" "x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min" "x-systemd.idle-timeout=1min"
]; ];
in { in {
fileSystems."${remoteDir}/hu/germpro2" = { fileSystems."/media/hu-berlin/germpro2" = {
device = "//hugerm31c.user.hu-berlin.de/germpro2/ling"; device = "//hugerm31c.user.hu-berlin.de/germpro2/ling";
fsType = "cifs"; fsType = "cifs";
options = hu-berlin-cifs-options; options = hu-berlin-cifs-options;
}; };
fileSystems."${remoteDir}/hu/meinhaki/home" = { fileSystems."/media/hu-berlin/germhome" = {
device = "//hugerm31c.user.hu-berlin.de/germhome/ling/meinhaki"; device = "//hugerm31c.user.hu-berlin.de/germhome/ling/meinhaki";
fsType = "cifs"; fsType = "cifs";
options = hu-berlin-cifs-options; options = hu-berlin-cifs-options;
}; };
age.secrets = {
cifs-credentials-hu-berlin.file = ../secrets/cifs-credentials-hu-berlin.age;
email-password-meinhaki = {
file = ../secrets/email-password-meinhaki.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-dslalewa = {
file = ../secrets/email-password-dslalewa.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = { home-manager.users.me.programs.ssh = {
programs.ssh = { matchBlocks = {
matchBlocks = { "alew.hu-berlin.de" = {
"alew.hu-berlin.de" = { user = "centos";
user = "centos"; hostname = "141.20.187.219";
hostname = "141.20.187.219";
};
}; };
}; };
accounts.email.accounts = rec {
hu-employee =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhaki";
address = "kieran.meinhardt@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhaki.path}";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
himalaya = {
enable = true;
settings.backend = "imap";
};
signature = {
showSignature = "append";
text = ''
${defaults.realName}
${pronouns}
Studentische Hilfskraft / Administrator ALEW
Humboldt-Universität zu Berlin
Telefon: +49 (0)30 2093 9634
Raum 3.212, Dorotheenstraße 24, 10117 Berlin-Mitte
https://alew.hu-berlin.de
'';
};
});
hu-admin =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "dslalewa";
address = "admin.alew.vglsprwi@hu-berlin.de";
himalaya = {
enable = true;
settings.backend = "imap";
};
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-dslalewa.path}";
inherit (hu-employee) signature;
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
});
};
}; };
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writers.writeDashBin "hu-ip" '' (pkgs.writers.writeDashBin "hu-ip" ''
${pkgs.w3m}/bin/w3m -dump meineip.hu-berlin.de | head --lines=-4 | tail --lines=+3 ${pkgs.w3m}/bin/w3m -dump meineip.hu-berlin.de | head --lines=-4 | tail --lines=+3
'') '')
( (pkgs.writers.writePython3Bin "hu-eduroam-install"
pkgs.writers.writePython3Bin "hu-eduroam-install"
{ {
libraries = with pkgs.python3Packages; [distro pyopenssl dbus-python]; libraries = with pkgs.python3Packages; [ distro pyopenssl dbus-python ];
flakeIgnore = ["E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291"]; flakeIgnore = [ "E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291" ];
} }
(builtins.readFile (builtins.fetchurl { (builtins.readFile (builtins.fetchurl {
url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/linux-installer/eduroam-linux-hub.py"; url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/linux-installer/eduroam-linux-hub.py";
@@ -126,23 +58,33 @@ in {
) )
]; ];
# ref https://github.com/NixOS/nixpkgs/issues/231038#issuecomment-1591888919
environment.etc."ppp/options".text = "ipcp-accept-remote";
systemd.services.hu-vpn = { systemd.services.hu-vpn = {
enable = true; enable = true;
wants = ["network-online.target"]; wants = [ "network-online.target" ];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhaki.path}"; conflicts = [ "openvpn-hu-berlin.service" ];
script = '' script = ''
${pkgs.openfortivpn}/bin/openfortivpn \ ${pkgs.openfortivpn}/bin/openfortivpn -c ${pkgs.writeText "hu-berlin.config" ''
--password="$(cat "$CREDENTIALS_DIRECTORY/password")" \ host = forti-ssl.vpn.hu-berlin.de
--config=${ port = 443
pkgs.writeText "hu-berlin.config" '' trusted-cert = 42193a913d276d9eb86217612956e1e6464d6f07bed5393a4787c87adc4bd359
host = forti-ssl.vpn.hu-berlin.de username = ${eduroam.identity}
port = 443 password = ${eduroam.password}
username = meinhaki ''}
''
}
''; '';
}; };
systemd.services.openvpn-hu-berlin.conflicts = [ "hu-vpn.service" ];
services.openvpn.servers.hu-berlin = {
autoStart = false;
authUserPass = {
username = eduroam.identity;
password = eduroam.password;
};
config = fileContents (pkgs.fetchurl {
url =
"https://www.cms.hu-berlin.de/de/dl/netze/vpn/openvpn/hu-berlin.ovpn";
sha256 = "15b55aibik5460svjq2gwxrcyh6ay4k8savd6cd5lncgndmd8p8h";
});
};
} }

404
configs/i3.nix
View File

@@ -1,35 +1,14 @@
{ { config, pkgs, lib, ... }:
config, let
pkgs, inherit (import <niveum/lib>) defaultApplications colours;
lib, klem = import <niveum/packages/scripts/klem.nix> {
niveumPackages, inherit pkgs lib;
...
}: let
dashboard = pkgs.writers.writeDashBin "dashboard" ''
${pkgs.alacritty}/bin/alacritty --class wtf --command ${pkgs.writers.writeDash "dashboard-inner" ''
export WTF_OWM_API_KEY="$(cat ${config.age.secrets.openweathermap-api-key.path})"
export WTF_MINIFLUX_API_KEY="$(cat ${config.age.secrets.miniflux-api-token.path})"
exec ${niveumPackages.dashboard}/bin/dashboard
''}
'';
inherit (import ../lib) defaultApplications;
klem = niveumPackages.klem.override {
config.dmenu = "${pkgs.dmenu}/bin/dmenu -i -p klem";
config.scripts = { config.scripts = {
"p.r" = pkgs.writers.writeDash "p.r" '' "p.r" = pkgs.writers.writeDash "p.r" ''
${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \ ${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \
| ${pkgs.coreutils}/bin/tail --lines=1 \ | ${pkgs.coreutils}/bin/tail --lines=1 \
| ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/' | ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/'
''; '';
# "envs.sh host" = pkgs.writers.writeDash "envs-host" ''
# ${pkgs.curl}/bin/curl -F "file=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
# '';
"envs.sh mirror" = pkgs.writers.writeDash "envs-mirror" ''
${pkgs.curl}/bin/curl -F "url=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"envs.sh shorten" = pkgs.writers.writeDash "envs-shorten" ''
${pkgs.curl}/bin/curl -F "shorten=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"ix.io" = pkgs.writers.writeDash "ix.io" '' "ix.io" = pkgs.writers.writeDash "ix.io" ''
${pkgs.curl}/bin/curl -fSs -F 'f:1=<-' ix.io ${pkgs.curl}/bin/curl -fSs -F 'f:1=<-' ix.io
''; '';
@@ -43,56 +22,30 @@
${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]' ${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
''; '';
"ipa" = pkgs.writers.writeDash "ipa" '' "ipa" = pkgs.writers.writeDash "ipa" ''
${niveumPackages.ipa}/bin/ipa ${pkgs.scripts.ipa}/bin/ipa
''; '';
"betacode" = pkgs.writers.writeDash "betacode" '' "betacode" = pkgs.writers.writeDash "betacode" ''
${niveumPackages.betacode}/bin/betacode ${pkgs.scripts.betacode}/bin/betacode
'';
"devanagari" = pkgs.writers.writeDash "devanagari" ''
${pkgs.scripts.devanagari}/bin/devanagari
''; '';
"curl" = pkgs.writers.writeDash "curl" '' "curl" = pkgs.writers.writeDash "curl" ''
${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)" ${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
''; '';
ocr = pkgs.writers.writeDash "ocr" ''
${pkgs.tesseract4}/bin/tesseract -l eng+deu - stdout
'';
emojai = pkgs.writers.writeDash "emojai" ''
${pkgs.curl}/bin/curl https://www.emojai.app/api/generate -X POST -H 'Content-Type: application/json' --data-raw "$(${pkgs.jq}/bin/jq -sR '{emoji:.}')" | ${pkgs.jq}/bin/jq -r .result
'';
"gpt-3.5" = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt35}/bin/gpt
'';
gpt-4 = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt4}/bin/gpt
'';
}; };
}; };
new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
move-to-new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
in { in {
age.secrets = {
github-token-i3status-rust = {
file = ../secrets/github-token-i3status-rust.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
openweathermap-api-key = {
file = ../secrets/openweathermap-api-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
miniflux-api-token = {
file = ../secrets/miniflux-api-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
programs.slock.enable = true;
environment.systemPackages = [dashboard];
services.displayManager.defaultSession = "none+i3";
services.xserver = { services.xserver = {
displayManager.defaultSession = "none+i3";
windowManager.i3 = { windowManager.i3 = {
enable = true; enable = true;
package = pkgs.i3-gaps; package = pkgs.i3-gaps;
@@ -114,84 +67,101 @@ in {
''; '';
}; };
home-manager.users.me = let home-manager.users.me.xsession.windowManager.i3 = {
modifier = "Mod4"; enable = true;
infoWorkspace = ""; config = rec {
messageWorkspace = ""; fonts = {names = ["Sans"]; size = 10.0;};
modes.resize = { modifier = "Mod4";
"Escape" = ''mode "default"''; window = {
"Return" = ''mode "default"''; titlebar = false;
"h" = "resize shrink width 10 px or 5 ppt"; border = 1;
"j" = "resize grow height 10 px or 5 ppt"; hideEdgeBorders = "smart";
"k" = "resize shrink height 10 px or 5 ppt"; commands = [
"l" = "resize grow width 10 px or 5 ppt"; {
}; criteria = { class = "floating"; };
gaps.inner = 4; command = "floating enable";
floating = { }
titlebar = false; {
border = 1; criteria = { class = "fzfmenu"; };
}; command = "floating enable";
bars = [ }
(config.home-manager.users.me.lib.stylix.i3.bar {
// rec { criteria = { class = "mpv"; };
workspaceButtons = true; command = lib.strings.concatStringsSep ", " [
mode = "hide"; # "dock"; "floating enable"
position = "bottom"; "sticky enable"
statusCommand = toString (pkgs.writers.writeDash "i3status-rust" '' "fullscreen disable"
export I3RS_GITHUB_TOKEN="$(cat ${config.age.secrets.github-token-i3status-rust.path})" "resize set 640 480"
export OPENWEATHERMAP_API_KEY="$(cat ${config.age.secrets.openweathermap-api-key.path})" "move position mouse"
exec ${config.home-manager.users.me.programs.i3status-rust.package}/bin/i3status-rs ${config.home-manager.users.me.home.homeDirectory}/.config/i3status-rust/config-${position}.toml ];
''); }
fonts = { ];
names = ["${config.stylix.fonts.sansSerif.name}" "FontAwesome 6 Free"];
size = config.stylix.fonts.sizes.desktop * 0.8;
};
})
];
window = {
titlebar = false;
border = 2;
hideEdgeBorders = "smart";
commands = [
{
criteria = {class = "floating";};
command = "floating enable";
}
{
criteria = {class = "fzfmenu";};
command = "floating enable";
}
{
criteria = {class = ".*";};
command = "border pixel 2";
}
{
criteria = {class = "mpv";};
command = lib.strings.concatStringsSep ", " [
"floating enable"
"sticky enable"
"fullscreen disable"
"resize set 640 480"
"move position mouse"
];
}
];
};
colors = let
background = config.lib.stylix.colors.withHashtag.base00;
in {
unfocused = {
border = lib.mkForce background;
childBorder = lib.mkForce background;
}; };
}; gaps.inner = 4;
keybindings = floating = {
lib.listToAttrs (map (x: lib.nameValuePair "${modifier}+Shift+${toString x}" "move container to workspace ${toString x}") (lib.range 1 9)) titlebar = false;
// lib.listToAttrs (map (x: lib.nameValuePair "${modifier}+${toString x}" "workspace ${toString x}") (lib.range 1 9)) border = 1;
// { };
"${modifier}+i" = "workspace ${infoWorkspace}"; colors = let
"${modifier}+m" = "workspace ${messageWorkspace}"; scheme = {
background = colours.background;
text = colours.foreground;
};
in rec {
focused = scheme // {
border = colours.cyan.bright;
indicator = colours.cyan.bright;
childBorder = colours.cyan.bright;
};
unfocused = scheme // {
border = colours.background;
indicator = colours.background;
childBorder = colours.background;
};
focusedInactive = unfocused;
urgent = scheme // {
border = colours.red.bright;
indicator = colours.red.bright;
childBorder = colours.red.bright;
};
placeholder = scheme // {
border = colours.green.bright;
indicator = colours.green.bright;
childBorder = colours.green.bright;
};
};
bars = [{
workspaceButtons = false;
fonts = {names = ["Sans"]; size = 8.0;};
mode = "hide"; # "dock"
position = "bottom";
colors = rec {
background = colours.background;
separator = background;
statusline = colours.foreground;
bindingMode = {
background = colours.red.bright;
border = colours.background;
text = colours.foreground;
};
};
statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ${
(pkgs.formats.toml {}).generate "i3status-rust.toml" (import <niveum/lib/i3status-rust.nix> {
inherit (config.niveum) batteryName wirelessInterface;
inherit colours;
inherit pkgs;
})
}";
}];
modes.resize = {
"Escape" = ''mode "default"'';
"Return" = ''mode "default"'';
"h" = "resize shrink width 10 px or 5 ppt";
"j" = "resize grow height 10 px or 5 ppt";
"k" = "resize shrink height 10 px or 5 ppt";
"l" = "resize grow width 10 px or 5 ppt";
};
keybindings = {
"${modifier}+Shift+h" = "move left 25 px"; "${modifier}+Shift+h" = "move left 25 px";
"${modifier}+Shift+j" = "move down 25 px"; "${modifier}+Shift+j" = "move down 25 px";
"${modifier}+Shift+k" = "move up 25 px"; "${modifier}+Shift+k" = "move up 25 px";
@@ -201,10 +171,12 @@ in {
"${modifier}+k" = "focus up"; "${modifier}+k" = "focus up";
"${modifier}+l" = "focus right"; "${modifier}+l" = "focus right";
# "${modifier}+Shift+b" = "move container to workspace prev"; "${modifier}+Shift+b" = "move window to workspace prev";
# "${modifier}+Shift+n" = "move container to workspace next"; "${modifier}+Shift+n" = "move window to workspace next";
# "${modifier}+b" = "workspace prev"; "${modifier}+Shift+x" = "exec --no-startup-id ${move-to-new-workspace}";
# "${modifier}+n" = "workspace next"; "${modifier}+b" = "workspace prev";
"${modifier}+n" = "workspace next";
"${modifier}+x" = "exec --no-startup-id ${new-workspace}";
"${modifier}+Shift+c" = "reload"; "${modifier}+Shift+c" = "reload";
"${modifier}+Shift+q" = "kill"; "${modifier}+Shift+q" = "kill";
@@ -213,9 +185,8 @@ in {
"${modifier}+z" = "sticky toggle"; "${modifier}+z" = "sticky toggle";
"${modifier}+Shift+z" = "floating toggle"; "${modifier}+Shift+z" = "floating toggle";
"${modifier}+s" = "scratchpad show";
"${modifier}+Shift+s" = "move scratchpad"; "${modifier}+Shift+s" = "move scratchpad";
"${modifier}+s" = ''[class="^(?i)(?!obsidian).*"] scratchpad show'';
"${modifier}+o" = ''[class="obsidian"] scratchpad show'';
"${modifier}+c" = "split h"; "${modifier}+c" = "split h";
"${modifier}+e" = "layout toggle split"; "${modifier}+e" = "layout toggle split";
@@ -223,37 +194,58 @@ in {
"${modifier}+r" = "mode resize"; "${modifier}+r" = "mode resize";
"${modifier}+v" = "split v"; "${modifier}+v" = "split v";
"${modifier}+w" = "layout tabbed"; "${modifier}+w" = "layout tabbed";
"${modifier}+q" = "exec ${config.services.clipmenu.package}/bin/clipmenu";
# "${modifier}+Shift+y" = "exec ${pkgs.qutebrowser}/bin/qutebrowser";
"${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}"; "${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}";
"${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}"; "${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}";
"${modifier}+y" = "exec ${(defaultApplications pkgs).browser}"; "${modifier}+y" = "exec ${(defaultApplications pkgs).browser}";
"${modifier}+0" = "exec ${pkgs.scripts.menu-calc}/bin/=";
"${modifier}+d" = "exec ${pkgs.writers.writeDash "run" ''exec rofi -modi run,ssh,window -show run''}"; "${modifier}+Shift+w" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"${modifier}+Shift+d" = "exec ${niveumPackages.notemenu}/bin/notemenu"; "${modifier}+a" =
"${modifier}+p" = "exec rofi-pass"; "exec --no-startup-id ${pkgs.rofi}/bin/rofi -display-window -show window";
"${modifier}+Shift+p" = "exec rofi-pass --insert"; "${modifier}+d" = "exec --no-startup-id ${pkgs.dmenu}/bin/dmenu_run";
"${modifier}+u" = "exec ${niveumPackages.unicodmenu}/bin/unicodmenu"; "${modifier}+Shift+d" = "exec ${
"${modifier}+Shift+u" = "exec ${pkgs.writers.writeDash "last-unicode" ''${pkgs.xdotool}/bin/xdotool type --delay 1000 "$(${pkgs.gawk}/bin/awk 'END{print $1}' ~/.cache/unicodmenu)"''}"; pkgs.writers.writeDash "notemenu" ''
set -efu
PATH=$PATH:${
lib.makeBinPath [ pkgs.dmenu pkgs.findutils pkgs.coreutils ]
}
"${modifier}+F7" = "exec ${pkgs.writers.writeDash "showkeys-toggle" '' cd ~/notes
if ${pkgs.procps}/bin/pgrep screenkey; then note_file=$({
exec ${pkgs.procps}/bin/pkill screenkey echo diary/$(date -I).md
else echo diary/$(date -I -d yesterday).md
exec ${pkgs.screenkey}/bin/screenkey find . -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2
fi } | dmenu -i)
''}"; if test "$note_file"
then
i3-sensible-terminal -e "$EDITOR" "$note_file"
fi
''
}";
"${modifier}+p" = "exec --no-startup-id ${pkgs.pass}/bin/passmenu -l 5";
"${modifier}+u" = "exec ${pkgs.scripts.unicodmenu}/bin/unicodmenu";
"${modifier}+F7" = "exec ${pkgs.scripts.showkeys-toggle}/bin/showkeys-toggle";
"${modifier}+F8" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
"${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
"${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";
"${modifier}+F12" = "exec ${klem}/bin/klem"; "${modifier}+F12" = "exec ${klem}/bin/klem";
"XF86AudioLowerVolume" = "exec ${pkgs.pamixer}/bin/pamixer -d 5"; "Print" = "exec flameshot-once";
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t"; "XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 5"; "XF86AudioMute" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -i 5";
"XF86Calculator" = "exec ${pkgs.st}/bin/st -c floating -e ${pkgs.bc}/bin/bc"; "XF86Calculator" = "exec ${pkgs.st}/bin/st -c floating -e ${pkgs.bc}/bin/bc";
"XF86AudioPause" = "exec ${pkgs.playerctl}/bin/playerctl play-pause"; "XF86AudioPause" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl pause";
"XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause"; "XF86AudioPlay" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioNext" = "exec ${pkgs.playerctl}/bin/playerctl next"; "XF86AudioNext" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec ${pkgs.playerctl}/bin/playerctl previous"; "XF86AudioPrev" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec ${pkgs.playerctl}/bin/playerctl stop"; "XF86AudioStop" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${niveumPackages.k-lock}/bin/k-lock"; "XF86ScreenSaver" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"XF86Display" = "exec ${pkgs.scripts.dmenurandr}/bin/dmenurandr";
# key names detected with xorg.xev: # key names detected with xorg.xev:
# XF86WakeUp (fn twice) # XF86WakeUp (fn twice)
@@ -269,74 +261,6 @@ in {
# XF86Back # XF86Back
# XF86Launch1 (thinkvantage) # XF86Launch1 (thinkvantage)
}; };
in {
wayland.windowManager.sway = {
enable = true;
config = {
menu = "rofi -modi run,ssh,window -show run";
inherit modifier modes gaps bars floating window colors keybindings;
input = {
"*" = {
xkb_layout = "de";
xkb_variant = "T3";
};
};
terminal = (defaultApplications pkgs).terminal;
up = "k";
down = "j";
left = "h";
right = "l";
seat = {
"*" = {
hide_cursor = "when-typing enable";
};
};
startup = [
{command = "echo hello";}
];
};
};
xsession.windowManager.i3 = {
enable = true;
extraConfig = ''
bindsym --release ${modifier}+Shift+w exec /run/wrappers/bin/slock
exec "${pkgs.obsidian}/bin/obsidian"
for_window [class="obsidian"] , move scratchpad
assign [class="message"] ${messageWorkspace}
exec "${pkgs.writers.writeDash "irc" "exec ${pkgs.alacritty}/bin/alacritty --class message -e ssh weechat@makanek -t tmux attach-session -t IM"}"
exec "${pkgs.writers.writeDash "email" "exec ${pkgs.alacritty}/bin/alacritty --class message -e aerc"}"
assign [class="wtf"] ${infoWorkspace}
exec ${dashboard}/bin/dashboard
'';
config = lib.mkMerge [
{
inherit modifier gaps modes bars floating window colors keybindings;
}
{
keybindings = let
new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
move-to-new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
in {
"${modifier}+ß" = "exec ${niveumPackages.menu-calc}/bin/=";
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
"${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
"${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";
"Print" = "exec flameshot gui";
# "${modifier}+Shift+x" = "exec ${move-to-new-workspace}";
# "${modifier}+x" = "exec ${new-workspace}";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr";
};
}
];
}; };
}; };
} }

80
configs/i3status-rust.nix
View File

@@ -1,80 +0,0 @@
{
pkgs,
config,
...
}: {
age.secrets = {
miniflux-api-token = {
file = ../secrets/miniflux-api-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
programs.i3status-rust = {
enable = true;
bars.bottom = {
icons = "awesome6";
settings = {
theme.overrides = let
colours = config.lib.stylix.colors.withHashtag;
in {
idle_bg = colours.base00;
idle_fg = colours.base05;
good_bg = colours.base00;
good_fg = colours.base0B;
warning_bg = colours.base00;
warning_fg = colours.base0A;
critical_bg = colours.base00;
critical_fg = colours.base09;
info_bg = colours.base00;
info_fg = colours.base04;
separator_bg = colours.base00;
separator = " ";
};
};
blocks = [
{
block = "music";
format = "{$icon $combo $play |}";
separator = " ";
}
{
block = "net";
format = " $icon HU";
missing_format = "";
device = "ppp0";
}
{
block = "net";
format = " $icon FU";
missing_format = "";
device = "tun0";
}
{
block = "battery";
device = config.niveum.batteryName;
}
{
block = "sound";
}
{
block = "disk_space";
format = "$icon $available";
}
{
block = "memory";
format = "$icon $mem_used.eng(prefix:G)";
}
{block = "load";}
{
block = "time";
format = "$icon $timestamp.datetime(f:'%Y-%m-%d (%W %a) %H:%M', l:de_DE)";
}
];
};
};
};
}

20
configs/kdeconnect.nix
View File

@@ -1,17 +1,13 @@
{ {
networking.firewall = { networking.firewall = {
allowedTCPPortRanges = [ allowedTCPPortRanges = [{
{ from = 1714;
from = 1714; to = 1764;
to = 1764; }];
} allowedUDPPortRanges = [{
]; from = 1714;
allowedUDPPortRanges = [ to = 1764;
{ }];
from = 1714;
to = 1764;
}
];
}; };
home-manager.users.me = { home-manager.users.me = {

76
configs/keyboard.nix
View File

@@ -1,75 +1,17 @@
{ { pkgs, lib, ... }:
pkgs, let commaSep = builtins.concatStringsSep ",";
lib,
...
}: let
commaSep = builtins.concatStringsSep ",";
xkbOptions = ["compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle"];
languages = {
deutsch = { code = "de"; variant = "T3"; };
greek = { code = "gr"; variant = "polytonic"; };
russian = { code = "ru"; variant = "phonetic"; };
arabic = ../lib/keyboards/arabic;
coptic = ../lib/keyboards/coptic;
avestan = ../lib/keyboards/avestan;
gothic = ../lib/keyboards/gothic;
sanskrit = { code = "in"; variant = "san-kagapa"; };
gujarati = {code = "in"; variant = "guj-kagapa"; };
hebrew = {code = "il"; variant = "phonetic";};
};
defaultLanguage = languages.deutsch;
in { in {
services.libinput.enable = true;
# man 7 xkeyboard-config
services.xserver = { services.xserver = {
exportConfiguration = true; # link /usr/share/X11 properly layout = commaSep [ "de" "gr" "ru" ];
xkb.layout = defaultLanguage.code; xkbVariant = commaSep [ "T3" "polytonic" "phonetic" ];
# T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png xkbOptions =
# buckwalter: http://www.qamus.org/transliteration.htm commaSep [ "compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle" ];
xkb.variant = defaultLanguage.variant; libinput.enable = true;
xkb.options = commaSep xkbOptions;
xkb.dir = pkgs.symlinkJoin {
name = "x-keyboard-directory";
paths = [
"${pkgs.xkeyboard_config}/etc/X11/xkb"
(pkgs.linkFarm "custom-x-keyboards" (
lib.mapAttrsToList (name: value: {
name = "symbols/${name}";
path = value;
}) (lib.filterAttrs (_: value: builtins.typeOf value == "path") languages)
))
];
};
}; };
environment.etc."x11-locale".source = toString pkgs.xorg.libX11 + "share/X11/locale";
console.keyMap = "de"; console.keyMap = "de";
environment.systemPackages =
lib.mapAttrsToList
(language: settings:
let
code = if settings ? "code" then settings.code else language;
variant = if settings ? "variant" then settings.variant else "";
in
pkgs.writers.writeDashBin "kb-${language}" ''
${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage.code},${code} ${defaultLanguage.variant},${variant} ${toString (map (option: "-option ${option}") xkbOptions)}
'')
languages;
# improve held key rate # improve held key rate
services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50"; services.xserver.displayManager.sessionCommands =
"${pkgs.xorg.xset}/bin/xset r rate 300 50";
systemd.user.services.gxkb = {
wantedBy = ["graphical-session.target"];
serviceConfig = {
SyslogIdentifier = "gxkb";
ExecStart = "${pkgs.gxkb}/bin/gxkb";
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
} }

101
configs/khal.nix
View File

@@ -1,60 +1,28 @@
{ { config, pkgs, lib, ... }:
config, let
pkgs,
lib,
...
}: let
davHome = "~/.local/share/dav"; davHome = "~/.local/share/dav";
kmeinCloud = { kmeinCloud = {
davEndpoint = "https://cloud.kmein.de/remote.php/dav"; davEndpoint = "https://cloud.xn--kiern-0qa.de/remote.php/dav";
username = "kieran"; username = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path; password = lib.fileContents <secrets/nextcloud/password>;
}; };
fysiCloud = { fysiCloud = {
davEndpoint = "https://nextcloud.fysi.dev/remote.php/dav"; davEndpoint = "https://nextcloud.fysi.dev/remote.php/dav";
username = "kmein"; username = "kmein";
passwordFile = config.age.secrets.nextcloud-password-fysi.path; password = lib.fileContents <secrets/nextcloud-fysi/password>;
}; };
in { in
age.secrets = { {
nextcloud-password-kieran = { environment.systemPackages = [ pkgs.khal pkgs.vdirsyncer pkgs.khard pkgs.todoman ];
file = ../secrets/nextcloud-password-kieran.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
nextcloud-password-fysi = {
file = ../secrets/nextcloud-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
environment.systemPackages = [
pkgs.khal
pkgs.vdirsyncer
pkgs.khard
pkgs.todoman
(pkgs.writers.writeDashBin "todo-procrastinate" ''
[ $# -eq 1 ] || {
echo "Usage: $0 TODO_ID" >&2
exit 1
}
todo_id=$1
new_timestamp=$(${pkgs.todoman}/bin/todo --porcelain show "$todo_id" | ${pkgs.jq}/bin/jq '.due + 24 * 60 * 60')
new_date=$(${pkgs.coreutils}/bin/date +"%Y-%m-%d %H:%M" -d "@$new_timestamp")
${pkgs.todoman}/bin/todo edit "$todo_id" --due "$new_date"
'')
];
systemd.user.services.vdirsyncer = { systemd.user.services.vdirsyncer = {
enable = true; enable = true;
wants = ["network-online.target"]; wants = [ "network-online.target" ];
wantedBy = ["default.target"]; wantedBy = [ "default.target" ];
startAt = "*:00/10"; startAt = "*:00/10";
script = '' script = ''
${pkgs.vdirsyncer}/bin/vdirsyncer sync && ${pkgs.khal}/bin/khal printcalendars # https://lostpackets.de/khal/configure.html#syncing ${pkgs.vdirsyncer}/bin/vdirsyncer sync
${pkgs.khal}/bin/khal printcalendars # https://lostpackets.de/khal/configure.html#syncing
''; '';
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
@@ -103,9 +71,30 @@ in {
"khal/config".text = '' "khal/config".text = ''
[calendars] [calendars]
[[kalender_local]] [[alew]]
path = ${davHome}/calendar/* path = ${davHome}/calendar/alew
type = discover color = "light gray"
[[personal]]
path = ${davHome}/calendar/personal
color = "light cyan"
[[uni]]
path = ${davHome}/calendar/uni-1
color = "yellow"
[[fysi]]
path = ${davHome}/calendar/fysi-1
color = "light magenta"
[[fysi_team]]
path = ${davHome}/calendar/personal_shared_by_fdf
color = "light red"
[[birthdays]]
path = ${davHome}/contacts/contacts
type = birthdays
color = "light green"
[default] [default]
highlight_event_days = True highlight_event_days = True
@@ -137,7 +126,13 @@ in {
[pair kalender] [pair kalender]
a = "kalender_local" a = "kalender_local"
b = "kalender_cloud" b = "kalender_cloud"
collections = ["from b"] collections = ["personal", "alew", "uni-1"]
conflict_resolution = "b wins"
[pair fysi]
a = "kalender_local"
b = "fysi_cloud"
collections = ["fysi-1", "personal_shared_by_fdf"]
conflict_resolution = "b wins" conflict_resolution = "b wins"
[storage kontakte_local] [storage kontakte_local]
@@ -154,13 +149,19 @@ in {
type = "carddav" type = "carddav"
url = "${kmeinCloud.davEndpoint}/addressbooks/users/${kmeinCloud.username}/" url = "${kmeinCloud.davEndpoint}/addressbooks/users/${kmeinCloud.username}/"
username = "${kmeinCloud.username}" username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"] password = "${kmeinCloud.password}"
[storage kalender_cloud] [storage kalender_cloud]
type = "caldav" type = "caldav"
url = "${kmeinCloud.davEndpoint}/calendars/${kmeinCloud.username}/" url = "${kmeinCloud.davEndpoint}/calendars/${kmeinCloud.username}/"
username = "${kmeinCloud.username}" username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"] password = "${kmeinCloud.password}"
[storage fysi_cloud]
type = "caldav"
url = "${fysiCloud.davEndpoint}/calendars/${fysiCloud.username}/"
username = "${fysiCloud.username}"
password = "${fysiCloud.password}"
''; '';
}; };
}; };

16
configs/lb.nix
View File

@@ -1,24 +1,24 @@
{ lib, pkgs, ... }:
let
nixpkgs-unstable = import <nixpkgs-unstable> {};
in
{ {
lib,
pkgs,
...
}: {
systemd.services.lb-subscription = { systemd.services.lb-subscription = {
enable = true; enable = true;
wants = ["network-online.target"]; wants = [ "network-online.target" ];
startAt = "weekly"; startAt = "weekly";
serviceConfig = { serviceConfig = {
user = "kfm"; user = "kfm";
WorkingDirectory = "/home/kfm/cloud/nextcloud/Books/Germanistik/LB"; WorkingDirectory = "/home/kfm/cloud/Seafile/Books/Germanistik/LB";
}; };
script = '' script = ''
first_year=2019 first_year=2019
for year in $(${pkgs.coreutils}/bin/seq "$first_year" "$(date +%Y)"); do for year in $(${pkgs.coreutils}/bin/seq "$first_year" "$(date +%Y)"); do
${pkgs.curl}/bin/curl -sSL "https://www.literarische-blaetter.de/jahrgang-$year/" \ ${pkgs.curl}/bin/curl -sSL "https://www.literarische-blaetter.de/jahrgang-$year/" \
| ${pkgs.htmlq}/bin/htmlq --attribute href 'ul.slides a' \ | ${nixpkgs-unstable.htmlq}/bin/htmlq --attribute href 'ul.slides a' \
| while read -r month; do | while read -r month; do
${pkgs.curl}/bin/curl -sSL "$month" \ ${pkgs.curl}/bin/curl -sSL "$month" \
| ${pkgs.htmlq}/bin/htmlq --attribute src iframe \ | ${nixpkgs-unstable.htmlq}/bin/htmlq --attribute src iframe \
| ${pkgs.gnused}/bin/sed 's/.*?pdf=//;s/?wp-hosted.*//' | ${pkgs.gnused}/bin/sed 's/.*?pdf=//;s/?wp-hosted.*//'
done done
done | ${pkgs.findutils}/bin/xargs ${pkgs.wget}/bin/wget --no-clobber done | ${pkgs.findutils}/bin/xargs ${pkgs.wget}/bin/wget --no-clobber

19
configs/mastodon-bot.nix
View File

@@ -1,19 +0,0 @@
{pkgs, ...}: {
systemd.services.imaginary-illuminations = {
enable = false;
wants = ["network-online.target"];
serviceConfig = {
User = "kfm";
Group = "users";
WorkingDirectory = "/home/kfm/cloud/Seafile/Documents/Media/imaginary-illuminations";
Restart = "on-failure";
RestartSec = "15s";
};
startAt = "7:00";
script = ''
${pkgs.deno}/bin/deno run -A post.ts
'';
};
systemd.timers.imaginary-illuminations.timerConfig.RandomizedDelaySec = "14h";
}

56
configs/matterbridge.nix Normal file
View File

@@ -0,0 +1,56 @@
{ pkgs, lib, ... }:
{
nixpkgs.overlays = [
(self: super: {
matterbridge = (import (super.fetchFromGitHub {
owner = "NixOS";
repo = "nixpkgs";
rev = "e45d91ee65db293a172ec506759d1248e40c35f5";
sha256 = "03cjs5xcx09lw0djyrx2kfakw7gkg4iqmy9w25azai62im39l30k";
}) {}).matterbridge;
})
];
services.matterbridge = {
enable = true;
configPath =
let bridgeBotToken = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
in toString ((pkgs.formats.toml {}).generate "config.toml" {
general = {
RemoteNickFormat = "[{NICK}] ";
Charset = "utf-8";
};
telegram.kmein.Token = bridgeBotToken;
irc =
let Nick = "ponte";
in {
hackint = { Server = "irc.hackint.org:6697"; UseTLS = true; inherit Nick; };
};
mumble.lassulus = {
Server = "lassul.us:64738";
Nick = "krebs_bridge";
SkipTLSVerify = true;
};
gateway = [
{
name = "krebs-bridge";
enable = true;
inout = [
{
account = "irc.hackint";
channel = "#krebs";
}
{
account = "telegram.kmein";
channel = "-330372458";
}
{
account = "mumble.lassulus";
channel = 6; # "nixos"
}
];
}
];
});
};
}

41
configs/menstruation.nix Normal file
View File

@@ -0,0 +1,41 @@
{ pkgs, lib, ... }:
let
backend = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
telegram = pkgs.callPackage <niveum/submodules/menstruation-telegram> {};
backendPort = 8000;
in
{
containers.menstruation.autoStart = true;
containers.menstruation.config = { config, pkgs, ... }: {
services.redis.enable = true;
systemd.services.menstruation-telegram = {
wants = [
"network-online.target"
"menstruation-backend.service"
"redis.service"
];
wantedBy = [ "multi-user.target" ];
environment = {
MENSTRUATION_TOKEN = lib.strings.fileContents <system-secrets/telegram/menstruation.token>;
MENSTRUATION_ENDPOINT = "http://localhost:${toString backendPort}";
MENSTRUATION_MODERATORS = "18980945";
};
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${telegram}/bin/menstruation-telegram";
};
};
systemd.services.menstruation-backend = {
wants = [ "network-online.target" ];
environment.ROCKET_PORT = toString backendPort;
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${backend}/bin/menstruation_server";
};
};
};
}

28
configs/mime.nix
View File

@@ -2,32 +2,26 @@
home-manager.users.me = { home-manager.users.me = {
xdg.mimeApps = { xdg.mimeApps = {
enable = true; enable = true;
associations = {
added = {
"x-scheme-handler/tg" = "org.telegram.desktop.desktop";
};
removed = {
};
};
defaultApplications = { defaultApplications = {
"application/epub+zip" = "org.pwmt.zathura.desktop"; "application/epub+zip" = "org.pwmt.zathura.desktop";
"application/pdf" = "org.pwmt.zathura.desktop"; "application/pdf" = "org.pwmt.zathura.desktop";
"application/vnd.oasis.opendocument.text" = "writer.desktop"; "application/vnd.oasis.opendocument.text" = "writer.desktop";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = "writer.desktop"; "application/vnd.openxmlformats-officedocument.wordprocessingml.document" = "writer.desktop";
"image/jpeg" = "nsxiv.desktop"; "image/jpeg" = "sxiv.desktop";
"image/png" = "nsxiv.desktop"; "image/png" = "sxiv.desktop";
"image/vnd.djvu+multipage" = "org.pwmt.zathura.desktop"; "image/vnd.djvu+multipage" = "org.pwmt.zathura.desktop";
"text/html" = "firefox.desktop"; "text/html" = "brave-browser.desktop";
"text/markdown" = "nvim.desktop"; "text/markdown" = "nvim.desktop";
"text/plain" = "nvim.desktop"; "text/plain" = "nvim.desktop";
"x-scheme-handler/about" = "firefox.desktop"; "x-scheme-handler/about" = "brave-browser.desktop";
"x-scheme-handler/http" = "firefox.desktop"; "x-scheme-handler/http" = "brave-browser.desktop";
"x-scheme-handler/https" = "firefox.desktop"; "x-scheme-handler/https" = "brave-browser.desktop";
"x-scheme-handler/mailto" = "firefox.desktop"; "x-scheme-handler/mailto" = "brave-browser.desktop";
"x-scheme-handler/unknown" = "firefox.desktop"; "x-scheme-handler/unknown" = "brave-browser.desktop";
"x-scheme-handler/webcal" = "firefox.desktop"; "x-scheme-handler/webcal" = "brave-browser.desktop";
"x-scheme-handler/tg" = "org.telegram.desktop.desktop"; "inode/directory" = "pcmanfm.desktop";
}; };
}; };
}; };
} }

85
configs/monitoring.nix
View File

@@ -1,85 +0,0 @@
{
config,
pkgs,
...
}: {
services.nginx.virtualHosts.default = {
locations."= /stub_status".extraConfig = "stub_status;";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
nginx.enable = false;
node = {
enable = true;
openFirewall = true;
enabledCollectors = [
"conntrack"
"diskstats"
"entropy"
"filefd"
"filesystem"
"loadavg"
"mdadm"
"meminfo"
"netdev"
"netstat"
"stat"
"time"
"vmstat"
"systemd"
"logind"
"interrupts"
"ksmd"
];
port = 9002;
};
};
};
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${
(pkgs.formats.yaml {}).generate "promtail.yaml" {
server = {
http_listen_port = 28183;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [
{
url = "http://${
if config.networking.hostName == "makanek"
then "127.0.0.1"
else "makanek.r"
}:3100/loki/api/v1/push";
}
];
scrape_configs = [
{
job_name = "journal";
journal = {
max_age = "12h";
labels.job = "systemd-journal";
labels.host = config.networking.hostName;
};
relabel_configs = [
{
source_labels = ["__journal__systemd_unit"];
target_label = "unit";
}
];
}
];
}
}
'';
};
};
}

4
systems/makanek/monitoring/blackbox.nix → configs/monitoring/blackbox.nix
View File

@@ -3,12 +3,12 @@
{ {
modules.http_2xx = { modules.http_2xx = {
http = { http = {
fail_if_not_ssl = false; fail_if_not_ssl = true;
ip_protocol_fallback = false; ip_protocol_fallback = false;
method = "GET"; method = "GET";
no_follow_redirects = false; no_follow_redirects = false;
preferred_ip_protocol = "ip4"; preferred_ip_protocol = "ip4";
valid_http_versions = ["HTTP/1.1" "HTTP/2.0"]; valid_http_versions = [ "HTTP/1.1" "HTTP/2.0" ];
tls_config.insecure_skip_verify = true; tls_config.insecure_skip_verify = true;
}; };
prober = "http"; prober = "http";

60
configs/monitoring/loki.nix Normal file
View File

@@ -0,0 +1,60 @@
{
auth_enabled = false;
server = {
http_listen_port = 3100;
grpc_listen_port = 9096;
};
ingester = {
wal = {
enabled = true;
dir = "/tmp/wal";
};
lifecycler = {
address = "127.0.0.1";
ring = {
kvstore.store = "inmemory";
replication_factor = 1;
};
final_sleep = "0s";
};
chunk_idle_period = "1h"; # Any chunk not receiving new logs in this time will be flushed
max_chunk_age = "1h"; # All chunks will be flushed when they hit this age, default is 1h
chunk_target_size = 1048576; # Loki will attempt to build chunks up to 1.5MB, flushing first if chunk_idle_period or max_chunk_age is reached first
chunk_retain_period = "30s"; # Must be greater than index read cache TTL if using an index cache (Default index read cache TTL is 5m)
max_transfer_retries = 0; # Chunk transfers disabled
};
schema_config.configs = [
{
from = "2020-10-24";
store = "boltdb-shipper";
object_store = "filesystem";
schema = "v11";
index = {
prefix = "index_";
period = "24h";
};
}
];
storage_config = {
boltdb_shipper = {
active_index_directory = "/tmp/loki/boltdb-shipper-active";
cache_location = "/tmp/loki/boltdb-shipper-cache";
cache_ttl = "24h"; # Can be increased for faster performance over longer query periods, uses more disk space
shared_store = "filesystem";
};
filesystem.directory = "/tmp/loki/chunks";
};
compactor = {
working_directory = "/tmp/loki/boltdb-shipper-compactor";
shared_store = "filesystem";
};
limits_config = {
reject_old_samples = true;
reject_old_samples_max_age = "168h";
};
chunk_store_config.max_look_back_period = "0s";
table_manager = {
retention_deletes_enabled = false;
retention_period = "0s";
};
}

229
configs/monitoring/pull.nix Normal file
View File

@@ -0,0 +1,229 @@
{ lib, config, pkgs, ... }:
let
lokiConfig = import ./loki.nix;
blackboxConfig = import ./blackbox.nix;
in
{
services.grafana = {
enable = true;
domain = "grafana.kmein.r";
port = 9444;
addr = "127.0.0.1";
};
services.nginx.virtualHosts.${config.services.grafana.domain} = {
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
proxyWebsockets = true;
};
};
services.prometheus.rules = let diskFreeThreshold = 10; in [(builtins.toJSON {
groups = [{
name = "niveum";
rules = [
{
alert = "ServiceDown";
expr = ''node_systemd_unit_state{state="failed"} == 1'';
annotations = {
summary = "{{$labels.job}}: Service {{$labels.name}} failed to start.";
};
}
{
alert = "RootPartitionFull";
for = "10m";
expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
annotations = {
summary = "{{ $labels.job }}: Filesystem is running out of space soon.";
description = ''The root disk of {{ $labels.job }} has {{ $value | printf "%.2f" }}% free disk space (threshold at ${toString diskFreeThreshold}%).'';
};
}
{
alert = "RootPartitionFullWeek";
for = "1h";
expr = ''node_filesystem_free_bytes{mountpoint="/"} ''
+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
annotations = {
summary = "{{$labels.job}}: Filesystem is running out of space in 7 days.";
};
}
{
alert = "HighLoad";
expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
for = "10m";
annotations = {
summary = "{{$labels.job}}: Running on high load: {{$value}}";
};
}
{
alert = "HighRAM";
expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
for = "1h";
annotations.summary = "{{$labels.job}}: Using lots of RAM.";
}
{
alert = "UptimeMonster";
expr = "time() - node_boot_time_seconds > 2592000";
annotations.summary = "{{$labels.job}}: up for more than 30 days.";
}
{
alert = "HostDown";
expr = ''up == 0'';
for = "5m";
annotations = {
summary = "Host {{ $labels.job }} down for 5 minutes.";
};
}
{
alert = "Reboot";
expr = "time() - node_boot_time_seconds < 300";
annotations.summary = "{{$labels.job}}: Reboot";
}
{
alert = "ProbeFailed";
expr = "probe_success == 0";
for = "5m";
annotations.summary = "{{$labels.instance}}: probe failed";
}
{
alert = "SlowProbe";
expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
for = "5m";
annotations.summary = "{{$labels.instance}}: HTTP probe slow";
}
{
alert = "HttpStatusCode";
expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
for = "5m";
annotations.summary = "{{$labels.instance}}: status code {{$value}}";
}
{
alert = "SslExpirySoon";
expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
for = "5m";
annotations.summary = "{{$labels.instance}}: SSL certificate expires in 30 days";
}
{
alert = "SslExpiry";
expr = "probe_ssl_earliest_cert_expiry - time() <= 0";
for = "5m";
annotations.summary = "{{$labels.instance}}: SSL certificate has expired";
}
];
}];
})];
systemd.services.alertmanager-bot-telegram =
let
alertmanager-bot-telegram = pkgs.buildGoModule rec {
pname = "alertmanager-bot";
version = "2020-07-13";
src = pkgs.fetchFromGitHub {
owner = "metalmatze";
repo = "alertmanager-bot";
rev = "5efc0bbbf8023d4324e9da98562f064a714a7206";
sha256 = "09cciml1j8x76jpm2v5v6h2q6j1fkhsz1kswslmx8wl4wk40xgp4";
};
vendorSha256 = "1v0fgin8dn81b559zz4lqmrl7hikr46g4gb18sci4riql5qs1isj";
postInstall = ''
install -D ./default.tmpl $out/templates/default.tmpl
'';
};
in {
wantedBy = [ "multi-user.target" ];
after = [ "ip-up.target" ];
environment.TELEGRAM_ADMIN = "18980945";
environment.TELEGRAM_TOKEN = lib.strings.fileContents <system-secrets/telegram/prometheus.token>;
serviceConfig = {
DynamicUser = true;
StateDirectory = "alertbot";
ExecStart = ''${alertmanager-bot-telegram}/bin/alertmanager-bot \
--alertmanager.url=http://localhost:9093 --log.level=info \
--store=bolt --bolt.path=/var/lib/alertbot/bot.db \
--listen.addr="0.0.0.0:16320" \
--template.paths=${pkgs.writeText "template.tmpl" ''
{{ define "telegram.default" }}
{{range .Alerts -}}
{{ if eq .Status "firing" }}
<b>{{ index .Annotations "summary"}}</b>
{{ index .Annotations "description" }}
See on Grafana: http://${config.services.grafana.domain}/d/alpUteInz/niveum
{{ else -}}
RESOLVED 😌 <del>{{ index .Annotations "summary"}}</del>
{{- end }}
{{end -}}
{{end}}
''}'';
};
};
services.prometheus.alertmanager = {
enable = true;
listenAddress = "localhost";
configuration = {
route = {
group_wait = "30s";
repeat_interval = "4h";
receiver = "me";
};
receivers = [{
name = "me";
webhook_configs = [{
url = "http://localhost:16320";
send_resolved = true;
}];
}];
};
};
services.prometheus.alertmanagers = [{
scheme = "http";
path_prefix = "/";
static_configs = [ { targets = [ "localhost:9093" ]; } ];
}];
services.prometheus.scrapeConfigs = [
{
job_name = "makanek";
static_configs = [ { targets = [
"127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
]; } ];
}
{
scrape_interval = "5m";
job_name = "blackbox";
metrics_path = "/probe";
params.module = [ "http_2xx" ];
relabel_configs = [
{ source_labels = ["__address__"]; target_label = "__param_target"; }
{ source_labels = ["__param_target"]; target_label = "instance"; }
{ replacement = "127.0.0.1:${toString config.services.prometheus.exporters.blackbox.port}"; target_label = "__address__"; }
];
static_configs = [{
targets = [
"alew.hu-berlin.de"
];
}];
}
{
job_name = "zaatar";
static_configs = [ { targets = [ "zaatar.r:${toString config.services.prometheus.exporters.node.port}" ]; } ];
}
];
services.prometheus.exporters.blackbox = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig;
};
networking.firewall.allowedTCPPorts = [
lokiConfig.server.http_listen_port
];
services.loki = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig;
};
}

75
configs/monitoring/push.nix Normal file
View File

@@ -0,0 +1,75 @@
{ config, pkgs, ... }:
{
services.nginx.virtualHosts.default = {
locations."= /stub_status".extraConfig = "stub_status;";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
nginx.enable = false;
node = {
enable = true;
enabledCollectors = [
"conntrack"
"diskstats"
"entropy"
"filefd"
"filesystem"
"loadavg"
"mdadm"
"meminfo"
"netdev"
"netstat"
"stat"
"time"
"vmstat"
"systemd"
"logind"
"interrupts"
"ksmd"
];
port = 9002;
};
};
};
networking.firewall.allowedTCPPorts = [ config.services.prometheus.exporters.node.port ];
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${(pkgs.formats.yaml {}).generate "promtail.yaml" {
server = {
http_listen_port = 28183;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [
{ url = "http://${if config.networking.hostName == "makanek" then "127.0.0.1" else "makanek.r"}:3100/loki/api/v1/push"; }
];
scrape_configs = [
{
job_name = "journal";
journal = {
max_age = "12h";
labels.job = "systemd-journal";
labels.host = config.networking.hostName;
};
relabel_configs = [
{
source_labels = [ "__journal__systemd_unit" ];
target_label = "unit";
}
];
}
];
}}
'';
};
};
}

31
configs/moodle-dl/borsfaye.nix Normal file
View File

@@ -0,0 +1,31 @@
{ config, pkgs, lib, ... }:
let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old: old // {
patches = [ <niveum/packages/moodle-dl/telegram-format.patch> ];
});
in
{
containers.moodle-dl-borsfaye = {
autoStart = true;
config = { lib, pkgs, ...}: {
imports = [ <niveum/modules/moodle-dl.nix> ];
services.moodle-dl = {
enable = true;
startAt = "hourly";
package = moodle-dl-package;
notifyOnly = true;
settings = {
telegram = {
token = lib.strings.fileContents <system-secrets/telegram/moodle-dl.token>;
chat_id = "311425510";
send_error_msg = false;
};
token = lib.strings.fileContents <system-secrets/moodle-dl/faye.token>;
moodle_domain = "moodle.hu-berlin.de";
moodle_path = "/";
};
};
};
};
}

81
systems/zaatar/moodle-dl-meinhark.nix → configs/moodle-dl/meinhark.nix
View File

@@ -1,42 +1,23 @@
{ config, pkgs, lib, ... }:
let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old: old // {
patches = [ <niveum/packages/moodle-dl/telegram-format.patch> ];
});
in
{ {
config, imports = [ <niveum/modules/moodle-dl.nix> ];
pkgs,
lib,
...
}: let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old:
old
// {
# patches = [../../packages/moodle-dl/telegram-format.patch]; TODO?
});
in {
age.secrets = {
/*
moodle-dl-tokens = {
file = ../../secrets/zaatar-moodle-dl-tokens.json.age;
owner = "moodle-dl";
group = "moodle-dl";
mode = "400";
};
*/
moodle-dl-basicAuth = {
file = ../../secrets/zaatar-moodle-dl-basicAuth.age;
owner = "nginx";
group = "nginx";
mode = "400";
};
};
services.moodle-dl = { services.moodle-dl = {
enable = false; enable = true;
startAt = "hourly"; startAt = "hourly";
package = moodle-dl-package; package = moodle-dl-package;
tokensFile = config.age.secrets.moodle-dl-tokens.path;
settings = { settings = {
telegram = { telegram = {
token = lib.strings.fileContents <system-secrets/telegram/moodle-dl.token>;
chat_id = "18980945"; chat_id = "18980945";
send_error_msg = false; send_error_msg = false;
}; };
token = lib.strings.fileContents <system-secrets/moodle.token>;
moodle_domain = "moodle.hu-berlin.de"; moodle_domain = "moodle.hu-berlin.de";
moodle_path = "/"; moodle_path = "/";
download_course_ids = [ download_course_ids = [
@@ -83,30 +64,6 @@ in {
108283 # Digital Classicist 108283 # Digital Classicist
109211 # Altlitauisch 109211 # Altlitauisch
109185 # Etymologie 109185 # Etymologie
# SS 2022
112606 # Avestisch
111761 # Griechische Wissenschaftsliteratur
111515 # H. Furens
110914 # Apostelgeschichte
112225 # Gr. Paläographie
113275 # ALEW
112783 # Akzent und Silbenstruktur
113493 # Papyrologie
# WS 2022
115414 # Nonnos
116108 # Dialektologie
# SS 2023
117967 # Archaische Lyrik
119658 # Dyskolos
118963 # Antike Biographie
92668 # Taa
120671 # Jiddisch
120720 # Sorbisch
118076 # X-Tutorial
120631 # Predigten
]; ];
download_submissions = true; download_submissions = true;
download_descriptions = true; download_descriptions = true;
@@ -120,15 +77,17 @@ in {
fileSystems."/export/moodle" = { fileSystems."/export/moodle" = {
device = config.services.moodle-dl.directory; device = config.services.moodle-dl.directory;
options = ["bind"]; options = [ "bind" ];
}; };
networking.firewall.allowedTCPPorts = [2049]; networking.firewall.allowedTCPPorts = [ 2049 ];
services.nginx.enable = true; services.nginx.virtualHosts."moodle.kmein.r" =
let
services.nginx.virtualHosts."moodle.kmein.r" = { identity = lib.strings.fileContents <secrets/eduroam/identity>;
basicAuthFile = config.age.secrets.moodle-dl-basicAuth.path; password = lib.strings.fileContents <secrets/eduroam/password>;
in {
basicAuth."${identity}" = password;
locations."/" = { locations."/" = {
root = config.services.moodle-dl.directory; root = config.services.moodle-dl.directory;
extraConfig = '' extraConfig = ''
@@ -140,9 +99,7 @@ in {
services.nfs.server = { services.nfs.server = {
enable = true; enable = true;
exports = let exports = let machines = with (import <niveum/lib>).retiolumAddresses; [kabsa manakish]; in ''
machines = with (import ../../lib).retiolumAddresses; [kabsa manakish];
in ''
/export ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(fsid=0)") machines} /export ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(fsid=0)") machines}
/export/moodle ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(insecure,rw)") machines} /export/moodle ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(insecure,rw)") machines}
''; '';

25
configs/mpv.nix
View File

@@ -1,29 +1,15 @@
{ { pkgs, lib, ... }: let
pkgs, swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
lib, nixpkgs-unstable = import <nixpkgs-unstable> { config.allowUnfree = true; };
config,
niveumPackages,
...
}: let
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
in { in {
environment.shellAliases.smpv = swallow "mpv"; environment.shellAliases.smpv = swallow "mpv";
nixpkgs.overlays = [
(self: super: {
mpv = config.home-manager.users.me.programs.mpv.finalPackage;
})
];
home-manager.users.me = { home-manager.users.me = {
programs.mpv = { programs.mpv = {
enable = true; enable = true;
config = { config = {
ytdl-format = "bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best"; ytdl-raw-options = lib.concatStringsSep "," [ ''sub-lang="de,en"'' "write-sub=" "write-auto-sub=" ];
ytdl-raw-options = lib.concatStringsSep "," [''sub-lang="de,en"'' "write-sub=" "write-auto-sub="];
screenshot-template = "%F-%wH%wM%wS-%#04n"; screenshot-template = "%F-%wH%wM%wS-%#04n";
script-opts = "ytdl_hook-ytdl_path=${pkgs.yt-dlp}/bin/yt-dlp";
ao = "pulse"; # no pipewire for me :(
}; };
bindings = { bindings = {
"Alt+RIGHT" = "add video-rotate 90"; "Alt+RIGHT" = "add video-rotate 90";
@@ -36,8 +22,7 @@ in {
"Alt+j" = "add video-pan-y -0.05"; "Alt+j" = "add video-pan-y -0.05";
}; };
scripts = [ scripts = [
pkgs.mpvScripts.quality-menu nixpkgs-unstable.mpvScripts.youtube-quality
niveumPackages.mpv-visualizer
]; ];
}; };
}; };

38
configs/names.nix Normal file
View File

@@ -0,0 +1,38 @@
{ pkgs, lib, ... }:
let
port = 5703;
geogen = (pkgs.fetchFromGitHub {
owner = "kmein";
repo = "scripts";
rev = "8945430f27a8c6fd632dd35382cb094abe3543ff";
sha256 = "1djyxkynypxsrmdf6idgjszqpcgqyq607rrsvl58p2bpymmwibzb";
}) + "/onomastics";
inherit (pkgs.callPackage geogen {}) dependencyEnv;
in
{
systemd.services.names = {
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "Better clone of geogen.stoepel.net";
serviceConfig = {
DynamicUser = true;
};
script = ''
cd $(mktemp -d)
ln -s "${geogen}/wsgi.py" wsgi.py
${dependencyEnv}/bin/gunicorn wsgi:app -b :${toString port}
'';
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."names.kmein.r" = {
locations."/".proxyPass = "http://127.0.0.1:${toString port}";
};
}

10
configs/nano.nix Normal file
View File

@@ -0,0 +1,10 @@
{
programs.nano.nanorc = ''
set autoindent
set boldtext
set morespace
set smarthome
set tabsize 4
set tabstospaces
'';
}

248
configs/neomutt.nix Normal file
View File

@@ -0,0 +1,248 @@
{ pkgs, lib, ... }:
let
mainMailbox = "posteo";
accounts.uni = {
user = "meinhark";
password = lib.strings.fileContents <secrets/eduroam/password>;
address = "kieran.felix.meinhardt@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.uni-old = {
user = "meinhark";
password = lib.strings.fileContents <secrets/eduroam/password>;
address = "meinhark@informatik.hu-berlin.de";
imap = "mailbox.informatik.hu-berlin.de";
smtp = "mailhost.informatik.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.work-uni = {
user = "meinhaki";
password = lib.strings.fileContents <secrets/mail/meinhaki>;
address = "kieran.meinhardt@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.work-fysi = rec {
user = "kieran@fysi.tech";
address = user;
password = lib.strings.fileContents <secrets/mail/fastmail>;
imap = "imap.fastmail.com";
smtp = "smtp.fastmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.cock = rec {
user = "2210@cock.li";
address = user;
password = lib.strings.fileContents <secrets/mail/cock>;
imap = "mail.cock.li";
smtp = imap;
smtpSettings = smtp: "smtp://${smtp}:587";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts."${mainMailbox}" = rec {
user = "kieran.meinhardt@posteo.net";
address = user;
password = lib.strings.fileContents <secrets/mail/posteo>;
imap = "posteo.de";
smtp = imap;
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.google-amro = rec {
user = "amroplay@gmail.com";
address = user;
password = lib.strings.fileContents <secrets/mail/gmail/amroplay>;
imap = "imap.gmail.com";
smtp = "smtp.gmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "[Gmail]/Drafts";
sent = "[Gmail]/Sent Mail";
trash = "[Gmail]/Bin";
};
};
accounts.google-kieran = rec {
user = "kieran.meinhardt@gmail.com";
address = user;
password = lib.strings.fileContents <secrets/mail/gmail/kieran.meinhardt>;
imap = "imap.gmail.com";
smtp = "smtp.gmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "[Gmail]/Entwürfe";
sent = "[Gmail]/Gesendet";
trash = "[Gmail]/Papierkorb";
};
};
in
{
environment.systemPackages = [ pkgs.neomutt ];
environment.shellAliases.mua = "${pkgs.neomutt}/bin/neomutt -f ${mainMailbox}";
home-manager.users.me.xdg.configFile."neomutt/neomuttrc".text = ''
set mailcap_path = ${pkgs.writeText "mailcap" ''
text/plain; $EDITOR %s ;
text/html; ${pkgs.lynx}/bin/lynx -assume_charset=%{charset} -display_charset=utf-8 -dump %s; nametemplate=%s.html; copiousoutput;
image/*; ${pkgs.sxiv}/bin/sxiv %s ;
video/*; ${pkgs.utillinux}/bin/setsid ${pkgs.mpv}/bin/mpv --quiet %s &; copiousoutput
audio/*; ${pkgs.mpv}/bin/mpv %s ;
application/pdf; ${pkgs.zathura}/bin/zathura %s ;
application/pgp-encrypted; ${pkgs.gnupg}/bin/gpg -d '%s'; copiousoutput;
application/pgp-keys; ${pkgs.gnupg}/bin/gpg --import '%s'; copiousoutput;
''}:$mailcap_path
set sidebar_visible
set sidebar_format = "%D%?F? [%F]?%* %?N?%N/?%S"
set sidebar_width = 25 # Plenty of space
set sidebar_divider_char = '' # Pretty line-drawing character
set mail_check_stats
set index_format="%2C %Z %D %-15.15L %s"
set date_format="%F %R"
set sort = 'reverse-date'
set sleep_time = 0 # Pause 0 seconds for informational messages
set markers = no # Disables the `+` displayed at line wraps
set mark_old = no # Unread mail stay unread until read
set wait_key = no # mutt won't ask "press key to continue"
set fast_reply # skip to compose when replying
set forward_format = "Fwd: %s" # format of subject when forwarding
set reverse_name # reply as whomever it was to
set include=ask-no # don't include message in replies
auto_view text/html # automatically show html (mailcap uses lynx)
auto_view application/pgp-encrypted
alternative_order text/plain text/enriched text/html
set abort_noattach abort_noattach_regex="\<(attach|attached|attachments?|anbei|Anhang|angehängt)\>"
set attach_save_dir=/tmp
set fast_reply
set narrow_tree # narrow threads for more depth
bind index,pager B sidebar-toggle-visible # Use 'B' to switch the Sidebar on and off
bind index,pager \Ck sidebar-prev
bind index,pager \Cj sidebar-next
bind index,pager \Co sidebar-open
bind index,pager \Cp sidebar-prev-new
bind index,pager \Cn sidebar-next-new
macro index * <limit>~F\r
macro index + <limit>all\r
set query_command = "khard email --parsable %s"
bind editor <Tab> complete-query
bind editor ^T complete
set mail_check = 90
set timeout = 15
# set imap_check_subscribed
set use_from
set header_cache="~/.cache/mutt" message_cachedir="~/.cache/mutt"
source ${pkgs.writeText "accounts.neomuttrc" ''
set realname = "Kierán Meinhardt"
account-hook . 'unset imap_user imap_pass smtp_user smtp_pass'
# set accordingly: postponed trash record
${lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: let imapRoot = "imaps://${account.user}@${account.imap}"; in ''
account-hook ${account.user}@${account.imap} 'set imap_user="${account.user}" imap_pass="${account.password}"'
account-hook ${account.user}@${account.smtp} 'set smtp_user="${account.user}" smtp_pass="${account.password}"'
folder-hook ${account.user}@${account.imap} 'set smtp_url="${account.smtpSettings "${account.user}@${account.smtp}"}" from="${account.address}" record="${imapRoot}/${account.folders.sent}" postponed="${imapRoot}/${account.folders.drafts}" trash="${imapRoot}/${account.folders.trash}"'
named-mailboxes "${name}" "${imapRoot}" "${name}" "${imapRoot}/${account.folders.sent}"
'') accounts)}
''}
set spoolfile="${mainMailbox}"
source ${pkgs.writeText "colors.neomuttrc" ''
# Default index colors:
color index_number blue default
color index red default '.*'
color index_flags lightcyan default '.*'
color index_author yellow default '.*'
color index_subject lightblack default '.*'
# New mail is boldened:
color index_author lightyellow black "~N"
color index_subject lightwhite black "~N"
# Flagged mail is highlighted:
color index_flags lightmagenta default '~F'
# Other colors and aesthetic settings:
mono bold bold
mono underline underline
mono error bold
mono indicator reverse
# color sidebar_flagged red black
mono sidebar_new bold
color error red default
color message cyan default
color search brightmagenta default
color hdrdefault lightblack default
color quoted green default
color quoted1 blue default
color quoted2 cyan default
color quoted3 yellow default
color quoted4 red default
color quoted5 brightred default
color signature lightblack default
color tree color235 default
# Regex highlighting:
color header red default "^(Date)"
color header yellow default "^(From)"
color header white default "^(B?CC)"
color header brightwhite default "^(Subject)"
color body cyan default "[\-\.+_a-zA-Z0-9]+@[\-\.a-zA-Z0-9]+" # Email addresses
color body brightblue default "(https?|ftp)://[\-\.,/%~_:?&=\#a-zA-Z0-9]+" # URL
color body yellow default "^(\t| )*(-|\\*) \.*" # List items as yellow
color body red default "(BAD signature)|^gpg: BAD signature from.*"
color body brightgreen default "(Good signature)|^gpg: Good signature .*"
color body brightyellow default "^gpg: "
mono body bold "^gpg: Good signature"
mono body bold "^gpg: BAD signature from.*"
color body red default "([a-z][a-z0-9+-]*://(((([a-z0-9_.!~*'();:&=+$,-]|%[0-9a-f][0-9a-f])*@)?((([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?|[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+)(:[0-9]+)?)|([a-z0-9_.!~*'()$,;:@&=+-]|%[0-9a-f][0-9a-f])+)(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?(#([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?|(www|ftp)\\.(([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?(:[0-9]+)?(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?(#([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?)[^].,:;!)? \t\r\n<>\"]"
''}
'';
}

90
configs/neovim.nix
View File

@@ -1,40 +1,74 @@
{ { pkgs, ... }: {
pkgs,
niveumPackages,
...
}: {
environment.variables.EDITOR = pkgs.lib.mkForce "nvim"; environment.variables.EDITOR = pkgs.lib.mkForce "nvim";
environment.shellAliases.vi = "nvim"; environment.shellAliases.vi = "nvim";
environment.shellAliases.vim = "nvim"; environment.shellAliases.vim = "nvim";
environment.shellAliases.view = "nvim -R"; environment.shellAliases.view = "nvim -R";
home-manager.users.me = { nixpkgs.config.packageOverrides = pkgs: {
editorconfig = { vimPlugins = pkgs.vimPlugins // {
enable = true; cheat-sh-vim = pkgs.callPackage <niveum/packages/vimPlugins/cheat-sh.nix> { };
settings = { vim-fetch = pkgs.callPackage <niveum/packages/vimPlugins/vim-fetch.nix> { };
"*" = { vim-colors-paramount = pkgs.callPackage <niveum/packages/vimPlugins/vim-colors-paramount.nix> { };
charset = "utf-8"; vim-256noir = pkgs.callPackage <niveum/packages/vimPlugins/vim-256noir.nix> { };
end_of_line = "lf"; icalendar-vim = pkgs.callPackage <niveum/packages/vimPlugins/icalendar-vim.nix> { };
trim_trailing_whitespace = true; jq-vim = pkgs.callPackage <niveum/packages/vimPlugins/jq-vim.nix> { };
insert_final_newline = true; vim-fsharp = pkgs.callPackage <niveum/packages/vimPlugins/vim-fsharp.nix> { };
indent_style = "space"; vim-reason-plus = pkgs.callPackage <niveum/packages/vimPlugins/vim-reason-plus.nix> { };
indent_size = 2; vim-mail = pkgs.callPackage <niveum/packages/vimPlugins/vim-mail.nix> { };
};
"*.py" = {
indent_size = 4;
};
Makefile = {
indent_style = "tab";
};
"*.md" = {
trim_trailing_whitespace = false;
};
};
}; };
}; };
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'') (pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
niveumPackages.vim (pkgs.neovim.override {
configure = {
customRC = builtins.readFile <niveum/lib/vim/init.vim>;
packages.nvim = with pkgs.vimPlugins; {
start = [
ale
fzf-vim
fzfWrapper
supertab
undotree
tabular
vimwiki
vim-colors-paramount
vim-commentary
vim-css-color
vim-eunuch
vim-fetch
vim-fugitive
vim-gitgutter
vim-repeat
vim-sensible
vim-surround
];
opt = [
csv
dhall-vim
elm-vim
emmet-vim
haskell-vim
icalendar-vim
idris-vim
nim-vim
jq-vim
purescript-vim
rust-vim
typescript-vim
vim-fsharp
vim-javascript
vim-ledger
vim-nix
vim-reason-plus
vim-toml
vimtex
vim-pandoc
vim-pandoc-syntax # vim-pandoc-after
vim-256noir
];
};
};
})
]; ];
} }

106
configs/networkmanager.nix
View File

@@ -1,25 +1,21 @@
{ { lib, pkgs, ... }:
lib, let
pkgs, autowifi = pkgs.writers.writePython3Bin "autowifi" { flakeIgnore = [ "E501" ]; } <stockholm/lass/5pkgs/autowifi/autowifi.py>;
... profile = name: custom: lib.recursiveUpdate {
}: let connection.id = name;
profile = name: custom: connection.type = "wifi";
lib.recursiveUpdate { connection.interface-name = "wlp3s0";
connection.id = name; connection.permissions = "";
connection.type = "wifi"; wifi.mac-address-blacklist = "";
connection.interface-name = "wlp3s0"; wifi.ssid = name;
connection.permissions = ""; wifi.mode = "infrastructure";
wifi.mac-address-blacklist = ""; ipv4.dns-search = "";
wifi.ssid = name; ipv4.method = "auto";
wifi.mode = "infrastructure"; ipv6.addr-gen-mode = "stable-privacy";
ipv4.dns-search = ""; ipv6.dns-search = "";
ipv4.method = "auto"; ipv6.method = "auto";
ipv6.addr-gen-mode = "stable-privacy"; proxy = {};
ipv6.dns-search = ""; } custom;
ipv6.method = "auto";
proxy = {};
}
custom;
eduroamProfile = { eduroamProfile = {
connection.uuid = "eae9fee6-a7d2-4120-a609-440b457d6fcf"; connection.uuid = "eae9fee6-a7d2-4120-a609-440b457d6fcf";
wifi-security = { wifi-security = {
@@ -41,26 +37,64 @@
phase2-auth = "pap"; phase2-auth = "pap";
}; };
}; };
in { in
programs.nm-applet.enable = true; {
imports = [ ../modules/networkmanager-declarative.nix ];
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
plugins = [
pkgs.networkmanager-openvpn
pkgs.networkmanager-fortisslvpn
];
wifi.macAddress = "random"; wifi.macAddress = "random";
ethernet.macAddress = "random"; ethernet.macAddress = "random";
unmanaged = ["docker*"]; unmanaged = [ "docker*" ];
profiles = lib.mapAttrs profile {
Aether = {
connection.uuid = "7138bb0f-1aeb-4905-890e-a6628427aa21";
ipv6.addr-gen-mode = "stable";
wifi.cloned-mac-address = "stable";
wifi-security = {
psk = lib.strings.fileContents <secrets/wifi/Aether.psk>;
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
FactoryCommunityGuest = {
connection.uuid = "fb1f2e52-651e-48b5-a72c-1accddf31afb";
connection.timestamp = "1631885129";
wifi.seen-bssids = "54:EC:2F:19:30:DC;54:EC:2F:19:5C:9C;54:EC:2F:58:E4:3C;";
wifi-security = {
psk = "Factory4ever";
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
o2-WLAN66 = {
connection.uuid = "c563aec3-f344-4ffb-8d1c-60a6cdac8fe0";
wifi-security = {
psk = "PK3468KV488T934U";
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
"WIFI@DB".connection.uuid = "4eff4e94-8850-4e9f-a338-1787d0d90479";
eduroam = eduroamProfile;
eduroam_5GHz = eduroamProfile;
};
}; };
users.users.me.extraGroups = ["networkmanager"]; users.users.me.extraGroups = [ "networkmanager" ];
environment.systemPackages = [ systemd.services.autowifi = {
pkgs.speedtest-cli enable = false;
pkgs.networkmanager-openvpn description = "Automatic wifi connector";
pkgs.networkmanagerapplet wantedBy = [ "multi-user.target" ];
pkgs.networkmanager-fortisslvpn path = [ pkgs.networkmanager ];
]; serviceConfig = {
Type = "simple";
Restart = "always";
RestartSec = "10s";
ExecStart = "${autowifi}/bin/autowifi";
};
};
environment.systemPackages = [ pkgs.speedtest-cli ];
} }

83
configs/newsboat.nix
View File

@@ -1,40 +1,15 @@
{ { pkgs, config, ... }:
pkgs, let
config,
lib,
...
}: let
ytdl-format = "'bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best'"; ytdl-format = "'bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best'";
youtube-download = "${pkgs.ts}/bin/ts ${pkgs.yt-dlp}/bin/yt-dlp -f ${ytdl-format} --add-metadata"; youtube-download = "${pkgs.ts}/bin/ts ${pkgs.youtube-dl}/bin/youtube-dl -f ${ytdl-format} --add-metadata";
newsboat-home = "${config.users.users.me.home}/cloud/Seafile/Documents/newsboat"; newsboat-home =
linkhandler = pkgs.writers.writeDash "linkhandler" '' "${config.users.users.me.home}/cloud/Seafile/Documents/newsboat";
# Feed script a url or file location. linkhandler-bin = "${pkgs.scripts.linkhandler}/bin/linkhandler";
# If an image, it will view in sxiv,
# if a video or gif, it will view in mpv
# if a music file or pdf, it will download,
# otherwise it opens link in browser.
# If no url given. Opens browser. For using script as $BROWSER.
[ -z "$1" ] && { "$BROWSER"; exit; }
case "$1" in
*mkv|*webm|*mp4|*youtube.com/watch*|*youtube.com/playlist*|*youtu.be*|*bitchute.com*|*videos.lukesmith.xyz*|*odysee.com*)
setsid -f ${pkgs.mpv}/bin/mpv -quiet "$1" >/dev/null 2>&1 ;;
*png|*jpg|*jpe|*jpeg|*gif)
curl -sL "$1" > "/tmp/$(echo "$1" | sed "s/.*\///")" && sxiv -a "/tmp/$(echo "$1" | sed "s/.*\///")" >/dev/null 2>&1 & ;;
*mp3|*flac|*opus|*mp3?source*)
setsid -f tsp curl -LO "$1" >/dev/null 2>&1 ;;
*)
if [ -f "$1" ]; then "$TERMINAL" -e "$EDITOR" "$1"
else setsid -f "$BROWSER" "$1" >/dev/null 2>&1; fi ;;
esac
'';
newsboat-config = pkgs.writeText "config" '' newsboat-config = pkgs.writeText "config" ''
auto-reload no auto-reload no
reload-threads 8
prepopulate-query-feeds yes prepopulate-query-feeds yes
# dont keep a search history # dont keep a search history
@@ -44,12 +19,12 @@
text-width 85 text-width 85
external-url-viewer "${pkgs.urlscan}/bin/urlscan -dc -r '${linkhandler} {}'" external-url-viewer "${pkgs.urlscan}/bin/urlscan -dc -r '${linkhandler-bin} {}'"
browser ${linkhandler} browser ${linkhandler-bin}
macro , open-in-browser macro , open-in-browser
macro c set browser "${pkgs.xsel}/bin/xsel -b <<<" ; open-in-browser ; set browser ${linkhandler} macro c set browser "${pkgs.xsel}/bin/xsel -b <<<" ; open-in-browser ; set browser ${linkhandler-bin}
macro v set browser "${pkgs.util-linux}/bin/setsid -f ${pkgs.mpv}/bin/mpv" ; open-in-browser ; set browser ${linkhandler} macro v set browser "${pkgs.utillinux}/bin/setsid -f ${pkgs.mpv}/bin/mpv" ; open-in-browser ; set browser ${linkhandler-bin}
macro y set browser "${youtube-download}" ; open-in-browser ; set browser ${linkhandler} macro y set browser "${youtube-download}" ; open-in-browser ; set browser ${linkhandler-bin}
bind-key j down bind-key j down
bind-key k up bind-key k up
@@ -73,7 +48,7 @@
save-path ${newsboat-home}/saved/ save-path ${newsboat-home}/saved/
highlight all "---.*---" yellow default highlight all "---.*---" yellow default
# highlight feedlist ".*(0/0))" default default highlight feedlist ".*(0/0))" black default
highlight article "^Title:.*" yellow default bold highlight article "^Title:.*" yellow default bold
highlight article "^Author:.*" yellow default highlight article "^Author:.*" yellow default
highlight article "^Flags:.*" red default highlight article "^Flags:.*" red default
@@ -81,37 +56,25 @@
highlight article "\\[image [0-9][0-9]*\\]" color109 default bold highlight article "\\[image [0-9][0-9]*\\]" color109 default bold
highlight article "\\[embedded flash: [0-9][0-9]*\\]" color66 default bold highlight article "\\[embedded flash: [0-9][0-9]*\\]" color66 default bold
color background white default
color listnormal white default
color listnormal_unread white default bold
color listfocus blue default color listfocus blue default
color listfocus_unread blue default bold color listfocus_unread blue default bold
color info red default bold color info red default bold
color article white default
urls-source "miniflux"
miniflux-url "https://feed.kmein.de"
miniflux-login "kfm"
miniflux-password "${lib.strings.fileContents <secrets/miniflux/password>}"
''; '';
newsboat-sql = "${pkgs.sqlite}/bin/sqlite3 ${newsboat-home}/cache.db";
in { in {
nixpkgs.config.packageOverrides = pkgs: {
newsboat = pkgs.writers.writeDashBin "newsboat" ''
${pkgs.newsboat}/bin/newsboat -C ${newsboat-config} -c ${newsboat-home}/cache.db -u ${newsboat-home}/urls "$@"
'';
};
environment.systemPackages = [ environment.systemPackages = [
pkgs.newsboat pkgs.newsboat
(pkgs.writers.writeDashBin "newsboat-unread-count" ''
if [ -f ${newsboat-home}/cache.db.lock ]; then
${pkgs.jq}/bin/jq -n '{state: "Info", text: "", icon: "rss"}'
else
${pkgs.jq}/bin/jq -n \
--argjson unread "$(${newsboat-sql} "SELECT COUNT(DISTINCT id) FROM rss_item WHERE unread=1")" \
--argjson watchLater "$(${newsboat-sql} "SELECT COUNT(DISTINCT id) FROM rss_item WHERE flags='e' AND deleted=0")" \
'{
state: (if $unread > 0 then "Good" else "Idle" end),
text: (if $unread > 0 then "\($unread)" else "[\($watchLater)]" end),
icon: "rss"
}'
fi
'')
(pkgs.writers.writeDashBin "mpv-watch-later" '' (pkgs.writers.writeDashBin "mpv-watch-later" ''
${newsboat-sql} "SELECT url FROM rss_item WHERE flags='e' AND deleted=0 ORDER BY pubDate DESC" \ ${pkgs.sqlite}/bin/sqlite3 ${newsboat-home}/cache.db "SELECT url FROM rss_item WHERE flags='e' AND deleted=0 ORDER BY pubDate DESC" \
| ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv
'') '')
]; ];

56
configs/nextcloud.nix Normal file
View File

@@ -0,0 +1,56 @@
{ pkgs, lib, ... }:
let
passwordFile = path: toString (pkgs.writeText "password" (lib.strings.fileContents path));
inherit (import <niveum/lib>) localAddresses;
in
{
services.nextcloud = {
enable = true;
package = pkgs.nextcloud22;
https = true;
autoUpdateApps = {
enable = true;
startAt = "05:00:00";
};
hostName = "cloud.xn--kiern-0qa.de";
config = {
overwriteProtocol = "https";
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud";
dbpassFile = passwordFile <system-secrets/nextcloud/database>;
adminpassFile = passwordFile <system-secrets/nextcloud/admin>;
adminuser = "admin";
# extraTrustedDomains = [ "toum.r" ];
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{
name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}
];
};
services.nginx.virtualHosts."cloud.xn--kiern-0qa.de" = {
enableACME = true;
forceSSL = true;
};
# Ensure that postgres is running before running the setup
systemd.services."nextcloud-setup" = {
requires = ["postgresql.service"];
after = ["postgresql.service"];
};
}

10
configs/nix.nix
View File

@@ -1,14 +1,8 @@
{ pkgs, ... }:
{ {
pkgs, # enable `nix flake`
inputs,
...
}: {
nixpkgs = {
config.allowUnfree = true;
};
nix = { nix = {
package = pkgs.nixFlakes; package = pkgs.nixFlakes;
extraOptions = "experimental-features = nix-command flakes"; extraOptions = "experimental-features = nix-command flakes";
nixPath = ["nixpkgs=${inputs.nixpkgs}"];
}; };
} }

9
configs/openweathermap.nix
View File

@@ -1,8 +1,5 @@
{ { pkgs, lib, ... }:
pkgs, let
lib,
...
}: let
openweathermap-repo = pkgs.fetchFromGitHub { openweathermap-repo = pkgs.fetchFromGitHub {
owner = "ip1981"; owner = "ip1981";
repo = "openweathermap"; repo = "openweathermap";
@@ -18,5 +15,5 @@ in {
''; '';
}; };
environment.systemPackages = [pkgs.weather]; environment.systemPackages = [ pkgs.weather ];
} }

305
configs/packages.nix
View File

@@ -1,305 +0,0 @@
{
config,
pkgs,
lib,
inputs,
niveumPackages,
unstablePackages,
...
}: let
worldradio = pkgs.callPackage ../packages/worldradio.nix {};
externalNetwork = import ../lib/external-network.nix;
zoteroStyle = {
name,
sha256,
}: {
name = "${name}.csl";
path = pkgs.fetchurl {
url = "https://www.zotero.org/styles/${name}";
inherit sha256;
};
};
cslDirectory = pkgs.linkFarm "citation-styles" [
(zoteroStyle {
name = "chicago-author-date-de";
sha256 = "sha256-ddMYk4A9DJQhx9ldkmF7PhwKuc7wUSr26uHHGAze9Ps=";
})
(zoteroStyle {
name = "din-1505-2";
sha256 = "sha256-bXZbB850fek8J6wMVFL32ndI7F4wiKKr1qUC71ezreE=";
})
(zoteroStyle {
name = "apa";
sha256 = "sha256-sUf0Ov5c9aTUoLsYSRbQl3Qs9ELkb5/Tky35kH7pKuE=";
})
];
astrolog = pkgs.astrolog.overrideAttrs (old:
old
// {
installPhase = ''
${old.installPhase}
# set sensible defaults
sed -i '
/^-z /s/8:00W/1:00E/ # timezone
/^-zl /s/122W19:59 47N36:35/13E22:42 52N27:42/ # default location
/^-zj /s/"Current moment now"/Now/ # default name
/^-zj /s/"Seattle, WA, USA"/Berlin/ # default location
/^_k/s/_k/=k/ # use color
/^_Yd/s/_Yd/=Yd/ # sensible date format
/^_Yt/s/_Yt/=Yt/ # sensible time format
/^_Yv/s/_Yv/=Yv/ # sensible length format
/^:Xbw/s/:Xbw/:Xbn/ # set X11 bitmap format
/^:I /s/80/120/ # wider text output
' $out/astrolog/astrolog.as
'';
});
in {
home-manager.users.me.home.file = {
".csl".source = cslDirectory;
".local/share/pandoc/csl".source = cslDirectory; # as of pandoc 2.11, it includes citeproc
};
environment.systemPackages = with pkgs; [
# INTERNET
aria2
firefox
tdesktop
gomuks
whois
dnsutils
# FILE MANAGERS
lf
pcmanfm
# MEDIA
ffmpeg
imagemagick
exiftool
nsxiv
graphviz
# SHELL
bat # better cat
dos2unix
genpass # generate passwords
(pkgs.writers.writeDashBin "genpassphrase" ''${pkgs.genpass}/bin/genpass --passphrase | ${pkgs.gnused}/bin/sed 's/ /-/g;s/\(^\|-\)\([a-z]\)/\1\U\2/g;s/$/-'$(${pkgs.coreutils}/bin/date +%Y)'/' '')
gcc
python3Packages.jsonschema # json validation
pup # html toolkit
htmlq
xsv # csv toolkit
man-pages
man-pages-posix
exfat # to mount windows drives
# HARDWARE TOOLS
gnome.gnome-disk-utility
arandr # xrandr for noobs
libnotify # for notify-send
xclip # clipboard CLI
xdragon # drag and drop
xorg.xkill # kill by clicking
audacity
calibre
electrum
inkscape
krita
gthumb
astrolog
obsidian
lemmeknow # identify strings
aichat # chat with llms
anki-bin # flashcards
jbofihe # lojbanic software
unstablePackages.zoom-us # video conferencing
unstablePackages.weechat
(pkgs.writers.writeDashBin "im" ''
weechat_password=$(${pkgs.pass}/bin/pass weechat)
exec ${unstablePackages.weechat}/bin/weechat -t -r '/mouse enable; /remote add makanek http://${externalNetwork.makanek}:8002 -password='"$weechat_password"'; /remote connect makanek'
'')
alejandra # nix formatter
pdfgrep # search in pdf
pdftk # pdf toolkit
mupdf
poppler_utils # pdf toolkit
okular # the word is nucular
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
niveumPackages.hc # print files as qr codes
yt-dlp
espeak
rink # unit converter
niveumPackages.auc
niveumPackages.cheat-sh
niveumPackages.polyglot
niveumPackages.qrpaste
niveumPackages.ttspaste
niveumPackages.new-mac # get a new mac address
niveumPackages.scanned
niveumPackages.default-gateway
niveumPackages.kirciuoklis
niveumPackages.image-convert-favicon
niveumPackages.heuretes
niveumPackages.ipa # XSAMPA to IPA converter
niveumPackages.pls
niveumPackages.mpv-tv
niveumPackages.mpv-iptv
jellyfin-media-player
niveumPackages.devanagari
niveumPackages.betacode # ancient greek betacode to unicode converter
niveumPackages.meteo
niveumPackages.mahlzeit
niveumPackages.jq-lsp
niveumPackages.swallow # window swallowing
niveumPackages.literature-quote
niveumPackages.booksplit
niveumPackages.dmenu-randr
niveumPackages.dmenu-bluetooth
niveumPackages.manual-sort
niveumPackages.dns-sledgehammer
niveumPackages.wttr
niveumPackages.unicodmenu
niveumPackages.emailmenu
niveumPackages.closest
niveumPackages.trans
niveumPackages.cro
(niveumPackages.mpv-radio.override {
di-fm-key-file = config.age.secrets.di-fm-key.path;
})
(niveumPackages.mpv-radio.override {
di-fm-key-file = config.age.secrets.di-fm-key.path;
executableName = "cro-radio";
mpvCommand = "${niveumPackages.cro}/bin/cro";
})
(niveumPackages.mpv-tuner.override {
di-fm-key-file = config.age.secrets.di-fm-key.path;
})
# kmein.slide
termdown
niveumPackages.image-convert-tolino
niveumPackages.rfc
niveumPackages.tag
niveumPackages.timer
niveumPackages.menu-calc
nix-prefetch-git
niveumPackages.nix-git
nixfmt-rfc-style
par
qrencode
# inputs.menstruation-backend.defaultPackage.x86_64-linux
inputs.agenix.packages.x86_64-linux.default
inputs.recht.defaultPackage.x86_64-linux
(pkgs.writers.writeDashBin "worldradio" ''
shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
'')
(pkgs.writers.writeDashBin "chats" ''
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
inputs.scripts.packages.x86_64-linux.alarm
spotify
ncspot
playerctl
nix-index
niveumPackages.nix-index-update
#krebs
niveumPackages.dic
config.nur.repos.mic92.ircsink
(haskellPackages.ghcWithHoogle (hs: [
hs.text
hs.lens
hs.bytestring
]))
(python3.withPackages (py: [
py.black
# py.python-language-server
# py.pyls-mypy
# py.pyls-black
# py.pyls-isort
py.flake8
py.pygments
py.schema
]))
# python3Packages.poetry
# language servers
pyright
haskell-language-server
texlab
nil
rust-analyzer
elmPackages.elm-language-server
nodePackages.typescript-language-server
lua-language-server
nodePackages.vscode-langservers-extracted
dhall-lsp-server
dhall-nix
dhall-bash
dhall-json
dhall
html-tidy
nodePackages.csslint
nodePackages.jsonlint
nodePackages.prettier
nodePackages.typescript
nodePackages.eslint
nodePackages.yarn
deno # better node.js
nodejs
texlive.combined.scheme-full
latexrun
(aspellWithDicts (dict: [dict.de dict.en dict.en-computers]))
# haskellPackages.pandoc-citeproc
niveumPackages.text2pdf
lowdown
glow # markdown to term
libreoffice
# gnumeric
dia
pandoc
# niveumPackages.man-pandoc
typst
# proselint
asciidoctor
wordnet
tokei # count lines of code
gnumake
binutils # for strip, ld, ...
# nightly.rust
shellcheck
(pkgs.writers.writeDashBin "hass-cli" ''
HASS_SERVER=http://zaatar.r:8123 HASS_TOKEN="$(cat ${config.age.secrets.home-assistant-token.path})" exec ${pkgs.home-assistant-cli}/bin/hass-cli "$@"
'')
# xml
saxonb_9_1
libxml2
zotero
];
age.secrets.home-assistant-token = {
file = ../secrets/home-assistant-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
home-manager.users.me.xdg.configFile."pycodestyle".text = ''
[pycodestyle]
max-line-length = 110
'';
}

227
configs/packages/default.nix Normal file
View File

@@ -0,0 +1,227 @@
{ pkgs, lib, ... }:
let
hc = pkgs.callPackage <stockholm/tv/5pkgs/simple/hc.nix> {};
worldradio = pkgs.callPackage <niveum/packages/worldradio.nix> {};
menstruation = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
nixpkgs-unstable = import <nixpkgs-unstable> { config.allowUnfree = true; };
astrolog = nixpkgs-unstable.astrolog.overrideAttrs (old: old // {
installPhase = ''
${old.installPhase}
# set sensible defaults
sed -i '
/^-z /s/8:00W/1:00E/ # timezone
/^-zl /s/122W19:59 47N36:35/13E22:42 52N27:42/ # default location
/^-zj /s/"Current moment now"/Now/ # default name
/^-zj /s/"Seattle, WA, USA"/Berlin/ # default location
/^_k/s/_k/=k/ # use color
/^_Yd/s/_Yd/=Yd/ # sensible date format
/^_Yt/s/_Yt/=Yt/ # sensible time format
/^_Yv/s/_Yv/=Yv/ # sensible length format
/^:Xbw/s/:Xbw/:Xbn/ # set X11 bitmap format
/^:I /s/80/120/ # wider text output
' $out/astrolog/astrolog.as
'';
});
recht = pkgs.callPackage (pkgs.fetchFromGitHub {
owner = "kmein";
repo = "recht";
rev = "0.6.2";
sha256 = "08gnrnz3lwh8h6fyga56yfy9qryzm89xbshm7wpxfyxf2pmp1qfx";
}) {};
in {
imports = [
./writing.nix
./python.nix
./haskell
{
environment.systemPackages = let
# nightly = pkgs.rustChannelOf {
# date = "2019-12-27";
# channel = "nightly";
# };
in with pkgs; [
htmlTidy
nodePackages.csslint
nodePackages.jsonlint
nodePackages.prettier
nodePackages.typescript
nodePackages.yarn
nodejs
nodePackages.javascript-typescript-langserver
tokei # count lines of code
gnumake
binutils # for strip, ld, ...
# nightly.rust
shellcheck
];
}
];
environment.systemPackages = with pkgs; [
# INTERNET
aria2
firefox
tdesktop
w3m
wget
whois
ix
dnsutils
# mtr # my traceroute
# FILE MANAGERS
ranger
pcmanfm
# MEDIA
ffmpeg
imagemagick
exiftool
scrot
# ARCHIVE TOOLS
unzip
unrar
p7zip
zip
# MONITORS
htop
iotop # I/O load monitor
iftop # interface bandwidth monitor
lsof # list open files
psmisc # for killall, pstree
# SHELL
bat # better cat
fd # better find
file # determine file type
dos2unix
ncdu # ncurses disk usage
python3Packages.jsonschema # json validation
jq # json toolkit
pup # html toolkit
nixpkgs-unstable.htmlq
xsv # csv toolkit
xmlstarlet # xml toolkit
manpages
posix_man_pages
# moreutils # for parallel, sponge, combine
tree
fuse_exfat # to mount windows drives
parallel # for parallel, since moreutils shadows task spooler
ripgrep # better grep
rlwrap
progress # display progress bars for pipes
up # universal plumber (piping tool)
# HARDWARE TOOLS
usbutils # for lsusb
pciutils # for lspci
lshw # for lshw
arandr # xrandr for noobs
libnotify # for notify-send
xclip # clipboard CLI
dragon-drop # drag and drop
xorg.xkill # kill by clicking
audacity
calibre
inkscape
astrolog # astrolog
anki # flashcards
nixpkgs-unstable.zoom-us # video conferencing
pdfgrep # search in pdf
pdftk # pdf toolkit
poppler_utils # pdf toolkit
foxitreader # for viewing pdf annotations
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
hc # print files as qr codes
youtubeDL
bc # calculator
pari # gp -- better calculator
scripts.auc
scripts.infschmv
scripts.qrpaste
scripts.new-mac # get a new mac address
scripts.scanned
scripts.default-gateway
scripts.showkeys-toggle
scripts.kirciuoklis
scripts.favicon
scripts.ipa # XSAMPA to IPA converter
scripts.playlist
scripts.mpv-tv
scripts.devanagari
scripts.betacode # ancient greek betacode to unicode converter
scripts.meteo
scripts.mahlzeit
recht
scripts.vimv
scripts.swallow # window swallowing
scripts.genius
scripts.instaget
scripts.literature-quote
scripts.nav # json navigation
scripts.n
scripts.notetags
scripts.booksplit
scripts.dmenurandr
scripts.interdimensional-cable
scripts.dmenubluetooth
scripts.manual-sort
scripts.much-scripts
scripts.dns-sledgehammer
ts
scripts.vg
scripts.fkill
scripts.wttr
scripts.sanskrit-dictionary
scripts.unicodmenu
scripts.horoscope
scripts.closest
scripts.trans
scripts.liddel-scott-jones
scripts.mpv-radio
# kmein.slide
scripts.tolino-screensaver
scripts.rfc
scripts.tag
scripts.menu-calc
nix-prefetch-git
scripts.nix-git
nixfmt
par
qrencode
wtf
menstruation
(pkgs.writers.writeDashBin "worldradio" ''
shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
'')
(pkgs.writers.writeDashBin "chats" ''
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import <niveum/lib/local-network.nix>).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import <niveum/lib/local-network.nix>).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
nixpkgs-unstable.spotify
ncspot
playerctl
nix-index
scripts.nix-index-update
#krebs
dic
cyberlocker-tools
untilport
kpaste
irc-announce
git-preview
ircaids
];
}

46
configs/packages/haskell/default.nix Normal file
View File

@@ -0,0 +1,46 @@
{ config, pkgs, ... }: {
home-manager.users.me.home.file = {
".ghc/ghci.conf".text = ''
:set editor vim
:def hoogle \s -> return $ ":!${pkgs.haskellPackages.hoogle}/bin/hoogle search --color -l --count=15 \"" ++ s ++ "\""
:def doc \s -> return $ ":!${pkgs.haskellPackages.hoogle}/bin/hoogle search --color -l --info \"" ++ s ++ "\""
:set prompt "\o033[1m%s\o033[1;34m λ\o033[0m "
:set -Wall
:set -XOverloadedStrings
'';
# :def unpl \x -> return $ ":!${pkgs.haskellPackages.pointful}/bin/pointful \"" ++ x ++ "\""
# :def pl \x -> return $ ":!${pkgs.haskellPackages.pointfree}/bin/pointfree -v \"" ++ x ++ "\""
".stack/config.yaml".source =
let inherit (import <niveum/lib>) kieran;
in (pkgs.formats.yaml {}).generate "config.yaml" {
templates.params = {
author-name = kieran.name;
author-email = kieran.email;
copyright = "Copyright: (c) 2020 ${kieran.name}";
github-username = kieran.github;
};
};
};
services.hoogle = {
enable = false;
packages = import ./packages.nix;
port = 8091;
};
environment.systemPackages = with pkgs;
[
cabal2nix
cabal-install
hlint
haskellPackages.ormolu
(haskellPackages.ghcWithHoogle (import ./packages.nix))
] ++ map haskell.lib.justStaticExecutables [
haskellPackages.ghcid
haskellPackages.hasktags
# haskellPackages.hindent
# haskellPackages.pointfree
# haskellPackages.pointful
haskellPackages.hpack
];
}

Some files were not shown because too many files have changed in this diff Show More