kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 18:21:07 +01:00
Code Releases Activity

Compare commits

base: kfm:32fa3e75ea0cdf66855cacdb7703d91aaab237ca
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:flakes
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

1 Commits
32fa3e75ea ... flakes

Author SHA1 Message Date
Kierán Meinhardt
06c1be9e09 wip: flakes 2021-12-29 17:41:53 +01:00
424 changed files with 9669 additions and 18292 deletions
Expand all files Collapse all files

29
.bin/anki-poem.sh
View File

@@ -1,29 +0,0 @@
#!/bin/sh
file="${1?please supply a poetry file}"
[ -f "$file" ] || {
echo "'$file' is no file"
exit 1
}
poem="$(mktemp)"
clean () {
rm "$poem"
}
trap clean EXIT
sed '/^$/d' "$file" > "$poem"
htmlize() {
awk 'ORS="<br/>"' \
| head -c -5 # remove final <br/> characters
}
for line_number in $(seq 1 "$(wc -l "$poem" | cut -d' ' -f1)"); do
if [ "$line_number" -gt 3 ] && [ "$line_number" -gt 1 ]; then
sed -n "$((line_number - 3)),$((line_number - 1))p" "$poem"
else
sed -n "1,$((line_number - 1))p" "$poem"
fi | htmlize
printf '\t'
sed -n "${line_number},+1p" "$poem" | htmlize
printf '\n'
done

54
.bin/avesta.sed
View File

@@ -1,54 +0,0 @@
#!/usr/bin/env -S sed -f
s/ā̊/𐬃/g
s//𐬝/g
s/ṣ̌/𐬴/g
s/š́/𐬳/g
s/ą̄/𐬅/g
s/ŋᵛ/𐬤/g
s/ə̄/𐬇/g
s/ŋ́/𐬣/g
s//𐬒/g
s/xᵛ/𐬓/g
s/a/𐬀/g
s/ā/𐬁/g
s/å/𐬂/g
s/ą/𐬄/g
s/ə/𐬆/g
s/e/𐬈/g
s/ē/𐬉/g
s/o/𐬊/g
s/ō/𐬋/g
s/i/𐬌/g
s/ī/𐬍/g
s/u/𐬎/g
s/ū/𐬏/g
s/k/𐬐/g
s/x/𐬑/g
s/g/𐬔/g
s/ġ/𐬕/g
s/γ/𐬖/g
s/c/𐬗/g
s/j/𐬘/g
s/t/𐬙/g
s/θ/𐬚/g
s/d/𐬛/g
s/δ/𐬜/g
s/p/𐬞/g
s/f/𐬟/g
s/b/𐬠/g
s/β/𐬡/g
s/ŋ/𐬢/g
s/n/𐬥/g
s/ń/𐬦/g
s//𐬧/g
s/m/𐬨/g
s//𐬩/g
s//𐬫/g
s/y/𐬪/g
s/v/𐬬/g
s/r/𐬭/g
s/s/𐬯/g
s/z/𐬰/g
s/š/𐬱/g
s/ž/𐬲/g
s/h/𐬵/g

19
.bin/calendars.sh
View File

@@ -1,19 +0,0 @@
#!/bin/sh
directory="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$directory"
}
year=$(date +%Y)
output=/tmp/$year.pdf
for month in $(seq 1 12); do
printf "\r%d" "$month" 1>&2
astrolog -zN Berlin -qm "$month" "$year" -X -K -XA -Xr -Xm -Xb -Xo "$(printf "%s/%02d.bmp" "$directory" "$month")" -Xw 1080 720 2>/dev/null
done
printf "\r"
convert "$directory/*.bmp" "$output"
echo "$output"

43
.bin/dummy-alert
View File

@@ -1,43 +0,0 @@
#!/bin/bash
name=$RANDOM
url='http://localhost:9093/api/v1/alerts'
echo "firing up alert $name"
# change url o
curl -XPOST $url -d "[{
\"status\": \"firing\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""
echo "press enter to resolve alert"
read
echo "sending resolve"
curl -XPOST $url -d "[{
\"status\": \"resolved\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""

21
.bin/fix-sd.sh
View File

@@ -1,21 +0,0 @@
#!/bin/sh
set -xfu
drive="$1"
mountpoint="/media/sd-card-$(date +%s)"
backup_directory="$(pwd)"
trap clean EXIT
clean() {
umount "$mountpoint"
rmdir "$mountpoint"
fsck.exfat "$drive"
}
filenames="$(fsck.exfat "$drive" 2>&1 | sed -nE "s/.* file '(.*?)' is not allocated.*/\1/p")"
mkdir "$mountpoint"
mount "$drive" "$mountpoint"
echo "$filenames" | while read -r filename; do
find "$mountpoint" -type f -name "$filename" -exec mv {} "$backup_directory" \;
done

5
.bin/json2csv.jq
View File

@@ -1,5 +0,0 @@
#!/usr/bin/env -S jq -r -f
(map(keys) | add | unique) as $cols
| map(. as $row | $cols | map($row[.])) as $rows
| $cols, $rows[]
| @csv

114
.bin/mp3player-write
View File

@@ -1,114 +0,0 @@
#!/usr/bin/env bash
# Usage:
# ./mp3_transfer.sh -s 1.3 /mnt/mp3player file1.m4a file2.m4a ...
set -e
# Default speed
SPEED=1.0
# Parse options
while getopts ":s:" opt; do
case $opt in
s)
SPEED=$OPTARG
;;
\?)
echo "Invalid option: -$OPTARG" >&2
exit 1
;;
:)
echo "Option -$OPTARG requires a value." >&2
exit 1
;;
esac
done
# Shift past the options
shift $((OPTIND -1))
# Check arguments
if [ "$#" -lt 2 ]; then
echo "Usage: $0 [-s speed] MOUNT_POINT FILE1 [FILE2 ...]"
exit 1
fi
MOUNT_POINT=$1
shift
FILES=("$@")
# Check mount point exists
if [ ! -d "$MOUNT_POINT" ]; then
echo "Error: Mount point '$MOUNT_POINT' does not exist."
exit 1
fi
# Estimate required space
TOTAL_SIZE=0
for f in "${FILES[@]}"; do
if [ ! -f "$f" ]; then
echo "Warning: File '$f' does not exist, skipping."
continue
fi
# Get file size in bytes
FILE_SIZE=$(stat --printf="%s" "$f")
# Estimate mp3 output size: roughly 1/2 of original m4a (adjust if needed)
TOTAL_SIZE=$((TOTAL_SIZE + FILE_SIZE / 2))
done
# Get available space in bytes
AVAILABLE=$(df --output=avail "$MOUNT_POINT" | tail -n 1)
AVAILABLE=$((AVAILABLE * 1024)) # df reports in KB
if [ "$TOTAL_SIZE" -gt "$AVAILABLE" ]; then
echo "Error: Not enough space on device. Required: $TOTAL_SIZE bytes, Available: $AVAILABLE bytes"
exit 1
fi
echo "Enough space available. Starting conversion..."
sanitize_filename() {
local name="$1"
# Remove path, keep only base name
name=$(basename "$name" .m4a)
# Replace spaces and special chars with underscore
name=$(echo "$name" | tr ' ' '_' | tr -cd '[:alnum:]_-')
# Truncate to max 50 chars
echo "${name:0:50}"
}
# Convert and copy files
for f in "${FILES[@]}"; do
if [ ! -f "$f" ]; then
continue
fi
# Determine the next prefix
existing_prefixes=$(ls "$MOUNT_POINT" | grep -E '^[0-9].*\.mp3$' | sed -E 's/^([0-9]).*/\1/' | sort -n | uniq)
for i in {0..9}; do
if ! echo "$existing_prefixes" | grep -q "^$i$"; then
PREFIX=$i
break
fi
done
echo "Using prefix: $PREFIX"
BASENAME=$(sanitize_filename "$f")
OUT_PATTERN="$MOUNT_POINT/${PREFIX}%02d_${BASENAME}.mp3"
echo "Converting '$f' to '$OUT_PATTERN' at speed $SPEED..."
ffmpeg -i "$f" \
-filter:a "atempo=$SPEED" -ar 44100 -ac 2 -c:a libmp3lame -b:a 128k \
-f segment -segment_time 300 \
"$OUT_PATTERN"
# Update prefix for next file
# Count how many segments were created
SEG_COUNT=$(ls "$MOUNT_POINT" | grep -E "^${PREFIX}[0-9]{2}_" | wc -l)
PREFIX=$((PREFIX + SEG_COUNT))
done
echo "All files processed successfully."

1
.bin/mud.sh
View File

@@ -1 +0,0 @@
ssh mud@hotdog.r -t "MUD_NICKNAME=$LOGNAME mud"

6
.bin/mushakkil.sh
View File

@@ -1,6 +0,0 @@
#!/bin/sh
curl -sSL 'https://diac.alsharekh.org/Diac/DiacText' \
-H "Content-Type: application/json" \
--data-raw "$(jq --raw-input '{word: ., type: 1}')" \
--compressed \
| jq -r .diacWord

65
.bin/prospekte.sh
View File

@@ -1,65 +0,0 @@
#!/bin/sh
lidl() {
echo LIDL
curl -sSL 'https://endpoints.lidl-flyer.com/v3/region-overview/lidl/de-DE/0.json' \
| jq -r '
.categories
| map(select(.name == "Filial-Angebote") | .subcategories | map(.flyers))
| flatten
| flatten
| .[]
| .pdfUrl
'
}
aldi_nord() {
echo ALDI nord
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-aktuell/GetPDF.ashx'
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-vorschau/GetPDF.ashx'
}
rewe_berlin() {(
store_id=662366923
publisher_id=1062
echo REWE
curl -sSL 'https://www.bonialserviceswidget.de/de/stores/'$store_id'/brochures?storeId='$store_id'&publisherId='$publisher_id | while read -r brochure_id; do
curl -sSL 'https://www.bonialserviceswidget.de/de/v5/brochureDetails/'"$brochure_id"'?publisherId='$publisher_id | jq -r .pdfUrl
done
)}
kaufland() {(
region_code=8920
echo KAUFLAND
curl -sSL https://filiale.kaufland.de/prospekte.html | htmlq --attribute href '.flyer a' | grep -Eo 'DE_de_KDZ[^/]*' | sed "s/_3000_/_${region_code}_/" | while read -r flyer_id; do
curl -sSL "https://endpoints.leaflets.kaufland.com/v3/$flyer_id/flyer.json?regionCode=$region_code" | jq -r .flyer.pdfUrl
done
)}
netto_schwarz() {
echo 'NETTO (schwarz)'
curl -sSL 'https://squid-api.tjek.com/v2/catalogs?dealer_ids=90f2VL&order_by=created' \
| jq -r '.[] | .id' \
| while read -r flyer_id; do
curl -sSL "https://squid-api.tjek.com/v2/catalogs/$flyer_id/download" \
| jq -r .pdf_url
done
}
dir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$dir"
}
prospekt_url="$( (
lidl
aldi_nord
rewe_berlin
kaufland
netto_schwarz
) | fzf)"
curl -sSL "$prospekt_url" -o "$dir/prospekt.pdf"
zathura "$dir/prospekt.pdf"

16
.bin/screencap.sh
View File

@@ -1,16 +0,0 @@
#! /usr/bin/env nix-shell
#! nix-shell -i sh -p coreutils byzanz xorg.xwininfo gnused
# shellcheck shell=sh
# ref https://gist.github.com/aforemny/0994cb7f06ea30d56c8b9681ff5d2054
set -eux
eval "$(xwininfo | \
sed -n -e 's/^ \+Absolute upper-left X: \+\([0-9]\+\).*/x=\1/p' \
-e 's/^ \+Absolute upper-left Y: \+\([0-9]\+\).*/y=\1/p' \
-e 's/^ \+Width: \+\([0-9]\+\).*/w=\1/p' \
-e 's/^ \+Height: \+\([0-9]\+\).*/h=\1/p')"
trap "pkill -f 'sleep 360d'" INT
byzanz-record -e "sleep 360d" -c -x $x -y $y -w $w -h $h "$@"

49
.bin/space.py
View File

@@ -1,49 +0,0 @@
import ephem
from datetime import datetime, date, timedelta
now = datetime.now()
limit = now + timedelta(days=365)
def events_until(limit):
initial_date = ephem.Date(datetime.now())
events = {}
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_full_moon(now)
events[now] = "🌕"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_new_moon(now)
events[now] = "🌑"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_vernal_equinox(now)
events[now] = "spring equinox"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_autumnal_equinox(now)
events[now] = "fall equinox"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_winter_solstice(now)
events[now] = "winter solstice"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_summer_solstice(now)
events[now] = "summer solstice"
return events
events = events_until(limit)
for date, event in sorted(events.items(), key=lambda x: x[0]):
if ephem.localtime(date) < limit:
print(ephem.localtime(date), event)

50
.bin/toposort.nix
View File

@@ -1,50 +0,0 @@
let
lib = import <nixpkgs/lib>;
in rec {
inherit lib;
input = [
{
x = ["pool" "zfs"];
y = ["mdadm" "raid1"];
}
{
x = ["pool" "zfs"];
y = ["disk" "sda"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdb"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdc"];
}
];
outNodes = node: graph:
lib.unique
(builtins.map (e: e.y)
(builtins.filter (v: v.x == node) graph));
vertices = graph:
lib.unique
(builtins.map (x: x.y) graph ++ builtins.map (x: x.x) graph);
deleteVertex = node: graph: (builtins.filter (v: v.x != node && v.y != node) graph);
findSink = graph:
lib.findFirst
(v: outNodes v graph == [])
(lib.trace graph (builtins.abort "No sink found"))
(vertices graph);
topSort = graph:
if graph == []
then []
else if builtins.length graph == 1
then let only = builtins.head graph; in [only.y only.x]
else let sink = findSink graph; in [sink] ++ topSort (deleteVertex sink graph);
output = topSort input;
}

18
.bin/ttrss-unread
View File

@@ -1,18 +0,0 @@
#/usr/bin/env -S deno run -A:q
set -x
session_cache="$HOME/.cache/tt-rss.session"
ttrss_endpoint=https://feed.kmein.de/api/
ttrss_user=k
ttrss_password=$(pass shared/tt-rss/password)
login() {
if [ -f "$session_cache" ]; then
session_id="$(cat "$session_cache")"
else
session_id="$(curl -d '{"op":"login","user":"'"$ttrss_user"'","password":"'"$ttrss_password"'"}' "$ttrss_endpoint" | jq -r .content.session_id)"
echo "$session_id" > "$session_cache"
fi
}
login
curl -d '{"sid":"'"$session_id"'","op":"getUnread"}' "$ttrss_endpoint" | jq .content

16
.bin/tuesday-1800
View File

@@ -1,16 +0,0 @@
#!/bin/sh
set -efux
expected_max_results=1024 # the upper bound on the number of restaurants
radius=250
echo '[out:json];node(id:260050809)->.cbase;
(
node(around.cbase:'$radius')[amenity=fast_food];
node(around.cbase:'$radius')[amenity=restaurant];
);out;' \
| curl -sSL -d @- -X POST http://overpass-api.de/api/interpreter \
| jq --argjson random "$(shuf -i 0-$expected_max_results -n 1)" '
.elements
| length as $length
| .[$random % $length]
'

8
.bin/unicode
View File

@@ -1,8 +0,0 @@
import sys
import unicodedata
for index, character in enumerate(sys.stdin.read().strip()):
try:
print(index, character, hex(ord(character)), unicodedata.category(character), unicodedata.name(character))
except:
print(index, character, hex(ord(character)))

26
.bin/watson2fdf.sh
View File

@@ -1,26 +0,0 @@
project=Filli
year=2022
for month in Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec; do
from="$(date +%F -d "$month 1, $year")"
to="$(date +%F -d "$month 1, $year + 1 month")"
watson report --json --from "$from" --to "$to" --project "$project"
done | jq --slurp '
def in_array($arr):
. as $value | any($arr[]; . == $value);
map(
["engadin-app","fysiweb","val-muestair","mia-engiadina","ol"] as $official_projects
| (.timespan.from | .[0:7]) as $timespan
| .projects | .[0]
| .time as $total_time
| .tags
| select(. != null)
| map(select(.name | in_array($official_projects)))
| (map(.time)|add) as $official_time
| map({key:.name, value:.time}) | from_entries
| .other |= ($total_time - $official_time)
| map_values(. / (60*60) | ceil)
| .month |= $timespan
)
'

19
.github/workflows/flake.yml vendored
View File

@@ -1,19 +0,0 @@
name: Update flake.lock
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '0 0 * * 0' # runs weekly on Sunday at 00:00
jobs:
lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install Nix
uses: cachix/install-nix-action@v16
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v3

39
.github/workflows/niveum.yml vendored
View File

@@ -1,39 +0,0 @@
name: CI
on:
push:
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
system: [makanek,manakish,kabsa,zaatar,ful,fatteh]
steps:
- uses: actions/checkout@v3
- name: Install QEMU (ARM)
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
if: ${{ matrix.system == 'ful' }}
- name: Install Nix (ARM)
uses: cachix/install-nix-action@v16
if: ${{ matrix.system == 'ful' }}
with:
extra_nix_config: |
system = aarch64-linux
- name: Install Nix (x86_64)
uses: cachix/install-nix-action@v16
if: ${{ matrix.system != 'ful' }}
- name: nixos-rebuild dry-build
run: |
# remove secrets: ref https://stackoverflow.com/questions/1260748/how-do-i-remove-a-submodule/36593218
git submodule deinit -f secrets
rm -rf .git/modules/secrets
git rm -f secrets
# recreate secrets
mkdir secrets
cat secrets.txt | while read -r path; do touch $path; done
git add secrets
nix run nixpkgs#nixos-rebuild -- dry-build --flake $GITHUB_WORKSPACE#${{matrix.system}}

12
.gitmodules vendored
View File

@@ -1,3 +1,9 @@
[submodule "secrets"]
path = secrets
url = ssh://gitea@code.kmein.de:22022/kfm/niveum-secrets.git
[submodule "submodules/menstruation-telegram"]
path = submodules/menstruation-telegram
url = https://github.com/kmein/menstruation-telegram
[submodule "submodules/menstruation-backend"]
path = submodules/menstruation-backend
url = https://github.com/kmein/menstruation.rs
[submodule "submodules/nur-packages"]
path = submodules/nur-packages
url = git@github.com:kmein/nur-packages.git

11
.versions/home-manager.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/nix-community/home-manager.git",
"rev": "697cc8c68ed6a606296efbbe9614c32537078756",
"date": "2021-12-19T00:59:29+01:00",
"path": "/nix/store/fb46bv10azrag2jjlzhil6j11f4x8glw-home-manager",
"sha256": "1c8gxm86zshr2zj9dvr02qs7y3m46gqavr6wyv01r09jfd99dxz9",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/krops.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.krebsco.de/krops",
"rev": "cccebf3ff7a53336b3f106cb96dddd5892d427ed",
"date": "2021-03-23T22:47:37+01:00",
"path": "/nix/store/mz13xxnil35lwsf90hwnrm2agir7hb51-krops",
"sha256": "07mg3iaqjf1w49vmwfchi7b1w55bh7rvsbgicp2m47gnj9alwdb6",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nix-writers.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.krebsco.de/nix-writers",
"rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71",
"date": "2019-04-02T20:05:33+02:00",
"path": "/nix/store/wm5zhsha1a2iy0d582nlfi7604ayd1vz-nix-writers",
"sha256": "0xdivaca1hgbxs79jw9sv4gk4f81vy8kcyaff56hh2dgq2awyvw4",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs-mozilla.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/mozilla/nixpkgs-mozilla",
"rev": "7c1e8b1dd6ed0043fb4ee0b12b815256b0b9de6f",
"date": "2021-12-07T09:28:33-05:00",
"path": "/nix/store/pqwcw589i2y2w2116wn3ifl834adjsa0-nixpkgs-mozilla",
"sha256": "1a71nfw7d36vplf89fp65vgj3s66np1dc0hqnqgj5gbdnpm1bihl",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs-unstable.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/NixOS/nixpkgs.git",
"rev": "f01adc7b35a8f80e82f3466e6d873b8b9c8f1b28",
"date": "2021-12-22T23:05:28+01:00",
"path": "/nix/store/zhfrvg77dzpc3hq02v9zv20dfgqwpzk6-nixpkgs",
"sha256": "17iyf2iiizi7c1wr71day3wvgalbkkm2zgc9lpy7y42rl4frq9sf",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/NixOS/nixpkgs.git",
"rev": "9ab7d12287ced0e1b4c03b61c781901f178d9d77",
"date": "2021-12-21T10:09:48+01:00",
"path": "/nix/store/minmlh0avkwvvc3p7flhpbglp13kr585-nixpkgs",
"sha256": "0bbd2pgcyavqn5wgq0xp8p67lha0kv9iqnh49i9w5fb5g29q7i30",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/retiolum.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/krebs/retiolum",
"rev": "b72b0a987767b587c79cba8499b5114d69fceeef",
"date": "2021-12-28T19:46:45+00:00",
"path": "/nix/store/kyaqwf89v6id9mda92x4b0hf778j987x-retiolum",
"sha256": "19hjzzlfk1m9ign33w4ppqgmg23v7c6k8l0fm7f33spq8982w7rb",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/stockholm.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.lassul.us/stockholm",
"rev": "576c05cf3a0ceddefa29c2d0073108177c3cfa52",
"date": "2021-12-22T13:59:46+01:00",
"path": "/nix/store/yx1j5pardgd9114f0cf3c4xjfq6r4yfv-stockholm",
"sha256": "18napi4k8i2iizrismlp9ha3ga6c3n2dvrhijy59kl1jxqrsaq9l",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

6
README.md
View File

@@ -1,7 +1,5 @@
# niveum
> I must Create a System, or be enslav'd by another Man's. —William Blake
> [nĭvĕus](https://logeion.uchicago.edu/niveus), a, um, adj. [nix], _of_ or _from snow, snowy, snow-_ (poet.)
>
> 1. Lit.: aggeribus niveis informis, Verg. G. 3, 354: aqua, _cooled with snow_, Mart. 12, 17, 6; cf. id. 14, 104 and 117: mons, _covered with snow_, Cat. 64, 240.—
@@ -9,6 +7,4 @@
> 2. Transf., _snow-white, snowy_ (mostly poet.): a similitudine sic: Corpore niveum candorem, aspectu igneum ardorem assequebatur, Auct. Her. 4, 33, 44: lacerti, Verg. A. 8, 387: lac, id. E. 2, 20: hanc si capite niveae agnae exorari judicas, Sen. Q. N. 2, 36: Briseis niveo colore, Hor. C. 2, 4, 3: vestis, Ov. M. 10, 432: candidior nivei folio, Galatea, ligustri, id. ib. 13, 789: dens, id. H. 18, 18: quā notam duxit niveus videri, Hor. C. 4, 2, 59: panis, Juv. 5, 70: flumen, _clear, pellucid_, Sen. Hippol. 504: undae, Mart. 7, 32, 11: tribuni, _clothed in white togas_, Calp. Ecl. 7, 29; so, Quirites, Juv. 10, 45.
## Pressestimmen
> das ist ja pure poesie —[riotbib](https://github.com/riotbib/)
> Deine Configs sind wunderschön <3 —[flxai](https://github.com/flxai/)
> das ist ja pure poesie —[xkey](https://github.com/riotbib)

119
configs/admin-essentials.nix
View File

@@ -1,119 +0,0 @@
{
pkgs,
niveumPackages,
lib,
...
}: let
darwin = lib.strings.hasSuffix "-darwin" pkgs.stdenv.hostPlatform.system;
in {
environment.systemPackages =
[
pkgs.htop
pkgs.w3m
pkgs.wget
# ARCHIVE TOOLS
pkgs.unzip
pkgs.unrar
pkgs.p7zip
pkgs.sshuttle
pkgs.zip
# MONITORS
pkgs.iftop # interface bandwidth monitor
pkgs.lsof # list open files
# SHELL
pkgs.sqlite
pkgs.fd # better find
pkgs.tree
pkgs.parallel # for parallel, since moreutils shadows task spooler
pkgs.ripgrep # better grep
pkgs.rlwrap
pkgs.progress # display progress bars for pipes
pkgs.file # determine file type
pkgs.gdu # ncurses disk usage (ncdu is broken)
pkgs.rmlint # remove duplicate files
pkgs.jq # json toolkit
pkgs.jless # less(1) for json
pkgs.fq # toolkit for yaml, xml and binaries
pkgs.bc # calculator
pkgs.pari # gp -- better calculator
pkgs.ts
niveumPackages.vimv
niveumPackages.vg
niveumPackages.fkill
niveumPackages.cyberlocker-tools
niveumPackages.untilport
niveumPackages.kpaste
# HARDWARE
pkgs.pciutils # for lspci
]
++ lib.optionals (!darwin) [
pkgs.usbutils # for lsusb
pkgs.lshw # for lshw
pkgs.iotop # I/O load monitor
pkgs.psmisc # for killall, pstree
];
security.wrappers = {
pmount = {
setuid = true;
owner = "root";
group = "root";
source = "${pkgs.pmount}/bin/pmount";
};
pumount = {
setuid = true;
owner = "root";
group = "root";
source = "${pkgs.pmount}/bin/pumount";
};
};
environment.shellAliases = let
take = pkgs.writers.writeDash "take" ''
mkdir "$1" && cd "$1"
'';
cdt = pkgs.writers.writeDash "cdt" ''
cd "$(mktemp -d)"
pwd
'';
wcd = pkgs.writers.writeDash "wcd" ''
cd "$(readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname)/.."
'';
where = pkgs.writers.writeDash "where" ''
readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname
'';
in
{
nixi = "nix repl '<nixpkgs>'";
take = "source ${take}";
wcd = "source ${wcd}";
where = "source ${where}";
# temporary files and directories
cdt = "source ${cdt}";
vit = "$EDITOR $(mktemp)";
# file safety
mv = "${pkgs.coreutils}/bin/mv --interactive";
rm = "${pkgs.coreutils}/bin/rm --interactive";
cp = "${pkgs.coreutils}/bin/cp --interactive";
# colours
cat = "${pkgs.bat}/bin/bat --theme=ansi --style=plain";
l = "${pkgs.coreutils}/bin/ls --color=auto --time-style=long-iso --almost-all";
ls = "${pkgs.coreutils}/bin/ls --color=auto --time-style=long-iso";
ll = "${pkgs.coreutils}/bin/ls --color=auto --time-style=long-iso -l";
la = "${pkgs.coreutils}/bin/ls --color=auto --time-style=long-iso --almost-all -l";
}
// (
if darwin
then {}
else {
"ß" = "${pkgs.util-linux}/bin/setsid";
ip = "${pkgs.iproute2}/bin/ip -c";
# systemd
s = "${pkgs.systemd}/bin/systemctl";
us = "${pkgs.systemd}/bin/systemctl --user";
j = "${pkgs.systemd}/bin/journalctl";
uj = "${pkgs.systemd}/bin/journalctl --user";
}
);
}

324
configs/aerc.nix
View File

@@ -1,324 +0,0 @@
{
pkgs,
config,
lib,
niveumPackages,
...
}: let
inherit (import ../lib/email.nix) defaults thunderbirdProfile;
in {
age.secrets = {
email-password-ical-ephemeris = {
file = ../secrets/email-password-ical-ephemeris.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-cock = {
file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-posteo = {
file = ../secrets/email-password-posteo.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
accounts.email.maildirBasePath = "${config.users.users.me.home}/state/Maildir";
services.mbsync = {
enable = true;
frequency = "daily";
preExec = "${pkgs.coreutils}/bin/mkdir -p ${config.home-manager.users.me.accounts.email.maildirBasePath}";
postExec = "${pkgs.notmuch}/bin/notmuch new";
};
programs.notmuch = {
enable = true;
extraConfig = {
database.path = config.home-manager.users.me.accounts.email.maildirBasePath;
new.tags = "";
user.name = defaults.realName;
user.primary_email = config.home-manager.users.me.accounts.email.accounts.posteo.address;
};
};
programs.mbsync = {
enable = true;
extraConfig = lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: ''
IMAPAccount ${name}
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host ${account.imap.host}
PassCmd "${toString account.passwordCommand}"
User ${account.userName}
SSLType IMAPS
${lib.optionalString (lib.isInt account.imap.port) "Port ${toString account.imap.port}"}
IMAPStore ${name}-remote
Account ${name}
MaildirStore ${name}-local
Path ${config.home-manager.users.me.accounts.email.maildirBasePath}/${name}/
SubFolders Verbatim
Channel ${name}
Create Near
Expunge None
Far :${name}-remote:
Near :${name}-local:
Patterns *
Remove None
SyncState *
'')
config.home-manager.users.me.accounts.email.accounts);
};
accounts.email.accounts = {
cock =
lib.recursiveUpdate defaults
rec {
address = "2210@cock.li";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-cock.path}";
realName = "2210";
imap.host = "mail.cock.li";
imap.port = 993;
smtp.host = imap.host;
smtp.port = 25;
smtp.tls.useStartTls = true;
};
ical-ephemeris =
lib.recursiveUpdate defaults
rec {
userName = "ical.ephemeris@web.de";
realName = "Kieran from iCal Ephemeris";
address = userName;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-ical-ephemeris.path}";
imap.host = "imap.web.de";
imap.port = 993;
smtp.host = "smtp.web.de";
smtp.port = 587;
smtp.tls.useStartTls = true;
};
posteo =
lib.recursiveUpdate defaults
rec {
address = "kieran.meinhardt@posteo.net";
aliases = ["kmein@posteo.de"];
userName = address;
imap.host = "posteo.de";
imap.port = 993;
imap.tls.enable = true;
smtp.host = imap.host;
smtp.port = 465;
smtp.tls.enable = true;
primary = true;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-posteo.path}";
himalaya = {
enable = true;
settings.backend = "imap";
};
aerc.extraAccounts.pgp-key-id = "9EDE82CC72A343A95266D0F444857074A3ACC8B7";
};
};
programs.himalaya.enable = true;
programs.thunderbird = {
enable = true;
settings = {
};
profiles.${thunderbirdProfile} = {
isDefault = true;
settings = {
"mail.default_send_format" = 1;
"msgcompose.default_colors" = false;
"msgcompose.text_color" = config.lib.stylix.colors.withHashtag.base00;
"msgcompose.background_color" = config.lib.stylix.colors.withHashtag.base05;
};
userChrome = ''
'';
userContent = ''
'';
withExternalGnupg = false;
};
};
programs.aerc = {
enable = true;
extraBinds = {
# Binds are of the form <key sequence> = <command to run>
# To use '=' in a key sequence, substitute it with "Eq": "<Ctrl+Eq>"
# If you wish to bind #, you can wrap the key sequence in quotes: "#" = quit
global = {
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab <Enter>";
"<C-t>" = ":term<Enter>";
"?" = ":help keys<Enter>";
};
messages = {
q = ":quit<Enter>";
j = ":next <Enter>";
"<Down>" = ":next<Enter>";
"<C-d>" = ":next 50%<Enter>";
"<C-f>" = ":next 100%<Enter>";
"<PgDn>" = ":next 100%<Enter>";
k = ":prev <Enter>";
"<Up>" = ":prev<Enter>";
"<C-u>" = ":prev 50%<Enter>";
"<C-b>" = ":prev 100%<Enter>";
"<PgUp>" = ":prev 100%<Enter>";
g = ":select 0 <Enter>";
G = ":select -1<Enter>";
J = ":next-folder <Enter>";
K = ":prev-folder<Enter>";
H = ":collapse-folder<Enter>";
L = ":expand-folder<Enter>";
"<space>" = ":read -t<Enter>:next<Enter>";
v = ":mark -t<Enter>";
V = ":mark -v<Enter>";
F = ":flag -t<Enter>";
T = ":toggle-threads<Enter>";
"<Enter>" = ":view<Enter>";
d = ":prompt 'Delete? ' 'delete-message'<Enter>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
C = ":compose<Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
c = ":cf<space>";
"$" = ":term<space>";
"!" = ":term<space>";
"|" = ":pipe<space>";
"/" = ":search<space>";
"\\" = ":filter <space>";
n = ":next-result<Enter>";
N = ":prev-result<Enter>";
"<Esc>" = ":clear<Enter>";
"*" = ":filter -x Flagged<Enter>";
};
view = {
tr = ":pipe ${niveumPackages.trans}/bin/trans -show-original n -b -no-autocorrect<Enter>"; # https://man.sr.ht/~rjarry/aerc/integrations/translator.md
"/" = ":toggle-key-passthrough <Enter> /";
q = ":close<Enter>";
O = ":open<Enter>";
S = ":save<space>";
"|" = ":pipe<space>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
"<C-l>" = ":open-link <space>";
f = ":forward <Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
H = ":toggle-headers<Enter>";
"<C-k>" = ":prev-part<Enter>";
"<C-j>" = ":next-part<Enter>";
J = ":next <Enter>";
K = ":prev<Enter>";
};
"view::passthrough" = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<Esc>" = ":toggle-key-passthrough<Enter>";
};
compose = {
# Keybindings used when the embedded terminal is not selected in the compose
# view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<tab>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::editor" = {
# Keybindings used when the embedded terminal is selected in the compose view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::review" = {
# Keybindings used when reviewing a message to be sent
y = ":send <Enter>";
n = ":abort<Enter>";
p = ":postpone<Enter>";
q = ":choose -o d discard abort -o p postpone postpone<Enter>";
e = ":edit<Enter>";
a = ":attach<space>";
d = ":detach<space>";
};
terminal = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
};
extraConfig = {
ui.sort = "-r date";
ui.timestamp-format = "2006-01-02 15:04";
ui.mouse-enabled = true;
ui.spinner = ". , .";
general.unsafe-accounts-conf = true;
general.pgp-provider = "gpg";
viewer = {pager = "${pkgs.less}/bin/less -R";};
compose = {
# address-book-cmd = "khard email --remove-first-line --parsable '%s'";
no-attachment-warning = "(attach|attached|attachments?|anbei|Anhang|angehängt|beigefügt)";
};
filters = {
"text/plain" = "${pkgs.aerc}/libexec/aerc/filters/colorize";
"text/calendar" = "${pkgs.aerc}/libexec/aerc/filters/calendar";
"text/html" = "${pkgs.aerc}/libexec/aerc/filters/html"; # Requires w3m, dante
# "text/html" =
# "${pkgs.aerc}/share/aerc/filters/html | ${pkgs.aerc}/share/aerc/filters/colorize";
# "text/*" =
# ''${pkgs.bat}/bin/bat -fP --theme=ansi --file-name="$AERC_FILENAME "'';
"message/delivery-status" = "${pkgs.aerc}/libexec/aerc/filters/colorize";
"message/rfc822" = "${pkgs.aerc}/libexec/aerc/filters/colorize";
"application/x-sh" = "${pkgs.bat}/bin/bat -fP -l sh";
};
openers = let
as-pdf = pkgs.writers.writeDash "as-pdf" ''
d=$(mktemp -d)
trap clean EXIT
clean() {
rm -rf "$d"
}
${pkgs.libreoffice}/bin/libreoffice --headless --convert-to pdf "$1" --outdir "$d"
${pkgs.zathura}/bin/zathura "$d"/*.pdf
'';
in {
"image/*" = "${pkgs.nsxiv}/bin/nsxiv";
"application/pdf" = "${pkgs.zathura}/bin/zathura";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = toString as-pdf;
"application/vnd.oasis.opendocument.text" = toString as-pdf;
"video/*" = "${pkgs.mpv}/bin/mpv";
"audio/*" = "${pkgs.mpv}/bin/mpv";
};
};
templates = {
# new_message = "hello!";
};
};
};
}

64
configs/alacritty.nix
View File

@@ -1,33 +1,45 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
...
}: let
in {
environment.variables.TERMINAL = "alacritty";
home-manager.users.me = {
programs.alacritty = {
enable = true;
settings = {
keyboard.bindings = [
{
key = "Plus";
mods = "Control";
action = "IncreaseFontSize";
}
{
key = "Minus";
mods = "Control";
action = "DecreaseFontSize";
}
{
key = "Key0";
mods = "Control";
action = "ResetFontSize";
}
];
environment.systemPackages = [
pkgs.alacritty
];
home-manager.users.me.xdg.configFile =
let
inherit (import <niveum/lib>) colours;
colourNames = [ "black" "red" "green" "yellow" "blue" "magenta" "cyan" "white" ];
colourPairs = lib.getAttrs colourNames colours;
in {
"alacritty/alacritty.yml".source = (pkgs.formats.yaml {}).generate "alacritty.yml" {
background_opacity = 0.9;
colors = {
primary = { inherit (colours) background foreground; };
normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
};
font = {
normal.family = "Monospace";
size = 6;
};
key_bindings = [
{
key = "Plus";
mods = "Control";
action = "IncreaseFontSize";
}
{
key = "Minus";
mods = "Control";
action = "DecreaseFontSize";
}
{
key = "Key0";
mods = "Control";
action = "ResetFontSize";
}
];
};
};
}

5
configs/android.nix
View File

@@ -1,5 +0,0 @@
{
programs.adb.enable = true;
users.users.me.extraGroups = ["adbusers"];
}

52
configs/backup.nix
View File

@@ -1,52 +0,0 @@
{
pkgs,
config,
...
}: let
inherit (import ../lib) restic;
in {
services.restic.backups.niveum = {
initialize = true;
inherit (restic) repository;
timerConfig = {
OnCalendar = "8:00";
RandomizedDelaySec = "1h";
};
passwordFile = config.age.secrets.restic.path;
extraBackupArgs = [
"--exclude=/home/kfm/sync/src/nixpkgs/.git"
"--exclude=node_modules"
"--exclude=.parcel-cache"
];
paths = [
"/home/kfm/sync"
"/home/kfm/state"
"/home/kfm/cloud"
"/home/kfm/mobile"
"/home/kfm/.gnupg"
"/home/kfm/.electrum"
"/home/kfm/.ssh"
];
};
systemd.services.restic-backups-niveum.serviceConfig = {
Restart = "on-failure";
RestartSec = "15s";
StartLimitIntervalSec = "1m"; # don't try more than 4 times
StartLimitBurst = 4;
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "restic-niveum" ''
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} "$@"
'')
(pkgs.writers.writeDashBin "restic-mount" ''
mountdir=$(mktemp -d)
trap clean EXIT
clean() {
rm -r "$mountdir"
}
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} mount "$mountdir"
'')
];
}

6
configs/bash.nix
View File

@@ -1,10 +1,10 @@
{pkgs, ...}: {
{
programs.bash = {
promptInit = ''
PS1="$(${pkgs.ncurses}/bin/tput bold)\w \$([[ \$? == 0 ]] && echo \"\[\033[1;32m\]\" || echo \"\[\033[1;31m\]\")\$$(${pkgs.ncurses}/bin/tput sgr0) "'';
PS1="$(tput bold)\w \$([[ \$? == 0 ]] && echo \"\[\033[1;32m\]\" || echo \"\[\033[1;31m\]\")\$$(tput sgr0) "'';
interactiveShellInit = ''
set -o vi
'';
completion.enable = true;
enableCompletion = true;
};
}

9
configs/tlp.nix → configs/battery.nix
View File

@@ -1,14 +1,11 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
boot.extraModulePackages = with config.boot.kernelPackages; [
tp_smapi
acpi_call
];
boot.kernelModules = ["tp_smapi" "acpi_call"];
environment.systemPackages = [pkgs.tpacpi-bat pkgs.powertop];
boot.kernelModules = [ "tp_smapi" "acpi_call" ];
environment.systemPackages = [ pkgs.tpacpi-bat ];
services.tlp = {
enable = true;

11
configs/beets.nix Normal file
View File

@@ -0,0 +1,11 @@
{ lib, pkgs, ... }:
{
environment.systemPackages = [ pkgs.beets ];
home-manager.users.me.xdg.configFile = {
"beets/config.yaml".source = (pkgs.formats.yaml {}).generate "config.yaml" {
directory = "~/cloud/syncthing/music";
library = "~/cloud/syncthing/common/music.db";
plugins = toString [ "fetchart" "lastgenre" ];
};
};
}

11
configs/bluetooth.nix
View File

@@ -1,10 +1,11 @@
{pkgs, ...}: {
{ pkgs, lib, ... }: {
hardware.bluetooth = {
enable = true;
settings.general = {
enable = "Source,Sink,Media,Socket";
};
settings.General.Enable =
lib.concatStringsSep "," [ "Source" "Sink" "Media" "Socket" ];
};
environment.systemPackages = [ pkgs.bluetuith ];
environment.systemPackages = [ pkgs.blueman ];
home-manager.users.me = { services.blueman-applet.enable = false; };
}

27
configs/bots/autorenkalender.nix
View File

@@ -1,27 +0,0 @@
{
config,
inputs,
...
}: let
autorenkalender = inputs.autorenkalender.packages.x86_64-linux.default;
in {
niveum.bots.autorenkalender = {
enable = true;
time = "07:00";
telegram = {
enable = true;
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = ["@autorenkalender"];
parseMode = "Markdown";
};
command = "${autorenkalender}/bin/autorenkalender";
};
niveum.passport.services = [
{
title = "Autorenkalender";
description = "sends <a href=\"https://www.projekt-gutenberg.org/\">Projekt Gutenberg</a>'s anniversary information to Telegram.";
link = "https://t.me/Autorenkalender";
}
];
}

79
configs/bots/celan.nix
View File

@@ -1,79 +0,0 @@
{
pkgs,
lib,
config,
...
}: {
niveum.bots.celan = {
enable = true;
time = "08:00";
telegram = {
enable = true;
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = ["@PaulCelan"];
};
mastodon = {
enable = true;
tokenFile = config.age.secrets.mastodon-token-celan.path;
language = "de";
};
command = toString (pkgs.writers.writePython3 "random-celan.py" { libraries = [pkgs.python3Packages.lxml]; } ''
from lxml import etree
import random
def xml_text(elements):
return "".join("".join(t.itertext()) for t in elements).strip()
tree = etree.parse('${pkgs.fetchurl {
url = "http://c.krebsco.de/celan.tei.xml";
hash = "sha256-HgNmJYfhuwyfm+FcNtnnYWpJpIIU1ElHLeLiIFjF9mE=";
}}')
root = tree.getroot()
tei = {"tei": "http://www.tei-c.org/ns/1.0"}
poems = root.xpath(".//tei:lg[@type='poem']", namespaces=tei)
poem = random.choice(poems)
for stanza in poem.xpath("./tei:lg[@type='stanza']", namespaces=tei):
for line in stanza.xpath('./tei:l', namespaces=tei):
if line.text:
print(line.text.strip())
print()
current_element = poem
while current_element is not None:
if current_element.tag == "{http://www.tei-c.org/ns/1.0}text":
text_element = current_element
title = xml_text(text_element.xpath("./tei:front/tei:docTitle",
namespaces=tei))
print(f"Aus: #{title.replace(" ", "_")}", end=" ")
if date := xml_text(text_element.xpath("./tei:front/tei:docDate",
namespaces=tei)):
print(f"({date})")
break
current_element = current_element.getparent()
print("\n\n#PaulCelan #Celan #Lyrik #poetry")
'');
};
age.secrets = {
mastodon-token-celan.file = ../../secrets/mastodon-token-celan.age;
};
systemd.timers.bot-celan.timerConfig.RandomizedDelaySec = "10h";
niveum.passport.services = [
{
title = "Paul Celan Bot";
description = "sends a random poem by Paul Celan to Telegram.";
link = "https://t.me/PaulCelan";
}
];
}

108
configs/bots/default.nix
View File

@@ -1,108 +0,0 @@
{
config,
pkgs,
lib,
inputs,
...
}: let
telebots = inputs.telebots.defaultPackage.x86_64-linux;
reverseDirectory = "/run/telegram-reverse";
proverbDirectory = "/run/telegram-proverb";
inherit (import ../../lib) tmpfilesConfig;
in {
imports = [
./logotheca.nix
./transits.nix
./autorenkalender.nix
./hesychius.nix
./smyth.nix
./nachtischsatan.nix
# ./tlg-wotd.nix TODO reenable
./celan.nix
./nietzsche.nix
];
age.secrets = {
telegram-token-kmein.file = ../../secrets/telegram-token-kmein.age;
};
systemd.tmpfiles.rules = map (path:
tmpfilesConfig {
type = "d";
mode = "0750";
age = "1h";
inherit path;
}) [reverseDirectory proverbDirectory];
niveum.passport.services = [
{
title = "Rückwarts-Bot";
link = "https://t.me/RueckwaertsBot";
description = "reverses things on Telegram.";
}
{
title = "BetaCode-Bot";
link = "https://t.me/BetaCodeBot";
description = "converts <a href=\"https://en.wikipedia.org/wiki/Beta_Code\">beta code</a> to polytonic Greek on Telegram.";
}
{
title = "Sprichwortgenerator-Bot";
link = "https://t.me/SprichwortGeneratorBot";
description = "generates useless German proverbs with optional stock photo background on Telegram.";
}
];
age.secrets = {
telegram-token-reverse.file = ../../secrets/telegram-token-reverse.age;
telegram-token-betacode.file = ../../secrets/telegram-token-betacode.age;
telegram-token-proverb.file = ../../secrets/telegram-token-proverb.age;
telegram-token-streaming-link.file = ../../secrets/telegram-token-streaming-link.age;
};
systemd.services.telegram-reverse = {
wantedBy = ["multi-user.target"];
description = "Telegram reverse bot";
path = [pkgs.ffmpeg];
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-reverse
'';
serviceConfig.Restart = "always";
serviceConfig.WorkingDirectory = reverseDirectory;
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-reverse.path}";
};
systemd.services.telegram-streaming-link = {
wantedBy = ["multi-user.target"];
description = "Telegram bot converting YouTube Music <-> Spotify";
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-streaming-link
'';
serviceConfig.Restart = "always";
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-streaming-link.path}";
};
systemd.services.telegram-betacode = {
wantedBy = ["multi-user.target"];
description = "Telegram beta code bot";
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-betacode
'';
serviceConfig.Restart = "always";
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-betacode.path}";
};
systemd.services.telegram-proverb = {
wantedBy = ["multi-user.target"];
description = "Telegram proverb bot";
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-proverb
'';
serviceConfig.Restart = "always";
serviceConfig.WorkingDirectory = proverbDirectory;
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-proverb.path}";
};
}

39
configs/bots/hesychius.nix
View File

@@ -1,39 +0,0 @@
{
pkgs,
config,
inputs,
lib,
...
}: let
hesychius = inputs.scripts.outPath + "/hesychius/hesychius.txt";
in {
niveum.bots.hesychius = {
enable = true;
time = "08:00";
mastodon = {
enable = true;
language = "el";
tokenFile = config.age.secrets.mastodon-token-hesychius.path;
};
telegram = {
enable = true;
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = ["@HesychiosAlexandreus"];
};
command = "${pkgs.coreutils}/bin/shuf -n1 ${hesychius}";
};
systemd.timers.bot-hesychius.timerConfig.RandomizedDelaySec = "10h";
age.secrets = {
mastodon-token-hesychius.file = ../../secrets/mastodon-token-hesychius.age;
};
niveum.passport.services = [
{
title = "Hesychius of Alexandria Bot";
description = "sends a random word from Hesychius of Alexandria's lexicon to Telegram.";
link = "https://t.me/HesychiosAlexandreus";
}
];
}

38
configs/bots/logotheca.nix
View File

@@ -1,38 +0,0 @@
{
pkgs,
config,
lib,
niveumPackages,
...
}: {
niveum.bots.logotheca = {
enable = true;
time = "08/6:00";
telegram = {
enable = true;
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = ["-1001760262519"];
parseMode = "Markdown";
};
matrix = {
enable = true;
homeserver = "matrix.4d2.org";
tokenFile = config.age.secrets.matrix-token-lakai.path;
chatIds = [
"!zlwCuPiCNMSxDviFzA:4d2.org"
];
};
command = "${niveumPackages.literature-quote}/bin/literature-quote";
};
age.secrets = {
matrix-token-lakai.file = ../../secrets/matrix-token-lakai.age;
};
niveum.passport.services = [
{
title = "Literature quote bot";
description = "sends me and my friends three <a href=\"https://logotheca.xn--kiern-0qa.de/\">logotheca</a> quotes a day.";
}
];
}

48
configs/bots/nachtischsatan.nix
View File

@@ -1,48 +0,0 @@
{
pkgs,
config,
lib,
...
}: let
nachtischsatan-bot = {tokenFile}:
pkgs.writers.writePython3 "nachtischsatan-bot" {
libraries = [pkgs.python3Packages.python-telegram-bot];
} ''
from telegram.ext import Application, ContextTypes, MessageHandler, filters
from telegram import Update
import random
import time
async def flubber(update: Update, context: ContextTypes.DEFAULT_TYPE):
time.sleep(random.randrange(4000) / 1000)
await update.message.reply_text("*flubberflubber*")
with open('${tokenFile}', 'r') as tokenFile:
token = tokenFile.read().strip()
application = Application.builder().token(token).build()
application.add_handler(MessageHandler(filters.ALL, flubber))
application.run_polling()
'';
in {
systemd.services.telegram-nachtischsatan = {
wantedBy = ["multi-user.target"];
description = "*flubberflubber*";
enable = true;
script = toString (nachtischsatan-bot {
tokenFile = config.age.secrets.telegram-token-nachtischsatan.path;
});
serviceConfig.Restart = "always";
};
age.secrets.telegram-token-nachtischsatan.file = ../../secrets/telegram-token-nachtischsatan.age;
niveum.passport.services = [
{
title = "Nachtischsatan-Bot";
link = "https://t.me/NachtischsatanBot";
description = "*flubberflubber*";
}
];
}

31
configs/bots/nietzsche.nix
View File

@@ -1,31 +0,0 @@
{
config,
pkgs,
niveumPackages,
...
}: {
niveum.bots.nietzsche = {
enable = true;
time = "08:00";
mastodon = {
enable = true;
tokenFile = config.age.secrets.mastodon-token-nietzsche.path;
language = "de";
};
command = toString (pkgs.writers.writeBash "random-nietzsche" ''
set -efu
random_number=$(( ($RANDOM % 10) + 1 ))
if [ "$random_number" -eq 1 ]; then
${niveumPackages.random-zeno}/bin/random-zeno "/Literatur/M/Nietzsche,+Friedrich"
else
${niveumPackages.random-zeno}/bin/random-zeno "/Philosophie/M/Nietzsche,+Friedrich"
fi
'');
};
systemd.timers.bot-nietzsche.timerConfig.RandomizedDelaySec = "10h";
age.secrets = {
mastodon-token-nietzsche.file = ../../secrets/mastodon-token-nietzsche.age;
};
}

69
configs/bots/smyth.nix
View File

@@ -1,69 +0,0 @@
{
config,
pkgs,
lib,
...
}: {
niveum.bots.smyth = {
enable = true;
time = "08:00";
mastodon = {
enable = true;
tokenFile = config.age.secrets.mastodon-token-smyth.path;
language = "en";
};
telegram = {
enable = true;
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = ["@HerbertWeirSmyth"];
};
command = toString (pkgs.writers.writeDash "random-smyth" ''
set -efu
good_curl() {
${pkgs.curl}/bin/curl "$@" \
--compressed \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \
-H 'Accept-Language: en-US,en;q=0.5' \
-H 'DNT: 1' \
-H 'Connection: keep-alive' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'Sec-Fetch-Dest: document' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-Site: cross-site' \
-H 'Priority: u=0, i' \
-H 'Pragma: no-cache' \
-H 'Cache-Control: no-cache'
}
RANDOM_SECTION=$(
good_curl -sSL http://www.perseus.tufts.edu/hopper/xmltoc?doc=Perseus%3Atext%3A1999.04.0007%3Asmythp%3D1 \
| ${pkgs.gnugrep}/bin/grep -o 'ref="[^"]*"' \
| ${pkgs.coreutils}/bin/shuf -n1 \
| ${pkgs.gnused}/bin/sed 's/^ref="//;s/"$//'
)
url="http://www.perseus.tufts.edu/hopper/text?doc=$RANDOM_SECTION"
good_curl -sSL "$url"\
| ${pkgs.htmlq}/bin/htmlq '#text_main' \
| ${pkgs.gnused}/bin/sed 's/<\/\?hr>//g' \
| ${pkgs.pandoc}/bin/pandoc -f html -t plain --wrap=none
printf '\n%s\n\n#AncientGreek' "$url"
'');
};
systemd.timers.bot-smyth.timerConfig.RandomizedDelaySec = "10h";
age.secrets = {
mastodon-token-smyth.file = ../../secrets/mastodon-token-smyth.age;
};
niveum.passport.services = [
{
title = "Herbert Weir Smyth Bot";
description = "sends a random section from Smyth's Ancient Greek grammar to Telegram.";
link = "https://t.me/HerbertWeirSmyth";
}
];
}

164
configs/bots/tlg-wotd.nix
View File

@@ -1,164 +0,0 @@
{
pkgs,
lib,
config,
niveumPackages,
unstablePackages,
...
}: let
mastodonEndpoint = "https://social.krebsco.de";
in {
systemd.services.bot-tlg-wotd = {
# TODO reenable
# once https://github.com/NixOS/nixpkgs/pull/462893 is in stable NixOS
enable = true;
wants = ["network-online.target"];
startAt = "9:30";
path = [ pkgs.jq pkgs.curl pkgs.recode pkgs.deno pkgs.imagemagick pkgs.gawk pkgs.gnugrep pkgs.coreutils ];
environment = {
NPM_CONFIG_CACHE = "/tmp";
CLTK_DATA = "/tmp";
};
script = ''
set -efux
chat_id=@tlgwotd
export TELEGRAM_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/telegram-token")"
export MASTODON_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/mastodon-token")"
json_data=$(curl -sSL http://stephanus.tlg.uci.edu/Iris/Wotd | recode html..utf8)
word=$(echo "$json_data" | jq -r '.word')
compact_word=$(echo "$word" | sed 's/,.*$//')
definition=$(echo "$json_data" | jq -r '.definition | sub("<.*>"; "") | rtrimstr(" ")')
first_occurrence=$(echo "$json_data" | jq -r '.firstOccurrence')
total_occurrences=$(echo "$json_data" | jq -r '.totalOccurrences')
telegram_caption="*$word* $definition
First occurrence (century): $first_occurrence
Number of occurrences (in all Ancient Greek texts): $total_occurrences"
mastodon_caption="$word $definition
First occurrence (century): $first_occurrence
Number of occurrences (in all Ancient Greek texts): $total_occurrences"
#ancientgreek #classics #wotd #wordoftheday
transliteration=$(${pkgs.writers.writePython3 "translit.py" {
libraries = py: [ py.cltk ];
} ''
import sys
from cltk.phonology.grc.transcription import Transcriber
probert = Transcriber("Attic", "Probert")
text = " ".join(sys.argv[1:])
ipa = probert.transcribe(text)
print(ipa)
''} "$compact_word")
photo_path=/tmp/output.png
hex_to_rgb() {
hex="$1"
r=$(printf "%d" "0x$(echo "$hex" | cut -c2-3)")
g=$(printf "%d" "0x$(echo "$hex" | cut -c4-5)")
b=$(printf "%d" "0x$(echo "$hex" | cut -c6-7)")
echo "$r $g $b"
}
calculate_luminance() {
r="$1"
g="$2"
b="$3"
r_l=$(echo "$r" | awk '{print ($1 / 255 <= 0.03928) ? $1 / 255 / 12.92 : (($1 / 255 + 0.055) / 1.055)^2.4}')
g_l=$(echo "$g" | awk '{print ($1 / 255 <= 0.03928) ? $1 / 255 / 12.92 : (($1 / 255 + 0.055) / 1.055)^2.4}')
b_l=$(echo "$b" | awk '{print ($1 / 255 <= 0.03928) ? $1 / 255 / 12.92 : (($1 / 255 + 0.055) / 1.055)^2.4}')
echo "$r_l $g_l $b_l" | awk '{print 0.2126*$1 + 0.7152*$2 + 0.0722*$3}'
}
hex_color="#$(echo "$compact_word" | md5sum | cut -c 1-6)"
if echo "$hex_color" | grep -qE '^#[0-9A-Fa-f]{6}$'; then
set -- $(hex_to_rgb "$hex_color")
r="$1"
g="$2"
b="$3"
fi
luminance=$(calculate_luminance "$r" "$g" "$b")
threshold="0.1"
echo "$r $g $b"
if [ "$(echo "$luminance" | awk -v threshold="$threshold" '{print ($1 > threshold)}')" -eq 1 ]; then
color1="black"
color2="#333"
else
color1="white"
color2=lightgrey
fi
magick -size 1400x846 \
xc:"$hex_color" \
-font "${pkgs.gentium}/share/fonts/truetype/GentiumBookPlus-Bold.ttf" \
-fill "$color1" \
-pointsize 150 -gravity west \
-annotate +100-160 "$compact_word" \
-font "${pkgs.gentium}/share/fonts/truetype/GentiumBookPlus-Regular.ttf" \
-fill "$color2" \
-pointsize 60 -gravity west \
-annotate +100+00 "$transliteration" \
-fill "$color1" \
-annotate +100+120 "$definition" \
-fill "$color2" \
-pointsize 40 -gravity southwest \
-annotate +100+60 "attested $total_occurrences times" \
-pointsize 40 -gravity southeast \
-annotate +100+60 "$(date -I)" \
"$photo_path"
curl -X POST "https://api.telegram.org/bot$TELEGRAM_TOKEN/sendPhoto" \
-F "chat_id=\"$chat_id\"" \
-F "photo=@$photo_path" \
-F parse_mode=Markdown \
-F caption="$telegram_caption"
mastodon_upload_response=$(curl -X POST "${mastodonEndpoint}/api/v2/media" \
-H "Authorization: Bearer $MASTODON_TOKEN" \
-F "file=@$photo_path" \
-F "description=$word $definition")
mastodon_image_id=$(echo $mastodon_upload_response | jq -r .id)
curl -X POST "${mastodonEndpoint}/api/v1/statuses" \
-H "Authorization: Bearer $MASTODON_TOKEN" \
-d "status=$mastodon_caption" \
-d "visibility=public" \
-d "media_ids[]=$mastodon_image_id"
'';
serviceConfig = {
Type = "oneshot";
DynamicUser = true;
StateDirectory = "tlgwotd";
PrivateTmp = true;
LoadCredential = [
"telegram-token:${config.age.secrets.telegram-token-kmein.path}"
"mastodon-token:${config.age.secrets.mastodon-token-tlgwotd.path}"
];
};
};
age.secrets = {
mastodon-token-tlgwotd.file = ../../secrets/mastodon-token-tlgwotd.age;
};
niveum.passport.services = [
{
title = "Thesaurus Linguae Graecae Word of the Day";
description = "sends <a href=\"https://stephanus.tlg.uci.edu/\">TLG</a>'s word of the day to Telegram.";
link = "https://t.me/tlgwotd";
}
];
}

90
configs/browser.nix
View File

@@ -1,90 +0,0 @@
{
config,
pkgs,
niveumPackages,
...
}: {
environment.systemPackages = [
niveumPackages.cro
pkgs.tor-browser
pkgs.firefox
pkgs.brave
];
home-manager.users.me = {
programs.firefox = {
enable = true;
profiles = let
defaultSettings = {
"beacon.enabled" = false;
"browser.bookmarks.showMobileBookmarks" = true;
"browser.newtab.preload" = false;
"browser.search.isUS" = false;
"browser.search.region" = "DE";
"browser.send_pings" = false;
"browser.shell.checkDefaultBrowser" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.uidensity" = 1;
"browser.urlbar.placeholderName" = "Search";
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"distribution.searchplugins.defaultLocale" = "de-DE";
"general.smoothScroll" = true;
"identity.fxaccounts.account.device.name" = config.networking.hostName;
"network.cookie.cookieBehavior" = 1;
"privacy.donottrackheader.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.pbmode.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.declinedEngines" = "passwords";
"services.sync.engine.passwords" = false;
"signon.autofillForms" = false;
"signon.rememberSignons" = false;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.cachedClientID" = "";
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
"ui.prefersReducedMotion" = 1;
};
in {
default = {
id = 0;
isDefault = true;
settings = defaultSettings;
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
# ublock-origin
# darkreader
# sponsorblock
# consent-o-matic
# i-dont-care-about-cookies
# # auto-tab-discard TODO what is this
# ];
userChrome = ''
#TabsToolbar {
visibility: collapse !important;
}
'';
};
};
};
};
home-manager.users.me = {
stylix.targets.firefox.profileNames = ["default"];
};
environment.variables.BROWSER = "firefox";
}

57
configs/bvg.nix Normal file
View File

@@ -0,0 +1,57 @@
{ pkgs, lib, ... }:
let
inherit (import <niveum/lib>) serveHtml;
stations = [
900068204 # A/M
900068302 # KAS
900068203 # B-P
];
fahrplan = pkgs.writeText "fahrplan.html" ''
<!DOCTYPE html>
<title>Fahrplan</title>
<link
rel="icon"
type="image/x-icon"
href="https://mobil.bvg.de/Fahrinfo/img/ua_xhtml/logo.gif"
/>
<style>
body {
margin: 0;
--bvg-yellow: #f0d722;
}
#fahrplan {
display: flex;
height: 100vh;
width: 100%;
flex-direction: row;
}
#fahrplan iframe {
flex-grow: 1;
border: none;
}
#fahrplan iframe + iframe {
border-left: 2px solid var(--bvg-yellow);
}
</style>
<body>
<div id="fahrplan">
${lib.concatMapStrings (station: ''
<iframe scrolling="no" src="https://mobil.bvg.de/Fahrinfo/bin/stboard.bin/dox?ld=0.1&input=${toString station}&boardType=depRT&start=yes"></iframe>
'') stations}
</div>
</body>
'';
in
{
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."bvg.kmein.r" = {
locations."/".extraConfig = serveHtml fahrplan pkgs;
};
}

4
configs/ccc.nix
View File

@@ -1,4 +1,4 @@
{pkgs, ...}:
{ pkgs, ... }:
# https://paste.sr.ht/~erictapen/11716989e489b600f237041b6d657fdf0ee17b34
let
certificate = pkgs.stdenv.mkDerivation rec {
@@ -7,7 +7,7 @@ let
1,/DST Root CA X3/d
1,/-----END CERTIFICATE-----/p
'';
nativeBuildInputs = with pkgs; [cacert gnused];
nativeBuildInputs = with pkgs; [ cacert gnused ];
phases = "installPhase";
installPhase = ''
${pkgs.gnused}/bin/sed -n -f $src ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt > $out

16
configs/chromium.nix Normal file
View File

@@ -0,0 +1,16 @@
{ pkgs, ... }: {
programs.chromium = {
enable = true;
extensions = [
"nngceckbapebfimnlniiiahkandclblb" # BitWarden
# "ihlenndgcmojhcghmfjfneahoeklbjjh" # cVim
# "fpnmgdkabkmnadcjpehmlllkndpkmiak" # Wayback Machine
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
"khncfooichmfjbepaaaebmommgaepoid" # Remove YouTube Recommended Videos
];
};
environment.systemPackages = [ pkgs.chromium pkgs.brave ];
environment.variables.BROWSER = "brave";
}

7
configs/clipboard.nix
View File

@@ -1,7 +0,0 @@
{
config,
pkgs,
...
}: {
services.clipmenu.enable = true;
}

148
configs/cloud.nix
View File

@@ -1,73 +1,12 @@
{
config,
lib,
pkgs,
...
}: let
inherit (import ../lib) tmpfilesConfig;
in {
systemd.user.services.systemd-tmpfiles-clean = {
enable = true;
wantedBy = [ "default.target" ];
startAt = "daily";
script = "systemd-tmpfiles --user --clean";
serviceConfig = {
Type = "oneshot";
};
};
systemd.user.tmpfiles.users.me.rules = map tmpfilesConfig [
{
type = "d";
mode = "0755";
age = "7d";
path = "${config.users.users.me.home}/sync/Downloads";
}
{
type = "d";
mode = "0755";
age = "7d";
path = "${config.users.users.me.home}/cloud/nextcloud/tmp";
}
] ++ map (path: tmpfilesConfig {
type = "L+";
user = config.users.users.me.name;
group = config.users.users.me.group;
mode = "0755";
argument = "${config.users.users.me.home}/sync/${path}";
path = "${config.users.users.me.home}/${path}";
}) [".ssh" ".gnupg" ".pki" ".local/share/aerc"];
services.gnome.gnome-keyring.enable = true;
security.pam.services.lightdm.enableGnomeKeyring = true;
{ config, lib, pkgs, ... }: {
system.activationScripts.home-symlinks = ''
ln -sfn ${config.users.users.me.home}/cloud/syncthing/common/mahlzeit ${config.users.users.me.home}/mahlzeit
ln -sfn ${config.users.users.me.home}/cloud/Seafile/Wiki ${config.users.users.me.home}/notes
ln -sfn ${config.users.users.me.home}/cloud/Seafile/Uni ${config.users.users.me.home}/uni
'';
home-manager.users.me = {
services.nextcloud-client = {
enable = true;
startInBackground = true;
};
};
systemd.user.services.nextcloud-syncer = {
enable = false;
wants = ["network-online.target"];
wantedBy = ["default.target"];
startAt = "*:00/10";
script = let
kieran = {
user = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path;
endpoint = "https://cloud.kmein.de";
target = "${config.users.users.me.home}/notes";
};
in ''
mkdir -p ${lib.escapeShellArg kieran.target}
${pkgs.nextcloud-client}/bin/nextcloudcmd --non-interactive --user ${kieran.user} --password "$(cat ${kieran.passwordFile})" --path /Notes ${lib.escapeShellArg kieran.target} ${kieran.endpoint}
'';
serviceConfig = {
Type = "oneshot";
Restart = "on-failure";
};
services.nextcloud-client.enable = true;
};
environment.systemPackages = [
@@ -75,68 +14,41 @@ in {
set -efu
book="$({
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/syncthing/library -type f
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/nextcloud/Books -type f
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/Seafile/Books -type f
} | ${pkgs.fzf}/bin/fzf)"
exec ${pkgs.zathura}/bin/zathura "$book"
${pkgs.zathura}/bin/zathura "$book"
'')
(let
kieran = {
user = "kieran.meinhardt@gmail.com";
passwordFile = config.age.secrets.mega-password.path;
};
megatools = command: ''${pkgs.megatools}/bin/megatools ${command} --username ${lib.escapeShellArg kieran.user} --password "$(cat ${kieran.passwordFile})"'';
in
pkgs.writers.writeDashBin "book-mega" ''
set -efu
selection="$(${megatools "ls"} | ${pkgs.fzf}/bin/fzf)"
test -n "$selection" || exit 1
tmpdir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$tmpdir"
}
(
cd "$tmpdir"
${megatools "get"} "$selection"
exec ${pkgs.zathura}/bin/zathura "$(basename "$selection")"
)
'')
];
age.secrets.mega-password = {
file = ../secrets/mega-password.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
fileSystems."/media/moodle" = {
device = "zaatar.r:/moodle";
fsType = "nfs";
options = [
"x-systemd.idle-timeout=600"
"noauto"
"x-systemd.automount"
];
};
services.syncthing = {
services.syncthing = rec {
enable = true;
user = "kfm";
openDefaultPorts = true;
configDir = "/home/kfm/.config/syncthing";
dataDir = "/home/kfm/.config/syncthing";
cert = config.age.secrets.syncthing-cert.path;
key = config.age.secrets.syncthing-key.path;
settings = {
inherit ((import ../lib).syncthing) devices;
folders = {
"${config.users.users.me.home}/sync" = {
devices = ["kabsa" "manakish" "fatteh"];
label = "sync";
versioning.type = "trashcan";
versioning.params.cleanoutDays = 100;
};
"${config.users.users.me.home}/mobile" = {
devices = ["kabsa" "manakish" "fatteh" "kibbeh"];
id = "mobile";
label = "mobile";
versioning.type = "trashcan";
versioning.params.cleanoutDays = 100;
cert = toString <system-secrets/syncthing/cert.pem>;
key = toString <system-secrets/syncthing/key.pem>;
inherit ((import <niveum/lib>).syncthing) devices;
folders =
let cloud-dir = "${config.users.users.me.home}/cloud";
in {
"${cloud-dir}/syncthing/common".devices = [ "kabsa" "manakish" ];
"${cloud-dir}/syncthing/library".devices = [ "kabsa" "manakish" "heym" ];
"${cloud-dir}/syncthing/mundoiu".devices = [ "kabsa" "manakish" "heym" ];
"${cloud-dir}/syncthing/music" = {
devices = [ "kabsa" "manakish" "heym" "zaatar" ];
id = "music";
};
};
};
};
}

8
configs/compton.nix Normal file
View File

@@ -0,0 +1,8 @@
{
services.compton = {
enable = true;
shadow = true;
menuOpacity = 0.9;
shadowOpacity = 0.3;
};
}

37
configs/copyq.nix Normal file
View File

@@ -0,0 +1,37 @@
{ config, pkgs, ... }:
let
copyqConfig = pkgs.writers.writeDash "copyq-config" ''
${pkgs.copyq}/bin/copyq config check_clipboard true
${pkgs.copyq}/bin/copyq config check_selection false
${pkgs.copyq}/bin/copyq config copy_clipboard true
${pkgs.copyq}/bin/copyq config copy_selection false
${pkgs.copyq}/bin/copyq config activate_closes true
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
${pkgs.copyq}/bin/copyq config clipboard_tab \&clipboard
${pkgs.copyq}/bin/copyq config disable_tray false
${pkgs.copyq}/bin/copyq config hide_tabs false
${pkgs.copyq}/bin/copyq config hide_toolbar false
${pkgs.copyq}/bin/copyq config item_popup_interval true
${pkgs.copyq}/bin/copyq config maxitems 1000
${pkgs.copyq}/bin/copyq config move true
${pkgs.copyq}/bin/copyq config text_wrap true
'';
in {
environment.systemPackages = [ pkgs.copyq ];
systemd.user.services.copyq = {
wantedBy = [ "graphical-session.target" ];
environment = {
DISPLAY = ":${toString config.services.xserver.display}";
};
serviceConfig = {
SyslogIdentifier = "copyq";
ExecStart = "${pkgs.copyq}/bin/copyq";
ExecStartPost = copyqConfig;
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
}

312
configs/default.nix
View File

@@ -1,55 +1,39 @@
{
pkgs,
lib,
config,
niveumPackages,
inputs,
...
}:
{ inputs, pkgs, lib, config, options, ... }:
let
inherit (lib.strings) makeBinPath;
inherit (import ../lib) localAddresses kieran remoteDir;
defaultApplications = (import ../lib).defaultApplications { inherit pkgs; };
in
{
inherit (import <niveum/lib>) localAddresses kieran;
in {
imports = [
inputs.self.nixosModules.system-dependent
inputs.self.nixosModules.power-action
../modules/system-dependent.nix
{
boot.supportedFilesystems = [ "ntfs" ];
}
{
nix.nixPath = [
"/var/src"
];
}
{
nixpkgs = {
config = {
allowUnfree = true;
packageOverrides = pkgs: {
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"'';
gfs-fonts = pkgs.callPackage <niveum/packages/gfs-fonts.nix> {};
iolanguage = pkgs.callPackage <niveum/packages/iolanguage.nix> { };
ix = pkgs.callPackage <niveum/packages/ix.nix> { };
};
permittedInsecurePackages = [
];
};
overlays = [
(self: super: {
scripts = import <niveum/packages/scripts> { pkgs = super; inherit lib; };
})
];
};
}
{
boot.tmp.cleanOnBoot = true;
boot.cleanTmpDir = true;
boot.loader.timeout = 1;
}
{
age.secrets = {
di-fm-key = {
file = ../secrets/di-fm-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
restic = {
file = ../secrets/restic.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
}
{
home-manager.users.me = {
programs.zathura = {
@@ -69,91 +53,126 @@ in
users.users.me = {
name = "kfm";
description = kieran.name;
hashedPasswordFile = config.age.secrets.kfm-password.path;
hashedPassword =
"$6$w9hXyGFl/.IZBXk$5OiWzS1G.5hImhh1YQmZiCXYNAJhi3X6Y3uSLupJNYYXPLMsQpx2fwF4Xr2uYzGMV8Foqh8TgUavx1APD9rcb/";
isNormalUser = true;
uid = 1000;
extraGroups = [
"pipewire"
"audio"
];
};
nix.settings.trusted-users = [ config.users.users.me.name ];
age.secrets = {
kfm-password.file = ../secrets/kfm-password.age;
};
home-manager.users.me.xdg.enable = true;
home-manager.users.me.dconf.enable = false;
}
{
environment.interactiveShellInit = "export PATH=$PATH";
environment.shellAliases =
let
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
in
{
o = "${pkgs.xdg-utils}/bin/xdg-open";
ns = "nix-shell --run zsh";
pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in";
pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out";
tmux = "${pkgs.tmux}/bin/tmux -2";
sxiv = swallow "${pkgs.nsxiv}/bin/nsxiv";
zathura = swallow "${pkgs.zathura}/bin/zathura";
im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link
yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata --audio-format mp3 --audio-quality 0 -xic"; # Download with audio
};
sound.enable = true;
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
extraModules = [ pkgs.pulseaudio-modules-bt ];
# copy server:/run/pulse/.config/pulse/cookie to client:~/.config/pulse/cookie to authenticate a client machine
zeroconf.discovery.enable = true;
extraConfig = ''
load-module ${toString [
"module-tunnel-sink-new"
"server=zaatar.r"
"sink_name=zaatar"
"channels=2"
"rate=44100"
]}
'';
};
users.users.me.extraGroups = [ "audio" ];
environment.systemPackages = [ pkgs.pavucontrol pkgs.ncpamixer pkgs.pamixer pkgs.pulsemixer ];
}
{
i18n = {
defaultLocale = "en_DK.UTF-8";
supportedLocales = [ "all" ];
environment.interactiveShellInit =
"export PATH=$PATH:$HOME/projects/niveum";
environment.shellAliases = let
wcd = pkgs.writers.writeDash "wcd" ''
cd "$(readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname)/.."
'';
where = pkgs.writers.writeDash "where" ''
readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname
'';
take = pkgs.writers.writeDash "take" ''
mkdir "$1" && cd "$1"
'';
swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
in {
"ß" = "${pkgs.utillinux}/bin/setsid";
cat = "${pkgs.bat}/bin/bat --style=plain";
chromium-incognito =
"chromium --user-data-dir=$(mktemp -d /tmp/chr.XXXXXX) --no-first-run --incognito";
cp = "cp --interactive";
ip = "${pkgs.iproute}/bin/ip -c";
l = "ls --color=auto --time-style=long-iso --almost-all";
ls = "ls --color=auto --time-style=long-iso";
ll = "ls --color=auto --time-style=long-iso -l";
la = "ls --color=auto --time-style=long-iso --almost-all -l";
mv = "mv --interactive";
nixi = "nix repl '<nixpkgs>'";
ns = "nix-shell --run zsh";
o = "${pkgs.xdg_utils}/bin/xdg-open";
pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in";
pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out";
rm = "rm --interactive";
s = "${pkgs.systemd}/bin/systemctl";
take = "source ${take}";
tmux = "${pkgs.tmux}/bin/tmux -2";
sxiv = swallow "${pkgs.sxiv}/bin/sxiv";
zathura = swallow "${pkgs.zathura}/bin/zathura";
us = "${pkgs.systemd}/bin/systemctl --user";
wcd = "source ${wcd}";
im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
where = "source ${where}";
yt =
"${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -ic"; # Download video link
yta =
"${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -xic"; # Download with audio
};
}
{ i18n.defaultLocale = "en_GB.UTF-8"; }
{
services.displayManager = {
autoLogin = {
enable = true;
user = config.users.users.me.name;
};
};
services.xserver = {
enable = true;
displayManager.lightdm = {
enable = true;
greeters.gtk = {
displayManager = {
autoLogin = {
enable = true;
indicators = [
"~spacer"
"~host"
"~spacer"
"~session"
"~power"
];
user = config.users.users.me.name;
};
lightdm = {
enable = true;
greeters.gtk = {
enable = true;
indicators = [ "~spacer" "~host" "~spacer" "~session" "~power" ];
};
};
};
};
}
{
programs.gnupg = {
agent = {
enable = true;
pinentryPackage = pkgs.pinentry-qt;
settings = rec {
default-cache-ttl = 2 * 60 * 60;
max-cache-ttl = 4 * default-cache-ttl;
};
security.wrappers = {
pmount = {
owner = "root";
group = "users";
source = "${pkgs.pmount}/bin/pmount";
};
pumount = {
owner = "root";
group = "users";
source = "${pkgs.pmount}/bin/pumount";
};
};
}
{ programs.command-not-found.enable = true; }
{
programs.gnupg.agent.enable = true;
environment.systemPackages = [
pkgs.gnupg
(pkgs.pass.withExtensions (e: [
e.pass-otp
e.pass-import
e.pass-genphrase
]))
(pkgs.pass.withExtensions (e: [e.pass-otp]))
];
}
{
@@ -171,124 +190,61 @@ in
value = [ "${name}.local" ];
}) localAddresses;
}
{
home-manager.users.me.home.stateVersion = "22.05";
home-manager.backupFileExtension = "bak";
}
{
systemd.user.services.udiskie = {
after = [ "udisks2.service" ];
wants = [ "udisks2.service" ];
wantedBy = [ "graphical-session.target" ];
serviceConfig = {
ExecStart = "${pkgs.udiskie}/bin/udiskie --verbose --no-config --notify";
};
};
services.udisks2.enable = true;
programs.dconf.enable = true;
home-manager.users.me = {
dconf.enable = true;
dconf.settings = {
# Change the default terminal for Nemo
"org/cinnamon/desktop/applications/terminal".exec = defaultApplications.terminal;
};
};
}
./android.nix
./admin-essentials.nix
./stylix.nix
./alacritty.nix
./backup.nix
./bash.nix
./beets.nix
./bluetooth.nix
./aerc.nix
./ccc.nix
# ./kleiter.nix
./khal.nix
./browser.nix
./clipboard.nix
./chromium.nix
./cloud.nix
./copyq.nix
./compton.nix
./direnv.nix
./docker.nix
./dunst.nix
./flix.nix
./fonts.nix
./fzf.nix
./gaslight.nix
./git.nix
./hledger.nix
./htop.nix
./uni.nix
./hu-berlin.nix
./i3.nix
./i3status-rust.nix
./keyboard.nix
./mycelium.nix
./kdeconnect.nix
{ home-manager.users.me.home.file.".XCompose".source = ../lib/keyboards/XCompose; }
{ services.upower.enable = true; }
./lb.nix
./mpv.nix
./mime.nix
./nano.nix
./neovim.nix
./neomutt.nix
./nix.nix
./newsboat.nix
./flameshot.nix
./packages.nix
./virtualization.nix
./picom.nix
./stardict.nix
./polkit.nix
./flameshot-once.nix
./packages
./power-action.nix
./printing.nix
./openweathermap.nix
./wallpaper.nix
./redshift.nix
./retiolum.nix
./rofi.nix
./spacetime.nix
./seafile.nix
./ssh.nix
./sshd.nix
./sound.nix
./sudo.nix
./sxiv.nix
./theming.nix
./tmux.nix
# ./tor.nix
./traadfri.nix
./unclutter.nix
./version.nix
./vscode.nix
./watson.nix
./wallpaper.nix
./zsh.nix
{
home-manager.users.me.home.file.".zshrc".text = ''
# nothing to see here
'';
}
./tor.nix
./mastodon-bot.nix
{
fileSystems."${remoteDir}/fritz" = {
device = "//192.168.178.1/FRITZ.NAS/Backup";
fsType = "cifs";
options = [
"username=ftpuser"
"password=ftppassword"
"noauto"
"nounix"
"rw"
# "noserverino" # ref https://askubuntu.com/a/1265165
"uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
};
}
{
home-manager.users.me = {
xdg.userDirs = rec {
enable = true;
documents = "${config.users.users.me.home}/cloud/nextcloud/Documents";
desktop = "/tmp";
download = "${config.users.users.me.home}/sync/Downloads";
music = "${config.users.users.me.home}/mobile/audio";
pictures = "${config.users.users.me.home}/cloud/nextcloud/Bilder";
publicShare = "${config.users.users.me.home}/cloud/nextcloud/tmp";
videos = pictures;
};
};
}
];
}

23
configs/direnv.nix
View File

@@ -1,4 +1,5 @@
{pkgs, ...}: let
{ pkgs, ... }:
let
nixify = pkgs.writers.writeDashBin "nixify" ''
set -efuC
@@ -10,25 +11,25 @@
cat > shell.nix <<'EOF'
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
packages = [];
buildInputs = [];
}
EOF
''${EDITOR:-vim} shell.nix
fi
'';
in {
environment.systemPackages = [pkgs.direnv nixify];
environment.systemPackages = [ pkgs.direnv nixify ];
home-manager.users.me.programs.direnv = {
enable = true;
stdlib = builtins.readFile "${
pkgs.fetchFromGitHub {
owner = "Mic92";
repo = "dotfiles";
rev = "a0a9b7e358fa70a85cd468f8ca1fbb02ae0a91df";
sha256 = "1y9h5s1lf59sczsm0ksq2x1yhl98ba9lwk5yil3q53rg7n4574pg";
}
}/home/.direnvrc";
stdlib = builtins.readFile ("${
pkgs.fetchFromGitHub {
owner = "Mic92";
repo = "dotfiles";
rev = "a0a9b7e358fa70a85cd468f8ca1fbb02ae0a91df";
sha256 = "1y9h5s1lf59sczsm0ksq2x1yhl98ba9lwk5yil3q53rg7n4574pg";
}
}/home/.direnvrc");
};
programs.zsh.interactiveShellInit = ''

15
configs/distrobump.nix
View File

@@ -1,15 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
(import <stockholm/makefu/3modules/bump-distrowatch.nix> {
inherit lib config;
pkgs = pkgs // {writeDash = pkgs.writers.writeDash;};
})
];
makefu.distrobump.enable = false;
}

10
configs/docker.nix
View File

@@ -1,8 +1,4 @@
{
lib,
pkgs,
...
}: {
{ lib, pkgs, ... }: {
virtualisation.docker = {
enable = true;
# for ICE wifi, ref https://gist.github.com/sunsided/7840e89ff4e11b64a2d7503fafa0290c
@@ -11,6 +7,6 @@
"--fixed-cidr=172.39.1.0/25"
];
};
users.users.me.extraGroups = ["docker"];
environment.systemPackages = [pkgs.docker pkgs.docker-compose];
users.users.me.extraGroups = [ "docker" ];
environment.systemPackages = [ pkgs.docker pkgs.docker_compose ];
}

38
configs/dunst.nix
View File

@@ -1,34 +1,23 @@
{
config,
pkgs,
...
}: let
inherit (import ../lib) defaultApplications theme;
sgr = code: string: ''\u001b[${code}m${string}\u001b[0m'';
{ config, pkgs, ... }:
let
inherit (import <niveum/lib>) defaultApplications colours theme;
in {
environment.systemPackages = [
(pkgs.writers.writeDashBin "notifications" ''
${pkgs.dunst}/bin/dunstctl history \
| ${pkgs.jq}/bin/jq -r '
.data[]
| map("${sgr "90" ''\(.appname.data)''} ${sgr "1" ''\(.summary.data)''} ${sgr "31" ''\(.body.data | gsub("\n"; " | "))''}")
| join("\n")'
'')
];
home-manager.users.me.services.dunst = {
enable = true;
iconTheme = (theme pkgs).icon;
settings = {
global = {
transparency = 10;
font = "Monospace 8";
geometry = "200x5-30+20";
frame_color = colours.foreground;
follow = "mouse";
indicate_hidden = true;
notification_height = 0;
separator_height = 2;
padding = 8;
horizontal_padding = 8;
separator_color = "auto";
sort = true;
markup = "full";
format = "%a\\n<b>%s</b>\\n%b";
@@ -51,13 +40,22 @@ in {
mouse_right_click = "close_current";
mouse_middle_click = "close_all";
};
urgency_low = {
urgency_low = rec {
frame_color = background;
background = colours.foreground;
foreground = colours.background;
timeout = 5;
};
urgency_normal = {
urgency_normal = rec {
frame_color = background;
background = colours.foreground;
foreground = colours.background;
timeout = 10;
};
urgency_critical = {
urgency_critical = rec {
frame_color = background;
background = colours.red.dark;
foreground = colours.background;
timeout = 0;
};
};

24
configs/flameshot-once.nix Normal file
View File

@@ -0,0 +1,24 @@
{ lib, pkgs, ... }:
let
inherit (import <niveum/lib>) defaultApplications;
flameshot-once = pkgs.callPackage <stockholm/krebs/5pkgs/simple/flameshot-once> {};
in {
nixpkgs.overlays = [
(self: super: {
write =
super.callPackage <stockholm/krebs/5pkgs/simple/xwaitforwindow.nix> { };
})
];
environment.systemPackages = [
(flameshot-once.override {
config.imgur = {
enable = true;
createUrl = "http://p.r/image";
deleteUrl = "http://p.r/image/delete/%1";
xdg-open.browser = (defaultApplications pkgs).browser;
};
config.timeout = 1000;
})
];
}

22
configs/flameshot.nix
View File

@@ -1,22 +0,0 @@
{
lib,
pkgs,
...
}: {
home-manager.users.me = {
services.flameshot = {
enable = true;
settings.General = {
autoCloseIdleDaemon = true;
drawColor = "#ff0000";
drawThickness = 2;
showDesktopNotification = true;
disabledTrayIcon = true;
showHelp = false;
squareMagnifier = true;
uploadWithoutConfirmation = true;
# buttons = ''@Variant(\0\0\0\x7f\0\0\0\vQList<int>\0\0\0\0\x10\0\0\0\x2\0\0\0\x5\0\0\0\x13\0\0\0\xa\0\0\0\x1\0\0\0\xc\0\0\0\xd\0\0\0\x6\0\0\0\x8\0\0\0\0\0\0\0\xf\0\0\0\x4\0\0\0\xb\0\0\0\x3\0\0\0\x12\0\0\0\x9)'';
};
};
};
}

79
configs/flix.nix Normal file
View File

@@ -0,0 +1,79 @@
{ config, pkgs, ... }:
let
flixLocation = "/media/flix";
cacheLocation = "/var/cache/flix";
indexFilename = "index";
flixUser = "flix";
flixGroup = "users";
inherit (import <niveum/lib>) tmpfilesConfig;
in {
fileSystems.${flixLocation} = {
device = "prism.r:/export";
fsType = "nfs";
options = [
"noauto"
"noatime"
"nodiratime"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
"x-systemd.requires=tinc.retiolum.service"
"x-systemd.requires=wpa_supplicant.service"
"user"
"_netdev"
];
};
systemd.tmpfiles.rules = [
(tmpfilesConfig {
type = "d";
path = cacheLocation;
mode = "0750";
user = flixUser;
group = flixGroup;
})
];
systemd.services.flix-index = {
description = "Flix indexing service";
wants = [ "network-online.target" ];
script = "cp ${flixLocation}/download/index ./${indexFilename}";
startAt = "hourly";
serviceConfig = {
Type = "oneshot";
User = flixUser;
Group = flixGroup;
WorkingDirectory = cacheLocation;
};
};
users.extraUsers.${flixUser} = {
isSystemUser = true;
createHome = true;
home = cacheLocation;
group = flixGroup;
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "mpv-simpsons" ''
set -efu
cd "${flixLocation}/download"
[ -f "${cacheLocation}/${indexFilename}" ] || exit 1
cat "${cacheLocation}/${indexFilename}" \
| ${pkgs.gnugrep}/bin/grep -i 'simpsons.*mkv' \
| shuf \
| ${pkgs.findutils}/bin/xargs -d '\n' ${pkgs.mpv}/bin/mpv
'')
(pkgs.writers.writeDashBin "flixmenu" ''
set -efu
cd "${flixLocation}/download"
[ -f "${cacheLocation}/${indexFilename}" ] || exit 1
${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" < ${cacheLocation}/${indexFilename} \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.utillinux}/bin/setsid ${pkgs.xdg_utils}/bin/xdg-open '{}'
'')
];
}

146
configs/fonts.nix
View File

@@ -1,141 +1,41 @@
{
pkgs,
niveumPackages,
...
}: let
zip-font = name: arguments: let
directory = pkgs.fetchzip arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/{truetype,opentype,woff}
${pkgs.findutils}/bin/find ${directory} -name '*.ttf' -exec install '{}' $out/share/fonts/truetype \;
${pkgs.findutils}/bin/find ${directory} -name '*.otf' -exec install '{}' $out/share/fonts/opentype \;
${pkgs.findutils}/bin/find ${directory} -name '*.woff' -exec install '{}' $out/share/fonts/woff \;
'';
simple-ttf = name: arguments: let
file = pkgs.fetchurl arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/truetype
install ${file} $out/share/fonts/truetype
'';
{ pkgs, ... }: {
nixpkgs.config.joypixels.acceptLicense = true;
egyptianHiero = zip-font "EgyptianHiero" {
url = "https://github.com/MKilani/Djehuty/archive/master.zip";
sha256 = "sha256-S3vZxdeBj57KJsF+zaZw7sQw8T+z1aVC2CnpnZ0/x2c=";
};
antinoou = zip-font "Antinoou" {
url = "https://www.evertype.com/fonts/coptic/AntinoouFont.zip";
sha256 = "0jwihj08n4yrshcx07dnaml2x9yws6dgyjkvg19jqbz17drbp3sw";
stripRoot = false;
};
newGardiner = zip-font "NewGardiner" {
url = "https://mjn.host.cs.st-andrews.ac.uk/egyptian/fonts/NewGardiner.zip";
hash = "sha256-nP0y4ILt+0mlkDRdCNSeO2Gequ8wyix/qQdmujTNw3Y=";
stripRoot = false;
};
newAthenaUnicode = zip-font "NewAthenaUnicode" {
url = "https://classicalstudies.org/sites/default/files/userfiles/files/NAU5_005.zip";
sha256 = "1g7qk9gl4nq2dz41bvck1nzilhin44j8691cxax3dlp77bbn9bxr";
};
jsesh = simple-ttf "JSesh" {
url = "http://files.qenherkhopeshef.org/jsesh/JSeshFont.ttf";
sha256 = "1203jrk2xzvgckcc5hx88kja1i3h8gm1wiyla5j6gspc0hbv56ry";
};
egyptianTextBeta = simple-ttf "EgyptianText-1.0beta" {
url = "http://c.krebsco.de/EgyptianText-v1.0-beta.ttf";
sha256 = "0cfjbk7xxnxhlp6v922psm5j1xzrv6wfk226ji2wz2yfrnkbcbsv";
};
coranica = simple-ttf "Coranica" {
url = "https://corpuscoranicum.de/fonts/coranica_1164.ttf";
sha256 = "0igi8q8b2p38x9jq8c98afsl7bf8rj32zj2052yyjgj9r88y4yi5";
};
koineGreek = simple-ttf "KoineGreek.ttf" {
url = "https://github.com/Center-for-New-Testament-Restoration/font/raw/af83eed50105344edaa5e5eddaf87696e271468c/KoineGreek.ttf";
hash = "sha256-YtC+nj7+Jl8k00rqAAqySYc8iTAOL7PixXc+LfSmnS0=";
};
egyptianText = simple-ttf "EgyptianText" {
url = "https://github.com/microsoft/font-tools/raw/1092cb23520967830001a0807eb21d6a44dda522/EgyptianOpenType/font/eot.ttf";
sha256 = "1n294vhcx90270pnsw1dbk6izd61fjvbnjrh4hcf98ff3s540x0c";
};
in {
fonts = {
enableDefaultPackages = true;
enableDefaultFonts = true;
fontDir.enable = true;
packages = with pkgs; [
fonts = with pkgs; [
alegreya
alegreya-sans
amiri
annapurna-sil
antinoou
cantarell-fonts
cardo
charis-sil
doulos-sil
newAthenaUnicode
coranica
corefonts
crimson
eb-garamond
ipaexfont
jsesh
egyptianHiero
egyptianText
egyptianTextBeta
font-awesome_6
etBook
newGardiner
junicode
koineGreek
# brill
ezra-sil
fira
font-awesome
galatia-sil
gentium
# niveumPackages.gfs-fonts
gyre-fonts
font-awesome-ttf
ibm-plex
jetbrains-mono
libertinus
libre-bodoni
inconsolata
iosevka
libertine
lmodern
merriweather
ocr-a
montserrat
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
roboto
roboto-mono
noto-fonts
noto-fonts-cjk-sans
noto-fonts-color-emoji
roboto-slab
scheherazade-new
source-code-pro
source-sans-pro
source-serif-pro
theano
niveumPackages.tocharian-font
vista-fonts
vollkorn
zilla-slab
]; # google-fonts league-of-moveable-type
fontconfig.defaultFonts = rec {
monospace = ["Noto Sans Mono"] ++ emoji;
serif = ["Noto Serif" "Noto Naskh Arabic" "Noto Serif Devanagari"];
sansSerif = ["Noto Sans Display" "Noto Naskh Arabic" "Noto Sans Hebrew" "Noto Sans Devanagari" "Noto Sans CJK JP" "Noto Sans Coptic" "Noto Sans Syriac Western"];
emoji = ["Noto Color Emoji"];
source-sans-pro
ubuntu_font_family
gfs-fonts
jetbrains-mono
twemoji-color-font
joypixels
];
fontconfig.defaultFonts = {
monospace = [ "JetBrains Mono" "JoyPixels" ];
serif = [ "Roboto Slab" ];
sansSerif = [ "Roboto" "Noto Sans" ];
emoji = [ "JoyPixels" ];
};
# xelatex fails with woff files
# ref https://tex.stackexchange.com/questions/392144/xelatex-and-fontspec-crash-trying-to-find-woff-file-for-some-fonts-but-not-other
fontconfig.localConf = ''
<fontconfig>
<!-- Reject WOFF fonts We don't register WOFF(2) fonts with fontconfig because of the W3C spec -->
<selectfont>
<rejectfont>
<glob>*.woff*</glob>
</rejectfont>
</selectfont>
</fontconfig>
'';
};
}

55
configs/fysi.nix
View File

@@ -1,55 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
inherit (import ../lib/email.nix) defaults;
sshIdentity = name: "${config.users.users.me.home}/.ssh/${name}";
in {
age.secrets = {
email-password-fysi = {
file = ../secrets/email-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
accounts.email.accounts = {
fysi =
lib.recursiveUpdate defaults
rec {
address = "kieran@fysi.tech";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-fysi.path}";
flavor = "fastmail.com";
};
};
programs.ssh.matchBlocks = rec {
"nextcloud.fysi.dev" = {
hostname = "116.203.82.203";
user = "root";
};
"lingua.miaengiadina.ch" = {
hostname = "135.181.85.233";
user = "root";
};
"cms-dev.woc2023.app".identityFile = sshIdentity "fysiweb";
"cms-master.woc2023.app".identityFile = sshIdentity "fysiweb";
"fysi-dev1" = {
hostname = "94.130.229.139";
user = "root";
identityFile = sshIdentity "fysiweb";
};
${fysi-dev1.hostname} = fysi-dev1;
"fysi-shared0" = {
hostname = "49.12.205.235";
user = "root";
identityFile = sshIdentity "fysiweb";
};
};
};
}

42
configs/fzf.nix
View File

@@ -1,22 +1,32 @@
{pkgs, ...}: {
programs.fzf = {
fuzzyCompletion = true;
keybindings = true;
};
home-manager.users.me = {
programs.fzf = rec {
enable = true;
defaultCommand = "${pkgs.fd}/bin/fd --type f --strip-cwd-prefix --follow --no-ignore-vcs --exclude .git";
defaultOptions = ["--height=40%"];
changeDirWidgetCommand = "${pkgs.fd}/bin/fd --type d";
changeDirWidgetOptions = [
"--preview='${pkgs.tree}/bin/tree -L 1 {}'"
{ pkgs, lib, ... }: {
environment = {
systemPackages = [ pkgs.fzf ];
variables = {
FZF_DEFAULT_OPTS =
lib.escapeShellArgs [ "--height=40%" "--layout=reverse" ];
FZF_ALT_C_COMMAND = "${pkgs.fd}/bin/fd --type d";
FZF_ALT_C_OPTS = lib.escapeShellArgs [
"--preview='${pkgs.tree}/bin/tree -L 1 \"{}\"'"
"--bind=space:toggle-preview"
"--preview-window=hidden"
];
fileWidgetCommand = defaultCommand;
fileWidgetOptions = ["--preview='head -$LINES {}'"];
FZF_CTRL_T_COMMAND = "${pkgs.fd}/bin/fd --type f";
FZF_CTRL_T_OPTS =
lib.escapeShellArgs [ "--preview='${pkgs.bat}/bin/bat \"{}\"'" ];
};
};
programs.zsh.interactiveShellInit = ''
if [[ $options[zle] = on ]]; then
. ${pkgs.fzf}/share/fzf/completion.zsh
. ${pkgs.fzf}/share/fzf/key-bindings.zsh
fi
'';
programs.bash.interactiveShellInit = ''
if [[ :$SHELLOPTS: =~ :(vi|emacs): ]]; then
. ${pkgs.fzf}/share/fzf/completion.bash
. ${pkgs.fzf}/share/fzf/key-bindings.bash
fi
'';
}

19
configs/gaming.nix
View File

@@ -1,19 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = [
pkgs.zeroad
pkgs.mari0
pkgs.luanti # fka minetest
# pkgs.openarena
# pkgs.teeworlds
pkgs.nethack
# pkgs.freeciv
# pkgs.lincity-ng
# pkgs.superTuxKart
];
networking.firewall = {
# for 0ad multiplayer
allowedTCPPorts = [ 20595 ];
allowedUDPPorts = [ 20595 ];
};
}

6
systems/zaatar/gaslight.nix → configs/gaslight.nix
View File

@@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
environment.systemPackages = [
(pkgs.writers.writeDashBin "gaslight-stream" ''
${pkgs.ffmpeg}/bin/ffmpeg -r 14 -s 640x480 -f video4linux2 -i /dev/video0 -f alsa -i default -c:v libx264 -preset ultrafast -c:a aac -f avi -
@@ -15,9 +16,10 @@
'')
];
}
/*
ssh machine gaslight-stream | mpv -
ssh machine gaslight-say "blablabla"
*/
*/

94
configs/git.nix
View File

@@ -1,22 +1,20 @@
{ pkgs, config, lib, ... }:
let
inherit (import <niveum/lib>) kieran ignorePaths;
in
{
pkgs,
inputs,
...
}: let
inherit (import ../lib) kieran ignorePaths;
in {
environment.systemPackages = [
pkgs.mr
pkgs.gitFull
pkgs.git-crypt
pkgs.gitflow
pkgs.gh
pkgs.git-extras
# pkgs.git-trim
pkgs.git-absorb
pkgs.git
pkgs.gitAndTools.gitflow
pkgs.gitAndTools.hub
pkgs.gitAndTools.gh
pkgs.gitAndTools.git-extras
pkgs.gitAndTools.git-trim
pkgs.gitstats
pkgs.patch
pkgs.patchutils
pkgs.git-preview
];
environment.shellAliases = {
@@ -25,10 +23,43 @@ in {
};
home-manager.users.me = {
home.file.".mrconfig".text = let
prependPath = prefix:
lib.attrsets.mapAttrs'
(path: lib.attrsets.nameValuePair "${prefix}/${path}");
git = url: { checkout = "git clone ${url}"; };
github = owner: repo: git "git@github.com:${owner}/${repo}";
keybase = owner: repo: git "keybase://private/${owner}/${repo}";
in lib.generators.toINI { } ({
DEFAULT = { git_gc = ''git gc "$@"''; };
} // prependPath "projects" {
"menstruation.rs" = github "kmein" "menstruation.rs";
brockman = github "kmein" "brockman";
challenges = github "kmein" "challenges";
conlangs = github "kmein" "conlangs";
ledger = keybase "kmein" "ledger";
mahlzeit = github "kmein" "mahlzeit";
menstruation-telegram = github "kmein" "menstruation-telegram";
meteora = github "kmein" "meteora";
modernizr = github "kmein" "modernizr";
niveum = github "kmein" "niveum";
nixpkgs = github "NixOS" "nixpkgs";
poetry = github "kmein" "poetry";
quotes = github "kmein" "quotes";
sphinx = github "kmein" "sphinx";
stockholm = git "https://cgit.krebsco.de/stockholm";
telebots = github "kmein" "telebots";
traadfri = github "kmein" "traadfri";
wissen = github "kmein" "wissen";
zen = github "kmein" "zen";
});
programs.git = {
enable = true;
package = pkgs.gitFull;
settings.alias = {
package = pkgs.gitAndTools.gitFull;
userName = kieran.name;
userEmail = kieran.email;
aliases = {
br = "branch";
co = "checkout";
ci = "commit";
@@ -39,15 +70,34 @@ in {
diffs = "diff --staged";
last = "log -1 HEAD";
logs = "log --pretty=oneline";
graph = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
graph =
"log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
};
ignores = ignorePaths;
settings.user.name = kieran.name;
settings.user.email = kieran.email;
settings.pull.ff = "only";
settings.rebase.autoStash = true;
settings.merge.autoStash = true;
settings.push.autoSetupRemove = true;
extraConfig = {
pull.ff = "only";
rebase.autoStash = true;
merge.autoStash = true;
core.pager =
"${pkgs.gitAndTools.diff-so-fancy}/bin/diff-so-fancy | ${pkgs.less}/bin/less --tabs=4 -RFX";
color = {
ui = true;
diff = {
meta = "11";
frag = "magenta bold";
commit = "yellow bold";
old = "red bold";
new = "green bold";
whitespace = "red reverse";
};
diff-highlight = {
oldNormal = "red bold";
oldHighlight = "red bold 52";
newNormal = "green bold";
newHighlight = "green bold 22";
};
};
};
};
};
}

13
configs/gitea.nix Normal file
View File

@@ -0,0 +1,13 @@
{
services.gitea = {
enable = true;
disableRegistration = true;
rootUrl = "https://code.kmein.de";
appName = "code.kmein.de";
};
services.nginx.virtualHosts."code.kmein.de" = {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = "proxy_pass http://localhost:3000;";
};
}

5
configs/gnome.nix
View File

@@ -1,5 +0,0 @@
{
services.xserver.enable = true;
services.xserver.displayManager.lightdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
}

61
configs/hass/default.nix Normal file
View File

@@ -0,0 +1,61 @@
{ config, pkgs, lib, ... }:
let
inherit (import ./lib.nix) triggers;
inherit (import <niveum/lib>) localAddresses;
in
{
imports = [
./zigbee.nix
./frontend.nix
];
services.home-assistant = {
enable = true;
configWritable = true;
lovelaceConfigWritable = true;
openFirewall = true;
config = {
homeassistant = {
name = "Toum";
latitude = config.location.latitude;
longitude = config.location.longitude;
elevation = 90; # TODO find out how high I live
unit_system = "metric";
time_zone = config.time.timeZone;
};
config = {};
discovery = {};
system_health = {};
history = {};
# tradfri.host = localAddresses.tradfri; # dont use until python3Packages.pytradfri is packaged
sun = {};
mobile_app = {};
shopping_list = {};
sensor = [
{
platform = "dwd_weather_warnings";
region_name = "Berlin";
}
];
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "albrecht";
password = lib.strings.fileContents <system-secrets/mosquitto>;
keepalive = 60;
protocol = "3.1";
discovery = true;
birth_message = {
topic = "/hass/status";
payload = "online";
};
will_message = {
topic = "/hass/status";
payload = "offline";
};
};
};
};
}

37
configs/hass/frontend.nix Normal file
View File

@@ -0,0 +1,37 @@
let
inherit (import ./lib.nix) triggers;
in
{
services.home-assistant.config = {
frontend = {
themes = {
day_theme = import ./themes/clear.nix;
night_theme = import ./themes/clear-dark.nix;
};
};
automation = [
{
alias = "Night Theme";
hide_entity = true;
trigger = triggers.night;
action = [
{
service = "frontend.set_theme";
data.name = "night_theme";
}
];
}
{
alias = "Day Theme";
hide_entity = true;
trigger = triggers.day;
action = [
{
service = "frontend.set_theme";
data.name = "day_theme";
}
];
}
];
};
}

16
configs/hass/lib.nix Normal file
View File

@@ -0,0 +1,16 @@
{
triggers = {
night = {
platform = "numeric_state";
entity_id = "sun.sun";
value_template = "{{ state.attributes.elevation }}";
below = -4.0;
};
day = {
platform = "numeric_state";
entity_id = "sun.sun";
value_template = "{{ state.attributes.elevation }}";
above = 0;
};
};
}

72
configs/hass/themes/clear-dark.nix Normal file
View File

@@ -0,0 +1,72 @@
rec {
# Colors
text-color = "#DADADB"; # Grey text
text-medium-light-color = "#A0A2A8"; # Medium-light grey text
text-medium-color = "#80828A"; # Medium grey text
text-dark-color = "#6A6B74"; # Dark grey text
accent-color = "#008bef"; # Blue
accent-medium-color = "#2484C9"; # Decent blue
background-color = "#3b4049"; # Dark grey background
background-color-2 = "#484E59"; # Light grey background
background-card-color = "#434952"; # Grey background
border-color = "#383C46"; # Grey border
# Header
app-header-background-color = "#363941"; # Background color
# Text
primary-color = text-color;
text-primary-color = text-color;
# Left Menu
paper-listbox-background-color = background-color; # Background
sidebar-icon-color = text-medium-color; # icons
sidebar-selected-icon-color = text-medium-light-color; # Selected row icon and background (15%)
sidebar-selected-text-color = text-color; # Selected row label
# UI
paper-card-header-color = text-color; # Title in settings
primary-background-color = background-color; # Background (also title background in left menu)
mdc-theme-primary = accent-medium-color; # Action Buttons (save, restart etc.)
card-background-color = background-card-color; # Entity Registry Background
# Card
paper-card-background-color = background-card-color; # Background
dark-primary-color = text-color;
primary-text-color = text-color;
paper-listbox-color = text-color;
light-primary-color = text-dark-color;
secondary-text-color = text-medium-color;
disabled-text-color = text-dark-color;
paper-dialog-button-color = text-color;
secondary-background-color = background-color-2; # Background more info title
# Icons
paper-item-icon-color = text-dark-color; # Off
paper-item-icon-active-color = accent-color; # On
# Switches
switch-checked-button-color = text-medium-light-color; # Knob On
switch-unchecked-button-color = text-medium-light-color; # Knob Off
switch-checked-track-color = "#009FFF"; # Background On
switch-unchecked-track-color = "#767682"; # Background Off
# Slider
paper-slider-active-color = accent-color; # Line On
paper-slider-knob-color = text-medium-light-color; # Knob On
paper-slider-container-color = text-dark-color; # Line Off
paper-slider-knob-start-color = text-medium-light-color; # Knob Off
# Badges
label-badge-text-color = text-color;
label-badge-background-color = "rgba(54, 57, 65, 0.6)";
# Shadows
ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
# HACS
hacs-badge-color = accent-color; # New Badge
hacs-status-installed = text-color; # Installed Icon
hacs-status-pending-restart = text-dark-color; # Restart Icon
hacs-status-pending-update = accent-color;
}

52
configs/hass/themes/clear.nix Normal file
View File

@@ -0,0 +1,52 @@
rec {
text-color = "#636B75"; # Grey text
text-medium-color = "#8c96a5"; # Medium grey text
text-light-color = "#BAC0C6"; # Light grey text
accent-color = "#00a1ff"; # Blue
background-color = "#F7F8F9"; # Light grey background
background-color-2 = "#F4F5F6"; # Light grey background
background-card-color = "rgba(255,255,255,1.0)"; # White background
border-color = "#E8E8E8"; # Light grey border
# Header
primary-color = text-color; # Background
text-primary-color = "#FFF"; # Text
# Left Menu
paper-listbox-background-color = background-color; # Background
# TODO = Text and Icons
# UI
paper-card-header-color = text-color; # Title in settings
primary-background-color = background-color; # Background color (also title background in left menu)
# Card
paper-card-background-color = background-card-color; # Background
dark-primary-color = text-color;
primary-text-color = text-color;
paper-listbox-color = text-color;
light-primary-color = text-light-color;
secondary-text-color = text-medium-color;
disabled-text-color = text-light-color;
paper-dialog-button-color = text-color;
secondary-background-color = background-color-2; # Background more info title
# Icons
paper-item-icon-color = text-light-color; # Off
paper-item-icon-active-color = accent-color; # On
# Switches
switch-checked-button-color = "#FFF"; # Knob On
switch-unchecked-button-color = "#FFF"; # Knob Off
switch-checked-track-color = "#0077FF"; # Background On
switch-unchecked-track-color = disabled-text-color; # Background Off
# Slider
paper-slider-active-color = accent-color; # Line On
paper-slider-container-color = "#e5e7ea"; # Line Off
paper-slider-knob-color = text-light-color; # Knob On
paper-slider-knob-start-color = text-light-color; # Knob Off
# Shadows
ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
}

102
configs/hass/zigbee.nix Normal file
View File

@@ -0,0 +1,102 @@
{ config, pkgs, lib, ... }:
let
inherit (import <niveum/lib>) localAddresses;
in
{
services.zigbee2mqtt = {
enable = true;
config = {
permit_join = false;
homeassistant = true;
serial = {
port = "/dev/ttyACM0";
disable_led = true;
};
mqtt = {
discovery = true;
base_topic = "zigbee";
server = "mqtt://${localAddresses.toum}";
user = "albrecht";
password = lib.strings.fileContents <system-secrets/mosquitto>;
};
};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users."albrecht" = {
password = lib.strings.fileContents <system-secrets/mosquitto>;
acl = [ "topic readwrite #" ];
};
};
networking.firewall.allowedTCPPorts = [ 1883 ];
environment.systemPackages = [ pkgs.mosquitto ];
services.home-assistant = {
config = {
switch = [
{
platform = "mqtt";
name = "zigbee2mqtt_join";
state_topic = "/zigbee2mqtt/bridge/config/permit_join";
command_topic = "/zigbee2mqtt/bridge/config/permit_join";
payload_on = "true";
payload_off = "false";
}
];
timer.zigbee_permit_join = {
name = "Zigbee Time remaining";
duration = 120;
};
automation = [
# Automation to start timer when enable join is turned on
{
id = "zigbee_join_enabled";
alias = "";
hide_entity = "true";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "on";
};
action = {
service = "timer.start";
entity_id = "timer.zigbee_permit_join";
};
}
# Automation to stop timer when switch turned off and turn off switch when timer finished
{
id = "zigbee_join_disabled";
hide_entity = "true";
trigger = [
{
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.zigbee_permit_join";
}
{
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "off";
}
];
action = [
{
service = "timer.cancel";
data.entity_id = "timer.zigbee_permit_join";
}
{
service = "switch.turn_off";
entity_id = "switch.zigbee2mqtt_join";
}
];
}
];
};
};
}

81
configs/hedgedoc.nix Normal file
View File

@@ -0,0 +1,81 @@
{ config, pkgs, ... }:
let
backupLocation = "/var/lib/codimd-backup";
stateLocation = "/var/lib/codimd/state.sqlite";
nixpkgs-unstable = import <nixpkgs-unstable> {};
domain = "pad.kmein.de";
in
{
imports = [ <stockholm/krebs/3modules/permown.nix> ];
services.nginx.virtualHosts.${domain} = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "https://localhost:3091";
proxyWebsockets = true;
};
};
security.acme.certs.${domain}.group = "hedgecert";
users.groups.hedgecert.members = [ "codimd" "nginx" ];
security.dhparams = {
enable = true;
params.hedgedoc = {};
};
services.hedgedoc = {
enable = true;
configuration = {
allowOrigin = [ domain ];
allowAnonymous = true;
allowGravatar = false;
allowFreeURL = true;
db = {
dialect = "sqlite";
storage = stateLocation;
};
port = 3091;
domain = domain;
useSSL = true;
protocolUseSSL = true;
sslCAPath = [ "/etc/ssl/certs/ca-certificates.crt" ];
sslCertPath = "/var/lib/acme/${domain}/cert.pem";
sslKeyPath = "/var/lib/acme/${domain}/key.pem";
dhParamPath = config.security.dhparams.params.hedgedoc.path;
};
};
krebs.permown.${backupLocation} = { owner = "codimd"; group = "codimd"; umask = "0002"; };
systemd.services.hedgedoc-backup = {
description = "Hedgedoc backup service";
script = ''
${nixpkgs-unstable.sqlite}/bin/sqlite3 -json ${stateLocation} "select shortid, alias, ownerId, content from Notes" \
| ${pkgs.writers.writePython3 "hedgedoc-json-to-fs.py" {} ''
import json
import pathlib
import sys
for note in json.load(sys.stdin):
user_directory = pathlib.Path()
if note["ownerId"]:
user_directory = pathlib.Path(note["ownerId"])
user_directory.mkdir(exist_ok=True)
file_path = user_directory / (
(note["alias"] if note["alias"] else note["shortid"]) + ".md"
)
file_path.write_text(note["content"])
print(f" {file_path}", file=sys.stderr)
''}
'';
startAt = "hourly";
serviceConfig = {
Type = "oneshot";
User = "codimd";
Group = "codimd";
WorkingDirectory = backupLocation;
};
};
}

38
configs/hledger.nix
View File

@@ -1,26 +1,14 @@
{
pkgs,
...
}: let
ledgerDirectory = "/home/kfm/sync/src/ledger";
hora = pkgs.callPackage ../packages/hora.nix { timeLedger = "${ledgerDirectory}/time.timeclock"; };
in {
environment.systemPackages = let
git = "${pkgs.git}/bin/git -C ${ledgerDirectory}";
in [
hora
pkgs.hledger
(pkgs.writers.writeDashBin "hledger-git" ''
if [ "$1" = entry ]; then
${pkgs.hledger}/bin/hledger balance -V > "${ledgerDirectory}/balance.txt"
${git} add balance.txt
${git} commit --all --message="$(date -Im)"
else
${git} $*
fi
'')
(pkgs.writers.writeDashBin "hledger-edit" ''
$EDITOR ${ledgerDirectory}/current.journal
'')
];
{ config, pkgs, ... }: {
imports = [ ../modules/hledger.nix ];
niveum.hledger = {
enable = true;
ledgerFile = "$HOME/projects/ledger/all.journal";
server = {
enable = false;
user = config.users.users.me;
package = pkgs.hledger-web;
};
package = pkgs.hledger;
};
}

6
configs/htop.nix
View File

@@ -20,10 +20,10 @@
show_thread_names = false;
sort_descending = true;
sort_key = "PERCENT_CPU";
tree_view = false;
tree_view = true;
update_process_names = false;
right_meters = ["Uptime" "Tasks" "LoadAverage" "Battery"];
left_meters = ["LeftCPUs2" "RightCPUs2" "Memory" "Swap"];
right_meters = [ "Uptime" "Tasks" "LoadAverage" "Battery" ];
left_meters = [ "LeftCPUs2" "RightCPUs2" "Memory" "Swap" ];
};
};
};

90
configs/hu-berlin.nix Normal file
View File

@@ -0,0 +1,90 @@
{ config, pkgs, lib, ... }:
let
inherit (lib.strings) fileContents;
inherit (import <niveum/lib>) sshPort;
eduroam = {
identity = fileContents <secrets/eduroam/identity>;
password = fileContents <secrets/eduroam/password>;
};
hu-berlin-cifs-options = [
"uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}"
"sec=ntlmv2"
"workgroup=german"
"username=meinhaki"
"password=${lib.strings.fileContents <secrets/mail/meinhaki>}"
"noauto"
"x-systemd.requires=openvpn-hu-berlin.service"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
in {
fileSystems."/media/hu-berlin/germpro2" = {
device = "//hugerm31c.user.hu-berlin.de/germpro2/ling";
fsType = "cifs";
options = hu-berlin-cifs-options;
};
fileSystems."/media/hu-berlin/germhome" = {
device = "//hugerm31c.user.hu-berlin.de/germhome/ling/meinhaki";
fsType = "cifs";
options = hu-berlin-cifs-options;
};
home-manager.users.me.programs.ssh = {
matchBlocks = {
"alew.hu-berlin.de" = {
user = "centos";
hostname = "141.20.187.219";
};
};
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "hu-ip" ''
${pkgs.w3m}/bin/w3m -dump meineip.hu-berlin.de | head --lines=-4 | tail --lines=+3
'')
(pkgs.writers.writePython3Bin "hu-eduroam-install"
{
libraries = with pkgs.python3Packages; [ distro pyopenssl dbus-python ];
flakeIgnore = [ "E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291" ];
}
(builtins.readFile (builtins.fetchurl {
url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/linux-installer/eduroam-linux-hub.py";
sha256 = "19x2kvwxx13265b2hj5fjf53g0liw6dw7xf9j9cav67cswmz60kf";
}))
)
];
systemd.services.hu-vpn = {
enable = true;
wants = [ "network-online.target" ];
conflicts = [ "openvpn-hu-berlin.service" ];
script = ''
${pkgs.openfortivpn}/bin/openfortivpn -c ${pkgs.writeText "hu-berlin.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
trusted-cert = 42193a913d276d9eb86217612956e1e6464d6f07bed5393a4787c87adc4bd359
username = ${eduroam.identity}
password = ${eduroam.password}
''}
'';
};
systemd.services.openvpn-hu-berlin.conflicts = [ "hu-vpn.service" ];
services.openvpn.servers.hu-berlin = {
autoStart = false;
authUserPass = {
username = eduroam.identity;
password = eduroam.password;
};
config = fileContents (pkgs.fetchurl {
url =
"https://www.cms.hu-berlin.de/de/dl/netze/vpn/openvpn/hu-berlin.ovpn";
sha256 = "15b55aibik5460svjq2gwxrcyh6ay4k8savd6cd5lncgndmd8p8h";
});
};
}

380
configs/i3.nix
View File

@@ -1,100 +1,54 @@
{
config,
pkgs,
lib,
niveumPackages,
...
}: let
dashboard = pkgs.writers.writeDashBin "dashboard" ''
${pkgs.alacritty}/bin/alacritty --option font.size=4 --class dashboard --command ${pkgs.writers.writeDash "dashboard-inner" ''
exec ${pkgs.procps}/bin/watch -c -n 10 ${niveumPackages.q}/bin/q
''}
'';
inherit (import ../lib) defaultApplications;
klem = niveumPackages.klem.override {
config.dmenu = "${pkgs.dmenu}/bin/dmenu -i -p klem";
{ config, pkgs, lib, ... }:
let
inherit (import <niveum/lib>) defaultApplications colours;
klem = import <niveum/packages/scripts/klem.nix> {
inherit pkgs lib;
config.scripts = {
"p.r paste" = pkgs.writers.writeDash "p.r" ''
"p.r" = pkgs.writers.writeDash "p.r" ''
${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \
| ${pkgs.coreutils}/bin/tail --lines=1 \
| ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/'
'';
"envs.sh paste" = pkgs.writers.writeDash "envs-host" ''
${pkgs.curl}/bin/curl -F "file=@-" https://envs.sh
"ix.io" = pkgs.writers.writeDash "ix.io" ''
${pkgs.curl}/bin/curl -fSs -F 'f:1=<-' ix.io
'';
# this segfaults
# "envs.sh mirror" = pkgs.writers.writeDash "envs-mirror" ''
# ${pkgs.curl}/bin/curl -F "url=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
# '';
"envs.sh shorten" = pkgs.writers.writeDash "envs-shorten" ''
${pkgs.curl}/bin/curl -F "shorten=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"go.r shorten" = pkgs.writers.writeDash "go.r" ''
"go.r" = pkgs.writers.writeDash "go.r" ''
${pkgs.curl}/bin/curl -fSs http://go.r -F "uri=$(${pkgs.coreutils}/bin/cat)"
'';
"4d2.org paste" = pkgs.writers.writeDash "4d2-paste" ''
${pkgs.curl}/bin/curl -F "file=@-" https://depot.4d2.org/
'';
"0x0.st shorten" = pkgs.writers.writeDash "0x0.st" ''
"0x0.st" = pkgs.writers.writeDash "0x0.st" ''
${pkgs.curl}/bin/curl -fSs https://0x0.st -F "shorten=$(${pkgs.coreutils}/bin/cat)"
'';
"rot13" = pkgs.writers.writeDash "rot13" ''
${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
'';
"ipa" = pkgs.writers.writeDash "ipa" ''
${niveumPackages.ipa}/bin/ipa
${pkgs.scripts.ipa}/bin/ipa
'';
"betacode" = pkgs.writers.writeDash "betacode" ''
${niveumPackages.betacode}/bin/betacode
${pkgs.scripts.betacode}/bin/betacode
'';
"devanagari" = pkgs.writers.writeDash "devanagari" ''
${pkgs.scripts.devanagari}/bin/devanagari
'';
"curl" = pkgs.writers.writeDash "curl" ''
${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
'';
ocr = pkgs.writers.writeDash "ocr" ''
${pkgs.tesseract4}/bin/tesseract -l eng+deu - stdout
'';
emojai = pkgs.writers.writeDash "emojai" ''
${pkgs.curl}/bin/curl https://www.emojai.app/api/generate -X POST -H 'Content-Type: application/json' --data-raw "$(${pkgs.jq}/bin/jq -sR '{emoji:.}')" | ${pkgs.jq}/bin/jq -r .result
'';
"gpt-3.5" = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt35}/bin/gpt
'';
gpt-4 = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt4}/bin/gpt
'';
};
};
new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
move-to-new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
in {
age.secrets = {
github-token-i3status-rust = {
file = ../secrets/github-token-i3status-rust.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
openweathermap-api-key = {
file = ../secrets/openweathermap-api-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
miniflux-api-token = {
file = ../secrets/miniflux-api-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
programs.slock.enable = true;
environment.systemPackages = [dashboard];
services.displayManager.defaultSession = "none+i3";
services.xserver = {
displayManager.defaultSession = "none+i3";
windowManager.i3 = {
enable = true;
package = pkgs.i3;
package = pkgs.i3-gaps;
};
};
@@ -113,85 +67,101 @@ in {
'';
};
home-manager.users.me = let
modifier = "Mod4";
infoWorkspace = "";
messageWorkspace = "";
modes.resize = {
"Escape" = ''mode "default"'';
"Return" = ''mode "default"'';
"h" = "resize shrink width 10 px or 5 ppt";
"j" = "resize grow height 10 px or 5 ppt";
"k" = "resize shrink height 10 px or 5 ppt";
"l" = "resize grow width 10 px or 5 ppt";
};
gaps.inner = 4;
floating = {
titlebar = false;
border = 1;
};
bars = [
(config.home-manager.users.me.stylix.targets.i3.exportedBarConfig
// rec {
workspaceButtons = true;
mode = "hide"; # "dock";
position = "bottom";
statusCommand = toString (pkgs.writers.writeDash "i3status-rust" ''
export I3RS_GITHUB_TOKEN="$(cat ${config.age.secrets.github-token-i3status-rust.path})"
export OPENWEATHERMAP_API_KEY="$(cat ${config.age.secrets.openweathermap-api-key.path})"
exec ${config.home-manager.users.me.programs.i3status-rust.package}/bin/i3status-rs ${config.home-manager.users.me.home.homeDirectory}/.config/i3status-rust/config-${position}.toml
'');
fonts = {
names = ["${config.stylix.fonts.sansSerif.name}" "FontAwesome 6 Free"];
size = config.stylix.fonts.sizes.desktop * 0.8;
};
})
];
window = {
titlebar = false;
border = 2;
hideEdgeBorders = "smart";
commands = [
{
criteria = {class = "floating";};
command = "floating enable";
}
{
criteria = {class = "fzfmenu";};
command = "floating enable";
}
{
criteria = {class = ".*";};
command = "border pixel 2";
}
{
criteria = {class = "mpv";};
command = lib.strings.concatStringsSep ", " [
"floating enable"
"sticky enable"
"fullscreen disable"
"resize set 640 480"
"move position mouse"
];
}
];
};
colors = let
background = config.lib.stylix.colors.withHashtag.base00;
in {
unfocused = {
border = lib.mkForce background;
childBorder = lib.mkForce background;
home-manager.users.me.xsession.windowManager.i3 = {
enable = true;
config = rec {
fonts = {names = ["Sans"]; size = 10.0;};
modifier = "Mod4";
window = {
titlebar = false;
border = 1;
hideEdgeBorders = "smart";
commands = [
{
criteria = { class = "floating"; };
command = "floating enable";
}
{
criteria = { class = "fzfmenu"; };
command = "floating enable";
}
{
criteria = { class = "mpv"; };
command = lib.strings.concatStringsSep ", " [
"floating enable"
"sticky enable"
"fullscreen disable"
"resize set 640 480"
"move position mouse"
];
}
];
};
};
keybindings =
lib.listToAttrs (map (x: lib.nameValuePair "${modifier}+Shift+${toString x}" "move container to workspace ${toString x}") (lib.range 1 9))
// lib.listToAttrs (map (x: lib.nameValuePair "${modifier}+${toString x}" "workspace ${toString x}") (lib.range 1 9))
// {
"${modifier}+i" = "workspace ${infoWorkspace}";
"${modifier}+m" = "workspace ${messageWorkspace}";
gaps.inner = 4;
floating = {
titlebar = false;
border = 1;
};
colors = let
scheme = {
background = colours.background;
text = colours.foreground;
};
in rec {
focused = scheme // {
border = colours.cyan.bright;
indicator = colours.cyan.bright;
childBorder = colours.cyan.bright;
};
unfocused = scheme // {
border = colours.background;
indicator = colours.background;
childBorder = colours.background;
};
focusedInactive = unfocused;
urgent = scheme // {
border = colours.red.bright;
indicator = colours.red.bright;
childBorder = colours.red.bright;
};
placeholder = scheme // {
border = colours.green.bright;
indicator = colours.green.bright;
childBorder = colours.green.bright;
};
};
bars = [{
workspaceButtons = false;
fonts = {names = ["Sans"]; size = 8.0;};
mode = "hide"; # "dock"
position = "bottom";
colors = rec {
background = colours.background;
separator = background;
statusline = colours.foreground;
bindingMode = {
background = colours.red.bright;
border = colours.background;
text = colours.foreground;
};
};
statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ${
(pkgs.formats.toml {}).generate "i3status-rust.toml" (import <niveum/lib/i3status-rust.nix> {
inherit (config.niveum) batteryName wirelessInterface;
inherit colours;
inherit pkgs;
})
}";
}];
modes.resize = {
"Escape" = ''mode "default"'';
"Return" = ''mode "default"'';
"h" = "resize shrink width 10 px or 5 ppt";
"j" = "resize grow height 10 px or 5 ppt";
"k" = "resize shrink height 10 px or 5 ppt";
"l" = "resize grow width 10 px or 5 ppt";
};
keybindings = {
"${modifier}+Shift+h" = "move left 25 px";
"${modifier}+Shift+j" = "move down 25 px";
"${modifier}+Shift+k" = "move up 25 px";
@@ -201,10 +171,12 @@ in {
"${modifier}+k" = "focus up";
"${modifier}+l" = "focus right";
# "${modifier}+Shift+b" = "move container to workspace prev";
# "${modifier}+Shift+n" = "move container to workspace next";
# "${modifier}+b" = "workspace prev";
# "${modifier}+n" = "workspace next";
"${modifier}+Shift+b" = "move window to workspace prev";
"${modifier}+Shift+n" = "move window to workspace next";
"${modifier}+Shift+x" = "exec --no-startup-id ${move-to-new-workspace}";
"${modifier}+b" = "workspace prev";
"${modifier}+n" = "workspace next";
"${modifier}+x" = "exec --no-startup-id ${new-workspace}";
"${modifier}+Shift+c" = "reload";
"${modifier}+Shift+q" = "kill";
@@ -213,9 +185,8 @@ in {
"${modifier}+z" = "sticky toggle";
"${modifier}+Shift+z" = "floating toggle";
"${modifier}+s" = "scratchpad show";
"${modifier}+Shift+s" = "move scratchpad";
"${modifier}+s" = ''[class="^(?i)(?!obsidian).*"] scratchpad show'';
"${modifier}+o" = ''[class="obsidian"] scratchpad show'';
"${modifier}+c" = "split h";
"${modifier}+e" = "layout toggle split";
@@ -223,37 +194,58 @@ in {
"${modifier}+r" = "mode resize";
"${modifier}+v" = "split v";
"${modifier}+w" = "layout tabbed";
"${modifier}+q" = "exec ${config.services.clipmenu.package}/bin/clipmenu";
# "${modifier}+Shift+y" = "exec ${pkgs.qutebrowser}/bin/qutebrowser";
"${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}";
"${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}";
"${modifier}+y" = "exec ${(defaultApplications pkgs).browser}";
"${modifier}+0" = "exec ${pkgs.scripts.menu-calc}/bin/=";
"${modifier}+d" = "exec ${pkgs.writers.writeDash "run" ''exec rofi -modi run,ssh,window -show run''}";
"${modifier}+Shift+d" = "exec ${niveumPackages.notemenu}/bin/notemenu";
"${modifier}+p" = "exec rofi-pass";
"${modifier}+Shift+p" = "exec rofi-pass --insert";
"${modifier}+u" = "exec ${niveumPackages.unicodmenu}/bin/unicodmenu";
"${modifier}+Shift+u" = "exec ${pkgs.writers.writeDash "last-unicode" ''${pkgs.xdotool}/bin/xdotool type --delay 1000 "$(${pkgs.gawk}/bin/awk 'END{print $1}' ~/.cache/unicodmenu)"''}";
"${modifier}+Shift+w" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"${modifier}+a" =
"exec --no-startup-id ${pkgs.rofi}/bin/rofi -display-window -show window";
"${modifier}+d" = "exec --no-startup-id ${pkgs.dmenu}/bin/dmenu_run";
"${modifier}+Shift+d" = "exec ${
pkgs.writers.writeDash "notemenu" ''
set -efu
PATH=$PATH:${
lib.makeBinPath [ pkgs.dmenu pkgs.findutils pkgs.coreutils ]
}
"${modifier}+F7" = "exec ${pkgs.writers.writeDash "showkeys-toggle" ''
if ${pkgs.procps}/bin/pgrep screenkey; then
exec ${pkgs.procps}/bin/pkill screenkey
else
exec ${pkgs.screenkey}/bin/screenkey
fi
''}";
cd ~/notes
note_file=$({
echo diary/$(date -I).md
echo diary/$(date -I -d yesterday).md
find . -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2
} | dmenu -i)
if test "$note_file"
then
i3-sensible-terminal -e "$EDITOR" "$note_file"
fi
''
}";
"${modifier}+p" = "exec --no-startup-id ${pkgs.pass}/bin/passmenu -l 5";
"${modifier}+u" = "exec ${pkgs.scripts.unicodmenu}/bin/unicodmenu";
"${modifier}+F7" = "exec ${pkgs.scripts.showkeys-toggle}/bin/showkeys-toggle";
"${modifier}+F8" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
"${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
"${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";
"${modifier}+F12" = "exec ${klem}/bin/klem";
"XF86AudioLowerVolume" = "exec ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 5";
"Print" = "exec flameshot-once";
"XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -i 5";
"XF86Calculator" = "exec ${pkgs.st}/bin/st -c floating -e ${pkgs.bc}/bin/bc";
"XF86AudioPause" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioNext" = "exec ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${niveumPackages.k-lock}/bin/k-lock";
"XF86AudioPause" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl pause";
"XF86AudioPlay" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioNext" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"XF86Display" = "exec ${pkgs.scripts.dmenurandr}/bin/dmenurandr";
# key names detected with xorg.xev:
# XF86WakeUp (fn twice)
@@ -269,38 +261,6 @@ in {
# XF86Back
# XF86Launch1 (thinkvantage)
};
in {
stylix.targets.i3.enable = true;
xsession.windowManager.i3 = {
enable = true;
extraConfig = ''
bindsym --release ${modifier}+Shift+w exec /run/wrappers/bin/slock
exec "${pkgs.obsidian}/bin/obsidian"
for_window [class="obsidian"] , move scratchpad
assign [class="message"] ${messageWorkspace}
exec "${pkgs.writers.writeDash "irc" "exec ${pkgs.alacritty}/bin/alacritty --class message -e ssh weechat@makanek -t tmux attach-session -t IM"}"
exec "${pkgs.writers.writeDash "email" "exec ${pkgs.alacritty}/bin/alacritty --class message -e aerc"}"
assign [class="dashboard"] ${infoWorkspace}
exec ${dashboard}/bin/dashboard
'';
config = {
inherit modifier gaps modes bars floating window colors;
keybindings = keybindings // {
"${modifier}+ß" = "exec ${niveumPackages.menu-calc}/bin/=";
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
"${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
"${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";
"Print" = "exec flameshot gui";
# "${modifier}+Shift+x" = "exec ${move-to-new-workspace}";
# "${modifier}+x" = "exec ${new-workspace}";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr";
};
};
};
};
}

82
configs/i3status-rust.nix
View File

@@ -1,82 +0,0 @@
{
pkgs,
config,
...
}: {
age.secrets = {
miniflux-api-token = {
file = ../secrets/miniflux-api-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
programs.i3status-rust = {
enable = true;
bars.bottom = {
icons = "awesome6";
settings = {
theme.overrides = let
colours = config.lib.stylix.colors.withHashtag;
in {
idle_bg = colours.base00;
idle_fg = colours.base05;
good_bg = colours.base00;
good_fg = colours.base0B;
warning_bg = colours.base00;
warning_fg = colours.base0A;
critical_bg = colours.base00;
critical_fg = colours.base09;
info_bg = colours.base00;
info_fg = colours.base04;
separator_bg = colours.base00;
separator = " ";
};
};
blocks = [
{
block = "music";
format = "{$icon $combo $play |}";
separator = " ";
}
{
block = "net";
format = " $icon HU";
missing_format = "";
device = "ppp0";
}
{
block = "net";
format = " $icon FU";
missing_format = "";
device = "tun0";
}
{
block = "battery";
format = "$icon $percentage $time";
device = "DisplayDevice";
driver = "upower";
}
{
block = "sound";
}
{
block = "disk_space";
format = "$icon $available";
}
{
block = "memory";
format = "$icon $mem_used.eng(prefix:G)";
}
{block = "load";}
{
block = "time";
format = "$icon $timestamp.datetime(f:'%Y-%m-%d (%W %a) %H:%M', l:de_DE)";
}
];
};
};
};
}

20
configs/kdeconnect.nix
View File

@@ -1,17 +1,13 @@
{
networking.firewall = {
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedTCPPortRanges = [{
from = 1714;
to = 1764;
}];
allowedUDPPortRanges = [{
from = 1714;
to = 1764;
}];
};
home-manager.users.me = {

139
configs/keyboard.nix
View File

@@ -1,136 +1,17 @@
{
pkgs,
lib,
...
}:
let
commaSep = builtins.concatStringsSep ",";
xkbOptions = [
"compose:caps"
"terminate:ctrl_alt_bksp"
"grp:ctrls_toggle"
];
languages = {
deutsch = {
code = "de";
variant = "T3";
};
greek = {
code = "gr";
variant = "polytonic";
};
russian = {
code = "ru";
variant = "phonetic";
};
arabic = {
code = "ara";
variant = "buckwalter";
}; # ../lib/keyboards/arabic;
coptic = ../lib/keyboards/coptic;
avestan = ../lib/keyboards/avestan;
gothic = ../lib/keyboards/gothic;
farsi = {
code = "ir";
variant = "qwerty";
};
syriac = {
code = "sy";
variant = "syc_phonetic";
};
sanskrit = {
code = "in";
variant = "san-kagapa";
};
gujarati = {
code = "in";
variant = "guj-kagapa";
};
urdu = {
code = "in";
variant = "urd-phonetic";
};
hebrew = {
code = "il";
variant = "phonetic";
};
};
defaultLanguage = languages.deutsch;
in
{
services.libinput.enable = true;
# man 7 xkeyboard-config
{ pkgs, lib, ... }:
let commaSep = builtins.concatStringsSep ",";
in {
services.xserver = {
exportConfiguration = true; # link /usr/share/X11 properly
xkb.layout = defaultLanguage.code;
# T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png
# buckwalter: http://www.qamus.org/transliteration.htm
xkb.variant = defaultLanguage.variant;
xkb.options = commaSep xkbOptions;
xkb.dir = pkgs.symlinkJoin {
name = "x-keyboard-directory";
paths = [
"${pkgs.xkeyboard_config}/etc/X11/xkb"
(pkgs.linkFarm "custom-x-keyboards" (
lib.mapAttrsToList (name: value: {
name = "symbols/${name}";
path = value;
}) (lib.filterAttrs (_: value: !(value ? "code")) languages)
++ [
{
name = "symbols/ir";
path = ../lib/keyboards/farsi;
}
]
))
];
};
};
environment.etc."x11-locale".source = toString pkgs.xorg.libX11 + "share/X11/locale";
home-manager.users.me = {
home.file =
lib.mapAttrs' (name: path: lib.nameValuePair ".xkb/symbols/${name}" { source = path; })
(lib.filterAttrs (_: value: !(value ? "code")) languages) // {
".xkb/symbols/ir".source = ../lib/keyboards/farsi;
};
layout = commaSep [ "de" "gr" "ru" ];
xkbVariant = commaSep [ "T3" "polytonic" "phonetic" ];
xkbOptions =
commaSep [ "compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle" ];
libinput.enable = true;
};
console.keyMap = "de";
environment.systemPackages = lib.mapAttrsToList (
language: settings:
let
code = if settings ? "code" then settings.code else language;
variant = if settings ? "variant" then settings.variant else "";
in
pkgs.writers.writeDashBin "kb-${language}" ''
if [ -z $SWAYSOCK ]; then
${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage.code},${code} ${defaultLanguage.variant},${variant} ${
toString (map (option: "-option ${option}") xkbOptions)
}
else
swaymsg -s $SWAYSOCK 'input * xkb_layout "${defaultLanguage.code},${code}"'
swaymsg -s $SWAYSOCK 'input * xkb_variant "${defaultLanguage.variant},${variant}"'
swaymsg -s $SWAYSOCK 'input * xkb_options "${lib.concatStringsSep "," xkbOptions}"'
fi
''
) languages;
# improve held key rate
services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50";
systemd.user.services.gxkb = {
wantedBy = [ "graphical-session.target" ];
serviceConfig = {
SyslogIdentifier = "gxkb";
ExecStart = "${pkgs.gxkb}/bin/gxkb";
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
services.xserver.displayManager.sessionCommands =
"${pkgs.xorg.xset}/bin/xset r rate 300 50";
}

101
configs/khal.nix
View File

@@ -1,60 +1,28 @@
{
config,
pkgs,
lib,
...
}: let
{ config, pkgs, lib, ... }:
let
davHome = "~/.local/share/dav";
kmeinCloud = {
davEndpoint = "https://cloud.kmein.de/remote.php/dav";
davEndpoint = "https://cloud.xn--kiern-0qa.de/remote.php/dav";
username = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path;
password = lib.fileContents <secrets/nextcloud/password>;
};
fysiCloud = {
davEndpoint = "https://nextcloud.fysi.dev/remote.php/dav";
username = "kmein";
passwordFile = config.age.secrets.nextcloud-password-fysi.path;
password = lib.fileContents <secrets/nextcloud-fysi/password>;
};
in {
age.secrets = {
nextcloud-password-kieran = {
file = ../secrets/nextcloud-password-kieran.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
nextcloud-password-fysi = {
file = ../secrets/nextcloud-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
environment.systemPackages = [
pkgs.khal
pkgs.vdirsyncer
pkgs.khard
pkgs.todoman
(pkgs.writers.writeDashBin "todo-procrastinate" ''
[ $# -eq 1 ] || {
echo "Usage: $0 TODO_ID" >&2
exit 1
}
todo_id=$1
new_timestamp=$(${pkgs.todoman}/bin/todo --porcelain show "$todo_id" | ${pkgs.jq}/bin/jq '.due + 24 * 60 * 60')
new_date=$(${pkgs.coreutils}/bin/date +"%Y-%m-%d %H:%M" -d "@$new_timestamp")
${pkgs.todoman}/bin/todo edit "$todo_id" --due "$new_date"
'')
];
in
{
environment.systemPackages = [ pkgs.khal pkgs.vdirsyncer pkgs.khard pkgs.todoman ];
systemd.user.services.vdirsyncer = {
enable = true;
wants = ["network-online.target"];
wantedBy = ["default.target"];
wants = [ "network-online.target" ];
wantedBy = [ "default.target" ];
startAt = "*:00/10";
script = ''
${pkgs.vdirsyncer}/bin/vdirsyncer sync && ${pkgs.khal}/bin/khal printcalendars # https://lostpackets.de/khal/configure.html#syncing
${pkgs.vdirsyncer}/bin/vdirsyncer sync
${pkgs.khal}/bin/khal printcalendars # https://lostpackets.de/khal/configure.html#syncing
'';
serviceConfig = {
Type = "oneshot";
@@ -103,9 +71,30 @@ in {
"khal/config".text = ''
[calendars]
[[kalender_local]]
path = ${davHome}/calendar/*
type = discover
[[alew]]
path = ${davHome}/calendar/alew
color = "light gray"
[[personal]]
path = ${davHome}/calendar/personal
color = "light cyan"
[[uni]]
path = ${davHome}/calendar/uni-1
color = "yellow"
[[fysi]]
path = ${davHome}/calendar/fysi-1
color = "light magenta"
[[fysi_team]]
path = ${davHome}/calendar/personal_shared_by_fdf
color = "light red"
[[birthdays]]
path = ${davHome}/contacts/contacts
type = birthdays
color = "light green"
[default]
highlight_event_days = True
@@ -137,7 +126,13 @@ in {
[pair kalender]
a = "kalender_local"
b = "kalender_cloud"
collections = ["from b"]
collections = ["personal", "alew", "uni-1"]
conflict_resolution = "b wins"
[pair fysi]
a = "kalender_local"
b = "fysi_cloud"
collections = ["fysi-1", "personal_shared_by_fdf"]
conflict_resolution = "b wins"
[storage kontakte_local]
@@ -154,13 +149,19 @@ in {
type = "carddav"
url = "${kmeinCloud.davEndpoint}/addressbooks/users/${kmeinCloud.username}/"
username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"]
password = "${kmeinCloud.password}"
[storage kalender_cloud]
type = "caldav"
url = "${kmeinCloud.davEndpoint}/calendars/${kmeinCloud.username}/"
username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"]
password = "${kmeinCloud.password}"
[storage fysi_cloud]
type = "caldav"
url = "${fysiCloud.davEndpoint}/calendars/${fysiCloud.username}/"
username = "${fysiCloud.username}"
password = "${fysiCloud.password}"
'';
};
};

16
configs/lb.nix
View File

@@ -1,24 +1,24 @@
{ lib, pkgs, ... }:
let
nixpkgs-unstable = import <nixpkgs-unstable> {};
in
{
lib,
pkgs,
...
}: {
systemd.services.lb-subscription = {
enable = true;
wants = ["network-online.target"];
wants = [ "network-online.target" ];
startAt = "weekly";
serviceConfig = {
user = "kfm";
WorkingDirectory = "/home/kfm/cloud/nextcloud/Books/Germanistik/LB";
WorkingDirectory = "/home/kfm/cloud/Seafile/Books/Germanistik/LB";
};
script = ''
first_year=2019
for year in $(${pkgs.coreutils}/bin/seq "$first_year" "$(date +%Y)"); do
${pkgs.curl}/bin/curl -sSL "https://www.literarische-blaetter.de/jahrgang-$year/" \
| ${pkgs.htmlq}/bin/htmlq --attribute href 'ul.slides a' \
| ${nixpkgs-unstable.htmlq}/bin/htmlq --attribute href 'ul.slides a' \
| while read -r month; do
${pkgs.curl}/bin/curl -sSL "$month" \
| ${pkgs.htmlq}/bin/htmlq --attribute src iframe \
| ${nixpkgs-unstable.htmlq}/bin/htmlq --attribute src iframe \
| ${pkgs.gnused}/bin/sed 's/.*?pdf=//;s/?wp-hosted.*//'
done
done | ${pkgs.findutils}/bin/xargs ${pkgs.wget}/bin/wget --no-clobber

19
configs/mastodon-bot.nix
View File

@@ -1,19 +0,0 @@
{pkgs, ...}: {
systemd.services.imaginary-illuminations = {
enable = false;
wants = ["network-online.target"];
serviceConfig = {
User = "kfm";
Group = "users";
WorkingDirectory = "/home/kfm/cloud/Seafile/Documents/Media/imaginary-illuminations";
Restart = "on-failure";
RestartSec = "15s";
};
startAt = "7:00";
script = ''
${pkgs.deno}/bin/deno run -A post.ts
'';
};
systemd.timers.imaginary-illuminations.timerConfig.RandomizedDelaySec = "14h";
}

56
configs/matterbridge.nix Normal file
View File

@@ -0,0 +1,56 @@
{ pkgs, lib, ... }:
{
nixpkgs.overlays = [
(self: super: {
matterbridge = (import (super.fetchFromGitHub {
owner = "NixOS";
repo = "nixpkgs";
rev = "e45d91ee65db293a172ec506759d1248e40c35f5";
sha256 = "03cjs5xcx09lw0djyrx2kfakw7gkg4iqmy9w25azai62im39l30k";
}) {}).matterbridge;
})
];
services.matterbridge = {
enable = true;
configPath =
let bridgeBotToken = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
in toString ((pkgs.formats.toml {}).generate "config.toml" {
general = {
RemoteNickFormat = "[{NICK}] ";
Charset = "utf-8";
};
telegram.kmein.Token = bridgeBotToken;
irc =
let Nick = "ponte";
in {
hackint = { Server = "irc.hackint.org:6697"; UseTLS = true; inherit Nick; };
};
mumble.lassulus = {
Server = "lassul.us:64738";
Nick = "krebs_bridge";
SkipTLSVerify = true;
};
gateway = [
{
name = "krebs-bridge";
enable = true;
inout = [
{
account = "irc.hackint";
channel = "#krebs";
}
{
account = "telegram.kmein";
channel = "-330372458";
}
{
account = "mumble.lassulus";
channel = 6; # "nixos"
}
];
}
];
});
};
}

41
configs/menstruation.nix Normal file
View File

@@ -0,0 +1,41 @@
{ pkgs, lib, ... }:
let
backend = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
telegram = pkgs.callPackage <niveum/submodules/menstruation-telegram> {};
backendPort = 8000;
in
{
containers.menstruation.autoStart = true;
containers.menstruation.config = { config, pkgs, ... }: {
services.redis.enable = true;
systemd.services.menstruation-telegram = {
wants = [
"network-online.target"
"menstruation-backend.service"
"redis.service"
];
wantedBy = [ "multi-user.target" ];
environment = {
MENSTRUATION_TOKEN = lib.strings.fileContents <system-secrets/telegram/menstruation.token>;
MENSTRUATION_ENDPOINT = "http://localhost:${toString backendPort}";
MENSTRUATION_MODERATORS = "18980945";
};
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${telegram}/bin/menstruation-telegram";
};
};
systemd.services.menstruation-backend = {
wants = [ "network-online.target" ];
environment.ROCKET_PORT = toString backendPort;
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${backend}/bin/menstruation_server";
};
};
};
}

28
configs/mime.nix
View File

@@ -2,32 +2,26 @@
home-manager.users.me = {
xdg.mimeApps = {
enable = true;
associations = {
added = {
"x-scheme-handler/tg" = "org.telegram.desktop.desktop";
};
removed = {
};
};
defaultApplications = {
"application/epub+zip" = "org.pwmt.zathura.desktop";
"application/pdf" = "org.pwmt.zathura.desktop";
"application/vnd.oasis.opendocument.text" = "writer.desktop";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = "writer.desktop";
"image/jpeg" = "nsxiv.desktop";
"image/png" = "nsxiv.desktop";
"image/jpeg" = "sxiv.desktop";
"image/png" = "sxiv.desktop";
"image/vnd.djvu+multipage" = "org.pwmt.zathura.desktop";
"text/html" = "firefox.desktop";
"text/html" = "brave-browser.desktop";
"text/markdown" = "nvim.desktop";
"text/plain" = "nvim.desktop";
"x-scheme-handler/about" = "firefox.desktop";
"x-scheme-handler/http" = "firefox.desktop";
"x-scheme-handler/https" = "firefox.desktop";
"x-scheme-handler/mailto" = "firefox.desktop";
"x-scheme-handler/unknown" = "firefox.desktop";
"x-scheme-handler/webcal" = "firefox.desktop";
"x-scheme-handler/tg" = "org.telegram.desktop.desktop";
"x-scheme-handler/about" = "brave-browser.desktop";
"x-scheme-handler/http" = "brave-browser.desktop";
"x-scheme-handler/https" = "brave-browser.desktop";
"x-scheme-handler/mailto" = "brave-browser.desktop";
"x-scheme-handler/unknown" = "brave-browser.desktop";
"x-scheme-handler/webcal" = "brave-browser.desktop";
"inode/directory" = "pcmanfm.desktop";
};
};
};
}

85
configs/monitoring.nix
View File

@@ -1,85 +0,0 @@
{
config,
pkgs,
...
}: {
services.nginx.virtualHosts.default = {
locations."= /stub_status".extraConfig = "stub_status;";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
nginx.enable = false;
node = {
enable = true;
openFirewall = true;
enabledCollectors = [
"conntrack"
"diskstats"
"entropy"
"filefd"
"filesystem"
"loadavg"
"mdadm"
"meminfo"
"netdev"
"netstat"
"stat"
"time"
"vmstat"
"systemd"
"logind"
"interrupts"
"ksmd"
];
port = 9002;
};
};
};
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${
(pkgs.formats.yaml {}).generate "promtail.yaml" {
server = {
http_listen_port = 28183;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [
{
url = "http://${
if config.networking.hostName == "makanek"
then "127.0.0.1"
else "makanek.r"
}:3100/loki/api/v1/push";
}
];
scrape_configs = [
{
job_name = "journal";
journal = {
max_age = "12h";
labels.job = "systemd-journal";
labels.host = config.networking.hostName;
};
relabel_configs = [
{
source_labels = ["__journal__systemd_unit"];
target_label = "unit";
}
];
}
];
}
}
'';
};
};
}

4
systems/makanek/monitoring/blackbox.nix → configs/monitoring/blackbox.nix
View File

@@ -3,12 +3,12 @@
{
modules.http_2xx = {
http = {
fail_if_not_ssl = false;
fail_if_not_ssl = true;
ip_protocol_fallback = false;
method = "GET";
no_follow_redirects = false;
preferred_ip_protocol = "ip4";
valid_http_versions = ["HTTP/1.1" "HTTP/2.0"];
valid_http_versions = [ "HTTP/1.1" "HTTP/2.0" ];
tls_config.insecure_skip_verify = true;
};
prober = "http";

60
configs/monitoring/loki.nix Normal file
View File

@@ -0,0 +1,60 @@
{
auth_enabled = false;
server = {
http_listen_port = 3100;
grpc_listen_port = 9096;
};
ingester = {
wal = {
enabled = true;
dir = "/tmp/wal";
};
lifecycler = {
address = "127.0.0.1";
ring = {
kvstore.store = "inmemory";
replication_factor = 1;
};
final_sleep = "0s";
};
chunk_idle_period = "1h"; # Any chunk not receiving new logs in this time will be flushed
max_chunk_age = "1h"; # All chunks will be flushed when they hit this age, default is 1h
chunk_target_size = 1048576; # Loki will attempt to build chunks up to 1.5MB, flushing first if chunk_idle_period or max_chunk_age is reached first
chunk_retain_period = "30s"; # Must be greater than index read cache TTL if using an index cache (Default index read cache TTL is 5m)
max_transfer_retries = 0; # Chunk transfers disabled
};
schema_config.configs = [
{
from = "2020-10-24";
store = "boltdb-shipper";
object_store = "filesystem";
schema = "v11";
index = {
prefix = "index_";
period = "24h";
};
}
];
storage_config = {
boltdb_shipper = {
active_index_directory = "/tmp/loki/boltdb-shipper-active";
cache_location = "/tmp/loki/boltdb-shipper-cache";
cache_ttl = "24h"; # Can be increased for faster performance over longer query periods, uses more disk space
shared_store = "filesystem";
};
filesystem.directory = "/tmp/loki/chunks";
};
compactor = {
working_directory = "/tmp/loki/boltdb-shipper-compactor";
shared_store = "filesystem";
};
limits_config = {
reject_old_samples = true;
reject_old_samples_max_age = "168h";
};
chunk_store_config.max_look_back_period = "0s";
table_manager = {
retention_deletes_enabled = false;
retention_period = "0s";
};
}

229
configs/monitoring/pull.nix Normal file
View File

@@ -0,0 +1,229 @@
{ lib, config, pkgs, ... }:
let
lokiConfig = import ./loki.nix;
blackboxConfig = import ./blackbox.nix;
in
{
services.grafana = {
enable = true;
domain = "grafana.kmein.r";
port = 9444;
addr = "127.0.0.1";
};
services.nginx.virtualHosts.${config.services.grafana.domain} = {
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
proxyWebsockets = true;
};
};
services.prometheus.rules = let diskFreeThreshold = 10; in [(builtins.toJSON {
groups = [{
name = "niveum";
rules = [
{
alert = "ServiceDown";
expr = ''node_systemd_unit_state{state="failed"} == 1'';
annotations = {
summary = "{{$labels.job}}: Service {{$labels.name}} failed to start.";
};
}
{
alert = "RootPartitionFull";
for = "10m";
expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
annotations = {
summary = "{{ $labels.job }}: Filesystem is running out of space soon.";
description = ''The root disk of {{ $labels.job }} has {{ $value | printf "%.2f" }}% free disk space (threshold at ${toString diskFreeThreshold}%).'';
};
}
{
alert = "RootPartitionFullWeek";
for = "1h";
expr = ''node_filesystem_free_bytes{mountpoint="/"} ''
+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
annotations = {
summary = "{{$labels.job}}: Filesystem is running out of space in 7 days.";
};
}
{
alert = "HighLoad";
expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
for = "10m";
annotations = {
summary = "{{$labels.job}}: Running on high load: {{$value}}";
};
}
{
alert = "HighRAM";
expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
for = "1h";
annotations.summary = "{{$labels.job}}: Using lots of RAM.";
}
{
alert = "UptimeMonster";
expr = "time() - node_boot_time_seconds > 2592000";
annotations.summary = "{{$labels.job}}: up for more than 30 days.";
}
{
alert = "HostDown";
expr = ''up == 0'';
for = "5m";
annotations = {
summary = "Host {{ $labels.job }} down for 5 minutes.";
};
}
{
alert = "Reboot";
expr = "time() - node_boot_time_seconds < 300";
annotations.summary = "{{$labels.job}}: Reboot";
}
{
alert = "ProbeFailed";
expr = "probe_success == 0";
for = "5m";
annotations.summary = "{{$labels.instance}}: probe failed";
}
{
alert = "SlowProbe";
expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
for = "5m";
annotations.summary = "{{$labels.instance}}: HTTP probe slow";
}
{
alert = "HttpStatusCode";
expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
for = "5m";
annotations.summary = "{{$labels.instance}}: status code {{$value}}";
}
{
alert = "SslExpirySoon";
expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
for = "5m";
annotations.summary = "{{$labels.instance}}: SSL certificate expires in 30 days";
}
{
alert = "SslExpiry";
expr = "probe_ssl_earliest_cert_expiry - time() <= 0";
for = "5m";
annotations.summary = "{{$labels.instance}}: SSL certificate has expired";
}
];
}];
})];
systemd.services.alertmanager-bot-telegram =
let
alertmanager-bot-telegram = pkgs.buildGoModule rec {
pname = "alertmanager-bot";
version = "2020-07-13";
src = pkgs.fetchFromGitHub {
owner = "metalmatze";
repo = "alertmanager-bot";
rev = "5efc0bbbf8023d4324e9da98562f064a714a7206";
sha256 = "09cciml1j8x76jpm2v5v6h2q6j1fkhsz1kswslmx8wl4wk40xgp4";
};
vendorSha256 = "1v0fgin8dn81b559zz4lqmrl7hikr46g4gb18sci4riql5qs1isj";
postInstall = ''
install -D ./default.tmpl $out/templates/default.tmpl
'';
};
in {
wantedBy = [ "multi-user.target" ];
after = [ "ip-up.target" ];
environment.TELEGRAM_ADMIN = "18980945";
environment.TELEGRAM_TOKEN = lib.strings.fileContents <system-secrets/telegram/prometheus.token>;
serviceConfig = {
DynamicUser = true;
StateDirectory = "alertbot";
ExecStart = ''${alertmanager-bot-telegram}/bin/alertmanager-bot \
--alertmanager.url=http://localhost:9093 --log.level=info \
--store=bolt --bolt.path=/var/lib/alertbot/bot.db \
--listen.addr="0.0.0.0:16320" \
--template.paths=${pkgs.writeText "template.tmpl" ''
{{ define "telegram.default" }}
{{range .Alerts -}}
{{ if eq .Status "firing" }}
<b>{{ index .Annotations "summary"}}</b>
{{ index .Annotations "description" }}
See on Grafana: http://${config.services.grafana.domain}/d/alpUteInz/niveum
{{ else -}}
RESOLVED 😌 <del>{{ index .Annotations "summary"}}</del>
{{- end }}
{{end -}}
{{end}}
''}'';
};
};
services.prometheus.alertmanager = {
enable = true;
listenAddress = "localhost";
configuration = {
route = {
group_wait = "30s";
repeat_interval = "4h";
receiver = "me";
};
receivers = [{
name = "me";
webhook_configs = [{
url = "http://localhost:16320";
send_resolved = true;
}];
}];
};
};
services.prometheus.alertmanagers = [{
scheme = "http";
path_prefix = "/";
static_configs = [ { targets = [ "localhost:9093" ]; } ];
}];
services.prometheus.scrapeConfigs = [
{
job_name = "makanek";
static_configs = [ { targets = [
"127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
]; } ];
}
{
scrape_interval = "5m";
job_name = "blackbox";
metrics_path = "/probe";
params.module = [ "http_2xx" ];
relabel_configs = [
{ source_labels = ["__address__"]; target_label = "__param_target"; }
{ source_labels = ["__param_target"]; target_label = "instance"; }
{ replacement = "127.0.0.1:${toString config.services.prometheus.exporters.blackbox.port}"; target_label = "__address__"; }
];
static_configs = [{
targets = [
"alew.hu-berlin.de"
];
}];
}
{
job_name = "zaatar";
static_configs = [ { targets = [ "zaatar.r:${toString config.services.prometheus.exporters.node.port}" ]; } ];
}
];
services.prometheus.exporters.blackbox = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig;
};
networking.firewall.allowedTCPPorts = [
lokiConfig.server.http_listen_port
];
services.loki = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig;
};
}

75
configs/monitoring/push.nix Normal file
View File

@@ -0,0 +1,75 @@
{ config, pkgs, ... }:
{
services.nginx.virtualHosts.default = {
locations."= /stub_status".extraConfig = "stub_status;";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
nginx.enable = false;
node = {
enable = true;
enabledCollectors = [
"conntrack"
"diskstats"
"entropy"
"filefd"
"filesystem"
"loadavg"
"mdadm"
"meminfo"
"netdev"
"netstat"
"stat"
"time"
"vmstat"
"systemd"
"logind"
"interrupts"
"ksmd"
];
port = 9002;
};
};
};
networking.firewall.allowedTCPPorts = [ config.services.prometheus.exporters.node.port ];
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${(pkgs.formats.yaml {}).generate "promtail.yaml" {
server = {
http_listen_port = 28183;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [
{ url = "http://${if config.networking.hostName == "makanek" then "127.0.0.1" else "makanek.r"}:3100/loki/api/v1/push"; }
];
scrape_configs = [
{
job_name = "journal";
journal = {
max_age = "12h";
labels.job = "systemd-journal";
labels.host = config.networking.hostName;
};
relabel_configs = [
{
source_labels = [ "__journal__systemd_unit" ];
target_label = "unit";
}
];
}
];
}}
'';
};
};
}

31
configs/moodle-dl/borsfaye.nix Normal file
View File

@@ -0,0 +1,31 @@
{ config, pkgs, lib, ... }:
let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old: old // {
patches = [ <niveum/packages/moodle-dl/telegram-format.patch> ];
});
in
{
containers.moodle-dl-borsfaye = {
autoStart = true;
config = { lib, pkgs, ...}: {
imports = [ <niveum/modules/moodle-dl.nix> ];
services.moodle-dl = {
enable = true;
startAt = "hourly";
package = moodle-dl-package;
notifyOnly = true;
settings = {
telegram = {
token = lib.strings.fileContents <system-secrets/telegram/moodle-dl.token>;
chat_id = "311425510";
send_error_msg = false;
};
token = lib.strings.fileContents <system-secrets/moodle-dl/faye.token>;
moodle_domain = "moodle.hu-berlin.de";
moodle_path = "/";
};
};
};
};
}

81
systems/zaatar/moodle-dl-meinhark.nix → configs/moodle-dl/meinhark.nix
View File

@@ -1,42 +1,23 @@
{ config, pkgs, lib, ... }:
let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old: old // {
patches = [ <niveum/packages/moodle-dl/telegram-format.patch> ];
});
in
{
config,
pkgs,
lib,
...
}: let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old:
old
// {
# patches = [../../packages/moodle-dl/telegram-format.patch]; TODO?
});
in {
age.secrets = {
/*
moodle-dl-tokens = {
file = ../../secrets/zaatar-moodle-dl-tokens.json.age;
owner = "moodle-dl";
group = "moodle-dl";
mode = "400";
};
*/
moodle-dl-basicAuth = {
file = ../../secrets/zaatar-moodle-dl-basicAuth.age;
owner = "nginx";
group = "nginx";
mode = "400";
};
};
imports = [ <niveum/modules/moodle-dl.nix> ];
services.moodle-dl = {
enable = false;
enable = true;
startAt = "hourly";
package = moodle-dl-package;
tokensFile = config.age.secrets.moodle-dl-tokens.path;
settings = {
telegram = {
token = lib.strings.fileContents <system-secrets/telegram/moodle-dl.token>;
chat_id = "18980945";
send_error_msg = false;
};
token = lib.strings.fileContents <system-secrets/moodle.token>;
moodle_domain = "moodle.hu-berlin.de";
moodle_path = "/";
download_course_ids = [
@@ -83,30 +64,6 @@ in {
108283 # Digital Classicist
109211 # Altlitauisch
109185 # Etymologie
# SS 2022
112606 # Avestisch
111761 # Griechische Wissenschaftsliteratur
111515 # H. Furens
110914 # Apostelgeschichte
112225 # Gr. Paläographie
113275 # ALEW
112783 # Akzent und Silbenstruktur
113493 # Papyrologie
# WS 2022
115414 # Nonnos
116108 # Dialektologie
# SS 2023
117967 # Archaische Lyrik
119658 # Dyskolos
118963 # Antike Biographie
92668 # Taa
120671 # Jiddisch
120720 # Sorbisch
118076 # X-Tutorial
120631 # Predigten
];
download_submissions = true;
download_descriptions = true;
@@ -120,15 +77,17 @@ in {
fileSystems."/export/moodle" = {
device = config.services.moodle-dl.directory;
options = ["bind"];
options = [ "bind" ];
};
networking.firewall.allowedTCPPorts = [2049];
networking.firewall.allowedTCPPorts = [ 2049 ];
services.nginx.enable = true;
services.nginx.virtualHosts."moodle.kmein.r" = {
basicAuthFile = config.age.secrets.moodle-dl-basicAuth.path;
services.nginx.virtualHosts."moodle.kmein.r" =
let
identity = lib.strings.fileContents <secrets/eduroam/identity>;
password = lib.strings.fileContents <secrets/eduroam/password>;
in {
basicAuth."${identity}" = password;
locations."/" = {
root = config.services.moodle-dl.directory;
extraConfig = ''
@@ -140,9 +99,7 @@ in {
services.nfs.server = {
enable = true;
exports = let
machines = with (import ../../lib).retiolumAddresses; [kabsa manakish];
in ''
exports = let machines = with (import <niveum/lib>).retiolumAddresses; [kabsa manakish]; in ''
/export ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(fsid=0)") machines}
/export/moodle ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(insecure,rw)") machines}
'';

25
configs/mpv.nix
View File

@@ -1,29 +1,15 @@
{
pkgs,
lib,
config,
niveumPackages,
...
}: let
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
{ pkgs, lib, ... }: let
swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
nixpkgs-unstable = import <nixpkgs-unstable> { config.allowUnfree = true; };
in {
environment.shellAliases.smpv = swallow "mpv";
nixpkgs.overlays = [
(self: super: {
mpv = config.home-manager.users.me.programs.mpv.finalPackage;
})
];
home-manager.users.me = {
programs.mpv = {
enable = true;
config = {
ytdl-format = "bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best";
ytdl-raw-options = lib.concatStringsSep "," [''sub-lang="de,en"'' "write-sub=" "write-auto-sub="];
ytdl-raw-options = lib.concatStringsSep "," [ ''sub-lang="de,en"'' "write-sub=" "write-auto-sub=" ];
screenshot-template = "%F-%wH%wM%wS-%#04n";
script-opts = "ytdl_hook-ytdl_path=${pkgs.yt-dlp}/bin/yt-dlp";
ao = "pulse"; # no pipewire for me :(
};
bindings = {
"Alt+RIGHT" = "add video-rotate 90";
@@ -36,8 +22,7 @@ in {
"Alt+j" = "add video-pan-y -0.05";
};
scripts = [
pkgs.mpvScripts.quality-menu
pkgs.mpvScripts.visualizer
nixpkgs-unstable.mpvScripts.youtube-quality
];
};
};

15
configs/mycelium.nix
View File

@@ -1,15 +0,0 @@
{ lib, ... }:
let
myceliumAddresses = import ../lib/mycelium-network.nix;
in
{
services.mycelium = {
enable = true;
openFirewall = true;
};
networking.hosts = lib.mapAttrs' (name: address: {
name = address;
value = [ "${name}.m" ];
}) myceliumAddresses;
}

Some files were not shown because too many files have changed in this diff Show More