kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-30 17:21:07 +02:00
Code Releases Activity

Compare commits

base: kfm:7a99500f723b6027960e98b00ca0f795a00788b0
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:feature/itools
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

1 Commits
7a99500f72 ... feature/it

Author SHA1 Message Date
Kierán Meinhardt
2d063b0ac8 wip: package itools 2023-04-14 08:43:34 +02:00
64 changed files with 817 additions and 694 deletions
Expand all files Collapse all files

20
.github/workflows/niveum.yml vendored
View File

@@ -10,21 +10,5 @@ jobs:
system: [makanek,manakish,kabsa,zaatar,ful]
steps:
- uses: actions/checkout@v2
- name: Install QEMU (ARM)
run: sudo apt-get install -y qemu-user-static
if: ${{ matrix.system == 'ful' }}
- name: Install Nix (ARM)
uses: cachix/install-nix-action@v16
if: ${{ matrix.system == 'ful' }}
with:
extra_nix_config: |
system = aarch64-linux
- name: Install Nix (x86_64)
uses: cachix/install-nix-action@v16
if: ${{ matrix.system != 'ful' }}
- run: |
rm -rf secrets
mkdir secrets
cat secrets.txt | while read -r path; do echo dummy > $path; done
find
- run: nix run nixpkgs#nixos-rebuild -- dry-build --override-input secrets ./secrets --flake .#${{matrix.system}}
- uses: cachix/install-nix-action@v16
- run: nix run .?submodules=1#apps.nixinate.${{matrix.system}}-dry-run

15
configs/aerc.nix
View File

@@ -2,7 +2,6 @@
pkgs,
config,
lib,
inputs,
...
}: let
defaults = {
@@ -20,43 +19,43 @@
in {
age.secrets = {
email-password-cock = {
file = inputs.secrets + "/email-password-cock.age";
file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fysi = {
file = inputs.secrets + "/secrets/email-password-fysi.age";
file = ../secrets/email-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-posteo = {
file = inputs.secrets + "/email-password-posteo.age";
file = ../secrets/email-password-posteo.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhark = {
file = inputs.secrets + "/email-password-meinhark.age";
file = ../secrets/email-password-meinhark.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhaki = {
file = inputs.secrets + "/email-password-meinhaki.age";
file = ../secrets/email-password-meinhaki.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-dslalewa = {
file = inputs.secrets + "/email-password-dslalewa.age";
file = ../secrets/email-password-dslalewa.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fsklassp = {
file = inputs.secrets + "/email-password-fsklassp.age";
file = ../secrets/email-password-fsklassp.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

1
configs/backup.nix
View File

@@ -20,7 +20,6 @@ in {
paths = [
"/home/kfm/work"
"/home/kfm/projects"
"/home/kfm/Zotero"
"/home/kfm/notes"
"/home/kfm/Maildir"
"/home/kfm/cloud"

8
configs/cloud.nix
View File

@@ -2,7 +2,6 @@
config,
lib,
pkgs,
inputs,
...
}: let
inherit (import ../lib) tmpfilesConfig;
@@ -98,7 +97,7 @@ in {
];
age.secrets.mega-password = {
file = inputs.secrets + "/mega-password.age";
file = ../secrets/mega-password.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
@@ -126,14 +125,9 @@ in {
folders = let
cloud-dir = "${config.users.users.me.home}/cloud";
in {
"${cloud-dir}/syncthing/zotero".devices = ["kabsa" "manakish"];
"${cloud-dir}/syncthing/common".devices = ["kabsa" "manakish"];
"${cloud-dir}/syncthing/library".devices = ["kabsa" "manakish" "heym"];
"${cloud-dir}/syncthing/mundoiu".devices = ["kabsa" "manakish" "heym"];
"${cloud-dir}/syncthing/obsidian" = {
devices = ["kabsa" "manakish" "heym"];
id = "3r1hu-3barr";
};
"${cloud-dir}/syncthing/music" = {
devices = ["kabsa" "manakish" "heym" "zaatar"];
id = "music";

12
configs/default.nix
View File

@@ -31,19 +31,19 @@ in {
};
}
{
boot.tmp.cleanOnBoot = true;
boot.cleanTmpDir = true;
boot.loader.timeout = 1;
}
{
age.secrets = {
di-fm-key = {
file = inputs.secrets + "/di-fm-key.age";
file = ../secrets/di-fm-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
restic = {
file = inputs.secrets + "/restic.age";
file = ../secrets/restic.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
@@ -70,15 +70,11 @@ in {
users.users.me = {
name = "kfm";
description = kieran.name;
passwordFile = config.age.secrets.kfm-password.path;
hashedPassword = "$6$w9hXyGFl/.IZBXk$5OiWzS1G.5hImhh1YQmZiCXYNAJhi3X6Y3uSLupJNYYXPLMsQpx2fwF4Xr2uYzGMV8Foqh8TgUavx1APD9rcb/";
isNormalUser = true;
uid = 1000;
};
age.secrets = {
kfm-password.file = inputs.secrets + "/kfm-password.age";
};
home-manager.users.me.xdg.enable = true;
}
{

3
configs/fonts.nix
View File

@@ -68,7 +68,6 @@ in {
corefonts
crimson
eb-garamond
ipaexfont
jsesh
egyptianHiero
egyptianText
@@ -109,7 +108,7 @@ in {
fontconfig.defaultFonts = rec {
monospace = ["Noto Sans Mono"] ++ emoji;
serif = ["Noto Serif" "Noto Naskh Arabic" "Noto Serif Devanagari"];
sansSerif = ["Noto Sans Display" "Noto Naskh Arabic" "Noto Sans Devanagari" "Noto Sans CJK JP" "Noto Sans Coptic"];
sansSerif = ["Noto Sans Display" "Noto Kufi Arabic" "Noto Sans Devanagari" "Noto Sans CJK JP"];
emoji = ["Noto Color Emoji"];
};
# xelatex fails with woff files

17
configs/fzf.nix
View File

@@ -21,8 +21,17 @@
};
};
programs.fzf = {
fuzzyCompletion = true;
keybindings = true;
};
programs.zsh.interactiveShellInit = ''
if [[ $options[zle] = on ]]; then
. ${pkgs.fzf}/share/fzf/completion.zsh
. ${pkgs.fzf}/share/fzf/key-bindings.zsh
fi
'';
programs.bash.interactiveShellInit = ''
if [[ :$SHELLOPTS: =~ :(vi|emacs): ]]; then
. ${pkgs.fzf}/share/fzf/completion.bash
. ${pkgs.fzf}/share/fzf/key-bindings.bash
fi
'';
}

1
configs/git.nix
View File

@@ -51,7 +51,6 @@ in {
pull.ff = "only";
rebase.autoStash = true;
merge.autoStash = true;
push.autoSetupRemote = true;
# # ref https://github.com/dandavison/delta
# core.pager = "${pkgs.delta}/bin/delta";

4
configs/hledger.nix
View File

@@ -17,8 +17,8 @@
'')
(pkgs.writers.writeDashBin "hora-filli" ''
${pkgs.hledger}/bin/hledger -f "${timeLedger}" register fillidefilla -O csv \
-b "$(date -d "$(date +%Y-%m)-01 last month" +%Y-%m-%d)" \
-e "$(date -d "$(date +%Y-%m)-01" +%Y-%m-%d)" \
-b "$(date -d "$(date +%Y-%m)-20 last month" +%Y-%m-%d)" \
-e "$(date -d "$(date +%Y-%m)-20" +%Y-%m-%d)" \
| sed 's/(fillidefilla:\(.*\))/\1/g' \
| xsv select date,amount,total,account,description
'')

14
configs/hu-berlin.nix
View File

@@ -1,9 +1,15 @@
{
config,
pkgs,
inputs,
lib,
...
}: let
inherit (lib.strings) fileContents;
inherit (import ../lib) sshPort;
eduroam = {
identity = fileContents <secrets/eduroam/identity>;
password = fileContents <secrets/eduroam/password>;
};
hu-berlin-cifs-options = [
"uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}"
@@ -29,7 +35,7 @@ in {
options = hu-berlin-cifs-options;
};
age.secrets.cifs-credentials-hu-berlin.file = inputs.secrets + "/cifs-credentials-hu-berlin.age";
age.secrets.cifs-credentials-hu-berlin.file = ../secrets/cifs-credentials-hu-berlin.age;
home-manager.users.me.programs.ssh = {
matchBlocks = {
@@ -57,9 +63,6 @@ in {
)
];
# ref https://github.com/NixOS/nixpkgs/issues/231038#issuecomment-1591888919
environment.etc."ppp/options".text = "ipcp-accept-remote";
systemd.services.hu-vpn = {
enable = true;
wants = ["network-online.target"];
@@ -74,6 +77,7 @@ in {
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = meinhark
trusted-cert = 9e5dea8e077970d245900839f437ef7fb9551559501c7defd70af70ea568573d
''
}
fi

8
configs/i3.nix
View File

@@ -3,7 +3,6 @@
pkgs,
lib,
niveumPackages,
inputs,
...
}: let
inherit (import ../lib) defaultApplications colours;
@@ -51,9 +50,6 @@
emojai = pkgs.writers.writeDash "emojai" ''
${pkgs.curl}/bin/curl https://www.emojai.app/api/generate -X POST -H 'Content-Type: application/json' --data-raw "$(${pkgs.jq}/bin/jq -sR '{emoji:.}')" | ${pkgs.jq}/bin/jq -r .result
'';
gpt = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt}/bin/gpt
'';
};
};
@@ -66,13 +62,13 @@
in {
age.secrets = {
github-token-i3status-rust = {
file = inputs.secrets + "/github-token-i3status-rust.age";
file = ../secrets/github-token-i3status-rust.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
openweathermap-api-key = {
file = inputs.secrets + "/openweathermap-api-key.age";
file = ../secrets/openweathermap-api-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

8
configs/keyboard.nix
View File

@@ -12,7 +12,6 @@
ara = "buckwalter";
cop = "";
ave = "";
got = "";
"in" = "san-kagapa";
il = "phonetic";
};
@@ -38,13 +37,6 @@ in {
sha256 = "1l0h6aq536hyinrh0i0ia355y229bjrlibii0sya5bmqh46vycia";
};
}
{
name = "symbols/got";
path = pkgs.fetchurl {
url = "https://c.krebsco.de/got";
sha256 = "1i0jxghxi3rldlijw6gm2xawrv7f0pmm7a5cqbzzgjrg7ldk46gd";
};
}
{
name = "symbols/ave";
path = pkgs.fetchurl {

25
configs/khal.nix
View File

@@ -1,7 +1,7 @@
{
config,
pkgs,
inputs,
lib,
...
}: let
davHome = "~/.local/share/dav";
@@ -18,13 +18,13 @@
in {
age.secrets = {
nextcloud-password-kieran = {
file = inputs.secrets + "/nextcloud-password-kieran.age";
file = ../secrets/nextcloud-password-kieran.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
nextcloud-password-fysi = {
file = inputs.secrets + "/nextcloud-password-fysi.age";
file = ../secrets/nextcloud-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
@@ -54,7 +54,8 @@ in {
wantedBy = ["default.target"];
startAt = "*:00/10";
script = ''
${pkgs.vdirsyncer}/bin/vdirsyncer sync && ${pkgs.khal}/bin/khal printcalendars # https://lostpackets.de/khal/configure.html#syncing
${pkgs.vdirsyncer}/bin/vdirsyncer sync
${pkgs.khal}/bin/khal printcalendars # https://lostpackets.de/khal/configure.html#syncing
'';
serviceConfig = {
Type = "oneshot";
@@ -111,10 +112,6 @@ in {
path = ${davHome}/calendar/personal
color = "light cyan"
[[krebs]]
path = ${davHome}/calendar/krebs
color = "light red"
[[uni]]
path = ${davHome}/calendar/uni-1
color = "yellow"
@@ -165,12 +162,6 @@ in {
collections = ["personal", "alew", "uni-1"]
conflict_resolution = "b wins"
[pair krebs]
a = "kalender_local"
b = "krebs_cloud"
collections = ["3edef929-d509-7944-2440-000a54f2d054"]
conflict_resolution = "b wins"
[pair fysi]
a = "kalender_local"
b = "fysi_cloud"
@@ -199,12 +190,6 @@ in {
username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"]
[storage krebs_cloud]
type = "caldav"
url = "http://calendar.r/krebs/"
username = "krebs"
password = "krebs"
[storage fysi_cloud]
type = "caldav"
url = "${fysiCloud.davEndpoint}/calendars/${fysiCloud.username}/"

60
configs/neovim.nix
View File

@@ -10,6 +10,64 @@
environment.systemPackages = [
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
niveumPackages.vim
(pkgs.neovim.override {
configure = {
customRC = ''
source ${../lib/vim/init.vim}
luafile ${../lib/vim/init.lua}
'';
packages.nvim = with pkgs.vimPlugins; {
start = [
ale
fzf-vim
fzfWrapper
supertab
undotree
tabular
# vimwiki
niveumPackages.vimPlugins-vim-colors-paramount
nvim-lspconfig
vim-commentary
vim-css-color
vim-eunuch
niveumPackages.vimPlugins-vim-fetch
vim-fugitive
vim-gitgutter
vim-repeat
vim-sensible
vim-surround
(pkgs.vimUtils.buildVimPlugin rec {
pname = "vim-dim";
version = "1.1.0";
name = "${pname}-${version}";
src = pkgs.fetchFromGitHub {
owner = "jeffkreeftmeijer";
repo = pname;
rev = version;
sha256 = "sha256-lyTZUgqUEEJRrzGo1FD8/t8KBioPrtB3MmGvPeEVI/g=";
};
})
];
opt = [
csv
elm-vim
emmet-vim
haskell-vim
niveumPackages.vimPlugins-icalendar-vim
niveumPackages.vimPlugins-jq-vim
rust-vim
typescript-vim
vim-javascript
vim-ledger
vim-nix
vimtex
vim-pandoc
vim-pandoc-syntax
niveumPackages.vimPlugins-vim-256noir
];
};
};
})
];
}

7
configs/nix.nix
View File

@@ -1,14 +1,9 @@
{
pkgs,
inputs,
...
}: {
{pkgs, ...}: {
nixpkgs = {
config.allowUnfree = true;
};
nix = {
package = pkgs.nixFlakes;
extraOptions = "experimental-features = nix-command flakes";
nixPath = ["nixpkgs=${inputs.nixpkgs}"];
};
}

17
configs/packages.nix
View File

@@ -1,6 +1,7 @@
{
config,
pkgs,
lib,
inputs,
niveumPackages,
...
@@ -94,7 +95,6 @@ in {
genpass # generate passwords
gdu # ncurses disk usage (ncdu is broken)
rmlint # remove duplicate files
gcc
python3Packages.jsonschema # json validation
jq # json toolkit
pup # html toolkit
@@ -123,7 +123,6 @@ in {
electrum
inkscape
astrolog
obsidian
anki-bin # flashcards
jbofihe # lojbanic software
zoom-us # video conferencing
@@ -222,12 +221,6 @@ in {
niveumPackages.kpaste
config.nur.repos.mic92.ircsink
(haskellPackages.ghcWithPackages (hs: [
hs.text
hs.lens
hs.bytestring
]))
(python3.withPackages (py: [
py.black
# py.python-language-server
@@ -268,7 +261,6 @@ in {
dia
pandoc
niveumPackages.man-pandoc
typst
# proselint
asciidoctor
wordnet
@@ -281,15 +273,10 @@ in {
(pkgs.writers.writeDashBin "hass-cli" ''
HASS_SERVER=http://zaatar.r:8123 HASS_TOKEN="$(cat ${config.age.secrets.home-assistant-token.path})" exec ${pkgs.home-assistant-cli}/bin/hass-cli "$@"
'')
# xml
saxonb_9_1
libxml2
zotero
];
age.secrets.home-assistant-token = {
file = inputs.secrets + "/home-assistant-token.age";
file = ../secrets/home-assistant-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

6
configs/sshd.nix
View File

@@ -11,10 +11,8 @@ in {
services.openssh = {
enable = true;
ports = [sshPort];
settings = {
PasswordAuthentication = false;
X11Forwarding = true;
};
passwordAuthentication = false;
forwardX11 = true;
};
users.users.root.openssh.authorizedKeys.keys = kieran.sshKeys pkgs;

4
configs/stardict.nix
View File

@@ -161,11 +161,11 @@
turkish = {
BabylonTurkishEnglish = pkgs.fetchzip {
url = "http://download.huzheng.org/babylon/bidirectional/stardict-babylon-Babylon_Turkish_English-2.4.2.tar.bz2";
sha256 = "1zpzgk3w0536gww31bj58cmn3imnkndyjwbcr7bay8ibq2kzv44z";
sha256 = "17rv46r95nkikg7aszqmfrbgdhz9ny52w423m8n01g3p93shdb4i";
};
BabylonEnglishTurkish = pkgs.fetchzip {
url = "http://download.huzheng.org/babylon/bidirectional/stardict-babylon-Babylon_English_Turkish-2.4.2.tar.bz2";
sha256 = "0myx31xzb7nrn5m657h0bwdgm5xp93ccwp6lcpbxgjxdjm3q0hc5";
sha256 = "063dl02s8ii8snsxgma8wi49xwr6afk6ysq0v986fygx5511353f";
};
};
};

4
configs/telegram-bots/autorenkalender.nix
View File

@@ -1,6 +1,6 @@
{
pkgs,
inputs,
lib,
config,
...
}: let
@@ -22,7 +22,7 @@ in {
command = "${autorenkalender}/bin/autorenkalender";
};
age.secrets.telegram-token-kmein.file = inputs.secrets + "/telegram-token-kmein.age";
age.secrets.telegram-token-kmein.file = ../../secrets/telegram-token-kmein.age;
niveum.passport.services = [
{

7
configs/telegram-bots/default.nix
View File

@@ -1,6 +1,7 @@
{
config,
pkgs,
lib,
inputs,
...
}: let
@@ -47,9 +48,9 @@ in {
];
age.secrets = {
telegram-token-reverse.file = inputs.secrets + "/telegram-token-reverse.age";
telegram-token-betacode.file = inputs.secrets + "/telegram-token-betacode.age";
telegram-token-proverb.file = inputs.secrets + "/telegram-token-proverb.age";
telegram-token-reverse.file = ../../secrets/telegram-token-reverse.age;
telegram-token-betacode.file = ../../secrets/telegram-token-betacode.age;
telegram-token-proverb.file = ../../secrets/telegram-token-proverb.age;
};
systemd.services.telegram-reverse = {

21
configs/telegram-bots/nachtischsatan.nix
View File

@@ -1,29 +1,30 @@
{
pkgs,
config,
inputs,
lib,
...
}: let
nachtischsatan-bot = {tokenFile}:
pkgs.writers.writePython3 "nachtischsatan-bot" {
libraries = [pkgs.python3Packages.python-telegram-bot];
} ''
from telegram.ext import Application, ContextTypes, MessageHandler, filters
from telegram import Update
from telegram.ext import Updater, MessageHandler
from telegram.ext.filters import Filters
import random
import time
async def flubber(update: Update, context: ContextTypes.DEFAULT_TYPE):
def flubber(update, context):
time.sleep(random.randrange(4000) / 1000)
await update.message.reply_text("*flubberflubber*")
update.message.reply_text("*flubberflubber*")
with open('${tokenFile}', 'r') as tokenFile:
token = tokenFile.read().strip()
application = Application.builder().token(token).build()
application.add_handler(MessageHandler(filters.ALL, flubber))
application.run_polling()
updater = Updater(tokenFile.read().strip())
updater.dispatcher.add_handler(MessageHandler(Filters.all, flubber))
updater.start_polling()
updater.idle()
'';
in {
systemd.services.telegram-nachtischsatan = {
@@ -36,7 +37,7 @@ in {
serviceConfig.Restart = "always";
};
age.secrets.telegram-token-nachtischsatan.file = inputs.secrets + "/telegram-token-nachtischsatan.age";
age.secrets.telegram-token-nachtischsatan.file = ../../secrets/telegram-token-nachtischsatan.age;
niveum.passport.services = [
{

4
configs/traadfri.nix
View File

@@ -1,7 +1,7 @@
{
config,
pkgs,
inputs,
lib,
...
}: let
inherit (import ../lib) localAddresses;
@@ -20,7 +20,7 @@ in {
];
age.secrets.traadfri-key = {
file = inputs.secrets + "/traadfri-key.age";
file = ../secrets/traadfri-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";

2
configs/wallpaper.nix
View File

@@ -3,7 +3,7 @@
lib,
...
}: let
url = "http://wallpaper.r/realwallpaper-krebs-stars-berlin.png";
url = "http://prism.r/realwallpaper-krebs-stars-berlin.png";
stateDir = "~/.cache/wallpaper";
in {
systemd.user.services.wallpaper = {

503
flake.lock generated
View File

@@ -3,19 +3,16 @@
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": [
"home-manager"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1684153753,
"narHash": "sha256-PVbWt3qrjYAK+T5KplFcO+h7aZWfEj1UtyoKlvcDxh0=",
"lastModified": 1680281360,
"narHash": "sha256-XdLTgAzjJNDhAG2V+++0bHpSzfvArvr2pW6omiFfEJk=",
"owner": "ryantm",
"repo": "agenix",
"rev": "db5637d10f797bb251b94ef9040b237f4702cde3",
"rev": "e64961977f60388dd0b49572bb0fc453b871f896",
"type": "github"
},
"original": {
@@ -67,11 +64,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1687709756,
"narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=",
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
@@ -81,6 +78,111 @@
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_5": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_6": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_7": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_8": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_9": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
@@ -99,19 +201,20 @@
"inputs": {
"nixpkgs": [
"nixpkgs"
]
],
"utils": "utils"
},
"locked": {
"lastModified": 1687871164,
"narHash": "sha256-bBFlPthuYX322xOlpJvkjUBz0C+MOBjZdDOOJJ+G2jU=",
"lastModified": 1681092193,
"narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "07c347bb50994691d7b0095f45ebd8838cf6bc38",
"rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.05",
"ref": "release-22.11",
"repo": "home-manager",
"type": "github"
}
@@ -124,9 +227,37 @@
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": [
"rust-overlay"
]
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1677075142,
"narHash": "sha256-0RXVZcK2YtPckd/3+jb+yLpeXZ6jnQe25w9idztDXi8=",
"owner": "kmein",
"repo": "menstruation.rs",
"rev": "e34af4393963cdbadb456b7b9ae2e95e6db7b8a3",
"type": "github"
},
"original": {
"owner": "kmein",
"repo": "menstruation.rs",
"type": "github"
}
},
"menstruation-backend_2": {
"inputs": {
"flake-utils": [
"menstruation-telegram",
"menstruation-backend",
"rust-overlay",
"flake-utils"
],
"nixpkgs": [
"menstruation-telegram",
"menstruation-backend",
"rust-overlay",
"nixpkgs"
],
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1677075142,
@@ -144,15 +275,9 @@
},
"menstruation-telegram": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"menstruation-backend": [
"menstruation-backend"
],
"nixpkgs": [
"nixpkgs-old"
]
"flake-utils": "flake-utils_3",
"menstruation-backend": "menstruation-backend_2",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1677075205,
@@ -175,11 +300,11 @@
]
},
"locked": {
"lastModified": 1688141737,
"narHash": "sha256-qHrNMYWukOKmKVf6wXOGKj1xxUnOGjvTRbt/PLLXuBE=",
"lastModified": 1671116920,
"narHash": "sha256-QmDGsUUmAGn77UTR7eQJmebl8f3IIUCtmbbAdJqKA3s=",
"owner": "matthewcroughan",
"repo": "nixinate",
"rev": "7902ae845e6cc5bd450e510cdf5e009a6e4a44d9",
"rev": "b4d17b8e2a4abc47e93e1a1c466e0286a63640d8",
"type": "github"
},
"original": {
@@ -190,53 +315,100 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1688109178,
"narHash": "sha256-BSdeYp331G4b1yc7GIRgAnfUyaktW2nl7k0C577Tttk=",
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b72aa95f7f096382bff3aea5f8fde645bca07422",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-old": {
"locked": {
"lastModified": 1682600000,
"narHash": "sha256-ha4BehR1dh8EnXSoE1m/wyyYVvHI9txjW4w5/oxsW5Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "50fc86b75d2744e1ab3837ef74b53f103a9b55a0",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "50fc86b75d2744e1ab3837ef74b53f103a9b55a0",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1688258489,
"narHash": "sha256-Ve3r2lv3bTJh/0/2IRhF5+4uco3YlqIjFPDd3rs4frw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3eb8ccf3b3922be5586a263e7d6f4f98e3acf728",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1669418739,
"narHash": "sha256-T86oFvcUIRwHWBWUt7WjaP4BP/3lDGbv5AppQSI1FkI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "695b3515251873e0a7e2021add4bba643c56cde3",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "695b3515251873e0a7e2021add4bba643c56cde3",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1681269223,
"narHash": "sha256-i6OeI2f7qGvmLfD07l1Az5iBL+bFeP0RHixisWtpUGo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "87edbd74246ccdfa64503f334ed86fa04010bab9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1677158633,
"narHash": "sha256-t7za78oRkDIjdFQF0PCilfCziFyhfowCgs9Ry+sEvE4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "129b6f78121802d18d215c9f9e04d7971c58ea0c",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1659446231,
"narHash": "sha256-hekabNdTdgR/iLsgce5TGWmfIDZ86qjPhxDg/8TlzhE=",
@@ -252,13 +424,45 @@
"type": "github"
}
},
"nixpkgs_8": {
"locked": {
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1669418739,
"narHash": "sha256-T86oFvcUIRwHWBWUt7WjaP4BP/3lDGbv5AppQSI1FkI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "695b3515251873e0a7e2021add4bba643c56cde3",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "695b3515251873e0a7e2021add4bba643c56cde3",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1688258911,
"narHash": "sha256-nu6KIfmhQqCMo+tecCMOP13TH8BLrm8hpDqF6ckz8Ik=",
"lastModified": 1681454031,
"narHash": "sha256-JOamj7vKkFRp5mJ7FKt5dPfCmWj33sZLnBGDt15c/sc=",
"owner": "nix-community",
"repo": "NUR",
"rev": "8993e5d37ab3ec80883751b5d86d48e9b74bed43",
"rev": "8a35714f0be00235e2a1c8b759e6dc3888763d8b",
"type": "github"
},
"original": {
@@ -270,12 +474,8 @@
"recht": {
"inputs": {
"blessings": "blessings",
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
]
"flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1677165419,
@@ -293,11 +493,11 @@
},
"retiolum": {
"locked": {
"lastModified": 1688225912,
"narHash": "sha256-YXiHX9YmZ1ApZ3g58+nJrJA+H35stAvIAaewUnG1eZg=",
"lastModified": 1681246809,
"narHash": "sha256-3RUAwk0ApPjq2Ms8KiAh+gG6EJKWurIur612w2m3Zu8=",
"ref": "refs/heads/master",
"rev": "5204150c92b7c412a3331337ef73b0eb0f01f6ba",
"revCount": 307,
"rev": "c8ddb36f3d85be762aeb1893a79da36014f55658",
"revCount": 296,
"type": "git",
"url": "https://git.thalheim.io/Mic92/retiolum"
},
@@ -314,15 +514,11 @@
"menstruation-backend": "menstruation-backend",
"menstruation-telegram": "menstruation-telegram",
"nixinate": "nixinate",
"nixpkgs": "nixpkgs",
"nixpkgs-old": "nixpkgs-old",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixpkgs": "nixpkgs_4",
"nur": "nur",
"recht": "recht",
"retiolum": "retiolum",
"rust-overlay": "rust-overlay",
"scripts": "scripts",
"secrets": "secrets",
"telebots": "telebots",
"tinc-graph": "tinc-graph",
"traadfri": "traadfri",
@@ -331,19 +527,72 @@
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
]
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1688178944,
"narHash": "sha256-4fef6jlv73WW6FLXssEa88WaTVEU268ipI6fatg9vRE=",
"lastModified": 1677033035,
"narHash": "sha256-w6XsKaW46kZNEk2vVfuoNIBEq/YzDy9kNk8cU0xJZEQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "ef95001485c25edb43ea236bdb03640b9073abef",
"rev": "6c9e8ea3ba73a9fed29ddc1cc52ade8e5c946a8d",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_2": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1677033035,
"narHash": "sha256-w6XsKaW46kZNEk2vVfuoNIBEq/YzDy9kNk8cU0xJZEQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "6c9e8ea3ba73a9fed29ddc1cc52ade8e5c946a8d",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_3": {
"inputs": {
"flake-utils": "flake-utils_6",
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1677119371,
"narHash": "sha256-L0Da4eKzDZrsy8ysOS1lhgDjAgEqGvYGf/lXaRd5/YQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c67c79ea25664d66e74ae91a6fa0d6c65d12d3a7",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_4": {
"inputs": {
"flake-utils": "flake-utils_8",
"nixpkgs": "nixpkgs_8"
},
"locked": {
"lastModified": 1677119371,
"narHash": "sha256-L0Da4eKzDZrsy8ysOS1lhgDjAgEqGvYGf/lXaRd5/YQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c67c79ea25664d66e74ae91a6fa0d6c65d12d3a7",
"type": "github"
},
"original": {
@@ -355,21 +604,23 @@
"scripts": {
"inputs": {
"flake-utils": [
"scripts",
"rust-overlay",
"flake-utils"
],
"nixpkgs": [
"scripts",
"rust-overlay",
"nixpkgs"
],
"rust-overlay": [
"rust-overlay"
]
"rust-overlay": "rust-overlay_3"
},
"locked": {
"lastModified": 1687373960,
"narHash": "sha256-dbRUzjHwFmZrS5i7WQedRx2YCRUry0z6RYHkb4ORNHM=",
"lastModified": 1677271864,
"narHash": "sha256-BghYMB/lauerExMsDtGZNGZGdoGuF7LPtbmpyh9ycyA=",
"owner": "kmein",
"repo": "scripts",
"rev": "c0d9fa3efff0765af4219732292c3a7593de6856",
"rev": "79bffac7f9eda1b3be76f2a4ff18d81b44c74390",
"type": "github"
},
"original": {
@@ -378,19 +629,6 @@
"type": "github"
}
},
"secrets": {
"flake": false,
"locked": {
"lastModified": 1,
"narHash": "sha256-pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo=",
"path": "./secrets",
"type": "path"
},
"original": {
"path": "./secrets",
"type": "path"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@@ -408,8 +646,8 @@
},
"telebots": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_2"
"flake-utils": "flake-utils_7",
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1677156381,
@@ -433,16 +671,14 @@
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": [
"rust-overlay"
]
"rust-overlay": "rust-overlay_4"
},
"locked": {
"lastModified": 1687504941,
"narHash": "sha256-wnCRcQn8izEHE8MfBpPkLezxAMIg7SVTq8CZsgkar54=",
"lastModified": 1677160040,
"narHash": "sha256-UhyZaIZ88vN/7fiBcamfV77eHjQnL8zSVznaqxLgbhs=",
"owner": "kmein",
"repo": "tinc-graph",
"rev": "91a3a85beaaec4ec43ea5a41322c3a5a6e04edc4",
"rev": "f705ca35e30ab0daf9cf52000e58931d7c5c42b5",
"type": "github"
},
"original": {
@@ -453,12 +689,8 @@
},
"traadfri": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs-old"
]
"flake-utils": "flake-utils_9",
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1677165914,
@@ -474,14 +706,29 @@
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"voidrice": {
"flake": false,
"locked": {
"lastModified": 1685152014,
"narHash": "sha256-wEC7dj2vNAn5WJdQc2gGumOhpdPnQLdc4zypdfWmfoI=",
"lastModified": 1681301489,
"narHash": "sha256-5Zz33Q3E4A9nsEmxPQikYeX7Rvu3hM+PlXx/0SIqG34=",
"owner": "Lukesmithxyz",
"repo": "voidrice",
"rev": "07de33840d9ce0f554c0e5555ac27250be0895c2",
"rev": "d4ff2ebaf3e88efe20cae0d1e592fddfc433c96e",
"type": "github"
},
"original": {

97
flake.nix
View File

@@ -4,54 +4,33 @@
inputs = {
agenix.url = "github:ryantm/agenix";
flake-utils.url = "github:numtide/flake-utils";
home-manager.url = "github:nix-community/home-manager/release-23.05";
home-manager.url = "github:nix-community/home-manager/release-22.11";
menstruation-backend.url = "github:kmein/menstruation.rs";
menstruation-telegram.url = "github:kmein/menstruation-telegram";
nixinate.url = "github:matthewcroughan/nixinate";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
nixpkgs-old.url = "github:NixOS/nixpkgs/50fc86b75d2744e1ab3837ef74b53f103a9b55a0";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
nur.url = "github:nix-community/NUR";
recht.url = "github:kmein/recht";
secrets.url = "path:./secrets";
scripts.url = "github:kmein/scripts";
retiolum.url = "git+https://git.thalheim.io/Mic92/retiolum";
rust-overlay.url = "github:oxalica/rust-overlay";
telebots.url = "github:kmein/telebots";
tinc-graph.url = "github:kmein/tinc-graph";
traadfri.url = "github:kmein/traadfri";
voidrice.url = "github:Lukesmithxyz/voidrice";
agenix.inputs.nixpkgs.follows = "nixpkgs";
agenix.inputs.home-manager.follows = "home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
menstruation-backend.inputs.flake-utils.follows = "flake-utils";
menstruation-backend.inputs.nixpkgs.follows = "nixpkgs";
menstruation-backend.inputs.rust-overlay.follows = "rust-overlay";
menstruation-telegram.inputs.flake-utils.follows = "flake-utils";
menstruation-telegram.inputs.menstruation-backend.follows = "menstruation-backend";
menstruation-telegram.inputs.nixpkgs.follows = "nixpkgs-old";
nixinate.inputs.nixpkgs.follows = "nixpkgs";
recht.inputs.flake-utils.follows = "flake-utils";
recht.inputs.nixpkgs.follows = "nixpkgs";
rust-overlay.inputs.flake-utils.follows = "flake-utils";
rust-overlay.inputs.nixpkgs.follows = "nixpkgs";
scripts.inputs.flake-utils.follows = "flake-utils";
scripts.inputs.nixpkgs.follows = "nixpkgs";
scripts.inputs.rust-overlay.follows = "rust-overlay";
secrets.flake = false;
tinc-graph.inputs.flake-utils.follows = "flake-utils";
tinc-graph.inputs.nixpkgs.follows = "nixpkgs";
tinc-graph.inputs.rust-overlay.follows = "rust-overlay";
traadfri.inputs.flake-utils.follows = "flake-utils";
traadfri.inputs.nixpkgs.follows = "nixpkgs-old";
voidrice.flake = false;
};
outputs = inputs @ {
self,
nixpkgs,
nixpkgs-unstable,
nur,
home-manager,
nixinate,
@@ -61,32 +40,7 @@
...
}:
{
apps =
nixinate.nixinate.x86_64-linux self
// {
x86_64-linux = let
pkgs = nixpkgs.legacyPackages.x86_64-linux;
in {
mock-secrets = {
type = "app";
program = toString (pkgs.writers.writeDash "mock-secrets" ''
${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f > secrets.txt
'');
};
deploy = {
type = "app";
program = toString (pkgs.writers.writeDash "deploy" ''
if [ $# -eq 0 ]
then
systems='${toString (builtins.attrNames self.nixosConfigurations)}'
else
systems=$*
fi
${pkgs.parallel}/bin/parallel --line-buffer --tagstring '{}' 'nix run .\?submodules=1\#apps.nixinate.{}' ::: $systems
'');
};
};
};
apps = nixinate.nixinate.x86_64-linux self;
nixosModules = {
htgen = import modules/htgen.nix;
@@ -104,24 +58,14 @@
panoptikon = import lib/panoptikon.nix;
};
nixosConfigurations = let
niveumSpecialArgs = system: {
unstablePackages = import nixpkgs-unstable {
inherit system;
config.allowUnfreePredicate = pkg:
builtins.elem (nixpkgs-unstable.lib.getName pkg) [
"obsidian"
];
};
niveumPackages = inputs.self.packages.${system};
niveumLib = inputs.self.lib;
inherit inputs;
};
in {
nixosConfigurations = {
ful = nixpkgs.lib.nixosSystem rec {
system = "aarch64-linux";
specialArgs = niveumSpecialArgs system;
specialArgs = {
niveumPackages = inputs.self.packages.${system};
niveumLib = inputs.self.lib;
inherit inputs;
};
modules = [
{
_module.args.nixinate = {
@@ -142,7 +86,10 @@
};
zaatar = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
specialArgs = {
niveumPackages = inputs.self.packages.${system};
inherit inputs;
};
modules = [
{
_module.args.nixinate = {
@@ -162,7 +109,10 @@
makanek = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
# for using inputs in other config files
specialArgs = niveumSpecialArgs system;
specialArgs = {
niveumPackages = inputs.self.packages.${system};
inherit inputs;
};
modules = [
{
_module.args.nixinate = {
@@ -200,7 +150,10 @@
};
manakish = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
specialArgs = {
niveumPackages = inputs.self.packages.${system};
inherit inputs;
};
modules = [
{
_module.args.nixinate = {
@@ -220,7 +173,10 @@
};
kabsa = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
specialArgs = {
niveumPackages = inputs.self.packages.${system};
inherit inputs;
};
modules = [
{
_module.args.nixinate = {
@@ -278,7 +234,6 @@
genius = pkgs.callPackage packages/genius.nix {};
gfs-fonts = pkgs.callPackage packages/gfs-fonts.nix {};
git-preview = pkgs.callPackage packages/git-preview.nix {};
gpt = pkgs.callPackage packages/gpt.nix {};
hc = pkgs.callPackage packages/hc.nix {};
heuretes = pkgs.callPackage packages/heuretes.nix {};
htgen = pkgs.callPackage packages/htgen.nix {};
@@ -321,11 +276,9 @@
unicodmenu = pkgs.callPackage packages/unicodmenu.nix {};
untilport = pkgs.callPackage packages/untilport.nix {};
vg = pkgs.callPackage packages/vg.nix {};
vim = pkgs.callPackage packages/vim.nix {niveumPackages = self.packages.${system};};
vimPlugins-cheat-sh-vim = pkgs.callPackage packages/vimPlugins/cheat-sh.nix {};
vimPlugins-icalendar-vim = pkgs.callPackage packages/vimPlugins/icalendar-vim.nix {};
vimPlugins-jq-vim = pkgs.callPackage packages/vimPlugins/jq-vim.nix {};
vimPlugins-typst-vim = pkgs.callPackage packages/vimPlugins/typst-vim.nix {};
vimPlugins-vim-256noir = pkgs.callPackage packages/vimPlugins/vim-256noir.nix {};
vimPlugins-vim-colors-paramount = pkgs.callPackage packages/vimPlugins/vim-colors-paramount.nix {};
vimPlugins-vim-fetch = pkgs.callPackage packages/vimPlugins/vim-fetch.nix {};

39
lib/colours/owickstrom-dark.nix
View File

@@ -1,38 +1,37 @@
{
# all dark colours are 20% darker than the bright ones
rec {
black = {
bright = "#4c5363"; # "#282c34";
dark = "#20232a";
bright = "#282c34";
dark = "#282c34";
};
red = {
bright = "#e68990"; #"#e06c75";
dark = "#d43541";
bright = "#e06c75";
dark = "#e06c75";
};
green = {
bright = "#acce93"; #"#98c379";
dark = "#77af4e";
bright = "#98c379";
dark = "#98c379";
};
yellow = {
bright = "#eacc95"; #"#e5c07b";
dark = "#d9a440";
bright = "#e5c07b";
dark = "#e5c07b";
};
blue = {
bright = "#80bff2"; #"#61afef";
dark = "#2490e9";
bright = "#61afef";
dark = "#61afef";
};
magenta = {
bright = "#d193e3"; #"#c678dd";
dark = "#af42cf";
bright = "#c678dd";
dark = "#c678dd";
};
cyan = {
bright = "#77c4ce"; #"#56b6c2";
dark = "#3b99a5";
bright = "#56b6c2";
dark = "#56b6c2";
};
white = {
bright = "#e3e5e9"; #"#dcdfe4";
dark = "#a9b1bd";
bright = "#dcdfe4";
dark = "#dcdfe4";
};
background = "#282c34"; #black.dark;
foreground = "#dcdfe4"; #white.bright;
background = black.dark;
foreground = white.bright;
cursor = "#a3b3cc";
}

6
lib/colours/owickstrom-light.nix
View File

@@ -29,9 +29,9 @@ rec {
};
white = {
bright = "#8c00ec";
dark = "#bfbfbf";
dark = "#efefef";
};
background = "#efefef";
background = white.dark;
foreground = "#181818";
cursor = "#a3b3cc";
cursor = "#bbbbbb";
}

28
lib/i3status-rust.nix
View File

@@ -13,7 +13,7 @@
'';
in {
theme = {
theme = "plain";
name = "plain";
overrides = {
critical_fg = colours.red.bright;
good_fg = colours.green.bright;
@@ -30,14 +30,15 @@ in {
separator_fg = colours.black.bright;
};
};
icons.icons = "awesome6";
icons.name = "awesome6";
icons.overrides.rss = "";
icons.overrides.vpn = "";
icons.overrides.irc = "";
block = [
{
block = "weather";
autolocate = true;
format = "$icon $location: $temp";
format = "{location}: {temp}C";
service = {
name = "openweathermap";
city_id = "2950159";
@@ -72,6 +73,12 @@ in {
info = ["total"];
warning = ["mention" "review_requested" "team_mention" "manual" "invitation" "assign" "subscribed"];
}
{
block = "custom";
interval = 10;
command = "newsboat-unread-count";
json = true;
}
{
block = "custom";
interval = 10;
@@ -146,12 +153,6 @@ in {
json = true;
hide_when_empty = true;
}
{
block = "service_status";
service = "hu-vpn";
active_format = "^icon_vpn";
inactive_format = "";
}
{
block = "custom";
interval = 5;
@@ -167,7 +168,7 @@ in {
{
block = "net";
device = wirelessInterface;
format = "$icon $ssid $signal_strength";
format = "{ssid} {signal_strength}";
}
{
block = "battery";
@@ -175,14 +176,17 @@ in {
}
{
block = "sound";
on_click = "pavucontrol";
}
{
block = "disk_space";
format = "$icon $available";
format = "{icon} {available}";
}
{
block = "memory";
format = "$icon $mem_used.eng(prefix:G)";
display_type = "memory";
format_mem = "{mem_used;G}";
clickable = false;
}
{block = "load";}
{

2
lib/panoptikon.nix
View File

@@ -31,7 +31,7 @@
nick ? ''"$PANOPTIKON_WATCHER"-watcher'',
}:
pkgs.writers.writeDash "kpaste-irc-reporter" ''
KPASTE_CONTENT_TYPE=text/plain ${niveumPackages.kpaste}/bin/kpaste \
${niveumPackages.kpaste}/bin/kpaste \
| ${pkgs.gnused}/bin/sed -n "${
if retiolumLink
then "2"

12
lib/streams.nix
View File

@@ -34,7 +34,6 @@ let
radiorecord = "radiorecord";
rap = "rap";
rock = "rock";
rekt = "rekt";
russian = "russia";
schlager = "schlager";
soma = "soma";
@@ -70,9 +69,6 @@ let
rte-name = name: "RTÉ ${name}";
rte = name: "https://www.rte.ie/manifests/${name}.m3u8";
rekt-name = name: "Rekt ${name}";
rekt = name: "https://stream.rekt.network/${name}.m4a";
royal-name = name: "${name} | RoyalRadio";
royal = name: "http://193.33.170.218:8000/${name}";
@@ -1947,11 +1943,6 @@ in
station = "${name} | Your Classical";
tags = [tags.classical];
}) ["ycradio" "guitar" "cms" "relax" "lullabies" "choral" "favorites" "chambermusic" "concertband" "holiday"]
++ map (name: {
stream = "https://stream.rekt.network/${name}.m4a";
station = "${name} | Rekt Network";
tags = [tags.rekt];
}) ["rekt" "rektory" "nightride" "chillsynth" "datawave" "spacesynth" "darksynth" "horrorsynth" "ebsm"]
/*
(caster-fm "TODO" "noasrv" 10182) # https://github.com/cccruzr/albumsyoumusthear/blob/7e00baf575e4d357cd275d54d1aeb717321141a8/HLS/IBERO_90_1.m3u
(caster-fm "TODO" "shaincast" 20866) # https://github.com/cccruzr/albumsyoumusthear/blob/7e00baf575e4d357cd275d54d1aeb717321141a8/HLS/IBERO_90_1.m3u
@@ -1978,8 +1969,5 @@ http://n0b.radiojar.com/1pu7hhf8kfhvv
Chillout from kassel
https://server4.streamserver24.com:2199/tunein/ejanowsk.pls
Jazz
http://37.251.146.169:7800/stream
*/

1
lib/vim/init.vim
View File

@@ -126,7 +126,6 @@ augroup filetypes
autocmd bufnewfile,bufread *.rust packadd rust-vim
autocmd bufnewfile,bufread *.csv packadd csv.vim | set filetype=csv
autocmd bufnewfile,bufread *.tex packadd vimtex | set filetype=tex
autocmd bufnewfile,bufread *.typ packadd typst.vim | set filetype=typst
autocmd bufnewfile,bufread *.ics packadd icalendar.vim | set filetype=icalendar
autocmd bufnewfile,bufread *.ts packadd typescript-vim | set filetype=typescript
autocmd bufnewfile,bufread *.jq packadd jq.vim

15
packages/gpt.nix
View File

@@ -1,15 +0,0 @@
{
curl,
writers,
jq,
apiKeyCommand ? "pass api-keys/openai.com",
model ? "gpt-3.5-turbo",
}:
writers.writeDashBin "gpt" ''
json=$(jq --slurp --raw-input '{model:"${model}", messages: [{role: "user", content: .}]}')
${curl}/bin/curl -sSL https://api.openai.com/v1/chat/completions \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $(${apiKeyCommand})" \
-d "$json" \
| ${jq}/bin/jq -r '.choices[] | .message.content'
''

28
packages/itl.nix Normal file
View File

@@ -0,0 +1,28 @@
{
stdenv,
fetchFromGitHub,
cmake,
lib,
}:
stdenv.mkDerivation rec {
pname = "itl";
version = "0.8.0";
src = fetchFromGitHub {
owner = "arabeyes-org";
repo = "ITL";
rev = "v${version}";
sha256 = "sha256-GTicTbZmFbPhzInFob3cfvtTxOpUZuqsQz1w9CoWu9w=";
};
nativeBuildInputs = [cmake];
cmakeFlags = [
"-DCMAKE_INSTALL_PREFIX=${placeholder "out"}"
"-DCMAKE_INSTALL_LIBDIR=lib"
];
meta = {
homepage = "https://www.arabeyes.org/ITL";
description = "Islamic Tools and Libraries";
license = lib.licenses.lgpl2;
platforms = lib.platforms.all;
maintainer = [lib.maintainers.kmein];
};
}

32
packages/itools.nix Normal file
View File

@@ -0,0 +1,32 @@
{
stdenv,
fetchFromGitHub,
itl,
lib,
# autoreconfHook,
automake,
}:
stdenv.mkDerivation rec {
pname = "itools";
version = "1.0";
src = fetchFromGitHub {
owner = "arabeyes-org";
repo = "itools";
rev = version;
sha256 = "sha256-g9bsjupC4Sb5ywAgUNbjYLbHZ/i994lbNSnX2JyaP3g=";
};
# nativeBuildInputs = [autoreconfHook];
buildPhase = ''
touch ChangeLog
./configure
make
'';
buildInputs = [itl];
meta = {
homepage = "https://www.arabeyes.org/ITL";
description = "The itools package is a set of user friendly applications utilizing Arabeyes' ITL library. ";
license = lib.licenses.gpl2;
platforms = lib.platforms.all;
maintainer = [lib.maintainers.kmein];
};
}

1
packages/klem.nix
View File

@@ -49,6 +49,7 @@ in
${lib.concatStringsSep "\n" (lib.mapAttrsToList scriptCase cfg.scripts)}
*) ${pkgs.coreutils}/bin/cat ;;
esac \
| tr -d '\r\n' \
| ${pkgs.xclip}/bin/xclip -selection ${cfg.selection} -in
${pkgs.libnotify}/bin/notify-send --app-name="klem" "Result copied to clipboard."

3
packages/kpaste.nix
View File

@@ -4,7 +4,6 @@
writers,
}:
writers.writeDashBin "kpaste" ''
${curl}/bin/curl -sS http://p.r --data-binary @"''${1:--}" \
-H "Content-Type-Override: ''${KPASTE_CONTENT_TYPE-}"
${curl}/bin/curl -sS http://p.r --data-binary @"''${1:--}" |
${gnused}/bin/sed '$ {p;s|http://p.r|https://p.krebsco.de|}'
''

67
packages/vim.nix
View File

@@ -1,67 +0,0 @@
{
neovim,
vimPlugins,
fetchFromGitHub,
vimUtils,
niveumPackages,
...
}: (neovim.override {
configure = {
customRC = ''
source ${../lib/vim/init.vim}
luafile ${../lib/vim/init.lua}
'';
packages.nvim = with vimPlugins; {
start = [
ale
fzf-vim
fzfWrapper
supertab
undotree
tabular
# vimwiki
niveumPackages.vimPlugins-vim-colors-paramount
nvim-lspconfig
vim-commentary
vim-css-color
vim-eunuch
niveumPackages.vimPlugins-vim-fetch
vim-fugitive
vim-gitgutter
vim-repeat
vim-sensible
vim-surround
(vimUtils.buildVimPlugin rec {
pname = "vim-dim";
version = "1.1.0";
name = "${pname}-${version}";
src = fetchFromGitHub {
owner = "jeffkreeftmeijer";
repo = pname;
rev = version;
sha256 = "sha256-lyTZUgqUEEJRrzGo1FD8/t8KBioPrtB3MmGvPeEVI/g=";
};
})
];
opt = [
csv
elm-vim
emmet-vim
haskell-vim
niveumPackages.vimPlugins-icalendar-vim
niveumPackages.vimPlugins-jq-vim
rust-vim
typescript-vim
vim-javascript
vim-ledger
vim-nix
vimtex
vim-pandoc
vim-pandoc-syntax
niveumPackages.vimPlugins-vim-256noir
niveumPackages.vimPlugins-typst-vim
];
};
};
})

14
packages/vimPlugins/typst-vim.nix
View File

@@ -1,14 +0,0 @@
{
vimUtils,
fetchFromGitHub,
}:
vimUtils.buildVimPluginFrom2Nix {
pname = "typst.vim";
version = "2882f21";
src = fetchFromGitHub {
owner = "kaarmu";
repo = "typst.vim";
rev = "2882f211f1498c790bb857f8a912c8e86526a362";
sha256 = "0xr8k17ggqfdksf3kybimfl5djjz3h19k4479la06i5lnwvlhkh2";
};
}

2
secrets

Submodule secrets updated: f32a17e485...99320671a5

62
secrets.txt
View File

@@ -1,62 +0,0 @@
secrets/di-fm-key.age
secrets/email-password-meinhark.age
secrets/kabsa-retiolum-privateKey-ed25519.age
secrets/makanek-specus-privateKey.age
secrets/manakish-retiolum-privateKey-rsa.age
secrets/kfm-password.age
secrets/email-password-fysi.age
secrets/github-token-i3status-rust.age
secrets/nextcloud-password-admin.age
secrets/zaatar-retiolum-privateKey-ed25519.age
secrets/manakish-syncthing-cert.age
secrets/telegram-token-betacode.age
secrets/tabula-retiolum-privateKey-rsa.age
secrets/zaatar-ympd-basicAuth.age
secrets/zaatar-moodle-dl-basicAuth.age
secrets/mega-password.age
secrets/telegram-token-reverse.age
secrets/email-password-meinhaki.age
secrets/spotify-password.age
secrets/telegram-token-kmein.age
secrets/maxmind-license-key.age
secrets/makanek-retiolum-privateKey-rsa.age
secrets/spotify-username.age
secrets/onlyoffice-jwt-key.age
secrets/miniflux-credentials.age
secrets/email-password-fsklassp.age
secrets/kabsa-retiolum-privateKey-rsa.age
secrets/traadfri-key.age
secrets/tahina-retiolum-privateKey-rsa.age
secrets/makanek-retiolum-privateKey-ed25519.age
secrets/zaatar-retiolum-privateKey-rsa.age
secrets/kabsa-specus-privateKey.age
secrets/nextcloud-password-kieran.age
secrets/ful-root.age
secrets/manakish-syncthing-key.age
secrets/email-password-dslalewa.age
secrets/zaatar-moodle-dl-tokens.json.age
secrets/tabula-retiolum-privateKey-ed25519.age
secrets/tahina-retiolum-privateKey-ed25519.age
secrets/cifs-credentials-hu-berlin.age
secrets/kabsa-syncthing-key.age
secrets/ful-retiolum-privateKey-rsa.age
secrets/ful-retiolum-privateKey-ed25519.age
secrets/zaatar-syncthing-key.age
secrets/openweathermap-api-key.age
secrets/secrets.nix
secrets/email-password-cock.age
secrets/telegram-token-nachtischsatan.age
secrets/kabsa-syncthing-cert.age
secrets/grafana-password-admin.age
secrets/email-password-posteo.age
secrets/manakish-retiolum-privateKey-ed25519.age
secrets/restic.age
secrets/home-assistant-token.age
secrets/zaatar-syncthing-cert.age
secrets/nextcloud-password-database.age
secrets/telegram-token-menstruation.age
secrets/alertmanager-token-reporters.age
secrets/ful-specus-privateKey.age
secrets/nextcloud-password-fysi.age
secrets/weechat-sec.conf.age
secrets/telegram-token-proverb.age

12
systems/ful/configuration.nix
View File

@@ -1,5 +1,5 @@
{
inputs,
lib,
config,
pkgs,
...
@@ -36,19 +36,19 @@ in {
age.secrets = {
retiolum-rsa = {
file = inputs.secrets + "/ful-retiolum-privateKey-rsa.age";
file = ../../secrets/ful-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = inputs.secrets + "/ful-retiolum-privateKey-ed25519.age";
file = ../../secrets/ful-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
root.file = inputs.secrets + "/ful-root.age";
restic.file = inputs.secrets + "/restic.age";
root.file = ../../secrets/ful-root.age;
restic.file = ../../secrets/restic.age;
};
services.restic.backups.niveum = {
@@ -93,5 +93,5 @@ in {
environment.systemPackages = [pkgs.vim pkgs.git pkgs.tmux pkgs.python3];
# since 22.05 timeout fails?
# systemd.services.systemd-networkd-wait-online.enable = false;
systemd.services.systemd-networkd-wait-online.enable = false;
}

9
systems/ful/panoptikon.nix
View File

@@ -24,14 +24,7 @@ in {
enable = true;
watchers = {
"github-meta" = {
script = panoptikon.urlJSON {
jqScript = ''
{
ssh_key_fingerprints: .ssh_key_fingerprints,
ssh_keys: .ssh_keys
}
'';
} "https://api.github.com/meta";
script = panoptikon.urlJSON {} "https://api.github.com/meta";
reporters = [irc-xxx];
};
lammla = {

13
systems/kabsa/configuration.nix
View File

@@ -1,6 +1,7 @@
{
inputs,
config,
pkgs,
lib,
...
}: let
inherit (import ../../lib) retiolumAddresses;
@@ -25,20 +26,20 @@ in {
age.secrets = {
retiolum-rsa = {
file = inputs.secrets + "/kabsa-retiolum-privateKey-rsa.age";
file = ../../secrets/kabsa-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = inputs.secrets + "/kabsa-retiolum-privateKey-ed25519.age";
file = ../../secrets/kabsa-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = inputs.secrets + "/restic.age";
syncthing-cert.file = inputs.secrets + "/kabsa-syncthing-cert.age";
syncthing-key.file = inputs.secrets + "/kabsa-syncthing-key.age";
restic.file = ../../secrets/restic.age;
syncthing-cert.file = ../../secrets/kabsa-syncthing-cert.age;
syncthing-key.file = ../../secrets/kabsa-syncthing-key.age;
};
environment.systemPackages = [pkgs.minecraft pkgs.zeroad];

9
systems/makanek/configuration.nix
View File

@@ -1,5 +1,5 @@
{
inputs,
lib,
config,
pkgs,
...
@@ -16,7 +16,6 @@ in {
./names.nix
./nextcloud.nix
./radio-news.nix
./onlyoffice.nix
./retiolum-map.nix
./tarot.nix
./tt-rss.nix
@@ -84,18 +83,18 @@ in {
age.secrets = {
retiolum-rsa = {
file = inputs.secrets + "/makanek-retiolum-privateKey-rsa.age";
file = ../../secrets/makanek-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = inputs.secrets + "/makanek-retiolum-privateKey-ed25519.age";
file = ../../secrets/makanek-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = inputs.secrets + "/restic.age";
restic.file = ../../secrets/restic.age;
};
system.stateVersion = "20.03";

2
systems/makanek/gitea.nix
View File

@@ -4,9 +4,9 @@ let
in {
services.gitea = {
enable = true;
rootUrl = domain;
appName = "code.kmein.de";
settings = {
server.ROOT_URL = domain;
server.SSH_PORT = sshPort;
service.DISABLE_REGISTRATION = true;
};

1
systems/makanek/hardware-configuration.nix
View File

@@ -16,6 +16,7 @@
extraModulePackages = [];
loader.grub = {
enable = true;
version = 2;
devices = ["/dev/sda"];
configurationLimit = 3;
};

3
systems/makanek/menstruation.nix
View File

@@ -1,6 +1,7 @@
{
config,
pkgs,
lib,
inputs,
...
}: let
@@ -46,7 +47,7 @@ in {
};
};
age.secrets.telegram-token-menstruation.file = inputs.secrets + "/telegram-token-menstruation.age";
age.secrets.telegram-token-menstruation.file = ../../secrets/telegram-token-menstruation.age;
systemd.services.menstruation-backend = {
wants = ["network-online.target"];

8
systems/makanek/moinbot.nix
View File

@@ -7,13 +7,17 @@
startAt = "7:00";
script = ''
greeting=$(echo "moin
MOIN" | shuf -n1)
oi
noim
MOIN
OI
moi" | shuf -n1)
echo "$greeting" | ${config.nur.repos.mic92.ircsink}/bin/ircsink \
--nick "$greeting""bot" \
--server irc.hackint.org \
--port 6697 \
--secure \
--target '#hsmr' >/dev/null 2>&1
--target '#hsmr-moin' >/dev/null 2>&1
'';
serviceConfig.DynamicUser = true;
};

13
systems/makanek/monitoring/default.nix
View File

@@ -2,7 +2,6 @@
lib,
config,
pkgs,
inputs,
...
}: let
lokiConfig = import ./loki.nix;
@@ -224,7 +223,8 @@ in {
email_configs = let
inherit (import ../../../lib) kieran;
inherit (import ../../../lib/email.nix {inherit lib;}) cock;
cockConfig = {
in [
{
send_resolved = true;
to = kieran.email;
from = cock.user;
@@ -232,8 +232,7 @@ in {
auth_username = cock.user;
auth_identity = cock.user;
auth_password = "$EMAIL_PASSWORD";
};
in [
}
];
}
];
@@ -242,19 +241,19 @@ in {
age.secrets = {
email-password-cock = {
file = inputs.secrets + "/email-password-cock.age";
file = ../../../secrets/email-password-cock.age;
owner = "grafana";
group = "grafana";
mode = "440";
};
grafana-password-admin = {
file = inputs.secrets + "/grafana-password-admin.age";
file = ../../../secrets/grafana-password-admin.age;
owner = "grafana";
group = "grafana";
mode = "440";
};
alertmanager-token-reporters = {
file = inputs.secrets + "/alertmanager-token-reporters.age";
file = ../../../secrets/alertmanager-token-reporters.age;
owner = "prometheus";
group = "prometheus";
mode = "440";

7
systems/makanek/nextcloud.nix
View File

@@ -1,7 +1,6 @@
{
pkgs,
config,
inputs,
lib,
...
}: let
@@ -9,13 +8,13 @@
in {
age.secrets = {
nextcloud-password-database = {
file = inputs.secrets + "/nextcloud-password-database.age";
file = ../../secrets/nextcloud-password-database.age;
owner = "nextcloud";
group = "nextcloud";
mode = "440";
};
nextcloud-password-admin = {
file = inputs.secrets + "/nextcloud-password-admin.age";
file = ../../secrets/nextcloud-password-admin.age;
owner = "nextcloud";
group = "nextcloud";
mode = "440";
@@ -24,7 +23,7 @@ in {
services.nextcloud = {
enable = true;
package = pkgs.nextcloud26;
package = pkgs.nextcloud25;
https = true;
enableBrokenCiphersForSSE = false;

29
systems/makanek/onlyoffice.nix
View File

@@ -1,29 +0,0 @@
{
inputs,
config,
...
}: {
services.onlyoffice = {
enable = true;
port = 8111;
hostname = "onlyoffice.kmein.de";
jwtSecretFile = config.age.secrets.onlyoffice-key.path;
};
age.secrets.onlyoffice-key = {
file = inputs.secrets + "/onlyoffice-jwt-key.age";
owner = "onlyoffice";
};
# otherwise this leads to nginx
# open() "/var/lib/onlyoffice/documentserver/App_Data/cache/files/data/conv_check_1138411943_docx/output.docx" failed (13: Permission denied)
# and mysterious 403 errors
system.activationScripts.onlyoffice-readable.text = ''
chmod a+x /var/lib/onlyoffice/documentserver/
'';
services.nginx.virtualHosts.${config.services.onlyoffice.hostname} = {
enableACME = true;
forceSSL = true;
};
}

4
systems/makanek/retiolum-map.nix
View File

@@ -20,7 +20,7 @@ in {
script = ''
${tinc-graph}/bin/tinc-graph --geoip-file ${geo-ip-database-path} --network ${network} \
| ${pkgs.coreutils}/bin/tee network.json \
| ${tinc-graph}/bin/tinc-midpoint > midpoint.json
| ${tinc-graph}/bin/tinc-statistics > statistics.json
cp ${tinc-graph}/static/map.html map.html
cp ${tinc-graph}/static/map.html index.html
@@ -45,7 +45,7 @@ in {
};
};
age.secrets.maxmind-license-key.file = inputs.secrets + "/maxmind-license-key.age";
age.secrets.maxmind-license-key.file = ../../secrets/maxmind-license-key.age;
niveum.passport.services = [
{

5
systems/makanek/tt-rss.nix
View File

@@ -1,5 +1,6 @@
{
inputs,
pkgs,
lib,
config,
...
}: let
@@ -18,7 +19,7 @@ in {
};
};
age.secrets.miniflux-credentials.file = inputs.secrets + "/miniflux-credentials.age";
age.secrets.miniflux-credentials.file = ../../secrets/miniflux-credentials.age;
services.postgresqlBackup = {
enable = true;

4
systems/makanek/weechat.nix
View File

@@ -1,7 +1,7 @@
{
lib,
pkgs,
inputs,
config,
...
}: let
inherit (import ../../lib) kieran;
@@ -205,7 +205,7 @@ in {
};
age.secrets.weechat-sec = {
file = inputs.secrets + "/weechat-sec.conf.age";
file = ../../secrets/weechat-sec.conf.age;
path = "/var/lib/weechat/sec.conf";
owner = "weechat";
group = "weechat";

14
systems/manakish/configuration.nix
View File

@@ -1,4 +1,8 @@
{inputs, ...}: let
{
config,
pkgs,
...
}: let
inherit (import ../../lib) retiolumAddresses;
in {
imports = [
@@ -12,19 +16,19 @@ in {
age.secrets = {
retiolum-rsa = {
file = inputs.secrets + "/manakish-retiolum-privateKey-rsa.age";
file = ../../secrets/manakish-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = inputs.secrets + "/manakish-retiolum-privateKey-ed25519.age";
file = ../../secrets/manakish-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
syncthing-cert.file = inputs.secrets + "/manakish-syncthing-cert.age";
syncthing-key.file = inputs.secrets + "/manakish-syncthing-key.age";
syncthing-cert.file = ../../secrets/manakish-syncthing-cert.age;
syncthing-key.file = ../../secrets/manakish-syncthing-key.age;
};
niveum = {

63
systems/manakish/hdmi.nix
View File

@@ -1,13 +1,52 @@
{pkgs, ...}: {
services.xserver.displayManager.sessionCommands = let
intern = "LVDS-1";
extern = "HDMI-1";
pulseaudioCard = "alsa_card.pci-0000_00_1b.0";
# pulseaudioProfile = "output:hdmi-stereo-extra2+input:analog-stereo";
pulseaudioProfile = "alsa_output.pci-0000_00_1b.0.analog-stereo";
in
toString (pkgs.writers.writeDash "hdmi-on" ''
${pkgs.xorg.xrandr}/bin/xrandr --output ${intern} --primary --auto --output ${extern} --above ${intern} --auto
${pkgs.pulseaudio}/bin/pactl set-card-profile ${pulseaudioCard} ${pulseaudioProfile}
'');
{pkgs, ...}: let
pulseaudioCard = "alsa_card.pci-0000_00_1b.0";
fingerprint = {
HDMI-1 = "00ffffffffffff004c2d320d48435030181a0103803c22782a5295a556549d250e5054bb8c00b30081c0810081809500a9c001010101023a801871382d40582c450056502100001e000000fd0032481e5111000a202020202020000000fc00433237463339300a2020202020000000ff00485451483630323132390a202001e402031af14690041f131203230907078301000066030c00100080011d00bc52d01e20b828554056502100001e8c0ad090204031200c4055005650210000188c0ad08a20e02d10103e9600565021000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000061";
LVDS-1 = "00ffffffffffff0006af6c100000000000140104901c10780220e5925554922825505400000001010101010101010101010101010101121b56585000193030203600159c100000180000000f0000000000000000000000000020000000fe0041554f0a202020202020202020000000fe004231323558573031205630200a00ec";
};
in {
home-manager.users.me = {
programs.autorandr = {
enable = true;
hooks.postswitch.wallpaper = "systemctl --user restart wallpaper";
profiles = {
single = {
hooks.postswitch = "${pkgs.pulseaudio}/bin/pactl set-card-profile ${pulseaudioCard} alsa_output.pci-0000_00_1b.0.analog-stereo";
fingerprint = {inherit (fingerprint) LVDS-1;};
config = {
HDMI-1.enable = false;
LVDS-1 = {
enable = true;
crtc = 0;
mode = "1366x768";
position = "277x1080";
primary = true;
rate = "60.10";
};
};
};
desk = {
hooks.postswitch = "${pkgs.pulseaudio}/bin/pactl set-card-profile ${pulseaudioCard} output:hdmi-stereo+input:analog-stereo";
fingerprint = {inherit (fingerprint) HDMI-1 LVDS-1;};
config = {
HDMI-1 = {
enable = true;
crtc = 1;
mode = "1920x1080";
position = "0x0";
primary = true;
rate = "60.00";
};
LVDS-1 = {
enable = true;
crtc = 0;
mode = "1366x768";
position = "277x1080";
rate = "60.10";
};
};
};
};
};
};
}

6
systems/tabula/configuration.nix
View File

@@ -1,5 +1,5 @@
{
inputs,
config,
pkgs,
...
}: let
@@ -15,13 +15,13 @@ in {
age.secrets = {
retiolum-rsa = {
file = inputs.secrets + "/tabula-retiolum-privateKey-rsa.age";
file = ../../secrets/tabula-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = inputs.secrets + "/tabula-retiolum-privateKey-ed25519.age";
file = ../../secrets/tabula-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";

6
systems/tahina/configuration.nix
View File

@@ -1,5 +1,5 @@
{
inputs,
config,
pkgs,
...
}: let
@@ -15,13 +15,13 @@ in {
age.secrets = {
retiolum-rsa = {
file = inputs.secrets + "/tahina-retiolum-privateKey-rsa.age";
file = ../../secrets/tahina-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = inputs.secrets + "/tahina-retiolum-privateKey-ed25519.age";
file = ../../secrets/tahina-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";

58
systems/zaatar/atuin.nix
View File

@@ -1,16 +1,58 @@
{pkgs, ...}: {
{
config,
pkgs,
...
}: let
inherit (import ../../lib) tmpfilesConfig;
in {
services.postgresql = {
enable = true;
dataDir = "/var/state/postgresql/${config.services.postgresql.package.psqlSchema}";
ensureDatabases = ["atuin"];
ensureUsers = [
{
name = "atuin";
ensurePermissions."DATABASE atuin" = "ALL PRIVILEGES";
}
];
};
services.postgresqlBackup = {
enable = true;
databases = ["atuin"];
};
services.postgresql.package = pkgs.postgresql_14;
systemd.tmpfiles.rules = [
(tmpfilesConfig {
type = "d";
path = "/var/state/postgresql";
mode = "0700";
user = "postgres";
group = "postgres";
})
];
services.atuin = {
host = "0.0.0.0";
openFirewall = true;
openRegistration = true;
port = 8888;
enable = true;
users.groups.atuin = {};
users.users.atuin = {
isSystemUser = true;
group = "atuin";
home = "/run/atuin";
createHome = true;
};
systemd.services.atuin = {
wantedBy = ["multi-user.target"];
environment = {
ATUIN_HOST = "0.0.0.0";
ATUIN_PORT = "8888";
ATUIN_OPEN_REGISTRATION = "true";
ATUIN_DB_URI = "postgres:///atuin";
};
serviceConfig = {
User = "atuin";
ExecStart = "${pkgs.atuin}/bin/atuin server start";
Restart = "on-failure";
};
};
networking.firewall.allowedTCPPorts = [8888];
}

14
systems/zaatar/configuration.nix
View File

@@ -1,7 +1,7 @@
{
config,
pkgs,
inputs,
lib,
...
}: let
inherit (import ../../lib) retiolumAddresses restic;
@@ -10,8 +10,8 @@ in {
./atuin.nix
./backup.nix
./gaslight.nix
./kiosk.nix
./hardware-configuration.nix
./kiosk.nix
./moodle-dl-meinhark.nix
./pulseaudio.nix
./home-assistant.nix
@@ -31,18 +31,18 @@ in {
age.secrets = {
retiolum-rsa = {
file = inputs.secrets + "/zaatar-retiolum-privateKey-rsa.age";
file = ../../secrets/zaatar-retiolum-privateKey-rsa.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
retiolum-ed25519 = {
file = inputs.secrets + "/zaatar-retiolum-privateKey-ed25519.age";
file = ../../secrets/zaatar-retiolum-privateKey-ed25519.age;
mode = "400";
owner = "tinc.retiolum";
group = "tinc.retiolum";
};
restic.file = inputs.secrets + "/restic.age";
restic.file = ../../secrets/restic.age;
};
services.restic.backups.moodle-dl = {
@@ -82,7 +82,7 @@ in {
];
# since 22.05 timeout fails?
# systemd.services.systemd-networkd-wait-online.enable = false;
systemd.services.systemd-networkd-wait-online.enable = false;
networking = {
hostName = "zaatar";
@@ -90,5 +90,5 @@ in {
retiolum = retiolumAddresses.zaatar;
};
system.stateVersion = "22.05";
system.stateVersion = "20.09";
}

1
systems/zaatar/kiosk.nix
View File

@@ -9,7 +9,6 @@
password = "";
extraGroups = ["audio"];
};
# TODO https://github.com/cage-kiosk/cage/issues/138
services.cage = {
enable = true;
user = config.users.extraUsers.kiosk.name;

21
systems/zaatar/moodle-dl-meinhark.nix
View File

@@ -2,26 +2,23 @@
config,
pkgs,
lib,
inputs,
...
}: let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old:
old
// {
# patches = [../../packages/moodle-dl/telegram-format.patch]; TODO?
patches = [../../packages/moodle-dl/telegram-format.patch];
});
in {
age.secrets = {
/*
moodle-dl-tokens = {
file = inputs.secrets + "/zaatar-moodle-dl-tokens.json.age";
file = ../../secrets/zaatar-moodle-dl-tokens.json.age;
owner = "moodle-dl";
group = "moodle-dl";
mode = "400";
};
*/
moodle-dl-basicAuth = {
file = inputs.secrets + "/zaatar-moodle-dl-basicAuth.age";
file = ../../secrets/zaatar-moodle-dl-basicAuth.age;
owner = "nginx";
group = "nginx";
mode = "400";
@@ -29,7 +26,7 @@ in {
};
services.moodle-dl = {
enable = false;
enable = true;
startAt = "hourly";
package = moodle-dl-package;
tokensFile = config.age.secrets.moodle-dl-tokens.path;
@@ -98,16 +95,6 @@ in {
# WS 2022
115414 # Nonnos
116108 # Dialektologie
# SS 2023
117967 # Archaische Lyrik
119658 # Dyskolos
118963 # Antike Biographie
92668 # Taa
120671 # Jiddisch
120720 # Sorbisch
118076 # X-Tutorial
120631 # Predigten
];
download_submissions = true;
download_descriptions = true;

9
systems/zaatar/mpd.nix
View File

@@ -2,7 +2,6 @@
config,
pkgs,
lib,
inputs,
...
}: let
firewall = (import ../../lib).firewall lib;
@@ -103,14 +102,14 @@ in {
age.secrets = {
ympd-basicAuth = {
file = inputs.secrets + "/zaatar-ympd-basicAuth.age";
file = ../../secrets/zaatar-ympd-basicAuth.age;
owner = "nginx";
group = "nginx";
mode = "400";
};
syncthing-cert.file = inputs.secrets + "/zaatar-syncthing-cert.age";
syncthing-key.file = inputs.secrets + "/zaatar-syncthing-key.age";
di-fm-key.file = inputs.secrets + "/di-fm-key.age";
syncthing-cert.file = ../../secrets/zaatar-syncthing-cert.age;
syncthing-key.file = ../../secrets/zaatar-syncthing-key.age;
di-fm-key.file = ../../secrets/di-fm-key.age;
};
services.nginx = {

20
systems/zaatar/spotifyd.nix
View File

@@ -1,14 +1,15 @@
{
config,
inputs,
pkgs,
lib,
...
}: {
services.spotifyd = {
enable = true;
settings = {
global = {
username_cmd = "cat $CREDENTIALS_DIRECTORY/username";
password_cmd = "cat $CREDENTIALS_DIRECTORY/password";
username_cmd = "cat ${config.age.secrets.spotify-username.path}";
password_cmd = "cat ${config.age.secrets.spotify-password.path}";
backend = "pulseaudio";
bitrate = 320;
device_type = "s_t_b"; # set-top box
@@ -17,16 +18,9 @@
};
};
systemd.services.spotifyd = {
serviceConfig.LoadCredential = [
"username:${config.age.secrets.spotify-username.path}"
"password:${config.age.secrets.spotify-password.path}"
];
};
age.secrets = {
spotify-username.file = inputs.secrets + "/spotify-username.age";
spotify-password.file = inputs.secrets + "/spotify-password.age";
spotify-username.file = ../../secrets/spotify-username.age;
spotify-password.file = ../../secrets/spotify-password.age;
};
# ref https://github.com/NixOS/nixpkgs/issues/71362#issuecomment-753461502
@@ -34,4 +28,6 @@
unload-module module-native-protocol-unix
load-module module-native-protocol-unix auth-anonymous=1
'';
systemd.services.spotifyd.serviceConfig.Restart = "always";
}