kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-29 08:41:07 +02:00
Code Releases Activity

Compare commits

base: kfm:e3f4c34ac388370ab84a7519d06a42c845303903
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:wayland
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

10 Commits
e3f4c34ac3 ... wayland

Author SHA1 Message Date
Kierán Meinhardt
b274a59a50 niri: add shortcut to float windows 2025-08-26 08:29:09 +02:00
Kierán Meinhardt
b4de03bb3c replace more instances of rofi by wofi 2025-08-26 08:28:56 +02:00
Kierán Meinhardt
b0062abbfe passmenu: fix 2025-08-26 07:50:31 +02:00
Kierán Meinhardt
0e9a046c5f obsidian-vim: add fugitive 2025-08-26 07:50:24 +02:00
Kierán Meinhardt
72ab319e65 niri: set window rules 2025-08-26 07:50:06 +02:00
Kierán Meinhardt
f08e43067b configure niri 2025-08-26 07:19:54 +02:00
Kierán Meinhardt
d0ac0af7c3 use wl-clipboard 2025-08-26 07:19:17 +02:00
Kierán Meinhardt
5febabb7fa use wofi 2025-07-11 11:37:23 +02:00
Kierán Meinhardt
44d29f90e9 working niri config 2025-07-10 06:51:51 +02:00
Kierán Meinhardt
1aaf0fe5ae configure wayland for kabsa 2025-07-09 09:23:41 +02:00
78 changed files with 2006 additions and 1202 deletions
Expand all files Collapse all files

2
README.md
View File

@@ -1,7 +1,5 @@
# niveum # niveum
> I must Create a System, or be enslav'd by another Man's. —William Blake
> [nĭvĕus](https://logeion.uchicago.edu/niveus), a, um, adj. [nix], _of_ or _from snow, snowy, snow-_ (poet.) > [nĭvĕus](https://logeion.uchicago.edu/niveus), a, um, adj. [nix], _of_ or _from snow, snowy, snow-_ (poet.)
> >
> 1. Lit.: aggeribus niveis informis, Verg. G. 3, 354: aqua, _cooled with snow_, Mart. 12, 17, 6; cf. id. 14, 104 and 117: mons, _covered with snow_, Cat. 64, 240.— > 1. Lit.: aggeribus niveis informis, Verg. G. 3, 354: aqua, _cooled with snow_, Mart. 12, 17, 6; cf. id. 14, 104 and 117: mons, _covered with snow_, Cat. 64, 240.—

8
configs/0ad.nix
View File

@@ -1,8 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.zeroad ];
networking.firewall = {
allowedTCPPorts = [ 20595 ];
allowedUDPPorts = [ 20595 ];
};
}

25
configs/aerc.nix
View File

@@ -8,14 +8,14 @@
inherit (import ../lib/email.nix) defaults thunderbirdProfile; inherit (import ../lib/email.nix) defaults thunderbirdProfile;
in { in {
age.secrets = { age.secrets = {
email-password-ical-ephemeris = { email-password-cock = {
file = ../secrets/email-password-ical-ephemeris.age; file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name; owner = config.users.users.me.name;
group = config.users.users.me.group; group = config.users.users.me.group;
mode = "400"; mode = "400";
}; };
email-password-cock = { email-password-letos = {
file = ../secrets/email-password-cock.age; file = ../secrets/email-password-letos.age;
owner = config.users.users.me.name; owner = config.users.users.me.name;
group = config.users.users.me.group; group = config.users.users.me.group;
mode = "400"; mode = "400";
@@ -92,17 +92,16 @@ in {
smtp.port = 25; smtp.port = 25;
smtp.tls.useStartTls = true; smtp.tls.useStartTls = true;
}; };
ical-ephemeris = letos =
lib.recursiveUpdate defaults lib.recursiveUpdate defaults
rec { {
userName = "ical.ephemeris@web.de"; userName = "slfletos";
realName = "Kieran from iCal Ephemeris"; address = "letos.sprachlit@hu-berlin.de";
address = userName; passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-letos.path}";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-ical-ephemeris.path}"; imap.host = "mailbox.cms.hu-berlin.de";
imap.host = "imap.web.de";
imap.port = 993; imap.port = 993;
smtp.host = "smtp.web.de"; smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 587; smtp.port = 25;
smtp.tls.useStartTls = true; smtp.tls.useStartTls = true;
}; };
posteo = posteo =

2
configs/bash.nix
View File

@@ -5,6 +5,6 @@
interactiveShellInit = '' interactiveShellInit = ''
set -o vi set -o vi
''; '';
completion.enable = true; enableCompletion = true;
}; };
} }

12
configs/bots/autorenkalender.nix
View File

@@ -1,9 +1,17 @@
{ {
pkgs,
lib,
config, config,
inputs,
... ...
}: let }: let
autorenkalender = inputs.autorenkalender.packages.x86_64-linux.default; autorenkalender-package = pkgs.fetchFromGitHub {
owner = "kmein";
repo = "autorenkalender";
rev = "cf49a7b057301332d980eb47042a626add93db66";
sha256 = "1pa7sjg33vdnjianrqldv445jdzzv3mn231ljk1j58hs0cd505gs";
};
autorenkalender =
pkgs.python3Packages.callPackage autorenkalender-package {};
in { in {
niveum.bots.autorenkalender = { niveum.bots.autorenkalender = {
enable = true; enable = true;

20
configs/bots/smyth.nix
View File

@@ -20,31 +20,15 @@
command = toString (pkgs.writers.writeDash "random-smyth" '' command = toString (pkgs.writers.writeDash "random-smyth" ''
set -efu set -efu
good_curl() {
${pkgs.curl}/bin/curl "$@" \
--compressed \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \
-H 'Accept-Language: en-US,en;q=0.5' \
-H 'DNT: 1' \
-H 'Connection: keep-alive' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'Sec-Fetch-Dest: document' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-Site: cross-site' \
-H 'Priority: u=0, i' \
-H 'Pragma: no-cache' \
-H 'Cache-Control: no-cache'
}
RANDOM_SECTION=$( RANDOM_SECTION=$(
good_curl -sSL http://www.perseus.tufts.edu/hopper/xmltoc?doc=Perseus%3Atext%3A1999.04.0007%3Asmythp%3D1 \ ${pkgs.curl}/bin/curl -sSL http://www.perseus.tufts.edu/hopper/xmltoc?doc=Perseus%3Atext%3A1999.04.0007%3Asmythp%3D1 \
| ${pkgs.gnugrep}/bin/grep -o 'ref="[^"]*"' \ | ${pkgs.gnugrep}/bin/grep -o 'ref="[^"]*"' \
| ${pkgs.coreutils}/bin/shuf -n1 \ | ${pkgs.coreutils}/bin/shuf -n1 \
| ${pkgs.gnused}/bin/sed 's/^ref="//;s/"$//' | ${pkgs.gnused}/bin/sed 's/^ref="//;s/"$//'
) )
url="http://www.perseus.tufts.edu/hopper/text?doc=$RANDOM_SECTION" url="http://www.perseus.tufts.edu/hopper/text?doc=$RANDOM_SECTION"
good_curl -sSL "$url"\ ${pkgs.curl}/bin/curl -sSL "$url"\
| ${pkgs.htmlq}/bin/htmlq '#text_main' \ | ${pkgs.htmlq}/bin/htmlq '#text_main' \
| ${pkgs.gnused}/bin/sed 's/<\/\?hr>//g' \ | ${pkgs.gnused}/bin/sed 's/<\/\?hr>//g' \
| ${pkgs.pandoc}/bin/pandoc -f html -t plain --wrap=none | ${pkgs.pandoc}/bin/pandoc -f html -t plain --wrap=none

6
configs/browser.nix
View File

@@ -6,7 +6,7 @@
}: { }: {
environment.systemPackages = [ environment.systemPackages = [
niveumPackages.cro niveumPackages.cro
pkgs.tor-browser pkgs.tor-browser-bundle-bin
pkgs.firefox pkgs.firefox
pkgs.brave pkgs.brave
]; ];
@@ -82,9 +82,5 @@
}; };
}; };
home-manager.users.me = {
stylix.targets.firefox.profileNames = ["default"];
};
environment.variables.BROWSER = "firefox"; environment.variables.BROWSER = "firefox";
} }

19
configs/default.nix
View File

@@ -3,6 +3,7 @@
lib, lib,
config, config,
niveumPackages, niveumPackages,
unstablePackages,
inputs, inputs,
... ...
}: }:
@@ -23,9 +24,12 @@ in
config = { config = {
allowUnfree = true; allowUnfree = true;
packageOverrides = pkgs: { packageOverrides = pkgs: {
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"''; dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.wofi}/bin/wofi -dmenu "$@"'';
}; };
permittedInsecurePackages = [ permittedInsecurePackages = [
"qtwebkit-5.212.0-alpha4"
"zotero-6.0.26"
"electron-25.9.0"
]; ];
}; };
}; };
@@ -95,14 +99,14 @@ in
{ {
o = "${pkgs.xdg-utils}/bin/xdg-open"; o = "${pkgs.xdg-utils}/bin/xdg-open";
ns = "nix-shell --run zsh"; ns = "nix-shell --run zsh";
pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in"; pbcopy = "${pkgs.wl-clipboard}/bin/wl-copy";
pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out"; pbpaste = "${pkgs.wl-clipboard}/bin/wl-paste";
tmux = "${pkgs.tmux}/bin/tmux -2"; tmux = "${pkgs.tmux}/bin/tmux -2";
sxiv = swallow "${pkgs.nsxiv}/bin/nsxiv"; sxiv = swallow "${pkgs.nsxiv}/bin/nsxiv";
zathura = swallow "${pkgs.zathura}/bin/zathura"; zathura = swallow "${pkgs.zathura}/bin/zathura";
im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM"; im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link
yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata --audio-format mp3 --audio-quality 0 -xic"; # Download with audio yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata --audio-format opus --audio-quality 0 -xic"; # Download with audio
}; };
} }
{ {
@@ -211,13 +215,15 @@ in
./direnv.nix ./direnv.nix
./docker.nix ./docker.nix
./dunst.nix ./dunst.nix
./flix.nix
./fonts.nix ./fonts.nix
./fzf.nix ./fzf.nix
./git.nix ./git.nix
./hledger.nix ./hledger.nix
./htop.nix ./htop.nix
./uni.nix ./fu-berlin.nix
./i3.nix ./i3.nix
./niri.nix
./i3status-rust.nix ./i3status-rust.nix
./keyboard.nix ./keyboard.nix
./mycelium.nix ./mycelium.nix
@@ -231,8 +237,8 @@ in
./nix.nix ./nix.nix
./newsboat.nix ./newsboat.nix
./flameshot.nix ./flameshot.nix
./fritzbox.nix
./packages.nix ./packages.nix
./virtualization.nix
./picom.nix ./picom.nix
./stardict.nix ./stardict.nix
./polkit.nix ./polkit.nix
@@ -257,6 +263,7 @@ in
''; '';
} }
./tor.nix ./tor.nix
./stw-berlin.nix
./mastodon-bot.nix ./mastodon-bot.nix
{ {
fileSystems."${remoteDir}/fritz" = { fileSystems."${remoteDir}/fritz" = {

3
configs/flameshot.nix
View File

@@ -5,6 +5,7 @@
}: { }: {
home-manager.users.me = { home-manager.users.me = {
services.flameshot = { services.flameshot = {
package = pkgs.flameshot.override { enableWlrSupport = true; };
enable = true; enable = true;
settings.General = { settings.General = {
autoCloseIdleDaemon = true; autoCloseIdleDaemon = true;
@@ -15,7 +16,7 @@
showHelp = false; showHelp = false;
squareMagnifier = true; squareMagnifier = true;
uploadWithoutConfirmation = true; uploadWithoutConfirmation = true;
# buttons = ''@Variant(\0\0\0\x7f\0\0\0\vQList<int>\0\0\0\0\x10\0\0\0\x2\0\0\0\x5\0\0\0\x13\0\0\0\xa\0\0\0\x1\0\0\0\xc\0\0\0\xd\0\0\0\x6\0\0\0\x8\0\0\0\0\0\0\0\xf\0\0\0\x4\0\0\0\xb\0\0\0\x3\0\0\0\x12\0\0\0\x9)''; buttons = ''@Variant(\0\0\0\x7f\0\0\0\vQList<int>\0\0\0\0\x10\0\0\0\x2\0\0\0\x5\0\0\0\x13\0\0\0\xa\0\0\0\x1\0\0\0\xc\0\0\0\xd\0\0\0\x6\0\0\0\x8\0\0\0\0\0\0\0\xf\0\0\0\x4\0\0\0\xb\0\0\0\x3\0\0\0\x12\0\0\0\x9)'';
}; };
}; };
}; };

98
configs/flix.nix Normal file
View File

@@ -0,0 +1,98 @@
{
config,
pkgs,
...
}: let
flixLocation = "/media/flix";
flixLocationNew = "/media/flix-new";
cacheLocation = "/var/cache/flix";
indexFilename = "index";
indexFilenameNew = "index-new";
flixUser = "flix";
flixGroup = "users";
inherit (import ../lib) tmpfilesConfig;
in {
fileSystems.${flixLocation} = {
device = "prism.r:/export/download";
fsType = "nfs";
options = [
"noauto"
"noatime"
"nodiratime"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
"x-systemd.requires=tinc.retiolum.service"
"user"
"_netdev"
];
};
fileSystems.${flixLocationNew} = {
device = "//yellow.r/public";
fsType = "cifs";
options = [
"guest"
"nofail"
"noauto"
"ro"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
};
systemd.tmpfiles.rules = [
(tmpfilesConfig {
type = "d";
path = cacheLocation;
mode = "0750";
user = flixUser;
group = flixGroup;
})
];
systemd.services.flix-index = {
description = "Flix indexing service";
wants = ["network-online.target"];
script = ''
cp ${flixLocation}/index ./${indexFilename}
cp ${flixLocationNew}/index ./${indexFilenameNew}
'';
startAt = "hourly";
serviceConfig = {
Type = "oneshot";
User = flixUser;
Group = flixGroup;
WorkingDirectory = cacheLocation;
};
};
users.extraUsers.${flixUser} = {
isSystemUser = true;
createHome = true;
home = cacheLocation;
group = flixGroup;
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "mpv-simpsons" ''
set -efu
cd "${flixLocation}/download"
[ -f "${cacheLocation}/${indexFilename}" ] || exit 1
cat "${cacheLocation}/${indexFilename}" \
| ${pkgs.gnugrep}/bin/grep -i 'simpsons.*mkv' \
| shuf \
| ${pkgs.findutils}/bin/xargs -d '\n' ${pkgs.mpv}/bin/mpv
'')
(pkgs.writers.writeDashBin "flixmenu" ''
set -efu
(
${pkgs.gnused}/bin/sed 's#^\.#${flixLocation}#' ${cacheLocation}/${indexFilename}
${pkgs.gnused}/bin/sed 's#^\.#${flixLocationNew}#' ${cacheLocation}/${indexFilenameNew}
) | ${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.util-linux}/bin/setsid ${pkgs.xdg-utils}/bin/xdg-open '{}'
'')
];
}

15
configs/fonts.nix
View File

@@ -1,5 +1,6 @@
{ {
pkgs, pkgs,
config,
niveumPackages, niveumPackages,
... ...
}: let }: let
@@ -102,12 +103,12 @@ in {
lmodern lmodern
merriweather merriweather
ocr-a ocr-a
montserrat
roboto roboto
roboto-mono roboto-mono
noto-fonts noto-fonts
noto-fonts-cjk-sans noto-fonts-cjk-sans
noto-fonts-color-emoji noto-fonts-emoji
nerd-fonts.blex-mono
roboto-slab roboto-slab
scheherazade-new scheherazade-new
source-code-pro source-code-pro
@@ -115,15 +116,15 @@ in {
source-serif-pro source-serif-pro
theano theano
niveumPackages.tocharian-font niveumPackages.tocharian-font
vista-fonts vistafonts
vollkorn vollkorn
zilla-slab zilla-slab
]; # google-fonts league-of-moveable-type ]; # google-fonts league-of-moveable-type
fontconfig.defaultFonts = rec { fontconfig.defaultFonts = rec {
monospace = ["Noto Sans Mono"] ++ emoji; monospace = [config.stylix.fonts.monospace.name] ++ emoji;
serif = ["Noto Serif" "Noto Naskh Arabic" "Noto Serif Devanagari"]; serif = [config.stylix.fonts.serif.name "Scheherazade New" "Ezra SIL" "Antinoou" "Noto Serif Devanagari"];
sansSerif = ["Noto Sans Display" "Noto Naskh Arabic" "Noto Sans Hebrew" "Noto Sans Devanagari" "Noto Sans CJK JP" "Noto Sans Coptic" "Noto Sans Syriac Western"]; sansSerif = [config.stylix.fonts.sansSerif.name "Noto Sans Display" "Noto Naskh Arabic" "Noto Sans Hebrew" "Noto Sans Devanagari" "Noto Sans CJK JP" "Noto Sans Coptic" "Noto Sans Syriac Western"];
emoji = ["Noto Color Emoji"]; emoji = [config.stylix.fonts.emoji.name];
}; };
# xelatex fails with woff files # xelatex fails with woff files
# ref https://tex.stackexchange.com/questions/392144/xelatex-and-fontspec-crash-trying-to-find-woff-file-for-some-fonts-but-not-other # ref https://tex.stackexchange.com/questions/392144/xelatex-and-fontspec-crash-trying-to-find-woff-file-for-some-fonts-but-not-other

19
configs/fritzbox.nix Normal file
View File

@@ -0,0 +1,19 @@
{ config, ... }:
{
networking.firewall.allowedUDPPorts = [ 51820 ];
networking.wg-quick.interfaces.aether = {
autostart = false;
dns = ["192.168.178.1" "fritz.box"];
listenPort = 51820;
privateKeyFile = config.age.secrets.wireguard-aether-key.path;
peers = [
{
allowedIPs = ["192.168.178.0/24" "0.0.0.0/0"];
endpoint = "lng5gx2rmssv8ge1.myfritz.net:58997";
persistentKeepalive = 25;
presharedKeyFile = config.age.secrets.wireguard-aether-psk.path;
publicKey = "8Rr7BueC0CGmycBQFS7YM7VF7Adkdc1ZcLFy8YXyOQk=";
}
];
};
}

86
configs/uni.nix → configs/fu-berlin.nix
View File

@@ -30,19 +30,7 @@ in {
}; };
}; };
accounts.email.accounts = { accounts.email.accounts = {
letos = fu-student =
lib.recursiveUpdate defaults
{
userName = "slfletos";
address = "letos.sprachlit@hu-berlin.de";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-letos.path}";
imap.host = "mailbox.cms.hu-berlin.de";
imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 25;
smtp.tls.useStartTls = true;
};
fu =
lib.recursiveUpdate defaults lib.recursiveUpdate defaults
(lib.recursiveUpdate fu-defaults (lib.recursiveUpdate fu-defaults
rec { rec {
@@ -50,6 +38,21 @@ in {
address = "kieran.meinhardt@fu-berlin.de"; address = "kieran.meinhardt@fu-berlin.de";
aliases = ["${userName}@fu-berlin.de"]; aliases = ["${userName}@fu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhak99.path}"; passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhak99.path}";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
${defaults.realName}
${pronouns}
---
Studentische Hilfskraft / ZODIAC
Freie Universität Berlin
Telefon: +49 30 838 58118
Arnimallee 10, Raum 106, 14195 Berlin
'';
};
himalaya = { himalaya = {
enable = true; enable = true;
settings.backend = "imap"; settings.backend = "imap";
@@ -65,12 +68,6 @@ in {
group = config.users.users.me.group; group = config.users.users.me.group;
mode = "400"; mode = "400";
}; };
email-password-letos = {
file = ../secrets/email-password-letos.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
fu-sftp-key = { fu-sftp-key = {
file = ../secrets/fu-sftp-key.age; file = ../secrets/fu-sftp-key.age;
owner = "root"; owner = "root";
@@ -113,31 +110,24 @@ in {
]; ];
}; };
}; };
in home-directory-mount "meinhak99"; in {
"${remoteDir}/fu/zodiac" = {
device = "//trove.storage.fu-berlin.de/GESCHKULT";
fsType = "cifs";
options =
fu-berlin-cifs-options
++ [
"credentials=${config.age.secrets.cifs-credentials-zodiac.path}"
];
};
} // home-directory-mount "meinhak99"
// home-directory-mount "xm7234fu";
age.secrets = {
cifs-credentials-zodiac.file = ../secrets/cifs-credentials-zodiac.age;
};
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writers.writeDashBin "hu-vpn-split" ''
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "${config.age.secrets.email-password-letos.path}")" \
--config=${
pkgs.writeText "hu-berlin-split.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = slfletos@split_tunnel
''
}
'')
(pkgs.writers.writeDashBin "hu-vpn-full" ''
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "${config.age.secrets.email-password-letos.path}")" \
--config=${
pkgs.writeText "hu-berlin-full.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = slfletos@tunnel_all
''
}
'')
(pkgs.writers.writeDashBin "fu-vpn" '' (pkgs.writers.writeDashBin "fu-vpn" ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then then
@@ -148,4 +138,16 @@ in {
fi fi
'') '')
]; ];
systemd.services.fu-vpn = {
enable = false;
wants = ["network-online.target"];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhak99.path}";
script = ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then
cat "$CREDENTIALS_DIRECTORY/password" | ${pkgs.openconnect}/bin/openconnect vpn.fu-berlin.de --user ${username} --passwd-on-stdin
fi
'';
};
} }

23
configs/git.nix
View File

@@ -29,7 +29,9 @@ in {
programs.git = { programs.git = {
enable = true; enable = true;
package = pkgs.gitFull; package = pkgs.gitFull;
settings.alias = { userName = kieran.name;
userEmail = kieran.email;
aliases = {
br = "branch"; br = "branch";
co = "checkout"; co = "checkout";
ci = "commit"; ci = "commit";
@@ -43,12 +45,19 @@ in {
graph = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all"; graph = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
}; };
ignores = ignorePaths; ignores = ignorePaths;
settings.user.name = kieran.name; extraConfig = {
settings.user.email = kieran.email; pull.ff = "only";
settings.pull.ff = "only"; rebase.autoStash = true;
settings.rebase.autoStash = true; merge.autoStash = true;
settings.merge.autoStash = true; push.autoSetupRemote = true;
settings.push.autoSetupRemove = true;
# # ref https://github.com/dandavison/delta
# core.pager = "${pkgs.delta}/bin/delta";
# interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";
# delta.navigate = true;
# merge.conflictStyle = "diff3";
# diff.colorMoved = "default";
};
}; };
}; };
} }

51
configs/i3.nix
View File

@@ -94,7 +94,7 @@ in {
services.xserver = { services.xserver = {
windowManager.i3 = { windowManager.i3 = {
enable = true; enable = true;
package = pkgs.i3; package = pkgs.i3-gaps;
}; };
}; };
@@ -113,7 +113,6 @@ in {
''; '';
}; };
home-manager.users.me = let home-manager.users.me = let
modifier = "Mod4"; modifier = "Mod4";
infoWorkspace = ""; infoWorkspace = "";
@@ -132,7 +131,7 @@ in {
border = 1; border = 1;
}; };
bars = [ bars = [
(config.home-manager.users.me.stylix.targets.i3.exportedBarConfig (config.home-manager.users.me.lib.stylix.i3.bar
// rec { // rec {
workspaceButtons = true; workspaceButtons = true;
mode = "hide"; # "dock"; mode = "hide"; # "dock";
@@ -270,7 +269,32 @@ in {
# XF86Launch1 (thinkvantage) # XF86Launch1 (thinkvantage)
}; };
in { in {
stylix.targets.i3.enable = true; wayland.windowManager.sway = {
enable = true;
config = {
menu = "rofi -modi run,ssh,window -show run";
inherit modifier modes gaps bars floating window colors keybindings;
input = {
"*" = {
xkb_layout = "de";
xkb_variant = "T3";
};
};
terminal = (defaultApplications pkgs).terminal;
up = "k";
down = "j";
left = "h";
right = "l";
seat = {
"*" = {
hide_cursor = "when-typing enable";
};
};
startup = [
{command = "echo hello";}
];
};
};
xsession.windowManager.i3 = { xsession.windowManager.i3 = {
enable = true; enable = true;
@@ -287,9 +311,19 @@ in {
assign [class="dashboard"] ${infoWorkspace} assign [class="dashboard"] ${infoWorkspace}
exec ${dashboard}/bin/dashboard exec ${dashboard}/bin/dashboard
''; '';
config = { config = lib.mkMerge [
inherit modifier gaps modes bars floating window colors; {
keybindings = keybindings // { inherit modifier gaps modes bars floating window colors keybindings;
}
{
keybindings = let
new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
move-to-new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
in {
"${modifier}+ß" = "exec ${niveumPackages.menu-calc}/bin/="; "${modifier}+ß" = "exec ${niveumPackages.menu-calc}/bin/=";
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill"; "${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85"; "${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
@@ -300,7 +334,8 @@ in {
# "${modifier}+x" = "exec ${new-workspace}"; # "${modifier}+x" = "exec ${new-workspace}";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr"; "XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr";
}; };
}; }
];
}; };
}; };
} }

144
configs/keyboard.nix
View File

@@ -2,129 +2,91 @@
pkgs, pkgs,
lib, lib,
... ...
}: }: let
let
commaSep = builtins.concatStringsSep ","; commaSep = builtins.concatStringsSep ",";
xkbOptions = [ xkbOptions = ["compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle"];
"compose:caps"
"terminate:ctrl_alt_bksp"
"grp:ctrls_toggle"
];
languages = { languages = {
deutsch = { arabic = { code = "ara"; variant = "buckwalter"; }; # ../lib/keyboards/arabic;
code = "de";
variant = "T3";
};
greek = {
code = "gr";
variant = "polytonic";
};
russian = {
code = "ru";
variant = "phonetic";
};
arabic = {
code = "ara";
variant = "buckwalter";
}; # ../lib/keyboards/arabic;
coptic = ../lib/keyboards/coptic;
avestan = ../lib/keyboards/avestan; avestan = ../lib/keyboards/avestan;
coptic = ../lib/keyboards/coptic;
deutsch = { code = "de"; variant = "T3"; };
farsi = { code = "ir"; variant = "qwerty"; };
gothic = ../lib/keyboards/gothic; gothic = ../lib/keyboards/gothic;
farsi = { greek = { code = "gr"; variant = "polytonic"; };
code = "ir"; gujarati = {code = "in"; variant = "guj-kagapa"; };
variant = "qwerty"; hebrew = {code = "il"; variant = "phonetic";};
}; russian = { code = "ru"; variant = "phonetic"; };
syriac = { sanskrit = { code = "in"; variant = "san-kagapa"; };
code = "sy"; syriac = { code = "sy"; variant = "syc_phonetic"; };
variant = "syc_phonetic"; urdu = {code = "in"; variant = "urd-phonetic"; };
};
sanskrit = {
code = "in";
variant = "san-kagapa";
};
gujarati = {
code = "in";
variant = "guj-kagapa";
};
urdu = {
code = "in";
variant = "urd-phonetic";
};
hebrew = {
code = "il";
variant = "phonetic";
};
}; };
defaultLanguage = languages.deutsch; defaultLanguage = languages.deutsch;
in in {
{
services.libinput.enable = true; services.libinput.enable = true;
# man 7 xkeyboard-config # man 7 xkeyboard-config
services.xserver = { services.xserver = {
exportConfiguration = true; # link /usr/share/X11 properly # exportConfiguration = true; # link /usr/share/X11 properly
xkb.layout = defaultLanguage.code; xkb.layout = defaultLanguage.code;
# T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png # T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png
# buckwalter: http://www.qamus.org/transliteration.htm # buckwalter: http://www.qamus.org/transliteration.htm
xkb.variant = defaultLanguage.variant; xkb.variant = defaultLanguage.variant;
xkb.options = commaSep xkbOptions; xkb.options = commaSep xkbOptions;
xkb.dir = pkgs.symlinkJoin { xkb.extraLayouts = {
name = "x-keyboard-directory"; "coptic" = {
paths = [ languages = ["cop"];
"${pkgs.xkeyboard_config}/etc/X11/xkb" description = "Coptic";
(pkgs.linkFarm "custom-x-keyboards" ( symbolsFile = ../lib/keyboards/coptic;
lib.mapAttrsToList (name: value: { };
name = "symbols/${name}"; "gothic" = {
path = value; languages = ["got"];
}) (lib.filterAttrs (_: value: !(value ? "code")) languages) description = "Gothic";
++ [ symbolsFile = ../lib/keyboards/gothic;
{ };
name = "symbols/ir"; "avestan" = {
path = ../lib/keyboards/farsi; languages = ["ave"];
} description = "Avestan";
] symbolsFile = ../lib/keyboards/avestan;
)) };
]; "farsi-good" = {
languages = ["fas"];
description = "Farsi, but good";
symbolsFile = ../lib/keyboards/farsi;
};
}; };
}; };
environment.etc."x11-locale".source = toString pkgs.xorg.libX11 + "share/X11/locale"; environment.etc."x11-locale".source = toString pkgs.xorg.libX11 + "share/X11/locale";
home-manager.users.me = {
home.file =
lib.mapAttrs' (name: path: lib.nameValuePair ".xkb/symbols/${name}" { source = path; })
(lib.filterAttrs (_: value: !(value ? "code")) languages) // {
".xkb/symbols/ir".source = ../lib/keyboards/farsi;
};
};
console.keyMap = "de"; console.keyMap = "de";
environment.systemPackages = lib.mapAttrsToList ( environment.systemPackages =
language: settings: lib.mapAttrsToList
(language: settings:
let let
code = if settings ? "code" then settings.code else language; code = if settings ? "code" then settings.code else language;
variant = if settings ? "variant" then settings.variant else ""; variant = if settings ? "variant" then settings.variant else "";
in in
pkgs.writers.writeDashBin "kb-${language}" '' pkgs.writers.writeDashBin "kb-${language}" ''
if [ -z $SWAYSOCK ]; then ${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage.code},${code} ${defaultLanguage.variant},${variant} ${toString (map (option: "-option ${option}") xkbOptions)}
${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage.code},${code} ${defaultLanguage.variant},${variant} ${ '')
toString (map (option: "-option ${option}") xkbOptions) languages ++
} lib.mapAttrsToList
else (language: settings:
swaymsg -s $SWAYSOCK 'input * xkb_layout "${defaultLanguage.code},${code}"' let
swaymsg -s $SWAYSOCK 'input * xkb_variant "${defaultLanguage.variant},${variant}"' code = if settings ? "code" then settings.code else language;
swaymsg -s $SWAYSOCK 'input * xkb_options "${lib.concatStringsSep "," xkbOptions}"' variant = if settings ? "variant" then settings.variant else "";
fi in
'' pkgs.writers.writeDashBin "kb-niri-${language}" ''
) languages; ${pkgs.gnused}/bin/sed -i 's/^\(\s*layout\) ".*"$/\1 "${defaultLanguage.code},${code}"/;s/^\(\s*variant\) ".*"$/\1 "${defaultLanguage.variant},${variant}"/' ~/.config/niri/config.kdl
'') languages;
# improve held key rate # improve held key rate
services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50"; services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50";
systemd.user.services.gxkb = { systemd.user.services.gxkb = {
wantedBy = [ "graphical-session.target" ]; wantedBy = ["graphical-session.target"];
serviceConfig = { serviceConfig = {
SyslogIdentifier = "gxkb"; SyslogIdentifier = "gxkb";
ExecStart = "${pkgs.gxkb}/bin/gxkb"; ExecStart = "${pkgs.gxkb}/bin/gxkb";

4
configs/mpv.nix
View File

@@ -36,8 +36,8 @@ in {
"Alt+j" = "add video-pan-y -0.05"; "Alt+j" = "add video-pan-y -0.05";
}; };
scripts = [ scripts = [
pkgs.mpvScripts.quality-menu # pkgs.mpvScripts.quality-menu
pkgs.mpvScripts.visualizer niveumPackages.mpv-visualizer
]; ];
}; };
}; };

5
configs/neovim.nix
View File

@@ -37,8 +37,8 @@
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'') (pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
(niveumPackages.vim.override { (niveumPackages.vim.override {
# stylixColors = config.lib.stylix.colors; stylixColors = config.lib.stylix.colors;
colorscheme = "base16-gruvbox-dark-medium"; # colorscheme = "base16-gruvbox-light-medium";
}) })
# language servers # language servers
@@ -46,7 +46,6 @@
pkgs.haskellPackages.haskell-language-server pkgs.haskellPackages.haskell-language-server
pkgs.texlab pkgs.texlab
pkgs.nil pkgs.nil
pkgs.gopls
pkgs.nixfmt-rfc-style pkgs.nixfmt-rfc-style
pkgs.rust-analyzer pkgs.rust-analyzer
pkgs.nodePackages.typescript-language-server pkgs.nodePackages.typescript-language-server

445
configs/niri.nix Normal file
View File

@@ -0,0 +1,445 @@
{
pkgs,
config,
niveumPackages,
lib,
...
}:
let
inherit (import ../lib) defaultApplications;
niriConfig =
let
klem = niveumPackages.klem.override {
config.dmenu = "${pkgs.dmenu}/bin/dmenu -i -p klem";
config.scripts = {
"p.r paste" = pkgs.writers.writeDash "p.r" ''
${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \
| ${pkgs.coreutils}/bin/tail --lines=1 \
| ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/'
'';
"envs.sh paste" = pkgs.writers.writeDash "envs-host" ''
${pkgs.curl}/bin/curl -F "file=@-" https://envs.sh
'';
"envs.sh shorten" = pkgs.writers.writeDash "envs-shorten" ''
${pkgs.curl}/bin/curl -F "shorten=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"go.r shorten" = pkgs.writers.writeDash "go.r" ''
${pkgs.curl}/bin/curl -fSs http://go.r -F "uri=$(${pkgs.coreutils}/bin/cat)"
'';
"4d2.org paste" = pkgs.writers.writeDash "4d2-paste" ''
${pkgs.curl}/bin/curl -F "file=@-" https://depot.4d2.org/
'';
"0x0.st shorten" = pkgs.writers.writeDash "0x0.st" ''
${pkgs.curl}/bin/curl -fSs https://0x0.st -F "shorten=$(${pkgs.coreutils}/bin/cat)"
'';
"rot13" = pkgs.writers.writeDash "rot13" ''
${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
'';
"ipa" = pkgs.writers.writeDash "ipa" ''
${niveumPackages.ipa}/bin/ipa
'';
"betacode" = pkgs.writers.writeDash "betacode" ''
${niveumPackages.betacode}/bin/betacode
'';
"curl" = pkgs.writers.writeDash "curl" ''
${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
'';
ocr = pkgs.writers.writeDash "ocr" ''
${pkgs.tesseract4}/bin/tesseract -l eng+deu - stdout
'';
emojai = pkgs.writers.writeDash "emojai" ''
${pkgs.curl}/bin/curl https://www.emojai.app/api/generate -X POST -H 'Content-Type: application/json' --data-raw "$(${pkgs.jq}/bin/jq -sR '{emoji:.}')" | ${pkgs.jq}/bin/jq -r .result
'';
"gpt-3.5" = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt35}/bin/gpt
'';
gpt-4 = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt4}/bin/gpt
'';
};
};
in
''
spawn-at-startup "${pkgs.ironbar}/bin/ironbar"
spawn-at-startup "${pkgs.xwayland-satellite}/bin/xwayland-satellite"
environment {
DISPLAY ":0"
ANKI_WAYLAND "1"
}
input {
warp-mouse-to-focus
focus-follows-mouse max-scroll-amount="0%"
keyboard {
repeat-rate 35
repeat-delay 350
track-layout "global"
xkb {
layout "de"
variant "T3"
options "ctrl:nocaps,compose:caps,grp:ctrls_toggle"
}
}
touchpad {
click-method "clickfinger"
tap
dwt
dwtp
}
}
prefer-no-csd
hotkey-overlay {
skip-at-startup
}
layout {
gaps 5
default-column-width {
proportion 0.5
}
preset-column-widths {
proportion 0.33333
proportion 0.5
proportion 0.66667
}
focus-ring {
width 2
}
shadow {
// on
softness 30
spread 5
offset x=0 y=5
draw-behind-window true
color "#00000070"
// inactive-color "#00000054"
}
tab-indicator {
// off
hide-when-single-tab
place-within-column
gap 5
width 4
length total-proportion=1.0
position "right"
gaps-between-tabs 2
corner-radius 8
active-color "red"
inactive-color "gray"
urgent-color "blue"
// active-gradient from="#80c8ff" to="#bbddff" angle=45
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
// urgent-gradient from="#800" to="#a33" angle=45
}
border {
off
}
}
animations {
// off
workspace-switch {
spring damping-ratio=1.0 stiffness=1000 epsilon=0.0001
}
window-open {
duration-ms 150
curve "ease-out-expo"
}
window-close {
duration-ms 150
curve "ease-out-quad"
}
horizontal-view-movement {
spring damping-ratio=1.0 stiffness=800 epsilon=0.0001
}
window-movement {
spring damping-ratio=1.0 stiffness=800 epsilon=0.0001
}
window-resize {
spring damping-ratio=1.0 stiffness=800 epsilon=0.0001
}
config-notification-open-close {
spring damping-ratio=0.6 stiffness=1000 epsilon=0.001
}
screenshot-ui-open {
duration-ms 200
curve "ease-out-quad"
}
overview-open-close {
spring damping-ratio=1.0 stiffness=800 epsilon=0.0001
}
}
window-rule {
geometry-corner-radius 0
clip-to-geometry true
}
window-rule {
match app-id="mpv"
open-floating true
}
window-rule {
match app-id="rofi"
open-floating true
}
window-rule {
match app-id=r#"firefox$"# title="^Picture-in-Picture$"
open-floating true
default-floating-position x=32 y=32 relative-to="bottom-left"
}
window-rule {
match is-window-cast-target=true
border {
on
width 3
active-color "#f38ba8"
inactive-color "#7d0d2d"
}
}
binds {
Mod+Shift+Slash { show-hotkey-overlay; }
Mod+Return { spawn "${(defaultApplications pkgs).terminal}"; }
Mod+D { spawn "${pkgs.wofi}/bin/wofi" "--show" "run"; }
Mod+Shift+D { spawn "${niveumPackages.notemenu}/bin/notemenu"; }
Mod+T { spawn "${(defaultApplications pkgs).fileManager}"; }
Mod+Y { spawn "${(defaultApplications pkgs).browser}"; }
Mod+P { spawn "${niveumPackages.passmenu}/bin/passmenu"; }
Mod+U { spawn "${niveumPackages.unicodmenu}/bin/unicodmenu"; }
Mod+Shift+Z { toggle-window-floating; }
Mod+B { spawn "${pkgs.ironbar}/bin/ironbar" "bar" "bar-1337" "toggle-visible"; }
Mod+F12 { spawn "${klem}/bin/klem"; }
Mod+Shift+Q { close-window; }
XF86AudioRaiseVolume allow-when-locked=true { spawn "${pkgs.pamixer}/bin/pamixer -i 5"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "${pkgs.pamixer}/bin/pamixer -d 5"; }
XF86AudioMute allow-when-locked=true { spawn "${pkgs.pamixer}/bin/pamixer -t"; }
XF86AudioPause allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl play-pause"; }
XF86AudioPlay allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl play-pause"; }
XF86AudioNext allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl next"; }
XF86AudioPrev allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl previous"; }
XF86AudioStop allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl stop"; }
Print { spawn "flameshot gui"; }
Mod+Shift+W { spawn "swaylock"; }
Mod+Comma { consume-or-expel-window-left; }
Mod+Period { consume-or-expel-window-right; }
Mod+W { toggle-column-tabbed-display; }
Mod+A repeat=false { toggle-overview; }
Mod+F { maximize-column; }
Mod+C { center-column; }
Mod+Minus { set-column-width "-25%"; }
Mod+Plus { set-column-width "+25%"; }
Mod+Ctrl+0 { spawn "niri" "msg" "action" "switch-layout" "0"; }
Mod+Ctrl+1 { spawn "niri" "msg" "action" "switch-layout" "1"; }
Mod+Ctrl+2 { spawn "niri" "msg" "action" "switch-layout" "2"; }
Mod+Ctrl+3 { spawn "niri" "msg" "action" "switch-layout" "3"; }
Mod+Ctrl+4 { spawn "niri" "msg" "action" "switch-layout" "4"; }
Mod+Ctrl+5 { spawn "niri" "msg" "action" "switch-layout" "5"; }
Mod+Ctrl+6 { spawn "niri" "msg" "action" "switch-layout" "6"; }
Mod+Ctrl+7 { spawn "niri" "msg" "action" "switch-layout" "7"; }
Mod+Ctrl+8 { spawn "niri" "msg" "action" "switch-layout" "8"; }
Mod+Ctrl+9 { spawn "niri" "msg" "action" "switch-layout" "9"; }
Mod+H { focus-column-or-monitor-left; }
Mod+J { focus-window-or-workspace-down; }
Mod+K { focus-window-or-workspace-up; }
Mod+L { focus-column-or-monitor-right; }
Mod+Shift+H { move-column-left-or-to-monitor-left; }
Mod+Shift+J { move-window-down-or-to-workspace-down; }
Mod+Shift+K { move-window-up-or-to-workspace-up; }
Mod+Shift+L { move-column-right-or-to-monitor-right; }
Mod+Ctrl+H { focus-monitor-left; }
Mod+Ctrl+J { focus-monitor-down; }
Mod+Ctrl+K { focus-monitor-up; }
Mod+Ctrl+L { focus-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-workspace-down; }
Mod+Shift+Ctrl+K { move-column-to-workspace-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
Mod+Shift+Alt+Ctrl+H { move-workspace-to-monitor-left; }
Mod+Shift+Alt+Ctrl+J { move-workspace-down; }
Mod+Shift+Alt+Ctrl+K { move-workspace-up; }
Mod+Shift+Alt+Ctrl+L { move-workspace-to-monitor-right; }
Mod+1 { focus-workspace 1; }
Mod+2 { focus-workspace 2; }
Mod+3 { focus-workspace 3; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+0 { focus-workspace 10; }
Mod+Shift+1 { move-window-to-workspace "1"; }
Mod+Shift+2 { move-window-to-workspace "2"; }
Mod+Shift+3 { move-window-to-workspace "3"; }
Mod+Shift+4 { move-window-to-workspace "4"; }
Mod+Shift+5 { move-window-to-workspace "5"; }
Mod+Shift+6 { move-window-to-workspace "6"; }
Mod+Shift+7 { move-window-to-workspace "7"; }
Mod+Shift+8 { move-window-to-workspace "8"; }
Mod+Shift+9 { move-window-to-workspace "9"; }
Mod+Shift+0 { move-window-to-workspace "0"; }
}
'';
in
{
system.activationScripts.niriConfig = {
text = ''
cp ${pkgs.writeText "config.kdl" niriConfig} ${config.users.users.me.home}/.config/niri/config.kdl
chown ${config.users.users.me.name}:${config.users.users.me.group} ${config.users.users.me.home}/.config/niri/config.kdl
'';
};
programs.niri.enable = true;
services.displayManager.defaultSession = lib.mkForce "niri";
home-manager.users.me = {
xdg.configFile."ironbar/style.css".text = ''
* {
font-size: 8pt;
font-family: "Gentium Plus", "BlexMono Nerd Font";
}
box, menubar, button {
background-color: unset;
box-shadow: none;
background-image: none;
}
.clock, .upower, .volume {
font-weight: unset;
}
tooltip * {
font-family: "BlexMono Nerd Font";
font-size: 7pt;
}
'';
xdg.configFile."ironbar/config.json".source = (pkgs.formats.json { }).generate "ironbar.json" {
name = "bar-1337";
height = 12;
layer = "top";
position = "bottom";
start = [ ];
center = [
{
type = "tray";
icon_size = 8;
}
{ type = "clipboard"; }
{ type = "notifications"; }
];
end = [
{
type = "upower";
icon_size = 8;
format = "{percentage}%";
}
{
type = "label";
tooltip = "{{df -h --output=size,used,avail,pcent,target}}";
label = "\t{{5000:df -h / --output=avail | tail +2}}";
}
{
type = "label";
tooltip = "{{free -Lh --si | awk '{for(i=1;i<=NF;i++){printf \"%s%s\", $i, (i%2? OFS: ORS)} if(NF%2) printf ORS}'}}";
label = "󰍛\t{{500:free -h --si | awk 'NR==2{printf $3 \"\\n\"}'}}";
}
{
type = "label";
tooltip = "{{}}";
on_click_left = "pamixer -t";
on_scroll_up = "pamixer -i 1";
on_scroll_down = "pamixer -d 1";
label = "{{500:if $(pamixer --get-mute) = true; then echo ; else echo ; fi}}\t{{500:pamixer --get-volume}}%";
}
{
type = "label";
tooltip = "{{uptime}}";
label = "\t{{500:uptime | sed 's/.*load average: \\([^ ]*\\);.*/\\1/' | tr ' ' '\n'}}";
}
{
type = "label";
tooltip = "{{khal list today today -d astro-test-3 }}";
label = "";
}
{
type = "label";
tooltip = "{{curl wttr.in/?0 | ${pkgs.ansifilter}/bin/ansifilter}}";
label = "󰔏";
}
{
type = "label";
name = "cal";
tooltip = "{{cal}}";
label = "{{500:date +'<U+F017>\t%Y-%m-%d (%W %a) %H:%M'}}";
}
];
};
programs.alacritty.enable = true; # Super+T in the default setting (terminal)
programs.swaylock.enable = true; # Super+Alt+L in the default setting (screen locker)
services.swaync = {
enable = true;
settings = {
notification-window-width = 300;
control-center-width = 300;
widgets = [
"volume"
"mpris"
"title"
"dnd"
"notifications"
];
widget-config = {
title = {
text = "ϥ̄";
"clear-all-button" = true;
"button-text" = "";
};
dnd.text = "̄̄ϣ̄̄";
label.text = "";
};
};
};
services.swayidle.enable = true; # idle management daemon
home.packages = with pkgs; [
xdg-desktop-portal-gnome
swaybg
];
};
services.gnome.gnome-keyring.enable = true; # secret service
security.pam.services.swaylock = { };
}

30
configs/packages.nix
View File

@@ -4,6 +4,7 @@
lib, lib,
inputs, inputs,
niveumPackages, niveumPackages,
unstablePackages,
... ...
}: let }: let
worldradio = pkgs.callPackage ../packages/worldradio.nix {}; worldradio = pkgs.callPackage ../packages/worldradio.nix {};
@@ -62,15 +63,9 @@ in {
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
(pkgs.writers.writeDashBin "amfora" ''
${pkgs.st}/bin/st -e ${pkgs.amfora}/bin/amfora
'')
(pkgs.writers.writeDashBin "gpodder" ''
GPODDER_DOWNLOAD_DIR=${config.users.users.me.home}/mobile/audio/Text/podcasts exec ${pkgs.gpodder}/bin/gpodder "$@"
'')
# INTERNET # INTERNET
aria2 aria2
telegram-desktop tdesktop
whois whois
dnsutils dnsutils
# FILE MANAGERS # FILE MANAGERS
@@ -99,10 +94,9 @@ in {
# HARDWARE TOOLS # HARDWARE TOOLS
gnome-disk-utility gnome-disk-utility
arandr # xrandr for noobs arandr # xrandr for noobs
wdisplays
libnotify # for notify-send libnotify # for notify-send
xclip # clipboard CLI wl-clipboard # clipboard CLI
dragon-drop # drag and drop xdragon # drag and drop
xorg.xkill # kill by clicking xorg.xkill # kill by clicking
portfolio # personal finance overview portfolio # personal finance overview
audacity audacity
@@ -120,23 +114,22 @@ in {
zoom-us # video conferencing zoom-us # video conferencing
(pkgs.writers.writeDashBin "im" '' (pkgs.writers.writeDashBin "im" ''
weechat_password=$(${pkgs.pass}/bin/pass weechat) weechat_password=$(${pkgs.pass}/bin/pass weechat)
exec ${weechat}/bin/weechat -t -r '/mouse enable; /remote add makanek http://${externalNetwork.makanek}:8002 -password='"$weechat_password"'; /remote connect makanek' exec ${unstablePackages.weechat}/bin/weechat -t -r '/mouse enable; /remote add makanek http://${externalNetwork.makanek}:8002 -password='"$weechat_password"'; /remote connect makanek'
'') '')
alejandra # nix formatter alejandra # nix formatter
pdfgrep # search in pdf pdfgrep # search in pdf
pdftk # pdf toolkit pdftk # pdf toolkit
mupdf mupdf
poppler-utils # pdf toolkit poppler_utils # pdf toolkit
kdePackages.okular # the word is nucular kdePackages.okular # the word is nucular
xournalpp # for annotating pdfs xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides pdfpc # presenter console for pdf slides
niveumPackages.hc # print files as qr codes # niveumPackages.hc # print files as qr codes
yt-dlp yt-dlp
espeak espeak
rink # unit converter rink # unit converter
niveumPackages.auc niveumPackages.auc
niveumPackages.noise-waves niveumPackages.noise-waves
niveumPackages.stag
niveumPackages.cheat-sh niveumPackages.cheat-sh
niveumPackages.polyglot niveumPackages.polyglot
niveumPackages.qrpaste niveumPackages.qrpaste
@@ -151,6 +144,7 @@ in {
niveumPackages.pls niveumPackages.pls
niveumPackages.mpv-tv niveumPackages.mpv-tv
niveumPackages.mpv-iptv niveumPackages.mpv-iptv
# jellyfin-media-player
niveumPackages.devanagari niveumPackages.devanagari
niveumPackages.betacode # ancient greek betacode to unicode converter niveumPackages.betacode # ancient greek betacode to unicode converter
niveumPackages.meteo niveumPackages.meteo
@@ -203,6 +197,9 @@ in {
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars ${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'') '')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
inputs.scripts.packages.x86_64-linux.alarm inputs.scripts.packages.x86_64-linux.alarm
spotify spotify
@@ -240,9 +237,10 @@ in {
dhall dhall
html-tidy html-tidy
nodePackages.csslint
nodePackages.jsonlint
deno # better node.js deno # better node.js
go # texlive.combined.scheme-full
texlive.combined.scheme-full
latexrun latexrun
(aspellWithDicts (dict: [dict.de dict.en dict.en-computers])) (aspellWithDicts (dict: [dict.de dict.en dict.en-computers]))
# haskellPackages.pandoc-citeproc # haskellPackages.pandoc-citeproc

1
configs/spacetime.nix
View File

@@ -3,6 +3,5 @@
location = { location = {
latitude = 52.517; latitude = 52.517;
longitude = 13.3872; longitude = 13.3872;
provider = "geoclue2";
}; };
} }

2
configs/ssh.nix
View File

@@ -4,7 +4,6 @@
in { in {
users.users.me.openssh.authorizedKeys.keys = kieran.sshKeys; users.users.me.openssh.authorizedKeys.keys = kieran.sshKeys;
programs.ssh.startAgent = true; programs.ssh.startAgent = true;
services.gnome.gcr-ssh-agent.enable = false;
home-manager.users.me = { home-manager.users.me = {
# https://discourse.nixos.org/t/gnome-keyring-and-ssh-agent-without-gnome/11663 # https://discourse.nixos.org/t/gnome-keyring-and-ssh-agent-without-gnome/11663
@@ -41,7 +40,6 @@ in {
home-manager.users.me.programs.ssh = { home-manager.users.me.programs.ssh = {
enable = true; enable = true;
enableDefaultConfig = false;
matchBlocks = { matchBlocks = {
"github.com" = { "github.com" = {
hostname = "ssh.github.com"; hostname = "ssh.github.com";

52
configs/stw-berlin.nix Normal file
View File

@@ -0,0 +1,52 @@
{
pkgs,
config,
...
}: {
age.secrets.stw-berlin-card-code.file = ../secrets/stw-berlin-card-code.age;
systemd.services.stw-berlin = {
enable = true;
wants = ["network-online.target"];
startAt = "weekly";
serviceConfig = {
User = config.users.users.me.name;
Group = config.users.users.me.group;
WorkingDirectory = "/home/kfm/cloud/nextcloud/Uni/Meta/Mensa";
LoadCredential = [
"password:${config.age.secrets.stw-berlin-card-code.path}"
];
};
script = ''
KARTEN_ID=8071859
PASSWORT=$(cat "$CREDENTIALS_DIRECTORY"/password)
endpoint=https://ks.stw.berlin:4433/TL1/TLM/KASVC
authorization_header='Authorization: Basic S0FTVkM6ekt2NXlFMUxaVW12VzI5SQ=='
get_auth_token() {
${pkgs.curl}/bin/curl -sSL "$endpoint/LOGIN?karteNr=$KARTEN_ID&format=JSON&datenformat=JSON" \
-X POST \
-H "$authorization_header" \
--data-raw '{"BenutzerID":"'$KARTEN_ID'","Passwort":"'$PASSWORT'"}' \
| ${pkgs.jq}/bin/jq -r '.[0].authToken|@uri'
}
get_transactions() {
${pkgs.curl}/bin/curl -sSL "$endpoint/TRANS?format=JSON&authToken=$(get_auth_token)&karteNr=$KARTEN_ID&datumVon=12.02.2018&datumBis=$(date -d tomorrow +%d.%m.%Y)" \
-H "$authorization_header" \
| ${pkgs.jq}/bin/jq
}
get_items() {
${pkgs.curl}/bin/curl -sSL "$endpoint/TRANSPOS?format=JSON&authToken=$(get_auth_token)&karteNr=$KARTEN_ID&datumVon=12.02.2018&datumBis=$(date -d tomorrow +%d.%m.%Y)" \
-H "$authorization_header" \
| ${pkgs.jq}/bin/jq
}
get_transactions > transactions-$(date -I).json
get_items > items-$(date -I).json
'';
};
}

19
configs/stylix.nix
View File

@@ -18,7 +18,7 @@ in {
stylix.enable = true; stylix.enable = true;
stylix.image = generatedWallpaper; stylix.image = generatedWallpaper;
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-medium.yaml"; stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/ayu-light.yaml";
stylix.cursor = { stylix.cursor = {
name = "capitaine-cursors-white"; name = "capitaine-cursors-white";
@@ -26,9 +26,6 @@ in {
size = 12; size = 12;
}; };
home-manager.users.me = {
stylix.autoEnable = true;
};
# environment.etc."stylix/wallpaper.png".source = generatedWallpaper; # environment.etc."stylix/wallpaper.png".source = generatedWallpaper;
@@ -55,22 +52,22 @@ in {
stylix.fonts = { stylix.fonts = {
serif = { serif = {
package = pkgs.noto-fonts; package = pkgs.gentium;
name = "Noto Serif"; name = "Gentium Plus";
}; };
sansSerif = { sansSerif = {
package = pkgs.noto-fonts; package = pkgs.gentium;
name = "Noto Sans"; name = "Gentium Plus";
}; };
monospace = { monospace = {
package = pkgs.noto-fonts; package = pkgs.nerd-fonts.blex-mono;
name = "Noto Sans Mono"; name = "BlexMono Nerd Font";
}; };
emoji = { emoji = {
package = pkgs.noto-fonts-color-emoji; package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji"; name = "Noto Color Emoji";
}; };

11
configs/tmux.nix
View File

@@ -13,7 +13,7 @@
aggressiveResize = true; aggressiveResize = true;
escapeTime = 50; escapeTime = 50;
historyLimit = 7000; historyLimit = 7000;
shortcut = "b"; shortcut = "a";
extraConfig = '' extraConfig = ''
set -g mouse on set -g mouse on
@@ -37,6 +37,15 @@
set -g status-left-length 32 set -g status-left-length 32
set -g status-right-length 150 set -g status-right-length 150
set -g status-bg colour242
setw -g window-status-format "#[fg=colour12,bg=colour233] #I #[fg=white,bg=colour237] #W "
setw -g window-status-current-format "#[fg=colour12,bg=colour233] * #[fg=white,bg=colour237,bold] #W "
set -g status-left ""
set -g status-right "#[fg=colour255,bg=colour237,bold] #(hostname -I) #[default]#[fg=colour12,bg=colour233] %FT%R "
set -g status-justify left
set -g status-position bottom set -g status-position bottom
''; '';
}; };

14
configs/virtualization.nix
View File

@@ -1,14 +0,0 @@
{ pkgs, ... }:
{
users.users.me.extraGroups = [ "libvirtd" ];
virtualisation.libvirtd.enable = true;
# Enable TPM support for VMs
virtualisation.libvirtd.qemu = {
# swtpm.enable = true;
};
environment.systemPackages = with pkgs; [
virt-manager
];
}

5
configs/wpa_supplicant.nix
View File

@@ -1,9 +1,6 @@
{ config, ... }:
{ {
networking.wireless = { networking.wireless = {
enable = true; enable = true;
secretsFile = config.age.secrets.wifi.path; networks.Aether.pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a";
# networks.Aether.pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a";
networks.Schilfpalast.pskRaw = "ext:schilfpalast";
}; };
} }

658
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

245
flake.nix
View File

@@ -2,33 +2,32 @@
description = "niveum: packages, modules, systems"; description = "niveum: packages, modules, systems";
inputs = { inputs = {
self.submodules = true;
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
autorenkalender.url = "github:kmein/autorenkalender"; # alew-web.url = "git+ssh://gitea@code.kmein.de:22022/kfm/alew-web.git?ref=refs/heads/master";
coptic-dictionary.url = "github:kmein/coptic-dictionary"; coptic-dictionary.url = "github:kmein/coptic-dictionary";
home-manager.url = "github:nix-community/home-manager/release-25.11"; flake-utils.url = "github:numtide/flake-utils";
home-manager.url = "github:nix-community/home-manager/release-25.05";
menstruation-backend.url = "github:kmein/menstruation.rs"; menstruation-backend.url = "github:kmein/menstruation.rs";
menstruation-telegram.url = "github:kmein/menstruation-telegram"; menstruation-telegram.url = "github:kmein/menstruation-telegram";
centerpiece.url = "github:friedow/centerpiece";
nix-on-droid.url = "github:t184256/nix-on-droid/release-23.05"; nix-on-droid.url = "github:t184256/nix-on-droid/release-23.05";
nixinate.url = "github:matthewcroughan/nixinate"; nixinate.url = "github:matthewcroughan/nixinate";
nixpkgs-old.url = "github:NixOS/nixpkgs/50fc86b75d2744e1ab3837ef74b53f103a9b55a0"; nixpkgs-old.url = "github:NixOS/nixpkgs/50fc86b75d2744e1ab3837ef74b53f103a9b55a0";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/master"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nur.url = "github:nix-community/NUR"; nur.url = "github:nix-community/NUR";
recht.url = "github:kmein/recht"; recht.url = "github:kmein/recht";
retiolum.url = "github:krebs/retiolum"; retiolum.url = "github:krebs/retiolum";
rust-overlay.url = "github:oxalica/rust-overlay"; rust-overlay.url = "github:oxalica/rust-overlay";
scripts.url = "github:kmein/scripts"; scripts.url = "github:kmein/scripts";
stockholm.url = "github:krebs/stockholm"; stockholm.url = "github:krebs/stockholm";
stylix.url = "github:danth/stylix/release-25.11"; stylix.url = "github:danth/stylix/release-25.05";
telebots.url = "github:kmein/telebots"; telebots.url = "github:kmein/telebots";
tinc-graph.url = "github:kmein/tinc-graph"; tinc-graph.url = "github:kmein/tinc-graph";
voidrice.url = "github:Lukesmithxyz/voidrice"; voidrice.url = "github:Lukesmithxyz/voidrice";
wallpaper-generator.url = "github:pinpox/wallpaper-generator/v1.1"; wallpaper-generator.url = "github:pinpox/wallpaper-generator/v1.1";
wallpapers.url = "github:kmein/wallpapers"; wallpapers.url = "github:kmein/wallpapers";
autorenkalender.inputs.nixpkgs.follows = "nixpkgs";
agenix.inputs.home-manager.follows = "home-manager"; agenix.inputs.home-manager.follows = "home-manager";
agenix.inputs.nixpkgs.follows = "nixpkgs"; agenix.inputs.nixpkgs.follows = "nixpkgs";
coptic-dictionary.inputs.nixpkgs.follows = "nixpkgs"; coptic-dictionary.inputs.nixpkgs.follows = "nixpkgs";
@@ -36,122 +35,110 @@
# menstruation-backend.inputs.flake-utils.follows = "flake-utils"; # menstruation-backend.inputs.flake-utils.follows = "flake-utils";
# menstruation-backend.inputs.nixpkgs.follows = "nixpkgs"; # menstruation-backend.inputs.nixpkgs.follows = "nixpkgs";
# menstruation-backend.inputs.rust-overlay.follows = "rust-overlay"; # menstruation-backend.inputs.rust-overlay.follows = "rust-overlay";
menstruation-telegram.inputs.flake-utils.follows = "flake-utils";
menstruation-telegram.inputs.menstruation-backend.follows = "menstruation-backend"; menstruation-telegram.inputs.menstruation-backend.follows = "menstruation-backend";
menstruation-telegram.inputs.nixpkgs.follows = "nixpkgs-old"; menstruation-telegram.inputs.nixpkgs.follows = "nixpkgs-old";
nix-on-droid.inputs.home-manager.follows = "home-manager"; nix-on-droid.inputs.home-manager.follows = "home-manager";
nix-on-droid.inputs.nixpkgs.follows = "nixpkgs"; nix-on-droid.inputs.nixpkgs.follows = "nixpkgs";
recht.inputs.flake-utils.follows = "flake-utils";
recht.inputs.nixpkgs.follows = "nixpkgs"; recht.inputs.nixpkgs.follows = "nixpkgs";
rust-overlay.inputs.nixpkgs.follows = "nixpkgs"; rust-overlay.inputs.nixpkgs.follows = "nixpkgs";
scripts.inputs.flake-utils.follows = "flake-utils";
scripts.inputs.nixpkgs.follows = "nixpkgs"; scripts.inputs.nixpkgs.follows = "nixpkgs";
scripts.inputs.rust-overlay.follows = "rust-overlay"; scripts.inputs.rust-overlay.follows = "rust-overlay";
stylix.inputs.home-manager.follows = "home-manager";
stylix.inputs.nixpkgs.follows = "nixpkgs"; stylix.inputs.nixpkgs.follows = "nixpkgs";
tinc-graph.inputs.flake-utils.follows = "flake-utils";
tinc-graph.inputs.nixpkgs.follows = "nixpkgs"; tinc-graph.inputs.nixpkgs.follows = "nixpkgs";
tinc-graph.inputs.rust-overlay.follows = "rust-overlay"; tinc-graph.inputs.rust-overlay.follows = "rust-overlay";
voidrice.flake = false; voidrice.flake = false;
wallpaper-generator.inputs.flake-utils.follows = "flake-utils";
wallpapers.flake = false; wallpapers.flake = false;
}; };
outputs = nixConfig = {
inputs@{ extra-substituters = [ "https://kmein.cachix.org" ];
self, extra-trusted-public-keys = [ "kmein.cachix.org-1:rsJ2b6++VQHJ1W6rGuDUYsK/qUkFA3bNpO6PyEyJ9Ls=" ];
nixpkgs, };
nixpkgs-unstable,
nur, outputs = inputs @ {
home-manager, self,
agenix, nixpkgs,
retiolum, nixpkgs-unstable,
nixinate, nur,
flake-utils, home-manager,
nix-on-droid, agenix,
stylix, retiolum,
... nixinate,
}: flake-utils,
let nix-on-droid,
lib = nixpkgs.lib; centerpiece,
eachSupportedSystem = lib.genAttrs lib.systems.flakeExposed; stylix,
in ...
}:
{ {
apps = { apps = {
x86_64-darwin = x86_64-darwin = let
let pkgs = nixpkgs.legacyPackages.x86_64-darwin;
pkgs = nixpkgs.legacyPackages.x86_64-darwin; in {
in deploy-maakaron = {
{ type = "app";
deploy-maakaron = { program = toString (pkgs.writers.writeDash "deploy-maakaron" ''
type = "app"; exec $(nix build .#homeConfigurations.maakaron.activationPackage --no-link --print-out-paths)/activate
program = toString ( '');
pkgs.writers.writeDash "deploy-maakaron" ''
exec $(nix build .#homeConfigurations.maakaron.activationPackage --no-link --print-out-paths)/activate
''
);
};
}; };
x86_64-linux = };
let x86_64-linux = let
pkgs = nixpkgs.legacyPackages.x86_64-linux; pkgs = nixpkgs.legacyPackages.x86_64-linux;
lib = nixpkgs.lib; lib = nixpkgs.lib;
in in
nixinate.nixinate.x86_64-linux self nixinate.nixinate.x86_64-linux self
// { // {
mock-secrets = { mock-secrets = {
type = "app"; type = "app";
program = toString ( program = toString (pkgs.writers.writeDash "mock-secrets" ''
pkgs.writers.writeDash "mock-secrets" '' ${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f | ${pkgs.coreutils}/bin/sort > secrets.txt
${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f | ${pkgs.coreutils}/bin/sort > secrets.txt '');
''
);
}; };
} }
# the following error prevents remote building of ful: https://github.com/NixOS/nixpkgs/issues/177873 # the following error prevents remote building of ful: https://github.com/NixOS/nixpkgs/issues/177873
// builtins.listToAttrs ( // builtins.listToAttrs (map (hostname: let
map ( externalNetwork = import ./lib/external-network.nix;
hostname: targets = {
let ful = "root@ful";
externalNetwork = import ./lib/external-network.nix; zaatar = "root@zaatar";
targets = { makanek = "root@makanek";
ful = "root@ful"; manakish = "root@manakish";
zaatar = "root@zaatar"; tahina = "root@tahina";
makanek = "root@makanek"; tabula = "root@tabula";
manakish = "root@manakish"; kabsa = "root@kabsa";
tahina = "root@tahina"; fatteh = "root@fatteh";
tabula = "root@tabula"; kibbeh = "root@kibbeh";
kabsa = "root@kabsa"; };
fatteh = "root@fatteh"; in
kibbeh = "root@kibbeh"; lib.attrsets.nameValuePair "deploy-${hostname}" {
}; type = "app";
in program = toString (pkgs.writers.writeDash "deploy-${hostname}" ''
lib.attrsets.nameValuePair "deploy-${hostname}" { exec ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch \
type = "app"; --max-jobs 2 \
program = toString ( --log-format internal-json \
pkgs.writers.writeDash "deploy-${hostname}" '' --flake .?submodules=1#${hostname} \
exec ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch \ --target-host ${targets.${hostname}} 2>&1 \
--max-jobs 2 \ | ${pkgs.nix-output-monitor}/bin/nom --json
--log-format internal-json \ '');
--flake .#${hostname} \ }) (builtins.attrNames self.nixosConfigurations))
--target-host ${targets.${hostname}} 2>&1 \
| ${pkgs.nix-output-monitor}/bin/nom --json
''
);
}
) (builtins.attrNames self.nixosConfigurations)
)
// { // {
deploy-ful = { deploy-ful = {
type = "app"; type = "app";
program = toString ( program = toString (pkgs.writers.writeDash "deploy-ful" ''
pkgs.writers.writeDash "deploy-ful" '' exec ${pkgs.nix}/bin/nix run .?submodules=1#nixinate.ful \
exec ${pkgs.nix}/bin/nix run .#nixinate.ful \ --log-format internal-json 2>&1 \
--log-format internal-json 2>&1 \ | ${pkgs.nix-output-monitor}/bin/nom --json
| ${pkgs.nix-output-monitor}/bin/nom --json '');
''
);
}; };
}; };
}; };
# TODO overlay for packages
# TODO remove flake-utils dependency from my own repos
nixosModules = { nixosModules = {
htgen = import modules/htgen.nix; htgen = import modules/htgen.nix;
moodle-dl = import modules/moodle-dl.nix; moodle-dl = import modules/moodle-dl.nix;
@@ -161,7 +148,6 @@
power-action = import modules/power-action.nix; power-action = import modules/power-action.nix;
system-dependent = import modules/system-dependent.nix; system-dependent = import modules/system-dependent.nix;
telegram-bot = import modules/telegram-bot.nix; telegram-bot = import modules/telegram-bot.nix;
go-webring = import modules/go-webring.nix;
}; };
lib = { lib = {
@@ -170,10 +156,10 @@
nixOnDroidConfigurations = { nixOnDroidConfigurations = {
moto = nix-on-droid.lib.nixOnDroidConfiguration { moto = nix-on-droid.lib.nixOnDroidConfiguration {
modules = [ systems/moto/configuration.nix ]; modules = [systems/moto/configuration.nix];
pkgs = import nixpkgs { pkgs = import nixpkgs {
system = "aarch64-linux"; system = "aarch64-linux";
overlays = [ nix-on-droid.overlays.default ]; overlays = [nix-on-droid.overlays.default];
}; };
extraSpecialArgs = { extraSpecialArgs = {
niveumPackages = inputs.self.packages.aarch64-linux; niveumPackages = inputs.self.packages.aarch64-linux;
@@ -185,14 +171,13 @@
}; };
homeConfigurations = { homeConfigurations = {
maakaron = maakaron = let
let system = "x86_64-darwin";
system = "x86_64-darwin"; pkgs = nixpkgs.legacyPackages.${system};
pkgs = nixpkgs.legacyPackages.${system}; in
in
home-manager.lib.homeManagerConfiguration { home-manager.lib.homeManagerConfiguration {
inherit pkgs; inherit pkgs;
modules = [ ./systems/maakaron/home.nix ]; modules = [./systems/maakaron/home.nix];
extraSpecialArgs = { extraSpecialArgs = {
inherit inputs; inherit inputs;
niveumPackages = inputs.self.packages.${system}; niveumPackages = inputs.self.packages.${system};
@@ -224,7 +209,6 @@
agenix.nixosModules.default agenix.nixosModules.default
inputs.self.nixosModules.passport inputs.self.nixosModules.passport
inputs.self.nixosModules.panoptikon inputs.self.nixosModules.panoptikon
inputs.self.nixosModules.go-webring
inputs.self.nixosModules.htgen inputs.self.nixosModules.htgen
inputs.stockholm.nixosModules.reaktor2 inputs.stockholm.nixosModules.reaktor2
retiolum.nixosModules.retiolum retiolum.nixosModules.retiolum
@@ -257,7 +241,6 @@
systems/kibbeh/configuration.nix systems/kibbeh/configuration.nix
agenix.nixosModules.default agenix.nixosModules.default
retiolum.nixosModules.retiolum retiolum.nixosModules.retiolum
home-manager.nixosModules.home-manager
]; ];
}; };
makanek = nixpkgs.lib.nixosSystem rec { makanek = nixpkgs.lib.nixosSystem rec {
@@ -329,29 +312,29 @@
]; ];
}; };
}; };
}
packages = eachSupportedSystem (system: let // flake-utils.lib.eachSystem [flake-utils.lib.system.x86_64-linux flake-utils.lib.system.x86_64-darwin flake-utils.lib.system.aarch64-linux] (system: let
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
config.allowUnfree = true; overlays = [
overlays = [ nur.overlays.default
nur.overlays.default (self: super: {
(self: super: { mpv = super.mpv.override {scripts = [inputs.self.packages.${system}.mpv-visualizer super.mpvScripts.mpris];};
mpv = super.mpv.override {scripts = [inputs.self.packages.${system}.mpv-visualizer super.mpvScripts.mpris];}; dmenu = super.writers.writeDashBin "dmenu" ''exec ${pkgs.wofi}/bin/wofi --dmenu "$@"'';
dmenu = super.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"''; })
}) ];
]; };
}; unstablePackages = import nixpkgs-unstable {
unstablePackages = import nixpkgs-unstable { inherit system;
inherit system; };
}; wrapScript = {
wrapScript = { packages ? [],
packages ? [], name,
name, script,
script, }:
}: pkgs.writers.writeDashBin name ''PATH=$PATH:${nixpkgs.lib.makeBinPath (packages ++ [pkgs.findutils pkgs.coreutils pkgs.gnused pkgs.gnugrep])} ${script} "$@"'';
pkgs.writers.writeDashBin name ''PATH=$PATH:${nixpkgs.lib.makeBinPath (packages ++ [pkgs.findutils pkgs.coreutils pkgs.gnused pkgs.gnugrep])} ${script} "$@"''; in {
in { packages = rec {
auc = pkgs.callPackage packages/auc.nix {}; auc = pkgs.callPackage packages/auc.nix {};
betacode = pkgs.callPackage packages/betacode.nix {}; betacode = pkgs.callPackage packages/betacode.nix {};
brainmelter = pkgs.callPackage packages/brainmelter.nix {}; brainmelter = pkgs.callPackage packages/brainmelter.nix {};
@@ -417,7 +400,6 @@
q = pkgs.callPackage packages/q.nix {}; q = pkgs.callPackage packages/q.nix {};
qrpaste = pkgs.callPackage packages/qrpaste.nix {}; qrpaste = pkgs.callPackage packages/qrpaste.nix {};
random-zeno = pkgs.callPackage packages/random-zeno.nix {}; random-zeno = pkgs.callPackage packages/random-zeno.nix {};
go-webring = pkgs.callPackage packages/go-webring.nix {};
rfc = pkgs.callPackage packages/rfc.nix {}; rfc = pkgs.callPackage packages/rfc.nix {};
gimp = pkgs.callPackage packages/gimp.nix {}; gimp = pkgs.callPackage packages/gimp.nix {};
scanned = pkgs.callPackage packages/scanned.nix {}; scanned = pkgs.callPackage packages/scanned.nix {};
@@ -425,11 +407,11 @@
text2pdf = pkgs.callPackage packages/text2pdf.nix {}; text2pdf = pkgs.callPackage packages/text2pdf.nix {};
timer = pkgs.callPackage packages/timer.nix {}; timer = pkgs.callPackage packages/timer.nix {};
tocharian-font = pkgs.callPackage packages/tocharian-font.nix {}; tocharian-font = pkgs.callPackage packages/tocharian-font.nix {};
passmenu = pkgs.callPackage packages/passmenu.nix {};
trans = pkgs.callPackage packages/trans.nix {}; trans = pkgs.callPackage packages/trans.nix {};
ttspaste = pkgs.callPackage packages/ttspaste.nix {}; ttspaste = pkgs.callPackage packages/ttspaste.nix {};
unicodmenu = pkgs.callPackage packages/unicodmenu.nix {}; unicodmenu = pkgs.callPackage packages/unicodmenu.nix {};
emailmenu = pkgs.callPackage packages/emailmenu.nix {}; emailmenu = pkgs.callPackage packages/emailmenu.nix {};
stag = pkgs.callPackage packages/stag.nix {};
untilport = pkgs.callPackage packages/untilport.nix {}; untilport = pkgs.callPackage packages/untilport.nix {};
vg = pkgs.callPackage packages/vg.nix {}; vg = pkgs.callPackage packages/vg.nix {};
vim = pkgs.callPackage packages/vim.nix {niveumPackages = self.packages.${system};}; vim = pkgs.callPackage packages/vim.nix {niveumPackages = self.packages.${system};};
@@ -439,8 +421,6 @@
vimPlugins-icalendar-vim = pkgs.callPackage packages/vimPlugins/icalendar-vim.nix {}; vimPlugins-icalendar-vim = pkgs.callPackage packages/vimPlugins/icalendar-vim.nix {};
vimPlugins-jq-vim = pkgs.callPackage packages/vimPlugins/jq-vim.nix {}; vimPlugins-jq-vim = pkgs.callPackage packages/vimPlugins/jq-vim.nix {};
vimPlugins-typst-vim = pkgs.callPackage packages/vimPlugins/typst-vim.nix {}; vimPlugins-typst-vim = pkgs.callPackage packages/vimPlugins/typst-vim.nix {};
vimPlugins-mdwa-nvim = pkgs.callPackage packages/vimPlugins/mdwa-nvim.nix {};
vimPlugins-vim-ernest = pkgs.callPackage packages/vimPlugins/vim-ernest.nix {};
vimPlugins-vim-256noir = pkgs.callPackage packages/vimPlugins/vim-256noir.nix {}; vimPlugins-vim-256noir = pkgs.callPackage packages/vimPlugins/vim-256noir.nix {};
vimPlugins-vim-colors-paramount = pkgs.callPackage packages/vimPlugins/vim-colors-paramount.nix {}; vimPlugins-vim-colors-paramount = pkgs.callPackage packages/vimPlugins/vim-colors-paramount.nix {};
vimPlugins-vim-fetch = pkgs.callPackage packages/vimPlugins/vim-fetch.nix {}; vimPlugins-vim-fetch = pkgs.callPackage packages/vimPlugins/vim-fetch.nix {};
@@ -452,6 +432,9 @@
weechatScripts-hotlist2extern = pkgs.callPackage packages/weechatScripts/hotlist2extern.nix {}; weechatScripts-hotlist2extern = pkgs.callPackage packages/weechatScripts/hotlist2extern.nix {};
wttr = pkgs.callPackage packages/wttr.nix {}; wttr = pkgs.callPackage packages/wttr.nix {};
itl = pkgs.callPackage packages/itl.nix {};
itools = pkgs.callPackage packages/itools.nix {itl = itl;};
booksplit = wrapScript { booksplit = wrapScript {
script = inputs.voidrice.outPath + "/.local/bin/booksplit"; script = inputs.voidrice.outPath + "/.local/bin/booksplit";
name = "booksplit"; name = "booksplit";
@@ -463,6 +446,6 @@
name = "tag"; name = "tag";
packages = [pkgs.ffmpeg]; packages = [pkgs.ffmpeg];
}; };
}); };
}; });
} }

10
lib/local-network.nix
View File

@@ -1,4 +1,10 @@
{ {
officejet = "192.168.0.251"; toum = "192.168.178.24";
router = "192.168.0.1"; zaatar = "192.168.178.21";
kabsa = "192.168.178.32";
android = "192.168.178.35";
manakish = "192.168.178.29";
officejet = "192.168.178.27";
fritzbox = "192.168.178.1";
} }

8
lib/streams.nix
View File

@@ -2029,14 +2029,6 @@ in
stream = "av://lavfi:anoisesrc=color=brown"; stream = "av://lavfi:anoisesrc=color=brown";
station = "Brownian noise"; station = "Brownian noise";
} }
{
stream = "https://st03.sslstream.dlf.de/dlf/03/high/aac/stream.aac";
station = "Deutschlandfunk Nova";
}
{
stream = "https://samaaisb107-itelservices.radioca.st/stream";
station = "Samaa FM 107.4 Pakistan";
}
] ]
++ map (name: { ++ map (name: {
stream = "https://${name}.stream.publicradio.org/${name}.aac"; stream = "https://${name}.stream.publicradio.org/${name}.aac";

175
lib/style.css Normal file
View File

@@ -0,0 +1,175 @@
* {
font-size: 14px;
border-radius: 5px;
}
window#waybar {
/* `otf-font-awesome` is required to be installed for icons */
font-family: FontAwesome, monospace;
background-color: transparent;
border-bottom: 0px;
color: #ebdbb2;
transition-property: background-color;
transition-duration: .5s;
}
window#waybar.hidden {
opacity: 0.2;
}
window#waybar.empty #window {
background-color: transparent;
}
/*
window#waybar.empty {
background-color: transparent;
}
window#waybar.solo {
background-color: #FFFFFF;
}
*/
.modules-right {
margin: 10px 10px 0 0;
}
.modules-center {
margin: 10px 0 0 0;
}
.modules-left {
margin: 10px 0 0 10px;
}
button {
/* Use box-shadow instead of border so the text isn't offset */
/* box-shadow: inset 0 -3px transparent; */
border: none;
}
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
/*
button:hover {
background: inherit;
box-shadow: inset 0 -3px #ebdbb2;
} */
#workspaces {
background-color: #282828;
}
#workspaces button {
padding: 0 5px;
background-color: transparent;
color: #ebdbb2;
border-radius: 0;
}
#workspaces button:first-child {
border-radius: 5px 0 0 5px;
}
#workspaces button:last-child {
border-radius: 0 5px 5px 0;
}
#workspaces button:hover {
color: #d79921;
}
#workspaces button.focused {
background-color: #665c54;
/* box-shadow: inset 0 -3px #ffffff; */
}
#workspaces button.urgent {
background-color: #b16286;
}
#idle_inhibitor,
#cava,
#scratchpad,
#mode,
#window,
#clock,
#battery,
#backlight,
#wireplumber,
#tray,
#mpris,
#load {
padding: 0 10px;
background-color: #282828;
color: #ebdbb2;
}
#mode {
background-color: #689d6a;
color: #282828;
/* box-shadow: inset 0 -3px #ffffff; */
}
/* If workspaces is the leftmost module, omit left margin */
.modules-left > widget:first-child > #workspaces {
margin-left: 0;
}
/* If workspaces is the rightmost module, omit right margin */
.modules-right > widget:last-child > #workspaces {
margin-right: 0;
}
#cava {
padding: 0 5px;
}
#battery.charging, #battery.plugged {
background-color: #98971a;
color: #282828;
}
@keyframes blink {
to {
background-color: #282828;
color: #ebdbb2;
}
}
/* Using steps() instead of linear as a timing function to limit cpu usage */
#battery.critical:not(.charging) {
background-color: #cc241d;
color: #ebdbb2;
animation-name: blink;
animation-duration: 0.5s;
animation-timing-function: steps(12);
animation-iteration-count: infinite;
animation-direction: alternate;
}
label:focus {
background-color: #000000;
}
#wireplumber.muted {
background-color: #458588;
}
#tray > .passive {
-gtk-icon-effect: dim;
}
#tray > .needs-attention {
-gtk-icon-effect: highlight;
}
#mpris.playing {
background-color: #d79921;
color: #282828;
}
#tray menu {
font-family: sans-serif;
}
#scratchpad.empty {
background: transparent;
}

6
lib/vim/init.lua
View File

@@ -91,7 +91,6 @@ local language_servers = {
-- tsserver = {}, -- typescript-language-server -- tsserver = {}, -- typescript-language-server
cssls = {}, cssls = {},
elmls = {}, -- elm-language-server elmls = {}, -- elm-language-server
gopls = {}, -- gopls
denols = {}, -- deno built in denols = {}, -- deno built in
bashls = {}, -- bash-language-server bashls = {}, -- bash-language-server
lua_ls = { lua_ls = {
@@ -155,11 +154,10 @@ local language_servers = {
} }
for server, settings in pairs(language_servers) do for server, settings in pairs(language_servers) do
vim.lsp.config(server, { require('lspconfig')[server].setup{
on_attach = on_attach, on_attach = on_attach,
flags = lsp_flags, flags = lsp_flags,
settings = settings, settings = settings,
capabilities = capabilities capabilities = capabilities
}) }
vim.lsp.enable(server)
end end

10
lib/vim/init.vim
View File

@@ -102,7 +102,6 @@ augroup filetypes
autocmd bufnewfile,bufread urls,config set filetype=conf autocmd bufnewfile,bufread urls,config set filetype=conf
autocmd bufnewfile,bufread *.elm packadd elm-vim | set filetype=elm shiftwidth=4 autocmd bufnewfile,bufread *.elm packadd elm-vim | set filetype=elm shiftwidth=4
autocmd bufnewfile,bufread *.md packadd vim-pandoc | packadd vim-pandoc-syntax | set filetype=pandoc autocmd bufnewfile,bufread *.md packadd vim-pandoc | packadd vim-pandoc-syntax | set filetype=pandoc
autocmd bufnewfile,bufread *.ex,*.exs packadd vim-elixir | set filetype=elixir
autocmd filetype haskell packadd haskell-vim | set keywordprg=hoogle\ -i autocmd filetype haskell packadd haskell-vim | set keywordprg=hoogle\ -i
autocmd filetype javascript packadd vim-javascript autocmd filetype javascript packadd vim-javascript
autocmd filetype make setlocal noexpandtab autocmd filetype make setlocal noexpandtab
@@ -125,12 +124,3 @@ set complete+=kspell
let g:pandoc#syntax#conceal#use = 0 let g:pandoc#syntax#conceal#use = 0
let g:pandoc#modules#disabled = [] let g:pandoc#modules#disabled = []
let g:pandoc#spell#default_langs = ['en', 'de'] let g:pandoc#spell#default_langs = ['en', 'de']
autocmd! User GoyoEnter Limelight
autocmd! User GoyoLeave Limelight!
" Disable Copilot by default
let b:copilot_enabled = v:false
" keymap to toggle it enabled
nnoremap <leader>gc :let b:copilot_enabled = !b:copilot_enabled<CR>

140
modules/go-webring.nix
View File

@@ -1,140 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib)
mkEnableOption
mkPackageOption
mkOption
types
literalExpression
mkIf
;
cfg = config.services.go-webring;
defaultAddress = "127.0.0.1:2857";
in
{
options = {
services.go-webring = {
enable = mkEnableOption "go-webring";
package = mkPackageOption pkgs "go-webring" { };
contactInstructions = mkOption {
type = types.nullOr types.str;
default = null;
description = "Contact instructions for errors";
example = "contact the admin and let them know what's up";
};
host = mkOption {
type = types.str;
description = "Host this webring runs on, primarily used for validation";
example = "my-webri.ng";
};
homePageTemplate = mkOption {
type = types.str;
description = ''
This should be any HTML file with the string "{{ . }}" placed
wherever you want the table of members inserted. This table is
plain HTML so you can style it with CSS.
'';
};
listenAddress = mkOption {
type = types.str;
default = defaultAddress;
description = "Host and port go-webring will listen on";
};
members = mkOption {
type = types.listOf (
types.submodule {
options = {
username = mkOption {
type = types.str;
description = "Member's name";
};
site = mkOption {
type = types.str;
description = "Member's site URL";
};
};
}
);
description = "List of members in the webring";
};
};
};
config = mkIf cfg.enable {
systemd.services.go-webring = {
description = "go-webring service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
requires = [ "network.target" ];
serviceConfig = {
Type = "simple";
ExecStart = ''
${lib.getExe cfg.package} \
${lib.optionalString (cfg.contactInstructions != null) ("--contact " + lib.escapeShellArg cfg.contactInstructions)} \
--host ${cfg.host} \
--index ${pkgs.writeText "index.html" cfg.homePageTemplate} \
--listen ${cfg.listenAddress} \
--members ${
pkgs.writeText "list.txt" (
lib.concatMapStrings (member: member.username + " " + member.site + "\n") cfg.members
)
}
'';
User = "go-webring";
DynamicUser = true;
RuntimeDirectory = "go-webring";
WorkingDirectory = "/var/lib/go-webring";
StateDirectory = "go-webring";
RuntimeDirectoryMode = "0750";
Restart = "always";
RestartSec = 5;
# Hardening
CapabilityBoundingSet = [ "" ];
DeviceAllow = [ "" ];
LockPersonality = true;
MemoryDenyWriteExecute = true;
PrivateDevices = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
];
UMask = "0077";
};
};
environment.systemPackages = [ cfg.package ];
};
}

2
modules/panoptikon.nix
View File

@@ -29,7 +29,7 @@
default = "daily"; default = "daily";
}; };
loadCredential = lib.mkOption { loadCredential = lib.mkOption {
type = lib.types.listOf lib.types.str; type = lib.types.listOf lib.types.string;
description = '' description = ''
This can be used to pass secrets to the systemd service without adding them to the nix store. This can be used to pass secrets to the systemd service without adding them to the nix store.
''; '';

21
packages/go-webring.nix
View File

@@ -1,21 +0,0 @@
{ buildGoModule, fetchgit, lib }:
buildGoModule {
pname = "go-webring";
version = "2024-12-18";
src = fetchgit {
url = "https://git.sr.ht/~amolith/go-webring";
rev = "0b5b1bf21ff91119ea2dd042ee9fe94e9d1cd8d4";
hash = "sha256-az6vBOGiZmzfsMjYUacXMHhDeRDmVI/arCKCpHeTcns=";
};
vendorHash = "sha256-3PnXB8AfZtgmYEPJuh0fwvG38dtngoS/lxyx3H+rvFs=";
meta = {
mainProgram = "go-webring";
description = "Simple webring implementation";
homepage = "https://git.sr.ht/~amolith/go-webring";
license = lib.licenses.bsd2; # cc0 as well
maintainers = [ lib.maintainers.kmein ];
};
}

4
packages/hc.nix
View File

@@ -9,7 +9,7 @@
gnugrep, gnugrep,
qrencode, qrencode,
texlive, texlive,
util-linux, utillinux,
zbar, zbar,
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
@@ -38,7 +38,7 @@ stdenv.mkDerivation rec {
gnugrep gnugrep
qrencode qrencode
texlive.combined.scheme-full texlive.combined.scheme-full
util-linux utillinux
zbar zbar
]} ]}
''; '';

4
packages/klem.nix
View File

@@ -42,14 +42,14 @@ in
pkgs.writers.writeDashBin "klem" '' pkgs.writers.writeDashBin "klem" ''
set -efu set -efu
${pkgs.xclip}/bin/xclip -selection ${cfg.selection} -out \ ${pkgs.wl-clipboard}/bin/wl-paste \
| case $(echo "${ | case $(echo "${
lib.concatStringsSep "\n" (lib.attrNames cfg.scripts) lib.concatStringsSep "\n" (lib.attrNames cfg.scripts)
}" | ${cfg.dmenu}) in }" | ${cfg.dmenu}) in
${lib.concatStringsSep "\n" (lib.mapAttrsToList scriptCase cfg.scripts)} ${lib.concatStringsSep "\n" (lib.mapAttrsToList scriptCase cfg.scripts)}
*) ${pkgs.coreutils}/bin/cat ;; *) ${pkgs.coreutils}/bin/cat ;;
esac \ esac \
| ${pkgs.xclip}/bin/xclip -selection ${cfg.selection} -in | ${pkgs.wl-clipboard}/bin/wl-copy
${pkgs.libnotify}/bin/notify-send --app-name="klem" "Result copied to clipboard." ${pkgs.libnotify}/bin/notify-send --app-name="klem" "Result copied to clipboard."
'' ''

6
packages/notemenu.nix
View File

@@ -1,7 +1,7 @@
{ {
writers, writers,
lib, lib,
rofi, wofi,
findutils, findutils,
coreutils, coreutils,
noteDirectory ? "~/state/obsidian", noteDirectory ? "~/state/obsidian",
@@ -11,7 +11,7 @@
writers.writeDashBin "notemenu" '' writers.writeDashBin "notemenu" ''
set -efu set -efu
PATH=$PATH:${ PATH=$PATH:${
lib.makeBinPath [rofi findutils coreutils] lib.makeBinPath [wofi findutils coreutils]
} }
cd ${noteDirectory} cd ${noteDirectory}
@@ -21,7 +21,7 @@ writers.writeDashBin "notemenu" ''
echo $(date -I -d yesterday).md echo $(date -I -d yesterday).md
''} ''}
find . -not -path '*/.*' -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2- find . -not -path '*/.*' -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2-
} | rofi -dmenu -i -p 'notes') } | wofi -dmenu -i -p 'notes')
if test "$note_file" if test "$note_file"
then then
alacritty --working-directory ${noteDirectory} -e ${niveumPackages.obsidian-vim}/bin/nvim "$note_file" alacritty --working-directory ${noteDirectory} -e ${niveumPackages.obsidian-vim}/bin/nvim "$note_file"

3
packages/obsidian-vim.nix
View File

@@ -22,7 +22,7 @@ neovim.override {
\ 'path': '${obsidiantVaultDirectory}', \ 'path': '${obsidiantVaultDirectory}',
\ 'syntax': 'markdown', \ 'syntax': 'markdown',
\ 'ext': '.md', \ 'ext': '.md',
\ 'diary_rel_path': '.', \ 'diary_rel_path' '.',
\}] \}]
let NERDTreeSortOrder = ['[[-timestamp]]'] let NERDTreeSortOrder = ['[[-timestamp]]']
@@ -35,6 +35,7 @@ neovim.override {
vimPlugins.nerdtree vimPlugins.nerdtree
vimPlugins.fzf-vim vimPlugins.fzf-vim
vimPlugins.fzfWrapper vimPlugins.fzfWrapper
vimPlugins.vim-fugitive
]; ];
}; };
} }

18
packages/passmenu.nix Normal file
View File

@@ -0,0 +1,18 @@
{ writers, wofi, pass, fd, libnotify, ... }:
writers.writeBashBin "passmenu" ''
shopt -s nullglob globstar
IFS=$'\n'
prefix=$(readlink -f ''${PASSWORD_STORE_DIR-~/.password-store})
password_files=( $( ${fd}/bin/fd -L ".gpg\$" "$prefix" ) )
password_files=( "''${password_files[@]#"$prefix"/}" )
password_files=( "''${password_files[@]%.gpg}" )
password=$( printf '%s\n' "''${password_files[@]}" | ${wofi}/bin/wofi -i -k /dev/null -d menu -- "$@" )
[[ -n $password ]] || exit
OUT=$(${pass}/bin/pass show --clip "$password")
${libnotify}/bin/notify-send -t 5000 "$(echo "$OUT" | grep '^login:' | sed 's/^login: //')"
''

5
packages/pls.nix
View File

@@ -1,7 +1,6 @@
{ {
lib, lib,
writers, writers,
yt-dlp,
miller, miller,
gnused, gnused,
curl, curl,
@@ -96,10 +95,6 @@
"ich kann damit leben" "ich kann damit leben"
"es ist was es ist" "es ist was es ist"
]; ];
download = writers.writeDash "download" ''
${yt-dlp}/bin/yt-dlp --add-metadata --audio-format mp3 --audio-quality 0 -xic "$@"
'';
in in
writers.writeDashBin "pls" '' writers.writeDashBin "pls" ''
case "$1" in case "$1" in

4
packages/qrpaste.nix
View File

@@ -2,7 +2,7 @@
writers, writers,
mktemp, mktemp,
qrencode, qrencode,
xclip, wl-clipboard,
nsxiv, nsxiv,
}: }:
writers.writeDashBin "qrpaste" '' writers.writeDashBin "qrpaste" ''
@@ -11,6 +11,6 @@ writers.writeDashBin "qrpaste" ''
clean() { clean() {
rm "$file" rm "$file"
} }
${qrencode}/bin/qrencode "$(${xclip}/bin/xclip -selection clipboard -out)" -o "$file" ${qrencode}/bin/qrencode "$(${wl-clipboard}/bin/wl-paste)" -o "$file"
${nsxiv}/bin/nsxiv "$file" ${nsxiv}/bin/nsxiv "$file"
'' ''

4
packages/scanned.nix
View File

@@ -2,12 +2,8 @@
{ {
writers, writers,
imagemagick, imagemagick,
ghostscript,
lib
}: }:
writers.writeDashBin "scanned" '' writers.writeDashBin "scanned" ''
export PATH=${lib.makeBinPath [ imagemagick ghostscript ]}:$PATH
[ $# -eq 1 -a -f "$1" -a -r "$1" ] || exit 1 [ $# -eq 1 -a -f "$1" -a -r "$1" ] || exit 1
${imagemagick}/bin/convert \ ${imagemagick}/bin/convert \

45
packages/stag.nix
View File

@@ -1,45 +0,0 @@
{
lib,
stdenv,
fetchFromGitHub,
ncurses,
taglib,
zlib,
}:
stdenv.mkDerivation rec {
pname = "stag";
version = "1.0";
src = fetchFromGitHub {
owner = "smabie";
repo = "stag";
rev = "v${version}";
hash = "sha256-IWb6ZbPlFfEvZogPh8nMqXatrg206BTV2DYg7BMm7R4=";
};
buildInputs = [
ncurses
taglib
zlib
];
buildPhase = ''
make all
'';
installPhase = ''
mkdir -p $out/bin
cp stag $out/bin/
mkdir -p $out/man/man1
mv stag.1 $out/man/man1/
'';
meta = {
description = "public domain utf8 curses based audio file tagger";
homepage = "https://github.com/smabie/stag";
license = lib.licenses.publicDomain;
maintainers = [ lib.maintainers.kmein ];
platforms = lib.platforms.unix;
source = src;
};
}

4
packages/ttspaste.nix
View File

@@ -1,10 +1,10 @@
{ {
writers, writers,
xclip, wl-clipboard,
espeak, espeak,
}: }:
writers.writeDashBin "ttspaste" '' writers.writeDashBin "ttspaste" ''
${xclip}/bin/xclip -selection clipboard -out | ${espeak}/bin/espeak ${wl-clipboard}/bin/paste | ${espeak}/bin/espeak
'' ''
# curl, mpv, # curl, mpv,
# ${curl}/bin/curl -G http://tts.r/api/tts --data-urlencode 'text@-' | ${mpv}/bin/mpv - # ${curl}/bin/curl -G http://tts.r/api/tts --data-urlencode 'text@-' | ${mpv}/bin/mpv -

6
packages/unicodmenu.nix
View File

@@ -8,7 +8,7 @@
dmenu, dmenu,
gnused, gnused,
libnotify, libnotify,
xclip, wl-clipboard,
xdotool, xdotool,
gawk, gawk,
fetchFromGitHub, fetchFromGitHub,
@@ -90,7 +90,7 @@ in
writers.writeDashBin "unicodmenu" '' writers.writeDashBin "unicodmenu" ''
history_file=$HOME/.cache/unicodmenu history_file=$HOME/.cache/unicodmenu
touch "$history_file" touch "$history_file"
PATH=${lib.makeBinPath [coreutils dmenu gawk gnused libnotify xclip xdotool]} PATH=${lib.makeBinPath [coreutils dmenu gawk gnused libnotify wl-clipboard xdotool]}
all_characters() { all_characters() {
tac "$history_file" tac "$history_file"
@@ -101,7 +101,7 @@ in
[ "$chosen" != "" ] || exit [ "$chosen" != "" ] || exit
echo "$chosen" | tr -d '\n' | xclip -selection clipboard echo "$chosen" | tr -d '\n' | wl-copy
if [ -n "$1" ]; then if [ -n "$1" ]; then
xdotool key Shift+Insert xdotool key Shift+Insert

8
packages/vim.nix
View File

@@ -40,13 +40,6 @@
editorconfig-vim editorconfig-vim
copilot-vim
goyo
limelight-vim
niveumPackages.vimPlugins-mdwa-nvim
niveumPackages.vimPlugins-vim-ernest
fzf-vim fzf-vim
fzfWrapper fzfWrapper
supertab supertab
@@ -81,7 +74,6 @@
dhall-vim dhall-vim
elm-vim elm-vim
emmet-vim emmet-vim
vim-elixir
haskell-vim haskell-vim
niveumPackages.vimPlugins-icalendar-vim niveumPackages.vimPlugins-icalendar-vim
niveumPackages.vimPlugins-jq-vim niveumPackages.vimPlugins-jq-vim

2
packages/vimPlugins/cheat-sh.nix
View File

@@ -1,7 +1,7 @@
{ {
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: (vimUtils.buildVimPlugin { }: (vimUtils.buildVimPluginFrom2Nix {
pname = "cheat.sh-vim"; pname = "cheat.sh-vim";
version = "826219d1"; version = "826219d1";
src = fetchFromGitHub { src = fetchFromGitHub {

2
packages/vimPlugins/icalendar-vim.nix
View File

@@ -1,7 +1,7 @@
{ {
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: (vimUtils.buildVimPlugin { }: (vimUtils.buildVimPluginFrom2Nix {
pname = "icalendar.vim"; pname = "icalendar.vim";
version = "542fff45"; version = "542fff45";
src = fetchFromGitHub { src = fetchFromGitHub {

2
packages/vimPlugins/jq-vim.nix
View File

@@ -2,7 +2,7 @@
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: }:
vimUtils.buildVimPlugin { vimUtils.buildVimPluginFrom2Nix {
pname = "jq.vim"; pname = "jq.vim";
version = "5baf8ed1"; version = "5baf8ed1";
src = fetchFromGitHub { src = fetchFromGitHub {

13
packages/vimPlugins/mdwa-nvim.nix
View File

@@ -1,13 +0,0 @@
{
vimUtils,
fetchFromGitHub,
}: (vimUtils.buildVimPlugin {
pname = "mdwa.nvim";
version = "9f37270";
src = fetchFromGitHub {
owner = "tihawk";
repo = "mdwa.nvim";
rev = "9f3727037e0d85fd0930334b91b9687a5a880192";
hash = "sha256-h2jy2E+pN2Ma/5n9Eq2oXr9xHma2OxxVvx9EJ+bIYxA=";
};
})

2
packages/vimPlugins/typst-vim.nix
View File

@@ -2,7 +2,7 @@
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: }:
vimUtils.buildVimPlugin { vimUtils.buildVimPluginFrom2Nix {
pname = "typst.vim"; pname = "typst.vim";
version = "2882f21"; version = "2882f21";
src = fetchFromGitHub { src = fetchFromGitHub {

2
packages/vimPlugins/vim-256noir.nix
View File

@@ -2,7 +2,7 @@
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: }:
vimUtils.buildVimPlugin { vimUtils.buildVimPluginFrom2Nix {
pname = "vim-256noir"; pname = "vim-256noir";
version = "e8668a18"; version = "e8668a18";
src = fetchFromGitHub { src = fetchFromGitHub {

2
packages/vimPlugins/vim-colors-paramount.nix
View File

@@ -2,7 +2,7 @@
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: }:
vimUtils.buildVimPlugin { vimUtils.buildVimPluginFrom2Nix rec {
pname = "vim-colors-paramount"; pname = "vim-colors-paramount";
version = "a5601d36"; version = "a5601d36";
src = fetchFromGitHub { src = fetchFromGitHub {

14
packages/vimPlugins/vim-ernest.nix
View File

@@ -1,14 +0,0 @@
{
vimUtils,
fetchFromGitHub,
lib,
}: (vimUtils.buildVimPlugin {
pname = "vim-ernest";
version = "4b99bc3";
src = fetchFromGitHub {
owner = "lgalke";
repo = "vim-ernest";
rev = "4b99bc3fe3deb7bb958ad2f64cad93569eeb50d7";
hash = "sha256-AUuRnnZU39XUerBxNelEqVyDAalRm3VGNUQb15fjXjM=";
};
})

2
packages/vimPlugins/vim-fetch.nix
View File

@@ -1,7 +1,7 @@
{ {
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: (vimUtils.buildVimPlugin { }: (vimUtils.buildVimPluginFrom2Nix rec {
pname = "vim-fetch"; pname = "vim-fetch";
version = "76c08586"; version = "76c08586";
src = fetchFromGitHub { src = fetchFromGitHub {

2
packages/vimPlugins/vim-fsharp.nix
View File

@@ -2,7 +2,7 @@
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: }:
vimUtils.buildVimPlugin { vimUtils.buildVimPluginFrom2Nix {
pname = "vim-fsharp"; pname = "vim-fsharp";
version = "627db7d7"; version = "627db7d7";
src = fetchFromGitHub { src = fetchFromGitHub {

2
packages/vimPlugins/vim-mail.nix
View File

@@ -2,7 +2,7 @@
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: }:
vimUtils.buildVimPlugin { vimUtils.buildVimPluginFrom2Nix {
pname = "vim-mail"; pname = "vim-mail";
version = "acdbb5bd"; version = "acdbb5bd";
src = fetchFromGitHub { src = fetchFromGitHub {

2
packages/vimPlugins/vim-reason-plus.nix
View File

@@ -1,7 +1,7 @@
{ {
vimUtils, vimUtils,
fetchFromGitHub, fetchFromGitHub,
}: (vimUtils.buildVimPlugin { }: (vimUtils.buildVimPluginFrom2Nix {
pname = "vim-reason-plus"; pname = "vim-reason-plus";
version = "c11a2940"; version = "c11a2940";
src = fetchFromGitHub { src = fetchFromGitHub {

7
packages/weechat-declarative.nix
View File

@@ -1,6 +1,7 @@
{ {
pkgs, pkgs,
lib, lib,
unstablePackages,
... ...
} @ args: let } @ args: let
# config cannot be declared in the input attribute set because that would # config cannot be declared in the input attribute set because that would
@@ -136,7 +137,7 @@
)) ))
); );
weechatPkg = pkgs.weechat.override { weechat = unstablePackages.weechat.override {
configure = _: { configure = _: {
init = "/exec -oc cat ${setFile}"; init = "/exec -oc cat ${setFile}";
@@ -162,14 +163,14 @@
cfg.files cfg.files
) )
} }
exec ${weechatPkg}/bin/weechat "$@" exec ${weechat}/bin/weechat "$@"
''; '';
in in
pkgs.symlinkJoin { pkgs.symlinkJoin {
name = "weechat-configured"; name = "weechat-configured";
paths = [ paths = [
wrapper wrapper
weechatPkg unstablePackages.weechat
]; ];
postBuild = '' postBuild = ''
ln -s ${setFile} $out/weechat.set ln -s ${setFile} $out/weechat.set

2
secrets

Submodule secrets updated: 236a3353a7...e14a3170cc

4
secrets.txt
View File

@@ -1,11 +1,8 @@
secrets/alertmanager-token-reporters.age secrets/alertmanager-token-reporters.age
secrets/brevo-key.age
secrets/cifs-credentials-zodiac.age secrets/cifs-credentials-zodiac.age
secrets/copecart-ipn.age
secrets/di-fm-key.age secrets/di-fm-key.age
secrets/email-password-cock.age secrets/email-password-cock.age
secrets/email-password-fysi.age secrets/email-password-fysi.age
secrets/email-password-ical-ephemeris.age
secrets/email-password-letos.age secrets/email-password-letos.age
secrets/email-password-meinhak99.age secrets/email-password-meinhak99.age
secrets/email-password-posteo.age secrets/email-password-posteo.age
@@ -79,7 +76,6 @@ secrets/telegram-token-proverb.age
secrets/telegram-token-reverse.age secrets/telegram-token-reverse.age
secrets/telegram-token-streaming-link.age secrets/telegram-token-streaming-link.age
secrets/weechat-sec.conf.age secrets/weechat-sec.conf.age
secrets/wifi.age
secrets/zaatar-moodle-dl-basicAuth.age secrets/zaatar-moodle-dl-basicAuth.age
secrets/zaatar-moodle-dl-tokens.json.age secrets/zaatar-moodle-dl-tokens.json.age
secrets/zaatar-retiolum-privateKey-ed25519.age secrets/zaatar-retiolum-privateKey-ed25519.age

3
systems/fatteh/configuration.nix
View File

@@ -9,7 +9,6 @@ in {
./hardware-configuration.nix ./hardware-configuration.nix
../../configs/networkmanager.nix ../../configs/networkmanager.nix
../../configs/default.nix ../../configs/default.nix
../../configs/0ad.nix
# ../../configs/gnome.nix # ../../configs/gnome.nix
]; ];
@@ -41,6 +40,8 @@ in {
wireguard-aether-psk.file = ../../secrets/fatteh-wireguard-aether-psk.age; wireguard-aether-psk.file = ../../secrets/fatteh-wireguard-aether-psk.age;
}; };
networking.wg-quick.interfaces.aether.address = ["192.168.178.202/24"];
networking.hostName = "fatteh"; networking.hostName = "fatteh";
networking.retiolum = retiolumAddresses.fatteh; networking.retiolum = retiolumAddresses.fatteh;

62
systems/ful/configuration.nix
View File

@@ -12,9 +12,8 @@ in {
./radio.nix ./radio.nix
./panoptikon.nix ./panoptikon.nix
./hledger.nix ./hledger.nix
./go-webring.nix
./gemini.nix
./wallabag.nix ./wallabag.nix
./alew.nix
../../configs/monitoring.nix ../../configs/monitoring.nix
../../configs/mycelium.nix ../../configs/mycelium.nix
../../configs/tor.nix ../../configs/tor.nix
@@ -70,6 +69,65 @@ in {
]; ];
}; };
users.users.servant = {
isSystemUser = true;
group = "servant";
};
users.groups.servant = {};
systemd.services.servant = {
enable = true;
environment.PORT = toString 18987;
environment.VIRTUAL_HOST = "https://openapiaiapi.kmein.de";
serviceConfig.ExecStart = pkgs.writers.writeHaskell "server" {
libraries = with pkgs.haskellPackages; [
servant
servant-server
servant-openapi3
servant-swagger-ui
servant-client
aeson
text
warp
uuid
lens
];
ghcArgs = ["-O3" "-threaded"];
} ./servant-openapi.hs;
serviceConfig.User = "servant";
serviceConfig.Group = "servant";
};
services.htgen.openapi-conversion = {
port = 18988;
script = ''. ${pkgs.writers.writeDash "openapi-conversion" ''
case "$Method $Request_URI" in
"GET /openapi-3.1.json")
schema=$(mktemp -d)
trap 'rm -rf $schema' EXIT
${pkgs.wget}/bin/wget http://127.0.0.1:${toString 18987}/openapi.json -O "$schema"/openapi.json
cat "$schema"/openapi.json >&2
PATH=${lib.makeBinPath [pkgs.bashInteractive pkgs.nodejs]} ${pkgs.nodejs}/bin/npx --yes openapi-format "$schema"/openapi.json --convertTo "3.1" -o "$schema"/openapi-new.json
printf 'HTTP/1.1 200 OK\r\n'
printf 'Content-Type: %s\r\n' "$(${pkgs.file}/bin/file -ib "$schema"/openapi-new.json)"
printf 'Server: %s\r\n' "$Server"
printf 'Connection: close\r\n'
printf 'Content-Length: %d\r\n' $(${pkgs.coreutils}/bin/wc -c < "$schema"/openapi-new.json)
printf '\r\n'
cat "$schema"/openapi-new.json
exit
;;
esac
''}'';
};
services.nginx.virtualHosts."openapiaiapi.kmein.de" = {
enableACME = true;
forceSSL = true;
locations."/openapi-3.1.json".proxyPass = "http://127.0.0.1:${toString 18988}";
locations."/".proxyPass = "http://127.0.0.1:${toString 18987}";
};
networking = { networking = {
firewall.allowedTCPPorts = [80 443]; firewall.allowedTCPPorts = [80 443];
hostName = "ful"; hostName = "ful";

15
systems/ful/gemini.nix
View File

@@ -1,15 +0,0 @@
{ config, ... }:
{
networking.firewall.allowedTCPPorts = [ 1965 ];
services.agate = {
enable = true;
addresses = [ "0.0.0.0:1965" ];
hostnames = [ "kmein.de" ];
language = "de";
};
services.restic.backups.niveum.paths = [
config.services.agate.contentDir
config.services.agate.certificatesDir
];
}

39
systems/ful/go-webring.nix
View File

@@ -1,39 +0,0 @@
{ config, niveumPackages ,... }:
let
port = 2857;
in
{
services.go-webring = {
enable = true;
host = "dichtungsring.kmein.de";
listenAddress = "127.0.0.1:${toString port}";
package = niveumPackages.go-webring;
members = [
{ username = "meteora"; site = "meteora.xn--kiern-0qa.de"; }
{ username = "huldra"; site = "huldras-halbtraum.com"; }
];
homePageTemplate = ''
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Dichtungsring</title>
</head>
<body>
<h1>Willkommen beim Dichtungs-Ring</h1>
<p>Ein <a href="https://de.wikipedia.org/wiki/Webring">Webring</a> für die Dichtung.</p>
<section id="members">
<table><tbody>{{ . }}</tbody></table>
</section>
</body>
</html>
'';
};
services.nginx.virtualHosts."dichtungsring.kmein.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://${config.services.go-webring.listenAddress}";
};
}

2
systems/ful/matomo.nix
View File

@@ -21,7 +21,7 @@ in {
nginx = { nginx = {
serverName = "matomo.kmein.de"; serverName = "matomo.kmein.de";
}; };
package = pkgs.matomo; package = pkgs.matomo_5;
}; };
services.mysql = { services.mysql = {

119
systems/ful/servant-openapi.hs Normal file
View File

@@ -0,0 +1,119 @@
{-# LANGUAGE DataKinds #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE TypeOperators #-}
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE OverloadedStrings #-}
module Main where
import Data.Aeson (ToJSON, FromJSON)
import GHC.Generics (Generic)
import Data.String (IsString(..))
import Network.Wai (Application)
import Network.Wai.Handler.Warp (run)
import Servant
import Servant.Client (HasClient (..))
import Servant.OpenApi (HasOpenApi(..), toOpenApi)
import qualified Data.Version as Version
import Servant.Swagger.UI (SwaggerSchemaUI, swaggerSchemaUIServer)
import Data.OpenApi (ToSchema, servers, license, info, description, version, title)
import qualified Data.OpenApi as OpenApi
import Control.Concurrent.MVar (MVar, newMVar, modifyMVar, readMVar)
import System.Environment (getEnv)
import Control.Monad.IO.Class (liftIO)
import Control.Lens
import qualified Data.Text as T
import GHC.Generics
import GHC.TypeLits
import Data.UUID (UUID)
import Data.UUID.V4 (nextRandom)
import qualified Data.UUID as UUID
-- Define a simple data type
data User = User
{ userId :: UUID
, name :: String
, age :: Int
} deriving (Generic, Show)
instance ToJSON User
instance FromJSON User
instance ToSchema User
-- Define the API type
type API = "users" :> OperationId "getUsers" :> Get '[JSON] [User]
:<|> "users" :> OperationId "insertUser" :> ReqBody '[JSON] User :> Post '[JSON] User
:<|> "users" :> OperationId "updateUser" :> Capture "id" UUID :> ReqBody '[JSON] User :> Put '[JSON] User
:<|> "users" :> OperationId "deleteUser" :> Capture "id" UUID :> Delete '[JSON] NoContent
-- Define the API with Swagger endpoints
type APIWithSwagger = API
:<|> SwaggerSchemaUI "swagger-ui" "openapi.json"
data OperationId (name :: Symbol)
instance HasServer subApi ctx => HasServer (OperationId name :> subApi) ctx where
type ServerT (OperationId name :> subApi) m = ServerT subApi m
route _ = route (Proxy @subApi)
hoistServerWithContext _ = hoistServerWithContext (Proxy @subApi)
instance (HasOpenApi subApi, KnownSymbol name) => HasOpenApi (OperationId name :> subApi) where
toOpenApi _ = toOpenApi (Proxy @subApi) & OpenApi.allOperations . OpenApi.operationId ?~ apiName
where
apiName = T.pack $ symbolVal (Proxy @name)
instance HasClient m api => HasClient m (OperationId name :> api) where
type Client m (OperationId name :> api) = Client m api
clientWithRoute pm Proxy = clientWithRoute pm (Proxy :: Proxy api)
hoistClientMonad pm _ = hoistClientMonad pm (Proxy :: Proxy api)
-- Handlers for the API
getUsers :: MVar [User] -> Handler [User]
getUsers usersVar = liftIO $ readMVar usersVar
addUser :: MVar [User] -> User -> Handler User
addUser usersVar newUser = liftIO $ do
newId <- nextRandom
let userWithId = newUser { userId = newId }
modifyMVar usersVar $ \users -> return (userWithId : users, userWithId)
updateUser :: MVar [User] -> UUID -> User -> Handler User
updateUser usersVar uid updatedUser = liftIO $ do
modifyMVar usersVar $ \users ->
let newUsers = map (\user -> if userId user == uid then updatedUser { userId = uid } else user) users
in return (newUsers, updatedUser { userId = uid })
deleteUser :: MVar [User] -> UUID -> Handler NoContent
deleteUser usersVar uid = liftIO $ do
modifyMVar usersVar $ \users ->
let newUsers = filter (\user -> userId user /= uid) users
in return (newUsers, NoContent)
-- Implement the server
server :: OpenApi.Server -> MVar [User] -> Server APIWithSwagger
server virtualHost usersVar = (getUsers usersVar
:<|> addUser usersVar
:<|> updateUser usersVar
:<|> deleteUser usersVar)
:<|> swaggerSchemaUIServer (toOpenApi (Proxy :: Proxy API)
& info.title .~ "OpenAPI AI API"
& info.version .~ "1.0"
& info.description ?~ "This is an API for AI with OpenAPI"
& info.license ?~ "MIT"
& servers .~ [virtualHost])
-- Create the application
app :: OpenApi.Server -> MVar [User] -> Application
app virtualHost usersVar = serve (Proxy :: Proxy APIWithSwagger) (server virtualHost usersVar)
-- Main entry point
main :: IO ()
main = do
initialUsers <- mapM (\(name, age) -> nextRandom >>= \uid -> return (User uid name age)) [("Alice", 30), ("Bob", 25)]
usersVar <- newMVar initialUsers
virtualHost <- getEnv "VIRTUAL_HOST"
port <- read <$> getEnv "PORT" -- Assuming PORT is a number
run port (app (fromString virtualHost) usersVar)

15
systems/kabsa/configuration.nix
View File

@@ -1,11 +1,16 @@
{ {
config, config,
niveumPackages,
pkgs, pkgs,
lib, lib,
inputs,
... ...
}: let }:
let
# TODO wrap obsidian: obsidian --no-sandbox --ozone-platform=wayland --ozone-platform-hint=auto --enable-features=UseOzonePlatform,WaylandWindowDecorations %U
inherit (import ../../lib) retiolumAddresses; inherit (import ../../lib) retiolumAddresses;
in { in
{
imports = [ imports = [
../kibbeh/hardware-configuration.nix ../kibbeh/hardware-configuration.nix
../../configs/tlp.nix ../../configs/tlp.nix
@@ -45,11 +50,13 @@ in {
wireguard-aether-psk.file = ../../secrets/kabsa-wireguard-aether-psk.age; wireguard-aether-psk.file = ../../secrets/kabsa-wireguard-aether-psk.age;
}; };
environment.systemPackages = [pkgs.zeroad]; networking.wg-quick.interfaces.aether.address = [ "192.168.178.203/24" ];
environment.systemPackages = [ pkgs.zeroad ];
networking = { networking = {
hostName = "kabsa"; hostName = "kabsa";
wireless.interfaces = ["wlp3s0"]; wireless.interfaces = [ "wlp3s0" ];
retiolum = retiolumAddresses.kabsa; retiolum = retiolumAddresses.kabsa;
}; };

1
systems/kibbeh/configuration.nix
View File

@@ -14,6 +14,7 @@
../../configs/sound.nix ../../configs/sound.nix
../../configs/printing.nix ../../configs/printing.nix
../../configs/nix.nix ../../configs/nix.nix
../../configs/flix.nix
../../configs/fonts.nix ../../configs/fonts.nix
../../configs/mycelium.nix ../../configs/mycelium.nix
../../configs/retiolum.nix ../../configs/retiolum.nix

21
systems/makanek/configuration.nix
View File

@@ -13,7 +13,7 @@ in {
./menstruation.nix ./menstruation.nix
./moinbot.nix ./moinbot.nix
./monitoring ./monitoring
# ./names.nix ./names.nix
./nextcloud.nix ./nextcloud.nix
../../configs/mycelium.nix ../../configs/mycelium.nix
./radio-news.nix ./radio-news.nix
@@ -48,7 +48,7 @@ in {
config.services.grafana.dataDir config.services.grafana.dataDir
config.services.gitea.stateDir config.services.gitea.stateDir
config.services.weechat.root config.services.weechat.root
config.services.nginx.virtualHosts."www.kmein.de".locations."/".root config.services.nginx.virtualHosts."www.kmein.de".root
"/var/lib/weechat" "/var/lib/weechat"
"/var/lib/codimd" "/var/lib/codimd"
]; ];
@@ -121,22 +121,7 @@ in {
services.nginx.virtualHosts."www.kmein.de" = { services.nginx.virtualHosts."www.kmein.de" = {
addSSL = true; addSSL = true;
enableACME = true; enableACME = true;
locations."/" = { root = "/var/www/kmein.de";
root = "/var/www/kmein.de";
extraConfig = ''
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
# Handle preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
return 204; # No Content
}
'';
};
}; };
environment.systemPackages = [ environment.systemPackages = [

351
systems/makanek/monitoring/default.nix
View File

@@ -3,13 +3,11 @@
config, config,
pkgs, pkgs,
... ...
}: }: let
let
lokiConfig = import ./loki.nix; lokiConfig = import ./loki.nix;
blackboxConfig = import ./blackbox.nix; blackboxConfig = import ./blackbox.nix;
inherit (import ../../../lib) restic; inherit (import ../../../lib) restic;
in in {
{
services.grafana = { services.grafana = {
enable = true; enable = true;
settings = { settings = {
@@ -82,150 +80,143 @@ in
} }
]; ];
services.prometheus.rules = services.prometheus.rules = let
let diskFreeThreshold = 10;
diskFreeThreshold = 10; in [
in (builtins.toJSON {
[ groups = [
(builtins.toJSON { {
groups = [ name = "niveum";
{ rules = [
name = "niveum"; {
rules = [ alert = "HostSystemdServiceCrashed";
{ expr = ''(node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}'';
alert = "HostSystemdServiceCrashed"; annotations = {
expr = ''(node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}''; description = "{{$labels.name}} failed on {{$labels.instance}}";
annotations = { };
description = "{{$labels.name}} failed on {{$labels.instance}}"; }
}; {
} alert = "RootPartitionFull";
{ for = "10m";
alert = "RootPartitionFull"; expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
for = "10m"; annotations = {
expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}''; description = ''{{ $labels.instance }} running out of space: {{ $value | printf "%.2f" }}% < ${toString diskFreeThreshold}%'';
annotations = { };
description = ''{{ $labels.instance }} running out of space: {{ $value | printf "%.2f" }}% < ${toString diskFreeThreshold}%''; }
}; {
} alert = "RootPartitionFullWeek";
{ for = "1h";
alert = "RootPartitionFullWeek"; expr =
for = "1h"; ''node_filesystem_free_bytes{mountpoint="/"} ''
expr = + ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
''node_filesystem_free_bytes{mountpoint="/"} '' annotations = {
+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0''; description = "{{$labels.instance}} running out of space in 7 days";
annotations = { };
description = "{{$labels.instance}} running out of space in 7 days"; }
}; {
} alert = "HighLoad";
{ expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
alert = "HighLoad"; for = "10m";
expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0''; annotations = {
for = "10m"; description = "{{$labels.instance}} running on high load: {{$value}}";
annotations = { };
description = "{{$labels.instance}} running on high load: {{$value}}"; }
}; {
} alert = "HostUnusualNetworkThroughputIn";
{ expr = ''(rate(node_network_receive_bytes_total[2m])) / 1024 / 1024 > 100'';
alert = "HostUnusualNetworkThroughputIn"; for = "5m";
expr = ''(rate(node_network_receive_bytes_total[2m])) / 1024 / 1024 > 100''; annotations.description = "Host unusual network throughput in (instance {{ $labels.instance }})";
for = "5m"; }
annotations.description = "Host unusual network throughput in (instance {{ $labels.instance }})"; {
} alert = "HostUnusualNetworkThroughputOut";
{ expr = ''(rate(node_network_transmit_bytes_total[2m])) / 1024 / 1024 > 100'';
alert = "HostUnusualNetworkThroughputOut"; for = "5m";
expr = ''(rate(node_network_transmit_bytes_total[2m])) / 1024 / 1024 > 100''; annotations.description = "Host unusual network throughput out (instance {{ $labels.instance }})";
for = "5m"; }
annotations.description = "Host unusual network throughput out (instance {{ $labels.instance }})"; {
} alert = "HostUnusualDiskReadRate";
{ expr = ''(rate(node_disk_read_bytes_total[2m])) / 1024 / 1024 > 50'';
alert = "HostUnusualDiskReadRate"; for = "5m";
expr = ''(rate(node_disk_read_bytes_total[2m])) / 1024 / 1024 > 50''; annotations.description = "Host unusual disk read rate (instance {{ $labels.instance }})";
for = "5m"; }
annotations.description = "Host unusual disk read rate (instance {{ $labels.instance }})"; {
} alert = "HostUnusualDiskWriteRate";
{ expr = ''(rate(node_disk_written_bytes_total[2m])) / 1024 / 1024 > 50'';
alert = "HostUnusualDiskWriteRate"; for = "2m";
expr = ''(rate(node_disk_written_bytes_total[2m])) / 1024 / 1024 > 50''; annotations.description = "Host unusual disk write rate (instance {{ $labels.instance }})";
for = "2m"; }
annotations.description = "Host unusual disk write rate (instance {{ $labels.instance }})"; {
} alert = "HostOutOfInodes";
{ expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and ON (instance, device, mountpoint) node_filesystem_readonly == 0'';
alert = "HostOutOfInodes"; for = "2m";
expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and ON (instance, device, mountpoint) node_filesystem_readonly == 0''; annotations.description = "Host out of inodes (instance {{ $labels.instance }})";
for = "2m"; }
annotations.description = "Host out of inodes (instance {{ $labels.instance }})"; {
} alert = "HostInodesWillFillIn24Hours";
{ expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0'';
alert = "HostInodesWillFillIn24Hours"; for = "2m";
expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0''; annotations.description = "Host inodes will fill in 24 hours (instance {{ $labels.instance }})";
for = "2m"; }
annotations.description = "Host inodes will fill in 24 hours (instance {{ $labels.instance }})"; {
} alert = "HighRAM";
{ expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
alert = "HighRAM"; for = "1h";
expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1"; annotations.description = "{{$labels.instance}} using lots of RAM";
for = "1h"; }
annotations.description = "{{$labels.instance}} using lots of RAM"; {
} alert = "UptimeMonster";
{ expr = "time() - node_boot_time_seconds > 2592000";
alert = "UptimeMonster"; annotations.description = "uptime monster {{$labels.instance}} up for more than 30 days";
expr = "time() - node_boot_time_seconds > 2592000"; }
annotations.description = "uptime monster {{$labels.instance}} up for more than 30 days"; {
} alert = "HostDown";
{ expr = ''up == 0'';
alert = "HostDown"; for = "5m";
expr = ''up == 0''; annotations = {
for = "5m"; description = "{{ $labels.instance }} seeming down since 5 minutes";
annotations = { };
description = "{{ $labels.instance }} seeming down since 5 minutes"; }
}; {
} alert = "Reboot";
{ expr = "time() - node_boot_time_seconds < 300";
alert = "Reboot"; annotations.description = "{{$labels.instance}} rebooted";
expr = "time() - node_boot_time_seconds < 300"; }
annotations.description = "{{$labels.instance}} rebooted"; {
} alert = "ProbeFailed";
{ expr = "probe_success == 0";
alert = "Mastodon"; for = "5m";
expr = ''probe_success{instance="https://social.krebsco.de"} == 0''; annotations.description = "HTTP probe failed for {{$labels.instance}}";
for = "5m"; }
annotations.description = "Mastodon instance {{$labels.instance}} is down"; {
} alert = "SlowProbe";
{ expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
alert = "ProbeFailed"; for = "5m";
expr = "probe_success == 0"; annotations.description = "HTTP probe slow for {{$labels.instance}}";
for = "5m"; }
annotations.description = "HTTP probe failed for {{$labels.instance}}"; {
} alert = "HttpStatusCode";
{ expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
alert = "SlowProbe"; for = "5m";
expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1"; annotations.description = "status code {{$value}} for {{$labels.instance}}";
for = "5m"; }
annotations.description = "HTTP probe slow for {{$labels.instance}}"; {
} alert = "SslExpirySoon";
{ expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
alert = "HttpStatusCode"; for = "5m";
expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)"; annotations.description = "SSL certificate for {{$labels.instance}} expires in 30 days";
for = "5m"; }
annotations.description = "status code {{$value}} for {{$labels.instance}}"; {
} alert = "SslExpiry";
{ expr = "probe_ssl_earliest_cert_expiry - time() <= 0";
alert = "SslExpirySoon"; for = "5m";
expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30"; annotations.description = "SSL certificate for {{$labels.instance}} has expired";
for = "5m"; }
annotations.description = "SSL certificate for {{$labels.instance}} expires in 30 days"; ];
} }
{ ];
alert = "SslExpiry"; })
expr = "probe_ssl_earliest_cert_expiry - time() <= 0"; ];
for = "5m";
annotations.description = "SSL certificate for {{$labels.instance}} has expired";
}
];
}
];
})
];
# ref https://github.com/Mic92/dotfiles/blob/f44bac5dd6970ed3fbb4feb906917331ec3c2be5/machines/eva/modules/prometheus/default.nix # ref https://github.com/Mic92/dotfiles/blob/f44bac5dd6970ed3fbb4feb906917331ec3c2be5/machines/eva/modules/prometheus/default.nix
systemd.services.matrix-hook = { systemd.services.matrix-hook = {
@@ -255,33 +246,6 @@ in
}; };
}; };
systemd.services.matrix-hook-lassulus = {
description = "Matrix Hook";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment = {
HTTP_ADDRESS = "[::1]";
HTTP_PORT = "9089";
MX_HOMESERVER = "https://matrix.4d2.org";
MX_ID = "@lakai:4d2.org";
MX_ROOMID = "!MJAGqBAOKZGMywzwkI:lassul.us";
MX_MSG_TEMPLATE = "${pkgs.matrix-hook}/message.html.tmpl";
};
serviceConfig = {
EnvironmentFile = [
# format: MX_TOKEN=<token>
config.age.secrets.matrix-token-lakai-env.path
];
Type = "simple";
ExecStart = "${pkgs.matrix-hook}/bin/matrix-hook";
Restart = "always";
RestartSec = "10";
DynamicUser = true;
User = "matrix-hook";
Group = "matrix-hook";
};
};
age.secrets = { age.secrets = {
matrix-token-lakai-env.file = ../../../secrets/matrix-token-lakai-env.age; matrix-token-lakai-env.file = ../../../secrets/matrix-token-lakai-env.age;
}; };
@@ -296,23 +260,8 @@ in
group_wait = "30s"; group_wait = "30s";
repeat_interval = "24h"; repeat_interval = "24h";
receiver = "matrix"; receiver = "matrix";
routes = [
{
receiver = "lassulus";
matchers = [ "alertname = \"Mastodon\"" ];
}
];
}; };
receivers = [ receivers = [
{
name = "lassulus";
webhook_configs = [
{
url = "http://localhost:9089/alert";
max_alerts = 5;
}
];
}
{ {
name = "matrix"; name = "matrix";
webhook_configs = [ webhook_configs = [
@@ -357,21 +306,13 @@ in
{ {
scheme = "http"; scheme = "http";
path_prefix = "/"; path_prefix = "/";
static_configs = [ static_configs = [{targets = ["localhost:${toString config.services.prometheus.alertmanager.port}"];}];
{ targets = [ "localhost:${toString config.services.prometheus.alertmanager.port}" ]; }
];
} }
]; ];
# otherwise bearer_token_file will fail # otherwise bearer_token_file will fail
services.prometheus.checkConfig = "syntax-only"; services.prometheus.checkConfig = "syntax-only";
services.prometheus.extraFlags = [
"--storage.tsdb.retention.time=7d"
"--storage.tsdb.retention.size=2GB"
"--storage.tsdb.wal-compression"
];
services.prometheus.scrapeConfigs = [ services.prometheus.scrapeConfigs = [
{ {
job_name = "makanek"; job_name = "makanek";
@@ -387,14 +328,14 @@ in
scrape_interval = "5m"; scrape_interval = "5m";
job_name = "blackbox"; job_name = "blackbox";
metrics_path = "/probe"; metrics_path = "/probe";
params.module = [ "http_2xx" ]; params.module = ["http_2xx"];
relabel_configs = [ relabel_configs = [
{ {
source_labels = [ "__address__" ]; source_labels = ["__address__"];
target_label = "__param_target"; target_label = "__param_target";
} }
{ {
source_labels = [ "__param_target" ]; source_labels = ["__param_target"];
target_label = "instance"; target_label = "instance";
} }
{ {
@@ -452,7 +393,7 @@ in
scrape_interval = "60s"; scrape_interval = "60s";
metrics_path = "/api/prometheus"; metrics_path = "/api/prometheus";
scheme = "http"; scheme = "http";
static_configs = [ { targets = [ "zaatar.r:8123" ]; } ]; static_configs = [{targets = ["zaatar.r:8123"];}];
bearer_token_file = config.age.secrets.home-assistant-token.path; bearer_token_file = config.age.secrets.home-assistant-token.path;
} }
{ {
@@ -469,7 +410,7 @@ in
services.prometheus.exporters.blackbox = { services.prometheus.exporters.blackbox = {
enable = true; enable = true;
configFile = (pkgs.formats.yaml { }).generate "blackbox.yaml" blackboxConfig; configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig;
}; };
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
@@ -478,6 +419,6 @@ in
services.loki = { services.loki = {
enable = true; enable = true;
configFile = (pkgs.formats.yaml { }).generate "loki.yaml" lokiConfig; configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig;
}; };
} }

6
systems/makanek/weechat.nix
View File

@@ -1,11 +1,15 @@
{ {
lib, lib,
pkgs, pkgs,
config,
unstablePackages,
... ...
}: let }: let
inherit (import ../../lib) kieran; inherit (import ../../lib) kieran;
weechatHome = "/var/lib/weechat"; weechatHome = "/var/lib/weechat";
weechat-declarative = pkgs.callPackage ../../packages/weechat-declarative.nix {}; weechat-declarative = pkgs.callPackage ../../packages/weechat-declarative.nix {
inherit unstablePackages;
};
in { in {
systemd.services.weechat = let systemd.services.weechat = let
tmux = pkgs.writers.writeDash "tmux" '' tmux = pkgs.writers.writeDash "tmux" ''

2
systems/manakish/configuration.nix
View File

@@ -36,6 +36,8 @@ in {
wireguard-aether-psk.file = ../../secrets/manakish-wireguard-aether-psk.age; wireguard-aether-psk.file = ../../secrets/manakish-wireguard-aether-psk.age;
}; };
networking.wg-quick.interfaces.aether.address = ["192.168.178.204/24"];
niveum = { niveum = {
batteryName = "BAT0"; batteryName = "BAT0";
wirelessInterface = "wlp3s0"; wirelessInterface = "wlp3s0";

2
systems/moto/configuration.nix
View File

@@ -26,7 +26,7 @@ in {
procps procps
tzdata tzdata
unzip unzip
util-linux utillinux
vim vim
which which
xz xz

3
systems/zaatar/configuration.nix
View File

@@ -28,9 +28,6 @@ in {
services.pipewire.systemWide = true; services.pipewire.systemWide = true;
age.secrets = { age.secrets = {
wifi = {
file = ../../secrets/wifi.age;
};
retiolum-rsa = { retiolum-rsa = {
file = ../../secrets/zaatar-retiolum-privateKey-rsa.age; file = ../../secrets/zaatar-retiolum-privateKey-rsa.age;
mode = "400"; mode = "400";