feat(tahina): init as guest laptop

ci.nix

@@ -3,7 +3,7 @@
   system,
   name,
 }: let
-  nixpkgs = inputs.nixos-stable;
+  inherit (inputs) nixpkgs;
   pkgs = nixpkgs.legacyPackages.${system};
   ensureFiles = paths:
     pkgs.runCommand "directory" {} ''
@@ -23,13 +23,6 @@
       "nixos-config=${toString ./.}/systems/${name}/configuration.nix"
       "system-secrets=${systemSecrets}"
       "secrets=${sharedSecrets}"
-      "nixpkgs=${
-        toString (
-          if name == "kabsa" || name == "manakish"
-          then inputs.nixos-unstable
-          else inputs.nixos-stable
-        )
-      }"
     ]
     ++ nixpkgs.lib.mapAttrsToList (name: value: "${name}=${value}") inputs);
   # cd ~/.password-store/shared && find * -type f | sed 's/.gpg$//'
@@ -43,7 +36,6 @@
     "mail/gmail/amroplay"
     "mail/gmail/kieran.meinhardt"
     "mail/meinhaki"
-    "mail/dslalewa"
     "mail/posteo"
     "nextcloud-fysi/password"
     "nextcloud/password"
@@ -62,7 +54,6 @@
       kabsa = ensureFiles basic;
       manakish = ensureFiles basic;
       tahina = ensureFiles basic;
-      ful = ensureFiles basic;
       makanek = ensureFiles ([
           "irc/retiolum"
           "irc/hackint"
@@ -82,7 +73,6 @@
           "telegram/menstruation.token"
           "telegram/cool_village.token"
           "telegram/kmein.token"
-          "telegram/krebs.token"
           "telegram/prometheus.token"
           "weechat/relay"
         ]

configs/alacritty.nix

@@ -3,15 +3,29 @@
   lib,
   config,
   ...
-}: let
-  alacritty-cfg = theme:
-    (pkgs.formats.yaml {}).generate "alacritty.yml" {
-      window.opacity = 0.95;
+}: {
+  environment.variables.TERMINAL = "alacritty";
+
+  environment.systemPackages = [
+    pkgs.alacritty
+  ];
+
+  home-manager.users.me.xdg.configFile = let
+    inherit (import <niveum/lib>) colours;
+    colourNames = ["black" "red" "green" "yellow" "blue" "magenta" "cyan" "white"];
+    colourPairs = lib.getAttrs colourNames colours;
+  in {
+    "alacritty/alacritty.yml".source = (pkgs.formats.yaml {}).generate "alacritty.yml" {
+      background_opacity = 0.9;
+      colors = {
+        primary = {inherit (colours) background foreground;};
+        normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
+        bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
+      };
       font = {
         normal.family = "Monospace";
         size = 6;
       };
-      live_config_reload = true;
       key_bindings = [
         {
           key = "Plus";
@@ -29,34 +43,6 @@
           action = "ResetFontSize";
         }
       ];
-      colors = let
-        colourNames = ["black" "red" "green" "yellow" "blue" "magenta" "cyan" "white"];
-        colourPairs = lib.getAttrs colourNames theme;
-      in {
-        primary = {inherit (theme) background foreground;};
-        cursor = {inherit (theme) cursor;};
-        normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
-        bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
-      };
     };
-  alacritty-pkg = pkgs.symlinkJoin {
-    name = "alacritty";
-    paths = [
-      (pkgs.writeDashBin "alacritty" ''
-        ${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml "$@"
-      '')
-      pkgs.alacritty
-    ];
-  };
-in {
-  environment.variables.TERMINAL = "alacritty";
-
-  environment.systemPackages = [
-    alacritty-pkg
-  ];
-
-  environment.etc = {
-    "themes/dark/alacritty.yml".source = alacritty-cfg (import <niveum/lib/colours/ayu-dark.nix>);
-    "themes/light/alacritty.yml".source = alacritty-cfg (import <niveum/lib/colours/ayu-light.nix>);
   };
 }

configs/battery.nix

@@ -8,7 +8,7 @@
     acpi_call
   ];
   boot.kernelModules = ["tp_smapi" "acpi_call"];
-  environment.systemPackages = [pkgs.tpacpi-bat pkgs.powertop];
+  environment.systemPackages = [pkgs.tpacpi-bat];
 
   services.tlp = {
     enable = true;

configs/chromium.nix

@@ -7,7 +7,6 @@
       "cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
       "pjjgklgkfeoeiebjogplpnibpfnffkng" # undistracted
       "nhdogjmejiglipccpnnnanhbledajbpd" # vuejs devtools
-      "eimadpbcbfnmbkopoojfekhnkhdbieeh" # dark reader
     ];
   };
 

configs/cloud.nix

@@ -3,9 +3,7 @@
   lib,
   pkgs,
   ...
-}: let
-  inherit (import <niveum/lib>) tmpfilesConfig;
-in {
+}: {
   imports = [
     <niveum/modules/dropbox.nix>
   ];
@@ -14,45 +12,17 @@ in {
     dropbox.enable = false;
   };
 
-  systemd.tmpfiles.rules = map tmpfilesConfig [
-    {
-      type = "L+";
-      user = config.users.users.me.name;
-      group = "users";
-      mode = "0755";
-      argument = "${config.users.users.me.home}/cloud/Seafile/Wiki";
-      path = "${config.users.users.me.home}/notes";
-    }
-    {
-      type = "L+";
-      user = config.users.users.me.name;
-      group = "users";
-      mode = "0755";
-      argument = "${config.users.users.me.home}/cloud/Seafile/Uni";
-      path = "${config.users.users.me.home}/uni";
-    }
-    {
-      type = "L+";
-      user = config.users.users.me.name;
-      group = "users";
-      mode = "0755";
-      argument = "${config.users.users.me.home}/cloud/syncthing/common/mahlzeit";
-      path = "${config.users.users.me.home}/mahlzeit";
-    }
-  ];
+  system.activationScripts.home-symlinks = ''
+    ln -sfn ${config.users.users.me.home}/cloud/syncthing/common/mahlzeit ${config.users.users.me.home}/mahlzeit
+    ln -sfn ${config.users.users.me.home}/cloud/Seafile/Wiki ${config.users.users.me.home}/notes
+    ln -sfn ${config.users.users.me.home}/cloud/Seafile/Uni ${config.users.users.me.home}/uni
+  '';
 
   home-manager.users.me = {
-    services.gnome-keyring.enable = true;
     services.nextcloud-client = {
       enable = true;
       startInBackground = true;
     };
-    systemd.user.services.nextcloud-client = {
-      Unit = {
-        Wants = ["gnome-keyring.service"];
-        After = ["gnome-keyring.service"];
-      };
-    };
   };
 
   environment.systemPackages = [

configs/default.nix

@@ -79,6 +79,7 @@ in {
       hardware.pulseaudio = {
         enable = true;
         package = pkgs.pulseaudioFull;
+        extraModules = [pkgs.pulseaudio-modules-bt];
         # copy server:/run/pulse/.config/pulse/cookie to client:~/.config/pulse/cookie to authenticate a client machine
         zeroconf.discovery.enable = true;
         extraConfig = ''
@@ -143,8 +144,8 @@ in {
         wcd = "source ${wcd}";
         im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
         where = "source ${where}";
-        yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link
-        yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -xic"; # Download with audio
+        yt = "${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -ic"; # Download video link
+        yta = "${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -xic"; # Download with audio
       };
     }
     {i18n.defaultLocale = "en_DK.UTF-8";}
@@ -169,15 +170,13 @@ in {
     {
       security.wrappers = {
         pmount = {
-          setuid = true;
           owner = "root";
-          group = "root";
+          group = "users";
           source = "${pkgs.pmount}/bin/pmount";
         };
         pumount = {
-          setuid = true;
           owner = "root";
-          group = "root";
+          group = "users";
           source = "${pkgs.pmount}/bin/pumount";
         };
       };
@@ -245,7 +244,7 @@ in {
     ./polkit.nix
     ./power-action.nix
     ./printing.nix
-    # ./openweathermap.nix
+    ./openweathermap.nix
     ./wallpaper.nix
     ./redshift.nix
     ./retiolum.nix
@@ -256,13 +255,12 @@ in {
     ./sshd.nix
     ./sudo.nix
     ./sxiv.nix
-    ./themes.nix
+    ./theming.nix
     ./tmux.nix
     ./traadfri.nix
     ./unclutter.nix
     ./vscode.nix
     ./watson.nix
     ./zsh.nix
-    ./tor.nix
   ];
 }

configs/docker.nix

@@ -12,5 +12,5 @@
     ];
   };
   users.users.me.extraGroups = ["docker"];
-  environment.systemPackages = [pkgs.docker pkgs.docker-compose];
+  environment.systemPackages = [pkgs.docker pkgs.docker_compose];
 }

configs/fonts.nix

@@ -1,55 +1,42 @@
 {pkgs, ...}: {
   nixpkgs.config.joypixels.acceptLicense = true;
+
   fonts = {
     enableDefaultFonts = true;
     fontDir.enable = true;
     fonts = with pkgs; [
       alegreya
       alegreya-sans
-      amiri
-      annapurna-sil
-      cantarell-fonts
-      charis-sil
       corefonts
-      crimson
       eb-garamond
-      etBook
-      ezra-sil
       fira
-      font-awesome
-      galatia-sil
-      gentium
-      gfs-fonts
-      gyre-fonts
-      ia-writer-duospace
+      font-awesome-ttf
       ibm-plex
-      jetbrains-mono
-      joypixels
-      libertinus
-      libre-bodoni
+      inconsolata
+      iosevka
+      libertine
       lmodern
-      merriweather
-      ocr-a
+      noto-fonts
+      noto-fonts-cjk
+      noto-fonts-emoji
       roboto
       roboto-mono
       roboto-slab
-      scheherazade-new
       source-code-pro
-      source-sans-pro
       source-serif-pro
-      theano
+      source-sans-pro
+      ubuntu_font_family
+      gfs-fonts
+      jetbrains-mono
+      twemoji-color-font
+      joypixels
       tocharian-font
-      vistafonts
-      vollkorn
-      zilla-slab
-    ]; # google-fonts league-of-moveable-type
-    fontconfig.defaultFonts = let
-      emojiFont = "JoyPixels";
-    in {
-      monospace = ["JetBrains Mono" emojiFont];
-      serif = ["Merriweather"];
-      sansSerif = ["Cantarell" emojiFont];
-      emoji = [emojiFont];
+    ];
+    fontconfig.defaultFonts = {
+      monospace = ["JetBrains Mono" "JoyPixels"];
+      serif = ["Roboto Slab"];
+      sansSerif = ["Roboto" "Noto Sans"];
+      emoji = ["JoyPixels"];
     };
   };
 }

configs/git.nix

@@ -50,12 +50,12 @@ in {
         rebase.autoStash = true;
         merge.autoStash = true;
 
-        # # ref https://github.com/dandavison/delta
-        # core.pager = "${pkgs.delta}/bin/delta";
-        # interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";
-        # delta.navigate = true;
-        # merge.conflictStyle = "diff3";
-        # diff.colorMoved = "default";
+        # ref https://github.com/dandavison/delta
+        core.pager = "${pkgs.delta}/bin/delta";
+        interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";
+        delta.navigate = true;
+        merge.conflictStyle = "diff3";
+        diff.colorMoved = "default";
       };
     };
   };

configs/hledger.nix

@@ -5,17 +5,6 @@
 }: {
   imports = [<niveum/modules/hledger.nix>];
 
-  environment.systemPackages = let
-    timeLedger = "$HOME/projects/ledger/time.timeclock";
-  in [
-    (pkgs.writers.writeDashBin "hora-edit" ''
-      $EDITOR + "${timeLedger}" && ${pkgs.git}/bin/git -C "$(${pkgs.coreutils}/bin/dirname ${timeLedger})" commit --all --message "$(${pkgs.coreutils}/bin/date -Im)"
-    '')
-    (pkgs.writers.writeDashBin "hora" ''
-      ${pkgs.hledger}/bin/hledger -f "${timeLedger}" "$@"
-    '')
-  ];
-
   niveum.hledger = {
     enable = true;
     ledgerFile = "$HOME/projects/ledger/all.journal";

configs/i3.nix

@@ -34,7 +34,6 @@
       "devanagari" = pkgs.writers.writeDash "devanagari" ''
         ${pkgs.scripts.devanagari}/bin/devanagari
       '';
-      "avesta" = pkgs.writeScript "avesta" (builtins.readFile <niveum/packages/scripts/avesta.sed>);
       "curl" = pkgs.writers.writeDash "curl" ''
         ${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
       '';
@@ -248,9 +247,8 @@ in {
         "${modifier}+p" = "exec --no-startup-id ${pkgs.pass}/bin/passmenu -l 5";
         "${modifier}+u" = "exec ${pkgs.scripts.unicodmenu}/bin/unicodmenu";
 
-        "${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
         "${modifier}+F7" = "exec ${pkgs.scripts.showkeys-toggle}/bin/showkeys-toggle";
-        "${modifier}+F8" = "exec switch-theme toggle";
+        "${modifier}+F8" = "exec ${pkgs.xorg.xkill}/bin/xkill";
         "${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
         "${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
         "${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";

configs/keyboard.nix

@@ -4,20 +4,10 @@
   ...
 }: let
   commaSep = builtins.concatStringsSep ",";
-  languages = {
-    de = "T3";
-    gr = "polytonic";
-    ru = "phonetic";
-    ara = "buckwalter";
-  };
-  defaultLanguage = "de";
 in {
-  # man 7 xkeyboard-config
   services.xserver = {
-    layout = "de";
-    # T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png
-    # buckwalter: http://www.qamus.org/transliteration.htm
-    xkbVariant = "T3";
+    layout = commaSep ["de" "gr"];
+    xkbVariant = commaSep ["T3" "polytonic"];
     xkbOptions =
       commaSep ["compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle"];
     libinput.enable = true;
@@ -25,25 +15,6 @@ in {
 
   console.keyMap = "de";
 
-  environment.systemPackages =
-    lib.mapAttrsToList
-    (language: variant:
-      pkgs.writers.writeDashBin "kb-${language}" ''
-        ${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage},${language} ${languages.${defaultLanguage}},${variant}
-      '')
-    languages;
-
   # improve held key rate
   services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50";
-
-  systemd.user.services.gxkb = {
-    wantedBy = ["graphical-session.target"];
-    serviceConfig = {
-      SyslogIdentifier = "gxkb";
-      ExecStart = "${pkgs.gxkb}/bin/gxkb";
-      Restart = "always";
-      RestartSec = "15s";
-      StartLimitBurst = 0;
-    };
-  };
 }

configs/mpv.nix

@@ -18,10 +18,8 @@ in {
     programs.mpv = {
       enable = true;
       config = {
-        ytdl-format = "bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best";
         ytdl-raw-options = lib.concatStringsSep "," [''sub-lang="de,en"'' "write-sub=" "write-auto-sub="];
         screenshot-template = "%F-%wH%wM%wS-%#04n";
-        script-opts = "ytdl_hook-ytdl_path=${pkgs.yt-dlp}/bin/yt-dlp";
       };
       bindings = {
         "Alt+RIGHT" = "add video-rotate 90";

configs/neomutt.nix

@@ -47,20 +47,6 @@
     };
   };
 
-  accounts.work-admin = {
-    user = "dslalewa";
-    password = lib.strings.fileContents <secrets/mail/dslalewa>;
-    address = "admin.alew.vglsprwi@hu-berlin.de";
-    imap = "mailbox.cms.hu-berlin.de";
-    smtp = "mailhost.cms.hu-berlin.de";
-    smtpSettings = smtp: "smtp://${smtp}";
-    folders = {
-      drafts = "Drafts";
-      sent = "Sent";
-      trash = "Trash";
-    };
-  };
-
   accounts.work-fysi = rec {
     user = "kieran@fysi.tech";
     address = user;
@@ -145,7 +131,6 @@ in {
         application/pdf; ${pkgs.zathura}/bin/zathura %s ;
         application/pgp-encrypted; ${pkgs.gnupg}/bin/gpg -d '%s'; copiousoutput;
         application/pgp-keys; ${pkgs.gnupg}/bin/gpg --import '%s'; copiousoutput;
-        application/vnd.openxmlformats*; ${pkgs.libreoffice}/bin/soffice '%s';
       ''
     }:$mailcap_path
 

configs/networkmanager.nix

@@ -48,7 +48,7 @@ in {
 
   networking.networkmanager = {
     enable = true;
-    plugins = [
+    packages = [
       pkgs.networkmanager-openvpn
       pkgs.networkmanager-fortisslvpn
     ];

configs/newsboat.nix

@@ -5,7 +5,7 @@
 }: let
   ytdl-format = "'bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best'";
 
-  youtube-download = "${pkgs.ts}/bin/ts ${pkgs.yt-dlp}/bin/yt-dlp -f ${ytdl-format} --add-metadata";
+  youtube-download = "${pkgs.ts}/bin/ts ${pkgs.youtube-dl}/bin/youtube-dl -f ${ytdl-format} --add-metadata";
 
   newsboat-home = "${config.users.users.me.home}/cloud/Seafile/Documents/newsboat";
   linkhandler-bin = "${pkgs.scripts.linkhandler}/bin/linkhandler";

configs/packages.nix

@@ -8,6 +8,8 @@
   menstruation = pkgs.callPackage <menstruation-backend> {};
   pandoc-doc = pkgs.callPackage <niveum/packages/man/pandoc.nix> {};
 
+  nixpkgs-unstable = import <nixpkgs-unstable> {config.allowUnfree = true;};
+
   zoteroStyle = {
     name,
     sha256,
@@ -33,7 +35,7 @@
     })
   ];
 
-  astrolog = pkgs.astrolog.overrideAttrs (old:
+  astrolog = nixpkgs-unstable.astrolog.overrideAttrs (old:
     old
     // {
       installPhase = ''
@@ -71,7 +73,7 @@ in {
     whois
     dnsutils
     # FILE MANAGERS
-    lf
+    ranger
     pcmanfm
     # MEDIA
     ffmpeg
@@ -100,10 +102,10 @@ in {
     htmlq
     xsv # csv toolkit
     xmlstarlet # xml toolkit
-    man-pages
+    manpages
     posix_man_pages
     tree
-    exfat # to mount windows drives
+    fuse_exfat # to mount windows drives
     parallel # for parallel, since moreutils shadows task spooler
     ripgrep # better grep
     rlwrap
@@ -115,7 +117,7 @@ in {
     arandr # xrandr for noobs
     libnotify # for notify-send
     xclip # clipboard CLI
-    xdragon # drag and drop
+    dragon-drop # drag and drop
     xorg.xkill # kill by clicking
     audacity
     calibre
@@ -124,8 +126,8 @@ in {
     astrolog
     anki # flashcards
     jbofihe # lojbanic software
-    zoom-us # video conferencing
-    alejandra # nix formatter
+    nixpkgs-unstable.zoom-us # video conferencing
+    nixpkgs-unstable.alejandra # nix formatter
     pdfgrep # search in pdf
     pdftk # pdf toolkit
     mupdf
@@ -134,7 +136,7 @@ in {
     xournalpp # for annotating pdfs
     pdfpc # presenter console for pdf slides
     hc # print files as qr codes
-    yt-dlp
+    youtubeDL
     espeak
     bc # calculator
     pari # gp -- better calculator
@@ -159,7 +161,7 @@ in {
     scripts.vimv
     scripts.swallow # window swallowing
     scripts.literature-quote
-    jless # less(1) for json
+    scripts.nav # json navigation
     scripts.notetags
     scripts.booksplit
     scripts.dmenurandr
@@ -173,6 +175,7 @@ in {
     scripts.fkill
     scripts.wttr
     scripts.unicodmenu
+    scripts.horoscope
     scripts.closest
     scripts.trans
     scripts.mpv-radio
@@ -230,7 +233,7 @@ in {
     ]))
     python3Packages.poetry
 
-    html-tidy
+    htmlTidy
     nodePackages.csslint
     nodePackages.jsonlint
     nodePackages.prettier

configs/ssh.nix

@@ -5,7 +5,6 @@
   ...
 }: let
   inherit (import <niveum/lib>) sshPort kieran;
-  externalNetwork = import <niveum/lib/external-network.nix>;
 in {
   services.xserver.displayManager.sessionCommands = "${pkgs.openssh}/bin/ssh-add";
 
@@ -26,12 +25,7 @@ in {
         port = sshPort;
       };
       makanek = {
-        hostname = externalNetwork.makanek;
-        user = "root";
-        port = sshPort;
-      };
-      ful = {
-        hostname = externalNetwork.ful;
+        hostname = "makanek.r";
         user = "root";
         port = sshPort;
       };
@@ -45,6 +39,11 @@ in {
         user = "kfm";
         port = sshPort;
       };
+      toum = {
+        hostname = "toum.r";
+        user = "root";
+        port = sshPort;
+      };
       kabsa = {
         hostname = "kabsa.r";
         user = "kfm";
@@ -58,6 +57,10 @@ in {
         hostname = "135.181.85.233";
         user = "root";
       };
+      oracle = {
+        hostname = "130.61.171.199";
+        user = "ubuntu";
+      };
     };
   };
 }

configs/telegram-bots/astrology.nix

@@ -1,11 +1,9 @@
 {
-  config,
   pkgs,
   lib,
   ...
 }: let
-  unstable = import <nixos-unstable> {inherit (config.nixpkgs) config;};
-
+  nixpkgs-unstable = import <nixpkgs-unstable> {};
   toSymbols = pkgs.writers.writeDash "to-symbols" ''
     ${pkgs.gnused}/bin/sed '
       s/\bTri\b/△/;
@@ -44,7 +42,7 @@
   '';
 in {
   niveum.telegramBots.transits = {
-    enable = false;
+    enable = true;
     time = "*:0/1";
     token = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
     chatIds = ["-1001796440545"];
@@ -52,8 +50,8 @@ in {
       now=$(${pkgs.coreutils}/bin/date +%_H:%M | ${pkgs.gnused}/bin/sed 's/^\s*//')
       date=$(${pkgs.coreutils}/bin/date +'%m %d %Y')
       {
-        ${unstable.astrolog}/bin/astrolog -qd $date -zN Berlin -Yt -Yd -d -R Uranus Neptune Pluto "North Node"
-        ${unstable.astrolog}/bin/astrolog -Yt -Yd -q 10 22 1999 6:32 -zN Kassel -td $date -R Uranus Neptune Pluto "North Node"
+        ${nixpkgs-unstable.astrolog}/bin/astrolog -qd $date -zN Berlin -Yt -Yd -d -R Uranus Neptune Pluto "North Node"
+        ${nixpkgs-unstable.astrolog}/bin/astrolog -Yt -Yd -q 10 22 1999 6:32 -zN Kassel -td $date -R Uranus Neptune Pluto "North Node"
       } | ${toSymbols} | ${pkgs.coreutils}/bin/sort -n | ${pkgs.gnugrep}/bin/grep "^$now" || :
     '');
   };

configs/telegram-bots/autorenkalender.nix

@@ -20,12 +20,4 @@ in {
     parseMode = "Markdown";
     command = "${autorenkalender}/bin/autorenkalender";
   };
-
-  niveum.passport.services = [
-    {
-      title = "Autorenkalender";
-      description = "sends <a href=\"https://www.projekt-gutenberg.org/\">Projekt Gutenberg</a>'s anniversary information to Telegram.";
-      link = "https://t.me/Autorenkalender";
-    }
-  ];
 }

configs/telegram-bots/default.nix

@@ -26,30 +26,12 @@ in {
       inherit path;
     }) [reverseDirectory proverbDirectory];
 
-  niveum.passport.services = [
-    {
-      title = "Rückwarts-Bot";
-      link = "https://t.me/RueckwaertsBot";
-      description = "reverses things on Telegram.";
-    }
-    {
-      title = "BetaCode-Bot";
-      link = "https://t.me/BetaCodeBot";
-      description = "converts <a href=\"https://en.wikipedia.org/wiki/Beta_Code\">beta code</a> to polytonic Greek on Telegram.";
-    }
-    {
-      title = "Sprichwortgenerator-Bot";
-      link = "https://t.me/SprichwortGeneratorBot";
-      description = "generates useless German proverbs with optional stock photo background on Telegram.";
-    }
-  ];
-
   systemd.services.telegram-reverse = {
     wantedBy = ["multi-user.target"];
     description = "Telegram reverse bot";
     path = [pkgs.ffmpeg];
     environment.TELEGRAM_BOT_TOKEN = lib.strings.fileContents <system-secrets/telegram/reverse.token>;
-    enable = false;
+    enable = true;
     script = "${telebots}/bin/telegram-reverse";
     serviceConfig.Restart = "always";
     serviceConfig.WorkingDirectory = reverseDirectory;
@@ -59,7 +41,7 @@ in {
     wantedBy = ["multi-user.target"];
     description = "Telegram beta code bot";
     environment.TELEGRAM_BOT_TOKEN = lib.strings.fileContents <system-secrets/telegram/betacode.token>;
-    enable = false;
+    enable = true;
     script = "${telebots}/bin/telegram-betacode";
     serviceConfig.Restart = "always";
   };
@@ -68,7 +50,7 @@ in {
     wantedBy = ["multi-user.target"];
     description = "Telegram proverb bot";
     environment.TELEGRAM_BOT_TOKEN = lib.strings.fileContents <system-secrets/telegram/proverb.token>;
-    enable = false;
+    enable = true;
     script = "${telebots}/bin/telegram-proverb";
     serviceConfig.Restart = "always";
     serviceConfig.WorkingDirectory = proverbDirectory;

configs/telegram-bots/literature-quote.nix

@@ -14,11 +14,4 @@ in {
     command = "${literature-quote}/bin/literature-quote";
     parseMode = "Markdown";
   };
-
-  niveum.passport.services = [
-    {
-      title = "Literature quote bot";
-      description = "sends me and my friends three <a href=\"https://logotheca.xn--kiern-0qa.de/\">logotheca</a> quotes a day.";
-    }
-  ];
 }

configs/telegram-bots/nachtischsatan.nix

@@ -34,12 +34,4 @@ in {
     });
     serviceConfig.Restart = "always";
   };
-
-  niveum.passport.services = [
-    {
-      title = "Nachtischsatan-Bot";
-      link = "https://t.me/NachtischsatanBot";
-      description = "*flubberflubber*";
-    }
-  ];
 }

configs/telegram-bots/tlg-wotd.nix

@@ -17,12 +17,4 @@
     '');
     parseMode = "Markdown";
   };
-
-  niveum.passport.services = [
-    {
-      title = "Thesaurus Linguae Graecae Word of the Day";
-      description = "sends <a href=\"https://stephanus.tlg.uci.edu/\">TLG</a>'s word of the day to Telegram.";
-      link = "https://t.me/tlgwotd";
-    }
-  ];
 }

configs/themes.nix

@@ -1,82 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: let
-  switch-theme = pkgs.writers.writeDashBin "switch-theme" ''
-    set -efux
-    if [ "$1" = toggle ]; then
-      if [ "$(${pkgs.coreutils}/bin/cat /var/theme/current_theme)" = dark ]; then
-        ${placeholder "out"}/bin/switch-theme light
-      else
-        ${placeholder "out"}/bin/switch-theme dark
-      fi
-    elif test -e "/etc/themes/$1"; then
-      mkdir -p /var/theme/config
-      ${pkgs.rsync}/bin/rsync --chown=${config.users.users.me.name}:users -a --delete "/etc/themes/$1/" /var/theme/config/
-      echo "$1" > /var/theme/current_theme
-      ${pkgs.coreutils}/bin/chown ${config.users.users.me.name}:users /var/theme/current_theme
-      ${pkgs.xorg.xrdb}/bin/xrdb -merge /var/theme/config/xresources
-      ${pkgs.procps}/bin/pkill -HUP xsettingsd
-    else
-      echo "theme $1 not found"
-    fi
-  '';
-in {
-  systemd.services.xsettingsd = {
-    wantedBy = ["multi-user.target"];
-    after = ["display-manager.service"];
-    environment.DISPLAY = ":0";
-    serviceConfig = {
-      ExecStart = "${pkgs.xsettingsd}/bin/xsettingsd -c /var/theme/config/xsettings.conf";
-      User = config.users.users.me.name;
-      Restart = "always";
-      RestartSec = "15s";
-    };
-  };
-
-  systemd.tmpfiles.rules = [
-    "d /var/theme/ 755 ${config.users.users.me.name} users"
-  ];
-
-  environment.systemPackages = [
-    switch-theme
-    pkgs.capitaine-cursors
-  ];
-
-  home-manager.users.me = {
-    home.pointerCursor = {
-      name = "capitaine-cursors-white";
-      package = pkgs.capitaine-cursors;
-      size = 16;
-    };
-  };
-
-  environment.etc = {
-    "themes/light/xsettings.conf".text = ''
-      Net/ThemeName "Adwaita"
-    '';
-    "themes/light/xresources".text = ''
-      *background: #ffffff
-      *foreground: #000000
-    '';
-    "themes/dark/xsettings.conf".text = ''
-      Net/ThemeName "Adwaita-dark"
-    '';
-    "themes/dark/xresources".text = ''
-      *background: #000000
-      *foreground: #ffffff
-    '';
-  };
-
-  system.activationScripts.theme.text = ''
-    export DISPLAY=:0
-    if test -e /var/theme/current_theme; then
-      ${switch-theme}/bin/switch-theme "$(cat /var/theme/current_theme)" ||
-      ${switch-theme}/bin/switch-theme dark
-    else
-      ${switch-theme}/bin/switch-theme dark
-    fi
-  '';
-}

configs/theming.nix

@@ -23,11 +23,6 @@ in {
       enable = true;
       platformTheme = "gtk";
     };
-    home.pointerCursor =
-      theme.cursor
-      // {
-        size = 16;
-        x11.enable = true;
-      };
+    xsession.pointerCursor = theme.cursor // {size = 16;};
   };
 }

configs/tor.nix

@@ -1,4 +1,4 @@
-{pkgs, ...}: {
+{
   services.tor.enable = true;
-  environment.systemPackages = [pkgs.tor];
+  services.tor.torsocks.enable = true;
 }

flake.lock

@@ -2,11 +2,11 @@
   "nodes": {
     "flake-utils": {
       "locked": {
-        "lastModified": 1653893745,
-        "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
+        "lastModified": 1648297722,
+        "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
+        "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade",
         "type": "github"
       },
       "original": {
@@ -18,20 +18,20 @@
     "home-manager": {
       "inputs": {
         "nixpkgs": [
-          "nixos-unstable"
+          "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1654113406,
-        "narHash": "sha256-70esZvhal+FsyU89mJRcAb+cDGHKt0sgZ6MlRr9Cplg=",
+        "lastModified": 1647175256,
+        "narHash": "sha256-7H+veXPM7IwdN1DoZqliwb9sghlN56koV5dnCu1kpsc=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "684e85d01d333be91c4875baebb05b93c7d2ffaa",
+        "rev": "a8d00f5c038cf7ec54e7dac9c57b171c1217f008",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "master",
+        "ref": "release-21.11",
         "repo": "home-manager",
         "type": "github"
       }
@@ -42,7 +42,7 @@
           "flake-utils"
         ],
         "nixpkgs": [
-          "nixos-stable"
+          "nixpkgs"
         ]
       },
       "locked": {
@@ -62,11 +62,11 @@
     "menstruation-backend": {
       "flake": false,
       "locked": {
-        "lastModified": 1649545504,
-        "narHash": "sha256-TVm3246ML7gWPeGm+bdb+Qo8o/7nve7sQ2hBdCZm3z8=",
+        "lastModified": 1634573652,
+        "narHash": "sha256-FIj8oCOJO+Wqxr2o5MMqIShvzMJud4iUq3o8y4NIRvw=",
         "owner": "kmein",
         "repo": "menstruation.rs",
-        "rev": "d9f3c6d53542fd7c7ed191e37cf4e342d4a47bcb",
+        "rev": "dd405fe2acf32441e8ac56e488e689bb1c4bea82",
         "type": "github"
       },
       "original": {
@@ -96,7 +96,7 @@
       "locked": {
         "lastModified": 1554228333,
         "narHash": "sha256-hG/PlcCvCQhNcU55NpHfATkyH9k6cZmO7uvBoJjasXU=",
-        "ref": "refs/heads/master",
+        "ref": "master",
         "rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71",
         "revCount": 32,
         "type": "git",
@@ -107,34 +107,34 @@
         "url": "https://cgit.krebsco.de/nix-writers"
       }
     },
-    "nixos-stable": {
+    "nixpkgs": {
       "locked": {
-        "lastModified": 1654275867,
-        "narHash": "sha256-pt14ZE4jVPGvfB2NynGsl34pgXfOqum5YJNpDK4+b9E=",
+        "lastModified": 1647992509,
+        "narHash": "sha256-AG40Nt5OWz0LBs5p457emOuwLKOvTtcv/2fUdnEN3Ws=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "7a20c208aacf4964c19186dcad51f89165dc7ed0",
+        "rev": "d2caa9377539e3b5ff1272ac3aa2d15f3081069f",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-22.05",
+        "ref": "nixos-21.11",
         "repo": "nixpkgs",
         "type": "github"
       }
     },
-    "nixos-unstable": {
+    "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1654230545,
-        "narHash": "sha256-8Vlwf0x8ow6pPOK2a04bT+pxIeRnM1+O0Xv9/CuDzRs=",
+        "lastModified": 1648337267,
+        "narHash": "sha256-8DRg8UDvs63iaIaHEbWG7/lnD9ImQlMNsTZMY3PvFLc=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "236cc2971ac72acd90f0ae3a797f9f83098b17ec",
+        "rev": "6de161729c81dc98e844793cc9c8fda29d5ef62a",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-unstable",
+        "ref": "master",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -158,11 +158,11 @@
     "retiolum": {
       "flake": false,
       "locked": {
-        "lastModified": 1653896694,
-        "narHash": "sha256-c37fCbsOydJQoiE4l81hltJLF9BkKowrlhEjVc8e3iQ=",
+        "lastModified": 1647444524,
+        "narHash": "sha256-N4T1UXLkYJMQqk65LkTDpW70ujXXeZ9xe5k+LOpznAI=",
         "owner": "krebs",
         "repo": "retiolum",
-        "rev": "ac9e1d5b02c5667ba12aa6d6ab077cc071ffc2f4",
+        "rev": "de6d7dc9bd671e65f2ee3004b6807625e7553e84",
         "type": "github"
       },
       "original": {
@@ -179,8 +179,8 @@
         "menstruation-backend": "menstruation-backend",
         "menstruation-telegram": "menstruation-telegram",
         "nix-writers": "nix-writers",
-        "nixos-stable": "nixos-stable",
-        "nixos-unstable": "nixos-unstable",
+        "nixpkgs": "nixpkgs",
+        "nixpkgs-unstable": "nixpkgs-unstable",
         "recht": "recht",
         "retiolum": "retiolum",
         "scripts": "scripts",
@@ -194,11 +194,11 @@
     "scripts": {
       "flake": false,
       "locked": {
-        "lastModified": 1654020832,
-        "narHash": "sha256-05V38z3cr+qYis46nDieIliA8XFBmRp6e2VSCkoFb40=",
+        "lastModified": 1648314795,
+        "narHash": "sha256-hGIXkAcGiJnVXnl8kigZpI3VFrLmAr2+yr85hi5JwP0=",
         "owner": "kmein",
         "repo": "scripts",
-        "rev": "e6b49aefe2470245bf7c4c6aaa83c1a1ce75501a",
+        "rev": "d1d525b92a34e55b1ad886807c284106e58716b2",
         "type": "github"
       },
       "original": {
@@ -210,11 +210,11 @@
     "stockholm": {
       "flake": false,
       "locked": {
-        "lastModified": 1653851789,
-        "narHash": "sha256-KMw9DS40WKHdQti0nwHQguKgIQJ+yexT2wBAfYskCps=",
-        "ref": "refs/heads/master",
-        "rev": "4a9f93e8933d87ce8f04965b2772564527f1e2fd",
-        "revCount": 10604,
+        "lastModified": 1648214990,
+        "narHash": "sha256-rptATGq+jcpL+P+Cr6d3OajV6zYkbHPWlt3aQNZI2TY=",
+        "ref": "master",
+        "rev": "ae9c0b12710b5361d0d45510eb401eebfc1b3fb0",
+        "revCount": 10497,
         "type": "git",
         "url": "https://cgit.lassul.us/stockholm"
       },
@@ -242,11 +242,11 @@
     "tinc-graph": {
       "flake": false,
       "locked": {
-        "lastModified": 1653080212,
-        "narHash": "sha256-BcfppAuVNp0hMcrMG/ZxE4juSrdQbJSUIA0eHS1/Wxo=",
+        "lastModified": 1639820904,
+        "narHash": "sha256-d4s2PulBGIIQXtX7blZz+Wnmij5dK/IrBcilNGjqZC4=",
         "owner": "kmein",
         "repo": "tinc-graph",
-        "rev": "ea0ef2e5542684d1d8e34a626cb9295dec33e70d",
+        "rev": "1b9c69ffdbdab82d30a23e44f739feea63d94163",
         "type": "github"
       },
       "original": {

flake.nix

@@ -2,17 +2,16 @@
   description = "niveum: packages, modules, systems";
 
   inputs = {
-    nixos-stable.url = "github:NixOS/nixpkgs/nixos-22.05";
-    nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
-
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.11";
+    nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
     flake-utils.url = "github:numtide/flake-utils";
     home-manager = {
-      url = "github:nix-community/home-manager/master";
-      inputs.nixpkgs.follows = "nixos-unstable";
+      url = "github:nix-community/home-manager/release-21.11";
+      inputs.nixpkgs.follows = "nixpkgs";
     };
     krops = {
       url = "github:Mic92/krops";
-      inputs.nixpkgs.follows = "nixos-stable";
+      inputs.nixpkgs.follows = "nixpkgs";
       inputs.flake-utils.follows = "flake-utils";
     };
 
@@ -71,8 +70,8 @@
     menstruation-backend,
     menstruation-telegram,
     nix-writers,
-    nixos-unstable,
-    nixos-stable,
+    nixpkgs,
+    nixpkgs-unstable,
     recht,
     retiolum,
     scripts,
@@ -83,12 +82,8 @@
     tuna,
   } @ inputs: let
     system = "x86_64-linux";
-    pkgs = nixos-stable.legacyPackages.${system};
-    source = {
-      sources,
-      unstable,
-      name,
-    }:
+    pkgs = nixpkgs.legacyPackages.${system};
+    source = name:
       {
         niveum.file = toString ./.;
         nixos-config.symlink = "niveum/systems/${name}/configuration.nix";
@@ -100,53 +95,31 @@
           dir = toString ~/.password-store;
           name = "shared";
         };
-        nixpkgs.file = toString (
-          if unstable
-          then inputs.nixos-unstable
-          else inputs.nixos-stable
-        );
       }
-      // nixos-stable.lib.mapAttrs' (name: value: {
+      // nixpkgs.lib.mapAttrs' (name: value: {
         inherit name;
         value.file = toString value;
-      }) (nixos-stable.lib.filterAttrs (name: _: builtins.elem name sources) inputs);
+      }) (nixpkgs.lib.filterAttrs (name: _: !builtins.elem name ["flake-utils" "krops" "self"]) inputs);
     deployScriptFor = {
       name,
-      user ? "root",
       host,
-      unstable ? false,
-      sshPort ? (import ./lib/default.nix).sshPort,
-      sources,
-    }:
+    }: let
+      inherit (import ./lib/default.nix) sshPort;
+    in
       toString (krops.packages.${system}.writeDeploy "deploy-${name}" {
-        source = krops.lib.evalSource [(source {inherit sources unstable name;})];
-        target = "${user}@${host}:${toString sshPort}";
+        source = krops.lib.evalSource [(source name)];
+        target = "root@${host}:${toString sshPort}";
       });
   in {
     apps.${system} = let
       forSystems = f: builtins.listToAttrs (map f (builtins.attrNames (builtins.readDir ./systems)));
-      externalNetwork = import ./lib/external-network.nix;
       deployScripts = forSystems (name: {
         name = "deploy-${name}";
         value = {
           type = "app";
           program = deployScriptFor {
             inherit name;
-            host =
-              if externalNetwork ? name
-              then externalNetwork.${name}
-              else "${name}.r";
-            unstable = name == "kabsa" || name == "manakish";
-            sources =
-              ["nix-writers" "nixpkgs" "retiolum" "stockholm"]
-              ++ {
-                zaatar = ["traadfri"];
-                ful = [];
-                kabsa = ["traadfri" "nixos-unstable" "home-manager" "menstruation-backend" "recht"];
-                manakish = ["traadfri" "nixos-unstable" "home-manager" "menstruation-backend" "recht"];
-                makanek = ["nixos-unstable" "menstruation-telegram" "menstruation-backend" "scripts" "telebots" "tinc-graph"];
-              }
-              .${name};
+            host = "${name}.r";
           };
         };
       });

lib/colours/ayu-dark.nix

@@ -1,37 +0,0 @@
-{
-  black = {
-    dark = "#000000";
-    bright = "#323232";
-  };
-  red = {
-    dark = "#ff3333";
-    bright = "#ff6565";
-  };
-  green = {
-    dark = "#b8cc52";
-    bright = "#e9fe83";
-  };
-  yellow = {
-    dark = "#e6c446";
-    bright = "#fff778";
-  };
-  blue = {
-    dark = "#36a3d9";
-    bright = "#68d4ff";
-  };
-  magenta = {
-    dark = "#f07078";
-    bright = "#ffa3aa";
-  };
-  cyan = {
-    dark = "#95e5cb";
-    bright = "#c7fffc";
-  };
-  white = {
-    dark = "#ffffff";
-    bright = "#ffffff";
-  };
-  background = "#0e1419";
-  foreground = "#e5e1cf";
-  cursor = "#f19618";
-}

lib/colours/ayu-light.nix

@@ -1,37 +0,0 @@
-{
-  black = {
-    dark = "#000000";
-    bright = "#323232";
-  };
-  red = {
-    dark = "#ff3333";
-    bright = "#ff6565";
-  };
-  green = {
-    dark = "#86b200";
-    bright = "#b8e532";
-  };
-  yellow = {
-    dark = "#f19618";
-    bright = "#ffc849";
-  };
-  blue = {
-    dark = "#41a6d9";
-    bright = "#73d7ff";
-  };
-  magenta = {
-    dark = "#f07078";
-    bright = "#ffa3aa";
-  };
-  cyan = {
-    dark = "#4cbe99";
-    bright = "#7ff0cb";
-  };
-  white = {
-    dark = "#ffffff";
-    bright = "#ffffff";
-  };
-  background = "#fafafa";
-  foreground = "#5b6673";
-  cursor = "#ff6900";
-}

lib/default-applications.nix

@@ -1,5 +1,5 @@
 pkgs: rec {
-  terminal = "alacritty";
+  terminal = "${pkgs.alacritty}/bin/alacritty";
   browser = "${pkgs.brave}/bin/brave";
   fileManager = "${terminal} -e ${pkgs.ranger}/bin/ranger";
 }

lib/default.nix

@@ -28,7 +28,7 @@ rec {
   serveHtml = file: pkgs: ''
     default_type "text/html";
     root ${
-      pkgs.linkFarm "www" [
+      pkgs.linkFarm "fahrplan" [
         {
           name = "index.html";
           path = file;

lib/external-network.nix

@@ -1,4 +0,0 @@
-{
-  ful = "130.61.217.114";
-  makanek = "88.99.83.173";
-}

lib/radio-news.html

@@ -47,7 +47,7 @@
       }
     </style>
     <script>
-      const newsEndpoint = "http://radio-news.r";
+      const newsEndpoint = "http://prism.r:7999";
 
       function isoString(date) {
         return date.toISOString().slice(0, -5) + "Z";
@@ -103,28 +103,15 @@
         request.open("POST", newsEndpoint, false); // synchronous
         request.send(
           JSON.stringify({
-            from: formData.get("from") + ":00Z",
-            to: formData.get("to") + ":00Z",
+            from: isoString(new Date(formData.get("from"))),
+            to: isoString(new Date(formData.get("to"))),
             text: formData.get("text"),
           })
         );
         location.reload();
       }
 
-      function setDate() {
-        let now = new Date();
-        document.getElementById("time-from").value = now
-          .toISOString()
-          .slice(0, 16);
-
-        now.setHours(now.getHours() + 1);
-        document.getElementById("time-to").value = now
-          .toISOString()
-          .slice(0, 16);
-      }
-
       window.onload = () => {
-        setDate();
         setNextNews();
         fetchNews();
       };
@@ -135,10 +122,10 @@
       <section>
         <h1>Submit news</h1>
         <form onsubmit="sendNews(event)">
-          <label>Start date (UTC)</label>
-          <input type="datetime-local" id="time-from" name="from" required />
-          <label>End date (UTC)</label>
-          <input type="datetime-local" id="time-to" name="to" required />
+          <label>Start date</label>
+          <input type="datetime-local" name="from" required />
+          <label>End date</label>
+          <input type="datetime-local" name="to" required />
           <label>News text</label>
           <textarea name="text" rows="10" required></textarea>
           <input type="submit" />

lib/retiolum-network.nix

@@ -4,11 +4,6 @@
     ipv6 = "42:0:3c46:861f:a118:8e9a:82c9:3d";
   };
 
-  ful = {
-    ipv4 = "10.243.2.107";
-    ipv6 = "42:0:3c46:2c8b:a564:1213:9fb4:1bc4";
-  };
-
   zaatar = {
     ipv4 = "10.243.2.34";
     ipv6 = "42:0:3c46:156e:10b6:3bd6:6e82:b2cd";

modules/passport.nix

@@ -1,135 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: let
-  cfg = config.niveum.passport;
-  sortOn = a: lib.sort (as1: as2: lib.lessThan (lib.getAttr a as1) (lib.getAttr a as2));
-  css = ''
-    body {
-      margin: 0;
-      font-family: "Fira Sans Condensed", sans-serif;
-    }
-
-    main {
-      margin: 0 auto;
-      display: grid;
-      grid-template-columns: 1fr 3fr;
-      grid-gap: 2em;
-    }
-    @media only screen and (max-width: 768px) {
-      main {
-        grid-template-columns: 1fr;
-      }
-    }
-
-    footer, section {
-      padding: 1em;
-    }
-
-    footer {
-      text-align: center;
-    }
-
-    dl {
-      border: 3px double #ccc;
-      padding: 0.5em;
-    }
-    dt {
-      float: left;
-      clear: left;
-      width: 200px;
-      text-align: right;
-      font-weight: bold;
-      margin-right: 1em;
-      margin-bottom: 1em;
-    }
-    dd {
-      margin: 0 0 0 110px;
-      padding: 0 0 0.5em 0;
-      margin-bottom: 1em;
-    }
-  '';
-in
-  with lib; {
-    options.niveum.passport = {
-      enable = mkEnableOption "server passport";
-
-      introductionHTML = mkOption {type = types.str;};
-
-      virtualHost = mkOption {
-        type = types.str;
-      };
-
-      services = mkOption {
-        type = types.listOf (types.submodule {
-          options = {
-            title = mkOption {type = types.str;};
-            link = mkOption {
-              type = types.nullOr types.str;
-              default = null;
-            };
-            description = mkOption {
-              type = types.str;
-              default = "";
-            };
-          };
-        });
-        default = [];
-      };
-    };
-
-    config = mkIf cfg.enable {
-      services.nginx.enable = true;
-
-      services.nginx.virtualHosts."${cfg.virtualHost}".locations."/passport".extraConfig = ''
-        default_type "text/html";
-        root ${
-          pkgs.linkFarm "www" [
-            {
-              name = "passport/index.html";
-              path = pkgs.writeText "index.html" ''
-                <!doctype html>
-                <head>
-                  <meta charset="utf-8">
-                  <meta name="viewport" content="width=device-width, initial-scale=1">
-                  <title>${config.networking.hostName} passport</title>
-                  <style>${css}</style>
-                </head>
-                <body>
-                  <main>
-                    <section id="server">
-                    <h1>${config.networking.hostName}</h1>
-                    ${cfg.introductionHTML}
-                    </section>
-
-                    <section id="services">
-                    <h2>Services</h2>
-                    <dl>
-                    ${lib.strings.concatMapStringsSep "\n" (service: ''
-                  <dt>
-                  ${lib.optionalString (service.link != null) "<a href=\"${service.link}\">"}
-                  ${service.title}
-                  ${lib.optionalString (service.link != null) "</a>"}
-                  </dt>
-                  <dd>
-                  ${service.description}
-                  </dd>
-                '') (sortOn "title" cfg.services)}
-                    </dl>
-                    </section>
-                  </main>
-
-                  <footer>
-                    <tt>${config.networking.hostName}</tt> is part of the <i><a href="https://github.com/kmein/niveum/tree/master/systems/${config.networking.hostName}">niveum</a></i> network.
-                  </footer>
-                </body>
-              '';
-            }
-          ]
-        };
-        index index.html;
-      '';
-    };
-  }

packages/gfs-fonts.nix

@@ -39,15 +39,5 @@ in
       GFS_Pyrsos = "0y0dv7y3n01bbhhnczflx1zcc7by56cffmr2xqixj2rd1nvchx0j";
       GFS_Solomos = "1mpx9mw566awvfjdfx5sbz3wz5gbnjjw56gz30mk1lw06vxf0dxz";
       GFS_Theokritos = "0haasx819x8c8yvna6pqywgi4060av2570jm34cddnz1fgnhv1b8";
-      # Heraklit
-      # Galatea
-      # Georgiou
-      # Ambrosia
-      # Fleischman
-      # Eustace
-      # Nicefore
-      # Jackson
-      # Garaldus
-      # Ignacio
     };
   }

packages/man/pandoc.nix

@@ -10,7 +10,7 @@ stdenv.mkDerivation {
   src = fetchgit {
     url = "https://github.com/jgm/pandoc";
     rev = pandoc.version;
-    sha256 = "sha256-AY9GarrU7PBFgoYxqQkE2ghoUy7+0Gu6/Mwa+fdQM2U=";
+    sha256 = "0s4mczbql35wh6bhyi542yln24f530rlsw6akcv7lmp083rrlpy4";
   };
   buildPhase = ''
     mkdir -p $out/man/man1

packages/scripts/avesta.sed

@@ -1,54 +0,0 @@
-#!/usr/bin/env -S sed -f
-s/ā̊/𐬃/g
-s/t̰/𐬝/g
-s/ṣ̌/𐬴/g
-s/š́/𐬳/g
-s/ą̄/𐬅/g
-s/ŋᵛ/𐬤/g
-s/ə̄/𐬇/g
-s/ŋ́/𐬣/g
-s/x́/𐬒/g
-s/xᵛ/𐬓/g
-s/a/𐬀/g
-s/ā/𐬁/g
-s/å/𐬂/g
-s/ą/𐬄/g
-s/ə/𐬆/g
-s/e/𐬈/g
-s/ē/𐬉/g
-s/o/𐬊/g
-s/ō/𐬋/g
-s/i/𐬌/g
-s/ī/𐬍/g
-s/u/𐬎/g
-s/ū/𐬏/g
-s/k/𐬐/g
-s/x/𐬑/g
-s/g/𐬔/g
-s/ġ/𐬕/g
-s/γ/𐬖/g
-s/c/𐬗/g
-s/j/𐬘/g
-s/t/𐬙/g
-s/θ/𐬚/g
-s/d/𐬛/g
-s/δ/𐬜/g
-s/p/𐬞/g
-s/f/𐬟/g
-s/b/𐬠/g
-s/β/𐬡/g
-s/ŋ/𐬢/g
-s/n/𐬥/g
-s/ń/𐬦/g
-s/ṇ/𐬧/g
-s/m/𐬨/g
-s/m̨/𐬩/g
-s/ẏ/𐬫/g
-s/y/𐬪/g
-s/v/𐬬/g
-s/r/𐬭/g
-s/s/𐬯/g
-s/z/𐬰/g
-s/š/𐬱/g
-s/ž/𐬲/g
-s/h/𐬵/g

packages/scripts/default.nix

@@ -117,7 +117,7 @@ in
       '';
 
     tag = wrapScript {
-      packages = [pkgs.vorbis-tools pkgs.python3Packages.eyeD3 opustags];
+      packages = [pkgs.vorbisTools pkgs.python3Packages.eyeD3 opustags];
       script = "${voidrice}/.local/bin/tag";
       name = "tag";
     };
@@ -307,11 +307,16 @@ in
       packages = [pkgs.xdo];
     };
 
-    ipa = wrapScript {
-      script = ./ipa.py;
-      name = "ipa";
-      packages = [pkgs.python3];
-    };
+    ipa =
+      pkgs.writers.writeHaskellBin "ipa" {
+        libraries = with pkgs; [haskellPackages.text haskellPackages.ipa];
+      } ''
+        import Data.Maybe (fromJust)
+        import Language.IPA
+        import qualified Data.Text as T
+        import qualified Data.Text.IO as T
+        main = T.interact (T.unwords . map (unIPA . fromJust . (xSampaToIpa =<<) . mkXSampa) . T.words)
+      '';
 
     default-gateway = pkgs.writers.writeDashBin "default-gateway" ''
       ${pkgs.iproute}/bin/ip -json route | ${pkgs.jq}/bin/jq --raw-output '.[0].gateway'

packages/scripts/mushakkil.sh

@@ -1,6 +0,0 @@
-#!/bin/sh
-curl -sSL 'https://diac.alsharekh.org/Diac/DiacText' \
-  -H "Content-Type: application/json" \
-  --data-raw "$(jq --raw-input '{word: ., type: 1}')" \
-  --compressed \
-  | jq -r .diacWord

packages/scripts/pls.nix

@@ -39,12 +39,6 @@
     "make it stooop"
     "noooo"
   ];
-
-  messages.neutral = [
-    "meh"
-    "i have no opinion about this song"
-    "idk man"
-  ];
 in
   pkgs.writers.writeDashBin "pls" ''
     case "$1" in
@@ -56,9 +50,6 @@ in
         ${pkgs.curl}/bin/curl -sS -XPOST "${playlistAPI}/skip"
         echo ${lib.escapeShellArg (lib.concatStringsSep "\n" messages.bad)} | shuf -n1 | ${sendIRC}
       ;;
-      0|meh|neutral)
-        echo ${lib.escapeShellArg (lib.concatStringsSep "\n" messages.neutral)} | shuf -n1 | ${sendIRC}
-      ;;
       say|msg)
         shift
         echo "$@" | ${sendIRC}

packages/scripts/unicodmenu.nix

@@ -75,9 +75,8 @@
 in
   # ref https://github.com/LukeSmithxyz/voidrice/blob/9fe6802122f6e0392c7fe20eefd30437771d7f8e/.local/bin/dmenuunicode
   writers.writeDashBin "unicodmenu" ''
-    history_file=$HOME/.cache/unicodmenu
     PATH=${lib.makeBinPath [coreutils dmenu gnused libnotify xclip xdotool]}
-    chosen=$(cat "$history_file" ${kaomoji-file} ${unicode-file} | dmenu -p unicode -i -l 10 | tee --append "$history_file" | sed "s/    .*//")
+    chosen=$(cat ${kaomoji-file} ${unicode-file} | dmenu -p unicode -i -l 10 | sed "s/    .*//")
 
     [ "$chosen" != "" ] || exit
 

systems/ful/configuration.nix

@@ -1,48 +0,0 @@
-{
-  lib,
-  config,
-  pkgs,
-  ...
-}: let
-  inherit (import <niveum/lib>) kieran retiolumAddresses;
-in {
-  imports = [
-    ./hardware-configuration.nix
-    # <niveum/configs/monitoring.nix>
-    <niveum/configs/nix.nix>
-    <niveum/configs/save-space.nix>
-    <niveum/configs/spacetime.nix>
-    <niveum/configs/sshd.nix>
-    <niveum/modules/retiolum.nix>
-  ];
-
-  nix.nixPath = ["/var/src"];
-
-  networking = {
-    firewall.allowedTCPPorts = [80 443];
-    hostName = "ful";
-    interfaces.enp0s3.useDHCP = true;
-    retiolum = retiolumAddresses.ful;
-    useDHCP = false;
-  };
-
-  system.stateVersion = "21.11";
-
-  services.nginx = {
-    enable = true;
-    recommendedGzipSettings = true;
-    recommendedOptimisation = true;
-    recommendedProxySettings = true;
-    recommendedTlsSettings = true;
-    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
-  };
-
-  security.acme = {
-    acceptTerms = true;
-    email = kieran.email;
-  };
-
-  users.users.root.passwordFile = toString <system-secrets/root.password>;
-
-  environment.systemPackages = [pkgs.vim pkgs.git pkgs.tmux pkgs.python3];
-}

systems/ful/hardware-configuration.nix

@@ -1,40 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: {
-  imports = [<nixpkgs/nixos/modules/profiles/qemu-guest.nix>];
-
-  boot = {
-    loader = {
-      systemd-boot = {
-        enable = true;
-        configurationLimit = 1;
-      };
-      efi.canTouchEfiVariables = true;
-    };
-    initrd = {
-      availableKernelModules = ["virtio_pci" "usbhid"];
-    };
-    kernelModules = [
-      "console=ttyS0"
-      "console=tty1"
-      "nvme.shutdown_timeout=10"
-      "libiscsi.debug_libiscsi_eh=1"
-    ];
-    extraModulePackages = [];
-  };
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/9bf751c7-cf32-49fb-9354-17694c7a46e0";
-    fsType = "ext4";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/7817-285D";
-    fsType = "vfat";
-  };
-
-  swapDevices = [];
-}

systems/makanek/configuration.nix

@@ -31,7 +31,6 @@ in {
     <niveum/configs/sshd.nix>
     <niveum/configs/telegram-bots>
     <niveum/modules/retiolum.nix>
-    <niveum/modules/passport.nix>
   ];
 
   services.restic.backups.niveum = {
@@ -53,30 +52,6 @@ in {
     ];
   };
 
-  niveum.passport = {
-    enable = true;
-    introductionHTML = ''
-      <p>
-      The machine <tt>makanek</tt> is named after a Levantine type of <a href="https://en.wikipedia.org/wiki/Makanek">sausage</a> (مقانق <i>maqāniq</i>).
-      </p>
-      <p>
-      It runs on <a href="https://www.hetzner.com/cloud">Hetzner cloud</a>.
-      </p>
-      <figure>
-        <img width="200" src="https://www.albawaba.com/sites/default/files/2019-08/makanek-BeFunky-project.jpg" alt="Makanek sausages"/>
-        <figcaption>Makanek</figcaption>
-      </figure>
-    '';
-    virtualHost = "makanek.r";
-
-    services = [
-      {
-        title = "restic backup";
-        description = "This machine backups its state via restic backup.";
-      }
-    ];
-  };
-
   nix.nixPath = ["/var/src"];
 
   networking = {

systems/makanek/gitea.nix

@@ -1,25 +1,13 @@
-let
-  inherit (import <niveum/lib>) sshPort;
-  domain = "https://code.kmein.de";
-in {
+{
   services.gitea = {
     enable = true;
     disableRegistration = true;
-    rootUrl = domain;
+    rootUrl = "https://code.kmein.de";
     appName = "code.kmein.de";
-    ssh.clonePort = sshPort;
   };
   services.nginx.virtualHosts."code.kmein.de" = {
     forceSSL = true;
     enableACME = true;
     locations."/".extraConfig = "proxy_pass http://localhost:3000;";
   };
-
-  niveum.passport.services = [
-    {
-      link = domain;
-      title = "Gitea";
-      description = "hosts a couple of <tt>git</tt> repos. Registration is disabled.";
-    }
-  ];
 }

systems/makanek/hardware-configuration.nix

@@ -17,7 +17,6 @@
       enable = true;
       version = 2;
       devices = ["/dev/sda"];
-      configurationLimit = 3;
     };
   };
 

systems/makanek/hedgedoc.nix

@@ -5,9 +5,11 @@
 }: let
   backupLocation = "/var/lib/codimd-backup";
   stateLocation = "/var/lib/codimd/state.sqlite";
+  nixpkgs-unstable = import <nixpkgs-unstable> {};
   domain = "pad.kmein.de";
-  inherit (import <niveum/lib>) tmpfilesConfig;
 in {
+  imports = [<stockholm/krebs/3modules/permown.nix>];
+
   services.nginx.virtualHosts.${domain} = {
     enableACME = true;
     forceSSL = true;
@@ -47,28 +49,16 @@ in {
     };
   };
 
-  niveum.passport.services = [
-    {
-      title = "Hedgedoc";
-      link = "https://${domain}";
-      description = "lets you collaborate on Markdown documents.";
-    }
-  ];
-
-  systemd.tmpfiles.rules = [
-    (tmpfilesConfig {
-      user = "codimd";
-      group = "codimd";
-      mode = "0755";
-      type = "d";
-      path = backupLocation;
-    })
-  ];
+  krebs.permown.${backupLocation} = {
+    owner = "codimd";
+    group = "codimd";
+    umask = "0002";
+  };
 
   systemd.services.hedgedoc-backup = {
     description = "Hedgedoc backup service";
     script = ''
-      ${pkgs.sqlite}/bin/sqlite3 -json ${stateLocation} "select shortid, alias, ownerId, content from Notes" \
+      ${nixpkgs-unstable.sqlite}/bin/sqlite3 -json ${stateLocation} "select shortid, alias, ownerId, content from Notes" \
       | ${
         pkgs.writers.writePython3 "hedgedoc-json-to-fs.py" {} ''
           import json

systems/makanek/matterbridge.nix

@@ -4,16 +4,16 @@
   ...
 }: {
   services.matterbridge = {
-    enable = false;
+    enable = true;
     configPath = let
-      bridgeBotToken = lib.strings.fileContents <system-secrets/telegram/krebs.token>;
+      bridgeBotToken = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
     in
       toString ((pkgs.formats.toml {}).generate "config.toml" {
         general = {
           RemoteNickFormat = "[{NICK}] ";
           Charset = "utf-8";
         };
-        telegram.krebs.Token = bridgeBotToken;
+        telegram.kmein.Token = bridgeBotToken;
         irc = let
           Nick = "ponte";
         in {
@@ -38,7 +38,7 @@
                 channel = "#krebs";
               }
               {
-                account = "telegram.krebs";
+                account = "telegram.kmein";
                 channel = "-330372458";
               }
               {

systems/makanek/menstruation.nix

@@ -11,14 +11,6 @@ in {
 
   environment.systemPackages = [pkgs.redis];
 
-  niveum.passport.services = [
-    {
-      title = "Tischlein, deck dich!";
-      description = "serves you with Berlin canteen menus via Telegram.";
-      link = "https://t.me/TischleinDeckDichBot";
-    }
-  ];
-
   systemd.services.menstruation-telegram = {
     wants = [
       "network-online.target"

systems/makanek/moinbot.nix

@@ -12,12 +12,5 @@
     serviceConfig.DynamicUser = true;
   };
 
-  niveum.passport.services = [
-    {
-      title = "moinbot";
-      description = "greets #hsmr:hackint.org daily.";
-    }
-  ];
-
   systemd.timers.moinbot.timerConfig.RandomizedDelaySec = "14h";
 }

systems/makanek/monitoring/default.nix

@@ -22,26 +22,6 @@ in {
     };
   };
 
-  niveum.passport.services = [
-    {
-      title = "Prometheus";
-      description = "collects metrics from devices in the <i>niveum</i> network, blackbox monitors some websites.";
-    }
-    {
-      title = "Loki";
-      description = "aggregates logs of the <i>niveum</i> network.";
-    }
-    {
-      title = "Grafana";
-      link = "http://${config.services.grafana.domain}";
-      description = "displays metrics from devices in the <i>niveum</i> network.";
-    }
-    {
-      title = "Alertmanager bot";
-      description = "notifies me when something goes wrong.";
-    }
-  ];
-
   services.prometheus.rules = let
     diskFreeThreshold = 10;
   in [
@@ -240,7 +220,7 @@ in {
             "tarot.kmein.de"
             "cloud.xn--kiern-0qa.de"
             "grafana.kmein.r"
-            # "names.kmein.r"
+            "names.kmein.r"
             "rrm.r"
             "graph.r"
           ];
@@ -258,6 +238,16 @@ in {
         }
       ];
     }
+    {
+      job_name = "tahina";
+      static_configs = [
+        {
+          targets = [
+            "tahina.r:${toString config.services.prometheus.exporters.node.port}"
+          ];
+        }
+      ];
+    }
   ];
 
   services.prometheus.exporters.blackbox = {

systems/makanek/moodle-dl-borsfaye.nix

@@ -12,13 +12,6 @@
 in {
   imports = [<niveum/modules/moodle-dl.nix>];
 
-  niveum.passport.services = [
-    {
-      title = "MoodleDL";
-      description = "notifies about changes on Moodle.";
-    }
-  ];
-
   services.moodle-dl = {
     enable = true;
     startAt = "hourly";

systems/makanek/names.nix

@@ -4,8 +4,8 @@
   ...
 }: let
   port = 5703;
-  onomap-src = "${<scripts>}/onomastics-ng";
-  onomap = pkgs.haskellPackages.callCabal2nix "onomap" onomap-src {};
+  geogen-src = "${<scripts>}/onomastics";
+  geogen = pkgs.callPackage geogen-src {};
 in {
   systemd.services.names = {
     wants = ["network-online.target"];
@@ -13,11 +13,12 @@ in {
     description = "Better clone of geogen.stoepel.net";
     serviceConfig = {
       DynamicUser = true;
-      ExecStart = "${onomap}/bin/onomap-web";
-      Restart = "on-failure";
-      RestartSec = "15s";
     };
-    environment.PORT = toString port;
+    script = ''
+      cd $(mktemp -d)
+      ln -s "${geogen-src}/wsgi.py" wsgi.py
+      ${geogen.dependencyEnv}/bin/gunicorn wsgi:app -b :${toString port}
+    '';
   };
 
   services.nginx = {
@@ -28,14 +29,6 @@ in {
     recommendedTlsSettings = true;
   };
 
-  niveum.passport.services = [
-    {
-      link = "http://names.kmein.r";
-      title = "Onomap";
-      description = "maps surnames within Germany.";
-    }
-  ];
-
   services.nginx.virtualHosts."names.kmein.r" = {
     locations."/".proxyPass = "http://127.0.0.1:${toString port}";
   };

systems/makanek/nextcloud.nix

@@ -1,6 +1,5 @@
 {
   pkgs,
-  config,
   lib,
   ...
 }: let
@@ -9,7 +8,7 @@
 in {
   services.nextcloud = {
     enable = true;
-    package = pkgs.nextcloud24;
+    package = pkgs.nextcloud22;
 
     https = true;
 
@@ -34,14 +33,6 @@ in {
     };
   };
 
-  niveum.passport.services = [
-    {
-      title = "Nextcloud";
-      link = "https://${config.services.nextcloud.hostName}";
-      description = "manages calendars, to-do lists, files, and recipes.";
-    }
-  ];
-
   services.postgresql = {
     enable = true;
     ensureDatabases = ["nextcloud"];

systems/makanek/radio-news.nix

@@ -8,14 +8,6 @@
 in {
   services.nginx.virtualHosts."redaktion.r".locations."/".extraConfig = serveHtml <niveum/lib/radio-news.html> pkgs;
 
-  niveum.passport.services = [
-    {
-      title = "Retiolum Radio News";
-      link = "http://redaktion.r";
-      description = "supplies git history news to radio lassulus and lets you enter your own.";
-    }
-  ];
-
   systemd.services.stockholm-history = {
     startAt = "hourly";
     script = ''
@@ -25,9 +17,9 @@ in {
         rm -rf "$stockholm"
       }
       ${pkgs.git}/bin/git clone ${remote} "$stockholm"
-      ${pkgs.git}/bin/git --git-dir "$stockholm"/.git log --pretty='"%s" by %an, %ar.' --since "$(${pkgs.coreutils}/bin/date -I -d "yesterday")" \
+      ${pkgs.git}/bin/git --git-dir "$stockholm"/.git log --pretty='"%s" by %an, %ar' --since "$(${pkgs.coreutils}/bin/date -I -d "yesterday")" \
         | ${pkgs.jq}/bin/jq -R '{text: ., from: now | todateiso8601, to: (now + (60 * 60)) | todateiso8601}' \
-        | ${pkgs.curl}/bin/curl -Ssfd @- http://radio-news.r/
+        | ${pkgs.curl}/bin/curl -Ssfd @- http://prism.r:7999/
     '';
   };
 }

systems/makanek/radio.nix

@@ -126,12 +126,4 @@ in {
     forceSSL = true;
     locations."/".proxyPass = "http://127.0.0.1:${toString config.services.icecast.listen.port}";
   };
-
-  niveum.passport.services = [
-    {
-      title = "Radio";
-      link = "https://radio.kmein.de";
-      description = "broadcasts a few little (and mostly useless) web-radio stations.";
-    }
-  ];
 }

systems/makanek/retiolum-map.nix

@@ -44,19 +44,6 @@ in {
     };
   };
 
-  niveum.passport.services = [
-    {
-      link = "http://graph.r";
-      title = "Retiolum Realtime Map";
-      description = "displays geographical information about the retiolum network. <a href=\"http://graph.r/graph.html\">Graph</a> info also available.";
-    }
-    {
-      link = "http://c.r/${geo-ip-database}";
-      title = "GeoIP";
-      description = "shares MaxMind's GeoIP database with the krebs world. Updated weekly.";
-    }
-  ];
-
   services.nginx = {
     enable = true;
     recommendedGzipSettings = true;
@@ -70,7 +57,6 @@ in {
 
   systemd.services.geoip-share = {
     after = ["geoipupdate.service"];
-    wantedBy = ["geoipupdate.service"];
     script = let
       cyberlocker-tools = pkgs.callPackage <stockholm/krebs/5pkgs/simple/cyberlocker-tools> {};
     in "${cyberlocker-tools}/bin/cput ${geo-ip-database} < ${geo-ip-database-path}";

systems/makanek/tarot.nix

@@ -48,14 +48,6 @@ in {
       }'';
   };
 
-  niveum.passport.services = [
-    rec {
-      link = "https://tarot.kmein.de";
-      title = "Tarot";
-      description = "draws Tarot cards for you. See <a href=\"${link}/files/key.pdf\">here</a> for information on how to interpret them.";
-    }
-  ];
-
   services.nginx.virtualHosts."tarot.kmein.de" = {
     enableACME = true;
     forceSSL = true;

systems/makanek/urlwatch.nix

@@ -204,11 +204,4 @@ in {
       Type = "oneshot";
     };
   };
-
-  niveum.passport.services = [
-    {
-      description = "keeps me up-to-date on sites that have no RSS feed (shame be upon them!).";
-      title = "urlwatch";
-    }
-  ];
 }

systems/makanek/weechat.nix

@@ -58,7 +58,7 @@ in {
                 address = "irc.hackint.org/6697";
                 ipv6 = true;
                 ssl = true;
-                autojoin = ["#eloop" "#krebs" "#hsmr" "#nixos" "#the_playlist" "#flipdot-berlin" "#hackint"];
+                autojoin = ["#krebs" "#hsmr" "#nixos" "#the_playlist" "#flipdot-berlin" "#hackint"];
                 sasl_mechanism = "plain";
                 sasl_username = nick;
                 sasl_password = lib.strings.fileContents <system-secrets/irc/hackint>;
@@ -143,11 +143,6 @@ in {
               tags = ["nick_gitlab"];
               regex = "*";
             };
-            people = {
-              buffer = "irc.*.*";
-              tags = map (name: "nick_${name}") ["mod_p[matrix-fli"];
-              regex = "*";
-            };
           };
         };
         extraCommands = ''/matrix connect nibbana'';
@@ -185,11 +180,4 @@ in {
     isSystemUser = true;
     packages = [pkgs.tmux];
   };
-
-  niveum.passport.services = [
-    {
-      title = "weechat bouncer";
-      description = "keeps me logged in on IRC.";
-    }
-  ];
 }

systems/manakish/hardware-configuration.nix

@@ -21,7 +21,6 @@
       efiSupport = true;
       efiInstallAsRemovable = true;
       device = "/dev/sda";
-      configurationLimit = 5;
     };
   };
 

systems/tahina/configuration.nix

@@ -11,22 +11,23 @@ in {
     <niveum/configs/spacetime.nix>
     <niveum/modules/retiolum.nix>
     <niveum/configs/sshd.nix>
+    {
+      console.keyMap = "de";
+      i18n.defaultLocale = "de_DE.UTF-8";
+      services.xserver = {
+        layout = "de";
+        libinput.enable = true;
+      };
+    }
+    {
+      nix.nixPath = ["/var/src"];
+    }
   ];
 
-  nix.nixPath = ["/var/src"];
-
-  console.keyMap = "de";
-  i18n.defaultLocale = "de_DE.UTF-8";
-  services.xserver = {
-    layout = "de";
-    libinput.enable = true;
-  };
-
   users.users.xenos = {
     name = "xenos";
     password = "xenos";
     isNormalUser = true;
-    extraGroups = ["networkmanager"];
   };
 
   services.xserver = {

systems/tahina/hardware-configuration.nix

@@ -26,23 +26,17 @@
     extraModulePackages = [];
   };
 
-  fileSystems = {
-    "/" = {
-      device = "/dev/disk/by-uuid/e9a8bd34-61eb-4317-888d-bd7d6248a906";
-      fsType = "xfs";
-    };
-    "/boot" = {
-      device = "/dev/disk/by-uuid/9B2F-31E1";
-      fsType = "vfat";
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/e9a8bd34-61eb-4317-888d-bd7d6248a906";
+    fsType = "xfs";
   };
 
-  swapDevices = [
-    {
-      device = "/swapfile";
-      size = 2048;
-    }
-  ];
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/9B2F-31E1";
+    fsType = "vfat";
+  };
+
+  swapDevices = [];
 
   hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

systems/zaatar/configuration.nix

@@ -17,6 +17,7 @@ in {
     ./tuna.nix
     ./grocy.nix
     ./spotifyd.nix
+    <home-manager/nixos>
     <niveum/configs/keyboard.nix>
     <niveum/configs/monitoring.nix>
     <niveum/configs/nix.nix>

systems/zaatar/moodle-dl-meinhark.nix

@@ -69,16 +69,6 @@ in {
         108283 # Digital Classicist
         109211 # Altlitauisch
         109185 # Etymologie
-
-        # SS 2022
-        112606 # Avestisch
-        111761 # Griechische Wissenschaftsliteratur
-        111515 # H. Furens
-        110914 # Apostelgeschichte
-        112225 # Gr. Paläographie
-        113275 # ALEW
-        112783 # Akzent und Silbenstruktur
-        113493 # Papyrologie
       ];
       download_submissions = true;
       download_descriptions = true;

systems/zaatar/pulseaudio.nix

@@ -1,8 +1,7 @@
-{pkgs, ...}: {
+{
   sound.enable = true;
 
   hardware.pulseaudio = {
-    package = pkgs.pulseaudioFull;
     enable = true;
     systemWide = true;
     tcp = {

systems/zaatar/tuna.nix

@@ -5,7 +5,6 @@
   ...
 }: let
   firewall = (import <niveum/lib>).firewall lib;
-  inherit (import <niveum/lib>) tmpfilesConfig;
 
   streams = import <niveum/lib/streams.nix> {
     di-fm-key = lib.strings.fileContents <secrets/di.fm/key>;
@@ -72,31 +71,13 @@ in {
     extraStopCommands = firewall.removeRules rules;
   };
 
-  systemd.tmpfiles.rules = let
-    tags = lib.lists.unique (lib.concatMap ({tags ? [], ...}: tags) streams);
-    tagStreams = tag: lib.filter ({tags ? [], ...}: lib.elem tag tags) streams;
-    makePlaylist = name: streams: pkgs.writeText "${name}.m3u" (lib.concatMapStringsSep "\n" (lib.getAttr "stream") streams);
-  in
-    map (tag:
-      tmpfilesConfig {
-        type = "L+";
-        path = "/var/lib/mpd/playlists/${tag}.m3u";
-        mode = "0644";
-        user = "mpd";
-        group = "mpd";
-        argument = makePlaylist tag (tagStreams tag);
-      })
-    tags
-    ++ [
-      (tmpfilesConfig {
-        type = "L+";
-        mode = "0644";
-        user = "mpd";
-        group = "mpd";
-        path = "/var/lib/mpd/playlist/all.m3u";
-        argument = makePlaylist "all" streams;
-      })
-    ];
+  system.activationScripts.mpd-playlists = let
+    playlistFile = pkgs.writeText "radio.m3u" (lib.concatMapStringsSep "\n" (lib.getAttr "stream") streams);
+  in ''
+    rm -rf /var/lib/mpd/playlists
+    install -d /var/lib/mpd/playlists
+    ln -sfn "${toString playlistFile}" "/var/lib/mpd/playlists/radio.m3u"
+  '';
 
   services.tuna = {
     enable = true;
@@ -106,15 +87,33 @@ in {
       logo ? "https://picsum.photos/seed/${builtins.hashString "md5" stream}/300",
       stream,
       station,
-      ...
     }: {inherit id desc logo stream station;})
     streams;
-    webPort = 7044;
+    webPort = 8080;
   };
 
-  services.ympd = {
-    enable = true;
-    mpd.port = config.services.mpd.network.port;
+  systemd.services.tuna-stations = let
+    stations = lib.lists.imap0 (id: {
+      desc ? "",
+      logo ? "https://picsum.photos/seed/${builtins.hashString "md5" stream}/300",
+      stream,
+      station,
+    }: {inherit id desc logo stream station;})
+    streams;
+    stationsJson = (pkgs.formats.json {}).generate "stations.json" stations;
+  in {
+    enable = false;
+    wantedBy = ["tuna.service"];
+    startAt = "hourly";
+    script = ''
+      mkdir -p /etc/tuna
+      antenne_asb_url=$(
+        ${pkgs.curl}/bin/curl -sS 'https://www.caster.fm/widgets/em_player.php?jsinit=true&uid=529295&t=blue&c=' \
+          | grep streamUrl \
+          | sed ${lib.escapeShellArg "s/^.*'\\([^']*\\)'.*/\\1/"}
+      )
+      ${pkgs.jq}/bin/jq "map(if .station == \"Antenne ASB\" then .stream |= \"$antenne_asb_url\" else . end)" < ${stationsJson} > /etc/tuna/stations.json
+    '';
   };
 
   services.nginx = {
@@ -126,7 +125,7 @@ in {
     virtualHosts."radio.kmein.r" = {
       basicAuth.dj = password;
       locations."/" = {
-        proxyPass = "http://127.0.0.1:${config.services.ympd.webPort}";
+        proxyPass = "http://127.0.0.1:${toString config.services.tuna.webPort}";
         proxyWebsockets = true;
       };
     };