kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 18:21:07 +01:00
Code Releases Activity

Compare commits

base: kfm:feature/hass-prometheus
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:flakes-2
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

1 Commits
feature/ha ... flakes-2

Author SHA1 Message Date
Kierán Meinhardt
248ebea28e wip: flakes 2021-12-29 15:15:02 +01:00
382 changed files with 9067 additions and 14012 deletions
Expand all files Collapse all files

29
.bin/anki-poem.sh
View File

@@ -1,29 +0,0 @@
#!/bin/sh
file="${1?please supply a poetry file}"
[ -f "$file" ] || {
echo "'$file' is no file"
exit 1
}
poem="$(mktemp)"
clean () {
rm "$poem"
}
trap clean EXIT
sed '/^$/d' "$file" > "$poem"
htmlize() {
awk 'ORS="<br/>"' \
| head -c -5 # remove final <br/> characters
}
for line_number in $(seq 1 "$(wc -l "$poem" | cut -d' ' -f1)"); do
if [ "$line_number" -gt 3 ] && [ "$line_number" -gt 1 ]; then
sed -n "$((line_number - 3)),$((line_number - 1))p" "$poem"
else
sed -n "1,$((line_number - 1))p" "$poem"
fi | htmlize
printf '\t'
sed -n "${line_number},+1p" "$poem" | htmlize
printf '\n'
done

54
.bin/avesta.sed
View File

@@ -1,54 +0,0 @@
#!/usr/bin/env -S sed -f
s/ā̊/𐬃/g
s//𐬝/g
s/ṣ̌/𐬴/g
s/š́/𐬳/g
s/ą̄/𐬅/g
s/ŋᵛ/𐬤/g
s/ə̄/𐬇/g
s/ŋ́/𐬣/g
s//𐬒/g
s/xᵛ/𐬓/g
s/a/𐬀/g
s/ā/𐬁/g
s/å/𐬂/g
s/ą/𐬄/g
s/ə/𐬆/g
s/e/𐬈/g
s/ē/𐬉/g
s/o/𐬊/g
s/ō/𐬋/g
s/i/𐬌/g
s/ī/𐬍/g
s/u/𐬎/g
s/ū/𐬏/g
s/k/𐬐/g
s/x/𐬑/g
s/g/𐬔/g
s/ġ/𐬕/g
s/γ/𐬖/g
s/c/𐬗/g
s/j/𐬘/g
s/t/𐬙/g
s/θ/𐬚/g
s/d/𐬛/g
s/δ/𐬜/g
s/p/𐬞/g
s/f/𐬟/g
s/b/𐬠/g
s/β/𐬡/g
s/ŋ/𐬢/g
s/n/𐬥/g
s/ń/𐬦/g
s//𐬧/g
s/m/𐬨/g
s//𐬩/g
s//𐬫/g
s/y/𐬪/g
s/v/𐬬/g
s/r/𐬭/g
s/s/𐬯/g
s/z/𐬰/g
s/š/𐬱/g
s/ž/𐬲/g
s/h/𐬵/g

19
.bin/calendars.sh
View File

@@ -1,19 +0,0 @@
#!/bin/sh
directory="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$directory"
}
year=$(date +%Y)
output=/tmp/$year.pdf
for month in $(seq 1 12); do
printf "\r%d" "$month" 1>&2
astrolog -zN Berlin -qm "$month" "$year" -X -K -XA -Xr -Xm -Xb -Xo "$(printf "%s/%02d.bmp" "$directory" "$month")" -Xw 1080 720 2>/dev/null
done
printf "\r"
convert "$directory/*.bmp" "$output"
echo "$output"

43
.bin/dummy-alert
View File

@@ -1,43 +0,0 @@
#!/bin/bash
name=$RANDOM
url='http://localhost:9093/api/v1/alerts'
echo "firing up alert $name"
# change url o
curl -XPOST $url -d "[{
\"status\": \"firing\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""
echo "press enter to resolve alert"
read
echo "sending resolve"
curl -XPOST $url -d "[{
\"status\": \"resolved\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""

5
.bin/json2csv.jq
View File

@@ -1,5 +0,0 @@
#!/usr/bin/env -S jq -r -f
(map(keys) | add | unique) as $cols
| map(. as $row | $cols | map($row[.])) as $rows
| $cols, $rows[]
| @csv

1
.bin/mud.sh
View File

@@ -1 +0,0 @@
ssh mud@hotdog.r -t "MUD_NICKNAME=$LOGNAME mud"

6
.bin/mushakkil.sh
View File

@@ -1,6 +0,0 @@
#!/bin/sh
curl -sSL 'https://diac.alsharekh.org/Diac/DiacText' \
-H "Content-Type: application/json" \
--data-raw "$(jq --raw-input '{word: ., type: 1}')" \
--compressed \
| jq -r .diacWord

65
.bin/prospekte.sh
View File

@@ -1,65 +0,0 @@
#!/bin/sh
lidl() {
echo LIDL
curl -sSL 'https://endpoints.lidl-flyer.com/v3/region-overview/lidl/de-DE/0.json' \
| jq -r '
.categories
| map(select(.name == "Filial-Angebote") | .subcategories | map(.flyers))
| flatten
| flatten
| .[]
| .pdfUrl
'
}
aldi_nord() {
echo ALDI nord
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-aktuell/GetPDF.ashx'
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-vorschau/GetPDF.ashx'
}
rewe_berlin() {(
store_id=662366923
publisher_id=1062
echo REWE
curl -sSL 'https://www.bonialserviceswidget.de/de/stores/'$store_id'/brochures?storeId='$store_id'&publisherId='$publisher_id | while read -r brochure_id; do
curl -sSL 'https://www.bonialserviceswidget.de/de/v5/brochureDetails/'"$brochure_id"'?publisherId='$publisher_id | jq -r .pdfUrl
done
)}
kaufland() {(
region_code=8920
echo KAUFLAND
curl -sSL https://filiale.kaufland.de/prospekte.html | htmlq --attribute href '.flyer a' | grep -Eo 'DE_de_KDZ[^/]*' | sed "s/_3000_/_${region_code}_/" | while read -r flyer_id; do
curl -sSL "https://endpoints.leaflets.kaufland.com/v3/$flyer_id/flyer.json?regionCode=$region_code" | jq -r .flyer.pdfUrl
done
)}
netto_schwarz() {
echo 'NETTO (schwarz)'
curl -sSL 'https://squid-api.tjek.com/v2/catalogs?dealer_ids=90f2VL&order_by=created' \
| jq -r '.[] | .id' \
| while read -r flyer_id; do
curl -sSL "https://squid-api.tjek.com/v2/catalogs/$flyer_id/download" \
| jq -r .pdf_url
done
}
dir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$dir"
}
prospekt_url="$( (
lidl
aldi_nord
rewe_berlin
kaufland
netto_schwarz
) | fzf)"
curl -sSL "$prospekt_url" -o "$dir/prospekt.pdf"
zathura "$dir/prospekt.pdf"

16
.bin/screencap.sh
View File

@@ -1,16 +0,0 @@
#! /usr/bin/env nix-shell
#! nix-shell -i sh -p coreutils byzanz xorg.xwininfo gnused
# shellcheck shell=sh
# ref https://gist.github.com/aforemny/0994cb7f06ea30d56c8b9681ff5d2054
set -eux
eval "$(xwininfo | \
sed -n -e 's/^ \+Absolute upper-left X: \+\([0-9]\+\).*/x=\1/p' \
-e 's/^ \+Absolute upper-left Y: \+\([0-9]\+\).*/y=\1/p' \
-e 's/^ \+Width: \+\([0-9]\+\).*/w=\1/p' \
-e 's/^ \+Height: \+\([0-9]\+\).*/h=\1/p')"
trap "pkill -f 'sleep 360d'" INT
byzanz-record -e "sleep 360d" -c -x $x -y $y -w $w -h $h "$@"

49
.bin/space.py
View File

@@ -1,49 +0,0 @@
import ephem
from datetime import datetime, date, timedelta
now = datetime.now()
limit = now + timedelta(days=365)
def events_until(limit):
initial_date = ephem.Date(datetime.now())
events = {}
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_full_moon(now)
events[now] = "🌕"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_new_moon(now)
events[now] = "🌑"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_vernal_equinox(now)
events[now] = "spring equinox"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_autumnal_equinox(now)
events[now] = "fall equinox"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_winter_solstice(now)
events[now] = "winter solstice"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_summer_solstice(now)
events[now] = "summer solstice"
return events
events = events_until(limit)
for date, event in sorted(events.items(), key=lambda x: x[0]):
if ephem.localtime(date) < limit:
print(ephem.localtime(date), event)

50
.bin/toposort.nix
View File

@@ -1,50 +0,0 @@
let
lib = import <nixpkgs/lib>;
in rec {
inherit lib;
input = [
{
x = ["pool" "zfs"];
y = ["mdadm" "raid1"];
}
{
x = ["pool" "zfs"];
y = ["disk" "sda"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdb"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdc"];
}
];
outNodes = node: graph:
lib.unique
(builtins.map (e: e.y)
(builtins.filter (v: v.x == node) graph));
vertices = graph:
lib.unique
(builtins.map (x: x.y) graph ++ builtins.map (x: x.x) graph);
deleteVertex = node: graph: (builtins.filter (v: v.x != node && v.y != node) graph);
findSink = graph:
lib.findFirst
(v: outNodes v graph == [])
(lib.trace graph (builtins.abort "No sink found"))
(vertices graph);
topSort = graph:
if graph == []
then []
else if builtins.length graph == 1
then let only = builtins.head graph; in [only.y only.x]
else let sink = findSink graph; in [sink] ++ topSort (deleteVertex sink graph);
output = topSort input;
}

18
.bin/ttrss-unread
View File

@@ -1,18 +0,0 @@
#/usr/bin/env -S deno run -A:q
set -x
session_cache="$HOME/.cache/tt-rss.session"
ttrss_endpoint=https://feed.kmein.de/api/
ttrss_user=k
ttrss_password=$(pass shared/tt-rss/password)
login() {
if [ -f "$session_cache" ]; then
session_id="$(cat "$session_cache")"
else
session_id="$(curl -d '{"op":"login","user":"'"$ttrss_user"'","password":"'"$ttrss_password"'"}' "$ttrss_endpoint" | jq -r .content.session_id)"
echo "$session_id" > "$session_cache"
fi
}
login
curl -d '{"sid":"'"$session_id"'","op":"getUnread"}' "$ttrss_endpoint" | jq .content

16
.bin/tuesday-1800
View File

@@ -1,16 +0,0 @@
#!/bin/sh
set -efux
expected_max_results=1024 # the upper bound on the number of restaurants
radius=250
echo '[out:json];node(id:260050809)->.cbase;
(
node(around.cbase:'$radius')[amenity=fast_food];
node(around.cbase:'$radius')[amenity=restaurant];
);out;' \
| curl -sSL -d @- -X POST http://overpass-api.de/api/interpreter \
| jq --argjson random "$(shuf -i 0-$expected_max_results -n 1)" '
.elements
| length as $length
| .[$random % $length]
'

8
.bin/unicode
View File

@@ -1,8 +0,0 @@
import sys
import unicodedata
for index, character in enumerate(sys.stdin.read().strip()):
try:
print(index, character, hex(ord(character)), unicodedata.category(character), unicodedata.name(character))
except:
print(index, character, hex(ord(character)))

26
.bin/watson2fdf.sh
View File

@@ -1,26 +0,0 @@
project=Filli
year=2022
for month in Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec; do
from="$(date +%F -d "$month 1, $year")"
to="$(date +%F -d "$month 1, $year + 1 month")"
watson report --json --from "$from" --to "$to" --project "$project"
done | jq --slurp '
def in_array($arr):
. as $value | any($arr[]; . == $value);
map(
["engadin-app","fysiweb","val-muestair","mia-engiadina","ol"] as $official_projects
| (.timespan.from | .[0:7]) as $timespan
| .projects | .[0]
| .time as $total_time
| .tags
| select(. != null)
| map(select(.name | in_array($official_projects)))
| (map(.time)|add) as $official_time
| map({key:.name, value:.time}) | from_entries
| .other |= ($total_time - $official_time)
| map_values(. / (60*60) | ceil)
| .month |= $timespan
)
'

19
.github/workflows/flake.yml vendored
View File

@@ -1,19 +0,0 @@
name: Update flake.lock
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '0 0 * * 0' # runs weekly on Sunday at 00:00
jobs:
lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install Nix
uses: cachix/install-nix-action@v16
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v3

37
.github/workflows/niveum.yml vendored
View File

@@ -1,37 +0,0 @@
name: CI
on:
push:
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
system: [makanek,manakish,kabsa,zaatar,ful]
steps:
- uses: actions/checkout@v3
- name: Install QEMU (ARM)
run: sudo apt-get install -y qemu-user-static
if: ${{ matrix.system == 'ful' }}
- name: Install Nix (ARM)
uses: cachix/install-nix-action@v16
if: ${{ matrix.system == 'ful' }}
with:
extra_nix_config: |
system = aarch64-linux
- name: Install Nix (x86_64)
uses: cachix/install-nix-action@v16
if: ${{ matrix.system != 'ful' }}
- name: nixos-rebuild dry-build
run: |
# remove secrets: ref https://stackoverflow.com/questions/1260748/how-do-i-remove-a-submodule/36593218
git submodule deinit -f secrets
rm -rf .git/modules/secrets
git rm -f secrets
# recreate secrets
mkdir secrets
cat secrets.txt | while read -r path; do touch $path; done
git add secrets
nix run nixpkgs#nixos-rebuild -- dry-build --flake $GITHUB_WORKSPACE#${{matrix.system}}

12
.gitmodules vendored
View File

@@ -1,3 +1,9 @@
[submodule "secrets"]
path = secrets
url = ssh://gitea@code.kmein.de:22022/kfm/niveum-secrets.git
[submodule "submodules/menstruation-telegram"]
path = submodules/menstruation-telegram
url = https://github.com/kmein/menstruation-telegram
[submodule "submodules/menstruation-backend"]
path = submodules/menstruation-backend
url = https://github.com/kmein/menstruation.rs
[submodule "submodules/nur-packages"]
path = submodules/nur-packages
url = git@github.com:kmein/nur-packages.git

11
.versions/home-manager.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/nix-community/home-manager.git",
"rev": "697cc8c68ed6a606296efbbe9614c32537078756",
"date": "2021-12-19T00:59:29+01:00",
"path": "/nix/store/fb46bv10azrag2jjlzhil6j11f4x8glw-home-manager",
"sha256": "1c8gxm86zshr2zj9dvr02qs7y3m46gqavr6wyv01r09jfd99dxz9",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/krops.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.krebsco.de/krops",
"rev": "cccebf3ff7a53336b3f106cb96dddd5892d427ed",
"date": "2021-03-23T22:47:37+01:00",
"path": "/nix/store/mz13xxnil35lwsf90hwnrm2agir7hb51-krops",
"sha256": "07mg3iaqjf1w49vmwfchi7b1w55bh7rvsbgicp2m47gnj9alwdb6",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nix-writers.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.krebsco.de/nix-writers",
"rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71",
"date": "2019-04-02T20:05:33+02:00",
"path": "/nix/store/wm5zhsha1a2iy0d582nlfi7604ayd1vz-nix-writers",
"sha256": "0xdivaca1hgbxs79jw9sv4gk4f81vy8kcyaff56hh2dgq2awyvw4",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs-mozilla.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/mozilla/nixpkgs-mozilla",
"rev": "7c1e8b1dd6ed0043fb4ee0b12b815256b0b9de6f",
"date": "2021-12-07T09:28:33-05:00",
"path": "/nix/store/pqwcw589i2y2w2116wn3ifl834adjsa0-nixpkgs-mozilla",
"sha256": "1a71nfw7d36vplf89fp65vgj3s66np1dc0hqnqgj5gbdnpm1bihl",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs-unstable.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/NixOS/nixpkgs.git",
"rev": "f01adc7b35a8f80e82f3466e6d873b8b9c8f1b28",
"date": "2021-12-22T23:05:28+01:00",
"path": "/nix/store/zhfrvg77dzpc3hq02v9zv20dfgqwpzk6-nixpkgs",
"sha256": "17iyf2iiizi7c1wr71day3wvgalbkkm2zgc9lpy7y42rl4frq9sf",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/NixOS/nixpkgs.git",
"rev": "9ab7d12287ced0e1b4c03b61c781901f178d9d77",
"date": "2021-12-21T10:09:48+01:00",
"path": "/nix/store/minmlh0avkwvvc3p7flhpbglp13kr585-nixpkgs",
"sha256": "0bbd2pgcyavqn5wgq0xp8p67lha0kv9iqnh49i9w5fb5g29q7i30",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/retiolum.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/krebs/retiolum",
"rev": "b72b0a987767b587c79cba8499b5114d69fceeef",
"date": "2021-12-28T19:46:45+00:00",
"path": "/nix/store/kyaqwf89v6id9mda92x4b0hf778j987x-retiolum",
"sha256": "19hjzzlfk1m9ign33w4ppqgmg23v7c6k8l0fm7f33spq8982w7rb",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/stockholm.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.lassul.us/stockholm",
"rev": "576c05cf3a0ceddefa29c2d0073108177c3cfa52",
"date": "2021-12-22T13:59:46+01:00",
"path": "/nix/store/yx1j5pardgd9114f0cf3c4xjfq6r4yfv-stockholm",
"sha256": "18napi4k8i2iizrismlp9ha3ga6c3n2dvrhijy59kl1jxqrsaq9l",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

270
configs/aerc.nix
View File

@@ -1,270 +0,0 @@
{
pkgs,
config,
lib,
...
}: let
inherit (import ../lib/email.nix) defaults;
in {
age.secrets = {
email-password-cock = {
file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-posteo = {
file = ../secrets/email-password-posteo.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
services.mbsync = {
enable = true;
frequency = "daily";
preExec = "${pkgs.coreutils}/bin/mkdir -p ${config.home-manager.users.me.accounts.email.maildirBasePath}";
postExec = "${pkgs.notmuch}/bin/notmuch new";
};
programs.notmuch = {
enable = true;
extraConfig = {
database.path = config.home-manager.users.me.accounts.email.maildirBasePath;
new.tags = "";
user.name = defaults.realName;
user.primary_email = config.home-manager.users.me.accounts.email.accounts.posteo.address;
};
};
programs.mbsync = {
enable = true;
extraConfig = lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: ''
IMAPAccount ${name}
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host ${account.imap.host}
PassCmd "${toString account.passwordCommand}"
User ${account.userName}
SSLType IMAPS
${lib.optionalString (lib.isInt account.imap.port) "Port ${toString account.imap.port}"}
IMAPStore ${name}-remote
Account ${name}
MaildirStore ${name}-local
Path ${config.home-manager.users.me.accounts.email.maildirBasePath}/${name}/
SubFolders Verbatim
Channel ${name}
Create Near
Expunge None
Far :${name}-remote:
Near :${name}-local:
Patterns *
Remove None
SyncState *
'')
config.home-manager.users.me.accounts.email.accounts);
};
accounts.email.accounts = {
cock =
lib.recursiveUpdate defaults
rec {
address = "2210@cock.li";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-cock.path}";
realName = "";
imap.host = "mail.cock.li";
smtp.host = imap.host;
};
posteo =
lib.recursiveUpdate defaults
rec {
address = "kieran.meinhardt@posteo.net";
aliases = ["kmein@posteo.de"];
userName = address;
imap.host = "posteo.de";
smtp.host = imap.host;
primary = true;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-posteo.path}";
# himalaya = { enable = true; backend = "imap"; sender = "smtp"; };
};
};
# programs.himalaya.enable = true;
programs.aerc = {
enable = true;
extraBinds = {
# Binds are of the form <key sequence> = <command to run>
# To use '=' in a key sequence, substitute it with "Eq": "<Ctrl+Eq>"
# If you wish to bind #, you can wrap the key sequence in quotes: "#" = quit
global = {
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab <Enter>";
"<C-t>" = ":term<Enter>";
"?" = ":help keys<Enter>";
};
messages = {
q = ":quit<Enter>";
j = ":next <Enter>";
"<Down>" = ":next<Enter>";
"<C-d>" = ":next 50%<Enter>";
"<C-f>" = ":next 100%<Enter>";
"<PgDn>" = ":next 100%<Enter>";
k = ":prev <Enter>";
"<Up>" = ":prev<Enter>";
"<C-u>" = ":prev 50%<Enter>";
"<C-b>" = ":prev 100%<Enter>";
"<PgUp>" = ":prev 100%<Enter>";
g = ":select 0 <Enter>";
G = ":select -1<Enter>";
J = ":next-folder <Enter>";
K = ":prev-folder<Enter>";
H = ":collapse-folder<Enter>";
L = ":expand-folder<Enter>";
"<space>" = ":read -t<Enter>:next<Enter>";
v = ":mark -t<Enter>";
V = ":mark -v<Enter>";
F = ":flag -t<Enter>";
T = ":toggle-threads<Enter>";
"<Enter>" = ":view<Enter>";
d = ":prompt 'Delete? ' 'delete-message'<Enter>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
C = ":compose<Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
c = ":cf<space>";
"$" = ":term<space>";
"!" = ":term<space>";
"|" = ":pipe<space>";
"/" = ":search<space>";
"\\" = ":filter <space>";
n = ":next-result<Enter>";
N = ":prev-result<Enter>";
"<Esc>" = ":clear<Enter>";
"*" = ":filter -x Flagged<Enter>";
};
view = {
"/" = ":toggle-key-passthrough <Enter> /";
q = ":close<Enter>";
O = ":open<Enter>";
S = ":save<space>";
"|" = ":pipe<space>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
"<C-l>" = ":open-link <space>";
f = ":forward <Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
H = ":toggle-headers<Enter>";
"<C-k>" = ":prev-part<Enter>";
"<C-j>" = ":next-part<Enter>";
J = ":next <Enter>";
K = ":prev<Enter>";
};
"view::passthrough" = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<Esc>" = ":toggle-key-passthrough<Enter>";
};
compose = {
# Keybindings used when the embedded terminal is not selected in the compose
# view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<tab>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::editor" = {
# Keybindings used when the embedded terminal is selected in the compose view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::review" = {
# Keybindings used when reviewing a message to be sent
y = ":send <Enter>";
n = ":abort<Enter>";
p = ":postpone<Enter>";
q = ":choose -o d discard abort -o p postpone postpone<Enter>";
e = ":edit<Enter>";
a = ":attach<space>";
d = ":detach<space>";
};
terminal = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
};
extraConfig = {
ui.sort = "-r date";
ui.timestamp-format = "2006-01-02 15:04";
ui.mouse-enabled = true;
ui.spinner = ". , .";
general.unsafe-accounts-conf = true;
general.pgp-provider = "gpg";
viewer = {pager = "${pkgs.less}/bin/less -R";};
compose = {
address-book-cmd = "khard email --remove-first-line --parsable '%s'";
no-attachment-warning = "(attach|attached|attachments?|anbei|Anhang|angehängt)";
};
filters = {
"text/plain" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"text/calendar" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/calendar";
"text/html" = "${pkgs.aerc}/share/aerc/filters/html"; # Requires w3m, dante
# "text/html" =
# "${pkgs.aerc}/share/aerc/filters/html | ${pkgs.aerc}/share/aerc/filters/colorize";
# "text/*" =
# ''${pkgs.bat}/bin/bat -fP --theme=ansi --file-name="$AERC_FILENAME "'';
"message/delivery-status" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"message/rfc822" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"application/x-sh" = "${pkgs.bat}/bin/bat -fP -l sh";
};
openers = let
as-pdf = pkgs.writers.writeDash "as-pdf" ''
d=$(mktemp -d)
trap clean EXIT
clean() {
rm -rf "$d"
}
${pkgs.libreoffice}/bin/libreoffice --headless --convert-to pdf "$1" --outdir "$d"
${pkgs.zathura}/bin/zathura "$d"/*.pdf
'';
in {
"image/*" = "${pkgs.nsxiv}/bin/nsxiv";
"application/pdf" = "${pkgs.zathura}/bin/zathura";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = toString as-pdf;
"application/vnd.oasis.opendocument.text" = toString as-pdf;
"video/*" = "${pkgs.mpv}/bin/mpv";
"audio/*" = "${pkgs.mpv}/bin/mpv";
};
};
templates = {
# new_message = "hello!";
};
};
};
}

76
configs/alacritty.nix
View File

@@ -1,21 +1,28 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}: let
alacritty-cfg = theme:
(pkgs.formats.yaml {}).generate "alacritty.yml" {
bell = {
animation = "EaseOut";
duration = 100;
color = "#ffffff";
environment.variables.TERMINAL = "alacritty";
environment.systemPackages = [
pkgs.alacritty
];
home-manager.users.me.xdg.configFile =
let
inherit (import <niveum/lib>) colours;
colourNames = [ "black" "red" "green" "yellow" "blue" "magenta" "cyan" "white" ];
colourPairs = lib.getAttrs colourNames colours;
in {
"alacritty/alacritty.yml".source = (pkgs.formats.yaml {}).generate "alacritty.yml" {
background_opacity = 0.9;
colors = {
primary = { inherit (colours) background foreground; };
normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
};
font = {
normal.family = "Monospace";
size = 6;
};
live_config_reload = true;
key_bindings = [
{
key = "Plus";
@@ -33,51 +40,6 @@
action = "ResetFontSize";
}
];
colors = let
colourNames = ["black" "red" "green" "yellow" "blue" "magenta" "cyan" "white"];
colourPairs = lib.getAttrs colourNames theme;
in {
primary = {inherit (theme) background foreground;};
cursor = {inherit (theme) cursor;};
normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
};
};
alacritty-pkg = pkgs.symlinkJoin {
name = "alacritty";
paths = [
(pkgs.writers.writeDashBin "alacritty" ''
${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml msg create-window "$@" ||
${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml "$@"
'')
pkgs.alacritty
];
};
in {
environment.variables.TERMINAL = "alacritty";
home-manager.users.me = {
programs.alacritty = {
enable = true;
settings = {
key_bindings = [
{
key = "Plus";
mods = "Control";
action = "IncreaseFontSize";
}
{
key = "Minus";
mods = "Control";
action = "DecreaseFontSize";
}
{
key = "Key0";
mods = "Control";
action = "ResetFontSize";
}
];
};
};
};
}

5
configs/android.nix
View File

@@ -1,5 +0,0 @@
{
programs.adb.enable = true;
users.users.me.extraGroups = ["adbusers"];
}

55
configs/backup.nix
View File

@@ -1,55 +0,0 @@
{
pkgs,
config,
...
}: let
inherit (import ../lib) restic;
in {
services.restic.backups.niveum = {
initialize = true;
inherit (restic) repository;
timerConfig = {
OnCalendar = "8:00";
RandomizedDelaySec = "1h";
};
passwordFile = config.age.secrets.restic.path;
extraBackupArgs = [
"--exclude=/home/kfm/projects/nixpkgs/.git"
"--exclude=node_modules"
"--exclude=.parcel-cache"
];
paths = [
"/home/kfm/work"
"/home/kfm/projects"
"/home/kfm/Zotero"
"/home/kfm/notes"
"/home/kfm/Maildir"
"/home/kfm/cloud"
"/home/kfm/.gnupg"
"/home/kfm/.ssh"
"/mnt/sd-card/music"
"/mnt/sd-card/Books"
];
};
systemd.services.restic-backups-niveum.serviceConfig = {
Restart = "on-failure";
RestartSec = "15s";
StartLimitIntervalSec = "1m"; # don't try more than 4 times
StartLimitBurst = 4;
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "restic-niveum" ''
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} "$@"
'')
(pkgs.writers.writeDashBin "restic-mount" ''
mountdir=$(mktemp -d)
trap clean EXIT
clean() {
rm -r "$mountdir"
}
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} mount "$mountdir"
'')
];
}

4
configs/bash.nix
View File

@@ -1,7 +1,7 @@
{pkgs, ...}: {
{
programs.bash = {
promptInit = ''
PS1="$(${pkgs.ncurses}/bin/tput bold)\w \$([[ \$? == 0 ]] && echo \"\[\033[1;32m\]\" || echo \"\[\033[1;31m\]\")\$$(${pkgs.ncurses}/bin/tput sgr0) "'';
PS1="$(tput bold)\w \$([[ \$? == 0 ]] && echo \"\[\033[1;32m\]\" || echo \"\[\033[1;31m\]\")\$$(tput sgr0) "'';
interactiveShellInit = ''
set -o vi
'';

9
configs/battery.nix
View File

@@ -1,14 +1,11 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
boot.extraModulePackages = with config.boot.kernelPackages; [
tp_smapi
acpi_call
];
boot.kernelModules = ["tp_smapi" "acpi_call"];
environment.systemPackages = [pkgs.tpacpi-bat pkgs.powertop];
boot.kernelModules = [ "tp_smapi" "acpi_call" ];
environment.systemPackages = [ pkgs.tpacpi-bat ];
services.tlp = {
enable = true;

9
configs/beets.nix
View File

@@ -1,14 +1,11 @@
{ lib, pkgs, ... }:
{
lib,
pkgs,
...
}: {
environment.systemPackages = [pkgs.beets];
environment.systemPackages = [ pkgs.beets ];
home-manager.users.me.xdg.configFile = {
"beets/config.yaml".source = (pkgs.formats.yaml {}).generate "config.yaml" {
directory = "~/cloud/syncthing/music";
library = "~/cloud/syncthing/common/music.db";
plugins = toString ["fetchart" "lastgenre"];
plugins = toString [ "fetchart" "lastgenre" ];
};
};
}

14
configs/bluetooth.nix
View File

@@ -1,17 +1,11 @@
{
pkgs,
lib,
...
}: {
{ pkgs, lib, ... }: {
hardware.bluetooth = {
enable = true;
settings.General.Enable =
lib.concatStringsSep "," ["Source" "Sink" "Media" "Socket"];
lib.concatStringsSep "," [ "Source" "Sink" "Media" "Socket" ];
};
services.blueman.enable = true;
environment.systemPackages = [ pkgs.blueman ];
# environment.systemPackages = [pkgs.blueman];
home-manager.users.me = {services.blueman-applet.enable = true;};
home-manager.users.me = { services.blueman-applet.enable = false; };
}

57
configs/bvg.nix Normal file
View File

@@ -0,0 +1,57 @@
{ pkgs, lib, ... }:
let
inherit (import <niveum/lib>) serveHtml;
stations = [
900068204 # A/M
900068302 # KAS
900068203 # B-P
];
fahrplan = pkgs.writeText "fahrplan.html" ''
<!DOCTYPE html>
<title>Fahrplan</title>
<link
rel="icon"
type="image/x-icon"
href="https://mobil.bvg.de/Fahrinfo/img/ua_xhtml/logo.gif"
/>
<style>
body {
margin: 0;
--bvg-yellow: #f0d722;
}
#fahrplan {
display: flex;
height: 100vh;
width: 100%;
flex-direction: row;
}
#fahrplan iframe {
flex-grow: 1;
border: none;
}
#fahrplan iframe + iframe {
border-left: 2px solid var(--bvg-yellow);
}
</style>
<body>
<div id="fahrplan">
${lib.concatMapStrings (station: ''
<iframe scrolling="no" src="https://mobil.bvg.de/Fahrinfo/bin/stboard.bin/dox?ld=0.1&input=${toString station}&boardType=depRT&start=yes"></iframe>
'') stations}
</div>
</body>
'';
in
{
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."bvg.kmein.r" = {
locations."/".extraConfig = serveHtml fahrplan pkgs;
};
}

4
configs/ccc.nix
View File

@@ -1,4 +1,4 @@
{pkgs, ...}:
{ pkgs, ... }:
# https://paste.sr.ht/~erictapen/11716989e489b600f237041b6d657fdf0ee17b34
let
certificate = pkgs.stdenv.mkDerivation rec {
@@ -7,7 +7,7 @@ let
1,/DST Root CA X3/d
1,/-----END CERTIFICATE-----/p
'';
nativeBuildInputs = with pkgs; [cacert gnused];
nativeBuildInputs = with pkgs; [ cacert gnused ];
phases = "installPhase";
installPhase = ''
${pkgs.gnused}/bin/sed -n -f $src ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt > $out

89
configs/chromium.nix
View File

@@ -1,97 +1,16 @@
{
pkgs,
config,
...
}: {
{ pkgs, ... }: {
programs.chromium = {
enable = true;
extensions = [
"nngceckbapebfimnlniiiahkandclblb" # BitWarden
# "ihlenndgcmojhcghmfjfneahoeklbjjh" # cVim
# "fpnmgdkabkmnadcjpehmlllkndpkmiak" # Wayback Machine
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
"pjjgklgkfeoeiebjogplpnibpfnffkng" # undistracted
"nhdogjmejiglipccpnnnanhbledajbpd" # vuejs devtools
"eimadpbcbfnmbkopoojfekhnkhdbieeh" # dark reader
"khncfooichmfjbepaaaebmommgaepoid" # Remove YouTube Recommended Videos
];
};
home-manager.users.me = {
programs.firefox = {
enable = true;
package = pkgs.firefox.override {
cfg = {
enableTridactylNative = true;
};
};
profiles = let
defaultSettings = {
"beacon.enabled" = false;
"browser.bookmarks.showMobileBookmarks" = true;
"browser.newtab.preload" = false;
"browser.search.isUS" = false;
"browser.search.region" = "DE";
"browser.send_pings" = false;
"browser.shell.checkDefaultBrowser" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.uidensity" = 1;
"browser.urlbar.placeholderName" = "Search";
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"distribution.searchplugins.defaultLocale" = "de-DE";
"general.smoothScroll" = true;
"identity.fxaccounts.account.device.name" = config.networking.hostName;
"network.cookie.cookieBehavior" = 1;
"privacy.donottrackheader.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.pbmode.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.declinedEngines" = "passwords";
"services.sync.engine.passwords" = false;
"signon.autofillForms" = false;
"signon.rememberSignons" = false;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.cachedClientID" = "";
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
"ui.prefersReducedMotion" = 1;
};
in {
default = {
id = 0;
isDefault = true;
settings = defaultSettings;
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
# ublock-origin
# darkreader
# sponsorblock
# consent-o-matic
# i-dont-care-about-cookies
# # auto-tab-discard TODO what is this
# ];
userChrome = ''
#TabsToolbar {
visibility: collapse !important;
}
'';
};
};
};
};
environment.systemPackages = [pkgs.brave];
environment.systemPackages = [ pkgs.chromium pkgs.brave ];
environment.variables.BROWSER = "brave";
}

7
configs/clipboard.nix
View File

@@ -1,7 +0,0 @@
{
config,
pkgs,
...
}: {
services.clipmenu.enable = true;
}

128
configs/cloud.nix
View File

@@ -1,56 +1,12 @@
{
config,
lib,
pkgs,
...
}: let
inherit (import ../lib) tmpfilesConfig;
in {
systemd.tmpfiles.rules = map tmpfilesConfig [
{
type = "L+";
user = config.users.users.me.name;
group = "users";
mode = "0755";
argument = "${config.users.users.me.home}/cloud/nextcloud/Uni";
path = "${config.users.users.me.home}/uni";
}
];
{ config, lib, pkgs, ... }: {
system.activationScripts.home-symlinks = ''
ln -sfn ${config.users.users.me.home}/cloud/syncthing/common/mahlzeit ${config.users.users.me.home}/mahlzeit
ln -sfn ${config.users.users.me.home}/cloud/Seafile/Wiki ${config.users.users.me.home}/notes
ln -sfn ${config.users.users.me.home}/cloud/Seafile/Uni ${config.users.users.me.home}/uni
'';
home-manager.users.me = {
services.gnome-keyring.enable = true;
services.nextcloud-client = {
enable = true;
startInBackground = true;
};
systemd.user.services.nextcloud-client = {
Unit = {
Wants = ["gnome-keyring.service"];
After = ["gnome-keyring.service"];
};
};
};
systemd.user.services.nextcloud-syncer = {
enable = false;
wants = ["network-online.target"];
wantedBy = ["default.target"];
startAt = "*:00/10";
script = let
kieran = {
user = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path;
endpoint = "https://cloud.kmein.de";
target = "${config.users.users.me.home}/notes";
};
in ''
mkdir -p ${lib.escapeShellArg kieran.target}
${pkgs.nextcloud-client}/bin/nextcloudcmd --non-interactive --user ${kieran.user} --password "$(cat ${kieran.passwordFile})" --path /Notes ${lib.escapeShellArg kieran.target} ${kieran.endpoint}
'';
serviceConfig = {
Type = "oneshot";
Restart = "on-failure";
};
services.nextcloud-client.enable = true;
};
environment.systemPackages = [
@@ -58,41 +14,20 @@ in {
set -efu
book="$({
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/syncthing/library -type f
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/nextcloud/Books -type f
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/Seafile/Books -type f
} | ${pkgs.fzf}/bin/fzf)"
exec ${pkgs.zathura}/bin/zathura "$book"
${pkgs.zathura}/bin/zathura "$book"
'')
(let
kieran = {
user = "kieran.meinhardt@gmail.com";
passwordFile = config.age.secrets.mega-password.path;
};
megatools = command: ''${pkgs.megatools}/bin/megatools ${command} --username ${lib.escapeShellArg kieran.user} --password "$(cat ${kieran.passwordFile})"'';
in
pkgs.writers.writeDashBin "book-mega" ''
set -efu
selection="$(${megatools "ls"} | ${pkgs.fzf}/bin/fzf)"
test -n "$selection" || exit 1
tmpdir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$tmpdir"
}
(
cd "$tmpdir"
${megatools "get"} "$selection"
exec ${pkgs.zathura}/bin/zathura "$(basename "$selection")"
)
'')
];
age.secrets.mega-password = {
file = ../secrets/mega-password.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
fileSystems."/media/moodle" = {
device = "zaatar.r:/moodle";
fsType = "nfs";
options = [
"x-systemd.idle-timeout=600"
"noauto"
"x-systemd.automount"
];
};
services.syncthing = rec {
@@ -101,24 +36,19 @@ in {
openDefaultPorts = true;
configDir = "/home/kfm/.config/syncthing";
dataDir = "/home/kfm/.config/syncthing";
cert = config.age.secrets.syncthing-cert.path;
key = config.age.secrets.syncthing-key.path;
cert = toString <system-secrets/syncthing/cert.pem>;
key = toString <system-secrets/syncthing/key.pem>;
inherit ((import ../lib).syncthing) devices;
folders = let
cloud-dir = "${config.users.users.me.home}/cloud";
in {
"${cloud-dir}/syncthing/zotero".devices = ["kabsa" "manakish"];
"${cloud-dir}/syncthing/common".devices = ["kabsa" "manakish"];
"${cloud-dir}/syncthing/library".devices = ["kabsa" "manakish" "heym"];
"${cloud-dir}/syncthing/mundoiu".devices = ["kabsa" "manakish" "heym"];
"${cloud-dir}/syncthing/obsidian" = {
devices = ["kabsa" "manakish" "heym"];
id = "3r1hu-3barr";
folders =
let cloud-dir = "${config.users.users.me.home}/cloud";
in {
"${cloud-dir}/syncthing/common".devices = [ "kabsa" "manakish" ];
"${cloud-dir}/syncthing/library".devices = [ "kabsa" "manakish" "heym" ];
"${cloud-dir}/syncthing/mundoiu".devices = [ "kabsa" "manakish" "heym" ];
"${cloud-dir}/syncthing/music" = {
devices = [ "kabsa" "manakish" "heym" "zaatar" ];
id = "music";
};
};
"${cloud-dir}/syncthing/music" = {
devices = ["kabsa" "manakish" "heym" "zaatar"];
id = "music";
};
};
};
}

8
configs/compton.nix Normal file
View File

@@ -0,0 +1,8 @@
{
services.compton = {
enable = true;
shadow = true;
menuOpacity = 0.9;
shadowOpacity = 0.3;
};
}

37
configs/copyq.nix Normal file
View File

@@ -0,0 +1,37 @@
{ config, pkgs, ... }:
let
copyqConfig = pkgs.writers.writeDash "copyq-config" ''
${pkgs.copyq}/bin/copyq config check_clipboard true
${pkgs.copyq}/bin/copyq config check_selection false
${pkgs.copyq}/bin/copyq config copy_clipboard true
${pkgs.copyq}/bin/copyq config copy_selection false
${pkgs.copyq}/bin/copyq config activate_closes true
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
${pkgs.copyq}/bin/copyq config clipboard_tab \&clipboard
${pkgs.copyq}/bin/copyq config disable_tray false
${pkgs.copyq}/bin/copyq config hide_tabs false
${pkgs.copyq}/bin/copyq config hide_toolbar false
${pkgs.copyq}/bin/copyq config item_popup_interval true
${pkgs.copyq}/bin/copyq config maxitems 1000
${pkgs.copyq}/bin/copyq config move true
${pkgs.copyq}/bin/copyq config text_wrap true
'';
in {
environment.systemPackages = [ pkgs.copyq ];
systemd.user.services.copyq = {
wantedBy = [ "graphical-session.target" ];
environment = {
DISPLAY = ":${toString config.services.xserver.display}";
};
serviceConfig = {
SyslogIdentifier = "copyq";
ExecStart = "${pkgs.copyq}/bin/copyq";
ExecStartPost = copyqConfig;
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
}

228
configs/default.nix
View File

@@ -1,54 +1,42 @@
{
pkgs,
lib,
config,
niveumPackages,
inputs,
...
}: let
{ pkgs, lib, config, options, ... }:
let
inherit (lib.strings) makeBinPath;
inherit (import ../lib) localAddresses kieran;
defaultApplications = (import ../lib).defaultApplications {inherit pkgs;};
in {
imports = [
inputs.self.nixosModules.system-dependent
inputs.self.nixosModules.power-action
../modules/system-dependent.nix
{
boot.supportedFilesystems = ["ntfs"];
boot.supportedFilesystems = [ "ntfs" ];
}
{
nix.nixPath = [
"/var/src"
"nixpkgs-overlays=${toString ../overlays}"
];
}
{
nixpkgs = {
config = {
allowUnfree = true;
packageOverrides = pkgs: {
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"'';
writeDashBin = pkgs.writers.writeDashBin;
writeDash = pkgs.writers.writeDash;
gfs-fonts = pkgs.callPackage <niveum/packages/gfs-fonts.nix> {};
iolanguage = pkgs.callPackage <niveum/packages/iolanguage.nix> { };
ix = pkgs.callPackage <niveum/packages/ix.nix> { };
};
permittedInsecurePackages = [
"qtwebkit-5.212.0-alpha4"
];
};
overlays = [
(self: super: {
scripts = import ../packages/scripts { pkgs = super; lib = super.lib; };
})
];
};
}
{
boot.tmp.cleanOnBoot = true;
boot.cleanTmpDir = true;
boot.loader.timeout = 1;
}
{
age.secrets = {
di-fm-key = {
file = ../secrets/di-fm-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
restic = {
file = ../secrets/restic.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
}
{
home-manager.users.me = {
programs.zathura = {
@@ -60,19 +48,6 @@ in {
};
};
}
{
environment.systemPackages = [
pkgs.capitaine-cursors
];
home-manager.users.me = {
home.pointerCursor = {
name = "capitaine-cursors-white";
package = pkgs.capitaine-cursors;
size = 12;
};
};
}
{
users.mutableUsers = false;
@@ -81,19 +56,42 @@ in {
users.users.me = {
name = "kfm";
description = kieran.name;
passwordFile = config.age.secrets.kfm-password.path;
hashedPassword =
"$6$w9hXyGFl/.IZBXk$5OiWzS1G.5hImhh1YQmZiCXYNAJhi3X6Y3uSLupJNYYXPLMsQpx2fwF4Xr2uYzGMV8Foqh8TgUavx1APD9rcb/";
isNormalUser = true;
uid = 1000;
};
age.secrets = {
kfm-password.file = ../secrets/kfm-password.age;
};
home-manager.users.me.xdg.enable = true;
home-manager.users.me.dconf.enable = false;
}
{
environment.interactiveShellInit = "export PATH=$PATH:$HOME/projects/niveum";
sound.enable = true;
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
extraModules = [ pkgs.pulseaudio-modules-bt ];
# copy server:/run/pulse/.config/pulse/cookie to client:~/.config/pulse/cookie to authenticate a client machine
zeroconf.discovery.enable = true;
extraConfig = ''
load-module ${toString [
"module-tunnel-sink-new"
"server=zaatar.r"
"sink_name=zaatar"
"channels=2"
"rate=44100"
]}
'';
};
users.users.me.extraGroups = [ "audio" ];
environment.systemPackages = [ pkgs.pavucontrol pkgs.ncpamixer pkgs.pamixer pkgs.pulsemixer ];
}
{
environment.interactiveShellInit =
"export PATH=$PATH:$HOME/projects/niveum";
environment.shellAliases = let
wcd = pkgs.writers.writeDash "wcd" ''
cd "$(readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname)/.."
@@ -104,49 +102,41 @@ in {
take = pkgs.writers.writeDash "take" ''
mkdir "$1" && cd "$1"
'';
cdt = pkgs.writers.writeDash "cdt" ''
cd "$(mktemp -d)"
pwd
'';
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
in {
"ß" = "${pkgs.util-linux}/bin/setsid";
cat = "${pkgs.bat}/bin/bat --theme=ansi --style=plain";
chromium-incognito = "chromium --user-data-dir=$(mktemp -d /tmp/chr.XXXXXX) --no-first-run --incognito";
"ß" = "${pkgs.utillinux}/bin/setsid";
cat = "${pkgs.bat}/bin/bat --style=plain";
chromium-incognito =
"chromium --user-data-dir=$(mktemp -d /tmp/chr.XXXXXX) --no-first-run --incognito";
cp = "cp --interactive";
ip = "${pkgs.iproute2}/bin/ip -c";
l = "ls --color=auto --time-style=long-iso --almost-all";
ip = "${pkgs.iproute}/bin/ip -c";
l = "ls --color=auto --time-style=long-iso --almost-all";
ls = "ls --color=auto --time-style=long-iso";
ll = "ls --color=auto --time-style=long-iso -l";
la = "ls --color=auto --time-style=long-iso --almost-all -l";
mv = "mv --interactive";
nixi = "nix repl '<nixpkgs>'";
ns = "nix-shell --run zsh";
o = "${pkgs.xdg-utils}/bin/xdg-open";
o = "${pkgs.xdg_utils}/bin/xdg-open";
pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in";
pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out";
rm = "rm --interactive";
s = "${pkgs.systemd}/bin/systemctl";
take = "source ${take}";
cdt = "source ${cdt}";
vit = "$EDITOR $(mktemp)";
tmux = "${pkgs.tmux}/bin/tmux -2";
sxiv = swallow "${pkgs.nsxiv}/bin/nsxiv";
sxiv = swallow "${pkgs.sxiv}/bin/sxiv";
zathura = swallow "${pkgs.zathura}/bin/zathura";
us = "${pkgs.systemd}/bin/systemctl --user";
wcd = "source ${wcd}";
im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
where = "source ${where}";
yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link
yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -xic"; # Download with audio
};
}
{
i18n = {
defaultLocale = "en_DK.UTF-8";
supportedLocales = ["all"];
yt =
"${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -ic"; # Download video link
yta =
"${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -xic"; # Download with audio
};
}
{ i18n.defaultLocale = "en_GB.UTF-8"; }
{
services.xserver = {
enable = true;
@@ -159,7 +149,7 @@ in {
enable = true;
greeters.gtk = {
enable = true;
indicators = ["~spacer" "~host" "~spacer" "~session" "~power"];
indicators = [ "~spacer" "~host" "~spacer" "~session" "~power" ];
};
};
};
@@ -168,33 +158,24 @@ in {
{
security.wrappers = {
pmount = {
setuid = true;
owner = "root";
group = "root";
group = "users";
source = "${pkgs.pmount}/bin/pmount";
};
pumount = {
setuid = true;
owner = "root";
group = "root";
group = "users";
source = "${pkgs.pmount}/bin/pumount";
};
};
}
{programs.command-not-found.enable = true;}
{ programs.command-not-found.enable = true; }
{
home-manager.users.me = {
services.gpg-agent = rec {
enable = true;
enableZshIntegration = true;
defaultCacheTtl = 2 * 60 * 60;
maxCacheTtl = 4 * defaultCacheTtl;
};
};
programs.gnupg.agent.enable = true;
environment.systemPackages = [
pkgs.gnupg
(pkgs.pass.withExtensions (e: [e.pass-otp e.pass-import e.pass-genphrase]))
(pkgs.pass.withExtensions (e: [e.pass-otp]))
];
}
{
@@ -207,90 +188,65 @@ in {
};
}
{
networking.hosts =
lib.mapAttrs' (name: address: {
name = address;
value = ["${name}.local"];
})
localAddresses;
networking.hosts = lib.mapAttrs' (name: address: {
name = address;
value = [ "${name}.local" ];
}) localAddresses;
}
{
home-manager.users.me.home.stateVersion = "22.05";
}
{
systemd.user.services.udiskie = {
after = ["udisks2.service"];
wants = ["udisks2.service"];
wantedBy = ["graphical-session.target"];
serviceConfig = {
ExecStart = "${pkgs.udiskie}/bin/udiskie --verbose --no-config --notify";
};
};
services.udisks2.enable = true;
programs.dconf.enable = true;
home-manager.users.me = {
dconf.enable = true;
dconf.settings = {
# Change the default terminal for Nemo
"org/cinnamon/desktop/applications/terminal".exec = defaultApplications.terminal;
};
};
}
./android.nix
./stylix.nix
./alacritty.nix
./backup.nix
./bash.nix
./beets.nix
./bluetooth.nix
./aerc.nix
./ccc.nix
# ./kleiter.nix
./khal.nix
./chromium.nix
./clipboard.nix
./cloud.nix
./copyq.nix
./compton.nix
./direnv.nix
./docker.nix
./dunst.nix
./flix.nix
./fonts.nix
./fzf.nix
./gaslight.nix
./git.nix
./hledger.nix
./htop.nix
./hu-berlin.nix
./fu-berlin.nix
./fysi.nix
./i3.nix
./i3status-rust.nix
./keyboard.nix
./lb.nix
./mpv.nix
./mime.nix
./nano.nix
./neovim.nix
./nix.nix
./neomutt.nix
./newsboat.nix
./flameshot.nix
./packages.nix
./picom.nix
./stardict.nix
./polkit.nix
./power-action.nix
./flameshot-once.nix
./packages
# ./power-action.nix
./printing.nix
./openweathermap.nix
# ./wallpaper.nix
./redshift.nix
./retiolum.nix
./rofi.nix
./spacetime.nix
./seafile.nix
./ssh.nix
./sshd.nix
./sound.nix
./sudo.nix
./sxiv.nix
./theming.nix
./tmux.nix
# ./tor.nix
./traadfri.nix
./unclutter.nix
./version.nix
./vscode.nix
./watson.nix
./zsh.nix
./tor.nix
./stw-berlin.nix
./mastodon-bot.nix
];
}

23
configs/direnv.nix
View File

@@ -1,4 +1,5 @@
{pkgs, ...}: let
{ pkgs, ... }:
let
nixify = pkgs.writers.writeDashBin "nixify" ''
set -efuC
@@ -10,25 +11,25 @@
cat > shell.nix <<'EOF'
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
packages = [];
buildInputs = [];
}
EOF
''${EDITOR:-vim} shell.nix
fi
'';
in {
environment.systemPackages = [pkgs.direnv nixify];
environment.systemPackages = [ pkgs.direnv nixify ];
home-manager.users.me.programs.direnv = {
enable = true;
stdlib = builtins.readFile "${
pkgs.fetchFromGitHub {
owner = "Mic92";
repo = "dotfiles";
rev = "a0a9b7e358fa70a85cd468f8ca1fbb02ae0a91df";
sha256 = "1y9h5s1lf59sczsm0ksq2x1yhl98ba9lwk5yil3q53rg7n4574pg";
}
}/home/.direnvrc";
stdlib = builtins.readFile ("${
pkgs.fetchFromGitHub {
owner = "Mic92";
repo = "dotfiles";
rev = "a0a9b7e358fa70a85cd468f8ca1fbb02ae0a91df";
sha256 = "1y9h5s1lf59sczsm0ksq2x1yhl98ba9lwk5yil3q53rg7n4574pg";
}
}/home/.direnvrc");
};
programs.zsh.interactiveShellInit = ''

15
configs/distrobump.nix
View File

@@ -1,15 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
(import <stockholm/makefu/3modules/bump-distrowatch.nix> {
inherit lib config;
pkgs = pkgs // {writeDash = pkgs.writers.writeDash;};
})
];
makefu.distrobump.enable = false;
}

10
configs/docker.nix
View File

@@ -1,8 +1,4 @@
{
lib,
pkgs,
...
}: {
{ lib, pkgs, ... }: {
virtualisation.docker = {
enable = true;
# for ICE wifi, ref https://gist.github.com/sunsided/7840e89ff4e11b64a2d7503fafa0290c
@@ -11,6 +7,6 @@
"--fixed-cidr=172.39.1.0/25"
];
};
users.users.me.extraGroups = ["docker"];
environment.systemPackages = [pkgs.docker pkgs.docker-compose];
users.users.me.extraGroups = [ "docker" ];
environment.systemPackages = [ pkgs.docker pkgs.docker_compose ];
}

27
configs/dunst.nix
View File

@@ -1,9 +1,6 @@
{
config,
pkgs,
...
}: let
inherit (import ../lib) defaultApplications theme;
{ config, pkgs, ... }:
let
inherit (import ../lib) defaultApplications colours theme;
in {
home-manager.users.me.services.dunst = {
enable = true;
@@ -11,13 +8,16 @@ in {
settings = {
global = {
transparency = 10;
font = "Monospace 8";
geometry = "200x5-30+20";
frame_color = colours.foreground;
follow = "mouse";
indicate_hidden = true;
notification_height = 0;
separator_height = 2;
padding = 8;
horizontal_padding = 8;
separator_color = "auto";
sort = true;
markup = "full";
format = "%a\\n<b>%s</b>\\n%b";
@@ -40,13 +40,22 @@ in {
mouse_right_click = "close_current";
mouse_middle_click = "close_all";
};
urgency_low = {
urgency_low = rec {
frame_color = background;
background = colours.foreground;
foreground = colours.background;
timeout = 5;
};
urgency_normal = {
urgency_normal = rec {
frame_color = background;
background = colours.foreground;
foreground = colours.background;
timeout = 10;
};
urgency_critical = {
urgency_critical = rec {
frame_color = background;
background = colours.red.dark;
foreground = colours.background;
timeout = 0;
};
};

24
configs/flameshot-once.nix Normal file
View File

@@ -0,0 +1,24 @@
{ lib, pkgs, ... }:
let
inherit (import <niveum/lib>) defaultApplications;
flameshot-once = pkgs.callPackage <stockholm/krebs/5pkgs/simple/flameshot-once> {};
in {
nixpkgs.overlays = [
(self: super: {
write =
super.callPackage <stockholm/krebs/5pkgs/simple/xwaitforwindow.nix> { };
})
];
environment.systemPackages = [
(flameshot-once.override {
config.imgur = {
enable = true;
createUrl = "http://p.r/image";
deleteUrl = "http://p.r/image/delete/%1";
xdg-open.browser = (defaultApplications pkgs).browser;
};
config.timeout = 1000;
})
];
}

23
configs/flameshot.nix
View File

@@ -1,23 +0,0 @@
{
lib,
pkgs,
...
}: {
home-manager.users.me = {
services.flameshot = {
enable = true;
settings.General = {
autoCloseIdleDaemon = true;
drawColor = "#ff0000";
drawThickness = 2;
checkForUpdates = false;
showDesktopNotification = true;
disabledTrayIcon = true;
showHelp = false;
squareMagnifier = true;
uploadWithoutConfirmation = true;
buttons = ''@Variant(\0\0\0\x7f\0\0\0\vQList<int>\0\0\0\0\x10\0\0\0\x2\0\0\0\x5\0\0\0\x13\0\0\0\xa\0\0\0\x1\0\0\0\xc\0\0\0\xd\0\0\0\x6\0\0\0\x8\0\0\0\0\0\0\0\xf\0\0\0\x4\0\0\0\xb\0\0\0\x3\0\0\0\x12\0\0\0\x9)'';
};
};
};
}

47
configs/flix.nix
View File

@@ -1,19 +1,14 @@
{
config,
pkgs,
...
}: let
{ config, pkgs, ... }:
let
flixLocation = "/media/flix";
flixLocationNew = "/media/flix-new";
cacheLocation = "/var/cache/flix";
indexFilename = "index";
indexFilenameNew = "index-new";
flixUser = "flix";
flixGroup = "users";
inherit (import ../lib) tmpfilesConfig;
inherit (import <niveum/lib>) tmpfilesConfig;
in {
fileSystems.${flixLocation} = {
device = "prism.r:/export/download";
device = "prism.r:/export";
fsType = "nfs";
options = [
"noauto"
@@ -23,25 +18,12 @@ in {
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
"x-systemd.requires=tinc.retiolum.service"
"x-systemd.requires=wpa_supplicant.service"
"user"
"_netdev"
];
};
fileSystems.${flixLocationNew} = {
device = "//yellow.r/public";
fsType = "cifs";
options = [
"guest"
"nofail"
"noauto"
"ro"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
};
systemd.tmpfiles.rules = [
(tmpfilesConfig {
type = "d";
@@ -54,11 +36,8 @@ in {
systemd.services.flix-index = {
description = "Flix indexing service";
wants = ["network-online.target"];
script = ''
cp ${flixLocation}/index ./${indexFilename}
cp ${flixLocationNew}/index ./${indexFilenameNew}
'';
wants = [ "network-online.target" ];
script = "cp ${flixLocation}/download/index ./${indexFilename}";
startAt = "hourly";
serviceConfig = {
Type = "oneshot";
@@ -88,11 +67,13 @@ in {
'')
(pkgs.writers.writeDashBin "flixmenu" ''
set -efu
(
${pkgs.gnused}/bin/sed 's#^\.#${flixLocation}#' ${cacheLocation}/${indexFilename}
${pkgs.gnused}/bin/sed 's#^\.#${flixLocationNew}#' ${cacheLocation}/${indexFilenameNew}
) | ${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.util-linux}/bin/setsid ${pkgs.xdg-utils}/bin/xdg-open '{}'
cd "${flixLocation}/download"
[ -f "${cacheLocation}/${indexFilename}" ] || exit 1
${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" < ${cacheLocation}/${indexFilename} \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.utillinux}/bin/setsid ${pkgs.xdg_utils}/bin/xdg-open '{}'
'')
];
}

127
configs/fonts.nix
View File

@@ -1,128 +1,41 @@
{
pkgs,
niveumPackages,
...
}: let
zip-font = name: arguments: let
directory = pkgs.fetchzip arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/{truetype,opentype,woff}
${pkgs.findutils}/bin/find ${directory} -name '*.ttf' -exec install '{}' $out/share/fonts/truetype \;
${pkgs.findutils}/bin/find ${directory} -name '*.otf' -exec install '{}' $out/share/fonts/opentype \;
${pkgs.findutils}/bin/find ${directory} -name '*.woff' -exec install '{}' $out/share/fonts/woff \;
'';
simple-ttf = name: arguments: let
file = pkgs.fetchurl arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/truetype
install ${file} $out/share/fonts/truetype
'';
{ pkgs, ... }: {
nixpkgs.config.joypixels.acceptLicense = true;
egyptianHiero = zip-font "EgyptianHiero" {
url = "https://github.com/MKilani/Djehuty/archive/master.zip";
sha256 = "sha256-KbY4vedm757NWfDlgmNhslbZd+2Vs+o5PjtMMGDt61Y=";
};
antinoou = zip-font "Antinoou" {
url = "https://www.evertype.com/fonts/coptic/AntinoouFont.zip";
sha256 = "0jwihj08n4yrshcx07dnaml2x9yws6dgyjkvg19jqbz17drbp3sw";
stripRoot = false;
};
newGardiner = zip-font "NewGardiner" {
url = "https://mjn.host.cs.st-andrews.ac.uk/egyptian/fonts/NewGardiner.zip";
hash = "sha256-i7ZBN28no/884fYMA7ZJ47WpkwZXzY//TK0bDz21pE0=";
stripRoot = false;
};
junicode2 = zip-font "JunicodeTwo" {
url = "https://github.com/psb1558/Junicode-font/archive/48bf476db278c844c67542b04d1e0e4c71f139d2.zip";
sha256 = "1ryicc155vkvgv3315ddliigwa01afwyb4c4f6pnqcns03af001i";
};
newAthenaUnicode = zip-font "NewAthenaUnicode" {
url = "https://classicalstudies.org/sites/default/files/userfiles/files/NAU5_005.zip";
sha256 = "1g7qk9gl4nq2dz41bvck1nzilhin44j8691cxax3dlp77bbn9bxr";
};
jsesh = simple-ttf "JSesh" {
url = "http://files.qenherkhopeshef.org/jsesh/JSeshFont.ttf";
sha256 = "1203jrk2xzvgckcc5hx88kja1i3h8gm1wiyla5j6gspc0hbv56ry";
};
egyptianText = simple-ttf "EgyptianText-1.0beta" {
url = "http://c.krebsco.de/EgyptianText-v1.0-beta.ttf";
sha256 = "0cfjbk7xxnxhlp6v922psm5j1xzrv6wfk226ji2wz2yfrnkbcbsv";
};
in {
fonts = {
enableDefaultFonts = true;
fontDir.enable = true;
fonts = with pkgs; [
alegreya
alegreya-sans
amiri
annapurna-sil
antinoou
cantarell-fonts
cardo
charis-sil
doulos-sil
newAthenaUnicode
corefonts
crimson
eb-garamond
ipaexfont
jsesh
egyptianHiero
egyptianText
font-awesome_6
etBook
newGardiner
junicode2
ezra-sil
fira
font-awesome
galatia-sil
gentium
niveumPackages.gfs-fonts
gyre-fonts
font-awesome-ttf
ibm-plex
jetbrains-mono
libertinus
libre-bodoni
inconsolata
iosevka
libertine
lmodern
merriweather
ocr-a
roboto
roboto-mono
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
roboto
roboto-mono
roboto-slab
scheherazade-new
source-code-pro
source-sans-pro
source-serif-pro
theano
niveumPackages.tocharian-font
vistafonts
vollkorn
zilla-slab
]; # google-fonts league-of-moveable-type
fontconfig.defaultFonts = rec {
monospace = ["Noto Sans Mono"] ++ emoji;
serif = ["Noto Serif" "Noto Naskh Arabic" "Noto Serif Devanagari"];
sansSerif = ["Noto Sans Display" "Noto Naskh Arabic" "Noto Sans Devanagari" "Noto Sans CJK JP" "Noto Sans Coptic"];
emoji = ["Noto Color Emoji"];
source-sans-pro
ubuntu_font_family
gfs-fonts
jetbrains-mono
twemoji-color-font
joypixels
];
fontconfig.defaultFonts = {
monospace = [ "JetBrains Mono" "JoyPixels" ];
serif = [ "Roboto Slab" ];
sansSerif = [ "Roboto" "Noto Sans" ];
emoji = [ "JoyPixels" ];
};
# xelatex fails with woff files
# ref https://tex.stackexchange.com/questions/392144/xelatex-and-fontspec-crash-trying-to-find-woff-file-for-some-fonts-but-not-other
fontconfig.localConf = ''
<fontconfig>
<!-- Reject WOFF fonts We don't register WOFF(2) fonts with fontconfig because of the W3C spec -->
<selectfont>
<rejectfont>
<glob>*.woff*</glob>
</rejectfont>
</selectfont>
</fontconfig>
'';
};
}

80
configs/fu-berlin.nix
View File

@@ -1,80 +0,0 @@
{
config,
pkgs,
lib,
...
}: let
username = "meinhak99";
inherit (import ../lib/email.nix) defaults;
fu-defaults = rec {
imap.host = "mail.zedat.fu-berlin.de";
smtp.host = imap.host;
folders.drafts = "Entwürfe";
folders.sent = "Gesendet";
folders.trash = "Papierkorb";
};
in {
home-manager.users.me = {
programs.ssh = {
matchBlocks = {
fu-berlin = {
user = username;
hostname = "login.zedat.fu-berlin.de";
setEnv.TERM = "xterm";
};
};
};
accounts.email.accounts = {
fu-student =
lib.recursiveUpdate defaults
(lib.recursiveUpdate fu-defaults
rec {
userName = "meinhak99";
address = "kieran.meinhardt@fu-berlin.de";
aliases = ["${userName}@fu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhak99.path}";
});
};
};
systemd.user.services.fu-blackboard-calendar = {
enable = true;
# startAt = "*:00/10";
after = ["vdirsyncer.service"];
wantedBy = ["default.target"];
script = ''
${pkgs.curl}/bin/curl $(cat ${config.age.secrets.blackboard-calendar-ics.path}) | ${pkgs.khal}/bin/khal import -
'';
serviceConfig = {
Type = "oneshot";
Restart = "on-failure";
};
};
age.secrets = {
email-password-meinhak99 = {
file = ../secrets/email-password-meinhak99.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
blackboard-calendar-ics = {
file = ../secrets/blackboard-calendar-ics.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
systemd.services.fu-vpn = {
enable = true;
wants = ["network-online.target"];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhak99.path}";
script = ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then
cat "$CREDENTIALS_DIRECTORY/password" | ${pkgs.openconnect}/bin/openconnect vpn.fu-berlin.de --user ${username} --passwd-on-stdin
fi
'';
};
}

55
configs/fysi.nix
View File

@@ -1,55 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
inherit (import ../lib/email.nix) defaults;
sshIdentity = name: "${config.users.users.me.home}/.ssh/${name}";
in {
age.secrets = {
email-password-fysi = {
file = ../secrets/email-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
accounts.email.accounts = {
fysi =
lib.recursiveUpdate defaults
rec {
address = "kieran@fysi.tech";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-fysi.path}";
flavor = "fastmail.com";
};
};
programs.ssh.matchBlocks = rec {
"nextcloud.fysi.dev" = {
hostname = "116.203.82.203";
user = "root";
};
"lingua.miaengiadina.ch" = {
hostname = "135.181.85.233";
user = "root";
};
"cms-dev.woc2023.app".identityFile = sshIdentity "fysiweb";
"cms-master.woc2023.app".identityFile = sshIdentity "fysiweb";
"fysi-dev1" = {
hostname = "94.130.229.139";
user = "root";
identityFile = sshIdentity "fysiweb";
};
${fysi-dev1.hostname} = fysi-dev1;
"fysi-shared0" = {
hostname = "49.12.205.235";
user = "root";
identityFile = sshIdentity "fysiweb";
};
};
};
}

42
configs/fzf.nix
View File

@@ -1,22 +1,32 @@
{pkgs, ...}: {
programs.fzf = {
fuzzyCompletion = true;
keybindings = true;
};
home-manager.users.me = {
programs.fzf = rec {
enable = true;
defaultCommand = "${pkgs.fd}/bin/fd --type f --strip-cwd-prefix --follow --no-ignore-vcs --exclude .git";
defaultOptions = ["--height=40%"];
changeDirWidgetCommand = "${pkgs.fd}/bin/fd --type d";
changeDirWidgetOptions = [
"--preview='${pkgs.tree}/bin/tree -L 1 {}'"
{ pkgs, lib, ... }: {
environment = {
systemPackages = [ pkgs.fzf ];
variables = {
FZF_DEFAULT_OPTS =
lib.escapeShellArgs [ "--height=40%" "--layout=reverse" ];
FZF_ALT_C_COMMAND = "${pkgs.fd}/bin/fd --type d";
FZF_ALT_C_OPTS = lib.escapeShellArgs [
"--preview='${pkgs.tree}/bin/tree -L 1 \"{}\"'"
"--bind=space:toggle-preview"
"--preview-window=hidden"
];
fileWidgetCommand = defaultCommand;
fileWidgetOptions = ["--preview='head -$LINES {}'"];
FZF_CTRL_T_COMMAND = "${pkgs.fd}/bin/fd --type f";
FZF_CTRL_T_OPTS =
lib.escapeShellArgs [ "--preview='${pkgs.bat}/bin/bat \"{}\"'" ];
};
};
programs.zsh.interactiveShellInit = ''
if [[ $options[zle] = on ]]; then
. ${pkgs.fzf}/share/fzf/completion.zsh
. ${pkgs.fzf}/share/fzf/key-bindings.zsh
fi
'';
programs.bash.interactiveShellInit = ''
if [[ :$SHELLOPTS: =~ :(vi|emacs): ]]; then
. ${pkgs.fzf}/share/fzf/completion.bash
. ${pkgs.fzf}/share/fzf/key-bindings.bash
fi
'';
}

6
systems/zaatar/gaslight.nix → configs/gaslight.nix
View File

@@ -1,4 +1,5 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
environment.systemPackages = [
(pkgs.writers.writeDashBin "gaslight-stream" ''
${pkgs.ffmpeg}/bin/ffmpeg -r 14 -s 640x480 -f video4linux2 -i /dev/video0 -f alsa -i default -c:v libx264 -preset ultrafast -c:a aac -f avi -
@@ -15,9 +16,10 @@
'')
];
}
/*
ssh machine gaslight-stream | mpv -
ssh machine gaslight-say "blablabla"
*/
*/

78
configs/git.nix
View File

@@ -1,25 +1,20 @@
{
pkgs,
config,
lib,
inputs,
...
}: let
{ pkgs, config, lib, ... }:
let
inherit (import ../lib) kieran ignorePaths;
in {
in
{
environment.systemPackages = [
pkgs.mr
pkgs.git
pkgs.git-crypt
pkgs.gitAndTools.gitflow
pkgs.gitAndTools.hub
pkgs.gitAndTools.gh
pkgs.gitAndTools.git-extras
pkgs.gitAndTools.git-trim
pkgs.gitAndTools.git-absorb
pkgs.gitstats
pkgs.patch
pkgs.patchutils
inputs.self.packages.x86_64-linux.git-preview
pkgs.git-preview
];
environment.shellAliases = {
@@ -28,6 +23,37 @@ in {
};
home-manager.users.me = {
home.file.".mrconfig".text = let
prependPath = prefix:
lib.attrsets.mapAttrs'
(path: lib.attrsets.nameValuePair "${prefix}/${path}");
git = url: { checkout = "git clone ${url}"; };
github = owner: repo: git "git@github.com:${owner}/${repo}";
keybase = owner: repo: git "keybase://private/${owner}/${repo}";
in lib.generators.toINI { } ({
DEFAULT = { git_gc = ''git gc "$@"''; };
} // prependPath "projects" {
"menstruation.rs" = github "kmein" "menstruation.rs";
brockman = github "kmein" "brockman";
challenges = github "kmein" "challenges";
conlangs = github "kmein" "conlangs";
ledger = keybase "kmein" "ledger";
mahlzeit = github "kmein" "mahlzeit";
menstruation-telegram = github "kmein" "menstruation-telegram";
meteora = github "kmein" "meteora";
modernizr = github "kmein" "modernizr";
niveum = github "kmein" "niveum";
nixpkgs = github "NixOS" "nixpkgs";
poetry = github "kmein" "poetry";
quotes = github "kmein" "quotes";
sphinx = github "kmein" "sphinx";
stockholm = git "https://cgit.krebsco.de/stockholm";
telebots = github "kmein" "telebots";
traadfri = github "kmein" "traadfri";
wissen = github "kmein" "wissen";
zen = github "kmein" "zen";
});
programs.git = {
enable = true;
package = pkgs.gitAndTools.gitFull;
@@ -44,21 +70,33 @@ in {
diffs = "diff --staged";
last = "log -1 HEAD";
logs = "log --pretty=oneline";
graph = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
graph =
"log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
};
ignores = ignorePaths;
extraConfig = {
pull.ff = "only";
rebase.autoStash = true;
merge.autoStash = true;
push.autoSetupRemote = true;
# # ref https://github.com/dandavison/delta
# core.pager = "${pkgs.delta}/bin/delta";
# interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";
# delta.navigate = true;
# merge.conflictStyle = "diff3";
# diff.colorMoved = "default";
core.pager =
"${pkgs.gitAndTools.diff-so-fancy}/bin/diff-so-fancy | ${pkgs.less}/bin/less --tabs=4 -RFX";
color = {
ui = true;
diff = {
meta = "11";
frag = "magenta bold";
commit = "yellow bold";
old = "red bold";
new = "green bold";
whitespace = "red reverse";
};
diff-highlight = {
oldNormal = "red bold";
oldHighlight = "red bold 52";
newNormal = "green bold";
newHighlight = "green bold 22";
};
};
};
};
};

13
configs/gitea.nix Normal file
View File

@@ -0,0 +1,13 @@
{
services.gitea = {
enable = true;
disableRegistration = true;
rootUrl = "https://code.kmein.de";
appName = "code.kmein.de";
};
services.nginx.virtualHosts."code.kmein.de" = {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = "proxy_pass http://localhost:3000;";
};
}

61
configs/hass/default.nix Normal file
View File

@@ -0,0 +1,61 @@
{ config, pkgs, lib, ... }:
let
inherit (import ./lib.nix) triggers;
inherit (import <niveum/lib>) localAddresses;
in
{
imports = [
./zigbee.nix
./frontend.nix
];
services.home-assistant = {
enable = true;
configWritable = true;
lovelaceConfigWritable = true;
openFirewall = true;
config = {
homeassistant = {
name = "Toum";
latitude = config.location.latitude;
longitude = config.location.longitude;
elevation = 90; # TODO find out how high I live
unit_system = "metric";
time_zone = config.time.timeZone;
};
config = {};
discovery = {};
system_health = {};
history = {};
# tradfri.host = localAddresses.tradfri; # dont use until python3Packages.pytradfri is packaged
sun = {};
mobile_app = {};
shopping_list = {};
sensor = [
{
platform = "dwd_weather_warnings";
region_name = "Berlin";
}
];
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "albrecht";
password = lib.strings.fileContents <system-secrets/mosquitto>;
keepalive = 60;
protocol = "3.1";
discovery = true;
birth_message = {
topic = "/hass/status";
payload = "online";
};
will_message = {
topic = "/hass/status";
payload = "offline";
};
};
};
};
}

37
configs/hass/frontend.nix Normal file
View File

@@ -0,0 +1,37 @@
let
inherit (import ./lib.nix) triggers;
in
{
services.home-assistant.config = {
frontend = {
themes = {
day_theme = import ./themes/clear.nix;
night_theme = import ./themes/clear-dark.nix;
};
};
automation = [
{
alias = "Night Theme";
hide_entity = true;
trigger = triggers.night;
action = [
{
service = "frontend.set_theme";
data.name = "night_theme";
}
];
}
{
alias = "Day Theme";
hide_entity = true;
trigger = triggers.day;
action = [
{
service = "frontend.set_theme";
data.name = "day_theme";
}
];
}
];
};
}

16
configs/hass/lib.nix Normal file
View File

@@ -0,0 +1,16 @@
{
triggers = {
night = {
platform = "numeric_state";
entity_id = "sun.sun";
value_template = "{{ state.attributes.elevation }}";
below = -4.0;
};
day = {
platform = "numeric_state";
entity_id = "sun.sun";
value_template = "{{ state.attributes.elevation }}";
above = 0;
};
};
}

72
configs/hass/themes/clear-dark.nix Normal file
View File

@@ -0,0 +1,72 @@
rec {
# Colors
text-color = "#DADADB"; # Grey text
text-medium-light-color = "#A0A2A8"; # Medium-light grey text
text-medium-color = "#80828A"; # Medium grey text
text-dark-color = "#6A6B74"; # Dark grey text
accent-color = "#008bef"; # Blue
accent-medium-color = "#2484C9"; # Decent blue
background-color = "#3b4049"; # Dark grey background
background-color-2 = "#484E59"; # Light grey background
background-card-color = "#434952"; # Grey background
border-color = "#383C46"; # Grey border
# Header
app-header-background-color = "#363941"; # Background color
# Text
primary-color = text-color;
text-primary-color = text-color;
# Left Menu
paper-listbox-background-color = background-color; # Background
sidebar-icon-color = text-medium-color; # icons
sidebar-selected-icon-color = text-medium-light-color; # Selected row icon and background (15%)
sidebar-selected-text-color = text-color; # Selected row label
# UI
paper-card-header-color = text-color; # Title in settings
primary-background-color = background-color; # Background (also title background in left menu)
mdc-theme-primary = accent-medium-color; # Action Buttons (save, restart etc.)
card-background-color = background-card-color; # Entity Registry Background
# Card
paper-card-background-color = background-card-color; # Background
dark-primary-color = text-color;
primary-text-color = text-color;
paper-listbox-color = text-color;
light-primary-color = text-dark-color;
secondary-text-color = text-medium-color;
disabled-text-color = text-dark-color;
paper-dialog-button-color = text-color;
secondary-background-color = background-color-2; # Background more info title
# Icons
paper-item-icon-color = text-dark-color; # Off
paper-item-icon-active-color = accent-color; # On
# Switches
switch-checked-button-color = text-medium-light-color; # Knob On
switch-unchecked-button-color = text-medium-light-color; # Knob Off
switch-checked-track-color = "#009FFF"; # Background On
switch-unchecked-track-color = "#767682"; # Background Off
# Slider
paper-slider-active-color = accent-color; # Line On
paper-slider-knob-color = text-medium-light-color; # Knob On
paper-slider-container-color = text-dark-color; # Line Off
paper-slider-knob-start-color = text-medium-light-color; # Knob Off
# Badges
label-badge-text-color = text-color;
label-badge-background-color = "rgba(54, 57, 65, 0.6)";
# Shadows
ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
# HACS
hacs-badge-color = accent-color; # New Badge
hacs-status-installed = text-color; # Installed Icon
hacs-status-pending-restart = text-dark-color; # Restart Icon
hacs-status-pending-update = accent-color;
}

52
configs/hass/themes/clear.nix Normal file
View File

@@ -0,0 +1,52 @@
rec {
text-color = "#636B75"; # Grey text
text-medium-color = "#8c96a5"; # Medium grey text
text-light-color = "#BAC0C6"; # Light grey text
accent-color = "#00a1ff"; # Blue
background-color = "#F7F8F9"; # Light grey background
background-color-2 = "#F4F5F6"; # Light grey background
background-card-color = "rgba(255,255,255,1.0)"; # White background
border-color = "#E8E8E8"; # Light grey border
# Header
primary-color = text-color; # Background
text-primary-color = "#FFF"; # Text
# Left Menu
paper-listbox-background-color = background-color; # Background
# TODO = Text and Icons
# UI
paper-card-header-color = text-color; # Title in settings
primary-background-color = background-color; # Background color (also title background in left menu)
# Card
paper-card-background-color = background-card-color; # Background
dark-primary-color = text-color;
primary-text-color = text-color;
paper-listbox-color = text-color;
light-primary-color = text-light-color;
secondary-text-color = text-medium-color;
disabled-text-color = text-light-color;
paper-dialog-button-color = text-color;
secondary-background-color = background-color-2; # Background more info title
# Icons
paper-item-icon-color = text-light-color; # Off
paper-item-icon-active-color = accent-color; # On
# Switches
switch-checked-button-color = "#FFF"; # Knob On
switch-unchecked-button-color = "#FFF"; # Knob Off
switch-checked-track-color = "#0077FF"; # Background On
switch-unchecked-track-color = disabled-text-color; # Background Off
# Slider
paper-slider-active-color = accent-color; # Line On
paper-slider-container-color = "#e5e7ea"; # Line Off
paper-slider-knob-color = text-light-color; # Knob On
paper-slider-knob-start-color = text-light-color; # Knob Off
# Shadows
ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
}

102
configs/hass/zigbee.nix Normal file
View File

@@ -0,0 +1,102 @@
{ config, pkgs, lib, ... }:
let
inherit (import <niveum/lib>) localAddresses;
in
{
services.zigbee2mqtt = {
enable = true;
config = {
permit_join = false;
homeassistant = true;
serial = {
port = "/dev/ttyACM0";
disable_led = true;
};
mqtt = {
discovery = true;
base_topic = "zigbee";
server = "mqtt://${localAddresses.toum}";
user = "albrecht";
password = lib.strings.fileContents <system-secrets/mosquitto>;
};
};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users."albrecht" = {
password = lib.strings.fileContents <system-secrets/mosquitto>;
acl = [ "topic readwrite #" ];
};
};
networking.firewall.allowedTCPPorts = [ 1883 ];
environment.systemPackages = [ pkgs.mosquitto ];
services.home-assistant = {
config = {
switch = [
{
platform = "mqtt";
name = "zigbee2mqtt_join";
state_topic = "/zigbee2mqtt/bridge/config/permit_join";
command_topic = "/zigbee2mqtt/bridge/config/permit_join";
payload_on = "true";
payload_off = "false";
}
];
timer.zigbee_permit_join = {
name = "Zigbee Time remaining";
duration = 120;
};
automation = [
# Automation to start timer when enable join is turned on
{
id = "zigbee_join_enabled";
alias = "";
hide_entity = "true";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "on";
};
action = {
service = "timer.start";
entity_id = "timer.zigbee_permit_join";
};
}
# Automation to stop timer when switch turned off and turn off switch when timer finished
{
id = "zigbee_join_disabled";
hide_entity = "true";
trigger = [
{
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.zigbee_permit_join";
}
{
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "off";
}
];
action = [
{
service = "timer.cancel";
data.entity_id = "timer.zigbee_permit_join";
}
{
service = "switch.turn_off";
entity_id = "switch.zigbee2mqtt_join";
}
];
}
];
};
};
}

81
configs/hedgedoc.nix Normal file
View File

@@ -0,0 +1,81 @@
{ config, pkgs, ... }:
let
backupLocation = "/var/lib/codimd-backup";
stateLocation = "/var/lib/codimd/state.sqlite";
nixpkgs-unstable = import <nixpkgs-unstable> {};
domain = "pad.kmein.de";
in
{
imports = [ <stockholm/krebs/3modules/permown.nix> ];
services.nginx.virtualHosts.${domain} = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "https://localhost:3091";
proxyWebsockets = true;
};
};
security.acme.certs.${domain}.group = "hedgecert";
users.groups.hedgecert.members = [ "codimd" "nginx" ];
security.dhparams = {
enable = true;
params.hedgedoc = {};
};
services.hedgedoc = {
enable = true;
configuration = {
allowOrigin = [ domain ];
allowAnonymous = true;
allowGravatar = false;
allowFreeURL = true;
db = {
dialect = "sqlite";
storage = stateLocation;
};
port = 3091;
domain = domain;
useSSL = true;
protocolUseSSL = true;
sslCAPath = [ "/etc/ssl/certs/ca-certificates.crt" ];
sslCertPath = "/var/lib/acme/${domain}/cert.pem";
sslKeyPath = "/var/lib/acme/${domain}/key.pem";
dhParamPath = config.security.dhparams.params.hedgedoc.path;
};
};
krebs.permown.${backupLocation} = { owner = "codimd"; group = "codimd"; umask = "0002"; };
systemd.services.hedgedoc-backup = {
description = "Hedgedoc backup service";
script = ''
${nixpkgs-unstable.sqlite}/bin/sqlite3 -json ${stateLocation} "select shortid, alias, ownerId, content from Notes" \
| ${pkgs.writers.writePython3 "hedgedoc-json-to-fs.py" {} ''
import json
import pathlib
import sys
for note in json.load(sys.stdin):
user_directory = pathlib.Path()
if note["ownerId"]:
user_directory = pathlib.Path(note["ownerId"])
user_directory.mkdir(exist_ok=True)
file_path = user_directory / (
(note["alias"] if note["alias"] else note["shortid"]) + ".md"
)
file_path.write_text(note["content"])
print(f" {file_path}", file=sys.stderr)
''}
'';
startAt = "hourly";
serviceConfig = {
Type = "oneshot";
User = "codimd";
Group = "codimd";
WorkingDirectory = backupLocation;
};
};
}

49
configs/hledger.nix
View File

@@ -1,39 +1,14 @@
{
config,
pkgs,
...
}: {
environment.systemPackages = let
ledgerDirectory = "$HOME/projects/ledger";
timeLedger = "${ledgerDirectory}/time.timeclock";
git = "${pkgs.git}/bin/git -C ${ledgerDirectory}";
in [
pkgs.hledger
(pkgs.writers.writeDashBin "hora-edit" ''
$EDITOR + "${timeLedger}" && ${pkgs.git}/bin/git -C "$(${pkgs.coreutils}/bin/dirname ${timeLedger})" commit --all --message "$(${pkgs.coreutils}/bin/date -Im)"
'')
(pkgs.writers.writeDashBin "hora" ''
${pkgs.hledger}/bin/hledger -f "${timeLedger}" "$@"
'')
(pkgs.writers.writeDashBin "hora-filli" ''
${pkgs.hledger}/bin/hledger -f "${timeLedger}" register fillidefilla -O csv \
-b "$(date -d "$(date +%Y-%m)-01 last month" +%Y-%m-%d)" \
-e "$(date -d "$(date +%Y-%m)-01" +%Y-%m-%d)" \
| sed 's/(fillidefilla:\(.*\))/\1/g' \
| xsv select date,amount,total,account,description
'')
{ config, pkgs, ... }: {
imports = [ ../modules/hledger.nix ];
(pkgs.writers.writeDashBin "hledger-git" ''
if [ "$1" = entry ]; then
${pkgs.hledger}/bin/hledger balance -V > "${ledgerDirectory}/balance.txt"
${git} add balance.txt
${git} commit --all --message="$(date -Im)"
else
${git} $*
fi
'')
(pkgs.writers.writeDashBin "hledger-edit" ''
$EDITOR ${ledgerDirectory}/current.journal
'')
];
niveum.hledger = {
enable = true;
ledgerFile = "$HOME/projects/ledger/all.journal";
server = {
enable = false;
user = config.users.users.me;
package = pkgs.hledger-web;
};
package = pkgs.hledger;
};
}

6
configs/htop.nix
View File

@@ -20,10 +20,10 @@
show_thread_names = false;
sort_descending = true;
sort_key = "PERCENT_CPU";
tree_view = false;
tree_view = true;
update_process_names = false;
right_meters = ["Uptime" "Tasks" "LoadAverage" "Battery"];
left_meters = ["LeftCPUs2" "RightCPUs2" "Memory" "Swap"];
right_meters = [ "Uptime" "Tasks" "LoadAverage" "Battery" ];
left_meters = [ "LeftCPUs2" "RightCPUs2" "Memory" "Swap" ];
};
};
};

194
configs/hu-berlin.nix
View File

@@ -1,24 +1,20 @@
{
config,
pkgs,
lib,
...
}: let
inherit (import ../lib/email.nix) defaults;
hu-defaults = {
imap.host = "mailbox.cms.hu-berlin.de";
imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 25;
smtp.tls.useStartTls = true;
{ config, pkgs, lib, ... }:
let
inherit (lib.strings) fileContents;
inherit (import <niveum/lib>) sshPort;
eduroam = {
identity = fileContents <secrets/eduroam/identity>;
password = fileContents <secrets/eduroam/password>;
};
hu-berlin-cifs-options = [
"uid=${toString config.users.users.me.uid}"
"gid=${toString config.users.groups.users.gid}"
"sec=ntlmv2"
"workgroup=german"
"credentials=${config.age.secrets.cifs-credentials-hu-berlin.path}"
"username=meinhaki"
"password=${lib.strings.fileContents <secrets/mail/meinhaki>}"
"noauto"
"x-systemd.requires=openvpn-hu-berlin.service"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
@@ -36,137 +32,24 @@ in {
options = hu-berlin-cifs-options;
};
age.secrets = {
cifs-credentials-hu-berlin.file = ../secrets/cifs-credentials-hu-berlin.age;
email-password-meinhark = {
file = ../secrets/email-password-meinhark.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhaki = {
file = ../secrets/email-password-meinhaki.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-dslalewa = {
file = ../secrets/email-password-dslalewa.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fsklassp = {
file = ../secrets/email-password-fsklassp.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
programs.ssh = {
matchBlocks = {
"gruenau6.informatik.hu-berlin.de" = {
hostname = "gruenau6.informatik.hu-berlin.de";
user = "meinhark";
setEnv.TERM = "xterm";
};
"alew.hu-berlin.de" = {
user = "centos";
hostname = "141.20.187.219";
};
home-manager.users.me.programs.ssh = {
matchBlocks = {
"alew.hu-berlin.de" = {
user = "centos";
hostname = "141.20.187.219";
};
};
accounts.email.accounts = rec {
hu-student =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhark";
address = "kieran.felix.meinhardt@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhark.path}";
});
hu-student-cs =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhark";
address = "kieran.felix.meinhardt@informatik.hu-berlin.de";
aliases = ["${userName}@informatik.hu-berlin.de"];
imap.host = "mailbox.informatik.hu-berlin.de";
smtp.host = "mailhost.informatik.hu-berlin.de";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhark.path}";
});
hu-employee =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhaki";
address = "kieran.meinhardt@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhaki.path}";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
${defaults.realName}
Studentische Hilfskraft / Administrator ALEW
Humboldt-Universität zu Berlin
Telefon: +49 (0)30 2093 9634
Raum 3.212, Dorotheenstraße 24, 10117 Berlin-Mitte
https://alew.hu-berlin.de
'';
};
});
hu-admin =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "dslalewa";
address = "admin.alew.vglsprwi@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-dslalewa.path}";
inherit (hu-employee) signature;
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
});
hu-fsi =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "fsklassp";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-fsklassp.path}";
address = "${userName}@hu-berlin.de";
realName = "FSI Klassische Philologie";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
Fachschafts-Initiative
Humboldt-Universität zu Berlin
Sprach- und literaturwissenschaftliche Fakultät
Institut für klassische Philologie
Unter den Linden 6
10099 Berlin
'';
};
});
};
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "hu-ip" ''
${pkgs.w3m}/bin/w3m -dump meineip.hu-berlin.de | head --lines=-4 | tail --lines=+3
'')
(
pkgs.writers.writePython3Bin "hu-eduroam-install"
(pkgs.writers.writePython3Bin "hu-eduroam-install"
{
libraries = with pkgs.python3Packages; [distro pyopenssl dbus-python];
flakeIgnore = ["E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291"];
libraries = with pkgs.python3Packages; [ distro pyopenssl dbus-python ];
flakeIgnore = [ "E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291" ];
}
(builtins.readFile (builtins.fetchurl {
url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/linux-installer/eduroam-linux-hub.py";
@@ -175,26 +58,33 @@ in {
)
];
# ref https://github.com/NixOS/nixpkgs/issues/231038#issuecomment-1591888919
environment.etc."ppp/options".text = "ipcp-accept-remote";
systemd.services.hu-vpn = {
enable = true;
wants = ["network-online.target"];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhark.path}";
wants = [ "network-online.target" ];
conflicts = [ "openvpn-hu-berlin.service" ];
script = ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "$CREDENTIALS_DIRECTORY/password")" \
--config=${
pkgs.writeText "hu-berlin.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = meinhark
''
}
fi
${pkgs.openfortivpn}/bin/openfortivpn -c ${pkgs.writeText "hu-berlin.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
trusted-cert = 42193a913d276d9eb86217612956e1e6464d6f07bed5393a4787c87adc4bd359
username = ${eduroam.identity}
password = ${eduroam.password}
''}
'';
};
systemd.services.openvpn-hu-berlin.conflicts = [ "hu-vpn.service" ];
services.openvpn.servers.hu-berlin = {
autoStart = false;
authUserPass = {
username = eduroam.identity;
password = eduroam.password;
};
config = fileContents (pkgs.fetchurl {
url =
"https://www.cms.hu-berlin.de/de/dl/netze/vpn/openvpn/hu-berlin.ovpn";
sha256 = "15b55aibik5460svjq2gwxrcyh6ay4k8savd6cd5lncgndmd8p8h";
});
};
}

221
configs/i3.nix
View File

@@ -1,28 +1,14 @@
{
config,
pkgs,
lib,
niveumPackages,
...
}: let
inherit (import ../lib) defaultApplications;
klem = niveumPackages.klem.override {
config.dmenu = "${pkgs.dmenu}/bin/dmenu -i -p klem";
{ inputs, config, pkgs, lib, ... }:
let
inherit (import ../lib) defaultApplications colours;
klem = import ../packages/scripts/klem.nix {
inherit pkgs lib;
config.scripts = {
"p.r" = pkgs.writers.writeDash "p.r" ''
${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \
| ${pkgs.coreutils}/bin/tail --lines=1 \
| ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/'
'';
# "envs.sh host" = pkgs.writers.writeDash "envs-host" ''
# ${pkgs.curl}/bin/curl -F "file=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
# '';
"envs.sh mirror" = pkgs.writers.writeDash "envs-mirror" ''
${pkgs.curl}/bin/curl -F "url=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"envs.sh shorten" = pkgs.writers.writeDash "envs-shorten" ''
${pkgs.curl}/bin/curl -F "shorten=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"ix.io" = pkgs.writers.writeDash "ix.io" ''
${pkgs.curl}/bin/curl -fSs -F 'f:1=<-' ix.io
'';
@@ -36,23 +22,17 @@
${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
'';
"ipa" = pkgs.writers.writeDash "ipa" ''
${niveumPackages.ipa}/bin/ipa
${pkgs.scripts.ipa}/bin/ipa
'';
"betacode" = pkgs.writers.writeDash "betacode" ''
${niveumPackages.betacode}/bin/betacode
${pkgs.scripts.betacode}/bin/betacode
'';
"devanagari" = pkgs.writers.writeDash "devanagari" ''
${pkgs.scripts.devanagari}/bin/devanagari
'';
"curl" = pkgs.writers.writeDash "curl" ''
${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
'';
ocr = pkgs.writers.writeDash "ocr" ''
${pkgs.tesseract4}/bin/tesseract -l eng+deu - stdout
'';
emojai = pkgs.writers.writeDash "emojai" ''
${pkgs.curl}/bin/curl https://www.emojai.app/api/generate -X POST -H 'Content-Type: application/json' --data-raw "$(${pkgs.jq}/bin/jq -sR '{emoji:.}')" | ${pkgs.jq}/bin/jq -r .result
'';
gpt = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt}/bin/gpt
'';
};
};
@@ -62,24 +42,8 @@
move-to-new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
in {
age.secrets = {
github-token-i3status-rust = {
file = ../secrets/github-token-i3status-rust.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
openweathermap-api-key = {
file = ../secrets/openweathermap-api-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
programs.slock.enable = true;
services.xserver = {
displayManager.defaultSession = "none+i3";
windowManager.i3 = {
@@ -103,34 +67,26 @@ in {
'';
};
home-manager.users.me.xsession.windowManager.i3 = let
modifier = "Mod4";
in {
home-manager.users.me.xsession.windowManager.i3 = {
enable = true;
extraConfig = ''
bindsym --release ${modifier}+Shift+w exec /run/wrappers/bin/slock
'';
config = rec {
inherit modifier;
fonts = {names = ["Sans"]; size = 10.0;};
modifier = "Mod4";
window = {
titlebar = false;
border = 2;
border = 1;
hideEdgeBorders = "smart";
commands = [
{
criteria = {class = "floating";};
criteria = { class = "floating"; };
command = "floating enable";
}
{
criteria = {class = "fzfmenu";};
criteria = { class = "fzfmenu"; };
command = "floating enable";
}
{
criteria = {class = ".*";};
command = "border pixel 2";
}
{
criteria = {class = "mpv";};
criteria = { class = "mpv"; };
command = lib.strings.concatStringsSep ", " [
"floating enable"
"sticky enable"
@@ -146,31 +102,57 @@ in {
titlebar = false;
border = 1;
};
bars = [
(config.home-manager.users.me.lib.stylix.i3.bar
// rec {
workspaceButtons = false;
mode = "dock"; # "hide";
position = "bottom";
statusCommand = toString (pkgs.writers.writeDash "i3status-rust" ''
export I3RS_GITHUB_TOKEN="$(cat ${config.age.secrets.github-token-i3status-rust.path})"
export OPENWEATHERMAP_API_KEY="$(cat ${config.age.secrets.openweathermap-api-key.path})"
${config.home-manager.users.me.programs.i3status-rust.package}/bin/i3status-rs ${config.home-manager.users.me.home.homeDirectory}/.config/i3status-rust/config-${position}.toml
'');
fonts = {
names = ["${config.stylix.fonts.sansSerif.name}" "FontAwesome 6 Free"];
size = config.stylix.fonts.sizes.desktop * 0.8;
};
})
];
colors = let
background = config.lib.stylix.colors.withHashtag.base00;
in {
unfocused = {
border = lib.mkForce background;
childBorder = lib.mkForce background;
scheme = {
background = colours.background;
text = colours.foreground;
};
in rec {
focused = scheme // {
border = colours.cyan.bright;
indicator = colours.cyan.bright;
childBorder = colours.cyan.bright;
};
unfocused = scheme // {
border = colours.background;
indicator = colours.background;
childBorder = colours.background;
};
focusedInactive = unfocused;
urgent = scheme // {
border = colours.red.bright;
indicator = colours.red.bright;
childBorder = colours.red.bright;
};
placeholder = scheme // {
border = colours.green.bright;
indicator = colours.green.bright;
childBorder = colours.green.bright;
};
};
bars = [{
workspaceButtons = false;
fonts = {names = ["Sans"]; size = 8.0;};
mode = "hide"; # "dock"
position = "bottom";
colors = rec {
background = colours.background;
separator = background;
statusline = colours.foreground;
bindingMode = {
background = colours.red.bright;
border = colours.background;
text = colours.foreground;
};
};
statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ${
(pkgs.formats.toml {}).generate "i3status-rust.toml" (import ../lib/i3status-rust.nix {
inherit (config.niveum) batteryName wirelessInterface;
inherit colours;
inherit pkgs;
})
}";
}];
modes.resize = {
"Escape" = ''mode "default"'';
"Return" = ''mode "default"'';
@@ -191,10 +173,10 @@ in {
"${modifier}+Shift+b" = "move window to workspace prev";
"${modifier}+Shift+n" = "move window to workspace next";
"${modifier}+Shift+x" = "exec ${move-to-new-workspace}";
"${modifier}+Shift+x" = "exec --no-startup-id ${move-to-new-workspace}";
"${modifier}+b" = "workspace prev";
"${modifier}+n" = "workspace next";
"${modifier}+x" = "exec ${new-workspace}";
"${modifier}+x" = "exec --no-startup-id ${new-workspace}";
"${modifier}+Shift+c" = "reload";
"${modifier}+Shift+q" = "kill";
@@ -212,45 +194,58 @@ in {
"${modifier}+r" = "mode resize";
"${modifier}+v" = "split v";
"${modifier}+w" = "layout tabbed";
"${modifier}+q" = "exec ${config.services.clipmenu.package}/bin/clipmenu";
# "${modifier}+Shift+y" = "exec ${pkgs.qutebrowser}/bin/qutebrowser";
"${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}";
"${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}";
"${modifier}+y" = "exec ${(defaultApplications pkgs).browser}";
"${modifier}+0" = "exec ${niveumPackages.menu-calc}/bin/=";
"${modifier}+0" = "exec ${pkgs.scripts.menu-calc}/bin/=";
"${modifier}+d" = "exec ${pkgs.writers.writeDash "run" ''exec rofi -modi run,ssh,window -show run''}";
"${modifier}+Shift+d" = "exec ${niveumPackages.notemenu}/bin/notemenu";
"${modifier}+p" = "exec rofi-pass";
"${modifier}+Shift+p" = "exec rofi-pass --insert";
"${modifier}+u" = "exec ${niveumPackages.unicodmenu}/bin/unicodmenu";
"${modifier}+Shift+w" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"${modifier}+a" =
"exec --no-startup-id ${pkgs.rofi}/bin/rofi -display-window -show window";
"${modifier}+d" = "exec --no-startup-id ${pkgs.dmenu}/bin/dmenu_run";
"${modifier}+Shift+d" = "exec ${
pkgs.writers.writeDash "notemenu" ''
set -efu
PATH=$PATH:${
lib.makeBinPath [ pkgs.dmenu pkgs.findutils pkgs.coreutils ]
}
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F7" = "exec ${pkgs.writers.writeDash "showkeys-toggle" ''
if ${pkgs.procps}/bin/pgrep screenkey; then
exec ${pkgs.procps}/bin/pkill screenkey
else
exec ${pkgs.screenkey}/bin/screenkey
fi
''}";
"${modifier}+F8" = "exec switch-theme toggle";
cd ~/notes
note_file=$({
echo diary/$(date -I).md
echo diary/$(date -I -d yesterday).md
find . -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2
} | dmenu -i)
if test "$note_file"
then
i3-sensible-terminal -e "$EDITOR" "$note_file"
fi
''
}";
"${modifier}+p" = "exec --no-startup-id ${pkgs.pass}/bin/passmenu -l 5";
"${modifier}+u" = "exec ${pkgs.scripts.unicodmenu}/bin/unicodmenu";
"${modifier}+F7" = "exec ${pkgs.scripts.showkeys-toggle}/bin/showkeys-toggle";
"${modifier}+F8" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
"${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
"${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";
"${modifier}+F12" = "exec ${klem}/bin/klem";
"Print" = "exec flameshot gui";
"XF86AudioLowerVolume" = "exec ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 5";
"Print" = "exec flameshot-once";
"XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -i 5";
"XF86Calculator" = "exec ${pkgs.st}/bin/st -c floating -e ${pkgs.bc}/bin/bc";
"XF86AudioPause" = "exec ${pkgs.playerctl}/bin/playerctl pause";
"XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioNext" = "exec ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${niveumPackages.k-lock}/bin/k-lock";
"XF86AudioPause" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl pause";
"XF86AudioPlay" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioNext" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr";
"XF86Display" = "exec ${pkgs.scripts.dmenurandr}/bin/dmenurandr";
# key names detected with xorg.xev:
# XF86WakeUp (fn twice)

175
configs/i3status-rust.nix
View File

@@ -1,175 +0,0 @@
{
pkgs,
config,
...
}: {
home-manager.users.me = {
programs.i3status-rust = {
enable = true;
bars.bottom = {
icons = "awesome6";
settings = {
theme.overrides = let
colours = config.lib.stylix.colors.withHashtag;
in {
idle_bg = colours.base00;
idle_fg = colours.base05;
good_bg = colours.base00;
good_fg = colours.base0B;
warning_bg = colours.base00;
warning_fg = colours.base0A;
critical_bg = colours.base00;
critical_fg = colours.base09;
info_bg = colours.base00;
info_fg = colours.base04;
separator_bg = colours.base00;
separator = " ";
};
};
blocks = [
{
block = "weather";
autolocate = true;
format = "$icon $location: $temp";
service = {
name = "openweathermap";
city_id = "2950159";
units = "metric";
};
}
{
block = "custom";
interval = 60 * 5;
command = let
spacetime = import ../configs/spacetime.nix;
in
pkgs.writers.writePython3 "sun.py" {
libraries = [pkgs.python3Packages.astral];
flakeIgnore = ["E121" "E501"];
}
''
import astral
import astral.moon
import astral.sun
current_phase = astral.moon.phase()
city = astral.LocationInfo("Berlin", "Germany", "${spacetime.time.timeZone}", ${toString spacetime.location.latitude}, ${toString spacetime.location.longitude})
sun = astral.sun.sun(city.observer, date=astral.today(), tzinfo=city.timezone)
print("{} {} {}{}".format(sun["sunrise"].strftime("%R"), sun["sunset"].strftime("%R"), "" if current_phase < 14 else "", round(current_phase, 1)))
'';
}
{
block = "github";
info = ["total"];
warning = ["mention" "review_requested" "team_mention" "manual" "invitation" "assign" "subscribed"];
}
{
block = "custom";
interval = 10;
command = pkgs.writers.writeDash "todo" ''
${pkgs.todoman}/bin/todo --porcelain | ${pkgs.jq}/bin/jq -r '
map(select(.due != null))
| (map(select(.due < now)) | length) as $overdue
| (map(select(.due >= now and .due < now + (60 * 60 * 24))) | length) as $dueToday
| {
icon: "tasks",
text: (($overdue + $dueToday) as $sum | if $sum > 0 then $sum | tostring else "" end),
state: (
if $overdue > 0 then
"Critical"
elif $dueToday > 0 then
"Warning"
else
"Idle"
end
)
}
'
'';
json = true;
hide_when_empty = true;
}
{
block = "custom";
interval = 60;
command = pkgs.writers.writeDash "weechat" ''
ssh -o ConnectTimeout=1 makanek cat /var/lib/weechat/hotlist.txt | sed 's/,/\n/g' | wc -l | jq '{
text: (if . > 0 then . | tostring else "" end),
state: (if . > 0 then "Info" else "Idle" end),
icon: "bell"
}'
'';
json = true;
hide_when_empty = true;
}
{
block = "net";
format = " $icon HU";
missing_format = "";
device = "ppp0";
}
{
block = "net";
format = " $icon FU";
missing_format = "";
device = "tun0";
}
{
block = "net";
device = config.niveum.wirelessInterface;
format = "$icon $ssid $signal_strength";
}
{
block = "battery";
device = config.niveum.batteryName;
}
{
block = "sound";
}
{
block = "disk_space";
format = "$icon $available";
}
{
block = "memory";
format = "$icon $mem_used.eng(prefix:G)";
}
{block = "load";}
{
block = "custom";
interval = 10;
json = true;
command = pkgs.writers.writeDash "time" ''
${pkgs.jq}/bin/jq -n \
--arg now "$(${pkgs.coreutils}/bin/date +'%Y-%m-%d (%W %a) %H:%M')" \
--argjson nextEvent "$(
${pkgs.khal}/bin/khal list --format "{start}" --day-format "" $(${pkgs.coreutils}/bin/date +'%Y-%m-%d %H:%M') 2>/dev/null \
| ${pkgs.gnugrep}/bin/grep -E '[0-9]{2}:[0-9]{2}' \
| ${pkgs.coreutils}/bin/head -1 \
| ${pkgs.coreutils}/bin/date --date="$(cat)" +%s
)" \
'{
text: $now,
icon: "time",
state: (
($nextEvent - now) as $deltaT
| if $deltaT < (5 * 60) then
"Critical"
elif $deltaT < (15 * 60) then
"Warning"
elif $deltaT < (60 * 60) then
"Info"
else
"Idle"
end
)
}'
'';
}
];
};
};
};
}

20
configs/kdeconnect.nix
View File

@@ -1,17 +1,13 @@
{
networking.firewall = {
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedTCPPortRanges = [{
from = 1714;
to = 1764;
}];
allowedUDPPortRanges = [{
from = 1714;
to = 1764;
}];
};
home-manager.users.me = {

82
configs/keyboard.nix
View File

@@ -1,83 +1,17 @@
{
pkgs,
lib,
...
}: let
commaSep = builtins.concatStringsSep ",";
xkbOptions = ["compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle"];
languages = {
de = "T3";
gr = "polytonic";
ru = "phonetic";
ara = "buckwalter";
cop = "";
ave = "";
got = "";
"in" = "san-kagapa";
il = "phonetic";
};
defaultLanguage = "de";
{ pkgs, lib, ... }:
let commaSep = builtins.concatStringsSep ",";
in {
# man 7 xkeyboard-config
services.xserver = {
layout = "de";
# T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png
# buckwalter: http://www.qamus.org/transliteration.htm
xkbVariant = "T3";
xkbOptions = commaSep xkbOptions;
layout = commaSep [ "de" "gr" "ru" ];
xkbVariant = commaSep [ "T3" "polytonic" "phonetic" ];
xkbOptions =
commaSep [ "compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle" ];
libinput.enable = true;
xkbDir = pkgs.symlinkJoin {
name = "x-keyboard-directory";
paths = [
"${pkgs.xkeyboard_config}/etc/X11/xkb"
(pkgs.linkFarm "custom-x-keyboards" [
{
name = "symbols/cop";
path = pkgs.fetchurl {
url = "http://www.moheb.de/download/cop";
sha256 = "1l0h6aq536hyinrh0i0ia355y229bjrlibii0sya5bmqh46vycia";
};
}
{
name = "symbols/got";
path = pkgs.fetchurl {
url = "https://c.krebsco.de/got";
sha256 = "1i0jxghxi3rldlijw6gm2xawrv7f0pmm7a5cqbzzgjrg7ldk46gd";
};
}
{
name = "symbols/ave";
path = pkgs.fetchurl {
url = "https://blog.simos.info/wp-content/uploads/2010/06/avestan.txt";
sha256 = "192zmmm3gxyhim39dsax7r87gsay2w5v2xkhwmvsfipjb60hwp5g";
};
}
])
];
};
};
console.keyMap = "de";
environment.systemPackages =
lib.mapAttrsToList
(language: variant:
pkgs.writers.writeDashBin "kb-${language}" ''
${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage},${language} ${languages.${defaultLanguage}},${variant} ${toString (map (option: "-option ${option}") xkbOptions)}
'')
languages;
# improve held key rate
services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50";
systemd.user.services.gxkb = {
wantedBy = ["graphical-session.target"];
serviceConfig = {
SyslogIdentifier = "gxkb";
ExecStart = "${pkgs.gxkb}/bin/gxkb";
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
services.xserver.displayManager.sessionCommands =
"${pkgs.xorg.xset}/bin/xset r rate 300 50";
}

78
configs/khal.nix
View File

@@ -1,60 +1,28 @@
{
config,
pkgs,
lib,
...
}: let
{ config, pkgs, lib, ... }:
let
davHome = "~/.local/share/dav";
kmeinCloud = {
davEndpoint = "https://cloud.kmein.de/remote.php/dav";
davEndpoint = "https://cloud.xn--kiern-0qa.de/remote.php/dav";
username = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path;
password = lib.fileContents <secrets/nextcloud/password>;
};
fysiCloud = {
davEndpoint = "https://nextcloud.fysi.dev/remote.php/dav";
username = "kmein";
passwordFile = config.age.secrets.nextcloud-password-fysi.path;
password = lib.fileContents <secrets/nextcloud-fysi/password>;
};
in {
age.secrets = {
nextcloud-password-kieran = {
file = ../secrets/nextcloud-password-kieran.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
nextcloud-password-fysi = {
file = ../secrets/nextcloud-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
environment.systemPackages = [
pkgs.khal
pkgs.vdirsyncer
pkgs.khard
pkgs.todoman
(pkgs.writers.writeDashBin "todo-procrastinate" ''
[ $# -eq 1 ] || {
echo "Usage: $0 TODO_ID" >&2
exit 1
}
todo_id=$1
new_timestamp=$(${pkgs.todoman}/bin/todo --porcelain show "$todo_id" | ${pkgs.jq}/bin/jq '.due + 24 * 60 * 60')
new_date=$(${pkgs.coreutils}/bin/date +"%Y-%m-%d %H:%M" -d "@$new_timestamp")
${pkgs.todoman}/bin/todo edit "$todo_id" --due "$new_date"
'')
];
in
{
environment.systemPackages = [ pkgs.khal pkgs.vdirsyncer pkgs.khard pkgs.todoman ];
systemd.user.services.vdirsyncer = {
enable = true;
wants = ["network-online.target"];
wantedBy = ["default.target"];
wants = [ "network-online.target" ];
wantedBy = [ "default.target" ];
startAt = "*:00/10";
script = ''
${pkgs.vdirsyncer}/bin/vdirsyncer sync && ${pkgs.khal}/bin/khal printcalendars # https://lostpackets.de/khal/configure.html#syncing
${pkgs.vdirsyncer}/bin/vdirsyncer sync
${pkgs.khal}/bin/khal printcalendars # https://lostpackets.de/khal/configure.html#syncing
'';
serviceConfig = {
Type = "oneshot";
@@ -111,10 +79,6 @@ in {
path = ${davHome}/calendar/personal
color = "light cyan"
[[krebs]]
path = ${davHome}/calendar/krebs
color = "light red"
[[uni]]
path = ${davHome}/calendar/uni-1
color = "yellow"
@@ -165,12 +129,6 @@ in {
collections = ["personal", "alew", "uni-1"]
conflict_resolution = "b wins"
[pair krebs]
a = "kalender_local"
b = "krebs_cloud"
collections = ["3edef929-d509-7944-2440-000a54f2d054"]
conflict_resolution = "b wins"
[pair fysi]
a = "kalender_local"
b = "fysi_cloud"
@@ -191,25 +149,19 @@ in {
type = "carddav"
url = "${kmeinCloud.davEndpoint}/addressbooks/users/${kmeinCloud.username}/"
username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"]
password = "${kmeinCloud.password}"
[storage kalender_cloud]
type = "caldav"
url = "${kmeinCloud.davEndpoint}/calendars/${kmeinCloud.username}/"
username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"]
[storage krebs_cloud]
type = "caldav"
url = "http://calendar.r/krebs/"
username = "krebs"
password = "krebs"
password = "${kmeinCloud.password}"
[storage fysi_cloud]
type = "caldav"
url = "${fysiCloud.davEndpoint}/calendars/${fysiCloud.username}/"
username = "${fysiCloud.username}"
password.fetch = ["command", "cat", "${fysiCloud.passwordFile}"]
password = "${fysiCloud.password}"
'';
};
};

16
configs/lb.nix
View File

@@ -1,24 +1,24 @@
{ lib, pkgs, ... }:
let
nixpkgs-unstable = import <nixpkgs-unstable> {};
in
{
lib,
pkgs,
...
}: {
systemd.services.lb-subscription = {
enable = true;
wants = ["network-online.target"];
wants = [ "network-online.target" ];
startAt = "weekly";
serviceConfig = {
user = "kfm";
WorkingDirectory = "/home/kfm/cloud/nextcloud/Books/Germanistik/LB";
WorkingDirectory = "/home/kfm/cloud/Seafile/Books/Germanistik/LB";
};
script = ''
first_year=2019
for year in $(${pkgs.coreutils}/bin/seq "$first_year" "$(date +%Y)"); do
${pkgs.curl}/bin/curl -sSL "https://www.literarische-blaetter.de/jahrgang-$year/" \
| ${pkgs.htmlq}/bin/htmlq --attribute href 'ul.slides a' \
| ${nixpkgs-unstable.htmlq}/bin/htmlq --attribute href 'ul.slides a' \
| while read -r month; do
${pkgs.curl}/bin/curl -sSL "$month" \
| ${pkgs.htmlq}/bin/htmlq --attribute src iframe \
| ${nixpkgs-unstable.htmlq}/bin/htmlq --attribute src iframe \
| ${pkgs.gnused}/bin/sed 's/.*?pdf=//;s/?wp-hosted.*//'
done
done | ${pkgs.findutils}/bin/xargs ${pkgs.wget}/bin/wget --no-clobber

19
configs/mastodon-bot.nix
View File

@@ -1,19 +0,0 @@
{pkgs, ...}: {
systemd.services.imaginary-illuminations = {
enable = false;
wants = ["network-online.target"];
serviceConfig = {
User = "kfm";
Group = "users";
WorkingDirectory = "/home/kfm/cloud/Seafile/Documents/Media/imaginary-illuminations";
Restart = "on-failure";
RestartSec = "15s";
};
startAt = "7:00";
script = ''
${pkgs.deno}/bin/deno run -A post.ts
'';
};
systemd.timers.imaginary-illuminations.timerConfig.RandomizedDelaySec = "14h";
}

56
configs/matterbridge.nix Normal file
View File

@@ -0,0 +1,56 @@
{ pkgs, lib, ... }:
{
nixpkgs.overlays = [
(self: super: {
matterbridge = (import (super.fetchFromGitHub {
owner = "NixOS";
repo = "nixpkgs";
rev = "e45d91ee65db293a172ec506759d1248e40c35f5";
sha256 = "03cjs5xcx09lw0djyrx2kfakw7gkg4iqmy9w25azai62im39l30k";
}) {}).matterbridge;
})
];
services.matterbridge = {
enable = true;
configPath =
let bridgeBotToken = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
in toString ((pkgs.formats.toml {}).generate "config.toml" {
general = {
RemoteNickFormat = "[{NICK}] ";
Charset = "utf-8";
};
telegram.kmein.Token = bridgeBotToken;
irc =
let Nick = "ponte";
in {
hackint = { Server = "irc.hackint.org:6697"; UseTLS = true; inherit Nick; };
};
mumble.lassulus = {
Server = "lassul.us:64738";
Nick = "krebs_bridge";
SkipTLSVerify = true;
};
gateway = [
{
name = "krebs-bridge";
enable = true;
inout = [
{
account = "irc.hackint";
channel = "#krebs";
}
{
account = "telegram.kmein";
channel = "-330372458";
}
{
account = "mumble.lassulus";
channel = 6; # "nixos"
}
];
}
];
});
};
}

41
configs/menstruation.nix Normal file
View File

@@ -0,0 +1,41 @@
{ pkgs, lib, ... }:
let
backend = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
telegram = pkgs.callPackage <niveum/submodules/menstruation-telegram> {};
backendPort = 8000;
in
{
containers.menstruation.autoStart = true;
containers.menstruation.config = { config, pkgs, ... }: {
services.redis.enable = true;
systemd.services.menstruation-telegram = {
wants = [
"network-online.target"
"menstruation-backend.service"
"redis.service"
];
wantedBy = [ "multi-user.target" ];
environment = {
MENSTRUATION_TOKEN = lib.strings.fileContents <system-secrets/telegram/menstruation.token>;
MENSTRUATION_ENDPOINT = "http://localhost:${toString backendPort}";
MENSTRUATION_MODERATORS = "18980945";
};
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${telegram}/bin/menstruation-telegram";
};
};
systemd.services.menstruation-backend = {
wants = [ "network-online.target" ];
environment.ROCKET_PORT = toString backendPort;
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${backend}/bin/menstruation_server";
};
};
};
}

19
configs/mime.nix
View File

@@ -7,20 +7,21 @@
"application/pdf" = "org.pwmt.zathura.desktop";
"application/vnd.oasis.opendocument.text" = "writer.desktop";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = "writer.desktop";
"image/jpeg" = "nsxiv.desktop";
"image/png" = "nsxiv.desktop";
"image/jpeg" = "sxiv.desktop";
"image/png" = "sxiv.desktop";
"image/vnd.djvu+multipage" = "org.pwmt.zathura.desktop";
"text/html" = "firefox.desktop";
"text/html" = "brave-browser.desktop";
"text/markdown" = "nvim.desktop";
"text/plain" = "nvim.desktop";
"x-scheme-handler/about" = "firefox.desktop";
"x-scheme-handler/http" = "firefox.desktop";
"x-scheme-handler/https" = "firefox.desktop";
"x-scheme-handler/mailto" = "firefox.desktop";
"x-scheme-handler/unknown" = "firefox.desktop";
"x-scheme-handler/webcal" = "firefox.desktop";
"x-scheme-handler/about" = "brave-browser.desktop";
"x-scheme-handler/http" = "brave-browser.desktop";
"x-scheme-handler/https" = "brave-browser.desktop";
"x-scheme-handler/mailto" = "brave-browser.desktop";
"x-scheme-handler/unknown" = "brave-browser.desktop";
"x-scheme-handler/webcal" = "brave-browser.desktop";
"inode/directory" = "pcmanfm.desktop";
};
};
};
}

85
configs/monitoring.nix
View File

@@ -1,85 +0,0 @@
{
config,
pkgs,
...
}: {
services.nginx.virtualHosts.default = {
locations."= /stub_status".extraConfig = "stub_status;";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
nginx.enable = false;
node = {
enable = true;
openFirewall = true;
enabledCollectors = [
"conntrack"
"diskstats"
"entropy"
"filefd"
"filesystem"
"loadavg"
"mdadm"
"meminfo"
"netdev"
"netstat"
"stat"
"time"
"vmstat"
"systemd"
"logind"
"interrupts"
"ksmd"
];
port = 9002;
};
};
};
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${
(pkgs.formats.yaml {}).generate "promtail.yaml" {
server = {
http_listen_port = 28183;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [
{
url = "http://${
if config.networking.hostName == "makanek"
then "127.0.0.1"
else "makanek.r"
}:3100/loki/api/v1/push";
}
];
scrape_configs = [
{
job_name = "journal";
journal = {
max_age = "12h";
labels.job = "systemd-journal";
labels.host = config.networking.hostName;
};
relabel_configs = [
{
source_labels = ["__journal__systemd_unit"];
target_label = "unit";
}
];
}
];
}
}
'';
};
};
}

4
systems/makanek/monitoring/blackbox.nix → configs/monitoring/blackbox.nix
View File

@@ -3,12 +3,12 @@
{
modules.http_2xx = {
http = {
fail_if_not_ssl = false;
fail_if_not_ssl = true;
ip_protocol_fallback = false;
method = "GET";
no_follow_redirects = false;
preferred_ip_protocol = "ip4";
valid_http_versions = ["HTTP/1.1" "HTTP/2.0"];
valid_http_versions = [ "HTTP/1.1" "HTTP/2.0" ];
tls_config.insecure_skip_verify = true;
};
prober = "http";

12
systems/makanek/monitoring/loki.nix → configs/monitoring/loki.nix
View File

@@ -17,11 +17,11 @@
};
final_sleep = "0s";
};
chunk_idle_period = "1h"; # Any chunk not receiving new logs in this time will be flushed
max_chunk_age = "1h"; # All chunks will be flushed when they hit this age, default is 1h
chunk_target_size = 1048576; # Loki will attempt to build chunks up to 1.5MB, flushing first if chunk_idle_period or max_chunk_age is reached first
chunk_retain_period = "30s"; # Must be greater than index read cache TTL if using an index cache (Default index read cache TTL is 5m)
max_transfer_retries = 0; # Chunk transfers disabled
chunk_idle_period = "1h"; # Any chunk not receiving new logs in this time will be flushed
max_chunk_age = "1h"; # All chunks will be flushed when they hit this age, default is 1h
chunk_target_size = 1048576; # Loki will attempt to build chunks up to 1.5MB, flushing first if chunk_idle_period or max_chunk_age is reached first
chunk_retain_period = "30s"; # Must be greater than index read cache TTL if using an index cache (Default index read cache TTL is 5m)
max_transfer_retries = 0; # Chunk transfers disabled
};
schema_config.configs = [
{
@@ -39,7 +39,7 @@
boltdb_shipper = {
active_index_directory = "/tmp/loki/boltdb-shipper-active";
cache_location = "/tmp/loki/boltdb-shipper-cache";
cache_ttl = "24h"; # Can be increased for faster performance over longer query periods, uses more disk space
cache_ttl = "24h"; # Can be increased for faster performance over longer query periods, uses more disk space
shared_store = "filesystem";
};
filesystem.directory = "/tmp/loki/chunks";

229
configs/monitoring/pull.nix Normal file
View File

@@ -0,0 +1,229 @@
{ lib, config, pkgs, ... }:
let
lokiConfig = import ./loki.nix;
blackboxConfig = import ./blackbox.nix;
in
{
services.grafana = {
enable = true;
domain = "grafana.kmein.r";
port = 9444;
addr = "127.0.0.1";
};
services.nginx.virtualHosts.${config.services.grafana.domain} = {
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
proxyWebsockets = true;
};
};
services.prometheus.rules = let diskFreeThreshold = 10; in [(builtins.toJSON {
groups = [{
name = "niveum";
rules = [
{
alert = "ServiceDown";
expr = ''node_systemd_unit_state{state="failed"} == 1'';
annotations = {
summary = "{{$labels.job}}: Service {{$labels.name}} failed to start.";
};
}
{
alert = "RootPartitionFull";
for = "10m";
expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
annotations = {
summary = "{{ $labels.job }}: Filesystem is running out of space soon.";
description = ''The root disk of {{ $labels.job }} has {{ $value | printf "%.2f" }}% free disk space (threshold at ${toString diskFreeThreshold}%).'';
};
}
{
alert = "RootPartitionFullWeek";
for = "1h";
expr = ''node_filesystem_free_bytes{mountpoint="/"} ''
+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
annotations = {
summary = "{{$labels.job}}: Filesystem is running out of space in 7 days.";
};
}
{
alert = "HighLoad";
expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
for = "10m";
annotations = {
summary = "{{$labels.job}}: Running on high load: {{$value}}";
};
}
{
alert = "HighRAM";
expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
for = "1h";
annotations.summary = "{{$labels.job}}: Using lots of RAM.";
}
{
alert = "UptimeMonster";
expr = "time() - node_boot_time_seconds > 2592000";
annotations.summary = "{{$labels.job}}: up for more than 30 days.";
}
{
alert = "HostDown";
expr = ''up == 0'';
for = "5m";
annotations = {
summary = "Host {{ $labels.job }} down for 5 minutes.";
};
}
{
alert = "Reboot";
expr = "time() - node_boot_time_seconds < 300";
annotations.summary = "{{$labels.job}}: Reboot";
}
{
alert = "ProbeFailed";
expr = "probe_success == 0";
for = "5m";
annotations.summary = "{{$labels.instance}}: probe failed";
}
{
alert = "SlowProbe";
expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
for = "5m";
annotations.summary = "{{$labels.instance}}: HTTP probe slow";
}
{
alert = "HttpStatusCode";
expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
for = "5m";
annotations.summary = "{{$labels.instance}}: status code {{$value}}";
}
{
alert = "SslExpirySoon";
expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
for = "5m";
annotations.summary = "{{$labels.instance}}: SSL certificate expires in 30 days";
}
{
alert = "SslExpiry";
expr = "probe_ssl_earliest_cert_expiry - time() <= 0";
for = "5m";
annotations.summary = "{{$labels.instance}}: SSL certificate has expired";
}
];
}];
})];
systemd.services.alertmanager-bot-telegram =
let
alertmanager-bot-telegram = pkgs.buildGoModule rec {
pname = "alertmanager-bot";
version = "2020-07-13";
src = pkgs.fetchFromGitHub {
owner = "metalmatze";
repo = "alertmanager-bot";
rev = "5efc0bbbf8023d4324e9da98562f064a714a7206";
sha256 = "09cciml1j8x76jpm2v5v6h2q6j1fkhsz1kswslmx8wl4wk40xgp4";
};
vendorSha256 = "1v0fgin8dn81b559zz4lqmrl7hikr46g4gb18sci4riql5qs1isj";
postInstall = ''
install -D ./default.tmpl $out/templates/default.tmpl
'';
};
in {
wantedBy = [ "multi-user.target" ];
after = [ "ip-up.target" ];
environment.TELEGRAM_ADMIN = "18980945";
environment.TELEGRAM_TOKEN = lib.strings.fileContents <system-secrets/telegram/prometheus.token>;
serviceConfig = {
DynamicUser = true;
StateDirectory = "alertbot";
ExecStart = ''${alertmanager-bot-telegram}/bin/alertmanager-bot \
--alertmanager.url=http://localhost:9093 --log.level=info \
--store=bolt --bolt.path=/var/lib/alertbot/bot.db \
--listen.addr="0.0.0.0:16320" \
--template.paths=${pkgs.writeText "template.tmpl" ''
{{ define "telegram.default" }}
{{range .Alerts -}}
{{ if eq .Status "firing" }}
<b>{{ index .Annotations "summary"}}</b>
{{ index .Annotations "description" }}
See on Grafana: http://${config.services.grafana.domain}/d/alpUteInz/niveum
{{ else -}}
RESOLVED 😌 <del>{{ index .Annotations "summary"}}</del>
{{- end }}
{{end -}}
{{end}}
''}'';
};
};
services.prometheus.alertmanager = {
enable = true;
listenAddress = "localhost";
configuration = {
route = {
group_wait = "30s";
repeat_interval = "4h";
receiver = "me";
};
receivers = [{
name = "me";
webhook_configs = [{
url = "http://localhost:16320";
send_resolved = true;
}];
}];
};
};
services.prometheus.alertmanagers = [{
scheme = "http";
path_prefix = "/";
static_configs = [ { targets = [ "localhost:9093" ]; } ];
}];
services.prometheus.scrapeConfigs = [
{
job_name = "makanek";
static_configs = [ { targets = [
"127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
]; } ];
}
{
scrape_interval = "5m";
job_name = "blackbox";
metrics_path = "/probe";
params.module = [ "http_2xx" ];
relabel_configs = [
{ source_labels = ["__address__"]; target_label = "__param_target"; }
{ source_labels = ["__param_target"]; target_label = "instance"; }
{ replacement = "127.0.0.1:${toString config.services.prometheus.exporters.blackbox.port}"; target_label = "__address__"; }
];
static_configs = [{
targets = [
"alew.hu-berlin.de"
];
}];
}
{
job_name = "zaatar";
static_configs = [ { targets = [ "zaatar.r:${toString config.services.prometheus.exporters.node.port}" ]; } ];
}
];
services.prometheus.exporters.blackbox = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig;
};
networking.firewall.allowedTCPPorts = [
lokiConfig.server.http_listen_port
];
services.loki = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig;
};
}

75
configs/monitoring/push.nix Normal file
View File

@@ -0,0 +1,75 @@
{ config, pkgs, ... }:
{
services.nginx.virtualHosts.default = {
locations."= /stub_status".extraConfig = "stub_status;";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
nginx.enable = false;
node = {
enable = true;
enabledCollectors = [
"conntrack"
"diskstats"
"entropy"
"filefd"
"filesystem"
"loadavg"
"mdadm"
"meminfo"
"netdev"
"netstat"
"stat"
"time"
"vmstat"
"systemd"
"logind"
"interrupts"
"ksmd"
];
port = 9002;
};
};
};
networking.firewall.allowedTCPPorts = [ config.services.prometheus.exporters.node.port ];
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${(pkgs.formats.yaml {}).generate "promtail.yaml" {
server = {
http_listen_port = 28183;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [
{ url = "http://${if config.networking.hostName == "makanek" then "127.0.0.1" else "makanek.r"}:3100/loki/api/v1/push"; }
];
scrape_configs = [
{
job_name = "journal";
journal = {
max_age = "12h";
labels.job = "systemd-journal";
labels.host = config.networking.hostName;
};
relabel_configs = [
{
source_labels = [ "__journal__systemd_unit" ];
target_label = "unit";
}
];
}
];
}}
'';
};
};
}

31
configs/moodle-dl/borsfaye.nix Normal file
View File

@@ -0,0 +1,31 @@
{ config, pkgs, lib, ... }:
let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old: old // {
patches = [ <niveum/packages/moodle-dl/telegram-format.patch> ];
});
in
{
containers.moodle-dl-borsfaye = {
autoStart = true;
config = { lib, pkgs, ...}: {
imports = [ <niveum/modules/moodle-dl.nix> ];
services.moodle-dl = {
enable = true;
startAt = "hourly";
package = moodle-dl-package;
notifyOnly = true;
settings = {
telegram = {
token = lib.strings.fileContents <system-secrets/telegram/moodle-dl.token>;
chat_id = "311425510";
send_error_msg = false;
};
token = lib.strings.fileContents <system-secrets/moodle-dl/faye.token>;
moodle_domain = "moodle.hu-berlin.de";
moodle_path = "/";
};
};
};
};
}

81
systems/zaatar/moodle-dl-meinhark.nix → configs/moodle-dl/meinhark.nix
View File

@@ -1,42 +1,23 @@
{ config, pkgs, lib, ... }:
let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old: old // {
patches = [ <niveum/packages/moodle-dl/telegram-format.patch> ];
});
in
{
config,
pkgs,
lib,
...
}: let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old:
old
// {
# patches = [../../packages/moodle-dl/telegram-format.patch]; TODO?
});
in {
age.secrets = {
/*
moodle-dl-tokens = {
file = ../../secrets/zaatar-moodle-dl-tokens.json.age;
owner = "moodle-dl";
group = "moodle-dl";
mode = "400";
};
*/
moodle-dl-basicAuth = {
file = ../../secrets/zaatar-moodle-dl-basicAuth.age;
owner = "nginx";
group = "nginx";
mode = "400";
};
};
imports = [ <niveum/modules/moodle-dl.nix> ];
services.moodle-dl = {
enable = false;
enable = true;
startAt = "hourly";
package = moodle-dl-package;
tokensFile = config.age.secrets.moodle-dl-tokens.path;
settings = {
telegram = {
token = lib.strings.fileContents <system-secrets/telegram/moodle-dl.token>;
chat_id = "18980945";
send_error_msg = false;
};
token = lib.strings.fileContents <system-secrets/moodle.token>;
moodle_domain = "moodle.hu-berlin.de";
moodle_path = "/";
download_course_ids = [
@@ -83,30 +64,6 @@ in {
108283 # Digital Classicist
109211 # Altlitauisch
109185 # Etymologie
# SS 2022
112606 # Avestisch
111761 # Griechische Wissenschaftsliteratur
111515 # H. Furens
110914 # Apostelgeschichte
112225 # Gr. Paläographie
113275 # ALEW
112783 # Akzent und Silbenstruktur
113493 # Papyrologie
# WS 2022
115414 # Nonnos
116108 # Dialektologie
# SS 2023
117967 # Archaische Lyrik
119658 # Dyskolos
118963 # Antike Biographie
92668 # Taa
120671 # Jiddisch
120720 # Sorbisch
118076 # X-Tutorial
120631 # Predigten
];
download_submissions = true;
download_descriptions = true;
@@ -120,15 +77,17 @@ in {
fileSystems."/export/moodle" = {
device = config.services.moodle-dl.directory;
options = ["bind"];
options = [ "bind" ];
};
networking.firewall.allowedTCPPorts = [2049];
networking.firewall.allowedTCPPorts = [ 2049 ];
services.nginx.enable = true;
services.nginx.virtualHosts."moodle.kmein.r" = {
basicAuthFile = config.age.secrets.moodle-dl-basicAuth.path;
services.nginx.virtualHosts."moodle.kmein.r" =
let
identity = lib.strings.fileContents <secrets/eduroam/identity>;
password = lib.strings.fileContents <secrets/eduroam/password>;
in {
basicAuth."${identity}" = password;
locations."/" = {
root = config.services.moodle-dl.directory;
extraConfig = ''
@@ -140,9 +99,7 @@ in {
services.nfs.server = {
enable = true;
exports = let
machines = with (import ../../lib).retiolumAddresses; [kabsa manakish];
in ''
exports = let machines = with (import <niveum/lib>).retiolumAddresses; [kabsa manakish]; in ''
/export ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(fsid=0)") machines}
/export/moodle ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(insecure,rw)") machines}
'';

24
configs/mpv.nix
View File

@@ -1,29 +1,14 @@
{
pkgs,
lib,
config,
niveumPackages,
...
}: let
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
{ pkgs, lib, ... }: let
swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
in {
environment.shellAliases.smpv = swallow "mpv";
nixpkgs.overlays = [
(self: super: {
mpv = config.home-manager.users.me.programs.mpv.finalPackage;
})
];
home-manager.users.me = {
programs.mpv = {
enable = true;
config = {
ytdl-format = "bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best";
ytdl-raw-options = lib.concatStringsSep "," [''sub-lang="de,en"'' "write-sub=" "write-auto-sub="];
ytdl-raw-options = lib.concatStringsSep "," [ ''sub-lang="de,en"'' "write-sub=" "write-auto-sub=" ];
screenshot-template = "%F-%wH%wM%wS-%#04n";
script-opts = "ytdl_hook-ytdl_path=${pkgs.yt-dlp}/bin/yt-dlp";
ao = "pulse"; # no pipewire for me :(
};
bindings = {
"Alt+RIGHT" = "add video-rotate 90";
@@ -36,8 +21,7 @@ in {
"Alt+j" = "add video-pan-y -0.05";
};
scripts = [
pkgs.mpvScripts.youtube-quality
niveumPackages.mpv-visualizer
pkgs.unstable.mpvScripts.youtube-quality
];
};
};

38
configs/names.nix Normal file
View File

@@ -0,0 +1,38 @@
{ pkgs, lib, ... }:
let
port = 5703;
geogen = (pkgs.fetchFromGitHub {
owner = "kmein";
repo = "scripts";
rev = "8945430f27a8c6fd632dd35382cb094abe3543ff";
sha256 = "1djyxkynypxsrmdf6idgjszqpcgqyq607rrsvl58p2bpymmwibzb";
}) + "/onomastics";
inherit (pkgs.callPackage geogen {}) dependencyEnv;
in
{
systemd.services.names = {
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "Better clone of geogen.stoepel.net";
serviceConfig = {
DynamicUser = true;
};
script = ''
cd $(mktemp -d)
ln -s "${geogen}/wsgi.py" wsgi.py
${dependencyEnv}/bin/gunicorn wsgi:app -b :${toString port}
'';
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."names.kmein.r" = {
locations."/".proxyPass = "http://127.0.0.1:${toString port}";
};
}

10
configs/nano.nix Normal file
View File

@@ -0,0 +1,10 @@
{
programs.nano.nanorc = ''
set autoindent
set boldtext
set morespace
set smarthome
set tabsize 4
set tabstospaces
'';
}

248
configs/neomutt.nix Normal file
View File

@@ -0,0 +1,248 @@
{ pkgs, lib, ... }:
let
mainMailbox = "posteo";
accounts.uni = {
user = "meinhark";
password = lib.strings.fileContents <secrets/eduroam/password>;
address = "kieran.felix.meinhardt@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.uni-old = {
user = "meinhark";
password = lib.strings.fileContents <secrets/eduroam/password>;
address = "meinhark@informatik.hu-berlin.de";
imap = "mailbox.informatik.hu-berlin.de";
smtp = "mailhost.informatik.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.work-uni = {
user = "meinhaki";
password = lib.strings.fileContents <secrets/mail/meinhaki>;
address = "kieran.meinhardt@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.work-fysi = rec {
user = "kieran@fysi.tech";
address = user;
password = lib.strings.fileContents <secrets/mail/fastmail>;
imap = "imap.fastmail.com";
smtp = "smtp.fastmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.cock = rec {
user = "2210@cock.li";
address = user;
password = lib.strings.fileContents <secrets/mail/cock>;
imap = "mail.cock.li";
smtp = imap;
smtpSettings = smtp: "smtp://${smtp}:587";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts."${mainMailbox}" = rec {
user = "kieran.meinhardt@posteo.net";
address = user;
password = lib.strings.fileContents <secrets/mail/posteo>;
imap = "posteo.de";
smtp = imap;
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.google-amro = rec {
user = "amroplay@gmail.com";
address = user;
password = lib.strings.fileContents <secrets/mail/gmail/amroplay>;
imap = "imap.gmail.com";
smtp = "smtp.gmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "[Gmail]/Drafts";
sent = "[Gmail]/Sent Mail";
trash = "[Gmail]/Bin";
};
};
accounts.google-kieran = rec {
user = "kieran.meinhardt@gmail.com";
address = user;
password = lib.strings.fileContents <secrets/mail/gmail/kieran.meinhardt>;
imap = "imap.gmail.com";
smtp = "smtp.gmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "[Gmail]/Entwürfe";
sent = "[Gmail]/Gesendet";
trash = "[Gmail]/Papierkorb";
};
};
in
{
environment.systemPackages = [ pkgs.neomutt ];
environment.shellAliases.mua = "${pkgs.neomutt}/bin/neomutt -f ${mainMailbox}";
home-manager.users.me.xdg.configFile."neomutt/neomuttrc".text = ''
set mailcap_path = ${pkgs.writeText "mailcap" ''
text/plain; $EDITOR %s ;
text/html; ${pkgs.lynx}/bin/lynx -assume_charset=%{charset} -display_charset=utf-8 -dump %s; nametemplate=%s.html; copiousoutput;
image/*; ${pkgs.sxiv}/bin/sxiv %s ;
video/*; ${pkgs.utillinux}/bin/setsid ${pkgs.mpv}/bin/mpv --quiet %s &; copiousoutput
audio/*; ${pkgs.mpv}/bin/mpv %s ;
application/pdf; ${pkgs.zathura}/bin/zathura %s ;
application/pgp-encrypted; ${pkgs.gnupg}/bin/gpg -d '%s'; copiousoutput;
application/pgp-keys; ${pkgs.gnupg}/bin/gpg --import '%s'; copiousoutput;
''}:$mailcap_path
set sidebar_visible
set sidebar_format = "%D%?F? [%F]?%* %?N?%N/?%S"
set sidebar_width = 25 # Plenty of space
set sidebar_divider_char = '' # Pretty line-drawing character
set mail_check_stats
set index_format="%2C %Z %D %-15.15L %s"
set date_format="%F %R"
set sort = 'reverse-date'
set sleep_time = 0 # Pause 0 seconds for informational messages
set markers = no # Disables the `+` displayed at line wraps
set mark_old = no # Unread mail stay unread until read
set wait_key = no # mutt won't ask "press key to continue"
set fast_reply # skip to compose when replying
set forward_format = "Fwd: %s" # format of subject when forwarding
set reverse_name # reply as whomever it was to
set include=ask-no # don't include message in replies
auto_view text/html # automatically show html (mailcap uses lynx)
auto_view application/pgp-encrypted
alternative_order text/plain text/enriched text/html
set abort_noattach abort_noattach_regex="\<(attach|attached|attachments?|anbei|Anhang|angehängt)\>"
set attach_save_dir=/tmp
set fast_reply
set narrow_tree # narrow threads for more depth
bind index,pager B sidebar-toggle-visible # Use 'B' to switch the Sidebar on and off
bind index,pager \Ck sidebar-prev
bind index,pager \Cj sidebar-next
bind index,pager \Co sidebar-open
bind index,pager \Cp sidebar-prev-new
bind index,pager \Cn sidebar-next-new
macro index * <limit>~F\r
macro index + <limit>all\r
set query_command = "khard email --parsable %s"
bind editor <Tab> complete-query
bind editor ^T complete
set mail_check = 90
set timeout = 15
# set imap_check_subscribed
set use_from
set header_cache="~/.cache/mutt" message_cachedir="~/.cache/mutt"
source ${pkgs.writeText "accounts.neomuttrc" ''
set realname = "Kierán Meinhardt"
account-hook . 'unset imap_user imap_pass smtp_user smtp_pass'
# set accordingly: postponed trash record
${lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: let imapRoot = "imaps://${account.user}@${account.imap}"; in ''
account-hook ${account.user}@${account.imap} 'set imap_user="${account.user}" imap_pass="${account.password}"'
account-hook ${account.user}@${account.smtp} 'set smtp_user="${account.user}" smtp_pass="${account.password}"'
folder-hook ${account.user}@${account.imap} 'set smtp_url="${account.smtpSettings "${account.user}@${account.smtp}"}" from="${account.address}" record="${imapRoot}/${account.folders.sent}" postponed="${imapRoot}/${account.folders.drafts}" trash="${imapRoot}/${account.folders.trash}"'
named-mailboxes "${name}" "${imapRoot}" "${name}" "${imapRoot}/${account.folders.sent}"
'') accounts)}
''}
set spoolfile="${mainMailbox}"
source ${pkgs.writeText "colors.neomuttrc" ''
# Default index colors:
color index_number blue default
color index red default '.*'
color index_flags lightcyan default '.*'
color index_author yellow default '.*'
color index_subject lightblack default '.*'
# New mail is boldened:
color index_author lightyellow black "~N"
color index_subject lightwhite black "~N"
# Flagged mail is highlighted:
color index_flags lightmagenta default '~F'
# Other colors and aesthetic settings:
mono bold bold
mono underline underline
mono error bold
mono indicator reverse
# color sidebar_flagged red black
mono sidebar_new bold
color error red default
color message cyan default
color search brightmagenta default
color hdrdefault lightblack default
color quoted green default
color quoted1 blue default
color quoted2 cyan default
color quoted3 yellow default
color quoted4 red default
color quoted5 brightred default
color signature lightblack default
color tree color235 default
# Regex highlighting:
color header red default "^(Date)"
color header yellow default "^(From)"
color header white default "^(B?CC)"
color header brightwhite default "^(Subject)"
color body cyan default "[\-\.+_a-zA-Z0-9]+@[\-\.a-zA-Z0-9]+" # Email addresses
color body brightblue default "(https?|ftp)://[\-\.,/%~_:?&=\#a-zA-Z0-9]+" # URL
color body yellow default "^(\t| )*(-|\\*) \.*" # List items as yellow
color body red default "(BAD signature)|^gpg: BAD signature from.*"
color body brightgreen default "(Good signature)|^gpg: Good signature .*"
color body brightyellow default "^gpg: "
mono body bold "^gpg: Good signature"
mono body bold "^gpg: BAD signature from.*"
color body red default "([a-z][a-z0-9+-]*://(((([a-z0-9_.!~*'();:&=+$,-]|%[0-9a-f][0-9a-f])*@)?((([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?|[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+)(:[0-9]+)?)|([a-z0-9_.!~*'()$,;:@&=+-]|%[0-9a-f][0-9a-f])+)(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?(#([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?|(www|ftp)\\.(([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?(:[0-9]+)?(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?(#([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?)[^].,:;!)? \t\r\n<>\"]"
''}
'';
}

90
configs/neovim.nix
View File

@@ -1,40 +1,74 @@
{
pkgs,
niveumPackages,
...
}: {
{ pkgs, ... }: {
environment.variables.EDITOR = pkgs.lib.mkForce "nvim";
environment.shellAliases.vi = "nvim";
environment.shellAliases.vim = "nvim";
environment.shellAliases.view = "nvim -R";
home-manager.users.me = {
editorconfig = {
enable = true;
settings = {
"*" = {
charset = "utf-8";
end_of_line = "lf";
trim_trailing_whitespace = true;
insert_final_newline = true;
indent_style = "space";
indent_size = 2;
};
"*.py" = {
indent_size = 4;
};
Makefile = {
indent_style = "tab";
};
"*.md" = {
trim_trailing_whitespace = false;
};
};
nixpkgs.config.packageOverrides = pkgs: {
vimPlugins = pkgs.vimPlugins // {
cheat-sh-vim = pkgs.callPackage <niveum/packages/vimPlugins/cheat-sh.nix> { };
vim-fetch = pkgs.callPackage <niveum/packages/vimPlugins/vim-fetch.nix> { };
vim-colors-paramount = pkgs.callPackage <niveum/packages/vimPlugins/vim-colors-paramount.nix> { };
vim-256noir = pkgs.callPackage <niveum/packages/vimPlugins/vim-256noir.nix> { };
icalendar-vim = pkgs.callPackage <niveum/packages/vimPlugins/icalendar-vim.nix> { };
jq-vim = pkgs.callPackage <niveum/packages/vimPlugins/jq-vim.nix> { };
vim-fsharp = pkgs.callPackage <niveum/packages/vimPlugins/vim-fsharp.nix> { };
vim-reason-plus = pkgs.callPackage <niveum/packages/vimPlugins/vim-reason-plus.nix> { };
vim-mail = pkgs.callPackage <niveum/packages/vimPlugins/vim-mail.nix> { };
};
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
niveumPackages.vim
(pkgs.neovim.override {
configure = {
customRC = builtins.readFile <niveum/lib/vim/init.vim>;
packages.nvim = with pkgs.vimPlugins; {
start = [
ale
fzf-vim
fzfWrapper
supertab
undotree
tabular
vimwiki
vim-colors-paramount
vim-commentary
vim-css-color
vim-eunuch
vim-fetch
vim-fugitive
vim-gitgutter
vim-repeat
vim-sensible
vim-surround
];
opt = [
csv
dhall-vim
elm-vim
emmet-vim
haskell-vim
icalendar-vim
idris-vim
nim-vim
jq-vim
purescript-vim
rust-vim
typescript-vim
vim-fsharp
vim-javascript
vim-ledger
vim-nix
vim-reason-plus
vim-toml
vimtex
vim-pandoc
vim-pandoc-syntax # vim-pandoc-after
vim-256noir
];
};
};
})
];
}

92
configs/networkmanager.nix
View File

@@ -1,25 +1,20 @@
{
lib,
pkgs,
...
}: let
profile = name: custom:
lib.recursiveUpdate {
connection.id = name;
connection.type = "wifi";
connection.interface-name = "wlp3s0";
connection.permissions = "";
wifi.mac-address-blacklist = "";
wifi.ssid = name;
wifi.mode = "infrastructure";
ipv4.dns-search = "";
ipv4.method = "auto";
ipv6.addr-gen-mode = "stable-privacy";
ipv6.dns-search = "";
ipv6.method = "auto";
proxy = {};
}
custom;
{ lib, pkgs, ... }:
let
profile = name: custom: lib.recursiveUpdate {
connection.id = name;
connection.type = "wifi";
connection.interface-name = "wlp3s0";
connection.permissions = "";
wifi.mac-address-blacklist = "";
wifi.ssid = name;
wifi.mode = "infrastructure";
ipv4.dns-search = "";
ipv4.method = "auto";
ipv6.addr-gen-mode = "stable-privacy";
ipv6.dns-search = "";
ipv6.method = "auto";
proxy = {};
} custom;
eduroamProfile = {
connection.uuid = "eae9fee6-a7d2-4120-a609-440b457d6fcf";
wifi-security = {
@@ -41,26 +36,51 @@
phase2-auth = "pap";
};
};
in {
programs.nm-applet.enable = true;
in
{
imports = [ ../modules/networkmanager-declarative.nix ];
networking.networkmanager = {
enable = true;
plugins = [
pkgs.networkmanager-openvpn
pkgs.networkmanager-fortisslvpn
];
wifi.macAddress = "random";
ethernet.macAddress = "random";
unmanaged = ["docker*"];
unmanaged = [ "docker*" ];
profiles = lib.mapAttrs profile {
Aether = {
connection.uuid = "7138bb0f-1aeb-4905-890e-a6628427aa21";
ipv6.addr-gen-mode = "stable";
wifi.cloned-mac-address = "stable";
wifi-security = {
psk = lib.strings.fileContents <secrets/wifi/Aether.psk>;
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
FactoryCommunityGuest = {
connection.uuid = "fb1f2e52-651e-48b5-a72c-1accddf31afb";
connection.timestamp = "1631885129";
wifi.seen-bssids = "54:EC:2F:19:30:DC;54:EC:2F:19:5C:9C;54:EC:2F:58:E4:3C;";
wifi-security = {
psk = "Factory4ever";
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
o2-WLAN66 = {
connection.uuid = "c563aec3-f344-4ffb-8d1c-60a6cdac8fe0";
wifi-security = {
psk = "PK3468KV488T934U";
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
"WIFI@DB".connection.uuid = "4eff4e94-8850-4e9f-a338-1787d0d90479";
eduroam = eduroamProfile;
eduroam_5GHz = eduroamProfile;
};
};
users.users.me.extraGroups = ["networkmanager"];
users.users.me.extraGroups = [ "networkmanager" ];
environment.systemPackages = [
pkgs.speedtest-cli
pkgs.networkmanager-openvpn
pkgs.networkmanagerapplet
pkgs.networkmanager-fortisslvpn
];
environment.systemPackages = [ pkgs.speedtest-cli ];
}

83
configs/newsboat.nix
View File

@@ -1,40 +1,15 @@
{
pkgs,
config,
lib,
...
}: let
{ pkgs, config, ... }:
let
ytdl-format = "'bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best'";
youtube-download = "${pkgs.ts}/bin/ts ${pkgs.yt-dlp}/bin/yt-dlp -f ${ytdl-format} --add-metadata";
youtube-download = "${pkgs.ts}/bin/ts ${pkgs.youtube-dl}/bin/youtube-dl -f ${ytdl-format} --add-metadata";
newsboat-home = "${config.users.users.me.home}/cloud/Seafile/Documents/newsboat";
linkhandler = pkgs.writers.writeDash "linkhandler" ''
# Feed script a url or file location.
# If an image, it will view in sxiv,
# if a video or gif, it will view in mpv
# if a music file or pdf, it will download,
# otherwise it opens link in browser.
# If no url given. Opens browser. For using script as $BROWSER.
[ -z "$1" ] && { "$BROWSER"; exit; }
case "$1" in
*mkv|*webm|*mp4|*youtube.com/watch*|*youtube.com/playlist*|*youtu.be*|*bitchute.com*|*videos.lukesmith.xyz*|*odysee.com*)
setsid -f ${pkgs.mpv}/bin/mpv -quiet "$1" >/dev/null 2>&1 ;;
*png|*jpg|*jpe|*jpeg|*gif)
curl -sL "$1" > "/tmp/$(echo "$1" | sed "s/.*\///")" && sxiv -a "/tmp/$(echo "$1" | sed "s/.*\///")" >/dev/null 2>&1 & ;;
*mp3|*flac|*opus|*mp3?source*)
setsid -f tsp curl -LO "$1" >/dev/null 2>&1 ;;
*)
if [ -f "$1" ]; then "$TERMINAL" -e "$EDITOR" "$1"
else setsid -f "$BROWSER" "$1" >/dev/null 2>&1; fi ;;
esac
'';
newsboat-home =
"${config.users.users.me.home}/cloud/Seafile/Documents/newsboat";
linkhandler-bin = "${pkgs.scripts.linkhandler}/bin/linkhandler";
newsboat-config = pkgs.writeText "config" ''
auto-reload no
reload-threads 8
prepopulate-query-feeds yes
# dont keep a search history
@@ -44,12 +19,12 @@
text-width 85
external-url-viewer "${pkgs.urlscan}/bin/urlscan -dc -r '${linkhandler} {}'"
browser ${linkhandler}
external-url-viewer "${pkgs.urlscan}/bin/urlscan -dc -r '${linkhandler-bin} {}'"
browser ${linkhandler-bin}
macro , open-in-browser
macro c set browser "${pkgs.xsel}/bin/xsel -b <<<" ; open-in-browser ; set browser ${linkhandler}
macro v set browser "${pkgs.util-linux}/bin/setsid -f ${pkgs.mpv}/bin/mpv" ; open-in-browser ; set browser ${linkhandler}
macro y set browser "${youtube-download}" ; open-in-browser ; set browser ${linkhandler}
macro c set browser "${pkgs.xsel}/bin/xsel -b <<<" ; open-in-browser ; set browser ${linkhandler-bin}
macro v set browser "${pkgs.utillinux}/bin/setsid -f ${pkgs.mpv}/bin/mpv" ; open-in-browser ; set browser ${linkhandler-bin}
macro y set browser "${youtube-download}" ; open-in-browser ; set browser ${linkhandler-bin}
bind-key j down
bind-key k up
@@ -73,7 +48,7 @@
save-path ${newsboat-home}/saved/
highlight all "---.*---" yellow default
# highlight feedlist ".*(0/0))" default default
highlight feedlist ".*(0/0))" black default
highlight article "^Title:.*" yellow default bold
highlight article "^Author:.*" yellow default
highlight article "^Flags:.*" red default
@@ -81,37 +56,25 @@
highlight article "\\[image [0-9][0-9]*\\]" color109 default bold
highlight article "\\[embedded flash: [0-9][0-9]*\\]" color66 default bold
color background white default
color listnormal white default
color listnormal_unread white default bold
color listfocus blue default
color listfocus_unread blue default bold
color info red default bold
urls-source "miniflux"
miniflux-url "https://feed.kmein.de"
miniflux-login "kfm"
miniflux-password "${lib.strings.fileContents <secrets/miniflux/password>}"
color article white default
'';
newsboat-sql = "${pkgs.sqlite}/bin/sqlite3 ${newsboat-home}/cache.db";
in {
nixpkgs.config.packageOverrides = pkgs: {
newsboat = pkgs.writers.writeDashBin "newsboat" ''
${pkgs.newsboat}/bin/newsboat -C ${newsboat-config} -c ${newsboat-home}/cache.db -u ${newsboat-home}/urls "$@"
'';
};
environment.systemPackages = [
pkgs.newsboat
(pkgs.writers.writeDashBin "newsboat-unread-count" ''
if [ -f ${newsboat-home}/cache.db.lock ]; then
${pkgs.jq}/bin/jq -n '{state: "Info", text: "", icon: "rss"}'
else
${pkgs.jq}/bin/jq -n \
--argjson unread "$(${newsboat-sql} "SELECT COUNT(DISTINCT id) FROM rss_item WHERE unread=1")" \
--argjson watchLater "$(${newsboat-sql} "SELECT COUNT(DISTINCT id) FROM rss_item WHERE flags='e' AND deleted=0")" \
'{
state: (if $unread > 0 then "Good" else "Idle" end),
text: (if $unread > 0 then "\($unread)" else "[\($watchLater)]" end),
icon: "rss"
}'
fi
'')
(pkgs.writers.writeDashBin "mpv-watch-later" ''
${newsboat-sql} "SELECT url FROM rss_item WHERE flags='e' AND deleted=0 ORDER BY pubDate DESC" \
${pkgs.sqlite}/bin/sqlite3 ${newsboat-home}/cache.db "SELECT url FROM rss_item WHERE flags='e' AND deleted=0 ORDER BY pubDate DESC" \
| ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv
'')
];

56
configs/nextcloud.nix Normal file
View File

@@ -0,0 +1,56 @@
{ pkgs, lib, ... }:
let
passwordFile = path: toString (pkgs.writeText "password" (lib.strings.fileContents path));
inherit (import <niveum/lib>) localAddresses;
in
{
services.nextcloud = {
enable = true;
package = pkgs.nextcloud22;
https = true;
autoUpdateApps = {
enable = true;
startAt = "05:00:00";
};
hostName = "cloud.xn--kiern-0qa.de";
config = {
overwriteProtocol = "https";
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud";
dbpassFile = passwordFile <system-secrets/nextcloud/database>;
adminpassFile = passwordFile <system-secrets/nextcloud/admin>;
adminuser = "admin";
# extraTrustedDomains = [ "toum.r" ];
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{
name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}
];
};
services.nginx.virtualHosts."cloud.xn--kiern-0qa.de" = {
enableACME = true;
forceSSL = true;
};
# Ensure that postgres is running before running the setup
systemd.services."nextcloud-setup" = {
requires = ["postgresql.service"];
after = ["postgresql.service"];
};
}

14
configs/nix.nix
View File

@@ -1,14 +0,0 @@
{
pkgs,
inputs,
...
}: {
nixpkgs = {
config.allowUnfree = true;
};
nix = {
package = pkgs.nixFlakes;
extraOptions = "experimental-features = nix-command flakes";
nixPath = ["nixpkgs=${inputs.nixpkgs}"];
};
}

9
configs/openweathermap.nix
View File

@@ -1,8 +1,5 @@
{
pkgs,
lib,
...
}: let
{ pkgs, lib, ... }:
let
openweathermap-repo = pkgs.fetchFromGitHub {
owner = "ip1981";
repo = "openweathermap";
@@ -18,5 +15,5 @@ in {
'';
};
environment.systemPackages = [pkgs.weather];
environment.systemPackages = [ pkgs.weather ];
}

311
configs/packages.nix
View File

@@ -1,311 +0,0 @@
{
config,
pkgs,
lib,
inputs,
niveumPackages,
unstablePackages,
...
}: let
worldradio = pkgs.callPackage ../packages/worldradio.nix {};
zoteroStyle = {
name,
sha256,
}: {
name = "${name}.csl";
path = pkgs.fetchurl {
url = "https://www.zotero.org/styles/${name}";
inherit sha256;
};
};
cslDirectory = pkgs.linkFarm "citation-styles" [
(zoteroStyle {
name = "chicago-author-date-de";
sha256 = "sha256-ddMYk4A9DJQhx9ldkmF7PhwKuc7wUSr26uHHGAze9Ps=";
})
(zoteroStyle {
name = "din-1505-2";
sha256 = "sha256-bXZbB850fek8J6wMVFL32ndI7F4wiKKr1qUC71ezreE=";
})
(zoteroStyle {
name = "apa";
sha256 = "sha256-yq4fW6hQknycLjaj5fPbXLrQlGBp5myXiOSHBU90jEc=";
})
];
astrolog = pkgs.astrolog.overrideAttrs (old:
old
// {
installPhase = ''
${old.installPhase}
# set sensible defaults
sed -i '
/^-z /s/8:00W/1:00E/ # timezone
/^-zl /s/122W19:59 47N36:35/13E22:42 52N27:42/ # default location
/^-zj /s/"Current moment now"/Now/ # default name
/^-zj /s/"Seattle, WA, USA"/Berlin/ # default location
/^_k/s/_k/=k/ # use color
/^_Yd/s/_Yd/=Yd/ # sensible date format
/^_Yt/s/_Yt/=Yt/ # sensible time format
/^_Yv/s/_Yv/=Yv/ # sensible length format
/^:Xbw/s/:Xbw/:Xbn/ # set X11 bitmap format
/^:I /s/80/120/ # wider text output
' $out/astrolog/astrolog.as
'';
});
in {
home-manager.users.me.home.file = {
".csl".source = cslDirectory;
".local/share/pandoc/csl".source = cslDirectory; # as of pandoc 2.11, it includes citeproc
};
environment.systemPackages = with pkgs; [
# INTERNET
aria2
firefox
tdesktop
w3m
wget
whois
dnsutils
# FILE MANAGERS
lf
cinnamon.nemo
# MEDIA
ffmpeg
imagemagick
exiftool
nsxiv
# ARCHIVE TOOLS
unzip
unrar
p7zip
zip
# MONITORS
htop
iotop # I/O load monitor
iftop # interface bandwidth monitor
lsof # list open files
psmisc # for killall, pstree
# SHELL
bat # better cat
fd # better find
file # determine file type
dos2unix
genpass # generate passwords
gdu # ncurses disk usage (ncdu is broken)
rmlint # remove duplicate files
gcc
python3Packages.jsonschema # json validation
jq # json toolkit
pup # html toolkit
htmlq
xsv # csv toolkit
fq # toolkit for yaml, xml and binaries
man-pages
man-pages-posix
tree
exfat # to mount windows drives
parallel # for parallel, since moreutils shadows task spooler
ripgrep # better grep
rlwrap
progress # display progress bars for pipes
# HARDWARE TOOLS
usbutils # for lsusb
pciutils # for lspci
lshw # for lshw
arandr # xrandr for noobs
libnotify # for notify-send
xclip # clipboard CLI
xdragon # drag and drop
xorg.xkill # kill by clicking
audacity
calibre
electrum
inkscape
astrolog
obsidian
anki-bin # flashcards
jbofihe # lojbanic software
zoom-us # video conferencing
alejandra # nix formatter
pdfgrep # search in pdf
pdftk # pdf toolkit
mupdf
poppler_utils # pdf toolkit
okular # the word is nucular
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
niveumPackages.hc # print files as qr codes
yt-dlp
espeak
bc # calculator
pari # gp -- better calculator
rink # unit converter
niveumPackages.auc
niveumPackages.cheat-sh
niveumPackages.infschmv
niveumPackages.qrpaste
niveumPackages.ttspaste
niveumPackages.new-mac # get a new mac address
niveumPackages.scanned
niveumPackages.default-gateway
niveumPackages.kirciuoklis
niveumPackages.image-convert-favicon
niveumPackages.heuretes
niveumPackages.ipa # XSAMPA to IPA converter
niveumPackages.pls
niveumPackages.mpv-tv
niveumPackages.devanagari
niveumPackages.betacode # ancient greek betacode to unicode converter
niveumPackages.meteo
niveumPackages.mahlzeit
niveumPackages.vimv
niveumPackages.swallow # window swallowing
niveumPackages.literature-quote
jless # less(1) for json
niveumPackages.booksplit
niveumPackages.dmenu-randr
niveumPackages.dmenu-bluetooth
niveumPackages.manual-sort
niveumPackages.dns-sledgehammer
ts
niveumPackages.vg
niveumPackages.fkill
niveumPackages.wttr
niveumPackages.unicodmenu
niveumPackages.closest
niveumPackages.trans
(niveumPackages.mpv-radio.override {
di-fm-key-file = config.age.secrets.di-fm-key.path;
})
(niveumPackages.mpv-tuner.override {
di-fm-key-file = config.age.secrets.di-fm-key.path;
})
# kmein.slide
termdown
niveumPackages.image-convert-tolino
niveumPackages.rfc
niveumPackages.tag
niveumPackages.timer
niveumPackages.menu-calc
nix-prefetch-git
niveumPackages.nix-git
nixfmt
par
qrencode
inputs.menstruation-backend.defaultPackage.x86_64-linux
inputs.agenix.packages.x86_64-linux.default
inputs.recht.defaultPackage.x86_64-linux
(pkgs.writers.writeDashBin "worldradio" ''
shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
'')
(pkgs.writers.writeDashBin "chats" ''
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
inputs.scripts.packages.x86_64-linux.alarm
spotify
ncspot
playerctl
nix-index
niveumPackages.nix-index-update
#krebs
niveumPackages.dic
niveumPackages.cyberlocker-tools
niveumPackages.untilport
niveumPackages.kpaste
config.nur.repos.mic92.ircsink
(haskellPackages.ghcWithHoogle (hs: [
hs.text
hs.lens
hs.bytestring
]))
(python3.withPackages (py: [
py.black
# py.python-language-server
# py.pyls-mypy
# py.pyls-black
# py.pyls-isort
py.flake8
py.pygments
py.schema
]))
# python3Packages.poetry
# language servers
pyright
haskell-language-server
texlab
nil
rust-analyzer
elmPackages.elm-language-server
nodePackages.typescript-language-server
lua-language-server
nodePackages.vscode-langservers-extracted
html-tidy
nodePackages.csslint
nodePackages.jsonlint
nodePackages.prettier
nodePackages.typescript
nodePackages.eslint
nodePackages.yarn
deno # better node.js
nodejs
texlive.combined.scheme-full
latexrun
(aspellWithDicts (dict: [dict.de dict.en dict.en-computers]))
# haskellPackages.pandoc-citeproc
niveumPackages.text2pdf
lowdown
glow # markdown to term
libreoffice
# gnumeric
dia
unstablePackages.pandoc
niveumPackages.man-pandoc
typst
# proselint
asciidoctor
wordnet
tokei # count lines of code
gnumake
binutils # for strip, ld, ...
# nightly.rust
shellcheck
(pkgs.writers.writeDashBin "hass-cli" ''
HASS_SERVER=http://zaatar.r:8123 HASS_TOKEN="$(cat ${config.age.secrets.home-assistant-token.path})" exec ${pkgs.home-assistant-cli}/bin/hass-cli "$@"
'')
# xml
saxonb_9_1
libxml2
zotero
];
age.secrets.home-assistant-token = {
file = ../secrets/home-assistant-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
home-manager.users.me.xdg.configFile."pycodestyle".text = ''
[pycodestyle]
max-line-length = 110
'';
}

227
configs/packages/default.nix Normal file
View File

@@ -0,0 +1,227 @@
{ pkgs, lib, ... }:
let
hc = pkgs.callPackage <stockholm/tv/5pkgs/simple/hc.nix> {};
worldradio = pkgs.callPackage <niveum/packages/worldradio.nix> {};
menstruation = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
nixpkgs-unstable = import <nixpkgs-unstable> { config.allowUnfree = true; };
astrolog = nixpkgs-unstable.astrolog.overrideAttrs (old: old // {
installPhase = ''
${old.installPhase}
# set sensible defaults
sed -i '
/^-z /s/8:00W/1:00E/ # timezone
/^-zl /s/122W19:59 47N36:35/13E22:42 52N27:42/ # default location
/^-zj /s/"Current moment now"/Now/ # default name
/^-zj /s/"Seattle, WA, USA"/Berlin/ # default location
/^_k/s/_k/=k/ # use color
/^_Yd/s/_Yd/=Yd/ # sensible date format
/^_Yt/s/_Yt/=Yt/ # sensible time format
/^_Yv/s/_Yv/=Yv/ # sensible length format
/^:Xbw/s/:Xbw/:Xbn/ # set X11 bitmap format
/^:I /s/80/120/ # wider text output
' $out/astrolog/astrolog.as
'';
});
recht = pkgs.callPackage (pkgs.fetchFromGitHub {
owner = "kmein";
repo = "recht";
rev = "0.6.2";
sha256 = "08gnrnz3lwh8h6fyga56yfy9qryzm89xbshm7wpxfyxf2pmp1qfx";
}) {};
in {
imports = [
./writing.nix
./python.nix
./haskell
{
environment.systemPackages = let
# nightly = pkgs.rustChannelOf {
# date = "2019-12-27";
# channel = "nightly";
# };
in with pkgs; [
htmlTidy
nodePackages.csslint
nodePackages.jsonlint
nodePackages.prettier
nodePackages.typescript
nodePackages.yarn
nodejs
nodePackages.javascript-typescript-langserver
tokei # count lines of code
gnumake
binutils # for strip, ld, ...
# nightly.rust
shellcheck
];
}
];
environment.systemPackages = with pkgs; [
# INTERNET
aria2
firefox
tdesktop
w3m
wget
whois
ix
dnsutils
# mtr # my traceroute
# FILE MANAGERS
ranger
pcmanfm
# MEDIA
ffmpeg
imagemagick
exiftool
scrot
# ARCHIVE TOOLS
unzip
unrar
p7zip
zip
# MONITORS
htop
iotop # I/O load monitor
iftop # interface bandwidth monitor
lsof # list open files
psmisc # for killall, pstree
# SHELL
bat # better cat
fd # better find
file # determine file type
dos2unix
ncdu # ncurses disk usage
python3Packages.jsonschema # json validation
jq # json toolkit
pup # html toolkit
nixpkgs-unstable.htmlq
xsv # csv toolkit
xmlstarlet # xml toolkit
manpages
posix_man_pages
# moreutils # for parallel, sponge, combine
tree
fuse_exfat # to mount windows drives
parallel # for parallel, since moreutils shadows task spooler
ripgrep # better grep
rlwrap
progress # display progress bars for pipes
up # universal plumber (piping tool)
# HARDWARE TOOLS
usbutils # for lsusb
pciutils # for lspci
lshw # for lshw
arandr # xrandr for noobs
libnotify # for notify-send
xclip # clipboard CLI
dragon-drop # drag and drop
xorg.xkill # kill by clicking
audacity
calibre
inkscape
astrolog # astrolog
anki # flashcards
nixpkgs-unstable.zoom-us # video conferencing
pdfgrep # search in pdf
pdftk # pdf toolkit
poppler_utils # pdf toolkit
foxitreader # for viewing pdf annotations
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
hc # print files as qr codes
youtubeDL
bc # calculator
pari # gp -- better calculator
scripts.auc
scripts.infschmv
scripts.qrpaste
scripts.new-mac # get a new mac address
scripts.scanned
scripts.default-gateway
scripts.showkeys-toggle
scripts.kirciuoklis
scripts.favicon
scripts.ipa # XSAMPA to IPA converter
scripts.playlist
scripts.mpv-tv
scripts.devanagari
scripts.betacode # ancient greek betacode to unicode converter
scripts.meteo
scripts.mahlzeit
recht
scripts.vimv
scripts.swallow # window swallowing
scripts.genius
scripts.instaget
scripts.literature-quote
scripts.nav # json navigation
scripts.n
scripts.notetags
scripts.booksplit
scripts.dmenurandr
scripts.interdimensional-cable
scripts.dmenubluetooth
scripts.manual-sort
scripts.much-scripts
scripts.dns-sledgehammer
ts
scripts.vg
scripts.fkill
scripts.wttr
scripts.sanskrit-dictionary
scripts.unicodmenu
scripts.horoscope
scripts.closest
scripts.trans
scripts.liddel-scott-jones
scripts.mpv-radio
# kmein.slide
scripts.tolino-screensaver
scripts.rfc
scripts.tag
scripts.menu-calc
nix-prefetch-git
scripts.nix-git
nixfmt
par
qrencode
wtf
menstruation
(pkgs.writers.writeDashBin "worldradio" ''
shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
'')
(pkgs.writers.writeDashBin "chats" ''
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import <niveum/lib/local-network.nix>).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import <niveum/lib/local-network.nix>).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
nixpkgs-unstable.spotify
ncspot
playerctl
nix-index
scripts.nix-index-update
#krebs
dic
cyberlocker-tools
untilport
kpaste
irc-announce
git-preview
ircaids
];
}

46
configs/packages/haskell/default.nix Normal file
View File

@@ -0,0 +1,46 @@
{ config, pkgs, ... }: {
home-manager.users.me.home.file = {
".ghc/ghci.conf".text = ''
:set editor vim
:def hoogle \s -> return $ ":!${pkgs.haskellPackages.hoogle}/bin/hoogle search --color -l --count=15 \"" ++ s ++ "\""
:def doc \s -> return $ ":!${pkgs.haskellPackages.hoogle}/bin/hoogle search --color -l --info \"" ++ s ++ "\""
:set prompt "\o033[1m%s\o033[1;34m λ\o033[0m "
:set -Wall
:set -XOverloadedStrings
'';
# :def unpl \x -> return $ ":!${pkgs.haskellPackages.pointful}/bin/pointful \"" ++ x ++ "\""
# :def pl \x -> return $ ":!${pkgs.haskellPackages.pointfree}/bin/pointfree -v \"" ++ x ++ "\""
".stack/config.yaml".source =
let inherit (import <niveum/lib>) kieran;
in (pkgs.formats.yaml {}).generate "config.yaml" {
templates.params = {
author-name = kieran.name;
author-email = kieran.email;
copyright = "Copyright: (c) 2020 ${kieran.name}";
github-username = kieran.github;
};
};
};
services.hoogle = {
enable = false;
packages = import ./packages.nix;
port = 8091;
};
environment.systemPackages = with pkgs;
[
cabal2nix
cabal-install
hlint
haskellPackages.ormolu
(haskellPackages.ghcWithHoogle (import ./packages.nix))
] ++ map haskell.lib.justStaticExecutables [
haskellPackages.ghcid
haskellPackages.hasktags
# haskellPackages.hindent
# haskellPackages.pointfree
# haskellPackages.pointful
haskellPackages.hpack
];
}

100
configs/packages/haskell/packages.nix Normal file
View File

@@ -0,0 +1,100 @@
haskellPackages:
with haskellPackages; [
HTTP
HUnit
MissingH
QuickCheck
ad
adjunctions
aeson
# algebra
ansi-terminal
async
attoparsec
base-orphans
bifunctors
binary
blaze-html
blaze-markup
brick
bytes
bytestring
case-insensitive
cassava
cereal
clock
comonad
comonad-transformers
conduit
conduit-extra
constraints
containers
contravariant
criterion
data-default
diagrams
directory
dlist
either
edit-distance
exceptions
extra
filepath
foundation
free
haskeline
hedgehog
hourglass
hspec
http-client
http-conduit
kan-extensions
lens
linear
lucid
megaparsec
microlens
monad-logger
monad-memo
mono-traversable
mtl
network
parallel
parsec
persistent
pipes
pointed
pretty
pretty-show
prettyprinter
primitive
process
profunctors
regex-tdfa
safe
scalpel
semigroupoids
semigroups
servant
servant-blaze
servant-client
servant-docs
servant-server
servant-swagger
split
stm
tagsoup
tasty
text
time
transformers
turtle
unix-time
unordered-containers
vector
void
vty
warp
wreq
yaml
]

20
configs/packages/python.nix Normal file
View File

@@ -0,0 +1,20 @@
{ pkgs, ... }: {
environment.systemPackages = [
(pkgs.python3.withPackages (py: [
py.black
# py.python-language-server
# py.pyls-mypy
# py.pyls-black
# py.pyls-isort
py.flake8
py.pygments
py.schema
]))
pkgs.python3Packages.poetry
];
home-manager.users.me.xdg.configFile."pycodestyle".text = ''
[pycodestyle]
max-line-length = 110
'';
}

81
configs/packages/writing.nix Normal file
View File

@@ -0,0 +1,81 @@
{ pkgs, lib, config, ... }:
let
pandoc-doc = pkgs.callPackage <niveum/packages/man/pandoc.nix> {};
zoteroStyle = { name, sha256 }: {
name = "${name}.csl";
path = pkgs.fetchurl {
url = "https://www.zotero.org/styles/${name}";
inherit sha256;
};
};
cslDirectory = pkgs.linkFarm "citation-styles" [
(zoteroStyle {
name = "chicago-author-date-de";
sha256 = "0fz0xn46rkciblr34a7x2v60j0lbq9l3fmzi43iphph27m0czn6s";
})
(zoteroStyle {
name = "din-1505-2";
sha256 = "1pvy1b7qm13mnph7z365rrz1j082bl2y8ih73rhzd0zd6dz1jyjq";
})
(zoteroStyle {
name = "apa";
sha256 = "1878vxp0y0h05yzaghnd51n981623mxskw3lsdyzmffqhihvv111";
})
];
makeStardictDataDir = dicts:
pkgs.linkFarm "dictionaries" (map ({ name, path }: {
name = "dic/${name}";
inherit path;
}) dicts);
in {
environment.variables.STARDICT_DATA_DIR = toString (makeStardictDataDir [
{
name = "gr-de";
path = pkgs.fetchurl {
url = "http://tovotu.de/data/stardict/pape_gr-de.zip";
sha256 = "1d705y47b40vp0mg79vbwasw4y0i8fmnlwvf4x4ri0dkfqng9sky";
};
}
{
name = "la-de";
path = pkgs.fetchurl {
url = "http://tovotu.de/data/stardict/georges_lat-de.zip";
sha256 = "12n26nzwg28wn4zwv45mv0wkgy1jh1d8p0k6haamz9601cqq7hkj";
};
}
{
name = "de-la";
path = pkgs.fetchurl {
url = "http://tovotu.de/data/stardict/georges_de-lat.zip";
sha256 = "0inm6xn1lcnb851cj329n0v2vbfc1z1bxwhgsd8fnm0zxy3f3ifq";
};
}
]);
home-manager.users.me.home.file = {
".csl".source = cslDirectory;
".local/share/pandoc/csl".source = cslDirectory; # as of pandoc 2.11, it includes citeproc
};
environment.systemPackages = with pkgs; [
texlive.combined.scheme-full
latexrun
(aspellWithDicts (dict: [ dict.de dict.en dict.en-computers ]))
# haskellPackages.pandoc-citeproc
scripts.text2pdf
lowdown
glow # markdown to term
libreoffice
# gnumeric
dia
pandoc
pandoc-doc
# proselint
asciidoctor
wordnet
# sdcv # stardict cli
];
}

25
configs/picom.nix
View File

@@ -1,25 +0,0 @@
{
services.picom = {
enable = true;
# activeOpacity = 1;
fade = true;
fadeDelta = 1;
# inactiveOpacity = 0.9;
# shadow = true;
# menuOpacity = 0.9;
# shadowOpacity = 0.3;
fadeExclude = [
"class_g = 'slock'" # don't want a transparent lock screen!
"name *?= 'slock'"
"focused = 1"
];
opacityRules = [
# opacity-rule overrides both inactive and active opacity
# video in browser tabs
# substring /regex match of title bar text
"99:name *?= 'Youtube'"
"99:WM_CLASS@:s *= 'mpv$'"
];
};
}

Some files were not shown because too many files have changed in this diff Show More