kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-17 10:41:06 +01:00
Code Releases Activity

Compare commits

base: kfm:feature/itools
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:flakes-2
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

1 Commits
feature/it ... flakes-2

Author SHA1 Message Date
Kierán Meinhardt
248ebea28e wip: flakes 2021-12-29 15:15:02 +01:00
366 changed files with 8477 additions and 13478 deletions
Expand all files Collapse all files

29
.bin/anki-poem.sh
View File

@@ -1,29 +0,0 @@
#!/bin/sh
file="${1?please supply a poetry file}"
[ -f "$file" ] || {
echo "'$file' is no file"
exit 1
}
poem="$(mktemp)"
clean () {
rm "$poem"
}
trap clean EXIT
sed '/^$/d' "$file" > "$poem"
htmlize() {
awk 'ORS="<br/>"' \
| head -c -5 # remove final <br/> characters
}
for line_number in $(seq 1 "$(wc -l "$poem" | cut -d' ' -f1)"); do
if [ "$line_number" -gt 3 ] && [ "$line_number" -gt 1 ]; then
sed -n "$((line_number - 3)),$((line_number - 1))p" "$poem"
else
sed -n "1,$((line_number - 1))p" "$poem"
fi | htmlize
printf '\t'
sed -n "${line_number},+1p" "$poem" | htmlize
printf '\n'
done

54
.bin/avesta.sed
View File

@@ -1,54 +0,0 @@
#!/usr/bin/env -S sed -f
s/ā̊/𐬃/g
s//𐬝/g
s/ṣ̌/𐬴/g
s/š́/𐬳/g
s/ą̄/𐬅/g
s/ŋᵛ/𐬤/g
s/ə̄/𐬇/g
s/ŋ́/𐬣/g
s//𐬒/g
s/xᵛ/𐬓/g
s/a/𐬀/g
s/ā/𐬁/g
s/å/𐬂/g
s/ą/𐬄/g
s/ə/𐬆/g
s/e/𐬈/g
s/ē/𐬉/g
s/o/𐬊/g
s/ō/𐬋/g
s/i/𐬌/g
s/ī/𐬍/g
s/u/𐬎/g
s/ū/𐬏/g
s/k/𐬐/g
s/x/𐬑/g
s/g/𐬔/g
s/ġ/𐬕/g
s/γ/𐬖/g
s/c/𐬗/g
s/j/𐬘/g
s/t/𐬙/g
s/θ/𐬚/g
s/d/𐬛/g
s/δ/𐬜/g
s/p/𐬞/g
s/f/𐬟/g
s/b/𐬠/g
s/β/𐬡/g
s/ŋ/𐬢/g
s/n/𐬥/g
s/ń/𐬦/g
s//𐬧/g
s/m/𐬨/g
s//𐬩/g
s//𐬫/g
s/y/𐬪/g
s/v/𐬬/g
s/r/𐬭/g
s/s/𐬯/g
s/z/𐬰/g
s/š/𐬱/g
s/ž/𐬲/g
s/h/𐬵/g

19
.bin/calendars.sh
View File

@@ -1,19 +0,0 @@
#!/bin/sh
directory="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$directory"
}
year=$(date +%Y)
output=/tmp/$year.pdf
for month in $(seq 1 12); do
printf "\r%d" "$month" 1>&2
astrolog -zN Berlin -qm "$month" "$year" -X -K -XA -Xr -Xm -Xb -Xo "$(printf "%s/%02d.bmp" "$directory" "$month")" -Xw 1080 720 2>/dev/null
done
printf "\r"
convert "$directory/*.bmp" "$output"
echo "$output"

43
.bin/dummy-alert
View File

@@ -1,43 +0,0 @@
#!/bin/bash
name=$RANDOM
url='http://localhost:9093/api/v1/alerts'
echo "firing up alert $name"
# change url o
curl -XPOST $url -d "[{
\"status\": \"firing\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""
echo "press enter to resolve alert"
read
echo "sending resolve"
curl -XPOST $url -d "[{
\"status\": \"resolved\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""

5
.bin/json2csv.jq
View File

@@ -1,5 +0,0 @@
#!/usr/bin/env -S jq -r -f
(map(keys) | add | unique) as $cols
| map(. as $row | $cols | map($row[.])) as $rows
| $cols, $rows[]
| @csv

1
.bin/mud.sh
View File

@@ -1 +0,0 @@
ssh mud@hotdog.r -t "MUD_NICKNAME=$LOGNAME mud"

6
.bin/mushakkil.sh
View File

@@ -1,6 +0,0 @@
#!/bin/sh
curl -sSL 'https://diac.alsharekh.org/Diac/DiacText' \
-H "Content-Type: application/json" \
--data-raw "$(jq --raw-input '{word: ., type: 1}')" \
--compressed \
| jq -r .diacWord

65
.bin/prospekte.sh
View File

@@ -1,65 +0,0 @@
#!/bin/sh
lidl() {
echo LIDL
curl -sSL 'https://endpoints.lidl-flyer.com/v3/region-overview/lidl/de-DE/0.json' \
| jq -r '
.categories
| map(select(.name == "Filial-Angebote") | .subcategories | map(.flyers))
| flatten
| flatten
| .[]
| .pdfUrl
'
}
aldi_nord() {
echo ALDI nord
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-aktuell/GetPDF.ashx'
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-vorschau/GetPDF.ashx'
}
rewe_berlin() {(
store_id=662366923
publisher_id=1062
echo REWE
curl -sSL 'https://www.bonialserviceswidget.de/de/stores/'$store_id'/brochures?storeId='$store_id'&publisherId='$publisher_id | while read -r brochure_id; do
curl -sSL 'https://www.bonialserviceswidget.de/de/v5/brochureDetails/'"$brochure_id"'?publisherId='$publisher_id | jq -r .pdfUrl
done
)}
kaufland() {(
region_code=8920
echo KAUFLAND
curl -sSL https://filiale.kaufland.de/prospekte.html | htmlq --attribute href '.flyer a' | grep -Eo 'DE_de_KDZ[^/]*' | sed "s/_3000_/_${region_code}_/" | while read -r flyer_id; do
curl -sSL "https://endpoints.leaflets.kaufland.com/v3/$flyer_id/flyer.json?regionCode=$region_code" | jq -r .flyer.pdfUrl
done
)}
netto_schwarz() {
echo 'NETTO (schwarz)'
curl -sSL 'https://squid-api.tjek.com/v2/catalogs?dealer_ids=90f2VL&order_by=created' \
| jq -r '.[] | .id' \
| while read -r flyer_id; do
curl -sSL "https://squid-api.tjek.com/v2/catalogs/$flyer_id/download" \
| jq -r .pdf_url
done
}
dir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$dir"
}
prospekt_url="$( (
lidl
aldi_nord
rewe_berlin
kaufland
netto_schwarz
) | fzf)"
curl -sSL "$prospekt_url" -o "$dir/prospekt.pdf"
zathura "$dir/prospekt.pdf"

16
.bin/screencap.sh
View File

@@ -1,16 +0,0 @@
#! /usr/bin/env nix-shell
#! nix-shell -i sh -p coreutils byzanz xorg.xwininfo gnused
# shellcheck shell=sh
# ref https://gist.github.com/aforemny/0994cb7f06ea30d56c8b9681ff5d2054
set -eux
eval "$(xwininfo | \
sed -n -e 's/^ \+Absolute upper-left X: \+\([0-9]\+\).*/x=\1/p' \
-e 's/^ \+Absolute upper-left Y: \+\([0-9]\+\).*/y=\1/p' \
-e 's/^ \+Width: \+\([0-9]\+\).*/w=\1/p' \
-e 's/^ \+Height: \+\([0-9]\+\).*/h=\1/p')"
trap "pkill -f 'sleep 360d'" INT
byzanz-record -e "sleep 360d" -c -x $x -y $y -w $w -h $h "$@"

49
.bin/space.py
View File

@@ -1,49 +0,0 @@
import ephem
from datetime import datetime, date, timedelta
now = datetime.now()
limit = now + timedelta(days=365)
def events_until(limit):
initial_date = ephem.Date(datetime.now())
events = {}
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_full_moon(now)
events[now] = "🌕"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_new_moon(now)
events[now] = "🌑"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_vernal_equinox(now)
events[now] = "spring equinox"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_autumnal_equinox(now)
events[now] = "fall equinox"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_winter_solstice(now)
events[now] = "winter solstice"
now = initial_date
while ephem.localtime(now) <= limit:
now = ephem.next_summer_solstice(now)
events[now] = "summer solstice"
return events
events = events_until(limit)
for date, event in sorted(events.items(), key=lambda x: x[0]):
if ephem.localtime(date) < limit:
print(ephem.localtime(date), event)

50
.bin/toposort.nix
View File

@@ -1,50 +0,0 @@
let
lib = import <nixpkgs/lib>;
in rec {
inherit lib;
input = [
{
x = ["pool" "zfs"];
y = ["mdadm" "raid1"];
}
{
x = ["pool" "zfs"];
y = ["disk" "sda"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdb"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdc"];
}
];
outNodes = node: graph:
lib.unique
(builtins.map (e: e.y)
(builtins.filter (v: v.x == node) graph));
vertices = graph:
lib.unique
(builtins.map (x: x.y) graph ++ builtins.map (x: x.x) graph);
deleteVertex = node: graph: (builtins.filter (v: v.x != node && v.y != node) graph);
findSink = graph:
lib.findFirst
(v: outNodes v graph == [])
(lib.trace graph (builtins.abort "No sink found"))
(vertices graph);
topSort = graph:
if graph == []
then []
else if builtins.length graph == 1
then let only = builtins.head graph; in [only.y only.x]
else let sink = findSink graph; in [sink] ++ topSort (deleteVertex sink graph);
output = topSort input;
}

18
.bin/ttrss-unread
View File

@@ -1,18 +0,0 @@
#/usr/bin/env -S deno run -A:q
set -x
session_cache="$HOME/.cache/tt-rss.session"
ttrss_endpoint=https://feed.kmein.de/api/
ttrss_user=k
ttrss_password=$(pass shared/tt-rss/password)
login() {
if [ -f "$session_cache" ]; then
session_id="$(cat "$session_cache")"
else
session_id="$(curl -d '{"op":"login","user":"'"$ttrss_user"'","password":"'"$ttrss_password"'"}' "$ttrss_endpoint" | jq -r .content.session_id)"
echo "$session_id" > "$session_cache"
fi
}
login
curl -d '{"sid":"'"$session_id"'","op":"getUnread"}' "$ttrss_endpoint" | jq .content

16
.bin/tuesday-1800
View File

@@ -1,16 +0,0 @@
#!/bin/sh
set -efux
expected_max_results=1024 # the upper bound on the number of restaurants
radius=250
echo '[out:json];node(id:260050809)->.cbase;
(
node(around.cbase:'$radius')[amenity=fast_food];
node(around.cbase:'$radius')[amenity=restaurant];
);out;' \
| curl -sSL -d @- -X POST http://overpass-api.de/api/interpreter \
| jq --argjson random "$(shuf -i 0-$expected_max_results -n 1)" '
.elements
| length as $length
| .[$random % $length]
'

8
.bin/unicode
View File

@@ -1,8 +0,0 @@
import sys
import unicodedata
for index, character in enumerate(sys.stdin.read().strip()):
try:
print(index, character, hex(ord(character)), unicodedata.category(character), unicodedata.name(character))
except:
print(index, character, hex(ord(character)))

26
.bin/watson2fdf.sh
View File

@@ -1,26 +0,0 @@
project=Filli
year=2022
for month in Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec; do
from="$(date +%F -d "$month 1, $year")"
to="$(date +%F -d "$month 1, $year + 1 month")"
watson report --json --from "$from" --to "$to" --project "$project"
done | jq --slurp '
def in_array($arr):
. as $value | any($arr[]; . == $value);
map(
["engadin-app","fysiweb","val-muestair","mia-engiadina","ol"] as $official_projects
| (.timespan.from | .[0:7]) as $timespan
| .projects | .[0]
| .time as $total_time
| .tags
| select(. != null)
| map(select(.name | in_array($official_projects)))
| (map(.time)|add) as $official_time
| map({key:.name, value:.time}) | from_entries
| .other |= ($total_time - $official_time)
| map_values(. / (60*60) | ceil)
| .month |= $timespan
)
'

19
.github/workflows/flake.yml vendored
View File

@@ -1,19 +0,0 @@
name: Update flake.lock
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '0 0 * * 0' # runs weekly on Sunday at 00:00
jobs:
lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install Nix
uses: cachix/install-nix-action@v16
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v3

14
.github/workflows/niveum.yml vendored
View File

@@ -1,14 +0,0 @@
name: CI
on:
push:
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
system: [makanek,manakish,kabsa,zaatar,ful]
steps:
- uses: actions/checkout@v2
- uses: cachix/install-nix-action@v16
- run: nix run .?submodules=1#apps.nixinate.${{matrix.system}}-dry-run

12
.gitmodules vendored
View File

@@ -1,3 +1,9 @@
[submodule "secrets"] [submodule "submodules/menstruation-telegram"]
path = secrets path = submodules/menstruation-telegram
url = ssh://gitea@code.kmein.de:22022/kfm/niveum-secrets.git url = https://github.com/kmein/menstruation-telegram
[submodule "submodules/menstruation-backend"]
path = submodules/menstruation-backend
url = https://github.com/kmein/menstruation.rs
[submodule "submodules/nur-packages"]
path = submodules/nur-packages
url = git@github.com:kmein/nur-packages.git

11
.versions/home-manager.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/nix-community/home-manager.git",
"rev": "697cc8c68ed6a606296efbbe9614c32537078756",
"date": "2021-12-19T00:59:29+01:00",
"path": "/nix/store/fb46bv10azrag2jjlzhil6j11f4x8glw-home-manager",
"sha256": "1c8gxm86zshr2zj9dvr02qs7y3m46gqavr6wyv01r09jfd99dxz9",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/krops.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.krebsco.de/krops",
"rev": "cccebf3ff7a53336b3f106cb96dddd5892d427ed",
"date": "2021-03-23T22:47:37+01:00",
"path": "/nix/store/mz13xxnil35lwsf90hwnrm2agir7hb51-krops",
"sha256": "07mg3iaqjf1w49vmwfchi7b1w55bh7rvsbgicp2m47gnj9alwdb6",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nix-writers.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.krebsco.de/nix-writers",
"rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71",
"date": "2019-04-02T20:05:33+02:00",
"path": "/nix/store/wm5zhsha1a2iy0d582nlfi7604ayd1vz-nix-writers",
"sha256": "0xdivaca1hgbxs79jw9sv4gk4f81vy8kcyaff56hh2dgq2awyvw4",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs-mozilla.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/mozilla/nixpkgs-mozilla",
"rev": "7c1e8b1dd6ed0043fb4ee0b12b815256b0b9de6f",
"date": "2021-12-07T09:28:33-05:00",
"path": "/nix/store/pqwcw589i2y2w2116wn3ifl834adjsa0-nixpkgs-mozilla",
"sha256": "1a71nfw7d36vplf89fp65vgj3s66np1dc0hqnqgj5gbdnpm1bihl",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs-unstable.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/NixOS/nixpkgs.git",
"rev": "f01adc7b35a8f80e82f3466e6d873b8b9c8f1b28",
"date": "2021-12-22T23:05:28+01:00",
"path": "/nix/store/zhfrvg77dzpc3hq02v9zv20dfgqwpzk6-nixpkgs",
"sha256": "17iyf2iiizi7c1wr71day3wvgalbkkm2zgc9lpy7y42rl4frq9sf",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/nixpkgs.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/NixOS/nixpkgs.git",
"rev": "9ab7d12287ced0e1b4c03b61c781901f178d9d77",
"date": "2021-12-21T10:09:48+01:00",
"path": "/nix/store/minmlh0avkwvvc3p7flhpbglp13kr585-nixpkgs",
"sha256": "0bbd2pgcyavqn5wgq0xp8p67lha0kv9iqnh49i9w5fb5g29q7i30",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/retiolum.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://github.com/krebs/retiolum",
"rev": "b72b0a987767b587c79cba8499b5114d69fceeef",
"date": "2021-12-28T19:46:45+00:00",
"path": "/nix/store/kyaqwf89v6id9mda92x4b0hf778j987x-retiolum",
"sha256": "19hjzzlfk1m9ign33w4ppqgmg23v7c6k8l0fm7f33spq8982w7rb",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

11
.versions/stockholm.json Normal file
View File

@@ -0,0 +1,11 @@
{
"url": "https://cgit.lassul.us/stockholm",
"rev": "576c05cf3a0ceddefa29c2d0073108177c3cfa52",
"date": "2021-12-22T13:59:46+01:00",
"path": "/nix/store/yx1j5pardgd9114f0cf3c4xjfq6r4yfv-stockholm",
"sha256": "18napi4k8i2iizrismlp9ha3ga6c3n2dvrhijy59kl1jxqrsaq9l",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

394
configs/aerc.nix
View File

@@ -1,394 +0,0 @@
{
pkgs,
config,
lib,
...
}: let
defaults = {
aerc.enable = true;
realName = "Kierán Meinhardt";
folders.inbox = "INBOX";
};
hu-defaults = {
imap.host = "mailbox.cms.hu-berlin.de";
imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 25;
smtp.tls.useStartTls = true;
};
in {
age.secrets = {
email-password-cock = {
file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fysi = {
file = ../secrets/email-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-posteo = {
file = ../secrets/email-password-posteo.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhark = {
file = ../secrets/email-password-meinhark.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhaki = {
file = ../secrets/email-password-meinhaki.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-dslalewa = {
file = ../secrets/email-password-dslalewa.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fsklassp = {
file = ../secrets/email-password-fsklassp.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
services.mbsync = {
enable = true;
frequency = "daily";
preExec = "${pkgs.coreutils}/bin/mkdir -p ${config.home-manager.users.me.accounts.email.maildirBasePath}";
postExec = "${pkgs.notmuch}/bin/notmuch new";
};
programs.notmuch = {
enable = true;
extraConfig = {
database.path = config.home-manager.users.me.accounts.email.maildirBasePath;
new.tags = "";
user.name = defaults.realName;
user.primary_email = config.home-manager.users.me.accounts.email.accounts.posteo.address;
};
};
programs.mbsync = {
enable = true;
extraConfig = lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: ''
IMAPAccount ${name}
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host ${account.imap.host}
PassCmd "${toString account.passwordCommand}"
User ${account.userName}
SSLType IMAPS
${lib.optionalString (lib.isInt account.imap.port) "Port ${toString account.imap.port}"}
IMAPStore ${name}-remote
Account ${name}
MaildirStore ${name}-local
Path ${config.home-manager.users.me.accounts.email.maildirBasePath}/${name}/
SubFolders Verbatim
Channel ${name}
Create Near
Expunge None
Far :${name}-remote:
Near :${name}-local:
Patterns *
Remove None
SyncState *
'')
config.home-manager.users.me.accounts.email.accounts);
};
accounts.email.accounts = rec {
hu-student =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhark";
address = "kieran.felix.meinhardt@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhark.path}";
});
hu-student-cs =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhark";
address = "kieran.felix.meinhardt@informatik.hu-berlin.de";
aliases = ["${userName}@informatik.hu-berlin.de"];
imap.host = "mailbox.informatik.hu-berlin.de";
smtp.host = "mailhost.informatik.hu-berlin.de";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhark.path}";
});
hu-employee =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhaki";
address = "kieran.meinhardt@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhaki.path}";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
${defaults.realName}
Studentische Hilfskraft / Administrator ALEW
Humboldt-Universität zu Berlin
Telefon: +49 (0)30 2093 9634
Raum 3.212, Dorotheenstraße 24, 10117 Berlin-Mitte
https://alew.hu-berlin.de
'';
};
});
hu-admin =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "dslalewa";
address = "admin.alew.vglsprwi@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-dslalewa.path}";
inherit (hu-employee) signature;
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
});
hu-fsi =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "fsklassp";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-fsklassp.path}";
address = "${userName}@hu-berlin.de";
realName = "FSI Klassische Philologie";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
Fachschafts-Initiative
Humboldt-Universität zu Berlin
Sprach- und literaturwissenschaftliche Fakultät
Institut für klassische Philologie
Unter den Linden 6
10099 Berlin
'';
};
});
fysi =
lib.recursiveUpdate defaults
rec {
address = "kieran@fysi.tech";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-fysi.path}";
flavor = "fastmail.com";
};
cock =
lib.recursiveUpdate defaults
rec {
address = "2210@cock.li";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-cock.path}";
realName = "";
imap.host = "mail.cock.li";
smtp.host = imap.host;
};
posteo =
lib.recursiveUpdate defaults
rec {
address = "kieran.meinhardt@posteo.net";
aliases = ["kmein@posteo.de"];
userName = address;
imap.host = "posteo.de";
smtp.host = imap.host;
primary = true;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-posteo.path}";
# himalaya = { enable = true; backend = "imap"; sender = "smtp"; };
};
};
# programs.himalaya.enable = true;
programs.aerc = {
enable = true;
extraBinds = {
# Binds are of the form <key sequence> = <command to run>
# To use '=' in a key sequence, substitute it with "Eq": "<Ctrl+Eq>"
# If you wish to bind #, you can wrap the key sequence in quotes: "#" = quit
global = {
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab <Enter>";
"<C-t>" = ":term<Enter>";
"?" = ":help keys<Enter>";
};
messages = {
q = ":quit<Enter>";
j = ":next <Enter>";
"<Down>" = ":next<Enter>";
"<C-d>" = ":next 50%<Enter>";
"<C-f>" = ":next 100%<Enter>";
"<PgDn>" = ":next 100%<Enter>";
k = ":prev <Enter>";
"<Up>" = ":prev<Enter>";
"<C-u>" = ":prev 50%<Enter>";
"<C-b>" = ":prev 100%<Enter>";
"<PgUp>" = ":prev 100%<Enter>";
g = ":select 0 <Enter>";
G = ":select -1<Enter>";
J = ":next-folder <Enter>";
K = ":prev-folder<Enter>";
H = ":collapse-folder<Enter>";
L = ":expand-folder<Enter>";
"<space>" = ":read -t<Enter>:next<Enter>";
v = ":mark -t<Enter>";
V = ":mark -v<Enter>";
F = ":flag -t<Enter>";
T = ":toggle-threads<Enter>";
"<Enter>" = ":view<Enter>";
d = ":prompt 'Delete? ' 'delete-message'<Enter>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
C = ":compose<Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
c = ":cf<space>";
"$" = ":term<space>";
"!" = ":term<space>";
"|" = ":pipe<space>";
"/" = ":search<space>";
"\\" = ":filter <space>";
n = ":next-result<Enter>";
N = ":prev-result<Enter>";
"<Esc>" = ":clear<Enter>";
"*" = ":filter -x Flagged<Enter>";
};
view = {
"/" = ":toggle-key-passthrough <Enter> /";
q = ":close<Enter>";
O = ":open<Enter>";
S = ":save<space>";
"|" = ":pipe<space>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
"<C-l>" = ":open-link <space>";
f = ":forward <Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
H = ":toggle-headers<Enter>";
"<C-k>" = ":prev-part<Enter>";
"<C-j>" = ":next-part<Enter>";
J = ":next <Enter>";
K = ":prev<Enter>";
};
"view::passthrough" = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<Esc>" = ":toggle-key-passthrough<Enter>";
};
compose = {
# Keybindings used when the embedded terminal is not selected in the compose
# view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<tab>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::editor" = {
# Keybindings used when the embedded terminal is selected in the compose view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::review" = {
# Keybindings used when reviewing a message to be sent
y = ":send <Enter>";
n = ":abort<Enter>";
p = ":postpone<Enter>";
q = ":choose -o d discard abort -o p postpone postpone<Enter>";
e = ":edit<Enter>";
a = ":attach<space>";
d = ":detach<space>";
};
terminal = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
};
extraConfig = {
ui.sort = "-r date";
ui.timestamp-format = "2006-01-02 15:04";
ui.mouse-enabled = true;
ui.spinner = ". , .";
general.unsafe-accounts-conf = true;
general.pgp-provider = "gpg";
viewer = {pager = "${pkgs.less}/bin/less -R";};
compose = {
address-book-cmd = "khard email --remove-first-line --parsable '%s'";
no-attachment-warning = "(attach|attached|attachments?|anbei|Anhang|angehängt)";
};
filters = {
"text/plain" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"text/calendar" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/calendar";
"text/html" = "${pkgs.aerc}/share/aerc/filters/html"; # Requires w3m, dante
# "text/html" =
# "${pkgs.aerc}/share/aerc/filters/html | ${pkgs.aerc}/share/aerc/filters/colorize";
# "text/*" =
# ''${pkgs.bat}/bin/bat -fP --file-name="$AERC_FILENAME "'';
"message/delivery-status" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"message/rfc822" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"application/x-sh" = "${pkgs.bat}/bin/bat -fP -l sh";
};
openers = let
as-pdf = pkgs.writers.writeDash "as-pdf" ''
d=$(mktemp -d)
trap clean EXIT
clean() {
rm -rf "$d"
}
${pkgs.libreoffice}/bin/libreoffice --headless --convert-to pdf "$1" --outdir "$d"
${pkgs.zathura}/bin/zathura "$d"/*.pdf
'';
in {
"image/*" = "${pkgs.nsxiv}/bin/nsxiv";
"application/pdf" = "${pkgs.zathura}/bin/zathura";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = toString as-pdf;
"application/vnd.oasis.opendocument.text" = toString as-pdf;
"video/*" = "${pkgs.mpv}/bin/mpv";
"audio/*" = "${pkgs.mpv}/bin/mpv";
};
};
templates = {
# new_message = "hello!";
};
};
};
}

61
configs/alacritty.nix
View File

@@ -1,22 +1,28 @@
{ pkgs, lib, config, ... }:
{ {
pkgs, environment.variables.TERMINAL = "alacritty";
lib,
config, environment.systemPackages = [
... pkgs.alacritty
}: let ];
alacritty-cfg = theme:
(pkgs.formats.yaml {}).generate "alacritty.yml" { home-manager.users.me.xdg.configFile =
window.opacity = 0.99; let
bell = { inherit (import <niveum/lib>) colours;
animation = "EaseOut"; colourNames = [ "black" "red" "green" "yellow" "blue" "magenta" "cyan" "white" ];
duration = 100; colourPairs = lib.getAttrs colourNames colours;
color = "#ffffff"; in {
"alacritty/alacritty.yml".source = (pkgs.formats.yaml {}).generate "alacritty.yml" {
background_opacity = 0.9;
colors = {
primary = { inherit (colours) background foreground; };
normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
}; };
font = { font = {
normal.family = "Monospace"; normal.family = "Monospace";
size = 6; size = 6;
}; };
live_config_reload = true;
key_bindings = [ key_bindings = [
{ {
key = "Plus"; key = "Plus";
@@ -34,35 +40,6 @@
action = "ResetFontSize"; action = "ResetFontSize";
} }
]; ];
colors = let
colourNames = ["black" "red" "green" "yellow" "blue" "magenta" "cyan" "white"];
colourPairs = lib.getAttrs colourNames theme;
in {
primary = {inherit (theme) background foreground;};
cursor = {inherit (theme) cursor;};
normal = lib.mapAttrs (_: colour: colour.dark) colourPairs;
bright = lib.mapAttrs (_: colour: colour.bright) colourPairs;
}; };
}; };
alacritty-pkg = pkgs.symlinkJoin {
name = "alacritty";
paths = [
(pkgs.writers.writeDashBin "alacritty" ''
${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml msg create-window "$@" ||
${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml "$@"
'')
pkgs.alacritty
];
};
in {
environment.variables.TERMINAL = "alacritty";
environment.systemPackages = [
alacritty-pkg
];
environment.etc = {
"themes/dark/alacritty.yml".source = alacritty-cfg (import ../lib/colours/owickstrom-dark.nix);
"themes/light/alacritty.yml".source = alacritty-cfg (import ../lib/colours/owickstrom-light.nix);
};
} }

53
configs/backup.nix
View File

@@ -1,53 +0,0 @@
{
pkgs,
config,
...
}: let
inherit (import ../lib) restic;
in {
services.restic.backups.niveum = {
initialize = true;
inherit (restic) repository;
timerConfig = {
OnCalendar = "8:00";
RandomizedDelaySec = "1h";
};
passwordFile = config.age.secrets.restic.path;
extraBackupArgs = [
"--exclude=/home/kfm/projects/nixpkgs/.git"
"--exclude=node_modules"
];
paths = [
"/home/kfm/work"
"/home/kfm/projects"
"/home/kfm/notes"
"/home/kfm/Maildir"
"/home/kfm/cloud"
"/home/kfm/.gnupg"
"/home/kfm/.ssh"
"/mnt/sd-card/music"
"/mnt/sd-card/Books"
];
};
systemd.services.restic-backups-niveum.serviceConfig = {
Restart = "on-failure";
RestartSec = "15s";
StartLimitIntervalSec = "1m"; # don't try more than 4 times
StartLimitBurst = 4;
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "restic-niveum" ''
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} "$@"
'')
(pkgs.writers.writeDashBin "restic-mount" ''
mountdir=$(mktemp -d)
trap clean EXIT
clean() {
rm -r "$mountdir"
}
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} mount "$mountdir"
'')
];
}

9
configs/battery.nix
View File

@@ -1,14 +1,11 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
boot.extraModulePackages = with config.boot.kernelPackages; [ boot.extraModulePackages = with config.boot.kernelPackages; [
tp_smapi tp_smapi
acpi_call acpi_call
]; ];
boot.kernelModules = ["tp_smapi" "acpi_call"]; boot.kernelModules = [ "tp_smapi" "acpi_call" ];
environment.systemPackages = [pkgs.tpacpi-bat pkgs.powertop]; environment.systemPackages = [ pkgs.tpacpi-bat ];
services.tlp = { services.tlp = {
enable = true; enable = true;

9
configs/beets.nix
View File

@@ -1,14 +1,11 @@
{ lib, pkgs, ... }:
{ {
lib, environment.systemPackages = [ pkgs.beets ];
pkgs,
...
}: {
environment.systemPackages = [pkgs.beets];
home-manager.users.me.xdg.configFile = { home-manager.users.me.xdg.configFile = {
"beets/config.yaml".source = (pkgs.formats.yaml {}).generate "config.yaml" { "beets/config.yaml".source = (pkgs.formats.yaml {}).generate "config.yaml" {
directory = "~/cloud/syncthing/music"; directory = "~/cloud/syncthing/music";
library = "~/cloud/syncthing/common/music.db"; library = "~/cloud/syncthing/common/music.db";
plugins = toString ["fetchart" "lastgenre"]; plugins = toString [ "fetchart" "lastgenre" ];
}; };
}; };
} }

14
configs/bluetooth.nix
View File

@@ -1,17 +1,11 @@
{ { pkgs, lib, ... }: {
pkgs,
lib,
...
}: {
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
settings.General.Enable = settings.General.Enable =
lib.concatStringsSep "," ["Source" "Sink" "Media" "Socket"]; lib.concatStringsSep "," [ "Source" "Sink" "Media" "Socket" ];
}; };
services.blueman.enable = true; environment.systemPackages = [ pkgs.blueman ];
# environment.systemPackages = [pkgs.blueman]; home-manager.users.me = { services.blueman-applet.enable = false; };
home-manager.users.me = {services.blueman-applet.enable = true;};
} }

57
configs/bvg.nix Normal file
View File

@@ -0,0 +1,57 @@
{ pkgs, lib, ... }:
let
inherit (import <niveum/lib>) serveHtml;
stations = [
900068204 # A/M
900068302 # KAS
900068203 # B-P
];
fahrplan = pkgs.writeText "fahrplan.html" ''
<!DOCTYPE html>
<title>Fahrplan</title>
<link
rel="icon"
type="image/x-icon"
href="https://mobil.bvg.de/Fahrinfo/img/ua_xhtml/logo.gif"
/>
<style>
body {
margin: 0;
--bvg-yellow: #f0d722;
}
#fahrplan {
display: flex;
height: 100vh;
width: 100%;
flex-direction: row;
}
#fahrplan iframe {
flex-grow: 1;
border: none;
}
#fahrplan iframe + iframe {
border-left: 2px solid var(--bvg-yellow);
}
</style>
<body>
<div id="fahrplan">
${lib.concatMapStrings (station: ''
<iframe scrolling="no" src="https://mobil.bvg.de/Fahrinfo/bin/stboard.bin/dox?ld=0.1&input=${toString station}&boardType=depRT&start=yes"></iframe>
'') stations}
</div>
</body>
'';
in
{
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."bvg.kmein.r" = {
locations."/".extraConfig = serveHtml fahrplan pkgs;
};
}

4
configs/ccc.nix
View File

@@ -1,4 +1,4 @@
{pkgs, ...}: { pkgs, ... }:
# https://paste.sr.ht/~erictapen/11716989e489b600f237041b6d657fdf0ee17b34 # https://paste.sr.ht/~erictapen/11716989e489b600f237041b6d657fdf0ee17b34
let let
certificate = pkgs.stdenv.mkDerivation rec { certificate = pkgs.stdenv.mkDerivation rec {
@@ -7,7 +7,7 @@ let
1,/DST Root CA X3/d 1,/DST Root CA X3/d
1,/-----END CERTIFICATE-----/p 1,/-----END CERTIFICATE-----/p
''; '';
nativeBuildInputs = with pkgs; [cacert gnused]; nativeBuildInputs = with pkgs; [ cacert gnused ];
phases = "installPhase"; phases = "installPhase";
installPhase = '' installPhase = ''
${pkgs.gnused}/bin/sed -n -f $src ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt > $out ${pkgs.gnused}/bin/sed -n -f $src ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt > $out

89
configs/chromium.nix
View File

@@ -1,97 +1,16 @@
{ { pkgs, ... }: {
pkgs,
config,
...
}: {
programs.chromium = { programs.chromium = {
enable = true; enable = true;
extensions = [ extensions = [
"nngceckbapebfimnlniiiahkandclblb" # BitWarden
# "ihlenndgcmojhcghmfjfneahoeklbjjh" # cVim # "ihlenndgcmojhcghmfjfneahoeklbjjh" # cVim
# "fpnmgdkabkmnadcjpehmlllkndpkmiak" # Wayback Machine # "fpnmgdkabkmnadcjpehmlllkndpkmiak" # Wayback Machine
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin "cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
"pjjgklgkfeoeiebjogplpnibpfnffkng" # undistracted "khncfooichmfjbepaaaebmommgaepoid" # Remove YouTube Recommended Videos
"nhdogjmejiglipccpnnnanhbledajbpd" # vuejs devtools
"eimadpbcbfnmbkopoojfekhnkhdbieeh" # dark reader
]; ];
}; };
home-manager.users.me = { environment.systemPackages = [ pkgs.chromium pkgs.brave ];
programs.firefox = {
enable = true;
package = pkgs.firefox.override {
cfg = {
enableTridactylNative = true;
};
};
profiles = let
defaultSettings = {
"beacon.enabled" = false;
"browser.bookmarks.showMobileBookmarks" = true;
"browser.newtab.preload" = false;
"browser.search.isUS" = false;
"browser.search.region" = "DE";
"browser.send_pings" = false;
"browser.shell.checkDefaultBrowser" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.uidensity" = 1;
"browser.urlbar.placeholderName" = "Search";
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"distribution.searchplugins.defaultLocale" = "de-DE";
"general.smoothScroll" = true;
"identity.fxaccounts.account.device.name" = config.networking.hostName;
"network.cookie.cookieBehavior" = 1;
"privacy.donottrackheader.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.pbmode.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.declinedEngines" = "passwords";
"services.sync.engine.passwords" = false;
"signon.autofillForms" = false;
"signon.rememberSignons" = false;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.cachedClientID" = "";
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
"ui.prefersReducedMotion" = 1;
};
in {
default = {
id = 0;
isDefault = true;
settings = defaultSettings;
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
# ublock-origin
# darkreader
# sponsorblock
# consent-o-matic
# i-dont-care-about-cookies
# # auto-tab-discard TODO what is this
# ];
userChrome = ''
#TabsToolbar {
visibility: collapse !important;
}
'';
};
};
};
};
environment.systemPackages = [pkgs.brave];
environment.variables.BROWSER = "brave"; environment.variables.BROWSER = "brave";
} }

7
configs/clipboard.nix
View File

@@ -1,7 +0,0 @@
{
config,
pkgs,
...
}: {
services.clipmenu.enable = true;
}

115
configs/cloud.nix
View File

@@ -1,64 +1,12 @@
{ { config, lib, pkgs, ... }: {
config, system.activationScripts.home-symlinks = ''
lib, ln -sfn ${config.users.users.me.home}/cloud/syncthing/common/mahlzeit ${config.users.users.me.home}/mahlzeit
pkgs, ln -sfn ${config.users.users.me.home}/cloud/Seafile/Wiki ${config.users.users.me.home}/notes
... ln -sfn ${config.users.users.me.home}/cloud/Seafile/Uni ${config.users.users.me.home}/uni
}: let '';
inherit (import ../lib) tmpfilesConfig;
in {
systemd.tmpfiles.rules = map tmpfilesConfig [
{
type = "L+";
user = config.users.users.me.name;
group = "users";
mode = "0755";
argument = "${config.users.users.me.home}/cloud/Seafile/Uni";
path = "${config.users.users.me.home}/uni";
}
{
type = "L+";
user = config.users.users.me.name;
group = "users";
mode = "0755";
argument = "${config.users.users.me.home}/cloud/syncthing/common/mahlzeit";
path = "${config.users.users.me.home}/mahlzeit";
}
];
home-manager.users.me = { home-manager.users.me = {
services.gnome-keyring.enable = false; services.nextcloud-client.enable = true;
services.nextcloud-client = {
enable = false;
startInBackground = true;
};
systemd.user.services.nextcloud-client = {
Unit = {
Wants = ["gnome-keyring.service"];
After = ["gnome-keyring.service"];
};
};
};
systemd.user.services.nextcloud-syncer = {
enable = true;
wants = ["network-online.target"];
wantedBy = ["default.target"];
startAt = "*:00/10";
script = let
kieran = {
user = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path;
endpoint = "https://cloud.xn--kiern-0qa.de";
target = "${config.users.users.me.home}/notes";
};
in ''
mkdir -p ${lib.escapeShellArg kieran.target}
${pkgs.nextcloud-client}/bin/nextcloudcmd --non-interactive --user ${kieran.user} --password "$(cat ${kieran.passwordFile})" --path /Notes ${lib.escapeShellArg kieran.target} ${kieran.endpoint}
'';
serviceConfig = {
Type = "oneshot";
Restart = "on-failure";
};
}; };
environment.systemPackages = [ environment.systemPackages = [
@@ -68,41 +16,10 @@ in {
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/syncthing/library -type f ${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/syncthing/library -type f
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/Seafile/Books -type f ${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/Seafile/Books -type f
} | ${pkgs.fzf}/bin/fzf)" } | ${pkgs.fzf}/bin/fzf)"
exec ${pkgs.zathura}/bin/zathura "$book" ${pkgs.zathura}/bin/zathura "$book"
'')
(let
kieran = {
user = "kieran.meinhardt@gmail.com";
passwordFile = config.age.secrets.mega-password.path;
};
megatools = command: ''${pkgs.megatools}/bin/megatools ${command} --username ${lib.escapeShellArg kieran.user} --password "$(cat ${kieran.passwordFile})"'';
in
pkgs.writers.writeDashBin "book-mega" ''
set -efu
selection="$(${megatools "ls"} | ${pkgs.fzf}/bin/fzf)"
test -n "$selection" || exit 1
tmpdir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$tmpdir"
}
(
cd "$tmpdir"
${megatools "get"} "$selection"
exec ${pkgs.zathura}/bin/zathura "$(basename "$selection")"
)
'') '')
]; ];
age.secrets.mega-password = {
file = ../secrets/mega-password.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
fileSystems."/media/moodle" = { fileSystems."/media/moodle" = {
device = "zaatar.r:/moodle"; device = "zaatar.r:/moodle";
fsType = "nfs"; fsType = "nfs";
@@ -119,17 +36,17 @@ in {
openDefaultPorts = true; openDefaultPorts = true;
configDir = "/home/kfm/.config/syncthing"; configDir = "/home/kfm/.config/syncthing";
dataDir = "/home/kfm/.config/syncthing"; dataDir = "/home/kfm/.config/syncthing";
cert = config.age.secrets.syncthing-cert.path; cert = toString <system-secrets/syncthing/cert.pem>;
key = config.age.secrets.syncthing-key.path; key = toString <system-secrets/syncthing/key.pem>;
inherit ((import ../lib).syncthing) devices; inherit ((import ../lib).syncthing) devices;
folders = let folders =
cloud-dir = "${config.users.users.me.home}/cloud"; let cloud-dir = "${config.users.users.me.home}/cloud";
in { in {
"${cloud-dir}/syncthing/common".devices = ["kabsa" "manakish"]; "${cloud-dir}/syncthing/common".devices = [ "kabsa" "manakish" ];
"${cloud-dir}/syncthing/library".devices = ["kabsa" "manakish" "heym"]; "${cloud-dir}/syncthing/library".devices = [ "kabsa" "manakish" "heym" ];
"${cloud-dir}/syncthing/mundoiu".devices = ["kabsa" "manakish" "heym"]; "${cloud-dir}/syncthing/mundoiu".devices = [ "kabsa" "manakish" "heym" ];
"${cloud-dir}/syncthing/music" = { "${cloud-dir}/syncthing/music" = {
devices = ["kabsa" "manakish" "heym" "zaatar"]; devices = [ "kabsa" "manakish" "heym" "zaatar" ];
id = "music"; id = "music";
}; };
}; };

8
configs/compton.nix Normal file
View File

@@ -0,0 +1,8 @@
{
services.compton = {
enable = true;
shadow = true;
menuOpacity = 0.9;
shadowOpacity = 0.3;
};
}

37
configs/copyq.nix Normal file
View File

@@ -0,0 +1,37 @@
{ config, pkgs, ... }:
let
copyqConfig = pkgs.writers.writeDash "copyq-config" ''
${pkgs.copyq}/bin/copyq config check_clipboard true
${pkgs.copyq}/bin/copyq config check_selection false
${pkgs.copyq}/bin/copyq config copy_clipboard true
${pkgs.copyq}/bin/copyq config copy_selection false
${pkgs.copyq}/bin/copyq config activate_closes true
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
${pkgs.copyq}/bin/copyq config clipboard_tab \&clipboard
${pkgs.copyq}/bin/copyq config disable_tray false
${pkgs.copyq}/bin/copyq config hide_tabs false
${pkgs.copyq}/bin/copyq config hide_toolbar false
${pkgs.copyq}/bin/copyq config item_popup_interval true
${pkgs.copyq}/bin/copyq config maxitems 1000
${pkgs.copyq}/bin/copyq config move true
${pkgs.copyq}/bin/copyq config text_wrap true
'';
in {
environment.systemPackages = [ pkgs.copyq ];
systemd.user.services.copyq = {
wantedBy = [ "graphical-session.target" ];
environment = {
DISPLAY = ":${toString config.services.xserver.display}";
};
serviceConfig = {
SyslogIdentifier = "copyq";
ExecStart = "${pkgs.copyq}/bin/copyq";
ExecStartPost = copyqConfig;
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
}

199
configs/default.nix
View File

@@ -1,62 +1,48 @@
{ { pkgs, lib, config, options, ... }:
pkgs, let
lib,
config,
niveumPackages,
inputs,
...
}: let
inherit (lib.strings) makeBinPath; inherit (lib.strings) makeBinPath;
inherit (import ../lib) localAddresses kieran; inherit (import ../lib) localAddresses kieran;
defaultApplications = (import ../lib).defaultApplications {inherit pkgs;};
in { in {
imports = [ imports = [
inputs.self.nixosModules.system-dependent ../modules/system-dependent.nix
inputs.self.nixosModules.traadfri
inputs.self.nixosModules.power-action
{ {
boot.supportedFilesystems = ["ntfs"]; boot.supportedFilesystems = [ "ntfs" ];
}
{
nix.nixPath = [
"/var/src"
"nixpkgs-overlays=${toString ../overlays}"
];
} }
{ {
nixpkgs = { nixpkgs = {
config = { config = {
allowUnfree = true; allowUnfree = true;
packageOverrides = pkgs: { packageOverrides = pkgs: {
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"''; writeDashBin = pkgs.writers.writeDashBin;
writeDash = pkgs.writers.writeDash;
gfs-fonts = pkgs.callPackage <niveum/packages/gfs-fonts.nix> {};
iolanguage = pkgs.callPackage <niveum/packages/iolanguage.nix> { };
ix = pkgs.callPackage <niveum/packages/ix.nix> { };
}; };
permittedInsecurePackages = [ };
"qtwebkit-5.212.0-alpha4" overlays = [
(self: super: {
scripts = import ../packages/scripts { pkgs = super; lib = super.lib; };
})
]; ];
}; };
};
} }
{ {
boot.cleanTmpDir = true; boot.cleanTmpDir = true;
boot.loader.timeout = 1; boot.loader.timeout = 1;
} }
{
age.secrets = {
di-fm-key = {
file = ../secrets/di-fm-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
restic = {
file = ../secrets/restic.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
}
{ {
home-manager.users.me = { home-manager.users.me = {
programs.zathura = { programs.zathura = {
enable = true; enable = true;
options = { options = {
selection-clipboard = "clipboard"; selection-clipboard = "clipboard";
recolor-keephue = true;
# first-page-column = "1:1"; # makes side-by-side mode start on the left side # first-page-column = "1:1"; # makes side-by-side mode start on the left side
}; };
}; };
@@ -70,15 +56,42 @@ in {
users.users.me = { users.users.me = {
name = "kfm"; name = "kfm";
description = kieran.name; description = kieran.name;
hashedPassword = "$6$w9hXyGFl/.IZBXk$5OiWzS1G.5hImhh1YQmZiCXYNAJhi3X6Y3uSLupJNYYXPLMsQpx2fwF4Xr2uYzGMV8Foqh8TgUavx1APD9rcb/"; hashedPassword =
"$6$w9hXyGFl/.IZBXk$5OiWzS1G.5hImhh1YQmZiCXYNAJhi3X6Y3uSLupJNYYXPLMsQpx2fwF4Xr2uYzGMV8Foqh8TgUavx1APD9rcb/";
isNormalUser = true; isNormalUser = true;
uid = 1000; uid = 1000;
}; };
home-manager.users.me.xdg.enable = true; home-manager.users.me.xdg.enable = true;
home-manager.users.me.dconf.enable = false;
} }
{ {
environment.interactiveShellInit = "export PATH=$PATH:$HOME/projects/niveum"; sound.enable = true;
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
extraModules = [ pkgs.pulseaudio-modules-bt ];
# copy server:/run/pulse/.config/pulse/cookie to client:~/.config/pulse/cookie to authenticate a client machine
zeroconf.discovery.enable = true;
extraConfig = ''
load-module ${toString [
"module-tunnel-sink-new"
"server=zaatar.r"
"sink_name=zaatar"
"channels=2"
"rate=44100"
]}
'';
};
users.users.me.extraGroups = [ "audio" ];
environment.systemPackages = [ pkgs.pavucontrol pkgs.ncpamixer pkgs.pamixer pkgs.pulsemixer ];
}
{
environment.interactiveShellInit =
"export PATH=$PATH:$HOME/projects/niveum";
environment.shellAliases = let environment.shellAliases = let
wcd = pkgs.writers.writeDash "wcd" '' wcd = pkgs.writers.writeDash "wcd" ''
cd "$(readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname)/.." cd "$(readlink "$(${pkgs.which}/bin/which --skip-alias "$1")" | xargs dirname)/.."
@@ -89,17 +102,14 @@ in {
take = pkgs.writers.writeDash "take" '' take = pkgs.writers.writeDash "take" ''
mkdir "$1" && cd "$1" mkdir "$1" && cd "$1"
''; '';
cdt = pkgs.writers.writeDash "cdt" '' swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
cd "$(mktemp -d)"
pwd
'';
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
in { in {
"ß" = "${pkgs.util-linux}/bin/setsid"; "ß" = "${pkgs.utillinux}/bin/setsid";
cat = "${pkgs.bat}/bin/bat --style=plain"; cat = "${pkgs.bat}/bin/bat --style=plain";
chromium-incognito = "chromium --user-data-dir=$(mktemp -d /tmp/chr.XXXXXX) --no-first-run --incognito"; chromium-incognito =
"chromium --user-data-dir=$(mktemp -d /tmp/chr.XXXXXX) --no-first-run --incognito";
cp = "cp --interactive"; cp = "cp --interactive";
ip = "${pkgs.iproute2}/bin/ip -c"; ip = "${pkgs.iproute}/bin/ip -c";
l = "ls --color=auto --time-style=long-iso --almost-all"; l = "ls --color=auto --time-style=long-iso --almost-all";
ls = "ls --color=auto --time-style=long-iso"; ls = "ls --color=auto --time-style=long-iso";
ll = "ls --color=auto --time-style=long-iso -l"; ll = "ls --color=auto --time-style=long-iso -l";
@@ -107,31 +117,26 @@ in {
mv = "mv --interactive"; mv = "mv --interactive";
nixi = "nix repl '<nixpkgs>'"; nixi = "nix repl '<nixpkgs>'";
ns = "nix-shell --run zsh"; ns = "nix-shell --run zsh";
o = "${pkgs.xdg-utils}/bin/xdg-open"; o = "${pkgs.xdg_utils}/bin/xdg-open";
pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in"; pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in";
pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out"; pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out";
rm = "rm --interactive"; rm = "rm --interactive";
s = "${pkgs.systemd}/bin/systemctl"; s = "${pkgs.systemd}/bin/systemctl";
take = "source ${take}"; take = "source ${take}";
cdt = "source ${cdt}";
vit = "$EDITOR $(mktemp)";
tmux = "${pkgs.tmux}/bin/tmux -2"; tmux = "${pkgs.tmux}/bin/tmux -2";
sxiv = swallow "${pkgs.nsxiv}/bin/nsxiv"; sxiv = swallow "${pkgs.sxiv}/bin/sxiv";
zathura = swallow "${pkgs.zathura}/bin/zathura"; zathura = swallow "${pkgs.zathura}/bin/zathura";
us = "${pkgs.systemd}/bin/systemctl --user"; us = "${pkgs.systemd}/bin/systemctl --user";
wcd = "source ${wcd}"; wcd = "source ${wcd}";
im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM"; im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
where = "source ${where}"; where = "source ${where}";
yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link yt =
yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -xic"; # Download with audio "${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -ic"; # Download video link
}; yta =
} "${pkgs.youtube-dl}/bin/youtube-dl --add-metadata -xic"; # Download with audio
{
i18n = {
defaultLocale = "en_DK.UTF-8";
supportedLocales = ["all"];
}; };
} }
{ i18n.defaultLocale = "en_GB.UTF-8"; }
{ {
services.xserver = { services.xserver = {
enable = true; enable = true;
@@ -144,7 +149,7 @@ in {
enable = true; enable = true;
greeters.gtk = { greeters.gtk = {
enable = true; enable = true;
indicators = ["~spacer" "~host" "~spacer" "~session" "~power"]; indicators = [ "~spacer" "~host" "~spacer" "~session" "~power" ];
}; };
}; };
}; };
@@ -153,33 +158,24 @@ in {
{ {
security.wrappers = { security.wrappers = {
pmount = { pmount = {
setuid = true;
owner = "root"; owner = "root";
group = "root"; group = "users";
source = "${pkgs.pmount}/bin/pmount"; source = "${pkgs.pmount}/bin/pmount";
}; };
pumount = { pumount = {
setuid = true;
owner = "root"; owner = "root";
group = "root"; group = "users";
source = "${pkgs.pmount}/bin/pumount"; source = "${pkgs.pmount}/bin/pumount";
}; };
}; };
} }
{programs.command-not-found.enable = true;} { programs.command-not-found.enable = true; }
{ {
home-manager.users.me = { programs.gnupg.agent.enable = true;
services.gpg-agent = rec {
enable = true;
enableZshIntegration = true;
defaultCacheTtl = 2 * 60 * 60;
maxCacheTtl = 4 * defaultCacheTtl;
};
};
environment.systemPackages = [ environment.systemPackages = [
pkgs.gnupg pkgs.gnupg
(pkgs.pass.withExtensions (e: [e.pass-otp e.pass-import e.pass-genphrase])) (pkgs.pass.withExtensions (e: [e.pass-otp]))
]; ];
} }
{ {
@@ -192,52 +188,29 @@ in {
}; };
} }
{ {
networking.hosts = networking.hosts = lib.mapAttrs' (name: address: {
lib.mapAttrs' (name: address: {
name = address; name = address;
value = ["${name}.local"]; value = [ "${name}.local" ];
}) }) localAddresses;
localAddresses;
}
{
home-manager.users.me.home.stateVersion = "22.05";
}
{
systemd.user.services.udiskie = {
after = ["udisks2.service"];
wants = ["udisks2.service"];
wantedBy = ["graphical-session.target"];
serviceConfig = {
ExecStart = "${pkgs.udiskie}/bin/udiskie --verbose --no-config --notify";
};
};
services.udisks2.enable = true;
programs.dconf.enable = true;
home-manager.users.me = {
dconf.enable = true;
dconf.settings = {
# Change the default terminal for Nemo
"org/cinnamon/desktop/applications/terminal".exec = defaultApplications.terminal;
};
};
} }
./alacritty.nix ./alacritty.nix
./backup.nix
./bash.nix ./bash.nix
./beets.nix ./beets.nix
./bluetooth.nix ./bluetooth.nix
./aerc.nix
./ccc.nix ./ccc.nix
# ./kleiter.nix
./khal.nix ./khal.nix
./chromium.nix ./chromium.nix
./clipboard.nix
./cloud.nix ./cloud.nix
./copyq.nix
./compton.nix
./direnv.nix ./direnv.nix
./docker.nix ./docker.nix
./dunst.nix ./dunst.nix
./flix.nix ./flix.nix
./fonts.nix ./fonts.nix
./fzf.nix ./fzf.nix
./gaslight.nix
./git.nix ./git.nix
./hledger.nix ./hledger.nix
./htop.nix ./htop.nix
@@ -247,18 +220,16 @@ in {
./lb.nix ./lb.nix
./mpv.nix ./mpv.nix
./mime.nix ./mime.nix
./nano.nix
./neovim.nix ./neovim.nix
./nix.nix ./neomutt.nix
./newsboat.nix ./newsboat.nix
./flameshot.nix ./flameshot-once.nix
./packages.nix ./packages
./picom.nix # ./power-action.nix
./stardict.nix
./polkit.nix
./power-action.nix
./printing.nix ./printing.nix
# ./openweathermap.nix ./openweathermap.nix
./wallpaper.nix # ./wallpaper.nix
./redshift.nix ./redshift.nix
./retiolum.nix ./retiolum.nix
./rofi.nix ./rofi.nix
@@ -266,16 +237,16 @@ in {
./seafile.nix ./seafile.nix
./ssh.nix ./ssh.nix
./sshd.nix ./sshd.nix
./sound.nix
./sudo.nix ./sudo.nix
./themes.nix ./sxiv.nix
./theming.nix
./tmux.nix ./tmux.nix
# ./tor.nix
./traadfri.nix ./traadfri.nix
./unclutter.nix ./unclutter.nix
./version.nix
./vscode.nix ./vscode.nix
./watson.nix ./watson.nix
./zsh.nix ./zsh.nix
./tor.nix
./mastodon-bot.nix
]; ];
} }

11
configs/direnv.nix
View File

@@ -1,4 +1,5 @@
{pkgs, ...}: let { pkgs, ... }:
let
nixify = pkgs.writers.writeDashBin "nixify" '' nixify = pkgs.writers.writeDashBin "nixify" ''
set -efuC set -efuC
@@ -10,25 +11,25 @@
cat > shell.nix <<'EOF' cat > shell.nix <<'EOF'
{ pkgs ? import <nixpkgs> {} }: { pkgs ? import <nixpkgs> {} }:
pkgs.mkShell { pkgs.mkShell {
packages = []; buildInputs = [];
} }
EOF EOF
''${EDITOR:-vim} shell.nix ''${EDITOR:-vim} shell.nix
fi fi
''; '';
in { in {
environment.systemPackages = [pkgs.direnv nixify]; environment.systemPackages = [ pkgs.direnv nixify ];
home-manager.users.me.programs.direnv = { home-manager.users.me.programs.direnv = {
enable = true; enable = true;
stdlib = builtins.readFile "${ stdlib = builtins.readFile ("${
pkgs.fetchFromGitHub { pkgs.fetchFromGitHub {
owner = "Mic92"; owner = "Mic92";
repo = "dotfiles"; repo = "dotfiles";
rev = "a0a9b7e358fa70a85cd468f8ca1fbb02ae0a91df"; rev = "a0a9b7e358fa70a85cd468f8ca1fbb02ae0a91df";
sha256 = "1y9h5s1lf59sczsm0ksq2x1yhl98ba9lwk5yil3q53rg7n4574pg"; sha256 = "1y9h5s1lf59sczsm0ksq2x1yhl98ba9lwk5yil3q53rg7n4574pg";
} }
}/home/.direnvrc"; }/home/.direnvrc");
}; };
programs.zsh.interactiveShellInit = '' programs.zsh.interactiveShellInit = ''

15
configs/distrobump.nix
View File

@@ -1,15 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
imports = [
(import <stockholm/makefu/3modules/bump-distrowatch.nix> {
inherit lib config;
pkgs = pkgs // {writeDash = pkgs.writers.writeDash;};
})
];
makefu.distrobump.enable = false;
}

10
configs/docker.nix
View File

@@ -1,8 +1,4 @@
{ { lib, pkgs, ... }: {
lib,
pkgs,
...
}: {
virtualisation.docker = { virtualisation.docker = {
enable = true; enable = true;
# for ICE wifi, ref https://gist.github.com/sunsided/7840e89ff4e11b64a2d7503fafa0290c # for ICE wifi, ref https://gist.github.com/sunsided/7840e89ff4e11b64a2d7503fafa0290c
@@ -11,6 +7,6 @@
"--fixed-cidr=172.39.1.0/25" "--fixed-cidr=172.39.1.0/25"
]; ];
}; };
users.users.me.extraGroups = ["docker"]; users.users.me.extraGroups = [ "docker" ];
environment.systemPackages = [pkgs.docker pkgs.docker-compose]; environment.systemPackages = [ pkgs.docker pkgs.docker_compose ];
} }

7
configs/dunst.nix
View File

@@ -1,8 +1,5 @@
{ { config, pkgs, ... }:
config, let
pkgs,
...
}: let
inherit (import ../lib) defaultApplications colours theme; inherit (import ../lib) defaultApplications colours theme;
in { in {
home-manager.users.me.services.dunst = { home-manager.users.me.services.dunst = {

24
configs/flameshot-once.nix Normal file
View File

@@ -0,0 +1,24 @@
{ lib, pkgs, ... }:
let
inherit (import <niveum/lib>) defaultApplications;
flameshot-once = pkgs.callPackage <stockholm/krebs/5pkgs/simple/flameshot-once> {};
in {
nixpkgs.overlays = [
(self: super: {
write =
super.callPackage <stockholm/krebs/5pkgs/simple/xwaitforwindow.nix> { };
})
];
environment.systemPackages = [
(flameshot-once.override {
config.imgur = {
enable = true;
createUrl = "http://p.r/image";
deleteUrl = "http://p.r/image/delete/%1";
xdg-open.browser = (defaultApplications pkgs).browser;
};
config.timeout = 1000;
})
];
}

23
configs/flameshot.nix
View File

@@ -1,23 +0,0 @@
{
lib,
pkgs,
...
}: {
home-manager.users.me = {
services.flameshot = {
enable = true;
settings.General = {
autoCloseIdleDaemon = true;
drawColor = "#ff0000";
drawThickness = 2;
checkForUpdates = false;
showDesktopNotification = true;
disabledTrayIcon = true;
showHelp = false;
squareMagnifier = true;
uploadWithoutConfirmation = true;
buttons = ''@Variant(\0\0\0\x7f\0\0\0\vQList<int>\0\0\0\0\x10\0\0\0\x2\0\0\0\x5\0\0\0\x13\0\0\0\xa\0\0\0\x1\0\0\0\xc\0\0\0\xd\0\0\0\x6\0\0\0\x8\0\0\0\0\0\0\0\xf\0\0\0\x4\0\0\0\xb\0\0\0\x3\0\0\0\x12\0\0\0\x9)'';
};
};
};
}

47
configs/flix.nix
View File

@@ -1,19 +1,14 @@
{ { config, pkgs, ... }:
config, let
pkgs,
...
}: let
flixLocation = "/media/flix"; flixLocation = "/media/flix";
flixLocationNew = "/media/flix-new";
cacheLocation = "/var/cache/flix"; cacheLocation = "/var/cache/flix";
indexFilename = "index"; indexFilename = "index";
indexFilenameNew = "index-new";
flixUser = "flix"; flixUser = "flix";
flixGroup = "users"; flixGroup = "users";
inherit (import ../lib) tmpfilesConfig; inherit (import <niveum/lib>) tmpfilesConfig;
in { in {
fileSystems.${flixLocation} = { fileSystems.${flixLocation} = {
device = "prism.r:/export/download"; device = "prism.r:/export";
fsType = "nfs"; fsType = "nfs";
options = [ options = [
"noauto" "noauto"
@@ -23,25 +18,12 @@ in {
"x-systemd.device-timeout=1" "x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min" "x-systemd.idle-timeout=1min"
"x-systemd.requires=tinc.retiolum.service" "x-systemd.requires=tinc.retiolum.service"
"x-systemd.requires=wpa_supplicant.service"
"user" "user"
"_netdev" "_netdev"
]; ];
}; };
fileSystems.${flixLocationNew} = {
device = "//yellow.r/public";
fsType = "cifs";
options = [
"guest"
"nofail"
"noauto"
"ro"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
};
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
(tmpfilesConfig { (tmpfilesConfig {
type = "d"; type = "d";
@@ -54,11 +36,8 @@ in {
systemd.services.flix-index = { systemd.services.flix-index = {
description = "Flix indexing service"; description = "Flix indexing service";
wants = ["network-online.target"]; wants = [ "network-online.target" ];
script = '' script = "cp ${flixLocation}/download/index ./${indexFilename}";
cp ${flixLocation}/index ./${indexFilename}
cp ${flixLocationNew}/index ./${indexFilenameNew}
'';
startAt = "hourly"; startAt = "hourly";
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
@@ -88,11 +67,13 @@ in {
'') '')
(pkgs.writers.writeDashBin "flixmenu" '' (pkgs.writers.writeDashBin "flixmenu" ''
set -efu set -efu
( cd "${flixLocation}/download"
${pkgs.gnused}/bin/sed 's#^\.#${flixLocation}#' ${cacheLocation}/${indexFilename}
${pkgs.gnused}/bin/sed 's#^\.#${flixLocationNew}#' ${cacheLocation}/${indexFilenameNew} [ -f "${cacheLocation}/${indexFilename}" ] || exit 1
) | ${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.util-linux}/bin/setsid ${pkgs.xdg-utils}/bin/xdg-open '{}' ${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" < ${cacheLocation}/${indexFilename} \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.utillinux}/bin/setsid ${pkgs.xdg_utils}/bin/xdg-open '{}'
'') '')
]; ];
} }

126
configs/fonts.nix
View File

@@ -1,127 +1,41 @@
{ { pkgs, ... }: {
pkgs, nixpkgs.config.joypixels.acceptLicense = true;
niveumPackages,
...
}: let
zip-font = name: arguments: let
directory = pkgs.fetchzip arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/{truetype,opentype,woff}
${pkgs.findutils}/bin/find ${directory} -name '*.ttf' -exec install '{}' $out/share/fonts/truetype \;
${pkgs.findutils}/bin/find ${directory} -name '*.otf' -exec install '{}' $out/share/fonts/opentype \;
${pkgs.findutils}/bin/find ${directory} -name '*.woff' -exec install '{}' $out/share/fonts/woff \;
'';
simple-ttf = name: arguments: let
file = pkgs.fetchurl arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/truetype
install ${file} $out/share/fonts/truetype
'';
egyptianHiero = zip-font "EgyptianHiero" {
url = "https://github.com/MKilani/Djehuty/archive/master.zip";
sha256 = "sha256-KbY4vedm757NWfDlgmNhslbZd+2Vs+o5PjtMMGDt61Y=";
};
antinoou = zip-font "Antinoou" {
url = "https://www.evertype.com/fonts/coptic/AntinoouFont.zip";
sha256 = "0jwihj08n4yrshcx07dnaml2x9yws6dgyjkvg19jqbz17drbp3sw";
stripRoot = false;
};
newGardiner = zip-font "NewGardiner" {
url = "https://mjn.host.cs.st-andrews.ac.uk/egyptian/fonts/NewGardiner.zip";
sha256 = "1jd0qa6shh9pqqyig2w43m9l9rv1i50l73jzkhb6g6mqxbhb1mip";
stripRoot = false;
};
junicode2 = zip-font "JunicodeTwo" {
url = "https://github.com/psb1558/Junicode-font/archive/48bf476db278c844c67542b04d1e0e4c71f139d2.zip";
sha256 = "1ryicc155vkvgv3315ddliigwa01afwyb4c4f6pnqcns03af001i";
};
newAthenaUnicode = zip-font "NewAthenaUnicode" {
url = "https://classicalstudies.org/sites/default/files/userfiles/files/NAU5_005.zip";
sha256 = "1g7qk9gl4nq2dz41bvck1nzilhin44j8691cxax3dlp77bbn9bxr";
};
jsesh = simple-ttf "JSesh" {
url = "http://files.qenherkhopeshef.org/jsesh/JSeshFont.ttf";
sha256 = "1203jrk2xzvgckcc5hx88kja1i3h8gm1wiyla5j6gspc0hbv56ry";
};
egyptianText = simple-ttf "EgyptianText-1.0beta" {
url = "http://c.krebsco.de/EgyptianText-v1.0-beta.ttf";
sha256 = "0cfjbk7xxnxhlp6v922psm5j1xzrv6wfk226ji2wz2yfrnkbcbsv";
};
in {
fonts = { fonts = {
enableDefaultFonts = true; enableDefaultFonts = true;
fontDir.enable = true; fontDir.enable = true;
fonts = with pkgs; [ fonts = with pkgs; [
alegreya alegreya
alegreya-sans alegreya-sans
amiri
annapurna-sil
antinoou
cantarell-fonts
cardo
charis-sil
doulos-sil
newAthenaUnicode
corefonts corefonts
crimson
eb-garamond eb-garamond
jsesh
egyptianHiero
egyptianText
font-awesome_6
etBook
newGardiner
junicode2
ezra-sil
fira fira
font-awesome font-awesome-ttf
galatia-sil
gentium
niveumPackages.gfs-fonts
gyre-fonts
ibm-plex ibm-plex
jetbrains-mono inconsolata
libertinus iosevka
libre-bodoni libertine
lmodern lmodern
merriweather
ocr-a
roboto
roboto-mono
noto-fonts noto-fonts
noto-fonts-cjk noto-fonts-cjk
noto-fonts-emoji noto-fonts-emoji
roboto
roboto-mono
roboto-slab roboto-slab
scheherazade-new
source-code-pro source-code-pro
source-sans-pro
source-serif-pro source-serif-pro
theano source-sans-pro
niveumPackages.tocharian-font ubuntu_font_family
vistafonts gfs-fonts
vollkorn jetbrains-mono
zilla-slab twemoji-color-font
]; # google-fonts league-of-moveable-type joypixels
fontconfig.defaultFonts = rec { ];
monospace = ["Noto Sans Mono"] ++ emoji; fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Naskh Arabic" "Noto Serif Devanagari"]; monospace = [ "JetBrains Mono" "JoyPixels" ];
sansSerif = ["Noto Sans Display" "Noto Kufi Arabic" "Noto Sans Devanagari" "Noto Sans CJK JP"]; serif = [ "Roboto Slab" ];
emoji = ["Noto Color Emoji"]; sansSerif = [ "Roboto" "Noto Sans" ];
emoji = [ "JoyPixels" ];
}; };
# xelatex fails with woff files
# ref https://tex.stackexchange.com/questions/392144/xelatex-and-fontspec-crash-trying-to-find-woff-file-for-some-fonts-but-not-other
fontconfig.localConf = ''
<fontconfig>
<!-- Reject WOFF fonts We don't register WOFF(2) fonts with fontconfig because of the W3C spec -->
<selectfont>
<rejectfont>
<glob>*.woff*</glob>
</rejectfont>
</selectfont>
</fontconfig>
'';
}; };
} }

17
configs/fzf.nix
View File

@@ -1,23 +1,18 @@
{ { pkgs, lib, ... }: {
pkgs,
lib,
...
}: {
environment = { environment = {
systemPackages = [pkgs.fzf]; systemPackages = [ pkgs.fzf ];
variables = rec { variables = {
FZF_DEFAULT_COMMAND = "${pkgs.fd}/bin/fd --type f --strip-cwd-prefix --follow --no-ignore-vcs --exclude .git";
FZF_DEFAULT_OPTS = FZF_DEFAULT_OPTS =
lib.escapeShellArgs ["--height=40%"]; lib.escapeShellArgs [ "--height=40%" "--layout=reverse" ];
FZF_ALT_C_COMMAND = "${pkgs.fd}/bin/fd --type d"; FZF_ALT_C_COMMAND = "${pkgs.fd}/bin/fd --type d";
FZF_ALT_C_OPTS = lib.escapeShellArgs [ FZF_ALT_C_OPTS = lib.escapeShellArgs [
"--preview='${pkgs.tree}/bin/tree -L 1 \"{}\"'" "--preview='${pkgs.tree}/bin/tree -L 1 \"{}\"'"
"--bind=space:toggle-preview" "--bind=space:toggle-preview"
"--preview-window=hidden" "--preview-window=hidden"
]; ];
FZF_CTRL_T_COMMAND = FZF_DEFAULT_COMMAND; FZF_CTRL_T_COMMAND = "${pkgs.fd}/bin/fd --type f";
FZF_CTRL_T_OPTS = FZF_CTRL_T_OPTS =
lib.escapeShellArgs ["--preview='head -$LINES {}'"]; lib.escapeShellArgs [ "--preview='${pkgs.bat}/bin/bat \"{}\"'" ];
}; };
}; };

6
systems/zaatar/gaslight.nix → configs/gaslight.nix
View File

@@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writers.writeDashBin "gaslight-stream" '' (pkgs.writers.writeDashBin "gaslight-stream" ''
${pkgs.ffmpeg}/bin/ffmpeg -r 14 -s 640x480 -f video4linux2 -i /dev/video0 -f alsa -i default -c:v libx264 -preset ultrafast -c:a aac -f avi - ${pkgs.ffmpeg}/bin/ffmpeg -r 14 -s 640x480 -f video4linux2 -i /dev/video0 -f alsa -i default -c:v libx264 -preset ultrafast -c:a aac -f avi -
@@ -15,9 +16,10 @@
'') '')
]; ];
} }
/* /*
ssh machine gaslight-stream | mpv - ssh machine gaslight-stream | mpv -
ssh machine gaslight-say "blablabla" ssh machine gaslight-say "blablabla"
*/
*/

77
configs/git.nix
View File

@@ -1,25 +1,20 @@
{ { pkgs, config, lib, ... }:
pkgs, let
config,
lib,
inputs,
...
}: let
inherit (import ../lib) kieran ignorePaths; inherit (import ../lib) kieran ignorePaths;
in { in
{
environment.systemPackages = [ environment.systemPackages = [
pkgs.mr pkgs.mr
pkgs.git pkgs.git
pkgs.git-crypt
pkgs.gitAndTools.gitflow pkgs.gitAndTools.gitflow
pkgs.gitAndTools.hub
pkgs.gitAndTools.gh pkgs.gitAndTools.gh
pkgs.gitAndTools.git-extras pkgs.gitAndTools.git-extras
pkgs.gitAndTools.git-trim pkgs.gitAndTools.git-trim
pkgs.gitAndTools.git-absorb
pkgs.gitstats pkgs.gitstats
pkgs.patch pkgs.patch
pkgs.patchutils pkgs.patchutils
inputs.self.packages.x86_64-linux.git-preview pkgs.git-preview
]; ];
environment.shellAliases = { environment.shellAliases = {
@@ -28,6 +23,37 @@ in {
}; };
home-manager.users.me = { home-manager.users.me = {
home.file.".mrconfig".text = let
prependPath = prefix:
lib.attrsets.mapAttrs'
(path: lib.attrsets.nameValuePair "${prefix}/${path}");
git = url: { checkout = "git clone ${url}"; };
github = owner: repo: git "git@github.com:${owner}/${repo}";
keybase = owner: repo: git "keybase://private/${owner}/${repo}";
in lib.generators.toINI { } ({
DEFAULT = { git_gc = ''git gc "$@"''; };
} // prependPath "projects" {
"menstruation.rs" = github "kmein" "menstruation.rs";
brockman = github "kmein" "brockman";
challenges = github "kmein" "challenges";
conlangs = github "kmein" "conlangs";
ledger = keybase "kmein" "ledger";
mahlzeit = github "kmein" "mahlzeit";
menstruation-telegram = github "kmein" "menstruation-telegram";
meteora = github "kmein" "meteora";
modernizr = github "kmein" "modernizr";
niveum = github "kmein" "niveum";
nixpkgs = github "NixOS" "nixpkgs";
poetry = github "kmein" "poetry";
quotes = github "kmein" "quotes";
sphinx = github "kmein" "sphinx";
stockholm = git "https://cgit.krebsco.de/stockholm";
telebots = github "kmein" "telebots";
traadfri = github "kmein" "traadfri";
wissen = github "kmein" "wissen";
zen = github "kmein" "zen";
});
programs.git = { programs.git = {
enable = true; enable = true;
package = pkgs.gitAndTools.gitFull; package = pkgs.gitAndTools.gitFull;
@@ -44,20 +70,33 @@ in {
diffs = "diff --staged"; diffs = "diff --staged";
last = "log -1 HEAD"; last = "log -1 HEAD";
logs = "log --pretty=oneline"; logs = "log --pretty=oneline";
graph = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all"; graph =
"log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
}; };
ignores = ignorePaths; ignores = ignorePaths;
extraConfig = { extraConfig = {
pull.ff = "only"; pull.ff = "only";
rebase.autoStash = true; rebase.autoStash = true;
merge.autoStash = true; merge.autoStash = true;
core.pager =
# # ref https://github.com/dandavison/delta "${pkgs.gitAndTools.diff-so-fancy}/bin/diff-so-fancy | ${pkgs.less}/bin/less --tabs=4 -RFX";
# core.pager = "${pkgs.delta}/bin/delta"; color = {
# interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only"; ui = true;
# delta.navigate = true; diff = {
# merge.conflictStyle = "diff3"; meta = "11";
# diff.colorMoved = "default"; frag = "magenta bold";
commit = "yellow bold";
old = "red bold";
new = "green bold";
whitespace = "red reverse";
};
diff-highlight = {
oldNormal = "red bold";
oldHighlight = "red bold 52";
newNormal = "green bold";
newHighlight = "green bold 22";
};
};
}; };
}; };
}; };

13
configs/gitea.nix Normal file
View File

@@ -0,0 +1,13 @@
{
services.gitea = {
enable = true;
disableRegistration = true;
rootUrl = "https://code.kmein.de";
appName = "code.kmein.de";
};
services.nginx.virtualHosts."code.kmein.de" = {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = "proxy_pass http://localhost:3000;";
};
}

61
configs/hass/default.nix Normal file
View File

@@ -0,0 +1,61 @@
{ config, pkgs, lib, ... }:
let
inherit (import ./lib.nix) triggers;
inherit (import <niveum/lib>) localAddresses;
in
{
imports = [
./zigbee.nix
./frontend.nix
];
services.home-assistant = {
enable = true;
configWritable = true;
lovelaceConfigWritable = true;
openFirewall = true;
config = {
homeassistant = {
name = "Toum";
latitude = config.location.latitude;
longitude = config.location.longitude;
elevation = 90; # TODO find out how high I live
unit_system = "metric";
time_zone = config.time.timeZone;
};
config = {};
discovery = {};
system_health = {};
history = {};
# tradfri.host = localAddresses.tradfri; # dont use until python3Packages.pytradfri is packaged
sun = {};
mobile_app = {};
shopping_list = {};
sensor = [
{
platform = "dwd_weather_warnings";
region_name = "Berlin";
}
];
mqtt = {
broker = "localhost";
port = 1883;
client_id = "home-assistant";
username = "albrecht";
password = lib.strings.fileContents <system-secrets/mosquitto>;
keepalive = 60;
protocol = "3.1";
discovery = true;
birth_message = {
topic = "/hass/status";
payload = "online";
};
will_message = {
topic = "/hass/status";
payload = "offline";
};
};
};
};
}

37
configs/hass/frontend.nix Normal file
View File

@@ -0,0 +1,37 @@
let
inherit (import ./lib.nix) triggers;
in
{
services.home-assistant.config = {
frontend = {
themes = {
day_theme = import ./themes/clear.nix;
night_theme = import ./themes/clear-dark.nix;
};
};
automation = [
{
alias = "Night Theme";
hide_entity = true;
trigger = triggers.night;
action = [
{
service = "frontend.set_theme";
data.name = "night_theme";
}
];
}
{
alias = "Day Theme";
hide_entity = true;
trigger = triggers.day;
action = [
{
service = "frontend.set_theme";
data.name = "day_theme";
}
];
}
];
};
}

16
configs/hass/lib.nix Normal file
View File

@@ -0,0 +1,16 @@
{
triggers = {
night = {
platform = "numeric_state";
entity_id = "sun.sun";
value_template = "{{ state.attributes.elevation }}";
below = -4.0;
};
day = {
platform = "numeric_state";
entity_id = "sun.sun";
value_template = "{{ state.attributes.elevation }}";
above = 0;
};
};
}

72
configs/hass/themes/clear-dark.nix Normal file
View File

@@ -0,0 +1,72 @@
rec {
# Colors
text-color = "#DADADB"; # Grey text
text-medium-light-color = "#A0A2A8"; # Medium-light grey text
text-medium-color = "#80828A"; # Medium grey text
text-dark-color = "#6A6B74"; # Dark grey text
accent-color = "#008bef"; # Blue
accent-medium-color = "#2484C9"; # Decent blue
background-color = "#3b4049"; # Dark grey background
background-color-2 = "#484E59"; # Light grey background
background-card-color = "#434952"; # Grey background
border-color = "#383C46"; # Grey border
# Header
app-header-background-color = "#363941"; # Background color
# Text
primary-color = text-color;
text-primary-color = text-color;
# Left Menu
paper-listbox-background-color = background-color; # Background
sidebar-icon-color = text-medium-color; # icons
sidebar-selected-icon-color = text-medium-light-color; # Selected row icon and background (15%)
sidebar-selected-text-color = text-color; # Selected row label
# UI
paper-card-header-color = text-color; # Title in settings
primary-background-color = background-color; # Background (also title background in left menu)
mdc-theme-primary = accent-medium-color; # Action Buttons (save, restart etc.)
card-background-color = background-card-color; # Entity Registry Background
# Card
paper-card-background-color = background-card-color; # Background
dark-primary-color = text-color;
primary-text-color = text-color;
paper-listbox-color = text-color;
light-primary-color = text-dark-color;
secondary-text-color = text-medium-color;
disabled-text-color = text-dark-color;
paper-dialog-button-color = text-color;
secondary-background-color = background-color-2; # Background more info title
# Icons
paper-item-icon-color = text-dark-color; # Off
paper-item-icon-active-color = accent-color; # On
# Switches
switch-checked-button-color = text-medium-light-color; # Knob On
switch-unchecked-button-color = text-medium-light-color; # Knob Off
switch-checked-track-color = "#009FFF"; # Background On
switch-unchecked-track-color = "#767682"; # Background Off
# Slider
paper-slider-active-color = accent-color; # Line On
paper-slider-knob-color = text-medium-light-color; # Knob On
paper-slider-container-color = text-dark-color; # Line Off
paper-slider-knob-start-color = text-medium-light-color; # Knob Off
# Badges
label-badge-text-color = text-color;
label-badge-background-color = "rgba(54, 57, 65, 0.6)";
# Shadows
ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
# HACS
hacs-badge-color = accent-color; # New Badge
hacs-status-installed = text-color; # Installed Icon
hacs-status-pending-restart = text-dark-color; # Restart Icon
hacs-status-pending-update = accent-color;
}

52
configs/hass/themes/clear.nix Normal file
View File

@@ -0,0 +1,52 @@
rec {
text-color = "#636B75"; # Grey text
text-medium-color = "#8c96a5"; # Medium grey text
text-light-color = "#BAC0C6"; # Light grey text
accent-color = "#00a1ff"; # Blue
background-color = "#F7F8F9"; # Light grey background
background-color-2 = "#F4F5F6"; # Light grey background
background-card-color = "rgba(255,255,255,1.0)"; # White background
border-color = "#E8E8E8"; # Light grey border
# Header
primary-color = text-color; # Background
text-primary-color = "#FFF"; # Text
# Left Menu
paper-listbox-background-color = background-color; # Background
# TODO = Text and Icons
# UI
paper-card-header-color = text-color; # Title in settings
primary-background-color = background-color; # Background color (also title background in left menu)
# Card
paper-card-background-color = background-card-color; # Background
dark-primary-color = text-color;
primary-text-color = text-color;
paper-listbox-color = text-color;
light-primary-color = text-light-color;
secondary-text-color = text-medium-color;
disabled-text-color = text-light-color;
paper-dialog-button-color = text-color;
secondary-background-color = background-color-2; # Background more info title
# Icons
paper-item-icon-color = text-light-color; # Off
paper-item-icon-active-color = accent-color; # On
# Switches
switch-checked-button-color = "#FFF"; # Knob On
switch-unchecked-button-color = "#FFF"; # Knob Off
switch-checked-track-color = "#0077FF"; # Background On
switch-unchecked-track-color = disabled-text-color; # Background Off
# Slider
paper-slider-active-color = accent-color; # Line On
paper-slider-container-color = "#e5e7ea"; # Line Off
paper-slider-knob-color = text-light-color; # Knob On
paper-slider-knob-start-color = text-light-color; # Knob Off
# Shadows
ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
}

102
configs/hass/zigbee.nix Normal file
View File

@@ -0,0 +1,102 @@
{ config, pkgs, lib, ... }:
let
inherit (import <niveum/lib>) localAddresses;
in
{
services.zigbee2mqtt = {
enable = true;
config = {
permit_join = false;
homeassistant = true;
serial = {
port = "/dev/ttyACM0";
disable_led = true;
};
mqtt = {
discovery = true;
base_topic = "zigbee";
server = "mqtt://${localAddresses.toum}";
user = "albrecht";
password = lib.strings.fileContents <system-secrets/mosquitto>;
};
};
};
services.mosquitto = {
enable = true;
host = "0.0.0.0";
allowAnonymous = false;
checkPasswords = true;
users."albrecht" = {
password = lib.strings.fileContents <system-secrets/mosquitto>;
acl = [ "topic readwrite #" ];
};
};
networking.firewall.allowedTCPPorts = [ 1883 ];
environment.systemPackages = [ pkgs.mosquitto ];
services.home-assistant = {
config = {
switch = [
{
platform = "mqtt";
name = "zigbee2mqtt_join";
state_topic = "/zigbee2mqtt/bridge/config/permit_join";
command_topic = "/zigbee2mqtt/bridge/config/permit_join";
payload_on = "true";
payload_off = "false";
}
];
timer.zigbee_permit_join = {
name = "Zigbee Time remaining";
duration = 120;
};
automation = [
# Automation to start timer when enable join is turned on
{
id = "zigbee_join_enabled";
alias = "";
hide_entity = "true";
trigger = {
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "on";
};
action = {
service = "timer.start";
entity_id = "timer.zigbee_permit_join";
};
}
# Automation to stop timer when switch turned off and turn off switch when timer finished
{
id = "zigbee_join_disabled";
hide_entity = "true";
trigger = [
{
platform = "event";
event_type = "timer.finished";
event_data.entity_id = "timer.zigbee_permit_join";
}
{
platform = "state";
entity_id = "switch.zigbee2mqtt_join";
to = "off";
}
];
action = [
{
service = "timer.cancel";
data.entity_id = "timer.zigbee_permit_join";
}
{
service = "switch.turn_off";
entity_id = "switch.zigbee2mqtt_join";
}
];
}
];
};
};
}

81
configs/hedgedoc.nix Normal file
View File

@@ -0,0 +1,81 @@
{ config, pkgs, ... }:
let
backupLocation = "/var/lib/codimd-backup";
stateLocation = "/var/lib/codimd/state.sqlite";
nixpkgs-unstable = import <nixpkgs-unstable> {};
domain = "pad.kmein.de";
in
{
imports = [ <stockholm/krebs/3modules/permown.nix> ];
services.nginx.virtualHosts.${domain} = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "https://localhost:3091";
proxyWebsockets = true;
};
};
security.acme.certs.${domain}.group = "hedgecert";
users.groups.hedgecert.members = [ "codimd" "nginx" ];
security.dhparams = {
enable = true;
params.hedgedoc = {};
};
services.hedgedoc = {
enable = true;
configuration = {
allowOrigin = [ domain ];
allowAnonymous = true;
allowGravatar = false;
allowFreeURL = true;
db = {
dialect = "sqlite";
storage = stateLocation;
};
port = 3091;
domain = domain;
useSSL = true;
protocolUseSSL = true;
sslCAPath = [ "/etc/ssl/certs/ca-certificates.crt" ];
sslCertPath = "/var/lib/acme/${domain}/cert.pem";
sslKeyPath = "/var/lib/acme/${domain}/key.pem";
dhParamPath = config.security.dhparams.params.hedgedoc.path;
};
};
krebs.permown.${backupLocation} = { owner = "codimd"; group = "codimd"; umask = "0002"; };
systemd.services.hedgedoc-backup = {
description = "Hedgedoc backup service";
script = ''
${nixpkgs-unstable.sqlite}/bin/sqlite3 -json ${stateLocation} "select shortid, alias, ownerId, content from Notes" \
| ${pkgs.writers.writePython3 "hedgedoc-json-to-fs.py" {} ''
import json
import pathlib
import sys
for note in json.load(sys.stdin):
user_directory = pathlib.Path()
if note["ownerId"]:
user_directory = pathlib.Path(note["ownerId"])
user_directory.mkdir(exist_ok=True)
file_path = user_directory / (
(note["alias"] if note["alias"] else note["shortid"]) + ".md"
)
file_path.write_text(note["content"])
print(f" {file_path}", file=sys.stderr)
''}
'';
startAt = "hourly";
serviceConfig = {
Type = "oneshot";
User = "codimd";
Group = "codimd";
WorkingDirectory = backupLocation;
};
};
}

49
configs/hledger.nix
View File

@@ -1,39 +1,14 @@
{ { config, pkgs, ... }: {
config, imports = [ ../modules/hledger.nix ];
pkgs,
...
}: {
environment.systemPackages = let
ledgerDirectory = "$HOME/projects/ledger";
timeLedger = "${ledgerDirectory}/time.timeclock";
git = "${pkgs.git}/bin/git -C ${ledgerDirectory}";
in [
pkgs.hledger
(pkgs.writers.writeDashBin "hora-edit" ''
$EDITOR + "${timeLedger}" && ${pkgs.git}/bin/git -C "$(${pkgs.coreutils}/bin/dirname ${timeLedger})" commit --all --message "$(${pkgs.coreutils}/bin/date -Im)"
'')
(pkgs.writers.writeDashBin "hora" ''
${pkgs.hledger}/bin/hledger -f "${timeLedger}" "$@"
'')
(pkgs.writers.writeDashBin "hora-filli" ''
${pkgs.hledger}/bin/hledger -f "${timeLedger}" register fillidefilla -O csv \
-b "$(date -d "$(date +%Y-%m)-20 last month" +%Y-%m-%d)" \
-e "$(date -d "$(date +%Y-%m)-20" +%Y-%m-%d)" \
| sed 's/(fillidefilla:\(.*\))/\1/g' \
| xsv select date,amount,total,account,description
'')
(pkgs.writers.writeDashBin "hledger-git" '' niveum.hledger = {
if [ "$1" = entry ]; then enable = true;
${pkgs.hledger}/bin/hledger balance -V > "${ledgerDirectory}/balance.txt" ledgerFile = "$HOME/projects/ledger/all.journal";
${git} add balance.txt server = {
${git} commit --all --message="$(date -Im)" enable = false;
else user = config.users.users.me;
${git} $* package = pkgs.hledger-web;
fi };
'') package = pkgs.hledger;
(pkgs.writers.writeDashBin "hledger-edit" '' };
$EDITOR ${ledgerDirectory}/current.journal
'')
];
} }

4
configs/htop.nix
View File

@@ -22,8 +22,8 @@
sort_key = "PERCENT_CPU"; sort_key = "PERCENT_CPU";
tree_view = true; tree_view = true;
update_process_names = false; update_process_names = false;
right_meters = ["Uptime" "Tasks" "LoadAverage" "Battery"]; right_meters = [ "Uptime" "Tasks" "LoadAverage" "Battery" ];
left_meters = ["LeftCPUs2" "RightCPUs2" "Memory" "Swap"]; left_meters = [ "LeftCPUs2" "RightCPUs2" "Memory" "Swap" ];
}; };
}; };
}; };

58
configs/hu-berlin.nix
View File

@@ -1,11 +1,7 @@
{ { config, pkgs, lib, ... }:
config, let
pkgs,
lib,
...
}: let
inherit (lib.strings) fileContents; inherit (lib.strings) fileContents;
inherit (import ../lib) sshPort; inherit (import <niveum/lib>) sshPort;
eduroam = { eduroam = {
identity = fileContents <secrets/eduroam/identity>; identity = fileContents <secrets/eduroam/identity>;
password = fileContents <secrets/eduroam/password>; password = fileContents <secrets/eduroam/password>;
@@ -15,9 +11,10 @@
"gid=${toString config.users.groups.users.gid}" "gid=${toString config.users.groups.users.gid}"
"sec=ntlmv2" "sec=ntlmv2"
"workgroup=german" "workgroup=german"
"credentials=${config.age.secrets.cifs-credentials-hu-berlin.path}" "username=meinhaki"
"password=${lib.strings.fileContents <secrets/mail/meinhaki>}"
"noauto" "noauto"
# "x-systemd.requires=hu-vpn.service" "x-systemd.requires=openvpn-hu-berlin.service"
"x-systemd.automount" "x-systemd.automount"
"x-systemd.device-timeout=1" "x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min" "x-systemd.idle-timeout=1min"
@@ -35,7 +32,6 @@ in {
options = hu-berlin-cifs-options; options = hu-berlin-cifs-options;
}; };
age.secrets.cifs-credentials-hu-berlin.file = ../secrets/cifs-credentials-hu-berlin.age;
home-manager.users.me.programs.ssh = { home-manager.users.me.programs.ssh = {
matchBlocks = { matchBlocks = {
@@ -50,11 +46,10 @@ in {
(pkgs.writers.writeDashBin "hu-ip" '' (pkgs.writers.writeDashBin "hu-ip" ''
${pkgs.w3m}/bin/w3m -dump meineip.hu-berlin.de | head --lines=-4 | tail --lines=+3 ${pkgs.w3m}/bin/w3m -dump meineip.hu-berlin.de | head --lines=-4 | tail --lines=+3
'') '')
( (pkgs.writers.writePython3Bin "hu-eduroam-install"
pkgs.writers.writePython3Bin "hu-eduroam-install"
{ {
libraries = with pkgs.python3Packages; [distro pyopenssl dbus-python]; libraries = with pkgs.python3Packages; [ distro pyopenssl dbus-python ];
flakeIgnore = ["E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291"]; flakeIgnore = [ "E501" "E123" "W504" "E722" "F821" "E226" "E126" "E265" "W291" ];
} }
(builtins.readFile (builtins.fetchurl { (builtins.readFile (builtins.fetchurl {
url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/linux-installer/eduroam-linux-hub.py"; url = "https://www.cms.hu-berlin.de/de/dl/netze/wlan/config/eduroam/linux-installer/eduroam-linux-hub.py";
@@ -65,22 +60,31 @@ in {
systemd.services.hu-vpn = { systemd.services.hu-vpn = {
enable = true; enable = true;
wants = ["network-online.target"]; wants = [ "network-online.target" ];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhark.path}"; conflicts = [ "openvpn-hu-berlin.service" ];
script = '' script = ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam ${pkgs.openfortivpn}/bin/openfortivpn -c ${pkgs.writeText "hu-berlin.config" ''
then
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "$CREDENTIALS_DIRECTORY/password")" \
--config=${
pkgs.writeText "hu-berlin.config" ''
host = forti-ssl.vpn.hu-berlin.de host = forti-ssl.vpn.hu-berlin.de
port = 443 port = 443
username = meinhark trusted-cert = 42193a913d276d9eb86217612956e1e6464d6f07bed5393a4787c87adc4bd359
trusted-cert = 9e5dea8e077970d245900839f437ef7fb9551559501c7defd70af70ea568573d username = ${eduroam.identity}
'' password = ${eduroam.password}
} ''}
fi
''; '';
}; };
systemd.services.openvpn-hu-berlin.conflicts = [ "hu-vpn.service" ];
services.openvpn.servers.hu-berlin = {
autoStart = false;
authUserPass = {
username = eduroam.identity;
password = eduroam.password;
};
config = fileContents (pkgs.fetchurl {
url =
"https://www.cms.hu-berlin.de/de/dl/netze/vpn/openvpn/hu-berlin.ovpn";
sha256 = "15b55aibik5460svjq2gwxrcyh6ay4k8savd6cd5lncgndmd8p8h";
});
};
} }

184
configs/i3.nix
View File

@@ -1,28 +1,14 @@
{ { inputs, config, pkgs, lib, ... }:
config, let
pkgs,
lib,
niveumPackages,
...
}: let
inherit (import ../lib) defaultApplications colours; inherit (import ../lib) defaultApplications colours;
klem = niveumPackages.klem.override { klem = import ../packages/scripts/klem.nix {
config.dmenu = "${pkgs.dmenu}/bin/dmenu -i -p klem"; inherit pkgs lib;
config.scripts = { config.scripts = {
"p.r" = pkgs.writers.writeDash "p.r" '' "p.r" = pkgs.writers.writeDash "p.r" ''
${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \ ${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \
| ${pkgs.coreutils}/bin/tail --lines=1 \ | ${pkgs.coreutils}/bin/tail --lines=1 \
| ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/' | ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/'
''; '';
# "envs.sh host" = pkgs.writers.writeDash "envs-host" ''
# ${pkgs.curl}/bin/curl -F "file=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
# '';
"envs.sh mirror" = pkgs.writers.writeDash "envs-mirror" ''
${pkgs.curl}/bin/curl -F "url=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"envs.sh shorten" = pkgs.writers.writeDash "envs-shorten" ''
${pkgs.curl}/bin/curl -F "shorten=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"ix.io" = pkgs.writers.writeDash "ix.io" '' "ix.io" = pkgs.writers.writeDash "ix.io" ''
${pkgs.curl}/bin/curl -fSs -F 'f:1=<-' ix.io ${pkgs.curl}/bin/curl -fSs -F 'f:1=<-' ix.io
''; '';
@@ -36,20 +22,17 @@
${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]' ${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
''; '';
"ipa" = pkgs.writers.writeDash "ipa" '' "ipa" = pkgs.writers.writeDash "ipa" ''
${niveumPackages.ipa}/bin/ipa ${pkgs.scripts.ipa}/bin/ipa
''; '';
"betacode" = pkgs.writers.writeDash "betacode" '' "betacode" = pkgs.writers.writeDash "betacode" ''
${niveumPackages.betacode}/bin/betacode ${pkgs.scripts.betacode}/bin/betacode
'';
"devanagari" = pkgs.writers.writeDash "devanagari" ''
${pkgs.scripts.devanagari}/bin/devanagari
''; '';
"curl" = pkgs.writers.writeDash "curl" '' "curl" = pkgs.writers.writeDash "curl" ''
${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)" ${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
''; '';
ocr = pkgs.writers.writeDash "ocr" ''
${pkgs.tesseract4}/bin/tesseract -l eng+deu - stdout
'';
emojai = pkgs.writers.writeDash "emojai" ''
${pkgs.curl}/bin/curl https://www.emojai.app/api/generate -X POST -H 'Content-Type: application/json' --data-raw "$(${pkgs.jq}/bin/jq -sR '{emoji:.}')" | ${pkgs.jq}/bin/jq -r .result
'';
}; };
}; };
@@ -59,28 +42,13 @@
move-to-new-workspace = pkgs.writers.writeDash "new-workspace" '' move-to-new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1)) i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
''; '';
in { in {
age.secrets = {
github-token-i3status-rust = {
file = ../secrets/github-token-i3status-rust.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
openweathermap-api-key = {
file = ../secrets/openweathermap-api-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
programs.slock.enable = true;
services.xserver = { services.xserver = {
displayManager.defaultSession = "none+i3"; displayManager.defaultSession = "none+i3";
windowManager.i3 = { windowManager.i3 = {
enable = true; enable = true;
package = pkgs.i3-gaps;
}; };
}; };
@@ -99,38 +67,26 @@ in {
''; '';
}; };
home-manager.users.me.xsession.windowManager.i3 = let home-manager.users.me.xsession.windowManager.i3 = {
modifier = "Mod4";
in {
enable = true; enable = true;
extraConfig = ''
bindsym --release ${modifier}+Shift+w exec /run/wrappers/bin/slock
'';
config = rec { config = rec {
fonts = { fonts = {names = ["Sans"]; size = 10.0;};
names = ["Sans"]; modifier = "Mod4";
size = 10.0;
};
inherit modifier;
window = { window = {
titlebar = false; titlebar = false;
border = 1; border = 1;
hideEdgeBorders = "smart"; hideEdgeBorders = "smart";
commands = [ commands = [
{ {
criteria = {class = "floating";}; criteria = { class = "floating"; };
command = "floating enable"; command = "floating enable";
} }
{ {
criteria = {class = "fzfmenu";}; criteria = { class = "fzfmenu"; };
command = "floating enable"; command = "floating enable";
} }
{ {
criteria = {class = ".*";}; criteria = { class = "mpv"; };
command = "border pixel 2";
}
{
criteria = {class = "mpv";};
command = lib.strings.concatStringsSep ", " [ command = lib.strings.concatStringsSep ", " [
"floating enable" "floating enable"
"sticky enable" "sticky enable"
@@ -141,6 +97,7 @@ in {
} }
]; ];
}; };
gaps.inner = 4;
floating = { floating = {
titlebar = false; titlebar = false;
border = 1; border = 1;
@@ -151,44 +108,32 @@ in {
text = colours.foreground; text = colours.foreground;
}; };
in rec { in rec {
focused = focused = scheme // {
scheme border = colours.cyan.bright;
// { indicator = colours.cyan.bright;
border = colours.blue.bright; childBorder = colours.cyan.bright;
indicator = colours.blue.bright;
childBorder = colours.blue.bright;
}; };
unfocused = unfocused = scheme // {
scheme
// {
border = colours.background; border = colours.background;
indicator = colours.background; indicator = colours.background;
childBorder = colours.background; childBorder = colours.background;
}; };
focusedInactive = unfocused; focusedInactive = unfocused;
urgent = urgent = scheme // {
scheme
// {
border = colours.red.bright; border = colours.red.bright;
indicator = colours.red.bright; indicator = colours.red.bright;
childBorder = colours.red.bright; childBorder = colours.red.bright;
}; };
placeholder = placeholder = scheme // {
scheme
// {
border = colours.green.bright; border = colours.green.bright;
indicator = colours.green.bright; indicator = colours.green.bright;
childBorder = colours.green.bright; childBorder = colours.green.bright;
}; };
}; };
bars = [ bars = [{
{
workspaceButtons = false; workspaceButtons = false;
fonts = { fonts = {names = ["Sans"]; size = 8.0;};
names = ["Monospace" "Font Awesome 6 Free"]; mode = "hide"; # "dock"
size = 8.0;
};
mode = "dock"; # "hide";
position = "bottom"; position = "bottom";
colors = rec { colors = rec {
background = colours.background; background = colours.background;
@@ -200,19 +145,14 @@ in {
text = colours.foreground; text = colours.foreground;
}; };
}; };
statusCommand = toString (pkgs.writers.writeDash "i3status-rust" '' statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ${
export I3RS_GITHUB_TOKEN="$(cat ${config.age.secrets.github-token-i3status-rust.path})"
export OPENWEATHERMAP_API_KEY="$(cat ${config.age.secrets.openweathermap-api-key.path})"
${pkgs.i3status-rust}/bin/i3status-rs ${
(pkgs.formats.toml {}).generate "i3status-rust.toml" (import ../lib/i3status-rust.nix { (pkgs.formats.toml {}).generate "i3status-rust.toml" (import ../lib/i3status-rust.nix {
inherit (config.niveum) batteryName wirelessInterface; inherit (config.niveum) batteryName wirelessInterface;
inherit (config.home-manager.users.me.accounts.email) accounts;
inherit colours; inherit colours;
inherit pkgs; inherit pkgs;
}) })
}''); }";
} }];
];
modes.resize = { modes.resize = {
"Escape" = ''mode "default"''; "Escape" = ''mode "default"'';
"Return" = ''mode "default"''; "Return" = ''mode "default"'';
@@ -233,10 +173,10 @@ in {
"${modifier}+Shift+b" = "move window to workspace prev"; "${modifier}+Shift+b" = "move window to workspace prev";
"${modifier}+Shift+n" = "move window to workspace next"; "${modifier}+Shift+n" = "move window to workspace next";
"${modifier}+Shift+x" = "exec ${move-to-new-workspace}"; "${modifier}+Shift+x" = "exec --no-startup-id ${move-to-new-workspace}";
"${modifier}+b" = "workspace prev"; "${modifier}+b" = "workspace prev";
"${modifier}+n" = "workspace next"; "${modifier}+n" = "workspace next";
"${modifier}+x" = "exec ${new-workspace}"; "${modifier}+x" = "exec --no-startup-id ${new-workspace}";
"${modifier}+Shift+c" = "reload"; "${modifier}+Shift+c" = "reload";
"${modifier}+Shift+q" = "kill"; "${modifier}+Shift+q" = "kill";
@@ -254,68 +194,58 @@ in {
"${modifier}+r" = "mode resize"; "${modifier}+r" = "mode resize";
"${modifier}+v" = "split v"; "${modifier}+v" = "split v";
"${modifier}+w" = "layout tabbed"; "${modifier}+w" = "layout tabbed";
"${modifier}+q" = "exec ${pkgs.writers.writeDash "newsboat-sync" ''
notify-send --app-name="newsboat" "Updating ..."
newsboat -x reload
notify-send --app-name="newsboat" "Finished updating."
''}";
# "${modifier}+Shift+y" = "exec ${pkgs.qutebrowser}/bin/qutebrowser"; # "${modifier}+Shift+y" = "exec ${pkgs.qutebrowser}/bin/qutebrowser";
"${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}"; "${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}";
"${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}"; "${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}";
"${modifier}+y" = "exec ${(defaultApplications pkgs).browser}"; "${modifier}+y" = "exec ${(defaultApplications pkgs).browser}";
"${modifier}+0" = "exec ${niveumPackages.menu-calc}/bin/="; "${modifier}+0" = "exec ${pkgs.scripts.menu-calc}/bin/=";
"${modifier}+d" = "exec ${pkgs.writers.writeDash "run" ''exec rofi -modi run,ssh,window -show run''}"; "${modifier}+Shift+w" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"${modifier}+a" =
"exec --no-startup-id ${pkgs.rofi}/bin/rofi -display-window -show window";
"${modifier}+d" = "exec --no-startup-id ${pkgs.dmenu}/bin/dmenu_run";
"${modifier}+Shift+d" = "exec ${ "${modifier}+Shift+d" = "exec ${
pkgs.writers.writeDash "notemenu" '' pkgs.writers.writeDash "notemenu" ''
set -efu set -efu
PATH=$PATH:${ PATH=$PATH:${
lib.makeBinPath [pkgs.rofi pkgs.findutils pkgs.coreutils] lib.makeBinPath [ pkgs.dmenu pkgs.findutils pkgs.coreutils ]
} }
cd ~/notes cd ~/notes
note_file=$({ note_file=$({
echo diary/$(date -I).md echo diary/$(date -I).md
echo diary/$(date -I -d yesterday).md echo diary/$(date -I -d yesterday).md
find . ! -name '.*' -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2- find . -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2
} | rofi -dmenu -i -p 'notes') } | dmenu -i)
if test "$note_file" if test "$note_file"
then then
alacritty --working-directory ~/notes -e "$EDITOR" "$note_file" i3-sensible-terminal -e "$EDITOR" "$note_file"
fi fi
'' ''
}"; }";
"${modifier}+p" = "exec rofi-pass"; "${modifier}+p" = "exec --no-startup-id ${pkgs.pass}/bin/passmenu -l 5";
"${modifier}+Shift+p" = "exec rofi-pass --insert"; "${modifier}+u" = "exec ${pkgs.scripts.unicodmenu}/bin/unicodmenu";
"${modifier}+u" = "exec ${niveumPackages.unicodmenu}/bin/unicodmenu";
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill"; "${modifier}+F7" = "exec ${pkgs.scripts.showkeys-toggle}/bin/showkeys-toggle";
"${modifier}+F7" = "exec ${pkgs.writers.writeDash "showkeys-toggle" '' "${modifier}+F8" = "exec ${pkgs.xorg.xkill}/bin/xkill";
if ${pkgs.procps}/bin/pgrep screenkey; then
exec ${pkgs.procps}/bin/pkill screenkey
else
exec ${pkgs.screenkey}/bin/screenkey
fi
''}";
"${modifier}+F8" = "exec switch-theme toggle";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85"; "${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
"${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x"; "${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
"${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter"; "${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";
"${modifier}+F12" = "exec ${klem}/bin/klem"; "${modifier}+F12" = "exec ${klem}/bin/klem";
"Print" = "exec flameshot gui"; "Print" = "exec flameshot-once";
"XF86AudioLowerVolume" = "exec ${pkgs.pamixer}/bin/pamixer -d 5"; "XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t"; "XF86AudioMute" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 5"; "XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -i 5";
"XF86Calculator" = "exec ${pkgs.st}/bin/st -c floating -e ${pkgs.bc}/bin/bc"; "XF86Calculator" = "exec ${pkgs.st}/bin/st -c floating -e ${pkgs.bc}/bin/bc";
"XF86AudioPause" = "exec ${pkgs.playerctl}/bin/playerctl pause"; "XF86AudioPause" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl pause";
"XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause"; "XF86AudioPlay" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioNext" = "exec ${pkgs.playerctl}/bin/playerctl next"; "XF86AudioNext" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec ${pkgs.playerctl}/bin/playerctl previous"; "XF86AudioPrev" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec ${pkgs.playerctl}/bin/playerctl stop"; "XF86AudioStop" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${niveumPackages.k-lock}/bin/k-lock"; "XF86ScreenSaver" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr"; "XF86Display" = "exec ${pkgs.scripts.dmenurandr}/bin/dmenurandr";
# key names detected with xorg.xev: # key names detected with xorg.xev:
# XF86WakeUp (fn twice) # XF86WakeUp (fn twice)

12
configs/kdeconnect.nix
View File

@@ -1,17 +1,13 @@
{ {
networking.firewall = { networking.firewall = {
allowedTCPPortRanges = [ allowedTCPPortRanges = [{
{
from = 1714; from = 1714;
to = 1764; to = 1764;
} }];
]; allowedUDPPortRanges = [{
allowedUDPPortRanges = [
{
from = 1714; from = 1714;
to = 1764; to = 1764;
} }];
];
}; };
home-manager.users.me = { home-manager.users.me = {

74
configs/keyboard.nix
View File

@@ -1,75 +1,17 @@
{ { pkgs, lib, ... }:
pkgs, let commaSep = builtins.concatStringsSep ",";
lib,
...
}: let
commaSep = builtins.concatStringsSep ",";
xkbOptions = ["compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle"];
languages = {
de = "T3";
gr = "polytonic";
ru = "phonetic";
ara = "buckwalter";
cop = "";
ave = "";
"in" = "san-kagapa";
il = "phonetic";
};
defaultLanguage = "de";
in { in {
# man 7 xkeyboard-config
services.xserver = { services.xserver = {
layout = "de"; layout = commaSep [ "de" "gr" "ru" ];
# T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png xkbVariant = commaSep [ "T3" "polytonic" "phonetic" ];
# buckwalter: http://www.qamus.org/transliteration.htm xkbOptions =
xkbVariant = "T3"; commaSep [ "compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle" ];
xkbOptions = commaSep xkbOptions;
libinput.enable = true; libinput.enable = true;
xkbDir = pkgs.symlinkJoin {
name = "x-keyboard-directory";
paths = [
"${pkgs.xkeyboard_config}/etc/X11/xkb"
(pkgs.linkFarm "custom-x-keyboards" [
{
name = "symbols/cop";
path = pkgs.fetchurl {
url = "http://www.moheb.de/download/cop";
sha256 = "1l0h6aq536hyinrh0i0ia355y229bjrlibii0sya5bmqh46vycia";
};
}
{
name = "symbols/ave";
path = pkgs.fetchurl {
url = "https://blog.simos.info/wp-content/uploads/2010/06/avestan.txt";
sha256 = "192zmmm3gxyhim39dsax7r87gsay2w5v2xkhwmvsfipjb60hwp5g";
};
}
])
];
};
}; };
console.keyMap = "de"; console.keyMap = "de";
environment.systemPackages =
lib.mapAttrsToList
(language: variant:
pkgs.writers.writeDashBin "kb-${language}" ''
${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage},${language} ${languages.${defaultLanguage}},${variant} ${toString (map (option: "-option ${option}") xkbOptions)}
'')
languages;
# improve held key rate # improve held key rate
services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50"; services.xserver.displayManager.sessionCommands =
"${pkgs.xorg.xset}/bin/xset r rate 300 50";
systemd.user.services.gxkb = {
wantedBy = ["graphical-session.target"];
serviceConfig = {
SyslogIdentifier = "gxkb";
ExecStart = "${pkgs.gxkb}/bin/gxkb";
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
} }

57
configs/khal.nix
View File

@@ -1,57 +1,24 @@
{ { config, pkgs, lib, ... }:
config, let
pkgs,
lib,
...
}: let
davHome = "~/.local/share/dav"; davHome = "~/.local/share/dav";
kmeinCloud = { kmeinCloud = {
davEndpoint = "https://cloud.xn--kiern-0qa.de/remote.php/dav"; davEndpoint = "https://cloud.xn--kiern-0qa.de/remote.php/dav";
username = "kieran"; username = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path; password = lib.fileContents <secrets/nextcloud/password>;
}; };
fysiCloud = { fysiCloud = {
davEndpoint = "https://nextcloud.fysi.dev/remote.php/dav"; davEndpoint = "https://nextcloud.fysi.dev/remote.php/dav";
username = "kmein"; username = "kmein";
passwordFile = config.age.secrets.nextcloud-password-fysi.path; password = lib.fileContents <secrets/nextcloud-fysi/password>;
}; };
in { in
age.secrets = { {
nextcloud-password-kieran = { environment.systemPackages = [ pkgs.khal pkgs.vdirsyncer pkgs.khard pkgs.todoman ];
file = ../secrets/nextcloud-password-kieran.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
nextcloud-password-fysi = {
file = ../secrets/nextcloud-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
environment.systemPackages = [
pkgs.khal
pkgs.vdirsyncer
pkgs.khard
pkgs.todoman
(pkgs.writers.writeDashBin "todo-procrastinate" ''
[ $# -eq 1 ] || {
echo "Usage: $0 TODO_ID" >&2
exit 1
}
todo_id=$1
new_timestamp=$(${pkgs.todoman}/bin/todo --porcelain show "$todo_id" | ${pkgs.jq}/bin/jq '.due + 24 * 60 * 60')
new_date=$(${pkgs.coreutils}/bin/date +"%Y-%m-%d %H:%M" -d "@$new_timestamp")
${pkgs.todoman}/bin/todo edit "$todo_id" --due "$new_date"
'')
];
systemd.user.services.vdirsyncer = { systemd.user.services.vdirsyncer = {
enable = true; enable = true;
wants = ["network-online.target"]; wants = [ "network-online.target" ];
wantedBy = ["default.target"]; wantedBy = [ "default.target" ];
startAt = "*:00/10"; startAt = "*:00/10";
script = '' script = ''
${pkgs.vdirsyncer}/bin/vdirsyncer sync ${pkgs.vdirsyncer}/bin/vdirsyncer sync
@@ -182,19 +149,19 @@ in {
type = "carddav" type = "carddav"
url = "${kmeinCloud.davEndpoint}/addressbooks/users/${kmeinCloud.username}/" url = "${kmeinCloud.davEndpoint}/addressbooks/users/${kmeinCloud.username}/"
username = "${kmeinCloud.username}" username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"] password = "${kmeinCloud.password}"
[storage kalender_cloud] [storage kalender_cloud]
type = "caldav" type = "caldav"
url = "${kmeinCloud.davEndpoint}/calendars/${kmeinCloud.username}/" url = "${kmeinCloud.davEndpoint}/calendars/${kmeinCloud.username}/"
username = "${kmeinCloud.username}" username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"] password = "${kmeinCloud.password}"
[storage fysi_cloud] [storage fysi_cloud]
type = "caldav" type = "caldav"
url = "${fysiCloud.davEndpoint}/calendars/${fysiCloud.username}/" url = "${fysiCloud.davEndpoint}/calendars/${fysiCloud.username}/"
username = "${fysiCloud.username}" username = "${fysiCloud.username}"
password.fetch = ["command", "cat", "${fysiCloud.passwordFile}"] password = "${fysiCloud.password}"
''; '';
}; };
}; };

14
configs/lb.nix
View File

@@ -1,11 +1,11 @@
{ lib, pkgs, ... }:
let
nixpkgs-unstable = import <nixpkgs-unstable> {};
in
{ {
lib,
pkgs,
...
}: {
systemd.services.lb-subscription = { systemd.services.lb-subscription = {
enable = true; enable = true;
wants = ["network-online.target"]; wants = [ "network-online.target" ];
startAt = "weekly"; startAt = "weekly";
serviceConfig = { serviceConfig = {
user = "kfm"; user = "kfm";
@@ -15,10 +15,10 @@
first_year=2019 first_year=2019
for year in $(${pkgs.coreutils}/bin/seq "$first_year" "$(date +%Y)"); do for year in $(${pkgs.coreutils}/bin/seq "$first_year" "$(date +%Y)"); do
${pkgs.curl}/bin/curl -sSL "https://www.literarische-blaetter.de/jahrgang-$year/" \ ${pkgs.curl}/bin/curl -sSL "https://www.literarische-blaetter.de/jahrgang-$year/" \
| ${pkgs.htmlq}/bin/htmlq --attribute href 'ul.slides a' \ | ${nixpkgs-unstable.htmlq}/bin/htmlq --attribute href 'ul.slides a' \
| while read -r month; do | while read -r month; do
${pkgs.curl}/bin/curl -sSL "$month" \ ${pkgs.curl}/bin/curl -sSL "$month" \
| ${pkgs.htmlq}/bin/htmlq --attribute src iframe \ | ${nixpkgs-unstable.htmlq}/bin/htmlq --attribute src iframe \
| ${pkgs.gnused}/bin/sed 's/.*?pdf=//;s/?wp-hosted.*//' | ${pkgs.gnused}/bin/sed 's/.*?pdf=//;s/?wp-hosted.*//'
done done
done | ${pkgs.findutils}/bin/xargs ${pkgs.wget}/bin/wget --no-clobber done | ${pkgs.findutils}/bin/xargs ${pkgs.wget}/bin/wget --no-clobber

19
configs/mastodon-bot.nix
View File

@@ -1,19 +0,0 @@
{pkgs, ...}: {
systemd.services.imaginary-illuminations = {
enable = false;
wants = ["network-online.target"];
serviceConfig = {
User = "kfm";
Group = "users";
WorkingDirectory = "/home/kfm/cloud/Seafile/Documents/Media/imaginary-illuminations";
Restart = "on-failure";
RestartSec = "15s";
};
startAt = "7:00";
script = ''
${pkgs.deno}/bin/deno run -A post.ts
'';
};
systemd.timers.imaginary-illuminations.timerConfig.RandomizedDelaySec = "14h";
}

56
configs/matterbridge.nix Normal file
View File

@@ -0,0 +1,56 @@
{ pkgs, lib, ... }:
{
nixpkgs.overlays = [
(self: super: {
matterbridge = (import (super.fetchFromGitHub {
owner = "NixOS";
repo = "nixpkgs";
rev = "e45d91ee65db293a172ec506759d1248e40c35f5";
sha256 = "03cjs5xcx09lw0djyrx2kfakw7gkg4iqmy9w25azai62im39l30k";
}) {}).matterbridge;
})
];
services.matterbridge = {
enable = true;
configPath =
let bridgeBotToken = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
in toString ((pkgs.formats.toml {}).generate "config.toml" {
general = {
RemoteNickFormat = "[{NICK}] ";
Charset = "utf-8";
};
telegram.kmein.Token = bridgeBotToken;
irc =
let Nick = "ponte";
in {
hackint = { Server = "irc.hackint.org:6697"; UseTLS = true; inherit Nick; };
};
mumble.lassulus = {
Server = "lassul.us:64738";
Nick = "krebs_bridge";
SkipTLSVerify = true;
};
gateway = [
{
name = "krebs-bridge";
enable = true;
inout = [
{
account = "irc.hackint";
channel = "#krebs";
}
{
account = "telegram.kmein";
channel = "-330372458";
}
{
account = "mumble.lassulus";
channel = 6; # "nixos"
}
];
}
];
});
};
}

41
configs/menstruation.nix Normal file
View File

@@ -0,0 +1,41 @@
{ pkgs, lib, ... }:
let
backend = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
telegram = pkgs.callPackage <niveum/submodules/menstruation-telegram> {};
backendPort = 8000;
in
{
containers.menstruation.autoStart = true;
containers.menstruation.config = { config, pkgs, ... }: {
services.redis.enable = true;
systemd.services.menstruation-telegram = {
wants = [
"network-online.target"
"menstruation-backend.service"
"redis.service"
];
wantedBy = [ "multi-user.target" ];
environment = {
MENSTRUATION_TOKEN = lib.strings.fileContents <system-secrets/telegram/menstruation.token>;
MENSTRUATION_ENDPOINT = "http://localhost:${toString backendPort}";
MENSTRUATION_MODERATORS = "18980945";
};
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${telegram}/bin/menstruation-telegram";
};
};
systemd.services.menstruation-backend = {
wants = [ "network-online.target" ];
environment.ROCKET_PORT = toString backendPort;
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${backend}/bin/menstruation_server";
};
};
};
}

19
configs/mime.nix
View File

@@ -7,20 +7,21 @@
"application/pdf" = "org.pwmt.zathura.desktop"; "application/pdf" = "org.pwmt.zathura.desktop";
"application/vnd.oasis.opendocument.text" = "writer.desktop"; "application/vnd.oasis.opendocument.text" = "writer.desktop";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = "writer.desktop"; "application/vnd.openxmlformats-officedocument.wordprocessingml.document" = "writer.desktop";
"image/jpeg" = "nsxiv.desktop"; "image/jpeg" = "sxiv.desktop";
"image/png" = "nsxiv.desktop"; "image/png" = "sxiv.desktop";
"image/vnd.djvu+multipage" = "org.pwmt.zathura.desktop"; "image/vnd.djvu+multipage" = "org.pwmt.zathura.desktop";
"text/html" = "firefox.desktop"; "text/html" = "brave-browser.desktop";
"text/markdown" = "nvim.desktop"; "text/markdown" = "nvim.desktop";
"text/plain" = "nvim.desktop"; "text/plain" = "nvim.desktop";
"x-scheme-handler/about" = "firefox.desktop"; "x-scheme-handler/about" = "brave-browser.desktop";
"x-scheme-handler/http" = "firefox.desktop"; "x-scheme-handler/http" = "brave-browser.desktop";
"x-scheme-handler/https" = "firefox.desktop"; "x-scheme-handler/https" = "brave-browser.desktop";
"x-scheme-handler/mailto" = "firefox.desktop"; "x-scheme-handler/mailto" = "brave-browser.desktop";
"x-scheme-handler/unknown" = "firefox.desktop"; "x-scheme-handler/unknown" = "brave-browser.desktop";
"x-scheme-handler/webcal" = "firefox.desktop"; "x-scheme-handler/webcal" = "brave-browser.desktop";
"inode/directory" = "pcmanfm.desktop"; "inode/directory" = "pcmanfm.desktop";
}; };
}; };
}; };
} }

85
configs/monitoring.nix
View File

@@ -1,85 +0,0 @@
{
config,
pkgs,
...
}: {
services.nginx.virtualHosts.default = {
locations."= /stub_status".extraConfig = "stub_status;";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
nginx.enable = false;
node = {
enable = true;
openFirewall = true;
enabledCollectors = [
"conntrack"
"diskstats"
"entropy"
"filefd"
"filesystem"
"loadavg"
"mdadm"
"meminfo"
"netdev"
"netstat"
"stat"
"time"
"vmstat"
"systemd"
"logind"
"interrupts"
"ksmd"
];
port = 9002;
};
};
};
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${
(pkgs.formats.yaml {}).generate "promtail.yaml" {
server = {
http_listen_port = 28183;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [
{
url = "http://${
if config.networking.hostName == "makanek"
then "127.0.0.1"
else "makanek.r"
}:3100/loki/api/v1/push";
}
];
scrape_configs = [
{
job_name = "journal";
journal = {
max_age = "12h";
labels.job = "systemd-journal";
labels.host = config.networking.hostName;
};
relabel_configs = [
{
source_labels = ["__journal__systemd_unit"];
target_label = "unit";
}
];
}
];
}
}
'';
};
};
}

4
systems/makanek/monitoring/blackbox.nix → configs/monitoring/blackbox.nix
View File

@@ -3,12 +3,12 @@
{ {
modules.http_2xx = { modules.http_2xx = {
http = { http = {
fail_if_not_ssl = false; fail_if_not_ssl = true;
ip_protocol_fallback = false; ip_protocol_fallback = false;
method = "GET"; method = "GET";
no_follow_redirects = false; no_follow_redirects = false;
preferred_ip_protocol = "ip4"; preferred_ip_protocol = "ip4";
valid_http_versions = ["HTTP/1.1" "HTTP/2.0"]; valid_http_versions = [ "HTTP/1.1" "HTTP/2.0" ];
tls_config.insecure_skip_verify = true; tls_config.insecure_skip_verify = true;
}; };
prober = "http"; prober = "http";

0
systems/makanek/monitoring/loki.nix → configs/monitoring/loki.nix
View File

229
configs/monitoring/pull.nix Normal file
View File

@@ -0,0 +1,229 @@
{ lib, config, pkgs, ... }:
let
lokiConfig = import ./loki.nix;
blackboxConfig = import ./blackbox.nix;
in
{
services.grafana = {
enable = true;
domain = "grafana.kmein.r";
port = 9444;
addr = "127.0.0.1";
};
services.nginx.virtualHosts.${config.services.grafana.domain} = {
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
proxyWebsockets = true;
};
};
services.prometheus.rules = let diskFreeThreshold = 10; in [(builtins.toJSON {
groups = [{
name = "niveum";
rules = [
{
alert = "ServiceDown";
expr = ''node_systemd_unit_state{state="failed"} == 1'';
annotations = {
summary = "{{$labels.job}}: Service {{$labels.name}} failed to start.";
};
}
{
alert = "RootPartitionFull";
for = "10m";
expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
annotations = {
summary = "{{ $labels.job }}: Filesystem is running out of space soon.";
description = ''The root disk of {{ $labels.job }} has {{ $value | printf "%.2f" }}% free disk space (threshold at ${toString diskFreeThreshold}%).'';
};
}
{
alert = "RootPartitionFullWeek";
for = "1h";
expr = ''node_filesystem_free_bytes{mountpoint="/"} ''
+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
annotations = {
summary = "{{$labels.job}}: Filesystem is running out of space in 7 days.";
};
}
{
alert = "HighLoad";
expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
for = "10m";
annotations = {
summary = "{{$labels.job}}: Running on high load: {{$value}}";
};
}
{
alert = "HighRAM";
expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
for = "1h";
annotations.summary = "{{$labels.job}}: Using lots of RAM.";
}
{
alert = "UptimeMonster";
expr = "time() - node_boot_time_seconds > 2592000";
annotations.summary = "{{$labels.job}}: up for more than 30 days.";
}
{
alert = "HostDown";
expr = ''up == 0'';
for = "5m";
annotations = {
summary = "Host {{ $labels.job }} down for 5 minutes.";
};
}
{
alert = "Reboot";
expr = "time() - node_boot_time_seconds < 300";
annotations.summary = "{{$labels.job}}: Reboot";
}
{
alert = "ProbeFailed";
expr = "probe_success == 0";
for = "5m";
annotations.summary = "{{$labels.instance}}: probe failed";
}
{
alert = "SlowProbe";
expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
for = "5m";
annotations.summary = "{{$labels.instance}}: HTTP probe slow";
}
{
alert = "HttpStatusCode";
expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
for = "5m";
annotations.summary = "{{$labels.instance}}: status code {{$value}}";
}
{
alert = "SslExpirySoon";
expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
for = "5m";
annotations.summary = "{{$labels.instance}}: SSL certificate expires in 30 days";
}
{
alert = "SslExpiry";
expr = "probe_ssl_earliest_cert_expiry - time() <= 0";
for = "5m";
annotations.summary = "{{$labels.instance}}: SSL certificate has expired";
}
];
}];
})];
systemd.services.alertmanager-bot-telegram =
let
alertmanager-bot-telegram = pkgs.buildGoModule rec {
pname = "alertmanager-bot";
version = "2020-07-13";
src = pkgs.fetchFromGitHub {
owner = "metalmatze";
repo = "alertmanager-bot";
rev = "5efc0bbbf8023d4324e9da98562f064a714a7206";
sha256 = "09cciml1j8x76jpm2v5v6h2q6j1fkhsz1kswslmx8wl4wk40xgp4";
};
vendorSha256 = "1v0fgin8dn81b559zz4lqmrl7hikr46g4gb18sci4riql5qs1isj";
postInstall = ''
install -D ./default.tmpl $out/templates/default.tmpl
'';
};
in {
wantedBy = [ "multi-user.target" ];
after = [ "ip-up.target" ];
environment.TELEGRAM_ADMIN = "18980945";
environment.TELEGRAM_TOKEN = lib.strings.fileContents <system-secrets/telegram/prometheus.token>;
serviceConfig = {
DynamicUser = true;
StateDirectory = "alertbot";
ExecStart = ''${alertmanager-bot-telegram}/bin/alertmanager-bot \
--alertmanager.url=http://localhost:9093 --log.level=info \
--store=bolt --bolt.path=/var/lib/alertbot/bot.db \
--listen.addr="0.0.0.0:16320" \
--template.paths=${pkgs.writeText "template.tmpl" ''
{{ define "telegram.default" }}
{{range .Alerts -}}
{{ if eq .Status "firing" }}
<b>{{ index .Annotations "summary"}}</b>
{{ index .Annotations "description" }}
See on Grafana: http://${config.services.grafana.domain}/d/alpUteInz/niveum
{{ else -}}
RESOLVED 😌 <del>{{ index .Annotations "summary"}}</del>
{{- end }}
{{end -}}
{{end}}
''}'';
};
};
services.prometheus.alertmanager = {
enable = true;
listenAddress = "localhost";
configuration = {
route = {
group_wait = "30s";
repeat_interval = "4h";
receiver = "me";
};
receivers = [{
name = "me";
webhook_configs = [{
url = "http://localhost:16320";
send_resolved = true;
}];
}];
};
};
services.prometheus.alertmanagers = [{
scheme = "http";
path_prefix = "/";
static_configs = [ { targets = [ "localhost:9093" ]; } ];
}];
services.prometheus.scrapeConfigs = [
{
job_name = "makanek";
static_configs = [ { targets = [
"127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
]; } ];
}
{
scrape_interval = "5m";
job_name = "blackbox";
metrics_path = "/probe";
params.module = [ "http_2xx" ];
relabel_configs = [
{ source_labels = ["__address__"]; target_label = "__param_target"; }
{ source_labels = ["__param_target"]; target_label = "instance"; }
{ replacement = "127.0.0.1:${toString config.services.prometheus.exporters.blackbox.port}"; target_label = "__address__"; }
];
static_configs = [{
targets = [
"alew.hu-berlin.de"
];
}];
}
{
job_name = "zaatar";
static_configs = [ { targets = [ "zaatar.r:${toString config.services.prometheus.exporters.node.port}" ]; } ];
}
];
services.prometheus.exporters.blackbox = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig;
};
networking.firewall.allowedTCPPorts = [
lokiConfig.server.http_listen_port
];
services.loki = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig;
};
}

75
configs/monitoring/push.nix Normal file
View File

@@ -0,0 +1,75 @@
{ config, pkgs, ... }:
{
services.nginx.virtualHosts.default = {
locations."= /stub_status".extraConfig = "stub_status;";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
nginx.enable = false;
node = {
enable = true;
enabledCollectors = [
"conntrack"
"diskstats"
"entropy"
"filefd"
"filesystem"
"loadavg"
"mdadm"
"meminfo"
"netdev"
"netstat"
"stat"
"time"
"vmstat"
"systemd"
"logind"
"interrupts"
"ksmd"
];
port = 9002;
};
};
};
networking.firewall.allowedTCPPorts = [ config.services.prometheus.exporters.node.port ];
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${pkgs.grafana-loki}/bin/promtail --config.file ${(pkgs.formats.yaml {}).generate "promtail.yaml" {
server = {
http_listen_port = 28183;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [
{ url = "http://${if config.networking.hostName == "makanek" then "127.0.0.1" else "makanek.r"}:3100/loki/api/v1/push"; }
];
scrape_configs = [
{
job_name = "journal";
journal = {
max_age = "12h";
labels.job = "systemd-journal";
labels.host = config.networking.hostName;
};
relabel_configs = [
{
source_labels = [ "__journal__systemd_unit" ];
target_label = "unit";
}
];
}
];
}}
'';
};
};
}

31
configs/moodle-dl/borsfaye.nix Normal file
View File

@@ -0,0 +1,31 @@
{ config, pkgs, lib, ... }:
let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old: old // {
patches = [ <niveum/packages/moodle-dl/telegram-format.patch> ];
});
in
{
containers.moodle-dl-borsfaye = {
autoStart = true;
config = { lib, pkgs, ...}: {
imports = [ <niveum/modules/moodle-dl.nix> ];
services.moodle-dl = {
enable = true;
startAt = "hourly";
package = moodle-dl-package;
notifyOnly = true;
settings = {
telegram = {
token = lib.strings.fileContents <system-secrets/telegram/moodle-dl.token>;
chat_id = "311425510";
send_error_msg = false;
};
token = lib.strings.fileContents <system-secrets/moodle-dl/faye.token>;
moodle_domain = "moodle.hu-berlin.de";
moodle_path = "/";
};
};
};
};
}

67
systems/zaatar/moodle-dl-meinhark.nix → configs/moodle-dl/meinhark.nix
View File

@@ -1,40 +1,23 @@
{ { config, pkgs, lib, ... }:
config, let
pkgs, moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old: old // {
lib, patches = [ <niveum/packages/moodle-dl/telegram-format.patch> ];
...
}: let
moodle-dl-package = pkgs.moodle-dl.overrideAttrs (old:
old
// {
patches = [../../packages/moodle-dl/telegram-format.patch];
}); });
in { in
age.secrets = { {
moodle-dl-tokens = { imports = [ <niveum/modules/moodle-dl.nix> ];
file = ../../secrets/zaatar-moodle-dl-tokens.json.age;
owner = "moodle-dl";
group = "moodle-dl";
mode = "400";
};
moodle-dl-basicAuth = {
file = ../../secrets/zaatar-moodle-dl-basicAuth.age;
owner = "nginx";
group = "nginx";
mode = "400";
};
};
services.moodle-dl = { services.moodle-dl = {
enable = true; enable = true;
startAt = "hourly"; startAt = "hourly";
package = moodle-dl-package; package = moodle-dl-package;
tokensFile = config.age.secrets.moodle-dl-tokens.path;
settings = { settings = {
telegram = { telegram = {
token = lib.strings.fileContents <system-secrets/telegram/moodle-dl.token>;
chat_id = "18980945"; chat_id = "18980945";
send_error_msg = false; send_error_msg = false;
}; };
token = lib.strings.fileContents <system-secrets/moodle.token>;
moodle_domain = "moodle.hu-berlin.de"; moodle_domain = "moodle.hu-berlin.de";
moodle_path = "/"; moodle_path = "/";
download_course_ids = [ download_course_ids = [
@@ -81,20 +64,6 @@ in {
108283 # Digital Classicist 108283 # Digital Classicist
109211 # Altlitauisch 109211 # Altlitauisch
109185 # Etymologie 109185 # Etymologie
# SS 2022
112606 # Avestisch
111761 # Griechische Wissenschaftsliteratur
111515 # H. Furens
110914 # Apostelgeschichte
112225 # Gr. Paläographie
113275 # ALEW
112783 # Akzent und Silbenstruktur
113493 # Papyrologie
# WS 2022
115414 # Nonnos
116108 # Dialektologie
]; ];
download_submissions = true; download_submissions = true;
download_descriptions = true; download_descriptions = true;
@@ -108,15 +77,17 @@ in {
fileSystems."/export/moodle" = { fileSystems."/export/moodle" = {
device = config.services.moodle-dl.directory; device = config.services.moodle-dl.directory;
options = ["bind"]; options = [ "bind" ];
}; };
networking.firewall.allowedTCPPorts = [2049]; networking.firewall.allowedTCPPorts = [ 2049 ];
services.nginx.enable = true; services.nginx.virtualHosts."moodle.kmein.r" =
let
services.nginx.virtualHosts."moodle.kmein.r" = { identity = lib.strings.fileContents <secrets/eduroam/identity>;
basicAuthFile = config.age.secrets.moodle-dl-basicAuth.path; password = lib.strings.fileContents <secrets/eduroam/password>;
in {
basicAuth."${identity}" = password;
locations."/" = { locations."/" = {
root = config.services.moodle-dl.directory; root = config.services.moodle-dl.directory;
extraConfig = '' extraConfig = ''
@@ -128,9 +99,7 @@ in {
services.nfs.server = { services.nfs.server = {
enable = true; enable = true;
exports = let exports = let machines = with (import <niveum/lib>).retiolumAddresses; [kabsa manakish]; in ''
machines = with (import ../../lib).retiolumAddresses; [kabsa manakish];
in ''
/export ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(fsid=0)") machines} /export ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(fsid=0)") machines}
/export/moodle ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(insecure,rw)") machines} /export/moodle ${lib.concatMapStringsSep " " (machine: "${machine.ipv4}(insecure,rw)") machines}
''; '';

24
configs/mpv.nix
View File

@@ -1,29 +1,14 @@
{ { pkgs, lib, ... }: let
pkgs, swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
lib,
config,
niveumPackages,
...
}: let
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
in { in {
environment.shellAliases.smpv = swallow "mpv"; environment.shellAliases.smpv = swallow "mpv";
nixpkgs.overlays = [
(self: super: {
mpv = config.home-manager.users.me.programs.mpv.finalPackage;
})
];
home-manager.users.me = { home-manager.users.me = {
programs.mpv = { programs.mpv = {
enable = true; enable = true;
config = { config = {
ytdl-format = "bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best"; ytdl-raw-options = lib.concatStringsSep "," [ ''sub-lang="de,en"'' "write-sub=" "write-auto-sub=" ];
ytdl-raw-options = lib.concatStringsSep "," [''sub-lang="de,en"'' "write-sub=" "write-auto-sub="];
screenshot-template = "%F-%wH%wM%wS-%#04n"; screenshot-template = "%F-%wH%wM%wS-%#04n";
script-opts = "ytdl_hook-ytdl_path=${pkgs.yt-dlp}/bin/yt-dlp";
ao = "pulse"; # no pipewire for me :(
}; };
bindings = { bindings = {
"Alt+RIGHT" = "add video-rotate 90"; "Alt+RIGHT" = "add video-rotate 90";
@@ -36,8 +21,7 @@ in {
"Alt+j" = "add video-pan-y -0.05"; "Alt+j" = "add video-pan-y -0.05";
}; };
scripts = [ scripts = [
pkgs.mpvScripts.youtube-quality pkgs.unstable.mpvScripts.youtube-quality
niveumPackages.mpv-visualizer
]; ];
}; };
}; };

38
configs/names.nix Normal file
View File

@@ -0,0 +1,38 @@
{ pkgs, lib, ... }:
let
port = 5703;
geogen = (pkgs.fetchFromGitHub {
owner = "kmein";
repo = "scripts";
rev = "8945430f27a8c6fd632dd35382cb094abe3543ff";
sha256 = "1djyxkynypxsrmdf6idgjszqpcgqyq607rrsvl58p2bpymmwibzb";
}) + "/onomastics";
inherit (pkgs.callPackage geogen {}) dependencyEnv;
in
{
systemd.services.names = {
wants = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
description = "Better clone of geogen.stoepel.net";
serviceConfig = {
DynamicUser = true;
};
script = ''
cd $(mktemp -d)
ln -s "${geogen}/wsgi.py" wsgi.py
${dependencyEnv}/bin/gunicorn wsgi:app -b :${toString port}
'';
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."names.kmein.r" = {
locations."/".proxyPass = "http://127.0.0.1:${toString port}";
};
}

10
configs/nano.nix Normal file
View File

@@ -0,0 +1,10 @@
{
programs.nano.nanorc = ''
set autoindent
set boldtext
set morespace
set smarthome
set tabsize 4
set tabstospaces
'';
}

248
configs/neomutt.nix Normal file
View File

@@ -0,0 +1,248 @@
{ pkgs, lib, ... }:
let
mainMailbox = "posteo";
accounts.uni = {
user = "meinhark";
password = lib.strings.fileContents <secrets/eduroam/password>;
address = "kieran.felix.meinhardt@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.uni-old = {
user = "meinhark";
password = lib.strings.fileContents <secrets/eduroam/password>;
address = "meinhark@informatik.hu-berlin.de";
imap = "mailbox.informatik.hu-berlin.de";
smtp = "mailhost.informatik.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.work-uni = {
user = "meinhaki";
password = lib.strings.fileContents <secrets/mail/meinhaki>;
address = "kieran.meinhardt@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.work-fysi = rec {
user = "kieran@fysi.tech";
address = user;
password = lib.strings.fileContents <secrets/mail/fastmail>;
imap = "imap.fastmail.com";
smtp = "smtp.fastmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.cock = rec {
user = "2210@cock.li";
address = user;
password = lib.strings.fileContents <secrets/mail/cock>;
imap = "mail.cock.li";
smtp = imap;
smtpSettings = smtp: "smtp://${smtp}:587";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts."${mainMailbox}" = rec {
user = "kieran.meinhardt@posteo.net";
address = user;
password = lib.strings.fileContents <secrets/mail/posteo>;
imap = "posteo.de";
smtp = imap;
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
accounts.google-amro = rec {
user = "amroplay@gmail.com";
address = user;
password = lib.strings.fileContents <secrets/mail/gmail/amroplay>;
imap = "imap.gmail.com";
smtp = "smtp.gmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "[Gmail]/Drafts";
sent = "[Gmail]/Sent Mail";
trash = "[Gmail]/Bin";
};
};
accounts.google-kieran = rec {
user = "kieran.meinhardt@gmail.com";
address = user;
password = lib.strings.fileContents <secrets/mail/gmail/kieran.meinhardt>;
imap = "imap.gmail.com";
smtp = "smtp.gmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "[Gmail]/Entwürfe";
sent = "[Gmail]/Gesendet";
trash = "[Gmail]/Papierkorb";
};
};
in
{
environment.systemPackages = [ pkgs.neomutt ];
environment.shellAliases.mua = "${pkgs.neomutt}/bin/neomutt -f ${mainMailbox}";
home-manager.users.me.xdg.configFile."neomutt/neomuttrc".text = ''
set mailcap_path = ${pkgs.writeText "mailcap" ''
text/plain; $EDITOR %s ;
text/html; ${pkgs.lynx}/bin/lynx -assume_charset=%{charset} -display_charset=utf-8 -dump %s; nametemplate=%s.html; copiousoutput;
image/*; ${pkgs.sxiv}/bin/sxiv %s ;
video/*; ${pkgs.utillinux}/bin/setsid ${pkgs.mpv}/bin/mpv --quiet %s &; copiousoutput
audio/*; ${pkgs.mpv}/bin/mpv %s ;
application/pdf; ${pkgs.zathura}/bin/zathura %s ;
application/pgp-encrypted; ${pkgs.gnupg}/bin/gpg -d '%s'; copiousoutput;
application/pgp-keys; ${pkgs.gnupg}/bin/gpg --import '%s'; copiousoutput;
''}:$mailcap_path
set sidebar_visible
set sidebar_format = "%D%?F? [%F]?%* %?N?%N/?%S"
set sidebar_width = 25 # Plenty of space
set sidebar_divider_char = '' # Pretty line-drawing character
set mail_check_stats
set index_format="%2C %Z %D %-15.15L %s"
set date_format="%F %R"
set sort = 'reverse-date'
set sleep_time = 0 # Pause 0 seconds for informational messages
set markers = no # Disables the `+` displayed at line wraps
set mark_old = no # Unread mail stay unread until read
set wait_key = no # mutt won't ask "press key to continue"
set fast_reply # skip to compose when replying
set forward_format = "Fwd: %s" # format of subject when forwarding
set reverse_name # reply as whomever it was to
set include=ask-no # don't include message in replies
auto_view text/html # automatically show html (mailcap uses lynx)
auto_view application/pgp-encrypted
alternative_order text/plain text/enriched text/html
set abort_noattach abort_noattach_regex="\<(attach|attached|attachments?|anbei|Anhang|angehängt)\>"
set attach_save_dir=/tmp
set fast_reply
set narrow_tree # narrow threads for more depth
bind index,pager B sidebar-toggle-visible # Use 'B' to switch the Sidebar on and off
bind index,pager \Ck sidebar-prev
bind index,pager \Cj sidebar-next
bind index,pager \Co sidebar-open
bind index,pager \Cp sidebar-prev-new
bind index,pager \Cn sidebar-next-new
macro index * <limit>~F\r
macro index + <limit>all\r
set query_command = "khard email --parsable %s"
bind editor <Tab> complete-query
bind editor ^T complete
set mail_check = 90
set timeout = 15
# set imap_check_subscribed
set use_from
set header_cache="~/.cache/mutt" message_cachedir="~/.cache/mutt"
source ${pkgs.writeText "accounts.neomuttrc" ''
set realname = "Kierán Meinhardt"
account-hook . 'unset imap_user imap_pass smtp_user smtp_pass'
# set accordingly: postponed trash record
${lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: let imapRoot = "imaps://${account.user}@${account.imap}"; in ''
account-hook ${account.user}@${account.imap} 'set imap_user="${account.user}" imap_pass="${account.password}"'
account-hook ${account.user}@${account.smtp} 'set smtp_user="${account.user}" smtp_pass="${account.password}"'
folder-hook ${account.user}@${account.imap} 'set smtp_url="${account.smtpSettings "${account.user}@${account.smtp}"}" from="${account.address}" record="${imapRoot}/${account.folders.sent}" postponed="${imapRoot}/${account.folders.drafts}" trash="${imapRoot}/${account.folders.trash}"'
named-mailboxes "${name}" "${imapRoot}" "${name}" "${imapRoot}/${account.folders.sent}"
'') accounts)}
''}
set spoolfile="${mainMailbox}"
source ${pkgs.writeText "colors.neomuttrc" ''
# Default index colors:
color index_number blue default
color index red default '.*'
color index_flags lightcyan default '.*'
color index_author yellow default '.*'
color index_subject lightblack default '.*'
# New mail is boldened:
color index_author lightyellow black "~N"
color index_subject lightwhite black "~N"
# Flagged mail is highlighted:
color index_flags lightmagenta default '~F'
# Other colors and aesthetic settings:
mono bold bold
mono underline underline
mono error bold
mono indicator reverse
# color sidebar_flagged red black
mono sidebar_new bold
color error red default
color message cyan default
color search brightmagenta default
color hdrdefault lightblack default
color quoted green default
color quoted1 blue default
color quoted2 cyan default
color quoted3 yellow default
color quoted4 red default
color quoted5 brightred default
color signature lightblack default
color tree color235 default
# Regex highlighting:
color header red default "^(Date)"
color header yellow default "^(From)"
color header white default "^(B?CC)"
color header brightwhite default "^(Subject)"
color body cyan default "[\-\.+_a-zA-Z0-9]+@[\-\.a-zA-Z0-9]+" # Email addresses
color body brightblue default "(https?|ftp)://[\-\.,/%~_:?&=\#a-zA-Z0-9]+" # URL
color body yellow default "^(\t| )*(-|\\*) \.*" # List items as yellow
color body red default "(BAD signature)|^gpg: BAD signature from.*"
color body brightgreen default "(Good signature)|^gpg: Good signature .*"
color body brightyellow default "^gpg: "
mono body bold "^gpg: Good signature"
mono body bold "^gpg: BAD signature from.*"
color body red default "([a-z][a-z0-9+-]*://(((([a-z0-9_.!~*'();:&=+$,-]|%[0-9a-f][0-9a-f])*@)?((([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?|[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+)(:[0-9]+)?)|([a-z0-9_.!~*'()$,;:@&=+-]|%[0-9a-f][0-9a-f])+)(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?(#([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?|(www|ftp)\\.(([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?(:[0-9]+)?(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?(#([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?)[^].,:;!)? \t\r\n<>\"]"
''}
'';
}

59
configs/neovim.nix
View File

@@ -1,22 +1,28 @@
{ { pkgs, ... }: {
pkgs,
niveumPackages,
...
}: {
environment.variables.EDITOR = pkgs.lib.mkForce "nvim"; environment.variables.EDITOR = pkgs.lib.mkForce "nvim";
environment.shellAliases.vi = "nvim"; environment.shellAliases.vi = "nvim";
environment.shellAliases.vim = "nvim"; environment.shellAliases.vim = "nvim";
environment.shellAliases.view = "nvim -R"; environment.shellAliases.view = "nvim -R";
nixpkgs.config.packageOverrides = pkgs: {
vimPlugins = pkgs.vimPlugins // {
cheat-sh-vim = pkgs.callPackage <niveum/packages/vimPlugins/cheat-sh.nix> { };
vim-fetch = pkgs.callPackage <niveum/packages/vimPlugins/vim-fetch.nix> { };
vim-colors-paramount = pkgs.callPackage <niveum/packages/vimPlugins/vim-colors-paramount.nix> { };
vim-256noir = pkgs.callPackage <niveum/packages/vimPlugins/vim-256noir.nix> { };
icalendar-vim = pkgs.callPackage <niveum/packages/vimPlugins/icalendar-vim.nix> { };
jq-vim = pkgs.callPackage <niveum/packages/vimPlugins/jq-vim.nix> { };
vim-fsharp = pkgs.callPackage <niveum/packages/vimPlugins/vim-fsharp.nix> { };
vim-reason-plus = pkgs.callPackage <niveum/packages/vimPlugins/vim-reason-plus.nix> { };
vim-mail = pkgs.callPackage <niveum/packages/vimPlugins/vim-mail.nix> { };
};
};
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'') (pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
(pkgs.neovim.override { (pkgs.neovim.override {
configure = { configure = {
customRC = '' customRC = builtins.readFile <niveum/lib/vim/init.vim>;
source ${../lib/vim/init.vim}
luafile ${../lib/vim/init.lua}
'';
packages.nvim = with pkgs.vimPlugins; { packages.nvim = with pkgs.vimPlugins; {
start = [ start = [
ale ale
@@ -25,46 +31,41 @@
supertab supertab
undotree undotree
tabular tabular
# vimwiki vimwiki
niveumPackages.vimPlugins-vim-colors-paramount vim-colors-paramount
nvim-lspconfig
vim-commentary vim-commentary
vim-css-color vim-css-color
vim-eunuch vim-eunuch
niveumPackages.vimPlugins-vim-fetch vim-fetch
vim-fugitive vim-fugitive
vim-gitgutter vim-gitgutter
vim-repeat vim-repeat
vim-sensible vim-sensible
vim-surround vim-surround
(pkgs.vimUtils.buildVimPlugin rec {
pname = "vim-dim";
version = "1.1.0";
name = "${pname}-${version}";
src = pkgs.fetchFromGitHub {
owner = "jeffkreeftmeijer";
repo = pname;
rev = version;
sha256 = "sha256-lyTZUgqUEEJRrzGo1FD8/t8KBioPrtB3MmGvPeEVI/g=";
};
})
]; ];
opt = [ opt = [
csv csv
dhall-vim
elm-vim elm-vim
emmet-vim emmet-vim
haskell-vim haskell-vim
niveumPackages.vimPlugins-icalendar-vim icalendar-vim
niveumPackages.vimPlugins-jq-vim idris-vim
nim-vim
jq-vim
purescript-vim
rust-vim rust-vim
typescript-vim typescript-vim
vim-fsharp
vim-javascript vim-javascript
vim-ledger vim-ledger
vim-nix vim-nix
vim-reason-plus
vim-toml
vimtex vimtex
vim-pandoc vim-pandoc
vim-pandoc-syntax vim-pandoc-syntax # vim-pandoc-after
niveumPackages.vimPlugins-vim-256noir vim-256noir
]; ];
}; };
}; };

66
configs/networkmanager.nix
View File

@@ -1,10 +1,6 @@
{ { lib, pkgs, ... }:
lib, let
pkgs, profile = name: custom: lib.recursiveUpdate {
...
}: let
profile = name: custom:
lib.recursiveUpdate {
connection.id = name; connection.id = name;
connection.type = "wifi"; connection.type = "wifi";
connection.interface-name = "wlp3s0"; connection.interface-name = "wlp3s0";
@@ -18,8 +14,7 @@
ipv6.dns-search = ""; ipv6.dns-search = "";
ipv6.method = "auto"; ipv6.method = "auto";
proxy = {}; proxy = {};
} } custom;
custom;
eduroamProfile = { eduroamProfile = {
connection.uuid = "eae9fee6-a7d2-4120-a609-440b457d6fcf"; connection.uuid = "eae9fee6-a7d2-4120-a609-440b457d6fcf";
wifi-security = { wifi-security = {
@@ -41,26 +36,51 @@
phase2-auth = "pap"; phase2-auth = "pap";
}; };
}; };
in { in
programs.nm-applet.enable = true; {
imports = [ ../modules/networkmanager-declarative.nix ];
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
plugins = [
pkgs.networkmanager-openvpn
pkgs.networkmanager-fortisslvpn
];
wifi.macAddress = "random"; wifi.macAddress = "random";
ethernet.macAddress = "random"; ethernet.macAddress = "random";
unmanaged = ["docker*"]; unmanaged = [ "docker*" ];
profiles = lib.mapAttrs profile {
Aether = {
connection.uuid = "7138bb0f-1aeb-4905-890e-a6628427aa21";
ipv6.addr-gen-mode = "stable";
wifi.cloned-mac-address = "stable";
wifi-security = {
psk = lib.strings.fileContents <secrets/wifi/Aether.psk>;
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
FactoryCommunityGuest = {
connection.uuid = "fb1f2e52-651e-48b5-a72c-1accddf31afb";
connection.timestamp = "1631885129";
wifi.seen-bssids = "54:EC:2F:19:30:DC;54:EC:2F:19:5C:9C;54:EC:2F:58:E4:3C;";
wifi-security = {
psk = "Factory4ever";
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
o2-WLAN66 = {
connection.uuid = "c563aec3-f344-4ffb-8d1c-60a6cdac8fe0";
wifi-security = {
psk = "PK3468KV488T934U";
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
"WIFI@DB".connection.uuid = "4eff4e94-8850-4e9f-a338-1787d0d90479";
eduroam = eduroamProfile;
eduroam_5GHz = eduroamProfile;
};
}; };
users.users.me.extraGroups = ["networkmanager"]; users.users.me.extraGroups = [ "networkmanager" ];
environment.systemPackages = [ environment.systemPackages = [ pkgs.speedtest-cli ];
pkgs.speedtest-cli
pkgs.networkmanager-openvpn
pkgs.networkmanagerapplet
pkgs.networkmanager-fortisslvpn
];
} }

83
configs/newsboat.nix
View File

@@ -1,40 +1,15 @@
{ { pkgs, config, ... }:
pkgs, let
config,
lib,
...
}: let
ytdl-format = "'bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best'"; ytdl-format = "'bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best'";
youtube-download = "${pkgs.ts}/bin/ts ${pkgs.yt-dlp}/bin/yt-dlp -f ${ytdl-format} --add-metadata"; youtube-download = "${pkgs.ts}/bin/ts ${pkgs.youtube-dl}/bin/youtube-dl -f ${ytdl-format} --add-metadata";
newsboat-home = "${config.users.users.me.home}/cloud/Seafile/Documents/newsboat"; newsboat-home =
linkhandler = pkgs.writers.writeDash "linkhandler" '' "${config.users.users.me.home}/cloud/Seafile/Documents/newsboat";
# Feed script a url or file location. linkhandler-bin = "${pkgs.scripts.linkhandler}/bin/linkhandler";
# If an image, it will view in sxiv,
# if a video or gif, it will view in mpv
# if a music file or pdf, it will download,
# otherwise it opens link in browser.
# If no url given. Opens browser. For using script as $BROWSER.
[ -z "$1" ] && { "$BROWSER"; exit; }
case "$1" in
*mkv|*webm|*mp4|*youtube.com/watch*|*youtube.com/playlist*|*youtu.be*|*bitchute.com*|*videos.lukesmith.xyz*|*odysee.com*)
setsid -f ${pkgs.mpv}/bin/mpv -quiet "$1" >/dev/null 2>&1 ;;
*png|*jpg|*jpe|*jpeg|*gif)
curl -sL "$1" > "/tmp/$(echo "$1" | sed "s/.*\///")" && sxiv -a "/tmp/$(echo "$1" | sed "s/.*\///")" >/dev/null 2>&1 & ;;
*mp3|*flac|*opus|*mp3?source*)
setsid -f tsp curl -LO "$1" >/dev/null 2>&1 ;;
*)
if [ -f "$1" ]; then "$TERMINAL" -e "$EDITOR" "$1"
else setsid -f "$BROWSER" "$1" >/dev/null 2>&1; fi ;;
esac
'';
newsboat-config = pkgs.writeText "config" '' newsboat-config = pkgs.writeText "config" ''
auto-reload no auto-reload no
reload-threads 8
prepopulate-query-feeds yes prepopulate-query-feeds yes
# dont keep a search history # dont keep a search history
@@ -44,12 +19,12 @@
text-width 85 text-width 85
external-url-viewer "${pkgs.urlscan}/bin/urlscan -dc -r '${linkhandler} {}'" external-url-viewer "${pkgs.urlscan}/bin/urlscan -dc -r '${linkhandler-bin} {}'"
browser ${linkhandler} browser ${linkhandler-bin}
macro , open-in-browser macro , open-in-browser
macro c set browser "${pkgs.xsel}/bin/xsel -b <<<" ; open-in-browser ; set browser ${linkhandler} macro c set browser "${pkgs.xsel}/bin/xsel -b <<<" ; open-in-browser ; set browser ${linkhandler-bin}
macro v set browser "${pkgs.util-linux}/bin/setsid -f ${pkgs.mpv}/bin/mpv" ; open-in-browser ; set browser ${linkhandler} macro v set browser "${pkgs.utillinux}/bin/setsid -f ${pkgs.mpv}/bin/mpv" ; open-in-browser ; set browser ${linkhandler-bin}
macro y set browser "${youtube-download}" ; open-in-browser ; set browser ${linkhandler} macro y set browser "${youtube-download}" ; open-in-browser ; set browser ${linkhandler-bin}
bind-key j down bind-key j down
bind-key k up bind-key k up
@@ -73,7 +48,7 @@
save-path ${newsboat-home}/saved/ save-path ${newsboat-home}/saved/
highlight all "---.*---" yellow default highlight all "---.*---" yellow default
# highlight feedlist ".*(0/0))" default default highlight feedlist ".*(0/0))" black default
highlight article "^Title:.*" yellow default bold highlight article "^Title:.*" yellow default bold
highlight article "^Author:.*" yellow default highlight article "^Author:.*" yellow default
highlight article "^Flags:.*" red default highlight article "^Flags:.*" red default
@@ -81,37 +56,25 @@
highlight article "\\[image [0-9][0-9]*\\]" color109 default bold highlight article "\\[image [0-9][0-9]*\\]" color109 default bold
highlight article "\\[embedded flash: [0-9][0-9]*\\]" color66 default bold highlight article "\\[embedded flash: [0-9][0-9]*\\]" color66 default bold
color background white default
color listnormal white default
color listnormal_unread white default bold
color listfocus blue default color listfocus blue default
color listfocus_unread blue default bold color listfocus_unread blue default bold
color info red default bold color info red default bold
color article white default
urls-source "miniflux"
miniflux-url "https://feed.kmein.de"
miniflux-login "kfm"
miniflux-password "${lib.strings.fileContents <secrets/miniflux/password>}"
''; '';
newsboat-sql = "${pkgs.sqlite}/bin/sqlite3 ${newsboat-home}/cache.db";
in { in {
nixpkgs.config.packageOverrides = pkgs: {
newsboat = pkgs.writers.writeDashBin "newsboat" ''
${pkgs.newsboat}/bin/newsboat -C ${newsboat-config} -c ${newsboat-home}/cache.db -u ${newsboat-home}/urls "$@"
'';
};
environment.systemPackages = [ environment.systemPackages = [
pkgs.newsboat pkgs.newsboat
(pkgs.writers.writeDashBin "newsboat-unread-count" ''
if [ -f ${newsboat-home}/cache.db.lock ]; then
${pkgs.jq}/bin/jq -n '{state: "Info", text: "", icon: "rss"}'
else
${pkgs.jq}/bin/jq -n \
--argjson unread "$(${newsboat-sql} "SELECT COUNT(DISTINCT id) FROM rss_item WHERE unread=1")" \
--argjson watchLater "$(${newsboat-sql} "SELECT COUNT(DISTINCT id) FROM rss_item WHERE flags='e' AND deleted=0")" \
'{
state: (if $unread > 0 then "Good" else "Idle" end),
text: (if $unread > 0 then "\($unread)" else "[\($watchLater)]" end),
icon: "rss"
}'
fi
'')
(pkgs.writers.writeDashBin "mpv-watch-later" '' (pkgs.writers.writeDashBin "mpv-watch-later" ''
${newsboat-sql} "SELECT url FROM rss_item WHERE flags='e' AND deleted=0 ORDER BY pubDate DESC" \ ${pkgs.sqlite}/bin/sqlite3 ${newsboat-home}/cache.db "SELECT url FROM rss_item WHERE flags='e' AND deleted=0 ORDER BY pubDate DESC" \
| ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv
'') '')
]; ];

56
configs/nextcloud.nix Normal file
View File

@@ -0,0 +1,56 @@
{ pkgs, lib, ... }:
let
passwordFile = path: toString (pkgs.writeText "password" (lib.strings.fileContents path));
inherit (import <niveum/lib>) localAddresses;
in
{
services.nextcloud = {
enable = true;
package = pkgs.nextcloud22;
https = true;
autoUpdateApps = {
enable = true;
startAt = "05:00:00";
};
hostName = "cloud.xn--kiern-0qa.de";
config = {
overwriteProtocol = "https";
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud";
dbpassFile = passwordFile <system-secrets/nextcloud/database>;
adminpassFile = passwordFile <system-secrets/nextcloud/admin>;
adminuser = "admin";
# extraTrustedDomains = [ "toum.r" ];
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{
name = "nextcloud";
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
}
];
};
services.nginx.virtualHosts."cloud.xn--kiern-0qa.de" = {
enableACME = true;
forceSSL = true;
};
# Ensure that postgres is running before running the setup
systemd.services."nextcloud-setup" = {
requires = ["postgresql.service"];
after = ["postgresql.service"];
};
}

9
configs/nix.nix
View File

@@ -1,9 +0,0 @@
{pkgs, ...}: {
nixpkgs = {
config.allowUnfree = true;
};
nix = {
package = pkgs.nixFlakes;
extraOptions = "experimental-features = nix-command flakes";
};
}

9
configs/openweathermap.nix
View File

@@ -1,8 +1,5 @@
{ { pkgs, lib, ... }:
pkgs, let
lib,
...
}: let
openweathermap-repo = pkgs.fetchFromGitHub { openweathermap-repo = pkgs.fetchFromGitHub {
owner = "ip1981"; owner = "ip1981";
repo = "openweathermap"; repo = "openweathermap";
@@ -18,5 +15,5 @@ in {
''; '';
}; };
environment.systemPackages = [pkgs.weather]; environment.systemPackages = [ pkgs.weather ];
} }

289
configs/packages.nix
View File

@@ -1,289 +0,0 @@
{
config,
pkgs,
lib,
inputs,
niveumPackages,
...
}: let
worldradio = pkgs.callPackage ../packages/worldradio.nix {};
zoteroStyle = {
name,
sha256,
}: {
name = "${name}.csl";
path = pkgs.fetchurl {
url = "https://www.zotero.org/styles/${name}";
inherit sha256;
};
};
cslDirectory = pkgs.linkFarm "citation-styles" [
(zoteroStyle {
name = "chicago-author-date-de";
sha256 = "sha256-ddMYk4A9DJQhx9ldkmF7PhwKuc7wUSr26uHHGAze9Ps=";
})
(zoteroStyle {
name = "din-1505-2";
sha256 = "sha256-bXZbB850fek8J6wMVFL32ndI7F4wiKKr1qUC71ezreE=";
})
(zoteroStyle {
name = "apa";
sha256 = "sha256-yq4fW6hQknycLjaj5fPbXLrQlGBp5myXiOSHBU90jEc=";
})
];
astrolog = pkgs.astrolog.overrideAttrs (old:
old
// {
installPhase = ''
${old.installPhase}
# set sensible defaults
sed -i '
/^-z /s/8:00W/1:00E/ # timezone
/^-zl /s/122W19:59 47N36:35/13E22:42 52N27:42/ # default location
/^-zj /s/"Current moment now"/Now/ # default name
/^-zj /s/"Seattle, WA, USA"/Berlin/ # default location
/^_k/s/_k/=k/ # use color
/^_Yd/s/_Yd/=Yd/ # sensible date format
/^_Yt/s/_Yt/=Yt/ # sensible time format
/^_Yv/s/_Yv/=Yv/ # sensible length format
/^:Xbw/s/:Xbw/:Xbn/ # set X11 bitmap format
/^:I /s/80/120/ # wider text output
' $out/astrolog/astrolog.as
'';
});
in {
home-manager.users.me.home.file = {
".csl".source = cslDirectory;
".local/share/pandoc/csl".source = cslDirectory; # as of pandoc 2.11, it includes citeproc
};
environment.systemPackages = with pkgs; [
# INTERNET
aria2
firefox
tdesktop
w3m
wget
whois
dnsutils
# FILE MANAGERS
lf
cinnamon.nemo
# MEDIA
ffmpeg
imagemagick
exiftool
nsxiv
# ARCHIVE TOOLS
unzip
unrar
p7zip
zip
# MONITORS
htop
iotop # I/O load monitor
iftop # interface bandwidth monitor
lsof # list open files
psmisc # for killall, pstree
# SHELL
bat # better cat
fd # better find
file # determine file type
dos2unix
genpass # generate passwords
gdu # ncurses disk usage (ncdu is broken)
rmlint # remove duplicate files
python3Packages.jsonschema # json validation
jq # json toolkit
pup # html toolkit
htmlq
xsv # csv toolkit
fq # toolkit for yaml, xml and binaries
man-pages
man-pages-posix
tree
exfat # to mount windows drives
parallel # for parallel, since moreutils shadows task spooler
ripgrep # better grep
rlwrap
progress # display progress bars for pipes
# HARDWARE TOOLS
usbutils # for lsusb
pciutils # for lspci
lshw # for lshw
arandr # xrandr for noobs
libnotify # for notify-send
xclip # clipboard CLI
xdragon # drag and drop
xorg.xkill # kill by clicking
audacity
calibre
electrum
inkscape
astrolog
anki-bin # flashcards
jbofihe # lojbanic software
zoom-us # video conferencing
alejandra # nix formatter
pdfgrep # search in pdf
pdftk # pdf toolkit
mupdf
poppler_utils # pdf toolkit
okular # the word is nucular
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
niveumPackages.hc # print files as qr codes
yt-dlp
espeak
bc # calculator
pari # gp -- better calculator
rink # unit converter
niveumPackages.auc
niveumPackages.cheat-sh
niveumPackages.infschmv
niveumPackages.qrpaste
niveumPackages.ttspaste
niveumPackages.new-mac # get a new mac address
niveumPackages.scanned
niveumPackages.default-gateway
niveumPackages.kirciuoklis
niveumPackages.image-convert-favicon
niveumPackages.heuretes
niveumPackages.ipa # XSAMPA to IPA converter
niveumPackages.pls
niveumPackages.mpv-tv
niveumPackages.devanagari
niveumPackages.betacode # ancient greek betacode to unicode converter
niveumPackages.meteo
niveumPackages.mahlzeit
niveumPackages.vimv
niveumPackages.swallow # window swallowing
niveumPackages.literature-quote
jless # less(1) for json
niveumPackages.booksplit
niveumPackages.dmenu-randr
niveumPackages.dmenu-bluetooth
niveumPackages.manual-sort
niveumPackages.dns-sledgehammer
ts
niveumPackages.vg
niveumPackages.fkill
niveumPackages.wttr
niveumPackages.unicodmenu
niveumPackages.closest
niveumPackages.trans
(niveumPackages.mpv-radio.override {
di-fm-key-file = config.age.secrets.di-fm-key.path;
})
# kmein.slide
termdown
niveumPackages.image-convert-tolino
niveumPackages.rfc
niveumPackages.tag
niveumPackages.timer
niveumPackages.menu-calc
nix-prefetch-git
niveumPackages.nix-git
nixfmt
par
qrencode
inputs.menstruation-backend.defaultPackage.x86_64-linux
inputs.agenix.packages.x86_64-linux.default
inputs.recht.defaultPackage.x86_64-linux
(pkgs.writers.writeDashBin "worldradio" ''
shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
'')
(pkgs.writers.writeDashBin "chats" ''
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
inputs.scripts.packages.x86_64-linux.alarm
spotify
ncspot
playerctl
nix-index
niveumPackages.nix-index-update
#krebs
niveumPackages.dic
niveumPackages.cyberlocker-tools
niveumPackages.untilport
niveumPackages.kpaste
config.nur.repos.mic92.ircsink
(python3.withPackages (py: [
py.black
# py.python-language-server
# py.pyls-mypy
# py.pyls-black
# py.pyls-isort
py.flake8
py.pygments
py.schema
]))
# python3Packages.poetry
# language servers
pyright
haskell-language-server
texlab
nil
rust-analyzer
html-tidy
nodePackages.csslint
nodePackages.jsonlint
nodePackages.prettier
nodePackages.typescript
nodePackages.yarn
deno # better node.js
nodejs
nodePackages.javascript-typescript-langserver
texlive.combined.scheme-full
latexrun
(aspellWithDicts (dict: [dict.de dict.en dict.en-computers]))
# haskellPackages.pandoc-citeproc
niveumPackages.text2pdf
lowdown
glow # markdown to term
libreoffice
# gnumeric
dia
pandoc
niveumPackages.man-pandoc
# proselint
asciidoctor
wordnet
tokei # count lines of code
gnumake
binutils # for strip, ld, ...
# nightly.rust
shellcheck
(pkgs.writers.writeDashBin "hass-cli" ''
HASS_SERVER=http://zaatar.r:8123 HASS_TOKEN="$(cat ${config.age.secrets.home-assistant-token.path})" exec ${pkgs.home-assistant-cli}/bin/hass-cli "$@"
'')
];
age.secrets.home-assistant-token = {
file = ../secrets/home-assistant-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
home-manager.users.me.xdg.configFile."pycodestyle".text = ''
[pycodestyle]
max-line-length = 110
'';
}

227
configs/packages/default.nix Normal file
View File

@@ -0,0 +1,227 @@
{ pkgs, lib, ... }:
let
hc = pkgs.callPackage <stockholm/tv/5pkgs/simple/hc.nix> {};
worldradio = pkgs.callPackage <niveum/packages/worldradio.nix> {};
menstruation = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
nixpkgs-unstable = import <nixpkgs-unstable> { config.allowUnfree = true; };
astrolog = nixpkgs-unstable.astrolog.overrideAttrs (old: old // {
installPhase = ''
${old.installPhase}
# set sensible defaults
sed -i '
/^-z /s/8:00W/1:00E/ # timezone
/^-zl /s/122W19:59 47N36:35/13E22:42 52N27:42/ # default location
/^-zj /s/"Current moment now"/Now/ # default name
/^-zj /s/"Seattle, WA, USA"/Berlin/ # default location
/^_k/s/_k/=k/ # use color
/^_Yd/s/_Yd/=Yd/ # sensible date format
/^_Yt/s/_Yt/=Yt/ # sensible time format
/^_Yv/s/_Yv/=Yv/ # sensible length format
/^:Xbw/s/:Xbw/:Xbn/ # set X11 bitmap format
/^:I /s/80/120/ # wider text output
' $out/astrolog/astrolog.as
'';
});
recht = pkgs.callPackage (pkgs.fetchFromGitHub {
owner = "kmein";
repo = "recht";
rev = "0.6.2";
sha256 = "08gnrnz3lwh8h6fyga56yfy9qryzm89xbshm7wpxfyxf2pmp1qfx";
}) {};
in {
imports = [
./writing.nix
./python.nix
./haskell
{
environment.systemPackages = let
# nightly = pkgs.rustChannelOf {
# date = "2019-12-27";
# channel = "nightly";
# };
in with pkgs; [
htmlTidy
nodePackages.csslint
nodePackages.jsonlint
nodePackages.prettier
nodePackages.typescript
nodePackages.yarn
nodejs
nodePackages.javascript-typescript-langserver
tokei # count lines of code
gnumake
binutils # for strip, ld, ...
# nightly.rust
shellcheck
];
}
];
environment.systemPackages = with pkgs; [
# INTERNET
aria2
firefox
tdesktop
w3m
wget
whois
ix
dnsutils
# mtr # my traceroute
# FILE MANAGERS
ranger
pcmanfm
# MEDIA
ffmpeg
imagemagick
exiftool
scrot
# ARCHIVE TOOLS
unzip
unrar
p7zip
zip
# MONITORS
htop
iotop # I/O load monitor
iftop # interface bandwidth monitor
lsof # list open files
psmisc # for killall, pstree
# SHELL
bat # better cat
fd # better find
file # determine file type
dos2unix
ncdu # ncurses disk usage
python3Packages.jsonschema # json validation
jq # json toolkit
pup # html toolkit
nixpkgs-unstable.htmlq
xsv # csv toolkit
xmlstarlet # xml toolkit
manpages
posix_man_pages
# moreutils # for parallel, sponge, combine
tree
fuse_exfat # to mount windows drives
parallel # for parallel, since moreutils shadows task spooler
ripgrep # better grep
rlwrap
progress # display progress bars for pipes
up # universal plumber (piping tool)
# HARDWARE TOOLS
usbutils # for lsusb
pciutils # for lspci
lshw # for lshw
arandr # xrandr for noobs
libnotify # for notify-send
xclip # clipboard CLI
dragon-drop # drag and drop
xorg.xkill # kill by clicking
audacity
calibre
inkscape
astrolog # astrolog
anki # flashcards
nixpkgs-unstable.zoom-us # video conferencing
pdfgrep # search in pdf
pdftk # pdf toolkit
poppler_utils # pdf toolkit
foxitreader # for viewing pdf annotations
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
hc # print files as qr codes
youtubeDL
bc # calculator
pari # gp -- better calculator
scripts.auc
scripts.infschmv
scripts.qrpaste
scripts.new-mac # get a new mac address
scripts.scanned
scripts.default-gateway
scripts.showkeys-toggle
scripts.kirciuoklis
scripts.favicon
scripts.ipa # XSAMPA to IPA converter
scripts.playlist
scripts.mpv-tv
scripts.devanagari
scripts.betacode # ancient greek betacode to unicode converter
scripts.meteo
scripts.mahlzeit
recht
scripts.vimv
scripts.swallow # window swallowing
scripts.genius
scripts.instaget
scripts.literature-quote
scripts.nav # json navigation
scripts.n
scripts.notetags
scripts.booksplit
scripts.dmenurandr
scripts.interdimensional-cable
scripts.dmenubluetooth
scripts.manual-sort
scripts.much-scripts
scripts.dns-sledgehammer
ts
scripts.vg
scripts.fkill
scripts.wttr
scripts.sanskrit-dictionary
scripts.unicodmenu
scripts.horoscope
scripts.closest
scripts.trans
scripts.liddel-scott-jones
scripts.mpv-radio
# kmein.slide
scripts.tolino-screensaver
scripts.rfc
scripts.tag
scripts.menu-calc
nix-prefetch-git
scripts.nix-git
nixfmt
par
qrencode
wtf
menstruation
(pkgs.writers.writeDashBin "worldradio" ''
shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
'')
(pkgs.writers.writeDashBin "chats" ''
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import <niveum/lib/local-network.nix>).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import <niveum/lib/local-network.nix>).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
nixpkgs-unstable.spotify
ncspot
playerctl
nix-index
scripts.nix-index-update
#krebs
dic
cyberlocker-tools
untilport
kpaste
irc-announce
git-preview
ircaids
];
}

46
configs/packages/haskell/default.nix Normal file
View File

@@ -0,0 +1,46 @@
{ config, pkgs, ... }: {
home-manager.users.me.home.file = {
".ghc/ghci.conf".text = ''
:set editor vim
:def hoogle \s -> return $ ":!${pkgs.haskellPackages.hoogle}/bin/hoogle search --color -l --count=15 \"" ++ s ++ "\""
:def doc \s -> return $ ":!${pkgs.haskellPackages.hoogle}/bin/hoogle search --color -l --info \"" ++ s ++ "\""
:set prompt "\o033[1m%s\o033[1;34m λ\o033[0m "
:set -Wall
:set -XOverloadedStrings
'';
# :def unpl \x -> return $ ":!${pkgs.haskellPackages.pointful}/bin/pointful \"" ++ x ++ "\""
# :def pl \x -> return $ ":!${pkgs.haskellPackages.pointfree}/bin/pointfree -v \"" ++ x ++ "\""
".stack/config.yaml".source =
let inherit (import <niveum/lib>) kieran;
in (pkgs.formats.yaml {}).generate "config.yaml" {
templates.params = {
author-name = kieran.name;
author-email = kieran.email;
copyright = "Copyright: (c) 2020 ${kieran.name}";
github-username = kieran.github;
};
};
};
services.hoogle = {
enable = false;
packages = import ./packages.nix;
port = 8091;
};
environment.systemPackages = with pkgs;
[
cabal2nix
cabal-install
hlint
haskellPackages.ormolu
(haskellPackages.ghcWithHoogle (import ./packages.nix))
] ++ map haskell.lib.justStaticExecutables [
haskellPackages.ghcid
haskellPackages.hasktags
# haskellPackages.hindent
# haskellPackages.pointfree
# haskellPackages.pointful
haskellPackages.hpack
];
}

100
configs/packages/haskell/packages.nix Normal file
View File

@@ -0,0 +1,100 @@
haskellPackages:
with haskellPackages; [
HTTP
HUnit
MissingH
QuickCheck
ad
adjunctions
aeson
# algebra
ansi-terminal
async
attoparsec
base-orphans
bifunctors
binary
blaze-html
blaze-markup
brick
bytes
bytestring
case-insensitive
cassava
cereal
clock
comonad
comonad-transformers
conduit
conduit-extra
constraints
containers
contravariant
criterion
data-default
diagrams
directory
dlist
either
edit-distance
exceptions
extra
filepath
foundation
free
haskeline
hedgehog
hourglass
hspec
http-client
http-conduit
kan-extensions
lens
linear
lucid
megaparsec
microlens
monad-logger
monad-memo
mono-traversable
mtl
network
parallel
parsec
persistent
pipes
pointed
pretty
pretty-show
prettyprinter
primitive
process
profunctors
regex-tdfa
safe
scalpel
semigroupoids
semigroups
servant
servant-blaze
servant-client
servant-docs
servant-server
servant-swagger
split
stm
tagsoup
tasty
text
time
transformers
turtle
unix-time
unordered-containers
vector
void
vty
warp
wreq
yaml
]

20
configs/packages/python.nix Normal file
View File

@@ -0,0 +1,20 @@
{ pkgs, ... }: {
environment.systemPackages = [
(pkgs.python3.withPackages (py: [
py.black
# py.python-language-server
# py.pyls-mypy
# py.pyls-black
# py.pyls-isort
py.flake8
py.pygments
py.schema
]))
pkgs.python3Packages.poetry
];
home-manager.users.me.xdg.configFile."pycodestyle".text = ''
[pycodestyle]
max-line-length = 110
'';
}

81
configs/packages/writing.nix Normal file
View File

@@ -0,0 +1,81 @@
{ pkgs, lib, config, ... }:
let
pandoc-doc = pkgs.callPackage <niveum/packages/man/pandoc.nix> {};
zoteroStyle = { name, sha256 }: {
name = "${name}.csl";
path = pkgs.fetchurl {
url = "https://www.zotero.org/styles/${name}";
inherit sha256;
};
};
cslDirectory = pkgs.linkFarm "citation-styles" [
(zoteroStyle {
name = "chicago-author-date-de";
sha256 = "0fz0xn46rkciblr34a7x2v60j0lbq9l3fmzi43iphph27m0czn6s";
})
(zoteroStyle {
name = "din-1505-2";
sha256 = "1pvy1b7qm13mnph7z365rrz1j082bl2y8ih73rhzd0zd6dz1jyjq";
})
(zoteroStyle {
name = "apa";
sha256 = "1878vxp0y0h05yzaghnd51n981623mxskw3lsdyzmffqhihvv111";
})
];
makeStardictDataDir = dicts:
pkgs.linkFarm "dictionaries" (map ({ name, path }: {
name = "dic/${name}";
inherit path;
}) dicts);
in {
environment.variables.STARDICT_DATA_DIR = toString (makeStardictDataDir [
{
name = "gr-de";
path = pkgs.fetchurl {
url = "http://tovotu.de/data/stardict/pape_gr-de.zip";
sha256 = "1d705y47b40vp0mg79vbwasw4y0i8fmnlwvf4x4ri0dkfqng9sky";
};
}
{
name = "la-de";
path = pkgs.fetchurl {
url = "http://tovotu.de/data/stardict/georges_lat-de.zip";
sha256 = "12n26nzwg28wn4zwv45mv0wkgy1jh1d8p0k6haamz9601cqq7hkj";
};
}
{
name = "de-la";
path = pkgs.fetchurl {
url = "http://tovotu.de/data/stardict/georges_de-lat.zip";
sha256 = "0inm6xn1lcnb851cj329n0v2vbfc1z1bxwhgsd8fnm0zxy3f3ifq";
};
}
]);
home-manager.users.me.home.file = {
".csl".source = cslDirectory;
".local/share/pandoc/csl".source = cslDirectory; # as of pandoc 2.11, it includes citeproc
};
environment.systemPackages = with pkgs; [
texlive.combined.scheme-full
latexrun
(aspellWithDicts (dict: [ dict.de dict.en dict.en-computers ]))
# haskellPackages.pandoc-citeproc
scripts.text2pdf
lowdown
glow # markdown to term
libreoffice
# gnumeric
dia
pandoc
pandoc-doc
# proselint
asciidoctor
wordnet
# sdcv # stardict cli
];
}

25
configs/picom.nix
View File

@@ -1,25 +0,0 @@
{
services.picom = {
enable = true;
activeOpacity = 1;
fade = true;
fadeDelta = 1;
inactiveOpacity = 0.9;
shadow = true;
menuOpacity = 0.9;
shadowOpacity = 0.3;
fadeExclude = [
"class_g = 'slock'" # don't want a transparent lock screen!
"name *?= 'slock'"
"focused = 1"
];
opacityRules = [
# opacity-rule overrides both inactive and active opacity
# video in browser tabs
# substring /regex match of title bar text
"99:name *?= 'Youtube'"
"99:WM_CLASS@:s *= 'mpv$'"
];
};
}

11
configs/polkit.nix
View File

@@ -1,11 +0,0 @@
{config, ...}: let
user = config.users.users.me.name;
in {
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (subject.user == "${user}" && action.id == "org.freedesktop.systemd1.manage-units") {
return polkit.Result.YES;
}
});
'';
}

18
configs/power-action.nix
View File

@@ -1,17 +1,17 @@
{ { pkgs, config, ... }:
pkgs, let
config,
...
}: let
suspend = pkgs.writers.writeDash "suspend" "${pkgs.systemd}/bin/systemctl suspend"; suspend = pkgs.writers.writeDash "suspend" "${pkgs.systemd}/bin/systemctl suspend";
in { in
services.power-action = { {
imports = [ <stockholm/krebs/3modules/power-action.nix> ];
krebs.power-action = {
enable = true; enable = true;
plans.suspend = { plans.suspend = {
upperLimit = 7; upperLimit = 7;
lowerLimit = 0; lowerLimit = 0;
charging = false; charging = false;
action = pkgs.writers.writeDash "suspend-wrapper" '' action = pkgs.writeDash "suspend-wrapper" ''
/run/wrappers/bin/sudo ${suspend} /run/wrappers/bin/sudo ${suspend}
''; '';
}; };
@@ -19,6 +19,6 @@ in {
}; };
security.sudo.extraConfig = '' security.sudo.extraConfig = ''
${config.services.power-action.user} ALL= (root) NOPASSWD: ${suspend} ${config.krebs.power-action.user} ALL= (root) NOPASSWD: ${suspend}
''; '';
} }

30
configs/printing.nix
View File

@@ -1,21 +1,19 @@
{pkgs, ...}: let { pkgs, ... }:
let
inherit (import ../lib) localAddresses; inherit (import ../lib) localAddresses;
hp-driver = pkgs.hplip; hp-driver = pkgs.hplipWithPlugin;
in { in {
services.printing = { services.printing = {
enable = true; enable = true;
drivers = [hp-driver]; drivers = [ hp-driver ];
}; };
environment.systemPackages = [ hardware.sane = {
pkgs.system-config-printer enable = true;
]; extraBackends = [ hp-driver ];
};
# allow connecting to .local printers hardware.printers.ensurePrinters = [{
services.avahi.nssmdns = true;
hardware.printers.ensurePrinters = [
{
name = "OfficeJet"; name = "OfficeJet";
location = "Zimmer"; location = "Zimmer";
deviceUri = "https://${localAddresses.officejet}"; deviceUri = "https://${localAddresses.officejet}";
@@ -27,11 +25,9 @@ in {
OutputMode = "Normal"; OutputMode = "Normal";
ColorModel = "KGray"; # RGB CMYGray KGray ColorModel = "KGray"; # RGB CMYGray KGray
}; };
} }];
];
} }
/*
HP/hp-officejet_4650_series.ppd.gz
drv:///hp/hpcups.drv/hp-officejet_4650_series.ppd
*/
/* HP/hp-officejet_4650_series.ppd.gz
drv:///hp/hpcups.drv/hp-officejet_4650_series.ppd
*/

212
configs/radio/default.nix Normal file
View File

@@ -0,0 +1,212 @@
{ lib, pkgs, config, ... }:
let
inherit (import <niveum/lib>) tmpfilesConfig serveHtml;
radioStore = "/var/lib/radio";
htgenPort = 8080;
stations = {
lyrikline = {
streamPort = 8001;
mpdPort = 6601;
description = ''
Weltklang. Welt als ewiges Gedicht, das seine Schallspuren durch Raum und Zeit jagt. Endlose Zufallswiedergabe von <a href="//lyrikline.org">lyrikline</a>. Listen to the sound of voices and poems permeating linguistic and geographic barriers, 24 hours per day.
'';
};
lyrik = {
streamPort = 8002;
mpdPort = 6602;
description = ''
Deutsche Lyrik, die du noch nicht gut genug kennst. Tritt in einen Fluss aus Reim und Maß; keine zwei Mal ist er derselbe.
'';
};
};
mpd-add-with-tags = pkgs.writers.writeHaskell "mpd-add-with-tags" {
libraries = with pkgs.haskellPackages; [ optparse-generic libmpd ];
} ''
{-# LANGUAGE DeriveGeneric, OverloadedStrings #-}
import Control.Monad (void)
import Data.String
import Network.MPD
import Options.Generic
data Options = Options { url :: String, artist :: Maybe String, title :: Maybe String }
deriving (Generic)
instance ParseRecord Options
main :: IO ()
main = do
options <- getRecord "Add to MPD with tags"
void $ withMPD $ do
songId <- addId (fromString $ url options) Nothing
maybe (pure ()) (addTagId songId Artist . fromString) $ artist options
maybe (pure ()) (addTagId songId Title . fromString) $ title options
'';
mpcs = lib.mapAttrs (name: station: pkgs.writers.writeDashBin "mpc-${name}" ''
MPD_PORT=${toString station.mpdPort} ${pkgs.mpc_cli}/bin/mpc "$@"
'') stations;
in
{
imports = [ <stockholm/krebs/3modules/htgen.nix> ];
nixpkgs.overlays = [
(self: super: { htgen = super.callPackage <stockholm/krebs/5pkgs/simple/htgen> {}; })
];
systemd.tmpfiles.rules = [
(tmpfilesConfig {
type = "d";
path = radioStore;
mode = "0755";
user = config.users.extraUsers.radio.name;
age = "1d";
})
];
users.extraUsers.radio = {
isSystemUser = true;
group = "radio";
};
users.groups.radio = {};
krebs.htgen.radio = {
port = htgenPort;
user.name = "radio";
script = ''. ${pkgs.writers.writeDash "meinskript" ''
send200() {
printf 'HTTP/1.1 200 OK\r\n'
printf 'Content-Type: text/html; charset=UTF-8\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
}
case "$Method $Request_URI" in
"GET /lyrik/status")
send200
video_id="$(
${mpcs.lyrik}/bin/mpc-lyrik status -f %file% \
| head -n1 \
| grep -o 'id=[^&]*' \
| sed 's/^id=//g'
)"
${pkgs.youtube-dl}/bin/youtube-dl -j "https://www.youtube.com/watch?v=$video_id" \
| ${pkgs.jq}/bin/jq -r '"% [\(.title)](\(.webpage_url))\n\n\(.description)"' \
| sed 's/$/ /g' \
| ${pkgs.pandoc}/bin/pandoc -s
exit
;;
"GET /lyrikline/status")
send200
hash="$(
${mpcs.lyrikline}/bin/mpc-lyrikline status -f '%file%' \
| head -n 1 \
| md5sum \
| cut -d' ' -f 1
)"
url="$(cat ${radioStore}/$hash)"
echo "<html><body style='margin:0'><iframe style='width:100%;height:100%;border:0' src="$url"></iframe></body></html>"
exit
;;
esac
''}'';
};
containers = lib.mapAttrs (name: station: {
autoStart = true;
config = {config, pkgs, ...}: {
services.mpd = {
enable = true;
network.port = station.mpdPort;
extraConfig = ''
log_level "default"
audio_output {
name "${name}"
type "httpd"
encoder "vorbis"
port "${toString station.streamPort}"
bitrate "128"
format "44100:16:2"
always_on "yes"
tags "yes"
}
'';
};
};
}) stations;
environment.systemPackages = lib.attrValues mpcs;
systemd.services.lyrikline = {
after = [ "container@lyrikline.service" ];
wantedBy = [ "container@lyrikline.service" ];
startAt = "*:00/5";
serviceConfig.User = config.users.extraUsers.radio.name;
preStart = "${mpcs.lyrikline}/bin/mpc-lyrikline crop || :";
script = ''
set -efu
lyrikline=https://www.lyrikline.org
for _ in $(seq 1 10); do
random_route="$(${pkgs.curl}/bin/curl -sSL "$lyrikline/index.php/tools/getrandompoem" --data-raw 'lang=de' --compressed | ${pkgs.jq}/bin/jq -r .link)"
poem_url="$lyrikline$random_route"
poem_file="$(
${pkgs.curl}/bin/curl -sSL "$poem_url" \
| grep -o 'https://.*\.mp3' \
| head -n1
)"
hash="$(echo "$poem_file" | md5sum | cut -d' ' -f 1)"
echo "$poem_file ($hash) -> $poem_url"
echo "$poem_url" > "${radioStore}/$hash"
${mpcs.lyrikline}/bin/mpc-lyrikline add "$poem_file"
done
${mpcs.lyrikline}/bin/mpc-lyrikline play
'';
};
systemd.services.lyrik = {
after = [ "container@lyrik.service" ];
wantedBy = [ "container@lyrik.service" ];
preStart = "${mpcs.lyrik}/bin/mpc-lyrik crop || :";
restartIfChanged = true;
serviceConfig.User = config.users.extraUsers.radio.name;
script =
let
invidious = "https://invidious.silkky.cloud";
videoIds = import <niveum/lib/hot-rotation/lyrik.nix>;
streams = lib.concatMapStringsSep "\n" (id: "${invidious}/latest_version?id=${id}&itag=251") videoIds;
streamsFile = pkgs.writeText "hotrot" streams;
in ''
set -efu
${mpcs.lyrik}/bin/mpc-lyrik add < ${toString streamsFile}
${mpcs.lyrik}/bin/mpc-lyrik crossfade 5
${mpcs.lyrik}/bin/mpc-lyrik random on
${mpcs.lyrik}/bin/mpc-lyrik repeat on
${mpcs.lyrik}/bin/mpc-lyrik play
'';
};
services.nginx.virtualHosts."radio.kmein.de" = {
enableACME = true;
forceSSL = true;
locations = lib.mkMerge (
[
{ "/".extraConfig = serveHtml (import ./station-list.nix { inherit pkgs lib stations; }) pkgs; }
] ++ (lib.mapAttrsToList (name: station: {
"= /${name}/status".proxyPass = "http://127.0.0.1:${toString htgenPort}";
"= /${name}/listen.ogg".proxyPass = "http://127.0.0.1:${toString station.streamPort}";
"= /${name}.ogg".return = "301 http://radio.xn--kiern-0qa.de/${name}/listen.ogg"; # legacy
}) stations)
);
};
}

43
configs/radio/station-list.nix Normal file
View File

@@ -0,0 +1,43 @@
{ pkgs, lib, stations }:
let
theStations = lib.mapAttrsToList (name: value: value // {name = name;}) stations;
in
pkgs.writeText "index.html" ''
<!doctype html>
<html>
<head>
<title>radio.kierán</title>
<link
rel="stylesheet"
href="//cdn.rawgit.com/necolas/normalize.css/master/normalize.css"
/>
<link
rel="stylesheet"
href="https://cdnjs.cloudflare.com/ajax/libs/bulma/0.9.2/css/bulma.min.css"
/>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<meta charset="utf-8" />
</head>
<body>
<main class="section">
<div class="subtitle is-3">Welcome to</div>
<h1 class="title is-1">radio.kierán</h1>
<div class="columns is-multiline">
${lib.concatMapStringsSep "\n" (station: ''
<div class="column">
<div class="box">
<strong class="is-uppercase">${station.name}</strong>
(<a href="/${station.name}/status">status</a>, <a href="/${station.name}/listen.ogg">link</a>)
<p class="has-text-grey">${station.description}</p>
<hr/>
<audio style="width:100%" controls src="/${station.name}/listen.ogg"/>
</div>
</div>'') theStations
}
</div>
</main>
</body>
</html>
''

Some files were not shown because too many files have changed in this diff Show More