kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-23 21:21:08 +01:00
Code Releases Activity

Compare commits

base: kfm:feature/specus
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:bc51c93740caa0b841f0d679610b5c87ccaaf21d
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

1 Commits
feature/sp ... bc51c93740

Author SHA1 Message Date
github-actions[bot]
bc51c93740 flake.lock: Update 
Flake lock file updates:

• Updated input 'home-manager':
    'github:nix-community/home-manager/8675cfa549e1240c9d2abb1c878bc427eefcf926' (2022-08-12)
  → 'github:nix-community/home-manager/688e5c85b7537f308b82167c8eb4ecfb70a49861' (2022-08-15)
• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/5c211b47aeadcc178c5320afd4e74c7eed5c389f' (2022-08-12)
  → 'github:NixOS/nixpkgs/00e376e3f3c22d991052dfeaf154c42b09deeb29' (2022-08-19)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/c4a0efdd5a728e20791b8d8d2f26f90ac228ee8d' (2022-08-12)
  → 'github:NixOS/nixpkgs/495b19d5b3e62b4ec7e846bdfb6ef3d9c3b83492' (2022-08-19)
• Updated input 'scripts':
    'github:kmein/scripts/d5a38cf84e3f528641b1b10d9f33cf8bfcd5a52a' (2022-07-21)
  → 'github:kmein/scripts/688e141047e831a7e5f58dd24e00de51a3cb2345' (2022-08-16)
• Updated input 'stockholm':
    'git+https://cgit.lassul.us/stockholm?ref=refs%2fheads%2fmaster&rev=7ce87f5fdb602de7638b2df237e891e6038907ac' (2022-08-10)
  → 'git+https://cgit.lassul.us/stockholm?ref=refs%2fheads%2fmaster&rev=9ae4a08ccc07964decc51fb1e92bc35d49e4691c' (2022-08-16)
 2022-08-21 00:57:46 +00:00
262 changed files with 4297 additions and 6726 deletions
Expand all files Collapse all files

19
.bin/calendars.sh
View File

@@ -1,19 +0,0 @@
#!/bin/sh
directory="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$directory"
}
year=$(date +%Y)
output=/tmp/$year.pdf
for month in $(seq 1 12); do
printf "\r%d" "$month" 1>&2
astrolog -zN Berlin -qm "$month" "$year" -X -K -XA -Xr -Xm -Xb -Xo "$(printf "%s/%02d.bmp" "$directory" "$month")" -Xw 1080 720 2>/dev/null
done
printf "\r"
convert "$directory/*.bmp" "$output"
echo "$output"

43
.bin/dummy-alert
View File

@@ -1,43 +0,0 @@
#!/bin/bash
name=$RANDOM
url='http://localhost:9093/api/v1/alerts'
echo "firing up alert $name"
# change url o
curl -XPOST $url -d "[{
\"status\": \"firing\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""
echo "press enter to resolve alert"
read
echo "sending resolve"
curl -XPOST $url -d "[{
\"status\": \"resolved\",
\"labels\": {
\"alertname\": \"$name\",
\"service\": \"my-service\",
\"severity\":\"warning\",
\"instance\": \"$name.example.net\"
},
\"annotations\": {
\"summary\": \"High latency is high!\"
},
\"generatorURL\": \"http://prometheus.int.example.net/<generating_expression>\"
}]"
echo ""

5
.bin/json2csv.jq
View File

@@ -1,5 +0,0 @@
#!/usr/bin/env -S jq -r -f
(map(keys) | add | unique) as $cols
| map(. as $row | $cols | map($row[.])) as $rows
| $cols, $rows[]
| @csv

65
.bin/prospekte.sh
View File

@@ -1,65 +0,0 @@
#!/bin/sh
lidl() {
echo LIDL
curl -sSL 'https://endpoints.lidl-flyer.com/v3/region-overview/lidl/de-DE/0.json' \
| jq -r '
.categories
| map(select(.name == "Filial-Angebote") | .subcategories | map(.flyers))
| flatten
| flatten
| .[]
| .pdfUrl
'
}
aldi_nord() {
echo ALDI nord
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-aktuell/GetPDF.ashx'
echo 'https://magazine.aldi-nord.de/aldi-nord/aldi-vorschau/GetPDF.ashx'
}
rewe_berlin() {(
store_id=662366923
publisher_id=1062
echo REWE
curl -sSL 'https://www.bonialserviceswidget.de/de/stores/'$store_id'/brochures?storeId='$store_id'&publisherId='$publisher_id | while read -r brochure_id; do
curl -sSL 'https://www.bonialserviceswidget.de/de/v5/brochureDetails/'"$brochure_id"'?publisherId='$publisher_id | jq -r .pdfUrl
done
)}
kaufland() {(
region_code=8920
echo KAUFLAND
curl -sSL https://filiale.kaufland.de/prospekte.html | htmlq --attribute href '.flyer a' | grep -Eo 'DE_de_KDZ[^/]*' | sed "s/_3000_/_${region_code}_/" | while read -r flyer_id; do
curl -sSL "https://endpoints.leaflets.kaufland.com/v3/$flyer_id/flyer.json?regionCode=$region_code" | jq -r .flyer.pdfUrl
done
)}
netto_schwarz() {
echo 'NETTO (schwarz)'
curl -sSL 'https://squid-api.tjek.com/v2/catalogs?dealer_ids=90f2VL&order_by=created' \
| jq -r '.[] | .id' \
| while read -r flyer_id; do
curl -sSL "https://squid-api.tjek.com/v2/catalogs/$flyer_id/download" \
| jq -r .pdf_url
done
}
dir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$dir"
}
prospekt_url="$( (
lidl
aldi_nord
rewe_berlin
kaufland
netto_schwarz
) | fzf)"
curl -sSL "$prospekt_url" -o "$dir/prospekt.pdf"
zathura "$dir/prospekt.pdf"

16
.bin/screencap.sh
View File

@@ -1,16 +0,0 @@
#! /usr/bin/env nix-shell
#! nix-shell -i sh -p coreutils byzanz xorg.xwininfo gnused
# shellcheck shell=sh
# ref https://gist.github.com/aforemny/0994cb7f06ea30d56c8b9681ff5d2054
set -eux
eval "$(xwininfo | \
sed -n -e 's/^ \+Absolute upper-left X: \+\([0-9]\+\).*/x=\1/p' \
-e 's/^ \+Absolute upper-left Y: \+\([0-9]\+\).*/y=\1/p' \
-e 's/^ \+Width: \+\([0-9]\+\).*/w=\1/p' \
-e 's/^ \+Height: \+\([0-9]\+\).*/h=\1/p')"
trap "pkill -f 'sleep 360d'" INT
byzanz-record -e "sleep 360d" -c -x $x -y $y -w $w -h $h "$@"

50
.bin/toposort.nix
View File

@@ -1,50 +0,0 @@
let
lib = import <nixpkgs/lib>;
in rec {
inherit lib;
input = [
{
x = ["pool" "zfs"];
y = ["mdadm" "raid1"];
}
{
x = ["pool" "zfs"];
y = ["disk" "sda"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdb"];
}
{
x = ["mdadm" "raid1"];
y = ["disk" "sdc"];
}
];
outNodes = node: graph:
lib.unique
(builtins.map (e: e.y)
(builtins.filter (v: v.x == node) graph));
vertices = graph:
lib.unique
(builtins.map (x: x.y) graph ++ builtins.map (x: x.x) graph);
deleteVertex = node: graph: (builtins.filter (v: v.x != node && v.y != node) graph);
findSink = graph:
lib.findFirst
(v: outNodes v graph == [])
(lib.trace graph (builtins.abort "No sink found"))
(vertices graph);
topSort = graph:
if graph == []
then []
else if builtins.length graph == 1
then let only = builtins.head graph; in [only.y only.x]
else let sink = findSink graph; in [sink] ++ topSort (deleteVertex sink graph);
output = topSort input;
}

18
.bin/ttrss-unread
View File

@@ -1,18 +0,0 @@
#/usr/bin/env -S deno run -A:q
set -x
session_cache="$HOME/.cache/tt-rss.session"
ttrss_endpoint=https://feed.kmein.de/api/
ttrss_user=k
ttrss_password=$(pass shared/tt-rss/password)
login() {
if [ -f "$session_cache" ]; then
session_id="$(cat "$session_cache")"
else
session_id="$(curl -d '{"op":"login","user":"'"$ttrss_user"'","password":"'"$ttrss_password"'"}' "$ttrss_endpoint" | jq -r .content.session_id)"
echo "$session_id" > "$session_cache"
fi
}
login
curl -d '{"sid":"'"$session_id"'","op":"getUnread"}' "$ttrss_endpoint" | jq .content

16
.bin/tuesday-1800
View File

@@ -1,16 +0,0 @@
#!/bin/sh
set -efux
expected_max_results=1024 # the upper bound on the number of restaurants
radius=250
echo '[out:json];node(id:260050809)->.cbase;
(
node(around.cbase:'$radius')[amenity=fast_food];
node(around.cbase:'$radius')[amenity=restaurant];
);out;' \
| curl -sSL -d @- -X POST http://overpass-api.de/api/interpreter \
| jq --argjson random "$(shuf -i 0-$expected_max_results -n 1)" '
.elements
| length as $length
| .[$random % $length]
'

8
.bin/unicode
View File

@@ -1,8 +0,0 @@
import sys
import unicodedata
for index, character in enumerate(sys.stdin.read().strip()):
try:
print(index, character, hex(ord(character)), unicodedata.category(character), unicodedata.name(character))
except:
print(index, character, hex(ord(character)))

2
.github/workflows/niveum.yml vendored
View File

@@ -11,4 +11,4 @@ jobs:
steps:
- uses: actions/checkout@v2
- uses: cachix/install-nix-action@v16
- run: nix run .?submodules=1#apps.nixinate.${{matrix.system}}-dry-run
- run: nix run .#build-${{matrix.system}}

3
.gitmodules vendored
View File

@@ -1,3 +0,0 @@
[submodule "secrets"]
path = secrets
url = ssh://gitea@code.kmein.de:22022/kfm/niveum-secrets.git

93
ci.nix Normal file
View File

@@ -0,0 +1,93 @@
{
inputs,
system,
name,
}: let
nixpkgs = inputs.nixos-stable;
pkgs = nixpkgs.legacyPackages.${system};
ensureFiles = paths:
pkgs.runCommand "directory" {} ''
set -efu
mkdir $out
cd $out
${
nixpkgs.lib.concatMapStringsSep "\n" (path: ''
mkdir -p "$(dirname ${nixpkgs.lib.escapeShellArg path})"
echo foo > ${nixpkgs.lib.escapeShellArg path}
'')
paths
}
'';
nixPath = nixpkgs.lib.concatStringsSep ":" ([
"niveum=${toString ./.}"
"nixos-config=${toString ./.}/systems/${name}/configuration.nix"
"system-secrets=${systemSecrets}"
"secrets=${sharedSecrets}"
"nixpkgs=${
toString (
if name == "kabsa" || name == "manakish"
then inputs.nixos-unstable
else inputs.nixos-stable
)
}"
]
++ nixpkgs.lib.mapAttrsToList (name: value: "${name}=${value}") inputs);
# cd ~/.password-store/shared && find * -type f | sed 's/.gpg$//'
sharedSecrets = ensureFiles [
"di.fm/key"
"eduroam/identity"
"eduroam/password"
"hass/token"
"mail/cock"
"mail/fastmail"
"mail/gmail/amroplay"
"mail/gmail/kieran.meinhardt"
"mail/meinhaki"
"mail/dslalewa"
"mail/posteo"
"nextcloud-fysi/password"
"nextcloud/password"
"openweathermap.key"
"restic/password"
"traadfri.key"
"wifi/Aether.psk"
"spotify/username"
"spotify/password"
];
systemSecrets = let
basic = ["retiolum.ed25519" "retiolum.key" "syncthing/cert.pem" "syncthing/key.pem"];
in
{
zaatar = ensureFiles (["moodle.token" "telegram/moodle-dl.token" "mpd-web.key"] ++ basic);
kabsa = ensureFiles basic;
manakish = ensureFiles basic;
tahina = ensureFiles basic;
ful = ensureFiles (["root.password"] ++ basic);
makanek = ensureFiles ([
"irc/retiolum"
"irc/hackint"
"irc/libera"
"irc/oftc"
"matrix/nibbana"
"maxmind/license.key"
"moodle-dl/faye.token"
"nextcloud/admin"
"nextcloud/database"
"telegram/nachtischsatan.token"
"telegram/reverse.token"
"telegram/odyssey.token"
"telegram/betacode.token"
"telegram/moodle-dl.token"
"telegram/proverb.token"
"telegram/menstruation.token"
"telegram/cool_village.token"
"telegram/kmein.token"
"telegram/krebs.token"
"telegram/prometheus.token"
"weechat/relay"
]
++ basic);
}
.${name};
in
toString (pkgs.writers.writeDash "build" "NIX_PATH=${nixPath} nix-build '<nixpkgs/nixos>' -A system --dry-run")

394
configs/aerc.nix
View File

@@ -1,394 +0,0 @@
{
pkgs,
config,
lib,
...
}: let
defaults = {
aerc.enable = true;
realName = "Kierán Meinhardt";
folders.inbox = "INBOX";
};
hu-defaults = {
imap.host = "mailbox.cms.hu-berlin.de";
imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 25;
smtp.tls.useStartTls = true;
};
in {
age.secrets = {
email-password-cock = {
file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fysi = {
file = ../secrets/email-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-posteo = {
file = ../secrets/email-password-posteo.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhark = {
file = ../secrets/email-password-meinhark.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-meinhaki = {
file = ../secrets/email-password-meinhaki.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-dslalewa = {
file = ../secrets/email-password-dslalewa.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-fsklassp = {
file = ../secrets/email-password-fsklassp.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
home-manager.users.me = {
services.mbsync = {
enable = true;
frequency = "daily";
preExec = "${pkgs.coreutils}/bin/mkdir -p ${config.home-manager.users.me.accounts.email.maildirBasePath}";
postExec = "${pkgs.notmuch}/bin/notmuch new";
};
programs.notmuch = {
enable = true;
extraConfig = {
database.path = config.home-manager.users.me.accounts.email.maildirBasePath;
new.tags = "";
user.name = defaults.realName;
user.primary_email = config.home-manager.users.me.accounts.email.accounts.posteo.address;
};
};
programs.mbsync = {
enable = true;
extraConfig = lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: ''
IMAPAccount ${name}
CertificateFile /etc/ssl/certs/ca-certificates.crt
Host ${account.imap.host}
PassCmd "${toString account.passwordCommand}"
User ${account.userName}
SSLType IMAPS
${lib.optionalString (lib.isInt account.imap.port) "Port ${toString account.imap.port}"}
IMAPStore ${name}-remote
Account ${name}
MaildirStore ${name}-local
Path ${config.home-manager.users.me.accounts.email.maildirBasePath}/${name}/
SubFolders Verbatim
Channel ${name}
Create Near
Expunge None
Far :${name}-remote:
Near :${name}-local:
Patterns *
Remove None
SyncState *
'')
config.home-manager.users.me.accounts.email.accounts);
};
accounts.email.accounts = rec {
hu-student =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhark";
address = "kieran.felix.meinhardt@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhark.path}";
});
hu-student-cs =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhark";
address = "kieran.felix.meinhardt@informatik.hu-berlin.de";
aliases = ["${userName}@informatik.hu-berlin.de"];
imap.host = "mailbox.informatik.hu-berlin.de";
smtp.host = "mailhost.informatik.hu-berlin.de";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhark.path}";
});
hu-employee =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "meinhaki";
address = "kieran.meinhardt@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhaki.path}";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
${defaults.realName}
Studentische Hilfskraft / Administrator ALEW
Humboldt-Universität zu Berlin
Telefon: +49 (0)30 2093 9634
Raum 3.212, Dorotheenstraße 24, 10117 Berlin-Mitte
https://alew.hu-berlin.de
'';
};
});
hu-admin =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "dslalewa";
address = "admin.alew.vglsprwi@hu-berlin.de";
aliases = ["${userName}@hu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-dslalewa.path}";
inherit (hu-employee) signature;
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
});
hu-fsi =
lib.recursiveUpdate defaults
(lib.recursiveUpdate hu-defaults
rec {
userName = "fsklassp";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-fsklassp.path}";
address = "${userName}@hu-berlin.de";
realName = "FSI Klassische Philologie";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
Fachschafts-Initiative
Humboldt-Universität zu Berlin
Sprach- und literaturwissenschaftliche Fakultät
Institut für klassische Philologie
Unter den Linden 6
10099 Berlin
'';
};
});
fysi =
lib.recursiveUpdate defaults
rec {
address = "kieran@fysi.tech";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-fysi.path}";
flavor = "fastmail.com";
};
cock =
lib.recursiveUpdate defaults
rec {
address = "2210@cock.li";
userName = address;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-cock.path}";
realName = "";
imap.host = "mail.cock.li";
smtp.host = imap.host;
};
posteo =
lib.recursiveUpdate defaults
rec {
address = "kieran.meinhardt@posteo.net";
aliases = ["kmein@posteo.de"];
userName = address;
imap.host = "posteo.de";
smtp.host = imap.host;
primary = true;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-posteo.path}";
# himalaya = { enable = true; backend = "imap"; sender = "smtp"; };
};
};
# programs.himalaya.enable = true;
programs.aerc = {
enable = true;
extraBinds = {
# Binds are of the form <key sequence> = <command to run>
# To use '=' in a key sequence, substitute it with "Eq": "<Ctrl+Eq>"
# If you wish to bind #, you can wrap the key sequence in quotes: "#" = quit
global = {
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab <Enter>";
"<C-t>" = ":term<Enter>";
"?" = ":help keys<Enter>";
};
messages = {
q = ":quit<Enter>";
j = ":next <Enter>";
"<Down>" = ":next<Enter>";
"<C-d>" = ":next 50%<Enter>";
"<C-f>" = ":next 100%<Enter>";
"<PgDn>" = ":next 100%<Enter>";
k = ":prev <Enter>";
"<Up>" = ":prev<Enter>";
"<C-u>" = ":prev 50%<Enter>";
"<C-b>" = ":prev 100%<Enter>";
"<PgUp>" = ":prev 100%<Enter>";
g = ":select 0 <Enter>";
G = ":select -1<Enter>";
J = ":next-folder <Enter>";
K = ":prev-folder<Enter>";
H = ":collapse-folder<Enter>";
L = ":expand-folder<Enter>";
"<space>" = ":read -t<Enter>:next<Enter>";
v = ":mark -t<Enter>";
V = ":mark -v<Enter>";
F = ":flag -t<Enter>";
T = ":toggle-threads<Enter>";
"<Enter>" = ":view<Enter>";
d = ":prompt 'Delete? ' 'delete-message'<Enter>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
C = ":compose<Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
c = ":cf<space>";
"$" = ":term<space>";
"!" = ":term<space>";
"|" = ":pipe<space>";
"/" = ":search<space>";
"\\" = ":filter <space>";
n = ":next-result<Enter>";
N = ":prev-result<Enter>";
"<Esc>" = ":clear<Enter>";
"*" = ":filter -x Flagged<Enter>";
};
view = {
"/" = ":toggle-key-passthrough <Enter> /";
q = ":close<Enter>";
O = ":open<Enter>";
S = ":save<space>";
"|" = ":pipe<space>";
D = ":move Trash<Enter>";
A = ":archive flat<Enter>";
"<C-l>" = ":open-link <space>";
f = ":forward <Enter>";
rr = ":reply -a<Enter>";
rq = ":reply -aq<Enter>";
Rr = ":reply<Enter>";
Rq = ":reply -q<Enter>";
H = ":toggle-headers<Enter>";
"<C-k>" = ":prev-part<Enter>";
"<C-j>" = ":next-part<Enter>";
J = ":next <Enter>";
K = ":prev<Enter>";
};
"view::passthrough" = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<Esc>" = ":toggle-key-passthrough<Enter>";
};
compose = {
# Keybindings used when the embedded terminal is not selected in the compose
# view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<tab>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::editor" = {
# Keybindings used when the embedded terminal is selected in the compose view
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-k>" = ":prev-field<Enter>";
"<C-j>" = ":next-field<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
"compose::review" = {
# Keybindings used when reviewing a message to be sent
y = ":send <Enter>";
n = ":abort<Enter>";
p = ":postpone<Enter>";
q = ":choose -o d discard abort -o p postpone postpone<Enter>";
e = ":edit<Enter>";
a = ":attach<space>";
d = ":detach<space>";
};
terminal = {
"$noinherit" = "true";
"$ex" = "<C-x>";
"<C-p>" = ":prev-tab<Enter>";
"<C-n>" = ":next-tab<Enter>";
};
};
extraConfig = {
ui.sort = "-r date";
ui.timestamp-format = "2006-01-02 15:04";
ui.mouse-enabled = true;
ui.spinner = ". , .";
general.unsafe-accounts-conf = true;
general.pgp-provider = "gpg";
viewer = {pager = "${pkgs.less}/bin/less -R";};
compose = {
address-book-cmd = "khard email --remove-first-line --parsable '%s'";
no-attachment-warning = "(attach|attached|attachments?|anbei|Anhang|angehängt)";
};
filters = {
"text/plain" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"text/calendar" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/calendar";
"text/html" = "${pkgs.aerc}/share/aerc/filters/html"; # Requires w3m, dante
# "text/html" =
# "${pkgs.aerc}/share/aerc/filters/html | ${pkgs.aerc}/share/aerc/filters/colorize";
# "text/*" =
# ''${pkgs.bat}/bin/bat -fP --file-name="$AERC_FILENAME "'';
"message/delivery-status" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"message/rfc822" = "${pkgs.gawk}/bin/awk -f ${pkgs.aerc}/share/aerc/filters/colorize";
"application/x-sh" = "${pkgs.bat}/bin/bat -fP -l sh";
};
openers = let
as-pdf = pkgs.writers.writeDash "as-pdf" ''
d=$(mktemp -d)
trap clean EXIT
clean() {
rm -rf "$d"
}
${pkgs.libreoffice}/bin/libreoffice --headless --convert-to pdf "$1" --outdir "$d"
${pkgs.zathura}/bin/zathura "$d"/*.pdf
'';
in {
"image/*" = "${pkgs.nsxiv}/bin/nsxiv";
"application/pdf" = "${pkgs.zathura}/bin/zathura";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = toString as-pdf;
"application/vnd.oasis.opendocument.text" = toString as-pdf;
"video/*" = "${pkgs.mpv}/bin/mpv";
"audio/*" = "${pkgs.mpv}/bin/mpv";
};
};
templates = {
# new_message = "hello!";
};
};
};
}

14
configs/alacritty.nix
View File

@@ -6,12 +6,7 @@
}: let
alacritty-cfg = theme:
(pkgs.formats.yaml {}).generate "alacritty.yml" {
window.opacity = 0.99;
bell = {
animation = "EaseOut";
duration = 100;
color = "#ffffff";
};
window.opacity = 0.95;
font = {
normal.family = "Monospace";
size = 6;
@@ -47,8 +42,7 @@
alacritty-pkg = pkgs.symlinkJoin {
name = "alacritty";
paths = [
(pkgs.writers.writeDashBin "alacritty" ''
${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml msg create-window "$@" ||
(pkgs.writeDashBin "alacritty" ''
${pkgs.alacritty}/bin/alacritty --config-file /var/theme/config/alacritty.yml "$@"
'')
pkgs.alacritty
@@ -62,7 +56,7 @@ in {
];
environment.etc = {
"themes/dark/alacritty.yml".source = alacritty-cfg (import ../lib/colours/owickstrom-dark.nix);
"themes/light/alacritty.yml".source = alacritty-cfg (import ../lib/colours/owickstrom-light.nix);
"themes/dark/alacritty.yml".source = alacritty-cfg (import <niveum/lib/colours/ayu-dark.nix>);
"themes/light/alacritty.yml".source = alacritty-cfg (import <niveum/lib/colours/ayu-light.nix>);
};
}

12
configs/backup.nix
View File

@@ -3,7 +3,7 @@
config,
...
}: let
inherit (import ../lib) restic;
inherit (import <niveum/lib>) restic;
in {
services.restic.backups.niveum = {
initialize = true;
@@ -12,7 +12,7 @@ in {
OnCalendar = "8:00";
RandomizedDelaySec = "1h";
};
passwordFile = config.age.secrets.restic.path;
passwordFile = toString <secrets/restic/password>;
extraBackupArgs = [
"--exclude=/home/kfm/projects/nixpkgs/.git"
"--exclude=node_modules"
@@ -20,13 +20,9 @@ in {
paths = [
"/home/kfm/work"
"/home/kfm/projects"
"/home/kfm/notes"
"/home/kfm/Maildir"
"/home/kfm/cloud"
"/home/kfm/.gnupg"
"/home/kfm/.ssh"
"/mnt/sd-card/music"
"/mnt/sd-card/Books"
];
};
@@ -39,7 +35,7 @@ in {
environment.systemPackages = [
(pkgs.writers.writeDashBin "restic-niveum" ''
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} "$@"
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${<secrets/restic/password>} "$@"
'')
(pkgs.writers.writeDashBin "restic-mount" ''
mountdir=$(mktemp -d)
@@ -47,7 +43,7 @@ in {
clean() {
rm -r "$mountdir"
}
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${config.age.secrets.restic.path} mount "$mountdir"
${pkgs.restic}/bin/restic -r ${restic.repository} -p ${<secrets/restic/password>} mount "$mountdir"
'')
];
}

82
configs/chromium.nix
View File

@@ -1,8 +1,4 @@
{
pkgs,
config,
...
}: {
{pkgs, ...}: {
programs.chromium = {
enable = true;
extensions = [
@@ -15,82 +11,6 @@
];
};
home-manager.users.me = {
programs.firefox = {
enable = true;
package = pkgs.firefox.override {
cfg = {
enableTridactylNative = true;
};
};
profiles = let
defaultSettings = {
"beacon.enabled" = false;
"browser.bookmarks.showMobileBookmarks" = true;
"browser.newtab.preload" = false;
"browser.search.isUS" = false;
"browser.search.region" = "DE";
"browser.send_pings" = false;
"browser.shell.checkDefaultBrowser" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.uidensity" = 1;
"browser.urlbar.placeholderName" = "Search";
"datareporting.healthreport.service.enabled" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.policy.dataSubmissionEnabled" = false;
"datareporting.sessions.current.clean" = true;
"distribution.searchplugins.defaultLocale" = "de-DE";
"general.smoothScroll" = true;
"identity.fxaccounts.account.device.name" = config.networking.hostName;
"network.cookie.cookieBehavior" = 1;
"privacy.donottrackheader.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.pbmode.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.declinedEngines" = "passwords";
"services.sync.engine.passwords" = false;
"signon.autofillForms" = false;
"signon.rememberSignons" = false;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"toolkit.telemetry.archive.enabled" = false;
"toolkit.telemetry.bhrPing.enabled" = false;
"toolkit.telemetry.cachedClientID" = "";
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.firstShutdownPing.enabled" = false;
"toolkit.telemetry.hybridContent.enabled" = false;
"toolkit.telemetry.newProfilePing.enabled" = false;
"toolkit.telemetry.prompted" = 2;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.server" = "";
"toolkit.telemetry.shutdownPingSender.enabled" = false;
"toolkit.telemetry.unified" = false;
"toolkit.telemetry.unifiedIsOptIn" = false;
"toolkit.telemetry.updatePing.enabled" = false;
"ui.prefersReducedMotion" = 1;
};
in {
default = {
id = 0;
isDefault = true;
settings = defaultSettings;
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
# ublock-origin
# darkreader
# sponsorblock
# consent-o-matic
# i-dont-care-about-cookies
# # auto-tab-discard TODO what is this
# ];
userChrome = ''
#TabsToolbar {
visibility: collapse !important;
}
'';
};
};
};
};
environment.systemPackages = [pkgs.brave];
environment.variables.BROWSER = "brave";

7
configs/clipboard.nix
View File

@@ -1,7 +0,0 @@
{
config,
pkgs,
...
}: {
services.clipmenu.enable = true;
}

83
configs/cloud.nix
View File

@@ -4,9 +4,25 @@
pkgs,
...
}: let
inherit (import ../lib) tmpfilesConfig;
inherit (import <niveum/lib>) tmpfilesConfig;
in {
imports = [
<niveum/modules/dropbox.nix>
];
niveum = {
dropbox.enable = false;
};
systemd.tmpfiles.rules = map tmpfilesConfig [
{
type = "L+";
user = config.users.users.me.name;
group = "users";
mode = "0755";
argument = "${config.users.users.me.home}/cloud/Seafile/Wiki";
path = "${config.users.users.me.home}/notes";
}
{
type = "L+";
user = config.users.users.me.name;
@@ -26,9 +42,9 @@ in {
];
home-manager.users.me = {
services.gnome-keyring.enable = false;
services.gnome-keyring.enable = true;
services.nextcloud-client = {
enable = false;
enable = true;
startInBackground = true;
};
systemd.user.services.nextcloud-client = {
@@ -39,28 +55,6 @@ in {
};
};
systemd.user.services.nextcloud-syncer = {
enable = true;
wants = ["network-online.target"];
wantedBy = ["default.target"];
startAt = "*:00/10";
script = let
kieran = {
user = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path;
endpoint = "https://cloud.xn--kiern-0qa.de";
target = "${config.users.users.me.home}/notes";
};
in ''
mkdir -p ${lib.escapeShellArg kieran.target}
${pkgs.nextcloud-client}/bin/nextcloudcmd --non-interactive --user ${kieran.user} --password "$(cat ${kieran.passwordFile})" --path /Notes ${lib.escapeShellArg kieran.target} ${kieran.endpoint}
'';
serviceConfig = {
Type = "oneshot";
Restart = "on-failure";
};
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "book" ''
set -efu
@@ -68,41 +62,10 @@ in {
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/syncthing/library -type f
${pkgs.findutils}/bin/find ${config.users.users.me.home}/cloud/Seafile/Books -type f
} | ${pkgs.fzf}/bin/fzf)"
exec ${pkgs.zathura}/bin/zathura "$book"
${pkgs.zathura}/bin/zathura "$book"
'')
(let
kieran = {
user = "kieran.meinhardt@gmail.com";
passwordFile = config.age.secrets.mega-password.path;
};
megatools = command: ''${pkgs.megatools}/bin/megatools ${command} --username ${lib.escapeShellArg kieran.user} --password "$(cat ${kieran.passwordFile})"'';
in
pkgs.writers.writeDashBin "book-mega" ''
set -efu
selection="$(${megatools "ls"} | ${pkgs.fzf}/bin/fzf)"
test -n "$selection" || exit 1
tmpdir="$(mktemp -d)"
trap clean EXIT
clean() {
rm -rf "$tmpdir"
}
(
cd "$tmpdir"
${megatools "get"} "$selection"
exec ${pkgs.zathura}/bin/zathura "$(basename "$selection")"
)
'')
];
age.secrets.mega-password = {
file = ../secrets/mega-password.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
fileSystems."/media/moodle" = {
device = "zaatar.r:/moodle";
fsType = "nfs";
@@ -119,9 +82,9 @@ in {
openDefaultPorts = true;
configDir = "/home/kfm/.config/syncthing";
dataDir = "/home/kfm/.config/syncthing";
cert = config.age.secrets.syncthing-cert.path;
key = config.age.secrets.syncthing-key.path;
inherit ((import ../lib).syncthing) devices;
cert = toString <system-secrets/syncthing/cert.pem>;
key = toString <system-secrets/syncthing/key.pem>;
inherit ((import <niveum/lib>).syncthing) devices;
folders = let
cloud-dir = "${config.users.users.me.home}/cloud";
in {

8
configs/compton.nix Normal file
View File

@@ -0,0 +1,8 @@
{
services.compton = {
enable = true;
shadow = true;
menuOpacity = 0.9;
shadowOpacity = 0.3;
};
}

40
configs/copyq.nix Normal file
View File

@@ -0,0 +1,40 @@
{
config,
pkgs,
...
}: let
copyqConfig = pkgs.writers.writeDash "copyq-config" ''
${pkgs.copyq}/bin/copyq config check_clipboard true
${pkgs.copyq}/bin/copyq config check_selection false
${pkgs.copyq}/bin/copyq config copy_clipboard true
${pkgs.copyq}/bin/copyq config copy_selection false
${pkgs.copyq}/bin/copyq config activate_closes true
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
${pkgs.copyq}/bin/copyq config clipboard_tab \&clipboard
${pkgs.copyq}/bin/copyq config disable_tray false
${pkgs.copyq}/bin/copyq config hide_tabs false
${pkgs.copyq}/bin/copyq config hide_toolbar false
${pkgs.copyq}/bin/copyq config item_popup_interval true
${pkgs.copyq}/bin/copyq config maxitems 1000
${pkgs.copyq}/bin/copyq config move true
${pkgs.copyq}/bin/copyq config text_wrap true
'';
in {
environment.systemPackages = [pkgs.copyq];
systemd.user.services.copyq = {
wantedBy = ["graphical-session.target"];
environment = {
DISPLAY = ":${toString config.services.xserver.display}";
};
serviceConfig = {
SyslogIdentifier = "copyq";
ExecStart = "${pkgs.copyq}/bin/copyq";
ExecStartPost = copyqConfig;
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
};
}

124
configs/default.nix
View File

@@ -2,54 +2,50 @@
pkgs,
lib,
config,
niveumPackages,
inputs,
options,
...
}: let
inherit (lib.strings) makeBinPath;
inherit (import ../lib) localAddresses kieran;
defaultApplications = (import ../lib).defaultApplications {inherit pkgs;};
inherit (import <niveum/lib>) localAddresses kieran;
in {
imports = [
inputs.self.nixosModules.system-dependent
inputs.self.nixosModules.traadfri
inputs.self.nixosModules.power-action
<home-manager/nixos>
<niveum/modules/system-dependent.nix>
{
boot.supportedFilesystems = ["ntfs"];
}
{
nix.nixPath = [
"/var/src"
"nixpkgs-overlays=${toString ../overlays}"
];
}
{
nixpkgs = {
config = {
allowUnfree = true;
packageOverrides = pkgs: {
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"'';
gfs-fonts = pkgs.callPackage <niveum/packages/gfs-fonts.nix> {};
tocharian-font = pkgs.callPackage <niveum/packages/tocharian-font.nix> {};
iolanguage = pkgs.callPackage <niveum/packages/iolanguage.nix> {};
ix = pkgs.callPackage <niveum/packages/ix.nix> {};
};
permittedInsecurePackages = [
"qtwebkit-5.212.0-alpha4"
];
};
overlays = [
(self: super: {
scripts = import <niveum/packages/scripts> {
pkgs = super;
lib = super.lib;
};
})
];
};
}
{
boot.cleanTmpDir = true;
boot.loader.timeout = 1;
}
{
age.secrets = {
di-fm-key = {
file = ../secrets/di-fm-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
restic = {
file = ../secrets/restic.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
}
{
home-manager.users.me = {
programs.zathura = {
@@ -76,6 +72,32 @@ in {
};
home-manager.users.me.xdg.enable = true;
home-manager.users.me.dconf.enable = false;
}
{
sound.enable = true;
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
# copy server:/run/pulse/.config/pulse/cookie to client:~/.config/pulse/cookie to authenticate a client machine
zeroconf.discovery.enable = true;
extraConfig = ''
load-module ${
toString [
"module-tunnel-sink-new"
"server=zaatar.r"
"sink_name=zaatar"
"channels=2"
"rate=44100"
]
}
'';
};
users.users.me.extraGroups = ["audio"];
environment.systemPackages = [pkgs.pavucontrol pkgs.ncpamixer pkgs.pamixer pkgs.pulsemixer];
}
{
environment.interactiveShellInit = "export PATH=$PATH:$HOME/projects/niveum";
@@ -93,13 +115,13 @@ in {
cd "$(mktemp -d)"
pwd
'';
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
in {
"ß" = "${pkgs.util-linux}/bin/setsid";
"ß" = "${pkgs.utillinux}/bin/setsid";
cat = "${pkgs.bat}/bin/bat --style=plain";
chromium-incognito = "chromium --user-data-dir=$(mktemp -d /tmp/chr.XXXXXX) --no-first-run --incognito";
cp = "cp --interactive";
ip = "${pkgs.iproute2}/bin/ip -c";
ip = "${pkgs.iproute}/bin/ip -c";
l = "ls --color=auto --time-style=long-iso --almost-all";
ls = "ls --color=auto --time-style=long-iso";
ll = "ls --color=auto --time-style=long-iso -l";
@@ -107,7 +129,7 @@ in {
mv = "mv --interactive";
nixi = "nix repl '<nixpkgs>'";
ns = "nix-shell --run zsh";
o = "${pkgs.xdg-utils}/bin/xdg-open";
o = "${pkgs.xdg_utils}/bin/xdg-open";
pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in";
pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out";
rm = "rm --interactive";
@@ -116,7 +138,7 @@ in {
cdt = "source ${cdt}";
vit = "$EDITOR $(mktemp)";
tmux = "${pkgs.tmux}/bin/tmux -2";
sxiv = swallow "${pkgs.nsxiv}/bin/nsxiv";
sxiv = swallow "${pkgs.sxiv}/bin/sxiv";
zathura = swallow "${pkgs.zathura}/bin/zathura";
us = "${pkgs.systemd}/bin/systemctl --user";
wcd = "source ${wcd}";
@@ -168,14 +190,7 @@ in {
}
{programs.command-not-found.enable = true;}
{
home-manager.users.me = {
services.gpg-agent = rec {
enable = true;
enableZshIntegration = true;
defaultCacheTtl = 2 * 60 * 60;
maxCacheTtl = 4 * defaultCacheTtl;
};
};
programs.gnupg.agent.enable = true;
environment.systemPackages = [
pkgs.gnupg
@@ -202,37 +217,19 @@ in {
{
home-manager.users.me.home.stateVersion = "22.05";
}
{
systemd.user.services.udiskie = {
after = ["udisks2.service"];
wants = ["udisks2.service"];
wantedBy = ["graphical-session.target"];
serviceConfig = {
ExecStart = "${pkgs.udiskie}/bin/udiskie --verbose --no-config --notify";
};
};
services.udisks2.enable = true;
programs.dconf.enable = true;
home-manager.users.me = {
dconf.enable = true;
dconf.settings = {
# Change the default terminal for Nemo
"org/cinnamon/desktop/applications/terminal".exec = defaultApplications.terminal;
};
};
}
./alacritty.nix
./backup.nix
./bash.nix
./beets.nix
./bluetooth.nix
./aerc.nix
./ccc.nix
./khal.nix
./chromium.nix
./clipboard.nix
./cloud.nix
./copyq.nix
./compton.nix
./direnv.nix
./distrobump.nix
./docker.nix
./dunst.nix
./flix.nix
@@ -248,11 +245,11 @@ in {
./mpv.nix
./mime.nix
./neovim.nix
./neomutt.nix
./nix.nix
./newsboat.nix
./flameshot.nix
./flameshot-once.nix
./packages.nix
./picom.nix
./stardict.nix
./polkit.nix
./power-action.nix
@@ -266,8 +263,8 @@ in {
./seafile.nix
./ssh.nix
./sshd.nix
./sound.nix
./sudo.nix
./sxiv.nix
./themes.nix
./tmux.nix
./traadfri.nix
@@ -276,6 +273,5 @@ in {
./watson.nix
./zsh.nix
./tor.nix
./mastodon-bot.nix
];
}

2
configs/direnv.nix
View File

@@ -10,7 +10,7 @@
cat > shell.nix <<'EOF'
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
packages = [];
buildInputs = [];
}
EOF
''${EDITOR:-vim} shell.nix

2
configs/dunst.nix
View File

@@ -3,7 +3,7 @@
pkgs,
...
}: let
inherit (import ../lib) defaultApplications colours theme;
inherit (import <niveum/lib>) defaultApplications colours theme;
in {
home-manager.users.me.services.dunst = {
enable = true;

45
configs/flameshot-once.nix Normal file
View File

@@ -0,0 +1,45 @@
{
lib,
pkgs,
...
}: let
inherit (import <niveum/lib>) defaultApplications;
flameshot-once =
pkgs.callPackage <stockholm/krebs/5pkgs/simple/flameshot-once> {};
in {
environment.systemPackages = [
(flameshot-once.override {
config = {
imgur = {
enable = true;
createUrl = "http://p.r/image";
deleteUrl = "http://p.r/image/delete/%1";
xdg-open.browser = (defaultApplications pkgs).browser;
};
timeout = 1000;
drawColor = "#ff0000";
drawThickness = 2;
showDesktopNotification = true;
buttons = [
"ARROW"
"BLUR"
"CIRCLE"
"CIRCLECOUNT"
"COPY"
"DRAWER"
"EXIT"
"IMAGEUPLOADER"
"MARKER"
"MOVESELECTION"
"PENCIL"
"RECTANGLE"
"SAVE"
"SELECTION"
"SELECTIONINDICATOR"
"TEXT"
"UNDO"
];
};
})
];
}

23
configs/flameshot.nix
View File

@@ -1,23 +0,0 @@
{
lib,
pkgs,
...
}: {
home-manager.users.me = {
services.flameshot = {
enable = true;
settings.General = {
autoCloseIdleDaemon = true;
drawColor = "#ff0000";
drawThickness = 2;
checkForUpdates = false;
showDesktopNotification = true;
disabledTrayIcon = true;
showHelp = false;
squareMagnifier = true;
uploadWithoutConfirmation = true;
buttons = ''@Variant(\0\0\0\x7f\0\0\0\vQList<int>\0\0\0\0\x10\0\0\0\x2\0\0\0\x5\0\0\0\x13\0\0\0\xa\0\0\0\x1\0\0\0\xc\0\0\0\xd\0\0\0\x6\0\0\0\x8\0\0\0\0\0\0\0\xf\0\0\0\x4\0\0\0\xb\0\0\0\x3\0\0\0\x12\0\0\0\x9)'';
};
};
};
}

36
configs/flix.nix
View File

@@ -4,16 +4,14 @@
...
}: let
flixLocation = "/media/flix";
flixLocationNew = "/media/flix-new";
cacheLocation = "/var/cache/flix";
indexFilename = "index";
indexFilenameNew = "index-new";
flixUser = "flix";
flixGroup = "users";
inherit (import ../lib) tmpfilesConfig;
inherit (import <niveum/lib>) tmpfilesConfig;
in {
fileSystems.${flixLocation} = {
device = "prism.r:/export/download";
device = "prism.r:/export";
fsType = "nfs";
options = [
"noauto"
@@ -28,20 +26,6 @@ in {
];
};
fileSystems.${flixLocationNew} = {
device = "//yellow.r/public";
fsType = "cifs";
options = [
"guest"
"nofail"
"noauto"
"ro"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
];
};
systemd.tmpfiles.rules = [
(tmpfilesConfig {
type = "d";
@@ -55,10 +39,7 @@ in {
systemd.services.flix-index = {
description = "Flix indexing service";
wants = ["network-online.target"];
script = ''
cp ${flixLocation}/index ./${indexFilename}
cp ${flixLocationNew}/index ./${indexFilenameNew}
'';
script = "cp ${flixLocation}/download/index ./${indexFilename}";
startAt = "hourly";
serviceConfig = {
Type = "oneshot";
@@ -88,11 +69,12 @@ in {
'')
(pkgs.writers.writeDashBin "flixmenu" ''
set -efu
(
${pkgs.gnused}/bin/sed 's#^\.#${flixLocation}#' ${cacheLocation}/${indexFilename}
${pkgs.gnused}/bin/sed 's#^\.#${flixLocationNew}#' ${cacheLocation}/${indexFilenameNew}
) | ${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.util-linux}/bin/setsid ${pkgs.xdg-utils}/bin/xdg-open '{}'
cd "${flixLocation}/download"
[ -f "${cacheLocation}/${indexFilename}" ] || exit 1
${pkgs.dmenu}/bin/dmenu -i -p flix -l 5 "$@" < ${cacheLocation}/${indexFilename} \
| ${pkgs.findutils}/bin/xargs -I '{}' ${pkgs.utillinux}/bin/setsid ${pkgs.xdg_utils}/bin/xdg-open '{}'
'')
];
}

88
configs/fonts.nix
View File

@@ -1,56 +1,4 @@
{
pkgs,
niveumPackages,
...
}: let
zip-font = name: arguments: let
directory = pkgs.fetchzip arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/{truetype,opentype,woff}
${pkgs.findutils}/bin/find ${directory} -name '*.ttf' -exec install '{}' $out/share/fonts/truetype \;
${pkgs.findutils}/bin/find ${directory} -name '*.otf' -exec install '{}' $out/share/fonts/opentype \;
${pkgs.findutils}/bin/find ${directory} -name '*.woff' -exec install '{}' $out/share/fonts/woff \;
'';
simple-ttf = name: arguments: let
file = pkgs.fetchurl arguments;
in
pkgs.runCommand name {} ''
mkdir -p $out/share/fonts/truetype
install ${file} $out/share/fonts/truetype
'';
egyptianHiero = zip-font "EgyptianHiero" {
url = "https://github.com/MKilani/Djehuty/archive/master.zip";
sha256 = "sha256-KbY4vedm757NWfDlgmNhslbZd+2Vs+o5PjtMMGDt61Y=";
};
antinoou = zip-font "Antinoou" {
url = "https://www.evertype.com/fonts/coptic/AntinoouFont.zip";
sha256 = "0jwihj08n4yrshcx07dnaml2x9yws6dgyjkvg19jqbz17drbp3sw";
stripRoot = false;
};
newGardiner = zip-font "NewGardiner" {
url = "https://mjn.host.cs.st-andrews.ac.uk/egyptian/fonts/NewGardiner.zip";
sha256 = "1jd0qa6shh9pqqyig2w43m9l9rv1i50l73jzkhb6g6mqxbhb1mip";
stripRoot = false;
};
junicode2 = zip-font "JunicodeTwo" {
url = "https://github.com/psb1558/Junicode-font/archive/48bf476db278c844c67542b04d1e0e4c71f139d2.zip";
sha256 = "1ryicc155vkvgv3315ddliigwa01afwyb4c4f6pnqcns03af001i";
};
newAthenaUnicode = zip-font "NewAthenaUnicode" {
url = "https://classicalstudies.org/sites/default/files/userfiles/files/NAU5_005.zip";
sha256 = "1g7qk9gl4nq2dz41bvck1nzilhin44j8691cxax3dlp77bbn9bxr";
};
jsesh = simple-ttf "JSesh" {
url = "http://files.qenherkhopeshef.org/jsesh/JSeshFont.ttf";
sha256 = "1203jrk2xzvgckcc5hx88kja1i3h8gm1wiyla5j6gspc0hbv56ry";
};
egyptianText = simple-ttf "EgyptianText-1.0beta" {
url = "http://c.krebsco.de/EgyptianText-v1.0-beta.ttf";
sha256 = "0cfjbk7xxnxhlp6v922psm5j1xzrv6wfk226ji2wz2yfrnkbcbsv";
};
in {
{pkgs, ...}: {
fonts = {
enableDefaultFonts = true;
fontDir.enable = true;
@@ -59,28 +7,19 @@ in {
alegreya-sans
amiri
annapurna-sil
antinoou
cantarell-fonts
cardo
charis-sil
doulos-sil
newAthenaUnicode
corefonts
crimson
eb-garamond
jsesh
egyptianHiero
egyptianText
font-awesome_6
etBook
newGardiner
junicode2
ezra-sil
fira
font-awesome
galatia-sil
gentium
niveumPackages.gfs-fonts
gfs-fonts
gyre-fonts
ibm-plex
jetbrains-mono
@@ -92,7 +31,6 @@ in {
roboto
roboto-mono
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
roboto-slab
scheherazade-new
@@ -100,28 +38,16 @@ in {
source-sans-pro
source-serif-pro
theano
niveumPackages.tocharian-font
tocharian-font
vistafonts
vollkorn
zilla-slab
]; # google-fonts league-of-moveable-type
fontconfig.defaultFonts = rec {
monospace = ["Noto Sans Mono"] ++ emoji;
fontconfig.defaultFonts = {
monospace = ["Noto Sans Mono"];
serif = ["Noto Serif" "Noto Naskh Arabic" "Noto Serif Devanagari"];
sansSerif = ["Noto Sans Display" "Noto Kufi Arabic" "Noto Sans Devanagari" "Noto Sans CJK JP"];
emoji = ["Noto Color Emoji"];
sansSerif = ["Noto Sans Display" "Noto Kufi Arabic" "Noto Sans Devanagari"];
emoji = ["Noto Color Emoji" "Noto Emoji"];
};
# xelatex fails with woff files
# ref https://tex.stackexchange.com/questions/392144/xelatex-and-fontspec-crash-trying-to-find-woff-file-for-some-fonts-but-not-other
fontconfig.localConf = ''
<fontconfig>
<!-- Reject WOFF fonts We don't register WOFF(2) fonts with fontconfig because of the W3C spec -->
<selectfont>
<rejectfont>
<glob>*.woff*</glob>
</rejectfont>
</selectfont>
</fontconfig>
'';
};
}

9
configs/fzf.nix
View File

@@ -5,19 +5,18 @@
}: {
environment = {
systemPackages = [pkgs.fzf];
variables = rec {
FZF_DEFAULT_COMMAND = "${pkgs.fd}/bin/fd --type f --strip-cwd-prefix --follow --no-ignore-vcs --exclude .git";
variables = {
FZF_DEFAULT_OPTS =
lib.escapeShellArgs ["--height=40%"];
lib.escapeShellArgs ["--height=40%" "--layout=reverse"];
FZF_ALT_C_COMMAND = "${pkgs.fd}/bin/fd --type d";
FZF_ALT_C_OPTS = lib.escapeShellArgs [
"--preview='${pkgs.tree}/bin/tree -L 1 \"{}\"'"
"--bind=space:toggle-preview"
"--preview-window=hidden"
];
FZF_CTRL_T_COMMAND = FZF_DEFAULT_COMMAND;
FZF_CTRL_T_COMMAND = "${pkgs.fd}/bin/fd --type f";
FZF_CTRL_T_OPTS =
lib.escapeShellArgs ["--preview='head -$LINES {}'"];
lib.escapeShellArgs ["--preview='${pkgs.bat}/bin/bat \"{}\"'"];
};
};

6
configs/git.nix
View File

@@ -2,15 +2,13 @@
pkgs,
config,
lib,
inputs,
...
}: let
inherit (import ../lib) kieran ignorePaths;
inherit (import <niveum/lib>) kieran ignorePaths;
in {
environment.systemPackages = [
pkgs.mr
pkgs.git
pkgs.git-crypt
pkgs.gitAndTools.gitflow
pkgs.gitAndTools.gh
pkgs.gitAndTools.git-extras
@@ -19,7 +17,7 @@ in {
pkgs.gitstats
pkgs.patch
pkgs.patchutils
inputs.self.packages.x86_64-linux.git-preview
pkgs.git-preview
];
environment.shellAliases = {

31
configs/hledger.nix
View File

@@ -3,12 +3,11 @@
pkgs,
...
}: {
imports = [<niveum/modules/hledger.nix>];
environment.systemPackages = let
ledgerDirectory = "$HOME/projects/ledger";
timeLedger = "${ledgerDirectory}/time.timeclock";
git = "${pkgs.git}/bin/git -C ${ledgerDirectory}";
timeLedger = "$HOME/projects/ledger/time.timeclock";
in [
pkgs.hledger
(pkgs.writers.writeDashBin "hora-edit" ''
$EDITOR + "${timeLedger}" && ${pkgs.git}/bin/git -C "$(${pkgs.coreutils}/bin/dirname ${timeLedger})" commit --all --message "$(${pkgs.coreutils}/bin/date -Im)"
'')
@@ -22,18 +21,16 @@
| sed 's/(fillidefilla:\(.*\))/\1/g' \
| xsv select date,amount,total,account,description
'')
(pkgs.writers.writeDashBin "hledger-git" ''
if [ "$1" = entry ]; then
${pkgs.hledger}/bin/hledger balance -V > "${ledgerDirectory}/balance.txt"
${git} add balance.txt
${git} commit --all --message="$(date -Im)"
else
${git} $*
fi
'')
(pkgs.writers.writeDashBin "hledger-edit" ''
$EDITOR ${ledgerDirectory}/current.journal
'')
];
niveum.hledger = {
enable = true;
ledgerFile = "$HOME/projects/ledger/all.journal";
server = {
enable = false;
user = config.users.users.me;
package = pkgs.hledger-web;
};
package = pkgs.hledger;
};
}

37
configs/hu-berlin.nix
View File

@@ -5,7 +5,7 @@
...
}: let
inherit (lib.strings) fileContents;
inherit (import ../lib) sshPort;
inherit (import <niveum/lib>) sshPort;
eduroam = {
identity = fileContents <secrets/eduroam/identity>;
password = fileContents <secrets/eduroam/password>;
@@ -15,9 +15,10 @@
"gid=${toString config.users.groups.users.gid}"
"sec=ntlmv2"
"workgroup=german"
"credentials=${config.age.secrets.cifs-credentials-hu-berlin.path}"
"username=meinhaki"
"password=${lib.strings.fileContents <secrets/mail/meinhaki>}"
"noauto"
# "x-systemd.requires=hu-vpn.service"
"x-systemd.requires=hu-vpn.service"
"x-systemd.automount"
"x-systemd.device-timeout=1"
"x-systemd.idle-timeout=1min"
@@ -35,8 +36,6 @@ in {
options = hu-berlin-cifs-options;
};
age.secrets.cifs-credentials-hu-berlin.file = ../secrets/cifs-credentials-hu-berlin.age;
home-manager.users.me.programs.ssh = {
matchBlocks = {
"alew.hu-berlin.de" = {
@@ -66,21 +65,31 @@ in {
systemd.services.hu-vpn = {
enable = true;
wants = ["network-online.target"];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhark.path}";
conflicts = ["openvpn-hu-berlin.service"];
script = ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "$CREDENTIALS_DIRECTORY/password")" \
--config=${
${pkgs.openfortivpn}/bin/openfortivpn -c ${
pkgs.writeText "hu-berlin.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = meinhark
trusted-cert = 9e5dea8e077970d245900839f437ef7fb9551559501c7defd70af70ea568573d
trusted-cert = 42193a913d276d9eb86217612956e1e6464d6f07bed5393a4787c87adc4bd359
username = ${eduroam.identity}@split_tunnel
password = ${eduroam.password}
''
}
fi
'';
};
systemd.services.openvpn-hu-berlin.conflicts = ["hu-vpn.service"];
services.openvpn.servers.hu-berlin = {
autoStart = false;
authUserPass = {
username = eduroam.identity;
password = eduroam.password;
};
config = fileContents (pkgs.fetchurl {
url = "https://www.cms.hu-berlin.de/de/dl/netze/vpn/openvpn/hu-berlin.ovpn";
sha256 = "15b55aibik5460svjq2gwxrcyh6ay4k8savd6cd5lncgndmd8p8h";
});
};
}

133
configs/i3.nix
View File

@@ -2,27 +2,17 @@
config,
pkgs,
lib,
niveumPackages,
...
}: let
inherit (import ../lib) defaultApplications colours;
klem = niveumPackages.klem.override {
config.dmenu = "${pkgs.dmenu}/bin/dmenu -i -p klem";
inherit (import <niveum/lib>) defaultApplications colours;
klem = import <niveum/packages/scripts/klem.nix> {
inherit pkgs lib;
config.scripts = {
"p.r" = pkgs.writers.writeDash "p.r" ''
${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \
| ${pkgs.coreutils}/bin/tail --lines=1 \
| ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/'
'';
# "envs.sh host" = pkgs.writers.writeDash "envs-host" ''
# ${pkgs.curl}/bin/curl -F "file=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
# '';
"envs.sh mirror" = pkgs.writers.writeDash "envs-mirror" ''
${pkgs.curl}/bin/curl -F "url=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"envs.sh shorten" = pkgs.writers.writeDash "envs-shorten" ''
${pkgs.curl}/bin/curl -F "shorten=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"ix.io" = pkgs.writers.writeDash "ix.io" ''
${pkgs.curl}/bin/curl -fSs -F 'f:1=<-' ix.io
'';
@@ -36,20 +26,21 @@
${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
'';
"ipa" = pkgs.writers.writeDash "ipa" ''
${niveumPackages.ipa}/bin/ipa
${pkgs.scripts.ipa}/bin/ipa
'';
"betacode" = pkgs.writers.writeDash "betacode" ''
${niveumPackages.betacode}/bin/betacode
${pkgs.scripts.betacode}/bin/betacode
'';
"devanagari" = pkgs.writers.writeDash "devanagari" ''
${pkgs.scripts.devanagari}/bin/devanagari
'';
"avesta" = pkgs.writeScript "avesta" (builtins.readFile <niveum/packages/scripts/avesta.sed>);
"curl" = pkgs.writers.writeDash "curl" ''
${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
'';
ocr = pkgs.writers.writeDash "ocr" ''
${pkgs.tesseract4}/bin/tesseract -l eng+deu - stdout
'';
emojai = pkgs.writers.writeDash "emojai" ''
${pkgs.curl}/bin/curl https://www.emojai.app/api/generate -X POST -H 'Content-Type: application/json' --data-raw "$(${pkgs.jq}/bin/jq -sR '{emoji:.}')" | ${pkgs.jq}/bin/jq -r .result
'';
};
};
@@ -60,27 +51,11 @@
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
in {
age.secrets = {
github-token-i3status-rust = {
file = ../secrets/github-token-i3status-rust.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
openweathermap-api-key = {
file = ../secrets/openweathermap-api-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
programs.slock.enable = true;
services.xserver = {
displayManager.defaultSession = "none+i3";
windowManager.i3 = {
enable = true;
package = pkgs.i3-gaps;
};
};
@@ -99,19 +74,14 @@ in {
'';
};
home-manager.users.me.xsession.windowManager.i3 = let
modifier = "Mod4";
in {
home-manager.users.me.xsession.windowManager.i3 = {
enable = true;
extraConfig = ''
bindsym --release ${modifier}+Shift+w exec /run/wrappers/bin/slock
'';
config = rec {
fonts = {
names = ["Sans"];
size = 10.0;
};
inherit modifier;
modifier = "Mod4";
window = {
titlebar = false;
border = 1;
@@ -125,10 +95,6 @@ in {
criteria = {class = "fzfmenu";};
command = "floating enable";
}
{
criteria = {class = ".*";};
command = "border pixel 2";
}
{
criteria = {class = "mpv";};
command = lib.strings.concatStringsSep ", " [
@@ -141,6 +107,7 @@ in {
}
];
};
gaps.inner = 4;
floating = {
titlebar = false;
border = 1;
@@ -154,9 +121,9 @@ in {
focused =
scheme
// {
border = colours.blue.bright;
indicator = colours.blue.bright;
childBorder = colours.blue.bright;
border = colours.cyan.bright;
indicator = colours.cyan.bright;
childBorder = colours.cyan.bright;
};
unfocused =
scheme
@@ -188,7 +155,7 @@ in {
names = ["Monospace" "Font Awesome 6 Free"];
size = 8.0;
};
mode = "dock"; # "hide";
mode = "hide"; # "dock"
position = "bottom";
colors = rec {
background = colours.background;
@@ -200,17 +167,13 @@ in {
text = colours.foreground;
};
};
statusCommand = toString (pkgs.writers.writeDash "i3status-rust" ''
export I3RS_GITHUB_TOKEN="$(cat ${config.age.secrets.github-token-i3status-rust.path})"
export OPENWEATHERMAP_API_KEY="$(cat ${config.age.secrets.openweathermap-api-key.path})"
${pkgs.i3status-rust}/bin/i3status-rs ${
(pkgs.formats.toml {}).generate "i3status-rust.toml" (import ../lib/i3status-rust.nix {
inherit (config.niveum) batteryName wirelessInterface;
inherit (config.home-manager.users.me.accounts.email) accounts;
inherit colours;
inherit pkgs;
})
}'');
statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ${
(pkgs.formats.toml {}).generate "i3status-rust.toml" (import <niveum/lib/i3status-rust.nix> {
inherit (config.niveum) batteryName wirelessInterface;
inherit colours;
inherit pkgs;
})
}";
}
];
modes.resize = {
@@ -233,10 +196,10 @@ in {
"${modifier}+Shift+b" = "move window to workspace prev";
"${modifier}+Shift+n" = "move window to workspace next";
"${modifier}+Shift+x" = "exec ${move-to-new-workspace}";
"${modifier}+Shift+x" = "exec --no-startup-id ${move-to-new-workspace}";
"${modifier}+b" = "workspace prev";
"${modifier}+n" = "workspace next";
"${modifier}+x" = "exec ${new-workspace}";
"${modifier}+x" = "exec --no-startup-id ${new-workspace}";
"${modifier}+Shift+c" = "reload";
"${modifier}+Shift+q" = "kill";
@@ -264,9 +227,10 @@ in {
"${modifier}+Return" = "exec ${(defaultApplications pkgs).terminal}";
"${modifier}+t" = "exec ${(defaultApplications pkgs).fileManager}";
"${modifier}+y" = "exec ${(defaultApplications pkgs).browser}";
"${modifier}+0" = "exec ${niveumPackages.menu-calc}/bin/=";
"${modifier}+0" = "exec ${pkgs.scripts.menu-calc}/bin/=";
"${modifier}+d" = "exec ${pkgs.writers.writeDash "run" ''exec rofi -modi run,ssh,window -show run''}";
"${modifier}+Shift+w" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"${modifier}+d" = "exec ${pkgs.writers.writeDash "run" ''exec ${pkgs.rofi}/bin/rofi -modi run,window,ssh,filebrowser -show run''}";
"${modifier}+Shift+d" = "exec ${
pkgs.writers.writeDash "notemenu" ''
set -efu
@@ -278,44 +242,37 @@ in {
note_file=$({
echo diary/$(date -I).md
echo diary/$(date -I -d yesterday).md
find . ! -name '.*' -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2-
find . -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2
} | rofi -dmenu -i -p 'notes')
if test "$note_file"
then
alacritty --working-directory ~/notes -e "$EDITOR" "$note_file"
i3-sensible-terminal -e "$EDITOR" "$note_file"
fi
''
}";
"${modifier}+p" = "exec rofi-pass";
"${modifier}+Shift+p" = "exec rofi-pass --insert";
"${modifier}+u" = "exec ${niveumPackages.unicodmenu}/bin/unicodmenu";
"${modifier}+p" = "exec --no-startup-id ${pkgs.rofi-pass}/bin/rofi-pass";
"${modifier}+u" = "exec ${pkgs.scripts.unicodmenu}/bin/unicodmenu";
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F7" = "exec ${pkgs.writers.writeDash "showkeys-toggle" ''
if ${pkgs.procps}/bin/pgrep screenkey; then
exec ${pkgs.procps}/bin/pkill screenkey
else
exec ${pkgs.screenkey}/bin/screenkey
fi
''}";
"${modifier}+F7" = "exec ${pkgs.scripts.showkeys-toggle}/bin/showkeys-toggle";
"${modifier}+F8" = "exec switch-theme toggle";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
"${modifier}+F10" = "exec ${pkgs.redshift}/bin/redshift -x";
"${modifier}+F11" = "exec ${pkgs.xcalib}/bin/xcalib -invert -alter";
"${modifier}+F12" = "exec ${klem}/bin/klem";
"Print" = "exec flameshot gui";
"XF86AudioLowerVolume" = "exec ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioMute" = "exec ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec ${pkgs.pamixer}/bin/pamixer -i 5";
"Print" = "exec flameshot-once";
"XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -d 5";
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -t";
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pamixer}/bin/pamixer -i 5";
"XF86Calculator" = "exec ${pkgs.st}/bin/st -c floating -e ${pkgs.bc}/bin/bc";
"XF86AudioPause" = "exec ${pkgs.playerctl}/bin/playerctl pause";
"XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioNext" = "exec ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${niveumPackages.k-lock}/bin/k-lock";
"XF86AudioPause" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl pause";
"XF86AudioPlay" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl play-pause";
"XF86AudioNext" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl next";
"XF86AudioPrev" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl previous";
"XF86AudioStop" = "exec --no-startup-id ${pkgs.playerctl}/bin/playerctl stop";
"XF86ScreenSaver" = "exec ${pkgs.scripts.k-lock}/bin/k-lock";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr";
"XF86Display" = "exec ${pkgs.scripts.dmenurandr}/bin/dmenurandr";
# key names detected with xorg.xev:
# XF86WakeUp (fn twice)

29
configs/keyboard.nix
View File

@@ -10,10 +10,6 @@
gr = "polytonic";
ru = "phonetic";
ara = "buckwalter";
cop = "";
ave = "";
"in" = "san-kagapa";
il = "phonetic";
};
defaultLanguage = "de";
in {
@@ -23,30 +19,9 @@ in {
# T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png
# buckwalter: http://www.qamus.org/transliteration.htm
xkbVariant = "T3";
xkbOptions = commaSep xkbOptions;
xkbOptions =
commaSep xkbOptions;
libinput.enable = true;
xkbDir = pkgs.symlinkJoin {
name = "x-keyboard-directory";
paths = [
"${pkgs.xkeyboard_config}/etc/X11/xkb"
(pkgs.linkFarm "custom-x-keyboards" [
{
name = "symbols/cop";
path = pkgs.fetchurl {
url = "http://www.moheb.de/download/cop";
sha256 = "1l0h6aq536hyinrh0i0ia355y229bjrlibii0sya5bmqh46vycia";
};
}
{
name = "symbols/ave";
path = pkgs.fetchurl {
url = "https://blog.simos.info/wp-content/uploads/2010/06/avestan.txt";
sha256 = "192zmmm3gxyhim39dsax7r87gsay2w5v2xkhwmvsfipjb60hwp5g";
};
}
])
];
};
};
console.keyMap = "de";

42
configs/khal.nix
View File

@@ -8,45 +8,15 @@
kmeinCloud = {
davEndpoint = "https://cloud.xn--kiern-0qa.de/remote.php/dav";
username = "kieran";
passwordFile = config.age.secrets.nextcloud-password-kieran.path;
password = lib.fileContents <secrets/nextcloud/password>;
};
fysiCloud = {
davEndpoint = "https://nextcloud.fysi.dev/remote.php/dav";
username = "kmein";
passwordFile = config.age.secrets.nextcloud-password-fysi.path;
password = lib.fileContents <secrets/nextcloud-fysi/password>;
};
in {
age.secrets = {
nextcloud-password-kieran = {
file = ../secrets/nextcloud-password-kieran.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
nextcloud-password-fysi = {
file = ../secrets/nextcloud-password-fysi.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
};
environment.systemPackages = [
pkgs.khal
pkgs.vdirsyncer
pkgs.khard
pkgs.todoman
(pkgs.writers.writeDashBin "todo-procrastinate" ''
[ $# -eq 1 ] || {
echo "Usage: $0 TODO_ID" >&2
exit 1
}
todo_id=$1
new_timestamp=$(${pkgs.todoman}/bin/todo --porcelain show "$todo_id" | ${pkgs.jq}/bin/jq '.due + 24 * 60 * 60')
new_date=$(${pkgs.coreutils}/bin/date +"%Y-%m-%d %H:%M" -d "@$new_timestamp")
${pkgs.todoman}/bin/todo edit "$todo_id" --due "$new_date"
'')
];
environment.systemPackages = [pkgs.khal pkgs.vdirsyncer pkgs.khard pkgs.todoman];
systemd.user.services.vdirsyncer = {
enable = true;
@@ -182,19 +152,19 @@ in {
type = "carddav"
url = "${kmeinCloud.davEndpoint}/addressbooks/users/${kmeinCloud.username}/"
username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"]
password = "${kmeinCloud.password}"
[storage kalender_cloud]
type = "caldav"
url = "${kmeinCloud.davEndpoint}/calendars/${kmeinCloud.username}/"
username = "${kmeinCloud.username}"
password.fetch = ["command", "cat", "${kmeinCloud.passwordFile}"]
password = "${kmeinCloud.password}"
[storage fysi_cloud]
type = "caldav"
url = "${fysiCloud.davEndpoint}/calendars/${fysiCloud.username}/"
username = "${fysiCloud.username}"
password.fetch = ["command", "cat", "${fysiCloud.passwordFile}"]
password = "${fysiCloud.password}"
'';
};
};

19
configs/mastodon-bot.nix
View File

@@ -1,19 +0,0 @@
{pkgs, ...}: {
systemd.services.imaginary-illuminations = {
enable = false;
wants = ["network-online.target"];
serviceConfig = {
User = "kfm";
Group = "users";
WorkingDirectory = "/home/kfm/cloud/Seafile/Documents/Media/imaginary-illuminations";
Restart = "on-failure";
RestartSec = "15s";
};
startAt = "7:00";
script = ''
${pkgs.deno}/bin/deno run -A post.ts
'';
};
systemd.timers.imaginary-illuminations.timerConfig.RandomizedDelaySec = "14h";
}

18
configs/mime.nix
View File

@@ -7,18 +7,18 @@
"application/pdf" = "org.pwmt.zathura.desktop";
"application/vnd.oasis.opendocument.text" = "writer.desktop";
"application/vnd.openxmlformats-officedocument.wordprocessingml.document" = "writer.desktop";
"image/jpeg" = "nsxiv.desktop";
"image/png" = "nsxiv.desktop";
"image/jpeg" = "sxiv.desktop";
"image/png" = "sxiv.desktop";
"image/vnd.djvu+multipage" = "org.pwmt.zathura.desktop";
"text/html" = "firefox.desktop";
"text/html" = "brave-browser.desktop";
"text/markdown" = "nvim.desktop";
"text/plain" = "nvim.desktop";
"x-scheme-handler/about" = "firefox.desktop";
"x-scheme-handler/http" = "firefox.desktop";
"x-scheme-handler/https" = "firefox.desktop";
"x-scheme-handler/mailto" = "firefox.desktop";
"x-scheme-handler/unknown" = "firefox.desktop";
"x-scheme-handler/webcal" = "firefox.desktop";
"x-scheme-handler/about" = "brave-browser.desktop";
"x-scheme-handler/http" = "brave-browser.desktop";
"x-scheme-handler/https" = "brave-browser.desktop";
"x-scheme-handler/mailto" = "brave-browser.desktop";
"x-scheme-handler/unknown" = "brave-browser.desktop";
"x-scheme-handler/webcal" = "brave-browser.desktop";
"inode/directory" = "pcmanfm.desktop";
};
};

3
configs/monitoring.nix
View File

@@ -14,7 +14,6 @@
nginx.enable = false;
node = {
enable = true;
openFirewall = true;
enabledCollectors = [
"conntrack"
"diskstats"
@@ -39,6 +38,8 @@
};
};
networking.firewall.allowedTCPPorts = [config.services.prometheus.exporters.node.port];
systemd.services.promtail = {
description = "Promtail service for Loki";
wantedBy = ["multi-user.target"];

6
configs/mpv.nix
View File

@@ -2,10 +2,9 @@
pkgs,
lib,
config,
niveumPackages,
...
}: let
swallow = command: "${niveumPackages.swallow}/bin/swallow ${command}";
swallow = command: "${pkgs.scripts.swallow}/bin/swallow ${command}";
in {
environment.shellAliases.smpv = swallow "mpv";
@@ -23,7 +22,6 @@ in {
ytdl-raw-options = lib.concatStringsSep "," [''sub-lang="de,en"'' "write-sub=" "write-auto-sub="];
screenshot-template = "%F-%wH%wM%wS-%#04n";
script-opts = "ytdl_hook-ytdl_path=${pkgs.yt-dlp}/bin/yt-dlp";
ao = "pulse"; # no pipewire for me :(
};
bindings = {
"Alt+RIGHT" = "add video-rotate 90";
@@ -37,7 +35,7 @@ in {
};
scripts = [
pkgs.mpvScripts.youtube-quality
niveumPackages.mpv-visualizer
(pkgs.callPackage <niveum/packages/mpv-visualizer.nix> {})
];
};
};

164
configs/neomutt.nix Normal file
View File

@@ -0,0 +1,164 @@
{
pkgs,
lib,
...
}: let
mainMailbox = "posteo";
accounts = import <niveum/lib/email.nix> {inherit lib mainMailbox;};
in {
environment.systemPackages = [pkgs.neomutt];
environment.shellAliases.mua = "${pkgs.neomutt}/bin/neomutt -f ${mainMailbox}";
home-manager.users.me.xdg.configFile."neomutt/neomuttrc".text = let
as-pdf = pkgs.writers.writeDash "as-pdf" ''
d=$(mktemp -d)
trap clean EXIT
clean() {
rm -rf "$d"
}
${pkgs.libreoffice}/bin/libreoffice --headless --convert-to pdf "$1" --outdir "$d"
${pkgs.zathura}/bin/zathura "$d"/*.pdf
'';
in ''
set mailcap_path = ${
pkgs.writeText "mailcap" ''
text/plain; $EDITOR %s ;
text/html; ${pkgs.lynx}/bin/lynx -assume_charset=%{charset} -display_charset=utf-8 -dump %s; nametemplate=%s.html; copiousoutput;
image/*; ${pkgs.sxiv}/bin/sxiv %s ;
video/*; ${pkgs.utillinux}/bin/setsid ${pkgs.mpv}/bin/mpv --quiet %s &; copiousoutput
audio/*; ${pkgs.mpv}/bin/mpv %s ;
application/pdf; ${pkgs.zathura}/bin/zathura %s ;
application/pgp-encrypted; ${pkgs.gnupg}/bin/gpg -d '%s'; copiousoutput;
application/pgp-keys; ${pkgs.gnupg}/bin/gpg --import '%s'; copiousoutput;
application/vnd.openxmlformats-officedocument.wordprocessingml.document; ${as-pdf} %s;
application/vnd.oasis.opendocument.text; ${as-pdf} %s;
application/vnd.openxmlformats*; ${pkgs.libreoffice}/bin/soffice '%s';
''
}:$mailcap_path
set sidebar_visible
set sidebar_format = "%D%?F? [%F]?%* %?N?%N/?%S"
set sidebar_width = 25 # Plenty of space
set sidebar_divider_char = '' # Pretty line-drawing character
set mail_check_stats
set index_format="%2C %Z %D %-15.15L %s"
set date_format="%F %R"
set sort = 'reverse-date'
set sleep_time = 0 # Pause 0 seconds for informational messages
set markers = no # Disables the `+` displayed at line wraps
set mark_old = no # Unread mail stay unread until read
set wait_key = no # mutt won't ask "press key to continue"
set fast_reply # skip to compose when replying
set forward_format = "Fwd: %s" # format of subject when forwarding
set reverse_name # reply as whomever it was to
set include=ask-no # don't include message in replies
auto_view text/html # automatically show html (mailcap uses lynx)
auto_view application/pgp-encrypted
alternative_order text/plain text/enriched text/html
set abort_noattach abort_noattach_regex="\<(attach|attached|attachments?|anbei|Anhang|angehängt)\>"
set attach_save_dir=/tmp
set fast_reply
set narrow_tree # narrow threads for more depth
bind index,pager B sidebar-toggle-visible # Use 'B' to switch the Sidebar on and off
bind index,pager \Ck sidebar-prev
bind index,pager \Cj sidebar-next
bind index,pager \Co sidebar-open
bind index,pager \Cp sidebar-prev-new
bind index,pager \Cn sidebar-next-new
macro index * <limit>~F\r
macro index + <limit>all\r
set query_command = "khard email --parsable %s"
bind editor <Tab> complete-query
bind editor ^T complete
set mail_check = 90
set timeout = 15
# set imap_check_subscribed
set use_from
set header_cache="~/.cache/mutt" message_cachedir="~/.cache/mutt"
source ${
pkgs.writeText "accounts.neomuttrc" ''
set realname = "Kierán Meinhardt"
account-hook . 'unset imap_user imap_pass smtp_user smtp_pass'
# set accordingly: postponed trash record
${
lib.concatStringsSep "\n\n" (lib.mapAttrsToList (name: account: let
imapRoot = "imaps://${account.user}@${account.imap}";
in ''
account-hook ${account.user}@${account.imap} 'set imap_user="${account.user}" imap_pass="${account.password}"'
account-hook ${account.user}@${account.smtp} 'set smtp_user="${account.user}" smtp_pass="${account.password}"'
folder-hook ${account.user}@${account.imap} 'set smtp_url="${account.smtpSettings "${account.user}@${account.smtp}"}" from="${account.address}" record="${imapRoot}/${account.folders.sent}" postponed="${imapRoot}/${account.folders.drafts}" trash="${imapRoot}/${account.folders.trash}"'
named-mailboxes "${name}" "${imapRoot}" "${name}" "${imapRoot}/${account.folders.sent}"
'')
accounts)
}
''
}
set spoolfile="${mainMailbox}"
source ${
pkgs.writeText "colors.neomuttrc" ''
# Default index colors:
color index_number blue default
color index red default '.*'
color index_flags lightcyan default '.*'
color index_author yellow default '.*'
color index_subject white default '.*'
# New mail is boldened:
color index_author lightyellow default "~N"
color index_subject lightwhite default "~N"
# Flagged mail is highlighted:
color index_flags lightmagenta default '~F'
# Other colors and aesthetic settings:
mono bold bold
mono underline underline
mono error bold
mono indicator reverse
# color sidebar_flagged red black
mono sidebar_new bold
color error red default
color message cyan default
color search brightmagenta default
color hdrdefault lightblack default
color quoted green default
color quoted1 blue default
color quoted2 cyan default
color quoted3 yellow default
color quoted4 red default
color quoted5 brightred default
color signature lightblack default
color tree color235 default
# Regex highlighting:
color header red default "^(Date)"
color header yellow default "^(From)"
color header white default "^(B?CC)"
color header brightwhite default "^(Subject)"
color body cyan default "[\-\.+_a-zA-Z0-9]+@[\-\.a-zA-Z0-9]+" # Email addresses
color body brightblue default "(https?|ftp)://[\-\.,/%~_:?&=\#a-zA-Z0-9]+" # URL
color body yellow default "^(\t| )*(-|\\*) \.*" # List items as yellow
color body red default "(BAD signature)|^gpg: BAD signature from.*"
color body brightgreen default "(Good signature)|^gpg: Good signature .*"
color body brightyellow default "^gpg: "
mono body bold "^gpg: Good signature"
mono body bold "^gpg: BAD signature from.*"
color body red default "([a-z][a-z0-9+-]*://(((([a-z0-9_.!~*'();:&=+$,-]|%[0-9a-f][0-9a-f])*@)?((([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?|[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+)(:[0-9]+)?)|([a-z0-9_.!~*'()$,;:@&=+-]|%[0-9a-f][0-9a-f])+)(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?(#([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?|(www|ftp)\\.(([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?(:[0-9]+)?(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?(#([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?)[^].,:;!)? \t\r\n<>\"]"
''
}
'';
}

49
configs/neovim.nix
View File

@@ -1,22 +1,30 @@
{
pkgs,
niveumPackages,
...
}: {
{pkgs, ...}: {
environment.variables.EDITOR = pkgs.lib.mkForce "nvim";
environment.shellAliases.vi = "nvim";
environment.shellAliases.vim = "nvim";
environment.shellAliases.view = "nvim -R";
nixpkgs.config.packageOverrides = pkgs: {
vimPlugins =
pkgs.vimPlugins
// {
cheat-sh-vim = pkgs.callPackage <niveum/packages/vimPlugins/cheat-sh.nix> {};
vim-fetch = pkgs.callPackage <niveum/packages/vimPlugins/vim-fetch.nix> {};
vim-colors-paramount = pkgs.callPackage <niveum/packages/vimPlugins/vim-colors-paramount.nix> {};
vim-256noir = pkgs.callPackage <niveum/packages/vimPlugins/vim-256noir.nix> {};
icalendar-vim = pkgs.callPackage <niveum/packages/vimPlugins/icalendar-vim.nix> {};
jq-vim = pkgs.callPackage <niveum/packages/vimPlugins/jq-vim.nix> {};
vim-fsharp = pkgs.callPackage <niveum/packages/vimPlugins/vim-fsharp.nix> {};
vim-reason-plus = pkgs.callPackage <niveum/packages/vimPlugins/vim-reason-plus.nix> {};
vim-mail = pkgs.callPackage <niveum/packages/vimPlugins/vim-mail.nix> {};
};
};
environment.systemPackages = [
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
(pkgs.neovim.override {
configure = {
customRC = ''
source ${../lib/vim/init.vim}
luafile ${../lib/vim/init.lua}
'';
customRC = builtins.readFile <niveum/lib/vim/init.vim>;
packages.nvim = with pkgs.vimPlugins; {
start = [
ale
@@ -26,25 +34,22 @@
undotree
tabular
# vimwiki
niveumPackages.vimPlugins-vim-colors-paramount
nvim-lspconfig
vim-colors-paramount
vim-commentary
vim-css-color
vim-eunuch
niveumPackages.vimPlugins-vim-fetch
vim-fetch
vim-fugitive
vim-gitgutter
vim-repeat
vim-sensible
vim-surround
(pkgs.vimUtils.buildVimPlugin rec {
pname = "vim-dim";
version = "1.1.0";
name = "${pname}-${version}";
(pkgs.vimUtils.buildVimPlugin {
name = "vim-dim-1.1.0";
src = pkgs.fetchFromGitHub {
owner = "jeffkreeftmeijer";
repo = pname;
rev = version;
repo = "vim-dim";
rev = "1.1.0";
sha256 = "sha256-lyTZUgqUEEJRrzGo1FD8/t8KBioPrtB3MmGvPeEVI/g=";
};
})
@@ -54,8 +59,8 @@
elm-vim
emmet-vim
haskell-vim
niveumPackages.vimPlugins-icalendar-vim
niveumPackages.vimPlugins-jq-vim
icalendar-vim
jq-vim
rust-vim
typescript-vim
vim-javascript
@@ -64,7 +69,7 @@
vimtex
vim-pandoc
vim-pandoc-syntax
niveumPackages.vimPlugins-vim-256noir
vim-256noir
];
};
};

35
configs/networkmanager.nix
View File

@@ -42,6 +42,8 @@
};
};
in {
imports = [<niveum/modules/networkmanager-declarative.nix>];
programs.nm-applet.enable = true;
networking.networkmanager = {
@@ -53,6 +55,39 @@ in {
wifi.macAddress = "random";
ethernet.macAddress = "random";
unmanaged = ["docker*"];
profiles = lib.mapAttrs profile {
Aether = {
connection.uuid = "7138bb0f-1aeb-4905-890e-a6628427aa21";
ipv6.addr-gen-mode = "stable";
wifi.cloned-mac-address = "stable";
wifi-security = {
psk = lib.strings.fileContents <secrets/wifi/Aether.psk>;
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
FactoryCommunityGuest = {
connection.uuid = "fb1f2e52-651e-48b5-a72c-1accddf31afb";
connection.timestamp = "1631885129";
wifi.seen-bssids = "54:EC:2F:19:30:DC;54:EC:2F:19:5C:9C;54:EC:2F:58:E4:3C;";
wifi-security = {
psk = "Factory4ever";
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
o2-WLAN66 = {
connection.uuid = "c563aec3-f344-4ffb-8d1c-60a6cdac8fe0";
wifi-security = {
psk = "PK3468KV488T934U";
auth-alg = "open";
key-mgmt = "wpa-psk";
};
};
"WIFI@DB".connection.uuid = "4eff4e94-8850-4e9f-a338-1787d0d90479";
eduroam = eduroamProfile;
eduroam_5GHz = eduroamProfile;
};
};
users.users.me.extraGroups = ["networkmanager"];

48
configs/newsboat.nix
View File

@@ -1,7 +1,6 @@
{
pkgs,
config,
lib,
...
}: let
ytdl-format = "'bestvideo[height<=?720][fps<=?30][vcodec!=?vp9]+bestaudio/best'";
@@ -9,32 +8,10 @@
youtube-download = "${pkgs.ts}/bin/ts ${pkgs.yt-dlp}/bin/yt-dlp -f ${ytdl-format} --add-metadata";
newsboat-home = "${config.users.users.me.home}/cloud/Seafile/Documents/newsboat";
linkhandler = pkgs.writers.writeDash "linkhandler" ''
# Feed script a url or file location.
# If an image, it will view in sxiv,
# if a video or gif, it will view in mpv
# if a music file or pdf, it will download,
# otherwise it opens link in browser.
# If no url given. Opens browser. For using script as $BROWSER.
[ -z "$1" ] && { "$BROWSER"; exit; }
case "$1" in
*mkv|*webm|*mp4|*youtube.com/watch*|*youtube.com/playlist*|*youtu.be*|*bitchute.com*|*videos.lukesmith.xyz*|*odysee.com*)
setsid -f ${pkgs.mpv}/bin/mpv -quiet "$1" >/dev/null 2>&1 ;;
*png|*jpg|*jpe|*jpeg|*gif)
curl -sL "$1" > "/tmp/$(echo "$1" | sed "s/.*\///")" && sxiv -a "/tmp/$(echo "$1" | sed "s/.*\///")" >/dev/null 2>&1 & ;;
*mp3|*flac|*opus|*mp3?source*)
setsid -f tsp curl -LO "$1" >/dev/null 2>&1 ;;
*)
if [ -f "$1" ]; then "$TERMINAL" -e "$EDITOR" "$1"
else setsid -f "$BROWSER" "$1" >/dev/null 2>&1; fi ;;
esac
'';
linkhandler-bin = "${pkgs.scripts.linkhandler}/bin/linkhandler";
newsboat-config = pkgs.writeText "config" ''
auto-reload no
reload-threads 8
prepopulate-query-feeds yes
# dont keep a search history
@@ -44,12 +21,12 @@
text-width 85
external-url-viewer "${pkgs.urlscan}/bin/urlscan -dc -r '${linkhandler} {}'"
browser ${linkhandler}
external-url-viewer "${pkgs.urlscan}/bin/urlscan -dc -r '${linkhandler-bin} {}'"
browser ${linkhandler-bin}
macro , open-in-browser
macro c set browser "${pkgs.xsel}/bin/xsel -b <<<" ; open-in-browser ; set browser ${linkhandler}
macro v set browser "${pkgs.util-linux}/bin/setsid -f ${pkgs.mpv}/bin/mpv" ; open-in-browser ; set browser ${linkhandler}
macro y set browser "${youtube-download}" ; open-in-browser ; set browser ${linkhandler}
macro c set browser "${pkgs.xsel}/bin/xsel -b <<<" ; open-in-browser ; set browser ${linkhandler-bin}
macro v set browser "${pkgs.utillinux}/bin/setsid -f ${pkgs.mpv}/bin/mpv" ; open-in-browser ; set browser ${linkhandler-bin}
macro y set browser "${youtube-download}" ; open-in-browser ; set browser ${linkhandler-bin}
bind-key j down
bind-key k up
@@ -84,20 +61,21 @@
color listfocus blue default
color listfocus_unread blue default bold
color info red default bold
urls-source "miniflux"
miniflux-url "https://feed.kmein.de"
miniflux-login "kfm"
miniflux-password "${lib.strings.fileContents <secrets/miniflux/password>}"
'';
newsboat-sql = "${pkgs.sqlite}/bin/sqlite3 ${newsboat-home}/cache.db";
in {
nixpkgs.config.packageOverrides = pkgs: {
newsboat = pkgs.writers.writeDashBin "newsboat" ''
${pkgs.newsboat}/bin/newsboat -C ${newsboat-config} -c ${newsboat-home}/cache.db -u ${newsboat-home}/urls "$@"
'';
};
environment.systemPackages = [
pkgs.newsboat
(pkgs.writers.writeDashBin "newsboat-unread-count" ''
if [ -f ${newsboat-home}/cache.db.lock ]; then
${pkgs.jq}/bin/jq -n '{state: "Info", text: "", icon: "rss"}'
${pkgs.jq}/bin/jq -n '{state: "Info", text: "", icon: "update"}'
else
${pkgs.jq}/bin/jq -n \

17
configs/nix.nix
View File

@@ -1,9 +1,24 @@
{pkgs, ...}: {
nixpkgs = {
config.allowUnfree = true;
overlays = [
(import <nix-writers/pkgs>)
(import <stockholm/krebs/5pkgs>)
];
};
nix = {
package = pkgs.nixFlakes;
package = pkgs.nixUnstable;
extraOptions = "experimental-features = nix-command flakes";
settings = {
substituters = [
"http://cache.prism.r"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
"cache.prism-2:YwmCm3/s/D+SxrPKN/ETjlpw/219pNUbpnluatp6FKI="
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
];
};
};
}

158
configs/packages.nix
View File

@@ -1,12 +1,12 @@
{
config,
pkgs,
lib,
inputs,
niveumPackages,
...
}: let
worldradio = pkgs.callPackage ../packages/worldradio.nix {};
hc = pkgs.callPackage <stockholm/tv/5pkgs/simple/hc.nix> {};
worldradio = pkgs.callPackage <niveum/packages/worldradio.nix> {};
menstruation = pkgs.callPackage <menstruation-backend> {};
pandoc-doc = pkgs.callPackage <niveum/packages/man/pandoc.nix> {};
zoteroStyle = {
name,
@@ -53,6 +53,8 @@
' $out/astrolog/astrolog.as
'';
});
recht = pkgs.callPackage <recht> {};
in {
home-manager.users.me.home.file = {
".csl".source = cslDirectory;
@@ -70,12 +72,11 @@ in {
dnsutils
# FILE MANAGERS
lf
cinnamon.nemo
pcmanfm
# MEDIA
ffmpeg
imagemagick
exiftool
nsxiv
# ARCHIVE TOOLS
unzip
unrar
@@ -93,16 +94,16 @@ in {
file # determine file type
dos2unix
genpass # generate passwords
gdu # ncurses disk usage (ncdu is broken)
ncdu # ncurses disk usage
rmlint # remove duplicate files
python3Packages.jsonschema # json validation
jq # json toolkit
pup # html toolkit
htmlq
xsv # csv toolkit
fq # toolkit for yaml, xml and binaries
xmlstarlet # xml toolkit
man-pages
man-pages-posix
posix_man_pages
tree
exfat # to mount windows drives
parallel # for parallel, since moreutils shadows task spooler
@@ -131,68 +132,69 @@ in {
pdftk # pdf toolkit
mupdf
poppler_utils # pdf toolkit
foxitreader # for viewing pdf annotations
okular # the word is nucular
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
niveumPackages.hc # print files as qr codes
hc # print files as qr codes
yt-dlp
espeak
bc # calculator
pari # gp -- better calculator
rink # unit converter
niveumPackages.auc
niveumPackages.cheat-sh
niveumPackages.infschmv
niveumPackages.qrpaste
niveumPackages.ttspaste
niveumPackages.new-mac # get a new mac address
niveumPackages.scanned
niveumPackages.default-gateway
niveumPackages.kirciuoklis
niveumPackages.image-convert-favicon
niveumPackages.heuretes
niveumPackages.ipa # XSAMPA to IPA converter
niveumPackages.pls
niveumPackages.mpv-tv
niveumPackages.devanagari
niveumPackages.betacode # ancient greek betacode to unicode converter
niveumPackages.meteo
niveumPackages.mahlzeit
niveumPackages.vimv
niveumPackages.swallow # window swallowing
niveumPackages.literature-quote
scripts.auc
scripts.stackoverflow
scripts.infschmv
scripts.qrpaste
scripts.ttspaste
scripts.new-mac # get a new mac address
scripts.scanned
scripts.default-gateway
scripts.showkeys-toggle
scripts.kirciuoklis
scripts.favicon
scripts.heuretes
scripts.ipa # XSAMPA to IPA converter
scripts.playlist
scripts.mpv-tv
scripts.devanagari
scripts.betacode # ancient greek betacode to unicode converter
scripts.meteo
scripts.mahlzeit
recht
scripts.vimv
scripts.swallow # window swallowing
scripts.literature-quote
jless # less(1) for json
niveumPackages.booksplit
niveumPackages.dmenu-randr
niveumPackages.dmenu-bluetooth
niveumPackages.manual-sort
niveumPackages.dns-sledgehammer
scripts.notetags
scripts.booksplit
scripts.dmenurandr
scripts.interdimensional-cable
scripts.dmenubluetooth
scripts.manual-sort
scripts.much-scripts
scripts.dns-sledgehammer
ts
niveumPackages.vg
niveumPackages.fkill
niveumPackages.wttr
niveumPackages.unicodmenu
niveumPackages.closest
niveumPackages.trans
(niveumPackages.mpv-radio.override {
di-fm-key-file = config.age.secrets.di-fm-key.path;
})
scripts.vg
scripts.fkill
scripts.wttr
scripts.unicodmenu
scripts.closest
scripts.trans
scripts.mpv-radio
# kmein.slide
termdown
niveumPackages.image-convert-tolino
niveumPackages.rfc
niveumPackages.tag
niveumPackages.timer
niveumPackages.menu-calc
scripts.tolino-screensaver
scripts.rfc
scripts.tag
scripts.timer
python3Packages.eyeD3
scripts.menu-calc
nix-prefetch-git
niveumPackages.nix-git
scripts.nix-git
nixfmt
par
qrencode
inputs.menstruation-backend.defaultPackage.x86_64-linux
inputs.agenix.packages.x86_64-linux.default
inputs.recht.defaultPackage.x86_64-linux
menstruation
(pkgs.writers.writeDashBin "worldradio" ''
shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
@@ -202,24 +204,24 @@ in {
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
inputs.scripts.packages.x86_64-linux.alarm
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import <niveum/lib/local-network.nix>).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import <niveum/lib/local-network.nix>).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
spotify
ncspot
playerctl
nix-index
niveumPackages.nix-index-update
scripts.nix-index-update
#krebs
niveumPackages.dic
niveumPackages.cyberlocker-tools
niveumPackages.untilport
niveumPackages.kpaste
config.nur.repos.mic92.ircsink
dic
cyberlocker-tools
untilport
kpaste
irc-announce
git-preview
ircaids
(python3.withPackages (py: [
py.black
@@ -231,14 +233,7 @@ in {
py.pygments
py.schema
]))
# python3Packages.poetry
# language servers
pyright
haskell-language-server
texlab
nil
rust-analyzer
python3Packages.poetry
html-tidy
nodePackages.csslint
@@ -246,21 +241,20 @@ in {
nodePackages.prettier
nodePackages.typescript
nodePackages.yarn
deno # better node.js
nodejs
nodePackages.javascript-typescript-langserver
texlive.combined.scheme-full
latexrun
(aspellWithDicts (dict: [dict.de dict.en dict.en-computers]))
# haskellPackages.pandoc-citeproc
niveumPackages.text2pdf
scripts.text2pdf
lowdown
glow # markdown to term
libreoffice
# gnumeric
dia
pandoc
niveumPackages.man-pandoc
pandoc-doc
# proselint
asciidoctor
wordnet
@@ -271,17 +265,11 @@ in {
shellcheck
(pkgs.writers.writeDashBin "hass-cli" ''
HASS_SERVER=http://zaatar.r:8123 HASS_TOKEN="$(cat ${config.age.secrets.home-assistant-token.path})" exec ${pkgs.home-assistant-cli}/bin/hass-cli "$@"
HASS_SERVER=http://zaatar.r:8123 HASS_TOKEN=${lib.strings.fileContents <secrets/hass/token>} exec ${pkgs.home-assistant-cli}/bin/hass-cli "$@"
'')
scripts.rofi-hass
];
age.secrets.home-assistant-token = {
file = ../secrets/home-assistant-token.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
home-manager.users.me.xdg.configFile."pycodestyle".text = ''
[pycodestyle]
max-line-length = 110

25
configs/picom.nix
View File

@@ -1,25 +0,0 @@
{
services.picom = {
enable = true;
activeOpacity = 1;
fade = true;
fadeDelta = 1;
inactiveOpacity = 0.9;
shadow = true;
menuOpacity = 0.9;
shadowOpacity = 0.3;
fadeExclude = [
"class_g = 'slock'" # don't want a transparent lock screen!
"name *?= 'slock'"
"focused = 1"
];
opacityRules = [
# opacity-rule overrides both inactive and active opacity
# video in browser tabs
# substring /regex match of title bar text
"99:name *?= 'Youtube'"
"99:WM_CLASS@:s *= 'mpv$'"
];
};
}

8
configs/power-action.nix
View File

@@ -5,13 +5,15 @@
}: let
suspend = pkgs.writers.writeDash "suspend" "${pkgs.systemd}/bin/systemctl suspend";
in {
services.power-action = {
imports = [<stockholm/krebs/3modules/power-action.nix>];
krebs.power-action = {
enable = true;
plans.suspend = {
upperLimit = 7;
lowerLimit = 0;
charging = false;
action = pkgs.writers.writeDash "suspend-wrapper" ''
action = pkgs.writeDash "suspend-wrapper" ''
/run/wrappers/bin/sudo ${suspend}
'';
};
@@ -19,6 +21,6 @@ in {
};
security.sudo.extraConfig = ''
${config.services.power-action.user} ALL= (root) NOPASSWD: ${suspend}
${config.krebs.power-action.user} ALL= (root) NOPASSWD: ${suspend}
'';
}

2
configs/printing.nix
View File

@@ -1,5 +1,5 @@
{pkgs, ...}: let
inherit (import ../lib) localAddresses;
inherit (import <niveum/lib>) localAddresses;
hp-driver = pkgs.hplip;
in {
services.printing = {

9
configs/retiolum.nix
View File

@@ -3,10 +3,9 @@
pkgs,
...
}: {
networking.hosts = {"42:0:ca48:f98f:63d7:31ce:922b:245d" = ["go"];};
imports = [
<niveum/modules/retiolum.nix>
];
services.tinc.networks.retiolum = {
rsaPrivateKeyFile = config.age.secrets.retiolum-rsa.path;
ed25519PrivateKeyFile = config.age.secrets.retiolum-ed25519.path;
};
networking.hosts = {"42:0:ca48:f98f:63d7:31ce:922b:245d" = ["go"];};
}

15
configs/rofi.nix
View File

@@ -8,19 +8,6 @@ in {
home-manager.users.me.programs.rofi = {
enable = true;
font = "Monospace 10";
theme = "${pkgs.rofi}/share/rofi/themes/Arc.rasi";
pass = {
enable = true;
extraConfig = ''
_pwgen() {
${pkgs.genpass}/bin/genpass "$@"
}
USERNAME_field='login'
default_user2=kmein
help_color="#FF0000"
''; # help_color set by https://github.com/mrossinek/dotfiles/commit/13fc5f24caa78c8f20547bf473266879507f13bf
};
plugins = [pkgs.rofi-calc];
theme = "${pkgs.rofi}/share/rofi/themes/Arc-Dark.rasi";
};
}

6
configs/save-space.nix
View File

@@ -7,10 +7,4 @@
fonts.fontconfig.enable = false;
nix.gc.automatic = true;
nix.optimise.automatic = true;
services.journald.extraConfig = "SystemMaxUse=500M";
# https://webzine.snowflake.ovh/issue-001.html -- garbage collect when less then 1 GB is available, make 3 GB fee
nix.extraOptions = ''
min-free = 1073741824
max-free = 3221225472
'';
}

45
configs/sound.nix
View File

@@ -1,45 +0,0 @@
{pkgs, ...}: {
sound.enable = true;
# realtime audio for pulseaudio
security.rtkit.enable = true;
services.pipewire = {
enable = false;
systemWide = false;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
jack.enable = true;
};
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
# copy server:/run/pulse/.config/pulse/cookie to client:~/.config/pulse/cookie to authenticate a client machine
zeroconf.discovery.enable = true;
extraConfig = ''
load-module ${
toString [
"module-tunnel-sink-new"
"server=zaatar.r"
"sink_name=zaatar"
"channels=2"
"rate=44100"
]
}
'';
};
users.users.me.extraGroups = ["pipewire" "audio"];
environment.systemPackages = [
pkgs.pavucontrol
pkgs.ncpamixer
pkgs.pamixer
pkgs.pulsemixer
pkgs.pulseaudio # for pactl
];
}

46
configs/ssh.nix
View File

@@ -4,43 +4,19 @@
lib,
...
}: let
inherit (import ../lib) sshPort kieran;
externalNetwork = import ../lib/external-network.nix;
inherit (import <niveum/lib>) sshPort kieran;
externalNetwork = import <niveum/lib/external-network.nix>;
sshIdentity = name: "${config.users.users.me.home}/.ssh/${name}";
in {
services.xserver.displayManager.sessionCommands = "${pkgs.openssh}/bin/ssh-add";
programs.ssh.startAgent = true;
users.users.me.openssh.authorizedKeys.keys = kieran.sshKeys pkgs;
home-manager.users.me = {
services.gpg-agent = rec {
enable = true;
enableSshSupport = true;
defaultCacheTtlSsh = 2 * 60 * 60;
maxCacheTtlSsh = 4 * defaultCacheTtlSsh;
sshKeys = [
"568047C91DE03A23883E340F15A9C24D313E847C"
"BB3EE102DB8CD45540A78A6B18B511B67061F6B4" # kfm@manakish ed25519
"3F8986755818B5762A096BE212777EAAC441DD9D" # fysiweb rsa
"0E4ABD229432486CC432639BB0986B2CDE365105" # agenix ed25519
"A1E8D32CBFCDBD2DE798E2298D795CCFD785AE06" # kfm@kabsa ed25519
];
};
};
environment.extraInit = ''
if [[ -z "$SSH_AUTH_SOCK" ]]; then
export SSH_AUTH_SOCK="$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket)"
fi
'';
environment.interactiveShellInit = ''
GPG_TTY="$(tty)"
export GPG_TTY
${pkgs.gnupg}/bin/gpg-connect-agent updatestartuptty /bye > /dev/null
'';
home-manager.users.me.programs.ssh = {
enable = true;
matchBlocks = rec {
matchBlocks = {
"github.com" = {
hostname = "ssh.github.com";
port = 443;
@@ -65,11 +41,6 @@ in {
user = "root";
port = sshPort;
};
tabula = {
hostname = "tabula.r";
user = "root";
port = sshPort;
};
manakish = {
hostname = "manakish.r";
user = "kfm";
@@ -88,14 +59,11 @@ in {
hostname = "135.181.85.233";
user = "root";
};
"cms-dev.woc2023.app".identityFile = sshIdentity "fysiweb";
"cms-master.woc2023.app".identityFile = sshIdentity "fysiweb";
"fysi-dev1" = {
hostname = "94.130.229.139";
user = "root";
identityFile = sshIdentity "fysiweb";
};
${fysi-dev1.hostname} = fysi-dev1;
"fysi-shared0" = {
hostname = "49.12.205.235";
user = "root";

2
configs/sshd.nix
View File

@@ -4,7 +4,7 @@
pkgs,
...
}: let
inherit (import ../lib) sshPort kieran;
inherit (import <niveum/lib>) sshPort kieran;
in {
users.motd = "Welcome to ${config.networking.hostName}!";

18
configs/stardict.nix
View File

@@ -158,16 +158,6 @@
sha256 = "03f9wdmkgpjifpms7dyh10ma29wf3ka1j3zlp1av0cybhdldk2a8";
};
};
turkish = {
BabylonTurkishEnglish = pkgs.fetchzip {
url = "http://download.huzheng.org/babylon/bidirectional/stardict-babylon-Babylon_Turkish_English-2.4.2.tar.bz2";
sha256 = "17rv46r95nkikg7aszqmfrbgdhz9ny52w423m8n01g3p93shdb4i";
};
BabylonEnglishTurkish = pkgs.fetchzip {
url = "http://download.huzheng.org/babylon/bidirectional/stardict-babylon-Babylon_English_Turkish-2.4.2.tar.bz2";
sha256 = "063dl02s8ii8snsxgma8wi49xwr6afk6ysq0v986fygx5511353f";
};
};
};
makeStardictDataDir = dicts: pkgs.linkFarm "dictionaries" (lib.mapAttrsToList (name: path: {inherit name path;}) dicts);
@@ -179,7 +169,7 @@
exec ${pkgs.sdcv}/bin/sdcv --color --only-data-dir --data-dir ${makeStardictDataDir dicts} "$@"
'';
sdcvPager = pkgs.writers.writeDash "sdcvPager" ''
sdcvPager = pkgs.writeDash "sdcvPager" ''
export PATH=${lib.makeBinPath [pkgs.gnused pkgs.ncurses pkgs.less]}
sed "
s!<sup>1</sup>!¹!gI
@@ -302,18 +292,16 @@ in {
// dictionaries.sanskrit
// dictionaries.oed
// dictionaries.russian
// dictionaries.englishGerman
// dictionaries.turkish));
// dictionaries.englishGerman));
environment.systemPackages = [
# pkgs.goldendict
pkgs.goldendict
(makeStardict "lsj" dictionaries.classics)
(makeStardict "sa" dictionaries.sanskrit)
(makeStardict "oed" dictionaries.oed)
(makeStardict "sd-russian" dictionaries.russian)
(makeStardict "sd" dictionaries.englishGerman)
(makeStardict "jbo" dictionaries.lojban)
(makeStardict "sd-turkish" dictionaries.turkish)
];
}
/*

66
configs/sxiv.nix Normal file
View File

@@ -0,0 +1,66 @@
{
pkgs,
lib,
...
}: let
important-directories = pkgs.writeText "directories" ''
h ~/
d ~/cloud/Dropbox/
g ~/cloud/gdrive/
s ~/cloud/Seafile/
kk ~/cloud/keybase/private/kmein/
kp ~/cloud/keybase/public/kmein/
t /tmp
D ~/Downloads
cf ''${XDG_CONFIG_HOME:-$HOME/.config}
'';
in {
environment.systemPackages = [pkgs.sxiv];
# TODO fix
home-manager.users.me.xdg.configFile."sxiv/exec/key-handler".source = pkgs.writers.writeDash "key-handler" ''
PATH=$PATH:${
lib.makeBinPath [
pkgs.gnused
pkgs.gawk
pkgs.dmenu
pkgs.coreutils
pkgs.libnotify
pkgs.imagemagick
pkgs.xclip
]
}
echo >&2 key "$1" pressed
while read file; do
case "$1" in
"c")
[ -z "$destdir" ] && destdir="$(sed "s/\s.*#.*$//;/^\s*$/d" ${important-directories} | awk '{print $2}' | dmenu -l 20 -i -p "Copy file(s) to where?" | sed "s|~|$HOME|g")"
[ -z "$destdir" ] && exit
[ ! -d "$destdir" ] && notify-send "$destdir is not a directory, cancelled." && exit
cp "$file" "$destdir" && notify-send -i "$(readlink -f "$file")" "$file copied to $destdir." &
;;
"m")
[ -z "$destdir" ] && destdir="$(sed "s/\s.*#.*$//;/^\s*$/d" ${important-directories} | awk '{print $2}' | dmenu -l 20 -i -p "Move file(s) to where?" | sed "s|~|$HOME|g")"
[ -z "$destdir" ] && exit
[ ! -d "$destdir" ] && notify-send "$destdir is not a directory, cancelled." && exit
mv "$file" "$destdir" && notify-send -i "$(readlink -f "$file")" "$file moved to $destdir." &
;;
"r")
convert -rotate 90 "$file" "$file" ;;
"R")
convert -rotate -90 "$file" "$file" ;;
"f")
convert -flop "$file" "$file" ;;
"y")
echo -n "$file" | xclip -selection clipboard &&
notify-send "$file copied to clipboard" & ;;
"Y")
readlink -f "$file" | xclip -selection clipboard &&
notify-send "$(readlink -f "$file") copied to clipboard" & ;;
"d")
[ "$(printf "No\\nYes" | dmenu -i -p "Really delete $file?")" = "Yes" ] && rm "$file" && notify-send "$file deleted." ;;
esac
done
'';
}

10
configs/telegram-bots/astrology.nix
View File

@@ -4,6 +4,8 @@
lib,
...
}: let
unstable = import <nixos-unstable> {inherit (config.nixpkgs) config;};
toSymbols = pkgs.writers.writeDash "to-symbols" ''
${pkgs.gnused}/bin/sed '
s/\bTri\b//;
@@ -42,16 +44,16 @@
'';
in {
niveum.telegramBots.transits = {
enable = true;
enable = false;
time = "*:0/1";
tokenFile = config.age.secrets.telegram-token-kmein.path;
token = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
chatIds = ["-1001796440545"];
command = toString (pkgs.writers.writeDash "common-transits" ''
now=$(${pkgs.coreutils}/bin/date +%_H:%M | ${pkgs.gnused}/bin/sed 's/^\s*//')
date=$(${pkgs.coreutils}/bin/date +'%m %d %Y')
{
${pkgs.astrolog}/bin/astrolog -qd $date -zN Berlin -Yt -Yd -d -R Uranus Neptune Pluto "North Node" -A 2
${pkgs.astrolog}/bin/astrolog -Yt -Yd -q 10 22 1999 6:32 -zN Kassel -td $date -R Uranus Neptune Pluto "North Node"
${unstable.astrolog}/bin/astrolog -qd $date -zN Berlin -Yt -Yd -d -R Uranus Neptune Pluto "North Node"
${unstable.astrolog}/bin/astrolog -Yt -Yd -q 10 22 1999 6:32 -zN Kassel -td $date -R Uranus Neptune Pluto "North Node"
} | ${toSymbols} | ${pkgs.coreutils}/bin/sort -n | ${pkgs.gnugrep}/bin/grep "^$now" || :
'');
};

5
configs/telegram-bots/autorenkalender.nix
View File

@@ -1,7 +1,6 @@
{
pkgs,
lib,
config,
...
}: let
autorenkalender-package = pkgs.fetchFromGitHub {
@@ -16,14 +15,12 @@ in {
niveum.telegramBots.autorenkalender = {
enable = true;
time = "07:00";
tokenFile = config.age.secrets.telegram-token-kmein.path;
token = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
chatIds = ["@autorenkalender"];
parseMode = "Markdown";
command = "${autorenkalender}/bin/autorenkalender";
};
age.secrets.telegram-token-kmein.file = ../../secrets/telegram-token-kmein.age;
niveum.passport.services = [
{
title = "Autorenkalender";

36
configs/telegram-bots/celan.nix
View File

@@ -1,36 +0,0 @@
{
pkgs,
lib,
config,
...
}: let
celan = pkgs.fetchzip {
url = "http://c.krebsco.de/celan.tar.gz";
sha256 = "sha256-nA+EwAH2vkeolsy9AoPLEMt1uGKDZe/aPrS95CZvuus=";
};
in {
niveum.telegramBots.celan = {
enable = true;
time = "08:00";
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = ["@PaulCelan"];
command = toString (pkgs.writers.writeDash "random-celan" ''
cd ${celan}
poem="$(${pkgs.findutils}/bin/find . -type f | ${pkgs.coreutils}/bin/shuf -n1)"
source="$(${pkgs.coreutils}/bin/dirname "$poem" | ${pkgs.gnused}/bin/sed 's#^\./##;s/[-_]/ /g;s!/! !g;s/0\([0-9]\+\)/\1/g')"
cat "$poem"
echo
printf "Aus: %s\n" "$source"
'');
};
systemd.timers.telegram-bot-celan.timerConfig.RandomizedDelaySec = "10h";
niveum.passport.services = [
{
title = "Paul Celan Bot";
description = "sends a random poem by Paul Celan to Telegram.";
link = "https://t.me/PaulCelan";
}
];
}

37
configs/telegram-bots/default.nix
View File

@@ -2,23 +2,26 @@
config,
pkgs,
lib,
inputs,
...
}: let
telebots = inputs.telebots.defaultPackage.x86_64-linux;
nixpkgs-21-11 = import (builtins.fetchTarball "https://github.com/NixOS/nixpkgs/archive/nixos-21.11.tar.gz") {
config.permittedInsecurePackages = [
"python3.9-poetry-1.1.12"
];
};
telebots = nixpkgs-21-11.callPackage <telebots> {};
reverseDirectory = "/run/telegram-reverse";
proverbDirectory = "/run/telegram-proverb";
inherit (import ../../lib) tmpfilesConfig;
inherit (import <niveum/lib>) tmpfilesConfig;
in {
imports = [
./literature-quote.nix
./astrology.nix
./autorenkalender.nix
./hesychius.nix
./smyth.nix
./nachtischsatan.nix
./tlg-wotd.nix
./celan.nix
<niveum/modules/telegram-bot.nix>
];
systemd.tmpfiles.rules = map (path:
@@ -47,45 +50,33 @@ in {
}
];
age.secrets = {
telegram-token-reverse.file = ../../secrets/telegram-token-reverse.age;
telegram-token-betacode.file = ../../secrets/telegram-token-betacode.age;
telegram-token-proverb.file = ../../secrets/telegram-token-proverb.age;
};
systemd.services.telegram-reverse = {
wantedBy = ["multi-user.target"];
description = "Telegram reverse bot";
path = [pkgs.ffmpeg];
environment.TELEGRAM_BOT_TOKEN = lib.strings.fileContents <system-secrets/telegram/reverse.token>;
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-reverse
'';
script = "${telebots}/bin/telegram-reverse";
serviceConfig.Restart = "always";
serviceConfig.WorkingDirectory = reverseDirectory;
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-reverse.path}";
};
systemd.services.telegram-betacode = {
wantedBy = ["multi-user.target"];
description = "Telegram beta code bot";
environment.TELEGRAM_BOT_TOKEN = lib.strings.fileContents <system-secrets/telegram/betacode.token>;
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-betacode
'';
script = "${telebots}/bin/telegram-betacode";
serviceConfig.Restart = "always";
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-betacode.path}";
};
systemd.services.telegram-proverb = {
wantedBy = ["multi-user.target"];
description = "Telegram proverb bot";
environment.TELEGRAM_BOT_TOKEN = lib.strings.fileContents <system-secrets/telegram/proverb.token>;
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-proverb
'';
script = "${telebots}/bin/telegram-proverb";
serviceConfig.Restart = "always";
serviceConfig.WorkingDirectory = proverbDirectory;
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-proverb.path}";
};
}

8
configs/telegram-bots/hesychius.nix
View File

@@ -1,22 +1,18 @@
{
pkgs,
config,
inputs,
lib,
...
}: let
hesychius = inputs.scripts.outPath + "/hesychius/hesychius.txt";
hesychius = <scripts> + "/hesychius/hesychius.txt";
in {
niveum.telegramBots.hesychius = {
enable = true;
time = "08:00";
tokenFile = config.age.secrets.telegram-token-kmein.path;
token = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
chatIds = ["@HesychiosAlexandreus"];
command = "${pkgs.coreutils}/bin/shuf -n1 ${hesychius}";
};
systemd.timers.telegram-bot-hesychius.timerConfig.RandomizedDelaySec = "10h";
niveum.passport.services = [
{
title = "Hesychius of Alexandria Bot";

11
configs/telegram-bots/literature-quote.nix
View File

@@ -1,16 +1,17 @@
{
pkgs,
config,
lib,
niveumPackages,
...
}: {
}: let
scripts = import <niveum/packages/scripts> {inherit pkgs lib;};
inherit (scripts) literature-quote;
in {
niveum.telegramBots.quotebot = {
enable = true;
time = "08/6:00";
tokenFile = config.age.secrets.telegram-token-kmein.path;
token = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
chatIds = ["-1001760262519"];
command = "${niveumPackages.literature-quote}/bin/literature-quote";
command = "${literature-quote}/bin/literature-quote";
parseMode = "Markdown";
};

16
configs/telegram-bots/nachtischsatan.nix
View File

@@ -1,10 +1,9 @@
{
pkgs,
config,
lib,
...
}: let
nachtischsatan-bot = {tokenFile}:
nachtischsatan-bot = {token}:
pkgs.writers.writePython3 "nachtischsatan-bot" {
libraries = [pkgs.python3Packages.python-telegram-bot];
} ''
@@ -19,12 +18,11 @@
update.message.reply_text("*flubberflubber*")
with open('${tokenFile}', 'r') as tokenFile:
updater = Updater(tokenFile.read().strip())
updater = Updater('${token}')
updater.dispatcher.add_handler(MessageHandler(Filters.all, flubber))
updater.start_polling()
updater.idle()
updater.dispatcher.add_handler(MessageHandler(Filters.all, flubber))
updater.start_polling()
updater.idle()
'';
in {
systemd.services.telegram-nachtischsatan = {
@@ -32,13 +30,11 @@ in {
description = "*flubberflubber*";
enable = true;
script = toString (nachtischsatan-bot {
tokenFile = config.age.secrets.telegram-token-nachtischsatan.path;
token = lib.strings.fileContents <system-secrets/telegram/nachtischsatan.token>;
});
serviceConfig.Restart = "always";
};
age.secrets.telegram-token-nachtischsatan.file = ../../secrets/telegram-token-nachtischsatan.age;
niveum.passport.services = [
{
title = "Nachtischsatan-Bot";

38
configs/telegram-bots/smyth.nix
View File

@@ -1,38 +0,0 @@
{
config,
pkgs,
lib,
...
}: {
niveum.telegramBots.smyth = {
enable = true;
time = "08:00";
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = ["@HerbertWeirSmyth"];
command = toString (pkgs.writers.writeDash "random-smyth" ''
set -efu
RANDOM_SECTION=$(
${pkgs.curl}/bin/curl -sSL http://www.perseus.tufts.edu/hopper/xmltoc?doc=Perseus%3Atext%3A1999.04.0007%3Asmythp%3D1 \
| ${pkgs.gnugrep}/bin/grep -o 'ref="[^"]*"' \
| ${pkgs.coreutils}/bin/shuf -n1 \
| ${pkgs.gnused}/bin/sed 's/^ref="//;s/"$//'
)
${pkgs.curl}/bin/curl -sSL http://www.perseus.tufts.edu/hopper/text?doc=$RANDOM_SECTION\
| ${pkgs.htmlq}/bin/htmlq '#text_main' \
| ${pkgs.gnused}/bin/sed 's/<\/\?hr>//g' \
| ${pkgs.pandoc}/bin/pandoc -f html -t plain --wrap=none
'');
};
systemd.timers.telegram-bot-smyth.timerConfig.RandomizedDelaySec = "10h";
niveum.passport.services = [
{
title = "Herbert Weir Smyth Bot";
description = "sends a random section from Smyth's Ancient Greek grammar to Telegram.";
link = "https://t.me/HerbertWeirSmyth";
}
];
}

5
configs/telegram-bots/tlg-wotd.nix
View File

@@ -1,19 +1,18 @@
{
pkgs,
lib,
config,
...
}: {
niveum.telegramBots.tlg-wotd = {
enable = true;
time = "9:30";
token = lib.strings.fileContents <system-secrets/telegram/kmein.token>;
chatIds = ["@tlgwotd"];
tokenFile = config.age.secrets.telegram-token-kmein.path;
command = toString (pkgs.writers.writeDash "tlg-wotd" ''
${pkgs.curl}/bin/curl -sSL http://stephanus.tlg.uci.edu/Iris/Wotd \
| ${pkgs.recode}/bin/recode html..utf8 \
| ${pkgs.jq}/bin/jq -r '
"*\(.word)* '\'''\(.definition | sub("<.*>"; "") | rtrimstr(" "))'\'''\n\nFirst occurrence: \(.firstOccurrence)\nNumber of occurrences: \(.totalOccurrences)"
"*\(.word)* '\'''\(.definition | rtrimstr(" "))'\'''\n\nFirst occurrence: \(.firstOccurrence)\nNumber of occurrences: \(.totalOccurrences)"
'
'');
parseMode = "Markdown";

3
configs/tor.nix
View File

@@ -1,5 +1,4 @@
{pkgs, ...}: {
services.tor.enable = true;
services.tor.client.enable = true;
environment.systemPackages = [pkgs.tor pkgs.torsocks];
environment.systemPackages = [pkgs.tor];
}

14
configs/traadfri.nix
View File

@@ -1,12 +1,13 @@
{
config,
pkgs,
lib,
...
}: let
inherit (import ../lib) localAddresses;
inherit (import <niveum/lib>) localAddresses;
living-room-id = 131090;
in {
imports = [<niveum/modules/traadfri.nix>];
environment.systemPackages = [
(pkgs.writers.writeDashBin "traadfri-party" ''
while true; do
@@ -19,18 +20,11 @@ in {
'')
];
age.secrets.traadfri-key = {
file = ../secrets/traadfri-key.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
niveum.traadfri = {
enable = true;
user = "kmein";
host = localAddresses.tradfri;
keyFile = config.age.secrets.traadfri-key.path;
key = lib.strings.fileContents <secrets/traadfri.key>;
rooms = {
corridor = 131080;
kitchen = 131081;

33
configs/wallpaper.nix
View File

@@ -2,27 +2,18 @@
pkgs,
lib,
...
}: let
url = "http://prism.r/realwallpaper-krebs-stars-berlin.png";
stateDir = "~/.cache/wallpaper";
in {
systemd.user.services.wallpaper = {
wantedBy = ["graphical-session.target"];
after = ["network.target"];
script = ''
set -euf
}: {
imports = [<stockholm/krebs/3modules/fetchWallpaper.nix>];
mkdir -p ${stateDir}
chmod o+rx ${stateDir}
cd ${stateDir}
(${pkgs.curl}/bin/curl -s -o wallpaper.tmp -z wallpaper.tmp ${lib.escapeShellArg url} && cp wallpaper.tmp wallpaper) || :
${pkgs.feh}/bin/feh --no-fehbg --bg-scale wallpaper
'';
startAt = "*:00,10,20,30,40,50";
serviceConfig = {
Restart = "always";
RestartSec = "15s";
StartLimitBurst = 0;
};
krebs.fetchWallpaper = {
enable = true;
url = "http://prism.r/realwallpaper-krebs-stars-berlin.png";
};
users.users.fetchWallpaper.isSystemUser = true;
services.xserver = {
display = lib.mkForce 0; # needed for fetchWallpaper to find the X display
displayManager.sessionCommands = "${pkgs.xorg.xhost}/bin/xhost +LOCAL:";
};
}

34
configs/zsh.nix
View File

@@ -7,15 +7,6 @@
# nothing to see here
'';
environment.systemPackages = [pkgs.atuin];
environment.variables.ATUIN_CONFIG_DIR = toString (pkgs.writeTextDir "/config.toml" ''
auto_sync = true
update_check = false
sync_address = "http://zaatar.r:8888"
sync_frequency = 0
style = "compact"
'');
programs.zsh = let
zsh-completions = pkgs.fetchFromGitHub {
owner = "zsh-users";
@@ -23,6 +14,12 @@
rev = "cf565254e26bb7ce03f51889e9a29953b955b1fb";
sha256 = "1yf4rz99acdsiy0y1v3bm65xvs2m0sl92ysz0rnnrlbd5amn283l";
};
zsh-history-substring-search = pkgs.fetchFromGitHub {
owner = "zsh-users";
repo = "zsh-history-substring-search";
rev = "aae3388491c2312c4efb2e86bcb999927bb2900e";
sha256 = "0lgmq1xcccnz5cf7vl0r0qj351hwclx9p80cl0qczxry4r2g5qaz";
};
in {
enable = true;
enableCompletion = true;
@@ -57,6 +54,12 @@
autoload -U zmv run-help
fpath=(${zsh-completions}/src $fpath)
source ${zsh-history-substring-search}/zsh-history-substring-search.zsh
bindkey '^[[A' history-substring-search-up
bindkey '^[[B' history-substring-search-down
bindkey -M vicmd 'k' history-substring-search-up
bindkey -M vicmd 'j' history-substring-search-down
'';
promptInit = with config.niveum; ''
autoload -Uz vcs_info
@@ -68,20 +71,9 @@
zstyle ':vcs_info:*' formats "%c%u%F{cyan}%b%f"
zstyle ':vcs_info:*' actionformats "(%a) %c%u%F{cyan}%b%f"
# atuin distributed shell history
export ATUIN_NOBIND="true" # disable all keybdinings of atuin
eval "$(atuin init zsh)"
bindkey '^r' _atuin_search_widget # bind ctrl+r to atuin
# use zsh only session history
fc -p
precmd () {
vcs_info
if [ -n "$SSH_CLIENT" ] || [ -n "$SSH_TTY" ] || [ -n "$SSH_CONNECTION" ]; then
RPROMPT="$(hostname)"
else
RPROMPT="$vcs_info_msg_0_"
fi
RPROMPT="$vcs_info_msg_0_"
if [[ -n $IN_NIX_SHELL ]]; then
PROMPT='%B%~%b %(?.%F{${promptColours.success}}.%F{${promptColours.failure}})λ%f '
else

680
flake.lock generated
View File

@@ -1,83 +1,6 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1680281360,
"narHash": "sha256-XdLTgAzjJNDhAG2V+++0bHpSzfvArvr2pW6omiFfEJk=",
"owner": "ryantm",
"repo": "agenix",
"rev": "e64961977f60388dd0b49572bb0fc453b871f896",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"blessings": {
"flake": false,
"locked": {
"lastModified": 1549397368,
"narHash": "sha256-YVIGRG+/ey4nFEZl1ZPHj7Hx/Of3rsUGnkLK4V4zZd0=",
"ref": "refs/heads/master",
"rev": "d94712a015636efe7ec79bc0a2eec6739d0be779",
"revCount": 18,
"type": "git",
"url": "https://cgit.krebsco.de/blessings"
},
"original": {
"type": "git",
"url": "https://cgit.krebsco.de/blessings"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1673295039,
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
@@ -92,179 +15,59 @@
"type": "github"
}
},
"flake-utils_3": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_5": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_6": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_7": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_8": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_9": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
"nixos-unstable"
],
"utils": "utils"
},
"locked": {
"lastModified": 1681092193,
"narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=",
"lastModified": 1660574517,
"narHash": "sha256-Lp5D2pAPrM3iAc1eeR0iGwz5rM+SYOWzVxI3p17nlrU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af",
"rev": "688e5c85b7537f308b82167c8eb4ecfb70a49861",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.11",
"ref": "master",
"repo": "home-manager",
"type": "github"
}
},
"krops": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixos-stable"
]
},
"locked": {
"lastModified": 1644957911,
"narHash": "sha256-ggie/j7pdBqzDs4W7OiPmhqH9IGbXAbJxGqBdVxA8jA=",
"owner": "Mic92",
"repo": "krops",
"rev": "86fb3d2ee94fd8306231853b323ed8804edf26ec",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "krops",
"type": "github"
}
},
"menstruation-backend": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"flake": false,
"locked": {
"lastModified": 1677075142,
"narHash": "sha256-0RXVZcK2YtPckd/3+jb+yLpeXZ6jnQe25w9idztDXi8=",
"lastModified": 1649545504,
"narHash": "sha256-TVm3246ML7gWPeGm+bdb+Qo8o/7nve7sQ2hBdCZm3z8=",
"owner": "kmein",
"repo": "menstruation.rs",
"rev": "e34af4393963cdbadb456b7b9ae2e95e6db7b8a3",
"type": "github"
},
"original": {
"owner": "kmein",
"repo": "menstruation.rs",
"type": "github"
}
},
"menstruation-backend_2": {
"inputs": {
"flake-utils": [
"menstruation-telegram",
"menstruation-backend",
"rust-overlay",
"flake-utils"
],
"nixpkgs": [
"menstruation-telegram",
"menstruation-backend",
"rust-overlay",
"nixpkgs"
],
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1677075142,
"narHash": "sha256-0RXVZcK2YtPckd/3+jb+yLpeXZ6jnQe25w9idztDXi8=",
"owner": "kmein",
"repo": "menstruation.rs",
"rev": "e34af4393963cdbadb456b7b9ae2e95e6db7b8a3",
"rev": "d9f3c6d53542fd7c7ed191e37cf4e342d4a47bcb",
"type": "github"
},
"original": {
@@ -274,17 +77,13 @@
}
},
"menstruation-telegram": {
"inputs": {
"flake-utils": "flake-utils_3",
"menstruation-backend": "menstruation-backend_2",
"nixpkgs": "nixpkgs_3"
},
"flake": false,
"locked": {
"lastModified": 1677075205,
"narHash": "sha256-2+xuAhsS3y2qB0ObVPCHXrmnTsIZ8uI5HFI4+Ash8PY=",
"lastModified": 1634815642,
"narHash": "sha256-q1OTMx5ayNu9ppHJBDUie/ow+BcA5DXnHEm11EY+C4E=",
"owner": "kmein",
"repo": "menstruation-telegram",
"rev": "f7ddb6d9610aacb50ec66a3ce1bdc49fe4664a49",
"rev": "a34555cf46f02157718b0565b5456348fff54181",
"type": "github"
},
"original": {
@@ -293,196 +92,62 @@
"type": "github"
}
},
"nixinate": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"nix-writers": {
"flake": false,
"locked": {
"lastModified": 1671116920,
"narHash": "sha256-QmDGsUUmAGn77UTR7eQJmebl8f3IIUCtmbbAdJqKA3s=",
"owner": "matthewcroughan",
"repo": "nixinate",
"rev": "b4d17b8e2a4abc47e93e1a1c466e0286a63640d8",
"type": "github"
"lastModified": 1554228333,
"narHash": "sha256-hG/PlcCvCQhNcU55NpHfATkyH9k6cZmO7uvBoJjasXU=",
"ref": "refs/heads/master",
"rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71",
"revCount": 32,
"type": "git",
"url": "https://cgit.krebsco.de/nix-writers"
},
"original": {
"owner": "matthewcroughan",
"repo": "nixinate",
"type": "github"
"type": "git",
"url": "https://cgit.krebsco.de/nix-writers"
}
},
"nixpkgs": {
"nixos-stable": {
"locked": {
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"lastModified": 1660926553,
"narHash": "sha256-19Ib1b7Ny+yGhnxwnH1KhhB2hvALuNuqevA6XzqkQmo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"rev": "00e376e3f3c22d991052dfeaf154c42b09deeb29",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"ref": "nixos-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"nixos-unstable": {
"locked": {
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"lastModified": 1660908602,
"narHash": "sha256-SwZ85IPWvC4NxxFhWhRMTJpApSHbY1u4YK2UFWEBWvY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"rev": "495b19d5b3e62b4ec7e846bdfb6ef3d9c3b83492",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1669418739,
"narHash": "sha256-T86oFvcUIRwHWBWUt7WjaP4BP/3lDGbv5AppQSI1FkI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "695b3515251873e0a7e2021add4bba643c56cde3",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "695b3515251873e0a7e2021add4bba643c56cde3",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1681269223,
"narHash": "sha256-i6OeI2f7qGvmLfD07l1Az5iBL+bFeP0RHixisWtpUGo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "87edbd74246ccdfa64503f334ed86fa04010bab9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1677158633,
"narHash": "sha256-t7za78oRkDIjdFQF0PCilfCziFyhfowCgs9Ry+sEvE4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "129b6f78121802d18d215c9f9e04d7971c58ea0c",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1659446231,
"narHash": "sha256-hekabNdTdgR/iLsgce5TGWmfIDZ86qjPhxDg/8TlzhE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "eabc38219184cc3e04a974fe31857d8e0eac098d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-21.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_8": {
"locked": {
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1669418739,
"narHash": "sha256-T86oFvcUIRwHWBWUt7WjaP4BP/3lDGbv5AppQSI1FkI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "695b3515251873e0a7e2021add4bba643c56cde3",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "695b3515251873e0a7e2021add4bba643c56cde3",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1681454031,
"narHash": "sha256-JOamj7vKkFRp5mJ7FKt5dPfCmWj33sZLnBGDt15c/sc=",
"owner": "nix-community",
"repo": "NUR",
"rev": "8a35714f0be00235e2a1c8b759e6dc3888763d8b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"recht": {
"inputs": {
"blessings": "blessings",
"flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_5"
},
"flake": false,
"locked": {
"lastModified": 1677165419,
"narHash": "sha256-pjYpXg+09rayon6uhSNd30ryrT2zYLOlDLBHQ9pnGZg=",
"lastModified": 1619583518,
"narHash": "sha256-3eFw6xWue9cvPxXq1ROq32ecvPOmqOedgQhyOr7N9iE=",
"owner": "kmein",
"repo": "recht",
"rev": "5fa158ce21de797bd95a934dab8d4403b7531d20",
"rev": "d551afed23122bb3106e59eb2274394ec5555048",
"type": "github"
},
"original": {
@@ -492,135 +157,49 @@
}
},
"retiolum": {
"flake": false,
"locked": {
"lastModified": 1681246809,
"narHash": "sha256-3RUAwk0ApPjq2Ms8KiAh+gG6EJKWurIur612w2m3Zu8=",
"ref": "refs/heads/master",
"rev": "c8ddb36f3d85be762aeb1893a79da36014f55658",
"revCount": 296,
"type": "git",
"url": "https://git.thalheim.io/Mic92/retiolum"
"lastModified": 1660680907,
"narHash": "sha256-D6XkykgU1BiDAnnFG9NwSqBRKCZAHK+2+Ri2/m9rzo8=",
"owner": "krebs",
"repo": "retiolum",
"rev": "c4d6b07be29b3b9267027ed25792a2cb350459d5",
"type": "github"
},
"original": {
"type": "git",
"url": "https://git.thalheim.io/Mic92/retiolum"
"owner": "krebs",
"repo": "retiolum",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"flake-utils": "flake-utils",
"home-manager": "home-manager",
"krops": "krops",
"menstruation-backend": "menstruation-backend",
"menstruation-telegram": "menstruation-telegram",
"nixinate": "nixinate",
"nixpkgs": "nixpkgs_4",
"nur": "nur",
"nix-writers": "nix-writers",
"nixos-stable": "nixos-stable",
"nixos-unstable": "nixos-unstable",
"recht": "recht",
"retiolum": "retiolum",
"scripts": "scripts",
"stockholm": "stockholm",
"telebots": "telebots",
"tinc-graph": "tinc-graph",
"traadfri": "traadfri",
"voidrice": "voidrice"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1677033035,
"narHash": "sha256-w6XsKaW46kZNEk2vVfuoNIBEq/YzDy9kNk8cU0xJZEQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "6c9e8ea3ba73a9fed29ddc1cc52ade8e5c946a8d",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_2": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1677033035,
"narHash": "sha256-w6XsKaW46kZNEk2vVfuoNIBEq/YzDy9kNk8cU0xJZEQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "6c9e8ea3ba73a9fed29ddc1cc52ade8e5c946a8d",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_3": {
"inputs": {
"flake-utils": "flake-utils_6",
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1677119371,
"narHash": "sha256-L0Da4eKzDZrsy8ysOS1lhgDjAgEqGvYGf/lXaRd5/YQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c67c79ea25664d66e74ae91a6fa0d6c65d12d3a7",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_4": {
"inputs": {
"flake-utils": "flake-utils_8",
"nixpkgs": "nixpkgs_8"
},
"locked": {
"lastModified": 1677119371,
"narHash": "sha256-L0Da4eKzDZrsy8ysOS1lhgDjAgEqGvYGf/lXaRd5/YQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c67c79ea25664d66e74ae91a6fa0d6c65d12d3a7",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
"tuna": "tuna"
}
},
"scripts": {
"inputs": {
"flake-utils": [
"scripts",
"rust-overlay",
"flake-utils"
],
"nixpkgs": [
"scripts",
"rust-overlay",
"nixpkgs"
],
"rust-overlay": "rust-overlay_3"
},
"flake": false,
"locked": {
"lastModified": 1677271864,
"narHash": "sha256-BghYMB/lauerExMsDtGZNGZGdoGuF7LPtbmpyh9ycyA=",
"lastModified": 1660677220,
"narHash": "sha256-cCmyI4CigWbeQ0wEiE9HSI2Hmd3Wi5P7jhdHX6bJkXU=",
"owner": "kmein",
"repo": "scripts",
"rev": "79bffac7f9eda1b3be76f2a4ff18d81b44c74390",
"rev": "688e141047e831a7e5f58dd24e00de51a3cb2345",
"type": "github"
},
"original": {
@@ -629,32 +208,30 @@
"type": "github"
}
},
"systems": {
"stockholm": {
"flake": false,
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
"lastModified": 1660682075,
"narHash": "sha256-2Q0j7FiYao0VDRKnW1jSLJu3Cn/ORz/pPsyW+wwWoEU=",
"ref": "refs/heads/master",
"rev": "9ae4a08ccc07964decc51fb1e92bc35d49e4691c",
"revCount": 10732,
"type": "git",
"url": "https://cgit.lassul.us/stockholm"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
"type": "git",
"url": "https://cgit.lassul.us/stockholm"
}
},
"telebots": {
"inputs": {
"flake-utils": "flake-utils_7",
"nixpkgs": "nixpkgs_7"
},
"flake": false,
"locked": {
"lastModified": 1677156381,
"narHash": "sha256-OMhqYJO2bWtL6osTMpQhA4ySUl4gvJTI13m1agipHJ0=",
"lastModified": 1623510321,
"narHash": "sha256-MxYNNL81RXZkYLd4IgiNTSo1X80kTuDzsdGNSA0f1y8=",
"owner": "kmein",
"repo": "telebots",
"rev": "5527e359e8394f2f66067de7f61587eb65055209",
"rev": "22931c9457e092c4e413555dbe61819d77844246",
"type": "github"
},
"original": {
@@ -664,21 +241,13 @@
}
},
"tinc-graph": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay_4"
},
"flake": false,
"locked": {
"lastModified": 1677160040,
"narHash": "sha256-UhyZaIZ88vN/7fiBcamfV77eHjQnL8zSVznaqxLgbhs=",
"lastModified": 1653080212,
"narHash": "sha256-BcfppAuVNp0hMcrMG/ZxE4juSrdQbJSUIA0eHS1/Wxo=",
"owner": "kmein",
"repo": "tinc-graph",
"rev": "f705ca35e30ab0daf9cf52000e58931d7c5c42b5",
"rev": "ea0ef2e5542684d1d8e34a626cb9295dec33e70d",
"type": "github"
},
"original": {
@@ -688,16 +257,13 @@
}
},
"traadfri": {
"inputs": {
"flake-utils": "flake-utils_9",
"nixpkgs": "nixpkgs_9"
},
"flake": false,
"locked": {
"lastModified": 1677165914,
"narHash": "sha256-3N08NabgDwTUy1n5wxpT27iddFrgXW35E1x2UgAKkDQ=",
"lastModified": 1640451803,
"narHash": "sha256-zS/b93uFpPM9basNP7ngmm+YjYV0IUQAmNghetHA6Ss=",
"owner": "kmein",
"repo": "traadfri",
"rev": "11571116ed5d2c6478c615d663d1f96f57a97ba9",
"rev": "cf46bd09cd3263b90a09b0ca979aa705a4c3671c",
"type": "github"
},
"original": {
@@ -706,13 +272,29 @@
"type": "github"
}
},
"tuna": {
"flake": false,
"locked": {
"lastModified": 1627117248,
"narHash": "sha256-OfqbWLblJY4BJlrCpn8EkHoP3baNJSDTbw45SPaX+0Q=",
"owner": "kmein",
"repo": "tuna",
"rev": "1cbed44069a3009738afdafecefe0a05316039a6",
"type": "github"
},
"original": {
"owner": "kmein",
"repo": "tuna",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"lastModified": 1653893745,
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
"type": "github"
},
"original": {
@@ -720,22 +302,6 @@
"repo": "flake-utils",
"type": "github"
}
},
"voidrice": {
"flake": false,
"locked": {
"lastModified": 1681301489,
"narHash": "sha256-5Zz33Q3E4A9nsEmxPQikYeX7Rvu3hM+PlXx/0SIqG34=",
"owner": "Lukesmithxyz",
"repo": "voidrice",
"rev": "d4ff2ebaf3e88efe20cae0d1e592fddfc433c96e",
"type": "github"
},
"original": {
"owner": "Lukesmithxyz",
"repo": "voidrice",
"type": "github"
}
}
},
"root": "root",

480
flake.nix
View File

@@ -2,316 +2,194 @@
description = "niveum: packages, modules, systems";
inputs = {
agenix.url = "github:ryantm/agenix";
flake-utils.url = "github:numtide/flake-utils";
home-manager.url = "github:nix-community/home-manager/release-22.11";
menstruation-backend.url = "github:kmein/menstruation.rs";
menstruation-telegram.url = "github:kmein/menstruation-telegram";
nixinate.url = "github:matthewcroughan/nixinate";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
nur.url = "github:nix-community/NUR";
recht.url = "github:kmein/recht";
scripts.url = "github:kmein/scripts";
retiolum.url = "git+https://git.thalheim.io/Mic92/retiolum";
telebots.url = "github:kmein/telebots";
tinc-graph.url = "github:kmein/tinc-graph";
traadfri.url = "github:kmein/traadfri";
voidrice.url = "github:Lukesmithxyz/voidrice";
nixos-stable.url = "github:NixOS/nixpkgs/nixos-22.05";
nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
agenix.inputs.nixpkgs.follows = "nixpkgs";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
menstruation-backend.inputs.flake-utils.follows = "flake-utils";
menstruation-backend.inputs.nixpkgs.follows = "nixpkgs";
nixinate.inputs.nixpkgs.follows = "nixpkgs";
tinc-graph.inputs.flake-utils.follows = "flake-utils";
tinc-graph.inputs.nixpkgs.follows = "nixpkgs";
voidrice.flake = false;
flake-utils.url = "github:numtide/flake-utils";
home-manager = {
url = "github:nix-community/home-manager/master";
inputs.nixpkgs.follows = "nixos-unstable";
};
krops = {
url = "github:Mic92/krops";
inputs.nixpkgs.follows = "nixos-stable";
inputs.flake-utils.follows = "flake-utils";
};
# legacy
menstruation-backend = {
url = "github:kmein/menstruation.rs";
flake = false;
};
menstruation-telegram = {
url = "github:kmein/menstruation-telegram";
flake = false;
};
nix-writers = {
url = "git+https://cgit.krebsco.de/nix-writers";
flake = false;
};
recht = {
url = "github:kmein/recht";
flake = false;
};
retiolum = {
url = "github:krebs/retiolum";
flake = false;
};
scripts = {
url = "github:kmein/scripts";
flake = false;
};
stockholm = {
url = "git+https://cgit.lassul.us/stockholm";
flake = false;
};
telebots = {
url = "github:kmein/telebots";
flake = false;
};
tinc-graph = {
url = "github:kmein/tinc-graph";
flake = false;
};
traadfri = {
url = "github:kmein/traadfri";
flake = false;
};
tuna = {
url = "github:kmein/tuna";
flake = false;
};
};
outputs = inputs @ {
outputs = {
self,
nixpkgs,
nur,
home-manager,
nixinate,
agenix,
retiolum,
flake-utils,
...
}:
{
apps = nixinate.nixinate.x86_64-linux self;
nixosModules = {
htgen = import modules/htgen.nix;
moodle-dl = import modules/moodle-dl.nix;
networkmanager-declarative = import modules/networkmanager-declarative.nix;
passport = import modules/passport.nix;
panoptikon = import modules/panoptikon.nix;
power-action = import modules/power-action.nix;
specus = import modules/specus.nix;
system-dependent = import modules/system-dependent.nix;
telegram-bot = import modules/telegram-bot.nix;
traadfri = import modules/traadfri.nix;
};
lib = {
panoptikon = import lib/panoptikon.nix;
};
nixosConfigurations = {
ful = nixpkgs.lib.nixosSystem rec {
system = "aarch64-linux";
specialArgs = {
niveumPackages = inputs.self.packages.${system};
niveumLib = inputs.self.lib;
inherit inputs;
};
modules = [
home-manager,
krops,
menstruation-backend,
menstruation-telegram,
nix-writers,
nixos-unstable,
nixos-stable,
recht,
retiolum,
scripts,
stockholm,
telebots,
tinc-graph,
traadfri,
tuna,
} @ inputs: let
system = "x86_64-linux";
pkgs = nixos-stable.legacyPackages.${system};
home =
if nixos-stable.lib.inPureEvalMode or false
then _: /nonexistent
else import lib/home.nix;
source = {
sources,
unstable,
name,
}:
{
niveum.file = toString ./.;
nixos-config.symlink = "niveum/systems/${name}/configuration.nix";
system-secrets.pass = {
dir = toString (home /.password-store);
name = "systems/${name}";
};
secrets.pass = {
dir = toString (home /.password-store);
name = "shared";
};
nixpkgs.git = {
url = "https://github.com/NixOS/nixpkgs";
ref =
(
if unstable
then inputs.nixos-unstable
else inputs.nixos-stable
)
.rev;
shallow = true;
};
}
// nixos-stable.lib.mapAttrs' (name: value: {
inherit name;
value.git = {
url = let
github = x: "https://github.com/${x}";
in
{
_module.args.nixinate = {
host = "ful";
sshUser = "root";
buildOn = "remote";
substituteOnTarget = true;
hermetic = false;
};
home-manager = github "nix-community/home-manager";
menstruation-backend = github "kmein/menstruation.rs";
menstruation-telegram = github "kmein/menstruation-telegram";
nixos-unstable = github "NixOS/nixpkgs";
nix-writers = "https://cgit.krebsco.de/nix-writers";
recht = github "kmein/recht";
retiolum = github "krebs/retiolum";
stockholm = "https://cgit.lassul.us/stockholm";
scripts = github "kmein/scripts";
telebots = github "kmein/telebots";
tinc-graph = github "kmein/tinc-graph";
traadfri = github "kmein/traadfri";
}
systems/ful/configuration.nix
agenix.nixosModules.default
inputs.self.nixosModules.passport
inputs.self.nixosModules.specus
inputs.self.nixosModules.panoptikon
retiolum.nixosModules.retiolum
nur.nixosModules.nur
];
.${name};
ref = value.rev;
shallow = true;
};
zaatar = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = {
niveumPackages = inputs.self.packages.${system};
inherit inputs;
}) (nixos-stable.lib.filterAttrs (name: _: builtins.elem name sources) inputs);
deployScriptFor = {
name,
user ? "root",
host,
unstable ? false,
sshPort ? (import ./lib/default.nix).sshPort,
sources,
}:
toString (krops.packages.${system}.writeDeploy "deploy-${name}" {
source = krops.lib.evalSource [(source {inherit sources unstable name;})];
target = "${user}@${host}:${toString sshPort}";
});
in {
apps.${system} = let
forSystems = f: builtins.listToAttrs (map f (builtins.attrNames (builtins.readDir ./systems)));
externalNetwork = import ./lib/external-network.nix;
deployScripts = forSystems (name: {
name = "deploy-${name}";
value = {
type = "app";
program = deployScriptFor {
inherit name;
host =
if externalNetwork ? name
then externalNetwork.${name}
else "${name}.r";
unstable = name == "kabsa" || name == "manakish";
sources =
["nix-writers" "nixpkgs" "retiolum" "stockholm"]
++ {
zaatar = ["traadfri"];
ful = [];
tahina = [];
kabsa = ["traadfri" "nixos-unstable" "home-manager" "menstruation-backend" "recht"];
manakish = ["traadfri" "nixos-unstable" "home-manager" "menstruation-backend" "recht"];
makanek = ["nixos-unstable" "menstruation-telegram" "menstruation-backend" "scripts" "telebots" "tinc-graph"];
}
.${name};
};
modules = [
{
_module.args.nixinate = {
host = "zaatar";
sshUser = "root";
buildOn = "remote";
substituteOnTarget = true;
hermetic = false;
};
}
systems/zaatar/configuration.nix
inputs.self.nixosModules.moodle-dl
agenix.nixosModules.default
retiolum.nixosModules.retiolum
];
};
makanek = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
# for using inputs in other config files
specialArgs = {
niveumPackages = inputs.self.packages.${system};
inherit inputs;
};
modules = [
{
_module.args.nixinate = {
host = "makanek";
sshUser = "root";
buildOn = "remote";
substituteOnTarget = true;
hermetic = false;
};
}
systems/makanek/configuration.nix
inputs.self.nixosModules.telegram-bot
inputs.self.nixosModules.htgen
inputs.self.nixosModules.passport
inputs.self.nixosModules.specus
agenix.nixosModules.default
retiolum.nixosModules.retiolum
nur.nixosModules.nur
];
});
ciScripts = forSystems (name: {
name = "build-${name}";
value = {
type = "app";
program = import ./ci.nix {inherit name system inputs;};
};
tahina = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
systems/tahina/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
];
};
tabula = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
systems/tabula/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
];
};
manakish = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = {
niveumPackages = inputs.self.packages.${system};
inherit inputs;
};
modules = [
{
_module.args.nixinate = {
host = "manakish";
sshUser = "root";
buildOn = "remote";
substituteOnTarget = true;
hermetic = false;
};
}
systems/manakish/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
home-manager.nixosModules.home-manager
nur.nixosModules.nur
];
};
kabsa = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = {
niveumPackages = inputs.self.packages.${system};
inherit inputs;
};
modules = [
{
_module.args.nixinate = {
host = "kabsa";
sshUser = "root";
buildOn = "remote";
substituteOnTarget = true;
hermetic = false;
};
}
systems/kabsa/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
inputs.self.nixosModules.specus
home-manager.nixosModules.home-manager
nur.nixosModules.nur
];
};
};
}
// flake-utils.lib.eachSystem [flake-utils.lib.system.x86_64-linux flake-utils.lib.system.aarch64-linux] (system: let
pkgs = import nixpkgs {
inherit system;
overlays = [
nur.overlay
(self: super: {
mpv = super.mpv.override {scripts = [inputs.self.packages.${system}.mpv-visualizer];};
dmenu = super.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"'';
})
];
};
wrapScript = {
packages ? [],
name,
script,
}:
pkgs.writers.writeDashBin name ''PATH=$PATH:${nixpkgs.lib.makeBinPath (packages ++ [pkgs.findutils pkgs.coreutils pkgs.gnused pkgs.gnugrep])} ${script} "$@"'';
in {
packages = rec {
auc = pkgs.callPackage packages/auc.nix {};
betacode = pkgs.callPackage packages/betacode.nix {};
cheat-sh = pkgs.callPackage packages/cheat-sh.nix {};
closest = pkgs.callPackage packages/closest {};
cyberlocker-tools = pkgs.callPackage packages/cyberlocker-tools.nix {};
default-gateway = pkgs.callPackage packages/default-gateway.nix {};
depp = pkgs.callPackage packages/depp.nix {};
devanagari = pkgs.callPackage packages/devanagari {};
devour = pkgs.callPackage packages/devour.nix {};
dic = pkgs.callPackage packages/dic.nix {};
dirmir = pkgs.callPackage packages/dirmir.nix {};
dmenu-bluetooth = pkgs.callPackage packages/dmenu-bluetooth.nix {};
dmenu-scrot = pkgs.callPackage packages/dmenu-scrot.nix {};
dns-sledgehammer = pkgs.callPackage packages/dns-sledgehammer.nix {};
fkill = pkgs.callPackage packages/fkill.nix {};
fzfmenu = pkgs.callPackage packages/fzfmenu.nix {};
genius = pkgs.callPackage packages/genius.nix {};
gfs-fonts = pkgs.callPackage packages/gfs-fonts.nix {};
git-preview = pkgs.callPackage packages/git-preview.nix {};
hc = pkgs.callPackage packages/hc.nix {};
heuretes = pkgs.callPackage packages/heuretes.nix {};
htgen = pkgs.callPackage packages/htgen.nix {};
image-convert-favicon = pkgs.callPackage packages/image-convert-favicon.nix {};
image-convert-tolino = pkgs.callPackage packages/image-convert-tolino.nix {};
infschmv = pkgs.callPackage packages/infschmv.nix {};
iolanguage = pkgs.callPackage packages/iolanguage.nix {};
ipa = pkgs.writers.writePython3Bin "ipa" {flakeIgnore = ["E501"];} (builtins.readFile packages/ipa.py);
ix = pkgs.callPackage packages/ix.nix {};
jsesh = pkgs.callPackage packages/jsesh.nix {};
k-lock = pkgs.callPackage packages/k-lock.nix {};
kirciuoklis = pkgs.callPackage packages/kirciuoklis.nix {};
klem = pkgs.callPackage packages/klem.nix {};
kpaste = pkgs.callPackage packages/kpaste.nix {};
literature-quote = pkgs.callPackage packages/literature-quote.nix {};
mahlzeit = pkgs.haskellPackages.callPackage packages/mahlzeit.nix {};
man-pandoc = pkgs.callPackage packages/man/pandoc.nix {};
man-pdf = pkgs.callPackage packages/man-pdf.nix {};
mansplain = pkgs.callPackage packages/mansplain.nix {};
manual-sort = pkgs.callPackage packages/manual-sort.nix {};
menu-calc = pkgs.callPackage packages/menu-calc.nix {};
meteo = pkgs.callPackage packages/meteo.nix {};
mpv-radio = pkgs.callPackage packages/mpv-radio.nix {di-fm-key-file = "/dev/null";};
mpv-tv = pkgs.callPackage packages/mpv-tv.nix {};
mpv-visualizer = pkgs.callPackage packages/mpv-visualizer.nix {};
new-mac = pkgs.callPackage packages/new-mac.nix {};
nix-git = pkgs.callPackage packages/nix-git.nix {};
nix-index-update = pkgs.callPackage packages/nix-index-update.nix {inherit system;};
opustags = pkgs.callPackage packages/opustags.nix {};
pls = pkgs.callPackage packages/pls.nix {};
qrpaste = pkgs.callPackage packages/qrpaste.nix {};
rfc = pkgs.callPackage packages/rfc.nix {};
scanned = pkgs.callPackage packages/scanned.nix {};
swallow = pkgs.callPackage packages/swallow.nix {};
text2pdf = pkgs.callPackage packages/text2pdf.nix {};
timer = pkgs.callPackage packages/timer.nix {};
tocharian-font = pkgs.callPackage packages/tocharian-font.nix {};
trans = pkgs.callPackage packages/trans.nix {};
ttspaste = pkgs.callPackage packages/ttspaste.nix {};
unicodmenu = pkgs.callPackage packages/unicodmenu.nix {};
untilport = pkgs.callPackage packages/untilport.nix {};
vg = pkgs.callPackage packages/vg.nix {};
vimPlugins-cheat-sh-vim = pkgs.callPackage packages/vimPlugins/cheat-sh.nix {};
vimPlugins-icalendar-vim = pkgs.callPackage packages/vimPlugins/icalendar-vim.nix {};
vimPlugins-jq-vim = pkgs.callPackage packages/vimPlugins/jq-vim.nix {};
vimPlugins-vim-256noir = pkgs.callPackage packages/vimPlugins/vim-256noir.nix {};
vimPlugins-vim-colors-paramount = pkgs.callPackage packages/vimPlugins/vim-colors-paramount.nix {};
vimPlugins-vim-fetch = pkgs.callPackage packages/vimPlugins/vim-fetch.nix {};
vimPlugins-vim-fsharp = pkgs.callPackage packages/vimPlugins/vim-fsharp.nix {};
vimPlugins-vim-mail = pkgs.callPackage packages/vimPlugins/vim-mail.nix {};
vimPlugins-vim-reason-plus = pkgs.callPackage packages/vimPlugins/vim-reason-plus.nix {};
vimv = pkgs.callPackage packages/vimv.nix {};
weechat-declarative = pkgs.callPackage packages/weechat-declarative.nix {};
weechatScripts-hotlist2extern = pkgs.callPackage packages/weechatScripts/hotlist2extern.nix {};
wttr = pkgs.callPackage packages/wttr.nix {};
itl = pkgs.callPackage packages/itl.nix {};
itools = pkgs.callPackage packages/itools.nix {itl = itl;};
booksplit = wrapScript {
script = inputs.voidrice.outPath + "/.local/bin/booksplit";
name = "booksplit";
packages = [pkgs.ffmpeg pkgs.glibc.bin];
};
dmenu-randr = wrapScript {
script = inputs.voidrice.outPath + "/.local/bin/displayselect";
name = "dmenu-randr";
packages = [pkgs.dmenu pkgs.bc pkgs.psmisc pkgs.util-linux pkgs.xorg.xrandr pkgs.gawk pkgs.libnotify pkgs.arandr (pkgs.writers.writeDashBin "setbg" "")];
};
tag = wrapScript {
script = inputs.voidrice.outPath + "/.local/bin/tag";
name = "tag";
packages = [pkgs.ffmpeg];
};
};
});
});
in
deployScripts // ciScripts;
};
}

38
lib/colours/owickstrom-dark.nix
View File

@@ -1,37 +1,37 @@
rec {
black = {
bright = "#282c34";
dark = "#282c34";
bright = "#4b4b4b";
dark = "#242424";
};
red = {
bright = "#e06c75";
dark = "#e06c75";
bright = "#fc1c18";
dark = "#d71c15";
};
green = {
bright = "#98c379";
dark = "#98c379";
bright = "#6bc219";
dark = "#5aa513";
};
yellow = {
bright = "#e5c07b";
dark = "#e5c07b";
bright = "#fec80e";
dark = "#fdb40c";
};
blue = {
bright = "#61afef";
dark = "#61afef";
bright = "#0955ff";
dark = "#063b8c";
};
magenta = {
bright = "#c678dd";
dark = "#c678dd";
bright = "#fb0050";
dark = "#e40038";
};
cyan = {
bright = "#56b6c2";
dark = "#56b6c2";
bright = "#3ea8fc";
dark = "#2595e1";
};
white = {
bright = "#dcdfe4";
dark = "#dcdfe4";
bright = "#8c00ec";
dark = "#efefef";
};
background = black.dark;
foreground = white.bright;
cursor = "#a3b3cc";
background = "#181818";
foreground = white.dark;
cursor = "#bbbbbb";
}

37
lib/colours/owickstrom-light.nix
View File

@@ -1,37 +0,0 @@
rec {
black = {
bright = "#4b4b4b";
dark = "#242424";
};
red = {
bright = "#fc1c18";
dark = "#d71c15";
};
green = {
bright = "#6bc219";
dark = "#5aa513";
};
yellow = {
bright = "#fec80e";
dark = "#fdb40c";
};
blue = {
bright = "#0955ff";
dark = "#063b8c";
};
magenta = {
bright = "#fb0050";
dark = "#e40038";
};
cyan = {
bright = "#3ea8fc";
dark = "#2595e1";
};
white = {
bright = "#8c00ec";
dark = "#efefef";
};
background = white.dark;
foreground = "#181818";
cursor = "#bbbbbb";
}

37
lib/colours/owickstrom.nix Normal file
View File

@@ -0,0 +1,37 @@
rec {
black = {
bright = "#282c34";
dark = "#282c34";
};
red = {
bright = "#e06c75";
dark = "#e06c75";
};
green = {
bright = "#98c379";
dark = "#98c379";
};
yellow = {
bright = "#e5c07b";
dark = "#e5c07b";
};
blue = {
bright = "#61afef";
dark = "#61afef";
};
magenta = {
bright = "#c678dd";
dark = "#c678dd";
};
cyan = {
bright = "#56b6c2";
dark = "#56b6c2";
};
white = {
bright = "#dcdfe4";
dark = "#dcdfe4";
};
background = black.dark;
foreground = white.bright;
cursor = "#a3b3cc";
}

37
lib/colours/papercolor-dark.nix
View File

@@ -1,37 +0,0 @@
rec {
black = {
dark = "#1c1c1c";
bright = "#585858";
};
red = {
dark = "#af005f";
bright = "#5faf5f";
};
green = {
bright = "#afd700";
dark = "#5faf00";
};
yellow = {
bright = "#af87d7";
dark = "#d7af5f";
};
blue = {
dark = "#5fafd7";
bright = "#ffaf00";
};
magenta = {
bright = "#ff5faf";
dark = "#808080";
};
cyan = {
dark = "#d7875f";
bright = "#00afaf";
};
white = {
dark = "#d0d0d0";
bright = "#5f8787";
};
background = black.dark;
foreground = white.dark;
cursor = blue.bright;
}

37
lib/colours/papercolor-light.nix
View File

@@ -1,37 +0,0 @@
rec {
black = {
dark = "#eeeeee";
bright = "#bcbcbc";
};
red = {
dark = "#af0000";
bright = "#d70000";
};
green = {
dark = "#008700";
bright = "#d70087";
};
yellow = {
dark = "#5f8700";
bright = "#8700af";
};
blue = {
dark = "#0087af";
bright = "#d75f00";
};
magenta = {
bright = "#878787";
dark = "#d75f00";
};
cyan = {
dark = "#005f87";
bright = "#005faf";
};
white = {
dark = "#444444";
bright = "#005f87";
};
background = black.dark;
foreground = white.dark;
cursor = blue.bright;
}

4
lib/default-applications.nix
View File

@@ -1,5 +1,5 @@
pkgs: rec {
terminal = "alacritty";
browser = "${pkgs.firefox}/bin/firefox";
fileManager = "${pkgs.cinnamon.nemo}/bin/nemo";
browser = "${pkgs.brave}/bin/brave";
fileManager = "${terminal} -e ${pkgs.ranger}/bin/ranger";
}

8
lib/default.nix
View File

@@ -40,16 +40,16 @@ rec {
sshPort = 22022;
colours = import ./colours/owickstrom-dark.nix;
colours = import ./colours/ibm-3270.nix;
theme = pkgs: {
gtk = {
name = "Adwaita-dark";
package = pkgs.gnome.gnome-themes-extra;
package = pkgs.gnome3.gnome-themes-extra;
};
icon = {
name = "Adwaita";
package = pkgs.gnome.adwaita-icon-theme;
package = pkgs.gnome3.adwaita-icon-theme;
};
cursor = {
name = "capitaine-cursors-white";
@@ -72,7 +72,7 @@ rec {
sshKeys = pkgs:
pkgs.lib.strings.splitString "\n" (pkgs.lib.strings.fileContents (pkgs.fetchurl {
url = "https://github.com/kmein.keys";
hash = "sha256-TvvPwplrH9cw7NE4GKqbE5ga+oBHM+TkjxYQ3b1fpLI=";
sha256 = "09c6ny0rmpid1m0pc1wsmb3wyy9g721lf4kv55i4lrp42b3i2d5b";
}));
};

119
lib/email.nix
View File

@@ -1,7 +1,82 @@
{lib, ...}: {
{
lib,
mainMailbox ? "posteo",
...
}: {
uni = {
user = "meinhark";
password = lib.strings.fileContents <secrets/eduroam/password>;
address = "kieran.felix.meinhardt@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
uni-old = {
user = "meinhark";
password = lib.strings.fileContents <secrets/eduroam/password>;
address = "meinhark@informatik.hu-berlin.de";
imap = "mailbox.informatik.hu-berlin.de";
smtp = "mailhost.informatik.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
work-uni = {
user = "meinhaki";
password = lib.strings.fileContents <secrets/mail/meinhaki>;
address = "kieran.meinhardt@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
work-admin = {
user = "dslalewa";
password = lib.strings.fileContents <secrets/mail/dslalewa>;
address = "admin.alew.vglsprwi@hu-berlin.de";
imap = "mailbox.cms.hu-berlin.de";
smtp = "mailhost.cms.hu-berlin.de";
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
work-fysi = rec {
user = "kieran@fysi.tech";
address = user;
password = lib.strings.fileContents <secrets/mail/fastmail>;
imap = "imap.fastmail.com";
smtp = "smtp.fastmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
cock = rec {
user = "2210@cock.li";
address = user;
password = lib.strings.fileContents <secrets/mail/cock>;
imap = "mail.cock.li";
smtp = imap;
smtpSettings = smtp: "smtp://${smtp}:587";
@@ -11,4 +86,46 @@
trash = "Trash";
};
};
"${mainMailbox}" = rec {
user = "kieran.meinhardt@posteo.net";
address = user;
password = lib.strings.fileContents <secrets/mail/posteo>;
imap = "posteo.de";
smtp = imap;
smtpSettings = smtp: "smtp://${smtp}";
folders = {
drafts = "Drafts";
sent = "Sent";
trash = "Trash";
};
};
google-amro = rec {
user = "amroplay@gmail.com";
address = user;
password = lib.strings.fileContents <secrets/mail/gmail/amroplay>;
imap = "imap.gmail.com";
smtp = "smtp.gmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "[Gmail]/Drafts";
sent = "[Gmail]/Sent Mail";
trash = "[Gmail]/Bin";
};
};
google-kieran = rec {
user = "kieran.meinhardt@gmail.com";
address = user;
password = lib.strings.fileContents <secrets/mail/gmail/kieran.meinhardt>;
imap = "imap.gmail.com";
smtp = "smtp.gmail.com";
smtpSettings = smtp: "smtps://${smtp}:465";
folders = {
drafts = "[Gmail]/Entwürfe";
sent = "[Gmail]/Gesendet";
trash = "[Gmail]/Papierkorb";
};
};
}

69
lib/i3status-rust.nix
View File

@@ -3,14 +3,15 @@
wirelessInterface,
colours,
batteryName,
accounts,
}: let
inherit (pkgs) lib;
setsid = script:
pkgs.writers.writeDash "setsid-command" ''
${pkgs.util-linux}/bin/setsid ${script}
${pkgs.utillinux}/bin/setsid ${script}
'';
accounts = import <niveum/lib/email.nix> {inherit lib;};
in {
theme = {
name = "plain";
@@ -21,6 +22,8 @@ in {
info_fg = colours.cyan.bright;
warning_fg = colours.yellow.bright;
warning_bg = colours.background;
alternating_tint_bg = colours.background;
alternating_tint_fg = colours.background;
critical_bg = colours.background;
good_bg = colours.background;
idle_bg = colours.background;
@@ -32,8 +35,6 @@ in {
};
icons.name = "awesome6";
icons.overrides.rss = "";
icons.overrides.vpn = "";
icons.overrides.irc = "";
block = [
{
block = "weather";
@@ -41,6 +42,7 @@ in {
format = "{location}: {temp}C";
service = {
name = "openweathermap";
api_key = lib.strings.fileContents <secrets/openweathermap.key>;
city_id = "2950159";
units = "metric";
};
@@ -49,7 +51,7 @@ in {
block = "custom";
interval = 60 * 5;
command = let
spacetime = import ../configs/spacetime.nix;
spacetime = import <niveum/configs/spacetime.nix>;
in
pkgs.writers.writePython3 "sun.py" {
libraries = [pkgs.python3Packages.astral];
@@ -68,11 +70,6 @@ in {
print("{} {} {}{}".format(sun["sunrise"].strftime("%R"), sun["sunset"].strftime("%R"), "" if current_phase < 14 else "", round(current_phase, 1)))
'';
}
{
block = "github";
info = ["total"];
warning = ["mention" "review_requested" "team_mention" "manual" "invitation" "assign" "subscribed"];
}
{
block = "custom";
interval = 10;
@@ -89,7 +86,7 @@ in {
| (map(select(.due >= now and .due < now + (60 * 60 * 24))) | length) as $dueToday
| {
icon: "tasks",
text: (($overdue + $dueToday) as $sum | if $sum > 0 then $sum | tostring else "" end),
text: ($overdue + $dueToday) | tostring,
state: (
if $overdue > 0 then
"Critical"
@@ -103,31 +100,27 @@ in {
'
'';
json = true;
hide_when_empty = true;
}
{
block = "custom";
interval = 60 * 5;
command = let
query-account = name: account: "${pkgs.writers.writeDash "query-imap-${name}" ''
password=$(${toString account.passwordCommand})
${pkgs.coreutils}/bin/timeout 1 ${pkgs.curl}/bin/curl -sSL -u ${lib.escapeShellArg account.userName}:"$password" imaps://${account.imap.host} -X 'STATUS INBOX (UNSEEN)' \
| ${pkgs.gnugrep}/bin/grep -Eo '[0-9]+' \
| sed 's/^/{"${name}":/;s/$/}/'
''} &";
query-account = account:
pkgs.writers.writeDash "query-imap" ''
${pkgs.curl}/bin/curl -sSL -u ${lib.escapeShellArg "${account.user}:${account.password}"} imaps://${account.imap} -X 'STATUS INBOX (UNSEEN)' \
| ${pkgs.gnugrep}/bin/grep -Eo '[0-9]+'
'';
in
pkgs.writers.writeDash "unread-mail" ''
{
${lib.concatStringsSep "\n" (lib.mapAttrsToList query-account accounts)}
wait
} | jq -s 'if length == 0 then {text: "", icon: "mail", state: "Idle"} else
add
| (values | add) as $sum
${lib.concatMapStringsSep "\n" query-account (builtins.attrValues accounts)}
} | jq -s '
(. | add) as $sum
| {
text: (if $sum > 0 then $sum | tostring else "" end),
text: $sum | tostring,
icon: "mail",
state: (
if .["hu-student"] > 0 or .["hu-employee"] > 0 or .posteo > 0 then
if $sum > 5 then
"Warning"
elif $sum > 0 then
"Info"
@@ -135,35 +128,19 @@ in {
"Idle"
end
)
} end'
}'
'';
json = true;
hide_when_empty = true;
}
{
block = "custom";
interval = 60;
command = pkgs.writers.writeDash "weechat" ''
ssh -o ConnectTimeout=1 makanek cat /var/lib/weechat/hotlist.txt | sed 's/,/\n/g' | wc -l | jq '{
text: (if . > 0 then . | tostring else "" end),
state: (if . > 0 then "Info" else "Idle" end),
icon: "irc"
}'
'';
json = true;
hide_when_empty = true;
}
{
block = "custom";
interval = 5;
command = pkgs.writers.writeDash "hu-berlin-vpn" ''
PATH=${lib.makeBinPath [pkgs.systemd]}
(systemctl is-active --quiet openvpn-hu-berlin.service && echo '{"state": "Good", "text": "OpenVPN", "icon": "vpn"}') \
|| (systemctl is-active --quiet hu-vpn.service && echo '{"state": "Good", "text": "PPP+SSL", "icon": "vpn"}') \
|| echo '{"state": "Idle", "icon": "vpn", "text": ""}'
(systemctl is-active --quiet openvpn-hu-berlin.service && echo "OVPN") \
|| (systemctl is-active --quiet hu-vpn.service && echo "PPP-VPN") \
|| :
'';
json = true;
hide_when_empty = true;
}
{
block = "net";
@@ -191,7 +168,7 @@ in {
{block = "load";}
{
block = "custom";
interval = 1;
interval = 10;
json = true;
command = pkgs.writers.writeDash "time" ''
${pkgs.jq}/bin/jq -n \

45
lib/panoptikon.nix
View File

@@ -1,45 +0,0 @@
{
pkgs,
lib,
niveumPackages,
config,
...
}: {
# watcher scripts
url = address:
pkgs.writers.writeDash "watch-url" ''
${pkgs.curl}/bin/curl -sSL ${lib.escapeShellArg address} \
| ${pkgs.python3Packages.html2text}/bin/html2text --decode-errors=ignore
'';
urlSelector = selector: address:
pkgs.writers.writeDash "watch-url-selector" ''
${pkgs.curl}/bin/curl -sSL ${lib.escapeShellArg address} \
| ${pkgs.htmlq}/bin/htmlq ${lib.escapeShellArg selector} \
| ${pkgs.python3Packages.html2text}/bin/html2text
'';
urlJSON = {jqScript ? "."}: address:
pkgs.writers.writeDash "watch-url-json" ''
${pkgs.curl}/bin/curl -sSL ${lib.escapeShellArg address} | ${pkgs.jq}/bin/jq -f ${pkgs.writeText "script.jq" jqScript}
'';
# reporter scripts
kpaste-irc = {
target,
retiolumLink ? false,
server ? "irc.r",
messagePrefix ? "change detected: ",
nick ? ''"$PANOPTIKON_WATCHER"-watcher'',
}:
pkgs.writers.writeDash "kpaste-irc-reporter" ''
${niveumPackages.kpaste}/bin/kpaste \
| ${pkgs.gnused}/bin/sed -n "${
if retiolumLink
then "2"
else "3"
}s/^/${messagePrefix}/p" \
| ${config.nur.repos.mic92.ircsink}/bin/ircsink \
--nick ${nick} \
--server ${server} \
--target ${target}
'';
}

5
lib/retiolum-network.nix
View File

@@ -23,10 +23,7 @@
ipv4 = "10.243.2.85";
ipv6 = "42:0:3c46:ac99:ae36:cb8:c551:ba27";
};
tabula = {
ipv4 = "10.243.2.78";
ipv6 = "";
};
tahina = {
ipv4 = "10.243.2.74";
ipv6 = "42:0:3c46:2923:1c90:872:edd6:306";

276
lib/streams.nix
View File

@@ -3,49 +3,47 @@
# soma.fm generated via: curl https://somafm.com/ | pup '.cbshort json{}' | jq 'map({logo:.children[0].children[0].src|sub("^"; "http://soma.fm"), desc: .children[2].text, station: .children[1].text})'
let
tags = {
ambient = "ambient";
american = "american";
amro = "dj_amro";
arabic = "arabi";
balkan = "balkan";
berlin = "berlin";
brazilian = "brasil";
chill = "chill";
chinese = "china";
classical = "classical";
discover = "discover";
danish = "denmark";
dnb = "dnb";
dubstep = "dubstep";
french = "france";
geschepper = "geschepper";
greek = "greece";
greenlandic = "greenland";
groovy = "groovy";
holy = "holy";
indian = "india";
irie = "jamaica";
irish = "ireland";
jazz = "jazz";
lofi = "lofi";
metal = "metal";
party = "party";
pop = "pop";
radiorecord = "radiorecord";
rap = "rap";
rock = "rock";
russian = "russia";
schlager = "schlager";
soma = "soma";
text = "text";
top40 = "top40";
trad = "trad";
trance = "trance";
trap = "trap";
turkish = "turkey";
vintage = "vintage";
wave = "wave";
xmas = "xmas";
ambient = "🧘 Ambient";
american = "🇺🇸 USA";
amro = "👦 Amro";
arabic = "🇸🇦 عربيic";
balkan = "🇧🇦 Balkan";
berlin = "🐻 Berlin";
brazilian = "🇧🇷 Brasil";
chill = "🧊 Chill";
chinese = "🇨🇳 ";
classical = "🎻 Classical";
discover = "😲 Discover";
dnb = "🥁 DnB";
dubstep = "🎆 Dubstep";
french = "🇫🇷 France";
geschepper = "🤯 Geschepper";
greek = "🇬🇷 Ελλάδα";
greenlandic = "🇬🇱 Kalaallit Nunaat";
groovy = "🕺 Groovy";
holy = " Holy";
indian = "🇮🇳 ";
irie = "🇯🇲 Irie";
irish = "🇮🇪 Éire";
jazz = "🎷 Jazz";
lofi = " Lo-Fi";
metal = "🤘 Metal";
party = "🪩 Party";
pop = "🎙 Pop";
rap = "💸 Rap";
rock = "🎸 Rock";
russian = "🇷🇺 Россия";
schlager = "💩 Schlager";
soma = "🍄 σμα ";
text = "📚 Text";
top40 = " Top 40";
trad = "👘 Trad";
trance = "🎇 Trance";
trap = "🪤 Trap";
turkish = "🇹🇷 Türkiye";
vintage = "🕰 Vintage";
wave = "🌊 ";
xmas = "🎅 Christmas";
};
# https://github.com/NixOS/nixpkgs/blob/bc06c93905f60a82d6ebbb78f78cf289257860cc/lib/trivial.nix#L281-L282
@@ -72,9 +70,6 @@ let
royal-name = name: "${name} | RoyalRadio";
royal = name: "http://193.33.170.218:8000/${name}";
dr-name = name: "${name} | Danmarks Radio";
dr = name: let quality = 320; in "https://drliveradio.akamaized.net/hls/live/2022411-b/${name}/playlist-${toString quality}000.m3u8";
bhaktiworld-name = name: "${name} | Bhaktiworld";
bhaktiworld = name: "http://${name}.out.airtime.pro:8000/${name}_a";
bhaktiworld-logo = "http://www.bhaktiworld.com/Bhakti-world-logo.png";
@@ -157,7 +152,7 @@ in
}
{
stream = "http://rb-stream.de:8000/rrb_128.mp3";
station = "Radio Golos Berlina";
station = "Radio Russkij Berlin";
logo = "http://radio-rb.de/img/site/logo.png";
desc = "Голос нашего города ...";
tags = [tags.berlin tags.russian];
@@ -169,7 +164,7 @@ in
]
++
# generated via: curl https://radiorecord.ru/api/stations | jq '.result.stations | sort_by(.sort) | map({station:.title,desc:.tooltip,logo:.icon_fill_colored,stream:.stream_320})' > radiorecord.json
map (x: x // {tags = [tags.radiorecord];}) (importJSON ./radiorecord.json)
importJSON ./radiorecord.json
++ [
{
desc = "Your favorite dance tunes from the start of the decade. Familiar hits and overlooked classics in abundance.";
@@ -956,11 +951,6 @@ in
stream = soma-fm "scanner";
tags = [tags.soma tags.text];
}
{
station = "Al Jazeera Arabic";
stream = "https://live-hls-audio-web-aja.getaj.net/VOICE-AJA/01.m3u8";
tags = [tags.text tags.arabic];
}
{
desc = "Celebrating NASA and Space Explorers everywhere.";
logo = "http://soma.fm/img/missioncontrol120.jpg";
@@ -1598,32 +1588,11 @@ in
logo = "https://cdn.radiofrance.fr/s3/cruiser-production/2019/01/3c4dc967-ed2c-4ce5-a998-9437a64e05d5/300x300_rapfr.jpg";
tags = [tags.french tags.rap];
}
{
station = "Radio Sunna";
desc = "Sunnah of the Prophet";
stream = "http://andromeda.shoutca.st:8189/stream";
tags = [tags.arabic tags.text tags.holy];
}
{
stream = "http://66.45.232.131:9994/;stream.mp3";
station = "ERTU Al Quran Al Kareem";
tags = [tags.arabic tags.text tags.holy];
}
{
stream = "http://149.28.52.216:3344/listen.mp3";
station = "Verse 24/7 Holy Quran";
tags = [tags.arabic tags.text tags.holy];
}
{
stream = "https://s6.voscast.com:9355/stream";
station = "Kilid Herat";
tags = [tags.arabic tags.holy]; # nasheeds
}
{
stream = "https://s6.voscast.com:9355/stream";
station = "Radio Salam Watandar";
tags = [tags.arabic tags.holy];
}
{
stream = "http://onair15.xdevel.com:7064/1/";
station = "Radio Mozart Italia";
@@ -1812,162 +1781,45 @@ in
stream = "http://radio.hostchefs.net:8046/stream";
tags = [tags.greek];
}
{
station = dr-name "P4 København";
stream = dr "p4kobenhavn";
tags = [tags.top40 tags.danish];
}
{
station = dr-name "P1";
stream = dr "p1";
tags = [tags.top40 tags.danish];
}
{
station = dr-name "P2";
stream = dr "p2";
tags = [tags.classical tags.danish];
}
{
station = dr-name "P3";
stream = dr "p3";
tags = [tags.top40 tags.danish];
}
{
station = dr-name "P5 København";
stream = dr "p5kobenhavn";
tags = [tags.top40 tags.danish];
}
{
station = dr-name "P6 Beat";
stream = dr "p6beat";
tags = [tags.top40 tags.danish];
}
{
station = dr-name "P8 Jazz";
stream = dr "p8jazz";
tags = [tags.jazz tags.danish];
}
{
station = "CNN morse code slow";
stream = "http://cw.dimebank.com:8080/CNNslow";
tags = [tags.text];
}
{
station = "CNN morse code fast";
stream = "http://cw.dimebank.com:8080/CNNfast";
tags = [tags.text];
}
{
station = "XXX orchestral";
stream = "http://orion.shoutca.st:8978/stream";
tags = [tags.classical];
}
{
station = "XXX greek";
stream = "http://radio.hostchefs.net:8046/stream?1520818130148";
tags = [tags.greek];
}
{
station = "XXX turkish or greek";
stream = "https://onairmediagroup.live24.gr/kralfm100xanthi";
tags = [tags.greek tags.turkish];
}
{
station = "Hard Rock Hell Radio";
tags = [tags.rock];
stream = "http://andromeda.shoutca.st:9254/stream";
}
{
station = "Divyavani";
tags = [tags.trad tags.indian];
stream = "https://divyavani.radioca.st/stream";
}
{
station = "XXX sanskrit radio";
tags = [tags.text tags.indian];
stream = "https://stream-23.zeno.fm/m08mkwsyw8quv?zs=0w7MJFPdRfavhR_zPt0M2g";
}
{
station = "Radio Mariam Arabic";
stream = "http://www.dreamsiteradiocp4.com:8014/stream";
tags = [tags.text tags.arabic];
}
{
station = "Kamchatka Live Rock";
stream = "https://radio.kamchatkalive.ru:8103/rock";
tags = [tags.rock];
}
{
station = "Kamchatka Live Chillout";
stream = "https://radio.kamchatkalive.ru:8103/chillout";
tags = [tags.chill];
}
{
station = "Kamchatka Live Dance";
stream = "https://radio.kamchatkalive.ru:8103/dance";
tags = [tags.party];
}
{
tags = [tags.arabic tags.text];
stream = "http://n02.radiojar.com/sxfbks1vfy8uv.mp3";
station = "Bahrain Radio 102.3 FM (Arabic Stories)";
}
{
tags = [tags.arabic tags.text tags.holy];
stream = "http://s2.voscast.com:12312/;";
station = "Bahrain Quran Radio";
}
{
tags = [tags.arabic tags.text tags.holy];
stream = "http://162.244.81.30:8224/;";
station = "Quran Radio Lebanon";
}
{
tags = [tags.arabic tags.text tags.holy];
station = "Coptic for God";
stream = "http://66.70.249.70:5832/stream";
}
{
stream = "http://stream-025.zeno.fm/5y95pu36sm0uv?";
station = "Hayat FM";
tags = [tags.arabic tags.text tags.holy];
}
{
stream = "http://uk2.internet-radio.com:8151/stream";
station = "The Quran Radio";
tags = [tags.arabic tags.text tags.holy];
}
]
++ map (name: {
stream = "https://${name}.stream.publicradio.org/${name}.aac";
station = "${name} | Your Classical";
tags = [tags.classical];
}) ["ycradio" "guitar" "cms" "relax" "lullabies" "choral" "favorites" "chambermusic" "concertband" "holiday"]
/*
(caster-fm "TODO" "noasrv" 10182) # https://github.com/cccruzr/albumsyoumusthear/blob/7e00baf575e4d357cd275d54d1aeb717321141a8/HLS/IBERO_90_1.m3u
(caster-fm "TODO" "shaincast" 20866) # https://github.com/cccruzr/albumsyoumusthear/blob/7e00baf575e4d357cd275d54d1aeb717321141a8/HLS/IBERO_90_1.m3u
CNN news in morse code
http://cw.dimebank.com:8080/CNNslow
http://cw.dimebank.com:8080/CNNfast
Orchestral
http://orion.shoutca.st:8978/stream
LoFi / Chill
http://ice55.securenetsystems.net/DASH76
News background music
https://c13014-l-hls.u.core.cdn.streamfarm.net/1000153copo/hk2.m3u8
?
http://94.23.221.158:9163/stream
Greek radio
http://radio.hostchefs.net:8046/stream?1520818130148
: http://audiokrishna.com/stations/japa2.mp3
http://185.105.4.53:2339//;stream.mp3
http://cast5.servcast.net:1390/;stream.mp3
Hard rock
http://andromeda.shoutca.st:9254/stream
Rock alternative
http://icy.unitedradio.it/VirginRockAlternative.mp3
American nautical weather news
http://ca.radioboss.fm:8149/stream
Christian radio in all languages
https://jesuscomingfm.com/#
tamazight http://live.jesuscomingfm.com:8462/;
Somali Radio
http://n0b.radiojar.com/1pu7hhf8kfhvv
Chillout from kassel
https://server4.streamserver24.com:2199/tunein/ejanowsk.pls
*/

86
lib/vim/init.lua
View File

@@ -1,86 +0,0 @@
local opts = { noremap=true, silent=true }
vim.keymap.set('n', '<space>e', vim.diagnostic.open_float, opts)
vim.keymap.set('n', '[d', vim.diagnostic.goto_prev, opts)
vim.keymap.set('n', ']d', vim.diagnostic.goto_next, opts)
vim.keymap.set('n', '<space>q', vim.diagnostic.setloclist, opts)
-- Use an on_attach function to only map the following keys
-- after the language server attaches to the current buffer
local on_attach = function(client, bufnr)
-- Enable completion triggered by <c-x><c-o>
vim.api.nvim_buf_set_option(bufnr, 'omnifunc', 'v:lua.vim.lsp.omnifunc')
-- Mappings.
-- See `:help vim.lsp.*` for documentation on any of the below functions
local bufopts = { noremap=true, silent=true, buffer=bufnr }
vim.keymap.set('n', 'gD', vim.lsp.buf.declaration, bufopts)
vim.keymap.set('n', 'gd', vim.lsp.buf.definition, bufopts)
vim.keymap.set('n', 'K', vim.lsp.buf.hover, bufopts)
vim.keymap.set('n', 'gi', vim.lsp.buf.implementation, bufopts)
vim.keymap.set('n', '<C-k>', vim.lsp.buf.signature_help, bufopts)
vim.keymap.set('n', '<space>wa', vim.lsp.buf.add_workspace_folder, bufopts)
vim.keymap.set('n', '<space>wr', vim.lsp.buf.remove_workspace_folder, bufopts)
vim.keymap.set('n', '<space>wl', function()
print(vim.inspect(vim.lsp.buf.list_workspace_folders()))
end, bufopts)
vim.keymap.set('n', '<space>D', vim.lsp.buf.type_definition, bufopts)
vim.keymap.set('n', '<space>rn', vim.lsp.buf.rename, bufopts)
vim.keymap.set('n', '<space>ca', vim.lsp.buf.code_action, bufopts)
vim.keymap.set('n', 'gr', vim.lsp.buf.references, bufopts)
vim.keymap.set('n', '<space>f', function() vim.lsp.buf.format { async = true } end, bufopts)
end
local lsp_flags = {
-- This is the default in Nvim 0.7+
debounce_text_changes = 150,
}
language_servers = {
pyright = {}, -- pyright
-- tsserver = {}, -- typescript-language-server
-- elmls = {}, -- elm-language-server
-- denols = {}, -- deno built in
-- bashls = {}, -- bash-language-server
hls = {}, -- haskell-language-server
-- html = {}, -- vscode-langservers-extracted
-- jsonls = {}, -- vscode-langservers-extracted
nil_ls = {}, -- github:oxalica/nil
-- rnix = {}, -- rnix-lsp
-- jqls = {}, -- jq-lsp
rust_analyzer = { ["rust-analyzer"] = {} },
-- eslint?
-- volar? vls?
texlab = {
texlab = {
auxDirectory = ".",
bibtexFormatter = "texlab",
build = {
args = { "-pdf", "-interaction=nonstopmode", "-synctex=1", "%f" },
executable = "latexmk",
forwardSearchAfter = false,
onSave = false
},
chktex = {
onEdit = false,
onOpenAndSave = false
},
diagnosticsDelay = 300,
formatterLineLength = 80,
forwardSearch = {
args = {}
},
latexFormatter = "latexindent",
latexindent = {
modifyLineBreaks = false
}
}
}
}
for server, settings in pairs(language_servers) do
require('lspconfig')[server].setup{
on_attach = on_attach,
flags = lsp_flags,
settings = settings,
}
end

1
lib/vim/init.vim
View File

@@ -73,7 +73,6 @@ let g:netrw_altv=1 " open splits to the right
let g:netrw_liststyle=3 " tree view
let g:netrw_list_hide=netrw_gitignore#Hide()
let g:netrw_list_hide.=',\(^\|\s\s\)\zs\.\S\+'
let g:netrw_winsize = 25
call matchadd('colorcolumn', '\%101v', 100)
highlight colorcolumn ctermbg=red

7
modules/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{
imports = [
./constants.nix
./dropbox.nix
./retiolum.nix
];
}

34
modules/dropbox.nix Normal file
View File

@@ -0,0 +1,34 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.niveum.dropbox;
in {
options.niveum.dropbox = {enable = mkEnableOption "Dropbox";};
config = mkIf cfg.enable {
environment.systemPackages = [pkgs.dropbox-cli];
networking.firewall = {
allowedTCPPorts = [17500];
allowedUDPPorts = [17500];
};
systemd.user.services.dropbox = {
description = "Dropbox synchronisation service";
wantedBy = ["graphical-session.target"];
serviceConfig = {
ExecStart = "${pkgs.dropbox.out}/bin/dropbox";
ExecReload = "${pkgs.coreutils.out}/bin/kill -HUP $MAINPID";
KillMode = "control-group"; # upstream recommends process
Restart = "on-failure";
PrivateTmp = true;
ProtectSystem = "full";
Nice = 10;
};
};
};
}

86
modules/hledger.nix Normal file
View File

@@ -0,0 +1,86 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.niveum.hledger;
hledger-git = pkgs.writers.writeDashBin "hledger-git" ''
LEDGER_DIR="$(dirname $LEDGER_FILE)"
GIT="${pkgs.git}/bin/git -C ''${LEDGER_DIR}"
if [ "$1" = entry ]; then
${cfg.package}/bin/hledger balance -V > "$LEDGER_DIR/balance.txt"
$GIT add balance.txt
$GIT commit --all --message="$(date -Im)"
else
$GIT $*
fi
'';
hledger-edit = pkgs.writers.writeDashBin "hledger-edit" ''
LEDGER_DIR="$(dirname $LEDGER_FILE)"
$EDITOR ''${LEDGER_DIR}/current.journal
'';
in {
options.niveum.hledger = {
enable = mkEnableOption "hledger";
package = mkOption {
type = types.package;
default = pkgs.hledger;
};
ledgerFile = mkOption {
type = types.str;
default = null;
};
server = {
enable = mkEnableOption "hledger server";
port = mkOption {
type = types.port;
default = 5000;
};
host = mkOption {
type = types.str;
default = "127.0.0.1";
};
capabilities = mkOption {
type = types.listOf (types.enum ["view" "add" "manage"]);
default = ["view" "add"];
};
flags = mkOption {
type = types.listOf types.str;
default = [];
};
user = mkOption {type = types.attrs;};
package = mkOption {
type = types.package;
default = pkgs.hledger-web;
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [cfg.package hledger-git hledger-edit];
environment.variables.LEDGER_FILE =
mkIf (cfg.ledgerFile != null) cfg.ledgerFile;
systemd.services.hledger-web = mkIf cfg.server.enable {
description = "hledger server";
wantedBy = ["multi-user.target"];
serviceConfig = {
Restart = "always";
ExecStart = ''
${cfg.server.package}/bin/hledger-web \
--port=${toString cfg.server.port} \
--host=${cfg.server.host} \
--capabilities=${concatStringsSep "," cfg.server.capabilities} \
${concatStringsSep " " cfg.server.flags}
'';
User = cfg.server.user.name;
PrivateTemp = true;
RuntimeDirectory = "hledger-web";
WorkingDirectory = "%t/hledger-web";
};
};
};
}

47
modules/htgen.nix
View File

@@ -1,47 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
htgen = pkgs.callPackage ../packages/htgen.nix {};
in {
options.services.htgen = lib.mkOption {
default = {};
type = lib.types.attrsOf (lib.types.submodule ({config, ...}: {
options = {
enable = lib.mkEnableOption "htgen-${config._module.args.name}";
port = lib.mkOption {
type = lib.types.int;
};
script = lib.mkOption {
type = lib.types.str;
};
};
}));
};
config = {
systemd.services =
lib.mapAttrs' (
name: cfg:
lib.nameValuePair "htgen-${name}" {
wantedBy = ["multi-user.target"];
after = ["network.target"];
environment = {
HOME = "/var/lib/htgen-${name}";
HTGEN_PORT = toString cfg.port;
HTGEN_SCRIPT = cfg.script;
};
serviceConfig = {
SyslogIdentifier = "htgen-${name}";
DynamicUser = true;
StateDirectory = "htgen-${name}";
PrivateTmp = true;
Restart = "always";
ExecStart = "${htgen}/bin/htgen --serve";
};
}
)
config.services.htgen;
};
}

13
modules/minecraft.nix Normal file
View File

@@ -0,0 +1,13 @@
{
pkgs,
lib,
config,
...
}:
with lib; let
cfg = config.niveum.minecraft;
in {
options.niveum.minecraft = {enable = mkEnableOption "Minecraft";};
config = mkIf cfg.enable {environment.systemPackages = [pkgs.minecraft];};
}

9
modules/moodle-dl.nix
View File

@@ -23,13 +23,6 @@ in {
'';
};
tokensFile = mkOption {
type = types.path;
description = ''
Path to a JSON file containing a "token" key and, optionally, a "telegram"."token" key.
'';
};
notifyOnly = mkOption {
default = false;
type = types.bool;
@@ -81,7 +74,7 @@ in {
Group = config.users.groups.moodle-dl.name;
WorkingDirectory = cfg.directory;
ExecStart = "${cfg.package}/bin/moodle-dl ${lib.optionalString cfg.notifyOnly "--without-downloading-files"}";
ExecStartPre = pkgs.writers.writeDash "moodle-dl-config" "${pkgs.jq}/bin/jq -s '.[0] * .[1]' ${toString moodle-dl-json} ${toString cfg.tokensFile} > ${cfg.directory}/config.json";
ExecStartPre = "${pkgs.coreutils}/bin/ln -sfn ${toString moodle-dl-json} ${cfg.directory}/config.json";
}
(mkIf (cfg.directory == stateDirectoryDefault) {StateDirectory = "moodle-dl";})
];

130
modules/panoptikon.nix
View File

@@ -1,130 +0,0 @@
{
config,
lib,
pkgs,
...
}: {
options.services.panoptikon = {
enable = lib.mkEnableOption "Generic command output / website watcher";
watchers = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule (watcher: {
options = {
script = lib.mkOption {
type = lib.types.path;
description = ''
A script whose stdout is to be watched.
'';
example = ''
pkgs.writers.writeDash "github-meta" '''
''${pkgs.curl}/bin/curl -sSL https://api.github.com/meta | ''${pkgs.jq}/bin/jq
'''
'';
};
frequency = lib.mkOption {
type = lib.types.str;
description = ''
How often to run the script. See systemd.time(7) for more information about the format.
'';
example = "*:0/3";
default = "daily";
};
reporters = lib.mkOption {
type = lib.types.listOf lib.types.path;
description = ''
A list of scripts that take the diff (if any) via stdin and report it (e.g. to IRC, Telegram or Prometheus). The name of the watcher will be in the $PANOPTIKON_WATCHER environment variable.
'';
example = ''
[
(pkgs.writers.writeDash "telegram-reporter" '''
''${pkgs.curl}/bin/curl -X POST https://api.telegram.org/bot''${TOKEN}/sendMessage \
-d chat_id=123456 \
-d text="$(cat)"
''')
(pkgs.writers.writeDash "notify" '''
''${pkgs.libnotify}/bin/notify-send "$PANOPTIKON_WATCHER has changed."
''')
]
'';
};
};
config = {};
}));
};
};
config = let
cfg = config.services.panoptikon;
in
lib.mkIf cfg.enable {
users.extraUsers.panoptikon = {
isSystemUser = true;
createHome = true;
home = "/var/lib/panoptikon";
group = "panoptikon";
};
users.extraGroups.panoptikon = {};
systemd.timers = lib.attrsets.mapAttrs' (watcherName: _:
lib.nameValuePair "panoptikon-${watcherName}" {
timerConfig.RandomizedDelaySec = toString (60 * 60);
})
cfg.watchers;
systemd.services =
{
setup-panoptikon = {
enable = true;
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "oneshot";
User = "panoptikon";
Group = "panoptikon";
WorkingDirectory = "/var/lib/panoptikon";
Restart = "on-failure";
};
script = ''
${pkgs.git}/bin/git init --quiet
${pkgs.git}/bin/git config user.email "panoptikon@${config.networking.hostName}"
${pkgs.git}/bin/git config user.name Panoptikon
'';
};
}
// lib.attrsets.mapAttrs' (watcherName: watcherOptions:
lib.nameValuePair "panoptikon-${watcherName}" {
enable = true;
after = ["setup-panoptikon.service"];
startAt = watcherOptions.frequency;
serviceConfig = {
Type = "oneshot";
User = "panoptikon";
Group = "panoptikon";
WorkingDirectory = "/var/lib/panoptikon";
RestartSec = "60";
Restart = "on-failure";
};
unitConfig = {
StartLimitIntervalSec = "300";
StartLimitBurst = "5";
};
environment.PANOPTIKON_WATCHER = watcherName;
wants = ["network-online.target"];
script = ''
set -efu
${watcherOptions.script} > ${watcherName}
${pkgs.git}/bin/git add ${watcherName}
${pkgs.git}/bin/git commit --message "${watcherName} / $(${pkgs.coreutils}/bin/date -Is)" || :
if [ -n "$(${pkgs.git}/bin/git diff HEAD^ -- ${watcherName})" ]; then
${lib.strings.concatMapStringsSep "\n" (reporter: ''
${pkgs.git}/bin/git diff HEAD^ -- ${watcherName} | ${reporter}
'')
watcherOptions.reporters}
:
fi
'';
})
cfg.watchers;
};
}

94
modules/power-action.nix
View File

@@ -1,94 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.services.power-action;
out = {
options.services.power-action = api;
config = lib.mkIf cfg.enable imp;
};
api = {
enable = mkEnableOption "power-action";
battery = mkOption {
type = types.str;
default = "BAT0";
};
user = mkOption {
type = types.str;
default = "power-action";
};
startAt = mkOption {
type = types.str;
default = "*:0/1";
};
plans = mkOption {
type = with types;
attrsOf (submodule {
options = {
charging = mkOption {
type = nullOr bool;
default = null;
description = ''
check for charging status.
null = don't care
true = only if system is charging or unknown
false = only if system is discharging
'';
};
upperLimit = mkOption {
type = int;
};
lowerLimit = mkOption {
type = int;
};
action = mkOption {
type = path;
};
};
});
};
};
imp = {
systemd.services.power-action = {
serviceConfig = rec {
ExecStart = startScript;
User = cfg.user;
};
startAt = cfg.startAt;
};
};
startScript = pkgs.writers.writeDash "power-action" ''
set -euf
power="$(${powerlvl})"
state="$(${state})"
${concatStringsSep "\n" (mapAttrsToList writeRule cfg.plans)}
'';
charging_check = plan:
if (plan.charging == null)
then ""
else if plan.charging
then ''&& [ "$state" = "true" ]''
else ''&& ! [ "$state" = "true" ]'';
writeRule = _: plan: "if [ $power -ge ${toString plan.lowerLimit} ] && [ $power -le ${toString plan.upperLimit} ] ${charging_check plan}; then ${plan.action}; fi";
powerlvl = pkgs.writers.writeDash "powerlvl" ''
cat /sys/class/power_supply/${cfg.battery}/capacity
'';
state = pkgs.writers.writeDash "state" ''
if [ "$(cat /sys/class/power_supply/${cfg.battery}/status)" = "Discharging" ]
then echo "false"
else echo "true"
fi
'';
in
out

96
modules/specus.nix
View File

@@ -1,96 +0,0 @@
{
config,
lib,
pkgs,
...
}: let
specusMachines = {
servers = {
makanek = {
ipv4 = "10.100.0.1";
publicKey = "KhcScd4fBpdhQzK8Vc+1mEHQMQBpbKBUPB4oZ7skeSk=";
};
ful = {
ipv4 = "10.100.0.2";
publicKey = "0Y7+zoXkWJGVOWWnMjvYjtwP+WpggAlmkRbgMw0z8Dk=";
};
};
clients = {
kabsa = {
ipv4 = "10.100.0.101";
publicKey = "nRkzoRi9crKHF7263U37lt4GGL7/8637NBSKjifI9hY=";
};
};
};
in {
options.services.specus = {
server = {
enable = lib.mkEnableOption "Specus private VPN (server)";
};
client = {
enable = lib.mkEnableOption "Specus private VPN (client)";
};
privateKeyFile = lib.mkOption {
type = lib.types.path;
description = "Private key file of the server/client machine";
};
};
config = let
cfg = config.services.specus;
specusPort = 22;
in
{
assertions = [
{
assertion =
!(cfg.server.enable && cfg.client.enable);
message = "specus: systems cannot be client and server at the same time";
}
];
}
// lib.mkIf cfg.server.enable {
networking.nat = {
enable = true;
externalInterface = "eth0"; # TODO
internalInterfaces = ["specus"];
};
networking.firewall.allowedUDPPorts = [specusPort];
networking.wireguard.interfaces.specus = {
ips = ["${specusMachines.servers.${config.networking.hostName}.ipv4}/24"];
# For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients
postSetup = ''
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
'';
postShutdown = ''
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
'';
listenPort = specusPort;
privateKeyFile = cfg.privateKeyFile;
peers =
lib.mapAttrsToList (clientName: clientConfig: {
publicKey = clientConfig.publicKey;
allowedIPs = ["${clientConfig.ipv4}/32"];
})
specusMachines.clients;
};
}
// lib.mkIf cfg.client.enable {
networking.firewall.allowedUDPPorts = [specusPort];
networking.wireguard.interfaces = lib.attrsets.mapAttrs' (serverName: serverConfig:
lib.nameValuePair "specus-${serverName}" {
ips = ["${specusMachines.clients.${config.networking.hostName}.ipv4}/24"];
listenPort = specusPort;
privateKeyFile = cfg.privateKeyFile;
peers = [
{
allowedIPs = ["0.0.0.0/0"];
endpoint = "${(import ../lib/external-network.nix).${serverName}}:${toString specusPort}";
persistentKeepalive = 25;
publicKey = serverConfig.publicKey;
}
];
})
specusMachines.servers;
};
}

64
modules/spotifyd.nix Normal file
View File

@@ -0,0 +1,64 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.services.spotifyd;
toml = pkgs.formats.toml {};
spotifydConf =
if cfg.settings != {}
then toml.generate "spotify.conf" cfg.settings
else pkgs.writeText "spotifyd.conf" cfg.config;
in {
options = {
services.spotifyd = {
enable = mkEnableOption "spotifyd, a Spotify playing daemon";
config = mkOption {
default = "";
type = types.lines;
description = ''
(Deprecated) Configuration for Spotifyd. For syntax and directives, see
<link xlink:href="https://github.com/Spotifyd/spotifyd#Configuration"/>.
'';
};
settings = mkOption {
default = {};
type = toml.type;
description = ''
Configuration for Spotifyd. For syntax and directives, see
<link xlink:href="https://github.com/Spotifyd/spotifyd#Configuration"/>.
'';
};
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = (cfg.config == "" && cfg.settings != {}) || (cfg.config != "" && cfg.settings == {});
message = "Using the stringly typed .config attribute is discouraged. Use the TOML typed .settings attribute instead.";
}
];
systemd.services.spotifyd = {
wantedBy = ["multi-user.target"];
after = ["network-online.target" "sound.target"];
description = "spotifyd, a Spotify playing daemon";
environment.SHELL = "/bin/sh";
serviceConfig = {
ExecStart = "${pkgs.spotifyd}/bin/spotifyd --no-daemon --cache-path /var/cache/spotifyd --config-path ${spotifydConf}";
Restart = "always";
RestartSec = 12;
DynamicUser = true;
CacheDirectory = "spotifyd";
SupplementaryGroups = ["audio"];
};
};
};
meta.maintainers = [maintainers.anderslundstedt];
}

34
modules/telegram-bot.nix
View File

@@ -11,27 +11,19 @@ with lib; let
nameValuePair "telegram-bot-${name}" {
enable = bot.enable;
startAt = bot.time;
serviceConfig = {
Type = "oneshot";
LoadCredential = "token:${bot.tokenFile}";
};
serviceConfig.Type = "oneshot";
wants = ["network-online.target"];
script = ''
export TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")"
QUOTE=$(${bot.command})
if [ -n "$QUOTE" ]; then
echo $QUOTE >&2
${strings.concatStringsSep "\n" (map (chatId: ''
${pkgs.curl}/bin/curl -X POST "https://api.telegram.org/bot''${TOKEN}/sendMessage" \
-d chat_id="${chatId}" \
-d text="$QUOTE" ${
lib.strings.optionalString (bot.parseMode != null)
"-d parse_mode=${bot.parseMode}"
} | ${pkgs.jq}/bin/jq -e .ok
'')
bot.chatIds)}
fi
'';
script = strings.concatStringsSep "\n" (["QUOTE=$(${bot.command})" "if [ -n \"$QUOTE\" ]; then" "echo $QUOTE >&2"]
++ map (chatId: ''
${pkgs.curl}/bin/curl -X POST "https://api.telegram.org/bot${bot.token}/sendMessage" \
-d chat_id="${chatId}" \
-d text="$QUOTE" ${
lib.strings.optionalString (bot.parseMode != null)
"-d parse_mode=${bot.parseMode}"
} | ${pkgs.jq}/bin/jq -e .ok
'')
bot.chatIds
++ ["fi"]);
};
in {
options.niveum.telegramBots = mkOption {
@@ -39,7 +31,7 @@ in {
options = {
enable = mkEnableOption "Telegram bot";
time = mkOption {type = types.str;};
tokenFile = mkOption {type = types.path;};
token = mkOption {type = types.strMatching "[0-9A-Za-z:-]+";};
chatIds = mkOption {
type = types.listOf (types.strMatching "-?[0-9]+|@[A-Za-z0-9]+");
};

14
modules/traadfri.nix
View File

@@ -2,17 +2,19 @@
pkgs,
lib,
config,
inputs,
...
}:
with lib; let
cfg = config.niveum.traadfri;
traadfri = pkgs.callPackage <traadfri> {
libcoap = pkgs.callPackage <niveum/packages/libcoap.nix> {tls = true;};
};
in {
options.niveum.traadfri = {
enable = mkEnableOption "Trådfri CLI";
user = mkOption {type = types.str;};
host = mkOption {type = types.str;};
keyFile = mkOption {type = types.path;};
key = mkOption {type = types.str;};
rooms = mkOption {
type = types.attrsOf types.int;
default = {};
@@ -27,10 +29,10 @@ in {
environment.systemPackages =
[
(pkgs.writers.writeDashBin "traadfri" ''
export TRAADFRI_USER="${cfg.user}"
export TRAADFRI_KEY="$(cat ${lib.escapeShellArg cfg.keyFile})"
export TRAADFRI_HUB="${cfg.host}"
${inputs.traadfri.defaultPackage.x86_64-linux}/bin/traadfri $@
TRAADFRI_USER="${cfg.user}" \
TRAADFRI_KEY="${cfg.key}" \
TRAADFRI_HUB="${cfg.host}" \
${traadfri}/bin/traadfri $@
'')
]
++ lib.mapAttrsToList (name: value:

103
modules/tuna.nix Normal file
View File

@@ -0,0 +1,103 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
tuna = pkgs.callPackage <tuna> {};
cfg = config.services.tuna;
in {
imports = [];
options.services.tuna = {
enable = mkEnableOption "Tuna, an MPD web UI for radio streams";
webPort = mkOption {
type = types.port;
default = 4200;
};
stations = mkOption {
default = [];
type = types.listOf (types.submodule {
options = {
id = mkOption {
type = types.int;
description = "A unique identifier of the station";
};
station = mkOption {
type = types.str;
description = "Name of the station that should be displayed";
};
desc = mkOption {
type = types.nullOr types.str;
description = "Short description of the station (optional)";
};
logo = mkOption {
type = types.str;
description = "URL to a logo of the station (any size)";
};
stream = mkOption {
type = types.str;
description = "URL to the stream of the radio station (in a format supported by MPD such as MP3, OGG, ...)";
};
};
});
};
stationsFile = mkOption {
type = types.path;
default = (pkgs.formats.json {}).generate "stations.json" cfg.stations;
};
package = mkOption {
type = types.package;
default = tuna;
};
mpd = {
host = mkOption {
type = types.str;
default = "localhost";
description = "The host where MPD is listening.";
example = "localhost";
};
port = mkOption {
type = types.port;
default = config.services.mpd.network.port;
description = "The port where MPD is listening.";
example = 6600;
};
};
};
config = mkIf cfg.enable {
users.users.tuna = {
isSystemUser = true;
group = "tuna";
};
users.groups.tuna = {};
# ref https://github.com/florianheinemann/MPD.FM/blob/9d037cf87597b26ae2f10ba9feea48946ad6cc68/service/MPD.FM.service
systemd.services.tuna = {
wantedBy = ["multi-user.target"];
after = ["mpd.service"];
script = "${cfg.package}/bin/tuna";
environment = {
NODE_ENV = "production";
MPD_HOST = cfg.mpd.host;
MPD_PORT = toString cfg.mpd.port;
PORT = toString cfg.webPort;
STATION_FILE = cfg.stationsFile;
};
serviceConfig = {
Restart = "always";
StandardOutput = "syslog";
StandardError = "syslog";
SyslogIdentifier = "tuna";
User = "tuna";
};
};
};
}

6
overlays/overlays.nix Normal file
View File

@@ -0,0 +1,6 @@
self: super:
with super.lib; let
eval = import <nixpkgs/nixos/lib/eval-config.nix>;
paths = (eval {modules = [(import <nixos-config>)];}).config.nixpkgs.overlays;
in
foldl' (flip extends) (_: super) paths self

16
packages/betacode.nix
View File

@@ -1,16 +0,0 @@
{
writers,
haskell,
haskellPackages,
}:
writers.writeHaskellBin "betacode" {
libraries = [
(haskell.lib.unmarkBroken (haskell.lib.doJailbreak haskellPackages.betacode))
haskellPackages.text
];
} ''
import qualified Data.Text.IO as T
import qualified Data.Text as T
import Text.BetaCode
main = T.interact (either (error . T.unpack) id . fromBeta)
''

9
packages/cheat-sh.nix
View File

@@ -1,9 +0,0 @@
# https://nitter.net/igor_chubin/status/1557793569104183298
{
writers,
curl,
}:
writers.writeDashBin "so" ''
IFS=+
${curl}/bin/curl -sSL http://cht.sh/"$*"
''

Some files were not shown because too many files have changed in this diff Show More