feat: deploy makanek, kabsa

.versions/home-manager.json

@@ -1,11 +0,0 @@
-{
-  "url": "https://github.com/nix-community/home-manager.git",
-  "rev": "697cc8c68ed6a606296efbbe9614c32537078756",
-  "date": "2021-12-19T00:59:29+01:00",
-  "path": "/nix/store/fb46bv10azrag2jjlzhil6j11f4x8glw-home-manager",
-  "sha256": "1c8gxm86zshr2zj9dvr02qs7y3m46gqavr6wyv01r09jfd99dxz9",
-  "fetchLFS": false,
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.versions/krops.json

@@ -1,11 +0,0 @@
-{
-  "url": "https://cgit.krebsco.de/krops",
-  "rev": "cccebf3ff7a53336b3f106cb96dddd5892d427ed",
-  "date": "2021-03-23T22:47:37+01:00",
-  "path": "/nix/store/mz13xxnil35lwsf90hwnrm2agir7hb51-krops",
-  "sha256": "07mg3iaqjf1w49vmwfchi7b1w55bh7rvsbgicp2m47gnj9alwdb6",
-  "fetchLFS": false,
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.versions/nix-writers.json

@@ -1,11 +0,0 @@
-{
-  "url": "https://cgit.krebsco.de/nix-writers",
-  "rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71",
-  "date": "2019-04-02T20:05:33+02:00",
-  "path": "/nix/store/wm5zhsha1a2iy0d582nlfi7604ayd1vz-nix-writers",
-  "sha256": "0xdivaca1hgbxs79jw9sv4gk4f81vy8kcyaff56hh2dgq2awyvw4",
-  "fetchLFS": false,
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.versions/nixpkgs-mozilla.json

@@ -1,11 +0,0 @@
-{
-  "url": "https://github.com/mozilla/nixpkgs-mozilla",
-  "rev": "7c1e8b1dd6ed0043fb4ee0b12b815256b0b9de6f",
-  "date": "2021-12-07T09:28:33-05:00",
-  "path": "/nix/store/pqwcw589i2y2w2116wn3ifl834adjsa0-nixpkgs-mozilla",
-  "sha256": "1a71nfw7d36vplf89fp65vgj3s66np1dc0hqnqgj5gbdnpm1bihl",
-  "fetchLFS": false,
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.versions/nixpkgs-unstable.json

@@ -1,11 +0,0 @@
-{
-  "url": "https://github.com/NixOS/nixpkgs.git",
-  "rev": "f01adc7b35a8f80e82f3466e6d873b8b9c8f1b28",
-  "date": "2021-12-22T23:05:28+01:00",
-  "path": "/nix/store/zhfrvg77dzpc3hq02v9zv20dfgqwpzk6-nixpkgs",
-  "sha256": "17iyf2iiizi7c1wr71day3wvgalbkkm2zgc9lpy7y42rl4frq9sf",
-  "fetchLFS": false,
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.versions/nixpkgs.json

@@ -1,11 +0,0 @@
-{
-  "url": "https://github.com/NixOS/nixpkgs.git",
-  "rev": "9ab7d12287ced0e1b4c03b61c781901f178d9d77",
-  "date": "2021-12-21T10:09:48+01:00",
-  "path": "/nix/store/minmlh0avkwvvc3p7flhpbglp13kr585-nixpkgs",
-  "sha256": "0bbd2pgcyavqn5wgq0xp8p67lha0kv9iqnh49i9w5fb5g29q7i30",
-  "fetchLFS": false,
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.versions/retiolum.json

@@ -1,11 +0,0 @@
-{
-  "url": "https://github.com/krebs/retiolum",
-  "rev": "b72b0a987767b587c79cba8499b5114d69fceeef",
-  "date": "2021-12-28T19:46:45+00:00",
-  "path": "/nix/store/kyaqwf89v6id9mda92x4b0hf778j987x-retiolum",
-  "sha256": "19hjzzlfk1m9ign33w4ppqgmg23v7c6k8l0fm7f33spq8982w7rb",
-  "fetchLFS": false,
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

.versions/stockholm.json

@@ -1,11 +0,0 @@
-{
-  "url": "https://cgit.lassul.us/stockholm",
-  "rev": "576c05cf3a0ceddefa29c2d0073108177c3cfa52",
-  "date": "2021-12-22T13:59:46+01:00",
-  "path": "/nix/store/yx1j5pardgd9114f0cf3c4xjfq6r4yfv-stockholm",
-  "sha256": "18napi4k8i2iizrismlp9ha3ga6c3n2dvrhijy59kl1jxqrsaq9l",
-  "fetchLFS": false,
-  "fetchSubmodules": false,
-  "deepClone": false,
-  "leaveDotGit": false
-}

configs/default.nix

@@ -20,16 +20,12 @@ in {
         config = {
           allowUnfree = true;
           packageOverrides = pkgs: {
-            writeDashBin = pkgs.writers.writeDashBin;
-            writeDash = pkgs.writers.writeDash;
             gfs-fonts = pkgs.callPackage <niveum/packages/gfs-fonts.nix> {};
             iolanguage = pkgs.callPackage <niveum/packages/iolanguage.nix> { };
             ix = pkgs.callPackage <niveum/packages/ix.nix> { };
           };
         };
         overlays = [
-          (import <nix-writers/pkgs>)
-          (import <stockholm/krebs/5pkgs>)
           (self: super: {
             scripts = import <niveum/packages/scripts> { pkgs = super; lib = super.lib; };
           })
@@ -201,7 +197,6 @@ in {
     ./beets.nix
     ./bluetooth.nix
     ./ccc.nix
-    # ./kleiter.nix
     ./khal.nix
     ./engiadina.nix
     ./chromium.nix
@@ -215,7 +210,6 @@ in {
     ./flix.nix
     ./fonts.nix
     ./fzf.nix
-    ./gaslight.nix
     ./git.nix
     ./hledger.nix
     ./htop.nix
@@ -225,7 +219,6 @@ in {
     ./lb.nix
     ./mpv.nix
     ./mime.nix
-    ./nano.nix
     ./neovim.nix
     ./neomutt.nix
     ./nix.nix
@@ -247,10 +240,8 @@ in {
     ./sxiv.nix
     ./theming.nix
     ./tmux.nix
-    # ./tor.nix
     ./traadfri.nix
     ./unclutter.nix
-    ./version.nix
     ./vscode.nix
     ./watson.nix
     ./zsh.nix

configs/hass/default.nix

@@ -1,61 +0,0 @@
-{ config, pkgs, lib, ... }:
-let
-  inherit (import ./lib.nix) triggers;
-  inherit (import <niveum/lib>) localAddresses;
-in
-{
-  imports = [
-    ./zigbee.nix
-    ./frontend.nix
-  ];
-
-  services.home-assistant = {
-    enable = true;
-    configWritable = true;
-    lovelaceConfigWritable = true;
-    openFirewall = true;
-    config = {
-      homeassistant = {
-        name = "Toum";
-        latitude = config.location.latitude;
-        longitude = config.location.longitude;
-        elevation = 90; # TODO find out how high I live
-        unit_system = "metric";
-        time_zone = config.time.timeZone;
-      };
-      config = {};
-      discovery = {};
-      system_health = {};
-      history = {};
-      # tradfri.host = localAddresses.tradfri; # dont use until python3Packages.pytradfri is packaged
-      sun = {};
-      mobile_app = {};
-      shopping_list = {};
-      sensor = [
-        {
-          platform = "dwd_weather_warnings";
-          region_name = "Berlin";
-        }
-      ];
-      mqtt = {
-        broker = "localhost";
-        port = 1883;
-        client_id = "home-assistant";
-        username = "albrecht";
-        password = lib.strings.fileContents <system-secrets/mosquitto>;
-        keepalive = 60;
-        protocol = "3.1";
-
-        discovery = true;
-        birth_message = {
-          topic = "/hass/status";
-          payload = "online";
-        };
-        will_message = {
-          topic = "/hass/status";
-          payload = "offline";
-        };
-      };
-    };
-  };
-}

configs/hass/frontend.nix

@@ -1,37 +0,0 @@
-let
-  inherit (import ./lib.nix) triggers;
-in
-{
-  services.home-assistant.config = {
-    frontend = {
-      themes = {
-        day_theme = import ./themes/clear.nix;
-        night_theme = import ./themes/clear-dark.nix;
-      };
-    };
-    automation = [
-      {
-        alias = "Night Theme";
-        hide_entity = true;
-        trigger = triggers.night;
-        action = [
-          {
-            service = "frontend.set_theme";
-            data.name = "night_theme";
-          }
-        ];
-      }
-      {
-        alias = "Day Theme";
-        hide_entity = true;
-        trigger = triggers.day;
-        action = [
-          {
-            service = "frontend.set_theme";
-            data.name = "day_theme";
-          }
-        ];
-      }
-    ];
-  };
-}

configs/hass/lib.nix

@@ -1,16 +0,0 @@
-{
-  triggers = {
-    night = {
-      platform = "numeric_state";
-      entity_id = "sun.sun";
-      value_template = "{{ state.attributes.elevation }}";
-      below = -4.0;
-    };
-    day = {
-      platform = "numeric_state";
-      entity_id = "sun.sun";
-      value_template = "{{ state.attributes.elevation }}";
-      above = 0;
-    };
-  };
-}

configs/hass/themes/clear-dark.nix

@@ -1,72 +0,0 @@
-rec {
-# Colors
- text-color = "#DADADB"; # Grey text
- text-medium-light-color = "#A0A2A8"; # Medium-light grey text
- text-medium-color = "#80828A"; # Medium grey text
- text-dark-color = "#6A6B74"; # Dark grey text
- accent-color = "#008bef"; # Blue
- accent-medium-color = "#2484C9"; # Decent blue
- background-color = "#3b4049"; # Dark grey background
- background-color-2 = "#484E59"; # Light grey background
- background-card-color = "#434952"; # Grey background
- border-color = "#383C46"; # Grey border
-
- # Header
- app-header-background-color = "#363941"; # Background color
-
- # Text
- primary-color = text-color;
- text-primary-color = text-color;
-
- # Left Menu
- paper-listbox-background-color = background-color; # Background
- sidebar-icon-color = text-medium-color; # icons
- sidebar-selected-icon-color = text-medium-light-color; # Selected row icon and background (15%)
- sidebar-selected-text-color = text-color; # Selected row label
-
- # UI
- paper-card-header-color = text-color; # Title in settings
- primary-background-color = background-color; # Background (also title background in left menu)
- mdc-theme-primary = accent-medium-color; # Action Buttons (save, restart etc.)
- card-background-color = background-card-color; # Entity Registry Background
-
- # Card
- paper-card-background-color = background-card-color; # Background
- dark-primary-color = text-color;
- primary-text-color = text-color;
- paper-listbox-color = text-color;
- light-primary-color = text-dark-color;
- secondary-text-color = text-medium-color;
- disabled-text-color = text-dark-color;
- paper-dialog-button-color = text-color;
- secondary-background-color = background-color-2; # Background more info title
-
- # Icons
- paper-item-icon-color = text-dark-color; # Off
- paper-item-icon-active-color = accent-color; # On
-
- # Switches
- switch-checked-button-color = text-medium-light-color; # Knob On
- switch-unchecked-button-color = text-medium-light-color; # Knob Off
- switch-checked-track-color = "#009FFF"; # Background On
- switch-unchecked-track-color = "#767682"; # Background Off
-
- # Slider
- paper-slider-active-color = accent-color; # Line On
- paper-slider-knob-color = text-medium-light-color; # Knob On
- paper-slider-container-color = text-dark-color; # Line Off
- paper-slider-knob-start-color = text-medium-light-color; # Knob Off
-
- # Badges
- label-badge-text-color = text-color;
- label-badge-background-color = "rgba(54, 57, 65, 0.6)";
-
- # Shadows
- ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
-
- # HACS
- hacs-badge-color = accent-color; # New Badge
- hacs-status-installed = text-color; # Installed Icon
- hacs-status-pending-restart = text-dark-color; # Restart Icon
- hacs-status-pending-update = accent-color;
-}

configs/hass/themes/clear.nix

@@ -1,52 +0,0 @@
-rec {
-  text-color = "#636B75"; # Grey text
-  text-medium-color = "#8c96a5"; # Medium grey text
-  text-light-color = "#BAC0C6"; # Light grey text
-  accent-color = "#00a1ff"; # Blue
-  background-color = "#F7F8F9"; # Light grey background
-  background-color-2 = "#F4F5F6"; # Light grey background
-  background-card-color = "rgba(255,255,255,1.0)"; # White background
-  border-color = "#E8E8E8"; # Light grey border
-
-  # Header
-  primary-color = text-color; # Background
-  text-primary-color = "#FFF"; # Text
-
-  # Left Menu
-  paper-listbox-background-color = background-color; # Background
-  # TODO = Text and Icons
-
-  # UI
-  paper-card-header-color = text-color; # Title in settings
-  primary-background-color = background-color; # Background color (also title background in left menu)
-
-  # Card
-  paper-card-background-color = background-card-color; # Background
-  dark-primary-color = text-color;
-  primary-text-color = text-color;
-  paper-listbox-color = text-color;
-  light-primary-color = text-light-color;
-  secondary-text-color = text-medium-color;
-  disabled-text-color = text-light-color;
-  paper-dialog-button-color = text-color;
-  secondary-background-color = background-color-2; # Background more info title
-
-  # Icons
-  paper-item-icon-color = text-light-color; # Off
-  paper-item-icon-active-color = accent-color; # On
-
-  # Switches
-  switch-checked-button-color = "#FFF"; # Knob On
-  switch-unchecked-button-color = "#FFF"; # Knob Off
-  switch-checked-track-color = "#0077FF"; # Background On
-  switch-unchecked-track-color = disabled-text-color; # Background Off
-
-  # Slider
-  paper-slider-active-color = accent-color; # Line On
-  paper-slider-container-color = "#e5e7ea"; # Line Off
-  paper-slider-knob-color = text-light-color; # Knob On
-  paper-slider-knob-start-color = text-light-color; # Knob Off
-
-  # Shadows
-  ha-card-box-shadow = "inset 0px 0px 0px 1px var(--border-color)";
-}

configs/hass/zigbee.nix

@@ -1,102 +0,0 @@
-{ config, pkgs, lib, ... }:
-let
-  inherit (import <niveum/lib>) localAddresses;
-in
-{
-  services.zigbee2mqtt = {
-    enable = true;
-    config = {
-      permit_join = false;
-      homeassistant = true;
-      serial = {
-        port = "/dev/ttyACM0";
-        disable_led = true;
-      };
-      mqtt = {
-        discovery = true;
-        base_topic = "zigbee";
-        server = "mqtt://${localAddresses.toum}";
-        user = "albrecht";
-        password = lib.strings.fileContents <system-secrets/mosquitto>;
-      };
-    };
-  };
-
-  services.mosquitto = {
-    enable = true;
-    host = "0.0.0.0";
-    allowAnonymous = false;
-    checkPasswords = true;
-    users."albrecht" = {
-      password = lib.strings.fileContents <system-secrets/mosquitto>;
-      acl = [ "topic readwrite #" ];
-    };
-  };
-
-  networking.firewall.allowedTCPPorts = [ 1883 ];
-
-  environment.systemPackages = [ pkgs.mosquitto ];
-
-  services.home-assistant = {
-    config = {
-      switch = [
-        {
-          platform = "mqtt";
-          name = "zigbee2mqtt_join";
-          state_topic = "/zigbee2mqtt/bridge/config/permit_join";
-          command_topic = "/zigbee2mqtt/bridge/config/permit_join";
-          payload_on = "true";
-          payload_off = "false";
-        }
-      ];
-      timer.zigbee_permit_join = {
-        name = "Zigbee Time remaining";
-        duration = 120;
-      };
-      automation = [
-        # Automation to start timer when enable join is turned on
-        {
-          id = "zigbee_join_enabled";
-          alias = "";
-          hide_entity = "true";
-          trigger = {
-            platform = "state";
-            entity_id = "switch.zigbee2mqtt_join";
-            to = "on";
-          };
-          action = {
-            service = "timer.start";
-            entity_id = "timer.zigbee_permit_join";
-          };
-        }
-        # Automation to stop timer when switch turned off and turn off switch when timer finished
-        {
-          id = "zigbee_join_disabled";
-          hide_entity = "true";
-          trigger = [
-            {
-              platform = "event";
-              event_type = "timer.finished";
-              event_data.entity_id = "timer.zigbee_permit_join";
-            }
-            {
-              platform = "state";
-              entity_id = "switch.zigbee2mqtt_join";
-              to = "off";
-            }
-          ];
-          action = [
-            {
-              service = "timer.cancel";
-              data.entity_id = "timer.zigbee_permit_join";
-            }
-            {
-              service = "switch.turn_off";
-              entity_id = "switch.zigbee2mqtt_join";
-            }
-          ];
-        }
-      ];
-    };
-  };
-}

configs/nano.nix

@@ -1,10 +0,0 @@
-{
-  programs.nano.nanorc = ''
-    set autoindent
-    set boldtext
-    set morespace
-    set smarthome
-    set tabsize 4
-    set tabstospaces
-  '';
-}

configs/nix.nix

@@ -1,8 +1,14 @@
 { pkgs, ... }:
 {
-  # enable `nix flake`
+  nixpkgs = {
+    config.allowUnfree = true;
+    overlays = [
+      (import <nix-writers/pkgs>)
+      (import <stockholm/krebs/5pkgs>)
+    ];
+  };
   nix = {
-    package = pkgs.nixFlakes;
+    package = pkgs.nixUnstable;
     extraOptions = "experimental-features = nix-command flakes";
   };
 }

configs/packages/default.nix

@@ -2,7 +2,7 @@
 let
   hc = pkgs.callPackage <stockholm/tv/5pkgs/simple/hc.nix> {};
   worldradio = pkgs.callPackage <niveum/packages/worldradio.nix> {};
-  menstruation = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
+  menstruation = pkgs.callPackage <menstruation-backend> {};
 
   nixpkgs-unstable = import <nixpkgs-unstable> { config.allowUnfree = true; };
 

configs/version.nix

@@ -1,4 +0,0 @@
-{ lib, config, ... }:
-{
-  environment.etc."niveum/version".text = lib.sources.commitIdFromGitRepo <niveum/.git>;
-}

configs/weechat.nix

@@ -1,119 +0,0 @@
-{ lib, pkgs, ... }:
-let
-  inherit (import <niveum/lib>) kieran;
-  relayPassword = lib.fileContents <system-secrets/weechat/relay>;
-in {
-  systemd.services.weechat =
-  let
-    tmux = pkgs.writers.writeDash "tmux" ''
-      exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
-        set-option -g prefix `
-        unbind-key C-b
-        bind ` send-prefix
-
-        set-option -g status off
-        set-option -g default-terminal screen-256color
-
-        #use session instead of windows
-        bind-key c new-session
-        bind-key p switch-client -p
-        bind-key n switch-client -n
-        bind-key C-s switch-client -l
-      ''} "$@"
-    '';
-    weechat = pkgs.weechat.override {
-      configure = { ... }: {
-        scripts = [ pkgs.weechatScripts.weechat-autosort pkgs.weechatScripts.colorize_nicks pkgs.weechatScripts.weechat-matrix ];
-        init = let
-          coolColors = lib.lists.subtractLists (lib.range 52 69 ++ lib.range 231 248) (lib.range 31 254);
-          nick = "kmein";
-        in ''
-          /mouse enable
-          /set irc.server_default.nicks "${nick}"
-          /set irc.server_default.msg_part "tschö mit ö"
-          /set irc.server_default.msg_quit "ciao kakao"
-          /set irc.server_default.msg_kick "warum machst du diese?"
-          /set irc.server_default.realname "${kieran.name}"
-
-          /set irc.look.color_nicks_in_nicklist "on"
-          /set weechat.color.chat_nick_colors "${lib.concatMapStringsSep "," toString coolColors}"
-
-          /server add hackint irc.hackint.org/6697 -ipv6 -ssl
-          /server add libera irc.libera.chat/6697 -ssl
-          /server add oftc irc.oftc.net/6697 -ssl -ipv6
-          /server add retiolum irc.r
-          /server add news news.r
-          /matrix server add nibbana nibbana.jp
-
-          /alias add mod /quote omode $channel +o $nick
-
-          /relay add weechat 9000
-          /set relay.network.password ${relayPassword}
-
-          /set matrix.server.nibbana.username ${nick}
-          /set matrix.server.nibbana.password "${lib.strings.fileContents <system-secrets/matrix/nibbana>}"
-
-          /set irc.server.oftc.command /msg nickserv IDENTIFY ${lib.strings.fileContents <system-secrets/irc/oftc>};/msg nickserv SET CLOAK ON
-          /set irc.server.oftc.autojoin "#osm,#osm-de,#home-manager"
-
-          /set irc.server.hackint.autojoin "#krebs,#nixos,#the_playlist"
-          /set irc.server.hackint.sasl_mechanism plain
-          /set irc.server.hackint.sasl_username ${nick}
-          /set irc.server.hackint.sasl_password ${lib.strings.fileContents <system-secrets/irc/hackint>}
-
-          /set irc.server.libera.autojoin "#flipdot,#haskell,#nixos,#fysi,#binaergewitter"
-          /set irc.server.libera.sasl_mechanism plain
-          /set irc.server.libera.sasl_username ${nick}
-          /set irc.server.libera.sasl_password ${lib.strings.fileContents <system-secrets/irc/libera>}
-
-          /set irc.server.retiolum.autojoin "#xxx,#brockman,#flix,#autowifi"
-          /set irc.server.retiolum.command "/oper aids balls"
-          /set irc.server.news.autojoin "#cook,#drachengame,#oepnv,#kmeinung,#memes"
-          /set irc.server.news.command "/oper aids balls"
-          /set logger.level.irc.news 0
-
-          /filter addreplace zerocovid * * [kc]orona|💉|🤒|😷|[kc]ovid|virus|lockdown|va[kc][sc]in|mutante|mutation|impf|pandemi|κορ[ωο]ν[αο]ϊό|корона|expert|infe[ck]t|infizi|in[cz]iden[cz]|sars-cov|drosten|virolog|lauterbach|delta|omi[ck]ron|epidemi|booster|r-wert
-          /filter addreplace joinquit * irc_join,irc_part,irc_quit,irc_nick *
-          /filter addreplace playlist_topic irc.*.#the_playlist irc_topic *
-          /filter addreplace brockman_notice irc.news.* irc_notice *
-
-          /set irc.look.server_buffer independent
-
-          /connect libera
-          /connect oftc
-          /connect hackint
-          /connect retiolum
-          /connect news
-          /matrix connect nibbana
-        '';
-      };
-    };
-  in {
-    description = "Weechat bouncer";
-    after = [ "network.target" ];
-    wantedBy = [ "multi-user.target" ];
-    restartIfChanged = true;
-    path = [ pkgs.alacritty.terminfo ];
-    environment.WEECHAT_HOME = "/var/lib/weechat";
-    script = "${tmux} -2 new-session -d -s IM ${weechat}/bin/weechat";
-    preStop = "${tmux} kill-session -t IM";
-    serviceConfig = {
-      User = "weechat";
-      RemainAfterExit = true;
-      Type = "oneshot";
-    };
-  };
-
-  users.groups.weechat = {};
-  users.extraUsers.weechat = {
-    useDefaultShell = true;
-    openssh.authorizedKeys.keys = kieran.sshKeys pkgs ++ [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC+KVDmYYH7mA8v81e9O3swXm3ZVYY9t4HP65ud61uXy weechat_android@heym"
-    ];
-    createHome = true;
-    group = "weechat";
-    home = "/var/lib/weechat";
-    isSystemUser = true;
-    packages = [ pkgs.tmux ];
-  };
-}

deploy.nix

@@ -1,68 +0,0 @@
-let
-  inherit (import ./lib/default.nix) sshPort;
-
-  gitFromJson = path:
-    let object = importJson path;
-    in {
-      inherit (object) url;
-      ref = object.rev;
-    };
-  krops = builtins.fetchGit (gitFromJson .versions/krops.json);
-  lib = import "${krops}/lib";
-  pkgs = import "${krops}/pkgs" { };
-  importJson = (import <nixpkgs> { }).lib.importJSON;
-
-  regularSystem = { path, name, address }: {
-    source = lib.evalSource [{
-      niveum.file = toString ./.;
-      system.file = toString path;
-      nixos-config.symlink = "system/configuration.nix";
-
-      nixpkgs.git = gitFromJson .versions/nixpkgs.json // { shallow = true; };
-      nixpkgs-unstable.git = gitFromJson .versions/nixpkgs-unstable.json // { shallow = true; };
-      home-manager.git = gitFromJson .versions/home-manager.json;
-      stockholm.git = gitFromJson .versions/stockholm.json;
-      nix-writers.git = gitFromJson .versions/nix-writers.json;
-      retiolum.git = gitFromJson .versions/retiolum.json;
-      nixpkgs-mozilla.git = gitFromJson .versions/nixpkgs-mozilla.json;
-      system-secrets.pass = {
-        dir = toString ~/.password-store;
-        name = "systems/${name}";
-      };
-      secrets.pass = {
-        dir = toString ~/.password-store;
-        name = "shared";
-      };
-    }];
-    target = "root@${address}:${toString sshPort}";
-  };
-  inherit (pkgs.krops) writeDeploy;
-in {
-  zaatar = writeDeploy "deploy-zaatar" (regularSystem {
-    path = systems/zaatar;
-    name = "zaatar";
-    address = "zaatar.r";
-  });
-  kabsa = writeDeploy "deploy-kabsa" (regularSystem {
-    path = systems/kabsa;
-    name = "kabsa";
-    address = "kabsa.r";
-  });
-  toum = writeDeploy "deploy-toum" (regularSystem {
-    path = systems/toum;
-    name = "toum";
-    address = "toum.r";
-  }) // {
-    buildTarget = "${builtins.getEnv "USER"}@localhost/${builtins.getEnv "HOME"}/.cache/krops";
-  };
-  makanek = writeDeploy "deploy-makanek" (regularSystem {
-    path = systems/makanek;
-    name = "makanek";
-    address = "makanek.r";
-  });
-  manakish = writeDeploy "deploy-manakish" (regularSystem {
-    path = systems/manakish;
-    name = "manakish";
-    address = "manakish.r";
-  });
-}

flake.lock

@@ -0,0 +1,221 @@
+{
+  "nodes": {
+    "flake-utils": {
+      "locked": {
+        "lastModified": 1638122382,
+        "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "flake-utils_2": {
+      "locked": {
+        "lastModified": 1597053966,
+        "narHash": "sha256-f9lbPS/GJ1His8fsDqM6gfa8kSqREU4eKiMCS5hrKg4=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "ec20f52e2ff61e9c36c2b894b62fc1b4bd04c71b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1639871969,
+        "narHash": "sha256-6feWUnMygRzA9tzkrfAzpA5/NBYg75bkFxnqb1DtD7E=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "697cc8c68ed6a606296efbbe9614c32537078756",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "release-21.11",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "krops": {
+      "inputs": {
+        "flake-utils": "flake-utils_2",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1632420452,
+        "narHash": "sha256-ncK6vABW/Ku9XI0kqj1otarUfblryoQzSaOCnaZ0oSs=",
+        "owner": "Mic92",
+        "repo": "krops",
+        "rev": "0388970c568905fedcbf429e5745aacd4f7a6633",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Mic92",
+        "repo": "krops",
+        "type": "github"
+      }
+    },
+    "menstruation-backend": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1634573652,
+        "narHash": "sha256-FIj8oCOJO+Wqxr2o5MMqIShvzMJud4iUq3o8y4NIRvw=",
+        "owner": "kmein",
+        "repo": "menstruation.rs",
+        "rev": "dd405fe2acf32441e8ac56e488e689bb1c4bea82",
+        "type": "github"
+      },
+      "original": {
+        "owner": "kmein",
+        "repo": "menstruation.rs",
+        "type": "github"
+      }
+    },
+    "menstruation-telegram": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1634815642,
+        "narHash": "sha256-q1OTMx5ayNu9ppHJBDUie/ow+BcA5DXnHEm11EY+C4E=",
+        "owner": "kmein",
+        "repo": "menstruation-telegram",
+        "rev": "a34555cf46f02157718b0565b5456348fff54181",
+        "type": "github"
+      },
+      "original": {
+        "owner": "kmein",
+        "repo": "menstruation-telegram",
+        "type": "github"
+      }
+    },
+    "nix-writers": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1554228333,
+        "narHash": "sha256-hG/PlcCvCQhNcU55NpHfATkyH9k6cZmO7uvBoJjasXU=",
+        "ref": "master",
+        "rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71",
+        "revCount": 32,
+        "type": "git",
+        "url": "https://cgit.krebsco.de/nix-writers"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://cgit.krebsco.de/nix-writers"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1640860570,
+        "narHash": "sha256-k43dodTc3IUH2cJfdzHFhZZOILQeAdtB1mBxbVSu7vw=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "8d373df05fb709a00b78648d1a63dbce7678bf79",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "release-21.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs-mozilla": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1638887313,
+        "narHash": "sha256-FMYV6rVtvSIfthgC1sK1xugh3y7muoQcvduMdriz4ag=",
+        "owner": "mozilla",
+        "repo": "nixpkgs-mozilla",
+        "rev": "7c1e8b1dd6ed0043fb4ee0b12b815256b0b9de6f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "mozilla",
+        "repo": "nixpkgs-mozilla",
+        "type": "github"
+      }
+    },
+    "nixpkgs-unstable": {
+      "locked": {
+        "lastModified": 1640874390,
+        "narHash": "sha256-wAmjdulrW1tZQHEUgnK3LmycEfEVi/sq/9nD/22PdI4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "7771661d93bad2f3d1d7c65852a918afd2a2bcf1",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "master",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "retiolum": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1640791306,
+        "narHash": "sha256-qplHzXbpzx3drdSyRkXLfTAqWPlXO7UsHknOiNpZIl4=",
+        "owner": "krebs",
+        "repo": "retiolum",
+        "rev": "f1be75011ac833807d6cdcd436887705935577eb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "krebs",
+        "repo": "retiolum",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "home-manager": "home-manager",
+        "krops": "krops",
+        "menstruation-backend": "menstruation-backend",
+        "menstruation-telegram": "menstruation-telegram",
+        "nix-writers": "nix-writers",
+        "nixpkgs": "nixpkgs",
+        "nixpkgs-mozilla": "nixpkgs-mozilla",
+        "nixpkgs-unstable": "nixpkgs-unstable",
+        "retiolum": "retiolum",
+        "stockholm": "stockholm"
+      }
+    },
+    "stockholm": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1640830960,
+        "narHash": "sha256-GnsHDNvDbOkyZ4j6ynFi+ZDAoJ1PmveCye47aR5WUmY=",
+        "ref": "master",
+        "rev": "e652f40200e5d86240be8f6cea0b9d1ddbbd0ad6",
+        "revCount": 10234,
+        "type": "git",
+        "url": "https://cgit.lassul.us/stockholm"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://cgit.lassul.us/stockholm"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

flake.nix

@@ -0,0 +1,109 @@
+{
+  description = "niveum: packages, modules, systems";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/release-21.11";
+    nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
+    flake-utils.url = "github:numtide/flake-utils";
+    home-manager = {
+      url = "github:nix-community/home-manager/release-21.11";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    krops = {
+      url = "github:Mic92/krops";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    stockholm = {
+      url = "git+https://cgit.lassul.us/stockholm";
+      flake = false;
+    };
+    nix-writers = {
+      url = "git+https://cgit.krebsco.de/nix-writers";
+      flake = false;
+    };
+    retiolum = {
+      url = "github:krebs/retiolum";
+      flake = false;
+    };
+    nixpkgs-mozilla = {
+      url = "github:mozilla/nixpkgs-mozilla";
+      flake = false;
+    };
+    menstruation-telegram = {
+      url = "github:kmein/menstruation-telegram";
+      flake = false;
+    };
+    menstruation-backend = {
+      url = "github:kmein/menstruation.rs";
+      flake = false;
+    };
+  };
+
+  outputs =
+  { self
+  , flake-utils
+  , home-manager
+  , krops
+  , menstruation-backend
+  , menstruation-telegram
+  , nix-writers
+  , nixpkgs
+  , nixpkgs-mozilla
+  , nixpkgs-unstable
+  , retiolum
+  , stockholm
+  }:
+  let
+    system = "x86_64-linux";
+    pkgs = nixpkgs.legacyPackages.${system};
+    # having to declare the git upstream urls here is suboptimal, but the inputs don't remember where they're from
+    source = name: {
+      niveum.file = toString ./.;
+      nixos-config.symlink = "niveum/systems/${name}/configuration.nix";
+      nixpkgs.git = { url = "https://github.com/NixOS/nixpkgs"; ref = nixpkgs.rev; shallow = true; };
+      nixpkgs-unstable.git = { url = "https://github.com/NixOS/nixpkgs"; ref = nixpkgs-unstable.rev; shallow = true; };
+      home-manager.git = { url = "https://github.com/nix-community/home-manager"; ref = home-manager.rev; };
+      stockholm.git = { url = "https://cgit.lassul.us/stockholm"; ref = stockholm.rev; };
+      nix-writers.git = { url = "https://cgit.krebsco.de/nix-writers"; ref = nix-writers.rev; };
+      retiolum.git = { url = "https://github.com/krebs/retiolum"; ref = retiolum.rev; };
+      nixpkgs-mozilla.git = { url = "https://github.com/mozilla/nixpkgs-mozilla"; ref = nixpkgs-mozilla.rev; };
+      menstruation-telegram.git = { url = "https://github.com/kmein/menstruation-telegram"; ref = menstruation-telegram.rev; };
+      menstruation-backend.git = { url = "https://github.com/kmein/menstruation.rs"; ref = menstruation-backend.rev; };
+
+      system-secrets.pass = {
+        dir = toString ~/.password-store;
+        name = "systems/${name}";
+      };
+      secrets.pass = {
+        dir = toString ~/.password-store;
+        name = "shared";
+      };
+    };
+    deployScriptFor = {name, host}: let inherit (import ./lib/default.nix) sshPort; in toString (krops.packages.${system}.writeDeploy "deploy-${name}" {
+      source = krops.lib.evalSource [ (source name) ];
+      target = "root@${host}:${toString sshPort}";
+    });
+  in {
+    apps.${system} = let
+      deployScripts = builtins.listToAttrs (map (system: {
+        name = "deploy-${system}";
+        value = {
+          type = "app";
+          program = deployScriptFor { name = system; host = "${system}.r"; };
+        };
+      }) (builtins.attrNames (builtins.readDir ./systems)));
+    in deployScripts // {
+      deploy-all = {
+        type = "app";
+        program = toString (pkgs.writers.writeDash "deploy-all"
+          (nixpkgs.lib.concatMapStringsSep "\n" (script: script.program) (builtins.attrValues deployScripts)));
+      };
+    };
+
+    nixosConfigurations = {};
+    hydraJobs =
+      nixpkgs.lib.mapAttrs'
+        (name: config: nixpkgs.lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel)
+        self.nixosConfigurations;
+  };
+}

lib/streams.nix

@@ -49,6 +49,14 @@ in [
     logo = "http://lassul.us/art/portraits/selbstportrait.jpg";
     desc = "Diminutive from lassus (“weary, faint, tired”). A programming human. Doing superior professional art.";
   }
+  {
+    stream = "https://cdn.c3voc.de/hls/abchillgleis/segment_Native.m3u8";
+    station = "RC3 Abchillgleis";
+  }
+  {
+    stream = "https://cdn.c3voc.de/hls/c3lounge/segment_Native.m3u8";
+    station = "RC3 Lounge";
+  }
   {
     stream = "https://radio.kmein.de/lyrik/listen.ogg";
     station = "Lyrik";

shell.nix

@@ -1,9 +1,8 @@
 { pkgs ? import <nixpkgs> { }
+, lib ? import <nixpkgs/lib>
 , release ? "21.11"
 }:
 let
-  inherit (pkgs) lib;
-
   dependencies = {
     nixpkgs = {
       ref = "refs/heads/nixos-${release}";
@@ -26,7 +25,7 @@ let
       path = toString .versions/home-manager.json;
     };
     krops = {
-      ref = "refs/tags/v1.25.0";
+      ref = "refs/tags/1.26.2";
       url = "https://cgit.krebsco.de/krops";
       path = toString .versions/krops.json;
     };
@@ -73,7 +72,7 @@ in pkgs.mkShell {
     (let
       deployCommand = pkgs.writers.writeDash "niveum-deploy-one" ''
         ${pkgs.git}/bin/git diff $(${pkgs.openssh}/bin/ssh "$1" cat /etc/niveum/version)
-        eval "$(${pkgs.nix}/bin/nix-build --no-out-link "${toString ./.}/deploy.nix" -A "$1")"
+        eval "$(${pkgs.nixUnstable}/bin/nix-build --no-out-link "${toString ./.}/deploy.nix" -A "$1")"
       '';
     in pkgs.writers.writeDashBin "niveum-deploy" ''
       deploy() {

systems/kabsa/configuration.nix

@@ -5,11 +5,10 @@ let
 in
 {
   imports = [
-    <niveum/configs/default.nix>
-    <niveum/configs/battery.nix>
-    <niveum/configs/networkmanager.nix>
     ./hardware-configuration.nix
-    # <stockholm/krebs/2configs/hw/x220.nix>
+    <niveum/configs/battery.nix>
+    <niveum/configs/default.nix>
+    <niveum/configs/networkmanager.nix>
   ];
 
   niveum = {
@@ -18,29 +17,18 @@ in
     promptColours.success = "cyan";
   };
 
-  nix.buildCores = 1;
-  nix.maxJobs = 2;
+  nix = {
+    buildCores = 1;
+    maxJobs = 2;
+  };
 
   environment.systemPackages = [ nixpkgs-unstable.minecraft ];
 
-  boot.loader.systemd-boot = {
-    enable = true;
-    configurationLimit = 5;
-    consoleMode = "max";
+  networking = {
+    hostName = "kabsa";
+    wireless.interfaces = [ "wlp3s0" ];
+    retiolum = retiolumAddresses.kabsa;
   };
 
-  fileSystems."/mnt/sd-card" = {
-    device = "/dev/disk/by-id/mmc-SD32G_0xda0aa352-part1";
-    fsType = "vfat";
-  };
-
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking.hostName = "kabsa";
-
-  networking.wireless.interfaces = [ "wlp3s0" ];
-
-  networking.retiolum = retiolumAddresses.kabsa;
-
   system.stateVersion = "19.03";
 }

systems/kabsa/hardware-configuration.nix

@@ -1,21 +1,37 @@
 { config, lib, pkgs, ... }: {
   imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
 
-  boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  boot.initrd.luks.devices."luksmap".device = "/dev/disk/by-uuid/03b6abd0-e9ce-49c8-9659-a1d94f645d0f";
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/66ced7b9-cfa7-40dd-a488-18ef91a337e0";
-    fsType = "ext4";
+  boot = {
+    initrd = {
+      availableKernelModules = [ "ehci_pci" "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
+      luks.devices."luksmap".device = "/dev/disk/by-uuid/03b6abd0-e9ce-49c8-9659-a1d94f645d0f";
+      kernelModules = [ ];
+    };
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];
+    loader = {
+      efi.canTouchEfiVariables = true;
+      systemd-boot = {
+        enable = true;
+        configurationLimit = 5;
+        consoleMode = "max";
+      };
+    };
   };
 
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/E1B1-1B9C";
-    fsType = "vfat";
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/66ced7b9-cfa7-40dd-a488-18ef91a337e0";
+      fsType = "ext4";
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/E1B1-1B9C";
+      fsType = "vfat";
+    };
+    "/mnt/sd-card" = {
+      device = "/dev/disk/by-id/mmc-SD32G_0xda0aa352-part1";
+      fsType = "vfat";
+    };
   };
 
   zramSwap.enable = false;

systems/makanek/configuration.nix

@@ -4,70 +4,46 @@ let
 in
 {
   imports = [
+    ./gitea.nix
     ./hardware-configuration.nix
-    <niveum/configs/hedgedoc.nix>
+    ./hedgedoc.nix
+    ./matterbridge.nix
+    ./menstruation.nix
+    ./monitoring
+    ./moodle-dl-borsfaye.nix
+    ./names.nix
+    ./nextcloud.nix
+    ./radio
+    ./retiolum-map.nix
+    ./tarot.nix
+    ./urlwatch.nix
+    ./weechat.nix
+    <niveum/configs/monitoring.nix>
+    <niveum/configs/nix.nix>
+    <niveum/configs/save-space.nix>
     <niveum/configs/spacetime.nix>
     <niveum/configs/sshd.nix>
-    <niveum/configs/nextcloud.nix>
-    <niveum/configs/moodle-dl/borsfaye.nix>
-    <niveum/configs/save-space.nix>
-    <niveum/configs/monitoring/pull.nix>
-    <niveum/configs/monitoring/push.nix>
-    <niveum/configs/version.nix>
-    <niveum/configs/radio>
-    <niveum/configs/gitea.nix>
-    <niveum/configs/retiolum-map.nix>
-    <niveum/configs/names.nix>
-    <niveum/configs/menstruation.nix>
     <niveum/configs/telegram-bots>
-    <niveum/configs/nix.nix>
-    <niveum/configs/weechat.nix>
-    <niveum/configs/urlwatch.nix>
-    <niveum/configs/matterbridge.nix>
-    <niveum/configs/tarot.nix>
     <niveum/modules/retiolum.nix>
   ];
 
-  boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
-
-  nixpkgs.config = {
-    allowUnfree = true;
-    packageOverrides = pkgs: {
-      writeDashBin = pkgs.writers.writeDashBin;
-      writeDash = pkgs.writers.writeDash;
-    };
+  networking = {
+    firewall.allowedTCPPorts = [ 80 443 ];
+    hostName = "makanek";
+    interfaces.ens3.useDHCP = true;
+    retiolum = retiolumAddresses.makanek;
+    useDHCP = false;
   };
 
-  networking.useDHCP = false;
-  networking.interfaces.ens3.useDHCP = true;
-
-  networking.hostName = "makanek";
-
   system.stateVersion = "20.03";
 
-  boot.loader.grub.devices = [ "/dev/sda" ];
-
-  services.openssh.enable = true;
-
-  networking.retiolum = retiolumAddresses.makanek;
-
-  environment.etc."tinc/retiolum/rsa_key.priv" = {
-    text = builtins.readFile <system-secrets/retiolum.key>;
-    mode = "400";
-  };
-
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
-
   services.nginx = {
     enable = true;
     recommendedGzipSettings = true;
     recommendedOptimisation = true;
     recommendedProxySettings = true;
     recommendedTlsSettings = true;
-
-   # Only allow PFS-enabled ciphers with AES256
-   sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
+    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
   };
 
   security.acme = {
@@ -75,5 +51,5 @@ in
     email = kieran.email;
   };
 
-  environment.systemPackages = [ pkgs.vim pkgs.git pkgs.tmux pkgs.python3Packages.python ];
+  environment.systemPackages = [ pkgs.vim pkgs.git pkgs.tmux pkgs.python3 ];
 }

systems/makanek/hardware-configuration.nix

@@ -1,19 +1,25 @@
 { config, lib, pkgs, ... }:
-
 {
-  imports =
-    [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
-    ];
+  imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
 
-  boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "xhci_pci" "sd_mod" "sr_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/9eaeaaa7-b453-4634-8a69-d416f702d3aa";
-      fsType = "ext4";
+  boot = {
+    initrd = {
+      availableKernelModules = [ "ata_piix" "virtio_pci" "xhci_pci" "sd_mod" "sr_mod" ];
+      kernelModules = [ ];
     };
+    kernelModules = [ ];
+    extraModulePackages = [ ];
+    loader.grub = {
+      enable = true;
+      version = 2;
+      devices = [ "/dev/sda" ];
+    };
+  };
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/9eaeaaa7-b453-4634-8a69-d416f702d3aa";
+    fsType = "ext4";
+  };
 
   swapDevices = [ ];
   zramSwap.enable = true;

systems/makanek/menstruation.nix

@@ -1,7 +1,7 @@
 { pkgs, lib, ... }:
 let
-  backend = pkgs.callPackage <niveum/submodules/menstruation-backend> {};
-  telegram = pkgs.callPackage <niveum/submodules/menstruation-telegram> {};
+  backend = pkgs.callPackage <menstruation-backend> {};
+  telegram = pkgs.callPackage <menstruation-telegram> {};
   backendPort = 8000;
 in
 {

systems/makanek/weechat.nix

@@ -0,0 +1,165 @@
+{ lib, pkgs, ... }:
+let
+  inherit (import <niveum/lib>) kieran;
+  relayPassword = lib.fileContents <system-secrets/weechat/relay>;
+in {
+  systemd.services.weechat =
+  let
+    tmux = pkgs.writers.writeDash "tmux" ''
+      exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
+        set-option -g prefix `
+        unbind-key C-b
+        bind ` send-prefix
+
+        set-option -g status off
+        set-option -g default-terminal screen-256color
+
+        #use session instead of windows
+        bind-key c new-session
+        bind-key p switch-client -p
+        bind-key n switch-client -n
+        bind-key C-s switch-client -l
+      ''} "$@"
+    '';
+    weechat = pkgs.weechat-declarative.override {
+      config = {
+        scripts = [
+          pkgs.weechatScripts.weechat-autosort
+          pkgs.weechatScripts.colorize_nicks
+          pkgs.weechatScripts.weechat-matrix
+        ];
+        settings = let nick = "kmein"; in {
+          weechat = {
+            look.mouse = true;
+            color.chat_nick_colors = lib.lists.subtractLists (lib.range 52 69 ++ lib.range 231 248) (lib.range 31 254);
+          };
+          irc = {
+            look.server_buffer = "independent";
+            server_default = {
+              nicks = nick;
+              msg_part = "tschö mit ö";
+              msg_quit = "ciao kakao";
+              msg_kick = "warum machst du diese?";
+              realname = kieran.name;
+            };
+            server = {
+              hackint = {
+                autoconnect = true;
+                address = "irc.hackint.org/6697";
+                ipv6 = true;
+                ssl = true;
+                autojoin = [ "#krebs" "#nixos" "#the_playlist" ];
+                sasl_mechanism = "plain";
+                sasl_username = nick;
+                sasl_password = lib.strings.fileContents <system-secrets/irc/hackint>;
+              };
+              libera = {
+                autoconnect = true;
+                address = "irc.libera.chat/6697";
+                ssl = true;
+                autojoin = [ "#flipdot" "#haskell" "#nixos" "#fysi" "#binaergewitter" ];
+                sasl_mechanism = "plain";
+                sasl_username = nick;
+                sasl_password = lib.strings.fileContents <system-secrets/irc/libera>;
+              };
+              oftc = {
+                autoconnect = true;
+                address = "irc.oftc.net/6697";
+                ssl = true;
+                ipv6 = true;
+                command = lib.concatStringsSep "\\;" [
+                  "/msg nickserv identify ${lib.strings.fileContents <system-secrets/irc/oftc>}"
+                  "/msg nickserv set cloak on"
+                ];
+                autojoin = [ "#osm" "#osm-de" "#home-manager" ];
+              };
+              retiolum = {
+                autoconnect = true;
+                address = "irc.r";
+                autojoin = [ "#xxx" "#brockman" "#flix" "#autowifi" ];
+                command = lib.concatStringsSep "\\;" [
+                  "/oper admin aidsballs"
+                  "/msg nickserv always-on true"
+                  "/msg nickserv autoreplay-missed on"
+                  "/msg nickserv auto-away"
+                ];
+                sasl_mechanism = "plain";
+                sasl_username = nick;
+                sasl_password = lib.strings.fileContents <system-secrets/irc/retiolum>;
+              };
+              news = {
+                autoconnect = true;
+                address = "news.r";
+                autojoin = [ "#cook" "#drachengame" "#oepnv" "#kmeinung" "#memes" ];
+                command = "/oper aids balls";
+              };
+            };
+          };
+          logger.level.irc.news = 0;
+          matrix.server.nibbana = {
+            address = "nibbana.jp";
+            username = nick;
+            password = lib.strings.fileContents <system-secrets/matrix/nibbana>;
+            autoconnect = true;
+          };
+          alias.cmd.mod = "/quote omode $channel +o $nick";
+          relay = {
+            port.weechat = 9000;
+            network.password = relayPassword;
+          };
+          filters = {
+            zerocovid = {
+              buffer = "*";
+              tags = "*";
+              regex = "[kc]orona|💉|🤒|😷|[kc]ovid|virus|lockdown|va[kc][sc]in|mutante|mutation|impf|pandemi|κορ[ωο]ν[αο]ϊό|корона|expert|infe[ck]t|infizi|in[cz]iden[cz]|sars-cov|drosten|virolog|lauterbach|delta|omi[ck]ron|epidemi|booster|r-wert";
+            };
+            joinquit = {
+              buffer = "*";
+              tags = [ "irc_join" "irc_part" "irc_quit" "irc_nick" ];
+              regex = "*";
+            };
+            playlist_topic = {
+              buffer = "irc.*.#the_playlist";
+              tags = "irc_topic";
+              regex = "*";
+            };
+            brockman_notice = {
+              buffer = "irc.news.*";
+              tags = "irc_notice";
+              regex = "*";
+            };
+          };
+        };
+        extraCommands = ''/matrix connect nibbana'';
+      };
+    };
+  in {
+    description = "Weechat bouncer";
+    after = [ "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+    restartIfChanged = true;
+    path = [ pkgs.alacritty.terminfo ];
+    environment.WEECHAT_HOME = "/var/lib/weechat";
+    preStart = "${pkgs.coreutils}/bin/rm $WEECHAT_HOME/*.conf";
+    script = "${tmux} -2 new-session -d -s IM ${weechat}/bin/weechat";
+    preStop = "${tmux} kill-session -t IM";
+    serviceConfig = {
+      User = "weechat";
+      RemainAfterExit = true;
+      Type = "oneshot";
+    };
+  };
+
+  users.groups.weechat = {};
+  users.extraUsers.weechat = {
+    useDefaultShell = true;
+    openssh.authorizedKeys.keys = kieran.sshKeys pkgs ++ [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC+KVDmYYH7mA8v81e9O3swXm3ZVYY9t4HP65ud61uXy weechat_android@heym"
+    ];
+    createHome = true;
+    group = "weechat";
+    home = "/var/lib/weechat";
+    isSystemUser = true;
+    packages = [ pkgs.tmux ];
+  };
+}

systems/manakish/configuration.nix

@@ -1,7 +1,3 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
 { config, pkgs, ... }:
 let
   inherit (import <niveum/lib>) retiolumAddresses;
@@ -9,25 +5,10 @@ in
 {
   imports = [ # Include the results of the hardware scan.
     ./hardware-configuration.nix
+    ./hdmi.nix
     <niveum/configs/default.nix>
     <niveum/configs/battery.nix>
     <niveum/configs/wpa_supplicant.nix>
-    {
-      programs.steam.enable = true;
-      nixpkgs.config.steam.java = true;
-    }
-    {
-      services.xserver.displayManager.sessionCommands =
-      let
-        intern = "LVDS-1";
-        extern = "HDMI-1";
-        pulseaudioCard = "alsa_card.pci-0000_00_1b.0";
-        pulseaudioProfile = "output:hdmi-stereo+input:analog-stereo";
-      in toString (pkgs.writers.writeDash "hdmi-on" ''
-        ${pkgs.xorg.xrandr}/bin/xrandr --output ${intern} --primary --auto --output ${extern} --above ${intern} --auto
-        ${pkgs.pulseaudio}/bin/pactl set-card-profile ${pulseaudioCard} ${pulseaudioProfile}
-      '');
-    }
   ];
 
   niveum = {
@@ -36,21 +17,17 @@ in
     promptColours.success = "green";
   };
 
-  networking.useDHCP = false;
-  networking.interfaces = {
-    enp0s25.useDHCP = true;
-    wlp3s0.useDHCP = true;
-    wwp0s20u4i6.useDHCP = true;
+  networking = {
+    useDHCP = false;
+    interfaces = {
+      enp0s25.useDHCP = true;
+      wlp3s0.useDHCP = true;
+      wwp0s20u4i6.useDHCP = true;
+    };
+    wireless.interfaces = [ "wlp3s0" ];
+    retiolum = retiolumAddresses.manakish;
+    networking.hostName = "manakish";
   };
-  networking.wireless.interfaces = [ "wlp3s0" ];
-
-  environment.systemPackages = with pkgs; [
-    git vim
-  ];
-
-  networking.retiolum = retiolumAddresses.manakish;
-
-  networking.hostName = "manakish";
 
   system.stateVersion = "20.09"; # Did you read the comment?
 }

systems/manakish/hardware-configuration.nix

@@ -1,40 +1,37 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
-
 {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
+  boot = {
+    initrd = {
+      availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
+      kernelModules = [];
+      luks.devices."crypted".device = "/dev/disk/by-uuid/493cb228-c292-4f71-9f38-dcb3e96dec47";
+    };
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];
+    loader.grub = {
+      enable = true;
+      version = 2;
+      efiSupport = true;
+      efiInstallAsRemovable = true;
+      device = "/dev/sda";
+    };
+  };
 
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/ff47c479-e6d4-4cd6-93f1-9685f4018bc6";
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/ff47c479-e6d4-4cd6-93f1-9685f4018bc6";
       fsType = "ext4";
     };
-
-  boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/493cb228-c292-4f71-9f38-dcb3e96dec47";
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/D4AC-91B0";
+    "/boot" = {
+      device = "/dev/disk/by-uuid/D4AC-91B0";
       fsType = "vfat";
     };
+  };
 
   swapDevices = [ ];
   zramSwap.enable = true;
 
-  boot.loader.grub = {
-    enable = true;
-    version = 2;
-    efiSupport = true;
-    efiInstallAsRemovable = true;
-    device = "/dev/sda";
-  };
-
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
 }

systems/manakish/hdmi.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+{
+  services.xserver.displayManager.sessionCommands =
+  let
+    intern = "LVDS-1";
+    extern = "HDMI-1";
+    pulseaudioCard = "alsa_card.pci-0000_00_1b.0";
+    pulseaudioProfile = "output:hdmi-stereo+input:analog-stereo";
+  in toString (pkgs.writers.writeDash "hdmi-on" ''
+    ${pkgs.xorg.xrandr}/bin/xrandr --output ${intern} --primary --auto --output ${extern} --above ${intern} --auto
+    ${pkgs.pulseaudio}/bin/pactl set-card-profile ${pulseaudioCard} ${pulseaudioProfile}
+  '');
+}

systems/toum/configuration.nix

@@ -1,46 +0,0 @@
-{ config, pkgs, lib, ... }:
-let
-  inherit (import <niveum/lib>) kieran;
-in {
-  imports = [
-    ./hardware-configuration.nix
-    # <niveum/configs/hass>
-    <niveum/configs/distrobump.nix>
-    <niveum/configs/spacetime.nix>
-    <niveum/configs/sshd.nix>
-    <niveum/configs/save-space.nix>
-    <niveum/configs/tmux.nix>
-    <niveum/configs/version.nix>
-    <niveum/configs/traadfri.nix>
-    <niveum/configs/wpa_supplicant.nix>
-    <niveum/modules/retiolum.nix>
-  ];
-
-  nix.nixPath = [ "/var/src" ];
-
-  boot.loader.grub.enable = false;
-  boot.loader.generic-extlinux-compatible.enable = true;
-
-  networking.hostName = "toum";
-
-  environment.variables.TERM = "linux";
-
-  environment.systemPackages = with pkgs; [
-    git vim htop wget reptyr
-    libraspberrypi
-  ];
-
-  users.mutableUsers = false;
-
-  networking.retiolum = {
-    ipv4 = "10.243.2.3";
-    ipv6 = "42:0:3c46:56af:d12b:affd:8390:df22";
-  };
-
-  environment.etc."tinc/retiolum/rsa_key.priv" = {
-    text = builtins.readFile <system-secrets/retiolum.key>;
-    mode = "400";
-  };
-
-  system.stateVersion = "20.03";
-}

systems/toum/hardware-configuration.nix

@@ -1,16 +0,0 @@
-{ config, pkgs, ... }: {
-  boot.kernelPackages = pkgs.linuxPackages; # https://github.com/NixOS/nixpkgs/issues/97064#issuecomment-708986741
-  boot.kernelParams = [ "cma=32M" ];
-
-  fileSystems = {
-    "/" = {
-      device = "/dev/disk/by-label/NIXOS_SD";
-      fsType = "ext4";
-    };
-  };
-
-  swapDevices = [{
-    device = "/swapfile";
-    size = 1024;
-  }];
-}

systems/zaatar/configuration.nix

@@ -4,100 +4,23 @@ let
 in
 {
   imports = [
+    ./bvg.nix
+    ./gaslight.nix
     ./hardware-configuration.nix
+    ./kiosk.nix
+    ./moodle-dl-meinhark.nix
+    ./pulseaudio.nix
+    ./tuna.nix
     <home-manager/nixos>
-    <niveum/configs/wpa_supplicant.nix>
     <niveum/configs/keyboard.nix>
-    <niveum/modules/retiolum.nix>
-    <niveum/configs/spacetime.nix>
+    <niveum/configs/monitoring.nix>
     <niveum/configs/nix.nix>
-    <niveum/configs/tuna.nix>
-    <niveum/configs/sshd.nix>
-    <niveum/configs/version.nix>
-    <niveum/configs/gaslight.nix>
     <niveum/configs/printing.nix>
+    <niveum/configs/spacetime.nix>
+    <niveum/configs/sshd.nix>
     <niveum/configs/traadfri.nix>
-    <niveum/configs/bvg.nix>
-    <niveum/configs/moodle-dl/meinhark.nix>
-    <niveum/configs/monitoring/push.nix>
-    {
-      nixpkgs.config.allowUnfree = true;
-    }
-    {
-      sound.enable = true;
-
-      hardware.pulseaudio = {
-        enable = true;
-        systemWide = true;
-        tcp = {
-          enable = true;
-          anonymousClients.allowedIpRanges = [ "127.0.0.1" "10.243.2.0/24" "192.168.0.0/16" ];
-        };
-        zeroconf.publish.enable = true;
-      };
-      networking.firewall.allowedTCPPorts = [ 4713 ];
-    }
-    {
-      environment.systemPackages =
-      let
-        worldradio = pkgs.callPackage <niveum/packages/worldradio.nix> {};
-      in [
-        (pkgs.writers.writeDashBin "mpv" ''
-          ${pkgs.mpv}/bin/mpv --no-video "$@"
-        '')
-        (pkgs.writers.writeDashBin "worldradio" ''
-          shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
-        '')
-      ];
-    }
-    {
-      users.extraUsers.kiosk = {
-        isNormalUser = true;
-        password = "";
-        extraGroups = [ "audio" ];
-      };
-      services.cage = {
-        enable = true;
-        user = config.users.extraUsers.kiosk.name;
-        extraArguments = [ "-s" ]; # allow vt switching
-        program =
-        let startUrls = [ "https://open.spotify.com" "https://youtube.com" "http://bvg.kmein.r" ];
-        in pkgs.writers.writeDash "kiosk-browser" ''
-          while true; do
-            ${pkgs.chromium}/bin/chromium \
-              --no-first-run --no-message-box --noerrdialogs \
-              --default-browser --no-default-browser-check \
-              --start-maximized ${lib.escapeShellArgs startUrls}
-            sleep 0.5
-          done
-        '';
-      };
-      systemd.services.cage-tty1.environment.XKB_DEFAULT_LAYOUT = "de";
-      programs.chromium = {
-        enable = true;
-        extensions = [
-          "cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
-        ];
-      };
-    }
-    {
-      environment.systemPackages = [ pkgs.tmux ];
-      systemd.services.turntables = {
-        description = "music controller session";
-        after = [ "network.target" ];
-        wantedBy = [ "multi-user.target" ];
-        path = [ pkgs.alacritty.terminfo ];
-        script = ''
-          ${pkgs.tmux}/bin/tmux -2 new-session -d -s turntables ${pkgs.alsaUtils}/bin/alsamixer \; new-window
-        '';
-        preStop = "${pkgs.tmux}/bin/tmux kill-session -t turntables";
-        serviceConfig = {
-          User = "root";
-          RemainAfterExit = true;
-          Type = "oneshot";
-        };
-      };
-    }
+    <niveum/configs/wpa_supplicant.nix>
+    <niveum/modules/retiolum.nix>
   ];
 
   nix.nixPath = [ "/var/src" ];
@@ -110,19 +33,25 @@ in
 
   services.illum.enable = true;
 
-  environment.systemPackages = with pkgs; [ git vim htop ncmpcpp ];
+  environment.systemPackages =
+  let
+    worldradio = pkgs.callPackage <niveum/packages/worldradio.nix> {};
+  in [
+    (pkgs.writers.writeDashBin "mpv" ''${pkgs.mpv}/bin/mpv --no-video "$@"'')
+    (pkgs.writers.writeDashBin "worldradio" ''
+      shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
+    '')
+    pkgs.git
+    pkgs.vim
+    pkgs.htop
+    pkgs.ncmpcpp
+  ];
 
-  boot.loader.systemd-boot = {
-    enable = true;
-    configurationLimit = 5;
+  networking = {
+    hostName = "zaatar";
+    wireless.interfaces = [ "wlp2s0" ];
+    retiolum = retiolumAddresses.zaatar;
   };
 
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking.hostName = "zaatar";
-  networking.wireless.interfaces = [ "wlp2s0" ];
-
-  networking.retiolum = retiolumAddresses.zaatar;
-
   system.stateVersion = "20.09";
 }

systems/zaatar/hardware-configuration.nix

@@ -1,23 +1,32 @@
-{ config, lib, pkgs, ... }: {
+{ config, lib, pkgs, ... }:
+{
   imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
 
-  boot.initrd.availableKernelModules =
-    [ "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_acpi" "rtsx_usb_sdmmc" ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-label/nixos";
-    fsType = "ext4";
+  boot = {
+    initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_acpi" "rtsx_usb_sdmmc" ];
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];
+    loader = {
+      systemd-boot = {
+        enable = true;
+        configurationLimit = 5;
+      };
+      efi.canTouchEfiVariables = true;
+    };
   };
 
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-label/boot";
-    fsType = "vfat";
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-label/nixos";
+      fsType = "ext4";
+    };
+    "/boot" = {
+      device = "/dev/disk/by-label/boot";
+      fsType = "vfat";
+    };
   };
 
-  swapDevices =
-    [{ device = "/dev/disk/by-label/swap"; }];
+  swapDevices = [{ device = "/dev/disk/by-label/swap"; }];
 
   nix.maxJobs = lib.mkDefault 4;
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";

systems/zaatar/kiosk.nix

@@ -0,0 +1,31 @@
+{ config, pkgs, lib, ... }:
+{
+  users.extraUsers.kiosk = {
+    isNormalUser = true;
+    password = "";
+    extraGroups = [ "audio" ];
+  };
+  services.cage = {
+    enable = true;
+    user = config.users.extraUsers.kiosk.name;
+    extraArguments = [ "-s" ]; # allow vt switching
+    program =
+    let startUrls = [ "https://open.spotify.com" "https://youtube.com" "http://bvg.kmein.r" ];
+    in pkgs.writers.writeDash "kiosk-browser" ''
+      while true; do
+        ${pkgs.chromium}/bin/chromium \
+          --no-first-run --no-message-box --noerrdialogs \
+          --default-browser --no-default-browser-check \
+          --start-maximized ${lib.escapeShellArgs startUrls}
+        sleep 0.5
+      done
+    '';
+  };
+  systemd.services.cage-tty1.environment.XKB_DEFAULT_LAYOUT = "de";
+  programs.chromium = {
+    enable = true;
+    extensions = [
+      "cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
+    ];
+  };
+}

systems/zaatar/pulseaudio.nix

@@ -0,0 +1,14 @@
+{
+  sound.enable = true;
+
+  hardware.pulseaudio = {
+    enable = true;
+    systemWide = true;
+    tcp = {
+      enable = true;
+      anonymousClients.allowedIpRanges = [ "127.0.0.1" "10.243.2.0/24" "192.168.0.0/16" ];
+    };
+    zeroconf.publish.enable = true;
+  };
+  networking.firewall.allowedTCPPorts = [ 4713 ];
+}