kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-20 20:01:08 +01:00
Code Releases Activity

Compare commits

base: kfm:wayland
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
...
compare: kfm:61b5e4bd6eb0aa4fbea626ff4a6abcb2ac595a5f
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

35 Commits
wayland ... 61b5e4bd6e

Author SHA1 Message Date
Kierán Meinhardt
61b5e4bd6e update secrets 2025-10-21 15:42:22 +02:00
Kierán Meinhardt
d4aca5b6f1 reinstate hu vpn, remove fu signature 2025-10-21 15:34:43 +02:00
Kierán Meinhardt
551462f1dd dark colours for the dark half of the year 2025-10-09 07:20:34 +02:00
Kierán Meinhardt
5d954684e1 host ical ephemeris MVP 2025-10-07 11:40:38 +02:00
Kierán Meinhardt
b12373eb1b stag i3 tag editor 2025-10-06 12:54:43 +02:00
Kierán Meinhardt
31e6b28b72 yta: download opus 2025-10-06 12:29:29 +02:00
Kierán Meinhardt
4a77a20c9e aerc: add new email account 2025-10-06 10:28:49 +02:00
Kierán Meinhardt
fe5bbbc647 update menstruation-backend 2025-10-02 23:16:57 +02:00
Kierán Meinhardt
8699f09307 go-webring: fix module 2025-10-02 19:33:46 +02:00
Kierán Meinhardt
d458fb333f fix nixinate call 2025-10-02 19:33:46 +02:00
Kierán Meinhardt
e7264641a2 www.kmein.de fix backup and CORS 2025-10-02 18:34:23 +02:00
Kierán Meinhardt
8afc04f266 scanned: fix PATH 2025-10-02 18:34:10 +02:00
Kierán Meinhardt
427df80396 0ad: add config 2025-10-02 18:33:54 +02:00
Kierán Meinhardt
ff3ba9047f install go tooling 2025-10-02 18:32:40 +02:00
Kierán Meinhardt
1d14174ad5 go-webring 2025-10-02 18:32:23 +02:00
Kierán Meinhardt
a307e2c186 remove old mpd scripts 2025-09-06 19:36:05 +02:00
Kierán Meinhardt
1cc3a7c6e3 install amfora-wrapper (wrapped to work with overall light theme) 2025-09-06 11:57:24 +02:00
Kierán Meinhardt
db33374dc0 host gemini 2025-09-05 08:05:02 +02:00
Kierán Meinhardt
2c75c0d608 obsidian-vim: fix lua syntax 2025-09-04 13:48:39 +02:00
Kierán Meinhardt
f84cd44db5 update local network 2025-09-04 13:48:01 +02:00
Kierán Meinhardt
84cec2eb24 neovim: disable ernest 2025-08-30 17:49:58 +02:00
Kierán Meinhardt
031b934c99 change wifi name 2025-08-30 17:49:58 +02:00
github-actions[bot]
7491396645 flake.lock: Update 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/531beac616433bac6f9e2a19feb8e99a22a66baf?narHash=sha256-9P1FziAwl5%2B3edkfFcr5HeGtQUtrSdk/MksX39GieoA%3D' (2025-06-17)
  → 'github:ryantm/agenix/9edb1787864c4f59ae5074ad498b6272b3ec308d?narHash=sha256-NA/FT2hVhKDftbHSwVnoRTFhes62%2B7dxZbxj5Gxvghs%3D' (2025-08-05)
• Updated input 'home-manager':
    'github:nix-community/home-manager/501cfec8277f931a9c9af9f23d3105c537faeafe?narHash=sha256-tWosziZTT039x6PgEZUhzGlV8oLvdDmIgKTE8ESMaEA%3D' (2025-07-02)
  → 'github:nix-community/home-manager/4a44fb9f7555da362af9d499817084f4288a957f?narHash=sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk%3D' (2025-08-23)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/7a732ed41ca0dd64b4b71b563ab9805a80a7d693?narHash=sha256-u7ubvtxdTnFPpV27AHpgoKn7qHuE7sgWgza/1oj5nzA%3D' (2025-07-03)
  → 'github:NixOS/nixpkgs/9cb344e96d5b6918e94e1bca2d9f3ea1e9615545?narHash=sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A%3D' (2025-08-20)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/07c3e0e2be593551abdccacabe29cc57206b396f?narHash=sha256-30JXBxkJD3pxBBGQwl/DDwxxJDGQ1nvkvWwEtTsmhA8%3D' (2025-07-05)
  → 'github:NixOS/nixpkgs/42e1afa45385017e72b59ad15c3f786d09a704be?narHash=sha256-hG2eV%2B5tMHSE3XFmJTgx87GrTAD3RJz2Lj%2BzM0TShg4%3D' (2025-08-24)
• Updated input 'nur':
    'github:nix-community/NUR/a26411970baba3604e425f23e5293da492069e4a?narHash=sha256-iDjz1tBd/ibtmZZse4k1NBxfPR8g9K5W4sRgCyOnrj0%3D' (2025-07-05)
  → 'github:nix-community/NUR/20caa31dbef80914895e41b56be4cabc740b2126?narHash=sha256-/W53HyLk4qSrPJjYWdD5SK%2B3p0Ns9Bg6MKHoeqLVqi0%3D' (2025-08-23)
• Updated input 'nur/nixpkgs':
    'github:nixos/nixpkgs/3016b4b15d13f3089db8a41ef937b13a9e33a8df?narHash=sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU%2Btt4YY%3D' (2025-06-30)
  → 'github:nixos/nixpkgs/20075955deac2583bb12f07151c2df830ef346b4?narHash=sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs%2BStOp19xNsbqdOg%3D' (2025-08-19)
• Removed input 'nur/treefmt-nix'
• Removed input 'nur/treefmt-nix/nixpkgs'
• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/9e5e62a33a929a67a5427fb7324a6f583dced0b2?narHash=sha256-dYO5X5jK8bpQOeRAo8R5aUt6M/%2BJi1cZgstZI7SQ2IA%3D' (2025-07-05)
  → 'github:oxalica/rust-overlay/897ecf2b25be05e6ccb7661703f9f2fdec155f42?narHash=sha256-r0WnHKwA8DQNSHDmN3LNaqu41GbWDYqLS7IQAGR%2B6Wg%3D' (2025-08-23)
• Updated input 'scripts':
    'github:kmein/scripts/f44c7a4a6caa1ef5d6b7bf7e93acea0d96f30c21?narHash=sha256-mDDxMwKFURX1K1Z8X/kmt%2BjYjswofDf0br%2BMkw2tmSE%3D' (2025-06-02)
  → 'github:kmein/scripts/cc37fa4aec70f53731b9131bb8830b4445b75b3d?narHash=sha256-TnfXFloY4Ntq%2B0hp%2Bq9GGmuhtB1oueFiB%2BpcBUNYzFs%3D' (2025-07-20)
• Updated input 'stockholm':
    'github:krebs/stockholm/d4abc837cc7b87b4f23fe48cc306df26e3de7aab?narHash=sha256-i2s6jU%2B8GLKVjhWDyvFYxmXI7A44c9p6apPPyKt0ETk%3D' (2025-05-13)
  → 'github:krebs/stockholm/fc32e4609140fffa1312a4ca1aeea550b7467448?narHash=sha256-Mo2BkJXIz6HKM8cX2S7bRdX6Q3E1UOcyVL4v10QEUzk%3D' (2025-08-09)
• Updated input 'stockholm/buildbot-nix':
    'github:Mic92/buildbot-nix/7ad9b4886eccb5eecc0686a16266ddabf6cbefe9?narHash=sha256-mRnIdJLP%2B0NSim9ao30ue0Z3ttSuxzXwQG7UN1KuKfU%3D' (2025-05-07)
  → 'github:Mic92/buildbot-nix/47ad4c7afb169df6f9d48d0df3d7e2f71d9ddd8f?narHash=sha256-vCYcc/b8WizF6vnjuRVxSiU8hy9L3vOTWDVKpWM7xRE%3D' (2025-07-03)
• Updated input 'stockholm/buildbot-nix/flake-parts':
    'github:hercules-ci/flake-parts/c621e8422220273271f52058f618c94e405bb0f5?narHash=sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY%3D' (2025-04-01)
  → 'github:hercules-ci/flake-parts/77826244401ea9de6e3bac47c2db46005e1f30b5?narHash=sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ%3D' (2025-07-01)
• Updated input 'stockholm/buildbot-nix/hercules-ci-effects':
    'github:hercules-ci/hercules-ci-effects/5b6cec51c9ec095a0d3fd4c8eeb53eb5c59ae33e?narHash=sha256-1Z4WPGVky4w3lrhrgs89OKsLzPdtkbi1bPLNFWsoLfY%3D' (2025-04-15)
  → 'github:hercules-ci/hercules-ci-effects/231726642197817d20310b9d39dd4afb9e899489?narHash=sha256-EaAJhwfJGBncgIV/0NlJviid2DP93cTMc9h0q6P6xXk%3D' (2025-05-23)
• Updated input 'stockholm/buildbot-nix/treefmt-nix':
    'github:numtide/treefmt-nix/29ec5026372e0dec56f890e50dbe4f45930320fd?narHash=sha256-4h3s1L/kKqt3gMDcVfN8/4v2jqHrgLIe4qok4ApH5x4%3D' (2025-05-02)
  → 'github:numtide/treefmt-nix/ac8e6f32e11e9c7f153823abc3ab007f2a65d3e1?narHash=sha256-0IEdQB1nS%2BuViQw4k3VGUXntjkDp7aAlqcxdewb/hAc%3D' (2025-06-26)
• Updated input 'stockholm/nixpkgs':
    'github:NixOS/nixpkgs/d89fc19e405cb2d55ce7cc114356846a0ee5e956?narHash=sha256-3e%2BAVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ%3D' (2025-05-10)
  → 'github:NixOS/nixpkgs/1fd8bada0b6117e6c7eb54aad5813023eed37ccb?narHash=sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo%3D' (2025-07-06)
• Updated input 'stylix':
    'github:danth/stylix/5dd301b72207d4fd8d8b929abd88ba1c486d1744?narHash=sha256-jqRbWjB8aH2qzq6nMQpwkzVBR4o9lNxAHFmRgGwnJ94%3D' (2025-07-04)
  → 'github:danth/stylix/79be65b20d7b8fb7e8f39ba8121cfe41b7f46808?narHash=sha256-VmheUy4UzWDy/u0TvCCHptgF30peL7wRxkHy7EVpDrQ%3D' (2025-08-20)
• Removed input 'stylix/flake-compat'
• Removed input 'stylix/git-hooks'
• Removed input 'stylix/git-hooks/flake-compat'
• Removed input 'stylix/git-hooks/gitignore'
• Removed input 'stylix/git-hooks/gitignore/nixpkgs'
• Removed input 'stylix/git-hooks/nixpkgs'
• Removed input 'stylix/home-manager'
 2025-08-24 01:09:28 +00:00
Kierán Meinhardt
1c299cafef blake quote 2025-08-09 13:15:39 +02:00
Kierán Meinhardt
cbce724ade reformat 2025-08-07 10:14:07 +02:00
Kierán Meinhardt
00dfe27738 prometheus: decrease log size 2025-08-07 10:13:54 +02:00
Kierán Meinhardt
6e0026ed5c alertmanager: alert lassulus for mastodon outtime 2025-08-07 10:13:01 +02:00
Kierán Meinhardt
d92f382b9a wallpaper: fix for X 2025-08-07 10:12:21 +02:00
Kierán Meinhardt
630ec3d052 stylix: autoenable for homemanager and make apply to tmux 2025-07-25 08:59:31 +02:00
Kierán Meinhardt
bfd7195543 vim: newfangled distraction-free writing plugins 2025-07-25 08:59:00 +02:00
Kierán Meinhardt
0d2481bd78 vim: enable copilot 2025-07-21 18:54:30 +02:00
Kierán Meinhardt
28cd462bc6 sway: remove 2025-07-21 14:49:39 +02:00
Kierán Meinhardt
67358560b8 update 2025-07-11 11:31:09 +02:00
Kierán Meinhardt
675c453599 gammastep 2025-07-11 11:31:00 +02:00
Kierán Meinhardt
e4543eeb0b sway 2025-07-08 20:56:40 +02:00
37 changed files with 990 additions and 502 deletions
Expand all files Collapse all files

2
README.md
View File

@@ -1,5 +1,7 @@
# niveum # niveum
> I must Create a System, or be enslav'd by another Man's. —William Blake
> [nĭvĕus](https://logeion.uchicago.edu/niveus), a, um, adj. [nix], _of_ or _from snow, snowy, snow-_ (poet.) > [nĭvĕus](https://logeion.uchicago.edu/niveus), a, um, adj. [nix], _of_ or _from snow, snowy, snow-_ (poet.)
> >
> 1. Lit.: aggeribus niveis informis, Verg. G. 3, 354: aqua, _cooled with snow_, Mart. 12, 17, 6; cf. id. 14, 104 and 117: mons, _covered with snow_, Cat. 64, 240.— > 1. Lit.: aggeribus niveis informis, Verg. G. 3, 354: aqua, _cooled with snow_, Mart. 12, 17, 6; cf. id. 14, 104 and 117: mons, _covered with snow_, Cat. 64, 240.—

8
configs/0ad.nix Normal file
View File

@@ -0,0 +1,8 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.zeroad ];
networking.firewall = {
allowedTCPPorts = [ 20595 ];
allowedUDPPorts = [ 20595 ];
};
}

25
configs/aerc.nix
View File

@@ -8,14 +8,14 @@
inherit (import ../lib/email.nix) defaults thunderbirdProfile; inherit (import ../lib/email.nix) defaults thunderbirdProfile;
in { in {
age.secrets = { age.secrets = {
email-password-cock = { email-password-ical-ephemeris = {
file = ../secrets/email-password-cock.age; file = ../secrets/email-password-ical-ephemeris.age;
owner = config.users.users.me.name; owner = config.users.users.me.name;
group = config.users.users.me.group; group = config.users.users.me.group;
mode = "400"; mode = "400";
}; };
email-password-letos = { email-password-cock = {
file = ../secrets/email-password-letos.age; file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name; owner = config.users.users.me.name;
group = config.users.users.me.group; group = config.users.users.me.group;
mode = "400"; mode = "400";
@@ -92,16 +92,17 @@ in {
smtp.port = 25; smtp.port = 25;
smtp.tls.useStartTls = true; smtp.tls.useStartTls = true;
}; };
letos = ical-ephemeris =
lib.recursiveUpdate defaults lib.recursiveUpdate defaults
{ rec {
userName = "slfletos"; userName = "ical.ephemeris@web.de";
address = "letos.sprachlit@hu-berlin.de"; realName = "Kieran from iCal Ephemeris";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-letos.path}"; address = userName;
imap.host = "mailbox.cms.hu-berlin.de"; passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-ical-ephemeris.path}";
imap.host = "imap.web.de";
imap.port = 993; imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de"; smtp.host = "smtp.web.de";
smtp.port = 25; smtp.port = 587;
smtp.tls.useStartTls = true; smtp.tls.useStartTls = true;
}; };
posteo = posteo =

4
configs/browser.nix
View File

@@ -82,5 +82,9 @@
}; };
}; };
home-manager.users.me = {
stylix.targets.firefox.profileNames = ["default"];
};
environment.variables.BROWSER = "firefox"; environment.variables.BROWSER = "firefox";
} }

4
configs/default.nix
View File

@@ -106,7 +106,7 @@ in
zathura = swallow "${pkgs.zathura}/bin/zathura"; zathura = swallow "${pkgs.zathura}/bin/zathura";
im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM"; im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link
yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata --audio-format opus --audio-quality 0 -xic"; # Download with audio yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata --audio-format mp3 --audio-quality 0 -xic"; # Download with audio
}; };
} }
{ {
@@ -221,7 +221,7 @@ in
./git.nix ./git.nix
./hledger.nix ./hledger.nix
./htop.nix ./htop.nix
./fu-berlin.nix ./uni.nix
./i3.nix ./i3.nix
./i3status-rust.nix ./i3status-rust.nix
./keyboard.nix ./keyboard.nix

47
configs/i3.nix
View File

@@ -113,6 +113,7 @@ in {
''; '';
}; };
home-manager.users.me = let home-manager.users.me = let
modifier = "Mod4"; modifier = "Mod4";
infoWorkspace = ""; infoWorkspace = "";
@@ -269,32 +270,7 @@ in {
# XF86Launch1 (thinkvantage) # XF86Launch1 (thinkvantage)
}; };
in { in {
wayland.windowManager.sway = { stylix.targets.i3.enable = true;
enable = true;
config = {
menu = "rofi -modi run,ssh,window -show run";
inherit modifier modes gaps bars floating window colors keybindings;
input = {
"*" = {
xkb_layout = "de";
xkb_variant = "T3";
};
};
terminal = (defaultApplications pkgs).terminal;
up = "k";
down = "j";
left = "h";
right = "l";
seat = {
"*" = {
hide_cursor = "when-typing enable";
};
};
startup = [
{command = "echo hello";}
];
};
};
xsession.windowManager.i3 = { xsession.windowManager.i3 = {
enable = true; enable = true;
@@ -311,19 +287,9 @@ in {
assign [class="dashboard"] ${infoWorkspace} assign [class="dashboard"] ${infoWorkspace}
exec ${dashboard}/bin/dashboard exec ${dashboard}/bin/dashboard
''; '';
config = lib.mkMerge [ config = {
{ inherit modifier gaps modes bars floating window colors;
inherit modifier gaps modes bars floating window colors keybindings; keybindings = keybindings // {
}
{
keybindings = let
new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
move-to-new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
in {
"${modifier}+ß" = "exec ${niveumPackages.menu-calc}/bin/="; "${modifier}+ß" = "exec ${niveumPackages.menu-calc}/bin/=";
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill"; "${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85"; "${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
@@ -334,8 +300,7 @@ in {
# "${modifier}+x" = "exec ${new-workspace}"; # "${modifier}+x" = "exec ${new-workspace}";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr"; "XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr";
}; };
} };
];
}; };
}; };
} }

96
configs/keyboard.nix
View File

@@ -2,27 +2,63 @@
pkgs, pkgs,
lib, lib,
... ...
}: let }:
let
commaSep = builtins.concatStringsSep ","; commaSep = builtins.concatStringsSep ",";
xkbOptions = ["compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle"]; xkbOptions = [
"compose:caps"
"terminate:ctrl_alt_bksp"
"grp:ctrls_toggle"
];
languages = { languages = {
deutsch = { code = "de"; variant = "T3"; }; deutsch = {
greek = { code = "gr"; variant = "polytonic"; }; code = "de";
russian = { code = "ru"; variant = "phonetic"; }; variant = "T3";
arabic = { code = "ara"; variant = "buckwalter"; }; # ../lib/keyboards/arabic; };
greek = {
code = "gr";
variant = "polytonic";
};
russian = {
code = "ru";
variant = "phonetic";
};
arabic = {
code = "ara";
variant = "buckwalter";
}; # ../lib/keyboards/arabic;
coptic = ../lib/keyboards/coptic; coptic = ../lib/keyboards/coptic;
avestan = ../lib/keyboards/avestan; avestan = ../lib/keyboards/avestan;
gothic = ../lib/keyboards/gothic; gothic = ../lib/keyboards/gothic;
farsi = { code = "ir"; variant = "qwerty"; }; farsi = {
syriac = { code = "sy"; variant = "syc_phonetic"; }; code = "ir";
sanskrit = { code = "in"; variant = "san-kagapa"; }; variant = "qwerty";
gujarati = {code = "in"; variant = "guj-kagapa"; }; };
urdu = {code = "in"; variant = "urd-phonetic"; }; syriac = {
hebrew = {code = "il"; variant = "phonetic";}; code = "sy";
variant = "syc_phonetic";
};
sanskrit = {
code = "in";
variant = "san-kagapa";
};
gujarati = {
code = "in";
variant = "guj-kagapa";
};
urdu = {
code = "in";
variant = "urd-phonetic";
};
hebrew = {
code = "il";
variant = "phonetic";
};
}; };
defaultLanguage = languages.deutsch; defaultLanguage = languages.deutsch;
in { in
{
services.libinput.enable = true; services.libinput.enable = true;
# man 7 xkeyboard-config # man 7 xkeyboard-config
@@ -41,7 +77,8 @@ in {
lib.mapAttrsToList (name: value: { lib.mapAttrsToList (name: value: {
name = "symbols/${name}"; name = "symbols/${name}";
path = value; path = value;
}) (lib.filterAttrs (_: value: !(value ? "code")) languages) ++ [ }) (lib.filterAttrs (_: value: !(value ? "code")) languages)
++ [
{ {
name = "symbols/ir"; name = "symbols/ir";
path = ../lib/keyboards/farsi; path = ../lib/keyboards/farsi;
@@ -54,25 +91,40 @@ in {
environment.etc."x11-locale".source = toString pkgs.xorg.libX11 + "share/X11/locale"; environment.etc."x11-locale".source = toString pkgs.xorg.libX11 + "share/X11/locale";
home-manager.users.me = {
home.file =
lib.mapAttrs' (name: path: lib.nameValuePair ".xkb/symbols/${name}" { source = path; })
(lib.filterAttrs (_: value: !(value ? "code")) languages) // {
".xkb/symbols/ir".source = ../lib/keyboards/farsi;
};
};
console.keyMap = "de"; console.keyMap = "de";
environment.systemPackages = environment.systemPackages = lib.mapAttrsToList (
lib.mapAttrsToList language: settings:
(language: settings:
let let
code = if settings ? "code" then settings.code else language; code = if settings ? "code" then settings.code else language;
variant = if settings ? "variant" then settings.variant else ""; variant = if settings ? "variant" then settings.variant else "";
in in
pkgs.writers.writeDashBin "kb-${language}" '' pkgs.writers.writeDashBin "kb-${language}" ''
${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage.code},${code} ${defaultLanguage.variant},${variant} ${toString (map (option: "-option ${option}") xkbOptions)} if [ -z $SWAYSOCK ]; then
'') ${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage.code},${code} ${defaultLanguage.variant},${variant} ${
languages; toString (map (option: "-option ${option}") xkbOptions)
}
else
swaymsg -s $SWAYSOCK 'input * xkb_layout "${defaultLanguage.code},${code}"'
swaymsg -s $SWAYSOCK 'input * xkb_variant "${defaultLanguage.variant},${variant}"'
swaymsg -s $SWAYSOCK 'input * xkb_options "${lib.concatStringsSep "," xkbOptions}"'
fi
''
) languages;
# improve held key rate # improve held key rate
services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50"; services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50";
systemd.user.services.gxkb = { systemd.user.services.gxkb = {
wantedBy = ["graphical-session.target"]; wantedBy = [ "graphical-session.target" ];
serviceConfig = { serviceConfig = {
SyslogIdentifier = "gxkb"; SyslogIdentifier = "gxkb";
ExecStart = "${pkgs.gxkb}/bin/gxkb"; ExecStart = "${pkgs.gxkb}/bin/gxkb";

3
configs/neovim.nix
View File

@@ -38,7 +38,7 @@
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'') (pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
(niveumPackages.vim.override { (niveumPackages.vim.override {
# stylixColors = config.lib.stylix.colors; # stylixColors = config.lib.stylix.colors;
colorscheme = "base16-gruvbox-light-medium"; colorscheme = "base16-gruvbox-dark-medium";
}) })
# language servers # language servers
@@ -46,6 +46,7 @@
pkgs.haskellPackages.haskell-language-server pkgs.haskellPackages.haskell-language-server
pkgs.texlab pkgs.texlab
pkgs.nil pkgs.nil
pkgs.gopls
pkgs.nixfmt-rfc-style pkgs.nixfmt-rfc-style
pkgs.rust-analyzer pkgs.rust-analyzer
pkgs.nodePackages.typescript-language-server pkgs.nodePackages.typescript-language-server

9
configs/packages.nix
View File

@@ -63,6 +63,9 @@ in {
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
(pkgs.writers.writeDashBin "amfora" ''
${pkgs.st}/bin/st -e ${pkgs.amfora}/bin/amfora
'')
# INTERNET # INTERNET
aria2 aria2
tdesktop tdesktop
@@ -94,6 +97,7 @@ in {
# HARDWARE TOOLS # HARDWARE TOOLS
gnome-disk-utility gnome-disk-utility
arandr # xrandr for noobs arandr # xrandr for noobs
wdisplays
libnotify # for notify-send libnotify # for notify-send
xclip # clipboard CLI xclip # clipboard CLI
xdragon # drag and drop xdragon # drag and drop
@@ -130,6 +134,7 @@ in {
rink # unit converter rink # unit converter
niveumPackages.auc niveumPackages.auc
niveumPackages.noise-waves niveumPackages.noise-waves
niveumPackages.stag
niveumPackages.cheat-sh niveumPackages.cheat-sh
niveumPackages.polyglot niveumPackages.polyglot
niveumPackages.qrpaste niveumPackages.qrpaste
@@ -197,9 +202,6 @@ in {
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars ${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'') '')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
inputs.scripts.packages.x86_64-linux.alarm inputs.scripts.packages.x86_64-linux.alarm
spotify spotify
@@ -240,6 +242,7 @@ in {
nodePackages.csslint nodePackages.csslint
nodePackages.jsonlint nodePackages.jsonlint
deno # better node.js deno # better node.js
go
texlive.combined.scheme-full texlive.combined.scheme-full
latexrun latexrun
(aspellWithDicts (dict: [dict.de dict.en dict.en-computers])) (aspellWithDicts (dict: [dict.de dict.en dict.en-computers]))

1
configs/spacetime.nix
View File

@@ -3,5 +3,6 @@
location = { location = {
latitude = 52.517; latitude = 52.517;
longitude = 13.3872; longitude = 13.3872;
provider = "geoclue2";
}; };
} }

5
configs/stylix.nix
View File

@@ -18,7 +18,7 @@ in {
stylix.enable = true; stylix.enable = true;
stylix.image = generatedWallpaper; stylix.image = generatedWallpaper;
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml"; stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-medium.yaml";
stylix.cursor = { stylix.cursor = {
name = "capitaine-cursors-white"; name = "capitaine-cursors-white";
@@ -26,6 +26,9 @@ in {
size = 12; size = 12;
}; };
home-manager.users.me = {
stylix.autoEnable = true;
};
# environment.etc."stylix/wallpaper.png".source = generatedWallpaper; # environment.etc."stylix/wallpaper.png".source = generatedWallpaper;

11
configs/tmux.nix
View File

@@ -13,7 +13,7 @@
aggressiveResize = true; aggressiveResize = true;
escapeTime = 50; escapeTime = 50;
historyLimit = 7000; historyLimit = 7000;
shortcut = "a"; shortcut = "b";
extraConfig = '' extraConfig = ''
set -g mouse on set -g mouse on
@@ -37,15 +37,6 @@
set -g status-left-length 32 set -g status-left-length 32
set -g status-right-length 150 set -g status-right-length 150
set -g status-bg colour242
setw -g window-status-format "#[fg=colour12,bg=colour233] #I #[fg=white,bg=colour237] #W "
setw -g window-status-current-format "#[fg=colour12,bg=colour233] * #[fg=white,bg=colour237,bold] #W "
set -g status-left ""
set -g status-right "#[fg=colour255,bg=colour237,bold] #(hostname -I) #[default]#[fg=colour12,bg=colour233] %FT%R "
set -g status-justify left
set -g status-position bottom set -g status-position bottom
''; '';
}; };

86
configs/fu-berlin.nix → configs/uni.nix
View File

@@ -30,7 +30,19 @@ in {
}; };
}; };
accounts.email.accounts = { accounts.email.accounts = {
fu-student = letos =
lib.recursiveUpdate defaults
{
userName = "slfletos";
address = "letos.sprachlit@hu-berlin.de";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-letos.path}";
imap.host = "mailbox.cms.hu-berlin.de";
imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 25;
smtp.tls.useStartTls = true;
};
fu =
lib.recursiveUpdate defaults lib.recursiveUpdate defaults
(lib.recursiveUpdate fu-defaults (lib.recursiveUpdate fu-defaults
rec { rec {
@@ -38,21 +50,6 @@ in {
address = "kieran.meinhardt@fu-berlin.de"; address = "kieran.meinhardt@fu-berlin.de";
aliases = ["${userName}@fu-berlin.de"]; aliases = ["${userName}@fu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhak99.path}"; passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhak99.path}";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
${defaults.realName}
${pronouns}
---
Studentische Hilfskraft / ZODIAC
Freie Universität Berlin
Telefon: +49 30 838 58118
Arnimallee 10, Raum 106, 14195 Berlin
'';
};
himalaya = { himalaya = {
enable = true; enable = true;
settings.backend = "imap"; settings.backend = "imap";
@@ -68,6 +65,12 @@ in {
group = config.users.users.me.group; group = config.users.users.me.group;
mode = "400"; mode = "400";
}; };
email-password-letos = {
file = ../secrets/email-password-letos.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
fu-sftp-key = { fu-sftp-key = {
file = ../secrets/fu-sftp-key.age; file = ../secrets/fu-sftp-key.age;
owner = "root"; owner = "root";
@@ -110,24 +113,31 @@ in {
]; ];
}; };
}; };
in { in home-directory-mount "meinhak99";
"${remoteDir}/fu/zodiac" = {
device = "//trove.storage.fu-berlin.de/GESCHKULT";
fsType = "cifs";
options =
fu-berlin-cifs-options
++ [
"credentials=${config.age.secrets.cifs-credentials-zodiac.path}"
];
};
} // home-directory-mount "meinhak99"
// home-directory-mount "xm7234fu";
age.secrets = {
cifs-credentials-zodiac.file = ../secrets/cifs-credentials-zodiac.age;
};
environment.systemPackages = [ environment.systemPackages = [
(pkgs.writers.writeDashBin "hu-vpn-split" ''
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "${config.age.secrets.email-password-letos.path}")" \
--config=${
pkgs.writeText "hu-berlin-split.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = slfletos@split_tunnel
''
}
'')
(pkgs.writers.writeDashBin "hu-vpn-full" ''
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "${config.age.secrets.email-password-letos.path}")" \
--config=${
pkgs.writeText "hu-berlin-full.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = slfletos@tunnel_all
''
}
'')
(pkgs.writers.writeDashBin "fu-vpn" '' (pkgs.writers.writeDashBin "fu-vpn" ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then then
@@ -138,16 +148,4 @@ in {
fi fi
'') '')
]; ];
systemd.services.fu-vpn = {
enable = false;
wants = ["network-online.target"];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhak99.path}";
script = ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then
cat "$CREDENTIALS_DIRECTORY/password" | ${pkgs.openconnect}/bin/openconnect vpn.fu-berlin.de --user ${username} --passwd-on-stdin
fi
'';
};
} }

5
configs/wpa_supplicant.nix
View File

@@ -1,6 +1,9 @@
{ config, ... }:
{ {
networking.wireless = { networking.wireless = {
enable = true; enable = true;
networks.Aether.pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a"; secretsFile = config.age.secrets.wifi.path;
# networks.Aether.pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a";
networks.Schilfpalast.pskRaw = "ext:schilfpalast";
}; };
} }

437
flake.lock generated
View File

@@ -12,11 +12,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1750173260, "lastModified": 1754433428,
"narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -53,6 +53,43 @@
"type": "github" "type": "github"
} }
}, },
"almanac": {
"flake": false,
"locked": {
"lastModified": 1640984494,
"narHash": "sha256-xxbrGJtRK6wzOR09vGPqoUvnY5f0h6hn6Uecy331Zhw=",
"owner": "lfborjas",
"repo": "almanac",
"rev": "72931bd9accefccd2df59d9d64a6cbb91f2d5f17",
"type": "github"
},
"original": {
"owner": "lfborjas",
"repo": "almanac",
"type": "github"
}
},
"astro-calendar": {
"inputs": {
"almanac": "almanac",
"nixpkgs": "nixpkgs_4",
"swiss-ephemeris": "swiss-ephemeris",
"swisseph": "swisseph"
},
"locked": {
"lastModified": 1759827606,
"narHash": "sha256-JunaXkzalZtQYjGxJrMGYDEgOwullKLnpAFj/SaJaKI=",
"owner": "kmein",
"repo": "astro-calendar",
"rev": "f1579f087ee49e4c6a3bcf130b20738123f8616a",
"type": "github"
},
"original": {
"owner": "kmein",
"repo": "astro-calendar",
"type": "github"
}
},
"base16": { "base16": {
"inputs": { "inputs": {
"fromYaml": "fromYaml" "fromYaml": "fromYaml"
@@ -90,11 +127,11 @@
"base16-helix": { "base16-helix": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1736852337, "lastModified": 1748408240,
"narHash": "sha256-esD42YdgLlEh7koBrSqcT7p2fsMctPAcGl/+2sYJa2o=", "narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "base16-helix", "repo": "base16-helix",
"rev": "03860521c40b0b9c04818f2218d9cc9efc21e7a5", "rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -178,14 +215,14 @@
"stockholm", "stockholm",
"nixpkgs" "nixpkgs"
], ],
"treefmt-nix": "treefmt-nix_2" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1746626503, "lastModified": 1751515480,
"narHash": "sha256-mRnIdJLP+0NSim9ao30ue0Z3ttSuxzXwQG7UN1KuKfU=", "narHash": "sha256-vCYcc/b8WizF6vnjuRVxSiU8hy9L3vOTWDVKpWM7xRE=",
"owner": "Mic92", "owner": "Mic92",
"repo": "buildbot-nix", "repo": "buildbot-nix",
"rev": "7ad9b4886eccb5eecc0686a16266ddabf6cbefe9", "rev": "47ad4c7afb169df6f9d48d0df3d7e2f71d9ddd8f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -287,7 +324,7 @@
}, },
"fenix": { "fenix": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_6",
"rust-analyzer-src": "rust-analyzer-src" "rust-analyzer-src": "rust-analyzer-src"
}, },
"locked": { "locked": {
@@ -307,11 +344,11 @@
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1744642301, "lastModified": 1748383148,
"narHash": "sha256-5A6LL7T0lttn1vrKsNOKUk9V0ittdW0VEqh6AtefxJ4=", "narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "firefox-gnome-theme", "repo": "firefox-gnome-theme",
"rev": "59e3de00f01e5adb851d824cf7911bd90c31083a", "rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -336,21 +373,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_2": {
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
@@ -381,11 +403,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1743550720, "lastModified": 1751413152,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "c621e8422220273271f52058f618c94e405bb0f5", "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -402,11 +424,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1733312601, "lastModified": 1749398372,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -531,54 +553,6 @@
"type": "github" "type": "github"
} }
}, },
"git-hooks": {
"inputs": {
"flake-compat": [
"stylix",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"stylix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1742649964,
"narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"stylix",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gnome-shell": { "gnome-shell": {
"flake": false, "flake": false,
"locked": { "locked": {
@@ -610,11 +584,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744693102, "lastModified": 1748000383,
"narHash": "sha256-1Z4WPGVky4w3lrhrgs89OKsLzPdtkbi1bPLNFWsoLfY=", "narHash": "sha256-EaAJhwfJGBncgIV/0NlJviid2DP93cTMc9h0q6P6xXk=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "hercules-ci-effects", "repo": "hercules-ci-effects",
"rev": "5b6cec51c9ec095a0d3fd4c8eeb53eb5c59ae33e", "rev": "231726642197817d20310b9d39dd4afb9e899489",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -653,11 +627,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1749154018, "lastModified": 1755928099,
"narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", "narHash": "sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", "rev": "4a44fb9f7555da362af9d499817084f4288a957f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -667,6 +641,25 @@
"type": "github" "type": "github"
} }
}, },
"ical-ephemeris": {
"inputs": {
"astro-calendar": "astro-calendar",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1759829502,
"narHash": "sha256-hVW5cAQdbUkKicOuD1D26qazXVCeimDDitJmLd7b1YM=",
"ref": "refs/heads/master",
"rev": "1f57f78d59fcc8d439d591f47fb283b73420bfe2",
"revCount": 19,
"type": "git",
"url": "ssh://gitea@code.kmein.de:22022/kfm/ical-ephemeris"
},
"original": {
"type": "git",
"url": "ssh://gitea@code.kmein.de:22022/kfm/ical-ephemeris"
}
},
"kellia-dictionary": { "kellia-dictionary": {
"flake": false, "flake": false,
"locked": { "locked": {
@@ -735,14 +728,14 @@
"inputs": { "inputs": {
"fenix": "fenix", "fenix": "fenix",
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_7"
}, },
"locked": { "locked": {
"lastModified": 1702906210, "lastModified": 1759437689,
"narHash": "sha256-V/nSui5BkCg0zX6uaIeax/Jrl8voxd0r7FUQRMVrHN0=", "narHash": "sha256-L3gLXmW+9oE+5YosaOSIDtNlXmXxnY8RXDNj2J8uIRs=",
"owner": "kmein", "owner": "kmein",
"repo": "menstruation.rs", "repo": "menstruation.rs",
"rev": "1c8d6f4463fb746eb6c9855d2419cb4e8f48ac50", "rev": "7ae9a7affffd20eafe0158b9b7ca50cc8a77f2af",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -994,7 +987,7 @@
}, },
"nixinate_2": { "nixinate_2": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_6" "nixpkgs": "nixpkgs_8"
}, },
"locked": { "locked": {
"lastModified": 1742737607, "lastModified": 1742737607,
@@ -1108,11 +1101,11 @@
}, },
"nixpkgs-unstable_2": { "nixpkgs-unstable_2": {
"locked": { "locked": {
"lastModified": 1750553127, "lastModified": 1755996835,
"narHash": "sha256-zgPnxYqkf/CEl5m/lx02D+FaLWPRUM/RLo/qekTuu8Q=", "narHash": "sha256-hG2eV+5tMHSE3XFmJTgx87GrTAD3RJz2Lj+zM0TShg4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ba476a871a35075644c3340b3651101ddf77ee0d", "rev": "42e1afa45385017e72b59ad15c3f786d09a704be",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1123,6 +1116,38 @@
} }
}, },
"nixpkgs_10": { "nixpkgs_10": {
"locked": {
"lastModified": 1755615617,
"narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "20075955deac2583bb12f07151c2df830ef346b4",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_11": {
"locked": {
"lastModified": 1751792365,
"narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_12": {
"locked": { "locked": {
"lastModified": 1659446231, "lastModified": 1659446231,
"narHash": "sha256-hekabNdTdgR/iLsgce5TGWmfIDZ86qjPhxDg/8TlzhE=", "narHash": "sha256-hekabNdTdgR/iLsgce5TGWmfIDZ86qjPhxDg/8TlzhE=",
@@ -1138,7 +1163,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_11": { "nixpkgs_13": {
"locked": { "locked": {
"lastModified": 1615532953, "lastModified": 1615532953,
"narHash": "sha256-SWpaGjrp/INzorEqMz3HLi6Uuk9I0KAn4YS8B4n3q5g=", "narHash": "sha256-SWpaGjrp/INzorEqMz3HLi6Uuk9I0KAn4YS8B4n3q5g=",
@@ -1182,11 +1207,11 @@
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1701436327, "lastModified": 1758035966,
"narHash": "sha256-tRHbnoNI8SIM5O5xuxOmtSLnswEByzmnQcGGyNRjxsE=", "narHash": "sha256-qqIJ3yxPiB0ZQTT9//nFGQYn8X/PBoJbofA7hRKZnmE=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "91050ea1e57e50388fa87a3302ba12d188ef723a", "rev": "8d4ddb19d03c65a36ad8d189d001dc32ffb0306b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1197,6 +1222,22 @@
} }
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": {
"lastModified": 1759381078,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1701436327, "lastModified": 1701436327,
"narHash": "sha256-tRHbnoNI8SIM5O5xuxOmtSLnswEByzmnQcGGyNRjxsE=", "narHash": "sha256-tRHbnoNI8SIM5O5xuxOmtSLnswEByzmnQcGGyNRjxsE=",
@@ -1212,7 +1253,23 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_6": { "nixpkgs_7": {
"locked": {
"lastModified": 1701436327,
"narHash": "sha256-tRHbnoNI8SIM5O5xuxOmtSLnswEByzmnQcGGyNRjxsE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "91050ea1e57e50388fa87a3302ba12d188ef723a",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_8": {
"locked": { "locked": {
"lastModified": 1653060744, "lastModified": 1653060744,
"narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=", "narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=",
@@ -1228,13 +1285,13 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_7": { "nixpkgs_9": {
"locked": { "locked": {
"lastModified": 1750400657, "lastModified": 1755704039,
"narHash": "sha256-3vkjFnxCOP6vm5Pm13wC/Zy6/VYgei/I/2DWgW4RFeA=", "narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "b2485d56967598da068b5a6946dadda8bfcbcd37", "rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1244,38 +1301,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_8": {
"locked": {
"lastModified": 1750365781,
"narHash": "sha256-XE/lFNhz5lsriMm/yjXkvSZz5DfvKJLUjsS6pP8EC50=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "08f22084e6085d19bcfb4be30d1ca76ecb96fe54",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1746904237,
"narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nmd": { "nmd": {
"flake": false, "flake": false,
"locked": { "locked": {
@@ -1390,15 +1415,14 @@
"nur_2": { "nur_2": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_8", "nixpkgs": "nixpkgs_10"
"treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1750553086, "lastModified": 1755984779,
"narHash": "sha256-rtItxhQM+Zkd2ys/lT2MoXCUVEhyj51Em5o9Wd6qqGU=", "narHash": "sha256-/W53HyLk4qSrPJjYWdD5SK+3p0Ns9Bg6MKHoeqLVqi0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "8d68e170fd6f9e8b8921db79419c209a1aeabc36", "rev": "20caa31dbef80914895e41b56be4cabc740b2126",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1417,14 +1441,14 @@
"stylix", "stylix",
"nixpkgs" "nixpkgs"
], ],
"treefmt-nix": "treefmt-nix_3" "treefmt-nix": "treefmt-nix_2"
}, },
"locked": { "locked": {
"lastModified": 1746056780, "lastModified": 1751320053,
"narHash": "sha256-/emueQGaoT4vu0QjU9LDOG5roxRSfdY0K2KkxuzazcM=", "narHash": "sha256-3m6RMw0FbbaUUa01PNaMLoO7D99aBClmY5ed9V3vz+0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "d476cd0972dd6242d76374fcc277e6735715c167", "rev": "cbde1735782f9c2bb2c63d5e05fba171a14a4670",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1521,11 +1545,12 @@
"coptic-dictionary": "coptic-dictionary", "coptic-dictionary": "coptic-dictionary",
"flake-utils": "flake-utils_3", "flake-utils": "flake-utils_3",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"ical-ephemeris": "ical-ephemeris",
"menstruation-backend": "menstruation-backend_2", "menstruation-backend": "menstruation-backend_2",
"menstruation-telegram": "menstruation-telegram_2", "menstruation-telegram": "menstruation-telegram_2",
"nix-on-droid": "nix-on-droid_2", "nix-on-droid": "nix-on-droid_2",
"nixinate": "nixinate_2", "nixinate": "nixinate_2",
"nixpkgs": "nixpkgs_7", "nixpkgs": "nixpkgs_9",
"nixpkgs-old": "nixpkgs-old_2", "nixpkgs-old": "nixpkgs-old_2",
"nixpkgs-unstable": "nixpkgs-unstable_2", "nixpkgs-unstable": "nixpkgs-unstable_2",
"nur": "nur_2", "nur": "nur_2",
@@ -1593,11 +1618,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1750473400, "lastModified": 1755916474,
"narHash": "sha256-wiW2j63MyGQyyijRF25hf7Ab7vx4G8pCiGjUe3OGV4c=", "narHash": "sha256-r0WnHKwA8DQNSHDmN3LNaqu41GbWDYqLS7IQAGR+6Wg=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "3d7d4c4e284f26d6dc4840491c66884912be0062", "rev": "897ecf2b25be05e6ccb7661703f9f2fdec155f42",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1651,11 +1676,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1748892379, "lastModified": 1753033513,
"narHash": "sha256-mDDxMwKFURX1K1Z8X/kmt+jYjswofDf0br+Mkw2tmSE=", "narHash": "sha256-TnfXFloY4Ntq+0hp+q9GGmuhtB1oueFiB+pcBUNYzFs=",
"owner": "kmein", "owner": "kmein",
"repo": "scripts", "repo": "scripts",
"rev": "f44c7a4a6caa1ef5d6b7bf7e93acea0d96f30c21", "rev": "cc37fa4aec70f53731b9131bb8830b4445b75b3d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1668,14 +1693,14 @@
"inputs": { "inputs": {
"buildbot-nix": "buildbot-nix", "buildbot-nix": "buildbot-nix",
"nix-writers": "nix-writers", "nix-writers": "nix-writers",
"nixpkgs": "nixpkgs_9" "nixpkgs": "nixpkgs_11"
}, },
"locked": { "locked": {
"lastModified": 1747157099, "lastModified": 1754761025,
"narHash": "sha256-i2s6jU+8GLKVjhWDyvFYxmXI7A44c9p6apPPyKt0ETk=", "narHash": "sha256-Mo2BkJXIz6HKM8cX2S7bRdX6Q3E1UOcyVL4v10QEUzk=",
"owner": "krebs", "owner": "krebs",
"repo": "stockholm", "repo": "stockholm",
"rev": "d4abc837cc7b87b4f23fe48cc306df26e3de7aab", "rev": "fc32e4609140fffa1312a4ca1aeea550b7467448",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1721,13 +1746,8 @@
"base16-helix": "base16-helix", "base16-helix": "base16-helix",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme", "firefox-gnome-theme": "firefox-gnome-theme",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts_3", "flake-parts": "flake-parts_3",
"git-hooks": "git-hooks",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"home-manager": [
"home-manager"
],
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@@ -1740,11 +1760,11 @@
"tinted-zed": "tinted-zed" "tinted-zed": "tinted-zed"
}, },
"locked": { "locked": {
"lastModified": 1750370365, "lastModified": 1755710103,
"narHash": "sha256-Yblt2LusglzBXlg+ekckztIUgvl1WQwJ7gLRJEt/IHE=", "narHash": "sha256-VmheUy4UzWDy/u0TvCCHptgF30peL7wRxkHy7EVpDrQ=",
"owner": "danth", "owner": "danth",
"repo": "stylix", "repo": "stylix",
"rev": "cc82dae884f45ffeb996d2b5116afa70933e507f", "rev": "79be65b20d7b8fb7e8f39ba8121cfe41b7f46808",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1754,6 +1774,38 @@
"type": "github" "type": "github"
} }
}, },
"swiss-ephemeris": {
"flake": false,
"locked": {
"lastModified": 1638583659,
"narHash": "sha256-EEgKk5DDkmICteFzFzXdvdGke7aPoJa6aQ228nAYieQ=",
"owner": "lfborjas",
"repo": "swiss-ephemeris",
"rev": "3094368f5f963e8756e89e3b3dd24b96796b8682",
"type": "github"
},
"original": {
"owner": "lfborjas",
"repo": "swiss-ephemeris",
"type": "github"
}
},
"swisseph": {
"flake": false,
"locked": {
"lastModified": 1757697308,
"narHash": "sha256-m2Qgzhsgrv0KyJin8UfNFJ8KL/HFfoN8AmCTlcirHXE=",
"owner": "aloistr",
"repo": "swisseph",
"rev": "3084917b5d2384af6fb928583552e0a299fb6d83",
"type": "github"
},
"original": {
"owner": "aloistr",
"repo": "swisseph",
"type": "github"
}
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
@@ -1851,7 +1903,7 @@
"telebots_2": { "telebots_2": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_5", "flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_10" "nixpkgs": "nixpkgs_12"
}, },
"locked": { "locked": {
"lastModified": 1703313352, "lastModified": 1703313352,
@@ -1961,11 +2013,11 @@
"tinted-schemes": { "tinted-schemes": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1744974599, "lastModified": 1750770351,
"narHash": "sha256-Fg+rdGs5FAgfkYNCs74lnl8vkQmiZVdBsziyPhVqrlY=", "narHash": "sha256-LI+BnRoFNRa2ffbe3dcuIRYAUcGklBx0+EcFxlHj0SY=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "schemes", "repo": "schemes",
"rev": "28c26a621123ad4ebd5bbfb34ab39421c0144bdd", "rev": "5a775c6ffd6e6125947b393872cde95867d85a2a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1977,11 +2029,11 @@
"tinted-tmux": { "tinted-tmux": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1745111349, "lastModified": 1751159871,
"narHash": "sha256-udV+nHdpqgkJI9D0mtvvAzbqubt9jdifS/KhTTbJ45w=", "narHash": "sha256-UOHBN1fgHIEzvPmdNMHaDvdRMgLmEJh2hNmDrp3d3LE=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "tinted-tmux", "repo": "tinted-tmux",
"rev": "e009f18a01182b63559fb28f1c786eb027c3dee9", "rev": "bded5e24407cec9d01bd47a317d15b9223a1546c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1993,11 +2045,11 @@
"tinted-zed": { "tinted-zed": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1725758778, "lastModified": 1751158968,
"narHash": "sha256-8P1b6mJWyYcu36WRlSVbuj575QWIFZALZMTg5ID/sM4=", "narHash": "sha256-ksOyv7D3SRRtebpXxgpG4TK8gZSKFc4TIZpR+C98jX8=",
"owner": "tinted-theming", "owner": "tinted-theming",
"repo": "base16-zed", "repo": "base16-zed",
"rev": "122c9e5c0e6f27211361a04fae92df97940eccf9", "rev": "86a470d94204f7652b906ab0d378e4231a5b3384",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -2009,16 +2061,17 @@
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nur", "stockholm",
"buildbot-nix",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1733222881, "lastModified": 1750931469,
"narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", "narHash": "sha256-0IEdQB1nS+uViQw4k3VGUXntjkDp7aAlqcxdewb/hAc=",
"owner": "numtide", "owner": "numtide",
"repo": "treefmt-nix", "repo": "treefmt-nix",
"rev": "49717b5af6f80172275d47a418c9719a31a78b53", "rev": "ac8e6f32e11e9c7f153823abc3ab007f2a65d3e1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -2028,28 +2081,6 @@
} }
}, },
"treefmt-nix_2": { "treefmt-nix_2": {
"inputs": {
"nixpkgs": [
"stockholm",
"buildbot-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1746216483,
"narHash": "sha256-4h3s1L/kKqt3gMDcVfN8/4v2jqHrgLIe4qok4ApH5x4=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "29ec5026372e0dec56f890e50dbe4f45930320fd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_3": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"stylix", "stylix",
@@ -2132,7 +2163,7 @@
"flake-utils": [ "flake-utils": [
"flake-utils" "flake-utils"
], ],
"nixpkgs": "nixpkgs_11" "nixpkgs": "nixpkgs_13"
}, },
"locked": { "locked": {
"lastModified": 1615819231, "lastModified": 1615819231,

16
flake.nix
View File

@@ -2,6 +2,8 @@
description = "niveum: packages, modules, systems"; description = "niveum: packages, modules, systems";
inputs = { inputs = {
self.submodules = true;
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
# alew-web.url = "git+ssh://gitea@code.kmein.de:22022/kfm/alew-web.git?ref=refs/heads/master"; # alew-web.url = "git+ssh://gitea@code.kmein.de:22022/kfm/alew-web.git?ref=refs/heads/master";
coptic-dictionary.url = "github:kmein/coptic-dictionary"; coptic-dictionary.url = "github:kmein/coptic-dictionary";
@@ -26,6 +28,7 @@
voidrice.url = "github:Lukesmithxyz/voidrice"; voidrice.url = "github:Lukesmithxyz/voidrice";
wallpaper-generator.url = "github:pinpox/wallpaper-generator/v1.1"; wallpaper-generator.url = "github:pinpox/wallpaper-generator/v1.1";
wallpapers.url = "github:kmein/wallpapers"; wallpapers.url = "github:kmein/wallpapers";
ical-ephemeris.url = "git+ssh://gitea@code.kmein.de:22022/kfm/ical-ephemeris";
agenix.inputs.home-manager.follows = "home-manager"; agenix.inputs.home-manager.follows = "home-manager";
agenix.inputs.nixpkgs.follows = "nixpkgs"; agenix.inputs.nixpkgs.follows = "nixpkgs";
@@ -120,7 +123,7 @@
exec ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch \ exec ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch \
--max-jobs 2 \ --max-jobs 2 \
--log-format internal-json \ --log-format internal-json \
--flake .?submodules=1#${hostname} \ --flake .#${hostname} \
--target-host ${targets.${hostname}} 2>&1 \ --target-host ${targets.${hostname}} 2>&1 \
| ${pkgs.nix-output-monitor}/bin/nom --json | ${pkgs.nix-output-monitor}/bin/nom --json
''); '');
@@ -129,7 +132,7 @@
deploy-ful = { deploy-ful = {
type = "app"; type = "app";
program = toString (pkgs.writers.writeDash "deploy-ful" '' program = toString (pkgs.writers.writeDash "deploy-ful" ''
exec ${pkgs.nix}/bin/nix run .?submodules=1#nixinate.ful \ exec ${pkgs.nix}/bin/nix run .#nixinate.ful \
--log-format internal-json 2>&1 \ --log-format internal-json 2>&1 \
| ${pkgs.nix-output-monitor}/bin/nom --json | ${pkgs.nix-output-monitor}/bin/nom --json
''); '');
@@ -146,6 +149,7 @@
power-action = import modules/power-action.nix; power-action = import modules/power-action.nix;
system-dependent = import modules/system-dependent.nix; system-dependent = import modules/system-dependent.nix;
telegram-bot = import modules/telegram-bot.nix; telegram-bot = import modules/telegram-bot.nix;
go-webring = import modules/go-webring.nix;
}; };
lib = { lib = {
@@ -206,7 +210,9 @@
systems/ful/configuration.nix systems/ful/configuration.nix
agenix.nixosModules.default agenix.nixosModules.default
inputs.self.nixosModules.passport inputs.self.nixosModules.passport
inputs.ical-ephemeris.nixosModules.default
inputs.self.nixosModules.panoptikon inputs.self.nixosModules.panoptikon
inputs.self.nixosModules.go-webring
inputs.self.nixosModules.htgen inputs.self.nixosModules.htgen
inputs.stockholm.nixosModules.reaktor2 inputs.stockholm.nixosModules.reaktor2
retiolum.nixosModules.retiolum retiolum.nixosModules.retiolum
@@ -239,6 +245,7 @@
systems/kibbeh/configuration.nix systems/kibbeh/configuration.nix
agenix.nixosModules.default agenix.nixosModules.default
retiolum.nixosModules.retiolum retiolum.nixosModules.retiolum
home-manager.nixosModules.home-manager
]; ];
}; };
makanek = nixpkgs.lib.nixosSystem rec { makanek = nixpkgs.lib.nixosSystem rec {
@@ -314,6 +321,7 @@
// flake-utils.lib.eachSystem [flake-utils.lib.system.x86_64-linux flake-utils.lib.system.x86_64-darwin flake-utils.lib.system.aarch64-linux] (system: let // flake-utils.lib.eachSystem [flake-utils.lib.system.x86_64-linux flake-utils.lib.system.x86_64-darwin flake-utils.lib.system.aarch64-linux] (system: let
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
config.allowUnfree = true;
overlays = [ overlays = [
nur.overlays.default nur.overlays.default
(self: super: { (self: super: {
@@ -398,6 +406,7 @@
q = pkgs.callPackage packages/q.nix {}; q = pkgs.callPackage packages/q.nix {};
qrpaste = pkgs.callPackage packages/qrpaste.nix {}; qrpaste = pkgs.callPackage packages/qrpaste.nix {};
random-zeno = pkgs.callPackage packages/random-zeno.nix {}; random-zeno = pkgs.callPackage packages/random-zeno.nix {};
go-webring = pkgs.callPackage packages/go-webring.nix {};
rfc = pkgs.callPackage packages/rfc.nix {}; rfc = pkgs.callPackage packages/rfc.nix {};
gimp = pkgs.callPackage packages/gimp.nix {}; gimp = pkgs.callPackage packages/gimp.nix {};
scanned = pkgs.callPackage packages/scanned.nix {}; scanned = pkgs.callPackage packages/scanned.nix {};
@@ -409,6 +418,7 @@
ttspaste = pkgs.callPackage packages/ttspaste.nix {}; ttspaste = pkgs.callPackage packages/ttspaste.nix {};
unicodmenu = pkgs.callPackage packages/unicodmenu.nix {}; unicodmenu = pkgs.callPackage packages/unicodmenu.nix {};
emailmenu = pkgs.callPackage packages/emailmenu.nix {}; emailmenu = pkgs.callPackage packages/emailmenu.nix {};
stag = pkgs.callPackage packages/stag.nix {};
untilport = pkgs.callPackage packages/untilport.nix {}; untilport = pkgs.callPackage packages/untilport.nix {};
vg = pkgs.callPackage packages/vg.nix {}; vg = pkgs.callPackage packages/vg.nix {};
vim = pkgs.callPackage packages/vim.nix {niveumPackages = self.packages.${system};}; vim = pkgs.callPackage packages/vim.nix {niveumPackages = self.packages.${system};};
@@ -418,6 +428,8 @@
vimPlugins-icalendar-vim = pkgs.callPackage packages/vimPlugins/icalendar-vim.nix {}; vimPlugins-icalendar-vim = pkgs.callPackage packages/vimPlugins/icalendar-vim.nix {};
vimPlugins-jq-vim = pkgs.callPackage packages/vimPlugins/jq-vim.nix {}; vimPlugins-jq-vim = pkgs.callPackage packages/vimPlugins/jq-vim.nix {};
vimPlugins-typst-vim = pkgs.callPackage packages/vimPlugins/typst-vim.nix {}; vimPlugins-typst-vim = pkgs.callPackage packages/vimPlugins/typst-vim.nix {};
vimPlugins-mdwa-nvim = pkgs.callPackage packages/vimPlugins/mdwa-nvim.nix {};
vimPlugins-vim-ernest = pkgs.callPackage packages/vimPlugins/vim-ernest.nix {};
vimPlugins-vim-256noir = pkgs.callPackage packages/vimPlugins/vim-256noir.nix {}; vimPlugins-vim-256noir = pkgs.callPackage packages/vimPlugins/vim-256noir.nix {};
vimPlugins-vim-colors-paramount = pkgs.callPackage packages/vimPlugins/vim-colors-paramount.nix {}; vimPlugins-vim-colors-paramount = pkgs.callPackage packages/vimPlugins/vim-colors-paramount.nix {};
vimPlugins-vim-fetch = pkgs.callPackage packages/vimPlugins/vim-fetch.nix {}; vimPlugins-vim-fetch = pkgs.callPackage packages/vimPlugins/vim-fetch.nix {};

10
lib/local-network.nix
View File

@@ -1,10 +1,4 @@
{ {
toum = "192.168.178.24"; officejet = "192.168.0.251";
zaatar = "192.168.178.21"; router = "192.168.0.1";
kabsa = "192.168.178.32";
android = "192.168.178.35";
manakish = "192.168.178.29";
officejet = "192.168.178.27";
fritzbox = "192.168.178.1";
} }

1
lib/vim/init.lua
View File

@@ -91,6 +91,7 @@ local language_servers = {
-- tsserver = {}, -- typescript-language-server -- tsserver = {}, -- typescript-language-server
cssls = {}, cssls = {},
elmls = {}, -- elm-language-server elmls = {}, -- elm-language-server
gopls = {}, -- gopls
denols = {}, -- deno built in denols = {}, -- deno built in
bashls = {}, -- bash-language-server bashls = {}, -- bash-language-server
lua_ls = { lua_ls = {

11
lib/vim/init.vim
View File

@@ -124,3 +124,14 @@ set complete+=kspell
let g:pandoc#syntax#conceal#use = 0 let g:pandoc#syntax#conceal#use = 0
let g:pandoc#modules#disabled = [] let g:pandoc#modules#disabled = []
let g:pandoc#spell#default_langs = ['en', 'de'] let g:pandoc#spell#default_langs = ['en', 'de']
autocmd! User GoyoEnter Limelight
autocmd! User GoyoLeave Limelight!
" Disable Copilot for files larger than 100kb
autocmd BufReadPre *
\ let f=getfsize(expand("<afile>"))
\ | if f > 100000 || f == -2
\ | let b:copilot_enabled = v:false
\ | endif

140
modules/go-webring.nix Normal file
View File

@@ -0,0 +1,140 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib)
mkEnableOption
mkPackageOption
mkOption
types
literalExpression
mkIf
;
cfg = config.services.go-webring;
defaultAddress = "127.0.0.1:2857";
in
{
options = {
services.go-webring = {
enable = mkEnableOption "go-webring";
package = mkPackageOption pkgs "go-webring" { };
contactInstructions = mkOption {
type = types.nullOr types.str;
default = null;
description = "Contact instructions for errors";
example = "contact the admin and let them know what's up";
};
host = mkOption {
type = types.str;
description = "Host this webring runs on, primarily used for validation";
example = "my-webri.ng";
};
homePageTemplate = mkOption {
type = types.str;
description = ''
This should be any HTML file with the string "{{ . }}" placed
wherever you want the table of members inserted. This table is
plain HTML so you can style it with CSS.
'';
};
listenAddress = mkOption {
type = types.str;
default = defaultAddress;
description = "Host and port go-webring will listen on";
};
members = mkOption {
type = types.listOf (
types.submodule {
options = {
username = mkOption {
type = types.str;
description = "Member's name";
};
site = mkOption {
type = types.str;
description = "Member's site URL";
};
};
}
);
description = "List of members in the webring";
};
};
};
config = mkIf cfg.enable {
systemd.services.go-webring = {
description = "go-webring service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
requires = [ "network.target" ];
serviceConfig = {
Type = "simple";
ExecStart = ''
${lib.getExe cfg.package} \
${lib.optionalString (cfg.contactInstructions != null) ("--contact " + lib.escapeShellArg cfg.contactInstructions)} \
--host ${cfg.host} \
--index ${pkgs.writeText "index.html" cfg.homePageTemplate} \
--listen ${cfg.listenAddress} \
--members ${
pkgs.writeText "list.txt" (
lib.concatMapStrings (member: member.username + " " + member.site + "\n") cfg.members
)
}
'';
User = "go-webring";
DynamicUser = true;
RuntimeDirectory = "go-webring";
WorkingDirectory = "/var/lib/go-webring";
StateDirectory = "go-webring";
RuntimeDirectoryMode = "0750";
Restart = "always";
RestartSec = 5;
# Hardening
CapabilityBoundingSet = [ "" ];
DeviceAllow = [ "" ];
LockPersonality = true;
MemoryDenyWriteExecute = true;
PrivateDevices = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
];
UMask = "0077";
};
};
environment.systemPackages = [ cfg.package ];
};
}

21
packages/go-webring.nix Normal file
View File

@@ -0,0 +1,21 @@
{ buildGoModule, fetchgit, lib }:
buildGoModule {
pname = "go-webring";
version = "2024-12-18";
src = fetchgit {
url = "https://git.sr.ht/~amolith/go-webring";
rev = "0b5b1bf21ff91119ea2dd042ee9fe94e9d1cd8d4";
hash = "sha256-az6vBOGiZmzfsMjYUacXMHhDeRDmVI/arCKCpHeTcns=";
};
vendorHash = "sha256-3PnXB8AfZtgmYEPJuh0fwvG38dtngoS/lxyx3H+rvFs=";
meta = {
mainProgram = "go-webring";
description = "Simple webring implementation";
homepage = "https://git.sr.ht/~amolith/go-webring";
license = lib.licenses.bsd2; # cc0 as well
maintainers = [ lib.maintainers.kmein ];
};
}

2
packages/obsidian-vim.nix
View File

@@ -22,7 +22,7 @@ neovim.override {
\ 'path': '${obsidiantVaultDirectory}', \ 'path': '${obsidiantVaultDirectory}',
\ 'syntax': 'markdown', \ 'syntax': 'markdown',
\ 'ext': '.md', \ 'ext': '.md',
\ 'diary_rel_path' '.', \ 'diary_rel_path': '.',
\}] \}]
let NERDTreeSortOrder = ['[[-timestamp]]'] let NERDTreeSortOrder = ['[[-timestamp]]']

4
packages/scanned.nix
View File

@@ -2,8 +2,12 @@
{ {
writers, writers,
imagemagick, imagemagick,
ghostscript,
lib
}: }:
writers.writeDashBin "scanned" '' writers.writeDashBin "scanned" ''
export PATH=${lib.makeBinPath [ imagemagick ghostscript ]}:$PATH
[ $# -eq 1 -a -f "$1" -a -r "$1" ] || exit 1 [ $# -eq 1 -a -f "$1" -a -r "$1" ] || exit 1
${imagemagick}/bin/convert \ ${imagemagick}/bin/convert \

45
packages/stag.nix Normal file
View File

@@ -0,0 +1,45 @@
{
lib,
stdenv,
fetchFromGitHub,
ncurses,
taglib,
zlib,
}:
stdenv.mkDerivation rec {
pname = "stag";
version = "1.0";
src = fetchFromGitHub {
owner = "smabie";
repo = "stag";
rev = "v${version}";
hash = "sha256-IWb6ZbPlFfEvZogPh8nMqXatrg206BTV2DYg7BMm7R4=";
};
buildInputs = [
ncurses
taglib
zlib
];
buildPhase = ''
make all
'';
installPhase = ''
mkdir -p $out/bin
cp stag $out/bin/
mkdir -p $out/man/man1
mv stag.1 $out/man/man1/
'';
meta = {
description = "public domain utf8 curses based audio file tagger";
homepage = "https://github.com/smabie/stag";
license = lib.licenses.publicDomain;
maintainers = [ lib.maintainers.kmein ];
platforms = lib.platforms.unix;
source = src;
};
}

7
packages/vim.nix
View File

@@ -40,6 +40,13 @@
editorconfig-vim editorconfig-vim
copilot-vim
goyo
limelight-vim
niveumPackages.vimPlugins-mdwa-nvim
niveumPackages.vimPlugins-vim-ernest
fzf-vim fzf-vim
fzfWrapper fzfWrapper
supertab supertab

14
packages/vimPlugins/mdwa-nvim.nix Normal file
View File

@@ -0,0 +1,14 @@
{
vimUtils,
fetchFromGitHub,
lib,
}: (vimUtils.buildVimPluginFrom2Nix {
pname = "mdwa.nvim";
version = "9f37270";
src = fetchFromGitHub {
owner = "tihawk";
repo = "mdwa.nvim";
rev = "9f3727037e0d85fd0930334b91b9687a5a880192";
hash = "sha256-h2jy2E+pN2Ma/5n9Eq2oXr9xHma2OxxVvx9EJ+bIYxA=";
};
})

14
packages/vimPlugins/vim-ernest.nix Normal file
View File

@@ -0,0 +1,14 @@
{
vimUtils,
fetchFromGitHub,
lib,
}: (vimUtils.buildVimPluginFrom2Nix {
pname = "vim-ernest";
version = "4b99bc3";
src = fetchFromGitHub {
owner = "lgalke";
repo = "vim-ernest";
rev = "4b99bc3fe3deb7bb958ad2f64cad93569eeb50d7";
hash = "sha256-AUuRnnZU39XUerBxNelEqVyDAalRm3VGNUQb15fjXjM=";
};
})

2
secrets

Submodule secrets updated: e14a3170cc...236a3353a7

4
secrets.txt
View File

@@ -1,8 +1,11 @@
secrets/alertmanager-token-reporters.age secrets/alertmanager-token-reporters.age
secrets/brevo-key.age
secrets/cifs-credentials-zodiac.age secrets/cifs-credentials-zodiac.age
secrets/copecart-ipn.age
secrets/di-fm-key.age secrets/di-fm-key.age
secrets/email-password-cock.age secrets/email-password-cock.age
secrets/email-password-fysi.age secrets/email-password-fysi.age
secrets/email-password-ical-ephemeris.age
secrets/email-password-letos.age secrets/email-password-letos.age
secrets/email-password-meinhak99.age secrets/email-password-meinhak99.age
secrets/email-password-posteo.age secrets/email-password-posteo.age
@@ -76,6 +79,7 @@ secrets/telegram-token-proverb.age
secrets/telegram-token-reverse.age secrets/telegram-token-reverse.age
secrets/telegram-token-streaming-link.age secrets/telegram-token-streaming-link.age
secrets/weechat-sec.conf.age secrets/weechat-sec.conf.age
secrets/wifi.age
secrets/zaatar-moodle-dl-basicAuth.age secrets/zaatar-moodle-dl-basicAuth.age
secrets/zaatar-moodle-dl-tokens.json.age secrets/zaatar-moodle-dl-tokens.json.age
secrets/zaatar-retiolum-privateKey-ed25519.age secrets/zaatar-retiolum-privateKey-ed25519.age

1
systems/fatteh/configuration.nix
View File

@@ -9,6 +9,7 @@ in {
./hardware-configuration.nix ./hardware-configuration.nix
../../configs/networkmanager.nix ../../configs/networkmanager.nix
../../configs/default.nix ../../configs/default.nix
../../configs/0ad.nix
# ../../configs/gnome.nix # ../../configs/gnome.nix
]; ];

6
systems/ful/configuration.nix
View File

@@ -2,6 +2,7 @@
config, config,
pkgs, pkgs,
lib, lib,
inputs,
... ...
}: let }: let
inherit (import ../../lib) kieran retiolumAddresses restic; inherit (import ../../lib) kieran retiolumAddresses restic;
@@ -12,8 +13,10 @@ in {
./radio.nix ./radio.nix
./panoptikon.nix ./panoptikon.nix
./hledger.nix ./hledger.nix
./go-webring.nix
./gemini.nix
./ical-ephemeris.nix
./wallabag.nix ./wallabag.nix
./alew.nix
../../configs/monitoring.nix ../../configs/monitoring.nix
../../configs/mycelium.nix ../../configs/mycelium.nix
../../configs/tor.nix ../../configs/tor.nix
@@ -69,7 +72,6 @@ in {
]; ];
}; };
users.users.servant = { users.users.servant = {
isSystemUser = true; isSystemUser = true;
group = "servant"; group = "servant";

15
systems/ful/gemini.nix Normal file
View File

@@ -0,0 +1,15 @@
{ config, ... }:
{
networking.firewall.allowedTCPPorts = [ 1965 ];
services.agate = {
enable = true;
addresses = [ "0.0.0.0:1965" ];
hostnames = [ "kmein.de" ];
language = "de";
};
services.restic.backups.niveum.paths = [
config.services.agate.contentDir
config.services.agate.certificatesDir
];
}

39
systems/ful/go-webring.nix Normal file
View File

@@ -0,0 +1,39 @@
{ config, niveumPackages ,... }:
let
port = 2857;
in
{
services.go-webring = {
enable = true;
host = "dichtungsring.kmein.de";
listenAddress = "127.0.0.1:${toString port}";
package = niveumPackages.go-webring;
members = [
{ username = "meteora"; site = "meteora.xn--kiern-0qa.de"; }
{ username = "huldra"; site = "huldras-halbtraum.com"; }
];
homePageTemplate = ''
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Dichtungsring</title>
</head>
<body>
<h1>Willkommen beim Dichtungs-Ring</h1>
<p>Ein <a href="https://de.wikipedia.org/wiki/Webring">Webring</a> für die Dichtung.</p>
<section id="members">
<table><tbody>{{ . }}</tbody></table>
</section>
</body>
</html>
'';
};
services.nginx.virtualHosts."dichtungsring.kmein.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://${config.services.go-webring.listenAddress}";
};
}

24
systems/ful/ical-ephemeris.nix Normal file
View File

@@ -0,0 +1,24 @@
{ config, ... }:
let
port = 9090;
in
{
services.nginx.virtualHosts."ical-ephemeris.kmein.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}/";
};
};
services.ical-ephemeris = {
enable = true;
inherit port;
brevoApiKeyFile = config.age.secrets.brevo-key.path;
baseUrl = "https://ical-ephemeris.kmein.de";
};
age.secrets.brevo-key = {
file = ../../secrets/brevo-key.age;
};
}

19
systems/makanek/configuration.nix
View File

@@ -48,7 +48,7 @@ in {
config.services.grafana.dataDir config.services.grafana.dataDir
config.services.gitea.stateDir config.services.gitea.stateDir
config.services.weechat.root config.services.weechat.root
config.services.nginx.virtualHosts."www.kmein.de".root config.services.nginx.virtualHosts."www.kmein.de".locations."/".root
"/var/lib/weechat" "/var/lib/weechat"
"/var/lib/codimd" "/var/lib/codimd"
]; ];
@@ -121,7 +121,22 @@ in {
services.nginx.virtualHosts."www.kmein.de" = { services.nginx.virtualHosts."www.kmein.de" = {
addSSL = true; addSSL = true;
enableACME = true; enableACME = true;
root = "/var/www/kmein.de"; locations."/" = {
root = "/var/www/kmein.de";
extraConfig = ''
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
# Handle preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
return 204; # No Content
}
'';
};
}; };
environment.systemPackages = [ environment.systemPackages = [

351
systems/makanek/monitoring/default.nix
View File

@@ -3,11 +3,13 @@
config, config,
pkgs, pkgs,
... ...
}: let }:
let
lokiConfig = import ./loki.nix; lokiConfig = import ./loki.nix;
blackboxConfig = import ./blackbox.nix; blackboxConfig = import ./blackbox.nix;
inherit (import ../../../lib) restic; inherit (import ../../../lib) restic;
in { in
{
services.grafana = { services.grafana = {
enable = true; enable = true;
settings = { settings = {
@@ -80,143 +82,150 @@ in {
} }
]; ];
services.prometheus.rules = let services.prometheus.rules =
diskFreeThreshold = 10; let
in [ diskFreeThreshold = 10;
(builtins.toJSON { in
groups = [ [
{ (builtins.toJSON {
name = "niveum"; groups = [
rules = [ {
{ name = "niveum";
alert = "HostSystemdServiceCrashed"; rules = [
expr = ''(node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}''; {
annotations = { alert = "HostSystemdServiceCrashed";
description = "{{$labels.name}} failed on {{$labels.instance}}"; expr = ''(node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}'';
}; annotations = {
} description = "{{$labels.name}} failed on {{$labels.instance}}";
{ };
alert = "RootPartitionFull"; }
for = "10m"; {
expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}''; alert = "RootPartitionFull";
annotations = { for = "10m";
description = ''{{ $labels.instance }} running out of space: {{ $value | printf "%.2f" }}% < ${toString diskFreeThreshold}%''; expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
}; annotations = {
} description = ''{{ $labels.instance }} running out of space: {{ $value | printf "%.2f" }}% < ${toString diskFreeThreshold}%'';
{ };
alert = "RootPartitionFullWeek"; }
for = "1h"; {
expr = alert = "RootPartitionFullWeek";
''node_filesystem_free_bytes{mountpoint="/"} '' for = "1h";
+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0''; expr =
annotations = { ''node_filesystem_free_bytes{mountpoint="/"} ''
description = "{{$labels.instance}} running out of space in 7 days"; + ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
}; annotations = {
} description = "{{$labels.instance}} running out of space in 7 days";
{ };
alert = "HighLoad"; }
expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0''; {
for = "10m"; alert = "HighLoad";
annotations = { expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
description = "{{$labels.instance}} running on high load: {{$value}}"; for = "10m";
}; annotations = {
} description = "{{$labels.instance}} running on high load: {{$value}}";
{ };
alert = "HostUnusualNetworkThroughputIn"; }
expr = ''(rate(node_network_receive_bytes_total[2m])) / 1024 / 1024 > 100''; {
for = "5m"; alert = "HostUnusualNetworkThroughputIn";
annotations.description = "Host unusual network throughput in (instance {{ $labels.instance }})"; expr = ''(rate(node_network_receive_bytes_total[2m])) / 1024 / 1024 > 100'';
} for = "5m";
{ annotations.description = "Host unusual network throughput in (instance {{ $labels.instance }})";
alert = "HostUnusualNetworkThroughputOut"; }
expr = ''(rate(node_network_transmit_bytes_total[2m])) / 1024 / 1024 > 100''; {
for = "5m"; alert = "HostUnusualNetworkThroughputOut";
annotations.description = "Host unusual network throughput out (instance {{ $labels.instance }})"; expr = ''(rate(node_network_transmit_bytes_total[2m])) / 1024 / 1024 > 100'';
} for = "5m";
{ annotations.description = "Host unusual network throughput out (instance {{ $labels.instance }})";
alert = "HostUnusualDiskReadRate"; }
expr = ''(rate(node_disk_read_bytes_total[2m])) / 1024 / 1024 > 50''; {
for = "5m"; alert = "HostUnusualDiskReadRate";
annotations.description = "Host unusual disk read rate (instance {{ $labels.instance }})"; expr = ''(rate(node_disk_read_bytes_total[2m])) / 1024 / 1024 > 50'';
} for = "5m";
{ annotations.description = "Host unusual disk read rate (instance {{ $labels.instance }})";
alert = "HostUnusualDiskWriteRate"; }
expr = ''(rate(node_disk_written_bytes_total[2m])) / 1024 / 1024 > 50''; {
for = "2m"; alert = "HostUnusualDiskWriteRate";
annotations.description = "Host unusual disk write rate (instance {{ $labels.instance }})"; expr = ''(rate(node_disk_written_bytes_total[2m])) / 1024 / 1024 > 50'';
} for = "2m";
{ annotations.description = "Host unusual disk write rate (instance {{ $labels.instance }})";
alert = "HostOutOfInodes"; }
expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and ON (instance, device, mountpoint) node_filesystem_readonly == 0''; {
for = "2m"; alert = "HostOutOfInodes";
annotations.description = "Host out of inodes (instance {{ $labels.instance }})"; expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and ON (instance, device, mountpoint) node_filesystem_readonly == 0'';
} for = "2m";
{ annotations.description = "Host out of inodes (instance {{ $labels.instance }})";
alert = "HostInodesWillFillIn24Hours"; }
expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0''; {
for = "2m"; alert = "HostInodesWillFillIn24Hours";
annotations.description = "Host inodes will fill in 24 hours (instance {{ $labels.instance }})"; expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0'';
} for = "2m";
{ annotations.description = "Host inodes will fill in 24 hours (instance {{ $labels.instance }})";
alert = "HighRAM"; }
expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1"; {
for = "1h"; alert = "HighRAM";
annotations.description = "{{$labels.instance}} using lots of RAM"; expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
} for = "1h";
{ annotations.description = "{{$labels.instance}} using lots of RAM";
alert = "UptimeMonster"; }
expr = "time() - node_boot_time_seconds > 2592000"; {
annotations.description = "uptime monster {{$labels.instance}} up for more than 30 days"; alert = "UptimeMonster";
} expr = "time() - node_boot_time_seconds > 2592000";
{ annotations.description = "uptime monster {{$labels.instance}} up for more than 30 days";
alert = "HostDown"; }
expr = ''up == 0''; {
for = "5m"; alert = "HostDown";
annotations = { expr = ''up == 0'';
description = "{{ $labels.instance }} seeming down since 5 minutes"; for = "5m";
}; annotations = {
} description = "{{ $labels.instance }} seeming down since 5 minutes";
{ };
alert = "Reboot"; }
expr = "time() - node_boot_time_seconds < 300"; {
annotations.description = "{{$labels.instance}} rebooted"; alert = "Reboot";
} expr = "time() - node_boot_time_seconds < 300";
{ annotations.description = "{{$labels.instance}} rebooted";
alert = "ProbeFailed"; }
expr = "probe_success == 0"; {
for = "5m"; alert = "Mastodon";
annotations.description = "HTTP probe failed for {{$labels.instance}}"; expr = ''probe_success{instance="https://social.krebsco.de"}'';
} for = "5m";
{ annotations.description = "Mastodon instance {{$labels.instance}} is down";
alert = "SlowProbe"; }
expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1"; {
for = "5m"; alert = "ProbeFailed";
annotations.description = "HTTP probe slow for {{$labels.instance}}"; expr = "probe_success == 0";
} for = "5m";
{ annotations.description = "HTTP probe failed for {{$labels.instance}}";
alert = "HttpStatusCode"; }
expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)"; {
for = "5m"; alert = "SlowProbe";
annotations.description = "status code {{$value}} for {{$labels.instance}}"; expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
} for = "5m";
{ annotations.description = "HTTP probe slow for {{$labels.instance}}";
alert = "SslExpirySoon"; }
expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30"; {
for = "5m"; alert = "HttpStatusCode";
annotations.description = "SSL certificate for {{$labels.instance}} expires in 30 days"; expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
} for = "5m";
{ annotations.description = "status code {{$value}} for {{$labels.instance}}";
alert = "SslExpiry"; }
expr = "probe_ssl_earliest_cert_expiry - time() <= 0"; {
for = "5m"; alert = "SslExpirySoon";
annotations.description = "SSL certificate for {{$labels.instance}} has expired"; expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
} for = "5m";
]; annotations.description = "SSL certificate for {{$labels.instance}} expires in 30 days";
} }
]; {
}) alert = "SslExpiry";
]; expr = "probe_ssl_earliest_cert_expiry - time() <= 0";
for = "5m";
annotations.description = "SSL certificate for {{$labels.instance}} has expired";
}
];
}
];
})
];
# ref https://github.com/Mic92/dotfiles/blob/f44bac5dd6970ed3fbb4feb906917331ec3c2be5/machines/eva/modules/prometheus/default.nix # ref https://github.com/Mic92/dotfiles/blob/f44bac5dd6970ed3fbb4feb906917331ec3c2be5/machines/eva/modules/prometheus/default.nix
systemd.services.matrix-hook = { systemd.services.matrix-hook = {
@@ -246,6 +255,33 @@ in {
}; };
}; };
systemd.services.matrix-hook-lassulus = {
description = "Matrix Hook";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment = {
HTTP_ADDRESS = "[::1]";
HTTP_PORT = "9089";
MX_HOMESERVER = "https://matrix.4d2.org";
MX_ID = "@lakai:4d2.org";
MX_ROOMID = "!MJAGqBAOKZGMywzwkI:lassul.us";
MX_MSG_TEMPLATE = "${pkgs.matrix-hook}/message.html.tmpl";
};
serviceConfig = {
EnvironmentFile = [
# format: MX_TOKEN=<token>
config.age.secrets.matrix-token-lakai-env.path
];
Type = "simple";
ExecStart = "${pkgs.matrix-hook}/bin/matrix-hook";
Restart = "always";
RestartSec = "10";
DynamicUser = true;
User = "matrix-hook";
Group = "matrix-hook";
};
};
age.secrets = { age.secrets = {
matrix-token-lakai-env.file = ../../../secrets/matrix-token-lakai-env.age; matrix-token-lakai-env.file = ../../../secrets/matrix-token-lakai-env.age;
}; };
@@ -260,8 +296,23 @@ in {
group_wait = "30s"; group_wait = "30s";
repeat_interval = "24h"; repeat_interval = "24h";
receiver = "matrix"; receiver = "matrix";
routes = [
{
receiver = "lassulus";
matchers = [ "alertname = \"Mastodon\"" ];
}
];
}; };
receivers = [ receivers = [
{
name = "lassulus";
webhook_configs = [
{
url = "http://localhost:9089/alert";
max_alerts = 5;
}
];
}
{ {
name = "matrix"; name = "matrix";
webhook_configs = [ webhook_configs = [
@@ -306,13 +357,21 @@ in {
{ {
scheme = "http"; scheme = "http";
path_prefix = "/"; path_prefix = "/";
static_configs = [{targets = ["localhost:${toString config.services.prometheus.alertmanager.port}"];}]; static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.alertmanager.port}" ]; }
];
} }
]; ];
# otherwise bearer_token_file will fail # otherwise bearer_token_file will fail
services.prometheus.checkConfig = "syntax-only"; services.prometheus.checkConfig = "syntax-only";
services.prometheus.extraFlags = [
"--storage.tsdb.retention.time=7d"
"--storage.tsdb.retention.size=2GB"
"--storage.tsdb.wal-compression"
];
services.prometheus.scrapeConfigs = [ services.prometheus.scrapeConfigs = [
{ {
job_name = "makanek"; job_name = "makanek";
@@ -328,14 +387,14 @@ in {
scrape_interval = "5m"; scrape_interval = "5m";
job_name = "blackbox"; job_name = "blackbox";
metrics_path = "/probe"; metrics_path = "/probe";
params.module = ["http_2xx"]; params.module = [ "http_2xx" ];
relabel_configs = [ relabel_configs = [
{ {
source_labels = ["__address__"]; source_labels = [ "__address__" ];
target_label = "__param_target"; target_label = "__param_target";
} }
{ {
source_labels = ["__param_target"]; source_labels = [ "__param_target" ];
target_label = "instance"; target_label = "instance";
} }
{ {
@@ -393,7 +452,7 @@ in {
scrape_interval = "60s"; scrape_interval = "60s";
metrics_path = "/api/prometheus"; metrics_path = "/api/prometheus";
scheme = "http"; scheme = "http";
static_configs = [{targets = ["zaatar.r:8123"];}]; static_configs = [ { targets = [ "zaatar.r:8123" ]; } ];
bearer_token_file = config.age.secrets.home-assistant-token.path; bearer_token_file = config.age.secrets.home-assistant-token.path;
} }
{ {
@@ -410,7 +469,7 @@ in {
services.prometheus.exporters.blackbox = { services.prometheus.exporters.blackbox = {
enable = true; enable = true;
configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig; configFile = (pkgs.formats.yaml { }).generate "blackbox.yaml" blackboxConfig;
}; };
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
@@ -419,6 +478,6 @@ in {
services.loki = { services.loki = {
enable = true; enable = true;
configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig; configFile = (pkgs.formats.yaml { }).generate "loki.yaml" lokiConfig;
}; };
} }

3
systems/zaatar/configuration.nix
View File

@@ -28,6 +28,9 @@ in {
services.pipewire.systemWide = true; services.pipewire.systemWide = true;
age.secrets = { age.secrets = {
wifi = {
file = ../../secrets/wifi.age;
};
retiolum-rsa = { retiolum-rsa = {
file = ../../secrets/zaatar-retiolum-privateKey-rsa.age; file = ../../secrets/zaatar-retiolum-privateKey-rsa.age;
mode = "400"; mode = "400";