kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-17 02:31:09 +01:00
Code Releases Activity

Compare commits

base: kfm:wayland
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail
..
compare: kfm:a1af05ff48ba7ee7e2741bac0dd9dbe9d5aae254
Branches Tags
kfm:master kfm:update_flake_lock_action kfm:nethack kfm:wayland kfm:feature/hass-prometheus kfm:feature/itools kfm:feature/specus kfm:hass-nix-2 kfm:hass-nix kfm:grimm kfm:mympd kfm:tahina kfm:new-krops kfm:flakes kfm:flakes-2 kfm:20.09 kfm:mail

52 Commits
wayland ... a1af05ff48

Author SHA1 Message Date
Kierán Meinhardt
a1af05ff48 pls: begin download feature 2025-12-04 16:51:03 +01:00
Kierán Meinhardt
83536372f0 stylix: remove home-manager override 2025-12-04 16:50:53 +01:00
Kierán Meinhardt
3357121044 vim: fix lsp config 2025-12-04 16:50:32 +01:00
Kierán Meinhardt
2a7e972256 onomap: disable 2025-12-04 16:19:46 +01:00
Kierán Meinhardt
0d75ab146e secrets: update 2025-12-04 16:19:34 +01:00
Kierán Meinhardt
385ae53c7e weechat-declarative: fix 2025-12-04 16:19:13 +01:00
Kierán Meinhardt
a08c41d3db autorenkalender: get from flake 2025-12-04 16:19:02 +01:00
Kierán Meinhardt
bd84c35138 vim: add elixir plugin 2025-12-04 15:15:46 +01:00
Kierán Meinhardt
04722684aa update 2025-12-04 15:15:45 +01:00
Kierán Meinhardt
025b725551 upgrade to 25.11 2025-12-02 21:37:02 +01:00
Kierán Meinhardt
6411d8a03d update secrets 2025-12-02 19:20:11 +01:00
Kierán Meinhardt
edce4538d8 fonts: montserrat 2025-11-01 20:38:27 +01:00
Kierán Meinhardt
d1dd41bc6b vim: disable copilot by default or else it reads my passwords 2025-11-01 20:38:13 +01:00
Kierán Meinhardt
5d80f6ec0f alertmanager: alert when mastodon is down 2025-10-28 19:08:54 +01:00
Kierán Meinhardt
c8ad9d4433 gpodder 2025-10-24 10:30:04 +02:00
Kierán Meinhardt
0f05e0467a streams: add pakistani radio and dlf nova 2025-10-21 20:30:01 +02:00
Kierán Meinhardt
3c2abbb3b9 fix smyth bot 2025-10-21 20:00:25 +02:00
Kierán Meinhardt
61b5e4bd6e update secrets 2025-10-21 15:42:22 +02:00
Kierán Meinhardt
d4aca5b6f1 reinstate hu vpn, remove fu signature 2025-10-21 15:34:43 +02:00
Kierán Meinhardt
551462f1dd dark colours for the dark half of the year 2025-10-09 07:20:34 +02:00
Kierán Meinhardt
5d954684e1 host ical ephemeris MVP 2025-10-07 11:40:38 +02:00
Kierán Meinhardt
b12373eb1b stag i3 tag editor 2025-10-06 12:54:43 +02:00
Kierán Meinhardt
31e6b28b72 yta: download opus 2025-10-06 12:29:29 +02:00
Kierán Meinhardt
4a77a20c9e aerc: add new email account 2025-10-06 10:28:49 +02:00
Kierán Meinhardt
fe5bbbc647 update menstruation-backend 2025-10-02 23:16:57 +02:00
Kierán Meinhardt
8699f09307 go-webring: fix module 2025-10-02 19:33:46 +02:00
Kierán Meinhardt
d458fb333f fix nixinate call 2025-10-02 19:33:46 +02:00
Kierán Meinhardt
e7264641a2 www.kmein.de fix backup and CORS 2025-10-02 18:34:23 +02:00
Kierán Meinhardt
8afc04f266 scanned: fix PATH 2025-10-02 18:34:10 +02:00
Kierán Meinhardt
427df80396 0ad: add config 2025-10-02 18:33:54 +02:00
Kierán Meinhardt
ff3ba9047f install go tooling 2025-10-02 18:32:40 +02:00
Kierán Meinhardt
1d14174ad5 go-webring 2025-10-02 18:32:23 +02:00
Kierán Meinhardt
a307e2c186 remove old mpd scripts 2025-09-06 19:36:05 +02:00
Kierán Meinhardt
1cc3a7c6e3 install amfora-wrapper (wrapped to work with overall light theme) 2025-09-06 11:57:24 +02:00
Kierán Meinhardt
db33374dc0 host gemini 2025-09-05 08:05:02 +02:00
Kierán Meinhardt
2c75c0d608 obsidian-vim: fix lua syntax 2025-09-04 13:48:39 +02:00
Kierán Meinhardt
f84cd44db5 update local network 2025-09-04 13:48:01 +02:00
Kierán Meinhardt
84cec2eb24 neovim: disable ernest 2025-08-30 17:49:58 +02:00
Kierán Meinhardt
031b934c99 change wifi name 2025-08-30 17:49:58 +02:00
github-actions[bot]
7491396645 flake.lock: Update 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/531beac616433bac6f9e2a19feb8e99a22a66baf?narHash=sha256-9P1FziAwl5%2B3edkfFcr5HeGtQUtrSdk/MksX39GieoA%3D' (2025-06-17)
  → 'github:ryantm/agenix/9edb1787864c4f59ae5074ad498b6272b3ec308d?narHash=sha256-NA/FT2hVhKDftbHSwVnoRTFhes62%2B7dxZbxj5Gxvghs%3D' (2025-08-05)
• Updated input 'home-manager':
    'github:nix-community/home-manager/501cfec8277f931a9c9af9f23d3105c537faeafe?narHash=sha256-tWosziZTT039x6PgEZUhzGlV8oLvdDmIgKTE8ESMaEA%3D' (2025-07-02)
  → 'github:nix-community/home-manager/4a44fb9f7555da362af9d499817084f4288a957f?narHash=sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk%3D' (2025-08-23)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/7a732ed41ca0dd64b4b71b563ab9805a80a7d693?narHash=sha256-u7ubvtxdTnFPpV27AHpgoKn7qHuE7sgWgza/1oj5nzA%3D' (2025-07-03)
  → 'github:NixOS/nixpkgs/9cb344e96d5b6918e94e1bca2d9f3ea1e9615545?narHash=sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A%3D' (2025-08-20)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/07c3e0e2be593551abdccacabe29cc57206b396f?narHash=sha256-30JXBxkJD3pxBBGQwl/DDwxxJDGQ1nvkvWwEtTsmhA8%3D' (2025-07-05)
  → 'github:NixOS/nixpkgs/42e1afa45385017e72b59ad15c3f786d09a704be?narHash=sha256-hG2eV%2B5tMHSE3XFmJTgx87GrTAD3RJz2Lj%2BzM0TShg4%3D' (2025-08-24)
• Updated input 'nur':
    'github:nix-community/NUR/a26411970baba3604e425f23e5293da492069e4a?narHash=sha256-iDjz1tBd/ibtmZZse4k1NBxfPR8g9K5W4sRgCyOnrj0%3D' (2025-07-05)
  → 'github:nix-community/NUR/20caa31dbef80914895e41b56be4cabc740b2126?narHash=sha256-/W53HyLk4qSrPJjYWdD5SK%2B3p0Ns9Bg6MKHoeqLVqi0%3D' (2025-08-23)
• Updated input 'nur/nixpkgs':
    'github:nixos/nixpkgs/3016b4b15d13f3089db8a41ef937b13a9e33a8df?narHash=sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU%2Btt4YY%3D' (2025-06-30)
  → 'github:nixos/nixpkgs/20075955deac2583bb12f07151c2df830ef346b4?narHash=sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs%2BStOp19xNsbqdOg%3D' (2025-08-19)
• Removed input 'nur/treefmt-nix'
• Removed input 'nur/treefmt-nix/nixpkgs'
• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/9e5e62a33a929a67a5427fb7324a6f583dced0b2?narHash=sha256-dYO5X5jK8bpQOeRAo8R5aUt6M/%2BJi1cZgstZI7SQ2IA%3D' (2025-07-05)
  → 'github:oxalica/rust-overlay/897ecf2b25be05e6ccb7661703f9f2fdec155f42?narHash=sha256-r0WnHKwA8DQNSHDmN3LNaqu41GbWDYqLS7IQAGR%2B6Wg%3D' (2025-08-23)
• Updated input 'scripts':
    'github:kmein/scripts/f44c7a4a6caa1ef5d6b7bf7e93acea0d96f30c21?narHash=sha256-mDDxMwKFURX1K1Z8X/kmt%2BjYjswofDf0br%2BMkw2tmSE%3D' (2025-06-02)
  → 'github:kmein/scripts/cc37fa4aec70f53731b9131bb8830b4445b75b3d?narHash=sha256-TnfXFloY4Ntq%2B0hp%2Bq9GGmuhtB1oueFiB%2BpcBUNYzFs%3D' (2025-07-20)
• Updated input 'stockholm':
    'github:krebs/stockholm/d4abc837cc7b87b4f23fe48cc306df26e3de7aab?narHash=sha256-i2s6jU%2B8GLKVjhWDyvFYxmXI7A44c9p6apPPyKt0ETk%3D' (2025-05-13)
  → 'github:krebs/stockholm/fc32e4609140fffa1312a4ca1aeea550b7467448?narHash=sha256-Mo2BkJXIz6HKM8cX2S7bRdX6Q3E1UOcyVL4v10QEUzk%3D' (2025-08-09)
• Updated input 'stockholm/buildbot-nix':
    'github:Mic92/buildbot-nix/7ad9b4886eccb5eecc0686a16266ddabf6cbefe9?narHash=sha256-mRnIdJLP%2B0NSim9ao30ue0Z3ttSuxzXwQG7UN1KuKfU%3D' (2025-05-07)
  → 'github:Mic92/buildbot-nix/47ad4c7afb169df6f9d48d0df3d7e2f71d9ddd8f?narHash=sha256-vCYcc/b8WizF6vnjuRVxSiU8hy9L3vOTWDVKpWM7xRE%3D' (2025-07-03)
• Updated input 'stockholm/buildbot-nix/flake-parts':
    'github:hercules-ci/flake-parts/c621e8422220273271f52058f618c94e405bb0f5?narHash=sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY%3D' (2025-04-01)
  → 'github:hercules-ci/flake-parts/77826244401ea9de6e3bac47c2db46005e1f30b5?narHash=sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ%3D' (2025-07-01)
• Updated input 'stockholm/buildbot-nix/hercules-ci-effects':
    'github:hercules-ci/hercules-ci-effects/5b6cec51c9ec095a0d3fd4c8eeb53eb5c59ae33e?narHash=sha256-1Z4WPGVky4w3lrhrgs89OKsLzPdtkbi1bPLNFWsoLfY%3D' (2025-04-15)
  → 'github:hercules-ci/hercules-ci-effects/231726642197817d20310b9d39dd4afb9e899489?narHash=sha256-EaAJhwfJGBncgIV/0NlJviid2DP93cTMc9h0q6P6xXk%3D' (2025-05-23)
• Updated input 'stockholm/buildbot-nix/treefmt-nix':
    'github:numtide/treefmt-nix/29ec5026372e0dec56f890e50dbe4f45930320fd?narHash=sha256-4h3s1L/kKqt3gMDcVfN8/4v2jqHrgLIe4qok4ApH5x4%3D' (2025-05-02)
  → 'github:numtide/treefmt-nix/ac8e6f32e11e9c7f153823abc3ab007f2a65d3e1?narHash=sha256-0IEdQB1nS%2BuViQw4k3VGUXntjkDp7aAlqcxdewb/hAc%3D' (2025-06-26)
• Updated input 'stockholm/nixpkgs':
    'github:NixOS/nixpkgs/d89fc19e405cb2d55ce7cc114356846a0ee5e956?narHash=sha256-3e%2BAVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ%3D' (2025-05-10)
  → 'github:NixOS/nixpkgs/1fd8bada0b6117e6c7eb54aad5813023eed37ccb?narHash=sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo%3D' (2025-07-06)
• Updated input 'stylix':
    'github:danth/stylix/5dd301b72207d4fd8d8b929abd88ba1c486d1744?narHash=sha256-jqRbWjB8aH2qzq6nMQpwkzVBR4o9lNxAHFmRgGwnJ94%3D' (2025-07-04)
  → 'github:danth/stylix/79be65b20d7b8fb7e8f39ba8121cfe41b7f46808?narHash=sha256-VmheUy4UzWDy/u0TvCCHptgF30peL7wRxkHy7EVpDrQ%3D' (2025-08-20)
• Removed input 'stylix/flake-compat'
• Removed input 'stylix/git-hooks'
• Removed input 'stylix/git-hooks/flake-compat'
• Removed input 'stylix/git-hooks/gitignore'
• Removed input 'stylix/git-hooks/gitignore/nixpkgs'
• Removed input 'stylix/git-hooks/nixpkgs'
• Removed input 'stylix/home-manager'
 2025-08-24 01:09:28 +00:00
Kierán Meinhardt
1c299cafef blake quote 2025-08-09 13:15:39 +02:00
Kierán Meinhardt
cbce724ade reformat 2025-08-07 10:14:07 +02:00
Kierán Meinhardt
00dfe27738 prometheus: decrease log size 2025-08-07 10:13:54 +02:00
Kierán Meinhardt
6e0026ed5c alertmanager: alert lassulus for mastodon outtime 2025-08-07 10:13:01 +02:00
Kierán Meinhardt
d92f382b9a wallpaper: fix for X 2025-08-07 10:12:21 +02:00
Kierán Meinhardt
630ec3d052 stylix: autoenable for homemanager and make apply to tmux 2025-07-25 08:59:31 +02:00
Kierán Meinhardt
bfd7195543 vim: newfangled distraction-free writing plugins 2025-07-25 08:59:00 +02:00
Kierán Meinhardt
0d2481bd78 vim: enable copilot 2025-07-21 18:54:30 +02:00
Kierán Meinhardt
28cd462bc6 sway: remove 2025-07-21 14:49:39 +02:00
Kierán Meinhardt
67358560b8 update 2025-07-11 11:31:09 +02:00
Kierán Meinhardt
675c453599 gammastep 2025-07-11 11:31:00 +02:00
Kierán Meinhardt
e4543eeb0b sway 2025-07-08 20:56:40 +02:00
70 changed files with 1182 additions and 1468 deletions
Expand all files Collapse all files

2
README.md
View File

@@ -1,5 +1,7 @@
# niveum
> I must Create a System, or be enslav'd by another Man's. —William Blake
> [nĭvĕus](https://logeion.uchicago.edu/niveus), a, um, adj. [nix], _of_ or _from snow, snowy, snow-_ (poet.)
>
> 1. Lit.: aggeribus niveis informis, Verg. G. 3, 354: aqua, _cooled with snow_, Mart. 12, 17, 6; cf. id. 14, 104 and 117: mons, _covered with snow_, Cat. 64, 240.—

8
configs/0ad.nix Normal file
View File

@@ -0,0 +1,8 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.zeroad ];
networking.firewall = {
allowedTCPPorts = [ 20595 ];
allowedUDPPorts = [ 20595 ];
};
}

25
configs/aerc.nix
View File

@@ -8,14 +8,14 @@
inherit (import ../lib/email.nix) defaults thunderbirdProfile;
in {
age.secrets = {
email-password-cock = {
file = ../secrets/email-password-cock.age;
email-password-ical-ephemeris = {
file = ../secrets/email-password-ical-ephemeris.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
email-password-letos = {
file = ../secrets/email-password-letos.age;
email-password-cock = {
file = ../secrets/email-password-cock.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
@@ -92,16 +92,17 @@ in {
smtp.port = 25;
smtp.tls.useStartTls = true;
};
letos =
ical-ephemeris =
lib.recursiveUpdate defaults
{
userName = "slfletos";
address = "letos.sprachlit@hu-berlin.de";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-letos.path}";
imap.host = "mailbox.cms.hu-berlin.de";
rec {
userName = "ical.ephemeris@web.de";
realName = "Kieran from iCal Ephemeris";
address = userName;
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-ical-ephemeris.path}";
imap.host = "imap.web.de";
imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 25;
smtp.host = "smtp.web.de";
smtp.port = 587;
smtp.tls.useStartTls = true;
};
posteo =

2
configs/bash.nix
View File

@@ -5,6 +5,6 @@
interactiveShellInit = ''
set -o vi
'';
enableCompletion = true;
completion.enable = true;
};
}

12
configs/bots/autorenkalender.nix
View File

@@ -1,17 +1,9 @@
{
pkgs,
lib,
config,
inputs,
...
}: let
autorenkalender-package = pkgs.fetchFromGitHub {
owner = "kmein";
repo = "autorenkalender";
rev = "cf49a7b057301332d980eb47042a626add93db66";
sha256 = "1pa7sjg33vdnjianrqldv445jdzzv3mn231ljk1j58hs0cd505gs";
};
autorenkalender =
pkgs.python3Packages.callPackage autorenkalender-package {};
autorenkalender = inputs.autorenkalender.packages.x86_64-linux.default;
in {
niveum.bots.autorenkalender = {
enable = true;

20
configs/bots/smyth.nix
View File

@@ -20,15 +20,31 @@
command = toString (pkgs.writers.writeDash "random-smyth" ''
set -efu
good_curl() {
${pkgs.curl}/bin/curl "$@" \
--compressed \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \
-H 'Accept-Language: en-US,en;q=0.5' \
-H 'DNT: 1' \
-H 'Connection: keep-alive' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'Sec-Fetch-Dest: document' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-Site: cross-site' \
-H 'Priority: u=0, i' \
-H 'Pragma: no-cache' \
-H 'Cache-Control: no-cache'
}
RANDOM_SECTION=$(
${pkgs.curl}/bin/curl -sSL http://www.perseus.tufts.edu/hopper/xmltoc?doc=Perseus%3Atext%3A1999.04.0007%3Asmythp%3D1 \
good_curl -sSL http://www.perseus.tufts.edu/hopper/xmltoc?doc=Perseus%3Atext%3A1999.04.0007%3Asmythp%3D1 \
| ${pkgs.gnugrep}/bin/grep -o 'ref="[^"]*"' \
| ${pkgs.coreutils}/bin/shuf -n1 \
| ${pkgs.gnused}/bin/sed 's/^ref="//;s/"$//'
)
url="http://www.perseus.tufts.edu/hopper/text?doc=$RANDOM_SECTION"
${pkgs.curl}/bin/curl -sSL "$url"\
good_curl -sSL "$url"\
| ${pkgs.htmlq}/bin/htmlq '#text_main' \
| ${pkgs.gnused}/bin/sed 's/<\/\?hr>//g' \
| ${pkgs.pandoc}/bin/pandoc -f html -t plain --wrap=none

6
configs/browser.nix
View File

@@ -6,7 +6,7 @@
}: {
environment.systemPackages = [
niveumPackages.cro
pkgs.tor-browser-bundle-bin
pkgs.tor-browser
pkgs.firefox
pkgs.brave
];
@@ -82,5 +82,9 @@
};
};
home-manager.users.me = {
stylix.targets.firefox.profileNames = ["default"];
};
environment.variables.BROWSER = "firefox";
}

15
configs/default.nix
View File

@@ -3,7 +3,6 @@
lib,
config,
niveumPackages,
unstablePackages,
inputs,
...
}:
@@ -24,12 +23,9 @@ in
config = {
allowUnfree = true;
packageOverrides = pkgs: {
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.wofi}/bin/wofi -dmenu "$@"'';
dmenu = pkgs.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"'';
};
permittedInsecurePackages = [
"qtwebkit-5.212.0-alpha4"
"zotero-6.0.26"
"electron-25.9.0"
];
};
};
@@ -99,14 +95,14 @@ in
{
o = "${pkgs.xdg-utils}/bin/xdg-open";
ns = "nix-shell --run zsh";
pbcopy = "${pkgs.wl-clipboard}/bin/wl-copy";
pbpaste = "${pkgs.wl-clipboard}/bin/wl-paste";
pbcopy = "${pkgs.xclip}/bin/xclip -selection clipboard -in";
pbpaste = "${pkgs.xclip}/bin/xclip -selection clipboard -out";
tmux = "${pkgs.tmux}/bin/tmux -2";
sxiv = swallow "${pkgs.nsxiv}/bin/nsxiv";
zathura = swallow "${pkgs.zathura}/bin/zathura";
im = "${pkgs.openssh}/bin/ssh weechat@makanek -t tmux attach-session -t IM";
yt = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata -ic"; # Download video link
yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata --audio-format opus --audio-quality 0 -xic"; # Download with audio
yta = "${pkgs.yt-dlp}/bin/yt-dlp --add-metadata --audio-format mp3 --audio-quality 0 -xic"; # Download with audio
};
}
{
@@ -221,9 +217,8 @@ in
./git.nix
./hledger.nix
./htop.nix
./fu-berlin.nix
./uni.nix
./i3.nix
./niri.nix
./i3status-rust.nix
./keyboard.nix
./mycelium.nix

1
configs/flameshot.nix
View File

@@ -5,7 +5,6 @@
}: {
home-manager.users.me = {
services.flameshot = {
package = pkgs.flameshot.override { enableWlrSupport = true; };
enable = true;
settings.General = {
autoCloseIdleDaemon = true;

15
configs/fonts.nix
View File

@@ -1,6 +1,5 @@
{
pkgs,
config,
niveumPackages,
...
}: let
@@ -103,12 +102,12 @@ in {
lmodern
merriweather
ocr-a
montserrat
roboto
roboto-mono
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
nerd-fonts.blex-mono
noto-fonts-color-emoji
roboto-slab
scheherazade-new
source-code-pro
@@ -116,15 +115,15 @@ in {
source-serif-pro
theano
niveumPackages.tocharian-font
vistafonts
vista-fonts
vollkorn
zilla-slab
]; # google-fonts league-of-moveable-type
fontconfig.defaultFonts = rec {
monospace = [config.stylix.fonts.monospace.name] ++ emoji;
serif = [config.stylix.fonts.serif.name "Scheherazade New" "Ezra SIL" "Antinoou" "Noto Serif Devanagari"];
sansSerif = [config.stylix.fonts.sansSerif.name "Noto Sans Display" "Noto Naskh Arabic" "Noto Sans Hebrew" "Noto Sans Devanagari" "Noto Sans CJK JP" "Noto Sans Coptic" "Noto Sans Syriac Western"];
emoji = [config.stylix.fonts.emoji.name];
monospace = ["Noto Sans Mono"] ++ emoji;
serif = ["Noto Serif" "Noto Naskh Arabic" "Noto Serif Devanagari"];
sansSerif = ["Noto Sans Display" "Noto Naskh Arabic" "Noto Sans Hebrew" "Noto Sans Devanagari" "Noto Sans CJK JP" "Noto Sans Coptic" "Noto Sans Syriac Western"];
emoji = ["Noto Color Emoji"];
};
# xelatex fails with woff files
# ref https://tex.stackexchange.com/questions/392144/xelatex-and-fontspec-crash-trying-to-find-woff-file-for-some-fonts-but-not-other

23
configs/git.nix
View File

@@ -29,9 +29,7 @@ in {
programs.git = {
enable = true;
package = pkgs.gitFull;
userName = kieran.name;
userEmail = kieran.email;
aliases = {
settings.alias = {
br = "branch";
co = "checkout";
ci = "commit";
@@ -45,19 +43,12 @@ in {
graph = "log --graph --abbrev-commit --decorate --date=relative --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
};
ignores = ignorePaths;
extraConfig = {
pull.ff = "only";
rebase.autoStash = true;
merge.autoStash = true;
push.autoSetupRemote = true;
# # ref https://github.com/dandavison/delta
# core.pager = "${pkgs.delta}/bin/delta";
# interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";
# delta.navigate = true;
# merge.conflictStyle = "diff3";
# diff.colorMoved = "default";
};
settings.user.name = kieran.name;
settings.user.email = kieran.email;
settings.pull.ff = "only";
settings.rebase.autoStash = true;
settings.merge.autoStash = true;
settings.push.autoSetupRemove = true;
};
};
}

51
configs/i3.nix
View File

@@ -94,7 +94,7 @@ in {
services.xserver = {
windowManager.i3 = {
enable = true;
package = pkgs.i3-gaps;
package = pkgs.i3;
};
};
@@ -113,6 +113,7 @@ in {
'';
};
home-manager.users.me = let
modifier = "Mod4";
infoWorkspace = "";
@@ -131,7 +132,7 @@ in {
border = 1;
};
bars = [
(config.home-manager.users.me.lib.stylix.i3.bar
(config.home-manager.users.me.stylix.targets.i3.exportedBarConfig
// rec {
workspaceButtons = true;
mode = "hide"; # "dock";
@@ -269,32 +270,7 @@ in {
# XF86Launch1 (thinkvantage)
};
in {
wayland.windowManager.sway = {
enable = true;
config = {
menu = "rofi -modi run,ssh,window -show run";
inherit modifier modes gaps bars floating window colors keybindings;
input = {
"*" = {
xkb_layout = "de";
xkb_variant = "T3";
};
};
terminal = (defaultApplications pkgs).terminal;
up = "k";
down = "j";
left = "h";
right = "l";
seat = {
"*" = {
hide_cursor = "when-typing enable";
};
};
startup = [
{command = "echo hello";}
];
};
};
stylix.targets.i3.enable = true;
xsession.windowManager.i3 = {
enable = true;
@@ -311,19 +287,9 @@ in {
assign [class="dashboard"] ${infoWorkspace}
exec ${dashboard}/bin/dashboard
'';
config = lib.mkMerge [
{
inherit modifier gaps modes bars floating window colors keybindings;
}
{
keybindings = let
new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
move-to-new-workspace = pkgs.writers.writeDash "new-workspace" ''
i3-msg move container to workspace $(($(i3-msg -t get_workspaces | tr , '\n' | grep '"num":' | cut -d : -f 2 | sort -rn | head -1) + 1))
'';
in {
config = {
inherit modifier gaps modes bars floating window colors;
keybindings = keybindings // {
"${modifier}+ß" = "exec ${niveumPackages.menu-calc}/bin/=";
"${modifier}+F6" = "exec ${pkgs.xorg.xkill}/bin/xkill";
"${modifier}+F9" = "exec ${pkgs.redshift}/bin/redshift -O 4000 -b 0.85";
@@ -334,8 +300,7 @@ in {
# "${modifier}+x" = "exec ${new-workspace}";
"XF86Display" = "exec ${niveumPackages.dmenu-randr}/bin/dmenu-randr";
};
}
];
};
};
};
}

144
configs/keyboard.nix
View File

@@ -2,91 +2,129 @@
pkgs,
lib,
...
}: let
}:
let
commaSep = builtins.concatStringsSep ",";
xkbOptions = ["compose:caps" "terminate:ctrl_alt_bksp" "grp:ctrls_toggle"];
xkbOptions = [
"compose:caps"
"terminate:ctrl_alt_bksp"
"grp:ctrls_toggle"
];
languages = {
arabic = { code = "ara"; variant = "buckwalter"; }; # ../lib/keyboards/arabic;
avestan = ../lib/keyboards/avestan;
deutsch = {
code = "de";
variant = "T3";
};
greek = {
code = "gr";
variant = "polytonic";
};
russian = {
code = "ru";
variant = "phonetic";
};
arabic = {
code = "ara";
variant = "buckwalter";
}; # ../lib/keyboards/arabic;
coptic = ../lib/keyboards/coptic;
deutsch = { code = "de"; variant = "T3"; };
farsi = { code = "ir"; variant = "qwerty"; };
avestan = ../lib/keyboards/avestan;
gothic = ../lib/keyboards/gothic;
greek = { code = "gr"; variant = "polytonic"; };
gujarati = {code = "in"; variant = "guj-kagapa"; };
hebrew = {code = "il"; variant = "phonetic";};
russian = { code = "ru"; variant = "phonetic"; };
sanskrit = { code = "in"; variant = "san-kagapa"; };
syriac = { code = "sy"; variant = "syc_phonetic"; };
urdu = {code = "in"; variant = "urd-phonetic"; };
farsi = {
code = "ir";
variant = "qwerty";
};
syriac = {
code = "sy";
variant = "syc_phonetic";
};
sanskrit = {
code = "in";
variant = "san-kagapa";
};
gujarati = {
code = "in";
variant = "guj-kagapa";
};
urdu = {
code = "in";
variant = "urd-phonetic";
};
hebrew = {
code = "il";
variant = "phonetic";
};
};
defaultLanguage = languages.deutsch;
in {
in
{
services.libinput.enable = true;
# man 7 xkeyboard-config
services.xserver = {
# exportConfiguration = true; # link /usr/share/X11 properly
exportConfiguration = true; # link /usr/share/X11 properly
xkb.layout = defaultLanguage.code;
# T3: https://upload.wikimedia.org/wikipedia/commons/a/a9/German-Keyboard-Layout-T3-Version1-large.png
# buckwalter: http://www.qamus.org/transliteration.htm
xkb.variant = defaultLanguage.variant;
xkb.options = commaSep xkbOptions;
xkb.extraLayouts = {
"coptic" = {
languages = ["cop"];
description = "Coptic";
symbolsFile = ../lib/keyboards/coptic;
};
"gothic" = {
languages = ["got"];
description = "Gothic";
symbolsFile = ../lib/keyboards/gothic;
};
"avestan" = {
languages = ["ave"];
description = "Avestan";
symbolsFile = ../lib/keyboards/avestan;
};
"farsi-good" = {
languages = ["fas"];
description = "Farsi, but good";
symbolsFile = ../lib/keyboards/farsi;
};
xkb.dir = pkgs.symlinkJoin {
name = "x-keyboard-directory";
paths = [
"${pkgs.xkeyboard_config}/etc/X11/xkb"
(pkgs.linkFarm "custom-x-keyboards" (
lib.mapAttrsToList (name: value: {
name = "symbols/${name}";
path = value;
}) (lib.filterAttrs (_: value: !(value ? "code")) languages)
++ [
{
name = "symbols/ir";
path = ../lib/keyboards/farsi;
}
]
))
];
};
};
environment.etc."x11-locale".source = toString pkgs.xorg.libX11 + "share/X11/locale";
home-manager.users.me = {
home.file =
lib.mapAttrs' (name: path: lib.nameValuePair ".xkb/symbols/${name}" { source = path; })
(lib.filterAttrs (_: value: !(value ? "code")) languages) // {
".xkb/symbols/ir".source = ../lib/keyboards/farsi;
};
};
console.keyMap = "de";
environment.systemPackages =
lib.mapAttrsToList
(language: settings:
environment.systemPackages = lib.mapAttrsToList (
language: settings:
let
code = if settings ? "code" then settings.code else language;
variant = if settings ? "variant" then settings.variant else "";
in
pkgs.writers.writeDashBin "kb-${language}" ''
${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage.code},${code} ${defaultLanguage.variant},${variant} ${toString (map (option: "-option ${option}") xkbOptions)}
'')
languages ++
lib.mapAttrsToList
(language: settings:
let
code = if settings ? "code" then settings.code else language;
variant = if settings ? "variant" then settings.variant else "";
in
pkgs.writers.writeDashBin "kb-niri-${language}" ''
${pkgs.gnused}/bin/sed -i 's/^\(\s*layout\) ".*"$/\1 "${defaultLanguage.code},${code}"/;s/^\(\s*variant\) ".*"$/\1 "${defaultLanguage.variant},${variant}"/' ~/.config/niri/config.kdl
'') languages;
pkgs.writers.writeDashBin "kb-${language}" ''
if [ -z $SWAYSOCK ]; then
${pkgs.xorg.setxkbmap}/bin/setxkbmap ${defaultLanguage.code},${code} ${defaultLanguage.variant},${variant} ${
toString (map (option: "-option ${option}") xkbOptions)
}
else
swaymsg -s $SWAYSOCK 'input * xkb_layout "${defaultLanguage.code},${code}"'
swaymsg -s $SWAYSOCK 'input * xkb_variant "${defaultLanguage.variant},${variant}"'
swaymsg -s $SWAYSOCK 'input * xkb_options "${lib.concatStringsSep "," xkbOptions}"'
fi
''
) languages;
# improve held key rate
services.xserver.displayManager.sessionCommands = "${pkgs.xorg.xset}/bin/xset r rate 300 50";
systemd.user.services.gxkb = {
wantedBy = ["graphical-session.target"];
wantedBy = [ "graphical-session.target" ];
serviceConfig = {
SyslogIdentifier = "gxkb";
ExecStart = "${pkgs.gxkb}/bin/gxkb";

2
configs/mpv.nix
View File

@@ -36,7 +36,7 @@ in {
"Alt+j" = "add video-pan-y -0.05";
};
scripts = [
# pkgs.mpvScripts.quality-menu
pkgs.mpvScripts.quality-menu
niveumPackages.mpv-visualizer
];
};

5
configs/neovim.nix
View File

@@ -37,8 +37,8 @@
environment.systemPackages = [
(pkgs.writers.writeDashBin "vim" ''neovim "$@"'')
(niveumPackages.vim.override {
stylixColors = config.lib.stylix.colors;
# colorscheme = "base16-gruvbox-light-medium";
# stylixColors = config.lib.stylix.colors;
colorscheme = "base16-gruvbox-dark-medium";
})
# language servers
@@ -46,6 +46,7 @@
pkgs.haskellPackages.haskell-language-server
pkgs.texlab
pkgs.nil
pkgs.gopls
pkgs.nixfmt-rfc-style
pkgs.rust-analyzer
pkgs.nodePackages.typescript-language-server

445
configs/niri.nix
View File

@@ -1,445 +0,0 @@
{
pkgs,
config,
niveumPackages,
lib,
...
}:
let
inherit (import ../lib) defaultApplications;
niriConfig =
let
klem = niveumPackages.klem.override {
config.dmenu = "${pkgs.dmenu}/bin/dmenu -i -p klem";
config.scripts = {
"p.r paste" = pkgs.writers.writeDash "p.r" ''
${pkgs.curl}/bin/curl -fSs http://p.r --data-binary @- \
| ${pkgs.coreutils}/bin/tail --lines=1 \
| ${pkgs.gnused}/bin/sed 's/\\<r\\>/krebsco.de/'
'';
"envs.sh paste" = pkgs.writers.writeDash "envs-host" ''
${pkgs.curl}/bin/curl -F "file=@-" https://envs.sh
'';
"envs.sh shorten" = pkgs.writers.writeDash "envs-shorten" ''
${pkgs.curl}/bin/curl -F "shorten=$(${pkgs.coreutils}/bin/cat)" https://envs.sh
'';
"go.r shorten" = pkgs.writers.writeDash "go.r" ''
${pkgs.curl}/bin/curl -fSs http://go.r -F "uri=$(${pkgs.coreutils}/bin/cat)"
'';
"4d2.org paste" = pkgs.writers.writeDash "4d2-paste" ''
${pkgs.curl}/bin/curl -F "file=@-" https://depot.4d2.org/
'';
"0x0.st shorten" = pkgs.writers.writeDash "0x0.st" ''
${pkgs.curl}/bin/curl -fSs https://0x0.st -F "shorten=$(${pkgs.coreutils}/bin/cat)"
'';
"rot13" = pkgs.writers.writeDash "rot13" ''
${pkgs.coreutils}/bin/tr '[A-Za-z]' '[N-ZA-Mn-za-m]'
'';
"ipa" = pkgs.writers.writeDash "ipa" ''
${niveumPackages.ipa}/bin/ipa
'';
"betacode" = pkgs.writers.writeDash "betacode" ''
${niveumPackages.betacode}/bin/betacode
'';
"curl" = pkgs.writers.writeDash "curl" ''
${pkgs.curl}/bin/curl -fSs "$(${pkgs.coreutils}/bin/cat)"
'';
ocr = pkgs.writers.writeDash "ocr" ''
${pkgs.tesseract4}/bin/tesseract -l eng+deu - stdout
'';
emojai = pkgs.writers.writeDash "emojai" ''
${pkgs.curl}/bin/curl https://www.emojai.app/api/generate -X POST -H 'Content-Type: application/json' --data-raw "$(${pkgs.jq}/bin/jq -sR '{emoji:.}')" | ${pkgs.jq}/bin/jq -r .result
'';
"gpt-3.5" = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt35}/bin/gpt
'';
gpt-4 = pkgs.writers.writeDash "gpt" ''
${niveumPackages.gpt4}/bin/gpt
'';
};
};
in
''
spawn-at-startup "${pkgs.ironbar}/bin/ironbar"
spawn-at-startup "${pkgs.xwayland-satellite}/bin/xwayland-satellite"
environment {
DISPLAY ":0"
ANKI_WAYLAND "1"
}
input {
warp-mouse-to-focus
focus-follows-mouse max-scroll-amount="0%"
keyboard {
repeat-rate 35
repeat-delay 350
track-layout "global"
xkb {
layout "de"
variant "T3"
options "ctrl:nocaps,compose:caps,grp:ctrls_toggle"
}
}
touchpad {
click-method "clickfinger"
tap
dwt
dwtp
}
}
prefer-no-csd
hotkey-overlay {
skip-at-startup
}
layout {
gaps 5
default-column-width {
proportion 0.5
}
preset-column-widths {
proportion 0.33333
proportion 0.5
proportion 0.66667
}
focus-ring {
width 2
}
shadow {
// on
softness 30
spread 5
offset x=0 y=5
draw-behind-window true
color "#00000070"
// inactive-color "#00000054"
}
tab-indicator {
// off
hide-when-single-tab
place-within-column
gap 5
width 4
length total-proportion=1.0
position "right"
gaps-between-tabs 2
corner-radius 8
active-color "red"
inactive-color "gray"
urgent-color "blue"
// active-gradient from="#80c8ff" to="#bbddff" angle=45
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
// urgent-gradient from="#800" to="#a33" angle=45
}
border {
off
}
}
animations {
// off
workspace-switch {
spring damping-ratio=1.0 stiffness=1000 epsilon=0.0001
}
window-open {
duration-ms 150
curve "ease-out-expo"
}
window-close {
duration-ms 150
curve "ease-out-quad"
}
horizontal-view-movement {
spring damping-ratio=1.0 stiffness=800 epsilon=0.0001
}
window-movement {
spring damping-ratio=1.0 stiffness=800 epsilon=0.0001
}
window-resize {
spring damping-ratio=1.0 stiffness=800 epsilon=0.0001
}
config-notification-open-close {
spring damping-ratio=0.6 stiffness=1000 epsilon=0.001
}
screenshot-ui-open {
duration-ms 200
curve "ease-out-quad"
}
overview-open-close {
spring damping-ratio=1.0 stiffness=800 epsilon=0.0001
}
}
window-rule {
geometry-corner-radius 0
clip-to-geometry true
}
window-rule {
match app-id="mpv"
open-floating true
}
window-rule {
match app-id="rofi"
open-floating true
}
window-rule {
match app-id=r#"firefox$"# title="^Picture-in-Picture$"
open-floating true
default-floating-position x=32 y=32 relative-to="bottom-left"
}
window-rule {
match is-window-cast-target=true
border {
on
width 3
active-color "#f38ba8"
inactive-color "#7d0d2d"
}
}
binds {
Mod+Shift+Slash { show-hotkey-overlay; }
Mod+Return { spawn "${(defaultApplications pkgs).terminal}"; }
Mod+D { spawn "${pkgs.wofi}/bin/wofi" "--show" "run"; }
Mod+Shift+D { spawn "${niveumPackages.notemenu}/bin/notemenu"; }
Mod+T { spawn "${(defaultApplications pkgs).fileManager}"; }
Mod+Y { spawn "${(defaultApplications pkgs).browser}"; }
Mod+P { spawn "${niveumPackages.passmenu}/bin/passmenu"; }
Mod+U { spawn "${niveumPackages.unicodmenu}/bin/unicodmenu"; }
Mod+Shift+Z { toggle-window-floating; }
Mod+B { spawn "${pkgs.ironbar}/bin/ironbar" "bar" "bar-1337" "toggle-visible"; }
Mod+F12 { spawn "${klem}/bin/klem"; }
Mod+Shift+Q { close-window; }
XF86AudioRaiseVolume allow-when-locked=true { spawn "${pkgs.pamixer}/bin/pamixer -i 5"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "${pkgs.pamixer}/bin/pamixer -d 5"; }
XF86AudioMute allow-when-locked=true { spawn "${pkgs.pamixer}/bin/pamixer -t"; }
XF86AudioPause allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl play-pause"; }
XF86AudioPlay allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl play-pause"; }
XF86AudioNext allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl next"; }
XF86AudioPrev allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl previous"; }
XF86AudioStop allow-when-locked=true { spawn "${pkgs.playerctl}/bin/playerctl stop"; }
Print { spawn "flameshot gui"; }
Mod+Shift+W { spawn "swaylock"; }
Mod+Comma { consume-or-expel-window-left; }
Mod+Period { consume-or-expel-window-right; }
Mod+W { toggle-column-tabbed-display; }
Mod+A repeat=false { toggle-overview; }
Mod+F { maximize-column; }
Mod+C { center-column; }
Mod+Minus { set-column-width "-25%"; }
Mod+Plus { set-column-width "+25%"; }
Mod+Ctrl+0 { spawn "niri" "msg" "action" "switch-layout" "0"; }
Mod+Ctrl+1 { spawn "niri" "msg" "action" "switch-layout" "1"; }
Mod+Ctrl+2 { spawn "niri" "msg" "action" "switch-layout" "2"; }
Mod+Ctrl+3 { spawn "niri" "msg" "action" "switch-layout" "3"; }
Mod+Ctrl+4 { spawn "niri" "msg" "action" "switch-layout" "4"; }
Mod+Ctrl+5 { spawn "niri" "msg" "action" "switch-layout" "5"; }
Mod+Ctrl+6 { spawn "niri" "msg" "action" "switch-layout" "6"; }
Mod+Ctrl+7 { spawn "niri" "msg" "action" "switch-layout" "7"; }
Mod+Ctrl+8 { spawn "niri" "msg" "action" "switch-layout" "8"; }
Mod+Ctrl+9 { spawn "niri" "msg" "action" "switch-layout" "9"; }
Mod+H { focus-column-or-monitor-left; }
Mod+J { focus-window-or-workspace-down; }
Mod+K { focus-window-or-workspace-up; }
Mod+L { focus-column-or-monitor-right; }
Mod+Shift+H { move-column-left-or-to-monitor-left; }
Mod+Shift+J { move-window-down-or-to-workspace-down; }
Mod+Shift+K { move-window-up-or-to-workspace-up; }
Mod+Shift+L { move-column-right-or-to-monitor-right; }
Mod+Ctrl+H { focus-monitor-left; }
Mod+Ctrl+J { focus-monitor-down; }
Mod+Ctrl+K { focus-monitor-up; }
Mod+Ctrl+L { focus-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-workspace-down; }
Mod+Shift+Ctrl+K { move-column-to-workspace-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
Mod+Shift+Alt+Ctrl+H { move-workspace-to-monitor-left; }
Mod+Shift+Alt+Ctrl+J { move-workspace-down; }
Mod+Shift+Alt+Ctrl+K { move-workspace-up; }
Mod+Shift+Alt+Ctrl+L { move-workspace-to-monitor-right; }
Mod+1 { focus-workspace 1; }
Mod+2 { focus-workspace 2; }
Mod+3 { focus-workspace 3; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+0 { focus-workspace 10; }
Mod+Shift+1 { move-window-to-workspace "1"; }
Mod+Shift+2 { move-window-to-workspace "2"; }
Mod+Shift+3 { move-window-to-workspace "3"; }
Mod+Shift+4 { move-window-to-workspace "4"; }
Mod+Shift+5 { move-window-to-workspace "5"; }
Mod+Shift+6 { move-window-to-workspace "6"; }
Mod+Shift+7 { move-window-to-workspace "7"; }
Mod+Shift+8 { move-window-to-workspace "8"; }
Mod+Shift+9 { move-window-to-workspace "9"; }
Mod+Shift+0 { move-window-to-workspace "0"; }
}
'';
in
{
system.activationScripts.niriConfig = {
text = ''
cp ${pkgs.writeText "config.kdl" niriConfig} ${config.users.users.me.home}/.config/niri/config.kdl
chown ${config.users.users.me.name}:${config.users.users.me.group} ${config.users.users.me.home}/.config/niri/config.kdl
'';
};
programs.niri.enable = true;
services.displayManager.defaultSession = lib.mkForce "niri";
home-manager.users.me = {
xdg.configFile."ironbar/style.css".text = ''
* {
font-size: 8pt;
font-family: "Gentium Plus", "BlexMono Nerd Font";
}
box, menubar, button {
background-color: unset;
box-shadow: none;
background-image: none;
}
.clock, .upower, .volume {
font-weight: unset;
}
tooltip * {
font-family: "BlexMono Nerd Font";
font-size: 7pt;
}
'';
xdg.configFile."ironbar/config.json".source = (pkgs.formats.json { }).generate "ironbar.json" {
name = "bar-1337";
height = 12;
layer = "top";
position = "bottom";
start = [ ];
center = [
{
type = "tray";
icon_size = 8;
}
{ type = "clipboard"; }
{ type = "notifications"; }
];
end = [
{
type = "upower";
icon_size = 8;
format = "{percentage}%";
}
{
type = "label";
tooltip = "{{df -h --output=size,used,avail,pcent,target}}";
label = "\t{{5000:df -h / --output=avail | tail +2}}";
}
{
type = "label";
tooltip = "{{free -Lh --si | awk '{for(i=1;i<=NF;i++){printf \"%s%s\", $i, (i%2? OFS: ORS)} if(NF%2) printf ORS}'}}";
label = "󰍛\t{{500:free -h --si | awk 'NR==2{printf $3 \"\\n\"}'}}";
}
{
type = "label";
tooltip = "{{}}";
on_click_left = "pamixer -t";
on_scroll_up = "pamixer -i 1";
on_scroll_down = "pamixer -d 1";
label = "{{500:if $(pamixer --get-mute) = true; then echo ; else echo ; fi}}\t{{500:pamixer --get-volume}}%";
}
{
type = "label";
tooltip = "{{uptime}}";
label = "\t{{500:uptime | sed 's/.*load average: \\([^ ]*\\);.*/\\1/' | tr ' ' '\n'}}";
}
{
type = "label";
tooltip = "{{khal list today today -d astro-test-3 }}";
label = "";
}
{
type = "label";
tooltip = "{{curl wttr.in/?0 | ${pkgs.ansifilter}/bin/ansifilter}}";
label = "󰔏";
}
{
type = "label";
name = "cal";
tooltip = "{{cal}}";
label = "{{500:date +'<U+F017>\t%Y-%m-%d (%W %a) %H:%M'}}";
}
];
};
programs.alacritty.enable = true; # Super+T in the default setting (terminal)
programs.swaylock.enable = true; # Super+Alt+L in the default setting (screen locker)
services.swaync = {
enable = true;
settings = {
notification-window-width = 300;
control-center-width = 300;
widgets = [
"volume"
"mpris"
"title"
"dnd"
"notifications"
];
widget-config = {
title = {
text = "ϥ̄";
"clear-all-button" = true;
"button-text" = "";
};
dnd.text = "̄̄ϣ̄̄";
label.text = "";
};
};
};
services.swayidle.enable = true; # idle management daemon
home.packages = with pkgs; [
xdg-desktop-portal-gnome
swaybg
];
};
services.gnome.gnome-keyring.enable = true; # secret service
security.pam.services.swaylock = { };
}

30
configs/packages.nix
View File

@@ -4,7 +4,6 @@
lib,
inputs,
niveumPackages,
unstablePackages,
...
}: let
worldradio = pkgs.callPackage ../packages/worldradio.nix {};
@@ -63,9 +62,15 @@ in {
};
environment.systemPackages = with pkgs; [
(pkgs.writers.writeDashBin "amfora" ''
${pkgs.st}/bin/st -e ${pkgs.amfora}/bin/amfora
'')
(pkgs.writers.writeDashBin "gpodder" ''
GPODDER_DOWNLOAD_DIR=${config.users.users.me.home}/mobile/audio/Text/podcasts exec ${pkgs.gpodder}/bin/gpodder "$@"
'')
# INTERNET
aria2
tdesktop
telegram-desktop
whois
dnsutils
# FILE MANAGERS
@@ -94,9 +99,10 @@ in {
# HARDWARE TOOLS
gnome-disk-utility
arandr # xrandr for noobs
wdisplays
libnotify # for notify-send
wl-clipboard # clipboard CLI
xdragon # drag and drop
xclip # clipboard CLI
dragon-drop # drag and drop
xorg.xkill # kill by clicking
portfolio # personal finance overview
audacity
@@ -114,22 +120,23 @@ in {
zoom-us # video conferencing
(pkgs.writers.writeDashBin "im" ''
weechat_password=$(${pkgs.pass}/bin/pass weechat)
exec ${unstablePackages.weechat}/bin/weechat -t -r '/mouse enable; /remote add makanek http://${externalNetwork.makanek}:8002 -password='"$weechat_password"'; /remote connect makanek'
exec ${weechat}/bin/weechat -t -r '/mouse enable; /remote add makanek http://${externalNetwork.makanek}:8002 -password='"$weechat_password"'; /remote connect makanek'
'')
alejandra # nix formatter
pdfgrep # search in pdf
pdftk # pdf toolkit
mupdf
poppler_utils # pdf toolkit
poppler-utils # pdf toolkit
kdePackages.okular # the word is nucular
xournalpp # for annotating pdfs
pdfpc # presenter console for pdf slides
# niveumPackages.hc # print files as qr codes
niveumPackages.hc # print files as qr codes
yt-dlp
espeak
rink # unit converter
niveumPackages.auc
niveumPackages.noise-waves
niveumPackages.stag
niveumPackages.cheat-sh
niveumPackages.polyglot
niveumPackages.qrpaste
@@ -144,7 +151,6 @@ in {
niveumPackages.pls
niveumPackages.mpv-tv
niveumPackages.mpv-iptv
# jellyfin-media-player
niveumPackages.devanagari
niveumPackages.betacode # ancient greek betacode to unicode converter
niveumPackages.meteo
@@ -197,9 +203,6 @@ in {
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
(pkgs.writers.writeDashBin "ncmpcpp-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.ncmpcpp}/bin/ncmpcpp "$@"'')
(pkgs.writers.writeDashBin "mpc-zaatar" ''MPD_HOST=${(import ../lib/local-network.nix).zaatar} exec ${pkgs.mpc_cli}/bin/mpc "$@"'')
inputs.scripts.packages.x86_64-linux.alarm
spotify
@@ -237,10 +240,9 @@ in {
dhall
html-tidy
nodePackages.csslint
nodePackages.jsonlint
deno # better node.js
# texlive.combined.scheme-full
go
texlive.combined.scheme-full
latexrun
(aspellWithDicts (dict: [dict.de dict.en dict.en-computers]))
# haskellPackages.pandoc-citeproc

1
configs/spacetime.nix
View File

@@ -3,5 +3,6 @@
location = {
latitude = 52.517;
longitude = 13.3872;
provider = "geoclue2";
};
}

2
configs/ssh.nix
View File

@@ -4,6 +4,7 @@
in {
users.users.me.openssh.authorizedKeys.keys = kieran.sshKeys;
programs.ssh.startAgent = true;
services.gnome.gcr-ssh-agent.enable = false;
home-manager.users.me = {
# https://discourse.nixos.org/t/gnome-keyring-and-ssh-agent-without-gnome/11663
@@ -40,6 +41,7 @@ in {
home-manager.users.me.programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"github.com" = {
hostname = "ssh.github.com";

19
configs/stylix.nix
View File

@@ -18,7 +18,7 @@ in {
stylix.enable = true;
stylix.image = generatedWallpaper;
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/ayu-light.yaml";
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-medium.yaml";
stylix.cursor = {
name = "capitaine-cursors-white";
@@ -26,6 +26,9 @@ in {
size = 12;
};
home-manager.users.me = {
stylix.autoEnable = true;
};
# environment.etc."stylix/wallpaper.png".source = generatedWallpaper;
@@ -52,22 +55,22 @@ in {
stylix.fonts = {
serif = {
package = pkgs.gentium;
name = "Gentium Plus";
package = pkgs.noto-fonts;
name = "Noto Serif";
};
sansSerif = {
package = pkgs.gentium;
name = "Gentium Plus";
package = pkgs.noto-fonts;
name = "Noto Sans";
};
monospace = {
package = pkgs.nerd-fonts.blex-mono;
name = "BlexMono Nerd Font";
package = pkgs.noto-fonts;
name = "Noto Sans Mono";
};
emoji = {
package = pkgs.noto-fonts-emoji;
package = pkgs.noto-fonts-color-emoji;
name = "Noto Color Emoji";
};

11
configs/tmux.nix
View File

@@ -13,7 +13,7 @@
aggressiveResize = true;
escapeTime = 50;
historyLimit = 7000;
shortcut = "a";
shortcut = "b";
extraConfig = ''
set -g mouse on
@@ -37,15 +37,6 @@
set -g status-left-length 32
set -g status-right-length 150
set -g status-bg colour242
setw -g window-status-format "#[fg=colour12,bg=colour233] #I #[fg=white,bg=colour237] #W "
setw -g window-status-current-format "#[fg=colour12,bg=colour233] * #[fg=white,bg=colour237,bold] #W "
set -g status-left ""
set -g status-right "#[fg=colour255,bg=colour237,bold] #(hostname -I) #[default]#[fg=colour12,bg=colour233] %FT%R "
set -g status-justify left
set -g status-position bottom
'';
};

86
configs/fu-berlin.nix → configs/uni.nix
View File

@@ -30,7 +30,19 @@ in {
};
};
accounts.email.accounts = {
fu-student =
letos =
lib.recursiveUpdate defaults
{
userName = "slfletos";
address = "letos.sprachlit@hu-berlin.de";
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-letos.path}";
imap.host = "mailbox.cms.hu-berlin.de";
imap.port = 993;
smtp.host = "mailhost.cms.hu-berlin.de";
smtp.port = 25;
smtp.tls.useStartTls = true;
};
fu =
lib.recursiveUpdate defaults
(lib.recursiveUpdate fu-defaults
rec {
@@ -38,21 +50,6 @@ in {
address = "kieran.meinhardt@fu-berlin.de";
aliases = ["${userName}@fu-berlin.de"];
passwordCommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.email-password-meinhak99.path}";
aerc.extraAccounts.signature-file = toString (pkgs.writeText "signature" signature.text);
signature = {
showSignature = "append";
text = ''
${defaults.realName}
${pronouns}
---
Studentische Hilfskraft / ZODIAC
Freie Universität Berlin
Telefon: +49 30 838 58118
Arnimallee 10, Raum 106, 14195 Berlin
'';
};
himalaya = {
enable = true;
settings.backend = "imap";
@@ -68,6 +65,12 @@ in {
group = config.users.users.me.group;
mode = "400";
};
email-password-letos = {
file = ../secrets/email-password-letos.age;
owner = config.users.users.me.name;
group = config.users.users.me.group;
mode = "400";
};
fu-sftp-key = {
file = ../secrets/fu-sftp-key.age;
owner = "root";
@@ -110,24 +113,31 @@ in {
];
};
};
in {
"${remoteDir}/fu/zodiac" = {
device = "//trove.storage.fu-berlin.de/GESCHKULT";
fsType = "cifs";
options =
fu-berlin-cifs-options
++ [
"credentials=${config.age.secrets.cifs-credentials-zodiac.path}"
];
};
} // home-directory-mount "meinhak99"
// home-directory-mount "xm7234fu";
age.secrets = {
cifs-credentials-zodiac.file = ../secrets/cifs-credentials-zodiac.age;
};
in home-directory-mount "meinhak99";
environment.systemPackages = [
(pkgs.writers.writeDashBin "hu-vpn-split" ''
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "${config.age.secrets.email-password-letos.path}")" \
--config=${
pkgs.writeText "hu-berlin-split.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = slfletos@split_tunnel
''
}
'')
(pkgs.writers.writeDashBin "hu-vpn-full" ''
${pkgs.openfortivpn}/bin/openfortivpn \
--password="$(cat "${config.age.secrets.email-password-letos.path}")" \
--config=${
pkgs.writeText "hu-berlin-full.config" ''
host = forti-ssl.vpn.hu-berlin.de
port = 443
username = slfletos@tunnel_all
''
}
'')
(pkgs.writers.writeDashBin "fu-vpn" ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then
@@ -138,16 +148,4 @@ in {
fi
'')
];
systemd.services.fu-vpn = {
enable = false;
wants = ["network-online.target"];
serviceConfig.LoadCredential = "password:${config.age.secrets.email-password-meinhak99.path}";
script = ''
if ${pkgs.wirelesstools}/bin/iwgetid | ${pkgs.gnugrep}/bin/grep --invert-match eduroam
then
cat "$CREDENTIALS_DIRECTORY/password" | ${pkgs.openconnect}/bin/openconnect vpn.fu-berlin.de --user ${username} --passwd-on-stdin
fi
'';
};
}

5
configs/wpa_supplicant.nix
View File

@@ -1,6 +1,9 @@
{ config, ... }:
{
networking.wireless = {
enable = true;
networks.Aether.pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a";
secretsFile = config.age.secrets.wifi.path;
# networks.Aether.pskRaw = "e1b18af54036c5c9a747fe681c6a694636d60a5f8450f7dec0d76bc93e2ec85a";
networks.Schilfpalast.pskRaw = "ext:schilfpalast";
};
}

661
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

30
flake.nix
View File

@@ -2,32 +2,36 @@
description = "niveum: packages, modules, systems";
inputs = {
self.submodules = true;
agenix.url = "github:ryantm/agenix";
# alew-web.url = "git+ssh://gitea@code.kmein.de:22022/kfm/alew-web.git?ref=refs/heads/master";
autorenkalender.url = "github:kmein/autorenkalender";
coptic-dictionary.url = "github:kmein/coptic-dictionary";
flake-utils.url = "github:numtide/flake-utils";
home-manager.url = "github:nix-community/home-manager/release-25.05";
home-manager.url = "github:nix-community/home-manager/release-25.11";
menstruation-backend.url = "github:kmein/menstruation.rs";
menstruation-telegram.url = "github:kmein/menstruation-telegram";
centerpiece.url = "github:friedow/centerpiece";
nix-on-droid.url = "github:t184256/nix-on-droid/release-23.05";
nixinate.url = "github:matthewcroughan/nixinate";
nixpkgs-old.url = "github:NixOS/nixpkgs/50fc86b75d2744e1ab3837ef74b53f103a9b55a0";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
nur.url = "github:nix-community/NUR";
recht.url = "github:kmein/recht";
retiolum.url = "github:krebs/retiolum";
rust-overlay.url = "github:oxalica/rust-overlay";
scripts.url = "github:kmein/scripts";
stockholm.url = "github:krebs/stockholm";
stylix.url = "github:danth/stylix/release-25.05";
stylix.url = "github:danth/stylix/release-25.11";
telebots.url = "github:kmein/telebots";
tinc-graph.url = "github:kmein/tinc-graph";
voidrice.url = "github:Lukesmithxyz/voidrice";
wallpaper-generator.url = "github:pinpox/wallpaper-generator/v1.1";
wallpapers.url = "github:kmein/wallpapers";
ical-ephemeris.url = "git+ssh://gitea@code.kmein.de:22022/kfm/ical-ephemeris";
autorenkalender.inputs.nixpkgs.follows = "nixpkgs";
agenix.inputs.home-manager.follows = "home-manager";
agenix.inputs.nixpkgs.follows = "nixpkgs";
coptic-dictionary.inputs.nixpkgs.follows = "nixpkgs";
@@ -46,7 +50,6 @@
scripts.inputs.flake-utils.follows = "flake-utils";
scripts.inputs.nixpkgs.follows = "nixpkgs";
scripts.inputs.rust-overlay.follows = "rust-overlay";
stylix.inputs.home-manager.follows = "home-manager";
stylix.inputs.nixpkgs.follows = "nixpkgs";
tinc-graph.inputs.flake-utils.follows = "flake-utils";
tinc-graph.inputs.nixpkgs.follows = "nixpkgs";
@@ -72,7 +75,6 @@
nixinate,
flake-utils,
nix-on-droid,
centerpiece,
stylix,
...
}:
@@ -122,7 +124,7 @@
exec ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch \
--max-jobs 2 \
--log-format internal-json \
--flake .?submodules=1#${hostname} \
--flake .#${hostname} \
--target-host ${targets.${hostname}} 2>&1 \
| ${pkgs.nix-output-monitor}/bin/nom --json
'');
@@ -131,7 +133,7 @@
deploy-ful = {
type = "app";
program = toString (pkgs.writers.writeDash "deploy-ful" ''
exec ${pkgs.nix}/bin/nix run .?submodules=1#nixinate.ful \
exec ${pkgs.nix}/bin/nix run .#nixinate.ful \
--log-format internal-json 2>&1 \
| ${pkgs.nix-output-monitor}/bin/nom --json
'');
@@ -148,6 +150,7 @@
power-action = import modules/power-action.nix;
system-dependent = import modules/system-dependent.nix;
telegram-bot = import modules/telegram-bot.nix;
go-webring = import modules/go-webring.nix;
};
lib = {
@@ -208,7 +211,9 @@
systems/ful/configuration.nix
agenix.nixosModules.default
inputs.self.nixosModules.passport
inputs.ical-ephemeris.nixosModules.default
inputs.self.nixosModules.panoptikon
inputs.self.nixosModules.go-webring
inputs.self.nixosModules.htgen
inputs.stockholm.nixosModules.reaktor2
retiolum.nixosModules.retiolum
@@ -241,6 +246,7 @@
systems/kibbeh/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
home-manager.nixosModules.home-manager
];
};
makanek = nixpkgs.lib.nixosSystem rec {
@@ -316,11 +322,12 @@
// flake-utils.lib.eachSystem [flake-utils.lib.system.x86_64-linux flake-utils.lib.system.x86_64-darwin flake-utils.lib.system.aarch64-linux] (system: let
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [
nur.overlays.default
(self: super: {
mpv = super.mpv.override {scripts = [inputs.self.packages.${system}.mpv-visualizer super.mpvScripts.mpris];};
dmenu = super.writers.writeDashBin "dmenu" ''exec ${pkgs.wofi}/bin/wofi --dmenu "$@"'';
dmenu = super.writers.writeDashBin "dmenu" ''exec ${pkgs.rofi}/bin/rofi -dmenu "$@"'';
})
];
};
@@ -400,6 +407,7 @@
q = pkgs.callPackage packages/q.nix {};
qrpaste = pkgs.callPackage packages/qrpaste.nix {};
random-zeno = pkgs.callPackage packages/random-zeno.nix {};
go-webring = pkgs.callPackage packages/go-webring.nix {};
rfc = pkgs.callPackage packages/rfc.nix {};
gimp = pkgs.callPackage packages/gimp.nix {};
scanned = pkgs.callPackage packages/scanned.nix {};
@@ -407,11 +415,11 @@
text2pdf = pkgs.callPackage packages/text2pdf.nix {};
timer = pkgs.callPackage packages/timer.nix {};
tocharian-font = pkgs.callPackage packages/tocharian-font.nix {};
passmenu = pkgs.callPackage packages/passmenu.nix {};
trans = pkgs.callPackage packages/trans.nix {};
ttspaste = pkgs.callPackage packages/ttspaste.nix {};
unicodmenu = pkgs.callPackage packages/unicodmenu.nix {};
emailmenu = pkgs.callPackage packages/emailmenu.nix {};
stag = pkgs.callPackage packages/stag.nix {};
untilport = pkgs.callPackage packages/untilport.nix {};
vg = pkgs.callPackage packages/vg.nix {};
vim = pkgs.callPackage packages/vim.nix {niveumPackages = self.packages.${system};};
@@ -421,6 +429,8 @@
vimPlugins-icalendar-vim = pkgs.callPackage packages/vimPlugins/icalendar-vim.nix {};
vimPlugins-jq-vim = pkgs.callPackage packages/vimPlugins/jq-vim.nix {};
vimPlugins-typst-vim = pkgs.callPackage packages/vimPlugins/typst-vim.nix {};
vimPlugins-mdwa-nvim = pkgs.callPackage packages/vimPlugins/mdwa-nvim.nix {};
vimPlugins-vim-ernest = pkgs.callPackage packages/vimPlugins/vim-ernest.nix {};
vimPlugins-vim-256noir = pkgs.callPackage packages/vimPlugins/vim-256noir.nix {};
vimPlugins-vim-colors-paramount = pkgs.callPackage packages/vimPlugins/vim-colors-paramount.nix {};
vimPlugins-vim-fetch = pkgs.callPackage packages/vimPlugins/vim-fetch.nix {};

10
lib/local-network.nix
View File

@@ -1,10 +1,4 @@
{
toum = "192.168.178.24";
zaatar = "192.168.178.21";
kabsa = "192.168.178.32";
android = "192.168.178.35";
manakish = "192.168.178.29";
officejet = "192.168.178.27";
fritzbox = "192.168.178.1";
officejet = "192.168.0.251";
router = "192.168.0.1";
}

8
lib/streams.nix
View File

@@ -2029,6 +2029,14 @@ in
stream = "av://lavfi:anoisesrc=color=brown";
station = "Brownian noise";
}
{
stream = "https://st03.sslstream.dlf.de/dlf/03/high/aac/stream.aac";
station = "Deutschlandfunk Nova";
}
{
stream = "https://samaaisb107-itelservices.radioca.st/stream";
station = "Samaa FM 107.4 Pakistan";
}
]
++ map (name: {
stream = "https://${name}.stream.publicradio.org/${name}.aac";

175
lib/style.css
View File

@@ -1,175 +0,0 @@
* {
font-size: 14px;
border-radius: 5px;
}
window#waybar {
/* `otf-font-awesome` is required to be installed for icons */
font-family: FontAwesome, monospace;
background-color: transparent;
border-bottom: 0px;
color: #ebdbb2;
transition-property: background-color;
transition-duration: .5s;
}
window#waybar.hidden {
opacity: 0.2;
}
window#waybar.empty #window {
background-color: transparent;
}
/*
window#waybar.empty {
background-color: transparent;
}
window#waybar.solo {
background-color: #FFFFFF;
}
*/
.modules-right {
margin: 10px 10px 0 0;
}
.modules-center {
margin: 10px 0 0 0;
}
.modules-left {
margin: 10px 0 0 10px;
}
button {
/* Use box-shadow instead of border so the text isn't offset */
/* box-shadow: inset 0 -3px transparent; */
border: none;
}
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
/*
button:hover {
background: inherit;
box-shadow: inset 0 -3px #ebdbb2;
} */
#workspaces {
background-color: #282828;
}
#workspaces button {
padding: 0 5px;
background-color: transparent;
color: #ebdbb2;
border-radius: 0;
}
#workspaces button:first-child {
border-radius: 5px 0 0 5px;
}
#workspaces button:last-child {
border-radius: 0 5px 5px 0;
}
#workspaces button:hover {
color: #d79921;
}
#workspaces button.focused {
background-color: #665c54;
/* box-shadow: inset 0 -3px #ffffff; */
}
#workspaces button.urgent {
background-color: #b16286;
}
#idle_inhibitor,
#cava,
#scratchpad,
#mode,
#window,
#clock,
#battery,
#backlight,
#wireplumber,
#tray,
#mpris,
#load {
padding: 0 10px;
background-color: #282828;
color: #ebdbb2;
}
#mode {
background-color: #689d6a;
color: #282828;
/* box-shadow: inset 0 -3px #ffffff; */
}
/* If workspaces is the leftmost module, omit left margin */
.modules-left > widget:first-child > #workspaces {
margin-left: 0;
}
/* If workspaces is the rightmost module, omit right margin */
.modules-right > widget:last-child > #workspaces {
margin-right: 0;
}
#cava {
padding: 0 5px;
}
#battery.charging, #battery.plugged {
background-color: #98971a;
color: #282828;
}
@keyframes blink {
to {
background-color: #282828;
color: #ebdbb2;
}
}
/* Using steps() instead of linear as a timing function to limit cpu usage */
#battery.critical:not(.charging) {
background-color: #cc241d;
color: #ebdbb2;
animation-name: blink;
animation-duration: 0.5s;
animation-timing-function: steps(12);
animation-iteration-count: infinite;
animation-direction: alternate;
}
label:focus {
background-color: #000000;
}
#wireplumber.muted {
background-color: #458588;
}
#tray > .passive {
-gtk-icon-effect: dim;
}
#tray > .needs-attention {
-gtk-icon-effect: highlight;
}
#mpris.playing {
background-color: #d79921;
color: #282828;
}
#tray menu {
font-family: sans-serif;
}
#scratchpad.empty {
background: transparent;
}

6
lib/vim/init.lua
View File

@@ -91,6 +91,7 @@ local language_servers = {
-- tsserver = {}, -- typescript-language-server
cssls = {},
elmls = {}, -- elm-language-server
gopls = {}, -- gopls
denols = {}, -- deno built in
bashls = {}, -- bash-language-server
lua_ls = {
@@ -154,10 +155,11 @@ local language_servers = {
}
for server, settings in pairs(language_servers) do
require('lspconfig')[server].setup{
vim.lsp.config(server, {
on_attach = on_attach,
flags = lsp_flags,
settings = settings,
capabilities = capabilities
}
})
vim.lsp.enable(server)
end

10
lib/vim/init.vim
View File

@@ -102,6 +102,7 @@ augroup filetypes
autocmd bufnewfile,bufread urls,config set filetype=conf
autocmd bufnewfile,bufread *.elm packadd elm-vim | set filetype=elm shiftwidth=4
autocmd bufnewfile,bufread *.md packadd vim-pandoc | packadd vim-pandoc-syntax | set filetype=pandoc
autocmd bufnewfile,bufread *.ex,*.exs packadd vim-elixir | set filetype=elixir
autocmd filetype haskell packadd haskell-vim | set keywordprg=hoogle\ -i
autocmd filetype javascript packadd vim-javascript
autocmd filetype make setlocal noexpandtab
@@ -124,3 +125,12 @@ set complete+=kspell
let g:pandoc#syntax#conceal#use = 0
let g:pandoc#modules#disabled = []
let g:pandoc#spell#default_langs = ['en', 'de']
autocmd! User GoyoEnter Limelight
autocmd! User GoyoLeave Limelight!
" Disable Copilot by default
let b:copilot_enabled = v:false
" keymap to toggle it enabled
nnoremap <leader>gc :let b:copilot_enabled = !b:copilot_enabled<CR>

140
modules/go-webring.nix Normal file
View File

@@ -0,0 +1,140 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib)
mkEnableOption
mkPackageOption
mkOption
types
literalExpression
mkIf
;
cfg = config.services.go-webring;
defaultAddress = "127.0.0.1:2857";
in
{
options = {
services.go-webring = {
enable = mkEnableOption "go-webring";
package = mkPackageOption pkgs "go-webring" { };
contactInstructions = mkOption {
type = types.nullOr types.str;
default = null;
description = "Contact instructions for errors";
example = "contact the admin and let them know what's up";
};
host = mkOption {
type = types.str;
description = "Host this webring runs on, primarily used for validation";
example = "my-webri.ng";
};
homePageTemplate = mkOption {
type = types.str;
description = ''
This should be any HTML file with the string "{{ . }}" placed
wherever you want the table of members inserted. This table is
plain HTML so you can style it with CSS.
'';
};
listenAddress = mkOption {
type = types.str;
default = defaultAddress;
description = "Host and port go-webring will listen on";
};
members = mkOption {
type = types.listOf (
types.submodule {
options = {
username = mkOption {
type = types.str;
description = "Member's name";
};
site = mkOption {
type = types.str;
description = "Member's site URL";
};
};
}
);
description = "List of members in the webring";
};
};
};
config = mkIf cfg.enable {
systemd.services.go-webring = {
description = "go-webring service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
requires = [ "network.target" ];
serviceConfig = {
Type = "simple";
ExecStart = ''
${lib.getExe cfg.package} \
${lib.optionalString (cfg.contactInstructions != null) ("--contact " + lib.escapeShellArg cfg.contactInstructions)} \
--host ${cfg.host} \
--index ${pkgs.writeText "index.html" cfg.homePageTemplate} \
--listen ${cfg.listenAddress} \
--members ${
pkgs.writeText "list.txt" (
lib.concatMapStrings (member: member.username + " " + member.site + "\n") cfg.members
)
}
'';
User = "go-webring";
DynamicUser = true;
RuntimeDirectory = "go-webring";
WorkingDirectory = "/var/lib/go-webring";
StateDirectory = "go-webring";
RuntimeDirectoryMode = "0750";
Restart = "always";
RestartSec = 5;
# Hardening
CapabilityBoundingSet = [ "" ];
DeviceAllow = [ "" ];
LockPersonality = true;
MemoryDenyWriteExecute = true;
PrivateDevices = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
];
UMask = "0077";
};
};
environment.systemPackages = [ cfg.package ];
};
}

21
packages/go-webring.nix Normal file
View File

@@ -0,0 +1,21 @@
{ buildGoModule, fetchgit, lib }:
buildGoModule {
pname = "go-webring";
version = "2024-12-18";
src = fetchgit {
url = "https://git.sr.ht/~amolith/go-webring";
rev = "0b5b1bf21ff91119ea2dd042ee9fe94e9d1cd8d4";
hash = "sha256-az6vBOGiZmzfsMjYUacXMHhDeRDmVI/arCKCpHeTcns=";
};
vendorHash = "sha256-3PnXB8AfZtgmYEPJuh0fwvG38dtngoS/lxyx3H+rvFs=";
meta = {
mainProgram = "go-webring";
description = "Simple webring implementation";
homepage = "https://git.sr.ht/~amolith/go-webring";
license = lib.licenses.bsd2; # cc0 as well
maintainers = [ lib.maintainers.kmein ];
};
}

4
packages/hc.nix
View File

@@ -9,7 +9,7 @@
gnugrep,
qrencode,
texlive,
utillinux,
util-linux,
zbar,
}:
stdenv.mkDerivation rec {
@@ -38,7 +38,7 @@ stdenv.mkDerivation rec {
gnugrep
qrencode
texlive.combined.scheme-full
utillinux
util-linux
zbar
]}
'';

4
packages/klem.nix
View File

@@ -42,14 +42,14 @@ in
pkgs.writers.writeDashBin "klem" ''
set -efu
${pkgs.wl-clipboard}/bin/wl-paste \
${pkgs.xclip}/bin/xclip -selection ${cfg.selection} -out \
| case $(echo "${
lib.concatStringsSep "\n" (lib.attrNames cfg.scripts)
}" | ${cfg.dmenu}) in
${lib.concatStringsSep "\n" (lib.mapAttrsToList scriptCase cfg.scripts)}
*) ${pkgs.coreutils}/bin/cat ;;
esac \
| ${pkgs.wl-clipboard}/bin/wl-copy
| ${pkgs.xclip}/bin/xclip -selection ${cfg.selection} -in
${pkgs.libnotify}/bin/notify-send --app-name="klem" "Result copied to clipboard."
''

6
packages/notemenu.nix
View File

@@ -1,7 +1,7 @@
{
writers,
lib,
wofi,
rofi,
findutils,
coreutils,
noteDirectory ? "~/state/obsidian",
@@ -11,7 +11,7 @@
writers.writeDashBin "notemenu" ''
set -efu
PATH=$PATH:${
lib.makeBinPath [wofi findutils coreutils]
lib.makeBinPath [rofi findutils coreutils]
}
cd ${noteDirectory}
@@ -21,7 +21,7 @@ writers.writeDashBin "notemenu" ''
echo $(date -I -d yesterday).md
''}
find . -not -path '*/.*' -type f -printf "%T@ %p\n" | sort --reverse --numeric-sort | cut --delimiter=" " --fields=2-
} | wofi -dmenu -i -p 'notes')
} | rofi -dmenu -i -p 'notes')
if test "$note_file"
then
alacritty --working-directory ${noteDirectory} -e ${niveumPackages.obsidian-vim}/bin/nvim "$note_file"

3
packages/obsidian-vim.nix
View File

@@ -22,7 +22,7 @@ neovim.override {
\ 'path': '${obsidiantVaultDirectory}',
\ 'syntax': 'markdown',
\ 'ext': '.md',
\ 'diary_rel_path' '.',
\ 'diary_rel_path': '.',
\}]
let NERDTreeSortOrder = ['[[-timestamp]]']
@@ -35,7 +35,6 @@ neovim.override {
vimPlugins.nerdtree
vimPlugins.fzf-vim
vimPlugins.fzfWrapper
vimPlugins.vim-fugitive
];
};
}

18
packages/passmenu.nix
View File

@@ -1,18 +0,0 @@
{ writers, wofi, pass, fd, libnotify, ... }:
writers.writeBashBin "passmenu" ''
shopt -s nullglob globstar
IFS=$'\n'
prefix=$(readlink -f ''${PASSWORD_STORE_DIR-~/.password-store})
password_files=( $( ${fd}/bin/fd -L ".gpg\$" "$prefix" ) )
password_files=( "''${password_files[@]#"$prefix"/}" )
password_files=( "''${password_files[@]%.gpg}" )
password=$( printf '%s\n' "''${password_files[@]}" | ${wofi}/bin/wofi -i -k /dev/null -d menu -- "$@" )
[[ -n $password ]] || exit
OUT=$(${pass}/bin/pass show --clip "$password")
${libnotify}/bin/notify-send -t 5000 "$(echo "$OUT" | grep '^login:' | sed 's/^login: //')"
''

5
packages/pls.nix
View File

@@ -1,6 +1,7 @@
{
lib,
writers,
yt-dlp,
miller,
gnused,
curl,
@@ -95,6 +96,10 @@
"ich kann damit leben"
"es ist was es ist"
];
download = writers.writeDash "download" ''
${yt-dlp}/bin/yt-dlp --add-metadata --audio-format mp3 --audio-quality 0 -xic "$@"
'';
in
writers.writeDashBin "pls" ''
case "$1" in

4
packages/qrpaste.nix
View File

@@ -2,7 +2,7 @@
writers,
mktemp,
qrencode,
wl-clipboard,
xclip,
nsxiv,
}:
writers.writeDashBin "qrpaste" ''
@@ -11,6 +11,6 @@ writers.writeDashBin "qrpaste" ''
clean() {
rm "$file"
}
${qrencode}/bin/qrencode "$(${wl-clipboard}/bin/wl-paste)" -o "$file"
${qrencode}/bin/qrencode "$(${xclip}/bin/xclip -selection clipboard -out)" -o "$file"
${nsxiv}/bin/nsxiv "$file"
''

4
packages/scanned.nix
View File

@@ -2,8 +2,12 @@
{
writers,
imagemagick,
ghostscript,
lib
}:
writers.writeDashBin "scanned" ''
export PATH=${lib.makeBinPath [ imagemagick ghostscript ]}:$PATH
[ $# -eq 1 -a -f "$1" -a -r "$1" ] || exit 1
${imagemagick}/bin/convert \

45
packages/stag.nix Normal file
View File

@@ -0,0 +1,45 @@
{
lib,
stdenv,
fetchFromGitHub,
ncurses,
taglib,
zlib,
}:
stdenv.mkDerivation rec {
pname = "stag";
version = "1.0";
src = fetchFromGitHub {
owner = "smabie";
repo = "stag";
rev = "v${version}";
hash = "sha256-IWb6ZbPlFfEvZogPh8nMqXatrg206BTV2DYg7BMm7R4=";
};
buildInputs = [
ncurses
taglib
zlib
];
buildPhase = ''
make all
'';
installPhase = ''
mkdir -p $out/bin
cp stag $out/bin/
mkdir -p $out/man/man1
mv stag.1 $out/man/man1/
'';
meta = {
description = "public domain utf8 curses based audio file tagger";
homepage = "https://github.com/smabie/stag";
license = lib.licenses.publicDomain;
maintainers = [ lib.maintainers.kmein ];
platforms = lib.platforms.unix;
source = src;
};
}

4
packages/ttspaste.nix
View File

@@ -1,10 +1,10 @@
{
writers,
wl-clipboard,
xclip,
espeak,
}:
writers.writeDashBin "ttspaste" ''
${wl-clipboard}/bin/paste | ${espeak}/bin/espeak
${xclip}/bin/xclip -selection clipboard -out | ${espeak}/bin/espeak
''
# curl, mpv,
# ${curl}/bin/curl -G http://tts.r/api/tts --data-urlencode 'text@-' | ${mpv}/bin/mpv -

6
packages/unicodmenu.nix
View File

@@ -8,7 +8,7 @@
dmenu,
gnused,
libnotify,
wl-clipboard,
xclip,
xdotool,
gawk,
fetchFromGitHub,
@@ -90,7 +90,7 @@ in
writers.writeDashBin "unicodmenu" ''
history_file=$HOME/.cache/unicodmenu
touch "$history_file"
PATH=${lib.makeBinPath [coreutils dmenu gawk gnused libnotify wl-clipboard xdotool]}
PATH=${lib.makeBinPath [coreutils dmenu gawk gnused libnotify xclip xdotool]}
all_characters() {
tac "$history_file"
@@ -101,7 +101,7 @@ in
[ "$chosen" != "" ] || exit
echo "$chosen" | tr -d '\n' | wl-copy
echo "$chosen" | tr -d '\n' | xclip -selection clipboard
if [ -n "$1" ]; then
xdotool key Shift+Insert

8
packages/vim.nix
View File

@@ -40,6 +40,13 @@
editorconfig-vim
copilot-vim
goyo
limelight-vim
niveumPackages.vimPlugins-mdwa-nvim
niveumPackages.vimPlugins-vim-ernest
fzf-vim
fzfWrapper
supertab
@@ -74,6 +81,7 @@
dhall-vim
elm-vim
emmet-vim
vim-elixir
haskell-vim
niveumPackages.vimPlugins-icalendar-vim
niveumPackages.vimPlugins-jq-vim

2
packages/vimPlugins/cheat-sh.nix
View File

@@ -1,7 +1,7 @@
{
vimUtils,
fetchFromGitHub,
}: (vimUtils.buildVimPluginFrom2Nix {
}: (vimUtils.buildVimPlugin {
pname = "cheat.sh-vim";
version = "826219d1";
src = fetchFromGitHub {

2
packages/vimPlugins/icalendar-vim.nix
View File

@@ -1,7 +1,7 @@
{
vimUtils,
fetchFromGitHub,
}: (vimUtils.buildVimPluginFrom2Nix {
}: (vimUtils.buildVimPlugin {
pname = "icalendar.vim";
version = "542fff45";
src = fetchFromGitHub {

2
packages/vimPlugins/jq-vim.nix
View File

@@ -2,7 +2,7 @@
vimUtils,
fetchFromGitHub,
}:
vimUtils.buildVimPluginFrom2Nix {
vimUtils.buildVimPlugin {
pname = "jq.vim";
version = "5baf8ed1";
src = fetchFromGitHub {

13
packages/vimPlugins/mdwa-nvim.nix Normal file
View File

@@ -0,0 +1,13 @@
{
vimUtils,
fetchFromGitHub,
}: (vimUtils.buildVimPlugin {
pname = "mdwa.nvim";
version = "9f37270";
src = fetchFromGitHub {
owner = "tihawk";
repo = "mdwa.nvim";
rev = "9f3727037e0d85fd0930334b91b9687a5a880192";
hash = "sha256-h2jy2E+pN2Ma/5n9Eq2oXr9xHma2OxxVvx9EJ+bIYxA=";
};
})

2
packages/vimPlugins/typst-vim.nix
View File

@@ -2,7 +2,7 @@
vimUtils,
fetchFromGitHub,
}:
vimUtils.buildVimPluginFrom2Nix {
vimUtils.buildVimPlugin {
pname = "typst.vim";
version = "2882f21";
src = fetchFromGitHub {

2
packages/vimPlugins/vim-256noir.nix
View File

@@ -2,7 +2,7 @@
vimUtils,
fetchFromGitHub,
}:
vimUtils.buildVimPluginFrom2Nix {
vimUtils.buildVimPlugin {
pname = "vim-256noir";
version = "e8668a18";
src = fetchFromGitHub {

2
packages/vimPlugins/vim-colors-paramount.nix
View File

@@ -2,7 +2,7 @@
vimUtils,
fetchFromGitHub,
}:
vimUtils.buildVimPluginFrom2Nix rec {
vimUtils.buildVimPlugin {
pname = "vim-colors-paramount";
version = "a5601d36";
src = fetchFromGitHub {

14
packages/vimPlugins/vim-ernest.nix Normal file
View File

@@ -0,0 +1,14 @@
{
vimUtils,
fetchFromGitHub,
lib,
}: (vimUtils.buildVimPlugin {
pname = "vim-ernest";
version = "4b99bc3";
src = fetchFromGitHub {
owner = "lgalke";
repo = "vim-ernest";
rev = "4b99bc3fe3deb7bb958ad2f64cad93569eeb50d7";
hash = "sha256-AUuRnnZU39XUerBxNelEqVyDAalRm3VGNUQb15fjXjM=";
};
})

2
packages/vimPlugins/vim-fetch.nix
View File

@@ -1,7 +1,7 @@
{
vimUtils,
fetchFromGitHub,
}: (vimUtils.buildVimPluginFrom2Nix rec {
}: (vimUtils.buildVimPlugin {
pname = "vim-fetch";
version = "76c08586";
src = fetchFromGitHub {

2
packages/vimPlugins/vim-fsharp.nix
View File

@@ -2,7 +2,7 @@
vimUtils,
fetchFromGitHub,
}:
vimUtils.buildVimPluginFrom2Nix {
vimUtils.buildVimPlugin {
pname = "vim-fsharp";
version = "627db7d7";
src = fetchFromGitHub {

2
packages/vimPlugins/vim-mail.nix
View File

@@ -2,7 +2,7 @@
vimUtils,
fetchFromGitHub,
}:
vimUtils.buildVimPluginFrom2Nix {
vimUtils.buildVimPlugin {
pname = "vim-mail";
version = "acdbb5bd";
src = fetchFromGitHub {

2
packages/vimPlugins/vim-reason-plus.nix
View File

@@ -1,7 +1,7 @@
{
vimUtils,
fetchFromGitHub,
}: (vimUtils.buildVimPluginFrom2Nix {
}: (vimUtils.buildVimPlugin {
pname = "vim-reason-plus";
version = "c11a2940";
src = fetchFromGitHub {

7
packages/weechat-declarative.nix
View File

@@ -1,7 +1,6 @@
{
pkgs,
lib,
unstablePackages,
...
} @ args: let
# config cannot be declared in the input attribute set because that would
@@ -137,7 +136,7 @@
))
);
weechat = unstablePackages.weechat.override {
weechatPkg = pkgs.weechat.override {
configure = _: {
init = "/exec -oc cat ${setFile}";
@@ -163,14 +162,14 @@
cfg.files
)
}
exec ${weechat}/bin/weechat "$@"
exec ${weechatPkg}/bin/weechat "$@"
'';
in
pkgs.symlinkJoin {
name = "weechat-configured";
paths = [
wrapper
unstablePackages.weechat
weechatPkg
];
postBuild = ''
ln -s ${setFile} $out/weechat.set

2
secrets

Submodule secrets updated: e14a3170cc...236a3353a7

4
secrets.txt
View File

@@ -1,8 +1,11 @@
secrets/alertmanager-token-reporters.age
secrets/brevo-key.age
secrets/cifs-credentials-zodiac.age
secrets/copecart-ipn.age
secrets/di-fm-key.age
secrets/email-password-cock.age
secrets/email-password-fysi.age
secrets/email-password-ical-ephemeris.age
secrets/email-password-letos.age
secrets/email-password-meinhak99.age
secrets/email-password-posteo.age
@@ -76,6 +79,7 @@ secrets/telegram-token-proverb.age
secrets/telegram-token-reverse.age
secrets/telegram-token-streaming-link.age
secrets/weechat-sec.conf.age
secrets/wifi.age
secrets/zaatar-moodle-dl-basicAuth.age
secrets/zaatar-moodle-dl-tokens.json.age
secrets/zaatar-retiolum-privateKey-ed25519.age

1
systems/fatteh/configuration.nix
View File

@@ -9,6 +9,7 @@ in {
./hardware-configuration.nix
../../configs/networkmanager.nix
../../configs/default.nix
../../configs/0ad.nix
# ../../configs/gnome.nix
];

6
systems/ful/configuration.nix
View File

@@ -2,6 +2,7 @@
config,
pkgs,
lib,
inputs,
...
}: let
inherit (import ../../lib) kieran retiolumAddresses restic;
@@ -12,8 +13,10 @@ in {
./radio.nix
./panoptikon.nix
./hledger.nix
./go-webring.nix
./gemini.nix
./ical-ephemeris.nix
./wallabag.nix
./alew.nix
../../configs/monitoring.nix
../../configs/mycelium.nix
../../configs/tor.nix
@@ -69,7 +72,6 @@ in {
];
};
users.users.servant = {
isSystemUser = true;
group = "servant";

15
systems/ful/gemini.nix Normal file
View File

@@ -0,0 +1,15 @@
{ config, ... }:
{
networking.firewall.allowedTCPPorts = [ 1965 ];
services.agate = {
enable = true;
addresses = [ "0.0.0.0:1965" ];
hostnames = [ "kmein.de" ];
language = "de";
};
services.restic.backups.niveum.paths = [
config.services.agate.contentDir
config.services.agate.certificatesDir
];
}

39
systems/ful/go-webring.nix Normal file
View File

@@ -0,0 +1,39 @@
{ config, niveumPackages ,... }:
let
port = 2857;
in
{
services.go-webring = {
enable = true;
host = "dichtungsring.kmein.de";
listenAddress = "127.0.0.1:${toString port}";
package = niveumPackages.go-webring;
members = [
{ username = "meteora"; site = "meteora.xn--kiern-0qa.de"; }
{ username = "huldra"; site = "huldras-halbtraum.com"; }
];
homePageTemplate = ''
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Dichtungsring</title>
</head>
<body>
<h1>Willkommen beim Dichtungs-Ring</h1>
<p>Ein <a href="https://de.wikipedia.org/wiki/Webring">Webring</a> für die Dichtung.</p>
<section id="members">
<table><tbody>{{ . }}</tbody></table>
</section>
</body>
</html>
'';
};
services.nginx.virtualHosts."dichtungsring.kmein.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://${config.services.go-webring.listenAddress}";
};
}

29
systems/ful/ical-ephemeris.nix Normal file
View File

@@ -0,0 +1,29 @@
{ config, ... }:
let
port = 9090;
in
{
services.nginx.virtualHosts."ical-ephemeris.kmein.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}/";
};
};
services.ical-ephemeris = {
enable = true;
inherit port;
brevoApiKeyFile = config.age.secrets.brevo-key.path;
copecartIpnKeyFile = config.age.secrets.copecart-ipn.path;
baseUrl = "https://ical-ephemeris.kmein.de";
};
age.secrets.copecart-ipn = {
file = ../../secrets/copecart-ipn.age;
};
age.secrets.brevo-key = {
file = ../../secrets/brevo-key.age;
};
}

15
systems/kabsa/configuration.nix
View File

@@ -1,16 +1,11 @@
{
config,
niveumPackages,
pkgs,
lib,
inputs,
...
}:
let
# TODO wrap obsidian: obsidian --no-sandbox --ozone-platform=wayland --ozone-platform-hint=auto --enable-features=UseOzonePlatform,WaylandWindowDecorations %U
}: let
inherit (import ../../lib) retiolumAddresses;
in
{
in {
imports = [
../kibbeh/hardware-configuration.nix
../../configs/tlp.nix
@@ -50,13 +45,13 @@ in
wireguard-aether-psk.file = ../../secrets/kabsa-wireguard-aether-psk.age;
};
networking.wg-quick.interfaces.aether.address = [ "192.168.178.203/24" ];
networking.wg-quick.interfaces.aether.address = ["192.168.178.203/24"];
environment.systemPackages = [ pkgs.zeroad ];
environment.systemPackages = [pkgs.zeroad];
networking = {
hostName = "kabsa";
wireless.interfaces = [ "wlp3s0" ];
wireless.interfaces = ["wlp3s0"];
retiolum = retiolumAddresses.kabsa;
};

21
systems/makanek/configuration.nix
View File

@@ -13,7 +13,7 @@ in {
./menstruation.nix
./moinbot.nix
./monitoring
./names.nix
# ./names.nix
./nextcloud.nix
../../configs/mycelium.nix
./radio-news.nix
@@ -48,7 +48,7 @@ in {
config.services.grafana.dataDir
config.services.gitea.stateDir
config.services.weechat.root
config.services.nginx.virtualHosts."www.kmein.de".root
config.services.nginx.virtualHosts."www.kmein.de".locations."/".root
"/var/lib/weechat"
"/var/lib/codimd"
];
@@ -121,7 +121,22 @@ in {
services.nginx.virtualHosts."www.kmein.de" = {
addSSL = true;
enableACME = true;
root = "/var/www/kmein.de";
locations."/" = {
root = "/var/www/kmein.de";
extraConfig = ''
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
# Handle preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
return 204; # No Content
}
'';
};
};
environment.systemPackages = [

351
systems/makanek/monitoring/default.nix
View File

@@ -3,11 +3,13 @@
config,
pkgs,
...
}: let
}:
let
lokiConfig = import ./loki.nix;
blackboxConfig = import ./blackbox.nix;
inherit (import ../../../lib) restic;
in {
in
{
services.grafana = {
enable = true;
settings = {
@@ -80,143 +82,150 @@ in {
}
];
services.prometheus.rules = let
diskFreeThreshold = 10;
in [
(builtins.toJSON {
groups = [
{
name = "niveum";
rules = [
{
alert = "HostSystemdServiceCrashed";
expr = ''(node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}'';
annotations = {
description = "{{$labels.name}} failed on {{$labels.instance}}";
};
}
{
alert = "RootPartitionFull";
for = "10m";
expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
annotations = {
description = ''{{ $labels.instance }} running out of space: {{ $value | printf "%.2f" }}% < ${toString diskFreeThreshold}%'';
};
}
{
alert = "RootPartitionFullWeek";
for = "1h";
expr =
''node_filesystem_free_bytes{mountpoint="/"} ''
+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
annotations = {
description = "{{$labels.instance}} running out of space in 7 days";
};
}
{
alert = "HighLoad";
expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
for = "10m";
annotations = {
description = "{{$labels.instance}} running on high load: {{$value}}";
};
}
{
alert = "HostUnusualNetworkThroughputIn";
expr = ''(rate(node_network_receive_bytes_total[2m])) / 1024 / 1024 > 100'';
for = "5m";
annotations.description = "Host unusual network throughput in (instance {{ $labels.instance }})";
}
{
alert = "HostUnusualNetworkThroughputOut";
expr = ''(rate(node_network_transmit_bytes_total[2m])) / 1024 / 1024 > 100'';
for = "5m";
annotations.description = "Host unusual network throughput out (instance {{ $labels.instance }})";
}
{
alert = "HostUnusualDiskReadRate";
expr = ''(rate(node_disk_read_bytes_total[2m])) / 1024 / 1024 > 50'';
for = "5m";
annotations.description = "Host unusual disk read rate (instance {{ $labels.instance }})";
}
{
alert = "HostUnusualDiskWriteRate";
expr = ''(rate(node_disk_written_bytes_total[2m])) / 1024 / 1024 > 50'';
for = "2m";
annotations.description = "Host unusual disk write rate (instance {{ $labels.instance }})";
}
{
alert = "HostOutOfInodes";
expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and ON (instance, device, mountpoint) node_filesystem_readonly == 0'';
for = "2m";
annotations.description = "Host out of inodes (instance {{ $labels.instance }})";
}
{
alert = "HostInodesWillFillIn24Hours";
expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0'';
for = "2m";
annotations.description = "Host inodes will fill in 24 hours (instance {{ $labels.instance }})";
}
{
alert = "HighRAM";
expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
for = "1h";
annotations.description = "{{$labels.instance}} using lots of RAM";
}
{
alert = "UptimeMonster";
expr = "time() - node_boot_time_seconds > 2592000";
annotations.description = "uptime monster {{$labels.instance}} up for more than 30 days";
}
{
alert = "HostDown";
expr = ''up == 0'';
for = "5m";
annotations = {
description = "{{ $labels.instance }} seeming down since 5 minutes";
};
}
{
alert = "Reboot";
expr = "time() - node_boot_time_seconds < 300";
annotations.description = "{{$labels.instance}} rebooted";
}
{
alert = "ProbeFailed";
expr = "probe_success == 0";
for = "5m";
annotations.description = "HTTP probe failed for {{$labels.instance}}";
}
{
alert = "SlowProbe";
expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
for = "5m";
annotations.description = "HTTP probe slow for {{$labels.instance}}";
}
{
alert = "HttpStatusCode";
expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
for = "5m";
annotations.description = "status code {{$value}} for {{$labels.instance}}";
}
{
alert = "SslExpirySoon";
expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
for = "5m";
annotations.description = "SSL certificate for {{$labels.instance}} expires in 30 days";
}
{
alert = "SslExpiry";
expr = "probe_ssl_earliest_cert_expiry - time() <= 0";
for = "5m";
annotations.description = "SSL certificate for {{$labels.instance}} has expired";
}
];
}
];
})
];
services.prometheus.rules =
let
diskFreeThreshold = 10;
in
[
(builtins.toJSON {
groups = [
{
name = "niveum";
rules = [
{
alert = "HostSystemdServiceCrashed";
expr = ''(node_systemd_unit_state{state="failed"} == 1) * on(instance) group_left (nodename) node_uname_info{nodename=~".+"}'';
annotations = {
description = "{{$labels.name}} failed on {{$labels.instance}}";
};
}
{
alert = "RootPartitionFull";
for = "10m";
expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
annotations = {
description = ''{{ $labels.instance }} running out of space: {{ $value | printf "%.2f" }}% < ${toString diskFreeThreshold}%'';
};
}
{
alert = "RootPartitionFullWeek";
for = "1h";
expr =
''node_filesystem_free_bytes{mountpoint="/"} ''
+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
annotations = {
description = "{{$labels.instance}} running out of space in 7 days";
};
}
{
alert = "HighLoad";
expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
for = "10m";
annotations = {
description = "{{$labels.instance}} running on high load: {{$value}}";
};
}
{
alert = "HostUnusualNetworkThroughputIn";
expr = ''(rate(node_network_receive_bytes_total[2m])) / 1024 / 1024 > 100'';
for = "5m";
annotations.description = "Host unusual network throughput in (instance {{ $labels.instance }})";
}
{
alert = "HostUnusualNetworkThroughputOut";
expr = ''(rate(node_network_transmit_bytes_total[2m])) / 1024 / 1024 > 100'';
for = "5m";
annotations.description = "Host unusual network throughput out (instance {{ $labels.instance }})";
}
{
alert = "HostUnusualDiskReadRate";
expr = ''(rate(node_disk_read_bytes_total[2m])) / 1024 / 1024 > 50'';
for = "5m";
annotations.description = "Host unusual disk read rate (instance {{ $labels.instance }})";
}
{
alert = "HostUnusualDiskWriteRate";
expr = ''(rate(node_disk_written_bytes_total[2m])) / 1024 / 1024 > 50'';
for = "2m";
annotations.description = "Host unusual disk write rate (instance {{ $labels.instance }})";
}
{
alert = "HostOutOfInodes";
expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and ON (instance, device, mountpoint) node_filesystem_readonly == 0'';
for = "2m";
annotations.description = "Host out of inodes (instance {{ $labels.instance }})";
}
{
alert = "HostInodesWillFillIn24Hours";
expr = ''node_filesystem_files_free{fstype!="msdosfs"} / node_filesystem_files{fstype!="msdosfs"} * 100 < 10 and predict_linear(node_filesystem_files_free{fstype!="msdosfs"}[1h], 24 * 3600) < 0 and ON (instance, device, mountpoint) node_filesystem_readonly{fstype!="msdosfs"} == 0'';
for = "2m";
annotations.description = "Host inodes will fill in 24 hours (instance {{ $labels.instance }})";
}
{
alert = "HighRAM";
expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
for = "1h";
annotations.description = "{{$labels.instance}} using lots of RAM";
}
{
alert = "UptimeMonster";
expr = "time() - node_boot_time_seconds > 2592000";
annotations.description = "uptime monster {{$labels.instance}} up for more than 30 days";
}
{
alert = "HostDown";
expr = ''up == 0'';
for = "5m";
annotations = {
description = "{{ $labels.instance }} seeming down since 5 minutes";
};
}
{
alert = "Reboot";
expr = "time() - node_boot_time_seconds < 300";
annotations.description = "{{$labels.instance}} rebooted";
}
{
alert = "Mastodon";
expr = ''probe_success{instance="https://social.krebsco.de"} == 0'';
for = "5m";
annotations.description = "Mastodon instance {{$labels.instance}} is down";
}
{
alert = "ProbeFailed";
expr = "probe_success == 0";
for = "5m";
annotations.description = "HTTP probe failed for {{$labels.instance}}";
}
{
alert = "SlowProbe";
expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
for = "5m";
annotations.description = "HTTP probe slow for {{$labels.instance}}";
}
{
alert = "HttpStatusCode";
expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
for = "5m";
annotations.description = "status code {{$value}} for {{$labels.instance}}";
}
{
alert = "SslExpirySoon";
expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
for = "5m";
annotations.description = "SSL certificate for {{$labels.instance}} expires in 30 days";
}
{
alert = "SslExpiry";
expr = "probe_ssl_earliest_cert_expiry - time() <= 0";
for = "5m";
annotations.description = "SSL certificate for {{$labels.instance}} has expired";
}
];
}
];
})
];
# ref https://github.com/Mic92/dotfiles/blob/f44bac5dd6970ed3fbb4feb906917331ec3c2be5/machines/eva/modules/prometheus/default.nix
systemd.services.matrix-hook = {
@@ -246,6 +255,33 @@ in {
};
};
systemd.services.matrix-hook-lassulus = {
description = "Matrix Hook";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment = {
HTTP_ADDRESS = "[::1]";
HTTP_PORT = "9089";
MX_HOMESERVER = "https://matrix.4d2.org";
MX_ID = "@lakai:4d2.org";
MX_ROOMID = "!MJAGqBAOKZGMywzwkI:lassul.us";
MX_MSG_TEMPLATE = "${pkgs.matrix-hook}/message.html.tmpl";
};
serviceConfig = {
EnvironmentFile = [
# format: MX_TOKEN=<token>
config.age.secrets.matrix-token-lakai-env.path
];
Type = "simple";
ExecStart = "${pkgs.matrix-hook}/bin/matrix-hook";
Restart = "always";
RestartSec = "10";
DynamicUser = true;
User = "matrix-hook";
Group = "matrix-hook";
};
};
age.secrets = {
matrix-token-lakai-env.file = ../../../secrets/matrix-token-lakai-env.age;
};
@@ -260,8 +296,23 @@ in {
group_wait = "30s";
repeat_interval = "24h";
receiver = "matrix";
routes = [
{
receiver = "lassulus";
matchers = [ "alertname = \"Mastodon\"" ];
}
];
};
receivers = [
{
name = "lassulus";
webhook_configs = [
{
url = "http://localhost:9089/alert";
max_alerts = 5;
}
];
}
{
name = "matrix";
webhook_configs = [
@@ -306,13 +357,21 @@ in {
{
scheme = "http";
path_prefix = "/";
static_configs = [{targets = ["localhost:${toString config.services.prometheus.alertmanager.port}"];}];
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.alertmanager.port}" ]; }
];
}
];
# otherwise bearer_token_file will fail
services.prometheus.checkConfig = "syntax-only";
services.prometheus.extraFlags = [
"--storage.tsdb.retention.time=7d"
"--storage.tsdb.retention.size=2GB"
"--storage.tsdb.wal-compression"
];
services.prometheus.scrapeConfigs = [
{
job_name = "makanek";
@@ -328,14 +387,14 @@ in {
scrape_interval = "5m";
job_name = "blackbox";
metrics_path = "/probe";
params.module = ["http_2xx"];
params.module = [ "http_2xx" ];
relabel_configs = [
{
source_labels = ["__address__"];
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = ["__param_target"];
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
@@ -393,7 +452,7 @@ in {
scrape_interval = "60s";
metrics_path = "/api/prometheus";
scheme = "http";
static_configs = [{targets = ["zaatar.r:8123"];}];
static_configs = [ { targets = [ "zaatar.r:8123" ]; } ];
bearer_token_file = config.age.secrets.home-assistant-token.path;
}
{
@@ -410,7 +469,7 @@ in {
services.prometheus.exporters.blackbox = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig;
configFile = (pkgs.formats.yaml { }).generate "blackbox.yaml" blackboxConfig;
};
networking.firewall.allowedTCPPorts = [
@@ -419,6 +478,6 @@ in {
services.loki = {
enable = true;
configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig;
configFile = (pkgs.formats.yaml { }).generate "loki.yaml" lokiConfig;
};
}

6
systems/makanek/weechat.nix
View File

@@ -1,15 +1,11 @@
{
lib,
pkgs,
config,
unstablePackages,
...
}: let
inherit (import ../../lib) kieran;
weechatHome = "/var/lib/weechat";
weechat-declarative = pkgs.callPackage ../../packages/weechat-declarative.nix {
inherit unstablePackages;
};
weechat-declarative = pkgs.callPackage ../../packages/weechat-declarative.nix {};
in {
systemd.services.weechat = let
tmux = pkgs.writers.writeDash "tmux" ''

2
systems/moto/configuration.nix
View File

@@ -26,7 +26,7 @@ in {
procps
tzdata
unzip
utillinux
util-linux
vim
which
xz

3
systems/zaatar/configuration.nix
View File

@@ -28,6 +28,9 @@ in {
services.pipewire.systemWide = true;
age.secrets = {
wifi = {
file = ../../secrets/wifi.age;
};
retiolum-rsa = {
file = ../../secrets/zaatar-retiolum-privateKey-rsa.age;
mode = "400";