ghoscht/nix-config
ghoscht/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: ghoscht:main
Branches Tags
ghoscht:main
ghoscht:structural-rework
ghoscht:old-structure
..
compare: ghoscht:structural-rework
Branches Tags
ghoscht:main
ghoscht:structural-rework
ghoscht:old-structure

No commits in common. "main" and "structural-rework" have entirely different histories.
main ... structural

255 changed files with 6414 additions and 11711 deletions
Show stats Expand all files Collapse all files

7
.sops.yaml
View file

@ -1,7 +0,0 @@
keys:
- &franz age1uauvjwfvg8u0zkn58ematurcptf43gz6vx44nwkq3xcnmwq95psqna9psw
creation_rules:
- path_regex: secrets/franz.yaml$
key_groups:
- age:
- *franz

20
README.md
View file

@ -1,20 +0,0 @@
# Nix-Config
## Installation
The NixOS installer image comes with password SSH auth disabled. Simply allowing the public Git keys is a nice workaround.
```sh
sudo systemctl start sshd
mkdir ~/.ssh; curl https://git.ghoscht.com/ghoscht.keys > ~/.ssh/authorized_keys
```
The specific config from "hosts" can be installed using the following command. Limiting the download speed is optional, but can come in handy.
```sh
sudo nixos-install --option download-speed 4000 --flake .#<CONFIG_NAME_HERE>
```
## RPi Image generation
```sh
nix build .#nixosConfigurations.eustachius.config.system.build.sdImage
sudo dd if=./result/sd-image/<IMAGE_NAME>.img of=/dev/<DEVICE_NAME> bs=1M status=progress
```

74
disko/btrfs-swap.nix
View file

@ -1,74 +0,0 @@
{device ? throw "Set this to your disk device, e.g. /dev/sda", ...}: {
disko.devices = {
disk.main = {
inherit device;
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "ESP";
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
swap = {
size = "4G";
content = {
type = "swap";
resumeDevice = true;
};
};
root = {
name = "root";
size = "100%";
content = {
type = "lvm_pv";
vg = "root_vg";
};
};
};
};
};
lvm_vg = {
root_vg = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
};
"/home" = {
mountOptions = ["compress=zstd"];
mountpoint = "/home";
};
"/nix" = {
mountOptions = ["subvol=nix" "compress=zstd" "noatime"];
mountpoint = "/nix";
};
};
};
};
};
};
};
};
}

1429
flake.lock
View file

File diff suppressed because it is too large Load diff

117
flake.nix
View file

@ -1,79 +1,40 @@
{
description = "GHOSCHT's NixOS config";
description = "Your new nix config";
inputs = {
# Nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
# You can access packages and modules from different nixpkgs revs
# at the same time. Here's an working example:
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# Also see the 'unstable-packages' overlay at 'overlays/default.nix'.
# Home manager
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager.url = "github:nix-community/home-manager/release-23.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
hardware.url = "github:nixos/nixos-hardware";
disko = {
url = "github:nix-community/disko";
nh = {
url = "github:viperml/nh";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-colors.url = "github:misterio77/nix-colors";
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
arkenfox = {
url = "github:dwarfmaster/arkenfox-nixos";
inputs.nixpkgs.follows = "nixpkgs";
};
xremap = {
url = "github:xremap/nix-flake";
inputs.nixpkgs.follows = "nixpkgs";
};
flatpaks = {
url = "github:GermanBread/declarative-flatpak/stable-v3";
inputs.nixpkgs.follows = "nixpkgs";
};
heliox-cli = {
url = "git+https://git.ghoscht.com/heliox/cli?ref=custom-dimming";
inputs.nixpkgs.follows = "nixpkgs";
};
picokontroller = {
url = "git+https://git.ghoscht.com/ghoscht/picoKontroller";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
arion = {
url = "github:hercules-ci/arion";
inputs.nixpkgs.follows = "nixpkgs";
};
stylix = {
url = "github:danth/stylix/release-24.11";
inputs.nixpkgs.follows = "nixpkgs";
};
nixvim = {
url = "github:nix-community/nixvim/nixos-24.11";
inputs.nixpkgs.follows = "nixpkgs";
};
xremap.url = "github:xremap/nix-flake";
};
outputs = {
self,
nixpkgs,
home-manager,
arkenfox,
...
} @ inputs: let
inherit (self) outputs;
@ -115,43 +76,12 @@
./hosts/adalbert
];
};
ludwig = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs vars;};
modules = [
./hosts/ludwig
];
};
leopold = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs vars;};
modules = [
./hosts/leopold
];
};
franz = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs vars;};
modules = [
./hosts/franz
];
};
# build with nix build .#nixosConfigurations.eustachius.config.system.build.sdImage
eustachius = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
"${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix"
./hosts/eustachius
# extra config for sdImage generator
{
sdImage.compressImage = false;
}
];
};
};
# Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = {
"${vars.user}@adalbert" = home-manager.lib.homeManagerConfiguration {
"ghoscht@adalbert" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance
extraSpecialArgs = {inherit inputs outputs vars;};
modules = [
@ -159,26 +89,5 @@
];
};
};
"${vars.user}@ludwig" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance
extraSpecialArgs = {inherit inputs outputs vars;};
modules = [
./home/ludwig.nix
];
};
"${vars.user}@franz" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance
extraSpecialArgs = {inherit inputs outputs vars;};
modules = [
./home/franz.nix
];
};
# "${vars.user}@eustachius" = home-manager.lib.homeManagerConfiguration {
# pkgs = nixpkgs.legacyPackages.aarch64-linux; # Home-manager requires 'pkgs' instance
# extraSpecialArgs = {inherit inputs outputs vars;};
# modules = [
# ./home/eustachius.nix
# ];
# };
};
}

62
home/adalbert.nix
View file

@ -1,32 +1,46 @@
{ inputs, ... }: {
{
inputs,
outputs,
...
}: let
in {
imports = [
./global
./features/desktop/awesome
./features/desktop/hyprland
./features/games
./features/coding
./features/desktop/common/alacritty.nix
inputs.nix-colors.homeManagerModules.default
];
home.packages = [
inputs.picokontroller.packages.x86_64-linux.default
];
nixpkgs = {
config = {
permittedInsecurePackages = [
"electron-25.9.0"
"nix-2.15.3"
];
};
};
wayland.windowManager.hyprland = {
settings = {
exec-once = [
"picokontroller" # volume & light control
"easyeffects --gapplication-service"
"xrandr --output DP-3 --primary" # since wayland doesn't have a concept of primary monitors
];
};
};
colorScheme = inputs.nix-colors.colorSchemes.catppuccin-mocha;
# wallpaper = outputs.wallpapers.cyberpunk-city-red;
#
# # ------ ----- ------
# # | DP-3 | | DP-1| | DP-2 |
# # ------ ----- ------
# monitors = [
# {
# name = "DP-3";
# width = 1920;
# height = 1080;
# x = 0;
# workspace = "3";
# enabled = false;
# }
# {
# name = "DP-1";
# width = 2560;
# height = 1080;
# x = 1920;
# workspace = "1";
# primary = true;
# }
# {
# name = "DP-2";
# width = 1920;
# height = 1080;
# x = 4480;
# workspace = "2";
# }
# ];
}

1
home/features/cli/bat.nix
View file

@ -1,5 +1,6 @@
{
programs.bat = {
enable = true;
config.theme = "base16";
};
}

86
home/features/cli/btop.nix
View file

@ -2,6 +2,7 @@
programs.btop = {
enable = true;
settings = {
color_theme = "nix-colors";
theme_background = false;
truecolor = true;
vim_keys = true;
@ -9,4 +10,89 @@
proc_gradient = false;
};
};
xdg.configFile."btop/themes/nix-colors".text = ''
# Main background, empty for terminal default, need to be empty if you want transparent background
# theme[main_bg]="#${config.colorScheme.colors.base00}"
# Main text color
theme[main_fg]="#${config.colorScheme.colors.base05}"
# Title color for boxes
theme[title]="#${config.colorScheme.colors.base05}"
# Highlight color for keyboard shortcuts
theme[hi_fg]="#${config.colorScheme.colors.base0D}"
# Background color of selected item in processes box
theme[selected_bg]="#${config.colorScheme.colors.base03}"
# Foreground color of selected item in processes box
theme[selected_fg]="#${config.colorScheme.colors.base0D}"
# Color of inactive/disabled text
theme[inactive_fg]="#${config.colorScheme.colors.base02}"
# Color of text appearing on top of graphs, i.e uptime and current network graph scaling
theme[graph_text]="#${config.colorScheme.colors.base06}"
# Background color of the percentage meters
theme[meter_bg]="#${config.colorScheme.colors.base03}"
# Misc colors for processes box including mini cpu graphs, details memory graph and details status text
theme[proc_misc]="#${config.colorScheme.colors.base06}"
# CPU, Memory, Network, Proc box outline colors
theme[cpu_box]="#${config.colorScheme.colors.base0E}" #Mauve
theme[mem_box]="#${config.colorScheme.colors.base0B}" #Green
theme[net_box]="#${config.colorScheme.colors.base08}" #Maroon
theme[proc_box]="#${config.colorScheme.colors.base0D}" #Blue
# Box divider line and small boxes line color
theme[div_line]="#${config.colorScheme.colors.base04}"
# Temperature graph color (Green -> Yellow -> Red)
theme[temp_start]="#${config.colorScheme.colors.base0B}"
theme[temp_mid]="#${config.colorScheme.colors.base0A}"
theme[temp_end]="#${config.colorScheme.colors.base08}"
# CPU graph colors (Teal -> Lavender)
theme[cpu_start]="#${config.colorScheme.colors.base0C}"
theme[cpu_mid]="#${config.colorScheme.colors.base0D}"
theme[cpu_end]="#${config.colorScheme.colors.base07}"
# Mem/Disk free meter (Mauve -> Lavender -> Blue)
theme[free_start]="#${config.colorScheme.colors.base0E}"
theme[free_mid]="#${config.colorScheme.colors.base07}"
theme[free_end]="#${config.colorScheme.colors.base0D}"
# Mem/Disk cached meter (Sapphire -> Lavender)
theme[cached_start]="#${config.colorScheme.colors.base0D}"
theme[cached_mid]="#${config.colorScheme.colors.base0D}"
theme[cached_end]="#${config.colorScheme.colors.base07}"
# Mem/Disk available meter (Peach -> Red)
theme[available_start]="#${config.colorScheme.colors.base0F}"
theme[available_mid]="#${config.colorScheme.colors.base09}"
theme[available_end]="#${config.colorScheme.colors.base08}"
# Mem/Disk used meter (Green -> Sky)
theme[used_start]="#${config.colorScheme.colors.base0B}"
theme[used_mid]="#${config.colorScheme.colors.base0C}"
theme[used_end]="#${config.colorScheme.colors.base0D}"
# Download graph colors (Peach -> Red)
theme[download_start]="#${config.colorScheme.colors.base0F}"
theme[download_mid]="#${config.colorScheme.colors.base09}"
theme[download_end]="#${config.colorScheme.colors.base08}"
# Upload graph colors (Green -> Sky)
theme[upload_start]="#${config.colorScheme.colors.base0B}"
theme[upload_mid]="#${config.colorScheme.colors.base0C}"
theme[upload_end]="#${config.colorScheme.colors.base0D}"
# Process box color gradient for threads, mem and cpu usage (Sapphire -> Mauve)
theme[process_start]="#${config.colorScheme.colors.base0D}"
theme[process_mid]="#${config.colorScheme.colors.base0C}"
theme[process_end]="#${config.colorScheme.colors.base0E}"
'';
}

14
home/features/cli/default.nix
View file

@ -20,18 +20,10 @@
httpie # Better curl
diffsitter # Better diff
jq # JSON pretty printer and manipulator
timer # Nice looking timer
timer # To help with my ADHD paralysis
lazydocker # Docker TUI
neofetch # Unixporn stuff
tldr # Nice & short manual snippets
ntfy-sh # Push notifications to other devices
ipinfo # IP geolocation
ranger # TUI file manager
trickle # cli network limiter
du-dust # disk usage visualizer
lftp # FTP client
unar # unarchive files like rar, zip, tar
glow # fancy markdown viewer
neofetch
tldr # nice & short manual snippets
nvd # Differ
nix-output-monitor

30
home/features/cli/fish.nix
View file

@ -7,13 +7,11 @@
inherit (lib) mkIf;
hasPackage = pname: lib.any (p: p ? pname && p.pname == pname) config.home.packages;
hasRipgrep = hasPackage "ripgrep";
hasLftp = hasPackage "lftp";
hasExa = hasPackage "eza";
hasLazygit = config.programs.lazygit.enable;
hasLazydocker = hasPackage "lazydocker";
hasNixYourShell = hasPackage "nix-your-shell";
hasShellColor = config.programs.shellcolor.enable;
hasWezterm = config.programs.wezterm.enable;
shellcolor = "${pkgs.shellcolord}/bin/shellcolor";
in {
programs.fish = {
@ -46,29 +44,15 @@ in {
name = "autopair";
src = pkgs.fishPlugins.autopair.src;
}
{
name = "puffer";
src = pkgs.fishPlugins.puffer.src;
}
{
name = "z";
src = pkgs.fishPlugins.z.src;
}
];
shellAliases = {
lzg = mkIf hasLazygit "lazygit";
lzd = mkIf hasLazydocker "lazydocker";
batt = ''upower -i /org/freedesktop/UPower/devices/battery_BAT0 | grep -e "percentage" -e "state"'';
hx = "~/Documents/heliox-cli/target/debug/heliox-cli --mode";
slp = "systemctl suspend";
sdn = "shutdown 0";
nrs = "nh os switch ~/.setup";
ls = mkIf hasExa "eza";
ll = mkIf hasExa "eza -l";
la = mkIf hasExa "eza -la";
exa = mkIf hasExa "eza";
imgcat = mkIf hasWezterm "wezterm imgcat";
};
shellAbbrs = rec {
jqless = "jq -C | less -r";
@ -81,16 +65,8 @@ in {
nbn = "nix build nixpkgs#";
nf = "nix flake";
glk = "gpg --list-keys --with-keygrip";
gssh = "gpg --export-ssh-key";
gnk = "gpg --full-generate-key --expert";
gek = "gpg --edit-key --expert";
udmount = "udisksctl mount -b";
udumount = "udisksctl unmount -b";
fftp = mkIf hasLftp "lftp -u ghoscht, sftp://192.168.178.35";
arss = "sudo autorestic exec -av -- snapshots";
ls = mkIf hasExa "eza";
exa = mkIf hasExa "eza";
};
functions = {
# Disable greeting

3
home/features/cli/git.nix
View file

@ -1,6 +1,6 @@
{pkgs, ...}: {
#Prefer IPv4 for ssh
# home.file.".ssh/config".text = "AddressFamily inet";
home.file.".ssh/config".text = "AddressFamily inet";
programs.git = {
enable = true;
@ -12,7 +12,6 @@
commit.gpgsign = true;
user.signingkey = "0x2C2C1C62A5388E82";
init.defaultBranch = "main";
pull.rebase = false; # merge by default
};
lfs.enable = true;
aliases = {

4
home/features/cli/gpg.nix
View file

@ -11,7 +11,7 @@
enableSshSupport = true;
enableFishIntegration = true;
enableZshIntegration = true;
pinentryPackage = pkgs.pinentry-gnome3;
pinentryFlavor = "gnome3";
};
# Prevent clobbering SSH_AUTH_SOCK
@ -19,7 +19,7 @@
# Disable gnome-keyring ssh-agent
xdg.configFile."autostart/gnome-keyring-ssh.desktop".text = ''
${lib.fileContents "${pkgs.gnome-keyring}/etc/xdg/autostart/gnome-keyring-ssh.desktop"}
${lib.fileContents "${pkgs.gnome3.gnome-keyring}/etc/xdg/autostart/gnome-keyring-ssh.desktop"}
Hidden=true
'';
}

16
home/features/cli/lazygit.nix
View file

@ -1,5 +1,21 @@
{config, ...}: {
programs.lazygit = {
enable = true;
settings = with config.colorScheme.colors; {
gui = {
theme = {
activeBorderColor = ["#${base0D}" "bold"];
inactiveBorderColor = ["#${base05}"];
optionsTextColor = ["#${base0D}"];
selectedLineBgColor = ["${base02}"];
selectedRangeBgColor = ["${base02}"];
cherryPickedCommitBgColor = ["#${base03}"];
cherryPickedCommitFgColor = ["#${base0D}"];
unstagedChangesColor = ["#${base08}"];
defaultFgColor = ["#${base05}"];
searchingActiveBorderColor = ["#${base0A}"];
};
};
};
};
}

4
home/features/coding/default.nix
View file

@ -1,9 +1,7 @@
{pkgs, ...}: {
imports = [
# ./nvim
./nixvim
./nvim
./vscode.nix
./intellij.nix
./tmux.nix
];
}

8
home/features/coding/intellij.nix
View file

@ -1,9 +1,5 @@
{pkgs, ...}: {
home.packages = [
(pkgs.unstable.jetbrains.plugins.addPlugins pkgs.unstable.jetbrains.idea-ultimate ["ideavim"])
home.packages = with pkgs.unstable; [
(jetbrains.plugins.addPlugins jetbrains.idea-ultimate ["ideavim"])
];
home.sessionVariables = {
JAVA_HOME = "${pkgs.openjdk17}/lib/openjdk";
LD_LIBRARY_PATH = "${pkgs.libGL}/lib:${pkgs.gtk3}/lib:${pkgs.glib.out}/lib:${pkgs.xorg.libXtst}/lib";
};
}

95
home/features/coding/nixvim/cmp.nix
View file

@ -1,95 +0,0 @@
{
programs.nixvim.plugins = {
cmp-emoji = {
enable = true;
};
cmp = {
enable = true;
settings = {
completion = {
completeopt = "menu,menuone,noinsert";
};
autoEnableSources = true;
experimental = {ghost_text = true;};
performance = {
debounce = 60;
fetchingTimeout = 200;
maxViewEntries = 30;
};
snippet = {
expand = ''
function(args)
require('luasnip').lsp_expand(args.body)
end
'';
};
formatting = {fields = ["kind" "abbr" "menu"];};
sources = [
{name = "nvim_lsp";}
{name = "emoji";}
{
name = "buffer"; # text within current buffer
option.get_bufnrs.__raw = "vim.api.nvim_list_bufs";
keywordLength = 3;
}
# { name = "copilot"; } # enable/disable copilot
{
name = "path"; # file system paths
keywordLength = 3;
}
{
name = "luasnip"; # snippets
keywordLength = 3;
}
];
window = {
completion = {border = "solid";};
documentation = {border = "solid";};
};
mapping = {
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
"<C-j>" = "cmp.mapping.select_next_item()";
"<C-k>" = "cmp.mapping.select_prev_item()";
"<C-e>" = "cmp.mapping.abort()";
"<C-b>" = "cmp.mapping.scroll_docs(-4)";
"<C-f>" = "cmp.mapping.scroll_docs(4)";
"<C-Space>" = "cmp.mapping.complete()";
"<CR>" = "cmp.mapping.confirm({ select = true })";
"<S-CR>" = "cmp.mapping.confirm({ behavior = cmp.ConfirmBehavior.Replace, select = true })";
"<C-l>" = ''
cmp.mapping(function()
if luasnip.expand_or_locally_jumpable() then
luasnip.expand_or_jump()
end
end, { 'i', 's' })
'';
"<C-h>" = ''
cmp.mapping(function()
if luasnip.locally_jumpable(-1) then
luasnip.jump(-1)
end
end, { 'i', 's' })
'';
};
};
};
cmp-nvim-lsp = {
enable = true; # LSP
};
cmp-buffer = {
enable = true;
};
cmp-path = {
enable = true; # file system paths
};
cmp_luasnip = {
enable = true; # snippets
};
cmp-cmdline = {
enable = true; # autocomplete for cmdline
};
};
}

12
home/features/coding/nixvim/default.nix
View file

@ -1,12 +0,0 @@
{inputs, ...}: {
imports = [
inputs.nixvim.homeManagerModules.nixvim
./options.nix
./plugins.nix
./cmp.nix
./lsp.nix
./none-ls.nix
./keymaps.nix
];
programs.nixvim.enable = true;
}

118
home/features/coding/nixvim/keymaps.nix
View file

@ -1,118 +0,0 @@
{
programs.nixvim.keymaps = [
{
mode = [
"n"
"v"
];
key = "<leader>fc";
action = "<cmd>lua vim.lsp.buf.format()<cr>";
options = {
silent = true;
desc = "Format Code";
};
}
{
mode = "n";
key = "<leader>ch";
action = "<cmd>noh<CR>";
options = {
silent = true;
desc = "Clear Highlighting";
};
}
{
mode = "n";
key = "<C-p>";
action = "<cmd>Telescope live_grep<CR>";
options = {
desc = "Telescope LiveGrep";
};
}
{
mode = "n";
key = "<leader>fg";
action = "<cmd>Telescope find_files<CR>";
options = {
desc = "Telescope File Search";
};
}
{
mode = "n";
key = "<C-n>";
action = "<Cmd>Neotree toggle<CR>";
options = {
silent = true;
desc = "Toggle Neotree";
};
}
{
mode = "n";
key = "<leader><tab><tab>";
action = "<cmd>tabnew<cr>";
options = {
desc = "New Tab";
};
}
{
mode = "n";
key = "<leader><tab>]";
action = "<cmd>BufferNext<cr>";
options = {
desc = "Next Tab";
};
}
{
mode = "n";
key = "<leader><tab>d";
action = "<cmd>BufferClose<cr>";
options = {
desc = "Close Tab";
};
}
{
mode = "n";
key = "<leader><tab>[";
action = "<cmd>BufferPrevious<cr>";
options = {
desc = "Previous Tab";
};
}
{
mode = "n";
key = "<c-k>";
action = ":wincmd k<CR>";
options = {
silent = true;
desc = "Go Up";
};
}
{
mode = "n";
key = "<c-j>";
action = ":wincmd j<CR>";
options = {
silent = true;
desc = "Go Down";
};
}
{
mode = "n";
key = "<c-h>";
action = ":wincmd h<CR>";
options = {
silent = true;
desc = "Go Left";
};
}
{
mode = "n";
key = "<c-l>";
action = ":wincmd l<CR>";
options = {
silent = true;
desc = "Go Right";
};
}
];
}

29
home/features/coding/nixvim/lsp.nix
View file

@ -1,29 +0,0 @@
{
programs.nixvim.plugins = {
rustaceanvim.enable = true;
lsp = {
enable = true;
inlayHints = true;
servers = {
ts_ls.enable = true; # TS/JS
cssls.enable = true; # CSS
html.enable = true; # HTML
pyright.enable = true; # Python
marksman.enable = true; # Markdown
nil_ls.enable = true; # Nix
dockerls.enable = true; # Docker
bashls.enable = true; # Bash
clangd.enable = true; # C/C++
yamlls.enable = true; # YAML
lua_ls = {
# Lua
enable = true;
settings.telemetry.enable = false;
};
};
};
};
}

42
home/features/coding/nixvim/none-ls.nix
View file

@ -1,42 +0,0 @@
{
programs.nixvim.plugins = {
none-ls = {
enable = true;
sources = {
code_actions = {
statix.enable = true;
gitsigns.enable = true;
};
diagnostics = {
statix.enable = true;
deadnix.enable = true;
pylint.enable = true;
checkstyle.enable = true;
};
formatting = {
alejandra.enable = true;
stylua.enable = true;
shfmt.enable = true;
nixpkgs_fmt.enable = true;
google_java_format.enable = false;
prettier = {
enable = true;
disableTsServerFormatter = true;
};
black = {
enable = true;
settings = ''
{
extra_args = { "--fast" },
}
'';
};
};
completion = {
luasnip.enable = true;
spell.enable = true;
};
};
};
};
}

52
home/features/coding/nixvim/options.nix
View file

@ -1,52 +0,0 @@
{
programs.nixvim = {
config = {
# System clipboard support, needs xclip/wl-clipboard
clipboard = {
providers = {
wl-copy.enable = true; # Wayland
xsel.enable = true; # For X11
};
register = "unnamedplus";
};
globals.mapleader = " ";
opts = {
number = true; # Show line numbers
relativenumber = true; # Show relative line numbers
shiftwidth = 2; # Tab width should be 2
# Always show the signcolumn, otherwise text would be shifted when displaying error icons
signcolumn = "yes";
# Enable mouse
mouse = "a";
# Search
ignorecase = true;
smartcase = true;
# Save undo history
undofile = true;
# Global substitution by default
gdefault = true;
# Start scrolling when the cursor is X lines away from the top/bottom
scrolloff = 8;
# Enable 24-bit RGB color in the TUI
termguicolors = true;
# Wrap long lines at a character in 'breakat'
linebreak = true;
smartindent = true;
# Remove EOB
fillchars = {
eob = " ";
};
};
};
};
}

112
home/features/coding/nixvim/plugins.nix
View file

@ -1,112 +0,0 @@
{pkgs, ...}: {
programs.nixvim.plugins = {
lualine.enable = true;
oil.enable = true;
nvim-surround.enable = true;
treesitter = {
enable = true;
grammarPackages = with pkgs.vimPlugins.nvim-treesitter.builtGrammars; [
markdown
# nix
vim
bash
lua
python
json
java
rust
cpp
c
css
csv
dockerfile
diff
gitignore
git_config
gitattributes
make
yaml
toml
typescript
xml
];
};
# Autopairs
nvim-autopairs = {
enable = true;
};
luasnip.enable = true;
lazygit.enable = true;
barbar.enable = true;
rainbow-delimiters.enable = true;
web-devicons.enable = true;
telescope = {
enable = true;
extensions = {
fzf-native = {
enable = true;
};
};
};
# Dashboard
alpha = {
enable = true;
theme = "dashboard";
};
# File tree
neo-tree = {
enable = true;
enableDiagnostics = false;
enableGitStatus = true;
enableModifiedMarkers = true;
enableRefreshOnWrite = true;
closeIfLastWindow = true;
popupBorderStyle = "rounded"; # Type: null or one of “NC”, “double”, “none”, “rounded”, “shadow”, “single”, “solid” or raw lua code
buffers = {
bindToCwd = false;
followCurrentFile = {
enabled = true;
};
};
window = {
width = 40;
height = 15;
autoExpandWidth = false;
mappings = {
"<space>" = "none";
};
};
};
# Todo comments
todo-comments = {
enable = true;
settings.colors = {
error = ["DiagnosticError" "ErrorMsg" "#DC2626"];
warning = ["DiagnosticWarn" "WarningMsg" "#FBBF24"];
info = ["DiagnosticInfo" "#2563EB"];
hint = ["DiagnosticHint" "#10B981"];
default = ["Identifier" "#7C3AED"];
test = ["Identifier" "#FF00FF"];
};
};
# Highlight word under cursor
illuminate = {
enable = true;
underCursor = false;
filetypesDenylist = [
"Outline"
"TelescopePrompt"
"alpha"
"harpoon"
"reason"
];
};
};
}

133
home/features/coding/nvim/default.nix
View file

@ -6,40 +6,7 @@
...
}: let
vars = import ../../../../vars.nix;
stableExtraPkgs = with pkgs; [
# LSP
lua-language-server
pkgs.nodePackages.typescript-language-server
clang-tools
# Formatters
stylua # lua
black # pyton
alejandra # nix
clang-tools_16 # c/c++
rustfmt
yamlfmt
prettierd
vscode-langservers-extracted
# Linters
ruff # python
nodePackages.jsonlint # json
nodePackages.eslint_d # javascript
# Tools
xclip
wl-clipboard
fzf
gcc
# idk?
lua
];
unstableExtraPkgs = with pkgs.unstable; [
# LSP
nixd
];
colors = config.colorScheme.colors;
in {
home.sessionVariables.EDITOR = "nvim";
@ -50,7 +17,29 @@ in {
vimAlias = true;
vimdiffAlias = true;
extraPackages = stableExtraPkgs ++ unstableExtraPkgs;
extraPackages = with pkgs; [
# LSP
lua-language-server
lua
rnix-lsp # nix
# Formatters
stylua # lua
black # pyton
alejandra # nix
clang-tools_16 # c/c++
# Linters
ruff # python
nodePackages.jsonlint # json
nodePackages.eslint_d # javascript
# Tools
xclip
wl-clipboard
fzf
gcc
];
plugins = with pkgs.vimPlugins; [
{
@ -80,7 +69,6 @@ in {
type = "lua";
}
cmp-path
nvim-cmp
{
plugin = nvim-cmp;
@ -104,35 +92,25 @@ in {
friendly-snippets
{
plugin = nvim-treesitter.withPlugins (p: [
p.vim
p.bash
p.lua
p.python
p.json
p.java
p.rust
p.cpp
p.c
p.css
p.csv
p.dockerfile
p.diff
p.gitignore
p.git_config
p.gitattributes
p.make
p.yaml
p.toml
p.typescript
p.xml
]);
plugin = nvim-treesitter.withAllGrammars;
config = builtins.readFile ./plugin/treesitter.lua;
type = "lua";
}
vim-nix
{
plugin = nvim-base16;
config = ''
require('base16-colorscheme').setup({
base00 = '#${colors.base00}', base01 = '#${colors.base01}', base02 = '#${colors.base02}', base03 = '#${colors.base03}',
base04 = '#${colors.base04}', base05 = '#${colors.base05}', base06 = '#${colors.base06}', base07 = '#${colors.base07}',
base08 = '#${colors.base08}', base09 = '#${colors.base09}', base0A = '#${colors.base0A}', base0B = '#${colors.base0B}',
base0C = '#${colors.base0C}', base0D = '#${colors.base0D}', base0E = '#${colors.base0E}', base0F = '#${colors.base0F}',
})'';
type = "lua";
}
{
plugin = lualine-nvim;
config = builtins.readFile ./plugin/lualine.lua;
@ -144,7 +122,6 @@ in {
nui-nvim
{
plugin = neo-tree-nvim;
config = builtins.readFile ./plugin/neo-tree.lua;
type = "lua";
}
@ -174,43 +151,7 @@ in {
config = builtins.readFile ./plugin/none-ls.lua;
type = "lua";
}
{
plugin = nvim-autopairs;
config = "require('nvim-autopairs').setup()";
type = "lua";
}
barbar-nvim
{
plugin = nvim-surround;
config = "require('nvim-surround').setup({})";
type = "lua";
}
vim-be-good
rainbow-delimiters-nvim
rustaceanvim
{
plugin = vim-tmux-navigator;
config = builtins.readFile ./plugin/vim-tmux-navigator.lua;
type = "lua";
}
{
plugin = nvim-ts-autotag;
config = "require('nvim-ts-autotag').setup({})";
type = "lua";
}
];
extraLuaConfig = ''
${builtins.readFile ./options.lua}
'';
};
xdg.desktopEntries = {

9
home/features/coding/nvim/options.lua
View file

@ -1,11 +1,9 @@
vim.keymap.set("", "<Space>", "<Nop>")
vim.keymap.set("", "<C-Space>", "<Nop>")
vim.g.mapleader = " "
vim.g.maplocalleader = " "
vim.o.clipboard = "unnamedplus"
-- vim.o.number = true
vim.o.number = true
vim.o.relativenumber = true
vim.o.signcolumn = "yes"
@ -18,8 +16,3 @@ vim.o.updatetime = 300
vim.o.termguicolors = true
vim.o.mouse = "a"
-- disable empty line ~
vim.o.fillchars = "eob: "
vim.o.undofile = true

0
home/features/coding/nvim/plugin/barbar.lua
View file

1
home/features/coding/nvim/plugin/cmp.lua
View file

@ -42,6 +42,5 @@ cmp.setup({
sources = {
{ name = "nvim_lsp" },
{ name = "luasnip" },
{ name = "path" },
},
})

32
home/features/coding/nvim/plugin/lsp.lua
View file

@ -39,37 +39,7 @@ require("lspconfig").lua_ls.setup({
},
})
require("lspconfig").nixd.setup({
require("lspconfig").rnix.setup({
on_attach = on_attach,
capabilities = capabilities,
})
require("lspconfig").ts_lsp.setup({
on_attach = on_attach,
capabilities = capabilities,
})
require("lspconfig").eslint.setup({
settings = {
packageManager = "yarn",
},
on_attach = function(client, bufnr)
vim.api.nvim_create_autocmd("BufWritePre", {
buffer = bufnr,
command = "EslintFixAll",
})
vim.api.nvim_create_autocmd("BufWritePost", {
callback = function()
vim.lsp.buf.format()
end,
})
end,
})
require("lspconfig").clangd.setup({
on_attach = function(client, bufnr)
client.server_capabilities.signatureHelpProvider = false
on_attach(client, bufnr)
end,
capabilities = capabilities,
})

19
home/features/coding/nvim/plugin/neo-tree.lua
View file

@ -1,19 +0,0 @@
require("neo-tree").setup({
close_if_last_window = true, -- Close Neo-tree if it is the last window left in the tab
hide_root_node = true, -- Hide the root node
filesystem = {
filtered_items = {
visible = false,
hide_dotfiles = false,
hide_gitignored = false,
hide_by_name = {
".git",
".DS_Store",
"thumbs.db",
},
show_hidden_count = false,
},
},
})
vim.keymap.set("n", "<C-n>", "<Cmd>Neotree toggle<CR>")

16
home/features/coding/nvim/plugin/none-ls.lua
View file

@ -7,24 +7,14 @@ local opts = {
null_ls.builtins.formatting.stylua,
-- Python
null_ls.builtins.formatting.black,
-- null_ls.builtins.diagnostics.ruff,
null_ls.builtins.diagnostics.ruff,
-- Javascript
-- null_ls.builtins.diagnostics.eslint_d,
-- null_ls.builtins.diagnostics.jsonlint,
null_ls.builtins.diagnostics.eslint_d,
null_ls.builtins.diagnostics.jsonlint,
-- C/C++
null_ls.builtins.formatting.clang_format,
-- Nix
null_ls.builtins.formatting.alejandra,
-- Rust
-- null_ls.builtins.formatting.rustfmt,
-- YAML
null_ls.builtins.formatting.yamlfmt,
-- Typescript
null_ls.builtins.formatting.prettier.with({
condition = function(utils)
return utils.has_file({ ".prettierrc.js" })
end,
}),
},
on_attach = function(client, bufnr)
if client.supports_method("textDocument/formatting") then

5
home/features/coding/nvim/plugin/vim-tmux-navigator.lua
View file

@ -1,5 +0,0 @@
-- Navigate vim panes better
vim.keymap.set("n", "<c-k>", ":wincmd k<CR>")
vim.keymap.set("n", "<c-j>", ":wincmd j<CR>")
vim.keymap.set("n", "<c-h>", ":wincmd h<CR>")
vim.keymap.set("n", "<c-l>", ":wincmd l<CR>")

46
home/features/coding/tmux.nix
View file

@ -1,46 +0,0 @@
{pkgs, ...}: {
home.packages = [pkgs.tmuxinator-fzf-start];
programs.tmux = {
enable = true;
keyMode = "vi";
customPaneNavigationAndResize = true;
mouse = true;
tmuxinator.enable = true;
shortcut = "Space";
extraConfig = ''
bind % split-window -h -c "#{pane_current_path}"
bind '"' split-window -v -c "#{pane_current_path}"
set -sg escape-time 0
'';
plugins = with pkgs; [
tmuxPlugins.vim-tmux-navigator
{
plugin = tmuxPlugins.catppuccin;
extraConfig = ''
set -g status-position top
set-option -sa terminal-features ',xterm-256color:RGB'
set -g @catppuccin_window_left_separator ""
set -g @catppuccin_window_right_separator " "
set -g @catppuccin_window_middle_separator " "
set -g @catppuccin_window_number_position "right"
set -g @catppuccin_window_default_fill "number"
set -g @catppuccin_window_default_text "#W"
set -g @catppuccin_window_current_fill "number"
set -g @catppuccin_window_current_text "#W"
set -g @catppuccin_status_modules_right "directory session"
set -g @catppuccin_status_left_separator " "
set -g @catppuccin_status_right_separator ""
set -g @catppuccin_status_fill "icon"
set -g @catppuccin_status_connect_separator "no"
set -g @catppuccin_directory_text "#{pane_current_path}"
'';
}
];
};
}

3
home/features/coding/vscode.nix
View file

@ -31,6 +31,9 @@ in {
];
userSettings = {
#Theming
"workbench.colorTheme" = "Catppuccin Mocha";
"catppuccin.accentColor" = "green";
"workbench.iconTheme" = "material-icon-theme";
"window.menuBarVisibility" = "toggle";
"editor.minimap.autohide" = false;
#Extensions - General

11
home/features/desktop/awesome/default.nix
View file

@ -1,7 +1,6 @@
{pkgs, ...}: {
imports = [
../common
./zathura.nix
];
home = {
@ -13,8 +12,17 @@
source = ../../../../rsc/config/awesome;
recursive = true;
};
file.".config/picom/" = {
source = ../../../../rsc/config/picom;
recursive = true;
};
file.".config/rofi" = {
source = ../../../../rsc/config/rofi;
recursive = true;
};
packages = with pkgs; [
picom
rofi
redshift
xbindkeys
@ -22,7 +30,6 @@
flameshot
xclip
brightnessctl
feh
];
};
}

9
home/features/desktop/awesome/zathura.nix
View file

@ -1,9 +0,0 @@
{
programs.zathura = {
enable = true;
options = {
selection-clipboard = "clipboard";
statusbar-home-tilde = true;
};
};
}

3
home/features/desktop/common/3d-printing.nix
View file

@ -1,3 +0,0 @@
{pkgs, ...}: {
home.packages = with pkgs; [freecad cura];
}

49
home/features/desktop/common/alacritty.nix
View file

@ -1,11 +1,60 @@
{
pkgs,
config,
...
}: {
programs.alacritty.enable = true;
programs.alacritty.settings = {
window = {
opacity = 0.83;
padding = {
x = 0;
y = 5;
};
};
font = {
normal = {
family = "${config.fontProfiles.monospace.family}";
style = "Medium";
};
bold = {
family = "${config.fontProfiles.monospace.family}";
style = "Bold";
};
italic = {
family = "${config.fontProfiles.monospace.family}";
style = "MediumItalic";
};
};
colors = with config.colorScheme.colors; {
bright = {
black = "0x${base00}";
blue = "0x${base0D}";
cyan = "0x${base0C}";
green = "0x${base0B}";
magenta = "0x${base0E}";
red = "0x${base08}";
white = "0x${base06}";
yellow = "0x${base09}";
};
cursor = {
cursor = "0x${base06}";
text = "0x${base06}";
};
normal = {
black = "0x${base00}";
blue = "0x${base0D}";
cyan = "0x${base0C}";
green = "0x${base0B}";
magenta = "0x${base0E}";
red = "0x${base08}";
white = "0x${base06}";
yellow = "0x${base0A}";
};
primary = {
background = "0x${base00}";
foreground = "0x${base06}";
};
};
};
}

20
home/features/desktop/common/default.nix
View file

@ -1,24 +1,8 @@
{pkgs, ...}: {
{
imports = [
./firefox.nix
./wezterm.nix
./alacritty.nix
./font.nix
./playerctl.nix
./easyeffects.nix
./nextcloud.nix
./flatpak.nix
./notes.nix
./fcitx5.nix
];
home.packages = with pkgs;
[
signal-desktop # secure messenger
webcord-vencord # more "privacy friendly" discord client
anki
calibre
mpv # Video player
]
++ (with pkgs.unstable; [feishin]);
}

7
home/features/desktop/common/easyeffects.nix
View file

@ -1,7 +0,0 @@
{pkgs, ...}: {
# services.easyeffects.enable = true;
xdg.configFile."easyeffects/output/Beyerdynamic_DT990_Oratory.json" = {
source = ../../../../rsc/config/easyeffects/Beyerdynamic_DT990_Oratory.json;
};
home.packages = with pkgs; [easyeffects];
}

107
home/features/desktop/common/fcitx5.nix
View file

@ -1,107 +0,0 @@
{pkgs, ...}: {
# xdg.configFile."fcitx5" = {
# source = ../../../../rsc/config/fcitx5;
# recursive = true;
# };
xdg.configFile = {
"fcitx5/config" = {
force = true;
text = ''
[Hotkey]
# Enumerate when press trigger key repeatedly
EnumerateWithTriggerKeys=True
# Temporally switch between first and current Input Method
AltTriggerKeys=
# Enumerate Input Method Forward
EnumerateForwardKeys=
# Enumerate Input Method Backward
EnumerateBackwardKeys=
# Skip first input method while enumerating
EnumerateSkipFirst=False
# Enumerate Input Method Group Forward
EnumerateGroupForwardKeys=
# Enumerate Input Method Group Backward
EnumerateGroupBackwardKeys=
# Activate Input Method
ActivateKeys=
# Deactivate Input Method
DeactivateKeys=
# Default Previous page
PrevPage=
# Default Next page
NextPage=
# Default Previous Candidate
PrevCandidate=
# Default Next Candidate
NextCandidate=
# Toggle embedded preedit
TogglePreedit=
[Hotkey/TriggerKeys]
0=Control+Alt+space
[Behavior]
# Active By Default
ActiveByDefault=False
# Share Input State
ShareInputState=No
# Show preedit in application
PreeditEnabledByDefault=True
# Show Input Method Information when switch input method
ShowInputMethodInformation=True
# Show Input Method Information when changing focus
showInputMethodInformationWhenFocusIn=False
# Show compact input method information
CompactInputMethodInformation=True
# Show first input method information
ShowFirstInputMethodInformation=True
# Default page size
DefaultPageSize=5
# Override Xkb Option
OverrideXkbOption=False
# Custom Xkb Option
CustomXkbOption=
# Force Enabled Addons
EnabledAddons=
# Force Disabled Addons
DisabledAddons=
# Preload input method to be used by default
PreloadInputMethod=True
# Allow input method in the password field
AllowInputMethodForPassword=False
# Show preedit text when typing password
ShowPreeditForPassword=False
# Interval of saving user data in minutes
AutoSavePeriod=30
'';
};
"fcitx5/profile" = {
force = true;
text = ''
[Groups/0]
# Group Name
Name="Group 1"
# Layout
Default Layout=de
# Default Input Method
DefaultIM=mozc
[Groups/0/Items/0]
# Name
Name=keyboard-de
# Layout
Layout=
[Groups/0/Items/1]
# Name
Name=mozc
# Layout
Layout=
[GroupOrder]
0="Group 1"
'';
};
};
}

145
home/features/desktop/common/firefox.nix
View file

@ -1,18 +1,16 @@
{ inputs
, pkgs
, ...
{
inputs,
pkgs,
vars,
...
}: {
imports = [ inputs.arkenfox.hmModules.default ];
# Enable kde-connect for non-Plasma DEs
home.file.".mozilla/native-messaging-hosts/org.kde.plasma.browser_integration.json".source = "${pkgs.plasma5Packages.plasma-browser-integration}/lib/mozilla/native-messaging-hosts/org.kde.plasma.browser_integration.json";
imports = [inputs.arkenfox.hmModules.default];
programs.firefox = {
enable = true;
arkenfox = {
enable = true;
version = "128.0";
version = "119.0";
};
profiles.Default = {
@ -22,11 +20,6 @@
darkreader
tabliss
consent-o-matic
floccus
gesturefy
plasma-integration
libredirect
yomitan
];
search.engines = {
@ -48,13 +41,13 @@
];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ];
definedAliases = ["@np"];
};
"Home Manager" = {
urls = [
{
template = "https://home-manager-options.extranix.com";
template = "https://mipmip.github.io/home-manager-option-search";
params = [
{
name = "query";
@ -65,7 +58,7 @@
];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@hm" ];
definedAliases = ["@hm"];
};
"Searx" = {
@ -82,7 +75,7 @@
];
iconUpdateURL = "https://paulgo.io/favicon.ico";
definedAliases = [ "@sx" ];
definedAliases = ["@sx"];
};
"Amazon" = {
@ -99,7 +92,7 @@
];
iconUpdateURL = "https://amazon.de/favicon.ico";
definedAliases = [ "@a" ];
definedAliases = ["@a"];
};
"YouTube" = {
@ -116,86 +109,74 @@
];
iconUpdateURL = "https://piped.video/favicon.ico";
definedAliases = [ "yt" ];
definedAliases = ["yt"];
};
};
search = {
force = true;
default = "DuckDuckGo";
};
search.force = true;
search.default = "Searx";
settings = {
"media.hardwaremediakeys.enabled" = false;
"dom.security.https_only_mode" = true;
"browser.download.panel.shown" = false;
"browser.toolbars.bookmarks.visibility" = "always";
"browser.download.panel.shown" = true;
"signon.rememberSignons" = false;
"browser.formfill.enable" = false;
"signon. prefillForms" = false;
"browser.shell.checkDefaultBrowser" = false;
# "browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.uiCustomization.state" = ''{"placements":{"widget-overflow-fixed-list":[],"unified-extensions-area":["addon_darkreader_org-browser-action","plasma-browser-integration_kde_org-browser-action","_506e023c-7f2b-40a3-8066-bc5deb40aebe_-browser-action","_testpilot-containers-browser-action","7esoorv3_alefvanoon_anonaddy_me-browser-action","_a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7_-browser-action","gdpr_cavi_au_dk-browser-action","firefoxcolor_mozilla_com-browser-action","firefox-translations-addon_mozilla_org-browser-action"],"nav-bar":["back-button","forward-button","stop-reload-button","urlbar-container","downloads-button","unified-extensions-button","ublock0_raymondhill_net-browser-action","_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action"],"toolbar-menubar":["menubar-items"],"TabsToolbar":["tabbrowser-tabs","new-tab-button","alltabs-button"],"PersonalToolbar":["personal-bookmarks"]},"seen":["save-to-pocket-button","developer-button","_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action","addon_darkreader_org-browser-action","ublock0_raymondhill_net-browser-action","plasma-browser-integration_kde_org-browser-action","_506e023c-7f2b-40a3-8066-bc5deb40aebe_-browser-action","_testpilot-containers-browser-action","7esoorv3_alefvanoon_anonaddy_me-browser-action","_a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7_-browser-action","gdpr_cavi_au_dk-browser-action","firefoxcolor_mozilla_com-browser-action","firefox-translations-addon_mozilla_org-browser-action"],"dirtyAreaCache":["nav-bar","PersonalToolbar","toolbar-menubar","TabsToolbar","unified-extensions-area"],"currentVersion":20,"newElementCount":4}'';
};
arkenfox = {
enable = true;
"0000".enable = true;
"0100" = {
enable = true;
# Allow setting homepage
"0102"."browser.startup.page".value = 1;
};
"0200" = {
enable = true;
};
"0300".enable = true;
# We keep safebrowsing
"0400".enable = false;
"0600" = {
enable = true;
"0610"."browser.send_pings".enable = true;
};
"0700" = {
enable = true;
# Disable DNS over HTTPS
"0710"."network.trr.mode".value = 5;
};
# "0800" = {
# enable = true;
# # Keep using url bar as search bar
# "0801"."keyword.enabled".value = true;
# };
"0900".enable = true;
"1000" = {
enable = true;
# Enable disk cache for performance reasons
"1001"."browser.cache.disk.enable".enable = true;
"1001"."browser.cache.disk.enable".value = true;
};
"1200".enable = true;
# I don't use container tabs
"1700".enable = false;
"2600" = {
enable = true;
# useDownloadDir
"2651".enable = false;
# always_ask_before_handling_new_types
"2654".enable = false;
};
"2700".enable = true;
"2800" = {
"2812".enable = true;
};
"5000" = {
"5008".enable = true;
};
"0000".enable = true;
"0100" = {
enable = true;
# Allow setting homepage
"0102"."browser.startup.page".value = 1;
};
"0200" = {
enable = true;
};
"0300".enable = true;
# We keep safebrowsing
"0400".enable = false;
"0600" = {
enable = true;
"0610"."browser.send_pings".enable = true;
};
"0700" = {
enable = true;
# Disable DNS over HTTPS
"0710"."network.trr.mode".value = 5;
};
# "0800" = {
# enable = true;
# # Keep using url bar as search bar
# "0801"."keyword.enabled".value = true;
# };
"0900".enable = true;
"1000" = {
enable = true;
# Enable disk cache for performance reasons
"1001"."browser.cache.disk.enable".enable = true;
"1001"."browser.cache.disk.enable".value = true;
};
"1200".enable = true;
# I don't use container tabs
"1700".enable = false;
"2600" = {
enable = true;
# The recent documents feature is useful
"2653".enable = false;
};
"2700".enable = true;
};
};
};
xdg.mimeApps.defaultApplications = {
"text/html" = [ "firefox.desktop" ];
"text/xml" = [ "firefox.desktop" ];
"x-scheme-handler/http" = [ "firefox.desktop" ];
"x-scheme-handler/https" = [ "firefox.desktop" ];
"text/html" = ["firefox.desktop"];
"text/xml" = ["firefox.desktop"];
"x-scheme-handler/http" = ["firefox.desktop"];
"x-scheme-handler/https" = ["firefox.desktop"];
};
}

29
home/features/desktop/common/flatpak.nix
View file

@ -1,29 +0,0 @@
{ inputs, ... }: {
imports = [ inputs.flatpaks.homeManagerModules.declarative-flatpak ];
services.flatpak = {
remotes.flathub = "https://flathub.org/repo/flathub.flatpakrepo";
packages = [
"flathub:app/md.obsidian.Obsidian//stable"
"flathub:app/com.github.iwalton3.jellyfin-media-player//stable"
"flathub:app/com.github.tchx84.Flatseal//stable"
];
overrides = {
global = {
filesystems = [
"~/.local/share/icons"
];
};
"md.obsidian.Obsidian" = {
sockets = [
"wayland"
"system-bus"
];
};
"com.github.iwalton3.jellyfin-media-player" = {
sockets = [
"!wayland"
];
};
};
};
}

3
home/features/desktop/common/nextcloud.nix
View file

@ -1,3 +0,0 @@
{
services.nextcloud-client.enable = true;
}

5
home/features/desktop/common/notes.nix
View file

@ -1,5 +0,0 @@
{pkgs, ...}: {
home.packages = with pkgs; [
xournalpp
];
}

22
home/features/desktop/common/wezterm.nix
View file

@ -1,22 +0,0 @@
{
pkgs,
config,
...
}: {
programs.wezterm = {
enable = true;
extraConfig = ''
return {
front_end = "WebGpu", -- fixes https://github.com/wez/wezterm/issues/5990H
warn_about_missing_glyphs=false,
-- window_background_opacity = 0.83,
hide_tab_bar_if_only_one_tab = true,
window_close_confirmation = "NeverPrompt",
use_ime = true,
set_environment_variables = {
TERM = 'wezterm',
},
}
'';
};
}

5
home/features/desktop/gnome/default.nix
View file

@ -1,5 +0,0 @@
{pkgs, ...}: {
imports = [
../common
];
}

258
home/features/desktop/hyprland/config.nix
View file

@ -1,258 +0,0 @@
{
wayland.windowManager.hyprland = {
settings = {
# autostart
exec-once = [
"systemctl --user start hyprpolkitagent" # polkit agent
"hyprshade on bluelight" # set bluelight shader
"fcitx5 -d" # japanese typing
"webcord --start-minimized --force-audio-share-support" # discord but some privacy
"kdeconnect-indicator & kdeconnect-cli -l" # kde connect
"signal-desktop --start-in-tray"
"wl-clip-persist --clipboard both &" # Keep Wayland clipboard even after programs close
"wl-paste --watch cliphist store &" # Store clipboard contents in cliphist on each change
];
input = {
kb_layout = "de";
numlock_by_default = true;
follow_mouse = 1;
sensitivity = 0; # 0 means no modification
touchpad = {
natural_scroll = true;
};
};
general = {
"$mainMod" = "SUPER";
"$terminal" = "alacritty";
"$menu" = "wofi --show drun --allow-images --no-actions";
layout = "dwindle";
gaps_in = 5;
gaps_out = 10;
border_size = 2;
border_part_of_window = false;
no_border_on_floating = false;
};
plugin = {
hyprsplit = {
num_workspaces = 10;
};
};
misc = {
disable_hyprland_logo = true;
always_follow_on_dnd = true;
layers_hog_keyboard_focus = true;
animate_manual_resizes = false;
enable_swallow = true;
focus_on_activate = true;
new_window_takes_over_fullscreen = 2;
middle_click_paste = false;
};
dwindle = {
pseudotile = true;
preserve_split = true;
};
master = {
new_status = "master";
};
decoration = {
rounding = 10;
blur = {
enabled = true;
passes = 3;
};
shadow = {
enabled = true;
range = 4;
render_power = 3;
};
};
animations = {
enabled = true;
# Default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more
bezier = [
"easeOutQuint,0.23,1,0.32,1"
"easeInOutCubic,0.65,0.05,0.36,1"
"linear,0,0,1,1"
"almostLinear,0.5,0.5,0.75,1.0"
"quick,0.15,0,0.1,1"
];
animation = [
"global, 1, 10, default"
"border, 1, 5.39, easeOutQuint"
"windows, 1, 4.79, easeOutQuint"
"windowsIn, 1, 4.1, easeOutQuint, popin 87%"
"windowsOut, 1, 1.49, linear, popin 87%"
"fadeIn, 1, 1.73, almostLinear"
"fadeOut, 1, 1.46, almostLinear"
"fade, 1, 3.03, quick"
"layers, 1, 3.81, easeOutQuint"
"layersIn, 1, 4, easeOutQuint, fade"
"layersOut, 1, 1.5, linear, fade"
"fadeLayersIn, 1, 1.79, almostLinear"
"fadeLayersOut, 1, 1.39, almostLinear"
"workspaces, 1, 1.94, almostLinear, fade"
"workspacesIn, 1, 1.21, almostLinear, fade"
"workspacesOut, 1, 1.94, almostLinear, fade"
];
};
bind = [
"$mainMod, Return, exec, $terminal"
"$mainMod SHIFT, C, killactive"
"$mainMod, C ,exec, hyprshade off && hyprpicker -a && hyprshade on bluelight"
"$mainMod SHIFT, Q, exit"
"$mainMod, T, togglefloating"
"$mainMod, Space, exec, $menu"
"$mainMod, P, pseudo" # determine subsplit
"$mainMod, F, fullscreen, 0"
"$mainMod SHIFT, F, fullscreen, 1"
", Print, exec, hyprshade off && grim -g \"$(slurp -w 0 -d)\" - | wl-copy && hyprshade on bluelight"
# Move focus with mainMod + arrow keys
"$mainMod, left, movefocus, l"
"$mainMod, right, movefocus, r"
"$mainMod, up, movefocus, u"
"$mainMod, down, movefocus, d"
"$mainMod, h, movefocus, l"
"$mainMod, j, movefocus, d"
"$mainMod, k, movefocus, u"
"$mainMod, l, movefocus, r"
# Switch workspaces with mainMod + [0-9]
"$mainMod, 1, split:workspace, 1"
"$mainMod, 2, split:workspace, 2"
"$mainMod, 3, split:workspace, 3"
"$mainMod, 4, split:workspace, 4"
"$mainMod, 5, split:workspace, 5"
"$mainMod, 6, split:workspace, 6"
"$mainMod, 7, split:workspace, 7"
"$mainMod, 8, split:workspace, 8"
"$mainMod, 9, split:workspace, 9"
"$mainMod, 0, split:workspace, 10"
# Move active window to a workspace with mainMod + SHIFT + [0-9]
"$mainMod SHIFT, 1, split:movetoworkspacesilent, 1"
"$mainMod SHIFT, 2, split:movetoworkspacesilent, 2"
"$mainMod SHIFT, 3, split:movetoworkspacesilent, 3"
"$mainMod SHIFT, 4, split:movetoworkspacesilent, 4"
"$mainMod SHIFT, 5, split:movetoworkspacesilent, 5"
"$mainMod SHIFT, 6, split:movetoworkspacesilent, 6"
"$mainMod SHIFT, 7, split:movetoworkspacesilent, 7"
"$mainMod SHIFT, 8, split:movetoworkspacesilent, 8"
"$mainMod SHIFT, 9, split:movetoworkspacesilent, 9"
"$mainMod SHIFT, 0, split:movetoworkspacesilent, 10"
# window control
"$mainMod SHIFT, left, movewindow, l"
"$mainMod SHIFT, right, movewindow, r"
"$mainMod SHIFT, up, movewindow, u"
"$mainMod SHIFT, down, movewindow, d"
"$mainMod SHIFT, h, movewindow, l"
"$mainMod SHIFT, j, movewindow, d"
"$mainMod SHIFT, k, movewindow, u"
"$mainMod SHIFT, l, movewindow, r"
"$mainMod CTRL, left, resizeactive, -80 0"
"$mainMod CTRL, right, resizeactive, 80 0"
"$mainMod CTRL, up, resizeactive, 0 -80"
"$mainMod CTRL, down, resizeactive, 0 80"
"$mainMod CTRL, h, resizeactive, -80 0"
"$mainMod CTRL, j, resizeactive, 0 80"
"$mainMod CTRL, k, resizeactive, 0 -80"
"$mainMod CTRL, l, resizeactive, 80 0"
"$mainMod ALT, left, moveactive, -80 0"
"$mainMod ALT, right, moveactive, 80 0"
"$mainMod ALT, up, moveactive, 0 -80"
"$mainMod ALT, down, moveactive, 0 80"
"$mainMod ALT, h, moveactive, -80 0"
"$mainMod ALT, j, moveactive, 0 80"
"$mainMod ALT, k, moveactive, 0 -80"
"$mainMod ALT, l, moveactive, 80 0"
# Example special workspace (scratchpad)
"$mainMod, S, togglespecialworkspace, magic"
"$mainMod SHIFT, S, movetoworkspace, special:magic"
# Scroll through existing workspaces with mainMod + scroll
"$mainMod, mouse_down, workspace, e+1"
"$mainMod, mouse_up, workspace, e-1"
# media and volume controls
",XF86AudioPlay,exec, playerctl play-pause"
",XF86AudioNext,exec, playerctl next"
",XF86AudioPrev,exec, playerctl previous"
",XF86AudioStop,exec, playerctl stop"
# clipboard manager
"$mainMod, V, exec, cliphist list | wofi --show dmenu | cliphist decode | wl-copy"
];
# Move/resize windows with mainMod + LMB/RMB and dragging
bindm = [
"$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow"
];
windowrulev2 = [
"suppressevent maximize, class:.*" # Ignore maximize requests from apps. You'll probably like this.
"nofocus,class:^$,title:^$,xwayland:1,floating:1,fullscreen:0,pinned:0" # Fix some dragging issues with XWayland
"float, title:^(Picture-in-Picture)$"
"opacity 1.0 override 1.0 override, title:^(Picture-in-Picture)$"
"pin, title:^(Picture-in-Picture)$"
"float,class:^(pavucontrol)$"
"float,class:^(SoundWireServer)$"
"float,class:^(.sameboy-wrapped)$"
"float,class:^(file_progress)$"
"float,class:^(confirm)$"
"float,class:^(dialog)$"
"float,class:^(download)$"
"float,class:^(notification)$"
"float,class:^(error)$"
"float,class:^(confirmreset)$"
"float,title:^(Open File)$"
"float,title:^(File Upload)$"
"float,title:^(branchdialog)$"
"float,title:^(Confirm to replace files)$"
"float,title:^(File Operation Progress)$"
# workspace setup
"workspace 10, class:^(feishin)$"
# nextcloud
"float,class:^(com.nextcloud.desktopclient.nextcloud)$"
"stayfocused,class:^(com.nextcloud.desktopclient.nextcloud)$" # otherwise window immediately closes
# Remove context menu transparency in chromium based apps
"opaque,class:^()$,title:^()$"
"noshadow,class:^()$,title:^()$"
"noblur,class:^()$,title:^()$"
];
monitor = [
"DP-1, 1920x1080@74.97, auto-left, 1" # Adalbert: Left
"DP-3, 2560x1440@143.86, auto-right, 1" # Adalbert: Right
"eDP-1, 1920x1080@60, auto, 1" # Ludwig
",preferred,auto,auto"
];
misc = {
vrr = 1;
};
};
};
}

140
home/features/desktop/hyprland/default.nix
View file

@ -1,140 +0,0 @@
{ pkgs, ... }: {
imports = [ ./config.nix ./variables.nix ];
home.packages = with pkgs; [
hyprpicker # color picker
wofi # dmenu replacement
hyprshade # shader control, used for rudimentary blue-light filter
hyprpolkitagent
grim
slurp
# clipboard management
wl-clip-persist
wl-clipboard
cliphist
];
wayland.windowManager.hyprland = {
enable = true;
xwayland.enable = true;
systemd.enable = true;
plugins = [ pkgs.hyprlandPlugins.hyprsplit ];
};
services.dunst = {
enable = true;
settings = {
global = {
corner_radius = 5;
};
};
};
programs.waybar = {
enable = true;
systemd.enable = true;
settings = {
mainBar = {
layer = "top";
position = "top";
modules-left = [ "hyprland/workspaces" ];
modules-center = [ "hyprland/window" ];
modules-right = [ "tray" "memory" "cpu" "clock" ];
tray.spacing = 10;
clock.tooltip-format = "{:%d.%m.%Y}";
cpu.format = "{}% ";
memory.format = " {}% ";
"hyprland/workspaces" = {
format = "{icon}";
format-icons = {
"9" = "";
"10" = "󰝚";
"11" = "1";
"12" = "2";
"13" = "3";
"14" = "4";
"15" = "5";
"16" = "6";
"17" = "7";
"18" = "8";
"19" = "9";
"20" = "10";
"urgent" = "";
"focused" = "";
};
};
};
};
};
xdg.configFile."hypr/shaders/bluelight.glsl".text = ''
precision highp float;
varying vec2 v_texcoord;
uniform sampler2D tex;
const float temperature = 4000.0;
const float temperatureStrength = 1.0;
#define WithQuickAndDirtyLuminancePreservation
const float LuminancePreservationFactor = 1.0;
// function from https://www.shadertoy.com/view/4sc3D7
// valid from 1000 to 40000 K (and additionally 0 for pure full white)
vec3 colorTemperatureToRGB(const in float temperature) {
// values from: http://blenderartists.org/forum/showthread.php?270332-OSL-Goodness&p=2268693&viewfull=1#post2268693
mat3 m = (temperature <= 6500.0) ? mat3(vec3(0.0, -2902.1955373783176, -8257.7997278925690),
vec3(0.0, 1669.5803561666639, 2575.2827530017594),
vec3(1.0, 1.3302673723350029, 1.8993753891711275))
: mat3(vec3(1745.0425298314172, 1216.6168361476490, -8257.7997278925690),
vec3(-2666.3474220535695, -2173.1012343082230, 2575.2827530017594),
vec3(0.55995389139931482, 0.70381203140554553, 1.8993753891711275));
return mix(clamp(vec3(m[0] / (vec3(clamp(temperature, 1000.0, 40000.0)) + m[1]) + m[2]), vec3(0.0), vec3(1.0)),
vec3(1.0), smoothstep(1000.0, 0.0, temperature));
}
void main() {
vec4 pixColor = texture2D(tex, v_texcoord);
// RGB
vec3 color = vec3(pixColor[0], pixColor[1], pixColor[2]);
#ifdef WithQuickAndDirtyLuminancePreservation
color *= mix(1.0, dot(color, vec3(0.2126, 0.7152, 0.0722)) / max(dot(color, vec3(0.2126, 0.7152, 0.0722)), 1e-5),
LuminancePreservationFactor);
#endif
color = mix(color, color * colorTemperatureToRGB(temperature), temperatureStrength);
vec4 outCol = vec4(color, pixColor[3]);
gl_FragColor = outCol;
}
'';
# systemd.user.services.wl-gammarelay-rs = {
# Unit = {
# PartOf = [ "graphical-session.target" ];
# After = [ "graphical-session-pre.target" ];
# };
#
# Service = {
# ExecStart = "${pkgs.wl-gammarelay-rs}/bin/wl-gammarelay-rs";
# ExecReload = "${pkgs.coreutils}/bin/kill -SIGUSR2 $MAINPID";
# Restart = "on-failure";
# KillMode = "mixed";
# };
#
# Install = { WantedBy = [ "default.target" ]; };
# };
# systemd.user.services.wl-gammarelay-rs-restart = {
# Unit = {
# After = [ "suspend.target" "hibernate.target" "hybrid-sleep.target" "suspend-then-hibernate.target" ];
# };
#
# Service = {
# ExecStart = "${pkgs.bash}/bin/bash -c '${cmd} 6000 && ${cmd} 4000'";
# };
#
# Install = { WantedBy = [ "suspend.target" "hibernate.target" "hybrid-sleep.target" "suspend-then-hibernate.target" ]; };
# };
}

11
home/features/desktop/hyprland/variables.nix
View file

@ -1,11 +0,0 @@
{
home.sessionVariables = {
NIXOS_OZONE_WL = "1";
GDK_BACKEND = "wayland";
DIRENV_LOG_FORMAT = "";
QT_QPA_PLATFORM = "xcb";
XDG_SESSION_TYPE = "wayland";
SDL_VIDEODRIVER = "wayland";
CLUTTER_BACKEND = "wayland";
};
}

11
home/features/games/default.nix
View file

@ -1,12 +1,5 @@
{pkgs, ...}: {
home.packages = with pkgs; [
protonup-rs
heroic
(lutris.override {
extraLibraries = pkgs: [
wine
wineWowPackages.stable
];
})
imports = [
# ./steam.nix
];
}

31
home/features/games/steam.nix Normal file
View file

@ -0,0 +1,31 @@
{
pkgs,
lib,
config,
...
}: let
steam-with-pkgs = pkgs.steam.override {
extraPkgs = pkgs:
with pkgs; [
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXScrnSaver
libpng
libpulseaudio
libvorbis
stdenv.cc.cc.lib
libkrb5
keyutils
gamescope
mangohud
];
};
in {
home.packages = with pkgs; [
steam-with-pkgs
gamescope
mangohud
protontricks
];
}

14
home/features/general/xdg-dirs.nix
View file

@ -1,14 +0,0 @@
{
xdg.userDirs = {
enable = true;
createDirectories = true;
desktop = "/home/ghoscht/Uni";
download = "/home/ghoscht/Downloads";
documents = "/home/ghoscht/Documents";
music = null;
pictures = "/home/ghoscht/Pictures";
publicShare = null;
templates = null;
videos = null;
};
}

24
home/franz.nix
View file

@ -1,24 +0,0 @@
{
inputs,
outputs,
...
}: let
in {
imports = [
./global
./features/coding/nixvim
./features/coding/tmux.nix
];
home.file.".docker" = {
source = ../rsc/docker/franz;
recursive = true;
};
nixpkgs = {
config = {
permittedInsecurePackages = [
"nix-2.15.3"
];
};
};
}

3
home/global/default.nix
View file

@ -20,7 +20,6 @@
# You can also split up your configuration and import pieces of it here:
../features/cli
../features/general/xdg-dirs.nix
]
++ (builtins.attrValues outputs.homeManagerModules);
@ -59,7 +58,7 @@
nix = {
package = lib.mkDefault pkgs.nix;
settings = {
experimental-features = ["nix-command" "flakes"];
experimental-features = ["nix-command" "flakes" "repl-flake"];
warn-dirty = false;
};
};

33
home/ludwig.nix
View file

@ -1,33 +0,0 @@
{ pkgs, ... }: {
imports = [
./global
./features/desktop/awesome
./features/desktop/common/alacritty.nix
./features/desktop/hyprland
./features/desktop/gnome
./features/coding
];
home.packages = with pkgs; [ nextcloud-client ];
nixpkgs = {
config = {
permittedInsecurePackages = [
"electron-25.9.0"
"nix-2.15.3"
];
};
};
wayland.windowManager.hyprland = {
settings = {
bind = [
", XF86AudioRaiseVolume, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%+"
", XF86AudioLowerVolume, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%-"
", XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
", XF86MonBrightnessUp, exec, ${pkgs.brightnessctl}/bin/brightnessctl set +10%"
", XF86MonBrightnessDown, exec, ${pkgs.brightnessctl}/bin/brightnessctl set 10%-"
];
};
};
}

78
hosts/adalbert/default.nix
View file

@ -1,82 +1,82 @@
{ inputs
, outputs
, pkgs
, ...
# This is your system's configuration file.
# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: {
# You can import other NixOS modules here
imports = [
inputs.hardware.nixosModules.common-cpu-amd-pstate
inputs.hardware.nixosModules.common-gpu-nvidia-nonprime
# If you want to use modules your own flake exports (from modules/nixos):
# outputs.nixosModules.example
# Or modules from other flakes (such as nixos-hardware):
inputs.hardware.nixosModules.common-cpu-amd
inputs.hardware.nixosModules.common-gpu-nvidia
inputs.hardware.nixosModules.common-pc-ssd
# You can also split up your configuration and import pieces of it here:
# ./users.nix
# Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration.nix
../common/global
../common/optional/desktop/awesome.nix
../common/optional/desktop/hyprland.nix
../common/optional/systemd-boot.nix
../common/optional/wireshark.nix
../common/optional/kde-connect.nix
../common/optional/gnome-keyring.nix
../common/optional/adb.nix
../common/optional/docker.nix
../common/optional/gaming/gamemode.nix
../common/optional/gaming/steam.nix
../common/optional/desktop/japanese.nix
../common/optional/udisks.nix
../common/optional/fhs-compat.nix
../common/optional/stylix.nix
../common/optional/gaming/vr.nix
];
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
];
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
firefox.enablePlasmaBrowserIntegration = true;
segger-jlink.acceptLicense = true;
permittedInsecurePackages = [ "segger-jlink-qt4-796s" "dotnet-runtime-6.0.36" "dotnet-sdk-wrapped-6.0.428" "dotnet-sdk-6.0.428" ];
};
};
networking.hostName = "adalbert";
services.udev.packages = [ inputs.heliox-cli.packages.x86_64-linux.default pkgs.segger-jlink ];
environment.systemPackages = [ inputs.heliox-cli.packages.x86_64-linux.default ];
services.xserver.displayManager.gdm.enable = true;
boot.binfmt.emulatedSystems = [
"aarch64-linux"
"riscv64-linux"
];
# Force disable Nvidia PRIME, needed by nix-hardware
hardware.nvidia.prime.offload.enable = false;
programs = {
adb.enable = true;
dconf.enable = true;
coolercontrol = {
enable = true;
nvidiaSupport = true;
};
# Personalausweis reader
ausweisapp = {
enable = true;
openFirewall = true; # also sets firewall entry
};
kdeconnect.enable = true;
};
hardware = {
graphics.enable = true;
opengl.enable = true;
opentabletdriver.enable = true;
nvidia = {
open = false;
powerManagement.enable = true;
};
};
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion

6
hosts/adalbert/hardware-configuration.nix
View file

@ -18,17 +18,17 @@
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/e92a5e85-52ce-4627-be79-5c07a99e2d1b";
device = "/dev/disk/by-uuid/f9ba57fb-0b82-47e0-8189-7bbebc530e2b";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/348E-AC69";
device = "/dev/disk/by-uuid/BCF2-51D4";
fsType = "vfat";
};
swapDevices = [
{device = "/dev/disk/by-uuid/ae322cab-c083-4644-80ff-9122498d54e8";}
{device = "/dev/disk/by-uuid/4834fbc3-3feb-4b93-b11f-8b9bd054c5c1";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

11
hosts/common/global/default.nix
View file

@ -2,6 +2,7 @@
{
inputs,
outputs,
config,
...
}: {
imports =
@ -11,8 +12,8 @@
./fish.nix
./locale.nix
./nix.nix
./podman.nix
./power-button.nix
./documentation.nix
]
++ (builtins.attrValues outputs.nixosModules);
@ -25,8 +26,8 @@
};
};
# Enable networking
networking.networkmanager.enable = true;
boot.supportedFilesystems = ["ntfs"];
# Fix for qt6 plugins
environment.profileRelativeSessionVariables = {
QT_PLUGIN_PATH = ["/lib/qt-6/plugins"];
};
}

9
hosts/common/global/documentation.nix
View file

@ -1,9 +0,0 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [man-pages man-pages-posix];
documentation.dev.enable = true;
documentation.man = {
# In order to enable to mandoc man-db has to be disabled.
man-db.enable = false;
mandoc.enable = true;
};
}

2
hosts/common/global/locale.nix
View file

@ -16,5 +16,5 @@
};
};
console.keyMap = "de";
services.xserver.xkb.layout = "de";
services.xserver.layout = "de";
}

2
hosts/common/global/nix.nix
View file

@ -6,7 +6,7 @@
nix = {
settings = {
auto-optimise-store = lib.mkDefault true;
experimental-features = ["nix-command" "flakes"];
experimental-features = ["nix-command" "flakes" "repl-flake"];
warn-dirty = false;
system-features = ["kvm" "big-parallel" "nixos-test"];
};

2
hosts/common/optional/desktop/flatpak.nix
View file

@ -9,6 +9,4 @@
# Create folder where all fonts are linked to /run/current-system/sw/share/X11/fonts
fonts.fontDir.enable = true;
xdg.portal.enable = true;
}

10
hosts/common/optional/desktop/global.nix
View file

@ -4,13 +4,15 @@
pkgs,
...
}: {
imports = [./pipewire.nix ../printing.nix ./flatpak.nix ./xremap.nix];
imports = [./pipewire.nix ../printing.nix ./flatpak.nix ./xdg.nix ./xremap.nix];
# Enable networking
networking.networkmanager.enable = true;
# Enable for GTK
programs.dconf.enable = true;
# Fix for qt6 plugins
environment.profileRelativeSessionVariables = {
QT_PLUGIN_PATH = ["/lib/qt-6/plugins"];
services.xserver = {
displayManager.sddm.enable = true;
};
}

31
hosts/common/optional/desktop/gnome.nix
View file

@ -7,41 +7,10 @@
imports = [./global.nix ./x11.nix ./wayland.nix];
services = {
libinput.enable = true;
xserver = {
desktopManager.gnome = {
enable = true;
};
modules = [pkgs.xf86_input_wacom];
wacom.enable = true;
};
udev.packages = with pkgs; [
gnome-settings-daemon
];
};
environment = {
systemPackages = with pkgs; [
# System-Wide Packages
adwaita-icon-theme
dconf-editor
gnome-tweaks
gnomeExtensions.kimpanel
gnomeExtensions.vitals
gnomeExtensions.tray-icons-reloaded
];
gnome.excludePackages = with pkgs; [
gnome-tour
gedit
atomix
epiphany
geary
gnome-characters
gnome-contacts
gnome-initial-setup
hitori
iagno
tali
];
};
}

25
hosts/common/optional/desktop/hyprland.nix
View file

@ -1,25 +0,0 @@
{ pkgs, ... }: {
imports = [ ./global.nix ./x11.nix ./wayland.nix ];
programs.hyprland.enable = true;
xdg.portal = {
enable = true;
wlr.enable = true;
xdgOpenUsePortal = true;
extraPortals = [
pkgs.xdg-desktop-portal-hyprland
pkgs.xdg-desktop-portal-gtk
];
};
environment.etc."systemd/system-sleep/post-hibernate-bluelight.sh".source = pkgs.writeShellScript "post-hibernate-bluelight.sh" ''
if [ "$1-$SYSTEMD_SLEEP_ACTION" = "post-hibernate" ]; then
${pkgs.systemd}/bin/busctl --user set-property rs.wl-gammarelay / rs.wl.gammarelay Temperature q 4000
${pkgs.systemd}/bin/busctl --user set-property rs.wl-gammarelay / rs.wl.gammarelay Temperature q 6000
${pkgs.systemd}/bin/busctl --user set-property rs.wl-gammarelay / rs.wl.gammarelay Temperature q 4000
${pkgs.systemd}/bin/busctl --user set-property rs.wl-gammarelay / rs.wl.gammarelay Temperature q 4000
${pkgs.systemd}/bin/busctl --user set-property rs.wl-gammarelay / rs.wl.gammarelay Temperature q 4000
fi
'';
}

14
hosts/common/optional/desktop/japanese.nix
View file

@ -1,14 +0,0 @@
{pkgs, ...}: {
i18n.inputMethod = {
enable = true;
type = "fcitx5";
fcitx5.addons = with pkgs; [
fcitx5-mozc
fcitx5-gtk
];
fcitx5.waylandFrontend = true;
};
fonts.packages = with pkgs; [
noto-fonts-cjk-sans
];
}

4
hosts/common/optional/desktop/pipewire.nix
View file

@ -1,4 +1,4 @@
{pkgs, ...}: {
{
security.rtkit.enable = true;
hardware.pulseaudio.enable = false;
services.pipewire = {
@ -8,6 +8,4 @@
pulse.enable = true;
jack.enable = true;
};
environment.systemPackages = with pkgs; [pavucontrol pulseaudio qpwgraph];
}

15
hosts/common/optional/desktop/plasma.nix
View file

@ -1,15 +0,0 @@
{pkgs, ...}: {
imports = [./global.nix ./x11.nix];
services.xserver.desktopManager.plasma5.enable = true;
environment.plasma5.excludePackages = with pkgs.libsForQt5; [
elisa
gwenview
okular
oxygen
khelpcenter
konsole
plasma-browser-integration
print-manager
];
}

5
hosts/common/optional/desktop/x11.nix
View file

@ -5,12 +5,11 @@
...
}: {
services = {
libinput.enable = true; # Enable touchpad support
libinput.touchpad.naturalScrolling = true;
# Enable the X11 windowing system.
xserver = {
enable = true;
# Enable touchpad support
libinput.enable = true;
# Remove xterm terminal
excludePackages = with pkgs; [xterm];
modules = [pkgs.xf86_input_wacom];

48
hosts/common/optional/desktop/xremap.nix
View file

@ -1,63 +1,21 @@
{
pkgs,
inputs,
lib,
...
}: {
imports = [
inputs.xremap.nixosModules.default
];
hardware.uinput.enable = true;
users.groups.uinput.members = ["ghoscht"];
users.groups.input.members = ["ghoscht"];
systemd.user.services.set-xhost = {
description = "Run a one-shot command upon user login";
path = [pkgs.xorg.xhost];
wantedBy = ["default.target"];
script = "xhost +SI:localuser:root";
environment.DISPLAY = ":0"; # NOTE: This is hardcoded for this flake
};
services.xremap = {
withX11 = true;
watch = true;
debug = false;
userName = "ghoscht";
serviceMode = "user";
config = {
keymap = [
{
name = "Global";
name = "main remaps";
remap = {
"CapsLock" = "Esc";
"Esc" = "CapsLock";
super-x = {
launch = ["${lib.getExe pkgs.wezterm}"];
};
# super-space = {
# launch = ["${lib.getExe pkgs.rofi}" "-i" "-show" "drun" "-show-icons"];
# };
# super-control-l = {
# launch = ["${lib.getExe pkgs.firefox}"];
# };
# super-control-shift-l = {
# launch = ["${lib.getExe pkgs.firefox}" "--private-window"];
# };
};
}
{
name = "Music";
remap = {
"KEY_PLAYPAUSE" = {
launch = ["${lib.getExe pkgs.playerctl}" "play-pause"];
};
"KEY_NEXTSONG" = {
launch = ["${lib.getExe pkgs.playerctl}" "next"];
};
"KEY_PREVIOUSSONG" = {
launch = ["${lib.getExe pkgs.playerctl}" "previous"];
super-e = {
launch = ["firefox"];
};
};
}

8
hosts/common/optional/docker.nix
View file

@ -1,13 +1,5 @@
{
virtualisation.docker = {
enable = true;
daemon.settings = {
"default-address-pools" = [
{
"base" = "172.29.0.0/16";
"size" = 24;
}
];
};
};
}

69
hosts/common/optional/fhs-compat.nix
View file

@ -1,69 +0,0 @@
{
pkgs,
lib,
config,
...
}: {
services.envfs.enable = lib.mkDefault true;
programs.nix-ld.enable = lib.mkDefault true;
programs.nix-ld.libraries = with pkgs;
[
acl
attr
bzip2
dbus
expat
fontconfig
freetype
fuse3
icu
libnotify
libsodium
libssh
libunwind
libusb1
libuuid
nspr
nss
stdenv.cc.cc
util-linux
zlib
zstd
]
++ lib.optionals (config.hardware.graphics.enable) [
pipewire
cups
libxkbcommon
pango
mesa
libdrm
libglvnd
libpulseaudio
atk
cairo
alsa-lib
at-spi2-atk
at-spi2-core
gdk-pixbuf
glib
gtk3
libGL
libappindicator-gtk3
vulkan-loader
xorg.libX11
xorg.libXScrnSaver
xorg.libXcomposite
xorg.libXcursor
xorg.libXdamage
xorg.libXext
xorg.libXfixes
xorg.libXi
xorg.libXrandr
xorg.libXrender
xorg.libXtst
xorg.libxcb
xorg.libxkbfile
xorg.libxshmfence
];
}

23
hosts/common/optional/gaming/steam.nix
View file

@ -1,17 +1,18 @@
{
config,
lib,
pkgs,
...
}: {
{pkgs, ...}: {
environment.systemPackages = with pkgs.unstable; [
heroic # Game Launcher
lutris # Game Launcher
steam # Game Launcher
];
programs = {
steam = {
enable = true;
remotePlay.openFirewall = true;
gamescopeSession.enable = false;
};
};
xdg.mime = {
defaultApplications."x-scheme-handler/steam" = "steam.desktop";
addedAssociations."x-scheme-handler/steam" = "steam.desktop";
# Steam: Right-click game - Properties - Launch options: gamemoderun %command%
# Lutris: General Preferences - Enable Feral GameMode
# - Global options - Add Environment Variables: LD_PRELOAD=/nix/store/*-gamemode-*-lib/lib/libgamemodeauto.so
};
}

6
hosts/common/optional/gaming/vr.nix Normal file
View file

@ -0,0 +1,6 @@
{
programs.alvr = {
enable = true;
openFirewall = true;
};
}

3
hosts/common/optional/gnome-keyring.nix
View file

@ -2,10 +2,11 @@
config,
lib,
pkgs,
vars,
...
}: let
in {
security.pam.services.sddm.enableGnomeKeyring = true;
security.pam.services.${vars.user}.enableGnomeKeyring = true;
services.gnome.gnome-keyring.enable = true;
programs.seahorse.enable = true;
}

3
hosts/common/optional/printing.nix
View file

@ -9,8 +9,7 @@
printing.enable = true;
avahi = {
enable = true;
nssmdns4 = true;
nssmdns6 = true;
nssmdns = true;
# for a WiFi printer
openFirewall = true;
};

33
hosts/common/optional/quietboot.nix Normal file
View file

@ -0,0 +1,33 @@
{
pkgs,
config,
...
}: {
console = {
useXkbConfig = true;
earlySetup = false;
};
boot = {
plymouth = {
enable = true;
theme = "spinner-monochrome";
themePackages = [
(pkgs.plymouth-spinner-monochrome.override {
inherit (config.boot.plymouth) logo;
})
];
};
loader.timeout = 0;
kernelParams = [
"quiet"
"loglevel=3"
"systemd.show_status=auto"
"udev.log_level=3"
"rd.udev.log_level=3"
"vt.global_cursor_default=0"
];
consoleLogLevel = 0;
initrd.verbose = false;
};
}

36
hosts/common/optional/stylix.nix
View file

@ -1,36 +0,0 @@
{
inputs,
pkgs,
...
}: {
imports = [inputs.stylix.nixosModules.stylix];
stylix = {
enable = true;
polarity = "dark";
image = ../../../rsc/wallpaper/rolltreppe-gluehwein.jpg;
base16Scheme = "${pkgs.base16-schemes}/share/themes/catppuccin-mocha.yaml";
opacity.terminal = 0.83;
cursor = {
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Ice";
size = 25;
};
fonts = {
monospace = {
package = pkgs.nerdfonts.override {fonts = ["JetBrainsMono"];};
name = "JetBrainsMono Nerd Font Mono";
};
sansSerif = {
package = pkgs.dejavu_fonts;
name = "DejaVu Sans";
};
serif = {
package = pkgs.dejavu_fonts;
name = "DejaVu Serif";
};
};
};
}

1
hosts/common/optional/systemd-boot.nix
View file

@ -3,7 +3,6 @@
systemd-boot = {
enable = true;
consoleMode = "max";
configurationLimit = 42;
};
efi.canTouchEfiVariables = true;
};

3
hosts/common/optional/udisks.nix
View file

@ -1,3 +0,0 @@
{
services.udisks2.enable = true;
}

7
hosts/common/optional/vsftpd.nix
View file

@ -1,7 +0,0 @@
{
services.vsftpd = {
enable = true;
writeEnable = true;
localUsers = true;
};
}

117
hosts/eustachius/default.nix
View file

@ -1,117 +0,0 @@
{
pkgs,
lib,
...
}: let
vars = import ../../vars.nix;
in {
imports = [../common/global/locale.nix];
# NixOS wants to enable GRUB by default
boot.loader.grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf
boot.loader.generic-extlinux-compatible.enable = true;
# !!! Set to specific linux kernel version
boot.kernelPackages = pkgs.linuxPackages;
# Disable ZFS on kernel 6
boot.supportedFilesystems = lib.mkForce [
"vfat"
"xfs"
"cifs"
"ntfs"
];
# !!! Needed for the virtual console to work on the RPi 3, as the default of 16M doesn't seem to be enough.
# If X.org behaves weirdly (I only saw the cursor) then try increasing this to 256M.
# On a Raspberry Pi 4 with 4 GB, you should either disable this parameter or increase to at least 64M if you want the USB ports to work.
boot.kernelParams = ["cma=256M"];
# File systems configuration for using the installer's partition layout
fileSystems = {
# Prior to 19.09, the boot partition was hosted on the smaller first partition
# Starting with 19.09, the /boot folder is on the main bigger partition.
# The following is to be used only with older images.
/*
"/boot" = {
device = "/dev/disk/by-label/NIXOS_BOOT";
fsType = "vfat";
};
*/
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
};
# !!! Adding a swap file is optional, but strongly recommended!
swapDevices = [
{
device = "/swapfile";
size = 1024;
}
];
# systemPackages
environment.systemPackages = with pkgs; [
neovim
curl
wget
];
services.openssh = {
enable = true;
settings.PermitRootLogin = "yes";
};
services.restic.server = {
enable = true;
dataDir = "/mnt/backups";
extraFlags = ["--no-auth"];
};
services.tailscale = {
enable = true;
useRoutingFeatures = "server";
};
virtualisation.docker.enable = true;
networking.firewall.enable = false;
# Networking
networking.useDHCP = true;
# forwarding
boot.kernel.sysctl = {
"net.ipv4.conf.all.forwarding" = true;
"net.ipv6.conf.all.forwarding" = true;
"net.ipv4.tcp_ecn" = true;
};
# put your own configuration here, for example ssh keys:
users.mutableUsers = true;
users.users.nixos = {
isNormalUser = true;
password = "changeme";
extraGroups = ["wheel" "docker"];
openssh.authorizedKeys.keys = [
#Adalbert
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJd6Gut34abkwlZ4tZVBO4Qt7CkIpPm/Z8R6JCisjnYy openpgp:0xBD0CFCA0"
#Ludwig
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlRsnLqm6Ap3yKEEhtFiWavo72df/X5Il1ZCmENUqev openpgp:0xDE189CA5"
#Franz
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIINCjLoirHMos7c9lRatWtSYAk68xbUGc8vPU0wFxIzj openpgp:0x7430326E"
];
};
users.users.admin = {
isNormalUser = true;
extraGroups = ["wheel"]; # Enable sudo for the user.
hashedPassword = "blablabla"; # generate with `mkpasswd`
};
nix.settings.trusted-users = ["admin" "ghoscht" "nixos"];
system.stateVersion = "23.11";
}

7
hosts/franz/README.md
View file

@ -1,7 +0,0 @@
# Franz
## Drive Formatting
```sh
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko ../../disko/btrfs-swap.nix --arg device '"/dev/nvme0n1"'
```

131
hosts/franz/arion/auth/arion-compose.nix
View file

@ -1,131 +0,0 @@
let
authentikImage = "ghcr.io/goauthentik/server:2024.12.0";
in {
project.name = "auth";
networks.dmz = {
name = "dmz";
external = true;
};
networks.internal = {};
services = {
authentik.service = {
image = authentikImage;
container_name = "authentik";
labels = {
"traefik.enable" = "true";
"traefik.http.services.authentik.loadbalancer.server.port" = "9000";
"traefik.http.routers.authentik.service" = "authentik";
"traefik.http.routers.authentik.rule" = "Host(`auth.ghoscht.com`)";
"traefik.http.routers.authentik.entrypoints" = "websecure";
"traefik.http.routers.authentik.tls" = "true";
"traefik.http.routers.authentik.tls.certresolver" = "letsencrypt";
"traefik.http.services.authentik-external.loadbalancer.server.port" = "9000";
"traefik.http.routers.authentik-external.service" = "authentik-external";
"traefik.http.routers.authentik-external.rule" = "Host(`auth.ghoscht.com`)";
"traefik.http.routers.authentik-external.entrypoints" = "websecure-external";
"traefik.http.routers.authentik-external.tls" = "true";
"traefik.http.routers.authentik-external.tls.certresolver" = "letsencrypt";
"diun.enable" = "true";
"diun.watch_repo" = "true";
"diun.include_tags" = "^\\d+\\.\\d+\\.\\d+$$";
};
command = "server";
environment = {
AUTHENTIK_REDIS__HOST = "redis";
AUTHENTIK_POSTGRESQL__HOST = "postgres";
AUTHENTIK_ERROR_REPORTING__ENABLED = "true";
};
env_file = [
"/home/ghoscht/.docker/auth/authentik.env"
];
restart = "always";
depends_on = {
redis = {condition = "service_healthy";};
postgres = {condition = "service_healthy";};
};
volumes = [
"/home/ghoscht/.docker/auth/authentik_media:/media"
"/home/ghoscht/.docker/auth/authentik_custom_templates:/templates"
];
networks = [
"dmz"
"internal"
];
};
worker.service = {
image = authentikImage;
command = "worker";
environment = {
AUTHENTIK_REDIS__HOST = "redis";
AUTHENTIK_POSTGRESQL__HOST = "postgres";
AUTHENTIK_ERROR_REPORTING__ENABLED = "true";
};
env_file = [
"/home/ghoscht/.docker/auth/authentik.env"
];
depends_on = {
redis = {condition = "service_healthy";};
postgres = {condition = "service_healthy";};
};
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
"/home/ghoscht/.docker/auth/authentik_media:/media"
"/home/ghoscht/.docker/auth/authentik_custom_templates:/templates"
];
restart = "always";
user = "root";
networks = [
"internal"
];
};
redis.service = {
image = "redis:7.2.4";
command = "--save 60 1 --loglevel warning";
healthcheck = {
test = [
"CMD-SHELL"
"redis-cli ping | grep PONG"
];
start_period = "20s";
interval = "30s";
retries = 5;
timeout = "5s";
};
restart = "always";
volumes = [
"/home/ghoscht/.docker/auth/redis_data:/data"
];
networks = [
"internal"
];
};
postgres.service = {
image = "postgres:12.18";
restart = "always";
env_file = [
"/home/ghoscht/.docker/auth/postgres.env"
];
volumes = [
"/home/ghoscht/.docker/auth/postgres_data:/var/lib/postgresql/data"
];
healthcheck = {
test = [
"CMD-SHELL"
"pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"
];
start_period = "20s";
interval = "30s";
retries = 5;
timeout = "5s";
};
networks = [
"internal"
];
};
};
}

6
hosts/franz/arion/auth/arion-pkgs.nix
View file

@ -1,6 +0,0 @@
# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH
import <nixpkgs> {
# We specify the architecture explicitly. Use a Linux remote builder when
# calling arion from other platforms.
system = "x86_64-linux";
}

45
hosts/franz/arion/auth/default.nix
View file

@ -1,45 +0,0 @@
{config, ...}: let
vars = import ../../../../vars.nix;
in {
virtualisation.arion = {
projects.auth.settings = {
imports = [./arion-compose.nix];
};
};
sops.secrets."auth/postgres_db" = {
owner = vars.user;
};
sops.secrets."auth/postgres_user" = {
owner = vars.user;
};
sops.secrets."auth/postgres_pw" = {
owner = vars.user;
};
sops.secrets."auth/authentik_secret_key" = {
owner = vars.user;
};
sops.templates."auth-postgres.env" = {
path = "/home/${vars.user}/.docker/auth/postgres.env";
owner = vars.user;
mode = "0775";
content = ''
POSTGRES_PASSWORD="${config.sops.placeholder."auth/postgres_pw"}"
POSTGRES_USER="${config.sops.placeholder."auth/postgres_user"}"
POSTGRES_DB="${config.sops.placeholder."auth/postgres_db"}"
'';
};
sops.templates."auth-authentik.env" = {
path = "/home/${vars.user}/.docker/auth/authentik.env";
owner = vars.user;
mode = "0775";
content = ''
AUTHENTIK_POSTGRESQL__PASSWORD="${config.sops.placeholder."auth/postgres_pw"}"
AUTHENTIK_POSTGRESQL__USER="${config.sops.placeholder."auth/postgres_user"}"
AUTHENTIK_POSTGRESQL__NAME="${config.sops.placeholder."auth/postgres_db"}"
AUTHENTIK_SECRET_KEY="${config.sops.placeholder."auth/authentik_secret_key"}"
'';
};
}

42
hosts/franz/arion/dashboard/arion-compose.nix
View file

@ -1,42 +0,0 @@
{
project.name = "dashboard";
networks.dmz = {
name = "dmz";
external = true;
};
services = {
homarr.service = {
image = "ghcr.io/ajnart/homarr:0.15.10";
container_name = "homarr";
labels = {
"traefik.enable" = "true";
"traefik.http.routers.homarr.entrypoints" = "websecure";
"traefik.http.routers.homarr.rule" = "Host(`dashboard.ghoscht.com`)";
"traefik.http.routers.homarr.tls" = "true";
"traefik.http.routers.homarr.tls.certresolver" = "letsencrypt";
};
environment = {
AUTH_PROVIDER = "oidc";
AUTH_OIDC_URI = "https://auth.ghoscht.com/application/o/homarr";
AUTH_OIDC_CLIENT_NAME = "authentik";
NEXTAUTH_URL = "https://dashboard.ghoscht.com";
AUTH_OIDC_ADMIN_GROUP = "Homarr Admins";
AUTH_OIDC_OWNER_GROUP = "Homarr Admins";
};
env_file = [
"/home/ghoscht/.docker/dashboard/homarr.env"
];
volumes = [
"/home/ghoscht/.docker/dashboard/homarr_data:/data"
"/home/ghoscht/.docker/dashboard/homarr_config:/app/data/configs"
"/home/ghoscht/.docker/dashboard/homarr_icons:/app/public/imgs"
];
restart = "always";
networks = [
"dmz"
];
};
};
}

6
hosts/franz/arion/dashboard/arion-pkgs.nix
View file

@ -1,6 +0,0 @@
# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH
import <nixpkgs> {
# We specify the architecture explicitly. Use a Linux remote builder when
# calling arion from other platforms.
system = "x86_64-linux";
}

24
hosts/franz/arion/dashboard/default.nix
View file

@ -1,24 +0,0 @@
{config, ...}: let
vars = import ../../../../vars.nix;
in {
virtualisation.arion = {
projects.dashboard.settings = {
imports = [./arion-compose.nix];
};
};
sops.secrets."homarr/oidc_client_id" = {
owner = vars.user;
};
sops.secrets."homarr/oidc_client_secret" = {
owner = vars.user;
};
sops.templates."homarr.env" = {
path = "/home/${vars.user}/.docker/dashboard/homarr.env";
owner = vars.user;
mode = "0775";
content = ''
AUTH_OIDC_CLIENT_SECRET="${config.sops.placeholder."homarr/oidc_client_secret"}"
AUTH_OIDC_CLIENT_ID="${config.sops.placeholder."homarr/oidc_client_id"}"
'';
};
}

51
hosts/franz/arion/default.nix
View file

@ -1,51 +0,0 @@
{
inputs,
pkgs,
config,
...
}: {
imports = [
inputs.arion.nixosModules.arion
./dns
./infrastructure
./nextcloud
./push
./git
./passwords
./media
./dashboard
./smarthome
./signal
./feed
# ./matrix
./headscale
./auth
./minio
./stats
./wiki
];
environment.systemPackages = with pkgs; [arion];
virtualisation.arion.backend = "docker";
systemd.services.init-dmz-bridge-network = {
description = "Create the network bridge dmz for the Docker stack.";
after = ["network.target"];
wantedBy = ["multi-user.target"];
serviceConfig.Type = "oneshot";
script = let
dockercli = "${config.virtualisation.docker.package}/bin/docker";
in ''
# Put a true at the end to prevent getting non-zero return code, which will
# crash the whole service.
check=$(${dockercli} network ls | grep "dmz" || true)
if [ -z "$check" ]; then
${dockercli} network create dmz
else
echo "dmz already exists in docker"
fi
'';
};
}

75
hosts/franz/arion/dns/arion-compose.nix
View file

@ -1,75 +0,0 @@
{
project.name = "dns";
networks.dmz = {
name = "dmz";
external = true;
};
networks.dns = {
name = "dns";
driver = "bridge";
ipam.config = [
{
subnet = "172.29.1.0/24";
ip_range = "172.29.1.4/30";
gateway = "172.29.1.1";
}
];
};
services = {
pihole.service = {
image = "pihole/pihole:2024.07.0";
container_name = "pihole";
hostname = "pihole";
environment = {
IPv6 = "True";
TZ = "Europe/Berlin";
SKIPGRAVITYONBOOT = 1;
VIRTUAL_HOST = "pihole.ghoscht.com";
};
volumes = [
"/home/ghoscht/.docker/dns/pihole_data:/etc/pihole"
"/home/ghoscht/.docker/dns/pihole_dnsmasq:/etc/dnsmasq.d"
];
labels = {
"traefik.enable" = "true";
"traefik.http.routers.pihole.entrypoints" = "websecure";
"traefik.http.routers.pihole.rule" = "Host(`pihole.ghoscht.com`)";
"traefik.http.services.pihole.loadbalancer.server.port" = "80";
"traefik.docker.network" = "dmz";
"traefik.http.routers.pihole.tls" = "true";
"traefik.http.routers.pihole.tls.certresolver" = "letsencrypt";
};
restart = "always";
networks = {
dmz = {};
dns = {
ipv4_address = "172.29.1.6";
};
};
capabilities = {
NET_ADMIN = true;
};
ports = [
"8420:80"
"53:53/tcp"
"53:53/udp"
];
};
unbound.service = {
image = "mvance/unbound:1.21.1";
container_name = "unbound";
volumes = [
"/home/ghoscht/.docker/dns/unbound_data:/opt/unbound/etc/unbound"
];
restart = "always";
networks = {
dns = {
ipv4_address = "172.29.1.5";
};
};
};
};
}

6
hosts/franz/arion/dns/arion-pkgs.nix
View file

@ -1,6 +0,0 @@
# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH
import <nixpkgs> {
# We specify the architecture explicitly. Use a Linux remote builder when
# calling arion from other platforms.
system = "x86_64-linux";
}

11
hosts/franz/arion/dns/default.nix
View file

@ -1,11 +0,0 @@
{pkgs, ...}: {
virtualisation.arion = {
projects.dns.settings = {
imports = [./arion-compose.nix];
};
};
# Fix containers not being able to use pihole as dns
networking.resolvconf.useLocalResolver = true;
networking.firewall.allowedTCPPorts = [80 443];
}

46
hosts/franz/arion/feed/arion-compose.nix
View file

@ -1,46 +0,0 @@
{pkgs, ...}: {
project.name = "feed";
networks.dmz = {
name = "dmz";
external = true;
};
networks.transport = {};
services = {
ttrss.service = {
image = "wangqiru/ttrss:latest-2024-02-28";
container_name = "ttrss";
ports = [
"181:80"
];
environment = {
PUID = 1000;
PGID = 1000;
DB_HOST = "feed-db";
};
env_file = [
"/home/ghoscht/.docker/feed/ttrss.env"
];
restart = "always";
networks = [
"dmz"
"transport"
];
};
feed-db.service = {
image = "postgres:13-alpine";
volumes = [
"/home/ghoscht/.docker/feed/ttrss_db:/var/lib/postgresql/data"
];
env_file = [
"/home/ghoscht/.docker/feed/ttrss.env"
];
restart = "always";
networks = [
"transport"
];
};
};
}

6
hosts/franz/arion/feed/arion-pkgs.nix
View file

@ -1,6 +0,0 @@
# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH
import <nixpkgs> {
# We specify the architecture explicitly. Use a Linux remote builder when
# calling arion from other platforms.
system = "x86_64-linux";
}

22
hosts/franz/arion/feed/default.nix
View file

@ -1,22 +0,0 @@
{config, ...}: let
vars = import ../../../../vars.nix;
in {
virtualisation.arion = {
projects.feed.settings = {
imports = [./arion-compose.nix];
};
};
sops.secrets."ttrss/db_password" = {
owner = vars.user;
};
sops.templates."ttrss.env" = {
path = "/home/${vars.user}/.docker/feed/ttrss.env";
owner = vars.user;
mode = "0775";
content = ''
DB_PASS="${config.sops.placeholder."ttrss/db_password"}"
'';
};
}

71
hosts/franz/arion/git/arion-compose.nix
View file

@ -1,71 +0,0 @@
{
project.name = "git";
networks.dmz = {
name = "dmz";
external = true;
};
networks.transport = {};
services = {
forgejo.service = {
image = "codeberg.org/forgejo/forgejo:9.0.3";
container_name = "forgejo";
useHostStore = true;
labels = {
"traefik.enable" = "true";
"diun.enable" = "true";
"traefik.docker.network" = "dmz";
"traefik.http.services.forgejo.loadbalancer.server.port" = "3000";
"traefik.http.routers.forgejo.service" = "forgejo";
"traefik.http.routers.forgejo.entrypoints" = "websecure";
"traefik.http.routers.forgejo.rule" = "Host(`git.ghoscht.com`)";
"traefik.http.routers.forgejo.tls" = "true";
"traefik.http.routers.forgejo.tls.certresolver" = "letsencrypt";
"traefik.http.services.forgejo-external.loadbalancer.server.port" = "3000";
"traefik.http.routers.forgejo-external.service" = "forgejo-external";
"traefik.http.routers.forgejo-external.rule" = "Host(`git.ghoscht.com`)";
"traefik.http.routers.forgejo-external.entrypoints" = "websecure-external";
"traefik.http.routers.forgejo-external.tls" = "true";
"traefik.http.routers.forgejo-external.tls.certresolver" = "letsencrypt";
};
volumes = [
"/home/ghoscht/.docker/git/forgejo_data:/data"
"/etc/localtime:/etc/localtime:ro"
];
ports = [
"2222:22"
];
environment = {
USER_UID = 1000;
USER_GID = 1000;
GITEA__database__DB_TYPE = "postgres";
GITEA__database__HOST = "git-db:5432";
};
env_file = [
"/home/ghoscht/.docker/git/forgejo.env"
];
restart = "unless-stopped";
networks = [
"dmz"
"transport"
];
};
git-db.service = {
image = "postgres:15.3-bullseye";
env_file = [
"/home/ghoscht/.docker/git/forgejo-db.env"
];
volumes = [
"/home/ghoscht/.docker/git/forgejo_db:/var/lib/postgresql/data"
];
restart = "unless-stopped";
networks = [
"transport"
];
};
};
}

6
hosts/franz/arion/git/arion-pkgs.nix
View file

@ -1,6 +0,0 @@
# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH
import <nixpkgs> {
# We specify the architecture explicitly. Use a Linux remote builder when
# calling arion from other platforms.
system = "x86_64-linux";
}

65
hosts/franz/arion/git/default.nix
View file

@ -1,65 +0,0 @@
{
config,
pkgs,
...
}: let
vars = import ../../../../vars.nix;
in {
virtualisation.arion = {
projects.git.settings = {
imports = [./arion-compose.nix];
};
};
sops.secrets."forgejo/db_password" = {
owner = vars.user;
};
sops.secrets."forgejo/db_user" = {
owner = vars.user;
};
sops.secrets."forgejo/db_database" = {
owner = vars.user;
};
sops.secrets."forgejo/runner_token" = {
owner = vars.user;
};
sops.templates."forgejo.env" = {
path = "/home/${vars.user}/.docker/git/forgejo.env";
owner = vars.user;
mode = "0775";
content = ''
GITEA__database__NAME="${config.sops.placeholder."forgejo/db_database"}"
GITEA__database__USER="${config.sops.placeholder."forgejo/db_user"}"
GITEA__database__PASSWD="${config.sops.placeholder."forgejo/db_password"}"
'';
};
sops.templates."forgejo-db.env" = {
path = "/home/${vars.user}/.docker/git/forgejo-db.env";
owner = vars.user;
mode = "0775";
content = ''
POSTGRES_DB="${config.sops.placeholder."forgejo/db_database"}"
POSTGRES_USER="${config.sops.placeholder."forgejo/db_user"}"
POSTGRES_PASSWORD="${config.sops.placeholder."forgejo/db_password"}"
'';
};
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances.default = {
enable = true;
name = config.networking.hostName;
url = "https://git.ghoscht.com";
# tokenFile = "/home/${vars.user}/.docker/git/forgejo-runner.env";
tokenFile = config.sops.secrets."forgejo/runner_token".path;
labels = [
"ubuntu-latest:docker://node:22-bookworm"
];
};
};
# enable cache actions https://forgejo.org/docs/latest/admin/runner-installation/
networking.firewall.trustedInterfaces = ["br-+"];
}

56
hosts/franz/arion/headscale/arion-compose.nix
View file

@ -1,56 +0,0 @@
{pkgs, ...}: {
project.name = "headscale";
networks.dmz = {
name = "dmz";
external = true;
};
services = {
headscale.service = {
image = "headscale/headscale:0.22.3-debug";
container_name = "headscale";
restart = "always";
command = "headscale serve";
labels = {
"traefik.enable" = "true";
"traefik.http.services.headscale.loadbalancer.server.port" = "8080";
"traefik.http.routers.headscale.service" = "headscale";
"traefik.http.routers.headscale.entrypoints" = "websecure";
"traefik.http.routers.headscale.rule" = "Host(`headscale.ghoscht.com`)";
"traefik.http.routers.headscale.tls" = "true";
"traefik.http.routers.headscale.tls.certresolver" = "letsencrypt";
"traefik.http.services.headscale-external.loadbalancer.server.port" = "8080";
"traefik.http.routers.headscale-external.service" = "headscale-external";
"traefik.http.routers.headscale-external.rule" = "Host(`headscale.ghoscht.com`)";
"traefik.http.routers.headscale-external.entrypoints" = "websecure-external";
"traefik.http.routers.headscale-external.tls" = "true";
"traefik.http.routers.headscale-external.tls.certresolver" = "letsencrypt";
};
volumes = [
"/home/ghoscht/.docker/headscale/headscale_config:/etc/headscale"
"/home/ghoscht/.docker/headscale/headscale_data:/var/lib/headscale"
];
networks = [
"dmz"
];
};
headscale-ui.service = {
image = "ghcr.io/gurucomputing/headscale-ui:2024.02.24-beta1";
container_name = "headscale-ui";
restart = "always";
labels = {
"traefik.enable" = "true";
"traefik.http.routers.headscale-ui.entrypoints" = "websecure";
"traefik.http.routers.headscale-ui.rule" = "PathPrefix(`/web`)&&Host(`headscale.ghoscht.com`)";
"traefik.http.services.headscale-ui.loadbalancer.server.port" = "80";
"traefik.http.routers.headscale-ui.tls" = "true";
"traefik.http.routers.headscale-ui.tls.certresolver" = "letsencrypt";
};
networks = [
"dmz"
];
};
};
}

6
hosts/franz/arion/headscale/arion-pkgs.nix
View file

@ -1,6 +0,0 @@
# Instead of pinning Nixpkgs, we can opt to use the one in NIX_PATH
import <nixpkgs> {
# We specify the architecture explicitly. Use a Linux remote builder when
# calling arion from other platforms.
system = "x86_64-linux";
}

Some files were not shown because too many files have changed in this diff Show more