lelgenio/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: lelgenio:main
Branches Tags
lelgenio:main
lelgenio:niri
lelgenio:gnome
lelgenio:gnome-pass-search-provider
lelgenio:wip
lelgenio:disko
lelgenio:release-24.05
lelgenio:kak-tree-sitter
lelgenio:hyprland
..
compare: lelgenio:hyprland
Branches Tags
lelgenio:main
lelgenio:niri
lelgenio:gnome
lelgenio:gnome-pass-search-provider
lelgenio:wip
lelgenio:disko
lelgenio:release-24.05
lelgenio:kak-tree-sitter
lelgenio:hyprland

4 commits
main ... hyprland

Author SHA1 Message Date
Leonardo Eugênio fb323ec227 hyprland: more improvements 2024-01-21 01:24:23 -03:00
Leonardo Eugênio f3ef679499 hyprland improve systemd integration 2024-01-21 00:27:21 -03:00
Leonardo Eugênio 6ad0d3685e hyprland: minimal config 2024-01-21 00:27:21 -03:00
Leonardo Eugênio 7b2f97155f WIP: use hyprland 2024-01-20 21:43:16 -03:00
169 changed files with 14092 additions and 3936 deletions
Show stats Expand all files Collapse all files

684
flake.lock
View file

@ -16,23 +16,37 @@
"type": "github"
}
},
"advisory-db_2": {
"flake": false,
"locked": {
"lastModified": 1683272394,
"narHash": "sha256-4XQZbSZ8XYAeASpr0Er8mNPnjbYLJwvaB+VyH+bt6DE=",
"owner": "rustsec",
"repo": "advisory-db",
"rev": "50bed3ba4066e6255dab434dc845e7f655812ce1",
"type": "github"
},
"original": {
"owner": "rustsec",
"repo": "advisory-db",
"type": "github"
}
},
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": [
"home-manager"
],
"home-manager": "home-manager",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": {
"lastModified": 1723293904,
"narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
"lastModified": 1703433843,
"narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
"owner": "ryantm",
"repo": "agenix",
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
"rev": "417caa847f9383e111d1397039c9d4337d024bf0",
"type": "github"
},
"original": {
@ -41,22 +55,6 @@
"type": "github"
}
},
"blobs": {
"flake": false,
"locked": {
"lastModified": 1604995301,
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"type": "gitlab"
}
},
"crane": {
"inputs": {
"flake-compat": "flake-compat",
@ -83,17 +81,20 @@
},
"crane_2": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_4",
"nixpkgs": [
"warthunder-leak-counter",
"maildir-notify-daemon",
"nixpkgs"
]
],
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1718730147,
"narHash": "sha256-QmD6B6FYpuoCqu6ZuPJH896ItNquDkn0ulQlOn4ykN8=",
"lastModified": 1683505101,
"narHash": "sha256-VBU64Jfu2V4sUR5+tuQS9erBRAe/QEYUxdVMcJGMZZs=",
"owner": "ipetkov",
"repo": "crane",
"rev": "32c21c29b034d0a93fdb2379d6fabc40fc3d0e6c",
"rev": "7b5bd9e5acb2bb0cfba2d65f34d8568a894cdb6c",
"type": "github"
},
"original": {
@ -169,26 +170,6 @@
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1726590912,
"narHash": "sha256-5bxY85siOIqOcQ8TOMAWLkMUZvLUADS2i5TsZhzUIZY=",
"owner": "nix-community",
"repo": "disko",
"rev": "d32d1504c77d7f6ba7e033357dcf638baceab9b7",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"dzgui": {
"flake": false,
"locked": {
@ -208,9 +189,7 @@
"dzgui-nix": {
"inputs": {
"dzgui": "dzgui",
"nixpkgs": [
"nixpkgs"
]
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1702850463,
@ -222,7 +201,6 @@
},
"original": {
"owner": "lelgenio",
"ref": "dzgui-4.1.0",
"repo": "dzgui-nix",
"type": "github"
}
@ -268,11 +246,41 @@
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"revCount": 57,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
@ -299,6 +307,24 @@
"type": "github"
}
},
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils_6"
},
"locked": {
"lastModified": 1696331477,
"narHash": "sha256-YkbRa/1wQWdWkVJ01JvV+75KIdM37UErqKgTf0L54Fk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "bfc53579db89de750b25b0c5e7af299e0c06d7d3",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
@ -370,14 +396,50 @@
},
"flake-utils_6": {
"inputs": {
"systems": "systems_7"
"systems": "systems_8"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_7": {
"inputs": {
"systems": "systems_9"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_8": {
"inputs": {
"systems": "systems_10"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
@ -389,24 +451,171 @@
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1726592409,
"narHash": "sha256-2Y6CDvD/BD43WLS77PHu6dUHbdUfFhuzkY8oJAecD/U=",
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "2ab00f89dd3ecf8012f5090e6d7ca1a7ea30f594",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1705476964,
"narHash": "sha256-W5OK1fnj4qdn1HWOlxV2S3YiUvfaVjQM5ldWVpGV1fs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "85c3b600f660abd86e94cbcd1c46733943197a07",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.11",
"repo": "home-manager",
"type": "github"
}
},
"hyprland": {
"inputs": {
"hyprland-protocols": "hyprland-protocols",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_4",
"wlroots": "wlroots",
"xdph": "xdph"
},
"locked": {
"lastModified": 1705503680,
"narHash": "sha256-e+ou1KvZeZp104yeCgvgTTp5G+DB380CUZuUkijZxAc=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "c4365f20ed8ff0dd480b7ed7cf1bfff1a0b6911a",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "Hyprland",
"type": "github"
}
},
"hyprland-protocols": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1691753796,
"narHash": "sha256-zOEwiWoXk3j3+EoF3ySUJmberFewWlagvewDRuWYAso=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "0c2ce70625cb30aef199cb388f99e19a61a6ce03",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-protocols",
"type": "github"
}
},
"hyprlang": {
"inputs": {
"nixpkgs": [
"hyprland",
"xdph",
"nixpkgs"
]
},
"locked": {
"lastModified": 1704287638,
"narHash": "sha256-TuRXJGwtK440AXQNl5eiqmQqY4LZ/9+z/R7xC0ie3iA=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "6624f2bb66d4d27975766e81f77174adbe58ec97",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprlang",
"type": "github"
}
},
"lipsum": {
"flake": false,
"locked": {
"lastModified": 1630421397,
"narHash": "sha256-a6uv0tJulN9cAGWxvQr8B0PUJEY8Rx4e759xzS66Xlo=",
"owner": "hannenz",
"repo": "lipsum",
"rev": "0fb31e6ede10fbd78d7652f5fb21670cddd8e3ed",
"type": "github"
},
"original": {
"owner": "hannenz",
"repo": "lipsum",
"type": "github"
}
},
"maildir-notify-daemon": {
"inputs": {
"advisory-db": "advisory-db_2",
"crane": "crane_2",
"flake-utils": "flake-utils_5",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1683946606,
"narHash": "sha256-nzI8XDjf7Q0NZdVuxEvkkU4x0w229DmJZAN2yB92oMc=",
"owner": "lelgenio",
"repo": "maildir-notify-daemon",
"rev": "f609cbd6dd6accce8f24594bc2e13822023e3d79",
"type": "github"
},
"original": {
"owner": "lelgenio",
"repo": "maildir-notify-daemon",
"type": "github"
}
},
"material-wifi-icons": {
"flake": false,
"locked": {
"lastModified": 1703850449,
"narHash": "sha256-KykU5J7SdpBDG+6rkD//XeHd+6pK3qabe+88RduhwKc=",
"owner": "dcousens",
"repo": "material-wifi-icons",
"rev": "2daf6b3d96d65beb2a3e37a9a53556aab3826d97",
"type": "github"
},
"original": {
"owner": "dcousens",
"repo": "material-wifi-icons",
"type": "github"
}
},
"nix-index-database": {
"inputs": {
"nixpkgs": [
@ -414,11 +623,11 @@
]
},
"locked": {
"lastModified": 1726449931,
"narHash": "sha256-1AX7MyYzP7sNgZiGF8jwehCCI75y2kBGwACeryJs+yE=",
"lastModified": 1705282324,
"narHash": "sha256-LnURMA7yCM5t7et9O2+2YfGQh0FKAfE5GyahNDDzJVM=",
"owner": "Mic92",
"repo": "nix-index-database",
"rev": "c1b0fa0bec5478185eae2fd3f39b9e906fc83995",
"rev": "49aaeecf41ae0a0944e2c627cb515bcde428a1d1",
"type": "github"
},
"original": {
@ -427,45 +636,120 @@
"type": "github"
}
},
"nixos-mailserver": {
"nix-software-center": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_2",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-24_05": [
"nixpkgs"
],
"nixpkgs": "nixpkgs_2",
"utils": "utils"
},
"locked": {
"lastModified": 1718084203,
"narHash": "sha256-Cx1xoVfSMv1XDLgKg08CUd1EoTYWB45VmB9XIQzhmzI=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "29916981e7b3b5782dc5085ad18490113f8ff63b",
"type": "gitlab"
"lastModified": 1703105285,
"narHash": "sha256-BHoW1RQMc2Auz8paBvTBriKv0F6FI99+3nnz/ELLawg=",
"owner": "vlinkz",
"repo": "nix-software-center",
"rev": "68e87fb6e24fb3e6fe65449918d0cbda96622b65",
"type": "github"
},
"original": {
"owner": "simple-nixos-mailserver",
"ref": "nixos-24.05",
"repo": "nixos-mailserver",
"type": "gitlab"
"owner": "vlinkz",
"repo": "nix-software-center",
"type": "github"
}
},
"nixos-conf-editor": {
"inputs": {
"flake-compat": "flake-compat_3",
"nixpkgs": "nixpkgs_3",
"snowfall-lib": "snowfall-lib"
},
"locked": {
"lastModified": 1703104726,
"narHash": "sha256-9wD01mLe7tQCzTtLIRzUaAvOKzfPuWPfpCfYkeCsQD0=",
"owner": "vlinkz",
"repo": "nixos-conf-editor",
"rev": "18dc1d25b2025dc437490c71653429a05f9e0bf2",
"type": "github"
},
"original": {
"owner": "vlinkz",
"repo": "nixos-conf-editor",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1726447378,
"narHash": "sha256-2yV8nmYE1p9lfmLHhOCbYwQC/W8WYfGQABoGzJOb1JQ=",
"lastModified": 1702539185,
"narHash": "sha256-KnIRG5NMdLIpEkZTnN5zovNYc0hhXjAgv6pfd5Z4c7U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "086b448a5d54fd117f4dc2dee55c9f0ff461bdc1",
"rev": "aa9d4729cbc99dabacb50e3994dcefb3ea0f7447",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-24.05",
"ref": "nixpkgs-unstable",
"type": "indirect"
}
},
"nixpkgs-fixed-steam": {
"locked": {
"lastModified": 1701016343,
"narHash": "sha256-UhFqv2bl/ZB4RwGxq1Qp6+91uZDwTEA80rxALTiJ3fg=",
"owner": "lelgenio",
"repo": "nixpkgs",
"rev": "ac4d51306af54a088e29e2e5efcfac5dfe87d95c",
"type": "github"
},
"original": {
"owner": "lelgenio",
"ref": "test-steam-fix",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1692638711,
"narHash": "sha256-J0LgSFgJVGCC1+j5R2QndadWI1oumusg6hCtYAzLID4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "91a22f76cd1716f9d0149e8a5c68424bb691de15",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1698318101,
"narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "63678e9f3d3afecfeafa0acead6239cdb447574c",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1705458851,
"narHash": "sha256-uQvEhiv33Zj/Pv364dTvnpPwFSptRZgVedDzoM+HqVg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8bf65f17d8070a0a490daf5f1c784b87ee73982c",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.11",
"type": "indirect"
}
},
@ -488,11 +772,11 @@
"ranger-icons": {
"flake": false,
"locked": {
"lastModified": 1713564482,
"narHash": "sha256-sijO9leDXgnjgcVlh5fKYalhjOupwFMRyH0xh2g/rEQ=",
"lastModified": 1691165140,
"narHash": "sha256-6JEhyU08QEkGdRW2L00ynRaoaaR5PaiVUccEUbtTQuU=",
"owner": "alexanderjeurissen",
"repo": "ranger_devicons",
"rev": "a8d626485ca83719e1d8d5e32289cd96a097c861",
"rev": "de64ab26fb581c00a803381d522c6b3e48b79415",
"type": "github"
},
"original": {
@ -506,16 +790,20 @@
"agenix": "agenix",
"demoji": "demoji",
"dhist": "dhist",
"disko": "disko",
"dzgui-nix": "dzgui-nix",
"home-manager": "home-manager",
"home-manager": "home-manager_2",
"hyprland": "hyprland",
"lipsum": "lipsum",
"maildir-notify-daemon": "maildir-notify-daemon",
"material-wifi-icons": "material-wifi-icons",
"nix-index-database": "nix-index-database",
"nixos-mailserver": "nixos-mailserver",
"nixpkgs": "nixpkgs",
"nix-software-center": "nix-software-center",
"nixos-conf-editor": "nixos-conf-editor",
"nixpkgs": "nixpkgs_4",
"nixpkgs-fixed-steam": "nixpkgs-fixed-steam",
"plymouth-themes": "plymouth-themes",
"ranger-icons": "ranger-icons",
"tlauncher": "tlauncher",
"warthunder-leak-counter": "warthunder-leak-counter",
"wl-crosshair": "wl-crosshair"
}
},
@ -563,6 +851,56 @@
"type": "github"
}
},
"rust-overlay_2": {
"inputs": {
"flake-utils": [
"maildir-notify-daemon",
"crane",
"flake-utils"
],
"nixpkgs": [
"maildir-notify-daemon",
"crane",
"nixpkgs"
]
},
"locked": {
"lastModified": 1683080331,
"narHash": "sha256-nGDvJ1DAxZIwdn6ww8IFwzoHb2rqBP4wv/65Wt5vflk=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "d59c3fa0cba8336e115b376c2d9e91053aa59e56",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"snowfall-lib": {
"inputs": {
"flake-compat": "flake-compat_4",
"flake-utils-plus": "flake-utils-plus",
"nixpkgs": [
"nixos-conf-editor",
"nixpkgs"
]
},
"locked": {
"lastModified": 1696432959,
"narHash": "sha256-oJQZv2MYyJaVyVJY5IeevzqpGvMGKu5pZcCCJvb+xjc=",
"owner": "snowfallorg",
"repo": "lib",
"rev": "92803a029b5314d4436a8d9311d8707b71d9f0b6",
"type": "github"
},
"original": {
"owner": "snowfallorg",
"repo": "lib",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@ -578,6 +916,21 @@
"type": "github"
}
},
"systems_10": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
@ -610,16 +963,16 @@
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"repo": "default-linux",
"type": "github"
}
},
@ -668,9 +1021,39 @@
"type": "github"
}
},
"systems_8": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_9": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tlauncher": {
"inputs": {
"flake-utils": "flake-utils_4",
"flake-utils": "flake-utils_7",
"nixpkgs": [
"nixpkgs"
]
@ -678,27 +1061,27 @@
"locked": {
"lastModified": 1684504342,
"narHash": "sha256-rJ0eH7BuPizvXPc+LjVtovse4gWEuxP2WiyNdXjPNL4=",
"ref": "refs/heads/main",
"owner": "lelgenio",
"repo": "tlauncher-nix",
"rev": "add4df7220bd0b85177a1938c02b60c966c5eb71",
"revCount": 3,
"type": "git",
"url": "https://git.lelgenio.xyz/lelgenio/tlauncher-nix"
"type": "github"
},
"original": {
"type": "git",
"url": "https://git.lelgenio.xyz/lelgenio/tlauncher-nix"
"owner": "lelgenio",
"repo": "tlauncher-nix",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_4"
"systems": "systems_7"
},
"locked": {
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"lastModified": 1689068808,
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
"type": "github"
},
"original": {
@ -707,41 +1090,19 @@
"type": "github"
}
},
"warthunder-leak-counter": {
"inputs": {
"crane": "crane_2",
"flake-utils": "flake-utils_5",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1719076817,
"narHash": "sha256-B6NTomYXL50j6fabZrAGvTPp3zv5oFxNUhwvLhDNoMw=",
"ref": "refs/heads/main",
"rev": "406d6646970191c016a375f25a35aa00dfa0d4aa",
"revCount": 4,
"type": "git",
"url": "https://git.lelgenio.com/lelgenio/warthunder-leak-counter"
},
"original": {
"type": "git",
"url": "https://git.lelgenio.com/lelgenio/warthunder-leak-counter"
}
},
"wl-crosshair": {
"inputs": {
"flake-utils": "flake-utils_6",
"flake-utils": "flake-utils_8",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1715216838,
"narHash": "sha256-q5key9BWJjJQqECrhflso9ZTzULBeScvromo0S4fjqE=",
"lastModified": 1685576039,
"narHash": "sha256-WMkWurJsZZG7YkWzW/k2SNquYLsAZjzFs7CFswSjDew=",
"owner": "lelgenio",
"repo": "wl-crosshair",
"rev": "39b716cf410a1b45006f50f32f8d63de5c43aedb",
"rev": "57d0908e10d9f58fc37fe866404cc8b66be1f0d9",
"type": "github"
},
"original": {
@ -749,6 +1110,55 @@
"repo": "wl-crosshair",
"type": "github"
}
},
"wlroots": {
"flake": false,
"locked": {
"host": "gitlab.freedesktop.org",
"lastModified": 1703963193,
"narHash": "sha256-ke8drv6PTrdQDruWbajrRJffP9A9PU6FRyjJGNZRTs4=",
"owner": "wlroots",
"repo": "wlroots",
"rev": "f81c3d93cd6f61b20ae784297679283438def8df",
"type": "gitlab"
},
"original": {
"host": "gitlab.freedesktop.org",
"owner": "wlroots",
"repo": "wlroots",
"rev": "f81c3d93cd6f61b20ae784297679283438def8df",
"type": "gitlab"
}
},
"xdph": {
"inputs": {
"hyprland-protocols": [
"hyprland",
"hyprland-protocols"
],
"hyprlang": "hyprlang",
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1704659450,
"narHash": "sha256-3lyoUVtUWz1LuxbltAtkJSK2IlVXmKhxCRU2/0PYCms=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "6a5de92769d5b7038134044053f90e7458f6a197",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"type": "github"
}
}
},
"root": "root",

102
flake.nix
View file

@ -1,8 +1,8 @@
{
description = "My system config";
inputs = {
nixpkgs.url = "nixpkgs/nixos-24.05";
home-manager.url = "github:nix-community/home-manager/release-24.05";
nixpkgs.url = "nixpkgs/nixos-23.11";
home-manager.url = "github:nix-community/home-manager/release-23.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
nix-index-database = {
@ -10,37 +10,37 @@
inputs.nixpkgs.follows = "nixpkgs";
};
hyprland = {
url = "github:hyprwm/Hyprland";
inputs.nixpkgs.follows = "nixpkgs";
};
ranger-icons.url = "github:alexanderjeurissen/ranger_devicons";
ranger-icons.flake = false;
material-wifi-icons.url = "github:dcousens/material-wifi-icons";
material-wifi-icons.flake = false;
plymouth-themes.url = "github:adi1090x/plymouth-themes";
plymouth-themes.flake = false;
lipsum.url = "github:hannenz/lipsum";
lipsum.flake = false;
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05";
inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs-24_05.follows = "nixpkgs";
};
dzgui-nix = {
url = "github:lelgenio/dzgui-nix/dzgui-4.1.0";
inputs.nixpkgs.follows = "nixpkgs";
url = "github:lelgenio/dzgui-nix";
};
tlauncher = {
url = "git+https://git.lelgenio.xyz/lelgenio/tlauncher-nix";
url = "github:lelgenio/tlauncher-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
# my stuff
dhist = {
url = "github:lelgenio/dhist";
@ -50,50 +50,59 @@
url = "github:lelgenio/demoji";
inputs.nixpkgs.follows = "nixpkgs";
};
maildir-notify-daemon = {
url = "github:lelgenio/maildir-notify-daemon";
inputs.nixpkgs.follows = "nixpkgs";
};
wl-crosshair = {
url = "github:lelgenio/wl-crosshair";
inputs.nixpkgs.follows = "nixpkgs";
};
warthunder-leak-counter = {
url = "git+https://git.lelgenio.com/lelgenio/warthunder-leak-counter";
inputs.nixpkgs.follows = "nixpkgs";
nixpkgs-fixed-steam.url = "github:lelgenio/nixpkgs/test-steam-fix";
# gnome stuff
nixos-conf-editor.url = "github:vlinkz/nixos-conf-editor";
nix-software-center.url = "github:vlinkz/nix-software-center";
};
};
outputs =
inputs:
outputs = inputs:
let
nixpkgsConfig = {
inherit system;
config = {
allowUnfree = true;
};
config = { allowUnfree = true; };
overlays = old_overlays.all;
};
bootstrapPkgs = import inputs.nixpkgs nixpkgsConfig;
nixpkgs = bootstrapPkgs.applyPatches {
name = "patched-nixpkgs";
src = inputs.nixpkgs;
patches = lib.mapAttrsToList (k: v: ./patches/nixpkgs/${k})
(builtins.readDir ./patches/nixpkgs);
};
inherit (import ./user/variables.nix) desktop;
system = "x86_64-linux";
pkgs = import inputs.nixpkgs nixpkgsConfig;
pkgs = import nixpkgs nixpkgsConfig;
lib = inputs.nixpkgs.lib;
packages = import ./pkgs { inherit pkgs inputs; };
old_overlays = (import ./overlays { inherit packages inputs; });
specialArgs = {
inherit inputs;
};
common_modules =
[
specialArgs = { inherit inputs; };
common_modules = [
{ nixpkgs.pkgs = pkgs; }
./system/configuration.nix
./system/secrets.nix
./system/specialisation.nix
./system/greetd.nix
{ login-manager.greetd.enable = desktop == "sway"; }
{ login-manager.greetd.enable = desktop == "sway" || desktop == "hyprland"; }
inputs.agenix.nixosModules.default
# inputs.hyprland.nixosModules.default
inputs.dzgui-nix.nixosModules.default
{ programs.hyprland.enable = (desktop == "hyprland"); }
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
@ -101,29 +110,23 @@
home-manager.backupFileExtension = "bkp";
# Optionally, use home-manager.extraSpecialArgs to pass
# arguments to home.nix
home-manager.extraSpecialArgs = {
inherit inputs;
};
home-manager.extraSpecialArgs = { inherit inputs; };
}
]
++ lib.optional (desktop == "gnome") ./system/gnome.nix
++ lib.optional (desktop == "kde") ./system/kde.nix;
in
{
checks."${system}" = {
disko-format-i15 = pkgs.callPackage ./hosts/i15/partitions-test.nix { };
};
nixosConfigurations = {
i15 = lib.nixosSystem {
inherit system specialArgs;
modules = [ ./hosts/i15 ] ++ common_modules;
modules = [ ./hosts/i15.nix ] ++ common_modules;
};
monolith = lib.nixosSystem {
inherit system specialArgs;
modules = [
./hosts/monolith
./hosts/monolith.nix
./system/monolith-gitlab-runner.nix
./system/monolith-forgejo-runner.nix
./system/nix-serve.nix
./system/steam.nix
] ++ common_modules;
@ -131,7 +134,7 @@
rainbow = lib.nixosSystem {
inherit system specialArgs;
modules = [
./hosts/rainbow
./hosts/rainbow.nix
./system/rainbow-gitlab-runner.nix
] ++ common_modules;
};
@ -144,20 +147,15 @@
};
pixie = lib.nixosSystem {
inherit system specialArgs;
modules =
[ ./hosts/pixie.nix ]
++ common_modules
++ [
{
modules = [ ./hosts/pixie.nix ] ++ common_modules ++ [{
packages.media-packages.enable = lib.mkOverride 0 false;
programs.steam.enable = lib.mkOverride 0 false;
services.flatpak.enable = lib.mkOverride 0 false;
}
];
}];
};
phantom = lib.nixosSystem {
ghost = lib.nixosSystem {
inherit system specialArgs;
modules = [ ./hosts/phantom ];
modules = [ ./hosts/ghost ];
};
};
@ -174,6 +172,6 @@
packages.${system} = pkgs // packages;
formatter.${system} = pkgs.nixfmt-rfc-style;
formatter.${system} = pkgs.nixpkgs-fmt;
};
}

41
hosts/double-rainbow.nix
View file

@ -1,32 +1,13 @@
{
config,
lib,
pkgs,
modulesPath,
...
}:
{ config, lib, pkgs, modulesPath, ... }:
let
btrfs_options = [
"compress=zstd:3"
"noatime"
"x-systemd.device-timeout=0"
];
btrfs_ssd = [
"ssd"
"discard=async"
];
btrfs_options = [ "compress=zstd:3" "noatime" "x-systemd.device-timeout=0" ];
btrfs_ssd = [ "ssd" "discard=async" ];
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "i915" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
@ -37,7 +18,8 @@ in
options = [ "subvol=@" ] ++ btrfs_options ++ btrfs_ssd;
};
boot.initrd.luks.devices."luks-d6573cf8-25f0-4ffc-8046-ac3a4db1e964".device = "/dev/disk/by-uuid/d6573cf8-25f0-4ffc-8046-ac3a4db1e964";
boot.initrd.luks.devices."luks-d6573cf8-25f0-4ffc-8046-ac3a4db1e964".device =
"/dev/disk/by-uuid/d6573cf8-25f0-4ffc-8046-ac3a4db1e964";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/97EB-7DB5";
@ -46,12 +28,6 @@ in
swapDevices = [ ];
services.udev.extraRules = ''
# Force all disks to use mq-deadline scheduler
# For some reason "noop" is used by default which is kinda bad when io is saturated
ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ATTR{../queue/scheduler}="mq-deadline"
'';
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
@ -61,7 +37,8 @@ in
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "double-rainbow"; # Define your hostname.
}

33
hosts/ghost/default.nix Normal file
View file

@ -0,0 +1,33 @@
{ config, pkgs, inputs, ... }: {
imports = [
"${inputs.nixpkgs}/nixos/modules/virtualisation/digital-ocean-image.nix"
inputs.agenix.nixosModules.default
../../system/nix.nix
./hardware-config.nix
./mastodon.nix
./nextcloud.nix
./nginx.nix
./syncthing.nix
./users.nix
./writefreely.nix
./renawiki.nix
];
# Use more aggressive compression then the default.
virtualisation.digitalOceanImage.compressionMethod = "bzip2";
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "America/Sao_Paulo";
# Select internationalisation properties.
i18n.defaultLocale = "pt_BR.utf8";
boot.kernel.sysctl."fs.inotify.max_user_watches" = 1048576;
age = {
identityPaths = [ "/root/.ssh/id_rsa" ];
};
system.stateVersion = "23.05"; # Never change this
}

13
hosts/ghost/hardware-config.nix Normal file
View file

@ -0,0 +1,13 @@
{ config, pkgs, inputs, ... }: {
swapDevices = [{
device = "/swap/swapfile";
size = (1024 * 2); # 2 GB
}];
fileSystems."/var" = {
device = "/dev/disk/by-uuid/b19e7272-8fd1-4999-93eb-abc6d5c0a1cc";
fsType = "btrfs";
options = [ "subvol=@var" ];
};
}

16
hosts/ghost/mastodon.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, pkgs, inputs, ... }: {
services.mastodon = {
enable = true;
localDomain = "social.lelgenio.xyz";
configureNginx = true;
smtp.fromAddress = "lelgenio@disroot.org";
extraConfig.SINGLE_USER_MODE = "true";
streamingProcesses = 2;
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
};
}

22
hosts/ghost/nextcloud.nix Normal file
View file

@ -0,0 +1,22 @@
{ config, pkgs, inputs, ... }: {
services.nextcloud = {
enable = true;
package = pkgs.nextcloud27;
hostName = "cloud.lelgenio.xyz";
https = true;
config = {
adminpassFile = config.age.secrets.ghost-nextcloud.path;
};
};
age = {
secrets.ghost-nextcloud = {
file = ../../secrets/ghost-nextcloud.age;
mode = "400";
owner = "nextcloud";
group = "nextcloud";
};
};
}

15
hosts/ghost/nginx.nix Normal file
View file

@ -0,0 +1,15 @@
{ config, pkgs, inputs, ... }: {
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
security.acme = {
acceptTerms = true;
defaults.email = "lelgenio@disroot.org";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}

23
hosts/ghost/renawiki.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, pkgs, inputs, ... }: {
services.mediawiki = {
enable = true;
name = "Rena Wiki";
webserver = "nginx";
nginx.hostName = "renawiki.lelgenio.xyz";
passwordFile = config.age.secrets.ghost-renawiki.path;
extensions.VisualEditor = null;
};
services.nginx.virtualHosts."renawiki.lelgenio.xyz" = {
enableACME = true;
forceSSL = true;
};
age.secrets.ghost-renawiki = {
file = ../../secrets/ghost-renawiki.age;
mode = "400";
owner = "mediawiki";
};
}

17
hosts/phantom/syncthing.nix → hosts/ghost/syncthing.nix
View file

@ -1,10 +1,4 @@
{
config,
pkgs,
inputs,
...
}:
{
{ config, pkgs, inputs, ... }: {
services.syncthing = {
enable = true;
@ -13,17 +7,18 @@
openDefaultPorts = true;
};
services.nginx.virtualHosts."syncthing.lelgenio.com" = {
services.nginx.virtualHosts."syncthing.lelgenio.xyz" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8384";
extraConfig =
# required when the target is also TLS server with multiple hosts
"proxy_ssl_server_name on;"
+
"proxy_ssl_server_name on;" +
# required when the server wants to use HTTP Authentication
"proxy_pass_header Authorization;";
"proxy_pass_header Authorization;"
;
};
};
}

23
hosts/phantom/users.nix → hosts/ghost/users.nix
View file

@ -1,12 +1,8 @@
{ pkgs, ... }:
{
{ pkgs, ... }: {
security.rtkit.enable = true;
services.openssh = {
enable = true;
ports = [
9022
22
];
ports = [ 9022 ];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
@ -19,15 +15,7 @@
isNormalUser = true;
description = "Leonardo Eugênio";
hashedPassword = "$y$j9T$0e/rczjOVCy7PuwC3pG0V/$gTHZhfO4wQSlFvbDyfghbCnGI2uDI0a52zSrQ/yOA5A";
extraGroups = [
"networkmanager"
"wheel"
"docker"
"adbusers"
"bluetooth"
"corectrl"
"vboxusers"
];
extraGroups = [ "networkmanager" "wheel" "docker" "adbusers" "bluetooth" "corectrl" "vboxusers" ];
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCxR/w+38b2lX90yNBqhq3mUmkn1WGu6GAPhN1tVp2ZjYRJNV/+5gWCnTtOWYtDx35HmK/spQ2Qy8X9ttkzORa24fysNx1Iqn/TiXhD7eIJjbGPnrOpIKTkW5/uB3SD/P5NBSa06//BaqJU4sBlG79hoXRpod052hQtdpTVDiMCIV+iboWPKqopmJJfWdBtVnHXs9rep0htPRExxGslImFk7Z6xjcaHyCpIQZPlOGf+sGsmUU7jRqzvZFV8ucIdbnAlMHrU4pepNFhuraESyZVTa/bi9sw0iozXp5Q5+5thMebEslmT1Z771kI4sieDy+O4r8c0Sx2/VY1UAzcpq1faggc3YB01MTh+tiEC6xdMvZLrQGL1NBWjHleMyL53GU5ERluC0vXJF3Hv3BGGBDfXWbrEm5n06DHr2apRVJGC0LwiQ7Woud1X4V4X1pKSusxCVMjT2lmcOwV6YhKhB2sowJc1OdMx4+tL0UWE+YKSZgBHfolwk6ml0F4EO9nnUHc= lelgenio@i15"
@ -40,10 +28,11 @@
];
initialHashedPassword = "$y$j9T$E3aBBSSq0Gma8hZD9L7ov0$iCGDW4fqrXWfHO0qodBYYgMFA9CpIraoklHcPbJJrM3";
};
security.sudo.wheelNeedsPassword = false;
programs.fish.enable = true;
environment.systemPackages = with pkgs; [ git ];
environment.systemPackages = with pkgs; [
git
];
}

17
hosts/phantom/writefreely.nix → hosts/ghost/writefreely.nix
View file

@ -1,18 +1,12 @@
{
config,
pkgs,
inputs,
...
}:
{
{ config, pkgs, inputs, ... }: {
services.writefreely = {
enable = true;
acme.enable = true;
nginx.enable = true;
nginx.forceSSL = true;
host = "blog.lelgenio.com";
host = "blog.lelgenio.xyz";
admin.name = "lelgenio";
admin.initialPasswordFile = config.age.secrets.phantom-writefreely.path;
admin.initialPasswordFile = config.age.secrets.ghost-writefreely.path;
settings.app = {
site_name = "Leo's blog";
single_user = true;
@ -20,11 +14,12 @@
};
age = {
secrets.phantom-writefreely = {
file = ../../secrets/phantom-writefreely.age;
secrets.ghost-writefreely = {
file = ../../secrets/ghost-writefreely.age;
mode = "400";
owner = "writefreely";
group = "writefreely";
};
};
}

32
hosts/i15.nix
View file

@ -1,30 +1,15 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{ config, lib, pkgs, modulesPath, ... }:
let
btrfs_options = [
"compress=zstd:3"
"noatime"
"x-systemd.device-timeout=0"
];
btrfs_options = [ "compress=zstd:3" "noatime" "x-systemd.device-timeout=0" ];
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"usb_storage"
"sd_mod"
"rtsx_usb_sdmmc"
];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
@ -60,12 +45,10 @@ in
options = [ "subvol=@swap" ] ++ btrfs_options;
};
swapDevices = [
{
swapDevices = [{
device = "/swap/swapfile";
size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB
}
];
}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -76,6 +59,7 @@ in
# networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "i15"; # Define your hostname.
}

38
hosts/i15/default.nix
View file

@ -1,38 +0,0 @@
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
networking.hostName = "i15"; # Define your hostname.
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"usb_storage"
"sd_mod"
"rtsx_usb_sdmmc"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
disko.devices = (import ./partitions.nix { disks = [ "/dev/sda" ]; });
boot.loader.efi.efiSysMountPoint = "/boot/efi";
swapDevices = [
{
device = "/swap/swapfile";
size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB
}
];
networking.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

19
hosts/i15/partitions-test.nix
View file

@ -1,19 +0,0 @@
{
config,
lib,
pkgs,
...
}:
pkgs.makeDiskoTest {
name = "test-disko-i15";
disko-config = ./partitions.nix;
enableOCR = true;
bootCommands = ''
machine.wait_for_text("[Pp]assphrase for")
machine.send_chars("secretsecret\n")
'';
extraTestScript = ''
machine.succeed("cryptsetup isLuks /dev/vda2");
machine.succeed("mountpoint /home");
'';
}

73
hosts/i15/partitions.nix
View file

@ -1,73 +0,0 @@
{
disks ? [ "/dev/sda" ],
...
}:
let
btrfs_options = [
"compress=zstd:3"
"noatime"
];
in
{
disk.sda = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "table";
format = "gpt";
partitions = [
{
type = "partition";
name = "NIX_BOOT";
start = "1MiB";
end = "300MiB";
bootable = true;
content = {
type = "filesystem";
extraArgs = [
"-n"
"BOOT_I15"
];
format = "vfat";
mountpoint = "/boot";
# options = [ "defaults" ];
};
}
{
type = "partition";
name = "CRYPT_I15";
start = "300MiB";
end = "100%";
content = {
type = "luks";
name = "main";
keyFile = "/tmp/secret.key";
content = {
type = "btrfs";
extraArgs = [
"--label"
"ROOT_I15"
];
subvolumes =
let
mountOptions = btrfs_options;
in
{
"/home" = {
inherit mountOptions;
};
"/nixos" = {
inherit mountOptions;
mountpoint = "/";
};
"/swap" = {
inherit mountOptions;
};
};
};
};
}
];
};
};
}

131
hosts/monolith.nix Normal file
View file

@ -0,0 +1,131 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
let
btrfs_options = [ "compress=zstd:3" "noatime" "x-systemd.device-timeout=0" ];
btrfs_ssd = [ "ssd" "discard=async" ];
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.extraModulePackages = with config.boot.kernelPackages; [
zenpower
];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [
"kvm-amd"
"amdgpu"
"zenpower"
];
boot.kernelParams = [
"video=DP-1:1920x1080@144"
# hibernation
"resume=LABEL=BTRFS_ROOT" # findmnt -o LABEL --noheadings /swap/
"resume_offset=36709632" # btrfs inspect-internal map-swapfile -r /swap/swapfile
];
systemd.sleep.extraConfig = ''
HibernateDelaySec=30s
SuspendState=mem
'';
hardware.opengl.driSupport = true;
# # For 32 bit applications
hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = with pkgs; [
libva
libvdpau
vaapiVdpau
];
programs.corectrl.enable = true;
virtualisation.virtualbox.host.enable = true;
fileSystems."/" = {
device = "/dev/disk/by-label/BTRFS_ROOT";
fsType = "btrfs";
options = [ "subvol=nixos" ] ++ btrfs_options ++ btrfs_ssd;
};
# boot.initrd.luks.reusePassphrases = true;
boot.initrd.luks.devices = {
"main" = {
bypassWorkqueues = true;
device = "/dev/disk/by-label/CRYPT_ROOT";
};
"data" = {
bypassWorkqueues = true;
device = "/dev/disk/by-label/CRYPT_DATA";
};
"bigboy" = {
bypassWorkqueues = true;
device = "/dev/disk/by-label/CRYPT_BIGBOY";
};
};
boot.loader.efi.efiSysMountPoint = "/boot/efi";
fileSystems."/boot/efi" = {
device = "/dev/disk/by-label/NIXBOOT";
fsType = "vfat";
};
fileSystems."/home" = {
device = "/dev/disk/by-label/BTRFS_ROOT";
fsType = "btrfs";
options = [ "subvol=home" ] ++ btrfs_options ++ btrfs_ssd;
};
fileSystems."/home/lelgenio/Games" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
options = [ "subvol=@games" "nofail" ] ++ btrfs_options;
};
fileSystems."/home/lelgenio/Downloads/Torrents" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
options = [ "subvol=@torrents" "nofail" ] ++ btrfs_options;
};
fileSystems."/home/lelgenio/Música" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
options = [ "subvol=@music" "nofail" ] ++ btrfs_options;
};
fileSystems."/home/lelgenio/.local/mount/data" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
options = [ "subvol=@data" "nofail" ] ++ btrfs_options;
};
fileSystems."/home/lelgenio/.local/mount/bigboy" = {
device = "/dev/disk/by-label/BTRFS_BIGBOY";
fsType = "btrfs";
options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd;
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = "ondemand";
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "monolith"; # Define your hostname.
# Fix broken suspend with Logitech USB dongle
# `lsusb | grep Logitech` will return "vendor:product"
services.udev.extraRules = ''
ACTION=="add" SUBSYSTEM=="usb" ATTR{idVendor}=="046d" ATTR{idProduct}=="c547" ATTR{power/wakeup}="disabled"
'';
# swap
fileSystems."/swap" = {
device = "/dev/disk/by-label/BTRFS_ROOT";
fsType = "btrfs";
# Note these options effect the entire BTRFS filesystem and not just this volume,
# with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts
options = [ "subvol=swap" ] ++ btrfs_options ++ btrfs_ssd;
};
swapDevices = [{
device = "/swap/swapfile";
size = (1024 * 16) + (1024 * 2); # RAM size + 2 GB
}];
}

176
hosts/monolith/default.nix
View file

@ -1,176 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
let
btrfs_options = [
"compress=zstd:3"
"noatime"
"x-systemd.device-timeout=0"
];
btrfs_ssd = [
"ssd"
"discard=async"
];
in
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
./partition.nix
./undervolt.nix
];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
hardware.opentabletdriver.enable = true;
boot.extraModulePackages = with config.boot.kernelPackages; [ zenpower ];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [
"kvm-amd"
"amdgpu"
"zenpower"
];
boot.kernelParams = [
"amdgpu.dcdebugmask=0x10" # amdgpu undervolting bug
"video=DP-1:1920x1080@144"
];
systemd.sleep.extraConfig = ''
HibernateDelaySec=30s
SuspendState=mem
'';
hardware.opengl.driSupport = true;
# # For 32 bit applications
hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = with pkgs; [
libva
libvdpau
vaapiVdpau
rocm-opencl-icd
rocm-opencl-runtime
rocmPackages.rocm-smi
];
fileSystems."/mnt/old" = {
device = "/dev/disk/by-label/BTRFS_ROOT";
fsType = "btrfs";
options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd;
};
# boot.initrd.luks.reusePassphrases = true;
boot.initrd.luks.devices = {
"old" = {
bypassWorkqueues = true;
device = "/dev/disk/by-label/CRYPT_ROOT";
};
"data" = {
bypassWorkqueues = true;
device = "/dev/disk/by-label/CRYPT_DATA";
};
# "bigboy" = {
# bypassWorkqueues = true;
# device = "/dev/disk/by-label/CRYPT_BIGBOY";
# };
};
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# fileSystems."/boot/efi" = {
# device = "/dev/disk/by-label/NIXBOOT";
# fsType = "vfat";
# };
# fileSystems."/home" = {
# device = "/dev/disk/by-label/BTRFS_ROOT";
# fsType = "btrfs";
# options = [ "subvol=home" ] ++ btrfs_options ++ btrfs_ssd;
# };
fileSystems."/home/lelgenio/Games" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
options = [
"subvol=@games"
"nofail"
] ++ btrfs_options;
};
fileSystems."/home/lelgenio/Downloads/Torrents" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
options = [
"subvol=@torrents"
"nofail"
] ++ btrfs_options;
};
fileSystems."/home/lelgenio/Música" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
options = [
"subvol=@music"
"nofail"
] ++ btrfs_options;
};
fileSystems."/home/lelgenio/.local/mount/data" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
options = [
"subvol=@data"
"nofail"
] ++ btrfs_options;
};
fileSystems."/home/lelgenio/.local/mount/old" = {
device = "/dev/disk/by-label/BTRFS_ROOT";
fsType = "btrfs";
options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd;
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = "ondemand";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "monolith"; # Define your hostname.
virtualisation.virtualbox.host.enable = true;
services.udev.extraRules = ''
# Fix broken suspend with Logitech USB dongle
# `lsusb | grep Logitech` will return "vendor:product"
ACTION=="add" SUBSYSTEM=="usb" ATTR{idVendor}=="046d" ATTR{idProduct}=="c547" ATTR{power/wakeup}="disabled"
# Force all disks to use mq-deadline scheduler
# For some reason "noop" is used by default which is kinda bad when io is saturated
ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ATTR{../queue/scheduler}="mq-deadline"
'';
boot.tmp = {
cleanOnBoot = true;
useTmpfs = true;
};
# swap
# fileSystems."/swap" = {
# device = "/dev/disk/by-label/BTRFS_ROOT";
# fsType = "btrfs";
# # Note these options effect the entire BTRFS filesystem and not just this volume,
# # with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts
# options = [ "subvol=swap" ] ++ btrfs_options ++ btrfs_ssd;
# };
# swapDevices = [
# {
# device = "/swap/swapfile";
# size = (1024 * 16) + (1024 * 2); # RAM size + 2 GB
# }
# ];
}

68
hosts/monolith/partition.nix
View file

@ -1,68 +0,0 @@
let
btrfs_options = [
"compress=zstd:3"
"noatime"
"x-systemd.device-timeout=0"
];
btrfs_ssd = btrfs_options ++ [
"ssd"
"discard=async"
];
in
{
disko.devices = {
disk = {
bigboy_disk = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "2G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "defaults" ];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "bigboy";
# disable settings.keyFile if you want to use interactive password entry
passwordFile = "/tmp/secret.key"; # Interactive
# settings = {
# allowDiscards = true;
# keyFile = "/tmp/secret.key";
# };
# additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/@nixos" = {
mountpoint = "/";
mountOptions = btrfs_ssd;
};
"/@home" = {
mountpoint = "/home";
mountOptions = btrfs_ssd;
};
"/@swap" = {
mountpoint = "/.swapvol";
swap.swapfile.size = "32G";
};
};
};
};
};
};
};
};
};
};
}

18
hosts/monolith/undervolt.nix
View file

@ -1,18 +0,0 @@
{ pkgs, ... }:
let
undervoltGpu = pkgs.writeShellScript "undervolt-gpu" ''
set -xe
cd $1
echo "manual" > power_dpm_force_performance_level
echo "1" > pp_power_profile_mode
test -e pp_od_clk_voltage
echo "vo -100" > pp_od_clk_voltage
echo "c" > pp_od_clk_voltage
'';
in
{
boot.kernelParams = [ "amdgpu.ppfeaturemask=0xfffd7fff" ];
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="hwmon", ATTR{name}=="amdgpu", ATTR{power1_cap}="186000000", RUN+="${undervoltGpu} %S%p/device"
'';
}

26
hosts/phantom/davi.nix
View file

@ -1,26 +0,0 @@
{ pkgs, ... }:
{
users.users.davikiwi = {
isNormalUser = true;
description = "Davi";
hashedPassword = "$y$j9T$0e/rczjOVCy7PuwC3pG0V/$gTHZhfO4wQSlFvbDyfghbCnGI2uDI0a52zSrQ/yOA5A";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGgZDBnj+gVMHqoNvjpx2T/HqnxUDbLPshu+t7301gXd Davi@DESKTOP-EVHFGJ9"
];
extraGroups = [ "docker" ];
packages = with pkgs; [
(pkgs.python3.withPackages (python-pkgs: [
python-pkgs.pip
python-pkgs.wheel
]))
];
};
services.nginx.virtualHosts."davikiwi.lelgenio.com" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:24618";
};
};
}

80
hosts/phantom/default.nix
View file

@ -1,80 +0,0 @@
{
config,
pkgs,
inputs,
...
}:
{
imports = [
./vpsadminos.nix
inputs.agenix.nixosModules.default
../../system/nix.nix
./hardware-config.nix
./mastodon.nix
./nextcloud.nix
./nginx.nix
./syncthing.nix
./users.nix
./writefreely.nix
./email.nix
./forgejo.nix
./warthunder-leak-counter.nix
./invidious.nix
./davi.nix
];
networking.hostName = "phantom";
services.nginx.virtualHosts."lelgenio.com" = {
enableACME = true;
forceSSL = true;
root = pkgs.runCommand "www-dir" { } ''
mkdir -p $out
cat > $out/index.html <<EOF
<!DOCTYPE html>
<html lang="en">
<body>
<h1>
Nothing to see here!
<h1>
</body>
</html>
EOF
'';
};
# # Enable networking
# networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "America/Sao_Paulo";
# Select internationalisation properties.
i18n.defaultLocale = "pt_BR.utf8";
boot.kernel.sysctl."fs.inotify.max_user_watches" = 1048576;
age = {
identityPaths = [ "/root/.ssh/id_rsa" ];
};
nix.settings = {
cores = 1;
max-jobs = 1;
};
system.autoUpgrade = {
enable = true;
dates = "04:40";
operation = "switch";
flags = [
"--update-input"
"nixpkgs"
"--no-write-lock-file"
"--print-build-logs"
];
flake = "git+https://git.lelgenio.com/lelgenio/nixos-config#phantom";
};
networking.firewall.allowedTCPPorts = [ 8745 ];
system.stateVersion = "23.05"; # Never change this
}

58
hosts/phantom/email.nix
View file

@ -1,58 +0,0 @@
{
pkgs,
inputs,
config,
...
}:
{
imports = [ inputs.nixos-mailserver.nixosModules.mailserver ];
mailserver = {
enable = true;
fqdn = "lelgenio.com";
domains = [
"lelgenio.xyz"
"git.lelgenio.xyz"
"lelgenio.com"
"git.lelgenio.com"
"social.lelgenio.com"
];
certificateScheme = "acme-nginx";
# Create passwords with
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
loginAccounts = {
"lelgenio@lelgenio.com" = {
hashedPassword = "$2y$05$z5s7QCXcs5uTFsfyYpwNJeWzb3RmzgWxNgcPCr0zjSytkLFF/qZmS";
aliases = [
"postmaster@lelgenio.com"
"lelgenio@lelgenio.xyz"
"lelgenio@lelgenio.xyz"
];
};
"noreply@git.lelgenio.com" = {
hashedPassword = "$2b$05$TmR1R7ZwXfec7yrOfeBL7u3ZtyXf0up5dEO6uMWSvb/O7LPEm.j0.";
};
"noreply@social.lelgenio.com" = {
hashedPassword = "$2b$05$DcA9xMdvHqqQMZw2.zybI.vfKsQAJtaQ/JB.t9AHu6psstWq97m2C";
};
};
};
# Prefer ipv4 and use main ipv6 to avoid reverse DNS issues
services.postfix.extraConfig = ''
smtp_address_preference = ipv4
'';
# Webmail
services.roundcube = {
enable = true;
package = pkgs.roundcube.withPlugins (p: [ p.carddav ]);
hostName = "mail.lelgenio.com";
extraConfig = ''
$config['smtp_host'] = "tls://${config.mailserver.fqdn}:587";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
$config['plugins'] = [ "carddav", "archive" ];
'';
};
}

50
hosts/phantom/forgejo.nix
View file

@ -1,50 +0,0 @@
{
lib,
pkgs,
config,
...
}:
let
cfg = config.services.forgejo;
srv = cfg.settings.server;
in
{
services.nginx = {
virtualHosts.${cfg.settings.server.DOMAIN} = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
};
};
services.forgejo = {
enable = true;
database.type = "postgres";
lfs.enable = true;
settings = {
service.DISABLE_REGISTRATION = true;
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "github";
};
server = {
DOMAIN = "git.lelgenio.com";
HTTP_PORT = 3000;
ROOT_URL = "https://${srv.DOMAIN}/";
};
mailer = {
ENABLED = true;
SMTP_ADDR = "lelgenio.com";
FROM = "noreply@git.lelgenio.com";
USER = "noreply@git.lelgenio.com";
};
};
mailerPasswordFile = config.age.secrets.phantom-forgejo-mailer-password.path;
};
age.secrets.phantom-forgejo-mailer-password = {
file = ../../secrets/phantom-forgejo-mailer-password.age;
mode = "400";
owner = "forgejo";
};
}

14
hosts/phantom/hardware-config.nix
View file

@ -1,14 +0,0 @@
{
config,
pkgs,
inputs,
...
}:
{
swapDevices = [
{
device = "/swap/swapfile";
size = (1024 * 2); # 2 GB
}
];
}

12
hosts/phantom/invidious.nix
View file

@ -1,12 +0,0 @@
{
services.invidious = {
enable = true;
domain = "invidious.lelgenio.com";
nginx.enable = true;
port = 10601;
settings.db = {
user = "invidious";
dbname = "invidious";
};
};
}

29
hosts/phantom/mastodon.nix
View file

@ -1,29 +0,0 @@
{
config,
pkgs,
inputs,
...
}:
{
services.mastodon = {
enable = true;
configureNginx = true;
localDomain = "social.lelgenio.com";
smtp = {
authenticate = true;
host = "lelgenio.com";
fromAddress = "noreply@social.lelgenio.com";
user = "noreply@social.lelgenio.com";
passwordFile = config.age.secrets.phantom-mastodon-mailer-password.path;
};
streamingProcesses = 2;
extraConfig.SINGLE_USER_MODE = "true";
mediaAutoRemove.olderThanDays = 5;
};
age.secrets.phantom-mastodon-mailer-password = {
file = ../../secrets/phantom-mastodon-mailer-password.age;
mode = "400";
owner = "mastodon";
};
}

31
hosts/phantom/nextcloud.nix
View file

@ -1,31 +0,0 @@
{
config,
pkgs,
inputs,
...
}:
{
services.nextcloud = {
enable = true;
package = pkgs.nextcloud29;
hostName = "cloud.lelgenio.com";
https = true;
config = {
adminpassFile = config.age.secrets.phantom-nextcloud.path;
};
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
};
age = {
secrets.phantom-nextcloud = {
file = ../../secrets/phantom-nextcloud.age;
mode = "400";
owner = "nextcloud";
group = "nextcloud";
};
};
}

47
hosts/phantom/nginx.nix
View file

@ -1,47 +0,0 @@
{
config,
pkgs,
lib,
...
}:
{
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
clientMaxBodySize = "512M";
};
# Redirect *lelgenio.xyz -> *lelgenio.com
services.nginx.virtualHosts =
lib.mapAttrs' (key: value: lib.nameValuePair "${key}lelgenio.xyz" value)
(
lib.genAttrs
[
""
"social."
"blog."
"cloud."
"mail."
"git."
"syncthing."
]
(name: {
enableACME = true;
forceSSL = true;
locations."/".return = "301 $scheme://${name}lelgenio.com$request_uri";
})
);
security.acme = {
acceptTerms = true;
defaults.email = "lelgenio@disroot.org";
};
networking.firewall.allowedTCPPorts = [
80
443
];
}

76
hosts/phantom/vpsadminos.nix
View file

@ -1,76 +0,0 @@
# This file provides compatibility for NixOS to run in a container on vpsAdminOS
# hosts.
#
# If you're experiencing issues, try updating this file to the latest version
# from vpsAdminOS repository:
#
# https://github.com/vpsfreecz/vpsadminos/blob/staging/os/lib/nixos-container/vpsadminos.nix
{
config,
pkgs,
lib,
...
}:
with lib;
let
nameservers = [
"1.1.1.1"
"2606:4700:4700::1111"
];
in
{
networking.nameservers = mkDefault nameservers;
services.resolved = mkDefault { fallbackDns = nameservers; };
networking.dhcpcd.extraConfig = "noipv4ll";
systemd.services.systemd-sysctl.enable = false;
systemd.services.systemd-oomd.enable = false;
systemd.sockets."systemd-journald-audit".enable = false;
systemd.mounts = [
{
where = "/sys/kernel/debug";
enable = false;
}
];
systemd.services.rpc-gssd.enable = false;
# Due to our restrictions in /sys, the default systemd-udev-trigger fails
# on accessing PCI devices, etc. Override it to match only network devices.
# In addition, boot.isContainer prevents systemd-udev-trigger.service from
# being enabled at all, so add it explicitly.
systemd.additionalUpstreamSystemUnits = [ "systemd-udev-trigger.service" ];
systemd.services.systemd-udev-trigger.serviceConfig.ExecStart = [
""
"-udevadm trigger --subsystem-match=net --action=add"
];
boot.isContainer = true;
boot.enableContainers = mkDefault true;
boot.loader.initScript.enable = true;
boot.specialFileSystems."/run/keys".fsType = mkForce "tmpfs";
boot.systemdExecutable = mkDefault "/run/current-system/systemd/lib/systemd/systemd systemd.unified_cgroup_hierarchy=0";
# Overrides for <nixpkgs/nixos/modules/virtualisation/container-config.nix>
documentation.enable = mkOverride 500 true;
documentation.nixos.enable = mkOverride 500 true;
networking.useHostResolvConf = mkOverride 500 false;
services.openssh.startWhenNeeded = mkOverride 500 false;
# Bring up the network, /ifcfg.{add,del} are supplied by the vpsAdminOS host
systemd.services.networking-setup = {
description = "Load network configuration provided by the vpsAdminOS host";
before = [ "network.target" ];
wantedBy = [ "network.target" ];
after = [ "network-pre.target" ];
path = [ pkgs.iproute2 ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${pkgs.bash}/bin/bash /ifcfg.add";
ExecStop = "${pkgs.bash}/bin/bash /ifcfg.del";
};
unitConfig.ConditionPathExists = "/ifcfg.add";
restartIfChanged = false;
};
}

19
hosts/phantom/warthunder-leak-counter.nix
View file

@ -1,19 +0,0 @@
{
inputs,
pkgs,
config,
...
}:
{
imports = [ inputs.warthunder-leak-counter.nixosModules.default ];
services.warthunder-leak-counter.enable = true;
services.nginx.virtualHosts."warthunder-leak-counter.lelgenio.com" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.warthunder-leak-counter.port}";
};
};
}

24
hosts/pixie/default.nix → hosts/pixie.nix
View file

@ -1,25 +1,13 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
@ -30,7 +18,8 @@
options = [ "subvol=nixos" ];
};
boot.initrd.luks.devices."pixie".device = "/dev/disk/by-uuid/f4ae5858-d2d6-4cd1-a054-bf5147a9a928";
boot.initrd.luks.devices."pixie".device =
"/dev/disk/by-uuid/f4ae5858-d2d6-4cd1-a054-bf5147a9a928";
fileSystems."/home" = {
device = "/dev/mapper/pixie";
@ -57,7 +46,8 @@
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
# networking.interfaces.veth74f3ffc.useDHCP = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "pixie"; # Define your hostname.
}

37
hosts/rainbow/default.nix → hosts/rainbow.nix
View file

@ -1,34 +1,16 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{ config, lib, pkgs, modulesPath, ... }:
let
btrfs_options = [
"compress=zstd:3"
"noatime"
"x-systemd.device-timeout=0"
];
btrfs_ssd = [
"ssd"
"discard=async"
];
btrfs_options = [ "compress=zstd:3" "noatime" "x-systemd.device-timeout=0" ];
btrfs_ssd = [ "ssd" "discard=async" ];
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "i915" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
@ -64,12 +46,10 @@ in
options = [ "subvol=@swap" ] ++ btrfs_ssd;
};
swapDevices = [
{
swapDevices = [{
device = "/swap/swapfile";
size = (1024 * 8);
}
];
}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -79,7 +59,8 @@ in
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "rainbow"; # Define your hostname.
}

63
install/i15.sh Normal file
View file

@ -0,0 +1,63 @@
#!/bin/sh
set -xe
settle() {
udevadm trigger --subsystem-match=block
udevadm settle
}
lsblk
echo 'Enter the name of the device to WIPE and install (something like "sda"):'
read DRIVE_ID
echo 'Enter a passphrase to encrypt the disk:'
read -s DRIVE_PASSPHRASE
echo "Creating partition table..."
parted -s "/dev/${DRIVE_ID}" -- mklabel gpt
echo "Creating EFI system partition..."
parted -s "/dev/${DRIVE_ID}" -- mkpart ESP 1MiB 1GiB
parted -s "/dev/${DRIVE_ID}" -- set 1 boot on
mkfs.fat -F32 "/dev/${DRIVE_ID}1" -n NIX_BOOT
echo "Creating encrypted root partition..."
parted -s "/dev/${DRIVE_ID}" -- mkpart luks 1GiB 100%
echo "$DRIVE_PASSPHRASE" | cryptsetup --batch-mode luksFormat --label CRYPT_ROOT "/dev/${DRIVE_ID}2"
settle
echo "$DRIVE_PASSPHRASE" | cryptsetup luksOpen /dev/disk/by-label/CRYPT_ROOT "crypt_root"
echo "Creating btrfs partition..."
mkfs.btrfs --quiet --label NIX_ROOT /dev/mapper/"crypt_root"
MNTPOINT=$(mktemp -d)
mount /dev/mapper/"crypt_root" "$MNTPOINT"
echo "Creating subvolumes..."
btrfs subvolume create "$MNTPOINT"/@nixos
btrfs subvolume create "$MNTPOINT"/@home
btrfs subvolume create "$MNTPOINT"/@swap
echo "Closing btrfs partition..."
umount -Rl "$MNTPOINT"
rm -rf "$MNTPOINT"
echo "Mounting root btrfs submodule to '$MNTPOINT' ..."
MNTPOINT=$(mktemp -d)
mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT" -o subvol=@nixos,noatime,compress=zstd
echo "Creating and mounting EFI system partition mountpoint..."
mkdir -p "$MNTPOINT/boot"
mount /dev/disk/by-label/NIX_BOOT "$MNTPOINT/boot"
echo "Creating home partition mountpoint..."
mkdir -p "$MNTPOINT/home"
mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/home" -o subvol=@home,noatime,compress=zstd
echo "Swapfile"
mkdir -p "$MNTPOINT/swap"
mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/swap" -o subvol=@swap,noatime
# echo "Installing system..."
nixos-generate-config --root "$MNTPOINT"
# nixos-install --root "$MNTPOINT"

98
overlays/default.nix
View file

@ -1,64 +1,64 @@
{ inputs, packages, ... }:
rec {
{ inputs, packages, ... }: rec {
all = [
scripts
sway
themes
new-packages
patches
variables
lib_extended
disko
];
scripts = (import ../scripts);
themes = (
final: prev: {
papirus_red = (final.papirus-icon-theme.override { color = "red"; });
orchis_theme_compact = (
final.orchis-theme.override {
border-radius = 0;
tweaks = [
"compact"
"solid"
];
}
);
nerdfonts_fira_hack = (
final.nerdfonts.override {
fonts = [
"FiraCode"
"Hack"
];
}
);
}
);
sway = (import ./sway.nix);
new-packages = (
final: prev:
packages
// {
themes = (final: prev: {
material-wifi-icons = final.stdenv.mkDerivation rec {
name = "material-wifi-icons";
src = inputs.material-wifi-icons;
installPhase = ''
install -D material-wifi.ttf $out/share/fonts/${name}
'';
};
papirus_red = (final.papirus-icon-theme.override { color = "red"; });
orchis_theme_compact = (final.orchis-theme.override {
border-radius = 0;
tweaks = [ "compact" "solid" ];
});
nerdfonts_fira_hack = (final.nerdfonts.override { fonts = [ "FiraCode" "Hack" ]; });
});
new-packages = (final: prev: packages // {
dhist = inputs.dhist.packages.${prev.system}.dhist;
demoji = inputs.demoji.packages.${prev.system}.default;
tlauncher = inputs.tlauncher.packages.${prev.system}.tlauncher;
maildir-notify-daemon = inputs.maildir-notify-daemon.packages.${prev.system}.default;
wl-crosshair = inputs.wl-crosshair.packages.${prev.system}.default;
}
);
patches = (
final: prev: {
mySway = prev.sway.override {
withBaseWrapper = true;
withGtkWrapper = true;
sway-unwrapped = prev.sway-unwrapped.overrideAttrs (old: {
patches = old.patches ++ [ ../patches/sway/fix-hide_cursor-clearing-focus.patch ];
webcord = (prev.webcord.overrideAttrs (old: {
patches = (old.patches or [ ]) ++ [ ../patches/webcord/fix-reading-config.patch ];
}));
});
};
}
);
lib_extended = (
final: prev: {
patches = (final: prev: {
bemenu = prev.bemenu.overrideAttrs (o: {
postPatch = ''
substituteInPlace lib/renderers/wayland/window.c \
--replace ZWLR_LAYER_SHELL_V1_LAYER_TOP ZWLR_LAYER_SHELL_V1_LAYER_OVERLAY
'';
});
sway-unwrapped = prev.sway-unwrapped.overrideAttrs (old: {
patches = old.patches
++ [ ../patches/sway/fix-hide_cursor-clearing-focus.patch ];
});
});
variables = (final: prev: {
uservars = import ../user/variables.nix;
});
lib_extended = (final: prev: {
lib = prev.lib // rec {
# Utility function
# Input: [{v1=1;} {v2=2;}]
@ -70,15 +70,5 @@ rec {
# Output: {v1=1;v2=2;}
forEachMerge = list: func: mergeAttrsSet (prev.lib.forEach list func);
};
}
);
disko = final: prev: {
makeDiskoTest =
let
makeTest = import (prev.path + "/nixos/tests/make-test-python.nix");
eval-config = import (prev.path + "/nixos/lib/eval-config.nix");
in
(prev.callPackage "${inputs.disko}/tests/lib.nix" { inherit makeTest eval-config; }).makeDiskoTest;
};
});
}

19
overlays/sway.nix Normal file
View file

@ -0,0 +1,19 @@
(pkgs: _: {
# bash script to let dbus know about important env variables and
# propogate them to relevent services run at the end of sway config
# see
# https://github.com/emersion/xdg-desktop-portal-wlr/wiki/"It-doesn't-work"-Troubleshooting-Checklist
# note: this is pretty much the same as /etc/sway/config.d/nixos.conf but also restarts
# some user services to make sure they have the correct environment variables
dbus-sway-environment = pkgs.writeTextFile {
name = "dbus-sway-environment";
destination = "/bin/dbus-sway-environment";
executable = true;
text = ''
systemctl --user import-environment
dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
# systemctl --user stop pipewire wireplumber xdg-desktop-portal xdg-desktop-portal-wlr
# systemctl --user start pipewire wireplumber xdg-desktop-portal xdg-desktop-portal-wlr
'';
};
})

27
patches/nixpkgs/fix-steam-generation-after-generation-switch.patch Normal file
View file

@ -0,0 +1,27 @@
From ac4d51306af54a088e29e2e5efcfac5dfe87d95c Mon Sep 17 00:00:00 2001
From: lelgenio <lelgenio@disroot.org>
Date: Fri, 4 Aug 2023 01:25:04 -0300
Subject: [PATCH] HACK: fix steam after generation switch
---
pkgs/build-support/build-fhsenv-bubblewrap/default.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/pkgs/build-support/build-fhsenv-bubblewrap/default.nix b/pkgs/build-support/build-fhsenv-bubblewrap/default.nix
index 3500e5e9216f..4d7ac0aa7618 100644
--- a/pkgs/build-support/build-fhsenv-bubblewrap/default.nix
+++ b/pkgs/build-support/build-fhsenv-bubblewrap/default.nix
@@ -152,6 +152,10 @@ let
fi
if [[ -L $i ]]; then
symlinks+=(--symlink "$(${coreutils}/bin/readlink "$i")" "$i")
+ elif [[ -f $i && -r $i ]]; then
+ SNAPSHOT=$(mktemp --dry-run)
+ cp "$i" "$SNAPSHOT"
+ ro_mounts+=(--ro-bind-try "$SNAPSHOT" "$i")
else
ro_mounts+=(--ro-bind-try "$i" "$i")
fi
--
2.42.0

10282
patches/qutebrowser/tree-style-tabs.patch Normal file
View file

File diff suppressed because it is too large Load diff

14
patches/webcord/fix-reading-config.patch Normal file
View file

@ -0,0 +1,14 @@
diff --git a/sources/code/main/modules/config.ts b/sources/code/main/modules/config.ts
index caf51df..41faabe 100644
--- a/sources/code/main/modules/config.ts
+++ b/sources/code/main/modules/config.ts
@@ -158,6 +158,9 @@ class Config<T> {
#read(): unknown {
const encodedData = readFileSync(this.#path+this.#pathExtension);
let decodedData = encodedData.toString();
+ if (decodedData === "")
+ return {};
+
if(this.#pathExtension === FileExt.Encrypted)
decodedData = safeStorage.decryptString(encodedData);
return JSON.parse(decodedData);

64
pkgs/blade-formatter/default.nix
View file

@ -1,64 +0,0 @@
{
lib,
mkYarnPackage,
fetchFromGitHub,
fetchYarnDeps,
testers,
writeText,
runCommand,
blade-formatter,
}:
mkYarnPackage rec {
pname = "blade-formatter";
version = "1.38.2";
src = fetchFromGitHub {
owner = "shufo";
repo = pname;
rev = "v${version}";
hash = "sha256-JvILLw7Yp4g/dSsYtZ2ylmlXfS9t+2KADlBrYOJWTpg=";
};
packageJSON = ./package.json;
offlineCache = fetchYarnDeps {
yarnLock = "${src}/yarn.lock";
hash = "sha256-UFDxw3fYMzSUhZw+TCEh/dN7OioKI75LzKSnEwGPKDA=";
};
postBuild = "yarn build";
passthru.tests = {
version = testers.testVersion {
package = blade-formatter;
command = "blade-formatter --version";
};
simple = testers.testEqualContents {
assertion = "blade-formatter formats a basic blade file";
expected = writeText "expected" ''
@if (true)
Hello world!
@endif
'';
actual =
runCommand "actual"
{
nativeBuildInputs = [ blade-formatter ];
base = writeText "base" ''
@if( true ) Hello world! @endif
'';
}
''
blade-formatter $base > $out
'';
};
};
meta = with lib; {
description = "Laravel Blade template formatter";
homepage = "https://github.com/shufo/blade-formatter";
license = licenses.mit;
maintainers = with maintainers; [ lelgenio ];
};
}

120
pkgs/blade-formatter/package.json
View file

@ -1,120 +0,0 @@
{
"name": "blade-formatter",
"engines": {
"node": ">= 14.0.0"
},
"keywords": [
"php",
"formatter",
"laravel"
],
"version": "1.38.2",
"description": "An opinionated blade template formatter for Laravel",
"main": "./dist/bundle.cjs",
"types": "./dist/types/main.d.ts",
"type": "module",
"exports": {
".": {
"import": "./dist/bundle.js",
"require": "./dist/bundle.cjs",
"default": "./dist/bundle.js"
},
"./*": "./*"
},
"scripts": {
"build": "cross-env NODE_ENV=production node esbuild.js && cross-env NODE_ENV=production ESM_BUILD=true node esbuild.js",
"prepublish": "tsc src/main.ts --declaration --emitDeclarationOnly --outDir ./dist/types || true",
"watch": "node esbuild.js",
"test": "yarn run build && node --experimental-vm-modules node_modules/.bin/jest",
"lint": "eslint src -c .eslintrc.json --ext ts",
"fix": "prettier {src,__tests__}/**/*.ts --write",
"check_formatted": "prettier **/*.ts -c",
"changelog": "conventional-changelog -p angular -i CHANGELOG.md -s -r 0",
"prepare": "husky install",
"bin": "cross-env ./bin/blade-formatter.cjs"
},
"bin": {
"blade-formatter": "bin/blade-formatter.cjs"
},
"author": "Shuhei Hayashibara",
"license": "MIT",
"dependencies": {
"@prettier/plugin-php": "^0.19.7",
"@shufo/tailwindcss-class-sorter": "3.0.1",
"aigle": "^1.14.1",
"ajv": "^8.9.0",
"chalk": "^4.1.0",
"concat-stream": "^2.0.0",
"detect-indent": "^6.0.0",
"find-config": "^1.0.0",
"glob": "^8.0.1",
"html-attribute-sorter": "^0.4.3",
"ignore": "^5.1.8",
"js-beautify": "^1.14.8",
"lodash": "^4.17.19",
"php-parser": "3.1.5",
"prettier": "^2.2.0",
"tailwindcss": "^3.1.8",
"vscode-oniguruma": "1.7.0",
"vscode-textmate": "^7.0.1",
"xregexp": "^5.0.1",
"yargs": "^17.3.1"
},
"devDependencies": {
"@babel/core": "^7.6.4",
"@babel/plugin-transform-modules-commonjs": "^7.16.5",
"@babel/preset-env": "^7.13.12",
"@babel/preset-typescript": "^7.16.5",
"@types/concat-stream": "^2.0.0",
"@types/find-config": "^1.0.1",
"@types/fs-extra": "^11.0.0",
"@types/glob": "^8.0.0",
"@types/jest": "^29.0.0",
"@types/js-beautify": "^1.13.3",
"@types/lodash": "^4.14.178",
"@types/mocha": "^10.0.0",
"@types/node": "^18.0.0",
"@types/xregexp": "^4.4.0",
"@typescript-eslint/eslint-plugin": "^5.8.1",
"@typescript-eslint/parser": "^5.8.1",
"app-root-path": "^3.0.0",
"babel-jest": "^29.0.0",
"codecov": "^3.8.3",
"cross-env": "^7.0.3",
"esbuild": "^0.19.0",
"esbuild-node-externals": "^1.4.1",
"eslint": "^8.5.0",
"eslint-config-airbnb-base": "^15.0.0",
"eslint-config-airbnb-typescript": "^17.0.0",
"eslint-config-prettier": "^9.0.0",
"eslint-import-resolver-typescript": "^3.0.0",
"eslint-plugin-import": "^2.25.3",
"eslint-plugin-jest": "^26.0.0",
"eslint-plugin-prettier": "^5.0.0",
"fs-extra": "^11.0.0",
"husky": "^8.0.0",
"jest": "^29.0.0",
"lint-staged": ">=10",
"source-map-loader": "^4.0.0",
"ts-jest": "^29.0.0",
"ts-loader": "^9.2.6",
"ts-migrate": "^0.1.27",
"ts-node": "^10.4.0",
"typescript": "^5.0.0"
},
"repository": {
"type": "git",
"url": "https://github.com/shufo/blade-formatter.git"
},
"files": [
"dist",
"src",
"bin",
"wasm",
"syntaxes",
"CHANGELOG.md"
],
"lint-staged": {
"*.ts": "yarn run fix"
}
}

21
pkgs/cargo-checkmate.nix
View file

@ -1,12 +1,11 @@
{
lib,
rustPlatform,
fetchFromGitHub,
pkg-config,
openssl,
zlib,
stdenv,
Security ? null,
{ lib
, rustPlatform
, fetchFromGitHub
, pkg-config
, openssl
, zlib
, stdenv
, Security ? null
}:
rustPlatform.buildRustPackage rec {
@ -23,7 +22,9 @@ rustPlatform.buildRustPackage rec {
cargoSha256 = "sha256-hOB84u55ishahIFSqBnqccqH3OlC9J8mCYzsd23jTyA=";
nativeBuildInputs = [ pkg-config ];
buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security ];
buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [
Security
];
meta = with lib; {
description = "Check all the things.";

9
pkgs/default.nix
View file

@ -1,13 +1,8 @@
# Custom packages, that can be defined similarly to ones from nixpkgs
# You can build them using 'nix build .#example' or (legacy) 'nix-build -A example'
{ pkgs, inputs }:
rec {
blade-formatter = pkgs.callPackage ./blade-formatter { };
{ pkgs, inputs }: {
cargo-checkmate = pkgs.callPackage ./cargo-checkmate.nix { };
lipsum = pkgs.callPackage ./lipsum.nix { };
lipsum = pkgs.callPackage ./lipsum.nix { inherit inputs; };
emmet-cli = pkgs.callPackage ./emmet-cli.nix { };
material-wifi-icons = pkgs.callPackage ./material-wifi-icons.nix { };
gnome-pass-search-provider = pkgs.callPackage ./gnome-pass-search-provider.nix { };
kak-tree-sitter = pkgs.callPackage ./kak-tree-sitter.nix { };
}

7
pkgs/emmet-cli.nix
View file

@ -1,7 +1,6 @@
{
lib,
buildNpmPackage,
fetchFromGitHub,
{ lib
, buildNpmPackage
, fetchFromGitHub
}:
buildNpmPackage rec {

64
pkgs/gnome-pass-search-provider.nix
View file

@ -1,64 +0,0 @@
{
stdenv,
fetchFromGitHub,
python3Packages,
wrapGAppsHook,
gtk3,
gobject-introspection,
gnome,
}:
let
inherit (python3Packages)
dbus-python
pygobject3
fuzzywuzzy
levenshtein
;
in
stdenv.mkDerivation rec {
pname = "gnome-pass-search-provider";
version = "1.4.0";
src = fetchFromGitHub {
owner = "jle64";
repo = "gnome-pass-search-provider";
rev = version;
hash = "sha256-PDR8fbDoT8IkHiTopQp0zd4DQg7JlacA6NdKYKYmrWw=";
};
nativeBuildInputs = [
python3Packages.wrapPython
wrapGAppsHook
];
propagatedBuildInputs = [
dbus-python
pygobject3
fuzzywuzzy
levenshtein
gtk3
gobject-introspection
];
env = {
LIBDIR = builtins.placeholder "out" + "/lib";
DATADIR = builtins.placeholder "out" + "/share";
};
postPatch = ''
substituteInPlace conf/org.gnome.Pass.SearchProvider.service.{dbus,systemd} \
--replace-fail "/usr/lib" "$LIBDIR"
'';
installPhase = ''
bash ./install.sh
'';
postFixup = ''
makeWrapperArgs=( "''${gappsWrapperArgs[@]}" )
wrapPythonProgramsIn "$out/lib" "$out $propagatedBuildInputs"
'';
}

34
pkgs/kak-tree-sitter.nix
View file

@ -1,34 +0,0 @@
{
lib,
stdenv,
rustPlatform,
fetchFromSourcehut,
makeWrapper,
}:
rustPlatform.buildRustPackage rec {
pname = "kak-tree-sitter";
version = "1.1.2";
src = fetchFromSourcehut {
owner = "~hadronized";
repo = "kak-tree-sitter";
rev = "kak-tree-sitter-v${version}";
hash = "sha256-wBWfSyR8LGtug/mCD0bJ4lbdN3trIA/03AnCxZoEOSA=";
};
cargoSha256 = "sha256-OQPUWqJAts8DbFNSsC/CmMCbuZ9TVxRTR05O7oiodKI=";
nativeBuildInputs = [ makeWrapper ];
postFixup = ''
wrapProgram "$out/bin/ktsctl" \
--suffix PATH : ${stdenv.cc}
'';
meta = with lib; {
description = "Server that interfaces tree-sitter with kakoune";
homepage = "https://git.sr.ht/~hadronized/kak-tree-sitter";
license = with licenses; [ mit ];
};
}

24
pkgs/lipsum.nix
View file

@ -1,28 +1,19 @@
{
stdenv,
fetchFromGitHub,
pkg-config,
vala,
wrapGAppsHook,
}:
stdenv.mkDerivation rec {
{ pkgs, inputs }:
pkgs.stdenv.mkDerivation rec {
pname = "lipsum";
version = "0.0.1";
src = fetchFromGitHub {
owner = "hannenz";
repo = "lipsum";
rev = "0fb31e6ede10fbd78d7652f5fb21670cddd8e3ed";
hash = "sha256-a6uv0tJulN9cAGWxvQr8B0PUJEY8Rx4e759xzS66Xlo=";
};
src = inputs.lipsum;
nativeBuildInputs = [
nativeBuildInputs = with pkgs; [
pkg-config
vala
wrapGAppsHook
];
makeFlags = [ "PRG=${pname}" ];
makeFlags = [
"PRG=${pname}"
];
installPhase = ''
install -Dm 755 "$pname" "$out/bin/$pname"
@ -30,3 +21,4 @@ stdenv.mkDerivation rec {
glib-compile-schemas "$out/share/glib-2.0/schemas/"
'';
}

16
pkgs/material-wifi-icons.nix
View file

@ -1,16 +0,0 @@
{ stdenv, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "material-wifi-icons";
version = "0.0.1";
src = fetchFromGitHub {
owner = "dcousens";
repo = "material-wifi-icons";
rev = "2daf6b3d96d65beb2a3e37a9a53556aab3826d97";
hash = "sha256-KykU5J7SdpBDG+6rkD//XeHd+6pK3qabe+88RduhwKc=";
};
installPhase = ''
install -D material-wifi.ttf $out/share/fonts/${pname}
'';
}

0
scripts/_diffr Executable file → Normal file
View file

0
scripts/_sway_idle_toggle Executable file → Normal file
View file

0
scripts/bmenu Executable file → Normal file
View file

0
scripts/br Executable file → Normal file
View file

175
scripts/default.nix
View file

@ -1,138 +1,57 @@
(
final: prev:
(final: prev:
with prev;
let
lib = prev.lib;
importScript = (_: path: import (path) { inherit (final) pkgs lib; });
wrapScript =
name: text: runtimeInputs:
final.runCommand name
{
nativeBuildInputs = [ final.makeWrapper ];
meta.mainProgram = name;
}
''
mkdir -p $out/bin
cp ${text} $out/bin/${name}
wrapProgram $out/bin/${name} \
--suffix PATH : ${lib.makeBinPath runtimeInputs}
import_script = (_: path: import (path) { inherit pkgs lib; });
create_script = (name: text: runtimeInputs:
let
script_body = pkgs.writeTextFile {
inherit name;
executable = true;
text = ''
${builtins.readFile text}
'';
createScripts = lib.mapAttrs (name: deps: wrapScript name ./${name} deps);
myPass = final.pass.withExtensions (ex: with ex; [ pass-otp ]);
};
in
with final;
createScripts {
(pkgs.writeShellApplication {
inherit name runtimeInputs;
text = ''exec ${script_body} "$@"'';
checkPhase = "";
}));
create_scripts =
lib.mapAttrs (name: deps: create_script name ./${name} deps);
pass = pkgs.pass.withExtensions (ex: with ex; [
pass-otp
]);
in
create_scripts
{
br = [ ];
bmenu = [
bemenu
dhist
fish
j4-dmenu-desktop
jq
sway
];
down_meme = [
wl-clipboard
yt-dlp
libnotify
];
wl-copy-file = [
wl-clipboard
fish
];
bmenu = [ final.bemenu final.dhist fish j4-dmenu-desktop jq sway ];
down_meme = [ wl-clipboard yt-dlp libnotify ];
wl-copy-file = [ wl-clipboard fish ];
_diffr = [ diffr ];
_thunar-terminal = [ terminal ];
_sway_idle_toggle = [ swayidle ];
kak-pager = [
fish
_diffr
];
kak-man-pager = [ kak-pager ];
helix-pager = [
fish
_diffr
];
helix-man-pager = [ helix-pager ];
musmenu = [
mpc-cli
wdmenu
trash-cli
xdg-user-dirs
libnotify
sd
wl-clipboard
];
showkeys = [ ]; # This will not work unless programs.wshowkeys is enabled systemwide
_thunar-terminal = [ final.terminal ];
_sway_idle_toggle = [ final.swayidle ];
kak-pager = [ fish final._diffr ];
kak-man-pager = [ final.kak-pager ];
helix-pager = [ fish final._diffr ];
helix-man-pager = [ final.helix-pager ];
musmenu = [ mpc-cli final.wdmenu trash-cli xdg-user-dirs libnotify sd wl-clipboard ];
showkeys =
[ ]; # This will not work unless programs.wshowkeys is enabled systemwide
terminal = [ alacritty ];
playerctl-status = [ playerctl ];
pass-export = [
pass2csv
gnupg
sd
];
wpass = [
wdmenu
fd
myPass
sd
wl-clipboard
wtype
];
screenshotsh = [
capitaine-cursors
grim
slurp
jq
sway
wl-clipboard
xdg-user-dirs
];
volumesh = [
pulseaudio
libnotify
];
pulse_sink = [
pulseaudio
pamixer
wdmenu
];
color_picker = [
grim
slurp
wl-clipboard
libnotify
imagemagick
];
dzadd = [
procps
libnotify
wdmenu
jq
mpv
pqiv
python3Packages.deemix
mpc-cli
mpdDup
];
mpdDup = [
mpc-cli
perl
];
readQrCode = [
grim
zbar
wl-clipboard
];
powerplay-led-idle = [
bash
libinput
libratbag
];
}
// lib.mapAttrs importScript {
wpass = [ final.wdmenu fd pass sd wl-clipboard wtype ];
screenshotsh =
[ capitaine-cursors grim slurp jq sway wl-clipboard xdg-user-dirs ];
volumesh = [ pulseaudio libnotify ];
pulse_sink = [ pulseaudio pamixer final.wdmenu ];
color_picker = [ grim slurp wl-clipboard libnotify imagemagick ];
dzadd = [ procps libnotify final.wdmenu jq mpv pqiv python3Packages.deemix mpc-cli final.mpdDup ];
mpdDup = [ mpc-cli perl ];
} // lib.mapAttrs import_script {
wdmenu = ./wdmenu.nix;
wlauncher = ./wlauncher.nix;
_gpg-unlock = ./_gpg-unlock.nix;
}
)
})

0
scripts/helix-pager Executable file → Normal file
View file

0
scripts/kak-pager Executable file → Normal file
View file

13
scripts/pass-export
View file

@ -1,13 +0,0 @@
#!/bin/sh
if test -z "$PASSWORD_STORE_DIR"; then
PASSWORD_STORE_DIR="$HOME/.password-store"
fi
pass2csv "$PASSWORD_STORE_DIR" "$HOME/passwords.csv" \
-f User '(user|login)(:\s*)?' \
-f TOTP 'otpauth(:)?' \
-f URL 'url(:\s*)?'
# Fix TOTP format for keepass
sd '"//totp/.*?secret=(.*?)(&.*?)?"' '"$1"' "$HOME/passwords.csv"

0
scripts/playerctl-status Executable file → Normal file
View file

79
scripts/powerplay-led-idle
View file

@ -1,79 +0,0 @@
#!/usr/bin/env bash
set -e
# Constants
SECONDS_UNTIL_FADE=$(( 1 * 60))
SECONDS_UNTIL_OFF=$(( 6 * 60))
COLOR_ON=ff0000
COLOR_FADE=880000
COLOR_OFF=000000
# Logging
if [[ "$1" = "debug" ]]; then
echo "Running with debugging" >&2
DEBUG="true"
SECONDS_UNTIL_FADE=$(( 3 ))
SECONDS_UNTIL_OFF=$(( 5 ))
fi
log() {
if [[ "$DEBUG" = "true" ]]; then
echo "$@" >&2
fi
}
# Implementation
main() {
CURRENT_STATE="UNKNOWN"
LAST_POINTER_MOTION="$(date +%s)"
if [ "$(ratbagctl list | wc -l)" -ne 1 ]; then
echo "Not exactly one device found, exiting..."
exit 1
fi
DEVICE="$(ratbagctl list | cut -d: -f1)"
while true; do
while read line; do
LAST_POINTER_MOTION="$(date +%s)"
break
done < <(
timeout 5s \
libinput debug-events \
| grep POINTER_MOTION
)
TIME_SINCE_LAST=$(( "$(date +%s)" - "$LAST_POINTER_MOTION" ))
log "Last pointer motion was $TIME_SINCE_LAST seconds ago"
if [ "$TIME_SINCE_LAST" -gt "$SECONDS_UNTIL_OFF" ]; then
setState OFF "$COLOR_OFF"
elif [ "$TIME_SINCE_LAST" -gt "$SECONDS_UNTIL_FADE" ]; then
setState FADE "$COLOR_FADE"
else
setState ON "$COLOR_ON"
fi
done
}
setState() {
STATE="$1"
COLOR="$2"
MODE="$3"
if [[ "$STATE" = "$CURRENT_STATE" ]]; then
log "Already in $STATE state"
return
fi
log "Changing state to $STATE"
CURRENT_STATE="$STATE"
ratbagctl "$DEVICE" led 0 set mode on
ratbagctl "$DEVICE" led 0 set color "$COLOR"
}
main

0
scripts/pulse_sink Executable file → Normal file
View file

18
scripts/readQrCode
View file

@ -1,18 +0,0 @@
#!/bin/sh
set -o pipefail
main() {
if wl-paste | zbarimg -q --raw - | wl-copy
then
notify-send "Copied" "QrCode was copied to clipboard"
rm "$LOGFILE"
else
notify-send "Failed to read QrCode" "Log file is '$LOGFILE'"
fi
}
LOGFILE=$(mktemp /tmp/qrcode-XXXXXXXX.log)
main > "$LOGFILE" 2>&1

0
scripts/screenshotsh Executable file → Normal file
View file

0
scripts/showkeys Executable file → Normal file
View file

0
scripts/terminal Executable file → Normal file
View file

10
scripts/wdmenu.nix
View file

@ -1,4 +1,12 @@
{ pkgs, ... }:
let
inherit (pkgs.uservars) dmenu;
available_menus = {
bmenu = "bmenu";
rofi = "rofi -dmenu -sort";
};
menu_cmd = available_menus.${dmenu};
in
pkgs.writeShellScriptBin "wdmenu" ''
exec bmenu "$@"
exec ${menu_cmd} "$@"
''

2
scripts/wfile-picker.nix
View file

@ -1,6 +1,6 @@
{ pkgs, ... }:
let
inherit (config.my) dmenu;
inherit (pkgs.uservars) dmenu;
available_menus = {
bmenu = "bmenu run";
rofi = "rofi -show drun -sort";

3
scripts/wl-copy-file Executable file → Normal file
View file

@ -10,13 +10,12 @@ if test (count $argv) != 1
end
set -a file (realpath $argv[1])
set -a url (string escape --style=url "$file")
set -e argv[1]
if test -d "$file"
die 1 "Cannot copy directories" >&2
else if test -f "$file"
wl-copy $argv -t text/uri-list "file:///$url"
wl-copy $argv -t text/uri-list "file:///$file"
else
die 2 "No file found" >&2
end

10
scripts/wlauncher.nix
View file

@ -1,4 +1,12 @@
{ pkgs, ... }:
let
inherit (pkgs.uservars) dmenu;
available_menus = {
bmenu = "bmenu run";
rofi = "rofi -show drun -sort";
};
menu_cmd = available_menus.${dmenu};
in
pkgs.writeShellScriptBin "wlauncher" ''
exec bmenu run "$@"
exec ${menu_cmd} "$@"
''

4
scripts/wpass Executable file → Normal file
View file

@ -50,6 +50,10 @@ main() {
}
autotype(){
if pgrep qutebrowser >/dev/null; then
qutebrowser ":mode-enter insert"
fi
env wtype -s 100 "$username"
env wtype -s 100 -k tab
env wtype -s 100 "$password"

0
secrets/phantom-nextcloud.age → secrets/ghost-nextcloud.age
View file

0
secrets/phantom-renawiki.age → secrets/ghost-renawiki.age
View file

0
secrets/phantom-writefreely.age → secrets/ghost-writefreely.age
View file

BIN
secrets/monolith-forgejo-runner-token.age
View file

Binary file not shown.

BIN
secrets/monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.age
View file

Binary file not shown.

BIN
secrets/phantom-forgejo-mailer-password.age
View file

Binary file not shown.

13
secrets/phantom-mastodon-mailer-password.age
View file

@ -1,13 +0,0 @@
age-encryption.org/v1
-> ssh-rsa BwwxHg
Mnc+/tJ0QqxHkg2nl9gEkz5Oj1RgxtOZnD5gRv66ISUOqZhNm1+F+xVEdKn843/q
/WzH0f1cTF9NXP8vIaEo//bMmp50obJAd+JNovJxV+0gb9L55Nu7ayvK+eyk6j5n
eb8TxUnwh5BPkEyc6akDh/O49GXzLlVoFD6Ik/0f3YCqUDNAYOl2bsssXtevCeK/
WEPoCFGhZfNUrOo/0eAhiujZZ5zVb0CWNqXi8VTe2eWOE20VJULcN13TEyO3ZePx
bAPBmDfS5GgGlV4INWxVLaIMDrzlm0tYozbBNNUbdLFFOhIOrgvay9RWxdk0u2hJ
MPKoKsJ96EFxrbZJdS0W7a+aZk/Q3A3Civ2rtPx+5UANhmlY8e1lUHa26e1vA4K7
ApoMtDyCbuZ9FbLurwl9zO64wWP68aKzuyKOIw+wpy41NQ/PcViSY8KNG9Pt7A2N
CcOkByx+rwz+JdNHbOF8O4FFG4fNSWn7SvVtu5ymGgVi1bOd8PdJpjDR+6Is0SX7
--- DHNyITb7ZseEV58MOD/zHeH5vff0hhlbKg27rlYECGk
ÆJ…¨Úãè·<hUs/¿ïš}ó´Zi`ˆ JŸ°z5ùÃgõãŸ%€ì‡`¤º%/˜‚±<01>ˆ„á-Î<x—íõÉ’|

BIN
secrets/rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age
View file

Binary file not shown.

17
secrets/secrets.nix
View file

@ -2,19 +2,12 @@ let
main_ssh_public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCxR/w+38b2lX90yNBqhq3mUmkn1WGu6GAPhN1tVp2ZjYRJNV/+5gWCnTtOWYtDx35HmK/spQ2Qy8X9ttkzORa24fysNx1Iqn/TiXhD7eIJjbGPnrOpIKTkW5/uB3SD/P5NBSa06//BaqJU4sBlG79hoXRpod052hQtdpTVDiMCIV+iboWPKqopmJJfWdBtVnHXs9rep0htPRExxGslImFk7Z6xjcaHyCpIQZPlOGf+sGsmUU7jRqzvZFV8ucIdbnAlMHrU4pepNFhuraESyZVTa/bi9sw0iozXp5Q5+5thMebEslmT1Z771kI4sieDy+O4r8c0Sx2/VY1UAzcpq1faggc3YB01MTh+tiEC6xdMvZLrQGL1NBWjHleMyL53GU5ERluC0vXJF3Hv3BGGBDfXWbrEm5n06DHr2apRVJGC0LwiQ7Woud1X4V4X1pKSusxCVMjT2lmcOwV6YhKhB2sowJc1OdMx4+tL0UWE+YKSZgBHfolwk6ml0F4EO9nnUHc= lelgenio@i15";
in
{
"rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age".publicKeys = [
main_ssh_public_key
];
"monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.age".publicKeys = [
main_ssh_public_key
];
"rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age".publicKeys = [ main_ssh_public_key ];
"monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.age".publicKeys = [ main_ssh_public_key ];
"gitlab-runner-thoreb-telemetria-registrationConfigFile.age".publicKeys = [ main_ssh_public_key ];
"monolith-forgejo-runner-token.age".publicKeys = [ main_ssh_public_key ];
"lelgenio-cachix.age".publicKeys = [ main_ssh_public_key ];
"monolith-nix-serve-privkey.age".publicKeys = [ main_ssh_public_key ];
"phantom-nextcloud.age".publicKeys = [ main_ssh_public_key ];
"phantom-writefreely.age".publicKeys = [ main_ssh_public_key ];
"phantom-renawiki.age".publicKeys = [ main_ssh_public_key ];
"phantom-forgejo-mailer-password.age".publicKeys = [ main_ssh_public_key ];
"phantom-mastodon-mailer-password.age".publicKeys = [ main_ssh_public_key ];
"ghost-nextcloud.age".publicKeys = [ main_ssh_public_key ];
"ghost-writefreely.age".publicKeys = [ main_ssh_public_key ];
"ghost-renawiki.age".publicKeys = [ main_ssh_public_key ];
}

6
settings/default.nix
View file

@ -1,6 +0,0 @@
{ lib, ... }:
{
options = {
my = lib.mkOption { };
};
}

4
switch
View file

@ -1,9 +1,5 @@
#!/usr/bin/env bash
nix fmt
git --no-pager diff
sudo nice ionice \
nixos-rebuild \
switch \

12
switch-phantom
View file

@ -1,12 +0,0 @@
#!/bin/sh
nix fmt
git --no-pager diff
nixos-rebuild switch --flake .#phantom \
--update-input nixpkgs \
--no-write-lock-file \
--build-host phantom \
--target-host phantom \
"$@"

17
system/bluetooth.nix
View file

@ -1,17 +0,0 @@
{ pkgs, ... }:
{
services.blueman.enable = true;
hardware.bluetooth = {
enable = true;
settings = {
General = {
DiscoverableTimeout = 0;
Discoverable = true;
AlwaysPairable = true;
};
Policy = {
AutoEnable = true;
};
};
};
}

15
system/boot.nix
View file

@ -1,11 +1,4 @@
{
config,
pkgs,
lib,
inputs,
...
}:
{
{ config, pkgs, lib, inputs, ... }: {
console = {
font = "${pkgs.terminus_font}/share/consolefonts/ter-120n.psf.gz";
packages = [ pkgs.terminus_font ];
@ -43,9 +36,11 @@
};
plymouth = {
enable = true;
theme = lib.mkIf (config.my.desktop == "sway") "red_loader";
theme = lib.mkIf (pkgs.uservars.desktop == "sway") "red_loader";
themePackages = with pkgs; [
(adi1090x-plymouth-themes.override { selected_themes = [ "red_loader" ]; })
(adi1090x-plymouth-themes.override {
selected_themes = [ "red_loader" ];
})
];
};
};

8
system/cachix.nix
View file

@ -1,10 +1,4 @@
{
pkgs,
lib,
config,
...
}:
{
{ pkgs, lib, config, ... }: {
services.cachix-watch-store = {
enable = true;
cacheName = "lelgenio";

156
system/configuration.nix
View file

@ -1,13 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
config,
pkgs,
inputs,
...
}:
{
{ config, pkgs, inputs, ... }: {
imports = [
./gamemode.nix
./cachix.nix
@ -15,29 +9,129 @@
./boot.nix
./thunar.nix
./nix.nix
./fonts.nix
./sound.nix
./bluetooth.nix
./mouse.nix
./locale.nix
./users.nix
./containers.nix
./network.nix
../settings
];
my = import ../user/variables.nix;
zramSwap.enable = true;
programs.adb.enable = true;
services.udev.packages = [ pkgs.android-udev-rules ];
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
# Open kde connect ports
programs.kdeconnect.enable = true;
networking.firewall.allowedTCPPorts = [ 55201 ];
# Set your time zone.
time.timeZone = "America/Sao_Paulo";
environment.variables.TZ = config.time.timeZone;
# Select internationalisation properties.
i18n.defaultLocale = "pt_BR.utf8";
# Enable the GNOME Desktop Environment.
# services.xserver.displayManager.gdm.enable = true;
# services.xserver.desktopManager.gnome.enable = true;
# services.xserver.displayManager.autologin.user = "lelgenio";
# Configure keymap in X11
services.xserver = {
layout = "us";
xkbVariant = "colemak";
};
console.keyMap = "colemak";
# Enable CUPS to print documents.
# services.printing.enable = true;
services.flatpak.enable = true;
virtualisation.docker.enable = true;
virtualisation.docker.autoPrune.enable = true;
virtualisation.docker.autoPrune.dates = "monthly";
virtualisation.docker.autoPrune.flags = [ "--all --volumes" ];
programs.extra-container.enable = true;
programs.firejail.enable = true;
security.rtkit.enable = true;
services.openssh = {
enable = true;
ports = [ 9022 ];
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
# programs.ssh = {
# startAgent = true;
# extraConfig = ''
# AddKeysToAgent yes
# '';
# };
## Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
services.pipewire = {
enable = true;
wireplumber.enable = true;
pulse.enable = true;
alsa.enable = true;
jack.enable = true;
};
services.blueman.enable = true;
hardware.bluetooth = {
enable = true;
settings = {
General = {
DiscoverableTimeout = 0;
# Discoverable = true;
AlwaysPairable = true;
};
Policy = { AutoEnable = true; };
};
};
# Enable touchpad support (enabled default in most desktopManager).
services.libinput.enable = true;
services.xserver.libinput.enable = true;
xdg.portal = {
config.common.default = "*";
enable = true;
wlr.enable = true;
# Always pick the first monitor, this is fine since I only ever use a single monitor
wlr.settings.screencast.chooser_type = "none";
# gtk portal needed to make gtk apps happy
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
};
# Define a user account. Don't forget to set a password with passwd.
users.mutableUsers = false;
users.users.lelgenio = {
isNormalUser = true;
description = "Leonardo Eugênio";
hashedPassword = "$y$j9T$0e/rczjOVCy7PuwC3pG0V/$gTHZhfO4wQSlFvbDyfghbCnGI2uDI0a52zSrQ/yOA5A";
extraGroups = [ "networkmanager" "wheel" "docker" "adbusers" "bluetooth" "corectrl" "vboxusers" ];
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCxR/w+38b2lX90yNBqhq3mUmkn1WGu6GAPhN1tVp2ZjYRJNV/+5gWCnTtOWYtDx35HmK/spQ2Qy8X9ttkzORa24fysNx1Iqn/TiXhD7eIJjbGPnrOpIKTkW5/uB3SD/P5NBSa06//BaqJU4sBlG79hoXRpod052hQtdpTVDiMCIV+iboWPKqopmJJfWdBtVnHXs9rep0htPRExxGslImFk7Z6xjcaHyCpIQZPlOGf+sGsmUU7jRqzvZFV8ucIdbnAlMHrU4pepNFhuraESyZVTa/bi9sw0iozXp5Q5+5thMebEslmT1Z771kI4sieDy+O4r8c0Sx2/VY1UAzcpq1faggc3YB01MTh+tiEC6xdMvZLrQGL1NBWjHleMyL53GU5ERluC0vXJF3Hv3BGGBDfXWbrEm5n06DHr2apRVJGC0LwiQ7Woud1X4V4X1pKSusxCVMjT2lmcOwV6YhKhB2sowJc1OdMx4+tL0UWE+YKSZgBHfolwk6ml0F4EO9nnUHc= lelgenio@i15"
];
};
users.users.root.initialHashedPassword = "$y$j9T$E3aBBSSq0Gma8hZD9L7ov0$iCGDW4fqrXWfHO0qodBYYgMFA9CpIraoklHcPbJJrM3";
# services.getty.autologinUser = "lelgenio";
programs.fish.enable = true;
programs.dzgui.enable = true;
programs.dzgui.package = inputs.dzgui-nix.packages.${pkgs.system}.default;
packages.media-packages.enable = true;
environment.systemPackages = with pkgs; [
pinentry-curses
pavucontrol
glib # gsettings
@ -46,11 +140,27 @@
gnome3.adwaita-icon-theme # default gnome cursors
];
services.geoclue2.enable = true;
fonts.enableDefaultPackages = true;
fonts.packages = with pkgs; [
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
nerdfonts_fira_hack
];
services.geoclue2.enable = true;
# programs.qt5ct.enable = true;
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
services.pcscd.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryFlavor = "curses";
};
security.sudo.wheelNeedsPassword = false;
systemd.extraConfig = ''
DefaultTimeoutStopSec=10s
'';
services.logind.extraConfig = ''
HandlePowerKey=suspend
'';

20
system/containers.nix
View file

@ -1,20 +0,0 @@
{ pkgs, ... }:
{
services.flatpak.enable = true;
virtualisation.docker = {
enable = true;
autoPrune = {
enable = true;
dates = "monthly";
flags = [
"--all"
"--volumes"
];
};
};
programs.extra-container.enable = true;
programs.firejail.enable = true;
}

10
system/fonts.nix
View file

@ -1,10 +0,0 @@
{ pkgs, ... }:
{
fonts.enableDefaultPackages = true;
fonts.packages = with pkgs; [
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
nerdfonts_fira_hack
];
}

12
system/gamemode.nix
View file

@ -1,16 +1,8 @@
{
config,
pkgs,
inputs,
...
}:
{
{ config, pkgs, inputs, ... }: {
programs.gamemode.enable = true;
programs.gamemode.enableRenice = true;
programs.gamemode.settings = {
general = {
renice = 10;
};
general = { renice = 10; };
# Warning: GPU optimisations have the potential to damage hardware
gpu = {

21
system/gitlab-runner.nix
View file

@ -1,11 +1,9 @@
{ pkgs, lib, ... }:
{
mkNixRunner =
authenticationTokenConfigFile: with lib; rec {
{ pkgs, lib, ... }: {
mkNixRunner = registrationConfigFile: with lib; rec {
# File should contain at least these two variables:
# `CI_SERVER_URL`
# `REGISTRATION_TOKEN`
inherit authenticationTokenConfigFile; # 2
inherit registrationConfigFile; # 2
dockerImage = "alpine:3.18.2";
dockerAllowedImages = [ dockerImage ];
dockerVolumes = [
@ -28,17 +26,7 @@
. ${pkgs.nix}/etc/profile.d/nix.sh
${pkgs.nix}/bin/nix-env -i ${
concatStringsSep " " (
with pkgs;
[
nix
cacert
git
openssh
]
)
}
${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])}
'';
environmentVariables = {
ENV = "/etc/profile";
@ -47,5 +35,6 @@
PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
};
tagList = [ "nix" ];
};
}

46
system/gnome.nix
View file

@ -1,47 +1,25 @@
{ pkgs, lib, ... }:
{
services.xserver = {
enable = true;
desktopManager.gnome = {
enable = true;
# Enable VRR (Variable Refresh Rate)
extraGSettingsOverridePackages = with pkgs; [ gnome.mutter ];
extraGSettingsOverrides = ''
[org.gnome.mutter]
experimental-features=['variable-refresh-rate', 'scale-monitor-framebuffer']
'';
};
displayManager.gdm.enable = true;
};
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }: {
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
# Workaround for https://github.com/NixOS/nixpkgs/issues/103746
systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false;
services.displayManager.autoLogin = {
services.xserver.displayManager.autoLogin = {
enable = true;
user = "lelgenio";
};
programs.kdeconnect = {
enable = true;
package = pkgs.gnomeExtensions.gsconnect;
};
hardware.opentabletdriver.enable = lib.mkForce false;
programs.gpaste.enable = true;
# services.xserver.displayManager.autologin.user = "lelgenio";
environment.systemPackages =
with pkgs;
with gnome;
[
environment.systemPackages = with pkgs; with gnome; [
gnome-tweaks
dconf-editor
chrome-gnome-shell
gnomeExtensions.gsconnect
gnomeExtensions.quick-settings-audio-devices-hider
gnome-pass-search-provider
];
}

24
system/greetd.nix
View file

@ -1,17 +1,6 @@
{
lib,
pkgs,
config,
...
}:
{ lib, pkgs, config, ... }:
let
inherit (config.my)
key
accent
font
theme
desktop
;
inherit (pkgs.uservars) key accent font theme desktop;
cfg = config.login-manager.greetd;
in
@ -28,7 +17,6 @@ in
# enable sway window manager
programs.sway = {
enable = true;
package = pkgs.mySway;
wrapperFeatures.gtk = true;
};
@ -45,8 +33,12 @@ in
services.greetd =
let
greetd_main_script = pkgs.writeShellScriptBin "main" ''
${pkgs.dbus-sway-environment}/bin/dbus-sway-environment
export XDG_CURRENT_DESKTOP=sway GTK_THEME="${theme.gtk_theme}" XCURSOR_THEME="${theme.cursor_theme}"
${pkgs.greetd.gtkgreet}/bin/gtkgreet -l -c ${desktop}
${pkgs.greetd.gtkgreet}/bin/gtkgreet -l -c ${{
sway = "sway";
hyprland = "Hyprland";
}.${desktop}}
swaymsg exit
'';
swayConfig = pkgs.writeText "greetd-sway-config" ''
@ -70,7 +62,7 @@ in
enable = true;
settings = {
initial_session = {
command = desktop;
command = "${pkgs.sway}/bin/sway";
user = "lelgenio";
};
default_session = {

3
system/kde.nix
View file

@ -1,5 +1,4 @@
{ config, pkgs, ... }:
{
{ config, pkgs, ... }: {
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the KDE Desktop Environment.

13
system/locale.nix
View file

@ -1,13 +0,0 @@
{ pkgs, config, ... }:
{
time.timeZone = "America/Sao_Paulo";
environment.variables.TZ = config.time.timeZone;
i18n.defaultLocale = "pt_BR.utf8";
# Configure keymap in X11
services.xserver.xkb = {
layout = "us";
variant = "colemak";
};
console.keyMap = "colemak";
}

19
system/media-packages.nix
View file

@ -1,13 +1,6 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.packages.media-packages;
in
{
{ config, pkgs, lib, ... }:
let cfg = config.packages.media-packages;
in {
options.packages.media-packages = {
enable = lib.mkEnableOption "media packages";
};
@ -23,10 +16,8 @@ in
gimp
inkscape
krita
kdePackages.breeze
kdePackages.kdenlive
pitivi
blender-hip
kdenlive
blender
libreoffice
godot_4
];

20
system/monolith-forgejo-runner.nix
View file

@ -1,20 +0,0 @@
{ pkgs, config, ... }:
{
services.gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances.default = {
enable = true;
name = "monolith";
url = "https://git.lelgenio.com";
tokenFile = config.age.secrets.monolith-forgejo-runner-token.path;
labels = [
# provide a debian base with nodejs for actions
"debian-latest:docker://node:18-bullseye"
# fake the ubuntu name, because node provides no ubuntu builds
"ubuntu-latest:docker://node:18-bullseye"
# provide native execution on the host
#"native:host"
];
};
};
}

18
system/monolith-gitlab-runner.nix
View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
let
inherit (pkgs.callPackage ./gitlab-runner.nix { }) mkNixRunner;
in
@ -14,6 +9,17 @@ in
enable = true;
settings.concurrent = 4;
services = {
# ci_test = {
# registrationConfigFile = "/srv/gitlab-runner/env/ci_test";
# dockerImage = "debian";
# dockerPrivileged = true;
# };
thoreb_builder = {
registrationConfigFile = config.age.secrets.monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.path;
dockerImage = "debian";
dockerPrivileged = true;
};
# runner for building in docker via host's nix-daemon
# nix store will be readable in runner, might be insecure
thoreb-telemetria-nix = mkNixRunner config.age.secrets.gitlab-runner-thoreb-telemetria-registrationConfigFile.path;

15
system/mouse.nix
View file

@ -1,15 +0,0 @@
{
# Allow configuring Logitech Peripherals
services.ratbagd.enable = true;
# Sway does not undersand high resolution scroll wheels
# I don't need this, so I disable it
environment.etc."libinput/local-overrides.quirks".text = ''
[Logitech G502 X PLUS]
MatchUdevType=mouse
MatchBus=usb
MatchVendor=0x046D
MatchProduct=0x4099
AttrEventCode=-REL_WHEEL_HI_RES
'';
}

30
system/network.nix
View file

@ -1,30 +0,0 @@
{ pkgs, ... }:
{
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
# Open kde connect ports
programs.kdeconnect.enable = true;
networking.firewall = {
enable = true;
logRefusedConnections = false;
};
# Enable CUPS to print documents.
# services.printing.enable = true;
security.rtkit.enable = true;
services.openssh = {
enable = true;
ports = [ 9022 ];
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
}

8
system/nix-serve.nix
View file

@ -1,10 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{
{ config, pkgs, lib, ... }: {
services.nix-serve = {
enable = true;
secretKeyFile = config.age.secrets.monolith-nix-serve-privkey.path;

30
system/nix.nix
View file

@ -1,50 +1,32 @@
{
lib,
config,
pkgs,
inputs,
...
}:
let
collectFlakeInputs =
input: [ input ] ++ lib.concatMap collectFlakeInputs (builtins.attrValues (input.inputs or { }));
in
{
system.extraDependencies = collectFlakeInputs inputs.self;
{ config, pkgs, inputs, ... }: {
nix.registry.nixpkgs.flake = inputs.nixpkgs;
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
gc = {
automatic = true;
dates = "weekly";
dates = "monthly";
options = "--delete-older-than 7d";
};
optimise.automatic = true;
settings = {
trusted-users = [
"root"
"@wheel"
];
auto-optimise-store = true;
substituters = [
"https://cache.nixos.org"
"https://nix-community.cachix.org"
# "http://nixcache.lelgenio.1337.cx:5000"
"https://hyprland.cachix.org"
"https://lelgenio.cachix.org"
"https://wegank.cachix.org"
"https://snowflakeos.cachix.org/"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
# "nixcache.lelgenio.1337.cx:zxCfx7S658llDgAUG0JVyNrlAdFVvPniSdDOkvfTPS8="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"lelgenio.cachix.org-1:W8tMlmDFLU/V+6DlChXjekxoHZpjgVHZpmusC4cueBc="
"wegank.cachix.org-1:xHignps7GtkPP/gYK5LvA/6UFyz98+sgaxBSy7qK0Vs="
"snowflakeos.cachix.org-1:gXb32BL86r9bw1kBiw9AJuIkqN49xBvPd1ZW8YlqO70="
];
};
extraOptions = ''
experimental-features = nix-command flakes repl-flake
experimental-features = nix-command flakes
'';
};
}

10
system/rainbow-gitlab-runner.nix
View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
let
inherit (pkgs.callPackage ./gitlab-runner.nix { }) mkNixRunner;
in
@ -20,8 +15,7 @@ in
# dockerPrivileged = true;
# };
thoreb_builder = {
registrationConfigFile =
config.age.secrets.rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.path;
registrationConfigFile = config.age.secrets.rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.path;
dockerImage = "debian";
dockerPrivileged = true;
};

Some files were not shown because too many files have changed in this diff Show more