geoffrey/dotfiles
geoffrey/dotfiles
1
0
Fork 0
Code Issues 7 Pull requests Releases Activity

Reformat all Nix files

Browse source
This commit is contained in:
Geoffrey Frogeye 2024-12-15 00:29:51 +01:00
parent 9e0c1102a9
commit 355b63cf73
Signed by: geoffrey
GPG key ID: C72403E7F82E6AD8
81 changed files with 2293 additions and 1153 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
common/disko/single_uefi_btrfs.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
passwordFile = "/tmp/dotfiles_${config.frogeye.name}_password";
in
@ -41,15 +46,24 @@ in
subvolumes = {
"/nixos" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" "relatime" ];
mountOptions = [
"compress=zstd"
"relatime"
];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
mountOptions = [
"compress=zstd"
"noatime"
];
};
# Maybe later
# "/swap" = {

2
common/update-local-flakes/default.nix
View file

@ -1,2 +1,2 @@
{ pkgs, ... }:
pkgs.writers.writePython3Bin "update-local-flakes" {} (builtins.readFile ./update-local-flakes.py)
pkgs.writers.writePython3Bin "update-local-flakes" { } (builtins.readFile ./update-local-flakes.py)

2
common/update-local-flakes/overlay.nix
View file

@ -1,3 +1,3 @@
(self: super: {
update-local-flakes = super.callPackage ./. {};
update-local-flakes = super.callPackage ./. { };
})

10
cranberry/default.nix
View file

@ -1,8 +1,14 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
frogeye.name = "cranberry";
disko.devices.disk."${config.frogeye.name}".device = "/dev/disk/by-id/nvme-UMIS_RPJTJ128MEE1MWX_SS0L25188X3RC12121TP";
disko.devices.disk."${config.frogeye.name
}".device = "/dev/disk/by-id/nvme-UMIS_RPJTJ128MEE1MWX_SS0L25188X3RC12121TP";
};
imports = [
../common/disko/single_uefi_btrfs.nix

24
cranberry/hardware.nix
View file

@ -1,9 +1,21 @@
{ pkgs, lib, config, nixos-hardware, ... }:
{
pkgs,
lib,
config,
nixos-hardware,
...
}:
{
config = {
boot = {
# From nixos-generate-config
initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"usb_storage"
"sd_mod"
"sdhci_pci"
];
kernelModules = [ "kvm-amd" ];
};
@ -31,9 +43,11 @@
};
# Alt key swallowed the Meta one
home-manager.users.geoffrey = { ... }: {
xsession.windowManager.i3.config.modifier = "Mod1";
};
home-manager.users.geoffrey =
{ ... }:
{
xsession.windowManager.i3.config.modifier = "Mod1";
};
};
imports = [

27
curacao/backup/default.nix
View file

@ -2,13 +2,25 @@
# MANU Snapper is not able to create the snapshot directory, so you'll need to do this after eventually running the backup script:
# sudo btrfs subvol create /mnt/razmo/$subvolume/.snapshots
let
backup_subvolumes = [ "nixos" "home.rapido" "home.nixos" ];
backup_subvolumes = [
"nixos"
"home.rapido"
"home.nixos"
];
backup_app = pkgs.writeShellApplication {
name = "backup-subvolume";
runtimeInputs = with pkgs; [ coreutils btrfs-progs ];
runtimeInputs = with pkgs; [
coreutils
btrfs-progs
];
text = builtins.readFile ./backup.sh;
};
snapper_subvolumes = [ "nixos" "home.rapido" "home.razmo" "home.nixos" ];
snapper_subvolumes = [
"nixos"
"home.rapido"
"home.razmo"
"home.nixos"
];
in
{
services =
@ -39,10 +51,15 @@ in
};
in
{
snapper.configs = lib.attrsets.mergeAttrsList (map (s: { "${s}" = default // { SUBVOLUME = "/mnt/razmo/${s}"; }; }) snapper_subvolumes);
snapper.configs = lib.attrsets.mergeAttrsList (
map (s: {
"${s}" = default // {
SUBVOLUME = "/mnt/razmo/${s}";
};
}) snapper_subvolumes
);
};
systemd = {
services.bkp_rapido = {
description = "Make a snapshot of the SSD to the HDD";

28
curacao/co2meter/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
zytemp_mqtt_src = pkgs.fetchFromGitHub {
# owner = "patrislav1";
@ -7,12 +12,15 @@ let
rev = "push-nurpouorqoyr"; # Humidity + availability support
sha256 = "sha256-nOhyBAgvjeQh9ys3cBJOVR67SDs96zBzxIRGpaq4yoA=";
};
zytemp_mqtt = pkgs.python3Packages.buildPythonPackage
rec {
name = "zytemp_mqtt";
src = zytemp_mqtt_src;
propagatedBuildInputs = with pkgs.python3Packages; [ hidapi paho-mqtt pyaml ];
};
zytemp_mqtt = pkgs.python3Packages.buildPythonPackage rec {
name = "zytemp_mqtt";
src = zytemp_mqtt_src;
propagatedBuildInputs = with pkgs.python3Packages; [
hidapi
paho-mqtt
pyaml
];
};
usb_zytemp_udev = pkgs.stdenv.mkDerivation {
pname = "usb-zytemp-udev-rules";
version = "unstable-2023-05-24";
@ -63,7 +71,11 @@ in
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged" "~@resouces" ];
SystemCallFilter = [
"@system-service"
"~@privileged"
"~@resouces"
];
UMask = "0077";
};
};

17
curacao/dedup/default.nix
View file

@ -1,16 +1,27 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
services.beesd.filesystems = {
razmo = {
spec = "/mnt/razmo";
hashTableSizeMB = 512; # Recommended for 1 TiB, ×2 for compression, x2 for time
extraOptions = [ "--loadavg-target" "7.5" ];
extraOptions = [
"--loadavg-target"
"7.5"
];
};
rapido = {
spec = "/mnt/rapido";
hashTableSizeMB = 128; # 4 times smaller disk, 4 times smaller hashtable?
extraOptions = [ "--loadavg-target" "5" ];
extraOptions = [
"--loadavg-target"
"5"
];
};
};
};

7
curacao/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
frogeye.name = "curacao";

24
curacao/desk/default.nix
View file

@ -1,10 +1,16 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
desk_mqtt = pkgs.writers.writePython3 "desk_mqtt"
{
libraries = with pkgs.python3Packages; [ pyusb ha-mqtt-discoverable ];
}
(builtins.readFile ./desk_mqtt.py);
desk_mqtt = pkgs.writers.writePython3 "desk_mqtt" {
libraries = with pkgs.python3Packages; [
pyusb
ha-mqtt-discoverable
];
} (builtins.readFile ./desk_mqtt.py);
usb2lin06_udev = pkgs.writeTextFile {
name = "usb2lin06-udev-rules";
text = ''
@ -44,7 +50,11 @@ in
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged" "~@resouces" ];
SystemCallFilter = [
"@system-service"
"~@privileged"
"~@resouces"
];
UMask = "0077";
};
};

22
curacao/disko.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
# TODO Find a way to use keys in filesystem
# TODO Not relatime everywhere, thank you
# TODO Default options
@ -62,11 +67,17 @@ in
subvolumes = {
"home.razmo" = {
mountpoint = "/home.heavy";
mountOptions = [ "compress=zstd" "relatime" ];
mountOptions = [
"compress=zstd"
"relatime"
];
};
"steam" = {
mountpoint = "/opt/steam.razmo";
mountOptions = [ "compress=zstd" "noatime" ];
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
@ -145,7 +156,10 @@ in
};
services.btrfs.autoScrub = {
enable = true;
fileSystems = [ "/mnt/razmo" "/mnt/rapido" ];
fileSystems = [
"/mnt/razmo"
"/mnt/rapido"
];
# TODO Should be generable from disko config, right?
};
}

21
curacao/hardware.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, nixos-hardware, ... }:
{
pkgs,
lib,
nixos-hardware,
...
}:
let
displays = {
embedded = {
@ -19,7 +24,14 @@ in
config = {
boot = {
# From nixos-generate-config
initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" "rtsx_usb_sdmmc" ];
initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usbhid"
"sd_mod"
"rtsx_usb_sdmmc"
];
kernelModules = [ "kvm-intel" ];
# UEFI works here, and variables can be touched
@ -95,7 +107,10 @@ in
};
};
# Needs prefetched binary blobs, see https://nixos.wiki/wiki/Displaylink
xserver.videoDrivers = [ "displaylink" "modesetting" ];
xserver.videoDrivers = [
"displaylink"
"modesetting"
];
# TODO See if nvidia and DL can work together.
};
};

7
curacao/homeautomation/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
networking = {

10
curacao/usb.nix
View file

@ -1,8 +1,14 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
boot.loader.efi.canTouchEfiVariables = false;
disko.devices.disk."${config.frogeye.name}".device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
disko.devices.disk."${config.frogeye.name
}".device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
frogeye.name = "curacao-usb";
};
imports = [

7
curacao/webcam/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
# TODO This should install cameractrls, but it seems like it's not easy to install.

179
flake.nix
View file

@ -37,7 +37,15 @@
flake-utils.url = "github:numtide/flake-utils";
};
outputs = { self, nixpkgs, disko, nix-on-droid, flake-utils, ... }@attrs:
outputs =
{
self,
nixpkgs,
disko,
nix-on-droid,
flake-utils,
...
}@attrs:
# Machine independant outputs
let
nixpkgsConfig = {
@ -53,78 +61,104 @@
extraSpecialArgs = attrs;
};
lib = {
nixosSystem = { system, modules ? [ ] }: nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = attrs;
modules = modules ++ [
self.nixosModules.dotfiles
{
nixpkgs = nixpkgsConfig;
home-manager = homeManagerConfig;
frogeye.toplevel = { _type = "override"; content = self; priority = 1000; };
}
];
};
nixOnDroidConfiguration = { modules ? [ ] }: nix-on-droid.lib.nixOnDroidConfiguration {
pkgs = import nixpkgs (nixpkgsConfig // {
system = "aarch64-linux"; # nod doesn't support anything else
});
modules = modules ++ [
self.nixOnDroidModules.dotfiles
{
home-manager = homeManagerConfig;
}
];
};
flakeTools = { self }: flake-utils.lib.eachDefaultSystem (system:
let
pkgs = import nixpkgs
(nixpkgsConfig // {
inherit system;
# We do an overlay here so nixos-rebuild and other use lix.
# We don't do an overlay for the whole system because lix is not binary compatible.
overlays = [
(self: super: { nix = super.lix; })
];
});
in
nixosSystem =
{
apps = {
disko = {
type = "app";
program = "${disko.packages.${system}.default}/bin/disko";
system,
modules ? [ ],
}:
nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = attrs;
modules = modules ++ [
self.nixosModules.dotfiles
{
nixpkgs = nixpkgsConfig;
home-manager = homeManagerConfig;
frogeye.toplevel = {
_type = "override";
content = self;
priority = 1000;
};
}
];
};
nixOnDroidConfiguration =
{
modules ? [ ],
}:
nix-on-droid.lib.nixOnDroidConfiguration {
pkgs = import nixpkgs (
nixpkgsConfig
// {
system = "aarch64-linux"; # nod doesn't support anything else
}
);
modules = modules ++ [
self.nixOnDroidModules.dotfiles
{
home-manager = homeManagerConfig;
}
];
};
flakeTools =
{ self }:
flake-utils.lib.eachDefaultSystem (
system:
let
pkgs = import nixpkgs (
nixpkgsConfig
// {
inherit system;
# We do an overlay here so nixos-rebuild and other use lix.
# We don't do an overlay for the whole system because lix is not binary compatible.
overlays = [
(self: super: { nix = super.lix; })
];
}
);
in
{
apps = {
disko = {
type = "app";
program = "${disko.packages.${system}.default}/bin/disko";
};
nixos-install = {
type = "app";
program = "${pkgs.nixos-install-tools}/bin/nixos-install";
};
nixos-rebuild = {
type = "app";
program = "${pkgs.nixos-rebuild}/bin/nixos-rebuild";
};
repl = {
type = "app";
program = "${pkgs.writeShellScript "vivarium-repl" ''
${pkgs.lix}/bin/nix repl --expr 'let flake = builtins.getFlake "${self}"; in flake // flake.nixosConfigurations // rec { pkgs = import ${nixpkgs} {}; lib = pkgs.lib; }'
''}";
};
# Available globally should this be needed in times of shenanigans
updateLocalFlakes = {
type = "app";
program = "${pkgs.update-local-flakes}/bin/update-local-flakes";
};
nixosRebuild = {
type = "app";
program = "${pkgs.writeShellScript "rebuild" ''${
pkgs.writeShellApplication {
name = "rebuild";
runtimeInputs = with pkgs; [
nix-output-monitor
nixos-rebuild
];
text = builtins.readFile ./os/rebuild.sh;
}
}/bin/rebuild ${self} "$@"''}";
};
};
nixos-install = {
type = "app";
program = "${pkgs.nixos-install-tools}/bin/nixos-install";
};
nixos-rebuild = {
type = "app";
program = "${pkgs.nixos-rebuild}/bin/nixos-rebuild";
};
repl = {
type = "app";
program = "${pkgs.writeShellScript "vivarium-repl" ''
${pkgs.lix}/bin/nix repl --expr 'let flake = builtins.getFlake "${self}"; in flake // flake.nixosConfigurations // rec { pkgs = import ${nixpkgs} {}; lib = pkgs.lib; }'
''}";
};
# Available globally should this be needed in times of shenanigans
updateLocalFlakes = {
type = "app";
program = "${pkgs.update-local-flakes}/bin/update-local-flakes";
};
nixosRebuild = {
type = "app";
program = "${pkgs.writeShellScript "rebuild" ''${pkgs.writeShellApplication {
name = "rebuild";
runtimeInputs = with pkgs; [ nix-output-monitor nixos-rebuild ];
text = builtins.readFile ./os/rebuild.sh;
}}/bin/rebuild ${self} "$@"''}";
};
};
formatter = pkgs.nixfmt-rfc-style;
}
);
formatter = pkgs.nixfmt-rfc-style;
}
);
};
in
{
@ -165,5 +199,6 @@
modules = [ ./sprinkles/standin.nix ];
};
# TODO devices/ or configs/ folders
} // (lib.flakeTools { inherit self; });
}
// (lib.flakeTools { inherit self; });
}

137
hm/accounts/default.nix
View file

@ -1,15 +1,25 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
mkUserJs = with lib; prefs: extraPrefs: ''
// Generated by Geoffrey's dotfiles.
mkUserJs =
with lib;
prefs: extraPrefs: ''
// Generated by Geoffrey's dotfiles.
${concatStrings (mapAttrsToList (name: value: ''
user_pref("${name}", ${builtins.toJSON value});
'') prefs)}
${extraPrefs}
'';
${concatStrings (
mapAttrsToList (name: value: ''
user_pref("${name}", ${builtins.toJSON value});
'') prefs
)}
${extraPrefs}
'';
toThunderbirdCalendar = account:
toThunderbirdCalendar =
account:
let
id = builtins.hashString "sha256" account.name;
thunderbird = config.frogeye.accounts.calendar.accounts.${account.name};
@ -43,25 +53,29 @@ in
profiles.hm = {
isDefault = true;
withExternalGnupg = true;
extraConfig = mkUserJs
(lib.attrsets.mergeAttrsList (
# Add calendar config
(lib.mapAttrsToList (name: account: (toThunderbirdCalendar account)) config.accounts.calendar.accounts) ++
extraConfig = mkUserJs (lib.attrsets.mergeAttrsList (
# Add calendar config
(lib.mapAttrsToList (
name: account: (toThunderbirdCalendar account)
) config.accounts.calendar.accounts)
++
# Add config for every identity (kinda)
(lib.mapAttrsToList
(name: account: ({
# UPST Make signature be used in Thunderbird
"mail.identity.id_${builtins.hashString "sha256" account.address}.htmlSigText" = account.signature.text;
"mail.identity.id_${builtins.hashString "sha256" account.address}.compose_html" = false;
}))
config.accounts.email.accounts) ++
(lib.mapAttrsToList (name: account: ({
# UPST Make signature be used in Thunderbird
"mail.identity.id_${builtins.hashString "sha256" account.address}.htmlSigText" =
account.signature.text;
"mail.identity.id_${builtins.hashString "sha256" account.address}.compose_html" = false;
})) config.accounts.email.accounts)
++
# General settings
[{
"mail.pane_config.dynamic" = 0;
"intl.date_time.pattern_override.date_short" = "yyyy-MM-dd";
}]
[
{
"mail.pane_config.dynamic" = 0;
"intl.date_time.pattern_override.date_short" = "yyyy-MM-dd";
}
]
)) "";
)) "";
};
};
};
@ -69,40 +83,45 @@ in
options = {
frogeye.accounts.calendar.accounts = lib.mkOption {
default = { };
type = lib.types.attrsOf (lib.types.submodule ({ config, name, ... }: {
# TODO Set defaults as Thunderbird sets it
options = {
color = lib.mkOption {
type = lib.types.str;
default = "#5277c3";
};
refreshInterval = lib.mkOption {
type = lib.types.int;
default = 0; # 0 = Manual
};
readOnly = lib.mkOption {
type = lib.types.bool;
default = false;
};
showReminders = lib.mkOption {
type = lib.types.bool;
default = true;
};
offlineSupport = lib.mkOption {
type = lib.types.bool;
default = true;
};
email = lib.mkOption {
type = lib.types.str;
# TODO Nullable
# TODO Ensure it actually matches an email identity
};
clientSideEmailScheduling = lib.mkOption {
type = lib.types.bool;
default = false;
};
};
}));
type = lib.types.attrsOf (
lib.types.submodule (
{ config, name, ... }:
{
# TODO Set defaults as Thunderbird sets it
options = {
color = lib.mkOption {
type = lib.types.str;
default = "#5277c3";
};
refreshInterval = lib.mkOption {
type = lib.types.int;
default = 0; # 0 = Manual
};
readOnly = lib.mkOption {
type = lib.types.bool;
default = false;
};
showReminders = lib.mkOption {
type = lib.types.bool;
default = true;
};
offlineSupport = lib.mkOption {
type = lib.types.bool;
default = true;
};
email = lib.mkOption {
type = lib.types.str;
# TODO Nullable
# TODO Ensure it actually matches an email identity
};
clientSideEmailScheduling = lib.mkOption {
type = lib.types.bool;
default = false;
};
};
}
)
);
};
};
}

51
hm/brightness/default.nix
View file

@ -1,27 +1,46 @@
# Light theme during the day, dark theme during the night (not automatic)
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
phases = [
{ command = "jour"; specialisation = null; }
{ command = "crepuscule"; specialisation = "dark"; }
{ command = "nuit"; specialisation = "dark"; }
{
command = "jour";
specialisation = null;
}
{
command = "crepuscule";
specialisation = "dark";
}
{
command = "nuit";
specialisation = "dark";
}
];
mod = config.xsession.windowManager.i3.config.modifier;
in
{
config = {
home.packages = (map
(phase: (pkgs.writeShellScriptBin phase.command ''
switch="/nix/var/nix/profiles/system${lib.strings.optionalString (phase.specialisation != null) "/specialisation/${phase.specialisation}"}/bin/switch-to-configuration"
if [ -x "$switch" ]
then
sudo "$switch" test &
sudo "$switch" boot &
fi
${builtins.getAttr phase.command config.frogeye.desktop.phasesCommands}
wait
''))
phases) ++ (with pkgs; [
home.packages =
(map (
phase:
(pkgs.writeShellScriptBin phase.command ''
switch="/nix/var/nix/profiles/system${
lib.strings.optionalString (phase.specialisation != null) "/specialisation/${phase.specialisation}"
}/bin/switch-to-configuration"
if [ -x "$switch" ]
then
sudo "$switch" test &
sudo "$switch" boot &
fi
${builtins.getAttr phase.command config.frogeye.desktop.phasesCommands}
wait
'')
) phases)
++ (with pkgs; [
brightnessctl
]);
xsession.windowManager.i3.config.keybindings = {

65
hm/common.nix
View file

@ -1,4 +1,10 @@
{ pkgs, config, lib, labellenixpkgs, ... }:
{
pkgs,
config,
lib,
labellenixpkgs,
...
}:
let
labellepkgs = import labellenixpkgs { inherit (pkgs) system; };
in
@ -41,7 +47,6 @@ in
la = "lsd -la";
s = "sudo -s -E";
# Preference
wol = "wakeonlan"; # TODO Really, isn't wol better? Also wtf Arch aliases to pass because neither is installed anyways x)
mutt = "neomutt";
@ -73,13 +78,48 @@ in
};
colors = {
# Base16 only, so it reuses the current theme.
date = { day-old = 4; hour-old = 6; older = 5; };
git-status = { conflicted = 14; default = 13; deleted = 1; ignored = 13; modified = 3; new-in-index = 2; new-in-workdir = 2; renamed = 4; typechange = 3; unmodified = 13; };
date = {
day-old = 4;
hour-old = 6;
older = 5;
};
git-status = {
conflicted = 14;
default = 13;
deleted = 1;
ignored = 13;
modified = 3;
new-in-index = 2;
new-in-workdir = 2;
renamed = 4;
typechange = 3;
unmodified = 13;
};
group = 6;
inode = { invalid = 245; valid = 13; };
links = { invalid = 9; valid = 14; };
permission = { acl = 6; context = 14; exec = 1; exec-sticky = 5; no-access = 245; octal = 6; read = 2; write = 3; };
size = { large = 1; medium = 9; none = 11; small = 3; };
inode = {
invalid = 245;
valid = 13;
};
links = {
invalid = 9;
valid = 14;
};
permission = {
acl = 6;
context = 14;
exec = 1;
exec-sticky = 5;
no-access = 245;
octal = 6;
read = 2;
write = 3;
};
size = {
large = 1;
medium = 9;
none = 11;
small = 3;
};
tree-edge = 13;
user = 2;
};
@ -95,8 +135,13 @@ in
fzf = {
enable = true;
enableZshIntegration = true;
defaultOptions = [ "--height 40%" "--layout=default" ];
fileWidgetOptions = [ "--preview '[[ -d {} ]] && ${pkgs.coreutils}/bin/ls -l --color=always {} || [[ \$(${pkgs.file}/bin/file --mime {}) =~ binary ]] && ${pkgs.file}/bin/file --brief {} || (${pkgs.highlight}/bin/highlight -O ansi -l {} || coderay {} || rougify {} || ${pkgs.coreutils}/bin/cat {}) 2> /dev/null | head -500'" ];
defaultOptions = [
"--height 40%"
"--layout=default"
];
fileWidgetOptions = [
"--preview '[[ -d {} ]] && ${pkgs.coreutils}/bin/ls -l --color=always {} || [[ \$(${pkgs.file}/bin/file --mime {}) =~ binary ]] && ${pkgs.file}/bin/file --brief {} || (${pkgs.highlight}/bin/highlight -O ansi -l {} || coderay {} || rougify {} || ${pkgs.coreutils}/bin/cat {}) 2> /dev/null | head -500'"
];
# TODO Above not working... not really used either?
# file and friends are not in PATH by default... so here we want aboslute paths, which means those won't get reloaded. Meh.
};

24
hm/desktop/audio/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
pactl = "exec ${pkgs.pulseaudio}/bin/pactl"; # TODO Use NixOS package if using NixOS
mod = config.xsession.windowManager.i3.config.modifier;
@ -27,14 +32,13 @@ in
text = ''cookie-file = .config/pulse/pulse-cookie'';
};
};
xsession.windowManager.i3.config.keybindings =
{
"XF86AudioRaiseVolume" = "${pactl} set-sink-mute @DEFAULT_SINK@ false; ${pactl} set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "${pactl} set-sink-mute @DEFAULT_SINK@ false; ${pactl} set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" = "${pactl} set-sink-mute @DEFAULT_SINK@ true";
"${mod}+F8" = "${pactl} suspend-sink @DEFAULT_SINK@ 1; ${pactl} suspend-sink @DEFAULT_SINK@ 0"; # Re-synchronize bluetooth headset
"${mod}+F11" = "exec ${pkgs.pavucontrol}/bin/pwvucontrol";
# TODO Find pacmixer?
};
xsession.windowManager.i3.config.keybindings = {
"XF86AudioRaiseVolume" = "${pactl} set-sink-mute @DEFAULT_SINK@ false; ${pactl} set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "${pactl} set-sink-mute @DEFAULT_SINK@ false; ${pactl} set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" = "${pactl} set-sink-mute @DEFAULT_SINK@ true";
"${mod}+F8" = "${pactl} suspend-sink @DEFAULT_SINK@ 1; ${pactl} suspend-sink @DEFAULT_SINK@ 0"; # Re-synchronize bluetooth headset
"${mod}+F11" = "exec ${pkgs.pavucontrol}/bin/pwvucontrol";
# TODO Find pacmixer?
};
};
}

71
hm/desktop/autorandr/default.nix
View file

@ -1,10 +1,30 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
builtin_configs = [ "off" "common" "clone-largest" "horizontal" "vertical" "horizontal-reverse" "vertical-reverse" ];
autorandrmenu = { title, option, builtin ? false }: pkgs.writeShellScript "autorandrmenu"
''
builtin_configs = [
"off"
"common"
"clone-largest"
"horizontal"
"vertical"
"horizontal-reverse"
"vertical-reverse"
];
autorandrmenu =
{
title,
option,
builtin ? false,
}:
pkgs.writeShellScript "autorandrmenu" ''
shopt -s nullglob globstar
profiles="${if builtin then lib.strings.concatLines builtin_configs else ""}$(${pkgs.autorandr}/bin/autorandr | ${pkgs.gawk}/bin/awk '{ print $1 }')"
profiles="${
if builtin then lib.strings.concatLines builtin_configs else ""
}$(${pkgs.autorandr}/bin/autorandr | ${pkgs.gawk}/bin/awk '{ print $1 }')"
profile="$(echo "$profiles" | ${config.programs.rofi.package}/bin/rofi -dmenu -p "${title}")"
[[ -n "$profile" ]] || exit
${pkgs.autorandr}/bin/autorandr ${option} "$profile"
@ -13,17 +33,38 @@ in
{
config = lib.mkIf config.frogeye.desktop.xorg {
frogeye.desktop.i3.bindmodes = {
"Screen setup [A] Auto [L] Load [S] Save [R] Remove [D] Default" =
{
bindings = {
"a" = "exec ${pkgs.autorandr}/bin/autorandr --change --force, mode default";
"l" = "exec ${autorandrmenu {title="Load profile"; option="--load"; builtin = true;}}, mode default";
"s" = "exec ${autorandrmenu {title="Save profile"; option="--save";}}, mode default";
"r" = "exec ${autorandrmenu {title="Remove profile"; option="--remove";}}, mode default";
"d" = "exec ${autorandrmenu {title="Default profile"; option="--default"; builtin = true;}}, mode default";
};
mod_enter = "t";
"Screen setup [A] Auto [L] Load [S] Save [R] Remove [D] Default" = {
bindings = {
"a" = "exec ${pkgs.autorandr}/bin/autorandr --change --force, mode default";
"l" = "exec ${
autorandrmenu {
title = "Load profile";
option = "--load";
builtin = true;
}
}, mode default";
"s" = "exec ${
autorandrmenu {
title = "Save profile";
option = "--save";
}
}, mode default";
"r" = "exec ${
autorandrmenu {
title = "Remove profile";
option = "--remove";
}
}, mode default";
"d" = "exec ${
autorandrmenu {
title = "Default profile";
option = "--default";
builtin = true;
}
}, mode default";
};
mod_enter = "t";
};
};
programs.autorandr.enable = true;
services.autorandr.enable = true;

7
hm/desktop/background/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
{
config = {
# This correctly sets the background on some occasions, below does the rest

67
hm/desktop/browser/default.nix
View file

@ -1,4 +1,10 @@
{ pkgs, lib, config, nur, ... }:
{
pkgs,
lib,
config,
nur,
...
}:
{
config = lib.mkIf config.frogeye.desktop.xorg {
home.sessionVariables = {
@ -14,27 +20,25 @@
};
profiles.hm = {
extensions = with config.nur.repos.rycee.firefox-addons;
[
(buildFirefoxXpiAddon {
extensions = with config.nur.repos.rycee.firefox-addons; [
(buildFirefoxXpiAddon {
pname = "onetab";
version = "0.1.0";
addonId = "onetab@nated";
url = "https://addons.mozilla.org/firefox/downloads/file/4118712/one_tab_per_window-0.1.0.xpi";
sha256 = "sha256-64DeL2xgXpqz32LJWDx4jhS2Fvbld8re3z8fdwnNTw0=";
meta = with lib;
{
homepage = "https://git.sr.ht/~nated/onetab";
description = "When a new tab is opened, redirects it to a new window instead.";
license = licenses.unfree;
mozPermissions = [ "tabs" ];
platforms = platforms.all;
};
})
tridactyl
ublock-origin
];
pname = "onetab";
version = "0.1.0";
addonId = "onetab@nated";
url = "https://addons.mozilla.org/firefox/downloads/file/4118712/one_tab_per_window-0.1.0.xpi";
sha256 = "sha256-64DeL2xgXpqz32LJWDx4jhS2Fvbld8re3z8fdwnNTw0=";
meta = with lib; {
homepage = "https://git.sr.ht/~nated/onetab";
description = "When a new tab is opened, redirects it to a new window instead.";
license = licenses.unfree;
mozPermissions = [ "tabs" ];
platforms = platforms.all;
};
})
tridactyl
ublock-origin
];
search = {
default = "DuckDuckGo";
engines = {
@ -44,8 +48,14 @@
{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
{
name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
@ -53,7 +63,7 @@
definedAliases = [ "@np" ];
};
"NixOS Wiki" = {
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
urls = [ { template = "https://nixos.wiki/index.php?search={searchTerms}"; } ];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = [ "@nw" ];
@ -151,7 +161,14 @@
tls.certificate_errors = "ask-block-thirdparty";
javascript.clipboard = "access"; # copy-paste is fine
};
editor.command = [ "${pkgs.neovide}/bin/neovide" "--" "-f" "{file}" "-c" "normal {line}G{column0}l" ];
editor.command = [
"${pkgs.neovide}/bin/neovide"
"--"
"-f"
"{file}"
"-c"
"normal {line}G{column0}l"
];
# TODO Doesn't work on Arch. Does it even load the right profile on Nix?
# TODO spellcheck.languages = ["fr-FR" "en-GB" "en-US"];
};

118
hm/desktop/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
{
imports = [
./audio
@ -52,7 +57,10 @@
hwdec = "auto-safe";
profile = "gpu-hq";
};
scripts = with pkgs.mpvScripts; [ thumbnail mpris ];
scripts = with pkgs.mpvScripts; [
thumbnail
mpris
];
scriptOpts = {
mpv_thumbnail_script = {
autogenerate = false; # TODO It creates too many processes at once, crashing the system
@ -66,68 +74,86 @@
xdg = {
userDirs =
let
wellKnownUserDirs = [ "desktop" "documents" "download" "music" "pictures" "publicShare" "templates" "videos" ];
wellKnownUserDirsNulled = builtins.listToAttrs (builtins.map (name: { inherit name; value = null; }) wellKnownUserDirs);
wellKnownUserDirs = [
"desktop"
"documents"
"download"
"music"
"pictures"
"publicShare"
"templates"
"videos"
];
wellKnownUserDirsNulled = builtins.listToAttrs (
builtins.map (name: {
inherit name;
value = null;
}) wellKnownUserDirs
);
allFolders = builtins.attrValues config.frogeye.folders;
folders = builtins.filter (folder: folder.xdgUserDirVariable != null && folder.user == config.home.username) allFolders;
folders = builtins.filter (
folder: folder.xdgUserDirVariable != null && folder.user == config.home.username
) allFolders;
in
{
enable = true;
createDirectories = true;
extraConfig = builtins.listToAttrs (builtins.map
(folder: {
extraConfig = builtins.listToAttrs (
builtins.map (folder: {
name = folder.xdgUserDirVariable;
value = "${config.home.homeDirectory}/${folder.path}";
})
folders);
} // wellKnownUserDirsNulled; # Don't use defaults dirs
}) folders
);
}
// wellKnownUserDirsNulled; # Don't use defaults dirs
};
services = {
blueman-applet.enable = true;
unclutter.enable = true;
dunst =
{
enable = true;
settings =
# TODO Change dmenu for rofi, so we can use context
with config.lib.stylix.colors.withHashtag; {
global = {
separator_color = lib.mkForce base05;
idle_threshold = 120;
markup = "full";
max_icon_size = 48;
# TODO Those shortcuts don't seem to work, maybe try:
# > define shortcuts inside your window manager and bind them to dunstctl(1) commands
close_all = "ctrl+mod4+n";
close = "mod4+n";
context = "mod1+mod4+n";
history = "shift+mod4+n";
};
urgency_low = {
background = lib.mkForce base01;
foreground = lib.mkForce base03;
frame_color = lib.mkForce base05;
};
urgency_normal = {
background = lib.mkForce base02;
foreground = lib.mkForce base05;
frame_color = lib.mkForce base05;
};
urgency_critical = {
background = lib.mkForce base08;
foreground = lib.mkForce base06;
frame_color = lib.mkForce base05;
};
dunst = {
enable = true;
settings =
# TODO Change dmenu for rofi, so we can use context
with config.lib.stylix.colors.withHashtag; {
global = {
separator_color = lib.mkForce base05;
idle_threshold = 120;
markup = "full";
max_icon_size = 48;
# TODO Those shortcuts don't seem to work, maybe try:
# > define shortcuts inside your window manager and bind them to dunstctl(1) commands
close_all = "ctrl+mod4+n";
close = "mod4+n";
context = "mod1+mod4+n";
history = "shift+mod4+n";
};
};
urgency_low = {
background = lib.mkForce base01;
foreground = lib.mkForce base03;
frame_color = lib.mkForce base05;
};
urgency_normal = {
background = lib.mkForce base02;
foreground = lib.mkForce base05;
frame_color = lib.mkForce base05;
};
urgency_critical = {
background = lib.mkForce base08;
foreground = lib.mkForce base06;
frame_color = lib.mkForce base05;
};
};
};
};
home = {
file = {
".face" = {
# TODO Only works on pindakaas? See https://wiki.archlinux.org/title/LightDM#Changing_your_avatar
source = pkgs.runCommand "face.png" { } "${pkgs.inkscape}/bin/inkscape ${./face.svg} -w 1024 -o $out";
source =
pkgs.runCommand "face.png" { }
"${pkgs.inkscape}/bin/inkscape ${./face.svg} -w 1024 -o $out";
};
};
packages = with pkgs; [

37
hm/desktop/frobar/default.nix
View file

@ -1,17 +1,25 @@
{ pkgs ? import <nixpkgs> { config = { }; overlays = [ ]; }, ... }:
{
pkgs ? import <nixpkgs> {
config = { };
overlays = [ ];
},
...
}:
let
lemonbar = (pkgs.lemonbar-xft.overrideAttrs (old: {
src = pkgs.fetchFromGitHub {
owner = "drscream";
repo = "lemonbar-xft";
rev = "a64a2a6a6d643f4d92f9d7600722710eebce7bdb";
sha256 = "sha256-T5FhEPIiDt/9paJwL9Sj84CBtA0YFi1hZz0+87Hd6jU=";
# https://github.com/drscream/lemonbar-xft/pull/2
};
}));
lemonbar = (
pkgs.lemonbar-xft.overrideAttrs (old: {
src = pkgs.fetchFromGitHub {
owner = "drscream";
repo = "lemonbar-xft";
rev = "a64a2a6a6d643f4d92f9d7600722710eebce7bdb";
sha256 = "sha256-T5FhEPIiDt/9paJwL9Sj84CBtA0YFi1hZz0+87Hd6jU=";
# https://github.com/drscream/lemonbar-xft/pull/2
};
})
);
in
# Tried using pyproject.nix but mpd2 dependency wouldn't resolve,
# is called pyton-mpd2 on PyPi but mpd2 in nixpkgs.
# is called pyton-mpd2 on PyPi but mpd2 in nixpkgs.
pkgs.python3Packages.buildPythonApplication rec {
pname = "frobar";
version = "2.0";
@ -25,7 +33,12 @@ pkgs.python3Packages.buildPythonApplication rec {
pulsectl
pyinotify
];
nativeBuildInputs = [ lemonbar ] ++ (with pkgs; [ wirelesstools playerctl ]);
nativeBuildInputs =
[ lemonbar ]
++ (with pkgs; [
wirelesstools
playerctl
]);
makeWrapperArgs = [ "--prefix PATH : ${pkgs.lib.makeBinPath nativeBuildInputs}" ];
src = ./.;

13
hm/desktop/frobar/module.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.desktop.xorg {
xsession.windowManager.i3.config.bars = [ ];
@ -15,10 +20,12 @@
Service = {
# Wait for i3 to start. Can't use ExecStartPre because otherwise it blocks graphical-session.target, and there's nothing i3/systemd
# TODO Do that better
ExecStart = ''${pkgs.bash}/bin/bash -c "while ! ${pkgs.i3}/bin/i3-msg; do ${pkgs.coreutils}/bin/sleep 1; done; ${pkgs.callPackage ./. {}}/bin/frobar"'';
ExecStart = ''${pkgs.bash}/bin/bash -c "while ! ${pkgs.i3}/bin/i3-msg; do ${pkgs.coreutils}/bin/sleep 1; done; ${pkgs.callPackage ./. { }}/bin/frobar"'';
};
Install = { WantedBy = [ "graphical-session.target" ]; };
Install = {
WantedBy = [ "graphical-session.target" ];
};
};
};
}

261
hm/desktop/i3.nix
View file

@ -1,33 +1,59 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
# FOCUS
focus = "exec ${ pkgs.writeShellScript "i3-focus-window" ''
focus = "exec ${pkgs.writeShellScript "i3-focus-window" ''
WINDOW=`${pkgs.xdotool}/bin/xdotool getwindowfocus`
eval `${pkgs.xdotool}/bin/xdotool getwindowgeometry --shell $WINDOW` # this brings in variables WIDTH and HEIGHT
TX=`${pkgs.coreutils}/bin/expr $WIDTH / 2`
TY=`${pkgs.coreutils}/bin/expr $HEIGHT / 2`
${pkgs.xdotool}/bin/xdotool mousemove -window $WINDOW $TX $TY
''
}";
''}";
# CARDINALS
cardinals = [
{ vi = "h"; arrow = "Left"; container = "left"; workspace = "prev_on_output"; output = "left"; }
{ vi = "l"; arrow = "Right"; container = "right"; workspace = "next_on_output"; output = "right"; }
{ vi = "j"; arrow = "Down"; container = "down"; workspace = "prev"; output = "below"; }
{ vi = "k"; arrow = "Up"; container = "up"; workspace = "next"; output = "above"; }
{
vi = "h";
arrow = "Left";
container = "left";
workspace = "prev_on_output";
output = "left";
}
{
vi = "l";
arrow = "Right";
container = "right";
workspace = "next_on_output";
output = "right";
}
{
vi = "j";
arrow = "Down";
container = "down";
workspace = "prev";
output = "below";
}
{
vi = "k";
arrow = "Up";
container = "up";
workspace = "next";
output = "above";
}
];
forEachCardinal = f: map (c: f c) cardinals;
# WORKSPACES
workspaces_keys = lib.strings.stringToCharacters "1234567890";
workspaces = map
(i: {
id = i;
name = builtins.toString (i + 1);
key = builtins.elemAt workspaces_keys i;
})
(lib.lists.range 0 ((builtins.length workspaces_keys) - 1));
workspaces = map (i: {
id = i;
name = builtins.toString (i + 1);
key = builtins.elemAt workspaces_keys i;
}) (lib.lists.range 0 ((builtins.length workspaces_keys) - 1));
forEachWorkspace = f: map (w: f w) workspaces;
# MISC
@ -54,13 +80,47 @@ in
names = [ config.stylix.fonts.sansSerif.name ];
};
terminal = "alacritty";
colors = let ignore = "#ff00ff"; in
with config.lib.stylix.colors.withHashtag; lib.mkForce {
focused = { border = base0B; background = base0B; text = base00; indicator = base00; childBorder = base0B; };
focusedInactive = { border = base02; background = base02; text = base05; indicator = base02; childBorder = base02; };
unfocused = { border = base05; background = base04; text = base00; indicator = base04; childBorder = base00; };
urgent = { border = base0F; background = base08; text = base00; indicator = base08; childBorder = base0F; };
placeholder = { border = ignore; background = base00; text = base05; indicator = ignore; childBorder = base00; };
colors =
let
ignore = "#ff00ff";
in
with config.lib.stylix.colors.withHashtag;
lib.mkForce {
focused = {
border = base0B;
background = base0B;
text = base00;
indicator = base00;
childBorder = base0B;
};
focusedInactive = {
border = base02;
background = base02;
text = base05;
indicator = base02;
childBorder = base02;
};
unfocused = {
border = base05;
background = base04;
text = base00;
indicator = base04;
childBorder = base00;
};
urgent = {
border = base0F;
background = base08;
text = base00;
indicator = base08;
childBorder = base0F;
};
placeholder = {
border = ignore;
background = base00;
text = base05;
indicator = ignore;
childBorder = base00;
};
background = base07;
# I set the color of the active tab as the the background color of the terminal so they merge together.
};
@ -82,12 +142,10 @@ in
# Start Applications
"${mod}+p" = "exec ${pkgs.xfce.thunar}/bin/thunar";
# Misc
"${mod}+F10" = "exec ${ pkgs.writeShellScript "show-keyboard-layout"
''
layout=`${pkgs.xorg.setxkbmap}/bin/setxkbmap -query | ${pkgs.gnugrep}/bin/grep ^layout: | ${pkgs.gawk}/bin/awk '{ print $2 }'`
${pkgs.libgnomekbd}/bin/gkbd-keyboard-display -l $layout
''
}";
"${mod}+F10" = "exec ${pkgs.writeShellScript "show-keyboard-layout" ''
layout=`${pkgs.xorg.setxkbmap}/bin/setxkbmap -query | ${pkgs.gnugrep}/bin/grep ^layout: | ${pkgs.gawk}/bin/awk '{ print $2 }'`
${pkgs.libgnomekbd}/bin/gkbd-keyboard-display -l $layout
''}";
# workspace back and forth (with/without active container)
"${mod}+b" = "workspace back_and_forth; ${focus}";
"${mod}+Shift+b" = "move container to workspace back_and_forth; workspace back_and_forth; ${focus}";
@ -107,38 +165,55 @@ in
"${mod}+Shift+c" = "reload";
"${mod}+Shift+r" = "restart";
"${mod}+Shift+e" = "exit";
} // lib.mapAttrs' (k: v: lib.nameValuePair v.enter "mode ${v.name}") (lib.filterAttrs (k: v: v.enter != null) modes)
// lib.attrsets.mergeAttrsList (forEachCardinal (c: {
# change focus
"${mod}+${c.vi}" = "focus ${c.container}; ${focus}";
# move focused window
"${mod}+Shift+${c.vi}" = "move ${c.container}; ${focus}";
#navigate workspaces next / previous
"${mod}+Ctrl+${c.vi}" = "workspace ${c.workspace}; ${focus}";
# Move to workspace next / previous with focused container
"${mod}+Ctrl+Shift+${c.vi}" = "move container to workspace ${c.workspace}; workspace ${c.workspace}; ${focus}";
# move workspaces to screen (arrow keys)
"${mod}+Ctrl+Shift+${c.arrow}" = "move workspace to output ${c.output}; ${focus}";
})) // lib.attrsets.mergeAttrsList (forEachWorkspace (w: {
# Switch to workspace
"${mod}+${w.key}" = "workspace ${w.name}; ${focus}";
# move focused container to workspace
"${mod}+ctrl+${w.key}" = "move container to workspace ${w.name}; ${focus}";
# move to workspace with focused container
"${mod}+shift+${w.key}" = "move container to workspace ${w.name}; workspace ${w.name}; ${focus}";
}));
modes = lib.mapAttrs'
(k: v: lib.nameValuePair v.name (v.bindings // lib.optionalAttrs v.return_bindings {
"Return" = "mode default";
"Escape" = "mode default";
}))
modes;
}
// lib.mapAttrs' (k: v: lib.nameValuePair v.enter "mode ${v.name}") (
lib.filterAttrs (k: v: v.enter != null) modes
)
// lib.attrsets.mergeAttrsList (
forEachCardinal (c: {
# change focus
"${mod}+${c.vi}" = "focus ${c.container}; ${focus}";
# move focused window
"${mod}+Shift+${c.vi}" = "move ${c.container}; ${focus}";
#navigate workspaces next / previous
"${mod}+Ctrl+${c.vi}" = "workspace ${c.workspace}; ${focus}";
# Move to workspace next / previous with focused container
"${mod}+Ctrl+Shift+${c.vi}" = "move container to workspace ${c.workspace}; workspace ${c.workspace}; ${focus}";
# move workspaces to screen (arrow keys)
"${mod}+Ctrl+Shift+${c.arrow}" = "move workspace to output ${c.output}; ${focus}";
})
)
// lib.attrsets.mergeAttrsList (
forEachWorkspace (w: {
# Switch to workspace
"${mod}+${w.key}" = "workspace ${w.name}; ${focus}";
# move focused container to workspace
"${mod}+ctrl+${w.key}" = "move container to workspace ${w.name}; ${focus}";
# move to workspace with focused container
"${mod}+shift+${w.key}" = "move container to workspace ${w.name}; workspace ${w.name}; ${focus}";
})
);
modes = lib.mapAttrs' (
k: v:
lib.nameValuePair v.name (
v.bindings
// lib.optionalAttrs v.return_bindings {
"Return" = "mode default";
"Escape" = "mode default";
}
)
) modes;
window = {
hideEdgeBorders = "both";
titlebar = false; # So that single-container screens are basically almost fullscreen
commands = [
# switch to workspace with urgent window automatically
{ criteria = { urgent = "latest"; }; command = "focus"; }
{
criteria = {
urgent = "latest";
};
command = "focus";
}
];
};
floating = {
@ -150,19 +225,26 @@ in
startup = [
{
notification = false;
command = "${pkgs.writeShellApplication {
name = "batteryNotify";
runtimeInputs = with pkgs; [coreutils libnotify];
text = builtins.readFile ./batteryNotify.sh;
# TODO Use batsignal instead?
# TODO Only on computers with battery
}}/bin/batteryNotify";
command = "${
pkgs.writeShellApplication {
name = "batteryNotify";
runtimeInputs = with pkgs; [
coreutils
libnotify
];
text = builtins.readFile ./batteryNotify.sh;
# TODO Use batsignal instead?
# TODO Only on computers with battery
}
}/bin/batteryNotify";
}
];
workspaceLayout = "tabbed";
focus.mouseWarping = true; # i3 only supports warping to workspace, hence ${focus}
workspaceOutputAssign =
forEachWorkspace (w: { output = builtins.elemAt x11_screens (lib.mod w.id (builtins.length x11_screens)); workspace = w.name; });
workspaceOutputAssign = forEachWorkspace (w: {
output = builtins.elemAt x11_screens (lib.mod w.id (builtins.length x11_screens));
workspace = w.name;
});
};
frogeye.desktop.i3.bindmodes = {
"Resize" = {
@ -190,29 +272,34 @@ in
options = {
frogeye.desktop.i3.bindmodes = lib.mkOption {
default = { };
type = lib.types.attrsOf (lib.types.submodule ({ config, name, ... }: {
options = {
name = lib.mkOption {
type = lib.types.str;
default = name;
};
bindings = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = { };
};
enter = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = "${mod}+${config.mod_enter}";
};
mod_enter = lib.mkOption {
type = lib.types.str;
};
return_bindings = lib.mkOption {
type = lib.types.bool;
default = true;
};
};
}));
type = lib.types.attrsOf (
lib.types.submodule (
{ config, name, ... }:
{
options = {
name = lib.mkOption {
type = lib.types.str;
default = name;
};
bindings = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = { };
};
enter = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = "${mod}+${config.mod_enter}";
};
mod_enter = lib.mkOption {
type = lib.types.str;
};
return_bindings = lib.mkOption {
type = lib.types.bool;
default = true;
};
};
}
)
);
};
};
}

24
hm/desktop/lock/default.nix
View file

@ -1,8 +1,17 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
# lockColors = with config.lib.stylix.colors.withHashtag; { a = base00; b = base01; d = base00; }; # Black or White, depending on current theme
# lockColors = with config.lib.stylix.colors.withHashtag; { a = base0A; b = base0B; d = base00; }; # Green + Yellow
lockColors = { a = "#82a401"; b = "#466c01"; d = "#648901"; }; # Old
lockColors = {
a = "#82a401";
b = "#466c01";
d = "#648901";
}; # Old
lockSvg = pkgs.writeText "lock.svg" ''
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 50 50" height="50" width="50">
<path fill="${lockColors.a}" d="M0 50h50V0H0z"/>
@ -34,7 +43,9 @@ in
}
trap revert SIGHUP SIGINT SIGTERM
${pkgs.xorg.xset}/bin/xset dpms 5 5 5
${pkgs.i3lock}/bin/i3lock --nofork --color ${builtins.substring 1 6 lockColors.d} --image="$pattern" --tiling --ignore-empty-password
${pkgs.i3lock}/bin/i3lock --nofork --color ${
builtins.substring 1 6 lockColors.d
} --image="$pattern" --tiling --ignore-empty-password
revert
fi
'';
@ -61,10 +72,13 @@ in
};
startup = [
# Stop screen after 10 minutes, 1 minutes after lock it
{ notification = false; command = "${pkgs.writeShellScript "xautolock-start" ''
{
notification = false;
command = "${pkgs.writeShellScript "xautolock-start" ''
echo enabled > ${xautolockState}
${pkgs.xautolock}/bin/xautolock -time 10 -locker '${pkgs.xorg.xset}/bin/xset dpms force standby' -killtime 1 -killer xlock
''}"; }
''}";
}
# services.screen-locker.xautolock is hardcoded to use systemd for -locker (doesn't even work...)
];
};

18
hm/desktop/mpd/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.desktop.xorg {
home = {
@ -53,11 +58,10 @@
};
};
};
xsession.windowManager.i3.config.keybindings =
{
"XF86AudioPrev" = "exec ${lib.getExe pkgs.playerctl} previous";
"XF86AudioPlay" = "exec ${lib.getExe pkgs.playerctl} play-pause";
"XF86AudioNext" = "exec ${lib.getExe pkgs.playerctl} next";
};
xsession.windowManager.i3.config.keybindings = {
"XF86AudioPrev" = "exec ${lib.getExe pkgs.playerctl} previous";
"XF86AudioPlay" = "exec ${lib.getExe pkgs.playerctl} play-pause";
"XF86AudioNext" = "exec ${lib.getExe pkgs.playerctl} next";
};
};
}

23
hm/desktop/presentation/default.nix
View file

@ -2,7 +2,12 @@
# Not tested since Nix.
# Config mentions pdfpc, although the last thing I used was Impressive, even made patches to it.
# UPST Add Impressive to nixpkgs
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
mode_pres_main = "Presentation (main display)";
mode_pres_sec = "Presentation (secondary display)";
@ -31,8 +36,20 @@ in
};
xsession.windowManager.i3.config.window.commands = [
# Open specific applications in floating mode
{ criteria = { title = "^pdfpc.*"; window_role = "presenter"; }; command = "move to output left, fullscreen"; }
{ criteria = { title = "^pdfpc.*"; window_role = "presentation"; }; command = "move to output right, fullscreen"; }
{
criteria = {
title = "^pdfpc.*";
window_role = "presenter";
};
command = "move to output left, fullscreen";
}
{
criteria = {
title = "^pdfpc.*";
window_role = "presentation";
};
command = "move to output right, fullscreen";
}
];
};

18
hm/desktop/redness/default.nix
View file

@ -1,12 +1,16 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
# UPST
sct = pkgs.sct.overrideAttrs
(old: {
patches = (old.patches or [ ]) ++ [
./sct_aarch64.patch
];
});
sct = pkgs.sct.overrideAttrs (old: {
patches = (old.patches or [ ]) ++ [
./sct_aarch64.patch
];
});
in
{
config = lib.mkIf config.frogeye.desktop.xorg {

7
hm/desktop/screenshots/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
dir = config.xdg.userDirs.extraConfig.XDG_SCREENSHOTS_DIR;
scrot = "${pkgs.scrot}/bin/scrot --exec '${pkgs.coreutils}/bin/mv $f ${dir}/ && ${pkgs.optipng}/bin/optipng ${dir}/$f'";

94
hm/desktop/terminal/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
mod = config.xsession.windowManager.i3.config.modifier;
in
@ -23,10 +28,28 @@ in
bell = {
animation = "EaseOutExpo";
color = "#000000";
command = { program = "${pkgs.sox}/bin/play"; args = [ "-n" "synth" "sine" "C5" "sine" "E4" "remix" "1-2" "fade" "0.1" "0.2" "0.1" ]; };
command = {
program = "${pkgs.sox}/bin/play";
args = [
"-n"
"synth"
"sine"
"C5"
"sine"
"E4"
"remix"
"1-2"
"fade"
"0.1"
"0.2"
"0.1"
];
};
duration = 100;
};
cursor = { vi_mode_style = "Underline"; };
cursor = {
vi_mode_style = "Underline";
};
env = {
WINIT_X11_SCALE_FACTOR = "1";
# Prevents Alacritty from resizing from one monitor to another.
@ -35,23 +58,68 @@ in
hints = {
enabled = [
{
binding = { mods = "Control|Alt"; key = "F"; };
binding = {
mods = "Control|Alt";
key = "F";
};
command = "${pkgs.xdg-utils}/bin/xdg-open";
mouse = { enabled = true; mods = "Control"; };
mouse = {
enabled = true;
mods = "Control";
};
post_processing = true;
regex = "(mailto:|gemini:|gopher:|https:|http:|news:|file:|git:|ssh:|ftp:)[^\\u0000-\\u001F\\u007F-\\u009F<>\"\\\\s{-}\\\\^`]+";
}
];
};
keyboard.bindings = [
{ mode = "~Search"; mods = "Alt|Control"; key = "Space"; action = "ToggleViMode"; }
{ mode = "Vi|~Search"; mods = "Control"; key = "K"; action = "ScrollHalfPageUp"; }
{ mode = "Vi|~Search"; mods = "Control"; key = "J"; action = "ScrollHalfPageDown"; }
{ mode = "~Vi"; mods = "Control|Alt"; key = "V"; action = "Paste"; }
{ mods = "Control|Alt"; key = "C"; action = "Copy"; }
{ mode = "~Search"; mods = "Control|Alt"; key = "F"; action = "SearchForward"; }
{ mode = "~Search"; mods = "Control|Alt"; key = "B"; action = "SearchBackward"; }
{ mode = "Vi|~Search"; mods = "Control|Alt"; key = "C"; action = "ClearSelection"; }
{
mode = "~Search";
mods = "Alt|Control";
key = "Space";
action = "ToggleViMode";
}
{
mode = "Vi|~Search";
mods = "Control";
key = "K";
action = "ScrollHalfPageUp";
}
{
mode = "Vi|~Search";
mods = "Control";
key = "J";
action = "ScrollHalfPageDown";
}
{
mode = "~Vi";
mods = "Control|Alt";
key = "V";
action = "Paste";
}
{
mods = "Control|Alt";
key = "C";
action = "Copy";
}
{
mode = "~Search";
mods = "Control|Alt";
key = "F";
action = "SearchForward";
}
{
mode = "~Search";
mods = "Control|Alt";
key = "B";
action = "SearchBackward";
}
{
mode = "Vi|~Search";
mods = "Control|Alt";
key = "C";
action = "ClearSelection";
}
];
window = {
dynamic_padding = false;

7
hm/dev/c.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.dev.c {
frogeye = {

104
hm/dev/common.nix
View file

@ -1,64 +1,74 @@
{ pkgs, config, ... }: {
{ pkgs, config, ... }:
{
# TODO Maybe should be per-directory dotenv
# Or not, for neovim
config = {
# Always on
home.packages = with pkgs; [
# Common
perf-tools
jq
yq
universal-ctags
cloc
home.packages =
with pkgs;
[
# Common
perf-tools
jq
yq
universal-ctags
cloc
# Network
socat
dig
whois
nmap
tcpdump
mtr
traceroute
# Network
socat
dig
whois
nmap
tcpdump
mtr
traceroute
# nix
lix
nixfmt-rfc-style
# nix
lix
nixfmt-rfc-style
# Always on (graphical)
] ++ lib.optionals config.frogeye.desktop.xorg [
# Common
# zeal-qt6 # Offline documentation
sqlitebrowser
# Always on (graphical)
]
++ lib.optionals config.frogeye.desktop.xorg [
# Common
# zeal-qt6 # Offline documentation
sqlitebrowser
# Network
wireshark-qt
# Network
wireshark-qt
# Ansible
] ++ lib.optionals config.frogeye.dev.ansible [
ansible
ansible-lint
# Ansible
]
++ lib.optionals config.frogeye.dev.ansible [
ansible
ansible-lint
# Docker
] ++ lib.optionals config.frogeye.dev.docker [
docker
docker-compose
# Docker
]
++ lib.optionals config.frogeye.dev.docker [
docker
docker-compose
# FPGA
] ++ lib.optionals config.frogeye.dev.fpga [
verilog
# FPGA
]
++ lib.optionals config.frogeye.dev.fpga [
verilog
] ++ lib.optionals (config.frogeye.dev.fpga && pkgs.stdenv.isx86_64) [
ghdl
]
++ lib.optionals (config.frogeye.dev.fpga && pkgs.stdenv.isx86_64) [
ghdl
# FPGA (graphical)
] ++ lib.optionals (config.frogeye.desktop.xorg && config.frogeye.dev.fpga) [
yosys
gtkwave
# FPGA (graphical)
]
++ lib.optionals (config.frogeye.desktop.xorg && config.frogeye.dev.fpga) [
yosys
gtkwave
# VM (graphical)
] ++ lib.optionals (config.frogeye.desktop.xorg && config.frogeye.dev.vm) [
virt-manager
];
# VM (graphical)
]
++ lib.optionals (config.frogeye.desktop.xorg && config.frogeye.dev.vm) [
virt-manager
];
programs.nixvim.plugins.lsp.servers = {
ansiblels.enable = config.frogeye.dev.ansible; # Ansible

3
hm/dev/default.nix
View file

@ -1,4 +1,5 @@
{ pkgs, config, ... }: {
{ pkgs, config, ... }:
{
imports = [
./c.nix
./common.nix

7
hm/dev/go.nix
View file

@ -1,5 +1,10 @@
# Untested post-nix
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.dev.go {
frogeye = {

7
hm/dev/node.nix
View file

@ -1,5 +1,10 @@
# Untested post-nix
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.dev.node {
frogeye = {

23
hm/dev/prose.nix
View file

@ -1,5 +1,10 @@
# Prose is a programming language, fight me
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.dev.prose {
home = {
@ -15,12 +20,18 @@
programs.nixvim = {
autoCmd = [
# vim-easy-align: Align Markdown tables with |
{ event = "FileType"; pattern = "markdown"; command = "vmap <Bar> :EasyAlign*<Bar><Enter>"; }
];
extraPlugins = with pkgs.vimPlugins; lib.optionals config.programs.pandoc.enable [
vim-pandoc # Pandoc-specific stuff because there's no LSP for it
vim-pandoc-syntax
{
event = "FileType";
pattern = "markdown";
command = "vmap <Bar> :EasyAlign*<Bar><Enter>";
}
];
extraPlugins =
with pkgs.vimPlugins;
lib.optionals config.programs.pandoc.enable [
vim-pandoc # Pandoc-specific stuff because there's no LSP for it
vim-pandoc-syntax
];
extraConfigVim = lib.optionalString config.programs.pandoc.enable ''
let g:pandoc#modules#disabled = ["folding"]
let g:pandoc#spell#enabled = 0

7
hm/dev/python.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.dev.python {
home = {

95
hm/extra/default.nix
View file

@ -1,4 +1,10 @@
{ pkgs, lib, config, onixpkgs, ... }:
{
pkgs,
lib,
config,
onixpkgs,
...
}:
let
opkgs = import onixpkgs { inherit (pkgs) system; };
in
@ -18,54 +24,61 @@ in
};
};
};
home.packages = with pkgs; ([
# android tools
android-tools
home.packages =
with pkgs;
(
[
# android tools
android-tools
# Communication
signal-desktop
(opkgs.callPackage ./whisperx.nix { }) # Transcribe voice messages
# Communication
signal-desktop
(opkgs.callPackage ./whisperx.nix { }) # Transcribe voice messages
# downloading
# transmission TODO Collision if both transmissions are active?
# downloading
# transmission TODO Collision if both transmissions are active?
# Multimedia toolbox
ffmpeg
# Multimedia toolbox
ffmpeg
# documents
visidata
# texlive.combined.scheme-full
# TODO Convert existing LaTeX documents into using Nix build system
# texlive is big and not that much used, sooo
pdftk
pdfgrep
# documents
visidata
# texlive.combined.scheme-full
# TODO Convert existing LaTeX documents into using Nix build system
# texlive is big and not that much used, sooo
pdftk
pdfgrep
# Misc
haskellPackages.dice
rustdesk-flutter
# Misc
haskellPackages.dice
rustdesk-flutter
] ++ lib.optionals config.frogeye.desktop.xorg [
]
++ lib.optionals config.frogeye.desktop.xorg [
# multimedia editors
darktable
puddletag
audacity
xournalpp
krita
# multimedia editors
darktable
puddletag
audacity
xournalpp
krita
# downloading
transmission_4-qt
# wine only makes sense on x86_64
] ++ lib.optionals pkgs.stdenv.isx86_64 [
wine
# TODO wine-gecko wine-mono lib32-libpulse (?)
# downloading
transmission_4-qt
# wine only makes sense on x86_64
]
++ lib.optionals pkgs.stdenv.isx86_64 [
wine
# TODO wine-gecko wine-mono lib32-libpulse (?)
] ++ lib.optionals (!stdenv.isAarch64) [
# Musescore is broken on aarch64
musescore
# Blender 4.0.1 can't compile on aarch64
# https://hydra.nixos.org/job/nixos/release-23.11/nixpkgs.blender.aarch64-linux
blender
]);
]
++ lib.optionals (!stdenv.isAarch64) [
# Musescore is broken on aarch64
musescore
# Blender 4.0.1 can't compile on aarch64
# https://hydra.nixos.org/job/nixos/release-23.11/nixpkgs.blender.aarch64-linux
blender
]
);
};
}

5
hm/extra/whisperx.nix
View file

@ -1,4 +1,6 @@
{ pkgs ? import <nixpkgs> { } }:
{
pkgs ? import <nixpkgs> { },
}:
pkgs.python3Packages.buildPythonPackage {
pname = "whisperx";
version = "2024-08-19";
@ -34,4 +36,3 @@ pkgs.python3Packages.buildPythonPackage {
"whisperx"
];
}

7
hm/gaming/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.gaming {
# Using config.nixpkgs.<something> creates an infinite recursion,

50
hm/git/default.nix
View file

@ -1,16 +1,21 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
cfg = config.programs.git;
in
{
config = lib.mkIf cfg.enable {
home.packages = [
(pkgs.callPackage ./jjui.nix {})
(pkgs.callPackage ./jjui.nix { })
(pkgs.writeShellApplication {
name = "git-sync";
text = (lib.strings.concatLines
(map
(r: ''
text = (
lib.strings.concatLines (
map (r: ''
echo "===== ${r.path}"
if [ ! -d "${r.path}" ]
then
@ -32,8 +37,7 @@ in
fi
)
fi
'')
(lib.attrsets.attrValues config.services.git-sync.repositories)
'') (lib.attrsets.attrValues config.services.git-sync.repositories)
)
);
})
@ -63,22 +67,24 @@ in
lfs.enable = true;
userEmail = lib.mkDefault "geoffrey@frogeye.fr";
userName = lib.mkDefault "Geoffrey Frogeye";
extraConfig = {
core = {
editor = "nvim";
extraConfig =
{
core = {
editor = "nvim";
};
push = {
default = "matching";
};
pull = {
ff = "only";
};
}
// lib.optionalAttrs config.frogeye.desktop.xorg {
diff.tool = "meld";
difftool.prompt = false;
"difftool \"meld\"".cmd = "${pkgs.meld}/bin/meld \"$LOCAL\" \"$REMOTE\"";
# This escapes quotes, which isn't the case in the original, hoping this isn't an issue.
};
push = {
default = "matching";
};
pull = {
ff = "only";
};
} // lib.optionalAttrs config.frogeye.desktop.xorg {
diff.tool = "meld";
difftool.prompt = false;
"difftool \"meld\"".cmd = "${pkgs.meld}/bin/meld \"$LOCAL\" \"$REMOTE\"";
# This escapes quotes, which isn't the case in the original, hoping this isn't an issue.
};
};
jujutsu = {
enable = true;

25
hm/gpg/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.programs.gpg.enable {
frogeye.hooks.lock = ''
@ -26,13 +31,15 @@
default-preference-list = "SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
personal-cipher-preferences = "TWOFISH CAMELLIA256 AES 3DES";
};
publicKeys = [{
source = builtins.fetchurl {
url = "https://keys.openpgp.org/vks/v1/by-fingerprint/4FBA930D314A03215E2CDB0A8312C8CAC1BAC289";
sha256 = "sha256:10y9xqcy1vyk2p8baay14p3vwdnlwynk0fvfbika65hz2z8yw2cm";
};
trust = "ultimate";
}];
publicKeys = [
{
source = builtins.fetchurl {
url = "https://keys.openpgp.org/vks/v1/by-fingerprint/4FBA930D314A03215E2CDB0A8312C8CAC1BAC289";
sha256 = "sha256:10y9xqcy1vyk2p8baay14p3vwdnlwynk0fvfbika65hz2z8yw2cm";
};
trust = "ultimate";
}
];
};
services.gpg-agent = rec {
enableBashIntegration = true;
@ -43,7 +50,7 @@
# It will fall back to ncurses when running in non-graphics mode.
defaultCacheTtl = 3600;
defaultCacheTtlSsh = defaultCacheTtl;
maxCacheTtl = 3*3600;
maxCacheTtl = 3 * 3600;
maxCacheTtlSsh = maxCacheTtl;
};
};

15
hm/homealone.nix
View file

@ -25,14 +25,19 @@
];
};
home = {
activation.createDirenvFolders = lib.hm.dag.entryAfter [ "writeBoundary" ]
(lib.strings.concatLines (map (d: "mkdir -p ${d}") (
(builtins.attrValues config.frogeye.direnv) ++ [ "${config.xdg.cacheHome}/junkhome" ]
)));
activation.createDirenvFolders = lib.hm.dag.entryAfter [ "writeBoundary" ] (
lib.strings.concatLines (
map (d: "mkdir -p ${d}") (
(builtins.attrValues config.frogeye.direnv) ++ [ "${config.xdg.cacheHome}/junkhome" ]
)
)
);
sessionVariables = config.frogeye.direnv;
};
programs.bash.shellAliases = lib.attrsets.mergeAttrsList (map (p: { "${p}" = "HOME=${config.xdg.cacheHome}/junkhome ${p}"; }) config.frogeye.junkhome);
programs.bash.shellAliases = lib.attrsets.mergeAttrsList (
map (p: { "${p}" = "HOME=${config.xdg.cacheHome}/junkhome ${p}"; }) config.frogeye.junkhome
);
};
options.frogeye = {
direnv = lib.mkOption {

7
hm/monitoring/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
home.packages = with pkgs; [

12
hm/nix/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
home.packages = with pkgs; [
@ -16,7 +21,10 @@
nix = {
package = lib.mkDefault pkgs.lix;
settings = {
experimental-features = [ "nix-command" "flakes" ];
experimental-features = [
"nix-command"
"flakes"
];
warn-dirty = false;
};
};

185
hm/password/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
mod = config.xsession.windowManager.i3.config.modifier;
in
@ -8,32 +13,51 @@ in
pwgen
(pkgs.writeShellApplication {
name = "install-passwords";
runtimeInputs = [ yq gawk moreutils ];
text = (lib.strings.concatLines (map
(file: ''
(
echo "===== Preparing to write ${file.path}"
temp="$(mktemp --tmpdir="${builtins.dirOf file.path}")"
cat "${file.template}" > "$temp"
'' + (lib.strings.concatLines (map
(password: (if password.selector == null then ''
echo "Reading ${password.path} for substituting ${password.variable}"
value="$(pass "${password.path}" | head -n1)"
'' else ''
echo "Reading ${password.path} -> ${password.selector} for substituting ${password.variable}"
value="$(pass "${password.path}" | tail -n +2 | yq -r '.${password.selector}')"
'') + ''
key="${password.variable}"
K="$key" V="$value" awk '{ gsub (ENVIRON["K"], ENVIRON["V"]); print }' "$temp" | sponge "$temp"
'')
(lib.attrsets.attrValues file.passwords))) + ''
echo "Moving the file in place"
chown "${file.owner}" "$temp"
chmod u=r "$temp"
mv -f "$temp" "${file.path}"
)
'')
config.frogeye.passwordFiles)
runtimeInputs = [
yq
gawk
moreutils
];
text = (
lib.strings.concatLines (
map (
file:
''
(
echo "===== Preparing to write ${file.path}"
temp="$(mktemp --tmpdir="${builtins.dirOf file.path}")"
cat "${file.template}" > "$temp"
''
+ (lib.strings.concatLines (
map (
password:
(
if password.selector == null then
''
echo "Reading ${password.path} for substituting ${password.variable}"
value="$(pass "${password.path}" | head -n1)"
''
else
''
echo "Reading ${password.path} -> ${password.selector} for substituting ${password.variable}"
value="$(pass "${password.path}" | tail -n +2 | yq -r '.${password.selector}')"
''
)
+ ''
key="${password.variable}"
K="$key" V="$value" awk '{ gsub (ENVIRON["K"], ENVIRON["V"]); print }' "$temp" | sponge "$temp"
''
) (lib.attrsets.attrValues file.passwords)
))
+ ''
echo "Moving the file in place"
chown "${file.owner}" "$temp"
chmod u=r "$temp"
mv -f "$temp" "${file.path}"
)
''
) config.frogeye.passwordFiles
)
);
})
];
@ -50,63 +74,70 @@ in
frogeye.passwordFiles =
let
defaultvar = "@PASSWORD@";
pwtype = { name, ... }: {
options = {
variable = lib.mkOption {
type = lib.types.str;
default = name;
description = "String in the template that will be substituted by the actual password";
};
path = lib.mkOption {
type = lib.types.str;
description = "Path to the password store entry";
};
selector = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "If set, will parse the password metadata as YML and use selector (yq) instead of the password.";
pwtype =
{ name, ... }:
{
options = {
variable = lib.mkOption {
type = lib.types.str;
default = name;
description = "String in the template that will be substituted by the actual password";
};
path = lib.mkOption {
type = lib.types.str;
description = "Path to the password store entry";
};
selector = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "If set, will parse the password metadata as YML and use selector (yq) instead of the password.";
};
};
};
};
mainConfig = config;
in
lib.mkOption {
default = [ ];
type = lib.types.listOf (lib.types.submodule ({ config, ... }: {
options = {
path = lib.mkOption {
type = lib.types.str;
description = "Where to place the file.";
};
owner = lib.mkOption {
type = lib.types.str;
default = mainConfig.home.username;
description = "Who will own the file.";
};
template = lib.mkOption {
type = lib.types.path;
default = pkgs.writeTextFile {
name = "pwfile-template";
text = config.text;
type = lib.types.listOf (
lib.types.submodule (
{ config, ... }:
{
options = {
path = lib.mkOption {
type = lib.types.str;
description = "Where to place the file.";
};
owner = lib.mkOption {
type = lib.types.str;
default = mainConfig.home.username;
description = "Who will own the file.";
};
template = lib.mkOption {
type = lib.types.path;
default = pkgs.writeTextFile {
name = "pwfile-template";
text = config.text;
};
description = "Path to the template used to make the file. Exclusive with `text`.";
};
text = lib.mkOption {
type = lib.types.str;
default = defaultvar;
description = "Content of the template used to make the file. Exclusive with `template`.";
};
passwords = lib.mkOption {
default = lib.optionalAttrs (config.password != null) { ${defaultvar} = config.password; };
type = lib.types.attrsOf (lib.types.submodule pwtype);
description = "Paths to passwords that will substitute the variables in the template. Exclusive with `password`";
};
password = lib.mkOption {
type = lib.types.submodule ({ ... }@args: pwtype (args // { name = defaultvar; }));
description = "Path to password that will substitute '@PASSWORD@' in the template. Exclusive with `passwords`.";
};
};
description = "Path to the template used to make the file. Exclusive with `text`.";
};
text = lib.mkOption {
type = lib.types.str;
default = defaultvar;
description = "Content of the template used to make the file. Exclusive with `template`.";
};
passwords = lib.mkOption {
default = lib.optionalAttrs (config.password != null) { ${defaultvar} = config.password; };
type = lib.types.attrsOf (lib.types.submodule pwtype);
description = "Paths to passwords that will substitute the variables in the template. Exclusive with `password`";
};
password = lib.mkOption {
type = lib.types.submodule ({ ... }@args: pwtype (args // { name = defaultvar; }));
description = "Path to password that will substitute '@PASSWORD@' in the template. Exclusive with `passwords`.";
};
};
}));
}
)
);
};
};
}

23
hm/prompt/default.nix
View file

@ -1,10 +1,27 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.programs.less.enable {
programs.powerline-go = {
enable = true;
modules = [ "user" "host" "venv" "cwd" "perms" "nix-shell" "git" ];
modulesRight = [ "jobs" "exit" "duration" ];
modules = [
"user"
"host"
"venv"
"cwd"
"perms"
"nix-shell"
"git"
];
modulesRight = [
"jobs"
"exit"
"duration"
];
settings = {
colorize-hostname = true;
hostname-only-if-ssh = true;

7
hm/shell/atuin.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
programs.atuin = {

15
hm/shell/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
cfg = config.programs.bash;
in
@ -14,7 +19,11 @@ in
historySize = 100000;
historyFile = "${config.xdg.stateHome}/shell_history";
historyFileSize = 100000;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyControl = [
"erasedups"
"ignoredups"
"ignorespace"
];
};
zsh = {
enable = true;
@ -36,5 +45,5 @@ in
};
imports = [
./atuin.nix
];
];
}

7
hm/ssh.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
frogeye.hooks.lock = ''

8
hm/theme/default.nix
View file

@ -1,4 +1,10 @@
{ pkgs, config, lib, stylix, ... }:
{
pkgs,
config,
lib,
stylix,
...
}:
{
config = {
stylix = {

32
hm/tmux/default.nix
View file

@ -1,17 +1,21 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
themepack = pkgs.tmuxPlugins.mkTmuxPlugin
rec {
pluginName = "tmux-themepack";
version = "1.1.0";
rtpFilePath = "themepack.tmux";
src = pkgs.fetchFromGitHub {
owner = "jimeh";
repo = "tmux-themepack";
rev = "${version}";
sha256 = "f6y92kYsKDFanNx5ATx4BkaB/E7UrmyIHU/5Z01otQE=";
};
themepack = pkgs.tmuxPlugins.mkTmuxPlugin rec {
pluginName = "tmux-themepack";
version = "1.1.0";
rtpFilePath = "themepack.tmux";
src = pkgs.fetchFromGitHub {
owner = "jimeh";
repo = "tmux-themepack";
rev = "${version}";
sha256 = "f6y92kYsKDFanNx5ATx4BkaB/E7UrmyIHU/5Z01otQE=";
};
};
in
{
config = lib.mkIf config.programs.tmux.enable {
@ -26,7 +30,9 @@ in
plugins = with pkgs.tmuxPlugins; [
sensible
];
extraConfig = builtins.readFile ./tmux.conf + "source-file ${themepack}/share/tmux-plugins/tmux-themepack/powerline/default/green.tmuxtheme\n";
extraConfig =
builtins.readFile ./tmux.conf
+ "source-file ${themepack}/share/tmux-plugins/tmux-themepack/powerline/default/green.tmuxtheme\n";
};
stylix.targets.tmux.enable = false;
xdg.configFile.screenrc.text = (builtins.readFile ./screenrc);

7
hm/vim/code.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
# UPST
vim-shot-f = pkgs.vimUtils.buildVimPlugin {

7
hm/vim/completion.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
# Completion

330
hm/vim/decoration.nix
View file

@ -1,4 +1,10 @@
{ pkgs, lib, config, nixvimLib, ... }:
{
pkgs,
lib,
config,
nixvimLib,
...
}:
let
nv = nixvimLib.nixvim;
in
@ -6,37 +12,86 @@ in
config = {
programs = {
# https://www.reddit.com/r/neovim/comments/mbj8m5/how_to_setup_ctrlshiftkey_mappings_in_neovim_and/
alacritty.settings.keyboard.bindings = [
{ key = "H"; mods = "Control|Shift"; chars = "\\u001b[72;5u"; }
{ key = "L"; mods = "Control|Shift"; chars = "\\u001b[76;5u"; }
] ++ (map
(n: { key = "Key${builtins.toString n}"; mods = "Control"; chars = "\\u001b[${builtins.toString (48+n)};5u"; })
(lib.lists.range 0 9));
alacritty.settings.keyboard.bindings =
[
{
key = "H";
mods = "Control|Shift";
chars = "\\u001b[72;5u";
}
{
key = "L";
mods = "Control|Shift";
chars = "\\u001b[76;5u";
}
]
++ (map (n: {
key = "Key${builtins.toString n}";
mods = "Control";
chars = "\\u001b[${builtins.toString (48 + n)};5u";
}) (lib.lists.range 0 9));
# Ctrl+<number> doesn't get interpreted, but Ctrl+Shift+<number> does, so let's use that
nixvim = {
autoCmd = [
# Turn off relativenumber only for insert mode
{ event = "InsertEnter"; pattern = "*"; command = "set norelativenumber"; }
{ event = "InsertLeave"; pattern = "*"; command = "set relativenumber"; }
{
event = "InsertEnter";
pattern = "*";
command = "set norelativenumber";
}
{
event = "InsertLeave";
pattern = "*";
command = "set relativenumber";
}
];
extraPlugins = with pkgs.vimPlugins; [
nvim-scrollview # Scroll bar
];
keymaps =
let
options = { silent = true; };
options = {
silent = true;
};
in
[
# barbar
{ key = "gb"; action = "<Cmd>BufferPick<CR>"; inherit options; }
{ key = "<C-H>"; action = "<Cmd>BufferPrevious<CR>"; inherit options; }
{ key = "<C-L>"; action = "<Cmd>BufferNext<CR>"; inherit options; }
{ key = "<C-S-H>"; action = "<Cmd>BufferMovePrevious<CR>"; inherit options; }
{ key = "<C-S-L>"; action = "<Cmd>BufferMoveNext<CR>"; inherit options; }
{ key = "<C-0>"; action = "<Cmd>BufferLast<CR>"; inherit options; }
] ++ (map
(n: { key = "<C-${builtins.toString n}>"; action = "<Cmd>BufferGoto ${builtins.toString n}<CR>"; inherit options; })
(lib.lists.range 1 9));
{
key = "gb";
action = "<Cmd>BufferPick<CR>";
inherit options;
}
{
key = "<C-H>";
action = "<Cmd>BufferPrevious<CR>";
inherit options;
}
{
key = "<C-L>";
action = "<Cmd>BufferNext<CR>";
inherit options;
}
{
key = "<C-S-H>";
action = "<Cmd>BufferMovePrevious<CR>";
inherit options;
}
{
key = "<C-S-L>";
action = "<Cmd>BufferMoveNext<CR>";
inherit options;
}
{
key = "<C-0>";
action = "<Cmd>BufferLast<CR>";
inherit options;
}
]
++ (map (n: {
key = "<C-${builtins.toString n}>";
action = "<Cmd>BufferGoto ${builtins.toString n}<CR>";
inherit options;
}) (lib.lists.range 1 9));
opts = {
showmode = false;
number = true;
@ -48,103 +103,154 @@ in
barbar.enable = true;
# TODO Reload make it use the preset colorscheme
# Status line
lualine = with config.lib.stylix.colors.withHashtag; let
normal = { fg = base05; bg = base01; };
inverted = { fg = base00; bg = base03; };
normal_ina = { fg = base02; bg = base01; };
inverted_ina = { fg = base00; bg = base02; };
in
{
enable = true;
settings = rec {
inactive_sections = sections;
sections = {
lualine_a = [
(nv.listToUnkeyedAttrs [ "string.format('%d', vim.fn.line('$'))" ])
];
lualine_b = [ "mode" ];
lualine_c = [
((nv.listToUnkeyedAttrs [ "filename" ]) // {
color = nv.mkRaw ''
function(section)
return { fg = vim.bo.modified and '${base08}' or '${normal.fg}' }
end
'';
path = 1; # Relative path
symbols = {
modified = "";
newfile = "󰻭";
readonly = "󰏯";
unnamed = "󱀶";
};
})
"location"
];
lualine_x = [
((nv.listToUnkeyedAttrs [ ''(next(vim.lsp.buf_get_clients()) == nil) and "󰒲 " or ""'' ]) // {
separator = { left = ""; right = ""; };
})
] ++ (lib.mapAttrsToList
(diag_name: diag_color: ((nv.listToUnkeyedAttrs [ "diagnostics" ]) // {
color.bg = diag_color;
colored = false;
separator = { left = ""; right = ""; };
sections = [ diag_name ];
}))
{
error = base08;
warn = base0A;
hint = base0C;
info = base0B;
});
lualine_y = [
((nv.listToUnkeyedAttrs [ "diff" ]) // {
diff_color = {
added.fg = base0B;
modified.fg = base0A;
removed.fg = base08;
};
symbols = {
added = " ";
modified = " ";
removed = " ";
};
})
"branch"
];
lualine_z = [
"filetype"
"fileformat"
"encoding"
];
lualine =
with config.lib.stylix.colors.withHashtag;
let
normal = {
fg = base05;
bg = base01;
};
options.theme = (lib.mapAttrs
(mode_name: mode_color: {
a = inverted;
b = inverted // { bg = mode_color; gui = "bold"; };
c = normal;
x = inverted;
y = normal;
z = inverted // { bg = mode_color; };
})
{
normal = base0D;
insert = base0B;
visual = base0F;
replace = base08;
command = base0E;
}) // {
inactive = {
a = inverted_ina;
b = normal_ina // { bg = base00; gui = "bold"; };
c = normal_ina;
x = inverted_ina;
y = normal_ina;
z = normal_ina // { bg = base00; };
inverted = {
fg = base00;
bg = base03;
};
normal_ina = {
fg = base02;
bg = base01;
};
inverted_ina = {
fg = base00;
bg = base02;
};
in
{
enable = true;
settings = rec {
inactive_sections = sections;
sections = {
lualine_a = [
(nv.listToUnkeyedAttrs [ "string.format('%d', vim.fn.line('$'))" ])
];
lualine_b = [ "mode" ];
lualine_c = [
(
(nv.listToUnkeyedAttrs [ "filename" ])
// {
color = nv.mkRaw ''
function(section)
return { fg = vim.bo.modified and '${base08}' or '${normal.fg}' }
end
'';
path = 1; # Relative path
symbols = {
modified = "";
newfile = "󰻭";
readonly = "󰏯";
unnamed = "󱀶";
};
}
)
"location"
];
lualine_x =
[
(
(nv.listToUnkeyedAttrs [ ''(next(vim.lsp.buf_get_clients()) == nil) and "󰒲 " or ""'' ])
// {
separator = {
left = "";
right = "";
};
}
)
]
++ (lib.mapAttrsToList
(
diag_name: diag_color:
(
(nv.listToUnkeyedAttrs [ "diagnostics" ])
// {
color.bg = diag_color;
colored = false;
separator = {
left = "";
right = "";
};
sections = [ diag_name ];
}
)
)
{
error = base08;
warn = base0A;
hint = base0C;
info = base0B;
}
);
lualine_y = [
(
(nv.listToUnkeyedAttrs [ "diff" ])
// {
diff_color = {
added.fg = base0B;
modified.fg = base0A;
removed.fg = base08;
};
symbols = {
added = " ";
modified = " ";
removed = " ";
};
}
)
"branch"
];
lualine_z = [
"filetype"
"fileformat"
"encoding"
];
};
options.theme =
(lib.mapAttrs
(mode_name: mode_color: {
a = inverted;
b = inverted // {
bg = mode_color;
gui = "bold";
};
c = normal;
x = inverted;
y = normal;
z = inverted // {
bg = mode_color;
};
})
{
normal = base0D;
insert = base0B;
visual = base0F;
replace = base08;
command = base0E;
}
)
// {
inactive = {
a = inverted_ina;
b = normal_ina // {
bg = base00;
gui = "bold";
};
c = normal_ina;
x = inverted_ina;
y = normal_ina;
z = normal_ina // {
bg = base00;
};
};
};
};
};
};
# Show context on top if scrolled out
treesitter-context = {
enable = true;

97
hm/vim/default.nix
View file

@ -1,12 +1,20 @@
{ pkgs, lib, config, nixvim, ... }:
{
pkgs,
lib,
config,
nixvim,
...
}:
{
# config = lib.mkIf config.programs.nixvim.enable { # Somehow this is infinite recursion?
config = {
home.sessionVariables = {
EDITOR = "nvim";
} // lib.optionalAttrs config.frogeye.desktop.xorg {
VISUAL = "nvim";
};
home.sessionVariables =
{
EDITOR = "nvim";
}
// lib.optionalAttrs config.frogeye.desktop.xorg {
VISUAL = "nvim";
};
programs.bash.shellAliases = {
vi = "nvim";
vim = "nvim";
@ -84,20 +92,23 @@
undotree.enable = true; # Navigate edition history
};
extraPlugins = with pkgs.vimPlugins; [
# Search/replace
vim-abolish # Regex for words, with case in mind
vim-easy-align # Aligning lines around a certain character
extraPlugins =
with pkgs.vimPlugins;
[
# Search/replace
vim-abolish # Regex for words, with case in mind
vim-easy-align # Aligning lines around a certain character
# Surrounding pairs
targets-vim # Better interaction with surrounding pairs
# Surrounding pairs
targets-vim # Better interaction with surrounding pairs
# Language-specific
tcomment_vim # Language-aware (un)commenting
] ++ lib.optionals config.frogeye.dev.ansible [
ansible-vim
# Doesn't generate snippets, but those are for UltiSnip anyways
];
# Language-specific
tcomment_vim # Language-aware (un)commenting
]
++ lib.optionals config.frogeye.dev.ansible [
ansible-vim
# Doesn't generate snippets, but those are for UltiSnip anyways
];
extraConfigLuaPre = lib.mkBefore ''
-- If terminal is detected to be light, background will be changed after base16 theme is applied.
-- Setting manually early to prevent hightlights having weird colors.
@ -110,7 +121,9 @@
'';
userCommands = {
Reload = { command = "source ${config.xdg.configHome}/nvim/init.lua"; };
Reload = {
command = "source ${config.xdg.configHome}/nvim/init.lua";
};
};
keymaps = [
@ -118,24 +131,54 @@
# Allow saving of files as sudo when I forgot to start vim using sudo.
# From https://stackoverflow.com/a/7078429
{ mode = "c"; key = "w!!"; action = "w !sudo tee > /dev/null %"; }
{
mode = "c";
key = "w!!";
action = "w !sudo tee > /dev/null %";
}
{ mode = "i"; key = "jk"; action = "<Esc>"; }
{ mode = "v"; key = "<Enter>"; action = "<Esc>"; }
{ key = "<Enter>"; action = "o<Esc>"; }
{
mode = "i";
key = "jk";
action = "<Esc>";
}
{
mode = "v";
key = "<Enter>";
action = "<Esc>";
}
{
key = "<Enter>";
action = "o<Esc>";
}
# { key = "<C-H>"; action = ":bp<CR>"; }
# { key = "<C-L>"; action = ":bn<CR>"; }
{ key = "<C-K>"; action = "kkkkkkkkkkkkkkkkkkkkk"; }
{ key = "<C-J>"; action = "jjjjjjjjjjjjjjjjjjjjj"; }
{
key = "<C-K>";
action = "kkkkkkkkkkkkkkkkkkkkk";
}
{
key = "<C-J>";
action = "jjjjjjjjjjjjjjjjjjjjj";
}
# \s to replace globally the word under the cursor
{ key = "<Leader>s"; action = ":%s/\\<<C-r><C-w>\\>/"; }
{
key = "<Leader>s";
action = ":%s/\\<<C-r><C-w>\\>/";
}
# PLUGINS
# undotree
{ key = "<Space>u"; action = "<Cmd>UndotreeToggle<CR>"; options = { silent = true; }; }
{
key = "<Space>u";
action = "<Cmd>UndotreeToggle<CR>";
options = {
silent = true;
};
}
];
};

7
hm/vim/git.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
programs.nixvim = {

7
hm/vim/lsp.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
programs.nixvim = {

19
nod/common/default.nix
View file

@ -3,20 +3,23 @@
environment.motd = "";
home-manager = {
useGlobalPkgs = true;
config = {...}: {
frogeye = config.frogeye;
home.file = {
".ssh/authorized_keys" = {
# TODO Make an option and reuse at other places
text = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPE41gxrO8oZ5n3saapSwZDViOQphm6RzqgsBUyA88pU geoffrey@frogeye.fr";
config =
{ ... }:
{
frogeye = config.frogeye;
home.file = {
".ssh/authorized_keys" = {
# TODO Make an option and reuse at other places
text = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPE41gxrO8oZ5n3saapSwZDViOQphm6RzqgsBUyA88pU geoffrey@frogeye.fr";
};
};
};
};
};
system.stateVersion = "24.05";
terminal.font = "${
pkgs.nerdfonts.override {
fonts = [ "DejaVuSansMono" ];
}}/share/fonts/truetype/NerdFonts/DejaVuSansMNerdFont-Regular.ttf";
}
}/share/fonts/truetype/NerdFonts/DejaVuSansMNerdFont-Regular.ttf";
time.timeZone = "Europe/Amsterdam";
}

177
options.nix
View file

@ -1,6 +1,14 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
capitalizeFirstLetter = str: (lib.strings.toUpper (builtins.substring 0 1 str)) + (builtins.substring 1 (builtins.stringLength str) str);
capitalizeFirstLetter =
str:
(lib.strings.toUpper (builtins.substring 0 1 str))
+ (builtins.substring 1 (builtins.stringLength str) str);
in
{
options.frogeye = {
@ -18,7 +26,10 @@ in
polarity = lib.mkOption {
default = "light";
description = "Whether to use light theme or dark theme.";
type = lib.types.enum [ "light" "dark" ];
type = lib.types.enum [
"light"
"dark"
];
};
desktop = {
xorg = lib.mkEnableOption "Enable X11 support";
@ -35,9 +46,21 @@ in
default = 1080;
};
phasesCommands = {
jour = lib.mkOption { type = lib.types.lines; default = ""; description = "Command to execute for phase: jour"; };
crepuscule = lib.mkOption { type = lib.types.lines; default = ""; description = "Command to execute for phase: crepuscule"; };
nuit = lib.mkOption { type = lib.types.lines; default = ""; description = "Command to execute for phase: nuit"; };
jour = lib.mkOption {
type = lib.types.lines;
default = "";
description = "Command to execute for phase: jour";
};
crepuscule = lib.mkOption {
type = lib.types.lines;
default = "";
description = "Command to execute for phase: crepuscule";
};
nuit = lib.mkOption {
type = lib.types.lines;
default = "";
description = "Command to execute for phase: nuit";
};
};
};
dev = {
@ -55,78 +78,90 @@ in
};
storageSize = lib.mkOption {
default = "small";
type = lib.types.enum [ "small" "big" "phone" ];
type = lib.types.enum [
"small"
"big"
"phone"
];
description = "Type of storage for the device. Used to determine which folder to include.";
};
folders = lib.mkOption {
default = { };
description = "Folders used by users";
# Top-level so Syncthing can work for all users. Also there's no real home-manager syncthing module.
type = lib.types.attrsOf (lib.types.submodule ({ config, name, ... }: {
options = {
name = lib.mkOption {
type = lib.types.str;
default = name;
readOnly = true;
internal = true;
description = "Name accessing this entry";
};
enable = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Whether to use this folder.";
};
path = lib.mkOption {
type = lib.types.str;
description = "Path relative to HOME. Prefer French names which has more varied initials, easing navigation.";
};
label = lib.mkOption {
type = lib.types.str;
description = "Friendly name";
default = capitalizeFirstLetter config.path;
};
user = lib.mkOption {
type = lib.types.str;
default = "geoffrey";
description = "User using this directory.";
};
fullPath = lib.mkOption {
type = lib.types.str;
default = "/home/${config.user}/${config.path}";
# Hardcoded due to outside of any user context
description = "Absolute path.";
};
xdgUserDirVariable = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = if config.enable then "XDG_${lib.strings.toUpper name}_DIR" else null;
description = "Name for the XDG user dir variable. If set, will automatically create the directory.";
};
syncthing = lib.mkOption {
default = { };
description = "Syncthing configuration for the folder";
type = lib.types.submodule ({ ... }: {
freeformType = (pkgs.formats.json { }).type;
options = {
enable = lib.mkOption {
type = lib.types.bool;
default = config.enable && config.syncthing.id != null;
description = "Whether to sync.";
};
id = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "Syncthing folder id";
};
type = lib.types.attrsOf (
lib.types.submodule (
{ config, name, ... }:
{
options = {
name = lib.mkOption {
type = lib.types.str;
default = name;
readOnly = true;
internal = true;
description = "Name accessing this entry";
};
});
};
versionsMaxDays = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = 365;
description = "For big systems, how many days of staggered versions should be kept";
};
};
}));
enable = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Whether to use this folder.";
};
path = lib.mkOption {
type = lib.types.str;
description = "Path relative to HOME. Prefer French names which has more varied initials, easing navigation.";
};
label = lib.mkOption {
type = lib.types.str;
description = "Friendly name";
default = capitalizeFirstLetter config.path;
};
user = lib.mkOption {
type = lib.types.str;
default = "geoffrey";
description = "User using this directory.";
};
fullPath = lib.mkOption {
type = lib.types.str;
default = "/home/${config.user}/${config.path}";
# Hardcoded due to outside of any user context
description = "Absolute path.";
};
xdgUserDirVariable = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = if config.enable then "XDG_${lib.strings.toUpper name}_DIR" else null;
description = "Name for the XDG user dir variable. If set, will automatically create the directory.";
};
syncthing = lib.mkOption {
default = { };
description = "Syncthing configuration for the folder";
type = lib.types.submodule (
{ ... }:
{
freeformType = (pkgs.formats.json { }).type;
options = {
enable = lib.mkOption {
type = lib.types.bool;
default = config.enable && config.syncthing.id != null;
description = "Whether to sync.";
};
id = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "Syncthing folder id";
};
};
}
);
};
versionsMaxDays = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = 365;
description = "For big systems, how many days of staggered versions should be kept";
};
};
}
)
);
};
hooks.lock = lib.mkOption {
type = lib.types.lines;

8
os/boot/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
boot.loader = {
grub = {
@ -10,4 +15,3 @@
};
}

10
os/ccc/default.nix
View file

@ -6,10 +6,12 @@
eap=TTLS
identity="37C3"
password="37C3"
ca_cert="${builtins.fetchurl {
url = "https://letsencrypt.org/certs/isrgrootx1.pem";
sha256 = "sha256:1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92";
}}"
ca_cert="${
builtins.fetchurl {
url = "https://letsencrypt.org/certs/isrgrootx1.pem";
sha256 = "sha256:1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92";
}
}"
altsubject_match="DNS:radius.c3noc.net"
phase2="auth=PAP"
'';

30
os/common.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
networking = {
hostName = config.frogeye.name;
@ -16,13 +21,17 @@
# Enable passwordless sudo
# TODO execWheelOnly? sudo-rs?
security.sudo.extraRules = [{
groups = [ "wheel" ];
commands = [{
command = "ALL";
options = [ "NOPASSWD" ];
}];
}];
security.sudo.extraRules = [
{
groups = [ "wheel" ];
commands = [
{
command = "ALL";
options = [ "NOPASSWD" ];
}
];
}
];
# UPST disko --root-mountpoint doesn't work when using flake, workaround:
disko.rootMountPoint = "/mnt/nixos";
@ -44,7 +53,10 @@
nix = {
package = pkgs.lix;
settings = {
experimental-features = [ "nix-command" "flakes" ];
experimental-features = [
"nix-command"
"flakes"
];
warn-dirty = false;
};
};

24
os/cuda/default.nix
View file

@ -1,5 +1,11 @@
# Need nvidia proprietary drivers to work
{ pkgs, nixpkgs, config, lib, ... }:
{
pkgs,
nixpkgs,
config,
lib,
...
}:
{
config = lib.mkIf config.frogeye.cuda {
nix.settings = {
@ -11,7 +17,8 @@
];
};
nixpkgs.overlays = [
(self: super:
(
self: super:
let
pkgs_uf = import nixpkgs {
inherit (super) system;
@ -19,11 +26,14 @@
};
in
{
ctranslate2 = (pkgs_uf.ctranslate2.override {
withCUDA = true;
withCuDNN = true;
});
})
ctranslate2 = (
pkgs_uf.ctranslate2.override {
withCUDA = true;
withCuDNN = true;
}
);
}
)
];
};
}

23
os/desktop/autorandr.nix
View file

@ -1,12 +1,19 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
setupScript = "${pkgs.writeShellApplication {
name = "greeter-setup-script";
runtimeInputs = [ pkgs.autorandr ];
text = ''
autorandr --change
'';
}}/bin/greeter-setup-script";
setupScript = "${
pkgs.writeShellApplication {
name = "greeter-setup-script";
runtimeInputs = [ pkgs.autorandr ];
text = ''
autorandr --change
'';
}
}/bin/greeter-setup-script";
in
{
config = {

45
os/desktop/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.desktop.xorg {
boot.kernelModules = [ "i2c-dev" ]; # Allows using ddcutil
@ -19,7 +24,7 @@
# https://wiki.archlinux.org/title/PipeWire#Noticeable_audio_delay_or_audible_pop/crack_when_starting_playback
preventGetTogetherDuoFromShuttingDown."monitor.bluez.rules" = [
{
matches = [{ "node.name" = "~bluez_output.41_42_D2_B5_13_72.*"; }];
matches = [ { "node.name" = "~bluez_output.41_42_D2_B5_13_72.*"; } ];
actions.update-props = {
"session.suspend-timeout-seconds" = 0;
"dither.method" = "wannamaker3";
@ -39,23 +44,25 @@
extraLayouts.qwerty-fr = {
description = "QWERTY-fr";
languages = [ "fr" ];
symbolsFile = "${pkgs.stdenv.mkDerivation {
name = "qwerty-fr-keypad";
src = pkgs.fetchFromGitHub {
owner = "qwerty-fr";
repo = "qwerty-fr";
rev = "3a4d13089e8ef016aa20baf6b2bf3ea53de674b8";
sha256 = "sha256-wn5n6jJVDrQWJze8xYF2nEY8a7mHI3hVO4xsT4LMo9c=";
};
patches = [ ./qwerty-fr-keypad.diff ];
# TODO This doesn't seem to be applied... it's the whole point of the derivation :(
installPhase = ''
runHook preInstall
mkdir -p $out/linux
cp $src/linux/us_qwerty-fr $out/linux
runHook postInstall
'';
}}/linux/us_qwerty-fr";
symbolsFile = "${
pkgs.stdenv.mkDerivation {
name = "qwerty-fr-keypad";
src = pkgs.fetchFromGitHub {
owner = "qwerty-fr";
repo = "qwerty-fr";
rev = "3a4d13089e8ef016aa20baf6b2bf3ea53de674b8";
sha256 = "sha256-wn5n6jJVDrQWJze8xYF2nEY8a7mHI3hVO4xsT4LMo9c=";
};
patches = [ ./qwerty-fr-keypad.diff ];
# TODO This doesn't seem to be applied... it's the whole point of the derivation :(
installPhase = ''
runHook preInstall
mkdir -p $out/linux
cp $src/linux/us_qwerty-fr $out/linux
runHook postInstall
'';
}
}/linux/us_qwerty-fr";
};
layout = "qwerty-fr";
};

7
os/dev/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkMerge [
(lib.mkIf config.frogeye.dev.docker {

56
os/gaming/default.nix
View file

@ -1,29 +1,33 @@
{ pkgs, lib, config, ... }:
{
config = lib.mkIf config.frogeye.gaming
{
programs.steam.enable = true;
hardware.graphics.enable32Bit = true; # Needed by Steam
services = {
udev.packages = [ pkgs.python3Packages.ds4drv ];
xserver.config = ''
# Disable mouse support for joypad
Section "InputClass"
Identifier "joystick catchall"
MatchIsJoystick "on"
MatchDevicePath "/dev/input/event*"
Driver "joystick"
Option "StartKeysEnabled" "False"
Option "StartMouseEnabled" "False"
EndSection
# Same thing for DualShock 4 touchpad
Section "InputClass"
Identifier "ds4-touchpad"
Driver "libinput"
MatchProduct "Wireless Controller Touchpad"
Option "Ignore" "True"
EndSection
'';
};
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.frogeye.gaming {
programs.steam.enable = true;
hardware.graphics.enable32Bit = true; # Needed by Steam
services = {
udev.packages = [ pkgs.python3Packages.ds4drv ];
xserver.config = ''
# Disable mouse support for joypad
Section "InputClass"
Identifier "joystick catchall"
MatchIsJoystick "on"
MatchDevicePath "/dev/input/event*"
Driver "joystick"
Option "StartKeysEnabled" "False"
Option "StartMouseEnabled" "False"
EndSection
# Same thing for DualShock 4 touchpad
Section "InputClass"
Identifier "ds4-touchpad"
Driver "libinput"
MatchProduct "Wireless Controller Touchpad"
Option "Ignore" "True"
EndSection
'';
};
};
}

25
os/geoffrey.nix
View file

@ -1,11 +1,20 @@
{ pkgs, lib, config, home-manager, ... }:
{
pkgs,
lib,
config,
home-manager,
...
}:
{
config = {
users.users.root.initialHashedPassword = "$y$j9T$e64bjL7iyVlniEKwKbM9g0$cCn74za0r6L9QMO20Fdxz3/SX0yvhz3Xd6.2BhtbRL1"; # Not a real password
users.users.geoffrey = {
isNormalUser = true;
extraGroups = [ "adbusers" "wheel" ];
extraGroups = [
"adbusers"
"wheel"
];
shell = pkgs.zsh;
initialHashedPassword = "$y$j9T$e64bjL7iyVlniEKwKbM9g0$cCn74za0r6L9QMO20Fdxz3/SX0yvhz3Xd6.2BhtbRL1"; # Not a real password
@ -21,11 +30,13 @@
nix.settings.trusted-users = [ "geoffrey" ];
home-manager = {
users.geoffrey = { pkgs, ... }: {
frogeye = lib.mkDefault config.frogeye;
# Propagating options that way doesn't seem to conserve priority info,
# this is not great. Hopefully mkDefault resolve conflicts.
};
users.geoffrey =
{ pkgs, ... }:
{
frogeye = lib.mkDefault config.frogeye;
# Propagating options that way doesn't seem to conserve priority info,
# this is not great. Hopefully mkDefault resolve conflicts.
};
# Makes VMs able to re-run
useUserPackages = true;
# Adds consistency

260
os/password/default.nix
View file

@ -1,9 +1,18 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
passwordStoreDir = "/etc/passwords";
passwordHash = password: builtins.hashString "sha256" "${password.path}\n${builtins.toString password.selector}\n${builtins.toString password.transform}";
passwordHash =
password:
builtins.hashString "sha256" "${password.path}\n${builtins.toString password.selector}\n${builtins.toString password.transform}";
passwordStorePath = password: "${passwordStoreDir}/${passwordHash password}";
describePassword = password: password.path
describePassword =
password:
password.path
+ (if password.selector != null then " -> ${password.selector}" else "")
+ (if password.transform != null then " | (${password.transform})" else "");
passwordFiles = builtins.attrValues config.vivarium.passwordFiles;
@ -12,16 +21,23 @@ in
config = {
system = {
activationScripts.secrets = {
deps = [ "users" "groups" ];
deps = [
"users"
"groups"
];
supportsDryActivation = false; # TODO
text =
let
readPassword = password: "cat ${lib.strings.escapeShellArg (passwordStorePath password)}";
# Using awk's ENVIRON so it should resist any input?
pipeSubstitute = k: v: ''K=${lib.strings.escapeShellArg k} V="$(${v})" awk '{ gsub (ENVIRON["K"], ENVIRON["V"]); print }' '';
pipeSubstitute =
k: v:
''K=${lib.strings.escapeShellArg k} V="$(${v})" awk '{ gsub (ENVIRON["K"], ENVIRON["V"]); print }' '';
subsitutePassword = variable: password: pipeSubstitute variable (readPassword password);
subsitutePasswordFile = passwordFile: lib.mapAttrsToList subsitutePassword passwordFile.passwords;
renderPasswordFile = passwordFile: "${lib.strings.concatStringsSep "| " (subsitutePasswordFile passwordFile)} < ${passwordFile.template}";
renderPasswordFile =
passwordFile:
"${lib.strings.concatStringsSep "| " (subsitutePasswordFile passwordFile)} < ${passwordFile.template}";
installPasswordFile = passwordFile: ''
install -C -o ${passwordFile.owner} -g ${passwordFile.group} -m ${passwordFile.mode} -d ${builtins.dirOf passwordFile.path}
temp="$(mktemp)"
@ -31,12 +47,15 @@ in
rm "$temp"
trap - ERR
'';
installPasswordFileApp = passwordFile: pkgs.writeShellApplication {
name = builtins.replaceStrings ["/"] ["_"] passwordFile.path;
runtimeInputs = with pkgs; [ gawk ];
text = installPasswordFile passwordFile;
};
installPasswordFileSandboxed = passwordFile:
installPasswordFileApp =
passwordFile:
pkgs.writeShellApplication {
name = builtins.replaceStrings [ "/" ] [ "_" ] passwordFile.path;
runtimeInputs = with pkgs; [ gawk ];
text = installPasswordFile passwordFile;
};
installPasswordFileSandboxed =
passwordFile:
''${lib.getExe (installPasswordFileApp passwordFile)} || echo Failed to install ${lib.strings.escapeShellArg passwordFile.path}'';
in
''
@ -47,22 +66,38 @@ in
extraSystemBuilderCmds =
let
passwords = builtins.attrValues config.vivarium.passwords;
readPasswordClear = password: "pass show ${lib.strings.escapeShellArg password.path}" + (
if password.selector == null
then " | head -n1"
else
(if password.selector == "@"
then ""
else " | tail -n +2 | yq -r '.${password.selector}'")
);
readPassword = password: (readPasswordClear password) + (lib.strings.optionalString (password.transform != null) " | ${password.transform}");
readPasswordClear =
password:
"pass show ${lib.strings.escapeShellArg password.path}"
+ (
if password.selector == null then
" | head -n1"
else
(if password.selector == "@" then "" else " | tail -n +2 | yq -r '.${password.selector}'")
);
readPassword =
password:
(readPasswordClear password)
+ (lib.strings.optionalString (password.transform != null) " | ${password.transform}");
gitPath = password: ''"$PASSWORD_STORE_DIR"/${lib.strings.escapeShellArg password.path}.gpg'';
isGeneratedPassword = password: ''test -f ${gitPath password}'';
dateGit = password: " " + ''(cd "$(dirname ${gitPath password})"; git log -n1 --format='format:%ct' "$(basename ${gitPath password})")'' + " ";
dateGit =
password:
" "
+ ''(cd "$(dirname ${gitPath password})"; git log -n1 --format='format:%ct' "$(basename ${gitPath password})")''
+ " ";
dateStore = password: ''sudo stat -c '%Y' ${passwordStorePath password}'';
isInStore = password: ''sudo test -f ${passwordStorePath password}'';
testCanGenerate = password: lib.asserts.assertMsg (builtins.elem password.selector [ "@" null ]) "Unimplemented: generator + selector ${describePassword password}";
generatePassword = password: assert testCanGenerate password; ''${password.generator} | pass insert -m ${lib.strings.escapeShellArg password.path}'';
testCanGenerate =
password:
lib.asserts.assertMsg (builtins.elem password.selector [
"@"
null
]) "Unimplemented: generator + selector ${describePassword password}";
generatePassword =
password:
assert testCanGenerate password;
''${password.generator} | pass insert -m ${lib.strings.escapeShellArg password.path}'';
raiseCantGenerate = password: ''echo "Error: no generator" ; exit 1'';
syncPasswordStore = password: ''
# ${describePassword password}
@ -112,23 +147,27 @@ in
allFilenames = builtins.map (password: "${passwordStoreDir}/${passwordHash password}") passwords;
in
''
ln -s ${lib.getExe (pkgs.writeShellApplication {
name = "update-password-store";
text = ''
test -d "$PASSWORD_STORE_DIR"
sudo install -C -o root -g root -m u=rwx -d "${passwordStoreDir}"
ln -s ${
lib.getExe (
pkgs.writeShellApplication {
name = "update-password-store";
text = ''
test -d "$PASSWORD_STORE_DIR"
sudo install -C -o root -g root -m u=rwx -d "${passwordStoreDir}"
${lib.strings.concatLines (builtins.map syncPasswordStore passwords)}
${lib.strings.concatLines (builtins.map syncPasswordStore passwords)}
comm -23 <(sudo find ${passwordStoreDir} -type f -ctime +60 | sort) <(echo ${lib.strings.escapeShellArg (lib.strings.concatLines allFilenames)} | sort) | while read -r file
do
echo Removing "$file" from password store
sudo rm "$file"
done
'';
# -ctime +60 is so it is possible to boot from previous nixpkgs without missing transform hashes
# TODO Find a better mechanism, maybe à la bootspec, or something compatible with cross-arch
})} $out/bin/
comm -23 <(sudo find ${passwordStoreDir} -type f -ctime +60 | sort) <(echo ${lib.strings.escapeShellArg (lib.strings.concatLines allFilenames)} | sort) | while read -r file
do
echo Removing "$file" from password store
sudo rm "$file"
done
'';
# -ctime +60 is so it is possible to boot from previous nixpkgs without missing transform hashes
# TODO Find a better mechanism, maybe à la bootspec, or something compatible with cross-arch
}
)
} $out/bin/
'';
};
vivarium.passwords =
@ -144,82 +183,89 @@ in
vivarium =
let
defaultvar = "@PASSWORD@";
passwordSubmodule = lib.types.submodule ({ ... }: {
options = {
path = lib.mkOption {
type = lib.types.str;
description = "Path to the password store entry";
passwordSubmodule = lib.types.submodule (
{ ... }:
{
options = {
path = lib.mkOption {
type = lib.types.str;
description = "Path to the password store entry";
};
selector = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "If unset, selects the first line. If '@', select everything. If any other value, will parse the password metadata as YML and use selector (yq).";
};
generator = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = "${lib.getExe pkgs.pwgen} -s 32";
description = "Command to generate the password. Won't work when selector is set to read metadata.";
};
transform = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "Shell command to transform the password with before substitution";
};
};
selector = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "If unset, selects the first line. If '@', select everything. If any other value, will parse the password metadata as YML and use selector (yq).";
};
generator = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = "${lib.getExe pkgs.pwgen} -s 32";
description = "Command to generate the password. Won't work when selector is set to read metadata.";
};
transform = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = "Shell command to transform the password with before substitution";
};
};
});
}
);
in
{
passwords = lib.mkOption {
default = { };
type = lib.types.attrsOf passwordSubmodule;
};
passwordFiles =
lib.mkOption {
default = { };
type = lib.types.attrsOf (lib.types.submodule ({ name, config, ... }: {
options = {
path = lib.mkOption {
type = lib.types.str;
default = name;
description = "Where to place the file.";
passwordFiles = lib.mkOption {
default = { };
type = lib.types.attrsOf (
lib.types.submodule (
{ name, config, ... }:
{
options = {
path = lib.mkOption {
type = lib.types.str;
default = name;
description = "Where to place the file.";
};
mode = lib.mkOption {
type = lib.types.str;
default = "0400";
description = "Unix permission";
};
owner = lib.mkOption {
type = lib.types.str;
default = "root";
description = "Owner of the secret file";
};
group = lib.mkOption {
type = lib.types.str;
default = "root";
description = "Group of the secret file";
};
text = lib.mkOption {
type = lib.types.str;
default = defaultvar;
description = "Content of the template used to make the file. Exclusive with `template`.";
};
template = lib.mkOption {
type = lib.types.path;
default = pkgs.writeText "password-template" config.text;
description = "Content of the template used to make the file. Exclusive with `text`.";
};
passwords = lib.mkOption {
default = lib.optionalAttrs (config.password != null) { ${defaultvar} = config.password; };
type = lib.types.attrsOf passwordSubmodule;
description = "Paths to passwords that will substitute the variables in the template. Exclusive with `password`";
};
password = lib.mkOption {
type = passwordSubmodule;
description = "Path to password that will substitute '@PASSWORD@' in the template. Exclusive with `passwords`.";
};
};
mode = lib.mkOption {
type = lib.types.str;
default = "0400";
description = "Unix permission";
};
owner = lib.mkOption {
type = lib.types.str;
default = "root";
description = "Owner of the secret file";
};
group = lib.mkOption {
type = lib.types.str;
default = "root";
description = "Group of the secret file";
};
text = lib.mkOption {
type = lib.types.str;
default = defaultvar;
description = "Content of the template used to make the file. Exclusive with `template`.";
};
template = lib.mkOption {
type = lib.types.path;
default = pkgs.writeText "password-template" config.text;
description = "Content of the template used to make the file. Exclusive with `text`.";
};
passwords = lib.mkOption {
default = lib.optionalAttrs (config.password != null) { ${defaultvar} = config.password; };
type = lib.types.attrsOf passwordSubmodule;
description = "Paths to passwords that will substitute the variables in the template. Exclusive with `password`";
};
password = lib.mkOption {
type = passwordSubmodule;
description = "Path to password that will substitute '@PASSWORD@' in the template. Exclusive with `passwords`.";
};
};
}));
};
}
)
);
};
};
};
}

45
os/remote-builds/default.nix
View file

@ -1,7 +1,15 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
vivariumBuilderDefault = {
systems = [ "x86_64-linux" "aarch64-linux" ];
systems = [
"x86_64-linux"
"aarch64-linux"
];
protocol = "ssh-ng";
sshUser = "nixremote";
# sshKey doesn't work
@ -11,7 +19,12 @@ let
{
hostName = "abavorana.frogeye.fr";
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSU5iNzcrS01tRHI0MVhZdmZITXQvK3NHMkJCSEIzYUl4M045WDNVejhFaUogZ2VvZmZyZXlAY3VyYWNhbwo=";
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
maxJobs = 8;
}
{
@ -32,21 +45,31 @@ in
supportsDryActivation = true;
text = ''
mkdir -p /root/.ssh
cat ${pkgs.writeText "root-ssh-config" (lib.strings.concatLines (builtins.map (builder: ''
Host ${builder.hostName}
ControlMaster auto
ControlPath ~/.ssh/master-%r@%n:%p
ControlPersist 60s
'') vivariumBuilders)) } > /root/.ssh/config
cat ${
pkgs.writeText "root-ssh-config" (
lib.strings.concatLines (
builtins.map (builder: ''
Host ${builder.hostName}
ControlMaster auto
ControlPath ~/.ssh/master-%r@%n:%p
ControlPersist 60s
'') vivariumBuilders
)
)
} > /root/.ssh/config
'';
};
nix = {
buildMachines = builtins.map (vivariumBuilder: vivariumBuilderDefault // vivariumBuilder) vivariumBuilders;
buildMachines = builtins.map (
vivariumBuilder: vivariumBuilderDefault // vivariumBuilder
) vivariumBuilders;
distributedBuilds = false;
settings = {
builders-use-substitutes = true;
trusted-public-keys = publicKeys;
trusted-substituters = builtins.map (builder: "${builder.protocol}://${builder.sshUser}@${builder.hostName}") config.nix.buildMachines;
trusted-substituters = builtins.map (
builder: "${builder.protocol}://${builder.sshUser}@${builder.hostName}"
) config.nix.buildMachines;
};
};
};

22
os/style/default.nix
View file

@ -1,4 +1,10 @@
{ pkgs, lib, config, stylix, ... }:
{
pkgs,
lib,
config,
stylix,
...
}:
{
config = {
boot = {
@ -6,13 +12,17 @@
initrd.systemd.enable = true;
};
stylix = {
enable = true;
enable = true;
homeManagerIntegration.autoImport = false; # Makes config reuse easier
polarity = "dark";
targets.plymouth.logo = pkgs.runCommand "flower.png" { } "${pkgs.inkscape}/bin/inkscape ${pkgs.substituteAll {
src = ./flower.svg;
color = config.lib.stylix.colors.withHashtag.base07;
}} -w 256 -o $out";
targets.plymouth.logo =
pkgs.runCommand "flower.png" { }
"${pkgs.inkscape}/bin/inkscape ${
pkgs.substituteAll {
src = ./flower.svg;
color = config.lib.stylix.colors.withHashtag.base07;
}
} -w 256 -o $out";
# UPST Default grub font is sansSerif, which doesn't work.
# Maybe because people patch mono with nerdfonts and that isn't compatible?
};

74
os/syncthing/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
cfg = config.services.syncthing;
service = "syncthing";
@ -9,9 +14,14 @@ let
generator = ''(t="$(mktemp -d)" && ${lib.getExe pkgs.syncthing} generate --home="$t" &> /dev/null && cat "$t"/{cert,key}.pem && rm -rf "$t")'';
};
capitalizeFirstLetter = str: (lib.strings.toUpper (builtins.substring 0 1 str)) + (builtins.substring 1 (builtins.stringLength str) str);
capitalizeFirstLetter =
str:
(lib.strings.toUpper (builtins.substring 0 1 str))
+ (builtins.substring 1 (builtins.stringLength str) str);
nixosDevices = builtins.map (system: system.config.frogeye) (builtins.attrValues config.frogeye.toplevel.nixosConfigurations);
nixosDevices = builtins.map (system: system.config.frogeye) (
builtins.attrValues config.frogeye.toplevel.nixosConfigurations
);
allDevices = nixosDevices;
syncingDevices = builtins.filter (device: device.syncthing.id != null) allDevices;
peerDevices = builtins.filter (device: device.name != config.frogeye.name) syncingDevices;
@ -20,7 +30,10 @@ let
allFolders = builtins.attrValues config.frogeye.folders;
syncedFolders = builtins.filter (folder: folder.syncthing.enable) allFolders;
folderShouldSyncWith = folder: device: (lib.hasAttrByPath [ folder.name ] device.folders) && device.folders.${folder.name}.syncthing.enable;
folderShouldSyncWith =
folder: device:
(lib.hasAttrByPath [ folder.name ] device.folders)
&& device.folders.${folder.name}.syncthing.enable;
folderDeviceEntry = folder: device: { deviceID = device.syncthing.id; };
enable = (builtins.length syncedFolders) > 0;
@ -38,29 +51,38 @@ in
cert = "${secretsDir}/cert.pem";
settings = {
devices = builtins.listToAttrs (builtins.map (device: { inherit (device) name; value = device.syncthing; }) syncingDevices);
folders = builtins.listToAttrs (builtins.map
(folder: {
devices = builtins.listToAttrs (
builtins.map (device: {
inherit (device) name;
value = device.syncthing;
}) syncingDevices
);
folders = builtins.listToAttrs (
builtins.map (folder: {
inherit (folder) name;
value =
{
label = "${capitalizeFirstLetter folder.user} ${folder.label}";
path = "${config.users.users.${folder.user}.home}/${folder.path}";
# Despite further in the code indicating this is possible, it is, actually not
# devices = builtins.map (folderDeviceEntry folder) (builtins.filter (folderShouldSyncWith folder) peerDevices);
devices = builtins.map (device: device.name) (builtins.filter (folderShouldSyncWith folder) peerDevices);
versioning =
if (config.frogeye.storageSize == "big" && folder.versionsMaxDays != null) then {
value = {
label = "${capitalizeFirstLetter folder.user} ${folder.label}";
path = "${config.users.users.${folder.user}.home}/${folder.path}";
# Despite further in the code indicating this is possible, it is, actually not
# devices = builtins.map (folderDeviceEntry folder) (builtins.filter (folderShouldSyncWith folder) peerDevices);
devices = builtins.map (device: device.name) (
builtins.filter (folderShouldSyncWith folder) peerDevices
);
versioning =
if (config.frogeye.storageSize == "big" && folder.versionsMaxDays != null) then
{
type = "staggered";
params.maxAge = builtins.toString (folder.versionsMaxDays * 24 * 3600);
# TODO Increase cleanupIntervalS to 1 day or so
} else null;
rescanIntervalS = 10 * 3600; # Using watcher, should be good enough
copyRangeMethod = "all"; # Prevents duplication
copyOwnershipFromParent = true;
} // folder.syncthing;
})
syncedFolders);
}
else
null;
rescanIntervalS = 10 * 3600; # Using watcher, should be good enough
copyRangeMethod = "all"; # Prevents duplication
copyOwnershipFromParent = true;
} // folder.syncthing;
}) syncedFolders
);
options = rec {
urAccepted = 3;
urSeen = urAccepted;
@ -75,7 +97,11 @@ in
''}"
];
PrivateUsers = lib.mkForce false;
AmbientCapabilities = ["CAP_CHOWN" "CAP_DAC_OVERRIDE" "CAP_FOWNER"];
AmbientCapabilities = [
"CAP_CHOWN"
"CAP_DAC_OVERRIDE"
"CAP_FOWNER"
];
};
vivarium.passwordFiles = {
${cfg.key}.password = password // {

27
os/wireless/default.nix
View file

@ -1,17 +1,23 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
importScript = pkgs.writers.writePython3 "install-wifi-import"
{
libraries = [ pkgs.python3Packages.pyaml ];
}
(builtins.readFile ./import.py);
importScript = pkgs.writers.writePython3 "install-wifi-import" {
libraries = [ pkgs.python3Packages.pyaml ];
} (builtins.readFile ./import.py);
applyScript = pkgs.writers.writePython3 "install-wifi-apply" { } (builtins.readFile ./apply.py);
in
{
environment.systemPackages = [
(pkgs.writeShellApplication {
name = "install-wifi";
runtimeInputs = with pkgs; [ wpa_supplicant diffutils ];
runtimeInputs = with pkgs; [
wpa_supplicant
diffutils
];
text = ''
temp="$(mktemp --directory --suffix="-install-wifi")"
cd "$temp"
@ -61,8 +67,7 @@ in
"WiFi in de trein"
"_WIFI_LYRIA"
"WIFIonICE"
]
(ssid: { });
] (ssid: { });
userControlled.enable = true; # Allow some control with wpa_cli
};
services.chrony.serverOption = "offline";
@ -71,8 +76,8 @@ in
wantedBy = [ "wpa_supplicant.service" ];
path = with pkgs; [ wpa_supplicant ];
script = ''
for i in {1..50}; do wpa_cli status &> /dev/null && break; sleep 0.1; done
${applyScript}
for i in {1..50}; do wpa_cli status &> /dev/null && break; sleep 0.1; done
${applyScript}
'';
};
}

7
pindakaas/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
disko.devices.disk."${config.frogeye.name}".device = "/dev/disk/by-id/mmc-DA4064_0x931f080f";

7
pindakaas/features.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
frogeye = {

23
pindakaas/hardware.nix
View file

@ -1,4 +1,10 @@
{ pkgs, lib, config, nixos-hardware, ... }:
{
pkgs,
lib,
config,
nixos-hardware,
...
}:
{
config = {
boot = {
@ -10,7 +16,10 @@
};
frogeye.desktop = {
x11_screens = [ "DP-1" "eDP-1" ];
x11_screens = [
"DP-1"
"eDP-1"
];
maxVideoHeight = 1080;
phasesCommands = {
jour = ''
@ -30,10 +39,12 @@
# https://wiki.pine64.org/wiki/Mainline_Hardware_Decoding#mpv
# Might be worth if using CI to build.
home-manager.sharedModules = [{
# gpu-hq is too much for it to handle, even with hw decoding
config.programs.mpv.config.profile = lib.mkForce "default";
}];
home-manager.sharedModules = [
{
# gpu-hq is too much for it to handle, even with hw decoding
config.programs.mpv.config.profile = lib.mkForce "default";
}
];
zramSwap = {
# Not capable of building itself otherwise

7
pindakaas/sd.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = {
boot.loader.efi.canTouchEfiVariables = false;