diff --git a/configuration.nix b/configuration.nix index e40f217..cc8ea9f 100755 --- a/configuration.nix +++ b/configuration.nix @@ -1,7 +1,8 @@ -{ pkgs, pkgs-unstable, inputs, ... }: +{ pkgs, inputs, ... }: { imports = [ inputs.sops-nix.nixosModules.sops + ./system-modules/auto-mount.nix ./system-modules/hardware-configuration.nix ./system-modules/fuse.nix ./system-modules/nvidia.nix @@ -17,7 +18,7 @@ ./system-modules/gpg.nix ./system-modules/sops.nix ./system-modules/syncthing.nix - # ./system-modules/hsmw.nix # old + ./system-modules/hsmw.nix ./system-modules/docker.nix ./system-modules/health_reminder.nix ./system-modules/ydotool.nix @@ -60,13 +61,9 @@ hardware.bluetooth.powerOnBoot = true; # services.blueman.enable = true; - nixpkgs.config.allowUnfree = true; - # nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; - - # List packages installed in system profile. To search, run: # $ nix search wget - environment.systemPackages = with pkgs; [ + environment.systemPackages = with pkgs; ([ git lazygit # home-manager module is bugged git-crypt @@ -84,8 +81,8 @@ blueman dmidecode file - ] ++ (with pkgs-unstable; [ - sendme + # ]) ++ (with pkgs-unstable; [ + # # sendme ]); environment.variables = { @@ -104,7 +101,6 @@ nix.settings.experimental-features = [ "nix-command" "flakes" ]; - programs.bash.shellInit = '' source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh ''; diff --git a/flake-modules/allowed.nix b/flake-modules/allowed.nix new file mode 100644 index 0000000..df7a9e7 --- /dev/null +++ b/flake-modules/allowed.nix @@ -0,0 +1,43 @@ + +{ + unfree = [ + "discord" + "spotify" + "obsidian" + "zoom-us" + "zoom" + + # since the predicate ist to be set in the flake and not in a module + # it is impossible to make the list dynamic and respect nvidia.enable + "nvidia-x11" + "nvidia-settings" + "nvidia-persistenced" + "cudatoolkit" + "cuda-merged" + "cuda_cuobjdump" + "cuda_gdb" + "cuda_nvcc" + "cuda_nvdisasm" + "cuda_nvprune" + "cuda_cccl" + "cuda_cudart" + "cuda_cupti" + "cuda_cuxxfilt" + "cuda_nvml_dev" + "cuda_nvrtc" + "cuda_nvtx" + "cuda_profiler_api" + "cuda_sanitizer_api" + "libcublas" + "libcufft" + "libcurand" + "libcusolver" + "libnvjitlink" + "libcusparse" + "libnpp" + ]; + + inecure = [ + # "electron-25.9.0" + ]; +} diff --git a/flake-modules/nvidia.nix b/flake-modules/nvidia.nix new file mode 100644 index 0000000..b252a7f --- /dev/null +++ b/flake-modules/nvidia.nix @@ -0,0 +1,4 @@ +{ + enable = false; + prime = false; +} diff --git a/flake-modules/rice.nix b/flake-modules/rice.nix new file mode 100644 index 0000000..cfc907b --- /dev/null +++ b/flake-modules/rice.nix @@ -0,0 +1,59 @@ +pkgs: rec { + + lib = import ../nxlib/ricelib.nix pkgs.lib; + + transparency = 0.8; + rounding = 10; + gap-size = 10; + border-width = 3; + color = + let + dark = (-0.5); + bright = (0.5); + alter-set = let f = lib.alter-luminace-hex; in color-name: color-value: { base = color-value; dark = f color-value dark; bright = f color-value bright; }; + alter = let f = lib.alter-luminace-hex; in color-value: { base = color-value; dark = f color-value dark; bright = f color-value bright; }; + ccolor = builtins.mapAttrs alter-set { + black = "#000022"; # "#111111" "#001100"; + white = "#ddddff"; # "#dddddd" "#66dd66"; + blue = "#4422ff"; # "#3333dd" "#003300"; + cyan = "#11dddd"; # "#11dddd" "#00dd55"; + green = "#11dd44"; # "#11dd11" "#11dd11"; + magenta = "#6622dd"; # "#dd11dd" "#005500"; + red = "#dd1166"; # "#dd1111" "#00aa00"; + yellow = "#dd6611"; # "#dddd11" "#ffff00"; + }; + xcolor = with ccolor; rec { + background = black.dark; + foreground = white.base; + border = red.base; + border2 = blue.base; + accent = blue; + secondary = cyan; + tertiary = magenta; + special = yellow; + weird = green; + positive = alter "#00dd00"; + negative = alter "#dd0000"; + }; + in ccolor // xcolor; + font = { + code = { + name = "JetBrainsMono-NF"; + name2 = "JetBrainsMono Nerd Font"; + package = (pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }); + # name = "CascadiaCove-NF"; + # package = (pkgs.nerdfonts.override { fonts = [ "CascadiaCode" ]; }); + }; + base = { + # name = "NewComputerModern08"; + # package = pkgs.newcomputermodern; + name = "Atkinson Hyperlegible"; + package = pkgs.atkinson-hyperlegible; + }; + }; + cursor = { + name = "Bibata-Original-Classic"; + package = pkgs.bibata-cursors; + size = 24; + }; +} diff --git a/flake.lock b/flake.lock index 21c3465..c6b12b7 100755 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1718642173, - "narHash": "sha256-iyj4D6c77uROAH9QdZjPd9SKnS/DuACMESqaEKnBgI8=", + "lastModified": 1724233980, + "narHash": "sha256-w0j/3OeSrpx+S8if1M2ONBsZvJQ1hBQkdTQEiMCHy7o=", "owner": "KZDKM", "repo": "Hyprspace", - "rev": "2f3edb68f47a8f5d99d10b322e9a85a285f53cc7", + "rev": "743ec37d02bb2b7261f28de16bf404cebfd96105", "type": "github" }, "original": { @@ -20,6 +20,39 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1724273991, + "narHash": "sha256-+aUSOXKGpS5CRm1oTitgNAr05ThQNbKIXalZHl3nC6Y=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "9a3161ad4c78dc420d1cbb3aae638222608c7de4", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "crane": { "inputs": { "flake-compat": [ @@ -53,29 +86,6 @@ "type": "github" } }, - "firefox-addons": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "dir": "pkgs/firefox-addons", - "lastModified": 1719875691, - "narHash": "sha256-DtfpH7yivPHcfXV0EL70NwCKlg6nVTZGNngWkPshQjM=", - "owner": "rycee", - "repo": "nur-expressions", - "rev": "f2c6c0e41d6c2c82524b9d104bcfd1750a426d1b", - "type": "gitlab" - }, - "original": { - "dir": "pkgs/firefox-addons", - "owner": "rycee", - "repo": "nur-expressions", - "type": "gitlab" - } - }, "flake-compat": { "flake": false, "locked": { @@ -97,11 +107,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1719877454, - "narHash": "sha256-g5N1yyOSsPNiOlFfkuI/wcUjmtah+nxdImJqrSATjOU=", + "lastModified": 1722555600, + "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4e3583423212f9303aa1a6337f8dffb415920e4f", + "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", "type": "github" }, "original": { @@ -132,21 +142,6 @@ } }, "flake-utils": { - "locked": { - "lastModified": 1629284811, - "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "inputs": { "systems": "systems_2" }, @@ -193,11 +188,11 @@ ] }, "locked": { - "lastModified": 1719827385, - "narHash": "sha256-qs+nU20Sm8czHg3bhGCqiH+8e13BJyRrKONW34g3i50=", + "lastModified": 1720042825, + "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", "owner": "nix-community", "repo": "home-manager", - "rev": "391ca6e950c2525b4f853cbe29922452c14eda82", + "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", "type": "github" }, "original": { @@ -223,11 +218,11 @@ ] }, "locked": { - "lastModified": 1718450675, - "narHash": "sha256-jpsns6buS4bK+1sF8sL8AaixAiCRjA+nldTKvcwmvUs=", + "lastModified": 1722623071, + "narHash": "sha256-sLADpVgebpCBFXkA1FlCXtvEPu1tdEsTfqK1hfeHySE=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "66d5b46ff94efbfa6fa3d1d1b66735f1779c34a6", + "rev": "912d56025f03d41b1ad29510c423757b4379eb1c", "type": "github" }, "original": { @@ -238,6 +233,7 @@ }, "hyprland": { "inputs": { + "aquamarine": "aquamarine", "hyprcursor": "hyprcursor", "hyprlang": "hyprlang", "hyprutils": "hyprutils", @@ -247,11 +243,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1719938427, - "narHash": "sha256-b0QtvQtFAtuOVBNPEUYf4V2VNGChTukkrLH/JlCQds8=", + "lastModified": 1724596623, + "narHash": "sha256-pLbNiAfpE8rW2e1Ih7Epi0LfyDmFv+UYU2BXg7Sj66U=", "ref": "refs/heads/main", - "rev": "6247a6b537fd1c05ecf35420529fab1adf83143e", - "revCount": 4903, + "rev": "b672118f9238a48a18efd741cbcda387c5552238", + "revCount": 5136, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -279,11 +275,11 @@ ] }, "locked": { - "lastModified": 1719784423, - "narHash": "sha256-D7O5+nh2Wn9tQPJArWHrDSZeEfBCtj5zTGd86701LPE=", + "lastModified": 1723143591, + "narHash": "sha256-dPcWAeRJoG5CyWC32X3XX+Og0v/k1/S1N0T5dQWT32k=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "98cb18c6fcfe8196ef4150d09fbae305b7bb2954", + "rev": "b73d7b901d8cb1172dd25c7b7159f0242c625a77", "type": "github" }, "original": { @@ -306,11 +302,11 @@ ] }, "locked": { - "lastModified": 1714869498, - "narHash": "sha256-vbLVOWvQqo4n1yvkg/Q70VTlPbMmTiCQfNTgcWDCfJM=", + "lastModified": 1721326555, + "narHash": "sha256-zCu4R0CSHEactW9JqYki26gy8h9f6rHmSwj4XJmlHgg=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "e06482e0e611130cd1929f75e8c1cf679e57d161", + "rev": "5a11232266bf1a1f5952d5b179c3f4b2facaaa84", "type": "github" }, "original": { @@ -335,11 +331,11 @@ ] }, "locked": { - "lastModified": 1717881852, - "narHash": "sha256-XeeVoKHQgfKuXoP6q90sUqKyl7EYy3ol2dVZGM+Jj94=", + "lastModified": 1724174162, + "narHash": "sha256-fOOBLwil6M9QWMCiSULwjMQzrXhHXUnEqmjHX5ZHeVI=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "ec6938c66253429192274d612912649a0cfe4d28", + "rev": "16e5c9465f04477d8a3dd48a0a26bf437986336c", "type": "github" }, "original": { @@ -354,11 +350,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1719780938, - "narHash": "sha256-YocumFkp3FCgN3UCXp95EV7IvAwhQdlSav8cCB0oHv0=", + "lastModified": 1723307169, + "narHash": "sha256-gYfdNU65hqCLLzFG1WbNmkBbzHUKpSdeOBaeDEs34sM=", "owner": "h3rmt", "repo": "hyprswitch", - "rev": "4dbba183fcbaa63de64e973d5dc9bba883765aa3", + "rev": "a669b50adb9ba7790a5c1abaeecbd97ce42a842f", "type": "github" }, "original": { @@ -380,11 +376,11 @@ ] }, "locked": { - "lastModified": 1719316102, - "narHash": "sha256-dmRz128j/lJmMuTYeCYPfSBRHHQO3VeH4PbmoyAhHzw=", + "lastModified": 1722869141, + "narHash": "sha256-0KU4qhyMp441qfwbirNg3+wbm489KnEjXOz2I/RbeFs=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "1f6bbec5954f623ff8d68e567bddcce97cd2f085", + "rev": "0252fd13e78e60fb0da512a212e56007515a49f7", "type": "github" }, "original": { @@ -405,11 +401,11 @@ ] }, "locked": { - "lastModified": 1719067853, - "narHash": "sha256-mAnZG/eQy72Fp1ImGtqCgUrDumnR1rMZv2E/zgP4U74=", + "lastModified": 1721324119, + "narHash": "sha256-SOOqIT27/X792+vsLSeFdrNTF+OSRp5qXv6Te+fb2Qg=", "owner": "hyprwm", "repo": "hyprwayland-scanner", - "rev": "914f083741e694092ee60a39d31f693d0a6dc734", + "rev": "a048a6cb015340bd82f97c1f40a4b595ca85cc30", "type": "github" }, "original": { @@ -423,7 +419,7 @@ "crane": "crane", "flake-compat": "flake-compat", "flake-parts": "flake-parts_2", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": "nixpkgs_3", "pre-commit-hooks-nix": "pre-commit-hooks-nix", "rust-overlay": "rust-overlay" @@ -445,11 +441,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1719075281, - "narHash": "sha256-CyyxvOwFf12I91PBWz43iGT1kjsf5oi6ax7CrvaMyAo=", + "lastModified": 1724224976, + "narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a71e967ef3694799d0c418c98332f7ff4cc5f6af", + "rev": "c374d94f1536013ca8e92341b540eba4c22f9c62", "type": "github" }, "original": { @@ -459,16 +455,32 @@ "type": "github" } }, + "nixpkgs-latest": { + "locked": { + "lastModified": 1724604894, + "narHash": "sha256-ihWojFUzRYZ3i6xcxbzxMDAn5cX2FCtymu02MPjNA4c=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "669ce8b640c2ac856f714897aaffc5feb614ad57", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-lib": { "locked": { - "lastModified": 1719876945, - "narHash": "sha256-Fm2rDDs86sHy0/1jxTOKB1118Q0O3Uc7EC0iXvXKpbI=", + "lastModified": 1722555339, + "narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5daf0514482af3f97abaefc78a6606365c9108e2.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" }, "original": { "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5daf0514482af3f97abaefc78a6606365c9108e2.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" } }, "nixpkgs-stable": { @@ -489,27 +501,27 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1719663039, - "narHash": "sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo=", + "lastModified": 1721524707, + "narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a1e673523344f6ccc84b37f4413ad74ea19a119", + "rev": "556533a23879fc7e5f98dd2e0b31a6911a213171", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-23.11", + "ref": "release-24.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1719848872, - "narHash": "sha256-H3+EC5cYuq+gQW8y0lSrrDZfH71LB4DAf+TDFyvwCNA=", + "lastModified": 1724224976, + "narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "00d80d13810dbfea8ab4ed1009b09100cca86ba8", + "rev": "c374d94f1536013ca8e92341b540eba4c22f9c62", "type": "github" }, "original": { @@ -551,11 +563,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1719838683, - "narHash": "sha256-Zw9rQjHz1ilNIimEXFeVa1ERNRBF8DoXDhLAZq5B4pE=", + "lastModified": 1724316499, + "narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d032c1a6dfad4eedec7e35e91986becc699d7d69", + "rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841", "type": "github" }, "original": { @@ -598,13 +610,13 @@ "root": { "inputs": { "Hyprspace": "Hyprspace", - "firefox-addons": "firefox-addons", "home-manager": "home-manager", "hyprland": "hyprland", "hyprland-plugins": "hyprland-plugins", "hyprswitch": "hyprswitch", "lanzaboote": "lanzaboote", "nixpkgs": "nixpkgs_4", + "nixpkgs-latest": "nixpkgs-latest", "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix" } @@ -642,11 +654,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1719873517, - "narHash": "sha256-D1dxZmXf6M2h5lNE1m6orojuUawVPjogbGRsqSBX+1g=", + "lastModified": 1723501126, + "narHash": "sha256-N9IcHgj/p1+2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE=", "owner": "Mic92", "repo": "sops-nix", - "rev": "a11224af8d824935f363928074b4717ca2e280db", + "rev": "be0eec2d27563590194a9206f551a6f73d52fa34", "type": "github" }, "original": { @@ -702,11 +714,11 @@ ] }, "locked": { - "lastModified": 1718619174, - "narHash": "sha256-FWW68AVYmB91ZDQnhLMBNCUUTCjb1ZpO2k2KIytHtkA=", + "lastModified": 1724073926, + "narHash": "sha256-nWlUL43jOFHf+KW6Hqrx+W/r1XdXuDyb0wC/SrHsOu4=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "c7894aa54f9a7dbd16df5cd24d420c8af22d5623", + "rev": "a08ecbbf33598924e93542f737fc6169a26b481e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 636a4df..7e53685 100755 --- a/flake.nix +++ b/flake.nix @@ -2,240 +2,68 @@ description = "Multisystem NixOS Flake of Lennart J. Kurzweg"; inputs = { - nixpkgs.url = "nixpkgs/nixos-24.05"; - nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; - home-manager = { - url = "github:nix-community/home-manager/release-24.05"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - sops-nix = { - url = "github:Mic92/sops-nix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + nixpkgs = { url = "nixpkgs/nixos-24.05"; }; + nixpkgs-unstable = { url = "nixpkgs/nixos-unstable"; }; + nixpkgs-latest = { url = "github:nixos/nixpkgs?ref=master"; }; + home-manager = { url = "github:nix-community/home-manager/release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; }; + sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; + lanzaboote = { url = "github:nix-community/lanzaboote/v0.3.0"; }; - hyprland = { - url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; - # url = "github:hyprwm/Hyprland"; - # inputs.nixpkgs.follows = "nixpkgs"; - }; - hyprland-plugins = { - url = "github:hyprwm/hyprland-plugins"; - inputs.hyprland.follows = "hyprland"; - }; - Hyprspace = { - url = "github:KZDKM/Hyprspace"; - inputs.hyprland.follows = "hyprland"; - }; - hyprswitch.url = "github:h3rmt/hyprswitch/release"; + hyprland = { url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; }; + hyprland-plugins = { url = "github:hyprwm/hyprland-plugins"; inputs.hyprland.follows = "hyprland"; }; + Hyprspace = { url = "github:KZDKM/Hyprspace"; inputs.hyprland.follows = "hyprland"; }; + hyprswitch = { url = "github:h3rmt/hyprswitch/release"; }; - # nixvim = { - # url = "github:nix-community/nixvim/nixos-23.11"; - # inputs.nixpkgs.follows = "nixpkgs"; - # }; - lanzaboote = { - url = "github:nix-community/lanzaboote/v0.3.0"; - # inputs.nixpkgs.follows = "nixpkgs-unstable"; - }; - #arion = { - # url = "github:hercules-ci/arion"; - # inputs.nixpkgs.follows = "nixpkgs"; - #}; - firefox-addons = { - url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - # yazi.url = "github:sxyazi/yazi"; + # firefox-addons = { url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, ... }@inputs: - let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - pkgs-unstable = nixpkgs-unstable.legacyPackages.${system}; + outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-latest, home-manager, ... }@inputs: let + system = "x86_64-linux"; + user = "nx2"; - user = "nx2"; + config = { allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) (import ./flake-modules/allowed.nix).unfree; }; + + pkgs = import nixpkgs { inherit system config; }; + pkgs-unstable = import nixpkgs-unstable { inherit system config; }; + pkgs-latest = import nixpkgs-latest { inherit system config; }; - nvidia = { - enable = true; - prime = true; - # unfree = if enable then [ - unfree = [ - "nvidia-x11" - "nvidia-settings" - "nvidia-persistenced" - "cudatoolkit" - "cudatoolkit-11.8.0" - "cudatoolkit-12.2.2" - ]; - # ] else []; - }; - allowed = { - unfree-packages = [ - "cudatoolkit" - "cuda-merged" - "cuda_cuobjdump" - "cuda_gdb" - "cuda_nvcc" - "cuda_nvdisasm" - "cuda_nvprune" - "cuda_cccl" - "cuda_cudart" - "cuda_cupti" - "cuda_cuxxfilt" - "cuda_nvml_dev" - "cuda_nvrtc" - "cuda_nvtx" - "cuda_profiler_api" - "cuda_sanitizer_api" - "libcublas" - "libcufft" - "libcurand" - "libcusolver" - "libnvjitlink" - "libcusparse" - "libnpp" - - "discord" - "spotify" - "obsidian" - "zoom-us" - "zoom" - ] ++ nvidia.unfree; - - inecure-packages = [ - "electron-25.9.0" - ]; - }; - - secrets = import ./git-crypt/secrets.nix; - - rice = rec { - lib = import ./nxlib/ricelib.nix { lib = nixpkgs.lib; }; - transparency = 0.8; - rounding = 10; - gap-size = 10; - border-width = 3; - color = - let - dark = (-0.5); - bright = (0.5); - alter-set = let f = rice.lib.alter-luminace-hex; in color-name: color-value: { base = color-value; dark = f color-value dark; bright = f color-value bright; }; - alter = let f = rice.lib.alter-luminace-hex; in color-value: { base = color-value; dark = f color-value dark; bright = f color-value bright; }; - ccolor = builtins.mapAttrs alter-set { - black = "#000022"; # "#111111" "#001100"; - white = "#ddddff"; # "#dddddd" "#66dd66"; - blue = "#4422ff"; # "#3333dd" "#003300"; - cyan = "#11dddd"; # "#11dddd" "#00dd55"; - green = "#11dd44"; # "#11dd11" "#11dd11"; - magenta = "#6622dd"; # "#dd11dd" "#005500"; - red = "#dd1166"; # "#dd1111" "#00aa00"; - yellow = "#dd6611"; # "#dddd11" "#ffff00"; - }; - xcolor = with ccolor; rec { - background = black.dark; - foreground = white.base; - border = cyan.base; - border2 = blue.base; - accent = blue; - secondary = cyan; - tertiary = magenta; - special = yellow; - weird = green; - positive = alter "#00dd00"; - negative = alter "#dd0000"; - }; - # ccolor = builtins.mapAttrs alter-set { - # black = "#112200"; - # white = "#ddffdd"; - # blue = "#779944"; - # cyan = "#11ffcc"; - # green = "#00ff00"; - # magenta = "#449999"; - # red = "#dd2200"; - # yellow = "#ffff11"; - # }; - # xcolor = with ccolor; rec { - # background = black.dark; # black.dark; - # foreground = white.base; # white.base; - # border = accent.base; # cyan.base; - # border2 = yellow.base; # blue.base; - # accent = green; # blue; - # secondary = red; # cyan; - # tertiary = yellow; # magenta; - # special = blue; # yellow; - # weird = magenta; # green; - # positive = alter "#00dd00"; # alter "#00dd00"; - # negative = alter "#dd0000"; # alter "#dd0000"; - # }; - in ccolor // xcolor; - font = { - code = { - name = "JetBrainsMono-NF"; - name2 = "JetBrainsMono Nerd Font"; - package = (pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }); - # name = "CascadiaCove-NF"; - # package = (pkgs.nerdfonts.override { fonts = [ "CascadiaCode" ]; }); - }; - base = { - # name = "NewComputerModern08"; - # package = pkgs.newcomputermodern; - name = "Atkinson Hyperlegible"; - package = pkgs.atkinson-hyperlegible; - }; - }; - cursor = { - name = "Bibata-Original-Classic"; - package = pkgs.bibata-cursors; - size = 24; - }; - }; - in - { - nixosConfigurations = { - NxXPS = let host = "NxXPS"; in nixpkgs.lib.nixosSystem { - inherit system; - modules = [ ./configuration.nix ]; - specialArgs = { inherit inputs user host pkgs-unstable allowed secrets rice nvidia; }; - }; - NxNORTH = let host = "NxNORTH"; in nixpkgs.lib.nixosSystem { - inherit system; - modules = [ ./configuration.nix ]; - specialArgs = { inherit inputs user host pkgs-unstable allowed secrets rice nvidia; }; - }; - NxACE = let host = "NxACE"; nvidia.enable = false; in nixpkgs.lib.nixosSystem { - inherit system; - modules = [ ./configuration.nix ]; - specialArgs = { inherit inputs user host pkgs-unstable allowed secrets rice nvidia; }; - }; - }; - - homeConfigurations = { - "${user}@NxXPS" = let host = "NxXPS"; in home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./home.nix ]; - extraSpecialArgs = { inherit inputs system user host allowed secrets pkgs-unstable rice nvidia; }; - }; - "${user}@NxNORTH" = let host = "NxNORTH"; in home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./home.nix ]; - extraSpecialArgs = { inherit inputs system user host allowed secrets pkgs-unstable rice nvidia; }; - }; - "${user}@NxACE" = let host = "NxACE"; nvidia.enable = false; in home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./home.nix ]; - extraSpecialArgs = { inherit inputs system user host allowed secrets pkgs-unstable rice nvidia; }; - }; - "tv@NxACE" = - let - host = "NxACE"; - user = "tv"; - nvidia.enable = pkgs.kib.mkForce false; - in - home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./home.nix ]; - extraSpecialArgs = { inherit inputs system user host allowed secrets pkgs-unstable rice nvidia; }; - }; + nvidia-set = import ./flake-modules/nvidia.nix; + secrets = import ./git-crypt/secrets.nix; + rice = import ./flake-modules/rice.nix pkgs; + in { + nixosConfigurations = let + make-nixos-system = host: nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./configuration.nix ]; + specialArgs = let + nvidia = nvidia-set // { + enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; + prime = if (host == "NxXPS") then true else false; + }; + in { inherit inputs user host pkgs-unstable pkgs-latest secrets rice nvidia; }; }; + in { + NxXPS = make-nixos-system "NxXPS"; + NxNORTH = make-nixos-system "NxNORTH"; + NxACE = make-nixos-system "NxACE"; }; + + homeConfigurations = let + make-home-configuration = host: user: home-manager.lib.homeManagerConfiguration { + inherit pkgs; + modules = [ ./home.nix ]; + extraSpecialArgs = let + nvidia = nvidia-set // { + enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; + prime = if (host == "NxXPS") then true else false; + }; + in { inherit inputs system user host pkgs-unstable pkgs-latest rice secrets nvidia; }; + }; + in { + "${user}@NxXPS" = make-home-configuration "NxXPS" user; + "${user}@NxNORTH" = make-home-configuration "NxNORTH" user; + "${user}@NxACE" = make-home-configuration "NxACE" user; + "tv@NxACE" = make-home-configuration "NxACE" "tv"; + }; + }; } diff --git a/git-crypt/mutt/client-secret-oauth2-lkgoogle.json b/git-crypt/mutt/client-secret-oauth2-lkgoogle.json deleted file mode 100755 index 80997c9..0000000 Binary files a/git-crypt/mutt/client-secret-oauth2-lkgoogle.json and /dev/null differ diff --git a/git-crypt/secrets.nix b/git-crypt/secrets.nix index 4fc966f..789f9d3 100755 Binary files a/git-crypt/secrets.nix and b/git-crypt/secrets.nix differ diff --git a/home-modules/auto-mount.nix b/home-modules/auto-mount.nix new file mode 100644 index 0000000..e05235c --- /dev/null +++ b/home-modules/auto-mount.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + services.udiskie = { + enable = true; + notify = true; + }; +} diff --git a/home-modules/direnv.nix b/home-modules/direnv.nix new file mode 100755 index 0000000..d6eff69 --- /dev/null +++ b/home-modules/direnv.nix @@ -0,0 +1,14 @@ +{ lib, user, ... }: +lib.mkIf (user != "tv") +{ + programs = { + direnv = { + enable = true; + # enableBashIntegration = true; + nix-direnv.enable = true; + config = { + hide_env_diff = true; + }; + }; + }; +} diff --git a/home-modules/discord.nix b/home-modules/discord.nix index 770738d..8d99f71 100755 --- a/home-modules/discord.nix +++ b/home-modules/discord.nix @@ -1,492 +1,494 @@ -{ config, pkgs, pkgs-unstable, lib, host, user, allowed, ... }: +{ pkgs, lib, host, ... }: lib.mkIf (host != "NxACE") { - home.packages = [ - pkgs.vesktop - ]; + home = { + packages = with pkgs; [ + vesktop + ]; - home.file.".config/vesktop/settings/settings.json".text = '' - { - "notifyAboutUpdates": true, - "autoUpdate": false, - "autoUpdateNotification": true, - "useQuickCss": true, - "themeLinks": [ - "https://luckfire.github.io/amoled-cord/src/amoled-cord.css" - ], - "enabledThemes": [], - "enableReactDevtools": false, - "frameless": false, - "transparent": true, - "winCtrlQ": false, - "macosTranslucency": false, - "disableMinSize": false, - "winNativeTitleBar": false, - "plugins": { - "BadgeAPI": { - "enabled": true - }, - "CommandsAPI": { - "enabled": true - }, - "ContextMenuAPI": { - "enabled": true - }, - "MemberListDecoratorsAPI": { - "enabled": false - }, - "MessageAccessoriesAPI": { - "enabled": false - }, - "MessageDecorationsAPI": { - "enabled": false - }, - "MessageEventsAPI": { - "enabled": false - }, - "MessagePopoverAPI": { - "enabled": false - }, - "NoticesAPI": { - "enabled": true - }, - "ServerListAPI": { - "enabled": false - }, - "NoTrack": { - "enabled": true - }, - "Settings": { - "enabled": true, - "settingsLocation": "aboveActivity" - }, - "SupportHelper": { - "enabled": true - }, - "ChatInputButtonAPI": { - "enabled": false - }, - "AlwaysAnimate": { - "enabled": true - }, - "AlwaysTrust": { - "enabled": true - }, - "AnonymiseFileNames": { - "enabled": false - }, - "WebRichPresence (arRPC)": { - "enabled": false - }, - "BANger": { - "enabled": false - }, - "BetterFolders": { - "enabled": false - }, - "BetterGifAltText": { - "enabled": false - }, - "BetterGifPicker": { - "enabled": false - }, - "BetterNotesBox": { - "enabled": false - }, - "BetterRoleDot": { - "enabled": false - }, - "BetterUploadButton": { - "enabled": false - }, - "BiggerStreamPreview": { - "enabled": false - }, - "BlurNSFW": { - "enabled": false - }, - "CallTimer": { - "enabled": false - }, - "ClearURLs": { - "enabled": false - }, - "ClientTheme": { - "enabled": false - }, - "ColorSighted": { - "enabled": false - }, - "ConsoleShortcuts": { - "enabled": false - }, - "CopyUserURLs": { - "enabled": false - }, - "CrashHandler": { - "enabled": true - }, - "CustomRPC": { - "enabled": false - }, - "Dearrow": { - "enabled": false - }, - "Decor": { - "enabled": false - }, - "DisableCallIdle": { - "enabled": false - }, - "EmoteCloner": { - "enabled": false - }, - "Experiments": { - "enabled": false - }, - "F8Break": { - "enabled": false - }, - "FakeNitro": { - "enabled": false - }, - "FakeProfileThemes": { - "enabled": true - }, - "FavoriteEmojiFirst": { - "enabled": false - }, - "FavoriteGifSearch": { - "enabled": false - }, - "FixCodeblockGap": { - "enabled": false - }, - "FixSpotifyEmbeds": { - "enabled": false - }, - "FixYoutubeEmbeds": { - "enabled": false - }, - "ForceOwnerCrown": { - "enabled": false - }, - "FriendInvites": { - "enabled": false - }, - "GameActivityToggle": { - "enabled": false - }, - "GifPaste": { - "enabled": false - }, - "GreetStickerPicker": { - "enabled": false - }, - "HideAttachments": { - "enabled": false - }, - "iLoveSpam": { - "enabled": false - }, - "IgnoreActivities": { - "enabled": false - }, - "ImageZoom": { - "enabled": false - }, - "InvisibleChat": { - "enabled": false - }, - "KeepCurrentChannel": { - "enabled": false - }, - "LastFMRichPresence": { - "enabled": false - }, - "LoadingQuotes": { - "enabled": false - }, - "MemberCount": { - "enabled": false - }, - "MessageClickActions": { - "enabled": false - }, - "MessageLinkEmbeds": { - "enabled": false - }, - "MessageLogger": { - "enabled": false - }, - "MessageTags": { - "enabled": false - }, - "MoreCommands": { - "enabled": false - }, - "MoreKaomoji": { - "enabled": false - }, - "MoreUserTags": { - "enabled": false - }, - "Moyai": { - "enabled": false - }, - "MutualGroupDMs": { - "enabled": false - }, - "NewGuildSettings": { - "enabled": false - }, - "NoBlockedMessages": { - "enabled": false - }, - "NoDevtoolsWarning": { - "enabled": false - }, - "NoF1": { - "enabled": false - }, - "NoMosaic": { - "enabled": false - }, - "NoPendingCount": { - "enabled": false - }, - "NoProfileThemes": { - "enabled": false - }, - "NoReplyMention": { - "enabled": false - }, - "NoScreensharePreview": { - "enabled": false - }, - "NoTypingAnimation": { - "enabled": false - }, - "NoUnblockToJump": { - "enabled": false - }, - "NormalizeMessageLinks": { - "enabled": false - }, - "NotificationVolume": { - "enabled": false - }, - "NSFWGateBypass": { - "enabled": false - }, - "OnePingPerDM": { - "enabled": false - }, - "oneko": { - "enabled": false - }, - "OpenInApp": { - "enabled": false - }, - "Party mode 🎉": { - "enabled": false - }, - "PermissionFreeWill": { - "enabled": false - }, - "PermissionsViewer": { - "enabled": false - }, - "petpet": { - "enabled": false - }, - "PictureInPicture": { - "enabled": false - }, - "PinDMs": { - "enabled": false - }, - "PlainFolderIcon": { - "enabled": false - }, - "PlatformIndicators": { - "enabled": false - }, - "PreviewMessage": { - "enabled": false - }, - "PronounDB": { - "enabled": false - }, - "QuickMention": { - "enabled": false - }, - "QuickReply": { - "enabled": false - }, - "ReactErrorDecoder": { - "enabled": false - }, - "ReadAllNotificationsButton": { - "enabled": false - }, - "RelationshipNotifier": { - "enabled": false - }, - "RevealAllSpoilers": { - "enabled": false - }, - "ReverseImageSearch": { - "enabled": false - }, - "ReviewDB": { - "enabled": false - }, - "RoleColorEverywhere": { - "enabled": true - }, - "SearchReply": { - "enabled": false - }, - "SecretRingToneEnabler": { - "enabled": false - }, - "SendTimestamps": { - "enabled": false - }, - "ServerListIndicators": { - "enabled": false - }, - "ServerProfile": { - "enabled": false - }, - "ShikiCodeblocks": { - "enabled": false - }, - "ShowAllMessageButtons": { - "enabled": false - }, - "ShowConnections": { - "enabled": false - }, - "ShowHiddenChannels": { - "enabled": false - }, - "ShowMeYourName": { - "enabled": false - }, - "ShowTimeouts": { - "enabled": false - }, - "SilentMessageToggle": { - "enabled": false - }, - "SilentTyping": { - "enabled": false - }, - "SortFriendRequests": { - "enabled": false - }, - "SpotifyControls": { - "enabled": false - }, - "SpotifyCrack": { - "enabled": false - }, - "SpotifyShareCommands": { - "enabled": false - }, - "StartupTimings": { - "enabled": false - }, - "SuperReactionTweaks": { - "enabled": false - }, - "TextReplace": { - "enabled": false - }, - "ThemeAttributes": { - "enabled": false - }, - "TimeBarAllActivities": { - "enabled": false - }, - "Translate": { - "enabled": false - }, - "TypingIndicator": { - "enabled": false - }, - "TypingTweaks": { - "enabled": false - }, - "Unindent": { - "enabled": false - }, - "UnsuppressEmbeds": { - "enabled": false - }, - "UrbanDictionary": { - "enabled": false - }, - "UserVoiceShow": { - "enabled": false - }, - "USRBG": { - "enabled": false - }, - "ValidUser": { - "enabled": false - }, - "VoiceChatDoubleClick": { - "enabled": false - }, - "VcNarrator": { - "enabled": false - }, - "VencordToolbox": { - "enabled": false - }, - "ViewIcons": { - "enabled": false - }, - "ViewRaw": { - "enabled": false - }, - "VoiceMessages": { - "enabled": false - }, - "WebContextMenus": { - "enabled": true, - "addBack": true - }, - "WebKeybinds": { - "enabled": true - }, - "WhoReacted": { - "enabled": false - }, - "Wikisearch": { - "enabled": false - }, - "XSOverlay": { - "enabled": false - } - }, - "notifications": { - "timeout": 5000, - "position": "bottom-right", - "useNative": "not-focused", - "logLimit": 50 - }, - "cloud": { - "authenticated": false, - "url": "https://api.vencord.dev/", - "settingsSync": false, - "settingsSyncVersion": 1710459223618 - } - } - ''; + file.".config/vesktop/settings/settings.json".text = '' + { + "notifyAboutUpdates": true, + "autoUpdate": false, + "autoUpdateNotification": true, + "useQuickCss": true, + "themeLinks": [ + "https://luckfire.github.io/amoled-cord/src/amoled-cord.css" + ], + "enabledThemes": [], + "enableReactDevtools": false, + "frameless": false, + "transparent": true, + "winCtrlQ": false, + "macosTranslucency": false, + "disableMinSize": false, + "winNativeTitleBar": false, + "plugins": { + "BadgeAPI": { + "enabled": true + }, + "CommandsAPI": { + "enabled": true + }, + "ContextMenuAPI": { + "enabled": true + }, + "MemberListDecoratorsAPI": { + "enabled": false + }, + "MessageAccessoriesAPI": { + "enabled": false + }, + "MessageDecorationsAPI": { + "enabled": false + }, + "MessageEventsAPI": { + "enabled": false + }, + "MessagePopoverAPI": { + "enabled": false + }, + "NoticesAPI": { + "enabled": true + }, + "ServerListAPI": { + "enabled": false + }, + "NoTrack": { + "enabled": true + }, + "Settings": { + "enabled": true, + "settingsLocation": "aboveActivity" + }, + "SupportHelper": { + "enabled": true + }, + "ChatInputButtonAPI": { + "enabled": false + }, + "AlwaysAnimate": { + "enabled": true + }, + "AlwaysTrust": { + "enabled": true + }, + "AnonymiseFileNames": { + "enabled": false + }, + "WebRichPresence (arRPC)": { + "enabled": false + }, + "BANger": { + "enabled": false + }, + "BetterFolders": { + "enabled": false + }, + "BetterGifAltText": { + "enabled": false + }, + "BetterGifPicker": { + "enabled": false + }, + "BetterNotesBox": { + "enabled": false + }, + "BetterRoleDot": { + "enabled": false + }, + "BetterUploadButton": { + "enabled": false + }, + "BiggerStreamPreview": { + "enabled": false + }, + "BlurNSFW": { + "enabled": false + }, + "CallTimer": { + "enabled": false + }, + "ClearURLs": { + "enabled": false + }, + "ClientTheme": { + "enabled": false + }, + "ColorSighted": { + "enabled": false + }, + "ConsoleShortcuts": { + "enabled": false + }, + "CopyUserURLs": { + "enabled": false + }, + "CrashHandler": { + "enabled": true + }, + "CustomRPC": { + "enabled": false + }, + "Dearrow": { + "enabled": false + }, + "Decor": { + "enabled": false + }, + "DisableCallIdle": { + "enabled": false + }, + "EmoteCloner": { + "enabled": false + }, + "Experiments": { + "enabled": false + }, + "F8Break": { + "enabled": false + }, + "FakeNitro": { + "enabled": false + }, + "FakeProfileThemes": { + "enabled": true + }, + "FavoriteEmojiFirst": { + "enabled": false + }, + "FavoriteGifSearch": { + "enabled": false + }, + "FixCodeblockGap": { + "enabled": false + }, + "FixSpotifyEmbeds": { + "enabled": false + }, + "FixYoutubeEmbeds": { + "enabled": false + }, + "ForceOwnerCrown": { + "enabled": false + }, + "FriendInvites": { + "enabled": false + }, + "GameActivityToggle": { + "enabled": false + }, + "GifPaste": { + "enabled": false + }, + "GreetStickerPicker": { + "enabled": false + }, + "HideAttachments": { + "enabled": false + }, + "iLoveSpam": { + "enabled": false + }, + "IgnoreActivities": { + "enabled": false + }, + "ImageZoom": { + "enabled": false + }, + "InvisibleChat": { + "enabled": false + }, + "KeepCurrentChannel": { + "enabled": false + }, + "LastFMRichPresence": { + "enabled": false + }, + "LoadingQuotes": { + "enabled": false + }, + "MemberCount": { + "enabled": false + }, + "MessageClickActions": { + "enabled": false + }, + "MessageLinkEmbeds": { + "enabled": false + }, + "MessageLogger": { + "enabled": false + }, + "MessageTags": { + "enabled": false + }, + "MoreCommands": { + "enabled": false + }, + "MoreKaomoji": { + "enabled": false + }, + "MoreUserTags": { + "enabled": false + }, + "Moyai": { + "enabled": false + }, + "MutualGroupDMs": { + "enabled": false + }, + "NewGuildSettings": { + "enabled": false + }, + "NoBlockedMessages": { + "enabled": false + }, + "NoDevtoolsWarning": { + "enabled": false + }, + "NoF1": { + "enabled": false + }, + "NoMosaic": { + "enabled": false + }, + "NoPendingCount": { + "enabled": false + }, + "NoProfileThemes": { + "enabled": false + }, + "NoReplyMention": { + "enabled": false + }, + "NoScreensharePreview": { + "enabled": false + }, + "NoTypingAnimation": { + "enabled": false + }, + "NoUnblockToJump": { + "enabled": false + }, + "NormalizeMessageLinks": { + "enabled": false + }, + "NotificationVolume": { + "enabled": false + }, + "NSFWGateBypass": { + "enabled": false + }, + "OnePingPerDM": { + "enabled": false + }, + "oneko": { + "enabled": false + }, + "OpenInApp": { + "enabled": false + }, + "Party mode 🎉": { + "enabled": false + }, + "PermissionFreeWill": { + "enabled": false + }, + "PermissionsViewer": { + "enabled": false + }, + "petpet": { + "enabled": false + }, + "PictureInPicture": { + "enabled": false + }, + "PinDMs": { + "enabled": false + }, + "PlainFolderIcon": { + "enabled": false + }, + "PlatformIndicators": { + "enabled": false + }, + "PreviewMessage": { + "enabled": false + }, + "PronounDB": { + "enabled": false + }, + "QuickMention": { + "enabled": false + }, + "QuickReply": { + "enabled": false + }, + "ReactErrorDecoder": { + "enabled": false + }, + "ReadAllNotificationsButton": { + "enabled": false + }, + "RelationshipNotifier": { + "enabled": false + }, + "RevealAllSpoilers": { + "enabled": false + }, + "ReverseImageSearch": { + "enabled": false + }, + "ReviewDB": { + "enabled": false + }, + "RoleColorEverywhere": { + "enabled": true + }, + "SearchReply": { + "enabled": false + }, + "SecretRingToneEnabler": { + "enabled": false + }, + "SendTimestamps": { + "enabled": false + }, + "ServerListIndicators": { + "enabled": false + }, + "ServerProfile": { + "enabled": false + }, + "ShikiCodeblocks": { + "enabled": false + }, + "ShowAllMessageButtons": { + "enabled": false + }, + "ShowConnections": { + "enabled": false + }, + "ShowHiddenChannels": { + "enabled": false + }, + "ShowMeYourName": { + "enabled": false + }, + "ShowTimeouts": { + "enabled": false + }, + "SilentMessageToggle": { + "enabled": false + }, + "SilentTyping": { + "enabled": false + }, + "SortFriendRequests": { + "enabled": false + }, + "SpotifyControls": { + "enabled": false + }, + "SpotifyCrack": { + "enabled": false + }, + "SpotifyShareCommands": { + "enabled": false + }, + "StartupTimings": { + "enabled": false + }, + "SuperReactionTweaks": { + "enabled": false + }, + "TextReplace": { + "enabled": false + }, + "ThemeAttributes": { + "enabled": false + }, + "TimeBarAllActivities": { + "enabled": false + }, + "Translate": { + "enabled": false + }, + "TypingIndicator": { + "enabled": false + }, + "TypingTweaks": { + "enabled": false + }, + "Unindent": { + "enabled": false + }, + "UnsuppressEmbeds": { + "enabled": false + }, + "UrbanDictionary": { + "enabled": false + }, + "UserVoiceShow": { + "enabled": false + }, + "USRBG": { + "enabled": false + }, + "ValidUser": { + "enabled": false + }, + "VoiceChatDoubleClick": { + "enabled": false + }, + "VcNarrator": { + "enabled": false + }, + "VencordToolbox": { + "enabled": false + }, + "ViewIcons": { + "enabled": false + }, + "ViewRaw": { + "enabled": false + }, + "VoiceMessages": { + "enabled": false + }, + "WebContextMenus": { + "enabled": true, + "addBack": true + }, + "WebKeybinds": { + "enabled": true + }, + "WhoReacted": { + "enabled": false + }, + "Wikisearch": { + "enabled": false + }, + "XSOverlay": { + "enabled": false + } + }, + "notifications": { + "timeout": 5000, + "position": "bottom-right", + "useNative": "not-focused", + "logLimit": 50 + }, + "cloud": { + "authenticated": false, + "url": "https://api.vencord.dev/", + "settingsSync": false, + "settingsSyncVersion": 1710459223618 + } + } + ''; + }; } diff --git a/home-modules/email.nix b/home-modules/email.nix index f25038b..b3e00d4 100755 --- a/home-modules/email.nix +++ b/home-modules/email.nix @@ -102,9 +102,9 @@ lib.mkIf (host != "NxACE") }; }; - hsmw = { - address = secrets.email.hsmw.mail; - userName = secrets.email.hsmw.mail; + hsmw = with secrets.email.hsmw; { + address = "${un}@hs-mittweida.de"; + userName = "${un}@hs-mittweida.de"; realName = "Lennart J. Kurzweg"; imap = { port = 993; @@ -117,8 +117,8 @@ lib.mkIf (host != "NxACE") }; signature = { text = '' - MatNr: ${secrets.email.hsmw.mnr} - SemGr: ${secrets.email.hsmw.semgr} + MatNr: ${mnr} + SemGr: ${semgr} About Me: https://nx2.site/about-me Contact: https://nx2.site/contact GPG: https://nx2.site/gpg @@ -128,6 +128,9 @@ lib.mkIf (host != "NxACE") thunderbird = { enable = true; profiles = [ "default" ]; + settings = id: { + "mail.server.server_${id}.fcc_folder" = "imap://${un}%40hs-mittweida.de@xc.hs-mittweida.de/Sent"; + }; }; }; }; diff --git a/home-modules/foot.nix b/home-modules/foot.nix new file mode 100644 index 0000000..7857be2 --- /dev/null +++ b/home-modules/foot.nix @@ -0,0 +1,270 @@ +{ config, pkgs, rice, lib, user, ... }: +lib.mkIf (user != "tv") +{ + home.packages = with pkgs; [ + foot + ]; + + programs.foot = { + enable = true; + # background = rice.color.background; + # foreground = rice.color.foreground; + # cursor = rice.color.foreground; + # color0 = rice.color.black.base; + # color8 = rice.color.black.bright; + # color1 = rice.color.red.base; + # color9 = rice.color.red.bright; + # color2 = rice.color.green.base; + # color10 = rice.color.green.bright; + # color3 = rice.color.yellow.base; + # color11 = rice.color.yellow.bright; + # color4 = rice.color.blue.base; + # color12 = rice.color.blue.bright; + # color5 = rice.color.magenta.base; + # color13 = rice.color.magenta.bright; + # color6 = rice.color.cyan.base; + # color14 = rice.color.cyan.bright; + # color7 = rice.color.white.base; + # color15 = rice.color.white.bright; + # background_opacity = builtins.toString rice.transparency; + # window_padding_width = 5; + # remember_window_size = false; + + # settings = { + # main = { + # shell = ''$SHELL (if set, otherwise user's default shell from /etc/passwd)''; + # term = ''foot (or xterm-256color if built with -Dterminfo=disabled)''; + # login-shell = ''no''; + + # # app-id = ''foot''; + # title = ''foot''; + # locked-title = ''no''; + + # font = ''${rice.font.code.name}:size=8''; + # font-size-adjustment = ''0.5''; + # line-height = ""; + # letter-spacing = ''0''; + # horizontal-letter-offset = ''0''; + # vertical-letter-offset = ''0''; + # underline-offset = ""; + # underline-thickness = ""; + # # box-drawings-uses-font-glyphs = "no"; + # # dpi-aware = ''no''; + + # # initial-window-size-pixels = ''700x500''; + # # initial-window-size-chars = ""; + # # initial-window-mode = ''windowed''; + # pad = ''5x5''; + # resize-by-cells = ''yes''; + # resize-keep-grid = ''yes''; + # resize-delay-ms = ''100''; + + # # bold-text-in-bright = false; + # word-delimiters = '',│`|:"'()[]{}<>''; + # selection-target = ''primary''; + # workers = ""; + # utmp-helper = ''/usr/lib/utempter/utempter''; + # # environment = { + # # name = ''value''; + # # }; + + # }; + # bell = { + # urgent = ''no''; + # notify = ''no''; + # visual = ''no''; + # command = ''''; + # command-focused = ''no''; + # }; + # desktop-notifications = { + # command = ''notify-send --wait --app-name ''${app-id} --icon ''${app-id} --category ''${category} --urgency ''${urgency} --expire-time ''${expire-time} --hint STRING:image-path:''${icon} --hint BOOLEAN:suppress-sound:''${muted} --hint STRING:sound-name:''${sound-name} --replace-id ''${replace-id} ''${action-argument} --print-id -- ''${title} ''${body}''; + # command-action-argument = ''--action ''${action-name}=''${action-label}''; + # close = ''""''; + # inhibit-when-focused = ''yes''; + + # }; + # scrollback = { + # lines = ''1000''; + # multiplier = ''3.0''; + # indicator-position = ''relative''; + # indicator-format = ''""''; + # }; + # url = { + # launch = ''xdg-open ''${url}''; + # label-letters = ''sadfjklewcmpgh''; + # osc8-underline = ''url-mode''; + # protocols = ''http, https, ftp, ftps, file, gemini, gopher''; + # uri-characters = ''abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.,~:;/?#@!$&%*+="'()[]''; + # }; + # cursor = { + # style = ''block''; + # color = ""; + # blink = ''no''; + # blink-rate = ''500''; + # beam-thickness = ''1.5''; + # underline-thickness = ""; + # }; + # mouse = { + # hide-when-typing = ''no''; + # alternate-scroll-mode = ''yes''; + # }; + # touch = { + # long-press-delay = ''400''; + # }; + # colors = { + # alpha = ''1.0''; + # background = ''242424''; + # foreground = ''ffffff''; + # flash = ''7f7f00''; + # flash-alpha = ''0.5''; + + # # Normal/regular colors (color palette 0-7) + # regular0 = ''242424''; + # regular1 = ''f62b5a''; + # regular2 = ''47b413''; + # regular3 = ''e3c401''; + # regular4 = ''24acd4''; + # regular5 = ''f2affd''; + # regular6 = ''13c299''; + # regular7 = ''e6e6e6''; + + # # Bright colors (color palette 8-15) + # bright0 = ''616161''; + # bright1 = ''ff4d51''; + # bright2 = ''35d450''; + # bright3 = ''e9e836''; + # bright4 = ''5dc5f8''; + # bright5 = ''feabf2''; + # bright6 = ''24dfc4''; + # bright7 = ''ffffff''; + + # # dimmed colors (see foot.ini(5) man page) + # # dim0 = ""; + # # ... + # # dim7 = ""; + + # # The remaining 256-color palette + # # 16 = <256-color palette #16> + # # ... + # # 255 = <256-color palette #255> + + # # Misc colors + # selection-foreground = ""; + # selection-background = ""; + # jump-labels = " "; + # scrollback-indicator = " "; + # search-box-no-match = " "; + # search-box-match = " "; + # urls = ""; + # }; + # csd = { + # preferred = ''server''; + # size = ''26''; + # font = ""; + # color = ""; + # hide-when-maximized = ''no''; + # double-click-to-maximize = ''yes''; + # border-width = ''0''; + # border-color = ""; + # button-width = ''26''; + # button-color = ""; + # button-minimize-color = ""; + # button-maximize-color = ""; + # button-close-color = ""; + # }; + # key-bindings = { + # scrollback-up-page = ''Shift+Page_Up''; + # scrollback-up-half-page = ''none''; + # scrollback-up-line = ''none''; + # scrollback-down-page = ''Shift+Page_Down''; + # scrollback-down-half-page = ''none''; + # scrollback-down-line = ''none''; + # scrollback-home = ''none''; + # scrollback-end = ''none''; + # clipboard-copy = ''Control+Shift+c XF86Copy''; + # clipboard-paste = ''Control+Shift+v XF86Paste''; + # primary-paste = ''Shift+Insert''; + # search-start = ''Control+Shift+r''; + # font-increase = ''Control+plus Control+equal Control+KP_Add''; + # font-decrease = ''Control+minus Control+KP_Subtract''; + # font-reset = ''Control+0 Control+KP_0''; + # spawn-terminal = ''Control+Shift+n''; + # minimize = ''none''; + # maximize = ''none''; + # fullscreen = ''none''; + # pipe-visible = ''[sh -c "xurls | fuzzel | xargs -r firefox"] none''; + # pipe-scrollback = ''[sh -c "xurls | fuzzel | xargs -r firefox"] none''; + # pipe-selected = ''[xargs -r firefox] none''; + # pipe-command-output = ''[wl-copy] none''; + # show-urls-launch = ''Control+Shift+o''; + # show-urls-copy = ''none''; + # show-urls-persistent = ''none''; + # prompt-prev = ''Control+Shift+z''; + # prompt-next = ''Control+Shift+x''; + # unicode-input = ''Control+Shift+u''; + # noop = ''none''; + # }; + # search-bindings = { + # cancel = ''Control+g Control+c Escape''; + # commit = ''Return''; + # find-prev = ''Control+r''; + # find-next = ''Control+s''; + # cursor-left = ''Left Control+b''; + # cursor-left-word = ''Control+Left Mod1+b''; + # cursor-right = ''Right Control+f''; + # cursor-right-word = ''Control+Right Mod1+f''; + # cursor-home = ''Home Control+a''; + # cursor-end = ''End Control+e''; + # delete-prev = ''BackSpace''; + # delete-prev-word = ''Mod1+BackSpace Control+BackSpace''; + # delete-next = ''Delete''; + # delete-next-word = ''Mod1+d Control+Delete''; + # extend-char = ''Shift+Right''; + # extend-to-word-boundary = ''Control+w Control+Shift+Right''; + # extend-to-next-whitespace = ''Control+Shift+w''; + # extend-line-down = ''Shift+Down''; + # extend-backward-char = ''Shift+Left''; + # extend-backward-to-word-boundary = ''Control+Shift+Left''; + # extend-backward-to-next-whitespace = ''none''; + # extend-line-up = ''Shift+Up''; + # clipboard-paste = ''Control+v Control+Shift+v Control+y XF86Paste''; + # primary-paste = ''Shift+Insert''; + # unicode-input = ''none''; + # quit = ''none''; + # scrollback-up-page = ''Shift+Page_Up''; + # scrollback-up-half-page = ''none''; + # scrollback-up-line = ''none''; + # scrollback-down-page = ''Shift+Page_Down''; + # scrollback-down-half-page = ''none''; + # scrollback-down-line = ''none''; + # scrollback-home = ''none''; + # scrollback-end = ''none''; + # }; + # url-bindings = { + # cancel = ''Control+g Control+c Control+d Escape''; + # toggle-url-visible = ''t''; + # }; + # text-bindings = { + # "\x03" = ''Mod4+c''; + # }; + # mouse-bindings = { + # scrollback-up-mouse = ''BTN_WHEEL_BACK''; + # scrollback-down-mouse = ''BTN_WHEEL_FORWARD''; + # font-increase = ''Control+BTN_WHEEL_BACK''; + # font-decrease = ''Control+BTN_WHEEL_FORWARD''; + # selection-override-modifiers = ''Shift''; + # primary-paste = ''BTN_MIDDLE''; + # select-begin = ''BTN_LEFT''; + # select-begin-block = ''Control+BTN_LEFT''; + # select-extend = ''BTN_RIGHT''; + # select-extend-character-wise = ''Control+BTN_RIGHT''; + # select-word = ''BTN_LEFT-2''; + # select-word-whitespace = ''Control+BTN_LEFT-2''; + # select-quote = ''BTN_LEFT-3''; + # select-row = ''BTN_LEFT-4''; + + # # vim: ft = ''dosini''; + # }; + # }; + }; +} diff --git a/home-modules/helix.nix b/home-modules/helix.nix index 9d8e8f6..662e1ca 100644 --- a/home-modules/helix.nix +++ b/home-modules/helix.nix @@ -2,9 +2,12 @@ { home = { packages = with pkgs; [ - nixfmt # nix formater + nixfmt-classic # nix formater nil # nix language server python311Packages.python-lsp-server + ruff + ruff-lsp + pyright lldb # debugger for llvm stuff yaml-language-server # yaml marksman # markdown @@ -73,12 +76,39 @@ file-types = [ "md" "MD" ]; scope = "text."; } - # { - # name = "python"; - # transport = "stdio"; - # command = "python3"; - # args = ["-m" "debugpy.adapter"]; - # } + + { + name = "python"; + language-servers = [ "pyright" "ruff" ]; + formatter = { + command = "ruff"; + args = [ + "format" + "--line-length" + "120" + "-" + ]; + }; + debugger = { + name = "debugpy"; + transport = "stdio"; + command = "python"; + args = [ "-m" "debugpy.adapter" ]; + templates = [{ + name = "source"; + request = "launch"; + completion = [{ + name = "entrypoint"; + completion = "filename"; + default = "."; + }]; + args = { + mode = "debug"; + program = "{0}"; + }; + }]; + }; + } ]; language-server = { "style-check" = { @@ -87,6 +117,26 @@ "language-tool" = { command = lib.getExe pkgs.ltex-ls; }; + "ruff" = { + command = "ruff-lsp"; + config.settings.args = [ + # Set line length + # "--line-length" + # "79" + + # Enable some ruff rules + # "--select" + # ( + # "F,W,E,I,N,D200,D201,D202,D203,D204,D205,D206,D207,D208,D209,D210,D211," + # + "D212,D213,D214,D215,D300,D301,D400,D401,D402,D403,D404,D405,D406," + # + "D407,D408,D409,D410,D411,D412,D413,D414,D415,D416,D417,D418,D419," + # + "UP,YTT,TRIO,ASYNC,B,A,COM,C4,DTZ,T10,DJ,EXE,FA,ISC,ICN001,G010," + # + "G101,G201,G202,INP,PIE,Q,RSE,RET,SLOT,SIM,TCH,INT,ARG,PTH,TD001," + # + "TD004,TD005,TD006,TD007,PD,PL,TRY004,TRY200,TRY201,TRY302,TRY400," + # + "TRY401,FLY,NPY,AIR,PERF,FURB,LOG,RUF" + # ) + ]; + }; }; }; themes = { @@ -99,7 +149,7 @@ "constant" = accent.bright; "constant.character.escape" = special.bright; "constant.numeric" = foreground; - "constructor" = blue.dark; + "constructor" = weird.base; "debug" = yellow.base; "diagnostic.modifiers" = [ "underlined" ]; "diff.delta" = blue.bright; diff --git a/home-modules/hyprland-autoname-workspaces.nix b/home-modules/hyprland-autoname-workspaces.nix index 0eae44d..19659ea 100755 --- a/home-modules/hyprland-autoname-workspaces.nix +++ b/home-modules/hyprland-autoname-workspaces.nix @@ -49,11 +49,13 @@ lib.mkIf (user != "tv") "leagueclientux.exe" = "󰰌" zathura = "󰈦" code-oss = "󰨞" + codium-url-handler = "󰨞" discord = "󰙯" vesktop = "󰙯" blueman-manager = "󰂯" Alacritty = "" zoom = "󰬡" + spotify = "" [class_active] "(?i)ExampleOneTerm" = "icon" @@ -74,6 +76,9 @@ lib.mkIf (user != "tv") [initial_title_in_class] + [initial_title] + "Spotify Premium" = "" + [initial_title_in_class_active] [initial_title_in_initial_class] diff --git a/home-modules/hyprland.nix b/home-modules/hyprland.nix index 7697c75..25556c4 100755 --- a/home-modules/hyprland.nix +++ b/home-modules/hyprland.nix @@ -247,7 +247,6 @@ lib.mkIf (user != "tv") "waybar " "hyprpaper -n " "swww-daemon" - "= /home/nx2/scripts/swww-randomize.sh" "hyprland-autoname-workspaces" "/usr/lib/polkit-kde-authentication-agent-1 " "dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP" @@ -459,8 +458,8 @@ lib.mkIf (user != "tv") ## MEGA KEYS: '' , Print, exec, grim -g "$(slurp)"'' - "SUPER, Next, resizeactive, 100 -100" - "SUPER, Prior, resizeactive, -100 100" + # "SUPER, Next, resizeactive, 5% 5%" # binde + # "SUPER, Prior, resizeactive, -5% -5%" # binde ########################################################################### ## FN KEYS: @@ -492,6 +491,8 @@ lib.mkIf (user != "tv") ]; binde = [ # "SUPER, TAB, exec, hyprswitch --daemon --do-initial-execute" + "SUPER, Next, resizeactive, 10% 10%" + "SUPER, Prior, resizeactive, -10% -10%" ]; }; diff --git a/home-modules/nvidia.nix b/home-modules/nvidia.nix index 4ff4538..9539b37 100644 --- a/home-modules/nvidia.nix +++ b/home-modules/nvidia.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: +{ pkgs, lib, nvidia, ... }: +lib.mkIf (nvidia.enable == true) { home = { packages = with pkgs; [ diff --git a/home-modules/pnx.nix b/home-modules/pnx.nix index 9a3b267..a6533ab 100755 --- a/home-modules/pnx.nix +++ b/home-modules/pnx.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, system, user, host, allowed, secrets, ... }: +{ pkgs, lib, host, secrets, ... }: lib.mkIf (host != "NxACE") { home.packages = [ diff --git a/home-modules/yazi.nix b/home-modules/yazi.nix index 4a32714..750acab 100755 --- a/home-modules/yazi.nix +++ b/home-modules/yazi.nix @@ -43,7 +43,7 @@ lib.mkIf (user != "tv") image = [ { run = ''imv "$@"''; desc = "imv";} { run = ''gimp "$@"''; desc = "gimp";} - { run = ''swww img "$@"''; desc = "swww wallpaper";} + { run = ''swww img --transition-type wipe --transition-angle 60 --transition-step 120 --transition-fps 120 "$@"''; desc = "swww wallpaper";} ]; font = [ { run = ''fontpreview "$@"''; desc = "fontpreview"; } diff --git a/home.nix b/home.nix index 3d317cd..6225839 100755 --- a/home.nix +++ b/home.nix @@ -1,71 +1,56 @@ -{ config, pkgs, pkgs-unstable, lib, system, inputs, host, user, rice, allowed, secrets, ... }: +{ pkgs, pkgs-unstable, lib, host, user, ... }: { imports = [ - - ./home-modules/vscode.nix - ./home-modules/nvidia.nix - # ./home-modules/firefox.nix - ./home-modules/discord.nix - ./home-modules/matrix.nix - ./home-modules/chatterino.nix - ./home-modules/email.nix - ./home-modules/bitwarden.nix - ./home-modules/virt-manager.nix - ./home-modules/office.nix - ./home-modules/obs.nix - ./home-modules/sent.nix - - ./home-modules/gestures.nix - - ./home-modules/pnx.nix - - ./home-modules/hyprland.nix - ./home-modules/hyprland-autoname-workspaces.nix - ./home-modules/waybar.nix - ./home-modules/nx-gcal-event.nix - ./home-modules/wlogout.nix - ./home-modules/rofi.nix - - ./home-modules/games.nix - - ./home-modules/kitty.nix - ./home-modules/fish.nix + ./home-modules/auto-mount.nix ./home-modules/bash.nix - ./home-modules/starship.nix - # ./home-modules/nvim.nix - ./home-modules/helix.nix - ./home-modules/vale.nix - - ./home-modules/yazi.nix - ./home-modules/zoxide.nix - ./home-modules/nh.nix - - ./home-modules/ssh.nix - ./home-modules/gpg.nix - ./home-modules/sops.nix - ./home-modules/git.nix - ./home-modules/mako.nix - - ./home-modules/gtk.nix - ./home-modules/qt.nix - - ./home-modules/latex.nix - ./home-modules/pandoc.nix - - ./home-modules/programming/python.nix - ./home-modules/programming/c.nix - ./home-modules/programming/node.nix - ./home-modules/programming/gleam.nix - + ./home-modules/bitwarden.nix + ./home-modules/chatterino.nix ./home-modules/color-pallete.nix - ]; + ./home-modules/direnv.nix + ./home-modules/discord.nix + ./home-modules/email.nix + # ./home-modules/firefox.nix + ./home-modules/fish.nix + # ./home-modules/foot.nix + ./home-modules/games.nix + ./home-modules/gestures.nix + ./home-modules/git.nix + ./home-modules/gpg.nix + ./home-modules/gtk.nix + ./home-modules/helix.nix + ./home-modules/hyprland-autoname-workspaces.nix + ./home-modules/hyprland.nix + ./home-modules/kitty.nix + ./home-modules/latex.nix + ./home-modules/mako.nix + ./home-modules/matrix.nix + ./home-modules/nh.nix + ./home-modules/nvidia.nix + ./home-modules/nx-gcal-event.nix + ./home-modules/obs.nix + ./home-modules/office.nix + ./home-modules/pandoc.nix + ./home-modules/pnx.nix + ./home-modules/programming/c.nix + ./home-modules/programming/gleam.nix + ./home-modules/programming/node.nix + ./home-modules/programming/python.nix + ./home-modules/qt.nix + ./home-modules/rofi.nix + ./home-modules/sent.nix + ./home-modules/sops.nix + ./home-modules/ssh.nix + ./home-modules/starship.nix + ./home-modules/vale.nix + ./home-modules/virt-manager.nix + ./home-modules/vscode.nix + ./home-modules/waybar.nix + ./home-modules/wlogout.nix + ./home-modules/yazi.nix + ./home-modules/zoxide.nix ]; home.username = user; home.homeDirectory = "/home/${user}"; home.stateVersion = "24.05"; - nixpkgs.config = { - allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; - permittedInsecurePackages = allowed.inecure-packages; - }; home.packages = with pkgs; [ chromium @@ -78,13 +63,15 @@ swww playerctl imv mpv mediainfo exiftool ffmpeg - pavucontrol fontpreview gtk2fontsel + pavucontrol + fontpreview gtk2fontsel lynx w3m browsh bat du-dust eza neofetch tldr fzf figlet ripgrep lolcat jq glow brightnessctl wev piper-tts sssnake pipes dig + screen gnumake cmake @@ -97,15 +84,15 @@ xclip xournal ] ++ (with pkgs-unstable; [ + obsidian firefox ]) ++ (if host != "NxACE" then (with pkgs; [ signal-desktop - obsidian zoom-us gimp inkscape - ]) else (with pkgs; [ - + ]) else (with pkgs-unstable; [ + ])); xdg = { diff --git a/nxlib/ricelib.nix b/nxlib/ricelib.nix index 9b4ed36..067a060 100755 --- a/nxlib/ricelib.nix +++ b/nxlib/ricelib.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +lib: let # takes in "ff0044" (no hash!) and returns { r = "ff", g = "00", b = "44" } slice-hex = hex: with builtins; { r = substring 0 2 hex; g = substring 2 2 hex; b = substring 4 2 hex; }; diff --git a/sops-secrets.yaml b/sops-secrets.yaml index 8c55095..24b0b7d 100644 --- a/sops-secrets.yaml +++ b/sops-secrets.yaml @@ -19,6 +19,18 @@ syncthing: key.pem: ENC[AES256_GCM,data:zFgSrZelmXgTAm0Zl0HSTp+M4tLOQzksdYnA1NZPeu4R+mxMylilEtHzMp9zE7urz5gadjUEiguDBkfTOIzFeSLeUlXBDBWJhXf5JPZ403HES11qlIFdW8BPkzVC3X0N0KyydLdfhM0MAhZdyrRxn1ATc0ppvyqTpeN1rxNYMHTezRH9WMmKC9VS506rCIZrfOtEsuBpsxP6tTjOQ9AxuWV1z6/DRjv55U2EojZ/viM6sjGSsuDAYZQJBA7VQcNsw4PZu49OfA0czo7FbE6Gh6+TJ9PdMOUuo2/syH4yPBC7vqMECIBN4MHzhyoOTqcyZHIV5iJsZqTIbTN+CP72pPPrhs/a5K0GkyT0PPHVem+dGhyAJWQglSAlcK8kXWDP,iv:pzQOoQvFqoC3nIuGLNx97cCE7qO+PHCVw9G4K1mX2nk=,tag:zXUch/o/B97TlgHhAYUveA==,type:str] weechat: passphrase: ENC[AES256_GCM,data:3NVhMouf3wwMJTZCvIjbi5fjHJHxe25Q+wRo,iv:W8cShdM3iUyEiRCPNupMin3gfF+cqGxslD18CAvUW4c=,tag:DXBATGEhHjhXqy+J9BNVwg==,type:str] +nx2site: + namecheap.pw: ENC[AES256_GCM,data:tN6ArfQu+YfVkPPN00raPZWmghDKVFmmGgwACVQQSHs=,iv:TlUl0L3+Ea9vt43lwDlM0SE1+CLvWJdryt1lFhQ+75I=,tag:pia2ORsm66AQUOE/ZiO8yA==,type:str] + sslCertificate: ENC[AES256_GCM,data:LHo9hkt/Dd3MT9wDtoiyATOgQf6hQ4XWG78SsTmQTJFkeNFbn1dv5MIlqxk7Av7hLeUtNCK0UW5Y6DOs1/C4/OoH5mRA1FH2M0y6nshs7OLBocZ2Ja89qtNgcdhr2tKfCWuSG/KO18EU9uyiT9LCwioJZJNW0cRxKtWKmLey4I/4cK9S+F5X5ZD0/fwv2b3IukQU4ZxYC3g0BGtBcQbApEJR5tS/R5o2Lccl9AFMfdxOSWAgys9YFNBOb8D/SDFUpcJNZSAfkSbCP/v2Gu5Md7a4hjST3UFahQUfUl6Srx3fO32Funl6rTuEF6A7S1mkGpzfG1jQFE/Lt5e4RF2SA3u6rzZOyxkMX/CY0ULVHP+AtU1dhVb4+cs/HD07BU/kBY2Ma0MfLVwzlafOPJ8D5fMz0E7L8PsrqrRsuI0hROteWl3DAQP5HUIJF/JxHqv3cybxHnGgNMvs2nOXCpGSd72tjqbMagkuoqRJ24DvTst87Juu7JJT4mHYtxx1SBIUDlyi9UZ47g8lcq216o0lXUbMdE3C/yARwRQ0rYV/h6A08QPgGSds3I2Yc0oIYer3ZsheDl9mZHXUO2s5+R/RmQyWZtFS53vXijJwGPHSxN+g/aywhjZDYG3JC9InYAVEeL5N2LBP36RTK7t+ow/zh1AlDGr9woasdaALKOfgngiDivCnhwnhXfYStZIZgNqjetgIKr3qMvI2wT3Ci7o6mjp8CV1abtG1+TqWwZaFLKEj3FpltgNQ/yYe5uAbexIiqoLXQIkrcrxutVR9C/iQKdZYxDVLE5J07Rh6OIMXmcLKjZcklnLdsBIJl7InwvOUG8TkSfvXTyPfprLaQXk/qWCJgP+WU3X73G76rduqiAzXy5Fth0iCn/UdU8cTCKArnOdD7x5xANTDUwzE8B0jNLCeyTHjM0yYcc4XVMv+21Ztbvv0x2bCEtRxfMNszgnlx1D+zTIBLM4OrEBVxXqq9bpkfv7vNS/by647RHeu4bavdV/RQchah+CvAf1vLqsdC1gZ5/gkL+zFXJGcXNFb1XDQz6PpacxPpXd0FRc8aAS6Ba5qGJFFO+n45Xmw897WA/MOxEbGCHlir6bK4+lBlpAQldV1squI7VZ7Q8P54V1SGRd1LUDq3NUheXcRWa4VBTXW7JVrekLdK62jNLBTQeUnWYfgiR3XIItTqZNdkAyrgzR3GOLOZFssdrbBTtSjE0s8Q+j9wroY7kxZxFXvb+ufoCiuedV3b9PxFcnNJcYtVW83oviSZz3vPRGd8VV22xe8k+y2LX0RHQPSZ3hJ/7QV0uKxbd5VYR407KKKo/9eCsVwylW1RT5Ih8LWa7XVKBwYWrJucr8zNOgaXJzbglntZG+k7Dv0Z44FNWXX+F7+leLZb8PGEPkExoxobFpdkYbWPcSZ/zMjAS6y2KPdDFkUKbpulzuH2ADuI9LXfqSuAkscZnvQnKmLU5cKa1Tc6q48Ozu0MW291BZKVOjMLwu5whIkshNuCQaXPlu0NmVtTh8jPsJ/56UsY3RZb982mwCCrmDXZSMOCSKJ8qUGoHqKnpQkDYIDnFKUIYdrh4tKOqCldGxFyTAbPjT8GJRfo1G/PkMkh33ewHjf8R1tHHSc8pSMSilypwUSta7LeBZKeqxLMbX6X2VeaIor/ICNruqB6TzA5CQc/edumw/8By+EvACVj1sFfcKkp2sTgTxHbuX+iTuD7/43kbNVWDs2zNTtq5TL9Eusm965OBeDeO/cJxiEi99DAzMYQaU9pglzT6ZDrpIkR5VW8nXFwNMf5+A0kOv/irZZdJpK0mVnSwlDcy3J84GSVGEKA65pqzIXbcVEhJtgIh6N5y6HdyQMQCb3mzdyeayHt/o/+f8rqOL/WIPa3s+/DmJUju06ttmIWCo2Yd4CCQ8nDxYqdzQZ3nmu41lyE8Odmo6w7xQeB+TuYFQU6S8qkeC/oSI6FVFRLnMPagH5Dg3JmbPS0WFzHElQx7YueOkdMNtpoQkh3Qe9nJdTvyYLzIf0G0H44m7OuTYssf78CUg540N0xtS+UUrtHh3jLUD63X7mSENmbT3+BfdQfpReKn5XUEAcSOMC1xmvWo3N6TnglRGyBsKtjoS6eiEQ9BXvtwD9dD3U31bhrJCrSuS/xEYweiHha/eL+oI9ZR5FhiTFp5cg+dTOX636wMCaQ1fDaYv4X/CixP7SVRZsGkVt692kqoEvowwSCQF+gbvdPbU4Eg59yCCD/eGQOgWuvZ4QNb0RwoE+kqhlGA1mt5w5hTNGSJqxii3uO0ky/Rusu0c9V6D6iYgjdUsuRfaEgPwCHRG1QPeZAYPjh7I4dn0EyxopNj9ErLK9abV0HS+LvtgfAcAUoFnI6gUW7JCaN0q1LJFzMiHERNVky92JxC+5naH2PZdCDe1iU4sCVdQR1lsBbpFNyxMvPNEhQiNtpp8udJmWW7mImxrB1gCig1DAouTp0lW0dD7g3Q9Q7k9YelvFKUTj3KyZ4FBVC2DQuElw/eIHafC3HTwGAN7R/ZrpfvuF4jqkSkDIiMyATU2wFksc5AK0QOuJtot18jHVUPWlWcuec9WqG/p7khgOXCUYofUW1pPS8lJxPuQlbYBU+j/KtuoVcx4pD768cyAgXbVCV2aeEHyHqR4jCfS4465smvED7Q7fshAf/RGqLSlWM+1KgREqgnhI+kGdiGi8idORWOKX3nPCDjnmPc2LUeBGLNkUMOA5fhoANmiwD3LFeRizxeyYUmVqYQAmzVfXW/SyFcUW538jvVSeFpPPeJ00oJPWSpO5V5n59V/PSa6cXPvPyRglV3fnRACZ3qSXjhJ1knhTtilGzA/CgoXYQwF1mJDUwrrS0vEwDCMSUSVtCQo6f4qR2EGo/LpoH7Gin6mZJ4Rlz/yj8dRtQyjNgaIUkH1UanBqYPqgev0SvRsIFE7+4K/xDI+MEVbmzH/pI7D5CXyBNO19bKir0F7+eJkoct0gcR4YPuqDyy6ddJ34CS0Qiznz5uHFm9qxBaPz8o1v7myNnPQ4iNYX+h0kN4xQFN8fLbQdINEvlPLArXcwlHlgfOpbqZEkbn1/qyBBocgLOXmMuK0+6jRQ7KH5b7v6Zc5JpnW1wk6oyqX6QNhrizePb2S2J0cIY9vFmKz7CMLjJhtasjit9dGjRXANb5TfAMreBO36BgTBfL390bQ1hk4iJsi5Wr1zR9H/jCNGJgrud0eyTv4FW+PWu6X2cHzB0X5KpexxGNXLFD+EFWlOhX5XPGW6SUABeNyEPTHkVfLVGJ2MtH1/lp6fLjGNYgZpzNMqOb7h6neOP2SyowTSIrLyoc1s7CByY5phiCIWK2Gb022zV5uSomU6JEjGggeqrWn6t+7ET1c1C+LPr7wAg31bwDizfaGvHxtKDm3IQvSXk7qCSva7atL3mh/rYXxh1A/3fugVAuK+bsSKlJ6N9HUWLnHOy0zNXW8n5eKbEaw0BFAIWlGHVrk3fD2blve6ZUfYg4qNKXrT25FJGffU+CFWhPYIEOKxJjF6ulOvd2VKugbzC11cBGK/JH9Mg/ZK5YfQ0vAfir2zef9kdIy9v+SLsNi7td7BAfOfpCsN7efTV2dRBrTniOQWgkpvLMvO59PSPnWd+pfHdp++WBIyM7QjE7fPLVcVG4S7ljcRoEnX737ngd/Oz2DLTj4FiX9/8+xpEV6Ht5PmYlb6Ckrhv0SERN5ztJzGoMyw1DW6YQZFgvx3UyOCGol3fF/rbfefRlywsQZ2edsG+Tfr88GDyLih4UmBmfvMaNN6rQGCySrkLBWNsokL1nd4H1hndl1j9uWvTaJsDF77vSF3Yswi9uWix4MDZ/eMof1tV2kI5ITY9OuISbTVAvOD/LZSIuHadJ/zguPtxlf95t9CPu58CvTEMREu48gZg3snbUgrQI9FWlRNNKqJdVeSJO+4FWgpGDCpHfFohJKj3ylKQ8UBMZKPfwchE9VxGSNavG0Ib5u951xDsmJ9ER73khglykx7gEi2/Ok06m2SKUvy5inzpTYFTHQD3xHnyOCgGlsCkHQt2RkDCLMjX8rTYPIMSCzTuD34dqK9ucc2OMtCDw9mL0qELKM1dWmGbllT2qVgRkAL4FvtCff1/gF06PaFkpgmDlxB3zdQO+o9kzdtcFLmrehdNfRdRe+4z0VEVY0SMBB4VtK1y6zCotozA6+fo3aTMFCh7EqE6EPS1XLfTaUPy7CsnajakN4MXn0D5nxNB/HEQ2MwE6UsLHYQBzig38DLx/koRrF+zb86H4UGR2+qrw9J2CFqCijD3j8oXqGUhE7wVJ1aVl0Vw9wjRgSBIzXSnCxS0RB259Ompjvl4/xTJ6sIy6udwY7JKOLdaETgwew0JeMlV/uRyaAWQG2gzGo7bJCNJE/s3uNLAlZBC4L+qfkij4yfP6vV7FzX,iv:CUTe478K3KZWcWzn0E/jMf99RNEiF9prboUycUGdjqE=,tag:W4zt375htT8ujE2B7spI5g==,type:str] + sslCertificateKey: ENC[AES256_GCM,data:wktk9+gWW5zfKqj8pfBLG336svlEa0xuqDAo0KBNZIv58NhQkn61mdqQqLOrJFL0k6ve98exjw+Jf5Z33QjzxlVTvC++hb/9dL9uIBuFECk6AFJrZsbh3b3SA9nFD0E+Bdh3eYcf41O9owRwczglay43iOkgzQKk+iuGW9Gci671Px0krmxps+pLuk54crHVy7+DZBh3kyHV/rGQ/uEw8gUdu2XG4Ohcob5puHwl97EJ8MHmNsUI5+6XfcNMJm0IEu2tO42oVFQSvZbDCaD0dGWk0v2kmgjxV032bN+GMq1WDUzYwWte8GQvbjlS/SlcFw==,iv:di4iMask6hg1WtOuh0cgzOjmQLWp31UElfTsCIGk4tY=,tag:/HLq03JMo7C1OZDWSIfENw==,type:str] +USERTrust: + ECC: ENC[AES256_GCM,data:yVSxTKRhXXPwfY7STz4YOWjgBSINYG4zjISQ/9Q9Zn1gZl/wbDQjSk7prN5fSn9aVH46TbT2mPlRDt7jcfbEZ5JmUnIfDZ7JqrAukOxy7wLAF+m4R7/KdLmdM3xJ6cnH6Tm3KQjRPL26zN4BD3T1oqNw/NPxlfqWeMrjMYZSktmoNAwAjntIqrnoXIuEPKvAsqIbg+SLvrSo05DhDy48c16jSi5zzfQ9M4fEgsugw8y7BWF/eAooLsvnpinc3Ek0XpSy2QJoD9plaW0z1lUT/UFmVVZsLDejb5hbzOnklhjSgE8S7wO4Zmvnu3It5M1YATSR5PsaG7QqaP1w6dd2DdvSnfeVeS28AdgVnOUM2MwJsgTWlvtol6ErIxaUf3n3+PAXTubhH37auOoMDeFeu1lAAe2lKiQcCtpE9gy1dkZ3vSZO6eHq7REo1qauao2LrrgBfPS0p0nhMBjOiORDI06JkNwDFBktjBI9JFHBNfd/CMrgXhfsxujbVxFSD6VD7DxBb3TDgOAm5GS6YJVC5bxQx038GnHorBsUBeR6BzpxG/lrNcBdNaHKqjngBbQmYR/skbLlrJblDyXdI4Xyh55Eogz28rwT5HhjoWOGjAk9P2qk9QAqKcWuRXsS77jRIeD59cqq9EKDRzixEJntCvxxsS1LLYBG4vmzXk4qgb1vGUgNKUaVXPNjXX2ueaLtkEMkx9sMmKcyKLzLoD3/yPYEiUTwCoXaNf3o4OUrvli7mW7qzGrqXTQtQfOd7fMGupgjtR68dEQxP2M/J1725phvSUQNx8SuERMOwzHwd7Yt/Z5TKJ+B/m7uxYyVeo9QYlkHrjVAVLmHc6qnKGVZrSGSkdVVr4dksOc7gyB28MP7JZRADCnHq7+1jhRMCiOT51I/ZyrqWtTqDNBFATCeDDWF7qZcrzWq4GrWm2dmWwQlUm5lW7+MsVgrFowjnbbjwcWy2ROIPiiC3cQ7ztxqXMZZjHUVDa4OC19d4vsDETphTuFQtNHTWGnps/phrV5X5QfIC5nmrHqeyJR2YRNb1M/IZMD1nWFvDJG0B46ES03YaIrQYt46HK3Pd25arssGS+Gzx8p65NTriRBp+KAkGf8dN9+/bECHI8coWKXpi31Uu1GoN4tf0f3OoQtpq2mCF9wz9B/cl/j7jBVKN1/OPqmd/IWr737eYQLeJ/XOKs3W5+5bdnl5I0ewaipPYelUY/ZNWCMN91U8PInGrThnASRdCkNMPOzU56MIBj3gFWn/DIq/kaFpf5CFq3Zvniy5HIf/+ZyLhMH4v7O4GSgMCcomEXLlQJZ9K4ZPHo1IYfHJqi0OEfmZageDkRrD9434ByYibg1wJRVvZfUbh4HJjgIrf1yZhTAe4DVBpYnf7wuJIw0HkNRu4piiNw8LIh2ga+f36iDs5Nl0qaZtMR3gLUBiMxrLS3Yakuof+xcglzfVMo8YBD90qBFKke7OUi7CQCZw6orE/EJ8pxDTWL4sedcv/OowKo4xqh5PtUBAOljs7i1z/zHtr4Cr64SH6DW/2vp7gYA62+BPrbhSRJbW6wkWR2hWn4pYJLirKwUBasO1Iewpj6ps3if5IKVrv6kfFoFYfLF8cEpIDjek61OU15tjXRMZENR0vSQRAm9D92VGCXcD3gnW34jF+i6HnArPF8hJ8vDIAb7LYf0xuCZ0JU8QNIUqSdHIcH/GAZGNHAP2EBV+Xbffw9rIycPM4JUIPvbUNVnXsR4+Hc1URd1FkTDlvQEE3lWlPVtcbChbg/221OdKVewi4YwXFWQV45fbwsZX05FGunVBr+/G0SEGeJ25kud9YbP/C2K1i/GQeGw5ItOmThpkXr2X/OyonnFSXnYQjy6fwEBnAX2KPVTqY7T8OxgAj7UT63Niv+w68uoay/pgyuAUBKOQ3t4HmfXPaKm0bYNQNt0r8CTLIxqFxJZxJ1syTqnMXLOdowWpDpDszFHQChiFAOuBwK61dYjUC/OHFlxDkLKkKe38EuWdBCyGqHPfj7m23+h/E09u1WzwksUk9jm6DfyTAoz/MZGsbm9pSQl22qzC3og2SwUi+smgCSrcojp4q0W92onAAxe3siPAPIPpt1Gj8GRvkImHQ/rNQkgiJ4jJfN3epiJgBJ+YCGIByivV0XFLB/9UVu7Vw554/nG9BlfKJ9h0G7VPQgd5MJGvkLqJzCrPh6QyK9uOjbJLO4dWkmaL3oZr4IVbwGk3NXZ7oef7A4RFOHDDevJintMLz1ZOkaaJKWe6YoijmAC2tQNGMIoRw6YcLjcmVPJz12W+6MEPH3YOdUl3b/NnfScuTVYBSP0cFXlDwg/rphUD7oykohsLtPOWhYW/GWvAdV4iwZpzQ0yFHasYGiERPytDKmRffoILDoTOn4HGVVCQaGnm/o7pl5BU4hFQOzvUC4C4LYRwpsz7EaRp0Y3Qqt4S2Xc/k0E0W3XU+sVNSvoBgweNhDlKaefjjSSjDNza6l9fTS3XPTprrEhMU7CvDjpsC8vfd5QTiNDxC7XGJEa0FTiCr2Xyz3YM5c8jWOk1hNOcSvJ1GvZhUWw0pX/HaihI49WQqA4/4GtLfG9f5TkCsLanj0wzVLM7XntN5ol0H5R69nJ5mPLIGXsErG9A/Xai9ol9joVUIJVRwLx8iJEyGx8m1pyOENjOkudgnKFryoWsNGbQo6G+0JEvEAjUuApkYNJvqKNRKrw+GSjxRZtewo8V9rC5a6nsUOPK/U5WaF5UMxu/L4fk8jQltcBRhQpuPZboEo6KNmUzMsK3aweMrQdHnLDlOIoJiDqj9ySPv2C3aeVoKWiscQ==,iv:GS5GMpbxeweqwjUvOzqg59xBOzNZqrL5t7RjsFjpucM=,tag:j0MaMw71fnRHxeydlqAaww==,type:str] + RSA: ENC[AES256_GCM,data:pgCzxri1wLZbl5e/KeVvtHRRe0XkdB8GLp2UbQOlJ9hRvRerJ6r8VhSSDh5vfySL6ow4urXzTG5oZwOcXeZgb+DgT3ZFS+npPvbzcc8T/hU8C5tVXYdqdLJHLXAmVG2nbkuIE6z7Bu8SngBZx1jXNBBl2W4vO6GcL0naNj2IyT+1nGhwuNdn4iMMTIjZhlF81PwYRY/TzcljyST4FZc4u/55oSUNrb8Z7KmhkrmaHNPFACTXiXli/zrPKfisztRvZZLfRZ57067/fiOTdwxXyiSxsh+oKRG8JlvdLQvjZ9tMGagzAafEyWVYyrVJIRBme9Uy4HtG/uOZ39gXVE+D8sh1GWftrmvjXPO2OdD/tIa6kskfZNWWFoEOtiRcKH+fuBTe7/ezjzqJA0qZvfwduXqkfVbNcS3YRNRM3jpLwGHDEv2hnVqn4bjB5We/1KBMCtbrHtAc26M3AepeAUy+ka1xW5WO9LsZ5ck1gnFrV5bkFWDr+evBRUuiId5QuAifkDsKlqLsWAeWFpgc7DdjUrpRG0yry8PFEOZP7w7D2/AEeoGc1dMDgX95mvs+0EmA4lutmt2fF14QZJwzhH39/TLGrRmjrohqJ0kD+h8XykBt1JbOPg91dnxmEJuESPNAxhotrj8xuuklvyLKAcfWWRJ1NIvbG6rmlL+m1x+2hUVw9gVGzyGaaSLOqG/6kHwIV2v+ZvCm+n3JBle+ooSi9mxgefVvJc28hSdC5SvNN0KyDvAY32NgOqYFPrvwx4QHxdm6D5jHXOoFEAkN4duSmDwmVGUq9fL5ds4v815a2Fgn2IZB1l82mLFgy4xaBPlbjrqRnuhgpRRbKu+eSNh13lTEwbrEKJfL89cX1Q9N4Y9aK/I7nq9lfybZ+XYXfoLU+7yXZ6gmm2hw6EkwvmAg1zPnoec5hCOZxotPYByvROOK4TyBCWoF2w+5vmSatZdodLwyoNWSsqtpowWHImCH/UZZ5NkBs0pWOnLBSuP32nFN5GN+0y1EKq+4AxL3pwutpo2iMAFlXI5lu5S4fP6nreZUsYqpp9QpwQtmSbU3iMC4bMSHA4LrhLSCfa3AClVirB4xabCnDWDa8tD5j40Zy0gqk289/qbcmmNC9RpTzrI3aag/hZx4eKjb92Ma5s4E2FZL0BQVrdQ8vD0yuhIaU0qp0ahU1D0/H+HS6Gsi1mfWsfNhsSBBDW0IVC/+8zFxvWYysbVPJJj7m7JY0IwW1yKzPvPnMdkWVS8OcJoODa97V15TaXt7yAstmCVYGZS9qc6VurF5MqQM6c4PluJXPyMlZAwQojrnaCuGuljXpmot5M62MvNMdh4psfa0Y1YiCWjer8XtmYhVvzQPepD/YhsouMrCRGD5pxaXozhoS1bUVD9ReBQb9Gg2sQr8MEQ8oNB/a6fLmNwqY7IWmk9pAhBmk5ng120LS5q+3vjj/hw9+Dz6Ojp6BAVNGs1us5YW86GSSlqVmLew4p+HBiYQyhFCmi9p1WIjrNyT/oHUDYGreL2A6NEo6aePPYeVtbNEYi0UahEscGUrqu953MV+PpbanJI7WHKpHek3Nsdgwyel4V9wjgxSpLWvfwj7QqXL8Xngoyd/4FL+G9MvLc3cDYhIFAryBvqRgXrwRk3CkAijzpk/2hui0qlhmDza8KRpfo/4bwz0i4d/wRyWe3+24WY1CjPkDzclc3VZVQDiSg6KsUQvGnc6Wv1+awjE2kA18j3NR4RYBXgxEflj5Ft2BLG6rq+RakLguXDCAMQA4hcx1L+ThDCdn09c58H9Uc/GRLE5uuFRgLB5UtsQimGXuXzxsA3YIN3CijT6NJTKH9WCvQ4tZnk0Jq73rq4oynTCbZBVPgQi5SrfD1Zr0eXgmirLQZFCEV4EqNrtheZ+vqTkWf7rrvG04C6QqLIHWttdsL3ejfB6ddfwM/sou1JmmgTzEo52CCYf1otKNQwD+shx7Xcrm17vu+v57q6bOQrbeBNb/MDPm8qH4/J89NgSKHO8kzvfAm2qWxmr+90Of0cxVT5l7IdnOBCuYSHgTLIALgTmLmKvPm9l/pOjfIQZmvJ7Alo/eqKfcPw6uwoSDn/5+Pj1c9p2ub1CwRZKZlnULQLI0uyw5eQGceOsuivjO6iQjsk4iGecvlGYwZtlqidz359zCysMSuKrXS+XNGT1xy7fmnyct72HJvSeyq8bSNSAEc/iW+ia9n1GJDj4vW84v/zwi0dm1s/qKnq5M2m/pUvZembcOK/1vY0tsD2McTqIjgKPDS0UO3lgEr8vHFok5kJrU3rVV8iJeLHv3oCzKvjgR9jjqdlceRjSJarVFz1lSxenzoVq0JcH2cde2yQ3vdPusEd2LZC2tVYgqPprp/zOSbWsJPq57eiUl/UX2vOuNAV28HXVIuDqs27q2BOlUvBLCirIurjlONXpdRybN3dtevk/lIel0aRU5L5g9Mr1zhtHsoo6WI0In+RzFsD63AsBNDoufVmXgHr0G/bZLwPCdk1xCeEKv1Bq4fpappx8iEQv5GtwZBkPh8N8D0+ngbccx5N0pMcL2BM/HqeRDXR1Tw72EVEG8Bx4Twue5NBi6rtlfDnDvAj524fylSMSPgab8zq3tY9DnIci3ajnRYpIO3uDgH5cbMxqEb6gnpQNkzVUk0yJXR8nvS8qT6TbryX94howqnrID/8HQZ13ja2d8pW4Sro4+xI9WFFSx8bFSeBjhj4nzyvsyam9nJGDJnuYtNEod/CBMjkRPbBq1doske2twYLudoEObY3FXdZJ5VfiD/zGKXPHjL+pd9L8V2QFicazwE4CcIDoSaOr44VADVwh/Iu6Wr1fVZvmSRPmorlRS4DnUDXEC4dl+C2Z9JhxuL9CEoin+k6yILXsBcRrp2LrRs0U6IW2rVrrtD9MzBosjOGflVABVGhCA4q0LOWF+/5NonHaeB3E0mntFyTvuGTEN2fhnrpW86UERIXOySKTm6nN6BcgmvozgGKQ49jdzuzqVjfWGI9isL9UBNmkamrqbYmdqpoIiWycS7Aeyfh6XWMR+zEjeImqvdF8RQs7Ro9MJWj5Bm5bXs+gaLV4vzNj9/ZzzHZs/UmkBWEPtYs/5KO89Xj9lHBSVfE1c/sM6iDaGLOeO1v2MAIecOoMvIjBJ/YilYJmyywuILjxGN25jlyPVEy5DWnUOSIln6G9eyDjs3VLNsITXFH1co+M2KhDr9sQqJ5lKBitpZUsl/4KI2uiAXm7+kuQOn/27NDBZ0PdW8cwyVg2tirGJDvkmDH1umCas5/OhDEfu7+N9oW6wMpZCeR2lJwS0nTSEkk2Gis7WisgB7j9yY0evOeSecaKaq9RFxg2T3qJ9QR+ZssCXacezSZm/PTa2BByHeHJJ/P6p/f+rg+hziMkESOqx6C4BgGeEZKTAdwTyRfNmsp4bdg9XcqZAgnhtSHb24qAf7Upd/ttwS496H8HdS5bTrmSr8/JvwIKy+rs+id7CzcKYc2HEq0FSUt473Vb3s7kS2YDiqnGW7BRLIPDMApLuCDYeFfHExZhdtbX7O415herG52VffHfAoVfr+DQfipqkDUqno7+coZxthnBY1e8V4bJTcul36CO/sB2vP2/4yfzv/HSuviVVRLY58cGBVk9lSiTBQao3+N/f8a23k1wqEFy60uL4jW4X9swgFed8Q48kAUq9SSfxnKHeQrKrvo9rPHGcetrCC2GQP1u0gHD1TV4F1JGloN8MhMlBGtwBGhOIFcQvUomiTqNrDCobqOqcLUJuVL7jZ+Saw6CiH1QJrSQZ5QuCW9XHoOOgvZzdPqEGuSb6nky2OQ1EjLMQtp7SsrwYp32lkWJ9RY3OUk3LLvTM8Exxg56nDqiOopg0GaWAhf4H4MTrAlssM69epH+5SaJyUEhweg5BZP3mY9FnnkdhG7W9JeDQXu1JOhSm7Td0ForDAoznBcID3SacOCbeSAqtGRBZGxnXFN01MTmUnA7Sy+Sm1WoN+o9u28ttG372sVavQlDZvM+9qXr15hcXt/IYscnbpgw0L7DrcZ4RWb8ATtOov8zhtlwB7QvDQ1LX2g2+5Ag2QcuQJmAYH731XnctUsrCmPKfCVh3CzdNS7DH90bli3cC4t+fpAuAXVNh5wPrCEb9Xco/WUKYe6XNS0Z/xi7PbGBH0s6ThYNzCFbwH4e4CDwD8uP7UA6iL+Uuts5Cz5Fcm7WMqPDFYFAdcA38fOWpXqVRYo6Dan8x/RNAPVNko6MnwXeq061jz7XTk6zEpNymxgjNPJRgcvhItfDHtrGpUqSIJxkQv0g3wppXnWlNX6zGIelUJmLkWuJUJfbznXTdkCr+oF5vwuauwO8iCx/h+7AZBD61w47BmRQLLdDP5I2ptdbrIN4ygouDUVE6bwiw2nhBZuR9ufzcO+WyWNHt5h/N5IuErH/5QcfJOBVRcJYuyFgEWrFax7fiwMCzgKhxN0x1WHa7F8gxGNTIGG9QVNf/6tpYVCAao4pQGErxKVqfVQ1374zbsFSy5PF0oyW5ueEQOVJ82RBjwYtLjX2gXY56nfdLy+D22S3XEHeHLLLg16Vtkf4Twmvzkxjc/YfN2vxu8d5tFbHnyanicj3SBgiiZLvg5iDwjtfONFQ6oX0vfoJ7B5xBsnxiLptx+HPN2onwsF/e7pCl0cTRTLO8Jt7Z8Ob0FYcmd31R2d8paemcIRzfgsqS2JWtJBckAqeQit+Gn+U82aKGew+1FVjlGUrwTO6Q6ztXh75B71V3urA65MaLRX5/7t3nGE8FKip+KfG+yTCHu0F411obb8TME+YwBfz8M4kDUBVtmFUrXEEF9aYD/atxxF02yB/ABPybB6Zcyo5r/U6P0G6jVUGXn3hgQkl1OzkQt06aH/J/LwMN271gc8whsV3pfZC3YfQ3212BAviAshfPyNtHPkShpu6fx5iVDoaL5LHS/A1K7kQ5yya4ECCndpTpF1rYamNVw9a5m64Tma3AGFORy6ZQfaHcV2w0RUs3P3ZXGPcuE2VKeTLLGG43W/FbqGAvxjax2j3qGtZ99Ox85ZAVu5O6PvZSvGSpUW6ebGTCsAgSz5h8V8TfWpaQtR0RrjuzGWoWiW5R2VqfmmIQcn34+t2GgfkZB5QH/o7S5z86UL05dLzdyXXyxIn5sWi0Q1B3yAjFCOVstaAr92fGfx+JHOrMFFKu+bLBpez8lE6f+h4HHzTDVnIB1Zb7d3wNwLVk7PmFy6NeByj0kmjY3Ts5pWctWAAQkI+nOtuM4o101AwCMdMfj3M/mr1J7OWy3Rxgaj58IknfPJpeoMhgkvu66WrkgS3XZE6e/n55sPkGHSDMcHTm2364+oJOSMzDUAJgGjDt9Jvalo1wruDA5pPF4F6y/F/8njO8qkoXnuWRG5BpzO66LwDTDOcUCCFzym6eRBnLo9sGbGZxlvRRSHwIRMa80tcqZqbAuVeW+2/PiSMN7zhzLTNdzhaC4cIOuilcdat1+//+qI3OWC5y9sti3qGuHO1U8rhSOw8Laac7JgOGCo3FkekHe8PaFF8jSDliQnodO8rGCY36xHTQkUsQjb+5ginp/dBIAUIR3QxXsMaxP/yBLpRbvFhD3DeOJRQXWdLijTcxAxLhTIPav2WC1mwyve+Jd0djTajSBgSzPzHW5ajUBaol+dVJeCD9HqiOrUMEmcMQFZZcA+RCJdIOvkKlt/sAnhQ4RuwPmzck2RMXCQfiYn0pqpJDXmF7xWgvGDBtQKP7xLE1Hj5No2q85KjLsWu8xK99Y+j2ixfBsgdc53CR4rNplnPsFzBHOucqd+Ve0/gqZgF81RbGFV1T9Wn1XFrE0e7+EkNejKj7deRmy31PnVLcBp2NwtIkhrJ06J8hmGquwUm,iv:NJkjWL5kMHET68oR5Xp22kvkThXIp7WxRVajmTfsB5M=,tag:NSXeRItMKlOQYP4QtzMKIg==,type:str] +eduroam: + client-cert: ENC[AES256_GCM,data:jmBj+tJrhyv8X85Esv7lw0JdENXh047KD9N5UIpjcor94gCNgeCFFcTdFSLF5G1muw7v3vzdVZKyZYSoqx2WwWaupgGslXI32INiW/G6Q98fZnco68Nqi7VM5ZSIFc2svt3nVylPJP2+05kiH5W01/zUZR0gAw/f007baN+WfBkkOqefObN71yN4eS7U04+PXpsQcFmaL+MkZQQHaeNls1BdQglKSps3PbcHVYksH9OY5I0wXYRtdI+hnDHOp/JyzXsq9sEZGi4g4f2uiyZUp8IEXgoBfYkD/wt+XQ0DAFUELj3lCaNVACmtqBkJifEnJenP93J5zenx2L85ZL/0qCdxwYL7oIowsa4DxT9Hu8AUNRSptsGR1X5zqvB8CBa6nERMPgCLGo/zEYz5TIIVcH9gtvUdh2Q1Kx7y2CiBn9ZU5blKCL7qtwWhF7nPwvm7dE79wr69mfCM1X0ipajWzr65/x7gzrMQCd30HB4CbsOlVELgGhmz/JT2rf5DwPFp+GKqC8libyJJnezJnqcxqDJGw1PBxdqGaa/y3rbYVXC5Fa0XfyNMgsm7Ce6ACZuLPVQxIWRASFoMgiJaMMwr91SU38fYK/lRWOA7VEL34HX9B0rrb4Ubzgts/AKDkRAHdqRCB4YIr8QodWB3GbOWCS3/e4lCgw+poQm6yY24uy90Mn3Z8i6p/7Wao5CnAKqSxyfflQk5Lq5yfQ/dpB84T2TvcvAhPFr/n/AsNyVqvW8RxWwku00jvQCv635k7Heqlr481p33yHZvIsNkHGfCD39HzbXdASiHzC6+ApTjs1bcCp8omL5B5QcuTNkYhFxbnCrSYToAzU+AKBBDFCgNOhio2O6dkJaBkx2LEE+7CcVlhJn1NU7/OxoJfpi0PZXrlxvzNMfOkoJxn/567+9RhhALxJVRx8rwNayiKU7t1frxtPNo+86YRF7WbIE6Iwlt9ZEpcFPzo+kSKkjqpo7VhmuUoWfQUAFhx3KkOkEPLw4Sa+jaO9UhcVUnsVEzWNLow7K2FYhIcBmom+cm9Qu6igLYtVFxUXy5iKhYdQBZHJrFKVHJmS4Sm42ffvGDj+lrLNUGCxtXBJ9q1R/P0ml1AAz/IK6P3VTMejuPU/+C84yNKbIgPPZoT1uG+YpX9CVjldf6TN3esGJFYTzGVh861804j0YYqZRlxbws/6+lJ9+ZLejfw+V+RiAkjGm17BDxD7bBfiJ++Dn4wzOOhJ6Z5s9V3d/AhLxuIShQ8Q89DnwgwtuBLQfmPChGVzo8Gh1BSvhreCNt8CJNRhjMDUcqyN3y9TWrakxTDWWpdUAz+MKDVab2S4wojvC0sGAzdiZ7ypFzsCjXbwCVDGeUZ7wvilIuuY10O27vaB5avYXJxKqdEyKGCCkKc7M/1jZxcdW3GvYuYU0DZtQRvO8Z4vHpDho4B+hwG1NEm9zIakfNMw2ZNSuC3IBRyhk3zye10gO77t7Ibi8fHyg35RRJ7/PYKLOOmZRBl4Cpd7yH02wpwVcJTkFwZhJnTYbRll66j1zRPJMOdwz1OOinsrVYW68VF6/jUGzXZXmWMjCRpBIcp4YcD5HAVTIMavtDfLtcUXW/+2jwjZqkY4jQ30qb0RwuUJqQdZvz48jXJB980Nz7/xnrTXbFcvwMFiIpC2hEwgMISAwS7MkiMjVHNQt0EBYvcsZ1DyB3c5PEnjUOoHTUjdar+0G+1wbftq+jQlCwL4nytp9HqCxg52YCyLWyKJS+kCy7THJR95jfeOtC8xKr/QAl2+rv383uS/e/1mNQA8Up7CdQwLs0SFZ9tOQy/xoQpw/5agTV3CXVKk8T8sQhBYnsERbkPCedPLLpoNbkfHgcejpOTIUeCr1d+gDuT6Uqw6uXXgKwwxMPM/ovkHj6Va2Q7jvTjSrV1FlDEVVxg+ow3Dn4Np5rf7CXN/oXe5txKg8mllbdOE7CtXW78w+T8yh9KQW+dq8svwKmknmL7AWdiVhPd8RJ8S8ShRbhibH1AUnjjl4ncTx0BYx/G/nes095zHCgIQffOepjl3rxGXar/JPJHWysX7I1z/6EKbIi6j/9REkR2aJ1FSqUBVabCVwB+qdMG/i/9qLU5O0Lc5P7JWU9JUShAMrJ52am1nlqpn0Oaa6TRPAjac946aBuV95U+/UNYzsz+ob2BLt1Tpo5vJbKhrkHm8O7suUR5xem0MpHMeOiZbyBlsgppIG0wNdAlpSQLwkuFcT8jQ1GNAPscvmrNym3ecWSS+HfKosnCqnMWdL5dzByDzzGS5ZFwna/1I0ytr71XE5sWbj68iJRLwRL4eYCvEWDQhSgYxRjp3b+XO8li1Wou/YuOZ+tY7t2rWeSMnIqRoJFDRmqyZM10UBSwXY2TbzdGBBJ9BP4B5s5jfyW+igrSCpgWX7KuuZnv9sXdE9uHKFQK2KmpJRrsyfYOSMYmZ26LDcyZLlnsXFJzh2Wn9OdMs/a+g4+t9ncIOCNQ7e2B9nDR5tVhQvjpng=,iv:OzC+2Ghg3tso297TLDLKGaUf/KzXQ/ks/qkD114WhUU=,tag:uGYDmPG/z8dkpKKAmr+f6g==,type:str] + client-key: ENC[AES256_GCM,data:SVOx/EueqUGo2b4/NywnYt8clWWSeLCcO/WZn49eTX9jxpcOw0PM9kj11bg3W+dQvJ+KCewbRotkrtpshI+F+iIm1KCNMYN0lWAmgjR5tqqfqsCgaXCQrjGGHtNcNYAu4wPXja7xXnPbS347p6PXSiOMUlQuk0cFo/rTcpGnGNSV+VPDNLxV5Yx1cVy6qX+9/BcXvDkXPrx43Ug1BBYOmWLTvlk32nQVpTjjD97Tl1EDIbrXDDJ4xsS/zvly3z6ylPZyeoQuMKFXo97ajVGhJGOROhqG9R3shgd/KzHrr5mbKA/MrlU5vAQL0PUQwUxbKoCzybDi65Pd6gQiHyJYCM1GvWnxdku9vptNVXeMHQCfyyVWxn2SxXMjG/CNyqSKSflQiylStIUKjxIPE0zMEC+41sxGcRuNe1L6BxyzOPAe95GzaZYbENU2jg0Gg7cdSPjOGI9/I+3GoObud5/8w8+Ezq1FFfYd1uwXz2ER6A3dzbHTuJn4lYZl8ctLJD9dL6vO4AueOZv6we52//RpTOD1k6Zt1lgXBLFrEykfV2gW21iHFk+giZ3dxn81zsEgZmLLm4SRlvdH0JROl2cAmCf9bgYKNd59rL2DE7sAEyHeCLKjqX4hClAGKYSQ+FOWdL2L/QmW0cpdkLSZ7yuf9ZlEQhg77Nmxqtmrz69itoWftf0GtaZg/AtInf35gS83lxkcbbOe4p+2Mme/TYo8Inj3/2hz3OOQQpL/Zavpmer4Zwy4h5SOudPAkSeC692Q997+ERNQSfTnT8acSOJY5aNU3ELWo9JiXJbJEDdONOiROsmyv7VPk4tkGuOdfuYAZNLXsohwKlFcgddFbaCVJL2e1Qho4dIY0c6c3oPg7FO5EMlmq8rKrf9YqfIvfB0p98AE8heIbcHXJj9b+cLtff551HsTpD+PMIyDXr3MbEpnK8XDtdVy0mr6F3EBwDrPUxtgeuhuXKSgrT6vgPmSXblN71OVGftiF3x9UvQ3xHG0AKE5Nbsv5S6czOixeiqG9YdKEWo/GL/cu4Cv3mRI2XFJ7qMnWwvvG6sXzcp+XG4eBIHX2epjCNZ1TVxRWH8U2a8nczQeERT//onahHLsD0/qfuulgi8whQHTd1FcPq3+nV/u4L3oIvN/kepIgUaT6NGhAiTUuwYfBDRUyFk/SSN+A5SmoqaXtQ0D2hVs/LhY++lC2O95WUo40pJxdYWJDRBDVzA9e2FHfWlpElWXtTJG4P51/XT2cLZr355xBB/0nPG5fEcQT352HkXjbXaG8UfON5b8EJsxDBomRU9h0RfLmo6Sj2KR79DIUiMskNUbqC/pQxku5Cgk6xjy7B/sIL7ek0dKfifOTH6Rm/J22qRao00lJNEUnsoTfp6lWRpOhAL8hNa26TioXwLEJm4y7nuEjBbn2MmcnoOPa/KO3Ps8iFvhTG02IAgy8++gfRBX4YSd6ifQLAvNALzLbaS9QlezBOJX9ut9ZQqhOmLcoWEnNN2RcrJ2ior2oz/Vy4a1petQfTIAVSO7dPdHXxDH/RefaxbCHVWIpisv+5kATS3xyYfXXPZLRJbrEhsvxUQUFQ1TfwaRbuW2240V6rvBN1I8QN7HFHrTLjju1wD9NpxXPKXlb4Ua/BR3Eg0XezooSYOs/B37+72Cn4ui972mkbnbePtnifzuUJVgIzKnHdHFwfClHmt9SVKxdO9icxQiURdY+kCzV5uznvxHTf0f2XCy+Yze5GTjBlf4OMnrQuoBk9mfofln94ruEo4NvtIUVlXjxu77j4LYcl9ZegiwM+/Y5XH2SHuaq7KfJH1ayJgnkNvZ+/zUE0uTOJIGH9uv/LS9OTvD6HModlMgq5Sk77XmLu0BJpV68MVJ7DK12W/CWHILU/8hUKohpLpWmp0KPJd9XYzOwbF4kNagKurKXVF7Pp89ooLsoG2nACYC0ZAohGws9sVny8XFmxEcOPqmO1jj5j+Blizei82AuWu2/lQV7mNRTKJGN1AebdvvY3OUn2Ir2D5d48+j7pDC59I7Jk3p5ghGWSZI1l1EFyR/bLyqRTdvJjdwNZxVSC5WvP3HIlMXyyqyfnaBTHmkcX5VBur0ye91iRhNwXmpi5aMZeQhzRYKpiq4cBX5zEkSIfnqGTaqHknHidGXaDaOuOnf/iWHqJ2mEENGZ1u3lT7zhDbDmbjVyrrCQ3ybBs6G2hcPbTR7CRQ+F3qUR2l1SvCx/ksMJPTwUJyFit8yhxFIPPukuL4bFcHgW9i7W4Sp+kCZF1vPJExUrG6UpYJ7Vsm9rSiWA8BqSKBCPFx6nweD/cf6CjVi4v+DM13Q55IL7C+k0rqp4Opt27AqCmxAxjCe+ZR1AFq1LDd0RG2+oYdJ365Nll3xnlZiF+i5Su3rDqbOlsm1S/6cmI+Wu4hPZrm0dP1s1uIuIYcIFkxPyB+jv/VG8OPt11ojujrlLTfscssruA8f/bdZBqhPnMuQojALySLp7hnT1eN1ei0ECXFPrY0=,iv:elOnzTpyIwv49ErwOZRINMSXryBwiwP8Kus83+tAzks=,tag:QN3WdC+TUB01X2p76+ng3w==,type:str] + root-ca: ENC[AES256_GCM,data:FZrNXRgqHVkPcH1QYc+UGRANki2syD4mSvdx3LN5A3aSoQe2x8NxaNv9t6FB9DRTtwY9jM4i4uIWS/0n2j67LrdB/4ftpX1o2CoTQ6K72XzwU4wUlkqIIJSoaB11olJL0yRjTRHihjjswJoEGVfEpnMqYSEplj7cuMHlLJTJq6vNJDJRD769aVK7eFHmbhfZxj58g5kCSrknGcBfJkFH1nR9ONhib/C7CzcJz2vU46XmhHuVOpKojHQzLn9RF8FN61QxinrXmI+tZmmccc63y1HiqOMWj0SuXlpXcNY0/RHS7Zl1oajNTlJ73NC8Nc6yuvvlTgaCM+DrecumHhlK82rmwihWyEmrWJq1Xi+Pw1wjxp+2dW3+w1shqf+rqDUCSwNWHmnVdJOkwCY5e3QX69YHFeS5Aq3rckjNPyN9Nyyhq9bXweMLd74GohMHORVvvklgqn1k0pmLS27+MAUIpiRMjNSqTzqYfBICoYQaIqMV1Y1XfskmWtcpv8B26vrZxTZCl9SEQzuKO19zaJelYd86C9+q3YbB1w682qOw/4frM8Y6ohjfDjquELeqRLVZNPs0RAA4eCqWsEUGgjisT4MaepOSxSug6nhxVX4a7skqiarV9WWaiSIrvSP7O/NKcZgyVYqsj3818Ut7ZmzobUapdiwpojdxYeaofMWDcq+OLVAGBGktq1HoVNO5z+KEbBjhpPzyNvtfHvCsd7GetQ3Nk4pkj6ENL8MA4m7gZvwdZG/u+3rAqhMVxBLGzPl686Mbln7MVhpEos9LNmHOFdEk4d1sdXHzxcgsjUmvFoc0RlcD/wkO2ImvZJZN/hXnEC8hWiUen0bXECVzZql+OXF79ZekmES8XqjddhQ47/8OxgszAPPMtNL1NgK5nQDS31LH9/Q7jDGjdRj4TDSQmHyQuhVTGBC9BBlO4rRvwbndfO5Vv8fo7oRn2kJMKtEoB0PkVKFBReDW4XSkgibWfy4wqpUNoQ8kHkINZM79qdx6zaAQ+6KOawVObd3+WgC0IUKYxNxQCvJOdYyCuGgDgH2iPJIaR2GaUNwFHEwBtGbD/nPelM7Je3xhqfTPUPAsoUWM3sQGo/1Li272RhR/2qZtHIVpyKkJcHa/bcuvByOB8W0V/TlP6FFMPXRk+X/blpDrZiRW/5yTgfDVL+orGQd1LVJojRORPtvNwMJAqN9ZsTO3/bdcUd1bKn5X+wSbepH7pqH9hPcsTHIO7O3T3Bs5YMFUT6zpeu/SDi8vf/KjQwH3sa45PHxQSr8r68onYrsHJl8l65e7RifzsPhSbc1nvHv42b7S8874EuBWjTrQcibM1prxJONg+yJQy7adf4cV5GHZozirMulSxEPAOZ5WqyYgrOkwyVSupT9xhGphT4FYYya0OkNLIl1XmHyb36/qP68fVVHQ37CQpXTqqzvSoWkjFQXb9XF+3erKLQPYNa5wK9RFtffbMrZsDLufR/FXaRPQ/nxN50yxLnjKkGMqM3t10fbztocXIE9Xc+W7qqIwvjstWt8n2p5QjyditH9kFka50HH99G2xO+5jeiY30ffqg69glWrfkys2TT29vIbVd9ljbA4zZwYZ5KyZZSZN47EOBtOe7CCaPJws0zyq+z1JQCYiupKDqRBKv6IJSRY4g+5GS1o7srYng0Llx7XqhGoWXyScP4LElF5sFGvouV8KV/P0P133mxLaAjmHmBxno/16Q+lbIQ0ytgph8OUfLK/lybLCasH07AnPPwAnNfULTKIs5aBS9hOGz//HyNFuoKaOzMPoFxwToIdF7+EvaY0dnsUrvCvxq4lGLwkGfO4ptt6y2FfTUzoKDAZFfd76EVLSQq1gTZ+lXxXK+sYgRT5gZ/EPcZE8sjgINKsOcj1AqcVZm2KvdSS1HE6fUQVm87cgVtEHOT7B5zMnJrFFrdRMSAbxUx4KBv4AzLUEhMyxfKLQm5NH5srvxPsKqhKl71Hestd8cWvJV+SmnU98m18A9Ck1MnjcSsQshuGHPWQGx0s/tkkeScIm/t7D4tbfKWdvN44KTnpeJCAmxO/vI5BOzTerYta0ViiV/bR2a5JtGVLC9yP3Zurk4lfcXNAMYKqf/CjBXRfNUNXVw+k/LdxKLYQCt8F+HBTpqGDdsO8RGofvfFJqM0PQcwf4GbbXFWBq5BsstonXAl/vsnAdcPcKr9KuArr6BHdRvY0HMlpSPMmGeEW94gA7Hg9IFJLTZrwOekg54xAe5KfNfkJZGb6oBU9f8D98zhw0KciHO993gNXeONuQMxVB/n33polT4vBjYOu9FuQQeJ6de94rnObIgpiKhaOCht2HF7s9kdOSN3/h6PfRJ8xI2e/9tolP6g==,iv:8UyU8fVq8YaSsurOOgsKGIAelaxWR7+AITwwf7ts4qk=,tag:K/zGiCthB6Vyh0ijRDxM6w==,type:str] +hsmw-vpn-secret: ENC[AES256_GCM,data:3bKxRGTQcbhRjzARSpYBW5ekQW/U/ixzNiFmO36gw0NKyDMLlbVbJBqXvi71M0GXgmo/FA==,iv:7bVDA8u9apDNXFY/vEMbz/0HywG5Pyrl5JfZrcNCr8w=,tag:xz4j7cEc5hvLwrItWjkx0Q==,type:str] sops: kms: [] gcp_kms: [] @@ -61,8 +73,8 @@ sops: SHJLR3lvdlFiRmJuU25RUHFFTmpjamMKbzycdDvQBAuOiRROTZEQSnaXoPapz73L yVS9EUP25FSx/sGqRqaCefbeaybuM1aso6LDnlomv4Bib7zjugWKSw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-04T15:28:58Z" - mac: ENC[AES256_GCM,data:KTUyPeMc1OTQKJAMTGMnSWc44nkqRzvMk00o5LCiCVK9cq8Q5s3mtQave5ZsPyP8E5fJKp2wBikNJ6nbgrfLfHJhz0A5BdKkaELAQl3So7yDEl0oE3W4lS6Q5kIhpwBEabMzEU5E74FZ+9PcsUazb9MBU/Ngm3a+t6L5AIbiCE8=,iv:5p6eI2F5tqsfRE/0m8wP27HMsDky2cbV+D3syjq2aqU=,tag:8h+t7sKjX7uuo+IvilwAhg==,type:str] + lastmodified: "2024-07-28T15:38:03Z" + mac: ENC[AES256_GCM,data:/ZQ0QX/nqGWHkIOvJxKxl8HHlK1bxEdog0Ee/N5CnU6aw4l8IoX3BwpZBFP78+/EO1flH4S9zyJfRE1U9NoIqXPXs+r0dgGiJm0FHwGiHi1oGRmxfggi0Kes4WQa3rIgxuyeIjwXWc4LNPLkCyNPGNdnE0wZ4ab31O/ZbIME1NY=,iv:r7RZGBdXJnk6261LE7IwmojWYC6JoqVJFwekGbhuFXY=,tag:FWaAoJ8FRZJitAp8F3cK2Q==,type:str] pgp: - created_at: "2024-06-09T19:44:41Z" enc: |- diff --git a/system-modules/auto-mount.nix b/system-modules/auto-mount.nix new file mode 100644 index 0000000..8170929 --- /dev/null +++ b/system-modules/auto-mount.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + services.udisks2.enable = true; +} diff --git a/system-modules/boot.nix b/system-modules/boot.nix index 456c551..b6a48e8 100755 --- a/system-modules/boot.nix +++ b/system-modules/boot.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, host, inputs, ... }: +{ config, pkgs, pkgs-unstable, lib, host, inputs, ... }: let grub-theme-ascii-diana = (pkgs.fetchFromGitea { domain = "git.nx2.site"; @@ -76,7 +76,7 @@ in # ''; # }; }; - # kernelPackages = pkgs.linuxPackages_latest; + kernelPackages = pkgs-unstable.linuxPackages_zen; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; kernelModules = [ "v4l2loopback" ]; extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1''; diff --git a/system-modules/davmail.nix b/system-modules/davmail.nix index 00b166b..3960811 100755 --- a/system-modules/davmail.nix +++ b/system-modules/davmail.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, user, allowed, secrets, ... }: +{ pkgs, ... }: { environment.systemPackages = with pkgs; [ @@ -43,4 +43,4 @@ davmail.enableKerberos = false; }; }; -} \ No newline at end of file +} diff --git a/system-modules/hardware-configuration.nix b/system-modules/hardware-configuration.nix index d278499..82073f1 100755 --- a/system-modules/hardware-configuration.nix +++ b/system-modules/hardware-configuration.nix @@ -4,12 +4,9 @@ (modulesPath + "/installer/scan/not-detected.nix") ]; - environment.systemPackages = if host == "NxNORTH" then with pkgs; [ + environment.systemPackages = with pkgs; [ ntfs3g - btrfs-progs - ] else if host == "NxXPS" then with pkgs; [ - ntfs3g - ] else []; + ]; boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; # boot.initrd.kernelModules = [ ]; @@ -19,7 +16,7 @@ fileSystems = if host != "NxACE" then { "/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; "/boot" = { device = "/dev/disk/by-label/EFI"; fsType = "vfat"; }; - "/home/${user}/shared" = { device = "/dev/disk/by-label/shared"; fsType = if host == "NxXPS" then "ntfs" else "btrfs"; }; + "/home/${user}/shared" = { device = "/dev/disk/by-label/shared"; fsType = "ntfs"; }; } else { "/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; "/boot" = { device = "/dev/disk/by-label/EFI"; fsType = "vfat"; }; diff --git a/system-modules/hsmw.nix b/system-modules/hsmw.nix index 5cfca01..e0255dd 100755 --- a/system-modules/hsmw.nix +++ b/system-modules/hsmw.nix @@ -1,24 +1,30 @@ { pkgs, lib, host, secrets, ... }: -lib.mkIf (host != "NxACE") { - environment.systemPackages = [ - pkgs.strongswanNM + environment.systemPackages = with pkgs; [ + strongswanNM ]; environment.etc = { - # Easyroam - "ssl/certs/easyroam_client_cert.pem".source = ../secrets/easyroam-hsmw/easyroam_client_cert.pem; - "ssl/certs/easyroam_root_ca.pem".source = ../secrets/easyroam-hsmw/easyroam_root_ca.pem; - "ssl/certs/easyroam_client_key.pem".source = ../secrets/easyroam-hsmw/easyroam_client_key.pem; - "NetworkManager/system-connections/eduroam.nmconnection" = { - text = secrets.easyroamHSMW.nmconfig; - mode = "0600"; - }; + # # Easyroam + # "ssl/certs/easyroam_client_cert.pem".source = ../secrets/easyroam-hsmw/easyroam_client_cert.pem; + # "ssl/certs/easyroam_root_ca.pem".source = ../secrets/easyroam-hsmw/easyroam_root_ca.pem; + # "ssl/certs/easyroam_client_key.pem".source = ../secrets/easyroam-hsmw/easyroam_client_key.pem; + # "NetworkManager/system-connections/eduroam.nmconnection" = { + # text = secrets.easyroamHSMW.nmconfig; + # mode = "0600"; + # }; - "ipsec.d/hsmw.secrets".text = ''${secrets.email.hsmw.mail} : EAP "${secrets.email.hsmw.password}"''; - "ipsec.d/USERTrust-ECC.pem".source = ../secrets/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem; - "ipsec.d/USERTrust-RSA.pem".source = ../secrets/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem; + # "ipsec.d/hsmw.secrets".text = ''${secrets.email.hsmw.un}@hs-mittweida.de : EAP "megasecret"''; + # "ipsec.d/USERTrust-ECC.pem".source = ../secrets/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem; + # "ipsec.d/USERTrust-RSA.pem".source = ../secrets/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem; + }; + + + sops.secrets = { + "USERTrust/ECC" = { path = "/etc/ipsec.d/USERTrust-ECC.pem"; }; + "USERTrust/RSA" = { path = "/etc/ipsec.d/USERTrust-RSA.pem"; }; + "hsmw-vpn-secret" = { path = "/etc/ipsec.d/hsmw.secret"; mode = "600"; }; }; networking.networkmanager.enableStrongSwan = true; @@ -31,19 +37,19 @@ lib.mkIf (host != "NxACE") }; connections = { hsmw = { - keyexchange = "ikev2"; - left = "%defaultroute"; - leftid = "%any"; - leftauth = "eap"; - eap_identity = secrets.email.hsmw.mail; - leftsourceip = "%config"; - leftdns = "%config4"; - leftfirewall = "no"; - right = "141.55.128.84"; - rightid = "@vpn4.hs-mittweida.de"; - rightsubnet = "0.0.0.0/0"; - rightauth = "pubkey"; - auto = "add"; + keyexchange = "ikev2"; + left = "%defaultroute"; + leftid = "%any"; + leftauth = "eap"; + eap_identity = "${secrets.email.hsmw.un}@hs-mittweida.de"; + leftsourceip = "%config"; + leftdns = "%config4"; # Ensure that DNS resolution works as expected + leftfirewall = "no"; # Keep firewall disabled, but manually check rules + right = "141.55.128.84"; + rightid = "@vpn4.hs-mittweida.de"; + rightsubnet = "141.55.128.0/16"; # Split tunneling: Only route traffic for the VPN subnet + rightauth = "pubkey"; + auto = "add"; }; }; managePlugins = true; @@ -73,7 +79,7 @@ lib.mkIf (host != "NxACE") "openssl" "resolve" ]; - secrets = [ "/etc/ipsec.d/hsmw.secrets" ]; + secrets = [ "/etc/ipsec.d/hsmw.secret" ]; ca = { hsmw = { auto = "add"; diff --git a/system-modules/kodi.nix b/system-modules/kodi.nix index 165ec6a..8b2ec09 100644 --- a/system-modules/kodi.nix +++ b/system-modules/kodi.nix @@ -1,12 +1,13 @@ { pkgs, lib, host, ... }: lib.mkIf (host == "NxACE") -{ - services.xserver.desktopManager.kodi = { - enable = true; - }; - services.cage = { - user = "kodi"; - program = "${pkgs.kodi-wayland}/bin/kodi-standalone"; - enable = true; - }; -} +{} +# { +# services.xserver.desktopManager.kodi = { +# enable = true; +# }; +# services.cage = { +# user = "kodi"; +# program = "${pkgs.kodi-wayland}/bin/kodi-standalone"; +# enable = true; +# }; +# } diff --git a/system-modules/networking.nix b/system-modules/networking.nix index 7a8e558..bef3ad6 100755 --- a/system-modules/networking.nix +++ b/system-modules/networking.nix @@ -3,12 +3,16 @@ let in { - + networking.nameservers = [ + "1.1.1.1" + "8.8.8.8" + ]; + networking.hostName = host; networking.networkmanager = { enable = true; }; - networking.enableIPv6 = true; + networking.enableIPv6 = false; } diff --git a/system-modules/nvidia.nix b/system-modules/nvidia.nix index c498b92..28e5573 100755 --- a/system-modules/nvidia.nix +++ b/system-modules/nvidia.nix @@ -1,69 +1,68 @@ -{ config, pkgs, pkgs-unstable, lib, nvidia, ... }: +{ config, pkgs, lib, nvidia, ... }: +lib.mkIf nvidia.enable { - config = lib.mkIf nvidia.enable { - environment.systemPackages = with pkgs; [ - lshw - glxinfo - (pkgs.writeShellScriptBin "nvidia-offload" '' - export __NV_PRIME_RENDER_OFFLOAD=1 - export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 - export __GLX_VENDOR_LIBRARY_NAME=nvidia - export __VK_LAYER_NV_optimus=NVIDIA_only - exec "$@" - '') - ] ++ [ - # pkgs-unstable.nvtopPackages.intel - # pkgs-unstable.nvtopPackages.nvidia - ]; + environment.systemPackages = with pkgs; [ + lshw + glxinfo + (pkgs.writeShellScriptBin "nvidia-offload" '' + export __NV_PRIME_RENDER_OFFLOAD=1 + export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export __VK_LAYER_NV_optimus=NVIDIA_only + exec "$@" + '') + # ] ++ [ + # pkgs-unstable.nvtopPackages.intel + # pkgs-unstable.nvtopPackages.nvidia + ]; - # Load nvidia driver for Xorg and Wayland - services.xserver.videoDrivers = [ "nvidia" ]; + # Load nvidia driver for Xorg and Wayland + services.xserver.videoDrivers = [ "nvidia" ]; - hardware = { - nvidia = { - prime = lib.mkIf nvidia.prime { - intelBusId = "PCI:0:2:0"; - nvidiaBusId = "PCI:1:0:0"; - offload = { - enable = true; - enableOffloadCmd = true; - }; + hardware = { + nvidia = { + prime = lib.mkIf nvidia.prime { + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:1:0:0"; + offload = { + enable = true; + enableOffloadCmd = true; }; - modesetting.enable = true; - - # Modesetting is required. - - # Nvidia power management. Experimental, and can cause sleep/suspend to fail. - # Enable this if you have graphical corruption issues or application crashes after waking - # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead - # of just the bare essentials. - powerManagement.enable = true; - - # Fine-grained power management. Turns off GPU when not in use. - # Experimental and only works on modern Nvidia GPUs (Turing or newer). - powerManagement.finegrained = true; - - # Use the NVidia open source kernel module (not to be confused with the - # independent third-party "nouveau" open source driver). - # Support is limited to the Turing and later architectures. Full list of - # supported GPUs is at: - # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus - # Only available from driver 515.43.04+ - # Currently alpha-quality/buggy, so false is currently the recommended setting. - open = false; - - # Enable the Nvidia settings menu, - # accessible via `nvidia-settings`. - nvidiaSettings = true; - - # Optionally, you may need to select the appropriate driver version for your specific GPU. - package = config.boot.kernelPackages.nvidiaPackages.stable; - }; - opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; }; + modesetting.enable = true; + + # Modesetting is required. + + # Nvidia power management. Experimental, and can cause sleep/suspend to fail. + # Enable this if you have graphical corruption issues or application crashes after waking + # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead + # of just the bare essentials. + powerManagement.enable = true; + + # Fine-grained power management. Turns off GPU when not in use. + # Experimental and only works on modern Nvidia GPUs (Turing or newer). + powerManagement.finegrained = nvidia.prime; + + # Use the NVidia open source kernel module (not to be confused with the + # independent third-party "nouveau" open source driver). + # Support is limited to the Turing and later architectures. Full list of + # supported GPUs is at: + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Only available from driver 515.43.04+ + # Currently alpha-quality/buggy, so false is currently the recommended setting. + open = false; + + # Enable the Nvidia settings menu, + # accessible via `nvidia-settings`. + nvidiaSettings = true; + + # Optionally, you may need to select the appropriate driver version for your specific GPU. + package = config.boot.kernelPackages.nvidiaPackages.beta; + }; + opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; }; }; } diff --git a/system-modules/nx2site.nix b/system-modules/nx2site.nix index 5e6e416..a352af4 100644 --- a/system-modules/nx2site.nix +++ b/system-modules/nx2site.nix @@ -1,6 +1,13 @@ -{ pkgs, lib, user, host, ... }: +{ config, pkgs, lib, user, host, ... }: +# lib.mkIf false lib.mkIf (host == "NxACE") +# ((import ./nx2site/proxy.nix { inherit config pkgs lib user; }) // +( { + sops.secrets = { + "nx2site/namecheap.pw" = { }; + }; + systemd = { timers."namecheap-dynamic-dns" = { wantedBy = [ "timers.target" ]; @@ -10,46 +17,105 @@ lib.mkIf (host == "NxACE") Unit = "namecheap-dynamic-dns.service"; }; }; - services."namecheap-dynamic-dns" = - let - u = pkgs.writeScriptBin "update_namecheap" '' - my_ip=$(${pkgs.curl}/bin/curl -s https://ipinfo.io/ip) - dns_ip=$(${pkgs.dig}/bin/nslookup nx2.site | grep -E "Address: [0-9]" | cut -c 10-) - fdc="/home/nx2/nx2site/domain/count.txt" + services."namecheap-dynamic-dns" = let + u = let + domain = "nx2.site"; + passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; + # passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; + log-file-path = "/var/log/update_namecheap.log"; + count-file-path = "/var/log/update_namecheap-count.txt"; + in pkgs.writers.writePython3Bin "update_namecheap" { + libraries = with pkgs.python311Packages; [ requests ]; + flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" ]; + } '' + import requests + import argparse + import socket + from datetime import datetime - force_update=false + def get_public_ip(): return requests.get('https://ipinfo.io/ip').text.strip() - while getopts "f" opt; do - case $opt in - f) - force_update=true - ;; - \?) - echo "Invalid option: -$OPTARG" >&2 - exit 1 - ;; - esac - done + def get_dns_ip(): return socket.gethostbyname_ex('${domain}')[2][0] - if [ "$force_update" == true ] || [ "$my_ip" != "$dns_ip" ]; then - count=$(<$fdc) - echo [ $count times ] $(date) from $dns_ip to $my_ip >> /home/nx2/nx2site/domain/updates.log - pw=$(cat /home/nx2/nx2site/domain/pw.txt) - ${pkgs.curl}/bin/curl -s "https://dynamicdns.park-your-domain.com/update?host=@&domain=nx2.site&password=$pw&ip=$my_ip" - ${pkgs.curl}/bin/curl -s "https://dynamicdns.park-your-domain.com/update?host=*&domain=nx2.site&password=$pw&ip=$my_ip" - echo 0 > $fdc - fi + def main(force_update): + my_ip = get_public_ip() + dns_ip = get_dns_ip() + + with open("${count-file-path}", "r") as f: + content = f.read() + if content == "": count = 0 + else: count = int(content) + count += 1 + with open("${count-file-path}", "w") as f: + f.write(str(count)) + + if not (force_update or my_ip != dns_ip): + print(f"Host IP and DNS response are both {my_ip} --> No Action") + exit(0) + else: + with open("${passord-file-path}", 'r') as pw_file: pw = pw_file.read().strip() + + # Perform DNS updates + resp_base = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password={pw}&ip={my_ip}") + resp_subd = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=*&domain=${domain}&password={pw}&ip={my_ip}") + + # Reset the count file + with open("${count-file-path}", 'w') as f: f.write('0') + + now_str = datetime.now().strftime('%Y/%m/%d-%R') + log_entry = f"At {now_str} - from {dns_ip} to {my_ip} - {count} times - Response {resp_base.status_code}{' - (forced)' if force_update else ' '}\n" + print(log_entry, end="") + with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry) + + if __name__ == "__main__": + parser = argparse.ArgumentParser() + parser.add_argument('-f', '--force', action='store_true', help='Force update') + args = parser.parse_args() + + main(args.force) ''; - in - { + in { script = '' set -eu ${u}/bin/update_namecheap ''; serviceConfig = { Type = "oneshot"; - User = "nx2"; }; }; }; -} + # I can't use this becasue API Access for Namecheap needs a static whitelisted IP, which I don't have + # security.acme = { + # acceptTerms = true; + # certs."nx2site" = { }; + # }; + environment.systemPackages = with pkgs; [ + certbot + (writeShellApplication { + name = "refresh_ssl_certificate"; + runtimeInputs = [ certbot ]; + # https://forum.endeavouros.com/t/tutorial-add-a-systemd-boot-loader-menu-entry-for-a-windows-installation-using-a-separate-esp-partition/37431 + text = let + webroot = /home/nx2/nx2site/staticweb/content; + in /*bash*/ '' + cartbot + ls ${webroot} + ''; + }) + ]; + networking.hosts = { # docker network inspect nx2site_default | grep -E "Name|IPv4" | tr "\n" " " | sed -r 's- +- -g;s-\n?"Name": -\n-g' | sed -r '1d;2d;s-"(.+?)", "IPv4Address": "(.+)/16",- "\2" = [ "\1.docker" ];-g' + "172.1.2.1" = [ "staticweb.docker" ]; + "172.1.3.1" = [ "matrix.docker" ]; + # "172.1.0.9" = [ "matrixdb.docker" ]; + "172.1.4.1" = [ "matrix-ss.docker" ]; + # "172.1.0.7" = [ "matrix-ssdb.docker" ]; + "172.1.5.1" = [ "pw.docker" ]; + "172.1.6.1" = [ "git.docker" ]; + # "172.1.0.10" = [ "gitdb.docker" ]; + "172.1.7.1" = [ "nn.docker" ]; + "172.1.8.1" = [ "llm.docker" ]; + # "172.1.9.1" = [ "proxy.docker" ]; + "172.1.10.1" = [ "share.docker" ]; + "172.1.11.1" = [ "odq.docker" ]; + }; +}) diff --git a/system-modules/nx2site/proxy.nix b/system-modules/nx2site/proxy.nix new file mode 100644 index 0000000..fde9b31 --- /dev/null +++ b/system-modules/nx2site/proxy.nix @@ -0,0 +1,180 @@ +{ config, pkgs, lib, user }: +lib.mkIf false +{ + sops.secrets = { + "nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; }; + "nx2site/sslCertificateKey.pem" = { owner = config.services.nginx.user; }; + "nx2site/dhparams.pem" = { owner = config.services.nginx.user; }; + }; + services.nginx = { + enable = true; + additionalModules = []; + # appendConfig = ''''; + clientMaxBodySize = "20m"; + + defaultHTTPListenPort = 80; + defaultListenAddresses = [ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"; + defaultListen = [ { + addr = "0.0.0.0"; + ssl = true; + port = 443; + proxyProtocol = true; + }]; + defaultMimeTypes = "${pkgs.mailcap}/etc/nginx/mime.types"; + defaultSSLListenPort = 443; + enableQuicBPF = true; + enableReload = true; + # eventsConfig = ''''; + # logError = ; + # mapHashBucketSize = ; + # mapHashMaxSize = ; + package = pkgs.nginxQuic; + # preStart = true; + proxyResolveWhileRunning = false; + proxyTimeout = "20s"; + recommendedBrotliSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedZstdSettings = true; + serverTokens = false; + # sslCiphers = true; + sslDhparam = config.sops.secrets."nx2site/dhparams.pem".path; + sslProtocols = "TLSv1.2 TLSv1.3"; + statusPage = false; + streamConfig = ""; # udp config + validateConfigFile = true; + upstreams = { + "staticweb".servers = { "staticweb.docker:80" = {}; }; + "matrix".servers = { "matrix.docker:80" = {}; }; + "matrix-ss".servers = { "matrix-ss.docker:80" = {}; }; + "pw".servers = { "pw.docker:80" = {}; }; + "git".servers = { "git.docker:80" = {}; }; + "nn".servers = { "nn.docker:80" = {}; }; + "llm".servers = { "llm.docker:80" = {}; }; + "share".servers = { "share.docker:80" = {}; }; + + "sync".servers = { "localhost:8384" = {}; }; + }; + virtualHosts = let + sslCertificate = config.sops.secrets."nx2site/sslCertificate.pem".path; + sslCertificateKey = config.sops.secrets."nx2site/sslCertificateKey.pem".path; + kTLS = true; http2 = true; http3 = true; http3_hq = true; quic = true; + in + { + "nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { + proxyPass = "http://staticweb"; + # extraConfig = [ ''add_header Alt-Svc 'h3=":443"; ma=86400';'' ''add_header Cache-Control "public";'' ] ++ common-location-conf; + }; + "/.well-known/matrix/client" = { + return = ''200 '{"m.homeserver": {"base_url": "https://matrix.nx2.site"}, "org.matrix.msc3575.proxy": {"url": "https://matrix-ss.nx2.site"}}' ''; + extraConfig = [ "default_type application/json;" "add_header Access-Control-Allow-Origin *;" ]; + }; + "/.well-known/matrix/server" = { + return = ''200 '{"m.server":"matrix.nx2.site:443"}' ''; + extraConfig = [ "default_type application/json;" "add_header Access-Control-Allow-Origin *;" ]; + }; + "~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = { + proxyPass = "http://matrix-ss"; + # extraConfig = [ ''proxy_set_header X-Forwarded-For $remote_addr;'' ''proxy_set_header X-Forwarded-Proto $scheme;'' ''proxy_set_header Host $host;'' ]; + }; + "~ ^(\/_matrix|\/_synapse\/client)" = { + return = ''200 '{"m.server":"matrix.nx2.site:443"}' ''; + # extraConfig = []; + }; + }; + }; + "matrix.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + listen = [ + { addr = "0.0.0.0"; port = 443; ssl = true; } + { addr = "0.0.0.0"; port = 8448; ssl = true; } + ]; + locations = { + "/" = { + proxyPass = "http://matrix"; + # extraConfig = [ ''add_header Alt-Svc 'h3=":443"; ma=86400';'' ''add_header Cache-Control "public";'' ] ++ common-location-conf; + }; + }; + }; + "matrix-ss.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + # "resolver 1.1.1.1;" + # "client_max_body_size 500M;" + # ]; + locations = { + "/" = { proxyPass = "http://pw"; }; + }; + }; + # "dev.nx2.site" = { + # inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + # locations = { + # "/" = { + # proxyPass = "http://dev"; + # }; + # }; + # }; + "pw.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { proxyPass = "http://pw"; }; + "/admin" = { proxyPass = "http://pw"; }; + "/notifications/hub" = { proxyPass = "http://pw"; }; + "/notifications/hub/negotiate" = { proxyPass = "http://pw"; }; + }; + }; + "share.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { proxyPass = "http://share"; # ''proxy_hide_header Content-Disposition;'' + # ''proxy_set_header Content-Disposition $upstream_http_content_disposition;'' + # ''proxy_set_header X-Real-IP $remote_addr;'' + # ''proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;'' + # ''proxy_set_header Host $http_host;'' + # ]; + }; + "/socket.io" = { + proxyPass = "http://share/socket.io"; + proxyWebsockets = true; + # extraConfig = [ + # ''proxy_http_version 1.1;'' + # ''proxy_set_header Upgrade $http_upgrade;'' + # ''proxy_set_header Connection "upgrade";'' + # ]; + }; + }; + }; + "sync.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { proxyPass = "http://sync"; }; + }; + }; + "git.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { proxyPass = "http://git"; }; + }; + }; + "~^(.*)\.nx2\.site$" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + root = "/home/nx2/nx2site/staticweb/xcontent/"; + locations = { + "~.*" = { return = "502 /502.html"; }; + }; + }; + }; + }; +} diff --git a/system-modules/ollama.nix b/system-modules/ollama.nix index 1635b0b..284f5cd 100755 --- a/system-modules/ollama.nix +++ b/system-modules/ollama.nix @@ -1,46 +1,22 @@ -{ pkgs, lib, host, nvidia, ... }: - -{ - environment.systemPackages = with pkgs; [ - ollama - ]; +{ pkgs, pkgs-unstable, pkgs-latest, lib, host, nvidia, ... }: +let + p = pkgs-latest.ollama; + # p = pkgs-unstable.ollama.overrideAttrs (oldAttrs: rec { + # inherit (oldAttrs) pname; + # version = "0.3.0"; + # src = pkgs.fetchFromGitHub { + # owner = "ollama"; + # repo = "ollama"; + # rev = "v${version}"; + # hash = "sha256-69CpRAggx6a1NJq+CA9QliXuUbDgC1ERRuA3y17KVAM="; + # fetchSubmodules = true; + # }; + # }); +in { + environment.systemPackages = [ p ]; - # services.ollama.environmentVariables = { - # OLLAMA_ORIGINS = "*"; - # }; - - # systemd.services.ollama = { - # environment.OLLAMA_ORIGINS = "*"; - # description = "Ollama Service"; - # after = [ "network-online.target" "ollama-doesnt-respect-xdg-data-home.service" ]; - # serviceConfig = { - # Type = "simple"; - # # Environment = "\"XDG_DATA_HOME=/run/current-system/sw/share\""; - # ExecStart = "${pkgs.ollama}/bin/ollama serve"; - # User = "ollama"; - # Group = "ollama"; - # Restart = "always"; - # RestartSec = "3"; - # }; - # wantedBy = [ "default.target" ]; - # }; - - # users.users.ollama = { - # isSystemUser = true; - # home = "/usr/share/ollama"; - # shell = "/bin/false"; - # group = "ollama"; - # }; - # users.groups.ollama = {}; - - # systemd.services.ollama-doesnt-respect-xdg-data-home = { - # wantedBy = ["multi-user.target"]; - # script = '' - # mkdir -p /usr/share/ollama/.ollama - # chown ollama:ollama -R /usr/share/ollama - # ''; - # }; services.ollama = { + package = p; enable = true; acceleration = lib.mkIf nvidia.enable "cuda"; listenAddress = if host == "NxACE" then "0.0.0.0:11434" else "127.0.0.1:11434"; diff --git a/system-modules/sound.nix b/system-modules/sound.nix index 5c88876..762e312 100755 --- a/system-modules/sound.nix +++ b/system-modules/sound.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, system, user, allowed, secrets, ... }: +{ config, pkgs, lib, ... }: { services.pipewire = { @@ -9,4 +9,4 @@ # If you want to use JACK applications, uncomment this jack.enable = true; }; -} \ No newline at end of file +} diff --git a/system-modules/syncthing.nix b/system-modules/syncthing.nix index b3d3946..2122857 100644 --- a/system-modules/syncthing.nix +++ b/system-modules/syncthing.nix @@ -17,7 +17,12 @@ let }; dirs = { - default = { name = "sync"; path = "/home/${user}/sync"; }; + default = { name = "sync"; path = "/home/${user}/sync"; }; + s21u-dcim = { name = "s21u-dcim"; path = "/vault/Pictures/Lennart"; }; + diane-dcim = { name = "diane-dcim"; path = "/vault/Pictures/Diane"; }; + dianesd-dcim = { name = "dianesd-dcim"; path = "/vault/Pictures/Diane-SD"; }; + daniel-dcim = { name = "daniel-dcim"; path = "/vault/Pictures/Daniel"; }; + tessa-dcim = { name = "tessa-dcim"; path = "/vault/Pictures/Tessa"; }; }; in lib.mkIf (user != "tv") @@ -45,8 +50,7 @@ lib.mkIf (user != "tv") ) else if (host == "NxNORTH") then ( xps // ace // s21u ) else ( - # north // xps // s21u // diane // daniel // tessa // georg - north // xps // s21u + north // xps // s21u // diane // daniel // tessa // georg ); folders = with dirs; if (host == "NxXPS") then { "${default.name}" = { @@ -58,11 +62,31 @@ lib.mkIf (user != "tv") path = default.path; devices = with devices; (justname [ xps ace s21u ]); }; - } else { + } else { # NxACE "${default.name}" = { path = default.path; devices = with devices; (justname [ xps north s21u ]); }; + "${s21u-dcim.name}" = { + path = s21u-dcim.path; + devices = with devices; (justname [ s21u ]); + }; + "${diane-dcim.name}" = { + path = diane-dcim.path; + devices = with devices; (justname [ diane ]); + }; + "${dianesd-dcim.name}" = { + path = dianesd-dcim.path; + devices = with devices; (justname [ diane ]); + }; + "${daniel-dcim.name}" = { + path = daniel-dcim.path; + devices = with devices; (justname [ daniel ]); + }; + "${tessa-dcim.name}" = { + path = tessa-dcim.path; + devices = with devices; (justname [ tessa ]); + }; }; gui = { theme = "black"; diff --git a/system-modules/users.nix b/system-modules/users.nix index 1ebe8ce..cec112b 100755 --- a/system-modules/users.nix +++ b/system-modules/users.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, system, host, user, allowed, secrets, ... }: +{ pkgs, lib, host, user, ... }: { users.defaultUserShell = pkgs.bash; # if interactive, itll switch to fish @@ -10,13 +10,11 @@ openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1RPCcS8DtIf75a2FEW4d8X6WTVeLlmretoLqppvZlJ" # From [A] GPG Sub Key ]; - packages = with pkgs; []; # all in home.nix }; users.users.tv = lib.mkIf (host == "NxACE") { isNormalUser = true; extraGroups = [ "networkmanager" "audio" "video" "uinput" ]; useDefaultShell = true; - packages = with pkgs; []; # all in home.nix };