From bb60da2409b75d775a1b001d76d06684baae5fd0 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Sun, 14 Jul 2024 02:12:37 +0200 Subject: [PATCH 01/14] nvidia user conf only on nvidia systems --- home-modules/nvidia.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/home-modules/nvidia.nix b/home-modules/nvidia.nix index 4ff4538..9539b37 100644 --- a/home-modules/nvidia.nix +++ b/home-modules/nvidia.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: +{ pkgs, lib, nvidia, ... }: +lib.mkIf (nvidia.enable == true) { home = { packages = with pkgs; [ From 93bcb2308517339a3fe0b3a1c6793ae3f647b4e3 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Sun, 14 Jul 2024 02:13:32 +0200 Subject: [PATCH 02/14] kodi on ice --- system-modules/kodi.nix | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/system-modules/kodi.nix b/system-modules/kodi.nix index 165ec6a..8b2ec09 100644 --- a/system-modules/kodi.nix +++ b/system-modules/kodi.nix @@ -1,12 +1,13 @@ { pkgs, lib, host, ... }: lib.mkIf (host == "NxACE") -{ - services.xserver.desktopManager.kodi = { - enable = true; - }; - services.cage = { - user = "kodi"; - program = "${pkgs.kodi-wayland}/bin/kodi-standalone"; - enable = true; - }; -} +{} +# { +# services.xserver.desktopManager.kodi = { +# enable = true; +# }; +# services.cage = { +# user = "kodi"; +# program = "${pkgs.kodi-wayland}/bin/kodi-standalone"; +# enable = true; +# }; +# } From 70b3d92fb161faef0e1a1c423c5c0ff488c1eeb9 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Sun, 14 Jul 2024 02:14:19 +0200 Subject: [PATCH 03/14] update_namecheap in python --- sops-secrets.yaml | 6 ++- system-modules/nx2site.nix | 86 ++++++++++++++++++++++++++------------ 2 files changed, 64 insertions(+), 28 deletions(-) diff --git a/sops-secrets.yaml b/sops-secrets.yaml index 8c55095..682d3c3 100644 --- a/sops-secrets.yaml +++ b/sops-secrets.yaml @@ -19,6 +19,8 @@ syncthing: key.pem: ENC[AES256_GCM,data:zFgSrZelmXgTAm0Zl0HSTp+M4tLOQzksdYnA1NZPeu4R+mxMylilEtHzMp9zE7urz5gadjUEiguDBkfTOIzFeSLeUlXBDBWJhXf5JPZ403HES11qlIFdW8BPkzVC3X0N0KyydLdfhM0MAhZdyrRxn1ATc0ppvyqTpeN1rxNYMHTezRH9WMmKC9VS506rCIZrfOtEsuBpsxP6tTjOQ9AxuWV1z6/DRjv55U2EojZ/viM6sjGSsuDAYZQJBA7VQcNsw4PZu49OfA0czo7FbE6Gh6+TJ9PdMOUuo2/syH4yPBC7vqMECIBN4MHzhyoOTqcyZHIV5iJsZqTIbTN+CP72pPPrhs/a5K0GkyT0PPHVem+dGhyAJWQglSAlcK8kXWDP,iv:pzQOoQvFqoC3nIuGLNx97cCE7qO+PHCVw9G4K1mX2nk=,tag:zXUch/o/B97TlgHhAYUveA==,type:str] weechat: passphrase: ENC[AES256_GCM,data:3NVhMouf3wwMJTZCvIjbi5fjHJHxe25Q+wRo,iv:W8cShdM3iUyEiRCPNupMin3gfF+cqGxslD18CAvUW4c=,tag:DXBATGEhHjhXqy+J9BNVwg==,type:str] +nx2site: + namecheap.pw: ENC[AES256_GCM,data:tN6ArfQu+YfVkPPN00raPZWmghDKVFmmGgwACVQQSHs=,iv:TlUl0L3+Ea9vt43lwDlM0SE1+CLvWJdryt1lFhQ+75I=,tag:pia2ORsm66AQUOE/ZiO8yA==,type:str] sops: kms: [] gcp_kms: [] @@ -61,8 +63,8 @@ sops: SHJLR3lvdlFiRmJuU25RUHFFTmpjamMKbzycdDvQBAuOiRROTZEQSnaXoPapz73L yVS9EUP25FSx/sGqRqaCefbeaybuM1aso6LDnlomv4Bib7zjugWKSw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-04T15:28:58Z" - mac: ENC[AES256_GCM,data:KTUyPeMc1OTQKJAMTGMnSWc44nkqRzvMk00o5LCiCVK9cq8Q5s3mtQave5ZsPyP8E5fJKp2wBikNJ6nbgrfLfHJhz0A5BdKkaELAQl3So7yDEl0oE3W4lS6Q5kIhpwBEabMzEU5E74FZ+9PcsUazb9MBU/Ngm3a+t6L5AIbiCE8=,iv:5p6eI2F5tqsfRE/0m8wP27HMsDky2cbV+D3syjq2aqU=,tag:8h+t7sKjX7uuo+IvilwAhg==,type:str] + lastmodified: "2024-07-13T23:01:06Z" + mac: ENC[AES256_GCM,data:K/ToZO4sX5l3lWpzB9AIfhQxag/eBF8B2vX9Yfa9ROWYxj+H2YfJQyA2GKCfkXv+h2H6wpKeHW2yiZAED5BKKjPkFG85u4yukWorlB1ozkzQTh7iRDGMVBs5Gj3Xe8GMYKMO/RzAmD6IYAC6kfrigqTIGNi+5p6I+WUf3E05CR0=,iv:bftIZe3R43V+MtpIygG6bHJdn1sFzAH3o1cpdESSvng=,tag:zMOwbk47LLMSfMCyEXAEkw==,type:str] pgp: - created_at: "2024-06-09T19:44:41Z" enc: |- diff --git a/system-modules/nx2site.nix b/system-modules/nx2site.nix index 5e6e416..ccf6a3f 100644 --- a/system-modules/nx2site.nix +++ b/system-modules/nx2site.nix @@ -1,6 +1,10 @@ -{ pkgs, lib, user, host, ... }: +{ config, pkgs, lib, user, host, ... }: lib.mkIf (host == "NxACE") { + sops.secrets = { + "nx2site/namecheap.pw" = { }; + }; + systemd = { timers."namecheap-dynamic-dns" = { wantedBy = [ "timers.target" ]; @@ -12,33 +16,63 @@ lib.mkIf (host == "NxACE") }; services."namecheap-dynamic-dns" = let - u = pkgs.writeScriptBin "update_namecheap" '' - my_ip=$(${pkgs.curl}/bin/curl -s https://ipinfo.io/ip) - dns_ip=$(${pkgs.dig}/bin/nslookup nx2.site | grep -E "Address: [0-9]" | cut -c 10-) - fdc="/home/nx2/nx2site/domain/count.txt" + u = let + domain = "nx2.site"; + passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; + log-file-path = "/var/log/update_namecheap.log"; + count-file-path = "/var/log/update_namecheap-count.txt"; + in + pkgs.writers.writePython3Bin "update_namecheap" { + libraries = with pkgs.python311Packages; [ + requests + ]; + flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" ]; + } '' + import requests + import argparse + import socket + from datetime import datetime - force_update=false + def get_public_ip(): return requests.get('https://ipinfo.io/ip').text.strip() - while getopts "f" opt; do - case $opt in - f) - force_update=true - ;; - \?) - echo "Invalid option: -$OPTARG" >&2 - exit 1 - ;; - esac - done + def get_dns_ip(): return socket.gethostbyname_ex('${domain}')[2][0] - if [ "$force_update" == true ] || [ "$my_ip" != "$dns_ip" ]; then - count=$(<$fdc) - echo [ $count times ] $(date) from $dns_ip to $my_ip >> /home/nx2/nx2site/domain/updates.log - pw=$(cat /home/nx2/nx2site/domain/pw.txt) - ${pkgs.curl}/bin/curl -s "https://dynamicdns.park-your-domain.com/update?host=@&domain=nx2.site&password=$pw&ip=$my_ip" - ${pkgs.curl}/bin/curl -s "https://dynamicdns.park-your-domain.com/update?host=*&domain=nx2.site&password=$pw&ip=$my_ip" - echo 0 > $fdc - fi + def main(force_update): + my_ip = get_public_ip() + dns_ip = get_dns_ip() + + with open("${count-file-path}", "r") as f: + content = f.read() + if content == "": count = 0 + else: count = int(content) + count += 1 + with open("${count-file-path}", "w") as f: + f.write(str(count)) + + if not (force_update or my_ip != dns_ip): + print(f"Host IP and DNS response are both {my_ip} --> No Action") + exit(0) + else: + with open("${passord-file-path}", 'r') as pw_file: pw = pw_file.read().strip() + + # Perform DNS updates + resp_base = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password={pw}&ip={my_ip}") + resp_subd = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=*&domain=${domain}&password={pw}&ip={my_ip}") + + # Reset the count file + with open("${count-file-path}", 'w') as f: f.write('0') + + now_str = datetime.now().strftime('%Y/%m/%d-%R') + log_entry = f"At {now_str} - from {dns_ip} to {my_ip} - {count} times - Response {resp_base.status_code}{' - (forced)' if force_update else ' '}\n" + print(log_entry, end="") + with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry) + + if __name__ == "__main__": + parser = argparse.ArgumentParser() + parser.add_argument('-f', '--force', action='store_true', help='Force update') + args = parser.parse_args() + + main(args.force) ''; in { @@ -48,7 +82,7 @@ lib.mkIf (host == "NxACE") ''; serviceConfig = { Type = "oneshot"; - User = "nx2"; + # User = "nx2"; }; }; }; From dffd47fa94aa3169bc40aed501012bb41f696744 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Sat, 20 Jul 2024 21:23:47 +0200 Subject: [PATCH 04/14] changes saved (doesnt built) --- configuration.nix | 28 +++--- flake.nix | 80 +++++++++--------- .../mutt/client-secret-oauth2-lkgoogle.json | Bin 418 -> 0 bytes git-crypt/secrets.nix | Bin 2881 -> 2863 bytes home-modules/email.nix | 13 +-- home-modules/helix.nix | 2 +- home-modules/hyprland-autoname-workspaces.nix | 1 + home.nix | 12 ++- sops-secrets.yaml | 12 ++- system-modules/hsmw.nix | 37 ++++---- system-modules/ollama.nix | 5 +- 11 files changed, 113 insertions(+), 77 deletions(-) delete mode 100755 git-crypt/mutt/client-secret-oauth2-lkgoogle.json diff --git a/configuration.nix b/configuration.nix index e40f217..e344b22 100755 --- a/configuration.nix +++ b/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, pkgs-unstable, inputs, ... }: +{ pkgs, pkgs-unstable, lib, inputs, allowed, nvidia, ... }: { imports = [ inputs.sops-nix.nixosModules.sops @@ -12,12 +12,12 @@ ./system-modules/gc.nix ./system-modules/dm.nix ./system-modules/networking.nix - ./system-modules/virtualisation.nix + # ./system-modules/virtualisation.nix ./system-modules/sshd.nix ./system-modules/gpg.nix ./system-modules/sops.nix ./system-modules/syncthing.nix - # ./system-modules/hsmw.nix # old + ./system-modules/hsmw.nix # old ./system-modules/docker.nix ./system-modules/health_reminder.nix ./system-modules/ydotool.nix @@ -60,13 +60,20 @@ hardware.bluetooth.powerOnBoot = true; # services.blueman.enable = true; - nixpkgs.config.allowUnfree = true; - # nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; - - + # nixpkgs.config.allowUnfree = true; + nixpkgs.config = { + # allowUnfree = true; + # allowUnfreePredicate = (pkg: true); + allowUnfreePredicate = let + string-list = allowed.unfree-packages ++ (if nvidia.enable == true then nvidia.unfree else []); + in pkg: builtins.elem (lib.getName pkg) string-list; + cudaSupport = nvidia.enable; + enableParallelBuildingByDefault = true; + }; + # List packages installed in system profile. To search, run: # $ nix search wget - environment.systemPackages = with pkgs; [ + environment.systemPackages = with pkgs; ([ git lazygit # home-manager module is bugged git-crypt @@ -84,8 +91,8 @@ blueman dmidecode file - ] ++ (with pkgs-unstable; [ - sendme + # ]) ++ (with pkgs-unstable; [ + # # sendme ]); environment.variables = { @@ -104,7 +111,6 @@ nix.settings.experimental-features = [ "nix-command" "flakes" ]; - programs.bash.shellInit = '' source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh ''; diff --git a/flake.nix b/flake.nix index 636a4df..49f9e54 100755 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Multisystem NixOS Flake of Lennart J. Kurzweg"; inputs = { - nixpkgs.url = "nixpkgs/nixos-24.05"; + nixpkgs.url = "nixpkgs/nixos-24.05"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; home-manager = { url = "github:nix-community/home-manager/release-24.05"; @@ -28,10 +28,6 @@ }; hyprswitch.url = "github:h3rmt/hyprswitch/release"; - # nixvim = { - # url = "github:nix-community/nixvim/nixos-23.11"; - # inputs.nixpkgs.follows = "nixpkgs"; - # }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.3.0"; # inputs.nixpkgs.follows = "nixpkgs-unstable"; @@ -50,8 +46,19 @@ outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, ... }@inputs: let system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - pkgs-unstable = nixpkgs-unstable.legacyPackages.${system}; + pkgs-config = { + allowUnfree = true; + # cudaSupport = nvidia.enable; + # enableParallelBuildingByDefault = true; + }; + pkgs = import nixpkgs { + system = system; + config = pkgs-config; + }; + pkgs-unstable = import nixpkgs-unstable { + system = system; + config = pkgs-config; + }; user = "nx2"; @@ -60,46 +67,43 @@ prime = true; # unfree = if enable then [ unfree = [ - "nvidia-x11" - "nvidia-settings" - "nvidia-persistenced" + "cuda_cccl" + "cuda_cudart" + "cuda_cuobjdump" + "cuda_cupti" + "cuda_cuxxfilt" + "cuda_gdb" + "cuda-merged" + "cuda_nvcc" + "cuda_nvdisasm" + "cuda_nvml_dev" + "cuda_nvprune" + "cuda_nvrtc" + "cuda_nvtx" + "cuda_profiler_api" + "cuda_sanitizer_api" "cudatoolkit" - "cudatoolkit-11.8.0" - "cudatoolkit-12.2.2" + "libcublas" + "libcufft" + "libcurand" + "libcusolver" + "libcusparse" + "libnpp" + "libnvjitlink" + "nviaia-x11" + "nvidia-persistenced" + "nvidia-settings" + "nvidia-x11" ]; # ] else []; }; allowed = { unfree-packages = [ - "cudatoolkit" - "cuda-merged" - "cuda_cuobjdump" - "cuda_gdb" - "cuda_nvcc" - "cuda_nvdisasm" - "cuda_nvprune" - "cuda_cccl" - "cuda_cudart" - "cuda_cupti" - "cuda_cuxxfilt" - "cuda_nvml_dev" - "cuda_nvrtc" - "cuda_nvtx" - "cuda_profiler_api" - "cuda_sanitizer_api" - "libcublas" - "libcufft" - "libcurand" - "libcusolver" - "libnvjitlink" - "libcusparse" - "libnpp" - "discord" - "spotify" "obsidian" - "zoom-us" + "spotify" "zoom" + "zoom-us" ] ++ nvidia.unfree; inecure-packages = [ diff --git a/git-crypt/mutt/client-secret-oauth2-lkgoogle.json b/git-crypt/mutt/client-secret-oauth2-lkgoogle.json deleted file mode 100755 index 80997c9ee16baf7255bc3fb9e3b68bf81194da93..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 418 zcmZQ@_Y83kiVO&0xW+jBdEtFy*~oj|y`J-TY!9?n>VCjf|ET;=Rgv7y-ytfdJHE_Q zY2Gz)hhdr8b%TnPneUFy$z_nA?PWe!GWVn1(LmwTRT};blHUz(y*2PzsAYOlVq*t>yhS7HifoeJ1*m;|mrSTTT`7(0^Sh7249~wLt&Xn##on zCpi`LVl+b?^DPF>p36GQQ=jZ6}UmBRx@m_vuqb zyVJL{c;Eg0s~x$i*!4$3PAJzz`>Q(^_Wrrj_jqUW%(e;H{id7wH)R&tv@r-sY}P)i zFZ0xNZ)I#`W6)fYUD0Nzop|n_$$MnDiB(j0`NE=AcHKL!9sC@yalQML zH(?CxnjNJ=qUD-%6Xh>j{Eh0}yNG3@nEZ1o2FWKEY`*d$A`^uhGE_Pq{oqLtCe4WMb$9EVnF8L{G z;r%<>Z0afxr=<696EzHaYQ9$;sejSs{i&6y>iYX|nSSY=GT~C;o}BIV_G*(R$R$Ub za%^ayc_K>X_-wyC4d=~0K1)|DVtRfl>$|W?cPV0erPFIoK~yOxqZ3C zyY#Luk4JNxN~3BYB`JSAr$4K4<<3YR#hIeZ&Tm|> zUhA~p(A}EkaY!*}9b?7M%o%>wRp-~}g`c1Iwei7;dEBS#k{i2b=RR%PbJxS%Bi1s> z%CxI^Z}3l@hrF|j1lG&JXe<}LT&j~4&tulc-o^6KyW>Stz!PMK)+ z`&;P8Y)$t3MX?sK6T7c8?C*BDD7)R=zibv)(u%t(ubPV%I)@1^->K*OZ^JL~8MoIS zZOvEFzi?>kt+U(SJy?I0&*J&9Mpf-VnWyN~xD*Jpk7x3I)SVnN~>Gv+m+kKgw@pYD40amm?~Y-{ngI^9!h z85Jha44*z{)3;tn_3caaI&bCg?%7w@yDf22^A_j%GX;-s%U%>IaO3H@m*HLfb2CDx zOQb6Fsfpd$qA<EshuDS|j&f``eDq zGmF0FscGHmJM3{^9-Pc+DR{xWf;jitR#+;X(mKCoo-|2ex~E|mSl-x?!fAGIL2;lOf@s+9}RHuo3Z)?{pzdNh5) z^4`+x2WI!B?bPD?-dg^lujN3=1m(kw$K<4*S1MN=EArmFEK_pXV}JK|;V$wVQ*H$o z9o&BL;8P8wea_a#i7IDeXDP-0U)5+j-*WY4ub0R2m+3Ri%kCGmaV~b)`p@rx(k!zt z-}DoLllFw<+_&1c(d_ABlUuhw@R%)I%qM8Gxw!StuBhr;I_X_aVf9xf1&WlG{Nq1* z{C(8?08fwmE~*`w-M7swTM}np@=q1nlP+adl9c;4UQeR>*YCx5p1Cq|3!TXLX!lZi z{*(V7KC%}z>l|Zq*1Q_EW=@aaEP=@!jclcf-ria(-LJ;yuV1l#%72TN-A8k4UM3oT z`@BAz@9nBf|4#MIR7g6mw8MYf|JS9Pk5}1$tC_CRwe`d|l}X0WXNq0=<<9zUy~}Z) z>9(I)g4e2Eo8&X=x4_GeMSDK*7VDgvG_g<4)-dZ{LXrH-6>U?wTS_hbH|~Bi>ESlr z)t{DqvSCpZmPz|>mZ#n`_2t!7(cF{XFy*g0@w!|8V$JG3AJz`rO?<+Z%?T6cue`lw#-&&>Dc-~l8=bq)|mnyE-XVPlsv2uUk6zjR~ z^wGKZjDN-!Y+{l-P-S)Es&Mvq<@7y|8C@Lew=0A)hq}F7Xt*xCruoZEIpr6H+ok6{ zS~f4?#-Dr_jYC1tC%YVCJo%y1eVwLv1#|nv($m+&^GzR4diQ0@PX?x>iljYL!uh^u zs4lEmYe}9}cvnd6`jSKaI@`6j21y;cz5G)KL+!PiIIh3Tcy@}vJNsx>O~bwEOFIJo zEqLBn{;FHh>bl{}yEzsgy_xQoKF(!JS#Wci+_g2^Y!ad`%$HA_5+}GrOGIEA7hCS) zm*|Za~?NZxugABIoGlB)E%ZC{+w%WollbFbf3->$Pm74MVG4aR%W6to`Gx2k22+nYtZnBH z)BSWWFm?T7&;J{g6g#F}brD@O|8Xxz)-mJdt6mw_Oa815;L7^(;V;voeInx5`W{@p z`dIqm1=mF(SBshzqpwK>f0)X#ddt>%NB8aujgZKA`)f~#!soeHQydlc@T6~=C?bA0 zWt*o~?ys+!wO%m$_Wj2PzI&~D zV)FQ{>8B<}!#6zBO8u{9uim4zD&Ox);Jf>eE;l^>BUjV^-EZXjydQ2jsl0^o;G<`1H+}X@yyEac61Ax<4*nYUst{fvF$1hOU&dqs8l(f z!Eg6z!8L(mZL#KiZplVB80MS_)0q9;{YXRU?(9F|zhfU)epTPIEbC7I({hvLfxi0_ zQ-U|I-WiTE&=z z-=E=)St>%5m|d&L4!oKHl1Ja}Q^41)H^mL=S`hn_iW5a^Ehk-}GkrYVPvR zi?6ryR-O9pdvEK~OZ9(#o;6pW$@TgD4BeFiJN-0O^X7Bhx8BGbAijV>zi{H!`|R_} z4VN)#>ur2oQuJ%fUAFd=rObVztNTstThDB&ecXCCpItR{ZjgZ zP@5V(nd5WcI*+Yk>d#9G4w+Qe1cX{#>6&!c&+6B&zsuuXbx-Zuuxj^%L-W*T-?x@( z4RD{bU-jIHDc}(>3__f2l^Hi$-=ag-p2Ny*7l(YIT zxYu`PtbHl$2bM)#)+iGFHWCN#U?q(nvW*Zqb4v2Goo zmvTt@tEnE*%>LxD?OM>B55I-Qet8|yX1M_};O#XezHf+=D{*~)xzXXDKVNpFG^pw^?Tn5rl|3`r^!7#b`!+v)MJ_tV*gaQ1_tA#WGKAA2_^HlE z9j(XqS&vVvy$f$WGTnbs_nvzlALCB!%ef(;7vg@VK5Q=Ek|^0tcV12?%(gEQvi#e> z$VI5%dA9iD9PfUy$!_14-H@0N;Te2%7H_un{#ng-F>|l48bB`nMo&>isN(QxQuS)D={06!^zI z`;vTg*5pi&48NZq?|Q^my-bMsvHdRp_K;o1d=pG9PS2d39oPG0MZw)^n~xm$_?X0<(nfr{w1E@z_+NPNa}6uFINtqPhXd7 zbU)vH{>4rmkvXSwx0RTiOnbCl?aEn)rFBpJc$T=P&2EW2^?13QSw#BA_QFGl*4%rj zcs$D8;r4>3e3?Bb&#q*jDHpX-X3DDGjN-LV=1nx!+_SGId|`6!#0`69SMyb`FWMw? z_T^1W=H1FMxvL8G-kWS?oT>NyUdZ|+K0e76cTQG*e*1Qj#wwX5@0W)^*lBr?HEm1e z+ZKas8$+IcGj0DQGNmoByHxVghR>&DY-aE6n0@y2>bwXhrE_=YK8{>$9N-_o_$#`f z<$uGp)&`SFpDR1XW_}N_h&S2kRd6WqodVO)uIg$=I^-@QQs` zQ^J1-9Qt(q`NiaWmp-d)sVv?e=g@iS*^SNDjpxfH2zBdp>|AbsLM+=!Px5Nl6en&@ ziEDfnA5K)x)vi~JxVhLqCdz90q0YnCj^F#I{bKc-Bjr<)F3V*%h*>$$P0DB}o+dwG z9n+;Aj{Ka8E`8CRAzSXoy8LF))yefR{r7ky3-2<;6C9mSJYUal=FL(NWiN|hn%2eI z{@$zKnd2hIG8PXb_jP|}g+FU0r5wmA)_hN$uT4 zMc0$FZ!Y?M?E(MIru8e%%}QQ+YIgkLxog(OEj`HpliOdjXIq1K|K+*9a~l|(4NVqV zzH|90c#z5M+84R9!kSs9*YFf1d3Q7y)Ew45QEzQs z0n0P_H%lKsX5{eN*yvRxXQuk-jeXI?vTJvlC4LK>W!bwia`EHEr;<-pduIPnSb5&6 z(QHYpM-Z>yK|}Z7q1WHe>P}nWYF9N#Xr+Al!!4oF)@S04oEE-Fy!Ljd;Iti5T+?R0 zGy1#vwHwQg84f=qbt1Th%};UMyR}ezP4L^s*Rgj$#Tp*qpRQQIu(2;_`*ihVQj6AH z;oJSm}WvtZ?6yQfe0tGh1A=o8v3*L&zmDU+^0*K6JhbJVgem5P)@EmvDg&+lgu zTK-+lh|N8ar;^ZUo$sX;GH&4=9|Bl^J@BSC#r(Lso zjZXe9nwZQnX-S7Rm&}}I-Q2D%`X*21-);S_ZM-T8G=`KNL3A^6)2FzLe zHTrymmBG%3k2xNHNxcvu{b`d;b?!ksshc4$zB^}6Wtb?Qyys!zUREW;-l+<^4YM9e zJ@|4+Tj9o+Wj@4BLK1V`og6kKSs2R89o?Tu&rSN(f$Ck*<8otfHm&^Z>G`u}E z@UzvPt_Mkfc@#f{e->x1NDvjb&pFZg)$308f{V|8`Fj1lzwz$buXZs`_PWmNP*3`tQn&h;9+_`D&h4`M=&B)s}Ip{S&tKV!2>Y)VCR{-@oh< zJS?YP8u~D3`58Zp<4K|4ieo!J#&g?Tk(If;G^RiD@8sSEoU`i}G`j0P<-fjoMdYuw iM@yMlE5cU#&YyeL{e8oduC(G+v9bGSzglsp!wUe2EUEnf diff --git a/home-modules/email.nix b/home-modules/email.nix index f25038b..b3e00d4 100755 --- a/home-modules/email.nix +++ b/home-modules/email.nix @@ -102,9 +102,9 @@ lib.mkIf (host != "NxACE") }; }; - hsmw = { - address = secrets.email.hsmw.mail; - userName = secrets.email.hsmw.mail; + hsmw = with secrets.email.hsmw; { + address = "${un}@hs-mittweida.de"; + userName = "${un}@hs-mittweida.de"; realName = "Lennart J. Kurzweg"; imap = { port = 993; @@ -117,8 +117,8 @@ lib.mkIf (host != "NxACE") }; signature = { text = '' - MatNr: ${secrets.email.hsmw.mnr} - SemGr: ${secrets.email.hsmw.semgr} + MatNr: ${mnr} + SemGr: ${semgr} About Me: https://nx2.site/about-me Contact: https://nx2.site/contact GPG: https://nx2.site/gpg @@ -128,6 +128,9 @@ lib.mkIf (host != "NxACE") thunderbird = { enable = true; profiles = [ "default" ]; + settings = id: { + "mail.server.server_${id}.fcc_folder" = "imap://${un}%40hs-mittweida.de@xc.hs-mittweida.de/Sent"; + }; }; }; }; diff --git a/home-modules/helix.nix b/home-modules/helix.nix index 9d8e8f6..6181ceb 100644 --- a/home-modules/helix.nix +++ b/home-modules/helix.nix @@ -99,7 +99,7 @@ "constant" = accent.bright; "constant.character.escape" = special.bright; "constant.numeric" = foreground; - "constructor" = blue.dark; + "constructor" = weird.base; "debug" = yellow.base; "diagnostic.modifiers" = [ "underlined" ]; "diff.delta" = blue.bright; diff --git a/home-modules/hyprland-autoname-workspaces.nix b/home-modules/hyprland-autoname-workspaces.nix index 0eae44d..5ba2522 100755 --- a/home-modules/hyprland-autoname-workspaces.nix +++ b/home-modules/hyprland-autoname-workspaces.nix @@ -49,6 +49,7 @@ lib.mkIf (user != "tv") "leagueclientux.exe" = "󰰌" zathura = "󰈦" code-oss = "󰨞" + codium-url-handler = "󰨞" discord = "󰙯" vesktop = "󰙯" blueman-manager = "󰂯" diff --git a/home.nix b/home.nix index 3d317cd..a08c823 100755 --- a/home.nix +++ b/home.nix @@ -1,4 +1,4 @@ -{ config, pkgs, pkgs-unstable, lib, system, inputs, host, user, rice, allowed, secrets, ... }: +{ config, pkgs, pkgs-unstable, lib, system, nvidia, host, user, rice, allowed, secrets, ... }: { imports = [ @@ -63,9 +63,14 @@ home.homeDirectory = "/home/${user}"; home.stateVersion = "24.05"; nixpkgs.config = { - allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; + allowUnfree = true; + # allowUnfreePredicate = (pkg: true); + # allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; permittedInsecurePackages = allowed.inecure-packages; + # cudaSupport = nvidia.enable; + # enableParallelBuildingByDefault = true; }; + home.packages = with pkgs; [ chromium @@ -78,7 +83,8 @@ swww playerctl imv mpv mediainfo exiftool ffmpeg - pavucontrol fontpreview gtk2fontsel + pavucontrol + fontpreview gtk2fontsel lynx w3m browsh bat du-dust eza neofetch tldr fzf figlet ripgrep lolcat jq glow brightnessctl wev diff --git a/sops-secrets.yaml b/sops-secrets.yaml index 682d3c3..cbfa580 100644 --- a/sops-secrets.yaml +++ b/sops-secrets.yaml @@ -21,6 +21,14 @@ weechat: passphrase: ENC[AES256_GCM,data:3NVhMouf3wwMJTZCvIjbi5fjHJHxe25Q+wRo,iv:W8cShdM3iUyEiRCPNupMin3gfF+cqGxslD18CAvUW4c=,tag:DXBATGEhHjhXqy+J9BNVwg==,type:str] nx2site: namecheap.pw: ENC[AES256_GCM,data:tN6ArfQu+YfVkPPN00raPZWmghDKVFmmGgwACVQQSHs=,iv:TlUl0L3+Ea9vt43lwDlM0SE1+CLvWJdryt1lFhQ+75I=,tag:pia2ORsm66AQUOE/ZiO8yA==,type:str] +USERTrust: + ECC: ENC[AES256_GCM,data:yVSxTKRhXXPwfY7STz4YOWjgBSINYG4zjISQ/9Q9Zn1gZl/wbDQjSk7prN5fSn9aVH46TbT2mPlRDt7jcfbEZ5JmUnIfDZ7JqrAukOxy7wLAF+m4R7/KdLmdM3xJ6cnH6Tm3KQjRPL26zN4BD3T1oqNw/NPxlfqWeMrjMYZSktmoNAwAjntIqrnoXIuEPKvAsqIbg+SLvrSo05DhDy48c16jSi5zzfQ9M4fEgsugw8y7BWF/eAooLsvnpinc3Ek0XpSy2QJoD9plaW0z1lUT/UFmVVZsLDejb5hbzOnklhjSgE8S7wO4Zmvnu3It5M1YATSR5PsaG7QqaP1w6dd2DdvSnfeVeS28AdgVnOUM2MwJsgTWlvtol6ErIxaUf3n3+PAXTubhH37auOoMDeFeu1lAAe2lKiQcCtpE9gy1dkZ3vSZO6eHq7REo1qauao2LrrgBfPS0p0nhMBjOiORDI06JkNwDFBktjBI9JFHBNfd/CMrgXhfsxujbVxFSD6VD7DxBb3TDgOAm5GS6YJVC5bxQx038GnHorBsUBeR6BzpxG/lrNcBdNaHKqjngBbQmYR/skbLlrJblDyXdI4Xyh55Eogz28rwT5HhjoWOGjAk9P2qk9QAqKcWuRXsS77jRIeD59cqq9EKDRzixEJntCvxxsS1LLYBG4vmzXk4qgb1vGUgNKUaVXPNjXX2ueaLtkEMkx9sMmKcyKLzLoD3/yPYEiUTwCoXaNf3o4OUrvli7mW7qzGrqXTQtQfOd7fMGupgjtR68dEQxP2M/J1725phvSUQNx8SuERMOwzHwd7Yt/Z5TKJ+B/m7uxYyVeo9QYlkHrjVAVLmHc6qnKGVZrSGSkdVVr4dksOc7gyB28MP7JZRADCnHq7+1jhRMCiOT51I/ZyrqWtTqDNBFATCeDDWF7qZcrzWq4GrWm2dmWwQlUm5lW7+MsVgrFowjnbbjwcWy2ROIPiiC3cQ7ztxqXMZZjHUVDa4OC19d4vsDETphTuFQtNHTWGnps/phrV5X5QfIC5nmrHqeyJR2YRNb1M/IZMD1nWFvDJG0B46ES03YaIrQYt46HK3Pd25arssGS+Gzx8p65NTriRBp+KAkGf8dN9+/bECHI8coWKXpi31Uu1GoN4tf0f3OoQtpq2mCF9wz9B/cl/j7jBVKN1/OPqmd/IWr737eYQLeJ/XOKs3W5+5bdnl5I0ewaipPYelUY/ZNWCMN91U8PInGrThnASRdCkNMPOzU56MIBj3gFWn/DIq/kaFpf5CFq3Zvniy5HIf/+ZyLhMH4v7O4GSgMCcomEXLlQJZ9K4ZPHo1IYfHJqi0OEfmZageDkRrD9434ByYibg1wJRVvZfUbh4HJjgIrf1yZhTAe4DVBpYnf7wuJIw0HkNRu4piiNw8LIh2ga+f36iDs5Nl0qaZtMR3gLUBiMxrLS3Yakuof+xcglzfVMo8YBD90qBFKke7OUi7CQCZw6orE/EJ8pxDTWL4sedcv/OowKo4xqh5PtUBAOljs7i1z/zHtr4Cr64SH6DW/2vp7gYA62+BPrbhSRJbW6wkWR2hWn4pYJLirKwUBasO1Iewpj6ps3if5IKVrv6kfFoFYfLF8cEpIDjek61OU15tjXRMZENR0vSQRAm9D92VGCXcD3gnW34jF+i6HnArPF8hJ8vDIAb7LYf0xuCZ0JU8QNIUqSdHIcH/GAZGNHAP2EBV+Xbffw9rIycPM4JUIPvbUNVnXsR4+Hc1URd1FkTDlvQEE3lWlPVtcbChbg/221OdKVewi4YwXFWQV45fbwsZX05FGunVBr+/G0SEGeJ25kud9YbP/C2K1i/GQeGw5ItOmThpkXr2X/OyonnFSXnYQjy6fwEBnAX2KPVTqY7T8OxgAj7UT63Niv+w68uoay/pgyuAUBKOQ3t4HmfXPaKm0bYNQNt0r8CTLIxqFxJZxJ1syTqnMXLOdowWpDpDszFHQChiFAOuBwK61dYjUC/OHFlxDkLKkKe38EuWdBCyGqHPfj7m23+h/E09u1WzwksUk9jm6DfyTAoz/MZGsbm9pSQl22qzC3og2SwUi+smgCSrcojp4q0W92onAAxe3siPAPIPpt1Gj8GRvkImHQ/rNQkgiJ4jJfN3epiJgBJ+YCGIByivV0XFLB/9UVu7Vw554/nG9BlfKJ9h0G7VPQgd5MJGvkLqJzCrPh6QyK9uOjbJLO4dWkmaL3oZr4IVbwGk3NXZ7oef7A4RFOHDDevJintMLz1ZOkaaJKWe6YoijmAC2tQNGMIoRw6YcLjcmVPJz12W+6MEPH3YOdUl3b/NnfScuTVYBSP0cFXlDwg/rphUD7oykohsLtPOWhYW/GWvAdV4iwZpzQ0yFHasYGiERPytDKmRffoILDoTOn4HGVVCQaGnm/o7pl5BU4hFQOzvUC4C4LYRwpsz7EaRp0Y3Qqt4S2Xc/k0E0W3XU+sVNSvoBgweNhDlKaefjjSSjDNza6l9fTS3XPTprrEhMU7CvDjpsC8vfd5QTiNDxC7XGJEa0FTiCr2Xyz3YM5c8jWOk1hNOcSvJ1GvZhUWw0pX/HaihI49WQqA4/4GtLfG9f5TkCsLanj0wzVLM7XntN5ol0H5R69nJ5mPLIGXsErG9A/Xai9ol9joVUIJVRwLx8iJEyGx8m1pyOENjOkudgnKFryoWsNGbQo6G+0JEvEAjUuApkYNJvqKNRKrw+GSjxRZtewo8V9rC5a6nsUOPK/U5WaF5UMxu/L4fk8jQltcBRhQpuPZboEo6KNmUzMsK3aweMrQdHnLDlOIoJiDqj9ySPv2C3aeVoKWiscQ==,iv:GS5GMpbxeweqwjUvOzqg59xBOzNZqrL5t7RjsFjpucM=,tag:j0MaMw71fnRHxeydlqAaww==,type:str] + RSA: ENC[AES256_GCM,data:pgCzxri1wLZbl5e/KeVvtHRRe0XkdB8GLp2UbQOlJ9hRvRerJ6r8VhSSDh5vfySL6ow4urXzTG5oZwOcXeZgb+DgT3ZFS+npPvbzcc8T/hU8C5tVXYdqdLJHLXAmVG2nbkuIE6z7Bu8SngBZx1jXNBBl2W4vO6GcL0naNj2IyT+1nGhwuNdn4iMMTIjZhlF81PwYRY/TzcljyST4FZc4u/55oSUNrb8Z7KmhkrmaHNPFACTXiXli/zrPKfisztRvZZLfRZ57067/fiOTdwxXyiSxsh+oKRG8JlvdLQvjZ9tMGagzAafEyWVYyrVJIRBme9Uy4HtG/uOZ39gXVE+D8sh1GWftrmvjXPO2OdD/tIa6kskfZNWWFoEOtiRcKH+fuBTe7/ezjzqJA0qZvfwduXqkfVbNcS3YRNRM3jpLwGHDEv2hnVqn4bjB5We/1KBMCtbrHtAc26M3AepeAUy+ka1xW5WO9LsZ5ck1gnFrV5bkFWDr+evBRUuiId5QuAifkDsKlqLsWAeWFpgc7DdjUrpRG0yry8PFEOZP7w7D2/AEeoGc1dMDgX95mvs+0EmA4lutmt2fF14QZJwzhH39/TLGrRmjrohqJ0kD+h8XykBt1JbOPg91dnxmEJuESPNAxhotrj8xuuklvyLKAcfWWRJ1NIvbG6rmlL+m1x+2hUVw9gVGzyGaaSLOqG/6kHwIV2v+ZvCm+n3JBle+ooSi9mxgefVvJc28hSdC5SvNN0KyDvAY32NgOqYFPrvwx4QHxdm6D5jHXOoFEAkN4duSmDwmVGUq9fL5ds4v815a2Fgn2IZB1l82mLFgy4xaBPlbjrqRnuhgpRRbKu+eSNh13lTEwbrEKJfL89cX1Q9N4Y9aK/I7nq9lfybZ+XYXfoLU+7yXZ6gmm2hw6EkwvmAg1zPnoec5hCOZxotPYByvROOK4TyBCWoF2w+5vmSatZdodLwyoNWSsqtpowWHImCH/UZZ5NkBs0pWOnLBSuP32nFN5GN+0y1EKq+4AxL3pwutpo2iMAFlXI5lu5S4fP6nreZUsYqpp9QpwQtmSbU3iMC4bMSHA4LrhLSCfa3AClVirB4xabCnDWDa8tD5j40Zy0gqk289/qbcmmNC9RpTzrI3aag/hZx4eKjb92Ma5s4E2FZL0BQVrdQ8vD0yuhIaU0qp0ahU1D0/H+HS6Gsi1mfWsfNhsSBBDW0IVC/+8zFxvWYysbVPJJj7m7JY0IwW1yKzPvPnMdkWVS8OcJoODa97V15TaXt7yAstmCVYGZS9qc6VurF5MqQM6c4PluJXPyMlZAwQojrnaCuGuljXpmot5M62MvNMdh4psfa0Y1YiCWjer8XtmYhVvzQPepD/YhsouMrCRGD5pxaXozhoS1bUVD9ReBQb9Gg2sQr8MEQ8oNB/a6fLmNwqY7IWmk9pAhBmk5ng120LS5q+3vjj/hw9+Dz6Ojp6BAVNGs1us5YW86GSSlqVmLew4p+HBiYQyhFCmi9p1WIjrNyT/oHUDYGreL2A6NEo6aePPYeVtbNEYi0UahEscGUrqu953MV+PpbanJI7WHKpHek3Nsdgwyel4V9wjgxSpLWvfwj7QqXL8Xngoyd/4FL+G9MvLc3cDYhIFAryBvqRgXrwRk3CkAijzpk/2hui0qlhmDza8KRpfo/4bwz0i4d/wRyWe3+24WY1CjPkDzclc3VZVQDiSg6KsUQvGnc6Wv1+awjE2kA18j3NR4RYBXgxEflj5Ft2BLG6rq+RakLguXDCAMQA4hcx1L+ThDCdn09c58H9Uc/GRLE5uuFRgLB5UtsQimGXuXzxsA3YIN3CijT6NJTKH9WCvQ4tZnk0Jq73rq4oynTCbZBVPgQi5SrfD1Zr0eXgmirLQZFCEV4EqNrtheZ+vqTkWf7rrvG04C6QqLIHWttdsL3ejfB6ddfwM/sou1JmmgTzEo52CCYf1otKNQwD+shx7Xcrm17vu+v57q6bOQrbeBNb/MDPm8qH4/J89NgSKHO8kzvfAm2qWxmr+90Of0cxVT5l7IdnOBCuYSHgTLIALgTmLmKvPm9l/pOjfIQZmvJ7Alo/eqKfcPw6uwoSDn/5+Pj1c9p2ub1CwRZKZlnULQLI0uyw5eQGceOsuivjO6iQjsk4iGecvlGYwZtlqidz359zCysMSuKrXS+XNGT1xy7fmnyct72HJvSeyq8bSNSAEc/iW+ia9n1GJDj4vW84v/zwi0dm1s/qKnq5M2m/pUvZembcOK/1vY0tsD2McTqIjgKPDS0UO3lgEr8vHFok5kJrU3rVV8iJeLHv3oCzKvjgR9jjqdlceRjSJarVFz1lSxenzoVq0JcH2cde2yQ3vdPusEd2LZC2tVYgqPprp/zOSbWsJPq57eiUl/UX2vOuNAV28HXVIuDqs27q2BOlUvBLCirIurjlONXpdRybN3dtevk/lIel0aRU5L5g9Mr1zhtHsoo6WI0In+RzFsD63AsBNDoufVmXgHr0G/bZLwPCdk1xCeEKv1Bq4fpappx8iEQv5GtwZBkPh8N8D0+ngbccx5N0pMcL2BM/HqeRDXR1Tw72EVEG8Bx4Twue5NBi6rtlfDnDvAj524fylSMSPgab8zq3tY9DnIci3ajnRYpIO3uDgH5cbMxqEb6gnpQNkzVUk0yJXR8nvS8qT6TbryX94howqnrID/8HQZ13ja2d8pW4Sro4+xI9WFFSx8bFSeBjhj4nzyvsyam9nJGDJnuYtNEod/CBMjkRPbBq1doske2twYLudoEObY3FXdZJ5VfiD/zGKXPHjL+pd9L8V2QFicazwE4CcIDoSaOr44VADVwh/Iu6Wr1fVZvmSRPmorlRS4DnUDXEC4dl+C2Z9JhxuL9CEoin+k6yILXsBcRrp2LrRs0U6IW2rVrrtD9MzBosjOGflVABVGhCA4q0LOWF+/5NonHaeB3E0mntFyTvuGTEN2fhnrpW86UERIXOySKTm6nN6BcgmvozgGKQ49jdzuzqVjfWGI9isL9UBNmkamrqbYmdqpoIiWycS7Aeyfh6XWMR+zEjeImqvdF8RQs7Ro9MJWj5Bm5bXs+gaLV4vzNj9/ZzzHZs/UmkBWEPtYs/5KO89Xj9lHBSVfE1c/sM6iDaGLOeO1v2MAIecOoMvIjBJ/YilYJmyywuILjxGN25jlyPVEy5DWnUOSIln6G9eyDjs3VLNsITXFH1co+M2KhDr9sQqJ5lKBitpZUsl/4KI2uiAXm7+kuQOn/27NDBZ0PdW8cwyVg2tirGJDvkmDH1umCas5/OhDEfu7+N9oW6wMpZCeR2lJwS0nTSEkk2Gis7WisgB7j9yY0evOeSecaKaq9RFxg2T3qJ9QR+ZssCXacezSZm/PTa2BByHeHJJ/P6p/f+rg+hziMkESOqx6C4BgGeEZKTAdwTyRfNmsp4bdg9XcqZAgnhtSHb24qAf7Upd/ttwS496H8HdS5bTrmSr8/JvwIKy+rs+id7CzcKYc2HEq0FSUt473Vb3s7kS2YDiqnGW7BRLIPDMApLuCDYeFfHExZhdtbX7O415herG52VffHfAoVfr+DQfipqkDUqno7+coZxthnBY1e8V4bJTcul36CO/sB2vP2/4yfzv/HSuviVVRLY58cGBVk9lSiTBQao3+N/f8a23k1wqEFy60uL4jW4X9swgFed8Q48kAUq9SSfxnKHeQrKrvo9rPHGcetrCC2GQP1u0gHD1TV4F1JGloN8MhMlBGtwBGhOIFcQvUomiTqNrDCobqOqcLUJuVL7jZ+Saw6CiH1QJrSQZ5QuCW9XHoOOgvZzdPqEGuSb6nky2OQ1EjLMQtp7SsrwYp32lkWJ9RY3OUk3LLvTM8Exxg56nDqiOopg0GaWAhf4H4MTrAlssM69epH+5SaJyUEhweg5BZP3mY9FnnkdhG7W9JeDQXu1JOhSm7Td0ForDAoznBcID3SacOCbeSAqtGRBZGxnXFN01MTmUnA7Sy+Sm1WoN+o9u28ttG372sVavQlDZvM+9qXr15hcXt/IYscnbpgw0L7DrcZ4RWb8ATtOov8zhtlwB7QvDQ1LX2g2+5Ag2QcuQJmAYH731XnctUsrCmPKfCVh3CzdNS7DH90bli3cC4t+fpAuAXVNh5wPrCEb9Xco/WUKYe6XNS0Z/xi7PbGBH0s6ThYNzCFbwH4e4CDwD8uP7UA6iL+Uuts5Cz5Fcm7WMqPDFYFAdcA38fOWpXqVRYo6Dan8x/RNAPVNko6MnwXeq061jz7XTk6zEpNymxgjNPJRgcvhItfDHtrGpUqSIJxkQv0g3wppXnWlNX6zGIelUJmLkWuJUJfbznXTdkCr+oF5vwuauwO8iCx/h+7AZBD61w47BmRQLLdDP5I2ptdbrIN4ygouDUVE6bwiw2nhBZuR9ufzcO+WyWNHt5h/N5IuErH/5QcfJOBVRcJYuyFgEWrFax7fiwMCzgKhxN0x1WHa7F8gxGNTIGG9QVNf/6tpYVCAao4pQGErxKVqfVQ1374zbsFSy5PF0oyW5ueEQOVJ82RBjwYtLjX2gXY56nfdLy+D22S3XEHeHLLLg16Vtkf4Twmvzkxjc/YfN2vxu8d5tFbHnyanicj3SBgiiZLvg5iDwjtfONFQ6oX0vfoJ7B5xBsnxiLptx+HPN2onwsF/e7pCl0cTRTLO8Jt7Z8Ob0FYcmd31R2d8paemcIRzfgsqS2JWtJBckAqeQit+Gn+U82aKGew+1FVjlGUrwTO6Q6ztXh75B71V3urA65MaLRX5/7t3nGE8FKip+KfG+yTCHu0F411obb8TME+YwBfz8M4kDUBVtmFUrXEEF9aYD/atxxF02yB/ABPybB6Zcyo5r/U6P0G6jVUGXn3hgQkl1OzkQt06aH/J/LwMN271gc8whsV3pfZC3YfQ3212BAviAshfPyNtHPkShpu6fx5iVDoaL5LHS/A1K7kQ5yya4ECCndpTpF1rYamNVw9a5m64Tma3AGFORy6ZQfaHcV2w0RUs3P3ZXGPcuE2VKeTLLGG43W/FbqGAvxjax2j3qGtZ99Ox85ZAVu5O6PvZSvGSpUW6ebGTCsAgSz5h8V8TfWpaQtR0RrjuzGWoWiW5R2VqfmmIQcn34+t2GgfkZB5QH/o7S5z86UL05dLzdyXXyxIn5sWi0Q1B3yAjFCOVstaAr92fGfx+JHOrMFFKu+bLBpez8lE6f+h4HHzTDVnIB1Zb7d3wNwLVk7PmFy6NeByj0kmjY3Ts5pWctWAAQkI+nOtuM4o101AwCMdMfj3M/mr1J7OWy3Rxgaj58IknfPJpeoMhgkvu66WrkgS3XZE6e/n55sPkGHSDMcHTm2364+oJOSMzDUAJgGjDt9Jvalo1wruDA5pPF4F6y/F/8njO8qkoXnuWRG5BpzO66LwDTDOcUCCFzym6eRBnLo9sGbGZxlvRRSHwIRMa80tcqZqbAuVeW+2/PiSMN7zhzLTNdzhaC4cIOuilcdat1+//+qI3OWC5y9sti3qGuHO1U8rhSOw8Laac7JgOGCo3FkekHe8PaFF8jSDliQnodO8rGCY36xHTQkUsQjb+5ginp/dBIAUIR3QxXsMaxP/yBLpRbvFhD3DeOJRQXWdLijTcxAxLhTIPav2WC1mwyve+Jd0djTajSBgSzPzHW5ajUBaol+dVJeCD9HqiOrUMEmcMQFZZcA+RCJdIOvkKlt/sAnhQ4RuwPmzck2RMXCQfiYn0pqpJDXmF7xWgvGDBtQKP7xLE1Hj5No2q85KjLsWu8xK99Y+j2ixfBsgdc53CR4rNplnPsFzBHOucqd+Ve0/gqZgF81RbGFV1T9Wn1XFrE0e7+EkNejKj7deRmy31PnVLcBp2NwtIkhrJ06J8hmGquwUm,iv:NJkjWL5kMHET68oR5Xp22kvkThXIp7WxRVajmTfsB5M=,tag:NSXeRItMKlOQYP4QtzMKIg==,type:str] +eduroam: + client-cert: ENC[AES256_GCM,data:jmBj+tJrhyv8X85Esv7lw0JdENXh047KD9N5UIpjcor94gCNgeCFFcTdFSLF5G1muw7v3vzdVZKyZYSoqx2WwWaupgGslXI32INiW/G6Q98fZnco68Nqi7VM5ZSIFc2svt3nVylPJP2+05kiH5W01/zUZR0gAw/f007baN+WfBkkOqefObN71yN4eS7U04+PXpsQcFmaL+MkZQQHaeNls1BdQglKSps3PbcHVYksH9OY5I0wXYRtdI+hnDHOp/JyzXsq9sEZGi4g4f2uiyZUp8IEXgoBfYkD/wt+XQ0DAFUELj3lCaNVACmtqBkJifEnJenP93J5zenx2L85ZL/0qCdxwYL7oIowsa4DxT9Hu8AUNRSptsGR1X5zqvB8CBa6nERMPgCLGo/zEYz5TIIVcH9gtvUdh2Q1Kx7y2CiBn9ZU5blKCL7qtwWhF7nPwvm7dE79wr69mfCM1X0ipajWzr65/x7gzrMQCd30HB4CbsOlVELgGhmz/JT2rf5DwPFp+GKqC8libyJJnezJnqcxqDJGw1PBxdqGaa/y3rbYVXC5Fa0XfyNMgsm7Ce6ACZuLPVQxIWRASFoMgiJaMMwr91SU38fYK/lRWOA7VEL34HX9B0rrb4Ubzgts/AKDkRAHdqRCB4YIr8QodWB3GbOWCS3/e4lCgw+poQm6yY24uy90Mn3Z8i6p/7Wao5CnAKqSxyfflQk5Lq5yfQ/dpB84T2TvcvAhPFr/n/AsNyVqvW8RxWwku00jvQCv635k7Heqlr481p33yHZvIsNkHGfCD39HzbXdASiHzC6+ApTjs1bcCp8omL5B5QcuTNkYhFxbnCrSYToAzU+AKBBDFCgNOhio2O6dkJaBkx2LEE+7CcVlhJn1NU7/OxoJfpi0PZXrlxvzNMfOkoJxn/567+9RhhALxJVRx8rwNayiKU7t1frxtPNo+86YRF7WbIE6Iwlt9ZEpcFPzo+kSKkjqpo7VhmuUoWfQUAFhx3KkOkEPLw4Sa+jaO9UhcVUnsVEzWNLow7K2FYhIcBmom+cm9Qu6igLYtVFxUXy5iKhYdQBZHJrFKVHJmS4Sm42ffvGDj+lrLNUGCxtXBJ9q1R/P0ml1AAz/IK6P3VTMejuPU/+C84yNKbIgPPZoT1uG+YpX9CVjldf6TN3esGJFYTzGVh861804j0YYqZRlxbws/6+lJ9+ZLejfw+V+RiAkjGm17BDxD7bBfiJ++Dn4wzOOhJ6Z5s9V3d/AhLxuIShQ8Q89DnwgwtuBLQfmPChGVzo8Gh1BSvhreCNt8CJNRhjMDUcqyN3y9TWrakxTDWWpdUAz+MKDVab2S4wojvC0sGAzdiZ7ypFzsCjXbwCVDGeUZ7wvilIuuY10O27vaB5avYXJxKqdEyKGCCkKc7M/1jZxcdW3GvYuYU0DZtQRvO8Z4vHpDho4B+hwG1NEm9zIakfNMw2ZNSuC3IBRyhk3zye10gO77t7Ibi8fHyg35RRJ7/PYKLOOmZRBl4Cpd7yH02wpwVcJTkFwZhJnTYbRll66j1zRPJMOdwz1OOinsrVYW68VF6/jUGzXZXmWMjCRpBIcp4YcD5HAVTIMavtDfLtcUXW/+2jwjZqkY4jQ30qb0RwuUJqQdZvz48jXJB980Nz7/xnrTXbFcvwMFiIpC2hEwgMISAwS7MkiMjVHNQt0EBYvcsZ1DyB3c5PEnjUOoHTUjdar+0G+1wbftq+jQlCwL4nytp9HqCxg52YCyLWyKJS+kCy7THJR95jfeOtC8xKr/QAl2+rv383uS/e/1mNQA8Up7CdQwLs0SFZ9tOQy/xoQpw/5agTV3CXVKk8T8sQhBYnsERbkPCedPLLpoNbkfHgcejpOTIUeCr1d+gDuT6Uqw6uXXgKwwxMPM/ovkHj6Va2Q7jvTjSrV1FlDEVVxg+ow3Dn4Np5rf7CXN/oXe5txKg8mllbdOE7CtXW78w+T8yh9KQW+dq8svwKmknmL7AWdiVhPd8RJ8S8ShRbhibH1AUnjjl4ncTx0BYx/G/nes095zHCgIQffOepjl3rxGXar/JPJHWysX7I1z/6EKbIi6j/9REkR2aJ1FSqUBVabCVwB+qdMG/i/9qLU5O0Lc5P7JWU9JUShAMrJ52am1nlqpn0Oaa6TRPAjac946aBuV95U+/UNYzsz+ob2BLt1Tpo5vJbKhrkHm8O7suUR5xem0MpHMeOiZbyBlsgppIG0wNdAlpSQLwkuFcT8jQ1GNAPscvmrNym3ecWSS+HfKosnCqnMWdL5dzByDzzGS5ZFwna/1I0ytr71XE5sWbj68iJRLwRL4eYCvEWDQhSgYxRjp3b+XO8li1Wou/YuOZ+tY7t2rWeSMnIqRoJFDRmqyZM10UBSwXY2TbzdGBBJ9BP4B5s5jfyW+igrSCpgWX7KuuZnv9sXdE9uHKFQK2KmpJRrsyfYOSMYmZ26LDcyZLlnsXFJzh2Wn9OdMs/a+g4+t9ncIOCNQ7e2B9nDR5tVhQvjpng=,iv:OzC+2Ghg3tso297TLDLKGaUf/KzXQ/ks/qkD114WhUU=,tag:uGYDmPG/z8dkpKKAmr+f6g==,type:str] + client-key: ENC[AES256_GCM,data:SVOx/EueqUGo2b4/NywnYt8clWWSeLCcO/WZn49eTX9jxpcOw0PM9kj11bg3W+dQvJ+KCewbRotkrtpshI+F+iIm1KCNMYN0lWAmgjR5tqqfqsCgaXCQrjGGHtNcNYAu4wPXja7xXnPbS347p6PXSiOMUlQuk0cFo/rTcpGnGNSV+VPDNLxV5Yx1cVy6qX+9/BcXvDkXPrx43Ug1BBYOmWLTvlk32nQVpTjjD97Tl1EDIbrXDDJ4xsS/zvly3z6ylPZyeoQuMKFXo97ajVGhJGOROhqG9R3shgd/KzHrr5mbKA/MrlU5vAQL0PUQwUxbKoCzybDi65Pd6gQiHyJYCM1GvWnxdku9vptNVXeMHQCfyyVWxn2SxXMjG/CNyqSKSflQiylStIUKjxIPE0zMEC+41sxGcRuNe1L6BxyzOPAe95GzaZYbENU2jg0Gg7cdSPjOGI9/I+3GoObud5/8w8+Ezq1FFfYd1uwXz2ER6A3dzbHTuJn4lYZl8ctLJD9dL6vO4AueOZv6we52//RpTOD1k6Zt1lgXBLFrEykfV2gW21iHFk+giZ3dxn81zsEgZmLLm4SRlvdH0JROl2cAmCf9bgYKNd59rL2DE7sAEyHeCLKjqX4hClAGKYSQ+FOWdL2L/QmW0cpdkLSZ7yuf9ZlEQhg77Nmxqtmrz69itoWftf0GtaZg/AtInf35gS83lxkcbbOe4p+2Mme/TYo8Inj3/2hz3OOQQpL/Zavpmer4Zwy4h5SOudPAkSeC692Q997+ERNQSfTnT8acSOJY5aNU3ELWo9JiXJbJEDdONOiROsmyv7VPk4tkGuOdfuYAZNLXsohwKlFcgddFbaCVJL2e1Qho4dIY0c6c3oPg7FO5EMlmq8rKrf9YqfIvfB0p98AE8heIbcHXJj9b+cLtff551HsTpD+PMIyDXr3MbEpnK8XDtdVy0mr6F3EBwDrPUxtgeuhuXKSgrT6vgPmSXblN71OVGftiF3x9UvQ3xHG0AKE5Nbsv5S6czOixeiqG9YdKEWo/GL/cu4Cv3mRI2XFJ7qMnWwvvG6sXzcp+XG4eBIHX2epjCNZ1TVxRWH8U2a8nczQeERT//onahHLsD0/qfuulgi8whQHTd1FcPq3+nV/u4L3oIvN/kepIgUaT6NGhAiTUuwYfBDRUyFk/SSN+A5SmoqaXtQ0D2hVs/LhY++lC2O95WUo40pJxdYWJDRBDVzA9e2FHfWlpElWXtTJG4P51/XT2cLZr355xBB/0nPG5fEcQT352HkXjbXaG8UfON5b8EJsxDBomRU9h0RfLmo6Sj2KR79DIUiMskNUbqC/pQxku5Cgk6xjy7B/sIL7ek0dKfifOTH6Rm/J22qRao00lJNEUnsoTfp6lWRpOhAL8hNa26TioXwLEJm4y7nuEjBbn2MmcnoOPa/KO3Ps8iFvhTG02IAgy8++gfRBX4YSd6ifQLAvNALzLbaS9QlezBOJX9ut9ZQqhOmLcoWEnNN2RcrJ2ior2oz/Vy4a1petQfTIAVSO7dPdHXxDH/RefaxbCHVWIpisv+5kATS3xyYfXXPZLRJbrEhsvxUQUFQ1TfwaRbuW2240V6rvBN1I8QN7HFHrTLjju1wD9NpxXPKXlb4Ua/BR3Eg0XezooSYOs/B37+72Cn4ui972mkbnbePtnifzuUJVgIzKnHdHFwfClHmt9SVKxdO9icxQiURdY+kCzV5uznvxHTf0f2XCy+Yze5GTjBlf4OMnrQuoBk9mfofln94ruEo4NvtIUVlXjxu77j4LYcl9ZegiwM+/Y5XH2SHuaq7KfJH1ayJgnkNvZ+/zUE0uTOJIGH9uv/LS9OTvD6HModlMgq5Sk77XmLu0BJpV68MVJ7DK12W/CWHILU/8hUKohpLpWmp0KPJd9XYzOwbF4kNagKurKXVF7Pp89ooLsoG2nACYC0ZAohGws9sVny8XFmxEcOPqmO1jj5j+Blizei82AuWu2/lQV7mNRTKJGN1AebdvvY3OUn2Ir2D5d48+j7pDC59I7Jk3p5ghGWSZI1l1EFyR/bLyqRTdvJjdwNZxVSC5WvP3HIlMXyyqyfnaBTHmkcX5VBur0ye91iRhNwXmpi5aMZeQhzRYKpiq4cBX5zEkSIfnqGTaqHknHidGXaDaOuOnf/iWHqJ2mEENGZ1u3lT7zhDbDmbjVyrrCQ3ybBs6G2hcPbTR7CRQ+F3qUR2l1SvCx/ksMJPTwUJyFit8yhxFIPPukuL4bFcHgW9i7W4Sp+kCZF1vPJExUrG6UpYJ7Vsm9rSiWA8BqSKBCPFx6nweD/cf6CjVi4v+DM13Q55IL7C+k0rqp4Opt27AqCmxAxjCe+ZR1AFq1LDd0RG2+oYdJ365Nll3xnlZiF+i5Su3rDqbOlsm1S/6cmI+Wu4hPZrm0dP1s1uIuIYcIFkxPyB+jv/VG8OPt11ojujrlLTfscssruA8f/bdZBqhPnMuQojALySLp7hnT1eN1ei0ECXFPrY0=,iv:elOnzTpyIwv49ErwOZRINMSXryBwiwP8Kus83+tAzks=,tag:QN3WdC+TUB01X2p76+ng3w==,type:str] + root-ca: ENC[AES256_GCM,data:FZrNXRgqHVkPcH1QYc+UGRANki2syD4mSvdx3LN5A3aSoQe2x8NxaNv9t6FB9DRTtwY9jM4i4uIWS/0n2j67LrdB/4ftpX1o2CoTQ6K72XzwU4wUlkqIIJSoaB11olJL0yRjTRHihjjswJoEGVfEpnMqYSEplj7cuMHlLJTJq6vNJDJRD769aVK7eFHmbhfZxj58g5kCSrknGcBfJkFH1nR9ONhib/C7CzcJz2vU46XmhHuVOpKojHQzLn9RF8FN61QxinrXmI+tZmmccc63y1HiqOMWj0SuXlpXcNY0/RHS7Zl1oajNTlJ73NC8Nc6yuvvlTgaCM+DrecumHhlK82rmwihWyEmrWJq1Xi+Pw1wjxp+2dW3+w1shqf+rqDUCSwNWHmnVdJOkwCY5e3QX69YHFeS5Aq3rckjNPyN9Nyyhq9bXweMLd74GohMHORVvvklgqn1k0pmLS27+MAUIpiRMjNSqTzqYfBICoYQaIqMV1Y1XfskmWtcpv8B26vrZxTZCl9SEQzuKO19zaJelYd86C9+q3YbB1w682qOw/4frM8Y6ohjfDjquELeqRLVZNPs0RAA4eCqWsEUGgjisT4MaepOSxSug6nhxVX4a7skqiarV9WWaiSIrvSP7O/NKcZgyVYqsj3818Ut7ZmzobUapdiwpojdxYeaofMWDcq+OLVAGBGktq1HoVNO5z+KEbBjhpPzyNvtfHvCsd7GetQ3Nk4pkj6ENL8MA4m7gZvwdZG/u+3rAqhMVxBLGzPl686Mbln7MVhpEos9LNmHOFdEk4d1sdXHzxcgsjUmvFoc0RlcD/wkO2ImvZJZN/hXnEC8hWiUen0bXECVzZql+OXF79ZekmES8XqjddhQ47/8OxgszAPPMtNL1NgK5nQDS31LH9/Q7jDGjdRj4TDSQmHyQuhVTGBC9BBlO4rRvwbndfO5Vv8fo7oRn2kJMKtEoB0PkVKFBReDW4XSkgibWfy4wqpUNoQ8kHkINZM79qdx6zaAQ+6KOawVObd3+WgC0IUKYxNxQCvJOdYyCuGgDgH2iPJIaR2GaUNwFHEwBtGbD/nPelM7Je3xhqfTPUPAsoUWM3sQGo/1Li272RhR/2qZtHIVpyKkJcHa/bcuvByOB8W0V/TlP6FFMPXRk+X/blpDrZiRW/5yTgfDVL+orGQd1LVJojRORPtvNwMJAqN9ZsTO3/bdcUd1bKn5X+wSbepH7pqH9hPcsTHIO7O3T3Bs5YMFUT6zpeu/SDi8vf/KjQwH3sa45PHxQSr8r68onYrsHJl8l65e7RifzsPhSbc1nvHv42b7S8874EuBWjTrQcibM1prxJONg+yJQy7adf4cV5GHZozirMulSxEPAOZ5WqyYgrOkwyVSupT9xhGphT4FYYya0OkNLIl1XmHyb36/qP68fVVHQ37CQpXTqqzvSoWkjFQXb9XF+3erKLQPYNa5wK9RFtffbMrZsDLufR/FXaRPQ/nxN50yxLnjKkGMqM3t10fbztocXIE9Xc+W7qqIwvjstWt8n2p5QjyditH9kFka50HH99G2xO+5jeiY30ffqg69glWrfkys2TT29vIbVd9ljbA4zZwYZ5KyZZSZN47EOBtOe7CCaPJws0zyq+z1JQCYiupKDqRBKv6IJSRY4g+5GS1o7srYng0Llx7XqhGoWXyScP4LElF5sFGvouV8KV/P0P133mxLaAjmHmBxno/16Q+lbIQ0ytgph8OUfLK/lybLCasH07AnPPwAnNfULTKIs5aBS9hOGz//HyNFuoKaOzMPoFxwToIdF7+EvaY0dnsUrvCvxq4lGLwkGfO4ptt6y2FfTUzoKDAZFfd76EVLSQq1gTZ+lXxXK+sYgRT5gZ/EPcZE8sjgINKsOcj1AqcVZm2KvdSS1HE6fUQVm87cgVtEHOT7B5zMnJrFFrdRMSAbxUx4KBv4AzLUEhMyxfKLQm5NH5srvxPsKqhKl71Hestd8cWvJV+SmnU98m18A9Ck1MnjcSsQshuGHPWQGx0s/tkkeScIm/t7D4tbfKWdvN44KTnpeJCAmxO/vI5BOzTerYta0ViiV/bR2a5JtGVLC9yP3Zurk4lfcXNAMYKqf/CjBXRfNUNXVw+k/LdxKLYQCt8F+HBTpqGDdsO8RGofvfFJqM0PQcwf4GbbXFWBq5BsstonXAl/vsnAdcPcKr9KuArr6BHdRvY0HMlpSPMmGeEW94gA7Hg9IFJLTZrwOekg54xAe5KfNfkJZGb6oBU9f8D98zhw0KciHO993gNXeONuQMxVB/n33polT4vBjYOu9FuQQeJ6de94rnObIgpiKhaOCht2HF7s9kdOSN3/h6PfRJ8xI2e/9tolP6g==,iv:8UyU8fVq8YaSsurOOgsKGIAelaxWR7+AITwwf7ts4qk=,tag:K/zGiCthB6Vyh0ijRDxM6w==,type:str] +hsmw-vpn-secret: ENC[AES256_GCM,data:3bKxRGTQcbhRjzARSpYBW5ekQW/U/ixzNiFmO36gw0NKyDMLlbVbJBqXvi71M0GXgmo/FA==,iv:7bVDA8u9apDNXFY/vEMbz/0HywG5Pyrl5JfZrcNCr8w=,tag:xz4j7cEc5hvLwrItWjkx0Q==,type:str] sops: kms: [] gcp_kms: [] @@ -63,8 +71,8 @@ sops: SHJLR3lvdlFiRmJuU25RUHFFTmpjamMKbzycdDvQBAuOiRROTZEQSnaXoPapz73L yVS9EUP25FSx/sGqRqaCefbeaybuM1aso6LDnlomv4Bib7zjugWKSw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-13T23:01:06Z" - mac: ENC[AES256_GCM,data:K/ToZO4sX5l3lWpzB9AIfhQxag/eBF8B2vX9Yfa9ROWYxj+H2YfJQyA2GKCfkXv+h2H6wpKeHW2yiZAED5BKKjPkFG85u4yukWorlB1ozkzQTh7iRDGMVBs5Gj3Xe8GMYKMO/RzAmD6IYAC6kfrigqTIGNi+5p6I+WUf3E05CR0=,iv:bftIZe3R43V+MtpIygG6bHJdn1sFzAH3o1cpdESSvng=,tag:zMOwbk47LLMSfMCyEXAEkw==,type:str] + lastmodified: "2024-07-19T15:08:08Z" + mac: ENC[AES256_GCM,data:qO+vasrxM/YxktZ4pXx6qcpWoXAtM+3BNVkNcXyYWofz6l0dO7fpMpIlDW0d/uFt83aXffqrlRLMZuy0rCGyKuD4FOa1hI9Myx1+AqGsTcUPHn2av939z/VKrc+CcZuzcuWO5uTBlHyTQRpZlvGdnPd1/JZPS3xPm+k232yER00=,iv:v45UbeFQm3z4vPoeF1wqrTdJtDLeOmjTkBpYciT7bAY=,tag:Kordeec4ul1eUmSCO/P2YQ==,type:str] pgp: - created_at: "2024-06-09T19:44:41Z" enc: |- diff --git a/system-modules/hsmw.nix b/system-modules/hsmw.nix index 5cfca01..629a1f3 100755 --- a/system-modules/hsmw.nix +++ b/system-modules/hsmw.nix @@ -1,24 +1,31 @@ { pkgs, lib, host, secrets, ... }: lib.mkIf (host != "NxACE") { - environment.systemPackages = [ - pkgs.strongswanNM + environment.systemPackages = with pkgs; [ + strongswanNM ]; environment.etc = { - # Easyroam - "ssl/certs/easyroam_client_cert.pem".source = ../secrets/easyroam-hsmw/easyroam_client_cert.pem; - "ssl/certs/easyroam_root_ca.pem".source = ../secrets/easyroam-hsmw/easyroam_root_ca.pem; - "ssl/certs/easyroam_client_key.pem".source = ../secrets/easyroam-hsmw/easyroam_client_key.pem; - "NetworkManager/system-connections/eduroam.nmconnection" = { - text = secrets.easyroamHSMW.nmconfig; - mode = "0600"; - }; + # # Easyroam + # "ssl/certs/easyroam_client_cert.pem".source = ../secrets/easyroam-hsmw/easyroam_client_cert.pem; + # "ssl/certs/easyroam_root_ca.pem".source = ../secrets/easyroam-hsmw/easyroam_root_ca.pem; + # "ssl/certs/easyroam_client_key.pem".source = ../secrets/easyroam-hsmw/easyroam_client_key.pem; + # "NetworkManager/system-connections/eduroam.nmconnection" = { + # text = secrets.easyroamHSMW.nmconfig; + # mode = "0600"; + # }; - "ipsec.d/hsmw.secrets".text = ''${secrets.email.hsmw.mail} : EAP "${secrets.email.hsmw.password}"''; - "ipsec.d/USERTrust-ECC.pem".source = ../secrets/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem; - "ipsec.d/USERTrust-RSA.pem".source = ../secrets/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem; + # "ipsec.d/hsmw.secrets".text = ''${secrets.email.hsmw.un}@hs-mittweida.de : EAP "megasecret"''; + # "ipsec.d/USERTrust-ECC.pem".source = ../secrets/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem; + # "ipsec.d/USERTrust-RSA.pem".source = ../secrets/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem; + }; + + + sops.secrets = { + "USERTrust/ECC" = { path = "/etc/ipsec.d/USERTrust-ECC.pem"; }; + "USERTrust/RSA" = { path = "/etc/ipsec.d/USERTrust-RSA.pem"; }; + "hsmw-vpn-secret" = { path = "/etc/ipsec.d/hsmw.secret"; mode = "600"; }; }; networking.networkmanager.enableStrongSwan = true; @@ -35,7 +42,7 @@ lib.mkIf (host != "NxACE") left = "%defaultroute"; leftid = "%any"; leftauth = "eap"; - eap_identity = secrets.email.hsmw.mail; + eap_identity = "${secrets.email.hsmw.un}@hs-mittweida.de"; leftsourceip = "%config"; leftdns = "%config4"; leftfirewall = "no"; @@ -73,7 +80,7 @@ lib.mkIf (host != "NxACE") "openssl" "resolve" ]; - secrets = [ "/etc/ipsec.d/hsmw.secrets" ]; + secrets = [ "/etc/ipsec.d/hsmw.secret" ]; ca = { hsmw = { auto = "add"; diff --git a/system-modules/ollama.nix b/system-modules/ollama.nix index 1635b0b..c95a50a 100755 --- a/system-modules/ollama.nix +++ b/system-modules/ollama.nix @@ -1,7 +1,7 @@ -{ pkgs, lib, host, nvidia, ... }: +{ pkgs, pkgs-unstable, lib, host, nvidia, ... }: { - environment.systemPackages = with pkgs; [ + environment.systemPackages = with pkgs-unstable; [ ollama ]; @@ -41,6 +41,7 @@ # ''; # }; services.ollama = { + # package = pkgs-unstable.ollama; enable = true; acceleration = lib.mkIf nvidia.enable "cuda"; listenAddress = if host == "NxACE" then "0.0.0.0:11434" else "127.0.0.1:11434"; From d29a12094a6acf94ad375a7a7471651fe8000019 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Tue, 23 Jul 2024 14:08:05 +0200 Subject: [PATCH 05/14] chtterino new token --- git-crypt/secrets.nix | Bin 2881 -> 2881 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/git-crypt/secrets.nix b/git-crypt/secrets.nix index 4fc966f14ca7ea58d485238478cea02a86896828..0e57039d1d8d3016dc044a9b9144cd4127853d87 100755 GIT binary patch literal 2881 zcmZQ@_Y83kiVO&0csKQi6O##}Oz!sVU=}6CuRnG>+SiLzZuUA6@=5W#L4)2Z?P*mP zbH&f!P`(Iy zBTYWP0QsPaCvJZguI|WdiDD93q~V;r_SV$@lRPpmtUs^)iTT+D|EhQL-ScZ(uRo6Z zpAhtLQKHI=uV*#4R`0#5UCNpJqaZd(a?Pfx3!T2NeYiY!Q~B;pt17D(PAN9`$|O7X z{{Qx7)ua!1TkO^6?>(}p_;u{*$a9H{t@3XC$x}J^Lf5Hd;`B3rH4^F<^n~2J_Iq)d z^doj>C!MEN>yD=WsnEGDZhAIfq;DUW=DZoQ>vS9PxRav0Ul?Q_zM3e*R#B;Z$quC@m!lY+(Sk4?cRyDGk`UW)Q~^(88D=DcM+ zC7o=16UsJ3d^3y^Ik3qruk+=v_l*tvoDVFlGj+YGVp;Y#o_oFH67m8WzIqh!m zBD}Bvv~c&Ta6jcKm-?@te)>N%`OkdggGM^KAq8{1qpNNUZnaoYAH8Bjg7~X|+iEMH zO?)czk@sw$e5PwpS^J*Q$%Q_1c(Psc9^O*j#OkrIPW8un?u|?vx;B25dv|$8k6e?= z{!jnP_IRye;q2b?<&}#Q!}aq~`EhT{wq)E+nc6`ySO^<3mw{W@pK%UY-AuSI5ua>xnFq`d7DvfvI)v+yj#w4<_^|lubKSt&+sSoi#r$Xa67b*|87q z*DqHv7hzUhIoaa$<@vL3WryhSq|D#`HT0IB?9Xb}h!gI+U)Ww*YAl$4`&^>=&jf~; z{oQSgf_zgrKlhu3y;`1-=51nHb})}i?Zclnn|Tz|=H8ykB6~+UIr(7IznK@$7HoU! zJ>jhiucZ9u>b$~Pre>T`X|1Xol8a@0*6u&}=}1Sc!v2q$hSv}J=3dgh>$Y{JAL~s; zPa}pupLM79PgQpo)GauDWd6-3d)1VehlW-kG!twJ<|$as&{Jm@aPW;s>D`Rz(@D-c zMMgU9+uFW%ZO)#4PUujw{1>rK;kunqj}>jad+E@=)n0#YhTB^%&p6;LHPPAd>ZRAW z6V*R?mjs6Wo_+slSiRvB6V<fH!f?*}m2s6qR>h6J%o~|kzxM1+y|V2^ovMtZPzI05y{c^AJGS5{uwMzfyY09j=EXi^+XU3;{6&0Ea>$30Hb*xyfoZrKH?Q!fJ z%YU1)i`wp{-+6mG{KMUhX}udaYo)x{>scbXLc5QjzjfE7#+U;hF--+-D|Q7`JhgaT z5ns1w8FxS!|4Z?9t}i!NoH2QQWg)+6YJ8s5rK;x|qOTkb0&4dx@A$mRHRJeG?x5Gf zXU>{53dI;Llh{>zZqN4+~vTUq;bFF{gSJ*!oS^AKjrz8d&Y!Uv%YL~K6X_rs7T&-O49DaWxuRr z?#0b%Soc0i6+m#Hw1$=(0)Y98&7jo~VDV@S7C--rUwM;noG( z=2=o}r`-Ki{X%bb;iIH&Ys{GcR(sTVPTAgM6;?3YLMCtLQT1c9vo=5a^LD3QT=e`~ zKHEd5J`;c6KS@oFzw+19eP8*HpX}gSVZ!v#DqMNt!!0Js3%9g0x&_&t%>3i`vZ8yF z$-N7~%U7y@XLK<;WfmRCI{VR`*AmTdQ=?C*$=+g5)?8Ej`u6Uya~X3rC?T|iO>FRr1 z*CliRH;`KBYC8AQe{uOa+^M&^L;lO0V)L4--|6usXGX;=_9)+H8`jJFCoa4$a^lR3 zXQc&o7JV7Bu5uiK}kFXY@<@i5|I_&nF^G9=GsX;VUsb=_-f|&iOp-lxz^7A!rOdwKZ`RS z&0T)Kw&1dGz;@f7V}T_vz2fd|k7Jzn`&gUl@vyJjJgm)=!zHcsAGt8;e16*RcGL6r zRj1U6VL$IF?I~Q@et54)rJllT%au{Wj}mTYcu3gW%(s!OUV2-{)U}-7aj~nR+vN$4 zlJ-n@dJb++ny^VwO}0g&ckaw4_w$VMPqwynHaxjJN&m;ncUu4a9jxzVvwL?c#qZt4 z-nOz{blTyv6!x~txdJ~NChkkjToil#>)q;tv-ghJZJK*b=l%{Q-05Io*D4Q{wu=u>CuaUsc3|Bl~9S*%^u*ntkc$wZ-p^ zcV07iknnUD|Gu9#U4QsF6;|`8KmWVt+>F)#>KxVHOIrOrcaO)_)_Ilcy8Zh@c1nDn z8S1vIg426mYWpSQqw-!gyHbu9tX@=}@r&{HLHRD%yWx^gUvI2D)Eu98)93K@k9T#Q z3RfPiWP5q^#MkB9_{Cgn>~7>8^(g)EM5OUrbMKke{xO?hitZ6P9%?-I^o`S#(`uk__8@q+rH`L?1UYcmrv23_5;4-<(gpUU>WKwsj@Pn6Llt35?r!=U!;S>_=_? zCP;lZteRW=S&4b&-*R?*RxsYQXp4HNP4V4BT#EaxpM>oFX1C}bOZK;CF9k*S zT;QCPV6|`|pIE$w)~&`BJZ2BKpWMCY$IGNM`QY~H!8cD` eJ;0~nG38J4<2|-4PRT|MXLWViTE&=z z-=E=)St>%5m|d&L4!oKHl1Ja}Q^41)H^mL=S`hn_iW5a^Ehk-}GkrYVPvR zi?6ryR-O9pdvEK~OZ9(#o;6pW$@TgD4BeFiJN-0O^X7Bhx8BGbAijV>zi{H!`|R_} z4VN)#>ur2oQuJ%fUAFd=rObVztNTstThDB&ecXCCpItR{ZjgZ zP@5V(nd5WcI*+Yk>d#9G4w+Qe1cX{#>6&!c&+6B&zsuuXbx-Zuuxj^%L-W*T-?x@( z4RD{bU-jIHDc}(>3__f2l^Hi$-=ag-p2Ny*7l(YIT zxYu`PtbHl$2bM)#)+iGFHWCN#U?q(nvW*Zqb4v2Goo zmvTt@tEnE*%>LxD?OM>B55I-Qet8|yX1M_};O#XezHf+=D{*~)xzXXDKVNpFG^pw^?Tn5rl|3`r^!7#b`!+v)MJ_tV*gaQ1_tA#WGKAA2_^HlE z9j(XqS&vVvy$f$WGTnbs_nvzlALCB!%ef(;7vg@VK5Q=Ek|^0tcV12?%(gEQvi#e> z$VI5%dA9iD9PfUy$!_14-H@0N;Te2%7H_un{#ng-F>|l48bB`nMo&>isN(QxQuS)D={06!^zI z`;vTg*5pi&48NZq?|Q^my-bMsvHdRp_K;o1d=pG9PS2d39oPG0MZw)^n~xm$_?X0<(nfr{w1E@z_+NPNa}6uFINtqPhXd7 zbU)vH{>4rmkvXSwx0RTiOnbCl?aEn)rFBpJc$T=P&2EW2^?13QSw#BA_QFGl*4%rj zcs$D8;r4>3e3?Bb&#q*jDHpX-X3DDGjN-LV=1nx!+_SGId|`6!#0`69SMyb`FWMw? z_T^1W=H1FMxvL8G-kWS?oT>NyUdZ|+K0e76cTQG*e*1Qj#wwX5@0W)^*lBr?HEm1e z+ZKas8$+IcGj0DQGNmoByHxVghR>&DY-aE6n0@y2>bwXhrE_=YK8{>$9N-_o_$#`f z<$uGp)&`SFpDR1XW_}N_h&S2kRd6WqodVO)uIg$=I^-@QQs` zQ^J1-9Qt(q`NiaWmp-d)sVv?e=g@iS*^SNDjpxfH2zBdp>|AbsLM+=!Px5Nl6en&@ ziEDfnA5K)x)vi~JxVhLqCdz90q0YnCj^F#I{bKc-Bjr<)F3V*%h*>$$P0DB}o+dwG z9n+;Aj{Ka8E`8CRAzSXoy8LF))yefR{r7ky3-2<;6C9mSJYUal=FL(NWiN|hn%2eI z{@$zKnd2hIG8PXb_jP|}g+FU0r5wmA)_hN$uT4 zMc0$FZ!Y?M?E(MIru8e%%}QQ+YIgkLxog(OEj`HpliOdjXIq1K|K+*9a~l|(4NVqV zzH|90c#z5M+84R9!kSs9*YFf1d3Q7y)Ew45QEzQs z0n0P_H%lKsX5{eN*yvRxXQuk-jeXI?vTJvlC4LK>W!bwia`EHEr;<-pduIPnSb5&6 z(QHYpM-Z>yK|}Z7q1WHe>P}nWYF9N#Xr+Al!!4oF)@S04oEE-Fy!Ljd;Iti5T+?R0 zGy1#vwHwQg84f=qbt1Th%};UMyR}ezP4L^s*Rgj$#Tp*qpRQQIu(2;_`*ihVQj6AH z;oJSm}WvtZ?6yQfe0tGh1A=o8v3*L&zmDU+^0*K6JhbJVgem5P)@EmvDg&+lgu zTK-+lh|N8ar;^ZUo$sX;GH&4=9|Bl^J@BSC#r(Lso zjZXe9nwZQnX-S7Rm&}}I-Q2D%`X*21-);S_ZM-T8G=`KNL3A^6)2FzLe zHTrymmBG%3k2xNHNxcvu{b`d;b?!ksshc4$zB^}6Wtb?Qyys!zUREW;-l+<^4YM9e zJ@|4+Tj9o+Wj@4BLK1V`og6kKSs2R89o?Tu&rSN(f$Ck*<8otfHm&^Z>G`u}E z@UzvPt_Mkfc@#f{e->x1NDvjb&pFZg)$308f{V|8`Fj1lzwz$buXZs`_PWmNP*3`tQn&h;9+_`D&h4`M=&B)s}Ip{S&tKV!2>Y)VCR{-@oh< zJS?YP8u~D3`58Zp<4K|4ieo!J#&g?Tk(If;G^RiD@8sSEoU`i}G`j0P<-fjoMdYuw iM@yMlE5cU#&YyeL{e8oduC(G+v9bGSzglsp!wUe2EUEnf From 97ef1500ab918980bf7489876498b60cabd314af Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Tue, 23 Jul 2024 14:08:25 +0200 Subject: [PATCH 06/14] switch to zen for north --- system-modules/boot.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/system-modules/boot.nix b/system-modules/boot.nix index 456c551..b6a48e8 100755 --- a/system-modules/boot.nix +++ b/system-modules/boot.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, host, inputs, ... }: +{ config, pkgs, pkgs-unstable, lib, host, inputs, ... }: let grub-theme-ascii-diana = (pkgs.fetchFromGitea { domain = "git.nx2.site"; @@ -76,7 +76,7 @@ in # ''; # }; }; - # kernelPackages = pkgs.linuxPackages_latest; + kernelPackages = pkgs-unstable.linuxPackages_zen; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; kernelModules = [ "v4l2loopback" ]; extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1''; From ad885f7675953c54f6d9b18e2c1dcb3b1c8302d8 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Tue, 23 Jul 2024 14:08:38 +0200 Subject: [PATCH 07/14] nvidia 555 --- system-modules/nvidia.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system-modules/nvidia.nix b/system-modules/nvidia.nix index c498b92..a2f0c53 100755 --- a/system-modules/nvidia.nix +++ b/system-modules/nvidia.nix @@ -57,7 +57,7 @@ nvidiaSettings = true; # Optionally, you may need to select the appropriate driver version for your specific GPU. - package = config.boot.kernelPackages.nvidiaPackages.stable; + package = config.boot.kernelPackages.nvidiaPackages.beta; }; opengl = { enable = true; From ad784f41f968e67eda1357d45569b58da559e774 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Tue, 23 Jul 2024 14:08:49 +0200 Subject: [PATCH 08/14] new ollama --- system-modules/ollama.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/system-modules/ollama.nix b/system-modules/ollama.nix index 1635b0b..0335280 100755 --- a/system-modules/ollama.nix +++ b/system-modules/ollama.nix @@ -1,7 +1,7 @@ -{ pkgs, lib, host, nvidia, ... }: - +{ pkgs, pkgs-unstable, lib, host, nvidia, ... }: +let p = pkgs-unstable; in { - environment.systemPackages = with pkgs; [ + environment.systemPackages = with p; [ ollama ]; @@ -41,6 +41,7 @@ # ''; # }; services.ollama = { + package = p.ollama; enable = true; acceleration = lib.mkIf nvidia.enable "cuda"; listenAddress = if host == "NxACE" then "0.0.0.0:11434" else "127.0.0.1:11434"; From 1e0af7a61be7fd4be20a12c7e5dd5fafc5a79334 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Tue, 23 Jul 2024 17:35:57 +0200 Subject: [PATCH 09/14] flake restructure --- configuration.nix | 4 - flake-modules/allowed.nix | 43 ++ flake-modules/nvidia.nix | 4 + flake-modules/rice.nix | 59 +++ flake.lock | 175 ++++--- flake.nix | 282 ++--------- home-modules/discord.nix | 974 +++++++++++++++++++------------------ home-modules/helix.nix | 2 +- home-modules/pnx.nix | 2 +- home.nix | 6 +- nxlib/ricelib.nix | 2 +- system-modules/davmail.nix | 4 +- system-modules/nvidia.nix | 121 +++-- system-modules/sound.nix | 4 +- system-modules/users.nix | 4 +- 15 files changed, 802 insertions(+), 884 deletions(-) create mode 100644 flake-modules/allowed.nix create mode 100644 flake-modules/nvidia.nix create mode 100644 flake-modules/rice.nix diff --git a/configuration.nix b/configuration.nix index e40f217..063cd2e 100755 --- a/configuration.nix +++ b/configuration.nix @@ -60,10 +60,6 @@ hardware.bluetooth.powerOnBoot = true; # services.blueman.enable = true; - nixpkgs.config.allowUnfree = true; - # nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; - - # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ diff --git a/flake-modules/allowed.nix b/flake-modules/allowed.nix new file mode 100644 index 0000000..df7a9e7 --- /dev/null +++ b/flake-modules/allowed.nix @@ -0,0 +1,43 @@ + +{ + unfree = [ + "discord" + "spotify" + "obsidian" + "zoom-us" + "zoom" + + # since the predicate ist to be set in the flake and not in a module + # it is impossible to make the list dynamic and respect nvidia.enable + "nvidia-x11" + "nvidia-settings" + "nvidia-persistenced" + "cudatoolkit" + "cuda-merged" + "cuda_cuobjdump" + "cuda_gdb" + "cuda_nvcc" + "cuda_nvdisasm" + "cuda_nvprune" + "cuda_cccl" + "cuda_cudart" + "cuda_cupti" + "cuda_cuxxfilt" + "cuda_nvml_dev" + "cuda_nvrtc" + "cuda_nvtx" + "cuda_profiler_api" + "cuda_sanitizer_api" + "libcublas" + "libcufft" + "libcurand" + "libcusolver" + "libnvjitlink" + "libcusparse" + "libnpp" + ]; + + inecure = [ + # "electron-25.9.0" + ]; +} diff --git a/flake-modules/nvidia.nix b/flake-modules/nvidia.nix new file mode 100644 index 0000000..b252a7f --- /dev/null +++ b/flake-modules/nvidia.nix @@ -0,0 +1,4 @@ +{ + enable = false; + prime = false; +} diff --git a/flake-modules/rice.nix b/flake-modules/rice.nix new file mode 100644 index 0000000..bbe0f35 --- /dev/null +++ b/flake-modules/rice.nix @@ -0,0 +1,59 @@ +pkgs: rec { + + lib = import ../nxlib/ricelib.nix pkgs.lib; + + transparency = 0.8; + rounding = 10; + gap-size = 10; + border-width = 3; + color = + let + dark = (-0.5); + bright = (0.5); + alter-set = let f = lib.alter-luminace-hex; in color-name: color-value: { base = color-value; dark = f color-value dark; bright = f color-value bright; }; + alter = let f = lib.alter-luminace-hex; in color-value: { base = color-value; dark = f color-value dark; bright = f color-value bright; }; + ccolor = builtins.mapAttrs alter-set { + black = "#000022"; # "#111111" "#001100"; + white = "#ddddff"; # "#dddddd" "#66dd66"; + blue = "#4422ff"; # "#3333dd" "#003300"; + cyan = "#11dddd"; # "#11dddd" "#00dd55"; + green = "#11dd44"; # "#11dd11" "#11dd11"; + magenta = "#6622dd"; # "#dd11dd" "#005500"; + red = "#dd1166"; # "#dd1111" "#00aa00"; + yellow = "#dd6611"; # "#dddd11" "#ffff00"; + }; + xcolor = with ccolor; rec { + background = black.dark; + foreground = white.base; + border = cyan.base; + border2 = blue.base; + accent = blue; + secondary = cyan; + tertiary = magenta; + special = yellow; + weird = green; + positive = alter "#00dd00"; + negative = alter "#dd0000"; + }; + in ccolor // xcolor; + font = { + code = { + name = "JetBrainsMono-NF"; + name2 = "JetBrainsMono Nerd Font"; + package = (pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }); + # name = "CascadiaCove-NF"; + # package = (pkgs.nerdfonts.override { fonts = [ "CascadiaCode" ]; }); + }; + base = { + # name = "NewComputerModern08"; + # package = pkgs.newcomputermodern; + name = "Atkinson Hyperlegible"; + package = pkgs.atkinson-hyperlegible; + }; + }; + cursor = { + name = "Bibata-Original-Classic"; + package = pkgs.bibata-cursors; + size = 24; + }; +} diff --git a/flake.lock b/flake.lock index 21c3465..ade933d 100755 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1718642173, - "narHash": "sha256-iyj4D6c77uROAH9QdZjPd9SKnS/DuACMESqaEKnBgI8=", + "lastModified": 1720553729, + "narHash": "sha256-9aM4MCBJn4UstcsSdukOFTxg79keUMTw9Kmqr7Wsfmw=", "owner": "KZDKM", "repo": "Hyprspace", - "rev": "2f3edb68f47a8f5d99d10b322e9a85a285f53cc7", + "rev": "e8662093ae5b6e13a3cf1145d21d4804a3e84aeb", "type": "github" }, "original": { @@ -20,6 +20,39 @@ "type": "github" } }, + "aquamarine": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1721571743, + "narHash": "sha256-hat7wggtDISBJD8kTo5MTrT+IsY/Ha2MwgjmqqijoCA=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "601f6cf95cbe4fef02dc7faf34bba58566c914e9", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, "crane": { "inputs": { "flake-compat": [ @@ -53,29 +86,6 @@ "type": "github" } }, - "firefox-addons": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "dir": "pkgs/firefox-addons", - "lastModified": 1719875691, - "narHash": "sha256-DtfpH7yivPHcfXV0EL70NwCKlg6nVTZGNngWkPshQjM=", - "owner": "rycee", - "repo": "nur-expressions", - "rev": "f2c6c0e41d6c2c82524b9d104bcfd1750a426d1b", - "type": "gitlab" - }, - "original": { - "dir": "pkgs/firefox-addons", - "owner": "rycee", - "repo": "nur-expressions", - "type": "gitlab" - } - }, "flake-compat": { "flake": false, "locked": { @@ -97,11 +107,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1719877454, - "narHash": "sha256-g5N1yyOSsPNiOlFfkuI/wcUjmtah+nxdImJqrSATjOU=", + "lastModified": 1719994518, + "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4e3583423212f9303aa1a6337f8dffb415920e4f", + "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", "type": "github" }, "original": { @@ -132,21 +142,6 @@ } }, "flake-utils": { - "locked": { - "lastModified": 1629284811, - "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "inputs": { "systems": "systems_2" }, @@ -193,11 +188,11 @@ ] }, "locked": { - "lastModified": 1719827385, - "narHash": "sha256-qs+nU20Sm8czHg3bhGCqiH+8e13BJyRrKONW34g3i50=", + "lastModified": 1720042825, + "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", "owner": "nix-community", "repo": "home-manager", - "rev": "391ca6e950c2525b4f853cbe29922452c14eda82", + "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", "type": "github" }, "original": { @@ -223,11 +218,11 @@ ] }, "locked": { - "lastModified": 1718450675, - "narHash": "sha256-jpsns6buS4bK+1sF8sL8AaixAiCRjA+nldTKvcwmvUs=", + "lastModified": 1721330371, + "narHash": "sha256-aYlHTWylczLt6ERJyg6E66Y/XSCbVL7leVcRuJmVbpI=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "66d5b46ff94efbfa6fa3d1d1b66735f1779c34a6", + "rev": "4493a972b48f9c3014befbbf381ed5fff91a65dc", "type": "github" }, "original": { @@ -238,6 +233,7 @@ }, "hyprland": { "inputs": { + "aquamarine": "aquamarine", "hyprcursor": "hyprcursor", "hyprlang": "hyprlang", "hyprutils": "hyprutils", @@ -247,11 +243,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1719938427, - "narHash": "sha256-b0QtvQtFAtuOVBNPEUYf4V2VNGChTukkrLH/JlCQds8=", + "lastModified": 1721684218, + "narHash": "sha256-FbFz+F5LJs92s6/DEkhh2h+k8NRqqrs8MGF+GRZWZGo=", "ref": "refs/heads/main", - "rev": "6247a6b537fd1c05ecf35420529fab1adf83143e", - "revCount": 4903, + "rev": "3c758db95c129ed6ca7ce0c1b5b82ad6e189488d", + "revCount": 4963, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -279,11 +275,11 @@ ] }, "locked": { - "lastModified": 1719784423, - "narHash": "sha256-D7O5+nh2Wn9tQPJArWHrDSZeEfBCtj5zTGd86701LPE=", + "lastModified": 1721668405, + "narHash": "sha256-ZnIXa+jeMXoerhRz/ZJwVoYHaROjcLyQsr1b6JZ2AjQ=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "98cb18c6fcfe8196ef4150d09fbae305b7bb2954", + "rev": "4c2cef8326711fbd91b7a313f095545eb50d2a57", "type": "github" }, "original": { @@ -306,11 +302,11 @@ ] }, "locked": { - "lastModified": 1714869498, - "narHash": "sha256-vbLVOWvQqo4n1yvkg/Q70VTlPbMmTiCQfNTgcWDCfJM=", + "lastModified": 1718746314, + "narHash": "sha256-HUklK5u86w2Yh9dOkk4FdsL8eehcOZ95jPhLixGDRQY=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "e06482e0e611130cd1929f75e8c1cf679e57d161", + "rev": "1b61f0093afff20ab44d88ad707aed8bf2215290", "type": "github" }, "original": { @@ -335,11 +331,11 @@ ] }, "locked": { - "lastModified": 1717881852, - "narHash": "sha256-XeeVoKHQgfKuXoP6q90sUqKyl7EYy3ol2dVZGM+Jj94=", + "lastModified": 1721324361, + "narHash": "sha256-BiJKO0IIdnSwHQBSrEJlKlFr753urkLE48wtt0UhNG4=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "ec6938c66253429192274d612912649a0cfe4d28", + "rev": "adbefbf49664a6c2c8bf36b6487fd31e3eb68086", "type": "github" }, "original": { @@ -380,11 +376,11 @@ ] }, "locked": { - "lastModified": 1719316102, - "narHash": "sha256-dmRz128j/lJmMuTYeCYPfSBRHHQO3VeH4PbmoyAhHzw=", + "lastModified": 1721324102, + "narHash": "sha256-WAZ0X6yJW1hFG6otkHBfyJDKRpNP5stsRqdEuHrFRpk=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "1f6bbec5954f623ff8d68e567bddcce97cd2f085", + "rev": "962582a090bc233c4de9d9897f46794280288989", "type": "github" }, "original": { @@ -405,11 +401,11 @@ ] }, "locked": { - "lastModified": 1719067853, - "narHash": "sha256-mAnZG/eQy72Fp1ImGtqCgUrDumnR1rMZv2E/zgP4U74=", + "lastModified": 1721324119, + "narHash": "sha256-SOOqIT27/X792+vsLSeFdrNTF+OSRp5qXv6Te+fb2Qg=", "owner": "hyprwm", "repo": "hyprwayland-scanner", - "rev": "914f083741e694092ee60a39d31f693d0a6dc734", + "rev": "a048a6cb015340bd82f97c1f40a4b595ca85cc30", "type": "github" }, "original": { @@ -423,7 +419,7 @@ "crane": "crane", "flake-compat": "flake-compat", "flake-parts": "flake-parts_2", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": "nixpkgs_3", "pre-commit-hooks-nix": "pre-commit-hooks-nix", "rust-overlay": "rust-overlay" @@ -445,11 +441,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1719075281, - "narHash": "sha256-CyyxvOwFf12I91PBWz43iGT1kjsf5oi6ax7CrvaMyAo=", + "lastModified": 1721379653, + "narHash": "sha256-8MUgifkJ7lkZs3u99UDZMB4kbOxvMEXQZ31FO3SopZ0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a71e967ef3694799d0c418c98332f7ff4cc5f6af", + "rev": "1d9c2c9b3e71b9ee663d11c5d298727dace8d374", "type": "github" }, "original": { @@ -489,27 +485,27 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1719663039, - "narHash": "sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo=", + "lastModified": 1721524707, + "narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4a1e673523344f6ccc84b37f4413ad74ea19a119", + "rev": "556533a23879fc7e5f98dd2e0b31a6911a213171", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-23.11", + "ref": "release-24.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1719848872, - "narHash": "sha256-H3+EC5cYuq+gQW8y0lSrrDZfH71LB4DAf+TDFyvwCNA=", + "lastModified": 1721562059, + "narHash": "sha256-Tybxt65eyOARf285hMHIJ2uul8SULjFZbT9ZaEeUnP8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "00d80d13810dbfea8ab4ed1009b09100cca86ba8", + "rev": "68c9ed8bbed9dfce253cc91560bf9043297ef2fe", "type": "github" }, "original": { @@ -551,11 +547,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1719838683, - "narHash": "sha256-Zw9rQjHz1ilNIimEXFeVa1ERNRBF8DoXDhLAZq5B4pE=", + "lastModified": 1721548954, + "narHash": "sha256-7cCC8+Tdq1+3OPyc3+gVo9dzUNkNIQfwSDJ2HSi2u3o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d032c1a6dfad4eedec7e35e91986becc699d7d69", + "rev": "63d37ccd2d178d54e7fb691d7ec76000740ea24a", "type": "github" }, "original": { @@ -598,7 +594,6 @@ "root": { "inputs": { "Hyprspace": "Hyprspace", - "firefox-addons": "firefox-addons", "home-manager": "home-manager", "hyprland": "hyprland", "hyprland-plugins": "hyprland-plugins", @@ -642,11 +637,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1719873517, - "narHash": "sha256-D1dxZmXf6M2h5lNE1m6orojuUawVPjogbGRsqSBX+1g=", + "lastModified": 1721688883, + "narHash": "sha256-9jsjsRKtJRqNSTXKj9zuDFRf2PGix30nMx9VKyPgD2U=", "owner": "Mic92", "repo": "sops-nix", - "rev": "a11224af8d824935f363928074b4717ca2e280db", + "rev": "aff2f88277dabe695de4773682842c34a0b7fd54", "type": "github" }, "original": { @@ -702,11 +697,11 @@ ] }, "locked": { - "lastModified": 1718619174, - "narHash": "sha256-FWW68AVYmB91ZDQnhLMBNCUUTCjb1ZpO2k2KIytHtkA=", + "lastModified": 1721648131, + "narHash": "sha256-cyyxu/oj4QEFp3CVx2WeXa9T4OAUyynuBJHGkBZSxJI=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "c7894aa54f9a7dbd16df5cd24d420c8af22d5623", + "rev": "663be9cad424b170b28b9fa8a61042d721007f3b", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 636a4df..f6d13de 100755 --- a/flake.nix +++ b/flake.nix @@ -2,240 +2,66 @@ description = "Multisystem NixOS Flake of Lennart J. Kurzweg"; inputs = { - nixpkgs.url = "nixpkgs/nixos-24.05"; - nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; - home-manager = { - url = "github:nix-community/home-manager/release-24.05"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - sops-nix = { - url = "github:Mic92/sops-nix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + nixpkgs = { url = "nixpkgs/nixos-24.05"; }; + nixpkgs-unstable = { url = "nixpkgs/nixos-unstable"; }; + home-manager = { url = "github:nix-community/home-manager/release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; }; + sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; + lanzaboote = { url = "github:nix-community/lanzaboote/v0.3.0"; }; - hyprland = { - url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; - # url = "github:hyprwm/Hyprland"; - # inputs.nixpkgs.follows = "nixpkgs"; - }; - hyprland-plugins = { - url = "github:hyprwm/hyprland-plugins"; - inputs.hyprland.follows = "hyprland"; - }; - Hyprspace = { - url = "github:KZDKM/Hyprspace"; - inputs.hyprland.follows = "hyprland"; - }; - hyprswitch.url = "github:h3rmt/hyprswitch/release"; + hyprland = { url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; }; + hyprland-plugins = { url = "github:hyprwm/hyprland-plugins"; inputs.hyprland.follows = "hyprland"; }; + Hyprspace = { url = "github:KZDKM/Hyprspace"; inputs.hyprland.follows = "hyprland"; }; + hyprswitch = { url = "github:h3rmt/hyprswitch/release"; }; - # nixvim = { - # url = "github:nix-community/nixvim/nixos-23.11"; - # inputs.nixpkgs.follows = "nixpkgs"; - # }; - lanzaboote = { - url = "github:nix-community/lanzaboote/v0.3.0"; - # inputs.nixpkgs.follows = "nixpkgs-unstable"; - }; - #arion = { - # url = "github:hercules-ci/arion"; - # inputs.nixpkgs.follows = "nixpkgs"; - #}; - firefox-addons = { - url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - # yazi.url = "github:sxyazi/yazi"; + # firefox-addons = { url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, ... }@inputs: - let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - pkgs-unstable = nixpkgs-unstable.legacyPackages.${system}; + outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, ... }@inputs: let + system = "x86_64-linux"; + user = "nx2"; - user = "nx2"; + config = { allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) (import ./flake-modules/allowed.nix).unfree; }; + + pkgs = import nixpkgs { inherit system config; }; + pkgs-unstable = import nixpkgs-unstable { inherit system config; }; - nvidia = { - enable = true; - prime = true; - # unfree = if enable then [ - unfree = [ - "nvidia-x11" - "nvidia-settings" - "nvidia-persistenced" - "cudatoolkit" - "cudatoolkit-11.8.0" - "cudatoolkit-12.2.2" - ]; - # ] else []; - }; - allowed = { - unfree-packages = [ - "cudatoolkit" - "cuda-merged" - "cuda_cuobjdump" - "cuda_gdb" - "cuda_nvcc" - "cuda_nvdisasm" - "cuda_nvprune" - "cuda_cccl" - "cuda_cudart" - "cuda_cupti" - "cuda_cuxxfilt" - "cuda_nvml_dev" - "cuda_nvrtc" - "cuda_nvtx" - "cuda_profiler_api" - "cuda_sanitizer_api" - "libcublas" - "libcufft" - "libcurand" - "libcusolver" - "libnvjitlink" - "libcusparse" - "libnpp" - - "discord" - "spotify" - "obsidian" - "zoom-us" - "zoom" - ] ++ nvidia.unfree; - - inecure-packages = [ - "electron-25.9.0" - ]; - }; - - secrets = import ./git-crypt/secrets.nix; - - rice = rec { - lib = import ./nxlib/ricelib.nix { lib = nixpkgs.lib; }; - transparency = 0.8; - rounding = 10; - gap-size = 10; - border-width = 3; - color = - let - dark = (-0.5); - bright = (0.5); - alter-set = let f = rice.lib.alter-luminace-hex; in color-name: color-value: { base = color-value; dark = f color-value dark; bright = f color-value bright; }; - alter = let f = rice.lib.alter-luminace-hex; in color-value: { base = color-value; dark = f color-value dark; bright = f color-value bright; }; - ccolor = builtins.mapAttrs alter-set { - black = "#000022"; # "#111111" "#001100"; - white = "#ddddff"; # "#dddddd" "#66dd66"; - blue = "#4422ff"; # "#3333dd" "#003300"; - cyan = "#11dddd"; # "#11dddd" "#00dd55"; - green = "#11dd44"; # "#11dd11" "#11dd11"; - magenta = "#6622dd"; # "#dd11dd" "#005500"; - red = "#dd1166"; # "#dd1111" "#00aa00"; - yellow = "#dd6611"; # "#dddd11" "#ffff00"; - }; - xcolor = with ccolor; rec { - background = black.dark; - foreground = white.base; - border = cyan.base; - border2 = blue.base; - accent = blue; - secondary = cyan; - tertiary = magenta; - special = yellow; - weird = green; - positive = alter "#00dd00"; - negative = alter "#dd0000"; - }; - # ccolor = builtins.mapAttrs alter-set { - # black = "#112200"; - # white = "#ddffdd"; - # blue = "#779944"; - # cyan = "#11ffcc"; - # green = "#00ff00"; - # magenta = "#449999"; - # red = "#dd2200"; - # yellow = "#ffff11"; - # }; - # xcolor = with ccolor; rec { - # background = black.dark; # black.dark; - # foreground = white.base; # white.base; - # border = accent.base; # cyan.base; - # border2 = yellow.base; # blue.base; - # accent = green; # blue; - # secondary = red; # cyan; - # tertiary = yellow; # magenta; - # special = blue; # yellow; - # weird = magenta; # green; - # positive = alter "#00dd00"; # alter "#00dd00"; - # negative = alter "#dd0000"; # alter "#dd0000"; - # }; - in ccolor // xcolor; - font = { - code = { - name = "JetBrainsMono-NF"; - name2 = "JetBrainsMono Nerd Font"; - package = (pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; }); - # name = "CascadiaCove-NF"; - # package = (pkgs.nerdfonts.override { fonts = [ "CascadiaCode" ]; }); - }; - base = { - # name = "NewComputerModern08"; - # package = pkgs.newcomputermodern; - name = "Atkinson Hyperlegible"; - package = pkgs.atkinson-hyperlegible; - }; - }; - cursor = { - name = "Bibata-Original-Classic"; - package = pkgs.bibata-cursors; - size = 24; - }; - }; - in - { - nixosConfigurations = { - NxXPS = let host = "NxXPS"; in nixpkgs.lib.nixosSystem { - inherit system; - modules = [ ./configuration.nix ]; - specialArgs = { inherit inputs user host pkgs-unstable allowed secrets rice nvidia; }; - }; - NxNORTH = let host = "NxNORTH"; in nixpkgs.lib.nixosSystem { - inherit system; - modules = [ ./configuration.nix ]; - specialArgs = { inherit inputs user host pkgs-unstable allowed secrets rice nvidia; }; - }; - NxACE = let host = "NxACE"; nvidia.enable = false; in nixpkgs.lib.nixosSystem { - inherit system; - modules = [ ./configuration.nix ]; - specialArgs = { inherit inputs user host pkgs-unstable allowed secrets rice nvidia; }; - }; - }; - - homeConfigurations = { - "${user}@NxXPS" = let host = "NxXPS"; in home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./home.nix ]; - extraSpecialArgs = { inherit inputs system user host allowed secrets pkgs-unstable rice nvidia; }; - }; - "${user}@NxNORTH" = let host = "NxNORTH"; in home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./home.nix ]; - extraSpecialArgs = { inherit inputs system user host allowed secrets pkgs-unstable rice nvidia; }; - }; - "${user}@NxACE" = let host = "NxACE"; nvidia.enable = false; in home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./home.nix ]; - extraSpecialArgs = { inherit inputs system user host allowed secrets pkgs-unstable rice nvidia; }; - }; - "tv@NxACE" = - let - host = "NxACE"; - user = "tv"; - nvidia.enable = pkgs.kib.mkForce false; - in - home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ ./home.nix ]; - extraSpecialArgs = { inherit inputs system user host allowed secrets pkgs-unstable rice nvidia; }; - }; + nvidia-set = import ./flake-modules/nvidia.nix; + secrets = import ./git-crypt/secrets.nix; + rice = import ./flake-modules/rice.nix pkgs; + in { + nixosConfigurations = let + make-nixos-system = host: nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./configuration.nix ]; + specialArgs = let + nvidia = nvidia-set // { + enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; + prime = if (host == "NxXPS") then true else false; + }; + in { inherit inputs user host pkgs-unstable secrets rice nvidia; }; }; + in { + NxXPS = make-nixos-system "NxXPS"; + NxNORTH = make-nixos-system "NxNORTH"; + NxACE = make-nixos-system "NxACE"; }; + + homeConfigurations = let + make-home-configuration = host: user: home-manager.lib.homeManagerConfiguration { + inherit pkgs; + modules = [ ./home.nix ]; + extraSpecialArgs = let + nvidia = nvidia-set // { + enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; + prime = if (host == "NxXPS") then true else false; + }; + in { inherit inputs system user host pkgs-unstable rice secrets nvidia; }; + }; + in { + "${user}@NxXPS" = make-home-configuration "NxXPS" user; + "${user}@NxNORTH" = make-home-configuration "NxNORTH" user; + "${user}@NxACE" = make-home-configuration "NxACE" user; + "tv@NxACE" = make-home-configuration "NxACE" "tv"; + }; + }; } diff --git a/home-modules/discord.nix b/home-modules/discord.nix index 086c6d6..8d99f71 100755 --- a/home-modules/discord.nix +++ b/home-modules/discord.nix @@ -1,492 +1,494 @@ -{ config, pkgs, pkgs-unstable, lib, host, user, allowed, ... }: +{ pkgs, lib, host, ... }: lib.mkIf (host != "NxACE") { - home.packages = [ - pkgs-unstable.vesktop - ]; + home = { + packages = with pkgs; [ + vesktop + ]; - home.file.".config/vesktop/settings/settings.json".text = '' - { - "notifyAboutUpdates": true, - "autoUpdate": false, - "autoUpdateNotification": true, - "useQuickCss": true, - "themeLinks": [ - "https://luckfire.github.io/amoled-cord/src/amoled-cord.css" - ], - "enabledThemes": [], - "enableReactDevtools": false, - "frameless": false, - "transparent": true, - "winCtrlQ": false, - "macosTranslucency": false, - "disableMinSize": false, - "winNativeTitleBar": false, - "plugins": { - "BadgeAPI": { - "enabled": true - }, - "CommandsAPI": { - "enabled": true - }, - "ContextMenuAPI": { - "enabled": true - }, - "MemberListDecoratorsAPI": { - "enabled": false - }, - "MessageAccessoriesAPI": { - "enabled": false - }, - "MessageDecorationsAPI": { - "enabled": false - }, - "MessageEventsAPI": { - "enabled": false - }, - "MessagePopoverAPI": { - "enabled": false - }, - "NoticesAPI": { - "enabled": true - }, - "ServerListAPI": { - "enabled": false - }, - "NoTrack": { - "enabled": true - }, - "Settings": { - "enabled": true, - "settingsLocation": "aboveActivity" - }, - "SupportHelper": { - "enabled": true - }, - "ChatInputButtonAPI": { - "enabled": false - }, - "AlwaysAnimate": { - "enabled": true - }, - "AlwaysTrust": { - "enabled": true - }, - "AnonymiseFileNames": { - "enabled": false - }, - "WebRichPresence (arRPC)": { - "enabled": false - }, - "BANger": { - "enabled": false - }, - "BetterFolders": { - "enabled": false - }, - "BetterGifAltText": { - "enabled": false - }, - "BetterGifPicker": { - "enabled": false - }, - "BetterNotesBox": { - "enabled": false - }, - "BetterRoleDot": { - "enabled": false - }, - "BetterUploadButton": { - "enabled": false - }, - "BiggerStreamPreview": { - "enabled": false - }, - "BlurNSFW": { - "enabled": false - }, - "CallTimer": { - "enabled": false - }, - "ClearURLs": { - "enabled": false - }, - "ClientTheme": { - "enabled": false - }, - "ColorSighted": { - "enabled": false - }, - "ConsoleShortcuts": { - "enabled": false - }, - "CopyUserURLs": { - "enabled": false - }, - "CrashHandler": { - "enabled": true - }, - "CustomRPC": { - "enabled": false - }, - "Dearrow": { - "enabled": false - }, - "Decor": { - "enabled": false - }, - "DisableCallIdle": { - "enabled": false - }, - "EmoteCloner": { - "enabled": false - }, - "Experiments": { - "enabled": false - }, - "F8Break": { - "enabled": false - }, - "FakeNitro": { - "enabled": false - }, - "FakeProfileThemes": { - "enabled": true - }, - "FavoriteEmojiFirst": { - "enabled": false - }, - "FavoriteGifSearch": { - "enabled": false - }, - "FixCodeblockGap": { - "enabled": false - }, - "FixSpotifyEmbeds": { - "enabled": false - }, - "FixYoutubeEmbeds": { - "enabled": false - }, - "ForceOwnerCrown": { - "enabled": false - }, - "FriendInvites": { - "enabled": false - }, - "GameActivityToggle": { - "enabled": false - }, - "GifPaste": { - "enabled": false - }, - "GreetStickerPicker": { - "enabled": false - }, - "HideAttachments": { - "enabled": false - }, - "iLoveSpam": { - "enabled": false - }, - "IgnoreActivities": { - "enabled": false - }, - "ImageZoom": { - "enabled": false - }, - "InvisibleChat": { - "enabled": false - }, - "KeepCurrentChannel": { - "enabled": false - }, - "LastFMRichPresence": { - "enabled": false - }, - "LoadingQuotes": { - "enabled": false - }, - "MemberCount": { - "enabled": false - }, - "MessageClickActions": { - "enabled": false - }, - "MessageLinkEmbeds": { - "enabled": false - }, - "MessageLogger": { - "enabled": false - }, - "MessageTags": { - "enabled": false - }, - "MoreCommands": { - "enabled": false - }, - "MoreKaomoji": { - "enabled": false - }, - "MoreUserTags": { - "enabled": false - }, - "Moyai": { - "enabled": false - }, - "MutualGroupDMs": { - "enabled": false - }, - "NewGuildSettings": { - "enabled": false - }, - "NoBlockedMessages": { - "enabled": false - }, - "NoDevtoolsWarning": { - "enabled": false - }, - "NoF1": { - "enabled": false - }, - "NoMosaic": { - "enabled": false - }, - "NoPendingCount": { - "enabled": false - }, - "NoProfileThemes": { - "enabled": false - }, - "NoReplyMention": { - "enabled": false - }, - "NoScreensharePreview": { - "enabled": false - }, - "NoTypingAnimation": { - "enabled": false - }, - "NoUnblockToJump": { - "enabled": false - }, - "NormalizeMessageLinks": { - "enabled": false - }, - "NotificationVolume": { - "enabled": false - }, - "NSFWGateBypass": { - "enabled": false - }, - "OnePingPerDM": { - "enabled": false - }, - "oneko": { - "enabled": false - }, - "OpenInApp": { - "enabled": false - }, - "Party mode 🎉": { - "enabled": false - }, - "PermissionFreeWill": { - "enabled": false - }, - "PermissionsViewer": { - "enabled": false - }, - "petpet": { - "enabled": false - }, - "PictureInPicture": { - "enabled": false - }, - "PinDMs": { - "enabled": false - }, - "PlainFolderIcon": { - "enabled": false - }, - "PlatformIndicators": { - "enabled": false - }, - "PreviewMessage": { - "enabled": false - }, - "PronounDB": { - "enabled": false - }, - "QuickMention": { - "enabled": false - }, - "QuickReply": { - "enabled": false - }, - "ReactErrorDecoder": { - "enabled": false - }, - "ReadAllNotificationsButton": { - "enabled": false - }, - "RelationshipNotifier": { - "enabled": false - }, - "RevealAllSpoilers": { - "enabled": false - }, - "ReverseImageSearch": { - "enabled": false - }, - "ReviewDB": { - "enabled": false - }, - "RoleColorEverywhere": { - "enabled": true - }, - "SearchReply": { - "enabled": false - }, - "SecretRingToneEnabler": { - "enabled": false - }, - "SendTimestamps": { - "enabled": false - }, - "ServerListIndicators": { - "enabled": false - }, - "ServerProfile": { - "enabled": false - }, - "ShikiCodeblocks": { - "enabled": false - }, - "ShowAllMessageButtons": { - "enabled": false - }, - "ShowConnections": { - "enabled": false - }, - "ShowHiddenChannels": { - "enabled": false - }, - "ShowMeYourName": { - "enabled": false - }, - "ShowTimeouts": { - "enabled": false - }, - "SilentMessageToggle": { - "enabled": false - }, - "SilentTyping": { - "enabled": false - }, - "SortFriendRequests": { - "enabled": false - }, - "SpotifyControls": { - "enabled": false - }, - "SpotifyCrack": { - "enabled": false - }, - "SpotifyShareCommands": { - "enabled": false - }, - "StartupTimings": { - "enabled": false - }, - "SuperReactionTweaks": { - "enabled": false - }, - "TextReplace": { - "enabled": false - }, - "ThemeAttributes": { - "enabled": false - }, - "TimeBarAllActivities": { - "enabled": false - }, - "Translate": { - "enabled": false - }, - "TypingIndicator": { - "enabled": false - }, - "TypingTweaks": { - "enabled": false - }, - "Unindent": { - "enabled": false - }, - "UnsuppressEmbeds": { - "enabled": false - }, - "UrbanDictionary": { - "enabled": false - }, - "UserVoiceShow": { - "enabled": false - }, - "USRBG": { - "enabled": false - }, - "ValidUser": { - "enabled": false - }, - "VoiceChatDoubleClick": { - "enabled": false - }, - "VcNarrator": { - "enabled": false - }, - "VencordToolbox": { - "enabled": false - }, - "ViewIcons": { - "enabled": false - }, - "ViewRaw": { - "enabled": false - }, - "VoiceMessages": { - "enabled": false - }, - "WebContextMenus": { - "enabled": true, - "addBack": true - }, - "WebKeybinds": { - "enabled": true - }, - "WhoReacted": { - "enabled": false - }, - "Wikisearch": { - "enabled": false - }, - "XSOverlay": { - "enabled": false - } - }, - "notifications": { - "timeout": 5000, - "position": "bottom-right", - "useNative": "not-focused", - "logLimit": 50 - }, - "cloud": { - "authenticated": false, - "url": "https://api.vencord.dev/", - "settingsSync": false, - "settingsSyncVersion": 1710459223618 - } - } - ''; + file.".config/vesktop/settings/settings.json".text = '' + { + "notifyAboutUpdates": true, + "autoUpdate": false, + "autoUpdateNotification": true, + "useQuickCss": true, + "themeLinks": [ + "https://luckfire.github.io/amoled-cord/src/amoled-cord.css" + ], + "enabledThemes": [], + "enableReactDevtools": false, + "frameless": false, + "transparent": true, + "winCtrlQ": false, + "macosTranslucency": false, + "disableMinSize": false, + "winNativeTitleBar": false, + "plugins": { + "BadgeAPI": { + "enabled": true + }, + "CommandsAPI": { + "enabled": true + }, + "ContextMenuAPI": { + "enabled": true + }, + "MemberListDecoratorsAPI": { + "enabled": false + }, + "MessageAccessoriesAPI": { + "enabled": false + }, + "MessageDecorationsAPI": { + "enabled": false + }, + "MessageEventsAPI": { + "enabled": false + }, + "MessagePopoverAPI": { + "enabled": false + }, + "NoticesAPI": { + "enabled": true + }, + "ServerListAPI": { + "enabled": false + }, + "NoTrack": { + "enabled": true + }, + "Settings": { + "enabled": true, + "settingsLocation": "aboveActivity" + }, + "SupportHelper": { + "enabled": true + }, + "ChatInputButtonAPI": { + "enabled": false + }, + "AlwaysAnimate": { + "enabled": true + }, + "AlwaysTrust": { + "enabled": true + }, + "AnonymiseFileNames": { + "enabled": false + }, + "WebRichPresence (arRPC)": { + "enabled": false + }, + "BANger": { + "enabled": false + }, + "BetterFolders": { + "enabled": false + }, + "BetterGifAltText": { + "enabled": false + }, + "BetterGifPicker": { + "enabled": false + }, + "BetterNotesBox": { + "enabled": false + }, + "BetterRoleDot": { + "enabled": false + }, + "BetterUploadButton": { + "enabled": false + }, + "BiggerStreamPreview": { + "enabled": false + }, + "BlurNSFW": { + "enabled": false + }, + "CallTimer": { + "enabled": false + }, + "ClearURLs": { + "enabled": false + }, + "ClientTheme": { + "enabled": false + }, + "ColorSighted": { + "enabled": false + }, + "ConsoleShortcuts": { + "enabled": false + }, + "CopyUserURLs": { + "enabled": false + }, + "CrashHandler": { + "enabled": true + }, + "CustomRPC": { + "enabled": false + }, + "Dearrow": { + "enabled": false + }, + "Decor": { + "enabled": false + }, + "DisableCallIdle": { + "enabled": false + }, + "EmoteCloner": { + "enabled": false + }, + "Experiments": { + "enabled": false + }, + "F8Break": { + "enabled": false + }, + "FakeNitro": { + "enabled": false + }, + "FakeProfileThemes": { + "enabled": true + }, + "FavoriteEmojiFirst": { + "enabled": false + }, + "FavoriteGifSearch": { + "enabled": false + }, + "FixCodeblockGap": { + "enabled": false + }, + "FixSpotifyEmbeds": { + "enabled": false + }, + "FixYoutubeEmbeds": { + "enabled": false + }, + "ForceOwnerCrown": { + "enabled": false + }, + "FriendInvites": { + "enabled": false + }, + "GameActivityToggle": { + "enabled": false + }, + "GifPaste": { + "enabled": false + }, + "GreetStickerPicker": { + "enabled": false + }, + "HideAttachments": { + "enabled": false + }, + "iLoveSpam": { + "enabled": false + }, + "IgnoreActivities": { + "enabled": false + }, + "ImageZoom": { + "enabled": false + }, + "InvisibleChat": { + "enabled": false + }, + "KeepCurrentChannel": { + "enabled": false + }, + "LastFMRichPresence": { + "enabled": false + }, + "LoadingQuotes": { + "enabled": false + }, + "MemberCount": { + "enabled": false + }, + "MessageClickActions": { + "enabled": false + }, + "MessageLinkEmbeds": { + "enabled": false + }, + "MessageLogger": { + "enabled": false + }, + "MessageTags": { + "enabled": false + }, + "MoreCommands": { + "enabled": false + }, + "MoreKaomoji": { + "enabled": false + }, + "MoreUserTags": { + "enabled": false + }, + "Moyai": { + "enabled": false + }, + "MutualGroupDMs": { + "enabled": false + }, + "NewGuildSettings": { + "enabled": false + }, + "NoBlockedMessages": { + "enabled": false + }, + "NoDevtoolsWarning": { + "enabled": false + }, + "NoF1": { + "enabled": false + }, + "NoMosaic": { + "enabled": false + }, + "NoPendingCount": { + "enabled": false + }, + "NoProfileThemes": { + "enabled": false + }, + "NoReplyMention": { + "enabled": false + }, + "NoScreensharePreview": { + "enabled": false + }, + "NoTypingAnimation": { + "enabled": false + }, + "NoUnblockToJump": { + "enabled": false + }, + "NormalizeMessageLinks": { + "enabled": false + }, + "NotificationVolume": { + "enabled": false + }, + "NSFWGateBypass": { + "enabled": false + }, + "OnePingPerDM": { + "enabled": false + }, + "oneko": { + "enabled": false + }, + "OpenInApp": { + "enabled": false + }, + "Party mode 🎉": { + "enabled": false + }, + "PermissionFreeWill": { + "enabled": false + }, + "PermissionsViewer": { + "enabled": false + }, + "petpet": { + "enabled": false + }, + "PictureInPicture": { + "enabled": false + }, + "PinDMs": { + "enabled": false + }, + "PlainFolderIcon": { + "enabled": false + }, + "PlatformIndicators": { + "enabled": false + }, + "PreviewMessage": { + "enabled": false + }, + "PronounDB": { + "enabled": false + }, + "QuickMention": { + "enabled": false + }, + "QuickReply": { + "enabled": false + }, + "ReactErrorDecoder": { + "enabled": false + }, + "ReadAllNotificationsButton": { + "enabled": false + }, + "RelationshipNotifier": { + "enabled": false + }, + "RevealAllSpoilers": { + "enabled": false + }, + "ReverseImageSearch": { + "enabled": false + }, + "ReviewDB": { + "enabled": false + }, + "RoleColorEverywhere": { + "enabled": true + }, + "SearchReply": { + "enabled": false + }, + "SecretRingToneEnabler": { + "enabled": false + }, + "SendTimestamps": { + "enabled": false + }, + "ServerListIndicators": { + "enabled": false + }, + "ServerProfile": { + "enabled": false + }, + "ShikiCodeblocks": { + "enabled": false + }, + "ShowAllMessageButtons": { + "enabled": false + }, + "ShowConnections": { + "enabled": false + }, + "ShowHiddenChannels": { + "enabled": false + }, + "ShowMeYourName": { + "enabled": false + }, + "ShowTimeouts": { + "enabled": false + }, + "SilentMessageToggle": { + "enabled": false + }, + "SilentTyping": { + "enabled": false + }, + "SortFriendRequests": { + "enabled": false + }, + "SpotifyControls": { + "enabled": false + }, + "SpotifyCrack": { + "enabled": false + }, + "SpotifyShareCommands": { + "enabled": false + }, + "StartupTimings": { + "enabled": false + }, + "SuperReactionTweaks": { + "enabled": false + }, + "TextReplace": { + "enabled": false + }, + "ThemeAttributes": { + "enabled": false + }, + "TimeBarAllActivities": { + "enabled": false + }, + "Translate": { + "enabled": false + }, + "TypingIndicator": { + "enabled": false + }, + "TypingTweaks": { + "enabled": false + }, + "Unindent": { + "enabled": false + }, + "UnsuppressEmbeds": { + "enabled": false + }, + "UrbanDictionary": { + "enabled": false + }, + "UserVoiceShow": { + "enabled": false + }, + "USRBG": { + "enabled": false + }, + "ValidUser": { + "enabled": false + }, + "VoiceChatDoubleClick": { + "enabled": false + }, + "VcNarrator": { + "enabled": false + }, + "VencordToolbox": { + "enabled": false + }, + "ViewIcons": { + "enabled": false + }, + "ViewRaw": { + "enabled": false + }, + "VoiceMessages": { + "enabled": false + }, + "WebContextMenus": { + "enabled": true, + "addBack": true + }, + "WebKeybinds": { + "enabled": true + }, + "WhoReacted": { + "enabled": false + }, + "Wikisearch": { + "enabled": false + }, + "XSOverlay": { + "enabled": false + } + }, + "notifications": { + "timeout": 5000, + "position": "bottom-right", + "useNative": "not-focused", + "logLimit": 50 + }, + "cloud": { + "authenticated": false, + "url": "https://api.vencord.dev/", + "settingsSync": false, + "settingsSyncVersion": 1710459223618 + } + } + ''; + }; } diff --git a/home-modules/helix.nix b/home-modules/helix.nix index 9d8e8f6..f608153 100644 --- a/home-modules/helix.nix +++ b/home-modules/helix.nix @@ -2,7 +2,7 @@ { home = { packages = with pkgs; [ - nixfmt # nix formater + nixfmt-classic # nix formater nil # nix language server python311Packages.python-lsp-server lldb # debugger for llvm stuff diff --git a/home-modules/pnx.nix b/home-modules/pnx.nix index 9a3b267..a6533ab 100755 --- a/home-modules/pnx.nix +++ b/home-modules/pnx.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, system, user, host, allowed, secrets, ... }: +{ pkgs, lib, host, secrets, ... }: lib.mkIf (host != "NxACE") { home.packages = [ diff --git a/home.nix b/home.nix index 3d317cd..0ab6b2a 100755 --- a/home.nix +++ b/home.nix @@ -1,4 +1,4 @@ -{ config, pkgs, pkgs-unstable, lib, system, inputs, host, user, rice, allowed, secrets, ... }: +{ pkgs, pkgs-unstable, lib, host, user, ... }: { imports = [ @@ -62,10 +62,6 @@ home.username = user; home.homeDirectory = "/home/${user}"; home.stateVersion = "24.05"; - nixpkgs.config = { - allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) allowed.unfree-packages; - permittedInsecurePackages = allowed.inecure-packages; - }; home.packages = with pkgs; [ chromium diff --git a/nxlib/ricelib.nix b/nxlib/ricelib.nix index 9b4ed36..067a060 100755 --- a/nxlib/ricelib.nix +++ b/nxlib/ricelib.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +lib: let # takes in "ff0044" (no hash!) and returns { r = "ff", g = "00", b = "44" } slice-hex = hex: with builtins; { r = substring 0 2 hex; g = substring 2 2 hex; b = substring 4 2 hex; }; diff --git a/system-modules/davmail.nix b/system-modules/davmail.nix index 00b166b..3960811 100755 --- a/system-modules/davmail.nix +++ b/system-modules/davmail.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, user, allowed, secrets, ... }: +{ pkgs, ... }: { environment.systemPackages = with pkgs; [ @@ -43,4 +43,4 @@ davmail.enableKerberos = false; }; }; -} \ No newline at end of file +} diff --git a/system-modules/nvidia.nix b/system-modules/nvidia.nix index a2f0c53..28e5573 100755 --- a/system-modules/nvidia.nix +++ b/system-modules/nvidia.nix @@ -1,69 +1,68 @@ -{ config, pkgs, pkgs-unstable, lib, nvidia, ... }: +{ config, pkgs, lib, nvidia, ... }: +lib.mkIf nvidia.enable { - config = lib.mkIf nvidia.enable { - environment.systemPackages = with pkgs; [ - lshw - glxinfo - (pkgs.writeShellScriptBin "nvidia-offload" '' - export __NV_PRIME_RENDER_OFFLOAD=1 - export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 - export __GLX_VENDOR_LIBRARY_NAME=nvidia - export __VK_LAYER_NV_optimus=NVIDIA_only - exec "$@" - '') - ] ++ [ - # pkgs-unstable.nvtopPackages.intel - # pkgs-unstable.nvtopPackages.nvidia - ]; + environment.systemPackages = with pkgs; [ + lshw + glxinfo + (pkgs.writeShellScriptBin "nvidia-offload" '' + export __NV_PRIME_RENDER_OFFLOAD=1 + export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export __VK_LAYER_NV_optimus=NVIDIA_only + exec "$@" + '') + # ] ++ [ + # pkgs-unstable.nvtopPackages.intel + # pkgs-unstable.nvtopPackages.nvidia + ]; - # Load nvidia driver for Xorg and Wayland - services.xserver.videoDrivers = [ "nvidia" ]; + # Load nvidia driver for Xorg and Wayland + services.xserver.videoDrivers = [ "nvidia" ]; - hardware = { - nvidia = { - prime = lib.mkIf nvidia.prime { - intelBusId = "PCI:0:2:0"; - nvidiaBusId = "PCI:1:0:0"; - offload = { - enable = true; - enableOffloadCmd = true; - }; + hardware = { + nvidia = { + prime = lib.mkIf nvidia.prime { + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:1:0:0"; + offload = { + enable = true; + enableOffloadCmd = true; }; - modesetting.enable = true; - - # Modesetting is required. - - # Nvidia power management. Experimental, and can cause sleep/suspend to fail. - # Enable this if you have graphical corruption issues or application crashes after waking - # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead - # of just the bare essentials. - powerManagement.enable = true; - - # Fine-grained power management. Turns off GPU when not in use. - # Experimental and only works on modern Nvidia GPUs (Turing or newer). - powerManagement.finegrained = true; - - # Use the NVidia open source kernel module (not to be confused with the - # independent third-party "nouveau" open source driver). - # Support is limited to the Turing and later architectures. Full list of - # supported GPUs is at: - # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus - # Only available from driver 515.43.04+ - # Currently alpha-quality/buggy, so false is currently the recommended setting. - open = false; - - # Enable the Nvidia settings menu, - # accessible via `nvidia-settings`. - nvidiaSettings = true; - - # Optionally, you may need to select the appropriate driver version for your specific GPU. - package = config.boot.kernelPackages.nvidiaPackages.beta; - }; - opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; }; + modesetting.enable = true; + + # Modesetting is required. + + # Nvidia power management. Experimental, and can cause sleep/suspend to fail. + # Enable this if you have graphical corruption issues or application crashes after waking + # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead + # of just the bare essentials. + powerManagement.enable = true; + + # Fine-grained power management. Turns off GPU when not in use. + # Experimental and only works on modern Nvidia GPUs (Turing or newer). + powerManagement.finegrained = nvidia.prime; + + # Use the NVidia open source kernel module (not to be confused with the + # independent third-party "nouveau" open source driver). + # Support is limited to the Turing and later architectures. Full list of + # supported GPUs is at: + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Only available from driver 515.43.04+ + # Currently alpha-quality/buggy, so false is currently the recommended setting. + open = false; + + # Enable the Nvidia settings menu, + # accessible via `nvidia-settings`. + nvidiaSettings = true; + + # Optionally, you may need to select the appropriate driver version for your specific GPU. + package = config.boot.kernelPackages.nvidiaPackages.beta; + }; + opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; }; }; } diff --git a/system-modules/sound.nix b/system-modules/sound.nix index 5c88876..762e312 100755 --- a/system-modules/sound.nix +++ b/system-modules/sound.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, system, user, allowed, secrets, ... }: +{ config, pkgs, lib, ... }: { services.pipewire = { @@ -9,4 +9,4 @@ # If you want to use JACK applications, uncomment this jack.enable = true; }; -} \ No newline at end of file +} diff --git a/system-modules/users.nix b/system-modules/users.nix index 1ebe8ce..cec112b 100755 --- a/system-modules/users.nix +++ b/system-modules/users.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, system, host, user, allowed, secrets, ... }: +{ pkgs, lib, host, user, ... }: { users.defaultUserShell = pkgs.bash; # if interactive, itll switch to fish @@ -10,13 +10,11 @@ openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1RPCcS8DtIf75a2FEW4d8X6WTVeLlmretoLqppvZlJ" # From [A] GPG Sub Key ]; - packages = with pkgs; []; # all in home.nix }; users.users.tv = lib.mkIf (host == "NxACE") { isNormalUser = true; extraGroups = [ "networkmanager" "audio" "video" "uinput" ]; useDefaultShell = true; - packages = with pkgs; []; # all in home.nix }; From 73b0e338fca7accd4001e789cbd07e05d3e9cb05 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Sun, 28 Jul 2024 17:19:25 +0200 Subject: [PATCH 10/14] nx2site save (unused) --- system-modules/nx2site.nix | 58 +++++++--- system-modules/nx2site/proxy.nix | 186 +++++++++++++++++++++++++++++++ 2 files changed, 230 insertions(+), 14 deletions(-) create mode 100644 system-modules/nx2site/proxy.nix diff --git a/system-modules/nx2site.nix b/system-modules/nx2site.nix index ccf6a3f..7eba019 100644 --- a/system-modules/nx2site.nix +++ b/system-modules/nx2site.nix @@ -1,5 +1,7 @@ { config, pkgs, lib, user, host, ... }: -lib.mkIf (host == "NxACE") +lib.mkIf false +# lib.mkIf (host == "NxACE") +((import ./nx2site/proxy.nix { inherit config pkgs lib user; }) // { sops.secrets = { "nx2site/namecheap.pw" = { }; @@ -14,18 +16,15 @@ lib.mkIf (host == "NxACE") Unit = "namecheap-dynamic-dns.service"; }; }; - services."namecheap-dynamic-dns" = - let + services."namecheap-dynamic-dns" = let u = let domain = "nx2.site"; passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; + # passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; log-file-path = "/var/log/update_namecheap.log"; count-file-path = "/var/log/update_namecheap-count.txt"; - in - pkgs.writers.writePython3Bin "update_namecheap" { - libraries = with pkgs.python311Packages; [ - requests - ]; + in pkgs.writers.writePython3Bin "update_namecheap" { + libraries = with pkgs.python311Packages; [ requests ]; flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" ]; } '' import requests @@ -58,7 +57,7 @@ lib.mkIf (host == "NxACE") # Perform DNS updates resp_base = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password={pw}&ip={my_ip}") resp_subd = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=*&domain=${domain}&password={pw}&ip={my_ip}") - + # Reset the count file with open("${count-file-path}", 'w') as f: f.write('0') @@ -71,19 +70,50 @@ lib.mkIf (host == "NxACE") parser = argparse.ArgumentParser() parser.add_argument('-f', '--force', action='store_true', help='Force update') args = parser.parse_args() - + main(args.force) ''; - in - { + in { script = '' set -eu ${u}/bin/update_namecheap ''; serviceConfig = { Type = "oneshot"; - # User = "nx2"; }; }; }; -} + # I can't use this becasue API Access for Namecheap needs a static whitelisted IP, which I don't have + # security.acme = { + # acceptTerms = true; + # certs."nx2site" = { }; + # }; + environment.systemPackages = with pkgs; [ + certbot + (writeShellApplication { + name = "refresh_ssl_certificate"; + runtimeInputs = [ certbot ]; + # https://forum.endeavouros.com/t/tutorial-add-a-systemd-boot-loader-menu-entry-for-a-windows-installation-using-a-separate-esp-partition/37431 + text = let + webroot = /home/nx2/nx2site/staticweb/content; + in /*bash*/ '' + cartbot + ls ${webroot} + ''; + }) + ]; + networking.hosts = { # docker network inspect nx2site_default | grep -E "Name|IPv4" | tr "\n" " " | sed -r 's- +- -g;s-\n?"Name": -\n-g' | sed -r '1d;2d;s-"(.+?)", "IPv4Address": "(.+)/16",- "\2" = [ "\1.docker" ];-g' + "172.1.2.1" = [ "staticweb.docker" ]; + "172.1.3.1" = [ "matrix.docker" ]; + # "172.1.0.9" = [ "matrixdb.docker" ]; + "172.1.4.1" = [ "matrix-ss.docker" ]; + # "172.1.0.7" = [ "matrix-ssdb.docker" ]; + "172.1.5.1" = [ "pw.docker" ]; + "172.1.6.1" = [ "git.docker" ]; + # "172.1.0.10" = [ "gitdb.docker" ]; + "172.1.7.1" = [ "nn.docker" ]; + "172.1.8.1" = [ "llm.docker" ]; + # "172.1.9.1" = [ "proxy.docker" ]; + "172.1.10.1" = [ "share.docker" ]; + }; +}) diff --git a/system-modules/nx2site/proxy.nix b/system-modules/nx2site/proxy.nix new file mode 100644 index 0000000..356e231 --- /dev/null +++ b/system-modules/nx2site/proxy.nix @@ -0,0 +1,186 @@ +{ config, pkgs, lib, user }: +{ + sops.secrets = { + "nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; }; + "nx2site/sslCertificateKey.pem" = { owner = config.services.nginx.user; }; + "nx2site/dhparams.pem" = { owner = config.services.nginx.user; }; + }; + services.nginx = let + config-root = /home/${user}/nx2site/proxy/config; + xcontent-root = /home/${user}/nx2site/proxy/xcontent; + content-root = /home/${user}/nx2site/proxy/content; + in { + enable = true; + additionalModules = []; + # appendConfig = ''''; + clientMaxBodySize = "20m"; + + defaultHTTPListenPort = 80; + defaultListenAddresses = [ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"; + defaultListen = [ { + addr = "0.0.0.0"; + ssl = true; + port = 443; + proxyProtocol = true; + }]; + defaultMimeTypes = "${pkgs.mailcap}/etc/nginx/mime.types"; + defaultSSLListenPort = 443; + enableQuicBPF = true; + enableReload = true; + # eventsConfig = ''''; + # logError = ; + # mapHashBucketSize = ; + # mapHashMaxSize = ; + package = pkgs.nginxQuic; + # preStart = true; + proxyResolveWhileRunning = false; + proxyTimeout = "20s"; + recommendedBrotliSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedZstdSettings = true; + serverTokens = false; + # sslCiphers = true; + sslDhparam = config.sops.secrets."nx2site/dhparams.pem".path; + sslProtocols = "TLSv1.2 TLSv1.3"; + statusPage = false; + streamConfig = ""; # udp config + validateConfigFile = true; + upstreams = { + "staticweb".servers = { "staticweb.docker:80" = {}; }; + "matrix".servers = { "matrix.docker:80" = {}; }; + "matrix-ss".servers = { "matrix-ss.docker:80" = {}; }; + "pw".servers = { "pw.docker:80" = {}; }; + "git".servers = { "git.docker:80" = {}; }; + "nn".servers = { "nn.docker:80" = {}; }; + "llm".servers = { "llm.docker:80" = {}; }; + "share".servers = { "share.docker:80" = {}; }; + + "sync".servers = { "localhost:8384" = {}; }; + }; + virtualHosts = let + sslCertificate = config.sops.secrets."nx2site/sslCertificate.pem".path; + sslCertificateKey = config.sops.secrets."nx2site/sslCertificateKey.pem".path; + kTLS = true; http2 = true; http3 = true; http3_hq = true; quic = true; + in + { + "nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { + proxyPass = "http://staticweb"; + # extraConfig = [ ''add_header Alt-Svc 'h3=":443"; ma=86400';'' ''add_header Cache-Control "public";'' ] ++ common-location-conf; + }; + "/.well-known/matrix/client" = { + return = ''200 '{"m.homeserver": {"base_url": "https://matrix.nx2.site"}, "org.matrix.msc3575.proxy": {"url": "https://matrix-ss.nx2.site"}}' ''; + extraConfig = [ "default_type application/json;" "add_header Access-Control-Allow-Origin *;" ]; + }; + "/.well-known/matrix/server" = { + return = ''200 '{"m.server":"matrix.nx2.site:443"}' ''; + extraConfig = [ "default_type application/json;" "add_header Access-Control-Allow-Origin *;" ]; + }; + "~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = { + proxyPass = "http://matrix-ss"; + # extraConfig = [ ''proxy_set_header X-Forwarded-For $remote_addr;'' ''proxy_set_header X-Forwarded-Proto $scheme;'' ''proxy_set_header Host $host;'' ]; + }; + "~ ^(\/_matrix|\/_synapse\/client)" = { + return = ''200 '{"m.server":"matrix.nx2.site:443"}' ''; + # extraConfig = []; + }; + }; + }; + "matrix.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + listen = [ + { addr = "0.0.0.0"; port = 443; ssl = true; } + { addr = "0.0.0.0"; port = 8448; ssl = true; } + ]; + locations = { + "/" = { + proxyPass = "http://matrix"; + # extraConfig = [ ''add_header Alt-Svc 'h3=":443"; ma=86400';'' ''add_header Cache-Control "public";'' ] ++ common-location-conf; + }; + }; + }; + "matrix-ss.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + # "resolver 1.1.1.1;" + # "client_max_body_size 500M;" + # ]; + locations = { + "/" = { proxyPass = "http://pw"; }; + }; + }; + # "dev.nx2.site" = { + # kTLS = true; http2 = true; http3 = true; http3_hq = true; quic = true; + sslCertificate = cert; sslCertificateKey = key; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + # locations = { + # "/" = { + # proxyPass = "http://dev"; + # }; + # }; + # }; + "pw.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { proxyPass = "http://pw"; }; + "/admin" = { proxyPass = "http://pw"; }; + "/notifications/hub" = { proxyPass = "http://pw"; }; + "/notifications/hub/negotiate" = { proxyPass = "http://pw"; }; + }; + }; + "share.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { proxyPass = "http://share"; # ''proxy_hide_header Content-Disposition;'' + # ''proxy_set_header Content-Disposition $upstream_http_content_disposition;'' + # ''proxy_set_header X-Real-IP $remote_addr;'' + # ''proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;'' + # ''proxy_set_header Host $http_host;'' + # ]; + }; + "/socket.io" = { + proxyPass = "http://share/socket.io"; + proxyWebsockets = true; + # extraConfig = [ + # ''proxy_http_version 1.1;'' + # ''proxy_set_header Upgrade $http_upgrade;'' + # ''proxy_set_header Connection "upgrade";'' + # ]; + }; + }; + }; + "sync.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { proxyPass = "http://sync"; }; + }; + }; + "git.nx2.site" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + locations = { + "/" = { proxyPass = "http://git"; }; + }; + }; + "~^(.*)\.nx2\.site$" = { + inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; + # listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; + root = "/home/nx2/nx2site/staticweb/xcontent/"; + locations = { + "~.*" = { + return = "502 /502.html"; + }; + }; + }; + }; + }; +} From ce84d681e0428737daaa8ae3d368b6bbf7ffb1d8 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Mon, 26 Aug 2024 21:25:51 +0200 Subject: [PATCH 11/14] ++++++ --- configuration.nix | 5 +- flake-modules/rice.nix | 2 +- flake.lock | 117 ++++---- flake.nix | 8 +- home-modules/auto-mount.nix | 7 + home-modules/direnv.nix | 14 + home-modules/foot.nix | 270 ++++++++++++++++++ home-modules/helix.nix | 62 +++- home-modules/hyprland-autoname-workspaces.nix | 4 + home-modules/hyprland.nix | 7 +- home-modules/yazi.nix | 2 +- home.nix | 106 ++++--- system-modules/auto-mount.nix | 4 + system-modules/hardware-configuration.nix | 9 +- system-modules/ollama.nix | 24 +- 15 files changed, 504 insertions(+), 137 deletions(-) create mode 100644 home-modules/auto-mount.nix create mode 100755 home-modules/direnv.nix create mode 100644 home-modules/foot.nix create mode 100644 system-modules/auto-mount.nix diff --git a/configuration.nix b/configuration.nix index 9dc57c4..cc8ea9f 100755 --- a/configuration.nix +++ b/configuration.nix @@ -1,7 +1,8 @@ -{ pkgs, pkgs-unstable, lib, inputs, allowed, nvidia, ... }: +{ pkgs, inputs, ... }: { imports = [ inputs.sops-nix.nixosModules.sops + ./system-modules/auto-mount.nix ./system-modules/hardware-configuration.nix ./system-modules/fuse.nix ./system-modules/nvidia.nix @@ -17,7 +18,7 @@ ./system-modules/gpg.nix ./system-modules/sops.nix ./system-modules/syncthing.nix - ./system-modules/hsmw.nix # old + ./system-modules/hsmw.nix ./system-modules/docker.nix ./system-modules/health_reminder.nix ./system-modules/ydotool.nix diff --git a/flake-modules/rice.nix b/flake-modules/rice.nix index bbe0f35..cfc907b 100644 --- a/flake-modules/rice.nix +++ b/flake-modules/rice.nix @@ -25,7 +25,7 @@ pkgs: rec { xcolor = with ccolor; rec { background = black.dark; foreground = white.base; - border = cyan.base; + border = red.base; border2 = blue.base; accent = blue; secondary = cyan; diff --git a/flake.lock b/flake.lock index ade933d..c6b12b7 100755 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1720553729, - "narHash": "sha256-9aM4MCBJn4UstcsSdukOFTxg79keUMTw9Kmqr7Wsfmw=", + "lastModified": 1724233980, + "narHash": "sha256-w0j/3OeSrpx+S8if1M2ONBsZvJQ1hBQkdTQEiMCHy7o=", "owner": "KZDKM", "repo": "Hyprspace", - "rev": "e8662093ae5b6e13a3cf1145d21d4804a3e84aeb", + "rev": "743ec37d02bb2b7261f28de16bf404cebfd96105", "type": "github" }, "original": { @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1721571743, - "narHash": "sha256-hat7wggtDISBJD8kTo5MTrT+IsY/Ha2MwgjmqqijoCA=", + "lastModified": 1724273991, + "narHash": "sha256-+aUSOXKGpS5CRm1oTitgNAr05ThQNbKIXalZHl3nC6Y=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "601f6cf95cbe4fef02dc7faf34bba58566c914e9", + "rev": "9a3161ad4c78dc420d1cbb3aae638222608c7de4", "type": "github" }, "original": { @@ -107,11 +107,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1719994518, - "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=", + "lastModified": 1722555600, + "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7", + "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", "type": "github" }, "original": { @@ -218,11 +218,11 @@ ] }, "locked": { - "lastModified": 1721330371, - "narHash": "sha256-aYlHTWylczLt6ERJyg6E66Y/XSCbVL7leVcRuJmVbpI=", + "lastModified": 1722623071, + "narHash": "sha256-sLADpVgebpCBFXkA1FlCXtvEPu1tdEsTfqK1hfeHySE=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "4493a972b48f9c3014befbbf381ed5fff91a65dc", + "rev": "912d56025f03d41b1ad29510c423757b4379eb1c", "type": "github" }, "original": { @@ -243,11 +243,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1721684218, - "narHash": "sha256-FbFz+F5LJs92s6/DEkhh2h+k8NRqqrs8MGF+GRZWZGo=", + "lastModified": 1724596623, + "narHash": "sha256-pLbNiAfpE8rW2e1Ih7Epi0LfyDmFv+UYU2BXg7Sj66U=", "ref": "refs/heads/main", - "rev": "3c758db95c129ed6ca7ce0c1b5b82ad6e189488d", - "revCount": 4963, + "rev": "b672118f9238a48a18efd741cbcda387c5552238", + "revCount": 5136, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -275,11 +275,11 @@ ] }, "locked": { - "lastModified": 1721668405, - "narHash": "sha256-ZnIXa+jeMXoerhRz/ZJwVoYHaROjcLyQsr1b6JZ2AjQ=", + "lastModified": 1723143591, + "narHash": "sha256-dPcWAeRJoG5CyWC32X3XX+Og0v/k1/S1N0T5dQWT32k=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "4c2cef8326711fbd91b7a313f095545eb50d2a57", + "rev": "b73d7b901d8cb1172dd25c7b7159f0242c625a77", "type": "github" }, "original": { @@ -302,11 +302,11 @@ ] }, "locked": { - "lastModified": 1718746314, - "narHash": "sha256-HUklK5u86w2Yh9dOkk4FdsL8eehcOZ95jPhLixGDRQY=", + "lastModified": 1721326555, + "narHash": "sha256-zCu4R0CSHEactW9JqYki26gy8h9f6rHmSwj4XJmlHgg=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "1b61f0093afff20ab44d88ad707aed8bf2215290", + "rev": "5a11232266bf1a1f5952d5b179c3f4b2facaaa84", "type": "github" }, "original": { @@ -331,11 +331,11 @@ ] }, "locked": { - "lastModified": 1721324361, - "narHash": "sha256-BiJKO0IIdnSwHQBSrEJlKlFr753urkLE48wtt0UhNG4=", + "lastModified": 1724174162, + "narHash": "sha256-fOOBLwil6M9QWMCiSULwjMQzrXhHXUnEqmjHX5ZHeVI=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "adbefbf49664a6c2c8bf36b6487fd31e3eb68086", + "rev": "16e5c9465f04477d8a3dd48a0a26bf437986336c", "type": "github" }, "original": { @@ -350,11 +350,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1719780938, - "narHash": "sha256-YocumFkp3FCgN3UCXp95EV7IvAwhQdlSav8cCB0oHv0=", + "lastModified": 1723307169, + "narHash": "sha256-gYfdNU65hqCLLzFG1WbNmkBbzHUKpSdeOBaeDEs34sM=", "owner": "h3rmt", "repo": "hyprswitch", - "rev": "4dbba183fcbaa63de64e973d5dc9bba883765aa3", + "rev": "a669b50adb9ba7790a5c1abaeecbd97ce42a842f", "type": "github" }, "original": { @@ -376,11 +376,11 @@ ] }, "locked": { - "lastModified": 1721324102, - "narHash": "sha256-WAZ0X6yJW1hFG6otkHBfyJDKRpNP5stsRqdEuHrFRpk=", + "lastModified": 1722869141, + "narHash": "sha256-0KU4qhyMp441qfwbirNg3+wbm489KnEjXOz2I/RbeFs=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "962582a090bc233c4de9d9897f46794280288989", + "rev": "0252fd13e78e60fb0da512a212e56007515a49f7", "type": "github" }, "original": { @@ -441,11 +441,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1721379653, - "narHash": "sha256-8MUgifkJ7lkZs3u99UDZMB4kbOxvMEXQZ31FO3SopZ0=", + "lastModified": 1724224976, + "narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1d9c2c9b3e71b9ee663d11c5d298727dace8d374", + "rev": "c374d94f1536013ca8e92341b540eba4c22f9c62", "type": "github" }, "original": { @@ -455,16 +455,32 @@ "type": "github" } }, + "nixpkgs-latest": { + "locked": { + "lastModified": 1724604894, + "narHash": "sha256-ihWojFUzRYZ3i6xcxbzxMDAn5cX2FCtymu02MPjNA4c=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "669ce8b640c2ac856f714897aaffc5feb614ad57", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-lib": { "locked": { - "lastModified": 1719876945, - "narHash": "sha256-Fm2rDDs86sHy0/1jxTOKB1118Q0O3Uc7EC0iXvXKpbI=", + "lastModified": 1722555339, + "narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5daf0514482af3f97abaefc78a6606365c9108e2.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" }, "original": { "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/5daf0514482af3f97abaefc78a6606365c9108e2.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" } }, "nixpkgs-stable": { @@ -501,11 +517,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1721562059, - "narHash": "sha256-Tybxt65eyOARf285hMHIJ2uul8SULjFZbT9ZaEeUnP8=", + "lastModified": 1724224976, + "narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "68c9ed8bbed9dfce253cc91560bf9043297ef2fe", + "rev": "c374d94f1536013ca8e92341b540eba4c22f9c62", "type": "github" }, "original": { @@ -547,11 +563,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1721548954, - "narHash": "sha256-7cCC8+Tdq1+3OPyc3+gVo9dzUNkNIQfwSDJ2HSi2u3o=", + "lastModified": 1724316499, + "narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63d37ccd2d178d54e7fb691d7ec76000740ea24a", + "rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841", "type": "github" }, "original": { @@ -600,6 +616,7 @@ "hyprswitch": "hyprswitch", "lanzaboote": "lanzaboote", "nixpkgs": "nixpkgs_4", + "nixpkgs-latest": "nixpkgs-latest", "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix" } @@ -637,11 +654,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1721688883, - "narHash": "sha256-9jsjsRKtJRqNSTXKj9zuDFRf2PGix30nMx9VKyPgD2U=", + "lastModified": 1723501126, + "narHash": "sha256-N9IcHgj/p1+2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE=", "owner": "Mic92", "repo": "sops-nix", - "rev": "aff2f88277dabe695de4773682842c34a0b7fd54", + "rev": "be0eec2d27563590194a9206f551a6f73d52fa34", "type": "github" }, "original": { @@ -697,11 +714,11 @@ ] }, "locked": { - "lastModified": 1721648131, - "narHash": "sha256-cyyxu/oj4QEFp3CVx2WeXa9T4OAUyynuBJHGkBZSxJI=", + "lastModified": 1724073926, + "narHash": "sha256-nWlUL43jOFHf+KW6Hqrx+W/r1XdXuDyb0wC/SrHsOu4=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "663be9cad424b170b28b9fa8a61042d721007f3b", + "rev": "a08ecbbf33598924e93542f737fc6169a26b481e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f6d13de..7e53685 100755 --- a/flake.nix +++ b/flake.nix @@ -4,6 +4,7 @@ inputs = { nixpkgs = { url = "nixpkgs/nixos-24.05"; }; nixpkgs-unstable = { url = "nixpkgs/nixos-unstable"; }; + nixpkgs-latest = { url = "github:nixos/nixpkgs?ref=master"; }; home-manager = { url = "github:nix-community/home-manager/release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; }; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.3.0"; }; @@ -16,7 +17,7 @@ # firefox-addons = { url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, ... }@inputs: let + outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-latest, home-manager, ... }@inputs: let system = "x86_64-linux"; user = "nx2"; @@ -24,6 +25,7 @@ pkgs = import nixpkgs { inherit system config; }; pkgs-unstable = import nixpkgs-unstable { inherit system config; }; + pkgs-latest = import nixpkgs-latest { inherit system config; }; nvidia-set = import ./flake-modules/nvidia.nix; secrets = import ./git-crypt/secrets.nix; @@ -38,7 +40,7 @@ enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; prime = if (host == "NxXPS") then true else false; }; - in { inherit inputs user host pkgs-unstable secrets rice nvidia; }; + in { inherit inputs user host pkgs-unstable pkgs-latest secrets rice nvidia; }; }; in { NxXPS = make-nixos-system "NxXPS"; @@ -55,7 +57,7 @@ enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; prime = if (host == "NxXPS") then true else false; }; - in { inherit inputs system user host pkgs-unstable rice secrets nvidia; }; + in { inherit inputs system user host pkgs-unstable pkgs-latest rice secrets nvidia; }; }; in { "${user}@NxXPS" = make-home-configuration "NxXPS" user; diff --git a/home-modules/auto-mount.nix b/home-modules/auto-mount.nix new file mode 100644 index 0000000..e05235c --- /dev/null +++ b/home-modules/auto-mount.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + services.udiskie = { + enable = true; + notify = true; + }; +} diff --git a/home-modules/direnv.nix b/home-modules/direnv.nix new file mode 100755 index 0000000..d6eff69 --- /dev/null +++ b/home-modules/direnv.nix @@ -0,0 +1,14 @@ +{ lib, user, ... }: +lib.mkIf (user != "tv") +{ + programs = { + direnv = { + enable = true; + # enableBashIntegration = true; + nix-direnv.enable = true; + config = { + hide_env_diff = true; + }; + }; + }; +} diff --git a/home-modules/foot.nix b/home-modules/foot.nix new file mode 100644 index 0000000..7857be2 --- /dev/null +++ b/home-modules/foot.nix @@ -0,0 +1,270 @@ +{ config, pkgs, rice, lib, user, ... }: +lib.mkIf (user != "tv") +{ + home.packages = with pkgs; [ + foot + ]; + + programs.foot = { + enable = true; + # background = rice.color.background; + # foreground = rice.color.foreground; + # cursor = rice.color.foreground; + # color0 = rice.color.black.base; + # color8 = rice.color.black.bright; + # color1 = rice.color.red.base; + # color9 = rice.color.red.bright; + # color2 = rice.color.green.base; + # color10 = rice.color.green.bright; + # color3 = rice.color.yellow.base; + # color11 = rice.color.yellow.bright; + # color4 = rice.color.blue.base; + # color12 = rice.color.blue.bright; + # color5 = rice.color.magenta.base; + # color13 = rice.color.magenta.bright; + # color6 = rice.color.cyan.base; + # color14 = rice.color.cyan.bright; + # color7 = rice.color.white.base; + # color15 = rice.color.white.bright; + # background_opacity = builtins.toString rice.transparency; + # window_padding_width = 5; + # remember_window_size = false; + + # settings = { + # main = { + # shell = ''$SHELL (if set, otherwise user's default shell from /etc/passwd)''; + # term = ''foot (or xterm-256color if built with -Dterminfo=disabled)''; + # login-shell = ''no''; + + # # app-id = ''foot''; + # title = ''foot''; + # locked-title = ''no''; + + # font = ''${rice.font.code.name}:size=8''; + # font-size-adjustment = ''0.5''; + # line-height = ""; + # letter-spacing = ''0''; + # horizontal-letter-offset = ''0''; + # vertical-letter-offset = ''0''; + # underline-offset = ""; + # underline-thickness = ""; + # # box-drawings-uses-font-glyphs = "no"; + # # dpi-aware = ''no''; + + # # initial-window-size-pixels = ''700x500''; + # # initial-window-size-chars = ""; + # # initial-window-mode = ''windowed''; + # pad = ''5x5''; + # resize-by-cells = ''yes''; + # resize-keep-grid = ''yes''; + # resize-delay-ms = ''100''; + + # # bold-text-in-bright = false; + # word-delimiters = '',│`|:"'()[]{}<>''; + # selection-target = ''primary''; + # workers = ""; + # utmp-helper = ''/usr/lib/utempter/utempter''; + # # environment = { + # # name = ''value''; + # # }; + + # }; + # bell = { + # urgent = ''no''; + # notify = ''no''; + # visual = ''no''; + # command = ''''; + # command-focused = ''no''; + # }; + # desktop-notifications = { + # command = ''notify-send --wait --app-name ''${app-id} --icon ''${app-id} --category ''${category} --urgency ''${urgency} --expire-time ''${expire-time} --hint STRING:image-path:''${icon} --hint BOOLEAN:suppress-sound:''${muted} --hint STRING:sound-name:''${sound-name} --replace-id ''${replace-id} ''${action-argument} --print-id -- ''${title} ''${body}''; + # command-action-argument = ''--action ''${action-name}=''${action-label}''; + # close = ''""''; + # inhibit-when-focused = ''yes''; + + # }; + # scrollback = { + # lines = ''1000''; + # multiplier = ''3.0''; + # indicator-position = ''relative''; + # indicator-format = ''""''; + # }; + # url = { + # launch = ''xdg-open ''${url}''; + # label-letters = ''sadfjklewcmpgh''; + # osc8-underline = ''url-mode''; + # protocols = ''http, https, ftp, ftps, file, gemini, gopher''; + # uri-characters = ''abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.,~:;/?#@!$&%*+="'()[]''; + # }; + # cursor = { + # style = ''block''; + # color = ""; + # blink = ''no''; + # blink-rate = ''500''; + # beam-thickness = ''1.5''; + # underline-thickness = ""; + # }; + # mouse = { + # hide-when-typing = ''no''; + # alternate-scroll-mode = ''yes''; + # }; + # touch = { + # long-press-delay = ''400''; + # }; + # colors = { + # alpha = ''1.0''; + # background = ''242424''; + # foreground = ''ffffff''; + # flash = ''7f7f00''; + # flash-alpha = ''0.5''; + + # # Normal/regular colors (color palette 0-7) + # regular0 = ''242424''; + # regular1 = ''f62b5a''; + # regular2 = ''47b413''; + # regular3 = ''e3c401''; + # regular4 = ''24acd4''; + # regular5 = ''f2affd''; + # regular6 = ''13c299''; + # regular7 = ''e6e6e6''; + + # # Bright colors (color palette 8-15) + # bright0 = ''616161''; + # bright1 = ''ff4d51''; + # bright2 = ''35d450''; + # bright3 = ''e9e836''; + # bright4 = ''5dc5f8''; + # bright5 = ''feabf2''; + # bright6 = ''24dfc4''; + # bright7 = ''ffffff''; + + # # dimmed colors (see foot.ini(5) man page) + # # dim0 = ""; + # # ... + # # dim7 = ""; + + # # The remaining 256-color palette + # # 16 = <256-color palette #16> + # # ... + # # 255 = <256-color palette #255> + + # # Misc colors + # selection-foreground = ""; + # selection-background = ""; + # jump-labels = " "; + # scrollback-indicator = " "; + # search-box-no-match = " "; + # search-box-match = " "; + # urls = ""; + # }; + # csd = { + # preferred = ''server''; + # size = ''26''; + # font = ""; + # color = ""; + # hide-when-maximized = ''no''; + # double-click-to-maximize = ''yes''; + # border-width = ''0''; + # border-color = ""; + # button-width = ''26''; + # button-color = ""; + # button-minimize-color = ""; + # button-maximize-color = ""; + # button-close-color = ""; + # }; + # key-bindings = { + # scrollback-up-page = ''Shift+Page_Up''; + # scrollback-up-half-page = ''none''; + # scrollback-up-line = ''none''; + # scrollback-down-page = ''Shift+Page_Down''; + # scrollback-down-half-page = ''none''; + # scrollback-down-line = ''none''; + # scrollback-home = ''none''; + # scrollback-end = ''none''; + # clipboard-copy = ''Control+Shift+c XF86Copy''; + # clipboard-paste = ''Control+Shift+v XF86Paste''; + # primary-paste = ''Shift+Insert''; + # search-start = ''Control+Shift+r''; + # font-increase = ''Control+plus Control+equal Control+KP_Add''; + # font-decrease = ''Control+minus Control+KP_Subtract''; + # font-reset = ''Control+0 Control+KP_0''; + # spawn-terminal = ''Control+Shift+n''; + # minimize = ''none''; + # maximize = ''none''; + # fullscreen = ''none''; + # pipe-visible = ''[sh -c "xurls | fuzzel | xargs -r firefox"] none''; + # pipe-scrollback = ''[sh -c "xurls | fuzzel | xargs -r firefox"] none''; + # pipe-selected = ''[xargs -r firefox] none''; + # pipe-command-output = ''[wl-copy] none''; + # show-urls-launch = ''Control+Shift+o''; + # show-urls-copy = ''none''; + # show-urls-persistent = ''none''; + # prompt-prev = ''Control+Shift+z''; + # prompt-next = ''Control+Shift+x''; + # unicode-input = ''Control+Shift+u''; + # noop = ''none''; + # }; + # search-bindings = { + # cancel = ''Control+g Control+c Escape''; + # commit = ''Return''; + # find-prev = ''Control+r''; + # find-next = ''Control+s''; + # cursor-left = ''Left Control+b''; + # cursor-left-word = ''Control+Left Mod1+b''; + # cursor-right = ''Right Control+f''; + # cursor-right-word = ''Control+Right Mod1+f''; + # cursor-home = ''Home Control+a''; + # cursor-end = ''End Control+e''; + # delete-prev = ''BackSpace''; + # delete-prev-word = ''Mod1+BackSpace Control+BackSpace''; + # delete-next = ''Delete''; + # delete-next-word = ''Mod1+d Control+Delete''; + # extend-char = ''Shift+Right''; + # extend-to-word-boundary = ''Control+w Control+Shift+Right''; + # extend-to-next-whitespace = ''Control+Shift+w''; + # extend-line-down = ''Shift+Down''; + # extend-backward-char = ''Shift+Left''; + # extend-backward-to-word-boundary = ''Control+Shift+Left''; + # extend-backward-to-next-whitespace = ''none''; + # extend-line-up = ''Shift+Up''; + # clipboard-paste = ''Control+v Control+Shift+v Control+y XF86Paste''; + # primary-paste = ''Shift+Insert''; + # unicode-input = ''none''; + # quit = ''none''; + # scrollback-up-page = ''Shift+Page_Up''; + # scrollback-up-half-page = ''none''; + # scrollback-up-line = ''none''; + # scrollback-down-page = ''Shift+Page_Down''; + # scrollback-down-half-page = ''none''; + # scrollback-down-line = ''none''; + # scrollback-home = ''none''; + # scrollback-end = ''none''; + # }; + # url-bindings = { + # cancel = ''Control+g Control+c Control+d Escape''; + # toggle-url-visible = ''t''; + # }; + # text-bindings = { + # "\x03" = ''Mod4+c''; + # }; + # mouse-bindings = { + # scrollback-up-mouse = ''BTN_WHEEL_BACK''; + # scrollback-down-mouse = ''BTN_WHEEL_FORWARD''; + # font-increase = ''Control+BTN_WHEEL_BACK''; + # font-decrease = ''Control+BTN_WHEEL_FORWARD''; + # selection-override-modifiers = ''Shift''; + # primary-paste = ''BTN_MIDDLE''; + # select-begin = ''BTN_LEFT''; + # select-begin-block = ''Control+BTN_LEFT''; + # select-extend = ''BTN_RIGHT''; + # select-extend-character-wise = ''Control+BTN_RIGHT''; + # select-word = ''BTN_LEFT-2''; + # select-word-whitespace = ''Control+BTN_LEFT-2''; + # select-quote = ''BTN_LEFT-3''; + # select-row = ''BTN_LEFT-4''; + + # # vim: ft = ''dosini''; + # }; + # }; + }; +} diff --git a/home-modules/helix.nix b/home-modules/helix.nix index a3c2fc7..662e1ca 100644 --- a/home-modules/helix.nix +++ b/home-modules/helix.nix @@ -5,6 +5,9 @@ nixfmt-classic # nix formater nil # nix language server python311Packages.python-lsp-server + ruff + ruff-lsp + pyright lldb # debugger for llvm stuff yaml-language-server # yaml marksman # markdown @@ -73,12 +76,39 @@ file-types = [ "md" "MD" ]; scope = "text."; } - # { - # name = "python"; - # transport = "stdio"; - # command = "python3"; - # args = ["-m" "debugpy.adapter"]; - # } + + { + name = "python"; + language-servers = [ "pyright" "ruff" ]; + formatter = { + command = "ruff"; + args = [ + "format" + "--line-length" + "120" + "-" + ]; + }; + debugger = { + name = "debugpy"; + transport = "stdio"; + command = "python"; + args = [ "-m" "debugpy.adapter" ]; + templates = [{ + name = "source"; + request = "launch"; + completion = [{ + name = "entrypoint"; + completion = "filename"; + default = "."; + }]; + args = { + mode = "debug"; + program = "{0}"; + }; + }]; + }; + } ]; language-server = { "style-check" = { @@ -87,6 +117,26 @@ "language-tool" = { command = lib.getExe pkgs.ltex-ls; }; + "ruff" = { + command = "ruff-lsp"; + config.settings.args = [ + # Set line length + # "--line-length" + # "79" + + # Enable some ruff rules + # "--select" + # ( + # "F,W,E,I,N,D200,D201,D202,D203,D204,D205,D206,D207,D208,D209,D210,D211," + # + "D212,D213,D214,D215,D300,D301,D400,D401,D402,D403,D404,D405,D406," + # + "D407,D408,D409,D410,D411,D412,D413,D414,D415,D416,D417,D418,D419," + # + "UP,YTT,TRIO,ASYNC,B,A,COM,C4,DTZ,T10,DJ,EXE,FA,ISC,ICN001,G010," + # + "G101,G201,G202,INP,PIE,Q,RSE,RET,SLOT,SIM,TCH,INT,ARG,PTH,TD001," + # + "TD004,TD005,TD006,TD007,PD,PL,TRY004,TRY200,TRY201,TRY302,TRY400," + # + "TRY401,FLY,NPY,AIR,PERF,FURB,LOG,RUF" + # ) + ]; + }; }; }; themes = { diff --git a/home-modules/hyprland-autoname-workspaces.nix b/home-modules/hyprland-autoname-workspaces.nix index 5ba2522..19659ea 100755 --- a/home-modules/hyprland-autoname-workspaces.nix +++ b/home-modules/hyprland-autoname-workspaces.nix @@ -55,6 +55,7 @@ lib.mkIf (user != "tv") blueman-manager = "󰂯" Alacritty = "" zoom = "󰬡" + spotify = "" [class_active] "(?i)ExampleOneTerm" = "icon" @@ -75,6 +76,9 @@ lib.mkIf (user != "tv") [initial_title_in_class] + [initial_title] + "Spotify Premium" = "" + [initial_title_in_class_active] [initial_title_in_initial_class] diff --git a/home-modules/hyprland.nix b/home-modules/hyprland.nix index 7697c75..25556c4 100755 --- a/home-modules/hyprland.nix +++ b/home-modules/hyprland.nix @@ -247,7 +247,6 @@ lib.mkIf (user != "tv") "waybar " "hyprpaper -n " "swww-daemon" - "= /home/nx2/scripts/swww-randomize.sh" "hyprland-autoname-workspaces" "/usr/lib/polkit-kde-authentication-agent-1 " "dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP" @@ -459,8 +458,8 @@ lib.mkIf (user != "tv") ## MEGA KEYS: '' , Print, exec, grim -g "$(slurp)"'' - "SUPER, Next, resizeactive, 100 -100" - "SUPER, Prior, resizeactive, -100 100" + # "SUPER, Next, resizeactive, 5% 5%" # binde + # "SUPER, Prior, resizeactive, -5% -5%" # binde ########################################################################### ## FN KEYS: @@ -492,6 +491,8 @@ lib.mkIf (user != "tv") ]; binde = [ # "SUPER, TAB, exec, hyprswitch --daemon --do-initial-execute" + "SUPER, Next, resizeactive, 10% 10%" + "SUPER, Prior, resizeactive, -10% -10%" ]; }; diff --git a/home-modules/yazi.nix b/home-modules/yazi.nix index 4a32714..750acab 100755 --- a/home-modules/yazi.nix +++ b/home-modules/yazi.nix @@ -43,7 +43,7 @@ lib.mkIf (user != "tv") image = [ { run = ''imv "$@"''; desc = "imv";} { run = ''gimp "$@"''; desc = "gimp";} - { run = ''swww img "$@"''; desc = "swww wallpaper";} + { run = ''swww img --transition-type wipe --transition-angle 60 --transition-step 120 --transition-fps 120 "$@"''; desc = "swww wallpaper";} ]; font = [ { run = ''fontpreview "$@"''; desc = "fontpreview"; } diff --git a/home.nix b/home.nix index baedd4f..065667d 100755 --- a/home.nix +++ b/home.nix @@ -1,63 +1,53 @@ { pkgs, pkgs-unstable, lib, host, user, ... }: { imports = [ - - ./home-modules/vscode.nix - ./home-modules/nvidia.nix - # ./home-modules/firefox.nix - ./home-modules/discord.nix - ./home-modules/matrix.nix - ./home-modules/chatterino.nix - ./home-modules/email.nix - ./home-modules/bitwarden.nix - ./home-modules/virt-manager.nix - ./home-modules/office.nix - ./home-modules/obs.nix - ./home-modules/sent.nix - - ./home-modules/gestures.nix - - ./home-modules/pnx.nix - - ./home-modules/hyprland.nix - ./home-modules/hyprland-autoname-workspaces.nix - ./home-modules/waybar.nix - ./home-modules/nx-gcal-event.nix - ./home-modules/wlogout.nix - ./home-modules/rofi.nix - - ./home-modules/games.nix - - ./home-modules/kitty.nix - ./home-modules/fish.nix + ./home-modules/auto-mount.nix ./home-modules/bash.nix - ./home-modules/starship.nix - ./home-modules/helix.nix - ./home-modules/vale.nix - - ./home-modules/yazi.nix - ./home-modules/zoxide.nix - ./home-modules/nh.nix - - ./home-modules/ssh.nix - ./home-modules/gpg.nix - ./home-modules/sops.nix - ./home-modules/git.nix - ./home-modules/mako.nix - - ./home-modules/gtk.nix - ./home-modules/qt.nix - - ./home-modules/latex.nix - ./home-modules/pandoc.nix - - ./home-modules/programming/python.nix - ./home-modules/programming/c.nix - ./home-modules/programming/node.nix - ./home-modules/programming/gleam.nix - + ./home-modules/bitwarden.nix + ./home-modules/chatterino.nix ./home-modules/color-pallete.nix - ]; + ./home-modules/direnv.nix + ./home-modules/discord.nix + ./home-modules/email.nix + # ./home-modules/firefox.nix + ./home-modules/fish.nix + # ./home-modules/foot.nix + ./home-modules/games.nix + ./home-modules/gestures.nix + ./home-modules/git.nix + ./home-modules/gpg.nix + ./home-modules/gtk.nix + ./home-modules/helix.nix + ./home-modules/hyprland-autoname-workspaces.nix + ./home-modules/hyprland.nix + ./home-modules/kitty.nix + ./home-modules/latex.nix + ./home-modules/mako.nix + ./home-modules/matrix.nix + ./home-modules/nh.nix + ./home-modules/nvidia.nix + ./home-modules/nx-gcal-event.nix + ./home-modules/obs.nix + ./home-modules/office.nix + ./home-modules/pandoc.nix + ./home-modules/pnx.nix + ./home-modules/programming/c.nix + ./home-modules/programming/gleam.nix + ./home-modules/programming/node.nix + ./home-modules/programming/python.nix + ./home-modules/qt.nix + ./home-modules/rofi.nix + ./home-modules/sent.nix + ./home-modules/sops.nix + ./home-modules/ssh.nix + ./home-modules/starship.nix + ./home-modules/vale.nix + ./home-modules/virt-manager.nix + ./home-modules/vscode.nix + ./home-modules/waybar.nix + ./home-modules/wlogout.nix + ./home-modules/yazi.nix + ./home-modules/zoxide.nix ]; home.username = user; home.homeDirectory = "/home/${user}"; home.stateVersion = "24.05"; @@ -93,15 +83,15 @@ xclip xournal ] ++ (with pkgs-unstable; [ + obsidian firefox ]) ++ (if host != "NxACE" then (with pkgs; [ signal-desktop - obsidian zoom-us gimp inkscape - ]) else (with pkgs; [ - + ]) else (with pkgs-unstable; [ + ])); xdg = { diff --git a/system-modules/auto-mount.nix b/system-modules/auto-mount.nix new file mode 100644 index 0000000..8170929 --- /dev/null +++ b/system-modules/auto-mount.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + services.udisks2.enable = true; +} diff --git a/system-modules/hardware-configuration.nix b/system-modules/hardware-configuration.nix index d278499..82073f1 100755 --- a/system-modules/hardware-configuration.nix +++ b/system-modules/hardware-configuration.nix @@ -4,12 +4,9 @@ (modulesPath + "/installer/scan/not-detected.nix") ]; - environment.systemPackages = if host == "NxNORTH" then with pkgs; [ + environment.systemPackages = with pkgs; [ ntfs3g - btrfs-progs - ] else if host == "NxXPS" then with pkgs; [ - ntfs3g - ] else []; + ]; boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; # boot.initrd.kernelModules = [ ]; @@ -19,7 +16,7 @@ fileSystems = if host != "NxACE" then { "/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; "/boot" = { device = "/dev/disk/by-label/EFI"; fsType = "vfat"; }; - "/home/${user}/shared" = { device = "/dev/disk/by-label/shared"; fsType = if host == "NxXPS" then "ntfs" else "btrfs"; }; + "/home/${user}/shared" = { device = "/dev/disk/by-label/shared"; fsType = "ntfs"; }; } else { "/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; "/boot" = { device = "/dev/disk/by-label/EFI"; fsType = "vfat"; }; diff --git a/system-modules/ollama.nix b/system-modules/ollama.nix index f85542a..284f5cd 100755 --- a/system-modules/ollama.nix +++ b/system-modules/ollama.nix @@ -1,12 +1,22 @@ -{ pkgs, pkgs-unstable, lib, host, nvidia, ... }: -let p = pkgs-unstable; in -{ - environment.systemPackages = with p; [ - ollama - ]; +{ pkgs, pkgs-unstable, pkgs-latest, lib, host, nvidia, ... }: +let + p = pkgs-latest.ollama; + # p = pkgs-unstable.ollama.overrideAttrs (oldAttrs: rec { + # inherit (oldAttrs) pname; + # version = "0.3.0"; + # src = pkgs.fetchFromGitHub { + # owner = "ollama"; + # repo = "ollama"; + # rev = "v${version}"; + # hash = "sha256-69CpRAggx6a1NJq+CA9QliXuUbDgC1ERRuA3y17KVAM="; + # fetchSubmodules = true; + # }; + # }); +in { + environment.systemPackages = [ p ]; services.ollama = { - package = p.ollama; + package = p; enable = true; acceleration = lib.mkIf nvidia.enable "cuda"; listenAddress = if host == "NxACE" then "0.0.0.0:11434" else "127.0.0.1:11434"; From 4eead91953ccc452e8a6b4aab7821eaed231f0c0 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Mon, 26 Aug 2024 21:37:36 +0200 Subject: [PATCH 12/14] syncthing+nx2site(trying) --- git-crypt/secrets.nix | Bin 2863 -> 3012 bytes sops-secrets.yaml | 6 ++++-- system-modules/networking.nix | 8 ++++++-- system-modules/nx2site.nix | 8 +++++--- system-modules/nx2site/proxy.nix | 16 +++++----------- system-modules/syncthing.nix | 32 +++++++++++++++++++++++++++---- 6 files changed, 48 insertions(+), 22 deletions(-) diff --git a/git-crypt/secrets.nix b/git-crypt/secrets.nix index 970c86a99e1c2e3d8d6f6d03b894a5fb28123743..789f9d3d8295b21ade9c4954c7391475fb5dc11b 100755 GIT binary patch literal 3012 zcmZQ@_Y83kiVO&0Shv5;_5Ba7g=L~%tM5jCeORIQ{6)SEe_2QQH?LChg9U%CD3~go zKcY9STIy`*mU`LQ>oOiFE`Io!)Af0zi|)n6>$KLqbCT;3M7;e^{Nv+rq@CM-4Tn|~*H$xhEtuODcH%RGI~_e1m7?Cyu}1#en2a(45{HynS;?T0ncv+8=Lb?sG3mi8^Mp zdGYgmXIxJR+w5<2>s8?5b(p%(Xt*xR-3x*pPriK@uR=Mx{ZMWd2YfW)|9WvpuqJI*W zJP+D4jq~@MwWYj|zMV>H6f?cBPwQQv`;V&v4Xveq1+x1mH5&>1dU*0=V!LO+YrZE( zt1n%0;A8mlx_0OGaE8Q{48Ldmk=ho_J}>QfrbX8OUpAMycD@v4oxgq&i=^|cql>-& z^1FyCoIIe{?Jp9s&H3%#Wjw-ydiO3wRu-&uOyHVitEHOrLwF&7mHE|m3fHbZfBiDQ zQCL;)`sTQ^_k^Vi**0&o>s(>Y($SXYrD?g5BmG#VWum9~{jB#XwdHZfS8G%+l)Vb< zeVTQ_oaI5Y$QJi5mb6Rz9fvQqL=WVP9fy~j*5`NZCAc0H$Eddk7FKX|vF zT6{uH&a5jEDmrMmZTNA}c5U{_)D_iJ6~E2x{`e|)lHtQA z(e598v)^R=m?NRjwItT}HuMqmArbluj%>>tJ5;`v@+g)+*7?pV8Z0t zHyIXIhb|0vWS4TC5NKscIQ_AWzI?Fi-l3C6<)-~~ z)Yb?+uxJs+FJrUrttokdl#%~i*w=2w)k&TD4v_%!`I z16vngXT)Of1;-+H-s1Ijm~!P~KI_vJVG=8ap10Qgd8L&e{dc{e&$Gq*wf>&w#s;*KDRZ`)U+nuS^gx| zxm^GKI`O_KYWvFWY3!cf*1tPz&&4_xH}|=kD>L)nS$(^sGt+w#FZ)NP&=!`auOH6d zoGQ6lPwud?W1dphX|arK<-Lpf!`)}!e)*wn`=j>bGfsACe?62t-{+k>+v-2>nr^n9 zV*4wV{@(D*HYMqd?Zr)TvolVv4qB7;#WnYpZj!d3kptt=-p$G{o(ge!PmXZ8cb560 zJJTNL3w}Z7j5}t1lUU&^T?ux-u^^G)Xc`?|B2#hIU*wluKQwpQ|$fY^oi)3a0O za_=$!%=3A(YM$PH8F%@g6+zuI*q=E|O^iC{R5=fO%WtGijhiyVvz7D2YD>eK z#rtkAXo=AJ`f16m)bOY7WoAB&40|+IRTv*Fim*DePk++Fze1}-_x}EM_<(L;zuW`~ z`|K^Ydw+S0qt+WUTxlzwBV?HNH-5+1IXR*-H$UN;9s0 z{h~B4YQc@LO~3RPYVF}tFj|R?DbQP$L-v+JmQ!SZd|w{STHu+w$j&q z+KCw_Cw%*&+a3Qg<>xW|>rpcw|F?;l(^ma=;&+`uj|vs9RW{cScix^RxNh>PufmW8rhp?W3Tl3BB#pM0wGaaO|R`3Ls;PT}Ld zmr;Ayq~Z8Ro^XMvB8$VjOPNj*(Ul3xr75fLxCBmXIr=jGt)6lI3tLkUk@bIE zG;&#z?N2T6Y!uVD#rJvr;pLS~0R@Tvdj4@QzMbSrymwwpC4}$Nxtra~WsP3xSw%L~Rj#kl`r|XwKUa{fet$*zD8a$7jul|Yu5!0c4@5t37 zliPp$+$buVb@xKL+ipL_umtv%QR2Iq{qD%}WQOhg_{D18Q-0#P447Q zyAZjWCHrs5V%2L8t*0N%Jv~**eQNU}PR=N`&wFIU*5Bk7y;q`DvR=F7Xj7J*VbHU? zEB2|)5ZhF@Yv$RDtE{5Z%d~haL!K)wQ-5%+(M|K1i|x$|vO!4-59j{#E}X3wk#>+L zNbiltzT+LbR=eemU#dqgb^a0mnOSr~osUP~uBx^tWwUN5AG+L=BYo8~hj-cBPkw8c zT-^5UN)Ko3hkwDgQfYVBC0={`{^YFB1veAd<*Nn7FgC1UeZl-L^U(h{o9FI6{5`Ag z4>UfRT@YL-yy@=o@2iS0 z-2D1s(z;J39xoRJPq>vF>u4&_>GgMVf$y1ovpKhI+}ir4R&dol&NXN)b+Hcj^Nqgv z#4K*h*_dZX)=YY7n9j7fg#SQ`Q#qbhMS1nw@*v^*Fei zcWb_EJB!AiTcO{lO1)U{rLJsArq0qO8V9X!RVdG1Y4G8RPO0SSxpStZs5hPDa(FtC zoz>d&_M0_#W-nsikgYo9($z#Ue((Px4mZnBhRtX?aa%j)57X4Mv5f~~PU;t()!uMu z!qf@*ADPbDCT%fS?fE#9bHPH@`jDo{`x_mksMCoJ+>ZAmofdt5dTDx! zhUP}EWp}lh!lF*B&RD+Dqub(SkxT5a`r3)d;{X^P7cs9=PqibHVd#(`vs;&aC+78LyT-o< z>LuaninGhJ#oJ!SK79QvF>bzuPW;@7Qsk zNh~w}v6=0gTkP6jd|^`1+YMzA6`E;m`HR|)`dFP?b8^nc4a%xtHD~;ed=&ORCuq-! zFO{klcc$2ef6$b2KKF4wubio|T+W)XDJ`$}zfa-2kUe|nnU19jC54`|OUr5<`zuxz zCmWPTFBd!3-DS$3yKkjXkiw*Pmu=ErPfpfYbH8Gmaq{=vn45AYxleJSImsOBeyePcI?ADt`+NUu{J}mtBnziHIPv*bA8q2O$JMMmT z)G=P<(Tyc9U0!taZMZFyoL+n9ajuK~H>a?F>R0E4T&T<|G}>Q(`t3UL7S_o|ORej? zet+Wc`4}@fhhHgQ=2-ak;sT4uvwr=%R=WPjQvY-wPT$=XeIFJs&Yf?tPH~Cg|Jt&H z3q}82>sDWTK=_Y;SiYP$+0Vl^sLt7j*L@Sq#WQPP zOdB*YnV|kvq0nrOba{{O^WD z`0wX8XBp}!E3$s(DEd&x=yH&o%I^b5`;J|mE#C8-sd-I$ z>+uQCQ+MC7^YqM&s}on6%yBWSed<>>xuuTDQ|B;q%#&Jl=_kucgU+K*E=<^czgUjN zSMrLXV3+xVe}#Ul7D~w8nSOUFH(%&vwv)|IUm6yD+3H)NP{`!nYL>ifTH0$twYscF zFV@xCp4{>-EbDGun63U?e-@TqF*DD$KM3b7Xm?#PsczT#HFHiXzJ1Ch74&s>=o#l+ z&NxS|D$dE=eKpVjebd}$=&yQx-z9sA?E)@y+gAq7HD7xRsw;SI8S}i ztzk-tyZTKI$uN}ta@G10CM>HmaXsrp_gA9wBJ2Ntk2tQ&zU_AN{N8;N z63fJc3-mTT{_-@y>i6%ueNP%T$AsND-oiOgFSLK@N`>BQe5zavqe^Ou?X~obzZ_js z=ofHRV+*V8%FVkp;vePp#J-h$wwWnM^~{fLo#L+NS+52bvpQvEo(^5G{B=aLRaHUq z%6Dc{(pWut7qomiAkpu4)Tg=q8mngfyoWDWs~lVYtKra!*OHq!JvSZRyN>O|y0i1+ z@67W)Kl#zO<&p|TKG{6`Kizn{M|Rbu*3#S!vHJ|lJB=HAAgo_ltD(VKa^V)vC~Pu`na@WWL| z|JI+9Whb|#JX`hqO2MiHXL(LtG(V&8e4ByQC;zDQ36B%G-n+4F+OM=xzv#)Eb?3gN z?@Dkyolr3K)#uy~4%xmvf|a?GCQ0;cxVSX>-IM$m(=0sJ^aYB!Fxo%MV41ov?1V>c z_T@=OuD{W|#;_tN{mi$x*zL+8r;c~*x#VHe;xTJ>`#<^amaL^~cYS86T)?^W&{LN% zAEBB2yW}FaPAxZN`XZWR(l-yELDR_Lye7Qops+aC#l4vS?=z$JTo7C-xUoBnt`t6rJMHt+SE;xbqAO3!uVTQb95?=4Saz-&c% z2OpLCq+Ms0zdq~d8unGo>c+W44 zFv}H|l;TB8mdxd6Y0~^{#dJc_|GUdmn+t}1O)n)?Le3nz*AcKk^VRMDp5YlQm_tOn z#V>8U^0IWlD&xNeCes2_?%Nza^)pZNlVJQerA;-hRr)3Ur#4Dw?k_hiUZD&l6PGpNVSg9#dXD#pu}YwbRcyZG5r2aqZH4E{lg@ zjO-R)7hGJGoO^5j<$`zr?;1|xoH5;5>hxuX4#%E$+vO)W^oFXP2{6cirM5%t|E>#( z+LBj-CIwtx;3x6+-O|-8ANhp;Z8|D>>G=GIToblO#Wk#RIsbE;*o7^dM2;qFEYe-u zzrjS0OJQ&4vxJq?6xRRz&Z^4v#EGvf;GuAE;0w0{?=R)#MBU#0x_|zL#mURoB@3QZy?u1H)~!4KizY6J$ro*O)#{nu68(x{Mp*Eh%Wsl*UaQSo z!I#?JmEFM;BUAb0^t5$Tve(TFE9`7g-@obL50C3NIValR-@+wZaJXx)uo=^mM;Bjz zxpiwbmD^@;4?1x$O1` zR#}-lUpwX8tL1aNa_ibv?riCiiv2Oe=BAn1gYVb1`MGU`0*~(tJydad-noOP9vyeM z%feXXF|+8xYVpUW8w?eszY41DYPsXmpT_Q5+rE}NUhSym=TJ`RJ6n{RoT4x33dCQ% zG{=cKWkF!#|A3{dD&BK_kmES|Wv=^z6Gx1nO`9vv@+PGB-^>R(331EP67C*1Q`oI= zs^Jk||2jsIzC$nW&F1~Ju&m8W_|B9xuWgtAHZSqdO;bsFv{>=V+a*bt?wIsnYNuhH(y~=n`pV^^^x!ovBjTT75?0E&tiX9SUi8t_7}n*uH7(xJvA*ON5Q&& z*_u5Sw+{rBN>xsJW79S7+>|{>6n0L!Y4D6UOQGL=TFjw>LyyWP?NJq($g$BsyOFh@$8+)w&&xdvFoU(Z; Date: Mon, 26 Aug 2024 23:24:45 +0200 Subject: [PATCH 13/14] ip range fix --- system-modules/hsmw.nix | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/system-modules/hsmw.nix b/system-modules/hsmw.nix index 629a1f3..e0255dd 100755 --- a/system-modules/hsmw.nix +++ b/system-modules/hsmw.nix @@ -1,5 +1,4 @@ { pkgs, lib, host, secrets, ... }: -lib.mkIf (host != "NxACE") { environment.systemPackages = with pkgs; [ strongswanNM @@ -38,19 +37,19 @@ lib.mkIf (host != "NxACE") }; connections = { hsmw = { - keyexchange = "ikev2"; - left = "%defaultroute"; - leftid = "%any"; - leftauth = "eap"; - eap_identity = "${secrets.email.hsmw.un}@hs-mittweida.de"; - leftsourceip = "%config"; - leftdns = "%config4"; - leftfirewall = "no"; - right = "141.55.128.84"; - rightid = "@vpn4.hs-mittweida.de"; - rightsubnet = "0.0.0.0/0"; - rightauth = "pubkey"; - auto = "add"; + keyexchange = "ikev2"; + left = "%defaultroute"; + leftid = "%any"; + leftauth = "eap"; + eap_identity = "${secrets.email.hsmw.un}@hs-mittweida.de"; + leftsourceip = "%config"; + leftdns = "%config4"; # Ensure that DNS resolution works as expected + leftfirewall = "no"; # Keep firewall disabled, but manually check rules + right = "141.55.128.84"; + rightid = "@vpn4.hs-mittweida.de"; + rightsubnet = "141.55.128.0/16"; # Split tunneling: Only route traffic for the VPN subnet + rightauth = "pubkey"; + auto = "add"; }; }; managePlugins = true; From 20f8ea51c65df04a0cd80670f5ad38d30bd3eff8 Mon Sep 17 00:00:00 2001 From: "Lennart J. Kurzweg (Nx2)" Date: Mon, 26 Aug 2024 23:24:57 +0200 Subject: [PATCH 14/14] screen --- home.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home.nix b/home.nix index 065667d..6225839 100755 --- a/home.nix +++ b/home.nix @@ -71,6 +71,7 @@ piper-tts sssnake pipes dig + screen gnumake cmake