nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of ssh://ssh.nx2.site:20022/nx2/dotfiles

Browse Source
This commit is contained in:
Lennart J. Kurzweg (Nx2)
2024-11-09 23:56:05 +01:00
parent 2e1c0f495b ab4c26c178
commit 966f9d67fc
38 changed files with 1428 additions and 2373 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
configuration.nix
View File

@@ -1,6 +1,6 @@
{ pkgs, inputs, ... }: { pkgs, inputs, lib, host, ... }:
{ {
imports = [ imports = ([
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
./system-modules/adb.nix ./system-modules/adb.nix
./system-modules/auto-mount.nix ./system-modules/auto-mount.nix
@@ -28,7 +28,6 @@
./system-modules/networking.nix ./system-modules/networking.nix
./system-modules/nixd.nix ./system-modules/nixd.nix
./system-modules/nvidia.nix ./system-modules/nvidia.nix
./system-modules/nx2site.nix
./system-modules/ollama.nix ./system-modules/ollama.nix
./system-modules/qmk.nix ./system-modules/qmk.nix
./system-modules/sops.nix ./system-modules/sops.nix
@@ -38,7 +37,12 @@
./system-modules/users.nix ./system-modules/users.nix
./system-modules/virtualisation.nix ./system-modules/virtualisation.nix
./system-modules/ydotool.nix ./system-modules/ydotool.nix
]; ]) ++ (if (host == "NxACE") then [
./system-modules/nx2site.nix
./system-modules/nx2site/proxy.nix
# ./system-modules/nx2site/gitea.nix
# ./system-modules/nx2site/vaultwarden.nix
] else []);
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";

6
flake.nix
View File

@@ -22,6 +22,7 @@
outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-latest, home-manager, ... }@inputs: let outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-latest, home-manager, ... }@inputs: let
system = "x86_64-linux"; system = "x86_64-linux";
user = "nx2"; user = "nx2";
domain = "nx2.site";
config = { allowUnfree = true; allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) (import ./flake-modules/allowed.nix).unfree; }; config = { allowUnfree = true; allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) (import ./flake-modules/allowed.nix).unfree; };
@@ -42,7 +43,7 @@
enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; enable = if (host == "NxXPS" || host == "NxNORTH") then true else false;
prime = if (host == "NxXPS") then true else false; prime = if (host == "NxXPS") then true else false;
}; };
in { inherit inputs user host pkgs-unstable pkgs-latest secrets rice nvidia; }; in { inherit inputs user host domain pkgs-unstable pkgs-latest secrets rice nvidia; };
}; };
in { in {
NxXPS = make-nixos-system "NxXPS"; NxXPS = make-nixos-system "NxXPS";
@@ -59,13 +60,12 @@
enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; enable = if (host == "NxXPS" || host == "NxNORTH") then true else false;
prime = if (host == "NxXPS") then true else false; prime = if (host == "NxXPS") then true else false;
}; };
in { inherit inputs system user host pkgs-unstable pkgs-latest rice secrets nvidia; }; in { inherit inputs system user host domain pkgs-unstable pkgs-latest rice secrets nvidia; };
}; };
in { in {
"${user}@NxXPS" = make-home-configuration "NxXPS" user; "${user}@NxXPS" = make-home-configuration "NxXPS" user;
"${user}@NxNORTH" = make-home-configuration "NxNORTH" user; "${user}@NxNORTH" = make-home-configuration "NxNORTH" user;
"${user}@NxACE" = make-home-configuration "NxACE" user; "${user}@NxACE" = make-home-configuration "NxACE" user;
"tv@NxACE" = make-home-configuration "NxACE" "tv";
}; };
}; };
} }

12
home-modules/bash.nix
View File

@@ -1,9 +1,5 @@
{ pkgs, lib, user, ... }: { ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [
bash
];
programs.bash = { programs.bash = {
enable = true; enable = true;
shellAliases = { shellAliases = {
@@ -19,11 +15,5 @@ lib.mkIf (user != "tv")
"checkjobs" "checkjobs"
]; ];
enableCompletion = false; enableCompletion = false;
# initExtra = ''
# if [[ $- == *i* ]] # if interactive
# then
# eval "$(${pkgs.starship}/bin/starship init bash)"
# fi
# '';
}; };
} }

691
home-modules/chatterino.nix
View File

@@ -1,11 +1,15 @@
{ pkgs, lib, rice, user, secrets, ... }: { pkgs, lib, rice, user, secrets, ... }:
let let
channels = [ channels = [
"Caedrel"
"NoWay4u_Sir"
"zackrawrr"
"agurin" "agurin"
"asmongold" "asmongold"
"Broeki" "Broeki"
"Broxah" "Broxah"
"Caedrel" # "Caedrel"
"chrissyofficial" "chrissyofficial"
"EintrachtSpandau" "EintrachtSpandau"
"GamesDoneQuick" "GamesDoneQuick"
@@ -28,7 +32,7 @@ let
"maxim" "maxim"
"NASA" "NASA"
"NNOPrime" "NNOPrime"
"NoWay4u_Sir" # "NoWay4u_Sir"
"OfficialMikeShinoda" "OfficialMikeShinoda"
"ow_esports" "ow_esports"
"PrimeGaming" "PrimeGaming"
@@ -41,7 +45,7 @@ let
"Trick2g" "Trick2g"
"TSM_ImperialHal" "TSM_ImperialHal"
"Xisuma" "Xisuma"
"zackrawrr" # "zackrawrr"
]; ];
tabber = channel-name: { tabber = channel-name: {
highlightsEnabled = true; highlightsEnabled = true;
@@ -57,14 +61,11 @@ let
type = "split"; type = "split";
}; };
}; };
in in {
lib.mkIf (user != "tv") home = {
{ packages = with pkgs; [ chatterino2 ];
home.packages = with pkgs; [ file = {
chatterino2 ".local/share/chatterino/Settings/settings.json".text = with secrets.chatterino; ''
];
home.file.".local/share/chatterino/Settings/settings.json".text = with secrets.chatterino; ''
{ {
"accounts": { "accounts": {
"current": "${username}", "current": "${username}",
@@ -734,671 +735,7 @@ lib.mkIf (user != "tv")
} }
} }
''; '';
# home.file.".local/share/chatterino/Settings/settings.json".text = builtins.toJSON { ".local/share/chatterino/Settings/window-layout.json".text = builtins.toJSON {
# hotkeys = {
# addedDefaults = [
# "change channel"
# "close popup window"
# "create clip"
# "delete"
# "emote picker"
# "focus down"
# "focus left"
# "focus right"
# "focus up"
# "go to end of input"
# "go to end of input with selection"
# "go to start of input"
# "go to start of input with selection"
# "new popup window"
# "new popup window from tab"
# "new split"
# "new tab"
# "next message"
# "open debug popup"
# "open quick switcher"
# "open settings"
# "popup accept"
# "popup focus search box"
# "popup reject"
# "popup scroll down"
# "popup scroll up"
# "popup select last tab"
# "popup select next tab"
# "popup select previous tab"
# "popup select tab #1"
# "popup select tab #2"
# "popup select tab #3"
# "popup select tab #4"
# "popup select tab #5"
# "popup select tab #6"
# "popup select tab #7"
# "popup select tab #8"
# "previous message"
# "reconnect"
# "reload emotes"
# "remove tab"
# "reopen split"
# "scroll page down"
# "scroll page up"
# "scroll to bottom"
# "scroll to top"
# "select last tab"
# "select next tab"
# "select previous tab"
# "select tab #1"
# "select tab #2"
# "select tab #3"
# "select tab #4"
# "select tab #5"
# "select tab #6"
# "select tab #7"
# "select tab #8"
# "send message"
# "send message and keep text"
# "show global search"
# "show search"
# "toggle live tabs only"
# "toggle local r9k"
# "toggle tab visibility"
# "zoom in"
# "zoom out"
# "zoom reset"
# ];
# "close popup window" = {
# action = "delete";
# keySequence = "Esc";
# category = "popupWindow";
# arguments = [ ];
# };
# "popup accept" = {
# action = "accept";
# keySequence = "Return";
# category = "popupWindow";
# arguments = [ ];
# };
# "popup focus search box" = {
# action = "search";
# keySequence = "Ctrl+F";
# category = "popupWindow";
# arguments = [ ];
# };
# "popup reject" = {
# action = "reject";
# keySequence = "Esc";
# category = "popupWindow";
# arguments = [ ];
# };
# "popup scroll down" = {
# action = "scrollPage";
# keySequence = "PgDown";
# category = "popupWindow";
# arguments = [
# "down"
# ];
# };
# "popup scroll up" = {
# action = "scrollPage";
# keySequence = "PgUp";
# category = "popupWindow";
# arguments = [
# "up"
# ];
# };
# "popup select last tab" = {
# action = "openTab";
# keySequence = "Ctrl+9";
# category = "popupWindow";
# arguments = [
# "last"
# ];
# };
# "popup select next tab" = {
# action = "openTab";
# keySequence = "Ctrl+Tab";
# category = "popupWindow";
# arguments = [
# "next"
# ];
# };
# "popup select previous tab" = {
# action = "openTab";
# keySequence = "Ctrl+Shift+Tab";
# category = "popupWindow";
# arguments = [
# "previous"
# ];
# };
# "popup select tab #1" = {
# action = "openTab";
# keySequence = "Ctrl+1";
# category = "popupWindow";
# arguments = [
# "0"
# ];
# };
# "popup select tab #2" = {
# action = "openTab";
# keySequence = "Ctrl+2";
# category = "popupWindow";
# arguments = [
# "1"
# ];
# };
# "popup select tab #3" = {
# action = "openTab";
# keySequence = "Ctrl+3";
# category = "popupWindow";
# arguments = [
# "2"
# ];
# };
# "popup select tab #4" = {
# action = "openTab";
# keySequence = "Ctrl+4";
# category = "popupWindow";
# arguments = [
# "3"
# ];
# };
# "popup select tab #5" = {
# action = "openTab";
# keySequence = "Ctrl+5";
# category = "popupWindow";
# arguments = [
# "4"
# ];
# };
# "popup select tab #6" = {
# action = "openTab";
# keySequence = "Ctrl+6";
# category = "popupWindow";
# arguments = [
# "5"
# ];
# };
# "popup select tab #7" = {
# action = "openTab";
# keySequence = "Ctrl+7";
# category = "popupWindow";
# arguments = [
# "6"
# ];
# };
# "popup select tab #8" = {
# action = "openTab";
# keySequence = "Ctrl+8";
# category = "popupWindow";
# arguments = [
# "7"
# ];
# };
# "change channel" = {
# action = "changeChannel";
# keySequence = "Ctrl+R";
# category = "split";
# arguments = [ ];
# };
# "create clip" = {
# action = "createClip";
# keySequence = "Alt+X";
# category = "split";
# arguments = [ ];
# };
# delete = {
# action = "delete";
# keySequence = "Ctrl+W";
# category = "split";
# arguments = [ ];
# };
# "focus down" = {
# action = "focus";
# keySequence = "Alt+Down";
# category = "split";
# arguments = [
# "down"
# ];
# };
# "focus left" = {
# action = "focus";
# keySequence = "Alt+Left";
# category = "split";
# arguments = [
# "left"
# ];
# };
# "focus right" = {
# action = "focus";
# keySequence = "Alt+Right";
# category = "split";
# arguments = [
# "right"
# ];
# };
# "focus up" = {
# action = "focus";
# keySequence = "Alt+Up";
# category = "split";
# arguments = [
# "up"
# ];
# };
# "open debug popup" = {
# action = "debug";
# keySequence = "F10";
# category = "split";
# arguments = [ ];
# };
# reconnect = {
# action = "reconnect";
# keySequence = "Ctrl+F5";
# category = "split";
# arguments = [ ];
# };
# "reload emotes" = {
# action = "reloadEmotes";
# keySequence = "F5";
# category = "split";
# arguments = [ ];
# };
# "scroll page down" = {
# action = "scrollPage";
# keySequence = "PgDown";
# category = "split";
# arguments = [
# "down"
# ];
# };
# "scroll page up" = {
# action = "scrollPage";
# keySequence = "PgUp";
# category = "split";
# arguments = [
# "up"
# ];
# };
# "scroll to bottom" = {
# action = "scrollToBottom";
# keySequence = "Ctrl+End";
# category = "split";
# arguments = [ ];
# };
# "scroll to top" = {
# action = "scrollToTop";
# keySequence = "Ctrl+Home";
# category = "split";
# arguments = [ ];
# };
# "show global search" = {
# action = "showGlobalSearch";
# keySequence = "Ctrl+Shift+F";
# category = "split";
# arguments = [ ];
# };
# "show search" = {
# action = "showSearch";
# keySequence = "Ctrl+F";
# category = "split";
# arguments = [ ];
# };
# "emote picker" = {
# action = "openEmotesPopup";
# keySequence = "Ctrl+E";
# category = "splitInput";
# arguments = [ ];
# };
# "go to end of input" = {
# action = "cursorToEnd";
# keySequence = "End";
# category = "splitInput";
# arguments = [
# "withoutSelection"
# ];
# };
# "go to end of input with selection" = {
# action = "cursorToEnd";
# keySequence = "Shift+End";
# category = "splitInput";
# arguments = [
# "withSelection"
# ];
# };
# "go to start of input" = {
# action = "cursorToStart";
# keySequence = "Home";
# category = "splitInput";
# arguments = [
# "withoutSelection"
# ];
# };
# "go to start of input with selection" = {
# action = "cursorToStart";
# keySequence = "Shift+Home";
# category = "splitInput";
# arguments = [
# "withSelection"
# ];
# };
# "next message" = {
# action = "nextMessage";
# keySequence = "Down";
# category = "splitInput";
# arguments = [ ];
# };
# "previous message" = {
# action = "previousMessage";
# keySequence = "Up";
# category = "splitInput";
# arguments = [ ];
# };
# "send message" = {
# action = "sendMessage";
# keySequence = "Return";
# category = "splitInput";
# arguments = [ ];
# };
# "send message and keep text" = {
# action = "sendMessage";
# keySequence = "Ctrl+Return";
# category = "splitInput";
# arguments = [
# "keepInput"
# ];
# };
# "new popup window" = {
# action = "popup";
# keySequence = "Ctrl+N";
# category = "window";
# arguments = [
# "split"
# ];
# };
# "new popup window from tab" = {
# action = "popup";
# keySequence = "Ctrl+Shift+N";
# category = "window";
# arguments = [
# "window"
# ];
# };
# "new split" = {
# action = "newSplit";
# keySequence = "Ctrl+T";
# category = "window";
# arguments = [ ];
# };
# "new tab" = {
# action = "newTab";
# keySequence = "Ctrl+Shift+T";
# category = "window";
# arguments = [ ];
# };
# "open quick switcher" = {
# action = "openQuickSwitcher";
# keySequence = "Ctrl+K";
# category = "window";
# arguments = [ ];
# };
# "open settings" = {
# action = "openSettings";
# keySequence = "Ctrl+P";
# category = "window";
# arguments = [ ];
# };
# "remove tab" = {
# action = "removeTab";
# keySequence = "Ctrl+Shift+W";
# category = "window";
# arguments = [ ];
# };
# "reopen split" = {
# action = "reopenSplit";
# keySequence = "Ctrl+G";
# category = "window";
# arguments = [ ];
# };
# "select last tab" = {
# action = "openTab";
# keySequence = "Ctrl+9";
# category = "window";
# arguments = [
# "last"
# ];
# };
# "select next tab" = {
# action = "openTab";
# keySequence = "Ctrl+Tab";
# category = "window";
# arguments = [
# "next"
# ];
# };
# "select previous tab" = {
# action = "openTab";
# keySequence = "Ctrl+Shift+Tab";
# category = "window";
# arguments = [
# "previous"
# ];
# };
# "select tab #1" = {
# action = "openTab";
# keySequence = "Ctrl+1";
# category = "window";
# arguments = [
# "0"
# ];
# };
# "select tab #2" = {
# action = "openTab";
# keySequence = "Ctrl+2";
# category = "window";
# arguments = [
# "1"
# ];
# };
# "select tab #3" = {
# action = "openTab";
# keySequence = "Ctrl+3";
# category = "window";
# arguments = [
# "2"
# ];
# };
# "select tab #4" = {
# action = "openTab";
# keySequence = "Ctrl+4";
# category = "window";
# arguments = [
# "3"
# ];
# };
# "select tab #5" = {
# action = "openTab";
# keySequence = "Ctrl+5";
# category = "window";
# arguments = [
# "4"
# ];
# };
# "select tab #6" = {
# action = "openTab";
# keySequence = "Ctrl+6";
# category = "window";
# arguments = [
# "5"
# ];
# };
# "select tab #7" = {
# action = "openTab";
# keySequence = "Ctrl+7";
# category = "window";
# arguments = [
# "6"
# ];
# };
# "select tab #8" = {
# action = "openTab";
# keySequence = "Ctrl+8";
# category = "window";
# arguments = [
# "7"
# ];
# };
# "toggle live tabs only" = {
# action = "setTabVisibility";
# keySequence = "Ctrl+Shift+L";
# category = "window";
# arguments = [
# "toggleLiveOnly"
# ];
# };
# "toggle local r9k" = {
# action = "toggleLocalR9K";
# keySequence = "Ctrl+H";
# category = "window";
# arguments = [ ];
# };
# "toggle tab visibility" = {
# action = "setTabVisibility";
# keySequence = "Ctrl+U";
# category = "window";
# arguments = [
# "toggle"
# ];
# };
# "zoom in" = {
# action = "zoom";
# keySequence = "Ctrl++";
# category = "window";
# arguments = [
# "in"
# ];
# };
# "zoom out" = {
# action = "zoom";
# keySequence = "Ctrl+-";
# category = "window";
# arguments = [
# "out"
# ];
# };
# "zoom reset" = {
# action = "zoom";
# keySequence = "Ctrl+0";
# category = "window";
# arguments = [
# "reset"
# ];
# };
# };
# misc = {
# currentVersion = "2.5.1";
# lockNotebookLayout = false;
# };
# ui = {
# lastSelectChannelTab = 0;
# lastSelectIrcConn = -1;
# };
# appearance = {
# theme = {
# name = "Black";
# };
# tabVisibility = 1;
# smoothScrollingNewMessages = true;o
# currentFontFamily = rice.font.base.name;
# messages = {
# alternateMessageBackground = true;
# showTimestamps = false;
# timestampFormat = "h =mm";
# separateMessages = true;
# lastMessagePattern = 10;
# lastMessageColor = "#ff7f0002";
# usernameDisplayMode = 1;
# };
# currentFontSize = 12;
# splitheader = {
# showUptime = true;
# showViewerCount = true;
# showGame = true;
# showTitle = true;
# };
# boldScale = 63.0;
# };
# accounts = secrets.chatterino.accounts;
# behaviour = {
# pauseOnHoverDuration = 5.0;
# usernameRightClickBehavior = 0;
# usernameRightClickBehaviorWithModifier = 1;
# showJoins = false;
# };
# highlighting = {
# selfMessageHighlight = {
# enabled = true;
# color = "#73008cff";
# };
# badges = [
# {
# name = "broadcaster";
# displayName = "Broadcaster";
# showInMentions = false;
# alert = false;
# sound = false;
# soundUrl = "";
# color = "#7f7f3f49";
# }
# {
# name = "admin";
# displayName = "Admin";
# showInMentions = false;
# alert = false;
# sound = false;
# soundUrl = "";
# color = "#7f7f3f49";
# }
# {
# name = "staff";
# displayName = "Staff";
# showInMentions = false;
# alert = false;
# sound = false;
# soundUrl = "";
# color = "#7f7f3f49";
# }
# {
# name = "moderator";
# displayName = "Moderator";
# showInMentions = false;
# alert = false;
# sound = false;
# soundUrl = "";
# }
# {
# name = "vip";
# displayName = "VIP";
# showInMentions = false;
# alert = false;
# sound = false;
# soundUrl = "";
# color = "#7f7f3578";
# }
# ];
# };
# emotes = {
# removeSpacesBetweenEmotes = false;
# showUnlistedSevenTVEmotes = true;
# };
# similarity = {
# similarityEnabled = false;
# hideSimilar = false;
# hideSimilarMaxDelay = 30;
# hideSimilarMaxMessagesToCheck = 5;
# };
# };
home.file.".local/share/chatterino/Settings/window-layout.json".text = builtins.toJSON {
windows = [ windows = [
{ {
emotePopup = { emotePopup = {
@@ -1415,4 +752,6 @@ lib.mkIf (user != "tv")
} }
]; ];
}; };
};
};
} }

1
home-modules/direnv.nix
View File

@@ -1,5 +1,4 @@
{ lib, user, ... }: { lib, user, ... }:
lib.mkIf (user != "tv")
{ {
programs = { programs = {
direnv = { direnv = {

1
home-modules/fish.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, lib, rice, user, ... }: { pkgs, lib, rice, user, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
fish fish

270
home-modules/foot.nix
View File

@@ -1,270 +0,0 @@
{ config, pkgs, rice, lib, user, ... }:
lib.mkIf (user != "tv")
{
home.packages = with pkgs; [
foot
];
programs.foot = {
enable = true;
# background = rice.color.background;
# foreground = rice.color.foreground;
# cursor = rice.color.foreground;
# color0 = rice.color.black.base;
# color8 = rice.color.black.bright;
# color1 = rice.color.red.base;
# color9 = rice.color.red.bright;
# color2 = rice.color.green.base;
# color10 = rice.color.green.bright;
# color3 = rice.color.yellow.base;
# color11 = rice.color.yellow.bright;
# color4 = rice.color.blue.base;
# color12 = rice.color.blue.bright;
# color5 = rice.color.magenta.base;
# color13 = rice.color.magenta.bright;
# color6 = rice.color.cyan.base;
# color14 = rice.color.cyan.bright;
# color7 = rice.color.white.base;
# color15 = rice.color.white.bright;
# background_opacity = builtins.toString rice.transparency;
# window_padding_width = 5;
# remember_window_size = false;
# settings = {
# main = {
# shell = ''$SHELL (if set, otherwise user's default shell from /etc/passwd)'';
# term = ''foot (or xterm-256color if built with -Dterminfo=disabled)'';
# login-shell = ''no'';
# # app-id = ''foot'';
# title = ''foot'';
# locked-title = ''no'';
# font = ''${rice.font.code.name}:size=8'';
# font-size-adjustment = ''0.5'';
# line-height = "<font metrics>";
# letter-spacing = ''0'';
# horizontal-letter-offset = ''0'';
# vertical-letter-offset = ''0'';
# underline-offset = "<font metrics>";
# underline-thickness = "<font underline thickness>";
# # box-drawings-uses-font-glyphs = "no";
# # dpi-aware = ''no'';
# # initial-window-size-pixels = ''700x500'';
# # initial-window-size-chars = "<COLSxROWS>";
# # initial-window-mode = ''windowed'';
# pad = ''5x5'';
# resize-by-cells = ''yes'';
# resize-keep-grid = ''yes'';
# resize-delay-ms = ''100'';
# # bold-text-in-bright = false;
# word-delimiters = '',│`|:"'()[]{}<>'';
# selection-target = ''primary'';
# workers = "<number of logical CPUs>";
# utmp-helper = ''/usr/lib/utempter/utempter'';
# # environment = {
# # name = ''value'';
# # };
# };
# bell = {
# urgent = ''no'';
# notify = ''no'';
# visual = ''no'';
# command = '''';
# command-focused = ''no'';
# };
# desktop-notifications = {
# command = ''notify-send --wait --app-name ''${app-id} --icon ''${app-id} --category ''${category} --urgency ''${urgency} --expire-time ''${expire-time} --hint STRING:image-path:''${icon} --hint BOOLEAN:suppress-sound:''${muted} --hint STRING:sound-name:''${sound-name} --replace-id ''${replace-id} ''${action-argument} --print-id -- ''${title} ''${body}'';
# command-action-argument = ''--action ''${action-name}=''${action-label}'';
# close = ''""'';
# inhibit-when-focused = ''yes'';
# };
# scrollback = {
# lines = ''1000'';
# multiplier = ''3.0'';
# indicator-position = ''relative'';
# indicator-format = ''""'';
# };
# url = {
# launch = ''xdg-open ''${url}'';
# label-letters = ''sadfjklewcmpgh'';
# osc8-underline = ''url-mode'';
# protocols = ''http, https, ftp, ftps, file, gemini, gopher'';
# uri-characters = ''abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.,~:;/?#@!$&%*+="'()[]'';
# };
# cursor = {
# style = ''block'';
# color = "<inverse foreground/background>";
# blink = ''no'';
# blink-rate = ''500'';
# beam-thickness = ''1.5'';
# underline-thickness = "<font underline thickness>";
# };
# mouse = {
# hide-when-typing = ''no'';
# alternate-scroll-mode = ''yes'';
# };
# touch = {
# long-press-delay = ''400'';
# };
# colors = {
# alpha = ''1.0'';
# background = ''242424'';
# foreground = ''ffffff'';
# flash = ''7f7f00'';
# flash-alpha = ''0.5'';
# # Normal/regular colors (color palette 0-7)
# regular0 = ''242424'';
# regular1 = ''f62b5a'';
# regular2 = ''47b413'';
# regular3 = ''e3c401'';
# regular4 = ''24acd4'';
# regular5 = ''f2affd'';
# regular6 = ''13c299'';
# regular7 = ''e6e6e6'';
# # Bright colors (color palette 8-15)
# bright0 = ''616161'';
# bright1 = ''ff4d51'';
# bright2 = ''35d450'';
# bright3 = ''e9e836'';
# bright4 = ''5dc5f8'';
# bright5 = ''feabf2'';
# bright6 = ''24dfc4'';
# bright7 = ''ffffff'';
# # dimmed colors (see foot.ini(5) man page)
# # dim0 = "<not set>";
# # ...
# # dim7 = "<not-set>";
# # The remaining 256-color palette
# # 16 = <256-color palette #16>
# # ...
# # 255 = <256-color palette #255>
# # Misc colors
# selection-foreground = "<inverse foreground/background>";
# selection-background = "<inverse foreground/background>";
# jump-labels = "<regular0> <regular3>";
# scrollback-indicator = "<regular0> <bright4>";
# search-box-no-match = "<regular0> <regular1>";
# search-box-match = "<regular0> <regular3>";
# urls = "<regular3>";
# };
# csd = {
# preferred = ''server'';
# size = ''26'';
# font = "<primary font>";
# color = "<foreground color>";
# hide-when-maximized = ''no'';
# double-click-to-maximize = ''yes'';
# border-width = ''0'';
# border-color = "<csd.color>";
# button-width = ''26'';
# button-color = "<background color>";
# button-minimize-color = "<regular4>";
# button-maximize-color = "<regular2>";
# button-close-color = "<regular1>";
# };
# key-bindings = {
# scrollback-up-page = ''Shift+Page_Up'';
# scrollback-up-half-page = ''none'';
# scrollback-up-line = ''none'';
# scrollback-down-page = ''Shift+Page_Down'';
# scrollback-down-half-page = ''none'';
# scrollback-down-line = ''none'';
# scrollback-home = ''none'';
# scrollback-end = ''none'';
# clipboard-copy = ''Control+Shift+c XF86Copy'';
# clipboard-paste = ''Control+Shift+v XF86Paste'';
# primary-paste = ''Shift+Insert'';
# search-start = ''Control+Shift+r'';
# font-increase = ''Control+plus Control+equal Control+KP_Add'';
# font-decrease = ''Control+minus Control+KP_Subtract'';
# font-reset = ''Control+0 Control+KP_0'';
# spawn-terminal = ''Control+Shift+n'';
# minimize = ''none'';
# maximize = ''none'';
# fullscreen = ''none'';
# pipe-visible = ''[sh -c "xurls | fuzzel | xargs -r firefox"] none'';
# pipe-scrollback = ''[sh -c "xurls | fuzzel | xargs -r firefox"] none'';
# pipe-selected = ''[xargs -r firefox] none'';
# pipe-command-output = ''[wl-copy] none'';
# show-urls-launch = ''Control+Shift+o'';
# show-urls-copy = ''none'';
# show-urls-persistent = ''none'';
# prompt-prev = ''Control+Shift+z'';
# prompt-next = ''Control+Shift+x'';
# unicode-input = ''Control+Shift+u'';
# noop = ''none'';
# };
# search-bindings = {
# cancel = ''Control+g Control+c Escape'';
# commit = ''Return'';
# find-prev = ''Control+r'';
# find-next = ''Control+s'';
# cursor-left = ''Left Control+b'';
# cursor-left-word = ''Control+Left Mod1+b'';
# cursor-right = ''Right Control+f'';
# cursor-right-word = ''Control+Right Mod1+f'';
# cursor-home = ''Home Control+a'';
# cursor-end = ''End Control+e'';
# delete-prev = ''BackSpace'';
# delete-prev-word = ''Mod1+BackSpace Control+BackSpace'';
# delete-next = ''Delete'';
# delete-next-word = ''Mod1+d Control+Delete'';
# extend-char = ''Shift+Right'';
# extend-to-word-boundary = ''Control+w Control+Shift+Right'';
# extend-to-next-whitespace = ''Control+Shift+w'';
# extend-line-down = ''Shift+Down'';
# extend-backward-char = ''Shift+Left'';
# extend-backward-to-word-boundary = ''Control+Shift+Left'';
# extend-backward-to-next-whitespace = ''none'';
# extend-line-up = ''Shift+Up'';
# clipboard-paste = ''Control+v Control+Shift+v Control+y XF86Paste'';
# primary-paste = ''Shift+Insert'';
# unicode-input = ''none'';
# quit = ''none'';
# scrollback-up-page = ''Shift+Page_Up'';
# scrollback-up-half-page = ''none'';
# scrollback-up-line = ''none'';
# scrollback-down-page = ''Shift+Page_Down'';
# scrollback-down-half-page = ''none'';
# scrollback-down-line = ''none'';
# scrollback-home = ''none'';
# scrollback-end = ''none'';
# };
# url-bindings = {
# cancel = ''Control+g Control+c Control+d Escape'';
# toggle-url-visible = ''t'';
# };
# text-bindings = {
# "\x03" = ''Mod4+c'';
# };
# mouse-bindings = {
# scrollback-up-mouse = ''BTN_WHEEL_BACK'';
# scrollback-down-mouse = ''BTN_WHEEL_FORWARD'';
# font-increase = ''Control+BTN_WHEEL_BACK'';
# font-decrease = ''Control+BTN_WHEEL_FORWARD'';
# selection-override-modifiers = ''Shift'';
# primary-paste = ''BTN_MIDDLE'';
# select-begin = ''BTN_LEFT'';
# select-begin-block = ''Control+BTN_LEFT'';
# select-extend = ''BTN_RIGHT'';
# select-extend-character-wise = ''Control+BTN_RIGHT'';
# select-word = ''BTN_LEFT-2'';
# select-word-whitespace = ''Control+BTN_LEFT-2'';
# select-quote = ''BTN_LEFT-3'';
# select-row = ''BTN_LEFT-4'';
# # vim: ft = ''dosini'';
# };
# };
};
}

7
home-modules/git.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, lib, user, rice, ... }: { pkgs, rice, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
git git
@@ -11,9 +10,7 @@ lib.mkIf (user != "tv")
# List of directories to check # List of directories to check
directories=( directories=(
"$HOME/nix-dots" "$HOME/nix-dots"
"$HOME/shared/nx-obsidian-vault" "$HOME/obsidian-vault"
"$HOME/shared/HSMW/Praxis/BCAM/bolt-llmserver"
"$HOME/shared/HSMW/Praxis/BCAM/bcam-tools"
"$HOME/Pictures/wallpapers" "$HOME/Pictures/wallpapers"
) )
echo "" echo ""

2
home-modules/gpg.nix
View File

@@ -21,7 +21,7 @@
enableFishIntegration = true; enableFishIntegration = true;
defaultCacheTtlSsh = min2sec 60; defaultCacheTtlSsh = min2sec 60;
defaultCacheTtl = min2sec 30; defaultCacheTtl = min2sec 30;
# pinentryPackage = pkgs.pinentry-gtk2; # pinentryPackage = pkgs.pinentry-curses;
}; };
home.file.".gnupg/gpg.conf".text = '' home.file.".gnupg/gpg.conf".text = ''

7
home-modules/gtk.nix
View File

@@ -1,5 +1,4 @@
{ config, pkgs, lib, rice, user, ... }: { config, pkgs, lib, rice, user, ... }: let
let
# theme-name = "Colloid-Pink-Dark-Compact"; # theme-name = "Colloid-Pink-Dark-Compact";
# theme-package = pkgs.colloid-gtk-theme.override { # theme-package = pkgs.colloid-gtk-theme.override {
# themeVariants = [ "pink" ]; # themeVariants = [ "pink" ];
@@ -14,9 +13,7 @@ let
tweaks = [ "rimless" "black" ]; tweaks = [ "rimless" "black" ];
variant = "macchiato"; variant = "macchiato";
}; };
in in {
lib.mkIf (user != "tv")
{
home.packages = with pkgs; [ home.packages = with pkgs; [
# gnome.gnome-themes-extra # gnome.gnome-themes-extra
# gnome.adwaita-icon-theme # gnome.adwaita-icon-theme

12
home-modules/hyprland-autoname-workspaces.nix
View File

@@ -1,11 +1,8 @@
{ pkgs, lib, user, ... }: { pkgs, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = [ home = {
pkgs.hyprland-autoname-workspaces packages = with pkgs; [ hyprland-autoname-workspaces ];
]; file.".config/hyprland-autoname-workspaces/config.toml".text = ''
home.file.".config/hyprland-autoname-workspaces/config.toml".text = ''
version = "1.1.14" version = "1.1.14"
[class] [class]
@@ -106,4 +103,5 @@ lib.mkIf (user != "tv")
client_dup_active = "*{icon}*{delim}{icon}{counter_unfocused_sup}" client_dup_active = "*{icon}*{delim}{icon}{counter_unfocused_sup}"
client_dup_fullscreen = "[{icon}]{delim}{icon}{counter_unfocused_sup}" client_dup_fullscreen = "[{icon}]{delim}{icon}{counter_unfocused_sup}"
''; '';
};
} }

4
home-modules/hyprland.nix
View File

@@ -46,9 +46,7 @@ let
}; };
}; };
}; };
in in {
lib.mkIf (user != "tv")
{
home.packages = (with pkgs; [ home.packages = (with pkgs; [
# hyprland itself is a system package # hyprland itself is a system package
hyprland-protocols hyprland-protocols

47
home-modules/kitty.nix
View File

@@ -1,36 +1,31 @@
{ config, pkgs, rice, lib, user, ... }: { rice, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [
kitty
];
programs.kitty = { programs.kitty = {
enable = true; enable = true;
font = { font = {
name = rice.font.code.name2; name = rice.font.code.name2;
package = rice.font.code.package; package = rice.font.code.package;
}; };
settings = { settings = with rice.color; {
background = rice.color.background; background = background;
foreground = rice.color.foreground; foreground = foreground;
cursor = rice.color.foreground; cursor = foreground;
color0 = rice.color.black.base; color0 = black.base;
color8 = rice.color.black.bright; color8 = black.bright;
color1 = rice.color.red.base; color1 = red.base;
color9 = rice.color.red.bright; color9 = red.bright;
color2 = rice.color.green.base; color2 = green.base;
color10 = rice.color.green.bright; color10 = green.bright;
color3 = rice.color.yellow.base; color3 = yellow.base;
color11 = rice.color.yellow.bright; color11 = yellow.bright;
color4 = rice.color.blue.base; color4 = blue.base;
color12 = rice.color.blue.bright; color12 = blue.bright;
color5 = rice.color.magenta.base; color5 = magenta.base;
color13 = rice.color.magenta.bright; color13 = magenta.bright;
color6 = rice.color.cyan.base; color6 = cyan.base;
color14 = rice.color.cyan.bright; color14 = cyan.bright;
color7 = rice.color.white.base; color7 = white.base;
color15 = rice.color.white.bright; color15 = white.bright;
background_opacity = builtins.toString rice.transparency; background_opacity = builtins.toString rice.transparency;
window_padding_width = 5; window_padding_width = 5;
remember_window_size = false; remember_window_size = false;

8
home-modules/mako.nix
View File

@@ -1,10 +1,6 @@
{ pkgs, rice, lib, user, ... }: { pkgs, rice, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = [ home.packages = with pkgs; [ libnotify ];
pkgs.mako
pkgs.libnotify
];
services.mako = with rice; { services.mako = with rice; {
enable = true; enable = true;
defaultTimeout = 5000; # in ms defaultTimeout = 5000; # in ms

9
home-modules/nx-gcal-event.nix
View File

@@ -1,9 +1,6 @@
{ config, pkgs, secrets, lib, user, ... }: { config, pkgs, secrets, ... }: let
let
sep = " "; sep = " ";
in in {
lib.mkIf (user != "tv")
{
home = { home = {
file."${config.xdg.dataHome}/nx-gcal-event-credentials.json".text = '' file."${config.xdg.dataHome}/nx-gcal-event-credentials.json".text = ''
{ {
@@ -26,7 +23,7 @@ lib.mkIf (user != "tv")
# (pkgs.python311.withPackages (python-pkgs: [ # (pkgs.python311.withPackages (python-pkgs: [
# python-pkgs.google # python-pkgs.google
# ])) # ]))
(writeScriptBin "nx_gcal_event" '' (writeScriptBin "nx_gcal_event" /* python */ ''
#!${pkgs.python3}/bin/python3 #!${pkgs.python3}/bin/python3
import datetime import datetime
import os import os

99
home-modules/nx2site.nix Normal file
View File

@@ -0,0 +1,99 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
(writeShellApplication {
name = "nxmd";
text = let
ascii_size = (pkgs.writers.writePython3Bin "ascii_size" {
# libraries = with pkgs.python311Packages; [ ];
flakeIgnore = [];
} /* python */ ''
from sys import argv
with open(argv[1], "r", encoding='utf-8') as f:
raw = f.read()
sraw = raw.split("\n")
linestart = 0
lineend = 0
started = False
for linenum in range(len(sraw)):
if sraw[linenum].strip() == "```ascii":
linestart = linenum
started = True
if started and sraw[linenum].strip() == "```":
lineend = linenum
break
maxwidth = 0
for linenum in range(linestart, lineend):
linewidth = len(sraw[linenum])
if linewidth > maxwidth:
maxwidth = linewidth
print(f"Maximum length of the `ascii` code clock is {maxwidth} characters.")
px = (1 / maxwidth) * 1500
vw = (1 / maxwidth) * 150
snew = sraw
snew[3] = "aaw: " + str(round(vw, 2))
snew[4] = "aawm: " + str(round(px, 2))
new = "\n".join(snew)
with open(argv[1], "w", encoding='utf-8') as f:
f.write(new)
print(f"The resulting font sizes are {px}px (aawm) and {vw}vw (aam).")
print(f"You can now use the push operation on {argv[1]}.")
''
);
in /* bash */ ''
ord=$(date +"%e" | awk '{printf("%d%s\n", $1, ($1==11||$1==12||$1==13)?"th":((($1%10)==1)?"st":((($1%10)==2)?"nd":((($1%10)==3)?"rd":"th"))))}')
nxdate="$(date +'%A the ')"
nxdate="$nxdate""$ord"
nxdate="$nxdate""$(date +' of %B %Y')"
if [[ $# -eq 0 ]]; then
echo "Error: No arguments provided."
echo "Usage: $0 push <markdown-file>"
exit 1
fi
if [[ "$1" == "push" ]]; then
if [[ ! "$2" =~ \.md$ ]]; then
echo "Error: Second argument must be a markdown (.md) file"
echo "Usage: $0 push <markdown-file>"
exit 1
fi
pandoc \
"$2" \
--highlight-style=breezeDark \
--standalone \
--mathjax \
--ascii \
--template /var/nginx/assets/template.html \
--metadata pdate="$nxdate" \
--verbose --from markdown-markdown_in_html_blocks+raw_html \
-o /var/nginx/webroot/"$(basename "$2" .md )".html
echo pushed "$2"
elif [[ "$1" == "ascii-size" ]]; then
if [[ ! "$2" =~ \.md$ ]]; then
echo "Error: Second argument must be a markdown (.md) file"
echo "Usage: $0 ascii-size <markdown-file>"
exit 1
fi
${ascii_size}/bin/ascii_size "$2"
else
echo "Error: First argument must be 'push'"
echo "Usage: $0 push <markdown-file>"
exit 1
fi
'';
})
];
}

1
home-modules/office.nix
View File

@@ -1,5 +1,4 @@
{ config, pkgs, lib, user, ... }: { config, pkgs, lib, user, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
libreoffice libreoffice

15
home-modules/programming/python.nix
View File

@@ -1,5 +1,6 @@
{ config, pkgs, lib, user, ... }: { pkgs, ... }:
let {
home = let
python-with-packages = pkgs.python3.withPackages (pp: with pp; [ python-with-packages = pkgs.python3.withPackages (pp: with pp; [
ipython ipython
pipdeptree pipdeptree
@@ -8,14 +9,12 @@ let
debugpy debugpy
black black
]); ]);
in in {
lib.mkIf (user != "tv") packages = [
{
home.packages = [
python-with-packages python-with-packages
]; ];
sessionVariables = {
home.sessionVariables = {
PYTHONPATH = "${python-with-packages}/${python-with-packages.sitePackages}"; PYTHONPATH = "${python-with-packages}/${python-with-packages.sitePackages}";
}; };
};
} }

1
home-modules/qt.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, lib, user, ... }: { pkgs, lib, user, ... }:
lib.mkIf (user != "tv")
{ {
qt = { qt = {
platformTheme = "gtk"; platformTheme = "gtk";

43
home-modules/rofi.nix
View File

@@ -1,13 +1,11 @@
{ pkgs, rice, lib, user, ... }: { pkgs, rice, ... }: {
let
trdr = "${rice.lib.float-to-drune rice.transparency}";
in
lib.mkIf (user != "tv")
{
home.packages = with pkgs; [ home.packages = with pkgs; [
rofi-wayland rofi-wayland
]; ];
home.file.".config/rofi/config.rasi".text = '' home.file = let
trdr = "${rice.lib.float-to-drune rice.transparency}";
in with rice.color; {
".config/rofi/config.rasi".text = ''
configuration { configuration {
show-icons: false; show-icons: false;
display-drun: ""; display-drun: "";
@@ -17,8 +15,8 @@ lib.mkIf (user != "tv")
* { * {
font: "${rice.font.code.name2} 12"; font: "${rice.font.code.name2} 12";
foreground: ${rice.color.foreground}; foreground: ${foreground};
background-color: ${rice.color.background}${trdr}; background-color: ${background}${trdr};
padding: 0px; padding: 0px;
margin: 0px; margin: 0px;
spacing: 0px; spacing: 0px;
@@ -26,10 +24,10 @@ lib.mkIf (user != "tv")
} }
#window { #window {
background-color: ${rice.color.background}${trdr}; background-color: ${background}${trdr};
border: ${builtins.toString rice.border-width}px; border: ${builtins.toString rice.border-width}px;
border-radius: ${builtins.toString rice.rounding}; border-radius: ${builtins.toString rice.rounding};
border-color: ${rice.color.border}; border-color: ${border};
} }
#mainbox { #mainbox {
border: 0; border: 0;
@@ -39,7 +37,7 @@ lib.mkIf (user != "tv")
border: 0px; border: 0px;
} }
#textbox { #textbox {
text-color: ${rice.color.foreground}; text-color: ${foreground};
} }
#listview { #listview {
fixed-height: 0; fixed-height: 0;
@@ -57,9 +55,9 @@ lib.mkIf (user != "tv")
border-radius: ${if rice.rounding > 0 then "2" else "0"}px; border-radius: ${if rice.rounding > 0 then "2" else "0"}px;
} }
#element.normal.normal { background-color: ${rice.color.background}${trdr}; text-color: ${rice.color.accent.base}; } #element.normal.normal { background-color: ${background}${trdr}; text-color: ${accent.base}; }
#element.selected.normal { background-color: ${rice.color.tertiary.base}${trdr}; text-color: ${rice.color.background}; } #element.selected.normal { background-color: ${tertiary.base}${trdr}; text-color: ${background}; }
#element.alternate.normal { background-color: ${rice.color.background}${trdr}; text-color: ${rice.color.secondary.base}; } #element.alternate.normal { background-color: ${background}${trdr}; text-color: ${secondary.base}; }
#scrollbar { #scrollbar {
@@ -72,12 +70,12 @@ lib.mkIf (user != "tv")
border: ${builtins.toString rice.border-width}px dash; border: ${builtins.toString rice.border-width}px dash;
} }
#button.selected { #button.selected {
text-color: ${rice.color.foreground}; text-color: ${foreground};
} }
#inputbar { #inputbar {
spacing: 0; spacing: 0;
text-color: ${rice.color.background}; text-color: ${background};
background-color: ${rice.color.accent.base}${trdr}; background-color: ${accent.base}${trdr};
padding: 0; padding: 0;
margine-bottom: 2px; margine-bottom: 2px;
children: [ prompt,textbox-prompt-colon,entry,case-indicator ]; children: [ prompt,textbox-prompt-colon,entry,case-indicator ];
@@ -85,23 +83,23 @@ lib.mkIf (user != "tv")
#prompt { #prompt {
spacing: 0; spacing: 0;
background-color: transparent; background-color: transparent;
text-color: ${rice.color.foreground}; text-color: ${foreground};
} }
#textbox-prompt-colon { #textbox-prompt-colon {
expand: false; expand: false;
str: ">"; str: ">";
margin: 0px 0.3em 0em 0em ; margin: 0px 0.3em 0em 0em ;
text-color: ${rice.color.background}; text-color: ${background};
background-color: transparent; background-color: transparent;
} }
#case-indicator { #case-indicator {
spacing: 0; spacing: 0;
text-color: ${rice.color.foreground}; text-color: ${foreground};
background-color: transparent; background-color: transparent;
} }
#entry { #entry {
spacing: 0; spacing: 0;
text-color: ${rice.color.background}; text-color: ${background};
background-color: transparent; background-color: transparent;
placeholder: ""; placeholder: "";
} }
@@ -111,4 +109,5 @@ lib.mkIf (user != "tv")
text-color: inherit; text-color: inherit;
} }
''; '';
};
} }

18
home-modules/ssh.nix
View File

@@ -1,15 +1,10 @@
{ pkgs, lib, user, ... }: { pkgs, domain, ... }:
lib.mkIf (user != "tv")
{ {
home = {
home.packages = with pkgs; [ packages = with pkgs; [ sshfs ];
sshfs file.".ssh/config".text = ''
];
home.file.".ssh/config".text = ''
HOST nxace HOST nxace
HostName ssh.nx2.site HostName ssh.${domain}
User nx2 User nx2
Port 50022 Port 50022
@@ -24,8 +19,9 @@ lib.mkIf (user != "tv")
Port 22 Port 22
HOST nxgit HOST nxgit
HostName ssh.nx2.site HostName ssh.${domain}
User git User git
Port 20022 Port 20022
''; '';
};
} }

7
home-modules/starship.nix
View File

@@ -1,10 +1,5 @@
{ pkgs, lib, user, rice, ... }: { lib, rice, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = [
pkgs.starship
];
programs.starship = { programs.starship = {
enable = true; enable = true;
# enableBashIntegration = true; # enableBashIntegration = true;

7
home-modules/vale.nix
View File

@@ -1,9 +1,6 @@
{ pkgs, lib, user, ... }: { pkgs, ... }: let
let
vws = pkgs.vale.withStyles (s: [ s.alex s.google ]); vws = pkgs.vale.withStyles (s: [ s.alex s.google ]);
in in {
lib.mkIf (user != "tv")
{
home = { home = {
packages = [ packages = [
vws vws

16
home-modules/waybar.nix
View File

@@ -1,9 +1,6 @@
{ lib, pkgs, user, rice, ... }: { lib, pkgs, user, rice, ... }: let
let
sep = " "; sep = " ";
in in {
lib.mkIf (user != "tv")
{
home.packages = home.packages =
let let
waybar_mode_script = /*bash*/ '' waybar_mode_script = /*bash*/ ''
@@ -100,10 +97,10 @@ lib.mkIf (user != "tv")
exec = "cclock"; exec = "cclock";
restart-interval = 60; restart-interval = 60;
}; };
"custom/ctimeremaining" = { # "custom/ctimeremaining" = {
exec = "nx_gcal_event lookup"; # exec = "nx_gcal_event lookup";
restart-interval = 60; # restart-interval = 60;
}; # };
"custom/mode" = { "custom/mode" = {
exec = "cat /tmp/waybar-mode"; exec = "cat /tmp/waybar-mode";
interval = "once"; interval = "once";
@@ -184,7 +181,6 @@ lib.mkIf (user != "tv")
#clock, #clock,
#custom-cclock, #custom-cclock,
#custom-ctimeremaining,
#custom-mode, #custom-mode,
#battery, #battery,
#cpu, #cpu,

29
home-modules/wlogout.nix
View File

@@ -1,11 +1,9 @@
{ config, pkgs, lib, user, rice,... }: { pkgs, rice,... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home = {
wlogout packages = with pkgs; [ wlogout ];
]; file = {
".config/wlogout/style.css".text = /* css */ ''
home.file.".config/wlogout/style.css".text = ''
* { all: unset; } * { all: unset; }
window { window {
@@ -32,8 +30,7 @@ lib.mkIf (user != "tv")
color: ${rice.color.blue.base}; color: ${rice.color.blue.base};
} }
''; '';
".config/wlogout/layout".text = /* json */ ''
home.file.".config/wlogout/layout".text = ''
{ {
"label": "lock", "label": "lock",
"action": "hyprlock", "action": "hyprlock",
@@ -83,16 +80,6 @@ lib.mkIf (user != "tv")
"keybind": "h" "keybind": "h"
} }
''; '';
# lock { background-image: image(url("./lock.png")); } };
# lock:focus { background-image: image(url("./lock-hover.png")); } };
# logout { background-image: image(url("./logout.png")); }
# logout:focus { background-image: image(url("./logout-hover.png")); }
# suspend { background-image: image(url("./suspend.png")); }
# suspend:focus { background-image: image(url("./suspend-hover.png")); }
# shutdown { background-image: image(url("./power.png")); }
# shutdown:focus { background-image: image(url("./power-hover.png")); }
# reboot { background-image: image(url("./restart.png")); }
# reboot:focus { background-image: image(url("./restart-hover.png")); }
# hibernate { background-image: image(url("./hibernate.png")); }
# hibernate:hover { background-image: image(url("./hibernate-hover.png"));}
} }

3
home-modules/yazi.nix
View File

@@ -1,6 +1,5 @@
{ pkgs, lib, system, user, rice, inputs, ... }: { pkgs, system, rice, inputs, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
# yazi # yazi

3
home-modules/zoxide.nix
View File

@@ -1,5 +1,4 @@
{ config, pkgs, lib, user, ... }: { pkgs, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = [ home.packages = [
pkgs.zoxide pkgs.zoxide

3
home.nix
View File

@@ -28,7 +28,8 @@
./home-modules/nh.nix ./home-modules/nh.nix
./home-modules/nixd.nix ./home-modules/nixd.nix
./home-modules/nvidia.nix ./home-modules/nvidia.nix
./home-modules/nx-gcal-event.nix ./home-modules/nx2site.nix
# ./home-modules/nx-gcal-event.nix
./home-modules/obs.nix ./home-modules/obs.nix
./home-modules/office.nix ./home-modules/office.nix
./home-modules/ollama.nix ./home-modules/ollama.nix

16
sops-secrets.yaml
View File

File diff suppressed because one or more lines are too long

4
system-modules/boot.nix
View File

@@ -1,7 +1,7 @@
{ config, pkgs, pkgs-unstable, lib, host, inputs, ... }: { config, pkgs, pkgs-unstable, lib, host, domain, inputs, ... }:
let let
grub-theme-ascii-diana = (pkgs.fetchFromGitea { grub-theme-ascii-diana = (pkgs.fetchFromGitea {
domain = "git.nx2.site"; domain = "git.${domain}";
owner = "nx2"; owner = "nx2";
repo = "grub-theme-ascii-diana"; repo = "grub-theme-ascii-diana";
rev = "0.5.0"; rev = "0.5.0";

30
system-modules/dm.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, user, host, lib, ... }: { pkgs, user, ... }:
if (host != "NxACE") then
{ {
services.greetd = { services.greetd = {
enable = true; enable = true;
@@ -23,30 +22,3 @@ if (host != "NxACE") then
TTYVTDisallocate = true; TTYVTDisallocate = true;
}; };
} }
else
{
environment.systemPackages = with pkgs; [
sddm
# where-is-my-sddm-theme
];
services.xserver = {
displayManager = {
defaultSession = "hyprland";
sddm = {
enable = true;
# theme = "where_is_my_sddm_theme";
settings = {
theme = {
# background = /home/nx2/Pictures/
passwordFontSize = 12;
passwordInputCursorVisible = true;
};
};
};
autoLogin = lib.mkIf (host == "NxACE") {
enable = true;
user = "tv";
};
};
};
}

5
system-modules/docker.nix
View File

@@ -13,4 +13,9 @@
# }; # };
}; };
users.users."${user}".extraGroups = [ "docker" ]; users.users."${user}".extraGroups = [ "docker" ];
networking.firewall.allowedTCPPorts = [
80
443
8384
];
} }

6
system-modules/gitea.nix Normal file
View File

@@ -0,0 +1,6 @@
{ pkgs, ... }:
{
services.gitea = {
enable = true;
};
}

58
system-modules/networking.nix
View File

@@ -20,61 +20,5 @@
]; ];
}; };
networking.enableIPv6 = true;
# Eduroam
environment.etc = {
"ssl/certs/tuda-eduroam-root.crt".source = "${pkgs.cacert.unbundled}/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2:1.crt";
# this comment blow is just for people reading my config
# I use sops-nix to place the actual file there (read below).
# identity and password have been replaced with "<...>" in the comment
# There the "email" and the password from the IDM portal of the HRZ should go
# Notice the toda-eduroam-root.crt that I am using (specified above)
# The method im using means that the password for the network is accessable locally as root user
# an even more secure way is for example using something like this https://wiki.archlinux.org/title/NetworkManager#Encrypted_Wi-Fi_passwords
# "NetworkManager/system-connections/eduroam.nmconnection" = {
# text = ''
# [connection]
# id=eduroam
# uuid=09ce7f02-0c1d-4e11-9f69-e91031176d9d
# type=wifi
# permissions=user:nx2:;
# [wifi]
# mode=infrastructure
# ssid=eduroam
# [wifi-security]
# key-mgmt=wpa-eap
# [802-1x]
# anonymous-identity=eduroam@tu-darmstadt.de
# ca-cert=/etc/ssl/certs/tuda-eduroam-root.crt
# domain=radius.hrz.tu-darmstadt.de
# eap=peap;
# identity=<...>@tu-darmstadt.de
# password=<...>
# phase2-auth=mschapv2
# [ipv4]
# method=auto
# [ipv6]
# addr-gen-mode=stable-privacy
# ip6-privacy=2
# method=auto
# '';
# mode = "0600";
# };
};
sops.secrets = {
"eduroam/tuda_nmconnection" = {
mode = "0600";
owner = "root";
path = "/etc/NetworkManager/system-connections/eduroam.nmconnection";
};
};
} }

197
system-modules/nx2site.nix
View File

@@ -1,45 +1,47 @@
{ config, pkgs, lib, user, host, ... }: { config, pkgs, domain, secrets, ... }:
# lib.mkIf false
lib.mkIf (host == "NxACE")
# ((import ./nx2site/proxy.nix { inherit config pkgs lib user; }) //
(
{ {
sops.secrets = { sops.secrets = {
"nx2site/namecheap.pw" = { }; "nx2site/namecheap.pw" = { };
# "nx2site/cloudflare/api-token-dns-edit" = { };
"nx2site/cloudflare/global-api-key" = { };
}; };
systemd = { systemd = {
timers."namecheap-dynamic-dns" = { timers."dynamic-dns" = {
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
timerConfig = { timerConfig = {
OnBootSec = "2m"; OnBootSec = "2m";
OnUnitActiveSec = "10m"; OnUnitActiveSec = "10m";
Unit = "namecheap-dynamic-dns.service"; Unit = "dynamic-dns.service";
}; };
}; };
services."namecheap-dynamic-dns" = let services."dynamic-dns" = let
u = let u = let
domain = "nx2.site"; account_id = secrets.email.gmail-online.mail;
passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; zone_id = "33fecab36e060f49d492127345ea95a0";
# passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; record_id = {
log-file-path = "/var/log/update_namecheap.log"; base = "58d3412e8d88889d1a611b3669f0700f";
count-file-path = "/var/log/update_namecheap-count.txt"; sub = "fc861353142bc05d5dbad1799178e6a1";
in pkgs.writers.writePython3Bin "update_namecheap" { base6 = "d1b90e21d2d747dcb30448bd65312927";
sub6 = "b8082b7afe9e80971fc9f9dda16ec284";
};
passord-file-path = config.sops.secrets."nx2site/cloudflare/global-api-key".path;
log-file-path = "/var/log/couldflare.log";
count-file-path = "/var/log/cloudflare-count.txt";
in pkgs.writers.writePython3Bin "dyn_dns" {
libraries = with pkgs.python311Packages; [ requests ]; libraries = with pkgs.python311Packages; [ requests ];
flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" ]; flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" "E121" "E261" "E303"];
} '' } /* python */ ''
import requests import requests
import argparse import subprocess
import socket
from datetime import datetime from datetime import datetime
def get_public_ip(): return requests.get('https://ipinfo.io/ip').text.strip() def get_public_ip(ipv6=False):
return subprocess.run(['${pkgs.curl}/bin/curl', '-s', '-6' if ipv6 else '-4', 'https://ifconfig.me'], capture_output=True, text=True).stdout.strip()
def get_dns_ip(): return socket.gethostbyname_ex('${domain}')[2][0] def main():
def main(force_update):
my_ip = get_public_ip() my_ip = get_public_ip()
dns_ip = get_dns_ip() my_ip6 = get_public_ip(ipv6=True)
with open("${count-file-path}", "r") as f: with open("${count-file-path}", "r") as f:
content = f.read() content = f.read()
@@ -49,73 +51,136 @@ lib.mkIf (host == "NxACE")
with open("${count-file-path}", "w") as f: with open("${count-file-path}", "w") as f:
f.write(str(count)) f.write(str(count))
if not (force_update or my_ip != dns_ip): # 4
print(f"Host IP and DNS response are both {my_ip} --> No Action") with open("${passord-file-path}", 'r') as pw_file:
exit(0) pw = pw_file.read().strip()
else:
with open("${passord-file-path}", 'r') as pw_file: pw = pw_file.read().strip()
# Perform DNS updates # Perform DNS updates
resp_base = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password={pw}&ip={my_ip}") # https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-update-dns-record
resp_subd = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=*&domain=${domain}&password={pw}&ip={my_ip}") resp_base = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.base}',
headers={
'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "${domain}",
"proxied": True,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip,
"type": "A"
}
)
resp_subd = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.sub}',
headers={
'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "${domain}",
"proxied": True,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip,
"type": "A"
}
)
if resp_base.status_code != 200:
print(resp_base.text)
# Reset the count file
with open("${count-file-path}", 'w') as f: f.write('0')
now_str = datetime.now().strftime('%Y/%m/%d-%R') now_str = datetime.now().strftime('%Y/%m/%d-%R')
log_entry = f"At {now_str} - from {dns_ip} to {my_ip} - {count} times - Response {resp_base.status_code}{' - (forced)' if force_update else ' '}\n" log_entry = f"At {now_str} - to {my_ip} - Response {resp_base.status_code}\n"
print(log_entry, end="")
with open("${log-file-path}", 'a') as log_file:
log_file.write(log_entry)
# Perform DNS updates
# https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-update-dns-record
resp_base = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.base6}',
headers={
'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "${domain}",
"proxied": True,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip6,
"type": "AAAA"
}
)
resp_subd = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.sub6}',
headers={
'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "${domain}",
"proxied": True,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip6,
"type": "AAAA"
}
)
if resp_base.status_code != 200:
print(resp_base.text)
now_str = datetime.now().strftime('%Y/%m/%d-%R')
log_entry = f"At {now_str} - to {my_ip6} - Response {resp_base.status_code}\n"
print(log_entry, end="") print(log_entry, end="")
with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry) with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry)
if __name__ == "__main__": if __name__ == "__main__":
parser = argparse.ArgumentParser() main()
parser.add_argument('-f', '--force', action='store_true', help='Force update')
args = parser.parse_args()
main(args.force)
''; '';
in { in {
script = '' script = ''
set -eu set -eu
${u}/bin/update_namecheap ${u}/bin/dyn_dns
''; '';
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
User = "root";
}; };
}; };
}; };
# I can't use this becasue API Access for Namecheap needs a static whitelisted IP, which I don't have
# security.acme = {
# acceptTerms = true;
# certs."nx2site" = { };
# };
environment.systemPackages = with pkgs; [
certbot
(writeShellApplication {
name = "refresh_ssl_certificate";
runtimeInputs = [ certbot ];
# https://forum.endeavouros.com/t/tutorial-add-a-systemd-boot-loader-menu-entry-for-a-windows-installation-using-a-separate-esp-partition/37431
text = let
webroot = /home/nx2/nx2site/staticweb/content;
in /*bash*/ ''
cartbot
ls ${webroot}
'';
})
];
networking.hosts = { # docker network inspect nx2site_default | grep -E "Name|IPv4" | tr "\n" " " | sed -r 's- +- -g;s-\n?"Name": -\n-g' | sed -r '1d;2d;s-"(.+?)", "IPv4Address": "(.+)/16",- "\2" = [ "\1.docker" ];-g' networking.hosts = { # docker network inspect nx2site_default | grep -E "Name|IPv4" | tr "\n" " " | sed -r 's- +- -g;s-\n?"Name": -\n-g' | sed -r '1d;2d;s-"(.+?)", "IPv4Address": "(.+)/16",- "\2" = [ "\1.docker" ];-g'
"172.1.2.1" = [ "staticweb.docker" ]; # "172.1.2.1" = [ "staticweb.docker" ];
"172.1.3.1" = [ "matrix.docker" ]; # "172.1.3.1" = [ "matrix.docker" ];
# "172.1.0.9" = [ "matrixdb.docker" ]; # "172.1.0.9" = [ "matrixdb.docker" ];
"172.1.4.1" = [ "matrix-ss.docker" ]; # "172.1.4.1" = [ "matrix-ss.docker" ];
# "172.1.0.7" = [ "matrix-ssdb.docker" ]; # "172.1.0.7" = [ "matrix-ssdb.docker" ];
"172.1.5.1" = [ "pw.docker" ]; "172.1.5.1" = [ "pw.docker" ];
"172.1.6.1" = [ "git.docker" ]; "172.1.6.1" = [ "git.docker" ];
# "172.1.0.10" = [ "gitdb.docker" ]; # "172.1.0.10" = [ "gitdb.docker" ];
"172.1.7.1" = [ "nn.docker" ]; # "172.1.7.1" = [ "nn.docker" ];
"172.1.8.1" = [ "llm.docker" ]; # "172.1.8.1" = [ "llm.docker" ];
# "172.1.9.1" = [ "proxy.docker" ]; # "172.1.9.1" = [ "proxy.docker" ];
"172.1.10.1" = [ "share.docker" ]; # "172.1.10.1" = [ "share.docker" ];
"172.1.11.1" = [ "odq.docker" ]; # "172.1.11.1" = [ "odq.docker" ];
}; };
}) }

222
system-modules/nx2site/proxy.nix
View File

@@ -1,35 +1,56 @@
{ config, pkgs, lib, user }: { config, pkgs, lib, domain, ... }:
lib.mkIf false
{ {
sops.secrets = { sops.secrets = {
"nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; }; "nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; };
"nx2site/sslCertificateKey.pem" = { owner = config.services.nginx.user; }; "nx2site/sslCertificateKey.pem" = { owner = config.services.nginx.user; };
"nx2site/dhparams.pem" = { owner = config.services.nginx.user; }; "nx2site/dhparams.pem" = { owner = config.services.nginx.user; };
}; };
services.nginx = { security.acme = {
acceptTerms = true;
defaults = {
email = "acme@${domain}";
webroot = "/var/nginx/webroot";
group = "nginx";
};
certs = {
"${domain}" = {
extraDomainNames = builtins.map (subd: "${subd}.${domain}") [ "git" "git2" "pw" "pw2" "sync" ];
};
};
};
users.users."nginx" = {
extraGroups = [ "nginx" "acme" ];
useDefaultShell = false;
linger = true;
home = "/var/nginx/";
homeMode = "770";
createHome = true;
isSystemUser = true;
isNormalUser = false;
};
systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
services.nginx = let
dl = [
{ addr = "0.0.0.0"; port = 443; ssl = true; }
{ addr = "0.0.0.0"; port = 80; ssl = false; }
{ addr = "[::0]"; port = 443; ssl = true; }
{ addr = "[::0]"; port = 80; ssl = false; }
];
in {
enable = true; enable = true;
user = "nginx";
group = "nginx";
additionalModules = []; additionalModules = [];
# appendConfig = ''''; # appendConfig = '''';
clientMaxBodySize = "20m"; clientMaxBodySize = "20m";
defaultHTTPListenPort = 80; defaultHTTPListenPort = 80;
defaultListenAddresses = [ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"; defaultListenAddresses = [ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]";
defaultListen = [ { defaultListen = dl;
addr = "0.0.0.0";
ssl = true;
port = 443;
proxyProtocol = true;
}];
defaultMimeTypes = "${pkgs.mailcap}/etc/nginx/mime.types"; defaultMimeTypes = "${pkgs.mailcap}/etc/nginx/mime.types";
defaultSSLListenPort = 443; defaultSSLListenPort = 443;
enableQuicBPF = true; enableQuicBPF = true;
enableReload = true; enableReload = true;
# eventsConfig = '''';
# logError = ;
# mapHashBucketSize = ;
# mapHashMaxSize = ;
package = pkgs.nginxQuic; package = pkgs.nginxQuic;
# preStart = true;
proxyResolveWhileRunning = false; proxyResolveWhileRunning = false;
proxyTimeout = "20s"; proxyTimeout = "20s";
recommendedBrotliSettings = true; recommendedBrotliSettings = true;
@@ -39,142 +60,81 @@ lib.mkIf false
recommendedTlsSettings = true; recommendedTlsSettings = true;
recommendedZstdSettings = true; recommendedZstdSettings = true;
serverTokens = false; serverTokens = false;
# sslCiphers = true;
sslDhparam = config.sops.secrets."nx2site/dhparams.pem".path; sslDhparam = config.sops.secrets."nx2site/dhparams.pem".path;
sslProtocols = "TLSv1.2 TLSv1.3"; sslProtocols = "TLSv1.2 TLSv1.3";
statusPage = false; statusPage = false;
streamConfig = ""; # udp config streamConfig = ""; # udp config
validateConfigFile = true; validateConfigFile = true;
upstreams = {
"staticweb".servers = { "staticweb.docker:80" = {}; };
"matrix".servers = { "matrix.docker:80" = {}; };
"matrix-ss".servers = { "matrix-ss.docker:80" = {}; };
"pw".servers = { "pw.docker:80" = {}; };
"git".servers = { "git.docker:80" = {}; };
"nn".servers = { "nn.docker:80" = {}; };
"llm".servers = { "llm.docker:80" = {}; };
"share".servers = { "share.docker:80" = {}; };
"sync".servers = { "localhost:8384" = {}; };
};
virtualHosts = let virtualHosts = let
sslCertificate = config.sops.secrets."nx2site/sslCertificate.pem".path; vh = {
sslCertificateKey = config.sops.secrets."nx2site/sslCertificateKey.pem".path; kTLS = true;
kTLS = true; http2 = true; http3 = true; http3_hq = true; quic = true; http2 = true;
in http3 = true;
{ http3_hq = true;
"nx2.site" = { quic = true;
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; addSSL = true;
listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; enableACME = true;
};
in {
"${domain}" = vh // {
root = "/var/nginx/webroot";
default = true;
listen = dl;
locations = { locations = {
"/" = { "/" = {
proxyPass = "http://staticweb"; extraConfig = ''
# extraConfig = [ ''add_header Alt-Svc 'h3=":443"; ma=86400';'' ''add_header Cache-Control "public";'' ] ++ common-location-conf; index index.html;
if ($request_uri ~ ^/(.*)\.html(\?|$)) {
return 301 /$1;
}
try_files $uri $uri.html $uri/ /404.html =404;
'';
}; };
"/.well-known/matrix/client" = { "~^(/ba)$" = { return = "301 /BA.pdf"; };
return = ''200 '{"m.homeserver": {"base_url": "https://matrix.nx2.site"}, "org.matrix.msc3575.proxy": {"url": "https://matrix-ss.nx2.site"}}' ''; "/.well-known/matrix/client" = { return = "502"; };
extraConfig = [ "default_type application/json;" "add_header Access-Control-Allow-Origin *;" ]; "/.well-known/matrix/server" = { return = "502"; };
};
"/.well-known/matrix/server" = {
return = ''200 '{"m.server":"matrix.nx2.site:443"}' '';
extraConfig = [ "default_type application/json;" "add_header Access-Control-Allow-Origin *;" ];
};
"~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
proxyPass = "http://matrix-ss";
# extraConfig = [ ''proxy_set_header X-Forwarded-For $remote_addr;'' ''proxy_set_header X-Forwarded-Proto $scheme;'' ''proxy_set_header Host $host;'' ];
};
"~ ^(\/_matrix|\/_synapse\/client)" = {
return = ''200 '{"m.server":"matrix.nx2.site:443"}' '';
# extraConfig = [];
}; };
}; };
"matrix.${domain}" = {
listen = dl;
locations = { "~.*" = { return = "502"; }; };
}; };
"matrix.nx2.site" = { "pw.${domain}" = vh // {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; listen = dl;
listen = [ locations = let d = "pw.docker:80"; in {
{ addr = "0.0.0.0"; port = 443; ssl = true; } "/" = { proxyPass = "http://${d}"; };
{ addr = "0.0.0.0"; port = 8448; ssl = true; } "/admin" = { proxyPass = "http://${d}"; };
]; "/notifications/hub" = { proxyPass = "http://${d}"; };
locations = { "/notifications/hub/negotiate" = { proxyPass = "http://${d}"; };
"/" = {
proxyPass = "http://matrix";
# extraConfig = [ ''add_header Alt-Svc 'h3=":443"; ma=86400';'' ''add_header Cache-Control "public";'' ] ++ common-location-conf;
}; };
}; };
}; "pw2.${domain}" = vh // {
"matrix-ss.nx2.site" = { listen = dl;
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; locations = let d = "127.0.0.1:8222"; in {
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; "/" = { proxyPass = "http://${d}"; };
# "resolver 1.1.1.1;" "/admin" = { proxyPass = "http://${d}"; };
# "client_max_body_size 500M;" "/notifications/hub" = { proxyPass = "http://${d}"; };
# ]; "/notifications/hub/negotiate" = { proxyPass = "http://${d}"; };
locations = {
"/" = { proxyPass = "http://pw"; };
}; };
}; };
# "dev.nx2.site" = { "sync.${domain}" = vh // {
# inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; listen = dl;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; locations = { "/" = { proxyPass = "http://127.0.0.1:11434"; }; };
# locations = {
# "/" = {
# proxyPass = "http://dev";
# };
# };
# };
"pw.nx2.site" = {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ];
locations = {
"/" = { proxyPass = "http://pw"; };
"/admin" = { proxyPass = "http://pw"; };
"/notifications/hub" = { proxyPass = "http://pw"; };
"/notifications/hub/negotiate" = { proxyPass = "http://pw"; };
}; };
"git.${domain}" = vh // {
listen = dl;
locations = { "/" = { proxyPass = "http://git.docker:3000"; }; };
}; };
"share.nx2.site" = { "git2.${domain}" = vh // {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; listen = dl;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; locations = { "/" = { proxyPass = "http://127.0.0.1:8222"; }; };
locations = {
"/" = { proxyPass = "http://share"; # ''proxy_hide_header Content-Disposition;''
# ''proxy_set_header Content-Disposition $upstream_http_content_disposition;''
# ''proxy_set_header X-Real-IP $remote_addr;''
# ''proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;''
# ''proxy_set_header Host $http_host;''
# ];
};
"/socket.io" = {
proxyPass = "http://share/socket.io";
proxyWebsockets = true;
# extraConfig = [
# ''proxy_http_version 1.1;''
# ''proxy_set_header Upgrade $http_upgrade;''
# ''proxy_set_header Connection "upgrade";''
# ];
};
};
};
"sync.nx2.site" = {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ];
locations = {
"/" = { proxyPass = "http://sync"; };
};
};
"git.nx2.site" = {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ];
locations = {
"/" = { proxyPass = "http://git"; };
};
};
"~^(.*)\.nx2\.site$" = {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ];
root = "/home/nx2/nx2site/staticweb/xcontent/";
locations = {
"~.*" = { return = "502 /502.html"; };
}; };
"~^(.*).${domain}$" = {
listen = dl;
root = "/var/nginx/webroot";
locations = { "~.*" = { return = "301 https://${domain}/502.html"; }; };
}; };
}; };
}; };
} }

15
system-modules/syncthing.nix
View File

@@ -1,5 +1,10 @@
{ config, lib, user, host, secrets, ...}: {
let config,
lib,
user,
host,
secrets,
... }: let
# helper funcitons # helper funcitons
conv = _: device: with device; { "${name}" = {id = id;};}; conv = _: device: with device; { "${name}" = {id = id;};};
justname = devices: (builtins.map (device: device.name)) devices; justname = devices: (builtins.map (device: device.name)) devices;
@@ -24,15 +29,11 @@ let
daniel-dcim = { name = "daniel-dcim"; path = "/vault/Pictures/Daniel"; }; daniel-dcim = { name = "daniel-dcim"; path = "/vault/Pictures/Daniel"; };
tessa-dcim = { name = "tessa-dcim"; path = "/vault/Pictures/Tessa"; }; tessa-dcim = { name = "tessa-dcim"; path = "/vault/Pictures/Tessa"; };
}; };
in in {
lib.mkIf (user != "tv")
{
sops.secrets = { sops.secrets = {
"syncthing/${host}/cert.pem" = { owner = user; }; "syncthing/${host}/cert.pem" = { owner = user; };
"syncthing/${host}/key.pem" = { owner = user; }; "syncthing/${host}/key.pem" = { owner = user; };
}; };
services.syncthing = with (builtins.mapAttrs conv devices); { services.syncthing = with (builtins.mapAttrs conv devices); {
enable = true; enable = true;
user = "${user}"; user = "${user}";

10
system-modules/users.nix
View File

@@ -1,22 +1,16 @@
{ pkgs, lib, host, user, ... }: { pkgs, user, ... }:
{ {
users.defaultUserShell = pkgs.bash; # if interactive, itll switch to fish users.defaultUserShell = pkgs.bash; # if interactive, itll switch to fish
users.users."${user}" = { users.users."${user}" = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" "audio" "video" "docker" "libvirtd" "uinput" "input" "ydotool" "adbusers" ]; extraGroups = [ "networkmanager" "wheel" "audio" "video" "docker" "libvirtd" "uinput" "input" "ydotool" "acme" "nginx" "adbusers" ];
useDefaultShell = true; useDefaultShell = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1RPCcS8DtIf75a2FEW4d8X6WTVeLlmretoLqppvZlJ" # From [A] GPG Sub Key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1RPCcS8DtIf75a2FEW4d8X6WTVeLlmretoLqppvZlJ" # From [A] GPG Sub Key
]; ];
}; };
users.users.tv = lib.mkIf (host == "NxACE") {
isNormalUser = true;
extraGroups = [ "networkmanager" "audio" "video" "uinput" ];
useDefaultShell = true;
};
programs = { programs = {
bash = { bash = {