nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: nx2:3a30fc2131d4521e10de33be9f08bbf7194d553c
Branches Tags
nx2:master nx2:nod nx2:gitea nx2:north
..
compare: nx2:gitea
Branches Tags
nx2:master nx2:nod nx2:gitea nx2:north

25 Commits
3a30fc2131 ... gitea

Author SHA1 Message Date
Lennart J. Kurzweg (Nx2)
e26ac7cbe2 Merge branch 'master' of ssh://ssh.nx2.site:20022/nx2/dotfiles into gitea 2024-11-11 14:02:59 +01:00
Lennart J. Kurzweg (Nx2)
66221229ca gitea, crashes 2024-11-11 14:02:21 +01:00
Lennart J. Kurzweg (Nx2)
9b36c29009 i accedentally deleted my tuda eduroam 2024-11-11 10:33:33 +01:00
Lennart J. Kurzweg (Nx2)
55587f35f6 merge fixups 2024-11-09 23:57:48 +01:00
Lennart J. Kurzweg (Nx2)
966f9d67fc Merge branch 'master' of ssh://ssh.nx2.site:20022/nx2/dotfiles 2024-11-09 23:56:05 +01:00
Lennart J. Kurzweg (Nx2)
2e1c0f495b better nxsent 2024-11-09 23:56:00 +01:00
Lennart J. Kurzweg (Nx2)
ab4c26c178 Merge branch 'master' of ssh://ssh.nx2.site:20022/nx2/dotfiles 2024-11-09 20:24:22 +01:00
Lennart J. Kurzweg (Nx2)
91a5a6def8 manual sops merge before merge 2024-11-09 20:06:45 +01:00
Lennart J. Kurzweg (Nx2)
104d1334df huge cleanup 2024-11-09 19:48:52 +01:00
Lennart J. Kurzweg (Nx2)
c19c270775 newer curl 2024-11-08 13:48:37 +01:00
Lennart J. Kurzweg (Nx2)
c5c41087b5 dm new style 2024-11-08 13:48:27 +01:00
Lennart J. Kurzweg (Nx2)
924f48b15a nx2site001 2024-11-08 13:48:02 +01:00
Lennart J. Kurzweg (Nx2)
6abff56bbd tuda-moodle-rice 2024-11-08 13:42:49 +01:00
Lennart J. Kurzweg (Nx2)
5f9c6dd0a3 yazi more rice 2024-11-07 16:34:01 +01:00
Lennart J. Kurzweg (Nx2)
c426029a25 adb 2024-11-07 16:33:56 +01:00
Lennart J. Kurzweg (Nx2)
1790336aa5 Merge branch 'master' of ssh://ssh.nx2.site:20022/nx2/dotfiles 2024-11-06 13:53:22 +01:00
Lennart J. Kurzweg (Nx2)
06a630319d prettier code 2024-11-06 13:53:19 +01:00
Lennart J. Kurzweg (Nx2)
1814068cfe better zathura rice 2024-11-06 13:52:53 +01:00
Lennart J. Kurzweg (Nx2)
096f31d81a all nixd paths 2024-11-06 13:52:43 +01:00
Lennart J. Kurzweg (Nx2)
148bd4c481 accent is the always visible border 2024-11-06 13:42:44 +01:00
Lennart J. Kurzweg (Nx2)
f9d4921726 userChrome mynixos.com 2024-11-06 13:42:04 +01:00
Lennart J. Kurzweg (Nx2)
169d6eda11 ~/shared ownwership fix 2024-10-30 00:55:44 +01:00
Lennart J. Kurzweg (Nx2)
97f33c7b8d diffrent rice 2024-10-30 00:55:16 +01:00
Lennart J. Kurzweg (Nx2)
340c514a99 more fuse (still sucks) 2024-10-28 16:10:02 +01:00
Lennart J. Kurzweg (Nx2)
b3d3c983c2 nixd spelling 2024-10-28 13:43:22 +01:00
49 changed files with 1673 additions and 2415 deletions
Expand all files Collapse all files

14
configuration.nix
View File

@@ -1,7 +1,8 @@
{ pkgs, inputs, ... }: { pkgs, inputs, lib, host, ... }:
{ {
imports = [ imports = ([
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
./system-modules/adb.nix
./system-modules/auto-mount.nix ./system-modules/auto-mount.nix
./system-modules/hardware-configuration.nix ./system-modules/hardware-configuration.nix
./system-modules/fuse.nix ./system-modules/fuse.nix
@@ -27,7 +28,6 @@
./system-modules/networking.nix ./system-modules/networking.nix
./system-modules/nixd.nix ./system-modules/nixd.nix
./system-modules/nvidia.nix ./system-modules/nvidia.nix
./system-modules/nx2site.nix
./system-modules/ollama.nix ./system-modules/ollama.nix
./system-modules/qmk.nix ./system-modules/qmk.nix
./system-modules/sops.nix ./system-modules/sops.nix
@@ -37,7 +37,13 @@
./system-modules/users.nix ./system-modules/users.nix
./system-modules/virtualisation.nix ./system-modules/virtualisation.nix
./system-modules/ydotool.nix ./system-modules/ydotool.nix
]; ]) ++ (if (host == "NxACE") then [
./system-modules/nx2site.nix
./system-modules/postgres.nix
./system-modules/nx2site/proxy.nix
# ./system-modules/nx2site/gitea.nix
# ./system-modules/nx2site/vaultwarden.nix
] else []);
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";

6
flake-modules/rice.nix
View File

@@ -3,9 +3,9 @@ pkgs: rec {
lib = import ../nxlib/ricelib.nix pkgs.lib; lib = import ../nxlib/ricelib.nix pkgs.lib;
transparency = 0.8; transparency = 0.8;
rounding = 10; rounding = 3;
gap-size = 10; gap-size = 5;
border-width = 3; border-width = 2;
color = color =
let let
dark = (-0.5); dark = (-0.5);

6
flake.nix
View File

@@ -22,6 +22,7 @@
outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-latest, home-manager, ... }@inputs: let outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-latest, home-manager, ... }@inputs: let
system = "x86_64-linux"; system = "x86_64-linux";
user = "nx2"; user = "nx2";
domain = "nx2.site";
config = { allowUnfree = true; allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) (import ./flake-modules/allowed.nix).unfree; }; config = { allowUnfree = true; allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) (import ./flake-modules/allowed.nix).unfree; };
@@ -42,7 +43,7 @@
enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; enable = if (host == "NxXPS" || host == "NxNORTH") then true else false;
prime = if (host == "NxXPS") then true else false; prime = if (host == "NxXPS") then true else false;
}; };
in { inherit inputs user host pkgs-unstable pkgs-latest secrets rice nvidia; }; in { inherit inputs user host domain pkgs-unstable pkgs-latest secrets rice nvidia; };
}; };
in { in {
NxXPS = make-nixos-system "NxXPS"; NxXPS = make-nixos-system "NxXPS";
@@ -59,13 +60,12 @@
enable = if (host == "NxXPS" || host == "NxNORTH") then true else false; enable = if (host == "NxXPS" || host == "NxNORTH") then true else false;
prime = if (host == "NxXPS") then true else false; prime = if (host == "NxXPS") then true else false;
}; };
in { inherit inputs system user host pkgs-unstable pkgs-latest rice secrets nvidia; }; in { inherit inputs system user host domain pkgs-unstable pkgs-latest rice secrets nvidia; };
}; };
in { in {
"${user}@NxXPS" = make-home-configuration "NxXPS" user; "${user}@NxXPS" = make-home-configuration "NxXPS" user;
"${user}@NxNORTH" = make-home-configuration "NxNORTH" user; "${user}@NxNORTH" = make-home-configuration "NxNORTH" user;
"${user}@NxACE" = make-home-configuration "NxACE" user; "${user}@NxACE" = make-home-configuration "NxACE" user;
"tv@NxACE" = make-home-configuration "NxACE" "tv";
}; };
}; };
} }

12
home-modules/bash.nix
View File

@@ -1,9 +1,5 @@
{ pkgs, lib, user, ... }: { ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [
bash
];
programs.bash = { programs.bash = {
enable = true; enable = true;
shellAliases = { shellAliases = {
@@ -19,11 +15,5 @@ lib.mkIf (user != "tv")
"checkjobs" "checkjobs"
]; ];
enableCompletion = false; enableCompletion = false;
# initExtra = ''
# if [[ $- == *i* ]] # if interactive
# then
# eval "$(${pkgs.starship}/bin/starship init bash)"
# fi
# '';
}; };
} }

2055
home-modules/chatterino.nix
View File

File diff suppressed because it is too large Load Diff

1
home-modules/direnv.nix
View File

@@ -1,5 +1,4 @@
{ lib, user, ... }: { lib, user, ... }:
lib.mkIf (user != "tv")
{ {
programs = { programs = {
direnv = { direnv = {

19
home-modules/firefox.nix
View File

@@ -177,6 +177,25 @@
} }
} }
@-moz-document domain(mynixos.com) {
body, html {
background-color: transparent !important;
}
header, footer {
background-color: rgba(0,0,0,0.5) !important;
border-radius: ${builtins.toString rice.rounding}px;
}
}
@-moz-document domain(moodle.informatik.tu-darmstadt.de) {
body, html , .main-inner, .main-inner * {
background-color: transparent !important;
}
.bg-primary {
background-color: rgba(${rice.lib.hex-to-rgb-comma-string accent.base}, 0.5) !important!
}
}
@-moz-document domain(nx2.site) { @-moz-document domain(nx2.site) {
html { html {
background: radial-gradient(rgba(255, 255, 255, 0.8) 5%, transparent 5%) !important; background: radial-gradient(rgba(255, 255, 255, 0.8) 5%, transparent 5%) !important;

3
home-modules/fish.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, lib, rice, user, ... }: { pkgs, lib, rice, user, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
fish fish
@@ -81,7 +80,7 @@ lib.mkIf (user != "tv")
lzd = "lazydocker"; lzd = "lazydocker";
d = "docker"; d = "docker";
dcmp = "docker compose"; dcmp = "docker compose";
nxsent = ''sent -c \${rice.color.foreground} -b \${rice.color.background}''; # nxsent = ''sent -c \${rice.color.foreground} -b \${rice.color.background}'';
# ya = "yazi"; # function # ya = "yazi"; # function
# nxfiglet = "figlet"; # nxfiglet = "figlet";

270
home-modules/foot.nix
View File

@@ -1,270 +0,0 @@
{ config, pkgs, rice, lib, user, ... }:
lib.mkIf (user != "tv")
{
home.packages = with pkgs; [
foot
];
programs.foot = {
enable = true;
# background = rice.color.background;
# foreground = rice.color.foreground;
# cursor = rice.color.foreground;
# color0 = rice.color.black.base;
# color8 = rice.color.black.bright;
# color1 = rice.color.red.base;
# color9 = rice.color.red.bright;
# color2 = rice.color.green.base;
# color10 = rice.color.green.bright;
# color3 = rice.color.yellow.base;
# color11 = rice.color.yellow.bright;
# color4 = rice.color.blue.base;
# color12 = rice.color.blue.bright;
# color5 = rice.color.magenta.base;
# color13 = rice.color.magenta.bright;
# color6 = rice.color.cyan.base;
# color14 = rice.color.cyan.bright;
# color7 = rice.color.white.base;
# color15 = rice.color.white.bright;
# background_opacity = builtins.toString rice.transparency;
# window_padding_width = 5;
# remember_window_size = false;
# settings = {
# main = {
# shell = ''$SHELL (if set, otherwise user's default shell from /etc/passwd)'';
# term = ''foot (or xterm-256color if built with -Dterminfo=disabled)'';
# login-shell = ''no'';
# # app-id = ''foot'';
# title = ''foot'';
# locked-title = ''no'';
# font = ''${rice.font.code.name}:size=8'';
# font-size-adjustment = ''0.5'';
# line-height = "<font metrics>";
# letter-spacing = ''0'';
# horizontal-letter-offset = ''0'';
# vertical-letter-offset = ''0'';
# underline-offset = "<font metrics>";
# underline-thickness = "<font underline thickness>";
# # box-drawings-uses-font-glyphs = "no";
# # dpi-aware = ''no'';
# # initial-window-size-pixels = ''700x500'';
# # initial-window-size-chars = "<COLSxROWS>";
# # initial-window-mode = ''windowed'';
# pad = ''5x5'';
# resize-by-cells = ''yes'';
# resize-keep-grid = ''yes'';
# resize-delay-ms = ''100'';
# # bold-text-in-bright = false;
# word-delimiters = '',│`|:"'()[]{}<>'';
# selection-target = ''primary'';
# workers = "<number of logical CPUs>";
# utmp-helper = ''/usr/lib/utempter/utempter'';
# # environment = {
# # name = ''value'';
# # };
# };
# bell = {
# urgent = ''no'';
# notify = ''no'';
# visual = ''no'';
# command = '''';
# command-focused = ''no'';
# };
# desktop-notifications = {
# command = ''notify-send --wait --app-name ''${app-id} --icon ''${app-id} --category ''${category} --urgency ''${urgency} --expire-time ''${expire-time} --hint STRING:image-path:''${icon} --hint BOOLEAN:suppress-sound:''${muted} --hint STRING:sound-name:''${sound-name} --replace-id ''${replace-id} ''${action-argument} --print-id -- ''${title} ''${body}'';
# command-action-argument = ''--action ''${action-name}=''${action-label}'';
# close = ''""'';
# inhibit-when-focused = ''yes'';
# };
# scrollback = {
# lines = ''1000'';
# multiplier = ''3.0'';
# indicator-position = ''relative'';
# indicator-format = ''""'';
# };
# url = {
# launch = ''xdg-open ''${url}'';
# label-letters = ''sadfjklewcmpgh'';
# osc8-underline = ''url-mode'';
# protocols = ''http, https, ftp, ftps, file, gemini, gopher'';
# uri-characters = ''abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.,~:;/?#@!$&%*+="'()[]'';
# };
# cursor = {
# style = ''block'';
# color = "<inverse foreground/background>";
# blink = ''no'';
# blink-rate = ''500'';
# beam-thickness = ''1.5'';
# underline-thickness = "<font underline thickness>";
# };
# mouse = {
# hide-when-typing = ''no'';
# alternate-scroll-mode = ''yes'';
# };
# touch = {
# long-press-delay = ''400'';
# };
# colors = {
# alpha = ''1.0'';
# background = ''242424'';
# foreground = ''ffffff'';
# flash = ''7f7f00'';
# flash-alpha = ''0.5'';
# # Normal/regular colors (color palette 0-7)
# regular0 = ''242424'';
# regular1 = ''f62b5a'';
# regular2 = ''47b413'';
# regular3 = ''e3c401'';
# regular4 = ''24acd4'';
# regular5 = ''f2affd'';
# regular6 = ''13c299'';
# regular7 = ''e6e6e6'';
# # Bright colors (color palette 8-15)
# bright0 = ''616161'';
# bright1 = ''ff4d51'';
# bright2 = ''35d450'';
# bright3 = ''e9e836'';
# bright4 = ''5dc5f8'';
# bright5 = ''feabf2'';
# bright6 = ''24dfc4'';
# bright7 = ''ffffff'';
# # dimmed colors (see foot.ini(5) man page)
# # dim0 = "<not set>";
# # ...
# # dim7 = "<not-set>";
# # The remaining 256-color palette
# # 16 = <256-color palette #16>
# # ...
# # 255 = <256-color palette #255>
# # Misc colors
# selection-foreground = "<inverse foreground/background>";
# selection-background = "<inverse foreground/background>";
# jump-labels = "<regular0> <regular3>";
# scrollback-indicator = "<regular0> <bright4>";
# search-box-no-match = "<regular0> <regular1>";
# search-box-match = "<regular0> <regular3>";
# urls = "<regular3>";
# };
# csd = {
# preferred = ''server'';
# size = ''26'';
# font = "<primary font>";
# color = "<foreground color>";
# hide-when-maximized = ''no'';
# double-click-to-maximize = ''yes'';
# border-width = ''0'';
# border-color = "<csd.color>";
# button-width = ''26'';
# button-color = "<background color>";
# button-minimize-color = "<regular4>";
# button-maximize-color = "<regular2>";
# button-close-color = "<regular1>";
# };
# key-bindings = {
# scrollback-up-page = ''Shift+Page_Up'';
# scrollback-up-half-page = ''none'';
# scrollback-up-line = ''none'';
# scrollback-down-page = ''Shift+Page_Down'';
# scrollback-down-half-page = ''none'';
# scrollback-down-line = ''none'';
# scrollback-home = ''none'';
# scrollback-end = ''none'';
# clipboard-copy = ''Control+Shift+c XF86Copy'';
# clipboard-paste = ''Control+Shift+v XF86Paste'';
# primary-paste = ''Shift+Insert'';
# search-start = ''Control+Shift+r'';
# font-increase = ''Control+plus Control+equal Control+KP_Add'';
# font-decrease = ''Control+minus Control+KP_Subtract'';
# font-reset = ''Control+0 Control+KP_0'';
# spawn-terminal = ''Control+Shift+n'';
# minimize = ''none'';
# maximize = ''none'';
# fullscreen = ''none'';
# pipe-visible = ''[sh -c "xurls | fuzzel | xargs -r firefox"] none'';
# pipe-scrollback = ''[sh -c "xurls | fuzzel | xargs -r firefox"] none'';
# pipe-selected = ''[xargs -r firefox] none'';
# pipe-command-output = ''[wl-copy] none'';
# show-urls-launch = ''Control+Shift+o'';
# show-urls-copy = ''none'';
# show-urls-persistent = ''none'';
# prompt-prev = ''Control+Shift+z'';
# prompt-next = ''Control+Shift+x'';
# unicode-input = ''Control+Shift+u'';
# noop = ''none'';
# };
# search-bindings = {
# cancel = ''Control+g Control+c Escape'';
# commit = ''Return'';
# find-prev = ''Control+r'';
# find-next = ''Control+s'';
# cursor-left = ''Left Control+b'';
# cursor-left-word = ''Control+Left Mod1+b'';
# cursor-right = ''Right Control+f'';
# cursor-right-word = ''Control+Right Mod1+f'';
# cursor-home = ''Home Control+a'';
# cursor-end = ''End Control+e'';
# delete-prev = ''BackSpace'';
# delete-prev-word = ''Mod1+BackSpace Control+BackSpace'';
# delete-next = ''Delete'';
# delete-next-word = ''Mod1+d Control+Delete'';
# extend-char = ''Shift+Right'';
# extend-to-word-boundary = ''Control+w Control+Shift+Right'';
# extend-to-next-whitespace = ''Control+Shift+w'';
# extend-line-down = ''Shift+Down'';
# extend-backward-char = ''Shift+Left'';
# extend-backward-to-word-boundary = ''Control+Shift+Left'';
# extend-backward-to-next-whitespace = ''none'';
# extend-line-up = ''Shift+Up'';
# clipboard-paste = ''Control+v Control+Shift+v Control+y XF86Paste'';
# primary-paste = ''Shift+Insert'';
# unicode-input = ''none'';
# quit = ''none'';
# scrollback-up-page = ''Shift+Page_Up'';
# scrollback-up-half-page = ''none'';
# scrollback-up-line = ''none'';
# scrollback-down-page = ''Shift+Page_Down'';
# scrollback-down-half-page = ''none'';
# scrollback-down-line = ''none'';
# scrollback-home = ''none'';
# scrollback-end = ''none'';
# };
# url-bindings = {
# cancel = ''Control+g Control+c Control+d Escape'';
# toggle-url-visible = ''t'';
# };
# text-bindings = {
# "\x03" = ''Mod4+c'';
# };
# mouse-bindings = {
# scrollback-up-mouse = ''BTN_WHEEL_BACK'';
# scrollback-down-mouse = ''BTN_WHEEL_FORWARD'';
# font-increase = ''Control+BTN_WHEEL_BACK'';
# font-decrease = ''Control+BTN_WHEEL_FORWARD'';
# selection-override-modifiers = ''Shift'';
# primary-paste = ''BTN_MIDDLE'';
# select-begin = ''BTN_LEFT'';
# select-begin-block = ''Control+BTN_LEFT'';
# select-extend = ''BTN_RIGHT'';
# select-extend-character-wise = ''Control+BTN_RIGHT'';
# select-word = ''BTN_LEFT-2'';
# select-word-whitespace = ''Control+BTN_LEFT-2'';
# select-quote = ''BTN_LEFT-3'';
# select-row = ''BTN_LEFT-4'';
# # vim: ft = ''dosini'';
# };
# };
};
}

7
home-modules/git.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, lib, user, rice, ... }: { pkgs, rice, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
git git
@@ -11,9 +10,7 @@ lib.mkIf (user != "tv")
# List of directories to check # List of directories to check
directories=( directories=(
"$HOME/nix-dots" "$HOME/nix-dots"
"$HOME/shared/nx-obsidian-vault" "$HOME/obsidian-vault"
"$HOME/shared/HSMW/Praxis/BCAM/bolt-llmserver"
"$HOME/shared/HSMW/Praxis/BCAM/bcam-tools"
"$HOME/Pictures/wallpapers" "$HOME/Pictures/wallpapers"
) )
echo "" echo ""

9
home-modules/gpg.nix
View File

@@ -1,16 +1,15 @@
{ pkgs, pkgs-unstable, ... }: { pkgs, pkgs-unstable, ... }:
{ {
# there also is a system module # there also is a system module
home.packages = with pkgs; [ home.packages = (with pkgs; [
gnupg gnupg
gpg-tui gpg-tui
] ++ ( with pkgs-unstable; [ ]) ++ ( with pkgs-unstable; [
pinentry-all pinentry-all
]); ]);
# services.pcscd.enable = true; # services.pcscd.enable = true;
services.gpg-agent = services.gpg-agent = let
let
min2sec = min: (min * 60); min2sec = min: (min * 60);
in { in {
enable = true; enable = true;
@@ -22,7 +21,7 @@
enableFishIntegration = true; enableFishIntegration = true;
defaultCacheTtlSsh = min2sec 60; defaultCacheTtlSsh = min2sec 60;
defaultCacheTtl = min2sec 30; defaultCacheTtl = min2sec 30;
# pinentryPackage = pkgs.pinentry-gtk2; # pinentryPackage = pkgs.pinentry-curses;
}; };
home.file.".gnupg/gpg.conf".text = '' home.file.".gnupg/gpg.conf".text = ''

7
home-modules/gtk.nix
View File

@@ -1,5 +1,4 @@
{ config, pkgs, lib, rice, user, ... }: { config, pkgs, lib, rice, user, ... }: let
let
# theme-name = "Colloid-Pink-Dark-Compact"; # theme-name = "Colloid-Pink-Dark-Compact";
# theme-package = pkgs.colloid-gtk-theme.override { # theme-package = pkgs.colloid-gtk-theme.override {
# themeVariants = [ "pink" ]; # themeVariants = [ "pink" ];
@@ -14,9 +13,7 @@ let
tweaks = [ "rimless" "black" ]; tweaks = [ "rimless" "black" ];
variant = "macchiato"; variant = "macchiato";
}; };
in in {
lib.mkIf (user != "tv")
{
home.packages = with pkgs; [ home.packages = with pkgs; [
# gnome.gnome-themes-extra # gnome.gnome-themes-extra
# gnome.adwaita-icon-theme # gnome.adwaita-icon-theme

180
home-modules/hyprland-autoname-workspaces.nix
View File

@@ -1,109 +1,107 @@
{ pkgs, lib, user, ... }: { pkgs, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = [ home = {
pkgs.hyprland-autoname-workspaces packages = with pkgs; [ hyprland-autoname-workspaces ];
]; file.".config/hyprland-autoname-workspaces/config.toml".text = ''
version = "1.1.14"
home.file.".config/hyprland-autoname-workspaces/config.toml".text = ''
version = "1.1.14"
[class] [class]
VirtualBox = "" VirtualBox = ""
steam = "󰓓" steam = "󰓓"
"VirtualBox Manager" = "" "VirtualBox Manager" = ""
"com.obsproject.Studio" = "" "com.obsproject.Studio" = ""
"[Ff]irefox" = "󰈹" "[Ff]irefox" = "󰈹"
"[Tt]hunderbird" = "" "[Tt]hunderbird" = ""
pcbnew = "" pcbnew = ""
".*.exe" = "" ".*.exe" = ""
Element = "󰘨" Element = "󰘨"
Signal = "󱅵" Signal = "󱅵"
Gimp = "" Gimp = ""
VSCodium = "󰨞" VSCodium = "󰨞"
"[sS]potify" = "" "[sS]potify" = ""
virt-manager = "" virt-manager = ""
lutris = "󰊗" lutris = "󰊗"
DEFAULT = "{class}" DEFAULT = "{class}"
"epicgameslauncher.exe" = "󰯷" "epicgameslauncher.exe" = "󰯷"
"[Cc]ode" = "󰨞" "[Cc]ode" = "󰨞"
"galaxyclient.exe" = "󰮡" "galaxyclient.exe" = "󰮡"
pavucontrol = "󰕾" pavucontrol = "󰕾"
"Tor Browser" = "󰾔" "Tor Browser" = "󰾔"
mpv = "" mpv = ""
chatterino = "" chatterino = ""
libreoffice-writer = "" libreoffice-writer = ""
kitty = "" kitty = ""
"cyberpunk2077.exe" = "󰾲" "cyberpunk2077.exe" = "󰾲"
KiCad = "" KiCad = ""
"[tT]hunar" = "" "[tT]hunar" = ""
"riotclientux.exe" = "󰰌" "riotclientux.exe" = "󰰌"
libreoffice-calc = "" libreoffice-calc = ""
"org.remmina.Remmina" = "󰢹" "org.remmina.Remmina" = "󰢹"
"org.inkscape.Inkscape" = "󰕙" "org.inkscape.Inkscape" = "󰕙"
"VirtualBox Machine" = "" "VirtualBox Machine" = ""
Bitwarden = "" Bitwarden = ""
"[gG]imp-.*" = "" "[gG]imp-.*" = ""
Chromium = "" Chromium = ""
obsidian = "󰠮" obsidian = "󰠮"
"leagueclientux.exe" = "󰰌" "leagueclientux.exe" = "󰰌"
zathura = "󰈦" zathura = "󰈦"
code-oss = "󰨞" code-oss = "󰨞"
codium-url-handler = "󰨞" codium-url-handler = "󰨞"
discord = "󰙯" discord = "󰙯"
vesktop = "󰙯" vesktop = "󰙯"
blueman-manager = "󰂯" blueman-manager = "󰂯"
Alacritty = "" Alacritty = ""
zoom = "󰬡" zoom = "󰬡"
spotify = "" spotify = ""
[class_active] [class_active]
"(?i)ExampleOneTerm" = "icon" "(?i)ExampleOneTerm" = "icon"
[initial_class] [initial_class]
[initial_class_active] [initial_class_active]
[workspaces_name] [workspaces_name]
[title_in_class] [title_in_class]
[title_in_class_active] [title_in_class_active]
[title_in_initial_class] [title_in_initial_class]
[title_in_initial_class_active] [title_in_initial_class_active]
[initial_title_in_class] [initial_title_in_class]
[initial_title] [initial_title]
"Spotify Premium" = "" "Spotify Premium" = ""
[initial_title_in_class_active] [initial_title_in_class_active]
[initial_title_in_initial_class] [initial_title_in_initial_class]
[initial_title_in_initial_class_active] [initial_title_in_initial_class_active]
[exclude] [exclude]
aProgram = "^$" aProgram = "^$"
"" = "^$" "" = "^$"
"(?i)fcitx" = ".*" "(?i)fcitx" = ".*"
"[Ss]team" = "^(Friends List.*)?$" "[Ss]team" = "^(Friends List.*)?$"
"explorer.exe" = ".*" "explorer.exe" = ".*"
"(?i)TestApp" = "" "(?i)TestApp" = ""
[format] [format]
dedup = false dedup = false
dedup_inactive_fullscreen = false dedup_inactive_fullscreen = false
delim = " " delim = " "
workspace = "{id}:{clients}" workspace = "{id}:{clients}"
workspace_empty = "{id}" workspace_empty = "{id}"
client = "{icon}" client = "{icon}"
client_fullscreen = "{icon}" client_fullscreen = "{icon}"
client_active = "{icon}" client_active = "{icon}"
client_dup = "{icon}{counter_sup}" client_dup = "{icon}{counter_sup}"
client_dup_active = "*{icon}*{delim}{icon}{counter_unfocused_sup}" client_dup_active = "*{icon}*{delim}{icon}{counter_unfocused_sup}"
client_dup_fullscreen = "[{icon}]{delim}{icon}{counter_unfocused_sup}" client_dup_fullscreen = "[{icon}]{delim}{icon}{counter_unfocused_sup}"
''; '';
};
} }

16
home-modules/hyprland.nix
View File

@@ -46,9 +46,7 @@ let
}; };
}; };
}; };
in in {
lib.mkIf (user != "tv")
{
home.packages = (with pkgs; [ home.packages = (with pkgs; [
# hyprland itself is a system package # hyprland itself is a system package
hyprland-protocols hyprland-protocols
@@ -164,8 +162,8 @@ lib.mkIf (user != "tv")
gaps_in = builtins.div rice.gap-size 2; gaps_in = builtins.div rice.gap-size 2;
gaps_out = rice.gap-size; gaps_out = rice.gap-size;
border_size = rice.border-width; border_size = rice.border-width;
"col.active_border" = "rgba(${rice.lib.nohash rice.color.border}ff) rgba(${rice.lib.nohash rice.color.border2}ff) 90deg"; "col.active_border" = "rgba(${rice.lib.nohash rice.color.border2}ff) rgba(${rice.lib.nohash rice.color.border}ff) 90deg";
"col.inactive_border" = "rgba(${rice.lib.nohash rice.color.background}ff) rgba(${rice.lib.nohash rice.color.border2}ff) 90deg"; "col.inactive_border" = "rgba(${rice.lib.nohash rice.color.background}ff) rgba(${rice.lib.nohash rice.color.border}ff) 90deg";
# cursor_inactive_timeout = 10; # cursor_inactive_timeout = 10;
@@ -230,7 +228,7 @@ lib.mkIf (user != "tv")
dwindle = { dwindle = {
preserve_split = true; # you probably want this preserve_split = true; # you probably want this
no_gaps_when_only = false; no_gaps_when_only = true;
}; };
# master = { # master = {
@@ -267,10 +265,10 @@ lib.mkIf (user != "tv")
"opacity ${transparency}, code-oss" "opacity ${transparency}, code-oss"
"opacity ${transparency}, VSCodium" "opacity ${transparency}, VSCodium"
"opacity ${transparency}, Code" "opacity ${transparency}, Code"
"opacity ${transparency}, sent" # "opacity ${transparency}, sent"
"opacity ${transparency}, neovide" "opacity ${transparency}, neovide"
"opacity ${transparency}, obsidian" "opacity ${transparency}, obsidian"
"opacity ${transparency}, zathura" # "opacity ${transparency}, zathura"
# "bordercolor rgba(${rice.lib.nohash rice.color.foreground}ff) rgba(${rice.lib.nohash rice.color.background}${rice.lib.float-to-drune rice.transparency}), Alacritty" # "bordercolor rgba(${rice.lib.nohash rice.color.foreground}ff) rgba(${rice.lib.nohash rice.color.background}${rice.lib.float-to-drune rice.transparency}), Alacritty"
# "bordercolor rgba(${rice.lib.nohash rice.color.foreground}ff) rgba(${rice.lib.nohash rice.color.background}${rice.lib.float-to-drune rice.transparency}), Kitty" # "bordercolor rgba(${rice.lib.nohash rice.color.foreground}ff) rgba(${rice.lib.nohash rice.color.background}${rice.lib.float-to-drune rice.transparency}), Kitty"
"opacity ${transparency}, discord" "opacity ${transparency}, discord"
@@ -297,6 +295,7 @@ lib.mkIf (user != "tv")
"float, title:^(Compact folders)$" "float, title:^(Compact folders)$"
"tile, sent" "tile, sent"
"fullscreen, wlogout" "fullscreen, wlogout"
"fullscreen, sent"
"workspace 14, lutris" "workspace 14, lutris"
"workspace 100, title:^(Apex Legends)$" "workspace 100, title:^(Apex Legends)$"
"workspace 100, ^(cyberpunk2077.exe)$" "workspace 100, ^(cyberpunk2077.exe)$"
@@ -332,6 +331,7 @@ lib.mkIf (user != "tv")
"SUPER, F5, exec, nx_gcal_event force-lookup" "SUPER, F5, exec, nx_gcal_event force-lookup"
"SUPER SHIFT, F5, exec, nx_gcal_event reauthenticate" "SUPER SHIFT, F5, exec, nx_gcal_event reauthenticate"
"SUPER, F6, exec, kitty -e 'htop'" "SUPER, F6, exec, kitty -e 'htop'"
"SUPER, F7, exec, kitty -e 'nmtui'"
''SUPER, F8, exec, find ~/Pictures/wallpapers/* -type f -not -path "~/Pictures/wallpapers/.git/*" | sort -R | head -n 1 | xargs swww img --transition-type wipe --transition-angle 60 --transition-step 120 --transition-fps 120'' ''SUPER, F8, exec, find ~/Pictures/wallpapers/* -type f -not -path "~/Pictures/wallpapers/.git/*" | sort -R | head -n 1 | xargs swww img --transition-type wipe --transition-angle 60 --transition-step 120 --transition-fps 120''
''SUPER, F9, exec, kitty -e sh -c 'change_colors_json $(swww query | sed -n 1p | sed -e "s-.*image: --g") && nh home switch && firefox /home/${user}/.config/color-pallete.html' '' ''SUPER, F9, exec, kitty -e sh -c 'change_colors_json $(swww query | sed -n 1p | sed -e "s-.*image: --g") && nh home switch && firefox /home/${user}/.config/color-pallete.html' ''
''SUPER SHIFT, F9, exec, firefox /home/${user}/.config/color-pallete.html '' ''SUPER SHIFT, F9, exec, firefox /home/${user}/.config/color-pallete.html ''

49
home-modules/kitty.nix
View File

@@ -1,37 +1,32 @@
{ config, pkgs, rice, lib, user, ... }: { rice, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [
kitty
];
programs.kitty = { programs.kitty = {
enable = true; enable = true;
font = { font = {
name = rice.font.code.name2; name = rice.font.code.name2;
package = rice.font.code.package; package = rice.font.code.package;
}; };
settings = { settings = with rice.color; {
background = rice.color.background; background = background;
foreground = rice.color.foreground; foreground = foreground;
cursor = rice.color.foreground; cursor = foreground;
color0 = rice.color.black.base; color0 = black.base;
color8 = rice.color.black.bright; color8 = black.bright;
color1 = rice.color.red.base; color1 = red.base;
color9 = rice.color.red.bright; color9 = red.bright;
color2 = rice.color.green.base; color2 = green.base;
color10 = rice.color.green.bright; color10 = green.bright;
color3 = rice.color.yellow.base; color3 = yellow.base;
color11 = rice.color.yellow.bright; color11 = yellow.bright;
color4 = rice.color.blue.base; color4 = blue.base;
color12 = rice.color.blue.bright; color12 = blue.bright;
color5 = rice.color.magenta.base; color5 = magenta.base;
color13 = rice.color.magenta.bright; color13 = magenta.bright;
color6 = rice.color.cyan.base; color6 = cyan.base;
color14 = rice.color.cyan.bright; color14 = cyan.bright;
color7 = rice.color.white.base; color7 = white.base;
color15 = rice.color.white.bright; color15 = white.bright;
background_opacity = builtins.toString rice.transparency; background_opacity = builtins.toString rice.transparency;
window_padding_width = 5; window_padding_width = 5;
remember_window_size = false; remember_window_size = false;
}; };

8
home-modules/mako.nix
View File

@@ -1,10 +1,6 @@
{ pkgs, rice, lib, user, ... }: { pkgs, rice, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = [ home.packages = with pkgs; [ libnotify ];
pkgs.mako
pkgs.libnotify
];
services.mako = with rice; { services.mako = with rice; {
enable = true; enable = true;
defaultTimeout = 5000; # in ms defaultTimeout = 5000; # in ms

11
home-modules/nx-gcal-event.nix
View File

@@ -1,9 +1,6 @@
{ config, pkgs, secrets, lib, user, ... }: { config, pkgs, secrets, ... }: let
let sep = " ";
sep = " "; in {
in
lib.mkIf (user != "tv")
{
home = { home = {
file."${config.xdg.dataHome}/nx-gcal-event-credentials.json".text = '' file."${config.xdg.dataHome}/nx-gcal-event-credentials.json".text = ''
{ {
@@ -26,7 +23,7 @@ lib.mkIf (user != "tv")
# (pkgs.python311.withPackages (python-pkgs: [ # (pkgs.python311.withPackages (python-pkgs: [
# python-pkgs.google # python-pkgs.google
# ])) # ]))
(writeScriptBin "nx_gcal_event" '' (writeScriptBin "nx_gcal_event" /* python */ ''
#!${pkgs.python3}/bin/python3 #!${pkgs.python3}/bin/python3
import datetime import datetime
import os import os

99
home-modules/nx2site.nix Normal file
View File

@@ -0,0 +1,99 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
(writeShellApplication {
name = "nxmd";
text = let
ascii_size = (pkgs.writers.writePython3Bin "ascii_size" {
# libraries = with pkgs.python311Packages; [ ];
flakeIgnore = [];
} /* python */ ''
from sys import argv
with open(argv[1], "r", encoding='utf-8') as f:
raw = f.read()
sraw = raw.split("\n")
linestart = 0
lineend = 0
started = False
for linenum in range(len(sraw)):
if sraw[linenum].strip() == "```ascii":
linestart = linenum
started = True
if started and sraw[linenum].strip() == "```":
lineend = linenum
break
maxwidth = 0
for linenum in range(linestart, lineend):
linewidth = len(sraw[linenum])
if linewidth > maxwidth:
maxwidth = linewidth
print(f"Maximum length of the `ascii` code clock is {maxwidth} characters.")
px = (1 / maxwidth) * 1500
vw = (1 / maxwidth) * 150
snew = sraw
snew[3] = "aaw: " + str(round(vw, 2))
snew[4] = "aawm: " + str(round(px, 2))
new = "\n".join(snew)
with open(argv[1], "w", encoding='utf-8') as f:
f.write(new)
print(f"The resulting font sizes are {px}px (aawm) and {vw}vw (aam).")
print(f"You can now use the push operation on {argv[1]}.")
''
);
in /* bash */ ''
ord=$(date +"%e" | awk '{printf("%d%s\n", $1, ($1==11||$1==12||$1==13)?"th":((($1%10)==1)?"st":((($1%10)==2)?"nd":((($1%10)==3)?"rd":"th"))))}')
nxdate="$(date +'%A the ')"
nxdate="$nxdate""$ord"
nxdate="$nxdate""$(date +' of %B %Y')"
if [[ $# -eq 0 ]]; then
echo "Error: No arguments provided."
echo "Usage: $0 push <markdown-file>"
exit 1
fi
if [[ "$1" == "push" ]]; then
if [[ ! "$2" =~ \.md$ ]]; then
echo "Error: Second argument must be a markdown (.md) file"
echo "Usage: $0 push <markdown-file>"
exit 1
fi
pandoc \
"$2" \
--highlight-style=breezeDark \
--standalone \
--mathjax \
--ascii \
--template /var/nginx/assets/template.html \
--metadata pdate="$nxdate" \
--verbose --from markdown-markdown_in_html_blocks+raw_html \
-o /var/nginx/webroot/"$(basename "$2" .md )".html
echo pushed "$2"
elif [[ "$1" == "ascii-size" ]]; then
if [[ ! "$2" =~ \.md$ ]]; then
echo "Error: Second argument must be a markdown (.md) file"
echo "Usage: $0 ascii-size <markdown-file>"
exit 1
fi
${ascii_size}/bin/ascii_size "$2"
else
echo "Error: First argument must be 'push'"
echo "Usage: $0 push <markdown-file>"
exit 1
fi
'';
})
];
}

1
home-modules/office.nix
View File

@@ -1,5 +1,4 @@
{ config, pkgs, lib, user, ... }: { config, pkgs, lib, user, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
libreoffice libreoffice

35
home-modules/programming/python.nix
View File

@@ -1,21 +1,20 @@
{ config, pkgs, lib, user, ... }: { pkgs, ... }:
let
python-with-packages = pkgs.python3.withPackages (pp: with pp; [
ipython
pipdeptree
requests
google google-api-python-client google-auth-httplib2 google-auth-oauthlib
debugpy
black
]);
in
lib.mkIf (user != "tv")
{ {
home.packages = [ home = let
python-with-packages python-with-packages = pkgs.python3.withPackages (pp: with pp; [
]; ipython
pipdeptree
home.sessionVariables = { requests
PYTHONPATH = "${python-with-packages}/${python-with-packages.sitePackages}"; google google-api-python-client google-auth-httplib2 google-auth-oauthlib
debugpy
black
]);
in {
packages = [
python-with-packages
];
sessionVariables = {
PYTHONPATH = "${python-with-packages}/${python-with-packages.sitePackages}";
};
}; };
} }

1
home-modules/qt.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, lib, user, ... }: { pkgs, lib, user, ... }:
lib.mkIf (user != "tv")
{ {
qt = { qt = {
platformTheme = "gtk"; platformTheme = "gtk";

201
home-modules/rofi.nix
View File

@@ -1,114 +1,113 @@
{ pkgs, rice, lib, user, ... }: { pkgs, rice, ... }: {
let
trdr = "${rice.lib.float-to-drune rice.transparency}";
in
lib.mkIf (user != "tv")
{
home.packages = with pkgs; [ home.packages = with pkgs; [
rofi-wayland rofi-wayland
]; ];
home.file.".config/rofi/config.rasi".text = '' home.file = let
configuration { trdr = "${rice.lib.float-to-drune rice.transparency}";
show-icons: false; in with rice.color; {
display-drun: ""; ".config/rofi/config.rasi".text = ''
disable-history: false; configuration {
drun-display-format: "{name} [<span weight='light' size='small'><i>({generic})</i></span>] [<span weight='light' size='small'><i>({exec})</i></span>]"; show-icons: false;
} display-drun: "";
disable-history: false;
drun-display-format: "{name} [<span weight='light' size='small'><i>({generic})</i></span>] [<span weight='light' size='small'><i>({exec})</i></span>]";
}
* { * {
font: "${rice.font.code.name2} 12"; font: "${rice.font.code.name2} 12";
foreground: ${rice.color.foreground}; foreground: ${foreground};
background-color: ${rice.color.background}${trdr}; background-color: ${background}${trdr};
padding: 0px; padding: 0px;
margin: 0px; margin: 0px;
spacing: 0px; spacing: 0px;
border-width: 0px; border-width: 0px;
} }
#window { #window {
background-color: ${rice.color.background}${trdr}; background-color: ${background}${trdr};
border: ${builtins.toString rice.border-width}px; border: ${builtins.toString rice.border-width}px;
border-radius: ${builtins.toString rice.rounding}; border-radius: ${builtins.toString rice.rounding};
border-color: ${rice.color.border}; border-color: ${border};
} }
#mainbox { #mainbox {
border: 0; border: 0;
padding: 0; padding: 0;
} }
#message { #message {
border: 0px; border: 0px;
} }
#textbox { #textbox {
text-color: ${rice.color.foreground}; text-color: ${foreground};
} }
#listview { #listview {
fixed-height: 0; fixed-height: 0;
border: 0px; border: 0px;
spacing: 0px ; spacing: 0px ;
scrollbar: false; scrollbar: false;
padding: 0px; padding: 0px;
} }
#element { #element {
border: 0; border: 0;
padding: 0px; padding: 0px;
border-radius: ${if rice.rounding > 0 then "2" else "0"}px; border-radius: ${if rice.rounding > 0 then "2" else "0"}px;
} }
#element.normal.normal { background-color: ${rice.color.background}${trdr}; text-color: ${rice.color.accent.base}; } #element.normal.normal { background-color: ${background}${trdr}; text-color: ${accent.base}; }
#element.selected.normal { background-color: ${rice.color.tertiary.base}${trdr}; text-color: ${rice.color.background}; } #element.selected.normal { background-color: ${tertiary.base}${trdr}; text-color: ${background}; }
#element.alternate.normal { background-color: ${rice.color.background}${trdr}; text-color: ${rice.color.secondary.base}; } #element.alternate.normal { background-color: ${background}${trdr}; text-color: ${secondary.base}; }
#scrollbar { #scrollbar {
width: ${builtins.toString rice.border-width}px ; width: ${builtins.toString rice.border-width}px ;
border: 0; border: 0;
handle-width: 8px ; handle-width: 8px ;
padding: 0; padding: 0;
} }
#sidebar { #sidebar {
border: ${builtins.toString rice.border-width}px dash; border: ${builtins.toString rice.border-width}px dash;
} }
#button.selected { #button.selected {
text-color: ${rice.color.foreground}; text-color: ${foreground};
} }
#inputbar { #inputbar {
spacing: 0; spacing: 0;
text-color: ${rice.color.background}; text-color: ${background};
background-color: ${rice.color.accent.base}${trdr}; background-color: ${accent.base}${trdr};
padding: 0; padding: 0;
margine-bottom: 2px; margine-bottom: 2px;
children: [ prompt,textbox-prompt-colon,entry,case-indicator ]; children: [ prompt,textbox-prompt-colon,entry,case-indicator ];
} }
#prompt { #prompt {
spacing: 0; spacing: 0;
background-color: transparent; background-color: transparent;
text-color: ${rice.color.foreground}; text-color: ${foreground};
} }
#textbox-prompt-colon { #textbox-prompt-colon {
expand: false; expand: false;
str: ">"; str: ">";
margin: 0px 0.3em 0em 0em ; margin: 0px 0.3em 0em 0em ;
text-color: ${rice.color.background}; text-color: ${background};
background-color: transparent; background-color: transparent;
} }
#case-indicator { #case-indicator {
spacing: 0; spacing: 0;
text-color: ${rice.color.foreground}; text-color: ${foreground};
background-color: transparent; background-color: transparent;
} }
#entry { #entry {
spacing: 0; spacing: 0;
text-color: ${rice.color.background}; text-color: ${background};
background-color: transparent; background-color: transparent;
placeholder: ""; placeholder: "";
} }
element-text, element-icon { element-text, element-icon {
background-color: inherit; background-color: inherit;
text-color: inherit; text-color: inherit;
} }
''; '';
};
} }

27
home-modules/sent.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, rice, user, ... }: { pkgs, rice, ... }:
let let
my-sent = pkgs.sent.override { my-sent = pkgs.sent.override {
patches = [ patches = [
@@ -11,25 +11,14 @@ in
{ {
home = { home = {
packages = [ packages = [
# pkgs.sent
my-sent my-sent
(pkgs.writeShellApplication {
name = "nxsent";
text = with rice.color; let
in /* bash */ ''
echo "$@" | sent -c "${accent.base}" -b "${background}"
'';
})
]; ];
file.".local/share/sent.patch".text = ''
diff --git a/config.def.h b/config.def.h
index 60eb376..64e7f05 100644
--- a/config.def.h
+++ b/config.def.h
@@ -9,8 +9,8 @@ static char *fontfallbacks[] = {
#define FONTSZ(x) ((int)(10.0 * powf(1.1288, (x)))) /* x in [0, NUMFONTSCALES-1] */
static const char *colors[] = {
- "#000000", /* foreground color */
- "#FFFFFF", /* background color */
+ "${rice.color.foreground}", /* foreground color */
+ "${rice.color.background}", /* background color */
};
static const float linespacing = 1.4;
'';
}; };
} }

50
home-modules/ssh.nix
View File

@@ -1,31 +1,27 @@
{ pkgs, lib, user, ... }: { pkgs, domain, ... }:
lib.mkIf (user != "tv")
{ {
home = {
packages = with pkgs; [ sshfs ];
file.".ssh/config".text = ''
HOST nxace
HostName ssh.${domain}
User nx2
Port 50022
home.packages = with pkgs; [ HOST nxacel
sshfs HostName 192.168.178.32
]; User nx2
Port 50022
HOST nxrpil
home.file.".ssh/config".text = '' HostName 192.168.178.31
HOST nxace User nx2
HostName ssh.nx2.site Port 22
User nx2
Port 50022 HOST nxgit
HostName ssh.${domain}
HOST nxacel User git
HostName 192.168.178.32 Port 20022
User nx2 '';
Port 50022 };
HOST nxrpil
HostName 192.168.178.31
User nx2
Port 22
HOST nxgit
HostName ssh.nx2.site
User git
Port 20022
'';
} }

7
home-modules/starship.nix
View File

@@ -1,10 +1,5 @@
{ pkgs, lib, user, rice, ... }: { lib, rice, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = [
pkgs.starship
];
programs.starship = { programs.starship = {
enable = true; enable = true;
# enableBashIntegration = true; # enableBashIntegration = true;

7
home-modules/vale.nix
View File

@@ -1,9 +1,6 @@
{ pkgs, lib, user, ... }: { pkgs, ... }: let
let
vws = pkgs.vale.withStyles (s: [ s.alex s.google ]); vws = pkgs.vale.withStyles (s: [ s.alex s.google ]);
in in {
lib.mkIf (user != "tv")
{
home = { home = {
packages = [ packages = [
vws vws

2
home-modules/wallpaper-to-colors.nix
View File

@@ -123,7 +123,7 @@ if __name__ == "__main__":
accent = ensure_color(c=palette[0], alter_sat=False) accent = ensure_color(c=palette[0], alter_sat=False)
secondary = ensure_color(c=palette[1], alter_sat=True) secondary = ensure_color(c=palette[1], alter_sat=True)
tertiary = ensure_color(c=palette[2], alter_sat=False) tertiary = ensure_color(c=palette[2], alter_sat=False)
weird = alter_hue(ilist=secondary, hue=180) weird = alter_hue(ilist=accent, hue=80)
special = alter_hue(ilist=accent, hue=180) special = alter_hue(ilist=accent, hue=180)
foreground = alter_l(accent, 0.9) foreground = alter_l(accent, 0.9)
background = alter_l(accent, 0.1) background = alter_l(accent, 0.1)

16
home-modules/waybar.nix
View File

@@ -1,9 +1,6 @@
{ lib, pkgs, user, rice, ... }: { lib, pkgs, user, rice, ... }: let
let
sep = " "; sep = " ";
in in {
lib.mkIf (user != "tv")
{
home.packages = home.packages =
let let
waybar_mode_script = /*bash*/ '' waybar_mode_script = /*bash*/ ''
@@ -100,10 +97,10 @@ lib.mkIf (user != "tv")
exec = "cclock"; exec = "cclock";
restart-interval = 60; restart-interval = 60;
}; };
"custom/ctimeremaining" = { # "custom/ctimeremaining" = {
exec = "nx_gcal_event lookup"; # exec = "nx_gcal_event lookup";
restart-interval = 60; # restart-interval = 60;
}; # };
"custom/mode" = { "custom/mode" = {
exec = "cat /tmp/waybar-mode"; exec = "cat /tmp/waybar-mode";
interval = "once"; interval = "once";
@@ -184,7 +181,6 @@ lib.mkIf (user != "tv")
#clock, #clock,
#custom-cclock, #custom-cclock,
#custom-ctimeremaining,
#custom-mode, #custom-mode,
#battery, #battery,
#cpu, #cpu,

171
home-modules/wlogout.nix
View File

@@ -1,98 +1,85 @@
{ config, pkgs, lib, user, rice,... }: { pkgs, rice,... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home = {
wlogout packages = with pkgs; [ wlogout ];
]; file = {
".config/wlogout/style.css".text = /* css */ ''
* { all: unset; }
home.file.".config/wlogout/style.css".text = '' window {
* { all: unset; } font-family: ${rice.font.code.name}, monospace;
font-size: 12pt;
color: ${rice.color.foreground};
background-color: rgba(0, 0, 0, ${builtins.toString rice.transparency});
}
window { button {
font-family: ${rice.font.code.name}, monospace; transition: box-shadow 0.2s ease-in-out, background-color 0.2s ease-in-out;
font-size: 12pt; text-shadow: none;
color: ${rice.color.foreground}; border: none;
background-color: rgba(0, 0, 0, ${builtins.toString rice.transparency}); color: ${rice.color.foreground};
} background-color: ${rice.color.background};
margin: 5px;
}
button { button:hover {
transition: box-shadow 0.2s ease-in-out, background-color 0.2s ease-in-out; color: ${rice.color.blue.base};
text-shadow: none; }
border: none;
color: ${rice.color.foreground};
background-color: ${rice.color.background};
margin: 5px;
}
button:hover { button:focus {
color: ${rice.color.blue.base} ; color: ${rice.color.blue.base};
} }
'';
button:focus { ".config/wlogout/layout".text = /* json */ ''
color: ${rice.color.blue.base} ; {
} "label": "lock",
''; "action": "hyprlock",
"text": "[L]ock",
home.file.".config/wlogout/layout".text = '' "height": 0,
{ "width": 0,
"label": "lock", "keybind": "l"
"action": "hyprlock", }
"text": "[L]ock", {
"height": 0, "label": "reboot",
"width": 0, "action": "systemctl reboot",
"keybind": "l" "text": "[R]eboot",
} "height": 0,
{ "width": 0,
"label": "reboot", "keybind": "r"
"action": "systemctl reboot", }
"text": "[R]eboot", {
"height": 0, "label": "shutdown",
"width": 0, "action": "systemctl poweroff",
"keybind": "r" "text": "[S]hutdown",
} "height": 0,
{ "width": 0,
"label": "shutdown", "keybind": "s"
"action": "systemctl poweroff", }
"text": "[S]hutdown", {
"height": 0, "label": "logout",
"width": 0, "action": "hyprctl dispatch exit 0",
"keybind": "s" "text": "Lo[g]out",
} "height": 0,
{ "width": 0,
"label": "logout", "keybind": "g"
"action": "hyprctl dispatch exit 0", }
"text": "Lo[g]out", {
"height": 0, "label": "suspend",
"width": 0, "action": "systemctl suspend",
"keybind": "g" "text": "S[u]spend",
} "height": 0,
{ "width": 0,
"label": "suspend", "keybind": "u"
"action": "systemctl suspend", }
"text": "S[u]spend", {
"height": 0, "label": "hibernate",
"width": 0, "action": "systemctl hibernate",
"keybind": "u" "text": "[H]ibernate",
} "height": 0,
{ "width": 0,
"label": "hibernate", "keybind": "h"
"action": "systemctl hibernate", }
"text": "[H]ibernate", '';
"height": 0, };
"width": 0, };
"keybind": "h"
}
'';
# lock { background-image: image(url("./lock.png")); }
# lock:focus { background-image: image(url("./lock-hover.png")); }
# logout { background-image: image(url("./logout.png")); }
# logout:focus { background-image: image(url("./logout-hover.png")); }
# suspend { background-image: image(url("./suspend.png")); }
# suspend:focus { background-image: image(url("./suspend-hover.png")); }
# shutdown { background-image: image(url("./power.png")); }
# shutdown:focus { background-image: image(url("./power-hover.png")); }
# reboot { background-image: image(url("./restart.png")); }
# reboot:focus { background-image: image(url("./restart-hover.png")); }
# hibernate { background-image: image(url("./hibernate.png")); }
# hibernate:hover { background-image: image(url("./hibernate-hover.png"));}
} }

13
home-modules/yazi.nix
View File

@@ -1,6 +1,5 @@
{ pkgs, lib, system, user, rice, inputs, ... }: { pkgs, system, rice, inputs, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
# yazi # yazi
@@ -169,12 +168,12 @@ lib.mkIf (user != "tv")
hovered = { underline = true; }; hovered = { underline = true; };
}; };
which = { which = {
mask = { bg = "#3c3836"; }; mask = { bg = black.base; };
cand = { fg = "#83a598"; }; cand = { fg = accent.base; };
rest = { fg = "#928374"; }; rest = { fg = secondary.base; };
desc = { fg = "#fe8019"; }; desc = { fg = tertiary.base; };
separator = " "; separator = " ";
separator_style = { fg = "#504945"; }; separator_style = { fg = foreground; };
}; };
help = { help = {
on = { fg = "#fe8019"; }; on = { fg = "#fe8019"; };

16
home-modules/zathura.nix
View File

@@ -7,10 +7,11 @@
completion-fg = foreground; completion-fg = foreground;
completion-highlight-bg = background; completion-highlight-bg = background;
completion-highlight-fg = accent.base; completion-highlight-fg = accent.base;
# default-bg = background; default-bg = "rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency})";
# default-fg = foreground; default-fg = foreground;
highlight-active-color = accent.base; highlight-active-color = "rgba(${rice.lib.hex-to-rgb-comma-string accent.base},0.5)";
highlight-color = secondary.base; highlight-color = "rgba(${rice.lib.hex-to-rgb-comma-string secondary.base},0.5)";
highlight-fg = "rgba(${rice.lib.hex-to-rgb-comma-string secondary.base},0.5)";
index-active-bg = background; index-active-bg = background;
inputbar-bg = background; inputbar-bg = background;
inputbar-fg = foreground; inputbar-fg = foreground;
@@ -20,13 +21,16 @@
notification-fg = foreground; notification-fg = foreground;
notification-warning-bg = background; notification-warning-bg = background;
notification-warning-fg = foreground; notification-warning-fg = foreground;
recolor = false; recolor = true;
recolor-darkcolor = foreground; recolor-darkcolor = foreground;
recolor-keephue = true; recolor-keephue = true;
recolor-lightcolor = background; recolor-lightcolor = background;
selection-clipboard = "clipboard"; selection-clipboard = "clipboard";
statusbar-bg = background; statusbar-bg = black.base;
statusbar-fg = foreground; statusbar-fg = foreground;
n-completion-items = 9999999999999;
exec-command = "open";
}; };
}; };
} }

3
home-modules/zoxide.nix
View File

@@ -1,5 +1,4 @@
{ config, pkgs, lib, user, ... }: { pkgs, ... }:
lib.mkIf (user != "tv")
{ {
home.packages = [ home.packages = [
pkgs.zoxide pkgs.zoxide

3
home.nix
View File

@@ -28,7 +28,8 @@
./home-modules/nh.nix ./home-modules/nh.nix
./home-modules/nixd.nix ./home-modules/nixd.nix
./home-modules/nvidia.nix ./home-modules/nvidia.nix
./home-modules/nx-gcal-event.nix ./home-modules/nx2site.nix
# ./home-modules/nx-gcal-event.nix
./home-modules/obs.nix ./home-modules/obs.nix
./home-modules/office.nix ./home-modules/office.nix
./home-modules/ollama.nix ./home-modules/ollama.nix

17
sops-secrets.yaml
View File

File diff suppressed because one or more lines are too long

7
system-modules/adb.nix Normal file
View File

@@ -0,0 +1,7 @@
{ host, lib, ... }:
lib.mkIf (host != "NxACE")
{
programs.adb = {
enable = true;
};
}

4
system-modules/boot.nix
View File

@@ -1,7 +1,7 @@
{ config, pkgs, pkgs-unstable, lib, host, inputs, ... }: { config, pkgs, pkgs-unstable, lib, host, domain, inputs, ... }:
let let
grub-theme-ascii-diana = (pkgs.fetchFromGitea { grub-theme-ascii-diana = (pkgs.fetchFromGitea {
domain = "git.nx2.site"; domain = "git.${domain}";
owner = "nx2"; owner = "nx2";
repo = "grub-theme-ascii-diana"; repo = "grub-theme-ascii-diana";
rev = "0.5.0"; rev = "0.5.0";

30
system-modules/dm.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, user, host, lib, ... }: { pkgs, user, ... }:
if (host != "NxACE") then
{ {
services.greetd = { services.greetd = {
enable = true; enable = true;
@@ -22,31 +21,4 @@ if (host != "NxACE") then
TTYVHangup = true; TTYVHangup = true;
TTYVTDisallocate = true; TTYVTDisallocate = true;
}; };
}
else
{
environment.systemPackages = with pkgs; [
sddm
# where-is-my-sddm-theme
];
services.xserver = {
displayManager = {
defaultSession = "hyprland";
sddm = {
enable = true;
# theme = "where_is_my_sddm_theme";
settings = {
theme = {
# background = /home/nx2/Pictures/
passwordFontSize = 12;
passwordInputCursorVisible = true;
};
};
};
autoLogin = lib.mkIf (host == "NxACE") {
enable = true;
user = "tv";
};
};
};
} }

5
system-modules/docker.nix
View File

@@ -13,4 +13,9 @@
# }; # };
}; };
users.users."${user}".extraGroups = [ "docker" ]; users.users."${user}".extraGroups = [ "docker" ];
networking.firewall.allowedTCPPorts = [
80
443
8384
];
} }

13
system-modules/fuse.nix
View File

@@ -1,7 +1,12 @@
{ config, pkgs, ...}: { config, pkgs, ...}:
{ {
environment.systemPackages = with pkgs; [ environment = {
jmtpfs systemPackages = with pkgs; [
]; jmtpfs
} simple-mtpfs
android-file-transfer
];
};
programs.fuse.userAllowOther = true;
}

2
system-modules/hardware-configuration.nix
View File

@@ -16,7 +16,7 @@
fileSystems = if host != "NxACE" then { fileSystems = if host != "NxACE" then {
"/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; "/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; };
"/boot" = { device = "/dev/disk/by-label/EFI"; fsType = "vfat"; }; "/boot" = { device = "/dev/disk/by-label/EFI"; fsType = "vfat"; };
"/home/${user}/shared" = { device = "/dev/disk/by-label/shared"; fsType = "ntfs"; options = [ "uid:1000" "gid:100" ]; }; "/home/${user}/shared" = { device = "/dev/disk/by-label/shared"; fsType = "ntfs"; options = [ "uid=1000" "gid=100" ]; };
} else { } else {
"/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; "/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; };
"/boot" = { device = "/dev/disk/by-label/EFI"; fsType = "vfat"; }; "/boot" = { device = "/dev/disk/by-label/EFI"; fsType = "vfat"; };

50
system-modules/networking.nix
View File

@@ -13,63 +13,15 @@
networkmanager = { networkmanager = {
enable = true; enable = true;
}; };
enableIPv6 = false; enableIPv6 = true;
firewall.allowedTCPPorts = [ firewall.allowedTCPPorts = [
80 80
443 443
]; ];
}; };
# Eduroam
environment.etc = { environment.etc = {
"ssl/certs/tuda-eduroam-root.crt".source = "${pkgs.cacert.unbundled}/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2:1.crt"; "ssl/certs/tuda-eduroam-root.crt".source = "${pkgs.cacert.unbundled}/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2:1.crt";
# this comment blow is just for people reading my config
# I use sops-nix to place the actual file there (read below).
# identity and password have been replaced with "<...>" in the comment
# There the "email" and the password from the IDM portal of the HRZ should go
# Notice the toda-eduroam-root.crt that I am using (specified above)
# The method im using means that the password for the network is accessable locally as root user
# an even more secure way is for example using something like this https://wiki.archlinux.org/title/NetworkManager#Encrypted_Wi-Fi_passwords
# "NetworkManager/system-connections/eduroam.nmconnection" = {
# text = ''
# [connection]
# id=eduroam
# uuid=09ce7f02-0c1d-4e11-9f69-e91031176d9d
# type=wifi
# permissions=user:nx2:;
# [wifi]
# mode=infrastructure
# ssid=eduroam
# [wifi-security]
# key-mgmt=wpa-eap
# [802-1x]
# anonymous-identity=eduroam@tu-darmstadt.de
# ca-cert=/etc/ssl/certs/tuda-eduroam-root.crt
# domain=radius.hrz.tu-darmstadt.de
# eap=peap;
# identity=<...>@tu-darmstadt.de
# password=<...>
# phase2-auth=mschapv2
# [ipv4]
# method=auto
# [ipv6]
# addr-gen-mode=stable-privacy
# ip6-privacy=2
# method=auto
# '';
# mode = "0600";
# };
}; };
sops.secrets = { sops.secrets = {
"eduroam/tuda_nmconnection" = { "eduroam/tuda_nmconnection" = {
mode = "0600"; mode = "0600";

6
system-modules/nixd.nix
View File

@@ -1,4 +1,8 @@
{ inputs, ... }: { inputs, ... }:
{ {
nix.nixPath = [ "nixpgs=${inputs.nixpkgs}" ]; nix.nixPath = [
"nixpkgs=${inputs.nixpkgs}"
"nixpkgs-unstable=${inputs.nixpkgs-unstable}"
"nixpkgs-latest=${inputs.nixpkgs-latest}"
];
} }

207
system-modules/nx2site.nix
View File

@@ -1,45 +1,47 @@
{ config, pkgs, lib, user, host, ... }: { config, pkgs, domain, secrets, ... }:
# lib.mkIf false
lib.mkIf (host == "NxACE")
# ((import ./nx2site/proxy.nix { inherit config pkgs lib user; }) //
(
{ {
sops.secrets = { sops.secrets = {
"nx2site/namecheap.pw" = { }; "nx2site/namecheap.pw" = { };
# "nx2site/cloudflare/api-token-dns-edit" = { };
"nx2site/cloudflare/global-api-key" = { };
}; };
systemd = { systemd = {
timers."namecheap-dynamic-dns" = { timers."dynamic-dns" = {
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
timerConfig = { timerConfig = {
OnBootSec = "2m"; OnBootSec = "2m";
OnUnitActiveSec = "10m"; OnUnitActiveSec = "10m";
Unit = "namecheap-dynamic-dns.service"; Unit = "dynamic-dns.service";
}; };
}; };
services."namecheap-dynamic-dns" = let services."dynamic-dns" = let
u = let u = let
domain = "nx2.site"; account_id = secrets.email.gmail-online.mail;
passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; zone_id = "33fecab36e060f49d492127345ea95a0";
# passord-file-path = config.sops.secrets."nx2site/namecheap.pw".path; record_id = {
log-file-path = "/var/log/update_namecheap.log"; base = "58d3412e8d88889d1a611b3669f0700f";
count-file-path = "/var/log/update_namecheap-count.txt"; sub = "fc861353142bc05d5dbad1799178e6a1";
in pkgs.writers.writePython3Bin "update_namecheap" { base6 = "d1b90e21d2d747dcb30448bd65312927";
sub6 = "b8082b7afe9e80971fc9f9dda16ec284";
};
passord-file-path = config.sops.secrets."nx2site/cloudflare/global-api-key".path;
log-file-path = "/var/log/couldflare.log";
count-file-path = "/var/log/cloudflare-count.txt";
in pkgs.writers.writePython3Bin "dyn_dns" {
libraries = with pkgs.python311Packages; [ requests ]; libraries = with pkgs.python311Packages; [ requests ];
flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" ]; flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" "E121" "E261" "E303"];
} '' } /* python */ ''
import requests import requests
import argparse import subprocess
import socket
from datetime import datetime from datetime import datetime
def get_public_ip(): return requests.get('https://ipinfo.io/ip').text.strip() def get_public_ip(ipv6=False):
return subprocess.run(['${pkgs.curl}/bin/curl', '-s', '-6' if ipv6 else '-4', 'https://ifconfig.me'], capture_output=True, text=True).stdout.strip()
def get_dns_ip(): return socket.gethostbyname_ex('${domain}')[2][0] def main():
def main(force_update):
my_ip = get_public_ip() my_ip = get_public_ip()
dns_ip = get_dns_ip() my_ip6 = get_public_ip(ipv6=True)
with open("${count-file-path}", "r") as f: with open("${count-file-path}", "r") as f:
content = f.read() content = f.read()
@@ -49,73 +51,136 @@ lib.mkIf (host == "NxACE")
with open("${count-file-path}", "w") as f: with open("${count-file-path}", "w") as f:
f.write(str(count)) f.write(str(count))
if not (force_update or my_ip != dns_ip): # 4
print(f"Host IP and DNS response are both {my_ip} --> No Action") with open("${passord-file-path}", 'r') as pw_file:
exit(0) pw = pw_file.read().strip()
else:
with open("${passord-file-path}", 'r') as pw_file: pw = pw_file.read().strip()
# Perform DNS updates # Perform DNS updates
resp_base = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password={pw}&ip={my_ip}") # https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-update-dns-record
resp_subd = requests.get(f"https://dynamicdns.park-your-domain.com/update?host=*&domain=${domain}&password={pw}&ip={my_ip}") resp_base = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.base}',
# Reset the count file headers={
with open("${count-file-path}", 'w') as f: f.write('0') 'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "${domain}",
"proxied": True,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip,
"type": "A"
}
)
now_str = datetime.now().strftime('%Y/%m/%d-%R') resp_subd = requests.patch(
log_entry = f"At {now_str} - from {dns_ip} to {my_ip} - {count} times - Response {resp_base.status_code}{' - (forced)' if force_update else ' '}\n" 'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.sub}',
print(log_entry, end="") headers={
with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry) 'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "${domain}",
"proxied": True,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip,
"type": "A"
}
)
if resp_base.status_code != 200:
print(resp_base.text)
now_str = datetime.now().strftime('%Y/%m/%d-%R')
log_entry = f"At {now_str} - to {my_ip} - Response {resp_base.status_code}\n"
print(log_entry, end="")
with open("${log-file-path}", 'a') as log_file:
log_file.write(log_entry)
# Perform DNS updates
# https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-update-dns-record
resp_base = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.base6}',
headers={
'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "${domain}",
"proxied": True,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip6,
"type": "AAAA"
}
)
resp_subd = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.sub6}',
headers={
'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "${domain}",
"proxied": True,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip6,
"type": "AAAA"
}
)
if resp_base.status_code != 200:
print(resp_base.text)
now_str = datetime.now().strftime('%Y/%m/%d-%R')
log_entry = f"At {now_str} - to {my_ip6} - Response {resp_base.status_code}\n"
print(log_entry, end="")
with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry)
if __name__ == "__main__": if __name__ == "__main__":
parser = argparse.ArgumentParser() main()
parser.add_argument('-f', '--force', action='store_true', help='Force update')
args = parser.parse_args()
main(args.force)
''; '';
in { in {
script = '' script = ''
set -eu set -eu
${u}/bin/update_namecheap ${u}/bin/dyn_dns
''; '';
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
User = "root";
}; };
}; };
}; };
# I can't use this becasue API Access for Namecheap needs a static whitelisted IP, which I don't have
# security.acme = {
# acceptTerms = true;
# certs."nx2site" = { };
# };
environment.systemPackages = with pkgs; [
certbot
(writeShellApplication {
name = "refresh_ssl_certificate";
runtimeInputs = [ certbot ];
# https://forum.endeavouros.com/t/tutorial-add-a-systemd-boot-loader-menu-entry-for-a-windows-installation-using-a-separate-esp-partition/37431
text = let
webroot = /home/nx2/nx2site/staticweb/content;
in /*bash*/ ''
cartbot
ls ${webroot}
'';
})
];
networking.hosts = { # docker network inspect nx2site_default | grep -E "Name|IPv4" | tr "\n" " " | sed -r 's- +- -g;s-\n?"Name": -\n-g' | sed -r '1d;2d;s-"(.+?)", "IPv4Address": "(.+)/16",- "\2" = [ "\1.docker" ];-g' networking.hosts = { # docker network inspect nx2site_default | grep -E "Name|IPv4" | tr "\n" " " | sed -r 's- +- -g;s-\n?"Name": -\n-g' | sed -r '1d;2d;s-"(.+?)", "IPv4Address": "(.+)/16",- "\2" = [ "\1.docker" ];-g'
"172.1.2.1" = [ "staticweb.docker" ]; # "172.1.2.1" = [ "staticweb.docker" ];
"172.1.3.1" = [ "matrix.docker" ]; # "172.1.3.1" = [ "matrix.docker" ];
# "172.1.0.9" = [ "matrixdb.docker" ]; # "172.1.0.9" = [ "matrixdb.docker" ];
"172.1.4.1" = [ "matrix-ss.docker" ]; # "172.1.4.1" = [ "matrix-ss.docker" ];
# "172.1.0.7" = [ "matrix-ssdb.docker" ]; # "172.1.0.7" = [ "matrix-ssdb.docker" ];
"172.1.5.1" = [ "pw.docker" ]; "172.1.5.1" = [ "pw.docker" ];
"172.1.6.1" = [ "git.docker" ]; "172.1.6.1" = [ "git.docker" ];
# "172.1.0.10" = [ "gitdb.docker" ]; # "172.1.0.10" = [ "gitdb.docker" ];
"172.1.7.1" = [ "nn.docker" ]; # "172.1.7.1" = [ "nn.docker" ];
"172.1.8.1" = [ "llm.docker" ]; # "172.1.8.1" = [ "llm.docker" ];
# "172.1.9.1" = [ "proxy.docker" ]; # "172.1.9.1" = [ "proxy.docker" ];
"172.1.10.1" = [ "share.docker" ]; # "172.1.10.1" = [ "share.docker" ];
"172.1.11.1" = [ "odq.docker" ]; # "172.1.11.1" = [ "odq.docker" ];
}; };
}) }

71
system-modules/nx2site/gitea.nix Normal file
View File

@@ -0,0 +1,71 @@
{ config, pkgs-unstable, domain, ... }:
{
sops.secrets = {
"postgres-pw" = { owner = "gitea"; };
};
services.gitea = {
enable = true;
package = pkgs-unstable.gitea;
group = "gitea"; # default
user = "gitea"; # default
appName = "NxGit";
stateDir = "/var/lib/gitea"; # default
useWizard = false; # default
# camoHmacKeyFile = ;
customDir = "${config.services.gitea.stateDir}/custom"; # default
database = {
createDatabase = false; # default
host = "127.0.0.1"; # default
port = 5432;
passwordFile = config.sops.secrets."postgres-pw".path;
# path = "${config.services.gitea.stateDir}/data/gitea.db"; # default
# socket = "/run/postgresql";
socket = null;
type = "postgres";
name = "gitea"; # default
user = "gitea"; # default
};
dump = {
enable = true;
backupDir = "${config.services.gitea.stateDir}/dump"; # default
file = null; # default
interval = "daily";
type = "zip"; # default
};
extraConfig = null; # default
lfs = {
enable = false; # default
contentDir = "${config.services.gitea.stateDir}/data/lfs"; # default
};
mailerPasswordFile = null; # default
metricsTokenFile = null; # default
repositoryRoot = "${config.services.gitea.stateDir}/repositories"; # default
settings = {
log = {
LEVEL = "Info";
# LEVEL = "Error";
ROOT_PATH = "${config.services.gitea.stateDir}/log"; # default
};
i18n = {
LANGS = "en-US";
};
server = {
DISABLE_SSH = false; # default
SSH_PORT = 20022;
DOMAIN = "pw2.${domain}";
HTTP_ADDR = "http://${config.services.gitea.settings.server.DOMAIN}:${toString config.services.gitea.settings.server.HTTP_PORT}/";
HTTP_PORT = 3000; # default
PROTOCOL = "http"; # default
ROOT_URL = "https:pw2.${domain}/"; # default
STATIC_ROOT_PATH = "${config.services.gitea.stateDir}/static";
};
session = {
COOKIE_SECURE = true;
};
service = {
DISABLE_REGISTRATION = true;
};
};
};
}

228
system-modules/nx2site/proxy.nix
View File

@@ -1,35 +1,56 @@
{ config, pkgs, lib, user }: { config, pkgs, lib, domain, ... }:
lib.mkIf false
{ {
sops.secrets = { sops.secrets = {
"nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; }; "nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; };
"nx2site/sslCertificateKey.pem" = { owner = config.services.nginx.user; }; "nx2site/sslCertificateKey.pem" = { owner = config.services.nginx.user; };
"nx2site/dhparams.pem" = { owner = config.services.nginx.user; }; "nx2site/dhparams.pem" = { owner = config.services.nginx.user; };
}; };
services.nginx = { security.acme = {
acceptTerms = true;
defaults = {
email = "acme@${domain}";
webroot = "/var/nginx/webroot";
group = "nginx";
};
certs = {
"${domain}" = {
extraDomainNames = builtins.map (subd: "${subd}.${domain}") [ "git" "git2" "pw" "pw2" "sync" ];
};
};
};
users.users."nginx" = {
extraGroups = [ "nginx" "acme" ];
useDefaultShell = false;
linger = true;
home = "/var/nginx/";
homeMode = "770";
createHome = true;
isSystemUser = true;
isNormalUser = false;
};
systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
services.nginx = let
dl = [
{ addr = "0.0.0.0"; port = 443; ssl = true; }
{ addr = "0.0.0.0"; port = 80; ssl = false; }
{ addr = "[::0]"; port = 443; ssl = true; }
{ addr = "[::0]"; port = 80; ssl = false; }
];
in {
enable = true; enable = true;
user = "nginx";
group = "nginx";
additionalModules = []; additionalModules = [];
# appendConfig = ''''; # appendConfig = '''';
clientMaxBodySize = "20m"; clientMaxBodySize = "20m";
defaultHTTPListenPort = 80; defaultHTTPListenPort = 80;
defaultListenAddresses = [ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]"; defaultListenAddresses = [ "0.0.0.0" ] ++ lib.optional config.networking.enableIPv6 "[::0]";
defaultListen = [ { defaultListen = dl;
addr = "0.0.0.0";
ssl = true;
port = 443;
proxyProtocol = true;
}];
defaultMimeTypes = "${pkgs.mailcap}/etc/nginx/mime.types"; defaultMimeTypes = "${pkgs.mailcap}/etc/nginx/mime.types";
defaultSSLListenPort = 443; defaultSSLListenPort = 443;
enableQuicBPF = true; enableQuicBPF = true;
enableReload = true; enableReload = true;
# eventsConfig = '''';
# logError = ;
# mapHashBucketSize = ;
# mapHashMaxSize = ;
package = pkgs.nginxQuic; package = pkgs.nginxQuic;
# preStart = true;
proxyResolveWhileRunning = false; proxyResolveWhileRunning = false;
proxyTimeout = "20s"; proxyTimeout = "20s";
recommendedBrotliSettings = true; recommendedBrotliSettings = true;
@@ -39,142 +60,81 @@ lib.mkIf false
recommendedTlsSettings = true; recommendedTlsSettings = true;
recommendedZstdSettings = true; recommendedZstdSettings = true;
serverTokens = false; serverTokens = false;
# sslCiphers = true;
sslDhparam = config.sops.secrets."nx2site/dhparams.pem".path; sslDhparam = config.sops.secrets."nx2site/dhparams.pem".path;
sslProtocols = "TLSv1.2 TLSv1.3"; sslProtocols = "TLSv1.2 TLSv1.3";
statusPage = false; statusPage = false;
streamConfig = ""; # udp config streamConfig = ""; # udp config
validateConfigFile = true; validateConfigFile = true;
upstreams = {
"staticweb".servers = { "staticweb.docker:80" = {}; };
"matrix".servers = { "matrix.docker:80" = {}; };
"matrix-ss".servers = { "matrix-ss.docker:80" = {}; };
"pw".servers = { "pw.docker:80" = {}; };
"git".servers = { "git.docker:80" = {}; };
"nn".servers = { "nn.docker:80" = {}; };
"llm".servers = { "llm.docker:80" = {}; };
"share".servers = { "share.docker:80" = {}; };
"sync".servers = { "localhost:8384" = {}; };
};
virtualHosts = let virtualHosts = let
sslCertificate = config.sops.secrets."nx2site/sslCertificate.pem".path; vh = {
sslCertificateKey = config.sops.secrets."nx2site/sslCertificateKey.pem".path; kTLS = true;
kTLS = true; http2 = true; http3 = true; http3_hq = true; quic = true; http2 = true;
in http3 = true;
{ http3_hq = true;
"nx2.site" = { quic = true;
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; addSSL = true;
listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; enableACME = true;
};
in {
"${domain}" = vh // {
root = "/var/nginx/webroot";
default = true;
listen = dl;
locations = { locations = {
"/" = { "/" = {
proxyPass = "http://staticweb"; extraConfig = ''
# extraConfig = [ ''add_header Alt-Svc 'h3=":443"; ma=86400';'' ''add_header Cache-Control "public";'' ] ++ common-location-conf; index index.html;
}; if ($request_uri ~ ^/(.*)\.html(\?|$)) {
"/.well-known/matrix/client" = { return 301 /$1;
return = ''200 '{"m.homeserver": {"base_url": "https://matrix.nx2.site"}, "org.matrix.msc3575.proxy": {"url": "https://matrix-ss.nx2.site"}}' ''; }
extraConfig = [ "default_type application/json;" "add_header Access-Control-Allow-Origin *;" ]; try_files $uri $uri.html $uri/ /404.html =404;
}; '';
"/.well-known/matrix/server" = {
return = ''200 '{"m.server":"matrix.nx2.site:443"}' '';
extraConfig = [ "default_type application/json;" "add_header Access-Control-Allow-Origin *;" ];
};
"~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
proxyPass = "http://matrix-ss";
# extraConfig = [ ''proxy_set_header X-Forwarded-For $remote_addr;'' ''proxy_set_header X-Forwarded-Proto $scheme;'' ''proxy_set_header Host $host;'' ];
};
"~ ^(\/_matrix|\/_synapse\/client)" = {
return = ''200 '{"m.server":"matrix.nx2.site:443"}' '';
# extraConfig = [];
}; };
"~^(/ba)$" = { return = "301 /BA.pdf"; };
"/.well-known/matrix/client" = { return = "502"; };
"/.well-known/matrix/server" = { return = "502"; };
};
};
"matrix.${domain}" = {
listen = dl;
locations = { "~.*" = { return = "502"; }; };
};
"pw.${domain}" = vh // {
listen = dl;
locations = let d = "pw.docker:80"; in {
"/" = { proxyPass = "http://${d}"; };
"/admin" = { proxyPass = "http://${d}"; };
"/notifications/hub" = { proxyPass = "http://${d}"; };
"/notifications/hub/negotiate" = { proxyPass = "http://${d}"; };
}; };
}; };
"matrix.nx2.site" = { "pw2.${domain}" = vh // {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; listen = dl;
listen = [ locations = let d = "127.0.0.1:3000"; in {
{ addr = "0.0.0.0"; port = 443; ssl = true; } "/" = { proxyPass = "http://${d}"; };
{ addr = "0.0.0.0"; port = 8448; ssl = true; } "/admin" = { proxyPass = "http://${d}"; };
]; "/notifications/hub" = { proxyPass = "http://${d}"; };
locations = { "/notifications/hub/negotiate" = { proxyPass = "http://${d}"; };
"/" = {
proxyPass = "http://matrix";
# extraConfig = [ ''add_header Alt-Svc 'h3=":443"; ma=86400';'' ''add_header Cache-Control "public";'' ] ++ common-location-conf;
};
}; };
}; };
"matrix-ss.nx2.site" = { "sync.${domain}" = vh // {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; listen = dl;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; locations = { "/" = { proxyPass = "http://127.0.0.1:11434"; }; };
# "resolver 1.1.1.1;"
# "client_max_body_size 500M;"
# ];
locations = {
"/" = { proxyPass = "http://pw"; };
};
}; };
# "dev.nx2.site" = { "git.${domain}" = vh // {
# inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; listen = dl;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; locations = { "/" = { proxyPass = "http://git.docker:3000"; }; };
# locations = {
# "/" = {
# proxyPass = "http://dev";
# };
# };
# };
"pw.nx2.site" = {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ];
locations = {
"/" = { proxyPass = "http://pw"; };
"/admin" = { proxyPass = "http://pw"; };
"/notifications/hub" = { proxyPass = "http://pw"; };
"/notifications/hub/negotiate" = { proxyPass = "http://pw"; };
};
}; };
"share.nx2.site" = { "git2.${domain}" = vh // {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; listen = dl;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; locations = { "/" = { proxyPass = "http://127.0.0.1:8222"; }; };
locations = {
"/" = { proxyPass = "http://share"; # ''proxy_hide_header Content-Disposition;''
# ''proxy_set_header Content-Disposition $upstream_http_content_disposition;''
# ''proxy_set_header X-Real-IP $remote_addr;''
# ''proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;''
# ''proxy_set_header Host $http_host;''
# ];
};
"/socket.io" = {
proxyPass = "http://share/socket.io";
proxyWebsockets = true;
# extraConfig = [
# ''proxy_http_version 1.1;''
# ''proxy_set_header Upgrade $http_upgrade;''
# ''proxy_set_header Connection "upgrade";''
# ];
};
};
}; };
"sync.nx2.site" = { "~^(.*).${domain}$" = {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic; listen = dl;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ]; root = "/var/nginx/webroot";
locations = { locations = { "~.*" = { return = "301 https://${domain}/502.html"; }; };
"/" = { proxyPass = "http://sync"; };
};
};
"git.nx2.site" = {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ];
locations = {
"/" = { proxyPass = "http://git"; };
};
};
"~^(.*)\.nx2\.site$" = {
inherit sslCertificate sslCertificateKey kTLS http2 http3 http3_hq quic;
# listen = [ { addr = "0.0.0.0"; port = 443; ssl = true; } ];
root = "/home/nx2/nx2site/staticweb/xcontent/";
locations = {
"~.*" = { return = "502 /502.html"; };
};
}; };
}; };
}; };
} }

0
system-modules/nx2site/vaultwarden.nix Normal file
View File

83
system-modules/postgres.nix Normal file
View File

@@ -0,0 +1,83 @@
{ config, pkgs, lib, user, ... }:
{
services = {
postgresql = {
enable = true;
package = pkgs.postgresql_12;
dataDir = "/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}"; # default
# identMap = ''
# ${user} ${user} ${user}
# '';
enableJIT = false; # default
initdbArgs = []; # default
checkConfig = true; # default
enableTCPIP = false;
# # extraPlugins =
initialScript = null; # default
authentication = lib.mkForce ''
# TYPE DATABASE USER ADDRESS METHOD
local all all trust
host all all 127.0.0.1/32 trust #scram-sha-256
host all all ::1/128 trust #scram-sha-256
'';
# recoveryConfig = null;
ensureDatabases = [
"gitea"
# "vaultwarden"
];
settings = {
port = 5432; # default
listen_addresses = "localhost";
log_line_prefix = "[%p] "; # default
shared_preload_libraries = [ ]; # default
};
ensureUsers = [
# {
# name = "${user}";
# ensureDBOwnership = false;
# ensureClauses = {
# login = true;
# # inherit
# createdb = true;
# bypassrls = true;
# superuser = true;
# createrole = true;
# replication = true;
# };
# }
{
# as liong as there is no declarative user management you gotta set a pw by hand
# sudo -u postgres psql -c "ALTER USER gitea PASSWORD 'new-passwd';"
name = "gitea";
ensureDBOwnership = true;
}
];
};
# postgresqlBackup = {
# enable
# startAt
# location
# databases
# backupAll
# compression
# }
# postgresqlWalReceiver.receivers."main" = {
# postgresqlPackage = pkgs.postgresql_15;
# directory = /mnt/pg_wal/main/;
# slot = "main_wal_receiver";
# connection = "postgresql://user@somehost";
# compress
# extraArgs
# synchronous
# environment
# statusInterval
# };
# }
};
}

15
system-modules/syncthing.nix
View File

@@ -1,5 +1,10 @@
{ config, lib, user, host, secrets, ...}: {
let config,
lib,
user,
host,
secrets,
... }: let
# helper funcitons # helper funcitons
conv = _: device: with device; { "${name}" = {id = id;};}; conv = _: device: with device; { "${name}" = {id = id;};};
justname = devices: (builtins.map (device: device.name)) devices; justname = devices: (builtins.map (device: device.name)) devices;
@@ -24,15 +29,11 @@ let
daniel-dcim = { name = "daniel-dcim"; path = "/vault/Pictures/Daniel"; }; daniel-dcim = { name = "daniel-dcim"; path = "/vault/Pictures/Daniel"; };
tessa-dcim = { name = "tessa-dcim"; path = "/vault/Pictures/Tessa"; }; tessa-dcim = { name = "tessa-dcim"; path = "/vault/Pictures/Tessa"; };
}; };
in in {
lib.mkIf (user != "tv")
{
sops.secrets = { sops.secrets = {
"syncthing/${host}/cert.pem" = { owner = user; }; "syncthing/${host}/cert.pem" = { owner = user; };
"syncthing/${host}/key.pem" = { owner = user; }; "syncthing/${host}/key.pem" = { owner = user; };
}; };
services.syncthing = with (builtins.mapAttrs conv devices); { services.syncthing = with (builtins.mapAttrs conv devices); {
enable = true; enable = true;
user = "${user}"; user = "${user}";

25
system-modules/users.nix
View File

@@ -1,22 +1,31 @@
{ pkgs, lib, host, user, ... }: { pkgs, user, ... }:
{ {
users.defaultUserShell = pkgs.bash; # if interactive, itll switch to fish users.defaultUserShell = pkgs.bash; # if interactive, itll switch to fish
users.users."${user}" = { users.users."${user}" = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" "audio" "video" "docker" "libvirtd" "uinput" "input" "ydotool" ]; extraGroups = [
"networkmanager"
"wheel"
"audio"
"video"
"docker"
"libvirtd"
"uinput"
"input"
"ydotool"
"acme"
"nginx"
"adbusers"
"gitea"
"postgres"
];
useDefaultShell = true; useDefaultShell = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1RPCcS8DtIf75a2FEW4d8X6WTVeLlmretoLqppvZlJ" # From [A] GPG Sub Key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1RPCcS8DtIf75a2FEW4d8X6WTVeLlmretoLqppvZlJ" # From [A] GPG Sub Key
]; ];
}; };
users.users.tv = lib.mkIf (host == "NxACE") {
isNormalUser = true;
extraGroups = [ "networkmanager" "audio" "video" "uinput" ];
useDefaultShell = true;
};
programs = { programs = {
bash = { bash = {