nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: nx2:edbc5c0393e5604cd0a3b0450d249bdea873c06b
Branches Tags
nx2:master nx2:nod nx2:gitea nx2:north
...
compare: nx2:master
Branches Tags
nx2:master nx2:nod nx2:gitea nx2:north

101 Commits
edbc5c0393 ... master

Author SHA1 Message Date
Lennart J. Kurzweg (Nx2)
60fab5ff9a Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-05-26 19:20:24 +02:00
Lennart J. Kurzweg (Nx2)
1a662d9acf xps colors 2026-05-26 19:20:23 +02:00
Lennart J. Kurzweg (Nx2)
6b7f4459fc no headphone jack static 2026-05-26 19:19:58 +02:00
Lennart J. Kurzweg (Nx2)
7f1e43699b spotifi-cli rice fix 2026-05-26 19:19:41 +02:00
Lennart J. Kurzweg (Nx2)
1acf1773d9 xps hyprland shenanigans 2026-05-26 19:19:27 +02:00
Lennart J. Kurzweg (Nx2)
e97e9b62b0 chatterino channel update 2026-05-26 19:18:40 +02:00
Lennart J. Kurzweg (Nx2)
5211c953a3 gemini rice 2026-05-26 19:18:33 +02:00
Lennart J. Kurzweg (Nx2)
e054ee5be4 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-05-26 16:22:13 +02:00
Lennart J. Kurzweg (Nx2)
aefa5a48bb chatterino token 2026-05-26 16:21:14 +02:00
Lennart J. Kurzweg (Nx2)
be40aca44b Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-05-26 14:32:30 +02:00
Lennart J. Kurzweg (Nx2)
8228bd1f72 no simple sign up nextcloud (working?) 2026-05-26 14:32:15 +02:00
Lennart J. Kurzweg (Nx2)
63af2c4f4e stay up wifi daemon 2026-05-26 14:31:55 +02:00
Lennart J. Kurzweg (Nx2)
6a5863ee52 flake bump 2026-05-26 14:31:28 +02:00
Lennart J. Kurzweg (Nx2)
c28c40c972 rename emails 2026-05-26 14:31:22 +02:00
Lennart J. Kurzweg (Nx2)
e0bd80722c Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-05-26 12:46:24 +02:00
Lennart J. Kurzweg (Nx2)
6157666be9 spicetify 2026-05-26 12:46:05 +02:00
Lennart J. Kurzweg (Nx2)
07782f60d1 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-05-13 23:58:58 +02:00
Lennart J. Kurzweg (Nx2)
2fbf06da7a nextcloud mail 2026-05-13 23:58:51 +02:00
Lennart J. Kurzweg (Nx2)
47cc5c881c nmap 2026-05-13 23:57:45 +02:00
Lennart J. Kurzweg (Nx2)
f757727858 tuda vpn 2026-05-13 23:57:32 +02:00
Lennart J. Kurzweg (Nx2)
bf074967e5 tuda-vpn (not working?) 2026-05-13 16:08:13 +02:00
Lennart J. Kurzweg (Nx2)
674c83d3ae syntax fix 2026-05-13 16:08:02 +02:00
Lennart J. Kurzweg (Nx2)
ee46aca691 split email, contact, thunderbird 2026-05-12 18:22:42 +02:00
Lennart J. Kurzweg (Nx2)
fa89fe57b0 remove bcrypt 2026-05-10 19:37:00 +02:00
Lennart J. Kurzweg (Nx2)
f7306130ed fix firefox transparency 2026-05-04 14:57:50 +02:00
Lennart J. Kurzweg (Nx2)
dc3f30d94c Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-05-04 13:45:12 +02:00
Lennart J. Kurzweg (Nx2)
f7fb8121fd maddy conf 2026-05-04 13:45:11 +02:00
Lennart J. Kurzweg (Nx2)
f4ae5eae27 flake bump 2026-05-04 12:23:08 +02:00
Lennart J. Kurzweg (Nx2)
5fe9578d72 nx2s-email-relay hostname fix 2026-05-04 12:23:03 +02:00
Lennart J. Kurzweg (Nx2)
fc9122be42 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-05-04 03:30:45 +02:00
Lennart J. Kurzweg (Nx2)
6ab89d09b7 email smtp2go&google relay 2 2026-05-04 03:30:43 +02:00
Lennart J. Kurzweg (Nx2)
b32a79bdac email smtp2go&google relay 1 2026-05-04 03:30:01 +02:00
Lennart J. Kurzweg (Nx2)
fd5e639b17 fix yazi search 2026-05-03 22:13:34 +02:00
Lennart J. Kurzweg (Nx2)
419bd8fc12 enable nixos-cuda again 2026-05-03 15:20:33 +02:00
Lennart J. Kurzweg (Nx2)
1b18252813 caldav_event to nextcloud 2026-05-03 15:19:56 +02:00
Lennart J. Kurzweg (Nx2)
245fdbb60f Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-05-03 00:00:08 +02:00
Lennart J. Kurzweg (Nx2)
6ab13007de nextcloud 2026-05-03 00:00:07 +02:00
Lennart J. Kurzweg (Nx2)
789ed570cf update to nextcloud calendar 2026-05-02 23:59:30 +02:00
Lennart J. Kurzweg (Nx2)
901839dcd1 unstable streamlink 2026-05-02 23:58:40 +02:00
Lennart J. Kurzweg (Nx2)
ae9ae15f3a davfs 2026-05-02 23:58:31 +02:00
Lennart J. Kurzweg (Nx2)
b17f7d95b6 nixos-cuda 502 2026-05-02 23:58:21 +02:00
Lennart J. Kurzweg (Nx2)
b3a0e2914b dm matrix 2026-05-02 23:58:05 +02:00
Lennart J. Kurzweg (Nx2)
9ab9034a02 fix calendar username 2026-04-29 11:44:54 +02:00
Lennart J. Kurzweg (Nx2)
b2a322b269 yazi typo fix 2026-04-24 20:25:32 +02:00
Lennart J. Kurzweg (Nx2)
27d47179ef calendar fix 2026-04-24 20:23:12 +02:00
Lennart J. Kurzweg (Nx2)
ea1fd6a81f flake bump 2026-04-24 20:00:39 +02:00
Lennart J. Kurzweg (Nx2)
2ae3ec3b9b Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-04-24 19:58:47 +02:00
Lennart J. Kurzweg (Nx2)
9ccabedbb2 nxcaldav 2026-04-24 19:58:21 +02:00
Lennart J. Kurzweg (Nx2)
5cc13c9b9a shell only gemini-cli 2026-04-24 19:57:45 +02:00
Lennart J. Kurzweg (Nx2)
ea608bd665 gemini chrome 2026-04-24 19:56:37 +02:00
Lennart J. Kurzweg (Nx2)
e6fc668413 calendar to nxc 2026-04-24 19:56:23 +02:00
Lennart J. Kurzweg (Nx2)
12714021b6 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-04-22 08:38:34 +00:00
Lennart J. Kurzweg (Nx2)
23b1e6f8cc gemini in shell-only 2026-04-22 08:38:22 +00:00
Lennart J. Kurzweg (Nx2)
375d42d0ed Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-04-18 20:42:39 +02:00
Lennart J. Kurzweg (Nx2)
8e5da6e966 chatterino verison 2026-04-18 20:42:27 +02:00
Lennart J. Kurzweg (Nx2)
62d7d91dc0 sort fonts 2026-04-18 20:42:21 +02:00
Lennart J. Kurzweg (Nx2)
4a977f7076 flake bump 2026-04-18 20:42:06 +02:00
Lennart J. Kurzweg (Nx2)
3f7877d5b8 flake bump 2026-04-14 00:47:00 +02:00
Lennart J. Kurzweg (Nx2)
d7a1f55a34 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-04-13 22:44:57 +02:00
Lennart J. Kurzweg (Nx2)
a2f5e9828c no zoom 2026-04-13 22:44:33 +02:00
Lennart J. Kurzweg (Nx2)
fa98f9eb2e fixed now (tm) 2026-03-30 21:49:55 +02:00
Lennart J. Kurzweg (Nx2)
2ba41d37fb email fix 2026-03-30 18:02:24 +02:00
Lennart J. Kurzweg (Nx2)
ba1a5a5c10 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-03-30 15:00:18 +02:00
Lennart J. Kurzweg (Nx2)
ba1bce57c5 nx2site email 2026-03-30 14:56:45 +02:00
Lennart J. Kurzweg (Nx2)
4951ee898d xps displays 2026-03-30 14:56:38 +02:00
Lennart J. Kurzweg (Nx2)
2e02069629 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-03-23 14:29:31 +01:00
Lennart J. Kurzweg (Nx2)
9108c8689a flake bump 2026-03-23 14:29:27 +01:00
Lennart J. Kurzweg (Nx2)
b6853648d6 nxace no dm 2026-03-23 14:29:20 +01:00
Lennart J. Kurzweg (Nx2)
f77d0d2301 nxcaldav (manual for now) 2026-03-23 14:29:08 +01:00
Lennart J. Kurzweg (Nx2)
bfa820a82a gitea push create (still doesnt work) 2026-03-23 14:27:16 +01:00
Lennart J. Kurzweg (Nx2)
113931d088 o7 lr 2026-03-23 14:26:56 +01:00
Lennart J. Kurzweg (Nx2)
1651f7debf fontforge 2026-03-23 14:25:38 +01:00
Lennart J. Kurzweg (Nx2)
bc0d1eed79 unstable chatterino 2026-03-23 14:25:32 +01:00
Lennart J. Kurzweg (Nx2)
16ca72ff24 ly animation 2026-03-23 14:25:17 +01:00
Lennart J. Kurzweg (Nx2)
b977aea25f simple postgres 2026-03-23 14:24:03 +01:00
Lennart J. Kurzweg (Nx2)
8745f42f80 North Colors 2026-03-10 01:51:54 +01:00
Lennart J. Kurzweg (Nx2)
f3e4b617ff hyprland update (vaxerski hat lange weile) 2026-03-10 01:50:54 +01:00
Lennart J. Kurzweg (Nx2)
014a29a7e0 helix fixes 2026-03-10 01:49:51 +01:00
Lennart J. Kurzweg (Nx2)
1e2a0fd591 unstable gemnini 2026-03-10 01:49:19 +01:00
Lennart J. Kurzweg (Nx2)
5a24fc9fda Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-03-03 16:48:04 +01:00
Lennart J. Kurzweg (Nx2)
958b1d71ad flake bump 2026-03-03 16:47:57 +01:00
Lennart J. Kurzweg (Nx2)
fe70e6c1e3 hyprland resizing 2026-03-03 16:46:24 +01:00
Lennart J. Kurzweg (Nx2)
e7b4b5fc3a pdftk 2026-03-02 19:05:28 +01:00
Lennart J. Kurzweg (Nx2)
5fafc9e8a3 North colors 2026-02-27 19:03:51 +01:00
Lennart J. Kurzweg (Nx2)
78fb91c311 markdown toggle language tool 2026-02-27 19:02:57 +01:00
Lennart J. Kurzweg (Nx2)
bf67e7d396 update caldav 2026-02-27 19:02:29 +01:00
Lennart J. Kurzweg (Nx2)
89428b966b hyprland shaders keys 2026-02-27 19:02:22 +01:00
Lennart J. Kurzweg (Nx2)
809ce39ad3 NxNORTH tty res fix 2026-02-25 12:59:43 +01:00
Lennart J. Kurzweg (Nx2)
bcd04b836a yazi smart open 2026-02-25 12:59:33 +01:00
Lennart J. Kurzweg (Nx2)
1d23337ed1 typst with language tool 2026-02-25 12:59:15 +01:00
Lennart J. Kurzweg (Nx2)
70c8dfd953 helix use jumplist 2026-02-25 12:59:02 +01:00
Lennart J. Kurzweg (Nx2)
ce690c3cad notebooklm rice 2026-02-25 12:58:46 +01:00
Lennart J. Kurzweg (Nx2)
18719bdc2e Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-02-23 18:41:46 +01:00
Lennart J. Kurzweg (Nx2)
68a6a18fcf xps colors 2026-02-23 18:41:35 +01:00
Lennart J. Kurzweg (Nx2)
7c6907f077 fix hypr gestures 2026-02-23 18:41:30 +01:00
Lennart J. Kurzweg (Nx2)
db6dc48ebf switch to ly 2026-02-23 18:40:55 +01:00
Lennart J. Kurzweg (Nx2)
ae6b0e483f tuda vpn 2026-02-23 18:40:35 +01:00
Lennart J. Kurzweg (Nx2)
f54754c792 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-02-10 08:47:43 +00:00
Lennart J. Kurzweg (Nx2)
30a3308b6b rename flg to nxflg 2026-02-10 08:46:48 +00:00
Lennart J. Kurzweg (Nx2)
39c03c6c62 Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2026-02-06 13:26:33 +01:00
Lennart J. Kurzweg (Nx2)
ee28eadb3b fix typo 2026-02-06 13:26:31 +01:00
45 changed files with 1535 additions and 448 deletions
Expand all files Collapse all files

15
configuration.nix
View File

@@ -9,6 +9,7 @@
./system-modules/cache.nix
./system-modules/calendar.nix
./system-modules/dm.nix
./system-modules/davfs.nix
./system-modules/docker.nix
./system-modules/fcitx5.nix
./system-modules/fonts.nix
@@ -42,13 +43,24 @@
./system-modules/users.nix
./system-modules/virtualisation.nix
./system-modules/ydotool.nix
./system-modules/simple-postgres.nix
] ++ (if hyper.isServer then [
./system-modules/stay-up.nix
./system-modules/nx2site.nix
./system-modules/hugo.nix
./system-modules/postgres.nix
./system-modules/nx2site/proxy.nix
# ./system-modules/nx2site/smtp.nix
# ./system-modules/nx2site/imap.nix
# ./system-modules/nx2site/vmail.nix
./system-modules/nx2site/maddy.nix
./system-modules/nx2site/audiobookshelf.nix
# ./system-modules/nx2site/baikal.nix
./system-modules/nx2site/nextcloud.nix
./system-modules/nx2site/nxcaldav.nix
./system-modules/nx2site/copyparty.nix
./system-modules/nx2site/gitea.nix
./system-modules/nx2site/open-web-calendar.nix
@@ -57,8 +69,7 @@
./system-modules/nx2site/paperless.nix
./system-modules/calendar/publish.nix
./system-modules/calendar/lec.nix
./system-modules/calendar/lr.nix
./system-modules/calendar/dicos.nix
# ./system-modules/calendar/lr.nix
] else [ ]);
environment.systemPackages = import ./system-modules/base-packages.nix pkgs;

28
flake-modules/colors.json
View File

@@ -1,15 +1,15 @@
{
"NxXPS": {
"base": {
"foreground": "#fecccc",
"background": "#190000"
"foreground": "#fccee9",
"background": "#18010e"
},
"to_alter": {
"accent": "#ff3232",
"secondary": "#ff3232",
"tertiary": "#ff3232",
"special": "#31feff",
"weird": "#baff31"
"accent": "#f43da7",
"secondary": "#3269ff",
"tertiary": "#d744ed",
"special": "#3cf48a",
"weird": "#f4c63c"
}
},
"NxACE": {
@@ -27,15 +27,15 @@
},
"NxNORTH": {
"base": {
"foreground": "#e7ccfe",
"background": "#0d0019"
"foreground": "#dbe7ef",
"background": "#070d11"
},
"to_alter": {
"accent": "#9f35fc",
"secondary": "#324cff",
"tertiary": "#4a62e7",
"special": "#91fc34",
"weird": "#fc344f"
"accent": "#72a2bf",
"secondary": "#fc3535",
"tertiary": "#83ae8a",
"special": "#bf8f71",
"weird": "#a871bf"
}
},
"NxDCS": {

152
flake.lock generated
View File

@@ -20,11 +20,11 @@
]
},
"locked": {
"lastModified": 1769428758,
"narHash": "sha256-0G/GzF7lkWs/yl82bXuisSqPn6sf8YGTnbEdFOXvOfU=",
"lastModified": 1778857089,
"narHash": "sha256-TclWRW2SdFeETLaiTG4BA8C8C4m/LppQEldncqyTzAQ=",
"owner": "hyprwm",
"repo": "aquamarine",
"rev": "def5e74c97370f15949a67c62e61f1459fcb0e15",
"rev": "ab2b0af63fbc9fb779d684f19149b790978be8a8",
"type": "github"
},
"original": {
@@ -39,11 +39,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1769889994,
"narHash": "sha256-uEn3WcpPHe3sMJMgIJ0XW3f4/+TRzZpNgv4vu5/gjmA=",
"lastModified": 1779740183,
"narHash": "sha256-WgZFCa8mutaHzVVdS9QedtDWpVKsOGtqou8LNqHwvn4=",
"owner": "9001",
"repo": "copyparty",
"rev": "9b436eb52e5cfe7a0a8e59dd9f1a37351f3a2abd",
"rev": "e32718303cd7560f60d3e0ddd473a8a69d7dfa81",
"type": "github"
},
"original": {
@@ -220,11 +220,11 @@
]
},
"locked": {
"lastModified": 1769580047,
"narHash": "sha256-tNqCP/+2+peAXXQ2V8RwsBkenlfWMERb+Uy6xmevyhM=",
"lastModified": 1779506708,
"narHash": "sha256-QOD/CNm196nCJRheux/URi4/HE66fthdOMqCJoPP1Y0=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "366d78c2856de6ab3411c15c1cb4fb4c2bf5c826",
"rev": "3ee51fbdac8c8bdfe1e7e1fcaba6520a563f394f",
"type": "github"
},
"original": {
@@ -271,11 +271,11 @@
]
},
"locked": {
"lastModified": 1753964049,
"narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=",
"lastModified": 1776511930,
"narHash": "sha256-fCpwFiTW0rT7oKJqr3cqHMnkwypSwQKpbtUEtxdkgrM=",
"owner": "hyprwm",
"repo": "hyprcursor",
"rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5",
"rev": "39435900785d0c560c6ae8777d29f28617d031ef",
"type": "github"
},
"original": {
@@ -300,11 +300,11 @@
]
},
"locked": {
"lastModified": 1769284023,
"narHash": "sha256-xG34vwYJ79rA2wVC8KFuM8r36urJTG6/csXx7LiiSYU=",
"lastModified": 1776426399,
"narHash": "sha256-RUESLKNikIeEq9ymGJ6nmcDXiSFQpUW1IhJ245nL3xM=",
"owner": "hyprwm",
"repo": "hyprgraphics",
"rev": "13c536659d46893596412d180449353a900a1d31",
"rev": "68d064434787cf1ed4a2fe257c03c5f52f33cf84",
"type": "github"
},
"original": {
@@ -330,11 +330,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1769965155,
"narHash": "sha256-SNj94JmMJ0duRNaZqThIky1bVcT3EJqwGFvYN7ZI+g0=",
"lastModified": 1779729308,
"narHash": "sha256-tMt7oeAahwHGDgSIf5XKZoUXenOvlxjI0KBPku97tzM=",
"ref": "refs/heads/main",
"rev": "a0ec2e4daf8e508761f6bc53fc163fbb92ac7aa1",
"revCount": 6857,
"rev": "bb3353f864be97e9236cfafca68ce71d7cf590dc",
"revCount": 7364,
"submodules": true,
"type": "git",
"url": "https://github.com/hyprwm/Hyprland"
@@ -378,11 +378,11 @@
]
},
"locked": {
"lastModified": 1767023960,
"narHash": "sha256-R2HgtVS1G3KSIKAQ77aOZ+Q0HituOmPgXW9nBNkpp3Q=",
"lastModified": 1776426575,
"narHash": "sha256-KI6nIfVihn/DPaeB5Et46Xg3dkNHrrEtUd5LBBVomB0=",
"owner": "hyprwm",
"repo": "hyprland-guiutils",
"rev": "c2e906261142f5dd1ee0bfc44abba23e2754c660",
"rev": "a968d211048e3ed538e47b84cb3649299578f19d",
"type": "github"
},
"original": {
@@ -403,11 +403,11 @@
]
},
"locked": {
"lastModified": 1765214753,
"narHash": "sha256-P9zdGXOzToJJgu5sVjv7oeOGPIIwrd9hAUAP3PsmBBs=",
"lastModified": 1772460177,
"narHash": "sha256-/6G/MsPvtn7bc4Y32pserBT/Z4SUUdBd4XYJpOEKVR4=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "3f3860b869014c00e8b9e0528c7b4ddc335c21ab",
"rev": "1cb6db5fd6bb8aee419f4457402fa18293ace917",
"type": "github"
},
"original": {
@@ -432,11 +432,11 @@
]
},
"locked": {
"lastModified": 1767983607,
"narHash": "sha256-8C2co8NYfR4oMOUEsPROOJ9JHrv9/ktbJJ6X1WsTbXc=",
"lastModified": 1777320127,
"narHash": "sha256-Qu+Wf2Bp5qUjyn2YpZNq8a7JyzTGowhT1knrwE38a9U=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "d4037379e6057246b408bbcf796cf3e9838af5b2",
"rev": "090117506ddc3d7f26e650ff344d378c2ec329cc",
"type": "github"
},
"original": {
@@ -484,11 +484,11 @@
]
},
"locked": {
"lastModified": 1764592794,
"narHash": "sha256-7CcO+wbTJ1L1NBQHierHzheQGPWwkIQug/w+fhTAVuU=",
"lastModified": 1772462885,
"narHash": "sha256-5pHXrQK9zasMnIo6yME6EOXmWGFMSnCITcfKshhKJ9I=",
"owner": "hyprwm",
"repo": "hyprtoolkit",
"rev": "5cfe0743f0e608e1462972303778d8a0859ee63e",
"rev": "9af245a69fa6b286b88ddfc340afd288e00a6998",
"type": "github"
},
"original": {
@@ -509,11 +509,11 @@
]
},
"locked": {
"lastModified": 1766253372,
"narHash": "sha256-1+p4Kw8HdtMoFSmJtfdwjxM4bPxDK9yg27SlvUMpzWA=",
"lastModified": 1779475241,
"narHash": "sha256-Nw4DN0A5krWNcPBvuWe5Gz2yuxsUUPiDgtu6SVPJQeU=",
"owner": "hyprwm",
"repo": "hyprutils",
"rev": "51a4f93ce8572e7b12b7284eb9e6e8ebf16b4be9",
"rev": "3cd3972b2ee658a14d2610d8494e09259e530124",
"type": "github"
},
"original": {
@@ -534,11 +534,11 @@
]
},
"locked": {
"lastModified": 1763640274,
"narHash": "sha256-Uan1Nl9i4TF/kyFoHnTq1bd/rsWh4GAK/9/jDqLbY5A=",
"lastModified": 1777159683,
"narHash": "sha256-Jxixw6wZphUp+nHYxOKUYSckL17QMBx2d5Zp0rJHr1g=",
"owner": "hyprwm",
"repo": "hyprwayland-scanner",
"rev": "f6cf414ca0e16a4d30198fd670ec86df3c89f671",
"rev": "b8632713a6beaf28b56f2a7b0ab2fb7088dbb404",
"type": "github"
},
"original": {
@@ -563,11 +563,11 @@
]
},
"locked": {
"lastModified": 1769202094,
"narHash": "sha256-gdJr/vWWLRW85ucatSjoBULPB2dqBJd/53CZmQ9t91Q=",
"lastModified": 1778410714,
"narHash": "sha256-o6RzFj4nJXaPRY7EM01siuCQeT41RfwwmcmFQqwFJJg=",
"owner": "hyprwm",
"repo": "hyprwire",
"rev": "a45ca05050d22629b3c7969a926d37870d7dd75c",
"rev": "85148a8e612808cf5ddb25d0b3c5840f3498a7dc",
"type": "github"
},
"original": {
@@ -657,11 +657,11 @@
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1769217863,
"narHash": "sha256-RY9kJDXD6+2Td/59LkZ0PFSereCXHdBX9wIkbYjRKCY=",
"lastModified": 1777732699,
"narHash": "sha256-2uX/XtOWZ/oy2rerRynVhqVA//ZXZ3Fo60PikLHEPQc=",
"owner": "nix-community",
"repo": "NixOS-WSL",
"rev": "38a5250e57f583662eac3b944830e4b9e169e965",
"rev": "5482f113fd31ebac131d1ebeb2ae90bf0d5e41f5",
"type": "github"
},
"original": {
@@ -720,11 +720,11 @@
},
"nixpkgs-latest": {
"locked": {
"lastModified": 1769978241,
"narHash": "sha256-VSbH5Ot7yuZxy/LOvbLo52+i2xnDl01tmMqfjTQM07I=",
"lastModified": 1779791687,
"narHash": "sha256-ynEmhfOI9cWkI8AUiFimNWutJ+RNibt1Ge4azZVbTQ8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "149597f1631fffdeb1ff8fe3b6822615821ee562",
"rev": "8d10ccfc5381d4129e7730b5bfbe67709f06777e",
"type": "github"
},
"original": {
@@ -752,11 +752,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1769789167,
"narHash": "sha256-kKB3bqYJU5nzYeIROI82Ef9VtTbu4uA3YydSk/Bioa8=",
"lastModified": 1779560665,
"narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "62c8382960464ceb98ea593cb8321a2cf8f9e3e5",
"rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786",
"type": "github"
},
"original": {
@@ -783,11 +783,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1769461804,
"narHash": "sha256-msG8SU5WsBUfVVa/9RPLaymvi5bI8edTavbIq3vRlhI=",
"lastModified": 1779357205,
"narHash": "sha256-cCO8aTqss5x9Ky8GWkpY0Hy5fyTZEbtifSUV8QjSzic=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bfc1b8a4574108ceef22f02bafcf6611380c100d",
"rev": "f83fc3c307e74bc5fd5adb7eb6b8b13ffd2a36e1",
"type": "github"
},
"original": {
@@ -815,11 +815,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1768564909,
"narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=",
"lastModified": 1776169885,
"narHash": "sha256-l/iNYDZ4bGOAFQY2q8y5OAfBBtrDAaPuRQqWaFHVRXM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f",
"rev": "4bd9165a9165d7b5e33ae57f3eecbcb28fb231c9",
"type": "github"
},
"original": {
@@ -831,11 +831,11 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1769900590,
"narHash": "sha256-I7Lmgj3owOTBGuauy9FL6qdpeK2umDoe07lM4V+PnyA=",
"lastModified": 1779467186,
"narHash": "sha256-nOesoDCiXcUftqbRBMz9tt4blI5PvljMWbm3kuCA+0s=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "41e216c0ca66c83b12ab7a98cc326b5db01db646",
"rev": "b77b3de8775677f84492abe84635f87b0e153f0f",
"type": "github"
},
"original": {
@@ -846,11 +846,11 @@
},
"nixpkgs_6": {
"locked": {
"lastModified": 1768875095,
"narHash": "sha256-dYP3DjiL7oIiiq3H65tGIXXIT1Waiadmv93JS0sS+8A=",
"lastModified": 1776329215,
"narHash": "sha256-a8BYi3mzoJ/AcJP8UldOx8emoPRLeWqALZWu4ZvjPXw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ed142ab1b3a092c4d149245d0c4126a5d7ea00b0",
"rev": "b86751bc4085f48661017fa226dee99fab6c651b",
"type": "github"
},
"original": {
@@ -924,11 +924,11 @@
]
},
"locked": {
"lastModified": 1769069492,
"narHash": "sha256-Efs3VUPelRduf3PpfPP2ovEB4CXT7vHf8W+xc49RL/U=",
"lastModified": 1778507602,
"narHash": "sha256-kTwur1wV+01SdqskVMSo6JMEpg71ps3HpbFY2GsflKs=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "a1ef738813b15cf8ec759bdff5761b027e3e1d23",
"rev": "61ab0e80d9c7ab14c256b5b453d8b3fb0189ba0a",
"type": "github"
},
"original": {
@@ -1010,11 +1010,11 @@
]
},
"locked": {
"lastModified": 1769091129,
"narHash": "sha256-Jj/vIHjiu4OdDIrDXZ3xOPCJrMZZKzhE2UIVXV/NYzY=",
"lastModified": 1776741231,
"narHash": "sha256-k9G98qzn+7npROUaks8VqCFm7cFtEG8ulQLBBo5lItg=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "131e22d6a6d54ab72aeef6a5a661ab7005b4c596",
"rev": "02061303f7c4c964f7b4584dabd9e985b4cd442b",
"type": "github"
},
"original": {
@@ -1046,11 +1046,11 @@
]
},
"locked": {
"lastModified": 1769921679,
"narHash": "sha256-twBMKGQvaztZQxFxbZnkg7y/50BW9yjtCBWwdjtOZew=",
"lastModified": 1777944972,
"narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "1e89149dcfc229e7e2ae24a8030f124a31e4f24f",
"rev": "c591bf665727040c6cc5cb409079acb22dcce33c",
"type": "github"
},
"original": {
@@ -1117,11 +1117,11 @@
]
},
"locked": {
"lastModified": 1761431178,
"narHash": "sha256-xzjC1CV3+wpUQKNF+GnadnkeGUCJX+vgaWIZsnz9tzI=",
"lastModified": 1778265244,
"narHash": "sha256-8jlPtGSsv/CQY6tVVyLF4Jjd0gnS+Zbn9yk/V13A9nM=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "4b8801228ff958d028f588f0c2b911dbf32297f9",
"rev": "813ea5ca9a1702a9a2d1f5836bc00172ef698968",
"type": "github"
},
"original": {
@@ -1137,11 +1137,11 @@
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1769971982,
"narHash": "sha256-dc8lG9CxtrIk+tOsQx8TJKULQBG27Hoio4O4M/6CxFM=",
"lastModified": 1779676204,
"narHash": "sha256-/DLVKPqrU3WuY99jrHjYuIR0yGl98mGS6izK5rC1gZM=",
"owner": "sxyazi",
"repo": "yazi",
"rev": "6757fed5aa82bfdcd5ecd52e8f374dc286220cc0",
"rev": "cf8b54179ea0de392629d93081afca9e5587225e",
"type": "github"
},
"original": {

2
flake.nix
View File

@@ -36,7 +36,7 @@
nixosConfigurations = let
make-nixos-system = host: let
hyper = get-hyper host;
rice = get-rice hyeper;
rice = get-rice hyper;
in nixpkgs.lib.nixosSystem {
pkgs = get-pkgs hyper;
modules = [ ./configuration.nix ];

BIN
git-crypt/secrets.nix
View File

Binary file not shown.

26
home-modules/bar/caldav-event.nix
View File

@@ -1,16 +1,17 @@
{ pkgs, ... }@all: with all; {
{ pkgs, ... }@all: with all; let
username = "lennart";
in {
sops.secrets = {
"nx2site/radicale/password" = { };
"nx2site/nextcloud/lennart_pass" = { };
};
home.packages = [
(pkgs.writers.writePython3Bin "caldav_event" {
libraries = with pkgs.python3Packages; [ caldav ics pytz ];
flakeIgnore = [ "E302" "E305" "E501" "E261" ];
} /* python */ ''
import os
import json
from caldav import DAVClient
from datetime import datetime, timezone
from datetime import datetime, timezone, timedelta
from ics import Calendar
from pytz import UTC
@@ -33,13 +34,15 @@ def datetime_parser(dct):
return dct
def load_cache(cache_file):
if os.path.exists(cache_file):
try:
with open(cache_file, "r") as file:
return json.load(file, object_hook=datetime_parser)
except (json.JSONDecodeError, FileNotFoundError):
return None
def save_cache(cache_file, data):
with open(cache_file, "w") as file:
data['last_checked'] = datetime.now(timezone.utc)
json.dump(data, file, default=datetime_converter, indent=4)
@@ -83,17 +86,22 @@ def is_expired(event_dict: dict):
event_end = event_dict['event_end'].timestamp()
return not (now <= event_end)
def is_too_old(event_dict: dict) -> bool:
last_checked = event_dict['last_checked']
now = datetime.now(timezone.utc)
return now - last_checked >= timedelta(minutes=10)
if __name__ == "__main__":
password_file = "${config.sops.secrets."nx2site/radicale/password".path}" # Path to password file
password_file = "${config.sops.secrets."nx2site/nextcloud/lennart_pass".path}" # Path to password file
cache_file = "/tmp/caldav_event_cache.json" # Path to cache file
url = "https://dav.${hyper.domain}/"
username = "nx2"
url = "https://n.${hyper.domain}/remote.php/dav/calendars/${username}/"
username = "${username}"
password = get_password(password_file)
now = datetime.now(timezone.utc).timestamp()
event_dict = load_cache(cache_file)
if (event_dict is None) or (is_expired(event_dict)):
if (event_dict is None) or is_expired(event_dict) or is_too_old(event_dict):
event_dict = get_ongoing_or_next_event(url, username, password)
save_cache(cache_file, event_dict)

39
home-modules/calendar.nix
View File

@@ -1,31 +1,44 @@
{ pkgs, ... }@all: with all; let
calendars = with hyper; [
v = "nxc";
user = "lennart";
domain = hyper.domain;
calendars = let
bs = "https://n.${domain}/remote.php/dav/calendars/lennart";
in [
{
name = "Preservation";
primary = true;
url = "https://dav.${domain}/${user}/preservation/";
url = "${bs}/preservation/";
color = "#dddddd";
}
{
name = "Effort";
url = "https://dav.${domain}/${user}/effort/";
url = "${bs}/effort/";
color = "#dd2222";
}
{
name = "Experience";
url = "https://dav.${domain}/${user}/experience/";
url = "${bs}/experience/";
color = "#2222dd";
}
{
name = "Exposure";
url = "https://dav.${domain}/${user}/exposure/";
name = "Leisure";
# name = "Exposure";
url = "${bs}/leisure/";
# url = "https://${v}.${domain}/${user}/exposure/";
color = "#22aa22";
}
{
name = "Engagement";
url = "https://dav.${domain}/${user}/engagement/";
color = "#8800CC";
}
# {
# name = "Engagement";
# url = "https://${v}.${domain}/${user}/engagement/";
# color = "#8800CC";
# }
# {
# {
# name = "Family";
# url = "${bs}/family/";
# color = "#dddd22";
# }
{
name = "Sleep as Android";
url = secrets.calendar.sleep-as-android-url;
@@ -68,7 +81,7 @@ in {
inherit primary;
remote = {
inherit url name;
userName = hyper.user; # my globally set username
userName = user;
};
};
in lib.attrsets.mergeAttrsList (
@@ -88,7 +101,7 @@ in {
"calendar.registry.${to_safe_name calendar.name}.name" = name;
"calendar.registry.${to_safe_name calendar.name}.type" = type;
"calendar.registry.${to_safe_name calendar.name}.uri" = url;
"calendar.registry.${to_safe_name calendar.name}.username" = hyper.user;
"calendar.registry.${to_safe_name calendar.name}.username" = user;
"calendar.registry.${to_safe_name calendar.name}.readOnly" = read-only;
}) calendars
) // {

31
home-modules/chatterino.nix
View File

@@ -2,33 +2,34 @@
let
channels = [
"Caedrel"
"Caedrel247"
# "agurin"
# "asmongold"
# "Caedrel"
# "EintrachtSpandau"
# "GamesDoneQuick"
# "Odoamne"
"iwdominate"
# "iwdominate"
# "imls"
"gdolphn"
# "gdolphn"
"GRONKH"
"handofblood"
"HisWattson"
# "handofblood"
# "HisWattson"
# "Jankos"
# "KuruHS"
"LEC"
"lol_nemesis"
# "NASA"
"nattynattlol"
"NoWay4u_Sir"
# "nattynattlol"
# "NoWay4u_Sir"
# "OfficialMikeShinoda"
"Rekkles"
# "Rekkles"
"riotgames"
"thebausffs"
"ThePrimeagen"
"Tolkin"
"imperialhal__"
"velja_lol"
# "thebausffs"
# "ThePrimeagen"
# "Tolkin"
# "imperialhal__"
# "velja_lol"
# "Xisuma"
"zackrawrr"
];
@@ -51,8 +52,8 @@ in {
home = {
packages = with pkgs; [
chatterino2
streamlink
unstable.chatterino2
unstable.streamlink
# mpv
];
file = {
@@ -192,7 +193,7 @@ in {
},
"misc": {
"askOnTabVisibilityToggle": false,
"currentVersion": "2.5.4",
"currentVersion": "2.5.5",
"lockNotebookLayout": false
},
"similarity": {

28
home-modules/contact.nix Normal file
View File

@@ -0,0 +1,28 @@
{ pkgs, ... }@all: with all; lib.mkIf (hyper.isPersonal) {
# sops.secrets."nx2site/nextcloud/lennart_pass".path = "nx2site/nextcloud/lennart_pass";
# accounts.contact = {
# basePath = "~/.local/share/contacts";
# accounts = let
# nc = name: { "${name}" = let
# un = "lennart";
# in {
# inherit name;
# remote = {
# url = "https://n.${hyper.domain}/remote.php/dav/addressbooks/users/${un}/${name}/";
# type = "carddav";
# username = un;
# passwordCommand = "cat /run/user/1000/secrets/nx2site/nextcloud/lennart_pass";
# thunderbird = {
# enable = builtins.trace config.programs.thunderbird.enable config.programs.thunderbird.enable;
# prifiles = [ hyper.user ];
# };
# };
# local = {
# type = "filesystem";
# path = "${name}";
# };
# };};
# in (pkgs.lib.mergeAttrsList (builtins.map nc [ "TUDa" "CWG" "HSMW" "DICOS" "Accounts" "Familie & Freunde" "Friedrich Schiller Grundschule" "Handball" "Phönix" "Util & Miscellaneous" ]));
# };
# };
}

128
home-modules/email.nix
View File

@@ -1,100 +1,12 @@
{ pkgs, ... }@all: with all; lib.mkIf (hyper.isPersonal) {
home.packages = with pkgs; [
thunderbird
];
programs.thunderbird = let
inherit (lib.generators) toJSON;
extensions = toJSON {} {
"addon@darkreader.org" = "71d6c69d-55f9-4c56-888c-abdcf6efd73d";
};
in {
enable = true;
profiles = {
"${hyper.user}" = {
isDefault = true;
settings = with rice.color; {
"calendar.alarms.showmissed" = false;
"calendar.alarms.playsound" = false;
"calendar.alarms.show" = false;
"extensions.webextensions.uuids" = extensions;
"mail.startup.enabledMailCheckOnce" = true;
"mailnews.mark_message_read.delay" = true;
"mailnews.mark_message_read.delay.interval" = 3;
"mailnews.tags.$label1.color" = red.base;
"mailnews.tags.$label1.tag" = "Important";
"mailnews.tags.$label2.color" = yellow.base;
"mailnews.tags.$label2.tag" = "Work";
"mailnews.tags.$label3.color" = green.base;
"mailnews.tags.$label3.tag" = "Personal";
"mailnews.tags.$label4.color" = cyan.base;
"mailnews.tags.$label4.tag" = "To Do";
"mailnews.tags.$label5.color" = blue.base;
"mailnews.tags.$label5.tag" = "Later";
"mailnews.headers.showMessageId" = true;
"mailnews.headers.showOrganization" = true;
"mailnews.headers.showReferences" = true;
"mailnews.headers.showSender" = true;
"mailnews.headers.showUserAgent" = true;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
};
userChrome = with rice.color; /* css */ ''
body,
#navigation-toolbox,
#calendarContent,
#calSidebar,
#tabpanelcontainer,
#spacesToolbar,
#tabs-toolbar,
#calMinimonth,
#primaryButtonSidePanel *,
.minimonth-week,
.multiday-header-corner, .day-column-heading, calendar-header-container, calendar-event-column, .multiday-hour-box,
#view-box,
#tabs-toolbar,
#status-bar,
.calview-toggle,
#calview-toggle-item,
#folderPaneHeaderBar,
#folderPane,
#threadPaneHeaderBar,
#threadTree,
#tabs-toolbar {
color: ${foreground} !important;
font-family: ${rice.font.base.name} !important;
background-color: transparent !important;
background-image: none !important;
border: none !important;
-moz-appearance: none !important;
}
.minimonth-nav-section {
background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency}) !important;
border: ${builtins.toString rice.border-width}px solid ${border};
}
.button,
.button-primary,
.tab-content[selected] {
background-color: ${accent.base};
color: ${background};
background-image: none;
}
html {
background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency}) !important;
}
'';
};
};
};
accounts.email.accounts = let
OAuth2Settings = id: {
"mail.smtpserver.smtp_${id}.authMethod" = 10;
"mail.server.server_${id}.authMethod" = 10;
};
in {
gmail-online = {
address = secrets.email.gmail-online.mail;
gmail-online-accounts = {
address = secrets.email.gmail-online-accounts.mail;
realName = "Lennart J. Kurzweg";
flavor = "gmail.com";
primary = true;
@@ -115,8 +27,8 @@
};
};
gmail-business = {
address = secrets.email.gmail-business.mail;
gmail-ljk = {
address = secrets.email.gmail-ljk.mail;
realName = "Lennart J. Kurzweg";
flavor = "gmail.com";
signature = {
@@ -179,10 +91,38 @@
thunderbird = {
enable = true;
profiles = [ "nx2" ];
settings = id: {
"mail.server.server_${id}.fcc_folder" = "imap://${un}%40hs-mittweida.de@xc.hs-mittweida.de/Sent";
settings = id: { };
};
};
nx2site = {
address = "lennart@${hyper.domain}";
userName = "lennart@${hyper.domain}";
realName = "Lennart J. Kurzweg";
imap = {
port = 993;
host = "ssh.${hyper.domain}";
tls.enable = true;
};
smtp = {
port = 465;
host = "mail-eu.smtp2go.com";
tls.enable = true;
# port = 587;
# host = "mail.${hyper.domain}";
# tls.useStartTls = true;
};
signature = {
text = ''
About Me: https://nx2.site/about-me
Contact: https://nx2.site/contact
GPG: https://nx2.site/gpg
'';
showSignature = "append";
};
thunderbird = {
enable = true;
profiles = [ "nx2" ];
};
};
};
}

2
home-modules/figlet.nix
View File

@@ -3,7 +3,7 @@
home = {
packages = with pkgs; [
figlet
(pkgs.writeShellScriptBin "fgl" ''
(pkgs.writeShellScriptBin "nxfgl" ''
figlet -f ${hyper.home}/.local/share/figlet/nx2.flf -w 9999
'')
];

16
home-modules/firefox/userChrome.nix
View File

@@ -63,8 +63,22 @@ in /* css */ ''
--newtab-background-card : ${accent.dark} !important;
--tabpanel-background-color : transparent !important;
background : linear-gradient(180deg,rgba(${f secondary.dark}, ${builtins.toString rice.transparency}) 0%, rgba(${f accent.dark}, ${builtins.toString rice.transparency}) 100%) !important;
background : transparent !important;
}
body {
background-color: unset !important;
background-color: transparent !important;
background-image: linear-gradient(0deg,rgba(${f accent.dark}, ${builtins.toString rice.transparency}) 0%, rgba(${f secondary.dark}, ${builtins.toString rice.transparency}) 100%) !important;
background-size: 100% 150% !important;
background-position: 0% 0% !important;
will-change: background-position;
transition: background-position 300ms !important;
&:-moz-window-inactive {
background-position: 0% 50% !important;
background-color: transparent !important;
}
}
.tabbrowser-tab[selected="true"], .tab-text[selected=""],
.tab-close-button[selected=""] {
color: ${background} !important;

44
home-modules/firefox/userContent.nix
View File

@@ -20,7 +20,7 @@ in /* css */ ''
/* new-tab */
@-moz-document url-prefix(about:home), url-prefix(about:newtab) {
:root{
:root {
--newtab-background-color-secondary: rgba(${f background},0.5) !important;
}
body, html {
@@ -31,6 +31,29 @@ in /* css */ ''
}
}
@-moz-document url-prefix("https://n.nx2.site/") {
:root, [data-theme-dark] {
--color-main-background: #00000055;
--color-main-background-rgb: 0,0,0;
--color-primary-element-light: #550000;
}
.app-navigation, .app-content {
background: rgba(0,0,0,0.8) !important;
backdrop-filter: blur(5px) !important;
}
.files-list__row-head, .files-list__tfoot {
background: rgba(0,0,0,0.5) !important;
}
.fc-day-today {
background: #ff000055 !important;
}
.files-list__thead {
background: transparent !important;
}
}
@-moz-document domain(reddit.com) {
header {
background-color: rgba(${f background},${builtins.toString rice.transparency}) !important;
@@ -80,6 +103,14 @@ in /* css */ ''
}
}
@-moz-document domain(gemini.google.com) {
input-container, input-container::before {
background: transparent !important;
}
bard-sidenav {
background: rgba(${rice.lib.hex-to-rgb-comma-string background},0.5) !important;
}
}
@media (prefers-color-scheme: dark) {
:root .theme-system {
@@ -130,6 +161,16 @@ in /* css */ ''
border-radius: ${builtins.toString rice.rounding}px;
}
}
@-moz-document domain(notebooklm.google.com) {
body, html, notebook, omnibar {
background-color: transparent !important;
}
header, footer, .studio-panel, .chat-panel, .source-panel {
background-color: rgba(0,0,0,0.5) !important;
backdrop-filter: blur(100px);
border-radius: ${builtins.toString rice.rounding}px;
}
}
@-moz-document domain(moodle.informatik.tu-darmstadt.de) {
body, html , .main-inner, .main-inner * {
@@ -216,6 +257,7 @@ in /* css */ ''
border: ${toString rice.border-width}px solid ${border} !important;
}
}
''
# @-moz-document domain(chatgpt.com) {
# body, html , .bg-token-sidebar-surface-primary {

24
home-modules/helix.nix
View File

@@ -98,7 +98,6 @@
cursor-shape = {
normal = "block";
insert = "bar";
select = "underline";
};
file-picker = {
hidden = false; # Enables ignoring hidden files
@@ -190,7 +189,7 @@
keys = {
normal = {
"C-g" = [ ":new" ":insert-output lazygit" ":buffer-close!" ":redraw" ];
"C-i" = [ ":pipe fgl" "toggle_comments" ];
"C-m" = [ ":pipe nxfgl" "toggle_comments" ];
"A-`" = [ "no_op" ];
"`" = [ "no_op" ];
"ö" = { "s" = [ "switch_case" ]; "u" = [ "switch_to_uppercase" ]; "l" = [ "switch_to_lowercase" ]; };
@@ -215,12 +214,30 @@
language-servers = [ "tinymist" ];
# language-servers = [ "language-tool" "tinymist" ];
}
{
name = "typst-with-language-tool";
scope = "";
language-servers = [ "language-tool" "tinymist" ];
injection-regex = "";
file-types = [""];
comment-tokens = "//";
indent = { tab-width = 2; unit = " "; };
}
{
name = "markdown";
language-servers = [ "language-tool" "marksman" ];
language-servers = [ "marksman" ];
file-types = [ "md" "MD" ];
scope = "text.<name>";
}
{
name = "markdown-with-language-tool";
language-servers = [ "language-tool" "marksman" ];
scope = "text.<name>";
injection-regex = "";
file-types = [""];
# blcok-comment-tokens = { start = "<!--"; end = "-->"; };
indent = { tab-width = 2; unit = " "; };
}
{
name = "python";
language-servers = [ "pyright" "ruff" ];
@@ -307,7 +324,6 @@
"constant.numeric" = foreground;
"constructor" = secondary.bright;
"debug" = yellow.base;
"diagnostic.modifiers" = [ "underline" ];
"diff.delta" = subtle.bright;
"diff.minus" = negative.bright;
"diff.plus" = positive.bright;

253
home-modules/hyprland.nix
View File

@@ -5,10 +5,27 @@
terminal-exec = "ghostty --command=";
monitors = {
xps = {
main = { name = "eDP-1"; resolution = "1920x1200"; position = "1920x1080"; scale = "1.0"; };
# def
# main = { name = "eDP-1"; resolution = "preferred"; position = "0x0"; scale = "1.0"; };
# second = { name = "eDP-1"; resolution = "preferred"; position = "0x0"; scale = "1.0"; };
# third = { name = "eDP-1"; resolution = "preferred"; position = "0x0"; scale = "1.0"; };
# Home
main = { name = "eDP-1"; resolution = "1920x1200"; position = "0x1080"; scale = "1.0"; };
second = { name = "desc:Sony SONY TV 0x01010101"; resolution = "1920x1080"; position = "0x0"; scale = "1.0"; };
third = { name = ""; resolution = "preferred"; position = "auto"; scale ="1, mirror, eDP-1"; };
# Presentation
# main = { name = "eDP-1"; resolution = "1920x1080"; position = "1920x1080"; scale = "1.0"; };
second = { name = "desc:Sony SONY TV 0x01010101"; resolution = "1920x1080"; position = "1920x0"; scale = "1.0"; };
third = { name = "DP-6"; resolution = "1920x1080"; position = "0x0"; scale = "1.0"; };
# second = { name = ""; resolution = "preferred"; position = "auto"; scale ="1, mirror, eDP-1"; };
# third = { name = ""; resolution = "preferred"; position = "auto"; scale ="1, mirror, eDP-1"; };
# thunderbolt docking
# main = { name = "eDP-1"; resolution = "1920x1200"; position = "1920x1200"; scale = "1.0"; };
# second = { name = "DP-5"; resolution = "1920x1200"; position = "1920x0"; scale = "1.0"; };
# third = { name = "DP-4"; resolution = "1920x1200"; position = "0x0"; scale = "1.0"; };
# second = { name = "DP-6"; resolution = "1920x1200"; position = "0x0"; scale = "1.0"; };
# third = { name = "DP-7"; resolution = "1920x1200"; position = "1920x0"; scale = "1.0"; };
};
north = {
main = { name = "desc:Iiyama North America PL3270Q na"; resolution = "2560x1440"; position = "1920x0"; scale = "1.0"; };
@@ -19,31 +36,33 @@
};
in {
home.packages = with pkgs; [
xdg-desktop-portal-hyprland
grim
hyprcursor
hypridle
hyprland-protocols
hyprlock
hypridle
hyprshot
hyprpicker
hyprcursor
grim
hyprshade
hyprshot
slurp
# xdg-desktop-portal-hyprland
];
wayland.windowManager.hyprland = {
enable = true;
# package = pkgs-unstable.hyprland;
package = pkgs.hyprland;
# package = inputs.hyprland.packages.${pkgs.system}.hyprland;
# package = pkgs.hyprland;
package = inputs.hyprland.packages.${hyper.system}.hyprland;
# package = config.programs.hyprland.package;
xwayland.enable = true;
systemd.enable = true;
plugins = [
# inputs.hyprland-plugins.packages.${pkgs.system}.hyprexpo
# inputs.hyprfocus.packages.${pkgs.system}.hyprfocus
# inputs.hycov.packages.${pkgs.system}.hycov
# pkgs.hyprlandPlugins.hyprspace
# inputs.hyprspace.packages.${pkgs.system}.Hyprspace
plugins = let s = pkgs.stdenv.hostPlatform.system; in [
# inputs.hyprland-plugins.packages.${s}.hyprexpo
# inputs.hyprfocus.packages.${s}.hyprfocus
# inputs.hycov.packages.${s}.hycov
# inputs.hyprspace.packages.${s}.Hyprspace
# inputs.hyprtasking.packages.${s}.hyprtasking
# inputs.hyprland-easymotion.packages.${s}.hyprland-easymotion
];
settings = {
@@ -52,7 +71,6 @@ in {
"${main.name}, ${main.resolution}, ${main.position}, ${main.scale}"
"${second.name}, ${second.resolution}, ${second.position}, ${second.scale}"
"${third.name}, ${third.resolution}, ${third.position}, ${third.scale}"
" ,preferred, auto, 1, mirror, eDP-1"
]) else (if hyper.host == "NxNORTH" then (with monitors.north; [
"${main.name}, ${main.resolution}, ${main.position}, ${main.scale}"
"${left.name}, ${left.resolution}, ${left.position}, ${left.scale}"
@@ -187,19 +205,19 @@ in {
];
};
# gestures = {
# workspace_swipe = true;
# workspace_swipe_fingers = "4";
# workspace_swipe_distance = "300";
# workspace_swipe_invert = true;
# workspace_swipe_min_speed_to_force = "30";
# workspace_swipe_cancel_ratio = "0.5";
# workspace_swipe_create_new = false;
# workspace_swipe_direction_lock = false;
# workspace_swipe_direction_lock_threshold = "10";
# workspace_swipe_forever = true;
# workspace_swipe_use_r = false;
# };
gestures = {
workspace_swipe_distance = "300";
# workspace_swipe_touch = true;
workspace_swipe_invert = true;
# workspace_swipe_touch_invert = true;
workspace_swipe_min_speed_to_force = "30";
workspace_swipe_cancel_ratio = "0.5";
workspace_swipe_create_new = false;
workspace_swipe_direction_lock = false;
workspace_swipe_direction_lock_threshold = "10";
workspace_swipe_forever = true;
workspace_swipe_use_r = false;
};
gesture = [
@@ -232,77 +250,78 @@ in {
"fcitx5"
# "ibus engine xkb:de::deu"
"libinput-gestures"
"systemctl --user start hyprpanel"
# "hyprswitch --daemon"
];
windowrulev2 = [
"bordercolor rgba(${rice.lib.nohash rice.color.special.bright}ff), pinned:1"
windowrule = [
"border_color rgba(${rice.lib.nohash rice.color.special.bright}ff) rgba(${rice.lib.nohash rice.color.special.brighter}ff), match:pin 1"
"bordersize 0, floating:0, onworkspace:w[tv1]"
"rounding 0, floating:0, onworkspace:w[tv1]"
"bordersize 0, floating:0, onworkspace:f[1]"
"rounding 0, floating:0, onworkspace:f[1]"
"border_size 0, match:float 0, match:workspace w[tv1]"
"rounding 0, match:float 0, match:workspace w[tv1]"
"border_size 0, match:float 0, match:workspace f[1]"
"rounding 0, match:float 0, match:workspace f[1]"
] ++ [
"center 1,class:^(gimp)$"
"center 1,match:class ^(gimp)$"
"float, class:^(ibus-ui.*)$"
"float, class:^(ibus-ui-gtk3)$"
"float, class:^(imv)$"
"float, class:^(org.kde.polkit-kde-authentication-agent-1)$"
"float, class:^(presenter)$" # sent
"float, class:^(thunderbird)$"
"float, title:^(Compact folders)$"
"float, title:^(Ibus-ui.*)$"
"float, title:^(Ibus-ui-gtk3)$"
"float, title:^(Page Info .*)$"
"float, title:^(Picture-in-Picture)$"
"float, title:^(wlogout)$"
"float on, match:class ^(ibus-ui.*)$"
"float on, match:class ^(ibus-ui-gtk3)$"
"float on, match:class ^(imv)$"
"float on, match:class ^(org.kde.polkit-kde-authentication-agent-1)$"
"float on, match:class ^(presenter)$" # sent
"float on, match:class ^(thunderbird)$"
"float on, match:title ^(Compact folders)$"
"float on, match:title ^(Ibus-ui.*)$"
"float on, match:title ^(Ibus-ui-gtk3)$"
"float on, match:title ^(Page Info .*)$"
"float on, match:title ^(Picture-in-Picture)$"
"float on, match:title ^(wlogout)$"
"fullscreen, class:^(imv)$"
"fullscreen, class:^(sent)$"
"fullscreen, class:^(wlogout)$"
"fullscreen on, match:class ^(imv)$"
"fullscreen on, match:class ^(sent)$"
"fullscreen on, match:class ^(wlogout)$"
"noanim, class:^(imv)$"
"noanim, class:^(presenter)$" # sent
"no_anim on, match:class ^(imv)$"
"no_anim on, match:class ^(presenter)$" # sent
"opacity ${transparency}, class:^(Code)$"
"opacity ${transparency}, class:^(code-oss)$"
"opacity ${transparency}, class:^(discord)$"
# "opacity ${transparency}, class:^(vesktop)$"
# "opacity ${transparency}, class:^(Element)$"
"opacity ${transparency}, class:^(lutris)$"
"opacity ${transparency}, class:^(neovide)$"
# "opacity ${transparency}, class:^(obsidian)$"
"opacity ${transparency}, class:^(VSCodium)$"
"opacity ${transparency}, title:^(wlogout)$"
"opaque, title:^(GNU Image Manipulation Program)$"
"opaque, fullscreen:1"
"opacity ${transparency}, match:class ^(Code)$"
"opacity ${transparency}, match:class ^(code-oss)$"
"opacity ${transparency}, match:class ^(discord)$"
# "opacity ${transparency}, match:class ^(vesktop)$"
# "opacity ${transparency}, match:class ^(Element)$"
"opacity ${transparency}, match:class ^(lutris)$"
"opacity ${transparency}, match:class ^(neovide)$"
# "opacity ${transparency}, match:class ^(obsidian)$"
"opacity ${transparency}, match:class ^(VSCodium)$"
"opacity ${transparency}, match:title ^(wlogout)$"
"opaque on, match:title ^(GNU Image Manipulation Program)$"
"opaque on, match:fullscreen 1"
"pin, title:^(Picture-in-Picture)$"
"pin on, match:title ^(Picture-in-Picture)$"
"tile, class:^(sent)$"
"tile on, match:class ^(sent)$"
"workspace 100, class:^(gamescope)$"
"workspace 100, match:class ^(gamescope)$"
"float, title:^(terminal-file-picker)$"
"dimaround, title:^(terminal-file-picker)$"
"center, title:^(terminal-file-picker)$"
"size 80% 80%, title:^(terminal-file-picker)$"
"float on, match:title ^(terminal-file-picker)$"
"dim_around on, match:title ^(terminal-file-picker)$"
"center on, match:title ^(terminal-file-picker)$"
"size 80% 80%, match:title ^(terminal-file-picker)$"
"size 30% 30%, initialTitle:^(Select Calendar)$"
"float on, match:initial_title ^(Select Calendar)$"
"size 30% 30%, match:initial_title ^(Select Calendar)$"
];
layerrule = [
"blur,waybar"
"blur,bar-0" # hyprpanel
"blur,bar-1"
"blur,bar-2"
"blur,bar-3"
"blur,bar-4"
"dimaround,rofi"
"blur,rofi"
"xray,rofi"
"blur on, match:namespace waybar"
"blur on, match:namespace bar-0" # hyprpanel
"blur on, match:namespace bar-1"
"blur on, match:namespace bar-2"
"blur on, match:namespace bar-3"
"blur on, match:namespace bar-4"
"blur on, match:namespace rofi"
"dim_around on, match:namespace rofi"
];
@@ -369,6 +388,8 @@ in {
# "SUPER, TAB, hycov:toggleoverview"
# "SUPER, TAB, overview:toggle"
# "SUPER, TAB, hyprexpo:expo, toggle"
# "SUPER, TAB, hyprtasking:killhovered"
# ", Escape, hyprtasking:if_active, hyprtasking:toggle cursor"
"ALT, TAB, focuscurrentorlast"
# "SUPER, TAB, exec, hyprswitch --daemon"
"SUPER, Q, killactive"
@@ -376,6 +397,7 @@ in {
"SUPER, W, submap, browserSM "
# "SUPER, E, exec, element-desktop"
"SUPER, R, exec, rofi -show drun"
"SUPER SHIFT, R, exec, rofi -show drun"
# "SUPER, T, exec, alacritty"
# "SUPER SHIFT, T, exec, alacritty -e sh -c "ssh nxace""
"SUPER, T, exec, SESSION_FROM_DE=TRUE ${terminal}"
@@ -401,7 +423,7 @@ in {
"SUPER, D, exec, vesktop"
# "SUPER, D, exec, discord"
"SUPER, F, fullscreen"
# "SUPER, G,"
# "SUPER, G, action:hyprctl dispatch focuswindow address:{}"
"SUPER, H, movefocus, l"
"SUPER, J, movefocus, d"
"SUPER, K, movefocus, u"
@@ -422,8 +444,10 @@ in {
"SUPER SHIFT, C, exec, hyprpicker -n -a"
"SUPER, V, togglefloating, "
# "SUPER, B, exec, bitwarden"
"SUPER, N, togglesplit"
"SUPER, N, layoutmsg, togglesplit"
# "SUPER, M, exec, /home/nx2/scripts/meme-full-screen/meme-full-screen.sh "
''SUPER, M, exec, sh -c "hyprshade on $(find ${hyper.home}/.config/hypr/shaders -type f | sed -E 's-.*shaders/(.+)\.glsl-\1-g' | rofi -dmenu)"''
"SUPER Shift, M, exec, hyprshade off"
# "SUPER, comma, exec, /home/nx2/scripts/change-language.sh"
"SUPER, ., exec, echo key x:Prior | dotool"
"SUPER, -, exec, echo key x:Next | dotool"
@@ -491,6 +515,10 @@ in {
# "SUPER, TAB, exec, hyprswitch --daemon --do-initial-execute"
"SUPER, Next, resizeactive, 10% 10%"
"SUPER, Prior, resizeactive, -10% -10%"
"SUPER ALT, j, resizeactive, 0% 7%"
"SUPER ALT, k, resizeactive, 0% -7%"
"SUPER ALT, l, resizeactive, 7% 0%"
"SUPER ALT, h, resizeactive, -7% 0%"
];
plugin = {
overview = {
@@ -524,6 +552,59 @@ in {
reverseSwipe = true; # reverses the direction of swipe gesture, for macOS peeps?
exitKey = true;
};
hypertasking = {
layout = "grid";
gap_size = 20;
bg_color = "0xff${rice.color.background}";
border_size = 4;
exit_on_hovered = false;
warp_on_move_window = 1;
close_overview_on_reload = true;
drag_button = "0x110"; # left mouse button
select_button = "0x111"; # right mouse button
# for other mouse buttons see <linux/input-event-codes.h>
gestures = {
enabled = true;
move_fingers = 3;
move_distance = 300;
open_fingers = 4;
open_distance = 300;
open_positive = true;
};
grid = {
rows = 3;
cols = 3;
loop = false;
layers = 2;
loop_layers = true;
gaps_use_aspect_ratio = false;
};
linear ={
top = false;
height = 400;
scroll_speed = 1.0;
blur = false;
};
};
easymotion = {
textsize = 15;
textcolor = "rgba(ffffffff)";
bgcolor = "rgba(000000ff)";
blur = 0;
blurA = 1.0;
xray = 0;
textfont = "Sans";
textpadding = 0;
bordersize = 0;
bordercolor = "rgba(ffffffff)";
rounding = 0;
fullscreen_action = "none";
motionkeys = "abcdefghijklmnopqrstuvwxyz1234567890";
motionlabels = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
only_special = "true";
};
};
};

3
home-modules/pkgs-list/programs.nix
View File

@@ -14,10 +14,9 @@
latest.antigravity
element-desktop
obsidian
zoom-us
fontforge-gtk
inkscape
audacity
gemini-cli
libreoffice
]) else []);
}

8
home-modules/pkgs-list/shell.nix
View File

@@ -19,12 +19,15 @@
htop
imagemagick
jq
libxml2
lolcat
lynx
mediainfo
neofetch
nmap
pastel
pdfgrep
pdftk
pipes
pv
reflex
@@ -34,8 +37,11 @@
sssnake
systemctl-tui
tldr
unstable.gemini-cli
unstable.gemini-cli
unstable.yt-dlp
unstable.yt-dlp
w3m
which
unstable.yt-dlp
];
}

3
home-modules/spotify.nix
View File

@@ -2,6 +2,7 @@
{
home.packages = with pkgs; [
unstable.spotify
unstable.spicetify-cli
];
services.librespot = {
enable = true;
@@ -46,7 +47,7 @@
playback_progress_bar = { fg = accent.brighter; bg = accent.dark; modifiers = ["Bold"]; };
playback_status = { fg = accent.bright; };
playback_track = { fg = accent.bright; modifiers = ["Bold"]; };
secondary_row = { fg = secondary.base; };
secondary_row = { fg = accent.brighter; };
selection = { bg = accent.dark; };
table_header = { fg = tertiary.bright; };
# playback_progress_bar_unfilled (Specific to progress_bar_type as Line) = "";

6
home-modules/ssh.nix
View File

@@ -36,6 +36,12 @@
"nxace" = (nxace "nxace" );
"nxacel" = (nxace "nxacel") // { hostname = "10.0.1.1"; };
"nxrpli" = (nxace "nxrpil") // { hostname = "10.0.1.31"; port = 22; };
"nx2s-email-relay" = default // {
identityFile = "${hyper.home}/vault/ssh/nx2s-email-relay";
hostname = "35.243.218.208";
port = 22;
user = secrets.ssh.nx2s-email-relay-user;
};
};
};
services.ssh-agent = {

84
home-modules/thunderbird.nix Normal file
View File

@@ -0,0 +1,84 @@
{ pkgs, ... }@all: with all; lib.mkIf (hyper.isPersonal) {
programs.thunderbird = let
inherit (lib.generators) toJSON;
extensions = toJSON {} {
"addon@darkreader.org" = "71d6c69d-55f9-4c56-888c-abdcf6efd73d";
};
in {
enable = true;
profiles = {
"${hyper.user}" = {
isDefault = true;
settings = with rice.color; {
"calendar.alarms.showmissed" = false;
"calendar.alarms.playsound" = false;
"calendar.alarms.show" = false;
"extensions.webextensions.uuids" = extensions;
"mail.startup.enabledMailCheckOnce" = true;
"mailnews.mark_message_read.delay" = true;
"mailnews.mark_message_read.delay.interval" = 3;
"mailnews.tags.$label1.color" = red.base;
"mailnews.tags.$label1.tag" = "Important";
"mailnews.tags.$label2.color" = yellow.base;
"mailnews.tags.$label2.tag" = "Work";
"mailnews.tags.$label3.color" = green.base;
"mailnews.tags.$label3.tag" = "Personal";
"mailnews.tags.$label4.color" = cyan.base;
"mailnews.tags.$label4.tag" = "To Do";
"mailnews.tags.$label5.color" = blue.base;
"mailnews.tags.$label5.tag" = "Later";
"mailnews.headers.showMessageId" = true;
"mailnews.headers.showOrganization" = true;
"mailnews.headers.showReferences" = true;
"mailnews.headers.showSender" = true;
"mailnews.headers.showUserAgent" = true;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
};
userChrome = with rice.color; /* css */ ''
body,
#navigation-toolbox,
#calendarContent,
#calSidebar,
#tabpanelcontainer,
#spacesToolbar,
#tabs-toolbar,
#calMinimonth,
#primaryButtonSidePanel *,
.minimonth-week,
.multiday-header-corner, .day-column-heading, calendar-header-container, calendar-event-column, .multiday-hour-box,
#view-box,
#tabs-toolbar,
#status-bar,
.calview-toggle,
#calview-toggle-item,
#folderPaneHeaderBar,
#folderPane,
#threadPaneHeaderBar,
#threadTree,
#tabs-toolbar {
color: ${foreground} !important;
font-family: ${rice.font.base.name} !important;
background-color: transparent !important;
background-image: none !important;
border: none !important;
-moz-appearance: none !important;
}
.minimonth-nav-section {
background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency}) !important;
border: ${builtins.toString rice.border-width}px solid ${border};
}
.button,
.button-primary,
.tab-content[selected] {
background-color: ${accent.base};
color: ${background};
background-image: none;
}
html {
background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency}) !important;
}
'';
};
};
};
}

21
home-modules/yazi.nix
View File

@@ -1,5 +1,5 @@
{ pkgs, ... }@all: with all; let
nox-var = (pkgs.pkgs-version != "24.05");
not-nod = (pkgs.pkgs-version != "24.05");
tfc = pkgs.unstable.xdg-desktop-portal-termfilechooser;
in {
home.packages = [
@@ -68,7 +68,8 @@ in {
# Operation
{ on = "o"; run = "open"; desc = "Open selected files"; }
{ on = "O"; run = "open --interactive"; desc = "Open selected files interactively"; }
{ on = "<Enter>"; run = "open"; desc = "Open selected files"; }
{ on = "<Enter>"; run = "plugin smart-enter"; desc = "Open selected files"; }
# { on = "<Enter>"; run = "open"; desc = "Open selected files"; }
{ on = "<S-Enter>"; run = "open --interactive"; desc = "Open selected files interactively"; }
{ on = "y"; run = [ ''shell -- for path in "$@"; do echo "file://$path"; done | wl-copy -t text/uri-list'' "yank" ]; desc = "Yank selected files (copy)"; }
{ on = "y"; run = "yank"; desc = "Yank selected files (copy)"; }
@@ -87,8 +88,8 @@ in {
{ on = ";"; run = "shell --interactive"; desc = "Run a shell command"; }
{ on = ":"; run = "shell --block --interactive"; desc = "Run a shell command (block until finishes)"; }
{ on = "."; run = "hidden toggle"; desc = "Toggle the visibility of hidden files"; }
{ on = "s"; run = "search fd"; desc = "Search files by name using fd"; }
{ on = "S"; run = "search rg"; desc = "Search files by content using ripgrep"; }
{ on = "s"; run = "search --via=fd"; desc = "Search files by name using fd"; }
{ on = "S"; run = "search --via=rg"; desc = "Search files by content using ripgrep"; }
{ on = "<C-s>"; run = "escape --search"; desc = "Cancel the ongoing search"; }
{ on = "z"; run = "plugin zoxide"; desc = "Jump to a directory using zoxide"; }
{ on = "Z"; run = "plugin fzf"; desc = "Jump to a directory or reveal a file using fzf"; }
@@ -276,8 +277,8 @@ in {
{ mime = "text/*"; use = "edit"; }
{ mime = "text"; use = "edit"; }
{ mine = "inode/x-empty"; use = "directory"; }
{ mine = "inode/directory"; use = "directory"; }
{ mime = "inode/x-empty"; use = "directory"; }
{ mime = "inode/directory"; use = "directory"; }
{ mime = "image/*"; use = "image"; }
{ mime = "image/svg"; use = [ "image" "edit" ]; }
@@ -442,7 +443,7 @@ in {
];
};
};
} // (if nox-var then {
} // (if not-nod then {
shellWrapperName = "ya";
initLua = /* lua */ ''
require("zoxide"):setup {
@@ -469,8 +470,8 @@ in {
return ui.Span(ya.user_name() .. "@" .. ya.host_name() .. ":"):fg("blue")
end, 500, Header.LEFT)
'';
plugins = with pkgs; {
inherit glow git;
plugins = { inherit (pkgs.yaziPlugins)
glow git smart-enter;
};
} else {});
@@ -491,11 +492,9 @@ in {
xdgOpenUsePortal = true;
config.common."org.freedesktop.impl.portal.FileChooser" = "termfilechooser";
extraPortals = [ tfc ] ++ (with pkgs; [
xdg-desktop-portal-hyprland
xdg-desktop-portal
xdg-desktop-portal-gnome
xdg-desktop-portal-gtk
xdg-desktop-portal-hyprland
xdg-desktop-portal-wlr
]);
};

4
home.nix
View File

@@ -8,6 +8,7 @@
./home-modules/chatterino.nix
./home-modules/clipboard.nix
./home-modules/color-pallete.nix
./home-modules/contact.nix
./home-modules/direnv.nix
./home-modules/discord.nix
./home-modules/email.nix
@@ -42,7 +43,7 @@
./home-modules/pkgs-list/desktop.nix
./home-modules/pkgs-list/programs.nix
./home-modules/pkgs-list/shell.nix
./home-modules/pnx.nix
# ./home-modules/pnx.nix
./home-modules/programming.nix
./home-modules/qt.nix
./home-modules/rclone.nix
@@ -53,6 +54,7 @@
./home-modules/spotify.nix
./home-modules/ssh.nix
./home-modules/starship.nix
./home-modules/thunderbird.nix
./home-modules/tts.nix
./home-modules/typst.nix
./home-modules/vale.nix

32
sops-secrets.yaml
View File

File diff suppressed because one or more lines are too long

28
system-modules/boot.nix
View File

@@ -9,8 +9,10 @@
device-boot = if hyper.host == "NxNORTH" then {
kernelPackages = pkgs.linuxPackages_zen;
kernelParams = [
"fbcon=margin:1"
# "fbcon=margin:1"
"fbcon=nodefer"
"video=DP-4:2560x1440@60"
# "video=HDMI-A-3:d"
];
lanzaboote = {
enable = true;
@@ -25,7 +27,11 @@
kernelPackages = pkgs.linuxPackages;
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
kernelModules = [ "v4l2loopback" ];
extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1'';
extraModprobeConfig = ''
options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1
options snd_hda_intel power_save=0
options snd_ac97_codec power_save=0
'';
loader = {
efi.canTouchEfiVariables = true;
grub = {
@@ -66,5 +72,23 @@ in {
config = {
environment.systemPackages = with pkgs; lib.mkIf ( host == "NxNORTH" ) [ sbctl ];
boot = { tmp.useTmpfs = false; } // device-boot;
# thx fxzzi
# sh*tty nvidia makes the tty on my 1440p monitor 1080p
# so just resize it to 1440p
systemd.services.fbset = lib.mkIf (hyper.host == "NxNORTH") {
enable = true;
wantedBy = ["multi-user.target"];
unitConfig = {
Description = "Set framebuffer resolution";
Before = "display-manager.service";
};
serviceConfig = {
Type = "oneshot";
ExecStart = "${lib.getExe pkgs.fbset} -xres 2560 -yres 1440 -match --all";
RemainAfterExit = "yes";
StandardOutput = "journal";
StandardError = "journal";
};
};
};
}

5
system-modules/calendar/lr.nix
View File

@@ -23,7 +23,8 @@ from ics import Calendar
import requests
def filter_events(events):
return [event for event in events if ("LR" in event.name)]
return [event for event in events if ("WT" in event.name)]
# return [event for event in events if ("LR" in event.name)]
# return [event for event in events if ("LR" in event.name) or ("TBD" in event.name)]
def fetch_and_save_ical_events(ical_urls, save_path):
@@ -62,7 +63,7 @@ def fetch_and_save_ical_events(ical_urls, save_path):
if __name__ == "__main__":
# Replace with your iCal URL and target file path
ICAL_URLS = [
"https://zlypher.github.io/lol-events/cal/league-of-legends-nlc.ical",
# "https://zlypher.github.io/lol-events/cal/league-of-legends-nlc.ical",
"https://zlypher.github.io/lol-events/cal/league-of-legends-emea-masters.ical"
]
SAVE_PATH = "${config.services.nginx.virtualHosts."${hyper.domain}".root}/lr.ics"

19
system-modules/davfs.nix Normal file
View File

@@ -0,0 +1,19 @@
{ pkgs, ... }@all: with all; let
# user = "lennart";
in {
services.davfs2 = {
enable = true;
settings = {
globalSection = {
use_locks = true;
};
sections = {
"${hyper.home}/webdav" = {
gui_optimize = true;
};
};
};
};
users.users."${hyper.user}".extraGroups = [ "davfs2" ];
}

108
system-modules/dm.nix
View File

@@ -1,31 +1,87 @@
{ pkgs, ... }@all: with all; {
services.greetd = {
enable = true;
settings = rec {
hyprland = {
command = "${pkgs.tuigreet}/bin/tuigreet --time --remember --cmd Hyprland --remember-user-session --window-padding 5";
user = hyper.user;
};
default_session = hyprland;
vt = 2;
};
# useTextGreeter = true;
};
# services.displayManager.ly = {
{ config, pkgs, ... }@all: with all; {
# services.greetd = {
# enable = true;
# package = pkgs.ly;
# settings = {
# # animation = "matrix";
# # clear_password = true;
# clock = "%c";
# lang = "de";
# load = true;
# # numlock = false;
# save = true;
# settings = rec {
# hyprland = {
# command = "${pkgs.tuigreet}/bin/tuigreet --time --remember --cmd Hyprland --remember-user-session --window-padding 5";
# user = hyper.user;
# };
# default_session = hyprland;
# vt = 2;
# };
# # useTextGreeter = true;
# };
services.xserver.displayManager.lightdm.enable = false;
services.displayManager.ly = pkgs.lib.mkIf (!hyper.isServer) {
# info and docs at https://codeberg.org/fairyglade/ly/src/branch/master/res/config.ini
enable = true;
package = pkgs.ly;
settings = with rice.color; let h = rice.lib.nohash; in {
allow_empty_password = false;
animation = "matrix";
# animation = "gameoflife";
animation_timeout_sec = 0; # forever
asterisk = "*";
auth_fails = 10;
# auto_login_session = "hyprland";
# auto_login_user = hyper.user;
battery_id = if hyper.isMobile then "BAT0" else null;
bg = "0x00${h background}";
bigclock_12hr = false;
bigclock = "en";
bigclock_seconds = false;
blank_box = true; # not transparent
border_fg = "0x00${h border}";
box_title = " Optimistic Nihilism ";
clear_password = true;
clock = "%c";
cmatrix_fg = "0x00${h accent.base}";
cmatrix_head_col = "0x01${h accent.bright}";
cmatrix_max_codepoint = "0x7B";
cmatrix_min_codepoint = "0x21";
colormix_col1 = "0x00${h accent.base}";
colormix_col2 = "0x00${h secondary.base}";
colormix_col3 = "0x20${h tertiary.base}";
default_input = "password";
# doom_bottom_color = 0x00FFFFFF;
# doom_fire_height = 6; # 1-9
# doom_fire_spread = 2; # 0-4
# doom_middle_color = 0x00C78F17;
# doom_top_color = 0x009F2707;
# dur_file_path = $CONFIG_DIRECTORY/ly/example.dur;
# dur_offset_alignment = center; # Available inputs: topleft, topcenter, topright, centerleft, center, centerright, bottomleft, bottomcenter, bottomright
# Dur offset x direction (value is added to the current position determined by alignment, negatives are supported)
# dur_x_offset = 0;
# dur_y_offset = 0; # Dur offset y direction (value is added to the current position determined by alignment, negatives are supported)
# edge_margin = 0; # Set margin to the edges of the DM (useful for curved monitors)
error_bg = "0x00${h negative.darker}";
error_fg = "0x01${h negative.base}";
fg = "0x00${h foreground}";
full_color = true;
# gameoflife_entropy_interval = 20; # None
# gameoflife_fg = "0x00${h accent.base}";
# gameoflife_frame_delay = 6;
# gameoflife_initial_density = 0.4;
# # hibernate_cmd = null;
# # hibernate_key = F4;
hide_borders = false; # Remove main box borders
hide_keyboard_locks = false; # Remove keyboard lock states from the top right corner
hide_key_hints = false; # Remove power management command hints
hide_version_string = true;
# initial_info_text = "Login to ${hyper.host}";
# input_len = 35;
lang = "de";
save = true; # Save the current desktop and login as defaults, and load them on startup
# numlock = false;
# text_in_center = true; # Center the session name.
# vi_default_mode = "normal";
# vi_mode = true;
# xinitrc = null;
# xsessions = null;
};
};
# environment.systemPackages = with pkgs; [
# cmatrix
# ];
environment.systemPackages = with pkgs; [
cmatrix
];
}

16
system-modules/fonts.nix
View File

@@ -1,18 +1,18 @@
{ pkgs, ... }@all: with all;
{
fonts.packages = with pkgs; [
atkinson-hyperlegible
nerd-fonts._3270
nerd-fonts.heavy-data
nerd-fonts.jetbrains-mono
nerd-fonts.profont
nerd-fonts.proggy-clean-tt
nerd-fonts.zed-mono
newcomputermodern
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-color-emoji
newcomputermodern
atkinson-hyperlegible
nerd-fonts.jetbrains-mono
nerd-fonts.zed-mono
nerd-fonts.profont
nerd-fonts.proggy-clean-tt
nerd-fonts.heavy-data
nerd-fonts._3270
] ++ (with rice.font; [
base.package
code.package

3
system-modules/gui.nix
View File

@@ -1,6 +1,7 @@
{ ... }: {
{ pkgs, ... }@all: with all; {
programs.hyprland = {
enable = true;
package = inputs.hyprland.packages.${hyper.system}.hyprland;
xwayland.enable = true;
};
services.xserver.enable = true;

10
system-modules/networking.nix
View File

@@ -10,11 +10,15 @@
};
enableIPv6 = true;
firewall.allowedTCPPorts = [
(pkgs.lib.mkIf config.services.ollama.enable 11434)
80
443
8000
8080
(pkgs.lib.mkIf config.services.nginx.enable 80)
(pkgs.lib.mkIf config.services.nginx.enable 443)
(pkgs.lib.mkIf config.services.ollama.enable 11434)
(pkgs.lib.mkIf config.services.maddy.enable 587)
(pkgs.lib.mkIf config.services.maddy.enable 465)
(pkgs.lib.mkIf config.services.maddy.enable 993)
(pkgs.lib.mkIf config.services.maddy.enable 25025)
];
};
}

24
system-modules/nx2site.nix
View File

@@ -40,13 +40,15 @@ let dns-user = "cloudflare"; in
sub = "fc861353142bc05d5dbad1799178e6a1";
sub6 = "b8082b7afe9e80971fc9f9dda16ec284";
ssh = "c0f14f17f32d6595c202f041dd836eb3";
ssh6 = "f1ecb2d9d0522d4eec06437688ca76da";
ssh6 = "0067f396b3efb21e12f63e0c50643161";
dev = "80e76834acc9243696d9763759b22147";
mail = "d62a0dc01614b9f8f2b469219788fe0f";
mail6 = "f1ecb2d9d0522d4eec06437688ca76da";
};
passord-file-path = config.sops.secrets."nx2site/cloudflare/global-api-key".path;
in pkgs.writers.writePython3Bin "dyn_dns" {
libraries = with pkgs.python3Packages; [ requests ];
flakeIgnore = [ "E302" "E305" "E226" "E501" "E261" ];
flakeIgnore = [ "E302" "E305" "E226" "E501" "E261" "E241" ];
} /* python */ ''
import requests
import subprocess
@@ -55,7 +57,7 @@ from time import sleep
def get_public_ip(ipv6: bool = False) -> str:
return subprocess.run(['${pkgs.curl}/bin/curl', '-s', '-6' if ipv6 else '-4', 'https://ifconfig.me'], capture_output=True, text=True).stdout.strip()
def update_record(record_id: str, record_name: str, ip: str, type: str, proxied: bool, pw: str) -> None:
def update_record(record_id: str, record_name: str, ip: str, type: str, proxied: bool, pw: str) -> requests.Response:
sleep(5)
return requests.patch(
f'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/{record_id}',
@@ -85,14 +87,16 @@ def main():
# Perform DNS updates
# https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-update-dns-record
print(f"${hyper.domain}: {update_record(record_id="${record_id.base}", record_name="${hyper.domain}", ip=my_ip, type="A", proxied=True, pw=pw).status_code}", end=", ")
print(f"*.${hyper.domain}: {update_record(record_id="${record_id.sub}", record_name="*.${hyper.domain}", ip=my_ip, type="A", proxied=True, pw=pw).status_code}", end=", ")
print(f"ssh.${hyper.domain}: {update_record(record_id="${record_id.ssh}", record_name="ssh.${hyper.domain}", ip=my_ip, type="A", proxied=False, pw=pw).status_code}", end=", ")
print(f"dev.${hyper.domain}: {update_record(record_id="${record_id.dev}", record_name="dev.${hyper.domain}", ip=my_ip, type="A", proxied=False, pw=pw).status_code}", end=", ")
print(f"${hyper.domain}: {update_record(record_id="${record_id.base}", record_name="${hyper.domain}", ip=my_ip, type="A", proxied=True, pw=pw).status_code}")
print(f"*.${hyper.domain}: {update_record(record_id="${record_id.sub}", record_name="*.${hyper.domain}", ip=my_ip, type="A", proxied=True, pw=pw).status_code}")
print(f"ssh.${hyper.domain}: {update_record(record_id="${record_id.ssh}", record_name="ssh.${hyper.domain}", ip=my_ip, type="A", proxied=False, pw=pw).status_code}")
print(f"dev.${hyper.domain}: {update_record(record_id="${record_id.dev}", record_name="dev.${hyper.domain}", ip=my_ip, type="A", proxied=False, pw=pw).status_code}")
# print(f"mail.${hyper.domain}: {update_record(record_id="${record_id.mail}", record_name="mail.${hyper.domain}", ip=my_ip, type="A", proxied=False, pw=pw).status_code}")
print(f"${hyper.domain}: {update_record(record_id="${record_id.base6}", record_name="${hyper.domain}", ip=my_ip6, type="AAAA", proxied=True, pw=pw).status_code}", end=", ")
print(f"*.${hyper.domain}: {update_record(record_id="${record_id.sub6}", record_name="*.${hyper.domain}", ip=my_ip6, type="AAAA", proxied=True, pw=pw).status_code}", end=", ")
print(f"ssh.${hyper.domain}: {update_record(record_id="${record_id.ssh6}", record_name="ssh.${hyper.domain}", ip=my_ip6, type="AAAA", proxied=False, pw=pw).status_code}", end="")
print(f"${hyper.domain}: {update_record(record_id="${record_id.base6}", record_name="${hyper.domain}", ip=my_ip6, type="AAAA", proxied=True, pw=pw).status_code}")
print(f"*.${hyper.domain}: {update_record(record_id="${record_id.sub6}", record_name="*.${hyper.domain}", ip=my_ip6, type="AAAA", proxied=True, pw=pw).status_code}")
print(f"ssh.${hyper.domain}: {update_record(record_id="${record_id.ssh6}", record_name="ssh.${hyper.domain}", ip=my_ip6, type="AAAA", proxied=False, pw=pw).status_code}")
# print(f"mail.${hyper.domain}: {update_record(record_id="${record_id.mail6}", record_name="mail.${hyper.domain}", ip=my_ip6, type="AAAA", proxied=False, pw=pw).status_code}")
if __name__ == "__main__":
main()

6
system-modules/nx2site/dyn_dns.nix
View File

@@ -1,5 +1,5 @@
{ pkgs, ... }@all: with all;
{
# THIS IS NOT USED
{ pkgs, ... }@all: with all; {
sops.secrets = {
# "nx2site/namecheap.pw" = { };
# "nx2site/cloudflare/api-token-dns-edit" = { };
@@ -16,6 +16,8 @@
"${hyper.domain}"
"*.${hyper.domain}"
"ssh.${hyper.domain}"
"mail.${hyper.domain}"
"dev.${hyper.domain}"
];
proxied = true;
apiTokenFile = config.sops.secrets."nx2site/cloudflare/global-api-key-env".path;

2
system-modules/nx2site/gitea.nix
View File

@@ -65,6 +65,8 @@ let git-user = "git"; in
SSH_PORT = secrets.ssh.port;
DOMAIN = "git.${hyper.domain}";
SSH_DOMAIN = "ssh.${hyper.domain}";
ENABLE_PUSH_CREATE_USER = true;
ENABLE_PUSH_CREATE_ORG = true;
# HTTP_ADDR = "${config.services.gitea.settings.server.DOMAIN}";
# HTTP_PORT = 3000; # default
# PROTOCOL = "http"; # default

68
system-modules/nx2site/imap.nix Normal file
View File

@@ -0,0 +1,68 @@
{ config, pkgs, ... }@all: with all; {
sops.secrets = {
"nx2site/dovecot" = {
owner = "dovecot2";
group = "dovecot2";
mode = "600";
};
};
services.dovecot2 = {
enable = true;
enablePAM = false; # independen from linux users
enableImap = true;
enableLmtp = true;
extraConfig = ''
# force to use full user name plus domain name
# for disambiguation
auth_username_format = %Lu
# Authentication configuration:
auth_mechanisms = plain
passdb {
driver = passwd-file
args = ${config.sops.secrets."nx2site/dovecot".path}
}
# for vitual users:
userdb {
driver = static
# the full e-mail address inside passwd-file is the username (%u)
# user@example.com
# %d for domain_name %n for user_name
args = uid=vmail gid=vmail username_format=%u home=/var/spool/mail/vmail/%d/%n
}
# for connecting with postfix
service lmtp {
unix_listener /var/spool/postfix/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
}
service auth {
unix_listener /var/spool/postfix/auth {
mode = 0600
user = postfix
group = postfix
}
}
'';
createMailUser = true;
mailUser = "vmail";
mailGroup = "vmail";
mailLocation = "maildir:~/Maildir";
mailboxes = { # RFC standart
All = { auto = "create"; autoexpunge = null; specialUse = "All"; };
Archive = { auto = "create"; autoexpunge = null; specialUse = "Archive"; };
Drafts = { auto = "create"; autoexpunge = null; specialUse = "Drafts"; };
Flagged = { auto = "create"; autoexpunge = null; specialUse = "Flagged"; };
Junk = { auto = "create"; autoexpunge = "60d"; specialUse = "Junk"; };
Sent = { auto = "create"; autoexpunge = null; specialUse = "Sent"; };
Trash = { auto = "create"; autoexpunge = "60d"; specialUse = "Trash"; };
};
sslServerCert = "/var/lib/acme/${hyper.domain}/fullchain.pem";
sslServerKey = "/var/lib/acme/${hyper.domain}/key.pem";
sslCACert = "/var/lib/acme/${hyper.domain}/chain.pem";
};
}

234
system-modules/nx2site/maddy.nix Normal file
View File

@@ -0,0 +1,234 @@
{ config, pkgs, ... }@all: with all; let
users = [ "nxcaldav" "nextcloud" "lennart" "daniel" "diane" "georg" "tessa" ];
in {
sops.secrets = {
"nx2site/maddy/nxcaldav_password" = { owner = "maddy"; group = "maddy"; mode = "600"; };
"nx2site/maddy/nextcloud_password" = { owner = "maddy"; group = "maddy"; mode = "600"; };
"nx2site/maddy/lennart_password" = { owner = "maddy"; group = "maddy"; mode = "600"; };
"nx2site/maddy/daniel_password" = { owner = "maddy"; group = "maddy"; mode = "600"; };
"nx2site/maddy/diane_password" = { owner = "maddy"; group = "maddy"; mode = "600"; };
"nx2site/maddy/georg_password" = { owner = "maddy"; group = "maddy"; mode = "600"; };
"nx2site/maddy/tessa_password" = { owner = "maddy"; group = "maddy"; mode = "600"; };
};
users.users."maddy" = {
extraGroups = [ "acme" "nginx" ];
};
services.maddy = {
enable = true;
primaryDomain = hyper.domain;
user = "maddy";
group = "maddy";
hostname = "ssh.${hyper.domain}";
ensureAccounts = [
"nxcaldav@${hyper.domain}"
"nextcloud@${hyper.domain}"
"lennart@${hyper.domain}"
"daniel@${hyper.domain}"
"diane@${hyper.domain}"
"georg@${hyper.domain}"
"tessa@${hyper.domain}"
];
ensureCredentials = {
"nxcaldav@${hyper.domain}".passwordFile = config.sops.secrets."nx2site/maddy/nxcaldav_password".path;
"nextcloud@${hyper.domain}".passwordFile = config.sops.secrets."nx2site/maddy/nextcloud_password".path;
"lennart@${hyper.domain}".passwordFile = config.sops.secrets."nx2site/maddy/lennart_password".path;
"daniel@${hyper.domain}".passwordFile = config.sops.secrets."nx2site/maddy/daniel_password".path;
"diane@${hyper.domain}".passwordFile = config.sops.secrets."nx2site/maddy/diane_password".path;
"georg@${hyper.domain}".passwordFile = config.sops.secrets."nx2site/maddy/georg_password".path;
"tessa@${hyper.domain}".passwordFile = config.sops.secrets."nx2site/maddy/tessa_password".path;
};
openFirewall = true;
tls = {
loader = "file";
certificates = [{
keyPath = "/var/lib/acme/nx2.site/key.pem";
certPath = "/var/lib/acme/nx2.site/cert.pem";
}];
};
# Enable TLS listeners. Configuring this via the module is not yet
# implemented, see https://github.com/NixOS/nixpkgs/pull/153372
config = let
admin = "lennart@${hyper.domain}";
domains = hyper.domain; # could be more
inherit (hyper) domain;
# nix adds 3 variables, hostname, and tls info before the file (see /etc/maddy/maddy.conf)
in /* ini */''
auth.pass_table local_authdb {
table sql_table {
driver sqlite3
dsn credentials.db
table_name passwords
}
}
storage.imapsql local_mailboxes {
driver sqlite3
dsn imapsql.db
}
table.chain local_rewrites {
# tagging with - or +
# alice-something@${domain} or alice+something@${domain} lands in inbox alice@${domain}
optional_step regexp "(.+)[\+-](.+)@(.+)" "$1@$3"
optional_step static {
entry postmaster ${admin}
entry admin ${admin}
}
}
msgpipeline local_routing {
destination ${domains} {
modify {
replace_rcpt &local_rewrites
}
reroute {
destination_in &local_mailboxes {
deliver_to &local_mailboxes
}
default_destination {
modify {
replace_rcpt regexp ".*" "${admin}"
}
deliver_to &local_mailboxes
}
}
}
# should never happen
default_destination {
reject 550 5.1.1 "User doesn't exist"
}
}
smtp tcp://0.0.0.0:25 {
limits {
all rate 20 1s
all concurrency 10
}
dmarc yes
check {
require_mx_record
dkim
spf
}
source ${domains} {
reject 501 5.1.8 "Use Submission for outgoing SMTP"
}
default_source {
destination postmaster ${domains} {
deliver_to &local_routing
}
default_destination {
reject 550 5.1.1 "User doesn't exist"
}
}
}
submission tls://0.0.0.0:465 tcp://0.0.0.0:587 {
limits {
all rate 50 1s
}
auth &local_authdb
source ${domains} {
check {
authorize_sender {
prepare_email &local_rewrites
user_to_email identity
}
}
destination postmaster ${domains} {
deliver_to &local_routing
}
default_destination {
modify {
dkim ${domain} ${domains} default
}
deliver_to &remote_queue
}
}
default_source {
reject 501 5.1.8 "Non-local sender domain"
}
}
target.remote outbound_delivery {
limits {
destination rate 20 1s
destination concurrency 10
}
mx_auth {
dane
mtasts {
cache fs
fs_dir mtasts_cache/
}
local_policy {
min_tls_level encrypted
min_mx_level none
}
}
}
target.queue remote_queue {
target &outbound_delivery
autogenerated_msg_domain ${domain}
bounce {
destination postmaster ${domains} {
deliver_to &local_routing
}
default_destination {
reject 550 5.0.0 "Refusing to send DSNs to non-local addresses"
}
}
}
imap tls://0.0.0.0:993 tcp://0.0.0.0:143 {
auth &local_authdb
storage &local_mailboxes
}
# localhost only - test purposes only (->spam!)
smtp tcp://127.0.0.1:2525 {
tls off
destination postmaster ${domains} {
deliver_to &local_routing
}
default_destination {
modify {
dkim ${domain} ${domains} default
}
deliver_to &remote_queue
}
}
# nx2s-email-relay backdor
smtp tcp://0.0.0.0:25025 {
# 1. Allow incoming mail from the VM for your domains
destination postmaster ${domains} {
deliver_to &local_routing
}
# 2. Prevent the world from using you as an open relay
default_destination {
reject 521 5.0.0 "User not local"
}
}
'';
};
}
# --- Receive
# 1. mx to mail.nx2.site
# 2. mail.nx2.site to nx2s-email-relay (google e2-micro)
# 3. nx2s-email-relay uses emaul-relay.service to socat 25 to 25025 home
# 4. home gets 25025 and handles it
# -- Send
# 1. Via Smtp2go (mail-eu.smtp2go.com)
# SPF is coverd by CNAME (return) (somehow)

115
system-modules/nx2site/nextcloud.nix
View File

@@ -1,27 +1,108 @@
{ pkgs, ...}@all: with all;
{
sops.secrets = {
"nx2site/nextcloud/admin-pass" = { owner = "nextcloud"; };
"nx2site/nextcloud/db-pass" = { owner = "nextcloud"; };
# "nx2site/nextcloud/users-pass/nx2" = { owner = "nextcloud"; };
{ config, pkgs, ... }@all: with all; let
user = "nextcloud";
in {
sops.secrets = let ss = { owner = user; group = user; mode = "600"; }; in {
"nx2site/nextcloud/admin_pass" = ss;
"nx2site/nextcloud/db_pass" = ss;
"nx2site/nextcloud/lennart_pass" = ss;
"nx2site/nextcloud/daniel_pass" = ss;
"nx2site/nextcloud/diane_pass" = ss;
"nx2site/nextcloud/georg_pass" = ss;
"nx2site/nextcloud/tessa_pass" = ss;
"nx2site/smtp2go/nextcloud_api_key" = ss;
};
services = {
nextcloud = {
users.users."${user}" = {
isSystemUser = true;
isNormalUser = false;
group = user;
};
# users.groups."${user}" = {};
users.groups.nextcloud.members = [ "nextcloud" config.services.nginx.user ];
services.nextcloud = {
enable = true;
package = pkgs.nextcloud;
hostName = "nc.${hyper.domain}";
https = true;
hostName = "n.${hyper.domain}";
# Need to manually increment with every major upgrade.
package = pkgs.nextcloud33;
# Let NixOS install and configure the database automatically.
# database.createLocally = false;
# Let NixOS install and configure Redis caching automatically.
configureRedis = true;
config = {
adminpassFile = config.sops.secrets."nx2site/nextcloud/admin-pass".path;
adminuser = "nx2";
# Increase the maximum file upload size.
maxUploadSize = "16G";
https = true;
# autoUpdateApps.enable = true;
appstoreEnable = false;
extraAppsEnable = true;
extraApps = with config.services.nextcloud.package.packages.apps; {
inherit calendar contacts mail notes tasks;
};
settings = {
overwriteProtocol = "https";
default_phone_region = "DE";
# # local
# "mail_smtpmode" = "smtp";
# "mail_smtphost" = "127.0.0.1";
# "mail_smtpport" = 2525;
# "mail_from_address" = "nextcloud";
# "mail_domain" = hyper.domain;
# "mail_smtpsecure" = ""; # = STARTTLS
"mail_smtpmode" = "smtp";
"mail_smtphost" = "mail-eu.smtp2go.com";
"mail_smtpport" = 2525;
"mail_from_address" = "nextcloud";
"mail_domain" = hyper.domain;
"mail_smtpsecure" = ""; # = STARTTLS
"mail_smtpauth" = true;
"mail_smtpauthtype" = "LOGIN";
"mail_smtpname" = "nextcloud@${hyper.domain}";
"simpleSignUpLink.shown" = false;
};
secrets."mail_smtppassword" = config.sops.secrets."nx2site/smtp2go/nextcloud_api_key".path;
# secrets.settings."mail_smtppassword" = config.sops.secrets."nx2site/maddy/nextcloud_password".path;
config = {
adminpassFile = config.sops.secrets."nx2site/nextcloud/admin_pass".path;
dbtype = "pgsql";
# dbhost = config.services.postgresql.settings.port; # using usix socket
adminuser = "nextcloud";
# dbhost = "localhost:5432";
dbhost = "/run/postgresql";
dbname = "nextcloud";
dbpassFile = config.sops.secrets."nx2site/nextcloud/db-pass".path;
dbuser = "nextcloud";
dbpassFile = config.sops.secrets."nx2site/nextcloud/db_pass".path;
};
phpOptions = {
"memory_limit" = pkgs.lib.mkForce "2G";
"opcache.interned_strings_buffer" = "16";
};
};
systemd.services.nextcloud-ensure-users = let
users = pkgs.lib.mergeAttrsList (pkgs.lib.map (name: {
"${name}" = {
email = "${name}@nx2.site";
passwordFile = config.sops.secrets."nx2site/nextcloud/${name}_pass".path;
};
}) [ "lennart" "daniel" "diane" "georg" "tessa" ]);
in {
enable = true;
script = let occ = "${config.services.nextcloud.occ}/bin/nextcloud-occ"; in /* bash */ ''
${pkgs.lib.optionalString (users != {}) ''
${pkgs.lib.concatStringsSep "\n" (pkgs.lib.mapAttrsToList (name: cfg: ''
if ${occ} user:info "${name}" | grep "user not found"; then
export OC_PASS="$(cat ${pkgs.lib.escapeShellArg cfg.passwordFile})"
${occ} user:add --password-from-env "${name}"
fi
${pkgs.lib.optionalString (cfg.email != null) ''
${occ} user:setting "${name}" settings email "${cfg.email}"
''}
'') users)}
''}
'';
wantedBy = [ "multi-user.target" ];
after = [ "nextcloud-setup.service" ];
};
services.phpfpm.pools.nextcloud.settings = pkgs.lib.mkIf config.services.nextcloud.enable {
"listen.owner" = config.services.nginx.user;
"listen.group" = config.services.nginx.group;
};
}

121
system-modules/nx2site/nxcaldav.nix Normal file
View File

@@ -0,0 +1,121 @@
{ pkgs, ... }@all: with all; let
x = rec { version = "0.0.11";
user = "nxcaldav";
nxcsrc = pkgs.fetchFromGitea {
domain = "git.${hyper.domain}";
owner = "nx2";
repo = "NxCalDav";
rev = version;
hash = "sha256-Hk27BQCBtdRQ1aSHVEQ1EVjPrsC2jOUPDT4yuU9OCXQ=";
};
nxc = pkgs.buildGoModule {
pname = "NxCalDav";
inherit version;
src = nxcsrc;
vendorHash = "sha256-prstYDJuwS5E5uRwUkX0M+QdnIaQ0QewKe8HaoZ0Db4=";
};
nxc_helpers = pkgs.python3Packages.buildPythonApplication {
inherit version;
format = "other";
pname = "nxc_helpers";
src = nxcsrc;
propagatedBuildInputs = with pkgs.python313Packages; [ pyyaml psycopg2 ];
installPhase = ''
sed -i "15s|.*| parser.add_argument('--config', default='${cfg}', help='Path to config.yaml')|" ./export_events.py
sed -i "17s|.*| parser.add_argument('--config', default='${cfg}', help='Path to config.yaml')|" ./import_events.py
install -Dm755 "./export_events.py" "$out/bin/nxc_export"
install -Dm755 "./import_events.py" "$out/bin/nxc_import"
'';
};
cfg = (pkgs.formats.yaml { }).generate "nxcaldav-config.yaml" {
server = {
bind_address = "0.0.0.0:14243";
public_url = "http://nxc.${hyper.domain}/";
redaction_text = "[-]";
default_class = "CONFIDENTIAL";
};
database.url = "postgres://nxcaldav@localhost:5432/nxcaldav?sslmode=disable";
users = let dfu = name: {
name = name;
password_cmd = ''cat ${config.sops.secrets."nx2site/nxcaldav/${name}_password".path}'';
groups = [ "family" ];
}; in [
(dfu "lennart")
(dfu "daniel")
(dfu "diane")
(dfu "georg")
(dfu "tessa")
(dfu "shared")
];
calendars = [
{ owner = "lennart"; color = "#dddddd"; id = "preservation"; }
{ owner = "lennart"; color = "#dd2222"; id = "effort"; }
{ owner = "lennart"; color = "#2222dd"; id = "experience"; }
{ owner = "lennart"; color = "#22aa22"; id = "leisure"; }
{ id = "family";
owner = "shared";
color = "#dddd22";
access = [
{ group = "family"; mode = "read-write"; }
];
}
];
address_books = [
{ owner = "lennart"; id = "Others"; }
{ owner = "lennart"; id = "TUDa"; }
{ owner = "lennart"; id = "HSMW"; }
{ owner = "lennart"; id = "CWG"; }
{ owner = "lennart"; id = "Handball"; }
{ id = "Family & Freinds";
owner = "shared";
access = [
{ group = "family"; mode = "read-write"; }
];
}
];
aggregates = [
{ id = "lennart-aggregate";
owner = "shared";
sources = [ "preservation" "effort" "experience" "leisure" ];
access = [
{ group = "family" ; mode = "read-only"; }
{ ics = "future-only"; }
];
}
];
};
}; in with x; {
sops.secrets = let ss = { owner = user; group = user; mode = "600"; }; in {
"nx2site/nxcaldav/lennart_password" = ss;
"nx2site/nxcaldav/daniel_password" = ss;
"nx2site/nxcaldav/diane_password" = ss;
"nx2site/nxcaldav/georg_password" = ss;
"nx2site/nxcaldav/tessa_password" = ss;
"nx2site/nxcaldav/shared_password" = ss;
};
users = {
groups."${user}" = {};
users = {
"${hyper.user}".extraGroups = [ user ];
"${user}" = {
isSystemUser = true;
isNormalUser = false;
group = user;
};
};
};
environment.systemPackages = [ nxc_helpers ];
systemd.services."nxcaldav" = {
enable = true;
path = [ pkgs.bash pkgs.coreutils ];
serviceConfig = {
User = user;
Group = user;
ExecStart = ''${nxc}/bin/nxcaldav -c ${cfg}'';
Restart = "on-failure";
RestartSec = 5;
StartLimitBurst = 5;
StartLimitIntervalSec = 60;
};
};
}

6
system-modules/nx2site/open-web-calendar.nix
View File

@@ -1,9 +1,8 @@
{ pkgs, ... }@all: with all;
{
{ pkgs, ... }@all: with all; {
services = {
open-web-calendar = {
enable = true;
domain = "cal.${hyper.domain}";
domain = "owc.${hyper.domain}";
package = pkgs.open-web-calendar;
settings = {
# PORT = 21342;
@@ -11,4 +10,5 @@
calendarSettings = { };
};
};
# proxy endpoint is done is done automatically
}

53
system-modules/nx2site/proxy.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, ...}@all: with all;
{
{ pkgs, ...}@all: with all; {
sops.secrets = {
"nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; };
"nx2site/sslCertificateKey.pem" = { owner = config.services.nginx.user; };
@@ -14,11 +13,16 @@
};
certs = {
"${hyper.domain}" = {
extraDomainNames = builtins.map (subd: "${subd}.${hyper.domain}") [ "sync" ];
extraDomainNames = builtins.map (subd: "${subd}.${hyper.domain}") [
"sync"
"ssh"
# "mail"
];
};
};
};
users.users."nginx" = {
users.users = {
"nginx" = {
extraGroups = [ "nginx" "acme" "copyparty" ];
useDefaultShell = false;
linger = true;
@@ -28,6 +32,8 @@
isSystemUser = true;
isNormalUser = false;
};
"acme".extraGroups = [ "nginx" "acme" "hugo" ];
};
systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
services.nginx = let
dl = [
@@ -101,8 +107,23 @@
"~ ^(/gpg)$".return = "301 /cards/gpg";
"~ ^(/contact)$".return = "301 /cards/contact";
"~ ^(/ba)$".return = "301 /BA.pdf";
"~ ^(/schedule)$".return = "301 https://owc.${hyper.domain}/calendar.html?specification_url=https://${hyper.domain}/owc-schedule.json?";
};
};
"mail.${hyper.domain}" = {
listen = [
{ addr = "0.0.0.0"; port = 80; }
{ addr = "[::0]"; port = 80; }
];
locations."/.well-known/acme-challenge".root = "/var/lib/acme/acme-challenge";
};
"ssh.${hyper.domain}" = {
listen = [
{ addr = "0.0.0.0"; port = 80; }
{ addr = "[::0]"; port = 80; }
];
locations."/.well-known/acme-challenge".root = "/var/lib/acme/acme-challenge";
};
"matrix.${hyper.domain}" = {
listen = dl;
locations."~.*".return = "502";
@@ -156,6 +177,18 @@
listen = dl;
locations = { "/" = { proxyPass = "http://127.0.0.1:5232"; }; };
});
"nxc.${hyper.domain}" = (vh // {
listen = dl;
locations = { "/" = { proxyPass = "http://127.0.0.1:14243"; }; };
});
"n.${hyper.domain}" = {
listen = dl;
forceSSL = true;
enableACME = true;
# rest is done by the nextcloud module
};
# "nc.${hyper.domain}" = vh // {
# # directly to nc
# };
@@ -179,23 +212,21 @@
};
"dev.${hyper.domain}" = vh // {
listen = dl;
locations."/" = {
locations = {
"/" = {
proxyPass = "http://127.0.0.1:8080";
proxyWebsockets = true;
};
};
};
# is done atomatically
# "cal.${hyper.domain}" = vh // {
# "owc.${hyper.domain}" = vh // {
# listen = dl;
# locations = { "/" = {
# proxyPass = "http://unix:///run/open-web-calendar/socket";
# proxyWebsockets = true;
# }; };
# };
# "baikal.${hyper.domain}" = {
# forceSSL = true;
# enableACME = true;
# };
"file.${hyper.domain}" = { # copyparty
listen = dl;
forceSSL = true;
@@ -227,7 +258,7 @@
};
};
};
"~^(.*).${hyper.domain}$" = {
"~^(?!n\.)(.*)\.${hyper.domain}$" = {
listen = dl;
root = "/var/nginx/webroot";
locations."~.*".return = "502";

60
system-modules/nx2site/smtp.nix Normal file
View File

@@ -0,0 +1,60 @@
{ pkgs, ... }@all: with all; {
# Postfix: The SMTP server (MTA)
# Handles sending, receiving, and local delivery routing.
services.postfix = {
enable = true;
enableSubmission = true;
enableSubmissions = true;
# main.cf configuration
settings.main = {
hostname = "mail.${hyper.domain}";
domain = hyper.domain;
# Allow local services (like CalDAV) to send mail without authentication
networks = [ "127.0.0.0/8" "[::1]/128" ];
# TLS settings - using ACME certs from proxy.nix
smtpd_tls_security_level = "may";
smtpd_tls_auth_only = "yes";
smtpd_tls_cert_file = "/var/lib/acme/${hyper.domain}/fullchain.pem";
smtpd_tls_key_file = "/var/lib/acme/${hyper.domain}/key.pem";
# Use Dovecot for authentication (SASL)
smtpd_sasl_type = "dovecot";
smtpd_sasl_path = "/var/spool/postfix/auth";
smtpd_sasl_auth_enable = "yes";
smtpd_sasl_security_options = "noanonymous";
# Use Dovecot for delivery (LMTP)
virtual_transport = "lmtp:unix:/var/spool/postfix/dovecot-lmtp";
virtual_mailbox_domains = [ hyper.domain ];
mailbox_transport = "lmtp:unix:/var/spool/postfix/dovecot-lmtp";
# Basic relay restrictions
smtpd_recipient_restrictions = [
"permit_mynetworks"
"permit_sasl_authenticated"
"reject_unauth_destination"
];
# master.cf configuration: Enable submission (port 587) for mail clients
# submission-options = {
# type = "inet";
# private = false;
# command = "smtpd";
# args = [
# "-o smtpd_tls_security_level=encrypt"
# "-o smtpd_sasl_auth_enable=yes"
# "-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject"
# "-o milter_macro_daemon_name=ORIGINATING"
# ];
# };
};
};
# create socket ala wiki
users.users."postfix" = {
createHome = true;
home = "/var/spool/postfix";
};
}

17
system-modules/nx2site/vmail.nix Normal file
View File

@@ -0,0 +1,17 @@
{ ... }:{
users = {
groups."vmail" = {};
users = {
"vmail" = {
isSystemUser = true;
group = "vmail";
home = "/var/spool/mail/vmail";
createHome = true;
};
# Permissions to allow Postfix and Dovecot to read ACME certificates
"postfix".extraGroups = [ "acme" ];
"dovecot2".extraGroups = [ "acme" ];
};
};
}

9
system-modules/postgres.nix
View File

@@ -27,6 +27,7 @@
"gitea"
"vaultwarden"
"paperless"
"nxcaldav"
"nextcloud"
];
settings = {
@@ -47,11 +48,15 @@
ensureDBOwnership = true;
}
{
name = "nextcloud";
name = "paperless";
ensureDBOwnership = true;
}
{
name = "paperless";
name = "nxcaldav";
ensureDBOwnership = true;
}
{
name = "nextcloud";
ensureDBOwnership = true;
}
];

31
system-modules/simple-postgres.nix Normal file
View File

@@ -0,0 +1,31 @@
{ pkgs, ... }@all: with all; {
services.postgresql = lib.mkIf (!hyper.isServer) {
enable = false;
ensureUsers = [{
name = "nxcaldav";
ensureDBOwnership = true;
}];
package = pkgs.postgresql_16; # https://stackoverflow.com/questions/51688193/how-to-upgrade-postgresql-in-nixos
dataDir = "/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}"; # default
enableJIT = false; # default
initdbArgs = []; # default
checkConfig = true; # default
enableTCPIP = false;
# # extraPlugins =
initialScript = null; # default
authentication = lib.mkForce ''
# TYPE DATABASE USER ADDRESS METHOD
local all all trust
host all all 127.0.0.1/32 trust #scram-sha-256
host all all ::1/128 trust #scram-sha-256
'';
settings = {
port = 5432; # default
listen_addresses = lib.mkForce "127.0.0.1";
log_line_prefix = "[%p] "; # default
shared_preload_libraries = [ ]; # default
};
ensureDatabases = [ "nxcaldav" ];
};
}

36
system-modules/stay-up.nix Normal file
View File

@@ -0,0 +1,36 @@
{ config, pkgs, ... }@all: with all; let
target = "1.1.1.1";
timeoutMinutes = 5;
logFile = "/var/log/stay-up.log";
in {
systemd.services.wifi-watchdog = {
description = "Wi-Fi Watchdog Service";
after = [ "network.target" "NetworkManager.service" ];
wantedBy = [ "multi-user.target" ];
path = with pkgs; [ iputils networkmanager coreutils ];
script = /* bash */ ''
FAIL_COUNT=0
touch "${logFile}"
while true; do
if ping -c 1 -W 5 "${target}" > /dev/null 2>&1; then
FAIL_COUNT=0
else
FAIL_COUNT=$((FAIL_COUNT + 1))
if [ "$FAIL_COUNT" -ge "${toString timeoutMinutes}" ]; then
echo "$(date -Iseconds): Network unreachable for ${toString timeoutMinutes} minutes. Restarting Wi-Fi." >> "${logFile}"
nmcli radio wifi off
sleep 5
nmcli radio wifi on
FAIL_COUNT=0
fi
fi
sleep 60
done
'';
serviceConfig = {
Restart = "always";
RestartSec = "10";
User = "root"; # Root is required to execute nmcli radio commands and write to /var/log/
};
};
}

21
system-modules/tuda.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, ... }@all: with all;
{
{ pkgs, ... }@all: with all; {
environment.etc = {
"ssl/certs/tuda-eduroam-root.crt".source = "${pkgs.cacert.unbundled}/etc/ssl/certs/T-TeleSec_GlobalRoot_Class_2:1.crt";
};
@@ -10,4 +9,22 @@
path = "/etc/NetworkManager/system-connections/eduroam.nmconnection";
};
};
environment.systemPackages = with pkgs; [
openconnect
networkmanager-openconnect
(pkgs.writeShellScriptBin "connect_to_tuda" ''
sudo $(grep ExecStart /etc/systemd/system/openconnect-tuda.service | cut -c 11-)
'')
];
networking.openconnect = {
package = pkgs.openconnect;
interfaces = {
tuda = {
autoStart = false;
gateway = "vpn.hrz.tu-darmstadt.de";
protocol = "anyconnect";
user = secrets.email.tuda.tuid;
};
};
};
}