nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: nx2:gitea
Branches Tags
nx2:master nx2:nod nx2:gitea nx2:north
...
compare: nx2:971cea54182076de6a2c758d5259814ca1d3b316
Branches Tags
nx2:master nx2:nod nx2:gitea nx2:north

15 Commits
gitea ... 971cea5418

Author SHA1 Message Date
Lennart J. Kurzweg (Nx2)
971cea5418 steam 2024-11-21 22:19:14 +01:00
Lennart J. Kurzweg (Nx2)
d12b9ddf2f Merge branch 'master' of ssh://ssh.nx2.site:50022/nx2/dotfiles 2024-11-21 22:17:48 +01:00
Lennart J. Kurzweg (Nx2)
e4ec830aaa better health reminder 2024-11-21 22:07:53 +01:00
Lennart J. Kurzweg (Nx2)
ebb1da3fc2 typo 2024-11-21 22:07:36 +01:00
Lennart J. Kurzweg (Nx2)
80e06b3f49 more userChrome 2024-11-21 22:07:31 +01:00
Lennart J. Kurzweg (Nx2)
605381b553 waybar prettier battery 2024-11-21 22:07:07 +01:00
Lennart J. Kurzweg (Nx2)
298d31e21a submaps als functions + TUDa submap 2024-11-21 22:06:55 +01:00
Lennart J. Kurzweg (Nx2)
947b824796 hyprland nxcolor-functions better 2024-11-21 22:06:03 +01:00
Lennart J. Kurzweg (Nx2)
edbe4e7f66 moved NORTH screen 2024-11-20 01:27:20 +01:00
Lennart J. Kurzweg (Nx2)
dbccb827ad games also on ACE 2024-11-20 01:25:42 +01:00
Lennart J. Kurzweg (Nx2)
f5af726382 nx2site gitea and vaultwarden (working) 2024-11-20 01:24:57 +01:00
Lennart J. Kurzweg (Nx2)
e95332cedb Merge branch 'master' of ssh://ssh.nx2.site:20022/nx2/dotfiles 2024-11-15 14:10:50 +01:00
Lennart J. Kurzweg (Nx2)
6a7d8fe4be nx2site002 (unready) 2024-11-15 14:10:48 +01:00
Lennart J. Kurzweg (Nx2)
37eb70db63 Merge branch 'master' of ssh://ssh.nx2.site:20022/nx2/dotfiles 2024-11-14 01:21:42 +01:00
Lennart J. Kurzweg (Nx2)
77e9aa4ddd games 2024-11-14 01:21:34 +01:00
19 changed files with 430 additions and 540 deletions
Expand all files Collapse all files

6
configuration.nix
View File

@@ -6,6 +6,7 @@
./system-modules/auto-mount.nix ./system-modules/auto-mount.nix
./system-modules/hardware-configuration.nix ./system-modules/hardware-configuration.nix
./system-modules/fuse.nix ./system-modules/fuse.nix
./system-modules/games.nix
./system-modules/nvidia.nix ./system-modules/nvidia.nix
./system-modules/users.nix ./system-modules/users.nix
./system-modules/sound.nix ./system-modules/sound.nix
@@ -41,8 +42,8 @@
./system-modules/nx2site.nix ./system-modules/nx2site.nix
./system-modules/postgres.nix ./system-modules/postgres.nix
./system-modules/nx2site/proxy.nix ./system-modules/nx2site/proxy.nix
# ./system-modules/nx2site/gitea.nix ./system-modules/nx2site/gitea.nix
# ./system-modules/nx2site/vaultwarden.nix ./system-modules/nx2site/vaultwarden.nix
] else []); ] else []);
# Set your time zone. # Set your time zone.
@@ -99,6 +100,7 @@
blueman blueman
dmidecode dmidecode
file file
cowsay
# ]) ++ (with pkgs-unstable; [ # ]) ++ (with pkgs-unstable; [
# # sendme # # sendme
]); ]);

BIN
git-crypt/secrets.nix
View File

Binary file not shown.

53
home-modules/firefox.nix
View File

@@ -140,7 +140,6 @@
@-moz-document domain(reddit.com) { @-moz-document domain(reddit.com) {
header { header {
background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency}) !important; background-color: rgba(${rice.lib.hex-to-rgb-comma-string background},${builtins.toString rice.transparency}) !important;
backdrop-filter: blur(20px);
} }
body, html, reddit-sidebar-nav, shreddit-post, aside, .reddit-search-bar{ body, html, reddit-sidebar-nav, shreddit-post, aside, .reddit-search-bar{
background-color: transparent !important; background-color: transparent !important;
@@ -171,6 +170,24 @@
} }
} }
@media (prefers-color-scheme: dark) {
:root .theme-system {
--color-bg: transtparent !important;
--color-text: ${rice.color.foreground}
}
}
@-moz-document domain(developer.mozilla.org) {
html, body {
background-color: transparent !important;
}
.top-navigation, .article-actions-container {
background-color: rgba(0,0,0,1) !important;
backdrop-filter: blur(100px);
border-radius: ${builtins.toString rice.rounding}px;
}
}
@-moz-document domain(github.com) { @-moz-document domain(github.com) {
body, html, header, #repository-container-header, .bgColor-muted, section { body, html, header, #repository-container-header, .bgColor-muted, section {
background-color: transparent !important; background-color: transparent !important;
@@ -182,7 +199,8 @@
background-color: transparent !important; background-color: transparent !important;
} }
header, footer { header, footer {
background-color: rgba(0,0,0,0.5) !important; background-color: rgba(0,0,0,1) !important;
backdrop-filter: blur(100px);
border-radius: ${builtins.toString rice.rounding}px; border-radius: ${builtins.toString rice.rounding}px;
} }
} }
@@ -203,6 +221,37 @@
background-size: 2vmin 2vmin !important; background-size: 2vmin 2vmin !important;
} }
} }
@-moz-document domain(pw.nx2.site) {
html {
background: radial-gradient(rgba(255, 255, 255, 0.8) 5%, transparent 5%) !important;
background-repeat: repeat !important;
background-size: 2vmin 2vmin !important;
}
body, .tw-bg-background-alt3, main, .card-header, .card-body, .modal-body {
background-color: transparent !important;
}
.modal-open, .modal-header, form.modal-content, .modal-footer {
background-color: rgba(0,0,0,0.8) !important;
backdrop-filter: blur(5px);
}
.cdk-virtual-scroll-content-wrapper, .card, .tw-bg-background, .modal-content {
background-color: rgba(0,0,0,0.8) !important;
border-radius: 10px !important;
border: ${toString rice.border-width}px solid ${border} !important;
}
}
@-moz-document domain(chatgpt.com) {
body, html , .bg-token-sidebar-surface-primary {
background-color: transparent !important;
}
.bg-token-main-surface-primary {
background-color: rgba(0,0,0,1) !important;
backdrop-filter: blur(100px) !important;
border-radius: ${builtins.toString rice.rounding}px !important;
}
}
''; '';
}; };
} }

19
home-modules/games.nix
View File

@@ -1,7 +1,18 @@
{ pkgs, lib, host, ... }: { pkgs-unstable, pkgs, lib, host, ... }:
lib.mkIf (host != "NxACE") lib.mkIf (host == "NxNORTH" || host == "NxACE")
{ {
home.packages = with pkgs; [ home = {
packages = (with pkgs-unstable; [
protonup
mangohud
# heroic
mindustry-wayland mindustry-wayland
]; ]) ++ [ pkgs.heroic ];
sessionVariables = {
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d";
};
};
} }

2
home-modules/helix.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, pkgs-unstable,lib, rice, ... }: { pkgs, pkgs-unstable, lib, rice, ... }:
{ {
home = { home = {
packages = with pkgs; [ packages = with pkgs; [

423
home-modules/hyprland.nix
View File

@@ -21,13 +21,13 @@ let
main = { main = {
name = "DP-4"; name = "DP-4";
resolution = "2560x1440"; resolution = "2560x1440";
position = "1920x0"; position = "1920x150";
scale = "1.0"; scale = "1.0";
}; };
left = { left = {
name = "HDMI-A-2"; name = "HDMI-A-2";
resolution = "1920x1080"; resolution = "1920x1080";
position = "0x360"; position = "0x0";
scale = "1.0"; scale = "1.0";
}; };
# right = { # right = {
@@ -52,6 +52,7 @@ in {
hyprland-protocols hyprland-protocols
hyprlock hyprlock
hypridle hypridle
hyprpicker
hyprcursor hyprcursor
grim grim
@@ -333,8 +334,8 @@ in {
"SUPER, F6, exec, kitty -e 'htop'" "SUPER, F6, exec, kitty -e 'htop'"
"SUPER, F7, exec, kitty -e 'nmtui'" "SUPER, F7, exec, kitty -e 'nmtui'"
''SUPER, F8, exec, find ~/Pictures/wallpapers/* -type f -not -path "~/Pictures/wallpapers/.git/*" | sort -R | head -n 1 | xargs swww img --transition-type wipe --transition-angle 60 --transition-step 120 --transition-fps 120'' ''SUPER, F8, exec, find ~/Pictures/wallpapers/* -type f -not -path "~/Pictures/wallpapers/.git/*" | sort -R | head -n 1 | xargs swww img --transition-type wipe --transition-angle 60 --transition-step 120 --transition-fps 120''
''SUPER, F9, exec, kitty -e sh -c 'change_colors_json $(swww query | sed -n 1p | sed -e "s-.*image: --g") && nh home switch && firefox /home/${user}/.config/color-pallete.html' '' "SUPER, F9, execr, waybar_mode set '󰸉 '"
''SUPER SHIFT, F9, exec, firefox /home/${user}/.config/color-pallete.html '' "SUPER, F9, submap, color"
# "SUPER, F10, hyprload,update" # "SUPER, F10, hyprload,update"
"SUPER, F11, exec, waybar" "SUPER, F11, exec, waybar"
"SUPER SHIFT, F11, exec, pkill waybar " "SUPER SHIFT, F11, exec, pkill waybar "
@@ -387,7 +388,8 @@ in {
# "SUPER SHIFT, T, exec, alacritty -e sh -c "ssh nxace"" # "SUPER SHIFT, T, exec, alacritty -e sh -c "ssh nxace""
"SUPER, T, exec, SESSION_FROM_DE=TRUE kitty" "SUPER, T, exec, SESSION_FROM_DE=TRUE kitty"
"SUPER SHIFT, T, exec, kitty -e sh -c 'ssh nxace'" "SUPER SHIFT, T, exec, kitty -e sh -c 'ssh nxace'"
# "SUPER, Z, " "SUPER, Z, exec, waybar_mode set ' '"
"SUPER, Z, submap, tuda"
"SUPER, U, exec, thunderbird " "SUPER, U, exec, thunderbird "
"SUPER, I, exec, kitty -e fish -c 'hx ~/nix-dots/ && fish'" "SUPER, I, exec, kitty -e fish -c 'hx ~/nix-dots/ && fish'"
"SUPER SHIFT, I, exec, kitty -e fish -c 'nh home switch || read'" "SUPER SHIFT, I, exec, kitty -e fish -c 'nh home switch || read'"
@@ -396,7 +398,8 @@ in {
"SUPER, P, pin " "SUPER, P, pin "
# "SUPER, Ü," # "SUPER, Ü,"
# "SUPER, +," # "SUPER, +,"
# "SUPER, Enter," "SUPER, Enter, exec, SESSION_FROM_DE=TRUE kitty"
########################################################################### ###########################################################################
## ROW 3: ## ROW 3:
@@ -424,6 +427,7 @@ in {
"SUPER, X, exec, pkill wlogout || wlogout --protocol layer-shell -b 3" "SUPER, X, exec, pkill wlogout || wlogout --protocol layer-shell -b 3"
# "SUPER, C, exec, /home/nx2/scripts/quickconfig/quickconfig.sh " # "SUPER, C, exec, /home/nx2/scripts/quickconfig/quickconfig.sh "
"SUPER, C, exec, chatterino" "SUPER, C, exec, chatterino"
"SUPER SHIFT, C, exec, hyprpicker -n -a"
"SUPER, V, togglefloating, " "SUPER, V, togglefloating, "
"SUPER, B, exec, bitwarden" "SUPER, B, exec, bitwarden"
"SUPER, N, togglesplit" "SUPER, N, togglesplit"
@@ -504,382 +508,79 @@ in {
# 'Y8b. 88 88 88''Yb. 88 88 8888888 888888P' 'Y8b. # 'Y8b. 88 88 88''Yb. 88 88 8888888 888888P' 'Y8b.
# db 8D 88. .88 88 8D 88 88 88' '88 88 db 8D # db 8D 88. .88 88 8D 88 88 88' '88 88 db 8D
# '8888Y' 'Y8888P' Y8888P' YP YP 88 YP YP '8888Y' # '8888Y' 'Y8888P' Y8888P' YP YP 88 YP YP '8888Y'
extraConfig = '' extraConfig = let
action_simple = { mods ? "", key, cmd }: ''
bind=${mods},${key},execr,waybar_mode unset
bind=${mods},${key},${cmd}
bind=${mods},${key},submap,reset
'';
extra_workspace = { key, wsnumber }: ''
bind=,${key},execr,waybar_mode unset
bind=,${key},workspace,${wsnumber}
bind=,${key},submap,reset
bind=SUPER,${key},execr,waybar_mode unset
bind=SUPER,${key},workspace,${wsnumber}
bind=SUPER,${key},submap,reset
bind=SUPER SHIFT,${key},execr, waybar_mode unset
bind=SUPER SHIFT,${key},movetoworkspace,${wsnumber}
bind=SUPER SHIFT,${key},submap,reset
'';
in ''
submap = browserSM submap = browserSM
bind = , W, exec, waybar_mode unset ${action_simple { key = "A"; cmd = "exec,firefox https://www.amazon.de/b?node=3010075031&ref_=nav_ya_signin";}}
bind = , W, exec, hyprctl dispatch exec firefox ${action_simple { key = "C"; cmd = "exec,firefox https://calendar.google.com";}}
bind = , W, submap, reset ${action_simple { key = "D"; cmd = "exec,firefox https://www.disneyplus.com/home";}}
${action_simple { key = "H"; cmd = "exec,firefox https://www.hs-mittweida.de";}}
bind = , Y, exec, waybar_mode unset ${action_simple { key = "I"; cmd = "exec,firefox https://www.imdb.com";}}
bind = , Y, exec, firefox https://youtube.com ${action_simple { key = "L"; cmd = "exec,firefox https://feddit.de";}}
bind = , Y, submap, reset ${action_simple { key = "M"; cmd = "exec,firefox https://ieji.de/home";}}
${action_simple { key = "N"; cmd = "exec,firefox https://Netflix.com";}}
bind = , T, exec, waybar_mode unset ${action_simple { key = "R"; cmd = "exec,firefox https://reddit.com";}}
bind = , T, exec, hyprctl dispatch exec firefox https://twitch.tv ${action_simple { key = "S"; cmd = "exec,firefox 127.0.0.1:8384/";}}
bind = , T, submap, reset ${action_simple { key = "T"; cmd = "exec,hyprctl dispatch exec firefox https://twitch.tv";}}
${action_simple { key = "udiaeresis"; cmd = "exec,firefox https://translate.google.com";}}
bind = , R, exec, waybar_mode unset ${action_simple { key = "W"; cmd = "exec,hyprctl dispatch exec firefox";}}
bind = , R, exec, firefox https://reddit.com ${action_simple { key = "X"; cmd = "exec,firefox https://nx2.site";}}
bind = , R, submap, reset ${action_simple { key = "Y"; cmd = "exec,firefox https://youtube.com";}}
${action_simple { key = "P"; cmd = "exec,firefox https://pw.nx2.site";}}
bind = , C, exec, waybar_mode unset
bind = , C, exec, firefox https://calendar.google.com
bind = , C, submap, reset
bind = , Ü, exec, waybar_mode unset
bind = , Ü, exec, firefox https://translate.google.com
bind = , Ü, submap, reset
bind = , N, exec, waybar_mode unset
bind = , N, exec, firefox https://Netflix.com
bind = , N, submap, reset
bind = , A, exec, waybar_mode unset
bind = , A, exec, firefox https://www.amazon.de/b?node=3010075031&ref_=nav_ya_signin
bind = , A, submap, reset
bind = , D, exec, waybar_mode unset
bind = , D, exec, firefox https://www.disneyplus.com/home
bind = , D, submap, reset
bind = , H, exec, waybar_mode unset
bind = , H, exec, firefox https://www.hs-mittweida.de
bind = , H, submap, reset
bind = , X, exec, waybar_mode unset
bind = , X, exec, firefox https://nx2.site
bind = , X, submap, reset
bind = , L, exec, waybar_mode unset
bind = , L, exec, firefox https://feddit.de
bind = , L, submap, reset
bind = , I, exec, waybar_mode unset
bind = , I, exec, firefox https://www.imdb.com
bind = , I, submap, reset
bind = , M, exec, waybar_mode unset
bind = , M, exec, firefox https://ieji.de/home
bind = , M, submap, reset
bind = , S, exec, waybar_mode unset
bind = , S, exec, firefox 127.0.0.1:8384/
bind = , S, submap, reset
bind = , Escape, exec, waybar_mode unset bind = , Escape, exec, waybar_mode unset
bind = , Escape, submap, reset bind = , Escape, submap, reset
submap = reset submap = reset
submap = scrL submap = scrL
bind = , 1, execr, waybar_mode unset ${builtins.concatStringsSep "\n" (builtins.map (num: extra_workspace { key = builtins.toString num; wsnumber = "2" + builtins.toString num;}) [1 2 3 4 5 6 7 8 9 0])}
bind = , 1, workspace, 21
bind = , 1, submap, reset
bind = SUPER, 1, execr, waybar_mode unset
bind = SUPER, 1, workspace, 21
bind = SUPER, 1, submap, reset
bind = SUPER SHIFT, 1, execr, waybar_mode unset
bind = SUPER SHIFT, 1, movetoworkspace, 21
bind = SUPER SHIFT, 1, submap, reset
bind = , 2, execr, waybar_mode unset
bind = , 2, workspace, 22
bind = , 2, submap, reset
bind = SUPER, 2, execr, waybar_mode unset
bind = SUPER, 2, workspace, 22
bind = SUPER, 2, submap, reset
bind = SUPER SHIFT, 2, execr, waybar_mode unset
bind = SUPER SHIFT, 2, movetoworkspace, 22
bind = SUPER SHIFT, 2, submap, reset
bind = , 3, execr, waybar_mode unset
bind = , 3, workspace, 23
bind = , 3, submap, reset
bind = SUPER, 3, execr, waybar_mode unset
bind = SUPER, 3, workspace, 23
bind = SUPER, 3, submap, reset
bind = SUPER SHIFT, 3, execr, waybar_mode unset
bind = SUPER SHIFT, 3, movetoworkspace, 23
bind = SUPER SHIFT, 3, submap, reset
bind = , 4, execr, waybar_mode unset
bind = , 4, workspace, 24
bind = , 4, submap, reset
bind = SUPER, 4, execr, waybar_mode unset
bind = SUPER, 4, workspace, 24
bind = SUPER, 4, submap, reset
bind = SUPER SHIFT, 4, execr, waybar_mode unset
bind = SUPER SHIFT, 4, movetoworkspace, 24
bind = SUPER SHIFT, 4, submap, reset
bind = , 5, execr, waybar_mode unset
bind = , 5, workspace, 25
bind = , 5, submap, reset
bind = SUPER, 5, execr, waybar_mode unset
bind = SUPER, 5, workspace, 25
bind = SUPER, 5, submap, reset
bind = SUPER SHIFT, 5, execr, waybar_mode unset
bind = SUPER SHIFT, 5, movetoworkspace, 25
bind = SUPER SHIFT, 5, submap, reset
bind = , 6, execr, waybar_mode unset
bind = , 6, workspace, 26
bind = , 6, submap, reset
bind = SUPER, 6, execr, waybar_mode unset
bind = SUPER, 6, workspace, 26
bind = SUPER, 6, submap, reset
bind = SUPER SHIFT, 6, execr, waybar_mode unset
bind = SUPER SHIFT, 6, movetoworkspace, 26
bind = SUPER SHIFT, 6, submap, reset
bind = , 7, execr, waybar_mode unset
bind = , 7, workspace, 27
bind = , 7, submap, reset
bind = SUPER, 7, execr, waybar_mode unset
bind = SUPER, 7, workspace, 27
bind = SUPER, 7, submap, reset
bind = SUPER SHIFT, 7, execr, waybar_mode unset
bind = SUPER SHIFT, 7, movetoworkspace, 27
bind = SUPER SHIFT, 7, submap, reset
bind = , 8, execr, waybar_mode unset
bind = , 8, workspace, 28
bind = , 8, submap, reset
bind = SUPER, 8, execr, waybar_mode unset
bind = SUPER, 8, workspace, 28
bind = SUPER, 8, submap, reset
bind = SUPER SHIFT, 8, execr, waybar_mode unset
bind = SUPER SHIFT, 8, movetoworkspace, 28
bind = SUPER SHIFT, 8, submap, reset
bind = , 9, execr, waybar_mode unset
bind = , 9, workspace, 29
bind = , 9, submap, reset
bind = SUPER, 9, execr, waybar_mode unset
bind = SUPER, 9, workspace, 29
bind = SUPER, 9, submap, reset
bind = SUPER SHIFT, 9, execr, waybar_mode unset
bind = SUPER SHIFT, 9, movetoworkspace, 29
bind = SUPER SHIFT, 9, submap, reset
bind = , 0, execr, waybar_mode unset
bind = , 0, workspace, 20
bind = , 0, submap, reset
bind = SUPER, 0, execr, waybar_mode unset
bind = SUPER, 0, workspace, 20
bind = SUPER, 0, submap, reset
bind = SUPER SHIFT, 0, execr, waybar_mode unset
bind = SUPER SHIFT, 0, movetoworkspace, 20
bind = SUPER SHIFT, 0, submap, reset
bind = , A, execr, waybar_mode unset bind = , A, execr, waybar_mode unset
bind = , A, submap, reset bind = , A, submap, reset
bind = , Escape, execr, waybar_mode unset bind = , Escape, execr, waybar_mode unset
bind = , Escape, submap, reset bind = , Escape, submap, reset
submap = reset submap = reset
submap = scrR submap = scrR
bind = , 1, execr, waybar_mode unset ${builtins.concatStringsSep "\n" (builtins.map (num: extra_workspace { key = builtins.toString num; wsnumber = "3" + builtins.toString num;}) [1 2 3 4 5 6 7 8 9 0])}
bind = , 1, workspace, 31
bind = , 1, submap, reset
bind = SUPER, 1, execr, waybar_mode unset
bind = SUPER, 1, workspace, 31
bind = SUPER, 1, submap, reset
bind = SUPER SHIFT, 1, execr, waybar_mode unset
bind = SUPER SHIFT, 1, movetoworkspace, 31
bind = SUPER SHIFT, 1, submap, reset
bind = , 2, execr, waybar_mode unset
bind = , 2, workspace, 32
bind = , 2, submap, reset
bind = SUPER, 2, execr, waybar_mode unset
bind = SUPER, 2, workspace, 32
bind = SUPER, 2, submap, reset
bind = SUPER SHIFT, 2, execr, waybar_mode unset
bind = SUPER SHIFT, 2, movetoworkspace, 32
bind = SUPER SHIFT, 2, submap, reset
bind = , 3, execr, waybar_mode unset
bind = , 3, workspace, 33
bind = , 3, submap, reset
bind = SUPER, 3, execr, waybar_mode unset
bind = SUPER, 3, workspace, 33
bind = SUPER, 3, submap, reset
bind = SUPER SHIFT, 3, execr, waybar_mode unset
bind = SUPER SHIFT, 3, movetoworkspace, 33
bind = SUPER SHIFT, 3, submap, reset
bind = , 4, execr, waybar_mode unset
bind = , 4, workspace, 34
bind = , 4, submap, reset
bind = SUPER, 4, execr, waybar_mode unset
bind = SUPER, 4, workspace, 34
bind = SUPER, 4, submap, reset
bind = SUPER SHIFT, 4, execr, waybar_mode unset
bind = SUPER SHIFT, 4, movetoworkspace, 34
bind = SUPER SHIFT, 4, submap, reset
bind = , 5, execr, waybar_mode unset
bind = , 5, workspace, 35
bind = , 5, submap, reset
bind = SUPER, 5, execr, waybar_mode unset
bind = SUPER, 5, workspace, 35
bind = SUPER, 5, submap, reset
bind = SUPER SHIFT, 5, execr, waybar_mode unset
bind = SUPER SHIFT, 5, movetoworkspace, 35
bind = SUPER SHIFT, 5, submap, reset
bind = , 6, execr, waybar_mode unset
bind = , 6, workspace, 36
bind = , 6, submap, reset
bind = SUPER, 6, execr, waybar_mode unset
bind = SUPER, 6, workspace, 36
bind = SUPER, 6, submap, reset
bind = SUPER SHIFT, 6, execr, waybar_mode unset
bind = SUPER SHIFT, 6, movetoworkspace, 36
bind = SUPER SHIFT, 6, submap, reset
bind = , 7, execr, waybar_mode unset
bind = , 7, workspace, 37
bind = , 7, submap, reset
bind = SUPER, 7, execr, waybar_mode unset
bind = SUPER, 7, workspace, 37
bind = SUPER, 7, submap, reset
bind = SUPER SHIFT, 7, execr, waybar_mode unset
bind = SUPER SHIFT, 7, movetoworkspace, 37
bind = SUPER SHIFT, 7, submap, reset
bind = , 8, execr, waybar_mode unset
bind = , 8, workspace, 38
bind = , 8, submap, reset
bind = SUPER, 8, execr, waybar_mode unset
bind = SUPER, 8, workspace, 38
bind = SUPER, 8, submap, reset
bind = SUPER SHIFT, 8, execr, waybar_mode unset
bind = SUPER SHIFT, 8, movetoworkspace, 38
bind = SUPER SHIFT, 8, submap, reset
bind = , 9, execr, waybar_mode unset
bind = , 9, workspace, 39
bind = , 9, submap, reset
bind = SUPER, 9, execr, waybar_mode unset
bind = SUPER, 9, workspace, 39
bind = SUPER, 9, submap, reset
bind = SUPER SHIFT, 9, execr, waybar_mode unset
bind = SUPER SHIFT, 9, movetoworkspace, 39
bind = SUPER SHIFT, 9, submap, reset
bind = , 0, execr, waybar_mode unset
bind = , 0, workspace, 30
bind = , 0, submap, reset
bind = SUPER, 0, execr, waybar_mode unset
bind = SUPER, 0, workspace, 30
bind = SUPER, 0, submap, reset
bind = SUPER SHIFT, 0, execr, waybar_mode unset
bind = SUPER SHIFT, 0, movetoworkspace, 30
bind = SUPER SHIFT, 0, submap, reset
bind = , Y, execr, waybar_mode unset bind = , Y, execr, waybar_mode unset
bind = , Y, submap, reset bind = , Y, submap, reset
bind = , Escape, execr, waybar_mode unset bind = , Escape, execr, waybar_mode unset
bind = , Escape, submap, reset bind = , Escape, submap, reset
submap = reset submap = reset
submap = color
${action_simple { key = "W"; cmd = ''exec,kitty -e sh -c 'change_colors_json img $(swww query | sed -n 1p | sed -e "s-.*image: --g") && nh home switch''; }}
${action_simple { key = "M"; cmd = ''exec,change_colors_json manual && kitty -e sh -c 'nh home switch && firefox /home/${user}/.config/color-pallete.html' ''; }}
plugin { ${action_simple { key = "D"; cmd = ''exec,firefox /home/${user}/.config/color-pallete.html ''; }}
hyprexpo { bind = , Escape, execr, waybar_mode unset
columns = 5 bind = , Escape, submap, reset
gap_size = ${builtins.toString rice.gap-size}
bg_col = rgb(${builtins.substring 1 6 rice.color.background})
workspace_method = first 10 # [center/first] [workspace] e.g. first 1 or center m+1
enable_gesture = false # laptop touchpad, 4 fingers
gesture_distance = 300 # how far is the "max"
gesture_positive = true # positive = swipe down. Negative = swipe up.
}
}
plugin {
overview {
panelColor = rgba(00000088)
workspaceActiveBackground = rgba(00ff00ff)
workspaceInactiveBackground = rgba(0000ffff)
# workspaceActiveBorder =
# workspaceInactiveBorder =
dragAlpha = 0.5
panelHeight = 200
workspaceMargin = 30
workspaceBorderSize = 3
centerAligned = true
overrideGaps = false
gapsIn = 0
gapsOut = 0
hideBackgroundLayers = false
drawActiveWorkspace = true
autoDrag = true
autoScroll = true
exitOnClick = false
switchOnDrop = false
exitOnSwitch = trueß
showNewWorkspace = true
showEmptyWorkspace = false
}
}
# allows repeated switching with same keypress that starts the submap
binde = SUPER, TAB, exec, hyprswitch --daemon --do-initial-execute
bind = SUPER, TAB, submap, switch
bind = SUPER, TAB, exec, waybar_mode set "sw"
# allows repeated switching with same keypress that starts the submap
binde = SUPER SHIFT, TAB, exec, hyprswitch --daemon --do-initial-execute -r
bind = SUPER SHIFT, TAB, submap, switch
bind = SUPER, TAB, exec, waybar_mode set "swr"
submap = switch
# allow repeated window switching in submap (same keys as repeating while starting)
binde = SUPER, TAB, exec, hyprswitch --daemon
binde = SUPER SHIFT, TAB, exec, hyprswitch --daemon -r
# switch to specific window offset
bind = , 1, exec, hyprswitch --daemon --offset=1
bind = , 2, exec, hyprswitch --daemon --offset=2
bind = , 3, exec, hyprswitch --daemon --offset=3
bind = , 4, exec, hyprswitch --daemon --offset=4
bind = , 5, exec, hyprswitch --daemon --offset=5
bind = , 6, exec, hyprswitch --daemon --offset=6
bind = , 7, exec, hyprswitch --daemon --offset=7
bind = , 8, exec, hyprswitch --daemon --offset=8
bind = , 8, exec, hyprswitch --daemon --offset=8
bind = , 9, exec, hyprswitch --daemon --offset=9
bind = SUPER $reverse, 1, exec, hyprswitch --daemon --offset=1 -r
bind = SUPER $reverse, 2, exec, hyprswitch --daemon --offset=2 -r
bind = SUPER $reverse, 3, exec, hyprswitch --daemon --offset=3 -r
bind = SUPER $reverse, 4, exec, hyprswitch --daemon --offset=4 -r
bind = SUPER $reverse, 5, exec, hyprswitch --daemon --offset=5 -r
bind = SUPER $reverse, 6, exec, hyprswitch --daemon --offset=6 -r
bind = SUPER $reverse, 7, exec, hyprswitch --daemon --offset=7 -r
bind = SUPER $reverse, 8, exec, hyprswitch --daemon --offset=8 -r
bind = SUPER $reverse, 9, exec, hyprswitch --daemon --offset=9 -r
bind = SUPER $reverse, 5, exec, hyprswitch --daemon --offset=5 -r
# exit submap and stop hyprswitch
bindrt = SUPER, SUPER_L, exec, hyprswitch --stop-daemon
bindrt = SUPER, SUPER_L, submap, reset
bindrt = SUPER, SUPER_L, exec, waybar_mode unset
# if it somehow doesn't close on releasing $switch_release, escape can kill
bindr = ,escape, exec, pkill hyprswitch
bindr = ,escape, submap, reset
submap = reset submap = reset
submap = tuda
${action_simple { key = "T"; cmd = ''exec,firefox https://www.tucan.tu-darmstadt.de/''; }}
${action_simple { key = "M"; cmd = ''exec,firefox https://moodle.tu-darmstadt.de/''; }}
${action_simple { key = "I"; cmd = ''exec,firefox https://moodle.informatik.tu-darmstadt.de/''; }}
bind = , Escape, execr, waybar_mode unset
bind = , Escape, submap, reset
submap = reset
''; '';
}; };
@@ -893,7 +594,7 @@ in {
monitor = ${m} monitor = ${m}
# all these options are taken from hyprland, see https://wiki.hyprland.org/Configuring/Variables/#blur for explanations # all these options are taken from hyprland, see https://wiki.hyprland.org/Configuring/Variables/#blur for explanations
path = /home/nx2/Pictures/nix-wall.png path = /home/nx2/Pictures/wallpapers/nix-wall.png
blur_size = 4 blur_size = 4
blur_passes = 3 # 0 disables blurring blur_passes = 3 # 0 disables blurring
noise = 0.0117 noise = 0.0117

2
home-modules/ssh.nix
View File

@@ -21,7 +21,7 @@
HOST nxgit HOST nxgit
HostName ssh.${domain} HostName ssh.${domain}
User git User git
Port 20022 Port 50022
''; '';
}; };
} }

18
home-modules/wallpaper-to-colors.nix
View File

@@ -8,6 +8,7 @@
from colorsys import hls_to_rgb, rgb_to_hls from colorsys import hls_to_rgb, rgb_to_hls
import json import json
import sys import sys
import subprocess
from typing import Literal, cast from typing import Literal, cast
from numpy.typing import NDArray from numpy.typing import NDArray
from sklearn.cluster import KMeans from sklearn.cluster import KMeans
@@ -25,7 +26,7 @@ def fc(c: int) -> str:
return s return s
class Color(object): class Color(object):
def __init__(self, rgb: tuple[int, ...], frequency: float): def __init__(self, rgb: tuple[int, ...], frequency: float = 1):
assert len(rgb) == 3, "RGB values must be a tuple of length 3" assert len(rgb) == 3, "RGB values must be a tuple of length 3"
self.rgb = cast(tuple[int, int, int], rgb) self.rgb = cast(tuple[int, int, int], rgb)
self.freq: float = frequency self.freq: float = frequency
@@ -115,14 +116,23 @@ def extract_colors(
colors.sort(reverse=True) colors.sort(reverse=True)
return Palette(colors) return Palette(colors)
def hyprpicker() -> Color:
ret = str(subprocess.run(["${pkgs.hyprpicker}/bin/hyprpicker", "-f", "rgb"], capture_output=True).stdout)[2:-3]
return Color([int(c) for c in ret.split(" ")])
if __name__ == "__main__": if __name__ == "__main__":
img = sys.argv[1] if sys.argv[1] == "img":
img = sys.argv[2]
palette = extract_colors(image=img, palette_size=3) palette = extract_colors(image=img, palette_size=3)
accent = ensure_color(c=palette[0], alter_sat=False) accent = ensure_color(c=palette[0], alter_sat=False)
secondary = ensure_color(c=palette[1], alter_sat=True) secondary = ensure_color(c=palette[1], alter_sat=True)
tertiary = ensure_color(c=palette[2], alter_sat=False) tertiary = ensure_color(c=palette[2], alter_sat=False)
elif sys.argv[1] == "manual":
accent = ensure_color(c=hyprpicker(), alter_sat=False)
secondary = ensure_color(c=hyprpicker(), alter_sat=True)
tertiary = ensure_color(c=hyprpicker(), alter_sat=False)
weird = alter_hue(ilist=accent, hue=80) weird = alter_hue(ilist=accent, hue=80)
special = alter_hue(ilist=accent, hue=180) special = alter_hue(ilist=accent, hue=180)
foreground = alter_l(accent, 0.9) foreground = alter_l(accent, 0.9)

11
home-modules/waybar.nix
View File

@@ -238,11 +238,14 @@ in {
color: rgb(${f green.base});; color: rgb(${f green.base});;
} }
#battery.critical { #battery.charging {
color: rgb(${f red.dark});; color: rgb(${f green.base});
background: rgb(${f red.bright}); }
#battery.critical {
background: rgb(${f negative.base});
color: rgb(${f foreground});
} }
#battery.charging { color: rgb(${f green.base}); }
''; '';
#battery.critical:not(.charging) { #battery.critical:not(.charging) {

5
sops-secrets.yaml
View File

File diff suppressed because one or more lines are too long

15
system-modules/games.nix Normal file
View File

@@ -0,0 +1,15 @@
{ lib, host, ... }:
lib.mkIf (host == "NxNORTH" || host == "NxACE")
{
programs = {
steam = {
enable = true;
};
gamemode = {
enable = true;
};
gamescope = {
enable = true;
};
};
}

35
system-modules/health_reminder.nix
View File

@@ -1,7 +1,7 @@
{ config, pkgs, lib, host, ... }: { pkgs, lib, host, ... }:
lib.mkIf (host != "NxACE") lib.mkIf (host != "NxACE")
{ {
systemd.timers."health_reminder" = { systemd.user.timers."health_reminder" = {
enable = true; enable = true;
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
timerConfig = { timerConfig = {
@@ -11,11 +11,9 @@ lib.mkIf (host != "NxACE")
}; };
}; };
systemd.services."health_reminder" = systemd.user.services."health_reminder" = let
let hm = pkgs.writers.writePython3Bin "health_reminder" {
hm = text = /*python*/ ''
let p = /*python*/ ''
#!${pkgs.python3}/bin/python3
import random import random
import re import re
@@ -35,25 +33,22 @@ lib.mkIf (host != "NxACE")
return action return action
actions = [ actions = [
Action("look away for %o Seconds!",300, ["10", "15"] ), Action(action="look away for %o Seconds!", likelyhood=300, options=["10", "15"]),
Action("Posture Check!", 90 ), Action(action="Posture Check!", likelyhood=300),
Action("Do %o Biceps curls!", 5, ["50", "100", "150"] ), Action(action="Strech your upper body!", likelyhood=20),
Action("Do %o Shourlder thingees", 5, ["40 + 40", "50", "60"]), Action(action="Strech your core!", likelyhood=10),
Action("Plank for %o senonds!", 5, ["60", "60", "70"] ), Action(action="Strech your legs!", likelyhood=10),
Action("Strech your upper body!", 20 ), Action(action="Strech your arms/hands!", likelyhood=10),
Action("Strech your core!", 10 ), Action(action="Make Tea!", likelyhood=5),
Action("Strech your legs!", 10 ), Action(action="", likelyhood=2),
Action("Make Tea!", 5 ),
Action("Touch Grass!", 5 )
] ]
total_likelihood = sum(a.likelihood for a in actions) total_likelihood = sum(a.likelihood for a in actions)
random_action = random.choices(actions, [a.likelihood for a in actions], k=1)[0] random_action = random.choices(actions, [a.likelihood for a in actions], k=1)[0]
print(random_action) print(random_action)
''; '';
in pkgs.writeScriptBin "health_reminder" p; };
in in {
{
script = '' script = ''
set -eu set -eu
export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$UID/bus" export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$UID/bus"

109
system-modules/nx2site.nix
View File

@@ -1,9 +1,23 @@
{ config, pkgs, domain, secrets, ... }: { config, pkgs, user, domain, secrets, ... }:
let dns-user = "cloudflare"; in
{ {
sops.secrets = { sops.secrets = {
"nx2site/namecheap.pw" = { }; # "nx2site/namecheap.pw" = { };
# "nx2site/cloudflare/api-token-dns-edit" = { }; # "nx2site/cloudflare/api-token-dns-edit" = { };
"nx2site/cloudflare/global-api-key" = { }; "nx2site/cloudflare/global-api-key" = {
owner = dns-user;
};
};
users = {
users = {
"${dns-user}" = {
isSystemUser = true;
group = dns-user;
};
"${user}".extraGroups = [ dns-user ];
};
groups."${dns-user}" = {};
}; };
systemd = { systemd = {
@@ -19,22 +33,24 @@
u = let u = let
account_id = secrets.email.gmail-online.mail; account_id = secrets.email.gmail-online.mail;
zone_id = "33fecab36e060f49d492127345ea95a0"; zone_id = "33fecab36e060f49d492127345ea95a0";
record_id = { record_id = { # curl --request GET --url https://api.cloudflare.com/client/v4/zones/33fecab36e060f49d492127345ea95a0/dns_records --header 'Content-Type: application/json' --header 'X-Auth-Email: <hidden>@gmail.com' --header "X-Auth-Key: <hiddenreadinsops>" -s | jq
base = "58d3412e8d88889d1a611b3669f0700f"; base = "58d3412e8d88889d1a611b3669f0700f";
sub = "fc861353142bc05d5dbad1799178e6a1";
base6 = "d1b90e21d2d747dcb30448bd65312927"; base6 = "d1b90e21d2d747dcb30448bd65312927";
sub = "fc861353142bc05d5dbad1799178e6a1";
sub6 = "b8082b7afe9e80971fc9f9dda16ec284"; sub6 = "b8082b7afe9e80971fc9f9dda16ec284";
ssh = "c0f14f17f32d6595c202f041dd836eb3";
ssh6 = "f1ecb2d9d0522d4eec06437688ca76da";
}; };
passord-file-path = config.sops.secrets."nx2site/cloudflare/global-api-key".path; passord-file-path = config.sops.secrets."nx2site/cloudflare/global-api-key".path;
log-file-path = "/var/log/couldflare.log"; log-file-path = "/var/log/couldflare.log";
count-file-path = "/var/log/cloudflare-count.txt"; count-file-path = "/var/log/cloudflare-count.txt";
in pkgs.writers.writePython3Bin "dyn_dns" { in pkgs.writers.writePython3Bin "dyn_dns" {
libraries = with pkgs.python311Packages; [ requests ]; libraries = with pkgs.python311Packages; [ requests ];
flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" "E121" "E261" "E303"]; flakeIgnore = [ "E501" "E305" "E701" "E704" "E302" "E114" "F841" "E121" "E261" "E303" ];
} /* python */ '' } /* python */ ''
import requests import requests
import subprocess import subprocess
from datetime import datetime # from datetime import datetime
def get_public_ip(ipv6=False): def get_public_ip(ipv6=False):
return subprocess.run(['${pkgs.curl}/bin/curl', '-s', '-6' if ipv6 else '-4', 'https://ifconfig.me'], capture_output=True, text=True).stdout.strip() return subprocess.run(['${pkgs.curl}/bin/curl', '-s', '-6' if ipv6 else '-4', 'https://ifconfig.me'], capture_output=True, text=True).stdout.strip()
@@ -43,13 +59,13 @@
my_ip = get_public_ip() my_ip = get_public_ip()
my_ip6 = get_public_ip(ipv6=True) my_ip6 = get_public_ip(ipv6=True)
with open("${count-file-path}", "r") as f: # with open("${count-file-path}", "r") as f:
content = f.read() # content = f.read()
if content == "": count = 0 # if content == "": count = 0
else: count = int(content) # else: count = int(content)
count += 1 # count += 1
with open("${count-file-path}", "w") as f: # with open("${count-file-path}", "w") as f:
f.write(str(count)) # f.write(str(count))
# 4 # 4
with open("${passord-file-path}", 'r') as pw_file: with open("${passord-file-path}", 'r') as pw_file:
@@ -85,7 +101,7 @@
}, },
json={ json={
"comment": "Domain verification record", "comment": "Domain verification record",
"name": "${domain}", "name": "*.${domain}",
"proxied": True, "proxied": True,
"settings": {}, "settings": {},
"tags": [], "tags": [],
@@ -95,15 +111,34 @@
} }
) )
resp_sshd = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.ssh}',
headers={
'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "ssh.${domain}",
"proxied": False,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip,
"type": "A"
}
)
if resp_base.status_code != 200: if resp_base.status_code != 200:
print(resp_base.text) print(resp_base.text)
now_str = datetime.now().strftime('%Y/%m/%d-%R') # now_str = datetime.now().strftime('%Y/%m/%d-%R')
log_entry = f"At {now_str} - to {my_ip} - Response {resp_base.status_code}\n" # log_entry = f"At {now_str} - to {my_ip} - Response {resp_base.status_code}\n"
print(log_entry, end="") # print(log_entry, end="")
with open("${log-file-path}", 'a') as log_file: # with open("${log-file-path}", 'a') as log_file:
log_file.write(log_entry) # log_file.write(log_entry)
# Perform DNS updates # Perform DNS updates
# https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-update-dns-record # https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-update-dns-record
@@ -135,7 +170,7 @@
}, },
json={ json={
"comment": "Domain verification record", "comment": "Domain verification record",
"name": "${domain}", "name": "*.${domain}",
"proxied": True, "proxied": True,
"settings": {}, "settings": {},
"tags": [], "tags": [],
@@ -145,14 +180,32 @@
} }
) )
resp_sshd = requests.patch(
'https://api.cloudflare.com/client/v4/zones/${zone_id}/dns_records/${record_id.ssh6}',
headers={
'Content-Type': 'application/json',
'X-Auth-Email': '${account_id}',
'X-Auth-Key': pw
},
json={
"comment": "Domain verification record",
"name": "ssh.${domain}",
"proxied": False,
"settings": {},
"tags": [],
"ttl": 1, # automatic
"content": my_ip6,
"type": "AAAA"
}
)
if resp_base.status_code != 200: if resp_base.status_code != 200:
print(resp_base.text) print(resp_base.text)
# now_str = datetime.now().strftime('%Y/%m/%d-%R')
now_str = datetime.now().strftime('%Y/%m/%d-%R') # log_entry = f"At {now_str} - to {my_ip6} - Response {resp_base.status_code}\n"
log_entry = f"At {now_str} - to {my_ip6} - Response {resp_base.status_code}\n" # print(log_entry, end="")
print(log_entry, end="") # with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry)
with open("${log-file-path}", 'a') as log_file: log_file.write(log_entry)
if __name__ == "__main__": if __name__ == "__main__":
main() main()
@@ -164,7 +217,7 @@
''; '';
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
User = "root"; User = dns-user;
}; };
}; };
}; };
@@ -174,7 +227,7 @@
# "172.1.0.9" = [ "matrixdb.docker" ]; # "172.1.0.9" = [ "matrixdb.docker" ];
# "172.1.4.1" = [ "matrix-ss.docker" ]; # "172.1.4.1" = [ "matrix-ss.docker" ];
# "172.1.0.7" = [ "matrix-ssdb.docker" ]; # "172.1.0.7" = [ "matrix-ssdb.docker" ];
"172.1.5.1" = [ "pw.docker" ]; # "172.1.5.1" = [ "pw.docker" ];
"172.1.6.1" = [ "git.docker" ]; "172.1.6.1" = [ "git.docker" ];
# "172.1.0.10" = [ "gitdb.docker" ]; # "172.1.0.10" = [ "gitdb.docker" ];
# "172.1.7.1" = [ "nn.docker" ]; # "172.1.7.1" = [ "nn.docker" ];

71
system-modules/nx2site/gitea.nix
View File

@@ -1,26 +1,41 @@
{ config, pkgs-unstable, domain, ... }: { config, pkgs, secrets, user, domain, ... }:
let git-user = "git"; in
{ {
sops.secrets = { sops.secrets = {
"postgres-pw" = { owner = "gitea"; }; "postgres-pw" = { owner = config.services.gitea.user; };
};
environment.systemPackages = with pkgs; [
gitea
];
users = {
users = {
"${user}".extraGroups = [ git-user ];
"${git-user}" = {
isSystemUser = true;
group = git-user;
useDefaultShell = true;
home = config.services.gitea.stateDir;
openssh.authorizedKeys.keys = config.users.users."${user}".openssh.authorizedKeys.keys;
};
};
groups."${git-user}" = {};
}; };
services.gitea = { services.gitea = {
enable = true; enable = true;
package = pkgs-unstable.gitea; package = pkgs.gitea;
group = "gitea"; # default group = git-user;
user = "gitea"; # default user = git-user;
appName = "NxGit"; appName = "NxGit";
stateDir = "/var/lib/gitea"; # default stateDir = "/var/lib/gitea"; # default
useWizard = false; # default useWizard = false; # default
# camoHmacKeyFile = ; # camoHmacKeyFile = ;
customDir = "${config.services.gitea.stateDir}/custom"; # default
database = { database = {
createDatabase = false; # default createDatabase = false; # default
host = "127.0.0.1"; # default host = "127.0.0.1"; # default
port = 5432; port = 5432;
passwordFile = config.sops.secrets."postgres-pw".path; passwordFile = config.sops.secrets."postgres-pw".path;
# path = "${config.services.gitea.stateDir}/data/gitea.db"; # default
# socket = "/run/postgresql";
socket = null; socket = null;
type = "postgres"; type = "postgres";
name = "gitea"; # default name = "gitea"; # default
@@ -28,37 +43,35 @@
}; };
dump = { dump = {
enable = true; enable = true;
backupDir = "${config.services.gitea.stateDir}/dump"; # default backupDir = "/var/backup/gitea";
file = null; # default file = null; # default = chosen by gitea
interval = "daily"; interval = "daily";
type = "zip"; # default type = "zip"; # default
}; };
extraConfig = null; # default # extraConfig = null; # default
lfs = { # lfs = {
enable = false; # default # enable = false; # default
contentDir = "${config.services.gitea.stateDir}/data/lfs"; # default # contentDir = "${config.services.gitea.stateDir}/data/lfs"; # default
}; # };
mailerPasswordFile = null; # default # mailerPasswordFile = null; # default
metricsTokenFile = null; # default # metricsTokenFile = null; # default
repositoryRoot = "${config.services.gitea.stateDir}/repositories"; # default # repositoryRoot = "${config.services.gitea.stateDir}/repositories"; # default
settings = { settings = {
log = { log = {
LEVEL = "Info"; LEVEL = "Info";
# LEVEL = "Error"; # LEVEL = "Error";
ROOT_PATH = "${config.services.gitea.stateDir}/log"; # default
};
i18n = {
LANGS = "en-US";
}; };
server = { server = {
DISABLE_SSH = false; # default DISABLE_SSH = false; # default
SSH_PORT = 20022; START_SSH_SERVER = false; # default
DOMAIN = "pw2.${domain}"; SSH_LISTEN_HOST = "0.0.0.0";
HTTP_ADDR = "http://${config.services.gitea.settings.server.DOMAIN}:${toString config.services.gitea.settings.server.HTTP_PORT}/"; SSH_PORT = secrets.ssh.port;
HTTP_PORT = 3000; # default DOMAIN = "pw.${domain}";
PROTOCOL = "http"; # default SSH_DOMAIN = "ssh.${domain}";
ROOT_URL = "https:pw2.${domain}/"; # default # HTTP_ADDR = "${config.services.gitea.settings.server.DOMAIN}";
STATIC_ROOT_PATH = "${config.services.gitea.stateDir}/static"; # HTTP_PORT = 3000; # default
# PROTOCOL = "http"; # default
# ROOT_URL = "https:pw.${domain}/"; # default
}; };
session = { session = {
COOKIE_SECURE = true; COOKIE_SECURE = true;

35
system-modules/nx2site/proxy.nix
View File

@@ -14,7 +14,7 @@
}; };
certs = { certs = {
"${domain}" = { "${domain}" = {
extraDomainNames = builtins.map (subd: "${subd}.${domain}") [ "git" "git2" "pw" "pw2" "sync" ]; extraDomainNames = builtins.map (subd: "${subd}.${domain}") [ "git" "pw" "sync" ];
}; };
}; };
}; };
@@ -99,18 +99,20 @@
listen = dl; listen = dl;
locations = { "~.*" = { return = "502"; }; }; locations = { "~.*" = { return = "502"; }; };
}; };
# "pw.${domain}" = vh // {
# listen = dl;
# locations = let d = "pw.docker:80"; in {
# "/" = { proxyPass = "http://${d}"; };
# "/admin" = { proxyPass = "http://${d}"; };
# "/notifications/hub" = { proxyPass = "http://${d}"; };
# "/notifications/hub/negotiate" = { proxyPass = "http://${d}"; };
# };
# };
"pw.${domain}" = vh // { "pw.${domain}" = vh // {
listen = dl; listen = dl;
locations = let d = "pw.docker:80"; in { locations = let
"/" = { proxyPass = "http://${d}"; }; d = with config.services.vaultwarden.config; "${ROCKET_ADDRESS}:${builtins.toString ROCKET_PORT}";
"/admin" = { proxyPass = "http://${d}"; }; in {
"/notifications/hub" = { proxyPass = "http://${d}"; };
"/notifications/hub/negotiate" = { proxyPass = "http://${d}"; };
};
};
"pw2.${domain}" = vh // {
listen = dl;
locations = let d = "127.0.0.1:3000"; in {
"/" = { proxyPass = "http://${d}"; }; "/" = { proxyPass = "http://${d}"; };
"/admin" = { proxyPass = "http://${d}"; }; "/admin" = { proxyPass = "http://${d}"; };
"/notifications/hub" = { proxyPass = "http://${d}"; }; "/notifications/hub" = { proxyPass = "http://${d}"; };
@@ -121,13 +123,14 @@
listen = dl; listen = dl;
locations = { "/" = { proxyPass = "http://127.0.0.1:11434"; }; }; locations = { "/" = { proxyPass = "http://127.0.0.1:11434"; }; };
}; };
# "git.${domain}" = vh // {
# listen = dl;
# locations = { "/" = { proxyPass = "http://git.docker:3000"; }; };
# };
"git.${domain}" = vh // { "git.${domain}" = vh // {
http2 = false;
listen = dl; listen = dl;
locations = { "/" = { proxyPass = "http://git.docker:3000"; }; }; locations = { "/" = { proxyPass = "http://127.0.0.1:3000"; }; };
};
"git2.${domain}" = vh // {
listen = dl;
locations = { "/" = { proxyPass = "http://127.0.0.1:8222"; }; };
}; };
"~^(.*).${domain}$" = { "~^(.*).${domain}$" = {
listen = dl; listen = dl;

43
system-modules/nx2site/vaultwarden.nix
View File

@@ -0,0 +1,43 @@
{ config, pkgs, secrets, domain, ... }:
{
sops.secrets = {
"nx2site/vaultwarden.env" = {
owner = "vaultwarden";
};
};
services.vaultwarden = {
enable = true;
package = pkgs.vaultwarden;
webVaultPackage = pkgs.vaultwarden.webvault;
dbBackend = "postgresql";
# backupDir = "/var/backup/vaultwarden";
environmentFile = config.sops.secrets."nx2site/vaultwarden.env".path;
config = {
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
DATABASE_URL = "@DATABASE_URL@";
# DATABASE_URL = "postgresql://vaultwarden:fakepw123@127.0.0.1:5432/vaultwarden";
SMTP_HOST = "smtp.gmail.com";
SMTP_FROM = secrets.email.gmail-online.mail;
SMTP_PORT = 587;
SMTP_SECURITY = "starttls";
SMTP_USERNAME = secrets.email.gmail-online.mail;
SMTP_PASSWORD = "@SMTP_PASSWORD@";
LOGIN_RATELIMIT_MAX_BURST = 10;
LOGIN_RATELIMIT_SECONDS = 60;
DOMAIN = "https://pw.${domain}";
INVITATION_ORG_NAME = "NxPW";
INVITATIONS_ALLOWED = true;
ADMIN_TOKEN = "@ADMIN_TOKEN@";
SIGNUPS_ALLOWED = false;
SIGNUPS_VERIFY = true;
SIGNUPS_VERIFY_RESEND_TIME = 3600;
SIGNUPS_VERIFY_RESEND_LIMIT = 6;
EMERGENCY_ACCESS_ALLOWED = true;
SENDS_ALLOWED = true;
WEB_VAULT_ENABLED = true;
};
};
}

65
system-modules/postgres.nix
View File

@@ -23,7 +23,7 @@
# recoveryConfig = null; # recoveryConfig = null;
ensureDatabases = [ ensureDatabases = [
"gitea" "gitea"
# "vaultwarden" "vaultwarden"
]; ];
settings = { settings = {
port = 5432; # default port = 5432; # default
@@ -32,49 +32,40 @@
shared_preload_libraries = [ ]; # default shared_preload_libraries = [ ]; # default
}; };
ensureUsers = [ ensureUsers = [
# {
# name = "${user}";
# ensureDBOwnership = false;
# ensureClauses = {
# login = true;
# # inherit
# createdb = true;
# bypassrls = true;
# superuser = true;
# createrole = true;
# replication = true;
# };
# }
{
# as liong as there is no declarative user management you gotta set a pw by hand # as liong as there is no declarative user management you gotta set a pw by hand
# sudo -u postgres psql -c "ALTER USER gitea PASSWORD 'new-passwd';" # sudo -u postgres psql -c "ALTER USER gitea PASSWORD 'new-passwd';"
{
name = "gitea"; name = "gitea";
ensureDBOwnership = true; ensureDBOwnership = true;
} }
{
name = "vaultwarden";
ensureDBOwnership = true;
}
]; ];
}; };
# postgresqlBackup = { postgresqlBackup = {
# enable enable = true;
# startAt # startAt = "*-*-* 01:15:00";
# location # location = "/var/backup/postgresql";
# databases databases = config.services.postgresql.ensureDatabases;
# backupAll backupAll = false;
# compression # compression = "gzip";
# } # pgdumpOptions = "-C";
# compressionLevel = 6;
};
# postgresqlWalReceiver.receivers."main" = { # postgresqlWalReceiver.receivers."main" = {
# postgresqlPackage = pkgs.postgresql_15; # postgresqlPackage = pkgs.postgresql_15;
# directory = /mnt/pg_wal/main/; # directory = /mnt/pg_wal/main/;
# slot = "main_wal_receiver"; # slot = "main_wal_receiver";
# connection = "postgresql://user@somehost"; # connection = "postgresql://user@somehost";
# compress # compress
# extraArgs # extraArgs
# synchronous # synchronous
# environment # environment
# statusInterval # statusInterval
# }; # };
# } # };
}; };
} }

4
system-modules/sshd.nix
View File

@@ -3,7 +3,7 @@
{ {
environment.etc."ssh/ssh_host_ed25519_key.pub".text = if (host == "NxNORTH") then environment.etc."ssh/ssh_host_ed25519_key.pub".text = if (host == "NxNORTH") then
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF1r5gUQPPS/dGB0SsvWtP6WdNWoxMwhhHRrqlO19cJt root@NxNORTH" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF1r5gUQPPS/dGB0SsvWtP6WdNWoxMwhhHRrqlO19cJt root@NxNORTH"
else if ( host == "NxXPS") then else if ( host == "NxXPS" ) then
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPf+08+t8a0lY2+nR1mhIU3vuksStiJOlojJjzCwFk7r root@NxXPS" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPf+08+t8a0lY2+nR1mhIU3vuksStiJOlojJjzCwFk7r root@NxXPS"
else else
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBFfZpWVPlujsz3FklSVAM+tuYn4pzDSijhp5CeYNOZk root@NxACE"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBFfZpWVPlujsz3FklSVAM+tuYn4pzDSijhp5CeYNOZk root@NxACE";
@@ -13,7 +13,7 @@
}; };
services.openssh = { services.openssh = {
enable = true; enable = true;
ports = secrets.ssh.ports; ports = [ secrets.ssh.port ];
settings = { settings = {
PasswordAuthentication = false; PasswordAuthentication = false;
}; };

2
system-modules/users.nix
View File

@@ -6,6 +6,7 @@
users.users."${user}" = { users.users."${user}" = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ extraGroups = [
# TODO: actually put the groups into the relevant files
"networkmanager" "networkmanager"
"wheel" "wheel"
"audio" "audio"
@@ -18,7 +19,6 @@
"acme" "acme"
"nginx" "nginx"
"adbusers" "adbusers"
"gitea"
"postgres" "postgres"
]; ];
useDefaultShell = true; useDefaultShell = true;