summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--common/commandline.nix116
-rw-r--r--common/commandline/dircolors.nix7
-rw-r--r--common/commandline/git.nix87
-rw-r--r--common/commandline/htop.nix2
-rw-r--r--common/commandline/tmux.nix2
-rw-r--r--common/commandline/zsh.nix21
-rw-r--r--common/default.nix22
-rw-r--r--common/localization.nix11
-rw-r--r--common/nix.nix19
-rw-r--r--common/ssh.nix15
-rw-r--r--common/theme.nix2
-rw-r--r--common/tinc.nix45
-rw-r--r--common/vim.nix2
-rw-r--r--configuration.nix53
-rw-r--r--flake.lock82
-rw-r--r--flake.nix110
-rw-r--r--profiles/desktop.nix35
-rw-r--r--profiles/server.nix4
-rw-r--r--res/wallpapers/wallpaper-1920x1080-gnu-linux-card-black.pngbin0 -> 138881 bytes
-rw-r--r--res/wallpapers/wallpaper-1920x1080-install-gentoo.pngbin0 -> 96320 bytes
-rw-r--r--res/wallpapers/wallpaper-1920x1080-kali-dragon.pngbin0 -> 238479 bytes
-rw-r--r--res/wallpapers/wallpaper-1920x1080-kernel-card-black.pngbin0 -> 257606 bytes
-rw-r--r--res/wallpapers/wallpaper-1920x1080-kill-card-black.pngbin0 -> 168551 bytes
-rw-r--r--res/wallpapers/wallpaper-1920x1080-root-card-black.pngbin0 -> 156352 bytes
-rw-r--r--usecases/common/backup-client.nix2
-rw-r--r--usecases/desktop/default.nix11
-rw-r--r--usecases/desktop/graphical.nix73
-rw-r--r--usecases/desktop/graphical/alacritty.nix49
-rw-r--r--usecases/desktop/graphical/mpv.nix16
-rw-r--r--usecases/desktop/graphical/rofi.nix102
-rw-r--r--usecases/desktop/graphical/sway.nix263
-rw-r--r--usecases/desktop/graphical/waybar.nix288
-rw-r--r--usecases/desktop/graphical/zathura.nix55
-rw-r--r--usecases/desktop/pipewire.nix44
-rw-r--r--usecases/server/default.nix8
-rw-r--r--usecases/server/fail2ban.nix2
-rw-r--r--usecases/server/monitoring-target.nix4
37 files changed, 1378 insertions, 174 deletions
diff --git a/common/commandline.nix b/common/commandline.nix
index 36fae26..73dbb51 100644
--- a/common/commandline.nix
+++ b/common/commandline.nix
@@ -1,3 +1,5 @@
1inputs:
2
1{ config, pkgs, lib, ... }: 3{ config, pkgs, lib, ... }:
2 4
3with import ../lib/theme.nix { inherit lib; }; 5with import ../lib/theme.nix { inherit lib; };
@@ -8,11 +10,11 @@ let
8in 10in
9{ 11{
10 imports = [ 12 imports = [
11 ./commandline/dircolors.nix 13 (import ./commandline/dircolors.nix inputs)
12 ./commandline/git.nix 14 (import ./commandline/git.nix inputs)
13 ./commandline/htop.nix 15 (import ./commandline/htop.nix inputs)
14 ./commandline/tmux.nix 16 (import ./commandline/tmux.nix inputs)
15 ./commandline/zsh.nix 17 (import ./commandline/zsh.nix inputs)
16 ]; 18 ];
17 19
18 environment.shellAliases = { 20 environment.shellAliases = {
@@ -24,8 +26,6 @@ in
24 programs.bash = { 26 programs.bash = {
25 enableCompletion = true; 27 enableCompletion = true;
26 interactiveShellInit = '' 28 interactiveShellInit = ''
27 eval "$(${pkgs.starship}/bin/starship init bash)"
28
29 PATH="${pkgs.pazi}/bin:$PATH" 29 PATH="${pkgs.pazi}/bin:$PATH"
30 eval "$(pazi init bash)" 30 eval "$(pazi init bash)"
31 ''; 31 '';
@@ -42,67 +42,67 @@ in
42 }; 42 };
43 43
44 security.sudo.extraConfig = 44 security.sudo.extraConfig =
45 let 45 let
46 lectureFile = builtins.toFile "sudoers.lecture" '' 46 lectureFile = builtins.toFile "sudoers.lecture" ''
47  47 
48 ${dominantEscapeCode}"Bee" careful __ 48 ${dominantEscapeCode}"Bee" careful __
49 ${dominantEscapeCode}with sudo! // \ 49 ${dominantEscapeCode}with sudo! // \
50 \\_/ // 50 \\_/ //
51 '''-.._.-'''-.._.. -(||)(') 51 '''-.._.-'''-.._.. -(||)(')
52 '''' 52 ''''
53 53
54 ''; 54 '';
55 in 55 in
56 '' 56 ''
57 Defaults lecture = always 57 Defaults lecture = always
58 Defaults lecture_file = "${lectureFile}" 58 Defaults lecture_file = "${lectureFile}"
59 ''; 59 '';
60 60
61 home-manager.users.minijackson = { ... }: 61 home-manager.users.minijackson = { ... }: {
62 { 62 programs.bash.enable = true;
63 # TODO
64 xdg.configFile."starship.toml".text = ''
65 [directory]
66 fish_style_pwd_dir_length = 2
67 style = "bold blue"
68
69 [git_branch]
70 symbol = "branch "
71 63
72 [git_status] 64 programs.bat = {
73 ahead = "^" 65 enable = true;
74 behind = "v" 66 config = {
75 deleted = "x" 67 theme = "TwoDark";
76 68 };
77 [jobs] 69 };
78 symbol = "+ "
79
80 [package]
81 symbol = "version "
82 style = "bold green"
83 disabled = true
84
85 [rust]
86 symbol = "rust "
87 style = "bold dimmed yellow"
88 70
89 [nix_shell] 71 programs.pazi.enable = true;
90 style = "bold blue"
91 72
92 [character] 73 programs.starship = {
93 symbol = ">" 74 enable = true;
94 ''; 75 enableZshIntegration = false;
95 76
96 programs.bat = { 77 settings = {
97 enable = true; 78 character.symbol = ">";
98 config = { 79 directory = {
99 theme = "TwoDark"; 80 fish_style_pwd_dir_length = 2;
81 style = "bold blue";
82 };
83 git_branch.symbol = "branch ";
84 git_status = {
85 ahead = "^";
86 behind = "v";
87 deleted = "x";
88 };
89 jobs.symbol = "+ ";
90 nix_shell.style = "bold blue";
91 package = {
92 disabled = true;
93 style = "bold green";
94 symbol = "version ";
95 };
96 rust = {
97 style = "bold dimmed yellow";
98 symbol = "rust ";
100 }; 99 };
101 }; 100 };
102 }; 101 };
102 };
103 103
104 home-manager.users.root = { ... }: 104 home-manager.users.root = { ... }: {
105 { 105 programs.bash.enable = true;
106 programs.bat = config.home-manager.users.minijackson.programs.bat; 106 programs.bat = lib.mkDefault config.home-manager.users.minijackson.programs.bat;
107 }; 107 };
108} 108}
diff --git a/common/commandline/dircolors.nix b/common/commandline/dircolors.nix
index 7ef3a4d..f7bdae1 100644
--- a/common/commandline/dircolors.nix
+++ b/common/commandline/dircolors.nix
@@ -1,4 +1,6 @@
1{ config, ... }: 1inputs:
2
3{ config, lib, ... }:
2 4
3{ 5{
4 home-manager.users.minijackson = { ... }: 6 home-manager.users.minijackson = { ... }:
@@ -69,6 +71,7 @@
69 71
70 home-manager.users.root = { ... }: 72 home-manager.users.root = { ... }:
71 { 73 {
72 programs.dircolors = config.home-manager.users.minijackson.programs.dircolors; 74 programs.dircolors =
75 lib.mkDefault config.home-manager.users.minijackson.programs.dircolors;
73 }; 76 };
74} 77}
diff --git a/common/commandline/git.nix b/common/commandline/git.nix
index 597ef64..e231356 100644
--- a/common/commandline/git.nix
+++ b/common/commandline/git.nix
@@ -1,58 +1,61 @@
1{ config, pkgs, ... }: 1inputs:
2
3{ config, pkgs, lib, ... }:
2 4
3{ 5{
4 # TODO: add signing 6 # TODO: add signing
5 home-manager.users.minijackson = { ... }: 7 home-manager.users.minijackson = { ... }: {
6 {
7 programs.git = { 8 programs.git = {
8 enable = true; 9 enable = true;
9 package = pkgs.gitAndTools.gitFull; 10 package = pkgs.gitAndTools.gitFull;
10 userEmail = "minijackson@riseup.net"; 11 userEmail = "minijackson@riseup.net";
11 userName = "Minijackson"; 12 userName = "Minijackson";
12 13
13 extraConfig = let 14 extraConfig =
14 deltaCommand = "${pkgs.gitAndTools.delta}/bin/delta"; 15 let
15 in { 16 deltaCommand = "${pkgs.gitAndTools.delta}/bin/delta";
16 core = { 17 in
17 whitespace = "trailing-space,space-before-tab"; 18 {
18 pager = deltaCommand; 19 core = {
19 interactive.diffFilter = "${deltaCommand} --color-only"; 20 whitespace = "trailing-space,space-before-tab";
20 }; 21 pager = deltaCommand;
21 merge = { tool = "nvimdiff"; }; 22 interactive.diffFilter = "${deltaCommand} --color-only";
22 "mergetool \"nvimdiff\"" = { cmd = "nvim -d \"$LOCAL\" \"$MERGED\" \"$REMOTE\""; }; 23 };
23 24 merge = { tool = "nvimdiff"; };
24 delta = with config.theme.colors; { 25 "mergetool \"nvimdiff\"" = { cmd = "nvim -d \"$LOCAL\" \"$MERGED\" \"$REMOTE\""; };
25 features = "line-numbers decorations"; 26
26 whitespace-error-style = "22 reverse"; 27 delta = with config.theme.colors; {
27 decorations = { 28 features = "line-numbers decorations";
28 minus-style = "normal red"; 29 whitespace-error-style = "22 reverse";
29 minus-non-emph-style = "normal red"; 30 decorations = {
30 minus-emph-style = "normal brightred"; 31 minus-style = "normal red";
31 minus-empty-line-marker-style = "normal red"; 32 minus-non-emph-style = "normal red";
32 33 minus-emph-style = "normal brightred";
33 plus-style = "reverse green"; 34 minus-empty-line-marker-style = "normal red";
34 plus-non-emph-style = "reverse green"; 35
35 plus-emph-style = "reverse brightgreen"; 36 plus-style = "reverse green";
36 plus-empty-line-marker-style = "reverse green"; 37 plus-non-emph-style = "reverse green";
37 38 plus-emph-style = "reverse brightgreen";
38 whitespace-error-style = "reverse green"; 39 plus-empty-line-marker-style = "reverse green";
39 40
40 line-numbers-minus-style = "brightred"; 41 whitespace-error-style = "reverse green";
41 line-numbers-zero-style = "brightblack"; 42
42 line-numbers-plus-style = "brightgreen"; 43 line-numbers-minus-style = "brightred";
43 44 line-numbers-zero-style = "brightblack";
44 file-style = "bright${dominantName}"; 45 line-numbers-plus-style = "brightgreen";
45 line-numbers-left-style = dominantName; 46
46 line-numbers-right-style = dominantName; 47 file-style = "bright${dominantName}";
48 line-numbers-left-style = dominantName;
49 line-numbers-right-style = dominantName;
50 };
47 }; 51 };
48 };
49 52
50 }; 53 };
51 }; 54 };
52 }; 55 };
53 56
54 home-manager.users.root = { ... }: 57 home-manager.users.root = { ... }: {
55 { 58 programs.git =
56 programs.git = config.home-manager.users.minijackson.programs.git; 59 lib.mkDefault config.home-manager.users.minijackson.programs.git;
57 }; 60 };
58} 61}
diff --git a/common/commandline/htop.nix b/common/commandline/htop.nix
index f9732a6..95763a0 100644
--- a/common/commandline/htop.nix
+++ b/common/commandline/htop.nix
@@ -1,3 +1,5 @@
1inputs:
2
1{ config, ... }: 3{ config, ... }:
2 4
3{ 5{
diff --git a/common/commandline/tmux.nix b/common/commandline/tmux.nix
index aa4de9c..84d2cc8 100644
--- a/common/commandline/tmux.nix
+++ b/common/commandline/tmux.nix
@@ -1,3 +1,5 @@
1inputs:
2
1{ config, pkgs, ... } : 3{ config, pkgs, ... } :
2 4
3let 5let
diff --git a/common/commandline/zsh.nix b/common/commandline/zsh.nix
index 3376321..28899b1 100644
--- a/common/commandline/zsh.nix
+++ b/common/commandline/zsh.nix
@@ -1,3 +1,5 @@
1inputs:
2
1{ config, lib, pkgs, ... }: 3{ config, lib, pkgs, ... }:
2 4
3with import ../../lib/theme.nix { inherit lib; }; 5with import ../../lib/theme.nix { inherit lib; };
@@ -13,9 +15,6 @@ in
13 source "${pkgs.grml-zsh-config}/etc/zsh/zshrc" 15 source "${pkgs.grml-zsh-config}/etc/zsh/zshrc"
14 is4 && xsource "${pkgs.grml-zsh-config}/etc/zsh/keephack" 16 is4 && xsource "${pkgs.grml-zsh-config}/etc/zsh/keephack"
15 17
16 PATH="${pkgs.pazi}/bin:$PATH"
17 eval "$(pazi init zsh)"
18
19 source "${pkgs.zsh-history-substring-search}/share/zsh-history-substring-search/zsh-history-substring-search.zsh" 18 source "${pkgs.zsh-history-substring-search}/share/zsh-history-substring-search/zsh-history-substring-search.zsh"
20 19
21 function () { 20 function () {
@@ -30,8 +29,6 @@ in
30 (mapAttrsToList 29 (mapAttrsToList
31 (variable: value: "${variable}=\"${value}\"") 30 (variable: value: "${variable}=\"${value}\"")
32 config.programs.less.envVariables)} 31 config.programs.less.envVariables)}
33
34 #eval "$(${pkgs.starship}/bin/starship init zsh)"
35 ''; 32 '';
36 33
37 # otherwise it'll override the grml prompt 34 # otherwise it'll override the grml prompt
@@ -56,4 +53,18 @@ in
56 }; 53 };
57 54
58 users.defaultUserShell = pkgs.zsh; 55 users.defaultUserShell = pkgs.zsh;
56
57 home-manager.users.minijackson = { ... }: {
58 # Allows zsh config from home-manager
59 programs.zsh = {
60 enable = true;
61 # Completion is already handled by the GRML conf
62 enableCompletion = false;
63 };
64 };
65
66 home-manager.users.root = { ... }: {
67 programs.zsh =
68 lib.mkDefault config.home-manager.users.minijackson.programs.zsh;
69 };
59} 70}
diff --git a/common/default.nix b/common/default.nix
index fc9086b..d4e2e39 100644
--- a/common/default.nix
+++ b/common/default.nix
@@ -1,11 +1,21 @@
1{ ... }: 1inputs:
2
3{ config, ... }:
2 4
3{ 5{
4 imports = [ 6 imports = [
5 <home-manager/nixos> 7 (import ./commandline.nix inputs)
6 ./commandline.nix 8 (import ./localization.nix inputs)
7 ./theme.nix 9 (import ./nix.nix inputs)
8 ./tinc.nix 10 (import ./ssh.nix inputs)
9 ./vim.nix 11 (import ./theme.nix inputs)
12 (import ./tinc.nix inputs)
13 (import ./vim.nix inputs)
14 ];
15
16 nixpkgs.overlays = [
17 (final: prev: {
18 unstable = inputs.nixpkgs-unstable.legacyPackages.${config.nixpkgs.system};
19 })
10 ]; 20 ];
11} 21}
diff --git a/common/localization.nix b/common/localization.nix
new file mode 100644
index 0000000..958b36e
--- /dev/null
+++ b/common/localization.nix
@@ -0,0 +1,11 @@
1inputs:
2
3{ ... }:
4
5{
6 time.timeZone = "Europe/Paris";
7 i18n = {
8 defaultLocale = "en_US.UTF-8";
9 extraLocaleSettings = { LC_TIME = "en_DK.UTF-8"; };
10 };
11}
diff --git a/common/nix.nix b/common/nix.nix
new file mode 100644
index 0000000..f16e1d9
--- /dev/null
+++ b/common/nix.nix
@@ -0,0 +1,19 @@
1inputs:
2
3{ pkgs, ... }:
4
5{
6 nix = {
7 autoOptimiseStore = true;
8 gc = {
9 automatic = true;
10 dates = "03:15";
11 options = "--delete-older-than 30d";
12 };
13
14 package = pkgs.nixFlakes;
15 extraOptions = ''
16 experimental-features = nix-command flakes
17 '';
18 };
19}
diff --git a/common/ssh.nix b/common/ssh.nix
new file mode 100644
index 0000000..8bdabc2
--- /dev/null
+++ b/common/ssh.nix
@@ -0,0 +1,15 @@
1inputs:
2
3{ config, pkgs, modulesPath, lib, ... }:
4
5{
6 programs.gnupg.agent = {
7 enable = true;
8 enableSSHSupport = true;
9 };
10
11 services.openssh = {
12 enable = true;
13 passwordAuthentication = false;
14 };
15}
diff --git a/common/theme.nix b/common/theme.nix
index 675bc33..cadd65d 100644
--- a/common/theme.nix
+++ b/common/theme.nix
@@ -5,6 +5,8 @@
5# - https://github.com/morhetz/gruvbox 5# - https://github.com/morhetz/gruvbox
6# - https://github.com/morhetz/gruvbox-contrib 6# - https://github.com/morhetz/gruvbox-contrib
7 7
8inputs:
9
8{ config, lib, ... }: 10{ config, lib, ... }:
9 11
10with lib; 12with lib;
diff --git a/common/tinc.nix b/common/tinc.nix
index d86b19c..e06bd27 100644
--- a/common/tinc.nix
+++ b/common/tinc.nix
@@ -1,11 +1,15 @@
1inputs:
2
1{ config, lib, ... }: 3{ config, lib, ... }:
2 4
3with lib; 5with lib;
4with builtins; 6with builtins;
5let 7{
6 networks = attrNames (readDir ./tinc/private); 8 imports = [
7in { 9 (inputs.nixpkgs-unstable.outPath + "/nixos/modules/services/networking/tinc.nix")
8 imports = map (network: (./tinc/private + "/${network}")) networks; 10 ];
11
12 disabledModules = [ "services/networking/tinc.nix" ];
9 13
10 options.topology = { 14 options.topology = {
11 mainVpn = { 15 mainVpn = {
@@ -27,16 +31,33 @@ in {
27 }; 31 };
28 32
29 config = { 33 config = {
30 services.tinc.networks = genAttrs networks (network: { 34 # Tinc configuration is in downstream repo
31 name = config.networking.hostName;
32
33 hosts = let
34 hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
35 config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
36 in genAttrs hosts config;
37 });
38 35
39 networking.firewall.allowedUDPPorts = [ 655 ]; 36 networking.firewall.allowedUDPPorts = [ 655 ];
40 networking.firewall.allowedTCPPorts = [ 655 ]; 37 networking.firewall.allowedTCPPorts = [ 655 ];
38
39 networking.hosts =
40 with builtins;
41 with lib;
42 let
43 networks = config.services.tinc.networks;
44 hosts = (flatten
45 (mapAttrsToList
46 (name: network: mapAttrsToList
47 (host: settings: {
48 host = "${host}.${name}.vpn";
49 addresses = map (subnet: subnet.address) settings.subnets;
50 })
51 network.hostSettings)
52 networks));
53
54 addresses =
55 zipAttrs
56 (flatten
57 (forEach hosts ({ host, addresses }:
58 (forEach addresses (address:
59 { "${address}" = host; })))));
60 in
61 addresses;
41 }; 62 };
42} 63}
diff --git a/common/vim.nix b/common/vim.nix
index 821d43b..aa74a39 100644
--- a/common/vim.nix
+++ b/common/vim.nix
@@ -1,3 +1,5 @@
1inputs:
2
1{ config, pkgs, lib, ... }: 3{ config, pkgs, lib, ... }:
2 4
3let myNeovim = (pkgs.neovim.override { 5let myNeovim = (pkgs.neovim.override {
diff --git a/configuration.nix b/configuration.nix
index 1a5530f..b95c631 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -1,28 +1,15 @@
1# Edit this configuration file to define what should be installed on 1inputs:
2# your system. Help is available in the configuration.nix(5) man page
3# and in the NixOS manual (accessible by running ‘nixos-help’).
4 2
5{ config, pkgs, modulesPath, ... }: 3{ config, pkgs, modulesPath, lib, ... }:
6 4
7{ 5let
6 optionalImport = path:
7 lib.optional (builtins.pathExists path) path;
8in {
8 imports = [ 9 imports = [
9 ./hardware-configuration.nix 10 (import ./common/default.nix inputs)
10 ./host-secret.nix
11 ./common/default.nix
12 ]; 11 ];
13 12
14 # Set your time zone.
15 time.timeZone = "Europe/Paris";
16
17 # Select internationalisation properties.
18 i18n.defaultLocale = "en_US.UTF-8";
19 # console = {
20 # font = "Lat2-Terminus16";
21 # keyMap = "us";
22 # };
23
24 # List packages installed in system profile. To search, run:
25 # $ nix search wget
26 environment.systemPackages = with pkgs; [ 13 environment.systemPackages = with pkgs; [
27 wget 14 wget
28 vim tmux 15 vim tmux
@@ -36,37 +23,11 @@
36 shellcheck 23 shellcheck
37 ]; 24 ];
38 25
39 # Some programs need SUID wrappers, can be configured further or are
40 # started in user sessions.
41 # programs.mtr.enable = true;
42 # programs.gnupg.agent = {
43 # enable = true;
44 # enableSSHSupport = true;
45 # };
46
47 # List services that you want to enable:
48
49 # Enable the OpenSSH daemon.
50 services.openssh = {
51 enable = true;
52 passwordAuthentication = false;
53 };
54
55 # Define a user account. Don't forget to set a password with ‘passwd’.
56 users.extraUsers.minijackson = { 26 users.extraUsers.minijackson = {
57 isNormalUser = true; 27 isNormalUser = true;
58 extraGroups = [ "users" "wheel" ]; 28 extraGroups = [ "users" "wheel" ];
59 openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmyjB5yuU8GK3ZVFznELVEwXN7zzjQJcPYZ89YCGTANjPHpHxZv5R9/kgjTtIKrqqHdTvfr8V8sao9Nr7PhtcV9UywrFn+kplyGf9WDl2oDF9eZprX3beR9zwDj/YIcFRx3wXk4JK/ioZJjcVZ3+xWPixiFplvHIyMsTjKfgRplntHpvoyLM8vURjLOCdPr6SRPReVXuSR2DRlVO7q7y+4FwA1FKAndg9YACoM1g2bEJ6eGyCPp2kFde+GvMv1y6FlBS1OFddGmBpUJzJ4mQ4ebqDVFsKQMx1xCkiz0l7tfVpXqXToHF+baTESEKbC4654PunD99BC0J4otHKrerdmX0HdTgHKtAnslSwRD5NZVAojk/CR3DiSQYFSO9OhFVjHNQsc1zpoKPtJYMe1ax3pcvc+XLCrKLUdHH8x9rVGefZXwIyLrrGrB7fVlyIyX7j04dNALQZiuFOKCInaYypVLHLy0k+buhQlVqKCS6N1xP5O6JiWUKXFYYyoRmSoX9+bfPiwsMrPL+rYXkee0K67BI1NiFAYPmdFFM0jtdFaYuvgEAWw7b9WyWyO/JAdHRwtlqfAqraPBrb4sldvQfLBm8RdORBYMaVbg4EUKMOJjIeAAK+7xWPtg2XeJNnsje/IsWaVXIBx2IAC50uAnIZ/ksw5lyAZP+HyGIHhCAQChQ== minijackson@riseup.net"]; 29 openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmyjB5yuU8GK3ZVFznELVEwXN7zzjQJcPYZ89YCGTANjPHpHxZv5R9/kgjTtIKrqqHdTvfr8V8sao9Nr7PhtcV9UywrFn+kplyGf9WDl2oDF9eZprX3beR9zwDj/YIcFRx3wXk4JK/ioZJjcVZ3+xWPixiFplvHIyMsTjKfgRplntHpvoyLM8vURjLOCdPr6SRPReVXuSR2DRlVO7q7y+4FwA1FKAndg9YACoM1g2bEJ6eGyCPp2kFde+GvMv1y6FlBS1OFddGmBpUJzJ4mQ4ebqDVFsKQMx1xCkiz0l7tfVpXqXToHF+baTESEKbC4654PunD99BC0J4otHKrerdmX0HdTgHKtAnslSwRD5NZVAojk/CR3DiSQYFSO9OhFVjHNQsc1zpoKPtJYMe1ax3pcvc+XLCrKLUdHH8x9rVGefZXwIyLrrGrB7fVlyIyX7j04dNALQZiuFOKCInaYypVLHLy0k+buhQlVqKCS6N1xP5O6JiWUKXFYYyoRmSoX9+bfPiwsMrPL+rYXkee0K67BI1NiFAYPmdFFM0jtdFaYuvgEAWw7b9WyWyO/JAdHRwtlqfAqraPBrb4sldvQfLBm8RdORBYMaVbg4EUKMOJjIeAAK+7xWPtg2XeJNnsje/IsWaVXIBx2IAC50uAnIZ/ksw5lyAZP+HyGIHhCAQChQ== minijackson@riseup.net"];
60 }; 30 };
61 31
62 nix = {
63 autoOptimiseStore = true;
64 gc = {
65 automatic = true;
66 dates = "03:15";
67 options = "--delete-older-than 30d";
68 };
69 };
70
71 system.autoUpgrade.enable = true; 32 system.autoUpgrade.enable = true;
72} 33}
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..c0fde98
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,82 @@
1{
2 "nodes": {
3 "flake-utils": {
4 "locked": {
5 "lastModified": 1618217525,
6 "narHash": "sha256-WGrhVczjXTiswQaoxQ+0PTfbLNeOQM6M36zvLn78AYg=",
7 "owner": "numtide",
8 "repo": "flake-utils",
9 "rev": "c6169a2772643c4a93a0b5ac1c61e296cba68544",
10 "type": "github"
11 },
12 "original": {
13 "owner": "numtide",
14 "repo": "flake-utils",
15 "type": "github"
16 }
17 },
18 "home-manager": {
19 "inputs": {
20 "nixpkgs": [
21 "nixpkgs"
22 ]
23 },
24 "locked": {
25 "lastModified": 1617824794,
26 "narHash": "sha256-UGkvzx0nIXHhNq/KwJLjXvKAQRE2V33MuX+UirvqrkQ=",
27 "owner": "nix-community",
28 "repo": "home-manager",
29 "rev": "2aa20ae969f2597c4df10a094440a66e9d7f8c86",
30 "type": "github"
31 },
32 "original": {
33 "owner": "nix-community",
34 "ref": "release-20.09",
35 "repo": "home-manager",
36 "type": "github"
37 }
38 },
39 "nixpkgs": {
40 "locked": {
41 "lastModified": 1618750622,
42 "narHash": "sha256-AfRXbXH1t7WgDiHt+CWofoLuy12nfFTY4pZoGfPueQo=",
43 "owner": "NixOS",
44 "repo": "nixpkgs",
45 "rev": "b2a189a8618fc1ba61593016fe5699b38971b89f",
46 "type": "github"
47 },
48 "original": {
49 "owner": "NixOS",
50 "ref": "release-20.09",
51 "repo": "nixpkgs",
52 "type": "github"
53 }
54 },
55 "nixpkgs-unstable": {
56 "locked": {
57 "lastModified": 1618755104,
58 "narHash": "sha256-boqugaFW1nRuyu0w774WGgaaCEfCxn0Nf8z8GJziVmU=",
59 "owner": "NixOS",
60 "repo": "nixpkgs",
61 "rev": "5a333c5f091b88007caf1041bbb651867a449c5a",
62 "type": "github"
63 },
64 "original": {
65 "owner": "NixOS",
66 "ref": "master",
67 "repo": "nixpkgs",
68 "type": "github"
69 }
70 },
71 "root": {
72 "inputs": {
73 "flake-utils": "flake-utils",
74 "home-manager": "home-manager",
75 "nixpkgs": "nixpkgs",
76 "nixpkgs-unstable": "nixpkgs-unstable"
77 }
78 }
79 },
80 "root": "root",
81 "version": 7
82}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..4c31b37
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,110 @@
1{
2 description = "My NixOS configurations";
3
4 inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-20.09";
5 inputs.nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
6 inputs.flake-utils.url = "github:numtide/flake-utils";
7 inputs.home-manager = {
8 url = "github:nix-community/home-manager/release-20.09";
9 inputs.nixpkgs.follows = "nixpkgs";
10 };
11
12 outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, flake-utils, home-manager }: {
13
14 nixosModules = {
15 default = { ... }: {
16 imports = [
17 home-manager.nixosModules.home-manager
18 (import ./configuration.nix inputs)
19 ];
20 };
21
22 test = { config, ... }: {
23 imports = [ self.nixosModules.default ];
24
25 home-manager.users.minijackson.home.stateVersion = "20.09";
26 home-manager.users.root.home.stateVersion = "20.09";
27
28 users.users.minijackson.initialHashedPassword = "";
29 users.users.root.initialHashedPassword = "";
30
31 topology.mainVpn = {
32 interfaceName = "tinc.testNet";
33 subnet = "fd1f:340c:c5eb:9b18::/64";
34 currentNodeIP = "fd1f:340c:c5eb:9b18::1";
35 };
36
37 services.tinc.networks.testNet = { };
38
39 # TODO: automate that? {{{
40 networking.interfaces."tinc.testNet" = {
41 virtual = true;
42 virtualType = "tun";
43 ipv6.addresses = [{
44 address = config.topology.mainVpn.currentNodeIP;
45 prefixLength = 64;
46 }];
47 };
48
49 systemd.services."tinc.testNet" = {
50 after = [ "network-addresses-tinc.testNet.service" ];
51 requires = [ "network-addresses-tinc.testNet.service" ];
52 };
53 # }}}
54 };
55
56 usecases.common = {
57 backupClient = (import ./usecases/common/backup-client.nix inputs);
58 };
59
60 usecases.desktop = {
61 default = (import ./usecases/desktop/default.nix inputs);
62 };
63
64 usecases.server = {
65 default = (import ./usecases/server/default.nix inputs);
66 fail2ban = (import ./usecases/server/fail2ban.nix inputs);
67 monitoringTarget = (import ./usecases/server/monitoring-target.nix inputs);
68 };
69
70 profiles = {
71 desktop = (import ./profiles/desktop.nix inputs);
72 server = (import ./profiles/server.nix inputs);
73 };
74 };
75
76 nixosConfigurations = {
77 testDefault = nixpkgs.lib.nixosSystem {
78 system = "x86_64-linux";
79 modules = [
80 self.nixosModules.test
81 ];
82 };
83
84 testDesktop = nixpkgs.lib.nixosSystem {
85 system = "x86_64-linux";
86 modules = [
87 self.nixosModules.test
88 self.nixosModules.profiles.desktop
89 ({ modulesPath, ... }: {
90 imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ];
91
92 virtualisation = {
93 memorySize = 2048;
94 cores = 3;
95 };
96 })
97 ];
98 };
99
100 testServer = nixpkgs.lib.nixosSystem {
101 system = "x86_64-linux";
102 modules = [
103 self.nixosModules.test
104 self.nixosModules.profiles.server
105 ];
106 };
107 };
108
109 };
110}
diff --git a/profiles/desktop.nix b/profiles/desktop.nix
new file mode 100644
index 0000000..2546b76
--- /dev/null
+++ b/profiles/desktop.nix
@@ -0,0 +1,35 @@
1inputs:
2
3{ pkgs, ... }:
4
5{
6 imports = [
7 inputs.self.nixosModules.usecases.desktop.default
8 ];
9
10 users.extraUsers.minijackson.packages = with pkgs; [
11 pass
12 tmuxp
13 taskwarrior
14 tokei
15 neofetch
16 ffmpeg
17 youtube-dl
18 pavucontrol
19 pandoc
20 poppler_utils
21 # TODO: on development workstation
22 /*
23 rr
24 rtags
25 gcc
26 clang
27 clang-tools
28 */
29 aspell
30 aspellDicts.en
31 aspellDicts.en-computers
32 aspellDicts.en-science
33 aspellDicts.fr
34 ];
35}
diff --git a/profiles/server.nix b/profiles/server.nix
index 3084d26..ec4b1c6 100644
--- a/profiles/server.nix
+++ b/profiles/server.nix
@@ -1,9 +1,13 @@
1inputs:
2
1{ modulesPath, ... }: 3{ modulesPath, ... }:
2 4
3{ 5{
4 imports = [ 6 imports = [
5 (modulesPath + "/profiles/headless.nix") 7 (modulesPath + "/profiles/headless.nix")
6 (modulesPath + "/profiles/hardened.nix") 8 (modulesPath + "/profiles/hardened.nix")
9
10 inputs.self.nixosModules.usecases.server.default
7 ]; 11 ];
8 12
9} 13}
diff --git a/res/wallpapers/wallpaper-1920x1080-gnu-linux-card-black.png b/res/wallpapers/wallpaper-1920x1080-gnu-linux-card-black.png
new file mode 100644
index 0000000..ebc37e8
--- /dev/null
+++ b/res/wallpapers/wallpaper-1920x1080-gnu-linux-card-black.png
Binary files differ
diff --git a/res/wallpapers/wallpaper-1920x1080-install-gentoo.png b/res/wallpapers/wallpaper-1920x1080-install-gentoo.png
new file mode 100644
index 0000000..bf2b8c2
--- /dev/null
+++ b/res/wallpapers/wallpaper-1920x1080-install-gentoo.png
Binary files differ
diff --git a/res/wallpapers/wallpaper-1920x1080-kali-dragon.png b/res/wallpapers/wallpaper-1920x1080-kali-dragon.png
new file mode 100644
index 0000000..da384f3
--- /dev/null
+++ b/res/wallpapers/wallpaper-1920x1080-kali-dragon.png
Binary files differ
diff --git a/res/wallpapers/wallpaper-1920x1080-kernel-card-black.png b/res/wallpapers/wallpaper-1920x1080-kernel-card-black.png
new file mode 100644
index 0000000..33758f7
--- /dev/null
+++ b/res/wallpapers/wallpaper-1920x1080-kernel-card-black.png
Binary files differ
diff --git a/res/wallpapers/wallpaper-1920x1080-kill-card-black.png b/res/wallpapers/wallpaper-1920x1080-kill-card-black.png
new file mode 100644
index 0000000..30d06ec
--- /dev/null
+++ b/res/wallpapers/wallpaper-1920x1080-kill-card-black.png
Binary files differ
diff --git a/res/wallpapers/wallpaper-1920x1080-root-card-black.png b/res/wallpapers/wallpaper-1920x1080-root-card-black.png
new file mode 100644
index 0000000..7691360
--- /dev/null
+++ b/res/wallpapers/wallpaper-1920x1080-root-card-black.png
Binary files differ
diff --git a/usecases/common/backup-client.nix b/usecases/common/backup-client.nix
index 39e4ca1..a9acd7a 100644
--- a/usecases/common/backup-client.nix
+++ b/usecases/common/backup-client.nix
@@ -1,3 +1,5 @@
1inputs:
2
1{ config, lib, ... }: 3{ config, lib, ... }:
2 4
3with lib; 5with lib;
diff --git a/usecases/desktop/default.nix b/usecases/desktop/default.nix
new file mode 100644
index 0000000..8b6687a
--- /dev/null
+++ b/usecases/desktop/default.nix
@@ -0,0 +1,11 @@
1# A reasonable set of defaults for desktop
2
3inputs:
4
5{ ... }:
6
7{
8 imports = [
9 (import ./graphical.nix inputs)
10 ];
11}
diff --git a/usecases/desktop/graphical.nix b/usecases/desktop/graphical.nix
new file mode 100644
index 0000000..29b2db6
--- /dev/null
+++ b/usecases/desktop/graphical.nix
@@ -0,0 +1,73 @@
1inputs:
2
3{ pkgs, ... }:
4
5{
6 imports = [
7 (import ./pipewire.nix inputs)
8
9 (import ./graphical/alacritty.nix inputs)
10 (import ./graphical/mpv.nix inputs)
11 (import ./graphical/rofi.nix inputs)
12 (import ./graphical/sway.nix inputs)
13 (import ./graphical/waybar.nix inputs)
14 (import ./graphical/zathura.nix inputs)
15 ];
16
17 fonts = {
18 enableDefaultFonts = true;
19 fonts = with pkgs; [
20 fira
21 fira-mono
22 dejavu_fonts
23 freefont_ttf
24 liberation_ttf
25 noto-fonts-cjk
26 #fira-mono-italic
27 lmodern
28 # Symbols
29 unifont
30 siji
31 font-awesome_5
32 #joypixels
33 # Collections
34 league-of-moveable-type
35 ];
36
37 fontconfig = {
38 #ultimate.enable = true;
39
40 defaultFonts = {
41 serif = [ "DejaVu Serif" ];
42 sansSerif = [ "DejaVu Sans" ];
43 monospace = [ "Fira Mono" ];
44 #emoji = [ "JoyPixels" ];
45 };
46 };
47 };
48
49 hardware.opengl.enable = true;
50 programs.dconf.enable = true;
51
52 xdg = {
53 sounds.enable = true;
54 portal = {
55 enable = true;
56 extraPortals = with pkgs; [
57 xdg-desktop-portal-gtk
58 ];
59 gtkUsePortal = true;
60 };
61 };
62
63 # For KDEConnect
64 networking.firewall.allowedTCPPortRanges = [{ from = 1714; to = 1764; }];
65 networking.firewall.allowedUDPPortRanges = [{ from = 1714; to = 1764; }];
66
67 home-manager.users.minijackson = {
68 services.kdeconnect = {
69 enable = true;
70 indicator = true;
71 };
72 };
73}
diff --git a/usecases/desktop/graphical/alacritty.nix b/usecases/desktop/graphical/alacritty.nix
new file mode 100644
index 0000000..3e5795b
--- /dev/null
+++ b/usecases/desktop/graphical/alacritty.nix
@@ -0,0 +1,49 @@
1inputs:
2
3{ config, ... }:
4
5{
6 home-manager.users.minijackson.programs.alacritty = {
7 enable = true;
8 settings = {
9 window = {
10 padding.x = 2;
11 padding.y = 2;
12 };
13
14 font = {
15 size = 8.0;
16 italic.style = "Regular Italic";
17 };
18
19 colors = with config.theme.colors; {
20 primary.background = softBackground;
21 primary.foreground = foreground;
22
23 normal = {
24 black = background;
25 # TODO: bright white is same
26 #white = "0xa89984";
27 white = foreground;
28 red = neutralRed;
29 green = neutralGreen;
30 yellow = neutralYellow;
31 blue = neutralBlue;
32 magenta = neutralMagenta;
33 cyan = neutralCyan;
34 };
35
36 bright = {
37 black = dimForeground;
38 white = foreground;
39 red = brightRed;
40 green = brightGreen;
41 yellow = brightYellow;
42 blue = brightBlue;
43 magenta = brightMagenta;
44 cyan = brightCyan;
45 };
46 };
47 };
48 };
49}
diff --git a/usecases/desktop/graphical/mpv.nix b/usecases/desktop/graphical/mpv.nix
new file mode 100644
index 0000000..381b893
--- /dev/null
+++ b/usecases/desktop/graphical/mpv.nix
@@ -0,0 +1,16 @@
1inputs:
2
3{ pkgs, ... }:
4
5{
6 home-manager.users.minijackson.programs.mpv = {
7 enable = true;
8 config = {
9 hwdec = "auto";
10 profile = "gpu-hq";
11 };
12 # TODO: for 21.05
13 #defaultProfiles = [ "gpu-hq" ];
14 scripts = with pkgs.mpvScripts; [ mpris sponsorblock ];
15 };
16}
diff --git a/usecases/desktop/graphical/rofi.nix b/usecases/desktop/graphical/rofi.nix
new file mode 100644
index 0000000..0013f5c
--- /dev/null
+++ b/usecases/desktop/graphical/rofi.nix
@@ -0,0 +1,102 @@
1inputs:
2
3{ config, ... }:
4
5{
6 home-manager.users.minijackson.programs.rofi = {
7 enable = true;
8
9 # TODO: there is a better way
10 theme = with config.theme.colors; builtins.toFile "theme.rasi" ''
11 * {
12 dominant: ${dominant};
13
14 foreground: ${foreground};
15 dim-foreground: ${dimForeground};
16
17 text-color: @foreground;
18 border-color: @dim-foreground;
19
20 background-color: ${background};
21 light-background: ${lightBackground};
22 }
23
24 #window {
25 padding: 8px;
26
27 border: 1px solid;
28 background-color: @background;
29 }
30
31 #mainbox {
32 border: 0;
33 padding: 0;
34 }
35
36 #inputbar {
37 spacing: 0;
38 padding: 5px;
39 border: 0 0 1px 0;
40 margin: 0 0 8px 0;
41 children: [ prompt, textbox-prompt-sep, entry ];
42 }
43
44 #prompt {
45 background-color: @background;
46 text-color: @dim-foreground;
47 }
48
49 textbox-prompt-sep {
50 expand: false;
51 str: ":";
52 text-color: @dim-foreground;
53 margin: 0 8px 0 0;
54 }
55
56 #message {
57 spacing: 0;
58 padding: 5px;
59 border: 0 0 1px 0;
60 margin: 0 0 8px 0;
61 }
62
63 #listview {
64 spacing: 0;
65 }
66
67 #element {
68 border: 0;
69 padding: 5px;
70
71 background-color: @background;
72 }
73
74 #element.selected.normal {
75 background-color: @dominant;
76 }
77
78 #element.urgent {
79 background-color: ${fadedRed};
80 }
81
82 #element.selected.urgent {
83 background-color: ${neutralRed};
84 }
85
86 #element.active {
87 background-color: ${dimForeground};
88 text-color: ${background};
89 }
90
91 #element.selected.active {
92 background-color: ${foreground};
93 text-color: ${background};
94 }
95
96 #scrollbar {
97 width: 4px;
98 handle-width: 8px;
99 }
100 '';
101 };
102}
diff --git a/usecases/desktop/graphical/sway.nix b/usecases/desktop/graphical/sway.nix
new file mode 100644
index 0000000..6c5b2ed
--- /dev/null
+++ b/usecases/desktop/graphical/sway.nix
@@ -0,0 +1,263 @@
1inputs:
2
3{ config, lib, pkgs, system, ... }:
4let
5 globalConfig = config;
6in
7{
8 home-manager.users.minijackson = { config, ... }: {
9 wayland.windowManager.sway = {
10 enable = true;
11
12 extraSessionCommands = ''
13 # https://github.com/emersion/xdg-desktop-portal-wlr/issues/20
14 export XDG_CURRENT_DESKTOP=sway
15 # https://github.com/emersion/xdg-desktop-portal-wlr/pull/11
16 export XDG_SESSION_TYPE=wayland
17
18 export SDL_VIDEODRIVER=wayland
19
20 export QT_QPA_PLATFORM=wayland
21 export QT_WAYLAND_DISABLE_WINDOWDECORATION=1
22 '';
23
24 # Implemented below in startup, due to global import-environment failing
25 # when not specifying variables.
26 #
27 # TODO: make PR
28 #systemdIntegration = true;
29 wrapperFeatures.gtk = true;
30
31 config = {
32 # Using waybar
33 bars = [ ];
34
35 bindkeysToCode = true;
36
37 colors = with globalConfig.theme.colors; {
38 focused = {
39 border = lightBackground;
40 background = lightBackground;
41 text = foreground;
42 indicator = dominant;
43 childBorder = dominant;
44 };
45
46 focusedInactive = {
47 border = background;
48 background = background;
49 text = dimForeground;
50 indicator = dominant;
51 childBorder = background;
52 };
53
54 unfocused = {
55 border = background;
56 background = background;
57 text = dimForeground;
58 indicator = dominant;
59 childBorder = background;
60 };
61
62 urgent = {
63 border = brightRed;
64 background = brightRed;
65 text = foreground;
66 indicator = brightRed;
67 childBorder = brightRed;
68 };
69
70 placeholder = {
71 border = background0;
72 background = background0;
73 text = foreground;
74 indicator = background0;
75 childBorder = background0;
76 };
77 };
78
79 floating.criteria = [
80 { title = "Steam - News"; }
81 ];
82
83 input = {
84 "1:1:AT_Translated_Set_2_keyboard" = {
85 xkb_layout = "fr";
86 xkb_variant = "oss";
87 xkb_options = "compose:caps";
88 xkb_numlock = "enabled";
89 };
90
91 "1452:514:Alps_Electric_M2452" = {
92 xkb_layout = "fr";
93 xkb_variant = "oss";
94 xkb_options = "compose:caps,lv3:rwin_switch";
95 xkb_numlock = "enabled";
96 };
97
98 "7764:8240:TypeMatrix.com_USB_Keyboard" = {
99 xkb_layout = "dvorak";
100 xkb_options = "eurosign:e,compose:caps";
101 };
102
103
104 "1133:49948:Logitech_USB_Keyboard" = {
105 xkb_layout = "fr";
106 xkb_variant = "oss";
107 xkb_options = "eurosign:e,compose:caps";
108 xkb_numlock = "enabled";
109 };
110
111 "1102:4639:DELL0817:00_044E:121F_Mouse" = {
112 scroll_method = "on_button_down";
113 scroll_button = "button2";
114 };
115 };
116
117 keybindings =
118 let
119 modifier = config.wayland.windowManager.sway.config.modifier;
120 in
121 lib.mkOptionDefault {
122 "${modifier}+ampersand" = "workspace 1";
123 "${modifier}+eacute" = "workspace 2";
124 "${modifier}+quotedbl" = "workspace 3";
125 "${modifier}+apostrophe" = "workspace 4";
126 "${modifier}+parenleft" = "workspace 5";
127 "${modifier}+minus" = "workspace 6";
128 "${modifier}+egrave" = "workspace 7";
129 "${modifier}+underscore" = "workspace 8";
130 "${modifier}+ccedilla" = "workspace 9";
131 "${modifier}+agrave" = "workspace 10";
132
133 "${modifier}+Shift+ampersand" = "move container to workspace 1";
134 "${modifier}+Shift+eacute" = "move container to workspace 2";
135 "${modifier}+Shift+quotedbl" = "move container to workspace 3";
136 "${modifier}+Shift+apostrophe" = "move container to workspace 4";
137 "${modifier}+Shift+parenleft" = "move container to workspace 5";
138 "${modifier}+Shift+minus" = "move container to workspace 6";
139 "${modifier}+Shift+egrave" = "move container to workspace 7";
140 "${modifier}+Shift+underscore" = "move container to workspace 8";
141 "${modifier}+Shift+ccedilla" = "move container to workspace 9";
142 "${modifier}+Shift+agrave" = "move container to workspace 10";
143
144 "${modifier}+m" = "exec ${pkgs.swaylock}/bin/swaylock";
145 };
146
147 menu = ''
148 ${pkgs.rofi}/bin/rofi -show drun -terminal ${pkgs.alacritty}/bin/alacritty
149 '';
150
151 modifier = "Mod4";
152
153 output."*".bg =
154 "${../../../res/wallpapers/wallpaper-1920x1080-kernel-card-black.png} fill";
155
156 startup = [
157 { command = "${pkgs.mako}/bin/mako"; always = true; }
158 {
159 command = "systemctl --user import-environment ${
160 builtins.toString (lib.unique config.xsession.importedVariables)
161 }; systemctl --user start sway-session.target";
162 }
163 ];
164
165 terminal = "${pkgs.alacritty}/bin/alacritty";
166
167 window = {
168 border = 2;
169 hideEdgeBorders = "smart";
170 titlebar = true;
171 };
172 };
173 };
174
175 # TODO: 21.05
176 /*
177 services.wlsunset = {
178 enable = true;
179 latitude = "48.864716";
180 longitude = "2.349014";
181 # Reduce blue light anyways
182 temperature = {
183 day = 4000;
184 night = 2500;
185 };
186 systemdTarget = "sway-session.target";
187 };
188 */
189
190 # TODO: upstream a PR to beautify this
191 xdg.configFile."swaylock/config".text = with globalConfig.theme.colors; ''
192 ignore-empty-password
193 image=${../../../res/wallpapers/wallpaper-1920x1080-install-gentoo.png}
194
195 font=monospace
196
197 inside-color=${lib.removePrefix "#" dominant}dd
198 inside-clear-color=${lib.removePrefix "#" neutralOrange}dd
199 inside-ver-color=${lib.removePrefix "#" neutralOrange}dd
200 inside-wrong-color=${lib.removePrefix "#" neutralRed}dd
201
202 key-hl-color=${lib.removePrefix "#" brightGreen}ee
203 bs-hl-color=${lib.removePrefix "#" neutralRed}ee
204
205 line-color=${lib.removePrefix "#" background}ee
206 line-clear-color=${lib.removePrefix "#" background}ee
207 line-ver-color=${lib.removePrefix "#" background}ee
208 line-wrong-color=${lib.removePrefix "#" background}ee
209
210 ring-color=${lib.removePrefix "#" dominant}ee
211 ring-clear-color=${lib.removePrefix "#" brightOrange}ee
212 ring-ver-color=${lib.removePrefix "#" brightOrange}ee
213 ring-wrong-color=${lib.removePrefix "#" brightRed}ee
214
215 separator-color=${lib.removePrefix "#" background}ee
216
217 text-color=${lib.removePrefix "#" background}ff
218 text-clear-color=${lib.removePrefix "#" background}ff
219 text-ver-color=${lib.removePrefix "#" background}ff
220 text-wrong-color=${lib.removePrefix "#" background}ff
221
222 indicator-radius=75
223 indicator-thickness=10
224 '';
225
226 xsession.importedVariables = [
227 "DBUS_SESSION_BUS_ADDRESS"
228 "DISPLAY"
229 "SSH_AUTH_SOCK"
230 "XAUTHORITY"
231 "XDG_DATA_DIRS"
232 "XDG_RUNTIME_DIR"
233 "XDG_SESSION_ID"
234
235 "WAYLAND_DISPLAY"
236 "SWAYSOCK"
237 "I3SOCK"
238
239 "XDG_CURRENT_DESKTOP"
240 "XDG_SESSION_TYPE"
241 ];
242
243 systemd.user.targets.sway-session = {
244 Unit = {
245 Description = "sway compositor session";
246 Documentation = [ "man:systemd.special(7)" ];
247 BindsTo = [ "graphical-session.target" ];
248 Wants = [ "graphical-session-pre.target" ];
249 After = [ "graphical-session-pre.target" ];
250 };
251 };
252 };
253
254 environment.systemPackages = with pkgs; [ qt5.qtwayland ];
255
256 # TODO: in 21.05
257 #programs.xwayland.enable = true;
258 security.pam.services.swaylock = { };
259
260 xdg.portal.extraPortals = with pkgs; [
261 unstable.xdg-desktop-portal-wlr
262 ];
263}
diff --git a/usecases/desktop/graphical/waybar.nix b/usecases/desktop/graphical/waybar.nix
new file mode 100644
index 0000000..dca43a2
--- /dev/null
+++ b/usecases/desktop/graphical/waybar.nix
@@ -0,0 +1,288 @@
1inputs:
2
3{ config, lib, pkgs, ... }:
4
5{
6 home-manager.users.minijackson = {
7 programs.waybar = {
8 enable = true;
9
10 settings = [{
11 layer = "top";
12 position = "bottom";
13 height = 25;
14
15 modules-left = [ "sway/workspaces" "sway/mode" ];
16 modules-center = [ "mpd" ];
17 modules-right = [
18 "idle_inhibitor"
19 "pulseaudio"
20 "network#eth"
21 "network#wlan"
22 "cpu"
23 "memory"
24 "temperature"
25 "backlight"
26 "battery"
27 "clock"
28 "tray"
29 ];
30
31 modules = {
32 mpd = {
33 format = "{stateIcon} {consumeIcon}{randomIcon}{repeatIcon}{singleIcon}{artist} - {album} - {title} ({elapsedTime:%M:%S}/{totalTime:%M:%S}) <span font_desc='Font Awesome 5 Free'></span>";
34 format-stopped = "{consumeIcon}{randomIcon}{repeatIcon}{singleIcon}Stopped <span font_desc='Font Awesome 5 Free'></span>";
35 format-disconnected = "Disconnected <span font_desc='Font Awesome 5 Free'></span>";
36
37 on-click-middle = "${pkgs.alacritty}/bin/alacritty --command ncmpcpp";
38
39 consume-icons = {
40 on = " ";
41 };
42
43 random-icons = {
44 on = " ";
45 };
46
47 repeat-icons = {
48 on = " ";
49 };
50
51 single-icons = {
52 on = "1 ";
53 };
54
55 state-icons = {
56 playing = "";
57 paused = "";
58 };
59 };
60
61 idle_inhibitor = {
62 format = "{icon}";
63 format-icons = {
64 activated = "";
65 deactivated = "";
66 };
67 };
68
69 clock = {
70 tooltip-format = "{:%Y-%m-%d | %H:%M}";
71 format-alt = "{:%Y-%m-%d}";
72 };
73
74 cpu = { format = "{usage}% "; };
75
76 memory = { format = "{}% "; };
77
78 battery = {
79 states = { good = 90; };
80 format = "{capacity}% {icon}";
81 format-icons = [
82 "<span font_desc='Font Awesome 5 Free'></span>"
83 "<span font_desc='Font Awesome 5 Free'></span>"
84 "<span font_desc='Font Awesome 5 Free'></span>"
85 "<span font_desc='Font Awesome 5 Free'></span>"
86 "<span font_desc='Font Awesome 5 Free'></span>"
87 ];
88 };
89
90 "network#eth" = {
91 interface = "enp*";
92 format-ethernet = "{ipaddr}/{cidr} ";
93 format-disconnected = "Disconnected ";
94 };
95
96 "network#wlan" = {
97 interface = "wlp*";
98 format-wifi = "{essid} ({signalStrength}%) <span font_desc='Font Awesome 5 Free'></span>";
99 format-disconnected = "Disconnected <span font_desc='Font Awesome 5 Free'></span>";
100 tooltip = true;
101 tooltip-format-wifi = "{ipaddr}/{cidr}";
102 };
103
104 temperature = {
105 hwmon-path = "/sys/class/hwmon/hwmon0/temp1_input";
106 format = "{temperatureC} °C ";
107 };
108
109 backlight = {
110 format = "{percent}% <span font_desc='Font Awesome 5 Free'>{icon}</span>";
111 format-icons = [ "" "" ];
112 };
113
114 pulseaudio = {
115 format = "{volume}% {icon}";
116 format-bluetooth = "{volume}% {icon}";
117 format-muted = "";
118 format-icons = {
119 headphones = "";
120 handsfree = "";
121 headset = "";
122 phone = "";
123 portable = "";
124 car = "";
125 default = [ "" "" ];
126 };
127 on-click = "pavucontrol";
128 };
129 };
130 }];
131
132 style = with config.theme.colors; ''
133 * {
134 border: none;
135 border-radius: 0;
136 font-family: mono;
137 font-size: 11px;
138 min-height: 0;
139 }
140
141 window#waybar {
142 background: ${background};
143 border-bottom: 3px solid ${lightBackground};
144 color: ${foreground};
145 }
146
147 /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
148 #workspaces button {
149 padding: 0 5px;
150 background: transparent;
151 color: ${foreground};
152 border-bottom: 3px solid transparent;
153 }
154
155 #workspaces button.focused {
156 background: ${dominant};
157 border-bottom: 3px solid ${foreground};
158 }
159
160 #mode {
161 background: ${lightBackground};
162 border-bottom: 3px solid ${foreground};
163 }
164
165 #clock, #battery, #cpu, #memory, #temperature, #backlight, #network, #pulseaudio, #custom-mpd, #mpd, #tray, #mode, #idle_inhibitor {
166 padding: 0 10px;
167 margin: 0 5px;
168 }
169
170 #clock {
171 background-color: ${neutralMagenta};
172 color: ${background};
173 }
174
175 #battery {
176 background-color: ${neutralYellow};
177 color: ${background};
178 }
179
180 /*
181 #battery.charging {
182 color: ${foreground};
183 background-color: #26A65B;
184 }
185 */
186
187 @keyframes blink {
188 to {
189 background-color: ${foreground};
190 color: ${background};
191 }
192 }
193
194 #battery.critical:not(.charging) {
195 background: ${fadedRed};
196 color: ${foreground};
197 animation-name: blink;
198 animation-duration: 0.5s;
199 animation-timing-function: linear;
200 animation-iteration-count: infinite;
201 animation-direction: alternate;
202 }
203
204 #cpu {
205 background: ${neutralOrange};
206 color: ${background};
207 }
208
209 #memory {
210 background: ${brightBlue};
211 color: ${background};
212 }
213
214 #backlight {
215 background: ${background6};
216 color: ${background};
217 }
218
219 #network {
220 background: ${neutralGreen};
221 color: ${background};
222 }
223
224 #network.disconnected {
225 background: ${lightBackground};
226 color: ${foreground};
227 }
228
229 #pulseaudio {
230 background: ${neutralCyan};
231 color: ${background};
232 }
233
234 #pulseaudio.muted {
235 background: ${foreground};
236 }
237
238 #temperature {
239 background: ${brightCyan};
240 color: ${background};
241 }
242
243 #temperature.critical {
244 background: ${fadedRed};
245 color: ${foreground};
246 }
247
248 #tray {
249 background-color: #2980b9;
250 }
251
252 #idle_inhibitor {
253 background-color: ${lightBackground};
254 }
255
256 #custom-mpd {
257 background-color: ${dominant};
258 }
259
260 #mpd {
261 background: ${dominant};
262 }
263
264 #mpd.disconnected {
265 background: ${lightBackground};
266 color: ${foreground};
267 }
268
269 #mpd.stopped {
270 background: ${foreground};
271 color: ${background};
272 }
273
274 #mpd.paused {
275 background: ${dimDominant};
276 }
277 '';
278
279 systemd.enable = true;
280 };
281
282 # Fix https://github.com/nix-community/home-manager/pull/1628
283 systemd.user.services.waybar.Unit = {
284 Requisite = lib.mkForce [];
285 After = lib.mkForce [];
286 };
287 };
288}
diff --git a/usecases/desktop/graphical/zathura.nix b/usecases/desktop/graphical/zathura.nix
new file mode 100644
index 0000000..d1832d8
--- /dev/null
+++ b/usecases/desktop/graphical/zathura.nix
@@ -0,0 +1,55 @@
1inputs:
2
3{ config, ... }:
4
5{
6 home-manager.users.minijackson.programs.zathura = {
7 enable = true;
8
9 options = with config.theme.colors; {
10 guioptions = "";
11 adjust-open = "width";
12
13 smooth-scroll = true;
14 scroll-step = 100;
15 #scroll-full-overlap = 0.05;
16
17 selection-clipboard = "clipboard";
18
19 default-bg = softBackground;
20 default-fg = foreground;
21
22 notification-error-bg = neutralRed;
23 notification-error-fg = foreground;
24
25 notification-warning-bg = background;
26 notification-warning-fg = brightRed;
27
28 highlight-color = fadedYellow;
29 highlight-active-color = brightYellow;
30
31 inputbar-bg = background;
32 inputbar-fg = dominant;
33
34 completion-bg = background;
35 completion-fg = neutralBlue;
36
37 completion-highlight-bg = dominant;
38 completion-highlight-fg = background;
39
40 notification-bg = dominant;
41 notification-fg = background;
42
43 index-bg = background;
44 index-fg = foreground;
45
46 index-active-bg = dominant;
47 index-active-fg = background;
48
49 recolor-lightcolor = background;
50 recolor-darkcolor = foreground;
51 recolor-keephue = true;
52 recolor = true;
53 };
54 };
55}
diff --git a/usecases/desktop/pipewire.nix b/usecases/desktop/pipewire.nix
new file mode 100644
index 0000000..e742ba9
--- /dev/null
+++ b/usecases/desktop/pipewire.nix
@@ -0,0 +1,44 @@
1inputs:
2
3{ pkgs, ... }:
4
5{
6 imports = [
7 (inputs.nixpkgs-unstable.outPath + "/nixos/modules/services/desktops/pipewire/pipewire.nix")
8 (inputs.nixpkgs-unstable.outPath + "/nixos/modules/services/desktops/pipewire/pipewire-media-session.nix")
9 ];
10
11 disabledModules = [ "services/desktops/pipewire.nix" ];
12
13 services.pipewire = {
14 enable = true;
15 package = pkgs.unstable.pipewire;
16
17 alsa.enable = true;
18 jack.enable = true;
19 pulse.enable = true;
20
21 config = {
22 pipewire-pulse = {
23 "context.modules" = [
24 { name = "libpipewire-module-rtkit"; flags = [ "ifexists" "nofail" ]; }
25 { name = "libpipewire-module-protocol-native"; }
26 { name = "libpipewire-module-client-node"; }
27 { name = "libpipewire-module-adapter"; }
28 { name = "libpipewire-module-metadata"; }
29 {
30 name = "libpipewire-module-protocol-pulse";
31 args = {
32 # TODO: set it in MPD?
33 "server.address" = [ "unix:native" "tcp:127.0.0.1:4713" ];
34 };
35 }
36 ];
37 };
38 };
39
40 media-session.package = pkgs.unstable.pipewire.mediaSession;
41 };
42
43 security.rtkit.enable = true;
44}
diff --git a/usecases/server/default.nix b/usecases/server/default.nix
index 1b47ee4..f32728a 100644
--- a/usecases/server/default.nix
+++ b/usecases/server/default.nix
@@ -1,8 +1,12 @@
1# A reasonable set of defaults for a server
2
3inputs:
4
1{ ... }: 5{ ... }:
2 6
3{ 7{
4 imports = [ 8 imports = [
5 ./fail2ban.nix 9 (import ./fail2ban.nix inputs)
6 ./monitoring-target.nix 10 (import ./monitoring-target.nix inputs)
7 ]; 11 ];
8} 12}
diff --git a/usecases/server/fail2ban.nix b/usecases/server/fail2ban.nix
index 1c2912c..3870a32 100644
--- a/usecases/server/fail2ban.nix
+++ b/usecases/server/fail2ban.nix
@@ -1,3 +1,5 @@
1inputs:
2
1{ config, ... }: 3{ config, ... }:
2 4
3{ 5{
diff --git a/usecases/server/monitoring-target.nix b/usecases/server/monitoring-target.nix
index 1ddeb25..2ccd160 100644
--- a/usecases/server/monitoring-target.nix
+++ b/usecases/server/monitoring-target.nix
@@ -1,3 +1,5 @@
1inputs:
2
1{ config, ... }: 3{ config, ... }:
2 4
3{ 5{
@@ -6,7 +8,7 @@
6 enable = true; 8 enable = true;
7 enabledCollectors = [ "logind" "systemd" ]; 9 enabledCollectors = [ "logind" "systemd" ];
8 disabledCollectors = [ "textfile" ]; 10 disabledCollectors = [ "textfile" ];
9 listenAddress = config.topology.mainVpn.currentNodeIP; 11 listenAddress = "[${config.topology.mainVpn.currentNodeIP}]";
10 }; 12 };
11 }; 13 };
12 14
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-28 22:54:47 +0000