From 8ffe5ce23fa1548304a3fa25f2bd0e89837f5a0b Mon Sep 17 00:00:00 2001 From: Minijackson Date: Sun, 18 Apr 2021 16:58:23 +0200 Subject: revamp with nix flakes + desktop config --- common/commandline.nix | 116 ++++----- common/commandline/dircolors.nix | 7 +- common/commandline/git.nix | 87 ++++--- common/commandline/htop.nix | 2 + common/commandline/tmux.nix | 2 + common/commandline/zsh.nix | 21 +- common/default.nix | 22 +- common/localization.nix | 11 + common/nix.nix | 19 ++ common/ssh.nix | 15 ++ common/theme.nix | 2 + common/tinc.nix | 45 +++- common/vim.nix | 2 + configuration.nix | 53 +--- flake.lock | 82 ++++++ flake.nix | 110 ++++++++ profiles/desktop.nix | 35 +++ profiles/server.nix | 4 + .../wallpaper-1920x1080-gnu-linux-card-black.png | Bin 0 -> 138881 bytes .../wallpaper-1920x1080-install-gentoo.png | Bin 0 -> 96320 bytes res/wallpapers/wallpaper-1920x1080-kali-dragon.png | Bin 0 -> 238479 bytes .../wallpaper-1920x1080-kernel-card-black.png | Bin 0 -> 257606 bytes .../wallpaper-1920x1080-kill-card-black.png | Bin 0 -> 168551 bytes .../wallpaper-1920x1080-root-card-black.png | Bin 0 -> 156352 bytes usecases/common/backup-client.nix | 2 + usecases/desktop/default.nix | 11 + usecases/desktop/graphical.nix | 73 ++++++ usecases/desktop/graphical/alacritty.nix | 49 ++++ usecases/desktop/graphical/mpv.nix | 16 ++ usecases/desktop/graphical/rofi.nix | 102 ++++++++ usecases/desktop/graphical/sway.nix | 263 +++++++++++++++++++ usecases/desktop/graphical/waybar.nix | 288 +++++++++++++++++++++ usecases/desktop/graphical/zathura.nix | 55 ++++ usecases/desktop/pipewire.nix | 44 ++++ usecases/server/default.nix | 8 +- usecases/server/fail2ban.nix | 2 + usecases/server/monitoring-target.nix | 4 +- 37 files changed, 1378 insertions(+), 174 deletions(-) create mode 100644 common/localization.nix create mode 100644 common/nix.nix create mode 100644 common/ssh.nix create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 profiles/desktop.nix create mode 100644 res/wallpapers/wallpaper-1920x1080-gnu-linux-card-black.png create mode 100644 res/wallpapers/wallpaper-1920x1080-install-gentoo.png create mode 100644 res/wallpapers/wallpaper-1920x1080-kali-dragon.png create mode 100644 res/wallpapers/wallpaper-1920x1080-kernel-card-black.png create mode 100644 res/wallpapers/wallpaper-1920x1080-kill-card-black.png create mode 100644 res/wallpapers/wallpaper-1920x1080-root-card-black.png create mode 100644 usecases/desktop/default.nix create mode 100644 usecases/desktop/graphical.nix create mode 100644 usecases/desktop/graphical/alacritty.nix create mode 100644 usecases/desktop/graphical/mpv.nix create mode 100644 usecases/desktop/graphical/rofi.nix create mode 100644 usecases/desktop/graphical/sway.nix create mode 100644 usecases/desktop/graphical/waybar.nix create mode 100644 usecases/desktop/graphical/zathura.nix create mode 100644 usecases/desktop/pipewire.nix diff --git a/common/commandline.nix b/common/commandline.nix index 36fae26..73dbb51 100644 --- a/common/commandline.nix +++ b/common/commandline.nix @@ -1,3 +1,5 @@ +inputs: + { config, pkgs, lib, ... }: with import ../lib/theme.nix { inherit lib; }; @@ -8,11 +10,11 @@ let in { imports = [ - ./commandline/dircolors.nix - ./commandline/git.nix - ./commandline/htop.nix - ./commandline/tmux.nix - ./commandline/zsh.nix + (import ./commandline/dircolors.nix inputs) + (import ./commandline/git.nix inputs) + (import ./commandline/htop.nix inputs) + (import ./commandline/tmux.nix inputs) + (import ./commandline/zsh.nix inputs) ]; environment.shellAliases = { @@ -24,8 +26,6 @@ in programs.bash = { enableCompletion = true; interactiveShellInit = '' - eval "$(${pkgs.starship}/bin/starship init bash)" - PATH="${pkgs.pazi}/bin:$PATH" eval "$(pazi init bash)" ''; @@ -42,67 +42,67 @@ in }; security.sudo.extraConfig = - let - lectureFile = builtins.toFile "sudoers.lecture" '' -  - ${dominantEscapeCode}"Bee" careful __ - ${dominantEscapeCode}with sudo! // \ - \\_/ // - '''-.._.-'''-.._.. -(||)(') - '''' + let + lectureFile = builtins.toFile "sudoers.lecture" '' +  + ${dominantEscapeCode}"Bee" careful __ + ${dominantEscapeCode}with sudo! // \ + \\_/ // + '''-.._.-'''-.._.. -(||)(') + '''' - ''; - in + ''; + in '' - Defaults lecture = always - Defaults lecture_file = "${lectureFile}" + Defaults lecture = always + Defaults lecture_file = "${lectureFile}" ''; - home-manager.users.minijackson = { ... }: - { - # TODO - xdg.configFile."starship.toml".text = '' - [directory] - fish_style_pwd_dir_length = 2 - style = "bold blue" - - [git_branch] - symbol = "branch " + home-manager.users.minijackson = { ... }: { + programs.bash.enable = true; - [git_status] - ahead = "^" - behind = "v" - deleted = "x" - - [jobs] - symbol = "+ " - - [package] - symbol = "version " - style = "bold green" - disabled = true - - [rust] - symbol = "rust " - style = "bold dimmed yellow" + programs.bat = { + enable = true; + config = { + theme = "TwoDark"; + }; + }; - [nix_shell] - style = "bold blue" + programs.pazi.enable = true; - [character] - symbol = ">" - ''; + programs.starship = { + enable = true; + enableZshIntegration = false; - programs.bat = { - enable = true; - config = { - theme = "TwoDark"; + settings = { + character.symbol = ">"; + directory = { + fish_style_pwd_dir_length = 2; + style = "bold blue"; + }; + git_branch.symbol = "branch "; + git_status = { + ahead = "^"; + behind = "v"; + deleted = "x"; + }; + jobs.symbol = "+ "; + nix_shell.style = "bold blue"; + package = { + disabled = true; + style = "bold green"; + symbol = "version "; + }; + rust = { + style = "bold dimmed yellow"; + symbol = "rust "; }; }; }; + }; - home-manager.users.root = { ... }: - { - programs.bat = config.home-manager.users.minijackson.programs.bat; - }; + home-manager.users.root = { ... }: { + programs.bash.enable = true; + programs.bat = lib.mkDefault config.home-manager.users.minijackson.programs.bat; + }; } diff --git a/common/commandline/dircolors.nix b/common/commandline/dircolors.nix index 7ef3a4d..f7bdae1 100644 --- a/common/commandline/dircolors.nix +++ b/common/commandline/dircolors.nix @@ -1,4 +1,6 @@ -{ config, ... }: +inputs: + +{ config, lib, ... }: { home-manager.users.minijackson = { ... }: @@ -69,6 +71,7 @@ home-manager.users.root = { ... }: { - programs.dircolors = config.home-manager.users.minijackson.programs.dircolors; + programs.dircolors = + lib.mkDefault config.home-manager.users.minijackson.programs.dircolors; }; } diff --git a/common/commandline/git.nix b/common/commandline/git.nix index 597ef64..e231356 100644 --- a/common/commandline/git.nix +++ b/common/commandline/git.nix @@ -1,58 +1,61 @@ -{ config, pkgs, ... }: +inputs: + +{ config, pkgs, lib, ... }: { # TODO: add signing - home-manager.users.minijackson = { ... }: - { + home-manager.users.minijackson = { ... }: { programs.git = { enable = true; package = pkgs.gitAndTools.gitFull; userEmail = "minijackson@riseup.net"; userName = "Minijackson"; - extraConfig = let - deltaCommand = "${pkgs.gitAndTools.delta}/bin/delta"; - in { - core = { - whitespace = "trailing-space,space-before-tab"; - pager = deltaCommand; - interactive.diffFilter = "${deltaCommand} --color-only"; - }; - merge = { tool = "nvimdiff"; }; - "mergetool \"nvimdiff\"" = { cmd = "nvim -d \"$LOCAL\" \"$MERGED\" \"$REMOTE\""; }; - - delta = with config.theme.colors; { - features = "line-numbers decorations"; - whitespace-error-style = "22 reverse"; - decorations = { - minus-style = "normal red"; - minus-non-emph-style = "normal red"; - minus-emph-style = "normal brightred"; - minus-empty-line-marker-style = "normal red"; - - plus-style = "reverse green"; - plus-non-emph-style = "reverse green"; - plus-emph-style = "reverse brightgreen"; - plus-empty-line-marker-style = "reverse green"; - - whitespace-error-style = "reverse green"; - - line-numbers-minus-style = "brightred"; - line-numbers-zero-style = "brightblack"; - line-numbers-plus-style = "brightgreen"; - - file-style = "bright${dominantName}"; - line-numbers-left-style = dominantName; - line-numbers-right-style = dominantName; + extraConfig = + let + deltaCommand = "${pkgs.gitAndTools.delta}/bin/delta"; + in + { + core = { + whitespace = "trailing-space,space-before-tab"; + pager = deltaCommand; + interactive.diffFilter = "${deltaCommand} --color-only"; + }; + merge = { tool = "nvimdiff"; }; + "mergetool \"nvimdiff\"" = { cmd = "nvim -d \"$LOCAL\" \"$MERGED\" \"$REMOTE\""; }; + + delta = with config.theme.colors; { + features = "line-numbers decorations"; + whitespace-error-style = "22 reverse"; + decorations = { + minus-style = "normal red"; + minus-non-emph-style = "normal red"; + minus-emph-style = "normal brightred"; + minus-empty-line-marker-style = "normal red"; + + plus-style = "reverse green"; + plus-non-emph-style = "reverse green"; + plus-emph-style = "reverse brightgreen"; + plus-empty-line-marker-style = "reverse green"; + + whitespace-error-style = "reverse green"; + + line-numbers-minus-style = "brightred"; + line-numbers-zero-style = "brightblack"; + line-numbers-plus-style = "brightgreen"; + + file-style = "bright${dominantName}"; + line-numbers-left-style = dominantName; + line-numbers-right-style = dominantName; + }; }; - }; - }; + }; }; }; - home-manager.users.root = { ... }: - { - programs.git = config.home-manager.users.minijackson.programs.git; + home-manager.users.root = { ... }: { + programs.git = + lib.mkDefault config.home-manager.users.minijackson.programs.git; }; } diff --git a/common/commandline/htop.nix b/common/commandline/htop.nix index f9732a6..95763a0 100644 --- a/common/commandline/htop.nix +++ b/common/commandline/htop.nix @@ -1,3 +1,5 @@ +inputs: + { config, ... }: { diff --git a/common/commandline/tmux.nix b/common/commandline/tmux.nix index aa4de9c..84d2cc8 100644 --- a/common/commandline/tmux.nix +++ b/common/commandline/tmux.nix @@ -1,3 +1,5 @@ +inputs: + { config, pkgs, ... } : let diff --git a/common/commandline/zsh.nix b/common/commandline/zsh.nix index 3376321..28899b1 100644 --- a/common/commandline/zsh.nix +++ b/common/commandline/zsh.nix @@ -1,3 +1,5 @@ +inputs: + { config, lib, pkgs, ... }: with import ../../lib/theme.nix { inherit lib; }; @@ -13,9 +15,6 @@ in source "${pkgs.grml-zsh-config}/etc/zsh/zshrc" is4 && xsource "${pkgs.grml-zsh-config}/etc/zsh/keephack" - PATH="${pkgs.pazi}/bin:$PATH" - eval "$(pazi init zsh)" - source "${pkgs.zsh-history-substring-search}/share/zsh-history-substring-search/zsh-history-substring-search.zsh" function () { @@ -30,8 +29,6 @@ in (mapAttrsToList (variable: value: "${variable}=\"${value}\"") config.programs.less.envVariables)} - - #eval "$(${pkgs.starship}/bin/starship init zsh)" ''; # otherwise it'll override the grml prompt @@ -56,4 +53,18 @@ in }; users.defaultUserShell = pkgs.zsh; + + home-manager.users.minijackson = { ... }: { + # Allows zsh config from home-manager + programs.zsh = { + enable = true; + # Completion is already handled by the GRML conf + enableCompletion = false; + }; + }; + + home-manager.users.root = { ... }: { + programs.zsh = + lib.mkDefault config.home-manager.users.minijackson.programs.zsh; + }; } diff --git a/common/default.nix b/common/default.nix index fc9086b..d4e2e39 100644 --- a/common/default.nix +++ b/common/default.nix @@ -1,11 +1,21 @@ -{ ... }: +inputs: + +{ config, ... }: { imports = [ - - ./commandline.nix - ./theme.nix - ./tinc.nix - ./vim.nix + (import ./commandline.nix inputs) + (import ./localization.nix inputs) + (import ./nix.nix inputs) + (import ./ssh.nix inputs) + (import ./theme.nix inputs) + (import ./tinc.nix inputs) + (import ./vim.nix inputs) + ]; + + nixpkgs.overlays = [ + (final: prev: { + unstable = inputs.nixpkgs-unstable.legacyPackages.${config.nixpkgs.system}; + }) ]; } diff --git a/common/localization.nix b/common/localization.nix new file mode 100644 index 0000000..958b36e --- /dev/null +++ b/common/localization.nix @@ -0,0 +1,11 @@ +inputs: + +{ ... }: + +{ + time.timeZone = "Europe/Paris"; + i18n = { + defaultLocale = "en_US.UTF-8"; + extraLocaleSettings = { LC_TIME = "en_DK.UTF-8"; }; + }; +} diff --git a/common/nix.nix b/common/nix.nix new file mode 100644 index 0000000..f16e1d9 --- /dev/null +++ b/common/nix.nix @@ -0,0 +1,19 @@ +inputs: + +{ pkgs, ... }: + +{ + nix = { + autoOptimiseStore = true; + gc = { + automatic = true; + dates = "03:15"; + options = "--delete-older-than 30d"; + }; + + package = pkgs.nixFlakes; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; +} diff --git a/common/ssh.nix b/common/ssh.nix new file mode 100644 index 0000000..8bdabc2 --- /dev/null +++ b/common/ssh.nix @@ -0,0 +1,15 @@ +inputs: + +{ config, pkgs, modulesPath, lib, ... }: + +{ + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + services.openssh = { + enable = true; + passwordAuthentication = false; + }; +} diff --git a/common/theme.nix b/common/theme.nix index 675bc33..cadd65d 100644 --- a/common/theme.nix +++ b/common/theme.nix @@ -5,6 +5,8 @@ # - https://github.com/morhetz/gruvbox # - https://github.com/morhetz/gruvbox-contrib +inputs: + { config, lib, ... }: with lib; diff --git a/common/tinc.nix b/common/tinc.nix index d86b19c..e06bd27 100644 --- a/common/tinc.nix +++ b/common/tinc.nix @@ -1,11 +1,15 @@ +inputs: + { config, lib, ... }: with lib; with builtins; -let - networks = attrNames (readDir ./tinc/private); -in { - imports = map (network: (./tinc/private + "/${network}")) networks; +{ + imports = [ + (inputs.nixpkgs-unstable.outPath + "/nixos/modules/services/networking/tinc.nix") + ]; + + disabledModules = [ "services/networking/tinc.nix" ]; options.topology = { mainVpn = { @@ -27,16 +31,33 @@ in { }; config = { - services.tinc.networks = genAttrs networks (network: { - name = config.networking.hostName; - - hosts = let - hosts = attrNames (readDir (./tinc/private + "/${network}/hosts")); - config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}"); - in genAttrs hosts config; - }); + # Tinc configuration is in downstream repo networking.firewall.allowedUDPPorts = [ 655 ]; networking.firewall.allowedTCPPorts = [ 655 ]; + + networking.hosts = + with builtins; + with lib; + let + networks = config.services.tinc.networks; + hosts = (flatten + (mapAttrsToList + (name: network: mapAttrsToList + (host: settings: { + host = "${host}.${name}.vpn"; + addresses = map (subnet: subnet.address) settings.subnets; + }) + network.hostSettings) + networks)); + + addresses = + zipAttrs + (flatten + (forEach hosts ({ host, addresses }: + (forEach addresses (address: + { "${address}" = host; }))))); + in + addresses; }; } diff --git a/common/vim.nix b/common/vim.nix index 821d43b..aa74a39 100644 --- a/common/vim.nix +++ b/common/vim.nix @@ -1,3 +1,5 @@ +inputs: + { config, pkgs, lib, ... }: let myNeovim = (pkgs.neovim.override { diff --git a/configuration.nix b/configuration.nix index 1a5530f..b95c631 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,28 +1,15 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). +inputs: -{ config, pkgs, modulesPath, ... }: +{ config, pkgs, modulesPath, lib, ... }: -{ +let + optionalImport = path: + lib.optional (builtins.pathExists path) path; +in { imports = [ - ./hardware-configuration.nix - ./host-secret.nix - ./common/default.nix + (import ./common/default.nix inputs) ]; - # Set your time zone. - time.timeZone = "Europe/Paris"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # }; - - # List packages installed in system profile. To search, run: - # $ nix search wget environment.systemPackages = with pkgs; [ wget vim tmux @@ -36,37 +23,11 @@ shellcheck ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - passwordAuthentication = false; - }; - - # Define a user account. Don't forget to set a password with ‘passwd’. users.extraUsers.minijackson = { isNormalUser = true; extraGroups = [ "users" "wheel" ]; openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmyjB5yuU8GK3ZVFznELVEwXN7zzjQJcPYZ89YCGTANjPHpHxZv5R9/kgjTtIKrqqHdTvfr8V8sao9Nr7PhtcV9UywrFn+kplyGf9WDl2oDF9eZprX3beR9zwDj/YIcFRx3wXk4JK/ioZJjcVZ3+xWPixiFplvHIyMsTjKfgRplntHpvoyLM8vURjLOCdPr6SRPReVXuSR2DRlVO7q7y+4FwA1FKAndg9YACoM1g2bEJ6eGyCPp2kFde+GvMv1y6FlBS1OFddGmBpUJzJ4mQ4ebqDVFsKQMx1xCkiz0l7tfVpXqXToHF+baTESEKbC4654PunD99BC0J4otHKrerdmX0HdTgHKtAnslSwRD5NZVAojk/CR3DiSQYFSO9OhFVjHNQsc1zpoKPtJYMe1ax3pcvc+XLCrKLUdHH8x9rVGefZXwIyLrrGrB7fVlyIyX7j04dNALQZiuFOKCInaYypVLHLy0k+buhQlVqKCS6N1xP5O6JiWUKXFYYyoRmSoX9+bfPiwsMrPL+rYXkee0K67BI1NiFAYPmdFFM0jtdFaYuvgEAWw7b9WyWyO/JAdHRwtlqfAqraPBrb4sldvQfLBm8RdORBYMaVbg4EUKMOJjIeAAK+7xWPtg2XeJNnsje/IsWaVXIBx2IAC50uAnIZ/ksw5lyAZP+HyGIHhCAQChQ== minijackson@riseup.net"]; }; - nix = { - autoOptimiseStore = true; - gc = { - automatic = true; - dates = "03:15"; - options = "--delete-older-than 30d"; - }; - }; - system.autoUpgrade.enable = true; } diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..c0fde98 --- /dev/null +++ b/flake.lock @@ -0,0 +1,82 @@ +{ + "nodes": { + "flake-utils": { + "locked": { + "lastModified": 1618217525, + "narHash": "sha256-WGrhVczjXTiswQaoxQ+0PTfbLNeOQM6M36zvLn78AYg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c6169a2772643c4a93a0b5ac1c61e296cba68544", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1617824794, + "narHash": "sha256-UGkvzx0nIXHhNq/KwJLjXvKAQRE2V33MuX+UirvqrkQ=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "2aa20ae969f2597c4df10a094440a66e9d7f8c86", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-20.09", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1618750622, + "narHash": "sha256-AfRXbXH1t7WgDiHt+CWofoLuy12nfFTY4pZoGfPueQo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b2a189a8618fc1ba61593016fe5699b38971b89f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-20.09", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1618755104, + "narHash": "sha256-boqugaFW1nRuyu0w774WGgaaCEfCxn0Nf8z8GJziVmU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5a333c5f091b88007caf1041bbb651867a449c5a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..4c31b37 --- /dev/null +++ b/flake.nix @@ -0,0 +1,110 @@ +{ + description = "My NixOS configurations"; + + inputs.nixpkgs.url = "github:NixOS/nixpkgs/release-20.09"; + inputs.nixpkgs-unstable.url = "github:NixOS/nixpkgs/master"; + inputs.flake-utils.url = "github:numtide/flake-utils"; + inputs.home-manager = { + url = "github:nix-community/home-manager/release-20.09"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, flake-utils, home-manager }: { + + nixosModules = { + default = { ... }: { + imports = [ + home-manager.nixosModules.home-manager + (import ./configuration.nix inputs) + ]; + }; + + test = { config, ... }: { + imports = [ self.nixosModules.default ]; + + home-manager.users.minijackson.home.stateVersion = "20.09"; + home-manager.users.root.home.stateVersion = "20.09"; + + users.users.minijackson.initialHashedPassword = ""; + users.users.root.initialHashedPassword = ""; + + topology.mainVpn = { + interfaceName = "tinc.testNet"; + subnet = "fd1f:340c:c5eb:9b18::/64"; + currentNodeIP = "fd1f:340c:c5eb:9b18::1"; + }; + + services.tinc.networks.testNet = { }; + + # TODO: automate that? {{{ + networking.interfaces."tinc.testNet" = { + virtual = true; + virtualType = "tun"; + ipv6.addresses = [{ + address = config.topology.mainVpn.currentNodeIP; + prefixLength = 64; + }]; + }; + + systemd.services."tinc.testNet" = { + after = [ "network-addresses-tinc.testNet.service" ]; + requires = [ "network-addresses-tinc.testNet.service" ]; + }; + # }}} + }; + + usecases.common = { + backupClient = (import ./usecases/common/backup-client.nix inputs); + }; + + usecases.desktop = { + default = (import ./usecases/desktop/default.nix inputs); + }; + + usecases.server = { + default = (import ./usecases/server/default.nix inputs); + fail2ban = (import ./usecases/server/fail2ban.nix inputs); + monitoringTarget = (import ./usecases/server/monitoring-target.nix inputs); + }; + + profiles = { + desktop = (import ./profiles/desktop.nix inputs); + server = (import ./profiles/server.nix inputs); + }; + }; + + nixosConfigurations = { + testDefault = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + self.nixosModules.test + ]; + }; + + testDesktop = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + self.nixosModules.test + self.nixosModules.profiles.desktop + ({ modulesPath, ... }: { + imports = [ (modulesPath + "/virtualisation/qemu-vm.nix") ]; + + virtualisation = { + memorySize = 2048; + cores = 3; + }; + }) + ]; + }; + + testServer = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + self.nixosModules.test + self.nixosModules.profiles.server + ]; + }; + }; + + }; +} diff --git a/profiles/desktop.nix b/profiles/desktop.nix new file mode 100644 index 0000000..2546b76 --- /dev/null +++ b/profiles/desktop.nix @@ -0,0 +1,35 @@ +inputs: + +{ pkgs, ... }: + +{ + imports = [ + inputs.self.nixosModules.usecases.desktop.default + ]; + + users.extraUsers.minijackson.packages = with pkgs; [ + pass + tmuxp + taskwarrior + tokei + neofetch + ffmpeg + youtube-dl + pavucontrol + pandoc + poppler_utils + # TODO: on development workstation + /* + rr + rtags + gcc + clang + clang-tools + */ + aspell + aspellDicts.en + aspellDicts.en-computers + aspellDicts.en-science + aspellDicts.fr + ]; +} diff --git a/profiles/server.nix b/profiles/server.nix index 3084d26..ec4b1c6 100644 --- a/profiles/server.nix +++ b/profiles/server.nix @@ -1,9 +1,13 @@ +inputs: + { modulesPath, ... }: { imports = [ (modulesPath + "/profiles/headless.nix") (modulesPath + "/profiles/hardened.nix") + + inputs.self.nixosModules.usecases.server.default ]; } diff --git a/res/wallpapers/wallpaper-1920x1080-gnu-linux-card-black.png b/res/wallpapers/wallpaper-1920x1080-gnu-linux-card-black.png new file mode 100644 index 0000000..ebc37e8 Binary files /dev/null and b/res/wallpapers/wallpaper-1920x1080-gnu-linux-card-black.png differ diff --git a/res/wallpapers/wallpaper-1920x1080-install-gentoo.png b/res/wallpapers/wallpaper-1920x1080-install-gentoo.png new file mode 100644 index 0000000..bf2b8c2 Binary files /dev/null and b/res/wallpapers/wallpaper-1920x1080-install-gentoo.png differ diff --git a/res/wallpapers/wallpaper-1920x1080-kali-dragon.png b/res/wallpapers/wallpaper-1920x1080-kali-dragon.png new file mode 100644 index 0000000..da384f3 Binary files /dev/null and b/res/wallpapers/wallpaper-1920x1080-kali-dragon.png differ diff --git a/res/wallpapers/wallpaper-1920x1080-kernel-card-black.png b/res/wallpapers/wallpaper-1920x1080-kernel-card-black.png new file mode 100644 index 0000000..33758f7 Binary files /dev/null and b/res/wallpapers/wallpaper-1920x1080-kernel-card-black.png differ diff --git a/res/wallpapers/wallpaper-1920x1080-kill-card-black.png b/res/wallpapers/wallpaper-1920x1080-kill-card-black.png new file mode 100644 index 0000000..30d06ec Binary files /dev/null and b/res/wallpapers/wallpaper-1920x1080-kill-card-black.png differ diff --git a/res/wallpapers/wallpaper-1920x1080-root-card-black.png b/res/wallpapers/wallpaper-1920x1080-root-card-black.png new file mode 100644 index 0000000..7691360 Binary files /dev/null and b/res/wallpapers/wallpaper-1920x1080-root-card-black.png differ diff --git a/usecases/common/backup-client.nix b/usecases/common/backup-client.nix index 39e4ca1..a9acd7a 100644 --- a/usecases/common/backup-client.nix +++ b/usecases/common/backup-client.nix @@ -1,3 +1,5 @@ +inputs: + { config, lib, ... }: with lib; diff --git a/usecases/desktop/default.nix b/usecases/desktop/default.nix new file mode 100644 index 0000000..8b6687a --- /dev/null +++ b/usecases/desktop/default.nix @@ -0,0 +1,11 @@ +# A reasonable set of defaults for desktop + +inputs: + +{ ... }: + +{ + imports = [ + (import ./graphical.nix inputs) + ]; +} diff --git a/usecases/desktop/graphical.nix b/usecases/desktop/graphical.nix new file mode 100644 index 0000000..29b2db6 --- /dev/null +++ b/usecases/desktop/graphical.nix @@ -0,0 +1,73 @@ +inputs: + +{ pkgs, ... }: + +{ + imports = [ + (import ./pipewire.nix inputs) + + (import ./graphical/alacritty.nix inputs) + (import ./graphical/mpv.nix inputs) + (import ./graphical/rofi.nix inputs) + (import ./graphical/sway.nix inputs) + (import ./graphical/waybar.nix inputs) + (import ./graphical/zathura.nix inputs) + ]; + + fonts = { + enableDefaultFonts = true; + fonts = with pkgs; [ + fira + fira-mono + dejavu_fonts + freefont_ttf + liberation_ttf + noto-fonts-cjk + #fira-mono-italic + lmodern + # Symbols + unifont + siji + font-awesome_5 + #joypixels + # Collections + league-of-moveable-type + ]; + + fontconfig = { + #ultimate.enable = true; + + defaultFonts = { + serif = [ "DejaVu Serif" ]; + sansSerif = [ "DejaVu Sans" ]; + monospace = [ "Fira Mono" ]; + #emoji = [ "JoyPixels" ]; + }; + }; + }; + + hardware.opengl.enable = true; + programs.dconf.enable = true; + + xdg = { + sounds.enable = true; + portal = { + enable = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-gtk + ]; + gtkUsePortal = true; + }; + }; + + # For KDEConnect + networking.firewall.allowedTCPPortRanges = [{ from = 1714; to = 1764; }]; + networking.firewall.allowedUDPPortRanges = [{ from = 1714; to = 1764; }]; + + home-manager.users.minijackson = { + services.kdeconnect = { + enable = true; + indicator = true; + }; + }; +} diff --git a/usecases/desktop/graphical/alacritty.nix b/usecases/desktop/graphical/alacritty.nix new file mode 100644 index 0000000..3e5795b --- /dev/null +++ b/usecases/desktop/graphical/alacritty.nix @@ -0,0 +1,49 @@ +inputs: + +{ config, ... }: + +{ + home-manager.users.minijackson.programs.alacritty = { + enable = true; + settings = { + window = { + padding.x = 2; + padding.y = 2; + }; + + font = { + size = 8.0; + italic.style = "Regular Italic"; + }; + + colors = with config.theme.colors; { + primary.background = softBackground; + primary.foreground = foreground; + + normal = { + black = background; + # TODO: bright white is same + #white = "0xa89984"; + white = foreground; + red = neutralRed; + green = neutralGreen; + yellow = neutralYellow; + blue = neutralBlue; + magenta = neutralMagenta; + cyan = neutralCyan; + }; + + bright = { + black = dimForeground; + white = foreground; + red = brightRed; + green = brightGreen; + yellow = brightYellow; + blue = brightBlue; + magenta = brightMagenta; + cyan = brightCyan; + }; + }; + }; + }; +} diff --git a/usecases/desktop/graphical/mpv.nix b/usecases/desktop/graphical/mpv.nix new file mode 100644 index 0000000..381b893 --- /dev/null +++ b/usecases/desktop/graphical/mpv.nix @@ -0,0 +1,16 @@ +inputs: + +{ pkgs, ... }: + +{ + home-manager.users.minijackson.programs.mpv = { + enable = true; + config = { + hwdec = "auto"; + profile = "gpu-hq"; + }; + # TODO: for 21.05 + #defaultProfiles = [ "gpu-hq" ]; + scripts = with pkgs.mpvScripts; [ mpris sponsorblock ]; + }; +} diff --git a/usecases/desktop/graphical/rofi.nix b/usecases/desktop/graphical/rofi.nix new file mode 100644 index 0000000..0013f5c --- /dev/null +++ b/usecases/desktop/graphical/rofi.nix @@ -0,0 +1,102 @@ +inputs: + +{ config, ... }: + +{ + home-manager.users.minijackson.programs.rofi = { + enable = true; + + # TODO: there is a better way + theme = with config.theme.colors; builtins.toFile "theme.rasi" '' + * { + dominant: ${dominant}; + + foreground: ${foreground}; + dim-foreground: ${dimForeground}; + + text-color: @foreground; + border-color: @dim-foreground; + + background-color: ${background}; + light-background: ${lightBackground}; + } + + #window { + padding: 8px; + + border: 1px solid; + background-color: @background; + } + + #mainbox { + border: 0; + padding: 0; + } + + #inputbar { + spacing: 0; + padding: 5px; + border: 0 0 1px 0; + margin: 0 0 8px 0; + children: [ prompt, textbox-prompt-sep, entry ]; + } + + #prompt { + background-color: @background; + text-color: @dim-foreground; + } + + textbox-prompt-sep { + expand: false; + str: ":"; + text-color: @dim-foreground; + margin: 0 8px 0 0; + } + + #message { + spacing: 0; + padding: 5px; + border: 0 0 1px 0; + margin: 0 0 8px 0; + } + + #listview { + spacing: 0; + } + + #element { + border: 0; + padding: 5px; + + background-color: @background; + } + + #element.selected.normal { + background-color: @dominant; + } + + #element.urgent { + background-color: ${fadedRed}; + } + + #element.selected.urgent { + background-color: ${neutralRed}; + } + + #element.active { + background-color: ${dimForeground}; + text-color: ${background}; + } + + #element.selected.active { + background-color: ${foreground}; + text-color: ${background}; + } + + #scrollbar { + width: 4px; + handle-width: 8px; + } + ''; + }; +} diff --git a/usecases/desktop/graphical/sway.nix b/usecases/desktop/graphical/sway.nix new file mode 100644 index 0000000..6c5b2ed --- /dev/null +++ b/usecases/desktop/graphical/sway.nix @@ -0,0 +1,263 @@ +inputs: + +{ config, lib, pkgs, system, ... }: +let + globalConfig = config; +in +{ + home-manager.users.minijackson = { config, ... }: { + wayland.windowManager.sway = { + enable = true; + + extraSessionCommands = '' + # https://github.com/emersion/xdg-desktop-portal-wlr/issues/20 + export XDG_CURRENT_DESKTOP=sway + # https://github.com/emersion/xdg-desktop-portal-wlr/pull/11 + export XDG_SESSION_TYPE=wayland + + export SDL_VIDEODRIVER=wayland + + export QT_QPA_PLATFORM=wayland + export QT_WAYLAND_DISABLE_WINDOWDECORATION=1 + ''; + + # Implemented below in startup, due to global import-environment failing + # when not specifying variables. + # + # TODO: make PR + #systemdIntegration = true; + wrapperFeatures.gtk = true; + + config = { + # Using waybar + bars = [ ]; + + bindkeysToCode = true; + + colors = with globalConfig.theme.colors; { + focused = { + border = lightBackground; + background = lightBackground; + text = foreground; + indicator = dominant; + childBorder = dominant; + }; + + focusedInactive = { + border = background; + background = background; + text = dimForeground; + indicator = dominant; + childBorder = background; + }; + + unfocused = { + border = background; + background = background; + text = dimForeground; + indicator = dominant; + childBorder = background; + }; + + urgent = { + border = brightRed; + background = brightRed; + text = foreground; + indicator = brightRed; + childBorder = brightRed; + }; + + placeholder = { + border = background0; + background = background0; + text = foreground; + indicator = background0; + childBorder = background0; + }; + }; + + floating.criteria = [ + { title = "Steam - News"; } + ]; + + input = { + "1:1:AT_Translated_Set_2_keyboard" = { + xkb_layout = "fr"; + xkb_variant = "oss"; + xkb_options = "compose:caps"; + xkb_numlock = "enabled"; + }; + + "1452:514:Alps_Electric_M2452" = { + xkb_layout = "fr"; + xkb_variant = "oss"; + xkb_options = "compose:caps,lv3:rwin_switch"; + xkb_numlock = "enabled"; + }; + + "7764:8240:TypeMatrix.com_USB_Keyboard" = { + xkb_layout = "dvorak"; + xkb_options = "eurosign:e,compose:caps"; + }; + + + "1133:49948:Logitech_USB_Keyboard" = { + xkb_layout = "fr"; + xkb_variant = "oss"; + xkb_options = "eurosign:e,compose:caps"; + xkb_numlock = "enabled"; + }; + + "1102:4639:DELL0817:00_044E:121F_Mouse" = { + scroll_method = "on_button_down"; + scroll_button = "button2"; + }; + }; + + keybindings = + let + modifier = config.wayland.windowManager.sway.config.modifier; + in + lib.mkOptionDefault { + "${modifier}+ampersand" = "workspace 1"; + "${modifier}+eacute" = "workspace 2"; + "${modifier}+quotedbl" = "workspace 3"; + "${modifier}+apostrophe" = "workspace 4"; + "${modifier}+parenleft" = "workspace 5"; + "${modifier}+minus" = "workspace 6"; + "${modifier}+egrave" = "workspace 7"; + "${modifier}+underscore" = "workspace 8"; + "${modifier}+ccedilla" = "workspace 9"; + "${modifier}+agrave" = "workspace 10"; + + "${modifier}+Shift+ampersand" = "move container to workspace 1"; + "${modifier}+Shift+eacute" = "move container to workspace 2"; + "${modifier}+Shift+quotedbl" = "move container to workspace 3"; + "${modifier}+Shift+apostrophe" = "move container to workspace 4"; + "${modifier}+Shift+parenleft" = "move container to workspace 5"; + "${modifier}+Shift+minus" = "move container to workspace 6"; + "${modifier}+Shift+egrave" = "move container to workspace 7"; + "${modifier}+Shift+underscore" = "move container to workspace 8"; + "${modifier}+Shift+ccedilla" = "move container to workspace 9"; + "${modifier}+Shift+agrave" = "move container to workspace 10"; + + "${modifier}+m" = "exec ${pkgs.swaylock}/bin/swaylock"; + }; + + menu = '' + ${pkgs.rofi}/bin/rofi -show drun -terminal ${pkgs.alacritty}/bin/alacritty + ''; + + modifier = "Mod4"; + + output."*".bg = + "${../../../res/wallpapers/wallpaper-1920x1080-kernel-card-black.png} fill"; + + startup = [ + { command = "${pkgs.mako}/bin/mako"; always = true; } + { + command = "systemctl --user import-environment ${ + builtins.toString (lib.unique config.xsession.importedVariables) + }; systemctl --user start sway-session.target"; + } + ]; + + terminal = "${pkgs.alacritty}/bin/alacritty"; + + window = { + border = 2; + hideEdgeBorders = "smart"; + titlebar = true; + }; + }; + }; + + # TODO: 21.05 + /* + services.wlsunset = { + enable = true; + latitude = "48.864716"; + longitude = "2.349014"; + # Reduce blue light anyways + temperature = { + day = 4000; + night = 2500; + }; + systemdTarget = "sway-session.target"; + }; + */ + + # TODO: upstream a PR to beautify this + xdg.configFile."swaylock/config".text = with globalConfig.theme.colors; '' + ignore-empty-password + image=${../../../res/wallpapers/wallpaper-1920x1080-install-gentoo.png} + + font=monospace + + inside-color=${lib.removePrefix "#" dominant}dd + inside-clear-color=${lib.removePrefix "#" neutralOrange}dd + inside-ver-color=${lib.removePrefix "#" neutralOrange}dd + inside-wrong-color=${lib.removePrefix "#" neutralRed}dd + + key-hl-color=${lib.removePrefix "#" brightGreen}ee + bs-hl-color=${lib.removePrefix "#" neutralRed}ee + + line-color=${lib.removePrefix "#" background}ee + line-clear-color=${lib.removePrefix "#" background}ee + line-ver-color=${lib.removePrefix "#" background}ee + line-wrong-color=${lib.removePrefix "#" background}ee + + ring-color=${lib.removePrefix "#" dominant}ee + ring-clear-color=${lib.removePrefix "#" brightOrange}ee + ring-ver-color=${lib.removePrefix "#" brightOrange}ee + ring-wrong-color=${lib.removePrefix "#" brightRed}ee + + separator-color=${lib.removePrefix "#" background}ee + + text-color=${lib.removePrefix "#" background}ff + text-clear-color=${lib.removePrefix "#" background}ff + text-ver-color=${lib.removePrefix "#" background}ff + text-wrong-color=${lib.removePrefix "#" background}ff + + indicator-radius=75 + indicator-thickness=10 + ''; + + xsession.importedVariables = [ + "DBUS_SESSION_BUS_ADDRESS" + "DISPLAY" + "SSH_AUTH_SOCK" + "XAUTHORITY" + "XDG_DATA_DIRS" + "XDG_RUNTIME_DIR" + "XDG_SESSION_ID" + + "WAYLAND_DISPLAY" + "SWAYSOCK" + "I3SOCK" + + "XDG_CURRENT_DESKTOP" + "XDG_SESSION_TYPE" + ]; + + systemd.user.targets.sway-session = { + Unit = { + Description = "sway compositor session"; + Documentation = [ "man:systemd.special(7)" ]; + BindsTo = [ "graphical-session.target" ]; + Wants = [ "graphical-session-pre.target" ]; + After = [ "graphical-session-pre.target" ]; + }; + }; + }; + + environment.systemPackages = with pkgs; [ qt5.qtwayland ]; + + # TODO: in 21.05 + #programs.xwayland.enable = true; + security.pam.services.swaylock = { }; + + xdg.portal.extraPortals = with pkgs; [ + unstable.xdg-desktop-portal-wlr + ]; +} diff --git a/usecases/desktop/graphical/waybar.nix b/usecases/desktop/graphical/waybar.nix new file mode 100644 index 0000000..dca43a2 --- /dev/null +++ b/usecases/desktop/graphical/waybar.nix @@ -0,0 +1,288 @@ +inputs: + +{ config, lib, pkgs, ... }: + +{ + home-manager.users.minijackson = { + programs.waybar = { + enable = true; + + settings = [{ + layer = "top"; + position = "bottom"; + height = 25; + + modules-left = [ "sway/workspaces" "sway/mode" ]; + modules-center = [ "mpd" ]; + modules-right = [ + "idle_inhibitor" + "pulseaudio" + "network#eth" + "network#wlan" + "cpu" + "memory" + "temperature" + "backlight" + "battery" + "clock" + "tray" + ]; + + modules = { + mpd = { + format = "{stateIcon} {consumeIcon}{randomIcon}{repeatIcon}{singleIcon}{artist} - {album} - {title} ({elapsedTime:%M:%S}/{totalTime:%M:%S}) "; + format-stopped = "{consumeIcon}{randomIcon}{repeatIcon}{singleIcon}Stopped "; + format-disconnected = "Disconnected "; + + on-click-middle = "${pkgs.alacritty}/bin/alacritty --command ncmpcpp"; + + consume-icons = { + on = " "; + }; + + random-icons = { + on = " "; + }; + + repeat-icons = { + on = " "; + }; + + single-icons = { + on = "1 "; + }; + + state-icons = { + playing = ""; + paused = ""; + }; + }; + + idle_inhibitor = { + format = "{icon}"; + format-icons = { + activated = ""; + deactivated = ""; + }; + }; + + clock = { + tooltip-format = "{:%Y-%m-%d | %H:%M}"; + format-alt = "{:%Y-%m-%d}"; + }; + + cpu = { format = "{usage}% "; }; + + memory = { format = "{}% "; }; + + battery = { + states = { good = 90; }; + format = "{capacity}% {icon}"; + format-icons = [ + "" + "" + "" + "" + "" + ]; + }; + + "network#eth" = { + interface = "enp*"; + format-ethernet = "{ipaddr}/{cidr} "; + format-disconnected = "Disconnected "; + }; + + "network#wlan" = { + interface = "wlp*"; + format-wifi = "{essid} ({signalStrength}%) "; + format-disconnected = "Disconnected "; + tooltip = true; + tooltip-format-wifi = "{ipaddr}/{cidr}"; + }; + + temperature = { + hwmon-path = "/sys/class/hwmon/hwmon0/temp1_input"; + format = "{temperatureC} °C "; + }; + + backlight = { + format = "{percent}% {icon}"; + format-icons = [ "" "" ]; + }; + + pulseaudio = { + format = "{volume}% {icon}"; + format-bluetooth = "{volume}% {icon}"; + format-muted = ""; + format-icons = { + headphones = ""; + handsfree = ""; + headset = ""; + phone = ""; + portable = ""; + car = ""; + default = [ "" "" ]; + }; + on-click = "pavucontrol"; + }; + }; + }]; + + style = with config.theme.colors; '' + * { + border: none; + border-radius: 0; + font-family: mono; + font-size: 11px; + min-height: 0; + } + + window#waybar { + background: ${background}; + border-bottom: 3px solid ${lightBackground}; + color: ${foreground}; + } + + /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ + #workspaces button { + padding: 0 5px; + background: transparent; + color: ${foreground}; + border-bottom: 3px solid transparent; + } + + #workspaces button.focused { + background: ${dominant}; + border-bottom: 3px solid ${foreground}; + } + + #mode { + background: ${lightBackground}; + border-bottom: 3px solid ${foreground}; + } + + #clock, #battery, #cpu, #memory, #temperature, #backlight, #network, #pulseaudio, #custom-mpd, #mpd, #tray, #mode, #idle_inhibitor { + padding: 0 10px; + margin: 0 5px; + } + + #clock { + background-color: ${neutralMagenta}; + color: ${background}; + } + + #battery { + background-color: ${neutralYellow}; + color: ${background}; + } + + /* + #battery.charging { + color: ${foreground}; + background-color: #26A65B; + } + */ + + @keyframes blink { + to { + background-color: ${foreground}; + color: ${background}; + } + } + + #battery.critical:not(.charging) { + background: ${fadedRed}; + color: ${foreground}; + animation-name: blink; + animation-duration: 0.5s; + animation-timing-function: linear; + animation-iteration-count: infinite; + animation-direction: alternate; + } + + #cpu { + background: ${neutralOrange}; + color: ${background}; + } + + #memory { + background: ${brightBlue}; + color: ${background}; + } + + #backlight { + background: ${background6}; + color: ${background}; + } + + #network { + background: ${neutralGreen}; + color: ${background}; + } + + #network.disconnected { + background: ${lightBackground}; + color: ${foreground}; + } + + #pulseaudio { + background: ${neutralCyan}; + color: ${background}; + } + + #pulseaudio.muted { + background: ${foreground}; + } + + #temperature { + background: ${brightCyan}; + color: ${background}; + } + + #temperature.critical { + background: ${fadedRed}; + color: ${foreground}; + } + + #tray { + background-color: #2980b9; + } + + #idle_inhibitor { + background-color: ${lightBackground}; + } + + #custom-mpd { + background-color: ${dominant}; + } + + #mpd { + background: ${dominant}; + } + + #mpd.disconnected { + background: ${lightBackground}; + color: ${foreground}; + } + + #mpd.stopped { + background: ${foreground}; + color: ${background}; + } + + #mpd.paused { + background: ${dimDominant}; + } + ''; + + systemd.enable = true; + }; + + # Fix https://github.com/nix-community/home-manager/pull/1628 + systemd.user.services.waybar.Unit = { + Requisite = lib.mkForce []; + After = lib.mkForce []; + }; + }; +} diff --git a/usecases/desktop/graphical/zathura.nix b/usecases/desktop/graphical/zathura.nix new file mode 100644 index 0000000..d1832d8 --- /dev/null +++ b/usecases/desktop/graphical/zathura.nix @@ -0,0 +1,55 @@ +inputs: + +{ config, ... }: + +{ + home-manager.users.minijackson.programs.zathura = { + enable = true; + + options = with config.theme.colors; { + guioptions = ""; + adjust-open = "width"; + + smooth-scroll = true; + scroll-step = 100; + #scroll-full-overlap = 0.05; + + selection-clipboard = "clipboard"; + + default-bg = softBackground; + default-fg = foreground; + + notification-error-bg = neutralRed; + notification-error-fg = foreground; + + notification-warning-bg = background; + notification-warning-fg = brightRed; + + highlight-color = fadedYellow; + highlight-active-color = brightYellow; + + inputbar-bg = background; + inputbar-fg = dominant; + + completion-bg = background; + completion-fg = neutralBlue; + + completion-highlight-bg = dominant; + completion-highlight-fg = background; + + notification-bg = dominant; + notification-fg = background; + + index-bg = background; + index-fg = foreground; + + index-active-bg = dominant; + index-active-fg = background; + + recolor-lightcolor = background; + recolor-darkcolor = foreground; + recolor-keephue = true; + recolor = true; + }; + }; +} diff --git a/usecases/desktop/pipewire.nix b/usecases/desktop/pipewire.nix new file mode 100644 index 0000000..e742ba9 --- /dev/null +++ b/usecases/desktop/pipewire.nix @@ -0,0 +1,44 @@ +inputs: + +{ pkgs, ... }: + +{ + imports = [ + (inputs.nixpkgs-unstable.outPath + "/nixos/modules/services/desktops/pipewire/pipewire.nix") + (inputs.nixpkgs-unstable.outPath + "/nixos/modules/services/desktops/pipewire/pipewire-media-session.nix") + ]; + + disabledModules = [ "services/desktops/pipewire.nix" ]; + + services.pipewire = { + enable = true; + package = pkgs.unstable.pipewire; + + alsa.enable = true; + jack.enable = true; + pulse.enable = true; + + config = { + pipewire-pulse = { + "context.modules" = [ + { name = "libpipewire-module-rtkit"; flags = [ "ifexists" "nofail" ]; } + { name = "libpipewire-module-protocol-native"; } + { name = "libpipewire-module-client-node"; } + { name = "libpipewire-module-adapter"; } + { name = "libpipewire-module-metadata"; } + { + name = "libpipewire-module-protocol-pulse"; + args = { + # TODO: set it in MPD? + "server.address" = [ "unix:native" "tcp:127.0.0.1:4713" ]; + }; + } + ]; + }; + }; + + media-session.package = pkgs.unstable.pipewire.mediaSession; + }; + + security.rtkit.enable = true; +} diff --git a/usecases/server/default.nix b/usecases/server/default.nix index 1b47ee4..f32728a 100644 --- a/usecases/server/default.nix +++ b/usecases/server/default.nix @@ -1,8 +1,12 @@ +# A reasonable set of defaults for a server + +inputs: + { ... }: { imports = [ - ./fail2ban.nix - ./monitoring-target.nix + (import ./fail2ban.nix inputs) + (import ./monitoring-target.nix inputs) ]; } diff --git a/usecases/server/fail2ban.nix b/usecases/server/fail2ban.nix index 1c2912c..3870a32 100644 --- a/usecases/server/fail2ban.nix +++ b/usecases/server/fail2ban.nix @@ -1,3 +1,5 @@ +inputs: + { config, ... }: { diff --git a/usecases/server/monitoring-target.nix b/usecases/server/monitoring-target.nix index 1ddeb25..2ccd160 100644 --- a/usecases/server/monitoring-target.nix +++ b/usecases/server/monitoring-target.nix @@ -1,3 +1,5 @@ +inputs: + { config, ... }: { @@ -6,7 +8,7 @@ enable = true; enabledCollectors = [ "logind" "systemd" ]; disabledCollectors = [ "textfile" ]; - listenAddress = config.topology.mainVpn.currentNodeIP; + listenAddress = "[${config.topology.mainVpn.currentNodeIP}]"; }; }; -- cgit v1.2.3