Ittihadyya/adyya-flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

i take back what i said, it should be relevant now, though
Some checks failed
/ nix fmt (push) Has been cancelled
Details

Browse source
This commit is contained in:
Ittihadyya 2024-11-26 15:30:26 +02:00
parent 321f72f070
commit abd6c558a2
43 changed files with 929 additions and 978 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
_inheritance.mod.nix
View file

@ -2,8 +2,7 @@
merge,
configs,
...
}:
{
}: {
#capsaicin is a custom-built PC
capsaicin = merge configs.universal configs.personal;
#menthol is a Lenovo Thinkpad T460s
@ -15,5 +14,4 @@
fructose = merge configs.universal (merge configs.sucrose configs.cluster);
#aspartame is a VPS from Contabo
aspartame = merge configs.universal configs.cluster;
}

78
adyya-pkgs/adyya_pkgs.mod.nix
View file

@ -1,50 +1,52 @@
{
aspartame.modules = [
(
{ pkgs, lib, ... }:
{
pkgs,
lib,
...
}: {
nixpkgs.overlays = [
(
final: prev:
let
caddy-custom = pkgs.callPackage ./caddy-custom.nix { };
in
let
final: prev: let
caddy-custom = pkgs.callPackage ./caddy-custom.nix {};
in let
# Caddy Layer4 modules
l4CaddyModules =
lib.lists.map
(name: {
inherit name;
repo = "github.com/mholt/caddy-l4";
version = "3d22d6da412883875f573ee4ecca3dbb3fdf0fd0";
})
[
"layer4"
"modules/l4proxy"
"modules/l4tls"
"modules/l4proxyprotocol"
];
in
{
(name: {
inherit name;
repo = "github.com/mholt/caddy-l4";
version = "3d22d6da412883875f573ee4ecca3dbb3fdf0fd0";
})
[
"layer4"
"modules/l4proxy"
"modules/l4tls"
"modules/l4proxyprotocol"
];
in {
caddy-default = caddy-custom;
caddy-base = caddy-custom.withPlugins { caddyModules = [ ]; };
caddy-base = caddy-custom.withPlugins {caddyModules = [];};
caddy-l4 = caddy-custom.withPlugins {
caddyModules = l4CaddyModules;
vendorHash = "sha256-Bz2tR1/a2okARCWFEeSEeVUx2mdBe0QKUh5qzKUOF8s=";
};
caddy-many = caddy-custom.withPlugins {
caddyModules = [
{
name = "transform-encoder";
repo = "github.com/caddyserver/transform-encoder";
version = "f627fc4f76334b7aef8d4ed8c99c7e2bcf94ac7d";
}
{
name = "connegmatcher";
repo = "github.com/mpilhlt/caddy-conneg";
version = "v0.1.4";
}
] ++ l4CaddyModules;
caddyModules =
[
{
name = "transform-encoder";
repo = "github.com/caddyserver/transform-encoder";
version = "f627fc4f76334b7aef8d4ed8c99c7e2bcf94ac7d";
}
{
name = "connegmatcher";
repo = "github.com/mpilhlt/caddy-conneg";
version = "v0.1.4";
}
]
++ l4CaddyModules;
vendorHash = "sha256-OjyJdcbLMSvgkHKR4xMF0BgsuA5kdKgDgV+ocuNHUf4=";
};
}
@ -52,21 +54,21 @@
];
}
)
({
{
nixpkgs.overlays = [
(final: prev: {
gts = final.callPackage ./gts.nix { };
gts = final.callPackage ./gts.nix {};
})
];
})
}
];
personal.modules = [
({
{
nixpkgs.overlays = [
(final: prev: {
beeref = final.callPackage ./beeref.nix { }; # I'M GOING TO TRUNCATE *YOU*, BEEREF.
beeref = final.callPackage ./beeref.nix {}; # I'M GOING TO TRUNCATE *YOU*, BEEREF.
})
];
})
}
];
}

24
adyya-pkgs/beeref.nix
View file

@ -3,9 +3,7 @@
fetchurl,
lib,
...
}:
let
}: let
name = "beeref";
version = "0.3.3";
src = fetchurl {
@ -13,13 +11,13 @@ let
hash = "sha256-pavXKtjOvKY2IUPp+UP0v8WkrpPeNEcNDhqoQtFYszo=";
};
in
appimageTools.wrapType2 {
inherit name version src;
extraPkgs = pkgs: [ pkgs.python311 ];
meta = with lib; {
description = "A Simple Reference Image Viewer";
homepage = "https://github.com/rbreu/beeref";
license = licenses.gpl3Only;
mainProgram = "beeref";
};
}
appimageTools.wrapType2 {
inherit name version src;
extraPkgs = pkgs: [pkgs.python311];
meta = with lib; {
description = "A Simple Reference Image Viewer";
homepage = "https://github.com/rbreu/beeref";
license = licenses.gpl3Only;
mainProgram = "beeref";
};
}

122
adyya-pkgs/caddy-custom.nix
View file

@ -8,8 +8,7 @@
caddy,
testers,
stdenv,
}:
let
}: let
attrsToModule = map (plugin: plugin.repo);
attrsToVersionedModule = map (
{
@ -17,7 +16,7 @@ let
version,
...
}:
lib.escapeShellArg "${repo}@${version}"
lib.escapeShellArg "${repo}@${version}"
);
pname = "caddy";
@ -37,7 +36,7 @@ let
hash = "sha256-CBfyqtWp3gYsYwaIxbfXO3AYaBiM7LutLC7uZgYXfkQ=";
};
subPackages = [ "cmd/caddy" ];
subPackages = ["cmd/caddy"];
ldflags = [
"-s"
@ -46,7 +45,7 @@ let
];
# matches upstream since v2.8.0
tags = [ "nobadger" ];
tags = ["nobadger"];
nativeBuildInputs = [
gnused
@ -87,72 +86,71 @@ let
];
};
in
buildGoModule {
inherit
pname
version
src
subPackages
ldflags
tags
nativeBuildInputs
postInstall
meta
;
buildGoModule {
inherit
pname
version
src
subPackages
ldflags
tags
nativeBuildInputs
postInstall
meta
;
vendorHash = "sha256-1Api8bBZJ1/oYk4ZGIiwWCSraLzK9L+hsKXkFtk6iVM=";
vendorHash = "sha256-1Api8bBZJ1/oYk4ZGIiwWCSraLzK9L+hsKXkFtk6iVM=";
passthru = {
withPlugins =
{
passthru = {
withPlugins = {
caddyModules,
vendorHash ? lib.fakeHash,
}:
buildGoModule {
pname = "${caddy.pname}-with-plugins";
buildGoModule {
pname = "${caddy.pname}-with-plugins";
inherit
version
src
subPackages
ldflags
tags
nativeBuildInputs
postInstall
meta
;
inherit
version
src
subPackages
ldflags
tags
nativeBuildInputs
postInstall
meta
;
modBuildPhase = ''
for module in ${toString (attrsToModule caddyModules)}; do
sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go
done
for plugin in ${toString (attrsToVersionedModule caddyModules)}; do
go get $plugin
done
go mod vendor
'';
modBuildPhase = ''
for module in ${toString (attrsToModule caddyModules)}; do
sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go
done
for plugin in ${toString (attrsToVersionedModule caddyModules)}; do
go get $plugin
done
go mod vendor
'';
modInstallPhase = ''
mv -t vendor go.mod go.sum
cp -r vendor "$out"
'';
modInstallPhase = ''
mv -t vendor go.mod go.sum
cp -r vendor "$out"
'';
preBuild = ''
chmod -R u+w vendor
[ -f vendor/go.mod ] && mv -t . vendor/go.{mod,sum}
for module in ${toString (attrsToModule caddyModules)}; do
sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go
done
'';
preBuild = ''
chmod -R u+w vendor
[ -f vendor/go.mod ] && mv -t . vendor/go.{mod,sum}
for module in ${toString (attrsToModule caddyModules)}; do
sed -i "/standard/a _ \"$module\"" ./cmd/caddy/main.go
done
'';
inherit vendorHash;
};
tests = {
inherit (nixosTests) caddy;
version = testers.testVersion {
command = "${caddy}/bin/caddy version";
package = caddy;
inherit vendorHash;
};
tests = {
inherit (nixosTests) caddy;
version = testers.testVersion {
command = "${caddy}/bin/caddy version";
package = caddy;
};
};
};
};
}
}

93
adyya-pkgs/gts.nix
View file

@ -4,8 +4,7 @@
fetchFromGitHub,
buildGoModule,
nixosTests,
}:
let
}: let
owner = "superseriousbusiness";
repo = "gotosocial";
@ -16,63 +15,61 @@ let
hash = "sha256-85CmcWjcX8a+hZxkyRTfXErmkIx64R2scaaS2Fpf668=";
};
in
buildGoModule rec {
inherit version;
pname = repo;
buildGoModule rec {
inherit version;
pname = repo;
src = fetchFromGitHub {
inherit owner repo;
rev = "refs/tags/v${version}";
hash = "sha256-ql0tDaMc/1NgsLUpPHZB6GoXJj9DwUpadTX3AYufR/o=";
};
src = fetchFromGitHub {
inherit owner repo;
rev = "refs/tags/v${version}";
hash = "sha256-ql0tDaMc/1NgsLUpPHZB6GoXJj9DwUpadTX3AYufR/o=";
};
vendorHash = null;
vendorHash = null;
ldflags = [
"-s"
"-w"
"-X main.Version=${version}"
];
ldflags = [
"-s"
"-w"
"-X main.Version=${version}"
];
tags = [
"kvformat"
];
tags = [
"kvformat"
];
postInstall = ''
tar xf ${web-assets}
mkdir -p $out/share/gotosocial
mv web $out/share/gotosocial/
'';
postInstall = ''
tar xf ${web-assets}
mkdir -p $out/share/gotosocial
mv web $out/share/gotosocial/
'';
# tests are working only on x86_64-linux
# doCheck = stdenv.hostPlatform.isLinux && stdenv.hostPlatform.isx86_64;
# checks are currently very unstable in our setup, so we should test manually for now
doCheck = false;
# tests are working only on x86_64-linux
# doCheck = stdenv.hostPlatform.isLinux && stdenv.hostPlatform.isx86_64;
# checks are currently very unstable in our setup, so we should test manually for now
doCheck = false;
checkFlags =
let
checkFlags = let
# flaky / broken tests
skippedTests = [
# See: https://github.com/superseriousbusiness/gotosocial/issues/2651
"TestPage/minID,_maxID_and_limit_set"
];
in
[ "-skip=^${builtins.concatStringsSep "$|^" skippedTests}$" ];
in ["-skip=^${builtins.concatStringsSep "$|^" skippedTests}$"];
passthru.tests.gotosocial = nixosTests.gotosocial;
passthru.tests.gotosocial = nixosTests.gotosocial;
meta = with lib; {
homepage = "https://gotosocial.org";
changelog = "https://github.com/superseriousbusiness/gotosocial/releases/tag/v${version}";
description = "Fast, fun, ActivityPub server, powered by Go";
longDescription = ''
ActivityPub social network server, written in Golang.
You can keep in touch with your friends, post, read, and
share images and articles. All without being tracked or
advertised to! A light-weight alternative to Mastodon
and Pleroma, with support for clients!
'';
maintainers = with maintainers; [ blakesmith ];
license = licenses.agpl3Only;
};
}
meta = with lib; {
homepage = "https://gotosocial.org";
changelog = "https://github.com/superseriousbusiness/gotosocial/releases/tag/v${version}";
description = "Fast, fun, ActivityPub server, powered by Go";
longDescription = ''
ActivityPub social network server, written in Golang.
You can keep in touch with your friends, post, read, and
share images and articles. All without being tracked or
advertised to! A light-weight alternative to Mastodon
and Pleroma, with support for clients!
'';
maintainers = with maintainers; [blakesmith];
license = licenses.agpl3Only;
};
}

18
apps.mod.nix
View file

@ -1,9 +1,7 @@
{ vscode-server, ... }:
{
{vscode-server, ...}: {
universal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
ps
wget
@ -42,16 +40,14 @@
];
personal.modules = [
(
{ pkgs, ... }:
{
users.users.emv.extraGroups = [ "video" ];
{pkgs, ...}: {
users.users.emv.extraGroups = ["video"];
}
)
];
personal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
emulsion
ffmpeg
@ -70,7 +66,6 @@
terminator = {
enable = true;
};
};
}
)
@ -81,8 +76,7 @@
];
capsaicin.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
cryptsetup
keepassxc

8
art.mod.nix
View file

@ -1,9 +1,7 @@
{
capsaicin.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
blender # this is because capsaicin is the only one of the two who can take rendering something without starting a forest fire
];
@ -12,8 +10,7 @@
];
personal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
krita
inkscape
@ -26,5 +23,4 @@
}
)
];
}

3
audio.mod.nix
View file

@ -14,8 +14,7 @@
];
personal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
pwvucontrol
pw-volume

5
cluster/kernel.mod.nix
View file

@ -1,8 +1,11 @@
{
cluster-testing.modules = [
(
{ pkgs, lib, ... }:
{
pkgs,
lib,
...
}: {
boot.kernelPatches = [
{
name = "eBPF-cilium";

78
cluster/kubernetes.mod.nix
View file

@ -1,45 +1,45 @@
{
cluster-testing.modules = [
({
{
/*
services.k3s = { # just hogging resources at this moment
enable = true;
role = "server";
# token = ""; # Agent nodes are joined to the master node using a node-token which can be found on the master node at /var/lib/rancher/k3s/server/node-token.
clusterInit = true;
# allegedly you need different configs for non-starting nodes, including the ip of a server. you should handle this within nix, preferrably -e
# allegedly: " If you are configuring an HA cluster with an embedded etcd, the 1st server must have clusterInit = true and other servers must connect to it using serverAddr. " # I think you can get around this kinda by pointing to a domain, so that if the server with the address specified in the config fails, others take the request. i am not sure about the details of the implementation - i.e how to do it without giving authority to a specific node. This is more of a theoretical problem, i think, since this only matters when a node starts up and gets to be part of the cluster - after it's included i'm pretty sure it would be fine? Might need to do some testing -e
# this kinda makes sense? like otherwise how would the new clusters know where to connect to ? Because it uses raft, the serverAddr doesn't necessarily have to be the one with clusterInit, as, according to the Raft specification, calls to followers get forwarded to the leader node. -e
extraFlags = [
# "--flannel-backend none"
# "--disable-network-policy"
# "--no-deploy traefik"
]; # --flannel-backend-none and --disable-network-policy prepare the cluster for cillium, which, as far as i can see, i need to install imperatively because it isn't a service or packaged within nixpkgs. The command used is `cilium install --version 1.x.x --set=ipam.operator.clusterPoolIPv4PodCIDRList="10.42.0.0/16"`,replace the x's with whatever version you need, as of 2024.09.20 1.16.1 is the latest (released on the 14th of August 2024, according to their github). Godspeed to future addy if we decide to do package it ourselves or something. -e
# configPath = ./k3s.yaml;
}; # decided to try stock kubernetes since k3s doesn't seem to be working as i intend --- a week later --- YOU BUMBLING MORON YOU ARE ON UNSTABLE AND YOU WERE LOOKING AT 24.05 DOCS
/*
services.kubernetes = {
# flannel.enable = false;
roles = [ "master" "node" ];
masterAddress = "10.12.96.4";
#apiserverAddress = "10.12.96.4:6443";
kubelet = {
enable = true;
extraOpts = "--fail-swap-on=false";
};
scheduler.enable = true;
apiserver ={
enable = true;
advertiseAddress = "10.12.96.4";
securePort = 6443;
};
easyCerts = true;
pki.enable = true;
addons.dns.enable = true;
controllerManager.enable = true;
addonManager.enable = true;
}; #chat is this factual
services.k3s = { # just hogging resources at this moment
enable = true;
role = "server";
# token = ""; # Agent nodes are joined to the master node using a node-token which can be found on the master node at /var/lib/rancher/k3s/server/node-token.
clusterInit = true;
# allegedly you need different configs for non-starting nodes, including the ip of a server. you should handle this within nix, preferrably -e
# allegedly: " If you are configuring an HA cluster with an embedded etcd, the 1st server must have clusterInit = true and other servers must connect to it using serverAddr. " # I think you can get around this kinda by pointing to a domain, so that if the server with the address specified in the config fails, others take the request. i am not sure about the details of the implementation - i.e how to do it without giving authority to a specific node. This is more of a theoretical problem, i think, since this only matters when a node starts up and gets to be part of the cluster - after it's included i'm pretty sure it would be fine? Might need to do some testing -e
# this kinda makes sense? like otherwise how would the new clusters know where to connect to ? Because it uses raft, the serverAddr doesn't necessarily have to be the one with clusterInit, as, according to the Raft specification, calls to followers get forwarded to the leader node. -e
extraFlags = [
# "--flannel-backend none"
# "--disable-network-policy"
# "--no-deploy traefik"
]; # --flannel-backend-none and --disable-network-policy prepare the cluster for cillium, which, as far as i can see, i need to install imperatively because it isn't a service or packaged within nixpkgs. The command used is `cilium install --version 1.x.x --set=ipam.operator.clusterPoolIPv4PodCIDRList="10.42.0.0/16"`,replace the x's with whatever version you need, as of 2024.09.20 1.16.1 is the latest (released on the 14th of August 2024, according to their github). Godspeed to future addy if we decide to do package it ourselves or something. -e
# configPath = ./k3s.yaml;
}; # decided to try stock kubernetes since k3s doesn't seem to be working as i intend --- a week later --- YOU BUMBLING MORON YOU ARE ON UNSTABLE AND YOU WERE LOOKING AT 24.05 DOCS
/*
services.kubernetes = {
# flannel.enable = false;
roles = [ "master" "node" ];
masterAddress = "10.12.96.4";
#apiserverAddress = "10.12.96.4:6443";
kubelet = {
enable = true;
extraOpts = "--fail-swap-on=false";
};
scheduler.enable = true;
apiserver ={
enable = true;
advertiseAddress = "10.12.96.4";
securePort = 6443;
};
easyCerts = true;
pki.enable = true;
addons.dns.enable = true;
controllerManager.enable = true;
addonManager.enable = true;
}; #chat is this factual
*/
})
}
];
}

3
cluster/packages.mod.nix
View file

@ -1,8 +1,7 @@
{
cluster-testing.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
clang # this is for cilium
llvm_18 # idem

9
cluster/virtualisation.mod.nix
View file

@ -1,16 +1,15 @@
{
cluster.modules = [
({
{
users.users.emv.extraGroups = [
"podman"
];
})
}
];
sucrose.modules = [
(
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.podman-compose ];
{pkgs, ...}: {
environment.systemPackages = [pkgs.podman-compose];
virtualisation = {
containers.enable = true;
podman = {

12
dev.mod.nix
View file

@ -17,8 +17,7 @@
];
personal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.vscode = {
enable = true;
package = pkgs.vscodium;
@ -38,12 +37,9 @@
];
personal.modules = [
(
{ pkgs, ... }:
{
environment.systemPackages =
with pkgs;
[
];
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
];
programs = {
direnv = {
enable = true;

3
emacs.mod.nix
View file

@ -1,8 +1,7 @@
{
personal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
mupdf
];

113
flake.nix
View file

@ -24,44 +24,43 @@
#niri.url = "github:sodiboo/niri-flake";
};
outputs =
{
self,
nixpkgs,
...
}@inputs:
with nixpkgs.lib;
let
outputs = {
self,
nixpkgs,
...
} @ inputs:
with nixpkgs.lib; let
match = flip getAttr;
read_dir_recursively =
dir:
read_dir_recursively = dir:
concatMapAttrs (
this:
match {
directory = mapAttrs' (subpath: nameValuePair "${this}/${subpath}") (
read_dir_recursively "${dir}/${this}"
);
regular = {
${this} = "${dir}/${this}";
};
symlink = { };
}
match {
directory = mapAttrs' (subpath: nameValuePair "${this}/${subpath}") (
read_dir_recursively "${dir}/${this}"
);
regular = {
${this} = "${dir}/${this}";
};
symlink = {};
}
) (builtins.readDir dir);
# `const` helper function is used extensively: the function is constant in regards to the name of the attribute.
params = inputs // {
configs = raw_configs;
molecules = {
# number via perfect squares for now, start from 15 squared for personal and 2 squared for others (use primes afterwards, in the same way)
capsaicin = 225; # pc
menthol = 196; # laptop
glucose = 4; # minipc functioning as server node
fructose = 9; # idem
aspartame = 16; # VPS
params =
inputs
// {
configs = raw_configs;
molecules = {
# number via perfect squares for now, start from 15 squared for personal and 2 squared for others (use primes afterwards, in the same way)
capsaicin = 225; # pc
menthol = 196; # laptop
glucose = 4; # minipc functioning as server node
fructose = 9; # idem
aspartame = 16; # VPS
};
inherit merge extras;
};
inherit merge extras;
};
# It is important to note, that when adding a new `.mod.nix` file, you need to run `git add` on the file.
# If you don't, the file will not be included in the flake, and the modules defined within will not be loaded.
@ -73,11 +72,10 @@
(mapAttrs (const (flip toFunction params)))
];
merge =
prev: this:
merge = prev: this:
{
modules = prev.modules or [ ] ++ this.modules or [ ];
home_modules = prev.home_modules or [ ] ++ this.home_modules or [ ];
modules = prev.modules or [] ++ this.modules or [];
home_modules = prev.home_modules or [] ++ this.home_modules or [];
}
// (optionalAttrs (prev ? system || this ? system) {
system = prev.system or this.system;
@ -85,27 +83,35 @@
all_modules = attrValues (read_all_modules "${self}");
raw_configs' = builtins.zipAttrsWith (
machine: if machine == "extras" then mergeAttrsList else builtins.foldl' merge { }
) all_modules;
raw_configs' =
builtins.zipAttrsWith (
machine:
if machine == "extras"
then mergeAttrsList
else builtins.foldl' merge {}
)
all_modules;
raw_configs = builtins.removeAttrs raw_configs' [ "extras" ];
raw_configs = builtins.removeAttrs raw_configs' ["extras"];
extras = raw_configs'.extras or { };
extras = raw_configs'.extras or {};
configs = builtins.mapAttrs (const (
config:
nixpkgs.lib.nixosSystem {
inherit (config) system;
modules = config.modules ++ [
{
_module.args.home_modules = config.home_modules;
configs =
builtins.mapAttrs (const (
config:
nixpkgs.lib.nixosSystem {
inherit (config) system;
modules =
config.modules
++ [
{
_module.args.home_modules = config.home_modules;
}
];
}
];
}
)) raw_configs;
in
{
))
raw_configs;
in {
# for use in nix repl
p = s: builtins.trace "\n\n${s}\n" "---";
@ -113,14 +119,15 @@
nixosConfigurations = builtins.mapAttrs (name: const configs.${name}) params.molecules;
# This is useful to rebuild all systems at once, for substitution
all-systems = nixpkgs.legacyPackages.x86_64-linux.runCommand "all-systems" { } (
all-systems = nixpkgs.legacyPackages.x86_64-linux.runCommand "all-systems" {} (
''
mkdir $out
''
+ (builtins.concatStringsSep "\n" (
mapAttrsToList (name: config: ''
ln -s ${config.config.system.build.toplevel} $out/${name}
'') self.nixosConfigurations
'')
self.nixosConfigurations
))
);
};

3
fonts.mod.nix
View file

@ -1,8 +1,7 @@
{
personal.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
fonts.packages = with pkgs; [
noto-fonts
noto-fonts-cjk-sans

6
games.mod.nix
View file

@ -1,8 +1,7 @@
{
personal.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.steam = {
enable = true;
extraCompatPackages = with pkgs; [
@ -15,8 +14,7 @@
personal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
lutris
heroic

278
hardware.mod.nix
View file

@ -1,154 +1,158 @@
{ nixos-hardware, ... }:
let
{nixos-hardware, ...}: let
config = name: system: additional: {
inherit name;
value = {
inherit system;
modules = [
{
networking.hostName = name;
nixpkgs.hostPlatform = system;
}
] ++ additional;
modules =
[
{
networking.hostName = name;
nixpkgs.hostPlatform = system;
}
]
++ additional;
};
};
filesystem = fsType: path: device: options: {
fileSystems.${path} = {
inherit device fsType;
} // (if options == null then { } else { inherit options; });
fileSystems.${path} =
{
inherit device fsType;
}
// (
if options == null
then {}
else {inherit options;}
);
};
fs.mergerfs = filesystem "fuse.mergerfs";
fs.btrfs = filesystem "btrfs";
fs.ext4 = filesystem "ext4";
fs.vfat = filesystem "vfat";
swap = device: { swapDevices = [ { inherit device; } ]; };
swap = device: {swapDevices = [{inherit device;}];};
cpu = brand: { hardware.cpu.${brand}.updateMicrocode = true; };
qemu =
{ modulesPath, ... }:
{
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ];
};
cpu = brand: {hardware.cpu.${brand}.updateMicrocode = true;};
qemu = {modulesPath, ...}: {
imports = ["${modulesPath}/profiles/qemu-guest.nix"];
};
in
{
universal.modules = [
(
{
pkgs,
lib,
...
}:
{
environment.systemPackages = with pkgs; [ mergerfs ];
hardware.enableRedistributableFirmware = true;
boot.kernelPackages = pkgs.linuxPackages_latest; # hope this doesn't break anything -e
networking.useDHCP = lib.mkDefault true;
}
)
];
{
universal.modules = [
(
{
pkgs,
lib,
...
}: {
environment.systemPackages = with pkgs; [mergerfs];
hardware.enableRedistributableFirmware = true;
boot.kernelPackages = pkgs.linuxPackages_latest; # hope this doesn't break anything -e
networking.useDHCP = lib.mkDefault true;
}
)
];
personal.modules = [
{
services.fwupd.enable = true;
}
];
}
// builtins.listToAttrs [
(config "capsaicin" "x86_64-linux" [
(cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/a1a32f8b-847c-4349-8743-05d25950db1d" null)
(fs.btrfs "/mnt/hdd1tb" "/dev/disk/by-uuid/1b1451cd-89ce-4daa-afdb-37ceecbb9484" null)
(fs.ext4 "/mnt/hdd500gb" "/dev/disk/by-uuid/d7a35003-4b60-4a5e-b87a-af7c18eefe04" null)
(fs.vfat "/boot" "/dev/disk/by-uuid/5C2E-B6F1" null)
(swap "/dev/disk/by-uuid/16f09a9c-74ef-4a32-b9c0-d3948d76f3a0")
{
boot.loader.systemd-boot.enable = true;
zramSwap.enable = true;
boot.initrd.kernelModules = [ ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"usbhid"
"sd_mod"
];
boot.kernelModules = [
"usbmon"
"v4l2loopback"
];
boot.extraModulePackages = [ ];
}
])
(config "menthol" "x86_64-linux" [
(cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/1a254d99-6480-4557-b3e8-e8ee745f5832" null)
(swap "/dev/disk/by-uuid/455a7c78-fdc3-4dbb-b9f2-9518d960191b")
{
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [ ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"sd_mod"
"rtsx_pci_sdmmc"
];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
}
])
(config "glucose" "x86_64-linux" [
(cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/abbb549e-19b4-4855-b3c7-0b81ab784b74" null)
(swap "/dev/disk/by-uuid/dc948ee6-94fb-49b2-94d4-317aa41f1a9d")
{
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [ ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"sd_mod"
];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
}
])
(config "fructose" "x86_64-linux" [
(cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/e1b611e6-485f-4c2e-81fa-2fbcb3a7f1ba" null)
(swap "/dev/disk/by-uuid/83c561a1-08b9-4b48-bdfc-102098fd2059")
{
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [ ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"sd_mod"
];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
}
])
(config "aspartame" "x86_64-linux" [
qemu
(fs.ext4 "/" "/dev/disk/by-uuid/2def7bee-b1e3-49ea-b46c-33f272aaa5b2" null)
{
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
}
])
]
personal.modules = [
{
services.fwupd.enable = true;
}
];
}
// builtins.listToAttrs [
(config "capsaicin" "x86_64-linux" [
(cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/a1a32f8b-847c-4349-8743-05d25950db1d" null)
(fs.btrfs "/mnt/hdd1tb" "/dev/disk/by-uuid/1b1451cd-89ce-4daa-afdb-37ceecbb9484" null)
(fs.ext4 "/mnt/hdd500gb" "/dev/disk/by-uuid/d7a35003-4b60-4a5e-b87a-af7c18eefe04" null)
(fs.vfat "/boot" "/dev/disk/by-uuid/5C2E-B6F1" null)
(swap "/dev/disk/by-uuid/16f09a9c-74ef-4a32-b9c0-d3948d76f3a0")
{
boot.loader.systemd-boot.enable = true;
zramSwap.enable = true;
boot.initrd.kernelModules = [];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"usbhid"
"sd_mod"
];
boot.kernelModules = [
"usbmon"
"v4l2loopback"
];
boot.extraModulePackages = [];
}
])
(config "menthol" "x86_64-linux" [
(cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/1a254d99-6480-4557-b3e8-e8ee745f5832" null)
(swap "/dev/disk/by-uuid/455a7c78-fdc3-4dbb-b9f2-9518d960191b")
{
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"sd_mod"
"rtsx_pci_sdmmc"
];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
}
])
(config "glucose" "x86_64-linux" [
(cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/abbb549e-19b4-4855-b3c7-0b81ab784b74" null)
(swap "/dev/disk/by-uuid/dc948ee6-94fb-49b2-94d4-317aa41f1a9d")
{
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"sd_mod"
];
boot.kernelModules = [];
boot.extraModulePackages = [];
}
])
(config "fructose" "x86_64-linux" [
(cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/e1b611e6-485f-4c2e-81fa-2fbcb3a7f1ba" null)
(swap "/dev/disk/by-uuid/83c561a1-08b9-4b48-bdfc-102098fd2059")
{
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"sd_mod"
];
boot.kernelModules = [];
boot.extraModulePackages = [];
}
])
(config "aspartame" "x86_64-linux" [
qemu
(fs.ext4 "/" "/dev/disk/by-uuid/2def7bee-b1e3-49ea-b46c-33f272aaa5b2" null)
{
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
];
boot.initrd.kernelModules = [];
}
])
]

38
home.mod.nix
View file

@ -1,16 +1,18 @@
{ home-manager, ... }:
{
{home-manager, ...}: {
universal.modules = [
home-manager.nixosModules.home-manager
(
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
users.users.emv = {
isNormalUser = true;
description = "emv";
# shell = pkgs.zsh; # this is scuffed as hell, please, for the love of fuck, make a zsh.mod.nix file sometime
# ignoreShellProgramCheck = true;
extraGroups = [ "wheel" ];
extraGroups = ["wheel"];
};
home-manager = {
backupFileExtension = "bak";
@ -33,34 +35,32 @@
lib,
config,
...
}:
{
}: {
options.systemd-fuckery = {
auto-restart = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
default = [];
};
};
config = {
home.activation.restartSystemdFuckery =
let
ensureRuntimeDir = "XDG_RUNTIME_DIR=\${XDG_RUNTIME_DIR:-/run/user/$(id -u)}";
home.activation.restartSystemdFuckery = let
ensureRuntimeDir = "XDG_RUNTIME_DIR=\${XDG_RUNTIME_DIR:-/run/user/$(id -u)}";
systemctl = "env ${ensureRuntimeDir} ${config.systemd.user.systemctlPath}";
systemctl = "env ${ensureRuntimeDir} ${config.systemd.user.systemctlPath}";
each = f: builtins.concatStringsSep "\n" (map f config.systemd-fuckery.auto-restart);
in
lib.mkIf (config.systemd-fuckery.auto-restart != [ ]) (
lib.hm.dag.entryAfter [ "reloadSystemd" ] ''
each = f: builtins.concatStringsSep "\n" (map f config.systemd-fuckery.auto-restart);
in
lib.mkIf (config.systemd-fuckery.auto-restart != []) (
lib.hm.dag.entryAfter ["reloadSystemd"] ''
systemdStatus=$(${systemctl} --user is-system-running 2>&1 || true)
if [[ $systemdStatus == 'running' || $systemdStatus == 'degraded' ]]; then
${
each (unit: ''
run ${systemctl} --user try-restart ${unit}.service
'')
}
each (unit: ''
run ${systemctl} --user try-restart ${unit}.service
'')
}
else
echo "User systemd daemon not running. Skipping reload."
fi

11
locale.mod.nix
View file

@ -1,16 +1,19 @@
{
universal.modules = [
({
{
time.timeZone = "Europe/Bucharest";
i18n.defaultLocale = "en_US.UTF-8";
})
}
(
{ pkgs, lib, ... }:
{
pkgs,
lib,
...
}: {
services.xserver.xkb.extraLayouts = {
rulemak = {
description = "Rulemak, Colemak based Russian phonetic layout";
languages = [ "ru" ];
languages = ["ru"];
symbolsFile = pkgs.fetchurl {
url = "https://geert.hendrickx.be/colemak/rulemak.xkb";
hash = "sha256-S91aAlOllcpw9NWYf/vkZksfe4miZgx3BahswPWDWhU=";

3
nerd.mod.nix
View file

@ -1,8 +1,7 @@
{
personal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
geogebra6 # geogebra5 currently does not work?
gimp

6
networking/firewall.mod.nix
View file

@ -9,7 +9,7 @@
fructose.modules = [
{
networking.firewall = {
allowedUDPPorts = [ ];
allowedUDPPorts = [];
allowedTCPPorts = [
3000 # forgejo http
222 # forgejo ssh
@ -32,7 +32,7 @@
];
aspartame.modules = [
({
{
services.fail2ban.enable = true;
networking.firewall = {
interfaces.eth0.allowedTCPPorts = [
@ -45,6 +45,6 @@
64738 # murmur udp
];
};
})
}
];
}

114
networking/general.mod.nix
View file

@ -2,15 +2,18 @@
# networking? I sure hope it is. (It was not)
universal.modules = [
(
{ pkgs, lib, ... }:
{
pkgs,
lib,
...
}: {
networking.networkmanager = {
enable = true;
plugins = lib.mkForce [ ]; # networkmanager has a shit ton of vpn plugins by default. which we do not care about because we use wireguard. -e
plugins = lib.mkForce []; # networkmanager has a shit ton of vpn plugins by default. which we do not care about because we use wireguard. -e
};
systemd.services.NetworkManager-wait-online.enable = false; # # disable networkmanager's waitonline because it fucks up switches
networking.usePredictableInterfaceNames = false;
users.users.emv.extraGroups = [ "networkmanager" ];
users.users.emv.extraGroups = ["networkmanager"];
environment.systemPackages = with pkgs; [
busybox
tcpdump
@ -26,13 +29,12 @@
personal.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
toybox
];
programs.wireshark.enable = true;
users.users.emv.extraGroups = [ "wireshark" ];
users.users.emv.extraGroups = ["wireshark"];
}
)
];
@ -54,8 +56,7 @@
];
glucose.modules = [
(
{ ... }:
{
{...}: {
networking = {
interfaces.eth0.ipv4.addresses = [
{
@ -74,8 +75,7 @@
fructose.modules = [
(
{ ... }:
{
{...}: {
networking = {
interfaces.eth0.ipv4.addresses = [
{
@ -94,8 +94,7 @@
capsaicin.modules = [
(
{ config, ... }:
{
{config, ...}: {
networking.resolvconf.enable = false;
networking = {
interfaces.eth0.ipv4.addresses = [
@ -110,54 +109,54 @@
};
};
/*
networking.networkmanager = { # should probably figure out a way to get the default wireless interface? -e --- https://www.networkmanager.dev/docs/api/latest/nm-settings-nmcli.html Godsend
ensureProfiles = {
environmentFiles = [ "${config.sops.templates."networkmanager.env.secrets.yaml".path}" ];
profiles = {
home-wifi = {
connection = {
id = "home-wifi";
permissions = "";
type = "wifi";
interface-name = "wlp4s0";
};
ipv4 = {
method = "manual";
ignore-auto-dns = true;
addresses = "192.168.88.170/24, 10.12.96.226/24";
};
ipv6.method = "disabled";
wifi = {
mode = "infrastructure";
ssid = "$HOME1_SSID";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$HOME1_PSK";
};
networking.networkmanager = { # should probably figure out a way to get the default wireless interface? -e --- https://www.networkmanager.dev/docs/api/latest/nm-settings-nmcli.html Godsend
ensureProfiles = {
environmentFiles = [ "${config.sops.templates."networkmanager.env.secrets.yaml".path}" ];
profiles = {
home-wifi = {
connection = {
id = "home-wifi";
permissions = "";
type = "wifi";
interface-name = "wlp4s0";
};
home1eth = {
connection = {
id = "home1eth";
permissions = "";
type = "ethernet";
interface-name = "enp5s0";
};
ipv4 = {
method = "manual";
ignore-auto-dns = true;
addresses = "192.168.88.169/24, 10.12.96.225/24";
};
ipv6.method = "disabled";
ethernet = {
auto-negotiate = true;
mtu = "auto";
};
ipv4 = {
method = "manual";
ignore-auto-dns = true;
addresses = "192.168.88.170/24, 10.12.96.226/24";
};
ipv6.method = "disabled";
wifi = {
mode = "infrastructure";
ssid = "$HOME1_SSID";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$HOME1_PSK";
};
};
home1eth = {
connection = {
id = "home1eth";
permissions = "";
type = "ethernet";
interface-name = "enp5s0";
};
ipv4 = {
method = "manual";
ignore-auto-dns = true;
addresses = "192.168.88.169/24, 10.12.96.225/24";
};
ipv6.method = "disabled";
ethernet = {
auto-negotiate = true;
mtu = "auto";
};
};
};
};
};
*/
# this doesn't work, for reasons unknown, so i'm commenting it out -e
}
@ -166,8 +165,7 @@
menthol.modules = [
(
{ config, ... }:
{
{config, ...}: {
hardware.bluetooth = {
enable = true; # menthol is the only computer that actually has a bluetooth module.
powerOnBoot = true; # this will kill the battery, beware.
@ -175,7 +173,7 @@
networking.networkmanager = {
# should probably figure out a way to get the default wireless interface?
ensureProfiles = {
environmentFiles = [ "${config.sops.templates."networkmanager.env.secrets.yaml".path}" ];
environmentFiles = ["${config.sops.templates."networkmanager.env.secrets.yaml".path}"];
profiles = {
home2wireless = {
connection = {

30
networking/ssh.mod.nix
View file

@ -1,6 +1,6 @@
{
universal.modules = [
({
{
services.openssh = {
enable = true;
settings.PasswordAuthentication = false; # english is a fake language, apparently it's not "authentification", literally go explode, it makes sense but i am still mad -e
@ -12,7 +12,7 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDRf6PfZtcUN5GJ3hcxoxencU2EMRBeu4BIyBSOgKReD emv@capsaicin"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2r4QfMmGcPUs4mpYd1YgcLKwwNpBmuHbZVT5VC+8W7 emv@menthol"
];
})
}
];
fructose.modules = [
{
@ -26,21 +26,19 @@
{
programs.ssh = {
enable = true;
matchBlocks =
let
to = hostname: {
inherit hostname;
user = "emv";
identityFile = "~/.ssh/id_ed25519";
};
in
{
glucose = to "glucose.wg";
fructose = to "fructose.wg";
capsaicin = to "capsaicin.wg";
menthol = to "menthol.wg";
aspartame = to "aspartame.wg";
matchBlocks = let
to = hostname: {
inherit hostname;
user = "emv";
identityFile = "~/.ssh/id_ed25519";
};
in {
glucose = to "glucose.wg";
fructose = to "fructose.wg";
capsaicin = to "capsaicin.wg";
menthol = to "menthol.wg";
aspartame = to "aspartame.wg";
};
};
}
];

16
networking/tailscale.mod.nix
View file

@ -25,7 +25,7 @@
};
};
};
networking.firewall.allowedUDPPorts = [ 6561 ];
networking.firewall.allowedUDPPorts = [6561];
}
];
@ -40,13 +40,13 @@
];
/*
sucrose.modules = [
{
services.tailscale.extraSetFlags = [
"--advertise-exit-node"
];
}
];
sucrose.modules = [
{
services.tailscale.extraSetFlags = [
"--advertise-exit-node"
];
}
];
*/
# this is not needed, currently -e
}

60
networking/vpn.mod.nix
View file

@ -3,8 +3,7 @@
nixpkgs,
molecules,
...
}:
let
}: let
public-keys = {
capsaicin = "Jn0yQV0qdi1oPdiMSmQSPk4IYbfR2THuiY5pTl7cLgs=";
menthol = "6cDCwXBSC0bpEtpRVtzAFrt+a4BYd2iPjCmQb4xpZnU=";
@ -19,32 +18,32 @@ let
ips = builtins.mapAttrs (nixpkgs.lib.const ip) molecules;
ips' = builtins.mapAttrs (name: ip: "${ip}/32") ips;
port-for = builtins.mapAttrs (
machine: { config, ... }: toString config.networking.wireguard.interfaces.wg0.listenPort
) self.nixosConfigurations;
in
{
port-for =
builtins.mapAttrs (
machine: {config, ...}: toString config.networking.wireguard.interfaces.wg0.listenPort
)
self.nixosConfigurations;
in {
extras = {
wireguard-ips = ips;
};
universal.modules = [
(
{ config, ... }:
{
{config, ...}: {
networking = {
# i sure hope it is
nat = {
enable = true;
externalInterface = "eth0";
internalInterfaces = [ "wg0" ];
internalInterfaces = ["wg0"];
};
firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces.wg0.listenPort ];
firewall.allowedUDPPorts = [config.networking.wireguard.interfaces.wg0.listenPort];
extraHosts = builtins.concatStringsSep "\n" (
nixpkgs.lib.mapAttrsToList (name: ip: "${ip} ${name}.wg") ips
);
wireguard.interfaces.wg0 = {
ips = [ "${ips.${config.networking.hostName}}/24" ];
ips = ["${ips.${config.networking.hostName}}/24"];
listenPort = 46656;
privateKeyFile = config.sops.secrets.wireguard-private-key.path;
};
@ -55,8 +54,7 @@ in
glucose.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.wireguard.interfaces.wg0 = {
postSetup = ''
@ -69,17 +67,17 @@ in
peers = [
{
publicKey = public-keys.capsaicin;
allowedIPs = [ ips'.capsaicin ];
allowedIPs = [ips'.capsaicin];
}
{
publicKey = public-keys.fructose;
allowedIPs = [ ips'.fructose ];
allowedIPs = [ips'.fructose];
endpoint = "10.12.96.9:${port-for.fructose}";
persistentKeepalive = 25;
}
{
publicKey = public-keys.aspartame;
allowedIPs = [ subnet ];
allowedIPs = [subnet];
endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}";
persistentKeepalive = 25;
}
@ -91,8 +89,7 @@ in
fructose.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.wireguard.interfaces.wg0 = {
postSetup = ''
@ -105,17 +102,17 @@ in
peers = [
{
publicKey = public-keys.capsaicin;
allowedIPs = [ ips'.capsaicin ];
allowedIPs = [ips'.capsaicin];
}
{
publicKey = public-keys.glucose;
allowedIPs = [ ips'.glucose ];
allowedIPs = [ips'.glucose];
endpoint = "10.12.96.4:${port-for.glucose}";
persistentKeepalive = 25;
}
{
publicKey = public-keys.aspartame;
allowedIPs = [ subnet ];
allowedIPs = [subnet];
endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}";
persistentKeepalive = 25;
}
@ -127,8 +124,7 @@ in
aspartame.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.wireguard.interfaces.wg0 = {
postSetup = ''
@ -141,19 +137,19 @@ in
peers = [
{
publicKey = public-keys.capsaicin;
allowedIPs = [ ips'.capsaicin ];
allowedIPs = [ips'.capsaicin];
}
{
publicKey = public-keys.glucose;
allowedIPs = [ ips'.glucose ];
allowedIPs = [ips'.glucose];
}
{
publicKey = public-keys.fructose;
allowedIPs = [ ips'.fructose ];
allowedIPs = [ips'.fructose];
}
{
publicKey = public-keys.menthol;
allowedIPs = [ ips'.menthol ];
allowedIPs = [ips'.menthol];
}
];
};
@ -166,19 +162,19 @@ in
networking.wireguard.interfaces.wg0.peers = [
{
publicKey = public-keys.aspartame;
allowedIPs = [ subnet ];
allowedIPs = [subnet];
endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}";
persistentKeepalive = 25;
}
{
publicKey = public-keys.glucose;
allowedIPs = [ ips'.glucose ];
allowedIPs = [ips'.glucose];
endpoint = "10.12.96.4:${port-for.glucose}";
persistentKeepalive = 25;
}
{
publicKey = public-keys.fructose;
allowedIPs = [ ips'.fructose ];
allowedIPs = [ips'.fructose];
endpoint = "10.12.96.9:${port-for.fructose}";
persistentKeepalive = 25;
}
@ -191,7 +187,7 @@ in
networking.wireguard.interfaces.wg0.peers = [
{
publicKey = public-keys.aspartame;
allowedIPs = [ subnet ];
allowedIPs = [subnet];
endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}";
persistentKeepalive = 25;
}

196
nix.mod.nix
View file

@ -2,65 +2,57 @@
nix-monitored,
molecules,
...
}:
let
garbage-collection-module =
{ lib, ... }:
{
programs.nh.clean = {
enable = true;
extraArgs = "--keep 3 --keep-since 7d";
dates = "Mon..Sun *-*-* 03:00:00";
};
nix.optimise = {
automatic = true;
dates = [ "Mon..Sun *-*-* 04:00:00" ];
};
# there are very few circumstances in which we'd be awake at those times.
systemd.timers =
let
fuck-off.timerConfig = {
Persistent = lib.mkForce false;
RandomizedDelaySec = lib.mkForce 0;
};
in
{
nh-clean = fuck-off;
nix-optimise = fuck-off;
};
}: let
garbage-collection-module = {lib, ...}: {
programs.nh.clean = {
enable = true;
extraArgs = "--keep 3 --keep-since 7d";
dates = "Mon..Sun *-*-* 03:00:00";
};
distributed-build-module =
{ config, ... }:
{
nix.distributedBuilds = true;
nix.buildMachines = [
{
hostName = "capsaicin";
system = "x86_64-linux";
maxJobs = 2;
speedFactor = 3;
}
{
hostName = "glucose";
system = "x86_64-linux";
maxJobs = 3;
speedFactor = 2;
}
{
hostName = "fructose";
system = "x86_64-linux";
maxJobs = 2;
speedFactor = 1;
}
];
nix.optimise = {
automatic = true;
dates = ["Mon..Sun *-*-* 04:00:00"];
};
in
{
# there are very few circumstances in which we'd be awake at those times.
systemd.timers = let
fuck-off.timerConfig = {
Persistent = lib.mkForce false;
RandomizedDelaySec = lib.mkForce 0;
};
in {
nh-clean = fuck-off;
nix-optimise = fuck-off;
};
};
distributed-build-module = {config, ...}: {
nix.distributedBuilds = true;
nix.buildMachines = [
{
hostName = "capsaicin";
system = "x86_64-linux";
maxJobs = 2;
speedFactor = 3;
}
{
hostName = "glucose";
system = "x86_64-linux";
maxJobs = 3;
speedFactor = 2;
}
{
hostName = "fructose";
system = "x86_64-linux";
maxJobs = 2;
speedFactor = 1;
}
];
};
in {
universal.modules = [
{
system.stateVersion = "24.05";
@ -75,8 +67,7 @@ in
};
}
(
{ pkgs, ... }:
{
{pkgs, ...}: {
nixpkgs.overlays = [
nix-monitored.overlays.default
(final: prev: {
@ -91,14 +82,14 @@ in
nix-direnv = prev.nix-direnv.override {
nix = prev.nix-monitored;
};
nixmon = prev.runCommand "nixmon" { } ''
nixmon = prev.runCommand "nixmon" {} ''
mkdir -p $out/bin
ln -s ${prev.nix-monitored}/bin/nix $out/bin/nixmon
'';
})
];
# nix.package = pkgs.nix-monitored;
environment.systemPackages = [ pkgs.nixmon ];
environment.systemPackages = [pkgs.nixmon];
programs.nh.enable = true;
}
)
@ -108,8 +99,7 @@ in
pkgs,
lib,
...
}:
{
}: {
programs.ssh.extraConfig = ''
${builtins.concatStringsSep "" (
lib.mapAttrsToList (name: n: ''
@ -117,7 +107,8 @@ in
HostName ${name}.wg
User remote-builder
IdentityFile ${config.sops.secrets.remote-build-ssh-privkey.path}
'') molecules
'')
molecules
)}
'';
@ -131,9 +122,9 @@ in
shell = pkgs.runtimeShell;
};
users.groups.remote-builder = { };
users.groups.remote-builder = {};
nix.settings.trusted-users = [ "remote-builder" ];
nix.settings.trusted-users = ["remote-builder"];
}
)
(
@ -142,15 +133,15 @@ in
lib,
...
}:
lib.mkIf
lib.mkIf
(
# Don't make glucose a substitute for itself. Using glucose at the moment because it is not used for anything else. -e
config.networking.hostName != "glucose"
)
{
nix.settings = {
substituters = [ "https://cache.collective-conciousness.monster" ];
trusted-public-keys = [ "adyya-flake:PAbC0hnAiNj/kHcm9wIykmKIf25FDeXB6JusqlX2ghs=" ];
substituters = ["https://cache.collective-conciousness.monster"];
trusted-public-keys = ["adyya-flake:PAbC0hnAiNj/kHcm9wIykmKIf25FDeXB6JusqlX2ghs="];
};
}
)
@ -167,8 +158,7 @@ in
pkgs,
lib,
...
}:
{
}: {
# This is publicly served from https://cache.collective-conciousness.monster
# That's proxied through aspartame via caddy.
services.nix-serve = {
@ -180,57 +170,59 @@ in
};
/*
systemd.timers."auto-update-rebuild" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5m";
OnUnitInactiveSec = "1h";
Unit = "auto-update-rebuild.service";
};
systemd.timers."auto-update-rebuild" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5m";
OnUnitInactiveSec = "1h";
Unit = "auto-update-rebuild.service";
};
};
systemd.services."auto-update-rebuild" = {
script = ''
mkdir -p /tmp/auto-update-rebuild && cd /tmp/auto-update-rebuild
systemd.services."auto-update-rebuild" = {
script = ''
mkdir -p /tmp/auto-update-rebuild && cd /tmp/auto-update-rebuild
export PATH=${
lib.makeBinPath (
with pkgs;
[
nix
git
coreutils
]
)
}
export PATH=${
lib.makeBinPath (
with pkgs;
[
nix
git
coreutils
]
)
}
nix flake update --flake /home/emv/adyya-flake
'';
nix flake update --flake /home/emv/adyya-flake
'';
serviceConfig = {
Restart = "on-failure";
RestartSec = "15m";
Type = "oneshot";
};
serviceConfig = {
Restart = "on-failure";
RestartSec = "15m";
Type = "oneshot";
};
};
*/
}
)
garbage-collection-module
];
fructose.modules = [ garbage-collection-module ];
menthol.modules = [ distributed-build-module ];
fructose.modules = [garbage-collection-module];
menthol.modules = [distributed-build-module];
aspartame.modules = [
distributed-build-module
garbage-collection-module
];
capsaicin.modules = [ garbage-collection-module ];
capsaicin.modules = [garbage-collection-module];
universal.home_modules = [
(
{ pkgs, lib, ... }:
{
pkgs,
lib,
...
}: {
home.packages = with pkgs; [
cachix
nil

7
peripherals.mod.nix
View file

@ -1,11 +1,10 @@
{
personal.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.adb.enable = true; # #yeag that's it for now lol
users.users.emv.extraGroups = [ "adbusers" ];
services.udev.packages = [ pkgs.android-udev-rules ];
users.users.emv.extraGroups = ["adbusers"];
services.udev.packages = [pkgs.android-udev-rules];
}
)
];

5
services/caddy/caddy.mod.nix
View file

@ -1,8 +1,11 @@
{
aspartame.modules = [
(
{ pkgs, lib, ... }:
{
pkgs,
lib,
...
}: {
services.caddy = {
enable = true;
package = pkgs.caddy-many;

3
services/couchdb/couchdb.mod.nix
View file

@ -1,8 +1,7 @@
{
glucose.modules = [
(
{ config, ... }:
{
{config, ...}: {
# services.couchdb = {
# enable = true;
# adminUser = "Admin";

5
services/forgejo/forgejo.mod.nix
View file

@ -1,8 +1,11 @@
{
fructose.modules = [
(
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
services.forgejo = {
enable = true;
package = pkgs.forgejo;

10
services/forgejo/runner.mod.nix
View file

@ -6,15 +6,13 @@
config,
lib,
...
}:
{
}: {
services.gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances = {
${config.networking.hostName} = {
enable = true;
hostPackages =
with pkgs;
hostPackages = with pkgs;
lib.mkDefault [
bash
coreutils
@ -26,9 +24,9 @@
nix
nixfmt-rfc-style
];
labels = [ ];
labels = [];
name = config.networking.hostName;
settings = { };
settings = {};
tokenFile = config.sops.templates."forgejo_runner.env.secrets.yaml".path;
url = "https://git.collective-conciousness.monster";
};

5
services/gts/gts.mod.nix
View file

@ -1,8 +1,11 @@
{
aspartame.modules = [
(
{ pkgs, config, ... }:
{
pkgs,
config,
...
}: {
services.gotosocial = {
enable = true;
package = pkgs.gts;

3
services/murmur/murmur.mod.nix
View file

@ -6,8 +6,7 @@
config,
lib,
...
}:
{
}: {
services.murmur = {
enable = true;

3
services/pihole/pihole.mod.nix
View file

@ -1,8 +1,7 @@
{
fructose.modules = [
(
{ config, ... }:
{
{config, ...}: {
virtualisation.oci-containers = {
containers.pihole = {
image = "pihole/pihole:latest";

142
services/postgres/postgres.mod.nix
View file

@ -1,82 +1,82 @@
{
fructose.modules = [
/*
(
{ config, pkgs, lib, ... }:
{
systemd.services.postgresql.serviceConfig.TimeoutSec = lib.mkForce "infinity";
services.postgresql = {
enable = true;
checkConfig = true;
package = pkgs.postgresql_17;
dataDir = "/var/services/postgres/";
(
{ config, pkgs, lib, ... }:
{
systemd.services.postgresql.serviceConfig.TimeoutSec = lib.mkForce "infinity";
services.postgresql = {
enable = true;
checkConfig = true;
package = pkgs.postgresql_17;
dataDir = "/var/services/postgres/";
ensureDatabases = [
"forgejo"
"gts"
];
ensureUsers = [
{
name = "forgejo";
ensureDBOwnership = true;
ensureClauses = {
login = true;
};
}
{
name = "gts";
ensureDBOwnership = true;
ensureClauses = {
login = true;
};
}
];
settings = {
# connection
listen_addresses = lib.mkForce "127.0.0.1";
port = 5432;
unix_socket_directories = "/var/services/postgres/postgres.sock";
ensureDatabases = [
"forgejo"
"gts"
];
ensureUsers = [
{
name = "forgejo";
ensureDBOwnership = true;
ensureClauses = {
login = true;
};
}
{
name = "gts";
ensureDBOwnership = true;
ensureClauses = {
login = true;
};
}
];
settings = {
# connection
listen_addresses = lib.mkForce "127.0.0.1";
port = 5432;
unix_socket_directories = "/var/services/postgres/postgres.sock";
# auth
password_encryption = "scram-sha-256";
# auth
password_encryption = "scram-sha-256";
# ssl
ssl = false;
# ssl
ssl = false;
#log
log_connections = true;
log_directory = "/var/services/postgres/log";
logging_collector = true;
log_disconnections = true;
};
#log
log_connections = true;
log_directory = "/var/services/postgres/log";
logging_collector = true;
log_disconnections = true;
};
};
services.postgresqlBackup = {
enable = true;
location = "/var/services/postgresbackup/";
compression = "gzip";
backupAll = true;
startAt = "*-*-* 3:20:00";
};
services.postgresqlBackup = {
enable = true;
location = "/var/services/postgresbackup/";
compression = "gzip";
backupAll = true;
startAt = "*-*-* 3:20:00";
};
# services.pgadmin = {
# enable = true;
# initialEmail = "pgadmin@collective-conciousness.monster";
# initialPasswordFile = "${config.sops.secrets.pgadmin_pass.path}";
# openFirewall = true;
# port = 5050;
# services.pgadmin = {
# enable = true;
# initialEmail = "pgadmin@collective-conciousness.monster";
# initialPasswordFile = "${config.sops.secrets.pgadmin_pass.path}";
# openFirewall = true;
# port = 5050;
# settings = {
# STRICT_TRANSPORT_SECURITY_ENABLED = true;
# ALLOWED_HOSTS = [
# "127.0.0.1"
# "10.24.1.225"
# "10.24.1.196"
# ];
# };
# };
}
)
# settings = {
# STRICT_TRANSPORT_SECURITY_ENABLED = true;
# ALLOWED_HOSTS = [
# "127.0.0.1"
# "10.24.1.225"
# "10.24.1.196"
# ];
# };
# };
}
)
*/
#doesn't seem to work so i'm just gonna make a container for it at the moment.
(
@ -85,8 +85,7 @@
pkgs,
lib,
...
}:
{
}: {
virtualisation.oci-containers = {
containers.postgres = {
image = "postgres:17";
@ -106,11 +105,10 @@
"5433:8080"
"5434:53"
];
dependsOn = [ "postgres" ];
dependsOn = ["postgres"];
};
};
}
)
];
}

3
services/website/website.mod.nix
View file

@ -1,8 +1,7 @@
{
aspartame.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
zola
];

72
sops.mod.nix
View file

@ -1,5 +1,4 @@
{ sops-nix, ... }:
{
{sops-nix, ...}: {
universal.modules = [
sops-nix.nixosModules.sops
{
@ -11,22 +10,20 @@
sops.age.keyFile = "/home/emv/.config/sops/age/keys.txt";
}
(
{ config, ... }:
{
{config, ...}: {
sops.secrets.wireguard-private-key = {
key = "wireguard-private-keys/${config.networking.hostName}";
};
}
)
({
sops.secrets.remote-build-ssh-privkey = { };
})
{
sops.secrets.remote-build-ssh-privkey = {};
}
];
aspartame.modules = [
(
{ config, ... }:
{
sops.secrets.gts_db_pass = { };
{config, ...}: {
sops.secrets.gts_db_pass = {};
sops.templates."gts.env.secrets.yaml".content = ''
GTS_DB_PASSWORD=${config.sops.placeholder."gts_db_pass"}
'';
@ -35,9 +32,8 @@
];
sucrose.modules = [
(
{ config, ... }:
{
sops.secrets."forgejo_runner_${config.networking.hostName}_token" = { };
{config, ...}: {
sops.secrets."forgejo_runner_${config.networking.hostName}_token" = {};
sops.templates."forgejo_runner.env.secrets.yaml".content = ''
TOKEN=${config.sops.placeholder."forgejo_runner_${config.networking.hostName}_token"}
'';
@ -45,14 +41,13 @@
)
];
glucose.modules = [
({
sops.secrets.binary_cache_secret = { };
})
{
sops.secrets.binary_cache_secret = {};
}
(
{ config, ... }:
{
sops.secrets.couchdb_admin_pass = { };
sops.secrets.couchdb_admin_account = { };
{config, ...}: {
sops.secrets.couchdb_admin_pass = {};
sops.secrets.couchdb_admin_account = {};
sops.templates."couchdb.env.secrets.yaml".content = ''
COUCHDB_PASSWORD="${config.sops.placeholder."couchdb_admin_pass"}"
COUCHDB_USER="${config.sops.placeholder."couchdb_admin_account"}"
@ -60,10 +55,9 @@
}
)
(
{ config, ... }:
{
sops.secrets.murmur_login_password = { };
sops.secrets.murmur_welcome_message = { };
{config, ...}: {
sops.secrets.murmur_login_password = {};
sops.secrets.murmur_welcome_message = {};
sops.templates."murmur.env.secrets.yaml".content = ''
MURMUR_LOGIN_PASSWORD="${config.sops.placeholder."murmur_login_password"}"
MURMUR_WELCOME_MESSAGE="${config.sops.placeholder."murmur_welcome_message"}"
@ -73,19 +67,17 @@
];
fructose.modules = [
(
{ config, ... }:
{
sops.secrets.pihole_webpassword = { };
{config, ...}: {
sops.secrets.pihole_webpassword = {};
sops.templates."pihole.env.secrets.yaml".content = ''
WEBPASSWORD="${config.sops.placeholder."pihole_webpassword"}"
'';
}
)
(
{ config, ... }:
{
sops.secrets.postgresdb_admin_password = { };
sops.secrets.forgejo_db_pass = { };
{config, ...}: {
sops.secrets.postgresdb_admin_password = {};
sops.secrets.forgejo_db_pass = {};
sops.templates."postgresdb.env.secrets.yaml".content = ''
POSTGRES_PASSWORD=${config.sops.placeholder."postgresdb_admin_password"}
'';
@ -94,14 +86,13 @@
];
personal.modules = [
(
{ config, ... }:
{
sops.secrets.home1_ssid = { };
sops.secrets.home1_psk = { };
sops.secrets.home2_ssid = { };
sops.secrets.home2_psk = { };
sops.secrets.phone_ssid = { };
sops.secrets.phone_psk = { };
{config, ...}: {
sops.secrets.home1_ssid = {};
sops.secrets.home1_psk = {};
sops.secrets.home2_ssid = {};
sops.secrets.home2_psk = {};
sops.secrets.phone_ssid = {};
sops.secrets.phone_psk = {};
sops.templates."networkmanager.env.secrets.yaml".content = ''
HOME1_SSID="${config.sops.placeholder."home1_ssid"}"
HOME2_SSID="${config.sops.placeholder."home2_ssid"}"
@ -115,8 +106,7 @@
];
universal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
sops
age

76
stylix.mod.nix
View file

@ -1,45 +1,41 @@
{ stylix, ... }:
let
{stylix, ...}: let
wallpapers =
builtins.mapAttrs
(
name: value:
{
lib,
pkgs,
...
}:
{
stylix.image = pkgs.fetchurl {
url = value.url;
hash = value.hash or lib.fakeHash;
};
}
)
{
sekiro.url = "https://w.wallhaven.cc/full/vg/wallhaven-vgor6p.jpg";
sekiro.hash = "sha256-pcNIr1yON9SsOhUAr//GGbijZayksBTYBu7l+/1+He8=";
(
name: value: {
lib,
pkgs,
...
}: {
stylix.image = pkgs.fetchurl {
url = value.url;
hash = value.hash or lib.fakeHash;
};
}
)
{
sekiro.url = "https://w.wallhaven.cc/full/vg/wallhaven-vgor6p.jpg";
sekiro.hash = "sha256-pcNIr1yON9SsOhUAr//GGbijZayksBTYBu7l+/1+He8=";
ac-frozen.url = "https://w.wallhaven.cc/full/7p/wallhaven-7p22j9.png";
ac-frozen.hash = "sha256-qBJL8ddJhUWuUeaqPssMDUSfuNa9elfb7XMMeOAlwpE=";
ac-frozen.url = "https://w.wallhaven.cc/full/7p/wallhaven-7p22j9.png";
ac-frozen.hash = "sha256-qBJL8ddJhUWuUeaqPssMDUSfuNa9elfb7XMMeOAlwpE=";
ac-impact.url = "https://w.wallhaven.cc/full/jx/wallhaven-jx3xmp.png";
ac-impact.hash = "sha256-oAm8IVMlZpEuLp1baoFqzFk5VWzELOiOv+CaRIAE2Dc=";
ac-impact.url = "https://w.wallhaven.cc/full/jx/wallhaven-jx3xmp.png";
ac-impact.hash = "sha256-oAm8IVMlZpEuLp1baoFqzFk5VWzELOiOv+CaRIAE2Dc=";
ac-grid.url = "https://w.wallhaven.cc/full/kx/wallhaven-kxg7d1.png";
ac-grid.hash = "sha256-7zO4rHrVsFMsnH+X7GJKr6qcGB3Z/k525UIv19lnSls=";
ac-grid.url = "https://w.wallhaven.cc/full/kx/wallhaven-kxg7d1.png";
ac-grid.hash = "sha256-7zO4rHrVsFMsnH+X7GJKr6qcGB3Z/k525UIv19lnSls=";
ludwig.url = "https://w.wallhaven.cc/full/6d/wallhaven-6d8p9w.png";
ludwig.hash = "sha256-DmV8sF6zN6/A+wQNCaxyQ32aZb4MPsdoKiNDwvnT6qU=";
ludwig.url = "https://w.wallhaven.cc/full/6d/wallhaven-6d8p9w.png";
ludwig.hash = "sha256-DmV8sF6zN6/A+wQNCaxyQ32aZb4MPsdoKiNDwvnT6qU=";
wukong.url = "https://w.wallhaven.cc/full/l8/wallhaven-l81moy.jpg";
wukong.hash = "sha256-EE/VhlbA/hnvjTSvqYLIWay+llNUyZ0iC2OCRphcKkQ=";
wukong.url = "https://w.wallhaven.cc/full/l8/wallhaven-l81moy.jpg";
wukong.hash = "sha256-EE/VhlbA/hnvjTSvqYLIWay+llNUyZ0iC2OCRphcKkQ=";
twirly-bh.url = "https://w.wallhaven.cc/full/l8/wallhaven-l8v7kq.jpg";
twirly-bh.hash = "sha256-on/wIsdUgKSgl9o/jwKu/Rk2ehK9JgDBoGji+QH5b5s=";
};
in
{
twirly-bh.url = "https://w.wallhaven.cc/full/l8/wallhaven-l8v7kq.jpg";
twirly-bh.hash = "sha256-on/wIsdUgKSgl9o/jwKu/Rk2ehK9JgDBoGji+QH5b5s=";
};
in {
personal.modules = [
stylix.nixosModules.stylix
(
@ -47,8 +43,7 @@ in
pkgs,
config,
...
}:
{
}: {
stylix.enable = true;
stylix.polarity = "dark";
@ -87,15 +82,14 @@ in
pkgs,
config,
...
}:
{
systemd-fuckery.auto-restart = [ "swaybg" ];
}: {
systemd-fuckery.auto-restart = ["swaybg"];
systemd.user.services."swaybg" = {
Unit = {
Description = "wallpapers! brought to you by stylix! :3";
PartOf = [ "graphical-session.target" ];
PartOf = ["graphical-session.target"];
};
Install.WantedBy = [ "graphical-session.target" ];
Install.WantedBy = ["graphical-session.target"];
Service = {
ExecStart = "${lib.getExe pkgs.swaybg} -i ${config.stylix.image}";
Restart = "on-failure";

220
sway.mod.nix
View file

@ -1,8 +1,7 @@
{
personal.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.sway = {
enable = true;
package = pkgs.swayfx;
@ -25,8 +24,7 @@
pkgs,
config,
...
}:
{
}: {
wayland.windowManager.sway = {
enable = true;
systemd.enable = true;
@ -36,140 +34,138 @@
config = {
modifier = "Mod4";
fonts = lib.mkDefault {
names = [ "pango" ];
names = ["pango"];
style = "monospace";
size = 8.0;
};
terminal = "terminator";
keybindings =
let
mod = config.wayland.windowManager.sway.config.modifier;
term = config.wayland.windowManager.sway.config.terminal;
rofi = "rofi";
in
{
"${mod}+Return" = "exec ${term}"; # opens a terminal window
"${mod}+Shift+q" = "kill"; # kills the active window
keybindings = let
mod = config.wayland.windowManager.sway.config.modifier;
term = config.wayland.windowManager.sway.config.terminal;
rofi = "rofi";
in {
"${mod}+Return" = "exec ${term}"; # opens a terminal window
"${mod}+Shift+q" = "kill"; # kills the active window
"${mod}+s" = ''exec --no-startup-id ${rofi} -run-command "/bin/sh -i -c '{cmd}'" -show combi''; # opens rofi
"${mod}+Tab" = "exec --no-startup-id ${rofi} -show window";
"${mod}+s" = ''exec --no-startup-id ${rofi} -run-command "/bin/sh -i -c '{cmd}'" -show combi''; # opens rofi
"${mod}+Tab" = "exec --no-startup-id ${rofi} -show window";
# "${mod}+p" = ''mode "resize"'';
"${mod}+o" = "exec swaylock"; # locks the session, requiring password to unlock.
# "${mod}+p" = ''mode "resize"'';
"${mod}+o" = "exec swaylock"; # locks the session, requiring password to unlock.
### move focus
"${mod}+Left" = "focus left";
"${mod}+Down" = "focus down";
"${mod}+Up" = "focus up";
"${mod}+Right" = "focus right";
### move focus
"${mod}+Left" = "focus left";
"${mod}+Down" = "focus down";
"${mod}+Up" = "focus up";
"${mod}+Right" = "focus right";
### move windows
"${mod}+Shift+Left" = "move left";
"${mod}+Shift+Down" = "move down";
"${mod}+Shift+Up" = "move up";
"${mod}+Shift+Right" = "move right";
### move windows
"${mod}+Shift+Left" = "move left";
"${mod}+Shift+Down" = "move down";
"${mod}+Shift+Up" = "move up";
"${mod}+Shift+Right" = "move right";
"${mod}+Shift+m" = "split h"; # Horizontal split
"${mod}+Shift+v" = "split v"; # Vertical Split
"${mod}+Shift+m" = "split h"; # Horizontal split
"${mod}+Shift+v" = "split v"; # Vertical Split
"${mod}+t" = "fullscreen toggle"; # fullscreen
"${mod}+t" = "fullscreen toggle"; # fullscreen
"${mod}+r" = "layout stacking";
"${mod}+w" = "layout tabbed";
"${mod}+e" = "layout toggle split";
"${mod}+r" = "layout stacking";
"${mod}+w" = "layout tabbed";
"${mod}+e" = "layout toggle split";
"${mod}+Shift+Space" = "floating toggle";
"${mod}+Space" = "focus mode_toggle"; # change focus between tiling and floating
"${mod}+Shift+Space" = "floating toggle";
"${mod}+Space" = "focus mode_toggle"; # change focus between tiling and floating
"${mod}+a" = "focus parent";
"${mod}+Shift+a" = "focus child";
"${mod}+a" = "focus parent";
"${mod}+Shift+a" = "focus child";
"${mod}+Shift+d" = "reload";
"${mod}+Shift+d" = "reload";
### moves user around
"${mod}+1" = "workspace number 1";
"${mod}+2" = "workspace number 2";
"${mod}+3" = "workspace number 3";
"${mod}+4" = "workspace number 4";
"${mod}+5" = "workspace number 5";
"${mod}+6" = "workspace number 6";
"${mod}+7" = "workspace number 7";
"${mod}+8" = "workspace number 8";
"${mod}+9" = "workspace number 9";
"${mod}+0" = "workspace number 10";
### moves user around
"${mod}+1" = "workspace number 1";
"${mod}+2" = "workspace number 2";
"${mod}+3" = "workspace number 3";
"${mod}+4" = "workspace number 4";
"${mod}+5" = "workspace number 5";
"${mod}+6" = "workspace number 6";
"${mod}+7" = "workspace number 7";
"${mod}+8" = "workspace number 8";
"${mod}+9" = "workspace number 9";
"${mod}+0" = "workspace number 10";
### moves containers around
"${mod}+Shift+1" = "move container to workspace number 1";
"${mod}+Shift+2" = "move container to workspace number 2";
"${mod}+Shift+3" = "move container to workspace number 3";
"${mod}+Shift+4" = "move container to workspace number 4";
"${mod}+Shift+5" = "move container to workspace number 5";
"${mod}+Shift+6" = "move container to workspace number 6";
"${mod}+Shift+7" = "move container to workspace number 7";
"${mod}+Shift+8" = "move container to workspace number 8";
"${mod}+Shift+9" = "move container to workspace number 9";
"${mod}+Shift+0" = "move container to workspace number 10";
};
### moves containers around
"${mod}+Shift+1" = "move container to workspace number 1";
"${mod}+Shift+2" = "move container to workspace number 2";
"${mod}+Shift+3" = "move container to workspace number 3";
"${mod}+Shift+4" = "move container to workspace number 4";
"${mod}+Shift+5" = "move container to workspace number 5";
"${mod}+Shift+6" = "move container to workspace number 6";
"${mod}+Shift+7" = "move container to workspace number 7";
"${mod}+Shift+8" = "move container to workspace number 8";
"${mod}+Shift+9" = "move container to workspace number 9";
"${mod}+Shift+0" = "move container to workspace number 10";
};
### TODO : Resize mode and automatic floating
assigns = {
"1:" = [ { title = "^Signal$|Discord$"; } ];
"2:main" = [ { title = "VSCodium$"; } ];
"3:browsing" = [ { title = "LibreWolf$"; } ];
"4:misc" = [ ];
"5:5" = [ ];
"6:6" = [ ];
"7:7" = [ ];
"8:8" = [ ];
"9:9" = [ ];
"0:audio" = [ { title = "pwvucontrol$|noisetorch$"; } ];
"1:" = [{title = "^Signal$|Discord$";}];
"2:main" = [{title = "VSCodium$";}];
"3:browsing" = [{title = "LibreWolf$";}];
"4:misc" = [];
"5:5" = [];
"6:6" = [];
"7:7" = [];
"8:8" = [];
"9:9" = [];
"0:audio" = [{title = "pwvucontrol$|noisetorch$";}];
};
/*
colors = {
# should probably use a let ... in ... here
background = "#212121";
focused = {
# border = "#2b83a6"; # test to see if stylix does magic
background = "#2b83a6";
text = "#ffffff";
indicator = "#dddddd";
childBorder = "#2b83a6";
};
focusedInactive = {
border = "#212121";
background = "#212121";
text = "#86888c";
indicator = "#292d2e";
childBorder = "#5a5a5a";
};
unfocused = {
border = "#212121";
background = "#212121";
text = "#86888c";
indicator = "#292d2e";
childBorder = "#5a5a5a";
};
urgent = {
border = "#d64e4e";
background = "#d64e4e";
text = "#ffffff";
indicator = "#d64e4e";
childBorder = "#d64e4e";
};
placeholder = {
border = "#212121";
background = "#0c0c0c";
text = "#ffffff";
indicator = "#212121";
childBorder = "#262626";
};
colors = {
# should probably use a let ... in ... here
background = "#212121";
focused = {
# border = "#2b83a6"; # test to see if stylix does magic
background = "#2b83a6";
text = "#ffffff";
indicator = "#dddddd";
childBorder = "#2b83a6";
};
focusedInactive = {
border = "#212121";
background = "#212121";
text = "#86888c";
indicator = "#292d2e";
childBorder = "#5a5a5a";
};
unfocused = {
border = "#212121";
background = "#212121";
text = "#86888c";
indicator = "#292d2e";
childBorder = "#5a5a5a";
};
urgent = {
border = "#d64e4e";
background = "#d64e4e";
text = "#ffffff";
indicator = "#d64e4e";
childBorder = "#d64e4e";
};
placeholder = {
border = "#212121";
background = "#0c0c0c";
text = "#ffffff";
indicator = "#212121";
childBorder = "#262626";
};
};
*/
bars = [
({
{
statusCommand = "\${pkgs.swayrbar}/bin/swayrbar";
position = "bottom";
trayOutput = "primary";
@ -208,7 +204,7 @@
text = "#ffffff";
};
};
})
}
];
output = {
DP-3 = {

6
tex.mod.nix
View file

@ -1,13 +1,13 @@
{
personal.home_modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.texlive = {
enable = true;
packageSet = pkgs.texlive;
extraPackages = tpkgs: {
inherit (tpkgs)
inherit
(tpkgs)
scheme-medium
dvisvgm
dvipng # in-place output

3
zsh.mod.nix
View file

@ -1,8 +1,7 @@
{
universal.modules = [
(
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.zsh = {
enable = true;
};