From cff4840824a6d530bca503622f4523a8825fba9f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 17 Sep 2023 11:20:46 +0200 Subject: [PATCH 001/241] wireguard template --- hetzner-vpn1.nix | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index da00bf0..d16db0f 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -16,5 +16,53 @@ users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' ]; + + environment = { + systemPackages = with pkgs; [iptables wireguard-tools]; + }; + + # wireguard server for public ip + # enable NAT + networking.nat.enable = true; + networking.nat.externalInterface = "eth0"; + networking.nat.internalInterfaces = ["wg0"]; + networking.firewall = { + allowedUDPPorts = [51820]; + }; + + networking.wireguard.interfaces = { + # "wg0" is the network interface name. You can name the interface arbitrarily. + wg0 = { + # Determines the IP address and subnet of the server's end of the tunnel interface. + ips = ["10.100.0.1/24"]; + + # The port that WireGuard listens to. Must be accessible by the client. + listenPort = 51820; + + # This allows the wireguard server to route your traffic to the internet and hence be like a VPN + # For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients + postSetup = '' + ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE + ''; + + # This undoes the above command + postShutdown = '' + ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE + ''; + + # Path to the private key file + privateKeyFile = "/root/wireguard/keys/private"; + + peers = [ + # List of allowed peers. + { + # Phone + publicKey = "/sjNk9rXaMdrCHD2kmut1AXD1UhF1xcZ4ju+EmFGcCk="; + # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. + #allowedIPs = ["10.100.0.2/32"]; + } + ]; + }; + }; }; } From 8b1170596570d046df73b7c022477cab34bf5ef2 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 17 Sep 2023 11:53:34 +0200 Subject: [PATCH 002/241] add lpt --- hetzner-vpn1.nix | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index d16db0f..b362a87 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -1,4 +1,6 @@ -{pkgs, ...}: { +{pkgs, ...}: let + wg_port = 51820; +in { imports = [ (import ./modules { hostName = "hetzner-vpn1"; @@ -27,17 +29,17 @@ networking.nat.externalInterface = "eth0"; networking.nat.internalInterfaces = ["wg0"]; networking.firewall = { - allowedUDPPorts = [51820]; + allowedUDPPorts = [wg_port]; }; networking.wireguard.interfaces = { # "wg0" is the network interface name. You can name the interface arbitrarily. wg0 = { # Determines the IP address and subnet of the server's end of the tunnel interface. - ips = ["10.100.0.1/24"]; + ips = ["10.100.0.1/32"]; # The port that WireGuard listens to. Must be accessible by the client. - listenPort = 51820; + listenPort = wg_port; # This allows the wireguard server to route your traffic to the internet and hence be like a VPN # For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients @@ -59,7 +61,13 @@ # Phone publicKey = "/sjNk9rXaMdrCHD2kmut1AXD1UhF1xcZ4ju+EmFGcCk="; # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. - #allowedIPs = ["10.100.0.2/32"]; + allowedIPs = ["10.100.0.2/32"]; + } + { + # vinzenz-lpt + publicKey = "D/6431f8oJ61C5vjjEIpY5Rc750oK4yVh9B/32q4xAE="; + # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. + allowedIPs = ["10.100.0.3/32"]; } ]; }; From 9b60bc19886fac43ab8e25334c2b7a2533c72efb Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 13:04:45 +0200 Subject: [PATCH 003/241] move config to better places --- modules/desktop/default.nix | 14 +----- modules/desktop/gaming.nix | 9 +++- modules/users/default.nix | 80 ++++++++++++++++++---------------- modules/users/vinzenz-home.nix | 1 + 4 files changed, 53 insertions(+), 51 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index d8f88b5..a7bbc6f 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -4,7 +4,7 @@ lib, ... }: let - cfg = config.my.desktop; + isEnabled = config.my.desktop.enable; in { imports = [ ./gnome.nix @@ -14,10 +14,7 @@ in { options.my.desktop.enable = lib.mkEnableOption "desktop"; - config = lib.mkIf cfg.enable { - home-manager.useUserPackages = true; - home-manager.useGlobalPkgs = true; - + config = lib.mkIf isEnabled { services = { # Enable the X11 windowing system / wayland depending on DE xserver.enable = true; @@ -49,11 +46,6 @@ in { programs = { git.package = pkgs.gitFull; - steam = { - enable = true; - remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play - dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server - }; }; # unblock kde connect / gsconnect @@ -89,8 +81,6 @@ in { }; environment = { - pathsToLink = ["/share/zsh"]; - systemPackages = with pkgs; [ lm_sensors ]; diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index 8b9cd34..f179765 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -17,7 +17,6 @@ in { wineWowPackages.stagingFull wineWowPackages.fonts winetricks - steam (lutris.override { extraPkgs = pkgs: [ @@ -28,5 +27,13 @@ in { ]; }) ]; + + programs = { + steam = { + enable = true; + remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play + dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server + }; + }; }; } diff --git a/modules/users/default.nix b/modules/users/default.nix index 6e33607..bc0f0c0 100644 --- a/modules/users/default.nix +++ b/modules/users/default.nix @@ -23,47 +23,51 @@ in { ]; config = lib.mkIf enableHomeManager { - home-manager.sharedModules = [ - # set stateVersion - {home.stateVersion = "22.11";} - # make nano the default editor - { - home = { - sessionVariables.EDITOR = "nano"; - file.".nanorc".text = lib.mkDefault '' - set linenumbers - set mouse - ''; - }; - } - # command line niceness - { - programs = { - command-not-found.enable = true; - dircolors.enable = true; + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + sharedModules = [ + # set stateVersion + {home.stateVersion = "22.11";} + # make nano the default editor + { + home = { + sessionVariables.EDITOR = "nano"; + file.".nanorc".text = lib.mkDefault '' + set linenumbers + set mouse + ''; + }; + } + # command line niceness + { + programs = { + command-not-found.enable = true; + dircolors.enable = true; - zsh = { - enable = true; - enableSyntaxHighlighting = true; - enableAutosuggestions = true; - enableVteIntegration = true; - }; - }; - } - # common git config - { - programs = { - git = { - enable = true; - extraConfig.init.defaultBranch = "main"; + zsh = { + enable = true; + enableSyntaxHighlighting = true; + enableAutosuggestions = true; + enableVteIntegration = true; + }; }; + } + # common git config + { + programs = { + git = { + enable = true; + extraConfig.init.defaultBranch = "main"; + }; - gh = { - enable = true; - enableGitCredentialHelper = true; + gh = { + enable = true; + enableGitCredentialHelper = true; + }; }; - }; - } - ]; + } + ]; + }; }; } diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 351fcd8..0477049 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -70,6 +70,7 @@ aliases = { prettylog = "log --pretty=oneline --graph"; + spring-clean = "!git branch --merged | xargs -n 1 -r git branch -d"; }; extraConfig = { From 44bbfc2fa0d3b13e37f34a8b7baab0fbe8f12e50 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 13:12:09 +0200 Subject: [PATCH 004/241] better split of home manager specific stuff --- modules/users/default.nix | 51 +------------------------- modules/users/home-manager.nix | 65 ++++++++++++++++++++++++++++++++++ modules/users/ronja.nix | 27 ++++++-------- modules/users/vinzenz.nix | 25 ++++++------- 4 files changed, 87 insertions(+), 81 deletions(-) create mode 100644 modules/users/home-manager.nix diff --git a/modules/users/default.nix b/modules/users/default.nix index bc0f0c0..1d84a1d 100644 --- a/modules/users/default.nix +++ b/modules/users/default.nix @@ -19,55 +19,6 @@ in { ./ronja.nix ] ++ lib.optionals enableHomeManager [ - + ./home-manager.nix ]; - - config = lib.mkIf enableHomeManager { - home-manager = { - useUserPackages = true; - useGlobalPkgs = true; - sharedModules = [ - # set stateVersion - {home.stateVersion = "22.11";} - # make nano the default editor - { - home = { - sessionVariables.EDITOR = "nano"; - file.".nanorc".text = lib.mkDefault '' - set linenumbers - set mouse - ''; - }; - } - # command line niceness - { - programs = { - command-not-found.enable = true; - dircolors.enable = true; - - zsh = { - enable = true; - enableSyntaxHighlighting = true; - enableAutosuggestions = true; - enableVteIntegration = true; - }; - }; - } - # common git config - { - programs = { - git = { - enable = true; - extraConfig.init.defaultBranch = "main"; - }; - - gh = { - enable = true; - enableGitCredentialHelper = true; - }; - }; - } - ]; - }; - }; } diff --git a/modules/users/home-manager.nix b/modules/users/home-manager.nix new file mode 100644 index 0000000..3166eb1 --- /dev/null +++ b/modules/users/home-manager.nix @@ -0,0 +1,65 @@ +{ + config, + pkgs, + lib, + ... +}: { + imports = [ + + ]; + + config = { + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + + users = { + ronja = lib.mkIf (builtins.elem "ronja" config.my.enabledUsers) (import ./ronja-home.nix); + vinzenz = lib.mkIf (builtins.elem "ronja" config.my.enabledUsers) (import ./vinzenz-home.nix); + }; + + sharedModules = [ + # set stateVersion + {home.stateVersion = "22.11";} + # make nano the default editor + { + home = { + sessionVariables.EDITOR = "nano"; + file.".nanorc".text = lib.mkDefault '' + set linenumbers + set mouse + ''; + }; + } + # command line niceness + { + programs = { + command-not-found.enable = true; + dircolors.enable = true; + + zsh = { + enable = true; + enableSyntaxHighlighting = true; + enableAutosuggestions = true; + enableVteIntegration = true; + }; + }; + } + # common git config + { + programs = { + git = { + enable = true; + extraConfig.init.defaultBranch = "main"; + }; + + gh = { + enable = true; + enableGitCredentialHelper = true; + }; + }; + } + ]; + }; + }; +} diff --git a/modules/users/ronja.nix b/modules/users/ronja.nix index 8ca8311..7917792 100644 --- a/modules/users/ronja.nix +++ b/modules/users/ronja.nix @@ -6,20 +6,15 @@ }: let isUserEnabled = builtins.elem "ronja" config.my.enabledUsers; in { - config = lib.mkMerge [ - (lib.mkIf isUserEnabled { - # Define user account - users.users.ronja = { - isNormalUser = true; - name = "ronja"; - description = "Ronja Spiegelberg"; - home = "/home/ronja"; - extraGroups = ["networkmanager" "wheel" "games"]; - shell = pkgs.zsh; - }; - }) - (lib.mkIf (isUserEnabled && config.my.modulesCfg.enableHomeManager) { - home-manager.users.ronja = import ./ronja-home.nix; - }) - ]; + config = lib.mkIf isUserEnabled { + # Define user account + users.users.ronja = { + isNormalUser = true; + name = "ronja"; + description = "Ronja Spiegelberg"; + home = "/home/ronja"; + extraGroups = ["networkmanager" "wheel" "games"]; + shell = pkgs.zsh; + }; + }; } diff --git a/modules/users/vinzenz.nix b/modules/users/vinzenz.nix index 58cff2d..ac270a6 100644 --- a/modules/users/vinzenz.nix +++ b/modules/users/vinzenz.nix @@ -6,19 +6,14 @@ }: let isUserEnabled = builtins.elem "vinzenz" config.my.enabledUsers; in { - config = lib.mkMerge [ - (lib.mkIf isUserEnabled { - users.users.vinzenz = { - isNormalUser = true; - name = "vinzenz"; - description = "Vinzenz Schroeter"; - home = "/home/vinzenz"; - extraGroups = ["networkmanager" "wheel" "games"]; - shell = pkgs.zsh; - }; - }) - (lib.mkIf (isUserEnabled && config.my.modulesCfg.enableHomeManager) { - home-manager.users.vinzenz = import ./vinzenz-home.nix; - }) - ]; + config = lib.mkIf isUserEnabled { + users.users.vinzenz = { + isNormalUser = true; + name = "vinzenz"; + description = "Vinzenz Schroeter"; + home = "/home/vinzenz"; + extraGroups = ["networkmanager" "wheel" "games"]; + shell = pkgs.zsh; + }; + }; } From adb51fd36ebece2a0a9a85acca3c2c565785a0fc Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 13:20:34 +0200 Subject: [PATCH 005/241] better split also for desktop envs --- modules/default.nix | 2 +- modules/desktop/default.nix | 18 +++++--- modules/desktop/gnome-home.nix | 23 ++++++++++ modules/desktop/gnome.nix | 83 ++++++++++++++-------------------- modules/desktop/kde-home.nix | 18 ++++++++ modules/desktop/kde.nix | 73 ++++++++++++------------------ 6 files changed, 117 insertions(+), 100 deletions(-) create mode 100644 modules/desktop/gnome-home.nix create mode 100644 modules/desktop/kde-home.nix diff --git a/modules/default.nix b/modules/default.nix index 60755fa..9ae0dec 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -5,11 +5,11 @@ modulesCfg: {lib, ...}: { ./nixpkgs.nix ./globalinstalls.nix ./server.nix - ./desktop ] ++ (map (path: (import path modulesCfg)) [ ./hardware ./users + ./desktop ]); config = { diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index a7bbc6f..cb56ba0 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -1,16 +1,22 @@ -{ +modulesCfg: { config, pkgs, lib, ... }: let isEnabled = config.my.desktop.enable; + isHomeManager = modulesCfg.enableHomeManager; in { - imports = [ - ./gnome.nix - ./kde.nix - ./gaming.nix - ]; + imports = + [ + ./gnome.nix + ./kde.nix + ./gaming.nix + ] + ++ lib.optionals isHomeManager [ + ./gnome-home.nix + ./kde-home.nix + ]; options.my.desktop.enable = lib.mkEnableOption "desktop"; diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix new file mode 100644 index 0000000..ee3870b --- /dev/null +++ b/modules/desktop/gnome-home.nix @@ -0,0 +1,23 @@ +{ + lib, + config, + pkgs, + ... +}: let + isEnabled = config.my.desktop.enableGnome; +in { + config = lib.mkIf isEnabled { + home-manager.sharedModules = [ + { + home.packages = with pkgs; [ + amberol + ]; + dconf.settings = { + "org/gnome/desktop/peripherals/keyboard" = { + numlock-state = true; + }; + }; + } + ]; + }; +} diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index 9e754f3..6fef40d 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -5,62 +5,45 @@ ... }: let isEnabled = config.my.desktop.enableGnome; - enableHomeManager = config.my.modulesCfg.enableHomeManager; in { options.my.desktop.enableGnome = lib.mkEnableOption "gnome desktop"; - config = lib.mkMerge [ - (lib.mkIf isEnabled { - my.desktop.enable = true; + config = lib.mkIf isEnabled { + my.desktop.enable = true; - services = { - xserver = { - # Enable the GNOME Desktop Environment. - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; - }; - - gnome = { - tracker-miners.enable = false; - tracker.enable = false; - }; + services = { + xserver = { + # Enable the GNOME Desktop Environment. + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; }; - programs.gpaste.enable = true; - - environment = { - systemPackages = with pkgs; [ - gnomeExtensions.gsconnect - ]; - - # remove some gnome default apps - gnome.excludePackages = with pkgs.gnome; [ - cheese # photo booth - epiphany # web browser - evince # document viewer - geary # email client - seahorse # password manager - gnome-clocks - gnome-maps - gnome-weather - gnome-music - pkgs.gnome-connections - ]; + gnome = { + tracker-miners.enable = false; + tracker.enable = false; }; - }) - (lib.mkIf (isEnabled && enableHomeManager) { - home-manager.sharedModules = [ - { - home.packages = with pkgs; [ - amberol - ]; - dconf.settings = { - "org/gnome/desktop/peripherals/keyboard" = { - numlock-state = true; - }; - }; - } + }; + + programs.gpaste.enable = true; + + environment = { + systemPackages = with pkgs; [ + gnomeExtensions.gsconnect ]; - }) - ]; + + # remove some gnome default apps + gnome.excludePackages = with pkgs.gnome; [ + cheese # photo booth + epiphany # web browser + evince # document viewer + geary # email client + seahorse # password manager + gnome-clocks + gnome-maps + gnome-weather + gnome-music + pkgs.gnome-connections + ]; + }; + }; } diff --git a/modules/desktop/kde-home.nix b/modules/desktop/kde-home.nix new file mode 100644 index 0000000..2ece5e0 --- /dev/null +++ b/modules/desktop/kde-home.nix @@ -0,0 +1,18 @@ +{ + lib, + config, + ... +}: let + isEnabled = config.my.desktop.enableKde; +in { + config = lib.mkIf isEnabled { + home-manager.sharedModules = [ + { + services.kdeconnect = { + enable = true; + indicator = true; + }; + } + ]; + }; +} diff --git a/modules/desktop/kde.nix b/modules/desktop/kde.nix index 253ff29..45c31ee 100644 --- a/modules/desktop/kde.nix +++ b/modules/desktop/kde.nix @@ -5,57 +5,44 @@ ... }: let isEnabled = config.my.desktop.enableKde; - enableHomeManager = config.my.modulesCfg.enableHomeManager; in { options.my.desktop.enableKde = lib.mkEnableOption "KDE desktop"; - config = lib.mkMerge [ - (lib.mkIf isEnabled { - my.desktop.enable = true; + config = lib.mkIf isEnabled { + my.desktop.enable = true; - # flatpak xdg-portal-kde crashes, otherwise this would be global - services.flatpak.enable = false; + # flatpak xdg-portal-kde crashes, otherwise this would be global + services.flatpak.enable = false; - services = { - # Enable the KDE Plasma Desktop Environment. - xserver = { - desktopManager.plasma5.enable = true; + services = { + # Enable the KDE Plasma Desktop Environment. + xserver = { + desktopManager.plasma5.enable = true; - displayManager = { - sddm.enable = true; - defaultSession = "plasmawayland"; - }; + displayManager = { + sddm.enable = true; + defaultSession = "plasmawayland"; }; }; + }; - environment = { - systemPackages = with pkgs; [ - libsForQt5.kate - libsForQt5.kalk - ]; - - plasma5.excludePackages = with pkgs.libsForQt5; [ - elisa - gwenview - okular - khelpcenter - ]; - }; - - programs = { - dconf.enable = true; - partition-manager.enable = true; - }; - }) - (lib.mkIf (isEnabled && enableHomeManager) { - home-manager.sharedModules = [ - { - services.kdeconnect = { - enable = true; - indicator = true; - }; - } + environment = { + systemPackages = with pkgs; [ + libsForQt5.kate + libsForQt5.kalk ]; - }) - ]; + + plasma5.excludePackages = with pkgs.libsForQt5; [ + elisa + gwenview + okular + khelpcenter + ]; + }; + + programs = { + dconf.enable = true; + partition-manager.enable = true; + }; + }; } From db31ee7ba1fd4334d5630d2e94bac1df7fd5d902 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 13:48:16 +0200 Subject: [PATCH 006/241] sync manually installed extensions into config --- modules/users/vinzenz-home.nix | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 0477049..5f39c5b 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -85,10 +85,15 @@ enable = true; package = pkgs.vscodium; enableUpdateCheck = false; - extensions = with pkgs; [ - vscode-extensions.bbenoist.nix - vscode-extensions.ms-python.python - vscode-extensions.kamadorueda.alejandra + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + ms-python.python + kamadorueda.alejandra + samuelcolvin.jinjahtml + EditorConfig.EditorConfig + KnisterPeter.vscode-github + yzhang.markdown-all-in-one + redhat.vscode-yaml ]; userSettings = { "git.autofetch" = true; From 821d057aca4be8181b3cacc60a271274aad7e1d5 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 14:25:24 +0200 Subject: [PATCH 007/241] fix user without home-manager -_- --- modules/users/home-manager.nix | 2 +- modules/users/vinzenz-home.nix | 11 +++++++---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/modules/users/home-manager.nix b/modules/users/home-manager.nix index 3166eb1..4601b8d 100644 --- a/modules/users/home-manager.nix +++ b/modules/users/home-manager.nix @@ -15,7 +15,7 @@ users = { ronja = lib.mkIf (builtins.elem "ronja" config.my.enabledUsers) (import ./ronja-home.nix); - vinzenz = lib.mkIf (builtins.elem "ronja" config.my.enabledUsers) (import ./vinzenz-home.nix); + vinzenz = lib.mkIf (builtins.elem "vinzenz" config.my.enabledUsers) (import ./vinzenz-home.nix); }; sharedModules = [ diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 5f39c5b..477b649 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -89,11 +89,13 @@ bbenoist.nix ms-python.python kamadorueda.alejandra - samuelcolvin.jinjahtml - EditorConfig.EditorConfig - KnisterPeter.vscode-github + #samuelcolvin.jinjahtml + #EditorConfig.EditorConfig + #KnisterPeter.vscode-github yzhang.markdown-all-in-one redhat.vscode-yaml + #PKief.material-icon-theme + mhutchie.git-graph ]; userSettings = { "git.autofetch" = true; @@ -105,12 +107,13 @@ "editor.minimap.autohide" = true; "diffEditor.diffAlgorithm" = "advanced"; "explorer.excludeGitIgnore" = true; - "workbench.startupEditor" = "readme"; "markdown.extension.tableFormatter.normalizeIndentation" = true; "markdown.extension.toc.orderedList" = false; "telemetry.telemetryLevel" = "off"; "redhat.telemetry.enabled" = false; + "workbench.startupEditor" = "readme"; "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; }; }; From 37f5f73a761cdf9e3d94ecb67c7df0f5d0c6811b Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 14:56:07 +0200 Subject: [PATCH 008/241] sshd module, home-shared-modules --- modules/default.nix | 1 + modules/desktop/default.nix | 10 ------ modules/server.nix | 22 +++---------- modules/sshd.nix | 13 ++++++++ modules/users/home-manager.nix | 46 ++------------------------- modules/users/home-shared-modules.nix | 44 +++++++++++++++++++++++++ modules/users/vinzenz-home.nix | 1 - 7 files changed, 66 insertions(+), 71 deletions(-) create mode 100644 modules/sshd.nix create mode 100644 modules/users/home-shared-modules.nix diff --git a/modules/default.nix b/modules/default.nix index 9ae0dec..841095e 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -5,6 +5,7 @@ modulesCfg: {lib, ...}: { ./nixpkgs.nix ./globalinstalls.nix ./server.nix + ./sshd.nix ] ++ (map (path: (import path modulesCfg)) [ ./hardware diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index cb56ba0..66ede1e 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -27,16 +27,6 @@ in { # Enable CUPS to print documents. printing.enable = true; - - # Enable the OpenSSH daemon. - openssh = { - enable = true; - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - KbdInteractiveAuthentication = false; - }; - }; }; # Enable sound with pipewire. diff --git a/modules/server.nix b/modules/server.nix index a79adad..a3db927 100644 --- a/modules/server.nix +++ b/modules/server.nix @@ -11,26 +11,14 @@ in { }; config = lib.mkIf cfg.enable { - services = { - # Enable the OpenSSH daemon. - openssh = { - enable = true; - settings = { - # PermitRootLogin = "no"; # this is managed through authorized keys - PasswordAuthentication = false; - KbdInteractiveAuthentication = false; - }; - }; - }; - networking.firewall = { enable = true; allowedTCPPortRanges = [ - { - # ssh - from = 22; - to = 22; - } + # { + # # ssh + # from = 22; + # to = 22; + # } ]; }; }; diff --git a/modules/sshd.nix b/modules/sshd.nix new file mode 100644 index 0000000..747eeac --- /dev/null +++ b/modules/sshd.nix @@ -0,0 +1,13 @@ +{...}: { + config = { + services.openssh = { + enable = true; + openFirewall = true; + settings = { + PermitRootLogin = "without-password"; + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + }; + }; + }; +} diff --git a/modules/users/home-manager.nix b/modules/users/home-manager.nix index 4601b8d..73adcc6 100644 --- a/modules/users/home-manager.nix +++ b/modules/users/home-manager.nix @@ -13,53 +13,13 @@ useUserPackages = true; useGlobalPkgs = true; + # defaults for users + sharedModules = import ./home-shared-modules.nix; + users = { ronja = lib.mkIf (builtins.elem "ronja" config.my.enabledUsers) (import ./ronja-home.nix); vinzenz = lib.mkIf (builtins.elem "vinzenz" config.my.enabledUsers) (import ./vinzenz-home.nix); }; - - sharedModules = [ - # set stateVersion - {home.stateVersion = "22.11";} - # make nano the default editor - { - home = { - sessionVariables.EDITOR = "nano"; - file.".nanorc".text = lib.mkDefault '' - set linenumbers - set mouse - ''; - }; - } - # command line niceness - { - programs = { - command-not-found.enable = true; - dircolors.enable = true; - - zsh = { - enable = true; - enableSyntaxHighlighting = true; - enableAutosuggestions = true; - enableVteIntegration = true; - }; - }; - } - # common git config - { - programs = { - git = { - enable = true; - extraConfig.init.defaultBranch = "main"; - }; - - gh = { - enable = true; - enableGitCredentialHelper = true; - }; - }; - } - ]; }; }; } diff --git a/modules/users/home-shared-modules.nix b/modules/users/home-shared-modules.nix new file mode 100644 index 0000000..b2bd91a --- /dev/null +++ b/modules/users/home-shared-modules.nix @@ -0,0 +1,44 @@ +[ + # set stateVersion + { + home.stateVersion = "22.11"; + } + # make nano the default editor + { + home = { + sessionVariables.EDITOR = "nano"; + file.".nanorc".text = '' + set linenumbers + set mouse + ''; + }; + } + # command line niceness + { + programs = { + command-not-found.enable = true; + dircolors.enable = true; + + zsh = { + enable = true; + enableSyntaxHighlighting = true; + enableAutosuggestions = true; + enableVteIntegration = true; + }; + }; + } + # common git config + { + programs = { + git = { + enable = true; + extraConfig.init.defaultBranch = "main"; + }; + + gh = { + enable = true; + enableGitCredentialHelper = true; + }; + }; + } +] diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 477b649..3ee1b64 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -75,7 +75,6 @@ extraConfig = { pull.ff = "only"; - init.defaultBranch = "main"; merge.tool = "kdiff3"; push.autoSetupRemote = "true"; }; From 436c91561630c3feed572fb1c3758a5070b8b09a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 14:57:20 +0200 Subject: [PATCH 009/241] remove user from server --- hetzner-vpn1.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index da00bf0..5aaf7ce 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -7,12 +7,8 @@ ]; config = { - my = { - enabledUsers = ["vinzenz"]; - server.enable = true; - }; + my.server.enable = true; - # TODO change to user "vinzenz" when tested users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' ]; From 04c82ccd9975d34d05df43b50b3dbc7132d66a96 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 14:59:21 +0200 Subject: [PATCH 010/241] fix vpn1 not building --- hetzner-vpn1.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 5aaf7ce..9e42020 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -7,7 +7,10 @@ ]; config = { - my.server.enable = true; + my = { + enabledUsers = []; + server.enable = true; + }; users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' From 82ae5a89fc6be7e36005f24b4a7018dc5420277a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 23 Sep 2023 11:53:52 +0200 Subject: [PATCH 011/241] explicitly install dxvk --- modules/desktop/gaming.nix | 16 +++++++++++----- modules/hardware/amdgpu.nix | 1 + 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index f179765..2c9b6ab 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -6,17 +6,22 @@ }: let isEnabled = config.my.desktop.enableGaming; in { - imports = []; - options.my.desktop.enableGaming = lib.mkEnableOption "gaming with wine"; config = lib.mkIf isEnabled { - hardware.opengl.driSupport32Bit = true; + hardware.opengl = { + driSupport32Bit = true; + extraPackages = with pkgs; [mangohud]; + extraPackages32 = with pkgs; [mangohud]; + }; environment.systemPackages = with pkgs; [ wineWowPackages.stagingFull wineWowPackages.fonts winetricks + dxvk + mangohud + vulkan-tools (lutris.override { extraPkgs = pkgs: [ @@ -29,10 +34,11 @@ in { ]; programs = { + xwayland.enable = true; steam = { enable = true; - remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play - dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; }; }; }; diff --git a/modules/hardware/amdgpu.nix b/modules/hardware/amdgpu.nix index 5c847ae..2e4486b 100644 --- a/modules/hardware/amdgpu.nix +++ b/modules/hardware/amdgpu.nix @@ -11,6 +11,7 @@ in { config = lib.mkIf isEnabled { environment.systemPackages = with pkgs; [ radeontop + amdvlk ]; }; } From 996ed9e0268af5cfd641ee08f3d53be530079542 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Sep 2023 15:27:13 +0200 Subject: [PATCH 012/241] fixup kdeconnect, enable some more settings globally --- modules/desktop/default.nix | 2 +- modules/desktop/gnome.nix | 37 +++++++++++++++++-------------------- modules/desktop/kde.nix | 1 + modules/globalinstalls.nix | 7 ++++++- 4 files changed, 25 insertions(+), 22 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 66ede1e..7e5f08a 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -41,7 +41,7 @@ in { }; programs = { - git.package = pkgs.gitFull; + kdeconnect.enable = true; }; # unblock kde connect / gsconnect diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index 6fef40d..d48c9ba 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -24,26 +24,23 @@ in { }; }; - programs.gpaste.enable = true; - - environment = { - systemPackages = with pkgs; [ - gnomeExtensions.gsconnect - ]; - - # remove some gnome default apps - gnome.excludePackages = with pkgs.gnome; [ - cheese # photo booth - epiphany # web browser - evince # document viewer - geary # email client - seahorse # password manager - gnome-clocks - gnome-maps - gnome-weather - gnome-music - pkgs.gnome-connections - ]; + programs = { + gpaste.enable = true; + kdeconnect.package = pkgs.gnomeExtensions.gsconnect; }; + + # remove some gnome default apps + environment.gnome.excludePackages = with pkgs.gnome; [ + cheese # photo booth + epiphany # web browser + evince # document viewer + geary # email client + seahorse # password manager + gnome-clocks + gnome-maps + gnome-weather + gnome-music + pkgs.gnome-connections + ]; }; } diff --git a/modules/desktop/kde.nix b/modules/desktop/kde.nix index 45c31ee..0c5a713 100644 --- a/modules/desktop/kde.nix +++ b/modules/desktop/kde.nix @@ -43,6 +43,7 @@ in { programs = { dconf.enable = true; partition-manager.enable = true; + kdeconnect.enable = true; }; }; } diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix index 412a50a..aa7681e 100644 --- a/modules/globalinstalls.nix +++ b/modules/globalinstalls.nix @@ -10,9 +10,14 @@ }; programs = { - git.enable = true; zsh.enable = true; htop.enable = true; + iotop.enable = true; + nano.syntaxHighlight = true; + git = { + enable = true; + package = pkgs.gitFull; + }; }; }; } From 61419b3559a58d2b4e8d6d502388d9185f0a0d84 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 2 Oct 2023 17:14:20 +0200 Subject: [PATCH 013/241] use some unstable pkgs, reorganize hw --- README.md | 20 ++++++++------ hetzner-vpn1.nix | 2 +- modules/desktop/default.nix | 4 +++ modules/desktop/gaming.nix | 1 + modules/hardware/amd.nix | 47 ++++++++++++++++++++++++++++++++ modules/hardware/amdcpu.nix | 15 ---------- modules/hardware/amdgpu.nix | 17 ------------ modules/hardware/default.nix | 5 ++-- modules/hardware/intel.nix | 39 ++++++++++++++++++++++++++ modules/hardware/intelcpu.nix | 14 ---------- modules/hardware/vinzenz-lpt.nix | 7 +++-- modules/hardware/vinzenz-pc2.nix | 6 ++-- modules/nixpkgs.nix | 15 ++++++++-- modules/users/ronja-home.nix | 2 -- modules/users/vinzenz-home.nix | 1 - vinzenz-lpt.nix | 5 ++++ vinzenz-pc2.nix | 2 +- 17 files changed, 133 insertions(+), 69 deletions(-) create mode 100644 modules/hardware/amd.nix delete mode 100644 modules/hardware/amdcpu.nix delete mode 100644 modules/hardware/amdgpu.nix create mode 100644 modules/hardware/intel.nix delete mode 100644 modules/hardware/intelcpu.nix diff --git a/README.md b/README.md index 3195c03..4d254da 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,13 @@ # nixos-configuration -When adding a new host: -1. install NixOS via the graphical installer -2. `mv /etc/hardware-configuration ./devicename-hardware-configuration.nix` -3. copy an existing devicename.nix -5. change import to `new-devicename-hardware-configuration.nix` -6. set the hostname and optional imports in `new-devicename.nix` -7. `ln -s ./new-devicename.nix /etc/nixos/configuration.nix` -8. `sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-23.05.tar.gz home-manager` -9. apply +/ +├── modules +│ ├── desktop +│ ├── hardware (includes hostname.nix) +│ └── users +└── hostname.nix (imports modules) + +When adding a new host: `ln -s ./new-devicename.nix /etc/nixos/configuration.nix` + +Use `sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-23.05.tar.gz home-manager` to add home manager support. + diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 9e42020..d2c2fba 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -1,4 +1,4 @@ -{pkgs, ...}: { +{...}: { imports = [ (import ./modules { hostName = "hetzner-vpn1"; diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 7e5f08a..ab3aa05 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -42,6 +42,10 @@ in { programs = { kdeconnect.enable = true; + firefox = { + enable = true; + languagePacks = ["en-US" "de"]; + }; }; # unblock kde connect / gsconnect diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index 2c9b6ab..e0ae169 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -10,6 +10,7 @@ in { config = lib.mkIf isEnabled { hardware.opengl = { + driSupport = true; driSupport32Bit = true; extraPackages = with pkgs; [mangohud]; extraPackages32 = with pkgs; [mangohud]; diff --git a/modules/hardware/amd.nix b/modules/hardware/amd.nix new file mode 100644 index 0000000..d00b99c --- /dev/null +++ b/modules/hardware/amd.nix @@ -0,0 +1,47 @@ +{ + lib, + config, + pkgs, + ... +}: let + cfg = config.my.hardware.amd; +in { + options.my.hardware.amd = { + cpu = lib.mkEnableOption "amd cpu"; + gpu = lib.mkEnableOption "amd gpu"; + radeon = lib.mkEnableOption "amd legacy gpu"; # old hardware, dont judge + }; + + config = lib.mkMerge [ + (lib.mkIf cfg.cpu { + boot.kernelModules = ["kvm-amd"]; + hardware.cpu.amd.updateMicrocode = true; + }) + + (lib.mkIf cfg.gpu { + boot.kernelModules = ["amdgpu"]; + services.xserver.videoDrivers = ["amdgpu"]; + + hardware.opengl = { + extraPackages = with pkgs; [ + amdvlk + ]; + extraPackages32 = with pkgs; [ + driversi686Linux.amdvlk + ]; + }; + + environment.systemPackages = with pkgs; [ + unstable.nvtop-amd + ]; + }) + + (lib.mkIf cfg.radeon { + boot.kernelModules = ["radeon"]; + services.xserver.videoDrivers = ["radeon"]; + environment.systemPackages = with pkgs; [ + radeontop + ]; + }) + ]; +} diff --git a/modules/hardware/amdcpu.nix b/modules/hardware/amdcpu.nix deleted file mode 100644 index 6eedbb1..0000000 --- a/modules/hardware/amdcpu.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: let - isEnabled = config.my.hardware.isAmdCpu; -in { - options.my.hardware.isAmdCpu = lib.mkEnableOption "amd cpu"; - - config = lib.mkIf isEnabled { - boot.kernelModules = ["kvm-amd"]; - hardware.cpu.amd.updateMicrocode = true; - }; -} diff --git a/modules/hardware/amdgpu.nix b/modules/hardware/amdgpu.nix deleted file mode 100644 index 2e4486b..0000000 --- a/modules/hardware/amdgpu.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: let - isEnabled = config.my.hardware.isAmdGpu; -in { - options.my.hardware.isAmdGpu = lib.mkEnableOption "amd gpu"; - - config = lib.mkIf isEnabled { - environment.systemPackages = with pkgs; [ - radeontop - amdvlk - ]; - }; -} diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix index a6dfabc..a9a4a84 100644 --- a/modules/hardware/default.nix +++ b/modules/hardware/default.nix @@ -9,9 +9,8 @@ in { (modulesPath + "/installer/scan/not-detected.nix") (builtins.toString ./. + "/${hostName}.nix") ./common-desktop.nix - ./amdcpu.nix - ./amdgpu.nix - ./intelcpu.nix + ./amd.nix + ./intel.nix ]; options.my.modulesCfg.hostName = lib.mkOption { diff --git a/modules/hardware/intel.nix b/modules/hardware/intel.nix new file mode 100644 index 0000000..a2795c2 --- /dev/null +++ b/modules/hardware/intel.nix @@ -0,0 +1,39 @@ +{ + lib, + config, + pkgs, + ... +}: let + cfg = config.my.hardware.intel; +in { + options.my.hardware.intel = { + cpu = lib.mkEnableOption "intel cpu"; + iGpu = lib.mkEnableOption "intel integrated gpu"; + }; + + config = lib.mkMerge [ + (lib.mkIf cfg.cpu { + boot.kernelModules = ["kvm-intel"]; + hardware.cpu.intel.updateMicrocode = true; + }) + (lib.mkIf cfg.iGpu { + hardware.opengl = { + extraPackages = with pkgs; [ + intel-media-driver + vaapiIntel + vaapiVdpau + libvdpau-va-gl + ]; + extraPackages32 = with pkgs.pkgsi686Linux; [ + intel-media-driver + vaapiIntel + vaapiVdpau + libvdpau-va-gl + ]; + }; + environment.systemPackages = with pkgs; [ + unstable.nvtop-intel + ]; + }) + ]; +} diff --git a/modules/hardware/intelcpu.nix b/modules/hardware/intelcpu.nix deleted file mode 100644 index e9d5ba8..0000000 --- a/modules/hardware/intelcpu.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - lib, - config, - ... -}: let - isEnabled = config.my.hardware.isIntelCpu; -in { - options.my.hardware.isIntelCpu = lib.mkEnableOption "intel cpu"; - - config = lib.mkIf isEnabled { - boot.kernelModules = ["kvm-intel"]; - hardware.cpu.intel.updateMicrocode = true; - }; -} diff --git a/modules/hardware/vinzenz-lpt.nix b/modules/hardware/vinzenz-lpt.nix index bec7a08..5f028ef 100644 --- a/modules/hardware/vinzenz-lpt.nix +++ b/modules/hardware/vinzenz-lpt.nix @@ -2,8 +2,11 @@ config = { my.hardware = { enableCommonDesktopSettings = true; - isIntelCpu = true; - isAmdGpu = true; + amd.radeon = true; + intel = { + cpu = true; + iGpu = true; + }; }; boot = { diff --git a/modules/hardware/vinzenz-pc2.nix b/modules/hardware/vinzenz-pc2.nix index 9fdaca7..3f6ce4a 100644 --- a/modules/hardware/vinzenz-pc2.nix +++ b/modules/hardware/vinzenz-pc2.nix @@ -2,8 +2,10 @@ config = { my.hardware = { enableCommonDesktopSettings = true; - isAmdCpu = true; - isAmdGpu = true; + amd = { + cpu = true; + gpu = true; + }; }; boot = { diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index b8299d3..3bb6d9a 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -1,6 +1,17 @@ -{...}: { +{config, ...}: let + unstable-commit-sha = "f5892ddac112a1e9b3612c39af1b72987ee5783a"; +in { config = { - nixpkgs.config.allowUnfree = true; + nixpkgs.config = { + allowUnfree = true; + + # make nixos-unstable availiable as 'pkgs.unstable' + packageOverrides = pkgs: { + unstable = import (fetchTarball "https://github.com/nixos/nixpkgs/tarball/${unstable-commit-sha}") { + config = config.nixpkgs.config; + }; + }; + }; system = { stateVersion = "22.11"; diff --git a/modules/users/ronja-home.nix b/modules/users/ronja-home.nix index 3e1982d..aed4e1e 100644 --- a/modules/users/ronja-home.nix +++ b/modules/users/ronja-home.nix @@ -12,8 +12,6 @@ programs = { home-manager.enable = true; - firefox.enable = true; - zsh = { history = { size = 10000; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 3ee1b64..04a1f81 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -30,7 +30,6 @@ programs = { home-manager.enable = true; - firefox.enable = true; fzf.enable = true; mangohud.enable = true; diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix index e184e77..5c5d847 100644 --- a/vinzenz-lpt.nix +++ b/vinzenz-lpt.nix @@ -17,5 +17,10 @@ # flatpak xdg-portal-kde crashes, otherwise this would be global services.flatpak.enable = true; + + # force rendering on dedicated graphics + environment.sessionVariables = rec { + DRI_PRIME = "1"; + }; }; } diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index a67ce96..775be57 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -1,4 +1,4 @@ -{pkgs, ...}: { +{...}: { imports = [ (import ./modules { hostName = "vinzenz-pc2"; From 80b5a14c5e6c19d7a81050596c4c1f4edce55a9a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 2 Oct 2023 18:14:05 +0200 Subject: [PATCH 014/241] whitelist for nonfree packages --- modules/desktop/default.nix | 9 +++++++++ modules/desktop/gaming.nix | 6 ++++++ modules/nixpkgs.nix | 17 ++++++++++++++--- 3 files changed, 29 insertions(+), 3 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index ab3aa05..262fcce 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -38,6 +38,7 @@ in { alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; + #jack.enable = true; }; programs = { @@ -90,6 +91,14 @@ in { "electron-12.2.3" ]; + my.allowUnfreePackages = [ + "insync" + "insync-pkg" + + "rider" + "pycharm-professional" + ]; + fonts = { fontconfig.defaultFonts.monospace = ["FiraCode Nerd Font"]; fonts = with pkgs; [ diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index e0ae169..69c8c83 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -42,5 +42,11 @@ in { dedicatedServer.openFirewall = true; }; }; + + my.allowUnfreePackages = [ + "steam" + "steam-original" + "steam-run" + ]; }; } diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index 3bb6d9a..d3db394 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -1,16 +1,27 @@ -{config, ...}: let +{ + config, + lib, + ... +}: let unstable-commit-sha = "f5892ddac112a1e9b3612c39af1b72987ee5783a"; in { + options.my.allowUnfreePackages = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = []; + example = ["steam"]; + }; + config = { nixpkgs.config = { - allowUnfree = true; - # make nixos-unstable availiable as 'pkgs.unstable' packageOverrides = pkgs: { unstable = import (fetchTarball "https://github.com/nixos/nixpkgs/tarball/${unstable-commit-sha}") { config = config.nixpkgs.config; }; }; + + # https://github.com/NixOS/nixpkgs/issues/197325#issuecomment-1579420085 + allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.my.allowUnfreePackages; }; system = { From e6366c642dd2f7dc73541a49fb605dbbbd95f536 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 2 Oct 2023 20:44:44 +0200 Subject: [PATCH 015/241] disable dedicated graphics by default again --- vinzenz-lpt.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix index 5c5d847..e184e77 100644 --- a/vinzenz-lpt.nix +++ b/vinzenz-lpt.nix @@ -17,10 +17,5 @@ # flatpak xdg-portal-kde crashes, otherwise this would be global services.flatpak.enable = true; - - # force rendering on dedicated graphics - environment.sessionVariables = rec { - DRI_PRIME = "1"; - }; }; } From 9e91c721d078cf47b41612d823dde96a70c00ab1 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 6 Oct 2023 00:02:00 +0200 Subject: [PATCH 016/241] add splash screen for prettier boot --- modules/hardware/common-desktop.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/hardware/common-desktop.nix b/modules/hardware/common-desktop.nix index dea948e..bdae391 100644 --- a/modules/hardware/common-desktop.nix +++ b/modules/hardware/common-desktop.nix @@ -21,6 +21,8 @@ in { timeout = 3; efi.canTouchEfiVariables = true; }; + + plymouth.enable = true; }; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking From d445fab12a6e29f154e17901e6808bc45cf1c405 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 6 Oct 2023 19:50:24 +0200 Subject: [PATCH 017/241] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 4d254da..5cee190 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,13 @@ # nixos-configuration +``` / ├── modules │ ├── desktop │ ├── hardware (includes hostname.nix) │ └── users └── hostname.nix (imports modules) +``` When adding a new host: `ln -s ./new-devicename.nix /etc/nixos/configuration.nix` From b2e3cc27b5d65dfa0a885940914d8c625f499a53 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 8 Oct 2023 12:29:20 +0200 Subject: [PATCH 018/241] glxinfo, new alias --- modules/desktop/gaming.nix | 1 + modules/users/vinzenz-home.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index 69c8c83..eab7098 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -23,6 +23,7 @@ in { dxvk mangohud vulkan-tools + glxinfo (lutris.override { extraPkgs = pkgs: [ diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 04a1f81..9820d5b 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -43,6 +43,7 @@ my-apply = "sudo nixos-rebuild boot"; my-switch = "sudo nixos-rebuild switch"; my-update = "sudo nixos-rebuild boot --upgrade"; + my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; my-fmt = "alejandra ."; my-test = "sudo nixos-rebuild test"; my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; From 8197774471b26085dc56e8dbf44a502362722bf5 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 8 Oct 2023 17:17:14 +0200 Subject: [PATCH 019/241] enable bluetooth, misc settings --- modules/desktop/default.nix | 9 ++++++--- modules/desktop/gaming.nix | 2 ++ modules/hardware/common-desktop.nix | 5 +++++ modules/nixpkgs.nix | 8 ++++++++ 4 files changed, 21 insertions(+), 3 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 262fcce..01b8f99 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -22,11 +22,14 @@ in { config = lib.mkIf isEnabled { services = { - # Enable the X11 windowing system / wayland depending on DE - xserver.enable = true; - # Enable CUPS to print documents. printing.enable = true; + + xserver = { + # Enable the X11 windowing system / wayland depending on DE + enable = true; + libinput.enable = true; + }; }; # Enable sound with pipewire. diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index eab7098..82ea784 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -35,6 +35,8 @@ in { }) ]; + hardware.steam-hardware.enable = true; + programs = { xwayland.enable = true; steam = { diff --git a/modules/hardware/common-desktop.nix b/modules/hardware/common-desktop.nix index bdae391..a63aef9 100644 --- a/modules/hardware/common-desktop.nix +++ b/modules/hardware/common-desktop.nix @@ -36,5 +36,10 @@ in { hardware.enableRedistributableFirmware = true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + hardware.bluetooth = { + enable = true; + package = pkgs.bluezFull; + }; }; } diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index d3db394..cb45389 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -38,5 +38,13 @@ in { dates = "monthly"; options = "--delete-older-than 30d"; }; + + documentation = { + enable = true; # documentation of packages + nixos.enable = false; # nixos documentation + man.enable = true; # manual pages and the man command + info.enable = false; # info pages and the info command + doc.enable = false; # documentation distributed in packages' /share/doc + }; }; } From a488df8854303ff134889c4e169e5b60aa48e544 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 8 Oct 2023 21:34:45 +0200 Subject: [PATCH 020/241] open factorio port --- modules/desktop/default.nix | 7 +++---- modules/desktop/gaming.nix | 8 ++++++++ 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 01b8f99..47fe492 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -52,22 +52,21 @@ in { }; }; - # unblock kde connect / gsconnect networking = { networkmanager.enable = true; - firewall.enable = true; firewall = { + enable = true; allowedTCPPortRanges = [ { - # KDE Connect + # KDE Connect / gsconnect from = 1714; to = 1764; } ]; allowedUDPPortRanges = [ { - # KDE Connect + # KDE Connect / gsconnect from = 1714; to = 1764; } diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index 82ea784..8355621 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -46,6 +46,14 @@ in { }; }; + networking.firewall.allowedUDPPortRanges = [ + { + # Factorio + from = 34197; + to = 34197; + } + ]; + my.allowUnfreePackages = [ "steam" "steam-original" From 5cd119f65e01dfdc5299010ccb37c87247b2bbff Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 22 Oct 2023 14:14:39 +0200 Subject: [PATCH 021/241] add printing and libreoffice --- modules/desktop/default.nix | 10 +++++++--- modules/desktop/printing.nix | 23 +++++++++++++++++++++++ vinzenz-lpt.nix | 1 + vinzenz-pc2.nix | 1 + 4 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 modules/desktop/printing.nix diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 47fe492..0408581 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -12,6 +12,7 @@ in { ./gnome.nix ./kde.nix ./gaming.nix + ./printing.nix ] ++ lib.optionals isHomeManager [ ./gnome-home.nix @@ -22,9 +23,6 @@ in { config = lib.mkIf isEnabled { services = { - # Enable CUPS to print documents. - printing.enable = true; - xserver = { # Enable the X11 windowing system / wayland depending on DE enable = true; @@ -86,6 +84,12 @@ in { environment = { systemPackages = with pkgs; [ lm_sensors + + # office + libreoffice-qt + hunspell + hunspellDicts.de-de + hunspellDicts.en-us-large ]; }; diff --git a/modules/desktop/printing.nix b/modules/desktop/printing.nix new file mode 100644 index 0000000..5f958aa --- /dev/null +++ b/modules/desktop/printing.nix @@ -0,0 +1,23 @@ +{ + config, + pkgs, + lib, + ... +}: let + isEnabled = config.my.desktop.enablePrinting; +in { + options.my.desktop.enablePrinting = lib.mkEnableOption "printing"; + + config = lib.mkIf isEnabled { + services = { + # Enable CUPS to print documents. + printing.enable = true; + + avahi = { + enable = true; # runs the Avahi daemon + nssmdns = true; # enables the mDNS NSS plug-in + openFirewall = true; # opens the firewall for UDP port 5353 + }; + }; + }; +} diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix index e184e77..1d04d75 100644 --- a/vinzenz-lpt.nix +++ b/vinzenz-lpt.nix @@ -12,6 +12,7 @@ desktop = { enableGnome = true; enableGaming = true; + enablePrinting = true; }; }; diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index 775be57..2d4437c 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -12,6 +12,7 @@ desktop = { enableKde = true; enableGaming = true; + enablePrinting = true; }; }; From 1559d8ccbd085db2207b68a50bea1e32a159d6ab Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 22 Oct 2023 14:15:28 +0200 Subject: [PATCH 022/241] add rustup and vscode extensions --- modules/users/vinzenz-home.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 9820d5b..08950bd 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -25,6 +25,7 @@ kdiff3 docker youtube-music + rustup ]; programs = { @@ -89,12 +90,13 @@ ms-python.python kamadorueda.alejandra #samuelcolvin.jinjahtml - #EditorConfig.EditorConfig + editorconfig.editorconfig #KnisterPeter.vscode-github yzhang.markdown-all-in-one redhat.vscode-yaml - #PKief.material-icon-theme + pkief.material-icon-theme mhutchie.git-graph + rust-lang.rust-analyzer ]; userSettings = { "git.autofetch" = true; From 37f5935b3f490d43973b0ba362fa5bfb3d5d2e49 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Tue, 31 Oct 2023 14:43:00 +0100 Subject: [PATCH 023/241] enable cachix --- modules/nixpkgs.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index cb45389..4843192 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -24,6 +24,13 @@ in { allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.my.allowUnfreePackages; }; + nix = { + settings = { + substituters = ["https://nix-community.cachix.org" "https://cache.nixos.org/"]; + trusted-public-keys = ["nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="]; + }; + }; + system = { stateVersion = "22.11"; # enable auto updates From fa9bf1f0f8c78866bf6a9ac2a0d5d39e8ecc9cc2 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Tue, 31 Oct 2023 14:43:19 +0100 Subject: [PATCH 024/241] more rust stuff --- modules/users/vinzenz-home.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 08950bd..bc8019b 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -25,7 +25,13 @@ kdiff3 docker youtube-music - rustup + + cargo + rustc + gcc + rustfmt + clippy + cargo-generate ]; programs = { @@ -97,6 +103,7 @@ pkief.material-icon-theme mhutchie.git-graph rust-lang.rust-analyzer + bungcip.better-toml ]; userSettings = { "git.autofetch" = true; @@ -115,6 +122,7 @@ "workbench.startupEditor" = "readme"; "workbench.enableExperiments" = false; "workbench.iconTheme" = "material-icon-theme"; + "rust-analyzer.checkOnSave.command" = "clippy"; }; }; From 3d1f8393f4cfc0d9bf73592e6fcbacb600dff090 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 3 Nov 2023 20:38:08 +0100 Subject: [PATCH 025/241] ultrastable nixpkgs for rarely used big apps, update unstable --- modules/globalinstalls.nix | 1 + modules/nixpkgs.nix | 6 +++++- modules/users/vinzenz-home.nix | 6 +++--- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix index aa7681e..aa2f826 100644 --- a/modules/globalinstalls.nix +++ b/modules/globalinstalls.nix @@ -6,6 +6,7 @@ pciutils ncdu tldr + glances ]; }; diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index 4843192..c9e6648 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -3,7 +3,8 @@ lib, ... }: let - unstable-commit-sha = "f5892ddac112a1e9b3612c39af1b72987ee5783a"; + unstable-commit-sha = "fa804edfb7869c9fb230e174182a8a1a7e512c40"; + ultrastable-commit-sha = "34bdaaf1f0b7fb6d9091472edc968ff10a8c2857"; in { options.my.allowUnfreePackages = lib.mkOption { type = lib.types.listOf lib.types.str; @@ -18,6 +19,9 @@ in { unstable = import (fetchTarball "https://github.com/nixos/nixpkgs/tarball/${unstable-commit-sha}") { config = config.nixpkgs.config; }; + ultrastable = import (fetchTarball "https://github.com/nixos/nixpkgs/tarball/${ultrastable-commit-sha}") { + config = config.nixpkgs.config; + }; }; # https://github.com/NixOS/nixpkgs/issues/197325#issuecomment-1579420085 diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index bc8019b..583c309 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -5,7 +5,7 @@ }: { home.packages = with pkgs; [ keepassxc - insync + unstable.insync telegram-desktop simple-scan wireguard-tools @@ -16,12 +16,12 @@ wirelesstools thefuck dotnet-sdk_7 - jetbrains.rider + ultrastable.jetbrains.rider alejandra arduino uucp screen - jetbrains.pycharm-professional + ultrastable.jetbrains.pycharm-professional kdiff3 docker youtube-music From c45080ccd5451fefba52a3ac5adfd9de7b84a594 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 6 Nov 2023 13:37:38 +0100 Subject: [PATCH 026/241] enable flatpak on all desktops --- modules/desktop/default.nix | 6 +++++- modules/desktop/kde.nix | 3 --- vinzenz-lpt.nix | 3 --- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 0408581..33a8fcc 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -23,11 +23,14 @@ in { config = lib.mkIf isEnabled { services = { + # Enable the X11 windowing system / wayland depending on DE xserver = { - # Enable the X11 windowing system / wayland depending on DE enable = true; libinput.enable = true; }; + + # flatpak xdg-portal-kde crashes, otherwise this would be global + flatpak.enable = true; }; # Enable sound with pipewire. @@ -76,6 +79,7 @@ in { # save some boot time because nothing actually requires network connectivity services.NetworkManager-wait-online.enable = false; + # prevent stuck units from preventing shutdown (default is 120s) extraConfig = '' DefaultTimeoutStopSec=12s ''; diff --git a/modules/desktop/kde.nix b/modules/desktop/kde.nix index 0c5a713..c6b6590 100644 --- a/modules/desktop/kde.nix +++ b/modules/desktop/kde.nix @@ -11,9 +11,6 @@ in { config = lib.mkIf isEnabled { my.desktop.enable = true; - # flatpak xdg-portal-kde crashes, otherwise this would be global - services.flatpak.enable = false; - services = { # Enable the KDE Plasma Desktop Environment. xserver = { diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix index 1d04d75..1bb1eda 100644 --- a/vinzenz-lpt.nix +++ b/vinzenz-lpt.nix @@ -15,8 +15,5 @@ enablePrinting = true; }; }; - - # flatpak xdg-portal-kde crashes, otherwise this would be global - services.flatpak.enable = true; }; } From 50b0025f12d6f0f790dc8995fae6d1f3eb90330a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 6 Nov 2023 13:53:11 +0100 Subject: [PATCH 027/241] more gnome config managed by nix --- modules/desktop/gnome-home.nix | 37 +++++++++++++++++++++++++++++++--- modules/desktop/gnome.nix | 8 +++++++- modules/users/vinzenz-home.nix | 2 ++ 3 files changed, 43 insertions(+), 4 deletions(-) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index ee3870b..c77d613 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -9,13 +9,44 @@ in { config = lib.mkIf isEnabled { home-manager.sharedModules = [ { - home.packages = with pkgs; [ - amberol - ]; + home.packages = with pkgs; + [ + amberol + ] + ++ (with gnome; [ + dconf-editor + gpaste + ]) + ++ (with gnomeExtensions; [ + caffeine + appindicator + gsconnect + ]); + dconf.settings = { "org/gnome/desktop/peripherals/keyboard" = { numlock-state = true; }; + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + }; + "org/gnome/tweaks" = { + show-extensions-notice = false; + }; + "ca/desrt/dconf-editor" = { + show-warning = false; + }; + "org/gnome/shell" = { + disable-user-extensions = false; + disabled-extensions = []; + enabled-extensions = [ + "appindicatorsupport@rgcjonas.gmail.com" + "workspace-indicator@gnome-shell-extensions.gcampax.github.com" + "caffeine@patapon.info" + "GPaste@gnome-shell-extensions.gnome.org" + "gsconnect@andyholmes.github.io" + ]; + }; }; } ]; diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index d48c9ba..2931202 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -14,17 +14,23 @@ in { services = { xserver = { # Enable the GNOME Desktop Environment. - displayManager.gdm.enable = true; + displayManager = { + gdm.enable = true; + defaultSession = "gnome"; + }; desktopManager.gnome.enable = true; }; gnome = { tracker-miners.enable = false; tracker.enable = false; + sushi.enable = true; + #gnome-remote-desktop.enable = true; }; }; programs = { + dconf.enable = true; gpaste.enable = true; kdeconnect.package = pkgs.gnomeExtensions.gsconnect; }; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 583c309..6da8e6c 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -123,6 +123,8 @@ "workbench.enableExperiments" = false; "workbench.iconTheme" = "material-icon-theme"; "rust-analyzer.checkOnSave.command" = "clippy"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; }; }; From 2600e6a9fbaf077ca65c78240f95be8604e0b6de Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 24 Nov 2023 14:32:58 +0100 Subject: [PATCH 028/241] update ultrastable, misc gnome stuff --- modules/desktop/gnome.nix | 5 +- modules/nixpkgs.nix | 2 +- modules/users/vinzenz-home.nix | 370 +++++++++++++++++---------------- 3 files changed, 194 insertions(+), 183 deletions(-) diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index 2931202..726ea99 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -25,7 +25,7 @@ in { tracker-miners.enable = false; tracker.enable = false; sushi.enable = true; - #gnome-remote-desktop.enable = true; + gnome-remote-desktop.enable = true; }; }; @@ -41,12 +41,11 @@ in { epiphany # web browser evince # document viewer geary # email client - seahorse # password manager + #seahorse # password manager gnome-clocks gnome-maps gnome-weather gnome-music - pkgs.gnome-connections ]; }; } diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index c9e6648..0b47cdc 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -4,7 +4,7 @@ ... }: let unstable-commit-sha = "fa804edfb7869c9fb230e174182a8a1a7e512c40"; - ultrastable-commit-sha = "34bdaaf1f0b7fb6d9091472edc968ff10a8c2857"; + ultrastable-commit-sha = "8f1180704ac35baded1a74164365ac7cdfba6f38"; in { options.my.allowUnfreePackages = lib.mkOption { type = lib.types.listOf lib.types.str; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 6da8e6c..f2aa8ca 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -1,193 +1,205 @@ { config, + osConfig, pkgs, + lib, ... -}: { - home.packages = with pkgs; [ - keepassxc - unstable.insync - telegram-desktop - simple-scan - wireguard-tools - element-desktop - etcher - iotop - lsof - wirelesstools - thefuck - dotnet-sdk_7 - ultrastable.jetbrains.rider - alejandra - arduino - uucp - screen - ultrastable.jetbrains.pycharm-professional - kdiff3 - docker - youtube-music +}: let + isGnomeEnabled = osConfig.my.desktop.enableGnome; +in + lib.mkMerge [ + { + home.packages = with pkgs; [ + keepassxc + unstable.insync + telegram-desktop + simple-scan + wireguard-tools + element-desktop + etcher + iotop + lsof + wirelesstools + thefuck + dotnet-sdk_7 + ultrastable.jetbrains.rider + alejandra + arduino + uucp + screen + ultrastable.jetbrains.pycharm-professional + kdiff3 + docker + youtube-music - cargo - rustc - gcc - rustfmt - clippy - cargo-generate - ]; + cargo + rustc + gcc + rustfmt + clippy + cargo-generate + ]; - programs = { - home-manager.enable = true; + programs = { + home-manager.enable = true; - fzf.enable = true; - mangohud.enable = true; + fzf.enable = true; + mangohud.enable = true; - zsh = { - initExtra = '' - eval "$(direnv hook zsh)"; - eval $(thefuck --alias); - ''; + zsh = { + initExtra = '' + eval "$(direnv hook zsh)"; + eval $(thefuck --alias); + ''; - shellAliases = { - my-apply = "sudo nixos-rebuild boot"; - my-switch = "sudo nixos-rebuild switch"; - my-update = "sudo nixos-rebuild boot --upgrade"; - my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; - my-fmt = "alejandra ."; - my-test = "sudo nixos-rebuild test"; - my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; - my-ip4 = "ip addr show | grep 192"; + shellAliases = { + my-apply = "sudo nixos-rebuild boot"; + my-switch = "sudo nixos-rebuild switch"; + my-update = "sudo nixos-rebuild boot --upgrade"; + my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; + my-fmt = "alejandra ."; + my-test = "sudo nixos-rebuild test"; + my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; + my-ip4 = "ip addr show | grep 192"; + }; + + history = { + size = 10000; + path = "${config.xdg.dataHome}/zsh/history"; + expireDuplicatesFirst = true; + }; + + oh-my-zsh = { + enable = true; + theme = "agnoster"; + plugins = ["git" "sudo" "docker" "systemadmin" "thefuck"]; + }; + }; + + git = { + enable = true; + userName = "Vinzenz Schroeter"; + userEmail = "vinzenz.f.s@gmail.com"; + + aliases = { + prettylog = "log --pretty=oneline --graph"; + spring-clean = "!git branch --merged | xargs -n 1 -r git branch -d"; + }; + + extraConfig = { + pull.ff = "only"; + merge.tool = "kdiff3"; + push.autoSetupRemote = "true"; + }; + }; + + vscode = { + enable = true; + package = pkgs.vscodium; + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + ms-python.python + kamadorueda.alejandra + #samuelcolvin.jinjahtml + editorconfig.editorconfig + #KnisterPeter.vscode-github + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + mhutchie.git-graph + rust-lang.rust-analyzer + bungcip.better-toml + ]; + userSettings = { + "git.autofetch" = true; + "update.mode" = "none"; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = true; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; + "rust-analyzer.checkOnSave.command" = "clippy"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; + }; + }; + + direnv = { + enable = true; + nix-direnv.enable = true; + }; + + chromium = { + enable = true; + extensions = [ + { + # ublock origin + id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; + } + { + id = "dcpihecpambacapedldabdbpakmachpb"; + updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; + } + ]; + }; + + exa = { + enable = true; + git = true; + icons = true; + enableAliases = true; + extraOptions = [ + "--group-directories-first" + "--header" + ]; + }; + + micro = { + enable = true; + settings = { + colorcolumn = 120; + hlsearch = true; + savecursor = true; + saveundo = true; + scrollbar = true; + smartpaste = true; + }; + }; + + # checked https://rycee.gitlab.io/home-manager/options.html until "programs.notmuch" }; - history = { - size = 10000; - path = "${config.xdg.dataHome}/zsh/history"; - expireDuplicatesFirst = true; - }; - - oh-my-zsh = { + editorconfig = { enable = true; - theme = "agnoster"; - plugins = ["git" "sudo" "docker" "systemadmin" "thefuck"]; + settings = { + "*" = { + charset = "utf-8"; + end_of_line = "lf"; + trim_trailing_whitespace = true; + insert_final_newline = true; + max_line_width = 120; + indent_style = "space"; + indent_size = 4; + }; + "*.nix" = { + indent_size = 2; + }; + }; }; - }; - - git = { - enable = true; - userName = "Vinzenz Schroeter"; - userEmail = "vinzenz.f.s@gmail.com"; - - aliases = { - prettylog = "log --pretty=oneline --graph"; - spring-clean = "!git branch --merged | xargs -n 1 -r git branch -d"; - }; - - extraConfig = { - pull.ff = "only"; - merge.tool = "kdiff3"; - push.autoSetupRemote = "true"; - }; - }; - - vscode = { - enable = true; - package = pkgs.vscodium; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - bbenoist.nix - ms-python.python - kamadorueda.alejandra - #samuelcolvin.jinjahtml - editorconfig.editorconfig - #KnisterPeter.vscode-github - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - mhutchie.git-graph - rust-lang.rust-analyzer - bungcip.better-toml + } + (lib.mkIf isGnomeEnabled { + home.packages = with pkgs; [ + fractal ]; - userSettings = { - "git.autofetch" = true; - "update.mode" = "none"; - "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; - "editor.fontLigatures" = true; - "editor.formatOnSave" = true; - "editor.formatOnSaveMode" = "modificationsIfAvailable"; - "editor.minimap.autohide" = true; - "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = true; - "markdown.extension.tableFormatter.normalizeIndentation" = true; - "markdown.extension.toc.orderedList" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; - "rust-analyzer.checkOnSave.command" = "clippy"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; - }; - }; - - direnv = { - enable = true; - nix-direnv.enable = true; - }; - - chromium = { - enable = true; - extensions = [ - { - # ublock origin - id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; - } - { - id = "dcpihecpambacapedldabdbpakmachpb"; - updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; - } - ]; - }; - - exa = { - enable = true; - git = true; - icons = true; - enableAliases = true; - extraOptions = [ - "--group-directories-first" - "--header" - ]; - }; - - micro = { - enable = true; - settings = { - colorcolumn = 120; - hlsearch = true; - savecursor = true; - saveundo = true; - scrollbar = true; - smartpaste = true; - }; - }; - - # checked https://rycee.gitlab.io/home-manager/options.html until "programs.notmuch" - }; - - editorconfig = { - enable = true; - settings = { - "*" = { - charset = "utf-8"; - end_of_line = "lf"; - trim_trailing_whitespace = true; - insert_final_newline = true; - max_line_width = 120; - indent_style = "space"; - indent_size = 4; - }; - "*.nix" = { - indent_size = 2; - }; - }; - }; -} + }) + ] From 504c17e3718c90770336e990c0357bc480160405 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 24 Nov 2023 16:12:21 +0100 Subject: [PATCH 029/241] switch pc2 to gnome --- modules/desktop/gnome.nix | 3 +++ vinzenz-pc2.nix | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index 726ea99..51367e1 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -47,5 +47,8 @@ in { gnome-weather gnome-music ]; + + # RDP connections + networking.firewall.allowedTCPPorts = [3389]; }; } diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index 2d4437c..b04fe29 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -10,7 +10,7 @@ my = { enabledUsers = ["vinzenz" "ronja"]; desktop = { - enableKde = true; + enableGnome = true; enableGaming = true; enablePrinting = true; }; From 9bf73e91fb17c5ef31285b9c89495a7a35e1bbe7 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 24 Nov 2023 16:14:37 +0100 Subject: [PATCH 030/241] fresh rider from current unstable --- modules/nixpkgs.nix | 2 +- modules/users/vinzenz-home.nix | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index 0b47cdc..8637656 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -3,7 +3,7 @@ lib, ... }: let - unstable-commit-sha = "fa804edfb7869c9fb230e174182a8a1a7e512c40"; + unstable-commit-sha = "19cbff58383a4ae384dea4d1d0c823d72b49d614"; ultrastable-commit-sha = "8f1180704ac35baded1a74164365ac7cdfba6f38"; in { options.my.allowUnfreePackages = lib.mkOption { diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index f2aa8ca..84d2016 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -21,8 +21,8 @@ in lsof wirelesstools thefuck - dotnet-sdk_7 - ultrastable.jetbrains.rider + dotnet-sdk_8 + unstable.jetbrains.rider alejandra arduino uucp From 6d43dd0ecbfc9a90d75097e8d46ed2a572609e9b Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 30 Nov 2023 16:53:47 +0100 Subject: [PATCH 031/241] enable gnome-clocks, show seconds in top bar --- modules/desktop/gnome-home.nix | 1 + modules/desktop/gnome.nix | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index c77d613..0511079 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -29,6 +29,7 @@ in { }; "org/gnome/desktop/interface" = { color-scheme = "prefer-dark"; + clock-show-seconds = true; }; "org/gnome/tweaks" = { show-extensions-notice = false; diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index 51367e1..633647c 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -42,7 +42,6 @@ in { evince # document viewer geary # email client #seahorse # password manager - gnome-clocks gnome-maps gnome-weather gnome-music From 0b7e4e0e614dca6e7d57a8587db04c886c078665 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 30 Nov 2023 16:54:06 +0100 Subject: [PATCH 032/241] use IDEs from toolbox app --- modules/desktop/default.nix | 1 + modules/users/vinzenz-home.nix | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 33a8fcc..78487f0 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -107,6 +107,7 @@ in { "rider" "pycharm-professional" + "jetbrains-toolbox" ]; fonts = { diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 84d2016..3c9e8a4 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -21,17 +21,17 @@ in lsof wirelesstools thefuck - dotnet-sdk_8 - unstable.jetbrains.rider alejandra arduino uucp screen - ultrastable.jetbrains.pycharm-professional kdiff3 docker youtube-music + unstable.jetbrains-toolbox + unstable.dotnet-sdk_8 + cargo rustc gcc From 7b517087556d87151e3053c9d3adea429c0e5a47 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 30 Nov 2023 17:25:44 +0100 Subject: [PATCH 033/241] gnome gtk3 adwaita theme --- modules/desktop/gnome-home.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index 0511079..5120bde 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -49,6 +49,16 @@ in { ]; }; }; + + gtk = { + enable = true; + iconTheme.name = "Adwaita"; + cursorTheme.name = "Adwaita"; + theme = { + name = "adw-gtk3"; + package = pkgs.adw-gtk3; + }; + }; } ]; }; From 38c7c96dcc0fe798bc66d3a52ecb7b8d655fa2e9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 3 Dec 2023 13:12:48 +0100 Subject: [PATCH 034/241] upgrade to nixos-23.11 nix-channel --add https://nixos.org/channels/nixos-23.11 nixos nix-channel --add https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz home-manager nix-channel --update sudo nixos-rebuild boot --upgrade --- modules/desktop/default.nix | 5 +++-- modules/globalinstalls.nix | 5 ++++- modules/hardware/common-desktop.nix | 5 +---- modules/users/home-shared-modules.nix | 4 ++-- modules/users/vinzenz-home.nix | 2 +- 5 files changed, 11 insertions(+), 10 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 78487f0..f790270 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -98,7 +98,7 @@ in { }; nixpkgs.config.permittedInsecurePackages = [ - "electron-12.2.3" + "electron-19.1.9" ]; my.allowUnfreePackages = [ @@ -111,8 +111,9 @@ in { ]; fonts = { + enableDefaultPackages = true; fontconfig.defaultFonts.monospace = ["FiraCode Nerd Font"]; - fonts = with pkgs; [ + packages = with pkgs; [ (nerdfonts.override {fonts = ["FiraCode"];}) ]; }; diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix index aa2f826..cade379 100644 --- a/modules/globalinstalls.nix +++ b/modules/globalinstalls.nix @@ -14,7 +14,10 @@ zsh.enable = true; htop.enable = true; iotop.enable = true; - nano.syntaxHighlight = true; + nano = { + enable = true; + syntaxHighlight = true; + }; git = { enable = true; package = pkgs.gitFull; diff --git a/modules/hardware/common-desktop.nix b/modules/hardware/common-desktop.nix index a63aef9..a427d18 100644 --- a/modules/hardware/common-desktop.nix +++ b/modules/hardware/common-desktop.nix @@ -37,9 +37,6 @@ in { nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.bluetooth = { - enable = true; - package = pkgs.bluezFull; - }; + hardware.bluetooth.enable = true; }; } diff --git a/modules/users/home-shared-modules.nix b/modules/users/home-shared-modules.nix index b2bd91a..0ca565d 100644 --- a/modules/users/home-shared-modules.nix +++ b/modules/users/home-shared-modules.nix @@ -21,7 +21,7 @@ zsh = { enable = true; - enableSyntaxHighlighting = true; + syntaxHighlighting.enable = true; enableAutosuggestions = true; enableVteIntegration = true; }; @@ -37,7 +37,7 @@ gh = { enable = true; - enableGitCredentialHelper = true; + gitCredentialHelper.enable = true; }; }; } diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 3c9e8a4..801fe53 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -153,7 +153,7 @@ in ]; }; - exa = { + eza = { enable = true; git = true; icons = true; From d0e9a9dc595710f182871c27f70a754d29a50739 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 3 Dec 2023 13:13:31 +0100 Subject: [PATCH 035/241] additional gnome apps --- modules/desktop/gnome-home.nix | 3 +++ modules/desktop/gnome.nix | 7 ++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index 5120bde..ded868b 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -12,6 +12,9 @@ in { home.packages = with pkgs; [ amberol + gitg + gnome-builder + meld ] ++ (with gnome; [ dconf-editor diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index 633647c..cd4d37f 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -14,11 +14,11 @@ in { services = { xserver = { # Enable the GNOME Desktop Environment. + desktopManager.gnome.enable = true; displayManager = { gdm.enable = true; defaultSession = "gnome"; }; - desktopManager.gnome.enable = true; }; gnome = { @@ -38,15 +38,16 @@ in { # remove some gnome default apps environment.gnome.excludePackages = with pkgs.gnome; [ cheese # photo booth - epiphany # web browser + #epiphany # web browser evince # document viewer geary # email client - #seahorse # password manager gnome-maps gnome-weather gnome-music ]; + environment.systemPackages = with pkgs.gnome; [ghex]; + # RDP connections networking.firewall.allowedTCPPorts = [3389]; }; From 8dce5f6c9d9d484fb51305dff171bacce4bbdf0f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 3 Dec 2023 13:28:29 +0100 Subject: [PATCH 036/241] update unstable/ultrastable for more compat with 23.11 --- modules/nixpkgs.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index 8637656..fa3d0e4 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -3,8 +3,8 @@ lib, ... }: let - unstable-commit-sha = "19cbff58383a4ae384dea4d1d0c823d72b49d614"; - ultrastable-commit-sha = "8f1180704ac35baded1a74164365ac7cdfba6f38"; + unstable-commit-sha = "e92039b55bcd58469325ded85d4f58dd5a4eaf58"; + ultrastable-commit-sha = "5de0b32be6e85dc1a9404c75131316e4ffbc634c"; in { options.my.allowUnfreePackages = lib.mkOption { type = lib.types.listOf lib.types.str; From 822a75d842d9ea95447fd118ff959e6dc51fac90 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 3 Dec 2023 13:31:34 +0100 Subject: [PATCH 037/241] can now use default packages instead of unstable --- modules/hardware/amd.nix | 2 +- modules/hardware/intel.nix | 2 +- modules/users/vinzenz-home.nix | 7 +++---- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/modules/hardware/amd.nix b/modules/hardware/amd.nix index d00b99c..94b959a 100644 --- a/modules/hardware/amd.nix +++ b/modules/hardware/amd.nix @@ -32,7 +32,7 @@ in { }; environment.systemPackages = with pkgs; [ - unstable.nvtop-amd + nvtop-amd ]; }) diff --git a/modules/hardware/intel.nix b/modules/hardware/intel.nix index a2795c2..177ba55 100644 --- a/modules/hardware/intel.nix +++ b/modules/hardware/intel.nix @@ -32,7 +32,7 @@ in { ]; }; environment.systemPackages = with pkgs; [ - unstable.nvtop-intel + nvtop-intel ]; }) ]; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 801fe53..c2c0d63 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -11,7 +11,7 @@ in { home.packages = with pkgs; [ keepassxc - unstable.insync + insync telegram-desktop simple-scan wireguard-tools @@ -26,11 +26,10 @@ in uucp screen kdiff3 - docker youtube-music - unstable.jetbrains-toolbox - unstable.dotnet-sdk_8 + jetbrains-toolbox + dotnet-sdk_8 cargo rustc From e85ece08598ab57b27a663b817d8d8a0a0854475 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 4 Dec 2023 15:08:22 +0100 Subject: [PATCH 038/241] remove micro, epiphany, gnome-tour --- modules/desktop/gnome.nix | 3 ++- modules/users/vinzenz-home.nix | 12 ------------ 2 files changed, 2 insertions(+), 13 deletions(-) diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index cd4d37f..fc42f25 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -38,12 +38,13 @@ in { # remove some gnome default apps environment.gnome.excludePackages = with pkgs.gnome; [ cheese # photo booth - #epiphany # web browser + epiphany # web browser evince # document viewer geary # email client gnome-maps gnome-weather gnome-music + pkgs.gnome-tour ]; environment.systemPackages = with pkgs.gnome; [ghex]; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index c2c0d63..1675815 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -163,18 +163,6 @@ in ]; }; - micro = { - enable = true; - settings = { - colorcolumn = 120; - hlsearch = true; - savecursor = true; - saveundo = true; - scrollbar = true; - smartpaste = true; - }; - }; - # checked https://rycee.gitlab.io/home-manager/options.html until "programs.notmuch" }; From d790d3ba3e99b83f0d77dee3d14649c3cd38e23c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 4 Dec 2023 22:24:43 +0100 Subject: [PATCH 039/241] add tailscale --- modules/default.nix | 1 + modules/desktop/gnome-home.nix | 5 +++++ modules/tailscale.nix | 19 +++++++++++++++++++ vinzenz-lpt.nix | 1 + 4 files changed, 26 insertions(+) create mode 100644 modules/tailscale.nix diff --git a/modules/default.nix b/modules/default.nix index 841095e..7adcf2c 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -6,6 +6,7 @@ modulesCfg: {lib, ...}: { ./globalinstalls.nix ./server.nix ./sshd.nix + ./tailscale.nix ] ++ (map (path: (import path modulesCfg)) [ ./hardware diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index ded868b..86d2dab 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -63,6 +63,11 @@ in { }; }; } + (lib.mkIf config.my.tailscale.enable + { + home.packages = with pkgs.gnomeExtensions; [tailscale-qs]; + dconf.settings."org/gnome/shell".enabled-extensions = ["tailscale@joaophi.github.com"]; + }) ]; }; } diff --git a/modules/tailscale.nix b/modules/tailscale.nix new file mode 100644 index 0000000..b301dcb --- /dev/null +++ b/modules/tailscale.nix @@ -0,0 +1,19 @@ +{ + pkgs, + config, + lib, + ... +}: let + cfg = config.my.tailscale; +in { + options.my.tailscale = { + enable = lib.mkEnableOption "enable tailscale vpn"; + }; + + config = lib.mkIf cfg.enable { + services.tailscale = { + enable = true; + openFirewall = true; + }; + }; +} diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix index 1bb1eda..1872c0a 100644 --- a/vinzenz-lpt.nix +++ b/vinzenz-lpt.nix @@ -9,6 +9,7 @@ config = { my = { enabledUsers = ["vinzenz"]; + tailscale.enable = true; desktop = { enableGnome = true; enableGaming = true; From 34b04b9ed147ac5397d2afe49552c4993d71b83f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 4 Dec 2023 22:25:12 +0100 Subject: [PATCH 040/241] switch to gnome impression for creating bootable usb sticks --- modules/desktop/gnome.nix | 2 +- modules/users/vinzenz-home.nix | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index fc42f25..12cde3d 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -47,7 +47,7 @@ in { pkgs.gnome-tour ]; - environment.systemPackages = with pkgs.gnome; [ghex]; + environment.systemPackages = with pkgs; [gnome.ghex impression]; # RDP connections networking.firewall.allowedTCPPorts = [3389]; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 1675815..27ed3e2 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -16,7 +16,6 @@ in simple-scan wireguard-tools element-desktop - etcher iotop lsof wirelesstools From e5f8fbb4467c006f49eae609174fb1cb798a70db Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 4 Dec 2023 22:45:50 +0100 Subject: [PATCH 041/241] tailscale everywhere --- hetzner-vpn1.nix | 1 + vinzenz-pc2.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index d2c2fba..21581d4 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -10,6 +10,7 @@ my = { enabledUsers = []; server.enable = true; + tailscale.enable = true; }; users.users.root.openssh.authorizedKeys.keys = [ diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index b04fe29..62b2c81 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -9,6 +9,7 @@ config = { my = { enabledUsers = ["vinzenz" "ronja"]; + tailscale.enable = true; desktop = { enableGnome = true; enableGaming = true; From c2e62ec81b2ab2ff688414264647cb3525d43747 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Tue, 5 Dec 2023 14:50:19 +0100 Subject: [PATCH 042/241] allow phone ssh key on all hosts --- hetzner-vpn1.nix | 1 + vinzenz-lpt.nix | 5 +++++ vinzenz-pc2.nix | 1 + 3 files changed, 7 insertions(+) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 21581d4..85793e6 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -15,6 +15,7 @@ users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ]; }; } diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix index 1872c0a..40b27bb 100644 --- a/vinzenz-lpt.nix +++ b/vinzenz-lpt.nix @@ -16,5 +16,10 @@ enablePrinting = true; }; }; + + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ]; }; } diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index 62b2c81..f1f8aa2 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -19,6 +19,7 @@ users.users.vinzenz.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming" + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ]; }; } From abd0d146eabf362b6835e39f621fd4ed97f77bdc Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Tue, 5 Dec 2023 15:00:02 +0100 Subject: [PATCH 043/241] allow pc2 ssh key on all hosts --- hetzner-vpn1.nix | 1 + vinzenz-lpt.nix | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 85793e6..e1e73ad 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -16,6 +16,7 @@ users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' ]; }; } diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix index 40b27bb..b1dbe8e 100644 --- a/vinzenz-lpt.nix +++ b/vinzenz-lpt.nix @@ -17,9 +17,9 @@ }; }; - users.users.vinzenz.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' ]; }; } From 04ccf5cdd4a44e8d3d72c6f1c280050071115335 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Tue, 5 Dec 2023 15:00:22 +0100 Subject: [PATCH 044/241] add dig --- modules/globalinstalls.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix index cade379..bb43059 100644 --- a/modules/globalinstalls.nix +++ b/modules/globalinstalls.nix @@ -7,6 +7,7 @@ ncdu tldr glances + dig ]; }; From 026f592b178f61ad00b3f9bde9d1a79b082711c9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 16 Dec 2023 11:28:44 +0100 Subject: [PATCH 045/241] add builttools as an option --- modules/buildtools.nix | 40 ++++++++++++++++++++++++++++++++++ modules/default.nix | 1 + modules/users/vinzenz-home.nix | 9 -------- vinzenz-pc2.nix | 5 +++++ 4 files changed, 46 insertions(+), 9 deletions(-) create mode 100644 modules/buildtools.nix diff --git a/modules/buildtools.nix b/modules/buildtools.nix new file mode 100644 index 0000000..8dce623 --- /dev/null +++ b/modules/buildtools.nix @@ -0,0 +1,40 @@ +{ + pkgs, + lib, + config, + ... +}: let + cfg = config.my.buildtools; +in { + options.my.buildtools = { + native = lib.mkEnableOption "include native build tools"; + dotnet = lib.mkEnableOption "include dotnet build tools"; + rust = lib.mkEnableOption "include rust build tools"; + }; + + config = lib.mkMerge [ + (lib.mkIf cfg.native + { + environment.systemPackages = with pkgs; [ + cmake + gnumake + gcc + gdb + ]; + }) + (lib.mkIf cfg.dotnet { + environment.systemPackages = with pkgs; [ + dotnet-sdk_8 + ]; + }) + (lib.mkIf cfg.rust { + environment.systemPackages = with pkgs; [ + cargo + rustc + rustfmt + clippy + cargo-generate + ]; + }) + ]; +} diff --git a/modules/default.nix b/modules/default.nix index 7adcf2c..b6f047d 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -7,6 +7,7 @@ modulesCfg: {lib, ...}: { ./server.nix ./sshd.nix ./tailscale.nix + ./buildtools.nix ] ++ (map (path: (import path modulesCfg)) [ ./hardware diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 27ed3e2..ecbe173 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -26,16 +26,7 @@ in screen kdiff3 youtube-music - jetbrains-toolbox - dotnet-sdk_8 - - cargo - rustc - gcc - rustfmt - clippy - cargo-generate ]; programs = { diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index f1f8aa2..27e23af 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -15,6 +15,11 @@ enableGaming = true; enablePrinting = true; }; + buildtools = { + native = true; + dotnet = true; + rust = true; + }; }; users.users.vinzenz.openssh.authorizedKeys.keys = [ From 419e2b26dc638ab0bcc0b13090d64dc2bb966256 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 16 Dec 2023 12:38:20 +0100 Subject: [PATCH 046/241] empty file template --- modules/users/home-shared-modules.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/users/home-shared-modules.nix b/modules/users/home-shared-modules.nix index 0ca565d..00ca57d 100644 --- a/modules/users/home-shared-modules.nix +++ b/modules/users/home-shared-modules.nix @@ -41,4 +41,8 @@ }; }; } + # Templates + { + home.file."Templates/Empty file".text = ""; + } ] From 623b9a96711ea4362ac24b776637723c933b2102 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 16 Dec 2023 12:38:58 +0100 Subject: [PATCH 047/241] move packages around, remove yt-music --- modules/desktop/gnome-home.nix | 1 + modules/globalinstalls.nix | 12 ++++++++++-- modules/users/vinzenz-home.nix | 15 +++++++-------- 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index 86d2dab..ecec1bb 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -15,6 +15,7 @@ in { gitg gnome-builder meld + simple-scan ] ++ (with gnome; [ dconf-editor diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix index bb43059..7aebf9b 100644 --- a/modules/globalinstalls.nix +++ b/modules/globalinstalls.nix @@ -3,11 +3,19 @@ environment = { pathsToLink = ["/share/zsh"]; systemPackages = with pkgs; [ - pciutils ncdu - tldr glances + iotop + + pciutils + lsof dig + + screen + + tldr + + icu ]; }; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index ecbe173..c84761a 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -12,20 +12,19 @@ in home.packages = with pkgs; [ keepassxc insync + telegram-desktop - simple-scan - wireguard-tools element-desktop - iotop - lsof + + wireguard-tools wirelesstools - thefuck - alejandra + + alejandra # nix formatter + arduino uucp - screen + kdiff3 - youtube-music jetbrains-toolbox ]; From 885d7e9d26f02136b6925f6862fb8200abd09ecf Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 16 Dec 2023 13:02:59 +0100 Subject: [PATCH 048/241] remove thefuck --- modules/users/vinzenz-home.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index c84761a..ade07e8 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -37,7 +37,6 @@ in zsh = { initExtra = '' eval "$(direnv hook zsh)"; - eval $(thefuck --alias); ''; shellAliases = { @@ -60,7 +59,7 @@ in oh-my-zsh = { enable = true; theme = "agnoster"; - plugins = ["git" "sudo" "docker" "systemadmin" "thefuck"]; + plugins = ["git" "sudo" "docker" "systemadmin"]; }; }; From 61ba08a9bf9a85623b0d1c8c47019ef1b368e16f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 16 Dec 2023 13:07:12 +0100 Subject: [PATCH 049/241] opt out of dotnet telemetry --- modules/buildtools.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/modules/buildtools.nix b/modules/buildtools.nix index 8dce623..484fea2 100644 --- a/modules/buildtools.nix +++ b/modules/buildtools.nix @@ -23,9 +23,14 @@ in { ]; }) (lib.mkIf cfg.dotnet { - environment.systemPackages = with pkgs; [ - dotnet-sdk_8 - ]; + environment = { + systemPackages = with pkgs; [ + dotnet-sdk_8 + ]; + variables = { + DOTNET_CLI_TELEMETRY_OPTOUT = "1"; + }; + }; }) (lib.mkIf cfg.rust { environment.systemPackages = with pkgs; [ From 0a9eed4fd200a52f3158f02cea746fbe3ace4c30 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 16 Dec 2023 15:33:20 +0100 Subject: [PATCH 050/241] fix dotnet publish --- modules/buildtools.nix | 6 ++++++ modules/globalinstalls.nix | 2 -- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/modules/buildtools.nix b/modules/buildtools.nix index 484fea2..1f8c830 100644 --- a/modules/buildtools.nix +++ b/modules/buildtools.nix @@ -20,12 +20,18 @@ in { gnumake gcc gdb + llvmPackages_latest.llvm + llvmPackages.clangUseLLVM ]; }) (lib.mkIf cfg.dotnet { environment = { systemPackages = with pkgs; [ dotnet-sdk_8 + + zlib zlib.dev + openssl + icu ]; variables = { DOTNET_CLI_TELEMETRY_OPTOUT = "1"; diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix index 7aebf9b..4c617d7 100644 --- a/modules/globalinstalls.nix +++ b/modules/globalinstalls.nix @@ -14,8 +14,6 @@ screen tldr - - icu ]; }; From 04a3c309fe9523df41381e419530c925fd661cf5 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 25 Dec 2023 12:06:50 +0100 Subject: [PATCH 051/241] jetbrais-remote-server --- modules/buildtools.nix | 14 ++++++++++++++ modules/desktop/default.nix | 4 +--- vinzenz-pc2.nix | 1 + 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/modules/buildtools.nix b/modules/buildtools.nix index 1f8c830..5aad730 100644 --- a/modules/buildtools.nix +++ b/modules/buildtools.nix @@ -10,6 +10,7 @@ in { native = lib.mkEnableOption "include native build tools"; dotnet = lib.mkEnableOption "include dotnet build tools"; rust = lib.mkEnableOption "include rust build tools"; + jetbrains-remote-server = lib.mkEnableOption "setup jetbrais IDE installs so -remote-dev-server can be started"; }; config = lib.mkMerge [ @@ -47,5 +48,18 @@ in { cargo-generate ]; }) + (lib.mkIf cfg.jetbrains-remote-server { + environment.systemPackages = with pkgs.jetbrains; [ + jdk # required for all of them + rider + clion + pycharm-professional + ]; + my.allowUnfreePackages = [ + "rider" + "clion" + "pycharm-professional" + ]; + }) ]; } diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index f790270..575b99e 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -97,9 +97,7 @@ in { ]; }; - nixpkgs.config.permittedInsecurePackages = [ - "electron-19.1.9" - ]; + nixpkgs.config.permittedInsecurePackages = []; my.allowUnfreePackages = [ "insync" diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index 27e23af..a40a53a 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -19,6 +19,7 @@ native = true; dotnet = true; rust = true; + jetbrains-remote-server = true; }; }; From a7fedb9e8abccc8aa6d511b8ab18fc126145695e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 25 Dec 2023 12:06:58 +0100 Subject: [PATCH 052/241] script template --- modules/users/home-shared-modules.nix | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/modules/users/home-shared-modules.nix b/modules/users/home-shared-modules.nix index 00ca57d..12f12cf 100644 --- a/modules/users/home-shared-modules.nix +++ b/modules/users/home-shared-modules.nix @@ -43,6 +43,15 @@ } # Templates { - home.file."Templates/Empty file".text = ""; + home.file = { + "Templates/Empty file".text = ""; + "Templates/Empty bash script".text = '' + #!/usr/bin/env bash + # abort on error, undefined variables + set -eu + # print commands before execution + set -x + ''; + }; } ] From d451f0e5313423b9845f76733ef7d2f484f069f1 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 25 Dec 2023 12:30:11 +0100 Subject: [PATCH 053/241] misc small changes --- modules/desktop/gnome-home.nix | 10 ++++++++-- modules/users/vinzenz.nix | 2 +- vinzenz-pc2.nix | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index ecec1bb..bdc0d1e 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -59,14 +59,20 @@ in { iconTheme.name = "Adwaita"; cursorTheme.name = "Adwaita"; theme = { - name = "adw-gtk3"; + name = "adw-gtk3-dark"; package = pkgs.adw-gtk3; }; }; } (lib.mkIf config.my.tailscale.enable { - home.packages = with pkgs.gnomeExtensions; [tailscale-qs]; + home.packages = with pkgs; + [ + trayscale + ] + ++ (with gnomeExtensions; [ + tailscale-qs + ]); dconf.settings."org/gnome/shell".enabled-extensions = ["tailscale@joaophi.github.com"]; }) ]; diff --git a/modules/users/vinzenz.nix b/modules/users/vinzenz.nix index ac270a6..3c90d2f 100644 --- a/modules/users/vinzenz.nix +++ b/modules/users/vinzenz.nix @@ -12,7 +12,7 @@ in { name = "vinzenz"; description = "Vinzenz Schroeter"; home = "/home/vinzenz"; - extraGroups = ["networkmanager" "wheel" "games"]; + extraGroups = ["networkmanager" "wheel" "games" "dialout"]; shell = pkgs.zsh; }; }; diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index a40a53a..8f0f22e 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -24,7 +24,7 @@ }; users.users.vinzenz.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming" + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ]; }; From d1af4262c36162c74e188df96bebab715b396b89 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 14 Jan 2024 11:37:42 +0100 Subject: [PATCH 054/241] install dotnet on laptop --- vinzenz-lpt.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix index b1dbe8e..347fedd 100644 --- a/vinzenz-lpt.nix +++ b/vinzenz-lpt.nix @@ -15,6 +15,9 @@ enableGaming = true; enablePrinting = true; }; + buildtools = { + dotnet = true; + }; }; users.users.vinzenz.openssh.authorizedKeys.keys = [ From 3aff0c255bb8d90bb26abb0d61f2cd7c37ef2930 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 21 Jan 2024 11:08:18 +0100 Subject: [PATCH 055/241] add xpadneo to gaming --- modules/desktop/gaming.nix | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index 8355621..88b9c6a 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -9,11 +9,16 @@ in { options.my.desktop.enableGaming = lib.mkEnableOption "gaming with wine"; config = lib.mkIf isEnabled { - hardware.opengl = { - driSupport = true; - driSupport32Bit = true; - extraPackages = with pkgs; [mangohud]; - extraPackages32 = with pkgs; [mangohud]; + hardware = { + opengl = { + driSupport = true; + driSupport32Bit = true; + extraPackages = with pkgs; [mangohud]; + extraPackages32 = with pkgs; [mangohud]; + }; + + steam-hardware.enable = true; + xpadneo.enable = true; }; environment.systemPackages = with pkgs; [ @@ -35,8 +40,6 @@ in { }) ]; - hardware.steam-hardware.enable = true; - programs = { xwayland.enable = true; steam = { From 0ce50fb0dee650714a67c681cef6505ca7caaf7d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 5 Feb 2024 21:46:55 +0100 Subject: [PATCH 056/241] add new laptop --- modules/desktop/gnome-home.nix | 1 + modules/hardware/vinzenz-lpt2.nix | 40 +++++++++++++++++++++++++++++++ vinzenz-lpt2.nix | 28 ++++++++++++++++++++++ 3 files changed, 69 insertions(+) create mode 100644 modules/hardware/vinzenz-lpt2.nix create mode 100644 vinzenz-lpt2.nix diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index bdc0d1e..92a3635 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -34,6 +34,7 @@ in { "org/gnome/desktop/interface" = { color-scheme = "prefer-dark"; clock-show-seconds = true; + show-battery-percentage = true; }; "org/gnome/tweaks" = { show-extensions-notice = false; diff --git a/modules/hardware/vinzenz-lpt2.nix b/modules/hardware/vinzenz-lpt2.nix new file mode 100644 index 0000000..5aec4f5 --- /dev/null +++ b/modules/hardware/vinzenz-lpt2.nix @@ -0,0 +1,40 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/e4dad0c8-26a1-45e9-bbd9-48565eb6574e"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + boot.initrd.luks.devices."luks-2c654ff2-3c42-48d3-a1e3-9545679afaa3".device = "/dev/disk/by-uuid/2c654ff2-3c42-48d3-a1e3-9545679afaa3"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/E2B7-2BC1"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix new file mode 100644 index 0000000..9db0074 --- /dev/null +++ b/vinzenz-lpt2.nix @@ -0,0 +1,28 @@ +{...}: { + imports = [ + (import ./modules { + hostName = "vinzenz-lpt2"; + enableHomeManager = true; + }) + ]; + + config = { + my = { + enabledUsers = ["vinzenz"]; + tailscale.enable = true; + desktop = { + enableGnome = true; + enableGaming = true; + enablePrinting = true; + }; + buildtools = { + dotnet = true; + }; + }; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ]; + }; +} From b3f1de1a7dd3887a872f0434c210d473cdd52a5b Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 5 Feb 2024 22:44:35 +0100 Subject: [PATCH 057/241] lp2 config --- modules/desktop/gaming.nix | 10 +---- modules/desktop/gnome-home.nix | 1 + modules/hardware/intel.nix | 14 +++++++ modules/hardware/vinzenz-lpt2.nix | 61 ++++++++++++++----------------- modules/nixpkgs.nix | 2 +- 5 files changed, 45 insertions(+), 43 deletions(-) diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index 88b9c6a..a8715a8 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -29,15 +29,7 @@ in { mangohud vulkan-tools glxinfo - - (lutris.override { - extraPkgs = pkgs: [ - # List package dependencies here - ]; - extraLibraries = pkgs: [ - # List library dependencies here - ]; - }) + lutris ]; programs = { diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index 92a3635..dfe0907 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -25,6 +25,7 @@ in { caffeine appindicator gsconnect + battery-health-charging ]); dconf.settings = { diff --git a/modules/hardware/intel.nix b/modules/hardware/intel.nix index 177ba55..d38b194 100644 --- a/modules/hardware/intel.nix +++ b/modules/hardware/intel.nix @@ -9,6 +9,7 @@ in { options.my.hardware.intel = { cpu = lib.mkEnableOption "intel cpu"; iGpu = lib.mkEnableOption "intel integrated gpu"; + xe = lib.mkEnableOption "intel xe gpu"; }; config = lib.mkMerge [ @@ -35,5 +36,18 @@ in { nvtop-intel ]; }) + (lib.mkIf cfg.xe { + hardware.opengl = { + extraPackages = with pkgs; [ + intel-media-driver + vaapiIntel + vaapiVdpau + libvdpau-va-gl + ]; + }; + environment.systemPackages = with pkgs; [ + nvtop-intel + ]; + }) ]; } diff --git a/modules/hardware/vinzenz-lpt2.nix b/modules/hardware/vinzenz-lpt2.nix index 5aec4f5..a56f735 100644 --- a/modules/hardware/vinzenz-lpt2.nix +++ b/modules/hardware/vinzenz-lpt2.nix @@ -1,40 +1,35 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/e4dad0c8-26a1-45e9-bbd9-48565eb6574e"; - fsType = "btrfs"; - options = [ "subvol=@" ]; +{...}: { + config = { + my.hardware = { + enableCommonDesktopSettings = true; + intel = { + cpu = true; + xe = true; + }; }; - boot.initrd.luks.devices."luks-2c654ff2-3c42-48d3-a1e3-9545679afaa3".device = "/dev/disk/by-uuid/2c654ff2-3c42-48d3-a1e3-9545679afaa3"; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/E2B7-2BC1"; - fsType = "vfat"; + boot.initrd = { + availableKernelModules = ["xhci_pci" "thunderbolt" "nvme"]; + luks.devices = { + "luks-2c654ff2-3c42-48d3-a1e3-9545679afaa3" = { + device = "/dev/disk/by-uuid/2c654ff2-3c42-48d3-a1e3-9545679afaa3"; + }; + }; }; - swapDevices = [ ]; + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/e4dad0c8-26a1-45e9-bbd9-48565eb6574e"; + fsType = "btrfs"; + options = ["subvol=@"]; + }; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + "/boot" = { + device = "/dev/disk/by-uuid/E2B7-2BC1"; + fsType = "vfat"; + }; + }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + swapDevices = []; + }; } diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index fa3d0e4..5f7ae01 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -3,7 +3,7 @@ lib, ... }: let - unstable-commit-sha = "e92039b55bcd58469325ded85d4f58dd5a4eaf58"; + unstable-commit-sha = "e92b6015881907e698782c77641aa49298330223"; ultrastable-commit-sha = "5de0b32be6e85dc1a9404c75131316e4ffbc634c"; in { options.my.allowUnfreePackages = lib.mkOption { From 368596c1e44746758baac1b2037a399598b003dc Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 9 Feb 2024 18:51:59 +0100 Subject: [PATCH 058/241] more settings for new laptop --- modules/desktop/default.nix | 4 ++++ modules/desktop/gnome-home.nix | 19 +++++++++++++------ modules/hardware/vinzenz-lpt2.nix | 2 ++ 3 files changed, 19 insertions(+), 6 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 575b99e..8b01ac2 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -31,6 +31,8 @@ in { # flatpak xdg-portal-kde crashes, otherwise this would be global flatpak.enable = true; + + fstrim.enable = true; }; # Enable sound with pipewire. @@ -106,6 +108,8 @@ in { "rider" "pycharm-professional" "jetbrains-toolbox" + + "anydesk" ]; fonts = { diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index dfe0907..03839a3 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -29,20 +29,24 @@ in { ]); dconf.settings = { - "org/gnome/desktop/peripherals/keyboard" = { - numlock-state = true; - }; "org/gnome/desktop/interface" = { color-scheme = "prefer-dark"; clock-show-seconds = true; show-battery-percentage = true; }; + "org/gnome/mutter" = { + edge-tiling = true; + }; + "org/gnome/desktop/peripherals/keyboard" = { + numlock-state = true; + }; + "org/gnome/desktop/peripherals/touchpad" = { + tap-to-click = true; + two-finger-scrolling-enabled = true; + }; "org/gnome/tweaks" = { show-extensions-notice = false; }; - "ca/desrt/dconf-editor" = { - show-warning = false; - }; "org/gnome/shell" = { disable-user-extensions = false; disabled-extensions = []; @@ -54,6 +58,9 @@ in { "gsconnect@andyholmes.github.io" ]; }; + "ca/desrt/dconf-editor" = { + show-warning = false; + }; }; gtk = { diff --git a/modules/hardware/vinzenz-lpt2.nix b/modules/hardware/vinzenz-lpt2.nix index a56f735..3d86615 100644 --- a/modules/hardware/vinzenz-lpt2.nix +++ b/modules/hardware/vinzenz-lpt2.nix @@ -31,5 +31,7 @@ }; swapDevices = []; + + services.thermald.enable = true; }; } From e7da5bf627bb71afbc9442ba5a0250efc4ecb220 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 9 Feb 2024 18:52:20 +0100 Subject: [PATCH 059/241] add ronja to lp2 --- modules/users/ronja.nix | 2 +- modules/users/vinzenz.nix | 2 +- vinzenz-lpt2.nix | 15 +++++++++++++-- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/modules/users/ronja.nix b/modules/users/ronja.nix index 7917792..8b53c53 100644 --- a/modules/users/ronja.nix +++ b/modules/users/ronja.nix @@ -13,7 +13,7 @@ in { name = "ronja"; description = "Ronja Spiegelberg"; home = "/home/ronja"; - extraGroups = ["networkmanager" "wheel" "games"]; + extraGroups = ["networkmanager" "wheel" "games" "podman"]; shell = pkgs.zsh; }; }; diff --git a/modules/users/vinzenz.nix b/modules/users/vinzenz.nix index 3c90d2f..f93dd78 100644 --- a/modules/users/vinzenz.nix +++ b/modules/users/vinzenz.nix @@ -12,7 +12,7 @@ in { name = "vinzenz"; description = "Vinzenz Schroeter"; home = "/home/vinzenz"; - extraGroups = ["networkmanager" "wheel" "games" "dialout"]; + extraGroups = ["networkmanager" "wheel" "games" "dialout" "podman"]; shell = pkgs.zsh; }; }; diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index 9db0074..08c1f34 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -1,4 +1,4 @@ -{...}: { +{pkgs, ...}: { imports = [ (import ./modules { hostName = "vinzenz-lpt2"; @@ -8,7 +8,7 @@ config = { my = { - enabledUsers = ["vinzenz"]; + enabledUsers = ["vinzenz" "ronja"]; tailscale.enable = true; desktop = { enableGnome = true; @@ -20,9 +20,20 @@ }; }; + environment.systemPackages = with pkgs; [anydesk]; + + virtualisation.podman = { + enable = true; + }; + users.users.vinzenz.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + ]; + + users.users.ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' ]; }; } From a82113d1afdd937022a6a3a7f574ea874b94f814 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 9 Feb 2024 18:52:40 +0100 Subject: [PATCH 060/241] add neofetch globally --- modules/globalinstalls.nix | 1 + modules/server.nix | 5 ----- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix index 4c617d7..b602f99 100644 --- a/modules/globalinstalls.nix +++ b/modules/globalinstalls.nix @@ -14,6 +14,7 @@ screen tldr + neofetch ]; }; diff --git a/modules/server.nix b/modules/server.nix index a3db927..2fb6e40 100644 --- a/modules/server.nix +++ b/modules/server.nix @@ -14,11 +14,6 @@ in { networking.firewall = { enable = true; allowedTCPPortRanges = [ - # { - # # ssh - # from = 22; - # to = 22; - # } ]; }; }; From b900cc337fdee00620dd2c9a42bdad6779c1f057 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 23 Feb 2024 22:27:52 +0100 Subject: [PATCH 061/241] objective c --- modules/buildtools.nix | 31 ++++++++++++++++++++++++++----- 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/modules/buildtools.nix b/modules/buildtools.nix index 5aad730..b9e6406 100644 --- a/modules/buildtools.nix +++ b/modules/buildtools.nix @@ -11,6 +11,7 @@ in { dotnet = lib.mkEnableOption "include dotnet build tools"; rust = lib.mkEnableOption "include rust build tools"; jetbrains-remote-server = lib.mkEnableOption "setup jetbrais IDE installs so -remote-dev-server can be started"; + objective-c = lib.mkEnableOption "Objective-C with GNUStep"; }; config = lib.mkMerge [ @@ -30,7 +31,8 @@ in { systemPackages = with pkgs; [ dotnet-sdk_8 - zlib zlib.dev + zlib + zlib.dev openssl icu ]; @@ -56,10 +58,29 @@ in { pycharm-professional ]; my.allowUnfreePackages = [ - "rider" - "clion" - "pycharm-professional" - ]; + "rider" + "clion" + "pycharm-professional" + ]; + }) + (lib.mkIf cfg.objective-c { + environment.systemPackages = + (with pkgs.gnustep; [ + gui + make + gorm + base + back + system_preferences + projectcenter + libobjc + gworkspace + ]) + ++ (with pkgs; [ + clang-tools + clang + gnumake + ]); }) ]; } From 6911d314f41f9f4de915b40ea4e4e0a74b77cbc2 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 23 Feb 2024 22:30:00 +0100 Subject: [PATCH 062/241] more gnome settins --- modules/desktop/gnome-home.nix | 7 +++++++ modules/users/vinzenz-home.nix | 5 ----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index 03839a3..d2156d8 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -36,6 +36,7 @@ in { }; "org/gnome/mutter" = { edge-tiling = true; + dynamic-workspaces = true; }; "org/gnome/desktop/peripherals/keyboard" = { numlock-state = true; @@ -61,6 +62,12 @@ in { "ca/desrt/dconf-editor" = { show-warning = false; }; + "org/gnome/desktop/wm/keybindings" = { + switch-windows = ["Tab"]; + switch-windows-backward = ["Tab"]; + switch-applications = ["Tab"]; + switch-applications-backward = ["Tab"]; + }; }; gtk = { diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index ade07e8..a7c1abd 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -172,9 +172,4 @@ in }; }; } - (lib.mkIf isGnomeEnabled { - home.packages = with pkgs; [ - fractal - ]; - }) ] From 648c853e7cf2596f94b98ac45c69c87afe3124ac Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 23 Feb 2024 22:30:43 +0100 Subject: [PATCH 063/241] deduplicate driver code --- modules/hardware/intel.nix | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/modules/hardware/intel.nix b/modules/hardware/intel.nix index d38b194..2c51461 100644 --- a/modules/hardware/intel.nix +++ b/modules/hardware/intel.nix @@ -17,7 +17,7 @@ in { boot.kernelModules = ["kvm-intel"]; hardware.cpu.intel.updateMicrocode = true; }) - (lib.mkIf cfg.iGpu { + (lib.mkIf (cfg.iGpu || cfg.xe) { hardware.opengl = { extraPackages = with pkgs; [ intel-media-driver @@ -36,18 +36,5 @@ in { nvtop-intel ]; }) - (lib.mkIf cfg.xe { - hardware.opengl = { - extraPackages = with pkgs; [ - intel-media-driver - vaapiIntel - vaapiVdpau - libvdpau-va-gl - ]; - }; - environment.systemPackages = with pkgs; [ - nvtop-intel - ]; - }) ]; } From fbacdee5781bb2b777880c9ff9a9985dfb747554 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 23 Feb 2024 22:31:46 +0100 Subject: [PATCH 064/241] a big mess of specific service config --- .gitignore | 1 + modules/hardware/vinzenz-lpt2.nix | 7 ++- vinzenz-lpt2.nix | 98 +++++++++++++++++++++++++++++++ 3 files changed, 105 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 8e21b1d..d3f13a7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ .directory result +secrets diff --git a/modules/hardware/vinzenz-lpt2.nix b/modules/hardware/vinzenz-lpt2.nix index 3d86615..2f296c4 100644 --- a/modules/hardware/vinzenz-lpt2.nix +++ b/modules/hardware/vinzenz-lpt2.nix @@ -30,7 +30,12 @@ }; }; - swapDevices = []; + swapDevices = [ + { + device = "/var/lib/swapfile"; + size = 32 * 1024; + } + ]; services.thermald.enable = true; }; diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index 08c1f34..cc9fe02 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -17,7 +17,14 @@ }; buildtools = { dotnet = true; + #objective-c = true; }; + + allowUnfreePackages = [ + "rider" + "clion" + "pycharm-professional" + ]; }; environment.systemPackages = with pkgs; [anydesk]; @@ -35,5 +42,96 @@ users.users.ronja.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' ]; + + # TODO: move to own module + services.openvscode-server = { + enable = true; + telemetryLevel = "off"; + port = 8542; + host = "127.0.0.1"; + extraPackages = with pkgs; [nodejs]; + }; + + services.nginx = { + enable = true; + virtualHosts = { + "vscode" = { + serverName = "vinzenz-lpt2"; + locations = { + "/" = { + proxyPass = "http://127.0.0.1:8542"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + ''; + }; + }; + + listen = [ + { + addr = "0.0.0.0"; + port = 5000; + ssl = true; + } + ]; + + serverAliases = ["localhost" "vinzenz-lpt2.lan"]; + addSSL = true; + sslCertificateKey = "/etc/nginx-secrets/nginx-selfsigned.key"; + sslCertificate = "/etc/nginx-secrets/nginx-selfsigned.crt"; + }; + "app" = { + serverName = "vinzenz-lpt2"; + locations = { + "/" = { + proxyPass = "http://127.0.0.1:3000/"; + }; + }; + + listen = [ + { + addr = "0.0.0.0"; + port = 5001; + ssl = true; + } + ]; + + serverAliases = ["localhost" "vinzenz-lpt2.lan"]; + addSSL = true; + sslCertificateKey = "/etc/nginx-secrets/nginx-selfsigned.key"; + sslCertificate = "/etc/nginx-secrets/nginx-selfsigned.crt"; + }; + "api" = { + serverName = "vinzenz-lpt2"; + locations = { + "/" = { + proxyPass = "http://127.0.0.1:3002/"; + }; + }; + + listen = [ + { + addr = "0.0.0.0"; + port = 5002; + ssl = true; + } + ]; + + serverAliases = ["localhost" "vinzenz-lpt2.lan"]; + addSSL = true; + sslCertificateKey = "/etc/nginx-secrets/nginx-selfsigned.key"; + sslCertificate = "/etc/nginx-secrets/nginx-selfsigned.crt"; + }; + }; + }; + + networking.firewall.allowedTCPPortRanges = [ + { + from = 5000; + to = 5005; + } + ]; }; } From 07a9c7a7f7c3c4037ffcac4fefb6a321796aa3cd Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 1 Mar 2024 17:39:37 +0100 Subject: [PATCH 065/241] add new key for lpt2 --- hetzner-vpn1.nix | 1 + vinzenz-pc2.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index e1e73ad..f31a445 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -17,6 +17,7 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' ]; }; } diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index 8f0f22e..d22319d 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -26,6 +26,7 @@ users.users.vinzenz.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' ]; }; } From 4f1138c9e33a74a2986ca03fbb45a78e4cceb0cf Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 12:09:21 +0100 Subject: [PATCH 066/241] WIP route traffic from vpn1 to other nodes --- hetzner-vpn1.nix | 55 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index f31a445..b6a9e56 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -19,5 +19,60 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' ]; + + security.acme = { + acceptTerms = true; + defaults.email = "acme@zerforschen.plus"; + }; + + services.nginx = { + enable = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = { + "vscode.services.zerforschen.plus" = { + addSSL = true; + enableACME = true; + locations."/" = { + extraConfig = '' + #proxy_set_header Host vinzenz-lpt2.donkey-pentatonic.ts.net; + proxy_ssl_verify = false; + ''; + proxyPass = "https://vinzenz-lpt2.donkey-pentatonic.ts.net:8542/"; + proxyWebsockets = true; + }; + }; + + "preon-app.services.zerforschen.plus" = { + enableACME = true; + addSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:3000/"; + }; + }; + + "preon-api.services.zerforschen.plus" = { + enableACME = true; + addSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:3002/"; + }; + }; + }; + }; + + networking.firewall = { + checkReversePath = "loose"; + allowedTCPPortRanges = [ + { + from = 5000; + to = 5005; + } + ]; + allowedTCPPorts = [80 443]; + }; }; } From 3945a335b12ed6a33b606904be17e21f3795031a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 13:02:14 +0100 Subject: [PATCH 067/241] simplify firewall config --- hetzner-vpn1.nix | 12 +----------- modules/default.nix | 6 +++++- modules/desktop/default.nix | 1 - modules/desktop/gaming.nix | 9 +++------ modules/server.nix | 20 -------------------- 5 files changed, 9 insertions(+), 39 deletions(-) delete mode 100644 modules/server.nix diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index b6a9e56..c534929 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -9,7 +9,6 @@ config = { my = { enabledUsers = []; - server.enable = true; tailscale.enable = true; }; @@ -64,15 +63,6 @@ }; }; - networking.firewall = { - checkReversePath = "loose"; - allowedTCPPortRanges = [ - { - from = 5000; - to = 5005; - } - ]; - allowedTCPPorts = [80 443]; - }; + networking.firewall.allowedTCPPorts = [80 443]; }; } diff --git a/modules/default.nix b/modules/default.nix index b6f047d..f794bcf 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -4,7 +4,6 @@ modulesCfg: {lib, ...}: { ./i18n.nix ./nixpkgs.nix ./globalinstalls.nix - ./server.nix ./sshd.nix ./tailscale.nix ./buildtools.nix @@ -17,5 +16,10 @@ modulesCfg: {lib, ...}: { config = { my.modulesCfg = modulesCfg; + + networking.firewall = { + enable = true; + checkReversePath = "loose"; + }; }; } diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 8b01ac2..005a210 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -59,7 +59,6 @@ in { networkmanager.enable = true; firewall = { - enable = true; allowedTCPPortRanges = [ { # KDE Connect / gsconnect diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index a8715a8..5015ca2 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -41,12 +41,9 @@ in { }; }; - networking.firewall.allowedUDPPortRanges = [ - { - # Factorio - from = 34197; - to = 34197; - } + networking.firewall.allowedUDPPorts = [ + # Factorio + 34197 ]; my.allowUnfreePackages = [ diff --git a/modules/server.nix b/modules/server.nix deleted file mode 100644 index 2fb6e40..0000000 --- a/modules/server.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - cfg = config.my.server; -in { - options.my.server = { - enable = lib.mkEnableOption "server role"; - }; - - config = lib.mkIf cfg.enable { - networking.firewall = { - enable = true; - allowedTCPPortRanges = [ - ]; - }; - }; -} From c94e085e666f6ab88d8828251cde20837f19a6b4 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 13:05:41 +0100 Subject: [PATCH 068/241] vscode works now --- hetzner-vpn1.nix | 5 ++- vinzenz-lpt2.nix | 86 +++--------------------------------------------- 2 files changed, 6 insertions(+), 85 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index c534929..7889803 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -37,10 +37,9 @@ enableACME = true; locations."/" = { extraConfig = '' - #proxy_set_header Host vinzenz-lpt2.donkey-pentatonic.ts.net; - proxy_ssl_verify = false; + proxy_bind 100.88.118.60; ''; - proxyPass = "https://vinzenz-lpt2.donkey-pentatonic.ts.net:8542/"; + proxyPass = "http://vinzenz-lpt2:8542/"; proxyWebsockets = true; }; }; diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index cc9fe02..b52771d 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -43,95 +43,17 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' ]; - # TODO: move to own module services.openvscode-server = { enable = true; telemetryLevel = "off"; port = 8542; - host = "127.0.0.1"; + host = "100.103.93.126"; # tailscale extraPackages = with pkgs; [nodejs]; }; - services.nginx = { - enable = true; - virtualHosts = { - "vscode" = { - serverName = "vinzenz-lpt2"; - locations = { - "/" = { - proxyPass = "http://127.0.0.1:8542"; - extraConfig = '' - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_set_header Host $host; - ''; - }; - }; - - listen = [ - { - addr = "0.0.0.0"; - port = 5000; - ssl = true; - } - ]; - - serverAliases = ["localhost" "vinzenz-lpt2.lan"]; - addSSL = true; - sslCertificateKey = "/etc/nginx-secrets/nginx-selfsigned.key"; - sslCertificate = "/etc/nginx-secrets/nginx-selfsigned.crt"; - }; - "app" = { - serverName = "vinzenz-lpt2"; - locations = { - "/" = { - proxyPass = "http://127.0.0.1:3000/"; - }; - }; - - listen = [ - { - addr = "0.0.0.0"; - port = 5001; - ssl = true; - } - ]; - - serverAliases = ["localhost" "vinzenz-lpt2.lan"]; - addSSL = true; - sslCertificateKey = "/etc/nginx-secrets/nginx-selfsigned.key"; - sslCertificate = "/etc/nginx-secrets/nginx-selfsigned.crt"; - }; - "api" = { - serverName = "vinzenz-lpt2"; - locations = { - "/" = { - proxyPass = "http://127.0.0.1:3002/"; - }; - }; - - listen = [ - { - addr = "0.0.0.0"; - port = 5002; - ssl = true; - } - ]; - - serverAliases = ["localhost" "vinzenz-lpt2.lan"]; - addSSL = true; - sslCertificateKey = "/etc/nginx-secrets/nginx-selfsigned.key"; - sslCertificate = "/etc/nginx-secrets/nginx-selfsigned.crt"; - }; - }; + networking.firewall = { + checkReversePath = "loose"; + allowedTCPPorts = [8542]; }; - - networking.firewall.allowedTCPPortRanges = [ - { - from = 5000; - to = 5005; - } - ]; }; } From 2ff6ddc89fd084f1756fae281e37fcd25c3280c6 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 13:11:01 +0100 Subject: [PATCH 069/241] more frequent nix gc --- modules/nixpkgs.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index 5f7ae01..231996e 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -46,8 +46,8 @@ in { nix.gc = { automatic = true; - dates = "monthly"; - options = "--delete-older-than 30d"; + dates = "daily"; + options = "--delete-older-than 7d"; }; documentation = { From 4439c7f9de84ea8fe915b852c6c6823df1d45fb3 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 13:18:05 +0100 Subject: [PATCH 070/241] wip pam auth --- hetzner-vpn1.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 7889803..67e7b9b 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -24,8 +24,15 @@ defaults.email = "acme@zerforschen.plus"; }; + security.pam.services.nginx.setEnvironment = false; + systemd.services.nginx.serviceConfig = { + SupplementaryGroups = ["shadow"]; + }; + services.nginx = { enable = true; + additionalModules = [pkgs.nginxModules.pam]; + recommendedProxySettings = true; recommendedTlsSettings = true; recommendedGzipSettings = true; @@ -37,9 +44,12 @@ enableACME = true; locations."/" = { extraConfig = '' + # bind to tailscale ip proxy_bind 100.88.118.60; + auth_pam "Password Required"; + auth_pam_service_name "nginx"; ''; - proxyPass = "http://vinzenz-lpt2:8542/"; + proxyPass = "http://vinzenz-lpt2:8542/"; #tailscale magic dns proxyWebsockets = true; }; }; From c93aa33aebccf0e05423f71160da873f587c5141 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 13:26:32 +0100 Subject: [PATCH 071/241] no connection token for vscode --- vinzenz-lpt2.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index b52771d..9e5ec12 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -48,6 +48,7 @@ telemetryLevel = "off"; port = 8542; host = "100.103.93.126"; # tailscale + withoutConnectionToken = true; extraPackages = with pkgs; [nodejs]; }; From 2a0f184fac2e0d292385b152b296a276ef5765cb Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 13:27:17 +0100 Subject: [PATCH 072/241] pam auth works now --- hetzner-vpn1.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 67e7b9b..4f3f751 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -1,4 +1,4 @@ -{...}: { +{pkgs, ...}: { imports = [ (import ./modules { hostName = "hetzner-vpn1"; @@ -8,7 +8,7 @@ config = { my = { - enabledUsers = []; + enabledUsers = ["ronja" "vinzenz"]; tailscale.enable = true; }; From 84657bb2a842aa77d34c4c2c5277e09be243543d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 13:46:13 +0100 Subject: [PATCH 073/241] dry services config --- hetzner-vpn1.nix | 58 ++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 31 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 4f3f751..5a3f648 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -1,4 +1,24 @@ -{pkgs, ...}: { +{ + pkgs, + lib, + ... +}: let + servicesDomain = "services.zerforschen.plus"; + mkServiceConfig = port: { + addSSL = true; + enableACME = true; + locations."/" = { + extraConfig = '' + # bind to tailscale ip + proxy_bind 100.88.118.60; + # pam auth + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + ''; + proxyPass = "http://vinzenz-lpt2.donkey-pentatonic.ts.net:${toString port}/"; + }; + }; +in { imports = [ (import ./modules { hostName = "hetzner-vpn1"; @@ -39,36 +59,12 @@ recommendedOptimisation = true; virtualHosts = { - "vscode.services.zerforschen.plus" = { - addSSL = true; - enableACME = true; - locations."/" = { - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - ''; - proxyPass = "http://vinzenz-lpt2:8542/"; #tailscale magic dns - proxyWebsockets = true; - }; - }; - - "preon-app.services.zerforschen.plus" = { - enableACME = true; - addSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:3000/"; - }; - }; - - "preon-api.services.zerforschen.plus" = { - enableACME = true; - addSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:3002/"; - }; - }; + "preon-app.${servicesDomain}" = mkServiceConfig 8541; + "preon-api.${servicesDomain}" = mkServiceConfig 8542; + "vscode.${servicesDomain}" = lib.mkMerge [ + (mkServiceConfig 8543) + {locations."/" .proxyWebsockets = true;} + ]; }; }; From 1cf414683be4c239995c77cf8425d4c05d1eb109 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 2 Mar 2024 13:54:39 +0100 Subject: [PATCH 074/241] hostname parameter --- hetzner-vpn1.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 5a3f648..f6c355e 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -4,7 +4,7 @@ ... }: let servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = port: { + mkServiceConfig = host: port: { addSSL = true; enableACME = true; locations."/" = { @@ -15,9 +15,10 @@ auth_pam "Password Required"; auth_pam_service_name "nginx"; ''; - proxyPass = "http://vinzenz-lpt2.donkey-pentatonic.ts.net:${toString port}/"; + proxyPass = "http://${host}:${toString port}/"; }; }; + lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; in { imports = [ (import ./modules { @@ -59,10 +60,10 @@ in { recommendedOptimisation = true; virtualHosts = { - "preon-app.${servicesDomain}" = mkServiceConfig 8541; - "preon-api.${servicesDomain}" = mkServiceConfig 8542; + "preon-app.${servicesDomain}" = mkServiceConfig lpt2 8541; + "preon-api.${servicesDomain}" = mkServiceConfig lpt2 8542; "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig 8543) + (mkServiceConfig lpt2 8543) {locations."/" .proxyWebsockets = true;} ]; }; From d17023aa899cfdda46d4567c22e255204cfe43ef Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 3 Mar 2024 12:45:55 +0100 Subject: [PATCH 075/241] fix ports --- hetzner-vpn1.nix | 6 +++--- vinzenz-lpt2.nix | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index f6c355e..6da1829 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -60,12 +60,12 @@ in { recommendedOptimisation = true; virtualHosts = { - "preon-app.${servicesDomain}" = mkServiceConfig lpt2 8541; - "preon-api.${servicesDomain}" = mkServiceConfig lpt2 8542; "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig lpt2 8543) + (mkServiceConfig lpt2 8542) {locations."/" .proxyWebsockets = true;} ]; + "preon-app.${servicesDomain}" = mkServiceConfig lpt2 8543; + "preon-api.${servicesDomain}" = mkServiceConfig lpt2 8544; }; }; diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index 9e5ec12..4cb89df 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -54,7 +54,7 @@ networking.firewall = { checkReversePath = "loose"; - allowedTCPPorts = [8542]; + allowedTCPPorts = [8542 8543 8544]; }; }; } From 91f5f886d73000964952627d0e7d26676edef79c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 9 Mar 2024 13:36:43 +0100 Subject: [PATCH 076/241] move vscode server to pc2 --- vinzenz-lpt2.nix | 14 -------------- vinzenz-pc2.nix | 15 ++++++++++++++- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index 4cb89df..9f57054 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -42,19 +42,5 @@ users.users.ronja.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' ]; - - services.openvscode-server = { - enable = true; - telemetryLevel = "off"; - port = 8542; - host = "100.103.93.126"; # tailscale - withoutConnectionToken = true; - extraPackages = with pkgs; [nodejs]; - }; - - networking.firewall = { - checkReversePath = "loose"; - allowedTCPPorts = [8542 8543 8544]; - }; }; } diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index d22319d..2a49309 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -1,4 +1,4 @@ -{...}: { +{pkgs, ...}: { imports = [ (import ./modules { hostName = "vinzenz-pc2"; @@ -28,5 +28,18 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' ]; + + services.openvscode-server = { + enable = true; + telemetryLevel = "off"; + port = 8542; + host = "100.125.93.127"; # tailscale + withoutConnectionToken = true; + extraPackages = with pkgs; [nodejs gitFull gh]; + }; + + networking.firewall = { + allowedTCPPorts = [8542 8543 8544]; + }; }; } From ac7b33374155f237f0c857e31275d9bedaa46f1a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 9 Mar 2024 13:43:27 +0100 Subject: [PATCH 077/241] route domains to new service location --- hetzner-vpn1.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 6da1829..b476138 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -8,6 +8,7 @@ addSSL = true; enableACME = true; locations."/" = { + proxyPass = "http://${host}:${toString port}/"; extraConfig = '' # bind to tailscale ip proxy_bind 100.88.118.60; @@ -15,10 +16,10 @@ auth_pam "Password Required"; auth_pam_service_name "nginx"; ''; - proxyPass = "http://${host}:${toString port}/"; }; }; lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; + pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; in { imports = [ (import ./modules { @@ -61,10 +62,10 @@ in { virtualHosts = { "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig lpt2 8542) + (mkServiceConfig pc2 8542) {locations."/" .proxyWebsockets = true;} ]; - "preon-app.${servicesDomain}" = mkServiceConfig lpt2 8543; + "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; "preon-api.${servicesDomain}" = mkServiceConfig lpt2 8544; }; }; From 1bc68837d329a55885958ee6e2b488cc02da9322 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 9 Mar 2024 13:44:26 +0100 Subject: [PATCH 078/241] CORS requests are allowed without basic auth --- hetzner-vpn1.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index b476138..010f781 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -13,8 +13,10 @@ # bind to tailscale ip proxy_bind 100.88.118.60; # pam auth - auth_pam "Password Required"; - auth_pam_service_name "nginx"; + limit_except OPTIONS { + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + } ''; }; }; From d4289402997abc296532ff58de16be8c0cf27f09 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 9 Mar 2024 14:08:14 +0100 Subject: [PATCH 079/241] route preon api to pc2 --- hetzner-vpn1.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index 010f781..fda6b56 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -68,7 +68,7 @@ in { {locations."/" .proxyWebsockets = true;} ]; "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; - "preon-api.${servicesDomain}" = mkServiceConfig lpt2 8544; + "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; }; }; From 99f553a4c6aa15a181874d8a43e4d057e2d8776c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 9 Mar 2024 17:56:02 +0100 Subject: [PATCH 080/241] js, wip net native aot --- modules/buildtools.nix | 32 ++++++++++++++++++++++++++++++-- modules/desktop/default.nix | 37 +++++++++++++++++++++++++++---------- modules/nixpkgs.nix | 4 ++-- vinzenz-lpt2.nix | 1 + 4 files changed, 60 insertions(+), 14 deletions(-) diff --git a/modules/buildtools.nix b/modules/buildtools.nix index b9e6406..c73337c 100644 --- a/modules/buildtools.nix +++ b/modules/buildtools.nix @@ -5,6 +5,9 @@ ... }: let cfg = config.my.buildtools; + dotnetPackage = with pkgs; (dotnetCorePackages.combinePackages [ + dotnet-sdk_8 + ]); in { options.my.buildtools = { native = lib.mkEnableOption "include native build tools"; @@ -12,6 +15,7 @@ in { rust = lib.mkEnableOption "include rust build tools"; jetbrains-remote-server = lib.mkEnableOption "setup jetbrais IDE installs so -remote-dev-server can be started"; objective-c = lib.mkEnableOption "Objective-C with GNUStep"; + js = lib.mkEnableOption "node stuff"; }; config = lib.mkMerge [ @@ -22,24 +26,43 @@ in { gnumake gcc gdb - llvmPackages_latest.llvm + llvmPackages.llvm llvmPackages.clangUseLLVM ]; }) (lib.mkIf cfg.dotnet { environment = { systemPackages = with pkgs; [ - dotnet-sdk_8 + unstable.jetbrains.jdk + unstable.jetbrains.rider + + dotnetPackage zlib zlib.dev openssl icu + icu.dev + + # native aot + gcc + libunwind ]; variables = { DOTNET_CLI_TELEMETRY_OPTOUT = "1"; }; }; + programs.nix-ld.libraries = with pkgs; [ + # native aot + libunwind + icu + zlib + zlib.dev + openssl + icu + icu.dev + dotnetPackage + ]; }) (lib.mkIf cfg.rust { environment.systemPackages = with pkgs; [ @@ -82,5 +105,10 @@ in { gnumake ]); }) + (lib.mkIf cfg.js { + environment.systemPackages = with pkgs; [ + nodejs + ]; + }) ]; } diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 005a210..923be0f 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -53,6 +53,25 @@ in { enable = true; languagePacks = ["en-US" "de"]; }; + nix-ld = { + enable = true; + libraries = with pkgs; [ + stdenv.cc.cc + zlib + zstd + curl + openssl + attr + libssh + bzip2 + libxml2 + acl + libsodium + util-linux + xz + systemd + ]; + }; }; networking = { @@ -86,17 +105,15 @@ in { ''; }; - environment = { - systemPackages = with pkgs; [ - lm_sensors + environment.systemPackages = with pkgs; [ + lm_sensors - # office - libreoffice-qt - hunspell - hunspellDicts.de-de - hunspellDicts.en-us-large - ]; - }; + # office + libreoffice-qt + hunspell + hunspellDicts.de-de + hunspellDicts.en-us-large + ]; nixpkgs.config.permittedInsecurePackages = []; diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index 231996e..6f282ae 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -3,8 +3,8 @@ lib, ... }: let - unstable-commit-sha = "e92b6015881907e698782c77641aa49298330223"; - ultrastable-commit-sha = "5de0b32be6e85dc1a9404c75131316e4ffbc634c"; + unstable-commit-sha = "9df3e30ce24fd28c7b3e2de0d986769db5d6225d"; + ultrastable-commit-sha = "2be119add7b37dc535da2dd4cba68e2cf8d1517e"; in { options.my.allowUnfreePackages = lib.mkOption { type = lib.types.listOf lib.types.str; diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index 9f57054..b41fcd2 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -18,6 +18,7 @@ buildtools = { dotnet = true; #objective-c = true; + js = true; }; allowUnfreePackages = [ From 1ef2f2c4646a170ea87883bf813166d265a04c26 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 9 Mar 2024 18:11:59 +0100 Subject: [PATCH 081/241] ide only on desktop, remove llvm --- modules/buildtools.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/modules/buildtools.nix b/modules/buildtools.nix index c73337c..da1bd30 100644 --- a/modules/buildtools.nix +++ b/modules/buildtools.nix @@ -26,16 +26,11 @@ in { gnumake gcc gdb - llvmPackages.llvm - llvmPackages.clangUseLLVM ]; }) (lib.mkIf cfg.dotnet { environment = { systemPackages = with pkgs; [ - unstable.jetbrains.jdk - unstable.jetbrains.rider - dotnetPackage zlib @@ -64,6 +59,14 @@ in { dotnetPackage ]; }) + (lib.mkIf (cfg.dotnet || config.my.desktop.enable) { + environment = { + systemPackages = with pkgs; [ + unstable.jetbrains.jdk + unstable.jetbrains.rider + ]; + }; + }) (lib.mkIf cfg.rust { environment.systemPackages = with pkgs; [ cargo From 7e331074b02d97de3e66a260155364040a094b5d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 17 Mar 2024 09:18:44 +0100 Subject: [PATCH 082/241] high res boot menu --- modules/hardware/common-desktop.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/modules/hardware/common-desktop.nix b/modules/hardware/common-desktop.nix index a427d18..c0e3d6f 100644 --- a/modules/hardware/common-desktop.nix +++ b/modules/hardware/common-desktop.nix @@ -16,13 +16,16 @@ in { initrd.supportedFilesystems = ["btrfs"]; consoleLogLevel = 0; initrd.verbose = false; + plymouth.enable = true; loader = { - systemd-boot.enable = true; timeout = 3; efi.canTouchEfiVariables = true; + systemd-boot = { + enable = true; + editor = false; # do not allow changing kernel parameters + consoleMode = "max"; + }; }; - - plymouth.enable = true; }; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking From 88d86b149e10281c98c4524f86f90d678002125c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 19 Apr 2024 12:27:51 +0200 Subject: [PATCH 083/241] add some packages --- modules/desktop/default.nix | 2 ++ modules/desktop/gnome-home.nix | 1 + modules/users/vinzenz-home.nix | 2 +- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 923be0f..f6df893 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -113,6 +113,8 @@ in { hunspell hunspellDicts.de-de hunspellDicts.en-us-large + + gnumake ]; nixpkgs.config.permittedInsecurePackages = []; diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index d2156d8..fd5d4d1 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -16,6 +16,7 @@ in { gnome-builder meld simple-scan + pinta ] ++ (with gnome; [ dconf-editor diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index a7c1abd..d099ad5 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -32,7 +32,6 @@ in home-manager.enable = true; fzf.enable = true; - mangohud.enable = true; zsh = { initExtra = '' @@ -97,6 +96,7 @@ in mhutchie.git-graph rust-lang.rust-analyzer bungcip.better-toml + llvm-vs-code-extensions.vscode-clangd ]; userSettings = { "git.autofetch" = true; From b01a072cc91b587fd614cf88c65d2bcee8c12a9a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 May 2024 13:02:12 +0200 Subject: [PATCH 084/241] add ferral gamemode --- modules/desktop/gaming.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/desktop/gaming.nix b/modules/desktop/gaming.nix index 5015ca2..81e4011 100644 --- a/modules/desktop/gaming.nix +++ b/modules/desktop/gaming.nix @@ -39,6 +39,7 @@ in { remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; }; + gamemode.enable = true; }; networking.firewall.allowedUDPPorts = [ From 96483fbaefdda6130a34575908e6e749f776cccd Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 May 2024 13:02:32 +0200 Subject: [PATCH 085/241] enable fwupd on desktops --- modules/hardware/common-desktop.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/modules/hardware/common-desktop.nix b/modules/hardware/common-desktop.nix index c0e3d6f..05047a2 100644 --- a/modules/hardware/common-desktop.nix +++ b/modules/hardware/common-desktop.nix @@ -36,10 +36,13 @@ in { # networking.interfaces.eno1.useDHCP = lib.mkDefault true; # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true; - hardware.enableRedistributableFirmware = true; + hardware = { + enableRedistributableFirmware = true; + bluetooth.enable = true; + }; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.bluetooth.enable = true; + services.fwupd.enable = true; }; } From cca472cf1251fa90d9de6849b1ccd48e1acb0e82 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 May 2024 15:35:04 +0200 Subject: [PATCH 086/241] enable bolt for thunderbolt security --- modules/hardware/vinzenz-lpt2.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/hardware/vinzenz-lpt2.nix b/modules/hardware/vinzenz-lpt2.nix index 2f296c4..d220276 100644 --- a/modules/hardware/vinzenz-lpt2.nix +++ b/modules/hardware/vinzenz-lpt2.nix @@ -38,5 +38,6 @@ ]; services.thermald.enable = true; + services.hardware.bolt.enable = true; # thunderbolt security }; } From 5ab99e7d607016519fc0f5d95ecc8204d9060dc5 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 May 2024 15:35:19 +0200 Subject: [PATCH 087/241] ssh_config --- modules/users/vinzenz-home.nix | 50 +++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index d099ad5..155708b 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -140,7 +140,7 @@ in ]; }; - eza = { + eza = { enable = true; git = true; icons = true; @@ -152,6 +152,54 @@ in }; # checked https://rycee.gitlab.io/home-manager/options.html until "programs.notmuch" + + ssh = { + enable = true; + matchBlocks = { + "vpn1" = { + host = "vpn1 hetzner-vpn1"; + hostname = "157.90.146.125"; # 2a01:4f8:c012:7137::/64 + user = "root"; + }; + "vpn1-ts" = { + host = "vpn1-ts hetzner-vpn1.donkey-pentatonic.ts.net"; + hostname = "hetzner-vpn1.donkey-pentatonic.ts.net"; + user = "root"; + }; + "openwrt" = { + host = "openwrt openwrt.lan"; + hostname = "openwrt.lan"; + user = "root"; + }; + "openwrt-ts" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + port = 2222; + user = "root"; + }; + "openwrt-j" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + proxyJump = "vpn1"; + port = 2222; + user = "root"; + }; + "pc2-power" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + proxyJump = "vpn1"; + port = 2222; + user = "pc2-power"; + }; + "avd-power" = { + # hostname = "2001:678:560:23:9833:63ff:fe2d:f477" + # hostname = "195.160.172.25"; + hostname = "avd-jumphost.club.berlin.ccc.de"; + user = "power"; + }; + "avd" = { + hostname = "avd.club.berlin.ccc.de"; + user = "vinzenz"; + }; + }; + }; }; editorconfig = { From 3b72d80fb7b339294dd43a2e95d6c1c45f4b508a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 May 2024 15:49:00 +0200 Subject: [PATCH 088/241] extended ssh keys for vpn1 --- hetzner-vpn1.nix | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/hetzner-vpn1.nix b/hetzner-vpn1.nix index fda6b56..7a06a07 100644 --- a/hetzner-vpn1.nix +++ b/hetzner-vpn1.nix @@ -36,12 +36,23 @@ in { tailscale.enable = true; }; - users.users.root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + ]; + }; security.acme = { acceptTerms = true; From 18ecc85b770e0c811aeb9440def6304865b1a718 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 25 May 2024 11:23:22 +0200 Subject: [PATCH 089/241] update build tools --- modules/buildtools.nix | 71 +++++++++++++++++++++--------------------- vinzenz-lpt2.nix | 3 +- 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/modules/buildtools.nix b/modules/buildtools.nix index da1bd30..bcb260b 100644 --- a/modules/buildtools.nix +++ b/modules/buildtools.nix @@ -5,7 +5,8 @@ ... }: let cfg = config.my.buildtools; - dotnetPackage = with pkgs; (dotnetCorePackages.combinePackages [ + isDesktop = config.my.desktop.enable; + dotnetPackage = with pkgs.unstable; (dotnetCorePackages.combinePackages [ dotnet-sdk_8 ]); in { @@ -16,18 +17,20 @@ in { jetbrains-remote-server = lib.mkEnableOption "setup jetbrais IDE installs so -remote-dev-server can be started"; objective-c = lib.mkEnableOption "Objective-C with GNUStep"; js = lib.mkEnableOption "node stuff"; + android = lib.mkEnableOption "android development"; + python = lib.mkEnableOption "generic python 3"; }; config = lib.mkMerge [ - (lib.mkIf cfg.native - { - environment.systemPackages = with pkgs; [ - cmake - gnumake - gcc - gdb - ]; - }) + (lib.mkIf cfg.native { + environment.systemPackages = with pkgs; [ + cmake + gnumake + gcc + gdb + ]; + }) + (lib.mkIf cfg.dotnet { environment = { systemPackages = with pkgs; [ @@ -59,37 +62,28 @@ in { dotnetPackage ]; }) - (lib.mkIf (cfg.dotnet || config.my.desktop.enable) { - environment = { - systemPackages = with pkgs; [ - unstable.jetbrains.jdk - unstable.jetbrains.rider - ]; - }; + + (lib.mkIf cfg.js { + environment.systemPackages = with pkgs; [ + nodejs + ]; }) + (lib.mkIf cfg.rust { environment.systemPackages = with pkgs; [ - cargo - rustc - rustfmt - clippy - cargo-generate + rustup + musl ]; }) + (lib.mkIf cfg.jetbrains-remote-server { - environment.systemPackages = with pkgs.jetbrains; [ - jdk # required for all of them - rider - clion - pycharm-professional - ]; - my.allowUnfreePackages = [ - "rider" - "clion" - "pycharm-professional" - ]; + my.buildtools.dotnet = true; + my.buildtools.native = true; + my.buildtools.python = true; }) + (lib.mkIf cfg.objective-c { + my.buildtools.native = true; environment.systemPackages = (with pkgs.gnustep; [ gui @@ -105,13 +99,18 @@ in { ++ (with pkgs; [ clang-tools clang - gnumake ]); }) - (lib.mkIf cfg.js { + + (lib.mkIf cfg.android { environment.systemPackages = with pkgs; [ - nodejs + android-tools + android-udev-rules ]; }) + + (lib.mkIf cfg.python { + environment.systemPackages = with pkgs; [python3 python3Packages.pip]; + }) ]; } diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index b41fcd2..086c185 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -17,8 +17,9 @@ }; buildtools = { dotnet = true; - #objective-c = true; js = true; + rust = true; + native = true; }; allowUnfreePackages = [ From c4a99e93ed0f1f823701a9dc08c0bdd281763253 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 25 May 2024 11:24:00 +0200 Subject: [PATCH 090/241] update home config --- modules/desktop/gnome-home.nix | 1 + modules/users/ronja.nix | 2 +- modules/users/vinzenz-home.nix | 28 +++++++++++++++++++++++++--- modules/users/vinzenz.nix | 5 +++-- 4 files changed, 30 insertions(+), 6 deletions(-) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index fd5d4d1..c7481a7 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -27,6 +27,7 @@ in { appindicator gsconnect battery-health-charging + quick-settings-tweaker ]); dconf.settings = { diff --git a/modules/users/ronja.nix b/modules/users/ronja.nix index 8b53c53..61323ba 100644 --- a/modules/users/ronja.nix +++ b/modules/users/ronja.nix @@ -11,7 +11,7 @@ in { users.users.ronja = { isNormalUser = true; name = "ronja"; - description = "Ronja Spiegelberg"; + description = "Ronja"; home = "/home/ronja"; extraGroups = ["networkmanager" "wheel" "games" "podman"]; shell = pkgs.zsh; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 155708b..942f5e9 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -36,6 +36,7 @@ in zsh = { initExtra = '' eval "$(direnv hook zsh)"; + export PATH=$PATH:/home/vinzenz/.cargo/bin ''; shellAliases = { @@ -87,16 +88,17 @@ in bbenoist.nix ms-python.python kamadorueda.alejandra - #samuelcolvin.jinjahtml editorconfig.editorconfig - #KnisterPeter.vscode-github yzhang.markdown-all-in-one redhat.vscode-yaml pkief.material-icon-theme mhutchie.git-graph rust-lang.rust-analyzer - bungcip.better-toml + tamasfe.even-better-toml llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + ms-dotnettools.csharp ]; userSettings = { "git.autofetch" = true; @@ -219,5 +221,25 @@ in }; }; }; + + home.file."policy.json" = { + target = ".config/containers/policy.json"; + text = '' + { + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } + } + ''; + }; } ] diff --git a/modules/users/vinzenz.nix b/modules/users/vinzenz.nix index f93dd78..08c3011 100644 --- a/modules/users/vinzenz.nix +++ b/modules/users/vinzenz.nix @@ -10,10 +10,11 @@ in { users.users.vinzenz = { isNormalUser = true; name = "vinzenz"; - description = "Vinzenz Schroeter"; + description = "Vinzenz"; home = "/home/vinzenz"; - extraGroups = ["networkmanager" "wheel" "games" "dialout" "podman"]; + extraGroups = ["networkmanager" "wheel" "games" "dialout" "podman" "nginx"]; shell = pkgs.zsh; + autoSubUidGidRange = true; }; }; } From 9b8947a1a7170c717a9f07ca40f2b3a980aaeefe Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 21 Jun 2024 17:11:13 +0200 Subject: [PATCH 091/241] add key to pc2 --- vinzenz-pc2.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index 2a49309..b942d3c 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -29,6 +29,10 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' ]; + users.users.ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' + ]; + services.openvscode-server = { enable = true; telemetryLevel = "off"; From d355e877cd4cc20a6d5b97b1c4b5d85df93ce823 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 21 Jun 2024 17:12:04 +0200 Subject: [PATCH 092/241] change vscode-server, WOL --- vinzenz-pc2.nix | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/vinzenz-pc2.nix b/vinzenz-pc2.nix index b942d3c..82b0dd6 100644 --- a/vinzenz-pc2.nix +++ b/vinzenz-pc2.nix @@ -39,11 +39,19 @@ port = 8542; host = "100.125.93.127"; # tailscale withoutConnectionToken = true; - extraPackages = with pkgs; [nodejs gitFull gh]; + extraPackages = with pkgs; [nodejs gitFull gh direnv]; }; - networking.firewall = { - allowedTCPPorts = [8542 8543 8544]; + virtualisation.podman = { + enable = true; + }; + + networking = { + firewall = { + allowedTCPPorts = [8542 8543 8544 80]; + }; + + interfaces.eno1.wakeOnLan.enable = true; }; }; } From 246eca567ad68701d093e81c31da5ddf8cab86c0 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 21 Jun 2024 17:13:58 +0200 Subject: [PATCH 093/241] update to 24.05 --- modules/desktop/default.nix | 5 +++-- modules/desktop/gnome.nix | 5 +++-- modules/desktop/printing.nix | 2 +- modules/hardware/amd.nix | 2 +- modules/hardware/intel.nix | 2 +- modules/i18n.nix | 4 ++-- modules/users/home-shared-modules.nix | 2 +- modules/users/vinzenz-home.nix | 3 +-- 8 files changed, 13 insertions(+), 12 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index f6df893..e18119e 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -26,8 +26,9 @@ in { # Enable the X11 windowing system / wayland depending on DE xserver = { enable = true; - libinput.enable = true; - }; + }; + + libinput.enable = true; # flatpak xdg-portal-kde crashes, otherwise this would be global flatpak.enable = true; diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index 12cde3d..c5d6643 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -17,10 +17,11 @@ in { desktopManager.gnome.enable = true; displayManager = { gdm.enable = true; - defaultSession = "gnome"; - }; + }; }; + displayManager.defaultSession = "gnome"; + gnome = { tracker-miners.enable = false; tracker.enable = false; diff --git a/modules/desktop/printing.nix b/modules/desktop/printing.nix index 5f958aa..e4ab50d 100644 --- a/modules/desktop/printing.nix +++ b/modules/desktop/printing.nix @@ -15,7 +15,7 @@ in { avahi = { enable = true; # runs the Avahi daemon - nssmdns = true; # enables the mDNS NSS plug-in + nssmdns4 = true; # enables the mDNS NSS plug-in openFirewall = true; # opens the firewall for UDP port 5353 }; }; diff --git a/modules/hardware/amd.nix b/modules/hardware/amd.nix index 94b959a..06f3a85 100644 --- a/modules/hardware/amd.nix +++ b/modules/hardware/amd.nix @@ -32,7 +32,7 @@ in { }; environment.systemPackages = with pkgs; [ - nvtop-amd + nvtopPackages.amd ]; }) diff --git a/modules/hardware/intel.nix b/modules/hardware/intel.nix index 2c51461..c84a3bb 100644 --- a/modules/hardware/intel.nix +++ b/modules/hardware/intel.nix @@ -33,7 +33,7 @@ in { ]; }; environment.systemPackages = with pkgs; [ - nvtop-intel + nvtopPackages.intel ]; }) ]; diff --git a/modules/i18n.nix b/modules/i18n.nix index 3d38ec1..d3fbebc 100644 --- a/modules/i18n.nix +++ b/modules/i18n.nix @@ -16,10 +16,10 @@ }; }; - services.xserver = { + services.xserver.xkb = { # Configure keymap in X11 layout = "de"; - xkbVariant = ""; + variant = ""; }; # Configure console keymap diff --git a/modules/users/home-shared-modules.nix b/modules/users/home-shared-modules.nix index 12f12cf..3ad3365 100644 --- a/modules/users/home-shared-modules.nix +++ b/modules/users/home-shared-modules.nix @@ -22,7 +22,7 @@ zsh = { enable = true; syntaxHighlighting.enable = true; - enableAutosuggestions = true; + autosuggestion.enable = true; enableVteIntegration = true; }; }; diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 942f5e9..622bec6 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -146,8 +146,7 @@ in enable = true; git = true; icons = true; - enableAliases = true; - extraOptions = [ + extraOptions = [ "--group-directories-first" "--header" ]; From 5e630f9066eb5940d2140dfb55c0b9ce9e6a277f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 21 Jun 2024 17:14:14 +0200 Subject: [PATCH 094/241] enable AppImage support --- modules/desktop/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index e18119e..eae87c5 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -73,6 +73,10 @@ in { systemd ]; }; +appimage = { + enable = true; + binfmt = true; + }; }; networking = { From 06074d16ecc5a1efb0f76506f64617707b204de1 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 21 Jun 2024 17:16:47 +0200 Subject: [PATCH 095/241] change keys for lpt --- vinzenz-lpt2.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index 086c185..969568b 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -38,11 +38,10 @@ users.users.vinzenz.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' ]; users.users.ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' ]; }; } From b72e5b904e6d02ef704b91e50047b0e02f28eb84 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 21 Jun 2024 17:17:13 +0200 Subject: [PATCH 096/241] podman for lpt, remove package --- vinzenz-lpt2.nix | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index 969568b..13f7f41 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -29,10 +29,14 @@ ]; }; - environment.systemPackages = with pkgs; [anydesk]; - - virtualisation.podman = { + virtualisation = { + containers.enable = true; + podman = { enable = true; + dockerCompat = true; + dockerSocket.enable = true; + autoPrune.enable = true; + }; }; users.users.vinzenz.openssh.authorizedKeys.keys = [ From f3ca2dd34bf1ee60e1a67eca3f7f8873e596545c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 21 Jun 2024 17:17:37 +0200 Subject: [PATCH 097/241] fix editorconfig for makefile --- modules/users/vinzenz-home.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/users/vinzenz-home.nix b/modules/users/vinzenz-home.nix index 622bec6..d2a9554 100644 --- a/modules/users/vinzenz-home.nix +++ b/modules/users/vinzenz-home.nix @@ -120,6 +120,10 @@ in "rust-analyzer.checkOnSave.command" = "clippy"; "extensions.autoUpdate" = false; "extensions.autoCheckUpdates" = false; + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; }; }; From 049c48ddbd83aae622adaccace19c6231a56427d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 21 Jun 2024 17:18:13 +0200 Subject: [PATCH 098/241] lpt nginx --- vinzenz-lpt2.nix | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index 13f7f41..cf994f7 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -47,5 +47,31 @@ users.users.ronja.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' ]; + + services.nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = { + "vinzenz-lpt2" = { + locations."/" = { + proxyPass = "http://127.0.0.1:3000/"; + proxyWebsockets = true; + }; + + serverAliases = ["172.23.42.96"]; + }; + }; + }; + + networking.firewall = { + allowedTCPPorts = [80 8001 3000]; + allowedUDPPorts = [2342]; + }; + }; } From ce7ca5450fd8fea9d2ffbbea4e8eafe345ebd44c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 21 Jul 2024 14:00:10 +0200 Subject: [PATCH 099/241] switch nix implementation to lix --- modules/nixpkgs.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index 6f282ae..761d1ae 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -12,6 +12,24 @@ in { example = ["steam"]; }; + imports = [ + # this switches the nix implementation to lix everywhere, but means recompiling lix every build. + # https://lix.systems/add-to-config/ + (let + module = fetchTarball { + name = "source"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz"; + sha256 = "sha256-yEO2cGNgzm9x/XxiDQI+WckSWnZX63R8aJLBRSXtYNE="; + }; + lixSrc = fetchTarball { + name = "source"; + url = "https://git.lix.systems/lix-project/lix/archive/2.90.0.tar.gz"; + sha256 = "sha256-f8k+BezKdJfmE+k7zgBJiohtS3VkkriycdXYsKOm3sc="; + }; + in import "${module}/module.nix" { lix = lixSrc; } + ) + ]; + config = { nixpkgs.config = { # make nixos-unstable availiable as 'pkgs.unstable' From 1f7bf4ca7a6b7ceb60d4033c3b345b5b31d53ee2 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 21 Jul 2024 14:07:59 +0200 Subject: [PATCH 100/241] do not install build tools on lpt2, latex --- modules/desktop/default.nix | 1 + modules/desktop/latex.nix | 20 ++++++++++++++++++++ vinzenz-lpt2.nix | 9 ++------- 3 files changed, 23 insertions(+), 7 deletions(-) create mode 100644 modules/desktop/latex.nix diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index eae87c5..e6bf373 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -13,6 +13,7 @@ in { ./kde.nix ./gaming.nix ./printing.nix + ./latex.nix ] ++ lib.optionals isHomeManager [ ./gnome-home.nix diff --git a/modules/desktop/latex.nix b/modules/desktop/latex.nix new file mode 100644 index 0000000..a0cb9a0 --- /dev/null +++ b/modules/desktop/latex.nix @@ -0,0 +1,20 @@ +{ + config, + pkgs, + lib, + ... +}: let + isEnabled = config.my.desktop.enableLaTeX; +in { + options.my.desktop.enableLaTeX = lib.mkEnableOption "LaTeX tools and IDE"; + + config = lib.mkIf isEnabled { + my.desktop.enable = true; + + environment.systemPackages = with pkgs; [ + fontconfig + texliveFull + texstudio + ]; + }; +} diff --git a/vinzenz-lpt2.nix b/vinzenz-lpt2.nix index cf994f7..3dcbed0 100644 --- a/vinzenz-lpt2.nix +++ b/vinzenz-lpt2.nix @@ -14,12 +14,7 @@ enableGnome = true; enableGaming = true; enablePrinting = true; - }; - buildtools = { - dotnet = true; - js = true; - rust = true; - native = true; + enableLaTeX = true; }; allowUnfreePackages = [ @@ -32,7 +27,7 @@ virtualisation = { containers.enable = true; podman = { - enable = true; + enable = true; dockerCompat = true; dockerSocket.enable = true; autoPrune.enable = true; From 517753081e6914ee31543f01c7d42237fd40bfa3 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 21 Jul 2024 14:10:13 +0200 Subject: [PATCH 101/241] intel-ocl --- modules/hardware/intel.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/hardware/intel.nix b/modules/hardware/intel.nix index c84a3bb..271a285 100644 --- a/modules/hardware/intel.nix +++ b/modules/hardware/intel.nix @@ -24,6 +24,7 @@ in { vaapiIntel vaapiVdpau libvdpau-va-gl + intel-ocl ]; extraPackages32 = with pkgs.pkgsi686Linux; [ intel-media-driver @@ -35,6 +36,7 @@ in { environment.systemPackages = with pkgs; [ nvtopPackages.intel ]; + my.allowUnfreePackages = ["intel-ocl"]; }) ]; } From 16c9d8e6157f32350bbd8fa2a90aeb2b31988deb Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 21 Jul 2024 14:10:41 +0200 Subject: [PATCH 102/241] formatting --- modules/desktop/gnome.nix | 2 +- modules/desktop/printing.nix | 2 +- modules/nixpkgs.nix | 17 +++++++++-------- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix index c5d6643..efdf080 100644 --- a/modules/desktop/gnome.nix +++ b/modules/desktop/gnome.nix @@ -17,7 +17,7 @@ in { desktopManager.gnome.enable = true; displayManager = { gdm.enable = true; - }; + }; }; displayManager.defaultSession = "gnome"; diff --git a/modules/desktop/printing.nix b/modules/desktop/printing.nix index e4ab50d..ba73ac9 100644 --- a/modules/desktop/printing.nix +++ b/modules/desktop/printing.nix @@ -12,7 +12,7 @@ in { services = { # Enable CUPS to print documents. printing.enable = true; - + avahi = { enable = true; # runs the Avahi daemon nssmdns4 = true; # enables the mDNS NSS plug-in diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix index 761d1ae..a1444df 100644 --- a/modules/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -15,7 +15,8 @@ in { imports = [ # this switches the nix implementation to lix everywhere, but means recompiling lix every build. # https://lix.systems/add-to-config/ - (let + ( + let module = fetchTarball { name = "source"; url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz"; @@ -26,7 +27,8 @@ in { url = "https://git.lix.systems/lix-project/lix/archive/2.90.0.tar.gz"; sha256 = "sha256-f8k+BezKdJfmE+k7zgBJiohtS3VkkriycdXYsKOm3sc="; }; - in import "${module}/module.nix" { lix = lixSrc; } + in + import "${module}/module.nix" {lix = lixSrc;} ) ]; @@ -51,6 +53,11 @@ in { substituters = ["https://nix-community.cachix.org" "https://cache.nixos.org/"]; trusted-public-keys = ["nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="]; }; + gc = { + automatic = true; + dates = "daily"; + options = "--delete-older-than 7d"; + }; }; system = { @@ -62,12 +69,6 @@ in { }; }; - nix.gc = { - automatic = true; - dates = "daily"; - options = "--delete-older-than 7d"; - }; - documentation = { enable = true; # documentation of packages nixos.enable = false; # nixos documentation From 63d5b6141403ea2d483ed1ce6d3991fd914b6ffd Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 3 Aug 2024 17:35:55 +0200 Subject: [PATCH 103/241] add solaar to default desktop --- modules/desktop/default.nix | 13 +++++++++---- modules/desktop/gnome-home.nix | 2 ++ 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index e6bf373..2adf62c 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -27,7 +27,7 @@ in { # Enable the X11 windowing system / wayland depending on DE xserver = { enable = true; - }; + }; libinput.enable = true; @@ -74,9 +74,9 @@ in { systemd ]; }; -appimage = { - enable = true; - binfmt = true; + appimage = { + enable = true; + binfmt = true; }; }; @@ -143,5 +143,10 @@ appimage = { (nerdfonts.override {fonts = ["FiraCode"];}) ]; }; + + hardware.logitech.wireless = { + enable = true; + enableGraphical = true; + }; }; } diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index c7481a7..06884d4 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -28,6 +28,7 @@ in { gsconnect battery-health-charging quick-settings-tweaker + solaar-extension ]); dconf.settings = { @@ -59,6 +60,7 @@ in { "caffeine@patapon.info" "GPaste@gnome-shell-extensions.gnome.org" "gsconnect@andyholmes.github.io" + "solaar-extension@sidevesh" ]; }; "ca/desrt/dconf-editor" = { From 7cef3a3d47075fc617bb0cc8df3d8eef1a3730f6 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 13 Oct 2024 14:18:18 +0200 Subject: [PATCH 104/241] earlyoom --- modules/desktop/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index 2adf62c..9ff9eef 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -35,6 +35,11 @@ in { flatpak.enable = true; fstrim.enable = true; + + earlyoom = { + enable = true; + freeMemThreshold = 5; + }; }; # Enable sound with pipewire. From 31e80e74010c948889cd3221ca22ae5ec8dddd5c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 13 Oct 2024 14:19:03 +0200 Subject: [PATCH 105/241] add gnome software --- modules/desktop/gnome-home.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/desktop/gnome-home.nix b/modules/desktop/gnome-home.nix index 06884d4..bc61e73 100644 --- a/modules/desktop/gnome-home.nix +++ b/modules/desktop/gnome-home.nix @@ -21,6 +21,9 @@ in { ++ (with gnome; [ dconf-editor gpaste + + # graphical installer for flatpak apps + gnome-software ]) ++ (with gnomeExtensions; [ caffeine From b71f8ee6360610f2077dbee66596051af8e6a86a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 00:04:27 +0200 Subject: [PATCH 106/241] first building version of lpt2 as flake --- README.md | 15 -- common/default.nix | 8 ++ {modules => common}/globalinstalls.nix | 0 {modules => common}/i18n.nix | 0 modules/sshd.nix => common/networking.nix | 10 ++ common/nixpkgs.nix | 46 ++++++ flake.lock | 133 ++++++++++++++++++ flake.nix | 32 +++++ home/default.nix | 14 ++ {modules/desktop => home}/gnome-home.nix | 28 ++-- {modules/users => home}/ronja-home.nix | 0 .../shared-modules.nix | 0 {modules/users => home}/vinzenz-home.nix | 2 +- .../desktop-environment.nix | 24 +--- .../desktop-hardware.nix | 8 +- {modules/desktop => hosts}/gaming.nix | 8 +- {modules/desktop => hosts}/gnome.nix | 10 +- hosts/intel-graphics.nix | 28 ++++ hosts/latex.nix | 14 ++ {modules/desktop => hosts}/printing.nix | 8 +- hosts/vinzenz-lpt2/default.nix | 6 + .../vinzenz-lpt2/environment.nix | 40 ++---- hosts/vinzenz-lpt2/hardware.nix | 62 ++++++++ modules/buildtools.nix | 116 --------------- modules/default.nix | 25 ---- modules/desktop/kde-home.nix | 18 --- modules/desktop/kde.nix | 46 ------ modules/desktop/latex.nix | 20 --- modules/hardware/default.nix | 40 ------ modules/hardware/intel.nix | 42 ------ modules/hardware/vinzenz-lpt.nix | 34 ----- modules/hardware/vinzenz-lpt2.nix | 43 ------ modules/nixpkgs.nix | 80 ----------- modules/tailscale.nix | 19 --- modules/users/default.nix | 24 ---- modules/users/home-manager.nix | 25 ---- {modules => modules_bak}/hardware/amd.nix | 0 .../hardware/hetzner-vpn1.nix | 0 .../hardware/vinzenz-pc2.nix | 0 .../hetzner-vpn1.nix | 0 .../vinzenz-pc2.nix | 0 {modules/users => users}/ronja.nix | 11 +- {modules/users => users}/vinzenz.nix | 6 +- vinzenz-lpt.nix | 28 ---- 44 files changed, 396 insertions(+), 677 deletions(-) delete mode 100644 README.md create mode 100644 common/default.nix rename {modules => common}/globalinstalls.nix (100%) rename {modules => common}/i18n.nix (100%) rename modules/sshd.nix => common/networking.nix (60%) create mode 100644 common/nixpkgs.nix create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 home/default.nix rename {modules/desktop => home}/gnome-home.nix (85%) rename {modules/users => home}/ronja-home.nix (100%) rename modules/users/home-shared-modules.nix => home/shared-modules.nix (100%) rename {modules/users => home}/vinzenz-home.nix (99%) rename modules/desktop/default.nix => hosts/desktop-environment.nix (86%) rename modules/hardware/common-desktop.nix => hosts/desktop-hardware.nix (86%) rename {modules/desktop => hosts}/gaming.nix (84%) rename {modules/desktop => hosts}/gnome.nix (84%) create mode 100644 hosts/intel-graphics.nix create mode 100644 hosts/latex.nix rename {modules/desktop => hosts}/printing.nix (67%) create mode 100644 hosts/vinzenz-lpt2/default.nix rename vinzenz-lpt2.nix => hosts/vinzenz-lpt2/environment.nix (64%) create mode 100644 hosts/vinzenz-lpt2/hardware.nix delete mode 100644 modules/buildtools.nix delete mode 100644 modules/default.nix delete mode 100644 modules/desktop/kde-home.nix delete mode 100644 modules/desktop/kde.nix delete mode 100644 modules/desktop/latex.nix delete mode 100644 modules/hardware/default.nix delete mode 100644 modules/hardware/intel.nix delete mode 100644 modules/hardware/vinzenz-lpt.nix delete mode 100644 modules/hardware/vinzenz-lpt2.nix delete mode 100644 modules/nixpkgs.nix delete mode 100644 modules/tailscale.nix delete mode 100644 modules/users/default.nix delete mode 100644 modules/users/home-manager.nix rename {modules => modules_bak}/hardware/amd.nix (100%) rename {modules => modules_bak}/hardware/hetzner-vpn1.nix (100%) rename {modules => modules_bak}/hardware/vinzenz-pc2.nix (100%) rename hetzner-vpn1.nix => modules_bak/hetzner-vpn1.nix (100%) rename vinzenz-pc2.nix => modules_bak/vinzenz-pc2.nix (100%) rename {modules/users => users}/ronja.nix (64%) rename {modules/users => users}/vinzenz.nix (74%) delete mode 100644 vinzenz-lpt.nix diff --git a/README.md b/README.md deleted file mode 100644 index 5cee190..0000000 --- a/README.md +++ /dev/null @@ -1,15 +0,0 @@ -# nixos-configuration - -``` -/ -├── modules -│ ├── desktop -│ ├── hardware (includes hostname.nix) -│ └── users -└── hostname.nix (imports modules) -``` - -When adding a new host: `ln -s ./new-devicename.nix /etc/nixos/configuration.nix` - -Use `sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-23.05.tar.gz home-manager` to add home manager support. - diff --git a/common/default.nix b/common/default.nix new file mode 100644 index 0000000..326c69c --- /dev/null +++ b/common/default.nix @@ -0,0 +1,8 @@ +{...}: { + imports = [ + ./nixpkgs.nix + ./globalinstalls.nix + ./i18n.nix + ./networking.nix + ]; +} diff --git a/modules/globalinstalls.nix b/common/globalinstalls.nix similarity index 100% rename from modules/globalinstalls.nix rename to common/globalinstalls.nix diff --git a/modules/i18n.nix b/common/i18n.nix similarity index 100% rename from modules/i18n.nix rename to common/i18n.nix diff --git a/modules/sshd.nix b/common/networking.nix similarity index 60% rename from modules/sshd.nix rename to common/networking.nix index 747eeac..94bc82d 100644 --- a/modules/sshd.nix +++ b/common/networking.nix @@ -9,5 +9,15 @@ KbdInteractiveAuthentication = false; }; }; + + services.tailscale = { + enable = true; + openFirewall = true; + }; + + networking.firewall = { + enable = true; + checkReversePath = "loose"; + }; }; } diff --git a/common/nixpkgs.nix b/common/nixpkgs.nix new file mode 100644 index 0000000..eb546a0 --- /dev/null +++ b/common/nixpkgs.nix @@ -0,0 +1,46 @@ +{ + config, + lib, + ... +}: { + options.my.allowUnfreePackages = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = []; + example = ["steam"]; + }; + config = { + nixpkgs.config = { + # https://github.com/NixOS/nixpkgs/issues/197325#issuecomment-1579420085 + allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.my.allowUnfreePackages; + }; + + nix = { + settings = { + substituters = ["https://nix-community.cachix.org" "https://cache.nixos.org/"]; + trusted-public-keys = ["nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="]; + }; + gc = { + automatic = true; + dates = "daily"; + options = "--delete-older-than 7d"; + }; + }; + + system = { + stateVersion = "22.11"; + # enable auto updates + autoUpgrade = { + enable = true; + dates = "weekly"; + }; + }; + + documentation = { + enable = true; # documentation of packages + nixos.enable = false; # nixos documentation + man.enable = true; # manual pages and the man command + info.enable = false; # info pages and the info command + doc.enable = false; # documentation distributed in packages' /share/doc + }; + }; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..5881a01 --- /dev/null +++ b/flake.lock @@ -0,0 +1,133 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flakey-profile": { + "locked": { + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", + "type": "github" + }, + "original": { + "owner": "lf-", + "repo": "flakey-profile", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1726989464, + "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.05", + "repo": "home-manager", + "type": "github" + } + }, + "lix": { + "flake": false, + "locked": { + "lastModified": 1729298361, + "narHash": "sha256-hiGtfzxFkDc9TSYsb96Whg0vnqBVV7CUxyscZNhed0U=", + "rev": "ad9d06f7838a25beec425ff406fe68721fef73be", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ad9d06f7838a25beec425ff406fe68721fef73be.tar.gz?rev=ad9d06f7838a25beec425ff406fe68721fef73be" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/2.91.1.tar.gz" + } + }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils", + "flakey-profile": "flakey-profile", + "lix": "lix", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729360442, + "narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=", + "rev": "9098ac95768f7006d7e070b88bae76939f6034e6", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1729691686, + "narHash": "sha256-BAuPWW+9fa1moZTU+jFh+1cUtmsuF8asgzFwejM4wac=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "32e940c7c420600ef0d1ef396dc63b04ee9cad37", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "lix-module": "lix-module", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..c5c9d20 --- /dev/null +++ b/flake.nix @@ -0,0 +1,32 @@ +{ + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + home-manager = { + url = "github:nix-community/home-manager/release-24.05"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + lix-module = { + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = inputs @ { + nixpkgs, + home-manager, + lix-module, + ... + }: { + nixosConfigurations = { + vinzenz-lpt2 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + lix-module.nixosModules.default + home-manager.nixosModules.home-manager + ./common + ./hosts/vinzenz-lpt2 + ]; + }; + }; + }; +} diff --git a/home/default.nix b/home/default.nix new file mode 100644 index 0000000..2cf09f9 --- /dev/null +++ b/home/default.nix @@ -0,0 +1,14 @@ +{ + config, + pkgs, + lib, + ... +}: { + config = { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + sharedModules = import ./shared-modules.nix; + }; + }; +} diff --git a/modules/desktop/gnome-home.nix b/home/gnome-home.nix similarity index 85% rename from modules/desktop/gnome-home.nix rename to home/gnome-home.nix index bc61e73..e82151c 100644 --- a/modules/desktop/gnome-home.nix +++ b/home/gnome-home.nix @@ -3,10 +3,8 @@ config, pkgs, ... -}: let - isEnabled = config.my.desktop.enableGnome; -in { - config = lib.mkIf isEnabled { +}: { + config = { home-manager.sharedModules = [ { home.packages = with pkgs; @@ -87,17 +85,17 @@ in { }; }; } - (lib.mkIf config.my.tailscale.enable - { - home.packages = with pkgs; - [ - trayscale - ] - ++ (with gnomeExtensions; [ - tailscale-qs - ]); - dconf.settings."org/gnome/shell".enabled-extensions = ["tailscale@joaophi.github.com"]; - }) + + { + home.packages = with pkgs; + [ + trayscale + ] + ++ (with gnomeExtensions; [ + tailscale-qs + ]); + dconf.settings."org/gnome/shell".enabled-extensions = ["tailscale@joaophi.github.com"]; + } ]; }; } diff --git a/modules/users/ronja-home.nix b/home/ronja-home.nix similarity index 100% rename from modules/users/ronja-home.nix rename to home/ronja-home.nix diff --git a/modules/users/home-shared-modules.nix b/home/shared-modules.nix similarity index 100% rename from modules/users/home-shared-modules.nix rename to home/shared-modules.nix diff --git a/modules/users/vinzenz-home.nix b/home/vinzenz-home.nix similarity index 99% rename from modules/users/vinzenz-home.nix rename to home/vinzenz-home.nix index d2a9554..883d538 100644 --- a/modules/users/vinzenz-home.nix +++ b/home/vinzenz-home.nix @@ -150,7 +150,7 @@ in enable = true; git = true; icons = true; - extraOptions = [ + extraOptions = [ "--group-directories-first" "--header" ]; diff --git a/modules/desktop/default.nix b/hosts/desktop-environment.nix similarity index 86% rename from modules/desktop/default.nix rename to hosts/desktop-environment.nix index 9ff9eef..97fb613 100644 --- a/modules/desktop/default.nix +++ b/hosts/desktop-environment.nix @@ -1,28 +1,10 @@ -modulesCfg: { +{ config, pkgs, lib, ... -}: let - isEnabled = config.my.desktop.enable; - isHomeManager = modulesCfg.enableHomeManager; -in { - imports = - [ - ./gnome.nix - ./kde.nix - ./gaming.nix - ./printing.nix - ./latex.nix - ] - ++ lib.optionals isHomeManager [ - ./gnome-home.nix - ./kde-home.nix - ]; - - options.my.desktop.enable = lib.mkEnableOption "desktop"; - - config = lib.mkIf isEnabled { +}: { + config = { services = { # Enable the X11 windowing system / wayland depending on DE xserver = { diff --git a/modules/hardware/common-desktop.nix b/hosts/desktop-hardware.nix similarity index 86% rename from modules/hardware/common-desktop.nix rename to hosts/desktop-hardware.nix index 05047a2..ac8be03 100644 --- a/modules/hardware/common-desktop.nix +++ b/hosts/desktop-hardware.nix @@ -3,12 +3,8 @@ pkgs, config, ... -}: let - isEnabled = config.my.hardware.enableCommonDesktopSettings; -in { - options.my.hardware.enableCommonDesktopSettings = lib.mkEnableOption "common hw settings for desktops"; - - config = lib.mkIf isEnabled { +}: { + config = { boot = { kernelPackages = pkgs.linuxPackages_zen; kernelParams = ["quiet" "udev.log_level=3"]; diff --git a/modules/desktop/gaming.nix b/hosts/gaming.nix similarity index 84% rename from modules/desktop/gaming.nix rename to hosts/gaming.nix index 81e4011..2154d0f 100644 --- a/modules/desktop/gaming.nix +++ b/hosts/gaming.nix @@ -3,12 +3,8 @@ pkgs, lib, ... -}: let - isEnabled = config.my.desktop.enableGaming; -in { - options.my.desktop.enableGaming = lib.mkEnableOption "gaming with wine"; - - config = lib.mkIf isEnabled { +}: { + config = { hardware = { opengl = { driSupport = true; diff --git a/modules/desktop/gnome.nix b/hosts/gnome.nix similarity index 84% rename from modules/desktop/gnome.nix rename to hosts/gnome.nix index efdf080..58fe4ee 100644 --- a/modules/desktop/gnome.nix +++ b/hosts/gnome.nix @@ -3,14 +3,8 @@ pkgs, lib, ... -}: let - isEnabled = config.my.desktop.enableGnome; -in { - options.my.desktop.enableGnome = lib.mkEnableOption "gnome desktop"; - - config = lib.mkIf isEnabled { - my.desktop.enable = true; - +}: { + config = { services = { xserver = { # Enable the GNOME Desktop Environment. diff --git a/hosts/intel-graphics.nix b/hosts/intel-graphics.nix new file mode 100644 index 0000000..35decc0 --- /dev/null +++ b/hosts/intel-graphics.nix @@ -0,0 +1,28 @@ +{ + lib, + config, + pkgs, + ... +}: { + config = { + hardware.opengl = { + extraPackages = with pkgs; [ + intel-media-driver + vaapiIntel + vaapiVdpau + libvdpau-va-gl + intel-ocl + ]; + extraPackages32 = with pkgs.pkgsi686Linux; [ + intel-media-driver + vaapiIntel + vaapiVdpau + libvdpau-va-gl + ]; + }; + environment.systemPackages = with pkgs; [ + nvtopPackages.intel + ]; + my.allowUnfreePackages = ["intel-ocl"]; + }; +} diff --git a/hosts/latex.nix b/hosts/latex.nix new file mode 100644 index 0000000..93384bb --- /dev/null +++ b/hosts/latex.nix @@ -0,0 +1,14 @@ +{ + config, + pkgs, + lib, + ... +}: { + config = { + environment.systemPackages = with pkgs; [ + fontconfig + texliveFull + texstudio + ]; + }; +} diff --git a/modules/desktop/printing.nix b/hosts/printing.nix similarity index 67% rename from modules/desktop/printing.nix rename to hosts/printing.nix index ba73ac9..f60272e 100644 --- a/modules/desktop/printing.nix +++ b/hosts/printing.nix @@ -3,12 +3,8 @@ pkgs, lib, ... -}: let - isEnabled = config.my.desktop.enablePrinting; -in { - options.my.desktop.enablePrinting = lib.mkEnableOption "printing"; - - config = lib.mkIf isEnabled { +}: { + config = { services = { # Enable CUPS to print documents. printing.enable = true; diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix new file mode 100644 index 0000000..d8c409e --- /dev/null +++ b/hosts/vinzenz-lpt2/default.nix @@ -0,0 +1,6 @@ +{...}: { + imports = [ + ./hardware.nix + ./environment.nix + ]; +} diff --git a/vinzenz-lpt2.nix b/hosts/vinzenz-lpt2/environment.nix similarity index 64% rename from vinzenz-lpt2.nix rename to hosts/vinzenz-lpt2/environment.nix index 3dcbed0..8b9e6c1 100644 --- a/vinzenz-lpt2.nix +++ b/hosts/vinzenz-lpt2/environment.nix @@ -1,28 +1,17 @@ {pkgs, ...}: { imports = [ - (import ./modules { - hostName = "vinzenz-lpt2"; - enableHomeManager = true; - }) + ../../home + ../../home/gnome-home.nix + ../../users/vinzenz.nix + ../desktop-environment.nix + ../gnome.nix + ../gaming.nix + ../printing.nix + ../latex.nix ]; config = { - my = { - enabledUsers = ["vinzenz" "ronja"]; - tailscale.enable = true; - desktop = { - enableGnome = true; - enableGaming = true; - enablePrinting = true; - enableLaTeX = true; - }; - - allowUnfreePackages = [ - "rider" - "clion" - "pycharm-professional" - ]; - }; + home-manager.users.vinzenz = import ../../home/vinzenz-home.nix; virtualisation = { containers.enable = true; @@ -38,11 +27,11 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' ]; - - users.users.ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - ]; - + # + #users.users.ronja.openssh.authorizedKeys.keys = [ + # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + #]; + # services.nginx = { enable = true; @@ -67,6 +56,5 @@ allowedTCPPorts = [80 8001 3000]; allowedUDPPorts = [2342]; }; - }; } diff --git a/hosts/vinzenz-lpt2/hardware.nix b/hosts/vinzenz-lpt2/hardware.nix new file mode 100644 index 0000000..610d40f --- /dev/null +++ b/hosts/vinzenz-lpt2/hardware.nix @@ -0,0 +1,62 @@ +{ + pkgs, + lib, + ... +}: { + imports = [ + ../desktop-hardware.nix + ../intel-graphics.nix + ]; + config = { + # intel cpu + boot.kernelModules = ["kvm-intel"]; + hardware.cpu.intel.updateMicrocode = true; + + boot.loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + + hardware.enableRedistributableFirmware = true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + boot.initrd = { + availableKernelModules = ["xhci_pci" "thunderbolt" "nvme"]; + luks.devices = { + "luks-2c654ff2-3c42-48d3-a1e3-9545679afaa3" = { + device = "/dev/disk/by-uuid/2c654ff2-3c42-48d3-a1e3-9545679afaa3"; + }; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/e4dad0c8-26a1-45e9-bbd9-48565eb6574e"; + fsType = "btrfs"; + options = ["subvol=@"]; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/E2B7-2BC1"; + fsType = "vfat"; + }; + }; + + swapDevices = [ + { + device = "/var/lib/swapfile"; + size = 32 * 1024; + } + ]; + + services.thermald.enable = true; + services.hardware.bolt.enable = true; # thunderbolt security + }; +} diff --git a/modules/buildtools.nix b/modules/buildtools.nix deleted file mode 100644 index bcb260b..0000000 --- a/modules/buildtools.nix +++ /dev/null @@ -1,116 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: let - cfg = config.my.buildtools; - isDesktop = config.my.desktop.enable; - dotnetPackage = with pkgs.unstable; (dotnetCorePackages.combinePackages [ - dotnet-sdk_8 - ]); -in { - options.my.buildtools = { - native = lib.mkEnableOption "include native build tools"; - dotnet = lib.mkEnableOption "include dotnet build tools"; - rust = lib.mkEnableOption "include rust build tools"; - jetbrains-remote-server = lib.mkEnableOption "setup jetbrais IDE installs so -remote-dev-server can be started"; - objective-c = lib.mkEnableOption "Objective-C with GNUStep"; - js = lib.mkEnableOption "node stuff"; - android = lib.mkEnableOption "android development"; - python = lib.mkEnableOption "generic python 3"; - }; - - config = lib.mkMerge [ - (lib.mkIf cfg.native { - environment.systemPackages = with pkgs; [ - cmake - gnumake - gcc - gdb - ]; - }) - - (lib.mkIf cfg.dotnet { - environment = { - systemPackages = with pkgs; [ - dotnetPackage - - zlib - zlib.dev - openssl - icu - icu.dev - - # native aot - gcc - libunwind - ]; - variables = { - DOTNET_CLI_TELEMETRY_OPTOUT = "1"; - }; - }; - programs.nix-ld.libraries = with pkgs; [ - # native aot - libunwind - icu - zlib - zlib.dev - openssl - icu - icu.dev - dotnetPackage - ]; - }) - - (lib.mkIf cfg.js { - environment.systemPackages = with pkgs; [ - nodejs - ]; - }) - - (lib.mkIf cfg.rust { - environment.systemPackages = with pkgs; [ - rustup - musl - ]; - }) - - (lib.mkIf cfg.jetbrains-remote-server { - my.buildtools.dotnet = true; - my.buildtools.native = true; - my.buildtools.python = true; - }) - - (lib.mkIf cfg.objective-c { - my.buildtools.native = true; - environment.systemPackages = - (with pkgs.gnustep; [ - gui - make - gorm - base - back - system_preferences - projectcenter - libobjc - gworkspace - ]) - ++ (with pkgs; [ - clang-tools - clang - ]); - }) - - (lib.mkIf cfg.android { - environment.systemPackages = with pkgs; [ - android-tools - android-udev-rules - ]; - }) - - (lib.mkIf cfg.python { - environment.systemPackages = with pkgs; [python3 python3Packages.pip]; - }) - ]; -} diff --git a/modules/default.nix b/modules/default.nix deleted file mode 100644 index f794bcf..0000000 --- a/modules/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -modulesCfg: {lib, ...}: { - imports = - [ - ./i18n.nix - ./nixpkgs.nix - ./globalinstalls.nix - ./sshd.nix - ./tailscale.nix - ./buildtools.nix - ] - ++ (map (path: (import path modulesCfg)) [ - ./hardware - ./users - ./desktop - ]); - - config = { - my.modulesCfg = modulesCfg; - - networking.firewall = { - enable = true; - checkReversePath = "loose"; - }; - }; -} diff --git a/modules/desktop/kde-home.nix b/modules/desktop/kde-home.nix deleted file mode 100644 index 2ece5e0..0000000 --- a/modules/desktop/kde-home.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - lib, - config, - ... -}: let - isEnabled = config.my.desktop.enableKde; -in { - config = lib.mkIf isEnabled { - home-manager.sharedModules = [ - { - services.kdeconnect = { - enable = true; - indicator = true; - }; - } - ]; - }; -} diff --git a/modules/desktop/kde.nix b/modules/desktop/kde.nix deleted file mode 100644 index c6b6590..0000000 --- a/modules/desktop/kde.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - isEnabled = config.my.desktop.enableKde; -in { - options.my.desktop.enableKde = lib.mkEnableOption "KDE desktop"; - - config = lib.mkIf isEnabled { - my.desktop.enable = true; - - services = { - # Enable the KDE Plasma Desktop Environment. - xserver = { - desktopManager.plasma5.enable = true; - - displayManager = { - sddm.enable = true; - defaultSession = "plasmawayland"; - }; - }; - }; - - environment = { - systemPackages = with pkgs; [ - libsForQt5.kate - libsForQt5.kalk - ]; - - plasma5.excludePackages = with pkgs.libsForQt5; [ - elisa - gwenview - okular - khelpcenter - ]; - }; - - programs = { - dconf.enable = true; - partition-manager.enable = true; - kdeconnect.enable = true; - }; - }; -} diff --git a/modules/desktop/latex.nix b/modules/desktop/latex.nix deleted file mode 100644 index a0cb9a0..0000000 --- a/modules/desktop/latex.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - isEnabled = config.my.desktop.enableLaTeX; -in { - options.my.desktop.enableLaTeX = lib.mkEnableOption "LaTeX tools and IDE"; - - config = lib.mkIf isEnabled { - my.desktop.enable = true; - - environment.systemPackages = with pkgs; [ - fontconfig - texliveFull - texstudio - ]; - }; -} diff --git a/modules/hardware/default.nix b/modules/hardware/default.nix deleted file mode 100644 index a9a4a84..0000000 --- a/modules/hardware/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -modulesCfg: { - modulesPath, - lib, - ... -}: let - hostName = modulesCfg.hostName; -in { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - (builtins.toString ./. + "/${hostName}.nix") - ./common-desktop.nix - ./amd.nix - ./intel.nix - ]; - - options.my.modulesCfg.hostName = lib.mkOption { - type = lib.types.str; - }; - - config = { - networking.hostName = hostName; - - boot.loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true; - - hardware.enableRedistributableFirmware = true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - }; -} diff --git a/modules/hardware/intel.nix b/modules/hardware/intel.nix deleted file mode 100644 index 271a285..0000000 --- a/modules/hardware/intel.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: let - cfg = config.my.hardware.intel; -in { - options.my.hardware.intel = { - cpu = lib.mkEnableOption "intel cpu"; - iGpu = lib.mkEnableOption "intel integrated gpu"; - xe = lib.mkEnableOption "intel xe gpu"; - }; - - config = lib.mkMerge [ - (lib.mkIf cfg.cpu { - boot.kernelModules = ["kvm-intel"]; - hardware.cpu.intel.updateMicrocode = true; - }) - (lib.mkIf (cfg.iGpu || cfg.xe) { - hardware.opengl = { - extraPackages = with pkgs; [ - intel-media-driver - vaapiIntel - vaapiVdpau - libvdpau-va-gl - intel-ocl - ]; - extraPackages32 = with pkgs.pkgsi686Linux; [ - intel-media-driver - vaapiIntel - vaapiVdpau - libvdpau-va-gl - ]; - }; - environment.systemPackages = with pkgs; [ - nvtopPackages.intel - ]; - my.allowUnfreePackages = ["intel-ocl"]; - }) - ]; -} diff --git a/modules/hardware/vinzenz-lpt.nix b/modules/hardware/vinzenz-lpt.nix deleted file mode 100644 index 5f028ef..0000000 --- a/modules/hardware/vinzenz-lpt.nix +++ /dev/null @@ -1,34 +0,0 @@ -{...}: { - config = { - my.hardware = { - enableCommonDesktopSettings = true; - amd.radeon = true; - intel = { - cpu = true; - iGpu = true; - }; - }; - - boot = { - initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"]; - loader.efi.efiSysMountPoint = "/boot/efi"; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/34cb86c4-8823-4785-9672-92ef0bcd5eaf"; - fsType = "btrfs"; - options = ["subvol=@"]; - }; - - "/boot/efi" = { - device = "/dev/disk/by-uuid/2381-1CD2"; - fsType = "vfat"; - }; - }; - - swapDevices = [ - {device = "/dev/disk/by-uuid/f5932f70-60e4-4abe-b23d-2cab3c095c7d";} - ]; - }; -} diff --git a/modules/hardware/vinzenz-lpt2.nix b/modules/hardware/vinzenz-lpt2.nix deleted file mode 100644 index d220276..0000000 --- a/modules/hardware/vinzenz-lpt2.nix +++ /dev/null @@ -1,43 +0,0 @@ -{...}: { - config = { - my.hardware = { - enableCommonDesktopSettings = true; - intel = { - cpu = true; - xe = true; - }; - }; - - boot.initrd = { - availableKernelModules = ["xhci_pci" "thunderbolt" "nvme"]; - luks.devices = { - "luks-2c654ff2-3c42-48d3-a1e3-9545679afaa3" = { - device = "/dev/disk/by-uuid/2c654ff2-3c42-48d3-a1e3-9545679afaa3"; - }; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/e4dad0c8-26a1-45e9-bbd9-48565eb6574e"; - fsType = "btrfs"; - options = ["subvol=@"]; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/E2B7-2BC1"; - fsType = "vfat"; - }; - }; - - swapDevices = [ - { - device = "/var/lib/swapfile"; - size = 32 * 1024; - } - ]; - - services.thermald.enable = true; - services.hardware.bolt.enable = true; # thunderbolt security - }; -} diff --git a/modules/nixpkgs.nix b/modules/nixpkgs.nix deleted file mode 100644 index a1444df..0000000 --- a/modules/nixpkgs.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ - config, - lib, - ... -}: let - unstable-commit-sha = "9df3e30ce24fd28c7b3e2de0d986769db5d6225d"; - ultrastable-commit-sha = "2be119add7b37dc535da2dd4cba68e2cf8d1517e"; -in { - options.my.allowUnfreePackages = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = []; - example = ["steam"]; - }; - - imports = [ - # this switches the nix implementation to lix everywhere, but means recompiling lix every build. - # https://lix.systems/add-to-config/ - ( - let - module = fetchTarball { - name = "source"; - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz"; - sha256 = "sha256-yEO2cGNgzm9x/XxiDQI+WckSWnZX63R8aJLBRSXtYNE="; - }; - lixSrc = fetchTarball { - name = "source"; - url = "https://git.lix.systems/lix-project/lix/archive/2.90.0.tar.gz"; - sha256 = "sha256-f8k+BezKdJfmE+k7zgBJiohtS3VkkriycdXYsKOm3sc="; - }; - in - import "${module}/module.nix" {lix = lixSrc;} - ) - ]; - - config = { - nixpkgs.config = { - # make nixos-unstable availiable as 'pkgs.unstable' - packageOverrides = pkgs: { - unstable = import (fetchTarball "https://github.com/nixos/nixpkgs/tarball/${unstable-commit-sha}") { - config = config.nixpkgs.config; - }; - ultrastable = import (fetchTarball "https://github.com/nixos/nixpkgs/tarball/${ultrastable-commit-sha}") { - config = config.nixpkgs.config; - }; - }; - - # https://github.com/NixOS/nixpkgs/issues/197325#issuecomment-1579420085 - allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.my.allowUnfreePackages; - }; - - nix = { - settings = { - substituters = ["https://nix-community.cachix.org" "https://cache.nixos.org/"]; - trusted-public-keys = ["nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="]; - }; - gc = { - automatic = true; - dates = "daily"; - options = "--delete-older-than 7d"; - }; - }; - - system = { - stateVersion = "22.11"; - # enable auto updates - autoUpgrade = { - enable = true; - dates = "weekly"; - }; - }; - - documentation = { - enable = true; # documentation of packages - nixos.enable = false; # nixos documentation - man.enable = true; # manual pages and the man command - info.enable = false; # info pages and the info command - doc.enable = false; # documentation distributed in packages' /share/doc - }; - }; -} diff --git a/modules/tailscale.nix b/modules/tailscale.nix deleted file mode 100644 index b301dcb..0000000 --- a/modules/tailscale.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: let - cfg = config.my.tailscale; -in { - options.my.tailscale = { - enable = lib.mkEnableOption "enable tailscale vpn"; - }; - - config = lib.mkIf cfg.enable { - services.tailscale = { - enable = true; - openFirewall = true; - }; - }; -} diff --git a/modules/users/default.nix b/modules/users/default.nix deleted file mode 100644 index 1d84a1d..0000000 --- a/modules/users/default.nix +++ /dev/null @@ -1,24 +0,0 @@ -modulesCfg: { - config, - pkgs, - lib, - ... -}: let - enableHomeManager = modulesCfg.enableHomeManager; -in { - options.my = { - modulesCfg.enableHomeManager = lib.mkEnableOption "enable home manager"; - enabledUsers = lib.mkOption { - type = lib.types.listOf lib.types.str; - }; - }; - - imports = - [ - ./vinzenz.nix - ./ronja.nix - ] - ++ lib.optionals enableHomeManager [ - ./home-manager.nix - ]; -} diff --git a/modules/users/home-manager.nix b/modules/users/home-manager.nix deleted file mode 100644 index 73adcc6..0000000 --- a/modules/users/home-manager.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: { - imports = [ - - ]; - - config = { - home-manager = { - useUserPackages = true; - useGlobalPkgs = true; - - # defaults for users - sharedModules = import ./home-shared-modules.nix; - - users = { - ronja = lib.mkIf (builtins.elem "ronja" config.my.enabledUsers) (import ./ronja-home.nix); - vinzenz = lib.mkIf (builtins.elem "vinzenz" config.my.enabledUsers) (import ./vinzenz-home.nix); - }; - }; - }; -} diff --git a/modules/hardware/amd.nix b/modules_bak/hardware/amd.nix similarity index 100% rename from modules/hardware/amd.nix rename to modules_bak/hardware/amd.nix diff --git a/modules/hardware/hetzner-vpn1.nix b/modules_bak/hardware/hetzner-vpn1.nix similarity index 100% rename from modules/hardware/hetzner-vpn1.nix rename to modules_bak/hardware/hetzner-vpn1.nix diff --git a/modules/hardware/vinzenz-pc2.nix b/modules_bak/hardware/vinzenz-pc2.nix similarity index 100% rename from modules/hardware/vinzenz-pc2.nix rename to modules_bak/hardware/vinzenz-pc2.nix diff --git a/hetzner-vpn1.nix b/modules_bak/hetzner-vpn1.nix similarity index 100% rename from hetzner-vpn1.nix rename to modules_bak/hetzner-vpn1.nix diff --git a/vinzenz-pc2.nix b/modules_bak/vinzenz-pc2.nix similarity index 100% rename from vinzenz-pc2.nix rename to modules_bak/vinzenz-pc2.nix diff --git a/modules/users/ronja.nix b/users/ronja.nix similarity index 64% rename from modules/users/ronja.nix rename to users/ronja.nix index 61323ba..b8a271d 100644 --- a/modules/users/ronja.nix +++ b/users/ronja.nix @@ -1,12 +1,5 @@ -{ - config, - pkgs, - lib, - ... -}: let - isUserEnabled = builtins.elem "ronja" config.my.enabledUsers; -in { - config = lib.mkIf isUserEnabled { +{pkgs, ...}: { + config = { # Define user account users.users.ronja = { isNormalUser = true; diff --git a/modules/users/vinzenz.nix b/users/vinzenz.nix similarity index 74% rename from modules/users/vinzenz.nix rename to users/vinzenz.nix index 08c3011..e7a38f4 100644 --- a/modules/users/vinzenz.nix +++ b/users/vinzenz.nix @@ -3,10 +3,8 @@ pkgs, lib, ... -}: let - isUserEnabled = builtins.elem "vinzenz" config.my.enabledUsers; -in { - config = lib.mkIf isUserEnabled { +}: { + config = { users.users.vinzenz = { isNormalUser = true; name = "vinzenz"; diff --git a/vinzenz-lpt.nix b/vinzenz-lpt.nix deleted file mode 100644 index 347fedd..0000000 --- a/vinzenz-lpt.nix +++ /dev/null @@ -1,28 +0,0 @@ -{...}: { - imports = [ - (import ./modules { - hostName = "vinzenz-lpt"; - enableHomeManager = true; - }) - ]; - - config = { - my = { - enabledUsers = ["vinzenz"]; - tailscale.enable = true; - desktop = { - enableGnome = true; - enableGaming = true; - enablePrinting = true; - }; - buildtools = { - dotnet = true; - }; - }; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ]; - }; -} From 160229278171b46bec07ac1806ba9b766a91e95f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 00:16:05 +0200 Subject: [PATCH 107/241] enable experimental features --- common/nixpkgs.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/common/nixpkgs.nix b/common/nixpkgs.nix index eb546a0..8f5a12b 100644 --- a/common/nixpkgs.nix +++ b/common/nixpkgs.nix @@ -18,6 +18,7 @@ settings = { substituters = ["https://nix-community.cachix.org" "https://cache.nixos.org/"]; trusted-public-keys = ["nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="]; + experimental-features = ["nix-command" "flakes"]; }; gc = { automatic = true; From 5944fe5cca787f4faeba40b92c199dc91026376b Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 12:32:15 +0200 Subject: [PATCH 108/241] split config --- flake.nix | 19 +- home/{gnome-home.nix => gnome.nix} | 3 + home/ronja-home.nix | 2 +- home/vinzenz-home.nix | 248 --------------------- home/vinzenz/default.nix | 104 +++++++++ home/vinzenz/git.nix | 16 ++ home/vinzenz/ssh.nix | 47 ++++ home/vinzenz/vscode.nix | 46 ++++ home/vinzenz/zsh.nix | 29 +++ hosts/vinzenz-lpt2/default.nix | 3 + hosts/vinzenz-lpt2/environment.nix | 14 +- hosts/vinzenz-lpt2/hardware.nix | 4 +- {hosts => modules}/desktop-environment.nix | 12 +- {hosts => modules}/desktop-hardware.nix | 0 {hosts => modules}/gaming.nix | 0 {hosts => modules}/gnome.nix | 0 {hosts => modules}/intel-graphics.nix | 0 {hosts => modules}/latex.nix | 0 {hosts => modules}/printing.nix | 0 19 files changed, 271 insertions(+), 276 deletions(-) rename home/{gnome-home.nix => gnome.nix} (98%) delete mode 100644 home/vinzenz-home.nix create mode 100644 home/vinzenz/default.nix create mode 100644 home/vinzenz/git.nix create mode 100644 home/vinzenz/ssh.nix create mode 100644 home/vinzenz/vscode.nix create mode 100644 home/vinzenz/zsh.nix rename {hosts => modules}/desktop-environment.nix (92%) rename {hosts => modules}/desktop-hardware.nix (100%) rename {hosts => modules}/gaming.nix (100%) rename {hosts => modules}/gnome.nix (100%) rename {hosts => modules}/intel-graphics.nix (100%) rename {hosts => modules}/latex.nix (100%) rename {hosts => modules}/printing.nix (100%) diff --git a/flake.nix b/flake.nix index c5c9d20..d50aed4 100644 --- a/flake.nix +++ b/flake.nix @@ -16,16 +16,21 @@ home-manager, lix-module, ... - }: { + }: let + common-modules = [ + lix-module.nixosModules.default + home-manager.nixosModules.home-manager + ./common + ]; + in { nixosConfigurations = { vinzenz-lpt2 = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - modules = [ - lix-module.nixosModules.default - home-manager.nixosModules.home-manager - ./common - ./hosts/vinzenz-lpt2 - ]; + modules = + common-modules + ++ [ + ./hosts/vinzenz-lpt2 + ]; }; }; }; diff --git a/home/gnome-home.nix b/home/gnome.nix similarity index 98% rename from home/gnome-home.nix rename to home/gnome.nix index e82151c..828c0ce 100644 --- a/home/gnome-home.nix +++ b/home/gnome.nix @@ -4,6 +4,9 @@ pkgs, ... }: { + imports = [ + ../modules/gnome.nix + ]; config = { home-manager.sharedModules = [ { diff --git a/home/ronja-home.nix b/home/ronja-home.nix index aed4e1e..0457204 100644 --- a/home/ronja-home.nix +++ b/home/ronja-home.nix @@ -3,7 +3,7 @@ pkgs, ... }: { - home .packages = with pkgs; [ + home.packages = with pkgs; [ ## Apps telegram-desktop kdiff3 diff --git a/home/vinzenz-home.nix b/home/vinzenz-home.nix deleted file mode 100644 index 883d538..0000000 --- a/home/vinzenz-home.nix +++ /dev/null @@ -1,248 +0,0 @@ -{ - config, - osConfig, - pkgs, - lib, - ... -}: let - isGnomeEnabled = osConfig.my.desktop.enableGnome; -in - lib.mkMerge [ - { - home.packages = with pkgs; [ - keepassxc - insync - - telegram-desktop - element-desktop - - wireguard-tools - wirelesstools - - alejandra # nix formatter - - arduino - uucp - - kdiff3 - jetbrains-toolbox - ]; - - programs = { - home-manager.enable = true; - - fzf.enable = true; - - zsh = { - initExtra = '' - eval "$(direnv hook zsh)"; - export PATH=$PATH:/home/vinzenz/.cargo/bin - ''; - - shellAliases = { - my-apply = "sudo nixos-rebuild boot"; - my-switch = "sudo nixos-rebuild switch"; - my-update = "sudo nixos-rebuild boot --upgrade"; - my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; - my-fmt = "alejandra ."; - my-test = "sudo nixos-rebuild test"; - my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; - my-ip4 = "ip addr show | grep 192"; - }; - - history = { - size = 10000; - path = "${config.xdg.dataHome}/zsh/history"; - expireDuplicatesFirst = true; - }; - - oh-my-zsh = { - enable = true; - theme = "agnoster"; - plugins = ["git" "sudo" "docker" "systemadmin"]; - }; - }; - - git = { - enable = true; - userName = "Vinzenz Schroeter"; - userEmail = "vinzenz.f.s@gmail.com"; - - aliases = { - prettylog = "log --pretty=oneline --graph"; - spring-clean = "!git branch --merged | xargs -n 1 -r git branch -d"; - }; - - extraConfig = { - pull.ff = "only"; - merge.tool = "kdiff3"; - push.autoSetupRemote = "true"; - }; - }; - - vscode = { - enable = true; - package = pkgs.vscodium; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - bbenoist.nix - ms-python.python - kamadorueda.alejandra - editorconfig.editorconfig - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - mhutchie.git-graph - rust-lang.rust-analyzer - tamasfe.even-better-toml - llvm-vs-code-extensions.vscode-clangd - mkhl.direnv - vadimcn.vscode-lldb - ms-dotnettools.csharp - ]; - userSettings = { - "git.autofetch" = true; - "update.mode" = "none"; - "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; - "editor.fontLigatures" = true; - "editor.formatOnSave" = true; - "editor.formatOnSaveMode" = "modificationsIfAvailable"; - "editor.minimap.autohide" = true; - "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = true; - "markdown.extension.tableFormatter.normalizeIndentation" = true; - "markdown.extension.toc.orderedList" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; - "rust-analyzer.checkOnSave.command" = "clippy"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; - "\[makefile\]" = { - "editor.insertSpaces" = false; - "editor.detectIndentation" = false; - }; - }; - }; - - direnv = { - enable = true; - nix-direnv.enable = true; - }; - - chromium = { - enable = true; - extensions = [ - { - # ublock origin - id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; - } - { - id = "dcpihecpambacapedldabdbpakmachpb"; - updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; - } - ]; - }; - - eza = { - enable = true; - git = true; - icons = true; - extraOptions = [ - "--group-directories-first" - "--header" - ]; - }; - - # checked https://rycee.gitlab.io/home-manager/options.html until "programs.notmuch" - - ssh = { - enable = true; - matchBlocks = { - "vpn1" = { - host = "vpn1 hetzner-vpn1"; - hostname = "157.90.146.125"; # 2a01:4f8:c012:7137::/64 - user = "root"; - }; - "vpn1-ts" = { - host = "vpn1-ts hetzner-vpn1.donkey-pentatonic.ts.net"; - hostname = "hetzner-vpn1.donkey-pentatonic.ts.net"; - user = "root"; - }; - "openwrt" = { - host = "openwrt openwrt.lan"; - hostname = "openwrt.lan"; - user = "root"; - }; - "openwrt-ts" = { - hostname = "openwrt.donkey-pentatonic.ts.net"; - port = 2222; - user = "root"; - }; - "openwrt-j" = { - hostname = "openwrt.donkey-pentatonic.ts.net"; - proxyJump = "vpn1"; - port = 2222; - user = "root"; - }; - "pc2-power" = { - hostname = "openwrt.donkey-pentatonic.ts.net"; - proxyJump = "vpn1"; - port = 2222; - user = "pc2-power"; - }; - "avd-power" = { - # hostname = "2001:678:560:23:9833:63ff:fe2d:f477" - # hostname = "195.160.172.25"; - hostname = "avd-jumphost.club.berlin.ccc.de"; - user = "power"; - }; - "avd" = { - hostname = "avd.club.berlin.ccc.de"; - user = "vinzenz"; - }; - }; - }; - }; - - editorconfig = { - enable = true; - settings = { - "*" = { - charset = "utf-8"; - end_of_line = "lf"; - trim_trailing_whitespace = true; - insert_final_newline = true; - max_line_width = 120; - indent_style = "space"; - indent_size = 4; - }; - "*.nix" = { - indent_size = 2; - }; - }; - }; - - home.file."policy.json" = { - target = ".config/containers/policy.json"; - text = '' - { - "default": [ - { - "type": "insecureAcceptAnything" - } - ], - "transports": - { - "docker-daemon": - { - "": [{"type":"insecureAcceptAnything"}] - } - } - } - ''; - }; - } - ] diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix new file mode 100644 index 0000000..a10b7ca --- /dev/null +++ b/home/vinzenz/default.nix @@ -0,0 +1,104 @@ +inputs @ { + config, + osConfig, + pkgs, + lib, + ... +}: let + isGnomeEnabled = osConfig.my.desktop.enableGnome; +in { + programs = { + home-manager.enable = true; + fzf.enable = true; + zsh = import ./zsh.nix inputs; + git = import ./git.nix; + vscode = import ./vscode.nix inputs; + ssh = import ./ssh.nix; + + direnv = { + enable = true; + nix-direnv.enable = true; + }; + + chromium = { + enable = true; + extensions = [ + { + # ublock origin + id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; + } + { + id = "dcpihecpambacapedldabdbpakmachpb"; + updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; + } + ]; + }; + + eza = { + enable = true; + git = true; + icons = true; + extraOptions = [ + "--group-directories-first" + "--header" + ]; + }; + }; + + home.packages = with pkgs; [ + keepassxc + insync + + telegram-desktop + element-desktop + + wireguard-tools + wirelesstools + + alejandra # nix formatter + + arduino + uucp + + kdiff3 + jetbrains-toolbox + ]; + + editorconfig = { + enable = true; + settings = { + "*" = { + charset = "utf-8"; + end_of_line = "lf"; + trim_trailing_whitespace = true; + insert_final_newline = true; + max_line_width = 120; + indent_style = "space"; + indent_size = 4; + }; + "*.nix" = { + indent_size = 2; + }; + }; + }; + + home.file."policy.json" = { + target = ".config/containers/policy.json"; + text = '' + { + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } + } + ''; + }; +} diff --git a/home/vinzenz/git.nix b/home/vinzenz/git.nix new file mode 100644 index 0000000..bb64f13 --- /dev/null +++ b/home/vinzenz/git.nix @@ -0,0 +1,16 @@ +{ + enable = true; + userName = "Vinzenz Schroeter"; + userEmail = "vinzenz.f.s@gmail.com"; + + aliases = { + prettylog = "log --pretty=oneline --graph"; + spring-clean = "!git branch --merged | xargs -n 1 -r git branch -d"; + }; + + extraConfig = { + pull.ff = "only"; + merge.tool = "kdiff3"; + push.autoSetupRemote = "true"; + }; +} diff --git a/home/vinzenz/ssh.nix b/home/vinzenz/ssh.nix new file mode 100644 index 0000000..360958e --- /dev/null +++ b/home/vinzenz/ssh.nix @@ -0,0 +1,47 @@ +{ + enable = true; + matchBlocks = { + "vpn1" = { + host = "vpn1 hetzner-vpn1"; + hostname = "157.90.146.125"; # 2a01:4f8:c012:7137::/64 + user = "root"; + }; + "vpn1-ts" = { + host = "vpn1-ts hetzner-vpn1.donkey-pentatonic.ts.net"; + hostname = "hetzner-vpn1.donkey-pentatonic.ts.net"; + user = "root"; + }; + "openwrt" = { + host = "openwrt openwrt.lan"; + hostname = "openwrt.lan"; + user = "root"; + }; + "openwrt-ts" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + port = 2222; + user = "root"; + }; + "openwrt-j" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + proxyJump = "vpn1"; + port = 2222; + user = "root"; + }; + "pc2-power" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + proxyJump = "vpn1"; + port = 2222; + user = "pc2-power"; + }; + "avd-power" = { + # hostname = "2001:678:560:23:9833:63ff:fe2d:f477" + # hostname = "195.160.172.25"; + hostname = "avd-jumphost.club.berlin.ccc.de"; + user = "power"; + }; + "avd" = { + hostname = "avd.club.berlin.ccc.de"; + user = "vinzenz"; + }; + }; +} diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix new file mode 100644 index 0000000..e88cef4 --- /dev/null +++ b/home/vinzenz/vscode.nix @@ -0,0 +1,46 @@ +{pkgs, ...}: { + enable = true; + package = pkgs.vscodium; + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + ms-python.python + kamadorueda.alejandra + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + mhutchie.git-graph + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + ms-dotnettools.csharp + ]; + userSettings = { + "git.autofetch" = true; + "update.mode" = "none"; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = true; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; + "rust-analyzer.checkOnSave.command" = "clippy"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; + }; +} diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix new file mode 100644 index 0000000..c6d011c --- /dev/null +++ b/home/vinzenz/zsh.nix @@ -0,0 +1,29 @@ +{config, ...}: { + initExtra = '' + eval "$(direnv hook zsh)"; + export PATH=$PATH:/home/vinzenz/.cargo/bin + ''; + + shellAliases = { + my-apply = "sudo nixos-rebuild boot"; + my-switch = "sudo nixos-rebuild switch"; + my-update = "sudo nixos-rebuild boot --upgrade"; + my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; + my-fmt = "alejandra ."; + my-test = "sudo nixos-rebuild test"; + my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; + my-ip4 = "ip addr show | grep 192"; + }; + + history = { + size = 10000; + path = "${config.xdg.dataHome}/zsh/history"; + expireDuplicatesFirst = true; + }; + + oh-my-zsh = { + enable = true; + theme = "agnoster"; + plugins = ["git" "sudo" "docker" "systemadmin"]; + }; +} diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index d8c409e..20b21b3 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -3,4 +3,7 @@ ./hardware.nix ./environment.nix ]; + config = { + networking.hostName = "vinzenz-lpt2"; + }; } diff --git a/hosts/vinzenz-lpt2/environment.nix b/hosts/vinzenz-lpt2/environment.nix index 8b9e6c1..e85de40 100644 --- a/hosts/vinzenz-lpt2/environment.nix +++ b/hosts/vinzenz-lpt2/environment.nix @@ -1,17 +1,17 @@ {pkgs, ...}: { imports = [ ../../home - ../../home/gnome-home.nix + ../../home/gnome.nix ../../users/vinzenz.nix - ../desktop-environment.nix - ../gnome.nix - ../gaming.nix - ../printing.nix - ../latex.nix + ../../modules/desktop-environment.nix + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + ../../modules/latex.nix ]; config = { - home-manager.users.vinzenz = import ../../home/vinzenz-home.nix; + home-manager.users.vinzenz = import ../../home/vinzenz; virtualisation = { containers.enable = true; diff --git a/hosts/vinzenz-lpt2/hardware.nix b/hosts/vinzenz-lpt2/hardware.nix index 610d40f..4e11ab5 100644 --- a/hosts/vinzenz-lpt2/hardware.nix +++ b/hosts/vinzenz-lpt2/hardware.nix @@ -4,8 +4,8 @@ ... }: { imports = [ - ../desktop-hardware.nix - ../intel-graphics.nix + ../../modules/desktop-hardware.nix + ../../modules/intel-graphics.nix ]; config = { # intel cpu diff --git a/hosts/desktop-environment.nix b/modules/desktop-environment.nix similarity index 92% rename from hosts/desktop-environment.nix rename to modules/desktop-environment.nix index 97fb613..fa0e1b9 100644 --- a/hosts/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -6,18 +6,10 @@ }: { config = { services = { - # Enable the X11 windowing system / wayland depending on DE - xserver = { - enable = true; - }; - + xserver.enable = true; libinput.enable = true; - - # flatpak xdg-portal-kde crashes, otherwise this would be global flatpak.enable = true; - fstrim.enable = true; - earlyoom = { enable = true; freeMemThreshold = 5; @@ -106,8 +98,6 @@ hunspell hunspellDicts.de-de hunspellDicts.en-us-large - - gnumake ]; nixpkgs.config.permittedInsecurePackages = []; diff --git a/hosts/desktop-hardware.nix b/modules/desktop-hardware.nix similarity index 100% rename from hosts/desktop-hardware.nix rename to modules/desktop-hardware.nix diff --git a/hosts/gaming.nix b/modules/gaming.nix similarity index 100% rename from hosts/gaming.nix rename to modules/gaming.nix diff --git a/hosts/gnome.nix b/modules/gnome.nix similarity index 100% rename from hosts/gnome.nix rename to modules/gnome.nix diff --git a/hosts/intel-graphics.nix b/modules/intel-graphics.nix similarity index 100% rename from hosts/intel-graphics.nix rename to modules/intel-graphics.nix diff --git a/hosts/latex.nix b/modules/latex.nix similarity index 100% rename from hosts/latex.nix rename to modules/latex.nix diff --git a/hosts/printing.nix b/modules/printing.nix similarity index 100% rename from hosts/printing.nix rename to modules/printing.nix From f41cd58e54949da6978c8dadf19114c6ebbb6f8e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 14:59:00 +0200 Subject: [PATCH 109/241] transform the other hosts to flake --- common/globalinstalls.nix | 5 +- flake.nix | 24 +++++++++- hosts/hetzner-vpn1/default.nix | 9 ++++ .../hetzner-vpn1/environment.nix | 11 +---- .../hetzner-vpn1/hardware.nix | 1 - hosts/vinzenz-lpt2/default.nix | 2 + hosts/vinzenz-lpt2/environment.nix | 4 +- hosts/vinzenz-pc2/default.nix | 9 ++++ .../vinzenz-pc2/environment.nix | 30 +++++------- .../vinzenz-pc2/hardware.nix | 14 +++--- modules/amd-graphics.nix | 24 ++++++++++ modules_bak/hardware/amd.nix | 47 ------------------- 12 files changed, 90 insertions(+), 90 deletions(-) create mode 100644 hosts/hetzner-vpn1/default.nix rename modules_bak/hetzner-vpn1.nix => hosts/hetzner-vpn1/environment.nix (93%) rename modules_bak/hardware/hetzner-vpn1.nix => hosts/hetzner-vpn1/hardware.nix (99%) create mode 100644 hosts/vinzenz-pc2/default.nix rename modules_bak/vinzenz-pc2.nix => hosts/vinzenz-pc2/environment.nix (67%) rename modules_bak/hardware/vinzenz-pc2.nix => hosts/vinzenz-pc2/hardware.nix (87%) create mode 100644 modules/amd-graphics.nix delete mode 100644 modules_bak/hardware/amd.nix diff --git a/common/globalinstalls.nix b/common/globalinstalls.nix index b602f99..20bf11d 100644 --- a/common/globalinstalls.nix +++ b/common/globalinstalls.nix @@ -22,14 +22,11 @@ zsh.enable = true; htop.enable = true; iotop.enable = true; + git.enable = true; nano = { enable = true; syntaxHighlight = true; }; - git = { - enable = true; - package = pkgs.gitFull; - }; }; }; } diff --git a/flake.nix b/flake.nix index d50aed4..ffc2c07 100644 --- a/flake.nix +++ b/flake.nix @@ -19,7 +19,6 @@ }: let common-modules = [ lix-module.nixosModules.default - home-manager.nixosModules.home-manager ./common ]; in { @@ -29,9 +28,32 @@ modules = common-modules ++ [ + home-manager.nixosModules.home-manager ./hosts/vinzenz-lpt2 ]; }; + vinzenz-pc2 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = + common-modules + ++ [ + home-manager.nixosModules.home-manager + ./hosts/vinzenz-pc2 + ]; + }; + hetzner-vpn1 = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = + common-modules + ++ [ + ./hosts/hetzner-vpn1 + + { + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + } + ]; + }; }; }; } diff --git a/hosts/hetzner-vpn1/default.nix b/hosts/hetzner-vpn1/default.nix new file mode 100644 index 0000000..e2d62fe --- /dev/null +++ b/hosts/hetzner-vpn1/default.nix @@ -0,0 +1,9 @@ +{...}: { + imports = [ + ./hardware.nix + ./environment.nix + ]; + config = { + networking.hostName = "hetzner-vpn1"; + }; +} diff --git a/modules_bak/hetzner-vpn1.nix b/hosts/hetzner-vpn1/environment.nix similarity index 93% rename from modules_bak/hetzner-vpn1.nix rename to hosts/hetzner-vpn1/environment.nix index 7a06a07..280d8d7 100644 --- a/modules_bak/hetzner-vpn1.nix +++ b/hosts/hetzner-vpn1/environment.nix @@ -24,18 +24,11 @@ pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; in { imports = [ - (import ./modules { - hostName = "hetzner-vpn1"; - enableHomeManager = false; - }) + ../../users/vinzenz.nix + ../../users/ronja.nix ]; config = { - my = { - enabledUsers = ["ronja" "vinzenz"]; - tailscale.enable = true; - }; - users.users = { root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' diff --git a/modules_bak/hardware/hetzner-vpn1.nix b/hosts/hetzner-vpn1/hardware.nix similarity index 99% rename from modules_bak/hardware/hetzner-vpn1.nix rename to hosts/hetzner-vpn1/hardware.nix index e147668..7494a08 100644 --- a/modules_bak/hardware/hetzner-vpn1.nix +++ b/hosts/hetzner-vpn1/hardware.nix @@ -96,7 +96,6 @@ services.udev.extraRules = '' ATTR{address}=="96:00:02:87:7f:c9", NAME="eth0" - ''; }; } diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index 20b21b3..987bf07 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -5,5 +5,7 @@ ]; config = { networking.hostName = "vinzenz-lpt2"; + + nix.settings.extra-platforms = ["aarch64-linux"]; }; } diff --git a/hosts/vinzenz-lpt2/environment.nix b/hosts/vinzenz-lpt2/environment.nix index e85de40..66e6fe9 100644 --- a/hosts/vinzenz-lpt2/environment.nix +++ b/hosts/vinzenz-lpt2/environment.nix @@ -27,11 +27,11 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' ]; - # + #users.users.ronja.openssh.authorizedKeys.keys = [ # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' #]; - # + services.nginx = { enable = true; diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix new file mode 100644 index 0000000..356f331 --- /dev/null +++ b/hosts/vinzenz-pc2/default.nix @@ -0,0 +1,9 @@ +{...}: { + imports = [ + ./hardware.nix + ./environment.nix + ]; + config = { + networking.hostName = "vinzenz-pc2"; + }; +} diff --git a/modules_bak/vinzenz-pc2.nix b/hosts/vinzenz-pc2/environment.nix similarity index 67% rename from modules_bak/vinzenz-pc2.nix rename to hosts/vinzenz-pc2/environment.nix index 82b0dd6..bde8e94 100644 --- a/modules_bak/vinzenz-pc2.nix +++ b/hosts/vinzenz-pc2/environment.nix @@ -1,26 +1,18 @@ {pkgs, ...}: { imports = [ - (import ./modules { - hostName = "vinzenz-pc2"; - enableHomeManager = true; - }) + ../../home + ../../home/gnome.nix + ../../users/vinzenz.nix + ../../modules/desktop-environment.nix + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix ]; config = { - my = { - enabledUsers = ["vinzenz" "ronja"]; - tailscale.enable = true; - desktop = { - enableGnome = true; - enableGaming = true; - enablePrinting = true; - }; - buildtools = { - native = true; - dotnet = true; - rust = true; - jetbrains-remote-server = true; - }; + home-manager.users = { + vinzenz = import ../../home/vinzenz; + ronja = import ../../home/ronja; }; users.users.vinzenz.openssh.authorizedKeys.keys = [ @@ -39,7 +31,7 @@ port = 8542; host = "100.125.93.127"; # tailscale withoutConnectionToken = true; - extraPackages = with pkgs; [nodejs gitFull gh direnv]; + extraPackages = with pkgs; [nodejs git gh direnv]; }; virtualisation.podman = { diff --git a/modules_bak/hardware/vinzenz-pc2.nix b/hosts/vinzenz-pc2/hardware.nix similarity index 87% rename from modules_bak/hardware/vinzenz-pc2.nix rename to hosts/vinzenz-pc2/hardware.nix index 3f6ce4a..65b63d8 100644 --- a/modules_bak/hardware/vinzenz-pc2.nix +++ b/hosts/vinzenz-pc2/hardware.nix @@ -1,12 +1,12 @@ {...}: { + imports = [ + ../../modules/desktop-hardware.nix + ../../modules/amd-graphics.nix + ]; config = { - my.hardware = { - enableCommonDesktopSettings = true; - amd = { - cpu = true; - gpu = true; - }; - }; + # amd cpu + boot.kernelModules = ["kvm-amd"]; + hardware.cpu.amd.updateMicrocode = true; boot = { initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "sd_mod"]; # "usb_storage" diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix new file mode 100644 index 0000000..426119e --- /dev/null +++ b/modules/amd-graphics.nix @@ -0,0 +1,24 @@ +{ + lib, + config, + pkgs, + ... +}: { + config = { + boot.kernelModules = ["amdgpu"]; + services.xserver.videoDrivers = ["amdgpu"]; + + hardware.opengl = { + extraPackages = with pkgs; [ + amdvlk + ]; + extraPackages32 = with pkgs; [ + driversi686Linux.amdvlk + ]; + }; + + environment.systemPackages = with pkgs; [ + nvtopPackages.amd + ]; + }; +} diff --git a/modules_bak/hardware/amd.nix b/modules_bak/hardware/amd.nix deleted file mode 100644 index 06f3a85..0000000 --- a/modules_bak/hardware/amd.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - lib, - config, - pkgs, - ... -}: let - cfg = config.my.hardware.amd; -in { - options.my.hardware.amd = { - cpu = lib.mkEnableOption "amd cpu"; - gpu = lib.mkEnableOption "amd gpu"; - radeon = lib.mkEnableOption "amd legacy gpu"; # old hardware, dont judge - }; - - config = lib.mkMerge [ - (lib.mkIf cfg.cpu { - boot.kernelModules = ["kvm-amd"]; - hardware.cpu.amd.updateMicrocode = true; - }) - - (lib.mkIf cfg.gpu { - boot.kernelModules = ["amdgpu"]; - services.xserver.videoDrivers = ["amdgpu"]; - - hardware.opengl = { - extraPackages = with pkgs; [ - amdvlk - ]; - extraPackages32 = with pkgs; [ - driversi686Linux.amdvlk - ]; - }; - - environment.systemPackages = with pkgs; [ - nvtopPackages.amd - ]; - }) - - (lib.mkIf cfg.radeon { - boot.kernelModules = ["radeon"]; - services.xserver.videoDrivers = ["radeon"]; - environment.systemPackages = with pkgs; [ - radeontop - ]; - }) - ]; -} From 074ea3bd3b8a1bda201fc9794bbc3b9e6f58d5b9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 16:43:08 +0200 Subject: [PATCH 110/241] fixes for pc2, misc changes --- flake.nix | 14 +++++----- home/{ronja-home.nix => ronja.nix} | 0 home/vinzenz/default.nix | 4 +-- hosts/hetzner-vpn1/environment.nix | 44 +++++++++++++++--------------- hosts/vinzenz-pc2/environment.nix | 3 +- users/vinzenz.nix | 7 +---- 6 files changed, 33 insertions(+), 39 deletions(-) rename home/{ronja-home.nix => ronja.nix} (100%) diff --git a/flake.nix b/flake.nix index ffc2c07..023e2e9 100644 --- a/flake.nix +++ b/flake.nix @@ -16,13 +16,13 @@ home-manager, lix-module, ... - }: let - common-modules = [ - lix-module.nixosModules.default - ./common - ]; - in { - nixosConfigurations = { + }: { + nixosConfigurations = let + common-modules = [ + lix-module.nixosModules.default + ./common + ]; + in { vinzenz-lpt2 = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = diff --git a/home/ronja-home.nix b/home/ronja.nix similarity index 100% rename from home/ronja-home.nix rename to home/ronja.nix diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index a10b7ca..27e4669 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -4,9 +4,7 @@ inputs @ { pkgs, lib, ... -}: let - isGnomeEnabled = osConfig.my.desktop.enableGnome; -in { +}: { programs = { home-manager.enable = true; fzf.enable = true; diff --git a/hosts/hetzner-vpn1/environment.nix b/hosts/hetzner-vpn1/environment.nix index 280d8d7..9bb013a 100644 --- a/hosts/hetzner-vpn1/environment.nix +++ b/hosts/hetzner-vpn1/environment.nix @@ -2,27 +2,7 @@ pkgs, lib, ... -}: let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = host: port: { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; - }; - }; - lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; -in { +}: { imports = [ ../../users/vinzenz.nix ../../users/ronja.nix @@ -66,7 +46,27 @@ in { recommendedGzipSettings = true; recommendedOptimisation = true; - virtualHosts = { + virtualHosts = let + servicesDomain = "services.zerforschen.plus"; + mkServiceConfig = host: port: { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://${host}:${toString port}/"; + extraConfig = '' + # bind to tailscale ip + proxy_bind 100.88.118.60; + # pam auth + limit_except OPTIONS { + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + } + ''; + }; + }; + lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; + pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + in { "vscode.${servicesDomain}" = lib.mkMerge [ (mkServiceConfig pc2 8542) {locations."/" .proxyWebsockets = true;} diff --git a/hosts/vinzenz-pc2/environment.nix b/hosts/vinzenz-pc2/environment.nix index bde8e94..e9392a5 100644 --- a/hosts/vinzenz-pc2/environment.nix +++ b/hosts/vinzenz-pc2/environment.nix @@ -3,6 +3,7 @@ ../../home ../../home/gnome.nix ../../users/vinzenz.nix + ../../users/ronja.nix ../../modules/desktop-environment.nix ../../modules/gnome.nix ../../modules/gaming.nix @@ -12,7 +13,7 @@ config = { home-manager.users = { vinzenz = import ../../home/vinzenz; - ronja = import ../../home/ronja; + ronja = import ../../home/ronja.nix; }; users.users.vinzenz.openssh.authorizedKeys.keys = [ diff --git a/users/vinzenz.nix b/users/vinzenz.nix index e7a38f4..d4bbde4 100644 --- a/users/vinzenz.nix +++ b/users/vinzenz.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: { +{pkgs, ...}: { config = { users.users.vinzenz = { isNormalUser = true; From f673c6ae299c33b5d28f7eee7a29b7abdd5e1c54 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 17:30:11 +0200 Subject: [PATCH 111/241] split up modules differently --- flake.nix | 47 +++++-------- hosts/hetzner-vpn1/default.nix | 102 ++++++++++++++++++++++++++--- hosts/hetzner-vpn1/environment.nix | 81 ----------------------- hosts/vinzenz-lpt2/default.nix | 86 +++++++++++++++++++++--- hosts/vinzenz-lpt2/environment.nix | 60 ----------------- hosts/vinzenz-lpt2/hardware.nix | 1 - hosts/vinzenz-pc2/default.nix | 67 ++++++++++++++++--- hosts/vinzenz-pc2/environment.nix | 50 -------------- hosts/vinzenz-pc2/fstab.nix | 37 +++++++++++ hosts/vinzenz-pc2/hardware.nix | 42 +----------- 10 files changed, 286 insertions(+), 287 deletions(-) delete mode 100644 hosts/hetzner-vpn1/environment.nix delete mode 100644 hosts/vinzenz-lpt2/environment.nix delete mode 100644 hosts/vinzenz-pc2/environment.nix create mode 100644 hosts/vinzenz-pc2/fstab.nix diff --git a/flake.nix b/flake.nix index 023e2e9..50da7d9 100644 --- a/flake.nix +++ b/flake.nix @@ -22,38 +22,23 @@ lix-module.nixosModules.default ./common ]; + desktop-modules = [ + home-manager.nixosModules.home-manager + ./home + ./modules/desktop-environment.nix + ./modules/desktop-hardware.nix + ]; + host-params = { + inherit nixpkgs; + inherit home-manager; + inherit lix-module; + common-modules = common-modules; + desktop-modules = desktop-modules; + }; in { - vinzenz-lpt2 = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = - common-modules - ++ [ - home-manager.nixosModules.home-manager - ./hosts/vinzenz-lpt2 - ]; - }; - vinzenz-pc2 = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = - common-modules - ++ [ - home-manager.nixosModules.home-manager - ./hosts/vinzenz-pc2 - ]; - }; - hetzner-vpn1 = nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = - common-modules - ++ [ - ./hosts/hetzner-vpn1 - - { - # uncomment for build check on non arm system (requires --impure) - # nixpkgs.buildPlatform = builtins.currentSystem; - } - ]; - }; + vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; + vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; + hetzner-vpn1 = import ./hosts/hetzner-vpn1 host-params; }; }; } diff --git a/hosts/hetzner-vpn1/default.nix b/hosts/hetzner-vpn1/default.nix index e2d62fe..35b060f 100644 --- a/hosts/hetzner-vpn1/default.nix +++ b/hosts/hetzner-vpn1/default.nix @@ -1,9 +1,95 @@ -{...}: { - imports = [ - ./hardware.nix - ./environment.nix - ]; - config = { - networking.hostName = "hetzner-vpn1"; - }; +{ + nixpkgs, + common-modules, + desktop-modules, + ... +}: +nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = + common-modules + ++ [ + ./hardware.nix + ../../users/vinzenz.nix + ../../users/ronja.nix + { + networking.hostName = "hetzner-vpn1"; + } + { + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + } + + { + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + ]; + }; + } + { + security.acme = { + acceptTerms = true; + defaults.email = "acme@zerforschen.plus"; + }; + + security.pam.services.nginx.setEnvironment = false; + systemd.services.nginx.serviceConfig = { + SupplementaryGroups = ["shadow"]; + }; + + services.nginx = { + enable = true; + additionalModules = [pkgs.nginxModules.pam]; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = let + servicesDomain = "services.zerforschen.plus"; + mkServiceConfig = host: port: { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://${host}:${toString port}/"; + extraConfig = '' + # bind to tailscale ip + proxy_bind 100.88.118.60; + # pam auth + limit_except OPTIONS { + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + } + ''; + }; + }; + lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; + pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + in { + "vscode.${servicesDomain}" = lib.mkMerge [ + (mkServiceConfig pc2 8542) + {locations."/" .proxyWebsockets = true;} + ]; + "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; + "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; + }; + }; + + networking.firewall.allowedTCPPorts = [80 443]; + } + ]; } diff --git a/hosts/hetzner-vpn1/environment.nix b/hosts/hetzner-vpn1/environment.nix deleted file mode 100644 index 9bb013a..0000000 --- a/hosts/hetzner-vpn1/environment.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - imports = [ - ../../users/vinzenz.nix - ../../users/ronja.nix - ]; - - config = { - users.users = { - root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - ]; - }; - - security.acme = { - acceptTerms = true; - defaults.email = "acme@zerforschen.plus"; - }; - - security.pam.services.nginx.setEnvironment = false; - systemd.services.nginx.serviceConfig = { - SupplementaryGroups = ["shadow"]; - }; - - services.nginx = { - enable = true; - additionalModules = [pkgs.nginxModules.pam]; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - virtualHosts = let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = host: port: { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; - }; - }; - lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - in { - "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig pc2 8542) - {locations."/" .proxyWebsockets = true;} - ]; - "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; - "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; - }; - }; - - networking.firewall.allowedTCPPorts = [80 443]; - }; -} diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index 987bf07..02e98ab 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -1,11 +1,79 @@ -{...}: { - imports = [ - ./hardware.nix - ./environment.nix - ]; - config = { - networking.hostName = "vinzenz-lpt2"; +{ + nixpkgs, + common-modules, + desktop-modules, + ... +}: +nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = + common-modules + ++ desktop-modules + ++ [ + ./hardware.nix - nix.settings.extra-platforms = ["aarch64-linux"]; - }; + ../../home/gnome.nix + ../../users/vinzenz.nix + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + ../../modules/latex.nix + + { + networking.hostName = "vinzenz-lpt2"; + nix.settings.extra-platforms = ["aarch64-linux"]; + } + + { + home-manager.users.vinzenz = import ../../home/vinzenz; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ]; + + #users.users.ronja.openssh.authorizedKeys.keys = [ + # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + #]; + } + + { + virtualisation = { + containers.enable = true; + podman = { + enable = true; + dockerCompat = true; + dockerSocket.enable = true; + autoPrune.enable = true; + }; + }; + } + + { + services.nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = { + "vinzenz-lpt2" = { + locations."/" = { + proxyPass = "http://127.0.0.1:3000/"; + proxyWebsockets = true; + }; + + serverAliases = ["172.23.42.96"]; + }; + }; + }; + + networking.firewall = { + allowedTCPPorts = [80 8001 3000]; + allowedUDPPorts = [2342]; + }; + } + ]; } diff --git a/hosts/vinzenz-lpt2/environment.nix b/hosts/vinzenz-lpt2/environment.nix deleted file mode 100644 index 66e6fe9..0000000 --- a/hosts/vinzenz-lpt2/environment.nix +++ /dev/null @@ -1,60 +0,0 @@ -{pkgs, ...}: { - imports = [ - ../../home - ../../home/gnome.nix - ../../users/vinzenz.nix - ../../modules/desktop-environment.nix - ../../modules/gnome.nix - ../../modules/gaming.nix - ../../modules/printing.nix - ../../modules/latex.nix - ]; - - config = { - home-manager.users.vinzenz = import ../../home/vinzenz; - - virtualisation = { - containers.enable = true; - podman = { - enable = true; - dockerCompat = true; - dockerSocket.enable = true; - autoPrune.enable = true; - }; - }; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ]; - - #users.users.ronja.openssh.authorizedKeys.keys = [ - # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - #]; - - services.nginx = { - enable = true; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - virtualHosts = { - "vinzenz-lpt2" = { - locations."/" = { - proxyPass = "http://127.0.0.1:3000/"; - proxyWebsockets = true; - }; - - serverAliases = ["172.23.42.96"]; - }; - }; - }; - - networking.firewall = { - allowedTCPPorts = [80 8001 3000]; - allowedUDPPorts = [2342]; - }; - }; -} diff --git a/hosts/vinzenz-lpt2/hardware.nix b/hosts/vinzenz-lpt2/hardware.nix index 4e11ab5..a6e5ff5 100644 --- a/hosts/vinzenz-lpt2/hardware.nix +++ b/hosts/vinzenz-lpt2/hardware.nix @@ -4,7 +4,6 @@ ... }: { imports = [ - ../../modules/desktop-hardware.nix ../../modules/intel-graphics.nix ]; config = { diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index 356f331..8d9ab6f 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -1,9 +1,60 @@ -{...}: { - imports = [ - ./hardware.nix - ./environment.nix - ]; - config = { - networking.hostName = "vinzenz-pc2"; - }; +{ + nixpkgs, + common-modules, + desktop-modules, + ... +}: +nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = + common-modules + ++ desktop-modules + ++ [ + ./hardware.nix + ../../home/gnome.nix + ../../users/vinzenz.nix + ../../users/ronja.nix + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + { + networking.hostName = "vinzenz-pc2"; + } + { + home-manager.users = { + vinzenz = import ../../home/vinzenz; + ronja = import ../../home/ronja.nix; + }; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + + users.users.ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' + ]; + } + { + services.openvscode-server = { + enable = true; + telemetryLevel = "off"; + port = 8542; + host = "100.125.93.127"; # tailscale + withoutConnectionToken = true; + extraPackages = with pkgs; [nodejs git gh direnv]; + }; + + virtualisation.podman = { + enable = true; + }; + + networking = { + firewall = { + allowedTCPPorts = [8542 8543 8544 80]; + }; + }; + } + ]; } diff --git a/hosts/vinzenz-pc2/environment.nix b/hosts/vinzenz-pc2/environment.nix deleted file mode 100644 index e9392a5..0000000 --- a/hosts/vinzenz-pc2/environment.nix +++ /dev/null @@ -1,50 +0,0 @@ -{pkgs, ...}: { - imports = [ - ../../home - ../../home/gnome.nix - ../../users/vinzenz.nix - ../../users/ronja.nix - ../../modules/desktop-environment.nix - ../../modules/gnome.nix - ../../modules/gaming.nix - ../../modules/printing.nix - ]; - - config = { - home-manager.users = { - vinzenz = import ../../home/vinzenz; - ronja = import ../../home/ronja.nix; - }; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - - users.users.ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' - ]; - - services.openvscode-server = { - enable = true; - telemetryLevel = "off"; - port = 8542; - host = "100.125.93.127"; # tailscale - withoutConnectionToken = true; - extraPackages = with pkgs; [nodejs git gh direnv]; - }; - - virtualisation.podman = { - enable = true; - }; - - networking = { - firewall = { - allowedTCPPorts = [8542 8543 8544 80]; - }; - - interfaces.eno1.wakeOnLan.enable = true; - }; - }; -} diff --git a/hosts/vinzenz-pc2/fstab.nix b/hosts/vinzenz-pc2/fstab.nix new file mode 100644 index 0000000..19fd5ff --- /dev/null +++ b/hosts/vinzenz-pc2/fstab.nix @@ -0,0 +1,37 @@ +{ + "/" = { + device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + fsType = "btrfs"; + options = ["subvol=@"]; + }; + + "/home" = { + device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + fsType = "btrfs"; + options = ["subvol=@home"]; + }; + + "/games" = { + device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + fsType = "btrfs"; + options = ["subvol=@games"]; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/AF67-8F16"; + fsType = "vfat"; + }; + + "/mnt/nixos_btrfs_root" = { + # subvolume with id 5 is always the root volume + # this is convenient for managing the flat subvolume hierarchy + device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + fsType = "btrfs"; + options = ["subvolid=5"]; + }; + + "/mnt/ssd2" = { + device = "/dev/disk/by-uuid/6b2a647d-c68e-4c07-85bf-c9bfc5db7e8a"; + fsType = "ext4"; + }; +} diff --git a/hosts/vinzenz-pc2/hardware.nix b/hosts/vinzenz-pc2/hardware.nix index 65b63d8..6893194 100644 --- a/hosts/vinzenz-pc2/hardware.nix +++ b/hosts/vinzenz-pc2/hardware.nix @@ -1,6 +1,5 @@ {...}: { imports = [ - ../../modules/desktop-hardware.nix ../../modules/amd-graphics.nix ]; config = { @@ -13,44 +12,9 @@ loader.efi.efiSysMountPoint = "/boot"; }; - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = ["subvol=@"]; - }; - - "/home" = { - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = ["subvol=@home"]; - }; - - "/games" = { - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = ["subvol=@games"]; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/AF67-8F16"; - fsType = "vfat"; - }; - - "/mnt/nixos_btrfs_root" = { - # subvolume with id 5 is always the root volume - # this is convenient for managing the flat subvolume hierarchy - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = ["subvolid=5"]; - }; - - "/mnt/ssd2" = { - device = "/dev/disk/by-uuid/6b2a647d-c68e-4c07-85bf-c9bfc5db7e8a"; - fsType = "ext4"; - }; - }; - + fileSystems = import ./fstab.nix; swapDevices = []; + + interfaces.eno1.wakeOnLan.enable = true; }; } From 8ca186274224a33845b9baec76ce1085952b59f0 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 17:41:46 +0200 Subject: [PATCH 112/241] remove unneccessary var --- flake.nix | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/flake.nix b/flake.nix index 50da7d9..4402c2e 100644 --- a/flake.nix +++ b/flake.nix @@ -18,22 +18,20 @@ ... }: { nixosConfigurations = let - common-modules = [ - lix-module.nixosModules.default - ./common - ]; - desktop-modules = [ - home-manager.nixosModules.home-manager - ./home - ./modules/desktop-environment.nix - ./modules/desktop-hardware.nix - ]; host-params = { inherit nixpkgs; inherit home-manager; inherit lix-module; - common-modules = common-modules; - desktop-modules = desktop-modules; + common-modules = [ + lix-module.nixosModules.default + ./common + ]; + desktop-modules = [ + home-manager.nixosModules.home-manager + ./home + ./modules/desktop-environment.nix + ./modules/desktop-hardware.nix + ]; }; in { vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; From 164795dfd29d40eb19db81baca79da076403f66c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 18:15:50 +0200 Subject: [PATCH 113/241] split up files more --- home/gnome-shared-dconf.nix | 42 ++++++++++++++++++++++ home/gnome.nix | 43 +---------------------- home/vinzenz/default.nix | 34 ++---------------- home/vinzenz/editorconfig.nix | 17 +++++++++ hosts/hetzner-vpn1/default.nix | 54 +---------------------------- hosts/hetzner-vpn1/nginx.nix | 52 +++++++++++++++++++++++++++ hosts/vinzenz-lpt2/default.nix | 41 ++-------------------- hosts/vinzenz-lpt2/nginx.nix | 26 ++++++++++++++ hosts/vinzenz-pc2/default.nix | 22 ++---------- hosts/vinzenz-pc2/vscode-server.nix | 16 +++++++++ modules/podman.nix | 11 ++++++ 11 files changed, 172 insertions(+), 186 deletions(-) create mode 100644 home/gnome-shared-dconf.nix create mode 100644 home/vinzenz/editorconfig.nix create mode 100644 hosts/hetzner-vpn1/nginx.nix create mode 100644 hosts/vinzenz-lpt2/nginx.nix create mode 100644 hosts/vinzenz-pc2/vscode-server.nix create mode 100644 modules/podman.nix diff --git a/home/gnome-shared-dconf.nix b/home/gnome-shared-dconf.nix new file mode 100644 index 0000000..58133e7 --- /dev/null +++ b/home/gnome-shared-dconf.nix @@ -0,0 +1,42 @@ +{ + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + clock-show-seconds = true; + show-battery-percentage = true; + }; + "org/gnome/mutter" = { + edge-tiling = true; + dynamic-workspaces = true; + }; + "org/gnome/desktop/peripherals/keyboard" = { + numlock-state = true; + }; + "org/gnome/desktop/peripherals/touchpad" = { + tap-to-click = true; + two-finger-scrolling-enabled = true; + }; + "org/gnome/tweaks" = { + show-extensions-notice = false; + }; + "org/gnome/shell" = { + disable-user-extensions = false; + disabled-extensions = []; + enabled-extensions = [ + "appindicatorsupport@rgcjonas.gmail.com" + "workspace-indicator@gnome-shell-extensions.gcampax.github.com" + "caffeine@patapon.info" + "GPaste@gnome-shell-extensions.gnome.org" + "gsconnect@andyholmes.github.io" + "solaar-extension@sidevesh" + ]; + }; + "ca/desrt/dconf-editor" = { + show-warning = false; + }; + "org/gnome/desktop/wm/keybindings" = { + switch-windows = ["Tab"]; + switch-windows-backward = ["Tab"]; + switch-applications = ["Tab"]; + switch-applications-backward = ["Tab"]; + }; +} diff --git a/home/gnome.nix b/home/gnome.nix index 828c0ce..c85a98d 100644 --- a/home/gnome.nix +++ b/home/gnome.nix @@ -35,48 +35,7 @@ solaar-extension ]); - dconf.settings = { - "org/gnome/desktop/interface" = { - color-scheme = "prefer-dark"; - clock-show-seconds = true; - show-battery-percentage = true; - }; - "org/gnome/mutter" = { - edge-tiling = true; - dynamic-workspaces = true; - }; - "org/gnome/desktop/peripherals/keyboard" = { - numlock-state = true; - }; - "org/gnome/desktop/peripherals/touchpad" = { - tap-to-click = true; - two-finger-scrolling-enabled = true; - }; - "org/gnome/tweaks" = { - show-extensions-notice = false; - }; - "org/gnome/shell" = { - disable-user-extensions = false; - disabled-extensions = []; - enabled-extensions = [ - "appindicatorsupport@rgcjonas.gmail.com" - "workspace-indicator@gnome-shell-extensions.gcampax.github.com" - "caffeine@patapon.info" - "GPaste@gnome-shell-extensions.gnome.org" - "gsconnect@andyholmes.github.io" - "solaar-extension@sidevesh" - ]; - }; - "ca/desrt/dconf-editor" = { - show-warning = false; - }; - "org/gnome/desktop/wm/keybindings" = { - switch-windows = ["Tab"]; - switch-windows-backward = ["Tab"]; - switch-applications = ["Tab"]; - switch-applications-backward = ["Tab"]; - }; - }; + dconf.settings = import ./gnome-shared-dconf.nix; gtk = { enable = true; diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 27e4669..b88bf1c 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -18,20 +18,6 @@ inputs @ { nix-direnv.enable = true; }; - chromium = { - enable = true; - extensions = [ - { - # ublock origin - id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; - } - { - id = "dcpihecpambacapedldabdbpakmachpb"; - updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; - } - ]; - }; - eza = { enable = true; git = true; @@ -43,6 +29,8 @@ inputs @ { }; }; + editorconfig = import ./editorconfig.nix; + home.packages = with pkgs; [ keepassxc insync @@ -62,24 +50,6 @@ inputs @ { jetbrains-toolbox ]; - editorconfig = { - enable = true; - settings = { - "*" = { - charset = "utf-8"; - end_of_line = "lf"; - trim_trailing_whitespace = true; - insert_final_newline = true; - max_line_width = 120; - indent_style = "space"; - indent_size = 4; - }; - "*.nix" = { - indent_size = 2; - }; - }; - }; - home.file."policy.json" = { target = ".config/containers/policy.json"; text = '' diff --git a/home/vinzenz/editorconfig.nix b/home/vinzenz/editorconfig.nix new file mode 100644 index 0000000..8eb3987 --- /dev/null +++ b/home/vinzenz/editorconfig.nix @@ -0,0 +1,17 @@ +{ + enable = true; + settings = { + "*" = { + charset = "utf-8"; + end_of_line = "lf"; + trim_trailing_whitespace = true; + insert_final_newline = true; + max_line_width = 120; + indent_style = "space"; + indent_size = 4; + }; + "*.nix" = { + indent_size = 2; + }; + }; +} diff --git a/hosts/hetzner-vpn1/default.nix b/hosts/hetzner-vpn1/default.nix index 35b060f..d69b3c3 100644 --- a/hosts/hetzner-vpn1/default.nix +++ b/hosts/hetzner-vpn1/default.nix @@ -10,6 +10,7 @@ nixpkgs.lib.nixosSystem { common-modules ++ [ ./hardware.nix + ./nginx.nix ../../users/vinzenz.nix ../../users/ronja.nix { @@ -19,7 +20,6 @@ nixpkgs.lib.nixosSystem { # uncomment for build check on non arm system (requires --impure) # nixpkgs.buildPlatform = builtins.currentSystem; } - { users.users = { root.openssh.authorizedKeys.keys = [ @@ -39,57 +39,5 @@ nixpkgs.lib.nixosSystem { ]; }; } - { - security.acme = { - acceptTerms = true; - defaults.email = "acme@zerforschen.plus"; - }; - - security.pam.services.nginx.setEnvironment = false; - systemd.services.nginx.serviceConfig = { - SupplementaryGroups = ["shadow"]; - }; - - services.nginx = { - enable = true; - additionalModules = [pkgs.nginxModules.pam]; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - virtualHosts = let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = host: port: { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; - }; - }; - lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - in { - "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig pc2 8542) - {locations."/" .proxyWebsockets = true;} - ]; - "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; - "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; - }; - }; - - networking.firewall.allowedTCPPorts = [80 443]; - } ]; } diff --git a/hosts/hetzner-vpn1/nginx.nix b/hosts/hetzner-vpn1/nginx.nix new file mode 100644 index 0000000..e102194 --- /dev/null +++ b/hosts/hetzner-vpn1/nginx.nix @@ -0,0 +1,52 @@ +{pkgs, ...}: { + security.acme = { + acceptTerms = true; + defaults.email = "acme@zerforschen.plus"; + }; + + security.pam.services.nginx.setEnvironment = false; + systemd.services.nginx.serviceConfig = { + SupplementaryGroups = ["shadow"]; + }; + + services.nginx = { + enable = true; + additionalModules = [pkgs.nginxModules.pam]; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = let + servicesDomain = "services.zerforschen.plus"; + mkServiceConfig = host: port: { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://${host}:${toString port}/"; + extraConfig = '' + # bind to tailscale ip + proxy_bind 100.88.118.60; + # pam auth + limit_except OPTIONS { + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + } + ''; + }; + }; + lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; + pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + in { + "vscode.${servicesDomain}" = lib.mkMerge [ + (mkServiceConfig pc2 8542) + {locations."/" .proxyWebsockets = true;} + ]; + "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; + "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; + }; + }; + + networking.firewall.allowedTCPPorts = [80 443]; +} diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index 02e98ab..b65af8e 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -11,6 +11,7 @@ nixpkgs.lib.nixosSystem { ++ desktop-modules ++ [ ./hardware.nix + ./nginx.nix ../../home/gnome.nix ../../users/vinzenz.nix @@ -18,6 +19,7 @@ nixpkgs.lib.nixosSystem { ../../modules/gaming.nix ../../modules/printing.nix ../../modules/latex.nix + ../../modules/podman.nix { networking.hostName = "vinzenz-lpt2"; @@ -36,44 +38,5 @@ nixpkgs.lib.nixosSystem { # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' #]; } - - { - virtualisation = { - containers.enable = true; - podman = { - enable = true; - dockerCompat = true; - dockerSocket.enable = true; - autoPrune.enable = true; - }; - }; - } - - { - services.nginx = { - enable = true; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - virtualHosts = { - "vinzenz-lpt2" = { - locations."/" = { - proxyPass = "http://127.0.0.1:3000/"; - proxyWebsockets = true; - }; - - serverAliases = ["172.23.42.96"]; - }; - }; - }; - - networking.firewall = { - allowedTCPPorts = [80 8001 3000]; - allowedUDPPorts = [2342]; - }; - } ]; } diff --git a/hosts/vinzenz-lpt2/nginx.nix b/hosts/vinzenz-lpt2/nginx.nix new file mode 100644 index 0000000..74db1c9 --- /dev/null +++ b/hosts/vinzenz-lpt2/nginx.nix @@ -0,0 +1,26 @@ +{...}: { + services.nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = { + "vinzenz-lpt2" = { + locations."/" = { + proxyPass = "http://127.0.0.1:3000/"; + proxyWebsockets = true; + }; + + serverAliases = ["172.23.42.96"]; + }; + }; + }; + + networking.firewall = { + allowedTCPPorts = [80 8001 3000]; + allowedUDPPorts = [2342]; + }; +} diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index 8d9ab6f..827455f 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -11,12 +11,14 @@ nixpkgs.lib.nixosSystem { ++ desktop-modules ++ [ ./hardware.nix + ./vscode-server.nix ../../home/gnome.nix ../../users/vinzenz.nix ../../users/ronja.nix ../../modules/gnome.nix ../../modules/gaming.nix ../../modules/printing.nix + ../../modules/podman.nix { networking.hostName = "vinzenz-pc2"; } @@ -36,25 +38,5 @@ nixpkgs.lib.nixosSystem { ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' ]; } - { - services.openvscode-server = { - enable = true; - telemetryLevel = "off"; - port = 8542; - host = "100.125.93.127"; # tailscale - withoutConnectionToken = true; - extraPackages = with pkgs; [nodejs git gh direnv]; - }; - - virtualisation.podman = { - enable = true; - }; - - networking = { - firewall = { - allowedTCPPorts = [8542 8543 8544 80]; - }; - }; - } ]; } diff --git a/hosts/vinzenz-pc2/vscode-server.nix b/hosts/vinzenz-pc2/vscode-server.nix new file mode 100644 index 0000000..a6645c5 --- /dev/null +++ b/hosts/vinzenz-pc2/vscode-server.nix @@ -0,0 +1,16 @@ +{pkgs, ...}: { + services.openvscode-server = { + enable = true; + telemetryLevel = "off"; + port = 8542; + host = "100.125.93.127"; # tailscale + withoutConnectionToken = true; + extraPackages = with pkgs; [nodejs git gh direnv]; + }; + + networking = { + firewall = { + allowedTCPPorts = [8542 8543 8544 80]; + }; + }; +} diff --git a/modules/podman.nix b/modules/podman.nix new file mode 100644 index 0000000..03532f3 --- /dev/null +++ b/modules/podman.nix @@ -0,0 +1,11 @@ +{...}: { + virtualisation = { + containers.enable = true; + podman = { + enable = true; + dockerCompat = true; + dockerSocket.enable = true; + autoPrune.enable = true; + }; + }; +} From 5b19e487a5e61e1321a0aefa6ae4dd34b122bd3e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 18:27:13 +0200 Subject: [PATCH 114/241] fix missing import --- hosts/hetzner-vpn1/nginx.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/hetzner-vpn1/nginx.nix b/hosts/hetzner-vpn1/nginx.nix index e102194..17b141a 100644 --- a/hosts/hetzner-vpn1/nginx.nix +++ b/hosts/hetzner-vpn1/nginx.nix @@ -1,4 +1,4 @@ -{pkgs, ...}: { +{pkgs, lib, ...}: { security.acme = { acceptTerms = true; defaults.email = "acme@zerforschen.plus"; From 8a53ddb890f82f7e2f0e7d2c480d0b2804822a79 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 27 Oct 2024 10:42:23 +0100 Subject: [PATCH 115/241] rename unfree option, open firewall for steam local network transfer --- common/nixpkgs.nix | 5 ++-- home/vinzenz/vscode.nix | 1 + hosts/hetzner-vpn1/nginx.nix | 6 ++++- hosts/vinzenz-pc2/hardware.nix | 2 +- modules/desktop-environment.nix | 13 ---------- modules/gaming.nix | 42 +++++++++++++++++++++++++++++---- modules/intel-graphics.nix | 2 +- users/vinzenz.nix | 12 ++++++++++ 8 files changed, 60 insertions(+), 23 deletions(-) diff --git a/common/nixpkgs.nix b/common/nixpkgs.nix index 8f5a12b..9bb9184 100644 --- a/common/nixpkgs.nix +++ b/common/nixpkgs.nix @@ -3,7 +3,7 @@ lib, ... }: { - options.my.allowUnfreePackages = lib.mkOption { + options.allowedUnfreePackages = lib.mkOption { type = lib.types.listOf lib.types.str; default = []; example = ["steam"]; @@ -11,7 +11,7 @@ config = { nixpkgs.config = { # https://github.com/NixOS/nixpkgs/issues/197325#issuecomment-1579420085 - allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.my.allowUnfreePackages; + allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.allowedUnfreePackages; }; nix = { @@ -25,6 +25,7 @@ dates = "daily"; options = "--delete-older-than 7d"; }; + optimise.automatic = true; }; system = { diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index e88cef4..b19d1cc 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -17,6 +17,7 @@ mkhl.direnv vadimcn.vscode-lldb ms-dotnettools.csharp + ms-vscode-remote.remote-ssh ]; userSettings = { "git.autofetch" = true; diff --git a/hosts/hetzner-vpn1/nginx.nix b/hosts/hetzner-vpn1/nginx.nix index 17b141a..3db30bf 100644 --- a/hosts/hetzner-vpn1/nginx.nix +++ b/hosts/hetzner-vpn1/nginx.nix @@ -1,4 +1,8 @@ -{pkgs, lib, ...}: { +{ + pkgs, + lib, + ... +}: { security.acme = { acceptTerms = true; defaults.email = "acme@zerforschen.plus"; diff --git a/hosts/vinzenz-pc2/hardware.nix b/hosts/vinzenz-pc2/hardware.nix index 6893194..30661dc 100644 --- a/hosts/vinzenz-pc2/hardware.nix +++ b/hosts/vinzenz-pc2/hardware.nix @@ -15,6 +15,6 @@ fileSystems = import ./fstab.nix; swapDevices = []; - interfaces.eno1.wakeOnLan.enable = true; + networking.interfaces.eno1.wakeOnLan.enable = true; }; } diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index fa0e1b9..b0df118 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -100,19 +100,6 @@ hunspellDicts.en-us-large ]; - nixpkgs.config.permittedInsecurePackages = []; - - my.allowUnfreePackages = [ - "insync" - "insync-pkg" - - "rider" - "pycharm-professional" - "jetbrains-toolbox" - - "anydesk" - ]; - fonts = { enableDefaultPackages = true; fontconfig.defaultFonts.monospace = ["FiraCode Nerd Font"]; diff --git a/modules/gaming.nix b/modules/gaming.nix index 2154d0f..19f46c3 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -34,16 +34,48 @@ enable = true; remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; + gamescopeSession.enable = true; }; gamemode.enable = true; }; - networking.firewall.allowedUDPPorts = [ - # Factorio - 34197 - ]; + networking.firewall = { + allowedUDPPorts = [ + # Factorio + 34197 - my.allowUnfreePackages = [ + # steam network transfer + 3478 + ]; + + allowedTCPPorts = [ + # steam network transfer + 24070 + ]; + + allowedTCPPortRanges = [ + # steam network transfer + { + from = 27015; + to = 27050; + } + ]; + + allowedUDPPortRanges = [ + # steam network transfer + { + from = 4379; + to = 4380; + } + { + from = 27000; + to = 27100; + } + ]; + }; + + allowedUnfreePackages = [ "steam" "steam-original" "steam-run" diff --git a/modules/intel-graphics.nix b/modules/intel-graphics.nix index 35decc0..4ac5f82 100644 --- a/modules/intel-graphics.nix +++ b/modules/intel-graphics.nix @@ -23,6 +23,6 @@ environment.systemPackages = with pkgs; [ nvtopPackages.intel ]; - my.allowUnfreePackages = ["intel-ocl"]; + allowedUnfreePackages = ["intel-ocl"]; }; } diff --git a/users/vinzenz.nix b/users/vinzenz.nix index d4bbde4..e965602 100644 --- a/users/vinzenz.nix +++ b/users/vinzenz.nix @@ -9,5 +9,17 @@ shell = pkgs.zsh; autoSubUidGidRange = true; }; + + allowedUnfreePackages = [ + "vscode-extension-ms-vscode-remote-remote-ssh" + "insync" + "insync-pkg" + + "rider" + "pycharm-professional" + "jetbrains-toolbox" + + "anydesk" + ]; }; } From b78e40ad6a1630405688f0c52a4931b2d72b0b35 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 27 Oct 2024 12:26:59 +0100 Subject: [PATCH 116/241] remove unused declarations --- flake.nix | 2 +- home/default.nix | 7 +------ home/gnome.nix | 1 - home/vinzenz/default.nix | 8 +------- hosts/hetzner-vpn1/default.nix | 1 - hosts/hetzner-vpn1/nginx.nix | 1 - hosts/vinzenz-lpt2/hardware.nix | 6 +----- modules/amd-graphics.nix | 2 -- modules/desktop-environment.nix | 1 - modules/gaming.nix | 1 - modules/gnome.nix | 1 - modules/intel-graphics.nix | 1 - modules/latex.nix | 7 +------ modules/printing.nix | 7 +------ 14 files changed, 6 insertions(+), 40 deletions(-) diff --git a/flake.nix b/flake.nix index 4402c2e..56e3db0 100644 --- a/flake.nix +++ b/flake.nix @@ -11,7 +11,7 @@ }; }; - outputs = inputs @ { + outputs = { nixpkgs, home-manager, lix-module, diff --git a/home/default.nix b/home/default.nix index 2cf09f9..567952f 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: { +{config, ...}: { config = { home-manager = { useGlobalPkgs = true; diff --git a/home/gnome.nix b/home/gnome.nix index c85a98d..47f10b3 100644 --- a/home/gnome.nix +++ b/home/gnome.nix @@ -1,5 +1,4 @@ { - lib, config, pkgs, ... diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index b88bf1c..ff80b8e 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -1,10 +1,4 @@ -inputs @ { - config, - osConfig, - pkgs, - lib, - ... -}: { +inputs @ {pkgs, ...}: { programs = { home-manager.enable = true; fzf.enable = true; diff --git a/hosts/hetzner-vpn1/default.nix b/hosts/hetzner-vpn1/default.nix index d69b3c3..f284bd4 100644 --- a/hosts/hetzner-vpn1/default.nix +++ b/hosts/hetzner-vpn1/default.nix @@ -1,7 +1,6 @@ { nixpkgs, common-modules, - desktop-modules, ... }: nixpkgs.lib.nixosSystem { diff --git a/hosts/hetzner-vpn1/nginx.nix b/hosts/hetzner-vpn1/nginx.nix index 3db30bf..ca9c938 100644 --- a/hosts/hetzner-vpn1/nginx.nix +++ b/hosts/hetzner-vpn1/nginx.nix @@ -40,7 +40,6 @@ ''; }; }; - lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; in { "vscode.${servicesDomain}" = lib.mkMerge [ diff --git a/hosts/vinzenz-lpt2/hardware.nix b/hosts/vinzenz-lpt2/hardware.nix index a6e5ff5..6c53492 100644 --- a/hosts/vinzenz-lpt2/hardware.nix +++ b/hosts/vinzenz-lpt2/hardware.nix @@ -1,8 +1,4 @@ -{ - pkgs, - lib, - ... -}: { +{lib, ...}: { imports = [ ../../modules/intel-graphics.nix ]; diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix index 426119e..c4c2d00 100644 --- a/modules/amd-graphics.nix +++ b/modules/amd-graphics.nix @@ -1,6 +1,4 @@ { - lib, - config, pkgs, ... }: { diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index b0df118..79e4c0f 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -1,7 +1,6 @@ { config, pkgs, - lib, ... }: { config = { diff --git a/modules/gaming.nix b/modules/gaming.nix index 19f46c3..f66f810 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -1,7 +1,6 @@ { config, pkgs, - lib, ... }: { config = { diff --git a/modules/gnome.nix b/modules/gnome.nix index 58fe4ee..5aadbcc 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -1,7 +1,6 @@ { config, pkgs, - lib, ... }: { config = { diff --git a/modules/intel-graphics.nix b/modules/intel-graphics.nix index 4ac5f82..5bbf846 100644 --- a/modules/intel-graphics.nix +++ b/modules/intel-graphics.nix @@ -1,5 +1,4 @@ { - lib, config, pkgs, ... diff --git a/modules/latex.nix b/modules/latex.nix index 93384bb..bee5f21 100644 --- a/modules/latex.nix +++ b/modules/latex.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: { +{pkgs, ...}: { config = { environment.systemPackages = with pkgs; [ fontconfig diff --git a/modules/printing.nix b/modules/printing.nix index f60272e..32f9efc 100644 --- a/modules/printing.nix +++ b/modules/printing.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - lib, - ... -}: { +{...}: { config = { services = { # Enable CUPS to print documents. From b9adba3225d083243f831a58e6b21ad6dc054b0c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 27 Oct 2024 12:33:35 +0100 Subject: [PATCH 117/241] nix fmt rcf-style --- common/default.nix | 3 +- common/globalinstalls.nix | 5 ++- common/i18n.nix | 3 +- common/networking.nix | 3 +- common/nixpkgs.nix | 21 +++++---- flake.nix | 61 ++++++++++++++----------- home/default.nix | 3 +- home/gnome-shared-dconf.nix | 10 ++--- home/gnome.nix | 22 +++------ home/ronja.nix | 11 ++--- home/shared-modules.nix | 4 +- home/vinzenz/default.nix | 3 +- home/vinzenz/vscode.nix | 3 +- home/vinzenz/zsh.nix | 10 ++++- hosts/hetzner-vpn1/default.nix | 70 +++++++++++++---------------- hosts/hetzner-vpn1/hardware.nix | 19 ++++---- hosts/hetzner-vpn1/nginx.nix | 66 ++++++++++++++------------- hosts/vinzenz-lpt2/default.nix | 2 +- hosts/vinzenz-lpt2/hardware.nix | 17 ++++--- hosts/vinzenz-lpt2/nginx.nix | 13 ++++-- hosts/vinzenz-pc2/default.nix | 4 +- hosts/vinzenz-pc2/fstab.nix | 8 ++-- hosts/vinzenz-pc2/hardware.nix | 19 +++++--- hosts/vinzenz-pc2/vscode-server.nix | 17 +++++-- modules/amd-graphics.nix | 20 +++------ modules/desktop-environment.nix | 16 +++---- modules/desktop-hardware.nix | 12 +++-- modules/gaming.nix | 9 ++-- modules/gnome.nix | 12 ++--- modules/intel-graphics.nix | 11 ++--- modules/latex.nix | 3 +- modules/podman.nix | 3 +- modules/printing.nix | 3 +- users/ronja.nix | 10 ++++- users/vinzenz.nix | 12 ++++- 35 files changed, 270 insertions(+), 238 deletions(-) diff --git a/common/default.nix b/common/default.nix index 326c69c..ddbf3bc 100644 --- a/common/default.nix +++ b/common/default.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ imports = [ ./nixpkgs.nix ./globalinstalls.nix diff --git a/common/globalinstalls.nix b/common/globalinstalls.nix index 20bf11d..42dd28e 100644 --- a/common/globalinstalls.nix +++ b/common/globalinstalls.nix @@ -1,7 +1,8 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ config = { environment = { - pathsToLink = ["/share/zsh"]; + pathsToLink = [ "/share/zsh" ]; systemPackages = with pkgs; [ ncdu glances diff --git a/common/i18n.nix b/common/i18n.nix index d3fbebc..ee498a9 100644 --- a/common/i18n.nix +++ b/common/i18n.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ config = { time.timeZone = "Europe/Berlin"; i18n = { diff --git a/common/networking.nix b/common/networking.nix index 94bc82d..05140c2 100644 --- a/common/networking.nix +++ b/common/networking.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ config = { services.openssh = { enable = true; diff --git a/common/nixpkgs.nix b/common/nixpkgs.nix index 9bb9184..d4456be 100644 --- a/common/nixpkgs.nix +++ b/common/nixpkgs.nix @@ -1,12 +1,9 @@ +{ config, lib, ... }: { - config, - lib, - ... -}: { options.allowedUnfreePackages = lib.mkOption { type = lib.types.listOf lib.types.str; - default = []; - example = ["steam"]; + default = [ ]; + example = [ "steam" ]; }; config = { nixpkgs.config = { @@ -16,9 +13,15 @@ nix = { settings = { - substituters = ["https://nix-community.cachix.org" "https://cache.nixos.org/"]; - trusted-public-keys = ["nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="]; - experimental-features = ["nix-command" "flakes"]; + substituters = [ + "https://nix-community.cachix.org" + "https://cache.nixos.org/" + ]; + trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; + experimental-features = [ + "nix-command" + "flakes" + ]; }; gc = { automatic = true; diff --git a/flake.nix b/flake.nix index 56e3db0..2145ecc 100644 --- a/flake.nix +++ b/flake.nix @@ -11,32 +11,41 @@ }; }; - outputs = { - nixpkgs, - home-manager, - lix-module, - ... - }: { - nixosConfigurations = let - host-params = { - inherit nixpkgs; - inherit home-manager; - inherit lix-module; - common-modules = [ - lix-module.nixosModules.default - ./common - ]; - desktop-modules = [ - home-manager.nixosModules.home-manager - ./home - ./modules/desktop-environment.nix - ./modules/desktop-hardware.nix - ]; + outputs = + { + nixpkgs, + home-manager, + lix-module, + ... + }: + { + nixosConfigurations = + let + host-params = { + inherit nixpkgs; + inherit home-manager; + inherit lix-module; + common-modules = [ + lix-module.nixosModules.default + ./common + ]; + desktop-modules = [ + home-manager.nixosModules.home-manager + ./home + ./modules/desktop-environment.nix + ./modules/desktop-hardware.nix + ]; + }; + in + { + vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; + vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; + hetzner-vpn1 = import ./hosts/hetzner-vpn1 host-params; + }; + + formatter = { + x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style; + aarch64-linux = nixpkgs.legacyPackages.aarch64-linux.nixfmt-rfc-style; }; - in { - vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; - vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; - hetzner-vpn1 = import ./hosts/hetzner-vpn1 host-params; }; - }; } diff --git a/home/default.nix b/home/default.nix index 567952f..d59fbbb 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,4 +1,5 @@ -{config, ...}: { +{ config, ... }: +{ config = { home-manager = { useGlobalPkgs = true; diff --git a/home/gnome-shared-dconf.nix b/home/gnome-shared-dconf.nix index 58133e7..3ba7894 100644 --- a/home/gnome-shared-dconf.nix +++ b/home/gnome-shared-dconf.nix @@ -20,7 +20,7 @@ }; "org/gnome/shell" = { disable-user-extensions = false; - disabled-extensions = []; + disabled-extensions = [ ]; enabled-extensions = [ "appindicatorsupport@rgcjonas.gmail.com" "workspace-indicator@gnome-shell-extensions.gcampax.github.com" @@ -34,9 +34,9 @@ show-warning = false; }; "org/gnome/desktop/wm/keybindings" = { - switch-windows = ["Tab"]; - switch-windows-backward = ["Tab"]; - switch-applications = ["Tab"]; - switch-applications-backward = ["Tab"]; + switch-windows = [ "Tab" ]; + switch-windows-backward = [ "Tab" ]; + switch-applications = [ "Tab" ]; + switch-applications-backward = [ "Tab" ]; }; } diff --git a/home/gnome.nix b/home/gnome.nix index 47f10b3..019ae64 100644 --- a/home/gnome.nix +++ b/home/gnome.nix @@ -1,15 +1,11 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { - imports = [ - ../modules/gnome.nix - ]; + imports = [ ../modules/gnome.nix ]; config = { home-manager.sharedModules = [ { - home.packages = with pkgs; + home.packages = + with pkgs; [ amberol gitg @@ -48,14 +44,8 @@ } { - home.packages = with pkgs; - [ - trayscale - ] - ++ (with gnomeExtensions; [ - tailscale-qs - ]); - dconf.settings."org/gnome/shell".enabled-extensions = ["tailscale@joaophi.github.com"]; + home.packages = with pkgs; [ trayscale ] ++ (with gnomeExtensions; [ tailscale-qs ]); + dconf.settings."org/gnome/shell".enabled-extensions = [ "tailscale@joaophi.github.com" ]; } ]; }; diff --git a/home/ronja.nix b/home/ronja.nix index 0457204..c0e0f05 100644 --- a/home/ronja.nix +++ b/home/ronja.nix @@ -1,8 +1,5 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { home.packages = with pkgs; [ ## Apps telegram-desktop @@ -22,7 +19,11 @@ oh-my-zsh = { enable = true; theme = "agnoster"; - plugins = ["git" "sudo" "systemadmin"]; + plugins = [ + "git" + "sudo" + "systemadmin" + ]; }; }; diff --git a/home/shared-modules.nix b/home/shared-modules.nix index 3ad3365..dbc3d59 100644 --- a/home/shared-modules.nix +++ b/home/shared-modules.nix @@ -1,8 +1,6 @@ [ # set stateVersion - { - home.stateVersion = "22.11"; - } + { home.stateVersion = "22.11"; } # make nano the default editor { home = { diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index ff80b8e..2f8890b 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -1,4 +1,5 @@ -inputs @ {pkgs, ...}: { +inputs@{ pkgs, ... }: +{ programs = { home-manager.enable = true; fzf.enable = true; diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index b19d1cc..f44f25b 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ enable = true; package = pkgs.vscodium; enableUpdateCheck = false; diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index c6d011c..9b85c05 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -1,4 +1,5 @@ -{config, ...}: { +{ config, ... }: +{ initExtra = '' eval "$(direnv hook zsh)"; export PATH=$PATH:/home/vinzenz/.cargo/bin @@ -24,6 +25,11 @@ oh-my-zsh = { enable = true; theme = "agnoster"; - plugins = ["git" "sudo" "docker" "systemadmin"]; + plugins = [ + "git" + "sudo" + "docker" + "systemadmin" + ]; }; } diff --git a/hosts/hetzner-vpn1/default.nix b/hosts/hetzner-vpn1/default.nix index f284bd4..e384574 100644 --- a/hosts/hetzner-vpn1/default.nix +++ b/hosts/hetzner-vpn1/default.nix @@ -1,42 +1,34 @@ -{ - nixpkgs, - common-modules, - ... -}: +{ nixpkgs, common-modules, ... }: nixpkgs.lib.nixosSystem { system = "aarch64-linux"; - modules = - common-modules - ++ [ - ./hardware.nix - ./nginx.nix - ../../users/vinzenz.nix - ../../users/ronja.nix - { - networking.hostName = "hetzner-vpn1"; - } - { - # uncomment for build check on non arm system (requires --impure) - # nixpkgs.buildPlatform = builtins.currentSystem; - } - { - users.users = { - root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - ]; - }; - } - ]; + modules = common-modules ++ [ + ./hardware.nix + ./nginx.nix + ../../users/vinzenz.nix + ../../users/ronja.nix + { networking.hostName = "hetzner-vpn1"; } + { + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + } + { + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + ]; + }; + } + ]; } diff --git a/hosts/hetzner-vpn1/hardware.nix b/hosts/hetzner-vpn1/hardware.nix index 7494a08..66be389 100644 --- a/hosts/hetzner-vpn1/hardware.nix +++ b/hosts/hetzner-vpn1/hardware.nix @@ -1,11 +1,6 @@ +{ lib, modulesPath, ... }: { - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config = { nixpkgs = { @@ -26,8 +21,12 @@ }; }; initrd = { - availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"]; - kernelModules = ["nvme"]; + availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "xen_blkfront" + ]; + kernelModules = [ "nvme" ]; }; }; @@ -48,7 +47,7 @@ # This file was populated at runtime with the networking # details gathered from the active system. networking = { - nameservers = ["8.8.8.8"]; + nameservers = [ "8.8.8.8" ]; defaultGateway = "172.31.1.1"; defaultGateway6 = { address = "fe80::1"; diff --git a/hosts/hetzner-vpn1/nginx.nix b/hosts/hetzner-vpn1/nginx.nix index ca9c938..f49ff6f 100644 --- a/hosts/hetzner-vpn1/nginx.nix +++ b/hosts/hetzner-vpn1/nginx.nix @@ -1,8 +1,5 @@ +{ pkgs, lib, ... }: { - pkgs, - lib, - ... -}: { security.acme = { acceptTerms = true; defaults.email = "acme@zerforschen.plus"; @@ -10,46 +7,51 @@ security.pam.services.nginx.setEnvironment = false; systemd.services.nginx.serviceConfig = { - SupplementaryGroups = ["shadow"]; + SupplementaryGroups = [ "shadow" ]; }; services.nginx = { enable = true; - additionalModules = [pkgs.nginxModules.pam]; + additionalModules = [ pkgs.nginxModules.pam ]; recommendedProxySettings = true; recommendedTlsSettings = true; recommendedGzipSettings = true; recommendedOptimisation = true; - virtualHosts = let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = host: port: { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; + virtualHosts = + let + servicesDomain = "services.zerforschen.plus"; + mkServiceConfig = host: port: { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://${host}:${toString port}/"; + extraConfig = '' + # bind to tailscale ip + proxy_bind 100.88.118.60; + # pam auth + limit_except OPTIONS { + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + } + ''; + }; }; + pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + in + { + "vscode.${servicesDomain}" = lib.mkMerge [ + (mkServiceConfig pc2 8542) + { locations."/".proxyWebsockets = true; } + ]; + "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; + "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; }; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - in { - "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig pc2 8542) - {locations."/" .proxyWebsockets = true;} - ]; - "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; - "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; - }; }; - networking.firewall.allowedTCPPorts = [80 443]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; } diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index b65af8e..ab2b42d 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -23,7 +23,7 @@ nixpkgs.lib.nixosSystem { { networking.hostName = "vinzenz-lpt2"; - nix.settings.extra-platforms = ["aarch64-linux"]; + nix.settings.extra-platforms = [ "aarch64-linux" ]; } { diff --git a/hosts/vinzenz-lpt2/hardware.nix b/hosts/vinzenz-lpt2/hardware.nix index 6c53492..82dd975 100644 --- a/hosts/vinzenz-lpt2/hardware.nix +++ b/hosts/vinzenz-lpt2/hardware.nix @@ -1,10 +1,9 @@ -{lib, ...}: { - imports = [ - ../../modules/intel-graphics.nix - ]; +{ lib, ... }: +{ + imports = [ ../../modules/intel-graphics.nix ]; config = { # intel cpu - boot.kernelModules = ["kvm-intel"]; + boot.kernelModules = [ "kvm-intel" ]; hardware.cpu.intel.updateMicrocode = true; boot.loader = { @@ -23,7 +22,11 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; boot.initrd = { - availableKernelModules = ["xhci_pci" "thunderbolt" "nvme"]; + availableKernelModules = [ + "xhci_pci" + "thunderbolt" + "nvme" + ]; luks.devices = { "luks-2c654ff2-3c42-48d3-a1e3-9545679afaa3" = { device = "/dev/disk/by-uuid/2c654ff2-3c42-48d3-a1e3-9545679afaa3"; @@ -35,7 +38,7 @@ "/" = { device = "/dev/disk/by-uuid/e4dad0c8-26a1-45e9-bbd9-48565eb6574e"; fsType = "btrfs"; - options = ["subvol=@"]; + options = [ "subvol=@" ]; }; "/boot" = { diff --git a/hosts/vinzenz-lpt2/nginx.nix b/hosts/vinzenz-lpt2/nginx.nix index 74db1c9..8c82c3f 100644 --- a/hosts/vinzenz-lpt2/nginx.nix +++ b/hosts/vinzenz-lpt2/nginx.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ services.nginx = { enable = true; @@ -14,13 +15,17 @@ proxyWebsockets = true; }; - serverAliases = ["172.23.42.96"]; + serverAliases = [ "172.23.42.96" ]; }; }; }; networking.firewall = { - allowedTCPPorts = [80 8001 3000]; - allowedUDPPorts = [2342]; + allowedTCPPorts = [ + 80 + 8001 + 3000 + ]; + allowedUDPPorts = [ 2342 ]; }; } diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index 827455f..318efab 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -19,9 +19,7 @@ nixpkgs.lib.nixosSystem { ../../modules/gaming.nix ../../modules/printing.nix ../../modules/podman.nix - { - networking.hostName = "vinzenz-pc2"; - } + { networking.hostName = "vinzenz-pc2"; } { home-manager.users = { vinzenz = import ../../home/vinzenz; diff --git a/hosts/vinzenz-pc2/fstab.nix b/hosts/vinzenz-pc2/fstab.nix index 19fd5ff..1c9c7e5 100644 --- a/hosts/vinzenz-pc2/fstab.nix +++ b/hosts/vinzenz-pc2/fstab.nix @@ -2,19 +2,19 @@ "/" = { device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; fsType = "btrfs"; - options = ["subvol=@"]; + options = [ "subvol=@" ]; }; "/home" = { device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; fsType = "btrfs"; - options = ["subvol=@home"]; + options = [ "subvol=@home" ]; }; "/games" = { device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; fsType = "btrfs"; - options = ["subvol=@games"]; + options = [ "subvol=@games" ]; }; "/boot" = { @@ -27,7 +27,7 @@ # this is convenient for managing the flat subvolume hierarchy device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; fsType = "btrfs"; - options = ["subvolid=5"]; + options = [ "subvolid=5" ]; }; "/mnt/ssd2" = { diff --git a/hosts/vinzenz-pc2/hardware.nix b/hosts/vinzenz-pc2/hardware.nix index 30661dc..316d9a2 100644 --- a/hosts/vinzenz-pc2/hardware.nix +++ b/hosts/vinzenz-pc2/hardware.nix @@ -1,19 +1,24 @@ -{...}: { - imports = [ - ../../modules/amd-graphics.nix - ]; +{ ... }: +{ + imports = [ ../../modules/amd-graphics.nix ]; config = { # amd cpu - boot.kernelModules = ["kvm-amd"]; + boot.kernelModules = [ "kvm-amd" ]; hardware.cpu.amd.updateMicrocode = true; boot = { - initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "sd_mod"]; # "usb_storage" + initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usbhid" + "sd_mod" + ]; # "usb_storage" loader.efi.efiSysMountPoint = "/boot"; }; fileSystems = import ./fstab.nix; - swapDevices = []; + swapDevices = [ ]; networking.interfaces.eno1.wakeOnLan.enable = true; }; diff --git a/hosts/vinzenz-pc2/vscode-server.nix b/hosts/vinzenz-pc2/vscode-server.nix index a6645c5..6f8e2d4 100644 --- a/hosts/vinzenz-pc2/vscode-server.nix +++ b/hosts/vinzenz-pc2/vscode-server.nix @@ -1,16 +1,27 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ services.openvscode-server = { enable = true; telemetryLevel = "off"; port = 8542; host = "100.125.93.127"; # tailscale withoutConnectionToken = true; - extraPackages = with pkgs; [nodejs git gh direnv]; + extraPackages = with pkgs; [ + nodejs + git + gh + direnv + ]; }; networking = { firewall = { - allowedTCPPorts = [8542 8543 8544 80]; + allowedTCPPorts = [ + 8542 + 8543 + 8544 + 80 + ]; }; }; } diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix index c4c2d00..8a62194 100644 --- a/modules/amd-graphics.nix +++ b/modules/amd-graphics.nix @@ -1,22 +1,14 @@ +{ pkgs, ... }: { - pkgs, - ... -}: { config = { - boot.kernelModules = ["amdgpu"]; - services.xserver.videoDrivers = ["amdgpu"]; + boot.kernelModules = [ "amdgpu" ]; + services.xserver.videoDrivers = [ "amdgpu" ]; hardware.opengl = { - extraPackages = with pkgs; [ - amdvlk - ]; - extraPackages32 = with pkgs; [ - driversi686Linux.amdvlk - ]; + extraPackages = with pkgs; [ amdvlk ]; + extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ]; }; - environment.systemPackages = with pkgs; [ - nvtopPackages.amd - ]; + environment.systemPackages = with pkgs; [ nvtopPackages.amd ]; }; } diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index 79e4c0f..d3a7a10 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -1,8 +1,5 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { config = { services = { xserver.enable = true; @@ -31,7 +28,10 @@ kdeconnect.enable = true; firefox = { enable = true; - languagePacks = ["en-US" "de"]; + languagePacks = [ + "en-US" + "de" + ]; }; nix-ld = { enable = true; @@ -101,10 +101,8 @@ fonts = { enableDefaultPackages = true; - fontconfig.defaultFonts.monospace = ["FiraCode Nerd Font"]; - packages = with pkgs; [ - (nerdfonts.override {fonts = ["FiraCode"];}) - ]; + fontconfig.defaultFonts.monospace = [ "FiraCode Nerd Font" ]; + packages = with pkgs; [ (nerdfonts.override { fonts = [ "FiraCode" ]; }) ]; }; hardware.logitech.wireless = { diff --git a/modules/desktop-hardware.nix b/modules/desktop-hardware.nix index ac8be03..62d0ab9 100644 --- a/modules/desktop-hardware.nix +++ b/modules/desktop-hardware.nix @@ -3,13 +3,17 @@ pkgs, config, ... -}: { +}: +{ config = { boot = { kernelPackages = pkgs.linuxPackages_zen; - kernelParams = ["quiet" "udev.log_level=3"]; - supportedFilesystems = ["btrfs"]; - initrd.supportedFilesystems = ["btrfs"]; + kernelParams = [ + "quiet" + "udev.log_level=3" + ]; + supportedFilesystems = [ "btrfs" ]; + initrd.supportedFilesystems = [ "btrfs" ]; consoleLogLevel = 0; initrd.verbose = false; plymouth.enable = true; diff --git a/modules/gaming.nix b/modules/gaming.nix index f66f810..c069b9a 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -1,15 +1,12 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { config = { hardware = { opengl = { driSupport = true; driSupport32Bit = true; - extraPackages = with pkgs; [mangohud]; - extraPackages32 = with pkgs; [mangohud]; + extraPackages = with pkgs; [ mangohud ]; + extraPackages32 = with pkgs; [ mangohud ]; }; steam-hardware.enable = true; diff --git a/modules/gnome.nix b/modules/gnome.nix index 5aadbcc..49a4d0e 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -1,8 +1,5 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { config = { services = { xserver = { @@ -41,9 +38,12 @@ pkgs.gnome-tour ]; - environment.systemPackages = with pkgs; [gnome.ghex impression]; + environment.systemPackages = with pkgs; [ + gnome.ghex + impression + ]; # RDP connections - networking.firewall.allowedTCPPorts = [3389]; + networking.firewall.allowedTCPPorts = [ 3389 ]; }; } diff --git a/modules/intel-graphics.nix b/modules/intel-graphics.nix index 5bbf846..3d5655f 100644 --- a/modules/intel-graphics.nix +++ b/modules/intel-graphics.nix @@ -1,8 +1,5 @@ +{ config, pkgs, ... }: { - config, - pkgs, - ... -}: { config = { hardware.opengl = { extraPackages = with pkgs; [ @@ -19,9 +16,7 @@ libvdpau-va-gl ]; }; - environment.systemPackages = with pkgs; [ - nvtopPackages.intel - ]; - allowedUnfreePackages = ["intel-ocl"]; + environment.systemPackages = with pkgs; [ nvtopPackages.intel ]; + allowedUnfreePackages = [ "intel-ocl" ]; }; } diff --git a/modules/latex.nix b/modules/latex.nix index bee5f21..3d097f8 100644 --- a/modules/latex.nix +++ b/modules/latex.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ config = { environment.systemPackages = with pkgs; [ fontconfig diff --git a/modules/podman.nix b/modules/podman.nix index 03532f3..eb1914b 100644 --- a/modules/podman.nix +++ b/modules/podman.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ virtualisation = { containers.enable = true; podman = { diff --git a/modules/printing.nix b/modules/printing.nix index 32f9efc..b198d6c 100644 --- a/modules/printing.nix +++ b/modules/printing.nix @@ -1,4 +1,5 @@ -{...}: { +{ ... }: +{ config = { services = { # Enable CUPS to print documents. diff --git a/users/ronja.nix b/users/ronja.nix index b8a271d..547f31b 100644 --- a/users/ronja.nix +++ b/users/ronja.nix @@ -1,4 +1,5 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ config = { # Define user account users.users.ronja = { @@ -6,7 +7,12 @@ name = "ronja"; description = "Ronja"; home = "/home/ronja"; - extraGroups = ["networkmanager" "wheel" "games" "podman"]; + extraGroups = [ + "networkmanager" + "wheel" + "games" + "podman" + ]; shell = pkgs.zsh; }; }; diff --git a/users/vinzenz.nix b/users/vinzenz.nix index e965602..77bc2a1 100644 --- a/users/vinzenz.nix +++ b/users/vinzenz.nix @@ -1,11 +1,19 @@ -{pkgs, ...}: { +{ pkgs, ... }: +{ config = { users.users.vinzenz = { isNormalUser = true; name = "vinzenz"; description = "Vinzenz"; home = "/home/vinzenz"; - extraGroups = ["networkmanager" "wheel" "games" "dialout" "podman" "nginx"]; + extraGroups = [ + "networkmanager" + "wheel" + "games" + "dialout" + "podman" + "nginx" + ]; shell = pkgs.zsh; autoSubUidGidRange = true; }; From d0a6abd2d89c48437ed20810322286ec4b80b1d4 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 27 Oct 2024 12:42:26 +0100 Subject: [PATCH 118/241] statix fix --- common/i18n.nix | 2 +- common/networking.nix | 2 +- home/vinzenz/zsh.nix | 3 +++ hosts/vinzenz-lpt2/nginx.nix | 2 +- modules/podman.nix | 2 +- modules/printing.nix | 2 +- 6 files changed, 8 insertions(+), 5 deletions(-) diff --git a/common/i18n.nix b/common/i18n.nix index ee498a9..2903648 100644 --- a/common/i18n.nix +++ b/common/i18n.nix @@ -1,4 +1,4 @@ -{ ... }: +_: { config = { time.timeZone = "Europe/Berlin"; diff --git a/common/networking.nix b/common/networking.nix index 05140c2..6bcfb50 100644 --- a/common/networking.nix +++ b/common/networking.nix @@ -1,4 +1,4 @@ -{ ... }: +_: { config = { services.openssh = { diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 9b85c05..5aa3fcb 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -14,6 +14,9 @@ my-test = "sudo nixos-rebuild test"; my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; my-ip4 = "ip addr show | grep 192"; + deadnix = "nix run github:astro/deadnix -- "; + statix = "nix run git+https://git.peppe.rs/languages/statix -- "; + my-nix-fixup = "deadnix -e && statix fix"; }; history = { diff --git a/hosts/vinzenz-lpt2/nginx.nix b/hosts/vinzenz-lpt2/nginx.nix index 8c82c3f..76378f7 100644 --- a/hosts/vinzenz-lpt2/nginx.nix +++ b/hosts/vinzenz-lpt2/nginx.nix @@ -1,4 +1,4 @@ -{ ... }: +_: { services.nginx = { enable = true; diff --git a/modules/podman.nix b/modules/podman.nix index eb1914b..8d37dd6 100644 --- a/modules/podman.nix +++ b/modules/podman.nix @@ -1,4 +1,4 @@ -{ ... }: +_: { virtualisation = { containers.enable = true; diff --git a/modules/printing.nix b/modules/printing.nix index b198d6c..b7171ad 100644 --- a/modules/printing.nix +++ b/modules/printing.nix @@ -1,4 +1,4 @@ -{ ... }: +_: { config = { services = { From f3e61c58cc027d6fad1cf16ad81bab58c186fcf1 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 31 Oct 2024 13:50:31 +0100 Subject: [PATCH 119/241] flake update --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 5881a01..6b14b4c 100644 --- a/flake.lock +++ b/flake.lock @@ -82,7 +82,7 @@ "narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=", "rev": "9098ac95768f7006d7e070b88bae76939f6034e6", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz?rev=9098ac95768f7006d7e070b88bae76939f6034e6" }, "original": { "type": "tarball", @@ -91,11 +91,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1729691686, - "narHash": "sha256-BAuPWW+9fa1moZTU+jFh+1cUtmsuF8asgzFwejM4wac=", + "lastModified": 1730137625, + "narHash": "sha256-9z8oOgFZiaguj+bbi3k4QhAD6JabWrnv7fscC/mt0KE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "32e940c7c420600ef0d1ef396dc63b04ee9cad37", + "rev": "64b80bfb316b57cdb8919a9110ef63393d74382a", "type": "github" }, "original": { From 50f8fa7953f9aa72e33a20e0cea3940626f69ca7 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Nov 2024 12:51:20 +0100 Subject: [PATCH 120/241] update --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6b14b4c..dc6b7a5 100644 --- a/flake.lock +++ b/flake.lock @@ -91,11 +91,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730137625, - "narHash": "sha256-9z8oOgFZiaguj+bbi3k4QhAD6JabWrnv7fscC/mt0KE=", + "lastModified": 1731797254, + "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "64b80bfb316b57cdb8919a9110ef63393d74382a", + "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", "type": "github" }, "original": { From f09ef591c37e408c5c0a828cc344c1b229c2c846 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Nov 2024 13:18:32 +0100 Subject: [PATCH 121/241] add extra platforms to be able to compile 32bit libraries and cross-compile for arm --- hosts/vinzenz-lpt2/default.nix | 5 ++++- hosts/vinzenz-pc2/default.nix | 8 +++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index ab2b42d..61dcfc2 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -23,7 +23,10 @@ nixpkgs.lib.nixosSystem { { networking.hostName = "vinzenz-lpt2"; - nix.settings.extra-platforms = [ "aarch64-linux" ]; + nix.settings.extra-platforms = [ + "aarch64-linux" + "i686-linux" + ]; } { diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index 318efab..c8535c8 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -19,7 +19,13 @@ nixpkgs.lib.nixosSystem { ../../modules/gaming.nix ../../modules/printing.nix ../../modules/podman.nix - { networking.hostName = "vinzenz-pc2"; } + { + networking.hostName = "vinzenz-pc2"; + nix.settings.extra-platforms = [ + "aarch64-linux" + "i686-linux" + ]; + } { home-manager.users = { vinzenz = import ../../home/vinzenz; From 96243b2f0646882560f8fc32536f4c008f39e63c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Nov 2024 13:18:43 +0100 Subject: [PATCH 122/241] nix fmt --- common/i18n.nix | 3 +-- common/networking.nix | 3 +-- hosts/vinzenz-lpt2/nginx.nix | 3 +-- modules/podman.nix | 3 +-- modules/printing.nix | 3 +-- 5 files changed, 5 insertions(+), 10 deletions(-) diff --git a/common/i18n.nix b/common/i18n.nix index 2903648..c9506ad 100644 --- a/common/i18n.nix +++ b/common/i18n.nix @@ -1,5 +1,4 @@ -_: -{ +_: { config = { time.timeZone = "Europe/Berlin"; i18n = { diff --git a/common/networking.nix b/common/networking.nix index 6bcfb50..a6a8d03 100644 --- a/common/networking.nix +++ b/common/networking.nix @@ -1,5 +1,4 @@ -_: -{ +_: { config = { services.openssh = { enable = true; diff --git a/hosts/vinzenz-lpt2/nginx.nix b/hosts/vinzenz-lpt2/nginx.nix index 76378f7..c0715f0 100644 --- a/hosts/vinzenz-lpt2/nginx.nix +++ b/hosts/vinzenz-lpt2/nginx.nix @@ -1,5 +1,4 @@ -_: -{ +_: { services.nginx = { enable = true; diff --git a/modules/podman.nix b/modules/podman.nix index 8d37dd6..abecea4 100644 --- a/modules/podman.nix +++ b/modules/podman.nix @@ -1,5 +1,4 @@ -_: -{ +_: { virtualisation = { containers.enable = true; podman = { diff --git a/modules/printing.nix b/modules/printing.nix index b7171ad..4b74421 100644 --- a/modules/printing.nix +++ b/modules/printing.nix @@ -1,5 +1,4 @@ -_: -{ +_: { config = { services = { # Enable CUPS to print documents. From 3b10a0f21168eafb6632c0204bdfc95a82d773db Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Nov 2024 15:16:45 +0100 Subject: [PATCH 123/241] update to nixos 24.11 --- flake.lock | 16 ++++++++-------- flake.nix | 4 ++-- home/gnome.nix | 4 +--- home/vinzenz/default.nix | 2 +- modules/amd-graphics.nix | 2 +- modules/desktop-environment.nix | 1 - modules/gaming.nix | 6 +++--- modules/gnome.nix | 10 +++++----- modules/intel-graphics.nix | 2 +- 9 files changed, 22 insertions(+), 25 deletions(-) diff --git a/flake.lock b/flake.lock index dc6b7a5..6882354 100644 --- a/flake.lock +++ b/flake.lock @@ -40,16 +40,16 @@ ] }, "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "lastModified": 1732319136, + "narHash": "sha256-wpmPl6FkAF9Jj5C/rzANgpUjfzQrUYOn267LnzKU2uI=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "rev": "f8831cc700030e11fc91da9ef6270593e6440edc", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.05", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -91,16 +91,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1731797254, - "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", + "lastModified": 1731755305, + "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", + "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 2145ecc..d954d1a 100644 --- a/flake.nix +++ b/flake.nix @@ -1,8 +1,8 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; home-manager = { - url = "github:nix-community/home-manager/release-24.05"; + url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; lix-module = { diff --git a/home/gnome.nix b/home/gnome.nix index 019ae64..253e4d0 100644 --- a/home/gnome.nix +++ b/home/gnome.nix @@ -13,14 +13,12 @@ meld simple-scan pinta - ] - ++ (with gnome; [ dconf-editor gpaste # graphical installer for flatpak apps gnome-software - ]) + ] ++ (with gnomeExtensions; [ caffeine appindicator diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 2f8890b..556a664 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -16,7 +16,7 @@ inputs@{ pkgs, ... }: eza = { enable = true; git = true; - icons = true; + icons = "auto"; extraOptions = [ "--group-directories-first" "--header" diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix index 8a62194..ec9ec02 100644 --- a/modules/amd-graphics.nix +++ b/modules/amd-graphics.nix @@ -4,7 +4,7 @@ boot.kernelModules = [ "amdgpu" ]; services.xserver.videoDrivers = [ "amdgpu" ]; - hardware.opengl = { + hardware.graphics = { extraPackages = with pkgs; [ amdvlk ]; extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ]; }; diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index d3a7a10..e4eb0ed 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -13,7 +13,6 @@ }; # Enable sound with pipewire. - sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { diff --git a/modules/gaming.nix b/modules/gaming.nix index c069b9a..4a4bebd 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -2,9 +2,8 @@ { config = { hardware = { - opengl = { - driSupport = true; - driSupport32Bit = true; + graphics = { + enable32Bit = true; extraPackages = with pkgs; [ mangohud ]; extraPackages32 = with pkgs; [ mangohud ]; }; @@ -75,6 +74,7 @@ "steam" "steam-original" "steam-run" + "steam-unwrapped" ]; }; } diff --git a/modules/gnome.nix b/modules/gnome.nix index 49a4d0e..6689ebc 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -13,8 +13,8 @@ displayManager.defaultSession = "gnome"; gnome = { - tracker-miners.enable = false; - tracker.enable = false; + tinysparql.enable = false; + localsearch.enable = false; sushi.enable = true; gnome-remote-desktop.enable = true; }; @@ -27,7 +27,7 @@ }; # remove some gnome default apps - environment.gnome.excludePackages = with pkgs.gnome; [ + environment.gnome.excludePackages = with pkgs; [ cheese # photo booth epiphany # web browser evince # document viewer @@ -35,11 +35,11 @@ gnome-maps gnome-weather gnome-music - pkgs.gnome-tour + gnome-tour ]; environment.systemPackages = with pkgs; [ - gnome.ghex + ghex impression ]; diff --git a/modules/intel-graphics.nix b/modules/intel-graphics.nix index 3d5655f..3e36301 100644 --- a/modules/intel-graphics.nix +++ b/modules/intel-graphics.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: { config = { - hardware.opengl = { + hardware.graphics = { extraPackages = with pkgs; [ intel-media-driver vaapiIntel From 44b17a0648c70b1e5cf0c45a303dbc183e7bd12c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 24 Nov 2024 18:10:44 +0100 Subject: [PATCH 124/241] add phone config --- flake.lock | 214 +++++++++++++++++++++++++++++++++++++++- flake.nix | 26 ++++- home/vinzenz/git.nix | 6 ++ hosts/droid/default.nix | 14 +++ hosts/droid/sshd.nix | 37 +++++++ hosts/droid/stuff.nix | 23 +++++ 6 files changed, 318 insertions(+), 2 deletions(-) create mode 100644 hosts/droid/default.nix create mode 100644 hosts/droid/sshd.nix create mode 100644 hosts/droid/stuff.nix diff --git a/flake.lock b/flake.lock index 6882354..2f92a2f 100644 --- a/flake.lock +++ b/flake.lock @@ -54,6 +54,48 @@ "type": "github" } }, + "home-manager-droid": { + "inputs": { + "nixpkgs": [ + "nixpkgs-droid" + ] + }, + "locked": { + "lastModified": 1726989464, + "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nix-on-droid", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709445365, + "narHash": "sha256-DVv6nd9FQBbMWbOmhq0KVqmlc3y3FMSYl49UXmMcO+0=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "4de84265d7ec7634a69ba75028696d74de9a44a7", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, "lix": { "flake": false, "locked": { @@ -89,6 +131,55 @@ "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz" } }, + "nix-formatter-pack": { + "inputs": { + "nixpkgs": [ + "nix-on-droid", + "nixpkgs" + ], + "nmd": "nmd", + "nmt": "nmt" + }, + "locked": { + "lastModified": 1705252799, + "narHash": "sha256-HgSTREh7VoXjGgNDwKQUYcYo13rPkltW7IitHrTPA5c=", + "owner": "Gerschtli", + "repo": "nix-formatter-pack", + "rev": "2de39dedd79aab14c01b9e2934842051a160ffa5", + "type": "github" + }, + "original": { + "owner": "Gerschtli", + "repo": "nix-formatter-pack", + "type": "github" + } + }, + "nix-on-droid": { + "inputs": { + "home-manager": "home-manager_2", + "nix-formatter-pack": "nix-formatter-pack", + "nixpkgs": [ + "nixpkgs-droid" + ], + "nixpkgs-docs": "nixpkgs-docs", + "nixpkgs-for-bootstrap": "nixpkgs-for-bootstrap", + "nmd": "nmd_2" + }, + "locked": { + "lastModified": 1720396533, + "narHash": "sha256-UFzk/hZWO1VkciIO5UPaSpJN8s765wsngUSvtJM6d5Q=", + "owner": "nix-community", + "repo": "nix-on-droid", + "rev": "f3d3b8294039f2f9a8fb7ea82c320f29c6b0fe25", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.05", + "repo": "nix-on-droid", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1731755305, @@ -105,11 +196,132 @@ "type": "github" } }, + "nixpkgs-docs": { + "locked": { + "lastModified": 1705957679, + "narHash": "sha256-Q8LJaVZGJ9wo33wBafvZSzapYsjOaNjP/pOnSiKVGHY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9a333eaa80901efe01df07eade2c16d183761fa3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-droid": { + "locked": { + "lastModified": 1731797254, + "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-for-bootstrap": { + "locked": { + "lastModified": 1720244366, + "narHash": "sha256-WrDV0FPMVd2Sq9hkR5LNHudS3OSMmUrs90JUTN+MXpA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "49ee0e94463abada1de470c9c07bfc12b36dcf40", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "49ee0e94463abada1de470c9c07bfc12b36dcf40", + "type": "github" + } + }, + "nmd": { + "flake": false, + "locked": { + "lastModified": 1666190571, + "narHash": "sha256-Z1hc7M9X6L+H83o9vOprijpzhTfOBjd0KmUTnpHAVjA=", + "owner": "rycee", + "repo": "nmd", + "rev": "b75d312b4f33bd3294cd8ae5c2ca8c6da2afc169", + "type": "gitlab" + }, + "original": { + "owner": "rycee", + "repo": "nmd", + "type": "gitlab" + } + }, + "nmd_2": { + "inputs": { + "nixpkgs": [ + "nix-on-droid", + "nixpkgs-docs" + ], + "scss-reset": "scss-reset" + }, + "locked": { + "lastModified": 1705050560, + "narHash": "sha256-x3zzcdvhJpodsmdjqB4t5mkVW22V3wqHLOun0KRBzUI=", + "owner": "~rycee", + "repo": "nmd", + "rev": "66d9334933119c36f91a78d565c152a4fdc8d3d3", + "type": "sourcehut" + }, + "original": { + "owner": "~rycee", + "repo": "nmd", + "type": "sourcehut" + } + }, + "nmt": { + "flake": false, + "locked": { + "lastModified": 1648075362, + "narHash": "sha256-u36WgzoA84dMVsGXzml4wZ5ckGgfnvS0ryzo/3zn/Pc=", + "owner": "rycee", + "repo": "nmt", + "rev": "d83601002c99b78c89ea80e5e6ba21addcfe12ae", + "type": "gitlab" + }, + "original": { + "owner": "rycee", + "repo": "nmt", + "type": "gitlab" + } + }, "root": { "inputs": { "home-manager": "home-manager", + "home-manager-droid": "home-manager-droid", "lix-module": "lix-module", - "nixpkgs": "nixpkgs" + "nix-on-droid": "nix-on-droid", + "nixpkgs": "nixpkgs", + "nixpkgs-droid": "nixpkgs-droid" + } + }, + "scss-reset": { + "flake": false, + "locked": { + "lastModified": 1631450058, + "narHash": "sha256-muDlZJPtXDIGevSEWkicPP0HQ6VtucbkMNygpGlBEUM=", + "owner": "andreymatin", + "repo": "scss-reset", + "rev": "0cf50e27a4e95e9bb5b1715eedf9c54dee1a5a91", + "type": "github" + }, + "original": { + "owner": "andreymatin", + "repo": "scss-reset", + "type": "github" } }, "systems": { diff --git a/flake.nix b/flake.nix index d954d1a..d730c86 100644 --- a/flake.nix +++ b/flake.nix @@ -1,22 +1,40 @@ { inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + home-manager = { url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; + lix-module = { url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; + + nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-24.05"; + + nix-on-droid = { + url = "github:nix-community/nix-on-droid/release-24.05"; + inputs.nixpkgs.follows = "nixpkgs-droid"; + }; + + home-manager-droid = { + url = "github:nix-community/home-manager/release-24.05"; + inputs.nixpkgs.follows = "nixpkgs-droid"; + }; + }; outputs = { + self, nixpkgs, home-manager, lix-module, - ... + nixpkgs-droid, + nix-on-droid, + home-manager-droid, }: { nixosConfigurations = @@ -43,6 +61,12 @@ hetzner-vpn1 = import ./hosts/hetzner-vpn1 host-params; }; + nixOnDroidConfigurations.default = import ./hosts/droid { + inherit nix-on-droid; + nixpkgs = nixpkgs-droid; + home-manager = home-manager-droid; + }; + formatter = { x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style; aarch64-linux = nixpkgs.legacyPackages.aarch64-linux.nixfmt-rfc-style; diff --git a/home/vinzenz/git.nix b/home/vinzenz/git.nix index bb64f13..f219d60 100644 --- a/home/vinzenz/git.nix +++ b/home/vinzenz/git.nix @@ -13,4 +13,10 @@ merge.tool = "kdiff3"; push.autoSetupRemote = "true"; }; + + ignores = [ + ".direnv" + ".idea" + ".envrc" + ]; } diff --git a/hosts/droid/default.nix b/hosts/droid/default.nix new file mode 100644 index 0000000..9384457 --- /dev/null +++ b/hosts/droid/default.nix @@ -0,0 +1,14 @@ +{ + nixpkgs, + nix-on-droid, + home-manager, + ... +}: +nix-on-droid.lib.nixOnDroidConfiguration { + pkgs = import nixpkgs { system = "aarch64-linux"; }; + modules = [ + home-manager.nixosModules.home-manager + ./sshd.nix + ./stuff.nix + ]; +} diff --git a/hosts/droid/sshd.nix b/hosts/droid/sshd.nix new file mode 100644 index 0000000..4ab5207 --- /dev/null +++ b/hosts/droid/sshd.nix @@ -0,0 +1,37 @@ +{ config, pkgs, ... }: +let + sshdTmpDirectory = "${config.user.home}/sshd-tmp"; + sshdDirectory = "${config.user.home}/sshd"; + pubKeys = '' + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming + ''; + port = 8022; +in +{ + build.activation.sshd = '' + $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh" + $DRY_RUN_CMD echo "${pubKeys}" > "${config.user.home}/.ssh/authorized_keys" + + if [[ ! -d "${sshdDirectory}" ]]; then + $DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}" + $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${sshdTmpDirectory}" + + $VERBOSE_ECHO "Generating host keys..." + $DRY_RUN_CMD ${pkgs.openssh}/bin/ssh-keygen -t rsa -b 4096 -f "${sshdTmpDirectory}/ssh_host_rsa_key" -N "" + + $VERBOSE_ECHO "Writing sshd_config..." + $DRY_RUN_CMD echo -e "HostKey ${sshdDirectory}/ssh_host_rsa_key\nPort ${toString port}\n" > "${sshdTmpDirectory}/sshd_config" + + $DRY_RUN_CMD mv $VERBOSE_ARG "${sshdTmpDirectory}" "${sshdDirectory}" + fi + ''; + + environment.packages = [ + (pkgs.writeScriptBin "sshd-start" '' + #!${pkgs.runtimeShell} + + echo "Starting sshd in non-daemonized way on port ${toString port}" + ${pkgs.openssh}/bin/sshd -f "${sshdDirectory}/sshd_config" -D + '') + ]; +} diff --git a/hosts/droid/stuff.nix b/hosts/droid/stuff.nix new file mode 100644 index 0000000..c13094a --- /dev/null +++ b/hosts/droid/stuff.nix @@ -0,0 +1,23 @@ +{ + pkgs, + ... +}: +{ + environment.packages = with pkgs; [ + nano + hostname + zsh + openssh + which + curl + ]; + + # Backup etc files instead of failing to activate generation if a file already exists in /etc + environment.etcBackupExtension = ".bak"; + + system.stateVersion = "24.05"; + nix.extraOptions = '' + experimental-features = nix-command flakes + ''; + time.timeZone = "Europe/Berlin"; +} From 04ef22593a5d062b5da4985fec49d42dccb6647e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Dec 2024 10:03:30 +0100 Subject: [PATCH 125/241] update intel graphics config --- flake.lock | 18 +++++++++--------- home/vinzenz/zsh.nix | 7 +++---- hosts/vinzenz-lpt2/hardware.nix | 5 ++++- modules/intel-graphics.nix | 12 +++++------- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 2f92a2f..a196a08 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1732319136, - "narHash": "sha256-wpmPl6FkAF9Jj5C/rzANgpUjfzQrUYOn267LnzKU2uI=", + "lastModified": 1732466619, + "narHash": "sha256-T1e5oceypZu3Q8vzICjv1X/sGs9XfJRMW5OuXHgpB3c=", "owner": "nix-community", "repo": "home-manager", - "rev": "f8831cc700030e11fc91da9ef6270593e6440edc", + "rev": "f3111f62a23451114433888902a55cf0692b408d", "type": "github" }, "original": { @@ -182,11 +182,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1731755305, - "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=", + "lastModified": 1732350895, + "narHash": "sha256-GcOQbOgmwlsRhpLGSwZJwLbo3pu9ochMETuRSS1xpz4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4", + "rev": "0c582677378f2d9ffcb01490af2f2c678dcb29d3", "type": "github" }, "original": { @@ -214,11 +214,11 @@ }, "nixpkgs-droid": { "locked": { - "lastModified": 1731797254, - "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", + "lastModified": 1732749044, + "narHash": "sha256-T38FQOg0BV5M8FN1712fovzNakSOENEYs+CSkg31C9Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", + "rev": "0c5b4ecbed5b155b705336aa96d878e55acd8685", "type": "github" }, "original": { diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 5aa3fcb..fd252a2 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -6,9 +6,9 @@ ''; shellAliases = { - my-apply = "sudo nixos-rebuild boot"; - my-switch = "sudo nixos-rebuild switch"; - my-update = "sudo nixos-rebuild boot --upgrade"; + my-apply = "sudo nixos-rebuild boot --flake"; + my-switch = "sudo nixos-rebuild switch --flake"; + my-update = "sudo nixos-rebuild boot --upgrade --flake"; my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; my-fmt = "alejandra ."; my-test = "sudo nixos-rebuild test"; @@ -16,7 +16,6 @@ my-ip4 = "ip addr show | grep 192"; deadnix = "nix run github:astro/deadnix -- "; statix = "nix run git+https://git.peppe.rs/languages/statix -- "; - my-nix-fixup = "deadnix -e && statix fix"; }; history = { diff --git a/hosts/vinzenz-lpt2/hardware.nix b/hosts/vinzenz-lpt2/hardware.nix index 82dd975..f51ccd1 100644 --- a/hosts/vinzenz-lpt2/hardware.nix +++ b/hosts/vinzenz-lpt2/hardware.nix @@ -3,7 +3,10 @@ imports = [ ../../modules/intel-graphics.nix ]; config = { # intel cpu - boot.kernelModules = [ "kvm-intel" ]; + boot.kernelModules = [ + "kvm-intel" + "xe" + ]; hardware.cpu.intel.updateMicrocode = true; boot.loader = { diff --git a/modules/intel-graphics.nix b/modules/intel-graphics.nix index 3e36301..f23b357 100644 --- a/modules/intel-graphics.nix +++ b/modules/intel-graphics.nix @@ -4,16 +4,14 @@ hardware.graphics = { extraPackages = with pkgs; [ intel-media-driver - vaapiIntel - vaapiVdpau - libvdpau-va-gl + intel-vaapi-driver intel-ocl + intel-compute-runtime + vpl-gpu-rt ]; - extraPackages32 = with pkgs.pkgsi686Linux; [ + extraPackages32 = with pkgs.driversi686Linux; [ + intel-vaapi-driver intel-media-driver - vaapiIntel - vaapiVdpau - libvdpau-va-gl ]; }; environment.systemPackages = with pkgs; [ nvtopPackages.intel ]; From 582d0094e78e37a58f707cf6c4485738e6dda2d2 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Dec 2024 11:29:24 +0100 Subject: [PATCH 126/241] remove more gnome default apps --- home/gnome-shared-dconf.nix | 8 ++++++++ home/gnome.nix | 5 ++--- home/vinzenz/default.nix | 3 --- hosts/vinzenz-lpt2/default.nix | 1 - modules/gnome.nix | 20 ++++++++++++++++---- 5 files changed, 26 insertions(+), 11 deletions(-) diff --git a/home/gnome-shared-dconf.nix b/home/gnome-shared-dconf.nix index 3ba7894..32b7657 100644 --- a/home/gnome-shared-dconf.nix +++ b/home/gnome-shared-dconf.nix @@ -22,12 +22,14 @@ disable-user-extensions = false; disabled-extensions = [ ]; enabled-extensions = [ + "tailscale@joaophi.github.com" "appindicatorsupport@rgcjonas.gmail.com" "workspace-indicator@gnome-shell-extensions.gcampax.github.com" "caffeine@patapon.info" "GPaste@gnome-shell-extensions.gnome.org" "gsconnect@andyholmes.github.io" "solaar-extension@sidevesh" + "AlphabeticalAppGrid@stuarthayhurst" ]; }; "ca/desrt/dconf-editor" = { @@ -39,4 +41,10 @@ switch-applications = [ "Tab" ]; switch-applications-backward = [ "Tab" ]; }; + "org/gnome/shell/extensions/alphabetical-app-grid" = { + folder-order-position = "start"; + }; + "org/gnome/shell/extensions/gsconnect" = { + enabled = true; + }; } diff --git a/home/gnome.nix b/home/gnome.nix index 253e4d0..2b092b8 100644 --- a/home/gnome.nix +++ b/home/gnome.nix @@ -7,9 +7,7 @@ home.packages = with pkgs; [ - amberol gitg - gnome-builder meld simple-scan pinta @@ -23,9 +21,10 @@ caffeine appindicator gsconnect - battery-health-charging + # battery-health-charging quick-settings-tweaker solaar-extension + alphabetical-app-grid ]); dconf.settings = import ./gnome-shared-dconf.nix; diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 556a664..cac2a69 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -38,9 +38,6 @@ inputs@{ pkgs, ... }: alejandra # nix formatter - arduino - uucp - kdiff3 jetbrains-toolbox ]; diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index 61dcfc2..8958baa 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -18,7 +18,6 @@ nixpkgs.lib.nixosSystem { ../../modules/gnome.nix ../../modules/gaming.nix ../../modules/printing.nix - ../../modules/latex.nix ../../modules/podman.nix { diff --git a/modules/gnome.nix b/modules/gnome.nix index 6689ebc..c1d67c6 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -5,9 +5,8 @@ xserver = { # Enable the GNOME Desktop Environment. desktopManager.gnome.enable = true; - displayManager = { - gdm.enable = true; - }; + displayManager.gdm.enable = true; + excludePackages = with pkgs; [ xterm ]; }; displayManager.defaultSession = "gnome"; @@ -34,8 +33,21 @@ geary # email client gnome-maps gnome-weather - gnome-music gnome-tour + gnome-contacts + sysprof + orca # screen reader + gnome-disk-utility + gnome-system-monitor + gnome-weather + gnome-backgrounds + gnome-user-docs + gnome-calendar + yelp # help app + # gnome-music + # totem # video player + # snapshot # camera + # baobab # disk usage ]; environment.systemPackages = with pkgs; [ From b41bfc935c62e6cdbd0db0582a363f85b3c02224 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Dec 2024 12:06:11 +0100 Subject: [PATCH 127/241] wip add hetzner-vpn2 --- hosts/hetzner-vpn2/default.nix | 34 ++++++++++++ hosts/hetzner-vpn2/hardware.nix | 94 +++++++++++++++++++++++++++++++++ hosts/hetzner-vpn2/nginx.nix | 57 ++++++++++++++++++++ 3 files changed, 185 insertions(+) create mode 100644 hosts/hetzner-vpn2/default.nix create mode 100644 hosts/hetzner-vpn2/hardware.nix create mode 100644 hosts/hetzner-vpn2/nginx.nix diff --git a/hosts/hetzner-vpn2/default.nix b/hosts/hetzner-vpn2/default.nix new file mode 100644 index 0000000..f808faa --- /dev/null +++ b/hosts/hetzner-vpn2/default.nix @@ -0,0 +1,34 @@ +{ nixpkgs, common-modules, ... }: +nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = common-modules ++ [ + ./hardware.nix + ./nginx.nix + ../../users/vinzenz.nix + ../../users/ronja.nix + { networking.hostName = "hetzner-vpn2"; } + { + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + } + { + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + ]; + }; + } + ]; +} diff --git a/hosts/hetzner-vpn2/hardware.nix b/hosts/hetzner-vpn2/hardware.nix new file mode 100644 index 0000000..e3f308b --- /dev/null +++ b/hosts/hetzner-vpn2/hardware.nix @@ -0,0 +1,94 @@ +{ lib, modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + + config = { + nixpkgs = { + hostPlatform = "aarch64-linux"; + system = "aarch64-linux"; + }; + + boot = { + tmp.cleanOnBoot = true; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + initrd = { + availableKernelModules = [ + "xhci_pci" + "virtio_scsi" + "sr_mod" + ]; + kernelModules = [ ]; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/24c2f986-1e88-4c26-87eb-0f92aecd6f56"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-uuid/AZ0B-81C3"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/2531d357-dea5-4212-97e3-d727f7bdbd16"; } + ]; + + # This file was populated at runtime with the networking + # details gathered from the active system. + networking = { + useDHCP = true; + domain = ""; + nameservers = [ "8.8.8.8" ]; + defaultGateway6 = { + address = "fe80::1"; + interface = "enp1s0"; + }; + interfaces = { + enp1s0 = { + #ipv4 = { + # addresses = [ + # { + # address = "157.90.146.125"; + # prefixLength = 32; + # } + # ]; + # routes = [ + # { + # address = "172.31.1.1"; + # prefixLength = 32; + # } + # ]; + #}; + ipv6 = { + addresses = [ + { + address = "2a01:4f8:c013:65dd::"; + prefixLength = 64; + } + ]; + routes = [ + { + address = "fe80::1"; + prefixLength = 128; + } + ]; + }; + }; + }; + }; + + #services.udev.extraRules = '' + # ATTR{address}=="96:00:02:87:7f:c9", NAME="eth0" + #''; + }; +} diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix new file mode 100644 index 0000000..f49ff6f --- /dev/null +++ b/hosts/hetzner-vpn2/nginx.nix @@ -0,0 +1,57 @@ +{ pkgs, lib, ... }: +{ + security.acme = { + acceptTerms = true; + defaults.email = "acme@zerforschen.plus"; + }; + + security.pam.services.nginx.setEnvironment = false; + systemd.services.nginx.serviceConfig = { + SupplementaryGroups = [ "shadow" ]; + }; + + services.nginx = { + enable = true; + additionalModules = [ pkgs.nginxModules.pam ]; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = + let + servicesDomain = "services.zerforschen.plus"; + mkServiceConfig = host: port: { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://${host}:${toString port}/"; + extraConfig = '' + # bind to tailscale ip + proxy_bind 100.88.118.60; + # pam auth + limit_except OPTIONS { + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + } + ''; + }; + }; + pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + in + { + "vscode.${servicesDomain}" = lib.mkMerge [ + (mkServiceConfig pc2 8542) + { locations."/".proxyWebsockets = true; } + ]; + "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; + "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; + }; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; +} From 6bf599f486815f474d4e8f7a7bdad7b24e865bb2 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Dec 2024 12:07:45 +0100 Subject: [PATCH 128/241] wip hetzner-vpn2 --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index d730c86..3ba6c8e 100644 --- a/flake.nix +++ b/flake.nix @@ -59,6 +59,7 @@ vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; hetzner-vpn1 = import ./hosts/hetzner-vpn1 host-params; + hetzner-vpn2 = import ./hosts/hetzner-vpn2 host-params; }; nixOnDroidConfigurations.default = import ./hosts/droid { From 8ec2e6beaa8c263a39f1f9f2e1345828fb5ac8d5 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Dec 2024 13:41:12 +0100 Subject: [PATCH 129/241] second try --- hosts/hetzner-vpn2/hardware.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hosts/hetzner-vpn2/hardware.nix b/hosts/hetzner-vpn2/hardware.nix index e3f308b..2a83a67 100644 --- a/hosts/hetzner-vpn2/hardware.nix +++ b/hosts/hetzner-vpn2/hardware.nix @@ -26,11 +26,11 @@ fileSystems = { "/" = { - device = "/dev/disk/by-uuid/24c2f986-1e88-4c26-87eb-0f92aecd6f56"; + device = "/dev/disk/by-uuid/3263489d-9819-433c-b198-9d2e732a94e4"; fsType = "ext4"; }; "/boot" = { - device = "/dev/disk/by-uuid/AZ0B-81C3"; + device = "/dev/disk/by-uuid/6C25-6BDC"; fsType = "vfat"; options = [ "fmask=0077" @@ -40,7 +40,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/2531d357-dea5-4212-97e3-d727f7bdbd16"; } + { device = "/dev/disk/by-uuid/e147721d-86b5-40d7-a231-c6ea391c563d"; } ]; # This file was populated at runtime with the networking From c1f1f7d3ac2935043a75aa38cd7063b40a167711 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Dec 2024 16:23:37 +0100 Subject: [PATCH 130/241] remove old proxy config --- hosts/hetzner-vpn2/nginx.nix | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index f49ff6f..a9bc583 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -41,12 +41,10 @@ pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; in { - "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig pc2 8542) - { locations."/".proxyWebsockets = true; } - ]; - "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; - "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; + #"vscode.${servicesDomain}" = lib.mkMerge [ + # (mkServiceConfig pc2 8542) + # { locations."/".proxyWebsockets = true; } + #]; }; }; From c446e6c3f4259a21df98da30e117bee60969cd3f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Dec 2024 16:39:35 +0100 Subject: [PATCH 131/241] hopefully fix networking --- home/vinzenz/ssh.nix | 5 +++ hosts/hetzner-vpn2/default.nix | 3 ++ hosts/hetzner-vpn2/hardware.nix | 59 ++++++++------------------------- 3 files changed, 22 insertions(+), 45 deletions(-) diff --git a/home/vinzenz/ssh.nix b/home/vinzenz/ssh.nix index 360958e..ae25099 100644 --- a/home/vinzenz/ssh.nix +++ b/home/vinzenz/ssh.nix @@ -6,6 +6,11 @@ hostname = "157.90.146.125"; # 2a01:4f8:c012:7137::/64 user = "root"; }; + "vpn2" = { + host = "vpn2 hetzner-vpn2"; + hostname = "2a01:4f8:c013:65dd::1"; + user = "root"; + }; "vpn1-ts" = { host = "vpn1-ts hetzner-vpn1.donkey-pentatonic.ts.net"; hostname = "hetzner-vpn1.donkey-pentatonic.ts.net"; diff --git a/hosts/hetzner-vpn2/default.nix b/hosts/hetzner-vpn2/default.nix index f808faa..8cf041f 100644 --- a/hosts/hetzner-vpn2/default.nix +++ b/hosts/hetzner-vpn2/default.nix @@ -11,6 +11,9 @@ nixpkgs.lib.nixosSystem { # uncomment for build check on non arm system (requires --impure) # nixpkgs.buildPlatform = builtins.currentSystem; } + { + services.tailscale.useRoutingFeatures = "both"; + } { users.users = { root.openssh.authorizedKeys.keys = [ diff --git a/hosts/hetzner-vpn2/hardware.nix b/hosts/hetzner-vpn2/hardware.nix index 2a83a67..7cf5ce7 100644 --- a/hosts/hetzner-vpn2/hardware.nix +++ b/hosts/hetzner-vpn2/hardware.nix @@ -10,6 +10,7 @@ boot = { tmp.cleanOnBoot = true; + kernelParams = [ "console=tty" ]; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; @@ -19,6 +20,7 @@ "xhci_pci" "virtio_scsi" "sr_mod" + "virtio_gpu" ]; kernelModules = [ ]; }; @@ -43,52 +45,19 @@ { device = "/dev/disk/by-uuid/e147721d-86b5-40d7-a231-c6ea391c563d"; } ]; - # This file was populated at runtime with the networking - # details gathered from the active system. - networking = { - useDHCP = true; - domain = ""; - nameservers = [ "8.8.8.8" ]; - defaultGateway6 = { - address = "fe80::1"; - interface = "enp1s0"; - }; - interfaces = { - enp1s0 = { - #ipv4 = { - # addresses = [ - # { - # address = "157.90.146.125"; - # prefixLength = 32; - # } - # ]; - # routes = [ - # { - # address = "172.31.1.1"; - # prefixLength = 32; - # } - # ]; - #}; - ipv6 = { - addresses = [ - { - address = "2a01:4f8:c013:65dd::"; - prefixLength = 64; - } - ]; - routes = [ - { - address = "fe80::1"; - prefixLength = 128; - } - ]; - }; - }; + networking.useNetworkd = true; + systemd.network = { + enable = true; + networks."10-wan" = { + matchConfig.Name = "enp1s0"; + networkConfig.DHCP = "ipv4"; + address = [ + "2a01:4f8:c013:65dd::1/64" + ]; + routes = [ + { Gateway = "fe80::1"; } + ]; }; }; - - #services.udev.extraRules = '' - # ATTR{address}=="96:00:02:87:7f:c9", NAME="eth0" - #''; }; } From eef6834d9d24fefd48fcad59afe39efad6a7a735 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 14 Dec 2024 10:53:08 +0100 Subject: [PATCH 132/241] remove vpn1 --- flake.nix | 1 - hosts/hetzner-vpn1/default.nix | 34 ----------- hosts/hetzner-vpn1/hardware.nix | 100 -------------------------------- hosts/hetzner-vpn1/nginx.nix | 57 ------------------ 4 files changed, 192 deletions(-) delete mode 100644 hosts/hetzner-vpn1/default.nix delete mode 100644 hosts/hetzner-vpn1/hardware.nix delete mode 100644 hosts/hetzner-vpn1/nginx.nix diff --git a/flake.nix b/flake.nix index 3ba6c8e..279d478 100644 --- a/flake.nix +++ b/flake.nix @@ -58,7 +58,6 @@ { vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; - hetzner-vpn1 = import ./hosts/hetzner-vpn1 host-params; hetzner-vpn2 = import ./hosts/hetzner-vpn2 host-params; }; diff --git a/hosts/hetzner-vpn1/default.nix b/hosts/hetzner-vpn1/default.nix deleted file mode 100644 index e384574..0000000 --- a/hosts/hetzner-vpn1/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ nixpkgs, common-modules, ... }: -nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = common-modules ++ [ - ./hardware.nix - ./nginx.nix - ../../users/vinzenz.nix - ../../users/ronja.nix - { networking.hostName = "hetzner-vpn1"; } - { - # uncomment for build check on non arm system (requires --impure) - # nixpkgs.buildPlatform = builtins.currentSystem; - } - { - users.users = { - root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - ]; - }; - } - ]; -} diff --git a/hosts/hetzner-vpn1/hardware.nix b/hosts/hetzner-vpn1/hardware.nix deleted file mode 100644 index 66be389..0000000 --- a/hosts/hetzner-vpn1/hardware.nix +++ /dev/null @@ -1,100 +0,0 @@ -{ lib, modulesPath, ... }: -{ - imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - - config = { - nixpkgs = { - hostPlatform = "aarch64-linux"; - system = "aarch64-linux"; - }; - - boot = { - tmp.cleanOnBoot = true; - loader = { - systemd-boot.enable = lib.mkForce false; - efi.canTouchEfiVariables = lib.mkForce false; - grub = { - enable = true; - efiSupport = true; - efiInstallAsRemovable = true; - device = "nodev"; - }; - }; - initrd = { - availableKernelModules = [ - "ata_piix" - "uhci_hcd" - "xen_blkfront" - ]; - kernelModules = [ "nvme" ]; - }; - }; - - zramSwap.enable = true; - networking.domain = ""; - - fileSystems = { - "/boot" = { - device = "/dev/disk/by-uuid/77CF-345D"; - fsType = "vfat"; - }; - "/" = { - device = "/dev/sda1"; - fsType = "ext4"; - }; - }; - - # This file was populated at runtime with the networking - # details gathered from the active system. - networking = { - nameservers = [ "8.8.8.8" ]; - defaultGateway = "172.31.1.1"; - defaultGateway6 = { - address = "fe80::1"; - interface = "eth0"; - }; - dhcpcd.enable = false; - usePredictableInterfaceNames = lib.mkForce false; - interfaces = { - eth0 = { - ipv4 = { - addresses = [ - { - address = "157.90.146.125"; - prefixLength = 32; - } - ]; - routes = [ - { - address = "172.31.1.1"; - prefixLength = 32; - } - ]; - }; - ipv6 = { - addresses = [ - { - address = "2a01:4f8:c012:7137::1"; - prefixLength = 64; - } - { - address = "fe80::9400:2ff:fe87:7fc9"; - prefixLength = 64; - } - ]; - routes = [ - { - address = "fe80::1"; - prefixLength = 128; - } - ]; - }; - }; - }; - }; - - services.udev.extraRules = '' - ATTR{address}=="96:00:02:87:7f:c9", NAME="eth0" - ''; - }; -} diff --git a/hosts/hetzner-vpn1/nginx.nix b/hosts/hetzner-vpn1/nginx.nix deleted file mode 100644 index f49ff6f..0000000 --- a/hosts/hetzner-vpn1/nginx.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ pkgs, lib, ... }: -{ - security.acme = { - acceptTerms = true; - defaults.email = "acme@zerforschen.plus"; - }; - - security.pam.services.nginx.setEnvironment = false; - systemd.services.nginx.serviceConfig = { - SupplementaryGroups = [ "shadow" ]; - }; - - services.nginx = { - enable = true; - additionalModules = [ pkgs.nginxModules.pam ]; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - virtualHosts = - let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = host: port: { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; - }; - }; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - in - { - "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig pc2 8542) - { locations."/".proxyWebsockets = true; } - ]; - "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; - "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; - }; - }; - - networking.firewall.allowedTCPPorts = [ - 80 - 443 - ]; -} From 24f1cb38480be92c60f5a00c1e5526a1f6c449c9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 14 Dec 2024 10:57:17 +0100 Subject: [PATCH 133/241] add lix binary cache --- common/nixpkgs.nix | 9 +++++++-- flake.lock | 18 +++++++++--------- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/common/nixpkgs.nix b/common/nixpkgs.nix index d4456be..4705ad5 100644 --- a/common/nixpkgs.nix +++ b/common/nixpkgs.nix @@ -14,10 +14,15 @@ nix = { settings = { substituters = [ - "https://nix-community.cachix.org" "https://cache.nixos.org/" + "https://nix-community.cachix.org" + "https://cache.lix.systems" + ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ]; - trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; experimental-features = [ "nix-command" "flakes" diff --git a/flake.lock b/flake.lock index a196a08..d311957 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1732466619, - "narHash": "sha256-T1e5oceypZu3Q8vzICjv1X/sGs9XfJRMW5OuXHgpB3c=", + "lastModified": 1733951536, + "narHash": "sha256-Zb5ZCa7Xj+0gy5XVXINTSr71fCfAv+IKtmIXNrykT54=", "owner": "nix-community", "repo": "home-manager", - "rev": "f3111f62a23451114433888902a55cf0692b408d", + "rev": "1318c3f3b068cdcea922fa7c1a0a1f0c96c22f5f", "type": "github" }, "original": { @@ -182,11 +182,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1732350895, - "narHash": "sha256-GcOQbOgmwlsRhpLGSwZJwLbo3pu9ochMETuRSS1xpz4=", + "lastModified": 1733808091, + "narHash": "sha256-KWwINTQelKOoQgrXftxoqxmKFZb9pLVfnRvK270nkVk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0c582677378f2d9ffcb01490af2f2c678dcb29d3", + "rev": "a0f3e10d94359665dba45b71b4227b0aeb851f8e", "type": "github" }, "original": { @@ -214,11 +214,11 @@ }, "nixpkgs-droid": { "locked": { - "lastModified": 1732749044, - "narHash": "sha256-T38FQOg0BV5M8FN1712fovzNakSOENEYs+CSkg31C9Y=", + "lastModified": 1734017764, + "narHash": "sha256-msOfmyJSjAHgIygI/JD0Ae3JsDv4rT54Nlfr5t6MQMQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0c5b4ecbed5b155b705336aa96d878e55acd8685", + "rev": "64e9404f308e0f0a0d8cdd7c358f74e34802494b", "type": "github" }, "original": { From 7891b4ebaedf2cfea12497b689d404efb7660c5a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 14 Dec 2024 11:06:37 +0100 Subject: [PATCH 134/241] add adb to lpt2 --- hosts/vinzenz-lpt2/default.nix | 4 ++++ users/vinzenz.nix | 1 + 2 files changed, 5 insertions(+) diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index 8958baa..f9d0276 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -40,5 +40,9 @@ nixpkgs.lib.nixosSystem { # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' #]; } + + { + programs.adb.enable = true; + } ]; } diff --git a/users/vinzenz.nix b/users/vinzenz.nix index 77bc2a1..b4e6aa0 100644 --- a/users/vinzenz.nix +++ b/users/vinzenz.nix @@ -13,6 +13,7 @@ "dialout" "podman" "nginx" + "adbusers" ]; shell = pkgs.zsh; autoSubUidGidRange = true; From f5b0ca48a7b18100ba96473b4cb523a298520405 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 14 Dec 2024 11:18:20 +0100 Subject: [PATCH 135/241] tweak vscode settings, remove git graph as it is not maintained anymore --- home/vinzenz/vscode.nix | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index f44f25b..29f5046 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -11,7 +11,6 @@ yzhang.markdown-all-in-one redhat.vscode-yaml pkief.material-icon-theme - mhutchie.git-graph rust-lang.rust-analyzer tamasfe.even-better-toml llvm-vs-code-extensions.vscode-clangd @@ -21,25 +20,34 @@ ms-vscode-remote.remote-ssh ]; userSettings = { - "git.autofetch" = true; - "update.mode" = "none"; + "files.autoSave" = "afterDelay"; + "files.autoSaveWhenNoErrors" = true; + "files.autoSaveWorkspaceFilesOnly" = true; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; "editor.fontLigatures" = true; "editor.formatOnSave" = true; "editor.formatOnSaveMode" = "modificationsIfAvailable"; "editor.minimap.autohide" = true; + + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; + + "update.mode" = "none"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; + + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; + + "git.autofetch" = true; "diffEditor.diffAlgorithm" = "advanced"; "explorer.excludeGitIgnore" = true; "markdown.extension.tableFormatter.normalizeIndentation" = true; "markdown.extension.toc.orderedList" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; "rust-analyzer.checkOnSave.command" = "clippy"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; + "\[makefile\]" = { "editor.insertSpaces" = false; "editor.detectIndentation" = false; From 95f3a43622510b4c70f036c897edbacf1a1fcd75 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 14 Dec 2024 11:44:31 +0100 Subject: [PATCH 136/241] remove explicit pathsToLink --- common/globalinstalls.nix | 1 - home/vinzenz/zsh.nix | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/common/globalinstalls.nix b/common/globalinstalls.nix index 42dd28e..9afad7d 100644 --- a/common/globalinstalls.nix +++ b/common/globalinstalls.nix @@ -2,7 +2,6 @@ { config = { environment = { - pathsToLink = [ "/share/zsh" ]; systemPackages = with pkgs; [ ncdu glances diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index fd252a2..9a9f633 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -5,6 +5,8 @@ export PATH=$PATH:/home/vinzenz/.cargo/bin ''; + enableCompletion = true; + shellAliases = { my-apply = "sudo nixos-rebuild boot --flake"; my-switch = "sudo nixos-rebuild switch --flake"; From 392711e853dd52f74345355eb960e9bfbba2e052 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 14 Dec 2024 13:25:34 +0100 Subject: [PATCH 137/241] move droid to own repo --- flake.lock | 214 +--------------------------------------- flake.nix | 24 +---- hosts/droid/default.nix | 14 --- hosts/droid/sshd.nix | 37 ------- hosts/droid/stuff.nix | 23 ----- 5 files changed, 2 insertions(+), 310 deletions(-) delete mode 100644 hosts/droid/default.nix delete mode 100644 hosts/droid/sshd.nix delete mode 100644 hosts/droid/stuff.nix diff --git a/flake.lock b/flake.lock index d311957..6683f13 100644 --- a/flake.lock +++ b/flake.lock @@ -54,48 +54,6 @@ "type": "github" } }, - "home-manager-droid": { - "inputs": { - "nixpkgs": [ - "nixpkgs-droid" - ] - }, - "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-24.05", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { - "inputs": { - "nixpkgs": [ - "nix-on-droid", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709445365, - "narHash": "sha256-DVv6nd9FQBbMWbOmhq0KVqmlc3y3FMSYl49UXmMcO+0=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "4de84265d7ec7634a69ba75028696d74de9a44a7", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, "lix": { "flake": false, "locked": { @@ -131,55 +89,6 @@ "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz" } }, - "nix-formatter-pack": { - "inputs": { - "nixpkgs": [ - "nix-on-droid", - "nixpkgs" - ], - "nmd": "nmd", - "nmt": "nmt" - }, - "locked": { - "lastModified": 1705252799, - "narHash": "sha256-HgSTREh7VoXjGgNDwKQUYcYo13rPkltW7IitHrTPA5c=", - "owner": "Gerschtli", - "repo": "nix-formatter-pack", - "rev": "2de39dedd79aab14c01b9e2934842051a160ffa5", - "type": "github" - }, - "original": { - "owner": "Gerschtli", - "repo": "nix-formatter-pack", - "type": "github" - } - }, - "nix-on-droid": { - "inputs": { - "home-manager": "home-manager_2", - "nix-formatter-pack": "nix-formatter-pack", - "nixpkgs": [ - "nixpkgs-droid" - ], - "nixpkgs-docs": "nixpkgs-docs", - "nixpkgs-for-bootstrap": "nixpkgs-for-bootstrap", - "nmd": "nmd_2" - }, - "locked": { - "lastModified": 1720396533, - "narHash": "sha256-UFzk/hZWO1VkciIO5UPaSpJN8s765wsngUSvtJM6d5Q=", - "owner": "nix-community", - "repo": "nix-on-droid", - "rev": "f3d3b8294039f2f9a8fb7ea82c320f29c6b0fe25", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-24.05", - "repo": "nix-on-droid", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1733808091, @@ -196,132 +105,11 @@ "type": "github" } }, - "nixpkgs-docs": { - "locked": { - "lastModified": 1705957679, - "narHash": "sha256-Q8LJaVZGJ9wo33wBafvZSzapYsjOaNjP/pOnSiKVGHY=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "9a333eaa80901efe01df07eade2c16d183761fa3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "release-23.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-droid": { - "locked": { - "lastModified": 1734017764, - "narHash": "sha256-msOfmyJSjAHgIygI/JD0Ae3JsDv4rT54Nlfr5t6MQMQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "64e9404f308e0f0a0d8cdd7c358f74e34802494b", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-for-bootstrap": { - "locked": { - "lastModified": 1720244366, - "narHash": "sha256-WrDV0FPMVd2Sq9hkR5LNHudS3OSMmUrs90JUTN+MXpA=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "49ee0e94463abada1de470c9c07bfc12b36dcf40", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "49ee0e94463abada1de470c9c07bfc12b36dcf40", - "type": "github" - } - }, - "nmd": { - "flake": false, - "locked": { - "lastModified": 1666190571, - "narHash": "sha256-Z1hc7M9X6L+H83o9vOprijpzhTfOBjd0KmUTnpHAVjA=", - "owner": "rycee", - "repo": "nmd", - "rev": "b75d312b4f33bd3294cd8ae5c2ca8c6da2afc169", - "type": "gitlab" - }, - "original": { - "owner": "rycee", - "repo": "nmd", - "type": "gitlab" - } - }, - "nmd_2": { - "inputs": { - "nixpkgs": [ - "nix-on-droid", - "nixpkgs-docs" - ], - "scss-reset": "scss-reset" - }, - "locked": { - "lastModified": 1705050560, - "narHash": "sha256-x3zzcdvhJpodsmdjqB4t5mkVW22V3wqHLOun0KRBzUI=", - "owner": "~rycee", - "repo": "nmd", - "rev": "66d9334933119c36f91a78d565c152a4fdc8d3d3", - "type": "sourcehut" - }, - "original": { - "owner": "~rycee", - "repo": "nmd", - "type": "sourcehut" - } - }, - "nmt": { - "flake": false, - "locked": { - "lastModified": 1648075362, - "narHash": "sha256-u36WgzoA84dMVsGXzml4wZ5ckGgfnvS0ryzo/3zn/Pc=", - "owner": "rycee", - "repo": "nmt", - "rev": "d83601002c99b78c89ea80e5e6ba21addcfe12ae", - "type": "gitlab" - }, - "original": { - "owner": "rycee", - "repo": "nmt", - "type": "gitlab" - } - }, "root": { "inputs": { "home-manager": "home-manager", - "home-manager-droid": "home-manager-droid", "lix-module": "lix-module", - "nix-on-droid": "nix-on-droid", - "nixpkgs": "nixpkgs", - "nixpkgs-droid": "nixpkgs-droid" - } - }, - "scss-reset": { - "flake": false, - "locked": { - "lastModified": 1631450058, - "narHash": "sha256-muDlZJPtXDIGevSEWkicPP0HQ6VtucbkMNygpGlBEUM=", - "owner": "andreymatin", - "repo": "scss-reset", - "rev": "0cf50e27a4e95e9bb5b1715eedf9c54dee1a5a91", - "type": "github" - }, - "original": { - "owner": "andreymatin", - "repo": "scss-reset", - "type": "github" + "nixpkgs": "nixpkgs" } }, "systems": { diff --git a/flake.nix b/flake.nix index 279d478..0968c4a 100644 --- a/flake.nix +++ b/flake.nix @@ -11,19 +11,6 @@ url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; - - nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-24.05"; - - nix-on-droid = { - url = "github:nix-community/nix-on-droid/release-24.05"; - inputs.nixpkgs.follows = "nixpkgs-droid"; - }; - - home-manager-droid = { - url = "github:nix-community/home-manager/release-24.05"; - inputs.nixpkgs.follows = "nixpkgs-droid"; - }; - }; outputs = @@ -31,10 +18,7 @@ self, nixpkgs, home-manager, - lix-module, - nixpkgs-droid, - nix-on-droid, - home-manager-droid, + lix-module }: { nixosConfigurations = @@ -61,12 +45,6 @@ hetzner-vpn2 = import ./hosts/hetzner-vpn2 host-params; }; - nixOnDroidConfigurations.default = import ./hosts/droid { - inherit nix-on-droid; - nixpkgs = nixpkgs-droid; - home-manager = home-manager-droid; - }; - formatter = { x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style; aarch64-linux = nixpkgs.legacyPackages.aarch64-linux.nixfmt-rfc-style; diff --git a/hosts/droid/default.nix b/hosts/droid/default.nix deleted file mode 100644 index 9384457..0000000 --- a/hosts/droid/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - nixpkgs, - nix-on-droid, - home-manager, - ... -}: -nix-on-droid.lib.nixOnDroidConfiguration { - pkgs = import nixpkgs { system = "aarch64-linux"; }; - modules = [ - home-manager.nixosModules.home-manager - ./sshd.nix - ./stuff.nix - ]; -} diff --git a/hosts/droid/sshd.nix b/hosts/droid/sshd.nix deleted file mode 100644 index 4ab5207..0000000 --- a/hosts/droid/sshd.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, pkgs, ... }: -let - sshdTmpDirectory = "${config.user.home}/sshd-tmp"; - sshdDirectory = "${config.user.home}/sshd"; - pubKeys = '' - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming - ''; - port = 8022; -in -{ - build.activation.sshd = '' - $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh" - $DRY_RUN_CMD echo "${pubKeys}" > "${config.user.home}/.ssh/authorized_keys" - - if [[ ! -d "${sshdDirectory}" ]]; then - $DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}" - $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${sshdTmpDirectory}" - - $VERBOSE_ECHO "Generating host keys..." - $DRY_RUN_CMD ${pkgs.openssh}/bin/ssh-keygen -t rsa -b 4096 -f "${sshdTmpDirectory}/ssh_host_rsa_key" -N "" - - $VERBOSE_ECHO "Writing sshd_config..." - $DRY_RUN_CMD echo -e "HostKey ${sshdDirectory}/ssh_host_rsa_key\nPort ${toString port}\n" > "${sshdTmpDirectory}/sshd_config" - - $DRY_RUN_CMD mv $VERBOSE_ARG "${sshdTmpDirectory}" "${sshdDirectory}" - fi - ''; - - environment.packages = [ - (pkgs.writeScriptBin "sshd-start" '' - #!${pkgs.runtimeShell} - - echo "Starting sshd in non-daemonized way on port ${toString port}" - ${pkgs.openssh}/bin/sshd -f "${sshdDirectory}/sshd_config" -D - '') - ]; -} diff --git a/hosts/droid/stuff.nix b/hosts/droid/stuff.nix deleted file mode 100644 index c13094a..0000000 --- a/hosts/droid/stuff.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - pkgs, - ... -}: -{ - environment.packages = with pkgs; [ - nano - hostname - zsh - openssh - which - curl - ]; - - # Backup etc files instead of failing to activate generation if a file already exists in /etc - environment.etcBackupExtension = ".bak"; - - system.stateVersion = "24.05"; - nix.extraOptions = '' - experimental-features = nix-command flakes - ''; - time.timeZone = "Europe/Berlin"; -} From 906a264118728cd3868216398e15a2669f1c18d6 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 21 Dec 2024 14:13:01 +0100 Subject: [PATCH 138/241] disable amdvlk because of gnome bug, update config --- modules/amd-graphics.nix | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix index ec9ec02..4ae15ac 100644 --- a/modules/amd-graphics.nix +++ b/modules/amd-graphics.nix @@ -1,12 +1,19 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { config = { boot.kernelModules = [ "amdgpu" ]; services.xserver.videoDrivers = [ "amdgpu" ]; - hardware.graphics = { - extraPackages = with pkgs; [ amdvlk ]; - extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ]; + hardware = { + graphics.enable = true; + amdgpu = { + opencl.enable = true; + amdvlk = { + # TODO: this creates black borders around GNOME apps + # enable = true; + support32Bit.enable = config.hardware.graphics.enable32Bit; + }; + }; }; environment.systemPackages = with pkgs; [ nvtopPackages.amd ]; From d65d5851366f6b7ecbdfedc14be7c31e2a9bd15e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 21 Dec 2024 14:38:16 +0100 Subject: [PATCH 139/241] tweak update settings, update flake.lock --- common/nixpkgs.nix | 3 ++- flake.lock | 12 ++++++------ flake.nix | 2 +- hosts/hetzner-vpn2/default.nix | 3 +++ 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/common/nixpkgs.nix b/common/nixpkgs.nix index 4705ad5..42d7c03 100644 --- a/common/nixpkgs.nix +++ b/common/nixpkgs.nix @@ -41,7 +41,8 @@ # enable auto updates autoUpgrade = { enable = true; - dates = "weekly"; + dates = "daily"; + flake = "github:kaesaecracker/nixos-configuration"; }; }; diff --git a/flake.lock b/flake.lock index 6683f13..705d981 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1733951536, - "narHash": "sha256-Zb5ZCa7Xj+0gy5XVXINTSr71fCfAv+IKtmIXNrykT54=", + "lastModified": 1734366194, + "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", "owner": "nix-community", "repo": "home-manager", - "rev": "1318c3f3b068cdcea922fa7c1a0a1f0c96c22f5f", + "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", "type": "github" }, "original": { @@ -91,11 +91,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1733808091, - "narHash": "sha256-KWwINTQelKOoQgrXftxoqxmKFZb9pLVfnRvK270nkVk=", + "lastModified": 1734600368, + "narHash": "sha256-nbG9TijTMcfr+au7ZVbKpAhMJzzE2nQBYmRvSdXUD8g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a0f3e10d94359665dba45b71b4227b0aeb851f8e", + "rev": "b47fd6fa00c6afca88b8ee46cfdb00e104f50bca", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0968c4a..388dc45 100644 --- a/flake.nix +++ b/flake.nix @@ -18,7 +18,7 @@ self, nixpkgs, home-manager, - lix-module + lix-module, }: { nixosConfigurations = diff --git a/hosts/hetzner-vpn2/default.nix b/hosts/hetzner-vpn2/default.nix index 8cf041f..288cd46 100644 --- a/hosts/hetzner-vpn2/default.nix +++ b/hosts/hetzner-vpn2/default.nix @@ -33,5 +33,8 @@ nixpkgs.lib.nixosSystem { ]; }; } + { + system.autoUpgrade.allowReboot = true; + } ]; } From 0e3c3b8971e6991ab5f048d1db3967b40f4e62a9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 21 Dec 2024 14:43:08 +0100 Subject: [PATCH 140/241] tweak update settings --- modules/desktop-environment.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index e4eb0ed..7ac36ae 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -84,7 +84,7 @@ # prevent stuck units from preventing shutdown (default is 120s) extraConfig = '' - DefaultTimeoutStopSec=12s + DefaultTimeoutStopSec=10s ''; }; @@ -108,5 +108,10 @@ enable = true; enableGraphical = true; }; + + system.autoUpgrade = { + allowReboot = false; + operation = "boot"; + }; }; } From 7ed15d5b1bb29cc2fe11cec882619feb917562a9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Wed, 1 Jan 2025 16:35:42 +0100 Subject: [PATCH 141/241] update flake --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 705d981..86e63cb 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1734366194, - "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", + "lastModified": 1735344290, + "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", "owner": "nix-community", "repo": "home-manager", - "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", + "rev": "613691f285dad87694c2ba1c9e6298d04736292d", "type": "github" }, "original": { @@ -91,11 +91,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1734600368, - "narHash": "sha256-nbG9TijTMcfr+au7ZVbKpAhMJzzE2nQBYmRvSdXUD8g=", + "lastModified": 1735531152, + "narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b47fd6fa00c6afca88b8ee46cfdb00e104f50bca", + "rev": "3ffbbdbac0566a0977da3d2657b89cbcfe9a173b", "type": "github" }, "original": { From 29ea7db3aa4c1f5c1af9a144f942e4fbad9b6b61 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 Jan 2025 01:14:41 +0100 Subject: [PATCH 142/241] add ona-book --- common/i18n.nix | 9 ------ flake.nix | 1 + hosts/ona-book/default.nix | 37 ++++++++++++++++++++++ hosts/ona-book/hardware.nix | 57 ++++++++++++++++++++++++++++++++++ hosts/vinzenz-lpt2/default.nix | 9 ++++++ hosts/vinzenz-pc2/default.nix | 9 ++++++ 6 files changed, 113 insertions(+), 9 deletions(-) create mode 100644 hosts/ona-book/default.nix create mode 100644 hosts/ona-book/hardware.nix diff --git a/common/i18n.nix b/common/i18n.nix index c9506ad..3d789f0 100644 --- a/common/i18n.nix +++ b/common/i18n.nix @@ -15,14 +15,5 @@ _: { LC_TIME = "de_DE.UTF-8"; }; }; - - services.xserver.xkb = { - # Configure keymap in X11 - layout = "de"; - variant = ""; - }; - - # Configure console keymap - console.keyMap = "de"; }; } diff --git a/flake.nix b/flake.nix index 388dc45..4b4200e 100644 --- a/flake.nix +++ b/flake.nix @@ -43,6 +43,7 @@ vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; hetzner-vpn2 = import ./hosts/hetzner-vpn2 host-params; + ona-book = import ./hosts/ona-book host-params; }; formatter = { diff --git a/hosts/ona-book/default.nix b/hosts/ona-book/default.nix new file mode 100644 index 0000000..bdc8952 --- /dev/null +++ b/hosts/ona-book/default.nix @@ -0,0 +1,37 @@ +{ + nixpkgs, + common-modules, + desktop-modules, + ... +}: +nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = + common-modules + ++ desktop-modules + ++ [ + ./hardware.nix + ../../home/gnome.nix + ../../users/ronja.nix + ../../modules/gnome.nix + + { + networking.hostName = "ona-book"; + services.xserver.xkb = { + layout = "us"; + options = "eurosign:e,caps:escape"; + }; + } + + { + home-manager.users.ronja = import ../../home/ronja.nix; + + users.users.ronja.openssh.authorizedKeys.keys = [ + ]; + } + + { + + } + ]; +} diff --git a/hosts/ona-book/hardware.nix b/hosts/ona-book/hardware.nix new file mode 100644 index 0000000..3a1601b --- /dev/null +++ b/hosts/ona-book/hardware.nix @@ -0,0 +1,57 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: +{ + imports = [ + (modulesPath + "/hardware/network/broadcom-43xx.nix") + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + config = { + boot = { + initrd.availableKernelModules = [ + "xhci_pci" + "nvme" + "usb_storage" + "sd_mod" + ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/15220182-5617-4963-814e-19ff29b7db8c"; + fsType = "btrfs"; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/1C7D-07C1"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/e4c91c7e-8b62-48e4-923d-4d750ebbc7db"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + }; +} diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index f9d0276..7114544 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -26,6 +26,15 @@ nixpkgs.lib.nixosSystem { "aarch64-linux" "i686-linux" ]; + + services.xserver.xkb = { + # Configure keymap in X11 + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; } { diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index c8535c8..3fdcb70 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -25,6 +25,15 @@ nixpkgs.lib.nixosSystem { "aarch64-linux" "i686-linux" ]; + + services.xserver.xkb = { + # Configure keymap in X11 + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; } { home-manager.users = { From 72c6b8bd3491aa672e432cb5b483381255a25ae7 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 Jan 2025 02:05:36 +0100 Subject: [PATCH 143/241] copy vscode config to other user --- home/{ronja.nix => ronja/default.nix} | 3 +- home/ronja/vscode.nix | 56 +++++++++++++++++++++++++++ hosts/ona-book/default.nix | 2 +- hosts/vinzenz-pc2/default.nix | 2 +- users/ronja.nix | 4 ++ 5 files changed, 64 insertions(+), 3 deletions(-) rename home/{ronja.nix => ronja/default.nix} (93%) create mode 100644 home/ronja/vscode.nix diff --git a/home/ronja.nix b/home/ronja/default.nix similarity index 93% rename from home/ronja.nix rename to home/ronja/default.nix index c0e0f05..35fa2d9 100644 --- a/home/ronja.nix +++ b/home/ronja/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +inputs@{ config, pkgs, ... }: { home.packages = with pkgs; [ ## Apps @@ -8,6 +8,7 @@ programs = { home-manager.enable = true; + vscode = import ./vscode.nix inputs; zsh = { history = { diff --git a/home/ronja/vscode.nix b/home/ronja/vscode.nix new file mode 100644 index 0000000..29f5046 --- /dev/null +++ b/home/ronja/vscode.nix @@ -0,0 +1,56 @@ +{ pkgs, ... }: +{ + enable = true; + package = pkgs.vscodium; + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + ms-python.python + kamadorueda.alejandra + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + ms-dotnettools.csharp + ms-vscode-remote.remote-ssh + ]; + userSettings = { + "files.autoSave" = "afterDelay"; + "files.autoSaveWhenNoErrors" = true; + "files.autoSaveWorkspaceFilesOnly" = true; + + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; + + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; + + "update.mode" = "none"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; + + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; + + "git.autofetch" = true; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = true; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; + "rust-analyzer.checkOnSave.command" = "clippy"; + + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; + }; +} diff --git a/hosts/ona-book/default.nix b/hosts/ona-book/default.nix index bdc8952..36a2a5c 100644 --- a/hosts/ona-book/default.nix +++ b/hosts/ona-book/default.nix @@ -24,7 +24,7 @@ nixpkgs.lib.nixosSystem { } { - home-manager.users.ronja = import ../../home/ronja.nix; + home-manager.users.ronja = import ../../home/ronja; users.users.ronja.openssh.authorizedKeys.keys = [ ]; diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index 3fdcb70..c90e3ec 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -38,7 +38,7 @@ nixpkgs.lib.nixosSystem { { home-manager.users = { vinzenz = import ../../home/vinzenz; - ronja = import ../../home/ronja.nix; + ronja = import ../../home/ronja; }; users.users.vinzenz.openssh.authorizedKeys.keys = [ diff --git a/users/ronja.nix b/users/ronja.nix index 547f31b..3ed2b8a 100644 --- a/users/ronja.nix +++ b/users/ronja.nix @@ -15,5 +15,9 @@ ]; shell = pkgs.zsh; }; + + allowedUnfreePackages = [ + "vscode-extension-ms-vscode-remote-remote-ssh" + ]; }; } From 8b48c54f48f3edd3c588b19a1a15c5d12b1de6c2 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 Jan 2025 17:56:33 +0100 Subject: [PATCH 144/241] enable fractional scaling for gnome --- modules/gnome.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/modules/gnome.nix b/modules/gnome.nix index c1d67c6..4b0d1ff 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -4,7 +4,14 @@ services = { xserver = { # Enable the GNOME Desktop Environment. - desktopManager.gnome.enable = true; + desktopManager.gnome = { + enable = true; + extraGSettingsOverridePackages = [ pkgs.mutter ]; + extraGSettingsOverrides = '' + [org.gnome.mutter] + experimental-features=['scale-monitor-framebuffer'] + ''; + }; displayManager.gdm.enable = true; excludePackages = with pkgs; [ xterm ]; }; From 161d78902ee583c898e6108af94a62fe3c5759d9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 2 Jan 2025 18:17:23 +0100 Subject: [PATCH 145/241] move some extensions from shared module to user module --- home/gnome-shared-dconf.nix | 4 -- home/gnome.nix | 5 -- home/vinzenz/default.nix | 116 +++++++++++++++++++----------------- home/vinzenz/gnome.nix | 23 +++++++ 4 files changed, 83 insertions(+), 65 deletions(-) create mode 100644 home/vinzenz/gnome.nix diff --git a/home/gnome-shared-dconf.nix b/home/gnome-shared-dconf.nix index 32b7657..b9b3716 100644 --- a/home/gnome-shared-dconf.nix +++ b/home/gnome-shared-dconf.nix @@ -26,10 +26,6 @@ "appindicatorsupport@rgcjonas.gmail.com" "workspace-indicator@gnome-shell-extensions.gcampax.github.com" "caffeine@patapon.info" - "GPaste@gnome-shell-extensions.gnome.org" - "gsconnect@andyholmes.github.io" - "solaar-extension@sidevesh" - "AlphabeticalAppGrid@stuarthayhurst" ]; }; "ca/desrt/dconf-editor" = { diff --git a/home/gnome.nix b/home/gnome.nix index 2b092b8..0310a7e 100644 --- a/home/gnome.nix +++ b/home/gnome.nix @@ -20,11 +20,6 @@ ++ (with gnomeExtensions; [ caffeine appindicator - gsconnect - # battery-health-charging - quick-settings-tweaker - solaar-extension - alphabetical-app-grid ]); dconf.settings = import ./gnome-shared-dconf.nix; diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index cac2a69..d2bca38 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -1,64 +1,68 @@ inputs@{ pkgs, ... }: { - programs = { - home-manager.enable = true; - fzf.enable = true; - zsh = import ./zsh.nix inputs; - git = import ./git.nix; - vscode = import ./vscode.nix inputs; - ssh = import ./ssh.nix; + imports = [ ./gnome.nix ]; - direnv = { - enable = true; - nix-direnv.enable = true; + config = { + programs = { + home-manager.enable = true; + fzf.enable = true; + zsh = import ./zsh.nix inputs; + git = import ./git.nix; + vscode = import ./vscode.nix inputs; + ssh = import ./ssh.nix; + + direnv = { + enable = true; + nix-direnv.enable = true; + }; + + eza = { + enable = true; + git = true; + icons = "auto"; + extraOptions = [ + "--group-directories-first" + "--header" + ]; + }; }; - eza = { - enable = true; - git = true; - icons = "auto"; - extraOptions = [ - "--group-directories-first" - "--header" - ]; + editorconfig = import ./editorconfig.nix; + + home.packages = with pkgs; [ + keepassxc + insync + + telegram-desktop + element-desktop + + wireguard-tools + wirelesstools + + alejandra # nix formatter + + kdiff3 + jetbrains-toolbox + ]; + + home.file."policy.json" = { + target = ".config/containers/policy.json"; + text = '' + { + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } + } + ''; }; }; - - editorconfig = import ./editorconfig.nix; - - home.packages = with pkgs; [ - keepassxc - insync - - telegram-desktop - element-desktop - - wireguard-tools - wirelesstools - - alejandra # nix formatter - - kdiff3 - jetbrains-toolbox - ]; - - home.file."policy.json" = { - target = ".config/containers/policy.json"; - text = '' - { - "default": [ - { - "type": "insecureAcceptAnything" - } - ], - "transports": - { - "docker-daemon": - { - "": [{"type":"insecureAcceptAnything"}] - } - } - } - ''; - }; } diff --git a/home/vinzenz/gnome.nix b/home/vinzenz/gnome.nix new file mode 100644 index 0000000..4e70618 --- /dev/null +++ b/home/vinzenz/gnome.nix @@ -0,0 +1,23 @@ +inputs@{ pkgs, ... }: +{ + config = { + home.packages = with pkgs.gnomeExtensions; [ + gsconnect + # battery-health-charging + quick-settings-tweaker + solaar-extension + alphabetical-app-grid + ]; + + dconf.settings = { + "org/gnome/shell" = { + enabled-extensions = [ + "GPaste@gnome-shell-extensions.gnome.org" + "gsconnect@andyholmes.github.io" + "solaar-extension@sidevesh" + "AlphabeticalAppGrid@stuarthayhurst" + ]; + }; + }; + }; +} From aee35ecfa3a129596b69f3a7f349381116ae916f Mon Sep 17 00:00:00 2001 From: Ronja Spiegelberg Date: Sun, 5 Jan 2025 17:46:32 +0100 Subject: [PATCH 146/241] wip mbp hw config --- flake.lock | 23 ++++++++++++-- flake.nix | 3 ++ hosts/ona-book/default.nix | 55 +++++++++++++++++++-------------- hosts/ona-book/hardware.nix | 24 +++++++++++++- hosts/vinzenz-lpt2/default.nix | 5 ++- hosts/vinzenz-pc2/default.nix | 5 ++- modules/desktop-environment.nix | 2 -- 7 files changed, 86 insertions(+), 31 deletions(-) diff --git a/flake.lock b/flake.lock index 86e63cb..c38e837 100644 --- a/flake.lock +++ b/flake.lock @@ -89,13 +89,29 @@ "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz" } }, + "nixos-hardware": { + "locked": { + "lastModified": 1735388221, + "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1735531152, - "narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=", + "lastModified": 1735922141, + "narHash": "sha256-vk0xwGZSlvZ/596yxOtsk4gxsIx2VemzdjiU8zhjgWw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ffbbdbac0566a0977da3d2657b89cbcfe9a173b", + "rev": "d29ab98cd4a70a387b8ceea3e930b3340d41ac5a", "type": "github" }, "original": { @@ -109,6 +125,7 @@ "inputs": { "home-manager": "home-manager", "lix-module": "lix-module", + "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs" } }, diff --git a/flake.nix b/flake.nix index 4b4200e..80868de 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,7 @@ { inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; home-manager = { url = "github:nix-community/home-manager/release-24.11"; @@ -19,6 +20,7 @@ nixpkgs, home-manager, lix-module, + nixos-hardware, }: { nixosConfigurations = @@ -27,6 +29,7 @@ inherit nixpkgs; inherit home-manager; inherit lix-module; + inherit nixos-hardware; common-modules = [ lix-module.nixosModules.default ./common diff --git a/hosts/ona-book/default.nix b/hosts/ona-book/default.nix index 36a2a5c..2231494 100644 --- a/hosts/ona-book/default.nix +++ b/hosts/ona-book/default.nix @@ -2,36 +2,45 @@ nixpkgs, common-modules, desktop-modules, + nixos-hardware, + home-manager, ... }: nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - modules = - common-modules - ++ desktop-modules - ++ [ - ./hardware.nix - ../../home/gnome.nix - ../../users/ronja.nix - ../../modules/gnome.nix + modules = common-modules ++ [ + home-manager.nixosModules.home-manager + ../../home + ../../modules/desktop-environment.nix - { - networking.hostName = "ona-book"; - services.xserver.xkb = { - layout = "us"; - options = "eurosign:e,caps:escape"; - }; - } + nixos-hardware.nixosModules.apple-macbook-pro-14-1 + { allowedUnfreePackages = [ "b43-firmware" ]; } - { - home-manager.users.ronja = import ../../home/ronja; + ./hardware.nix + ../../home/gnome.nix + ../../users/ronja.nix + ../../modules/gnome.nix - users.users.ronja.openssh.authorizedKeys.keys = [ - ]; - } + { + networking = { + hostName = "ona-book"; + networkmanager.enable = true; + }; + services.xserver.xkb = { + layout = "us"; + options = "eurosign:e,caps:escape"; + }; + } - { + { + home-manager.users.ronja = import ../../home/ronja; - } - ]; + users.users.ronja.openssh.authorizedKeys.keys = [ + ]; + } + + { + + } + ]; } diff --git a/hosts/ona-book/hardware.nix b/hosts/ona-book/hardware.nix index 3a1601b..bf4fdc4 100644 --- a/hosts/ona-book/hardware.nix +++ b/hosts/ona-book/hardware.nix @@ -20,8 +20,24 @@ "sd_mod" ]; initrd.kernelModules = [ ]; - kernelModules = [ "kvm-intel" ]; + kernelModules = [ + "kvm-intel" + "snd_hda_codec_cs8409" + "hci_uart" + "bluetooth" + "btbcm" + ]; extraModulePackages = [ ]; + blacklistedKernelModules = [ ]; + kernelParams = []; + loader = { + efi.canTouchEfiVariables = true; + systemd-boot = { + enable = true; + editor = false; # do not allow changing kernel parameters + consoleMode = "max"; + }; + }; }; fileSystems = { @@ -53,5 +69,11 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + hardware.enableAllFirmware = true; + nixpkgs.config.allowUnfree = true; + hardware.enableRedistributableFirmware = true; + + hardware.facetimehd.enable = true; }; } diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index 7114544..c2944b1 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -21,7 +21,10 @@ nixpkgs.lib.nixosSystem { ../../modules/podman.nix { - networking.hostName = "vinzenz-lpt2"; + networking = { + hostName = "vinzenz-lpt2"; + networkmanager.enable = true; + }; nix.settings.extra-platforms = [ "aarch64-linux" "i686-linux" diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index c90e3ec..707457a 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -20,7 +20,10 @@ nixpkgs.lib.nixosSystem { ../../modules/printing.nix ../../modules/podman.nix { - networking.hostName = "vinzenz-pc2"; + networking = { + hostName = "vinzenz-pc2"; + networkmanager.enable = true; + }; nix.settings.extra-platforms = [ "aarch64-linux" "i686-linux" diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index 7ac36ae..cf860e5 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -58,8 +58,6 @@ }; networking = { - networkmanager.enable = true; - firewall = { allowedTCPPortRanges = [ { From 85b4ea58801233e9d6d3a64f63b10a42fae27f01 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 26 Jan 2025 16:19:59 +0100 Subject: [PATCH 147/241] minor home tweaks --- home/vinzenz/default.nix | 5 +++-- home/vinzenz/zsh.nix | 3 +-- modules/desktop-environment.nix | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index d2bca38..6cd8b3a 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -39,10 +39,11 @@ inputs@{ pkgs, ... }: wireguard-tools wirelesstools - alejandra # nix formatter - kdiff3 jetbrains-toolbox + + blanket + vlc ]; home.file."policy.json" = { diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 9a9f633..13ff561 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -11,8 +11,7 @@ my-apply = "sudo nixos-rebuild boot --flake"; my-switch = "sudo nixos-rebuild switch --flake"; my-update = "sudo nixos-rebuild boot --upgrade --flake"; - my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; - my-fmt = "alejandra ."; + my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; my-test = "sudo nixos-rebuild test"; my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; my-ip4 = "ip addr show | grep 192"; diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index cf860e5..b480f67 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -99,7 +99,7 @@ fonts = { enableDefaultPackages = true; fontconfig.defaultFonts.monospace = [ "FiraCode Nerd Font" ]; - packages = with pkgs; [ (nerdfonts.override { fonts = [ "FiraCode" ]; }) ]; + packages = with pkgs; [ (nerdfonts.override { fonts = [ "FiraCode" ]; }) roboto-mono ]; }; hardware.logitech.wireless = { From 5250e8552ec3103f81480ff72f2a97e4479ddc46 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 26 Jan 2025 16:23:22 +0100 Subject: [PATCH 148/241] add forgejo-runner-1 --- hosts/forgejo-runner-1/default.nix | 28 +++++++++++++ hosts/forgejo-runner-1/hardware.nix | 63 +++++++++++++++++++++++++++++ 2 files changed, 91 insertions(+) create mode 100644 hosts/forgejo-runner-1/default.nix create mode 100644 hosts/forgejo-runner-1/hardware.nix diff --git a/hosts/forgejo-runner-1/default.nix b/hosts/forgejo-runner-1/default.nix new file mode 100644 index 0000000..4c2666e --- /dev/null +++ b/hosts/forgejo-runner-1/default.nix @@ -0,0 +1,28 @@ +{ nixpkgs, common-modules, ... }: +nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = common-modules ++ [ + ./hardware.nix + ../../users/vinzenz.nix + { networking.hostName = "forgejo-runner-1"; } + { + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + } + { + services.tailscale.useRoutingFeatures = "both"; + } + { + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + }; + } + { + system.autoUpgrade.allowReboot = true; + } + ]; +} diff --git a/hosts/forgejo-runner-1/hardware.nix b/hosts/forgejo-runner-1/hardware.nix new file mode 100644 index 0000000..034ed88 --- /dev/null +++ b/hosts/forgejo-runner-1/hardware.nix @@ -0,0 +1,63 @@ +{ lib, modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + + config = { + nixpkgs = { + hostPlatform = "aarch64-linux"; + system = "aarch64-linux"; + }; + + boot = { + tmp.cleanOnBoot = true; + kernelParams = [ "console=tty" ]; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + initrd = { + availableKernelModules = [ + "xhci_pci" + "virtio_scsi" + "sr_mod" + "virtio_gpu" + ]; + kernelModules = [ ]; + }; + }; + + # fileSystems = { + # "/" = { + # device = "/dev/disk/by-uuid/3263489d-9819-433c-b198-9d2e732a94e4"; + # fsType = "ext4"; + # }; + # "/boot" = { + # device = "/dev/disk/by-uuid/6C25-6BDC"; + # fsType = "vfat"; + # options = [ + # "fmask=0077" + # "dmask=0077" + # ]; + # }; + # }; + + # swapDevices = [ + # { device = "/dev/disk/by-uuid/e147721d-86b5-40d7-a231-c6ea391c563d"; } + # ]; + + # networking.useNetworkd = true; + # systemd.network = { + # enable = true; + # networks."10-wan" = { + # matchConfig.Name = "enp1s0"; + # networkConfig.DHCP = "ipv4"; + # address = [ + # "2a01:4f8:c013:65dd::1/64" + # ]; + # routes = [ + # { Gateway = "fe80::1"; } + # ]; + # }; + # }; + }; +} From bca52c8bf68af556823dcfc52f6fd38896411db3 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 26 Jan 2025 17:23:36 +0100 Subject: [PATCH 149/241] hw config for forgejo-runner-1 --- hosts/forgejo-runner-1/hardware.nix | 62 ++++++++++++++--------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/hosts/forgejo-runner-1/hardware.nix b/hosts/forgejo-runner-1/hardware.nix index 034ed88..976b998 100644 --- a/hosts/forgejo-runner-1/hardware.nix +++ b/hosts/forgejo-runner-1/hardware.nix @@ -26,38 +26,38 @@ }; }; - # fileSystems = { - # "/" = { - # device = "/dev/disk/by-uuid/3263489d-9819-433c-b198-9d2e732a94e4"; - # fsType = "ext4"; - # }; - # "/boot" = { - # device = "/dev/disk/by-uuid/6C25-6BDC"; - # fsType = "vfat"; - # options = [ - # "fmask=0077" - # "dmask=0077" - # ]; - # }; - # }; + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/47bc77ff-12e1-4d39-bb5c-fb100ccd3aab"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-uuid/05F2-8F9A"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + }; - # swapDevices = [ - # { device = "/dev/disk/by-uuid/e147721d-86b5-40d7-a231-c6ea391c563d"; } - # ]; + swapDevices = [ + { device = "/dev/disk/by-uuid/bbd18a70-b0bb-4e1a-b45b-3c1f8eccc0c10"; } + ]; - # networking.useNetworkd = true; - # systemd.network = { - # enable = true; - # networks."10-wan" = { - # matchConfig.Name = "enp1s0"; - # networkConfig.DHCP = "ipv4"; - # address = [ - # "2a01:4f8:c013:65dd::1/64" - # ]; - # routes = [ - # { Gateway = "fe80::1"; } - # ]; - # }; - # }; + networking.useNetworkd = true; + systemd.network = { + enable = true; + networks."10-wan" = { + matchConfig.Name = "enp1s0"; + networkConfig.DHCP = "ipv4"; + address = [ + "2a01:4f8:c013:a524::1/64" + ]; + routes = [ + { Gateway = "fe80::1"; } + ]; + }; + }; }; } From 9bc1566e8c6041d42f232e8a860c6134832d287b Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 26 Jan 2025 17:25:28 +0100 Subject: [PATCH 150/241] add host to flake --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index 80868de..195e98a 100644 --- a/flake.nix +++ b/flake.nix @@ -46,6 +46,7 @@ vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; hetzner-vpn2 = import ./hosts/hetzner-vpn2 host-params; + forgejo-runner-1 = import ./hosts/forgejo-runner-1 host-params; ona-book = import ./hosts/ona-book host-params; }; From b143437c8942430494bfad2fafc29c4118de0426 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 26 Jan 2025 19:48:22 +0100 Subject: [PATCH 151/241] fix typo in uuid --- hosts/forgejo-runner-1/hardware.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/forgejo-runner-1/hardware.nix b/hosts/forgejo-runner-1/hardware.nix index 976b998..f7cb083 100644 --- a/hosts/forgejo-runner-1/hardware.nix +++ b/hosts/forgejo-runner-1/hardware.nix @@ -42,7 +42,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/bbd18a70-b0bb-4e1a-b45b-3c1f8eccc0c10"; } + { device = "/dev/disk/by-uuid/bbd18a70-b0bb-4e1a-b45b-3c1f8ecc0c10"; } ]; networking.useNetworkd = true; From 87b5b7ab00f41f9d5fdfceaa86631024a2cd94e1 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 1 Feb 2025 16:02:27 +0100 Subject: [PATCH 152/241] policy.json in extra file, default to reject --- home/vinzenz/.config/containers/policy.json | 16 ++++++++++++++++ home/vinzenz/default.nix | 17 +---------------- 2 files changed, 17 insertions(+), 16 deletions(-) create mode 100644 home/vinzenz/.config/containers/policy.json diff --git a/home/vinzenz/.config/containers/policy.json b/home/vinzenz/.config/containers/policy.json new file mode 100644 index 0000000..d13844e --- /dev/null +++ b/home/vinzenz/.config/containers/policy.json @@ -0,0 +1,16 @@ +{ + "default": [ + { + "type": "reject" + } + ], + "transports": { + "docker-daemon": { + "": [ + { + "type": "insecureAcceptAnything" + } + ] + } + } +} \ No newline at end of file diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 6cd8b3a..0b06468 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -48,22 +48,7 @@ inputs@{ pkgs, ... }: home.file."policy.json" = { target = ".config/containers/policy.json"; - text = '' - { - "default": [ - { - "type": "insecureAcceptAnything" - } - ], - "transports": - { - "docker-daemon": - { - "": [{"type":"insecureAcceptAnything"}] - } - } - } - ''; + text = builtins.readFile ./.config/containers/policy.json; }; }; } From 28f2315edee4232e5816fec954cae025daae23d9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 1 Feb 2025 16:02:33 +0100 Subject: [PATCH 153/241] update flake --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index c38e837..e616973 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1735344290, - "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", + "lastModified": 1736373539, + "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=", "owner": "nix-community", "repo": "home-manager", - "rev": "613691f285dad87694c2ba1c9e6298d04736292d", + "rev": "bd65bc3cde04c16755955630b344bc9e35272c56", "type": "github" }, "original": { @@ -91,11 +91,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1735388221, - "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", + "lastModified": 1738391520, + "narHash": "sha256-6HI58PKjddsC0RA0gBQlt6ox47oH//jLUHwx05RO8g0=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", + "rev": "34b64e4e1ddb14e3ffc7db8d4a781396dbbab773", "type": "github" }, "original": { @@ -107,11 +107,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1735922141, - "narHash": "sha256-vk0xwGZSlvZ/596yxOtsk4gxsIx2VemzdjiU8zhjgWw=", + "lastModified": 1738277201, + "narHash": "sha256-6L+WXKCw5mqnUIExvqkD99pJQ41xgyCk6z/H9snClwk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d29ab98cd4a70a387b8ceea3e930b3340d41ac5a", + "rev": "666e1b3f09c267afd66addebe80fb05a5ef2b554", "type": "github" }, "original": { From 5ed5698587e1918505ebda1c4281fdfdee063aa4 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 1 Feb 2025 16:06:36 +0100 Subject: [PATCH 154/241] add forgejo-runner on forgejo vm --- hosts/forgejo-runner-1/default.nix | 9 ++++---- hosts/forgejo-runner-1/forgejo-runner.nix | 28 +++++++++++++++++++++++ 2 files changed, 32 insertions(+), 5 deletions(-) create mode 100644 hosts/forgejo-runner-1/forgejo-runner.nix diff --git a/hosts/forgejo-runner-1/default.nix b/hosts/forgejo-runner-1/default.nix index 4c2666e..fb7d547 100644 --- a/hosts/forgejo-runner-1/default.nix +++ b/hosts/forgejo-runner-1/default.nix @@ -4,6 +4,8 @@ nixpkgs.lib.nixosSystem { modules = common-modules ++ [ ./hardware.nix ../../users/vinzenz.nix + ../../modules/podman.nix + ./forgejo-runner.nix { networking.hostName = "forgejo-runner-1"; } { # uncomment for build check on non arm system (requires --impure) @@ -11,8 +13,8 @@ nixpkgs.lib.nixosSystem { } { services.tailscale.useRoutingFeatures = "both"; - } - { + system.autoUpgrade.allowReboot = true; + users.users = { root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' @@ -21,8 +23,5 @@ nixpkgs.lib.nixosSystem { ]; }; } - { - system.autoUpgrade.allowReboot = true; - } ]; } diff --git a/hosts/forgejo-runner-1/forgejo-runner.nix b/hosts/forgejo-runner-1/forgejo-runner.nix new file mode 100644 index 0000000..e9f634e --- /dev/null +++ b/hosts/forgejo-runner-1/forgejo-runner.nix @@ -0,0 +1,28 @@ +{ pkgs, ... }: +{ + config = { + environment.systemPackages = with pkgs; [ + forgejo-runner + ]; + + # https://wiki.nixos.org/wiki/Forgejo + + services.gitea-actions-runner = { + package = pkgs.forgejo-actions-runner; + instances.default = { + enable = true; + name = "cccb"; + url = "https://git.berlin.ccc.de"; + # Obtaining the path to the runner token file may differ + # tokenFile should be in format TOKEN=, since it's EnvironmentFile for systemd + tokenFile = "/etc/forgejo-runner/registration_token"; + labels = [ + "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:rust-latest" + ]; + settings = { + container.network = "bridge"; + }; + }; + }; + }; +} From f8b1e0ca3b6bebf4a9f35fdc565725ae91765820 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 8 Feb 2025 18:50:10 +0100 Subject: [PATCH 155/241] add recursive font --- modules/desktop-environment.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index b480f67..9d4fcd8 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -99,7 +99,11 @@ fonts = { enableDefaultPackages = true; fontconfig.defaultFonts.monospace = [ "FiraCode Nerd Font" ]; - packages = with pkgs; [ (nerdfonts.override { fonts = [ "FiraCode" ]; }) roboto-mono ]; + packages = with pkgs; [ + (nerdfonts.override { fonts = [ "FiraCode" ]; }) + roboto-mono + recursive + ]; }; hardware.logitech.wireless = { From 3acaf5d98a12b73fe5ca57643dcff6350a85eb63 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 13 Feb 2025 19:03:52 +0100 Subject: [PATCH 156/241] set ubuntu-latest to mean 24.04 instead of ancient 22.04 --- hosts/forgejo-runner-1/forgejo-runner.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/forgejo-runner-1/forgejo-runner.nix b/hosts/forgejo-runner-1/forgejo-runner.nix index e9f634e..4edc17e 100644 --- a/hosts/forgejo-runner-1/forgejo-runner.nix +++ b/hosts/forgejo-runner-1/forgejo-runner.nix @@ -17,7 +17,8 @@ # tokenFile should be in format TOKEN=, since it's EnvironmentFile for systemd tokenFile = "/etc/forgejo-runner/registration_token"; labels = [ - "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:rust-latest" + "ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:rust-24.04" + "ubuntu-24.04:docker://ghcr.io/catthehacker/ubuntu:rust-24.04" ]; settings = { container.network = "bridge"; From 2f19ef4f5f3d5209b5344f4d4558aa408d7c983f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 13 Feb 2025 19:04:14 +0100 Subject: [PATCH 157/241] add git oauth and cache --- home/vinzenz/default.nix | 1 + home/vinzenz/git.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 0b06468..5352918 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -10,6 +10,7 @@ inputs@{ pkgs, ... }: git = import ./git.nix; vscode = import ./vscode.nix inputs; ssh = import ./ssh.nix; + git-credential-oauth.enable = true; direnv = { enable = true; diff --git a/home/vinzenz/git.nix b/home/vinzenz/git.nix index f219d60..3aee6da 100644 --- a/home/vinzenz/git.nix +++ b/home/vinzenz/git.nix @@ -12,6 +12,7 @@ pull.ff = "only"; merge.tool = "kdiff3"; push.autoSetupRemote = "true"; + credential.credentialStore = "cache"; }; ignores = [ From 852e9fbf9b551574683410847ef77da3bc036649 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 13 Feb 2025 19:27:17 +0100 Subject: [PATCH 158/241] update flake --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index e616973..330dced 100644 --- a/flake.lock +++ b/flake.lock @@ -91,11 +91,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1738391520, - "narHash": "sha256-6HI58PKjddsC0RA0gBQlt6ox47oH//jLUHwx05RO8g0=", + "lastModified": 1738816619, + "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "34b64e4e1ddb14e3ffc7db8d4a781396dbbab773", + "rev": "2eccff41bab80839b1d25b303b53d339fbb07087", "type": "github" }, "original": { @@ -107,11 +107,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1738277201, - "narHash": "sha256-6L+WXKCw5mqnUIExvqkD99pJQ41xgyCk6z/H9snClwk=", + "lastModified": 1739357830, + "narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "666e1b3f09c267afd66addebe80fb05a5ef2b554", + "rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", "type": "github" }, "original": { From d1863fb799cee95bbbc84031b11ddc1390688117 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 15 Feb 2025 11:57:49 +0100 Subject: [PATCH 159/241] add key --- hosts/vinzenz-pc2/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index 707457a..e0bbd9d 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -52,6 +52,7 @@ nixpkgs.lib.nixosSystem { users.users.ronja.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgN6J8KyVyQqBAz+y3drXDmIsxOPkdPB+ISgpIP9Eld Generated By Termius'' ]; } ]; From f94daa76ea589a06ed2a635459e16c78f7bc8369 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 15 Feb 2025 11:58:12 +0100 Subject: [PATCH 160/241] add wikitext vscode extension --- home/vinzenz/vscode.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index 29f5046..d04139c 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -18,6 +18,7 @@ vadimcn.vscode-lldb ms-dotnettools.csharp ms-vscode-remote.remote-ssh + RoweWilsonFrederiskHolme.wikitext ]; userSettings = { "files.autoSave" = "afterDelay"; From e44a1d3b08b4042f98a33ebd818ad2d92aadea57 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 15 Feb 2025 12:05:37 +0100 Subject: [PATCH 161/241] gaming tweaks, vscode explicit git path --- home/vinzenz/vscode.nix | 3 ++- modules/amd-graphics.nix | 2 +- modules/gaming.nix | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index d04139c..0faf92e 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, lib, ... }: { enable = true; package = pkgs.vscodium; @@ -43,6 +43,7 @@ "redhat.telemetry.enabled" = false; "git.autofetch" = true; + "git.path" = "${lib.getBin pkgs.git}/bin/git"; "diffEditor.diffAlgorithm" = "advanced"; "explorer.excludeGitIgnore" = true; "markdown.extension.tableFormatter.normalizeIndentation" = true; diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix index 4ae15ac..9ec5f75 100644 --- a/modules/amd-graphics.nix +++ b/modules/amd-graphics.nix @@ -10,7 +10,7 @@ opencl.enable = true; amdvlk = { # TODO: this creates black borders around GNOME apps - # enable = true; + enable = true; support32Bit.enable = config.hardware.graphics.enable32Bit; }; }; diff --git a/modules/gaming.nix b/modules/gaming.nix index 4a4bebd..03499cc 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -30,7 +30,7 @@ remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; localNetworkGameTransfers.openFirewall = true; - gamescopeSession.enable = true; + gamescopeSession.enable = false; }; gamemode.enable = true; }; From cbce2da2cc1444fb5c3d556cca4fc285db1e32cf Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Wed, 19 Feb 2025 21:30:06 +0100 Subject: [PATCH 162/241] (insecurely) allow docker.io/library/debian --- home/vinzenz/.config/containers/policy.json | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/home/vinzenz/.config/containers/policy.json b/home/vinzenz/.config/containers/policy.json index d13844e..d1f9b60 100644 --- a/home/vinzenz/.config/containers/policy.json +++ b/home/vinzenz/.config/containers/policy.json @@ -11,6 +11,13 @@ "type": "insecureAcceptAnything" } ] + }, + "docker": { + "docker.io/library/debian": [ + { + "type": "insecureAcceptAnything" + } + ] } } -} \ No newline at end of file +} From f44484b8f7169db409f99495a246d6169890851f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 9 Mar 2025 10:52:29 +0100 Subject: [PATCH 163/241] update flake --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 330dced..a11515e 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1736373539, - "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=", + "lastModified": 1739757849, + "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", "owner": "nix-community", "repo": "home-manager", - "rev": "bd65bc3cde04c16755955630b344bc9e35272c56", + "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", "type": "github" }, "original": { @@ -91,11 +91,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1738816619, - "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=", + "lastModified": 1741325094, + "narHash": "sha256-RUAdT8dZ6k/486vnu3tiNRrNW6+Q8uSD2Mq7gTX4jlo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "2eccff41bab80839b1d25b303b53d339fbb07087", + "rev": "b48cc4dab0f9711af296fc367b6108cf7b8ccb16", "type": "github" }, "original": { @@ -107,11 +107,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1739357830, - "narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", + "lastModified": 1741332913, + "narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", + "rev": "20755fa05115c84be00b04690630cb38f0a203ad", "type": "github" }, "original": { From a620f86204722d88a2bfb314a4b3d42e151a58fb Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 15 Mar 2025 10:25:44 +0100 Subject: [PATCH 164/241] update zsh plugin list --- home/vinzenz/zsh.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 13ff561..8290bf2 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -11,7 +11,7 @@ my-apply = "sudo nixos-rebuild boot --flake"; my-switch = "sudo nixos-rebuild switch --flake"; my-update = "sudo nixos-rebuild boot --upgrade --flake"; - my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; + my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; my-test = "sudo nixos-rebuild test"; my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; my-ip4 = "ip addr show | grep 192"; @@ -31,8 +31,12 @@ plugins = [ "git" "sudo" - "docker" "systemadmin" + "battery" + "dotnet" + "rust" + "tailscale" + "thefuck" ]; }; } From 7153f0836affea0ac95c21ed38a59203d6e1af6a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 15 Mar 2025 11:03:03 +0100 Subject: [PATCH 165/241] restructure flake, remove ona-book partially based on https://codeberg.org/kiara/cfg --- flake.nix | 53 ++++++++-------- hosts/forgejo-runner-1/configuration.nix | 15 +++++ hosts/forgejo-runner-1/default.nix | 27 -------- hosts/forgejo-runner-1/imports.nix | 7 +++ hosts/hetzner-vpn2/configuration.nix | 27 ++++++++ hosts/hetzner-vpn2/default.nix | 40 ------------ hosts/hetzner-vpn2/imports.nix | 7 +++ hosts/ona-book/default.nix | 46 -------------- hosts/ona-book/hardware.nix | 79 ------------------------ hosts/vinzenz-lpt2/configuration.nix | 34 ++++++++++ hosts/vinzenz-lpt2/default.nix | 60 ------------------ hosts/vinzenz-lpt2/imports.nix | 15 +++++ hosts/vinzenz-pc2/configuration.nix | 40 ++++++++++++ hosts/vinzenz-pc2/default.nix | 59 ------------------ hosts/vinzenz-pc2/imports.nix | 15 +++++ modules/gaming.nix | 1 + users/vinzenz.nix | 1 + 17 files changed, 189 insertions(+), 337 deletions(-) create mode 100644 hosts/forgejo-runner-1/configuration.nix delete mode 100644 hosts/forgejo-runner-1/default.nix create mode 100644 hosts/forgejo-runner-1/imports.nix create mode 100644 hosts/hetzner-vpn2/configuration.nix delete mode 100644 hosts/hetzner-vpn2/default.nix create mode 100644 hosts/hetzner-vpn2/imports.nix delete mode 100644 hosts/ona-book/default.nix delete mode 100644 hosts/ona-book/hardware.nix create mode 100644 hosts/vinzenz-lpt2/configuration.nix delete mode 100644 hosts/vinzenz-lpt2/default.nix create mode 100644 hosts/vinzenz-lpt2/imports.nix create mode 100644 hosts/vinzenz-pc2/configuration.nix delete mode 100644 hosts/vinzenz-pc2/default.nix create mode 100644 hosts/vinzenz-pc2/imports.nix diff --git a/flake.nix b/flake.nix index 195e98a..da0baf6 100644 --- a/flake.nix +++ b/flake.nix @@ -22,33 +22,34 @@ lix-module, nixos-hardware, }: + let + devices = { + vinzenz-lpt2 = "x86_64-linux"; + vinzenz-pc2 = "x86_64-linux"; + hetzner-vpn2 = "aarch64-linux"; + forgejo-runner-1 = "aarch64-linux"; + }; + forDevice = f: nixpkgs.lib.mapAttrs f devices; + in { - nixosConfigurations = - let - host-params = { - inherit nixpkgs; - inherit home-manager; - inherit lix-module; - inherit nixos-hardware; - common-modules = [ - lix-module.nixosModules.default - ./common - ]; - desktop-modules = [ - home-manager.nixosModules.home-manager - ./home - ./modules/desktop-environment.nix - ./modules/desktop-hardware.nix - ]; - }; - in - { - vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; - vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; - hetzner-vpn2 = import ./hosts/hetzner-vpn2 host-params; - forgejo-runner-1 = import ./hosts/forgejo-runner-1 host-params; - ona-book = import ./hosts/ona-book host-params; - }; + nixosConfigurations = forDevice ( + device: system: + nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + lix-module.nixosModules.default + home-manager.nixosModules.home-manager + + { networking.hostName = device; } + + ./common + + ./hosts/${device}/hardware.nix + ./hosts/${device}/imports.nix + ./hosts/${device}/configuration.nix + ]; + } + ); formatter = { x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style; diff --git a/hosts/forgejo-runner-1/configuration.nix b/hosts/forgejo-runner-1/configuration.nix new file mode 100644 index 0000000..81b5be8 --- /dev/null +++ b/hosts/forgejo-runner-1/configuration.nix @@ -0,0 +1,15 @@ +{ pkgs, ... }: +{ + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + services.tailscale.useRoutingFeatures = "both"; + system.autoUpgrade.allowReboot = true; + + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + }; +} diff --git a/hosts/forgejo-runner-1/default.nix b/hosts/forgejo-runner-1/default.nix deleted file mode 100644 index fb7d547..0000000 --- a/hosts/forgejo-runner-1/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ nixpkgs, common-modules, ... }: -nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = common-modules ++ [ - ./hardware.nix - ../../users/vinzenz.nix - ../../modules/podman.nix - ./forgejo-runner.nix - { networking.hostName = "forgejo-runner-1"; } - { - # uncomment for build check on non arm system (requires --impure) - # nixpkgs.buildPlatform = builtins.currentSystem; - } - { - services.tailscale.useRoutingFeatures = "both"; - system.autoUpgrade.allowReboot = true; - - users.users = { - root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - }; - } - ]; -} diff --git a/hosts/forgejo-runner-1/imports.nix b/hosts/forgejo-runner-1/imports.nix new file mode 100644 index 0000000..f63120e --- /dev/null +++ b/hosts/forgejo-runner-1/imports.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ../../users/vinzenz.nix + ../../modules/podman.nix + ./forgejo-runner.nix + ]; +} diff --git a/hosts/hetzner-vpn2/configuration.nix b/hosts/hetzner-vpn2/configuration.nix new file mode 100644 index 0000000..c4b747d --- /dev/null +++ b/hosts/hetzner-vpn2/configuration.nix @@ -0,0 +1,27 @@ +{ pkgs, ... }: +{ + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + + services.tailscale.useRoutingFeatures = "both"; + + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + ]; + }; + + system.autoUpgrade.allowReboot = true; +} diff --git a/hosts/hetzner-vpn2/default.nix b/hosts/hetzner-vpn2/default.nix deleted file mode 100644 index 288cd46..0000000 --- a/hosts/hetzner-vpn2/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ nixpkgs, common-modules, ... }: -nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = common-modules ++ [ - ./hardware.nix - ./nginx.nix - ../../users/vinzenz.nix - ../../users/ronja.nix - { networking.hostName = "hetzner-vpn2"; } - { - # uncomment for build check on non arm system (requires --impure) - # nixpkgs.buildPlatform = builtins.currentSystem; - } - { - services.tailscale.useRoutingFeatures = "both"; - } - { - users.users = { - root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - ]; - }; - } - { - system.autoUpgrade.allowReboot = true; - } - ]; -} diff --git a/hosts/hetzner-vpn2/imports.nix b/hosts/hetzner-vpn2/imports.nix new file mode 100644 index 0000000..b17a1c8 --- /dev/null +++ b/hosts/hetzner-vpn2/imports.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./nginx.nix + ../../users/vinzenz.nix + ../../users/ronja.nix + ]; +} diff --git a/hosts/ona-book/default.nix b/hosts/ona-book/default.nix deleted file mode 100644 index 2231494..0000000 --- a/hosts/ona-book/default.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ - nixpkgs, - common-modules, - desktop-modules, - nixos-hardware, - home-manager, - ... -}: -nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = common-modules ++ [ - home-manager.nixosModules.home-manager - ../../home - ../../modules/desktop-environment.nix - - nixos-hardware.nixosModules.apple-macbook-pro-14-1 - { allowedUnfreePackages = [ "b43-firmware" ]; } - - ./hardware.nix - ../../home/gnome.nix - ../../users/ronja.nix - ../../modules/gnome.nix - - { - networking = { - hostName = "ona-book"; - networkmanager.enable = true; - }; - services.xserver.xkb = { - layout = "us"; - options = "eurosign:e,caps:escape"; - }; - } - - { - home-manager.users.ronja = import ../../home/ronja; - - users.users.ronja.openssh.authorizedKeys.keys = [ - ]; - } - - { - - } - ]; -} diff --git a/hosts/ona-book/hardware.nix b/hosts/ona-book/hardware.nix deleted file mode 100644 index bf4fdc4..0000000 --- a/hosts/ona-book/hardware.nix +++ /dev/null @@ -1,79 +0,0 @@ -{ - config, - lib, - pkgs, - modulesPath, - ... -}: -{ - imports = [ - (modulesPath + "/hardware/network/broadcom-43xx.nix") - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - config = { - boot = { - initrd.availableKernelModules = [ - "xhci_pci" - "nvme" - "usb_storage" - "sd_mod" - ]; - initrd.kernelModules = [ ]; - kernelModules = [ - "kvm-intel" - "snd_hda_codec_cs8409" - "hci_uart" - "bluetooth" - "btbcm" - ]; - extraModulePackages = [ ]; - blacklistedKernelModules = [ ]; - kernelParams = []; - loader = { - efi.canTouchEfiVariables = true; - systemd-boot = { - enable = true; - editor = false; # do not allow changing kernel parameters - consoleMode = "max"; - }; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/15220182-5617-4963-814e-19ff29b7db8c"; - fsType = "btrfs"; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/1C7D-07C1"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/e4c91c7e-8b62-48e4-923d-4d750ebbc7db"; } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - - hardware.enableAllFirmware = true; - nixpkgs.config.allowUnfree = true; - hardware.enableRedistributableFirmware = true; - - hardware.facetimehd.enable = true; - }; -} diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix new file mode 100644 index 0000000..0e4a769 --- /dev/null +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -0,0 +1,34 @@ +{ + pkgs, + ... +}: +{ + imports = [ ./nginx.nix ]; + networking.networkmanager.enable = true; + nix.settings.extra-platforms = [ + "aarch64-linux" + "i686-linux" + ]; + + services.xserver.xkb = { + # Configure keymap in X11 + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + home-manager.users.vinzenz = import ../../home/vinzenz; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ]; + + #users.users.ronja.openssh.authorizedKeys.keys = [ + # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + #]; + + programs.adb.enable = true; +} diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix deleted file mode 100644 index c2944b1..0000000 --- a/hosts/vinzenz-lpt2/default.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ - nixpkgs, - common-modules, - desktop-modules, - ... -}: -nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = - common-modules - ++ desktop-modules - ++ [ - ./hardware.nix - ./nginx.nix - - ../../home/gnome.nix - ../../users/vinzenz.nix - ../../modules/gnome.nix - ../../modules/gaming.nix - ../../modules/printing.nix - ../../modules/podman.nix - - { - networking = { - hostName = "vinzenz-lpt2"; - networkmanager.enable = true; - }; - nix.settings.extra-platforms = [ - "aarch64-linux" - "i686-linux" - ]; - - services.xserver.xkb = { - # Configure keymap in X11 - layout = "de"; - variant = ""; - }; - - # Configure console keymap - console.keyMap = "de"; - } - - { - home-manager.users.vinzenz = import ../../home/vinzenz; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ]; - - #users.users.ronja.openssh.authorizedKeys.keys = [ - # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - #]; - } - - { - programs.adb.enable = true; - } - ]; -} diff --git a/hosts/vinzenz-lpt2/imports.nix b/hosts/vinzenz-lpt2/imports.nix new file mode 100644 index 0000000..7f18417 --- /dev/null +++ b/hosts/vinzenz-lpt2/imports.nix @@ -0,0 +1,15 @@ +{ + imports = [ + ../../home/gnome.nix + ../../users/vinzenz.nix + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + ../../modules/podman.nix + + ../../home + ../../modules/desktop-environment.nix + ../../modules/desktop-hardware.nix + + ]; +} diff --git a/hosts/vinzenz-pc2/configuration.nix b/hosts/vinzenz-pc2/configuration.nix new file mode 100644 index 0000000..a163141 --- /dev/null +++ b/hosts/vinzenz-pc2/configuration.nix @@ -0,0 +1,40 @@ +{ + pkgs, + ... +}: +{ + imports = [ + ./hardware.nix + ./vscode-server.nix + ]; + networking.networkmanager.enable = true; + nix.settings.extra-platforms = [ + "aarch64-linux" + "i686-linux" + ]; + + services.xserver.xkb = { + # Configure keymap in X11 + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + home-manager.users = { + vinzenz = import ../../home/vinzenz; + ronja = import ../../home/ronja; + }; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + + users.users.ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgN6J8KyVyQqBAz+y3drXDmIsxOPkdPB+ISgpIP9Eld Generated By Termius'' + ]; +} diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix deleted file mode 100644 index e0bbd9d..0000000 --- a/hosts/vinzenz-pc2/default.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - nixpkgs, - common-modules, - desktop-modules, - ... -}: -nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = - common-modules - ++ desktop-modules - ++ [ - ./hardware.nix - ./vscode-server.nix - ../../home/gnome.nix - ../../users/vinzenz.nix - ../../users/ronja.nix - ../../modules/gnome.nix - ../../modules/gaming.nix - ../../modules/printing.nix - ../../modules/podman.nix - { - networking = { - hostName = "vinzenz-pc2"; - networkmanager.enable = true; - }; - nix.settings.extra-platforms = [ - "aarch64-linux" - "i686-linux" - ]; - - services.xserver.xkb = { - # Configure keymap in X11 - layout = "de"; - variant = ""; - }; - - # Configure console keymap - console.keyMap = "de"; - } - { - home-manager.users = { - vinzenz = import ../../home/vinzenz; - ronja = import ../../home/ronja; - }; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - - users.users.ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgN6J8KyVyQqBAz+y3drXDmIsxOPkdPB+ISgpIP9Eld Generated By Termius'' - ]; - } - ]; -} diff --git a/hosts/vinzenz-pc2/imports.nix b/hosts/vinzenz-pc2/imports.nix new file mode 100644 index 0000000..ff296b9 --- /dev/null +++ b/hosts/vinzenz-pc2/imports.nix @@ -0,0 +1,15 @@ +{ + imports = [ + ../../home/gnome.nix + ../../users/vinzenz.nix + ../../users/ronja.nix + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + ../../modules/podman.nix + + ../../home + ../../modules/desktop-environment.nix + ../../modules/desktop-hardware.nix + ]; +} diff --git a/modules/gaming.nix b/modules/gaming.nix index 03499cc..6cb625f 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -75,6 +75,7 @@ "steam-original" "steam-run" "steam-unwrapped" + "ut1999" ]; }; } diff --git a/users/vinzenz.nix b/users/vinzenz.nix index b4e6aa0..5a2d422 100644 --- a/users/vinzenz.nix +++ b/users/vinzenz.nix @@ -14,6 +14,7 @@ "podman" "nginx" "adbusers" + "kvm" ]; shell = pkgs.zsh; autoSubUidGidRange = true; From f343ae11705e44d037cd654f6afcd427df74ef0a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 15 Mar 2025 11:27:22 +0100 Subject: [PATCH 166/241] fix thefuck --- home/vinzenz/default.nix | 5 +++++ home/vinzenz/zsh.nix | 1 - 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 5352918..1ff08c4 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -26,6 +26,11 @@ inputs@{ pkgs, ... }: "--header" ]; }; + + thefuck = { + enable = true; + enableZshIntegration = true; + }; }; editorconfig = import ./editorconfig.nix; diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 8290bf2..5ec9e83 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -36,7 +36,6 @@ "dotnet" "rust" "tailscale" - "thefuck" ]; }; } From e75cd528d082d85d0dd94a140e23b508f3d42102 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 15 Mar 2025 19:05:34 +0100 Subject: [PATCH 167/241] less import usage --- common/nixpkgs.nix | 2 +- home/ronja/default.nix | 88 +++++++++++----------- home/ronja/vscode.nix | 92 ++++++++++++----------- home/vinzenz/default.nix | 108 ++++++++++++++------------- home/vinzenz/editorconfig.nix | 29 +++---- home/vinzenz/git.nix | 41 +++++----- home/vinzenz/gnome.nix | 2 +- home/vinzenz/ssh.nix | 99 ++++++++++++------------ home/vinzenz/vscode.nix | 96 ++++++++++++------------ home/vinzenz/zsh.nix | 68 +++++++++-------- hosts/vinzenz-lpt2/configuration.nix | 56 +++++++------- hosts/vinzenz-lpt2/imports.nix | 1 + hosts/vinzenz-pc2/configuration.nix | 58 +++++++------- hosts/vinzenz-pc2/imports.nix | 2 + 14 files changed, 380 insertions(+), 362 deletions(-) diff --git a/common/nixpkgs.nix b/common/nixpkgs.nix index 42d7c03..03c9c0c 100644 --- a/common/nixpkgs.nix +++ b/common/nixpkgs.nix @@ -42,7 +42,7 @@ autoUpgrade = { enable = true; dates = "daily"; - flake = "github:kaesaecracker/nixos-configuration"; + flake = "git+https://git.berlin.ccc.de/vinzenz/nixos-configuration.git"; }; }; diff --git a/home/ronja/default.nix b/home/ronja/default.nix index 35fa2d9..b4bebd0 100644 --- a/home/ronja/default.nix +++ b/home/ronja/default.nix @@ -1,55 +1,57 @@ inputs@{ config, pkgs, ... }: { - home.packages = with pkgs; [ - ## Apps - telegram-desktop - kdiff3 - ]; + imports = [ ./vscode.nix ]; + config.home-manager.users.ronja = { + home.packages = with pkgs; [ + ## Apps + telegram-desktop + kdiff3 + ]; - programs = { - home-manager.enable = true; - vscode = import ./vscode.nix inputs; + programs = { + home-manager.enable = true; - zsh = { - history = { - size = 10000; - path = "${config.xdg.dataHome}/zsh/history"; - expireDuplicatesFirst = true; + zsh = { + history = { + size = 10000; + path = "${config.xdg.dataHome}/zsh/history"; + expireDuplicatesFirst = true; + }; + + oh-my-zsh = { + enable = true; + theme = "agnoster"; + plugins = [ + "git" + "sudo" + "systemadmin" + ]; + }; }; - oh-my-zsh = { + git = { + userName = "Ronja Spiegelberg"; + userEmail = "ronja.spiegelberg@gmail.com"; + + extraConfig = { + pull.ff = "only"; + merge.tool = "kdiff3"; + }; + }; + + chromium = { enable = true; - theme = "agnoster"; - plugins = [ - "git" - "sudo" - "systemadmin" + extensions = [ + { + # ublock origin + id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; + } + { + id = "dcpihecpambacapedldabdbpakmachpb"; + updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; + } ]; }; }; - - git = { - userName = "Ronja Spiegelberg"; - userEmail = "ronja.spiegelberg@gmail.com"; - - extraConfig = { - pull.ff = "only"; - merge.tool = "kdiff3"; - }; - }; - - chromium = { - enable = true; - extensions = [ - { - # ublock origin - id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; - } - { - id = "dcpihecpambacapedldabdbpakmachpb"; - updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; - } - ]; - }; }; } diff --git a/home/ronja/vscode.nix b/home/ronja/vscode.nix index 29f5046..79ab666 100644 --- a/home/ronja/vscode.nix +++ b/home/ronja/vscode.nix @@ -1,56 +1,58 @@ { pkgs, ... }: { - enable = true; - package = pkgs.vscodium; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - bbenoist.nix - ms-python.python - kamadorueda.alejandra - editorconfig.editorconfig - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - rust-lang.rust-analyzer - tamasfe.even-better-toml - llvm-vs-code-extensions.vscode-clangd - mkhl.direnv - vadimcn.vscode-lldb - ms-dotnettools.csharp - ms-vscode-remote.remote-ssh - ]; - userSettings = { - "files.autoSave" = "afterDelay"; - "files.autoSaveWhenNoErrors" = true; - "files.autoSaveWorkspaceFilesOnly" = true; + config.programs.vscode = { + enable = true; + package = pkgs.vscodium; + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + ms-python.python + kamadorueda.alejandra + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + ms-dotnettools.csharp + ms-vscode-remote.remote-ssh + ]; + userSettings = { + "files.autoSave" = "afterDelay"; + "files.autoSaveWhenNoErrors" = true; + "files.autoSaveWorkspaceFilesOnly" = true; - "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; - "editor.fontLigatures" = true; - "editor.formatOnSave" = true; - "editor.formatOnSaveMode" = "modificationsIfAvailable"; - "editor.minimap.autohide" = true; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; - "update.mode" = "none"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; + "update.mode" = "none"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; - "git.autofetch" = true; - "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = true; - "markdown.extension.tableFormatter.normalizeIndentation" = true; - "markdown.extension.toc.orderedList" = false; - "rust-analyzer.checkOnSave.command" = "clippy"; + "git.autofetch" = true; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = true; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; + "rust-analyzer.checkOnSave.command" = "clippy"; - "\[makefile\]" = { - "editor.insertSpaces" = false; - "editor.detectIndentation" = false; + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; }; }; } diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 1ff08c4..1f2ff01 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -1,60 +1,66 @@ -inputs@{ pkgs, ... }: +{ ... }: { - imports = [ ./gnome.nix ]; + config.home-manager.users.vinzenz = + { pkgs, ... }: + { + imports = [ + ./editorconfig.nix + ./git.nix + ./gnome.nix + ./ssh.nix + ./vscode.nix + ./zsh.nix + ]; - config = { - programs = { - home-manager.enable = true; - fzf.enable = true; - zsh = import ./zsh.nix inputs; - git = import ./git.nix; - vscode = import ./vscode.nix inputs; - ssh = import ./ssh.nix; - git-credential-oauth.enable = true; + config = { - direnv = { - enable = true; - nix-direnv.enable = true; - }; + programs = { + home-manager.enable = true; + fzf.enable = true; + git-credential-oauth.enable = true; - eza = { - enable = true; - git = true; - icons = "auto"; - extraOptions = [ - "--group-directories-first" - "--header" + direnv = { + enable = true; + nix-direnv.enable = true; + }; + + eza = { + enable = true; + git = true; + icons = "auto"; + extraOptions = [ + "--group-directories-first" + "--header" + ]; + }; + + thefuck = { + enable = true; + enableZshIntegration = true; + }; + }; + + home.packages = with pkgs; [ + keepassxc + insync + + telegram-desktop + element-desktop + + wireguard-tools + wirelesstools + + kdiff3 + jetbrains-toolbox + + blanket + vlc ]; - }; - thefuck = { - enable = true; - enableZshIntegration = true; + home.file."policy.json" = { + target = ".config/containers/policy.json"; + text = builtins.readFile ./.config/containers/policy.json; + }; }; }; - - editorconfig = import ./editorconfig.nix; - - home.packages = with pkgs; [ - keepassxc - insync - - telegram-desktop - element-desktop - - wireguard-tools - wirelesstools - - kdiff3 - jetbrains-toolbox - - blanket - vlc - ]; - - home.file."policy.json" = { - target = ".config/containers/policy.json"; - text = builtins.readFile ./.config/containers/policy.json; - }; - }; } diff --git a/home/vinzenz/editorconfig.nix b/home/vinzenz/editorconfig.nix index 8eb3987..496c714 100644 --- a/home/vinzenz/editorconfig.nix +++ b/home/vinzenz/editorconfig.nix @@ -1,17 +1,20 @@ +{ ... }: { - enable = true; - settings = { - "*" = { - charset = "utf-8"; - end_of_line = "lf"; - trim_trailing_whitespace = true; - insert_final_newline = true; - max_line_width = 120; - indent_style = "space"; - indent_size = 4; - }; - "*.nix" = { - indent_size = 2; + config.editorconfig = { + enable = true; + settings = { + "*" = { + charset = "utf-8"; + end_of_line = "lf"; + trim_trailing_whitespace = true; + insert_final_newline = true; + max_line_width = 120; + indent_style = "space"; + indent_size = 4; + }; + "*.nix" = { + indent_size = 2; + }; }; }; } diff --git a/home/vinzenz/git.nix b/home/vinzenz/git.nix index 3aee6da..ddaa890 100644 --- a/home/vinzenz/git.nix +++ b/home/vinzenz/git.nix @@ -1,23 +1,26 @@ +{ ... }: { - enable = true; - userName = "Vinzenz Schroeter"; - userEmail = "vinzenz.f.s@gmail.com"; + config.programs.git = { + enable = true; + userName = "Vinzenz Schroeter"; + userEmail = "vinzenz.f.s@gmail.com"; - aliases = { - prettylog = "log --pretty=oneline --graph"; - spring-clean = "!git branch --merged | xargs -n 1 -r git branch -d"; + aliases = { + prettylog = "log --pretty=oneline --graph"; + spring-clean = "!git branch --merged | xargs -n 1 -r git branch -d"; + }; + + extraConfig = { + pull.ff = "only"; + merge.tool = "kdiff3"; + push.autoSetupRemote = "true"; + credential.credentialStore = "cache"; + }; + + ignores = [ + ".direnv" + ".idea" + ".envrc" + ]; }; - - extraConfig = { - pull.ff = "only"; - merge.tool = "kdiff3"; - push.autoSetupRemote = "true"; - credential.credentialStore = "cache"; - }; - - ignores = [ - ".direnv" - ".idea" - ".envrc" - ]; } diff --git a/home/vinzenz/gnome.nix b/home/vinzenz/gnome.nix index 4e70618..b0f6e3d 100644 --- a/home/vinzenz/gnome.nix +++ b/home/vinzenz/gnome.nix @@ -1,4 +1,4 @@ -inputs@{ pkgs, ... }: +{ pkgs, ... }: { config = { home.packages = with pkgs.gnomeExtensions; [ diff --git a/home/vinzenz/ssh.nix b/home/vinzenz/ssh.nix index ae25099..260185f 100644 --- a/home/vinzenz/ssh.nix +++ b/home/vinzenz/ssh.nix @@ -1,52 +1,55 @@ +{ ... }: { - enable = true; - matchBlocks = { - "vpn1" = { - host = "vpn1 hetzner-vpn1"; - hostname = "157.90.146.125"; # 2a01:4f8:c012:7137::/64 - user = "root"; - }; - "vpn2" = { - host = "vpn2 hetzner-vpn2"; - hostname = "2a01:4f8:c013:65dd::1"; - user = "root"; - }; - "vpn1-ts" = { - host = "vpn1-ts hetzner-vpn1.donkey-pentatonic.ts.net"; - hostname = "hetzner-vpn1.donkey-pentatonic.ts.net"; - user = "root"; - }; - "openwrt" = { - host = "openwrt openwrt.lan"; - hostname = "openwrt.lan"; - user = "root"; - }; - "openwrt-ts" = { - hostname = "openwrt.donkey-pentatonic.ts.net"; - port = 2222; - user = "root"; - }; - "openwrt-j" = { - hostname = "openwrt.donkey-pentatonic.ts.net"; - proxyJump = "vpn1"; - port = 2222; - user = "root"; - }; - "pc2-power" = { - hostname = "openwrt.donkey-pentatonic.ts.net"; - proxyJump = "vpn1"; - port = 2222; - user = "pc2-power"; - }; - "avd-power" = { - # hostname = "2001:678:560:23:9833:63ff:fe2d:f477" - # hostname = "195.160.172.25"; - hostname = "avd-jumphost.club.berlin.ccc.de"; - user = "power"; - }; - "avd" = { - hostname = "avd.club.berlin.ccc.de"; - user = "vinzenz"; + config.programs.ssh = { + enable = true; + matchBlocks = { + "vpn1" = { + host = "vpn1 hetzner-vpn1"; + hostname = "157.90.146.125"; # 2a01:4f8:c012:7137::/64 + user = "root"; + }; + "vpn2" = { + host = "vpn2 hetzner-vpn2"; + hostname = "2a01:4f8:c013:65dd::1"; + user = "root"; + }; + "vpn1-ts" = { + host = "vpn1-ts hetzner-vpn1.donkey-pentatonic.ts.net"; + hostname = "hetzner-vpn1.donkey-pentatonic.ts.net"; + user = "root"; + }; + "openwrt" = { + host = "openwrt openwrt.lan"; + hostname = "openwrt.lan"; + user = "root"; + }; + "openwrt-ts" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + port = 2222; + user = "root"; + }; + "openwrt-j" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + proxyJump = "vpn1"; + port = 2222; + user = "root"; + }; + "pc2-power" = { + hostname = "openwrt.donkey-pentatonic.ts.net"; + proxyJump = "vpn1"; + port = 2222; + user = "pc2-power"; + }; + "avd-power" = { + # hostname = "2001:678:560:23:9833:63ff:fe2d:f477" + # hostname = "195.160.172.25"; + hostname = "avd-jumphost.club.berlin.ccc.de"; + user = "power"; + }; + "avd" = { + hostname = "avd.club.berlin.ccc.de"; + user = "vinzenz"; + }; }; }; } diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index 0faf92e..098fc4a 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -1,58 +1,60 @@ { pkgs, lib, ... }: { - enable = true; - package = pkgs.vscodium; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - bbenoist.nix - ms-python.python - kamadorueda.alejandra - editorconfig.editorconfig - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - rust-lang.rust-analyzer - tamasfe.even-better-toml - llvm-vs-code-extensions.vscode-clangd - mkhl.direnv - vadimcn.vscode-lldb - ms-dotnettools.csharp - ms-vscode-remote.remote-ssh - RoweWilsonFrederiskHolme.wikitext - ]; - userSettings = { - "files.autoSave" = "afterDelay"; - "files.autoSaveWhenNoErrors" = true; - "files.autoSaveWorkspaceFilesOnly" = true; + config.programs.vscode = { + enable = true; + package = pkgs.vscodium; + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + ms-python.python + kamadorueda.alejandra + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + ms-dotnettools.csharp + ms-vscode-remote.remote-ssh + RoweWilsonFrederiskHolme.wikitext + ]; + userSettings = { + "files.autoSave" = "afterDelay"; + "files.autoSaveWhenNoErrors" = true; + "files.autoSaveWorkspaceFilesOnly" = true; - "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; - "editor.fontLigatures" = true; - "editor.formatOnSave" = true; - "editor.formatOnSaveMode" = "modificationsIfAvailable"; - "editor.minimap.autohide" = true; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; - "update.mode" = "none"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; + "update.mode" = "none"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; - "git.autofetch" = true; - "git.path" = "${lib.getBin pkgs.git}/bin/git"; - "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = true; - "markdown.extension.tableFormatter.normalizeIndentation" = true; - "markdown.extension.toc.orderedList" = false; - "rust-analyzer.checkOnSave.command" = "clippy"; + "git.autofetch" = true; + "git.path" = "${lib.getBin pkgs.git}/bin/git"; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = true; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; + "rust-analyzer.checkOnSave.command" = "clippy"; - "\[makefile\]" = { - "editor.insertSpaces" = false; - "editor.detectIndentation" = false; + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; }; }; } diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 5ec9e83..0b5ed96 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -1,41 +1,43 @@ { config, ... }: { - initExtra = '' - eval "$(direnv hook zsh)"; - export PATH=$PATH:/home/vinzenz/.cargo/bin - ''; + config.programs.zsh = { + initExtra = '' + eval "$(direnv hook zsh)"; + export PATH=$PATH:/home/vinzenz/.cargo/bin + ''; - enableCompletion = true; + enableCompletion = true; - shellAliases = { - my-apply = "sudo nixos-rebuild boot --flake"; - my-switch = "sudo nixos-rebuild switch --flake"; - my-update = "sudo nixos-rebuild boot --upgrade --flake"; - my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; - my-test = "sudo nixos-rebuild test"; - my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; - my-ip4 = "ip addr show | grep 192"; - deadnix = "nix run github:astro/deadnix -- "; - statix = "nix run git+https://git.peppe.rs/languages/statix -- "; - }; + shellAliases = { + my-apply = "sudo nixos-rebuild boot --flake"; + my-switch = "sudo nixos-rebuild switch --flake"; + my-update = "sudo nixos-rebuild boot --upgrade --flake"; + my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; + my-test = "sudo nixos-rebuild test"; + my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; + my-ip4 = "ip addr show | grep 192"; + deadnix = "nix run github:astro/deadnix -- "; + statix = "nix run git+https://git.peppe.rs/languages/statix -- "; + }; - history = { - size = 10000; - path = "${config.xdg.dataHome}/zsh/history"; - expireDuplicatesFirst = true; - }; + history = { + size = 10000; + path = "${config.xdg.dataHome}/zsh/history"; + expireDuplicatesFirst = true; + }; - oh-my-zsh = { - enable = true; - theme = "agnoster"; - plugins = [ - "git" - "sudo" - "systemadmin" - "battery" - "dotnet" - "rust" - "tailscale" - ]; + oh-my-zsh = { + enable = true; + theme = "agnoster"; + plugins = [ + "git" + "sudo" + "systemadmin" + "battery" + "dotnet" + "rust" + "tailscale" + ]; + }; }; } diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index 0e4a769..7ad1351 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -1,34 +1,32 @@ -{ - pkgs, - ... -}: +{ pkgs, ... }: { imports = [ ./nginx.nix ]; - networking.networkmanager.enable = true; - nix.settings.extra-platforms = [ - "aarch64-linux" - "i686-linux" - ]; - services.xserver.xkb = { - # Configure keymap in X11 - layout = "de"; - variant = ""; + config = { + networking.networkmanager.enable = true; + nix.settings.extra-platforms = [ + "aarch64-linux" + "i686-linux" + ]; + + services.xserver.xkb = { + # Configure keymap in X11 + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ]; + + #users.users.ronja.openssh.authorizedKeys.keys = [ + # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + #]; + + programs.adb.enable = true; }; - - # Configure console keymap - console.keyMap = "de"; - - home-manager.users.vinzenz = import ../../home/vinzenz; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ]; - - #users.users.ronja.openssh.authorizedKeys.keys = [ - # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - #]; - - programs.adb.enable = true; } diff --git a/hosts/vinzenz-lpt2/imports.nix b/hosts/vinzenz-lpt2/imports.nix index 7f18417..a37f1ff 100644 --- a/hosts/vinzenz-lpt2/imports.nix +++ b/hosts/vinzenz-lpt2/imports.nix @@ -11,5 +11,6 @@ ../../modules/desktop-environment.nix ../../modules/desktop-hardware.nix + ../../home/vinzenz ]; } diff --git a/hosts/vinzenz-pc2/configuration.nix b/hosts/vinzenz-pc2/configuration.nix index a163141..ea29735 100644 --- a/hosts/vinzenz-pc2/configuration.nix +++ b/hosts/vinzenz-pc2/configuration.nix @@ -1,40 +1,34 @@ -{ - pkgs, - ... -}: +{ pkgs, ... }: { imports = [ ./hardware.nix ./vscode-server.nix ]; - networking.networkmanager.enable = true; - nix.settings.extra-platforms = [ - "aarch64-linux" - "i686-linux" - ]; + config = { + networking.networkmanager.enable = true; + nix.settings.extra-platforms = [ + "aarch64-linux" + "i686-linux" + ]; - services.xserver.xkb = { - # Configure keymap in X11 - layout = "de"; - variant = ""; + services.xserver.xkb = { + # Configure keymap in X11 + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + + users.users.ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgN6J8KyVyQqBAz+y3drXDmIsxOPkdPB+ISgpIP9Eld Generated By Termius'' + ]; }; - - # Configure console keymap - console.keyMap = "de"; - - home-manager.users = { - vinzenz = import ../../home/vinzenz; - ronja = import ../../home/ronja; - }; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - - users.users.ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgN6J8KyVyQqBAz+y3drXDmIsxOPkdPB+ISgpIP9Eld Generated By Termius'' - ]; } diff --git a/hosts/vinzenz-pc2/imports.nix b/hosts/vinzenz-pc2/imports.nix index ff296b9..1834b06 100644 --- a/hosts/vinzenz-pc2/imports.nix +++ b/hosts/vinzenz-pc2/imports.nix @@ -11,5 +11,7 @@ ../../home ../../modules/desktop-environment.nix ../../modules/desktop-hardware.nix + + ../../home/vinzenz ]; } From 8b79ccd4116b2fe380df31cfb2e2444bc1e0702c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 16 Mar 2025 10:25:59 +0100 Subject: [PATCH 168/241] add niri wm --- common/default.nix | 9 - flake.lock | 94 ++++++++ flake.nix | 41 +++- home/default.nix | 10 - home/gnome.nix | 44 ---- home/shared-modules.nix | 55 ----- home/vinzenz/configuration.nix | 50 ++++ home/vinzenz/default.nix | 76 +----- home/vinzenz/niri.nix | 290 +++++++++++++++++++++++ home/vinzenz/waybar.nix | 120 ++++++++++ hosts/vinzenz-lpt2/configuration.nix | 2 + hosts/vinzenz-lpt2/imports.nix | 7 +- hosts/vinzenz-pc2/configuration.nix | 5 + hosts/vinzenz-pc2/imports.nix | 8 +- {common => modules}/globalinstalls.nix | 0 {home => modules}/gnome-shared-dconf.nix | 0 modules/gnome.nix | 39 +++ modules/home-manager.nix | 61 +++++ {common => modules}/i18n.nix | 0 {common => modules}/networking.nix | 0 modules/niri.nix | 7 + {common => modules}/nixpkgs.nix | 2 + users/vinzenz.nix | 1 + 23 files changed, 719 insertions(+), 202 deletions(-) delete mode 100644 common/default.nix delete mode 100644 home/default.nix delete mode 100644 home/gnome.nix delete mode 100644 home/shared-modules.nix create mode 100644 home/vinzenz/configuration.nix create mode 100644 home/vinzenz/niri.nix create mode 100644 home/vinzenz/waybar.nix rename {common => modules}/globalinstalls.nix (100%) rename {home => modules}/gnome-shared-dconf.nix (100%) create mode 100644 modules/home-manager.nix rename {common => modules}/i18n.nix (100%) rename {common => modules}/networking.nix (100%) create mode 100644 modules/niri.nix rename {common => modules}/nixpkgs.nix (93%) diff --git a/common/default.nix b/common/default.nix deleted file mode 100644 index ddbf3bc..0000000 --- a/common/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ ... }: -{ - imports = [ - ./nixpkgs.nix - ./globalinstalls.nix - ./i18n.nix - ./networking.nix - ]; -} diff --git a/flake.lock b/flake.lock index a11515e..c4b1858 100644 --- a/flake.lock +++ b/flake.lock @@ -89,6 +89,66 @@ "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz" } }, + "niri": { + "inputs": { + "niri-stable": "niri-stable", + "niri-unstable": "niri-unstable", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": [ + "nixpkgs" + ], + "xwayland-satellite-stable": "xwayland-satellite-stable", + "xwayland-satellite-unstable": "xwayland-satellite-unstable" + }, + "locked": { + "lastModified": 1742032096, + "narHash": "sha256-/vWpgh3DCdoREIoydTfUnZLYSxKa0yRczOJaT0dDT0o=", + "owner": "sodiboo", + "repo": "niri-flake", + "rev": "e2614d598a86eb892e4d98d18458ee2633285c00", + "type": "github" + }, + "original": { + "owner": "sodiboo", + "repo": "niri-flake", + "type": "github" + } + }, + "niri-stable": { + "flake": false, + "locked": { + "lastModified": 1740117926, + "narHash": "sha256-mTTHA0RAaQcdYe+9A3Jx77cmmyLFHmRoZdd8RpWa+m8=", + "owner": "YaLTeR", + "repo": "niri", + "rev": "b94a5db8790339cf9134873d8b490be69e02ac71", + "type": "github" + }, + "original": { + "owner": "YaLTeR", + "ref": "v25.02", + "repo": "niri", + "type": "github" + } + }, + "niri-unstable": { + "flake": false, + "locked": { + "lastModified": 1742026950, + "narHash": "sha256-pd00WzjmAxxS3Da0e4eEzfgauAfX5HwMGfs3nm2hwwA=", + "owner": "YaLTeR", + "repo": "niri", + "rev": "9e560e7e607638da4f47b6dfef5a83b18711f75d", + "type": "github" + }, + "original": { + "owner": "YaLTeR", + "repo": "niri", + "type": "github" + } + }, "nixos-hardware": { "locked": { "lastModified": 1741325094, @@ -125,6 +185,7 @@ "inputs": { "home-manager": "home-manager", "lix-module": "lix-module", + "niri": "niri", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs" } @@ -143,6 +204,39 @@ "repo": "default", "type": "github" } + }, + "xwayland-satellite-stable": { + "flake": false, + "locked": { + "lastModified": 1739246919, + "narHash": "sha256-/hBM43/Gd0/tW+egrhlWgOIISeJxEs2uAOIYVpfDKeU=", + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "rev": "44590a416d4a3e8220e19e29e0b6efe64a80315d", + "type": "github" + }, + "original": { + "owner": "Supreeeme", + "ref": "v0.5.1", + "repo": "xwayland-satellite", + "type": "github" + } + }, + "xwayland-satellite-unstable": { + "flake": false, + "locked": { + "lastModified": 1741910413, + "narHash": "sha256-z9bvteu0rf+xmUDj4VifN06XAFJZQGRSOvdN7rn/oDs=", + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "rev": "0325cb1f48a292d873a6844772cca00251cbf945", + "type": "github" + }, + "original": { + "owner": "Supreeeme", + "repo": "xwayland-satellite", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index da0baf6..9b21548 100644 --- a/flake.nix +++ b/flake.nix @@ -12,6 +12,12 @@ url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; + + niri = { + url = "github:sodiboo/niri-flake"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs-stable.follows = "nixpkgs"; + }; }; outputs = @@ -21,6 +27,7 @@ home-manager, lix-module, nixos-hardware, + niri, }: let devices = { @@ -29,6 +36,10 @@ hetzner-vpn2 = "aarch64-linux"; forgejo-runner-1 = "aarch64-linux"; }; + homeDevices = [ + "vinzenz-lpt2" + "vinzenz-pc2" + ]; forDevice = f: nixpkgs.lib.mapAttrs f devices; in { @@ -36,18 +47,30 @@ device: system: nixpkgs.lib.nixosSystem { inherit system; - modules = [ - lix-module.nixosModules.default - home-manager.nixosModules.home-manager + modules = + [ + lix-module.nixosModules.default - { networking.hostName = device; } + { networking.hostName = device; } - ./common + ./modules/globalinstalls.nix + ./modules/networking.nix + ./modules/nixpkgs.nix - ./hosts/${device}/hardware.nix - ./hosts/${device}/imports.nix - ./hosts/${device}/configuration.nix - ]; + ./hosts/${device}/hardware.nix + ./hosts/${device}/imports.nix + ./hosts/${device}/configuration.nix + ] + ++ (nixpkgs.lib.optionals (builtins.elem device homeDevices) [ + home-manager.nixosModules.home-manager + { home-manager.extraSpecialArgs = { inherit device; }; } + ./modules/home-manager.nix + + ./modules/i18n.nix + + niri.nixosModules.niri + { nixpkgs.overlays = [ niri.overlays.niri ]; } + ]); } ); diff --git a/home/default.nix b/home/default.nix deleted file mode 100644 index d59fbbb..0000000 --- a/home/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, ... }: -{ - config = { - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - sharedModules = import ./shared-modules.nix; - }; - }; -} diff --git a/home/gnome.nix b/home/gnome.nix deleted file mode 100644 index 0310a7e..0000000 --- a/home/gnome.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ config, pkgs, ... }: -{ - imports = [ ../modules/gnome.nix ]; - config = { - home-manager.sharedModules = [ - { - home.packages = - with pkgs; - [ - gitg - meld - simple-scan - pinta - dconf-editor - gpaste - - # graphical installer for flatpak apps - gnome-software - ] - ++ (with gnomeExtensions; [ - caffeine - appindicator - ]); - - dconf.settings = import ./gnome-shared-dconf.nix; - - gtk = { - enable = true; - iconTheme.name = "Adwaita"; - cursorTheme.name = "Adwaita"; - theme = { - name = "adw-gtk3-dark"; - package = pkgs.adw-gtk3; - }; - }; - } - - { - home.packages = with pkgs; [ trayscale ] ++ (with gnomeExtensions; [ tailscale-qs ]); - dconf.settings."org/gnome/shell".enabled-extensions = [ "tailscale@joaophi.github.com" ]; - } - ]; - }; -} diff --git a/home/shared-modules.nix b/home/shared-modules.nix deleted file mode 100644 index dbc3d59..0000000 --- a/home/shared-modules.nix +++ /dev/null @@ -1,55 +0,0 @@ -[ - # set stateVersion - { home.stateVersion = "22.11"; } - # make nano the default editor - { - home = { - sessionVariables.EDITOR = "nano"; - file.".nanorc".text = '' - set linenumbers - set mouse - ''; - }; - } - # command line niceness - { - programs = { - command-not-found.enable = true; - dircolors.enable = true; - - zsh = { - enable = true; - syntaxHighlighting.enable = true; - autosuggestion.enable = true; - enableVteIntegration = true; - }; - }; - } - # common git config - { - programs = { - git = { - enable = true; - extraConfig.init.defaultBranch = "main"; - }; - - gh = { - enable = true; - gitCredentialHelper.enable = true; - }; - }; - } - # Templates - { - home.file = { - "Templates/Empty file".text = ""; - "Templates/Empty bash script".text = '' - #!/usr/bin/env bash - # abort on error, undefined variables - set -eu - # print commands before execution - set -x - ''; - }; - } -] diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix new file mode 100644 index 0000000..1927780 --- /dev/null +++ b/home/vinzenz/configuration.nix @@ -0,0 +1,50 @@ +{ pkgs, ... }: +{ + programs = { + home-manager.enable = true; + fzf.enable = true; + git-credential-oauth.enable = true; + + direnv = { + enable = true; + nix-direnv.enable = true; + }; + + eza = { + enable = true; + git = true; + icons = "auto"; + extraOptions = [ + "--group-directories-first" + "--header" + ]; + }; + + thefuck = { + enable = true; + enableZshIntegration = true; + }; + }; + + home.packages = with pkgs; [ + keepassxc + insync + + telegram-desktop + element-desktop + + wireguard-tools + wirelesstools + + kdiff3 + jetbrains-toolbox + + blanket + vlc + ]; + + home.file."policy.json" = { + target = ".config/containers/policy.json"; + text = builtins.readFile ./.config/containers/policy.json; + }; +} diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 1f2ff01..695270b 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -1,66 +1,14 @@ -{ ... }: +{ pkgs, config, ... }: { - config.home-manager.users.vinzenz = - { pkgs, ... }: - { - imports = [ - ./editorconfig.nix - ./git.nix - ./gnome.nix - ./ssh.nix - ./vscode.nix - ./zsh.nix - ]; - - config = { - - programs = { - home-manager.enable = true; - fzf.enable = true; - git-credential-oauth.enable = true; - - direnv = { - enable = true; - nix-direnv.enable = true; - }; - - eza = { - enable = true; - git = true; - icons = "auto"; - extraOptions = [ - "--group-directories-first" - "--header" - ]; - }; - - thefuck = { - enable = true; - enableZshIntegration = true; - }; - }; - - home.packages = with pkgs; [ - keepassxc - insync - - telegram-desktop - element-desktop - - wireguard-tools - wirelesstools - - kdiff3 - jetbrains-toolbox - - blanket - vlc - ]; - - home.file."policy.json" = { - target = ".config/containers/policy.json"; - text = builtins.readFile ./.config/containers/policy.json; - }; - }; - }; + imports = [ + ./configuration.nix + ./editorconfig.nix + ./git.nix + ./gnome.nix + ./niri.nix + ./ssh.nix + ./vscode.nix + ./waybar.nix + ./zsh.nix + ]; } diff --git a/home/vinzenz/niri.nix b/home/vinzenz/niri.nix new file mode 100644 index 0000000..378e310 --- /dev/null +++ b/home/vinzenz/niri.nix @@ -0,0 +1,290 @@ +{ pkgs, ... }: +{ + config = { + home.sessionVariables.NIXOS_OZONE_WL = "1"; + + home.packages = with pkgs; [ + xwayland-satellite + alacritty + fuzzel + swaylock + ]; + + programs.niri.settings = { + input.keyboard.xkb.layout = "de"; + + outputs."eDP-1" = { + scale = 1.0; + variable-refresh-rate = true; + background-color = "#000000"; + }; + + layout.gaps = 8; + + # defaults taken from https://github.com/sodiboo/niri-flake/issues/483 + binds = { + # Keys consist of modifiers separated by + signs, followed by an XKB key name + # in the end. To find an XKB name for a particular key, you may use a program + # like wev. + # + # "Mod" is a special modifier equal to Super when running on a TTY, and to Alt + # when running as a winit window. + # + # Most actions that you can bind here can also be invoked programmatically with + # `niri msg action do-something`. + + # Mod-Shift-/, which is usually the same as Mod-?, + # shows a list of important hotkeys. + "Mod+Shift+Slash".action.show-hotkey-overlay = { }; + + # Suggested binds for running programs: terminal, app launcher, screen locker. + "Mod+T".action.spawn = "alacritty"; + "Mod+D".action.spawn = "fuzzel"; + "Super+Alt+L".action.spawn = "swaylock"; + + # You can also use a shell. Do this if you need pipes, multiple commands, etc. + # Note: the entire command goes as a single argument in the end. + # Mod+T { spawn "bash" "-c" "notify-send hello && exec alacritty"; } + + # Example volume keys mappings for PipeWire & WirePlumber. + # The allow-when-locked=true property makes them work even when the session is locked. + "XF86AudioRaiseVolume" = { + allow-when-locked = true; + action.spawn = [ + "wpctl" + "set-volume" + "@DEFAULT_AUDIO_SINK@" + "0.1+" + ]; + }; + "XF86AudioLowerVolume" = { + allow-when-locked = true; + action.spawn = [ + "wpctl" + "set-volume" + "@DEFAULT_AUDIO_SINK@" + "0.1-" + ]; + }; + "XF86AudioMute" = { + allow-when-locked = true; + action.spawn = [ + "wpctl" + "set-mute" + "@DEFAULT_AUDIO_SINK@" + "toggle" + ]; + }; + "XF86AudioMicMute" = { + allow-when-locked = true; + action.spawn = [ + "wpctl" + "set-mute" + "@DEFAULT_AUDIO_SOURCE@" + "toggle" + ]; + }; + + "Mod+Q".action.close-window = { }; + + "Mod+Left".action.focus-column-left = { }; + "Mod+Down".action.focus-window-down = { }; + "Mod+Up".action.focus-window-up = { }; + "Mod+Right".action.focus-column-right = { }; + "Mod+H".action.focus-column-left = { }; + "Mod+J".action.focus-window-down = { }; + "Mod+K".action.focus-window-up = { }; + "Mod+L".action.focus-column-right = { }; + + "Mod+Ctrl+Left".action.move-column-left = { }; + "Mod+Ctrl+Down".action.move-window-down = { }; + "Mod+Ctrl+Up".action.move-window-up = { }; + "Mod+Ctrl+Right".action.move-column-right = { }; + "Mod+Ctrl+H".action.move-column-left = { }; + "Mod+Ctrl+J".action.move-window-down = { }; + "Mod+Ctrl+K".action.move-window-up = { }; + "Mod+Ctrl+L".action.move-column-right = { }; + + # Alternative commands that move across workspaces when reaching + # the first or last window in a column. + # Mod+J { focus-window-or-workspace-down; } + # Mod+K { focus-window-or-workspace-up; } + # Mod+Ctrl+J { move-window-down-or-to-workspace-down; } + # Mod+Ctrl+K { move-window-up-or-to-workspace-up; } + + "Mod+Home".action.focus-column-first = { }; + "Mod+End".action.focus-column-last = { }; + "Mod+Ctrl+Home".action.move-column-to-first = { }; + "Mod+Ctrl+End".action.move-column-to-last = { }; + + "Mod+Shift+Left".action.focus-monitor-left = { }; + "Mod+Shift+Down".action.focus-monitor-down = { }; + "Mod+Shift+Up".action.focus-monitor-up = { }; + "Mod+Shift+Right".action.focus-monitor-right = { }; + "Mod+Shift+H".action.focus-monitor-left = { }; + "Mod+Shift+J".action.focus-monitor-down = { }; + "Mod+Shift+K".action.focus-monitor-up = { }; + "Mod+Shift+L".action.focus-monitor-right = { }; + + "Mod+Shift+Ctrl+Left".action.move-column-to-monitor-left = { }; + "Mod+Shift+Ctrl+Down".action.move-column-to-monitor-down = { }; + "Mod+Shift+Ctrl+Up".action.move-column-to-monitor-up = { }; + "Mod+Shift+Ctrl+Right".action.move-column-to-monitor-right = { }; + "Mod+Shift+Ctrl+H".action.move-column-to-monitor-left = { }; + "Mod+Shift+Ctrl+J".action.move-column-to-monitor-down = { }; + "Mod+Shift+Ctrl+K".action.move-column-to-monitor-up = { }; + "Mod+Shift+Ctrl+L".action.move-column-to-monitor-right = { }; + + # Alternatively, there are commands to move just a single window: + # Mod+Shift+Ctrl+Left { move-window-to-monitor-left; } + # ... + + # And you can also move a whole workspace to another monitor: + # Mod+Shift+Ctrl+Left { move-workspace-to-monitor-left; } + # ... + + "Mod+Page_Down".action.focus-workspace-down = { }; + "Mod+Page_Up".action.focus-workspace-up = { }; + "Mod+U".action.focus-workspace-down = { }; + "Mod+I".action.focus-workspace-up = { }; + "Mod+Ctrl+Page_Down".action.move-column-to-workspace-down = { }; + "Mod+Ctrl+Page_Up".action.move-column-to-workspace-up = { }; + "Mod+Ctrl+U".action.move-column-to-workspace-down = { }; + "Mod+Ctrl+I".action.move-column-to-workspace-up = { }; + + # Alternatively, there are commands to move just a single window: + # Mod+Ctrl+Page_Down { move-window-to-workspace-down; } + # ... + + "Mod+Shift+Page_Down".action.move-workspace-down = { }; + "Mod+Shift+Page_Up".action.move-workspace-up = { }; + "Mod+Shift+U".action.move-workspace-down = { }; + "Mod+Shift+I".action.move-workspace-up = { }; + + # You can bind mouse wheel scroll ticks using the following syntax. + # These binds will change direction based on the natural-scroll setting. + # + # To avoid scrolling through workspaces really fast, you can use + # the cooldown-ms property. The bind will be rate-limited to this value. + # You can set a cooldown on any bind, but it's most useful for the wheel. + "Mod+WheelScrollDown" = { + cooldown-ms = 150; + action.focus-workspace-down = { }; + }; + "Mod+WheelScrollUp" = { + cooldown-ms = 150; + action.focus-workspace-up = { }; + }; + "Mod+Ctrl+WheelScrollDown" = { + cooldown-ms = 150; + action.move-column-to-workspace-down = { }; + }; + "Mod+Ctrl+WheelScrollUp" = { + cooldown-ms = 150; + action.move-column-to-workspace-up = { }; + }; + + "Mod+WheelScrollRight".action.focus-column-right = { }; + "Mod+WheelScrollLeft".action.focus-column-left = { }; + "Mod+Ctrl+WheelScrollRight".action.move-column-right = { }; + "Mod+Ctrl+WheelScrollLeft".action.move-column-left = { }; + + # Usually scrolling up and down with Shift in applications results in + # horizontal scrolling; these binds replicate that. + "Mod+Shift+WheelScrollDown".action.focus-column-right = { }; + "Mod+Shift+WheelScrollUp".action.focus-column-left = { }; + "Mod+Ctrl+Shift+WheelScrollDown".action.move-column-right = { }; + "Mod+Ctrl+Shift+WheelScrollUp".action.move-column-left = { }; + + # Similarly, you can bind touchpad scroll "ticks". + # Touchpad scrolling is continuous, so for these binds it is split into + # discrete intervals. + # These binds are also affected by touchpad's natural-scroll, so these + # example binds are "inverted", since we have natural-scroll enabled for + # touchpads by default. + # Mod+TouchpadScrollDown { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.02+"; } + # Mod+TouchpadScrollUp { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.02-"; } + + # You can refer to workspaces by index. However, keep in mind that + # niri is a dynamic workspace system, so these commands are kind of + # "best effort". Trying to refer to a workspace index bigger than + # the current workspace count will instead refer to the bottommost + # (empty) workspace. + # + # For example, with 2 workspaces + 1 empty, indices 3, 4, 5 and so on + # will all refer to the 3rd workspace. + "Mod+1".action.focus-workspace = 1; + "Mod+2".action.focus-workspace = 2; + "Mod+3".action.focus-workspace = 3; + "Mod+4".action.focus-workspace = 4; + "Mod+5".action.focus-workspace = 5; + "Mod+6".action.focus-workspace = 6; + "Mod+7".action.focus-workspace = 7; + "Mod+8".action.focus-workspace = 8; + "Mod+9".action.focus-workspace = 9; + "Mod+Ctrl+1".action.move-column-to-workspace = 1; + "Mod+Ctrl+2".action.move-column-to-workspace = 2; + "Mod+Ctrl+3".action.move-column-to-workspace = 3; + "Mod+Ctrl+4".action.move-column-to-workspace = 4; + "Mod+Ctrl+5".action.move-column-to-workspace = 5; + "Mod+Ctrl+6".action.move-column-to-workspace = 6; + "Mod+Ctrl+7".action.move-column-to-workspace = 7; + "Mod+Ctrl+8".action.move-column-to-workspace = 8; + "Mod+Ctrl+9".action.move-column-to-workspace = 9; + + # Alternatively, there are commands to move just a single window: + # Mod+Ctrl+1 { move-window-to-workspace 1; } + + # Switches focus between the current and the previous workspace. + # Mod+Tab { focus-workspace-previous; } + + "Mod+Comma".action.consume-window-into-column = { }; + "Mod+Period".action.expel-window-from-column = { }; + + # There are also commands that consume or expel a single window to the side. + # Mod+BracketLeft { consume-or-expel-window-left; } + # Mod+BracketRight { consume-or-expel-window-right; } + + "Mod+R".action.switch-preset-column-width = { }; + "Mod+Shift+R".action.reset-window-height = { }; + "Mod+F".action.maximize-column = { }; + "Mod+Shift+F".action.fullscreen-window = { }; + "Mod+C".action.center-column = { }; + + # Finer width adjustments. + # This command can also: + # * set width in pixels: "1000" + # * adjust width in pixels: "-5" or "+5" + # * set width as a percentage of screen width: "25%" + # * adjust width as a percentage of screen width: "-10%" or "+10%" + # Pixel sizes use logical, or scaled, pixels. I.e. on an output with scale 2.0, + # set-column-width "100" will make the column occupy 200 physical screen pixels. + "Mod+Minus".action.set-column-width = "-10%"; + "Mod+Equal".action.set-column-width = "+10%"; + + # Finer height adjustments when in column with other windows. + "Mod+Shift+Minus".action.set-window-height = "-10%"; + "Mod+Shift+Equal".action.set-window-height = "+10%"; + + # Actions to switch layouts. + # Note: if you uncomment these, make sure you do NOT have + # a matching layout switch hotkey configured in xkb options above. + # Having both at once on the same hotkey will break the switching, + # since it will switch twice upon pressing the hotkey (once by xkb, once by niri). + # Mod+Space { switch-layout "next"; } + # Mod+Shift+Space { switch-layout "prev"; } + + "Print".action.screenshot = { }; + "Ctrl+Print".action.screenshot-screen = { }; + "Alt+Print".action.screenshot-window = { }; + + # The quit action will show a confirmation dialog to avoid accidental exits. + "Mod+Shift+E".action.quit = { }; + + # Powers off the monitors. To turn them back on, do any input like + # moving the mouse or pressing any other key. + "Mod+Shift+P".action.power-off-monitors = { }; + }; + }; + }; +} diff --git a/home/vinzenz/waybar.nix b/home/vinzenz/waybar.nix new file mode 100644 index 0000000..ae245a1 --- /dev/null +++ b/home/vinzenz/waybar.nix @@ -0,0 +1,120 @@ +{ pkgs, device, ... }: +{ + config.programs.waybar = { + enable = true; + settings = { + mainBar = { + layer = "top"; + position = "top"; + output = [ + "eDP-1" + "HDMI-A-1" + ]; + mode = "dock"; + spacing = "8"; + modules-left = [ + "niri/workspaces" + "niri/window" + ]; + modules-center = [ + "clock" + ]; + modules-right = [ + "tray" + "mpd" + + "temperature" + "cpu" + + "disk" + "backlight" + "pulseaudio" + "bluetooth" + "memory" + "network" + "battery" + ]; + "niri/workspaces" = { + format = "{icon}"; + }; + + "niri/window" = { + separate-outputs = true; + icon = true; + }; + network = { + interface = "wlo1"; + format = "{ifname}"; + format-wifi = " "; + format-ethernet = "󰈀 "; + format-linked = "󱘖 "; + format-disconnected = "󰣽 "; + tooltip-format = "{ifname} via {gwaddr}"; + tooltip-format-wifi = "{essid} ({signalStrength}%)"; + tooltip-format-ethernet = "{ifname} {ipaddr}/{cidr}"; + tooltip-format-disconnected = "Disconnected"; + max-length = 50; + }; + clock = { + format = "{:%a, %d. %b %H:%M}"; + tooltip-format = "{calendar}"; + calendar = { + mode = "month"; + weeks-pos = "right"; + on-scroll = 1; + on-click-right = "mode"; + format = { + #months = "{}"; + #days = "{}"; + #weeks = "W{}"; + #weekdays = "{}"; + #weekdays = "{}"; + today = "{}"; + }; + }; + actions = { + on-click-right = "mode"; + on-click-forward = "tz_up"; + on-click-backward = "tz_down"; + on-scroll-up = "shift_down"; + on-scroll-down = "shift_up"; + }; + }; + battery = { + format = "{capacity}% {icon}"; + format-icons = [ + "" + "" + "" + "" + "" + ]; + }; + backlight = { + device = "intel_backlight"; + format = "{percent}% "; + }; + cpu = { + "interval" = 1; + "format" = + "{usage}%@{avg_frequency} " + + (builtins.getAttr device { + "vinzenz-lpt2" = + "{icon0}{icon1}{icon2}{icon3}{icon4}{icon5}{icon6}{icon7}{icon8}{icon9}{icon10}{icon11}{icon12}{icon13}{icon14}{icon15}{icon16}{icon17}{icon18}{icon19}"; + }) + + " "; + "format-icons" = [ + "" + "" + "" + "" + "" + "" + "" + "" + ]; + }; + }; + }; + }; +} diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index 7ad1351..d880b42 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -18,6 +18,8 @@ # Configure console keymap console.keyMap = "de"; + home-manager.users.vinzenz = import ../../home/vinzenz; + users.users.vinzenz.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' diff --git a/hosts/vinzenz-lpt2/imports.nix b/hosts/vinzenz-lpt2/imports.nix index a37f1ff..2526b3f 100644 --- a/hosts/vinzenz-lpt2/imports.nix +++ b/hosts/vinzenz-lpt2/imports.nix @@ -1,16 +1,13 @@ { imports = [ - ../../home/gnome.nix ../../users/vinzenz.nix + ../../modules/gnome.nix ../../modules/gaming.nix ../../modules/printing.nix ../../modules/podman.nix - - ../../home + ../../modules/niri.nix ../../modules/desktop-environment.nix ../../modules/desktop-hardware.nix - - ../../home/vinzenz ]; } diff --git a/hosts/vinzenz-pc2/configuration.nix b/hosts/vinzenz-pc2/configuration.nix index ea29735..aa01095 100644 --- a/hosts/vinzenz-pc2/configuration.nix +++ b/hosts/vinzenz-pc2/configuration.nix @@ -20,6 +20,11 @@ # Configure console keymap console.keyMap = "de"; + home-manager.users = { + vinzenz = import ../../home/vinzenz; + ronja = import ../../home/ronja; + }; + users.users.vinzenz.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' diff --git a/hosts/vinzenz-pc2/imports.nix b/hosts/vinzenz-pc2/imports.nix index 1834b06..2526b3f 100644 --- a/hosts/vinzenz-pc2/imports.nix +++ b/hosts/vinzenz-pc2/imports.nix @@ -1,17 +1,13 @@ { imports = [ - ../../home/gnome.nix ../../users/vinzenz.nix - ../../users/ronja.nix + ../../modules/gnome.nix ../../modules/gaming.nix ../../modules/printing.nix ../../modules/podman.nix - - ../../home + ../../modules/niri.nix ../../modules/desktop-environment.nix ../../modules/desktop-hardware.nix - - ../../home/vinzenz ]; } diff --git a/common/globalinstalls.nix b/modules/globalinstalls.nix similarity index 100% rename from common/globalinstalls.nix rename to modules/globalinstalls.nix diff --git a/home/gnome-shared-dconf.nix b/modules/gnome-shared-dconf.nix similarity index 100% rename from home/gnome-shared-dconf.nix rename to modules/gnome-shared-dconf.nix diff --git a/modules/gnome.nix b/modules/gnome.nix index 4b0d1ff..c510a9d 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -64,5 +64,44 @@ # RDP connections networking.firewall.allowedTCPPorts = [ 3389 ]; + + home-manager.sharedModules = [ + { + home.packages = + with pkgs; + [ + gitg + meld + simple-scan + pinta + dconf-editor + gpaste + + # graphical installer for flatpak apps + gnome-software + ] + ++ (with gnomeExtensions; [ + caffeine + appindicator + ]); + + dconf.settings = import ./gnome-shared-dconf.nix; + + gtk = { + enable = true; + iconTheme.name = "Adwaita"; + cursorTheme.name = "Adwaita"; + theme = { + name = "adw-gtk3-dark"; + package = pkgs.adw-gtk3; + }; + }; + } + + { + home.packages = with pkgs; [ trayscale ] ++ (with gnomeExtensions; [ tailscale-qs ]); + dconf.settings."org/gnome/shell".enabled-extensions = [ "tailscale@joaophi.github.com" ]; + } + ]; }; } diff --git a/modules/home-manager.nix b/modules/home-manager.nix new file mode 100644 index 0000000..9af6a19 --- /dev/null +++ b/modules/home-manager.nix @@ -0,0 +1,61 @@ +_: { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + sharedModules = [ + # set stateVersion + { home.stateVersion = "22.11"; } + # make nano the default editor + { + home = { + sessionVariables.EDITOR = "nano"; + file.".nanorc".text = '' + set linenumbers + set mouse + ''; + }; + } + # command line niceness + { + programs = { + command-not-found.enable = true; + dircolors.enable = true; + + zsh = { + enable = true; + syntaxHighlighting.enable = true; + autosuggestion.enable = true; + enableVteIntegration = true; + }; + }; + } + # common git config + { + programs = { + git = { + enable = true; + extraConfig.init.defaultBranch = "main"; + }; + + gh = { + enable = true; + gitCredentialHelper.enable = true; + }; + }; + } + # Templates + { + home.file = { + "Templates/Empty file".text = ""; + "Templates/Empty bash script".text = '' + #!/usr/bin/env bash + # abort on error, undefined variables + set -eu + # print commands before execution + set -x + ''; + }; + } + ]; + }; +} diff --git a/common/i18n.nix b/modules/i18n.nix similarity index 100% rename from common/i18n.nix rename to modules/i18n.nix diff --git a/common/networking.nix b/modules/networking.nix similarity index 100% rename from common/networking.nix rename to modules/networking.nix diff --git a/modules/niri.nix b/modules/niri.nix new file mode 100644 index 0000000..42af734 --- /dev/null +++ b/modules/niri.nix @@ -0,0 +1,7 @@ +{ pkgs, ... }: +{ + programs.niri = { + enable = true; + package = pkgs.niri-stable; + }; +} diff --git a/common/nixpkgs.nix b/modules/nixpkgs.nix similarity index 93% rename from common/nixpkgs.nix rename to modules/nixpkgs.nix index 03c9c0c..aba3504 100644 --- a/common/nixpkgs.nix +++ b/modules/nixpkgs.nix @@ -17,11 +17,13 @@ "https://cache.nixos.org/" "https://nix-community.cachix.org" "https://cache.lix.systems" + "https://niri.cachix.org" ]; trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" + "niri.cachix.org-1:Wv0OmO7PsuocRKzfDoJ3mulSl7Z6oezYhGhR+3W2964=" ]; experimental-features = [ "nix-command" diff --git a/users/vinzenz.nix b/users/vinzenz.nix index 5a2d422..aeb4926 100644 --- a/users/vinzenz.nix +++ b/users/vinzenz.nix @@ -15,6 +15,7 @@ "nginx" "adbusers" "kvm" + "input" ]; shell = pkgs.zsh; autoSubUidGidRange = true; From 64baa2e7733e4b94078dc13082a39275d3e1d21a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 16 Mar 2025 10:43:14 +0100 Subject: [PATCH 169/241] merge users with home --- home/ronja/configuration.nix | 56 +++++++++++++++++++++ home/ronja/default.nix | 75 +++++++++------------------- home/vinzenz/default.nix | 58 ++++++++++++++++----- home/vinzenz/waybar.nix | 2 +- hosts/vinzenz-lpt2/configuration.nix | 2 - hosts/vinzenz-lpt2/imports.nix | 5 +- hosts/vinzenz-pc2/imports.nix | 4 +- users/ronja.nix | 23 --------- users/vinzenz.nix | 36 ------------- 9 files changed, 131 insertions(+), 130 deletions(-) create mode 100644 home/ronja/configuration.nix delete mode 100644 users/ronja.nix delete mode 100644 users/vinzenz.nix diff --git a/home/ronja/configuration.nix b/home/ronja/configuration.nix new file mode 100644 index 0000000..85f4772 --- /dev/null +++ b/home/ronja/configuration.nix @@ -0,0 +1,56 @@ +{ config, pkgs, ... }: +{ + config = { + home.packages = with pkgs; [ + ## Apps + telegram-desktop + kdiff3 + ]; + + programs = { + home-manager.enable = true; + + zsh = { + history = { + size = 10000; + path = "${config.xdg.dataHome}/zsh/history"; + expireDuplicatesFirst = true; + }; + + oh-my-zsh = { + enable = true; + theme = "agnoster"; + plugins = [ + "git" + "sudo" + "systemadmin" + ]; + }; + }; + + git = { + userName = "Ronja Spiegelberg"; + userEmail = "ronja.spiegelberg@gmail.com"; + + extraConfig = { + pull.ff = "only"; + merge.tool = "kdiff3"; + }; + }; + + chromium = { + enable = true; + extensions = [ + { + # ublock origin + id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; + } + { + id = "dcpihecpambacapedldabdbpakmachpb"; + updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; + } + ]; + }; + }; + }; +} diff --git a/home/ronja/default.nix b/home/ronja/default.nix index b4bebd0..46aa848 100644 --- a/home/ronja/default.nix +++ b/home/ronja/default.nix @@ -1,57 +1,28 @@ -inputs@{ config, pkgs, ... }: +{ pkgs, ... }: { - imports = [ ./vscode.nix ]; - config.home-manager.users.ronja = { - home.packages = with pkgs; [ - ## Apps - telegram-desktop - kdiff3 + config = { + # Define user account + users.users.ronja = { + isNormalUser = true; + name = "ronja"; + description = "Ronja"; + home = "/home/ronja"; + extraGroups = [ + "networkmanager" + "wheel" + "games" + "podman" + ]; + shell = pkgs.zsh; + }; + + home-manager.users.ronja.imports = [ + ./configuration.nix + ./vscode.nix ]; - programs = { - home-manager.enable = true; - - zsh = { - history = { - size = 10000; - path = "${config.xdg.dataHome}/zsh/history"; - expireDuplicatesFirst = true; - }; - - oh-my-zsh = { - enable = true; - theme = "agnoster"; - plugins = [ - "git" - "sudo" - "systemadmin" - ]; - }; - }; - - git = { - userName = "Ronja Spiegelberg"; - userEmail = "ronja.spiegelberg@gmail.com"; - - extraConfig = { - pull.ff = "only"; - merge.tool = "kdiff3"; - }; - }; - - chromium = { - enable = true; - extensions = [ - { - # ublock origin - id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; - } - { - id = "dcpihecpambacapedldabdbpakmachpb"; - updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml"; - } - ]; - }; - }; + allowedUnfreePackages = [ + "vscode-extension-ms-vscode-remote-remote-ssh" + ]; }; } diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 695270b..5d68bfc 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -1,14 +1,48 @@ -{ pkgs, config, ... }: +{ pkgs, ... }: { - imports = [ - ./configuration.nix - ./editorconfig.nix - ./git.nix - ./gnome.nix - ./niri.nix - ./ssh.nix - ./vscode.nix - ./waybar.nix - ./zsh.nix - ]; + config = { + users.users.vinzenz = { + isNormalUser = true; + name = "vinzenz"; + description = "Vinzenz"; + home = "/home/vinzenz"; + extraGroups = [ + "networkmanager" + "wheel" + "games" + "dialout" + "podman" + "nginx" + "adbusers" + "kvm" + "input" + ]; + shell = pkgs.zsh; + autoSubUidGidRange = true; + }; + + home-manager.users.vinzenz.imports = [ + ./configuration.nix + ./editorconfig.nix + ./git.nix + ./gnome.nix + ./niri.nix + ./ssh.nix + ./vscode.nix + ./waybar.nix + ./zsh.nix + ]; + + allowedUnfreePackages = [ + "vscode-extension-ms-vscode-remote-remote-ssh" + "insync" + "insync-pkg" + + "rider" + "pycharm-professional" + "jetbrains-toolbox" + + "anydesk" + ]; + }; } diff --git a/home/vinzenz/waybar.nix b/home/vinzenz/waybar.nix index ae245a1..413036d 100644 --- a/home/vinzenz/waybar.nix +++ b/home/vinzenz/waybar.nix @@ -97,7 +97,7 @@ cpu = { "interval" = 1; "format" = - "{usage}%@{avg_frequency} " + "{usage:3}%@{avg_frequency:4} " + (builtins.getAttr device { "vinzenz-lpt2" = "{icon0}{icon1}{icon2}{icon3}{icon4}{icon5}{icon6}{icon7}{icon8}{icon9}{icon10}{icon11}{icon12}{icon13}{icon14}{icon15}{icon16}{icon17}{icon18}{icon19}"; diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index d880b42..7ad1351 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -18,8 +18,6 @@ # Configure console keymap console.keyMap = "de"; - home-manager.users.vinzenz = import ../../home/vinzenz; - users.users.vinzenz.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' diff --git a/hosts/vinzenz-lpt2/imports.nix b/hosts/vinzenz-lpt2/imports.nix index 2526b3f..7e9f61a 100644 --- a/hosts/vinzenz-lpt2/imports.nix +++ b/hosts/vinzenz-lpt2/imports.nix @@ -1,7 +1,5 @@ { imports = [ - ../../users/vinzenz.nix - ../../modules/gnome.nix ../../modules/gaming.nix ../../modules/printing.nix @@ -9,5 +7,8 @@ ../../modules/niri.nix ../../modules/desktop-environment.nix ../../modules/desktop-hardware.nix + + ../../home/vinzenz + ../../home/ronja ]; } diff --git a/hosts/vinzenz-pc2/imports.nix b/hosts/vinzenz-pc2/imports.nix index 2526b3f..cf430db 100644 --- a/hosts/vinzenz-pc2/imports.nix +++ b/hosts/vinzenz-pc2/imports.nix @@ -1,7 +1,5 @@ { imports = [ - ../../users/vinzenz.nix - ../../modules/gnome.nix ../../modules/gaming.nix ../../modules/printing.nix @@ -9,5 +7,7 @@ ../../modules/niri.nix ../../modules/desktop-environment.nix ../../modules/desktop-hardware.nix + + ../../home/vinzenz ]; } diff --git a/users/ronja.nix b/users/ronja.nix deleted file mode 100644 index 3ed2b8a..0000000 --- a/users/ronja.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs, ... }: -{ - config = { - # Define user account - users.users.ronja = { - isNormalUser = true; - name = "ronja"; - description = "Ronja"; - home = "/home/ronja"; - extraGroups = [ - "networkmanager" - "wheel" - "games" - "podman" - ]; - shell = pkgs.zsh; - }; - - allowedUnfreePackages = [ - "vscode-extension-ms-vscode-remote-remote-ssh" - ]; - }; -} diff --git a/users/vinzenz.nix b/users/vinzenz.nix deleted file mode 100644 index aeb4926..0000000 --- a/users/vinzenz.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ pkgs, ... }: -{ - config = { - users.users.vinzenz = { - isNormalUser = true; - name = "vinzenz"; - description = "Vinzenz"; - home = "/home/vinzenz"; - extraGroups = [ - "networkmanager" - "wheel" - "games" - "dialout" - "podman" - "nginx" - "adbusers" - "kvm" - "input" - ]; - shell = pkgs.zsh; - autoSubUidGidRange = true; - }; - - allowedUnfreePackages = [ - "vscode-extension-ms-vscode-remote-remote-ssh" - "insync" - "insync-pkg" - - "rider" - "pycharm-professional" - "jetbrains-toolbox" - - "anydesk" - ]; - }; -} From ed9df2da836c42c424083ae33ef00068d038512e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 18:09:24 +0100 Subject: [PATCH 170/241] misc niri/waybar tweaks --- home/vinzenz/niri.nix | 17 +++++ home/vinzenz/waybar.nix | 164 +++++++++++++++++++++++++++++++++++++--- 2 files changed, 170 insertions(+), 11 deletions(-) diff --git a/home/vinzenz/niri.nix b/home/vinzenz/niri.nix index 378e310..b801c6b 100644 --- a/home/vinzenz/niri.nix +++ b/home/vinzenz/niri.nix @@ -10,6 +10,23 @@ swaylock ]; + qt.style = { + package = pkgs.adwaita-qt; + name = "adwaita-dark"; + }; + + services = { + kdeconnect = { + enable = true; + indicator = true; + }; + mako = { + enable = true; + }; + }; + + # services.swayidle.enable = true; + programs.niri.settings = { input.keyboard.xkb.layout = "de"; diff --git a/home/vinzenz/waybar.nix b/home/vinzenz/waybar.nix index 413036d..145e15a 100644 --- a/home/vinzenz/waybar.nix +++ b/home/vinzenz/waybar.nix @@ -1,6 +1,13 @@ { pkgs, device, ... }: { - config.programs.waybar = { + home.packages = with pkgs; [ + waybar + playerctl + ]; + + programs.cava.enable = true; + + programs.waybar = { enable = true; settings = { mainBar = { @@ -14,25 +21,31 @@ spacing = "8"; modules-left = [ "niri/workspaces" + "tray" "niri/window" ]; modules-center = [ + "privacy" "clock" ]; modules-right = [ - "tray" - "mpd" + "mpris" + "image" + "cava" + "gamemode" "temperature" "cpu" - - "disk" - "backlight" - "pulseaudio" - "bluetooth" "memory" + "disk" + "wireplumber" + "bluetooth" + "backlight" "network" + "power-profiles-daemon" "battery" + "idle_inhibitor" + #"group/group-power" ]; "niri/workspaces" = { format = "{icon}"; @@ -95,15 +108,15 @@ format = "{percent}% "; }; cpu = { - "interval" = 1; - "format" = + interval = 1; + format = "{usage:3}%@{avg_frequency:4} " + (builtins.getAttr device { "vinzenz-lpt2" = "{icon0}{icon1}{icon2}{icon3}{icon4}{icon5}{icon6}{icon7}{icon8}{icon9}{icon10}{icon11}{icon12}{icon13}{icon14}{icon15}{icon16}{icon17}{icon18}{icon19}"; }) + " "; - "format-icons" = [ + format-icons = [ "" "" "" @@ -114,6 +127,135 @@ "" ]; }; + cava = { + framerate = 15; + autosens = 1; + method = "pipewire"; + sleep_timer = 3; + source = "auto"; + bar_delimiter = 0; + bars = 12; + input_delay = 2; + hide_on_silence = true; + format-icons = [ + "" + "" + "" + "" + "" + "" + "" + "" + ]; + actions = { + "on-click-right" = "mode"; + }; + }; + disk = { + format = "{free}/{total}"; + }; + "group/group-power" = { + "orientation" = "inherit"; + "drawer" = { + "transition-duration" = 500; + "children-class" = "not-power"; + "transition-left-to-right" = false; + }; + "modules" = [ + "custom/power" # First element is the "group leader" and won't ever be hidden + "custom/quit" + "custom/lock" + "custom/reboot" + ]; + }; + "custom/quit" = { + "format" = "󰗼"; + "tooltip" = false; + "on-click" = "hyprctl dispatch exit"; + min-width = 20; + }; + "custom/lock" = { + "format" = "󰍁"; + "tooltip" = false; + "on-click" = "swaylock"; + }; + "custom/reboot" = { + "format" = "󰜉"; + "tooltip" = false; + "on-click" = "reboot"; + }; + "custom/power" = { + "format" = ""; + "tooltip" = false; + "on-click" = "shutdown now"; + }; + idle_inhibitor = { + format = "{icon}"; + format-icons = { + activated = ""; + deactivated = ""; + }; + }; + image = + let + albumArtScript = pkgs.writeShellScriptBin "album-art.sh" '' + #!${pkgs.bash}/bin/bash + album_art=$(playerctl metadata mpris:artUrl) + if [[ -z $album_art ]] + then + exit + fi + curl -s "''${album_art}" --output "/tmp/cover.jpeg" + echo "/tmp/cover.jpeg" + ''; + in + { + exec = "${albumArtScript}/bin/album-art.sh"; + interval = 15; + on-click = "playerctl play-pause"; + }; + mpris = { + format = "{title} "; + tooltip-format = "{player} ({status}) {dynamic}"; + }; + memory = { + format = "{}% "; + }; + power-profiles-daemon = { + format = "{icon}"; + tooltip-format = "Power profile: {profile}\nDriver: {driver}"; + tooltip = true; + format-icons = { + default = ""; + performance = ""; + balanced = ""; + power-saver = ""; + }; + }; + wireplumber = { + format = "{volume}% {icon}"; + format-muted = ""; + format-icons = [ + "" + "" + "" + ]; + }; + temperature = { + format = "{temperatureC}°C "; + }; + tray = { + spacing = 4; + }; + bluetooth = { + format = "  {status} "; + format-connected = "  {device_alias} "; + format-connected-battery = "  {device_alias} {device_battery_percentage}% "; + tooltip-format = "{controller_alias}\t{controller_address}\n\n{num_connections} connected"; + tooltip-format-connected = "{controller_alias}\t{controller_address}\n\n{num_connections} connected\n\n{device_enumerate}"; + tooltip-format-enumerate-connected = "{device_alias}\t{device_address}"; + tooltip-format-enumerate-connected-battery = "{device_alias}\t{device_address}\t{device_battery_percentage}%"; + }; }; }; }; From ba0ff8e45698475d2c3c8862eb7acf888f5aadcf Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 18:23:52 +0100 Subject: [PATCH 171/241] fix vms import non existing file --- hosts/forgejo-runner-1/imports.nix | 1 - hosts/hetzner-vpn2/imports.nix | 2 -- 2 files changed, 3 deletions(-) diff --git a/hosts/forgejo-runner-1/imports.nix b/hosts/forgejo-runner-1/imports.nix index f63120e..8b867c6 100644 --- a/hosts/forgejo-runner-1/imports.nix +++ b/hosts/forgejo-runner-1/imports.nix @@ -1,6 +1,5 @@ { imports = [ - ../../users/vinzenz.nix ../../modules/podman.nix ./forgejo-runner.nix ]; diff --git a/hosts/hetzner-vpn2/imports.nix b/hosts/hetzner-vpn2/imports.nix index b17a1c8..3fadabb 100644 --- a/hosts/hetzner-vpn2/imports.nix +++ b/hosts/hetzner-vpn2/imports.nix @@ -1,7 +1,5 @@ { imports = [ ./nginx.nix - ../../users/vinzenz.nix - ../../users/ronja.nix ]; } From 638bcfdc3f8b1a3c20066f582148d24e64853fbb Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 18:25:25 +0100 Subject: [PATCH 172/241] remove ssh keys for removed users --- hosts/hetzner-vpn2/configuration.nix | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/hosts/hetzner-vpn2/configuration.nix b/hosts/hetzner-vpn2/configuration.nix index c4b747d..be2fe7b 100644 --- a/hosts/hetzner-vpn2/configuration.nix +++ b/hosts/hetzner-vpn2/configuration.nix @@ -12,15 +12,9 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' ]; - vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - ]; + #ronja.openssh.authorizedKeys.keys = [ + # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + #]; }; system.autoUpgrade.allowReboot = true; From e8762f575f44ea8162e13ee6223f3609dde71783 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 19:06:47 +0100 Subject: [PATCH 173/241] deadnix -e --- flake.nix | 2 -- home/vinzenz/zsh.nix | 2 +- hosts/forgejo-runner-1/configuration.nix | 2 +- hosts/forgejo-runner-1/hardware.nix | 2 +- hosts/hetzner-vpn2/configuration.nix | 2 +- hosts/hetzner-vpn2/hardware.nix | 2 +- hosts/hetzner-vpn2/nginx.nix | 2 +- hosts/vinzenz-lpt2/configuration.nix | 2 +- hosts/vinzenz-pc2/configuration.nix | 2 +- modules/desktop-environment.nix | 2 +- modules/desktop-hardware.nix | 1 - modules/gaming.nix | 2 +- modules/gnome.nix | 2 +- modules/intel-graphics.nix | 2 +- 14 files changed, 12 insertions(+), 15 deletions(-) diff --git a/flake.nix b/flake.nix index 9b21548..f870112 100644 --- a/flake.nix +++ b/flake.nix @@ -22,11 +22,9 @@ outputs = { - self, nixpkgs, home-manager, lix-module, - nixos-hardware, niri, }: let diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 0b5ed96..4f2e6bb 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: { config.programs.zsh = { initExtra = '' diff --git a/hosts/forgejo-runner-1/configuration.nix b/hosts/forgejo-runner-1/configuration.nix index 81b5be8..345e622 100644 --- a/hosts/forgejo-runner-1/configuration.nix +++ b/hosts/forgejo-runner-1/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ ... }: { # uncomment for build check on non arm system (requires --impure) # nixpkgs.buildPlatform = builtins.currentSystem; diff --git a/hosts/forgejo-runner-1/hardware.nix b/hosts/forgejo-runner-1/hardware.nix index f7cb083..e3e6880 100644 --- a/hosts/forgejo-runner-1/hardware.nix +++ b/hosts/forgejo-runner-1/hardware.nix @@ -1,4 +1,4 @@ -{ lib, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; diff --git a/hosts/hetzner-vpn2/configuration.nix b/hosts/hetzner-vpn2/configuration.nix index be2fe7b..8e16ff7 100644 --- a/hosts/hetzner-vpn2/configuration.nix +++ b/hosts/hetzner-vpn2/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ ... }: { # uncomment for build check on non arm system (requires --impure) # nixpkgs.buildPlatform = builtins.currentSystem; diff --git a/hosts/hetzner-vpn2/hardware.nix b/hosts/hetzner-vpn2/hardware.nix index 7cf5ce7..e8fa931 100644 --- a/hosts/hetzner-vpn2/hardware.nix +++ b/hosts/hetzner-vpn2/hardware.nix @@ -1,4 +1,4 @@ -{ lib, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index a9bc583..218b7a9 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, ... }: +{ pkgs, ... }: { security.acme = { acceptTerms = true; diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index 7ad1351..5267e89 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ ... }: { imports = [ ./nginx.nix ]; diff --git a/hosts/vinzenz-pc2/configuration.nix b/hosts/vinzenz-pc2/configuration.nix index aa01095..d2f7439 100644 --- a/hosts/vinzenz-pc2/configuration.nix +++ b/hosts/vinzenz-pc2/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ ... }: { imports = [ ./hardware.nix diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index 9d4fcd8..afb5255 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { config = { services = { diff --git a/modules/desktop-hardware.nix b/modules/desktop-hardware.nix index 62d0ab9..1fed3a8 100644 --- a/modules/desktop-hardware.nix +++ b/modules/desktop-hardware.nix @@ -1,7 +1,6 @@ { lib, pkgs, - config, ... }: { diff --git a/modules/gaming.nix b/modules/gaming.nix index 6cb625f..4214c23 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { config = { hardware = { diff --git a/modules/gnome.nix b/modules/gnome.nix index c510a9d..669109c 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { config = { services = { diff --git a/modules/intel-graphics.nix b/modules/intel-graphics.nix index f23b357..74c6e67 100644 --- a/modules/intel-graphics.nix +++ b/modules/intel-graphics.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { config = { hardware.graphics = { From 526fd80f077a66dabda650852299498e86a2bb4f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 19:07:12 +0100 Subject: [PATCH 174/241] new aliases for pretty build logs --- home/vinzenz/zsh.nix | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 4f2e6bb..02efbce 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -9,11 +9,9 @@ enableCompletion = true; shellAliases = { - my-apply = "sudo nixos-rebuild boot --flake"; - my-switch = "sudo nixos-rebuild switch --flake"; - my-update = "sudo nixos-rebuild boot --upgrade --flake"; - my-pull = "git -C ~/Repos/nixos-configuration pull --rebase"; - my-test = "sudo nixos-rebuild test"; + myos-rebuild-boot = "sudo nixos-rebuild boot --flake .# --show-trace --log-format internal-json -v |& ${pkgs.nix-output-monitor}/bin/nom --json"; + myos-rebuild-switch = "sudo nixos-rebuild switch --flake .# --show-trace --log-format internal-json -v |& ${pkgs.nix-output-monitor}/bin/nom --json"; + my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; my-ip4 = "ip addr show | grep 192"; deadnix = "nix run github:astro/deadnix -- "; From c129b25c6f77773c91e5a9efd7d789efe0decf25 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 19:15:50 +0100 Subject: [PATCH 175/241] nix flake update, remove nixos-hardware --- flake.lock | 47 +++++++++++++++-------------------------------- flake.nix | 2 +- 2 files changed, 16 insertions(+), 33 deletions(-) diff --git a/flake.lock b/flake.lock index c4b1858..a608a1b 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1739757849, - "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", + "lastModified": 1742234739, + "narHash": "sha256-zFL6zsf/5OztR1NSNQF33dvS1fL/BzVUjabZq4qrtY4=", "owner": "nix-community", "repo": "home-manager", - "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", + "rev": "f6af7280a3390e65c2ad8fd059cdc303426cbd59", "type": "github" }, "original": { @@ -103,11 +103,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1742032096, - "narHash": "sha256-/vWpgh3DCdoREIoydTfUnZLYSxKa0yRczOJaT0dDT0o=", + "lastModified": 1742220949, + "narHash": "sha256-ZlPrKLM0FWUP36MNCJYGTlN4ZvoXZ4WY/ENKoaGU6yg=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "e2614d598a86eb892e4d98d18458ee2633285c00", + "rev": "5d8d116ac90f54e4c95bd5c9de31b8df477b12b9", "type": "github" }, "original": { @@ -136,11 +136,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1742026950, - "narHash": "sha256-pd00WzjmAxxS3Da0e4eEzfgauAfX5HwMGfs3nm2hwwA=", + "lastModified": 1742103165, + "narHash": "sha256-zAzMwvozlS2gmqdhrgeMz0PNp3kRDkwxIEfqWT3Hj6g=", "owner": "YaLTeR", "repo": "niri", - "rev": "9e560e7e607638da4f47b6dfef5a83b18711f75d", + "rev": "287480b541e85b13ff6419d372f82fa8e42c603c", "type": "github" }, "original": { @@ -149,29 +149,13 @@ "type": "github" } }, - "nixos-hardware": { - "locked": { - "lastModified": 1741325094, - "narHash": "sha256-RUAdT8dZ6k/486vnu3tiNRrNW6+Q8uSD2Mq7gTX4jlo=", - "owner": "NixOS", - "repo": "nixos-hardware", - "rev": "b48cc4dab0f9711af296fc367b6108cf7b8ccb16", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "master", - "repo": "nixos-hardware", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1741332913, - "narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=", + "lastModified": 1742136038, + "narHash": "sha256-DDe16FJk18sadknQKKG/9FbwEro7A57tg9vB5kxZ8kY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "20755fa05115c84be00b04690630cb38f0a203ad", + "rev": "a1185f4064c18a5db37c5c84e5638c78b46e3341", "type": "github" }, "original": { @@ -186,7 +170,6 @@ "home-manager": "home-manager", "lix-module": "lix-module", "niri": "niri", - "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs" } }, @@ -225,11 +208,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1741910413, - "narHash": "sha256-z9bvteu0rf+xmUDj4VifN06XAFJZQGRSOvdN7rn/oDs=", + "lastModified": 1742083780, + "narHash": "sha256-cVLagXvI4jFbCe76tpvAWA2N2WF94Pl0PpgsGp2P6rM=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "0325cb1f48a292d873a6844772cca00251cbf945", + "rev": "f9ec97b007547ad80147404335ed22e880dbd69d", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f870112..e4d0b8a 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ { inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; - nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + # nixos-hardware.url = "github:NixOS/nixos-hardware/master"; home-manager = { url = "github:nix-community/home-manager/release-24.11"; From e2b8dd31921956933a4b29872b1912287f70d39a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 19:17:16 +0100 Subject: [PATCH 176/241] fix missing parameter deadnix removed --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index e4d0b8a..703576d 100644 --- a/flake.nix +++ b/flake.nix @@ -22,6 +22,7 @@ outputs = { + self, nixpkgs, home-manager, lix-module, From c3c2c1ad6da2819751d6066362601ee43bbbef37 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 21:09:27 +0100 Subject: [PATCH 177/241] add swaylock --- home/vinzenz/default.nix | 1 + home/vinzenz/niri.nix | 1 - home/vinzenz/swaylock.nix | 21 +++++++++++++++++++++ home/vinzenz/waybar.nix | 3 +-- modules/globalinstalls.nix | 2 ++ 5 files changed, 25 insertions(+), 3 deletions(-) create mode 100644 home/vinzenz/swaylock.nix diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 5d68bfc..227ed06 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -28,6 +28,7 @@ ./gnome.nix ./niri.nix ./ssh.nix + ./swaylock.nix ./vscode.nix ./waybar.nix ./zsh.nix diff --git a/home/vinzenz/niri.nix b/home/vinzenz/niri.nix index b801c6b..fa3d008 100644 --- a/home/vinzenz/niri.nix +++ b/home/vinzenz/niri.nix @@ -7,7 +7,6 @@ xwayland-satellite alacritty fuzzel - swaylock ]; qt.style = { diff --git a/home/vinzenz/swaylock.nix b/home/vinzenz/swaylock.nix new file mode 100644 index 0000000..9a4bc2b --- /dev/null +++ b/home/vinzenz/swaylock.nix @@ -0,0 +1,21 @@ +# based on https://codeberg.org/kiara/cfg/src/commit/b9c472acd78c9c08dfe8b6a643c5c82cc5828433/home-manager/kiara/swaylock.nix# +{ pkgs, ... }: +{ + programs.swaylock = { + enable = true; + package = pkgs.swaylock-effects; + # https://github.com/jirutka/swaylock-effects/blob/master/swaylock.1.scd + settings = { + screenshot = true; + effect-blur = "9x9"; + effect-vignette = "0.5:0.5"; + fade-in = 0.5; + font-size = 75; + indicator-caps-lock = true; + clock = true; + indicator-radius = 400; + show-failed-attempts = true; + ignore-empty-password = true; + }; + }; +} diff --git a/home/vinzenz/waybar.nix b/home/vinzenz/waybar.nix index 145e15a..22e608d 100644 --- a/home/vinzenz/waybar.nix +++ b/home/vinzenz/waybar.nix @@ -3,10 +3,9 @@ home.packages = with pkgs; [ waybar playerctl + cava ]; - programs.cava.enable = true; - programs.waybar = { enable = true; settings = { diff --git a/modules/globalinstalls.nix b/modules/globalinstalls.nix index 9afad7d..c4c21d2 100644 --- a/modules/globalinstalls.nix +++ b/modules/globalinstalls.nix @@ -15,6 +15,8 @@ tldr neofetch + + nix-output-monitor ]; }; From 06886d02dcdc8093ac9c0e88fe225d830c3fe95e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 17 Mar 2025 21:49:44 +0100 Subject: [PATCH 178/241] brightness control, swayidle --- home/vinzenz/default.nix | 1 + home/vinzenz/niri.nix | 13 ++++--- home/vinzenz/swaylock.nix | 51 +++++++++++++++++++--------- home/vinzenz/waybar.nix | 10 +++++- hosts/vinzenz-lpt2/configuration.nix | 11 +++++- 5 files changed, 63 insertions(+), 23 deletions(-) diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 227ed06..95573f1 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -16,6 +16,7 @@ "adbusers" "kvm" "input" + "video" ]; shell = pkgs.zsh; autoSubUidGidRange = true; diff --git a/home/vinzenz/niri.nix b/home/vinzenz/niri.nix index fa3d008..53e6899 100644 --- a/home/vinzenz/niri.nix +++ b/home/vinzenz/niri.nix @@ -1,8 +1,13 @@ -{ pkgs, ... }: +{ + pkgs, + lib, + devices, + config, + ... +}: { config = { home.sessionVariables.NIXOS_OZONE_WL = "1"; - home.packages = with pkgs; [ xwayland-satellite alacritty @@ -24,8 +29,6 @@ }; }; - # services.swayidle.enable = true; - programs.niri.settings = { input.keyboard.xkb.layout = "de"; @@ -56,7 +59,7 @@ # Suggested binds for running programs: terminal, app launcher, screen locker. "Mod+T".action.spawn = "alacritty"; "Mod+D".action.spawn = "fuzzel"; - "Super+Alt+L".action.spawn = "swaylock"; + "Super+Alt+L".action.spawn = "${config.programs.swaylock.package}/bin/swaylock"; # You can also use a shell. Do this if you need pipes, multiple commands, etc. # Note: the entire command goes as a single argument in the end. diff --git a/home/vinzenz/swaylock.nix b/home/vinzenz/swaylock.nix index 9a4bc2b..291a90c 100644 --- a/home/vinzenz/swaylock.nix +++ b/home/vinzenz/swaylock.nix @@ -1,21 +1,40 @@ # based on https://codeberg.org/kiara/cfg/src/commit/b9c472acd78c9c08dfe8b6a643c5c82cc5828433/home-manager/kiara/swaylock.nix# -{ pkgs, ... }: +{ pkgs, config, ... }: { - programs.swaylock = { - enable = true; - package = pkgs.swaylock-effects; - # https://github.com/jirutka/swaylock-effects/blob/master/swaylock.1.scd - settings = { - screenshot = true; - effect-blur = "9x9"; - effect-vignette = "0.5:0.5"; - fade-in = 0.5; - font-size = 75; - indicator-caps-lock = true; - clock = true; - indicator-radius = 400; - show-failed-attempts = true; - ignore-empty-password = true; + config = { + programs.swaylock = { + enable = true; + package = pkgs.swaylock-effects; + # https://github.com/jirutka/swaylock-effects/blob/master/swaylock.1.scd + settings = { + screenshot = true; + effect-blur = "9x9"; + effect-vignette = "0.2:0.2"; + fade-in = 0.5; + font-size = 75; + indicator-caps-lock = true; + clock = true; + indicator-radius = 400; + show-failed-attempts = true; + ignore-empty-password = true; + grace = 2; + color = "000000"; + indicator-thickness = 20; + }; + }; + + services.swayidle = { + enable = true; + timeouts = [ + { + timeout = 60; + command = "${config.programs.swaylock.package}/bin/swaylock"; + } + #{ + # timeout = 90; + # command = "${pkgs.systemd}/bin/systemctl suspend"; + #} + ]; }; }; } diff --git a/home/vinzenz/waybar.nix b/home/vinzenz/waybar.nix index 22e608d..a3797cf 100644 --- a/home/vinzenz/waybar.nix +++ b/home/vinzenz/waybar.nix @@ -1,4 +1,9 @@ -{ pkgs, device, ... }: +{ + pkgs, + device, + config, + ... +}: { home.packages = with pkgs; [ waybar @@ -8,6 +13,7 @@ programs.waybar = { enable = true; + systemd.enable = true; settings = { mainBar = { layer = "top"; @@ -105,6 +111,8 @@ backlight = { device = "intel_backlight"; format = "{percent}% "; + on-scroll-down = "light -U 1"; + on-scroll-up = "light -A 1"; }; cpu = { interval = 1; diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index 5267e89..5ec706e 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -27,6 +27,15 @@ # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' #]; - programs.adb.enable = true; + programs = { + adb.enable = true; + light = { + enable = true; + brightnessKeys = { + enable = true; + step = 5; + }; + }; + }; }; } From d1e0c69e4c68b9970916159adbaec11fdfe2f0d6 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Tue, 18 Mar 2025 17:15:11 +0100 Subject: [PATCH 179/241] make fuzzel less bright --- home/vinzenz/niri.nix | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/home/vinzenz/niri.nix b/home/vinzenz/niri.nix index 53e6899..57c30eb 100644 --- a/home/vinzenz/niri.nix +++ b/home/vinzenz/niri.nix @@ -11,7 +11,6 @@ home.packages = with pkgs; [ xwayland-satellite alacritty - fuzzel ]; qt.style = { @@ -29,6 +28,35 @@ }; }; + programs.fuzzel = { + enable = true; + settings = { + main = { + terminal = "${pkgs.alacritty}/bin/alacritty"; + icon-theme = "Adwaita"; + counter = true; + font = "sans:size=10"; + }; + colors = { + border = "0003B3FF"; + background = "0F0F0FFF"; + text = "657b83ff"; + prompt = "586e75ff"; + placeholder = "93a1a1ff"; + input = "657b83ff"; + match = "cb4b16ff"; + selection = "eee8d5ff"; + selection-text = "586e75ff"; + selection-match = "cb4b16ff"; + counter = "93a1a1ff"; + }; + border = { + radius = 30; + width = 3; + }; + }; + }; + programs.niri.settings = { input.keyboard.xkb.layout = "de"; @@ -54,7 +82,7 @@ # Mod-Shift-/, which is usually the same as Mod-?, # shows a list of important hotkeys. - "Mod+Shift+Slash".action.show-hotkey-overlay = { }; + "Mod+Shift+Numbersign".action.show-hotkey-overlay = { }; # Suggested binds for running programs: terminal, app launcher, screen locker. "Mod+T".action.spawn = "alacritty"; From da09ddee494c4e1248ddca2c91ff179104783611 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 16 Feb 2025 12:55:06 +0100 Subject: [PATCH 180/241] re-disable amdvlk --- modules/amd-graphics.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix index 9ec5f75..4ae15ac 100644 --- a/modules/amd-graphics.nix +++ b/modules/amd-graphics.nix @@ -10,7 +10,7 @@ opencl.enable = true; amdvlk = { # TODO: this creates black borders around GNOME apps - enable = true; + # enable = true; support32Bit.enable = config.hardware.graphics.enable32Bit; }; }; From c5ec082fc2d547410b277a1960405ef9e160a491 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 23 Mar 2025 12:08:40 +0100 Subject: [PATCH 181/241] fix pc2 build --- home/vinzenz/waybar.nix | 2 ++ hosts/vinzenz-pc2/configuration.nix | 5 ----- hosts/vinzenz-pc2/imports.nix | 1 + 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/home/vinzenz/waybar.nix b/home/vinzenz/waybar.nix index a3797cf..0cd0c55 100644 --- a/home/vinzenz/waybar.nix +++ b/home/vinzenz/waybar.nix @@ -121,6 +121,8 @@ + (builtins.getAttr device { "vinzenz-lpt2" = "{icon0}{icon1}{icon2}{icon3}{icon4}{icon5}{icon6}{icon7}{icon8}{icon9}{icon10}{icon11}{icon12}{icon13}{icon14}{icon15}{icon16}{icon17}{icon18}{icon19}"; + "vinzenz-pc2" = + "{icon0}{icon1}{icon2}{icon3}{icon4}{icon5}{icon6}{icon7}{icon8}{icon9}{icon10}{icon11}{icon12}{icon13}{icon14}{icon15}"; }) + " "; format-icons = [ diff --git a/hosts/vinzenz-pc2/configuration.nix b/hosts/vinzenz-pc2/configuration.nix index d2f7439..78c9e91 100644 --- a/hosts/vinzenz-pc2/configuration.nix +++ b/hosts/vinzenz-pc2/configuration.nix @@ -20,11 +20,6 @@ # Configure console keymap console.keyMap = "de"; - home-manager.users = { - vinzenz = import ../../home/vinzenz; - ronja = import ../../home/ronja; - }; - users.users.vinzenz.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' diff --git a/hosts/vinzenz-pc2/imports.nix b/hosts/vinzenz-pc2/imports.nix index cf430db..7e9f61a 100644 --- a/hosts/vinzenz-pc2/imports.nix +++ b/hosts/vinzenz-pc2/imports.nix @@ -9,5 +9,6 @@ ../../modules/desktop-hardware.nix ../../home/vinzenz + ../../home/ronja ]; } From f437f448970574de4feddda418014fef3995fbae Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 5 Apr 2025 11:40:13 +0200 Subject: [PATCH 182/241] more niri config --- home/vinzenz/default.nix | 1 + home/vinzenz/fuzzel.nix | 31 +++++++++++++++++++++++++++++++ home/vinzenz/niri.nix | 29 ----------------------------- home/vinzenz/swaylock.nix | 21 ++++++++++++++++----- home/vinzenz/waybar.nix | 2 +- 5 files changed, 49 insertions(+), 35 deletions(-) create mode 100644 home/vinzenz/fuzzel.nix diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 95573f1..59c4747 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -25,6 +25,7 @@ home-manager.users.vinzenz.imports = [ ./configuration.nix ./editorconfig.nix + ./fuzzel.nix ./git.nix ./gnome.nix ./niri.nix diff --git a/home/vinzenz/fuzzel.nix b/home/vinzenz/fuzzel.nix new file mode 100644 index 0000000..db700e8 --- /dev/null +++ b/home/vinzenz/fuzzel.nix @@ -0,0 +1,31 @@ +{ pkgs, ... }: +{ + config.programs.fuzzel = { + enable = true; + settings = { + main = { + terminal = "${pkgs.alacritty}/bin/alacritty"; + icon-theme = "Adwaita"; + counter = true; + font = "sans:size=10"; + }; + colors = { + border = "0003B3FF"; + background = "0F0F0FFF"; + text = "657b83ff"; + prompt = "586e75ff"; + placeholder = "93a1a1ff"; + input = "657b83ff"; + match = "cb4b16ff"; + selection = "eee8d5ff"; + selection-text = "586e75ff"; + selection-match = "cb4b16ff"; + counter = "93a1a1ff"; + }; + border = { + radius = 30; + width = 3; + }; + }; + }; +} diff --git a/home/vinzenz/niri.nix b/home/vinzenz/niri.nix index 57c30eb..9c532ee 100644 --- a/home/vinzenz/niri.nix +++ b/home/vinzenz/niri.nix @@ -28,35 +28,6 @@ }; }; - programs.fuzzel = { - enable = true; - settings = { - main = { - terminal = "${pkgs.alacritty}/bin/alacritty"; - icon-theme = "Adwaita"; - counter = true; - font = "sans:size=10"; - }; - colors = { - border = "0003B3FF"; - background = "0F0F0FFF"; - text = "657b83ff"; - prompt = "586e75ff"; - placeholder = "93a1a1ff"; - input = "657b83ff"; - match = "cb4b16ff"; - selection = "eee8d5ff"; - selection-text = "586e75ff"; - selection-match = "cb4b16ff"; - counter = "93a1a1ff"; - }; - border = { - radius = 30; - width = 3; - }; - }; - }; - programs.niri.settings = { input.keyboard.xkb.layout = "de"; diff --git a/home/vinzenz/swaylock.nix b/home/vinzenz/swaylock.nix index 291a90c..9255f04 100644 --- a/home/vinzenz/swaylock.nix +++ b/home/vinzenz/swaylock.nix @@ -25,15 +25,26 @@ services.swayidle = { enable = true; + systemdTarget = "graphical-session.target"; timeouts = [ { - timeout = 60; + timeout = 30; + command = "${config.programs.swaylock.package}/bin/swaylock"; + } + { + timeout = 60 * 10; + command = "${pkgs.systemd}/bin/systemctl suspend"; + } + ]; + events = [ + { + event = "before-sleep"; + command = "${pkgs.playerctl}/bin/playerctl pause; ${config.programs.swaylock.package}/bin/swaylock"; + } + { + event = "lock"; command = "${config.programs.swaylock.package}/bin/swaylock"; } - #{ - # timeout = 90; - # command = "${pkgs.systemd}/bin/systemctl suspend"; - #} ]; }; }; diff --git a/home/vinzenz/waybar.nix b/home/vinzenz/waybar.nix index 0cd0c55..af276ac 100644 --- a/home/vinzenz/waybar.nix +++ b/home/vinzenz/waybar.nix @@ -6,7 +6,6 @@ }: { home.packages = with pkgs; [ - waybar playerctl cava ]; @@ -14,6 +13,7 @@ programs.waybar = { enable = true; systemd.enable = true; + systemd.target = "graphical-session.target"; settings = { mainBar = { layer = "top"; From 5fc8fe8ac64ec3b29fda34b8cfe4130e24543d68 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 5 Apr 2025 11:42:35 +0200 Subject: [PATCH 183/241] update flake --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index a608a1b..edfe1e8 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1742234739, - "narHash": "sha256-zFL6zsf/5OztR1NSNQF33dvS1fL/BzVUjabZq4qrtY4=", + "lastModified": 1743808813, + "narHash": "sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT+PpMao6FbLJSr0=", "owner": "nix-community", "repo": "home-manager", - "rev": "f6af7280a3390e65c2ad8fd059cdc303426cbd59", + "rev": "a9f8b3db211b4609ddd83683f9db89796c7f6ac6", "type": "github" }, "original": { @@ -103,11 +103,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1742220949, - "narHash": "sha256-ZlPrKLM0FWUP36MNCJYGTlN4ZvoXZ4WY/ENKoaGU6yg=", + "lastModified": 1743791363, + "narHash": "sha256-hGETu0Ilugf0f7S5fFETUP+sS0ATrKcm+7YHs7GBwx4=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "5d8d116ac90f54e4c95bd5c9de31b8df477b12b9", + "rev": "f160e322673614c928e1187c268add9ef038a513", "type": "github" }, "original": { @@ -136,11 +136,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1742103165, - "narHash": "sha256-zAzMwvozlS2gmqdhrgeMz0PNp3kRDkwxIEfqWT3Hj6g=", + "lastModified": 1743774669, + "narHash": "sha256-xrg3m1RP7mvBi0sLPJjnn9UiCqN+NKqU94DZJMoaXZU=", "owner": "YaLTeR", "repo": "niri", - "rev": "287480b541e85b13ff6419d372f82fa8e42c603c", + "rev": "e8da89a430f4af0accfe80efe286b2cffd20a4aa", "type": "github" }, "original": { @@ -151,11 +151,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742136038, - "narHash": "sha256-DDe16FJk18sadknQKKG/9FbwEro7A57tg9vB5kxZ8kY=", + "lastModified": 1743703532, + "narHash": "sha256-s1KLDALEeqy+ttrvqV3jx9mBZEvmthQErTVOAzbjHZs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a1185f4064c18a5db37c5c84e5638c78b46e3341", + "rev": "bdb91860de2f719b57eef819b5617762f7120c70", "type": "github" }, "original": { @@ -208,11 +208,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1742083780, - "narHash": "sha256-cVLagXvI4jFbCe76tpvAWA2N2WF94Pl0PpgsGp2P6rM=", + "lastModified": 1743346993, + "narHash": "sha256-i7rWd/5BcqLgQEtB5L/6gKN5R5GUJcmm34F+iBivH60=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "f9ec97b007547ad80147404335ed22e880dbd69d", + "rev": "45c055696437a08e3989d9b91d9c617b84cc2bc3", "type": "github" }, "original": { From 869213eb0279788080984cff8a36afe82ae1b000 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 7 Apr 2025 19:43:41 +0200 Subject: [PATCH 184/241] update dependencies, add zerforschen.plus to lpt2 as a test --- flake.lock | 67 ++++++++++++++++--------- flake.nix | 14 ++++-- hosts/vinzenz-lpt2/configuration.nix | 4 +- hosts/vinzenz-lpt2/zerforschen-plus.nix | 40 +++++++++++++++ 4 files changed, 98 insertions(+), 27 deletions(-) create mode 100644 hosts/vinzenz-lpt2/zerforschen-plus.nix diff --git a/flake.lock b/flake.lock index edfe1e8..fc02edb 100644 --- a/flake.lock +++ b/flake.lock @@ -5,11 +5,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1726560853, - "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -57,15 +57,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1729298361, - "narHash": "sha256-hiGtfzxFkDc9TSYsb96Whg0vnqBVV7CUxyscZNhed0U=", - "rev": "ad9d06f7838a25beec425ff406fe68721fef73be", + "lastModified": 1737234286, + "narHash": "sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW+DvDtuv9SwQZZcs=", + "rev": "079528098f5998ba13c88821a2eca1005c1695de", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ad9d06f7838a25beec425ff406fe68721fef73be.tar.gz?rev=ad9d06f7838a25beec425ff406fe68721fef73be" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz?rev=079528098f5998ba13c88821a2eca1005c1695de" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.91.1.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/release-2.92.tar.gz" } }, "lix-module": { @@ -78,15 +78,15 @@ ] }, "locked": { - "lastModified": 1729360442, - "narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=", - "rev": "9098ac95768f7006d7e070b88bae76939f6034e6", + "lastModified": 1742943028, + "narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", + "rev": "868d97695bab9d21f6070b03957bcace249fbe3c", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz?rev=9098ac95768f7006d7e070b88bae76939f6034e6" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/868d97695bab9d21f6070b03957bcace249fbe3c.tar.gz?rev=868d97695bab9d21f6070b03957bcace249fbe3c" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz" } }, "niri": { @@ -103,11 +103,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1743791363, - "narHash": "sha256-hGETu0Ilugf0f7S5fFETUP+sS0ATrKcm+7YHs7GBwx4=", + "lastModified": 1743943715, + "narHash": "sha256-9xCTf79Naq7mxvqtjgbcU9ZlNwubAep0qlwrL3GqZQQ=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "f160e322673614c928e1187c268add9ef038a513", + "rev": "f53eac2ea3c72dd4e9739228660f661eb27359d0", "type": "github" }, "original": { @@ -136,11 +136,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1743774669, - "narHash": "sha256-xrg3m1RP7mvBi0sLPJjnn9UiCqN+NKqU94DZJMoaXZU=", + "lastModified": 1743923080, + "narHash": "sha256-Hb3t6FoJycnqIZmu3c6K1bJGndBsrDw8IQtM2ieLbzU=", "owner": "YaLTeR", "repo": "niri", - "rev": "e8da89a430f4af0accfe80efe286b2cffd20a4aa", + "rev": "430b155929a60644ea223012ee0c1389fc5e3755", "type": "github" }, "original": { @@ -151,11 +151,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743703532, - "narHash": "sha256-s1KLDALEeqy+ttrvqV3jx9mBZEvmthQErTVOAzbjHZs=", + "lastModified": 1743813633, + "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bdb91860de2f719b57eef819b5617762f7120c70", + "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", "type": "github" }, "original": { @@ -170,7 +170,8 @@ "home-manager": "home-manager", "lix-module": "lix-module", "niri": "niri", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs", + "zerforschen-plus": "zerforschen-plus" } }, "systems": { @@ -220,6 +221,26 @@ "repo": "xwayland-satellite", "type": "github" } + }, + "zerforschen-plus": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744047745, + "narHash": "sha256-hde60MbFtTb4IR6D2fMkyYZmN/fXGk7/Jc7DK/6LTTk=", + "ref": "refs/heads/main", + "rev": "f739fdfd3b6184cb489910492ff3bc99d319f64d", + "revCount": 6, + "type": "git", + "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" + }, + "original": { + "type": "git", + "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 703576d..8091440 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,6 @@ { inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; - # nixos-hardware.url = "github:NixOS/nixos-hardware/master"; home-manager = { url = "github:nix-community/home-manager/release-24.11"; @@ -9,7 +8,7 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -18,15 +17,21 @@ inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs-stable.follows = "nixpkgs"; }; + + zerforschen-plus = { + url = "git+https://git.berlin.ccc.de/vinzenz/zerforschen.plus"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = - { + inputs@{ self, nixpkgs, home-manager, lix-module, niri, + zerforschen-plus, }: let devices = { @@ -46,6 +51,9 @@ device: system: nixpkgs.lib.nixosSystem { inherit system; + specialArgs = { + inherit inputs; + }; modules = [ lix-module.nixosModules.default diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index 5ec706e..773d0c5 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -1,6 +1,6 @@ { ... }: { - imports = [ ./nginx.nix ]; + imports = [ ./zerforschen-plus.nix ]; config = { networking.networkmanager.enable = true; @@ -37,5 +37,7 @@ }; }; }; + + networking.firewall.allowedTCPPorts = [ 8776 ]; }; } diff --git a/hosts/vinzenz-lpt2/zerforschen-plus.nix b/hosts/vinzenz-lpt2/zerforschen-plus.nix new file mode 100644 index 0000000..af3ea3c --- /dev/null +++ b/hosts/vinzenz-lpt2/zerforschen-plus.nix @@ -0,0 +1,40 @@ +{ + pkgs, + system, + inputs, + ... +}: +{ + security.acme = { + acceptTerms = true; + defaults.email = "acme@zerforschen.plus"; + }; + + security.pam.services.nginx.setEnvironment = false; + systemd.services.nginx.serviceConfig = { + SupplementaryGroups = [ "shadow" ]; + }; + + services.nginx = { + enable = true; + additionalModules = [ pkgs.nginxModules.pam ]; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = { + "zerforschen.plus" = { + #addSSL = true; + #enableACME = true; + root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; + }; + }; + }; + + #networking.firewall.allowedTCPPorts = [ + # 80 + # 443 + #]; +} From 3312a89195ab61a21abb5e80bed997e29e679f2d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 7 Apr 2025 19:52:23 +0200 Subject: [PATCH 185/241] add website to vpn2 --- hosts/hetzner-vpn2/nginx.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index 218b7a9..8db0fb0 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, inputs,... }: { security.acme = { acceptTerms = true; @@ -45,6 +45,12 @@ # (mkServiceConfig pc2 8542) # { locations."/".proxyWebsockets = true; } #]; + + "zerforschen.plus" = { + addSSL = true; + enableACME = true; + root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; + }; }; }; From 6d001a11f4e81d02827dc87332a9c6da5a864e2c Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 10 Apr 2025 00:00:05 +0200 Subject: [PATCH 186/241] update zerforschen.plus --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index fc02edb..573e070 100644 --- a/flake.lock +++ b/flake.lock @@ -229,11 +229,11 @@ ] }, "locked": { - "lastModified": 1744047745, - "narHash": "sha256-hde60MbFtTb4IR6D2fMkyYZmN/fXGk7/Jc7DK/6LTTk=", + "lastModified": 1744235905, + "narHash": "sha256-8ZylJRpDyGvgXJZG1lAGkzlGnVmbZ+GxorkSOzdTXcI=", "ref": "refs/heads/main", - "rev": "f739fdfd3b6184cb489910492ff3bc99d319f64d", - "revCount": 6, + "rev": "19a412f05b282c4a0a8d23c347de8b925ea508be", + "revCount": 10, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From d5509e6ea1e2af6ae8b9f71e66d30a53e4a591a7 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 13 Apr 2025 21:40:52 +0200 Subject: [PATCH 187/241] add new host --- flake.nix | 2 ++ home/vinzenz/vscode.nix | 1 + hosts/hetzner-vpn2/nginx.nix | 40 ++++++++++++++-------------- hosts/ronja-pc/configuration.nix | 25 +++++++++++++++++ hosts/ronja-pc/hardware.nix | 31 +++++++++++++++++++++ hosts/ronja-pc/imports.nix | 10 +++++++ hosts/vinzenz-lpt2/configuration.nix | 1 - hosts/vinzenz-pc2/configuration.nix | 1 - modules/desktop-hardware.nix | 1 + 9 files changed, 90 insertions(+), 22 deletions(-) create mode 100644 hosts/ronja-pc/configuration.nix create mode 100644 hosts/ronja-pc/hardware.nix create mode 100644 hosts/ronja-pc/imports.nix diff --git a/flake.nix b/flake.nix index 8091440..7d83008 100644 --- a/flake.nix +++ b/flake.nix @@ -37,12 +37,14 @@ devices = { vinzenz-lpt2 = "x86_64-linux"; vinzenz-pc2 = "x86_64-linux"; + ronja-pc = "x86_64-linux"; hetzner-vpn2 = "aarch64-linux"; forgejo-runner-1 = "aarch64-linux"; }; homeDevices = [ "vinzenz-lpt2" "vinzenz-pc2" + "ronja-pc" ]; forDevice = f: nixpkgs.lib.mapAttrs f devices; in diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index 098fc4a..d1add79 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -20,6 +20,7 @@ ms-dotnettools.csharp ms-vscode-remote.remote-ssh RoweWilsonFrederiskHolme.wikitext + davidanson.vscode-markdownlint ]; userSettings = { "files.autoSave" = "afterDelay"; diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index 8db0fb0..bd45ab7 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -20,26 +20,26 @@ recommendedOptimisation = true; virtualHosts = - let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = host: port: { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; - }; - }; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - in + #let + # servicesDomain = "services.zerforschen.plus"; + # mkServiceConfig = host: port: { + # addSSL = true; + # enableACME = true; + # locations."/" = { + # proxyPass = "http://${host}:${toString port}/"; + # extraConfig = '' + # # bind to tailscale ip + # proxy_bind 100.88.118.60; + # # pam auth + # limit_except OPTIONS { + # auth_pam "Password Required"; + # auth_pam_service_name "nginx"; + # } + # ''; + # }; + # }; + # pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + #in { #"vscode.${servicesDomain}" = lib.mkMerge [ # (mkServiceConfig pc2 8542) diff --git a/hosts/ronja-pc/configuration.nix b/hosts/ronja-pc/configuration.nix new file mode 100644 index 0000000..0d0a968 --- /dev/null +++ b/hosts/ronja-pc/configuration.nix @@ -0,0 +1,25 @@ +{ + config, + pkgs, + ... +}: { + # Configure keymap in X11 + services.xserver.xkb = { + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + ]; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; +} diff --git a/hosts/ronja-pc/hardware.nix b/hosts/ronja-pc/hardware.nix new file mode 100644 index 0000000..68f6e8d --- /dev/null +++ b/hosts/ronja-pc/hardware.nix @@ -0,0 +1,31 @@ +{lib, ...}: { + boot = { + kernelModules = ["kvm-intel"]; + extraModulePackages = []; + initrd = { + availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; + kernelModules = []; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/27eccf93-a79f-4fcb-8588-ec55d913508f"; + fsType = "btrfs"; + options = ["subvol=@"]; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/85D4-43FC"; + fsType = "vfat"; + options = ["fmask=0077" "dmask=0077"]; + }; + }; + + swapDevices = [ + {device = "/dev/disk/by-uuid/bf9d19fb-499b-4bfb-b67d-131fa5bf8259";} + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = true; +} diff --git a/hosts/ronja-pc/imports.nix b/hosts/ronja-pc/imports.nix new file mode 100644 index 0000000..8b9ed4b --- /dev/null +++ b/hosts/ronja-pc/imports.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/desktop-environment.nix + ../../modules/desktop-hardware.nix + + ../../home/ronja + ]; +} diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index 773d0c5..e7b0153 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -3,7 +3,6 @@ imports = [ ./zerforschen-plus.nix ]; config = { - networking.networkmanager.enable = true; nix.settings.extra-platforms = [ "aarch64-linux" "i686-linux" diff --git a/hosts/vinzenz-pc2/configuration.nix b/hosts/vinzenz-pc2/configuration.nix index 78c9e91..114d24e 100644 --- a/hosts/vinzenz-pc2/configuration.nix +++ b/hosts/vinzenz-pc2/configuration.nix @@ -5,7 +5,6 @@ ./vscode-server.nix ]; config = { - networking.networkmanager.enable = true; nix.settings.extra-platforms = [ "aarch64-linux" "i686-linux" diff --git a/modules/desktop-hardware.nix b/modules/desktop-hardware.nix index 1fed3a8..a8b2f93 100644 --- a/modules/desktop-hardware.nix +++ b/modules/desktop-hardware.nix @@ -27,6 +27,7 @@ }; }; + networking.networkmanager.enable = true; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction From 719c066ea41bf7583fca4c79fd5c32f29090555b Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 13 Apr 2025 21:40:52 +0200 Subject: [PATCH 188/241] update zerfoschen.plus --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 573e070..f85e220 100644 --- a/flake.lock +++ b/flake.lock @@ -229,11 +229,11 @@ ] }, "locked": { - "lastModified": 1744235905, - "narHash": "sha256-8ZylJRpDyGvgXJZG1lAGkzlGnVmbZ+GxorkSOzdTXcI=", + "lastModified": 1745521155, + "narHash": "sha256-MyiSgItvxrFLJhAlFGsyfeDsMpIQFb6T5tpA8HY4Qq8=", "ref": "refs/heads/main", - "rev": "19a412f05b282c4a0a8d23c347de8b925ea508be", - "revCount": 10, + "rev": "ad8b48fbc3cc8ff5134e0104015fe4789aed3615", + "revCount": 11, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From 29b9fb5c107b37b75051e0faffab90ba5e742440 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 24 Apr 2025 22:42:53 +0200 Subject: [PATCH 189/241] update zerforschen.plus --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index f85e220..22be79b 100644 --- a/flake.lock +++ b/flake.lock @@ -229,11 +229,11 @@ ] }, "locked": { - "lastModified": 1745521155, - "narHash": "sha256-MyiSgItvxrFLJhAlFGsyfeDsMpIQFb6T5tpA8HY4Qq8=", + "lastModified": 1745527190, + "narHash": "sha256-5Dve5nrUc1TJkWbZ0iKs4VK3GFSXn8SmdT05MsvFblQ=", "ref": "refs/heads/main", - "rev": "ad8b48fbc3cc8ff5134e0104015fe4789aed3615", - "revCount": 11, + "rev": "7411c96c0610c5d71235f84e80e58512a69a1a46", + "revCount": 13, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From 64b8d473fd7e7e3f8d1e65d957b8806f82657847 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Apr 2025 11:06:06 +0200 Subject: [PATCH 190/241] nix flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index 22be79b..3b4ce17 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1743808813, - "narHash": "sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT+PpMao6FbLJSr0=", + "lastModified": 1745557122, + "narHash": "sha256-eqSo9ugzsqhFgaDFYUZj943nurlX4L6f+AW0skJ4W+M=", "owner": "nix-community", "repo": "home-manager", - "rev": "a9f8b3db211b4609ddd83683f9db89796c7f6ac6", + "rev": "dd26f75fb4ec1c731d4b1396eaf4439ce40a91c1", "type": "github" }, "original": { @@ -103,11 +103,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1743943715, - "narHash": "sha256-9xCTf79Naq7mxvqtjgbcU9ZlNwubAep0qlwrL3GqZQQ=", + "lastModified": 1745657526, + "narHash": "sha256-Mfw6ELZ9M7TiVu/xkDGlAmWJZCFP87QGfpwUPreQCKo=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "f53eac2ea3c72dd4e9739228660f661eb27359d0", + "rev": "03511f07e6357067d2d0a54f8752475c2bdd9629", "type": "github" }, "original": { @@ -136,11 +136,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1743923080, - "narHash": "sha256-Hb3t6FoJycnqIZmu3c6K1bJGndBsrDw8IQtM2ieLbzU=", + "lastModified": 1745653128, + "narHash": "sha256-32HDXJOw9a3O23hAD5km7alRMM5CBmnj0+/1rdDVjhk=", "owner": "YaLTeR", "repo": "niri", - "rev": "430b155929a60644ea223012ee0c1389fc5e3755", + "rev": "a99a0b2492722d2c254b7bdf172d388123de8996", "type": "github" }, "original": { @@ -151,11 +151,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743813633, - "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", + "lastModified": 1745487689, + "narHash": "sha256-FQoi3R0NjQeBAsEOo49b5tbDPcJSMWc3QhhaIi9eddw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", + "rev": "5630cf13cceac06cefe9fc607e8dfa8fb342dde3", "type": "github" }, "original": { @@ -209,11 +209,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1743346993, - "narHash": "sha256-i7rWd/5BcqLgQEtB5L/6gKN5R5GUJcmm34F+iBivH60=", + "lastModified": 1745372360, + "narHash": "sha256-5DX9lYmEbkdANCzME2v3coV0EnWOhS7NsTlGBQuqmjM=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "45c055696437a08e3989d9b91d9c617b84cc2bc3", + "rev": "c31679aa41966ee9272bb240703755cb1e7c72e3", "type": "github" }, "original": { From 3240ba9bdf0f80bc1f00852e4a3e413a8a1acea4 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Apr 2025 11:06:34 +0200 Subject: [PATCH 191/241] misc home tweaks --- home/vinzenz/configuration.nix | 8 ++++++++ home/vinzenz/vscode.nix | 2 +- home/vinzenz/zsh.nix | 2 ++ modules/gnome.nix | 8 +++----- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix index 1927780..1890000 100644 --- a/home/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -24,6 +24,8 @@ enable = true; enableZshIntegration = true; }; + + chromium.enable = true; }; home.packages = with pkgs; [ @@ -41,6 +43,12 @@ blanket vlc + + arduino + arduino-ide + arduino-cli + kicad + kikit ]; home.file."policy.json" = { diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index d1add79..dca318b 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -47,7 +47,7 @@ "git.autofetch" = true; "git.path" = "${lib.getBin pkgs.git}/bin/git"; "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = true; + "explorer.excludeGitIgnore" = false; "markdown.extension.tableFormatter.normalizeIndentation" = true; "markdown.extension.toc.orderedList" = false; "rust-analyzer.checkOnSave.command" = "clippy"; diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 02efbce..8d3bb62 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -12,6 +12,8 @@ myos-rebuild-boot = "sudo nixos-rebuild boot --flake .# --show-trace --log-format internal-json -v |& ${pkgs.nix-output-monitor}/bin/nom --json"; myos-rebuild-switch = "sudo nixos-rebuild switch --flake .# --show-trace --log-format internal-json -v |& ${pkgs.nix-output-monitor}/bin/nom --json"; + s = "nix-shell -p"; + my-direnvallow = "echo \"use nix\" > .envrc && direnv allow"; my-ip4 = "ip addr show | grep 192"; deadnix = "nix run github:astro/deadnix -- "; diff --git a/modules/gnome.nix b/modules/gnome.nix index 669109c..afbae7e 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -57,11 +57,6 @@ # baobab # disk usage ]; - environment.systemPackages = with pkgs; [ - ghex - impression - ]; - # RDP connections networking.firewall.allowedTCPPorts = [ 3389 ]; @@ -76,6 +71,9 @@ pinta dconf-editor gpaste + ghex + impression + papers # graphical installer for flatpak apps gnome-software From 4aa418f56289db293935463fd728915e47564f08 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 1 May 2025 15:14:32 +0200 Subject: [PATCH 192/241] code domain --- hosts/hetzner-vpn2/nginx.nix | 59 +++++++++++++++++------------ hosts/ronja-pc/configuration.nix | 3 +- hosts/ronja-pc/hardware.nix | 27 +++++++++---- hosts/vinzenz-pc2/vscode-server.nix | 1 + 4 files changed, 56 insertions(+), 34 deletions(-) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index bd45ab7..ac37f25 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -1,4 +1,4 @@ -{ pkgs, inputs,... }: +{ pkgs, inputs, ... }: { security.acme = { acceptTerms = true; @@ -20,31 +20,40 @@ recommendedOptimisation = true; virtualHosts = - #let - # servicesDomain = "services.zerforschen.plus"; - # mkServiceConfig = host: port: { - # addSSL = true; - # enableACME = true; - # locations."/" = { - # proxyPass = "http://${host}:${toString port}/"; - # extraConfig = '' - # # bind to tailscale ip - # proxy_bind 100.88.118.60; - # # pam auth - # limit_except OPTIONS { - # auth_pam "Password Required"; - # auth_pam_service_name "nginx"; - # } - # ''; - # }; - # }; - # pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - #in + let + servicesDomain = "services.zerforschen.plus"; + mkServiceConfig = + { host, port }: + { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://${host}:${toString port}/"; + extraConfig = '' + # bind to tailscale ip + proxy_bind 100.88.118.60; + # pam auth + limit_except OPTIONS { + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + } + ''; + }; + }; + pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + in { - #"vscode.${servicesDomain}" = lib.mkMerge [ - # (mkServiceConfig pc2 8542) - # { locations."/".proxyWebsockets = true; } - #]; + "code.${servicesDomain}" = lib.mkMerge [ + (mkServiceConfig { + host = pc2; + port = 8542; + }) + { locations."/".proxyWebsockets = true; } + ]; + "view.${servicesDomain}" = mkServiceConfig { + host = pc2; + port = 1313; + }; "zerforschen.plus" = { addSSL = true; diff --git a/hosts/ronja-pc/configuration.nix b/hosts/ronja-pc/configuration.nix index 0d0a968..0e9124d 100644 --- a/hosts/ronja-pc/configuration.nix +++ b/hosts/ronja-pc/configuration.nix @@ -2,7 +2,8 @@ config, pkgs, ... -}: { +}: +{ # Configure keymap in X11 services.xserver.xkb = { layout = "de"; diff --git a/hosts/ronja-pc/hardware.nix b/hosts/ronja-pc/hardware.nix index 68f6e8d..f668726 100644 --- a/hosts/ronja-pc/hardware.nix +++ b/hosts/ronja-pc/hardware.nix @@ -1,10 +1,18 @@ -{lib, ...}: { +{ lib, ... }: +{ boot = { - kernelModules = ["kvm-intel"]; - extraModulePackages = []; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; initrd = { - availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; - kernelModules = []; + availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usbhid" + "usb_storage" + "sd_mod" + ]; + kernelModules = [ ]; }; }; @@ -12,18 +20,21 @@ "/" = { device = "/dev/disk/by-uuid/27eccf93-a79f-4fcb-8588-ec55d913508f"; fsType = "btrfs"; - options = ["subvol=@"]; + options = [ "subvol=@" ]; }; "/boot" = { device = "/dev/disk/by-uuid/85D4-43FC"; fsType = "vfat"; - options = ["fmask=0077" "dmask=0077"]; + options = [ + "fmask=0077" + "dmask=0077" + ]; }; }; swapDevices = [ - {device = "/dev/disk/by-uuid/bf9d19fb-499b-4bfb-b67d-131fa5bf8259";} + { device = "/dev/disk/by-uuid/bf9d19fb-499b-4bfb-b67d-131fa5bf8259"; } ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; diff --git a/hosts/vinzenz-pc2/vscode-server.nix b/hosts/vinzenz-pc2/vscode-server.nix index 6f8e2d4..770a347 100644 --- a/hosts/vinzenz-pc2/vscode-server.nix +++ b/hosts/vinzenz-pc2/vscode-server.nix @@ -21,6 +21,7 @@ 8543 8544 80 + 1313 ]; }; }; From 5f5c7267dc8c734eca2de87b5c0168523c9fa3b3 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 1 May 2025 17:32:04 +0200 Subject: [PATCH 193/241] revert code domain --- hosts/hetzner-vpn2/nginx.nix | 66 ++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index ac37f25..ff00daa 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -20,40 +20,40 @@ recommendedOptimisation = true; virtualHosts = - let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = - { host, port }: - { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; - }; - }; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - in + #let + # servicesDomain = "services.zerforschen.plus"; + # mkServiceConfig = + # { host, port }: + # { + # addSSL = true; + # enableACME = true; + # locations."/" = { + # proxyPass = "http://${host}:${toString port}/"; + # extraConfig = '' + # # bind to tailscale ip + # proxy_bind 100.88.118.60; + # # pam auth + # limit_except OPTIONS { + # auth_pam "Password Required"; + # auth_pam_service_name "nginx"; + # } + # ''; + # }; + # }; + # pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + #in { - "code.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig { - host = pc2; - port = 8542; - }) - { locations."/".proxyWebsockets = true; } - ]; - "view.${servicesDomain}" = mkServiceConfig { - host = pc2; - port = 1313; - }; + #"code.${servicesDomain}" = lib.mkMerge [ + # (mkServiceConfig { + # host = pc2; + # port = 8542; + # }) + # { locations."/".proxyWebsockets = true; } + #]; + #"view.${servicesDomain}" = mkServiceConfig { + # host = pc2; + # port = 1313; + #}; "zerforschen.plus" = { addSSL = true; From 01f5308c73135d7d1bb7dbab77145e5b49210cbc Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 1 May 2025 22:19:50 +0200 Subject: [PATCH 194/241] add unstable packages --- flake.lock | 17 +++++++++++++++++ flake.nix | 29 ++++++++++++++++++++++------- home/vinzenz/configuration.nix | 2 ++ 3 files changed, 41 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 3b4ce17..84dee85 100644 --- a/flake.lock +++ b/flake.lock @@ -165,12 +165,29 @@ "type": "github" } }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1746061036, + "narHash": "sha256-OxYwCGJf9VJ2KnUO+w/hVJVTjOgscdDg/lPv8Eus07Y=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3afd19146cac33ed242fc0fc87481c67c758a59e", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { "home-manager": "home-manager", "lix-module": "lix-module", "niri": "niri", "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable", "zerforschen-plus": "zerforschen-plus" } }, diff --git a/flake.nix b/flake.nix index 7d83008..566b5e7 100644 --- a/flake.nix +++ b/flake.nix @@ -2,6 +2,8 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + home-manager = { url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; @@ -32,6 +34,7 @@ lix-module, niri, zerforschen-plus, + nixpkgs-unstable, }: let devices = { @@ -48,14 +51,15 @@ ]; forDevice = f: nixpkgs.lib.mapAttrs f devices; in - { + rec { nixosConfigurations = forDevice ( device: system: - nixpkgs.lib.nixosSystem { - inherit system; - specialArgs = { - inherit inputs; - }; + let specialArgs = { + inherit inputs device; + pkgs-unstable = nixpkgs-unstable.legacyPackages."${system}"; + }; + in nixpkgs.lib.nixosSystem { + inherit system specialArgs; modules = [ lix-module.nixosModules.default @@ -69,10 +73,12 @@ ./hosts/${device}/hardware.nix ./hosts/${device}/imports.nix ./hosts/${device}/configuration.nix + + { nixpkgs.overlays = [ overlays.unstable-packages ]; } ] ++ (nixpkgs.lib.optionals (builtins.elem device homeDevices) [ home-manager.nixosModules.home-manager - { home-manager.extraSpecialArgs = { inherit device; }; } + { home-manager.extraSpecialArgs = specialArgs; } ./modules/home-manager.nix ./modules/i18n.nix @@ -83,6 +89,15 @@ } ); + overlays = { + unstable-packages = final: prev: { + unstable = import nixpkgs-unstable { + system = prev.system; + config = prev.config; + }; + }; + }; + formatter = { x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style; aarch64-linux = nixpkgs.legacyPackages.aarch64-linux.nixfmt-rfc-style; diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix index 1890000..8da0974 100644 --- a/home/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -49,6 +49,8 @@ arduino-cli kicad kikit + + unstable.ut1999 ]; home.file."policy.json" = { From 8394652443ddd6912e368390619b361a9a46e113 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 2 May 2025 12:36:36 +0200 Subject: [PATCH 195/241] update flake --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 84dee85..88e914e 100644 --- a/flake.lock +++ b/flake.lock @@ -103,11 +103,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1745657526, - "narHash": "sha256-Mfw6ELZ9M7TiVu/xkDGlAmWJZCFP87QGfpwUPreQCKo=", + "lastModified": 1746125750, + "narHash": "sha256-RCIBY3OxO2G9+moEvZV4WGE3DblRrM96xjiaZbAQRO0=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "03511f07e6357067d2d0a54f8752475c2bdd9629", + "rev": "bb8dc8510f335ed9d52bb00308935b56cd142f32", "type": "github" }, "original": { @@ -136,11 +136,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1745653128, - "narHash": "sha256-32HDXJOw9a3O23hAD5km7alRMM5CBmnj0+/1rdDVjhk=", + "lastModified": 1746122794, + "narHash": "sha256-Cydn06ne11atToF/d6no3HWXwZd4aaTZXBZD1sdCVek=", "owner": "YaLTeR", "repo": "niri", - "rev": "a99a0b2492722d2c254b7bdf172d388123de8996", + "rev": "eb590c53460c24a23024db192a3132687aabc06d", "type": "github" }, "original": { @@ -151,11 +151,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1745487689, - "narHash": "sha256-FQoi3R0NjQeBAsEOo49b5tbDPcJSMWc3QhhaIi9eddw=", + "lastModified": 1746055187, + "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5630cf13cceac06cefe9fc607e8dfa8fb342dde3", + "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", "type": "github" }, "original": { @@ -226,11 +226,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1745372360, - "narHash": "sha256-5DX9lYmEbkdANCzME2v3coV0EnWOhS7NsTlGBQuqmjM=", + "lastModified": 1745730655, + "narHash": "sha256-Tdsw5lD/XM8i1GnQr7ombqnEaCpt/voPs2AbjuYBbjI=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "c31679aa41966ee9272bb240703755cb1e7c72e3", + "rev": "56a681bfecc5831f41f8eb0ec8c7e96c6b277153", "type": "github" }, "original": { From 24a3148044021eff2a01466c576efbbeaddc66a1 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 10 May 2025 13:24:08 +0200 Subject: [PATCH 196/241] add servicepoint tools --- flake.lock | 101 +++++++++++++++++++++++++++++++++ flake.nix | 49 +++++++++++++--- home/vinzenz/configuration.nix | 3 + 3 files changed, 146 insertions(+), 7 deletions(-) diff --git a/flake.lock b/flake.lock index 88e914e..dc2dd75 100644 --- a/flake.lock +++ b/flake.lock @@ -89,6 +89,26 @@ "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz" } }, + "naersk": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1745925850, + "narHash": "sha256-cyAAMal0aPrlb1NgzMxZqeN1mAJ2pJseDhm2m6Um8T0=", + "owner": "nix-community", + "repo": "naersk", + "rev": "38bc60bbc157ae266d4a0c96671c6c742ee17a5f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, "niri": { "inputs": { "niri-stable": "niri-stable", @@ -149,6 +169,36 @@ "type": "github" } }, + "nix-filter": { + "locked": { + "lastModified": 1731533336, + "narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=", + "owner": "numtide", + "repo": "nix-filter", + "rev": "f7653272fd234696ae94229839a99b73c9ab7de0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "nix-filter", + "type": "github" + } + }, + "nix-filter_2": { + "locked": { + "lastModified": 1731533336, + "narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=", + "owner": "numtide", + "repo": "nix-filter", + "rev": "f7653272fd234696ae94229839a99b73c9ab7de0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "nix-filter", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1746055187, @@ -185,12 +235,63 @@ "inputs": { "home-manager": "home-manager", "lix-module": "lix-module", + "naersk": "naersk", "niri": "niri", "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", + "servicepoint-cli": "servicepoint-cli", + "servicepoint-simulator": "servicepoint-simulator", "zerforschen-plus": "zerforschen-plus" } }, + "servicepoint-cli": { + "inputs": { + "naersk": [ + "naersk" + ], + "nix-filter": "nix-filter", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1746866001, + "narHash": "sha256-6jqzJyBRXdwmd5SKIJTfbJ5pRVNshVNPzCtFqobRgTE=", + "ref": "refs/heads/main", + "rev": "e9d3b32f57674e06db1ebf0762bfd736e1f5ea31", + "revCount": 41, + "type": "git", + "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-cli.git" + }, + "original": { + "type": "git", + "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-cli.git" + } + }, + "servicepoint-simulator": { + "inputs": { + "naersk": [ + "naersk" + ], + "nix-filter": "nix-filter_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1746268672, + "narHash": "sha256-IIgxxA5Fk1iLwXiCGbCLrVdduTDAA54DJ2gnfvCOMLQ=", + "ref": "refs/heads/main", + "rev": "33301a51bf501a6886ec2e1c6ad8111247141d2f", + "revCount": 108, + "type": "git", + "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-simulator.git" + }, + "original": { + "type": "git", + "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-simulator.git" + } + }, "systems": { "locked": { "lastModified": 1681028828, diff --git a/flake.nix b/flake.nix index 566b5e7..75f905a 100644 --- a/flake.nix +++ b/flake.nix @@ -24,6 +24,23 @@ url = "git+https://git.berlin.ccc.de/vinzenz/zerforschen.plus"; inputs.nixpkgs.follows = "nixpkgs"; }; + + naersk = { + url = "github:nix-community/naersk"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + servicepoint-cli = { + url = "git+https://git.berlin.ccc.de/servicepoint/servicepoint-cli.git"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.naersk.follows = "naersk"; + }; + + servicepoint-simulator = { + url = "git+https://git.berlin.ccc.de/servicepoint/servicepoint-simulator.git"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.naersk.follows = "naersk"; + }; }; outputs = @@ -35,6 +52,9 @@ niri, zerforschen-plus, nixpkgs-unstable, + servicepoint-cli, + servicepoint-simulator, + naersk, }: let devices = { @@ -54,11 +74,12 @@ rec { nixosConfigurations = forDevice ( device: system: - let specialArgs = { - inherit inputs device; - pkgs-unstable = nixpkgs-unstable.legacyPackages."${system}"; - }; - in nixpkgs.lib.nixosSystem { + let + specialArgs = { + inherit inputs device; + }; + in + nixpkgs.lib.nixosSystem { inherit system specialArgs; modules = [ @@ -74,7 +95,11 @@ ./hosts/${device}/imports.nix ./hosts/${device}/configuration.nix - { nixpkgs.overlays = [ overlays.unstable-packages ]; } + { + nixpkgs.overlays = [ + overlays.unstable-packages + ]; + } ] ++ (nixpkgs.lib.optionals (builtins.elem device homeDevices) [ home-manager.nixosModules.home-manager @@ -84,7 +109,12 @@ ./modules/i18n.nix niri.nixosModules.niri - { nixpkgs.overlays = [ niri.overlays.niri ]; } + { + nixpkgs.overlays = [ + niri.overlays.niri + overlays.servicepoint-packages + ]; + } ]); } ); @@ -96,6 +126,11 @@ config = prev.config; }; }; + servicepoint-packages = final: prev: { + servicepoint-cli = servicepoint-cli.legacyPackages."${prev.system}".servicepoint-cli; + servicepoint-simulator = + servicepoint-simulator.legacyPackages."${prev.system}".servicepoint-simulator; + }; }; formatter = { diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix index 8da0974..d2c79a8 100644 --- a/home/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -51,6 +51,9 @@ kikit unstable.ut1999 + + servicepoint-cli + servicepoint-simulator ]; home.file."policy.json" = { From a2cdba3c909fda1f4b49b4adef7000392d7fb6b3 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 10 May 2025 14:06:50 +0200 Subject: [PATCH 197/241] nix flake update --- flake.lock | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/flake.lock b/flake.lock index dc2dd75..8aa586b 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1745557122, - "narHash": "sha256-eqSo9ugzsqhFgaDFYUZj943nurlX4L6f+AW0skJ4W+M=", + "lastModified": 1746171682, + "narHash": "sha256-EyXUNSa+H+YvGVuQJP1nZskXAowxKYp79RNUsNdQTj4=", "owner": "nix-community", "repo": "home-manager", - "rev": "dd26f75fb4ec1c731d4b1396eaf4439ce40a91c1", + "rev": "50eee705bbdbac942074a8c120e8194185633675", "type": "github" }, "original": { @@ -123,11 +123,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1746125750, - "narHash": "sha256-RCIBY3OxO2G9+moEvZV4WGE3DblRrM96xjiaZbAQRO0=", + "lastModified": 1746142190, + "narHash": "sha256-t36K3TWLMRWoGyjYyo+H8bBquDcp4orZqNZVagWNjwY=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "bb8dc8510f335ed9d52bb00308935b56cd142f32", + "rev": "af701c1c16c289b1b14f333d844b4f756308d244", "type": "github" }, "original": { @@ -156,11 +156,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1746122794, - "narHash": "sha256-Cydn06ne11atToF/d6no3HWXwZd4aaTZXBZD1sdCVek=", + "lastModified": 1746124654, + "narHash": "sha256-LmhkAt2KLvf8lp+kEUQuTFmmv7iXO8IkwwSaPasfXJw=", "owner": "YaLTeR", "repo": "niri", - "rev": "eb590c53460c24a23024db192a3132687aabc06d", + "rev": "6c9705dd4b2eaba25f024d1a3efd7943fd393632", "type": "github" }, "original": { @@ -201,11 +201,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746055187, - "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", + "lastModified": 1746557022, + "narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", + "rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860", "type": "github" }, "original": { @@ -217,11 +217,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1746061036, - "narHash": "sha256-OxYwCGJf9VJ2KnUO+w/hVJVTjOgscdDg/lPv8Eus07Y=", + "lastModified": 1746576598, + "narHash": "sha256-FshoQvr6Aor5SnORVvh/ZdJ1Sa2U4ZrIMwKBX5k2wu0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3afd19146cac33ed242fc0fc87481c67c758a59e", + "rev": "b3582c75c7f21ce0b429898980eddbbf05c68e55", "type": "github" }, "original": { From 889bff482c77b4f0ec2da8d9723c3aa83a8bf9b4 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 18 May 2025 10:05:23 +0200 Subject: [PATCH 198/241] change vscode server bind --- hosts/vinzenz-pc2/vscode-server.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/vinzenz-pc2/vscode-server.nix b/hosts/vinzenz-pc2/vscode-server.nix index 770a347..7416972 100644 --- a/hosts/vinzenz-pc2/vscode-server.nix +++ b/hosts/vinzenz-pc2/vscode-server.nix @@ -4,7 +4,7 @@ enable = true; telemetryLevel = "off"; port = 8542; - host = "100.125.93.127"; # tailscale + host = "127.0.0.1"; withoutConnectionToken = true; extraPackages = with pkgs; [ nodejs From b6ad841847674cc38cae536f41083fd525bf90f8 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 18 May 2025 11:03:25 +0200 Subject: [PATCH 199/241] configure vscode nix formatting --- home/ronja/vscode.nix | 102 ++++++++++++++++++++------------------ home/vinzenz/vscode.nix | 107 ++++++++++++++++++++++------------------ 2 files changed, 113 insertions(+), 96 deletions(-) diff --git a/home/ronja/vscode.nix b/home/ronja/vscode.nix index 79ab666..7b37dd6 100644 --- a/home/ronja/vscode.nix +++ b/home/ronja/vscode.nix @@ -1,57 +1,65 @@ -{ pkgs, ... }: +{ pkgs, lib, ... }: { - config.programs.vscode = { - enable = true; - package = pkgs.vscodium; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - bbenoist.nix - ms-python.python - kamadorueda.alejandra - editorconfig.editorconfig - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - rust-lang.rust-analyzer - tamasfe.even-better-toml - llvm-vs-code-extensions.vscode-clangd - mkhl.direnv - vadimcn.vscode-lldb - ms-dotnettools.csharp - ms-vscode-remote.remote-ssh - ]; - userSettings = { - "files.autoSave" = "afterDelay"; - "files.autoSaveWhenNoErrors" = true; - "files.autoSaveWorkspaceFilesOnly" = true; + config = { + home.sessionVariables.NIXOS_OZONE_WL = "1"; + programs.vscode = { + enable = true; + package = pkgs.vscodium; + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + jnoortheen.nix-ide + ms-python.python + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + ms-dotnettools.csharp + ms-vscode-remote.remote-ssh + ]; + userSettings = { + "files.autoSave" = "afterDelay"; + "files.autoSaveWhenNoErrors" = true; + "files.autoSaveWorkspaceFilesOnly" = true; - "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; - "editor.fontLigatures" = true; - "editor.formatOnSave" = true; - "editor.formatOnSaveMode" = "modificationsIfAvailable"; - "editor.minimap.autohide" = true; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; - "update.mode" = "none"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; + "update.mode" = "none"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; - "git.autofetch" = true; - "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = true; - "markdown.extension.tableFormatter.normalizeIndentation" = true; - "markdown.extension.toc.orderedList" = false; - "rust-analyzer.checkOnSave.command" = "clippy"; + "git.autofetch" = true; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = true; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; + "rust-analyzer.checkOnSave.command" = "clippy"; - "\[makefile\]" = { - "editor.insertSpaces" = false; - "editor.detectIndentation" = false; + "nix.formatterPath" = "${lib.getBin pkgs.nixfmt-rfc-style}/bin/nixfmt"; + + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; + + "\[nix\]" = { + "editor.formatOnSave" = false; + }; }; }; }; diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index dca318b..15f747e 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -1,60 +1,69 @@ { pkgs, lib, ... }: { - config.programs.vscode = { - enable = true; - package = pkgs.vscodium; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - bbenoist.nix - ms-python.python - kamadorueda.alejandra - editorconfig.editorconfig - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - rust-lang.rust-analyzer - tamasfe.even-better-toml - llvm-vs-code-extensions.vscode-clangd - mkhl.direnv - vadimcn.vscode-lldb - ms-dotnettools.csharp - ms-vscode-remote.remote-ssh - RoweWilsonFrederiskHolme.wikitext - davidanson.vscode-markdownlint - ]; - userSettings = { - "files.autoSave" = "afterDelay"; - "files.autoSaveWhenNoErrors" = true; - "files.autoSaveWorkspaceFilesOnly" = true; + config = { + home.sessionVariables.NIXOS_OZONE_WL = "1"; + programs.vscode = { + enable = true; + package = pkgs.vscodium; + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + jnoortheen.nix-ide + ms-python.python + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + ms-dotnettools.csharp + ms-vscode-remote.remote-ssh + RoweWilsonFrederiskHolme.wikitext + davidanson.vscode-markdownlint + ]; + userSettings = { + "files.autoSave" = "afterDelay"; + "files.autoSaveWhenNoErrors" = true; + "files.autoSaveWorkspaceFilesOnly" = true; - "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; - "editor.fontLigatures" = true; - "editor.formatOnSave" = true; - "editor.formatOnSaveMode" = "modificationsIfAvailable"; - "editor.minimap.autohide" = true; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; - "update.mode" = "none"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; + "update.mode" = "none"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; - "git.autofetch" = true; - "git.path" = "${lib.getBin pkgs.git}/bin/git"; - "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = false; - "markdown.extension.tableFormatter.normalizeIndentation" = true; - "markdown.extension.toc.orderedList" = false; - "rust-analyzer.checkOnSave.command" = "clippy"; + "git.autofetch" = true; + "git.path" = "${lib.getBin pkgs.git}/bin/git"; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = false; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; - "\[makefile\]" = { - "editor.insertSpaces" = false; - "editor.detectIndentation" = false; + "rust-analyzer.checkOnSave.command" = "clippy"; + + "nix.formatterPath" = "${lib.getBin pkgs.nixfmt-rfc-style}/bin/nixfmt"; + + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; + + "\[nix\]" = { + "editor.formatOnSave" = false; + }; }; }; }; From 63ba09cb0dd5f50234f3f67f1e68c4653cf4997d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 18 May 2025 11:03:34 +0200 Subject: [PATCH 200/241] fix intellij file system watcher --- home/vinzenz/configuration.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix index d2c79a8..8bcc7be 100644 --- a/home/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -56,8 +56,11 @@ servicepoint-simulator ]; - home.file."policy.json" = { - target = ".config/containers/policy.json"; - text = builtins.readFile ./.config/containers/policy.json; + home.file = { + "policy.json" = { + target = ".config/containers/policy.json"; + text = builtins.readFile ./.config/containers/policy.json; + }; + "idea.properties".text = "idea.filewatcher.executable.path = ${pkgs.fsnotifier}/bin/fsnotifier"; }; } From f71f9f50fb2d7f6411475b3eafad3786fc4851ce Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Wed, 28 May 2025 01:11:44 +0200 Subject: [PATCH 201/241] update zerforschen.plus --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 8aa586b..2b1d8e0 100644 --- a/flake.lock +++ b/flake.lock @@ -347,11 +347,11 @@ ] }, "locked": { - "lastModified": 1745527190, - "narHash": "sha256-5Dve5nrUc1TJkWbZ0iKs4VK3GFSXn8SmdT05MsvFblQ=", + "lastModified": 1748387402, + "narHash": "sha256-5hae2UmVd42S/U6vp0+JQmjkgJrdKkp4vKM9+oEoQDQ=", "ref": "refs/heads/main", - "rev": "7411c96c0610c5d71235f84e80e58512a69a1a46", - "revCount": 13, + "rev": "fe4068c9ec1a8f4184d632d47916580edc2f9c17", + "revCount": 15, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From 1e91b4ba76ac933154bb46d3b1a75484ed7b8c2b Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 29 May 2025 16:06:22 +0200 Subject: [PATCH 202/241] upgrade to 25.05, fix deprecation warnings, remove unfree extensions --- flake.lock | 36 ++++++------ flake.nix | 6 +- home/ronja/default.nix | 4 -- home/ronja/vscode.nix | 94 +++++++++++++++--------------- home/vinzenz/configuration.nix | 5 ++ home/vinzenz/default.nix | 1 - home/vinzenz/vscode.nix | 100 ++++++++++++++++---------------- home/vinzenz/zsh.nix | 4 +- modules/desktop-environment.nix | 18 +++--- 9 files changed, 137 insertions(+), 131 deletions(-) diff --git a/flake.lock b/flake.lock index 2b1d8e0..dc9bd6f 100644 --- a/flake.lock +++ b/flake.lock @@ -40,16 +40,16 @@ ] }, "locked": { - "lastModified": 1746171682, - "narHash": "sha256-EyXUNSa+H+YvGVuQJP1nZskXAowxKYp79RNUsNdQTj4=", + "lastModified": 1748487945, + "narHash": "sha256-e9zc/rHdoH9i+sFFhhQiKoF6IuD+T2rB/nUyPaO7CCg=", "owner": "nix-community", "repo": "home-manager", - "rev": "50eee705bbdbac942074a8c120e8194185633675", + "rev": "0d13ea58d565d3c1c1468ddae1f623316dc395d9", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.11", + "ref": "release-25.05", "repo": "home-manager", "type": "github" } @@ -57,15 +57,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1737234286, - "narHash": "sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW+DvDtuv9SwQZZcs=", - "rev": "079528098f5998ba13c88821a2eca1005c1695de", + "lastModified": 1746827285, + "narHash": "sha256-hsFe4Tsqqg4l+FfQWphDtjC79WzNCZbEFhHI8j2KJzw=", + "rev": "47aad376c87e2e65967f17099277428e4b3f8e5a", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz?rev=079528098f5998ba13c88821a2eca1005c1695de" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/47aad376c87e2e65967f17099277428e4b3f8e5a.tar.gz?rev=47aad376c87e2e65967f17099277428e4b3f8e5a" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/release-2.92.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/2.93.0.tar.gz" } }, "lix-module": { @@ -78,15 +78,15 @@ ] }, "locked": { - "lastModified": 1742943028, - "narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", - "rev": "868d97695bab9d21f6070b03957bcace249fbe3c", + "lastModified": 1746838955, + "narHash": "sha256-11R4K3iAx4tLXjUs+hQ5K90JwDABD/XHhsM9nkeS5N8=", + "rev": "cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/868d97695bab9d21f6070b03957bcace249fbe3c.tar.gz?rev=868d97695bab9d21f6070b03957bcace249fbe3c" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc.tar.gz?rev=cd2a9c028df820a83ca2807dc6c6e7abc3dfa7fc" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz" } }, "naersk": { @@ -201,16 +201,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1746557022, - "narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=", + "lastModified": 1748302896, + "narHash": "sha256-ixMT0a8mM091vSswlTORZj93WQAJsRNmEvqLL+qwTFM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860", + "rev": "7848cd8c982f7740edf76ddb3b43d234cb80fc4d", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 75f905a..bafecdc 100644 --- a/flake.nix +++ b/flake.nix @@ -1,16 +1,16 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; home-manager = { - url = "github:nix-community/home-manager/release-24.11"; + url = "github:nix-community/home-manager/release-25.05"; inputs.nixpkgs.follows = "nixpkgs"; }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0-3.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/home/ronja/default.nix b/home/ronja/default.nix index 46aa848..8ce9b92 100644 --- a/home/ronja/default.nix +++ b/home/ronja/default.nix @@ -20,9 +20,5 @@ ./configuration.nix ./vscode.nix ]; - - allowedUnfreePackages = [ - "vscode-extension-ms-vscode-remote-remote-ssh" - ]; }; } diff --git a/home/ronja/vscode.nix b/home/ronja/vscode.nix index 7b37dd6..5a4ac7f 100644 --- a/home/ronja/vscode.nix +++ b/home/ronja/vscode.nix @@ -5,60 +5,62 @@ programs.vscode = { enable = true; package = pkgs.vscodium; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - jnoortheen.nix-ide - ms-python.python - editorconfig.editorconfig - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - rust-lang.rust-analyzer - tamasfe.even-better-toml - llvm-vs-code-extensions.vscode-clangd - mkhl.direnv - vadimcn.vscode-lldb - ms-dotnettools.csharp - ms-vscode-remote.remote-ssh - ]; - userSettings = { - "files.autoSave" = "afterDelay"; - "files.autoSaveWhenNoErrors" = true; - "files.autoSaveWorkspaceFilesOnly" = true; + profiles.default = { + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + jnoortheen.nix-ide + ms-python.python + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + # ms-dotnettools.csharp + # ms-vscode-remote.remote-ssh + ]; + userSettings = { + "files.autoSave" = "afterDelay"; + "files.autoSaveWhenNoErrors" = true; + "files.autoSaveWorkspaceFilesOnly" = true; - "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; - "editor.fontLigatures" = true; - "editor.formatOnSave" = true; - "editor.formatOnSaveMode" = "modificationsIfAvailable"; - "editor.minimap.autohide" = true; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; - "update.mode" = "none"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; + "update.mode" = "none"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; - "git.autofetch" = true; - "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = true; - "markdown.extension.tableFormatter.normalizeIndentation" = true; - "markdown.extension.toc.orderedList" = false; - "rust-analyzer.checkOnSave.command" = "clippy"; + "git.autofetch" = true; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = true; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; + "rust-analyzer.checkOnSave.command" = "clippy"; - "nix.formatterPath" = "${lib.getBin pkgs.nixfmt-rfc-style}/bin/nixfmt"; + "nix.formatterPath" = "${lib.getBin pkgs.nixfmt-rfc-style}/bin/nixfmt"; - "\[makefile\]" = { - "editor.insertSpaces" = false; - "editor.detectIndentation" = false; - }; + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; - "\[nix\]" = { - "editor.formatOnSave" = false; + "\[nix\]" = { + "editor.formatOnSave" = false; + }; }; }; }; diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix index 8bcc7be..c67ce48 100644 --- a/home/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -8,6 +8,7 @@ direnv = { enable = true; nix-direnv.enable = true; + enableZshIntegration = true; }; eza = { @@ -44,6 +45,8 @@ blanket vlc + ptyxis + arduino arduino-ide arduino-cli @@ -54,6 +57,8 @@ servicepoint-cli servicepoint-simulator + + anydesk ]; home.file = { diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 59c4747..c147122 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -37,7 +37,6 @@ ]; allowedUnfreePackages = [ - "vscode-extension-ms-vscode-remote-remote-ssh" "insync" "insync-pkg" diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index 15f747e..bb48bd7 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -5,64 +5,66 @@ programs.vscode = { enable = true; package = pkgs.vscodium; - enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - jnoortheen.nix-ide - ms-python.python - editorconfig.editorconfig - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - rust-lang.rust-analyzer - tamasfe.even-better-toml - llvm-vs-code-extensions.vscode-clangd - mkhl.direnv - vadimcn.vscode-lldb - ms-dotnettools.csharp - ms-vscode-remote.remote-ssh - RoweWilsonFrederiskHolme.wikitext - davidanson.vscode-markdownlint - ]; - userSettings = { - "files.autoSave" = "afterDelay"; - "files.autoSaveWhenNoErrors" = true; - "files.autoSaveWorkspaceFilesOnly" = true; + profiles.default = { + enableUpdateCheck = false; + extensions = with pkgs.vscode-extensions; [ + jnoortheen.nix-ide + ms-python.python + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + vadimcn.vscode-lldb + # ms-dotnettools.csharp + # ms-vscode-remote.remote-ssh + RoweWilsonFrederiskHolme.wikitext + davidanson.vscode-markdownlint + ]; + userSettings = { + "files.autoSave" = "afterDelay"; + "files.autoSaveWhenNoErrors" = true; + "files.autoSaveWorkspaceFilesOnly" = true; - "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; - "editor.fontLigatures" = true; - "editor.formatOnSave" = true; - "editor.formatOnSaveMode" = "modificationsIfAvailable"; - "editor.minimap.autohide" = true; + "editor.fontFamily" = "'Fira Code', 'Droid Sans Mono', 'monospace', monospace"; + "editor.fontLigatures" = true; + "editor.formatOnSave" = true; + "editor.formatOnSaveMode" = "modificationsIfAvailable"; + "editor.minimap.autohide" = true; - "workbench.startupEditor" = "readme"; - "workbench.enableExperiments" = false; - "workbench.iconTheme" = "material-icon-theme"; + "workbench.startupEditor" = "readme"; + "workbench.enableExperiments" = false; + "workbench.iconTheme" = "material-icon-theme"; - "update.mode" = "none"; - "extensions.autoUpdate" = false; - "extensions.autoCheckUpdates" = false; + "update.mode" = "none"; + "extensions.autoUpdate" = false; + "extensions.autoCheckUpdates" = false; - "telemetry.telemetryLevel" = "off"; - "redhat.telemetry.enabled" = false; + "telemetry.telemetryLevel" = "off"; + "redhat.telemetry.enabled" = false; - "git.autofetch" = true; - "git.path" = "${lib.getBin pkgs.git}/bin/git"; - "diffEditor.diffAlgorithm" = "advanced"; - "explorer.excludeGitIgnore" = false; - "markdown.extension.tableFormatter.normalizeIndentation" = true; - "markdown.extension.toc.orderedList" = false; + "git.autofetch" = true; + "git.path" = "${lib.getBin pkgs.git}/bin/git"; + "diffEditor.diffAlgorithm" = "advanced"; + "explorer.excludeGitIgnore" = false; + "markdown.extension.tableFormatter.normalizeIndentation" = true; + "markdown.extension.toc.orderedList" = false; - "rust-analyzer.checkOnSave.command" = "clippy"; + "rust-analyzer.checkOnSave.command" = "clippy"; - "nix.formatterPath" = "${lib.getBin pkgs.nixfmt-rfc-style}/bin/nixfmt"; + "nix.formatterPath" = "${lib.getBin pkgs.nixfmt-rfc-style}/bin/nixfmt"; - "\[makefile\]" = { - "editor.insertSpaces" = false; - "editor.detectIndentation" = false; - }; + "\[makefile\]" = { + "editor.insertSpaces" = false; + "editor.detectIndentation" = false; + }; - "\[nix\]" = { - "editor.formatOnSave" = false; + "\[nix\]" = { + "editor.formatOnSave" = false; + }; }; }; }; diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index 8d3bb62..ba89d8e 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -1,8 +1,8 @@ { config, pkgs, ... }: { config.programs.zsh = { - initExtra = '' - eval "$(direnv hook zsh)"; + initContent = '' + # eval "$(direnv hook zsh)"; export PATH=$PATH:/home/vinzenz/.cargo/bin ''; diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix index afb5255..ffb00eb 100644 --- a/modules/desktop-environment.nix +++ b/modules/desktop-environment.nix @@ -13,14 +13,16 @@ }; # Enable sound with pipewire. - hardware.pulseaudio.enable = false; security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - #jack.enable = true; + services = { + pulseaudio.enable = false; + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + #jack.enable = true; + }; }; programs = { @@ -100,7 +102,7 @@ enableDefaultPackages = true; fontconfig.defaultFonts.monospace = [ "FiraCode Nerd Font" ]; packages = with pkgs; [ - (nerdfonts.override { fonts = [ "FiraCode" ]; }) + nerd-fonts.fira-code roboto-mono recursive ]; From f9b79cf4a00eb84499f292220363060867a128ae Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Jun 2025 09:41:05 +0200 Subject: [PATCH 203/241] i trust myself --- home/vinzenz/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index c147122..5b7e80d 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -22,6 +22,8 @@ autoSubUidGidRange = true; }; + nix.settings.trusted-users = [ "vinzenz" ]; + home-manager.users.vinzenz.imports = [ ./configuration.nix ./editorconfig.nix From 3d27f554015ece713fa22fe829d711b430d6bbda Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Jun 2025 10:22:07 +0200 Subject: [PATCH 204/241] 25.05 fixes --- flake.lock | 6 +++--- home/vinzenz/configuration.nix | 2 +- home/vinzenz/niri.nix | 3 ++- hosts/vinzenz-pc2/vscode-server.nix | 1 + modules/amd-graphics.nix | 2 +- 5 files changed, 8 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index dc9bd6f..d503e7b 100644 --- a/flake.lock +++ b/flake.lock @@ -217,11 +217,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1746576598, - "narHash": "sha256-FshoQvr6Aor5SnORVvh/ZdJ1Sa2U4ZrIMwKBX5k2wu0=", + "lastModified": 1748662220, + "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b3582c75c7f21ce0b429898980eddbbf05c68e55", + "rev": "59138c7667b7970d205d6a05a8bfa2d78caa3643", "type": "github" }, "original": { diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix index c67ce48..a7b8fb4 100644 --- a/home/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -53,7 +53,7 @@ kicad kikit - unstable.ut1999 + ut1999 servicepoint-cli servicepoint-simulator diff --git a/home/vinzenz/niri.nix b/home/vinzenz/niri.nix index 9c532ee..7c90a93 100644 --- a/home/vinzenz/niri.nix +++ b/home/vinzenz/niri.nix @@ -21,7 +21,8 @@ services = { kdeconnect = { enable = true; - indicator = true; + # this still shows up in gnome session starting with 25.05 + # indicator = true; }; mako = { enable = true; diff --git a/hosts/vinzenz-pc2/vscode-server.nix b/hosts/vinzenz-pc2/vscode-server.nix index 7416972..d1164f1 100644 --- a/hosts/vinzenz-pc2/vscode-server.nix +++ b/hosts/vinzenz-pc2/vscode-server.nix @@ -2,6 +2,7 @@ { services.openvscode-server = { enable = true; + package = pkgs.unstable.openvscode-server; telemetryLevel = "off"; port = 8542; host = "127.0.0.1"; diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix index 4ae15ac..d36b42d 100644 --- a/modules/amd-graphics.nix +++ b/modules/amd-graphics.nix @@ -11,7 +11,7 @@ amdvlk = { # TODO: this creates black borders around GNOME apps # enable = true; - support32Bit.enable = config.hardware.graphics.enable32Bit; + # support32Bit.enable = config.hardware.graphics.enable32Bit; }; }; }; From 62307246d54f49444b6dbc535be0dddf5f85d35d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Jun 2025 13:47:59 +0200 Subject: [PATCH 205/241] nil --- home/vinzenz/vscode.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index bb48bd7..58d31b6 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -56,6 +56,15 @@ "rust-analyzer.checkOnSave.command" = "clippy"; "nix.formatterPath" = "${lib.getBin pkgs.nixfmt-rfc-style}/bin/nixfmt"; + "nix.enableLanguageServer" = true; + "nix.serverPath" = "${lib.getBin pkgs.nil}/bin/nil"; + "nix.serverSettings" = { + "nil" = { + "formatting" = { + "command" = [ "${lib.getBin pkgs.nixfmt-rfc-style}/bin/nixfmt" ]; + }; + }; + }; "\[makefile\]" = { "editor.insertSpaces" = false; From 3b16163af92097228353794af1221993b6273ee4 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 1 Jun 2025 13:49:03 +0200 Subject: [PATCH 206/241] update zerforschen.plus --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index d503e7b..c7d16fd 100644 --- a/flake.lock +++ b/flake.lock @@ -347,11 +347,11 @@ ] }, "locked": { - "lastModified": 1748387402, - "narHash": "sha256-5hae2UmVd42S/U6vp0+JQmjkgJrdKkp4vKM9+oEoQDQ=", + "lastModified": 1748777873, + "narHash": "sha256-sDyp1LeP+BOiG4AvpX28bPPxLUpXwlredK+uqxguTPs=", "ref": "refs/heads/main", - "rev": "fe4068c9ec1a8f4184d632d47916580edc2f9c17", - "revCount": 15, + "rev": "da2b589ad01d79a02985511fd5dce31731abad5a", + "revCount": 17, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From 9ddcc7511dc1753c72c4b9f508e543b3790e8c00 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 6 Jun 2025 17:37:51 +0200 Subject: [PATCH 207/241] add builder to ssh config --- home/vinzenz/ssh.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/vinzenz/ssh.nix b/home/vinzenz/ssh.nix index 260185f..5121270 100644 --- a/home/vinzenz/ssh.nix +++ b/home/vinzenz/ssh.nix @@ -50,6 +50,10 @@ hostname = "avd.club.berlin.ccc.de"; user = "vinzenz"; }; + "builder.berlin.ccc.de" = { + hostname = "195.160.172.36"; + user = "root"; + }; }; }; } From 6ac5b12bc357f695d1d83e05070521098620cbcc Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 6 Jun 2025 17:40:13 +0200 Subject: [PATCH 208/241] nix flake update --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index c7d16fd..f4724d7 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1748487945, - "narHash": "sha256-e9zc/rHdoH9i+sFFhhQiKoF6IuD+T2rB/nUyPaO7CCg=", + "lastModified": 1749154018, + "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", "owner": "nix-community", "repo": "home-manager", - "rev": "0d13ea58d565d3c1c1468ddae1f623316dc395d9", + "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", "type": "github" }, "original": { @@ -123,11 +123,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1746142190, - "narHash": "sha256-t36K3TWLMRWoGyjYyo+H8bBquDcp4orZqNZVagWNjwY=", + "lastModified": 1749144707, + "narHash": "sha256-JcSmySCB3pOtzeWMaEksZgaiNedEDIC6qyBezkK+92Q=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "af701c1c16c289b1b14f333d844b4f756308d244", + "rev": "32d49ef427be377c82d32ce74ff3082c2c992199", "type": "github" }, "original": { @@ -156,11 +156,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1746124654, - "narHash": "sha256-LmhkAt2KLvf8lp+kEUQuTFmmv7iXO8IkwwSaPasfXJw=", + "lastModified": 1749112952, + "narHash": "sha256-ajI1cXa2AgdZSELvlVaQZd0XMi4eM8H3Ys0Ek8a/roI=", "owner": "YaLTeR", "repo": "niri", - "rev": "6c9705dd4b2eaba25f024d1a3efd7943fd393632", + "rev": "242ebf294514cc22f4f9d83c0566c8ffe1cb8d8a", "type": "github" }, "original": { @@ -201,11 +201,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748302896, - "narHash": "sha256-ixMT0a8mM091vSswlTORZj93WQAJsRNmEvqLL+qwTFM=", + "lastModified": 1749086602, + "narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7848cd8c982f7740edf76ddb3b43d234cb80fc4d", + "rev": "4792576cb003c994bd7cc1edada3129def20b27d", "type": "github" }, "original": { @@ -217,11 +217,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1748662220, - "narHash": "sha256-7gGa49iB9nCnFk4h/g9zwjlQAyjtpgcFkODjcOQS0Es=", + "lastModified": 1749174413, + "narHash": "sha256-urN9UMK5cd1dzhR+Lx0xHeTgBp2MatA5+6g9JaxjuQs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "59138c7667b7970d205d6a05a8bfa2d78caa3643", + "rev": "6ad174a6dc07c7742fc64005265addf87ad08615", "type": "github" }, "original": { @@ -327,11 +327,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1745730655, - "narHash": "sha256-Tdsw5lD/XM8i1GnQr7ombqnEaCpt/voPs2AbjuYBbjI=", + "lastModified": 1748488455, + "narHash": "sha256-IiLr1alzKFIy5tGGpDlabQbe6LV1c9ABvkH6T5WmyRI=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "56a681bfecc5831f41f8eb0ec8c7e96c6b277153", + "rev": "3ba30b149f9eb2bbf42cf4758d2158ca8cceef73", "type": "github" }, "original": { From 0261c84d626896256932a45bbad045e2838d179d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 7 Jun 2025 23:07:44 +0200 Subject: [PATCH 209/241] add hosts to ssh --- home/vinzenz/ssh.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/home/vinzenz/ssh.nix b/home/vinzenz/ssh.nix index 5121270..57eeb5f 100644 --- a/home/vinzenz/ssh.nix +++ b/home/vinzenz/ssh.nix @@ -54,6 +54,15 @@ hostname = "195.160.172.36"; user = "root"; }; + "cccb.zerforschen.plus" = { + hostname = "2a01:4f8:c013:cbdd::1"; + user = "root"; + }; + "berlin.ccc.de" = { + hostname = "195.160.173.9"; + user = "deploy"; + port = 31337; + }; }; }; } From be565adff68e8084ee0da83b2815f229323cebdc Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 28 Jun 2025 09:46:08 +0200 Subject: [PATCH 210/241] add nix-vscode-extensions, deduplicate inputs --- flake.lock | 69 ++++++++++++++++++++++++++++++++++-------------------- flake.nix | 34 +++++++++++++++++++++++---- 2 files changed, 72 insertions(+), 31 deletions(-) diff --git a/flake.lock b/flake.lock index f4724d7..9525d73 100644 --- a/flake.lock +++ b/flake.lock @@ -70,7 +70,9 @@ }, "lix-module": { "inputs": { - "flake-utils": "flake-utils", + "flake-utils": [ + "flake-utils" + ], "flakey-profile": "flakey-profile", "lix": "lix", "nixpkgs": [ @@ -123,11 +125,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1749144707, - "narHash": "sha256-JcSmySCB3pOtzeWMaEksZgaiNedEDIC6qyBezkK+92Q=", + "lastModified": 1749890123, + "narHash": "sha256-pRkyWFytGAMaHlrOJIYYEur8NRDe0kTfMIhRdTeasRQ=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "32d49ef427be377c82d32ce74ff3082c2c992199", + "rev": "8f39eb82488525728eda222b34e79b1ecf6d3f96", "type": "github" }, "original": { @@ -156,11 +158,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1749112952, - "narHash": "sha256-ajI1cXa2AgdZSELvlVaQZd0XMi4eM8H3Ys0Ek8a/roI=", + "lastModified": 1749797708, + "narHash": "sha256-P5x0U6AW5Zn20bARv4D83d8XlNaWK1st9QwBfSe+Vfg=", "owner": "YaLTeR", "repo": "niri", - "rev": "242ebf294514cc22f4f9d83c0566c8ffe1cb8d8a", + "rev": "f3f6e79eeca8924ff9cfea4b30006e5b782bc93e", "type": "github" }, "original": { @@ -184,28 +186,36 @@ "type": "github" } }, - "nix-filter_2": { + "nix-vscode-extensions": { + "inputs": { + "flake-utils": [ + "flake-utils" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, "locked": { - "lastModified": 1731533336, - "narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=", - "owner": "numtide", - "repo": "nix-filter", - "rev": "f7653272fd234696ae94229839a99b73c9ab7de0", + "lastModified": 1749953646, + "narHash": "sha256-NwuPVQfAbrq46nAtjz9MIQ3XLK6f9OLzgY8hJlQKS/8=", + "owner": "nix-community", + "repo": "nix-vscode-extensions", + "rev": "459503794a816b2d9038fc0c9181805acf45bafb", "type": "github" }, "original": { - "owner": "numtide", - "repo": "nix-filter", + "owner": "nix-community", + "repo": "nix-vscode-extensions", "type": "github" } }, "nixpkgs": { "locked": { - "lastModified": 1749086602, - "narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", + "lastModified": 1749727998, + "narHash": "sha256-mHv/yeUbmL91/TvV95p+mBVahm9mdQMJoqaTVTALaFw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4792576cb003c994bd7cc1edada3129def20b27d", + "rev": "fd487183437963a59ba763c0cc4f27e3447dd6dd", "type": "github" }, "original": { @@ -217,11 +227,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1749174413, - "narHash": "sha256-urN9UMK5cd1dzhR+Lx0xHeTgBp2MatA5+6g9JaxjuQs=", + "lastModified": 1749871736, + "narHash": "sha256-K9yBph93OLTNw02Q6e9CYFGrUhvEXnh45vrZqIRWfvQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6ad174a6dc07c7742fc64005265addf87ad08615", + "rev": "6afe187897bef7933475e6af374c893f4c84a293", "type": "github" }, "original": { @@ -233,10 +243,13 @@ }, "root": { "inputs": { + "flake-utils": "flake-utils", "home-manager": "home-manager", "lix-module": "lix-module", "naersk": "naersk", "niri": "niri", + "nix-filter": "nix-filter", + "nix-vscode-extensions": "nix-vscode-extensions", "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "servicepoint-cli": "servicepoint-cli", @@ -249,7 +262,9 @@ "naersk": [ "naersk" ], - "nix-filter": "nix-filter", + "nix-filter": [ + "nix-filter" + ], "nixpkgs": [ "nixpkgs" ] @@ -273,7 +288,9 @@ "naersk": [ "naersk" ], - "nix-filter": "nix-filter_2", + "nix-filter": [ + "nix-filter" + ], "nixpkgs": [ "nixpkgs" ] @@ -327,11 +344,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1748488455, - "narHash": "sha256-IiLr1alzKFIy5tGGpDlabQbe6LV1c9ABvkH6T5WmyRI=", + "lastModified": 1749315541, + "narHash": "sha256-bEik1BfVOFnWvtOrcOHluos/edJ8f+G2y1QySbt/0Ak=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "3ba30b149f9eb2bbf42cf4758d2158ca8cceef73", + "rev": "da2ecb5be816de35e2efe23a408a1c49fe8b11ba", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index bafecdc..1791bbb 100644 --- a/flake.nix +++ b/flake.nix @@ -11,7 +11,10 @@ lix-module = { url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs = { + nixpkgs.follows = "nixpkgs"; + flake-utils.follows = "flake-utils"; + }; }; niri = { @@ -32,15 +35,33 @@ servicepoint-cli = { url = "git+https://git.berlin.ccc.de/servicepoint/servicepoint-cli.git"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.naersk.follows = "naersk"; + inputs = { + nixpkgs.follows = "nixpkgs"; + naersk.follows = "naersk"; + nix-filter.follows = "nix-filter"; + }; }; servicepoint-simulator = { url = "git+https://git.berlin.ccc.de/servicepoint/servicepoint-simulator.git"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.naersk.follows = "naersk"; + inputs = { + nixpkgs.follows = "nixpkgs"; + naersk.follows = "naersk"; + nix-filter.follows = "nix-filter"; + }; }; + + nix-vscode-extensions = { + url = "github:nix-community/nix-vscode-extensions"; + inputs = { + nixpkgs.follows = "nixpkgs"; + flake-utils.follows = "flake-utils"; + }; + }; + + # this is used to pin transitive dependencies to the same version + flake-utils.url = "github:numtide/flake-utils"; + nix-filter.url = "github:numtide/nix-filter"; }; outputs = @@ -55,6 +76,8 @@ servicepoint-cli, servicepoint-simulator, naersk, + nix-vscode-extensions, + ... }: let devices = { @@ -113,6 +136,7 @@ nixpkgs.overlays = [ niri.overlays.niri overlays.servicepoint-packages + nix-vscode-extensions.overlays.default ]; } ]); From 316e88afd345160267d2955f0e37de57b949c1ad Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 28 Jun 2025 09:46:50 +0200 Subject: [PATCH 211/241] get most extensions from open-vsx --- home/vinzenz/default.nix | 2 ++ home/vinzenz/vscode.nix | 40 +++++++++++++++++++++++----------------- 2 files changed, 25 insertions(+), 17 deletions(-) diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 5b7e80d..db55596 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -47,6 +47,8 @@ "jetbrains-toolbox" "anydesk" + + "vscode-extension-ms-dotnettools-csharp" ]; }; } diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index 58d31b6..548ed3e 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -7,23 +7,27 @@ package = pkgs.vscodium; profiles.default = { enableUpdateCheck = false; - extensions = with pkgs.vscode-extensions; [ - jnoortheen.nix-ide - ms-python.python - editorconfig.editorconfig - yzhang.markdown-all-in-one - redhat.vscode-yaml - pkief.material-icon-theme - rust-lang.rust-analyzer - tamasfe.even-better-toml - llvm-vs-code-extensions.vscode-clangd - mkhl.direnv - vadimcn.vscode-lldb - # ms-dotnettools.csharp - # ms-vscode-remote.remote-ssh - RoweWilsonFrederiskHolme.wikitext - davidanson.vscode-markdownlint - ]; + extensions = + with pkgs.nix-vscode-extensions.open-vsx; + [ + jnoortheen.nix-ide + ms-python.python + editorconfig.editorconfig + yzhang.markdown-all-in-one + redhat.vscode-yaml + pkief.material-icon-theme + rust-lang.rust-analyzer + tamasfe.even-better-toml + llvm-vs-code-extensions.vscode-clangd + mkhl.direnv + muhammad-sammy.csharp + davidanson.vscode-markdownlint + ] + ++ (with pkgs.vscode-extensions; [ + vadimcn.vscode-lldb + RoweWilsonFrederiskHolme.wikitext + ms-dotnettools.csharp + ]); userSettings = { "files.autoSave" = "afterDelay"; "files.autoSaveWhenNoErrors" = true; @@ -66,6 +70,8 @@ }; }; + "dotnetAcquisitionExtension.sharedExistingDotnetPath" = "${lib.getBin pkgs.dotnet-sdk}/bin/dotnet"; + "\[makefile\]" = { "editor.insertSpaces" = false; "editor.detectIndentation" = false; From 12a1359d318fcb480531a85e634ad25683b94faa Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 28 Jun 2025 09:47:59 +0200 Subject: [PATCH 212/241] nix flake update --- flake.lock | 58 +++++++++++++++++++++++++++--------------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/flake.lock b/flake.lock index 9525d73..d626a2a 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1749154018, - "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", + "lastModified": 1750792728, + "narHash": "sha256-Lh3dopA8DdY+ZoaAJPrtkZOZaFEJGSYjOdAYYgOPgE4=", "owner": "nix-community", "repo": "home-manager", - "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", + "rev": "366f00797b1efb70f2882d3da485e3c10fd3d557", "type": "github" }, "original": { @@ -125,11 +125,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1749890123, - "narHash": "sha256-pRkyWFytGAMaHlrOJIYYEur8NRDe0kTfMIhRdTeasRQ=", + "lastModified": 1751073903, + "narHash": "sha256-6pUwEiEJw8PGqUn2+Mf0IEJN4M0FMoXCM4sNa2EZuKk=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "8f39eb82488525728eda222b34e79b1ecf6d3f96", + "rev": "3667e998b5ad7a1ec56207f79c9629a919eafd43", "type": "github" }, "original": { @@ -141,16 +141,16 @@ "niri-stable": { "flake": false, "locked": { - "lastModified": 1740117926, - "narHash": "sha256-mTTHA0RAaQcdYe+9A3Jx77cmmyLFHmRoZdd8RpWa+m8=", + "lastModified": 1748151941, + "narHash": "sha256-z4viQZLgC2bIJ3VrzQnR+q2F3gAOEQpU1H5xHtX/2fs=", "owner": "YaLTeR", "repo": "niri", - "rev": "b94a5db8790339cf9134873d8b490be69e02ac71", + "rev": "8ba57fcf25d2fc9565131684a839d58703f1dae7", "type": "github" }, "original": { "owner": "YaLTeR", - "ref": "v25.02", + "ref": "v25.05.1", "repo": "niri", "type": "github" } @@ -158,11 +158,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1749797708, - "narHash": "sha256-P5x0U6AW5Zn20bARv4D83d8XlNaWK1st9QwBfSe+Vfg=", + "lastModified": 1750791124, + "narHash": "sha256-F5iVU/hjoSHSSe0gllxm0PcAaseEtGNanYK5Ha3k2Tg=", "owner": "YaLTeR", "repo": "niri", - "rev": "f3f6e79eeca8924ff9cfea4b30006e5b782bc93e", + "rev": "37458d94b288945f6cfbd3c5c233f634d59f246c", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1749953646, - "narHash": "sha256-NwuPVQfAbrq46nAtjz9MIQ3XLK6f9OLzgY8hJlQKS/8=", + "lastModified": 1751076164, + "narHash": "sha256-to92MoMF7QC2K2gdpkYoN/Y9wuF6Q/qlvNyHca6uPjQ=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "459503794a816b2d9038fc0c9181805acf45bafb", + "rev": "7f443f5e4125f9aad3885542c04653f29b15b92a", "type": "github" }, "original": { @@ -211,11 +211,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1749727998, - "narHash": "sha256-mHv/yeUbmL91/TvV95p+mBVahm9mdQMJoqaTVTALaFw=", + "lastModified": 1750969886, + "narHash": "sha256-zW/OFnotiz/ndPFdebpo3X0CrbVNf22n4DjN2vxlb58=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fd487183437963a59ba763c0cc4f27e3447dd6dd", + "rev": "a676066377a2fe7457369dd37c31fd2263b662f4", "type": "github" }, "original": { @@ -227,11 +227,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1749871736, - "narHash": "sha256-K9yBph93OLTNw02Q6e9CYFGrUhvEXnh45vrZqIRWfvQ=", + "lastModified": 1750994206, + "narHash": "sha256-3u6rEbIX9CN/5A5/mc3u0wIO1geZ0EhjvPBXmRDHqWM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6afe187897bef7933475e6af374c893f4c84a293", + "rev": "80d50fc87924c2a0d346372d242c27973cf8cdbf", "type": "github" }, "original": { @@ -327,16 +327,16 @@ "xwayland-satellite-stable": { "flake": false, "locked": { - "lastModified": 1739246919, - "narHash": "sha256-/hBM43/Gd0/tW+egrhlWgOIISeJxEs2uAOIYVpfDKeU=", + "lastModified": 1748488455, + "narHash": "sha256-IiLr1alzKFIy5tGGpDlabQbe6LV1c9ABvkH6T5WmyRI=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "44590a416d4a3e8220e19e29e0b6efe64a80315d", + "rev": "3ba30b149f9eb2bbf42cf4758d2158ca8cceef73", "type": "github" }, "original": { "owner": "Supreeeme", - "ref": "v0.5.1", + "ref": "v0.6", "repo": "xwayland-satellite", "type": "github" } @@ -344,11 +344,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1749315541, - "narHash": "sha256-bEik1BfVOFnWvtOrcOHluos/edJ8f+G2y1QySbt/0Ak=", + "lastModified": 1750821680, + "narHash": "sha256-Bu5unTxnqok2RoU5P394Gh0vRaoyI/5xlOOJDF6akrc=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "da2ecb5be816de35e2efe23a408a1c49fe8b11ba", + "rev": "2e7c318ac2bbf699b6ab92ef91e661e16415dfac", "type": "github" }, "original": { From 62d579ee92915b7bda8c9ff312d48a7959912e87 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 28 Jun 2025 14:35:38 +0200 Subject: [PATCH 213/241] update ssh config --- home/vinzenz/ssh.nix | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/home/vinzenz/ssh.nix b/home/vinzenz/ssh.nix index 57eeb5f..98acce9 100644 --- a/home/vinzenz/ssh.nix +++ b/home/vinzenz/ssh.nix @@ -3,21 +3,11 @@ config.programs.ssh = { enable = true; matchBlocks = { - "vpn1" = { - host = "vpn1 hetzner-vpn1"; - hostname = "157.90.146.125"; # 2a01:4f8:c012:7137::/64 - user = "root"; - }; "vpn2" = { host = "vpn2 hetzner-vpn2"; hostname = "2a01:4f8:c013:65dd::1"; user = "root"; }; - "vpn1-ts" = { - host = "vpn1-ts hetzner-vpn1.donkey-pentatonic.ts.net"; - hostname = "hetzner-vpn1.donkey-pentatonic.ts.net"; - user = "root"; - }; "openwrt" = { host = "openwrt openwrt.lan"; hostname = "openwrt.lan"; @@ -63,6 +53,10 @@ user = "deploy"; port = 31337; }; + "forgejo-runner-1" = { + hostname = "forgejo-runner-1.dev.zerforschen.plus"; + user = "root"; + }; }; }; } From 846f28b1c1639a22b854019d0cf608acd19271c9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 28 Jun 2025 16:43:19 +0200 Subject: [PATCH 214/241] update servicepoint packages --- flake.lock | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/flake.lock b/flake.lock index d626a2a..a29a541 100644 --- a/flake.lock +++ b/flake.lock @@ -270,11 +270,11 @@ ] }, "locked": { - "lastModified": 1746866001, - "narHash": "sha256-6jqzJyBRXdwmd5SKIJTfbJ5pRVNshVNPzCtFqobRgTE=", + "lastModified": 1751117291, + "narHash": "sha256-iOeiPypZkl6uPL5mQ4aFG4wYVs9w9BJZ2/5XHlLgyIk=", "ref": "refs/heads/main", - "rev": "e9d3b32f57674e06db1ebf0762bfd736e1f5ea31", - "revCount": 41, + "rev": "2a4818dc2158cbdad34a701ab12d0b1cf7f52c46", + "revCount": 45, "type": "git", "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-cli.git" }, @@ -296,11 +296,11 @@ ] }, "locked": { - "lastModified": 1746268672, - "narHash": "sha256-IIgxxA5Fk1iLwXiCGbCLrVdduTDAA54DJ2gnfvCOMLQ=", + "lastModified": 1751118401, + "narHash": "sha256-tVLbgLaJQzu/wicqVHkeBGyM8U4TvpIw8NykBaeKy6A=", "ref": "refs/heads/main", - "rev": "33301a51bf501a6886ec2e1c6ad8111247141d2f", - "revCount": 108, + "rev": "86c9c20b499da9c7c203d4e982e49ddd5a8aad46", + "revCount": 110, "type": "git", "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-simulator.git" }, From 13c5dbe9504f6a26fdf8d89fb749ce1def85e2f0 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 30 Jun 2025 18:59:07 +0200 Subject: [PATCH 215/241] add shell aliases --- home/ronja/configuration.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home/ronja/configuration.nix b/home/ronja/configuration.nix index 85f4772..26cceac 100644 --- a/home/ronja/configuration.nix +++ b/home/ronja/configuration.nix @@ -26,6 +26,10 @@ "systemadmin" ]; }; + shellAliases = { + myos-update = ''echo "Enter sudo password" && sudo nixos-rebuild boot --flake git+https://git.berlin.ccc.de/vinzenz/nixos-configuration.git --show-trace --log-format internal-json -v |& ${pkgs.nix-output-monitor}/bin/nom --json''; + myos-apply = ''echo "Enter sudo password" && sudo nixos-rebuild switch --flake .# --show-trace --log-format internal-json -v |& ${pkgs.nix-output-monitor}/bin/nom --json''; + }; }; git = { From 05052b1279b4f44d50a54c799ddfdb2ea3c14e09 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 3 Jul 2025 17:02:12 +0200 Subject: [PATCH 216/241] nix flake update --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index a29a541..1871a08 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1750792728, - "narHash": "sha256-Lh3dopA8DdY+ZoaAJPrtkZOZaFEJGSYjOdAYYgOPgE4=", + "lastModified": 1751468302, + "narHash": "sha256-tWosziZTT039x6PgEZUhzGlV8oLvdDmIgKTE8ESMaEA=", "owner": "nix-community", "repo": "home-manager", - "rev": "366f00797b1efb70f2882d3da485e3c10fd3d557", + "rev": "501cfec8277f931a9c9af9f23d3105c537faeafe", "type": "github" }, "original": { @@ -125,11 +125,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1751073903, - "narHash": "sha256-6pUwEiEJw8PGqUn2+Mf0IEJN4M0FMoXCM4sNa2EZuKk=", + "lastModified": 1751335430, + "narHash": "sha256-OVP1yknJHvRK+eIy56UZsf9kUXSmwlwitPa9dZ0/HWo=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "3667e998b5ad7a1ec56207f79c9629a919eafd43", + "rev": "fab3c874b28d95696225b4e575c3b6dc5d6058fe", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1751076164, - "narHash": "sha256-to92MoMF7QC2K2gdpkYoN/Y9wuF6Q/qlvNyHca6uPjQ=", + "lastModified": 1751422033, + "narHash": "sha256-R6ZonDO1yldt3KUDi+u8irXo09+EjisiqK4s7Je46B4=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "7f443f5e4125f9aad3885542c04653f29b15b92a", + "rev": "e3a859385648ba529eacc2efe61d529eef6f5485", "type": "github" }, "original": { @@ -211,11 +211,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1750969886, - "narHash": "sha256-zW/OFnotiz/ndPFdebpo3X0CrbVNf22n4DjN2vxlb58=", + "lastModified": 1751211869, + "narHash": "sha256-1Cu92i1KSPbhPCKxoiVG5qnoRiKTgR5CcGSRyLpOd7Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a676066377a2fe7457369dd37c31fd2263b662f4", + "rev": "b43c397f6c213918d6cfe6e3550abfe79b5d1c51", "type": "github" }, "original": { @@ -227,11 +227,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1750994206, - "narHash": "sha256-3u6rEbIX9CN/5A5/mc3u0wIO1geZ0EhjvPBXmRDHqWM=", + "lastModified": 1751498133, + "narHash": "sha256-QWJ+NQbMU+NcU2xiyo7SNox1fAuwksGlQhpzBl76g1I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "80d50fc87924c2a0d346372d242c27973cf8cdbf", + "rev": "d55716bb59b91ae9d1ced4b1ccdea7a442ecbfdb", "type": "github" }, "original": { @@ -344,11 +344,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1750821680, - "narHash": "sha256-Bu5unTxnqok2RoU5P394Gh0vRaoyI/5xlOOJDF6akrc=", + "lastModified": 1751228685, + "narHash": "sha256-MENtauGBhJ+kDeFaawvWGXaFG3Il6qQzjaP0RmtfM0k=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "2e7c318ac2bbf699b6ab92ef91e661e16415dfac", + "rev": "557ebeb616e03d5e4a8049862bbbd1f02c6f020b", "type": "github" }, "original": { From b5845033362c495cbdb0c22df29dae63854ef1c8 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 3 Jul 2025 19:40:43 +0200 Subject: [PATCH 217/241] update servicepoint-simulator --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 1871a08..21f3a01 100644 --- a/flake.lock +++ b/flake.lock @@ -296,11 +296,11 @@ ] }, "locked": { - "lastModified": 1751118401, - "narHash": "sha256-tVLbgLaJQzu/wicqVHkeBGyM8U4TvpIw8NykBaeKy6A=", + "lastModified": 1751564158, + "narHash": "sha256-HDYvjBK2om96tJVGHzUCv87mfcosdoPK9cBHyDEWv2E=", "ref": "refs/heads/main", - "rev": "86c9c20b499da9c7c203d4e982e49ddd5a8aad46", - "revCount": 110, + "rev": "4eed089a061b24b35bfcc7e615a312877d9b8997", + "revCount": 113, "type": "git", "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-simulator.git" }, From 66ab4dd1b4bab0d03d505ccb1459464126479efa Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 12 Jul 2025 14:30:21 +0200 Subject: [PATCH 218/241] nix flake update --- flake.lock | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index 21f3a01..db4c893 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1751468302, - "narHash": "sha256-tWosziZTT039x6PgEZUhzGlV8oLvdDmIgKTE8ESMaEA=", + "lastModified": 1752208517, + "narHash": "sha256-aRY1cYOdVdXdNjcL/Twpa27CknO7pVHxooPsBizDraE=", "owner": "nix-community", "repo": "home-manager", - "rev": "501cfec8277f931a9c9af9f23d3105c537faeafe", + "rev": "c6a01e54af81b381695db796a43360bf6db5702f", "type": "github" }, "original": { @@ -98,11 +98,11 @@ ] }, "locked": { - "lastModified": 1745925850, - "narHash": "sha256-cyAAMal0aPrlb1NgzMxZqeN1mAJ2pJseDhm2m6Um8T0=", + "lastModified": 1752249768, + "narHash": "sha256-wKqMvhTqMgTKM/CdTH/ihq9eLZM95qpU0FG7cvTBFJg=", "owner": "nix-community", "repo": "naersk", - "rev": "38bc60bbc157ae266d4a0c96671c6c742ee17a5f", + "rev": "35aa63738857c40f98ecb04db52887d664836e74", "type": "github" }, "original": { @@ -125,11 +125,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1751335430, - "narHash": "sha256-OVP1yknJHvRK+eIy56UZsf9kUXSmwlwitPa9dZ0/HWo=", + "lastModified": 1752291616, + "narHash": "sha256-zpPFo4cgr5tOy8DCLIoD++idsKjnzgVPnBeZLmazYc4=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "fab3c874b28d95696225b4e575c3b6dc5d6058fe", + "rev": "30962469e2e8fb93c3672ee605316b89b8e9a198", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1751422033, - "narHash": "sha256-R6ZonDO1yldt3KUDi+u8irXo09+EjisiqK4s7Je46B4=", + "lastModified": 1752286423, + "narHash": "sha256-5a4+w/P9cr5l8YOypiwNrAIOyhLYA9x9Va1mqKkvwRs=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "e3a859385648ba529eacc2efe61d529eef6f5485", + "rev": "f942441f13f5dbd29e4bd5596b2c2ba346c4940e", "type": "github" }, "original": { @@ -211,11 +211,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1751211869, - "narHash": "sha256-1Cu92i1KSPbhPCKxoiVG5qnoRiKTgR5CcGSRyLpOd7Y=", + "lastModified": 1752162966, + "narHash": "sha256-3MxxkU8ZXMHXcbFz7UE4M6qnIPTYGcE/7EMqlZNnVDE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b43c397f6c213918d6cfe6e3550abfe79b5d1c51", + "rev": "10e687235226880ed5e9f33f1ffa71fe60f2638a", "type": "github" }, "original": { @@ -227,11 +227,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1751498133, - "narHash": "sha256-QWJ+NQbMU+NcU2xiyo7SNox1fAuwksGlQhpzBl76g1I=", + "lastModified": 1752012998, + "narHash": "sha256-Q82Ms+FQmgOBkdoSVm+FBpuFoeUAffNerR5yVV7SgT8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d55716bb59b91ae9d1ced4b1ccdea7a442ecbfdb", + "rev": "2a2130494ad647f953593c4e84ea4df839fbd68c", "type": "github" }, "original": { @@ -296,11 +296,11 @@ ] }, "locked": { - "lastModified": 1751564158, - "narHash": "sha256-HDYvjBK2om96tJVGHzUCv87mfcosdoPK9cBHyDEWv2E=", + "lastModified": 1752323001, + "narHash": "sha256-YEcYegmlv12yN9VWrz2qt0nyL+9EeGIlrDvac8Pf7Cw=", "ref": "refs/heads/main", - "rev": "4eed089a061b24b35bfcc7e615a312877d9b8997", - "revCount": 113, + "rev": "75a0ae7a59e687bea5f92791a2d64c048f35846d", + "revCount": 119, "type": "git", "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-simulator.git" }, From 4c507953410906105955e7ef6e3ad465ee8f9d3f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 14 Jul 2025 09:44:13 +0200 Subject: [PATCH 219/241] add group openvscode-server to ronja --- home/ronja/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/home/ronja/default.nix b/home/ronja/default.nix index 8ce9b92..7c2f96d 100644 --- a/home/ronja/default.nix +++ b/home/ronja/default.nix @@ -12,6 +12,7 @@ "wheel" "games" "podman" + "openvscode-server" ]; shell = pkgs.zsh; }; From debc6cbabcc9bb6910492f48356c0ae2fa535b82 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 28 Jul 2025 21:46:41 +0200 Subject: [PATCH 220/241] lact, overdrive bit --- hosts/vinzenz-pc2/configuration.nix | 4 +++- modules/amd-graphics.nix | 1 + 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/hosts/vinzenz-pc2/configuration.nix b/hosts/vinzenz-pc2/configuration.nix index 114d24e..812f6f0 100644 --- a/hosts/vinzenz-pc2/configuration.nix +++ b/hosts/vinzenz-pc2/configuration.nix @@ -1,4 +1,4 @@ -{ ... }: +{ pkgs, ... }: { imports = [ ./hardware.nix @@ -29,5 +29,7 @@ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgN6J8KyVyQqBAz+y3drXDmIsxOPkdPB+ISgpIP9Eld Generated By Termius'' ]; + + environment.systemPackages = with pkgs; [lact]; }; } diff --git a/modules/amd-graphics.nix b/modules/amd-graphics.nix index d36b42d..041d700 100644 --- a/modules/amd-graphics.nix +++ b/modules/amd-graphics.nix @@ -13,6 +13,7 @@ # enable = true; # support32Bit.enable = config.hardware.graphics.enable32Bit; }; + overdrive.enable = true; }; }; From e0f956950ada949b9b60617aaa40615067fc8c33 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Tue, 29 Jul 2025 18:01:54 +0200 Subject: [PATCH 221/241] disable niri and open port on pc2 --- hosts/vinzenz-pc2/imports.nix | 2 +- hosts/vinzenz-pc2/vscode-server.nix | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/vinzenz-pc2/imports.nix b/hosts/vinzenz-pc2/imports.nix index 7e9f61a..f9a0ae1 100644 --- a/hosts/vinzenz-pc2/imports.nix +++ b/hosts/vinzenz-pc2/imports.nix @@ -4,7 +4,7 @@ ../../modules/gaming.nix ../../modules/printing.nix ../../modules/podman.nix - ../../modules/niri.nix + #../../modules/niri.nix ../../modules/desktop-environment.nix ../../modules/desktop-hardware.nix diff --git a/hosts/vinzenz-pc2/vscode-server.nix b/hosts/vinzenz-pc2/vscode-server.nix index d1164f1..199c015 100644 --- a/hosts/vinzenz-pc2/vscode-server.nix +++ b/hosts/vinzenz-pc2/vscode-server.nix @@ -23,6 +23,7 @@ 8544 80 1313 + 5201 ]; }; }; From b0ba87b8c23d07e64d3daff63852b232b18ba636 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Wed, 6 Aug 2025 23:34:43 +0200 Subject: [PATCH 222/241] update misc config --- home/vinzenz/configuration.nix | 8 +++----- home/vinzenz/gnome.nix | 2 +- hosts/vinzenz-lpt2/configuration.nix | 4 ++-- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix index a7b8fb4..37da536 100644 --- a/home/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -50,15 +50,13 @@ arduino arduino-ide arduino-cli - kicad - kikit - - ut1999 servicepoint-cli servicepoint-simulator - anydesk + icu + + nextcloud-client ]; home.file = { diff --git a/home/vinzenz/gnome.nix b/home/vinzenz/gnome.nix index b0f6e3d..c8d5a5e 100644 --- a/home/vinzenz/gnome.nix +++ b/home/vinzenz/gnome.nix @@ -7,7 +7,7 @@ quick-settings-tweaker solaar-extension alphabetical-app-grid - ]; + ] ++ (with pkgs; [foliate]); dconf.settings = { "org/gnome/shell" = { diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index e7b0153..b627078 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -1,6 +1,6 @@ { ... }: { - imports = [ ./zerforschen-plus.nix ]; + imports = [ ./nginx.nix ]; config = { nix.settings.extra-platforms = [ @@ -37,6 +37,6 @@ }; }; - networking.firewall.allowedTCPPorts = [ 8776 ]; + networking.firewall.allowedTCPPorts = [ 8776 1337 ]; }; } From 199ad72258351677ada8d7731f4e83277675a37d Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Wed, 6 Aug 2025 23:34:53 +0200 Subject: [PATCH 223/241] update flake --- flake.lock | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index db4c893..07f182a 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ ] }, "locked": { - "lastModified": 1752208517, - "narHash": "sha256-aRY1cYOdVdXdNjcL/Twpa27CknO7pVHxooPsBizDraE=", + "lastModified": 1753592768, + "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", "owner": "nix-community", "repo": "home-manager", - "rev": "c6a01e54af81b381695db796a43360bf6db5702f", + "rev": "fc3add429f21450359369af74c2375cb34a2d204", "type": "github" }, "original": { @@ -125,11 +125,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1752291616, - "narHash": "sha256-zpPFo4cgr5tOy8DCLIoD++idsKjnzgVPnBeZLmazYc4=", + "lastModified": 1754403288, + "narHash": "sha256-FdI2tV45ChVgwly2JRx1lA68gHIdZ38yyzHJeHHYTSc=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "30962469e2e8fb93c3672ee605316b89b8e9a198", + "rev": "a5151e16afa09a01ef7b360d87956730d0534da7", "type": "github" }, "original": { @@ -158,11 +158,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1750791124, - "narHash": "sha256-F5iVU/hjoSHSSe0gllxm0PcAaseEtGNanYK5Ha3k2Tg=", + "lastModified": 1754400448, + "narHash": "sha256-tP4wYaIKlhMTzNp0S9ouU5Key0+41Z5KkjP9zO6bIQU=", "owner": "YaLTeR", "repo": "niri", - "rev": "37458d94b288945f6cfbd3c5c233f634d59f246c", + "rev": "52c579d5567d0b16ae68177fad05c612baba38af", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1752286423, - "narHash": "sha256-5a4+w/P9cr5l8YOypiwNrAIOyhLYA9x9Va1mqKkvwRs=", + "lastModified": 1754446681, + "narHash": "sha256-uOvHmY2GsvIdjBKMKmg0WJp5TLN11iPYaEV7NhHbMXg=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "f942441f13f5dbd29e4bd5596b2c2ba346c4940e", + "rev": "c6ddec5efaa0f74798badd283559f85244d39c2d", "type": "github" }, "original": { @@ -211,11 +211,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1752162966, - "narHash": "sha256-3MxxkU8ZXMHXcbFz7UE4M6qnIPTYGcE/7EMqlZNnVDE=", + "lastModified": 1754292888, + "narHash": "sha256-1ziydHSiDuSnaiPzCQh1mRFBsM2d2yRX9I+5OPGEmIE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "10e687235226880ed5e9f33f1ffa71fe60f2638a", + "rev": "ce01daebf8489ba97bd1609d185ea276efdeb121", "type": "github" }, "original": { @@ -227,11 +227,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1752012998, - "narHash": "sha256-Q82Ms+FQmgOBkdoSVm+FBpuFoeUAffNerR5yVV7SgT8=", + "lastModified": 1754340878, + "narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2a2130494ad647f953593c4e84ea4df839fbd68c", + "rev": "cab778239e705082fe97bb4990e0d24c50924c04", "type": "github" }, "original": { @@ -344,11 +344,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1751228685, - "narHash": "sha256-MENtauGBhJ+kDeFaawvWGXaFG3Il6qQzjaP0RmtfM0k=", + "lastModified": 1754367142, + "narHash": "sha256-U0gbn4Qe2NfdaQHvSerzjn3iLhrH+Ah0DMBJfRh1OT8=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "557ebeb616e03d5e4a8049862bbbd1f02c6f020b", + "rev": "ecbe57e7be12452d6fe477f2154a6d93f60c41e0", "type": "github" }, "original": { From e39e8075b74f43cf41219d5060106022df8279ea Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 8 Aug 2025 02:28:37 +0200 Subject: [PATCH 224/241] update zerforschen.plus --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 07f182a..c4e2bfc 100644 --- a/flake.lock +++ b/flake.lock @@ -364,11 +364,11 @@ ] }, "locked": { - "lastModified": 1748777873, - "narHash": "sha256-sDyp1LeP+BOiG4AvpX28bPPxLUpXwlredK+uqxguTPs=", + "lastModified": 1754612733, + "narHash": "sha256-ozj5frLB2f5B8FizhboWT5Y9SoI2IMJ0V5VJgz8MIBM=", "ref": "refs/heads/main", - "rev": "da2b589ad01d79a02985511fd5dce31731abad5a", - "revCount": 17, + "rev": "900f0b293c0c24fb73c3f2290427961ef89d568a", + "revCount": 18, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From 28116592f53c8eb8cf7953fb636fed53c18ce5c1 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 9 Aug 2025 17:05:19 +0200 Subject: [PATCH 225/241] update zerforschen.plus --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index c4e2bfc..e9e5719 100644 --- a/flake.lock +++ b/flake.lock @@ -364,11 +364,11 @@ ] }, "locked": { - "lastModified": 1754612733, - "narHash": "sha256-ozj5frLB2f5B8FizhboWT5Y9SoI2IMJ0V5VJgz8MIBM=", + "lastModified": 1754751875, + "narHash": "sha256-4Ut7/y9T/mZ6XNg1pkca7Hzey1elXwPNlEq/BqD1f9g=", "ref": "refs/heads/main", - "rev": "900f0b293c0c24fb73c3f2290427961ef89d568a", - "revCount": 18, + "rev": "229b4588c10f288646e00a519080867c625470f0", + "revCount": 20, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From b544e480d28828e5ff57f8866756256d7a59465a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Fri, 15 Aug 2025 15:01:08 +0200 Subject: [PATCH 226/241] disable btrfs root mount --- hosts/vinzenz-pc2/fstab.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/hosts/vinzenz-pc2/fstab.nix b/hosts/vinzenz-pc2/fstab.nix index 1c9c7e5..fbacbc8 100644 --- a/hosts/vinzenz-pc2/fstab.nix +++ b/hosts/vinzenz-pc2/fstab.nix @@ -22,13 +22,13 @@ fsType = "vfat"; }; - "/mnt/nixos_btrfs_root" = { - # subvolume with id 5 is always the root volume - # this is convenient for managing the flat subvolume hierarchy - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = [ "subvolid=5" ]; - }; + #"/mnt/nixos_btrfs_root" = { + # # subvolume with id 5 is always the root volume + # # this is convenient for managing the flat subvolume hierarchy + # device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + # fsType = "btrfs"; + # options = [ "subvolid=5" ]; + #}; "/mnt/ssd2" = { device = "/dev/disk/by-uuid/6b2a647d-c68e-4c07-85bf-c9bfc5db7e8a"; From 117e47c34a600e7c3fa7875013b3e60e949c4752 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 16 Aug 2025 12:22:48 +0200 Subject: [PATCH 227/241] re enable some gnome apps --- modules/gnome.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/modules/gnome.nix b/modules/gnome.nix index afbae7e..f5a5dc0 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -41,15 +41,11 @@ gnome-maps gnome-weather gnome-tour - gnome-contacts sysprof orca # screen reader - gnome-disk-utility - gnome-system-monitor gnome-weather gnome-backgrounds gnome-user-docs - gnome-calendar yelp # help app # gnome-music # totem # video player From 533b401675979b2760b62132ca64ca9b0e008fb1 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 17 Aug 2025 01:24:53 +0200 Subject: [PATCH 228/241] update zerforschen.plus --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index e9e5719..2f62bc3 100644 --- a/flake.lock +++ b/flake.lock @@ -364,11 +364,11 @@ ] }, "locked": { - "lastModified": 1754751875, - "narHash": "sha256-4Ut7/y9T/mZ6XNg1pkca7Hzey1elXwPNlEq/BqD1f9g=", + "lastModified": 1755386607, + "narHash": "sha256-BW9jupoY/GU8kJVcJ88DSqlrzMD1bSYIsAuySOvl3OQ=", "ref": "refs/heads/main", - "rev": "229b4588c10f288646e00a519080867c625470f0", - "revCount": 20, + "rev": "6323e61952287fb28dced43ef488ae2cb303060a", + "revCount": 23, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From 1e019ac7e6230b1907aa9281b75cf5bb8b4c8d24 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 17 Aug 2025 01:30:15 +0200 Subject: [PATCH 229/241] forgot draft --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 2f62bc3..db36065 100644 --- a/flake.lock +++ b/flake.lock @@ -364,11 +364,11 @@ ] }, "locked": { - "lastModified": 1755386607, - "narHash": "sha256-BW9jupoY/GU8kJVcJ88DSqlrzMD1bSYIsAuySOvl3OQ=", + "lastModified": 1755386987, + "narHash": "sha256-ipGu5BLyXdWKMG/lzH0/zP/+vWvs7HpmKoFb/VCEg6g=", "ref": "refs/heads/main", - "rev": "6323e61952287fb28dced43ef488ae2cb303060a", - "revCount": 23, + "rev": "c664b83a9f011da0b23565778e69548ce4f6efa1", + "revCount": 24, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From 677f2d41038eb69632038abb7491503f842bb247 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 17 Aug 2025 14:00:53 +0200 Subject: [PATCH 230/241] update website --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index db36065..876fc90 100644 --- a/flake.lock +++ b/flake.lock @@ -364,11 +364,11 @@ ] }, "locked": { - "lastModified": 1755386987, - "narHash": "sha256-ipGu5BLyXdWKMG/lzH0/zP/+vWvs7HpmKoFb/VCEg6g=", + "lastModified": 1755431984, + "narHash": "sha256-iBgSdzkta6zQ2eIRWjmJTLZ3b1e1EZiCyCPcgCdqPGU=", "ref": "refs/heads/main", - "rev": "c664b83a9f011da0b23565778e69548ce4f6efa1", - "revCount": 24, + "rev": "31abcb7a9583c4ed931f658eca3e3c1970e60814", + "revCount": 28, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/zerforschen.plus" }, From 7f47ae9174ba3d6eee98ff47f659cfb2fe2c9193 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 17 Aug 2025 15:08:48 +0200 Subject: [PATCH 231/241] update flake --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index 876fc90..39bc947 100644 --- a/flake.lock +++ b/flake.lock @@ -125,11 +125,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1754403288, - "narHash": "sha256-FdI2tV45ChVgwly2JRx1lA68gHIdZ38yyzHJeHHYTSc=", + "lastModified": 1755424351, + "narHash": "sha256-xcorYLNdtLpb0wH5CPlUcpmYQUxeK95j1X855xQw+DY=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "a5151e16afa09a01ef7b360d87956730d0534da7", + "rev": "9aa137af01f05386e5bb5050e983750017007a66", "type": "github" }, "original": { @@ -158,11 +158,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1754400448, - "narHash": "sha256-tP4wYaIKlhMTzNp0S9ouU5Key0+41Z5KkjP9zO6bIQU=", + "lastModified": 1755419373, + "narHash": "sha256-EFH3zbpyLYjEboNV2Lmkxf9joEuFCmeYX+MMLRPStpg=", "owner": "YaLTeR", "repo": "niri", - "rev": "52c579d5567d0b16ae68177fad05c612baba38af", + "rev": "a6febb86aa5af0df7bf2792ca027ef95a503d599", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1754446681, - "narHash": "sha256-uOvHmY2GsvIdjBKMKmg0WJp5TLN11iPYaEV7NhHbMXg=", + "lastModified": 1755396877, + "narHash": "sha256-92gZRDz3zEsodraI0ZxPzZrpjSqc2qjxTW9HOflzKFw=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "c6ddec5efaa0f74798badd283559f85244d39c2d", + "rev": "0cf076c0bafbe7cbd33a3b7377ed24827674e8be", "type": "github" }, "original": { @@ -211,11 +211,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1754292888, - "narHash": "sha256-1ziydHSiDuSnaiPzCQh1mRFBsM2d2yRX9I+5OPGEmIE=", + "lastModified": 1755274400, + "narHash": "sha256-rTInmnp/xYrfcMZyFMH3kc8oko5zYfxsowaLv1LVobY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ce01daebf8489ba97bd1609d185ea276efdeb121", + "rev": "ad7196ae55c295f53a7d1ec39e4a06d922f3b899", "type": "github" }, "original": { @@ -227,11 +227,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1754340878, - "narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=", + "lastModified": 1755268003, + "narHash": "sha256-nNaeJjo861wFR0tjHDyCnHs1rbRtrMgxAKMoig9Sj/w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cab778239e705082fe97bb4990e0d24c50924c04", + "rev": "32f313e49e42f715491e1ea7b306a87c16fe0388", "type": "github" }, "original": { @@ -344,11 +344,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1754367142, - "narHash": "sha256-U0gbn4Qe2NfdaQHvSerzjn3iLhrH+Ah0DMBJfRh1OT8=", + "lastModified": 1755219541, + "narHash": "sha256-yKV6xHaPbEbh5RPxAJnb9yTs1wypr7do86hFFGQm1w8=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "ecbe57e7be12452d6fe477f2154a6d93f60c41e0", + "rev": "5a184d435927c3423f0ad189ea2b490578450fb7", "type": "github" }, "original": { From a38a4eef56ce7a3663f697fef5c1323553cc7372 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Thu, 28 Aug 2025 17:50:16 +0200 Subject: [PATCH 232/241] p10k --- home/vinzenz/.zsh/p10k.zsh | 1843 ++++++++++++++++++++++++++++++++++++ home/vinzenz/zsh.nix | 5 +- 2 files changed, 1847 insertions(+), 1 deletion(-) create mode 100644 home/vinzenz/.zsh/p10k.zsh diff --git a/home/vinzenz/.zsh/p10k.zsh b/home/vinzenz/.zsh/p10k.zsh new file mode 100644 index 0000000..3b6355d --- /dev/null +++ b/home/vinzenz/.zsh/p10k.zsh @@ -0,0 +1,1843 @@ +# Generated by Powerlevel10k configuration wizard on 2025-08-28 at 17:39 CEST. +# Based on romkatv/powerlevel10k/config/p10k-rainbow.zsh. +# Wizard options: nerdfont-v3 + powerline, large icons, rainbow, unicode, 24h time, +# angled separators, sharp heads, flat tails, 2 lines, disconnected, no frame, compact, +# many icons, concise, instant_prompt=verbose. +# Type `p10k configure` to generate another config. +# +# Config for Powerlevel10k with powerline prompt style with colorful background. +# Type `p10k configure` to generate your own config based on it. +# +# Tip: Looking for a nice color? Here's a one-liner to print colormap. +# +# for i in {0..255}; do print -Pn "%K{$i} %k%F{$i}${(l:3::0:)i}%f " ${${(M)$((i%6)):#3}:+$'\n'}; done + +# Temporarily change options. +'builtin' 'local' '-a' 'p10k_config_opts' +[[ ! -o 'aliases' ]] || p10k_config_opts+=('aliases') +[[ ! -o 'sh_glob' ]] || p10k_config_opts+=('sh_glob') +[[ ! -o 'no_brace_expand' ]] || p10k_config_opts+=('no_brace_expand') +'builtin' 'setopt' 'no_aliases' 'no_sh_glob' 'brace_expand' + +() { + emulate -L zsh -o extended_glob + + # Unset all configuration options. This allows you to apply configuration changes without + # restarting zsh. Edit ~/.p10k.zsh and type `source ~/.p10k.zsh`. + unset -m '(POWERLEVEL9K_*|DEFAULT_USER)~POWERLEVEL9K_GITSTATUS_DIR' + + # Zsh >= 5.1 is required. + [[ $ZSH_VERSION == (5.<1->*|<6->.*) ]] || return + + # The list of segments shown on the left. Fill it with the most important segments. + typeset -g POWERLEVEL9K_LEFT_PROMPT_ELEMENTS=( + # =========================[ Line #1 ]========================= + os_icon # os identifier + dir # current directory + vcs # git status + # =========================[ Line #2 ]========================= + newline # \n + prompt_char # prompt symbol + ) + + # The list of segments shown on the right. Fill it with less important segments. + # Right prompt on the last prompt line (where you are typing your commands) gets + # automatically hidden when the input line reaches it. Right prompt above the + # last prompt line gets hidden if it would overlap with left prompt. + typeset -g POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS=( + # =========================[ Line #1 ]========================= + status # exit code of the last command + command_execution_time # duration of the last command + background_jobs # presence of background jobs + direnv # direnv status (https://direnv.net/) + asdf # asdf version manager (https://github.com/asdf-vm/asdf) + virtualenv # python virtual environment (https://docs.python.org/3/library/venv.html) + anaconda # conda environment (https://conda.io/) + pyenv # python environment (https://github.com/pyenv/pyenv) + goenv # go environment (https://github.com/syndbg/goenv) + nodenv # node.js version from nodenv (https://github.com/nodenv/nodenv) + nvm # node.js version from nvm (https://github.com/nvm-sh/nvm) + nodeenv # node.js environment (https://github.com/ekalinin/nodeenv) + # node_version # node.js version + # go_version # go version (https://golang.org) + # rust_version # rustc version (https://www.rust-lang.org) + # dotnet_version # .NET version (https://dotnet.microsoft.com) + # php_version # php version (https://www.php.net/) + # laravel_version # laravel php framework version (https://laravel.com/) + # java_version # java version (https://www.java.com/) + # package # name@version from package.json (https://docs.npmjs.com/files/package.json) + rbenv # ruby version from rbenv (https://github.com/rbenv/rbenv) + rvm # ruby version from rvm (https://rvm.io) + fvm # flutter version management (https://github.com/leoafarias/fvm) + luaenv # lua version from luaenv (https://github.com/cehoffman/luaenv) + jenv # java version from jenv (https://github.com/jenv/jenv) + plenv # perl version from plenv (https://github.com/tokuhirom/plenv) + perlbrew # perl version from perlbrew (https://github.com/gugod/App-perlbrew) + phpenv # php version from phpenv (https://github.com/phpenv/phpenv) + scalaenv # scala version from scalaenv (https://github.com/scalaenv/scalaenv) + haskell_stack # haskell version from stack (https://haskellstack.org/) + kubecontext # current kubernetes context (https://kubernetes.io/) + terraform # terraform workspace (https://www.terraform.io) + # terraform_version # terraform version (https://www.terraform.io) + aws # aws profile (https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) + aws_eb_env # aws elastic beanstalk environment (https://aws.amazon.com/elasticbeanstalk/) + azure # azure account name (https://docs.microsoft.com/en-us/cli/azure) + gcloud # google cloud cli account and project (https://cloud.google.com/) + google_app_cred # google application credentials (https://cloud.google.com/docs/authentication/production) + toolbox # toolbox name (https://github.com/containers/toolbox) + context # user@hostname + nordvpn # nordvpn connection status, linux only (https://nordvpn.com/) + ranger # ranger shell (https://github.com/ranger/ranger) + yazi # yazi shell (https://github.com/sxyazi/yazi) + nnn # nnn shell (https://github.com/jarun/nnn) + lf # lf shell (https://github.com/gokcehan/lf) + xplr # xplr shell (https://github.com/sayanarijit/xplr) + vim_shell # vim shell indicator (:sh) + midnight_commander # midnight commander shell (https://midnight-commander.org/) + nix_shell # nix shell (https://nixos.org/nixos/nix-pills/developing-with-nix-shell.html) + chezmoi_shell # chezmoi shell (https://www.chezmoi.io/) + # vi_mode # vi mode (you don't need this if you've enabled prompt_char) + # vpn_ip # virtual private network indicator + # load # CPU load + # disk_usage # disk usage + # ram # free RAM + # swap # used swap + todo # todo items (https://github.com/todotxt/todo.txt-cli) + timewarrior # timewarrior tracking status (https://timewarrior.net/) + taskwarrior # taskwarrior task count (https://taskwarrior.org/) + per_directory_history # Oh My Zsh per-directory-history local/global indicator + # cpu_arch # CPU architecture + time # current time + # =========================[ Line #2 ]========================= + newline + # ip # ip address and bandwidth usage for a specified network interface + # public_ip # public IP address + # proxy # system-wide http/https/ftp proxy + # battery # internal battery + # wifi # wifi speed + # example # example user-defined segment (see prompt_example function below) + ) + + # Defines character set used by powerlevel10k. It's best to let `p10k configure` set it for you. + typeset -g POWERLEVEL9K_MODE=nerdfont-v3 + # When set to `moderate`, some icons will have an extra space after them. This is meant to avoid + # icon overlap when using non-monospace fonts. When set to `none`, spaces are not added. + typeset -g POWERLEVEL9K_ICON_PADDING=moderate + + # When set to true, icons appear before content on both sides of the prompt. When set + # to false, icons go after content. If empty or not set, icons go before content in the left + # prompt and after content in the right prompt. + # + # You can also override it for a specific segment: + # + # POWERLEVEL9K_STATUS_ICON_BEFORE_CONTENT=false + # + # Or for a specific segment in specific state: + # + # POWERLEVEL9K_DIR_NOT_WRITABLE_ICON_BEFORE_CONTENT=false + typeset -g POWERLEVEL9K_ICON_BEFORE_CONTENT= + + # Add an empty line before each prompt. + typeset -g POWERLEVEL9K_PROMPT_ADD_NEWLINE=false + + # Connect left prompt lines with these symbols. You'll probably want to use the same color + # as POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_FOREGROUND below. + typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_PREFIX= + typeset -g POWERLEVEL9K_MULTILINE_NEWLINE_PROMPT_PREFIX= + typeset -g POWERLEVEL9K_MULTILINE_LAST_PROMPT_PREFIX= + # Connect right prompt lines with these symbols. + typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_SUFFIX= + typeset -g POWERLEVEL9K_MULTILINE_NEWLINE_PROMPT_SUFFIX= + typeset -g POWERLEVEL9K_MULTILINE_LAST_PROMPT_SUFFIX= + + # Filler between left and right prompt on the first prompt line. You can set it to ' ', '·' or + # '─'. The last two make it easier to see the alignment between left and right prompt and to + # separate prompt from command output. You might want to set POWERLEVEL9K_PROMPT_ADD_NEWLINE=false + # for more compact prompt if using this option. + typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_CHAR=' ' + typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_BACKGROUND= + typeset -g POWERLEVEL9K_MULTILINE_NEWLINE_PROMPT_GAP_BACKGROUND= + if [[ $POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_CHAR != ' ' ]]; then + # The color of the filler. You'll probably want to match the color of POWERLEVEL9K_MULTILINE + # ornaments defined above. + typeset -g POWERLEVEL9K_MULTILINE_FIRST_PROMPT_GAP_FOREGROUND=242 + # Start filler from the edge of the screen if there are no left segments on the first line. + typeset -g POWERLEVEL9K_EMPTY_LINE_LEFT_PROMPT_FIRST_SEGMENT_END_SYMBOL='%{%}' + # End filler on the edge of the screen if there are no right segments on the first line. + typeset -g POWERLEVEL9K_EMPTY_LINE_RIGHT_PROMPT_FIRST_SEGMENT_START_SYMBOL='%{%}' + fi + + # Separator between same-color segments on the left. + typeset -g POWERLEVEL9K_LEFT_SUBSEGMENT_SEPARATOR='\uE0B1' + # Separator between same-color segments on the right. + typeset -g POWERLEVEL9K_RIGHT_SUBSEGMENT_SEPARATOR='\uE0B3' + # Separator between different-color segments on the left. + typeset -g POWERLEVEL9K_LEFT_SEGMENT_SEPARATOR='\uE0B0' + # Separator between different-color segments on the right. + typeset -g POWERLEVEL9K_RIGHT_SEGMENT_SEPARATOR='\uE0B2' + # To remove a separator between two segments, add "_joined" to the second segment name. + # For example: POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS=(os_icon context_joined) + + # The right end of left prompt. + typeset -g POWERLEVEL9K_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL='\uE0B0' + # The left end of right prompt. + typeset -g POWERLEVEL9K_RIGHT_PROMPT_FIRST_SEGMENT_START_SYMBOL='\uE0B2' + # The left end of left prompt. + typeset -g POWERLEVEL9K_LEFT_PROMPT_FIRST_SEGMENT_START_SYMBOL='' + # The right end of right prompt. + typeset -g POWERLEVEL9K_RIGHT_PROMPT_LAST_SEGMENT_END_SYMBOL='' + # Left prompt terminator for lines without any segments. + typeset -g POWERLEVEL9K_EMPTY_LINE_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL= + + #################################[ os_icon: os identifier ]################################## + # OS identifier color. + typeset -g POWERLEVEL9K_OS_ICON_FOREGROUND=232 + typeset -g POWERLEVEL9K_OS_ICON_BACKGROUND=7 + # Custom icon. + # typeset -g POWERLEVEL9K_OS_ICON_CONTENT_EXPANSION='⭐' + + ################################[ prompt_char: prompt symbol ]################################ + # Transparent background. + typeset -g POWERLEVEL9K_PROMPT_CHAR_BACKGROUND= + # Green prompt symbol if the last command succeeded. + typeset -g POWERLEVEL9K_PROMPT_CHAR_OK_{VIINS,VICMD,VIVIS,VIOWR}_FOREGROUND=76 + # Red prompt symbol if the last command failed. + typeset -g POWERLEVEL9K_PROMPT_CHAR_ERROR_{VIINS,VICMD,VIVIS,VIOWR}_FOREGROUND=196 + # Default prompt symbol. + typeset -g POWERLEVEL9K_PROMPT_CHAR_{OK,ERROR}_VIINS_CONTENT_EXPANSION='❯' + # Prompt symbol in command vi mode. + typeset -g POWERLEVEL9K_PROMPT_CHAR_{OK,ERROR}_VICMD_CONTENT_EXPANSION='❮' + # Prompt symbol in visual vi mode. + typeset -g POWERLEVEL9K_PROMPT_CHAR_{OK,ERROR}_VIVIS_CONTENT_EXPANSION='V' + # Prompt symbol in overwrite vi mode. + typeset -g POWERLEVEL9K_PROMPT_CHAR_{OK,ERROR}_VIOWR_CONTENT_EXPANSION='▶' + typeset -g POWERLEVEL9K_PROMPT_CHAR_OVERWRITE_STATE=true + # No line terminator if prompt_char is the last segment. + typeset -g POWERLEVEL9K_PROMPT_CHAR_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL= + # No line introducer if prompt_char is the first segment. + typeset -g POWERLEVEL9K_PROMPT_CHAR_LEFT_PROMPT_FIRST_SEGMENT_START_SYMBOL= + # No surrounding whitespace. + typeset -g POWERLEVEL9K_PROMPT_CHAR_LEFT_{LEFT,RIGHT}_WHITESPACE= + + ##################################[ dir: current directory ]################################## + # Current directory background color. + typeset -g POWERLEVEL9K_DIR_BACKGROUND=4 + # Default current directory foreground color. + typeset -g POWERLEVEL9K_DIR_FOREGROUND=254 + # If directory is too long, shorten some of its segments to the shortest possible unique + # prefix. The shortened directory can be tab-completed to the original. + typeset -g POWERLEVEL9K_SHORTEN_STRATEGY=truncate_to_unique + # Replace removed segment suffixes with this symbol. + typeset -g POWERLEVEL9K_SHORTEN_DELIMITER= + # Color of the shortened directory segments. + typeset -g POWERLEVEL9K_DIR_SHORTENED_FOREGROUND=250 + # Color of the anchor directory segments. Anchor segments are never shortened. The first + # segment is always an anchor. + typeset -g POWERLEVEL9K_DIR_ANCHOR_FOREGROUND=255 + # Display anchor directory segments in bold. + typeset -g POWERLEVEL9K_DIR_ANCHOR_BOLD=true + # Don't shorten directories that contain any of these files. They are anchors. + local anchor_files=( + .bzr + .citc + .git + .hg + .node-version + .python-version + .go-version + .ruby-version + .lua-version + .java-version + .perl-version + .php-version + .tool-versions + .mise.toml + .shorten_folder_marker + .svn + .terraform + CVS + Cargo.toml + composer.json + go.mod + package.json + stack.yaml + ) + typeset -g POWERLEVEL9K_SHORTEN_FOLDER_MARKER="(${(j:|:)anchor_files})" + # If set to "first" ("last"), remove everything before the first (last) subdirectory that contains + # files matching $POWERLEVEL9K_SHORTEN_FOLDER_MARKER. For example, when the current directory is + # /foo/bar/git_repo/nested_git_repo/baz, prompt will display git_repo/nested_git_repo/baz (first) + # or nested_git_repo/baz (last). This assumes that git_repo and nested_git_repo contain markers + # and other directories don't. + # + # Optionally, "first" and "last" can be followed by ":" where is an integer. + # This moves the truncation point to the right (positive offset) or to the left (negative offset) + # relative to the marker. Plain "first" and "last" are equivalent to "first:0" and "last:0" + # respectively. + typeset -g POWERLEVEL9K_DIR_TRUNCATE_BEFORE_MARKER=false + # Don't shorten this many last directory segments. They are anchors. + typeset -g POWERLEVEL9K_SHORTEN_DIR_LENGTH=1 + # Shorten directory if it's longer than this even if there is space for it. The value can + # be either absolute (e.g., '80') or a percentage of terminal width (e.g, '50%'). If empty, + # directory will be shortened only when prompt doesn't fit or when other parameters demand it + # (see POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS and POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS_PCT below). + # If set to `0`, directory will always be shortened to its minimum length. + typeset -g POWERLEVEL9K_DIR_MAX_LENGTH=80 + # When `dir` segment is on the last prompt line, try to shorten it enough to leave at least this + # many columns for typing commands. + typeset -g POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS=40 + # When `dir` segment is on the last prompt line, try to shorten it enough to leave at least + # COLUMNS * POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS_PCT * 0.01 columns for typing commands. + typeset -g POWERLEVEL9K_DIR_MIN_COMMAND_COLUMNS_PCT=50 + # If set to true, embed a hyperlink into the directory. Useful for quickly + # opening a directory in the file manager simply by clicking the link. + # Can also be handy when the directory is shortened, as it allows you to see + # the full directory that was used in previous commands. + typeset -g POWERLEVEL9K_DIR_HYPERLINK=false + + # Enable special styling for non-writable and non-existent directories. See POWERLEVEL9K_LOCK_ICON + # and POWERLEVEL9K_DIR_CLASSES below. + typeset -g POWERLEVEL9K_DIR_SHOW_WRITABLE=v3 + + # The default icon shown next to non-writable and non-existent directories when + # POWERLEVEL9K_DIR_SHOW_WRITABLE is set to v3. + # typeset -g POWERLEVEL9K_LOCK_ICON='⭐' + + # POWERLEVEL9K_DIR_CLASSES allows you to specify custom icons and colors for different + # directories. It must be an array with 3 * N elements. Each triplet consists of: + # + # 1. A pattern against which the current directory ($PWD) is matched. Matching is done with + # extended_glob option enabled. + # 2. Directory class for the purpose of styling. + # 3. An empty string. + # + # Triplets are tried in order. The first triplet whose pattern matches $PWD wins. + # + # If POWERLEVEL9K_DIR_SHOW_WRITABLE is set to v3, non-writable and non-existent directories + # acquire class suffix _NOT_WRITABLE and NON_EXISTENT respectively. + # + # For example, given these settings: + # + # typeset -g POWERLEVEL9K_DIR_CLASSES=( + # '~/work(|/*)' WORK '' + # '~(|/*)' HOME '' + # '*' DEFAULT '') + # + # Whenever the current directory is ~/work or a subdirectory of ~/work, it gets styled with one + # of the following classes depending on its writability and existence: WORK, WORK_NOT_WRITABLE or + # WORK_NON_EXISTENT. + # + # Simply assigning classes to directories doesn't have any visible effects. It merely gives you an + # option to define custom colors and icons for different directory classes. + # + # # Styling for WORK. + # typeset -g POWERLEVEL9K_DIR_WORK_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_DIR_WORK_BACKGROUND=4 + # typeset -g POWERLEVEL9K_DIR_WORK_FOREGROUND=254 + # typeset -g POWERLEVEL9K_DIR_WORK_SHORTENED_FOREGROUND=250 + # typeset -g POWERLEVEL9K_DIR_WORK_ANCHOR_FOREGROUND=255 + # + # # Styling for WORK_NOT_WRITABLE. + # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_BACKGROUND=4 + # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_FOREGROUND=254 + # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_SHORTENED_FOREGROUND=250 + # typeset -g POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_ANCHOR_FOREGROUND=255 + # + # # Styling for WORK_NON_EXISTENT. + # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_BACKGROUND=4 + # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_FOREGROUND=254 + # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_SHORTENED_FOREGROUND=250 + # typeset -g POWERLEVEL9K_DIR_WORK_NON_EXISTENT_ANCHOR_FOREGROUND=255 + # + # If a styling parameter isn't explicitly defined for some class, it falls back to the classless + # parameter. For example, if POWERLEVEL9K_DIR_WORK_NOT_WRITABLE_FOREGROUND is not set, it falls + # back to POWERLEVEL9K_DIR_FOREGROUND. + # + # typeset -g POWERLEVEL9K_DIR_CLASSES=() + + # Custom prefix. + # typeset -g POWERLEVEL9K_DIR_PREFIX='in ' + + #####################################[ vcs: git status ]###################################### + # Version control background colors. + typeset -g POWERLEVEL9K_VCS_CLEAN_BACKGROUND=2 + typeset -g POWERLEVEL9K_VCS_MODIFIED_BACKGROUND=3 + typeset -g POWERLEVEL9K_VCS_UNTRACKED_BACKGROUND=2 + typeset -g POWERLEVEL9K_VCS_CONFLICTED_BACKGROUND=3 + typeset -g POWERLEVEL9K_VCS_LOADING_BACKGROUND=8 + + # Branch icon. Set this parameter to '\UE0A0 ' for the popular Powerline branch icon. + typeset -g POWERLEVEL9K_VCS_BRANCH_ICON='\uF126 ' + + # Untracked files icon. It's really a question mark, your font isn't broken. + # Change the value of this parameter to show a different icon. + typeset -g POWERLEVEL9K_VCS_UNTRACKED_ICON='?' + + # Formatter for Git status. + # + # Example output: master wip ⇣42⇡42 *42 merge ~42 +42 !42 ?42. + # + # You can edit the function to customize how Git status looks. + # + # VCS_STATUS_* parameters are set by gitstatus plugin. See reference: + # https://github.com/romkatv/gitstatus/blob/master/gitstatus.plugin.zsh. + function my_git_formatter() { + emulate -L zsh + + if [[ -n $P9K_CONTENT ]]; then + # If P9K_CONTENT is not empty, use it. It's either "loading" or from vcs_info (not from + # gitstatus plugin). VCS_STATUS_* parameters are not available in this case. + typeset -g my_git_format=$P9K_CONTENT + return + fi + + # Styling for different parts of Git status. + local meta='%7F' # white foreground + local clean='%0F' # black foreground + local modified='%0F' # black foreground + local untracked='%0F' # black foreground + local conflicted='%1F' # red foreground + + local res + + if [[ -n $VCS_STATUS_LOCAL_BRANCH ]]; then + local branch=${(V)VCS_STATUS_LOCAL_BRANCH} + # If local branch name is at most 32 characters long, show it in full. + # Otherwise show the first 12 … the last 12. + # Tip: To always show local branch name in full without truncation, delete the next line. + (( $#branch > 32 )) && branch[13,-13]="…" # <-- this line + res+="${clean}${(g::)POWERLEVEL9K_VCS_BRANCH_ICON}${branch//\%/%%}" + fi + + if [[ -n $VCS_STATUS_TAG + # Show tag only if not on a branch. + # Tip: To always show tag, delete the next line. + && -z $VCS_STATUS_LOCAL_BRANCH # <-- this line + ]]; then + local tag=${(V)VCS_STATUS_TAG} + # If tag name is at most 32 characters long, show it in full. + # Otherwise show the first 12 … the last 12. + # Tip: To always show tag name in full without truncation, delete the next line. + (( $#tag > 32 )) && tag[13,-13]="…" # <-- this line + res+="${meta}#${clean}${tag//\%/%%}" + fi + + # Display the current Git commit if there is no branch and no tag. + # Tip: To always display the current Git commit, delete the next line. + [[ -z $VCS_STATUS_LOCAL_BRANCH && -z $VCS_STATUS_TAG ]] && # <-- this line + res+="${meta}@${clean}${VCS_STATUS_COMMIT[1,8]}" + + # Show tracking branch name if it differs from local branch. + if [[ -n ${VCS_STATUS_REMOTE_BRANCH:#$VCS_STATUS_LOCAL_BRANCH} ]]; then + res+="${meta}:${clean}${(V)VCS_STATUS_REMOTE_BRANCH//\%/%%}" + fi + + # Display "wip" if the latest commit's summary contains "wip" or "WIP". + if [[ $VCS_STATUS_COMMIT_SUMMARY == (|*[^[:alnum:]])(wip|WIP)(|[^[:alnum:]]*) ]]; then + res+=" ${modified}wip" + fi + + if (( VCS_STATUS_COMMITS_AHEAD || VCS_STATUS_COMMITS_BEHIND )); then + # ⇣42 if behind the remote. + (( VCS_STATUS_COMMITS_BEHIND )) && res+=" ${clean}⇣${VCS_STATUS_COMMITS_BEHIND}" + # ⇡42 if ahead of the remote; no leading space if also behind the remote: ⇣42⇡42. + (( VCS_STATUS_COMMITS_AHEAD && !VCS_STATUS_COMMITS_BEHIND )) && res+=" " + (( VCS_STATUS_COMMITS_AHEAD )) && res+="${clean}⇡${VCS_STATUS_COMMITS_AHEAD}" + elif [[ -n $VCS_STATUS_REMOTE_BRANCH ]]; then + # Tip: Uncomment the next line to display '=' if up to date with the remote. + # res+=" ${clean}=" + fi + + # ⇠42 if behind the push remote. + (( VCS_STATUS_PUSH_COMMITS_BEHIND )) && res+=" ${clean}⇠${VCS_STATUS_PUSH_COMMITS_BEHIND}" + (( VCS_STATUS_PUSH_COMMITS_AHEAD && !VCS_STATUS_PUSH_COMMITS_BEHIND )) && res+=" " + # ⇢42 if ahead of the push remote; no leading space if also behind: ⇠42⇢42. + (( VCS_STATUS_PUSH_COMMITS_AHEAD )) && res+="${clean}⇢${VCS_STATUS_PUSH_COMMITS_AHEAD}" + # *42 if have stashes. + (( VCS_STATUS_STASHES )) && res+=" ${clean}*${VCS_STATUS_STASHES}" + # 'merge' if the repo is in an unusual state. + [[ -n $VCS_STATUS_ACTION ]] && res+=" ${conflicted}${VCS_STATUS_ACTION}" + # ~42 if have merge conflicts. + (( VCS_STATUS_NUM_CONFLICTED )) && res+=" ${conflicted}~${VCS_STATUS_NUM_CONFLICTED}" + # +42 if have staged changes. + (( VCS_STATUS_NUM_STAGED )) && res+=" ${modified}+${VCS_STATUS_NUM_STAGED}" + # !42 if have unstaged changes. + (( VCS_STATUS_NUM_UNSTAGED )) && res+=" ${modified}!${VCS_STATUS_NUM_UNSTAGED}" + # ?42 if have untracked files. It's really a question mark, your font isn't broken. + # See POWERLEVEL9K_VCS_UNTRACKED_ICON above if you want to use a different icon. + # Remove the next line if you don't want to see untracked files at all. + (( VCS_STATUS_NUM_UNTRACKED )) && res+=" ${untracked}${(g::)POWERLEVEL9K_VCS_UNTRACKED_ICON}${VCS_STATUS_NUM_UNTRACKED}" + # "─" if the number of unstaged files is unknown. This can happen due to + # POWERLEVEL9K_VCS_MAX_INDEX_SIZE_DIRTY (see below) being set to a non-negative number lower + # than the number of files in the Git index, or due to bash.showDirtyState being set to false + # in the repository config. The number of staged and untracked files may also be unknown + # in this case. + (( VCS_STATUS_HAS_UNSTAGED == -1 )) && res+=" ${modified}─" + + typeset -g my_git_format=$res + } + functions -M my_git_formatter 2>/dev/null + + # Don't count the number of unstaged, untracked and conflicted files in Git repositories with + # more than this many files in the index. Negative value means infinity. + # + # If you are working in Git repositories with tens of millions of files and seeing performance + # sagging, try setting POWERLEVEL9K_VCS_MAX_INDEX_SIZE_DIRTY to a number lower than the output + # of `git ls-files | wc -l`. Alternatively, add `bash.showDirtyState = false` to the repository's + # config: `git config bash.showDirtyState false`. + typeset -g POWERLEVEL9K_VCS_MAX_INDEX_SIZE_DIRTY=-1 + + # Don't show Git status in prompt for repositories whose workdir matches this pattern. + # For example, if set to '~', the Git repository at $HOME/.git will be ignored. + # Multiple patterns can be combined with '|': '~(|/foo)|/bar/baz/*'. + typeset -g POWERLEVEL9K_VCS_DISABLED_WORKDIR_PATTERN='~' + + # Disable the default Git status formatting. + typeset -g POWERLEVEL9K_VCS_DISABLE_GITSTATUS_FORMATTING=true + # Install our own Git status formatter. + typeset -g POWERLEVEL9K_VCS_CONTENT_EXPANSION='${$((my_git_formatter()))+${my_git_format}}' + # Enable counters for staged, unstaged, etc. + typeset -g POWERLEVEL9K_VCS_{STAGED,UNSTAGED,UNTRACKED,CONFLICTED,COMMITS_AHEAD,COMMITS_BEHIND}_MAX_NUM=-1 + + # Custom icon. + # typeset -g POWERLEVEL9K_VCS_VISUAL_IDENTIFIER_EXPANSION='⭐' + # Custom prefix. + # typeset -g POWERLEVEL9K_VCS_PREFIX='on ' + + # Show status of repositories of these types. You can add svn and/or hg if you are + # using them. If you do, your prompt may become slow even when your current directory + # isn't in an svn or hg repository. + typeset -g POWERLEVEL9K_VCS_BACKENDS=(git) + + ##########################[ status: exit code of the last command ]########################### + # Enable OK_PIPE, ERROR_PIPE and ERROR_SIGNAL status states to allow us to enable, disable and + # style them independently from the regular OK and ERROR state. + typeset -g POWERLEVEL9K_STATUS_EXTENDED_STATES=true + + # Status on success. No content, just an icon. No need to show it if prompt_char is enabled as + # it will signify success by turning green. + typeset -g POWERLEVEL9K_STATUS_OK=false + typeset -g POWERLEVEL9K_STATUS_OK_VISUAL_IDENTIFIER_EXPANSION='✔' + typeset -g POWERLEVEL9K_STATUS_OK_FOREGROUND=2 + typeset -g POWERLEVEL9K_STATUS_OK_BACKGROUND=0 + + # Status when some part of a pipe command fails but the overall exit status is zero. It may look + # like this: 1|0. + typeset -g POWERLEVEL9K_STATUS_OK_PIPE=true + typeset -g POWERLEVEL9K_STATUS_OK_PIPE_VISUAL_IDENTIFIER_EXPANSION='✔' + typeset -g POWERLEVEL9K_STATUS_OK_PIPE_FOREGROUND=2 + typeset -g POWERLEVEL9K_STATUS_OK_PIPE_BACKGROUND=0 + + # Status when it's just an error code (e.g., '1'). No need to show it if prompt_char is enabled as + # it will signify error by turning red. + typeset -g POWERLEVEL9K_STATUS_ERROR=false + typeset -g POWERLEVEL9K_STATUS_ERROR_VISUAL_IDENTIFIER_EXPANSION='✘' + typeset -g POWERLEVEL9K_STATUS_ERROR_FOREGROUND=3 + typeset -g POWERLEVEL9K_STATUS_ERROR_BACKGROUND=1 + + # Status when the last command was terminated by a signal. + typeset -g POWERLEVEL9K_STATUS_ERROR_SIGNAL=true + # Use terse signal names: "INT" instead of "SIGINT(2)". + typeset -g POWERLEVEL9K_STATUS_VERBOSE_SIGNAME=false + typeset -g POWERLEVEL9K_STATUS_ERROR_SIGNAL_VISUAL_IDENTIFIER_EXPANSION='✘' + typeset -g POWERLEVEL9K_STATUS_ERROR_SIGNAL_FOREGROUND=3 + typeset -g POWERLEVEL9K_STATUS_ERROR_SIGNAL_BACKGROUND=1 + + # Status when some part of a pipe command fails and the overall exit status is also non-zero. + # It may look like this: 1|0. + typeset -g POWERLEVEL9K_STATUS_ERROR_PIPE=true + typeset -g POWERLEVEL9K_STATUS_ERROR_PIPE_VISUAL_IDENTIFIER_EXPANSION='✘' + typeset -g POWERLEVEL9K_STATUS_ERROR_PIPE_FOREGROUND=3 + typeset -g POWERLEVEL9K_STATUS_ERROR_PIPE_BACKGROUND=1 + + ###################[ command_execution_time: duration of the last command ]################### + # Execution time color. + typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_FOREGROUND=0 + typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_BACKGROUND=3 + # Show duration of the last command if takes at least this many seconds. + typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_THRESHOLD=3 + # Show this many fractional digits. Zero means round to seconds. + typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_PRECISION=0 + # Duration format: 1d 2h 3m 4s. + typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_FORMAT='d h m s' + # Custom icon. + # typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_VISUAL_IDENTIFIER_EXPANSION='⭐' + # Custom prefix. + # typeset -g POWERLEVEL9K_COMMAND_EXECUTION_TIME_PREFIX='took ' + + #######################[ background_jobs: presence of background jobs ]####################### + # Background jobs color. + typeset -g POWERLEVEL9K_BACKGROUND_JOBS_FOREGROUND=6 + typeset -g POWERLEVEL9K_BACKGROUND_JOBS_BACKGROUND=0 + # Don't show the number of background jobs. + typeset -g POWERLEVEL9K_BACKGROUND_JOBS_VERBOSE=false + # Custom icon. + # typeset -g POWERLEVEL9K_BACKGROUND_JOBS_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #######################[ direnv: direnv status (https://direnv.net/) ]######################## + # Direnv color. + typeset -g POWERLEVEL9K_DIRENV_FOREGROUND=3 + typeset -g POWERLEVEL9K_DIRENV_BACKGROUND=0 + # Custom icon. + # typeset -g POWERLEVEL9K_DIRENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###############[ asdf: asdf version manager (https://github.com/asdf-vm/asdf) ]############### + # Default asdf color. Only used to display tools for which there is no color override (see below). + # Tip: Override these parameters for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_FOREGROUND and + # POWERLEVEL9K_ASDF_${TOOL}_BACKGROUND. + typeset -g POWERLEVEL9K_ASDF_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_BACKGROUND=7 + + # There are four parameters that can be used to hide asdf tools. Each parameter describes + # conditions under which a tool gets hidden. Parameters can hide tools but not unhide them. If at + # least one parameter decides to hide a tool, that tool gets hidden. If no parameter decides to + # hide a tool, it gets shown. + # + # Special note on the difference between POWERLEVEL9K_ASDF_SOURCES and + # POWERLEVEL9K_ASDF_PROMPT_ALWAYS_SHOW. Consider the effect of the following commands: + # + # asdf local python 3.8.1 + # asdf global python 3.8.1 + # + # After running both commands the current python version is 3.8.1 and its source is "local" as + # it takes precedence over "global". If POWERLEVEL9K_ASDF_PROMPT_ALWAYS_SHOW is set to false, + # it'll hide python version in this case because 3.8.1 is the same as the global version. + # POWERLEVEL9K_ASDF_SOURCES will hide python version only if the value of this parameter doesn't + # contain "local". + + # Hide tool versions that don't come from one of these sources. + # + # Available sources: + # + # - shell `asdf current` says "set by ASDF_${TOOL}_VERSION environment variable" + # - local `asdf current` says "set by /some/not/home/directory/file" + # - global `asdf current` says "set by /home/username/file" + # + # Note: If this parameter is set to (shell local global), it won't hide tools. + # Tip: Override this parameter for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_SOURCES. + typeset -g POWERLEVEL9K_ASDF_SOURCES=(shell local global) + + # If set to false, hide tool versions that are the same as global. + # + # Note: The name of this parameter doesn't reflect its meaning at all. + # Note: If this parameter is set to true, it won't hide tools. + # Tip: Override this parameter for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_PROMPT_ALWAYS_SHOW. + typeset -g POWERLEVEL9K_ASDF_PROMPT_ALWAYS_SHOW=false + + # If set to false, hide tool versions that are equal to "system". + # + # Note: If this parameter is set to true, it won't hide tools. + # Tip: Override this parameter for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_SHOW_SYSTEM. + typeset -g POWERLEVEL9K_ASDF_SHOW_SYSTEM=true + + # If set to non-empty value, hide tools unless there is a file matching the specified file pattern + # in the current directory, or its parent directory, or its grandparent directory, and so on. + # + # Note: If this parameter is set to empty value, it won't hide tools. + # Note: SHOW_ON_UPGLOB isn't specific to asdf. It works with all prompt segments. + # Tip: Override this parameter for ${TOOL} with POWERLEVEL9K_ASDF_${TOOL}_SHOW_ON_UPGLOB. + # + # Example: Hide nodejs version when there is no package.json and no *.js files in the current + # directory, in `..`, in `../..` and so on. + # + # typeset -g POWERLEVEL9K_ASDF_NODEJS_SHOW_ON_UPGLOB='*.js|package.json' + typeset -g POWERLEVEL9K_ASDF_SHOW_ON_UPGLOB= + + # Ruby version from asdf. + typeset -g POWERLEVEL9K_ASDF_RUBY_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_RUBY_BACKGROUND=1 + # typeset -g POWERLEVEL9K_ASDF_RUBY_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_RUBY_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Python version from asdf. + typeset -g POWERLEVEL9K_ASDF_PYTHON_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_PYTHON_BACKGROUND=4 + # typeset -g POWERLEVEL9K_ASDF_PYTHON_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_PYTHON_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Go version from asdf. + typeset -g POWERLEVEL9K_ASDF_GOLANG_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_GOLANG_BACKGROUND=4 + # typeset -g POWERLEVEL9K_ASDF_GOLANG_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_GOLANG_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Node.js version from asdf. + typeset -g POWERLEVEL9K_ASDF_NODEJS_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_NODEJS_BACKGROUND=2 + # typeset -g POWERLEVEL9K_ASDF_NODEJS_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_NODEJS_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Rust version from asdf. + typeset -g POWERLEVEL9K_ASDF_RUST_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_RUST_BACKGROUND=208 + # typeset -g POWERLEVEL9K_ASDF_RUST_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_RUST_SHOW_ON_UPGLOB='*.foo|*.bar' + + # .NET Core version from asdf. + typeset -g POWERLEVEL9K_ASDF_DOTNET_CORE_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_DOTNET_CORE_BACKGROUND=5 + # typeset -g POWERLEVEL9K_ASDF_DOTNET_CORE_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_DOTNET_CORE_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Flutter version from asdf. + typeset -g POWERLEVEL9K_ASDF_FLUTTER_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_FLUTTER_BACKGROUND=4 + # typeset -g POWERLEVEL9K_ASDF_FLUTTER_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_FLUTTER_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Lua version from asdf. + typeset -g POWERLEVEL9K_ASDF_LUA_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_LUA_BACKGROUND=4 + # typeset -g POWERLEVEL9K_ASDF_LUA_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_LUA_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Java version from asdf. + typeset -g POWERLEVEL9K_ASDF_JAVA_FOREGROUND=1 + typeset -g POWERLEVEL9K_ASDF_JAVA_BACKGROUND=7 + # typeset -g POWERLEVEL9K_ASDF_JAVA_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_JAVA_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Perl version from asdf. + typeset -g POWERLEVEL9K_ASDF_PERL_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_PERL_BACKGROUND=4 + # typeset -g POWERLEVEL9K_ASDF_PERL_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_PERL_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Erlang version from asdf. + typeset -g POWERLEVEL9K_ASDF_ERLANG_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_ERLANG_BACKGROUND=1 + # typeset -g POWERLEVEL9K_ASDF_ERLANG_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_ERLANG_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Elixir version from asdf. + typeset -g POWERLEVEL9K_ASDF_ELIXIR_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_ELIXIR_BACKGROUND=5 + # typeset -g POWERLEVEL9K_ASDF_ELIXIR_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_ELIXIR_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Postgres version from asdf. + typeset -g POWERLEVEL9K_ASDF_POSTGRES_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_POSTGRES_BACKGROUND=6 + # typeset -g POWERLEVEL9K_ASDF_POSTGRES_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_POSTGRES_SHOW_ON_UPGLOB='*.foo|*.bar' + + # PHP version from asdf. + typeset -g POWERLEVEL9K_ASDF_PHP_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_PHP_BACKGROUND=5 + # typeset -g POWERLEVEL9K_ASDF_PHP_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_PHP_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Haskell version from asdf. + typeset -g POWERLEVEL9K_ASDF_HASKELL_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_HASKELL_BACKGROUND=3 + # typeset -g POWERLEVEL9K_ASDF_HASKELL_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_HASKELL_SHOW_ON_UPGLOB='*.foo|*.bar' + + # Julia version from asdf. + typeset -g POWERLEVEL9K_ASDF_JULIA_FOREGROUND=0 + typeset -g POWERLEVEL9K_ASDF_JULIA_BACKGROUND=2 + # typeset -g POWERLEVEL9K_ASDF_JULIA_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_ASDF_JULIA_SHOW_ON_UPGLOB='*.foo|*.bar' + + ##########[ nordvpn: nordvpn connection status, linux only (https://nordvpn.com/) ]########### + # NordVPN connection indicator color. + typeset -g POWERLEVEL9K_NORDVPN_FOREGROUND=7 + typeset -g POWERLEVEL9K_NORDVPN_BACKGROUND=4 + # Hide NordVPN connection indicator when not connected. + typeset -g POWERLEVEL9K_NORDVPN_{DISCONNECTED,CONNECTING,DISCONNECTING}_CONTENT_EXPANSION= + typeset -g POWERLEVEL9K_NORDVPN_{DISCONNECTED,CONNECTING,DISCONNECTING}_VISUAL_IDENTIFIER_EXPANSION= + # Custom icon. + # typeset -g POWERLEVEL9K_NORDVPN_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #################[ ranger: ranger shell (https://github.com/ranger/ranger) ]################## + # Ranger shell color. + typeset -g POWERLEVEL9K_RANGER_FOREGROUND=3 + typeset -g POWERLEVEL9K_RANGER_BACKGROUND=0 + # Custom icon. + # typeset -g POWERLEVEL9K_RANGER_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ####################[ yazi: yazi shell (https://github.com/sxyazi/yazi) ]##################### + # Yazi shell color. + typeset -g POWERLEVEL9K_YAZI_FOREGROUND=3 + typeset -g POWERLEVEL9K_YAZI_BACKGROUND=0 + # Custom icon. + # typeset -g POWERLEVEL9K_YAZI_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ######################[ nnn: nnn shell (https://github.com/jarun/nnn) ]####################### + # Nnn shell color. + typeset -g POWERLEVEL9K_NNN_FOREGROUND=0 + typeset -g POWERLEVEL9K_NNN_BACKGROUND=6 + # Custom icon. + # typeset -g POWERLEVEL9K_NNN_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ######################[ lf: lf shell (https://github.com/gokcehan/lf) ]####################### + # lf shell color. + typeset -g POWERLEVEL9K_LF_FOREGROUND=0 + typeset -g POWERLEVEL9K_LF_BACKGROUND=6 + # Custom icon. + # typeset -g POWERLEVEL9K_LF_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##################[ xplr: xplr shell (https://github.com/sayanarijit/xplr) ]################## + # xplr shell color. + typeset -g POWERLEVEL9K_XPLR_FOREGROUND=0 + typeset -g POWERLEVEL9K_XPLR_BACKGROUND=6 + # Custom icon. + # typeset -g POWERLEVEL9K_XPLR_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###########################[ vim_shell: vim shell indicator (:sh) ]########################### + # Vim shell indicator color. + typeset -g POWERLEVEL9K_VIM_SHELL_FOREGROUND=0 + typeset -g POWERLEVEL9K_VIM_SHELL_BACKGROUND=2 + # Custom icon. + # typeset -g POWERLEVEL9K_VIM_SHELL_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ######[ midnight_commander: midnight commander shell (https://midnight-commander.org/) ]###### + # Midnight Commander shell color. + typeset -g POWERLEVEL9K_MIDNIGHT_COMMANDER_FOREGROUND=3 + typeset -g POWERLEVEL9K_MIDNIGHT_COMMANDER_BACKGROUND=0 + # Custom icon. + # typeset -g POWERLEVEL9K_MIDNIGHT_COMMANDER_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #[ nix_shell: nix shell (https://nixos.org/nixos/nix-pills/developing-with-nix-shell.html) ]## + # Nix shell color. + typeset -g POWERLEVEL9K_NIX_SHELL_FOREGROUND=0 + typeset -g POWERLEVEL9K_NIX_SHELL_BACKGROUND=4 + + # Display the icon of nix_shell if PATH contains a subdirectory of /nix/store. + # typeset -g POWERLEVEL9K_NIX_SHELL_INFER_FROM_PATH=false + + # Tip: If you want to see just the icon without "pure" and "impure", uncomment the next line. + # typeset -g POWERLEVEL9K_NIX_SHELL_CONTENT_EXPANSION= + + # Custom icon. + # typeset -g POWERLEVEL9K_NIX_SHELL_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##################[ chezmoi_shell: chezmoi shell (https://www.chezmoi.io/) ]################## + # chezmoi shell color. + typeset -g POWERLEVEL9K_CHEZMOI_SHELL_FOREGROUND=0 + typeset -g POWERLEVEL9K_CHEZMOI_SHELL_BACKGROUND=4 + # Custom icon. + # typeset -g POWERLEVEL9K_CHEZMOI_SHELL_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##################################[ disk_usage: disk usage ]################################## + # Colors for different levels of disk usage. + typeset -g POWERLEVEL9K_DISK_USAGE_NORMAL_FOREGROUND=3 + typeset -g POWERLEVEL9K_DISK_USAGE_NORMAL_BACKGROUND=0 + typeset -g POWERLEVEL9K_DISK_USAGE_WARNING_FOREGROUND=0 + typeset -g POWERLEVEL9K_DISK_USAGE_WARNING_BACKGROUND=3 + typeset -g POWERLEVEL9K_DISK_USAGE_CRITICAL_FOREGROUND=7 + typeset -g POWERLEVEL9K_DISK_USAGE_CRITICAL_BACKGROUND=1 + # Thresholds for different levels of disk usage (percentage points). + typeset -g POWERLEVEL9K_DISK_USAGE_WARNING_LEVEL=90 + typeset -g POWERLEVEL9K_DISK_USAGE_CRITICAL_LEVEL=95 + # If set to true, hide disk usage when below $POWERLEVEL9K_DISK_USAGE_WARNING_LEVEL percent. + typeset -g POWERLEVEL9K_DISK_USAGE_ONLY_WARNING=false + # Custom icon. + # typeset -g POWERLEVEL9K_DISK_USAGE_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###########[ vi_mode: vi mode (you don't need this if you've enabled prompt_char) ]########### + # Foreground color. + typeset -g POWERLEVEL9K_VI_MODE_FOREGROUND=0 + # Text and color for normal (a.k.a. command) vi mode. + typeset -g POWERLEVEL9K_VI_COMMAND_MODE_STRING=NORMAL + typeset -g POWERLEVEL9K_VI_MODE_NORMAL_BACKGROUND=2 + # Text and color for visual vi mode. + typeset -g POWERLEVEL9K_VI_VISUAL_MODE_STRING=VISUAL + typeset -g POWERLEVEL9K_VI_MODE_VISUAL_BACKGROUND=4 + # Text and color for overtype (a.k.a. overwrite and replace) vi mode. + typeset -g POWERLEVEL9K_VI_OVERWRITE_MODE_STRING=OVERTYPE + typeset -g POWERLEVEL9K_VI_MODE_OVERWRITE_BACKGROUND=3 + # Text and color for insert vi mode. + typeset -g POWERLEVEL9K_VI_INSERT_MODE_STRING= + typeset -g POWERLEVEL9K_VI_MODE_INSERT_FOREGROUND=8 + # Custom icon. + # typeset -g POWERLEVEL9K_VI_MODE_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ######################################[ ram: free RAM ]####################################### + # RAM color. + typeset -g POWERLEVEL9K_RAM_FOREGROUND=0 + typeset -g POWERLEVEL9K_RAM_BACKGROUND=3 + # Custom icon. + # typeset -g POWERLEVEL9K_RAM_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #####################################[ swap: used swap ]###################################### + # Swap color. + typeset -g POWERLEVEL9K_SWAP_FOREGROUND=0 + typeset -g POWERLEVEL9K_SWAP_BACKGROUND=3 + # Custom icon. + # typeset -g POWERLEVEL9K_SWAP_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ######################################[ load: CPU load ]###################################### + # Show average CPU load over this many last minutes. Valid values are 1, 5 and 15. + typeset -g POWERLEVEL9K_LOAD_WHICH=5 + # Load color when load is under 50%. + typeset -g POWERLEVEL9K_LOAD_NORMAL_FOREGROUND=0 + typeset -g POWERLEVEL9K_LOAD_NORMAL_BACKGROUND=2 + # Load color when load is between 50% and 70%. + typeset -g POWERLEVEL9K_LOAD_WARNING_FOREGROUND=0 + typeset -g POWERLEVEL9K_LOAD_WARNING_BACKGROUND=3 + # Load color when load is over 70%. + typeset -g POWERLEVEL9K_LOAD_CRITICAL_FOREGROUND=0 + typeset -g POWERLEVEL9K_LOAD_CRITICAL_BACKGROUND=1 + # Custom icon. + # typeset -g POWERLEVEL9K_LOAD_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ################[ todo: todo items (https://github.com/todotxt/todo.txt-cli) ]################ + # Todo color. + typeset -g POWERLEVEL9K_TODO_FOREGROUND=0 + typeset -g POWERLEVEL9K_TODO_BACKGROUND=8 + # Hide todo when the total number of tasks is zero. + typeset -g POWERLEVEL9K_TODO_HIDE_ZERO_TOTAL=true + # Hide todo when the number of tasks after filtering is zero. + typeset -g POWERLEVEL9K_TODO_HIDE_ZERO_FILTERED=false + + # Todo format. The following parameters are available within the expansion. + # + # - P9K_TODO_TOTAL_TASK_COUNT The total number of tasks. + # - P9K_TODO_FILTERED_TASK_COUNT The number of tasks after filtering. + # + # These variables correspond to the last line of the output of `todo.sh -p ls`: + # + # TODO: 24 of 42 tasks shown + # + # Here 24 is P9K_TODO_FILTERED_TASK_COUNT and 42 is P9K_TODO_TOTAL_TASK_COUNT. + # + # typeset -g POWERLEVEL9K_TODO_CONTENT_EXPANSION='$P9K_TODO_FILTERED_TASK_COUNT' + + # Custom icon. + # typeset -g POWERLEVEL9K_TODO_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###########[ timewarrior: timewarrior tracking status (https://timewarrior.net/) ]############ + # Timewarrior color. + typeset -g POWERLEVEL9K_TIMEWARRIOR_FOREGROUND=255 + typeset -g POWERLEVEL9K_TIMEWARRIOR_BACKGROUND=8 + + # If the tracked task is longer than 24 characters, truncate and append "…". + # Tip: To always display tasks without truncation, delete the following parameter. + # Tip: To hide task names and display just the icon when time tracking is enabled, set the + # value of the following parameter to "". + typeset -g POWERLEVEL9K_TIMEWARRIOR_CONTENT_EXPANSION='${P9K_CONTENT:0:24}${${P9K_CONTENT:24}:+…}' + + # Custom icon. + # typeset -g POWERLEVEL9K_TIMEWARRIOR_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##############[ taskwarrior: taskwarrior task count (https://taskwarrior.org/) ]############## + # Taskwarrior color. + typeset -g POWERLEVEL9K_TASKWARRIOR_FOREGROUND=0 + typeset -g POWERLEVEL9K_TASKWARRIOR_BACKGROUND=6 + + # Taskwarrior segment format. The following parameters are available within the expansion. + # + # - P9K_TASKWARRIOR_PENDING_COUNT The number of pending tasks: `task +PENDING count`. + # - P9K_TASKWARRIOR_OVERDUE_COUNT The number of overdue tasks: `task +OVERDUE count`. + # + # Zero values are represented as empty parameters. + # + # The default format: + # + # '${P9K_TASKWARRIOR_OVERDUE_COUNT:+"!$P9K_TASKWARRIOR_OVERDUE_COUNT/"}$P9K_TASKWARRIOR_PENDING_COUNT' + # + # typeset -g POWERLEVEL9K_TASKWARRIOR_CONTENT_EXPANSION='$P9K_TASKWARRIOR_PENDING_COUNT' + + # Custom icon. + # typeset -g POWERLEVEL9K_TASKWARRIOR_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ######[ per_directory_history: Oh My Zsh per-directory-history local/global indicator ]####### + # Color when using local/global history. + typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_LOCAL_FOREGROUND=0 + typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_LOCAL_BACKGROUND=5 + typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_GLOBAL_FOREGROUND=0 + typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_GLOBAL_BACKGROUND=3 + + # Tip: Uncomment the next two lines to hide "local"/"global" text and leave just the icon. + # typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_LOCAL_CONTENT_EXPANSION='' + # typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_GLOBAL_CONTENT_EXPANSION='' + + # Custom icon. + # typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_LOCAL_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_PER_DIRECTORY_HISTORY_GLOBAL_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ################################[ cpu_arch: CPU architecture ]################################ + # CPU architecture color. + typeset -g POWERLEVEL9K_CPU_ARCH_FOREGROUND=0 + typeset -g POWERLEVEL9K_CPU_ARCH_BACKGROUND=3 + + # Hide the segment when on a specific CPU architecture. + # typeset -g POWERLEVEL9K_CPU_ARCH_X86_64_CONTENT_EXPANSION= + # typeset -g POWERLEVEL9K_CPU_ARCH_X86_64_VISUAL_IDENTIFIER_EXPANSION= + + # Custom icon. + # typeset -g POWERLEVEL9K_CPU_ARCH_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##################################[ context: user@hostname ]################################## + # Context color when running with privileges. + typeset -g POWERLEVEL9K_CONTEXT_ROOT_FOREGROUND=1 + typeset -g POWERLEVEL9K_CONTEXT_ROOT_BACKGROUND=0 + # Context color in SSH without privileges. + typeset -g POWERLEVEL9K_CONTEXT_{REMOTE,REMOTE_SUDO}_FOREGROUND=3 + typeset -g POWERLEVEL9K_CONTEXT_{REMOTE,REMOTE_SUDO}_BACKGROUND=0 + # Default context color (no privileges, no SSH). + typeset -g POWERLEVEL9K_CONTEXT_FOREGROUND=3 + typeset -g POWERLEVEL9K_CONTEXT_BACKGROUND=0 + + # Context format when running with privileges: user@hostname. + typeset -g POWERLEVEL9K_CONTEXT_ROOT_TEMPLATE='%n@%m' + # Context format when in SSH without privileges: user@hostname. + typeset -g POWERLEVEL9K_CONTEXT_{REMOTE,REMOTE_SUDO}_TEMPLATE='%n@%m' + # Default context format (no privileges, no SSH): user@hostname. + typeset -g POWERLEVEL9K_CONTEXT_TEMPLATE='%n@%m' + + # Don't show context unless running with privileges or in SSH. + # Tip: Remove the next line to always show context. + typeset -g POWERLEVEL9K_CONTEXT_{DEFAULT,SUDO}_{CONTENT,VISUAL_IDENTIFIER}_EXPANSION= + + # Custom icon. + # typeset -g POWERLEVEL9K_CONTEXT_VISUAL_IDENTIFIER_EXPANSION='⭐' + # Custom prefix. + # typeset -g POWERLEVEL9K_CONTEXT_PREFIX='with ' + + ###[ virtualenv: python virtual environment (https://docs.python.org/3/library/venv.html) ]### + # Python virtual environment color. + typeset -g POWERLEVEL9K_VIRTUALENV_FOREGROUND=0 + typeset -g POWERLEVEL9K_VIRTUALENV_BACKGROUND=4 + # Don't show Python version next to the virtual environment name. + typeset -g POWERLEVEL9K_VIRTUALENV_SHOW_PYTHON_VERSION=false + # If set to "false", won't show virtualenv if pyenv is already shown. + # If set to "if-different", won't show virtualenv if it's the same as pyenv. + typeset -g POWERLEVEL9K_VIRTUALENV_SHOW_WITH_PYENV=false + # Separate environment name from Python version only with a space. + typeset -g POWERLEVEL9K_VIRTUALENV_{LEFT,RIGHT}_DELIMITER= + # Custom icon. + # typeset -g POWERLEVEL9K_VIRTUALENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #####################[ anaconda: conda environment (https://conda.io/) ]###################### + # Anaconda environment color. + typeset -g POWERLEVEL9K_ANACONDA_FOREGROUND=0 + typeset -g POWERLEVEL9K_ANACONDA_BACKGROUND=4 + + # Anaconda segment format. The following parameters are available within the expansion. + # + # - CONDA_PREFIX Absolute path to the active Anaconda/Miniconda environment. + # - CONDA_DEFAULT_ENV Name of the active Anaconda/Miniconda environment. + # - CONDA_PROMPT_MODIFIER Configurable prompt modifier (see below). + # - P9K_ANACONDA_PYTHON_VERSION Current python version (python --version). + # + # CONDA_PROMPT_MODIFIER can be configured with the following command: + # + # conda config --set env_prompt '({default_env}) ' + # + # The last argument is a Python format string that can use the following variables: + # + # - prefix The same as CONDA_PREFIX. + # - default_env The same as CONDA_DEFAULT_ENV. + # - name The last segment of CONDA_PREFIX. + # - stacked_env Comma-separated list of names in the environment stack. The first element is + # always the same as default_env. + # + # Note: '({default_env}) ' is the default value of env_prompt. + # + # The default value of POWERLEVEL9K_ANACONDA_CONTENT_EXPANSION expands to $CONDA_PROMPT_MODIFIER + # without the surrounding parentheses, or to the last path component of CONDA_PREFIX if the former + # is empty. + typeset -g POWERLEVEL9K_ANACONDA_CONTENT_EXPANSION='${${${${CONDA_PROMPT_MODIFIER#\(}% }%\)}:-${CONDA_PREFIX:t}}' + + # Custom icon. + # typeset -g POWERLEVEL9K_ANACONDA_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ################[ pyenv: python environment (https://github.com/pyenv/pyenv) ]################ + # Pyenv color. + typeset -g POWERLEVEL9K_PYENV_FOREGROUND=0 + typeset -g POWERLEVEL9K_PYENV_BACKGROUND=4 + # Hide python version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_PYENV_SOURCES=(shell local global) + # If set to false, hide python version if it's the same as global: + # $(pyenv version-name) == $(pyenv global). + typeset -g POWERLEVEL9K_PYENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide python version if it's equal to "system". + typeset -g POWERLEVEL9K_PYENV_SHOW_SYSTEM=true + + # Pyenv segment format. The following parameters are available within the expansion. + # + # - P9K_CONTENT Current pyenv environment (pyenv version-name). + # - P9K_PYENV_PYTHON_VERSION Current python version (python --version). + # + # The default format has the following logic: + # + # 1. Display just "$P9K_CONTENT" if it's equal to "$P9K_PYENV_PYTHON_VERSION" or + # starts with "$P9K_PYENV_PYTHON_VERSION/". + # 2. Otherwise display "$P9K_CONTENT $P9K_PYENV_PYTHON_VERSION". + typeset -g POWERLEVEL9K_PYENV_CONTENT_EXPANSION='${P9K_CONTENT}${${P9K_CONTENT:#$P9K_PYENV_PYTHON_VERSION(|/*)}:+ $P9K_PYENV_PYTHON_VERSION}' + + # Custom icon. + # typeset -g POWERLEVEL9K_PYENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ################[ goenv: go environment (https://github.com/syndbg/goenv) ]################ + # Goenv color. + typeset -g POWERLEVEL9K_GOENV_FOREGROUND=0 + typeset -g POWERLEVEL9K_GOENV_BACKGROUND=4 + # Hide go version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_GOENV_SOURCES=(shell local global) + # If set to false, hide go version if it's the same as global: + # $(goenv version-name) == $(goenv global). + typeset -g POWERLEVEL9K_GOENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide go version if it's equal to "system". + typeset -g POWERLEVEL9K_GOENV_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_GOENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##########[ nodenv: node.js version from nodenv (https://github.com/nodenv/nodenv) ]########## + # Nodenv color. + typeset -g POWERLEVEL9K_NODENV_FOREGROUND=2 + typeset -g POWERLEVEL9K_NODENV_BACKGROUND=0 + # Hide node version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_NODENV_SOURCES=(shell local global) + # If set to false, hide node version if it's the same as global: + # $(nodenv version-name) == $(nodenv global). + typeset -g POWERLEVEL9K_NODENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide node version if it's equal to "system". + typeset -g POWERLEVEL9K_NODENV_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_NODENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##############[ nvm: node.js version from nvm (https://github.com/nvm-sh/nvm) ]############### + # Nvm color. + typeset -g POWERLEVEL9K_NVM_FOREGROUND=0 + typeset -g POWERLEVEL9K_NVM_BACKGROUND=5 + # If set to false, hide node version if it's the same as default: + # $(nvm version current) == $(nvm version default). + typeset -g POWERLEVEL9K_NVM_PROMPT_ALWAYS_SHOW=false + # If set to false, hide node version if it's equal to "system". + typeset -g POWERLEVEL9K_NVM_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_NVM_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ############[ nodeenv: node.js environment (https://github.com/ekalinin/nodeenv) ]############ + # Nodeenv color. + typeset -g POWERLEVEL9K_NODEENV_FOREGROUND=2 + typeset -g POWERLEVEL9K_NODEENV_BACKGROUND=0 + # Don't show Node version next to the environment name. + typeset -g POWERLEVEL9K_NODEENV_SHOW_NODE_VERSION=false + # Separate environment name from Node version only with a space. + typeset -g POWERLEVEL9K_NODEENV_{LEFT,RIGHT}_DELIMITER= + # Custom icon. + # typeset -g POWERLEVEL9K_NODEENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##############################[ node_version: node.js version ]############################### + # Node version color. + typeset -g POWERLEVEL9K_NODE_VERSION_FOREGROUND=7 + typeset -g POWERLEVEL9K_NODE_VERSION_BACKGROUND=2 + # Show node version only when in a directory tree containing package.json. + typeset -g POWERLEVEL9K_NODE_VERSION_PROJECT_ONLY=true + # Custom icon. + # typeset -g POWERLEVEL9K_NODE_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #######################[ go_version: go version (https://golang.org) ]######################## + # Go version color. + typeset -g POWERLEVEL9K_GO_VERSION_FOREGROUND=255 + typeset -g POWERLEVEL9K_GO_VERSION_BACKGROUND=2 + # Show go version only when in a go project subdirectory. + typeset -g POWERLEVEL9K_GO_VERSION_PROJECT_ONLY=true + # Custom icon. + # typeset -g POWERLEVEL9K_GO_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #################[ rust_version: rustc version (https://www.rust-lang.org) ]################## + # Rust version color. + typeset -g POWERLEVEL9K_RUST_VERSION_FOREGROUND=0 + typeset -g POWERLEVEL9K_RUST_VERSION_BACKGROUND=208 + # Show rust version only when in a rust project subdirectory. + typeset -g POWERLEVEL9K_RUST_VERSION_PROJECT_ONLY=true + # Custom icon. + # typeset -g POWERLEVEL9K_RUST_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###############[ dotnet_version: .NET version (https://dotnet.microsoft.com) ]################ + # .NET version color. + typeset -g POWERLEVEL9K_DOTNET_VERSION_FOREGROUND=7 + typeset -g POWERLEVEL9K_DOTNET_VERSION_BACKGROUND=5 + # Show .NET version only when in a .NET project subdirectory. + typeset -g POWERLEVEL9K_DOTNET_VERSION_PROJECT_ONLY=true + # Custom icon. + # typeset -g POWERLEVEL9K_DOTNET_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #####################[ php_version: php version (https://www.php.net/) ]###################### + # PHP version color. + typeset -g POWERLEVEL9K_PHP_VERSION_FOREGROUND=0 + typeset -g POWERLEVEL9K_PHP_VERSION_BACKGROUND=5 + # Show PHP version only when in a PHP project subdirectory. + typeset -g POWERLEVEL9K_PHP_VERSION_PROJECT_ONLY=true + # Custom icon. + # typeset -g POWERLEVEL9K_PHP_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##########[ laravel_version: laravel php framework version (https://laravel.com/) ]########### + # Laravel version color. + typeset -g POWERLEVEL9K_LARAVEL_VERSION_FOREGROUND=1 + typeset -g POWERLEVEL9K_LARAVEL_VERSION_BACKGROUND=7 + # Custom icon. + # typeset -g POWERLEVEL9K_LARAVEL_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #############[ rbenv: ruby version from rbenv (https://github.com/rbenv/rbenv) ]############## + # Rbenv color. + typeset -g POWERLEVEL9K_RBENV_FOREGROUND=0 + typeset -g POWERLEVEL9K_RBENV_BACKGROUND=1 + # Hide ruby version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_RBENV_SOURCES=(shell local global) + # If set to false, hide ruby version if it's the same as global: + # $(rbenv version-name) == $(rbenv global). + typeset -g POWERLEVEL9K_RBENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide ruby version if it's equal to "system". + typeset -g POWERLEVEL9K_RBENV_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_RBENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ####################[ java_version: java version (https://www.java.com/) ]#################### + # Java version color. + typeset -g POWERLEVEL9K_JAVA_VERSION_FOREGROUND=1 + typeset -g POWERLEVEL9K_JAVA_VERSION_BACKGROUND=7 + # Show java version only when in a java project subdirectory. + typeset -g POWERLEVEL9K_JAVA_VERSION_PROJECT_ONLY=true + # Show brief version. + typeset -g POWERLEVEL9K_JAVA_VERSION_FULL=false + # Custom icon. + # typeset -g POWERLEVEL9K_JAVA_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###[ package: name@version from package.json (https://docs.npmjs.com/files/package.json) ]#### + # Package color. + typeset -g POWERLEVEL9K_PACKAGE_FOREGROUND=0 + typeset -g POWERLEVEL9K_PACKAGE_BACKGROUND=6 + + # Package format. The following parameters are available within the expansion. + # + # - P9K_PACKAGE_NAME The value of `name` field in package.json. + # - P9K_PACKAGE_VERSION The value of `version` field in package.json. + # + # typeset -g POWERLEVEL9K_PACKAGE_CONTENT_EXPANSION='${P9K_PACKAGE_NAME//\%/%%}@${P9K_PACKAGE_VERSION//\%/%%}' + + # Custom icon. + # typeset -g POWERLEVEL9K_PACKAGE_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #######################[ rvm: ruby version from rvm (https://rvm.io) ]######################## + # Rvm color. + typeset -g POWERLEVEL9K_RVM_FOREGROUND=0 + typeset -g POWERLEVEL9K_RVM_BACKGROUND=240 + # Don't show @gemset at the end. + typeset -g POWERLEVEL9K_RVM_SHOW_GEMSET=false + # Don't show ruby- at the front. + typeset -g POWERLEVEL9K_RVM_SHOW_PREFIX=false + # Custom icon. + # typeset -g POWERLEVEL9K_RVM_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###########[ fvm: flutter version management (https://github.com/leoafarias/fvm) ]############ + # Fvm color. + typeset -g POWERLEVEL9K_FVM_FOREGROUND=0 + typeset -g POWERLEVEL9K_FVM_BACKGROUND=4 + # Custom icon. + # typeset -g POWERLEVEL9K_FVM_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##########[ luaenv: lua version from luaenv (https://github.com/cehoffman/luaenv) ]########### + # Lua color. + typeset -g POWERLEVEL9K_LUAENV_FOREGROUND=0 + typeset -g POWERLEVEL9K_LUAENV_BACKGROUND=4 + # Hide lua version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_LUAENV_SOURCES=(shell local global) + # If set to false, hide lua version if it's the same as global: + # $(luaenv version-name) == $(luaenv global). + typeset -g POWERLEVEL9K_LUAENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide lua version if it's equal to "system". + typeset -g POWERLEVEL9K_LUAENV_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_LUAENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###############[ jenv: java version from jenv (https://github.com/jenv/jenv) ]################ + # Java color. + typeset -g POWERLEVEL9K_JENV_FOREGROUND=1 + typeset -g POWERLEVEL9K_JENV_BACKGROUND=7 + # Hide java version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_JENV_SOURCES=(shell local global) + # If set to false, hide java version if it's the same as global: + # $(jenv version-name) == $(jenv global). + typeset -g POWERLEVEL9K_JENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide java version if it's equal to "system". + typeset -g POWERLEVEL9K_JENV_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_JENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###########[ plenv: perl version from plenv (https://github.com/tokuhirom/plenv) ]############ + # Perl color. + typeset -g POWERLEVEL9K_PLENV_FOREGROUND=0 + typeset -g POWERLEVEL9K_PLENV_BACKGROUND=4 + # Hide perl version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_PLENV_SOURCES=(shell local global) + # If set to false, hide perl version if it's the same as global: + # $(plenv version-name) == $(plenv global). + typeset -g POWERLEVEL9K_PLENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide perl version if it's equal to "system". + typeset -g POWERLEVEL9K_PLENV_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_PLENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###########[ perlbrew: perl version from perlbrew (https://github.com/gugod/App-perlbrew) ]############ + # Perlbrew color. + typeset -g POWERLEVEL9K_PERLBREW_FOREGROUND=67 + # Show perlbrew version only when in a perl project subdirectory. + typeset -g POWERLEVEL9K_PERLBREW_PROJECT_ONLY=true + # Don't show "perl-" at the front. + typeset -g POWERLEVEL9K_PERLBREW_SHOW_PREFIX=false + # Custom icon. + # typeset -g POWERLEVEL9K_PERLBREW_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ############[ phpenv: php version from phpenv (https://github.com/phpenv/phpenv) ]############ + # PHP color. + typeset -g POWERLEVEL9K_PHPENV_FOREGROUND=0 + typeset -g POWERLEVEL9K_PHPENV_BACKGROUND=5 + # Hide php version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_PHPENV_SOURCES=(shell local global) + # If set to false, hide php version if it's the same as global: + # $(phpenv version-name) == $(phpenv global). + typeset -g POWERLEVEL9K_PHPENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide PHP version if it's equal to "system". + typeset -g POWERLEVEL9K_PHPENV_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_PHPENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #######[ scalaenv: scala version from scalaenv (https://github.com/scalaenv/scalaenv) ]####### + # Scala color. + typeset -g POWERLEVEL9K_SCALAENV_FOREGROUND=0 + typeset -g POWERLEVEL9K_SCALAENV_BACKGROUND=1 + # Hide scala version if it doesn't come from one of these sources. + typeset -g POWERLEVEL9K_SCALAENV_SOURCES=(shell local global) + # If set to false, hide scala version if it's the same as global: + # $(scalaenv version-name) == $(scalaenv global). + typeset -g POWERLEVEL9K_SCALAENV_PROMPT_ALWAYS_SHOW=false + # If set to false, hide scala version if it's equal to "system". + typeset -g POWERLEVEL9K_SCALAENV_SHOW_SYSTEM=true + # Custom icon. + # typeset -g POWERLEVEL9K_SCALAENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##########[ haskell_stack: haskell version from stack (https://haskellstack.org/) ]########### + # Haskell color. + typeset -g POWERLEVEL9K_HASKELL_STACK_FOREGROUND=0 + typeset -g POWERLEVEL9K_HASKELL_STACK_BACKGROUND=3 + + # Hide haskell version if it doesn't come from one of these sources. + # + # shell: version is set by STACK_YAML + # local: version is set by stack.yaml up the directory tree + # global: version is set by the implicit global project (~/.stack/global-project/stack.yaml) + typeset -g POWERLEVEL9K_HASKELL_STACK_SOURCES=(shell local) + # If set to false, hide haskell version if it's the same as in the implicit global project. + typeset -g POWERLEVEL9K_HASKELL_STACK_ALWAYS_SHOW=true + # Custom icon. + # typeset -g POWERLEVEL9K_HASKELL_STACK_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ################[ terraform: terraform workspace (https://www.terraform.io) ]################# + # Don't show terraform workspace if it's literally "default". + typeset -g POWERLEVEL9K_TERRAFORM_SHOW_DEFAULT=false + # POWERLEVEL9K_TERRAFORM_CLASSES is an array with even number of elements. The first element + # in each pair defines a pattern against which the current terraform workspace gets matched. + # More specifically, it's P9K_CONTENT prior to the application of context expansion (see below) + # that gets matched. If you unset all POWERLEVEL9K_TERRAFORM_*CONTENT_EXPANSION parameters, + # you'll see this value in your prompt. The second element of each pair in + # POWERLEVEL9K_TERRAFORM_CLASSES defines the workspace class. Patterns are tried in order. The + # first match wins. + # + # For example, given these settings: + # + # typeset -g POWERLEVEL9K_TERRAFORM_CLASSES=( + # '*prod*' PROD + # '*test*' TEST + # '*' OTHER) + # + # If your current terraform workspace is "project_test", its class is TEST because "project_test" + # doesn't match the pattern '*prod*' but does match '*test*'. + # + # You can define different colors, icons and content expansions for different classes: + # + # typeset -g POWERLEVEL9K_TERRAFORM_TEST_FOREGROUND=2 + # typeset -g POWERLEVEL9K_TERRAFORM_TEST_BACKGROUND=0 + # typeset -g POWERLEVEL9K_TERRAFORM_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_TERRAFORM_TEST_CONTENT_EXPANSION='> ${P9K_CONTENT} <' + typeset -g POWERLEVEL9K_TERRAFORM_CLASSES=( + # '*prod*' PROD # These values are examples that are unlikely + # '*test*' TEST # to match your needs. Customize them as needed. + '*' OTHER) + typeset -g POWERLEVEL9K_TERRAFORM_OTHER_FOREGROUND=4 + typeset -g POWERLEVEL9K_TERRAFORM_OTHER_BACKGROUND=0 + # typeset -g POWERLEVEL9K_TERRAFORM_OTHER_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #############[ terraform_version: terraform version (https://www.terraform.io) ]############## + # Terraform version color. + typeset -g POWERLEVEL9K_TERRAFORM_VERSION_FOREGROUND=4 + typeset -g POWERLEVEL9K_TERRAFORM_VERSION_BACKGROUND=0 + # Custom icon. + # typeset -g POWERLEVEL9K_TERRAFORM_VERSION_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ################[ terraform_version: It shows active terraform version (https://www.terraform.io) ]################# + typeset -g POWERLEVEL9K_TERRAFORM_VERSION_SHOW_ON_COMMAND='terraform|tf' + + #############[ kubecontext: current kubernetes context (https://kubernetes.io/) ]############# + # Show kubecontext only when the command you are typing invokes one of these tools. + # Tip: Remove the next line to always show kubecontext. + typeset -g POWERLEVEL9K_KUBECONTEXT_SHOW_ON_COMMAND='kubectl|helm|kubens|kubectx|oc|istioctl|kogito|k9s|helmfile|flux|fluxctl|stern|kubeseal|skaffold|kubent|kubecolor|cmctl|sparkctl' + + # Kubernetes context classes for the purpose of using different colors, icons and expansions with + # different contexts. + # + # POWERLEVEL9K_KUBECONTEXT_CLASSES is an array with even number of elements. The first element + # in each pair defines a pattern against which the current kubernetes context gets matched. + # More specifically, it's P9K_CONTENT prior to the application of context expansion (see below) + # that gets matched. If you unset all POWERLEVEL9K_KUBECONTEXT_*CONTENT_EXPANSION parameters, + # you'll see this value in your prompt. The second element of each pair in + # POWERLEVEL9K_KUBECONTEXT_CLASSES defines the context class. Patterns are tried in order. The + # first match wins. + # + # For example, given these settings: + # + # typeset -g POWERLEVEL9K_KUBECONTEXT_CLASSES=( + # '*prod*' PROD + # '*test*' TEST + # '*' DEFAULT) + # + # If your current kubernetes context is "deathray-testing/default", its class is TEST + # because "deathray-testing/default" doesn't match the pattern '*prod*' but does match '*test*'. + # + # You can define different colors, icons and content expansions for different classes: + # + # typeset -g POWERLEVEL9K_KUBECONTEXT_TEST_FOREGROUND=0 + # typeset -g POWERLEVEL9K_KUBECONTEXT_TEST_BACKGROUND=2 + # typeset -g POWERLEVEL9K_KUBECONTEXT_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_KUBECONTEXT_TEST_CONTENT_EXPANSION='> ${P9K_CONTENT} <' + typeset -g POWERLEVEL9K_KUBECONTEXT_CLASSES=( + # '*prod*' PROD # These values are examples that are unlikely + # '*test*' TEST # to match your needs. Customize them as needed. + '*' DEFAULT) + typeset -g POWERLEVEL9K_KUBECONTEXT_DEFAULT_FOREGROUND=7 + typeset -g POWERLEVEL9K_KUBECONTEXT_DEFAULT_BACKGROUND=5 + # typeset -g POWERLEVEL9K_KUBECONTEXT_DEFAULT_VISUAL_IDENTIFIER_EXPANSION='⭐' + + # Use POWERLEVEL9K_KUBECONTEXT_CONTENT_EXPANSION to specify the content displayed by kubecontext + # segment. Parameter expansions are very flexible and fast, too. See reference: + # http://zsh.sourceforge.net/Doc/Release/Expansion.html#Parameter-Expansion. + # + # Within the expansion the following parameters are always available: + # + # - P9K_CONTENT The content that would've been displayed if there was no content + # expansion defined. + # - P9K_KUBECONTEXT_NAME The current context's name. Corresponds to column NAME in the + # output of `kubectl config get-contexts`. + # - P9K_KUBECONTEXT_CLUSTER The current context's cluster. Corresponds to column CLUSTER in the + # output of `kubectl config get-contexts`. + # - P9K_KUBECONTEXT_NAMESPACE The current context's namespace. Corresponds to column NAMESPACE + # in the output of `kubectl config get-contexts`. If there is no + # namespace, the parameter is set to "default". + # - P9K_KUBECONTEXT_USER The current context's user. Corresponds to column AUTHINFO in the + # output of `kubectl config get-contexts`. + # + # If the context points to Google Kubernetes Engine (GKE) or Elastic Kubernetes Service (EKS), + # the following extra parameters are available: + # + # - P9K_KUBECONTEXT_CLOUD_NAME Either "gke" or "eks". + # - P9K_KUBECONTEXT_CLOUD_ACCOUNT Account/project ID. + # - P9K_KUBECONTEXT_CLOUD_ZONE Availability zone. + # - P9K_KUBECONTEXT_CLOUD_CLUSTER Cluster. + # + # P9K_KUBECONTEXT_CLOUD_* parameters are derived from P9K_KUBECONTEXT_CLUSTER. For example, + # if P9K_KUBECONTEXT_CLUSTER is "gke_my-account_us-east1-a_my-cluster-01": + # + # - P9K_KUBECONTEXT_CLOUD_NAME=gke + # - P9K_KUBECONTEXT_CLOUD_ACCOUNT=my-account + # - P9K_KUBECONTEXT_CLOUD_ZONE=us-east1-a + # - P9K_KUBECONTEXT_CLOUD_CLUSTER=my-cluster-01 + # + # If P9K_KUBECONTEXT_CLUSTER is "arn:aws:eks:us-east-1:123456789012:cluster/my-cluster-01": + # + # - P9K_KUBECONTEXT_CLOUD_NAME=eks + # - P9K_KUBECONTEXT_CLOUD_ACCOUNT=123456789012 + # - P9K_KUBECONTEXT_CLOUD_ZONE=us-east-1 + # - P9K_KUBECONTEXT_CLOUD_CLUSTER=my-cluster-01 + typeset -g POWERLEVEL9K_KUBECONTEXT_DEFAULT_CONTENT_EXPANSION= + # Show P9K_KUBECONTEXT_CLOUD_CLUSTER if it's not empty and fall back to P9K_KUBECONTEXT_NAME. + POWERLEVEL9K_KUBECONTEXT_DEFAULT_CONTENT_EXPANSION+='${P9K_KUBECONTEXT_CLOUD_CLUSTER:-${P9K_KUBECONTEXT_NAME}}' + # Append the current context's namespace if it's not "default". + POWERLEVEL9K_KUBECONTEXT_DEFAULT_CONTENT_EXPANSION+='${${:-/$P9K_KUBECONTEXT_NAMESPACE}:#/default}' + + # Custom prefix. + # typeset -g POWERLEVEL9K_KUBECONTEXT_PREFIX='at ' + + #[ aws: aws profile (https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) ]# + # Show aws only when the command you are typing invokes one of these tools. + # Tip: Remove the next line to always show aws. + typeset -g POWERLEVEL9K_AWS_SHOW_ON_COMMAND='aws|awless|cdk|terraform|pulumi|terragrunt' + + # POWERLEVEL9K_AWS_CLASSES is an array with even number of elements. The first element + # in each pair defines a pattern against which the current AWS profile gets matched. + # More specifically, it's P9K_CONTENT prior to the application of context expansion (see below) + # that gets matched. If you unset all POWERLEVEL9K_AWS_*CONTENT_EXPANSION parameters, + # you'll see this value in your prompt. The second element of each pair in + # POWERLEVEL9K_AWS_CLASSES defines the profile class. Patterns are tried in order. The + # first match wins. + # + # For example, given these settings: + # + # typeset -g POWERLEVEL9K_AWS_CLASSES=( + # '*prod*' PROD + # '*test*' TEST + # '*' DEFAULT) + # + # If your current AWS profile is "company_test", its class is TEST + # because "company_test" doesn't match the pattern '*prod*' but does match '*test*'. + # + # You can define different colors, icons and content expansions for different classes: + # + # typeset -g POWERLEVEL9K_AWS_TEST_FOREGROUND=28 + # typeset -g POWERLEVEL9K_AWS_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_AWS_TEST_CONTENT_EXPANSION='> ${P9K_CONTENT} <' + typeset -g POWERLEVEL9K_AWS_CLASSES=( + # '*prod*' PROD # These values are examples that are unlikely + # '*test*' TEST # to match your needs. Customize them as needed. + '*' DEFAULT) + typeset -g POWERLEVEL9K_AWS_DEFAULT_FOREGROUND=7 + typeset -g POWERLEVEL9K_AWS_DEFAULT_BACKGROUND=1 + # typeset -g POWERLEVEL9K_AWS_DEFAULT_VISUAL_IDENTIFIER_EXPANSION='⭐' + + # AWS segment format. The following parameters are available within the expansion. + # + # - P9K_AWS_PROFILE The name of the current AWS profile. + # - P9K_AWS_REGION The region associated with the current AWS profile. + typeset -g POWERLEVEL9K_AWS_CONTENT_EXPANSION='${P9K_AWS_PROFILE//\%/%%}${P9K_AWS_REGION:+ ${P9K_AWS_REGION//\%/%%}}' + + #[ aws_eb_env: aws elastic beanstalk environment (https://aws.amazon.com/elasticbeanstalk/) ]# + # AWS Elastic Beanstalk environment color. + typeset -g POWERLEVEL9K_AWS_EB_ENV_FOREGROUND=2 + typeset -g POWERLEVEL9K_AWS_EB_ENV_BACKGROUND=0 + # Custom icon. + # typeset -g POWERLEVEL9K_AWS_EB_ENV_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##########[ azure: azure account name (https://docs.microsoft.com/en-us/cli/azure) ]########## + # Show azure only when the command you are typing invokes one of these tools. + # Tip: Remove the next line to always show azure. + typeset -g POWERLEVEL9K_AZURE_SHOW_ON_COMMAND='az|terraform|pulumi|terragrunt' + + # POWERLEVEL9K_AZURE_CLASSES is an array with even number of elements. The first element + # in each pair defines a pattern against which the current azure account name gets matched. + # More specifically, it's P9K_CONTENT prior to the application of context expansion (see below) + # that gets matched. If you unset all POWERLEVEL9K_AZURE_*CONTENT_EXPANSION parameters, + # you'll see this value in your prompt. The second element of each pair in + # POWERLEVEL9K_AZURE_CLASSES defines the account class. Patterns are tried in order. The + # first match wins. + # + # For example, given these settings: + # + # typeset -g POWERLEVEL9K_AZURE_CLASSES=( + # '*prod*' PROD + # '*test*' TEST + # '*' OTHER) + # + # If your current azure account is "company_test", its class is TEST because "company_test" + # doesn't match the pattern '*prod*' but does match '*test*'. + # + # You can define different colors, icons and content expansions for different classes: + # + # typeset -g POWERLEVEL9K_AZURE_TEST_FOREGROUND=2 + # typeset -g POWERLEVEL9K_AZURE_TEST_BACKGROUND=0 + # typeset -g POWERLEVEL9K_AZURE_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_AZURE_TEST_CONTENT_EXPANSION='> ${P9K_CONTENT} <' + typeset -g POWERLEVEL9K_AZURE_CLASSES=( + # '*prod*' PROD # These values are examples that are unlikely + # '*test*' TEST # to match your needs. Customize them as needed. + '*' OTHER) + + # Azure account name color. + typeset -g POWERLEVEL9K_AZURE_OTHER_FOREGROUND=7 + typeset -g POWERLEVEL9K_AZURE_OTHER_BACKGROUND=4 + # Custom icon. + # typeset -g POWERLEVEL9K_AZURE_OTHER_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ##########[ gcloud: google cloud account and project (https://cloud.google.com/) ]########### + # Show gcloud only when the command you are typing invokes one of these tools. + # Tip: Remove the next line to always show gcloud. + typeset -g POWERLEVEL9K_GCLOUD_SHOW_ON_COMMAND='gcloud|gcs|gsutil' + # Google cloud color. + typeset -g POWERLEVEL9K_GCLOUD_FOREGROUND=7 + typeset -g POWERLEVEL9K_GCLOUD_BACKGROUND=4 + + # Google cloud format. Change the value of POWERLEVEL9K_GCLOUD_PARTIAL_CONTENT_EXPANSION and/or + # POWERLEVEL9K_GCLOUD_COMPLETE_CONTENT_EXPANSION if the default is too verbose or not informative + # enough. You can use the following parameters in the expansions. Each of them corresponds to the + # output of `gcloud` tool. + # + # Parameter | Source + # -------------------------|-------------------------------------------------------------------- + # P9K_GCLOUD_CONFIGURATION | gcloud config configurations list --format='value(name)' + # P9K_GCLOUD_ACCOUNT | gcloud config get-value account + # P9K_GCLOUD_PROJECT_ID | gcloud config get-value project + # P9K_GCLOUD_PROJECT_NAME | gcloud projects describe $P9K_GCLOUD_PROJECT_ID --format='value(name)' + # + # Note: ${VARIABLE//\%/%%} expands to ${VARIABLE} with all occurrences of '%' replaced with '%%'. + # + # Obtaining project name requires sending a request to Google servers. This can take a long time + # and even fail. When project name is unknown, P9K_GCLOUD_PROJECT_NAME is not set and gcloud + # prompt segment is in state PARTIAL. When project name gets known, P9K_GCLOUD_PROJECT_NAME gets + # set and gcloud prompt segment transitions to state COMPLETE. + # + # You can customize the format, icon and colors of gcloud segment separately for states PARTIAL + # and COMPLETE. You can also hide gcloud in state PARTIAL by setting + # POWERLEVEL9K_GCLOUD_PARTIAL_VISUAL_IDENTIFIER_EXPANSION and + # POWERLEVEL9K_GCLOUD_PARTIAL_CONTENT_EXPANSION to empty. + typeset -g POWERLEVEL9K_GCLOUD_PARTIAL_CONTENT_EXPANSION='${P9K_GCLOUD_PROJECT_ID//\%/%%}' + typeset -g POWERLEVEL9K_GCLOUD_COMPLETE_CONTENT_EXPANSION='${P9K_GCLOUD_PROJECT_NAME//\%/%%}' + + # Send a request to Google (by means of `gcloud projects describe ...`) to obtain project name + # this often. Negative value disables periodic polling. In this mode project name is retrieved + # only when the current configuration, account or project id changes. + typeset -g POWERLEVEL9K_GCLOUD_REFRESH_PROJECT_NAME_SECONDS=60 + + # Custom icon. + # typeset -g POWERLEVEL9K_GCLOUD_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #[ google_app_cred: google application credentials (https://cloud.google.com/docs/authentication/production) ]# + # Show google_app_cred only when the command you are typing invokes one of these tools. + # Tip: Remove the next line to always show google_app_cred. + typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_SHOW_ON_COMMAND='terraform|pulumi|terragrunt' + + # Google application credentials classes for the purpose of using different colors, icons and + # expansions with different credentials. + # + # POWERLEVEL9K_GOOGLE_APP_CRED_CLASSES is an array with even number of elements. The first + # element in each pair defines a pattern against which the current kubernetes context gets + # matched. More specifically, it's P9K_CONTENT prior to the application of context expansion + # (see below) that gets matched. If you unset all POWERLEVEL9K_GOOGLE_APP_CRED_*CONTENT_EXPANSION + # parameters, you'll see this value in your prompt. The second element of each pair in + # POWERLEVEL9K_GOOGLE_APP_CRED_CLASSES defines the context class. Patterns are tried in order. + # The first match wins. + # + # For example, given these settings: + # + # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_CLASSES=( + # '*:*prod*:*' PROD + # '*:*test*:*' TEST + # '*' DEFAULT) + # + # If your current Google application credentials is "service_account deathray-testing x@y.com", + # its class is TEST because it doesn't match the pattern '* *prod* *' but does match '* *test* *'. + # + # You can define different colors, icons and content expansions for different classes: + # + # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_TEST_FOREGROUND=28 + # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_TEST_VISUAL_IDENTIFIER_EXPANSION='⭐' + # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_TEST_CONTENT_EXPANSION='$P9K_GOOGLE_APP_CRED_PROJECT_ID' + typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_CLASSES=( + # '*:*prod*:*' PROD # These values are examples that are unlikely + # '*:*test*:*' TEST # to match your needs. Customize them as needed. + '*' DEFAULT) + typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_DEFAULT_FOREGROUND=7 + typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_DEFAULT_BACKGROUND=4 + # typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_DEFAULT_VISUAL_IDENTIFIER_EXPANSION='⭐' + + # Use POWERLEVEL9K_GOOGLE_APP_CRED_CONTENT_EXPANSION to specify the content displayed by + # google_app_cred segment. Parameter expansions are very flexible and fast, too. See reference: + # http://zsh.sourceforge.net/Doc/Release/Expansion.html#Parameter-Expansion. + # + # You can use the following parameters in the expansion. Each of them corresponds to one of the + # fields in the JSON file pointed to by GOOGLE_APPLICATION_CREDENTIALS. + # + # Parameter | JSON key file field + # ---------------------------------+--------------- + # P9K_GOOGLE_APP_CRED_TYPE | type + # P9K_GOOGLE_APP_CRED_PROJECT_ID | project_id + # P9K_GOOGLE_APP_CRED_CLIENT_EMAIL | client_email + # + # Note: ${VARIABLE//\%/%%} expands to ${VARIABLE} with all occurrences of '%' replaced by '%%'. + typeset -g POWERLEVEL9K_GOOGLE_APP_CRED_DEFAULT_CONTENT_EXPANSION='${P9K_GOOGLE_APP_CRED_PROJECT_ID//\%/%%}' + + ##############[ toolbox: toolbox name (https://github.com/containers/toolbox) ]############### + # Toolbox color. + typeset -g POWERLEVEL9K_TOOLBOX_FOREGROUND=0 + typeset -g POWERLEVEL9K_TOOLBOX_BACKGROUND=3 + # Don't display the name of the toolbox if it matches fedora-toolbox-*. + typeset -g POWERLEVEL9K_TOOLBOX_CONTENT_EXPANSION='${P9K_TOOLBOX_NAME:#fedora-toolbox-*}' + # Custom icon. + # typeset -g POWERLEVEL9K_TOOLBOX_VISUAL_IDENTIFIER_EXPANSION='⭐' + # Custom prefix. + # typeset -g POWERLEVEL9K_TOOLBOX_PREFIX='in ' + + ###############################[ public_ip: public IP address ]############################### + # Public IP color. + typeset -g POWERLEVEL9K_PUBLIC_IP_FOREGROUND=7 + typeset -g POWERLEVEL9K_PUBLIC_IP_BACKGROUND=0 + # Custom icon. + # typeset -g POWERLEVEL9K_PUBLIC_IP_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ########################[ vpn_ip: virtual private network indicator ]######################### + # VPN IP color. + typeset -g POWERLEVEL9K_VPN_IP_FOREGROUND=0 + typeset -g POWERLEVEL9K_VPN_IP_BACKGROUND=6 + # When on VPN, show just an icon without the IP address. + # Tip: To display the private IP address when on VPN, remove the next line. + typeset -g POWERLEVEL9K_VPN_IP_CONTENT_EXPANSION= + # Regular expression for the VPN network interface. Run `ifconfig` or `ip -4 a show` while on VPN + # to see the name of the interface. + typeset -g POWERLEVEL9K_VPN_IP_INTERFACE='(gpd|wg|(.*tun)|tailscale)[0-9]*|(zt.*)' + # If set to true, show one segment per matching network interface. If set to false, show only + # one segment corresponding to the first matching network interface. + # Tip: If you set it to true, you'll probably want to unset POWERLEVEL9K_VPN_IP_CONTENT_EXPANSION. + typeset -g POWERLEVEL9K_VPN_IP_SHOW_ALL=false + # Custom icon. + # typeset -g POWERLEVEL9K_VPN_IP_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ###########[ ip: ip address and bandwidth usage for a specified network interface ]########### + # IP color. + typeset -g POWERLEVEL9K_IP_BACKGROUND=4 + typeset -g POWERLEVEL9K_IP_FOREGROUND=0 + # The following parameters are accessible within the expansion: + # + # Parameter | Meaning + # ----------------------+------------------------------------------- + # P9K_IP_IP | IP address + # P9K_IP_INTERFACE | network interface + # P9K_IP_RX_BYTES | total number of bytes received + # P9K_IP_TX_BYTES | total number of bytes sent + # P9K_IP_RX_BYTES_DELTA | number of bytes received since last prompt + # P9K_IP_TX_BYTES_DELTA | number of bytes sent since last prompt + # P9K_IP_RX_RATE | receive rate (since last prompt) + # P9K_IP_TX_RATE | send rate (since last prompt) + typeset -g POWERLEVEL9K_IP_CONTENT_EXPANSION='${P9K_IP_RX_RATE:+⇣$P9K_IP_RX_RATE }${P9K_IP_TX_RATE:+⇡$P9K_IP_TX_RATE }$P9K_IP_IP' + # Show information for the first network interface whose name matches this regular expression. + # Run `ifconfig` or `ip -4 a show` to see the names of all network interfaces. + typeset -g POWERLEVEL9K_IP_INTERFACE='[ew].*' + # Custom icon. + # typeset -g POWERLEVEL9K_IP_VISUAL_IDENTIFIER_EXPANSION='⭐' + + #########################[ proxy: system-wide http/https/ftp proxy ]########################## + # Proxy color. + typeset -g POWERLEVEL9K_PROXY_FOREGROUND=4 + typeset -g POWERLEVEL9K_PROXY_BACKGROUND=0 + # Custom icon. + # typeset -g POWERLEVEL9K_PROXY_VISUAL_IDENTIFIER_EXPANSION='⭐' + + ################################[ battery: internal battery ]################################# + # Show battery in red when it's below this level and not connected to power supply. + typeset -g POWERLEVEL9K_BATTERY_LOW_THRESHOLD=20 + typeset -g POWERLEVEL9K_BATTERY_LOW_FOREGROUND=1 + # Show battery in green when it's charging or fully charged. + typeset -g POWERLEVEL9K_BATTERY_{CHARGING,CHARGED}_FOREGROUND=2 + # Show battery in yellow when it's discharging. + typeset -g POWERLEVEL9K_BATTERY_DISCONNECTED_FOREGROUND=3 + # Battery pictograms going from low to high level of charge. + typeset -g POWERLEVEL9K_BATTERY_STAGES='\UF008E\UF007A\UF007B\UF007C\UF007D\UF007E\UF007F\UF0080\UF0081\UF0082\UF0079' + # Don't show the remaining time to charge/discharge. + typeset -g POWERLEVEL9K_BATTERY_VERBOSE=false + typeset -g POWERLEVEL9K_BATTERY_BACKGROUND=0 + + #####################################[ wifi: wifi speed ]##################################### + # WiFi color. + typeset -g POWERLEVEL9K_WIFI_FOREGROUND=0 + typeset -g POWERLEVEL9K_WIFI_BACKGROUND=4 + # Custom icon. + # typeset -g POWERLEVEL9K_WIFI_VISUAL_IDENTIFIER_EXPANSION='⭐' + + # Use different colors and icons depending on signal strength ($P9K_WIFI_BARS). + # + # # Wifi colors and icons for different signal strength levels (low to high). + # typeset -g my_wifi_fg=(0 0 0 0 0) # <-- change these values + # typeset -g my_wifi_icon=('WiFi' 'WiFi' 'WiFi' 'WiFi' 'WiFi') # <-- change these values + # + # typeset -g POWERLEVEL9K_WIFI_CONTENT_EXPANSION='%F{${my_wifi_fg[P9K_WIFI_BARS+1]}}$P9K_WIFI_LAST_TX_RATE Mbps' + # typeset -g POWERLEVEL9K_WIFI_VISUAL_IDENTIFIER_EXPANSION='%F{${my_wifi_fg[P9K_WIFI_BARS+1]}}${my_wifi_icon[P9K_WIFI_BARS+1]}' + # + # The following parameters are accessible within the expansions: + # + # Parameter | Meaning + # ----------------------+--------------- + # P9K_WIFI_SSID | service set identifier, a.k.a. network name + # P9K_WIFI_LINK_AUTH | authentication protocol such as "wpa2-psk" or "none"; empty if unknown + # P9K_WIFI_LAST_TX_RATE | wireless transmit rate in megabits per second + # P9K_WIFI_RSSI | signal strength in dBm, from -120 to 0 + # P9K_WIFI_NOISE | noise in dBm, from -120 to 0 + # P9K_WIFI_BARS | signal strength in bars, from 0 to 4 (derived from P9K_WIFI_RSSI and P9K_WIFI_NOISE) + + ####################################[ time: current time ]#################################### + # Current time color. + typeset -g POWERLEVEL9K_TIME_FOREGROUND=0 + typeset -g POWERLEVEL9K_TIME_BACKGROUND=7 + # Format for the current time: 09:51:02. See `man 3 strftime`. + typeset -g POWERLEVEL9K_TIME_FORMAT='%D{%H:%M:%S}' + # If set to true, time will update when you hit enter. This way prompts for the past + # commands will contain the start times of their commands as opposed to the default + # behavior where they contain the end times of their preceding commands. + typeset -g POWERLEVEL9K_TIME_UPDATE_ON_COMMAND=false + # Custom icon. + # typeset -g POWERLEVEL9K_TIME_VISUAL_IDENTIFIER_EXPANSION='⭐' + # Custom prefix. + # typeset -g POWERLEVEL9K_TIME_PREFIX='at ' + + # Example of a user-defined prompt segment. Function prompt_example will be called on every + # prompt if `example` prompt segment is added to POWERLEVEL9K_LEFT_PROMPT_ELEMENTS or + # POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS. It displays an icon and yellow text on red background + # greeting the user. + # + # Type `p10k help segment` for documentation and a more sophisticated example. + function prompt_example() { + p10k segment -b 1 -f 3 -i '⭐' -t 'hello, %n' + } + + # User-defined prompt segments may optionally provide an instant_prompt_* function. Its job + # is to generate the prompt segment for display in instant prompt. See + # https://github.com/romkatv/powerlevel10k#instant-prompt. + # + # Powerlevel10k will call instant_prompt_* at the same time as the regular prompt_* function + # and will record all `p10k segment` calls it makes. When displaying instant prompt, Powerlevel10k + # will replay these calls without actually calling instant_prompt_*. It is imperative that + # instant_prompt_* always makes the same `p10k segment` calls regardless of environment. If this + # rule is not observed, the content of instant prompt will be incorrect. + # + # Usually, you should either not define instant_prompt_* or simply call prompt_* from it. If + # instant_prompt_* is not defined for a segment, the segment won't be shown in instant prompt. + function instant_prompt_example() { + # Since prompt_example always makes the same `p10k segment` calls, we can call it from + # instant_prompt_example. This will give us the same `example` prompt segment in the instant + # and regular prompts. + prompt_example + } + + # User-defined prompt segments can be customized the same way as built-in segments. + typeset -g POWERLEVEL9K_EXAMPLE_FOREGROUND=3 + typeset -g POWERLEVEL9K_EXAMPLE_BACKGROUND=1 + # typeset -g POWERLEVEL9K_EXAMPLE_VISUAL_IDENTIFIER_EXPANSION='⭐' + + # Transient prompt works similarly to the builtin transient_rprompt option. It trims down prompt + # when accepting a command line. Supported values: + # + # - off: Don't change prompt when accepting a command line. + # - always: Trim down prompt when accepting a command line. + # - same-dir: Trim down prompt when accepting a command line unless this is the first command + # typed after changing current working directory. + typeset -g POWERLEVEL9K_TRANSIENT_PROMPT=off + + # Instant prompt mode. + # + # - off: Disable instant prompt. Choose this if you've tried instant prompt and found + # it incompatible with your zsh configuration files. + # - quiet: Enable instant prompt and don't print warnings when detecting console output + # during zsh initialization. Choose this if you've read and understood + # https://github.com/romkatv/powerlevel10k#instant-prompt. + # - verbose: Enable instant prompt and print a warning when detecting console output during + # zsh initialization. Choose this if you've never tried instant prompt, haven't + # seen the warning, or if you are unsure what this all means. + typeset -g POWERLEVEL9K_INSTANT_PROMPT=verbose + + # Hot reload allows you to change POWERLEVEL9K options after Powerlevel10k has been initialized. + # For example, you can type POWERLEVEL9K_BACKGROUND=red and see your prompt turn red. Hot reload + # can slow down prompt by 1-2 milliseconds, so it's better to keep it turned off unless you + # really need it. + typeset -g POWERLEVEL9K_DISABLE_HOT_RELOAD=true + + # If p10k is already loaded, reload configuration. + # This works even with POWERLEVEL9K_DISABLE_HOT_RELOAD=true. + (( ! $+functions[p10k] )) || p10k reload +} + +# Tell `p10k configure` which file it should overwrite. +typeset -g POWERLEVEL9K_CONFIG_FILE=${${(%):-%x}:a} + +(( ${#p10k_config_opts} )) && setopt ${p10k_config_opts[@]} +'builtin' 'unset' 'p10k_config_opts' diff --git a/home/vinzenz/zsh.nix b/home/vinzenz/zsh.nix index ba89d8e..d7cbcfa 100644 --- a/home/vinzenz/zsh.nix +++ b/home/vinzenz/zsh.nix @@ -4,8 +4,11 @@ initContent = '' # eval "$(direnv hook zsh)"; export PATH=$PATH:/home/vinzenz/.cargo/bin - ''; + source ${pkgs.zsh-powerlevel10k}/share/zsh-powerlevel10k/powerlevel10k.zsh-theme + + source ${./.zsh/p10k.zsh} + ''; enableCompletion = true; shellAliases = { From ac59b051579d3e6cb89a0449aba74a9f219a694f Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 6 Sep 2025 17:24:30 +0200 Subject: [PATCH 233/241] update flake --- flake.lock | 104 ++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 72 insertions(+), 32 deletions(-) diff --git a/flake.lock b/flake.lock index 39bc947..ac9a2f2 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,27 @@ { "nodes": { + "fenix": { + "inputs": { + "nixpkgs": [ + "naersk", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1752475459, + "narHash": "sha256-z6QEu4ZFuHiqdOPbYss4/Q8B0BFhacR8ts6jO/F/aOU=", + "owner": "nix-community", + "repo": "fenix", + "rev": "bf0d6f70f4c9a9cf8845f992105652173f4b617f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -40,11 +62,11 @@ ] }, "locked": { - "lastModified": 1753592768, - "narHash": "sha256-oV695RvbAE4+R9pcsT9shmp6zE/+IZe6evHWX63f2Qg=", + "lastModified": 1756679287, + "narHash": "sha256-Xd1vOeY9ccDf5VtVK12yM0FS6qqvfUop8UQlxEB+gTQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "fc3add429f21450359369af74c2375cb34a2d204", + "rev": "07fc025fe10487dd80f2ec694f1cd790e752d0e8", "type": "github" }, "original": { @@ -93,16 +115,17 @@ }, "naersk": { "inputs": { + "fenix": "fenix", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1752249768, - "narHash": "sha256-wKqMvhTqMgTKM/CdTH/ihq9eLZM95qpU0FG7cvTBFJg=", + "lastModified": 1752689277, + "narHash": "sha256-uldUBFkZe/E7qbvxa3mH1ItrWZyT6w1dBKJQF/3ZSsc=", "owner": "nix-community", "repo": "naersk", - "rev": "35aa63738857c40f98ecb04db52887d664836e74", + "rev": "0e72363d0938b0208d6c646d10649164c43f4d64", "type": "github" }, "original": { @@ -125,11 +148,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1755424351, - "narHash": "sha256-xcorYLNdtLpb0wH5CPlUcpmYQUxeK95j1X855xQw+DY=", + "lastModified": 1756801989, + "narHash": "sha256-eOIQ1CUMHwU4zsBGaCj9jCgNTxzyq2aeHuwgx0xLFwo=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "9aa137af01f05386e5bb5050e983750017007a66", + "rev": "d6a98b86d86b512c6167601ea646ab785137bada", "type": "github" }, "original": { @@ -141,16 +164,16 @@ "niri-stable": { "flake": false, "locked": { - "lastModified": 1748151941, - "narHash": "sha256-z4viQZLgC2bIJ3VrzQnR+q2F3gAOEQpU1H5xHtX/2fs=", + "lastModified": 1756556321, + "narHash": "sha256-RLD89dfjN0RVO86C/Mot0T7aduCygPGaYbog566F0Qo=", "owner": "YaLTeR", "repo": "niri", - "rev": "8ba57fcf25d2fc9565131684a839d58703f1dae7", + "rev": "01be0e65f4eb91a9cd624ac0b76aaeab765c7294", "type": "github" }, "original": { "owner": "YaLTeR", - "ref": "v25.05.1", + "ref": "v25.08", "repo": "niri", "type": "github" } @@ -158,11 +181,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1755419373, - "narHash": "sha256-EFH3zbpyLYjEboNV2Lmkxf9joEuFCmeYX+MMLRPStpg=", + "lastModified": 1756728273, + "narHash": "sha256-7tYNlNO/qVRA6shdWxNuBMYOE+pGgxqE0f54S4Wr9PE=", "owner": "YaLTeR", "repo": "niri", - "rev": "a6febb86aa5af0df7bf2792ca027ef95a503d599", + "rev": "77465e11fe36fdd9bc0a304b96bb2558116568af", "type": "github" }, "original": { @@ -196,11 +219,11 @@ ] }, "locked": { - "lastModified": 1755396877, - "narHash": "sha256-92gZRDz3zEsodraI0ZxPzZrpjSqc2qjxTW9HOflzKFw=", + "lastModified": 1756778240, + "narHash": "sha256-fEN9e5eTYTYiLWDgIm0LpfBZ/IKEmP+BvmDtg2HeHUY=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "0cf076c0bafbe7cbd33a3b7377ed24827674e8be", + "rev": "88023dda65dbb10c52aa03b39a0426024ad8e543", "type": "github" }, "original": { @@ -211,11 +234,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1755274400, - "narHash": "sha256-rTInmnp/xYrfcMZyFMH3kc8oko5zYfxsowaLv1LVobY=", + "lastModified": 1756754095, + "narHash": "sha256-9Rsn9XEWINExosFkKEqdp8EI6Mujr1gmQiyrEcts2ls=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ad7196ae55c295f53a7d1ec39e4a06d922f3b899", + "rev": "7c815e513adbf03c9098b2bd230c1e0525c8a7f9", "type": "github" }, "original": { @@ -227,11 +250,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1755268003, - "narHash": "sha256-nNaeJjo861wFR0tjHDyCnHs1rbRtrMgxAKMoig9Sj/w=", + "lastModified": 1756696532, + "narHash": "sha256-6FWagzm0b7I/IGigOv9pr6LL7NQ86mextfE8g8Q6HBg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "32f313e49e42f715491e1ea7b306a87c16fe0388", + "rev": "58dcbf1ec551914c3756c267b8b9c8c86baa1b2f", "type": "github" }, "original": { @@ -257,6 +280,23 @@ "zerforschen-plus": "zerforschen-plus" } }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1752428706, + "narHash": "sha256-EJcdxw3aXfP8Ex1Nm3s0awyH9egQvB2Gu+QEnJn2Sfg=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "591e3b7624be97e4443ea7b5542c191311aa141d", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "servicepoint-cli": { "inputs": { "naersk": [ @@ -327,16 +367,16 @@ "xwayland-satellite-stable": { "flake": false, "locked": { - "lastModified": 1748488455, - "narHash": "sha256-IiLr1alzKFIy5tGGpDlabQbe6LV1c9ABvkH6T5WmyRI=", + "lastModified": 1755491097, + "narHash": "sha256-m+9tUfsmBeF2Gn4HWa6vSITZ4Gz1eA1F5Kh62B0N4oE=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "3ba30b149f9eb2bbf42cf4758d2158ca8cceef73", + "rev": "388d291e82ffbc73be18169d39470f340707edaa", "type": "github" }, "original": { "owner": "Supreeeme", - "ref": "v0.6", + "ref": "v0.7", "repo": "xwayland-satellite", "type": "github" } @@ -344,11 +384,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1755219541, - "narHash": "sha256-yKV6xHaPbEbh5RPxAJnb9yTs1wypr7do86hFFGQm1w8=", + "lastModified": 1756679414, + "narHash": "sha256-yQGJ/n6mRwoIQnaL5oV2TGOHg4SEHpINTaoHrvkjr1Q=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "5a184d435927c3423f0ad189ea2b490578450fb7", + "rev": "c0497c990d46fcc012d9deff885bbe533e91e044", "type": "github" }, "original": { From 857471d3db7ff605ab8b33ded4b6c7c95f870bb9 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 6 Sep 2025 19:16:13 +0200 Subject: [PATCH 234/241] remove pins, comment out nix for lp2 --- flake.lock | 66 ++++++++++++++++++++++++++------- flake.nix | 67 +++++++++++++++------------------- home/vinzenz/default.nix | 2 +- home/vinzenz/niri.nix | 2 - hosts/vinzenz-lpt2/imports.nix | 2 +- 5 files changed, 83 insertions(+), 56 deletions(-) diff --git a/flake.lock b/flake.lock index ac9a2f2..dd59ff3 100644 --- a/flake.lock +++ b/flake.lock @@ -40,6 +40,24 @@ "type": "github" } }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "flakey-profile": { "locked": { "lastModified": 1712898590, @@ -92,9 +110,7 @@ }, "lix-module": { "inputs": { - "flake-utils": [ - "flake-utils" - ], + "flake-utils": "flake-utils", "flakey-profile": "flakey-profile", "lix": "lix", "nixpkgs": [ @@ -209,11 +225,24 @@ "type": "github" } }, + "nix-filter_2": { + "locked": { + "lastModified": 1731533336, + "narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=", + "owner": "numtide", + "repo": "nix-filter", + "rev": "f7653272fd234696ae94229839a99b73c9ab7de0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "nix-filter", + "type": "github" + } + }, "nix-vscode-extensions": { "inputs": { - "flake-utils": [ - "flake-utils" - ], + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs" ] @@ -266,12 +295,10 @@ }, "root": { "inputs": { - "flake-utils": "flake-utils", "home-manager": "home-manager", "lix-module": "lix-module", "naersk": "naersk", "niri": "niri", - "nix-filter": "nix-filter", "nix-vscode-extensions": "nix-vscode-extensions", "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", @@ -302,9 +329,7 @@ "naersk": [ "naersk" ], - "nix-filter": [ - "nix-filter" - ], + "nix-filter": "nix-filter", "nixpkgs": [ "nixpkgs" ] @@ -328,9 +353,7 @@ "naersk": [ "naersk" ], - "nix-filter": [ - "nix-filter" - ], + "nix-filter": "nix-filter_2", "nixpkgs": [ "nixpkgs" ] @@ -364,6 +387,21 @@ "type": "github" } }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "xwayland-satellite-stable": { "flake": false, "locked": { diff --git a/flake.nix b/flake.nix index 1791bbb..e719f8d 100644 --- a/flake.nix +++ b/flake.nix @@ -13,7 +13,6 @@ url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.0.tar.gz"; inputs = { nixpkgs.follows = "nixpkgs"; - flake-utils.follows = "flake-utils"; }; }; @@ -38,7 +37,6 @@ inputs = { nixpkgs.follows = "nixpkgs"; naersk.follows = "naersk"; - nix-filter.follows = "nix-filter"; }; }; @@ -47,7 +45,6 @@ inputs = { nixpkgs.follows = "nixpkgs"; naersk.follows = "naersk"; - nix-filter.follows = "nix-filter"; }; }; @@ -55,13 +52,8 @@ url = "github:nix-community/nix-vscode-extensions"; inputs = { nixpkgs.follows = "nixpkgs"; - flake-utils.follows = "flake-utils"; }; }; - - # this is used to pin transitive dependencies to the same version - flake-utils.url = "github:numtide/flake-utils"; - nix-filter.url = "github:numtide/nix-filter"; }; outputs = @@ -104,42 +96,41 @@ in nixpkgs.lib.nixosSystem { inherit system specialArgs; - modules = - [ - lix-module.nixosModules.default + modules = [ + lix-module.nixosModules.default - { networking.hostName = device; } + { networking.hostName = device; } - ./modules/globalinstalls.nix - ./modules/networking.nix - ./modules/nixpkgs.nix + ./modules/globalinstalls.nix + ./modules/networking.nix + ./modules/nixpkgs.nix - ./hosts/${device}/hardware.nix - ./hosts/${device}/imports.nix - ./hosts/${device}/configuration.nix + ./hosts/${device}/hardware.nix + ./hosts/${device}/imports.nix + ./hosts/${device}/configuration.nix - { - nixpkgs.overlays = [ - overlays.unstable-packages - ]; - } - ] - ++ (nixpkgs.lib.optionals (builtins.elem device homeDevices) [ - home-manager.nixosModules.home-manager - { home-manager.extraSpecialArgs = specialArgs; } - ./modules/home-manager.nix + { + nixpkgs.overlays = [ + overlays.unstable-packages + ]; + } + ] + ++ (nixpkgs.lib.optionals (builtins.elem device homeDevices) [ + home-manager.nixosModules.home-manager + { home-manager.extraSpecialArgs = specialArgs; } + ./modules/home-manager.nix - ./modules/i18n.nix + ./modules/i18n.nix - niri.nixosModules.niri - { - nixpkgs.overlays = [ - niri.overlays.niri - overlays.servicepoint-packages - nix-vscode-extensions.overlays.default - ]; - } - ]); + niri.nixosModules.niri + { + nixpkgs.overlays = [ + niri.overlays.niri + overlays.servicepoint-packages + nix-vscode-extensions.overlays.default + ]; + } + ]); } ); diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index db55596..6e0ff64 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -30,7 +30,7 @@ ./fuzzel.nix ./git.nix ./gnome.nix - ./niri.nix + #./niri.nix ./ssh.nix ./swaylock.nix ./vscode.nix diff --git a/home/vinzenz/niri.nix b/home/vinzenz/niri.nix index 7c90a93..3cb557a 100644 --- a/home/vinzenz/niri.nix +++ b/home/vinzenz/niri.nix @@ -1,7 +1,5 @@ { pkgs, - lib, - devices, config, ... }: diff --git a/hosts/vinzenz-lpt2/imports.nix b/hosts/vinzenz-lpt2/imports.nix index 7e9f61a..f9a0ae1 100644 --- a/hosts/vinzenz-lpt2/imports.nix +++ b/hosts/vinzenz-lpt2/imports.nix @@ -4,7 +4,7 @@ ../../modules/gaming.nix ../../modules/printing.nix ../../modules/podman.nix - ../../modules/niri.nix + #../../modules/niri.nix ../../modules/desktop-environment.nix ../../modules/desktop-hardware.nix From 88f192d38dd9970ac4cd1b575f0a9e9fa17f927a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 6 Sep 2025 20:28:38 +0200 Subject: [PATCH 235/241] anubis test --- hosts/vinzenz-lpt2/nginx.nix | 80 ++++++++++++++++++++++++++---------- 1 file changed, 58 insertions(+), 22 deletions(-) diff --git a/hosts/vinzenz-lpt2/nginx.nix b/hosts/vinzenz-lpt2/nginx.nix index c0715f0..302a271 100644 --- a/hosts/vinzenz-lpt2/nginx.nix +++ b/hosts/vinzenz-lpt2/nginx.nix @@ -1,30 +1,66 @@ -_: { - services.nginx = { - enable = true; +{ inputs, pkgs, ... }: +let + blog-domain-socket = "/run/nginx/blog.sock"; + anubis-domain-socket = "/run/anubis/anubis-blog.sock"; +in +{ + users.groups = { + anubis.members = [ "nginx" ]; + nginx.members = [ "anubis" ]; + }; + services = { + nginx = { + enable = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; - virtualHosts = { - "vinzenz-lpt2" = { - locations."/" = { - proxyPass = "http://127.0.0.1:3000/"; - proxyWebsockets = true; + virtualHosts = { + #"vinzenz-lpt2" = { + # locations."/" = { + # proxyPass = "http://127.0.0.1:3000/"; + # proxyWebsockets = true; + # }; + # + # serverAliases = [ "172.23.42.96" ]; + #}; + + "vinzenz-lpt2" = { + locations."/" = { + proxyPass = ("http://unix:" + anubis-domain-socket); + }; }; - serverAliases = [ "172.23.42.96" ]; + "vinzenz-lpt2-in-anubis" = { + root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; + listen = [ + { + addr = ("unix:" + blog-domain-socket); + } + ]; + }; + }; + }; + + #networking.firewall = { + # allowedTCPPorts = [ + # 80 + # 8001 + # 3000 + # ]; + # allowedUDPPorts = [ 2342 ]; + #}; + + anubis = { + instances.main = { + enable = true; + settings = { + BIND = anubis-domain-socket; + TARGET = "unix://" + blog-domain-socket; + }; }; }; }; - - networking.firewall = { - allowedTCPPorts = [ - 80 - 8001 - 3000 - ]; - allowedUDPPorts = [ 2342 ]; - }; } From 2909c9001af29dfea02c91b116a724030fd3a67a Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 6 Sep 2025 20:34:58 +0200 Subject: [PATCH 236/241] anubis for blog --- hosts/hetzner-vpn2/nginx.nix | 49 ++++++++++++++++++++++++++++++------ 1 file changed, 41 insertions(+), 8 deletions(-) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index ff00daa..b29451a 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -1,4 +1,8 @@ -{ pkgs, inputs, ... }: +{ inputs, pkgs, ... }: +let + blog-domain-socket = "/run/nginx/blog.sock"; + anubis-domain-socket = "/run/anubis/anubis-blog.sock"; +in { security.acme = { acceptTerms = true; @@ -6,8 +10,16 @@ }; security.pam.services.nginx.setEnvironment = false; - systemd.services.nginx.serviceConfig = { - SupplementaryGroups = [ "shadow" ]; + systemd.services = { + nginx.serviceConfig = { + SupplementaryGroups = [ + "shadow" + "anubis" + ]; + }; + anubis-main.serviceConfig = { + SupplementaryGroups = [ "nginx" ]; + }; }; services.nginx = { @@ -58,13 +70,34 @@ "zerforschen.plus" = { addSSL = true; enableACME = true; + locations."/" = { + proxyPass = ("http://unix:" + anubis-domain-socket); + }; + }; + + "vinzenz-lpt2-in-anubis" = { root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; + listen = [ + { + addr = ("unix:" + blog-domain-socket); + } + ]; }; }; - }; - networking.firewall.allowedTCPPorts = [ - 80 - 443 - ]; + anubis = { + instances.main = { + enable = true; + settings = { + BIND = anubis-domain-socket; + TARGET = "unix://" + blog-domain-socket; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + }; } From d3555228be6209952ca855b935b74ec4785df54e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 6 Sep 2025 20:41:45 +0200 Subject: [PATCH 237/241] add port for some reason --- hosts/hetzner-vpn2/nginx.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index b29451a..7d161c3 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -98,6 +98,7 @@ in networking.firewall.allowedTCPPorts = [ 80 443 + 5201 ]; }; } From d04005b782e11d628f14bfffd0b0c2b5faeec591 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 6 Sep 2025 20:43:21 +0200 Subject: [PATCH 238/241] fix brackets --- hosts/hetzner-vpn2/nginx.nix | 128 ++++++++++++++++++----------------- 1 file changed, 65 insertions(+), 63 deletions(-) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index 7d161c3..e9955a3 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -22,68 +22,70 @@ in }; }; - services.nginx = { - enable = true; - additionalModules = [ pkgs.nginxModules.pam ]; + services = { + nginx = { + enable = true; + additionalModules = [ pkgs.nginxModules.pam ]; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; - virtualHosts = - #let - # servicesDomain = "services.zerforschen.plus"; - # mkServiceConfig = - # { host, port }: - # { - # addSSL = true; - # enableACME = true; - # locations."/" = { - # proxyPass = "http://${host}:${toString port}/"; - # extraConfig = '' - # # bind to tailscale ip - # proxy_bind 100.88.118.60; - # # pam auth - # limit_except OPTIONS { - # auth_pam "Password Required"; - # auth_pam_service_name "nginx"; - # } - # ''; - # }; - # }; - # pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - #in - { - #"code.${servicesDomain}" = lib.mkMerge [ - # (mkServiceConfig { - # host = pc2; - # port = 8542; - # }) - # { locations."/".proxyWebsockets = true; } - #]; - #"view.${servicesDomain}" = mkServiceConfig { - # host = pc2; - # port = 1313; - #}; + virtualHosts = + #let + # servicesDomain = "services.zerforschen.plus"; + # mkServiceConfig = + # { host, port }: + # { + # addSSL = true; + # enableACME = true; + # locations."/" = { + # proxyPass = "http://${host}:${toString port}/"; + # extraConfig = '' + # # bind to tailscale ip + # proxy_bind 100.88.118.60; + # # pam auth + # limit_except OPTIONS { + # auth_pam "Password Required"; + # auth_pam_service_name "nginx"; + # } + # ''; + # }; + # }; + # pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + #in + { + #"code.${servicesDomain}" = lib.mkMerge [ + # (mkServiceConfig { + # host = pc2; + # port = 8542; + # }) + # { locations."/".proxyWebsockets = true; } + #]; + #"view.${servicesDomain}" = mkServiceConfig { + # host = pc2; + # port = 1313; + #}; - "zerforschen.plus" = { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = ("http://unix:" + anubis-domain-socket); + "zerforschen.plus" = { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = ("http://unix:" + anubis-domain-socket); + }; + }; + + "vinzenz-lpt2-in-anubis" = { + root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; + listen = [ + { + addr = ("unix:" + blog-domain-socket); + } + ]; }; }; - - "vinzenz-lpt2-in-anubis" = { - root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; - listen = [ - { - addr = ("unix:" + blog-domain-socket); - } - ]; - }; - }; + }; anubis = { instances.main = { @@ -94,11 +96,11 @@ in }; }; }; - - networking.firewall.allowedTCPPorts = [ - 80 - 443 - 5201 - ]; }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + 5201 + ]; } From c7ac4077526172ca06ed0c2821acbe5a95f37f89 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 7 Sep 2025 18:37:17 +0200 Subject: [PATCH 239/241] remove insync --- home/vinzenz/configuration.nix | 1 - home/vinzenz/default.nix | 3 --- 2 files changed, 4 deletions(-) diff --git a/home/vinzenz/configuration.nix b/home/vinzenz/configuration.nix index 37da536..74be21f 100644 --- a/home/vinzenz/configuration.nix +++ b/home/vinzenz/configuration.nix @@ -31,7 +31,6 @@ home.packages = with pkgs; [ keepassxc - insync telegram-desktop element-desktop diff --git a/home/vinzenz/default.nix b/home/vinzenz/default.nix index 6e0ff64..e555eba 100644 --- a/home/vinzenz/default.nix +++ b/home/vinzenz/default.nix @@ -39,9 +39,6 @@ ]; allowedUnfreePackages = [ - "insync" - "insync-pkg" - "rider" "pycharm-professional" "jetbrains-toolbox" From 3da7dd3bca0d5f853f62d0caf05dc57f9b9ee487 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 7 Sep 2025 18:37:28 +0200 Subject: [PATCH 240/241] fix virtualhost name --- hosts/hetzner-vpn2/nginx.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index e9955a3..8fa27c6 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -76,7 +76,7 @@ in }; }; - "vinzenz-lpt2-in-anubis" = { + "blog-in-anubis" = { root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; listen = [ { From ea0fb2b24dfc816bbc7c88a5986adaee80ca7608 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 7 Sep 2025 18:39:17 +0200 Subject: [PATCH 241/241] nix flake update --- flake.lock | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index dd59ff3..3c236ae 100644 --- a/flake.lock +++ b/flake.lock @@ -164,11 +164,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1756801989, - "narHash": "sha256-eOIQ1CUMHwU4zsBGaCj9jCgNTxzyq2aeHuwgx0xLFwo=", + "lastModified": 1757246205, + "narHash": "sha256-x+cTvOZL5Fwa/YVmfMEnXg1+bjj4e8wYGoe1pt6c/oM=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "d6a98b86d86b512c6167601ea646ab785137bada", + "rev": "4f38421373b783cfbe395973fda7a1b39af60200", "type": "github" }, "original": { @@ -197,11 +197,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1756728273, - "narHash": "sha256-7tYNlNO/qVRA6shdWxNuBMYOE+pGgxqE0f54S4Wr9PE=", + "lastModified": 1757242823, + "narHash": "sha256-EqZPBr+fPs7uoFCDLxRa8kRcrUgn0kZTVTky/7I81aI=", "owner": "YaLTeR", "repo": "niri", - "rev": "77465e11fe36fdd9bc0a304b96bb2558116568af", + "rev": "22f629c24b9f81a2fcaaf3a79d75128484c6ed78", "type": "github" }, "original": { @@ -248,11 +248,11 @@ ] }, "locked": { - "lastModified": 1756778240, - "narHash": "sha256-fEN9e5eTYTYiLWDgIm0LpfBZ/IKEmP+BvmDtg2HeHUY=", + "lastModified": 1757210357, + "narHash": "sha256-bg36ANsd4jVmTMYhYpRoYoNh+9Z6d6VMJm8iKI2xBYQ=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "88023dda65dbb10c52aa03b39a0426024ad8e543", + "rev": "34a2ba2ce0129dc06db7e1b9a5a4d3441f24b4a7", "type": "github" }, "original": { @@ -263,11 +263,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1756754095, - "narHash": "sha256-9Rsn9XEWINExosFkKEqdp8EI6Mujr1gmQiyrEcts2ls=", + "lastModified": 1757020766, + "narHash": "sha256-PLoSjHRa2bUbi1x9HoXgTx2AiuzNXs54c8omhadyvp0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7c815e513adbf03c9098b2bd230c1e0525c8a7f9", + "rev": "fe83bbdde2ccdc2cb9573aa846abe8363f79a97a", "type": "github" }, "original": { @@ -279,11 +279,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1756696532, - "narHash": "sha256-6FWagzm0b7I/IGigOv9pr6LL7NQ86mextfE8g8Q6HBg=", + "lastModified": 1757034884, + "narHash": "sha256-PgLSZDBEWUHpfTRfFyklmiiLBE1i1aGCtz4eRA3POao=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "58dcbf1ec551914c3756c267b8b9c8c86baa1b2f", + "rev": "ca77296380960cd497a765102eeb1356eb80fed0", "type": "github" }, "original": { @@ -422,11 +422,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1756679414, - "narHash": "sha256-yQGJ/n6mRwoIQnaL5oV2TGOHg4SEHpINTaoHrvkjr1Q=", + "lastModified": 1757179758, + "narHash": "sha256-TIvyWzRt1miQj6Cf5Wy8Qz43XIZX7c4vTVwRLAT5S4Y=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "c0497c990d46fcc012d9deff885bbe533e91e044", + "rev": "970728d0d9d1eada342bb8860af214b601139e58", "type": "github" }, "original": {