diff --git a/.gitmodules b/.gitmodules index 0f15da1..e69de29 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +0,0 @@ -[submodule "home/emacs.d"] - path = home/emacs.d - url = https://github.com/hlissner/doom-emacs diff --git a/flake.lock b/flake.lock index cd9faaf..bddcdd6 100644 --- a/flake.lock +++ b/flake.lock @@ -3,16 +3,17 @@ "agenix": { "inputs": { "darwin": "darwin", + "home-manager": "home-manager", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1677969766, - "narHash": "sha256-AIp/ZYZMNLDZR/H7iiAlaGpu4lcXsVt9JQpBlf43HRY=", + "lastModified": 1701216516, + "narHash": "sha256-jKSeJn+7hZ1dZdiH1L+NWUGT2i/BGomKAJ54B9kT06Q=", "owner": "ryantm", "repo": "agenix", - "rev": "03b51fe8e459a946c4b88dcfb6446e45efb2c24e", + "rev": "13ac9ac6d68b9a0896e3d43a082947233189e247", "type": "github" }, "original": { @@ -59,19 +60,40 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1706302763, + "narHash": "sha256-Le1wk75qlzOSfzDk8vqYxSdoEyr/ORIbMhziltVNGYw=", + "owner": "nix-community", + "repo": "disko", + "rev": "f7424625dc1f2e4eceac3009cbd1203d566feebc", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "emacs": { "inputs": { "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs-unstable" - ] + ], + "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1680257010, - "narHash": "sha256-pNMB9sdoZOXEsszLD5TS0WG5Ysj2rVRmf92uxsxH/9A=", + "lastModified": 1702399955, + "narHash": "sha256-FnB5O1RVFzj3h7Ayf7UxFnOL1gsJuG6gn1LCTd9dKFs=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "cfec7f9501cc0e001f49d725a7cd733af7deb2ed", + "rev": "47798c4ab07d5f055bb2625010cf6d8e3f384923", "type": "github" }, "original": { @@ -80,13 +102,32 @@ "type": "github" } }, - "flake-utils": { + "flake-compat": { + "flake": false, "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "type": "github" }, "original": { @@ -98,16 +139,36 @@ "home-manager": { "inputs": { "nixpkgs": [ - "nixpkgs-unstable" - ], - "utils": "utils" + "agenix", + "nixpkgs" + ] }, "locked": { - "lastModified": 1678831854, - "narHash": "sha256-7HBmLFNVD2KjovSzypIN9NfyzpWelMe8sNbUVZIRsS0=", + "lastModified": 1682203081, + "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=", "owner": "nix-community", "repo": "home-manager", - "rev": "cae54dc45c0d61c99c1dc8b04bc42f36c76f9771", + "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager-unstable": { + "inputs": { + "nixpkgs": [ + "nixpkgs-unstable" + ] + }, + "locked": { + "lastModified": 1702538064, + "narHash": "sha256-At5GwJPu2tzvS9dllhBoZmqK6lkkh/sOp2YefWRlaL8=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "0e2e443ff24f9d75925e91b89d1da44b863734af", "type": "github" }, "original": { @@ -117,12 +178,33 @@ } }, "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1702195709, + "narHash": "sha256-+zRjWkm5rKqQ57PuLZ3JF3xi3vPMiOJzItb1m/43Cq4=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "6761b8188b860f374b457eddfdb05c82eef9752f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-23.11", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_3": { "inputs": { "nixpkgs": [ "nix-on-droid", "nixpkgs" ], - "utils": "utils_2" + "utils": "utils" }, "locked": { "lastModified": 1663932797, @@ -163,68 +245,130 @@ }, "nix-on-droid": { "inputs": { - "home-manager": "home-manager_2", + "home-manager": "home-manager_3", "nix-formatter-pack": "nix-formatter-pack", "nixpkgs": [ - "nixpkgs" + "nixpkgs-droid" ], "nixpkgs-for-bootstrap": "nixpkgs-for-bootstrap", "nmd": "nmd_2" }, "locked": { - "lastModified": 1670198918, - "narHash": "sha256-oNlUhAM0/a3pDdCMmBWA+CLrDAIYJqAAMyrDp8fNSM4=", + "lastModified": 1688144254, + "narHash": "sha256-8KL1l/7eP2Zm1aJjdVaSOk0W5kTnJo9kcgW03gqWuiI=", "owner": "t184256", "repo": "nix-on-droid", - "rev": "b00cb5e7e2a47d85a019119069b153cda4002d0a", + "rev": "2301e01d48c90b60751005317de7a84a51a87eb6", "type": "github" }, "original": { "owner": "t184256", - "ref": "release-22.11", + "ref": "release-23.05", "repo": "nix-on-droid", "type": "github" } }, "nixpkgs": { "locked": { - "lastModified": 1678703398, - "narHash": "sha256-Y1mW3dBsoWLHpYm+UIHb5VZ7rx024NNHaF16oZBx++o=", + "lastModified": 1702346276, + "narHash": "sha256-eAQgwIWApFQ40ipeOjVSoK4TEHVd6nbSd9fApiHIw5A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "67f26c1cfc5d5783628231e776a81c1ade623e0b", + "rev": "cf28ee258fd5f9a52de6b9865cdb93a1f96d09b7", "type": "github" }, "original": { "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-22_11": { + "locked": { + "lastModified": 1669558522, + "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82", + "type": "github" + }, + "original": { + "id": "nixpkgs", "ref": "nixos-22.11", + "type": "indirect" + } + }, + "nixpkgs-23_05": { + "locked": { + "lastModified": 1704290814, + "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, + "nixpkgs-droid": { + "locked": { + "lastModified": 1702350026, + "narHash": "sha256-A+GNZFZdfl4JdDphYKBJ5Ef1HOiFsP18vQe9mqjmUis=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9463103069725474698139ab10f17a9d125da859", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-for-bootstrap": { "locked": { - "lastModified": 1669834992, - "narHash": "sha256-YnhZGHgb4C3Q7DSGisO/stc50jFb9F/MzHeKS4giotg=", + "lastModified": 1686921029, + "narHash": "sha256-J1bX9plPCFhTSh6E3TWn9XSxggBh/zDD4xigyaIQBy8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "596a8e828c5dfa504f91918d0fa4152db3ab5502", + "rev": "c7ff1b9b95620ce8728c0d7bd501c458e6da9e04", "type": "github" }, "original": { "owner": "NixOS", "repo": "nixpkgs", - "rev": "596a8e828c5dfa504f91918d0fa4152db3ab5502", + "rev": "c7ff1b9b95620ce8728c0d7bd501c458e6da9e04", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1702221085, + "narHash": "sha256-Br3GCSkkvkmw46cT6wCz6ro2H1WgDMWbKE0qctbdtL0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c2786e7084cbad90b4f9472d5b5e35ecb57958af", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.05", + "repo": "nixpkgs", "type": "github" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1678654296, - "narHash": "sha256-aVfw3ThpY7vkUeF1rFy10NAkpKDS2imj3IakrzT0Occ=", + "lastModified": 1705316053, + "narHash": "sha256-J2Ey5mPFT8gdfL2XC0JTZvKaBw/b2pnyudEXFvl+dQM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5a1dc8acd977ff3dccd1328b7c4a6995429a656b", + "rev": "c3e128f3c0ecc1fb04aef9f72b3dcc2f6cecf370", "type": "github" }, "original": { @@ -236,11 +380,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1669542132, - "narHash": "sha256-DRlg++NJAwPh8io3ExBJdNW7Djs3plVI5jgYQ+iXAZQ=", + "lastModified": 1670751203, + "narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a115bb9bd56831941be3776c8a94005867f316a7", + "rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60", "type": "github" }, "original": { @@ -300,10 +444,13 @@ "root": { "inputs": { "agenix": "agenix", + "disko": "disko", "emacs": "emacs", - "home-manager": "home-manager", + "home-manager": "home-manager_2", + "home-manager-unstable": "home-manager-unstable", "nix-on-droid": "nix-on-droid", "nixpkgs": "nixpkgs", + "nixpkgs-droid": "nixpkgs-droid", "nixpkgs-unstable": "nixpkgs-unstable", "snm": "snm" } @@ -311,43 +458,43 @@ "snm": { "inputs": { "blobs": "blobs", + "flake-compat": "flake-compat", "nixpkgs": "nixpkgs_2", - "nixpkgs-22_11": [ - "nixpkgs" - ], - "utils": "utils_3" + "nixpkgs-22_11": "nixpkgs-22_11", + "nixpkgs-23_05": "nixpkgs-23_05", + "utils": "utils_2" }, "locked": { - "lastModified": 1671659164, - "narHash": "sha256-DbpT+v1POwFOInbrDL+vMbYV3mVbTkMxmJ5j50QnOcA=", + "lastModified": 1703666786, + "narHash": "sha256-SLPNpM/rI8XPyVJAxMYAe+n6NiYSpuXvdwPILHP4yZI=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "bc667fb6afc45f6cc2d118ab77658faf2227cffd", + "rev": "b5023b36a1f6628865cb42b4353bd2ddde0ea9f4", "type": "gitlab" }, "original": { "owner": "simple-nixos-mailserver", - "ref": "nixos-22.11", + "ref": "master", "repo": "nixos-mailserver", "type": "gitlab" } }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { - "locked": { - "lastModified": 1676283394, - "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_2": { "locked": { "lastModified": 1659877975, "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", @@ -362,7 +509,7 @@ "type": "github" } }, - "utils_3": { + "utils_2": { "locked": { "lastModified": 1605370193, "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", diff --git a/flake.nix b/flake.nix index c1bf290..25fae28 100644 --- a/flake.nix +++ b/flake.nix @@ -1,22 +1,28 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-23.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; home-manager = { + url = "github:nix-community/home-manager/release-23.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + home-manager-unstable = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; # simple mailserver snm = { - url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.11"; - inputs.nixpkgs-22_11.follows = "nixpkgs"; + url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master"; + # inputs.nixpkgs-23_05.follows = "nixpkgs"; }; nix-on-droid = { - url = "github:t184256/nix-on-droid/release-22.11"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:t184256/nix-on-droid/release-23.05"; + inputs.nixpkgs.follows = "nixpkgs-droid"; }; emacs = { @@ -24,50 +30,66 @@ inputs.nixpkgs.follows = "nixpkgs-unstable"; }; -# simplex-chat = { -# url = "github:simplex-chat/simplex-chat"; -# inputs.nixpkgs.follows = "nixpkgs"; -# }; + # simplex-chat = { + # url = "github:simplex-chat/simplex-chat"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; # age for nix to store encrypted passwords conveniently agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; + + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; }; - outputs = { home-manager, nixpkgs, agenix, snm, ... }@inputs: { + outputs = { home-manager, nixpkgs, nixpkgs-unstable, ... }@inputs: { nixosConfigurations."thrall" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - modules = [ - ({ + specialArgs = { inherit inputs; }; + modules = let + postfix-overlay = final: prev: { + postfix = nixpkgs-unstable.legacyPackages."x86_64-linux".postfix; + }; + in [ + ({ inputs, lib, ... }: { nixpkgs = { config.allowUnfree = true; - overlays = with inputs; [ emacs.overlay ]; + overlays = with inputs; [ emacs.overlay postfix-overlay ]; }; + nix.registry = lib.mapAttrs (_: value: { flake = value; }) inputs; }) - snm.nixosModule - ./modules/security.nix ./hosts/thrall - agenix.nixosModules.age home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; - home-manager.users.alex = import ./home/cli.nix; + home-manager.users.alex = import ./home/alex/cli.nix; } ]; }; - nixosConfigurations."dregil" = import ./hosts/dregil { inherit inputs; }; - homeConfigurations = import ./outputs/homeConfigurations inputs; - - nixOnDroidConfigurations.default = inputs.nix-on-droid.lib.nixOnDroidConfiguration { - modules = [ - ./hosts/redmi - { nix.registry.nixpkgs.flake = nixpkgs; } - { nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; } - ]; + nixosConfigurations."dregil" = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ ./hosts/dregil ]; }; + + nixosConfigurations."igor" = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ ./hosts/igor ]; + }; + + nixOnDroidConfigurations.default = with inputs; + nix-on-droid.lib.nixOnDroidConfiguration { + modules = [ + ./hosts/redmi + { nix.registry.nixpkgs.flake = nixpkgs-droid; } + { nix.nixPath = [ "nixpkgs=${nixpkgs-droid}" ]; } + ]; + }; }; } diff --git a/home/cli.nix b/home/alex/cli.nix similarity index 62% rename from home/cli.nix rename to home/alex/cli.nix index 9c0d303..774a738 100644 --- a/home/cli.nix +++ b/home/alex/cli.nix @@ -2,27 +2,39 @@ # minimal config, suitable for servers let - myUser = "alex"; - myName = "Alexander Kobjolke"; - myMail = "me@failco.de"; + user = { + name = config.home.username; + fullName = "Alexander Kobjolke"; + mail = "me@failco.de"; + }; + + myEza = if builtins.hasAttr "eza" pkgs then "eza" else "exa"; in { imports = [ - # shell config - #./modules/shell + ./programs/neovim/default.nix + ./programs/emacs/default.nix + ./programs/editorconfig ]; programs.home-manager.enable = true; home = { - username = myUser; - homeDirectory = "/home/${myUser}"; stateVersion = "21.05"; - sessionPath = [ "$HOME/.local/bin" "$HOME/.emacs.d/bin" ]; + sessionPath = [ "$HOME/.local/bin" ]; }; + # do not show home-manager notifications + news.display = "silent"; + home.packages = with pkgs; [ # archives #p7zip #unrar + git-absorb + git-annex + git-annex-remote-rclone + + tea # command-line frontend for gitea + # nix tools nix-index nixfmt @@ -37,23 +49,40 @@ in { pijul sqlite.dev sqlite - # pass + + # editing + nil # nix language server + shellcheck + editorconfig-core-c + shfmt + (aspellWithDicts (dicts: with dicts; [ en en-computers en-science de ])) + + # system tools + htop-vim # htop with vim bindings + erdtree # du+tree had sex + dua # ncdu but better + fzf + + gopass + gopass-jsonapi + gopass-hibp + + gcc + cmake + graphviz + plantuml + gnuplot + pandoc hledger hledger-web - hledger-iadd hledger-ui - #smos - #haskellPackages.patat # terminal based presentations using pandoc nix-prefetch-git ]; home.extraOutputsToInstall = [ "doc" "info" "devdoc" ]; xdg.enable = true; - # xdg.configFile = { - # "emacs".source = ./emacs.d; - # }; xdg.configFile.tmux = { target = "tmux/tmux.conf"; @@ -64,6 +93,8 @@ in { set -g escape-time 0 bind-key C-z send-prefix set -g renumber-windows on + + bind-key T swap-window -t 0 ''; }; @@ -71,27 +102,39 @@ in { target = "pijul/config.toml"; text = '' [author] - name = "${myUser}" - full_name = "${myName}" - email = "${myMail}" + name = "${user.name}" + full_name = "${user.fullName}" + email = "${user.mail}" ''; }; programs = { + bash = { enable = true; }; + + # better cat + bat.enable = true; + + # htop replacement with a nice UI + btop.enable = true; + zsh = { enable = true; enableAutosuggestions = true; - # enableSyntaxHighlighting = true; - shellAliases = { e = "emacsclient -c $@"; }; oh-my-zsh = { enable = true; - plugins = [ "git" ]; + plugins = [ "git" "fzf" "fd" "z" ]; theme = "simple"; }; }; - # better cat - bat.enable = true; + # better ls with icons and stuff, maybe also try lsd + ${myEza} = { + enable = true; + icons = true; + enableAliases = true; + }; + + starship = { enable = true; }; direnv = { enable = true; @@ -100,13 +143,6 @@ in { enableBashIntegration = true; }; - emacs = { - enable = true; - package = pkgs.emacsGit; - extraPackages = epkgs: with epkgs; [ vterm ]; - #package = pkgs.emacsUnstable; - }; - gh = { enable = true; settings.git_protocol = "ssh"; @@ -115,8 +151,8 @@ in { git = { enable = true; ignores = [ "*~" "*.swp" "result" "dist-newstyle" ]; - userEmail = myMail; - userName = myName; + userEmail = user.mail; + userName = user.fullName; aliases = { st = "status"; }; extraConfig = { init.defaultBranch = "main"; }; }; @@ -133,14 +169,12 @@ in { password-store = { enable = true; - package = pkgs.pass.withExtensions (exts: [ exts.pass-otp ]); + package = pkgs.gopass; settings = { PASSWORD_STORE_DIR = "$HOME/.local/share/password-store"; }; }; ssh.enable = true; - neovim = import ./modules/nvim.nix pkgs; - texlive.enable = true; }; @@ -151,8 +185,6 @@ in { defaultCacheTtlSsh = 300; }; - services.emacs = { enable = true; }; - home.file.".local" = { recursive = true; source = ./local; diff --git a/home/alex/default.nix b/home/alex/default.nix new file mode 100644 index 0000000..d3db935 --- /dev/null +++ b/home/alex/default.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, inputs, ... }: +let electron-overlay = final: prev: { electron = final.electron_25; }; +in { + imports = [ ]; + + users.users."alex" = { + isNormalUser = true; + extraGroups = [ "input" "networkmanager" "wheel" ]; + description = "Alexander Kobjolke"; + home = "/home/alex"; + shell = pkgs.zsh; + }; + + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.alex = import ./home.nix; +} diff --git a/home/alex/home.nix b/home/alex/home.nix new file mode 100644 index 0000000..80ccc81 --- /dev/null +++ b/home/alex/home.nix @@ -0,0 +1,93 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ./cli.nix + # ./programs/xmonad/default.nix + ]; + + home = { + homeDirectory = "/home/alex"; + stateVersion = "21.05"; + + language.base = "en_US.UTF-8"; + + keyboard.layout = "us"; + keyboard.variant = "dvorak"; + keyboard.options = + [ "terminate:ctrl_alt_bksp" "caps:escape" "compose:ralt" ]; + + packages = with pkgs; [ + # social + (jitsi-meet-electron.overrideAttrs (prev: rec { + version = "2023.10.0"; + src = fetchurl { + url = + "https://github.com/jitsi/jitsi-meet-electron/releases/download/v${version}/jitsi-meet-x86_64.AppImage"; + sha256 = "sha256-zhOx/gdsiQMuOCCE5sn+JNu0WJrH36XfvqqNvE24St8="; + name = "jitsi-meet-electron-${version}.AppImage"; + }; + })) # jitsi as a stand-alone app + discord # talk to other people + + # system tools + uhk-agent # my keyboard + mosh # ssh via udp + + # gaming support + lutris + winePackages.stagingFull + + # reading + calibre + ]; + }; + + news.display = "silent"; + + programs = { + alacritty.enable = true; + # autorandr.enable = true; + + browserpass = { + enable = true; + browsers = [ "firefox" ]; + }; + + feh.enable = true; + firefox = { + enable = true; + package = pkgs.firefox.override { + cfg = { + nativeMessagingHosts.packages = + [ pkgs.browserpass pkgs.tridactyl-native ]; + enableGnomeExtensions = true; + }; + }; + }; + mpv.enable = true; + rofi.enable = true; + rofi.pass.enable = true; + zathura.enable = true; + + zsh = let + auth-socket-env = '' + export SSH_AUTH_SOCK="$(${pkgs.gnupg}/bin/gpgconf -L agent-ssh-socket)" + ''; + in { + enable = true; + loginExtra = auth-socket-env; + initExtra = auth-socket-env; + }; + }; + + services.gpg-agent = { + enable = true; + enableSshSupport = true; + sshKeys = [ "9027AB16B9A7C20BD29F30F55CBA054430BF014C" ]; + }; + + # services.autorandr = { enable = true; }; + + xsession.enable = true; +} diff --git a/home/local/bin/kill-old-mosh b/home/alex/local/bin/kill-old-mosh similarity index 100% rename from home/local/bin/kill-old-mosh rename to home/alex/local/bin/kill-old-mosh diff --git a/home/local/bin/merge-pdf b/home/alex/local/bin/merge-pdf similarity index 100% rename from home/local/bin/merge-pdf rename to home/alex/local/bin/merge-pdf diff --git a/home/alex/programs/editorconfig/default.nix b/home/alex/programs/editorconfig/default.nix new file mode 100644 index 0000000..5a45c0a --- /dev/null +++ b/home/alex/programs/editorconfig/default.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, ... }: + +{ + editorconfig = { + enable = true; + settings = { + "*" = { + charset = "utf-8"; + end_of_line = "lf"; + trim_trailing_whitespace = true; + insert_final_newline = true; + max_line_width = 78; + indent_style = "space"; + indent_size = 2; + }; + }; + }; +} diff --git a/home/alex/programs/emacs/default.nix b/home/alex/programs/emacs/default.nix new file mode 100644 index 0000000..cb38d8c --- /dev/null +++ b/home/alex/programs/emacs/default.nix @@ -0,0 +1,29 @@ +{ inputs, config, lib, pkgs, ... }: +let + emacsclient-wrapper = pkgs.writeShellScriptBin "e" '' + exec ${pkgs.emacs}/bin/emacsclient --reuse-frame --no-wait "$@" + ''; +in { + nixpkgs.overlays = [ inputs.emacs.overlay ]; + + home = { + sessionPath = [ "$HOME/.emacs.d/bin" ]; + packages = [ emacsclient-wrapper ]; + }; + + programs.emacs = { + enable = true; + extraPackages = epkgs: with epkgs; [ vterm ]; + }; + + services.emacs = { + enable = true; + defaultEditor = true; + startWithUserSession = true; + }; + + xdg.configFile.doom = { + target = "doom"; + source = ./doom; + }; +} diff --git a/home/alex/programs/emacs/doom/config.el b/home/alex/programs/emacs/doom/config.el new file mode 100644 index 0000000..7422ddc --- /dev/null +++ b/home/alex/programs/emacs/doom/config.el @@ -0,0 +1,282 @@ +;;; $DOOMDIR/config.el -*- lexical-binding: t; -*- + +;; Place your private configuration here! Remember, you do not need to run 'doom +;; sync' after modifying this file! + + +;; Some functionality uses this to identify you, e.g. GPG configuration, email +;; clients, file templates and snippets. +(setq user-full-name "Alexander Kobjolke" + user-mail-address "me@failco.de") + +;; Doom exposes five (optional) variables for controlling fonts in Doom. Here +;; are the three important ones: +;; +;; + `doom-font' +;; + `doom-variable-pitch-font' +;; + `doom-big-font' -- used for `doom-big-font-mode'; use this for +;; presentations or streaming. +;; +;; They all accept either a font-spec, font string ("Input Mono-12"), or xlfd +;; font string. You generally only need these two: +;; (setq doom-font (font-spec :family "monospace" :size 12 :weight 'semi-light) +;; doom-variable-pitch-font (font-spec :family "sans" :size 13)) + +;; There are two ways to load a theme. Both assume the theme is installed and +;; available. You can either set `doom-theme' or manually load a theme with the +;; `load-theme' function. This is the default: +(setq doom-theme 'doom-gruvbox) + +(require 're-builder) +(setq reb-re-syntax 'string) + +;; If you use `org' and don't want your org files in the default location below, +;; change `org-directory'. It must be set before org loads! +(setq org-directory "~/org/" + org-roam-directory (file-truename "~/org/notes")) + +;; do not create a new workspace for each emacsclient +(after! persp-mode +   (setq persp-emacsclient-init-frame-behaviour-override "main")) + +(defun my/org-id-update-org-roam-files () + "Update Org-ID locations for all Org-roam files." + (interactive) + (org-id-update-id-locations (org-roam-list-files))) + +(defun my/org-id-update-id-current-file () + "Scan the current buffer for Org-ID locations and update them." + (interactive) + (org-id-update-id-locations (list (buffer-file-name (current-buffer))))) + +(setq undo-limit 80000000 ; Raise undo-limit to 80Mb + evil-want-fine-undo t ; By default while in insert all changes are one big blob. Be more granular + auto-save-default t ; Nobody likes to loose work, I certainly don't + ) + +;; This determines the style of line numbers in effect. If set to `nil', line +;; numbers are disabled. For relative line numbers, set this to `relative'. +(setq display-line-numbers-type t) + +;; mouse +;; enable mouse reporting for terminal emulators +(unless window-system + (xterm-mouse-mode 1) + (global-set-key [mouse-4] (lambda () + (interactive) + (scroll-down 1))) + (global-set-key [mouse-5] (lambda () + (interactive) + (scroll-up 1)))) + +;; disable highlight lines + ;(remove-hook 'doom-first-buffer-hook #'global-hl-line-mode) + +(setq haskell-process-type 'cabal-new-repl) + +(setq evil-snipe-override-evil-repeat-keys nil) +(setq doom-localleader-key ",") +(setq doom-localleader-alt-key "M-,") + +(use-package! org + :config (setq org-log-into-drawer t + org-todo-keywords '( + (sequence "NEXT(n)" "TODO(t)" "WAIT(w@/!)" "|" "DONE(d!)" "CNCL(k@)") + (sequence "[ ](T)" "[-](S)" "[?](W)" "|" "[X](D)") + ))) + +(use-package! org-ql) + +(use-package! elfeed-web) + +(setq ak/bibliography (list (concat org-directory "references.bib"))) + ;(setq org-cite-global-bibliography (list (concat org-directory "references.bib"))) +(setq! bibtex-completion-bibliography ak/bibliography) +(setq! citar-bibliography ak/bibliography) + +;; Use an ISO date format for ledger entries +(setq ledger-default-date-format "%Y-%m-%d" + ledger-binary-path "hledger" + ledger-report-auto-width nil + ledger-mode-should-check-version nil + ledger-init-file-name " " + ledger-post-amount-alignment-column 58 + ledger-report-native-highlighting-arguments '("--color=always") + ledger-highlight-xact-under-point t) + +(setq ledger-reports + '(("bal" "%(binary) -f %(ledger-file) bal -B") + ("reg" "%(binary) -f %(ledger-file) reg -B") + ("payee" "%(binary) -f %(ledger-file) reg -B @%(payee)") + ("account" "%(binary) -f %(ledger-file) reg -B %(account)"))) + +;; (use-package! ormolu +;; :hook (haskell-mode . ormolu-format-on-save-mode) +;; :bind +;; (:map haskell-mode-map + +(after! lsp-haskell + (setq lsp-haskell-formatting-provider "fourmolu")) + +;; tweak some VI defaults +(after! evil + (setq evil-ex-substitute-global t ; I like my s/../.. to by global by default + evil-move-cursor-back nil ; Don't move the block cursor when toggling insert mode + evil-kill-on-visual-paste nil)) ; Don't put overwritten text in the kill ring + +(setq org-gtd-update-ack "3.0.0") + +;; Org GTD support +(use-package! org-gtd + :after org + :demand t + :config + (setq org-gtd-directory "~/org") + (setq org-gtd-default-file-name "actionable") + (setq org-edna-use-inheritance t) + ;(setq org-gtd-areas-of-focus '("house" "haskell" "foss")) + ;(setq org-gtd-organize-hooks '(org-gtd-set-area-of-focus org-set-tags-command)) + (org-edna-mode) + (map! :leader + :desc "Capture" "X" #'org-gtd-capture + (:prefix ("d" . "org-gtd") + :desc "Capture" "c" #'org-gtd-capture + :desc "Engage" "e" #'org-gtd-engage-grouped-by-context + :desc "Process inbox" "p" #'org-gtd-process-inbox + :desc "Show all next" "n" #'org-gtd-show-all-next + (:prefix ("r" . "Review") + :desc "Stuck projects" "p" #'org-gtd-review-stuck-projects + :desc "Stuck actions" "a" #'org-gtd-review-stuck-single-action-items + :desc "Stuck habits" "h" #'org-gtd-review-stuck-habit-items + ) + )) + (map! :map org-gtd-clarify-map + :desc "Organize this item" "C-c C-c" #'org-gtd-organize) + :bind + (("C-c d c" . #'org-gtd-capture) + ("C-c d e" . #'org-gtd-engage-grouped-by-context) + ("C-c d p" . #'org-gtd-process-inbox) + ("C-c d n" . #'org-gtd-show-all-next) + ("C-c d r p" . #'org-gtd-review-stuck-projects)) + ) + +(defun ak/org-roam-node-insert-immediate (arg &rest args) + (interactive "P") + (let ((args (cons arg args)) + (org-roam-capture-templates (list (append (car org-capture-templates) '(:immediate-finish t)))) + ) + (apply #'org-roam-node-insert args))) + +(use-package! org-habit + :after org + :config (setq org-habit-show-habits t + org-habit-preceding-days 35 + org-habit-following-days 7 + ) + + ) + +(use-package! org-edna + :after org-gtd + :init + (setq org-edna-use-inheritance t) + :config + (org-edna-mode 1) + ) + +(use-package! emacsql-sqlite3 + :custom + (org-roam-database-connector 'sqlite3)) + +(use-package! nov + :mode ("\\.epub\\'" . nov-mode) + :config + (setq nov-save-place-file (concat doom-cache-dir "nov-places"))) + +(use-package! org-present + :after org) + +(use-package! denote + :after org + :config + (setq denote-directory (concat org-directory "/notes") + + ) + (map! :leader + (:prefix ("n" . "notes") + :desc "Denote" "d" #'denote-open-or-create-with-command + )) + :bind + (("C-c n d" . #'denote-open-or-create-with-command)) + ) + +(use-package! org-super-agenda + :after org-agenda + :init + (setq org-agenda-skip-deadline-if-done t + org-agenda-skip-scheduled-if-done t + org-agenda-include-deadlines t + org-agenda-block-separator nil + org-agenda-compact-blocks t + org-agenda-start-day nil + org-agenda-span 1 + org-agenda-start-on-weekday nil + ) + (setq org-agenda-custom-commands + '(("a" "Getting Things done" + ((agenda "" ((org-agenda-overriding-header "") + (org-super-agenda-groups + '((:name "Today" + :time-grid t + :date today + :order 1))))) + (alltodo "" ((org-agenda-overriding-header "") + (org-super-agenda-groups + '(;(:log t) + (:name "Waiting for..." + :todo "WAIT" + :order 1) + (:discard (:not (:todo ("NEXT" "START")))) + (:name "Next actions" + :auto-parent (:todo ("NEXT" "STRT")) + :order 2 + ) + (:discard (:anything t) + :order 99) + )))) + )))) + :config + (org-super-agenda-mode) + ) + +(use-package! org-fc + :after org + :init + (setq org-fc-directories (concat org-directory "/cards")) + ) + +(use-package! vterm + :config + (setq vterm-min-window-width 50) + ) + +(map! :desc "Move workspace to the left" :leader :n "TAB <" #'+workspace/swap-left) +(map! :desc "Move workspace to the left" :leader :n "TAB >" #'+workspace/swap-right) +(map! :desc "Denote" :leader :n "n d" #'denote) + +;; Here are some additional functions/macros that could help you configure Doom: +;; +;; - `load!' for loading external *.el files relative to this one +;; - `use-package!' for configuring packages +;; - `after!' for running code after a package has loaded +;; - `add-load-path!' for adding directories to the `load-path', relative to +;; this file. Emacs searches the `load-path' when you load packages with +;; `require' or `use-package'. +;; - `map!' for binding new keys +;; +;; To get information about any of these functions/macros, move the cursor over +;; the highlighted symbol at press 'K' (non-evil users must press 'C-c c k'). +;; This will open documentation for it, including demos of how they are used. +;; +;; You can also try 'gd' (or 'C-c c d') to jump to their definition and see how +;; they are implemented. diff --git a/home/alex/programs/emacs/doom/custom.el b/home/alex/programs/emacs/doom/custom.el new file mode 100644 index 0000000..731fe62 --- /dev/null +++ b/home/alex/programs/emacs/doom/custom.el @@ -0,0 +1,51 @@ +(custom-set-variables + ;; custom-set-variables was added by Custom. + ;; If you edit it by hand, you could mess it up, so be careful. + ;; Your init file should contain only one such instance. + ;; If there is more than one, they won't work right. + '(ansi-color-names-vector + ["#282c34" "#ff6c6b" "#98be65" "#ECBE7B" "#51afef" "#c678dd" "#46D9FF" "#bbc2cf"]) + '(custom-safe-themes + '("c4063322b5011829f7fdd7509979b5823e8eea2abf1fe5572ec4b7af1dd78519" "835868dcd17131ba8b9619d14c67c127aa18b90a82438c8613586331129dda63" "7eea50883f10e5c6ad6f81e153c640b3a288cd8dc1d26e4696f7d40f754cc703" default)) + '(exwm-floating-border-color "#191b20") + '(fci-rule-color "#5B6268") + '(highlight-tail-colors + ((("#333a38" "#99bb66" "green") + . 0) + (("#2b3d48" "#46D9FF" "brightcyan") + . 20))) + '(jdee-db-active-breakpoint-face-colors (cons "#1B2229" "#51afef")) + '(jdee-db-requested-breakpoint-face-colors (cons "#1B2229" "#98be65")) + '(jdee-db-spec-breakpoint-face-colors (cons "#1B2229" "#3f444a")) + '(objed-cursor-color "#ff6c6b") + '(pdf-view-midnight-colors (cons "#bbc2cf" "#282c34")) + '(rustic-ansi-faces + ["#282c34" "#ff6c6b" "#98be65" "#ECBE7B" "#51afef" "#c678dd" "#46D9FF" "#bbc2cf"]) + '(vc-annotate-background "#282c34") + '(vc-annotate-color-map + (list + (cons 20 "#98be65") + (cons 40 "#b4be6c") + (cons 60 "#d0be73") + (cons 80 "#ECBE7B") + (cons 100 "#e6ab6a") + (cons 120 "#e09859") + (cons 140 "#da8548") + (cons 160 "#d38079") + (cons 180 "#cc7cab") + (cons 200 "#c678dd") + (cons 220 "#d974b7") + (cons 240 "#ec7091") + (cons 260 "#ff6c6b") + (cons 280 "#cf6162") + (cons 300 "#9f585a") + (cons 320 "#6f4e52") + (cons 340 "#5B6268") + (cons 360 "#5B6268"))) + '(vc-annotate-very-old-color nil)) +(custom-set-faces + ;; custom-set-faces was added by Custom. + ;; If you edit it by hand, you could mess it up, so be careful. + ;; Your init file should contain only one such instance. + ;; If there is more than one, they won't work right. + ) diff --git a/home/alex/programs/emacs/doom/init.el b/home/alex/programs/emacs/doom/init.el new file mode 100644 index 0000000..32bee2f --- /dev/null +++ b/home/alex/programs/emacs/doom/init.el @@ -0,0 +1,196 @@ +;;; init.el -*- lexical-binding: t; -*- + +;; This file controls what Doom modules are enabled and what order they load +;; in. Remember to run 'doom sync' after modifying it! + +;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's +;; documentation. There you'll find a "Module Index" link where you'll find +;; a comprehensive list of Doom's modules and what flags they support. + +;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or +;; 'C-c c k' for non-vim users) to view its documentation. This works on +;; flags as well (those symbols that start with a plus). +;; +;; Alternatively, press 'gd' (or 'C-c c d') on a module to browse its +;; directory (for easy access to its source code). + +(doom! :input + ;;chinese + ;;japanese + ;;layout ; auie,ctsrnm is the superior home row + + :completion + company ; the ultimate code completion backend + ;;helm ; the *other* search engine for love and life + ;;ido ; the other *other* search engine... + ;;ivy ; a search engine for love and life + (vertico +icons) ; the search engine of the future + + :ui + ;;deft ; notational velocity for Emacs + doom ; what makes DOOM look the way it does + doom-dashboard ; a nifty splash screen for Emacs + ;;doom-quit ; DOOM quit-message prompts when you quit Emacs + (emoji +unicode +github +ascii) ; 🙂 + hl-todo ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW + ;;hydra + ;;indent-guides ; highlighted indent columns + ;;(ligatures +extra) ; ligatures and symbols to make your code pretty again + ;;minimap ; show a map of the code on the side + modeline ; snazzy, Atom-inspired modeline, plus API + nav-flash ; blink cursor line after big motions + ;;neotree ; a project drawer, like NERDTree for vim + ophints ; highlight the region an operation acts on + (popup +defaults +all) ; tame sudden yet inevitable temporary windows + ;;tabs ; a tab bar for Emacs + ;;treemacs ; a project drawer, like neotree but cooler + unicode ; extended unicode support for various languages + vc-gutter ; vcs diff in the fringe + vi-tilde-fringe ; fringe tildes to mark beyond EOB + (window-select +numbers) ; visually switch windows + workspaces ; tab emulation, persistence & separate workspaces + zen ; distraction-free coding or writing + + :editor + (evil +everywhere); come to the dark side, we have cookies + file-templates ; auto-snippets for empty files + fold ; (nigh) universal code folding + (format +onsave) ; automated prettiness + ;;god ; run Emacs commands without modifier keys + ;;lispy ; vim for lisp, for people who don't like vim + multiple-cursors ; editing in many places at once + ;;objed ; text object editing for the innocent + ;;parinfer ; turn lisp into python, sort of + rotate-text ; cycle region at point between text candidates + snippets ; my elves. They type so I don't have to + word-wrap ; soft wrapping with language-aware indent + + :emacs + (dired +ranger +icons) ; making dired pretty [functional] + electric ; smarter, keyword-based electric-indent + (ibuffer +icons) ; interactive buffer management + undo ; persistent, smarter undo for your inevitable mistakes + vc ; version-control and Emacs, sitting in a tree + + :term + eshell ; the elisp shell that works everywhere + ;;shell ; simple shell REPL for Emacs + ;;term ; basic terminal emulator for Emacs + vterm ; the best terminal emulation in Emacs + + :checkers + syntax ; tasing you for every semicolon you forget + (spell +flyspell +everywhere +aspell) ; tasing you for misspelling mispelling + ;;grammar ; tasing grammar mistake every you make + + :tools + ansible + biblio ; Writes a PhD for you (citation needed) + (debugger +lsp) ; FIXME stepping through code, to help you add bugs + direnv + ;;docker + editorconfig ; let someone else argue about tabs vs spaces + ;;ein ; tame Jupyter notebooks with emacs + (eval +overlay) ; run code, run (also, repls) + ;;gist ; interacting with github gists + lookup ; navigate your code and its documentation + lsp ; M-x vscode + (magit +forge) ; a git porcelain for Emacs + make ; run make tasks from Emacs + pass ; password manager for nerds + pdf ; pdf enhancements + ;;prodigy ; FIXME managing external services & code builders + ;;rgb ; creating color strings + ;;taskrunner ; taskrunner for all your projects + ;;terraform ; infrastructure as code + tmux ; an API for interacting with tmux + tree-sitter + ;;upload ; map local to remote projects via ssh/ftp + + :os + (:if IS-MAC macos) ; improve compatibility with macOS + (tty +osc) ; improve the terminal Emacs experience + + :lang + ;;agda ; types of types of types of types... + ;;beancount ; mind the GAAP + (cc +lsp) ; C > C++ == 1 + ;;clojure ; java with a lisp + ;;common-lisp ; if you've seen one lisp, you've seen them all + ;;coq ; proofs-as-programs + ;;crystal ; ruby at the speed of c + ;;csharp ; unity, .NET, and mono shenanigans + data ; config/data formats + ;;(dart +flutter) ; paint ui and not much else + ;;dhall + ;;elixir ; erlang done right + (elm +lsp) ; care for a cup of TEA? + emacs-lisp ; drown in parentheses + ;;erlang ; an elegant language for a more civilized age + ;;ess ; emacs speaks statistics + ;;factor + ;;faust ; dsp, but you get to keep your soul + ;;fsharp ; ML stands for Microsoft's Language + ;;fstar ; (dependent) types and (monadic) effects and Z3 + ;;gdscript ; the language you waited for + (go +lsp) ; the hipster dialect + (graphql +lsp) ; Give queries a REST + (haskell +lsp) ; a language that's lazier than I am + ;;hy ; readability of scheme w/ speed of python + ;;idris ; a language you can depend on + json ; At least it ain't XML + (java +lsp +tree-sitter) ; the poster child for carpal tunnel syndrome + javascript ; all(hope(abandon(ye(who(enter(here)))))) + ;;julia ; a better, faster MATLAB + ;;kotlin ; a better, slicker Java(Script) + latex ; writing papers in Emacs has never been so fun + ;;lean ; for folks with too much to prove + ledger ; be audit you can be + lua ; one-based indices? one-based indices + markdown ; writing docs for people to ignore + ;;nim ; python + lisp at the speed of c + nix ; I hereby declare "nix geht mehr!" + ;;ocaml ; an objective camel + (org +roam2 +pandoc +present +gnuplot +noter) ; organize your plain life in plain text + ;;php ; perl's insecure younger brother + plantuml ; diagrams for confusing people more + ;;purescript ; javascript, but functional + python ; beautiful is better than ugly + qt ; the 'cutest' gui framework ever + ;;racket ; a DSL for DSLs + ;;raku ; the artist formerly known as perl6 + rest ; Emacs as a REST client + ;;rst ; ReST in peace + ;;(ruby +rails) ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"} + (rust +lsp) ; Fe2O3.unwrap().unwrap().unwrap().unwrap() + ;;scala ; java, but good + ;;(scheme +guile) ; a fully conniving family of lisps + sh ; she sells {ba,z,fi}sh shells on the C xor + ;;sml + ;;solidity ; do you need a blockchain? No. + ;;swift ; who asked for emoji variables? + ;;terra ; Earth and Moon in alignment for performance. + ;;web ; the tubes + yaml ; JSON, but readable + ;;zig ; C, but simpler + + :email + (mu4e +org +gmail) + ;;notmuch + ;;(wanderlust +gmail) + + :app + calendar + ;;emms + ;;everywhere ; *leave* Emacs!? You must be joking + irc ; how neckbeards socialize + (rss +org) ; emacs as an RSS reader + ;;twitter ; twitter client https://twitter.com/vnought + + :config + ;;literate + (default +bindings +smartparens)) + +(setq native-comp-deferred-compilation nil) +(after! (doom-packages straight) + (setq straight--native-comp-available t)) diff --git a/home/alex/programs/emacs/doom/packages.el b/home/alex/programs/emacs/doom/packages.el new file mode 100644 index 0000000..489c77d --- /dev/null +++ b/home/alex/programs/emacs/doom/packages.el @@ -0,0 +1,71 @@ +;; -*- no-byte-compile: t; -*- +;;; $DOOMDIR/packages.el + +;; To install a package with Doom you must declare them here and run 'doom sync' +;; on the command line, then restart Emacs for the changes to take effect -- or +;; use 'M-x doom/reload'. + + +;; To install SOME-PACKAGE from MELPA, ELPA or emacsmirror: +;;(package! some-package) + +;; To install a package directly from a remote git repo, you must specify a +;; `:recipe'. You'll find documentation on what `:recipe' accepts here: +;; https://github.com/raxod502/straight.el#the-recipe-format +;;(package! another-package +;; :recipe (:host github :repo "username/repo")) + +;; If the package you are trying to install does not contain a PACKAGENAME.el +;; file, or is located in a subdirectory of the repo, you'll need to specify +;; `:files' in the `:recipe': +;;(package! this-package +;; :recipe (:host github :repo "username/repo" +;; :files ("some-file.el" "src/lisp/*.el"))) + +;; If you'd like to disable a package included with Doom, you can do so here +;; with the `:disable' property: +;;(package! builtin-package :disable t) + +;; You can override the recipe of a built in package without having to specify +;; all the properties for `:recipe'. These will inherit the rest of its recipe +;; from Doom or MELPA/ELPA/Emacsmirror: +;;(package! builtin-package :recipe (:nonrecursive t)) +;;(package! builtin-package-2 :recipe (:repo "myfork/package")) + +;; Specify a `:branch' to install a package from a particular branch or tag. +;; This is required for some packages whose default branch isn't 'master' (which +;; our package manager can't deal with; see raxod502/straight.el#279) +;;(package! builtin-package :recipe (:branch "develop")) + +;; Use `:pin' to specify a particular commit to install. + ;(package! builtin-package :pin "1a2b3c4d5e") + + +;; Doom's packages are pinned to a specific commit and updated from release to +;; release. The `unpin!' macro allows you to unpin single packages... + ;(unpin! pinned-package) +;; ...or multiple packages + ;(unpin! pinned-package another-pinned-package) +;; ...Or *all* packages (NOT RECOMMENDED; will likely break things) +;;(unpin! t) + +;;(package! this-package +;; :recipe (:host github :repo "username/repo" +;; :files ("some-file.el" "src/lisp/*.el"))) + +(package! ormolu) +(package! org-gtd + :recipe (:host github :repo "Trevoke/org-gtd.el" :branch "master")) +(package! org-fc + :recipe (:host sourcehut :repo "l3kn/org-fc" :branch "main")) +(package! org-edna) +(package! org-review + :recipe (:host github :repo "jakalx/org-review" :branch "master")) +(package! sqlite3) +(package! emacsql-sqlite3) +(package! nov) +(package! org-present) +(package! denote) +(package! org-super-agenda) +(package! org-ql) +(package! elfeed-web) diff --git a/home/alex/programs/emacs/doom/snippets/org-mode/__ b/home/alex/programs/emacs/doom/snippets/org-mode/__ new file mode 100644 index 0000000..f221edc --- /dev/null +++ b/home/alex/programs/emacs/doom/snippets/org-mode/__ @@ -0,0 +1,3 @@ +# -*- mode: snippet -*- +# name: Org Template file +# -- diff --git a/home/alex/programs/neovim/default.nix b/home/alex/programs/neovim/default.nix new file mode 100644 index 0000000..e455b33 --- /dev/null +++ b/home/alex/programs/neovim/default.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, ... }: + +{ + programs.neovim = { + enable = true; + vimAlias = true; + + extraConfig = '' + set nowrap + ''; + + plugins = with pkgs.vimPlugins; [ + vim-nix + + indentLine + indent-blankline-nvim + neoformat + ]; + }; +} diff --git a/home/alex/programs/xmonad/config.hs b/home/alex/programs/xmonad/config.hs new file mode 100644 index 0000000..9cc8e3f --- /dev/null +++ b/home/alex/programs/xmonad/config.hs @@ -0,0 +1,77 @@ +import XMonad + +import XMonad.Hooks.DynamicLog +import XMonad.Hooks.ManageDocks +import XMonad.Hooks.ManageHelpers +import XMonad.Hooks.StatusBar +import XMonad.Hooks.StatusBar.PP + +import XMonad.Util.EZConfig +import XMonad.Util.Loggers +import XMonad.Util.Ungrab + +import XMonad.Layout.Magnifier +import XMonad.Layout.ThreeColumns + +import XMonad.Hooks.EwmhDesktops + + +main :: IO () +main = xmonad + . ewmhFullscreen + . ewmh + . withEasySB (statusBarProp "xmobar" (pure myXmobarPP)) defToggleStrutsKey + $ myConfig + +myConfig = def + { modMask = mod4Mask -- Rebind Mod to the Super key + , layoutHook = myLayout -- Use custom layouts + , manageHook = myManageHook -- Match on certain windows + } + `additionalKeysP` + [ ("M-S-z", spawn "xscreensaver-command -lock") + , ("M-C-s", unGrab *> spawn "scrot -s" ) + , ("M-f" , spawn "firefox" ) + ] + +myManageHook :: ManageHook +myManageHook = composeAll + [ className =? "Gimp" --> doFloat + , isDialog --> doFloat + ] + +myLayout = tiled ||| Mirror tiled ||| Full ||| threeCol + where + threeCol = magnifiercz' 1.3 $ ThreeColMid nmaster delta ratio + tiled = Tall nmaster delta ratio + nmaster = 1 -- Default number of windows in the master pane + ratio = 1/2 -- Default proportion of screen occupied by master pane + delta = 3/100 -- Percent of screen to increment by when resizing panes + +myXmobarPP :: PP +myXmobarPP = def + { ppSep = magenta " • " + , ppTitleSanitize = xmobarStrip + , ppCurrent = wrap " " "" . xmobarBorder "Top" "#8be9fd" 2 + , ppHidden = white . wrap " " "" + , ppHiddenNoWindows = lowWhite . wrap " " "" + , ppUrgent = red . wrap (yellow "!") (yellow "!") + , ppOrder = \[ws, l, _, wins] -> [ws, l, wins] + , ppExtras = [logTitles formatFocused formatUnfocused] + } + where + formatFocused = wrap (white "[") (white "]") . magenta . ppWindow + formatUnfocused = wrap (lowWhite "[") (lowWhite "]") . blue . ppWindow + + -- | Windows should have *some* title, which should not not exceed a + -- sane length. + ppWindow :: String -> String + ppWindow = xmobarRaw . (\w -> if null w then "untitled" else w) . shorten 30 + + blue, lowWhite, magenta, red, white, yellow :: String -> String + magenta = xmobarColor "#ff79c6" "" + blue = xmobarColor "#bd93f9" "" + white = xmobarColor "#f8f8f2" "" + yellow = xmobarColor "#f1fa8c" "" + red = xmobarColor "#ff5555" "" + lowWhite = xmobarColor "#bbbbbb" "" diff --git a/home/alex/programs/xmonad/default.nix b/home/alex/programs/xmonad/default.nix new file mode 100644 index 0000000..49af6ae --- /dev/null +++ b/home/alex/programs/xmonad/default.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +{ + xsession = { + windowManager.command = let + xmonad = pkgs.xmonad-with-packages.override { + packages = self: [ self.xmonad-contrib ]; + }; + in "${xmonad}/bin/xmonad"; + }; +} diff --git a/home/anne/default.nix b/home/anne/default.nix new file mode 100644 index 0000000..31bbe46 --- /dev/null +++ b/home/anne/default.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: +let username = "anne"; +in { + users.users.${username} = { + isNormalUser = true; + extraGroups = [ "input" ]; + description = "Anne Kobjolke"; + home = "/home/${username}"; + hashedPassword = + "$6$Lq3kAyI7Oh3uvf9T$lxE1V9adw1lqjRT0tvCdj17zUz.nJkqkMSA8Y6ipuBIHoZqJKJcQPLby/BWdDvzcmCbyEOtA7grToclNnbV49/"; + }; + + home-manager.users.${username} = import ./home.nix; +} diff --git a/home/anne/home.nix b/home/anne/home.nix new file mode 100644 index 0000000..59a3f37 --- /dev/null +++ b/home/anne/home.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: + +{ + home = { + language.base = "de_DE.UTF-8"; + stateVersion = "23.05"; + packages = with pkgs; [ + firefox + alacritty + gnome.gnome-session + gnome.gnome-control-center + ]; + keyboard.layout = "de"; + keyboard.variant = "nodeadkeys"; + }; + + xsession = { + enable = true; + windowManager.command = "${pkgs.gnome.gnome-session}/bin/gnome-session"; + }; +} diff --git a/home/emacs.d b/home/emacs.d deleted file mode 160000 index bf8495b..0000000 --- a/home/emacs.d +++ /dev/null @@ -1 +0,0 @@ -Subproject commit bf8495b4122701fb30cb6cea37281dc8f3bedcd0 diff --git a/hosts/dregil/configuration.nix b/hosts/dregil/configuration.nix index 0c532fd..e64c392 100644 --- a/hosts/dregil/configuration.nix +++ b/hosts/dregil/configuration.nix @@ -11,18 +11,19 @@ let export __VK_LAYER_NV_optimus=NVIDIA_only exec "$@" ''; -in -{ - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - # - ]; +in { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # + ../../modules/wm/x.nix + ../../modules/wm/xmonad.nix + ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; + boot.loader.timeout = 5; # do not protect the kernel image to allow hibernation security.protectKernelImage = lib.mkForce false; @@ -30,53 +31,33 @@ in networking.hostName = "dregil"; # Define your hostname. # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + networking.networkmanager.enable = + true; # Easiest to use and most distros use this by default. - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + networking.extraHosts = '' + 127.0.0.1 localhost dregil.localdomain dregil + ''; + + i18n = { + extraLocaleSettings = { TIME_STYLE = "iso"; }; + supportedLocales = + [ "C.UTF-8/UTF-8" "en_US.UTF-8/UTF-8" "de_DE.UTF-8/UTF-8" ]; + }; console = { font = "Lat2-Terminus16"; - useXkbConfig = true; # use xkbOptions in tty. - }; - - # Enable the X11 windowing system. - services.xserver = { - enable = true; - exportConfiguration = true; - - # Configure keymap in X11 - layout = "dvorak"; - - xkbOptions = "terminate:ctrl_alt_bksp,caps:escape,compose:ralt"; - - videoDrivers = [ "nvidia" ]; # "modesetting" ]; - - displayManager.lightdm = { - enable = true; - }; - - desktopManager.xfce.enable = true; - - # Enable touchpad support (enabled default in most desktopManager). - libinput = { - enable = true; - touchpad.disableWhileTyping = true; - touchpad.naturalScrolling = true; - mouse.naturalScrolling = config.services.xserver.libinput.touchpad.naturalScrolling; - }; + keyMap = "dvorak"; }; fonts = { - enableDefaultFonts = true; - fonts = with pkgs; [ - corefonts - noto-fonts - noto-fonts-emoji - fira-code - fira-code-symbols - nerdfonts + enableDefaultPackages = true; + packages = with pkgs; [ + corefonts + noto-fonts + noto-fonts-emoji + fira-code + fira-code-symbols + nerdfonts ]; }; @@ -87,64 +68,42 @@ in sound.enable = true; hardware.pulseaudio.enable = true; - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.alex = { - isNormalUser = true; - extraGroups = [ "wheel" # Enable ‘sudo’ for the user. - "input" - ]; - }; - # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ - wget - ripgrep - git - nvidia-offload - pinentry + wget + ripgrep + git + nvidia-offload + pinentry ]; # adjust channels to nixpkgs used on this system via this flake environment.etc."nix/inputs/nixpkgs".source = inputs.nixpkgs-unstable.outPath; - nix.nixPath = [ - "nixpkgs=${inputs.nixpkgs-unstable}" - ]; + nix.nixPath = [ "nixpkgs=${inputs.nixpkgs-unstable}" ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; + nix.settings.max-jobs = 3; + nix.settings.cores = 4; - programs.neovim = { - enable = true; - }; + programs.neovim = { enable = true; }; - programs.steam = { - enable = true; - }; + programs.steam = { enable = true; }; + + programs.zsh = { enable = true; }; # List services that you want to enable: # Enable the OpenSSH daemon. services.openssh.enable = true; + services.blueman.enable = true; + # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - - system.nixos.tags = [ "HiDPI" "nvidia-only" ]; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -152,6 +111,4 @@ in # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? - } - diff --git a/hosts/dregil/default.nix b/hosts/dregil/default.nix index 678c04d..a7c278f 100644 --- a/hosts/dregil/default.nix +++ b/hosts/dregil/default.nix @@ -1,22 +1,14 @@ -{ inputs, ... }: -let - inherit (inputs.nixpkgs-unstable.lib) nixosSystem; - - system = "x86_64-linux"; - - pkgs = import inputs.nixpkgs-unstable { - inherit system; - config = { - allowUnfree = true; - }; - }; -in -nixosSystem { - inherit system pkgs; - specialArgs = { inherit inputs; }; - modules = [ +{ lib, config, pkgs, inputs, ... }: { + imports = [ + ({ inputs, lib, ... }: { + nixpkgs = { config.allowUnfree = true; }; + nix.registry = lib.mapAttrs (_: value: { flake = value; }) inputs; + }) ../../modules/security.nix ../../modules/common-system.nix ./configuration.nix + inputs.home-manager-unstable.nixosModules.home-manager + ../../home/anne/default.nix + ../../home/alex/default.nix ]; } diff --git a/hosts/dregil/hardware-configuration.nix b/hosts/dregil/hardware-configuration.nix index 198484c..8aba9e8 100644 --- a/hosts/dregil/hardware-configuration.nix +++ b/hosts/dregil/hardware-configuration.nix @@ -4,12 +4,19 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" "uas" "usbcore" "usb_storage" "vfat" "nls_cp437" "nls_iso8859_1" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ + "dm-snapshot" + "uas" + "usbcore" + "usb_storage" + "vfat" + "nls_cp437" + "nls_iso8859_1" + ]; boot.initrd.luks.devices = { root = { device = "/dev/disk/by-uuid/bebf96d1-2a2b-412c-a5f0-f9ed5730a05f"; @@ -24,33 +31,31 @@ boot.extraModulePackages = [ pkgs.linuxPackages.nvidia_x11 ]; boot.kernelParams = [ "module_blacklist=i915" ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; - fsType = "btrfs"; - options = [ "subvol=root" "compress=zstd" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; + fsType = "btrfs"; + options = [ "subvol=root" "compress=zstd" ]; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; - fsType = "btrfs"; - options = [ "subvol=home" "compress=zstd" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; + fsType = "btrfs"; + options = [ "subvol=home" "compress=zstd" ]; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; - fsType = "btrfs"; - options = [ "subvol=nix" "compress=zstd" "noatime" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress=zstd" "noatime" ]; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/786D-42D7"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/786D-42D7"; + fsType = "vfat"; + }; swapDevices = - [ { device = "/dev/disk/by-uuid/b8c224ad-095e-4a48-b5b2-a19451fdeb95"; - } - ]; + [{ device = "/dev/disk/by-uuid/b8c224ad-095e-4a48-b5b2-a19451fdeb95"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -62,24 +67,23 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - - hardware.video.hidpi.enable = true; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.nvidia = { - nvidiaSettings = true; - nvidiaPersistenced = true; + nvidiaSettings = true; + nvidiaPersistenced = true; -# modesetting.enable = true; - package = config.boot.kernelPackages.nvidiaPackages.beta; -# prime = { -# offload.enable = true; -# -# intelBusId = "PCI:1:0:0"; -# nvidiaBusId = "PCI:1:0:0"; -# intelBusId = "0@0:2:0"; -# nvidiaBusId = "1@1:0:0"; -# }; + # modesetting.enable = true; + package = config.boot.kernelPackages.nvidiaPackages.beta; + # prime = { + # offload.enable = true; + # + # intelBusId = "PCI:1:0:0"; + # nvidiaBusId = "PCI:1:0:0"; + # intelBusId = "0@0:2:0"; + # nvidiaBusId = "1@1:0:0"; + # }; }; hardware.opengl = { @@ -89,4 +93,5 @@ }; hardware.keyboard.uhk.enable = true; + hardware.bluetooth.enable = true; } diff --git a/hosts/igor/default.nix b/hosts/igor/default.nix new file mode 100644 index 0000000..02d17e9 --- /dev/null +++ b/hosts/igor/default.nix @@ -0,0 +1,65 @@ +{ config, inputs, lib, pkgs, ... }: + +{ + imports = [ + inputs.disko.nixosModules.disko + ../../modules/security.nix + ../../modules/nix-config.nix + ../../modules/iohk.nix + ../../modules/timezone.nix + ../../modules/keybase.nix + ../../modules/ssh.nix + ./disko-config.nix + ]; + + networking = let extIface = "ens3"; + in { + hostName = "igor"; + domain = "failco.de"; + wireless.enable = false; + useDHCP = false; + enableIPv6 = false; + interfaces.${extIface} = { + ipv4.addresses = [{ + address = "192.168.0.2"; + prefixLength = 24; + }]; + }; + defaultGateway = "192.168.0.1"; + nameservers = [ "1.1.1.1" "8.8.8.8" ]; + firewall = { + allowedTCPPorts = [ 22 80 443 ]; + allowedUDPPorts = [ ]; + }; + }; + + security.sudo = { + enable = true; + execWheelOnly = true; + }; + + # Select internationalization properties. + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "dvorak"; + }; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.me = { + isNormalUser = true; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + shell = pkgs.zsh; + }; + + programs.neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + }; + + programs.zsh.enable = true; + + system.stateVersion = "23.11"; +} diff --git a/hosts/igor/disko-config.nix b/hosts/igor/disko-config.nix new file mode 100644 index 0000000..cd3c4aa --- /dev/null +++ b/hosts/igor/disko-config.nix @@ -0,0 +1,49 @@ +{ + disko.devices = { + disk.main = { + type = "disk"; + device = "/dev/mmcblk0"; + content = { + type = "gpt"; + partitions = { + ESP = { + priority = 1; + name = "ESP"; + start = "1M"; + end = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + + root = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; + + subvolumes = { + "/rootfs" = { mountpoint = "/"; }; + "/home" = { + mountOptions = [ "compress=zstd" ]; + mountpoint = "/home"; + }; + "/nix" = { + mountOptions = [ "compress=zstd" "noatime" ]; + mountpoint = "/nix"; + }; + "/swap" = { + mountpoint = "/.swapvol"; + swap = { swapfile.size = "2G"; }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/redmi/default.nix b/hosts/redmi/default.nix index 9f607a0..9de9508 100644 --- a/hosts/redmi/default.nix +++ b/hosts/redmi/default.nix @@ -7,9 +7,11 @@ vim # or some other editor, e.g. nano or neovim git + git-annex mosh openssh wget + helix # Some common stuff that people expect to have #diffutils diff --git a/hosts/thrall/default.nix b/hosts/thrall/default.nix index bc3c402..553aa9f 100644 --- a/hosts/thrall/default.nix +++ b/hosts/thrall/default.nix @@ -2,28 +2,26 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: -let extIface = "ens3"; +{ inputs, config, pkgs, ... }: +let + authorityFromUrl = url: + builtins.head (pkgs.lib.drop 1 (pkgs.lib.splitString "://" url)); in { - imports = [ # Include the results of the hardware scan. + imports = [ ./hardware-configuration.nix + inputs.snm.nixosModule + inputs.agenix.nixosModules.age + ../../modules/security.nix + ../../modules/upgrade-pg-cluster.nix + ../../modules/nix-config.nix + ../../modules/iohk.nix + ../../modules/timezone.nix + ../../modules/keybase.nix + ../../modules/ssh.nix ]; - nix.package = pkgs.nixUnstable; - nix.extraOptions = '' - experimental-features = nix-command flakes ca-derivations - ''; - # nix.registry.nixpkgs.flake = nixpkgs; - - # Binary Cache for Haskell.nix - nix.settings.trusted-public-keys = - [ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ]; - - #nix.binaryCaches = [ "https://hydra.iohk.io" ]; - # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; - boot.loader.grub.version = 2; # boot.loader.grub.efiSupport = true; # boot.loader.grub.efiInstallAsRemovable = true; # boot.loader.efi.efiSysMountPoint = "/boot/efi"; @@ -31,28 +29,34 @@ in { boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only # boot.loader.systemd-boot.enable = true; - # Set your time zone. - time.timeZone = "Europe/Berlin"; - age.secrets = { mailPass.file = ../../secrets/mailPass.age; paperless-mail.file = ../../secrets/paperless-mail.age; wireguard-thrall.file = ../../secrets/wireguard-thrall.age; + hledger-web = { + file = ../../secrets/hledger-web.htaccess.age; + mode = "440"; + owner = config.services.nginx.user; + group = config.services.nginx.group; + }; }; # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. - networking = { + networking = let extIface = "ens3"; + in { hostName = "thrall"; domain = "failco.de"; wireless.enable = false; useDHCP = false; enableIPv6 = false; - interfaces.${extIface}.ipv4.addresses = [{ - address = "195.90.211.228"; - prefixLength = 22; - }]; + interfaces.${extIface} = { + ipv4.addresses = [{ + address = "195.90.211.228"; + prefixLength = 22; + }]; + }; defaultGateway = "195.90.208.1"; nameservers = [ "1.1.1.1" "8.8.8.8" ]; firewall = { @@ -91,6 +95,11 @@ in { publicKey = "NG9y+0RMDTjiG65yC4Z0ymJ0G5fe1mOhl4GyC3xAh1k="; allowedIPs = [ "10.0.0.3/32" ]; } + { + # homematic + publicKey = "slqWgVksOCav0bASxupaFGqfr6vajxDRNIlZYocONQ4="; + allowedIPs = [ "10.0.0.4/32" ]; + } ]; }; }; @@ -113,7 +122,7 @@ in { }]; }; - # Select internationalisation properties. + # Select internationalization properties. i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; @@ -122,6 +131,7 @@ in { # Define a user account. Don't forget to set a password with ‘passwd’. users.users.alex = { + description = "Alexander Kobjolke"; isNormalUser = true; extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. shell = pkgs.zsh; @@ -129,21 +139,10 @@ in { # List packages installed in system profile. To search, run: # $ nix search wget - environment.systemPackages = with pkgs; [ - wget - rsync - htop - tmux - git - git-annex - #agenix.defaultPackage.x86_64-linux - restic # fast and secure backup - rclone - ]; + environment.systemPackages = with pkgs; [ wget rsync htop tmux git rclone ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. - # programs.mtr.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; @@ -162,20 +161,15 @@ in { # List services that you want to enable: - # depending on wireguard services.kresd = { enable = true; listenPlain = [ "[::1]:53" "127.0.0.1:53" "10.0.0.1:53" ]; }; - # Enable the OpenSSH daemon. - services.openssh.enable = true; - services.lorri.enable = true; # configure backup via restic to gdrive services.restic.backups = { }; - services.keybase = { enable = true; }; services.nginx = { enable = true; @@ -193,10 +187,20 @@ in { forceSSL = true; enableACME = true; root = "/srv/www/failco.de"; - serverAliases = [ "www.failco.de" "mail.failco.de" ]; + serverAliases = [ "www.failco.de" ]; extraConfig = '' add_header X-Frame-Options 'SAMEORIGIN'; ''; + + locations."/photo-groove" = { + proxyPass = "http://127.0.0.1:8000/"; + proxyWebsockets = true; + }; + + locations."/elfeed" = { + proxyPass = "http://127.0.0.1:8080/elfeed"; + proxyWebsockets = true; + }; }; "www.jakalx.net" = { @@ -209,22 +213,49 @@ in { ''; }; + "kobjolke.de" = { + forceSSL = true; + enableACME = true; + root = "/srv/www/kobjolke.de"; + serverAliases = [ "www.kobjolke.de" ]; + extraConfig = '' + add_header X-Frame-Options 'SAMEORIGIN'; + ''; + }; + # gitea - "git.failco.de" = { + "${config.services.gitea.settings.server.DOMAIN}" = { forceSSL = true; enableACME = true; locations."/" = { - proxyPass = "http://127.0.0.1:3001/"; + proxyPass = "http://127.0.0.1:${ + toString config.services.gitea.settings.server.HTTP_PORT + }/"; proxyWebsockets = true; }; }; # paperless - "docs.failco.de" = { + "${authorityFromUrl config.services.paperless.extraConfig.PAPERLESS_URL}" = + { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = + "http://127.0.0.1:${toString config.services.paperless.port}/"; + proxyWebsockets = true; + }; + }; + + # hledger + "${authorityFromUrl config.services.hledger-web.baseUrl}" = { forceSSL = true; enableACME = true; + basicAuthFile = config.age.secrets.hledger-web.path; locations."/" = { - proxyPass = "http://127.0.0.1:3002/"; + proxyPass = "http://${config.services.hledger-web.host}:${ + toString config.services.hledger-web.port + }/"; proxyWebsockets = true; }; }; @@ -234,14 +265,17 @@ in { enable = true; database.type = "sqlite3"; lfs.enable = true; - domain = "git.failco.de"; - rootUrl = "https://git.failco.de"; - httpAddress = "127.0.0.1"; - httpPort = 3001; settings = { service.DISABLE_REGISTRATION = true; + server = { + DOMAIN = "git.failco.de"; + ROOT_URL = "https://git.failco.de"; + HTTP_ADDR = "127.0.0.1"; + HTTP_PORT = 3001; + }; + mailer = { ENABLED = true; MAILER_TYPE = "smtp"; @@ -263,11 +297,35 @@ in { }; }; + services.hledger-web = { + enable = true; + baseUrl = "https://ledger.failco.de"; + port = 3003; + capabilities = { + view = true; + add = true; + manage = true; + }; + journalFiles = [ "current.journal" ]; + extraOptions = [ "-B" "--value=then" ]; + }; + services.fail2ban = { enable = true; maxretry = 5; + + bantime = "1h"; + bantime-increment.enable = true; + ignoreIP = [ "127.0.0.0/8" "195.90.211.228/22" "10.0.0.0/8" "192.168.0.0/16" ]; + + jails.postfix = '' + filter = postfix + maxretry = 3 + action = iptables[name=postfix, port=smtp, protocol=tcp] + enabled = true + ''; }; services.syncthing = { @@ -278,19 +336,22 @@ in { true; # overrides any devices added or deleted through the WebUI overrideFolders = true; # overrides any folders added or deleted through the WebUI - folders = { - "org" = { - path = "/home/alex/org"; - devices = [ "redmi" ]; + settings = { + folders = { + "org" = { + path = "/home/alex/org"; + devices = [ "redmi" ]; + }; + "scan" = { + path = "/home/alex/media/scan"; + devices = [ "redmi" ]; + }; }; - "scan" = { - path = "/home/alex/media/scan"; - devices = [ "redmi" ]; - }; - }; - devices = { - "redmi" = { - id = "C43WITF-2HS2UCD-X6QFM4H-SC7XQJ7-X5F73EB-7FZHMII-KQNSH5D-NMICIAW"; + devices = { + "redmi" = { + id = + "C43WITF-2HS2UCD-X6QFM4H-SC7XQJ7-X5F73EB-7FZHMII-KQNSH5D-NMICIAW"; + }; }; }; }; @@ -298,15 +359,16 @@ in { mailserver = { enable = true; fqdn = "thrall.failco.de"; - domains = [ "failco.de" "jakalx.net" ]; + domains = [ "failco.de" "jakalx.net" "kobjolke.de" ]; loginAccounts = { "me@failco.de" = { + # nix-shell -p mkpasswd --run 'mkpasswd -sm sha512crypt' hashedPasswordFile = config.age.secrets.mailPass.path; aliases = [ "lx@failco.de" "alex@failco.de" ]; - catchAll = [ "failco.de" ]; + catchAll = [ "failco.de" "kobjolke.de" ]; }; "alex@jakalx.net" = { @@ -320,13 +382,35 @@ in { }; }; - certificateScheme = 3; + extraVirtualAliases = { "familie@kobjolke.de" = [ "me@failco.de" ]; }; + + forwards = { + "anne@kobjolke.de" = "anne.kobjolke@gmail.cem"; + "alex@kobjolke.de" = "me@failco.de"; + }; + + certificateScheme = "acme-nginx"; enableImapSsl = true; enableManageSieve = true; virusScanning = true; }; + services.postgresql = { package = pkgs.postgresql_15; }; + services.roundcube = { + enable = true; + hostName = "mail.failco.de"; + dicts = with pkgs.aspellDicts; [ en de ]; + plugins = [ "archive" "attachment_reminder" "managesieve" "markasjunk" ]; + extraConfig = '' + # starttls needed for authentication, so the fqdn required to match + # the certificate + $config['smtp_server'] = "tls://${config.mailserver.fqdn}"; + $config['smtp_user'] = "%u"; + $config['smtp_pass'] = "%p"; + ''; + }; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/modules/common-system.nix b/modules/common-system.nix index a640d0f..b8de7d7 100644 --- a/modules/common-system.nix +++ b/modules/common-system.nix @@ -1,5 +1,6 @@ -{config, pkgs, inputs, ...}: -{ +{ config, pkgs, inputs, ... }: { + imports = [ ./nix-config.nix ]; + i18n.defaultLocale = "en_US.UTF-8"; time.timeZone = "Europe/Berlin"; @@ -10,7 +11,7 @@ git dua erdtree - exa + eza fd fzf bat @@ -21,25 +22,9 @@ networking.firewall.enable = true; nix = { - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 30d"; - }; - - registry = { - nixpkgs.flake = inputs.nixpkgs; - nixpkgs-unstable.flake = inputs.nixpkgs-unstable; - }; - - settings = { - auto-optimise-store = true; - experimental-features = [ "nix-command" "flakes" ]; - warn-dirty = false; - - # avoid unwanted garbage collection when using direnv - keep-outputs = true; - keep-derivations = true; - }; + registry = { + nixpkgs.flake = inputs.nixpkgs; + nixpkgs-unstable.flake = inputs.nixpkgs-unstable; + }; }; } diff --git a/modules/iohk.nix b/modules/iohk.nix new file mode 100644 index 0000000..69d1cb3 --- /dev/null +++ b/modules/iohk.nix @@ -0,0 +1,9 @@ +{ config, lib, pkgs, ... }: + +{ + # Binary Cache for Haskell.nix + nix.settings.trusted-public-keys = + [ "cache.iog.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ]; + + nix.settings.substituters = lib.mkAfter [ "https://cache.iog.io" ]; +} diff --git a/modules/keybase.nix b/modules/keybase.nix new file mode 100644 index 0000000..c652d72 --- /dev/null +++ b/modules/keybase.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs, ... }: + +{ + services.keybase.enable = true; +} diff --git a/modules/nix-config.nix b/modules/nix-config.nix new file mode 100644 index 0000000..716d4e7 --- /dev/null +++ b/modules/nix-config.nix @@ -0,0 +1,22 @@ +{ config, lib, pkgs, ... }: + +{ + nix = { + package = pkgs.nixUnstable; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + settings = { + auto-optimise-store = true; + experimental-features = [ "nix-command" "flakes" "repl-flake" ]; + warn-dirty = false; + + # avoid unwanted garbage collection when using direnv + keep-outputs = true; + keep-derivations = true; + }; + }; +} diff --git a/modules/security.nix b/modules/security.nix index 3482c16..15d365b 100644 --- a/modules/security.nix +++ b/modules/security.nix @@ -9,10 +9,10 @@ # tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy # on ssd systems, and volatile! Because it's wiped on reboot. -# boot.tmpOnTmpfs = lib.mkDefault true; + # boot.tmpOnTmpfs = lib.mkDefault true; # If not using tmpfs, which is naturally purged on reboot, we must clean it # /tmp ourselves. /tmp should be volatile storage! - boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs); + boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs); # Fix a security hole in place for backwards compatibility. See desc in # nixpkgs/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix diff --git a/modules/ssh.nix b/modules/ssh.nix new file mode 100644 index 0000000..a93eb68 --- /dev/null +++ b/modules/ssh.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: + +{ + services.openssh.enable = true; + users.users.alex.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/aaVGcys7ZJ3chImea/8jTGtIVYKzDxXBGIeZMiLm/ u0_a204@localhost" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrPC2OMHYJX41vedlsgQeLobapDOZ8StPVwmTTp0Qc83OeXGXiaJ2P0wA65NoIjh+I7OZjc/kRCO+mC4BZs2Em3pmWOZNTvW4YA8lvhpkwFNrvmx+G+HKKG7F04lOgo9zAJltY8ENj0T5jddbWWuSRDNPrHCwet2jdiTWc2Ri5QNAdxXSmp+XG9rTPF6JfuH3kjU7UYgMG0c9dJAy7KzCj4p6GhlfvZlFndhmT+PMkJbn5liv8ldFIuHAqA0Hyo3UYfAieeUDBloevbZKpbsp7wVdtmySfJCgwRaOqVPyB+5QK6sY32s2L8sHHdKgnJ1czeLaX11ZEGQIb4wMd6VYD (none)" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIScA09BrNhQjUzoKhU8xl0Giq4o+eN4tOhdRrS3AHg9QtDd+cZ/6gx5iuVguwVPwCBSGlyilIhtTvUHBft7vEqdoSWDzsIv4nAq5+m4wBAV1WtNuzdIjgDBVtYqIKI+KHasIuj5ol8tDbMmNUfG4kvPgaIudGo9G+ynWSVR1mZyk+W0sAKJAeWmcv5EDxMaSS/4WWXZ7GeLy5t0RJlyO4Pspm69hb63Urz5N2YJHUwgXLZbirsTK0cKRGLKvyEwUOQDvnj13VvnSt5mjfYNGr0g770PLNRPno2PeS5ux2+/4dx03+enh6CA70a+Ialu1Z7qMsaZhLPwuUDTGJJX4F ads-1700w" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDOlzj6jMbFgBeNIq1u6ixwtfsjcTV/S5VUchpH2GskodrAuWTE6G+eIj40nVO3JbaErderhfosIhN8HnZTP9uhXvDcAgqE98rVKLC1Pm0bDST4H+Qc358h4BRWamkojF7ub1RdMKVsIX9xQFAPCv+6iyLKBU5F8lNu70Wr9cNSPaMS1zvKdJzUzq34kdjKf6Jsc+64ux254MUbkoD9VgJpNq9cCbkI6JHDLL+6fer/66dvsEggEEoCgbupJljsHo+4SGDqiFFT8l81gfgsV6CwAib7gkSiR9ZgCDgwjd5QPMqPBFytIc5F8Gz4sbsB2TMlLraaD+vcTt7p3HlWCsDpW0QBeeDvmupZoWpQuT8R/4G3FnGAf5sJgccffO8R/na8/TpSrRdfj0GlGYvxasMKDJnbrVig+zi7JpdH9hvAXmpv6c8QHhjr191I15PV2m4Z2bPPo5BXDt1YEqSgAaFHpTlkIUheEpbKRJI28YwOWOv3r1CcaGM64KxFXSZIIIk= nix-on-droid@localhost" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0itMeWUBtvAjNUzU0iCNHvRo2DUewlGjmHgy8qk7QyYvrFO0DhadDUrkqGK3RjfPue5eM+L/4sib+fr4OIAjzTxvSBpZWfMZtU41/iWiT2bvz7mNvi9j/TDBl/+PfFt0VBUgSPk1cO00P4sExVvseF9hXq5h4NNR4iSuC9P9u6mbaUeg9X6ydlld9+W300erxEToK54alZ0+YOwEMypjytjCBSPFG2QfmFoeU8bCqJvSotOw5nu974LKHOxZgxluBKprlusrRjCxZim9XwTS07I9gZhiDKIdvThSzEWZX4nwLrTyIh19DlZTO2vPUwwqBZyGlwMPCjfFazeViBKuQXCEAmifFHc/4f5Ae1zRA+ombJQveigomlcMXdV9E7HsD0I976ErJbYmfH+QwI78HbwFvbOX3yazdrw02ltdjvasO30dH7wdckoC7fYEXOij3M2pKlLOUojKUF589uPjiBiGNtxGKGpg0TKG9Nj1rvYHljfzQNwqgHKKrRdZo5pOHwzhvl4/fQubu5S/eAppstDuVHTZwIzpd9sHez1JNYS7SKNxT1cIW8NfW41RUe/8rVF678FvIDzuqkcYLsmPd+tg+w78stMEJHaTLHYOCbfYqEdBnvcNRPUFY30MwCVkG7s9X3cEuOwMx8KbTlH5AFZj9IBVUNeJ4p4aMUw3Pbw== /home/alex/.ssh/id_rsa" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDG4BlH07+a+U3i89U11Oz81X1lZnMnzu5d0Em2zlQJYiIqnwj7uRUl7TerXxmum9vOYsDGLGP8RwQRzySM5xfIIEmn5wHb6zPzD8jC8sJQws9d7q84PJMDVUfUeTHR/xZ9QbzG3NHTNnGdbtQptkDwxzLnr/kL5rvGrudgYa0RwHHZbz0WK15iVcsRIHglhsf9gLlXhZZ8Hn2r2qS7jj32InH58KAtawRBd8/WE56h/QY5vUt2F4M8ZvvIJHndynOn71iPJY0tr+b/VIG5JSK89aIQyVRk222TlTn3BrYW2VudrKkkLtssDEIfTmQeALN/LYev4+bJNGDI7bmg7TD4L6AlgrkTJGvXoup410oeiOWP2vrbK2OLB8lcs4lH9iauFg6fMAQuboJjUisicj6tD2SyjELCP2Hvf625k1H2vyp5366dUROBRaUX/AKIZwkIstNgcaLkF7gmeAc1Atr3DK4Jtxc9CHTO7Dv0os+p2q4LJm+mnJy8H7PnfPiRB3thTfULUAWQ2H8RpAn1r0Txur/3D/Jde6PPzL41CefmF6z+UOd4gwMONns7FLjru5z6HG/egaXlJPJkfYbgB+253VDDOga2Y+1W99rgvX0UsF//dhYCqa/XWvmk3htjRTgz80B7tm/eKQwaM7Cm7YZzWq5mjfgxPptkB9SDS8HORw== joyeuse" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDad0tKjdZluogJz9Tir9szwd3olnmY+XqrZtaabgAv9M1V3+ktjZxb11fqbhxpspEW889fG0PrdDsKrYrp6Adm6mVcFXb2Rx8uEIcQ4XQfMqzTBLgNipBcU+7DiWHrejLf9hcrH6HL4o6py59CrX5lnAf1Elt9HxUXTVl9rbMp0SHif6EbYumrCwipWWmcLJWKWVJrJ6rf4YBsmLNtxhf7myjCJxECetQeWyAJodguJa8T7hDJSiE6rfPLanU673T/CU1IBgexriUxcSk09PmjLGB3fFbZnGJlIOAua7ctXtwVjzat5WAWoNo5JdC3cnEUoNkyx7krLbQ2oOzNJi9YgYneTR0KWHYG/v/WVoI+VtW0RQIS+QzVW+ox8Y2j209BZGBFN1d+/ZarUsizg5OEyO7ntiL/UhL/YbI9jknBiw08mzUwIHLpNrpz17duIFNaNkmaN1FAt3b5HBVyq9h4x9FXmp/zaiVzN//Md4GD8xnGmiR3fd+l51mz+WjHIQM= alex@dregil" + ]; +} diff --git a/modules/timezone.nix b/modules/timezone.nix new file mode 100644 index 0000000..8323310 --- /dev/null +++ b/modules/timezone.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs, ... }: + +{ + time.timeZone = lib.mkDefault "Europe/Berlin"; +} diff --git a/modules/upgrade-pg-cluster.nix b/modules/upgrade-pg-cluster.nix new file mode 100644 index 0000000..89feedb --- /dev/null +++ b/modules/upgrade-pg-cluster.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: +{ + environment.systemPackages = [ + (let + # XXX specify the postgresql package you'd like to upgrade to. + # Do not forget to list the extensions you need. + newPostgres = pkgs.postgresql_15.withPackages (pp: [ + # pp.plv8 + ]); + in pkgs.writeScriptBin "upgrade-pg-cluster" '' + set -eux + # XXX it's perhaps advisable to stop all services that depend on postgresql + systemctl stop postgresql + + export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}" + + export NEWBIN="${newPostgres}/bin" + + export OLDDATA="${config.services.postgresql.dataDir}" + export OLDBIN="${config.services.postgresql.package}/bin" + + install -d -m 0700 -o postgres -g postgres "$NEWDATA" + cd "$NEWDATA" + sudo -u postgres $NEWBIN/initdb -D "$NEWDATA" + + sudo -u postgres $NEWBIN/pg_upgrade \ + --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \ + --old-bindir $OLDBIN --new-bindir $NEWBIN \ + "$@" + '') + ]; +} diff --git a/modules/wm/gnome.nix b/modules/wm/gnome.nix new file mode 100644 index 0000000..865d469 --- /dev/null +++ b/modules/wm/gnome.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs, ... }: + +{ + +} diff --git a/modules/wm/x.nix b/modules/wm/x.nix new file mode 100644 index 0000000..58e31d9 --- /dev/null +++ b/modules/wm/x.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +{ + # Enable the X11 windowing system. + services = { + dbus = { enable = true; }; + + xserver = { + enable = true; + exportConfiguration = true; + + # Configure keymap in X11 + layout = "us"; + + xkbOptions = "terminate:ctrl_alt_bksp,caps:escape,compose:ralt"; + + videoDrivers = [ "nvidia" ]; # "modesetting" ]; + + displayManager.lightdm = { + enable = true; + greeters.slick.enable = true; + }; + + desktopManager.xfce.enable = true; + desktopManager.gnome.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + libinput = { + enable = true; + touchpad.disableWhileTyping = true; + mouse.naturalScrolling = + config.services.xserver.libinput.touchpad.naturalScrolling; + }; + }; + }; +} diff --git a/modules/wm/xmonad.nix b/modules/wm/xmonad.nix new file mode 100644 index 0000000..dbb4945 --- /dev/null +++ b/modules/wm/xmonad.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + +{ + services = { + upower.enable = true; + + xserver = { + windowManager.xmonad = { + enable = true; + enableContribAndExtras = true; + }; + }; + }; + + systemd.services.upower.enable = true; +} diff --git a/outputs/homeConfigurations/default.nix b/outputs/homeConfigurations/default.nix deleted file mode 100644 index ea49a02..0000000 --- a/outputs/homeConfigurations/default.nix +++ /dev/null @@ -1,69 +0,0 @@ -inputs: with inputs; -let - pkgs = import nixpkgs-unstable { - system = "x86_64-linux"; - config.allowUnfree = true; - overlays = []; - }; -in -{ - "alex@dregil" = home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = [ - { - programs.home-manager.enable = true; - - home = { - username = "alex"; - homeDirectory = "/home/alex"; - stateVersion = "22.11"; - packages = with pkgs; [ - alacritty # fast terminal - firefox # the browser with the fox - - # social - jitsi-meet-electron # jitsi as a stand-alone app - discord # talk to other people - #inputs.simplex-chat.packages."x86_64-linux"."exe:simplex-chat" - - # editing - helix # vim like editor - nil # nix language server - - # system tools - htop-vim # htop with vim bindings - erdtree # du+tree had sex - dua # ncdu but better - bat # better cat - uhk-agent # my keyboard - mosh # ssh via udp - - # gaming support - lutris - ]; - }; - - programs.bash = { - enable = true; - }; - - programs.zsh = { - enable = true; - }; - - programs.git = { - enable = true; - userName = "Alexander Kobjolke"; - userEmail = "me@failco.de"; - }; - - programs.password-store = { - enable = true; - }; - - # do not show home-manager notifications - news.display = "silent"; - } - ]; - }; -} diff --git a/secrets/hledger-web.htaccess.age b/secrets/hledger-web.htaccess.age new file mode 100644 index 0000000..c22f639 --- /dev/null +++ b/secrets/hledger-web.htaccess.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> X25519 FrE3cLVPZshP6+VgS5aRSggS/3XEjLZW2/yCcxQT6z0 +xlPC1bF0NqiDVEk/xU+7GPGpwbTPZk+iSZ4QvvJzCcU +-> ssh-ed25519 NCz+gA Ag6jD9h0FTR+jVR2K3wpQgGqyLJzQZyNvU2+AJPz+Xc +3QJhYsIl23/ve++5r9X/a2YUPSUgIBHJ8srPmeSnpKw +-> BaPA]-grease A\OcT5| +L4Nk5eiaKq72ELBFQemUGlXJXpmUt5aN++g9ljz+DBG8XL3bQ9RbPMhbEy/gzKf6 +8WbY +--- hVjNjD1o1TI5B+CZqTdcoHjx3rRJCgrd4f13Vbhazmw +ؾt,AĬ[w3Lؒb`4?6 Ьޮժ1q?.'KjeidUdfeJJ=pŗ?o \ No newline at end of file diff --git a/secrets/paperless-mail.age b/secrets/paperless-mail.age index ae80b74..3921198 100644 Binary files a/secrets/paperless-mail.age and b/secrets/paperless-mail.age differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 794f07e..cb6f600 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,12 +1,14 @@ +# nix run github:ryantm/agenix -- -i -e password.age let - thrall = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHNRSYszckbCwKoX/cci8D40DGM/SG/NJ/u/uB361re"; + thrall = + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHNRSYszckbCwKoX/cci8D40DGM/SG/NJ/u/uB361re"; alex = "age13uv5phqjuvd90rr3aa7mg3xsmcmyx8cfz9v52w2a782qecssja9sw9nt8a"; systems = [ thrall ]; users = [ alex ]; -in -{ +in { "mailPass.age".publicKeys = users ++ systems; "paperless-mail.age".publicKeys = users ++ systems; - "wireguard-thrall.age".publicKeys = [thrall]; + "wireguard-thrall.age".publicKeys = [ thrall ]; + "hledger-web.htaccess.age".publicKeys = users ++ systems; }