mirror of
https://github.com/nmasur/dotfiles
synced 2024-10-18 18:29:02 +00:00
Compare commits
69 Commits
ebfeee20bf
...
5d14d2a876
Author | SHA1 | Date | |
---|---|---|---|
|
5d14d2a876 | ||
|
26afa49879 | ||
|
94bc6662ed | ||
|
06c1f5c372 | ||
|
4dd94ee59d | ||
|
69dd348c92 | ||
|
d823b2a49e | ||
|
756177826c | ||
|
c60632a37f | ||
|
324956c091 | ||
|
68c5816d4d | ||
|
643b722eb4 | ||
|
db0b2b147c | ||
|
b382bc9fbb | ||
|
454accd742 | ||
|
088de57cab | ||
|
5a992d6d5a | ||
|
f44cf65c43 | ||
|
46f3a459b6 | ||
|
161c1f46b0 | ||
|
fc2484227a | ||
|
e7bbf68dde | ||
|
10f7b97b64 | ||
|
c8a8b7a897 | ||
|
6560d2f9a2 | ||
|
3be397429a | ||
|
8b17fd035b | ||
|
8da8fe7efb | ||
|
59111f5da6 | ||
|
95e8d5c268 | ||
|
56d2c95c64 | ||
|
602d411bad | ||
|
4cd9572993 | ||
|
84d7fc9892 | ||
|
dab40e081a | ||
|
984a47d3b1 | ||
|
48cd96858a | ||
|
2cce4c572f | ||
|
2f783f2ba3 | ||
|
1ee22e3a9a | ||
|
450b211e7e | ||
|
19f3147f25 | ||
|
5d6d6fc68e | ||
|
ec55658fd1 | ||
|
d25b189952 | ||
|
a8b07cc365 | ||
|
70a30ac056 | ||
|
cfe1f1d1e2 | ||
|
3396918793 | ||
|
3ef842f359 | ||
|
e87cb5981c | ||
|
6e9419ed92 | ||
|
ab4e516ba8 | ||
|
5d2d26b3d9 | ||
|
50e16f9413 | ||
|
4653037f1e | ||
|
f192e53e7a | ||
|
b5a9da8011 | ||
|
cbbfb8724b | ||
|
0bbfe0b6b5 | ||
|
cc714dd898 | ||
|
4964e56298 | ||
|
fafd56612e | ||
|
3042a0ac19 | ||
|
9d2a423011 | ||
|
276c2024b4 | ||
|
81cffd471d | ||
|
61a808bad4 | ||
|
48045c0fee |
6
.github/workflows/update.yml
vendored
6
.github/workflows/update.yml
vendored
@ -31,6 +31,12 @@ jobs:
|
|||||||
pr-labels: | # Labels to be set on the PR
|
pr-labels: | # Labels to be set on the PR
|
||||||
dependencies
|
dependencies
|
||||||
automated
|
automated
|
||||||
|
pr-body: |
|
||||||
|
Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action.
|
||||||
|
|
||||||
|
```
|
||||||
|
{{ env.GIT_COMMIT_MESSAGE }}
|
||||||
|
```
|
||||||
- name: Check the Flake
|
- name: Check the Flake
|
||||||
id: check
|
id: check
|
||||||
run: nix flake check
|
run: nix flake check
|
||||||
|
24
README.md
24
README.md
@ -41,6 +41,30 @@ configuration may be difficult to translate to a non-Nix system.
|
|||||||
| --- | --- | --- |
|
| --- | --- | --- |
|
||||||
| Keybinds | [Hammerspoon](https://www.hammerspoon.org/) | [Link](./modules/darwin/hammerspoon) |
|
| Keybinds | [Hammerspoon](https://www.hammerspoon.org/) | [Link](./modules/darwin/hammerspoon) |
|
||||||
|
|
||||||
|
# Diagram
|
||||||
|
|
||||||
|
![Diagram](https://github.com/nmasur/dotfiles/assets/7386960/ed3e7202-09c4-4a9c-9b14-0272c01647f6)
|
||||||
|
|
||||||
|
- [flake.nix](./flake.nix)
|
||||||
|
- [hosts](./hosts/)
|
||||||
|
- [modules](./modules/)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
# Unique Configurations
|
||||||
|
|
||||||
|
This repo contains a few more elaborate elements of configuration.
|
||||||
|
|
||||||
|
- [Neovim config](./modules/common/neovim/default.nix) generated with Nix2Vim
|
||||||
|
and source-controlled plugins, differing based on installed LSPs, for example.
|
||||||
|
- [Caddy JSON](./modules/nixos/services/caddy.nix) file (routes, etc.) based
|
||||||
|
dynamically on enabled services rendered with Nix.
|
||||||
|
- [Grafana config](./modules/nixos/services/grafana.nix) rendered with Nix.
|
||||||
|
- Custom [secrets deployment](./modules/nixos/services/secrets.nix) similar to
|
||||||
|
agenix.
|
||||||
|
- Base16 [colorschemes](./colorscheme/) applied to multiple applications,
|
||||||
|
including Firefox userChrome.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
# Installation
|
# Installation
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
program = builtins.toString (pkgs.writeShellScript "loadkey" ''
|
program = builtins.toString (pkgs.writeShellScript "loadkey" ''
|
||||||
printf "\nEnter the seed phrase for your SSH key...\n"
|
printf "\nEnter the seed phrase for your SSH key...\n"
|
||||||
printf "\nThen press ^D when complete.\n\n"
|
printf "\nThen press ^D when complete.\n\n"
|
||||||
|
mkdir -p ~/.ssh/
|
||||||
${pkgs.melt}/bin/melt restore ~/.ssh/id_ed25519
|
${pkgs.melt}/bin/melt restore ~/.ssh/id_ed25519
|
||||||
printf "\n\nContinuing activation.\n\n"
|
printf "\n\nContinuing activation.\n\n"
|
||||||
'');
|
'');
|
||||||
|
@ -49,19 +49,24 @@ move the `windows/alacritty.yml` file to
|
|||||||
To get started on a bare macOS installation, first install Nix:
|
To get started on a bare macOS installation, first install Nix:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sh -c "$(curl -L https://nixos.org/nix/install)"
|
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
|
||||||
```
|
```
|
||||||
|
|
||||||
Then use Nix to build nix-darwin:
|
Launch a new shell. Then use Nix to switch to the macOS configuration:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
nix-build https://github.com/LnL7/nix-darwin/archive/master.tar.gz -A installer
|
sudo rm /etc/bashrc
|
||||||
./result/bin/darwin-installer
|
sudo rm /etc/nix/nix.conf
|
||||||
|
nix \
|
||||||
|
--extra-experimental-features flakes \
|
||||||
|
--extra-experimental-features nix-command \
|
||||||
|
run nix-darwin -- switch \
|
||||||
|
--flake github:nmasur/dotfiles#lookingglass
|
||||||
```
|
```
|
||||||
|
|
||||||
Then switch to the macOS configuration:
|
Once installed, you can continue to update the macOS configuration:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
darwin-rebuild switch --flake github:nmasur/dotfiles#lookingglass
|
darwin-rebuild switch --flake ~/dev/personal/dotfiles
|
||||||
```
|
```
|
||||||
|
|
||||||
|
346
flake.lock
346
flake.lock
@ -17,31 +17,14 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"age": {
|
|
||||||
"flake": false,
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1672087018,
|
|
||||||
"narHash": "sha256-LRxxJQLQkzoCNYGS/XBixVmYXoZ1mPHKvFicPGXYLcw=",
|
|
||||||
"owner": "FiloSottile",
|
|
||||||
"repo": "age",
|
|
||||||
"rev": "c6dcfa1efcaa27879762a934d5bea0d1b83a894c",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "FiloSottile",
|
|
||||||
"ref": "v1.1.1",
|
|
||||||
"repo": "age",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"baleia-nvim-src": {
|
"baleia-nvim-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681806450,
|
"lastModified": 1704551058,
|
||||||
"narHash": "sha256-jxRlIzWbnSj89032msc5w+2TVt7zVyzlxdXxiH1dQqY=",
|
"narHash": "sha256-0NmiGzMFvL1awYOVtiaSd+O4sAR524x68xwWLgArlqs=",
|
||||||
"owner": "m00qek",
|
"owner": "m00qek",
|
||||||
"repo": "baleia.nvim",
|
"repo": "baleia.nvim",
|
||||||
"rev": "00bb4af31c8c3865b735d40ebefa6c3f07b2dd16",
|
"rev": "6d9cbdaca3a428bc7296f838fdfce3ad01ee7495",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -53,28 +36,44 @@
|
|||||||
"bufferline-nvim-src": {
|
"bufferline-nvim-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1695205521,
|
"lastModified": 1706180994,
|
||||||
"narHash": "sha256-MQMpXMgUpZA0E9TunzjXeOQxDWSCTogXbvi9VJnv4Kw=",
|
"narHash": "sha256-/iGzUDJaodkUyWpwim8UtwaRuarfu/Nk6wxVApk+QxY=",
|
||||||
"owner": "akinsho",
|
"owner": "akinsho",
|
||||||
"repo": "bufferline.nvim",
|
"repo": "bufferline.nvim",
|
||||||
"rev": "6ecd37e0fa8b156099daedd2191130e083fb1490",
|
"rev": "d6cb9b7cac52887bcac65f8698e67479553c0748",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "akinsho",
|
"owner": "akinsho",
|
||||||
"ref": "v4.4.0",
|
"ref": "v4.5.0",
|
||||||
"repo": "bufferline.nvim",
|
"repo": "bufferline.nvim",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"bypass-paywalls-clean": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1706005203,
|
||||||
|
"narHash": "sha256-9vku2FK5dXAnb2R/YHTKIHgc+Ckqza1qAH0kOw0Uryg=",
|
||||||
|
"owner": "magnolia1234",
|
||||||
|
"repo": "bpc-uploads",
|
||||||
|
"rev": "245899e6b06e30ce36f26b37b8045b6c5b0ac8de",
|
||||||
|
"type": "gitlab"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "magnolia1234",
|
||||||
|
"repo": "bpc-uploads",
|
||||||
|
"type": "gitlab"
|
||||||
|
}
|
||||||
|
},
|
||||||
"cmp-nvim-lsp-src": {
|
"cmp-nvim-lsp-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1687494203,
|
"lastModified": 1702205473,
|
||||||
"narHash": "sha256-mU0soCz79erJXMMqD/FyrJZ0mu2n6fE0deymPzQlxts=",
|
"narHash": "sha256-/0sh9vJBD9pUuD7q3tNSQ1YLvxFMNykdg5eG+LjZAA8=",
|
||||||
"owner": "hrsh7th",
|
"owner": "hrsh7th",
|
||||||
"repo": "cmp-nvim-lsp",
|
"repo": "cmp-nvim-lsp",
|
||||||
"rev": "44b16d11215dce86f253ce0c30949813c0a90765",
|
"rev": "5af77f54de1b16c34b23cba810150689a3a90312",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -90,11 +89,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699704228,
|
"lastModified": 1706405065,
|
||||||
"narHash": "sha256-NApWG385goidsXmsakWgFRjvbH+aw/n1CGGHn/UuXsc=",
|
"narHash": "sha256-femlVBNWgr9a6HfBUzhBF/9S8VBlaHDKcEm8B89O+zc=",
|
||||||
"owner": "lnl7",
|
"owner": "lnl7",
|
||||||
"repo": "nix-darwin",
|
"repo": "nix-darwin",
|
||||||
"rev": "0f1ad801387445fdda01d080db8ecf169be8e793",
|
"rev": "0108864c15bb68ad57d17fb2e7d3a3e025751d79",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -111,11 +110,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699734195,
|
"lastModified": 1706302763,
|
||||||
"narHash": "sha256-T7Q2ke4LJx16wos828YMqKnCCK3kxey0PdqH+LxVMV8=",
|
"narHash": "sha256-Le1wk75qlzOSfzDk8vqYxSdoEyr/ORIbMhziltVNGYw=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "89fd5b51f0725f9775ca9999d53a0a3e5d936490",
|
"rev": "f7424625dc1f2e4eceac3009cbd1203d566feebc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -127,15 +126,16 @@
|
|||||||
"fidget-nvim-src": {
|
"fidget-nvim-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699890088,
|
"lastModified": 1704696337,
|
||||||
"narHash": "sha256-H0hK0Ym9dow/0PlEpM/o0AcZ74tAiTtDtEwpbbz7Jfo=",
|
"narHash": "sha256-uAX/RGfOmsUIUaDepNwUpK8MBaTMBJ4rLZ69y0MwpNE=",
|
||||||
"owner": "j-hui",
|
"owner": "j-hui",
|
||||||
"repo": "fidget.nvim",
|
"repo": "fidget.nvim",
|
||||||
"rev": "36916518b16d80c48f4b3d88765734bf0842493c",
|
"rev": "3a93300c076109d86c7ce35ec67a8034ae6ba9db",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "j-hui",
|
"owner": "j-hui",
|
||||||
|
"ref": "v1.2.0",
|
||||||
"repo": "fidget.nvim",
|
"repo": "fidget.nvim",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
@ -147,11 +147,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699663243,
|
"lastModified": 1706402627,
|
||||||
"narHash": "sha256-Plj2ypGV/5714enFtb4O5c3vXKvHUzoksgRx3zFmIJ4=",
|
"narHash": "sha256-lq2g41A527U2qJ1A9socjFPBOJ1/PM+Mftj3t7D/lhM=",
|
||||||
"owner": "bandithedoge",
|
"owner": "bandithedoge",
|
||||||
"repo": "nixpkgs-firefox-darwin",
|
"repo": "nixpkgs-firefox-darwin",
|
||||||
"rev": "63df8ec2d300da9912ae5b56b74e7aa574b6de0c",
|
"rev": "912228b33c72703badb20a309518e1e09af302c3",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -181,11 +181,11 @@
|
|||||||
"systems": "systems"
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1687709756,
|
"lastModified": 1705309234,
|
||||||
"narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=",
|
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7",
|
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -199,29 +199,11 @@
|
|||||||
"systems": "systems_2"
|
"systems": "systems_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1685518550,
|
"lastModified": 1705309234,
|
||||||
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
|
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
|
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_3": {
|
|
||||||
"inputs": {
|
|
||||||
"systems": "systems_3"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1694529238,
|
|
||||||
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -253,11 +235,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699748018,
|
"lastModified": 1706306660,
|
||||||
"narHash": "sha256-28rwXnxgscLkeII6wj44cuP6RuiynhzZSa424ZwGt/s=",
|
"narHash": "sha256-lZvgkHtVeduGByPb0Tz9LpAi4olfkEm8XPgv0o7GRsk=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "50e582b9f91e409ffd2e134017445d376659b32e",
|
"rev": "b2f56952074cb46e93902ecaabfb04dd93733434",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -270,14 +252,14 @@
|
|||||||
"nextcloud-cookbook": {
|
"nextcloud-cookbook": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1679666795,
|
"lastModified": 1702545935,
|
||||||
"narHash": "sha256-XgBwUr26qW6wvqhrnhhhhcN4wkI+eXDHnNSm1HDbP6M=",
|
"narHash": "sha256-19LN1nYJJ0RMWj6DrYPvHzocTyhMfYdpdhBFch3fpHE=",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz"
|
"url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz"
|
"url": "https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nextcloud-external": {
|
"nextcloud-external": {
|
||||||
@ -296,52 +278,42 @@
|
|||||||
"nextcloud-news": {
|
"nextcloud-news": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1695883388,
|
"lastModified": 1703426420,
|
||||||
"narHash": "sha256-cfJkKRNSz15L4E3w1tnEb+t4MrVwVzb8lb6vCOA4cK4=",
|
"narHash": "sha256-AENBJH/bEob5JQvw4WEi864mdLYJ5Mqe78HJH6ceCpI=",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/nextcloud/news/releases/download/24.0.0/news.tar.gz"
|
"url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/nextcloud/news/releases/download/24.0.0/news.tar.gz"
|
"url": "https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nil": {
|
"nextcloud-snappymail": {
|
||||||
"inputs": {
|
"flake": false,
|
||||||
"flake-utils": "flake-utils",
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
],
|
|
||||||
"rust-overlay": "rust-overlay"
|
|
||||||
},
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1691372739,
|
"lastModified": 1706414864,
|
||||||
"narHash": "sha256-fZ8KfBMcIFO/R7xaWtB85SFeuUjb9SCH8fxYBnY8068=",
|
"narHash": "sha256-UeZXoZFEPJj7zEVNTXJ3IYNt/wI7VFq3Pjh1ubMHCBo=",
|
||||||
"owner": "oxalica",
|
"type": "tarball",
|
||||||
"repo": "nil",
|
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz"
|
||||||
"rev": "97abe7d3d48721d4e0fcc1876eea83bb4247825b",
|
|
||||||
"type": "github"
|
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "oxalica",
|
"type": "tarball",
|
||||||
"ref": "2023-08-09",
|
"url": "https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz"
|
||||||
"repo": "nil",
|
|
||||||
"type": "github"
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nix2vim": {
|
"nix2vim": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_2",
|
"flake-utils": "flake-utils",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1685980282,
|
"lastModified": 1706407735,
|
||||||
"narHash": "sha256-uQyVaoqkiocA8bXKMfrgizuKmz0hUzHye5owFoUd2AQ=",
|
"narHash": "sha256-Q5Lv4FlKVmMXd91ujh6FUxCsoAU2Q8KPU+ipTZPkTjE=",
|
||||||
"owner": "gytis-ivaskevicius",
|
"owner": "gytis-ivaskevicius",
|
||||||
"repo": "nix2vim",
|
"repo": "nix2vim",
|
||||||
"rev": "3836a348503ae27340c7f83f0bc7bcb907f3781d",
|
"rev": "84584da274869fb8177e8ef2d0b9d975bbb82489",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -373,11 +345,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696058303,
|
"lastModified": 1706085261,
|
||||||
"narHash": "sha256-eNqKWpF5zG0SrgbbtljFOrRgFgRzCc4++TMFADBMLnc=",
|
"narHash": "sha256-7PgpHRHyShINcqgevPP1fJ6N8kM5ZSOJnk3QZBrOCQ0=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixos-generators",
|
"repo": "nixos-generators",
|
||||||
"rev": "150f38bd1e09e20987feacb1b0d5991357532fb5",
|
"rev": "896f6589db5b25023b812bbb6c1f5d3a499b1132",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -388,11 +360,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699099776,
|
"lastModified": 1706191920,
|
||||||
"narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=",
|
"narHash": "sha256-eLihrZAPZX0R6RyM5fYAWeKVNuQPYjAkCUBr+JNvtdE=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb",
|
"rev": "ae5c332cbb5827f6b1f02572496b141021de335f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -402,22 +374,6 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1697851979,
|
|
||||||
"narHash": "sha256-lJ8k4qkkwdvi+t/Xc6Fn74kUuobpu9ynPGxNZR6OwoA=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "5550a85a087c04ddcace7f892b0bdc9d8bb080c8",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "NixOS",
|
|
||||||
"ref": "nixos-23.05",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"null-ls-nvim-src": {
|
"null-ls-nvim-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
@ -436,11 +392,11 @@
|
|||||||
},
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699751149,
|
"lastModified": 1706405996,
|
||||||
"narHash": "sha256-hcWsurEJSVYWHoI5YvB5ZVaCY+Sg2Qd0ZumKn7dLjI0=",
|
"narHash": "sha256-hJbt3cTW0ma3k/kZ51F/T9MijyJxR1S3ZIeQHL2JPYw=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nur",
|
"repo": "nur",
|
||||||
"rev": "ff495b6b6763bcb879b97c105eedc1db23260bab",
|
"rev": "ab8cf147ee2254ef91e87ff7272524975fcbba3f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -452,16 +408,16 @@
|
|||||||
"nvim-lspconfig-src": {
|
"nvim-lspconfig-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1675639052,
|
"lastModified": 1701687137,
|
||||||
"narHash": "sha256-B8IgpypxzCACZ5VcqM6KiWyClaN+KrmemtkwMznmj5Y=",
|
"narHash": "sha256-qFjFofA2LoD4yRfx4KGfSCpR3mDkpFaagcm+TVNPqco=",
|
||||||
"owner": "neovim",
|
"owner": "neovim",
|
||||||
"repo": "nvim-lspconfig",
|
"repo": "nvim-lspconfig",
|
||||||
"rev": "255e07ce2a05627d482d2de77308bba51b90470c",
|
"rev": "cf3dd4a290084a868fac0e2e876039321d57111c",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "neovim",
|
"owner": "neovim",
|
||||||
"ref": "v0.1.6",
|
"ref": "v0.1.7",
|
||||||
"repo": "nvim-lspconfig",
|
"repo": "nvim-lspconfig",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
@ -469,11 +425,11 @@
|
|||||||
"nvim-tree-lua-src": {
|
"nvim-tree-lua-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699755272,
|
"lastModified": 1705818283,
|
||||||
"narHash": "sha256-EZQ9HC6EArwQnfJbn4C8WnM2yQrO/FOXZu91ue43xTY=",
|
"narHash": "sha256-EKAzWIT2Qs65Il1pwgpkFsCogFViapUiSHcZgVy+QsY=",
|
||||||
"owner": "kyazdani42",
|
"owner": "kyazdani42",
|
||||||
"repo": "nvim-tree.lua",
|
"repo": "nvim-tree.lua",
|
||||||
"rev": "874ae6e9445a5eb5ba430e5fd10212450a261ad7",
|
"rev": "7bdb220d0fe604a77361e92cdbc7af1b8a412126",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -485,11 +441,11 @@
|
|||||||
"nvim-treesitter-src": {
|
"nvim-treesitter-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699694083,
|
"lastModified": 1706392286,
|
||||||
"narHash": "sha256-MBSjwHmh4JCwa4mNuADcWaBgMhPnroDxz93eBE9ifOY=",
|
"narHash": "sha256-JWGTIuhyTUok4QsML63eUragDoqKkyk5tBuv25lmbg8=",
|
||||||
"owner": "nvim-treesitter",
|
"owner": "nvim-treesitter",
|
||||||
"repo": "nvim-treesitter",
|
"repo": "nvim-treesitter",
|
||||||
"rev": "075a64addc33390028ea124a1046a43497f05cd1",
|
"rev": "458ce4d16c1771fc601ec10a87820acae9981f6d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -502,22 +458,22 @@
|
|||||||
"proton-ge": {
|
"proton-ge": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699415676,
|
"lastModified": 1700610476,
|
||||||
"narHash": "sha256-3XniKYf/KDRDYhTwffkktbmoISwOtGIABF28bsp8QHA=",
|
"narHash": "sha256-IoClZ6hl2lsz9OGfFgnz7vEAGlSY2+1K2lDEEsJQOfU=",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-23/GE-Proton8-23.tar.gz"
|
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-23/GE-Proton8-23.tar.gz"
|
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"Comment-nvim-src": "Comment-nvim-src",
|
"Comment-nvim-src": "Comment-nvim-src",
|
||||||
"age": "age",
|
|
||||||
"baleia-nvim-src": "baleia-nvim-src",
|
"baleia-nvim-src": "baleia-nvim-src",
|
||||||
"bufferline-nvim-src": "bufferline-nvim-src",
|
"bufferline-nvim-src": "bufferline-nvim-src",
|
||||||
|
"bypass-paywalls-clean": "bypass-paywalls-clean",
|
||||||
"cmp-nvim-lsp-src": "cmp-nvim-lsp-src",
|
"cmp-nvim-lsp-src": "cmp-nvim-lsp-src",
|
||||||
"darwin": "darwin",
|
"darwin": "darwin",
|
||||||
"disko": "disko",
|
"disko": "disko",
|
||||||
@ -528,7 +484,7 @@
|
|||||||
"nextcloud-cookbook": "nextcloud-cookbook",
|
"nextcloud-cookbook": "nextcloud-cookbook",
|
||||||
"nextcloud-external": "nextcloud-external",
|
"nextcloud-external": "nextcloud-external",
|
||||||
"nextcloud-news": "nextcloud-news",
|
"nextcloud-news": "nextcloud-news",
|
||||||
"nil": "nil",
|
"nextcloud-snappymail": "nextcloud-snappymail",
|
||||||
"nix2vim": "nix2vim",
|
"nix2vim": "nix2vim",
|
||||||
"nixos-generators": "nixos-generators",
|
"nixos-generators": "nixos-generators",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
@ -547,37 +503,12 @@
|
|||||||
"tree-sitter-puppet": "tree-sitter-puppet",
|
"tree-sitter-puppet": "tree-sitter-puppet",
|
||||||
"tree-sitter-python": "tree-sitter-python",
|
"tree-sitter-python": "tree-sitter-python",
|
||||||
"tree-sitter-rasi": "tree-sitter-rasi",
|
"tree-sitter-rasi": "tree-sitter-rasi",
|
||||||
"vscode-terraform-snippets": "vscode-terraform-snippets",
|
"tree-sitter-vimdoc": "tree-sitter-vimdoc",
|
||||||
"wallpapers": "wallpapers",
|
"wallpapers": "wallpapers",
|
||||||
"wsl": "wsl",
|
"wsl": "wsl",
|
||||||
"zenyd-mpv-scripts": "zenyd-mpv-scripts"
|
"zenyd-mpv-scripts": "zenyd-mpv-scripts"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"rust-overlay": {
|
|
||||||
"inputs": {
|
|
||||||
"flake-utils": [
|
|
||||||
"nil",
|
|
||||||
"flake-utils"
|
|
||||||
],
|
|
||||||
"nixpkgs": [
|
|
||||||
"nil",
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1688783586,
|
|
||||||
"narHash": "sha256-HHaM2hk2azslv1kH8zmQxXo2e7i5cKgzNIuK4yftzB0=",
|
|
||||||
"owner": "oxalica",
|
|
||||||
"repo": "rust-overlay",
|
|
||||||
"rev": "7a29283cc242c2486fc67f60b431ef708046d176",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "oxalica",
|
|
||||||
"repo": "rust-overlay",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"systems": {
|
"systems": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
@ -608,34 +539,19 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems_3": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1681028828,
|
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"telescope-nvim-src": {
|
"telescope-nvim-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697004956,
|
"lastModified": 1701167040,
|
||||||
"narHash": "sha256-7SqYFnfCjotOBhuX6Wx1IOhgMKoxaoI1a4SKz1d5RVM=",
|
"narHash": "sha256-H5RpyWMluE+Yxg7xFX43AZTVW+Yg70DF3FmEGXBUSNg=",
|
||||||
"owner": "nvim-telescope",
|
"owner": "nvim-telescope",
|
||||||
"repo": "telescope.nvim",
|
"repo": "telescope.nvim",
|
||||||
"rev": "7011eaae0ac1afe036e30c95cf80200b8dc3f21a",
|
"rev": "d90956833d7c27e73c621a61f20b29fdb7122709",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nvim-telescope",
|
"owner": "nvim-telescope",
|
||||||
"ref": "0.1.4",
|
"ref": "0.1.5",
|
||||||
"repo": "telescope.nvim",
|
"repo": "telescope.nvim",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
@ -643,11 +559,11 @@
|
|||||||
"telescope-project-nvim-src": {
|
"telescope-project-nvim-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699263681,
|
"lastModified": 1701464478,
|
||||||
"narHash": "sha256-SxtjDnvObVLl1+rpsmUDbhsgpCnNGa40NbNFlMzTRVY=",
|
"narHash": "sha256-touMCltcnqkrQYV1NtNeWLQeFVGt+WM3aIWIdKilA7w=",
|
||||||
"owner": "nvim-telescope",
|
"owner": "nvim-telescope",
|
||||||
"repo": "telescope-project.nvim",
|
"repo": "telescope-project.nvim",
|
||||||
"rev": "5460c6c60d48618c5c746e5b1cad4c3e8262fdae",
|
"rev": "1aaf16580a614601a7f7077d9639aeb457dc5559",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -659,16 +575,16 @@
|
|||||||
"toggleterm-nvim-src": {
|
"toggleterm-nvim-src": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1695636777,
|
"lastModified": 1701858874,
|
||||||
"narHash": "sha256-o8xzoo7OuYrPnKlfrupQ24Ja9hZy1qQVnvwO0FO+4zM=",
|
"narHash": "sha256-vJApw7XY2wOX9InfWcah+hkNxBfS1+kQUWr4ITxRmgA=",
|
||||||
"owner": "akinsho",
|
"owner": "akinsho",
|
||||||
"repo": "toggleterm.nvim",
|
"repo": "toggleterm.nvim",
|
||||||
"rev": "faee9d60428afc7857e0927fdc18daa6c409fa64",
|
"rev": "cbd041d91b90cd3c02df03fe6133208888f8e008",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "akinsho",
|
"owner": "akinsho",
|
||||||
"ref": "v2.8.0",
|
"ref": "v2.9.0",
|
||||||
"repo": "toggleterm.nvim",
|
"repo": "toggleterm.nvim",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
@ -676,11 +592,11 @@
|
|||||||
"tree-sitter-bash": {
|
"tree-sitter-bash": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696959291,
|
"lastModified": 1705686017,
|
||||||
"narHash": "sha256-VP7rJfE/k8KV1XN1w5f0YKjCnDMYU1go/up0zj1mabM=",
|
"narHash": "sha256-+Mpks0FyQLl26TX63J6WhaAl/QDUR1k9wSUY5SFwL+w=",
|
||||||
"owner": "tree-sitter",
|
"owner": "tree-sitter",
|
||||||
"repo": "tree-sitter-bash",
|
"repo": "tree-sitter-bash",
|
||||||
"rev": "7331995b19b8f8aba2d5e26deb51d2195c18bc94",
|
"rev": "f7239f638d3dc16762563a9027faeee518ce1bd9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -693,11 +609,11 @@
|
|||||||
"tree-sitter-ini": {
|
"tree-sitter-ini": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1690815608,
|
"lastModified": 1699877527,
|
||||||
"narHash": "sha256-IIpKzpA4q1jpYVZ75VZaxWHaqNt8TA427eMOui2s71M=",
|
"narHash": "sha256-dYPeVTNWO4apY5dsjsKViavU7YtLeGTp6BzEemXhsEU=",
|
||||||
"owner": "justinmk",
|
"owner": "justinmk",
|
||||||
"repo": "tree-sitter-ini",
|
"repo": "tree-sitter-ini",
|
||||||
"rev": "7f11a02fb8891482068e0fe419965d7bade81a68",
|
"rev": "bcb84a2d4bcd6f55b911c42deade75c8f90cb0c5",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -742,11 +658,11 @@
|
|||||||
"tree-sitter-python": {
|
"tree-sitter-python": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696990675,
|
"lastModified": 1700218345,
|
||||||
"narHash": "sha256-nQ4HU5ysQjht9USFGRmW/+PLFTzPgi+6G68/uupMMRk=",
|
"narHash": "sha256-hXNxa895SyNOG7PH2vAIkWbcMjZDjWYDsCafBZuvnT0=",
|
||||||
"owner": "tree-sitter",
|
"owner": "tree-sitter",
|
||||||
"repo": "tree-sitter-python",
|
"repo": "tree-sitter-python",
|
||||||
"rev": "82f5c9937fe4300b4bec3ee0e788d642c77aab2c",
|
"rev": "4bfdd9033a2225cc95032ce77066b7aeca9e2efc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -772,19 +688,19 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"vscode-terraform-snippets": {
|
"tree-sitter-vimdoc": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1614849738,
|
"lastModified": 1705491128,
|
||||||
"narHash": "sha256-v392tyzXV+zyBNt5OCB2NBCK7JcByrTa5Ne/nFtSCJI=",
|
"narHash": "sha256-q5Ln8WPFrtKBfZnaAAlMh3Q/eczEt6wCMZAtx+ISCKg=",
|
||||||
"owner": "run-at-scale",
|
"owner": "neovim",
|
||||||
"repo": "vscode-terraform-doc-snippets",
|
"repo": "tree-sitter-vimdoc",
|
||||||
"rev": "6ab3e44b566e660f38922cf908e6e547eaa5d4b4",
|
"rev": "ed8695ad8de39c3f073da130156f00b1148e2891",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "run-at-scale",
|
"owner": "neovim",
|
||||||
"repo": "vscode-terraform-doc-snippets",
|
"repo": "tree-sitter-vimdoc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
@ -807,15 +723,17 @@
|
|||||||
"wsl": {
|
"wsl": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat",
|
"flake-compat": "flake-compat",
|
||||||
"flake-utils": "flake-utils_3",
|
"flake-utils": "flake-utils_2",
|
||||||
"nixpkgs": "nixpkgs_2"
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699549513,
|
"lastModified": 1706071294,
|
||||||
"narHash": "sha256-cfsghOs6Cr61wFsxkWonK8AwPwHaRGZ6QkbasUgygh4=",
|
"narHash": "sha256-mpt86O5GQxKQoIg4nzKz810PeXjGSEFb4rW+shXbRco=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NixOS-WSL",
|
"repo": "NixOS-WSL",
|
||||||
"rev": "0e4c17efebff955471f169fffbb7e8cd62ada498",
|
"rev": "31346e340e828f79be23d9c83ec1674b152f17bc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -827,11 +745,11 @@
|
|||||||
"zenyd-mpv-scripts": {
|
"zenyd-mpv-scripts": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1650625438,
|
"lastModified": 1706283438,
|
||||||
"narHash": "sha256-OBCuzCtgfSwj0i/rBNranuu4LRc47jObwQIJgQQoerg=",
|
"narHash": "sha256-hpLZDtt5q18aZ8d9LHfT852wtBosKUTJ7Bx+cbjBLcg=",
|
||||||
"owner": "zenyd",
|
"owner": "zenyd",
|
||||||
"repo": "mpv-scripts",
|
"repo": "mpv-scripts",
|
||||||
"rev": "19ea069abcb794d1bf8fac2f59b50d71ab992130",
|
"rev": "7100d19d18d111ce77fc9e6e8947c0d542a86397",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
67
flake.nix
67
flake.nix
@ -14,7 +14,10 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
# Used for Windows Subsystem for Linux compatibility
|
# Used for Windows Subsystem for Linux compatibility
|
||||||
wsl.url = "github:nix-community/NixOS-WSL";
|
wsl = {
|
||||||
|
url = "github:nix-community/NixOS-WSL";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
# Used for user packages and dotfiles
|
# Used for user packages and dotfiles
|
||||||
home-manager = {
|
home-manager = {
|
||||||
@ -56,16 +59,10 @@
|
|||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Nix language server
|
|
||||||
nil = {
|
|
||||||
url = "github:oxalica/nil/2023-08-09";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Neovim plugins
|
# Neovim plugins
|
||||||
nvim-lspconfig-src = {
|
nvim-lspconfig-src = {
|
||||||
# https://github.com/neovim/nvim-lspconfig/tags
|
# https://github.com/neovim/nvim-lspconfig/tags
|
||||||
url = "github:neovim/nvim-lspconfig/v0.1.6";
|
url = "github:neovim/nvim-lspconfig/v0.1.7";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
cmp-nvim-lsp-src = {
|
cmp-nvim-lsp-src = {
|
||||||
@ -77,10 +74,12 @@
|
|||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
baleia-nvim-src = {
|
baleia-nvim-src = {
|
||||||
|
# https://github.com/m00qek/baleia.nvim/tags
|
||||||
url = "github:m00qek/baleia.nvim";
|
url = "github:m00qek/baleia.nvim";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
Comment-nvim-src = {
|
Comment-nvim-src = {
|
||||||
|
# https://github.com/numToStr/Comment.nvim/releases
|
||||||
url = "github:numToStr/Comment.nvim/v0.8.0";
|
url = "github:numToStr/Comment.nvim/v0.8.0";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
@ -90,7 +89,8 @@
|
|||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
telescope-nvim-src = {
|
telescope-nvim-src = {
|
||||||
url = "github:nvim-telescope/telescope.nvim/0.1.4";
|
# https://github.com/nvim-telescope/telescope.nvim/releases
|
||||||
|
url = "github:nvim-telescope/telescope.nvim/0.1.5";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
telescope-project-nvim-src = {
|
telescope-project-nvim-src = {
|
||||||
@ -98,27 +98,26 @@
|
|||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
toggleterm-nvim-src = {
|
toggleterm-nvim-src = {
|
||||||
url = "github:akinsho/toggleterm.nvim/v2.8.0";
|
# https://github.com/akinsho/toggleterm.nvim/tags
|
||||||
|
url = "github:akinsho/toggleterm.nvim/v2.9.0";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
bufferline-nvim-src = {
|
bufferline-nvim-src = {
|
||||||
url = "github:akinsho/bufferline.nvim/v4.4.0";
|
# https://github.com/akinsho/bufferline.nvim/releases
|
||||||
|
url = "github:akinsho/bufferline.nvim/v4.5.0";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
nvim-tree-lua-src = {
|
nvim-tree-lua-src = {
|
||||||
url = "github:kyazdani42/nvim-tree.lua";
|
url = "github:kyazdani42/nvim-tree.lua";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
vscode-terraform-snippets = {
|
|
||||||
url = "github:run-at-scale/vscode-terraform-doc-snippets";
|
|
||||||
flake = false;
|
|
||||||
};
|
|
||||||
hmts-nvim-src = {
|
hmts-nvim-src = {
|
||||||
url = "github:calops/hmts.nvim";
|
url = "github:calops/hmts.nvim";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
fidget-nvim-src = {
|
fidget-nvim-src = {
|
||||||
url = "github:j-hui/fidget.nvim";
|
# https://github.com/j-hui/fidget.nvim/tags
|
||||||
|
url = "github:j-hui/fidget.nvim/v1.2.0";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -147,6 +146,10 @@
|
|||||||
url = "github:Fymyte/tree-sitter-rasi";
|
url = "github:Fymyte/tree-sitter-rasi";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
tree-sitter-vimdoc = {
|
||||||
|
url = "github:neovim/tree-sitter-vimdoc";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
|
|
||||||
# MPV Scripts
|
# MPV Scripts
|
||||||
zenyd-mpv-scripts = {
|
zenyd-mpv-scripts = {
|
||||||
@ -154,18 +157,19 @@
|
|||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Age encryption (pin because of failed builds)
|
|
||||||
age = {
|
|
||||||
url = "github:FiloSottile/age/v1.1.1";
|
|
||||||
flake = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
# GE version of Proton for game compatibility
|
# GE version of Proton for game compatibility
|
||||||
# Alternatively, could consider using https://github.com/fufexan/nix-gaming
|
# Alternatively, could consider using https://github.com/fufexan/nix-gaming
|
||||||
proton-ge = {
|
proton-ge = {
|
||||||
# https://github.com/GloriousEggroll/proton-ge-custom/releases
|
# https://github.com/GloriousEggroll/proton-ge-custom/releases
|
||||||
url =
|
url =
|
||||||
"https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-23/GE-Proton8-23.tar.gz";
|
"https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-25/GE-Proton8-25.tar.gz";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Firefox addon from outside the extension store
|
||||||
|
bypass-paywalls-clean = {
|
||||||
|
# https://gitlab.com/magnolia1234/bpc-uploads/-/commits/master/?ref_type=HEADS
|
||||||
|
url = "gitlab:magnolia1234/bpc-uploads";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -173,7 +177,7 @@
|
|||||||
nextcloud-news = {
|
nextcloud-news = {
|
||||||
# https://github.com/nextcloud/news/releases
|
# https://github.com/nextcloud/news/releases
|
||||||
url =
|
url =
|
||||||
"https://github.com/nextcloud/news/releases/download/24.0.0/news.tar.gz";
|
"https://github.com/nextcloud/news/releases/download/25.0.0-alpha3/news.tar.gz";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
nextcloud-external = {
|
nextcloud-external = {
|
||||||
@ -183,9 +187,15 @@
|
|||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
nextcloud-cookbook = {
|
nextcloud-cookbook = {
|
||||||
# https://github.com/nextcloud/cookbook/releases
|
# https://github.com/christianlupus-nextcloud/cookbook-releases/releases/
|
||||||
url =
|
url =
|
||||||
"https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz";
|
"https://github.com/christianlupus-nextcloud/cookbook-releases/releases/download/v0.11.0/cookbook-0.11.0.tar.gz";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
|
nextcloud-snappymail = {
|
||||||
|
# https://github.com/the-djmaze/snappymail/releases
|
||||||
|
url =
|
||||||
|
"https://snappymail.eu/repository/nextcloud/snappymail-2.32.0-nextcloud.tar.gz";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -208,6 +218,7 @@
|
|||||||
dotfilesRepo = "https://github.com/nmasur/dotfiles";
|
dotfilesRepo = "https://github.com/nmasur/dotfiles";
|
||||||
hostnames = {
|
hostnames = {
|
||||||
git = "git.${baseName}";
|
git = "git.${baseName}";
|
||||||
|
influxdb = "influxdb.${baseName}";
|
||||||
metrics = "metrics.${baseName}";
|
metrics = "metrics.${baseName}";
|
||||||
prometheus = "prom.${baseName}";
|
prometheus = "prom.${baseName}";
|
||||||
paperless = "paper.${baseName}";
|
paperless = "paper.${baseName}";
|
||||||
@ -231,8 +242,10 @@
|
|||||||
(import ./overlays/mpv-scripts.nix inputs)
|
(import ./overlays/mpv-scripts.nix inputs)
|
||||||
(import ./overlays/nextcloud-apps.nix inputs)
|
(import ./overlays/nextcloud-apps.nix inputs)
|
||||||
(import ./overlays/betterlockscreen.nix)
|
(import ./overlays/betterlockscreen.nix)
|
||||||
(import ./overlays/age.nix inputs)
|
|
||||||
(import ./overlays/proton-ge.nix inputs)
|
(import ./overlays/proton-ge.nix inputs)
|
||||||
|
(import ./overlays/gh-collaborators.nix)
|
||||||
|
(import ./overlays/bypass-paywalls-clean.nix inputs)
|
||||||
|
(import ./overlays/terraform.nix)
|
||||||
];
|
];
|
||||||
|
|
||||||
# System types to support.
|
# System types to support.
|
||||||
|
@ -12,3 +12,15 @@ These are the individual machines managed by this flake.
|
|||||||
| [swan](./swan/default.nix) | Home server |
|
| [swan](./swan/default.nix) | Home server |
|
||||||
| [tempest](./tempest/default.nix) | Linux desktop |
|
| [tempest](./tempest/default.nix) | Linux desktop |
|
||||||
|
|
||||||
|
## NixOS Workflow
|
||||||
|
|
||||||
|
Each hosts file is imported into [nixosConfigurations](../flake.nix) and passed
|
||||||
|
the arguments from the flake (inputs, globals, overlays). The `nixosSystem`
|
||||||
|
function in that hosts file will be called by the NixOS module system during a
|
||||||
|
nixos-rebuild.
|
||||||
|
|
||||||
|
Each module in the each host's `modules` list is either a function or an
|
||||||
|
attrset. The attrsets will simply apply values to options that have been
|
||||||
|
declared in the config by other modules. Meanwhile, the functions will be
|
||||||
|
passed various arguments, several of which you will see listed at the top of
|
||||||
|
each of their files.
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
# The Flame
|
# The Flame
|
||||||
# System configuration for an Oracle free server
|
# System configuration for an Oracle free server
|
||||||
|
|
||||||
|
# See [readme](../README.md) to explain how this file works.
|
||||||
|
|
||||||
# How to install:
|
# How to install:
|
||||||
# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/
|
# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/
|
||||||
# These days, probably use nixos-anywhere instead.
|
# These days, probably use nixos-anywhere instead.
|
||||||
@ -50,6 +52,7 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
|
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
|
||||||
|
|
||||||
# Programs and services
|
# Programs and services
|
||||||
|
atuin.enable = true;
|
||||||
cloudflare.enable = true; # Proxy traffic with Cloudflare
|
cloudflare.enable = true; # Proxy traffic with Cloudflare
|
||||||
dotfiles.enable = true; # Clone dotfiles
|
dotfiles.enable = true; # Clone dotfiles
|
||||||
neovim.enable = true;
|
neovim.enable = true;
|
||||||
@ -58,6 +61,7 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
services.grafana.enable = true;
|
services.grafana.enable = true;
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
services.victoriametrics.enable = true;
|
services.victoriametrics.enable = true;
|
||||||
|
services.influxdb2.enable = true;
|
||||||
services.gitea.enable = true;
|
services.gitea.enable = true;
|
||||||
services.vaultwarden.enable = true;
|
services.vaultwarden.enable = true;
|
||||||
services.minecraft-server.enable = true; # Setup Minecraft server
|
services.minecraft-server.enable = true; # Setup Minecraft server
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
# The Hydra
|
# The Hydra
|
||||||
# System configuration for WSL
|
# System configuration for WSL
|
||||||
|
|
||||||
|
# See [readme](../README.md) to explain how this file works.
|
||||||
|
|
||||||
{ inputs, globals, overlays, ... }:
|
{ inputs, globals, overlays, ... }:
|
||||||
|
|
||||||
inputs.nixpkgs.lib.nixosSystem {
|
inputs.nixpkgs.lib.nixosSystem {
|
||||||
|
@ -4,7 +4,7 @@
|
|||||||
{ inputs, globals, overlays, ... }:
|
{ inputs, globals, overlays, ... }:
|
||||||
|
|
||||||
inputs.darwin.lib.darwinSystem {
|
inputs.darwin.lib.darwinSystem {
|
||||||
system = "x86_64-darwin";
|
system = "aarch64-darwin";
|
||||||
specialArgs = { };
|
specialArgs = { };
|
||||||
modules = [
|
modules = [
|
||||||
../../modules/common
|
../../modules/common
|
||||||
@ -25,6 +25,7 @@ inputs.darwin.lib.darwinSystem {
|
|||||||
dark = true;
|
dark = true;
|
||||||
};
|
};
|
||||||
mail.user = globals.user;
|
mail.user = globals.user;
|
||||||
|
atuin.enable = true;
|
||||||
charm.enable = true;
|
charm.enable = true;
|
||||||
neovim.enable = true;
|
neovim.enable = true;
|
||||||
mail.enable = true;
|
mail.enable = true;
|
||||||
@ -39,6 +40,7 @@ inputs.darwin.lib.darwinSystem {
|
|||||||
python.enable = true;
|
python.enable = true;
|
||||||
rust.enable = true;
|
rust.enable = true;
|
||||||
lua.enable = true;
|
lua.enable = true;
|
||||||
|
obsidian.enable = true;
|
||||||
kubernetes.enable = true;
|
kubernetes.enable = true;
|
||||||
_1password.enable = true;
|
_1password.enable = true;
|
||||||
slack.enable = true;
|
slack.enable = true;
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
# The Swan
|
# The Swan
|
||||||
# System configuration for my home NAS server
|
# System configuration for my home NAS server
|
||||||
|
|
||||||
|
# See [readme](../README.md) to explain how this file works.
|
||||||
|
|
||||||
{ inputs, globals, overlays, ... }:
|
{ inputs, globals, overlays, ... }:
|
||||||
|
|
||||||
inputs.nixpkgs.lib.nixosSystem {
|
inputs.nixpkgs.lib.nixosSystem {
|
||||||
@ -66,6 +68,7 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
|
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
|
||||||
|
|
||||||
# Programs and services
|
# Programs and services
|
||||||
|
atuin.enable = true;
|
||||||
neovim.enable = true;
|
neovim.enable = true;
|
||||||
cloudflare.enable = true;
|
cloudflare.enable = true;
|
||||||
dotfiles.enable = true;
|
dotfiles.enable = true;
|
||||||
@ -80,6 +83,7 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
services.vmagent.enable = true;
|
services.vmagent.enable = true;
|
||||||
services.samba.enable = true;
|
services.samba.enable = true;
|
||||||
services.paperless.enable = true;
|
services.paperless.enable = true;
|
||||||
|
services.postgresql.enable = true;
|
||||||
|
|
||||||
# Allows private remote access over the internet
|
# Allows private remote access over the internet
|
||||||
cloudflareTunnel = {
|
cloudflareTunnel = {
|
||||||
|
@ -1,6 +1,8 @@
|
|||||||
# The Tempest
|
# The Tempest
|
||||||
# System configuration for my desktop
|
# System configuration for my desktop
|
||||||
|
|
||||||
|
# See [readme](../README.md) to explain how this file works.
|
||||||
|
|
||||||
{ inputs, globals, overlays, ... }:
|
{ inputs, globals, overlays, ... }:
|
||||||
|
|
||||||
inputs.nixpkgs.lib.nixosSystem {
|
inputs.nixpkgs.lib.nixosSystem {
|
||||||
@ -83,6 +85,7 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
gtk.theme.name = inputs.nixpkgs.lib.mkDefault "Adwaita-dark";
|
gtk.theme.name = inputs.nixpkgs.lib.mkDefault "Adwaita-dark";
|
||||||
|
|
||||||
# Programs and services
|
# Programs and services
|
||||||
|
atuin.enable = true;
|
||||||
charm.enable = true;
|
charm.enable = true;
|
||||||
neovim.enable = true;
|
neovim.enable = true;
|
||||||
media.enable = true;
|
media.enable = true;
|
||||||
@ -105,7 +108,7 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
dwarf-fortress.enable = true;
|
dwarf-fortress.enable = true;
|
||||||
enable = true;
|
enable = true;
|
||||||
steam.enable = true;
|
steam.enable = true;
|
||||||
legendary.enable = false; # Electron marked as insecure
|
legendary.enable = true;
|
||||||
lutris.enable = true;
|
lutris.enable = true;
|
||||||
leagueoflegends.enable = true;
|
leagueoflegends.enable = true;
|
||||||
ryujinx.enable = true;
|
ryujinx.enable = true;
|
||||||
|
@ -9,12 +9,22 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf
|
config = lib.mkIf (config.gui.enable && config._1password.enable) {
|
||||||
(config.gui.enable && config._1password.enable && pkgs.stdenv.isLinux) {
|
unfreePackages = [ "1password" "_1password-gui" "1password-cli" ];
|
||||||
unfreePackages = [ "1password" "_1password-gui" ];
|
home-manager.users.${config.user} = {
|
||||||
home-manager.users.${config.user} = {
|
home.packages = with pkgs; [ _1password-gui ];
|
||||||
home.packages = with pkgs; [ _1password-gui ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# https://1password.community/discussion/135462/firefox-extension-does-not-connect-to-linux-app
|
||||||
|
# On Mac, does not apply: https://1password.community/discussion/142794/app-and-browser-integration
|
||||||
|
# However, the button doesn't work either:
|
||||||
|
# https://1password.community/discussion/140735/extending-support-for-trusted-web-browsers
|
||||||
|
environment.etc."1password/custom_allowed_browsers".text = ''
|
||||||
|
${
|
||||||
|
config.home-manager.users.${config.user}.programs.firefox.package
|
||||||
|
}/Applications/Firefox.app/Contents/MacOS/firefox
|
||||||
|
firefox
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -29,21 +29,23 @@
|
|||||||
id = 0;
|
id = 0;
|
||||||
name = "default";
|
name = "default";
|
||||||
isDefault = true;
|
isDefault = true;
|
||||||
|
# https://nur.nix-community.org/repos/rycee/
|
||||||
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
||||||
ublock-origin
|
|
||||||
vimium
|
|
||||||
multi-account-containers
|
|
||||||
facebook-container
|
|
||||||
(lib.mkIf config._1password.enable onepassword-password-manager)
|
(lib.mkIf config._1password.enable onepassword-password-manager)
|
||||||
|
pkgs.bypass-paywalls-clean
|
||||||
|
darkreader
|
||||||
|
don-t-fuck-with-paste
|
||||||
|
facebook-container
|
||||||
|
markdownload
|
||||||
|
multi-account-containers
|
||||||
okta-browser-plugin
|
okta-browser-plugin
|
||||||
sponsorblock
|
|
||||||
reddit-enhancement-suite
|
reddit-enhancement-suite
|
||||||
return-youtube-dislikes
|
return-youtube-dislikes
|
||||||
markdownload
|
|
||||||
darkreader
|
|
||||||
snowflake
|
snowflake
|
||||||
don-t-fuck-with-paste
|
sponsorblock
|
||||||
i-dont-care-about-cookies
|
ublock-origin
|
||||||
|
ublacklist
|
||||||
|
vimium
|
||||||
wappalyzer
|
wappalyzer
|
||||||
];
|
];
|
||||||
settings = {
|
settings = {
|
||||||
|
@ -15,8 +15,9 @@
|
|||||||
home.packages = with pkgs; [ obsidian ];
|
home.packages = with pkgs; [ obsidian ];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Broken on 2023-04-16
|
# Broken on 2023-12-11
|
||||||
nixpkgs.config.permittedInsecurePackages = [ "electron-21.4.0" ];
|
# https://forum.obsidian.md/t/electron-25-is-now-eol-please-upgrade-to-a-newer-version/72878/8
|
||||||
|
nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ];
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -83,6 +83,10 @@
|
|||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "Hostname for Prometheus server.";
|
description = "Hostname for Prometheus server.";
|
||||||
};
|
};
|
||||||
|
influxdb = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
description = "Hostname for InfluxDB2 server.";
|
||||||
|
};
|
||||||
secrets = lib.mkOption {
|
secrets = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "Hostname for passwords and secrets (Vaultwarden).";
|
description = "Hostname for passwords and secrets (Vaultwarden).";
|
||||||
|
@ -68,7 +68,7 @@
|
|||||||
"!" = ":term<space>";
|
"!" = ":term<space>";
|
||||||
"|" = ":pipe<space>";
|
"|" = ":pipe<space>";
|
||||||
|
|
||||||
"/" = ":search<space>";
|
"/" = ":search<space>-a<space>";
|
||||||
"\\" = ":filter <space>";
|
"\\" = ":filter <space>";
|
||||||
n = ":next-result<Enter>";
|
n = ":next-result<Enter>";
|
||||||
N = ":prev-result<Enter>";
|
N = ":prev-result<Enter>";
|
||||||
|
@ -9,7 +9,6 @@
|
|||||||
pkgs.vimPlugins.luasnip
|
pkgs.vimPlugins.luasnip
|
||||||
pkgs.vimPlugins.cmp_luasnip
|
pkgs.vimPlugins.cmp_luasnip
|
||||||
pkgs.vimPlugins.cmp-rg
|
pkgs.vimPlugins.cmp-rg
|
||||||
pkgs.vimPlugins.friendly-snippets
|
|
||||||
];
|
];
|
||||||
|
|
||||||
use.cmp.setup = dsl.callWith {
|
use.cmp.setup = dsl.callWith {
|
||||||
@ -24,13 +23,6 @@
|
|||||||
end
|
end
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# Enable Luasnip snippet completion
|
|
||||||
snippet.expand = dsl.rawLua ''
|
|
||||||
function(args)
|
|
||||||
require("luasnip").lsp_expand(args.body)
|
|
||||||
end
|
|
||||||
'';
|
|
||||||
|
|
||||||
# Basic completion keybinds
|
# Basic completion keybinds
|
||||||
mapping = {
|
mapping = {
|
||||||
"['<C-n>']" = dsl.rawLua
|
"['<C-n>']" = dsl.rawLua
|
||||||
@ -70,7 +62,6 @@
|
|||||||
sources = [
|
sources = [
|
||||||
{ name = "nvim_lua"; } # Fills in common Neovim lua functions
|
{ name = "nvim_lua"; } # Fills in common Neovim lua functions
|
||||||
{ name = "nvim_lsp"; } # LSP results
|
{ name = "nvim_lsp"; } # LSP results
|
||||||
{ name = "luasnip"; } # Snippets
|
|
||||||
{ name = "path"; } # Shell completion from current PATH
|
{ name = "path"; } # Shell completion from current PATH
|
||||||
{
|
{
|
||||||
name = "buffer"; # Grep for text from the current text buffer
|
name = "buffer"; # Grep for text from the current text buffer
|
||||||
@ -119,7 +110,6 @@
|
|||||||
}
|
}
|
||||||
vim_item.kind = string.format("%s", kind_icons[vim_item.kind])
|
vim_item.kind = string.format("%s", kind_icons[vim_item.kind])
|
||||||
vim_item.menu = ({
|
vim_item.menu = ({
|
||||||
luasnip = "[Snippet]",
|
|
||||||
buffer = "[Buffer]",
|
buffer = "[Buffer]",
|
||||||
path = "[Path]",
|
path = "[Path]",
|
||||||
rg = "[Grep]",
|
rg = "[Grep]",
|
||||||
@ -139,13 +129,6 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
lua = ''
|
lua = ''
|
||||||
-- Load snippets
|
|
||||||
-- Check status: :lua require("luasnip").log.open()
|
|
||||||
require("luasnip.loaders.from_vscode").lazy_load()
|
|
||||||
require("luasnip.loaders.from_vscode").lazy_load({ paths = { "${
|
|
||||||
builtins.toString pkgs.vscode-terraform-snippets
|
|
||||||
}" } })
|
|
||||||
|
|
||||||
-- Use buffer source for `/`
|
-- Use buffer source for `/`
|
||||||
require('cmp').setup.cmdline("/", {
|
require('cmp').setup.cmdline("/", {
|
||||||
sources = {
|
sources = {
|
||||||
|
@ -69,10 +69,6 @@
|
|||||||
" Remember last position when reopening file
|
" Remember last position when reopening file
|
||||||
au BufReadPost * if line("'\"") > 0 && line("'\"") <= line("$") | exe "normal! g`\"" | endif
|
au BufReadPost * if line("'\"") > 0 && line("'\"") <= line("$") | exe "normal! g`\"" | endif
|
||||||
|
|
||||||
" LaTeX options
|
|
||||||
au FileType tex inoremap ;bf \textbf{}<Esc>i
|
|
||||||
au BufWritePost *.tex silent! execute "!pdflatex -output-directory=%:p:h % >/dev/null 2>&1" | redraw!
|
|
||||||
|
|
||||||
" Flash highlight when yanking
|
" Flash highlight when yanking
|
||||||
au TextYankPost * silent! lua vim.highlight.on_yank { timeout = 250 }
|
au TextYankPost * silent! lua vim.highlight.on_yank { timeout = 250 }
|
||||||
'';
|
'';
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
with pkgs.tree-sitter-grammars;
|
with pkgs.tree-sitter-grammars;
|
||||||
[
|
[
|
||||||
tree-sitter-bash
|
tree-sitter-bash
|
||||||
|
tree-sitter-c
|
||||||
tree-sitter-fish
|
tree-sitter-fish
|
||||||
tree-sitter-ini
|
tree-sitter-ini
|
||||||
tree-sitter-json
|
tree-sitter-json
|
||||||
@ -15,9 +16,9 @@
|
|||||||
tree-sitter-puppet
|
tree-sitter-puppet
|
||||||
tree-sitter-rasi
|
tree-sitter-rasi
|
||||||
tree-sitter-toml
|
tree-sitter-toml
|
||||||
|
tree-sitter-vimdoc
|
||||||
tree-sitter-yaml
|
tree-sitter-yaml
|
||||||
] ++ (if config.c.enable then [ tree-sitter-c ] else [ ])
|
] ++ (if config.python.enable then [ tree-sitter-python ] else [ ])
|
||||||
++ (if config.python.enable then [ tree-sitter-python ] else [ ])
|
|
||||||
++ (if config.terraform.enable then [ tree-sitter-hcl ] else [ ])))
|
++ (if config.terraform.enable then [ tree-sitter-hcl ] else [ ])))
|
||||||
pkgs.vimPlugins.vim-matchup # Better % jumping in languages
|
pkgs.vimPlugins.vim-matchup # Better % jumping in languages
|
||||||
pkgs.vimPlugins.playground # Tree-sitter experimenting
|
pkgs.vimPlugins.playground # Tree-sitter experimenting
|
||||||
|
39
modules/common/shell/atuin.nix
Normal file
39
modules/common/shell/atuin.nix
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
|
# Shell history sync
|
||||||
|
|
||||||
|
options.atuin.enable = lib.mkEnableOption "Atuin";
|
||||||
|
|
||||||
|
config = {
|
||||||
|
|
||||||
|
home-manager.users.${config.user} = lib.mkIf config.atuin.enable {
|
||||||
|
|
||||||
|
programs.atuin = {
|
||||||
|
enable = true;
|
||||||
|
flags = [ "--disable-up-arrow" "--disable-ctrl-r" ];
|
||||||
|
settings = {
|
||||||
|
auto_sync = true;
|
||||||
|
update_check = false;
|
||||||
|
sync_address = "https://api.atuin.sh";
|
||||||
|
search_mode = "fuzzy";
|
||||||
|
filter_mode = "host"; # global, host, session, directory
|
||||||
|
search_mode_shell_up_key_binding = "fuzzy";
|
||||||
|
filter_mode_shell_up_key_binding = "session";
|
||||||
|
style = "compact"; # or auto,full
|
||||||
|
show_help = true;
|
||||||
|
history_filter = [ ];
|
||||||
|
secrets_filter = true;
|
||||||
|
enter_accept = false;
|
||||||
|
keymap_mode = "vim-normal";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
# Give root user the same setup
|
||||||
|
home-manager.users.root.programs.atuin =
|
||||||
|
config.home-manager.users.${config.user}.programs.atuin;
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -1,5 +1,6 @@
|
|||||||
{ ... }: {
|
{ ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
|
./atuin.nix
|
||||||
./bash
|
./bash
|
||||||
./charm.nix
|
./charm.nix
|
||||||
./direnv.nix
|
./direnv.nix
|
||||||
|
@ -18,3 +18,5 @@ bind -M insert \cn 'commandline -r "nix shell nixpkgs#"'
|
|||||||
bind -M default \cn 'commandline -r "nix shell nixpkgs#"'
|
bind -M default \cn 'commandline -r "nix shell nixpkgs#"'
|
||||||
bind -M insert \x11F nix-fzf
|
bind -M insert \x11F nix-fzf
|
||||||
bind -M default \x11F nix-fzf
|
bind -M default \x11F nix-fzf
|
||||||
|
bind -M insert \ch _atuin_search --filter-mode global
|
||||||
|
bind -M default \ch _atuin_search --filter-mode global
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ config, ... }: {
|
{ config, pkgs, ... }: {
|
||||||
|
|
||||||
# FZF is a fuzzy-finder for the terminal
|
# FZF is a fuzzy-finder for the terminal
|
||||||
|
|
||||||
@ -16,10 +16,9 @@
|
|||||||
--search-path $HOME/dev \
|
--search-path $HOME/dev \
|
||||||
--type directory \
|
--type directory \
|
||||||
--exact-depth 2 \
|
--exact-depth 2 \
|
||||||
|
| ${pkgs.proximity-sort}/bin/proximity-sort $PWD \
|
||||||
| sed 's/\\/$//' \
|
| sed 's/\\/$//' \
|
||||||
| fzf \
|
| fzf --tiebreak=index \
|
||||||
--delimiter '/' \
|
|
||||||
--with-nth 6.. \
|
|
||||||
)
|
)
|
||||||
and cd $projdir
|
and cd $projdir
|
||||||
and commandline -f execute
|
and commandline -f execute
|
||||||
|
@ -35,8 +35,20 @@ in {
|
|||||||
init = { defaultBranch = "master"; };
|
init = { defaultBranch = "master"; };
|
||||||
};
|
};
|
||||||
ignores = [ ".direnv/**" "result" ];
|
ignores = [ ".direnv/**" "result" ];
|
||||||
|
includes = [{
|
||||||
|
path = "~/.config/git/personal";
|
||||||
|
condition = "gitdir:~/dev/personal/";
|
||||||
|
}];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Personal git config
|
||||||
|
# TODO: fix with variables
|
||||||
|
xdg.configFile."git/personal".text = ''
|
||||||
|
[user]
|
||||||
|
name = "Noah Masur"
|
||||||
|
email = "7386960+nmasur@users.noreply.github.com"
|
||||||
|
'';
|
||||||
|
|
||||||
programs.fish.shellAbbrs = {
|
programs.fish.shellAbbrs = {
|
||||||
g = "git";
|
g = "git";
|
||||||
gs = "git status";
|
gs = "git status";
|
||||||
@ -58,6 +70,7 @@ in {
|
|||||||
git switch (git symbolic-ref refs/remotes/origin/HEAD | cut -d"/" -f4)'';
|
git switch (git symbolic-ref refs/remotes/origin/HEAD | cut -d"/" -f4)'';
|
||||||
gcob = "git switch -c";
|
gcob = "git switch -c";
|
||||||
gb = "git branch";
|
gb = "git branch";
|
||||||
|
gpd = "git push origin -d";
|
||||||
gbd = "git branch -d";
|
gbd = "git branch -d";
|
||||||
gbD = "git branch -D";
|
gbD = "git branch -D";
|
||||||
gr = "git reset";
|
gr = "git reset";
|
||||||
|
@ -7,6 +7,7 @@
|
|||||||
enable = true;
|
enable = true;
|
||||||
gitCredentialHelper.enable = true;
|
gitCredentialHelper.enable = true;
|
||||||
settings.git_protocol = "https";
|
settings.git_protocol = "https";
|
||||||
|
extensions = [ pkgs.gh-collaborators ];
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.fish =
|
programs.fish =
|
||||||
@ -14,7 +15,7 @@
|
|||||||
shellAbbrs = {
|
shellAbbrs = {
|
||||||
ghr = "gh repo view -w";
|
ghr = "gh repo view -w";
|
||||||
gha =
|
gha =
|
||||||
"gh run list | head -1 | awk '{ print $(NF-2) }' | xargs gh run view";
|
"gh run list | head -1 | awk '{ print \\$\\(NF-2\\) }' | xargs gh run view";
|
||||||
grw = "gh run watch";
|
grw = "gh run watch";
|
||||||
grf = "gh run view --log-failed";
|
grf = "gh run view --log-failed";
|
||||||
grl = "gh run view --log";
|
grl = "gh run view --log";
|
||||||
@ -56,6 +57,7 @@
|
|||||||
| fzf \
|
| fzf \
|
||||||
--header-lines=1 \
|
--header-lines=1 \
|
||||||
--layout=reverse \
|
--layout=reverse \
|
||||||
|
--height=100% \
|
||||||
--bind "ctrl-o:execute:gh repo view -w ''${organization}/{1}" \
|
--bind "ctrl-o:execute:gh repo view -w ''${organization}/{1}" \
|
||||||
--bind "shift-up:preview-half-page-up" \
|
--bind "shift-up:preview-half-page-up" \
|
||||||
--bind "shift-down:preview-half-page-down" \
|
--bind "shift-down:preview-half-page-down" \
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ config, pkgs, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
home-manager.users.${config.user} = {
|
home-manager.users.${config.user} = {
|
||||||
|
|
||||||
programs.fish = {
|
programs.fish = {
|
||||||
@ -60,6 +60,18 @@
|
|||||||
enableFishIntegration = true;
|
enableFishIntegration = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Create nix-index if doesn't exist
|
||||||
|
home.activation.createNixIndex =
|
||||||
|
let cacheDir = "${config.homePath}/.cache/nix-index";
|
||||||
|
in lib.mkIf
|
||||||
|
config.home-manager.users.${config.user}.programs.nix-index.enable
|
||||||
|
(config.home-manager.users.${config.user}.lib.dag.entryAfter
|
||||||
|
[ "writeBoundary" ] ''
|
||||||
|
if [ ! -d ${cacheDir} ]; then
|
||||||
|
$DRY_RUN_CMD ${pkgs.nix-index}/bin/nix-index -f ${pkgs.path}
|
||||||
|
fi
|
||||||
|
'');
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
|
@ -25,6 +25,8 @@ in {
|
|||||||
htop # Show system processes
|
htop # Show system processes
|
||||||
killall # Force quit
|
killall # Force quit
|
||||||
inetutils # Includes telnet, whois
|
inetutils # Includes telnet, whois
|
||||||
|
jless # JSON viewer
|
||||||
|
jo # JSON output
|
||||||
jq # JSON manipulation
|
jq # JSON manipulation
|
||||||
lf # File viewer
|
lf # File viewer
|
||||||
qrencode # Generate qr codes
|
qrencode # Generate qr codes
|
||||||
@ -44,10 +46,11 @@ in {
|
|||||||
|
|
||||||
home.file = {
|
home.file = {
|
||||||
".rgignore".text = ignorePatterns;
|
".rgignore".text = ignorePatterns;
|
||||||
".fdignore".text = ignorePatterns;
|
|
||||||
".digrc".text = "+noall +answer"; # Cleaner dig commands
|
".digrc".text = "+noall +answer"; # Cleaner dig commands
|
||||||
};
|
};
|
||||||
|
|
||||||
|
xdg.configFile."fd/ignore".text = ignorePatterns;
|
||||||
|
|
||||||
programs.bat = {
|
programs.bat = {
|
||||||
enable = true; # cat replacement
|
enable = true; # cat replacement
|
||||||
config = {
|
config = {
|
||||||
|
@ -24,9 +24,9 @@
|
|||||||
home.activation.reloadHammerspoon =
|
home.activation.reloadHammerspoon =
|
||||||
config.home-manager.users.${config.user}.lib.dag.entryAfter
|
config.home-manager.users.${config.user}.lib.dag.entryAfter
|
||||||
[ "writeBoundary" ] ''
|
[ "writeBoundary" ] ''
|
||||||
$DRY_RUN_CMD /usr/local/bin/hs -c "hs.reload()"
|
$DRY_RUN_CMD /Applications/Hammerspoon.app/Contents/Frameworks/hs/hs -c "hs.reload()"
|
||||||
$DRY_RUN_CMD sleep 1
|
$DRY_RUN_CMD sleep 1
|
||||||
$DRY_RUN_CMD /usr/local/bin/hs -c "hs.console.clearConsole()"
|
$DRY_RUN_CMD /Applications/Hammerspoon.app/Contents/Frameworks/hs/hs -c "hs.console.clearConsole()"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
};
|
};
|
||||||
|
@ -54,14 +54,19 @@ function obj:init()
|
|||||||
end)
|
end)
|
||||||
|
|
||||||
-- Launcher shortcuts
|
-- Launcher shortcuts
|
||||||
self.launcher:bind("ctrl", "space", function()
|
self.launcher:bind("ctrl", "space", function() end)
|
||||||
end)
|
|
||||||
self.launcher:bind("", "return", function()
|
self.launcher:bind("", "return", function()
|
||||||
self:switch("@kitty@")
|
self:switch("@kitty@")
|
||||||
end)
|
end)
|
||||||
self.launcher:bind("", "C", function()
|
self.launcher:bind("", "C", function()
|
||||||
self:switch("Calendar.app")
|
self:switch("Calendar.app")
|
||||||
end)
|
end)
|
||||||
|
self.launcher:bind("shift", "D", function()
|
||||||
|
hs.execute("launchctl remove com.paloaltonetworks.gp.pangps")
|
||||||
|
hs.execute("launchctl remove com.paloaltonetworks.gp.pangpa")
|
||||||
|
hs.alert.show("Disconnected from GlobalProtect", nil, nil, 4)
|
||||||
|
self.launcher:exit()
|
||||||
|
end)
|
||||||
self.launcher:bind("", "E", function()
|
self.launcher:bind("", "E", function()
|
||||||
self:switch("Mail.app")
|
self:switch("Mail.app")
|
||||||
end)
|
end)
|
||||||
@ -80,6 +85,12 @@ function obj:init()
|
|||||||
self.launcher:bind("", "P", function()
|
self.launcher:bind("", "P", function()
|
||||||
self:switch("System Preferences.app")
|
self:switch("System Preferences.app")
|
||||||
end)
|
end)
|
||||||
|
self.launcher:bind("shift", "P", function()
|
||||||
|
hs.execute("launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist")
|
||||||
|
hs.execute("launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist")
|
||||||
|
hs.alert.show("Reconnecting to GlobalProtect", nil, nil, 4)
|
||||||
|
self.launcher:exit()
|
||||||
|
end)
|
||||||
self.launcher:bind("", "R", function()
|
self.launcher:bind("", "R", function()
|
||||||
hs.console.clearConsole()
|
hs.console.clearConsole()
|
||||||
hs.reload()
|
hs.reload()
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
|
hs.ipc.cliInstall() -- Install Hammerspoon CLI program
|
||||||
hs.loadSpoon("ControlEscape"):start() -- Load Hammerspoon bits from https://github.com/jasonrudolph/ControlEscape.spoon
|
hs.loadSpoon("ControlEscape"):start() -- Load Hammerspoon bits from https://github.com/jasonrudolph/ControlEscape.spoon
|
||||||
hs.loadSpoon("Launcher"):init()
|
hs.loadSpoon("Launcher"):init()
|
||||||
hs.loadSpoon("DismissAlerts"):init()
|
hs.loadSpoon("DismissAlerts"):init()
|
||||||
hs.loadSpoon("MoveWindow"):init()
|
hs.loadSpoon("MoveWindow"):init()
|
||||||
hs.ipc.cliInstall() -- Install Hammerspoon CLI program
|
|
||||||
|
@ -8,11 +8,15 @@
|
|||||||
if ! xcode-select --version 2>/dev/null; then
|
if ! xcode-select --version 2>/dev/null; then
|
||||||
$DRY_RUN_CMD xcode-select --install
|
$DRY_RUN_CMD xcode-select --install
|
||||||
fi
|
fi
|
||||||
if ! /usr/local/bin/brew --version 2>/dev/null; then
|
if ! /opt/homebrew/bin/brew --version 2>/dev/null; then
|
||||||
$DRY_RUN_CMD /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
$DRY_RUN_CMD /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
# Add homebrew paths to CLI path
|
||||||
|
home-manager.users.${config.user}.home.sessionPath =
|
||||||
|
[ "/opt/homebrew/bin/" ];
|
||||||
|
|
||||||
homebrew = {
|
homebrew = {
|
||||||
enable = true;
|
enable = true;
|
||||||
onActivation = {
|
onActivation = {
|
||||||
@ -24,25 +28,22 @@
|
|||||||
brewfile = true; # Run brew bundle from anywhere
|
brewfile = true; # Run brew bundle from anywhere
|
||||||
lockfiles = false; # Don't save lockfile (since running from anywhere)
|
lockfiles = false; # Don't save lockfile (since running from anywhere)
|
||||||
};
|
};
|
||||||
taps = [
|
|
||||||
"homebrew/cask" # Required for casks
|
|
||||||
"homebrew/cask-drivers" # Used for Logitech G-Hub
|
|
||||||
];
|
|
||||||
brews = [
|
brews = [
|
||||||
"trash" # Delete files and folders to trash instead of rm
|
"trash" # Delete files and folders to trash instead of rm
|
||||||
"openjdk" # Required by Apache Directory Studio
|
"openjdk" # Required by Apache Directory Studio
|
||||||
];
|
];
|
||||||
casks = [
|
casks = [
|
||||||
"1password" # 1Password packaging on Nix is broken for macOS
|
"1password" # 1Password will not launch from Nix on macOS
|
||||||
"apache-directory-studio" # Packaging on Nix is not available for macOS
|
"apache-directory-studio" # Packaging on Nix is not available for macOS
|
||||||
"gitify" # Git notifications in menu bar
|
# "gitify" # Git notifications in menu bar (downgrade manually from 4.6.1)
|
||||||
"keybase" # GUI on Nix not available for macOS
|
"keybase" # GUI on Nix not available for macOS
|
||||||
"logitech-g-hub" # Mouse and keyboard management
|
# "logitech-g-hub" # Mouse and keyboard management
|
||||||
|
"logitune" # Logitech webcam firmware
|
||||||
"meetingbar" # Show meetings in menu bar
|
"meetingbar" # Show meetings in menu bar
|
||||||
"obsidian" # Obsidian packaging on Nix is not available for macOS
|
# "obsidian" # Obsidian packaging on Nix is not available for macOS
|
||||||
"scroll-reverser" # Different scroll style for mouse vs. trackpad
|
"scroll-reverser" # Different scroll style for mouse vs. trackpad
|
||||||
"steam" # Not packaged for Nix
|
# "steam" # Not packaged for Nix
|
||||||
"epic-games" # Not packaged for Nix
|
# "epic-games" # Not packaged for Nix
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
config = lib.mkIf pkgs.stdenv.isDarwin {
|
config = lib.mkIf pkgs.stdenv.isDarwin {
|
||||||
networking = {
|
networking = {
|
||||||
computerName = "${config.fullName}'\\''s Mac";
|
computerName = config.networking.hostName;
|
||||||
# Adjust if necessary
|
# Adjust if necessary
|
||||||
# hostName = "";
|
# hostName = "";
|
||||||
};
|
};
|
||||||
|
@ -34,8 +34,8 @@
|
|||||||
# Enable full keyboard access for all controls (e.g. enable Tab in modal dialogs)
|
# Enable full keyboard access for all controls (e.g. enable Tab in modal dialogs)
|
||||||
AppleKeyboardUIMode = 3;
|
AppleKeyboardUIMode = 3;
|
||||||
|
|
||||||
# Automatically show and hide the menu bar
|
# Only hide menu bar in fullscreen
|
||||||
_HIHideMenuBar = true;
|
_HIHideMenuBar = false;
|
||||||
|
|
||||||
# Expand save panel by default
|
# Expand save panel by default
|
||||||
NSNavPanelExpandedStateForSaveMode = true;
|
NSNavPanelExpandedStateForSaveMode = true;
|
||||||
@ -154,11 +154,15 @@
|
|||||||
echo "Show the ~/Library folder"
|
echo "Show the ~/Library folder"
|
||||||
chflags nohidden ~/Library
|
chflags nohidden ~/Library
|
||||||
|
|
||||||
echo "Enable dock magnification"
|
if [ ! $(defaults read com.apple.dock magnification) = "1" ]; then
|
||||||
defaults write com.apple.dock magnification -bool true
|
echo "Enable dock magnification"
|
||||||
|
defaults write com.apple.dock magnification -bool true
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Set dock magnification size"
|
if [ ! $(defaults read com.apple.dock largesize) = "48" ]; then
|
||||||
defaults write com.apple.dock largesize -int 48
|
echo "Set dock magnification size"
|
||||||
|
defaults write com.apple.dock largesize -int 48
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Define dock icon function"
|
echo "Define dock icon function"
|
||||||
__dock_item() {
|
__dock_item() {
|
||||||
@ -180,9 +184,16 @@
|
|||||||
"$(__dock_item /System/Applications/Mail.app)" \
|
"$(__dock_item /System/Applications/Mail.app)" \
|
||||||
"$(__dock_item /Applications/zoom.us.app)" \
|
"$(__dock_item /Applications/zoom.us.app)" \
|
||||||
"$(__dock_item ${pkgs.discord}/Applications/Discord.app)" \
|
"$(__dock_item ${pkgs.discord}/Applications/Discord.app)" \
|
||||||
"$(__dock_item /Applications/Obsidian.app)" \
|
"$(__dock_item ${pkgs.obsidian}/Applications/Obsidian.app)" \
|
||||||
"$(__dock_item ${pkgs.kitty}/Applications/kitty.app)" \
|
"$(__dock_item ${pkgs.kitty}/Applications/kitty.app)" \
|
||||||
"$(__dock_item /System/Applications/System\ Settings.app)"
|
"$(__dock_item /System/Applications/System\ Settings.app)"
|
||||||
|
|
||||||
|
echo "MeetingBar settings"
|
||||||
|
defaults write leits.MeetingBar eventTimeFormat -string "\"show\""
|
||||||
|
defaults write leits.MeetingBar eventTitleFormat -string "\"none\""
|
||||||
|
defaults write leits.MeetingBar eventTitleIconFormat -string "\"iconCalendar\""
|
||||||
|
defaults write leits.MeetingBar slackBrowser -string "{\"deletable\":true,\"arguments\":\"\",\"name\":\"Slack\",\"path\":\"\"}"
|
||||||
|
defaults write leits.MeetingBar zoomBrowser -string "{\"deletable\":true,\"arguments\":\"\",\"name\":\"Zoom\",\"path\":\"\"}"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
};
|
};
|
||||||
|
@ -9,13 +9,19 @@
|
|||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# Used for aerc
|
|
||||||
home-manager.users.${config.user} = {
|
home-manager.users.${config.user} = {
|
||||||
home.sessionVariables = {
|
|
||||||
XDG_CONFIG_HOME = "${config.homePath}/.config";
|
# Default shell setting doesn't work
|
||||||
};
|
home.sessionVariables = { SHELL = "${pkgs.fish}/bin/fish"; };
|
||||||
|
|
||||||
|
# Used for aerc
|
||||||
|
xdg.enable = true;
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Fix for: 'Error: HOME is set to "/var/root" but we expect "/var/empty"'
|
||||||
|
home-manager.users.root.home.homeDirectory = lib.mkForce "/var/root";
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -2,6 +2,8 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
|
unfreePackages = [ "consul" "vault-bin" ];
|
||||||
|
|
||||||
home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
|
home-manager.users.${config.user} = lib.mkIf pkgs.stdenv.isDarwin {
|
||||||
|
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
@ -11,11 +13,13 @@
|
|||||||
youtube-dl # Convert web videos
|
youtube-dl # Convert web videos
|
||||||
pandoc # Convert text documents
|
pandoc # Convert text documents
|
||||||
mpd # TUI slideshows
|
mpd # TUI slideshows
|
||||||
|
mpv # Video player
|
||||||
|
gnupg # Encryption
|
||||||
awscli2
|
awscli2
|
||||||
awslogs
|
awslogs
|
||||||
google-cloud-sdk
|
google-cloud-sdk
|
||||||
ansible
|
ansible
|
||||||
vault
|
vault-bin
|
||||||
consul
|
consul
|
||||||
noti # Create notifications programmatically
|
noti # Create notifications programmatically
|
||||||
ipcalc # Make IP network calculations
|
ipcalc # Make IP network calculations
|
||||||
|
@ -95,13 +95,15 @@ in {
|
|||||||
|
|
||||||
# Adjust screen brightness
|
# Adjust screen brightness
|
||||||
"Shift+F12" =
|
"Shift+F12" =
|
||||||
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 + 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 + 30";
|
# Disable dynamic sleep
|
||||||
|
# https://github.com/rockowitz/ddcutil/issues/323
|
||||||
|
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 + 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 + 30";
|
||||||
"Shift+F11" =
|
"Shift+F11" =
|
||||||
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 - 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 - 30";
|
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 - 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 - 30";
|
||||||
"XF86MonBrightnessUp" =
|
"XF86MonBrightnessUp" =
|
||||||
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 + 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 + 30";
|
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 + 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 + 30";
|
||||||
"XF86MonBrightnessDown" =
|
"XF86MonBrightnessDown" =
|
||||||
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 - 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 - 30";
|
"exec ${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 - 30 && sleep 1; exec ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 - 30";
|
||||||
|
|
||||||
# Media player controls
|
# Media player controls
|
||||||
"XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";
|
"XF86AudioPlay" = "exec ${pkgs.playerctl}/bin/playerctl play-pause";
|
||||||
|
@ -28,17 +28,18 @@ in {
|
|||||||
-sep ';' \
|
-sep ';' \
|
||||||
-selected-row 1)
|
-selected-row 1)
|
||||||
|
|
||||||
|
|
||||||
case "$chosen" in
|
case "$chosen" in
|
||||||
"$dimmer")
|
"$dimmer")
|
||||||
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 25; ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 25
|
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 25; ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 25
|
||||||
;;
|
;;
|
||||||
|
|
||||||
"$medium")
|
"$medium")
|
||||||
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 75; ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 75
|
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 75; ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 75
|
||||||
;;
|
;;
|
||||||
|
|
||||||
"$brighter")
|
"$brighter")
|
||||||
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 100; ${pkgs.ddcutil}/bin/ddcutil --display 2 setvcp 10 100
|
${pkgs.ddcutil}/bin/ddcutil --display 1 setvcp 10 100; ${pkgs.ddcutil}/bin/ddcutil --disable-dynamic-sleep --display 2 setvcp 10 100
|
||||||
;;
|
;;
|
||||||
|
|
||||||
*) exit 1 ;;
|
*) exit 1 ;;
|
||||||
|
@ -31,15 +31,17 @@ in {
|
|||||||
-sep ';' \
|
-sep ';' \
|
||||||
-selected-row 2)
|
-selected-row 2)
|
||||||
|
|
||||||
|
confirm () {
|
||||||
|
${builtins.readFile ./rofi-prompt.sh}
|
||||||
|
}
|
||||||
|
|
||||||
case "$chosen" in
|
case "$chosen" in
|
||||||
"$power_off")
|
"$power_off")
|
||||||
${
|
confirm 'Shutdown?' && doas shutdown now
|
||||||
builtins.toString ./rofi-prompt.sh
|
|
||||||
} 'Shutdown?' && doas shutdown now
|
|
||||||
;;
|
;;
|
||||||
|
|
||||||
"$reboot")
|
"$reboot")
|
||||||
${builtins.toString ./rofi-prompt.sh} 'Reboot?' && doas reboot
|
confirm 'Reboot?' && doas reboot
|
||||||
;;
|
;;
|
||||||
|
|
||||||
"$lock")
|
"$lock")
|
||||||
@ -51,7 +53,7 @@ in {
|
|||||||
;;
|
;;
|
||||||
|
|
||||||
"$log_out")
|
"$log_out")
|
||||||
${builtins.toString ./rofi-prompt.sh} 'Logout?' && i3-msg exit
|
confirm 'Logout?' && i3-msg exit
|
||||||
;;
|
;;
|
||||||
|
|
||||||
*) exit 1 ;;
|
*) exit 1 ;;
|
||||||
|
@ -42,6 +42,6 @@ chosen=$(printf '%s;%s\n' "$yes" "$no" |
|
|||||||
-selected-row 1)
|
-selected-row 1)
|
||||||
|
|
||||||
case "$chosen" in
|
case "$chosen" in
|
||||||
"$yes") exit 0 ;;
|
"$yes") return 0 ;;
|
||||||
*) exit 1 ;;
|
*) return 1 ;;
|
||||||
esac
|
esac
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
domainName = "local";
|
domainName = "local";
|
||||||
ipv6 = false; # Should work either way
|
ipv6 = false; # Should work either way
|
||||||
# Resolve local hostnames using Avahi DNS
|
# Resolve local hostnames using Avahi DNS
|
||||||
nssmdns = true;
|
nssmdns4 = true;
|
||||||
publish = {
|
publish = {
|
||||||
enable = true;
|
enable = true;
|
||||||
addresses = true;
|
addresses = true;
|
||||||
|
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
let
|
let
|
||||||
|
|
||||||
|
# This config specifies ports for Prometheus to scrape information
|
||||||
arrConfig = {
|
arrConfig = {
|
||||||
radarr = {
|
radarr = {
|
||||||
exportarrPort = "9707";
|
exportarrPort = "9707";
|
||||||
@ -41,6 +42,8 @@ in {
|
|||||||
sabnzbd = {
|
sabnzbd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
group = "media";
|
group = "media";
|
||||||
|
# The config file must be editable within the application
|
||||||
|
# It contains server configs and credentials
|
||||||
configFile = "/data/downloads/sabnzbd/sabnzbd.ini";
|
configFile = "/data/downloads/sabnzbd/sabnzbd.ini";
|
||||||
};
|
};
|
||||||
sonarr = {
|
sonarr = {
|
||||||
@ -53,16 +56,23 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Create a media group to be shared between services
|
||||||
users.groups.media = { };
|
users.groups.media = { };
|
||||||
|
|
||||||
|
# Give the human user access to the media group
|
||||||
users.users.${config.user}.extraGroups = [ "media" ];
|
users.users.${config.user}.extraGroups = [ "media" ];
|
||||||
|
|
||||||
|
# Allows media group to read/write the sabnzbd directory
|
||||||
users.users.sabnzbd.homeMode = "0770";
|
users.users.sabnzbd.homeMode = "0770";
|
||||||
|
|
||||||
unfreePackages = [ "unrar" ]; # Required for sabnzbd
|
unfreePackages = [ "unrar" ]; # Required as a dependency for sabnzbd
|
||||||
|
|
||||||
# Requires updating the base_url config value in each service
|
# Requires updating the base_url config value in each service
|
||||||
# If you try to rewrite the URL, the service won't redirect properly
|
# If you try to rewrite the URL, the service won't redirect properly
|
||||||
caddy.routes = [
|
caddy.routes = [
|
||||||
{
|
{
|
||||||
|
# Group means that routes with the same name are mutually exclusive,
|
||||||
|
# so they are split between the appropriate services.
|
||||||
group = "download";
|
group = "download";
|
||||||
match = [{
|
match = [{
|
||||||
host = [ config.hostnames.download ];
|
host = [ config.hostnames.download ];
|
||||||
@ -70,6 +80,7 @@ in {
|
|||||||
}];
|
}];
|
||||||
handle = [{
|
handle = [{
|
||||||
handler = "reverse_proxy";
|
handler = "reverse_proxy";
|
||||||
|
# We're able to reference the url and port of the service dynamically
|
||||||
upstreams = [{ dial = arrConfig.sonarr.url; }];
|
upstreams = [{ dial = arrConfig.sonarr.url; }];
|
||||||
}];
|
}];
|
||||||
}
|
}
|
||||||
@ -92,6 +103,7 @@ in {
|
|||||||
}];
|
}];
|
||||||
handle = [{
|
handle = [{
|
||||||
handler = "reverse_proxy";
|
handler = "reverse_proxy";
|
||||||
|
# Prowlarr doesn't offer a dynamic config, so we have to hardcode it
|
||||||
upstreams = [{ dial = "localhost:9696"; }];
|
upstreams = [{ dial = "localhost:9696"; }];
|
||||||
}];
|
}];
|
||||||
}
|
}
|
||||||
@ -104,6 +116,7 @@ in {
|
|||||||
handle = [{
|
handle = [{
|
||||||
handler = "reverse_proxy";
|
handler = "reverse_proxy";
|
||||||
upstreams = [{
|
upstreams = [{
|
||||||
|
# Bazarr only dynamically sets the port, not the host
|
||||||
dial = "localhost:${
|
dial = "localhost:${
|
||||||
builtins.toString config.services.bazarr.listenPort
|
builtins.toString config.services.bazarr.listenPort
|
||||||
}";
|
}";
|
||||||
@ -145,10 +158,12 @@ in {
|
|||||||
Type = "simple";
|
Type = "simple";
|
||||||
DynamicUser = true;
|
DynamicUser = true;
|
||||||
ExecStart = let
|
ExecStart = let
|
||||||
|
# Sabnzbd doesn't accept the URI path, unlike the others
|
||||||
url = if name != "sabnzbd" then
|
url = if name != "sabnzbd" then
|
||||||
"http://${attrs.url}/${name}"
|
"http://${attrs.url}/${name}"
|
||||||
else
|
else
|
||||||
"http://${attrs.url}";
|
"http://${attrs.url}";
|
||||||
|
# Exportarr is trained to pull from the arr services
|
||||||
in ''
|
in ''
|
||||||
${pkgs.exportarr}/bin/exportarr ${name} \
|
${pkgs.exportarr}/bin/exportarr ${name} \
|
||||||
--url ${url} \
|
--url ${url} \
|
||||||
@ -197,7 +212,7 @@ in {
|
|||||||
prefix = "API_KEY=";
|
prefix = "API_KEY=";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Prometheus scrape targets
|
# Prometheus scrape targets (expose Exportarr to Prometheus)
|
||||||
prometheus.scrapeTargets = map (key:
|
prometheus.scrapeTargets = map (key:
|
||||||
"127.0.0.1:${
|
"127.0.0.1:${
|
||||||
lib.attrsets.getAttrFromPath [ key "exportarrPort" ] arrConfig
|
lib.attrsets.getAttrFromPath [ key "exportarrPort" ] arrConfig
|
||||||
|
@ -1,3 +1,6 @@
|
|||||||
|
# This is my setup for backing up SQlite databases and other systems to S3 or
|
||||||
|
# S3-equivalent services (like Backblaze B2).
|
||||||
|
|
||||||
{ config, lib, ... }: {
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
|
@ -1,3 +1,10 @@
|
|||||||
|
# Bind is a DNS service. This allows me to resolve public domains locally so
|
||||||
|
# when I'm at home, I don't have to travel over the Internet to reach my
|
||||||
|
# server.
|
||||||
|
|
||||||
|
# To set this on all home machines, I point my router's DNS resolver to the
|
||||||
|
# local IP address of the machine running this service (swan).
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
@ -16,11 +23,19 @@ in {
|
|||||||
|
|
||||||
config = lib.mkIf config.services.bind.enable {
|
config = lib.mkIf config.services.bind.enable {
|
||||||
|
|
||||||
|
# Normally I block all requests not coming from Cloudflare, so I have to also
|
||||||
|
# allow my local network.
|
||||||
caddy.cidrAllowlist = [ "192.168.0.0/16" ];
|
caddy.cidrAllowlist = [ "192.168.0.0/16" ];
|
||||||
|
|
||||||
services.bind = {
|
services.bind = {
|
||||||
|
|
||||||
|
# Allow requests coming from these IPs. This way I don't somehow get
|
||||||
|
# spammed with DNS requests coming from the Internet.
|
||||||
cacheNetworks = [ "127.0.0.0/24" "192.168.0.0/16" ];
|
cacheNetworks = [ "127.0.0.0/24" "192.168.0.0/16" ];
|
||||||
|
|
||||||
|
# When making normal DNS requests, forward them to Cloudflare to resolve.
|
||||||
forwarders = [ "1.1.1.1" "1.0.0.1" ];
|
forwarders = [ "1.1.1.1" "1.0.0.1" ];
|
||||||
|
|
||||||
ipv4Only = true;
|
ipv4Only = true;
|
||||||
|
|
||||||
# Use rpz zone as an override
|
# Use rpz zone as an override
|
||||||
@ -47,6 +62,7 @@ in {
|
|||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# We must allow DNS traffic to hit our machine as well
|
||||||
networking.firewall.allowedTCPPorts = [ 53 ];
|
networking.firewall.allowedTCPPorts = [ 53 ];
|
||||||
networking.firewall.allowedUDPPorts = [ 53 ];
|
networking.firewall.allowedUDPPorts = [ 53 ];
|
||||||
|
|
||||||
|
@ -1,3 +1,14 @@
|
|||||||
|
# Caddy is a reverse proxy, like Nginx or Traefik. This creates an ingress
|
||||||
|
# point from my local network or the public (via Cloudflare). Instead of a
|
||||||
|
# Caddyfile, I'm using the more expressive JSON config file format. This means
|
||||||
|
# I can source routes from other areas in my config and build the JSON file
|
||||||
|
# using the result of the expression.
|
||||||
|
|
||||||
|
# Caddy helpfully provides automatic ACME cert generation and management, but
|
||||||
|
# it requires a form of validation. We are using a custom build of Caddy
|
||||||
|
# (compiled with an overlay) to insert a plugin for managing DNS validation
|
||||||
|
# with Cloudflare's DNS API.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
@ -42,12 +53,17 @@
|
|||||||
configFile = pkgs.writeText "Caddyfile" (builtins.toJSON {
|
configFile = pkgs.writeText "Caddyfile" (builtins.toJSON {
|
||||||
apps.http.servers.main = {
|
apps.http.servers.main = {
|
||||||
listen = [ ":443" ];
|
listen = [ ":443" ];
|
||||||
|
|
||||||
|
# These routes are pulled from the rest of this repo
|
||||||
routes = config.caddy.routes;
|
routes = config.caddy.routes;
|
||||||
errors.routes = config.caddy.blocks;
|
errors.routes = config.caddy.blocks;
|
||||||
logs = { }; # Uncomment to collect access logs
|
|
||||||
|
logs = { }; # Uncommenting collects access logs
|
||||||
};
|
};
|
||||||
apps.http.servers.metrics = { }; # Enables Prometheus metrics
|
apps.http.servers.metrics = { }; # Enables Prometheus metrics
|
||||||
apps.tls.automation.policies = config.caddy.tlsPolicies;
|
apps.tls.automation.policies = config.caddy.tlsPolicies;
|
||||||
|
|
||||||
|
# Setup logging to file
|
||||||
logging.logs.main = {
|
logging.logs.main = {
|
||||||
encoder = { format = "console"; };
|
encoder = { format = "console"; };
|
||||||
writer = {
|
writer = {
|
||||||
@ -58,13 +74,23 @@
|
|||||||
};
|
};
|
||||||
level = "INFO";
|
level = "INFO";
|
||||||
};
|
};
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Allows Caddy to serve lower ports (443, 80)
|
||||||
|
systemd.services.caddy.serviceConfig.AmbientCapabilities =
|
||||||
|
"CAP_NET_BIND_SERVICE";
|
||||||
|
|
||||||
|
# Required for web traffic to reach this machine
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
|
||||||
|
# HTTP/3 QUIC uses UDP (not sure if being used)
|
||||||
networking.firewall.allowedUDPPorts = [ 443 ];
|
networking.firewall.allowedUDPPorts = [ 443 ];
|
||||||
|
|
||||||
|
# Caddy exposes Prometheus metrics with the admin API
|
||||||
|
# https://caddyserver.com/docs/api
|
||||||
prometheus.scrapeTargets = [ "127.0.0.1:2019" ];
|
prometheus.scrapeTargets = [ "127.0.0.1:2019" ];
|
||||||
|
|
||||||
};
|
};
|
||||||
|
@ -1,3 +1,9 @@
|
|||||||
|
# Calibre-web is an E-Book library and management tool.
|
||||||
|
|
||||||
|
# - Exposed to the public via Caddy.
|
||||||
|
# - Hostname defined with config.hostnames.books
|
||||||
|
# - File directory backed up to S3 on a cron schedule.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
@ -26,6 +32,7 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Allow web traffic to Caddy
|
||||||
caddy.routes = [{
|
caddy.routes = [{
|
||||||
match = [{ host = [ config.hostnames.books ]; }];
|
match = [{ host = [ config.hostnames.books ]; }];
|
||||||
handle = [{
|
handle = [{
|
||||||
@ -35,6 +42,8 @@ in {
|
|||||||
builtins.toString config.services.calibre-web.listen.port
|
builtins.toString config.services.calibre-web.listen.port
|
||||||
}";
|
}";
|
||||||
}];
|
}];
|
||||||
|
# This is required when calibre-web is behind a reverse proxy
|
||||||
|
# https://github.com/janeczku/calibre-web/issues/19
|
||||||
headers.request.add."X-Script-Name" = [ "/calibre-web" ];
|
headers.request.add."X-Script-Name" = [ "/calibre-web" ];
|
||||||
}];
|
}];
|
||||||
}];
|
}];
|
||||||
|
@ -1,3 +1,12 @@
|
|||||||
|
# Cloudflare Tunnel is a service for accessing the network even behind a
|
||||||
|
# firewall, through outbound-only requests. It works by installing an agent on
|
||||||
|
# our machines that exposes services through Cloudflare Access (Zero Trust),
|
||||||
|
# similar to something like Tailscale.
|
||||||
|
|
||||||
|
# In this case, we're using Cloudflare Tunnel to enable SSH access over a web
|
||||||
|
# browser even when outside of my network. This is probably not the safest
|
||||||
|
# choice but I feel comfortable enough with it anyway.
|
||||||
|
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
|
|
||||||
# First time setup:
|
# First time setup:
|
||||||
@ -40,23 +49,28 @@
|
|||||||
tunnels = {
|
tunnels = {
|
||||||
"${config.cloudflareTunnel.id}" = {
|
"${config.cloudflareTunnel.id}" = {
|
||||||
credentialsFile = config.secrets.cloudflared.dest;
|
credentialsFile = config.secrets.cloudflared.dest;
|
||||||
|
# Catch-all if no match (should never happen anyway)
|
||||||
default = "http_status:404";
|
default = "http_status:404";
|
||||||
|
# Match from ingress of any valid server name to SSH access
|
||||||
ingress = { "*.masu.rs" = "ssh://localhost:22"; };
|
ingress = { "*.masu.rs" = "ssh://localhost:22"; };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Grant Cloudflare access to SSH into this server
|
||||||
environment.etc = {
|
environment.etc = {
|
||||||
"ssh/ca.pub".text = ''
|
"ssh/ca.pub".text = ''
|
||||||
${config.cloudflareTunnel.ca}
|
${config.cloudflareTunnel.ca}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# Must match the username of the email address in Cloudflare Access
|
# Must match the username portion of the email address in Cloudflare
|
||||||
|
# Access
|
||||||
"ssh/authorized_principals".text = ''
|
"ssh/authorized_principals".text = ''
|
||||||
${config.user}
|
${config.user}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Adjust SSH config to allow access from Cloudflare's certificate
|
||||||
services.openssh.extraConfig = ''
|
services.openssh.extraConfig = ''
|
||||||
PubkeyAuthentication yes
|
PubkeyAuthentication yes
|
||||||
TrustedUserCAKeys /etc/ssh/ca.pub
|
TrustedUserCAKeys /etc/ssh/ca.pub
|
||||||
|
@ -1,5 +1,13 @@
|
|||||||
# This module is necessary for hosts that are serving through Cloudflare.
|
# This module is necessary for hosts that are serving through Cloudflare.
|
||||||
|
|
||||||
|
# Cloudflare is a CDN service that is used to serve the domain names and
|
||||||
|
# caching for my websites and services. Since Cloudflare acts as our proxy, we
|
||||||
|
# must allow access over the Internet from Cloudflare's IP ranges.
|
||||||
|
|
||||||
|
# We also want to validate our HTTPS certificates from Caddy. We'll use Caddy's
|
||||||
|
# DNS validation plugin to connect to Cloudflare and automatically create
|
||||||
|
# validation DNS records for our generated certificates.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
@ -59,10 +67,9 @@ in {
|
|||||||
};
|
};
|
||||||
}];
|
}];
|
||||||
}];
|
}];
|
||||||
|
# Allow Caddy to read Cloudflare API key for DNS validation
|
||||||
systemd.services.caddy.serviceConfig.EnvironmentFile =
|
systemd.services.caddy.serviceConfig.EnvironmentFile =
|
||||||
config.secrets.cloudflareApi.dest;
|
config.secrets.cloudflareApi.dest;
|
||||||
systemd.services.caddy.serviceConfig.AmbientCapabilities =
|
|
||||||
"CAP_NET_BIND_SERVICE";
|
|
||||||
|
|
||||||
# API key must have access to modify Cloudflare DNS records
|
# API key must have access to modify Cloudflare DNS records
|
||||||
secrets.cloudflareApi = {
|
secrets.cloudflareApi = {
|
||||||
@ -73,7 +80,7 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
# Allows Nextcloud to trust Cloudflare IPs
|
# Allows Nextcloud to trust Cloudflare IPs
|
||||||
services.nextcloud.config.trustedProxies = cloudflareIpRanges;
|
services.nextcloud.extraOptions.trusted_proxies = cloudflareIpRanges;
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,3 +1,6 @@
|
|||||||
|
# This file imports all the other files in this directory for use as modules in
|
||||||
|
# my config.
|
||||||
|
|
||||||
{ ... }: {
|
{ ... }: {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
@ -13,6 +16,7 @@
|
|||||||
./gnupg.nix
|
./gnupg.nix
|
||||||
./grafana.nix
|
./grafana.nix
|
||||||
./honeypot.nix
|
./honeypot.nix
|
||||||
|
./influxdb2.nix
|
||||||
./jellyfin.nix
|
./jellyfin.nix
|
||||||
./keybase.nix
|
./keybase.nix
|
||||||
./mullvad.nix
|
./mullvad.nix
|
||||||
@ -20,6 +24,7 @@
|
|||||||
./netdata.nix
|
./netdata.nix
|
||||||
./nextcloud.nix
|
./nextcloud.nix
|
||||||
./paperless.nix
|
./paperless.nix
|
||||||
|
./postgresql.nix
|
||||||
./prometheus.nix
|
./prometheus.nix
|
||||||
./samba.nix
|
./samba.nix
|
||||||
./secrets.nix
|
./secrets.nix
|
||||||
|
@ -1,3 +1,9 @@
|
|||||||
|
# Gitea Actions is a CI/CD service for the Gitea source code server, meaning it
|
||||||
|
# allows us to run code operations (such as testing or deploys) when our git
|
||||||
|
# repositories are updated. Any machine can act as a Gitea Action Runner, so
|
||||||
|
# the Runners don't necessarily need to be running Gitea. All we need is an API
|
||||||
|
# key for Gitea to connect to it and register ourselves as a Runner.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
@ -11,11 +11,21 @@ in {
|
|||||||
actions.ENABLED = true;
|
actions.ENABLED = true;
|
||||||
metrics.ENABLED = true;
|
metrics.ENABLED = true;
|
||||||
repository = {
|
repository = {
|
||||||
|
# Pushing to a repo that doesn't exist automatically creates one as
|
||||||
|
# private.
|
||||||
DEFAULT_PUSH_CREATE_PRIVATE = true;
|
DEFAULT_PUSH_CREATE_PRIVATE = true;
|
||||||
|
|
||||||
|
# Allow git over HTTP.
|
||||||
DISABLE_HTTP_GIT = false;
|
DISABLE_HTTP_GIT = false;
|
||||||
|
|
||||||
|
# Allow requests hitting the specified hostname.
|
||||||
ACCESS_CONTROL_ALLOW_ORIGIN = config.hostnames.git;
|
ACCESS_CONTROL_ALLOW_ORIGIN = config.hostnames.git;
|
||||||
|
|
||||||
|
# Automatically create viable users/orgs on push.
|
||||||
ENABLE_PUSH_CREATE_USER = true;
|
ENABLE_PUSH_CREATE_USER = true;
|
||||||
ENABLE_PUSH_CREATE_ORG = true;
|
ENABLE_PUSH_CREATE_ORG = true;
|
||||||
|
|
||||||
|
# Default when creating new repos.
|
||||||
DEFAULT_BRANCH = "main";
|
DEFAULT_BRANCH = "main";
|
||||||
};
|
};
|
||||||
server = {
|
server = {
|
||||||
@ -25,11 +35,15 @@ in {
|
|||||||
SSH_PORT = 22;
|
SSH_PORT = 22;
|
||||||
START_SSH_SERVER = false; # Use sshd instead
|
START_SSH_SERVER = false; # Use sshd instead
|
||||||
DISABLE_SSH = false;
|
DISABLE_SSH = false;
|
||||||
# SSH_LISTEN_HOST = "0.0.0.0";
|
|
||||||
# SSH_LISTEN_PORT = 122;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Don't allow public users to register accounts.
|
||||||
service.DISABLE_REGISTRATION = true;
|
service.DISABLE_REGISTRATION = true;
|
||||||
|
|
||||||
|
# Force using HTTPS for all session access.
|
||||||
session.COOKIE_SECURE = true;
|
session.COOKIE_SECURE = true;
|
||||||
|
|
||||||
|
# Hide users' emails.
|
||||||
ui.SHOW_USER_EMAIL = false;
|
ui.SHOW_USER_EMAIL = false;
|
||||||
};
|
};
|
||||||
extraConfig = null;
|
extraConfig = null;
|
||||||
@ -39,6 +53,7 @@ in {
|
|||||||
users.users.${config.user}.extraGroups = [ "gitea" ];
|
users.users.${config.user}.extraGroups = [ "gitea" ];
|
||||||
|
|
||||||
caddy.routes = [
|
caddy.routes = [
|
||||||
|
# Prevent public access to Prometheus metrics.
|
||||||
{
|
{
|
||||||
match = [{
|
match = [{
|
||||||
host = [ config.hostnames.git ];
|
host = [ config.hostnames.git ];
|
||||||
@ -49,6 +64,7 @@ in {
|
|||||||
status_code = "403";
|
status_code = "403";
|
||||||
}];
|
}];
|
||||||
}
|
}
|
||||||
|
# Allow access to primary server.
|
||||||
{
|
{
|
||||||
match = [{ host = [ config.hostnames.git ]; }];
|
match = [{ host = [ config.hostnames.git ]; }];
|
||||||
handle = [{
|
handle = [{
|
||||||
@ -63,6 +79,7 @@ in {
|
|||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# Scrape the metrics endpoint for Prometheus.
|
||||||
prometheus.scrapeTargets = [
|
prometheus.scrapeTargets = [
|
||||||
"127.0.0.1:${
|
"127.0.0.1:${
|
||||||
builtins.toString config.services.gitea.settings.server.HTTP_PORT
|
builtins.toString config.services.gitea.settings.server.HTTP_PORT
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
# GPG is an encryption tool. This isn't really in use for me at the moment.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options.gpg.enable = lib.mkEnableOption "GnuPG encryption.";
|
options.gpg.enable = lib.mkEnableOption "GnuPG encryption.";
|
||||||
|
@ -7,6 +7,7 @@ in {
|
|||||||
|
|
||||||
config = lib.mkIf config.services.grafana.enable {
|
config = lib.mkIf config.services.grafana.enable {
|
||||||
|
|
||||||
|
# Allow Grafana to connect to email service
|
||||||
secrets.mailpass-grafana = {
|
secrets.mailpass-grafana = {
|
||||||
source = ../../../private/mailpass-grafana.age;
|
source = ../../../private/mailpass-grafana.age;
|
||||||
dest = "${config.secretsDirectory}/mailpass-grafana";
|
dest = "${config.secretsDirectory}/mailpass-grafana";
|
||||||
|
@ -1,7 +1,10 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
# This is a tool for blocking IPs of anyone who attempts to scan all of my
|
||||||
|
# ports.
|
||||||
|
|
||||||
# Currently has some issues that don't make this viable.
|
# Currently has some issues that don't make this viable.
|
||||||
|
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
# Taken from:
|
# Taken from:
|
||||||
# https://dataswamp.org/~solene/2022-09-29-iblock-implemented-in-nixos.html
|
# https://dataswamp.org/~solene/2022-09-29-iblock-implemented-in-nixos.html
|
||||||
|
|
||||||
|
61
modules/nixos/services/influxdb2.nix
Normal file
61
modules/nixos/services/influxdb2.nix
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
# InfluxDB is a timeseries database similar to Prometheus. While
|
||||||
|
# VictoriaMetrics can also act as an InfluxDB, this version of it allows for
|
||||||
|
# infinite retention separate from our other metrics, which can be nice for
|
||||||
|
# recording health information, for example.
|
||||||
|
|
||||||
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
|
config = {
|
||||||
|
|
||||||
|
services.influxdb2 = {
|
||||||
|
provision = {
|
||||||
|
enable = true;
|
||||||
|
initialSetup = {
|
||||||
|
bucket = "default";
|
||||||
|
organization = "main";
|
||||||
|
passwordFile = config.secrets.influxdb2Password.dest;
|
||||||
|
retention = 0; # Keep data forever
|
||||||
|
tokenFile = config.secrets.influxdb2Token.dest;
|
||||||
|
username = "admin";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
settings = { };
|
||||||
|
};
|
||||||
|
|
||||||
|
# Create credentials file for InfluxDB admin
|
||||||
|
secrets.influxdb2Password = lib.mkIf config.services.influxdb2.enable {
|
||||||
|
source = ../../../private/influxdb2-password.age;
|
||||||
|
dest = "${config.secretsDirectory}/influxdb2-password";
|
||||||
|
owner = "influxdb2";
|
||||||
|
group = "influxdb2";
|
||||||
|
permissions = "0440";
|
||||||
|
};
|
||||||
|
systemd.services.influxdb2Password-secret =
|
||||||
|
lib.mkIf config.services.influxdb2.enable {
|
||||||
|
requiredBy = [ "influxdb2.service" ];
|
||||||
|
before = [ "influxdb2.service" ];
|
||||||
|
};
|
||||||
|
secrets.influxdb2Token = lib.mkIf config.services.influxdb2.enable {
|
||||||
|
source = ../../../private/influxdb2-token.age;
|
||||||
|
dest = "${config.secretsDirectory}/influxdb2-token";
|
||||||
|
owner = "influxdb2";
|
||||||
|
group = "influxdb2";
|
||||||
|
permissions = "0440";
|
||||||
|
};
|
||||||
|
systemd.services.influxdb2Token-secret =
|
||||||
|
lib.mkIf config.services.influxdb2.enable {
|
||||||
|
requiredBy = [ "influxdb2.service" ];
|
||||||
|
before = [ "influxdb2.service" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
caddy.routes = lib.mkIf config.services.influxdb2.enable [{
|
||||||
|
match = [{ host = [ config.hostnames.influxdb ]; }];
|
||||||
|
handle = [{
|
||||||
|
handler = "reverse_proxy";
|
||||||
|
upstreams = [{ dial = "localhost:8086"; }];
|
||||||
|
}];
|
||||||
|
}];
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -1,3 +1,6 @@
|
|||||||
|
# Jellyfin is a self-hosted video streaming service. This means I can play my
|
||||||
|
# server's videos from a webpage, mobile app, or TV client.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
config = lib.mkIf config.services.jellyfin.enable {
|
config = lib.mkIf config.services.jellyfin.enable {
|
||||||
@ -6,6 +9,7 @@
|
|||||||
users.users.jellyfin = { isSystemUser = true; };
|
users.users.jellyfin = { isSystemUser = true; };
|
||||||
|
|
||||||
caddy.routes = [
|
caddy.routes = [
|
||||||
|
# Prevent public access to Prometheus metrics.
|
||||||
{
|
{
|
||||||
match = [{
|
match = [{
|
||||||
host = [ config.hostnames.stream ];
|
host = [ config.hostnames.stream ];
|
||||||
@ -16,6 +20,7 @@
|
|||||||
status_code = "403";
|
status_code = "403";
|
||||||
}];
|
}];
|
||||||
}
|
}
|
||||||
|
# Allow access to normal route.
|
||||||
{
|
{
|
||||||
match = [{ host = [ config.hostnames.stream ]; }];
|
match = [{ host = [ config.hostnames.stream ]; }];
|
||||||
handle = [{
|
handle = [{
|
||||||
@ -47,6 +52,9 @@
|
|||||||
users.users.jellyfin.extraGroups =
|
users.users.jellyfin.extraGroups =
|
||||||
[ "render" "video" ]; # Access to /dev/dri
|
[ "render" "video" ]; # Access to /dev/dri
|
||||||
|
|
||||||
|
# Fix issue where Jellyfin-created directories don't allow access for media group
|
||||||
|
systemd.services.jellyfin.serviceConfig.UMask = lib.mkForce "0007";
|
||||||
|
|
||||||
# Requires MetricsEnable is true in /var/lib/jellyfin/config/system.xml
|
# Requires MetricsEnable is true in /var/lib/jellyfin/config/system.xml
|
||||||
prometheus.scrapeTargets = [ "127.0.0.1:8096" ];
|
prometheus.scrapeTargets = [ "127.0.0.1:8096" ];
|
||||||
|
|
||||||
|
@ -1,23 +1,23 @@
|
|||||||
|
# Keybase is an encrypted communications tool with a synchronized encrypted
|
||||||
|
# filestore that can be mounted onto a machine's filesystem.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options.keybase.enable = lib.mkEnableOption "Keybase.";
|
options.keybase.enable = lib.mkEnableOption "Keybase.";
|
||||||
|
|
||||||
config = lib.mkIf config.keybase.enable {
|
config = lib.mkIf config.keybase.enable {
|
||||||
|
|
||||||
services.keybase.enable = true;
|
home-manager.users.${config.user} = lib.mkIf config.keybase.enable {
|
||||||
services.kbfs = {
|
|
||||||
enable = true;
|
services.keybase.enable = true;
|
||||||
# enableRedirector = true;
|
services.kbfs = {
|
||||||
mountPoint = "/run/user/1000/keybase/kbfs";
|
enable = true;
|
||||||
};
|
mountPoint = "keybase";
|
||||||
security.wrappers.keybase-redirector = {
|
};
|
||||||
setuid = true;
|
|
||||||
owner = "root";
|
# https://github.com/nix-community/home-manager/issues/4722
|
||||||
group = "root";
|
systemd.user.services.kbfs.Service.PrivateTmp = lib.mkForce false;
|
||||||
source = "${pkgs.kbfs}/bin/redirector";
|
|
||||||
};
|
|
||||||
|
|
||||||
home-manager.users.${config.user} = {
|
|
||||||
home.packages = [ (lib.mkIf config.gui.enable pkgs.keybase-gui) ];
|
home.packages = [ (lib.mkIf config.gui.enable pkgs.keybase-gui) ];
|
||||||
home.file = let
|
home.file = let
|
||||||
ignorePatterns = ''
|
ignorePatterns = ''
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
# Mullvad is a VPN service. This isn't currently in use for me at the moment.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options.mullvad.enable = lib.mkEnableOption "Mullvad VPN.";
|
options.mullvad.enable = lib.mkEnableOption "Mullvad VPN.";
|
||||||
|
@ -1,3 +1,6 @@
|
|||||||
|
# n8n is an automation integration tool for connecting data from services
|
||||||
|
# together with triggers.
|
||||||
|
|
||||||
{ config, lib, ... }: {
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
|
@ -1,3 +1,6 @@
|
|||||||
|
# Netdata is an out-of-the-box monitoring tool that exposes many different
|
||||||
|
# metrics. Not currently in use, in favor of VictoriaMetrics and Grafana.
|
||||||
|
|
||||||
{ config, lib, ... }: {
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
options.netdata.enable = lib.mkEnableOption "Netdata metrics.";
|
options.netdata.enable = lib.mkEnableOption "Netdata metrics.";
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
config = lib.mkIf config.services.nextcloud.enable {
|
config = lib.mkIf config.services.nextcloud.enable {
|
||||||
|
|
||||||
services.nextcloud = {
|
services.nextcloud = {
|
||||||
package = pkgs.nextcloud27; # Required to specify
|
package = pkgs.nextcloud28; # Required to specify
|
||||||
configureRedis = true;
|
configureRedis = true;
|
||||||
datadir = "/data/nextcloud";
|
datadir = "/data/nextcloud";
|
||||||
database.createLocally = true;
|
database.createLocally = true;
|
||||||
@ -13,18 +13,26 @@
|
|||||||
config = {
|
config = {
|
||||||
adminpassFile = config.secrets.nextcloud.dest;
|
adminpassFile = config.secrets.nextcloud.dest;
|
||||||
dbtype = "mysql";
|
dbtype = "mysql";
|
||||||
extraTrustedDomains = [ config.hostnames.content ];
|
|
||||||
trustedProxies = [ "127.0.0.1" ];
|
|
||||||
};
|
};
|
||||||
extraOptions = { default_phone_region = "US"; };
|
extraOptions = {
|
||||||
|
default_phone_region = "US";
|
||||||
|
# Allow access when hitting either of these hosts or IPs
|
||||||
|
trusted_domains = [ config.hostnames.content ];
|
||||||
|
trusted_proxies = [ "127.0.0.1" ];
|
||||||
|
};
|
||||||
extraAppsEnable = true;
|
extraAppsEnable = true;
|
||||||
extraApps = with config.services.nextcloud.package.packages.apps; {
|
extraApps = with config.services.nextcloud.package.packages.apps; {
|
||||||
inherit calendar contacts;
|
inherit calendar contacts;
|
||||||
|
# These apps are defined and pinned by overlay in flake.
|
||||||
news = pkgs.nextcloudApps.news;
|
news = pkgs.nextcloudApps.news;
|
||||||
external = pkgs.nextcloudApps.external;
|
external = pkgs.nextcloudApps.external;
|
||||||
cookbook = pkgs.nextcloudApps.cookbook;
|
cookbook = pkgs.nextcloudApps.cookbook;
|
||||||
|
snappymail = pkgs.nextcloudApps.snappymail;
|
||||||
|
};
|
||||||
|
phpOptions = {
|
||||||
|
"opcache.interned_strings_buffer" = "16";
|
||||||
|
"output_buffering" = "0";
|
||||||
};
|
};
|
||||||
phpOptions = { "opcache.interned_strings_buffer" = "16"; };
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# Don't let Nginx use main ports (using Caddy instead)
|
# Don't let Nginx use main ports (using Caddy instead)
|
||||||
@ -47,7 +55,10 @@
|
|||||||
handle = [
|
handle = [
|
||||||
{
|
{
|
||||||
handler = "vars";
|
handler = "vars";
|
||||||
root = config.services.nextcloud.package;
|
# Grab the webroot out of the written config
|
||||||
|
# The webroot is a symlinked combined Nextcloud directory
|
||||||
|
root =
|
||||||
|
config.services.nginx.virtualHosts.${config.services.nextcloud.hostName}.root;
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
handler = "headers";
|
handler = "headers";
|
||||||
@ -56,13 +67,6 @@
|
|||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
|
||||||
match = [{ path = [ "/nix-apps*" "/store-apps*" ]; }];
|
|
||||||
handle = [{
|
|
||||||
handler = "vars";
|
|
||||||
root = config.services.nextcloud.home;
|
|
||||||
}];
|
|
||||||
}
|
|
||||||
# Reroute carddav and caldav traffic
|
# Reroute carddav and caldav traffic
|
||||||
{
|
{
|
||||||
match =
|
match =
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
# Paperless-ngx is a document scanning and management solution.
|
||||||
|
|
||||||
{ config, lib, ... }: {
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
config = lib.mkIf config.services.paperless.enable {
|
config = lib.mkIf config.services.paperless.enable {
|
||||||
@ -5,7 +7,7 @@
|
|||||||
services.paperless = {
|
services.paperless = {
|
||||||
mediaDir = "/data/generic/paperless";
|
mediaDir = "/data/generic/paperless";
|
||||||
passwordFile = config.secrets.paperless.dest;
|
passwordFile = config.secrets.paperless.dest;
|
||||||
extraConfig = {
|
settings = {
|
||||||
PAPERLESS_OCR_USER_ARGS =
|
PAPERLESS_OCR_USER_ARGS =
|
||||||
builtins.toJSON { invalidate_digital_signatures = true; };
|
builtins.toJSON { invalidate_digital_signatures = true; };
|
||||||
|
|
||||||
@ -15,7 +17,10 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.paperless.extraGroups = [ "generic" ];
|
# Allow Nextcloud and user to see files
|
||||||
|
users.users.nextcloud.extraGroups =
|
||||||
|
lib.mkIf config.services.nextcloud.enable [ "paperless" ];
|
||||||
|
users.users.${config.user}.extraGroups = [ "paperless" ];
|
||||||
|
|
||||||
caddy.routes = [{
|
caddy.routes = [{
|
||||||
match = [{
|
match = [{
|
||||||
@ -43,6 +48,24 @@
|
|||||||
before = [ "paperless.service" ];
|
before = [ "paperless.service" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Fix permissions on a regular schedule
|
||||||
|
systemd.timers.paperless-permissions = {
|
||||||
|
timerConfig = {
|
||||||
|
OnCalendar = "*-*-* *:0/5"; # Every 5 minutes
|
||||||
|
Unit = "paperless-permissions.service";
|
||||||
|
};
|
||||||
|
wantedBy = [ "timers.target" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Fix paperless shared permissions
|
||||||
|
systemd.services.paperless-permissions = {
|
||||||
|
description = "Allow group access to paperless files";
|
||||||
|
serviceConfig = { Type = "oneshot"; };
|
||||||
|
script = ''
|
||||||
|
find ${config.services.paperless.mediaDir} -type f -exec chmod 640 -- {} +
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
22
modules/nixos/services/postgresql.nix
Normal file
22
modules/nixos/services/postgresql.nix
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
|
services.postgresql = {
|
||||||
|
package = pkgs.postgresql_15;
|
||||||
|
settings = { };
|
||||||
|
identMap = "";
|
||||||
|
ensureUsers = [{
|
||||||
|
name = config.user;
|
||||||
|
ensureClauses = {
|
||||||
|
createdb = true;
|
||||||
|
createrole = true;
|
||||||
|
login = true;
|
||||||
|
};
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
|
||||||
|
home-manager.users.${config.user}.home.packages =
|
||||||
|
lib.mkIf config.services.postgresql.enable [
|
||||||
|
pkgs.pgcli # Postgres client with autocomplete
|
||||||
|
];
|
||||||
|
|
||||||
|
}
|
@ -1,3 +1,9 @@
|
|||||||
|
# Prometheus is a timeseries database that exposes system and service metrics
|
||||||
|
# for use in visualizing, monitoring, and alerting (with Grafana).
|
||||||
|
|
||||||
|
# Instead of running traditional Prometheus, I generally run VictoriaMetrics as
|
||||||
|
# a more efficient drop-in replacement.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options.prometheus = {
|
options.prometheus = {
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
# Samba is a Windows-compatible file-sharing service.
|
||||||
|
|
||||||
{ config, lib, ... }: {
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
# SSHD service for allowing SSH access to my machines.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
|
@ -1,3 +1,6 @@
|
|||||||
|
# Transmission is a bittorrent client, which can run in the background for
|
||||||
|
# automated downloads with a web GUI.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options = {
|
options = {
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
|
# Vaultwarden is an implementation of the Bitwarden password manager backend
|
||||||
|
# service, which allows for self-hosting the synchronization of a Bitwarden
|
||||||
|
# password manager client.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
let vaultwardenPath = "/var/lib/bitwarden_rs"; # Default service directory
|
let vaultwardenPath = "/var/lib/bitwarden_rs"; # Default service directory
|
||||||
|
@ -1,3 +1,6 @@
|
|||||||
|
# VictoriaMetrics is a more efficient drop-in replacement for Prometheus and
|
||||||
|
# InfluxDB (timeseries databases built for monitoring system metrics).
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
@ -1,3 +1,6 @@
|
|||||||
|
# Wireguard is a VPN protocol that can be setup to create a mesh network
|
||||||
|
# between machines on different LANs. This is currently not in use in my setup.
|
||||||
|
|
||||||
{ config, pkgs, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options.wireguard.enable = lib.mkEnableOption "Wireguard VPN setup.";
|
options.wireguard.enable = lib.mkEnableOption "Wireguard VPN setup.";
|
||||||
|
@ -1,9 +0,0 @@
|
|||||||
# Pin age because it is failing to build
|
|
||||||
# https://github.com/NixOS/nixpkgs/pull/265753
|
|
||||||
|
|
||||||
inputs: _final: prev: {
|
|
||||||
age = prev.age.overrideAttrs (old: {
|
|
||||||
src = inputs.age;
|
|
||||||
doCheck = false; # https://github.com/FiloSottile/age/issues/517
|
|
||||||
});
|
|
||||||
}
|
|
20
overlays/bypass-paywalls-clean.nix
Normal file
20
overlays/bypass-paywalls-clean.nix
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
inputs: _final: prev: {
|
||||||
|
|
||||||
|
# Based on:
|
||||||
|
# https://git.sr.ht/~rycee/nur-expressions/tree/master/item/pkgs/firefox-addons/default.nix#L34
|
||||||
|
|
||||||
|
bypass-paywalls-clean = let addonId = "magnolia@12.34";
|
||||||
|
in prev.stdenv.mkDerivation rec {
|
||||||
|
pname = "bypass-paywalls-clean";
|
||||||
|
version = "3.4.9.0";
|
||||||
|
src = inputs.bypass-paywalls-clean + "/bypass_paywalls_clean-latest.xpi";
|
||||||
|
preferLocalBuild = true;
|
||||||
|
allowSubstitutes = true;
|
||||||
|
buildCommand = ''
|
||||||
|
dst="$out/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"
|
||||||
|
mkdir -p "$dst"
|
||||||
|
install -v -m644 "${src}" "$dst/${addonId}.xpi"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -31,7 +31,7 @@ in {
|
|||||||
|
|
||||||
src = prev.caddy.src;
|
src = prev.caddy.src;
|
||||||
|
|
||||||
vendorSha256 = "sha256:0KfMzTt4lNzVfoCfDHhC2ue3OWICkFCHuhREiM2JPMY=";
|
vendorHash = "sha256:pr2MI2Nv9y357lCEEh6aNdmD9FiCaJIkRfHaoWgdQIE=";
|
||||||
|
|
||||||
overrideModAttrs = (_: {
|
overrideModAttrs = (_: {
|
||||||
preBuild = ''
|
preBuild = ''
|
||||||
|
25
overlays/gh-collaborators.nix
Normal file
25
overlays/gh-collaborators.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
_final: prev: {
|
||||||
|
|
||||||
|
gh-collaborators = prev.buildGo120Module rec {
|
||||||
|
pname = "gh-collaborators";
|
||||||
|
version = "2.0.2";
|
||||||
|
|
||||||
|
src = prev.fetchFromGitHub {
|
||||||
|
owner = "katiem0";
|
||||||
|
repo = "gh-collaborators";
|
||||||
|
rev = version;
|
||||||
|
sha256 = "sha256-sz5LHkwZ28aA2vbMnFMzAlyGiJBDZm7jwDQYxgKBPLU=";
|
||||||
|
};
|
||||||
|
|
||||||
|
vendorHash = "sha256-rsRDOgJBa8T6+bC/APcmuRmg6ykbIp9pwRnJ9rrfHEs=";
|
||||||
|
|
||||||
|
ldflags = [
|
||||||
|
"-s"
|
||||||
|
"-w"
|
||||||
|
"-X github.com/katiem0/gh-collaborators/cmd.Version=${version}"
|
||||||
|
# "-X main.Version=${version}"
|
||||||
|
];
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -16,9 +16,6 @@ let
|
|||||||
|
|
||||||
in {
|
in {
|
||||||
|
|
||||||
nil = inputs.nil.packages.${prev.system}.nil;
|
|
||||||
vscode-terraform-snippets = inputs.vscode-terraform-snippets;
|
|
||||||
|
|
||||||
nvim-lspconfig = withSrc prev.vimPlugins.nvim-lspconfig inputs.nvim-lspconfig;
|
nvim-lspconfig = withSrc prev.vimPlugins.nvim-lspconfig inputs.nvim-lspconfig;
|
||||||
cmp-nvim-lsp = withSrc prev.vimPlugins.cmp-nvim-lsp inputs.cmp-nvim-lsp;
|
cmp-nvim-lsp = withSrc prev.vimPlugins.cmp-nvim-lsp inputs.cmp-nvim-lsp;
|
||||||
null-ls-nvim = withSrc prev.vimPlugins.null-ls-nvim inputs.null-ls-nvim;
|
null-ls-nvim = withSrc prev.vimPlugins.null-ls-nvim inputs.null-ls-nvim;
|
||||||
|
@ -16,6 +16,11 @@ inputs: _final: prev: {
|
|||||||
sha256 = inputs.nextcloud-cookbook.narHash;
|
sha256 = inputs.nextcloud-cookbook.narHash;
|
||||||
license = "agpl3Plus";
|
license = "agpl3Plus";
|
||||||
};
|
};
|
||||||
|
snappymail = prev.fetchNextcloudApp {
|
||||||
|
url = inputs.nextcloud-snappymail.outPath;
|
||||||
|
sha256 = inputs.nextcloud-snappymail.narHash;
|
||||||
|
license = "agpl3Plus";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
12
overlays/terraform.nix
Normal file
12
overlays/terraform.nix
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
# Fix for Terraform and Consul on Darwin:
|
||||||
|
# https://github.com/NixOS/nixpkgs/pull/275534/files
|
||||||
|
_final: prev: {
|
||||||
|
girara = prev.girara.overrideAttrs (old: {
|
||||||
|
mesonFlags = [
|
||||||
|
"-Ddocs=disabled"
|
||||||
|
(prev.lib.mesonEnable "tests"
|
||||||
|
((prev.stdenv.buildPlatform.canExecute prev.stdenv.hostPlatform)
|
||||||
|
&& (!prev.stdenv.isDarwin)))
|
||||||
|
];
|
||||||
|
});
|
||||||
|
}
|
@ -32,6 +32,11 @@ inputs: _final: prev: {
|
|||||||
version = "0.1.1";
|
version = "0.1.1";
|
||||||
src = inputs.tree-sitter-rasi;
|
src = inputs.tree-sitter-rasi;
|
||||||
};
|
};
|
||||||
|
tree-sitter-vimdoc = prev.tree-sitter.buildGrammar {
|
||||||
|
language = "vimdoc";
|
||||||
|
version = "2.1.0";
|
||||||
|
src = inputs.tree-sitter-vimdoc;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
14
private/influxdb2-password.age
Normal file
14
private/influxdb2-password.age
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBhUEdQ
|
||||||
|
ejFtQWFabkl3YTJmUmRDS2M1elBrMU5yVHhWWlFLMHdOdlNsNEFRCmREU3ZZWlZi
|
||||||
|
R1RLQVorT2dDbFRXc2toMExpNWR1WUEvaVlzUFJ5ZUU3azQKLT4gc3NoLWVkMjU1
|
||||||
|
MTkgWXlTVU1RIDY5OGpSWlFTT2EvUzV4ajQwUG5YL3loSWhGbjV6U2J4TkFhQm5Y
|
||||||
|
RWhvMXcKbUVpQm5wRmtLRGV2SWYzb2c3dnZYREdRSnRtdjJJcjRKTk0rbnMyZmVB
|
||||||
|
cwotPiBzc2gtZWQyNTUxOSBuanZYNUEgd0o4WGhTQnlkVGhhWG44MmQ1UXFVWjFO
|
||||||
|
MS9JcVpEOEIvd3ZuNmVmN2d3dwpYNXF5V05WbHRobVlIWVM2VHN1TjcyVG81cHp1
|
||||||
|
V0pnWTduZFFWQks2ZFY0Ci0+IHNzaC1lZDI1NTE5IENxSU9VQSBkWXlRejFNdHJk
|
||||||
|
azg0aUpzL1JMSWUvWkdXUmpLc3pVUEZTNGFwTG0rRlNrCjMyVTE5c1pjRlowVlJ4
|
||||||
|
YmFtRzEzV1dCU0FoeUJPMjQzWHErc0h4RWhLbDgKLS0tIHhzK20vTzFPdVROVW44
|
||||||
|
MkNhb2VWZHBqeXY0MWZuTDFUMXdNazMwTG8yZTQK1CrrD2tin/3ZhV2D1XJvkbUN
|
||||||
|
2Nw4ASdPdRXaQJw5CMhlrW6rgSnC81j0249F7D7ZfAlo62ANOfLyL9Lv2FVGzg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
14
private/influxdb2-token.age
Normal file
14
private/influxdb2-token.age
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBmTnVo
|
||||||
|
eFlINGttSEZYTlZucVVWemlMMk0reHNKcjF3SmhCQllXdmw5RzBBCnl0NWZVb1ZW
|
||||||
|
MWRzc05pNVVWTlRyNzNRaDlYTm5TSVF3ZGNMclhyY0R3bUkKLT4gc3NoLWVkMjU1
|
||||||
|
MTkgWXlTVU1RIEppTjJPUmxlamdLY2xxRVBwcFBmTTdOM3dLU3h3YnA2TlhRWXRu
|
||||||
|
OGJrR28KMW9JQUFDcXFLOTk4NDVHQmJucEZuOElLaG5Eb1lyK1NGTUJaMkFONit1
|
||||||
|
dwotPiBzc2gtZWQyNTUxOSBuanZYNUEgZkF5MVNGK3FRV2JPVDFGMkY5SWxGWVVK
|
||||||
|
YThUVFk2VGZZNXN6UWx3eFJ6MAp0d3NGWTRuLzNOb0VxdVUvZ1YwR0lWemc2NDR2
|
||||||
|
VFI2eWRjS242SEJrQWx3Ci0+IHNzaC1lZDI1NTE5IENxSU9VQSBpY2JoaGRKY0ZR
|
||||||
|
Y2txWFM1ODJyaW03b0xuRGlJMkVidEVZMGdiU1pTZ1hVCk0yeGF6VWU5LzF0Z1dL
|
||||||
|
cnlDUCtLL01EWWo2Q0dYcjdtSjRtSnFjUHNWdzAKLS0tIEI4aWpNc0xqU3ZsLzcz
|
||||||
|
TThFNXd0YjQ2MEMzc0JOQXZnTnBaTVg0V1hITzgK8GYZG8/fGXk6ELSB6rnLX0ke
|
||||||
|
QqiztfVnV/fpgEgJ/K60Ea3aBe3ELpejzFKZfno+jesvnL5DCMGz7QRRpnThLQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
@ -11,7 +11,7 @@
|
|||||||
inputs.pypi-deps-db.follows = "pypi-deps-db";
|
inputs.pypi-deps-db.follows = "pypi-deps-db";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { self, nixpkgs, mach-nix }:
|
outputs = { nixpkgs, mach-nix, ... }:
|
||||||
let
|
let
|
||||||
supportedSystems = [ "x86_64-linux" "x86_64-darwin" "aarch64-darwin" ];
|
supportedSystems = [ "x86_64-linux" "x86_64-darwin" "aarch64-darwin" ];
|
||||||
forAllSystems = f:
|
forAllSystems = f:
|
||||||
|
Loading…
Reference in New Issue
Block a user