foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-04-19 00:19:11 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

chore: reformat codebase

Browse Source
This commit is contained in:
Gabriel Arazas 2025-01-29 12:48:19 +08:00
parent e89ea98f8b
commit 71be6e4bc1
No known key found for this signature in database
GPG Key ID: 62104B43D00AA360
315 changed files with 5888 additions and 6872 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apps/run-workflow-with-vm/configuration.nix
View File

@ -7,8 +7,7 @@
let let
pkgs = import <nixpkgs> { }; pkgs = import <nixpkgs> { };
lib = pkgs.lib; lib = pkgs.lib;
in in import <nixpkgs/nixos/lib/eval-config.nix> {
import <nixpkgs/nixos/lib/eval-config.nix> {
inherit lib; inherit lib;
specialArgs = { specialArgs = {
foodogsquaredUtils = import <config/lib/utils/nixos.nix> { inherit lib; }; foodogsquaredUtils = import <config/lib/utils/nixos.nix> { inherit lib; };

12
apps/run-workflow-with-vm/default.nix
View File

@ -1,9 +1,4 @@
{ stdenv { stdenv, lib, meson, ninja, inputs ? [ ] }:
, lib
, meson
, ninja
, inputs ? [ ]
}:
stdenv.mkDerivation (finalAttrs: { stdenv.mkDerivation (finalAttrs: {
pname = "run-workflow-with-vm"; pname = "run-workflow-with-vm";
@ -11,10 +6,7 @@ stdenv.mkDerivation (finalAttrs: {
src = ./.; src = ./.;
nativeBuildInputs = [ nativeBuildInputs = [ meson ninja ];
meson
ninja
];
preConfigure = '' preConfigure = ''
mesonFlagsArray+=("-Dinputs=[${lib.concatStringsSep "," inputs}]") mesonFlagsArray+=("-Dinputs=[${lib.concatStringsSep "," inputs}]")

4
apps/run-workflow-with-vm/modules/home-manager/default.nix
View File

@ -1,2 +1,4 @@
# It's just be empty like your soul, probably. # It's just be empty like your soul, probably.
{ imports = [ ]; } {
imports = [ ];
}

4
apps/run-workflow-with-vm/modules/nixos/default.nix
View File

@ -1,3 +1,5 @@
# Just an extra set of modules, if you count zero modules as one. Or I guess # Just an extra set of modules, if you count zero modules as one. Or I guess
# technically this is one module, just an empty one. # technically this is one module, just an empty one.
{ imports = [ ]; } {
imports = [ ];
}

9
configs/disko/laptop-ssd/default.nix
View File

@ -17,13 +17,8 @@
subvolumes = { subvolumes = {
"/root" = { "/root" = {
mountOptions = [ mountOptions =
"rw" [ "rw" "user" "noauto" "nofail" "compress=zstd:10" ];
"user"
"noauto"
"nofail"
"compress=zstd:10"
];
mountpoint = "/media/laptop-ssd"; mountpoint = "/media/laptop-ssd";
}; };
}; };

9
configs/flake-parts/default.nix
View File

@ -28,9 +28,7 @@
defaultSystems = [ "x86_64-linux" ]; defaultSystems = [ "x86_64-linux" ];
}; };
setups.sharedNixpkgsConfig = { setups.sharedNixpkgsConfig = { allowUnfree = true; };
allowUnfree = true;
};
perSystem = { lib, system, ... }: { perSystem = { lib, system, ... }: {
_module.args = { _module.args = {
@ -39,9 +37,8 @@
pkgs = import inputs.nixpkgs { pkgs = import inputs.nixpkgs {
inherit system; inherit system;
config = config.setups.sharedNixpkgsConfig; config = config.setups.sharedNixpkgsConfig;
overlays = lib.attrValues inputs.self.overlays ++ [ overlays = lib.attrValues inputs.self.overlays
inputs.nur.overlays.default ++ [ inputs.nur.overlays.default ];
];
}; };
}; };
}; };

10
configs/flake-parts/home-manager.nix
View File

@ -1,11 +1,8 @@
{ inputs { inputs, lib, config
, lib
, config
, defaultNixConf , defaultNixConf
, ... , ... }:
}:
{ {
setups.home-manager = { setups.home-manager = {
@ -42,8 +39,7 @@
{ {
_module.args = { _module.args = {
firstSetupArgs = { firstSetupArgs = {
baseNixvimModules = baseNixvimModules = config.setups.nixvim.configs.fiesta.modules
config.setups.nixvim.configs.fiesta.modules
++ config.setups.nixvim.sharedModules; ++ config.setups.nixvim.sharedModules;
}; };
}; };

36
configs/flake-parts/nixos.nix
View File

@ -2,14 +2,12 @@
, defaultNixConf , defaultNixConf
, ... , ... }:
}:
let let
domain = "foodogsquared.one"; domain = "foodogsquared.one";
subdomain = name: "${name}.${domain}"; subdomain = name: "${name}.${domain}";
in in {
{
setups.nixos = { setups.nixos = {
configs = { configs = {
# The main desktop. # The main desktop.
@ -17,10 +15,8 @@ in
nixpkgs.branch = "nixos-unstable"; nixpkgs.branch = "nixos-unstable";
# This is to make an exception for Archivebox. # This is to make an exception for Archivebox.
nixpkgs.config.permittedInsecurePackages = [ nixpkgs.config.permittedInsecurePackages =
"archiver-3.5.1" [ "archiver-3.5.1" "python3.12-django-3.1.14" ];
"python3.12-django-3.1.14"
];
systems = [ "x86_64-linux" ]; systems = [ "x86_64-linux" ];
formats = null; formats = null;
@ -30,10 +26,8 @@ in
inputs.wrapper-manager-fds.nixosModules.wrapper-manager inputs.wrapper-manager-fds.nixosModules.wrapper-manager
{ {
documentation.nixos.extraModules = [ documentation.nixos.extraModules =
../../modules/nixos [ ../../modules/nixos ../../modules/nixos/_private ];
../../modules/nixos/_private
];
wrapper-manager.documentation.manpage.enable = true; wrapper-manager.documentation.manpage.enable = true;
wrapper-manager.documentation.extraModules = [ wrapper-manager.documentation.extraModules = [
../../modules/wrapper-manager ../../modules/wrapper-manager
@ -44,9 +38,8 @@ in
inputs.nixos-hardware.nixosModules.common-cpu-amd-pstate inputs.nixos-hardware.nixosModules.common-cpu-amd-pstate
inputs.nixos-hardware.nixosModules.common-cpu-amd-raphael-igpu inputs.nixos-hardware.nixosModules.common-cpu-amd-raphael-igpu
( ({ config, ... }:
{ config, ... }: let let hmCfg = config.home-manager.users;
hmCfg = config.home-manager.users;
in { in {
# Testing out Nushell for a spinerooski. # Testing out Nushell for a spinerooski.
users.users.foo-dogsquared.shell = users.users.foo-dogsquared.shell =
@ -54,8 +47,7 @@ in
hmCfg.foo-dogsquared.programs.nushell.package hmCfg.foo-dogsquared.programs.nushell.package
else else
"/run/current-system/sw/bin/bash"; "/run/current-system/sw/bin/bash";
} })
)
]; ];
home-manager = { home-manager = {
branch = "home-manager-unstable"; branch = "home-manager-unstable";
@ -99,10 +91,8 @@ in
activationTimeout = 1200; activationTimeout = 1200;
}; };
modules = [ modules =
inputs.disko.nixosModules.disko [ inputs.disko.nixosModules.disko inputs.sops-nix.nixosModules.sops ];
inputs.sops-nix.nixosModules.sops
];
}; };
# The barely customized non-graphical installer. # The barely customized non-graphical installer.
@ -126,9 +116,7 @@ in
winnowing = { winnowing = {
nixpkgs = { nixpkgs = {
branch = "nixos-unstable"; branch = "nixos-unstable";
overlays = [ overlays = [ inputs.neovim-nightly-overlay.overlays.default ];
inputs.neovim-nightly-overlay.overlays.default
];
}; };
home-manager.branch = "home-manager-unstable"; home-manager.branch = "home-manager-unstable";
systems = [ "x86_64-linux" ]; systems = [ "x86_64-linux" ];

25
configs/flake-parts/nixvim.nix
View File

@ -3,16 +3,12 @@
{ {
setups.nixvim.configs = { setups.nixvim.configs = {
fiesta = { fiesta = {
components = [ components = [{
{ nixpkgsBranch = "nixos-unstable";
nixpkgsBranch = "nixos-unstable"; nixvimBranch = "nixvim-unstable";
nixvimBranch = "nixvim-unstable"; neovimPackage = pkgs: pkgs.neovim;
neovimPackage = pkgs: pkgs.neovim; overlays = [ inputs.neovim-nightly-overlay.overlays.default ];
overlays = [ }];
inputs.neovim-nightly-overlay.overlays.default
];
}
];
}; };
trovebelt = { trovebelt = {
@ -20,10 +16,7 @@
nixpkgsBranch = [ "nixos-unstable" ]; nixpkgsBranch = [ "nixos-unstable" ];
nixvimBranch = [ "nixvim-unstable" ]; nixvimBranch = [ "nixvim-unstable" ];
neovimPackage = [ (pkgs: pkgs.neovim) ]; neovimPackage = [ (pkgs: pkgs.neovim) ];
overlays = [ overlays = [ [ inputs.neovim-nightly-overlay.overlays.default ] [ ] ];
[ inputs.neovim-nightly-overlay.overlays.default ]
[ ]
];
}; };
}; };
}; };
@ -33,7 +26,5 @@
inputs.self.nixvimModules.bahaghari inputs.self.nixvimModules.bahaghari
]; ];
flake = { flake = { nixvimModules.default = ../../modules/nixvim; };
nixvimModules.default = ../../modules/nixvim;
};
} }

8
configs/home-manager/alice/default.nix
View File

@ -18,13 +18,7 @@
programs.bash = { programs.bash = {
enable = true; enable = true;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ]; historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyIgnore = [ historyIgnore = [ "cd" "exit" "lf" "ls" "nvim" ];
"cd"
"exit"
"lf"
"ls"
"nvim"
];
}; };
home.stateVersion = "23.11"; home.stateVersion = "23.11";

58
configs/home-manager/foo-dogsquared/default.nix
View File

@ -3,8 +3,7 @@
let let
inherit (bahaghariLib.tinted-theming) importScheme; inherit (bahaghariLib.tinted-theming) importScheme;
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
in in {
{
imports = [ ./modules ]; imports = [ ./modules ];
# All of the home-manager-user-specific setup are here. # All of the home-manager-user-specific setup are here.
@ -30,7 +29,8 @@ in
# Merge the upstream since any new files will be overridden. It also # Merge the upstream since any new files will be overridden. It also
# allows us to attach data to it such as new links to the hardcoded # allows us to attach data to it such as new links to the hardcoded
# sections. # sections.
(lib.importTOML "${config.users.foo-dogsquared.programs.custom-homepage.package.src}/data/foodogsquared-homepage/links.toml") (lib.importTOML
"${config.users.foo-dogsquared.programs.custom-homepage.package.src}/data/foodogsquared-homepage/links.toml")
{ {
services = { services = {
@ -48,26 +48,35 @@ in
(lib.mkIf config.services.archivebox.webserver.enable { (lib.mkIf config.services.archivebox.webserver.enable {
services.links = lib.singleton { services.links = lib.singleton {
url = "http://localhost:${builtins.toString config.state.ports.archivebox-webserver.value}"; url = "http://localhost:${
builtins.toString
config.state.ports.archivebox-webserver.value
}";
text = "Archive webserver"; text = "Archive webserver";
}; };
YOHOOHOOHOOHOO.links = lib.mkBefore (lib.singleton { YOHOOHOOHOOHOO.links = lib.mkBefore (lib.singleton {
url = "http://localhost:${builtins.toString config.state.ports.archivebox-webserver.value}"; url = "http://localhost:${
builtins.toString
config.state.ports.archivebox-webserver.value
}";
text = "ArchiveBox webserver"; text = "ArchiveBox webserver";
}); });
}) })
(lib.mkIf (attrs.nixosConfig.suites.filesystem.setups.archive.enable or false) { (lib.mkIf
YOHOOHOOHOOHOO.links = lib.mkBefore (lib.singleton { (attrs.nixosConfig.suites.filesystem.setups.archive.enable or false) {
url = "file://${attrs.nixosConfig.state.paths.archive}"; YOHOOHOOHOOHOO.links = lib.mkBefore (lib.singleton {
text = "Personal archive"; url = "file://${attrs.nixosConfig.state.paths.archive}";
}); text = "Personal archive";
}) });
})
(lib.mkIf (attrs.nixosConfig.services.miniflux.enable or false) { (lib.mkIf (attrs.nixosConfig.services.miniflux.enable or false) {
services.links = lib.singleton { services.links = lib.singleton {
url = "http://localhost:${builtins.toString attrs.nixosConfig.state.ports.miniflux.value}"; url = "http://localhost:${
builtins.toString attrs.nixosConfig.state.ports.miniflux.value
}";
text = "RSS reader"; text = "RSS reader";
}; };
}) })
@ -101,15 +110,17 @@ in
# Add our own projects directory since most programs can't decide where it is # Add our own projects directory since most programs can't decide where it is
# properly. # properly.
xdg.userDirs.extraConfig.XDG_PROJECTS_DIR = "${config.home.homeDirectory}/Projects"; xdg.userDirs.extraConfig.XDG_PROJECTS_DIR =
"${config.home.homeDirectory}/Projects";
# Set nixpkgs config both outside and inside of home-manager. # Set nixpkgs config both outside and inside of home-manager.
nixpkgs.config = import ./config/nixpkgs/config.nix; nixpkgs.config = import ./config/nixpkgs/config.nix;
xdg.configFile."nixpkgs/config.nix".source = ./config/nixpkgs/config.nix; xdg.configFile."nixpkgs/config.nix".source = ./config/nixpkgs/config.nix;
home.packages = with pkgs; [ home.packages = with pkgs;
gopass # An improved version of the password manager for hipsters. [
]; gopass # An improved version of the password manager for hipsters.
];
home.stateVersion = "23.11"; home.stateVersion = "23.11";
@ -122,24 +133,25 @@ in
state.packages = { state.packages = {
diff = pkgs.diffoscope; diff = pkgs.diffoscope;
pager = config.programs.bat.package; pager = config.programs.bat.package;
editor = editor = if config.programs.nixvim.enable then
if config.programs.nixvim.enable then config.programs.nixvim.finalPackage
config.programs.nixvim.finalPackage else
else config.programs.neovim.package;
config.programs.neovim.package;
}; };
# Automating some files to be fetched on activation. # Automating some files to be fetched on activation.
home.mutableFile = { home.mutableFile = {
# ...my gopass secrets,... # ...my gopass secrets,...
".local/share/gopass/stores/personal" = { ".local/share/gopass/stores/personal" = {
url = "gitea@code.foodogsquared.one:foodogsquared/gopass-secrets-personal.git"; url =
"gitea@code.foodogsquared.one:foodogsquared/gopass-secrets-personal.git";
type = "gopass"; type = "gopass";
}; };
# ...and my custom theme to be a showoff. # ...and my custom theme to be a showoff.
"${config.xdg.dataHome}/base16/bark-on-a-tree" = { "${config.xdg.dataHome}/base16/bark-on-a-tree" = {
url = "https://github.com/foo-dogsquared/base16-bark-on-a-tree-scheme.git"; url =
"https://github.com/foo-dogsquared/base16-bark-on-a-tree-scheme.git";
type = "git"; type = "git";
}; };
}; };

6
configs/home-manager/foo-dogsquared/files/homepage/default.nix
View File

@ -1,5 +1,5 @@
{ pkgs ? import <nixpkgs> { { pkgs ?
overlays = [ (import ../../../../../overlays).default ]; import <nixpkgs> { overlays = [ (import ../../../../../overlays).default ]; }
} }: }:
pkgs.callPackage ./package.nix { } pkgs.callPackage ./package.nix { }

13
configs/home-manager/foo-dogsquared/files/homepage/package.nix
View File

@ -1,7 +1,4 @@
{ { buildHugoSite, lib, }:
buildHugoSite,
lib,
}:
buildHugoSite { buildHugoSite {
pname = "foodogsquared-hm-startpage"; pname = "foodogsquared-hm-startpage";
@ -11,8 +8,12 @@ buildHugoSite {
vendorHash = "sha256-Mi61QK1yKWIneZ+i79fpJqP9ew5r5vnv7ptr9YGq0Uk="; vendorHash = "sha256-Mi61QK1yKWIneZ+i79fpJqP9ew5r5vnv7ptr9YGq0Uk=";
preBuild = '' preBuild = ''
install -Dm0644 ${../tinted-theming/base16/bark-on-a-tree.yaml} ./data/foodogsquared-homepage/themes/_dark.yaml install -Dm0644 ${
install -Dm0644 ${../tinted-theming/base16/albino-bark-on-a-tree.yaml} ./data/foodogsquared-homepage/themes/_light.yaml ../tinted-theming/base16/bark-on-a-tree.yaml
} ./data/foodogsquared-homepage/themes/_dark.yaml
install -Dm0644 ${
../tinted-theming/base16/albino-bark-on-a-tree.yaml
} ./data/foodogsquared-homepage/themes/_light.yaml
''; '';
meta = with lib; { meta = with lib; {

17
configs/home-manager/foo-dogsquared/files/homepage/shell.nix
View File

@ -1,14 +1,9 @@
{ pkgs ? import <nixpkgs> { { pkgs ?
overlays = [ (import ../../../../../overlays).default ]; import <nixpkgs> { overlays = [ (import ../../../../../overlays).default ]; }
} }: }:
let let site = pkgs.callPackage ./package.nix { };
site = pkgs.callPackage ./package.nix { }; in pkgs.mkShell {
in
pkgs.mkShell {
inputsFrom = [ site ]; inputsFrom = [ site ];
packages = with pkgs; [ packages = with pkgs; [ treefmt npins ];
treefmt
npins
];
} }

13
configs/home-manager/foo-dogsquared/modules/dotfiles.nix
View File

@ -7,10 +7,10 @@ let
projectsDir = config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR; projectsDir = config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR;
dotfiles = "${projectsDir}/packages/dotfiles"; dotfiles = "${projectsDir}/packages/dotfiles";
dotfiles' = config.lib.file.mkOutOfStoreSymlink config.home.mutableFile."${dotfiles}".path; dotfiles' = config.lib.file.mkOutOfStoreSymlink
config.home.mutableFile."${dotfiles}".path;
getDotfiles = path: "${dotfiles'}/${path}"; getDotfiles = path: "${dotfiles'}/${path}";
in in {
{
options.users.foo-dogsquared.dotfiles.enable = options.users.foo-dogsquared.dotfiles.enable =
lib.mkEnableOption "custom outside dotfiles for other programs"; lib.mkEnableOption "custom outside dotfiles for other programs";
@ -21,9 +21,7 @@ in
type = "git"; type = "git";
}; };
home.sessionPath = [ home.sessionPath = [ "${config.home.mutableFile.${dotfiles}.path}/bin" ];
"${config.home.mutableFile.${dotfiles}.path}/bin"
];
} }
(lib.mkIf (userCfg.programs.doom-emacs.enable) { (lib.mkIf (userCfg.programs.doom-emacs.enable) {
@ -59,7 +57,8 @@ in
}) })
(lib.mkIf config.programs.nushell.enable { (lib.mkIf config.programs.nushell.enable {
home.file."${config.xdg.dataHome}/nushell/vendor/autoload".source = getDotfiles "nu/autoload"; home.file."${config.xdg.dataHome}/nushell/vendor/autoload".source =
getDotfiles "nu/autoload";
}) })
]); ]);
} }

206
configs/home-manager/foo-dogsquared/modules/programs/browsers.nix
View File

@ -23,13 +23,14 @@ let
{ id = "palihjnakafgffnompkdfgbgdbcagbko"; } # UpdateSWH { id = "palihjnakafgffnompkdfgbgdbcagbko"; } # UpdateSWH
{ id = "gphhapmejobijbbhgpjhcjognlahblep"; } # GNOME Shell integration { id = "gphhapmejobijbbhgpjhcjognlahblep"; } # GNOME Shell integration
]; ];
in in {
{
options.users.foo-dogsquared.programs.browsers = { options.users.foo-dogsquared.programs.browsers = {
firefox.enable = lib.mkEnableOption "foo-dogsquared's Firefox setup"; firefox.enable = lib.mkEnableOption "foo-dogsquared's Firefox setup";
brave.enable = lib.mkEnableOption "foo-dogsquared's Brave setup"; brave.enable = lib.mkEnableOption "foo-dogsquared's Brave setup";
google-chrome.enable = lib.mkEnableOption "foo-dogsquared's Google Chrome setup"; google-chrome.enable =
misc.enable = lib.mkEnableOption "foo-dogsquared's miscellaneous browsers setup"; lib.mkEnableOption "foo-dogsquared's Google Chrome setup";
misc.enable =
lib.mkEnableOption "foo-dogsquared's miscellaneous browsers setup";
plugins.firenvim.enable = lib.mkEnableOption "setting up Firenvim"; plugins.firenvim.enable = lib.mkEnableOption "setting up Firenvim";
}; };
@ -39,10 +40,8 @@ in
(lib.mkIf cfg.brave.enable { (lib.mkIf cfg.brave.enable {
programs.brave = { programs.brave = {
enable = true; enable = true;
commandLineArgs = [ commandLineArgs =
"--no-default-browser-check" [ "--no-default-browser-check" "--use-system-default-printer" ];
"--use-system-default-printer"
];
extensions = commonExtensions; extensions = commonExtensions;
}; };
@ -63,71 +62,70 @@ in
programs.firefox = { programs.firefox = {
enable = true; enable = true;
package = with pkgs; wrapFirefox firefox-unwrapped { package = with pkgs;
nativeMessagingHosts = with pkgs; [ wrapFirefox firefox-unwrapped {
bukubrow nativeMessagingHosts = with pkgs;
tridactyl-native [ bukubrow tridactyl-native ]
] ++ lib.optional config.programs.mpv.enable pkgs.ff2mpv; ++ lib.optional config.programs.mpv.enable pkgs.ff2mpv;
extraPolicies = { extraPolicies = {
AppAutoUpdate = false; AppAutoUpdate = false;
DisableAppUpdate = true; DisableAppUpdate = true;
DisableMasterPasswordCreation = true; DisableMasterPasswordCreation = true;
DisablePocket = true; DisablePocket = true;
DisableSetDesktopBackground = true; DisableSetDesktopBackground = true;
DontCheckDefaultBrowser = true; DontCheckDefaultBrowser = true;
EnableTrackingProtection = true; EnableTrackingProtection = true;
FirefoxHome = { FirefoxHome = {
Highlights = false; Highlights = false;
Pocket = false; Pocket = false;
Snippets = false; Snippets = false;
SponsporedPocket = false; SponsporedPocket = false;
SponsporedTopSites = false; SponsporedTopSites = false;
};
NoDefaultBookmarks = true;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
SanitizeOnShutdown = { FormData = true; };
UseSystemPrintDialog = true;
}; };
NoDefaultBookmarks = true;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
SanitizeOnShutdown = {
FormData = true;
};
UseSystemPrintDialog = true;
}; };
};
profiles.personal = { profiles.personal = {
isDefault = true; isDefault = true;
extensions = with pkgs.nur.repos.rycee.firefox-addons; [ extensions = with pkgs.nur.repos.rycee.firefox-addons;
aw-watcher-web [
bitwarden aw-watcher-web
browserpass bitwarden
facebook-container browserpass
firefox-color facebook-container
firefox-translations firefox-color
firenvim firefox-translations
languagetool firenvim
multi-account-containers languagetool
privacy-badger multi-account-containers
search-by-image privacy-badger
tampermonkey search-by-image
tridactyl tampermonkey
ublock-origin tridactyl
vimium ublock-origin
wayback-machine vimium
] ++ (with pkgs.firefox-addons; [ wayback-machine
get-rss-feed-url ] ++ (with pkgs.firefox-addons; [
google-container get-rss-feed-url
microsoft-container google-container
regretsreporter microsoft-container
simple-translate regretsreporter
sourcegraph-for-firefox simple-translate
tineye-reverse-image-search sourcegraph-for-firefox
updateswh tineye-reverse-image-search
zhongwen updateswh
open-access-helper zhongwen
rsshub-radar open-access-helper
]) rsshub-radar
++ lib.optionals config.programs.mpv.enable (with pkgs.nur.repos.rycee.firefox-addons; [ ff2mpv ]); ]) ++ lib.optionals config.programs.mpv.enable
(with pkgs.nur.repos.rycee.firefox-addons; [ ff2mpv ]);
# Much of the settings are affected by the policies set in the # Much of the settings are affected by the policies set in the
# package. See more information about them in # package. See more information about them in
@ -140,7 +138,8 @@ in
"browser.search.widget.inNavBar" = true; "browser.search.widget.inNavBar" = true;
"browser.search.openintab" = true; "browser.search.openintab" = true;
"browser.startup.homepage" = "browser.startup.homepage" =
lib.mkIf userCfg.programs.custom-homepage.enable "file://${config.xdg.dataHome}/foodogsquared/homepage"; lib.mkIf userCfg.programs.custom-homepage.enable
"file://${config.xdg.dataHome}/foodogsquared/homepage";
# Some privacy settings... # Some privacy settings...
"privacy.donottrackheader.enabled" = true; "privacy.donottrackheader.enabled" = true;
@ -162,22 +161,25 @@ in
search = { search = {
default = "Brave"; default = "Brave";
force = true; force = true;
order = [ order = [ "Brave" "Nix Packages" "Google" ];
"Brave"
"Nix Packages"
"Google"
];
engines = { engines = {
"Brave" = { "Brave" = {
urls = [{ urls = [{
template = "https://search.brave.com/search"; template = "https://search.brave.com/search";
params = [ params = [
{ name = "type"; value = "search"; } {
{ name = "q"; value = "{searchTerms}"; } name = "type";
value = "search";
}
{
name = "q";
value = "{searchTerms}";
}
]; ];
}]; }];
icon = "${config.programs.brave.package}/share/icons/hicolor/64x64/apps/brave-browser.png"; icon =
"${config.programs.brave.package}/share/icons/hicolor/64x64/apps/brave-browser.png";
definedAliases = [ "@brave" "@b" ]; definedAliases = [ "@brave" "@b" ];
}; };
@ -185,12 +187,19 @@ in
urls = [{ urls = [{
template = "https://search.nixos.org/packages"; template = "https://search.nixos.org/packages";
params = [ params = [
{ name = "type"; value = "packages"; } {
{ name = "query"; value = "{searchTerms}"; } name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
]; ];
}]; }];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; icon =
"${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ]; definedAliases = [ "@np" ];
}; };
@ -239,10 +248,8 @@ in
(lib.mkIf cfg.google-chrome.enable { (lib.mkIf cfg.google-chrome.enable {
programs.google-chrome.enable = true; programs.google-chrome.enable = true;
programs.google-chrome.commandLineArgs = [ programs.google-chrome.commandLineArgs =
"--no-default-browser-check" [ "--no-default-browser-check" "--use-system-default-printer" ];
"--use-system-default-printer"
];
services.bleachbit.cleaners = [ services.bleachbit.cleaners = [
"google_chrome.cookies" "google_chrome.cookies"
@ -257,30 +264,19 @@ in
}) })
# Goes with whatever you want to. # Goes with whatever you want to.
(lib.mkIf cfg.misc.enable { (lib.mkIf cfg.misc.enable { home.packages = with pkgs; [ nyxt ]; })
home.packages = with pkgs; [
nyxt
];
})
(lib.mkIf cfg.plugins.firenvim.enable (lib.mkIf cfg.plugins.firenvim.enable (let
(let supportedBrowsers = [ "brave" "chromium" "google-chrome" "vivaldi" ];
supportedBrowsers = [ enableSupportedBrowser = acc: name:
"brave" acc // {
"chromium" programs.${name}.extensions =
"google-chrome" [{ id = "egpjdkipkomnmjhjmdamaniclmdlobbo"; }];
"vivaldi"
];
enableSupportedBrowser = acc: name: acc // {
programs.${name}.extensions = [
{ id = "egpjdkipkomnmjhjmdamaniclmdlobbo"; }
];
}; };
in in lib.foldl' enableSupportedBrowser { } supportedBrowsers // {
lib.foldl' enableSupportedBrowser { } supportedBrowsers // { programs.firefox.profiles.personal.extensions =
programs.firefox.profiles.personal.extensions = with pkgs.nur.repos.rycee.firefox-addons; [ with pkgs.nur.repos.rycee.firefox-addons;
firenvim [ firenvim ];
]; }))
}))
]; ];
} }

40
configs/home-manager/foo-dogsquared/modules/programs/custom-homepage.nix
View File

@ -6,8 +6,7 @@ let
settingsFormat = pkgs.formats.toml { }; settingsFormat = pkgs.formats.toml { };
themesSettingsFormat = pkgs.formats.yaml { }; themesSettingsFormat = pkgs.formats.yaml { };
in in {
{
options.users.foo-dogsquared.programs.custom-homepage = { options.users.foo-dogsquared.programs.custom-homepage = {
enable = lib.mkEnableOption "addition of custom homepage"; enable = lib.mkEnableOption "addition of custom homepage";
@ -97,27 +96,26 @@ in
}; };
config = { config = {
users.foo-dogsquared.programs.custom-homepage.finalPackage = users.foo-dogsquared.programs.custom-homepage.finalPackage = let
let data = lib.mapAttrs
data = lib.mapAttrs (n: v: (n: v: settingsFormat.generate "fds-homepage-section-${n}" v)
settingsFormat.generate "fds-homepage-section-${n}" v) cfg.sections; cfg.sections;
installDataDir = lib.foldlAttrs (acc: n: v: '' installDataDir = lib.foldlAttrs (acc: n: v: ''
${acc} ${acc}
install -Dm0644 ${v} './data/foodogsquared-homepage/links/${n}.toml' install -Dm0644 ${v} './data/foodogsquared-homepage/links/${n}.toml'
'') "" data; '') "" data;
installThemes = lib.foldlAttrs (acc: n: v: '' installThemes = lib.foldlAttrs (acc: n: v: ''
${acc} ${acc}
install -Dm0644 ${v} './data/foodogsquared-homepage/themes/${n}}.yaml install -Dm0644 ${v} './data/foodogsquared-homepage/themes/${n}}.yaml
'') "" cfg.themes; '') "" cfg.themes;
in in cfg.package.overrideAttrs (prevAttrs: {
cfg.package.overrideAttrs (prevAttrs: { preBuild = (prevAttrs.preBuild or "") + ''
preBuild = (prevAttrs.preBuild or "") + '' ${installDataDir}
${installDataDir} ${installThemes}
${installThemes} '';
''; });
});
xdg.dataFile."foodogsquared/homepage".source = cfg.finalPackage; xdg.dataFile."foodogsquared/homepage".source = cfg.finalPackage;
}; };

10
configs/home-manager/foo-dogsquared/modules/programs/dconf.nix
View File

@ -4,8 +4,7 @@ let
inherit (config.xdg) userDirs; inherit (config.xdg) userDirs;
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.dconf; cfg = userCfg.programs.dconf;
in in {
{
options.users.foo-dogsquared.programs.dconf.enable = options.users.foo-dogsquared.programs.dconf.enable =
lib.mkEnableOption "dconf configuration"; lib.mkEnableOption "dconf configuration";
@ -13,10 +12,11 @@ in
dconf.settings = { dconf.settings = {
# My GNOME Shell and programs configuration. # My GNOME Shell and programs configuration.
"org/gnome/shell" = { "org/gnome/shell" = {
favorite-apps = favorite-apps = lib.optional userCfg.programs.browsers.firefox.enable
lib.optional userCfg.programs.browsers.firefox.enable "firefox.desktop" "firefox.desktop"
++ lib.optional userCfg.setups.desktop.enable "thunderbird.desktop" ++ lib.optional userCfg.setups.desktop.enable "thunderbird.desktop"
++ lib.optional userCfg.setups.development.enable "org.wezfurlong.wezterm.desktop" ++ lib.optional userCfg.setups.development.enable
"org.wezfurlong.wezterm.desktop"
++ lib.optional userCfg.programs.doom-emacs.enable "emacs.desktop" ++ lib.optional userCfg.programs.doom-emacs.enable "emacs.desktop"
++ lib.optional userCfg.programs.vs-code.enable "code.desktop"; ++ lib.optional userCfg.programs.vs-code.enable "code.desktop";
}; };

23
configs/home-manager/foo-dogsquared/modules/programs/doom-emacs.nix
View File

@ -9,8 +9,7 @@ let
cfg = userCfg.programs.doom-emacs; cfg = userCfg.programs.doom-emacs;
doomEmacsInstallation = "${config.xdg.configHome}/emacs"; doomEmacsInstallation = "${config.xdg.configHome}/emacs";
in in {
{
options.users.foo-dogsquared.programs.doom-emacs.enable = options.users.foo-dogsquared.programs.doom-emacs.enable =
lib.mkEnableOption "foo-dogsquared's Doom Emacs configuration"; lib.mkEnableOption "foo-dogsquared's Doom Emacs configuration";
@ -18,12 +17,13 @@ in
programs.emacs = { programs.emacs = {
enable = true; enable = true;
package = pkgs.emacs; package = pkgs.emacs;
extraPackages = epkgs: with epkgs; [ extraPackages = epkgs:
org-noter-pdftools with epkgs; [
org-pdftools org-noter-pdftools
pdf-tools org-pdftools
vterm pdf-tools
]; vterm
];
}; };
# Automatically install Doom Emacs from here. # Automatically install Doom Emacs from here.
@ -58,16 +58,13 @@ in
# :lang org +roam2 # :lang org +roam2
texlive.combined.scheme-medium texlive.combined.scheme-medium
sqlite sqlite
anystyle-cli #anystyle-cli
]; ];
programs.python = { programs.python = {
enable = true; enable = true;
package = pkgs.python3; package = pkgs.python3;
modules = ps: with ps; [ modules = ps: with ps; [ jupyter jupyter-book ];
jupyter
jupyter-book
];
}; };
# Enable Emacs server for them quicknotes. # Enable Emacs server for them quicknotes.

12
configs/home-manager/foo-dogsquared/modules/programs/email.nix
View File

@ -8,7 +8,8 @@ let
address = "${name}@${domain}"; address = "${name}@${domain}";
userName = "${name}@${domain}"; userName = "${name}@${domain}";
realName = lib.mkDefault "${name}@${domain}"; realName = lib.mkDefault "${name}@${domain}";
passwordCommand = lib.mkDefault "gopass show email/${domain}/${name} | head -n 1"; passwordCommand =
lib.mkDefault "gopass show email/${domain}/${name} | head -n 1";
imap = { imap = {
host = "heracles.mxrouting.net"; host = "heracles.mxrouting.net";
@ -23,11 +24,11 @@ let
tls.enable = true; tls.enable = true;
}; };
}; };
in in {
{
options.users.foo-dogsquared.programs.email = { options.users.foo-dogsquared.programs.email = {
enable = lib.mkEnableOption "foo-dogsquared's email setup"; enable = lib.mkEnableOption "foo-dogsquared's email setup";
thunderbird.enable = lib.mkEnableOption "foo-dogsquared's Thunderbird configuration"; thunderbird.enable =
lib.mkEnableOption "foo-dogsquared's Thunderbird configuration";
}; };
config = lib.mkIf cfg.enable (lib.mkMerge [ config = lib.mkIf cfg.enable (lib.mkMerge [
@ -64,7 +65,8 @@ in
realName = config.accounts.email.accounts.personal.realName; realName = config.accounts.email.accounts.personal.realName;
userName = "foo.dogsquared@gmail.com"; userName = "foo.dogsquared@gmail.com";
flavor = "gmail.com"; flavor = "gmail.com";
passwordCommand = "gopass show websites/accounts.google.com/foo.dogsquared | head -n 1"; passwordCommand =
"gopass show websites/accounts.google.com/foo.dogsquared | head -n 1";
}; };
}; };
} }

164
configs/home-manager/foo-dogsquared/modules/programs/git.nix
View File

@ -3,106 +3,104 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.git; cfg = userCfg.programs.git;
in in {
{
options.users.foo-dogsquared.programs.git = { options.users.foo-dogsquared.programs.git = {
enable = lib.mkEnableOption "foo-dogsquared's Git setup"; enable = lib.mkEnableOption "foo-dogsquared's Git setup";
instaweb.enable = lib.mkEnableOption "install additional files for instaweb setup"; instaweb.enable =
lib.mkEnableOption "install additional files for instaweb setup";
}; };
config = lib.mkIf cfg.enable ( config = lib.mkIf cfg.enable (lib.mkMerge [
lib.mkMerge [ {
{ home.packages = with pkgs; [
home.packages = with pkgs; [ mergiraf # Merging giraffes are no small task.
mergiraf # Merging giraffes are no small task. tea # So you don't have to see some teas, I guess.
tea # So you don't have to see some teas, I guess. hut # So you don't have to see Sourcehut's brutalist design, I guess.
hut # So you don't have to see Sourcehut's brutalist design, I guess. ];
];
# My Git credentials. # My Git credentials.
programs.git = { programs.git = {
enable = true; enable = true;
package = pkgs.gitFull; package = pkgs.gitFull;
lfs.enable = true; lfs.enable = true;
signing.key = "4AA9CDFF7C99DFF9"; signing.key = "4AA9CDFF7C99DFF9";
extraConfig = { extraConfig = {
core.excludesFile = builtins.toString ../../config/git/ignore; core.excludesFile = builtins.toString ../../config/git/ignore;
user = { user = {
name = config.accounts.email.accounts.personal.realName; name = config.accounts.email.accounts.personal.realName;
email = config.accounts.email.accounts.personal.address; email = config.accounts.email.accounts.personal.address;
}; };
alias = { alias = {
unstage = "reset HEAD --"; unstage = "reset HEAD --";
quick-rebase = "rebase --interactive --autostash --committer-date-is-author-date"; quick-rebase =
quick-clone = "clone --depth=1 --recurse-submodules --shallow-submodules"; "rebase --interactive --autostash --committer-date-is-author-date";
}; quick-clone =
"clone --depth=1 --recurse-submodules --shallow-submodules";
};
init.defaultBranch = "main"; init.defaultBranch = "main";
# Shorthand for popular forges ala-Nix flake URL inputs. It's just a fun # Shorthand for popular forges ala-Nix flake URL inputs. It's just a fun
# little part of the config. # little part of the config.
url = { url = {
"https://github.com/".insteadOf = [ "gh:" "github:" ]; "https://github.com/".insteadOf = [ "gh:" "github:" ];
"https://gitlab.com/".insteadOf = [ "gl:" "gitlab:" ]; "https://gitlab.com/".insteadOf = [ "gl:" "gitlab:" ];
"https://gitlab.gnome.org/".insteadOf = [ "gnome:" ]; "https://gitlab.gnome.org/".insteadOf = [ "gnome:" ];
"https://invent.kde.org/".insteadOf = [ "kde:" ]; "https://invent.kde.org/".insteadOf = [ "kde:" ];
"https://git.sr.ht/".insteadOf = [ "sh:" "sourcehut:" ]; "https://git.sr.ht/".insteadOf = [ "sh:" "sourcehut:" ];
"https://git.savannah.nongnu.org/git/".insteadOf = [ "sv:" "savannah:" ]; "https://git.savannah.nongnu.org/git/".insteadOf =
}; [ "sv:" "savannah:" ];
};
pull.rebase = "interactive"; pull.rebase = "interactive";
status = { status = {
showPatch = true; showPatch = true;
showStash = true; showStash = true;
}; };
submodule.fetchJobs = 0; submodule.fetchJobs = 0;
};
};
# So you don't have to use GitHub, I guess.
programs.gh = {
enable = true;
extensions = with pkgs; [ gh-eco gh-dash gh-actions-cache ];
settings = {
git_protocol = "ssh";
prompt = "enabled";
aliases = {
pc = "pr checkout";
pv = "pr view";
}; };
}; };
};
}
# So you don't have to use GitHub, I guess. (lib.mkIf cfg.instaweb.enable {
programs.gh = { state.ports.git-instaweb.value = 15432;
enable = true;
extensions = with pkgs; [
gh-eco
gh-dash
gh-actions-cache
];
settings = { home.packages = with pkgs; [ lighttpd ];
git_protocol = "ssh";
prompt = "enabled";
aliases = { programs.git.extraConfig.instaweb = {
pc = "pr checkout"; local = true;
pv = "pr view"; httpd = "lighttpd";
}; port = config.state.ports.git-instaweb.value;
}; };
};
}
(lib.mkIf cfg.instaweb.enable { users.foo-dogsquared.programs.custom-homepage.sections.quicklinks.links =
state.ports.git-instaweb.value = 15432; lib.mkBefore (lib.singleton {
text = "Current git repo";
home.packages = with pkgs; [ url = "http://localhost:${
lighttpd builtins.toString config.state.ports.git-instaweb.value
]; }";
});
programs.git.extraConfig.instaweb = { })
local = true; ]);
httpd = "lighttpd";
port = config.state.ports.git-instaweb.value;
};
users.foo-dogsquared.programs.custom-homepage.sections.quicklinks.links =
lib.mkBefore (lib.singleton {
text = "Current git repo";
url = "http://localhost:${builtins.toString config.state.ports.git-instaweb.value}";
});
})
]);
} }

10
configs/home-manager/foo-dogsquared/modules/programs/hledger.nix
View File

@ -3,17 +3,11 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.hledger; cfg = userCfg.programs.hledger;
in in {
{
options.users.foo-dogsquared.programs.hledger.enable = options.users.foo-dogsquared.programs.hledger.enable =
lib.mkEnableOption "hledger setup"; lib.mkEnableOption "hledger setup";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [ hledger hledger-ui hledger-web hledger-utils ];
hledger
hledger-ui
hledger-web
hledger-utils
];
}; };
} }

3
configs/home-manager/foo-dogsquared/modules/programs/jujutsu.nix
View File

@ -3,8 +3,7 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.jujutsu; cfg = userCfg.programs.jujutsu;
in in {
{
options.users.foo-dogsquared.programs.jujutsu.enable = options.users.foo-dogsquared.programs.jujutsu.enable =
lib.mkEnableOption "foo-dogsquared's Jujutsu configuration"; lib.mkEnableOption "foo-dogsquared's Jujutsu configuration";

3
configs/home-manager/foo-dogsquared/modules/programs/keys.nix
View File

@ -3,8 +3,7 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.keys; cfg = userCfg.programs.keys;
in in {
{
options.users.foo-dogsquared.programs.keys = { options.users.foo-dogsquared.programs.keys = {
ssh.enable = lib.mkEnableOption "foo-dogsquared's SSH config"; ssh.enable = lib.mkEnableOption "foo-dogsquared's SSH config";
gpg.enable = lib.mkEnableOption "foo-dogsquared's GPG config"; gpg.enable = lib.mkEnableOption "foo-dogsquared's GPG config";

809
configs/home-manager/foo-dogsquared/modules/programs/nixvim/colorschemes.nix
View File

@ -9,12 +9,12 @@ let
''; '';
sym = query: ''sym("${query}")''; sym = query: ''sym("${query}")'';
in in {
{
colorscheme = colorscheme =
if config.bahaghari.tinted-theming.schemes?"bark-on-a-tree" if config.bahaghari.tinted-theming.schemes ? "bark-on-a-tree" then
then (lib.mkForce "bark-on-a-tree") (lib.mkForce "bark-on-a-tree")
else (lib.mkDefault "default"); else
(lib.mkDefault "default");
colorschemes.lush = { colorschemes.lush = {
enable = true; enable = true;
@ -23,343 +23,526 @@ in
local hsl = lush.hsl local hsl = lush.hsl
local hsluv = lush.hsluv local hsluv = lush.hsluv
''; '';
themes = themes = lib.mapAttrs (name: metadata: {
lib.mapAttrs extraConfigLua = ''
(name: metadata: { ${lib.foldlAttrs initLushBase16 "" metadata.palette}
extraConfigLua = ''
${lib.foldlAttrs initLushBase16 "" metadata.palette}
-- Set the background. -- Set the background.
vim.o.background = '${metadata.variant}' vim.o.background = '${metadata.variant}'
vim.g.terminal_color_0 = base00.hex vim.g.terminal_color_0 = base00.hex
vim.g.terminal_color_1 = base08.hex vim.g.terminal_color_1 = base08.hex
vim.g.terminal_color_2 = base0B.hex vim.g.terminal_color_2 = base0B.hex
vim.g.terminal_color_3 = base0A.hex vim.g.terminal_color_3 = base0A.hex
vim.g.terminal_color_4 = base0D.hex vim.g.terminal_color_4 = base0D.hex
vim.g.terminal_color_5 = base0E.hex vim.g.terminal_color_5 = base0E.hex
vim.g.terminal_color_6 = base0C.hex vim.g.terminal_color_6 = base0C.hex
vim.g.terminal_color_7 = base05.hex vim.g.terminal_color_7 = base05.hex
vim.g.terminal_color_8 = base03.hex vim.g.terminal_color_8 = base03.hex
vim.g.terminal_color_9 = base08.hex vim.g.terminal_color_9 = base08.hex
vim.g.terminal_color_10 = base0B.hex vim.g.terminal_color_10 = base0B.hex
vim.g.terminal_color_11 = base0A.hex vim.g.terminal_color_11 = base0A.hex
vim.g.terminal_color_12 = base0D.hex vim.g.terminal_color_12 = base0D.hex
vim.g.terminal_color_13 = base0E.hex vim.g.terminal_color_13 = base0E.hex
vim.g.terminal_color_14 = base0C.hex vim.g.terminal_color_14 = base0C.hex
vim.g.terminal_color_15 = base07.hex vim.g.terminal_color_15 = base07.hex
vim.g.terminal_color_background = base00.hex vim.g.terminal_color_background = base00.hex
vim.g.terminal_color_foreground = base0E.hex vim.g.terminal_color_foreground = base0E.hex
''; '';
highlights = lib.mkMerge [ highlights = lib.mkMerge [
rec { rec {
Normal = { fg = mkRaw "base05"; bg = mkRaw "base00"; }; Normal = {
NormalFloat = { fg = mkRaw "base05";
fg = mkRaw "Normal.fg.saturate(15).lighten(5)"; bg = mkRaw "base00";
bg = mkRaw "Normal.bg.saturate(15).lighten(5)"; };
}; NormalFloat = {
Bold.gui = "bold"; fg = mkRaw "Normal.fg.saturate(15).lighten(5)";
Debug.fg = mkRaw "base08"; bg = mkRaw "Normal.bg.saturate(15).lighten(5)";
Directory.fg = mkRaw "base0D"; };
Error = { fg = mkRaw "base01"; bg = mkRaw "base08"; }; Bold.gui = "bold";
ErrorMsg.fg = mkRaw "base08"; Debug.fg = mkRaw "base08";
Exception.fg = mkRaw "base08"; Directory.fg = mkRaw "base0D";
FoldColumn.fg = mkRaw "base03"; Error = {
Folded = { fg = mkRaw "base01";
fg = mkRaw "base03"; bg = mkRaw "base08";
bg = mkRaw "base01"; };
}; ErrorMsg.fg = mkRaw "base08";
Italic.gui = "italic"; Exception.fg = mkRaw "base08";
Macro.fg = mkRaw "base08"; FoldColumn.fg = mkRaw "base03";
ModeMsg.fg = mkRaw "base0B"; Folded = {
MoreMsg.fg = mkRaw "base0B"; fg = mkRaw "base03";
Question.fg = mkRaw "base0D"; bg = mkRaw "base01";
Search = { };
fg = mkRaw "base00"; Italic.gui = "italic";
bg = mkRaw "base04"; Macro.fg = mkRaw "base08";
}; ModeMsg.fg = mkRaw "base0B";
IncSearch = { MoreMsg.fg = mkRaw "base0B";
fg = mkRaw "base00"; Question.fg = mkRaw "base0D";
bg = mkRaw "base09"; Search = {
}; fg = mkRaw "base00";
Substitute = { bg = mkRaw "base04";
fg = mkRaw "base01"; };
bg = mkRaw "base0A"; IncSearch = {
}; fg = mkRaw "base00";
bg = mkRaw "base09";
};
Substitute = {
fg = mkRaw "base01";
bg = mkRaw "base0A";
};
TooLong.fg = mkRaw "base08"; TooLong.fg = mkRaw "base08";
Underlined = { fg = mkRaw "base08"; }; Underlined = { fg = mkRaw "base08"; };
WarningMsg = { fg = mkRaw "base08"; }; WarningMsg = { fg = mkRaw "base08"; };
WildMenu = { fg = mkRaw "base08"; bg = mkRaw "base0A"; }; WildMenu = {
Title.fg = mkRaw "base0D"; fg = mkRaw "base08";
Conceal.fg = mkRaw "base0D"; bg = mkRaw "base0A";
Cursor = { fg = mkRaw "base00"; bg = mkRaw "base05"; }; };
NonText = { fg = mkRaw "base03"; }; Title.fg = mkRaw "base0D";
LineNr = { fg = mkRaw "base02.lighten(25)"; bg = mkRaw "base00"; }; Conceal.fg = mkRaw "base0D";
LineNrNC = { fg = mkRaw "base02.lighten(25)"; bg = mkRaw "base01"; }; Cursor = {
SignColumn = { fg = mkRaw "base01.lighten(40)"; }; fg = mkRaw "base00";
StatusLine = { fg = mkRaw "base02"; bg = mkRaw "base01.darken(60)"; }; bg = mkRaw "base05";
StatusLineNC = { fg = mkRaw "base02"; bg = mkRaw "base01.darken(30)"; }; };
VertSplit = { fg = mkRaw "base02"; bg = mkRaw "base00"; }; NonText = { fg = mkRaw "base03"; };
ColorColumn = { fg = mkRaw "base01.lighten(25)"; bg = mkRaw "base01.darken(25)"; }; LineNr = {
CursorLine = { bg = mkRaw "base01.saturate(-5).darken(15)"; }; fg = mkRaw "base02.lighten(25)";
CursorColumn = CursorLine; bg = mkRaw "base00";
CursorLineNr.fg = mkRaw "base0A"; };
Visual = { LineNrNC = {
fg = mkRaw "base03.lighten(15)"; fg = mkRaw "base02.lighten(25)";
bg = mkRaw "CursorColumn.bg.darken(15)"; bg = mkRaw "base01";
}; };
VisualNOS = { fg = mkRaw "base08"; }; SignColumn = { fg = mkRaw "base01.lighten(40)"; };
QuickFixLine = { bg = mkRaw "base00"; }; StatusLine = {
QFFileName = { fg = mkRaw "base0A"; }; fg = mkRaw "base02";
QFLineNr = { fg = mkRaw "base04"; }; bg = mkRaw "base01.darken(60)";
PMenu = { fg = mkRaw "base05"; bg = mkRaw "base01"; }; };
PMenuSel = { fg = mkRaw "base01"; bg = mkRaw "base05"; }; StatusLineNC = {
TabLineSel = { fg = mkRaw "base00"; bg = mkRaw "base0A"; }; fg = mkRaw "base02";
TabLine = { fg = mkRaw "base03"; bg = mkRaw "base00.darken(15)"; }; bg = mkRaw "base01.darken(30)";
TabLineFill = { fg = mkRaw "base03"; bg = mkRaw "base00.darken(25)"; }; };
EndOfBuffer = { fg = mkRaw "base01.lighten(20)"; bg = mkRaw "base01.darken(20)"; }; VertSplit = {
fg = mkRaw "base02";
bg = mkRaw "base00";
};
ColorColumn = {
fg = mkRaw "base01.lighten(25)";
bg = mkRaw "base01.darken(25)";
};
CursorLine = { bg = mkRaw "base01.saturate(-5).darken(15)"; };
CursorColumn = CursorLine;
CursorLineNr.fg = mkRaw "base0A";
Visual = {
fg = mkRaw "base03.lighten(15)";
bg = mkRaw "CursorColumn.bg.darken(15)";
};
VisualNOS = { fg = mkRaw "base08"; };
QuickFixLine = { bg = mkRaw "base00"; };
QFFileName = { fg = mkRaw "base0A"; };
QFLineNr = { fg = mkRaw "base04"; };
PMenu = {
fg = mkRaw "base05";
bg = mkRaw "base01";
};
PMenuSel = {
fg = mkRaw "base01";
bg = mkRaw "base05";
};
TabLineSel = {
fg = mkRaw "base00";
bg = mkRaw "base0A";
};
TabLine = {
fg = mkRaw "base03";
bg = mkRaw "base00.darken(15)";
};
TabLineFill = {
fg = mkRaw "base03";
bg = mkRaw "base00.darken(25)";
};
EndOfBuffer = {
fg = mkRaw "base01.lighten(20)";
bg = mkRaw "base01.darken(20)";
};
# Standard syntax highlighting # Standard syntax highlighting
Boolean = { fg = mkRaw "base09"; }; Boolean = { fg = mkRaw "base09"; };
Character = { fg = mkRaw "base08"; }; Character = { fg = mkRaw "base08"; };
Comment = { fg = mkRaw "base03"; gui = "italic"; }; Comment = {
Conditional = { fg = mkRaw "base0E"; }; fg = mkRaw "base03";
Constant = { fg = mkRaw "base09"; }; gui = "italic";
Define = { fg = mkRaw "base0E"; }; };
Delimiter = { fg = mkRaw "base0F.lighten(10)"; }; Conditional = { fg = mkRaw "base0E"; };
Float = { fg = mkRaw "base09"; }; Constant = { fg = mkRaw "base09"; };
Function = { fg = mkRaw "base0D"; }; Define = { fg = mkRaw "base0E"; };
Identifier = { fg = mkRaw "base0A"; }; Delimiter = { fg = mkRaw "base0F.lighten(10)"; };
Include = { fg = mkRaw "base0D"; }; Float = { fg = mkRaw "base09"; };
Keyword = { fg = mkRaw "base0E"; }; Function = { fg = mkRaw "base0D"; };
Label = { fg = mkRaw "base0A"; }; Identifier = { fg = mkRaw "base0A"; };
Number = { fg = mkRaw "base03"; }; Include = { fg = mkRaw "base0D"; };
Operator = { fg = mkRaw "base03"; }; Keyword = { fg = mkRaw "base0E"; };
PreProc = { fg = mkRaw "base0A"; }; Label = { fg = mkRaw "base0A"; };
Repeat = { fg = mkRaw "base0A"; }; Number = { fg = mkRaw "base03"; };
Special = { fg = mkRaw "base0C"; }; Operator = { fg = mkRaw "base03"; };
SpecialChar = { fg = mkRaw "base0F.lighten(15).saturate(10)"; }; PreProc = { fg = mkRaw "base0A"; };
Statement = { fg = mkRaw "base08"; }; Repeat = { fg = mkRaw "base0A"; };
StorageClass = { fg = mkRaw "base0A"; }; Special = { fg = mkRaw "base0C"; };
String = { fg = mkRaw "base0B"; }; SpecialChar = { fg = mkRaw "base0F.lighten(15).saturate(10)"; };
Structure = { fg = mkRaw "base0E"; }; Statement = { fg = mkRaw "base08"; };
Tag = { fg = mkRaw "base0A"; }; StorageClass = { fg = mkRaw "base0A"; };
Todo = { fg = mkRaw "base0A"; bg = mkRaw "base01"; }; String = { fg = mkRaw "base0B"; };
Type = { fg = mkRaw "base0A"; }; Structure = { fg = mkRaw "base0E"; };
Typedef = { fg = mkRaw "base0A"; }; Tag = { fg = mkRaw "base0A"; };
Todo = {
fg = mkRaw "base0A";
bg = mkRaw "base01";
};
Type = { fg = mkRaw "base0A"; };
Typedef = { fg = mkRaw "base0A"; };
# Help # Help
HelpDoc = { fg = mkRaw "base05"; bg = mkRaw "base0D"; gui = "bold;italic"; }; HelpDoc = {
HelpIgnore = { fg = mkRaw "base0B"; gui = "bold;italic"; }; fg = mkRaw "base05";
bg = mkRaw "base0D";
gui = "bold;italic";
};
HelpIgnore = {
fg = mkRaw "base0B";
gui = "bold;italic";
};
# C highlighting # C highlighting
cOperator = { fg = mkRaw "base0C"; }; cOperator = { fg = mkRaw "base0C"; };
cPreCondit = { fg = mkRaw "base0E"; }; cPreCondit = { fg = mkRaw "base0E"; };
# C# highlighting # C# highlighting
csClass = { fg = mkRaw "base0A"; }; csClass = { fg = mkRaw "base0A"; };
csAttribute = { fg = mkRaw "base0A"; }; csAttribute = { fg = mkRaw "base0A"; };
csModifier = { fg = mkRaw "base0E"; }; csModifier = { fg = mkRaw "base0E"; };
csType = { fg = mkRaw "base08"; }; csType = { fg = mkRaw "base08"; };
csUnspecifiedStatement = { fg = mkRaw "base0D"; }; csUnspecifiedStatement = { fg = mkRaw "base0D"; };
csContextualStatement = { fg = mkRaw "base0E"; }; csContextualStatement = { fg = mkRaw "base0E"; };
csNewDecleration = { fg = mkRaw "base08"; }; csNewDecleration = { fg = mkRaw "base08"; };
# CSS highlighting # CSS highlighting
cssBraces = { fg = mkRaw "base05"; }; cssBraces = { fg = mkRaw "base05"; };
cssClassName = { fg = mkRaw "base0E"; }; cssClassName = { fg = mkRaw "base0E"; };
cssColor = { fg = mkRaw "base0C"; }; cssColor = { fg = mkRaw "base0C"; };
# Diff highlighting # Diff highlighting
DiffAdd = { fg = mkRaw "base0B"; bg = mkRaw "base0B.darken(80)"; }; DiffAdd = {
DiffAdded = { fg = mkRaw "base0B"; bg = mkRaw "base0B.darken(80)"; }; fg = mkRaw "base0B";
DiffNewFile = { fg = mkRaw "base0B"; bg = mkRaw "base0B.darken(80)"; }; bg = mkRaw "base0B.darken(80)";
};
DiffAdded = {
fg = mkRaw "base0B";
bg = mkRaw "base0B.darken(80)";
};
DiffNewFile = {
fg = mkRaw "base0B";
bg = mkRaw "base0B.darken(80)";
};
DiffDelete = { fg = mkRaw "base08"; bg = mkRaw "base08.darken(80)"; }; DiffDelete = {
DiffRemoved = { fg = mkRaw "base08"; bg = mkRaw "base08.darken(80)"; }; fg = mkRaw "base08";
bg = mkRaw "base08.darken(80)";
};
DiffRemoved = {
fg = mkRaw "base08";
bg = mkRaw "base08.darken(80)";
};
DiffChange = { fg = mkRaw "base03"; bg = mkRaw "base03.darken(60)"; }; DiffChange = {
DiffFile = { fg = mkRaw "base03"; bg = mkRaw "base03.darken(60)"; }; fg = mkRaw "base03";
DiffLine = { fg = mkRaw "base03"; bg = mkRaw "base03.darken(60)"; }; bg = mkRaw "base03.darken(60)";
DiffText = { fg = mkRaw "base03"; bg = mkRaw "base03.darken(60)"; }; };
DiffFile = {
fg = mkRaw "base03";
bg = mkRaw "base03.darken(60)";
};
DiffLine = {
fg = mkRaw "base03";
bg = mkRaw "base03.darken(60)";
};
DiffText = {
fg = mkRaw "base03";
bg = mkRaw "base03.darken(60)";
};
# Git highlighting # Git highlighting
gitcommitOverflow = { fg = mkRaw "base08"; }; gitcommitOverflow = { fg = mkRaw "base08"; };
gitcommitSummary = { fg = mkRaw "base0B"; }; gitcommitSummary = { fg = mkRaw "base0B"; };
gitcommitComment = { fg = mkRaw "base03"; }; gitcommitComment = { fg = mkRaw "base03"; };
gitcommitUntracked = { fg = mkRaw "base03"; }; gitcommitUntracked = { fg = mkRaw "base03"; };
gitcommitDiscarded = { fg = mkRaw "base03"; }; gitcommitDiscarded = { fg = mkRaw "base03"; };
gitcommitSelected = { fg = mkRaw "base03"; }; gitcommitSelected = { fg = mkRaw "base03"; };
gitcommitHeader = { fg = mkRaw "base0E"; }; gitcommitHeader = { fg = mkRaw "base0E"; };
gitcommitSelectedType = { fg = mkRaw "base0D"; }; gitcommitSelectedType = { fg = mkRaw "base0D"; };
gitcommitUnmergedType = { fg = mkRaw "base0D"; }; gitcommitUnmergedType = { fg = mkRaw "base0D"; };
gitcommitDiscardedType = { fg = mkRaw "base0D"; }; gitcommitDiscardedType = { fg = mkRaw "base0D"; };
gitcommitBranch = { fg = mkRaw "base09"; gui = "bold"; }; gitcommitBranch = {
gitcommitUntrackedFile = { fg = mkRaw "base0A"; }; fg = mkRaw "base09";
gitcommitUnmergedFile = { fg = mkRaw "base08"; gui = "bold"; }; gui = "bold";
gitcommitDiscardedFile = { fg = mkRaw "base08"; gui = "bold"; }; };
gitcommitSelectedFile = { fg = mkRaw "base0B"; gui = "bold"; }; gitcommitUntrackedFile = { fg = mkRaw "base0A"; };
gitcommitUnmergedFile = {
fg = mkRaw "base08";
gui = "bold";
};
gitcommitDiscardedFile = {
fg = mkRaw "base08";
gui = "bold";
};
gitcommitSelectedFile = {
fg = mkRaw "base0B";
gui = "bold";
};
# HTML highlighting # HTML highlighting
htmlBold = { fg = mkRaw "base0A"; }; htmlBold = { fg = mkRaw "base0A"; };
htmlItalic = { fg = mkRaw "base0E"; }; htmlItalic = { fg = mkRaw "base0E"; };
htmlEndTag = { fg = mkRaw "base05"; }; htmlEndTag = { fg = mkRaw "base05"; };
htmlTag = { fg = mkRaw "base05"; }; htmlTag = { fg = mkRaw "base05"; };
# JavaScript highlighting # JavaScript highlighting
javaScript = { fg = mkRaw "base05"; }; javaScript = { fg = mkRaw "base05"; };
javaScriptBraces = { fg = mkRaw "base05"; }; javaScriptBraces = { fg = mkRaw "base05"; };
javaScriptNumber = { fg = mkRaw "base09"; }; javaScriptNumber = { fg = mkRaw "base09"; };
# pangloss/vim-javascript highlighting # pangloss/vim-javascript highlighting
jsOperator = { fg = mkRaw "base0D"; }; jsOperator = { fg = mkRaw "base0D"; };
jsStatement = { fg = mkRaw "base0E"; }; jsStatement = { fg = mkRaw "base0E"; };
jsReturn = { fg = mkRaw "base0E"; }; jsReturn = { fg = mkRaw "base0E"; };
jsThis = { fg = mkRaw "base08"; }; jsThis = { fg = mkRaw "base08"; };
jsClassDefinition = { fg = mkRaw "base0A"; }; jsClassDefinition = { fg = mkRaw "base0A"; };
jsFunction = { fg = mkRaw "base0E"; }; jsFunction = { fg = mkRaw "base0E"; };
jsFuncName = { fg = mkRaw "base0D"; }; jsFuncName = { fg = mkRaw "base0D"; };
jsFuncCall = { fg = mkRaw "base0D"; }; jsFuncCall = { fg = mkRaw "base0D"; };
jsClassFuncName = { fg = mkRaw "base0D"; }; jsClassFuncName = { fg = mkRaw "base0D"; };
jsClassMethodType = { fg = mkRaw "base0E"; }; jsClassMethodType = { fg = mkRaw "base0E"; };
jsRegexpString = { fg = mkRaw "base0C"; }; jsRegexpString = { fg = mkRaw "base0C"; };
jsGlobalObjects = { fg = mkRaw "base0A"; }; jsGlobalObjects = { fg = mkRaw "base0A"; };
jsGlobalNodeObjects = { fg = mkRaw "base0A"; }; jsGlobalNodeObjects = { fg = mkRaw "base0A"; };
jsExceptions = { fg = mkRaw "base0A"; }; jsExceptions = { fg = mkRaw "base0A"; };
jsBuiltins = { fg = mkRaw "base0A"; }; jsBuiltins = { fg = mkRaw "base0A"; };
# Mail highlighting # Mail highlighting
mailQuoted1 = { fg = mkRaw "base0A"; }; mailQuoted1 = { fg = mkRaw "base0A"; };
mailQuoted2 = { fg = mkRaw "base0B"; }; mailQuoted2 = { fg = mkRaw "base0B"; };
mailQuoted3 = { fg = mkRaw "base0E"; }; mailQuoted3 = { fg = mkRaw "base0E"; };
mailQuoted4 = { fg = mkRaw "base0C"; }; mailQuoted4 = { fg = mkRaw "base0C"; };
mailQuoted5 = { fg = mkRaw "base0D"; }; mailQuoted5 = { fg = mkRaw "base0D"; };
mailQuoted6 = { fg = mkRaw "base0A"; }; mailQuoted6 = { fg = mkRaw "base0A"; };
mailURL = { fg = mkRaw "base0D"; }; mailURL = { fg = mkRaw "base0D"; };
mailEmail = { fg = mkRaw "base0D"; }; mailEmail = { fg = mkRaw "base0D"; };
# Markdown highlighting # Markdown highlighting
markdownh1 = { fg = mkRaw "base0D"; gui = "bold"; }; markdownh1 = {
markdownh2 = { fg = mkRaw "base0D"; gui = "bold"; }; fg = mkRaw "base0D";
markdownh3 = { fg = mkRaw "base0D"; gui = "bold"; }; gui = "bold";
markdownh4 = { fg = mkRaw "base0D"; gui = "bold"; }; };
markdownh5 = { fg = mkRaw "base0D"; gui = "bold"; }; markdownh2 = {
markdownh6 = { fg = mkRaw "base0A"; gui = "bold"; }; fg = mkRaw "base0D";
markdownRule = { fg = mkRaw "markdownh2.bg"; gui = "bold"; }; gui = "bold";
markdownItalic = { fg = mkRaw "base05"; gui = "italic"; }; };
markdownBold = { fg = mkRaw "base05"; gui = "bold"; }; markdownh3 = {
markdownBoldItalic = { fg = mkRaw "base05"; gui = "bold;italic"; }; fg = mkRaw "base0D";
markdownCodeDelimiter = { fg = mkRaw "base0B"; gui = "bold"; }; gui = "bold";
markdownCode = { fg = mkRaw "base07"; bg = mkRaw "base00"; }; };
markdownCodeBlock = { fg = mkRaw "base0B"; }; markdownh4 = {
markdownFootnoteDefinition = { fg = mkRaw "base05"; gui = "italic"; }; fg = mkRaw "base0D";
markdownListMarker = { fg = mkRaw "base05"; gui = "bold"; }; gui = "bold";
markdownLineBreak = { fg = mkRaw "base08"; gui = "underline"; }; };
markdownError = { fg = mkRaw "base05"; bg = mkRaw "base00"; }; markdownh5 = {
markdownHeadingDelimiter = { fg = mkRaw "base0D"; }; fg = mkRaw "base0D";
markdownUrl = { fg = mkRaw "base09"; }; gui = "bold";
markdownFootnote = { fg = mkRaw "base0E"; gui = "italic"; }; };
markdownBlockquote = { fg = mkRaw "base0C"; gui = "bold"; }; markdownh6 = {
markdownLinkText = { fg = mkRaw "base08"; gui = "italic"; }; fg = mkRaw "base0A";
gui = "bold";
};
markdownRule = {
fg = mkRaw "markdownh2.bg";
gui = "bold";
};
markdownItalic = {
fg = mkRaw "base05";
gui = "italic";
};
markdownBold = {
fg = mkRaw "base05";
gui = "bold";
};
markdownBoldItalic = {
fg = mkRaw "base05";
gui = "bold;italic";
};
markdownCodeDelimiter = {
fg = mkRaw "base0B";
gui = "bold";
};
markdownCode = {
fg = mkRaw "base07";
bg = mkRaw "base00";
};
markdownCodeBlock = { fg = mkRaw "base0B"; };
markdownFootnoteDefinition = {
fg = mkRaw "base05";
gui = "italic";
};
markdownListMarker = {
fg = mkRaw "base05";
gui = "bold";
};
markdownLineBreak = {
fg = mkRaw "base08";
gui = "underline";
};
markdownError = {
fg = mkRaw "base05";
bg = mkRaw "base00";
};
markdownHeadingDelimiter = { fg = mkRaw "base0D"; };
markdownUrl = { fg = mkRaw "base09"; };
markdownFootnote = {
fg = mkRaw "base0E";
gui = "italic";
};
markdownBlockquote = {
fg = mkRaw "base0C";
gui = "bold";
};
markdownLinkText = {
fg = mkRaw "base08";
gui = "italic";
};
# PHP highlighting # PHP highlighting
phpMemberSelector = { fg = mkRaw "base05"; }; phpMemberSelector = { fg = mkRaw "base05"; };
phpComparison = { fg = mkRaw "base05"; }; phpComparison = { fg = mkRaw "base05"; };
phpParent = { fg = mkRaw "base05"; }; phpParent = { fg = mkRaw "base05"; };
phpMethodsVar = { fg = mkRaw "base0C"; }; phpMethodsVar = { fg = mkRaw "base0C"; };
# Python highlighting # Python highlighting
pythonOperator = { fg = mkRaw "base0E"; }; pythonOperator = { fg = mkRaw "base0E"; };
pythonRepeat = { fg = mkRaw "base0E"; }; pythonRepeat = { fg = mkRaw "base0E"; };
pythonInclude = { fg = mkRaw "base0E"; }; pythonInclude = { fg = mkRaw "base0E"; };
pythonStatement = { fg = mkRaw "base0E"; }; pythonStatement = { fg = mkRaw "base0E"; };
# Ruby highlighting # Ruby highlighting
rubyAttribute = { fg = mkRaw "base0D"; }; rubyAttribute = { fg = mkRaw "base0D"; };
rubyConstant = { fg = mkRaw "base0A"; }; rubyConstant = { fg = mkRaw "base0A"; };
rubyInterpolationDelimiter = { fg = mkRaw "base0F"; }; rubyInterpolationDelimiter = { fg = mkRaw "base0F"; };
rubyRegexp = { fg = mkRaw "base0C"; }; rubyRegexp = { fg = mkRaw "base0C"; };
rubySymbol = { fg = mkRaw "base0B"; }; rubySymbol = { fg = mkRaw "base0B"; };
rubyStringDelimiter = { fg = mkRaw "base0B"; }; rubyStringDelimiter = { fg = mkRaw "base0B"; };
# SASS highlighting # SASS highlighting
sassidChar = { fg = mkRaw "base08"; }; sassidChar = { fg = mkRaw "base08"; };
sassClassChar = { fg = mkRaw "base09"; }; sassClassChar = { fg = mkRaw "base09"; };
sassInclude = { fg = mkRaw "base0E"; }; sassInclude = { fg = mkRaw "base0E"; };
sassMixing = { fg = mkRaw "base0E"; }; sassMixing = { fg = mkRaw "base0E"; };
sassMixinName = { fg = mkRaw "base0D"; }; sassMixinName = { fg = mkRaw "base0D"; };
# Spelling highlighting # Spelling highlighting
SpellBad = { gui = "undercurl"; }; SpellBad = { gui = "undercurl"; };
SpellCap = { gui = "undercurl"; }; SpellCap = { gui = "undercurl"; };
SpellRare = { gui = "undercurl"; }; SpellRare = { gui = "undercurl"; };
# Java highlighting # Java highlighting
javaOperator = { fg = mkRaw "base0D"; }; javaOperator = { fg = mkRaw "base0D"; };
# XML highlighting # XML highlighting
xmlTagName = { fg = mkRaw "base0D"; }; xmlTagName = { fg = mkRaw "base0D"; };
xmlCdatastart = { fg = mkRaw "base0A"; }; xmlCdatastart = { fg = mkRaw "base0A"; };
xmlEndTag = { fg = mkRaw "xmlTagName.bg"; }; xmlEndTag = { fg = mkRaw "xmlTagName.bg"; };
xmlCdataCdata = { fg = mkRaw "xmlCdatastart.bg"; }; xmlCdataCdata = { fg = mkRaw "xmlCdatastart.bg"; };
# MatchParen # MatchParen
MatchParen = { fg = mkRaw "base07"; bg = mkRaw "base08"; }; MatchParen = {
fg = mkRaw "base07";
bg = mkRaw "base08";
};
# CodeQL # CodeQL
CodeqlAstFocus = { fg = mkRaw "base00"; bg = mkRaw "base03"; }; CodeqlAstFocus = {
fg = mkRaw "base00";
bg = mkRaw "base03";
};
# Diff highlighting # Diff highlighting
GitSignsAdd = { fg = mkRaw "base0B"; }; GitSignsAdd = { fg = mkRaw "base0B"; };
GitSignsDelete = { fg = mkRaw "base08"; }; GitSignsDelete = { fg = mkRaw "base08"; };
GitSignsChange = { fg = mkRaw "base03"; }; GitSignsChange = { fg = mkRaw "base03"; };
} }
(lib.mkIf config.plugins.telescope.enable { (lib.mkIf config.plugins.telescope.enable {
TelescopeNormal = { fg = mkRaw "base05"; bg = mkRaw "base01"; }; TelescopeNormal = {
TelescopeBorder = { fg = mkRaw "base00"; bg = mkRaw "base01"; }; fg = mkRaw "base05";
TelescopePromptPrefix = { fg = mkRaw "base0A"; bg = mkRaw "base01"; }; bg = mkRaw "base01";
TelescopeMatching = { fg = mkRaw "base0D"; bg = mkRaw "base01"; }; };
TelescopeSelection = { fg = mkRaw "base0A"; bg = mkRaw "base01"; }; TelescopeBorder = {
TelescopeSelectionCaret = { fg = mkRaw "base0A"; bg = mkRaw "base01"; }; fg = mkRaw "base00";
}) bg = mkRaw "base01";
};
# See `rb-delimiters-colors` help section for more details. TelescopePromptPrefix = {
(lib.mkIf config.plugins.rainbow-delimiters.enable { fg = mkRaw "base0A";
RainbowDelimiterRed = { fg = mkRaw "base09"; }; bg = mkRaw "base01";
RainbowDelimiterYellow = { fg = mkRaw "base0A"; }; };
RainbowDelimiterBlue = { fg = mkRaw "base0B"; }; TelescopeMatching = {
RainbowDelimiterOrange = { fg = mkRaw "base0C"; }; fg = mkRaw "base0D";
RainbowDelimiterGreen = { fg = mkRaw "base0D"; }; bg = mkRaw "base01";
RainbowDelimiterViolet = { fg = mkRaw "base0E"; }; };
RainbowDelimiterCyan = { fg = mkRaw "base0F"; }; TelescopeSelection = {
}) fg = mkRaw "base0A";
bg = mkRaw "base01";
# See `lsp-highlight` help section for more details. };
(lib.mkIf config.plugins.lsp.enable { TelescopeSelectionCaret = {
LspDiagnosticsDefaultError = { fg = mkRaw "base08"; }; fg = mkRaw "base0A";
LspDiagnosticsDefaultWarning = { fg = mkRaw "base09"; }; bg = mkRaw "base01";
LspDiagnosticsDefaultHint = { fg = mkRaw "base0A"; }; };
LspDiagnosticsDefaultInformation = { fg = mkRaw "base0B"; };
})
# See `treesitter-highlight-groups` help section for more details.
(lib.mkIf config.plugins.treesitter.enable {
${sym "@variable"} = helpers.listToUnkeyedAttrs [ (mkRaw "Normal") ];
${sym "@tag.delimiter"} = { fg = mkRaw "base0A"; };
${sym "@text.emphasis"} = helpers.listToUnkeyedAttrs [ (mkRaw "Italic") ];
${sym "@text.underline"} = helpers.listToUnkeyedAttrs [ (mkRaw "Underlined") ];
${sym "@text.strike"} = { gui = "strikethrough"; };
${sym "@text.uri"} = { fg = mkRaw "base0C"; };
})
(lib.mkIf config.plugins.indent-blankline.enable {
IblScope = { fg = mkRaw "base0C"; gui = "bold"; } ;
})
];
}) })
config.bahaghari.tinted-theming.schemes;
# See `rb-delimiters-colors` help section for more details.
(lib.mkIf config.plugins.rainbow-delimiters.enable {
RainbowDelimiterRed = { fg = mkRaw "base09"; };
RainbowDelimiterYellow = { fg = mkRaw "base0A"; };
RainbowDelimiterBlue = { fg = mkRaw "base0B"; };
RainbowDelimiterOrange = { fg = mkRaw "base0C"; };
RainbowDelimiterGreen = { fg = mkRaw "base0D"; };
RainbowDelimiterViolet = { fg = mkRaw "base0E"; };
RainbowDelimiterCyan = { fg = mkRaw "base0F"; };
})
# See `lsp-highlight` help section for more details.
(lib.mkIf config.plugins.lsp.enable {
LspDiagnosticsDefaultError = { fg = mkRaw "base08"; };
LspDiagnosticsDefaultWarning = { fg = mkRaw "base09"; };
LspDiagnosticsDefaultHint = { fg = mkRaw "base0A"; };
LspDiagnosticsDefaultInformation = { fg = mkRaw "base0B"; };
})
# See `treesitter-highlight-groups` help section for more details.
(lib.mkIf config.plugins.treesitter.enable {
${sym "@variable"} = helpers.listToUnkeyedAttrs [ (mkRaw "Normal") ];
${sym "@tag.delimiter"} = { fg = mkRaw "base0A"; };
${sym "@text.emphasis"} =
helpers.listToUnkeyedAttrs [ (mkRaw "Italic") ];
${sym "@text.underline"} =
helpers.listToUnkeyedAttrs [ (mkRaw "Underlined") ];
${sym "@text.strike"} = { gui = "strikethrough"; };
${sym "@text.uri"} = { fg = mkRaw "base0C"; };
})
(lib.mkIf config.plugins.indent-blankline.enable {
IblScope = {
fg = mkRaw "base0C";
gui = "bold";
};
})
];
}) config.bahaghari.tinted-theming.schemes;
}; };
} }

4
configs/home-manager/foo-dogsquared/modules/programs/nixvim/dap.nix
View File

@ -11,9 +11,7 @@
args = [ "-i" "dap" ]; args = [ "-i" "dap" ];
}; };
lldb = { lldb = { command = "lldb-dap"; };
command = "lldb-dap";
};
dart = { dart = {
command = "dart"; command = "dart";

28
configs/home-manager/foo-dogsquared/modules/programs/nixvim/default.nix
View File

@ -14,8 +14,7 @@ let
module.imports = firstSetupArgs.baseNixvimModules ++ [ module ]; module.imports = firstSetupArgs.baseNixvimModules ++ [ module ];
extraSpecialArgs.hmConfig = config; extraSpecialArgs.hmConfig = config;
}; };
in in {
{
options.users.foo-dogsquared.programs.nixvim.enable = options.users.foo-dogsquared.programs.nixvim.enable =
lib.mkEnableOption "NixVim setup"; lib.mkEnableOption "NixVim setup";
@ -29,22 +28,21 @@ in
wrapper-manager.packages.neovim-flavors = { wrapper-manager.packages.neovim-flavors = {
wrappers.nvim-fiesta.arg0 = let wrappers.nvim-fiesta.arg0 = let
nvimPkg = createNixvimFlavor { nvimPkg = createNixvimFlavor {
imports = imports = [
[ ./colorschemes.nix
./colorschemes.nix ./fuzzy-finding.nix
./fuzzy-finding.nix ./misc.nix
./misc.nix ./note-taking.nix
./note-taking.nix ] ++ lib.optionals userCfg.setups.development.enable [
] ./dev.nix
++ lib.optionals userCfg.setups.development.enable [ ./lsp.nix
./dev.nix ./dap.nix
./lsp.nix ];
./dap.nix
];
config = { config = {
# Inherit all of the schemes. # Inherit all of the schemes.
bahaghari.tinted-theming.schemes = hmCfg.bahaghari.tinted-theming.schemes; bahaghari.tinted-theming.schemes =
hmCfg.bahaghari.tinted-theming.schemes;
}; };
}; };
in lib.getExe' nvimPkg "nvim"; in lib.getExe' nvimPkg "nvim";

16
configs/home-manager/foo-dogsquared/modules/programs/nixvim/dev.nix
View File

@ -22,7 +22,8 @@
# Give language "support" through tree-sitter. # Give language "support" through tree-sitter.
plugins.treesitter.grammarPackages = plugins.treesitter.grammarPackages =
with config.plugins.treesitter.package.builtGrammars; [ with config.plugins.treesitter.package.builtGrammars;
[
agda agda
arduino arduino
astro astro
@ -54,6 +55,7 @@
kotlin kotlin
make make
nickel nickel
nix
perl perl
ruby ruby
rust rust
@ -64,15 +66,7 @@
wgsl wgsl
wgsl_bevy wgsl_bevy
zig zig
] ] ++ (with pkgs.tree-sitter-grammars; [ tree-sitter-elisp tree-sitter-nu ]);
++ (with pkgs.tree-sitter-grammars; [
tree-sitter-elisp
tree-sitter-nu
]);
extraPlugins = with pkgs.vimPlugins; [ extraPlugins = with pkgs.vimPlugins; [ vim-nickel vim-nix zig-vim ];
vim-nickel
vim-nix
zig-vim
];
} }

14
configs/home-manager/foo-dogsquared/modules/programs/nixvim/fuzzy-finding.nix
View File

@ -3,8 +3,7 @@
let let
inherit (hmConfig.xdg) userDirs; inherit (hmConfig.xdg) userDirs;
telescopeExtensions = config.plugins.telescope.extensions; telescopeExtensions = config.plugins.telescope.extensions;
in in {
{
plugins.telescope.extensions.frecency = { plugins.telescope.extensions.frecency = {
enable = true; enable = true;
settings = { settings = {
@ -18,15 +17,14 @@ in
}; };
}; };
plugins.telescope.extensions.live-grep-args = { plugins.telescope.extensions.live-grep-args = { enable = true; };
enable = true;
};
keymaps = keymaps = lib.optionals telescopeExtensions.live-grep-args.enable
lib.optionals telescopeExtensions.live-grep-args.enable (lib.singleton { (lib.singleton {
mode = "n"; mode = "n";
key = "<leader>fG"; key = "<leader>fG";
options.desc = "Live grep (with args) for the whole project"; options.desc = "Live grep (with args) for the whole project";
action = helpers.mkRaw "require('telescope').extensions.live_grep_args.live_grep_args"; action = helpers.mkRaw
"require('telescope').extensions.live_grep_args.live_grep_args";
}); });
} }

18
configs/home-manager/foo-dogsquared/modules/programs/nixvim/misc.nix
View File

@ -1,16 +1,12 @@
{ config, lib, pkgs, hmConfig, ... }: { config, lib, pkgs, hmConfig, ... }:
let let userConfig = hmConfig.users.foo-dogsquared;
userConfig = hmConfig.users.foo-dogsquared; in {
in extraPlugins = builtins.map (path:
{ pkgs.runCommand "vim-plugin-bare" { } ''
extraPlugins = builtins.map mkdir -p "$out"
(path: cp -r ${path}/* "$out"
pkgs.runCommand "vim-plugin-bare" { } '' '') (with pkgs; [
mkdir -p "$out"
cp -r ${path}/* "$out"
'')
(with pkgs; [
"${decker}/share/vim-plugins/decker" "${decker}/share/vim-plugins/decker"
"${fzf}/share/vim-plugins/fzf" "${fzf}/share/vim-plugins/fzf"
]); ]);

21
configs/home-manager/foo-dogsquared/modules/programs/nushell.nix
View File

@ -5,8 +5,7 @@ let
cfg = userCfg.programs.nushell; cfg = userCfg.programs.nushell;
nushellAutoloadScriptDir = "${config.xdg.dataHome}/nushell/vendor/autoload"; nushellAutoloadScriptDir = "${config.xdg.dataHome}/nushell/vendor/autoload";
in in {
{
options.users.foo-dogsquared.programs.nushell.enable = options.users.foo-dogsquared.programs.nushell.enable =
lib.mkEnableOption "Nushell setup"; lib.mkEnableOption "Nushell setup";
@ -20,7 +19,6 @@ in
skim skim
polars polars
units units
net
formats formats
highlight highlight
]; ];
@ -35,11 +33,10 @@ in
} }
} }
''; '';
environmentVariables.NU_LIB_DIRS = environmentVariables.NU_LIB_DIRS = lib.concatStringsSep ":" [
lib.concatStringsSep ":" [ "${config.xdg.cacheHome}/nushell/modules"
"${config.xdg.cacheHome}/nushell/modules" "${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}/nushell"
"${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}/nushell" ];
];
}; };
} }
@ -76,9 +73,11 @@ in
} }
match $spans.0 { match $spans.0 {
${lib.optionalString config.programs.zoxide.enable '' ${
__zoxide_z | __zoxide_zi => $zoxide_completer lib.optionalString config.programs.zoxide.enable ''
''} __zoxide_z | __zoxide_zi => $zoxide_completer
''
}
_ => $carapace_completer _ => $carapace_completer
} | do $in $spans } | do $in $spans
} }

22
configs/home-manager/foo-dogsquared/modules/programs/shell.nix
View File

@ -4,10 +4,9 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.shell; cfg = userCfg.programs.shell;
in in {
{ options.users.foo-dogsquared.programs.shell.enable = lib.mkEnableOption
options.users.foo-dogsquared.programs.shell.enable = "configuration of foo-dogsquared's shell of choice and its toolbelt";
lib.mkEnableOption "configuration of foo-dogsquared's shell of choice and its toolbelt";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
suites.dev.shell.enable = lib.mkDefault true; suites.dev.shell.enable = lib.mkDefault true;
@ -15,21 +14,12 @@ in
programs.bash = { programs.bash = {
enable = true; enable = true;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ]; historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyIgnore = [ historyIgnore = [ "cd" "exit" "lf" "ls" "nvim" ];
"cd"
"exit"
"lf"
"ls"
"nvim"
];
}; };
# Additional formatting thingies for your fuzzy finder. # Additional formatting thingies for your fuzzy finder.
programs.fzf.defaultOptions = [ programs.fzf.defaultOptions =
"--height=40%" [ "--height=40%" "--bind=ctrl-z:ignore" "--reverse" ];
"--bind=ctrl-z:ignore"
"--reverse"
];
# Compile all of the completions. # Compile all of the completions.
programs.carapace.enable = true; programs.carapace.enable = true;

63
configs/home-manager/foo-dogsquared/modules/programs/terminal-emulator.nix
View File

@ -10,8 +10,7 @@ let
''; '';
hasNixosModuleEnable = attrs.nixosConfig.programs.wezterm.enable or false; hasNixosModuleEnable = attrs.nixosConfig.programs.wezterm.enable or false;
in in {
{
options.users.foo-dogsquared.programs.terminal-emulator.enable = options.users.foo-dogsquared.programs.terminal-emulator.enable =
lib.mkEnableOption "foo-dogsquared's terminal emulator setup"; lib.mkEnableOption "foo-dogsquared's terminal emulator setup";
@ -19,39 +18,33 @@ in
{ {
# We're just making a version of Wezterm with the default arguments if # We're just making a version of Wezterm with the default arguments if
# the user has them. # the user has them.
home.packages = home.packages = let
let inherit (pkgs) wezterm hiPrio;
inherit (pkgs) wezterm hiPrio; weztermUserDefaultDesktop = pkgs.makeDesktopItem {
weztermUserDefaultDesktop = pkgs.makeDesktopItem { name = "org.wezfurlong.wezterm";
name = "org.wezfurlong.wezterm"; desktopName = "WezTerm (user)";
desktopName = "WezTerm (user)"; comment = "Wez's Terminal Emulator";
comment = "Wez's Terminal Emulator"; keywords = [ "shell" "prompt" "command" "commandline" "cmd" ];
keywords = [ "shell" "prompt" "command" "commandline" "cmd" ]; icon = "org.wezfurlong.wezterm";
icon = "org.wezfurlong.wezterm"; startupWMClass = "org.wezfurlong.wezterm";
startupWMClass = "org.wezfurlong.wezterm"; tryExec = "wezterm";
tryExec = "wezterm"; exec = "wezterm";
exec = "wezterm"; type = "Application";
type = "Application"; categories = [ "System" "TerminalEmulator" "Utility" ];
categories = [ "System" "TerminalEmulator" "Utility" ]; };
}; weztermTypicalDesktop = pkgs.makeDesktopItem {
weztermTypicalDesktop = pkgs.makeDesktopItem { name = "wezterm-start";
name = "wezterm-start"; desktopName = "WezTerm";
desktopName = "WezTerm"; comment = "Wez's Terminal Emulator";
comment = "Wez's Terminal Emulator"; keywords = [ "shell" "prompt" "command" "commandline" "cmd" ];
keywords = [ "shell" "prompt" "command" "commandline" "cmd" ]; icon = "org.wezfurlong.wezterm";
icon = "org.wezfurlong.wezterm"; startupWMClass = "org.wezfurlong.wezterm";
startupWMClass = "org.wezfurlong.wezterm"; tryExec = "wezterm";
tryExec = "wezterm"; exec = "wezterm start --cwd .";
exec = "wezterm start --cwd ."; type = "Application";
type = "Application"; categories = [ "System" "TerminalEmulator" "Utility" ];
categories = [ "System" "TerminalEmulator" "Utility" ]; };
}; in [ wezterm (hiPrio weztermUserDefaultDesktop) weztermTypicalDesktop ];
in
[
wezterm
(hiPrio weztermUserDefaultDesktop)
weztermTypicalDesktop
];
} }
(lib.mkIf (!hasNixosModuleEnable) { (lib.mkIf (!hasNixosModuleEnable) {

3
configs/home-manager/foo-dogsquared/modules/programs/terminal-multiplexer.nix
View File

@ -3,8 +3,7 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.terminal-multiplexer; cfg = userCfg.programs.terminal-multiplexer;
in in {
{
options.users.foo-dogsquared.programs.terminal-multiplexer.enable = options.users.foo-dogsquared.programs.terminal-multiplexer.enable =
lib.mkEnableOption "foo-dogsquared's terminal multiplexer setup"; lib.mkEnableOption "foo-dogsquared's terminal multiplexer setup";

50
configs/home-manager/foo-dogsquared/modules/programs/vs-code.nix
View File

@ -3,42 +3,38 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.vs-code; cfg = userCfg.programs.vs-code;
in in {
{
options.users.foo-dogsquared.programs.vs-code.enable = options.users.foo-dogsquared.programs.vs-code.enable =
lib.mkEnableOption "foo-dogsquared's Visual Studio Code setup"; lib.mkEnableOption "foo-dogsquared's Visual Studio Code setup";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
suites.editors.vscode.enable = true; suites.editors.vscode.enable = true;
programs.vscode = { programs.vscode = {
extensions = with pkgs.vscode-extensions; [ extensions = with pkgs.vscode-extensions;
# Additional language support. [
bbenoist.nix # Additional language support.
graphql.vscode-graphql bbenoist.nix
ms-python.python graphql.vscode-graphql
ms-azuretools.vscode-docker ms-python.python
ms-vscode.cmake-tools ms-azuretools.vscode-docker
ms-vscode.cpptools ms-vscode.cmake-tools
ms-vscode.powershell ms-vscode.cpptools
ms-vscode.powershell
# Extra editor niceties. # Extra editor niceties.
eamodio.gitlens eamodio.gitlens
mkhl.direnv mkhl.direnv
usernamehw.errorlens usernamehw.errorlens
vadimcn.vscode-lldb vadimcn.vscode-lldb
# The other niceties. # The other niceties.
editorconfig.editorconfig editorconfig.editorconfig
alefragnani.project-manager alefragnani.project-manager
fill-labs.dependi fill-labs.dependi
] ] ++ lib.optionals userCfg.programs.browsers.firefox.enable
++ lib.optionals userCfg.programs.browsers.firefox.enable [ [ firefox-devtools.vscode-firefox-debug ];
firefox-devtools.vscode-firefox-debug
];
userSettings = { userSettings = { "extensions.ignoreRecommendations" = true; };
"extensions.ignoreRecommendations" = true;
};
}; };
# We're using Visual Studio Code as a git difftool and mergetool which is # We're using Visual Studio Code as a git difftool and mergetool which is

43
configs/home-manager/foo-dogsquared/modules/services/archivebox/default.nix
View File

@ -47,8 +47,7 @@ let
}; };
}; };
}; };
in in {
{
options.users.foo-dogsquared.services.archivebox = { options.users.foo-dogsquared.services.archivebox = {
enable = lib.mkEnableOption "ArchiveBox web UI server (through Podman)"; enable = lib.mkEnableOption "ArchiveBox web UI server (through Podman)";
@ -97,24 +96,28 @@ in
}; };
services.podman.containers = lib.mkMerge [ services.podman.containers = lib.mkMerge [
(lib.mapAttrs' (name: value: lib.nameValuePair (jobUnitName name) { (lib.mapAttrs' (name: value:
image = "docker.io/archivebox/archivebox:latest"; lib.nameValuePair (jobUnitName name) {
description = "ArchiveBox job '${name}'"; image = "docker.io/archivebox/archivebox:latest";
volumes = [ "${archiveboxDir}:/data" ]; description = "ArchiveBox job '${name}'";
autoUpdate = "registry"; volumes = [ "${archiveboxDir}:/data" ];
exec = ''echo "${lib.concatStringsSep "\n" value.links}" | archivebox add ${lib.concatStringsSep " " value.extraArgs}''; autoUpdate = "registry";
environmentFile = config.services.podman.containers.archivebox-webui.environmentFile; exec = ''
environment = config.services.podman.containers.archivebox-webui.environment; echo "${lib.concatStringsSep "\n" value.links}" | archivebox add ${
}) cfg.jobs) lib.concatStringsSep " " value.extraArgs
}'';
environmentFile =
config.services.podman.containers.archivebox-webui.environmentFile;
environment =
config.services.podman.containers.archivebox-webui.environment;
}) cfg.jobs)
{ {
archivebox-webui = { archivebox-webui = {
image = "docker.io/archivebox/archivebox:latest"; image = "docker.io/archivebox/archivebox:latest";
description = "ArchiveBox web server"; description = "ArchiveBox web server";
ports = [ "${port}:${port}" ]; ports = [ "${port}:${port}" ];
volumes = [ volumes = [ "${archiveboxDir}:/data" ];
"${archiveboxDir}:/data"
];
autoUpdate = "registry"; autoUpdate = "registry";
exec = "archivebox server ${url}"; exec = "archivebox server ${url}";
environmentFile = [ "${config.sops.secrets."archivebox/env".path}" ]; environmentFile = [ "${config.sops.secrets."archivebox/env".path}" ];
@ -135,8 +138,7 @@ in
archivebox-sonic-search = { archivebox-sonic-search = {
image = "docker.io/archivebox/sonic:latest"; image = "docker.io/archivebox/sonic:latest";
description = "Sonic search instance for ArchiveBox"; description = "Sonic search instance for ArchiveBox";
ports = let ports = let port = builtins.toString config.state.ports.sonic.value;
port = builtins.toString config.state.ports.sonic.value;
in [ "${port}:${port}" ]; in [ "${port}:${port}" ];
environmentFile = [ "${config.sops.secrets."sonic/env".path}" ]; environmentFile = [ "${config.sops.secrets."sonic/env".path}" ];
volumes = [ volumes = [
@ -148,9 +150,10 @@ in
} }
]; ];
users.foo-dogsquared.programs.custom-homepage.sections.services.links = lib.singleton { users.foo-dogsquared.programs.custom-homepage.sections.services.links =
url = "${url}/public"; lib.singleton {
text = "Link archive"; url = "${url}/public";
}; text = "Link archive";
};
}; };
} }

134
configs/home-manager/foo-dogsquared/modules/services/backup/default.nix
View File

@ -5,73 +5,66 @@ let
cfg = userCfg.services.backup; cfg = userCfg.services.backup;
pathPrefix = "borg-backup"; pathPrefix = "borg-backup";
getPath = path: getPath = path: config.sops.secrets."${pathPrefix}/${path}".path;
config.sops.secrets."${pathPrefix}/${path}".path;
isFilesystemSet = setupName: isFilesystemSet = setupName:
attrs.nixosConfig.suites.filesystem.setups.${setupName}.enable or false; attrs.nixosConfig.suites.filesystem.setups.${setupName}.enable or false;
hetznerBoxesUser = "u332477"; hetznerBoxesUser = "u332477";
hetznerBoxesServer = "${hetznerBoxesUser}.your-storagebox.de"; hetznerBoxesServer = "${hetznerBoxesUser}.your-storagebox.de";
borgmaticCommonConfig = module: lib.mkMerge [ borgmaticCommonConfig = module:
module lib.mkMerge [
module
{ {
archive_name_format = lib.mkDefault "{fqdn}-home-manager-personal-{now}"; archive_name_format =
patterns = lib.mkBefore [ lib.mkDefault "{fqdn}-home-manager-personal-{now}";
"R ${config.home.homeDirectory}" patterns = lib.mkBefore [
"! ${config.xdg.dataHome}" "R ${config.home.homeDirectory}"
"! ${config.xdg.cacheHome}" "! ${config.xdg.dataHome}"
"- ${config.xdg.configHome}" "! ${config.xdg.cacheHome}"
"- ${config.xdg.userDirs.download}" "- ${config.xdg.configHome}"
"+ ${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}" "- ${config.xdg.userDirs.download}"
"+ ${config.xdg.userDirs.documents}" "+ ${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}"
"+ ${config.xdg.userDirs.music}" "+ ${config.xdg.userDirs.documents}"
"+ ${config.xdg.userDirs.pictures}" "+ ${config.xdg.userDirs.music}"
"+ ${config.xdg.userDirs.templates}" "+ ${config.xdg.userDirs.pictures}"
"+ ${config.xdg.userDirs.videos}" "+ ${config.xdg.userDirs.templates}"
"+ ${config.home.homeDirectory}/.thunderbird" "+ ${config.xdg.userDirs.videos}"
"+ ${config.xdg.dataHome}/gopass" "+ ${config.home.homeDirectory}/.thunderbird"
"+ ${config.xdg.configHome}/age" "+ ${config.xdg.dataHome}/gopass"
"+ ${config.xdg.configHome}/sops" "+ ${config.xdg.configHome}/age"
]; "+ ${config.xdg.configHome}/sops"
exclude_if_present = [ ];
".nobackup" exclude_if_present = [ ".nobackup" ".exclude.bak" ];
".exclude.bak" exclude_patterns =
]; [ "node_modules/" "*.pyc" "result*/" "*/.vim*.tmp" "target/" ];
exclude_patterns = [
"node_modules/"
"*.pyc"
"result*/"
"*/.vim*.tmp"
"target/"
];
store_config_files = true; store_config_files = true;
# Most of these retention settings are meant to have overlaps in the # Most of these retention settings are meant to have overlaps in the
# periodic backups. # periodic backups.
keep_hourly = 48; keep_hourly = 48;
keep_daily = 14; keep_daily = 14;
keep_weekly = 8; keep_weekly = 8;
keep_monthly = 12; keep_monthly = 12;
keep_yearly = 4; keep_yearly = 4;
check_last = 4; check_last = 4;
} }
]; ];
checkRemovableMountScript = pkgs.writeShellScript "check-for-removable-storage" '' checkRemovableMountScript =
{ findmnt "$(dirname "$1")" > /dev/null && [ -d "$1" ]; } || exit 75 pkgs.writeShellScript "check-for-removable-storage" ''
''; { findmnt "$(dirname "$1")" > /dev/null && [ -d "$1" ]; } || exit 75
in '';
{ in {
options.users.foo-dogsquared.services.backup.enable = options.users.foo-dogsquared.services.backup.enable =
lib.mkEnableOption "preferred backup service"; lib.mkEnableOption "preferred backup service";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml ( sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml
foodogsquaredLib.sops-nix.attachSopsPathPrefix pathPrefix { (foodogsquaredLib.sops-nix.attachSopsPathPrefix pathPrefix {
"repos/remote-hetzner-boxes-personal/password" = { }; "repos/remote-hetzner-boxes-personal/password" = { };
"repos/local-external-hdd-personal/password" = { }; "repos/local-external-hdd-personal/password" = { };
"repos/local-archive-personal/password" = { }; "repos/local-archive-personal/password" = { };
@ -84,15 +77,18 @@ in
initService.enable = true; initService.enable = true;
initService.startAt = "06:30"; initService.startAt = "06:30";
settings = borgmaticCommonConfig { settings = borgmaticCommonConfig {
encryption_passcommand = "cat ${getPath "repos/remote-hetzner-boxes-personal/password"}"; encryption_passcommand =
"cat ${getPath "repos/remote-hetzner-boxes-personal/password"}";
repositories = lib.singleton { repositories = lib.singleton {
path = "ssh://${hetznerBoxesUser}@${hetznerBoxesServer}:23/./borg/users/${config.home.username}"; path =
"ssh://${hetznerBoxesUser}@${hetznerBoxesServer}:23/./borg/users/${config.home.username}";
label = "remote-hetzner-boxes"; label = "remote-hetzner-boxes";
}; };
extra_borg_options = { extra_borg_options = {
init = builtins.toString [ init = builtins.toString [
"--make-parent-dirs" "--make-parent-dirs"
"--encryption" "repokey-blake2" "--encryption"
"repokey-blake2"
]; ];
}; };
}; };
@ -104,14 +100,17 @@ in
initService.enable = true; initService.enable = true;
initService.startAt = "04:30"; initService.startAt = "04:30";
settings = let settings = let
removablePath = "${attrs.nixosConfig.state.paths.external-hdd}/Backups"; removablePath =
"${attrs.nixosConfig.state.paths.external-hdd}/Backups";
in borgmaticCommonConfig { in borgmaticCommonConfig {
encryption_passcommand = "cat ${getPath "repos/local-external-hdd-personal/password"}"; encryption_passcommand =
"cat ${getPath "repos/local-external-hdd-personal/password"}";
repositories = lib.singleton { repositories = lib.singleton {
path = removablePath; path = removablePath;
label = "local-external-hdd"; label = "local-external-hdd";
}; };
before_backup = lib.singleton "${checkRemovableMountScript} ${removablePath}"; before_backup =
lib.singleton "${checkRemovableMountScript} ${removablePath}";
}; };
}; };
}) })
@ -121,9 +120,11 @@ in
initService.enable = true; initService.enable = true;
initService.startAt = "04:30"; initService.startAt = "04:30";
settings = borgmaticCommonConfig { settings = borgmaticCommonConfig {
encryption_passcommand = "cat ${getPath "repos/local-archive-personal/password"}"; encryption_passcommand =
"cat ${getPath "repos/local-archive-personal/password"}";
repositories = lib.singleton { repositories = lib.singleton {
path = "\${BORG_PERSONAL_FDS_PATH:-${attrs.nixosConfig.state.paths.laptop-ssd}/Backups/foodogsquared}"; path =
"\${BORG_PERSONAL_FDS_PATH:-${attrs.nixosConfig.state.paths.laptop-ssd}/Backups/foodogsquared}";
label = "local-archive"; label = "local-archive";
}; };
}; };
@ -136,13 +137,18 @@ in
enable = true; enable = true;
startAt = "daily"; startAt = "daily";
settings = let settings = let backup_path = "${config.xdg.cacheHome}/ludusavi/backups";
backup_path = "${config.xdg.cacheHome}/ludusavi/backups";
in { in {
manifest.enable = true; manifest.enable = true;
roots = [ roots = [
{ path = "${config.home.homeDirectory}/.steam"; store = "steam"; } {
{ path = "${config.xdg.dataHome}/lutris"; store = "lutris"; } path = "${config.home.homeDirectory}/.steam";
store = "steam";
}
{
path = "${config.xdg.dataHome}/lutris";
store = "lutris";
}
]; ];
backup.path = backup_path; backup.path = backup_path;
restore.path = backup_path; restore.path = backup_path;

9
configs/home-manager/foo-dogsquared/modules/setups/business.nix
View File

@ -3,16 +3,11 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.setups.business; cfg = userCfg.setups.business;
in in {
{
options.users.foo-dogsquared.setups.business.enable = options.users.foo-dogsquared.setups.business.enable =
lib.mkEnableOption "business setup"; lib.mkEnableOption "business setup";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [ collabora-online libreoffice zoom-us ];
collabora-online
libreoffice
zoom-us
];
}; };
} }

30
configs/home-manager/foo-dogsquared/modules/setups/desktop.nix
View File

@ -4,18 +4,14 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.setups.desktop; cfg = userCfg.setups.desktop;
in in {
{
options.users.foo-dogsquared.setups.desktop.enable = options.users.foo-dogsquared.setups.desktop.enable =
lib.mkEnableOption "a set of usual desktop productivity services"; lib.mkEnableOption "a set of usual desktop productivity services";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
state.ports.activitywatch.value = 5600; state.ports.activitywatch.value = 5600;
home.packages = with pkgs; [ home.packages = with pkgs; [ bitwarden-cli bitwarden-desktop ];
bitwarden-cli
bitwarden-desktop
];
# Install all of the desktop stuff. # Install all of the desktop stuff.
suites.desktop = { suites.desktop = {
@ -66,19 +62,14 @@ in
startAt = "daily"; startAt = "daily";
settings = { settings = {
topdirs = "~/Downloads ~/Documents ~/library"; topdirs = "~/Downloads ~/Documents ~/library";
"skippedNames+" = "skippedNames+" = let inherit (config.state.paths) ignoreDirectories;
let in lib.concatStringsSep " " ignoreDirectories;
inherit (config.state.paths) ignoreDirectories;
in
lib.concatStringsSep " " ignoreDirectories;
"~/library/projects" = { "~/library/projects" = {
"skippedNames+" = ".editorconfig .gitignore result flake.lock go.sum"; "skippedNames+" = ".editorconfig .gitignore result flake.lock go.sum";
}; };
"~/library/projects/software" = { "~/library/projects/software" = { "skippedNames+" = "target result"; };
"skippedNames+" = "target result";
};
}; };
}; };
@ -92,9 +83,12 @@ in
startAt = "daily"; startAt = "daily";
}; };
users.foo-dogsquared.programs.custom-homepage.sections.services.links = lib.singleton { users.foo-dogsquared.programs.custom-homepage.sections.services.links =
url = "http://localhost:${builtins.toString config.state.ports.activitywatch.value}"; lib.singleton {
text = "Telemetry server"; url = "http://localhost:${
}; builtins.toString config.state.ports.activitywatch.value
}";
text = "Telemetry server";
};
}; };
} }

24
configs/home-manager/foo-dogsquared/modules/setups/development.nix
View File

@ -5,8 +5,7 @@ let
cfg = userCfg.setups.development; cfg = userCfg.setups.development;
in { in {
options.users.foo-dogsquared.setups.development = { options.users.foo-dogsquared.setups.development = {
enable = enable = lib.mkEnableOption "foo-dogsquared's software development setup";
lib.mkEnableOption "foo-dogsquared's software development setup";
creative-coding.enable = creative-coding.enable =
lib.mkEnableOption "foo-dogsquared's creative coding setup"; lib.mkEnableOption "foo-dogsquared's creative coding setup";
@ -54,10 +53,12 @@ in {
users.foo-dogsquared.programs.custom-homepage.sections.services.links = users.foo-dogsquared.programs.custom-homepage.sections.services.links =
let let
hasCockpitEnabled = attrs.nixosConfig.services.cockpit.enable or false; hasCockpitEnabled =
in attrs.nixosConfig.services.cockpit.enable or false;
lib.optionals hasCockpitEnabled (lib.singleton { in lib.optionals hasCockpitEnabled (lib.singleton {
url = "http://localhost:${builtins.toString attrs.nixosConfig.services.cockpit.port}"; url = "http://localhost:${
builtins.toString attrs.nixosConfig.services.cockpit.port
}";
text = "Cockpit WebUI"; text = "Cockpit WebUI";
}); });
@ -69,7 +70,7 @@ in {
home.packages = with pkgs; [ home.packages = with pkgs; [
cachix # Compile no more by using someone's binary cache! cachix # Compile no more by using someone's binary cache!
regex-cli # Save some face of confusion for yourself. regex-cli # Save some face of confusion for yourself.
dt # Get that functional gawk. #dt # Get that functional gawk.
jq # Get that JSON querying tool. jq # Get that JSON querying tool.
recode # Convert between different encodings. recode # Convert between different encodings.
go-migrate # Go potential migraines. go-migrate # Go potential migraines.
@ -91,10 +92,9 @@ in {
]; ];
} }
(lib.mkIf (!userCfg.programs.nixvim.enable) { (lib.mkIf (!config.programs.nixvim.enable or false) {
programs.neovim = { programs.neovim = {
enable = true; enable = true;
package = pkgs.neovim-nightly;
vimAlias = true; vimAlias = true;
vimdiffAlias = true; vimdiffAlias = true;
@ -105,9 +105,7 @@ in {
}) })
(lib.mkIf userCfg.programs.browsers.firefox.enable { (lib.mkIf userCfg.programs.browsers.firefox.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [ (lowPrio firefox-devedition) ];
(lowPrio firefox-devedition)
];
}) })
(lib.mkIf userCfg.programs.git.enable { (lib.mkIf userCfg.programs.git.enable {
@ -145,7 +143,7 @@ in {
home.packages = with pkgs; [ home.packages = with pkgs; [
supercollider-with-plugins supercollider-with-plugins
processing processing
(puredata-with-plugins (with pkgs; [ zexy cyclone ])) #(puredata-with-plugins (with pkgs; [ zexy cyclone ]))
]; ];
}) })
]); ]);

3
configs/home-manager/foo-dogsquared/modules/setups/fonts.nix
View File

@ -3,8 +3,7 @@
let let
userCfg = config.users.foo-dogsquared; userCfg = config.users.foo-dogsquared;
cfg = userCfg.setups.fonts; cfg = userCfg.setups.fonts;
in in {
{
options.users.foo-dogsquared.setups.fonts.enable = options.users.foo-dogsquared.setups.fonts.enable =
lib.mkEnableOption "foo-dogsquared's font setup"; lib.mkEnableOption "foo-dogsquared's font setup";

63
configs/home-manager/foo-dogsquared/modules/setups/music.nix
View File

@ -10,8 +10,7 @@ let
musicDir = config.xdg.userDirs.music; musicDir = config.xdg.userDirs.music;
playlistsDir = "${musicDir}/playlists"; playlistsDir = "${musicDir}/playlists";
in in {
{
options.users.foo-dogsquared.setups.music = { options.users.foo-dogsquared.setups.music = {
enable = lib.mkEnableOption "foo-dogsquared's music setup"; enable = lib.mkEnableOption "foo-dogsquared's music setup";
mpd.enable = lib.mkEnableOption "foo-dogsquared's MPD server setup"; mpd.enable = lib.mkEnableOption "foo-dogsquared's MPD server setup";
@ -28,9 +27,7 @@ in
wrapper-manager.packages.music-setup = { wrapper-manager.packages.music-setup = {
wrappers.yt-dlp-audio = { wrappers.yt-dlp-audio = {
arg0 = lib.getExe' pkgs.yt-dlp "yt-dlp"; arg0 = lib.getExe' pkgs.yt-dlp "yt-dlp";
prependArgs = [ prependArgs = [ "--config-location" ../../config/yt-dlp/audio.conf ];
"--config-location" ../../config/yt-dlp/audio.conf
];
}; };
}; };
@ -107,12 +104,15 @@ in
users.foo-dogsquared.programs.custom-homepage.sections = lib.mkMerge [ users.foo-dogsquared.programs.custom-homepage.sections = lib.mkMerge [
(lib.mkIf (attrs.nixosConfig.services.gonic.enable or false) (let (lib.mkIf (attrs.nixosConfig.services.gonic.enable or false) (let
subsonicLink = { subsonicLink = {
url = "http://localhost:${builtins.toString attrs.nixosConfig.state.ports.gonic.value}"; url = "http://localhost:${
builtins.toString attrs.nixosConfig.state.ports.gonic.value
}";
text = "Jukebox server"; text = "Jukebox server";
}; };
in { in {
services.links = lib.singleton subsonicLink; services.links = lib.singleton subsonicLink;
music.links = lib.mkBefore [ (subsonicLink // { text = "Subsonic music server"; }) ]; music.links = lib.mkBefore
[ (subsonicLink // { text = "Subsonic music server"; }) ];
})) }))
]; ];
} }
@ -120,26 +120,31 @@ in
(lib.mkIf cfg.spotify.enable { (lib.mkIf cfg.spotify.enable {
home.packages = with pkgs; [ spotify ]; home.packages = with pkgs; [ spotify ];
state.ports.spotifyd.value = attrs.nixosConfig.services.spotifyd.value or 9009; state.ports.spotifyd.value =
attrs.nixosConfig.services.spotifyd.value or 9009;
services.mopidy.extensionPackages = [ pkgs.mopidy-spotify ]; services.mopidy.extensionPackages = [ pkgs.mopidy-spotify ];
}) })
(lib.mkIf (cfg.spotify.enable && !(attrs.nixosConfig.services.spotifyd.enable or false)) { (lib.mkIf (cfg.spotify.enable
services.spotifyd = { && !(attrs.nixosConfig.services.spotifyd.enable or false)) {
enable = true; services.spotifyd = {
settings.global = { enable = true;
use_mpris = true; settings.global = {
device_name = "foodogsquared's computer"; use_mpris = true;
bitrate = 320; device_name = "foodogsquared's computer";
device_type = "computer"; bitrate = 320;
zeroconf_port = config.state.ports.spotifyd.value; device_type = "computer";
zeroconf_port = config.state.ports.spotifyd.value;
cache_path = "${config.xdg.cacheHome}/spotifyd"; cache_path = "${config.xdg.cacheHome}/spotifyd";
max_cache_size = unitsToInt { size = 4; prefix = "G"; }; max_cache_size = unitsToInt {
size = 4;
prefix = "G";
};
};
}; };
}; })
})
(lib.mkIf cfg.mpd.enable { (lib.mkIf cfg.mpd.enable {
state.ports.mopidy.value = 6680; state.ports.mopidy.value = 6680;
@ -165,13 +170,10 @@ in
file = { file = {
enabled = true; enabled = true;
media_dirs = [ media_dirs = [ "$XDG_MUSIC_DIR|Music" "~/library/music|Library" ]
"$XDG_MUSIC_DIR|Music" ++ lib.optional (isFilesystemSet "external-hdd")
"~/library/music|Library"
]
++ lib.optional (isFilesystemSet "external-hdd")
"${attrs.nixosConfig.state.paths.external-hdd}/Music|External storage" "${attrs.nixosConfig.state.paths.external-hdd}/Music|External storage"
++ lib.optional (isFilesystemSet "archive") ++ lib.optional (isFilesystemSet "archive")
"${attrs.nixosConfig.state.paths.archive}/Music|Archive"; "${attrs.nixosConfig.state.paths.archive}/Music|Archive";
}; };
@ -207,12 +209,15 @@ in
# Set this to the custom homepage. # Set this to the custom homepage.
users.foo-dogsquared.programs.custom-homepage.sections = let users.foo-dogsquared.programs.custom-homepage.sections = let
mopidyLink = { mopidyLink = {
url = "http://localhost:${builtins.toString config.state.ports.mopidy.value}"; url = "http://localhost:${
builtins.toString config.state.ports.mopidy.value
}";
text = "Music streaming server"; text = "Music streaming server";
}; };
in { in {
services.links = lib.singleton mopidyLink; services.links = lib.singleton mopidyLink;
music.links = lib.mkBefore [ (mopidyLink // { text = "Mopidy server"; }) ]; music.links =
lib.mkBefore [ (mopidyLink // { text = "Mopidy server"; }) ];
}; };
}) })
]); ]);

62
configs/home-manager/foo-dogsquared/modules/setups/research.nix
View File

@ -10,29 +10,37 @@ let
# `services.gallery-dl`, and `services.archivebox`. # `services.gallery-dl`, and `services.archivebox`.
mkJobs = { extraArgs ? [ ], db }: mkJobs = { extraArgs ? [ ], db }:
let let
days = [ "Monday" "Tuesday" "Wednesday" "Thursday" "Friday" "Saturday" "Sunday" ]; days = [
categories = lib.zipListsWith "Monday"
(index: category: { inherit index; data = category; }) "Tuesday"
(lib.lists.range 1 (lib.length (lib.attrValues db))) "Wednesday"
(lib.mapAttrsToList (name: value: { inherit name; inherit (value) subscriptions extraArgs; }) db); "Thursday"
jobsList = builtins.map "Friday"
(category: "Saturday"
let "Sunday"
jobExtraArgs = lib.attrByPath [ "data" "extraArgs" ] [ ] category; ];
in categories = lib.zipListsWith (index: category: {
{ inherit index;
name = category.data.name; data = category;
value = { }) (lib.lists.range 1 (lib.length (lib.attrValues db)))
extraArgs = extraArgs ++ jobExtraArgs; (lib.mapAttrsToList (name: value: {
urls = builtins.map (subscription: subscription.url) category.data.subscriptions; inherit name;
startAt = lib.elemAt days (lib.mod category.index (lib.length days)); inherit (value) subscriptions extraArgs;
}; }) db);
}) jobsList = builtins.map (category:
categories; let jobExtraArgs = lib.attrByPath [ "data" "extraArgs" ] [ ] category;
in in {
lib.listToAttrs jobsList; name = category.data.name;
in value = {
{ extraArgs = extraArgs ++ jobExtraArgs;
urls = builtins.map (subscription: subscription.url)
category.data.subscriptions;
startAt =
lib.elemAt days (lib.mod category.index (lib.length days));
};
}) categories;
in lib.listToAttrs jobsList;
in {
options.users.foo-dogsquared.setups.research.enable = options.users.foo-dogsquared.setups.research.enable =
lib.mkEnableOption "foo-dogsquared's usual toolbelt for research"; lib.mkEnableOption "foo-dogsquared's usual toolbelt for research";
@ -60,7 +68,9 @@ in
services.syncthing = { services.syncthing = {
enable = true; enable = true;
extraOptions = [ extraOptions = [
"--gui-address=http://localhost:${builtins.toString config.state.ports.syncthing.value}" "--gui-address=http://localhost:${
builtins.toString config.state.ports.syncthing.value
}"
]; ];
}; };
@ -70,7 +80,9 @@ in
users.foo-dogsquared.programs.custom-homepage.sections.services.links = users.foo-dogsquared.programs.custom-homepage.sections.services.links =
lib.singleton { lib.singleton {
url = "http://localhost:${builtins.toString config.state.ports.syncthing.value}"; url = "http://localhost:${
builtins.toString config.state.ports.syncthing.value
}";
text = "Local sync server"; text = "Local sync server";
}; };
} }

8
configs/home-manager/nixos/default.nix
View File

@ -24,13 +24,7 @@
programs.bash = { programs.bash = {
enable = true; enable = true;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ]; historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyIgnore = [ historyIgnore = [ "cd" "exit" "lf" "ls" "nvim" ];
"cd"
"exit"
"lf"
"ls"
"nvim"
];
}; };
home.stateVersion = "23.11"; home.stateVersion = "23.11";

6
configs/home-manager/nixos/modules/default.nix
View File

@ -1,5 +1 @@
{ { imports = [ ./programs/terminal-multiplexer.nix ]; }
imports = [
./programs/terminal-multiplexer.nix
];
}

3
configs/home-manager/nixos/modules/programs/terminal-multiplexer.nix
View File

@ -4,8 +4,7 @@
let let
userCfg = config.users.nixos; userCfg = config.users.nixos;
cfg = userCfg.programs.terminal-multiplexer; cfg = userCfg.programs.terminal-multiplexer;
in in {
{
options.users.nixos.programs.terminal-multiplexer.enable = options.users.nixos.programs.terminal-multiplexer.enable =
lib.mkEnableOption "terminal multiplexer"; lib.mkEnableOption "terminal multiplexer";

19
configs/home-manager/plover/default.nix
View File

@ -2,23 +2,13 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [ glances wireshark-cli jq ];
glances
wireshark-cli
jq
];
# My user shell of choice because I'm not a hipster. # My user shell of choice because I'm not a hipster.
programs.bash = { programs.bash = {
enable = true; enable = true;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ]; historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyIgnore = [ historyIgnore = [ "cd" "exit" "lf" "ls" "nvim" ];
"cd"
"exit"
"lf"
"ls"
"nvim"
];
}; };
suites = { suites = {
@ -39,10 +29,7 @@
services.bleachbit = { services.bleachbit = {
enable = true; enable = true;
cleaners = [ cleaners = [ "bash.history" "vim.history" ];
"bash.history"
"vim.history"
];
startAt = "weekly"; startAt = "weekly";
}; };

6
configs/nixos/_users/admin/default.nix
View File

@ -1,10 +1,8 @@
# Mainly used for managing the installations with deploy-rs. # Mainly used for managing the installations with deploy-rs.
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let name = "admin";
name = "admin"; in {
in
{
users.users.${name} = { users.users.${name} = {
description = "The administrator account for the servers."; description = "The administrator account for the servers.";
isNormalUser = true; isNormalUser = true;

6
configs/nixos/_users/nixos/default.nix
View File

@ -24,10 +24,8 @@
sandbox = true; sandbox = true;
# Set several binary caches. # Set several binary caches.
substituters = [ substituters =
"https://cache.nixos.org/" [ "https://cache.nixos.org/" "https://nix-community.cachix.org" ];
"https://nix-community.cachix.org"
];
trusted-public-keys = [ trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
]; ];

10
configs/nixos/_users/plover/default.nix
View File

@ -4,11 +4,11 @@
let let
user = "plover"; user = "plover";
homeManagerUser = foodogsquaredUtils.getConfig "home-manager" user; homeManagerUser = foodogsquaredUtils.getConfig "home-manager" user;
in in {
{
users.users.${user} = { users.users.${user} = {
home = "/home/${user}"; home = "/home/${user}";
hashedPassword = "$y$j9T$43ExH5GLbEGwgnNGhmcTD/$qXoZE5Cm9O2Z3zMM/VyCZ18qN2Hc9.KvCnVz6tmjVVD"; hashedPassword =
"$y$j9T$43ExH5GLbEGwgnNGhmcTD/$qXoZE5Cm9O2Z3zMM/VyCZ18qN2Hc9.KvCnVz6tmjVVD";
extraGroups = [ "wheel" "kanidm" ]; extraGroups = [ "wheel" "kanidm" ];
useDefaultShell = true; useDefaultShell = true;
isNormalUser = true; isNormalUser = true;
@ -24,7 +24,5 @@ in
]; ];
}; };
home-manager.users.${user} = { home-manager.users.${user} = { imports = [ homeManagerUser ]; };
imports = [ homeManagerUser ];
};
} }

4
configs/nixos/bootstrap/default.nix
View File

@ -6,9 +6,7 @@
# #
# This means, there will be a "nixos" user among other things. # This means, there will be a "nixos" user among other things.
{ {
imports = [ imports = [ "${foodogsquaredModulesPath}/profiles/installer.nix" ];
"${foodogsquaredModulesPath}/profiles/installer.nix"
];
config = lib.mkMerge [ config = lib.mkMerge [
{ {

13
configs/nixos/graphical-installer/default.nix
View File

@ -1,8 +1,4 @@
{ lib { lib, config, pkgs, foodogsquaredLib, foodogsquaredUtils
, config
, pkgs
, foodogsquaredLib
, foodogsquaredUtils
, foodogsquaredModulesPath , foodogsquaredModulesPath
, ... }: , ... }:
@ -34,9 +30,7 @@
# closure size smaller. # closure size smaller.
workflows = { workflows = {
enable = [ "a-happy-gnome" ]; enable = [ "a-happy-gnome" ];
workflows.a-happy-gnome = { workflows.a-happy-gnome = { extraApps = lib.mkForce [ ]; };
extraApps = lib.mkForce [ ];
};
}; };
# Install the web browser of course. What would be a graphical installer # Install the web browser of course. What would be a graphical installer
@ -63,8 +57,7 @@
system.stateVersion = "23.11"; system.stateVersion = "23.11";
} }
(lib.mkIf (lib.mkIf (foodogsquaredLib.nixos.isFormat config "isoImage") {
(foodogsquaredLib.nixos.isFormat config "isoImage") {
isoImage = { isoImage = {
isoBaseName = config.networking.hostName; isoBaseName = config.networking.hostName;
edition = "a-happy-gnome"; edition = "a-happy-gnome";

4
configs/nixos/ni/config/nixpkgs/config.nix
View File

@ -1,3 +1 @@
{ { allowUnfree = true; }
allowUnfree = true;
}

114
configs/nixos/ni/disko.nix
View File

@ -1,72 +1,70 @@
{ primaryDisk ? "/dev/nvme0n1", config, lib, ... }: { primaryDisk ? "/dev/nvme0n1", config, lib, ... }:
{ {
disko.devices = lib.mkMerge [ disko.devices = lib.mkMerge [{
{ disk."${config.networking.hostName}-primary" = {
disk."${config.networking.hostName}-primary" = { device = primaryDisk;
device = primaryDisk; type = "disk";
type = "disk"; content = {
content = { type = "gpt";
type = "gpt"; partitions = {
partitions = { # You can't really have a btrfs-layered boot so this'll have to do.
# You can't really have a btrfs-layered boot so this'll have to do. ESP = {
ESP = { priority = 1;
priority = 1; start = "0";
start = "0"; end = "512MiB";
end = "512MiB"; type = "EF00";
type = "EF00"; content = {
content = { type = "filesystem";
type = "filesystem"; mountpoint = "/boot";
mountpoint = "/boot"; format = "vfat";
format = "vfat";
};
}; };
};
swap = { swap = {
start = "-8GiB"; start = "-8GiB";
end = "-0"; end = "-0";
type = "8200"; type = "8200";
content = { content = {
type = "swap"; type = "swap";
randomEncryption = true; randomEncryption = true;
};
}; };
};
root = { root = {
size = "100%"; size = "100%";
type = "8300"; type = "8300";
content = { content = {
type = "btrfs"; type = "btrfs";
extraArgs = [ "-f" ]; extraArgs = [ "-f" ];
subvolumes = lib.mkMerge [ subvolumes = lib.mkMerge [
{ {
"/root" = { "/root" = {
mountOptions = [ "compress=zstd" ]; mountOptions = [ "compress=zstd" ];
mountpoint = "/"; mountpoint = "/";
}; };
"/home" = { "/home" = {
mountOptions = [ "compress=zstd" ]; mountOptions = [ "compress=zstd" ];
mountpoint = "/home"; mountpoint = "/home";
}; };
"/nix" = { "/nix" = {
mountOptions = [ "compress=zstd" "noatime" "noacl" ]; mountOptions = [ "compress=zstd" "noatime" "noacl" ];
mountpoint = "/nix"; mountpoint = "/nix";
}; };
} }
(lib.mkIf config.services.guix.enable { (lib.mkIf config.services.guix.enable {
"/gnu" = { "/gnu" = {
mountOptions = [ "compress=zstd" "noatime" "noacl" ]; mountOptions = [ "compress=zstd" "noatime" "noacl" ];
mountpoint = "/gnu"; mountpoint = "/gnu";
}; };
}) })
]; ];
};
}; };
}; };
}; };
}; };
} };
]; }];
} }

7
configs/nixos/ni/hardware-configuration.nix
View File

@ -1,12 +1,11 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_12; boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_12;
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "uas" "sd_mod" ]; boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "thunderbolt" "usbhid" "uas" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" ];

8
configs/nixos/ni/modules/hardware/qol.nix
View File

@ -4,8 +4,7 @@
let let
hostCfg = config.hosts.ni; hostCfg = config.hosts.ni;
cfg = hostCfg.hardware.qol; cfg = hostCfg.hardware.qol;
in in {
{
options.hosts.ni.hardware.qol.enable = options.hosts.ni.hardware.qol.enable =
lib.mkEnableOption "quality-of-life hardware features"; lib.mkEnableOption "quality-of-life hardware features";
@ -17,10 +16,7 @@ in
services.printing = { services.printing = {
enable = true; enable = true;
browsing = true; browsing = true;
drivers = with pkgs; [ drivers = with pkgs; [ gutenprint splix ];
gutenprint
splix
];
}; };
# Extend the life of an SSD. # Extend the life of an SSD.

18
configs/nixos/ni/modules/networking/setup.nix
View File

@ -3,8 +3,7 @@
let let
hostCfg = config.hosts.ni; hostCfg = config.hosts.ni;
cfg = hostCfg.networking; cfg = hostCfg.networking;
in in {
{
options.hosts.ni.networking = { options.hosts.ni.networking = {
enable = lib.mkEnableOption "networking setup"; enable = lib.mkEnableOption "networking setup";
@ -31,9 +30,7 @@ in
::: :::
''; '';
default = default =
if config.networking.useNetworkd if config.networking.useNetworkd then "networkd" else "networkmanager";
then "networkd"
else "networkmanager";
defaultText = '' defaultText = ''
When networkd is enabled, `networkd`, otherwise `networkmanager` as the When networkd is enabled, `networkd`, otherwise `networkmanager` as the
general fallback value. general fallback value.
@ -54,11 +51,8 @@ in
}; };
# Add these timeservers. # Add these timeservers.
networking.timeServers = lib.mkBefore [ networking.timeServers =
"ntp.nict.jp" lib.mkBefore [ "ntp.nict.jp" "time.nist.gov" "time.facebook.com" ];
"time.nist.gov"
"time.facebook.com"
];
# Put on your cloak, kid. # Put on your cloak, kid.
suites.vpn.personal.enable = true; suites.vpn.personal.enable = true;
@ -148,9 +142,7 @@ in
dhcp = lib.mkIf (config.networking.dhcpcd.enable) "dhcpcd"; dhcp = lib.mkIf (config.networking.dhcpcd.enable) "dhcpcd";
} }
(lib.mkIf config.services.resolved.enable { (lib.mkIf config.services.resolved.enable { dns = "systemd-resolved"; })
dns = "systemd-resolved";
})
]; ];
# We'll configure individual network interfaces to use DHCP since it can # We'll configure individual network interfaces to use DHCP since it can

113
configs/nixos/ni/modules/networking/wireguard.nix
View File

@ -8,14 +8,10 @@ let
inherit (builtins) toString; inherit (builtins) toString;
inherit (import ../../../plover/modules/hardware/networks.nix) inherit (import ../../../plover/modules/hardware/networks.nix)
interfaces interfaces wireguardPort wireguardPeers;
wireguardPort
wireguardPeers;
wireguardAllowedIPs = [ wireguardAllowedIPs =
"${interfaces.lan.IPv4.address}/16" [ "${interfaces.lan.IPv4.address}/16" "${interfaces.lan.IPv6.address}/64" ];
"${interfaces.lan.IPv6.address}/64"
];
wireguardIFName = "wireguard0"; wireguardIFName = "wireguard0";
internalDomains = [ internalDomains = [
@ -23,19 +19,20 @@ let
"~0.27.172.in-addr.arpa" "~0.27.172.in-addr.arpa"
"~0.28.172.in-addr.arpa" "~0.28.172.in-addr.arpa"
]; ];
in in {
{ options.hosts.ni.networking.wireguard.enable =
options.hosts.ni.networking.wireguard.enable = lib.mkEnableOption "Wireguard setup"; lib.mkEnableOption "Wireguard setup";
config = lib.mkIf (hostCfg.networking.enable && cfg.enable) (lib.mkMerge [ config = lib.mkIf (hostCfg.networking.enable && cfg.enable) (lib.mkMerge [
{ {
environment.systemPackages = with pkgs; [ wireguard-tools ]; environment.systemPackages = with pkgs; [ wireguard-tools ];
networking.firewall.allowedUDPPorts = [ wireguardPort ]; networking.firewall.allowedUDPPorts = [ wireguardPort ];
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ../../secrets/secrets.yaml { sops.secrets =
"wireguard/private-key" = { }; foodogsquaredLib.sops-nix.getSecrets ../../secrets/secrets.yaml {
"wireguard/preshared-keys/plover" = { }; "wireguard/private-key" = { };
"wireguard/preshared-keys/phone" = { }; "wireguard/preshared-keys/plover" = { };
}; "wireguard/preshared-keys/phone" = { };
};
} }
(lib.mkIf (networkSetup == "networkmanager") { (lib.mkIf (networkSetup == "networkmanager") {
@ -60,35 +57,36 @@ in
privateKeyFile = config.sops.secrets."wireguard/private-key".path; privateKeyFile = config.sops.secrets."wireguard/private-key".path;
listenPort = wireguardPort; listenPort = wireguardPort;
dns = with interfaces.lan; [ IPv4.address IPv6.address ]; dns = with interfaces.lan; [ IPv4.address IPv6.address ];
postUp = postUp = let resolvectl = "${lib.getBin pkgs.systemd}/bin/resolvectl";
let in ''
resolvectl = "${lib.getBin pkgs.systemd}/bin/resolvectl"; ${resolvectl} domain ${wireguardIFName} ${
in lib.concatStringsSep " " internalDomains
'' }
${resolvectl} domain ${wireguardIFName} ${lib.concatStringsSep " " internalDomains} ${resolvectl} dnssec ${wireguardIFName} no
${resolvectl} dnssec ${wireguardIFName} no '';
'';
address = with wireguardPeers.desktop; [ address = with wireguardPeers.desktop; [ "${IPv4}/32" "${IPv6}/128" ];
"${IPv4}/32"
"${IPv6}/128"
];
# Take note wg-quick doesn't trim the files so we have to trim it ourselves. # Take note wg-quick doesn't trim the files so we have to trim it ourselves.
peers = [ peers = [
# The "server" peer. # The "server" peer.
{ {
publicKey = lib.removeSuffix "\n" (lib.readFile ../../../plover/files/wireguard/wireguard-public-key-plover); publicKey = lib.removeSuffix "\n" (lib.readFile
presharedKeyFile = config.sops.secrets."wireguard/preshared-keys/plover".path; ../../../plover/files/wireguard/wireguard-public-key-plover);
presharedKeyFile =
config.sops.secrets."wireguard/preshared-keys/plover".path;
allowedIPs = wireguardAllowedIPs; allowedIPs = wireguardAllowedIPs;
endpoint = "${interfaces.wan.IPv4.address}:${toString wireguardPort}"; endpoint =
"${interfaces.wan.IPv4.address}:${toString wireguardPort}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
# The "phone" peer. # The "phone" peer.
{ {
publicKey = lib.removeSuffix "\n" (lib.readFile ../../../plover/files/wireguard/wireguard-public-key-phone); publicKey = lib.removeSuffix "\n" (lib.readFile
presharedKeyFile = config.sops.secrets."wireguard/preshared-keys/phone".path; ../../../plover/files/wireguard/wireguard-public-key-phone);
presharedKeyFile =
config.sops.secrets."wireguard/preshared-keys/phone".path;
allowedIPs = wireguardAllowedIPs; allowedIPs = wireguardAllowedIPs;
} }
]; ];
@ -97,22 +95,21 @@ in
(lib.mkIf (networkSetup == "networkd") { (lib.mkIf (networkSetup == "networkd") {
# Just apply the appropriate permissions for systemd-networkd. # Just apply the appropriate permissions for systemd-networkd.
sops.secrets = sops.secrets = let
let systemdNetworkFileAttrs = {
systemdNetworkFileAttrs = { group = config.users.users.systemd-network.group;
group = config.users.users.systemd-network.group; reloadUnits = [ "systemd-networkd.service" ];
reloadUnits = [ "systemd-networkd.service" ]; mode = "0640";
mode = "0640"; };
}; applySystemdAttr = secretPaths:
applySystemdAttr = secretPaths: lib.listToAttrs lib.listToAttrs
(builtins.map (path: lib.nameValuePair path systemdNetworkFileAttrs)) (builtins.map (path: lib.nameValuePair path systemdNetworkFileAttrs))
secretPaths; secretPaths;
in in applySystemdAttr [
applySystemdAttr [ "wireguard/private-key"
"wireguard/private-key" "wireguard/preshared-keys/phone"
"wireguard/preshared-keys/phone" "wireguard/preshared-keys/plover"
"wireguard/preshared-keys/plover" ];
];
systemd.network = { systemd.network = {
netdevs."99-${wireguardIFName}" = { netdevs."99-${wireguardIFName}" = {
@ -129,17 +126,22 @@ in
wireguardPeers = [ wireguardPeers = [
# The "server" peer. # The "server" peer.
{ {
PublicKey = lib.readFile ../../../plover/files/wireguard/wireguard-public-key-plover; PublicKey = lib.readFile
PresharedKeyFile = config.sops.secrets."wireguard/preshared-keys/plover".path; ../../../plover/files/wireguard/wireguard-public-key-plover;
PresharedKeyFile =
config.sops.secrets."wireguard/preshared-keys/plover".path;
AllowedIPs = lib.concatStringsSep "," wireguardAllowedIPs; AllowedIPs = lib.concatStringsSep "," wireguardAllowedIPs;
Endpoint = "${interfaces.wan.IPv4.address}:${toString wireguardPort}"; Endpoint =
"${interfaces.wan.IPv4.address}:${toString wireguardPort}";
PersistentKeepalive = 25; PersistentKeepalive = 25;
} }
# The "phone" peer. # The "phone" peer.
{ {
PublicKey = lib.readFile ../../../plover/files/wireguard/wireguard-public-key-phone; PublicKey = lib.readFile
PresharedKeyFile = config.sops.secrets."wireguard/preshared-keys/phone".path; ../../../plover/files/wireguard/wireguard-public-key-phone;
PresharedKeyFile =
config.sops.secrets."wireguard/preshared-keys/phone".path;
AllowedIPs = lib.concatStringsSep "," wireguardAllowedIPs; AllowedIPs = lib.concatStringsSep "," wireguardAllowedIPs;
} }
]; ];
@ -148,10 +150,7 @@ in
networks."99-${wireguardIFName}" = { networks."99-${wireguardIFName}" = {
matchConfig.Name = wireguardIFName; matchConfig.Name = wireguardIFName;
address = with wireguardPeers.desktop; [ address = with wireguardPeers.desktop; [ "${IPv4}/32" "${IPv6}/128" ];
"${IPv4}/32"
"${IPv6}/128"
];
dns = with interfaces.lan; [ IPv4.address IPv6.address ]; dns = with interfaces.lan; [ IPv4.address IPv6.address ];
domains = internalDomains; domains = internalDomains;

94
configs/nixos/ni/modules/services/backup/default.nix
View File

@ -6,53 +6,49 @@ let
cfg = hostCfg.services.backup; cfg = hostCfg.services.backup;
borgJobCommonSetting = { patterns ? [ ], passCommand, ... }@args: borgJobCommonSetting = { patterns ? [ ], passCommand, ... }@args:
let let args' = lib.attrsets.removeAttrs args [ "patterns" "passCommand" ];
args' = lib.attrsets.removeAttrs args [ "patterns" "passCommand" ]; in {
in compression = "zstd,12";
{ dateFormat = "+%F-%H-%M-%S-%z";
compression = "zstd,12"; doInit = false;
dateFormat = "+%F-%H-%M-%S-%z"; encryption = {
doInit = false; inherit passCommand;
encryption = { mode = "repokey-blake2";
inherit passCommand;
mode = "repokey-blake2";
};
extraCreateArgs = lib.concatStringsSep " "
(builtins.map (patternFile: "--patterns-from ${patternFile}") patterns);
extraInitArgs = "--make-parent-dirs";
# We're emptying them since we're specifying them all through the patterns file.
paths = lib.mkForce [ ];
persistentTimer = true;
preHook = ''
extraCreateArgs="$extraCreateArgs --exclude-if-present .nobackup"
extraCreateArgs="$extraCreateArgs --stats"
'';
prune = {
keep = {
within = "1d";
hourly = 8;
daily = 30;
weekly = 4;
monthly = 6;
yearly = 3;
}; };
}; extraCreateArgs = lib.concatStringsSep " "
} // args'; (builtins.map (patternFile: "--patterns-from ${patternFile}") patterns);
extraInitArgs = "--make-parent-dirs";
# We're emptying them since we're specifying them all through the patterns file.
paths = lib.mkForce [ ];
persistentTimer = true;
preHook = ''
extraCreateArgs="$extraCreateArgs --exclude-if-present .nobackup"
extraCreateArgs="$extraCreateArgs --stats"
'';
prune = {
keep = {
within = "1d";
hourly = 8;
daily = 30;
weekly = 4;
monthly = 6;
yearly = 3;
};
};
} // args';
hetzner-boxes-user = "u332477"; hetzner-boxes-user = "u332477";
hetzner-boxes-server = "${hetzner-boxes-user}.your-storagebox.de"; hetzner-boxes-server = "${hetzner-boxes-user}.your-storagebox.de";
pathPrefix = "borg-backup"; pathPrefix = "borg-backup";
in in {
{
options.hosts.ni.services.backup.enable = options.hosts.ni.services.backup.enable =
lib.mkEnableOption "backup setup with BorgBackup"; lib.mkEnableOption "backup setup with BorgBackup";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml
./secrets.yaml
(foodogsquaredLib.sops-nix.attachSopsPathPrefix pathPrefix { (foodogsquaredLib.sops-nix.attachSopsPathPrefix pathPrefix {
"patterns/home" = { }; "patterns/home" = { };
"patterns/root" = { }; "patterns/root" = { };
@ -63,9 +59,7 @@ in
"repos/hetzner-box/ssh-key" = { }; "repos/hetzner-box/ssh-key" = { };
}); });
suites.filesystem.setups = { suites.filesystem.setups = { laptop-ssd.enable = true; };
laptop-ssd.enable = true;
};
services.borgbackup.jobs = { services.borgbackup.jobs = {
local-external-storage = borgJobCommonSetting { local-external-storage = borgJobCommonSetting {
@ -73,21 +67,27 @@ in
secrets."${pathPrefix}/patterns/root".path secrets."${pathPrefix}/patterns/root".path
secrets."${pathPrefix}/patterns/keys".path secrets."${pathPrefix}/patterns/keys".path
]; ];
passCommand = "cat ${config.sops.secrets."${pathPrefix}/repos/external-hdd/password".path}"; passCommand = "cat ${
config.sops.secrets."${pathPrefix}/repos/external-hdd/password".path
}";
removableDevice = true; removableDevice = true;
doInit = true; doInit = true;
repo = "${config.state.paths.laptop-ssd}/Backups"; repo = "${config.state.paths.laptop-ssd}/Backups";
}; };
remote-backup-hetzner-box = borgJobCommonSetting { remote-backup-hetzner-box = borgJobCommonSetting {
patterns = with config.sops; [ patterns = with config.sops;
secrets."${pathPrefix}/patterns/home".path [ secrets."${pathPrefix}/patterns/home".path ];
]; passCommand = "cat ${
passCommand = "cat ${config.sops.secrets."${pathPrefix}/repos/hetzner-box/password".path}"; config.sops.secrets."${pathPrefix}/repos/hetzner-box/password".path
}";
doInit = true; doInit = true;
repo = "ssh://${hetzner-boxes-user}@${hetzner-boxes-server}:23/./borg/desktop/ni"; repo =
"ssh://${hetzner-boxes-user}@${hetzner-boxes-server}:23/./borg/desktop/ni";
startAt = "04:30"; startAt = "04:30";
environment.BORG_RSH = "ssh -i ${config.sops.secrets."${pathPrefix}/repos/hetzner-box/ssh-key".path}"; environment.BORG_RSH = "ssh -i ${
config.sops.secrets."${pathPrefix}/repos/hetzner-box/ssh-key".path
}";
}; };
}; };
}; };

3
configs/nixos/ni/modules/services/dns-server/default.nix
View File

@ -3,8 +3,7 @@
let let
hostCfg = config.hosts.ni; hostCfg = config.hosts.ni;
cfg = hostCfg.services.dns-server; cfg = hostCfg.services.dns-server;
in in {
{
options.hosts.ni.services.dns-server.enable = options.hosts.ni.services.dns-server.enable =
lib.mkEnableOption "preferred DNS server"; lib.mkEnableOption "preferred DNS server";

339
configs/nixos/ni/modules/services/download-media/default.nix
View File

@ -11,197 +11,202 @@ let
newgrounds = name: "https://${name}.newgrounds.com"; newgrounds = name: "https://${name}.newgrounds.com";
pathPrefix = "download-media"; pathPrefix = "download-media";
in in {
{
options.hosts.ni.services.download-media.enable = options.hosts.ni.services.download-media.enable =
lib.mkEnableOption "automated multimedia download services"; lib.mkEnableOption "automated multimedia download services";
config = lib.mkIf cfg.enable ( config = lib.mkIf cfg.enable (let
let ytdlpArgs = [
ytdlpArgs = [ # No overwriting of videos and related files.
# No overwriting of videos and related files. "--no-force-overwrites"
"--no-force-overwrites"
# Embed metadata in the file. # Embed metadata in the file.
"--write-info-json" "--write-info-json"
# Embed chapter markers, if possible. # Embed chapter markers, if possible.
"--embed-chapters" "--embed-chapters"
# Write the subtitle file with the preferred languages. # Write the subtitle file with the preferred languages.
"--write-subs" "--write-subs"
"--sub-langs" "en.*,ja,ko,zh.*,fr,pt.*" "--sub-langs"
"en.*,ja,ko,zh.*,fr,pt.*"
# Write the description in a separate file. # Write the description in a separate file.
"--write-description" "--write-description"
# The global output for all of the jobs. # The global output for all of the jobs.
"--output" "--output"
"%(uploader,artist,creator|Unknown)s/%(release_date>%F,upload_date>%F|Unknown)s-%(title)s.%(ext)s" "%(uploader,artist,creator|Unknown)s/%(release_date>%F,upload_date>%F|Unknown)s-%(title)s.%(ext)s"
# Select only the most optimal format for my usecases. # Select only the most optimal format for my usecases.
"--format" "--format"
"(webm,mkv,mp4)[height<=?1280]" "(webm,mkv,mp4)[height<=?1280]"
# Prefer MKV whenever possible for video formats. # Prefer MKV whenever possible for video formats.
"--merge-output-format" "mkv" "--merge-output-format"
"mkv"
# Don't download any videos that are originally live streams. # Don't download any videos that are originally live streams.
"--match-filters" "!was_live" "--match-filters"
"!was_live"
"--audio-quality" "1" "--audio-quality"
"1"
# Not much error since it will always fail. # Not much error since it will always fail.
"--no-abort-on-error" "--no-abort-on-error"
"--ignore-errors" "--ignore-errors"
"--ignore-no-formats-error" "--ignore-no-formats-error"
];
galleryDlArgs = [
# Write metadata to separate JSON files.
"--write-metadata"
# The config file that contains the secrets for various services.
# We're putting as a separate config file instead of configuring it
# in the service properly since secrets decrypted by sops-nix cannot
# be read in Nix.
];
# Given an attribute set of jobs that contains a list of objects with
# their names and URL, create an attrset suitable for declaring the
# archiving jobs of several services for `services.yt-dlp`,
# `services.gallery-dl`, and `services.archivebox`.
mkJobs = { extraArgs ? [ ], db }:
let
days = [
"Monday"
"Tuesday"
"Wednesday"
"Thursday"
"Friday"
"Saturday"
"Sunday"
];
categories = lib.zipListsWith (index: category: {
inherit index;
data = category;
}) (lib.lists.range 1 (lib.length (lib.attrValues db)))
(lib.mapAttrsToList (name: value: {
inherit name;
inherit (value) subscriptions extraArgs;
}) db);
jobsList = builtins.map (category:
let jobExtraArgs = lib.attrByPath [ "data" "extraArgs" ] [ ] category;
in {
name = category.data.name;
value = {
extraArgs = extraArgs ++ jobExtraArgs;
urls = builtins.map (subscription: subscription.url)
category.data.subscriptions;
startAt =
lib.elemAt days (lib.mod category.index (lib.length days));
};
}) categories;
in lib.listToAttrs jobsList;
in {
suites.filesystem.setups.archive.enable = true;
services.yt-dlp = {
enable = true;
downloadPath = "${mountName}/yt-dlp-service";
# This is applied on all jobs. It is best to be minimal as much as
# possible for this.
extraArgs = ytdlpArgs ++ [
# Make a global list of successfully downloaded videos as a cache for yt-dlp.
"--download-archive"
"videos"
]; ];
galleryDlArgs = [ jobs = mkJobs {
# Write metadata to separate JSON files. extraArgs = [ "--playlist-end" "20" ];
"--write-metadata" db = lib.importJSON ./data/jobs.yt-dlp.json;
};
};
# The config file that contains the secrets for various services. services.archivebox = {
# We're putting as a separate config file instead of configuring it enable = true;
# in the service properly since secrets decrypted by sops-nix cannot webserver.enable = true;
# be read in Nix.
jobs = mkJobs { db = lib.importJSON ./data/jobs.archivebox.json; } // {
computer = {
urls = [
"https://blog.mozilla.org/en/feed/"
"https://distill.pub/rss.xml"
"https://drewdevault.com/blog/index.xml"
"https://fasterthanli.me/index.xml"
"https://jvns.ca/atom.xml"
"https://www.bytelab.codes/rss/"
"https://www.collabora.com/feed"
"https://www.jntrnr.com/atom.xml"
"https://yosoygames.com.ar/wp/?feed=rss"
"https://simblob.blogspot.com/feeds/posts/default"
];
startAt = "weekly";
};
};
};
services.gallery-dl = {
enable = true;
downloadPath = "${mountName}/gallery-dl-service";
extraArgs = galleryDlArgs ++ [
# Record all downloaded files in an archive file.
"--download-archive"
"${config.services.gallery-dl.downloadPath}/photos"
]; ];
# Given an attribute set of jobs that contains a list of objects with settings.extractor = { filename = "{date:%F}-{title}.{extension}"; };
# their names and URL, create an attrset suitable for declaring the
# archiving jobs of several services for `services.yt-dlp`,
# `services.gallery-dl`, and `services.archivebox`.
mkJobs = { extraArgs ? [ ], db }:
let
days = [ "Monday" "Tuesday" "Wednesday" "Thursday" "Friday" "Saturday" "Sunday" ];
categories = lib.zipListsWith
(index: category: { inherit index; data = category; })
(lib.lists.range 1 (lib.length (lib.attrValues db)))
(lib.mapAttrsToList (name: value: { inherit name; inherit (value) subscriptions extraArgs; }) db);
jobsList = builtins.map
(category:
let
jobExtraArgs = lib.attrByPath [ "data" "extraArgs" ] [ ] category;
in
{
name = category.data.name;
value = {
extraArgs = extraArgs ++ jobExtraArgs;
urls = builtins.map (subscription: subscription.url) category.data.subscriptions;
startAt = lib.elemAt days (lib.mod category.index (lib.length days));
};
})
categories;
in
lib.listToAttrs jobsList;
in
{
suites.filesystem.setups.archive.enable = true;
services.yt-dlp = { jobs = {
enable = true; arts = {
downloadPath = "${mountName}/yt-dlp-service"; urls = [
(deviantArt "xezeno") # Xezeno
# This is applied on all jobs. It is best to be minimal as much as (deviantArt "jenzee") # JenZee
# possible for this. (deviantArt "silverponteo") # hurrakka
extraArgs = ytdlpArgs ++ [ #"https://www.pixiv.net/en/users/60562229" # Ravioli
# Make a global list of successfully downloaded videos as a cache for yt-dlp. (artStation "dominikmayerart") # Dominik Mayer
"--download-archive" "videos" (artStation "archiewhitehead") # Archie Whitehead
]; (artStation "kuvshinov_ilya") # Ilya Kuvshinov
(artStation "meiipng") # Meiiart
jobs = mkJobs { (artStation "bassem_wageeh") # Bassem wageeh
extraArgs = [ "--playlist-end" "20" ]; (artStation "ocellusart") # Ocellus
db = lib.importJSON ./data/jobs.yt-dlp.json; (artStation "jordanparrin") # Jordan Parrin
(artStation "blazporenta") # Blaz Porenta
(artStation "an_na") # Anya Mozharovska
(artStation "dllxtt") # Mykhail Klymenko
(artStation "nicwilliams") # Nic Williams
(artStation "aaconcept") # Andrew An
(artStation "aliena85") # Mandy Jurgens
(artStation "666kart") # Kan Liu
(artStation "angryangryasian") # David Liu
(artStation "mikedilonardo") # Michael Di Lonardo
(artStation "karlschecht") # Karl Schecht
(artStation "12oyraj") # Royraj Vichaidit
(artStation "jcru3d") # Jan Cruz
(artStation "wookun") # Sangtaek Woo
(newgrounds "hyperjerk") # HyperJerk
];
startAt = "weekly";
}; };
}; };
};
services.archivebox = { wrapper-manager.packages.download-media-variants = {
enable = true; wrappers."yt-dlp-${pathPrefix}" = {
webserver.enable = true; arg0 = lib.getExe' config.services.yt-dlp.package "yt-dlp";
prependArgs = ytdlpArgs;
jobs = mkJobs
{
db = lib.importJSON ./data/jobs.archivebox.json;
} // {
computer = {
urls = [
"https://blog.mozilla.org/en/feed/"
"https://distill.pub/rss.xml"
"https://drewdevault.com/blog/index.xml"
"https://fasterthanli.me/index.xml"
"https://jvns.ca/atom.xml"
"https://www.bytelab.codes/rss/"
"https://www.collabora.com/feed"
"https://www.jntrnr.com/atom.xml"
"https://yosoygames.com.ar/wp/?feed=rss"
"https://simblob.blogspot.com/feeds/posts/default"
];
startAt = "weekly";
};
};
}; };
services.gallery-dl = { wrappers."gallery-dl-${pathPrefix}" = {
enable = true; arg0 = lib.getExe' config.services.gallery-dl.package "gallery-dl";
downloadPath = "${mountName}/gallery-dl-service"; prependArgs = galleryDlArgs;
extraArgs = galleryDlArgs ++ [
# Record all downloaded files in an archive file.
"--download-archive"
"${config.services.gallery-dl.downloadPath}/photos"
];
settings.extractor = {
filename = "{date:%F}-{title}.{extension}";
};
jobs = {
arts = {
urls = [
(deviantArt "xezeno") # Xezeno
(deviantArt "jenzee") # JenZee
(deviantArt "silverponteo") # hurrakka
#"https://www.pixiv.net/en/users/60562229" # Ravioli
(artStation "dominikmayerart") # Dominik Mayer
(artStation "archiewhitehead") # Archie Whitehead
(artStation "kuvshinov_ilya") # Ilya Kuvshinov
(artStation "meiipng") # Meiiart
(artStation "bassem_wageeh") # Bassem wageeh
(artStation "ocellusart") # Ocellus
(artStation "jordanparrin") # Jordan Parrin
(artStation "blazporenta") # Blaz Porenta
(artStation "an_na") # Anya Mozharovska
(artStation "dllxtt") # Mykhail Klymenko
(artStation "nicwilliams") # Nic Williams
(artStation "aaconcept") # Andrew An
(artStation "aliena85") # Mandy Jurgens
(artStation "666kart") # Kan Liu
(artStation "angryangryasian") # David Liu
(artStation "mikedilonardo") # Michael Di Lonardo
(artStation "karlschecht") # Karl Schecht
(artStation "12oyraj") # Royraj Vichaidit
(artStation "jcru3d") # Jan Cruz
(artStation "wookun") # Sangtaek Woo
(newgrounds "hyperjerk") # HyperJerk
];
startAt = "weekly";
};
};
}; };
};
wrapper-manager.packages.download-media-variants = { environment.systemPackages = with pkgs; [ archivebox ];
wrappers."yt-dlp-${pathPrefix}" = { });
arg0 = lib.getExe' config.services.yt-dlp.package "yt-dlp";
prependArgs = ytdlpArgs;
};
wrappers."gallery-dl-${pathPrefix}" = {
arg0 = lib.getExe' config.services.gallery-dl.package "gallery-dl";
prependArgs = galleryDlArgs;
};
};
environment.systemPackages = with pkgs; [ archivebox ];
}
);
} }

10
configs/nixos/ni/modules/services/mail-archive.nix
View File

@ -17,8 +17,7 @@ let
newsgroup = "inbox.comp.systemd.devel"; newsgroup = "inbox.comp.systemd.devel";
}; };
}; };
in in {
{
options.hosts.ni.services.mail-archive.enable = options.hosts.ni.services.mail-archive.enable =
lib.mkEnableOption "preferred mail archiving service"; lib.mkEnableOption "preferred mail archiving service";
@ -30,9 +29,7 @@ in
http = { http = {
enable = true; enable = true;
port = "/run/public-inbox-http.sock"; port = "/run/public-inbox-http.sock";
mounts = [ mounts = [ "https://mail.ni.internal/inbox" ];
"https://mail.ni.internal/inbox"
];
}; };
imap.enable = true; imap.enable = true;
nntp.enable = true; nntp.enable = true;
@ -54,7 +51,8 @@ in
services.nginx.virtualHosts."mail.ni.internal" = { services.nginx.virtualHosts."mail.ni.internal" = {
locations."/".return = "302 /inbox"; locations."/".return = "302 /inbox";
locations."= /inbox".return = "302 /inbox/"; locations."= /inbox".return = "302 /inbox/";
locations."/inbox".proxyPass = "http://unix:${config.services.public-inbox.http.port}:/inbox"; locations."/inbox".proxyPass =
"http://unix:${config.services.public-inbox.http.port}:/inbox";
locations."= /style/light.css".alias = pkgs.writeText "light.css" '' locations."= /style/light.css".alias = pkgs.writeText "light.css" ''
* { background:#fff; color:#000 } * { background:#fff; color:#000 }

8
configs/nixos/ni/modules/services/monitoring.nix
View File

@ -3,8 +3,7 @@
let let
hostCfg = config.hosts.ni; hostCfg = config.hosts.ni;
cfg = hostCfg.services.monitoring; cfg = hostCfg.services.monitoring;
in in {
{
options.hosts.ni.services.monitoring.enable = options.hosts.ni.services.monitoring.enable =
lib.mkEnableOption "enable local desktop monitoring service"; lib.mkEnableOption "enable local desktop monitoring service";
@ -13,9 +12,8 @@ in
services.grafana.enable = true; services.grafana.enable = true;
services.grafana.declarativePlugins = with pkgs.grafanaPlugins; [ services.grafana.declarativePlugins = with pkgs.grafanaPlugins;
grafana-piechart-panel [ grafana-piechart-panel ];
];
services.grafana.settings = { services.grafana.settings = {
database.type = "sqlite3"; database.type = "sqlite3";

57
configs/nixos/ni/modules/services/penpot/default.nix
View File

@ -5,15 +5,12 @@ let
cfg = hostCfg.services.penpot; cfg = hostCfg.services.penpot;
port = builtins.toString config.state.ports.penpot-frontend.value; port = builtins.toString config.state.ports.penpot-frontend.value;
in in {
{
options.hosts.ni.services.penpot.enable = options.hosts.ni.services.penpot.enable =
lib.mkEnableOption "self-hosted Penpot design tool"; lib.mkEnableOption "self-hosted Penpot design tool";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
state.ports = { state.ports = { penpot-frontend.value = 9001; };
penpot-frontend.value = 9001;
};
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml { sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml {
"penpot/env" = { }; "penpot/env" = { };
@ -26,17 +23,10 @@ in
virtualisation.oci-containers.containers.penpot-frontend = { virtualisation.oci-containers.containers.penpot-frontend = {
image = "docker.io/penpotapp/frontend:latest"; image = "docker.io/penpotapp/frontend:latest";
dependsOn = [ dependsOn = [ "penpot-backend" "penpot-exporter" ];
"penpot-backend"
"penpot-exporter"
];
ports = lib.singleton "127.0.0.1:${port}:${port}"; ports = lib.singleton "127.0.0.1:${port}:${port}";
extraOptions = [ extraOptions = [ "--network=penpot" ];
"--network=penpot" volumes = [ "penpot_assets:/opt/data/assets" ];
];
volumes = [
"penpot_assets:/opt/data/assets"
];
environment.PENPOT_FLAGS = lib.concatStringsSep " " [ environment.PENPOT_FLAGS = lib.concatStringsSep " " [
"enable-login-with-password" "enable-login-with-password"
"enable-webhooks" "enable-webhooks"
@ -48,19 +38,10 @@ in
virtualisation.oci-containers.containers.penpot-backend = { virtualisation.oci-containers.containers.penpot-backend = {
image = "docker.io/penpotapp/backend:latest"; image = "docker.io/penpotapp/backend:latest";
volumes = [ volumes = [ "penpot_assets:/opt/data/assets" ];
"penpot_assets:/opt/data/assets" extraOptions = [ "--network=penpot" ];
]; dependsOn = [ "penpot-postgres" "penpot-redis" ];
extraOptions = [ environmentFiles = [ config.sops.secrets."penpot/env".path ];
"--network=penpot"
];
dependsOn = [
"penpot-postgres"
"penpot-redis"
];
environmentFiles = [
config.sops.secrets."penpot/env".path
];
environment = { environment = {
PENPOT_FLAGS = lib.concatStringsSep " " [ PENPOT_FLAGS = lib.concatStringsSep " " [
"enable-registration" "enable-registration"
@ -77,9 +58,7 @@ in
virtualisation.oci-containers.containers.penpot-exporter = { virtualisation.oci-containers.containers.penpot-exporter = {
image = "docker.io/penpotapp/exporter:latest"; image = "docker.io/penpotapp/exporter:latest";
extraOptions = [ extraOptions = [ "--network=penpot" ];
"--network=penpot"
];
environment = { environment = {
PENPOT_PUBLIC_URI = "http://penpot-frontend"; PENPOT_PUBLIC_URI = "http://penpot-frontend";
PENPOT_REDIS_URI = "redis://penpot-redis/0"; PENPOT_REDIS_URI = "redis://penpot-redis/0";
@ -88,24 +67,16 @@ in
virtualisation.oci-containers.containers.penpot-redis = { virtualisation.oci-containers.containers.penpot-redis = {
image = "docker.io/redis:7"; image = "docker.io/redis:7";
extraOptions = [ extraOptions = [ "--network=penpot" ];
"--network=penpot"
];
}; };
virtualisation.oci-containers.containers.penpot-postgres = { virtualisation.oci-containers.containers.penpot-postgres = {
image = "docker.io/postgres:15"; image = "docker.io/postgres:15";
volumes = [ volumes = [ "penpot_postgres_v15:/var/lib/postgresql/data" ];
"penpot_postgres_v15:/var/lib/postgresql/data"
];
extraOptions = [ "--network=penpot" ]; extraOptions = [ "--network=penpot" ];
environmentFiles = [ environmentFiles = [ config.sops.secrets."penpot/postgres_env".path ];
config.sops.secrets."penpot/postgres_env".path
];
environment = { environment = {
POSTGRES_INITDB_ARGS = lib.concatStringsSep " " [ POSTGRES_INITDB_ARGS = lib.concatStringsSep " " [ "--data-checksums" ];
"--data-checksums"
];
POSTGRES_DB = "penpot"; POSTGRES_DB = "penpot";
}; };
}; };

3
configs/nixos/ni/modules/services/reverse-proxy.nix
View File

@ -4,8 +4,7 @@
let let
hostCfg = config.hosts.ni; hostCfg = config.hosts.ni;
cfg = hostCfg.services.reverse-proxy; cfg = hostCfg.services.reverse-proxy;
in in {
{
options.hosts.ni.services.reverse-proxy.enable = options.hosts.ni.services.reverse-proxy.enable =
lib.mkEnableOption "private-use reverse proxy setup"; lib.mkEnableOption "private-use reverse proxy setup";

8
configs/nixos/ni/modules/services/rss-reader/default.nix
View File

@ -5,14 +5,13 @@ let
cfg = hostCfg.services.rss-reader; cfg = hostCfg.services.rss-reader;
port = config.state.ports.miniflux.value; port = config.state.ports.miniflux.value;
in in {
{
options.hosts.ni.services.rss-reader.enable = options.hosts.ni.services.rss-reader.enable =
lib.mkEnableOption "preferred RSS reader service"; lib.mkEnableOption "preferred RSS reader service";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml { sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml {
"miniflux/admin" = {}; "miniflux/admin" = { };
}; };
state.ports.miniflux.value = 9640; state.ports.miniflux.value = 9640;
@ -35,7 +34,8 @@ in
wrapper-manager.packages.miniflux-helper = { wrapper-manager.packages.miniflux-helper = {
wrappers.miniflux-helper = { wrappers.miniflux-helper = {
arg0 = lib.getExe' config.services.miniflux.package "miniflux"; arg0 = lib.getExe' config.services.miniflux.package "miniflux";
env = lib.mapAttrs (_: value: { value = builtins.toString value; }) config.services.miniflux.config; env = lib.mapAttrs (_: value: { value = builtins.toString value; })
config.services.miniflux.config;
}; };
}; };
}; };

6
configs/nixos/ni/modules/setups/desktop.nix
View File

@ -5,9 +5,9 @@ let
cfg = hostCfg.setups.desktop; cfg = hostCfg.setups.desktop;
hasAnyWorkflowEnabled = workflows: hasAnyWorkflowEnabled = workflows:
lib.lists.any (workflow: lib.elem workflow config.workflows.enable) workflows; lib.lists.any (workflow: lib.elem workflow config.workflows.enable)
in workflows;
{ in {
options.hosts.ni.setups.desktop.enable = options.hosts.ni.setups.desktop.enable =
lib.mkEnableOption "desktop environment setup"; lib.mkEnableOption "desktop environment setup";

25
configs/nixos/ni/modules/setups/development.nix
View File

@ -3,8 +3,7 @@
let let
hostCfg = config.hosts.ni; hostCfg = config.hosts.ni;
cfg = hostCfg.setups.development; cfg = hostCfg.setups.development;
in in {
{
options.hosts.ni.setups.development.enable = options.hosts.ni.setups.development.enable =
lib.mkEnableOption "software development setup"; lib.mkEnableOption "software development setup";
@ -33,15 +32,14 @@ in
logDriver = "journald"; logDriver = "journald";
}; };
environment.systemPackages = with pkgs; environment.systemPackages = with pkgs; [
[ # For debugging build environments in Nix packages.
# For debugging build environments in Nix packages. cntr
cntr
devpod-desktop devpod-desktop
freecad freecad
]; ];
# Enable the terminal emulator of choice. # Enable the terminal emulator of choice.
programs.wezterm.enable = true; programs.wezterm.enable = true;
@ -60,10 +58,7 @@ in
}; };
# Adding a bunch of emulated systems for cross-system building. # Adding a bunch of emulated systems for cross-system building.
boot.binfmt.emulatedSystems = [ boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ];
"aarch64-linux"
"riscv64-linux"
];
} }
(lib.mkIf config.suites.dev.containers.enable { (lib.mkIf config.suites.dev.containers.enable {
@ -72,9 +67,7 @@ in
services.cockpit = { services.cockpit = {
enable = true; enable = true;
port = config.state.ports.cockpit.value; port = config.state.ports.cockpit.value;
settings = { settings = { WebService.AllowUnencrypted = true; };
WebService.AllowUnencrypted = true;
};
}; };
# Setting up a single-node k3s cluster for learning purposes. # Setting up a single-node k3s cluster for learning purposes.

13
configs/nixos/ni/modules/setups/gaming.nix
View File

@ -3,10 +3,8 @@
let let
hostCfg = config.hosts.ni; hostCfg = config.hosts.ni;
cfg = hostCfg.setups.gaming; cfg = hostCfg.setups.gaming;
in in {
{ options.hosts.ni.setups.gaming.enable = lib.mkEnableOption "gaming setup";
options.hosts.ni.setups.gaming.enable =
lib.mkEnableOption "gaming setup";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# Bring all of the goodies. # Bring all of the goodies.
@ -16,12 +14,7 @@ in
retro-computing.enable = true; retro-computing.enable = true;
}; };
programs.retroarch.cores = with pkgs.libretro; [ programs.retroarch.cores = with pkgs.libretro; [ pcsx2 dolphin citra mame ];
pcsx2
dolphin
citra
mame
];
# Bring more of them games. # Bring more of them games.
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

18
configs/nixos/ni/modules/setups/music.nix
View File

@ -3,8 +3,7 @@
let let
hostCfg = config.hosts.ni; hostCfg = config.hosts.ni;
cfg = hostCfg.setups.music; cfg = hostCfg.setups.music;
in in {
{
options.hosts.ni.setups.music.enable = options.hosts.ni.setups.music.enable =
lib.mkEnableOption "music streaming and organizing setup"; lib.mkEnableOption "music streaming and organizing setup";
@ -29,7 +28,8 @@ in
}; };
uxplay = { uxplay = {
value = 10001; value = 10001;
openFirewall = true; }; openFirewall = true;
};
uxplayClients = { uxplayClients = {
value = foodogsquaredLib.nixos.makeRange' uxplay.value 10; value = foodogsquaredLib.nixos.makeRange' uxplay.value 10;
openFirewall = true; openFirewall = true;
@ -40,12 +40,10 @@ in
services.gonic = { services.gonic = {
enable = true; enable = true;
settings = rec { settings = rec {
listen-addr = "localhost:${builtins.toString config.state.ports.gonic.value}"; listen-addr =
"localhost:${builtins.toString config.state.ports.gonic.value}";
cache-path = "${config.state.paths.cacheDir}/gonic"; cache-path = "${config.state.paths.cacheDir}/gonic";
music-path = music-path = [ "/srv/Music" ];
[
"/srv/Music"
];
podcast-path = "${cache-path}/podcasts"; podcast-path = "${cache-path}/podcasts";
playlists-path = "${cache-path}/playlists"; playlists-path = "${cache-path}/playlists";
@ -102,9 +100,7 @@ in
airplay = { airplay = {
type = "airplay"; type = "airplay";
location = lib.getExe' pkgs.shairport-sync "shairport-sync"; location = lib.getExe' pkgs.shairport-sync "shairport-sync";
query = { query = { devicename = "Snapcast"; };
devicename = "Snapcast";
};
}; };
spotify = { spotify = {

3
configs/nixos/plover/default.nix
View File

@ -39,7 +39,8 @@
}; };
# Overriding the kernel version for ourselves. # Overriding the kernel version for ourselves.
boot.kernelPackages = lib.mkOverride 500 pkgs.linuxKernel.packages.linux_6_11_hardened; boot.kernelPackages =
lib.mkOverride 500 pkgs.linuxKernel.packages.linux_6_11_hardened;
# We're using our own VPN configuration for this one. # We're using our own VPN configuration for this one.
suites.vpn.personal.enable = true; suites.vpn.personal.enable = true;

2
configs/nixos/plover/files/gitea/versions.tf
View File

@ -1,7 +1,7 @@
terraform { terraform {
required_providers { required_providers {
gitea = { gitea = {
source = "go-gitea/gitea" source = "go-gitea/gitea"
version = "0.5.1" version = "0.5.1"
} }
} }

6
configs/nixos/plover/modules/hardware/networks.nix
View File

@ -1,10 +1,8 @@
# It just contains a set of network-related variables mainly used for # It just contains a set of network-related variables mainly used for
# network-related services. Make sure to change this every time you migrate to # network-related services. Make sure to change this every time you migrate to
# a new server. # a new server.
let let inherit (builtins) toString;
inherit (builtins) toString; in rec {
in
rec {
# This is expected to be /48 block (i.e., `fc00:b0de:5685::/48`). # This is expected to be /48 block (i.e., `fc00:b0de:5685::/48`).
# The thing is generated using a ULA generator. # The thing is generated using a ULA generator.
privateIPv6Prefix = "fd89:c181:8016"; privateIPv6Prefix = "fd89:c181:8016";

10
configs/nixos/plover/modules/profiles/hetzner-cloud-cx22.nix
View File

@ -1,9 +1,7 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
(modulesPath + "/profiles/qemu-guest.nix")
];
# Hetzner can only support non-UEFI bootloader (or at least it doesn't with # Hetzner can only support non-UEFI bootloader (or at least it doesn't with
# systemd-boot). # systemd-boot).
@ -13,12 +11,14 @@
efiInstallAsRemovable = true; efiInstallAsRemovable = true;
}; };
boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sd_mod" "sr_mod" ]; boot.initrd.availableKernelModules =
[ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "nvme" ]; boot.initrd.kernelModules = [ "nvme" ];
zramSwap.enable = true; zramSwap.enable = true;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
systemd.services.qemu-guest-agent.path = [ pkgs.shadow ]; systemd.services.qemu-guest-agent.path = [ pkgs.shadow ];

3
configs/nixos/plover/modules/services/atuin.nix
View File

@ -11,8 +11,7 @@ let
atuinInternalDomain = "atuin.${config.networking.fqdn}"; atuinInternalDomain = "atuin.${config.networking.fqdn}";
host = interfaces.lan.IPv4.address; host = interfaces.lan.IPv4.address;
in in {
{
options.hosts.plover.services.atuin.enable = options.hosts.plover.services.atuin.enable =
lib.mkEnableOption "Atuin sync server setup"; lib.mkEnableOption "Atuin sync server setup";

85
configs/nixos/plover/modules/services/backup.nix
View File

@ -7,63 +7,64 @@ let
# The head of the Borgbase hostname. # The head of the Borgbase hostname.
hetzner-boxes-user = "u332477"; hetzner-boxes-user = "u332477";
hetzner-boxes-server = "${hetzner-boxes-user}.your-storagebox.de"; hetzner-boxes-server = "${hetzner-boxes-user}.your-storagebox.de";
borgRepo = path: "ssh://${hetzner-boxes-user}@${hetzner-boxes-server}:23/./borg/plover/${path}"; borgRepo = path:
"ssh://${hetzner-boxes-user}@${hetzner-boxes-server}:23/./borg/plover/${path}";
jobCommonSettings = { patternFiles ? [ ], patterns ? [ ], paths ? [ ], repo, passCommand }: { jobCommonSettings =
inherit paths repo; { patternFiles ? [ ], patterns ? [ ], paths ? [ ], repo, passCommand }: {
compression = "zstd,11"; inherit paths repo;
dateFormat = "+%F-%H-%M-%S-%z"; compression = "zstd,11";
doInit = true; dateFormat = "+%F-%H-%M-%S-%z";
encryption = { doInit = true;
inherit passCommand; encryption = {
mode = "repokey-blake2"; inherit passCommand;
}; mode = "repokey-blake2";
extraCreateArgs = };
let extraCreateArgs = let
args = lib.flatten [ args = lib.flatten [
(builtins.map (builtins.map
(patternFile: "--patterns-from ${lib.escapeShellArg patternFile}") (patternFile: "--patterns-from ${lib.escapeShellArg patternFile}")
patternFiles) patternFiles)
(builtins.map (builtins.map (pattern: "--pattern ${lib.escapeShellArg pattern}")
(pattern: "--pattern ${lib.escapeShellArg pattern}")
patterns) patterns)
]; ];
in in lib.concatStringsSep " " args;
lib.concatStringsSep " " args; extraInitArgs = "--make-parent-dirs";
extraInitArgs = "--make-parent-dirs"; persistentTimer = true;
persistentTimer = true; preHook = ''
preHook = '' extraCreateArgs="$extraCreateArgs --stats"
extraCreateArgs="$extraCreateArgs --stats" '';
''; prune.keep = {
prune.keep = { weekly = 4;
weekly = 4; monthly = 12;
monthly = 12; yearly = 6;
yearly = 6; };
startAt = "monthly";
environment.BORG_RSH = "ssh -i ${config.sops.secrets."ssh-key".path}";
}; };
startAt = "monthly"; in {
environment.BORG_RSH = "ssh -i ${config.sops.secrets."ssh-key".path}";
};
in
{
options.hosts.plover.services.backup.enable = options.hosts.plover.services.backup.enable =
lib.mkEnableOption "backup service"; lib.mkEnableOption "backup service";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ../../secrets/secrets.yaml { sops.secrets =
"borg/repos/services/password" = { }; foodogsquaredLib.sops-nix.getSecrets ../../secrets/secrets.yaml {
}; "borg/repos/services/password" = { };
};
services.borgbackup.jobs = { services.borgbackup.jobs = {
# Backups for various services. # Backups for various services.
services-backup = jobCommonSettings services-backup = jobCommonSettings {
{ paths = [
paths = [ # ACME accounts and TLS certificates
# ACME accounts and TLS certificates "/var/lib/acme"
"/var/lib/acme" ];
]; repo = borgRepo "services";
repo = borgRepo "services"; passCommand =
passCommand = "cat ${config.sops.secrets."borg/repos/services/password".path}"; "cat ${config.sops.secrets."borg/repos/services/password".path}";
} // { startAt = "daily"; }; } // {
startAt = "daily";
};
}; };
programs.ssh.extraConfig = '' programs.ssh.extraConfig = ''

3
configs/nixos/plover/modules/services/crowdsec.nix
View File

@ -3,8 +3,7 @@
let let
hostCfg = config.hosts.plover; hostCfg = config.hosts.plover;
cfg = hostCfg.services.crowdsec; cfg = hostCfg.services.crowdsec;
in in {
{
options.hosts.plover.services.crowdsec.enable = options.hosts.plover.services.crowdsec.enable =
lib.mkEnableOption "Crowdsec service"; lib.mkEnableOption "Crowdsec service";

31
configs/nixos/plover/modules/services/database.nix
View File

@ -7,8 +7,7 @@ let
cfg = hostCfg.services.database; cfg = hostCfg.services.database;
postgresqlDomain = "postgres.${config.networking.domain}"; postgresqlDomain = "postgres.${config.networking.domain}";
in in {
{
options.hosts.plover.services.database.enable = options.hosts.plover.services.database.enable =
lib.mkEnableOption "preferred service SQL database"; lib.mkEnableOption "preferred service SQL database";
@ -22,10 +21,8 @@ in
enableTCPIP = true; enableTCPIP = true;
settings = settings =
let let credsDir = path: "/run/credentials/postgresql.service/${path}";
credsDir = path: "/run/credentials/postgresql.service/${path}"; in {
in
{
port = config.state.ports.postgresql.value; port = config.state.ports.postgresql.value;
# Still doing the secure schema usage pattern. # Still doing the secure schema usage pattern.
@ -50,16 +47,15 @@ in
# Setting this up for TLS. # Setting this up for TLS.
systemd.services.postgresql = { systemd.services.postgresql = {
requires = [ "acme-finished-${postgresqlDomain}.target" ]; requires = [ "acme-finished-${postgresqlDomain}.target" ];
serviceConfig.LoadCredential = serviceConfig.LoadCredential = let
let certDirectory =
certDirectory = config.security.acme.certs."${postgresqlDomain}".directory; config.security.acme.certs."${postgresqlDomain}".directory;
certCredentialPath = path: "${path}:${certDirectory}/${path}"; certCredentialPath = path: "${path}:${certDirectory}/${path}";
in in [
[ (certCredentialPath "cert.pem")
(certCredentialPath "cert.pem") (certCredentialPath "key.pem")
(certCredentialPath "key.pem") (certCredentialPath "fullchain.pem")
(certCredentialPath "fullchain.pem") ];
];
}; };
security.acme.certs."${postgresqlDomain}".postRun = '' security.acme.certs."${postgresqlDomain}".postRun = ''
@ -69,7 +65,8 @@ in
(lib.mkIf hostCfg.services.backup.enable { (lib.mkIf hostCfg.services.backup.enable {
# Add the dumps to be backed up. # Add the dumps to be backed up.
services.borgbackup.jobs.services-backup.paths = [ config.services.postgresqlBackup.location ]; services.borgbackup.jobs.services-backup.paths =
[ config.services.postgresqlBackup.location ];
}) })
]); ]);
} }

292
configs/nixos/plover/modules/services/dns-server/default.nix
View File

@ -26,8 +26,7 @@ let
}; };
dnsSubdomain = "ns1.${domain}"; dnsSubdomain = "ns1.${domain}";
in in {
{
options.hosts.plover.services.dns-server.enable = options.hosts.plover.services.dns-server.enable =
lib.mkEnableOption "preferred DNS server"; lib.mkEnableOption "preferred DNS server";
@ -39,19 +38,17 @@ in
dnsOverTLS.value = 853; dnsOverTLS.value = 853;
}; };
sops.secrets = sops.secrets = let
let dnsFileAttribute = {
dnsFileAttribute = { owner = config.users.users.named.name;
owner = config.users.users.named.name; group = config.users.users.named.group;
group = config.users.users.named.group; mode = "0400";
mode = "0400";
};
in
foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml {
"dns/${domain}/rfc2136-key" = dnsFileAttribute // {
reloadUnits = [ "bind.service" ];
};
}; };
in foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml {
"dns/${domain}/rfc2136-key" = dnsFileAttribute // {
reloadUnits = [ "bind.service" ];
};
};
# Install the utilities. # Install the utilities.
environment.systemPackages = [ config.services.bind.package ]; environment.systemPackages = [ config.services.bind.package ];
@ -60,137 +57,141 @@ in
enable = true; enable = true;
forward = "first"; forward = "first";
cacheNetworks = [ cacheNetworks = [ "127.0.0.1" "::1" ];
"127.0.0.1"
"::1"
];
listenOn = [ listenOn = [ "127.0.0.1" wan.ipv4 lan.ipv4 ];
"127.0.0.1"
wan.ipv4
lan.ipv4
];
listenOnIpv6 = [ listenOnIpv6 = [ "::1" wan.ipv6 lan.ipv6 ];
"::1"
wan.ipv6
lan.ipv6
];
# Welp, since the template is pretty limited, we'll have to go with our # Welp, since the template is pretty limited, we'll have to go with our
# own. This is partially based from the NixOS Bind module except without # own. This is partially based from the NixOS Bind module except without
# the template for filling in zones since we use views. # the template for filling in zones since we use views.
configFile = configFile = let
let cfg = config.services.bind;
cfg = config.services.bind; certDir = path: "/run/credentials/bind.service/${path}";
certDir = path: "/run/credentials/bind.service/${path}"; listenInterfaces =
listenInterfaces = lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOn; lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOn;
listenInterfacesIpv6 = lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6; listenInterfacesIpv6 =
in lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6;
pkgs.writeText "named.conf" '' in pkgs.writeText "named.conf" ''
include "/etc/bind/rndc.key"; include "/etc/bind/rndc.key";
include "${config.sops.secrets."dns/${domain}/rfc2136-key".path}"; include "${config.sops.secrets."dns/${domain}/rfc2136-key".path}";
controls { controls {
inet 127.0.0.1 allow {localhost;} keys {"rndc-key";}; inet 127.0.0.1 allow {localhost;} keys {"rndc-key";};
};
tls ${dnsSubdomain} {
key-file "${certDir "key.pem"}";
cert-file "${certDir "cert.pem"}";
dhparam-file "${config.security.dhparams.params.bind.path}";
ciphers "HIGH:!kRSA:!aNULL:!eNULL:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!SHA1:!SHA256:!SHA384";
prefer-server-ciphers yes;
session-tickets no;
};
http ${dnsSubdomain} {
endpoints { "/dns-query"; };
};
acl trusted { ${
lib.concatStringsSep "; " [ "10.0.0.0/8" ]
}; localhost; };
acl cachenetworks { ${
lib.concatMapStrings (entry: " ${entry}; ") cfg.cacheNetworks
} };
acl badnetworks { ${
lib.concatMapStrings (entry: " ${entry}; ") cfg.blockedNetworks
} };
options {
# Native DNS.
listen-on { ${listenInterfaces} };
listen-on-v6 { ${listenInterfacesIpv6} };
# DNS-over-TLS.
listen-on tls ${dnsSubdomain} { ${listenInterfaces} };
listen-on-v6 tls ${dnsSubdomain} { ${listenInterfacesIpv6} };
# DNS-over-HTTPS.
tls-port ${builtins.toString config.state.ports.dnsOverTLS.value};
https-port ${
builtins.toString config.state.ports.dnsOverHTTPS.value
};
listen-on tls ${dnsSubdomain} http ${dnsSubdomain} { ${listenInterfaces} };
listen-on-v6 tls ${dnsSubdomain} http ${dnsSubdomain} { ${listenInterfacesIpv6} };
allow-query { cachenetworks; };
blackhole { badnetworks; };
forward ${cfg.forward};
forwarders { ${
lib.concatMapStrings (entry: " ${entry}; ") cfg.forwarders
} };
directory "${cfg.directory}";
pid-file "/run/named/named.pid";
};
view internal {
match-clients { trusted; };
allow-query { any; };
allow-recursion { any; };
// We'll use systemd-resolved as our forwarder.
forwarders { 127.0.0.53 port 53; };
zone "${fqdn}" {
type primary;
file "${getZoneFile fqdn}";
}; };
tls ${dnsSubdomain} { zone "${domain}" {
key-file "${certDir "key.pem"}"; type primary;
cert-file "${certDir "cert.pem"}";
dhparam-file "${config.security.dhparams.params.bind.path}";
ciphers "HIGH:!kRSA:!aNULL:!eNULL:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!SHA1:!SHA256:!SHA384";
prefer-server-ciphers yes;
session-tickets no;
};
http ${dnsSubdomain} { file "${getZoneFile domain}";
endpoints { "/dns-query"; }; allow-transfer { ${
}; lib.concatStringsSep "; "
config.state.network.secondaryNameservers
acl trusted { ${lib.concatStringsSep "; " [ "10.0.0.0/8" ]}; localhost; }; }; };
acl cachenetworks { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.cacheNetworks} }; update-policy {
acl badnetworks { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.blockedNetworks} }; grant rfc2136key.${domain}. zonesub TXT;
options {
# Native DNS.
listen-on { ${listenInterfaces} };
listen-on-v6 { ${listenInterfacesIpv6} };
# DNS-over-TLS.
listen-on tls ${dnsSubdomain} { ${listenInterfaces} };
listen-on-v6 tls ${dnsSubdomain} { ${listenInterfacesIpv6} };
# DNS-over-HTTPS.
tls-port ${builtins.toString config.state.ports.dnsOverTLS.value};
https-port ${builtins.toString config.state.ports.dnsOverHTTPS.value};
listen-on tls ${dnsSubdomain} http ${dnsSubdomain} { ${listenInterfaces} };
listen-on-v6 tls ${dnsSubdomain} http ${dnsSubdomain} { ${listenInterfacesIpv6} };
allow-query { cachenetworks; };
blackhole { badnetworks; };
forward ${cfg.forward};
forwarders { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.forwarders} };
directory "${cfg.directory}";
pid-file "/run/named/named.pid";
};
view internal {
match-clients { trusted; };
allow-query { any; };
allow-recursion { any; };
// We'll use systemd-resolved as our forwarder.
forwarders { 127.0.0.53 port 53; };
zone "${fqdn}" {
type primary;
file "${getZoneFile fqdn}";
};
zone "${domain}" {
type primary;
file "${getZoneFile domain}";
allow-transfer { ${lib.concatStringsSep "; " config.state.network.secondaryNameservers}; };
update-policy {
grant rfc2136key.${domain}. zonesub TXT;
};
}; };
}; };
};
view external { view external {
match-clients { any; }; match-clients { any; };
forwarders { }; forwarders { };
empty-zones-enable yes; empty-zones-enable yes;
allow-query { any; }; allow-query { any; };
allow-recursion { none; }; allow-recursion { none; };
zone "${domain}" { zone "${domain}" {
in-view internal; in-view internal;
};
}; };
};
${cfg.extraConfig} ${cfg.extraConfig}
''; '';
}; };
systemd.services.bind = { systemd.services.bind = {
path = with pkgs; [ replace-secret ]; path = with pkgs; [ replace-secret ];
preStart = preStart = let
let domainZone' = getZoneFile domain;
domainZone' = getZoneFile domain; fqdnZone' = getZoneFile fqdn;
fqdnZone' = getZoneFile fqdn; in lib.mkAfter ''
in # Install the domain zone.
lib.mkAfter '' [ -f ${
# Install the domain zone. lib.escapeShellArg domainZone'
[ -f ${lib.escapeShellArg domainZone'} ] || install -Dm0600 ${zonefile} ${lib.escapeShellArg domainZone'} } ] || install -Dm0600 ${zonefile} ${lib.escapeShellArg domainZone'}
# Install the internal DNS zones. # Install the internal DNS zones.
[ -f ${lib.escapeShellArg fqdnZone'} ] || install -Dm0600 '${fqdnZone}' ${lib.escapeShellArg fqdnZone'} [ -f ${
''; lib.escapeShellArg fqdnZone'
} ] || install -Dm0600 '${fqdnZone}' ${lib.escapeShellArg fqdnZone'}
'';
serviceConfig = { serviceConfig = {
# Additional service hardening. You can see most of the options from # Additional service hardening. You can see most of the options from
@ -200,16 +201,15 @@ in
UMask = "0037"; UMask = "0037";
# Get the credentials into the service. # Get the credentials into the service.
LoadCredential = LoadCredential = let
let certDirectory =
certDirectory = config.security.acme.certs."${dnsSubdomain}".directory; config.security.acme.certs."${dnsSubdomain}".directory;
certCredentialPath = path: "${path}:${certDirectory}/${path}"; certCredentialPath = path: "${path}:${certDirectory}/${path}";
in in [
[ (certCredentialPath "cert.pem")
(certCredentialPath "cert.pem") (certCredentialPath "key.pem")
(certCredentialPath "key.pem") (certCredentialPath "fullchain.pem")
(certCredentialPath "fullchain.pem") ];
];
LogFilterPatterns = [ LogFilterPatterns = [
# systemd-resolved doesn't have DNS cookie support, it seems. # systemd-resolved doesn't have DNS cookie support, it seems.
@ -232,10 +232,7 @@ in
# Make the filesystem invisible to the service. # Make the filesystem invisible to the service.
ProtectSystem = "strict"; ProtectSystem = "strict";
ReadWritePaths = [ ReadWritePaths = [ config.services.bind.directory "/etc/bind" ];
config.services.bind.directory
"/etc/bind"
];
ReadOnlyPaths = [ ReadOnlyPaths = [
config.security.dhparams.params.bind.path config.security.dhparams.params.bind.path
config.security.acme.certs."${dnsSubdomain}".directory config.security.acme.certs."${dnsSubdomain}".directory
@ -262,13 +259,8 @@ in
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
# Restrict what address families can it access. # Restrict what address families can it access.
RestrictAddressFamilies = [ RestrictAddressFamilies =
"AF_LOCAL" [ "AF_LOCAL" "AF_NETLINK" "AF_BRIDGE" "AF_INET" "AF_INET6" ];
"AF_NETLINK"
"AF_BRIDGE"
"AF_INET"
"AF_INET6"
];
# Restricting what namespaces it can create. # Restricting what namespaces it can create.
RestrictNamespaces = true; RestrictNamespaces = true;
@ -284,14 +276,18 @@ in
services.bind.extraConfig = '' services.bind.extraConfig = ''
statistics-channels { statistics-channels {
inet 127.0.0.1 port ${builtins.toString config.state.ports.bindStatistics.value} allow { 127.0.0.1; }; inet 127.0.0.1 port ${
builtins.toString config.state.ports.bindStatistics.value
} allow { 127.0.0.1; };
}; };
''; '';
services.prometheus.exporters = { services.prometheus.exporters = {
bind = { bind = {
enable = true; enable = true;
bindURI = "http://127.0.0.1/${builtins.toString config.state.ports.bindStatistics.value}"; bindURI = "http://127.0.0.1/${
builtins.toString config.state.ports.bindStatistics.value
}";
}; };
}; };
}) })
@ -303,7 +299,9 @@ in
zone dns 64k; zone dns 64k;
''; '';
servers = { servers = {
"127.0.0.1:${builtins.toString config.state.ports.dnsOverHTTPS.value}" = { }; "127.0.0.1:${
builtins.toString config.state.ports.dnsOverHTTPS.value
}" = { };
}; };
}; };

3
configs/nixos/plover/modules/services/fail2ban.nix
View File

@ -5,8 +5,7 @@ let
cfg = hostCfg.services.fail2ban; cfg = hostCfg.services.fail2ban;
inherit (import ../hardware/networks.nix) interfaces; inherit (import ../hardware/networks.nix) interfaces;
in in {
{
options.hosts.plover.services.fail2ban.enable = options.hosts.plover.services.fail2ban.enable =
lib.mkEnableOption "fail2ban monitoring"; lib.mkEnableOption "fail2ban monitoring";

6
configs/nixos/plover/modules/services/firewall.nix
View File

@ -3,9 +3,9 @@
let let
hostCfg = config.hosts.plover; hostCfg = config.hosts.plover;
cfg = hostCfg.services.firewall; cfg = hostCfg.services.firewall;
in in {
{ options.hosts.plover.services.firewall.enable =
options.hosts.plover.services.firewall.enable = lib.mkEnableOption "firewall setup"; lib.mkEnableOption "firewall setup";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
networking = { networking = {

18
configs/nixos/plover/modules/services/idm.nix
View File

@ -10,9 +10,9 @@ let
certsDir = config.security.acme.certs."${authDomain}".directory; certsDir = config.security.acme.certs."${authDomain}".directory;
backupsDir = "${config.state.paths.dataDir}/kanidm/backups"; backupsDir = "${config.state.paths.dataDir}/kanidm/backups";
in in {
{ options.hosts.plover.services.idm.enable =
options.hosts.plover.services.idm.enable = lib.mkEnableOption "preferred IDM server"; lib.mkEnableOption "preferred IDM server";
config = lib.mkIf cfg.enable (lib.mkMerge [ config = lib.mkIf cfg.enable (lib.mkMerge [
{ {
@ -61,7 +61,10 @@ in
# Integrating kanidm-unixd. # Integrating kanidm-unixd.
UsePAM = true; UsePAM = true;
PubkeyAuthentication = true; PubkeyAuthentication = true;
AuthorizedKeysCommand = "${lib.getExe' config.services.kanidm.package "kanidm_ssh_authorizedkeys"} %u"; AuthorizedKeysCommand = "${
lib.getExe' config.services.kanidm.package
"kanidm_ssh_authorizedkeys"
} %u";
AuthorizedKeysCommandUser = "nobody"; AuthorizedKeysCommandUser = "nobody";
}; };
@ -73,7 +76,8 @@ in
mkdir -p "${backupsDir}" mkdir -p "${backupsDir}"
''; '';
serviceConfig = { serviceConfig = {
SupplementaryGroups = [ config.security.acme.certs."${authDomain}".group ]; SupplementaryGroups =
[ config.security.acme.certs."${authDomain}".group ];
}; };
}; };
} }
@ -91,9 +95,7 @@ in
extraConfig = '' extraConfig = ''
zone services; zone services;
''; '';
servers = { servers = { "localhost:${builtins.toString port}" = { }; };
"localhost:${builtins.toString port}" = { };
};
}; };
}) })

40
configs/nixos/plover/modules/services/monitoring.nix
View File

@ -5,32 +5,28 @@ let
cfg = hostCfg.services.monitoring; cfg = hostCfg.services.monitoring;
prometheusExports = config.services.prometheus.exporters; prometheusExports = config.services.prometheus.exporters;
in in {
{
options.hosts.plover.services.monitoring.enable = options.hosts.plover.services.monitoring.enable =
lib.mkEnableOption "preferred monitoring stack"; lib.mkEnableOption "preferred monitoring stack";
config = lib.mkIf cfg.enable (lib.mkMerge [ config = lib.mkIf cfg.enable (lib.mkMerge [{
{ services.prometheus = {
services.prometheus = { enable = true;
enable = true;
exporters = { exporters = {
node = { node = {
enable = true; enable = true;
enabledCollectors = [ "systemd" ]; enabledCollectors = [ "systemd" ];
};
}; };
scrapeConfigs = [
{
job_name = config.networking.hostName;
static_configs = [{
targets = [ "127.0.0.1:${builtins.toString prometheusExports.node.port}" ];
}];
}
];
}; };
}
]); scrapeConfigs = [{
job_name = config.networking.hostName;
static_configs = [{
targets =
[ "127.0.0.1:${builtins.toString prometheusExports.node.port}" ];
}];
}];
};
}]);
} }

48
configs/nixos/plover/modules/services/networking.nix
View File

@ -8,8 +8,7 @@ let
mainEthernetInterfaceNames = [ "eth0" "enp1s0" ]; mainEthernetInterfaceNames = [ "eth0" "enp1s0" ];
internalEthernetInterfaceNames = [ "enp7s0" ]; internalEthernetInterfaceNames = [ "enp7s0" ];
inherit (config.state.network) interfaces; inherit (config.state.network) interfaces;
in in {
{
options.hosts.plover.services.networking = { options.hosts.plover.services.networking = {
enable = lib.mkEnableOption "preferred networking setup"; enable = lib.mkEnableOption "preferred networking setup";
@ -67,8 +66,7 @@ in
# For more information, you can look at Hetzner documentation from # For more information, you can look at Hetzner documentation from
# https://docs.hetzner.com/robot/dedicated-server/ip/additional-ip-adresses/ # https://docs.hetzner.com/robot/dedicated-server/ip/additional-ip-adresses/
networks = { networks = {
"10-wan" = let "10-wan" = let inherit (interfaces) wan;
inherit (interfaces) wan;
in { in {
matchConfig = { matchConfig = {
Name = lib.concatStringsSep " " mainEthernetInterfaceNames; Name = lib.concatStringsSep " " mainEthernetInterfaceNames;
@ -87,10 +85,7 @@ in
}; };
address = [ "${wan.ipv6}/64" ]; address = [ "${wan.ipv6}/64" ];
dns = [ dns = [ "2a01:4ff:ff00::add:2" "2a01:4ff:ff00::add:1" ];
"2a01:4ff:ff00::add:2"
"2a01:4ff:ff00::add:1"
];
routes = [ routes = [
{ {
@ -102,28 +97,27 @@ in
Gateway = wan.ipv6Gateway; Gateway = wan.ipv6Gateway;
GatewayOnLink = true; GatewayOnLink = true;
} }
] ] ++ lib.optionals cfg.restrictLocalOnWAN [
++ lib.optionals cfg.restrictLocalOnWAN [ {
{ Destination = "176.16.0.0/12";
Destination = "176.16.0.0/12"; Type = "unreachable";
Type = "unreachable"; }
}
{ {
Destination = "10.0.0.0/8"; Destination = "10.0.0.0/8";
Type = "unreachable"; Type = "unreachable";
} }
{ {
Destination = "192.168.0.0/16"; Destination = "192.168.0.0/16";
Type = "unreachable"; Type = "unreachable";
} }
{ {
Destination = "fc00::/7"; Destination = "fc00::/7";
Type = "unreachable"; Type = "unreachable";
} }
]; ];
linkConfig.RequiredForOnline = "routable"; linkConfig.RequiredForOnline = "routable";
}; };

21
configs/nixos/plover/modules/services/wezterm-mux-server.nix
View File

@ -13,8 +13,7 @@ let
src = ../../config/wezterm/config.lua; src = ../../config/wezterm/config.lua;
listen_address = listenAddress; listen_address = listenAddress;
}; };
in in {
{
options.hosts.plover.services.wezterm-mux-server.enable = options.hosts.plover.services.wezterm-mux-server.enable =
lib.mkEnableOption "Wezterm mux server setup"; lib.mkEnableOption "Wezterm mux server setup";
@ -29,16 +28,14 @@ in
requires = [ "acme-finished-${weztermDomain}.target" ]; requires = [ "acme-finished-${weztermDomain}.target" ];
environment.WEZTERM_LOG = "info"; environment.WEZTERM_LOG = "info";
serviceConfig = { serviceConfig = {
LoadCredential = LoadCredential = let
let certDir = config.security.acme.certs."${weztermDomain}".directory;
certDir = config.security.acme.certs."${weztermDomain}".directory; credentialCertPath = path: "${path}:${certDir}/${path}";
credentialCertPath = path: "${path}:${certDir}/${path}"; in [
in (credentialCertPath "key.pem")
[ (credentialCertPath "cert.pem")
(credentialCertPath "key.pem") (credentialCertPath "fullchain.pem")
(credentialCertPath "cert.pem") ];
(credentialCertPath "fullchain.pem")
];
}; };
}; };

28
configs/nixos/plover/terraform/dns.tf
View File

@ -1,30 +1,30 @@
variable zone_id { variable "zone_id" {
description = "Hetzner DNS zone ID to be configured with." description = "Hetzner DNS zone ID to be configured with."
} }
resource "hetznerdns_record" "plover_ipv4" { resource "hetznerdns_record" "plover_ipv4" {
zone_id = var.zone_id zone_id = var.zone_id
name = "plover" name = "plover"
type = "A" type = "A"
value = hcloud_server.plover.ipv4_address value = hcloud_server.plover.ipv4_address
} }
resource "hetznerdns_record" "plover_ipv6" { resource "hetznerdns_record" "plover_ipv6" {
zone_id = var.zone_id zone_id = var.zone_id
name = "plover" name = "plover"
type = "AAAA" type = "AAAA"
value = hcloud_server.plover.ipv6_address value = hcloud_server.plover.ipv6_address
} }
variable services { variable "services" {
type = list(string) type = list(string)
default = [ "auth", "pass", "code" ] default = ["auth", "pass", "code"]
} }
resource "hetznerdns_record" "plover_services" { resource "hetznerdns_record" "plover_services" {
for_each = toset(var.services) for_each = toset(var.services)
zone_id = var.zone_id zone_id = var.zone_id
name = each.key name = each.key
type = "CNAME" type = "CNAME"
value = "plover" value = "plover"
} }

4
configs/nixos/plover/terraform/main.tf
View File

@ -1,5 +1,5 @@
variable "ssh_keys" { variable "ssh_keys" {
type = list(number) type = list(number)
description = "SSH keys for the associated server" description = "SSH keys for the associated server"
} }
@ -23,7 +23,7 @@ resource "hcloud_server" "plover" {
} }
resource "hcloud_ssh_key" "plover" { resource "hcloud_ssh_key" "plover" {
name = "plover.foodogsquared.one" name = "plover.foodogsquared.one"
public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGo3tfNQjWZ5pxlqREfBgQJxdNzGHKJIy5hDS9Z+Hpth plover.foodogsquared.one" public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGo3tfNQjWZ5pxlqREfBgQJxdNzGHKJIy5hDS9Z+Hpth plover.foodogsquared.one"
} }

16
configs/nixos/plover/terraform/tailscale.tf
View File

@ -3,25 +3,25 @@ data "tailscale_device" "plover" {
} }
resource "tailscale_device_authorization" "plover_authorization" { resource "tailscale_device_authorization" "plover_authorization" {
device_id = data.tailscale_device.plover.id device_id = data.tailscale_device.plover.id
authorized = true authorized = true
depends_on = [ hcloud_server.plover ] depends_on = [hcloud_server.plover]
} }
resource "tailscale_tailnet_key" "plover" { resource "tailscale_tailnet_key" "plover" {
reusable = false reusable = false
ephemeral = false ephemeral = false
preauthorized = true preauthorized = true
recreate_if_invalid = "always" recreate_if_invalid = "always"
description = "Plover" description = "Plover"
} }
resource "tailscale_device_tags" "hcloud_plover" { resource "tailscale_device_tags" "hcloud_plover" {
device_id = data.tailscale_device.plover.id device_id = data.tailscale_device.plover.id
tags = [ "tag:server" ] tags = ["tag:server"]
} }
resource "local_file" "tailscale_auth_key" { resource "local_file" "tailscale_auth_key" {
content = tailscale_tailnet_key.plover.key content = tailscale_tailnet_key.plover.key
filename = "${path.module}/plover-tailscale-auth-key" filename = "${path.module}/plover-tailscale-auth-key"
} }

6
configs/nixos/plover/terraform/versions.tf
View File

@ -6,17 +6,17 @@ terraform {
} }
hetznerdns = { hetznerdns = {
source = "timohirt/hetznerdns" source = "timohirt/hetznerdns"
version = "2.2.0" version = "2.2.0"
} }
tailscale = { tailscale = {
source = "tailscale/tailscale" source = "tailscale/tailscale"
version = "0.17.2" version = "0.17.2"
} }
local = { local = {
source = "hashicorp/local" source = "hashicorp/local"
version = "2.5.2" version = "2.5.2"
} }
} }

6
configs/nixos/winnowing/default.nix
View File

@ -5,11 +5,7 @@
"${modulesPath}/profiles/minimal.nix" "${modulesPath}/profiles/minimal.nix"
(foodogsquaredLib.mapHomeManagerUser "winnow" { (foodogsquaredLib.mapHomeManagerUser "winnow" {
extraGroups = [ extraGroups = [ "wheel" "docker" "podman" ];
"wheel"
"docker"
"podman"
];
hashedPassword = hashedPassword =
"$y$j9T$UFzEKZZZrmbJ05CTY8QAW0$X2RD4m.xswyJlXZC6AlmmuubPaWPQZg/Q1LDgHpXHx1"; "$y$j9T$UFzEKZZZrmbJ05CTY8QAW0$X2RD4m.xswyJlXZC6AlmmuubPaWPQZg/Q1LDgHpXHx1";
isNormalUser = true; isNormalUser = true;

10
configs/nixvim/fiesta/modules/setups/completion.nix
View File

@ -3,8 +3,7 @@
let let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.completion; cfg = nixvimCfg.setups.completion;
in in {
{
options.nixvimConfigs.fiesta.setups.completion.enable = options.nixvimConfigs.fiesta.setups.completion.enable =
lib.mkEnableOption "debugging setup for Fiesta NixVim"; lib.mkEnableOption "debugging setup for Fiesta NixVim";
@ -26,11 +25,8 @@ in
"<S-Tab>" = "cmp.mapping.select_prev_item()"; "<S-Tab>" = "cmp.mapping.select_prev_item()";
}; };
settings.sources = [ settings.sources =
{ name = "nvim_lsp"; } [ { name = "nvim_lsp"; } { name = "path"; } { name = "buffer"; } ];
{ name = "path"; }
{ name = "buffer"; }
];
}; };
# All of the typical completion sources I would need. # All of the typical completion sources I would need.

235
configs/nixvim/fiesta/modules/setups/debugging.nix
View File

@ -3,8 +3,7 @@
let let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.debugging; cfg = nixvimCfg.setups.debugging;
in in {
{
options.nixvimConfigs.fiesta.setups.debugging.enable = options.nixvimConfigs.fiesta.setups.debugging.enable =
lib.mkEnableOption "debugging setup for Fiesta NixVim"; lib.mkEnableOption "debugging setup for Fiesta NixVim";
@ -20,125 +19,121 @@ in
}; };
}; };
keymaps = keymaps = let
let bindingPrefix = "<Leader>d";
bindingPrefix = "<Leader>d"; mkDAPBinding = binding: settings:
mkDAPBinding = binding: settings:
{
mode = "n";
key = "${bindingPrefix}${binding}";
} // settings;
in
lib.mapAttrsToList mkDAPBinding
{ {
"b" = { mode = "n";
options.desc = "Toggle breakpoint"; key = "${bindingPrefix}${binding}";
action = helpers.mkRaw "require('dap').toggle_breakpoint"; } // settings;
}; in lib.mapAttrsToList mkDAPBinding {
"b" = {
"B" = { options.desc = "Toggle breakpoint";
options.desc = "Set breakpoint"; action = helpers.mkRaw "require('dap').toggle_breakpoint";
action = helpers.mkRaw "require('dap').set_breakpoint";
};
"Bp" = {
options.desc = "Set breakpoint with log message";
action = helpers.mkRaw ''
function()
require('dap').set_breakpoint(nil, nil, vim.fn.input('Log point message: '))
end
'';
};
"n" = {
options.desc = "Continue";
action = helpers.mkRaw "require('dap').continue";
};
# You know, like a comma is supposed to do. I got nothing on this one
# but this is the best choice for now.
"," = {
options.desc = "Pause";
action = helpers.mkRaw "require('dap').pause";
};
"d" = {
options.desc = "Terminate";
action = helpers.mkRaw "require('dap').terminate";
};
"l" = {
options.desc = "Step over";
action = helpers.mkRaw "require('dap').step_over";
};
"j" = {
options.desc = "Step into";
action = helpers.mkRaw "require('dap').step_into";
};
"J" = {
options.desc = "Go up";
action = helpers.mkRaw "require('dap').up";
};
"k" = {
options.desc = "Step out";
action = helpers.mkRaw "require('dap').step_out";
};
"K" = {
options.desc = "Go down";
action = helpers.mkRaw "require('dap').down";
};
"rs" = {
options.desc = "Restart session";
action = helpers.mkRaw "require('dap').restart";
};
"rr" = {
options.desc = "Open debugging REPL";
action = helpers.mkRaw "require('dap').repl.open";
};
"rl" = {
options.desc = "Run last configuration";
action = helpers.mkRaw "require('dap').run_last";
};
"ph" = {
options.desc = "View the value under the cursor";
action = helpers.mkRaw "require('dap.ui.widgets').hover";
mode = [ "n" "v" ];
};
"pp" = {
options.desc = "See value in preview window";
action = helpers.mkRaw "require('dap.ui.widgets').preview";
mode = [ "n" "v" ];
};
}
++ lib.mapAttrsToList mkDAPBinding {
"<F5>" = {
options.desc = "Continue";
action = helpers.mkRaw "require('dap').continue";
};
"<F10>" = {
options.desc = "Step over";
action = helpers.mkRaw "require('dap').step_over";
};
"<F11>" = {
options.desc = "Step into";
action = helpers.mkRaw "require('dap').step_into";
};
"<F12>" = {
options.desc = "Step out";
action = helpers.mkRaw "require('dap').step_out";
};
}; };
"B" = {
options.desc = "Set breakpoint";
action = helpers.mkRaw "require('dap').set_breakpoint";
};
"Bp" = {
options.desc = "Set breakpoint with log message";
action = helpers.mkRaw ''
function()
require('dap').set_breakpoint(nil, nil, vim.fn.input('Log point message: '))
end
'';
};
"n" = {
options.desc = "Continue";
action = helpers.mkRaw "require('dap').continue";
};
# You know, like a comma is supposed to do. I got nothing on this one
# but this is the best choice for now.
"," = {
options.desc = "Pause";
action = helpers.mkRaw "require('dap').pause";
};
"d" = {
options.desc = "Terminate";
action = helpers.mkRaw "require('dap').terminate";
};
"l" = {
options.desc = "Step over";
action = helpers.mkRaw "require('dap').step_over";
};
"j" = {
options.desc = "Step into";
action = helpers.mkRaw "require('dap').step_into";
};
"J" = {
options.desc = "Go up";
action = helpers.mkRaw "require('dap').up";
};
"k" = {
options.desc = "Step out";
action = helpers.mkRaw "require('dap').step_out";
};
"K" = {
options.desc = "Go down";
action = helpers.mkRaw "require('dap').down";
};
"rs" = {
options.desc = "Restart session";
action = helpers.mkRaw "require('dap').restart";
};
"rr" = {
options.desc = "Open debugging REPL";
action = helpers.mkRaw "require('dap').repl.open";
};
"rl" = {
options.desc = "Run last configuration";
action = helpers.mkRaw "require('dap').run_last";
};
"ph" = {
options.desc = "View the value under the cursor";
action = helpers.mkRaw "require('dap.ui.widgets').hover";
mode = [ "n" "v" ];
};
"pp" = {
options.desc = "See value in preview window";
action = helpers.mkRaw "require('dap.ui.widgets').preview";
mode = [ "n" "v" ];
};
} ++ lib.mapAttrsToList mkDAPBinding {
"<F5>" = {
options.desc = "Continue";
action = helpers.mkRaw "require('dap').continue";
};
"<F10>" = {
options.desc = "Step over";
action = helpers.mkRaw "require('dap').step_over";
};
"<F11>" = {
options.desc = "Step into";
action = helpers.mkRaw "require('dap').step_into";
};
"<F12>" = {
options.desc = "Step out";
action = helpers.mkRaw "require('dap').step_out";
};
};
}; };
} }

3
configs/nixvim/fiesta/modules/setups/desktop-utils.nix
View File

@ -3,8 +3,7 @@
let let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.desktop-utils; cfg = nixvimCfg.setups.desktop-utils;
in in {
{
options.nixvimConfigs.fiesta.setups.desktop-utils.enable = options.nixvimConfigs.fiesta.setups.desktop-utils.enable =
lib.mkEnableOption "desktop utilities to be used for this Neovim setup"; lib.mkEnableOption "desktop utilities to be used for this Neovim setup";

3
configs/nixvim/fiesta/modules/setups/devenvs.nix
View File

@ -3,8 +3,7 @@
let let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.devenvs; cfg = nixvimCfg.setups.devenvs;
in in {
{
options.nixvimConfigs.fiesta.setups.devenvs.enable = options.nixvimConfigs.fiesta.setups.devenvs.enable =
lib.mkEnableOption "integration for typical devenvs"; lib.mkEnableOption "integration for typical devenvs";

120
configs/nixvim/fiesta/modules/setups/fuzzy-finder.nix
View File

@ -3,8 +3,7 @@
let let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.fuzzy-finder; cfg = nixvimCfg.setups.fuzzy-finder;
in in {
{
options.nixvimConfigs.fiesta.setups.fuzzy-finder.enable = options.nixvimConfigs.fiesta.setups.fuzzy-finder.enable =
lib.mkEnableOption "fuzzy finder setup"; lib.mkEnableOption "fuzzy finder setup";
@ -17,68 +16,63 @@ in
}; };
# Configure all of the keymaps. # Configure all of the keymaps.
keymaps = keymaps = let
let bindingPrefix = "<leader>f";
bindingPrefix = "<leader>f"; mkTelescopeKeymap = binding: settings:
mkTelescopeKeymap = binding: settings: lib.mergeAttrs {
lib.mergeAttrs mode = "n";
{ key = "${bindingPrefix}${binding}";
mode = "n"; } settings;
key = "${bindingPrefix}${binding}"; in lib.mapAttrsToList mkTelescopeKeymap ({
"A" = {
options.desc = "Resume from last use";
action = helpers.mkRaw "require('telescope.builtin').resume";
};
"b" = {
options.desc = "List buffers";
action = helpers.mkRaw "require('telescope.builtin').buffers";
};
"f" = {
options.desc = "Find files";
action = helpers.mkRaw ''
function()
require('telescope.builtin').find_files { hidden = true }
end
'';
};
"F" = {
options.desc = "Find files in current directory";
action = helpers.mkRaw ''
function()
require('telescope.builtin').find_files {
cwd = require('telescope.utils').buffer_dir(),
hidden = true,
} }
settings; end
in '';
lib.mapAttrsToList mkTelescopeKeymap ({ };
"A" = { "v" = {
options.desc = "Resume from last use"; options.desc = "Find files tracked by Git";
action = helpers.mkRaw "require('telescope.builtin').resume"; action = helpers.mkRaw "require('telescope.builtin').git_files";
}; };
"b" = { "g" = {
options.desc = "List buffers"; options.desc = "Live grep for the whole project";
action = helpers.mkRaw "require('telescope.builtin').buffers"; action = helpers.mkRaw "require('telescope.builtin').live_grep";
}; };
"f" = { "h" = {
options.desc = "Find files"; options.desc = "Find section from help tags";
action = helpers.mkRaw '' action = helpers.mkRaw "require('telescope.builtin').help_tags";
function() };
require('telescope.builtin').find_files { hidden = true } "m" = {
end options.desc = "Find manpage entries";
''; action = helpers.mkRaw "require('telescope.builtin').man_pages";
}; };
"F" = { } // lib.optionalAttrs nixvimCfg.setups.treesitter.enable {
options.desc = "Find files in current directory"; "t" = {
action = helpers.mkRaw '' options.desc = "List symbols from treesitter queries";
function() action = helpers.mkRaw "require('telescope.builtin').treesitter";
require('telescope.builtin').find_files { };
cwd = require('telescope.utils').buffer_dir(), });
hidden = true,
}
end
'';
};
"v" = {
options.desc = "Find files tracked by Git";
action = helpers.mkRaw "require('telescope.builtin').git_files";
};
"g" = {
options.desc = "Live grep for the whole project";
action = helpers.mkRaw "require('telescope.builtin').live_grep";
};
"h" = {
options.desc = "Find section from help tags";
action = helpers.mkRaw "require('telescope.builtin').help_tags";
};
"m" = {
options.desc = "Find manpage entries";
action = helpers.mkRaw "require('telescope.builtin').man_pages";
};
}
// lib.optionalAttrs nixvimCfg.setups.treesitter.enable {
"t" = {
options.desc = "List symbols from treesitter queries";
action = helpers.mkRaw "require('telescope.builtin').treesitter";
};
});
}; };
} }

40
configs/nixvim/fiesta/modules/setups/lsp.nix
View File

@ -3,30 +3,26 @@
let let
nixvimConfig = config.nixvimConfigs.fiesta; nixvimConfig = config.nixvimConfigs.fiesta;
cfg = nixvimConfig.setups.lsp; cfg = nixvimConfig.setups.lsp;
in in {
{ options.nixvimConfigs.fiesta.setups.lsp.enable = lib.mkEnableOption null // {
options.nixvimConfigs.fiesta.setups.lsp.enable = description = ''
lib.mkEnableOption null // { Whether to enable LSP setup. Take note you'll have to enable and
description = '' configure individual language servers yourself since the resulting
Whether to enable LSP setup. Take note you'll have to enable and NixVim config can be pretty heavy.
configure individual language servers yourself since the resulting '';
NixVim config can be pretty heavy. };
'';
};
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
keymaps = [ keymaps = [{
{ mode = [ "n" ];
mode = [ "n" ]; key = "<leader>Li";
key = "<leader>Li"; options.desc = "Toggle inlay hints";
options.desc = "Toggle inlay hints"; action = helpers.mkRaw ''
action = helpers.mkRaw '' function()
function() vim.lsp.inlay_hint.enable(not vim.lsp.inlay_hint.is_enabled())
vim.lsp.inlay_hint.enable(not vim.lsp.inlay_hint.is_enabled()) end
end '';
''; }];
}
];
plugins.lsp = { plugins.lsp = {
enable = true; enable = true;

14
configs/nixvim/fiesta/modules/setups/note-taking.nix
View File

@ -3,8 +3,7 @@
let let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.note-taking; cfg = nixvimCfg.setups.note-taking;
in in {
{
options.nixvimConfigs.fiesta.setups.note-taking.enable = options.nixvimConfigs.fiesta.setups.note-taking.enable =
lib.mkEnableOption "basic note-taking setup"; lib.mkEnableOption "basic note-taking setup";
@ -25,11 +24,10 @@ in
# Install the tree-sitter parsers. # Install the tree-sitter parsers.
plugins.treesitter.grammarPackages = plugins.treesitter.grammarPackages =
lib.mkIf lib.mkIf (config.plugins.neorg.settings ? load."core.defaults")
(config.plugins.neorg.settings ? load."core.defaults") (with pkgs.tree-sitter-grammars; [
(with pkgs.tree-sitter-grammars; [ tree-sitter-norg
tree-sitter-norg tree-sitter-norg-meta
tree-sitter-norg-meta ]);
]);
}; };
} }

3
configs/nixvim/fiesta/modules/setups/qol.nix
View File

@ -3,8 +3,7 @@
let let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.devenvs; cfg = nixvimCfg.setups.devenvs;
in in {
{
options.nixvimConfigs.fiesta.setups.qol.enable = options.nixvimConfigs.fiesta.setups.qol.enable =
lib.mkEnableOption "quality-of-life improvements"; lib.mkEnableOption "quality-of-life improvements";

17
configs/nixvim/fiesta/modules/setups/snippets/default.nix
View File

@ -4,11 +4,8 @@ let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.snippets; cfg = nixvimCfg.setups.snippets;
luasnipKeymapConfig = { luasnipKeymapConfig = { mode = [ "i" "s" ]; };
mode = [ "i" "s" ]; in {
};
in
{
options.nixvimConfigs.fiesta.setups.snippets.enable = options.nixvimConfigs.fiesta.setups.snippets.enable =
lib.mkEnableOption "snippets setup"; lib.mkEnableOption "snippets setup";
@ -26,12 +23,10 @@ in
plugins.friendly-snippets.enable = true; plugins.friendly-snippets.enable = true;
# Load all of the custom snippets. # Load all of the custom snippets.
plugins.luasnip.fromLua = [ plugins.luasnip.fromLua = [{
{ lazyLoad = true;
lazyLoad = true; paths = ./snippets;
paths = ./snippets; }];
}
];
# Set up the keymaps ourselves since LuaSnip doesn't provide one as a # Set up the keymaps ourselves since LuaSnip doesn't provide one as a
# config option. # config option.

330
configs/nixvim/fiesta/modules/setups/treesitter.nix
View File

@ -3,8 +3,7 @@
let let
nixvimCfg = config.nixvimConfigs.fiesta; nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.treesitter; cfg = nixvimCfg.setups.treesitter;
in in {
{
options.nixvimConfigs.fiesta.setups.treesitter.enable = options.nixvimConfigs.fiesta.setups.treesitter.enable =
lib.mkEnableOption "tree-sitter setup for Fiesta NixVim"; lib.mkEnableOption "tree-sitter setup for Fiesta NixVim";
@ -41,87 +40,99 @@ in
lspInterop = { lspInterop = {
enable = true; enable = true;
border = "none"; border = "none";
peekDefinitionCode = peekDefinitionCode = let
let bindingPrefix = "<leader>d";
bindingPrefix = "<leader>d";
mkQueryMappings = query: binding: mkQueryMappings = query: binding:
lib.nameValuePair "${bindingPrefix}${binding}" { lib.nameValuePair "${bindingPrefix}${binding}" {
desc = "Peek definition of ${query}"; desc = "Peek definition of ${query}";
query = "@${query}.outer"; query = "@${query}.outer";
}; };
in in lib.mapAttrs' mkQueryMappings {
lib.mapAttrs' mkQueryMappings { "function" = "f";
"function" = "f"; "class" = "F";
"class" = "F"; };
};
}; };
move = lib.mkMerge ([{ move = lib.mkMerge ([{
enable = true; enable = true;
setJumps = true; setJumps = true;
}] }] ++ (let
++ ( motions = lib.cartesianProduct {
let region = [ "Start" "End" ];
motions = lib.cartesianProduct { jumpDirection = [ "Previous" "Next" ];
region = [ "Start" "End" ]; variant = [ "outer" "inner" ];
jumpDirection = [ "Previous" "Next" ]; };
variant = [ "outer" "inner" ];
};
motionMap = { motionMap = {
outerPrevious = "["; outerPrevious = "[";
outerNext = "]"; outerNext = "]";
innerPrevious = "[["; innerPrevious = "[[";
innerNext = "]]"; innerNext = "]]";
}; };
actionDesc = variant: jumpDirection: query: actionDesc = variant: jumpDirection: query:
if variant == "inner" if variant == "inner" then
then "Jump to inner part of the ${jumpDirection} ${query}" "Jump to inner part of the ${jumpDirection} ${query}"
else "Jump to ${jumpDirection} ${query}"; else
"Jump to ${jumpDirection} ${query}";
mkQueryMappings = mkQueryMappings =
# The accumulator. Should be a list where it contains all of the # The accumulator. Should be a list where it contains all of the
# modules to be merged. # modules to be merged.
acc: acc:
# The query object of the treesitter node. All queries are # The query object of the treesitter node. All queries are
# assumed to be "@$QUERY.outer". # assumed to be "@$QUERY.outer".
query: query:
# A set of bindings to be used for each jump direction. # A set of bindings to be used for each jump direction.
bindings: bindings:
let let
mappings = builtins.map mappings = builtins.map (motion:
(motion: let
let inherit (motion) region jumpDirection variant;
inherit (motion) region jumpDirection variant; jumpDirection' = lib.strings.toLower jumpDirection;
jumpDirection' = lib.strings.toLower jumpDirection; binding' = bindings.${jumpDirection'};
binding' = bindings.${jumpDirection'}; bindingPrefix = motionMap."${variant}${jumpDirection}";
bindingPrefix = motionMap."${variant}${jumpDirection}"; in {
in "goto${jumpDirection}${region}" = {
{ "${bindingPrefix}${binding'}" = {
"goto${jumpDirection}${region}" = { desc = actionDesc variant jumpDirection' query;
"${bindingPrefix}${binding'}" = { query = "@${query}.${variant}";
desc = actionDesc variant jumpDirection' query; };
query = "@${query}.${variant}"; };
}; }) motions;
}; in acc ++ mappings;
}) in lib.foldlAttrs mkQueryMappings [ ] {
motions; "function" = {
in previous = "M";
acc ++ mappings; next = "m";
in };
lib.foldlAttrs mkQueryMappings [ ] { "block" = {
"function" = { previous = "M"; next = "m"; }; previous = "B";
"block" = { previous = "B"; next = "b"; }; next = "b";
"call" = { previous = "F"; next = "f"; }; };
"class" = { previous = "C"; next = "c"; }; "call" = {
"conditional" = { previous = "D"; next = "d"; }; previous = "F";
"statement" = { previous = "S"; next = "s"; }; next = "f";
"loop" = { previous = "L"; next = "l"; }; };
} "class" = {
)); previous = "C";
next = "c";
};
"conditional" = {
previous = "D";
next = "d";
};
"statement" = {
previous = "S";
next = "s";
};
"loop" = {
previous = "L";
next = "l";
};
}));
select = { select = {
enable = true; enable = true;
lookahead = true; lookahead = true;
@ -130,101 +141,94 @@ in
"@class.outer" = "<c-v>"; "@class.outer" = "<c-v>";
"@block.outer" = "<c-v>"; "@block.outer" = "<c-v>";
}; };
keymaps = keymaps = let
let prefixMap = {
prefixMap = { "outer" = {
"outer" = { key = "a";
key = "a"; desc = query: "Select around the ${query} region";
desc = query: "Select around the ${query} region"; };
}; "inner" = {
"inner" = { key = "i";
key = "i"; desc = query: "Select inner part of the ${query} region";
desc = query: "Select inner part of the ${query} region";
};
}; };
# A function that creates a pair of keymaps: one for the outer and
# inner part of the query. As such, it assumes the query has an
# outer and inner variant.
mkQueryMappings =
# The textobject query, assumed as "@$QUERY.$VARIANT".
query:
# The keymap sequence to affix for the mapping pair.
binding:
let
mappingsList =
builtins.map
(variant:
let
prefixMap' = prefixMap.${variant};
in
lib.nameValuePair "${prefixMap'.key}${binding}" {
query = "@${query}.${variant}";
desc = prefixMap'.desc query;
}) [ "outer" "inner" ];
in
lib.listToAttrs mappingsList;
in
lib.concatMapAttrs mkQueryMappings {
"function" = "m";
"call" = "f";
"class" = "c";
"block" = "b";
"loop" = "l";
"statement" = "s";
"attribute" = "a";
}; };
# A function that creates a pair of keymaps: one for the outer and
# inner part of the query. As such, it assumes the query has an
# outer and inner variant.
mkQueryMappings =
# The textobject query, assumed as "@$QUERY.$VARIANT".
query:
# The keymap sequence to affix for the mapping pair.
binding:
let
mappingsList = builtins.map (variant:
let prefixMap' = prefixMap.${variant};
in lib.nameValuePair "${prefixMap'.key}${binding}" {
query = "@${query}.${variant}";
desc = prefixMap'.desc query;
}) [ "outer" "inner" ];
in lib.listToAttrs mappingsList;
in lib.concatMapAttrs mkQueryMappings {
"function" = "m";
"call" = "f";
"class" = "c";
"block" = "b";
"loop" = "l";
"statement" = "s";
"attribute" = "a";
};
}; };
swap = lib.mkMerge ( swap = lib.mkMerge ([{ enable = true; }] ++ (let
[{ enable = true; }] motions = lib.cartesianProduct {
++ ( jumpDirection = [ "Previous" "Next" ];
variant = [ "outer" ];
};
motionMap = {
"outerPrevious" = "<leader>S";
"outerNext" = "<leader>s";
};
actionDesc = variant: jumpDirection: query:
if variant == "inner" then
"Jump to inner part of the ${jumpDirection} ${query}"
else
"Jump to ${jumpDirection} ${query}";
mkQueryMappings = acc: query: bindings:
let let
motions = lib.cartesianProduct { mappings = builtins.map (motion:
jumpDirection = [ "Previous" "Next" ];
variant = [ "outer" ];
};
motionMap = {
"outerPrevious" = "<leader>S";
"outerNext" = "<leader>s";
};
actionDesc = variant: jumpDirection: query:
if variant == "inner"
then "Jump to inner part of the ${jumpDirection} ${query}"
else "Jump to ${jumpDirection} ${query}";
mkQueryMappings = acc: query: bindings:
let let
mappings = builtins.map inherit (motion) jumpDirection variant;
(motion: jumpDirection' = lib.strings.toLower jumpDirection;
let binding' = bindings.${jumpDirection'};
inherit (motion) jumpDirection variant; bindingPrefix = motionMap."${variant}${jumpDirection}";
jumpDirection' = lib.strings.toLower jumpDirection; in {
binding' = bindings.${jumpDirection'}; "swap${jumpDirection}" = {
bindingPrefix = motionMap."${variant}${jumpDirection}"; "${bindingPrefix}${binding'}" = {
in desc = actionDesc variant jumpDirection' query;
{ query = "@${query}.${variant}";
"swap${jumpDirection}" = { };
"${bindingPrefix}${binding'}" = { };
desc = actionDesc variant jumpDirection' query; }) motions;
query = "@${query}.${variant}"; in acc ++ mappings;
}; in lib.foldlAttrs mkQueryMappings [ ] {
}; "function" = {
}) next = "f";
motions; previous = "F";
in };
acc ++ mappings; "parameter" = {
in next = "a";
lib.foldlAttrs mkQueryMappings [ ] { previous = "A";
"function" = { next = "f"; previous = "F"; }; };
"parameter" = { next = "a"; previous = "A"; }; "conditional" = {
"conditional" = { next = "d"; previous = "D"; }; next = "d";
} previous = "D";
) };
); }));
}; };
}; };
} }

Some files were not shown because too many files have changed in this diff Show More