foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-04-16 06:19:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: reformat codebase

Browse Source
This commit is contained in:
Gabriel Arazas 2025-01-29 12:48:19 +08:00
parent e89ea98f8b
commit 71be6e4bc1
No known key found for this signature in database
GPG Key ID: 62104B43D00AA360
315 changed files with 5888 additions and 6872 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apps/run-workflow-with-vm/configuration.nix
View File

@ -7,8 +7,7 @@
let
pkgs = import <nixpkgs> { };
lib = pkgs.lib;
in
import <nixpkgs/nixos/lib/eval-config.nix> {
in import <nixpkgs/nixos/lib/eval-config.nix> {
inherit lib;
specialArgs = {
foodogsquaredUtils = import <config/lib/utils/nixos.nix> { inherit lib; };

12
apps/run-workflow-with-vm/default.nix
View File

@ -1,9 +1,4 @@
{ stdenv
, lib
, meson
, ninja
, inputs ? [ ]
}:
{ stdenv, lib, meson, ninja, inputs ? [ ] }:
stdenv.mkDerivation (finalAttrs: {
pname = "run-workflow-with-vm";
@ -11,10 +6,7 @@ stdenv.mkDerivation (finalAttrs: {
src = ./.;
nativeBuildInputs = [
meson
ninja
];
nativeBuildInputs = [ meson ninja ];
preConfigure = ''
mesonFlagsArray+=("-Dinputs=[${lib.concatStringsSep "," inputs}]")

4
apps/run-workflow-with-vm/modules/home-manager/default.nix
View File

@ -1,2 +1,4 @@
# It's just be empty like your soul, probably.
{ imports = [ ]; }
{
imports = [ ];
}

4
apps/run-workflow-with-vm/modules/nixos/default.nix
View File

@ -1,3 +1,5 @@
# Just an extra set of modules, if you count zero modules as one. Or I guess
# technically this is one module, just an empty one.
{ imports = [ ]; }
{
imports = [ ];
}

9
configs/disko/laptop-ssd/default.nix
View File

@ -17,13 +17,8 @@
subvolumes = {
"/root" = {
mountOptions = [
"rw"
"user"
"noauto"
"nofail"
"compress=zstd:10"
];
mountOptions =
[ "rw" "user" "noauto" "nofail" "compress=zstd:10" ];
mountpoint = "/media/laptop-ssd";
};
};

9
configs/flake-parts/default.nix
View File

@ -28,9 +28,7 @@
defaultSystems = [ "x86_64-linux" ];
};
setups.sharedNixpkgsConfig = {
allowUnfree = true;
};
setups.sharedNixpkgsConfig = { allowUnfree = true; };
perSystem = { lib, system, ... }: {
_module.args = {
@ -39,9 +37,8 @@
pkgs = import inputs.nixpkgs {
inherit system;
config = config.setups.sharedNixpkgsConfig;
overlays = lib.attrValues inputs.self.overlays ++ [
inputs.nur.overlays.default
];
overlays = lib.attrValues inputs.self.overlays
++ [ inputs.nur.overlays.default ];
};
};
};

10
configs/flake-parts/home-manager.nix
View File

@ -1,11 +1,8 @@
{ inputs
, lib
, config
{ inputs, lib, config
, defaultNixConf
, ...
}:
, ... }:
{
setups.home-manager = {
@ -42,8 +39,7 @@
{
_module.args = {
firstSetupArgs = {
baseNixvimModules =
config.setups.nixvim.configs.fiesta.modules
baseNixvimModules = config.setups.nixvim.configs.fiesta.modules
++ config.setups.nixvim.sharedModules;
};
};

36
configs/flake-parts/nixos.nix
View File

@ -2,14 +2,12 @@
, defaultNixConf
, ...
}:
, ... }:
let
domain = "foodogsquared.one";
subdomain = name: "${name}.${domain}";
in
{
in {
setups.nixos = {
configs = {
# The main desktop.
@ -17,10 +15,8 @@ in
nixpkgs.branch = "nixos-unstable";
# This is to make an exception for Archivebox.
nixpkgs.config.permittedInsecurePackages = [
"archiver-3.5.1"
"python3.12-django-3.1.14"
];
nixpkgs.config.permittedInsecurePackages =
[ "archiver-3.5.1" "python3.12-django-3.1.14" ];
systems = [ "x86_64-linux" ];
formats = null;
@ -30,10 +26,8 @@ in
inputs.wrapper-manager-fds.nixosModules.wrapper-manager
{
documentation.nixos.extraModules = [
../../modules/nixos
../../modules/nixos/_private
];
documentation.nixos.extraModules =
[ ../../modules/nixos ../../modules/nixos/_private ];
wrapper-manager.documentation.manpage.enable = true;
wrapper-manager.documentation.extraModules = [
../../modules/wrapper-manager
@ -44,9 +38,8 @@ in
inputs.nixos-hardware.nixosModules.common-cpu-amd-pstate
inputs.nixos-hardware.nixosModules.common-cpu-amd-raphael-igpu
(
{ config, ... }: let
hmCfg = config.home-manager.users;
({ config, ... }:
let hmCfg = config.home-manager.users;
in {
# Testing out Nushell for a spinerooski.
users.users.foo-dogsquared.shell =
@ -54,8 +47,7 @@ in
hmCfg.foo-dogsquared.programs.nushell.package
else
"/run/current-system/sw/bin/bash";
}
)
})
];
home-manager = {
branch = "home-manager-unstable";
@ -99,10 +91,8 @@ in
activationTimeout = 1200;
};
modules = [
inputs.disko.nixosModules.disko
inputs.sops-nix.nixosModules.sops
];
modules =
[ inputs.disko.nixosModules.disko inputs.sops-nix.nixosModules.sops ];
};
# The barely customized non-graphical installer.
@ -126,9 +116,7 @@ in
winnowing = {
nixpkgs = {
branch = "nixos-unstable";
overlays = [
inputs.neovim-nightly-overlay.overlays.default
];
overlays = [ inputs.neovim-nightly-overlay.overlays.default ];
};
home-manager.branch = "home-manager-unstable";
systems = [ "x86_64-linux" ];

25
configs/flake-parts/nixvim.nix
View File

@ -3,16 +3,12 @@
{
setups.nixvim.configs = {
fiesta = {
components = [
{
nixpkgsBranch = "nixos-unstable";
nixvimBranch = "nixvim-unstable";
neovimPackage = pkgs: pkgs.neovim;
overlays = [
inputs.neovim-nightly-overlay.overlays.default
];
}
];
components = [{
nixpkgsBranch = "nixos-unstable";
nixvimBranch = "nixvim-unstable";
neovimPackage = pkgs: pkgs.neovim;
overlays = [ inputs.neovim-nightly-overlay.overlays.default ];
}];
};
trovebelt = {
@ -20,10 +16,7 @@
nixpkgsBranch = [ "nixos-unstable" ];
nixvimBranch = [ "nixvim-unstable" ];
neovimPackage = [ (pkgs: pkgs.neovim) ];
overlays = [
[ inputs.neovim-nightly-overlay.overlays.default ]
[ ]
];
overlays = [ [ inputs.neovim-nightly-overlay.overlays.default ] [ ] ];
};
};
};
@ -33,7 +26,5 @@
inputs.self.nixvimModules.bahaghari
];
flake = {
nixvimModules.default = ../../modules/nixvim;
};
flake = { nixvimModules.default = ../../modules/nixvim; };
}

8
configs/home-manager/alice/default.nix
View File

@ -18,13 +18,7 @@
programs.bash = {
enable = true;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyIgnore = [
"cd"
"exit"
"lf"
"ls"
"nvim"
];
historyIgnore = [ "cd" "exit" "lf" "ls" "nvim" ];
};
home.stateVersion = "23.11";

58
configs/home-manager/foo-dogsquared/default.nix
View File

@ -3,8 +3,7 @@
let
inherit (bahaghariLib.tinted-theming) importScheme;
userCfg = config.users.foo-dogsquared;
in
{
in {
imports = [ ./modules ];
# All of the home-manager-user-specific setup are here.
@ -30,7 +29,8 @@ in
# Merge the upstream since any new files will be overridden. It also
# allows us to attach data to it such as new links to the hardcoded
# sections.
(lib.importTOML "${config.users.foo-dogsquared.programs.custom-homepage.package.src}/data/foodogsquared-homepage/links.toml")
(lib.importTOML
"${config.users.foo-dogsquared.programs.custom-homepage.package.src}/data/foodogsquared-homepage/links.toml")
{
services = {
@ -48,26 +48,35 @@ in
(lib.mkIf config.services.archivebox.webserver.enable {
services.links = lib.singleton {
url = "http://localhost:${builtins.toString config.state.ports.archivebox-webserver.value}";
url = "http://localhost:${
builtins.toString
config.state.ports.archivebox-webserver.value
}";
text = "Archive webserver";
};
YOHOOHOOHOOHOO.links = lib.mkBefore (lib.singleton {
url = "http://localhost:${builtins.toString config.state.ports.archivebox-webserver.value}";
url = "http://localhost:${
builtins.toString
config.state.ports.archivebox-webserver.value
}";
text = "ArchiveBox webserver";
});
})
(lib.mkIf (attrs.nixosConfig.suites.filesystem.setups.archive.enable or false) {
YOHOOHOOHOOHOO.links = lib.mkBefore (lib.singleton {
url = "file://${attrs.nixosConfig.state.paths.archive}";
text = "Personal archive";
});
})
(lib.mkIf
(attrs.nixosConfig.suites.filesystem.setups.archive.enable or false) {
YOHOOHOOHOOHOO.links = lib.mkBefore (lib.singleton {
url = "file://${attrs.nixosConfig.state.paths.archive}";
text = "Personal archive";
});
})
(lib.mkIf (attrs.nixosConfig.services.miniflux.enable or false) {
services.links = lib.singleton {
url = "http://localhost:${builtins.toString attrs.nixosConfig.state.ports.miniflux.value}";
url = "http://localhost:${
builtins.toString attrs.nixosConfig.state.ports.miniflux.value
}";
text = "RSS reader";
};
})
@ -101,15 +110,17 @@ in
# Add our own projects directory since most programs can't decide where it is
# properly.
xdg.userDirs.extraConfig.XDG_PROJECTS_DIR = "${config.home.homeDirectory}/Projects";
xdg.userDirs.extraConfig.XDG_PROJECTS_DIR =
"${config.home.homeDirectory}/Projects";
# Set nixpkgs config both outside and inside of home-manager.
nixpkgs.config = import ./config/nixpkgs/config.nix;
xdg.configFile."nixpkgs/config.nix".source = ./config/nixpkgs/config.nix;
home.packages = with pkgs; [
gopass # An improved version of the password manager for hipsters.
];
home.packages = with pkgs;
[
gopass # An improved version of the password manager for hipsters.
];
home.stateVersion = "23.11";
@ -122,24 +133,25 @@ in
state.packages = {
diff = pkgs.diffoscope;
pager = config.programs.bat.package;
editor =
if config.programs.nixvim.enable then
config.programs.nixvim.finalPackage
else
config.programs.neovim.package;
editor = if config.programs.nixvim.enable then
config.programs.nixvim.finalPackage
else
config.programs.neovim.package;
};
# Automating some files to be fetched on activation.
home.mutableFile = {
# ...my gopass secrets,...
".local/share/gopass/stores/personal" = {
url = "gitea@code.foodogsquared.one:foodogsquared/gopass-secrets-personal.git";
url =
"gitea@code.foodogsquared.one:foodogsquared/gopass-secrets-personal.git";
type = "gopass";
};
# ...and my custom theme to be a showoff.
"${config.xdg.dataHome}/base16/bark-on-a-tree" = {
url = "https://github.com/foo-dogsquared/base16-bark-on-a-tree-scheme.git";
url =
"https://github.com/foo-dogsquared/base16-bark-on-a-tree-scheme.git";
type = "git";
};
};

6
configs/home-manager/foo-dogsquared/files/homepage/default.nix
View File

@ -1,5 +1,5 @@
{ pkgs ? import <nixpkgs> {
overlays = [ (import ../../../../../overlays).default ];
} }:
{ pkgs ?
import <nixpkgs> { overlays = [ (import ../../../../../overlays).default ]; }
}:
pkgs.callPackage ./package.nix { }

13
configs/home-manager/foo-dogsquared/files/homepage/package.nix
View File

@ -1,7 +1,4 @@
{
buildHugoSite,
lib,
}:
{ buildHugoSite, lib, }:
buildHugoSite {
pname = "foodogsquared-hm-startpage";
@ -11,8 +8,12 @@ buildHugoSite {
vendorHash = "sha256-Mi61QK1yKWIneZ+i79fpJqP9ew5r5vnv7ptr9YGq0Uk=";
preBuild = ''
install -Dm0644 ${../tinted-theming/base16/bark-on-a-tree.yaml} ./data/foodogsquared-homepage/themes/_dark.yaml
install -Dm0644 ${../tinted-theming/base16/albino-bark-on-a-tree.yaml} ./data/foodogsquared-homepage/themes/_light.yaml
install -Dm0644 ${
../tinted-theming/base16/bark-on-a-tree.yaml
} ./data/foodogsquared-homepage/themes/_dark.yaml
install -Dm0644 ${
../tinted-theming/base16/albino-bark-on-a-tree.yaml
} ./data/foodogsquared-homepage/themes/_light.yaml
'';
meta = with lib; {

17
configs/home-manager/foo-dogsquared/files/homepage/shell.nix
View File

@ -1,14 +1,9 @@
{ pkgs ? import <nixpkgs> {
overlays = [ (import ../../../../../overlays).default ];
} }:
{ pkgs ?
import <nixpkgs> { overlays = [ (import ../../../../../overlays).default ]; }
}:
let
site = pkgs.callPackage ./package.nix { };
in
pkgs.mkShell {
let site = pkgs.callPackage ./package.nix { };
in pkgs.mkShell {
inputsFrom = [ site ];
packages = with pkgs; [
treefmt
npins
];
packages = with pkgs; [ treefmt npins ];
}

13
configs/home-manager/foo-dogsquared/modules/dotfiles.nix
View File

@ -7,10 +7,10 @@ let
projectsDir = config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR;
dotfiles = "${projectsDir}/packages/dotfiles";
dotfiles' = config.lib.file.mkOutOfStoreSymlink config.home.mutableFile."${dotfiles}".path;
dotfiles' = config.lib.file.mkOutOfStoreSymlink
config.home.mutableFile."${dotfiles}".path;
getDotfiles = path: "${dotfiles'}/${path}";
in
{
in {
options.users.foo-dogsquared.dotfiles.enable =
lib.mkEnableOption "custom outside dotfiles for other programs";
@ -21,9 +21,7 @@ in
type = "git";
};
home.sessionPath = [
"${config.home.mutableFile.${dotfiles}.path}/bin"
];
home.sessionPath = [ "${config.home.mutableFile.${dotfiles}.path}/bin" ];
}
(lib.mkIf (userCfg.programs.doom-emacs.enable) {
@ -59,7 +57,8 @@ in
})
(lib.mkIf config.programs.nushell.enable {
home.file."${config.xdg.dataHome}/nushell/vendor/autoload".source = getDotfiles "nu/autoload";
home.file."${config.xdg.dataHome}/nushell/vendor/autoload".source =
getDotfiles "nu/autoload";
})
]);
}

206
configs/home-manager/foo-dogsquared/modules/programs/browsers.nix
View File

@ -23,13 +23,14 @@ let
{ id = "palihjnakafgffnompkdfgbgdbcagbko"; } # UpdateSWH
{ id = "gphhapmejobijbbhgpjhcjognlahblep"; } # GNOME Shell integration
];
in
{
in {
options.users.foo-dogsquared.programs.browsers = {
firefox.enable = lib.mkEnableOption "foo-dogsquared's Firefox setup";
brave.enable = lib.mkEnableOption "foo-dogsquared's Brave setup";
google-chrome.enable = lib.mkEnableOption "foo-dogsquared's Google Chrome setup";
misc.enable = lib.mkEnableOption "foo-dogsquared's miscellaneous browsers setup";
google-chrome.enable =
lib.mkEnableOption "foo-dogsquared's Google Chrome setup";
misc.enable =
lib.mkEnableOption "foo-dogsquared's miscellaneous browsers setup";
plugins.firenvim.enable = lib.mkEnableOption "setting up Firenvim";
};
@ -39,10 +40,8 @@ in
(lib.mkIf cfg.brave.enable {
programs.brave = {
enable = true;
commandLineArgs = [
"--no-default-browser-check"
"--use-system-default-printer"
];
commandLineArgs =
[ "--no-default-browser-check" "--use-system-default-printer" ];
extensions = commonExtensions;
};
@ -63,71 +62,70 @@ in
programs.firefox = {
enable = true;
package = with pkgs; wrapFirefox firefox-unwrapped {
nativeMessagingHosts = with pkgs; [
bukubrow
tridactyl-native
] ++ lib.optional config.programs.mpv.enable pkgs.ff2mpv;
package = with pkgs;
wrapFirefox firefox-unwrapped {
nativeMessagingHosts = with pkgs;
[ bukubrow tridactyl-native ]
++ lib.optional config.programs.mpv.enable pkgs.ff2mpv;
extraPolicies = {
AppAutoUpdate = false;
DisableAppUpdate = true;
DisableMasterPasswordCreation = true;
DisablePocket = true;
DisableSetDesktopBackground = true;
DontCheckDefaultBrowser = true;
EnableTrackingProtection = true;
FirefoxHome = {
Highlights = false;
Pocket = false;
Snippets = false;
SponsporedPocket = false;
SponsporedTopSites = false;
extraPolicies = {
AppAutoUpdate = false;
DisableAppUpdate = true;
DisableMasterPasswordCreation = true;
DisablePocket = true;
DisableSetDesktopBackground = true;
DontCheckDefaultBrowser = true;
EnableTrackingProtection = true;
FirefoxHome = {
Highlights = false;
Pocket = false;
Snippets = false;
SponsporedPocket = false;
SponsporedTopSites = false;
};
NoDefaultBookmarks = true;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
SanitizeOnShutdown = { FormData = true; };
UseSystemPrintDialog = true;
};
NoDefaultBookmarks = true;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
SanitizeOnShutdown = {
FormData = true;
};
UseSystemPrintDialog = true;
};
};
profiles.personal = {
isDefault = true;
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
aw-watcher-web
bitwarden
browserpass
facebook-container
firefox-color
firefox-translations
firenvim
languagetool
multi-account-containers
privacy-badger
search-by-image
tampermonkey
tridactyl
ublock-origin
vimium
wayback-machine
] ++ (with pkgs.firefox-addons; [
get-rss-feed-url
google-container
microsoft-container
regretsreporter
simple-translate
sourcegraph-for-firefox
tineye-reverse-image-search
updateswh
zhongwen
open-access-helper
rsshub-radar
])
++ lib.optionals config.programs.mpv.enable (with pkgs.nur.repos.rycee.firefox-addons; [ ff2mpv ]);
extensions = with pkgs.nur.repos.rycee.firefox-addons;
[
aw-watcher-web
bitwarden
browserpass
facebook-container
firefox-color
firefox-translations
firenvim
languagetool
multi-account-containers
privacy-badger
search-by-image
tampermonkey
tridactyl
ublock-origin
vimium
wayback-machine
] ++ (with pkgs.firefox-addons; [
get-rss-feed-url
google-container
microsoft-container
regretsreporter
simple-translate
sourcegraph-for-firefox
tineye-reverse-image-search
updateswh
zhongwen
open-access-helper
rsshub-radar
]) ++ lib.optionals config.programs.mpv.enable
(with pkgs.nur.repos.rycee.firefox-addons; [ ff2mpv ]);
# Much of the settings are affected by the policies set in the
# package. See more information about them in
@ -140,7 +138,8 @@ in
"browser.search.widget.inNavBar" = true;
"browser.search.openintab" = true;
"browser.startup.homepage" =
lib.mkIf userCfg.programs.custom-homepage.enable "file://${config.xdg.dataHome}/foodogsquared/homepage";
lib.mkIf userCfg.programs.custom-homepage.enable
"file://${config.xdg.dataHome}/foodogsquared/homepage";
# Some privacy settings...
"privacy.donottrackheader.enabled" = true;
@ -162,22 +161,25 @@ in
search = {
default = "Brave";
force = true;
order = [
"Brave"
"Nix Packages"
"Google"
];
order = [ "Brave" "Nix Packages" "Google" ];
engines = {
"Brave" = {
urls = [{
template = "https://search.brave.com/search";
params = [
{ name = "type"; value = "search"; }
{ name = "q"; value = "{searchTerms}"; }
{
name = "type";
value = "search";
}
{
name = "q";
value = "{searchTerms}";
}
];
}];
icon = "${config.programs.brave.package}/share/icons/hicolor/64x64/apps/brave-browser.png";
icon =
"${config.programs.brave.package}/share/icons/hicolor/64x64/apps/brave-browser.png";
definedAliases = [ "@brave" "@b" ];
};
@ -185,12 +187,19 @@ in
urls = [{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
{
name = "type";
value = "packages";
}
{
name = "query";
value = "{searchTerms}";
}
];
}];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
icon =
"${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ];
};
@ -239,10 +248,8 @@ in
(lib.mkIf cfg.google-chrome.enable {
programs.google-chrome.enable = true;
programs.google-chrome.commandLineArgs = [
"--no-default-browser-check"
"--use-system-default-printer"
];
programs.google-chrome.commandLineArgs =
[ "--no-default-browser-check" "--use-system-default-printer" ];
services.bleachbit.cleaners = [
"google_chrome.cookies"
@ -257,30 +264,19 @@ in
})
# Goes with whatever you want to.
(lib.mkIf cfg.misc.enable {
home.packages = with pkgs; [
nyxt
];
})
(lib.mkIf cfg.misc.enable { home.packages = with pkgs; [ nyxt ]; })
(lib.mkIf cfg.plugins.firenvim.enable
(let
supportedBrowsers = [
"brave"
"chromium"
"google-chrome"
"vivaldi"
];
enableSupportedBrowser = acc: name: acc // {
programs.${name}.extensions = [
{ id = "egpjdkipkomnmjhjmdamaniclmdlobbo"; }
];
(lib.mkIf cfg.plugins.firenvim.enable (let
supportedBrowsers = [ "brave" "chromium" "google-chrome" "vivaldi" ];
enableSupportedBrowser = acc: name:
acc // {
programs.${name}.extensions =
[{ id = "egpjdkipkomnmjhjmdamaniclmdlobbo"; }];
};
in
lib.foldl' enableSupportedBrowser { } supportedBrowsers // {
programs.firefox.profiles.personal.extensions = with pkgs.nur.repos.rycee.firefox-addons; [
firenvim
];
}))
in lib.foldl' enableSupportedBrowser { } supportedBrowsers // {
programs.firefox.profiles.personal.extensions =
with pkgs.nur.repos.rycee.firefox-addons;
[ firenvim ];
}))
];
}

40
configs/home-manager/foo-dogsquared/modules/programs/custom-homepage.nix
View File

@ -6,8 +6,7 @@ let
settingsFormat = pkgs.formats.toml { };
themesSettingsFormat = pkgs.formats.yaml { };
in
{
in {
options.users.foo-dogsquared.programs.custom-homepage = {
enable = lib.mkEnableOption "addition of custom homepage";
@ -97,27 +96,26 @@ in
};
config = {
users.foo-dogsquared.programs.custom-homepage.finalPackage =
let
data = lib.mapAttrs (n: v:
settingsFormat.generate "fds-homepage-section-${n}" v) cfg.sections;
users.foo-dogsquared.programs.custom-homepage.finalPackage = let
data = lib.mapAttrs
(n: v: settingsFormat.generate "fds-homepage-section-${n}" v)
cfg.sections;
installDataDir = lib.foldlAttrs (acc: n: v: ''
${acc}
install -Dm0644 ${v} './data/foodogsquared-homepage/links/${n}.toml'
'') "" data;
installDataDir = lib.foldlAttrs (acc: n: v: ''
${acc}
install -Dm0644 ${v} './data/foodogsquared-homepage/links/${n}.toml'
'') "" data;
installThemes = lib.foldlAttrs (acc: n: v: ''
${acc}
install -Dm0644 ${v} './data/foodogsquared-homepage/themes/${n}}.yaml
'') "" cfg.themes;
in
cfg.package.overrideAttrs (prevAttrs: {
preBuild = (prevAttrs.preBuild or "") + ''
${installDataDir}
${installThemes}
'';
});
installThemes = lib.foldlAttrs (acc: n: v: ''
${acc}
install -Dm0644 ${v} './data/foodogsquared-homepage/themes/${n}}.yaml
'') "" cfg.themes;
in cfg.package.overrideAttrs (prevAttrs: {
preBuild = (prevAttrs.preBuild or "") + ''
${installDataDir}
${installThemes}
'';
});
xdg.dataFile."foodogsquared/homepage".source = cfg.finalPackage;
};

10
configs/home-manager/foo-dogsquared/modules/programs/dconf.nix
View File

@ -4,8 +4,7 @@ let
inherit (config.xdg) userDirs;
userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.dconf;
in
{
in {
options.users.foo-dogsquared.programs.dconf.enable =
lib.mkEnableOption "dconf configuration";
@ -13,10 +12,11 @@ in
dconf.settings = {
# My GNOME Shell and programs configuration.
"org/gnome/shell" = {
favorite-apps =
lib.optional userCfg.programs.browsers.firefox.enable "firefox.desktop"
favorite-apps = lib.optional userCfg.programs.browsers.firefox.enable
"firefox.desktop"
++ lib.optional userCfg.setups.desktop.enable "thunderbird.desktop"
++ lib.optional userCfg.setups.development.enable "org.wezfurlong.wezterm.desktop"
++ lib.optional userCfg.setups.development.enable
"org.wezfurlong.wezterm.desktop"
++ lib.optional userCfg.programs.doom-emacs.enable "emacs.desktop"
++ lib.optional userCfg.programs.vs-code.enable "code.desktop";
};

23
configs/home-manager/foo-dogsquared/modules/programs/doom-emacs.nix
View File

@ -9,8 +9,7 @@ let
cfg = userCfg.programs.doom-emacs;
doomEmacsInstallation = "${config.xdg.configHome}/emacs";
in
{
in {
options.users.foo-dogsquared.programs.doom-emacs.enable =
lib.mkEnableOption "foo-dogsquared's Doom Emacs configuration";
@ -18,12 +17,13 @@ in
programs.emacs = {
enable = true;
package = pkgs.emacs;
extraPackages = epkgs: with epkgs; [
org-noter-pdftools
org-pdftools
pdf-tools
vterm
];
extraPackages = epkgs:
with epkgs; [
org-noter-pdftools
org-pdftools
pdf-tools
vterm
];
};
# Automatically install Doom Emacs from here.
@ -58,16 +58,13 @@ in
# :lang org +roam2
texlive.combined.scheme-medium
sqlite
anystyle-cli
#anystyle-cli
];
programs.python = {
enable = true;
package = pkgs.python3;
modules = ps: with ps; [
jupyter
jupyter-book
];
modules = ps: with ps; [ jupyter jupyter-book ];
};
# Enable Emacs server for them quicknotes.

12
configs/home-manager/foo-dogsquared/modules/programs/email.nix
View File

@ -8,7 +8,8 @@ let
address = "${name}@${domain}";
userName = "${name}@${domain}";
realName = lib.mkDefault "${name}@${domain}";
passwordCommand = lib.mkDefault "gopass show email/${domain}/${name} | head -n 1";
passwordCommand =
lib.mkDefault "gopass show email/${domain}/${name} | head -n 1";
imap = {
host = "heracles.mxrouting.net";
@ -23,11 +24,11 @@ let
tls.enable = true;
};
};
in
{
in {
options.users.foo-dogsquared.programs.email = {
enable = lib.mkEnableOption "foo-dogsquared's email setup";
thunderbird.enable = lib.mkEnableOption "foo-dogsquared's Thunderbird configuration";
thunderbird.enable =
lib.mkEnableOption "foo-dogsquared's Thunderbird configuration";
};
config = lib.mkIf cfg.enable (lib.mkMerge [
@ -64,7 +65,8 @@ in
realName = config.accounts.email.accounts.personal.realName;
userName = "foo.dogsquared@gmail.com";
flavor = "gmail.com";
passwordCommand = "gopass show websites/accounts.google.com/foo.dogsquared | head -n 1";
passwordCommand =
"gopass show websites/accounts.google.com/foo.dogsquared | head -n 1";
};
};
}

164
configs/home-manager/foo-dogsquared/modules/programs/git.nix
View File

@ -3,106 +3,104 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.git;
in
{
in {
options.users.foo-dogsquared.programs.git = {
enable = lib.mkEnableOption "foo-dogsquared's Git setup";
instaweb.enable = lib.mkEnableOption "install additional files for instaweb setup";
instaweb.enable =
lib.mkEnableOption "install additional files for instaweb setup";
};
config = lib.mkIf cfg.enable (
lib.mkMerge [
{
home.packages = with pkgs; [
mergiraf # Merging giraffes are no small task.
tea # So you don't have to see some teas, I guess.
hut # So you don't have to see Sourcehut's brutalist design, I guess.
];
config = lib.mkIf cfg.enable (lib.mkMerge [
{
home.packages = with pkgs; [
mergiraf # Merging giraffes are no small task.
tea # So you don't have to see some teas, I guess.
hut # So you don't have to see Sourcehut's brutalist design, I guess.
];
# My Git credentials.
programs.git = {
enable = true;
package = pkgs.gitFull;
lfs.enable = true;
signing.key = "4AA9CDFF7C99DFF9";
extraConfig = {
core.excludesFile = builtins.toString ../../config/git/ignore;
# My Git credentials.
programs.git = {
enable = true;
package = pkgs.gitFull;
lfs.enable = true;
signing.key = "4AA9CDFF7C99DFF9";
extraConfig = {
core.excludesFile = builtins.toString ../../config/git/ignore;
user = {
name = config.accounts.email.accounts.personal.realName;
email = config.accounts.email.accounts.personal.address;
};
user = {
name = config.accounts.email.accounts.personal.realName;
email = config.accounts.email.accounts.personal.address;
};
alias = {
unstage = "reset HEAD --";
quick-rebase = "rebase --interactive --autostash --committer-date-is-author-date";
quick-clone = "clone --depth=1 --recurse-submodules --shallow-submodules";
};
alias = {
unstage = "reset HEAD --";
quick-rebase =
"rebase --interactive --autostash --committer-date-is-author-date";
quick-clone =
"clone --depth=1 --recurse-submodules --shallow-submodules";
};
init.defaultBranch = "main";
init.defaultBranch = "main";
# Shorthand for popular forges ala-Nix flake URL inputs. It's just a fun
# little part of the config.
url = {
"https://github.com/".insteadOf = [ "gh:" "github:" ];
"https://gitlab.com/".insteadOf = [ "gl:" "gitlab:" ];
"https://gitlab.gnome.org/".insteadOf = [ "gnome:" ];
"https://invent.kde.org/".insteadOf = [ "kde:" ];
"https://git.sr.ht/".insteadOf = [ "sh:" "sourcehut:" ];
"https://git.savannah.nongnu.org/git/".insteadOf = [ "sv:" "savannah:" ];
};
# Shorthand for popular forges ala-Nix flake URL inputs. It's just a fun
# little part of the config.
url = {
"https://github.com/".insteadOf = [ "gh:" "github:" ];
"https://gitlab.com/".insteadOf = [ "gl:" "gitlab:" ];
"https://gitlab.gnome.org/".insteadOf = [ "gnome:" ];
"https://invent.kde.org/".insteadOf = [ "kde:" ];
"https://git.sr.ht/".insteadOf = [ "sh:" "sourcehut:" ];
"https://git.savannah.nongnu.org/git/".insteadOf =
[ "sv:" "savannah:" ];
};
pull.rebase = "interactive";
pull.rebase = "interactive";
status = {
showPatch = true;
showStash = true;
};
status = {
showPatch = true;
showStash = true;
};
submodule.fetchJobs = 0;
submodule.fetchJobs = 0;
};
};
# So you don't have to use GitHub, I guess.
programs.gh = {
enable = true;
extensions = with pkgs; [ gh-eco gh-dash gh-actions-cache ];
settings = {
git_protocol = "ssh";
prompt = "enabled";
aliases = {
pc = "pr checkout";
pv = "pr view";
};
};
};
}
# So you don't have to use GitHub, I guess.
programs.gh = {
enable = true;
extensions = with pkgs; [
gh-eco
gh-dash
gh-actions-cache
];
(lib.mkIf cfg.instaweb.enable {
state.ports.git-instaweb.value = 15432;
settings = {
git_protocol = "ssh";
prompt = "enabled";
home.packages = with pkgs; [ lighttpd ];
aliases = {
pc = "pr checkout";
pv = "pr view";
};
};
};
}
programs.git.extraConfig.instaweb = {
local = true;
httpd = "lighttpd";
port = config.state.ports.git-instaweb.value;
};
(lib.mkIf cfg.instaweb.enable {
state.ports.git-instaweb.value = 15432;
home.packages = with pkgs; [
lighttpd
];
programs.git.extraConfig.instaweb = {
local = true;
httpd = "lighttpd";
port = config.state.ports.git-instaweb.value;
};
users.foo-dogsquared.programs.custom-homepage.sections.quicklinks.links =
lib.mkBefore (lib.singleton {
text = "Current git repo";
url = "http://localhost:${builtins.toString config.state.ports.git-instaweb.value}";
});
})
]);
users.foo-dogsquared.programs.custom-homepage.sections.quicklinks.links =
lib.mkBefore (lib.singleton {
text = "Current git repo";
url = "http://localhost:${
builtins.toString config.state.ports.git-instaweb.value
}";
});
})
]);
}

10
configs/home-manager/foo-dogsquared/modules/programs/hledger.nix
View File

@ -3,17 +3,11 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.hledger;
in
{
in {
options.users.foo-dogsquared.programs.hledger.enable =
lib.mkEnableOption "hledger setup";
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
hledger
hledger-ui
hledger-web
hledger-utils
];
home.packages = with pkgs; [ hledger hledger-ui hledger-web hledger-utils ];
};
}

3
configs/home-manager/foo-dogsquared/modules/programs/jujutsu.nix
View File

@ -3,8 +3,7 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.jujutsu;
in
{
in {
options.users.foo-dogsquared.programs.jujutsu.enable =
lib.mkEnableOption "foo-dogsquared's Jujutsu configuration";

3
configs/home-manager/foo-dogsquared/modules/programs/keys.nix
View File

@ -3,8 +3,7 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.keys;
in
{
in {
options.users.foo-dogsquared.programs.keys = {
ssh.enable = lib.mkEnableOption "foo-dogsquared's SSH config";
gpg.enable = lib.mkEnableOption "foo-dogsquared's GPG config";

809
configs/home-manager/foo-dogsquared/modules/programs/nixvim/colorschemes.nix
View File

@ -9,12 +9,12 @@ let
'';
sym = query: ''sym("${query}")'';
in
{
in {
colorscheme =
if config.bahaghari.tinted-theming.schemes?"bark-on-a-tree"
then (lib.mkForce "bark-on-a-tree")
else (lib.mkDefault "default");
if config.bahaghari.tinted-theming.schemes ? "bark-on-a-tree" then
(lib.mkForce "bark-on-a-tree")
else
(lib.mkDefault "default");
colorschemes.lush = {
enable = true;
@ -23,343 +23,526 @@ in
local hsl = lush.hsl
local hsluv = lush.hsluv
'';
themes =
lib.mapAttrs
(name: metadata: {
extraConfigLua = ''
${lib.foldlAttrs initLushBase16 "" metadata.palette}
themes = lib.mapAttrs (name: metadata: {
extraConfigLua = ''
${lib.foldlAttrs initLushBase16 "" metadata.palette}
-- Set the background.
vim.o.background = '${metadata.variant}'
-- Set the background.
vim.o.background = '${metadata.variant}'
vim.g.terminal_color_0 = base00.hex
vim.g.terminal_color_1 = base08.hex
vim.g.terminal_color_2 = base0B.hex
vim.g.terminal_color_3 = base0A.hex
vim.g.terminal_color_4 = base0D.hex
vim.g.terminal_color_5 = base0E.hex
vim.g.terminal_color_6 = base0C.hex
vim.g.terminal_color_7 = base05.hex
vim.g.terminal_color_8 = base03.hex
vim.g.terminal_color_9 = base08.hex
vim.g.terminal_color_10 = base0B.hex
vim.g.terminal_color_11 = base0A.hex
vim.g.terminal_color_12 = base0D.hex
vim.g.terminal_color_13 = base0E.hex
vim.g.terminal_color_14 = base0C.hex
vim.g.terminal_color_15 = base07.hex
vim.g.terminal_color_background = base00.hex
vim.g.terminal_color_foreground = base0E.hex
'';
vim.g.terminal_color_0 = base00.hex
vim.g.terminal_color_1 = base08.hex
vim.g.terminal_color_2 = base0B.hex
vim.g.terminal_color_3 = base0A.hex
vim.g.terminal_color_4 = base0D.hex
vim.g.terminal_color_5 = base0E.hex
vim.g.terminal_color_6 = base0C.hex
vim.g.terminal_color_7 = base05.hex
vim.g.terminal_color_8 = base03.hex
vim.g.terminal_color_9 = base08.hex
vim.g.terminal_color_10 = base0B.hex
vim.g.terminal_color_11 = base0A.hex
vim.g.terminal_color_12 = base0D.hex
vim.g.terminal_color_13 = base0E.hex
vim.g.terminal_color_14 = base0C.hex
vim.g.terminal_color_15 = base07.hex
vim.g.terminal_color_background = base00.hex
vim.g.terminal_color_foreground = base0E.hex
'';
highlights = lib.mkMerge [
rec {
Normal = { fg = mkRaw "base05"; bg = mkRaw "base00"; };
NormalFloat = {
fg = mkRaw "Normal.fg.saturate(15).lighten(5)";
bg = mkRaw "Normal.bg.saturate(15).lighten(5)";
};
Bold.gui = "bold";
Debug.fg = mkRaw "base08";
Directory.fg = mkRaw "base0D";
Error = { fg = mkRaw "base01"; bg = mkRaw "base08"; };
ErrorMsg.fg = mkRaw "base08";
Exception.fg = mkRaw "base08";
FoldColumn.fg = mkRaw "base03";
Folded = {
fg = mkRaw "base03";
bg = mkRaw "base01";
};
Italic.gui = "italic";
Macro.fg = mkRaw "base08";
ModeMsg.fg = mkRaw "base0B";
MoreMsg.fg = mkRaw "base0B";
Question.fg = mkRaw "base0D";
Search = {
fg = mkRaw "base00";
bg = mkRaw "base04";
};
IncSearch = {
fg = mkRaw "base00";
bg = mkRaw "base09";
};
Substitute = {
fg = mkRaw "base01";
bg = mkRaw "base0A";
};
highlights = lib.mkMerge [
rec {
Normal = {
fg = mkRaw "base05";
bg = mkRaw "base00";
};
NormalFloat = {
fg = mkRaw "Normal.fg.saturate(15).lighten(5)";
bg = mkRaw "Normal.bg.saturate(15).lighten(5)";
};
Bold.gui = "bold";
Debug.fg = mkRaw "base08";
Directory.fg = mkRaw "base0D";
Error = {
fg = mkRaw "base01";
bg = mkRaw "base08";
};
ErrorMsg.fg = mkRaw "base08";
Exception.fg = mkRaw "base08";
FoldColumn.fg = mkRaw "base03";
Folded = {
fg = mkRaw "base03";
bg = mkRaw "base01";
};
Italic.gui = "italic";
Macro.fg = mkRaw "base08";
ModeMsg.fg = mkRaw "base0B";
MoreMsg.fg = mkRaw "base0B";
Question.fg = mkRaw "base0D";
Search = {
fg = mkRaw "base00";
bg = mkRaw "base04";
};
IncSearch = {
fg = mkRaw "base00";
bg = mkRaw "base09";
};
Substitute = {
fg = mkRaw "base01";
bg = mkRaw "base0A";
};
TooLong.fg = mkRaw "base08";
Underlined = { fg = mkRaw "base08"; };
WarningMsg = { fg = mkRaw "base08"; };
WildMenu = { fg = mkRaw "base08"; bg = mkRaw "base0A"; };
Title.fg = mkRaw "base0D";
Conceal.fg = mkRaw "base0D";
Cursor = { fg = mkRaw "base00"; bg = mkRaw "base05"; };
NonText = { fg = mkRaw "base03"; };
LineNr = { fg = mkRaw "base02.lighten(25)"; bg = mkRaw "base00"; };
LineNrNC = { fg = mkRaw "base02.lighten(25)"; bg = mkRaw "base01"; };
SignColumn = { fg = mkRaw "base01.lighten(40)"; };
StatusLine = { fg = mkRaw "base02"; bg = mkRaw "base01.darken(60)"; };
StatusLineNC = { fg = mkRaw "base02"; bg = mkRaw "base01.darken(30)"; };
VertSplit = { fg = mkRaw "base02"; bg = mkRaw "base00"; };
ColorColumn = { fg = mkRaw "base01.lighten(25)"; bg = mkRaw "base01.darken(25)"; };
CursorLine = { bg = mkRaw "base01.saturate(-5).darken(15)"; };
CursorColumn = CursorLine;
CursorLineNr.fg = mkRaw "base0A";
Visual = {
fg = mkRaw "base03.lighten(15)";
bg = mkRaw "CursorColumn.bg.darken(15)";
};
VisualNOS = { fg = mkRaw "base08"; };
QuickFixLine = { bg = mkRaw "base00"; };
QFFileName = { fg = mkRaw "base0A"; };
QFLineNr = { fg = mkRaw "base04"; };
PMenu = { fg = mkRaw "base05"; bg = mkRaw "base01"; };
PMenuSel = { fg = mkRaw "base01"; bg = mkRaw "base05"; };
TabLineSel = { fg = mkRaw "base00"; bg = mkRaw "base0A"; };
TabLine = { fg = mkRaw "base03"; bg = mkRaw "base00.darken(15)"; };
TabLineFill = { fg = mkRaw "base03"; bg = mkRaw "base00.darken(25)"; };
EndOfBuffer = { fg = mkRaw "base01.lighten(20)"; bg = mkRaw "base01.darken(20)"; };
TooLong.fg = mkRaw "base08";
Underlined = { fg = mkRaw "base08"; };
WarningMsg = { fg = mkRaw "base08"; };
WildMenu = {
fg = mkRaw "base08";
bg = mkRaw "base0A";
};
Title.fg = mkRaw "base0D";
Conceal.fg = mkRaw "base0D";
Cursor = {
fg = mkRaw "base00";
bg = mkRaw "base05";
};
NonText = { fg = mkRaw "base03"; };
LineNr = {
fg = mkRaw "base02.lighten(25)";
bg = mkRaw "base00";
};
LineNrNC = {
fg = mkRaw "base02.lighten(25)";
bg = mkRaw "base01";
};
SignColumn = { fg = mkRaw "base01.lighten(40)"; };
StatusLine = {
fg = mkRaw "base02";
bg = mkRaw "base01.darken(60)";
};
StatusLineNC = {
fg = mkRaw "base02";
bg = mkRaw "base01.darken(30)";
};
VertSplit = {
fg = mkRaw "base02";
bg = mkRaw "base00";
};
ColorColumn = {
fg = mkRaw "base01.lighten(25)";
bg = mkRaw "base01.darken(25)";
};
CursorLine = { bg = mkRaw "base01.saturate(-5).darken(15)"; };
CursorColumn = CursorLine;
CursorLineNr.fg = mkRaw "base0A";
Visual = {
fg = mkRaw "base03.lighten(15)";
bg = mkRaw "CursorColumn.bg.darken(15)";
};
VisualNOS = { fg = mkRaw "base08"; };
QuickFixLine = { bg = mkRaw "base00"; };
QFFileName = { fg = mkRaw "base0A"; };
QFLineNr = { fg = mkRaw "base04"; };
PMenu = {
fg = mkRaw "base05";
bg = mkRaw "base01";
};
PMenuSel = {
fg = mkRaw "base01";
bg = mkRaw "base05";
};
TabLineSel = {
fg = mkRaw "base00";
bg = mkRaw "base0A";
};
TabLine = {
fg = mkRaw "base03";
bg = mkRaw "base00.darken(15)";
};
TabLineFill = {
fg = mkRaw "base03";
bg = mkRaw "base00.darken(25)";
};
EndOfBuffer = {
fg = mkRaw "base01.lighten(20)";
bg = mkRaw "base01.darken(20)";
};
# Standard syntax highlighting
Boolean = { fg = mkRaw "base09"; };
Character = { fg = mkRaw "base08"; };
Comment = { fg = mkRaw "base03"; gui = "italic"; };
Conditional = { fg = mkRaw "base0E"; };
Constant = { fg = mkRaw "base09"; };
Define = { fg = mkRaw "base0E"; };
Delimiter = { fg = mkRaw "base0F.lighten(10)"; };
Float = { fg = mkRaw "base09"; };
Function = { fg = mkRaw "base0D"; };
Identifier = { fg = mkRaw "base0A"; };
Include = { fg = mkRaw "base0D"; };
Keyword = { fg = mkRaw "base0E"; };
Label = { fg = mkRaw "base0A"; };
Number = { fg = mkRaw "base03"; };
Operator = { fg = mkRaw "base03"; };
PreProc = { fg = mkRaw "base0A"; };
Repeat = { fg = mkRaw "base0A"; };
Special = { fg = mkRaw "base0C"; };
SpecialChar = { fg = mkRaw "base0F.lighten(15).saturate(10)"; };
Statement = { fg = mkRaw "base08"; };
StorageClass = { fg = mkRaw "base0A"; };
String = { fg = mkRaw "base0B"; };
Structure = { fg = mkRaw "base0E"; };
Tag = { fg = mkRaw "base0A"; };
Todo = { fg = mkRaw "base0A"; bg = mkRaw "base01"; };
Type = { fg = mkRaw "base0A"; };
Typedef = { fg = mkRaw "base0A"; };
# Standard syntax highlighting
Boolean = { fg = mkRaw "base09"; };
Character = { fg = mkRaw "base08"; };
Comment = {
fg = mkRaw "base03";
gui = "italic";
};
Conditional = { fg = mkRaw "base0E"; };
Constant = { fg = mkRaw "base09"; };
Define = { fg = mkRaw "base0E"; };
Delimiter = { fg = mkRaw "base0F.lighten(10)"; };
Float = { fg = mkRaw "base09"; };
Function = { fg = mkRaw "base0D"; };
Identifier = { fg = mkRaw "base0A"; };
Include = { fg = mkRaw "base0D"; };
Keyword = { fg = mkRaw "base0E"; };
Label = { fg = mkRaw "base0A"; };
Number = { fg = mkRaw "base03"; };
Operator = { fg = mkRaw "base03"; };
PreProc = { fg = mkRaw "base0A"; };
Repeat = { fg = mkRaw "base0A"; };
Special = { fg = mkRaw "base0C"; };
SpecialChar = { fg = mkRaw "base0F.lighten(15).saturate(10)"; };
Statement = { fg = mkRaw "base08"; };
StorageClass = { fg = mkRaw "base0A"; };
String = { fg = mkRaw "base0B"; };
Structure = { fg = mkRaw "base0E"; };
Tag = { fg = mkRaw "base0A"; };
Todo = {
fg = mkRaw "base0A";
bg = mkRaw "base01";
};
Type = { fg = mkRaw "base0A"; };
Typedef = { fg = mkRaw "base0A"; };
# Help
HelpDoc = { fg = mkRaw "base05"; bg = mkRaw "base0D"; gui = "bold;italic"; };
HelpIgnore = { fg = mkRaw "base0B"; gui = "bold;italic"; };
# Help
HelpDoc = {
fg = mkRaw "base05";
bg = mkRaw "base0D";
gui = "bold;italic";
};
HelpIgnore = {
fg = mkRaw "base0B";
gui = "bold;italic";
};
# C highlighting
cOperator = { fg = mkRaw "base0C"; };
cPreCondit = { fg = mkRaw "base0E"; };
# C highlighting
cOperator = { fg = mkRaw "base0C"; };
cPreCondit = { fg = mkRaw "base0E"; };
# C# highlighting
csClass = { fg = mkRaw "base0A"; };
csAttribute = { fg = mkRaw "base0A"; };
csModifier = { fg = mkRaw "base0E"; };
csType = { fg = mkRaw "base08"; };
csUnspecifiedStatement = { fg = mkRaw "base0D"; };
csContextualStatement = { fg = mkRaw "base0E"; };
csNewDecleration = { fg = mkRaw "base08"; };
# C# highlighting
csClass = { fg = mkRaw "base0A"; };
csAttribute = { fg = mkRaw "base0A"; };
csModifier = { fg = mkRaw "base0E"; };
csType = { fg = mkRaw "base08"; };
csUnspecifiedStatement = { fg = mkRaw "base0D"; };
csContextualStatement = { fg = mkRaw "base0E"; };
csNewDecleration = { fg = mkRaw "base08"; };
# CSS highlighting
cssBraces = { fg = mkRaw "base05"; };
cssClassName = { fg = mkRaw "base0E"; };
cssColor = { fg = mkRaw "base0C"; };
# CSS highlighting
cssBraces = { fg = mkRaw "base05"; };
cssClassName = { fg = mkRaw "base0E"; };
cssColor = { fg = mkRaw "base0C"; };
# Diff highlighting
DiffAdd = { fg = mkRaw "base0B"; bg = mkRaw "base0B.darken(80)"; };
DiffAdded = { fg = mkRaw "base0B"; bg = mkRaw "base0B.darken(80)"; };
DiffNewFile = { fg = mkRaw "base0B"; bg = mkRaw "base0B.darken(80)"; };
# Diff highlighting
DiffAdd = {
fg = mkRaw "base0B";
bg = mkRaw "base0B.darken(80)";
};
DiffAdded = {
fg = mkRaw "base0B";
bg = mkRaw "base0B.darken(80)";
};
DiffNewFile = {
fg = mkRaw "base0B";
bg = mkRaw "base0B.darken(80)";
};
DiffDelete = { fg = mkRaw "base08"; bg = mkRaw "base08.darken(80)"; };
DiffRemoved = { fg = mkRaw "base08"; bg = mkRaw "base08.darken(80)"; };
DiffDelete = {
fg = mkRaw "base08";
bg = mkRaw "base08.darken(80)";
};
DiffRemoved = {
fg = mkRaw "base08";
bg = mkRaw "base08.darken(80)";
};
DiffChange = { fg = mkRaw "base03"; bg = mkRaw "base03.darken(60)"; };
DiffFile = { fg = mkRaw "base03"; bg = mkRaw "base03.darken(60)"; };
DiffLine = { fg = mkRaw "base03"; bg = mkRaw "base03.darken(60)"; };
DiffText = { fg = mkRaw "base03"; bg = mkRaw "base03.darken(60)"; };
DiffChange = {
fg = mkRaw "base03";
bg = mkRaw "base03.darken(60)";
};
DiffFile = {
fg = mkRaw "base03";
bg = mkRaw "base03.darken(60)";
};
DiffLine = {
fg = mkRaw "base03";
bg = mkRaw "base03.darken(60)";
};
DiffText = {
fg = mkRaw "base03";
bg = mkRaw "base03.darken(60)";
};
# Git highlighting
gitcommitOverflow = { fg = mkRaw "base08"; };
gitcommitSummary = { fg = mkRaw "base0B"; };
gitcommitComment = { fg = mkRaw "base03"; };
gitcommitUntracked = { fg = mkRaw "base03"; };
gitcommitDiscarded = { fg = mkRaw "base03"; };
gitcommitSelected = { fg = mkRaw "base03"; };
gitcommitHeader = { fg = mkRaw "base0E"; };
gitcommitSelectedType = { fg = mkRaw "base0D"; };
gitcommitUnmergedType = { fg = mkRaw "base0D"; };
gitcommitDiscardedType = { fg = mkRaw "base0D"; };
gitcommitBranch = { fg = mkRaw "base09"; gui = "bold"; };
gitcommitUntrackedFile = { fg = mkRaw "base0A"; };
gitcommitUnmergedFile = { fg = mkRaw "base08"; gui = "bold"; };
gitcommitDiscardedFile = { fg = mkRaw "base08"; gui = "bold"; };
gitcommitSelectedFile = { fg = mkRaw "base0B"; gui = "bold"; };
# Git highlighting
gitcommitOverflow = { fg = mkRaw "base08"; };
gitcommitSummary = { fg = mkRaw "base0B"; };
gitcommitComment = { fg = mkRaw "base03"; };
gitcommitUntracked = { fg = mkRaw "base03"; };
gitcommitDiscarded = { fg = mkRaw "base03"; };
gitcommitSelected = { fg = mkRaw "base03"; };
gitcommitHeader = { fg = mkRaw "base0E"; };
gitcommitSelectedType = { fg = mkRaw "base0D"; };
gitcommitUnmergedType = { fg = mkRaw "base0D"; };
gitcommitDiscardedType = { fg = mkRaw "base0D"; };
gitcommitBranch = {
fg = mkRaw "base09";
gui = "bold";
};
gitcommitUntrackedFile = { fg = mkRaw "base0A"; };
gitcommitUnmergedFile = {
fg = mkRaw "base08";
gui = "bold";
};
gitcommitDiscardedFile = {
fg = mkRaw "base08";
gui = "bold";
};
gitcommitSelectedFile = {
fg = mkRaw "base0B";
gui = "bold";
};
# HTML highlighting
htmlBold = { fg = mkRaw "base0A"; };
htmlItalic = { fg = mkRaw "base0E"; };
htmlEndTag = { fg = mkRaw "base05"; };
htmlTag = { fg = mkRaw "base05"; };
# HTML highlighting
htmlBold = { fg = mkRaw "base0A"; };
htmlItalic = { fg = mkRaw "base0E"; };
htmlEndTag = { fg = mkRaw "base05"; };
htmlTag = { fg = mkRaw "base05"; };
# JavaScript highlighting
javaScript = { fg = mkRaw "base05"; };
javaScriptBraces = { fg = mkRaw "base05"; };
javaScriptNumber = { fg = mkRaw "base09"; };
# JavaScript highlighting
javaScript = { fg = mkRaw "base05"; };
javaScriptBraces = { fg = mkRaw "base05"; };
javaScriptNumber = { fg = mkRaw "base09"; };
# pangloss/vim-javascript highlighting
jsOperator = { fg = mkRaw "base0D"; };
jsStatement = { fg = mkRaw "base0E"; };
jsReturn = { fg = mkRaw "base0E"; };
jsThis = { fg = mkRaw "base08"; };
jsClassDefinition = { fg = mkRaw "base0A"; };
jsFunction = { fg = mkRaw "base0E"; };
jsFuncName = { fg = mkRaw "base0D"; };
jsFuncCall = { fg = mkRaw "base0D"; };
jsClassFuncName = { fg = mkRaw "base0D"; };
jsClassMethodType = { fg = mkRaw "base0E"; };
jsRegexpString = { fg = mkRaw "base0C"; };
jsGlobalObjects = { fg = mkRaw "base0A"; };
jsGlobalNodeObjects = { fg = mkRaw "base0A"; };
jsExceptions = { fg = mkRaw "base0A"; };
jsBuiltins = { fg = mkRaw "base0A"; };
# pangloss/vim-javascript highlighting
jsOperator = { fg = mkRaw "base0D"; };
jsStatement = { fg = mkRaw "base0E"; };
jsReturn = { fg = mkRaw "base0E"; };
jsThis = { fg = mkRaw "base08"; };
jsClassDefinition = { fg = mkRaw "base0A"; };
jsFunction = { fg = mkRaw "base0E"; };
jsFuncName = { fg = mkRaw "base0D"; };
jsFuncCall = { fg = mkRaw "base0D"; };
jsClassFuncName = { fg = mkRaw "base0D"; };
jsClassMethodType = { fg = mkRaw "base0E"; };
jsRegexpString = { fg = mkRaw "base0C"; };
jsGlobalObjects = { fg = mkRaw "base0A"; };
jsGlobalNodeObjects = { fg = mkRaw "base0A"; };
jsExceptions = { fg = mkRaw "base0A"; };
jsBuiltins = { fg = mkRaw "base0A"; };
# Mail highlighting
mailQuoted1 = { fg = mkRaw "base0A"; };
mailQuoted2 = { fg = mkRaw "base0B"; };
mailQuoted3 = { fg = mkRaw "base0E"; };
mailQuoted4 = { fg = mkRaw "base0C"; };
mailQuoted5 = { fg = mkRaw "base0D"; };
mailQuoted6 = { fg = mkRaw "base0A"; };
mailURL = { fg = mkRaw "base0D"; };
mailEmail = { fg = mkRaw "base0D"; };
# Mail highlighting
mailQuoted1 = { fg = mkRaw "base0A"; };
mailQuoted2 = { fg = mkRaw "base0B"; };
mailQuoted3 = { fg = mkRaw "base0E"; };
mailQuoted4 = { fg = mkRaw "base0C"; };
mailQuoted5 = { fg = mkRaw "base0D"; };
mailQuoted6 = { fg = mkRaw "base0A"; };
mailURL = { fg = mkRaw "base0D"; };
mailEmail = { fg = mkRaw "base0D"; };
# Markdown highlighting
markdownh1 = { fg = mkRaw "base0D"; gui = "bold"; };
markdownh2 = { fg = mkRaw "base0D"; gui = "bold"; };
markdownh3 = { fg = mkRaw "base0D"; gui = "bold"; };
markdownh4 = { fg = mkRaw "base0D"; gui = "bold"; };
markdownh5 = { fg = mkRaw "base0D"; gui = "bold"; };
markdownh6 = { fg = mkRaw "base0A"; gui = "bold"; };
markdownRule = { fg = mkRaw "markdownh2.bg"; gui = "bold"; };
markdownItalic = { fg = mkRaw "base05"; gui = "italic"; };
markdownBold = { fg = mkRaw "base05"; gui = "bold"; };
markdownBoldItalic = { fg = mkRaw "base05"; gui = "bold;italic"; };
markdownCodeDelimiter = { fg = mkRaw "base0B"; gui = "bold"; };
markdownCode = { fg = mkRaw "base07"; bg = mkRaw "base00"; };
markdownCodeBlock = { fg = mkRaw "base0B"; };
markdownFootnoteDefinition = { fg = mkRaw "base05"; gui = "italic"; };
markdownListMarker = { fg = mkRaw "base05"; gui = "bold"; };
markdownLineBreak = { fg = mkRaw "base08"; gui = "underline"; };
markdownError = { fg = mkRaw "base05"; bg = mkRaw "base00"; };
markdownHeadingDelimiter = { fg = mkRaw "base0D"; };
markdownUrl = { fg = mkRaw "base09"; };
markdownFootnote = { fg = mkRaw "base0E"; gui = "italic"; };
markdownBlockquote = { fg = mkRaw "base0C"; gui = "bold"; };
markdownLinkText = { fg = mkRaw "base08"; gui = "italic"; };
# Markdown highlighting
markdownh1 = {
fg = mkRaw "base0D";
gui = "bold";
};
markdownh2 = {
fg = mkRaw "base0D";
gui = "bold";
};
markdownh3 = {
fg = mkRaw "base0D";
gui = "bold";
};
markdownh4 = {
fg = mkRaw "base0D";
gui = "bold";
};
markdownh5 = {
fg = mkRaw "base0D";
gui = "bold";
};
markdownh6 = {
fg = mkRaw "base0A";
gui = "bold";
};
markdownRule = {
fg = mkRaw "markdownh2.bg";
gui = "bold";
};
markdownItalic = {
fg = mkRaw "base05";
gui = "italic";
};
markdownBold = {
fg = mkRaw "base05";
gui = "bold";
};
markdownBoldItalic = {
fg = mkRaw "base05";
gui = "bold;italic";
};
markdownCodeDelimiter = {
fg = mkRaw "base0B";
gui = "bold";
};
markdownCode = {
fg = mkRaw "base07";
bg = mkRaw "base00";
};
markdownCodeBlock = { fg = mkRaw "base0B"; };
markdownFootnoteDefinition = {
fg = mkRaw "base05";
gui = "italic";
};
markdownListMarker = {
fg = mkRaw "base05";
gui = "bold";
};
markdownLineBreak = {
fg = mkRaw "base08";
gui = "underline";
};
markdownError = {
fg = mkRaw "base05";
bg = mkRaw "base00";
};
markdownHeadingDelimiter = { fg = mkRaw "base0D"; };
markdownUrl = { fg = mkRaw "base09"; };
markdownFootnote = {
fg = mkRaw "base0E";
gui = "italic";
};
markdownBlockquote = {
fg = mkRaw "base0C";
gui = "bold";
};
markdownLinkText = {
fg = mkRaw "base08";
gui = "italic";
};
# PHP highlighting
phpMemberSelector = { fg = mkRaw "base05"; };
phpComparison = { fg = mkRaw "base05"; };
phpParent = { fg = mkRaw "base05"; };
phpMethodsVar = { fg = mkRaw "base0C"; };
# PHP highlighting
phpMemberSelector = { fg = mkRaw "base05"; };
phpComparison = { fg = mkRaw "base05"; };
phpParent = { fg = mkRaw "base05"; };
phpMethodsVar = { fg = mkRaw "base0C"; };
# Python highlighting
pythonOperator = { fg = mkRaw "base0E"; };
pythonRepeat = { fg = mkRaw "base0E"; };
pythonInclude = { fg = mkRaw "base0E"; };
pythonStatement = { fg = mkRaw "base0E"; };
# Python highlighting
pythonOperator = { fg = mkRaw "base0E"; };
pythonRepeat = { fg = mkRaw "base0E"; };
pythonInclude = { fg = mkRaw "base0E"; };
pythonStatement = { fg = mkRaw "base0E"; };
# Ruby highlighting
rubyAttribute = { fg = mkRaw "base0D"; };
rubyConstant = { fg = mkRaw "base0A"; };
rubyInterpolationDelimiter = { fg = mkRaw "base0F"; };
rubyRegexp = { fg = mkRaw "base0C"; };
rubySymbol = { fg = mkRaw "base0B"; };
rubyStringDelimiter = { fg = mkRaw "base0B"; };
# Ruby highlighting
rubyAttribute = { fg = mkRaw "base0D"; };
rubyConstant = { fg = mkRaw "base0A"; };
rubyInterpolationDelimiter = { fg = mkRaw "base0F"; };
rubyRegexp = { fg = mkRaw "base0C"; };
rubySymbol = { fg = mkRaw "base0B"; };
rubyStringDelimiter = { fg = mkRaw "base0B"; };
# SASS highlighting
sassidChar = { fg = mkRaw "base08"; };
sassClassChar = { fg = mkRaw "base09"; };
sassInclude = { fg = mkRaw "base0E"; };
sassMixing = { fg = mkRaw "base0E"; };
sassMixinName = { fg = mkRaw "base0D"; };
# SASS highlighting
sassidChar = { fg = mkRaw "base08"; };
sassClassChar = { fg = mkRaw "base09"; };
sassInclude = { fg = mkRaw "base0E"; };
sassMixing = { fg = mkRaw "base0E"; };
sassMixinName = { fg = mkRaw "base0D"; };
# Spelling highlighting
SpellBad = { gui = "undercurl"; };
SpellCap = { gui = "undercurl"; };
SpellRare = { gui = "undercurl"; };
# Spelling highlighting
SpellBad = { gui = "undercurl"; };
SpellCap = { gui = "undercurl"; };
SpellRare = { gui = "undercurl"; };
# Java highlighting
javaOperator = { fg = mkRaw "base0D"; };
# Java highlighting
javaOperator = { fg = mkRaw "base0D"; };
# XML highlighting
xmlTagName = { fg = mkRaw "base0D"; };
xmlCdatastart = { fg = mkRaw "base0A"; };
xmlEndTag = { fg = mkRaw "xmlTagName.bg"; };
xmlCdataCdata = { fg = mkRaw "xmlCdatastart.bg"; };
# XML highlighting
xmlTagName = { fg = mkRaw "base0D"; };
xmlCdatastart = { fg = mkRaw "base0A"; };
xmlEndTag = { fg = mkRaw "xmlTagName.bg"; };
xmlCdataCdata = { fg = mkRaw "xmlCdatastart.bg"; };
# MatchParen
MatchParen = { fg = mkRaw "base07"; bg = mkRaw "base08"; };
# MatchParen
MatchParen = {
fg = mkRaw "base07";
bg = mkRaw "base08";
};
# CodeQL
CodeqlAstFocus = { fg = mkRaw "base00"; bg = mkRaw "base03"; };
# CodeQL
CodeqlAstFocus = {
fg = mkRaw "base00";
bg = mkRaw "base03";
};
# Diff highlighting
GitSignsAdd = { fg = mkRaw "base0B"; };
GitSignsDelete = { fg = mkRaw "base08"; };
GitSignsChange = { fg = mkRaw "base03"; };
}
# Diff highlighting
GitSignsAdd = { fg = mkRaw "base0B"; };
GitSignsDelete = { fg = mkRaw "base08"; };
GitSignsChange = { fg = mkRaw "base03"; };
}
(lib.mkIf config.plugins.telescope.enable {
TelescopeNormal = { fg = mkRaw "base05"; bg = mkRaw "base01"; };
TelescopeBorder = { fg = mkRaw "base00"; bg = mkRaw "base01"; };
TelescopePromptPrefix = { fg = mkRaw "base0A"; bg = mkRaw "base01"; };
TelescopeMatching = { fg = mkRaw "base0D"; bg = mkRaw "base01"; };
TelescopeSelection = { fg = mkRaw "base0A"; bg = mkRaw "base01"; };
TelescopeSelectionCaret = { fg = mkRaw "base0A"; bg = mkRaw "base01"; };
})
# See `rb-delimiters-colors` help section for more details.
(lib.mkIf config.plugins.rainbow-delimiters.enable {
RainbowDelimiterRed = { fg = mkRaw "base09"; };
RainbowDelimiterYellow = { fg = mkRaw "base0A"; };
RainbowDelimiterBlue = { fg = mkRaw "base0B"; };
RainbowDelimiterOrange = { fg = mkRaw "base0C"; };
RainbowDelimiterGreen = { fg = mkRaw "base0D"; };
RainbowDelimiterViolet = { fg = mkRaw "base0E"; };
RainbowDelimiterCyan = { fg = mkRaw "base0F"; };
})
# See `lsp-highlight` help section for more details.
(lib.mkIf config.plugins.lsp.enable {
LspDiagnosticsDefaultError = { fg = mkRaw "base08"; };
LspDiagnosticsDefaultWarning = { fg = mkRaw "base09"; };
LspDiagnosticsDefaultHint = { fg = mkRaw "base0A"; };
LspDiagnosticsDefaultInformation = { fg = mkRaw "base0B"; };
})
# See `treesitter-highlight-groups` help section for more details.
(lib.mkIf config.plugins.treesitter.enable {
${sym "@variable"} = helpers.listToUnkeyedAttrs [ (mkRaw "Normal") ];
${sym "@tag.delimiter"} = { fg = mkRaw "base0A"; };
${sym "@text.emphasis"} = helpers.listToUnkeyedAttrs [ (mkRaw "Italic") ];
${sym "@text.underline"} = helpers.listToUnkeyedAttrs [ (mkRaw "Underlined") ];
${sym "@text.strike"} = { gui = "strikethrough"; };
${sym "@text.uri"} = { fg = mkRaw "base0C"; };
})
(lib.mkIf config.plugins.indent-blankline.enable {
IblScope = { fg = mkRaw "base0C"; gui = "bold"; } ;
})
];
(lib.mkIf config.plugins.telescope.enable {
TelescopeNormal = {
fg = mkRaw "base05";
bg = mkRaw "base01";
};
TelescopeBorder = {
fg = mkRaw "base00";
bg = mkRaw "base01";
};
TelescopePromptPrefix = {
fg = mkRaw "base0A";
bg = mkRaw "base01";
};
TelescopeMatching = {
fg = mkRaw "base0D";
bg = mkRaw "base01";
};
TelescopeSelection = {
fg = mkRaw "base0A";
bg = mkRaw "base01";
};
TelescopeSelectionCaret = {
fg = mkRaw "base0A";
bg = mkRaw "base01";
};
})
config.bahaghari.tinted-theming.schemes;
# See `rb-delimiters-colors` help section for more details.
(lib.mkIf config.plugins.rainbow-delimiters.enable {
RainbowDelimiterRed = { fg = mkRaw "base09"; };
RainbowDelimiterYellow = { fg = mkRaw "base0A"; };
RainbowDelimiterBlue = { fg = mkRaw "base0B"; };
RainbowDelimiterOrange = { fg = mkRaw "base0C"; };
RainbowDelimiterGreen = { fg = mkRaw "base0D"; };
RainbowDelimiterViolet = { fg = mkRaw "base0E"; };
RainbowDelimiterCyan = { fg = mkRaw "base0F"; };
})
# See `lsp-highlight` help section for more details.
(lib.mkIf config.plugins.lsp.enable {
LspDiagnosticsDefaultError = { fg = mkRaw "base08"; };
LspDiagnosticsDefaultWarning = { fg = mkRaw "base09"; };
LspDiagnosticsDefaultHint = { fg = mkRaw "base0A"; };
LspDiagnosticsDefaultInformation = { fg = mkRaw "base0B"; };
})
# See `treesitter-highlight-groups` help section for more details.
(lib.mkIf config.plugins.treesitter.enable {
${sym "@variable"} = helpers.listToUnkeyedAttrs [ (mkRaw "Normal") ];
${sym "@tag.delimiter"} = { fg = mkRaw "base0A"; };
${sym "@text.emphasis"} =
helpers.listToUnkeyedAttrs [ (mkRaw "Italic") ];
${sym "@text.underline"} =
helpers.listToUnkeyedAttrs [ (mkRaw "Underlined") ];
${sym "@text.strike"} = { gui = "strikethrough"; };
${sym "@text.uri"} = { fg = mkRaw "base0C"; };
})
(lib.mkIf config.plugins.indent-blankline.enable {
IblScope = {
fg = mkRaw "base0C";
gui = "bold";
};
})
];
}) config.bahaghari.tinted-theming.schemes;
};
}

4
configs/home-manager/foo-dogsquared/modules/programs/nixvim/dap.nix
View File

@ -11,9 +11,7 @@
args = [ "-i" "dap" ];
};
lldb = {
command = "lldb-dap";
};
lldb = { command = "lldb-dap"; };
dart = {
command = "dart";

28
configs/home-manager/foo-dogsquared/modules/programs/nixvim/default.nix
View File

@ -14,8 +14,7 @@ let
module.imports = firstSetupArgs.baseNixvimModules ++ [ module ];
extraSpecialArgs.hmConfig = config;
};
in
{
in {
options.users.foo-dogsquared.programs.nixvim.enable =
lib.mkEnableOption "NixVim setup";
@ -29,22 +28,21 @@ in
wrapper-manager.packages.neovim-flavors = {
wrappers.nvim-fiesta.arg0 = let
nvimPkg = createNixvimFlavor {
imports =
[
./colorschemes.nix
./fuzzy-finding.nix
./misc.nix
./note-taking.nix
]
++ lib.optionals userCfg.setups.development.enable [
./dev.nix
./lsp.nix
./dap.nix
];
imports = [
./colorschemes.nix
./fuzzy-finding.nix
./misc.nix
./note-taking.nix
] ++ lib.optionals userCfg.setups.development.enable [
./dev.nix
./lsp.nix
./dap.nix
];
config = {
# Inherit all of the schemes.
bahaghari.tinted-theming.schemes = hmCfg.bahaghari.tinted-theming.schemes;
bahaghari.tinted-theming.schemes =
hmCfg.bahaghari.tinted-theming.schemes;
};
};
in lib.getExe' nvimPkg "nvim";

16
configs/home-manager/foo-dogsquared/modules/programs/nixvim/dev.nix
View File

@ -22,7 +22,8 @@
# Give language "support" through tree-sitter.
plugins.treesitter.grammarPackages =
with config.plugins.treesitter.package.builtGrammars; [
with config.plugins.treesitter.package.builtGrammars;
[
agda
arduino
astro
@ -54,6 +55,7 @@
kotlin
make
nickel
nix
perl
ruby
rust
@ -64,15 +66,7 @@
wgsl
wgsl_bevy
zig
]
++ (with pkgs.tree-sitter-grammars; [
tree-sitter-elisp
tree-sitter-nu
]);
] ++ (with pkgs.tree-sitter-grammars; [ tree-sitter-elisp tree-sitter-nu ]);
extraPlugins = with pkgs.vimPlugins; [
vim-nickel
vim-nix
zig-vim
];
extraPlugins = with pkgs.vimPlugins; [ vim-nickel vim-nix zig-vim ];
}

14
configs/home-manager/foo-dogsquared/modules/programs/nixvim/fuzzy-finding.nix
View File

@ -3,8 +3,7 @@
let
inherit (hmConfig.xdg) userDirs;
telescopeExtensions = config.plugins.telescope.extensions;
in
{
in {
plugins.telescope.extensions.frecency = {
enable = true;
settings = {
@ -18,15 +17,14 @@ in
};
};
plugins.telescope.extensions.live-grep-args = {
enable = true;
};
plugins.telescope.extensions.live-grep-args = { enable = true; };
keymaps =
lib.optionals telescopeExtensions.live-grep-args.enable (lib.singleton {
keymaps = lib.optionals telescopeExtensions.live-grep-args.enable
(lib.singleton {
mode = "n";
key = "<leader>fG";
options.desc = "Live grep (with args) for the whole project";
action = helpers.mkRaw "require('telescope').extensions.live_grep_args.live_grep_args";
action = helpers.mkRaw
"require('telescope').extensions.live_grep_args.live_grep_args";
});
}

2
configs/home-manager/foo-dogsquared/modules/programs/nixvim/lsp.nix
View File

@ -17,7 +17,7 @@
# For HTML.
html = {
enable = true;
enable = true;
autostart = false;
};

18
configs/home-manager/foo-dogsquared/modules/programs/nixvim/misc.nix
View File

@ -1,16 +1,12 @@
{ config, lib, pkgs, hmConfig, ... }:
let
userConfig = hmConfig.users.foo-dogsquared;
in
{
extraPlugins = builtins.map
(path:
pkgs.runCommand "vim-plugin-bare" { } ''
mkdir -p "$out"
cp -r ${path}/* "$out"
'')
(with pkgs; [
let userConfig = hmConfig.users.foo-dogsquared;
in {
extraPlugins = builtins.map (path:
pkgs.runCommand "vim-plugin-bare" { } ''
mkdir -p "$out"
cp -r ${path}/* "$out"
'') (with pkgs; [
"${decker}/share/vim-plugins/decker"
"${fzf}/share/vim-plugins/fzf"
]);

21
configs/home-manager/foo-dogsquared/modules/programs/nushell.nix
View File

@ -5,8 +5,7 @@ let
cfg = userCfg.programs.nushell;
nushellAutoloadScriptDir = "${config.xdg.dataHome}/nushell/vendor/autoload";
in
{
in {
options.users.foo-dogsquared.programs.nushell.enable =
lib.mkEnableOption "Nushell setup";
@ -20,7 +19,6 @@ in
skim
polars
units
net
formats
highlight
];
@ -35,11 +33,10 @@ in
}
}
'';
environmentVariables.NU_LIB_DIRS =
lib.concatStringsSep ":" [
"${config.xdg.cacheHome}/nushell/modules"
"${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}/nushell"
];
environmentVariables.NU_LIB_DIRS = lib.concatStringsSep ":" [
"${config.xdg.cacheHome}/nushell/modules"
"${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}/nushell"
];
};
}
@ -76,9 +73,11 @@ in
}
match $spans.0 {
${lib.optionalString config.programs.zoxide.enable ''
__zoxide_z | __zoxide_zi => $zoxide_completer
''}
${
lib.optionalString config.programs.zoxide.enable ''
__zoxide_z | __zoxide_zi => $zoxide_completer
''
}
_ => $carapace_completer
} | do $in $spans
}

22
configs/home-manager/foo-dogsquared/modules/programs/shell.nix
View File

@ -4,10 +4,9 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.shell;
in
{
options.users.foo-dogsquared.programs.shell.enable =
lib.mkEnableOption "configuration of foo-dogsquared's shell of choice and its toolbelt";
in {
options.users.foo-dogsquared.programs.shell.enable = lib.mkEnableOption
"configuration of foo-dogsquared's shell of choice and its toolbelt";
config = lib.mkIf cfg.enable {
suites.dev.shell.enable = lib.mkDefault true;
@ -15,21 +14,12 @@ in
programs.bash = {
enable = true;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyIgnore = [
"cd"
"exit"
"lf"
"ls"
"nvim"
];
historyIgnore = [ "cd" "exit" "lf" "ls" "nvim" ];
};
# Additional formatting thingies for your fuzzy finder.
programs.fzf.defaultOptions = [
"--height=40%"
"--bind=ctrl-z:ignore"
"--reverse"
];
programs.fzf.defaultOptions =
[ "--height=40%" "--bind=ctrl-z:ignore" "--reverse" ];
# Compile all of the completions.
programs.carapace.enable = true;

63
configs/home-manager/foo-dogsquared/modules/programs/terminal-emulator.nix
View File

@ -10,8 +10,7 @@ let
'';
hasNixosModuleEnable = attrs.nixosConfig.programs.wezterm.enable or false;
in
{
in {
options.users.foo-dogsquared.programs.terminal-emulator.enable =
lib.mkEnableOption "foo-dogsquared's terminal emulator setup";
@ -19,39 +18,33 @@ in
{
# We're just making a version of Wezterm with the default arguments if
# the user has them.
home.packages =
let
inherit (pkgs) wezterm hiPrio;
weztermUserDefaultDesktop = pkgs.makeDesktopItem {
name = "org.wezfurlong.wezterm";
desktopName = "WezTerm (user)";
comment = "Wez's Terminal Emulator";
keywords = [ "shell" "prompt" "command" "commandline" "cmd" ];
icon = "org.wezfurlong.wezterm";
startupWMClass = "org.wezfurlong.wezterm";
tryExec = "wezterm";
exec = "wezterm";
type = "Application";
categories = [ "System" "TerminalEmulator" "Utility" ];
};
weztermTypicalDesktop = pkgs.makeDesktopItem {
name = "wezterm-start";
desktopName = "WezTerm";
comment = "Wez's Terminal Emulator";
keywords = [ "shell" "prompt" "command" "commandline" "cmd" ];
icon = "org.wezfurlong.wezterm";
startupWMClass = "org.wezfurlong.wezterm";
tryExec = "wezterm";
exec = "wezterm start --cwd .";
type = "Application";
categories = [ "System" "TerminalEmulator" "Utility" ];
};
in
[
wezterm
(hiPrio weztermUserDefaultDesktop)
weztermTypicalDesktop
];
home.packages = let
inherit (pkgs) wezterm hiPrio;
weztermUserDefaultDesktop = pkgs.makeDesktopItem {
name = "org.wezfurlong.wezterm";
desktopName = "WezTerm (user)";
comment = "Wez's Terminal Emulator";
keywords = [ "shell" "prompt" "command" "commandline" "cmd" ];
icon = "org.wezfurlong.wezterm";
startupWMClass = "org.wezfurlong.wezterm";
tryExec = "wezterm";
exec = "wezterm";
type = "Application";
categories = [ "System" "TerminalEmulator" "Utility" ];
};
weztermTypicalDesktop = pkgs.makeDesktopItem {
name = "wezterm-start";
desktopName = "WezTerm";
comment = "Wez's Terminal Emulator";
keywords = [ "shell" "prompt" "command" "commandline" "cmd" ];
icon = "org.wezfurlong.wezterm";
startupWMClass = "org.wezfurlong.wezterm";
tryExec = "wezterm";
exec = "wezterm start --cwd .";
type = "Application";
categories = [ "System" "TerminalEmulator" "Utility" ];
};
in [ wezterm (hiPrio weztermUserDefaultDesktop) weztermTypicalDesktop ];
}
(lib.mkIf (!hasNixosModuleEnable) {

3
configs/home-manager/foo-dogsquared/modules/programs/terminal-multiplexer.nix
View File

@ -3,8 +3,7 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.terminal-multiplexer;
in
{
in {
options.users.foo-dogsquared.programs.terminal-multiplexer.enable =
lib.mkEnableOption "foo-dogsquared's terminal multiplexer setup";

50
configs/home-manager/foo-dogsquared/modules/programs/vs-code.nix
View File

@ -3,42 +3,38 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.programs.vs-code;
in
{
in {
options.users.foo-dogsquared.programs.vs-code.enable =
lib.mkEnableOption "foo-dogsquared's Visual Studio Code setup";
config = lib.mkIf cfg.enable {
suites.editors.vscode.enable = true;
programs.vscode = {
extensions = with pkgs.vscode-extensions; [
# Additional language support.
bbenoist.nix
graphql.vscode-graphql
ms-python.python
ms-azuretools.vscode-docker
ms-vscode.cmake-tools
ms-vscode.cpptools
ms-vscode.powershell
extensions = with pkgs.vscode-extensions;
[
# Additional language support.
bbenoist.nix
graphql.vscode-graphql
ms-python.python
ms-azuretools.vscode-docker
ms-vscode.cmake-tools
ms-vscode.cpptools
ms-vscode.powershell
# Extra editor niceties.
eamodio.gitlens
mkhl.direnv
usernamehw.errorlens
vadimcn.vscode-lldb
# Extra editor niceties.
eamodio.gitlens
mkhl.direnv
usernamehw.errorlens
vadimcn.vscode-lldb
# The other niceties.
editorconfig.editorconfig
alefragnani.project-manager
fill-labs.dependi
]
++ lib.optionals userCfg.programs.browsers.firefox.enable [
firefox-devtools.vscode-firefox-debug
];
# The other niceties.
editorconfig.editorconfig
alefragnani.project-manager
fill-labs.dependi
] ++ lib.optionals userCfg.programs.browsers.firefox.enable
[ firefox-devtools.vscode-firefox-debug ];
userSettings = {
"extensions.ignoreRecommendations" = true;
};
userSettings = { "extensions.ignoreRecommendations" = true; };
};
# We're using Visual Studio Code as a git difftool and mergetool which is

43
configs/home-manager/foo-dogsquared/modules/services/archivebox/default.nix
View File

@ -47,8 +47,7 @@ let
};
};
};
in
{
in {
options.users.foo-dogsquared.services.archivebox = {
enable = lib.mkEnableOption "ArchiveBox web UI server (through Podman)";
@ -97,24 +96,28 @@ in
};
services.podman.containers = lib.mkMerge [
(lib.mapAttrs' (name: value: lib.nameValuePair (jobUnitName name) {
image = "docker.io/archivebox/archivebox:latest";
description = "ArchiveBox job '${name}'";
volumes = [ "${archiveboxDir}:/data" ];
autoUpdate = "registry";
exec = ''echo "${lib.concatStringsSep "\n" value.links}" | archivebox add ${lib.concatStringsSep " " value.extraArgs}'';
environmentFile = config.services.podman.containers.archivebox-webui.environmentFile;
environment = config.services.podman.containers.archivebox-webui.environment;
}) cfg.jobs)
(lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
image = "docker.io/archivebox/archivebox:latest";
description = "ArchiveBox job '${name}'";
volumes = [ "${archiveboxDir}:/data" ];
autoUpdate = "registry";
exec = ''
echo "${lib.concatStringsSep "\n" value.links}" | archivebox add ${
lib.concatStringsSep " " value.extraArgs
}'';
environmentFile =
config.services.podman.containers.archivebox-webui.environmentFile;
environment =
config.services.podman.containers.archivebox-webui.environment;
}) cfg.jobs)
{
archivebox-webui = {
image = "docker.io/archivebox/archivebox:latest";
description = "ArchiveBox web server";
ports = [ "${port}:${port}" ];
volumes = [
"${archiveboxDir}:/data"
];
volumes = [ "${archiveboxDir}:/data" ];
autoUpdate = "registry";
exec = "archivebox server ${url}";
environmentFile = [ "${config.sops.secrets."archivebox/env".path}" ];
@ -135,8 +138,7 @@ in
archivebox-sonic-search = {
image = "docker.io/archivebox/sonic:latest";
description = "Sonic search instance for ArchiveBox";
ports = let
port = builtins.toString config.state.ports.sonic.value;
ports = let port = builtins.toString config.state.ports.sonic.value;
in [ "${port}:${port}" ];
environmentFile = [ "${config.sops.secrets."sonic/env".path}" ];
volumes = [
@ -148,9 +150,10 @@ in
}
];
users.foo-dogsquared.programs.custom-homepage.sections.services.links = lib.singleton {
url = "${url}/public";
text = "Link archive";
};
users.foo-dogsquared.programs.custom-homepage.sections.services.links =
lib.singleton {
url = "${url}/public";
text = "Link archive";
};
};
}

134
configs/home-manager/foo-dogsquared/modules/services/backup/default.nix
View File

@ -5,73 +5,66 @@ let
cfg = userCfg.services.backup;
pathPrefix = "borg-backup";
getPath = path:
config.sops.secrets."${pathPrefix}/${path}".path;
getPath = path: config.sops.secrets."${pathPrefix}/${path}".path;
isFilesystemSet = setupName:
attrs.nixosConfig.suites.filesystem.setups.${setupName}.enable or false;
hetznerBoxesUser = "u332477";
hetznerBoxesServer = "${hetznerBoxesUser}.your-storagebox.de";
borgmaticCommonConfig = module: lib.mkMerge [
module
borgmaticCommonConfig = module:
lib.mkMerge [
module
{
archive_name_format = lib.mkDefault "{fqdn}-home-manager-personal-{now}";
patterns = lib.mkBefore [
"R ${config.home.homeDirectory}"
"! ${config.xdg.dataHome}"
"! ${config.xdg.cacheHome}"
"- ${config.xdg.configHome}"
"- ${config.xdg.userDirs.download}"
"+ ${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}"
"+ ${config.xdg.userDirs.documents}"
"+ ${config.xdg.userDirs.music}"
"+ ${config.xdg.userDirs.pictures}"
"+ ${config.xdg.userDirs.templates}"
"+ ${config.xdg.userDirs.videos}"
"+ ${config.home.homeDirectory}/.thunderbird"
"+ ${config.xdg.dataHome}/gopass"
"+ ${config.xdg.configHome}/age"
"+ ${config.xdg.configHome}/sops"
];
exclude_if_present = [
".nobackup"
".exclude.bak"
];
exclude_patterns = [
"node_modules/"
"*.pyc"
"result*/"
"*/.vim*.tmp"
"target/"
];
{
archive_name_format =
lib.mkDefault "{fqdn}-home-manager-personal-{now}";
patterns = lib.mkBefore [
"R ${config.home.homeDirectory}"
"! ${config.xdg.dataHome}"
"! ${config.xdg.cacheHome}"
"- ${config.xdg.configHome}"
"- ${config.xdg.userDirs.download}"
"+ ${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}"
"+ ${config.xdg.userDirs.documents}"
"+ ${config.xdg.userDirs.music}"
"+ ${config.xdg.userDirs.pictures}"
"+ ${config.xdg.userDirs.templates}"
"+ ${config.xdg.userDirs.videos}"
"+ ${config.home.homeDirectory}/.thunderbird"
"+ ${config.xdg.dataHome}/gopass"
"+ ${config.xdg.configHome}/age"
"+ ${config.xdg.configHome}/sops"
];
exclude_if_present = [ ".nobackup" ".exclude.bak" ];
exclude_patterns =
[ "node_modules/" "*.pyc" "result*/" "*/.vim*.tmp" "target/" ];
store_config_files = true;
store_config_files = true;
# Most of these retention settings are meant to have overlaps in the
# periodic backups.
keep_hourly = 48;
keep_daily = 14;
keep_weekly = 8;
keep_monthly = 12;
keep_yearly = 4;
# Most of these retention settings are meant to have overlaps in the
# periodic backups.
keep_hourly = 48;
keep_daily = 14;
keep_weekly = 8;
keep_monthly = 12;
keep_yearly = 4;
check_last = 4;
}
];
check_last = 4;
}
];
checkRemovableMountScript = pkgs.writeShellScript "check-for-removable-storage" ''
{ findmnt "$(dirname "$1")" > /dev/null && [ -d "$1" ]; } || exit 75
'';
in
{
checkRemovableMountScript =
pkgs.writeShellScript "check-for-removable-storage" ''
{ findmnt "$(dirname "$1")" > /dev/null && [ -d "$1" ]; } || exit 75
'';
in {
options.users.foo-dogsquared.services.backup.enable =
lib.mkEnableOption "preferred backup service";
config = lib.mkIf cfg.enable {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml (
foodogsquaredLib.sops-nix.attachSopsPathPrefix pathPrefix {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml
(foodogsquaredLib.sops-nix.attachSopsPathPrefix pathPrefix {
"repos/remote-hetzner-boxes-personal/password" = { };
"repos/local-external-hdd-personal/password" = { };
"repos/local-archive-personal/password" = { };
@ -84,15 +77,18 @@ in
initService.enable = true;
initService.startAt = "06:30";
settings = borgmaticCommonConfig {
encryption_passcommand = "cat ${getPath "repos/remote-hetzner-boxes-personal/password"}";
encryption_passcommand =
"cat ${getPath "repos/remote-hetzner-boxes-personal/password"}";
repositories = lib.singleton {
path = "ssh://${hetznerBoxesUser}@${hetznerBoxesServer}:23/./borg/users/${config.home.username}";
path =
"ssh://${hetznerBoxesUser}@${hetznerBoxesServer}:23/./borg/users/${config.home.username}";
label = "remote-hetzner-boxes";
};
extra_borg_options = {
init = builtins.toString [
"--make-parent-dirs"
"--encryption" "repokey-blake2"
"--encryption"
"repokey-blake2"
];
};
};
@ -104,14 +100,17 @@ in
initService.enable = true;
initService.startAt = "04:30";
settings = let
removablePath = "${attrs.nixosConfig.state.paths.external-hdd}/Backups";
removablePath =
"${attrs.nixosConfig.state.paths.external-hdd}/Backups";
in borgmaticCommonConfig {
encryption_passcommand = "cat ${getPath "repos/local-external-hdd-personal/password"}";
encryption_passcommand =
"cat ${getPath "repos/local-external-hdd-personal/password"}";
repositories = lib.singleton {
path = removablePath;
label = "local-external-hdd";
};
before_backup = lib.singleton "${checkRemovableMountScript} ${removablePath}";
before_backup =
lib.singleton "${checkRemovableMountScript} ${removablePath}";
};
};
})
@ -121,9 +120,11 @@ in
initService.enable = true;
initService.startAt = "04:30";
settings = borgmaticCommonConfig {
encryption_passcommand = "cat ${getPath "repos/local-archive-personal/password"}";
encryption_passcommand =
"cat ${getPath "repos/local-archive-personal/password"}";
repositories = lib.singleton {
path = "\${BORG_PERSONAL_FDS_PATH:-${attrs.nixosConfig.state.paths.laptop-ssd}/Backups/foodogsquared}";
path =
"\${BORG_PERSONAL_FDS_PATH:-${attrs.nixosConfig.state.paths.laptop-ssd}/Backups/foodogsquared}";
label = "local-archive";
};
};
@ -136,13 +137,18 @@ in
enable = true;
startAt = "daily";
settings = let
backup_path = "${config.xdg.cacheHome}/ludusavi/backups";
settings = let backup_path = "${config.xdg.cacheHome}/ludusavi/backups";
in {
manifest.enable = true;
roots = [
{ path = "${config.home.homeDirectory}/.steam"; store = "steam"; }
{ path = "${config.xdg.dataHome}/lutris"; store = "lutris"; }
{
path = "${config.home.homeDirectory}/.steam";
store = "steam";
}
{
path = "${config.xdg.dataHome}/lutris";
store = "lutris";
}
];
backup.path = backup_path;
restore.path = backup_path;

9
configs/home-manager/foo-dogsquared/modules/setups/business.nix
View File

@ -3,16 +3,11 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.setups.business;
in
{
in {
options.users.foo-dogsquared.setups.business.enable =
lib.mkEnableOption "business setup";
config = lib.mkIf cfg.enable {
home.packages = with pkgs; [
collabora-online
libreoffice
zoom-us
];
home.packages = with pkgs; [ collabora-online libreoffice zoom-us ];
};
}

30
configs/home-manager/foo-dogsquared/modules/setups/desktop.nix
View File

@ -4,18 +4,14 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.setups.desktop;
in
{
in {
options.users.foo-dogsquared.setups.desktop.enable =
lib.mkEnableOption "a set of usual desktop productivity services";
config = lib.mkIf cfg.enable {
state.ports.activitywatch.value = 5600;
home.packages = with pkgs; [
bitwarden-cli
bitwarden-desktop
];
home.packages = with pkgs; [ bitwarden-cli bitwarden-desktop ];
# Install all of the desktop stuff.
suites.desktop = {
@ -66,19 +62,14 @@ in
startAt = "daily";
settings = {
topdirs = "~/Downloads ~/Documents ~/library";
"skippedNames+" =
let
inherit (config.state.paths) ignoreDirectories;
in
lib.concatStringsSep " " ignoreDirectories;
"skippedNames+" = let inherit (config.state.paths) ignoreDirectories;
in lib.concatStringsSep " " ignoreDirectories;
"~/library/projects" = {
"skippedNames+" = ".editorconfig .gitignore result flake.lock go.sum";
};
"~/library/projects/software" = {
"skippedNames+" = "target result";
};
"~/library/projects/software" = { "skippedNames+" = "target result"; };
};
};
@ -92,9 +83,12 @@ in
startAt = "daily";
};
users.foo-dogsquared.programs.custom-homepage.sections.services.links = lib.singleton {
url = "http://localhost:${builtins.toString config.state.ports.activitywatch.value}";
text = "Telemetry server";
};
users.foo-dogsquared.programs.custom-homepage.sections.services.links =
lib.singleton {
url = "http://localhost:${
builtins.toString config.state.ports.activitywatch.value
}";
text = "Telemetry server";
};
};
}

24
configs/home-manager/foo-dogsquared/modules/setups/development.nix
View File

@ -5,8 +5,7 @@ let
cfg = userCfg.setups.development;
in {
options.users.foo-dogsquared.setups.development = {
enable =
lib.mkEnableOption "foo-dogsquared's software development setup";
enable = lib.mkEnableOption "foo-dogsquared's software development setup";
creative-coding.enable =
lib.mkEnableOption "foo-dogsquared's creative coding setup";
@ -54,10 +53,12 @@ in {
users.foo-dogsquared.programs.custom-homepage.sections.services.links =
let
hasCockpitEnabled = attrs.nixosConfig.services.cockpit.enable or false;
in
lib.optionals hasCockpitEnabled (lib.singleton {
url = "http://localhost:${builtins.toString attrs.nixosConfig.services.cockpit.port}";
hasCockpitEnabled =
attrs.nixosConfig.services.cockpit.enable or false;
in lib.optionals hasCockpitEnabled (lib.singleton {
url = "http://localhost:${
builtins.toString attrs.nixosConfig.services.cockpit.port
}";
text = "Cockpit WebUI";
});
@ -69,7 +70,7 @@ in {
home.packages = with pkgs; [
cachix # Compile no more by using someone's binary cache!
regex-cli # Save some face of confusion for yourself.
dt # Get that functional gawk.
#dt # Get that functional gawk.
jq # Get that JSON querying tool.
recode # Convert between different encodings.
go-migrate # Go potential migraines.
@ -91,10 +92,9 @@ in {
];
}
(lib.mkIf (!userCfg.programs.nixvim.enable) {
(lib.mkIf (!config.programs.nixvim.enable or false) {
programs.neovim = {
enable = true;
package = pkgs.neovim-nightly;
vimAlias = true;
vimdiffAlias = true;
@ -105,9 +105,7 @@ in {
})
(lib.mkIf userCfg.programs.browsers.firefox.enable {
home.packages = with pkgs; [
(lowPrio firefox-devedition)
];
home.packages = with pkgs; [ (lowPrio firefox-devedition) ];
})
(lib.mkIf userCfg.programs.git.enable {
@ -145,7 +143,7 @@ in {
home.packages = with pkgs; [
supercollider-with-plugins
processing
(puredata-with-plugins (with pkgs; [ zexy cyclone ]))
#(puredata-with-plugins (with pkgs; [ zexy cyclone ]))
];
})
]);

3
configs/home-manager/foo-dogsquared/modules/setups/fonts.nix
View File

@ -3,8 +3,7 @@
let
userCfg = config.users.foo-dogsquared;
cfg = userCfg.setups.fonts;
in
{
in {
options.users.foo-dogsquared.setups.fonts.enable =
lib.mkEnableOption "foo-dogsquared's font setup";

63
configs/home-manager/foo-dogsquared/modules/setups/music.nix
View File

@ -10,8 +10,7 @@ let
musicDir = config.xdg.userDirs.music;
playlistsDir = "${musicDir}/playlists";
in
{
in {
options.users.foo-dogsquared.setups.music = {
enable = lib.mkEnableOption "foo-dogsquared's music setup";
mpd.enable = lib.mkEnableOption "foo-dogsquared's MPD server setup";
@ -28,9 +27,7 @@ in
wrapper-manager.packages.music-setup = {
wrappers.yt-dlp-audio = {
arg0 = lib.getExe' pkgs.yt-dlp "yt-dlp";
prependArgs = [
"--config-location" ../../config/yt-dlp/audio.conf
];
prependArgs = [ "--config-location" ../../config/yt-dlp/audio.conf ];
};
};
@ -107,12 +104,15 @@ in
users.foo-dogsquared.programs.custom-homepage.sections = lib.mkMerge [
(lib.mkIf (attrs.nixosConfig.services.gonic.enable or false) (let
subsonicLink = {
url = "http://localhost:${builtins.toString attrs.nixosConfig.state.ports.gonic.value}";
url = "http://localhost:${
builtins.toString attrs.nixosConfig.state.ports.gonic.value
}";
text = "Jukebox server";
};
in {
services.links = lib.singleton subsonicLink;
music.links = lib.mkBefore [ (subsonicLink // { text = "Subsonic music server"; }) ];
music.links = lib.mkBefore
[ (subsonicLink // { text = "Subsonic music server"; }) ];
}))
];
}
@ -120,26 +120,31 @@ in
(lib.mkIf cfg.spotify.enable {
home.packages = with pkgs; [ spotify ];
state.ports.spotifyd.value = attrs.nixosConfig.services.spotifyd.value or 9009;
state.ports.spotifyd.value =
attrs.nixosConfig.services.spotifyd.value or 9009;
services.mopidy.extensionPackages = [ pkgs.mopidy-spotify ];
})
(lib.mkIf (cfg.spotify.enable && !(attrs.nixosConfig.services.spotifyd.enable or false)) {
services.spotifyd = {
enable = true;
settings.global = {
use_mpris = true;
device_name = "foodogsquared's computer";
bitrate = 320;
device_type = "computer";
zeroconf_port = config.state.ports.spotifyd.value;
(lib.mkIf (cfg.spotify.enable
&& !(attrs.nixosConfig.services.spotifyd.enable or false)) {
services.spotifyd = {
enable = true;
settings.global = {
use_mpris = true;
device_name = "foodogsquared's computer";
bitrate = 320;
device_type = "computer";
zeroconf_port = config.state.ports.spotifyd.value;
cache_path = "${config.xdg.cacheHome}/spotifyd";
max_cache_size = unitsToInt { size = 4; prefix = "G"; };
cache_path = "${config.xdg.cacheHome}/spotifyd";
max_cache_size = unitsToInt {
size = 4;
prefix = "G";
};
};
};
};
})
})
(lib.mkIf cfg.mpd.enable {
state.ports.mopidy.value = 6680;
@ -165,13 +170,10 @@ in
file = {
enabled = true;
media_dirs = [
"$XDG_MUSIC_DIR|Music"
"~/library/music|Library"
]
++ lib.optional (isFilesystemSet "external-hdd")
media_dirs = [ "$XDG_MUSIC_DIR|Music" "~/library/music|Library" ]
++ lib.optional (isFilesystemSet "external-hdd")
"${attrs.nixosConfig.state.paths.external-hdd}/Music|External storage"
++ lib.optional (isFilesystemSet "archive")
++ lib.optional (isFilesystemSet "archive")
"${attrs.nixosConfig.state.paths.archive}/Music|Archive";
};
@ -207,12 +209,15 @@ in
# Set this to the custom homepage.
users.foo-dogsquared.programs.custom-homepage.sections = let
mopidyLink = {
url = "http://localhost:${builtins.toString config.state.ports.mopidy.value}";
url = "http://localhost:${
builtins.toString config.state.ports.mopidy.value
}";
text = "Music streaming server";
};
in {
services.links = lib.singleton mopidyLink;
music.links = lib.mkBefore [ (mopidyLink // { text = "Mopidy server"; }) ];
music.links =
lib.mkBefore [ (mopidyLink // { text = "Mopidy server"; }) ];
};
})
]);

62
configs/home-manager/foo-dogsquared/modules/setups/research.nix
View File

@ -10,29 +10,37 @@ let
# `services.gallery-dl`, and `services.archivebox`.
mkJobs = { extraArgs ? [ ], db }:
let
days = [ "Monday" "Tuesday" "Wednesday" "Thursday" "Friday" "Saturday" "Sunday" ];
categories = lib.zipListsWith
(index: category: { inherit index; data = category; })
(lib.lists.range 1 (lib.length (lib.attrValues db)))
(lib.mapAttrsToList (name: value: { inherit name; inherit (value) subscriptions extraArgs; }) db);
jobsList = builtins.map
(category:
let
jobExtraArgs = lib.attrByPath [ "data" "extraArgs" ] [ ] category;
in
{
name = category.data.name;
value = {
extraArgs = extraArgs ++ jobExtraArgs;
urls = builtins.map (subscription: subscription.url) category.data.subscriptions;
startAt = lib.elemAt days (lib.mod category.index (lib.length days));
};
})
categories;
in
lib.listToAttrs jobsList;
in
{
days = [
"Monday"
"Tuesday"
"Wednesday"
"Thursday"
"Friday"
"Saturday"
"Sunday"
];
categories = lib.zipListsWith (index: category: {
inherit index;
data = category;
}) (lib.lists.range 1 (lib.length (lib.attrValues db)))
(lib.mapAttrsToList (name: value: {
inherit name;
inherit (value) subscriptions extraArgs;
}) db);
jobsList = builtins.map (category:
let jobExtraArgs = lib.attrByPath [ "data" "extraArgs" ] [ ] category;
in {
name = category.data.name;
value = {
extraArgs = extraArgs ++ jobExtraArgs;
urls = builtins.map (subscription: subscription.url)
category.data.subscriptions;
startAt =
lib.elemAt days (lib.mod category.index (lib.length days));
};
}) categories;
in lib.listToAttrs jobsList;
in {
options.users.foo-dogsquared.setups.research.enable =
lib.mkEnableOption "foo-dogsquared's usual toolbelt for research";
@ -60,7 +68,9 @@ in
services.syncthing = {
enable = true;
extraOptions = [
"--gui-address=http://localhost:${builtins.toString config.state.ports.syncthing.value}"
"--gui-address=http://localhost:${
builtins.toString config.state.ports.syncthing.value
}"
];
};
@ -70,7 +80,9 @@ in
users.foo-dogsquared.programs.custom-homepage.sections.services.links =
lib.singleton {
url = "http://localhost:${builtins.toString config.state.ports.syncthing.value}";
url = "http://localhost:${
builtins.toString config.state.ports.syncthing.value
}";
text = "Local sync server";
};
}

8
configs/home-manager/nixos/default.nix
View File

@ -24,13 +24,7 @@
programs.bash = {
enable = true;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyIgnore = [
"cd"
"exit"
"lf"
"ls"
"nvim"
];
historyIgnore = [ "cd" "exit" "lf" "ls" "nvim" ];
};
home.stateVersion = "23.11";

6
configs/home-manager/nixos/modules/default.nix
View File

@ -1,5 +1 @@
{
imports = [
./programs/terminal-multiplexer.nix
];
}
{ imports = [ ./programs/terminal-multiplexer.nix ]; }

3
configs/home-manager/nixos/modules/programs/terminal-multiplexer.nix
View File

@ -4,8 +4,7 @@
let
userCfg = config.users.nixos;
cfg = userCfg.programs.terminal-multiplexer;
in
{
in {
options.users.nixos.programs.terminal-multiplexer.enable =
lib.mkEnableOption "terminal multiplexer";

19
configs/home-manager/plover/default.nix
View File

@ -2,23 +2,13 @@
{ config, lib, pkgs, ... }:
{
home.packages = with pkgs; [
glances
wireshark-cli
jq
];
home.packages = with pkgs; [ glances wireshark-cli jq ];
# My user shell of choice because I'm not a hipster.
programs.bash = {
enable = true;
historyControl = [ "erasedups" "ignoredups" "ignorespace" ];
historyIgnore = [
"cd"
"exit"
"lf"
"ls"
"nvim"
];
historyIgnore = [ "cd" "exit" "lf" "ls" "nvim" ];
};
suites = {
@ -39,10 +29,7 @@
services.bleachbit = {
enable = true;
cleaners = [
"bash.history"
"vim.history"
];
cleaners = [ "bash.history" "vim.history" ];
startAt = "weekly";
};

6
configs/nixos/_users/admin/default.nix
View File

@ -1,10 +1,8 @@
# Mainly used for managing the installations with deploy-rs.
{ config, lib, pkgs, ... }:
let
name = "admin";
in
{
let name = "admin";
in {
users.users.${name} = {
description = "The administrator account for the servers.";
isNormalUser = true;

6
configs/nixos/_users/nixos/default.nix
View File

@ -24,10 +24,8 @@
sandbox = true;
# Set several binary caches.
substituters = [
"https://cache.nixos.org/"
"https://nix-community.cachix.org"
];
substituters =
[ "https://cache.nixos.org/" "https://nix-community.cachix.org" ];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];

10
configs/nixos/_users/plover/default.nix
View File

@ -4,11 +4,11 @@
let
user = "plover";
homeManagerUser = foodogsquaredUtils.getConfig "home-manager" user;
in
{
in {
users.users.${user} = {
home = "/home/${user}";
hashedPassword = "$y$j9T$43ExH5GLbEGwgnNGhmcTD/$qXoZE5Cm9O2Z3zMM/VyCZ18qN2Hc9.KvCnVz6tmjVVD";
hashedPassword =
"$y$j9T$43ExH5GLbEGwgnNGhmcTD/$qXoZE5Cm9O2Z3zMM/VyCZ18qN2Hc9.KvCnVz6tmjVVD";
extraGroups = [ "wheel" "kanidm" ];
useDefaultShell = true;
isNormalUser = true;
@ -24,7 +24,5 @@ in
];
};
home-manager.users.${user} = {
imports = [ homeManagerUser ];
};
home-manager.users.${user} = { imports = [ homeManagerUser ]; };
}

4
configs/nixos/bootstrap/default.nix
View File

@ -6,9 +6,7 @@
#
# This means, there will be a "nixos" user among other things.
{
imports = [
"${foodogsquaredModulesPath}/profiles/installer.nix"
];
imports = [ "${foodogsquaredModulesPath}/profiles/installer.nix" ];
config = lib.mkMerge [
{

13
configs/nixos/graphical-installer/default.nix
View File

@ -1,8 +1,4 @@
{ lib
, config
, pkgs
, foodogsquaredLib
, foodogsquaredUtils
{ lib, config, pkgs, foodogsquaredLib, foodogsquaredUtils
, foodogsquaredModulesPath
, ... }:
@ -34,9 +30,7 @@
# closure size smaller.
workflows = {
enable = [ "a-happy-gnome" ];
workflows.a-happy-gnome = {
extraApps = lib.mkForce [ ];
};
workflows.a-happy-gnome = { extraApps = lib.mkForce [ ]; };
};
# Install the web browser of course. What would be a graphical installer
@ -63,8 +57,7 @@
system.stateVersion = "23.11";
}
(lib.mkIf
(foodogsquaredLib.nixos.isFormat config "isoImage") {
(lib.mkIf (foodogsquaredLib.nixos.isFormat config "isoImage") {
isoImage = {
isoBaseName = config.networking.hostName;
edition = "a-happy-gnome";

4
configs/nixos/ni/config/nixpkgs/config.nix
View File

@ -1,3 +1 @@
{
allowUnfree = true;
}
{ allowUnfree = true; }

114
configs/nixos/ni/disko.nix
View File

@ -1,72 +1,70 @@
{ primaryDisk ? "/dev/nvme0n1", config, lib, ... }:
{
disko.devices = lib.mkMerge [
{
disk."${config.networking.hostName}-primary" = {
device = primaryDisk;
type = "disk";
content = {
type = "gpt";
partitions = {
# You can't really have a btrfs-layered boot so this'll have to do.
ESP = {
priority = 1;
start = "0";
end = "512MiB";
type = "EF00";
content = {
type = "filesystem";
mountpoint = "/boot";
format = "vfat";
};
disko.devices = lib.mkMerge [{
disk."${config.networking.hostName}-primary" = {
device = primaryDisk;
type = "disk";
content = {
type = "gpt";
partitions = {
# You can't really have a btrfs-layered boot so this'll have to do.
ESP = {
priority = 1;
start = "0";
end = "512MiB";
type = "EF00";
content = {
type = "filesystem";
mountpoint = "/boot";
format = "vfat";
};
};
swap = {
start = "-8GiB";
end = "-0";
type = "8200";
content = {
type = "swap";
randomEncryption = true;
};
swap = {
start = "-8GiB";
end = "-0";
type = "8200";
content = {
type = "swap";
randomEncryption = true;
};
};
root = {
size = "100%";
type = "8300";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
root = {
size = "100%";
type = "8300";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = lib.mkMerge [
{
"/root" = {
mountOptions = [ "compress=zstd" ];
mountpoint = "/";
};
"/home" = {
mountOptions = [ "compress=zstd" ];
mountpoint = "/home";
};
"/nix" = {
mountOptions = [ "compress=zstd" "noatime" "noacl" ];
mountpoint = "/nix";
};
}
subvolumes = lib.mkMerge [
{
"/root" = {
mountOptions = [ "compress=zstd" ];
mountpoint = "/";
};
"/home" = {
mountOptions = [ "compress=zstd" ];
mountpoint = "/home";
};
"/nix" = {
mountOptions = [ "compress=zstd" "noatime" "noacl" ];
mountpoint = "/nix";
};
}
(lib.mkIf config.services.guix.enable {
"/gnu" = {
mountOptions = [ "compress=zstd" "noatime" "noacl" ];
mountpoint = "/gnu";
};
})
];
};
(lib.mkIf config.services.guix.enable {
"/gnu" = {
mountOptions = [ "compress=zstd" "noatime" "noacl" ];
mountpoint = "/gnu";
};
})
];
};
};
};
};
}
];
};
}];
}

7
configs/nixos/ni/hardware-configuration.nix
View File

@ -1,12 +1,11 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_12;
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "uas" "sd_mod" ];
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "thunderbolt" "usbhid" "uas" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];

8
configs/nixos/ni/modules/hardware/qol.nix
View File

@ -4,8 +4,7 @@
let
hostCfg = config.hosts.ni;
cfg = hostCfg.hardware.qol;
in
{
in {
options.hosts.ni.hardware.qol.enable =
lib.mkEnableOption "quality-of-life hardware features";
@ -17,10 +16,7 @@ in
services.printing = {
enable = true;
browsing = true;
drivers = with pkgs; [
gutenprint
splix
];
drivers = with pkgs; [ gutenprint splix ];
};
# Extend the life of an SSD.

18
configs/nixos/ni/modules/networking/setup.nix
View File

@ -3,8 +3,7 @@
let
hostCfg = config.hosts.ni;
cfg = hostCfg.networking;
in
{
in {
options.hosts.ni.networking = {
enable = lib.mkEnableOption "networking setup";
@ -31,9 +30,7 @@ in
:::
'';
default =
if config.networking.useNetworkd
then "networkd"
else "networkmanager";
if config.networking.useNetworkd then "networkd" else "networkmanager";
defaultText = ''
When networkd is enabled, `networkd`, otherwise `networkmanager` as the
general fallback value.
@ -54,11 +51,8 @@ in
};
# Add these timeservers.
networking.timeServers = lib.mkBefore [
"ntp.nict.jp"
"time.nist.gov"
"time.facebook.com"
];
networking.timeServers =
lib.mkBefore [ "ntp.nict.jp" "time.nist.gov" "time.facebook.com" ];
# Put on your cloak, kid.
suites.vpn.personal.enable = true;
@ -148,9 +142,7 @@ in
dhcp = lib.mkIf (config.networking.dhcpcd.enable) "dhcpcd";
}
(lib.mkIf config.services.resolved.enable {
dns = "systemd-resolved";
})
(lib.mkIf config.services.resolved.enable { dns = "systemd-resolved"; })
];
# We'll configure individual network interfaces to use DHCP since it can

113
configs/nixos/ni/modules/networking/wireguard.nix
View File

@ -8,14 +8,10 @@ let
inherit (builtins) toString;
inherit (import ../../../plover/modules/hardware/networks.nix)
interfaces
wireguardPort
wireguardPeers;
interfaces wireguardPort wireguardPeers;
wireguardAllowedIPs = [
"${interfaces.lan.IPv4.address}/16"
"${interfaces.lan.IPv6.address}/64"
];
wireguardAllowedIPs =
[ "${interfaces.lan.IPv4.address}/16" "${interfaces.lan.IPv6.address}/64" ];
wireguardIFName = "wireguard0";
internalDomains = [
@ -23,19 +19,20 @@ let
"~0.27.172.in-addr.arpa"
"~0.28.172.in-addr.arpa"
];
in
{
options.hosts.ni.networking.wireguard.enable = lib.mkEnableOption "Wireguard setup";
in {
options.hosts.ni.networking.wireguard.enable =
lib.mkEnableOption "Wireguard setup";
config = lib.mkIf (hostCfg.networking.enable && cfg.enable) (lib.mkMerge [
{
environment.systemPackages = with pkgs; [ wireguard-tools ];
networking.firewall.allowedUDPPorts = [ wireguardPort ];
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ../../secrets/secrets.yaml {
"wireguard/private-key" = { };
"wireguard/preshared-keys/plover" = { };
"wireguard/preshared-keys/phone" = { };
};
sops.secrets =
foodogsquaredLib.sops-nix.getSecrets ../../secrets/secrets.yaml {
"wireguard/private-key" = { };
"wireguard/preshared-keys/plover" = { };
"wireguard/preshared-keys/phone" = { };
};
}
(lib.mkIf (networkSetup == "networkmanager") {
@ -60,35 +57,36 @@ in
privateKeyFile = config.sops.secrets."wireguard/private-key".path;
listenPort = wireguardPort;
dns = with interfaces.lan; [ IPv4.address IPv6.address ];
postUp =
let
resolvectl = "${lib.getBin pkgs.systemd}/bin/resolvectl";
in
''
${resolvectl} domain ${wireguardIFName} ${lib.concatStringsSep " " internalDomains}
${resolvectl} dnssec ${wireguardIFName} no
'';
postUp = let resolvectl = "${lib.getBin pkgs.systemd}/bin/resolvectl";
in ''
${resolvectl} domain ${wireguardIFName} ${
lib.concatStringsSep " " internalDomains
}
${resolvectl} dnssec ${wireguardIFName} no
'';
address = with wireguardPeers.desktop; [
"${IPv4}/32"
"${IPv6}/128"
];
address = with wireguardPeers.desktop; [ "${IPv4}/32" "${IPv6}/128" ];
# Take note wg-quick doesn't trim the files so we have to trim it ourselves.
peers = [
# The "server" peer.
{
publicKey = lib.removeSuffix "\n" (lib.readFile ../../../plover/files/wireguard/wireguard-public-key-plover);
presharedKeyFile = config.sops.secrets."wireguard/preshared-keys/plover".path;
publicKey = lib.removeSuffix "\n" (lib.readFile
../../../plover/files/wireguard/wireguard-public-key-plover);
presharedKeyFile =
config.sops.secrets."wireguard/preshared-keys/plover".path;
allowedIPs = wireguardAllowedIPs;
endpoint = "${interfaces.wan.IPv4.address}:${toString wireguardPort}";
endpoint =
"${interfaces.wan.IPv4.address}:${toString wireguardPort}";
persistentKeepalive = 25;
}
# The "phone" peer.
{
publicKey = lib.removeSuffix "\n" (lib.readFile ../../../plover/files/wireguard/wireguard-public-key-phone);
presharedKeyFile = config.sops.secrets."wireguard/preshared-keys/phone".path;
publicKey = lib.removeSuffix "\n" (lib.readFile
../../../plover/files/wireguard/wireguard-public-key-phone);
presharedKeyFile =
config.sops.secrets."wireguard/preshared-keys/phone".path;
allowedIPs = wireguardAllowedIPs;
}
];
@ -97,22 +95,21 @@ in
(lib.mkIf (networkSetup == "networkd") {
# Just apply the appropriate permissions for systemd-networkd.
sops.secrets =
let
systemdNetworkFileAttrs = {
group = config.users.users.systemd-network.group;
reloadUnits = [ "systemd-networkd.service" ];
mode = "0640";
};
applySystemdAttr = secretPaths: lib.listToAttrs
(builtins.map (path: lib.nameValuePair path systemdNetworkFileAttrs))
secretPaths;
in
applySystemdAttr [
"wireguard/private-key"
"wireguard/preshared-keys/phone"
"wireguard/preshared-keys/plover"
];
sops.secrets = let
systemdNetworkFileAttrs = {
group = config.users.users.systemd-network.group;
reloadUnits = [ "systemd-networkd.service" ];
mode = "0640";
};
applySystemdAttr = secretPaths:
lib.listToAttrs
(builtins.map (path: lib.nameValuePair path systemdNetworkFileAttrs))
secretPaths;
in applySystemdAttr [
"wireguard/private-key"
"wireguard/preshared-keys/phone"
"wireguard/preshared-keys/plover"
];
systemd.network = {
netdevs."99-${wireguardIFName}" = {
@ -129,17 +126,22 @@ in
wireguardPeers = [
# The "server" peer.
{
PublicKey = lib.readFile ../../../plover/files/wireguard/wireguard-public-key-plover;
PresharedKeyFile = config.sops.secrets."wireguard/preshared-keys/plover".path;
PublicKey = lib.readFile
../../../plover/files/wireguard/wireguard-public-key-plover;
PresharedKeyFile =
config.sops.secrets."wireguard/preshared-keys/plover".path;
AllowedIPs = lib.concatStringsSep "," wireguardAllowedIPs;
Endpoint = "${interfaces.wan.IPv4.address}:${toString wireguardPort}";
Endpoint =
"${interfaces.wan.IPv4.address}:${toString wireguardPort}";
PersistentKeepalive = 25;
}
# The "phone" peer.
{
PublicKey = lib.readFile ../../../plover/files/wireguard/wireguard-public-key-phone;
PresharedKeyFile = config.sops.secrets."wireguard/preshared-keys/phone".path;
PublicKey = lib.readFile
../../../plover/files/wireguard/wireguard-public-key-phone;
PresharedKeyFile =
config.sops.secrets."wireguard/preshared-keys/phone".path;
AllowedIPs = lib.concatStringsSep "," wireguardAllowedIPs;
}
];
@ -148,10 +150,7 @@ in
networks."99-${wireguardIFName}" = {
matchConfig.Name = wireguardIFName;
address = with wireguardPeers.desktop; [
"${IPv4}/32"
"${IPv6}/128"
];
address = with wireguardPeers.desktop; [ "${IPv4}/32" "${IPv6}/128" ];
dns = with interfaces.lan; [ IPv4.address IPv6.address ];
domains = internalDomains;

94
configs/nixos/ni/modules/services/backup/default.nix
View File

@ -6,53 +6,49 @@ let
cfg = hostCfg.services.backup;
borgJobCommonSetting = { patterns ? [ ], passCommand, ... }@args:
let
args' = lib.attrsets.removeAttrs args [ "patterns" "passCommand" ];
in
{
compression = "zstd,12";
dateFormat = "+%F-%H-%M-%S-%z";
doInit = false;
encryption = {
inherit passCommand;
mode = "repokey-blake2";
};
extraCreateArgs = lib.concatStringsSep " "
(builtins.map (patternFile: "--patterns-from ${patternFile}") patterns);
extraInitArgs = "--make-parent-dirs";
# We're emptying them since we're specifying them all through the patterns file.
paths = lib.mkForce [ ];
persistentTimer = true;
preHook = ''
extraCreateArgs="$extraCreateArgs --exclude-if-present .nobackup"
extraCreateArgs="$extraCreateArgs --stats"
'';
prune = {
keep = {
within = "1d";
hourly = 8;
daily = 30;
weekly = 4;
monthly = 6;
yearly = 3;
let args' = lib.attrsets.removeAttrs args [ "patterns" "passCommand" ];
in {
compression = "zstd,12";
dateFormat = "+%F-%H-%M-%S-%z";
doInit = false;
encryption = {
inherit passCommand;
mode = "repokey-blake2";
};
};
} // args';
extraCreateArgs = lib.concatStringsSep " "
(builtins.map (patternFile: "--patterns-from ${patternFile}") patterns);
extraInitArgs = "--make-parent-dirs";
# We're emptying them since we're specifying them all through the patterns file.
paths = lib.mkForce [ ];
persistentTimer = true;
preHook = ''
extraCreateArgs="$extraCreateArgs --exclude-if-present .nobackup"
extraCreateArgs="$extraCreateArgs --stats"
'';
prune = {
keep = {
within = "1d";
hourly = 8;
daily = 30;
weekly = 4;
monthly = 6;
yearly = 3;
};
};
} // args';
hetzner-boxes-user = "u332477";
hetzner-boxes-server = "${hetzner-boxes-user}.your-storagebox.de";
pathPrefix = "borg-backup";
in
{
in {
options.hosts.ni.services.backup.enable =
lib.mkEnableOption "backup setup with BorgBackup";
config = lib.mkIf cfg.enable {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets
./secrets.yaml
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml
(foodogsquaredLib.sops-nix.attachSopsPathPrefix pathPrefix {
"patterns/home" = { };
"patterns/root" = { };
@ -63,9 +59,7 @@ in
"repos/hetzner-box/ssh-key" = { };
});
suites.filesystem.setups = {
laptop-ssd.enable = true;
};
suites.filesystem.setups = { laptop-ssd.enable = true; };
services.borgbackup.jobs = {
local-external-storage = borgJobCommonSetting {
@ -73,21 +67,27 @@ in
secrets."${pathPrefix}/patterns/root".path
secrets."${pathPrefix}/patterns/keys".path
];
passCommand = "cat ${config.sops.secrets."${pathPrefix}/repos/external-hdd/password".path}";
passCommand = "cat ${
config.sops.secrets."${pathPrefix}/repos/external-hdd/password".path
}";
removableDevice = true;
doInit = true;
repo = "${config.state.paths.laptop-ssd}/Backups";
};
remote-backup-hetzner-box = borgJobCommonSetting {
patterns = with config.sops; [
secrets."${pathPrefix}/patterns/home".path
];
passCommand = "cat ${config.sops.secrets."${pathPrefix}/repos/hetzner-box/password".path}";
patterns = with config.sops;
[ secrets."${pathPrefix}/patterns/home".path ];
passCommand = "cat ${
config.sops.secrets."${pathPrefix}/repos/hetzner-box/password".path
}";
doInit = true;
repo = "ssh://${hetzner-boxes-user}@${hetzner-boxes-server}:23/./borg/desktop/ni";
repo =
"ssh://${hetzner-boxes-user}@${hetzner-boxes-server}:23/./borg/desktop/ni";
startAt = "04:30";
environment.BORG_RSH = "ssh -i ${config.sops.secrets."${pathPrefix}/repos/hetzner-box/ssh-key".path}";
environment.BORG_RSH = "ssh -i ${
config.sops.secrets."${pathPrefix}/repos/hetzner-box/ssh-key".path
}";
};
};
};

3
configs/nixos/ni/modules/services/dns-server/default.nix
View File

@ -3,8 +3,7 @@
let
hostCfg = config.hosts.ni;
cfg = hostCfg.services.dns-server;
in
{
in {
options.hosts.ni.services.dns-server.enable =
lib.mkEnableOption "preferred DNS server";

339
configs/nixos/ni/modules/services/download-media/default.nix
View File

@ -11,197 +11,202 @@ let
newgrounds = name: "https://${name}.newgrounds.com";
pathPrefix = "download-media";
in
{
in {
options.hosts.ni.services.download-media.enable =
lib.mkEnableOption "automated multimedia download services";
config = lib.mkIf cfg.enable (
let
ytdlpArgs = [
# No overwriting of videos and related files.
"--no-force-overwrites"
config = lib.mkIf cfg.enable (let
ytdlpArgs = [
# No overwriting of videos and related files.
"--no-force-overwrites"
# Embed metadata in the file.
"--write-info-json"
# Embed metadata in the file.
"--write-info-json"
# Embed chapter markers, if possible.
"--embed-chapters"
# Embed chapter markers, if possible.
"--embed-chapters"
# Write the subtitle file with the preferred languages.
"--write-subs"
"--sub-langs" "en.*,ja,ko,zh.*,fr,pt.*"
# Write the subtitle file with the preferred languages.
"--write-subs"
"--sub-langs"
"en.*,ja,ko,zh.*,fr,pt.*"
# Write the description in a separate file.
"--write-description"
# Write the description in a separate file.
"--write-description"
# The global output for all of the jobs.
"--output"
"%(uploader,artist,creator|Unknown)s/%(release_date>%F,upload_date>%F|Unknown)s-%(title)s.%(ext)s"
# The global output for all of the jobs.
"--output"
"%(uploader,artist,creator|Unknown)s/%(release_date>%F,upload_date>%F|Unknown)s-%(title)s.%(ext)s"
# Select only the most optimal format for my usecases.
"--format"
"(webm,mkv,mp4)[height<=?1280]"
# Select only the most optimal format for my usecases.
"--format"
"(webm,mkv,mp4)[height<=?1280]"
# Prefer MKV whenever possible for video formats.
"--merge-output-format" "mkv"
# Prefer MKV whenever possible for video formats.
"--merge-output-format"
"mkv"
# Don't download any videos that are originally live streams.
"--match-filters" "!was_live"
# Don't download any videos that are originally live streams.
"--match-filters"
"!was_live"
"--audio-quality" "1"
"--audio-quality"
"1"
# Not much error since it will always fail.
"--no-abort-on-error"
"--ignore-errors"
"--ignore-no-formats-error"
# Not much error since it will always fail.
"--no-abort-on-error"
"--ignore-errors"
"--ignore-no-formats-error"
];
galleryDlArgs = [
# Write metadata to separate JSON files.
"--write-metadata"
# The config file that contains the secrets for various services.
# We're putting as a separate config file instead of configuring it
# in the service properly since secrets decrypted by sops-nix cannot
# be read in Nix.
];
# Given an attribute set of jobs that contains a list of objects with
# their names and URL, create an attrset suitable for declaring the
# archiving jobs of several services for `services.yt-dlp`,
# `services.gallery-dl`, and `services.archivebox`.
mkJobs = { extraArgs ? [ ], db }:
let
days = [
"Monday"
"Tuesday"
"Wednesday"
"Thursday"
"Friday"
"Saturday"
"Sunday"
];
categories = lib.zipListsWith (index: category: {
inherit index;
data = category;
}) (lib.lists.range 1 (lib.length (lib.attrValues db)))
(lib.mapAttrsToList (name: value: {
inherit name;
inherit (value) subscriptions extraArgs;
}) db);
jobsList = builtins.map (category:
let jobExtraArgs = lib.attrByPath [ "data" "extraArgs" ] [ ] category;
in {
name = category.data.name;
value = {
extraArgs = extraArgs ++ jobExtraArgs;
urls = builtins.map (subscription: subscription.url)
category.data.subscriptions;
startAt =
lib.elemAt days (lib.mod category.index (lib.length days));
};
}) categories;
in lib.listToAttrs jobsList;
in {
suites.filesystem.setups.archive.enable = true;
services.yt-dlp = {
enable = true;
downloadPath = "${mountName}/yt-dlp-service";
# This is applied on all jobs. It is best to be minimal as much as
# possible for this.
extraArgs = ytdlpArgs ++ [
# Make a global list of successfully downloaded videos as a cache for yt-dlp.
"--download-archive"
"videos"
];
galleryDlArgs = [
# Write metadata to separate JSON files.
"--write-metadata"
jobs = mkJobs {
extraArgs = [ "--playlist-end" "20" ];
db = lib.importJSON ./data/jobs.yt-dlp.json;
};
};
# The config file that contains the secrets for various services.
# We're putting as a separate config file instead of configuring it
# in the service properly since secrets decrypted by sops-nix cannot
# be read in Nix.
services.archivebox = {
enable = true;
webserver.enable = true;
jobs = mkJobs { db = lib.importJSON ./data/jobs.archivebox.json; } // {
computer = {
urls = [
"https://blog.mozilla.org/en/feed/"
"https://distill.pub/rss.xml"
"https://drewdevault.com/blog/index.xml"
"https://fasterthanli.me/index.xml"
"https://jvns.ca/atom.xml"
"https://www.bytelab.codes/rss/"
"https://www.collabora.com/feed"
"https://www.jntrnr.com/atom.xml"
"https://yosoygames.com.ar/wp/?feed=rss"
"https://simblob.blogspot.com/feeds/posts/default"
];
startAt = "weekly";
};
};
};
services.gallery-dl = {
enable = true;
downloadPath = "${mountName}/gallery-dl-service";
extraArgs = galleryDlArgs ++ [
# Record all downloaded files in an archive file.
"--download-archive"
"${config.services.gallery-dl.downloadPath}/photos"
];
# Given an attribute set of jobs that contains a list of objects with
# their names and URL, create an attrset suitable for declaring the
# archiving jobs of several services for `services.yt-dlp`,
# `services.gallery-dl`, and `services.archivebox`.
mkJobs = { extraArgs ? [ ], db }:
let
days = [ "Monday" "Tuesday" "Wednesday" "Thursday" "Friday" "Saturday" "Sunday" ];
categories = lib.zipListsWith
(index: category: { inherit index; data = category; })
(lib.lists.range 1 (lib.length (lib.attrValues db)))
(lib.mapAttrsToList (name: value: { inherit name; inherit (value) subscriptions extraArgs; }) db);
jobsList = builtins.map
(category:
let
jobExtraArgs = lib.attrByPath [ "data" "extraArgs" ] [ ] category;
in
{
name = category.data.name;
value = {
extraArgs = extraArgs ++ jobExtraArgs;
urls = builtins.map (subscription: subscription.url) category.data.subscriptions;
startAt = lib.elemAt days (lib.mod category.index (lib.length days));
};
})
categories;
in
lib.listToAttrs jobsList;
in
{
suites.filesystem.setups.archive.enable = true;
settings.extractor = { filename = "{date:%F}-{title}.{extension}"; };
services.yt-dlp = {
enable = true;
downloadPath = "${mountName}/yt-dlp-service";
# This is applied on all jobs. It is best to be minimal as much as
# possible for this.
extraArgs = ytdlpArgs ++ [
# Make a global list of successfully downloaded videos as a cache for yt-dlp.
"--download-archive" "videos"
];
jobs = mkJobs {
extraArgs = [ "--playlist-end" "20" ];
db = lib.importJSON ./data/jobs.yt-dlp.json;
jobs = {
arts = {
urls = [
(deviantArt "xezeno") # Xezeno
(deviantArt "jenzee") # JenZee
(deviantArt "silverponteo") # hurrakka
#"https://www.pixiv.net/en/users/60562229" # Ravioli
(artStation "dominikmayerart") # Dominik Mayer
(artStation "archiewhitehead") # Archie Whitehead
(artStation "kuvshinov_ilya") # Ilya Kuvshinov
(artStation "meiipng") # Meiiart
(artStation "bassem_wageeh") # Bassem wageeh
(artStation "ocellusart") # Ocellus
(artStation "jordanparrin") # Jordan Parrin
(artStation "blazporenta") # Blaz Porenta
(artStation "an_na") # Anya Mozharovska
(artStation "dllxtt") # Mykhail Klymenko
(artStation "nicwilliams") # Nic Williams
(artStation "aaconcept") # Andrew An
(artStation "aliena85") # Mandy Jurgens
(artStation "666kart") # Kan Liu
(artStation "angryangryasian") # David Liu
(artStation "mikedilonardo") # Michael Di Lonardo
(artStation "karlschecht") # Karl Schecht
(artStation "12oyraj") # Royraj Vichaidit
(artStation "jcru3d") # Jan Cruz
(artStation "wookun") # Sangtaek Woo
(newgrounds "hyperjerk") # HyperJerk
];
startAt = "weekly";
};
};
};
services.archivebox = {
enable = true;
webserver.enable = true;
jobs = mkJobs
{
db = lib.importJSON ./data/jobs.archivebox.json;
} // {
computer = {
urls = [
"https://blog.mozilla.org/en/feed/"
"https://distill.pub/rss.xml"
"https://drewdevault.com/blog/index.xml"
"https://fasterthanli.me/index.xml"
"https://jvns.ca/atom.xml"
"https://www.bytelab.codes/rss/"
"https://www.collabora.com/feed"
"https://www.jntrnr.com/atom.xml"
"https://yosoygames.com.ar/wp/?feed=rss"
"https://simblob.blogspot.com/feeds/posts/default"
];
startAt = "weekly";
};
};
wrapper-manager.packages.download-media-variants = {
wrappers."yt-dlp-${pathPrefix}" = {
arg0 = lib.getExe' config.services.yt-dlp.package "yt-dlp";
prependArgs = ytdlpArgs;
};
services.gallery-dl = {
enable = true;
downloadPath = "${mountName}/gallery-dl-service";
extraArgs = galleryDlArgs ++ [
# Record all downloaded files in an archive file.
"--download-archive"
"${config.services.gallery-dl.downloadPath}/photos"
];
settings.extractor = {
filename = "{date:%F}-{title}.{extension}";
};
jobs = {
arts = {
urls = [
(deviantArt "xezeno") # Xezeno
(deviantArt "jenzee") # JenZee
(deviantArt "silverponteo") # hurrakka
#"https://www.pixiv.net/en/users/60562229" # Ravioli
(artStation "dominikmayerart") # Dominik Mayer
(artStation "archiewhitehead") # Archie Whitehead
(artStation "kuvshinov_ilya") # Ilya Kuvshinov
(artStation "meiipng") # Meiiart
(artStation "bassem_wageeh") # Bassem wageeh
(artStation "ocellusart") # Ocellus
(artStation "jordanparrin") # Jordan Parrin
(artStation "blazporenta") # Blaz Porenta
(artStation "an_na") # Anya Mozharovska
(artStation "dllxtt") # Mykhail Klymenko
(artStation "nicwilliams") # Nic Williams
(artStation "aaconcept") # Andrew An
(artStation "aliena85") # Mandy Jurgens
(artStation "666kart") # Kan Liu
(artStation "angryangryasian") # David Liu
(artStation "mikedilonardo") # Michael Di Lonardo
(artStation "karlschecht") # Karl Schecht
(artStation "12oyraj") # Royraj Vichaidit
(artStation "jcru3d") # Jan Cruz
(artStation "wookun") # Sangtaek Woo
(newgrounds "hyperjerk") # HyperJerk
];
startAt = "weekly";
};
};
wrappers."gallery-dl-${pathPrefix}" = {
arg0 = lib.getExe' config.services.gallery-dl.package "gallery-dl";
prependArgs = galleryDlArgs;
};
};
wrapper-manager.packages.download-media-variants = {
wrappers."yt-dlp-${pathPrefix}" = {
arg0 = lib.getExe' config.services.yt-dlp.package "yt-dlp";
prependArgs = ytdlpArgs;
};
wrappers."gallery-dl-${pathPrefix}" = {
arg0 = lib.getExe' config.services.gallery-dl.package "gallery-dl";
prependArgs = galleryDlArgs;
};
};
environment.systemPackages = with pkgs; [ archivebox ];
}
);
environment.systemPackages = with pkgs; [ archivebox ];
});
}

10
configs/nixos/ni/modules/services/mail-archive.nix
View File

@ -17,8 +17,7 @@ let
newsgroup = "inbox.comp.systemd.devel";
};
};
in
{
in {
options.hosts.ni.services.mail-archive.enable =
lib.mkEnableOption "preferred mail archiving service";
@ -30,9 +29,7 @@ in
http = {
enable = true;
port = "/run/public-inbox-http.sock";
mounts = [
"https://mail.ni.internal/inbox"
];
mounts = [ "https://mail.ni.internal/inbox" ];
};
imap.enable = true;
nntp.enable = true;
@ -54,7 +51,8 @@ in
services.nginx.virtualHosts."mail.ni.internal" = {
locations."/".return = "302 /inbox";
locations."= /inbox".return = "302 /inbox/";
locations."/inbox".proxyPass = "http://unix:${config.services.public-inbox.http.port}:/inbox";
locations."/inbox".proxyPass =
"http://unix:${config.services.public-inbox.http.port}:/inbox";
locations."= /style/light.css".alias = pkgs.writeText "light.css" ''
* { background:#fff; color:#000 }

8
configs/nixos/ni/modules/services/monitoring.nix
View File

@ -3,8 +3,7 @@
let
hostCfg = config.hosts.ni;
cfg = hostCfg.services.monitoring;
in
{
in {
options.hosts.ni.services.monitoring.enable =
lib.mkEnableOption "enable local desktop monitoring service";
@ -13,9 +12,8 @@ in
services.grafana.enable = true;
services.grafana.declarativePlugins = with pkgs.grafanaPlugins; [
grafana-piechart-panel
];
services.grafana.declarativePlugins = with pkgs.grafanaPlugins;
[ grafana-piechart-panel ];
services.grafana.settings = {
database.type = "sqlite3";

57
configs/nixos/ni/modules/services/penpot/default.nix
View File

@ -5,15 +5,12 @@ let
cfg = hostCfg.services.penpot;
port = builtins.toString config.state.ports.penpot-frontend.value;
in
{
in {
options.hosts.ni.services.penpot.enable =
lib.mkEnableOption "self-hosted Penpot design tool";
config = lib.mkIf cfg.enable {
state.ports = {
penpot-frontend.value = 9001;
};
state.ports = { penpot-frontend.value = 9001; };
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml {
"penpot/env" = { };
@ -26,17 +23,10 @@ in
virtualisation.oci-containers.containers.penpot-frontend = {
image = "docker.io/penpotapp/frontend:latest";
dependsOn = [
"penpot-backend"
"penpot-exporter"
];
dependsOn = [ "penpot-backend" "penpot-exporter" ];
ports = lib.singleton "127.0.0.1:${port}:${port}";
extraOptions = [
"--network=penpot"
];
volumes = [
"penpot_assets:/opt/data/assets"
];
extraOptions = [ "--network=penpot" ];
volumes = [ "penpot_assets:/opt/data/assets" ];
environment.PENPOT_FLAGS = lib.concatStringsSep " " [
"enable-login-with-password"
"enable-webhooks"
@ -48,19 +38,10 @@ in
virtualisation.oci-containers.containers.penpot-backend = {
image = "docker.io/penpotapp/backend:latest";
volumes = [
"penpot_assets:/opt/data/assets"
];
extraOptions = [
"--network=penpot"
];
dependsOn = [
"penpot-postgres"
"penpot-redis"
];
environmentFiles = [
config.sops.secrets."penpot/env".path
];
volumes = [ "penpot_assets:/opt/data/assets" ];
extraOptions = [ "--network=penpot" ];
dependsOn = [ "penpot-postgres" "penpot-redis" ];
environmentFiles = [ config.sops.secrets."penpot/env".path ];
environment = {
PENPOT_FLAGS = lib.concatStringsSep " " [
"enable-registration"
@ -77,9 +58,7 @@ in
virtualisation.oci-containers.containers.penpot-exporter = {
image = "docker.io/penpotapp/exporter:latest";
extraOptions = [
"--network=penpot"
];
extraOptions = [ "--network=penpot" ];
environment = {
PENPOT_PUBLIC_URI = "http://penpot-frontend";
PENPOT_REDIS_URI = "redis://penpot-redis/0";
@ -88,24 +67,16 @@ in
virtualisation.oci-containers.containers.penpot-redis = {
image = "docker.io/redis:7";
extraOptions = [
"--network=penpot"
];
extraOptions = [ "--network=penpot" ];
};
virtualisation.oci-containers.containers.penpot-postgres = {
image = "docker.io/postgres:15";
volumes = [
"penpot_postgres_v15:/var/lib/postgresql/data"
];
volumes = [ "penpot_postgres_v15:/var/lib/postgresql/data" ];
extraOptions = [ "--network=penpot" ];
environmentFiles = [
config.sops.secrets."penpot/postgres_env".path
];
environmentFiles = [ config.sops.secrets."penpot/postgres_env".path ];
environment = {
POSTGRES_INITDB_ARGS = lib.concatStringsSep " " [
"--data-checksums"
];
POSTGRES_INITDB_ARGS = lib.concatStringsSep " " [ "--data-checksums" ];
POSTGRES_DB = "penpot";
};
};

3
configs/nixos/ni/modules/services/reverse-proxy.nix
View File

@ -4,8 +4,7 @@
let
hostCfg = config.hosts.ni;
cfg = hostCfg.services.reverse-proxy;
in
{
in {
options.hosts.ni.services.reverse-proxy.enable =
lib.mkEnableOption "private-use reverse proxy setup";

8
configs/nixos/ni/modules/services/rss-reader/default.nix
View File

@ -5,14 +5,13 @@ let
cfg = hostCfg.services.rss-reader;
port = config.state.ports.miniflux.value;
in
{
in {
options.hosts.ni.services.rss-reader.enable =
lib.mkEnableOption "preferred RSS reader service";
config = lib.mkIf cfg.enable {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml {
"miniflux/admin" = {};
"miniflux/admin" = { };
};
state.ports.miniflux.value = 9640;
@ -35,7 +34,8 @@ in
wrapper-manager.packages.miniflux-helper = {
wrappers.miniflux-helper = {
arg0 = lib.getExe' config.services.miniflux.package "miniflux";
env = lib.mapAttrs (_: value: { value = builtins.toString value; }) config.services.miniflux.config;
env = lib.mapAttrs (_: value: { value = builtins.toString value; })
config.services.miniflux.config;
};
};
};

6
configs/nixos/ni/modules/setups/desktop.nix
View File

@ -5,9 +5,9 @@ let
cfg = hostCfg.setups.desktop;
hasAnyWorkflowEnabled = workflows:
lib.lists.any (workflow: lib.elem workflow config.workflows.enable) workflows;
in
{
lib.lists.any (workflow: lib.elem workflow config.workflows.enable)
workflows;
in {
options.hosts.ni.setups.desktop.enable =
lib.mkEnableOption "desktop environment setup";

25
configs/nixos/ni/modules/setups/development.nix
View File

@ -3,8 +3,7 @@
let
hostCfg = config.hosts.ni;
cfg = hostCfg.setups.development;
in
{
in {
options.hosts.ni.setups.development.enable =
lib.mkEnableOption "software development setup";
@ -33,15 +32,14 @@ in
logDriver = "journald";
};
environment.systemPackages = with pkgs;
[
# For debugging build environments in Nix packages.
cntr
environment.systemPackages = with pkgs; [
# For debugging build environments in Nix packages.
cntr
devpod-desktop
devpod-desktop
freecad
];
freecad
];
# Enable the terminal emulator of choice.
programs.wezterm.enable = true;
@ -60,10 +58,7 @@ in
};
# Adding a bunch of emulated systems for cross-system building.
boot.binfmt.emulatedSystems = [
"aarch64-linux"
"riscv64-linux"
];
boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ];
}
(lib.mkIf config.suites.dev.containers.enable {
@ -72,9 +67,7 @@ in
services.cockpit = {
enable = true;
port = config.state.ports.cockpit.value;
settings = {
WebService.AllowUnencrypted = true;
};
settings = { WebService.AllowUnencrypted = true; };
};
# Setting up a single-node k3s cluster for learning purposes.

13
configs/nixos/ni/modules/setups/gaming.nix
View File

@ -3,10 +3,8 @@
let
hostCfg = config.hosts.ni;
cfg = hostCfg.setups.gaming;
in
{
options.hosts.ni.setups.gaming.enable =
lib.mkEnableOption "gaming setup";
in {
options.hosts.ni.setups.gaming.enable = lib.mkEnableOption "gaming setup";
config = lib.mkIf cfg.enable {
# Bring all of the goodies.
@ -16,12 +14,7 @@ in
retro-computing.enable = true;
};
programs.retroarch.cores = with pkgs.libretro; [
pcsx2
dolphin
citra
mame
];
programs.retroarch.cores = with pkgs.libretro; [ pcsx2 dolphin citra mame ];
# Bring more of them games.
environment.systemPackages = with pkgs; [

18
configs/nixos/ni/modules/setups/music.nix
View File

@ -3,8 +3,7 @@
let
hostCfg = config.hosts.ni;
cfg = hostCfg.setups.music;
in
{
in {
options.hosts.ni.setups.music.enable =
lib.mkEnableOption "music streaming and organizing setup";
@ -29,7 +28,8 @@ in
};
uxplay = {
value = 10001;
openFirewall = true; };
openFirewall = true;
};
uxplayClients = {
value = foodogsquaredLib.nixos.makeRange' uxplay.value 10;
openFirewall = true;
@ -40,12 +40,10 @@ in
services.gonic = {
enable = true;
settings = rec {
listen-addr = "localhost:${builtins.toString config.state.ports.gonic.value}";
listen-addr =
"localhost:${builtins.toString config.state.ports.gonic.value}";
cache-path = "${config.state.paths.cacheDir}/gonic";
music-path =
[
"/srv/Music"
];
music-path = [ "/srv/Music" ];
podcast-path = "${cache-path}/podcasts";
playlists-path = "${cache-path}/playlists";
@ -102,9 +100,7 @@ in
airplay = {
type = "airplay";
location = lib.getExe' pkgs.shairport-sync "shairport-sync";
query = {
devicename = "Snapcast";
};
query = { devicename = "Snapcast"; };
};
spotify = {

3
configs/nixos/plover/default.nix
View File

@ -39,7 +39,8 @@
};
# Overriding the kernel version for ourselves.
boot.kernelPackages = lib.mkOverride 500 pkgs.linuxKernel.packages.linux_6_11_hardened;
boot.kernelPackages =
lib.mkOverride 500 pkgs.linuxKernel.packages.linux_6_11_hardened;
# We're using our own VPN configuration for this one.
suites.vpn.personal.enable = true;

2
configs/nixos/plover/files/gitea/versions.tf
View File

@ -1,7 +1,7 @@
terraform {
required_providers {
gitea = {
source = "go-gitea/gitea"
source = "go-gitea/gitea"
version = "0.5.1"
}
}

6
configs/nixos/plover/modules/hardware/networks.nix
View File

@ -1,10 +1,8 @@
# It just contains a set of network-related variables mainly used for
# network-related services. Make sure to change this every time you migrate to
# a new server.
let
inherit (builtins) toString;
in
rec {
let inherit (builtins) toString;
in rec {
# This is expected to be /48 block (i.e., `fc00:b0de:5685::/48`).
# The thing is generated using a ULA generator.
privateIPv6Prefix = "fd89:c181:8016";

10
configs/nixos/plover/modules/profiles/hetzner-cloud-cx22.nix
View File

@ -1,9 +1,7 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
# Hetzner can only support non-UEFI bootloader (or at least it doesn't with
# systemd-boot).
@ -13,12 +11,14 @@
efiInstallAsRemovable = true;
};
boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sd_mod" "sr_mod" ];
boot.initrd.availableKernelModules =
[ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "nvme" ];
zramSwap.enable = true;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
services.qemuGuest.enable = true;
systemd.services.qemu-guest-agent.path = [ pkgs.shadow ];

3
configs/nixos/plover/modules/services/atuin.nix
View File

@ -11,8 +11,7 @@ let
atuinInternalDomain = "atuin.${config.networking.fqdn}";
host = interfaces.lan.IPv4.address;
in
{
in {
options.hosts.plover.services.atuin.enable =
lib.mkEnableOption "Atuin sync server setup";

85
configs/nixos/plover/modules/services/backup.nix
View File

@ -7,63 +7,64 @@ let
# The head of the Borgbase hostname.
hetzner-boxes-user = "u332477";
hetzner-boxes-server = "${hetzner-boxes-user}.your-storagebox.de";
borgRepo = path: "ssh://${hetzner-boxes-user}@${hetzner-boxes-server}:23/./borg/plover/${path}";
borgRepo = path:
"ssh://${hetzner-boxes-user}@${hetzner-boxes-server}:23/./borg/plover/${path}";
jobCommonSettings = { patternFiles ? [ ], patterns ? [ ], paths ? [ ], repo, passCommand }: {
inherit paths repo;
compression = "zstd,11";
dateFormat = "+%F-%H-%M-%S-%z";
doInit = true;
encryption = {
inherit passCommand;
mode = "repokey-blake2";
};
extraCreateArgs =
let
jobCommonSettings =
{ patternFiles ? [ ], patterns ? [ ], paths ? [ ], repo, passCommand }: {
inherit paths repo;
compression = "zstd,11";
dateFormat = "+%F-%H-%M-%S-%z";
doInit = true;
encryption = {
inherit passCommand;
mode = "repokey-blake2";
};
extraCreateArgs = let
args = lib.flatten [
(builtins.map
(patternFile: "--patterns-from ${lib.escapeShellArg patternFile}")
patternFiles)
(builtins.map
(pattern: "--pattern ${lib.escapeShellArg pattern}")
(builtins.map (pattern: "--pattern ${lib.escapeShellArg pattern}")
patterns)
];
in
lib.concatStringsSep " " args;
extraInitArgs = "--make-parent-dirs";
persistentTimer = true;
preHook = ''
extraCreateArgs="$extraCreateArgs --stats"
'';
prune.keep = {
weekly = 4;
monthly = 12;
yearly = 6;
in lib.concatStringsSep " " args;
extraInitArgs = "--make-parent-dirs";
persistentTimer = true;
preHook = ''
extraCreateArgs="$extraCreateArgs --stats"
'';
prune.keep = {
weekly = 4;
monthly = 12;
yearly = 6;
};
startAt = "monthly";
environment.BORG_RSH = "ssh -i ${config.sops.secrets."ssh-key".path}";
};
startAt = "monthly";
environment.BORG_RSH = "ssh -i ${config.sops.secrets."ssh-key".path}";
};
in
{
in {
options.hosts.plover.services.backup.enable =
lib.mkEnableOption "backup service";
config = lib.mkIf cfg.enable {
sops.secrets = foodogsquaredLib.sops-nix.getSecrets ../../secrets/secrets.yaml {
"borg/repos/services/password" = { };
};
sops.secrets =
foodogsquaredLib.sops-nix.getSecrets ../../secrets/secrets.yaml {
"borg/repos/services/password" = { };
};
services.borgbackup.jobs = {
# Backups for various services.
services-backup = jobCommonSettings
{
paths = [
# ACME accounts and TLS certificates
"/var/lib/acme"
];
repo = borgRepo "services";
passCommand = "cat ${config.sops.secrets."borg/repos/services/password".path}";
} // { startAt = "daily"; };
services-backup = jobCommonSettings {
paths = [
# ACME accounts and TLS certificates
"/var/lib/acme"
];
repo = borgRepo "services";
passCommand =
"cat ${config.sops.secrets."borg/repos/services/password".path}";
} // {
startAt = "daily";
};
};
programs.ssh.extraConfig = ''

3
configs/nixos/plover/modules/services/crowdsec.nix
View File

@ -3,8 +3,7 @@
let
hostCfg = config.hosts.plover;
cfg = hostCfg.services.crowdsec;
in
{
in {
options.hosts.plover.services.crowdsec.enable =
lib.mkEnableOption "Crowdsec service";

31
configs/nixos/plover/modules/services/database.nix
View File

@ -7,8 +7,7 @@ let
cfg = hostCfg.services.database;
postgresqlDomain = "postgres.${config.networking.domain}";
in
{
in {
options.hosts.plover.services.database.enable =
lib.mkEnableOption "preferred service SQL database";
@ -22,10 +21,8 @@ in
enableTCPIP = true;
settings =
let
credsDir = path: "/run/credentials/postgresql.service/${path}";
in
{
let credsDir = path: "/run/credentials/postgresql.service/${path}";
in {
port = config.state.ports.postgresql.value;
# Still doing the secure schema usage pattern.
@ -50,16 +47,15 @@ in
# Setting this up for TLS.
systemd.services.postgresql = {
requires = [ "acme-finished-${postgresqlDomain}.target" ];
serviceConfig.LoadCredential =
let
certDirectory = config.security.acme.certs."${postgresqlDomain}".directory;
certCredentialPath = path: "${path}:${certDirectory}/${path}";
in
[
(certCredentialPath "cert.pem")
(certCredentialPath "key.pem")
(certCredentialPath "fullchain.pem")
];
serviceConfig.LoadCredential = let
certDirectory =
config.security.acme.certs."${postgresqlDomain}".directory;
certCredentialPath = path: "${path}:${certDirectory}/${path}";
in [
(certCredentialPath "cert.pem")
(certCredentialPath "key.pem")
(certCredentialPath "fullchain.pem")
];
};
security.acme.certs."${postgresqlDomain}".postRun = ''
@ -69,7 +65,8 @@ in
(lib.mkIf hostCfg.services.backup.enable {
# Add the dumps to be backed up.
services.borgbackup.jobs.services-backup.paths = [ config.services.postgresqlBackup.location ];
services.borgbackup.jobs.services-backup.paths =
[ config.services.postgresqlBackup.location ];
})
]);
}

292
configs/nixos/plover/modules/services/dns-server/default.nix
View File

@ -26,8 +26,7 @@ let
};
dnsSubdomain = "ns1.${domain}";
in
{
in {
options.hosts.plover.services.dns-server.enable =
lib.mkEnableOption "preferred DNS server";
@ -39,19 +38,17 @@ in
dnsOverTLS.value = 853;
};
sops.secrets =
let
dnsFileAttribute = {
owner = config.users.users.named.name;
group = config.users.users.named.group;
mode = "0400";
};
in
foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml {
"dns/${domain}/rfc2136-key" = dnsFileAttribute // {
reloadUnits = [ "bind.service" ];
};
sops.secrets = let
dnsFileAttribute = {
owner = config.users.users.named.name;
group = config.users.users.named.group;
mode = "0400";
};
in foodogsquaredLib.sops-nix.getSecrets ./secrets.yaml {
"dns/${domain}/rfc2136-key" = dnsFileAttribute // {
reloadUnits = [ "bind.service" ];
};
};
# Install the utilities.
environment.systemPackages = [ config.services.bind.package ];
@ -60,137 +57,141 @@ in
enable = true;
forward = "first";
cacheNetworks = [
"127.0.0.1"
"::1"
];
cacheNetworks = [ "127.0.0.1" "::1" ];
listenOn = [
"127.0.0.1"
wan.ipv4
lan.ipv4
];
listenOn = [ "127.0.0.1" wan.ipv4 lan.ipv4 ];
listenOnIpv6 = [
"::1"
wan.ipv6
lan.ipv6
];
listenOnIpv6 = [ "::1" wan.ipv6 lan.ipv6 ];
# Welp, since the template is pretty limited, we'll have to go with our
# own. This is partially based from the NixOS Bind module except without
# the template for filling in zones since we use views.
configFile =
let
cfg = config.services.bind;
certDir = path: "/run/credentials/bind.service/${path}";
listenInterfaces = lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOn;
listenInterfacesIpv6 = lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6;
in
pkgs.writeText "named.conf" ''
include "/etc/bind/rndc.key";
include "${config.sops.secrets."dns/${domain}/rfc2136-key".path}";
configFile = let
cfg = config.services.bind;
certDir = path: "/run/credentials/bind.service/${path}";
listenInterfaces =
lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOn;
listenInterfacesIpv6 =
lib.concatMapStrings (entry: " ${entry}; ") cfg.listenOnIpv6;
in pkgs.writeText "named.conf" ''
include "/etc/bind/rndc.key";
include "${config.sops.secrets."dns/${domain}/rfc2136-key".path}";
controls {
inet 127.0.0.1 allow {localhost;} keys {"rndc-key";};
controls {
inet 127.0.0.1 allow {localhost;} keys {"rndc-key";};
};
tls ${dnsSubdomain} {
key-file "${certDir "key.pem"}";
cert-file "${certDir "cert.pem"}";
dhparam-file "${config.security.dhparams.params.bind.path}";
ciphers "HIGH:!kRSA:!aNULL:!eNULL:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!SHA1:!SHA256:!SHA384";
prefer-server-ciphers yes;
session-tickets no;
};
http ${dnsSubdomain} {
endpoints { "/dns-query"; };
};
acl trusted { ${
lib.concatStringsSep "; " [ "10.0.0.0/8" ]
}; localhost; };
acl cachenetworks { ${
lib.concatMapStrings (entry: " ${entry}; ") cfg.cacheNetworks
} };
acl badnetworks { ${
lib.concatMapStrings (entry: " ${entry}; ") cfg.blockedNetworks
} };
options {
# Native DNS.
listen-on { ${listenInterfaces} };
listen-on-v6 { ${listenInterfacesIpv6} };
# DNS-over-TLS.
listen-on tls ${dnsSubdomain} { ${listenInterfaces} };
listen-on-v6 tls ${dnsSubdomain} { ${listenInterfacesIpv6} };
# DNS-over-HTTPS.
tls-port ${builtins.toString config.state.ports.dnsOverTLS.value};
https-port ${
builtins.toString config.state.ports.dnsOverHTTPS.value
};
listen-on tls ${dnsSubdomain} http ${dnsSubdomain} { ${listenInterfaces} };
listen-on-v6 tls ${dnsSubdomain} http ${dnsSubdomain} { ${listenInterfacesIpv6} };
allow-query { cachenetworks; };
blackhole { badnetworks; };
forward ${cfg.forward};
forwarders { ${
lib.concatMapStrings (entry: " ${entry}; ") cfg.forwarders
} };
directory "${cfg.directory}";
pid-file "/run/named/named.pid";
};
view internal {
match-clients { trusted; };
allow-query { any; };
allow-recursion { any; };
// We'll use systemd-resolved as our forwarder.
forwarders { 127.0.0.53 port 53; };
zone "${fqdn}" {
type primary;
file "${getZoneFile fqdn}";
};
tls ${dnsSubdomain} {
key-file "${certDir "key.pem"}";
cert-file "${certDir "cert.pem"}";
dhparam-file "${config.security.dhparams.params.bind.path}";
ciphers "HIGH:!kRSA:!aNULL:!eNULL:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!SHA1:!SHA256:!SHA384";
prefer-server-ciphers yes;
session-tickets no;
};
zone "${domain}" {
type primary;
http ${dnsSubdomain} {
endpoints { "/dns-query"; };
};
acl trusted { ${lib.concatStringsSep "; " [ "10.0.0.0/8" ]}; localhost; };
acl cachenetworks { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.cacheNetworks} };
acl badnetworks { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.blockedNetworks} };
options {
# Native DNS.
listen-on { ${listenInterfaces} };
listen-on-v6 { ${listenInterfacesIpv6} };
# DNS-over-TLS.
listen-on tls ${dnsSubdomain} { ${listenInterfaces} };
listen-on-v6 tls ${dnsSubdomain} { ${listenInterfacesIpv6} };
# DNS-over-HTTPS.
tls-port ${builtins.toString config.state.ports.dnsOverTLS.value};
https-port ${builtins.toString config.state.ports.dnsOverHTTPS.value};
listen-on tls ${dnsSubdomain} http ${dnsSubdomain} { ${listenInterfaces} };
listen-on-v6 tls ${dnsSubdomain} http ${dnsSubdomain} { ${listenInterfacesIpv6} };
allow-query { cachenetworks; };
blackhole { badnetworks; };
forward ${cfg.forward};
forwarders { ${lib.concatMapStrings (entry: " ${entry}; ") cfg.forwarders} };
directory "${cfg.directory}";
pid-file "/run/named/named.pid";
};
view internal {
match-clients { trusted; };
allow-query { any; };
allow-recursion { any; };
// We'll use systemd-resolved as our forwarder.
forwarders { 127.0.0.53 port 53; };
zone "${fqdn}" {
type primary;
file "${getZoneFile fqdn}";
};
zone "${domain}" {
type primary;
file "${getZoneFile domain}";
allow-transfer { ${lib.concatStringsSep "; " config.state.network.secondaryNameservers}; };
update-policy {
grant rfc2136key.${domain}. zonesub TXT;
};
file "${getZoneFile domain}";
allow-transfer { ${
lib.concatStringsSep "; "
config.state.network.secondaryNameservers
}; };
update-policy {
grant rfc2136key.${domain}. zonesub TXT;
};
};
};
view external {
match-clients { any; };
view external {
match-clients { any; };
forwarders { };
empty-zones-enable yes;
allow-query { any; };
allow-recursion { none; };
forwarders { };
empty-zones-enable yes;
allow-query { any; };
allow-recursion { none; };
zone "${domain}" {
in-view internal;
};
zone "${domain}" {
in-view internal;
};
};
${cfg.extraConfig}
'';
${cfg.extraConfig}
'';
};
systemd.services.bind = {
path = with pkgs; [ replace-secret ];
preStart =
let
domainZone' = getZoneFile domain;
fqdnZone' = getZoneFile fqdn;
in
lib.mkAfter ''
# Install the domain zone.
[ -f ${lib.escapeShellArg domainZone'} ] || install -Dm0600 ${zonefile} ${lib.escapeShellArg domainZone'}
preStart = let
domainZone' = getZoneFile domain;
fqdnZone' = getZoneFile fqdn;
in lib.mkAfter ''
# Install the domain zone.
[ -f ${
lib.escapeShellArg domainZone'
} ] || install -Dm0600 ${zonefile} ${lib.escapeShellArg domainZone'}
# Install the internal DNS zones.
[ -f ${lib.escapeShellArg fqdnZone'} ] || install -Dm0600 '${fqdnZone}' ${lib.escapeShellArg fqdnZone'}
'';
# Install the internal DNS zones.
[ -f ${
lib.escapeShellArg fqdnZone'
} ] || install -Dm0600 '${fqdnZone}' ${lib.escapeShellArg fqdnZone'}
'';
serviceConfig = {
# Additional service hardening. You can see most of the options from
@ -200,16 +201,15 @@ in
UMask = "0037";
# Get the credentials into the service.
LoadCredential =
let
certDirectory = config.security.acme.certs."${dnsSubdomain}".directory;
certCredentialPath = path: "${path}:${certDirectory}/${path}";
in
[
(certCredentialPath "cert.pem")
(certCredentialPath "key.pem")
(certCredentialPath "fullchain.pem")
];
LoadCredential = let
certDirectory =
config.security.acme.certs."${dnsSubdomain}".directory;
certCredentialPath = path: "${path}:${certDirectory}/${path}";
in [
(certCredentialPath "cert.pem")
(certCredentialPath "key.pem")
(certCredentialPath "fullchain.pem")
];
LogFilterPatterns = [
# systemd-resolved doesn't have DNS cookie support, it seems.
@ -232,10 +232,7 @@ in
# Make the filesystem invisible to the service.
ProtectSystem = "strict";
ReadWritePaths = [
config.services.bind.directory
"/etc/bind"
];
ReadWritePaths = [ config.services.bind.directory "/etc/bind" ];
ReadOnlyPaths = [
config.security.dhparams.params.bind.path
config.security.acme.certs."${dnsSubdomain}".directory
@ -262,13 +259,8 @@ in
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
# Restrict what address families can it access.
RestrictAddressFamilies = [
"AF_LOCAL"
"AF_NETLINK"
"AF_BRIDGE"
"AF_INET"
"AF_INET6"
];
RestrictAddressFamilies =
[ "AF_LOCAL" "AF_NETLINK" "AF_BRIDGE" "AF_INET" "AF_INET6" ];
# Restricting what namespaces it can create.
RestrictNamespaces = true;
@ -284,14 +276,18 @@ in
services.bind.extraConfig = ''
statistics-channels {
inet 127.0.0.1 port ${builtins.toString config.state.ports.bindStatistics.value} allow { 127.0.0.1; };
inet 127.0.0.1 port ${
builtins.toString config.state.ports.bindStatistics.value
} allow { 127.0.0.1; };
};
'';
services.prometheus.exporters = {
bind = {
enable = true;
bindURI = "http://127.0.0.1/${builtins.toString config.state.ports.bindStatistics.value}";
bindURI = "http://127.0.0.1/${
builtins.toString config.state.ports.bindStatistics.value
}";
};
};
})
@ -303,7 +299,9 @@ in
zone dns 64k;
'';
servers = {
"127.0.0.1:${builtins.toString config.state.ports.dnsOverHTTPS.value}" = { };
"127.0.0.1:${
builtins.toString config.state.ports.dnsOverHTTPS.value
}" = { };
};
};

3
configs/nixos/plover/modules/services/fail2ban.nix
View File

@ -5,8 +5,7 @@ let
cfg = hostCfg.services.fail2ban;
inherit (import ../hardware/networks.nix) interfaces;
in
{
in {
options.hosts.plover.services.fail2ban.enable =
lib.mkEnableOption "fail2ban monitoring";

6
configs/nixos/plover/modules/services/firewall.nix
View File

@ -3,9 +3,9 @@
let
hostCfg = config.hosts.plover;
cfg = hostCfg.services.firewall;
in
{
options.hosts.plover.services.firewall.enable = lib.mkEnableOption "firewall setup";
in {
options.hosts.plover.services.firewall.enable =
lib.mkEnableOption "firewall setup";
config = lib.mkIf cfg.enable {
networking = {

18
configs/nixos/plover/modules/services/idm.nix
View File

@ -10,9 +10,9 @@ let
certsDir = config.security.acme.certs."${authDomain}".directory;
backupsDir = "${config.state.paths.dataDir}/kanidm/backups";
in
{
options.hosts.plover.services.idm.enable = lib.mkEnableOption "preferred IDM server";
in {
options.hosts.plover.services.idm.enable =
lib.mkEnableOption "preferred IDM server";
config = lib.mkIf cfg.enable (lib.mkMerge [
{
@ -61,7 +61,10 @@ in
# Integrating kanidm-unixd.
UsePAM = true;
PubkeyAuthentication = true;
AuthorizedKeysCommand = "${lib.getExe' config.services.kanidm.package "kanidm_ssh_authorizedkeys"} %u";
AuthorizedKeysCommand = "${
lib.getExe' config.services.kanidm.package
"kanidm_ssh_authorizedkeys"
} %u";
AuthorizedKeysCommandUser = "nobody";
};
@ -73,7 +76,8 @@ in
mkdir -p "${backupsDir}"
'';
serviceConfig = {
SupplementaryGroups = [ config.security.acme.certs."${authDomain}".group ];
SupplementaryGroups =
[ config.security.acme.certs."${authDomain}".group ];
};
};
}
@ -91,9 +95,7 @@ in
extraConfig = ''
zone services;
'';
servers = {
"localhost:${builtins.toString port}" = { };
};
servers = { "localhost:${builtins.toString port}" = { }; };
};
})

40
configs/nixos/plover/modules/services/monitoring.nix
View File

@ -5,32 +5,28 @@ let
cfg = hostCfg.services.monitoring;
prometheusExports = config.services.prometheus.exporters;
in
{
in {
options.hosts.plover.services.monitoring.enable =
lib.mkEnableOption "preferred monitoring stack";
config = lib.mkIf cfg.enable (lib.mkMerge [
{
services.prometheus = {
enable = true;
config = lib.mkIf cfg.enable (lib.mkMerge [{
services.prometheus = {
enable = true;
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
};
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
};
scrapeConfigs = [
{
job_name = config.networking.hostName;
static_configs = [{
targets = [ "127.0.0.1:${builtins.toString prometheusExports.node.port}" ];
}];
}
];
};
}
]);
scrapeConfigs = [{
job_name = config.networking.hostName;
static_configs = [{
targets =
[ "127.0.0.1:${builtins.toString prometheusExports.node.port}" ];
}];
}];
};
}]);
}

48
configs/nixos/plover/modules/services/networking.nix
View File

@ -8,8 +8,7 @@ let
mainEthernetInterfaceNames = [ "eth0" "enp1s0" ];
internalEthernetInterfaceNames = [ "enp7s0" ];
inherit (config.state.network) interfaces;
in
{
in {
options.hosts.plover.services.networking = {
enable = lib.mkEnableOption "preferred networking setup";
@ -67,8 +66,7 @@ in
# For more information, you can look at Hetzner documentation from
# https://docs.hetzner.com/robot/dedicated-server/ip/additional-ip-adresses/
networks = {
"10-wan" = let
inherit (interfaces) wan;
"10-wan" = let inherit (interfaces) wan;
in {
matchConfig = {
Name = lib.concatStringsSep " " mainEthernetInterfaceNames;
@ -87,10 +85,7 @@ in
};
address = [ "${wan.ipv6}/64" ];
dns = [
"2a01:4ff:ff00::add:2"
"2a01:4ff:ff00::add:1"
];
dns = [ "2a01:4ff:ff00::add:2" "2a01:4ff:ff00::add:1" ];
routes = [
{
@ -102,28 +97,27 @@ in
Gateway = wan.ipv6Gateway;
GatewayOnLink = true;
}
]
++ lib.optionals cfg.restrictLocalOnWAN [
{
Destination = "176.16.0.0/12";
Type = "unreachable";
}
] ++ lib.optionals cfg.restrictLocalOnWAN [
{
Destination = "176.16.0.0/12";
Type = "unreachable";
}
{
Destination = "10.0.0.0/8";
Type = "unreachable";
}
{
Destination = "10.0.0.0/8";
Type = "unreachable";
}
{
Destination = "192.168.0.0/16";
Type = "unreachable";
}
{
Destination = "192.168.0.0/16";
Type = "unreachable";
}
{
Destination = "fc00::/7";
Type = "unreachable";
}
];
{
Destination = "fc00::/7";
Type = "unreachable";
}
];
linkConfig.RequiredForOnline = "routable";
};

21
configs/nixos/plover/modules/services/wezterm-mux-server.nix
View File

@ -13,8 +13,7 @@ let
src = ../../config/wezterm/config.lua;
listen_address = listenAddress;
};
in
{
in {
options.hosts.plover.services.wezterm-mux-server.enable =
lib.mkEnableOption "Wezterm mux server setup";
@ -29,16 +28,14 @@ in
requires = [ "acme-finished-${weztermDomain}.target" ];
environment.WEZTERM_LOG = "info";
serviceConfig = {
LoadCredential =
let
certDir = config.security.acme.certs."${weztermDomain}".directory;
credentialCertPath = path: "${path}:${certDir}/${path}";
in
[
(credentialCertPath "key.pem")
(credentialCertPath "cert.pem")
(credentialCertPath "fullchain.pem")
];
LoadCredential = let
certDir = config.security.acme.certs."${weztermDomain}".directory;
credentialCertPath = path: "${path}:${certDir}/${path}";
in [
(credentialCertPath "key.pem")
(credentialCertPath "cert.pem")
(credentialCertPath "fullchain.pem")
];
};
};

28
configs/nixos/plover/terraform/dns.tf
View File

@ -1,30 +1,30 @@
variable zone_id {
variable "zone_id" {
description = "Hetzner DNS zone ID to be configured with."
}
resource "hetznerdns_record" "plover_ipv4" {
zone_id = var.zone_id
name = "plover"
type = "A"
value = hcloud_server.plover.ipv4_address
name = "plover"
type = "A"
value = hcloud_server.plover.ipv4_address
}
resource "hetznerdns_record" "plover_ipv6" {
zone_id = var.zone_id
name = "plover"
type = "AAAA"
value = hcloud_server.plover.ipv6_address
name = "plover"
type = "AAAA"
value = hcloud_server.plover.ipv6_address
}
variable services {
type = list(string)
default = [ "auth", "pass", "code" ]
variable "services" {
type = list(string)
default = ["auth", "pass", "code"]
}
resource "hetznerdns_record" "plover_services" {
for_each = toset(var.services)
zone_id = var.zone_id
name = each.key
type = "CNAME"
value = "plover"
zone_id = var.zone_id
name = each.key
type = "CNAME"
value = "plover"
}

4
configs/nixos/plover/terraform/main.tf
View File

@ -1,5 +1,5 @@
variable "ssh_keys" {
type = list(number)
type = list(number)
description = "SSH keys for the associated server"
}
@ -23,7 +23,7 @@ resource "hcloud_server" "plover" {
}
resource "hcloud_ssh_key" "plover" {
name = "plover.foodogsquared.one"
name = "plover.foodogsquared.one"
public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGo3tfNQjWZ5pxlqREfBgQJxdNzGHKJIy5hDS9Z+Hpth plover.foodogsquared.one"
}

16
configs/nixos/plover/terraform/tailscale.tf
View File

@ -3,25 +3,25 @@ data "tailscale_device" "plover" {
}
resource "tailscale_device_authorization" "plover_authorization" {
device_id = data.tailscale_device.plover.id
device_id = data.tailscale_device.plover.id
authorized = true
depends_on = [ hcloud_server.plover ]
depends_on = [hcloud_server.plover]
}
resource "tailscale_tailnet_key" "plover" {
reusable = false
ephemeral = false
preauthorized = true
reusable = false
ephemeral = false
preauthorized = true
recreate_if_invalid = "always"
description = "Plover"
description = "Plover"
}
resource "tailscale_device_tags" "hcloud_plover" {
device_id = data.tailscale_device.plover.id
tags = [ "tag:server" ]
tags = ["tag:server"]
}
resource "local_file" "tailscale_auth_key" {
content = tailscale_tailnet_key.plover.key
content = tailscale_tailnet_key.plover.key
filename = "${path.module}/plover-tailscale-auth-key"
}

6
configs/nixos/plover/terraform/versions.tf
View File

@ -6,17 +6,17 @@ terraform {
}
hetznerdns = {
source = "timohirt/hetznerdns"
source = "timohirt/hetznerdns"
version = "2.2.0"
}
tailscale = {
source = "tailscale/tailscale"
source = "tailscale/tailscale"
version = "0.17.2"
}
local = {
source = "hashicorp/local"
source = "hashicorp/local"
version = "2.5.2"
}
}

6
configs/nixos/winnowing/default.nix
View File

@ -5,11 +5,7 @@
"${modulesPath}/profiles/minimal.nix"
(foodogsquaredLib.mapHomeManagerUser "winnow" {
extraGroups = [
"wheel"
"docker"
"podman"
];
extraGroups = [ "wheel" "docker" "podman" ];
hashedPassword =
"$y$j9T$UFzEKZZZrmbJ05CTY8QAW0$X2RD4m.xswyJlXZC6AlmmuubPaWPQZg/Q1LDgHpXHx1";
isNormalUser = true;

10
configs/nixvim/fiesta/modules/setups/completion.nix
View File

@ -3,8 +3,7 @@
let
nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.completion;
in
{
in {
options.nixvimConfigs.fiesta.setups.completion.enable =
lib.mkEnableOption "debugging setup for Fiesta NixVim";
@ -26,11 +25,8 @@ in
"<S-Tab>" = "cmp.mapping.select_prev_item()";
};
settings.sources = [
{ name = "nvim_lsp"; }
{ name = "path"; }
{ name = "buffer"; }
];
settings.sources =
[ { name = "nvim_lsp"; } { name = "path"; } { name = "buffer"; } ];
};
# All of the typical completion sources I would need.

235
configs/nixvim/fiesta/modules/setups/debugging.nix
View File

@ -3,8 +3,7 @@
let
nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.debugging;
in
{
in {
options.nixvimConfigs.fiesta.setups.debugging.enable =
lib.mkEnableOption "debugging setup for Fiesta NixVim";
@ -20,125 +19,121 @@ in
};
};
keymaps =
let
bindingPrefix = "<Leader>d";
mkDAPBinding = binding: settings:
{
mode = "n";
key = "${bindingPrefix}${binding}";
} // settings;
in
lib.mapAttrsToList mkDAPBinding
keymaps = let
bindingPrefix = "<Leader>d";
mkDAPBinding = binding: settings:
{
"b" = {
options.desc = "Toggle breakpoint";
action = helpers.mkRaw "require('dap').toggle_breakpoint";
};
"B" = {
options.desc = "Set breakpoint";
action = helpers.mkRaw "require('dap').set_breakpoint";
};
"Bp" = {
options.desc = "Set breakpoint with log message";
action = helpers.mkRaw ''
function()
require('dap').set_breakpoint(nil, nil, vim.fn.input('Log point message: '))
end
'';
};
"n" = {
options.desc = "Continue";
action = helpers.mkRaw "require('dap').continue";
};
# You know, like a comma is supposed to do. I got nothing on this one
# but this is the best choice for now.
"," = {
options.desc = "Pause";
action = helpers.mkRaw "require('dap').pause";
};
"d" = {
options.desc = "Terminate";
action = helpers.mkRaw "require('dap').terminate";
};
"l" = {
options.desc = "Step over";
action = helpers.mkRaw "require('dap').step_over";
};
"j" = {
options.desc = "Step into";
action = helpers.mkRaw "require('dap').step_into";
};
"J" = {
options.desc = "Go up";
action = helpers.mkRaw "require('dap').up";
};
"k" = {
options.desc = "Step out";
action = helpers.mkRaw "require('dap').step_out";
};
"K" = {
options.desc = "Go down";
action = helpers.mkRaw "require('dap').down";
};
"rs" = {
options.desc = "Restart session";
action = helpers.mkRaw "require('dap').restart";
};
"rr" = {
options.desc = "Open debugging REPL";
action = helpers.mkRaw "require('dap').repl.open";
};
"rl" = {
options.desc = "Run last configuration";
action = helpers.mkRaw "require('dap').run_last";
};
"ph" = {
options.desc = "View the value under the cursor";
action = helpers.mkRaw "require('dap.ui.widgets').hover";
mode = [ "n" "v" ];
};
"pp" = {
options.desc = "See value in preview window";
action = helpers.mkRaw "require('dap.ui.widgets').preview";
mode = [ "n" "v" ];
};
}
++ lib.mapAttrsToList mkDAPBinding {
"<F5>" = {
options.desc = "Continue";
action = helpers.mkRaw "require('dap').continue";
};
"<F10>" = {
options.desc = "Step over";
action = helpers.mkRaw "require('dap').step_over";
};
"<F11>" = {
options.desc = "Step into";
action = helpers.mkRaw "require('dap').step_into";
};
"<F12>" = {
options.desc = "Step out";
action = helpers.mkRaw "require('dap').step_out";
};
mode = "n";
key = "${bindingPrefix}${binding}";
} // settings;
in lib.mapAttrsToList mkDAPBinding {
"b" = {
options.desc = "Toggle breakpoint";
action = helpers.mkRaw "require('dap').toggle_breakpoint";
};
"B" = {
options.desc = "Set breakpoint";
action = helpers.mkRaw "require('dap').set_breakpoint";
};
"Bp" = {
options.desc = "Set breakpoint with log message";
action = helpers.mkRaw ''
function()
require('dap').set_breakpoint(nil, nil, vim.fn.input('Log point message: '))
end
'';
};
"n" = {
options.desc = "Continue";
action = helpers.mkRaw "require('dap').continue";
};
# You know, like a comma is supposed to do. I got nothing on this one
# but this is the best choice for now.
"," = {
options.desc = "Pause";
action = helpers.mkRaw "require('dap').pause";
};
"d" = {
options.desc = "Terminate";
action = helpers.mkRaw "require('dap').terminate";
};
"l" = {
options.desc = "Step over";
action = helpers.mkRaw "require('dap').step_over";
};
"j" = {
options.desc = "Step into";
action = helpers.mkRaw "require('dap').step_into";
};
"J" = {
options.desc = "Go up";
action = helpers.mkRaw "require('dap').up";
};
"k" = {
options.desc = "Step out";
action = helpers.mkRaw "require('dap').step_out";
};
"K" = {
options.desc = "Go down";
action = helpers.mkRaw "require('dap').down";
};
"rs" = {
options.desc = "Restart session";
action = helpers.mkRaw "require('dap').restart";
};
"rr" = {
options.desc = "Open debugging REPL";
action = helpers.mkRaw "require('dap').repl.open";
};
"rl" = {
options.desc = "Run last configuration";
action = helpers.mkRaw "require('dap').run_last";
};
"ph" = {
options.desc = "View the value under the cursor";
action = helpers.mkRaw "require('dap.ui.widgets').hover";
mode = [ "n" "v" ];
};
"pp" = {
options.desc = "See value in preview window";
action = helpers.mkRaw "require('dap.ui.widgets').preview";
mode = [ "n" "v" ];
};
} ++ lib.mapAttrsToList mkDAPBinding {
"<F5>" = {
options.desc = "Continue";
action = helpers.mkRaw "require('dap').continue";
};
"<F10>" = {
options.desc = "Step over";
action = helpers.mkRaw "require('dap').step_over";
};
"<F11>" = {
options.desc = "Step into";
action = helpers.mkRaw "require('dap').step_into";
};
"<F12>" = {
options.desc = "Step out";
action = helpers.mkRaw "require('dap').step_out";
};
};
};
}

3
configs/nixvim/fiesta/modules/setups/desktop-utils.nix
View File

@ -3,8 +3,7 @@
let
nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.desktop-utils;
in
{
in {
options.nixvimConfigs.fiesta.setups.desktop-utils.enable =
lib.mkEnableOption "desktop utilities to be used for this Neovim setup";

3
configs/nixvim/fiesta/modules/setups/devenvs.nix
View File

@ -3,8 +3,7 @@
let
nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.devenvs;
in
{
in {
options.nixvimConfigs.fiesta.setups.devenvs.enable =
lib.mkEnableOption "integration for typical devenvs";

120
configs/nixvim/fiesta/modules/setups/fuzzy-finder.nix
View File

@ -3,8 +3,7 @@
let
nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.fuzzy-finder;
in
{
in {
options.nixvimConfigs.fiesta.setups.fuzzy-finder.enable =
lib.mkEnableOption "fuzzy finder setup";
@ -17,68 +16,63 @@ in
};
# Configure all of the keymaps.
keymaps =
let
bindingPrefix = "<leader>f";
mkTelescopeKeymap = binding: settings:
lib.mergeAttrs
{
mode = "n";
key = "${bindingPrefix}${binding}";
keymaps = let
bindingPrefix = "<leader>f";
mkTelescopeKeymap = binding: settings:
lib.mergeAttrs {
mode = "n";
key = "${bindingPrefix}${binding}";
} settings;
in lib.mapAttrsToList mkTelescopeKeymap ({
"A" = {
options.desc = "Resume from last use";
action = helpers.mkRaw "require('telescope.builtin').resume";
};
"b" = {
options.desc = "List buffers";
action = helpers.mkRaw "require('telescope.builtin').buffers";
};
"f" = {
options.desc = "Find files";
action = helpers.mkRaw ''
function()
require('telescope.builtin').find_files { hidden = true }
end
'';
};
"F" = {
options.desc = "Find files in current directory";
action = helpers.mkRaw ''
function()
require('telescope.builtin').find_files {
cwd = require('telescope.utils').buffer_dir(),
hidden = true,
}
settings;
in
lib.mapAttrsToList mkTelescopeKeymap ({
"A" = {
options.desc = "Resume from last use";
action = helpers.mkRaw "require('telescope.builtin').resume";
};
"b" = {
options.desc = "List buffers";
action = helpers.mkRaw "require('telescope.builtin').buffers";
};
"f" = {
options.desc = "Find files";
action = helpers.mkRaw ''
function()
require('telescope.builtin').find_files { hidden = true }
end
'';
};
"F" = {
options.desc = "Find files in current directory";
action = helpers.mkRaw ''
function()
require('telescope.builtin').find_files {
cwd = require('telescope.utils').buffer_dir(),
hidden = true,
}
end
'';
};
"v" = {
options.desc = "Find files tracked by Git";
action = helpers.mkRaw "require('telescope.builtin').git_files";
};
"g" = {
options.desc = "Live grep for the whole project";
action = helpers.mkRaw "require('telescope.builtin').live_grep";
};
"h" = {
options.desc = "Find section from help tags";
action = helpers.mkRaw "require('telescope.builtin').help_tags";
};
"m" = {
options.desc = "Find manpage entries";
action = helpers.mkRaw "require('telescope.builtin').man_pages";
};
}
// lib.optionalAttrs nixvimCfg.setups.treesitter.enable {
"t" = {
options.desc = "List symbols from treesitter queries";
action = helpers.mkRaw "require('telescope.builtin').treesitter";
};
});
end
'';
};
"v" = {
options.desc = "Find files tracked by Git";
action = helpers.mkRaw "require('telescope.builtin').git_files";
};
"g" = {
options.desc = "Live grep for the whole project";
action = helpers.mkRaw "require('telescope.builtin').live_grep";
};
"h" = {
options.desc = "Find section from help tags";
action = helpers.mkRaw "require('telescope.builtin').help_tags";
};
"m" = {
options.desc = "Find manpage entries";
action = helpers.mkRaw "require('telescope.builtin').man_pages";
};
} // lib.optionalAttrs nixvimCfg.setups.treesitter.enable {
"t" = {
options.desc = "List symbols from treesitter queries";
action = helpers.mkRaw "require('telescope.builtin').treesitter";
};
});
};
}

40
configs/nixvim/fiesta/modules/setups/lsp.nix
View File

@ -3,30 +3,26 @@
let
nixvimConfig = config.nixvimConfigs.fiesta;
cfg = nixvimConfig.setups.lsp;
in
{
options.nixvimConfigs.fiesta.setups.lsp.enable =
lib.mkEnableOption null // {
description = ''
Whether to enable LSP setup. Take note you'll have to enable and
configure individual language servers yourself since the resulting
NixVim config can be pretty heavy.
'';
};
in {
options.nixvimConfigs.fiesta.setups.lsp.enable = lib.mkEnableOption null // {
description = ''
Whether to enable LSP setup. Take note you'll have to enable and
configure individual language servers yourself since the resulting
NixVim config can be pretty heavy.
'';
};
config = lib.mkIf cfg.enable {
keymaps = [
{
mode = [ "n" ];
key = "<leader>Li";
options.desc = "Toggle inlay hints";
action = helpers.mkRaw ''
function()
vim.lsp.inlay_hint.enable(not vim.lsp.inlay_hint.is_enabled())
end
'';
}
];
keymaps = [{
mode = [ "n" ];
key = "<leader>Li";
options.desc = "Toggle inlay hints";
action = helpers.mkRaw ''
function()
vim.lsp.inlay_hint.enable(not vim.lsp.inlay_hint.is_enabled())
end
'';
}];
plugins.lsp = {
enable = true;

14
configs/nixvim/fiesta/modules/setups/note-taking.nix
View File

@ -3,8 +3,7 @@
let
nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.note-taking;
in
{
in {
options.nixvimConfigs.fiesta.setups.note-taking.enable =
lib.mkEnableOption "basic note-taking setup";
@ -25,11 +24,10 @@ in
# Install the tree-sitter parsers.
plugins.treesitter.grammarPackages =
lib.mkIf
(config.plugins.neorg.settings ? load."core.defaults")
(with pkgs.tree-sitter-grammars; [
tree-sitter-norg
tree-sitter-norg-meta
]);
lib.mkIf (config.plugins.neorg.settings ? load."core.defaults")
(with pkgs.tree-sitter-grammars; [
tree-sitter-norg
tree-sitter-norg-meta
]);
};
}

3
configs/nixvim/fiesta/modules/setups/qol.nix
View File

@ -3,8 +3,7 @@
let
nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.devenvs;
in
{
in {
options.nixvimConfigs.fiesta.setups.qol.enable =
lib.mkEnableOption "quality-of-life improvements";

17
configs/nixvim/fiesta/modules/setups/snippets/default.nix
View File

@ -4,11 +4,8 @@ let
nixvimCfg = config.nixvimConfigs.fiesta;
cfg = nixvimCfg.setups.snippets;
luasnipKeymapConfig = {
mode = [ "i" "s" ];
};
in
{
luasnipKeymapConfig = { mode = [ "i" "s" ]; };
in {
options.nixvimConfigs.fiesta.setups.snippets.enable =
lib.mkEnableOption "snippets setup";
@ -26,12 +23,10 @@ in
plugins.friendly-snippets.enable = true;
# Load all of the custom snippets.
plugins.luasnip.fromLua = [
{
lazyLoad = true;
paths = ./snippets;
}
];
plugins.luasnip.fromLua = [{
lazyLoad = true;
paths = ./snippets;
}];
# Set up the keymaps ourselves since LuaSnip doesn't provide one as a
# config option.

Some files were not shown because too many files have changed in this diff Show More