gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

remove kairi user, remove wiki submodule, refactor for nixexprs

Browse source
This commit is contained in:
kat witch 2021-08-17 01:57:41 +01:00
parent 8775c500cb
commit 6008b46cd8
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
128 changed files with 130 additions and 4562 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,3 +1,4 @@
/result
/result*
/.direnv/
/wiki

3
.gitmodules vendored
View file

@ -2,6 +2,3 @@
path = depot/trusted
branch = main
url = "https://git.kittywit.ch/kat/nixfiles-trusted.git"
[submodule "wiki"]
path = wiki
url = git@github.com:kittywitch/nixfiles.wiki.git

13
default.nix
View file

@ -2,11 +2,13 @@ let
# Sources are from niv.
sources = import ./nix/sources.nix;
# We pass sources through to pkgs and get our nixpkgs + overlays.
pkgs = import ./pkgs { inherit sources; };
pkgs = import ./pkgs.nix { inherit sources; };
# We want our overlaid lib.
inherit (pkgs) lib;
# This is used for caching niv sources in CI.
sourceCache = import ./cache.nix { inherit sources lib; };
# This is used for the base path for hostImport.
root = ./.;
/*
This is used to generate specialArgs + the like. It works as such:
@ -19,13 +21,16 @@ let
lib.foldl' (a: b: a ++ b) [ ]
(map (e: if (filter e set.${e}) then [ e ] else [ ]) (lib.attrNames set));
depotNames = lib.unique (lib.folderList ./depot ["trusted"] ++ lib.folderList ./depot/trusted ["pkgs"]);
depot = lib.mapListToAttrs (folder: lib.nameValuePair folder (lib.domainMerge { inherit folder; })) depotNames;
depot = lib.mapListToAttrs (folder: lib.nameValuePair folder (lib.domainMerge {
inherit folder;
folderPaths = [ (./depot + "/${folder}") (./depot/trusted + "/${folder}") ];
})) depotNames;
/*
We use this to make the meta runner use this file and to use `--show-trace` on nix-builds.
We also pass through pkgs to meta this way.
*/
metaConfig = import ./meta-base.nix {
metaConfig = import ./meta.nix {
inherit pkgs lib depot;
};
@ -38,7 +43,7 @@ let
++ lib.singleton ./depot/modules/meta/default.nix;
specialArgs = {
inherit sources;
inherit sources root;
meta = self;
} // depot;
};

4
depot/hosts/athame/meta.nix
View file

@ -1,4 +1,4 @@
{ profiles, lib, config, ... }: with lib; {
{ profiles, lib, root, config, ... }: with lib; {
config = {
deploy.targets.infra = {
tf = {
@ -15,7 +15,7 @@ config = {
network.nodes.athame = {
imports = lib.hostImport {
hostName = "athame";
inherit profiles;
inherit profiles root;
};
networking = {
hostName = "athame";

4
depot/hosts/beltane/meta.nix
View file

@ -1,4 +1,4 @@
{ profiles, config, lib, ... }: with lib; {
{ profiles, config, root, lib, ... }: with lib; {
config = {
deploy.targets.beltane = {
tf = {
@ -15,7 +15,7 @@
network.nodes.beltane = {
imports = lib.hostImport {
hostName = "beltane";
inherit profiles;
inherit profiles root;
};
networking = {
hostName = "beltane";

3
depot/hosts/beltane/nixos.nix
View file

@ -94,6 +94,9 @@ with lib;
};
network = {
extraCerts = {
"private_root" = "altar.kittywit.ch";
};
addresses = {
private = {
ipv4.address = "192.168.1.2";

4
depot/hosts/dummy/meta.nix
View file

@ -1,9 +1,9 @@
{ lib, config, profiles, ... }: with lib; {
{ lib, config, root, profiles, ... }: with lib; {
deploy.targets.dummy.enable = false;
network.nodes.dummy = {
imports = lib.hostImport {
hostName = "dummy";
inherit profiles;
inherit profiles root;
};
networking = {
hostName = "dummy";

4
depot/hosts/ostara/meta.nix
View file

@ -1,4 +1,4 @@
{ meta, profiles, config, lib, ... }: with lib; {
{ meta, profiles, root, config, lib, ... }: with lib; {
config = {
deploy.targets.ostara = {
tf = {
@ -15,7 +15,7 @@
network.nodes.ostara = {
imports = lib.hostImport {
hostName = "ostara";
inherit profiles;
inherit profiles root;
};
networking = {
hostName = "ostara";

4
depot/hosts/samhain/meta.nix
View file

@ -1,4 +1,4 @@
{ lib, config, profiles, ... }: with lib; {
{ lib, config, root, profiles, ... }: with lib; {
config = {
deploy.targets.personal = {
tf = {
@ -15,7 +15,7 @@
network.nodes.samhain = {
imports = lib.hostImport {
hostName = "samhain";
inherit profiles;
inherit profiles root;
};
networking = {
hostName = "samhain";

4
depot/hosts/yule/meta.nix
View file

@ -1,4 +1,4 @@
{ meta, profiles, config, lib, ... }: with lib; {
{ meta, profiles, config, root, lib, ... }: with lib; {
config = {
deploy.targets.personal = {
tf = {
@ -15,7 +15,7 @@
network.nodes.yule = {
imports = lib.hostImport {
hostName = "yule";
inherit profiles;
inherit profiles root;
};
networking = {
hostName = "yule";

5
depot/modules/home/default.nix
View file

@ -2,10 +2,11 @@
{
disabledModules = [ "programs/vim.nix" ];
imports = with (import (sources.nixexprs + "/modules")).home-manager; [ base16 syncplay konawall i3gopher weechat shell ] ++ [
imports = with (import (sources.arcexprs + "/modules")).home-manager; [ base16 syncplay konawall i3gopher weechat shell ]
++ [
(import (sources.katexprs + "/modules")).home
./vim.nix
./fvwm.nix
./network.nix
./deploy.nix
./theme.nix
./secrets.nix

79
depot/modules/home/network.nix
View file

@ -1,79 +0,0 @@
{ config, superConfig, lib, ... }:
with lib;
{
options.network = {
addresses = mkOption {
type = with types; attrsOf (submodule ({ name, ... }: {
options = {
enable = mkEnableOption "Is the system a part of the ${name} network?";
ipv4 = {
enable = mkOption {
type = types.bool;
};
address = mkOption {
type = types.str;
};
};
ipv6 = {
enable = mkOption {
type = types.bool;
};
address = mkOption {
type = types.str;
};
};
prefix = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
};
out = {
identifierList = mkOption {
type = types.listOf types.str;
default = if config.enable then singleton config.domain ++ config.out.addressList else [ ];
};
addressList = mkOption {
type = types.listOf types.str;
default = if config.enable then concatMap (i: optional i.enable i.address) [ config.ipv4 config.ipv6 ] else [ ];
};
};
};
}));
};
privateGateway = mkOption {
type = types.str;
};
tf = {
enable = mkEnableOption "Was the system provisioned by terraform?";
ipv4_attr = mkOption {
type = types.str;
};
ipv6_attr = mkOption {
type = types.str;
};
};
dns = {
isRoot = mkEnableOption "Is this system supposed to be the @ for the domain?";
email = mkOption {
type = types.nullOr types.str;
};
tld = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
};
dynamic = mkEnableOption "Enable Glauca Dynamic DNS Updater";
};
};
config = {
network.addresses = superConfig.network.addresses;
network.privateGateway = superConfig.network.privateGateway;
network.tf = superConfig.network.tf;
network.dns = superConfig.network.dns;
};
}

41
depot/modules/nixos/default.nix
View file

@ -1,26 +1,25 @@
{ meta, sources, lib, ... }:
{
imports = with (import (sources.nixexprs + "/modules")).nixos; [ base16 base16-shared modprobe ] ++ [
./nftables.nix
./firewall.nix
./fusionpbx.nix
./deploy.nix
./dyndns.nix
./network.nix
./secrets.nix
(sources.tf-nix + "/modules/nixos/secrets.nix")
(sources.tf-nix + "/modules/nixos/secrets-users.nix")
(sources.hexchen + "/modules/network/yggdrasil")
];
imports =
with (import (sources.arcexprs + "/modules")).nixos; [ base16 base16-shared modprobe ]
++ [
(import (sources.katexprs + "/modules")).nixos
./deploy.nix
./dyndns.nix
./secrets.nix
(sources.tf-nix + "/modules/nixos/secrets.nix")
(sources.tf-nix + "/modules/nixos/secrets-users.nix")
(sources.hexchen + "/modules/network/yggdrasil")
];
options.hexchen.dns = lib.mkOption { };
options.hexchen.deploy = lib.mkOption { };
options.hexchen.dns = lib.mkOption { };
options.hexchen.deploy = lib.mkOption { };
/*
This maps hosts to network.nodes from the meta config. This is required for hexchen's yggdrasil network module.
*/
config = {
_module.args.hosts = lib.mapAttrs (_: config: { inherit config; } ) meta.network.nodes;
};
}
/*
This maps hosts to network.nodes from the meta config. This is required for hexchen's yggdrasil network module.
*/
config = {
_module.args.hosts = lib.mapAttrs (_: config: { inherit config; } ) meta.network.nodes;
};
}

80
depot/modules/nixos/firewall.nix
View file

@ -1,80 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.network.firewall;
in
{
options.network.firewall = {
public.tcp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
public.udp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
private.tcp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
private.udp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
public.tcp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
public.udp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
private.tcp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
private.udp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
public.interfaces = mkOption {
type = types.listOf types.str;
description = "Public firewall interfaces";
default = [ ];
};
private.interfaces = mkOption {
type = types.listOf types.str;
description = "Private firewall interfaces";
default = [ ];
};
};
config = {
networking.firewall.interfaces =
let
fwTypes = {
ports = "Ports";
ranges = "PortRanges";
};
interfaceDef = visibility:
listToAttrs (flatten (mapAttrsToList
(type: typeString:
map
(proto: {
name = "allowed${toUpper proto}${typeString}";
value = cfg.${visibility}.${proto}.${type};
}) [ "tcp" "udp" ])
fwTypes));
interfaces = visibility:
listToAttrs
(map (interface: nameValuePair interface (interfaceDef visibility))
cfg.${visibility}.interfaces);
in
mkMerge (map (visibility: interfaces visibility) [ "public" "private" ]);
};
}

415
depot/modules/nixos/fusionpbx.nix
View file

@ -1,415 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.fusionpbx;
toKeyValue = generators.toKeyValue {
mkKeyValue = generators.mkKeyValueDefault {} " = ";
};
php = "${pkgs.php74}/bin/php";
psql_base = "${pkgs.postgresql_11}/bin/psql";
psql = if ! cfg.useLocalPostgreSQL then
"${psql_base} --host=${cfg.postgres.host} --port=${cfg.postgres.port} --username=${cfg.postgres.db_username}"
else psql_base;
freeSwitchConfig = pkgs.writeShellScriptBin "copy_config" ''
set -exu
if [[ ! -f "${cfg.home}/state/installed" ]]; then
mkdir -p /etc/freeswitch
cp --no-preserve=mode,ownership -r ${cfg.package}/resources/templates/conf/* /etc/freeswitch
fi
'';
installerReplacement = pkgs.writeShellScriptBin "installer_replacement" ''
set -exu
if [[ ! -f "${cfg.home}/state/installed" ]]; then
mkdir -p /var/lib/fusionpbx
${if ! cfg.useLocalPostgreSQL then "PGPASSWORD=${cfg.postgres.db_password}" else ""}
${php} ${cfg.package}/core/upgrade/upgrade_schema.php
domain_uuid=$(${php} ${cfg.package}/resources/uuid.php);
domain_name=${cfg.domain}
${psql} -c "insert into v_domains (domain_uuid, domain_name, domain_enabled) values('$domain_uuid', '$domain_name', 'true');"
cd "${cfg.package}" && ${php} ${cfg.package}/core/upgrade/upgrade_domains.php
user_uuid=$(${php} ${cfg.package}/resources/uuid.php);
user_salt=$(${php} ${cfg.package}/resources/uuid.php);
password_hash=$(${php} -r "echo md5('$user_salt$USER_PASSWORD');");
${psql} -t -c "insert into v_users (user_uuid, domain_uuid, username, password, salt, user_enabled) values('$user_uuid', '$domain_uuid', '$USER_NAME', '$password_hash', '$user_salt', 'true');"
group_uuid=$(${psql} -qtAX -c "select group_uuid from v_groups where group_name = 'superadmin';");
group_uuid=$(echo $group_uuid | sed 's/^[[:blank:]]*//;s/[[:blank:]]*$//')
user_group_uuid=$(${php} ${cfg.package}/resources/uuid.php);
group_name=superadmin
#echo "insert into v_user_groups (user_group_uuid, domain_uuid, group_name, group_uuid, user_uuid) values('$user_group_uuid', '$domain_uuid', '$group_name', '$group_uuid', '$user_uuid');"
${psql} -c "insert into v_user_groups (user_group_uuid, domain_uuid, group_name, group_uuid, user_uuid) values('$user_group_uuid', '$domain_uuid', '$group_name', '$group_uuid', '$user_uuid');"
xml_cdr_username=$(dd if=/dev/urandom bs=1 count=20 2>/dev/null | base64 | sed 's/[=\+//]//g')
xml_cdr_password=$(dd if=/dev/urandom bs=1 count=20 2>/dev/null | base64 | sed 's/[=\+//]//g')
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_http_protocol}:http:"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_project_path}::"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"http:\/\/127.0.0.1:https:\/\/${cfg.domain}"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_user}:$xml_cdr_username:"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_pass}:$xml_cdr_password:"
cd "${cfg.package}" && ${php} ${cfg.package}/core/upgrade/upgrade_domains.php
mkdir -p ${cfg.home}/state
touch ${cfg.home}/state/installed
fi
'';
in {
options.services.fusionpbx = {
enable = mkEnableOption "Enable FusionPBX";
openFirewall = mkEnableOption "Open the firewall for FusionPBX" // { default = true; };
useLocalPostgreSQL = mkEnableOption "Use Local PostgreSQL for FusionPBX" // { default = true; };
postgres = {
host = mkOption {
type = types.nullOr types.str;
default = null;
};
port = mkOption {
type = types.nullOr types.port;
default = null;
};
db_name = mkOption {
type = types.nullOr types.str;
default = null;
};
db_username = mkOption {
type = types.nullOr types.str;
default = null;
};
db_password = mkOption {
type = types.nullOr types.str;
default = null;
};
};
environmentFile = mkOption {
type = types.str;
example = ''
USER_NAME="meow"
USER_PASSWORD="nya"
'';
};
hardphones = mkEnableOption "Are you going to use hardphones with FusionPBX?";
useWebrootACME = mkEnableOption "Do you want webroot-style ACME cert generation?";
useACMEHost = mkOption {
type = types.nullOr types.str;
default = null;
};
domain = mkOption {
type = types.str;
};
package = mkOption {
type = types.package;
description = "What package to use for FusionPBX?";
default = pkgs.fusionpbx;
relatedPackages = [
"fusionpbx"
];
};
freeSwitchPackage = mkOption {
type = types.package;
description = "What package to use for FreeSWITCH?";
default = pkgs.freeswitch;
relatedPackages = [
"freeswitch"
];
};
home = mkOption {
type = types.str;
default = "/var/lib/fusionpbx";
description = "Storage path for FusionPBX";
};
};
config = mkIf cfg.enable {
# User & Group Definition
users.users.fusionpbx = {
home = cfg.home;
group = "fusionpbx";
createHome = true;
isSystemUser = true;
};
users.groups.fusionpbx.members = [
"fusionpbx"
config.services.nginx.user
];
# PostgreSQL
services.postgresql = mkIf cfg.useLocalPostgreSQL {
ensureUsers = [
{
name = "fusionpbx";
ensurePermissions = {
"DATABASE fusionpbx" = "ALL PRIVILEGES";
"DATABASE freeswitch" = "ALL PRIVILEGES";
};
}
];
ensureDatabases = [ "fusionpbx" "freeswitch" ];
};
# ACME
security.acme.certs = mkMerge [
(mkIf cfg.useWebrootACME {
${cfg.domain} = {
group = "fusionpbx";
};
})
(mkIf (cfg.useACMEHost != null) {
${cfg.useACMEHost} = {
postRun = ''
cat {cert,key,chain}.pem >> all.pem
ln -s all.pem agent.pem
ln -s all.pem dlts-srtp.pem
ln -s all.pem tls.pem
ln -s all.pem wss.pem
'';
};
})
];
# NGINX
services.nginx = {
enable = mkDefault true;
virtualHosts.${cfg.domain} = {
enableACME = cfg.useWebrootACME;
useACMEHost = cfg.useACMEHost;
forceSSL = true;
# forceSSL = true; # This might not make sense due to SSL-incapable hardphones?
root = cfg.package;
locations = {
"/" = {
index = "index.php";
};
"~ .htaccess".extraConfig = "deny all;";
"~ .htpassword".extraConfig = "deny all;";
"~^.+.(db)$".extraConfig = "deny all;";
"~ \\.php$" = {
extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_pass unix:${config.services.phpfpm.pools.fusionpbx.socket};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME ${cfg.package}$fastcgi_script_name;
'';
};
" = /core/upgrade/index.php".extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_pass unix:${config.services.phpfpm.pools.fusionpbx.socket};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME ${cfg.package}$fastcgi_script_name;
fastcgi_read_timeout 15m;
'';
};
/*
if ($uri !~* ^.*(provision|xml_cdr).*$) {
rewrite ^(.*) https://$host$1 permanent;
break;
}
*/
extraConfig = ''
client_max_body_size 80M;
client_body_buffer_size 128k;
#REST api
if ($uri ~* ^.*/api/.*$) {
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
break;
}
'' + optionalString cfg.hardphones ''
#algo
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})(\.(conf))?$" /app/provision/?mac=$1;
#mitel
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#grandstream
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
#grandstream-wave softphone by ext because Android doesn't pass MAC.
rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
#aastra
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#yealink common
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
#yealink mac
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
#polycom
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
#cisco
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
#Escene
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
#Vtech
rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
#Digium
rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg";
rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
'';
};
};
# PHP 7.4
services.phpfpm = {
pools.fusionpbx = {
user = "fusionpbx";
group = "fusionpbx";
phpEnv = {
PATH = "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin";
};
settings = {
"pm" = "dynamic";
"pm.max_children" = "32";
"pm.start_servers" = "2";
"pm.min_spare_servers" = "2";
"pm.max_spare_servers" = "4";
"pm.max_requests" = "500";
"listen.owner" = "fusionpbx";
"listen.group" = config.services.nginx.group;
};
phpPackage = pkgs.php74.buildEnv {
extensions = { enabled, all }: (
with all;
enabled ++ [
imap
pgsql
curl
opcache
pdo
pdo_pgsql
soap
xmlrpc
gd
]
);
extraConfig = toKeyValue {
};
};
};
};
# FreeSWITCH
systemd.tmpfiles.rules = [
"v /etc/freeswitch 5777 fusionpbx fusionpbx"
"v /etc/fusionpbx 5777 fusionpbx fusionpbx"
"v /var/cache/fusionpbx 5777 fusionpbx fusionpbx"
];
systemd.services.freeswitch = let
pkg = cfg.freeSwitchPackage;
configPath = "/etc/freeswitch";
in {
description = "Free and open-source application server for real-time communication";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "fusionpbx";
Group = "fusionpbx";
StateDirectory = "freeswitch";
ExecStartPre = "${freeSwitchConfig}/bin/copy_config";
ExecStart = "${pkg}/bin/freeswitch -nf \\
-mod ${pkg}/lib/freeswitch/mod \\
-conf ${configPath} \\
-base /var/lib/freeswitch";
ExecReload = "${pkg}/bin/fs_cli -x reloadxml";
Restart = "on-failure";
RestartSec = "5s";
CPUSchedulingPolicy = "fifo";
};
};
systemd.services.fusionpbx = {
after = [ "network.target" ];
wantedBy = [ "freeswitch.service" ];
script = "${installerReplacement}/bin/installer_replacement";
serviceConfig = {
EnvironmentFile = cfg.environmentFile;
User = "fusionpbx";
Group = "fusionpbx";
Type = "oneshot";
StateDirectory = "fusionpbx";
};
};
# FusionPBX Config
environment.etc."fusionpbx/config.php" = {
user = "nginx";
group = "fusionpbx";
text = let
hostConfig = if cfg.useLocalPostgreSQL then ''
$db_type = 'pgsql';
$db_host = ''';
$db_port = ''';
$db_name = 'fusionpbx';
$db_username = 'fusionpbx';
$db_password = ''';
'' else ''
$db_type = 'pgsql';
$db_host = '${cfg.postgres.host}';
$db_port = '${toString cfg.postgres.port}';
$db_name = '${cfg.postgres.db_name}';
$db_username = '${cfg.postgres.db_username}';
$db_password = '${cfg.postgres.db_password}';
''; in ''
<?php
${hostConfig}
ini_set('display_errors', '1');
error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING);
?>
'';
};
# Firewall
network.firewall = mkIf cfg.openFirewall {
public = {
tcp = {
ports = [ 5060 5061 5080 5081 ];
ranges = [
{
from = 10000;
to = 20000;
}
];
};
udp = {
ports = [ 5060 5061 5080 5081 ];
ranges = [
{
from = 10000;
to = 20000;
}
];
};
};
};
};
}

174
depot/modules/nixos/network.nix
View file

@ -1,174 +0,0 @@
{ config, lib, tf, ... }:
with lib;
let
cfg = config.network;
in {
options.network = {
addresses = mkOption {
type = with types; attrsOf (submodule ({ name, options, config, ... }: {
options = {
enable = mkEnableOption "Is the system a part of the ${name} network?" // {
default = config.ipv4.enable || config.ipv6.enable;
};
ipv4 = {
enable = mkOption {
type = types.bool;
default = options.ipv4.address.isDefined;
};
address = mkOption {
type = types.str;
};
};
ipv6 = {
enable = mkOption {
type = types.bool;
default = options.ipv6.address.isDefined;
};
address = mkOption {
type = types.str;
};
};
prefix = mkOption {
type = types.nullOr types.str;
};
subdomain = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
default = "${config.subdomain}.${cfg.dns.domain}";
};
out = {
identifierList = mkOption {
type = types.listOf types.str;
default = if config.enable then singleton config.domain ++ config.out.addressList else [ ];
};
addressList = mkOption {
type = types.listOf types.str;
default = if config.enable then concatMap (i: optional i.enable i.address) [ config.ipv4 config.ipv6 ] else [ ];
};
};
};
}));
};
privateGateway = mkOption {
type = types.str;
default = "192.168.1.254";
};
tf = {
enable = mkEnableOption "Was the system provisioned by terraform?";
ipv4_attr = mkOption {
type = types.str;
default = "ipv4_address";
};
ipv6_attr = mkOption {
type = types.str;
default = "ipv6_address";
};
};
dns = {
isRoot = mkEnableOption "Is this system supposed to be the @ for the domain?"; # TODO
email = mkOption {
type = types.nullOr types.str;
};
tld = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
};
};
};
config = let
networks = cfg.addresses;
networksWithDomains = filterAttrs (_: v: v.subdomain != null && v.enable) networks;
in {
lib.kw.virtualHostGen = args: virtualHostGen ({ inherit config; } // args);
network = {
dns = {
email = "kat@kittywit.ch";
tld = "kittywit.ch.";
domain = builtins.substring 0 ((builtins.stringLength cfg.dns.tld) - 1) cfg.dns.tld;
};
addresses = {
private = {
prefix = "int";
subdomain = "${config.networking.hostName}.${cfg.addresses.private.prefix}";
};
public = mkMerge [
(mkIf cfg.tf.enable {
ipv4.address = mkIf (cfg.tf.ipv4_attr != null) (tf.resources."${config.networking.hostName}".refAttr config.network.tf.ipv4_attr);
ipv6.address = mkIf (cfg.tf.ipv6_attr != null) (tf.resources."${config.networking.hostName}".refAttr config.network.tf.ipv6_attr);
})
({
subdomain = "${config.networking.hostName}";
})
];
yggdrasil = mkIf cfg.yggdrasil.enable {
ipv6.address = cfg.yggdrasil.address;
prefix = "ygg";
subdomain = "${config.networking.hostName}.${cfg.addresses.yggdrasil.prefix}";
};
};
};
networking = mkIf cfg.addresses.private.enable {
inherit (config.network.dns) domain;
defaultGateway = cfg.privateGateway;
};
deploy.tf.dns.records = let
recordsV4 = mapAttrs' (n: v:
nameValuePair "node_${n}_${config.networking.hostName}_v4" {
enable = v.ipv4.enable;
tld = cfg.dns.tld;
domain = v.subdomain;
a.address = v.ipv4.address;
}) networksWithDomains;
recordsV6 = mapAttrs' (n: v:
nameValuePair "node_${n}_${config.networking.hostName}_v6" {
enable = v.ipv6.enable;
tld = cfg.dns.tld;
domain = v.subdomain;
aaaa.address = v.ipv6.address;
}) networksWithDomains;
in mkMerge [
recordsV4
recordsV6
(mkIf cfg.dns.isRoot {
"node_root_${config.networking.hostName}_v4" = {
enable = cfg.addresses.public.enable;
tld = cfg.dns.tld;
domain = "@";
a.address = cfg.addresses.public.ipv4.address;
};
"node_root_${config.networking.hostName}_v6" = {
enable = cfg.addresses.public.enable;
tld = cfg.dns.tld;
domain = "@";
aaaa.address = cfg.addresses.public.ipv6.address;
};
})
];
security.acme.certs = mkIf config.services.nginx.enable (mapAttrs' (n: v:
nameValuePair "cert_${n}_${config.networking.hostName}" {
inherit (v) domain;
dnsProvider = "rfc2136";
credentialsFile = config.secrets.files.dns_creds.path;
group = "nginx";
}) networksWithDomains);
services.nginx.virtualHosts = mkIf config.services.nginx.enable (mapAttrs' (n: v:
nameValuePair v.domain {
useACMEHost = "cert_${n}_${config.networking.hostName}";
forceSSL = true;
}) networksWithDomains);
_module.args = { inherit (config.lib) kw; };
};
}

134
depot/modules/nixos/nftables.nix
View file

@ -1,134 +0,0 @@
{ pkgs, lib, config, modulesPath, ... }:
let
fwcfg = config.networking.firewall;
cfg = config.network.nftables;
doDocker = config.virtualisation.docker.enable && cfg.generateDockerRules;
mkPorts = cond: ports: ranges: action: let
portStrings = (map (range: "${toString range.from}-${toString range.to}") ranges)
++ (map toString ports);
in lib.optionalString (portStrings != []) ''
${cond} dport { ${lib.concatStringsSep ", " portStrings} } ${action}
'';
ruleset = ''
table inet filter {
chain input {
type filter hook input priority filter
policy ${cfg.inputPolicy}
icmpv6 type { echo-request, echo-reply, mld-listener-query, mld-listener-report, mld-listener-done, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, packet-too-big } accept
icmp type echo-request accept
ct state invalid drop
ct state established,related accept
iifname { ${
lib.concatStringsSep "," (["lo"] ++ fwcfg.trustedInterfaces)
} } accept
${mkPorts "tcp" fwcfg.allowedTCPPorts fwcfg.allowedTCPPortRanges "accept"}
${mkPorts "udp" fwcfg.allowedUDPPorts fwcfg.allowedUDPPortRanges "accept"}
${
lib.concatStringsSep "\n" (lib.mapAttrsToList (name: ifcfg:
mkPorts "iifname ${name} tcp" ifcfg.allowedTCPPorts ifcfg.allowedTCPPortRanges "accept"
+ mkPorts "iifname ${name} udp" ifcfg.allowedUDPPorts ifcfg.allowedUDPPortRanges "accept"
) fwcfg.interfaces)
}
# DHCPv6
ip6 daddr fe80::/64 udp dport 546 accept
${cfg.extraInput}
counter
}
chain output {
type filter hook output priority filter
policy ${cfg.outputPolicy}
${cfg.extraOutput}
counter
}
chain forward {
type filter hook forward priority filter
policy ${cfg.forwardPolicy}
${lib.optionalString doDocker ''
oifname docker0 ct state invalid drop
oifname docker0 ct state established,related accept
iifname docker0 accept
''}
${cfg.extraForward}
counter
}
}
${lib.optionalString doDocker ''
table ip nat {
chain docker-postrouting {
type nat hook postrouting priority 10
iifname docker0 masquerade
}
}
''}
${cfg.extraConfig}
'';
in {
options = with lib; {
network.nftables = {
enable = mkEnableOption "nftables firewall";
extraConfig = mkOption {
type = types.lines;
default = "";
};
extraInput = mkOption {
type = types.lines;
default = "";
};
extraOutput = mkOption {
type = types.lines;
default = "";
};
extraForward = mkOption {
type = types.lines;
default = "";
};
inputPolicy = mkOption {
type = types.str;
default = "drop";
};
outputPolicy = mkOption {
type = types.str;
default = "accept";
};
forwardPolicy = mkOption {
type = types.str;
default = "accept";
};
generateDockerRules = mkOption {
type = types.bool;
default = true;
};
};
};
config = lib.mkIf cfg.enable {
networking.firewall.enable = false;
networking.nftables = {
enable = true;
inherit ruleset;
};
virtualisation.docker = lib.mkIf doDocker {
extraOptions = "--iptables=false";
};
};
}

1
depot/profiles/base/default.nix
View file

@ -7,6 +7,7 @@
users.arc
users.hexchen
./system.nix
./dns.nix
./home.nix
./profiles.nix
./shell.nix

8
depot/profiles/base/dns.nix Normal file
View file

@ -0,0 +1,8 @@
{ config, ... }:
{
network.dns = {
email = "kat@kittywit.ch";
tld = "kittywit.ch.";
};
}

8
depot/profiles/base/nix.nix
View file

@ -4,11 +4,17 @@
boot.loader.grub.configurationLimit = 8;
boot.loader.systemd-boot.configurationLimit = 8;
environment.systemPackages = [
(pkgs.writeShellScriptBin "nixFlakes" ''
exec ${pkgs.nixUnstable}/bin/nix --experimental-features "nix-command flakes" "$@"
'')
];
nix = {
nixPath = [
"nixpkgs=${sources.nixpkgs}"
"nur=${sources.nur}"
"arc=${sources.nixexprs}"
"arc=${sources.arcexprs}"
"ci=${sources.ci}"
];
sandboxPaths = [

10
depot/profiles/vfio/default.nix
View file

@ -2,12 +2,16 @@
with lib;
{
let
win10-screenstub = pkgs.writeShellScriptBin "win10-screenstub" ''
${pkgs.screenstub-kat}/bin/screenstub -c "${./screenstub.yml}" x
'';
in {
deploy.profile.vfio = true;
environment.systemPackages = with pkgs; [
screenstub
kat-vm
screenstub-kat
win10-vm
ddcutil
];

8
depot/services/fusionpbx/default.nix
View file

@ -40,4 +40,12 @@
package = with pkgs; fusionpbxWithApps [ fusionpbx-apps.sms ];
freeSwitchPackage = with pkgs; freeswitch;
};
services.nginx.virtualHosts."altar.kittywit.ch" = {
locations = {
"app/sms/hook/" = {
proxyPass = "http://pbx.kittywit.ch/app/sms/hook";
};
};
};
}

2
depot/services/katsplash/default.nix
View file

@ -1,6 +1,6 @@
{ config, pkgs, kw, ... }:
let splashy = pkgs.kat-splash config.networking.hostName; in {
let splashy = pkgs.host-splash-site config.networking.hostName; in {
services.nginx.virtualHosts = kw.virtualHostGen {
networkFilter = ["private"];
block.locations."/" = { root = splashy; };

2
depot/services/website/default.nix
View file

@ -5,7 +5,7 @@
services.nginx.virtualHosts = {
"${config.network.dns.domain}" = {
root = pkgs.kat-website;
root = pkgs.kittywitch-site;
enableACME = true;
forceSSL = true;
};

20
depot/users/kairi/base.nix
View file

@ -1,20 +0,0 @@
{ config, pkgs, lib, ... }:
{
home-manager.users.kairi = {
imports = [ ./base ];
home.stateVersion = "20.09";
};
users.users.kairi = {
uid = 1003;
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocjQqiDIvzq+Qu3jkf7FXw5piwtvZ1Mihw9cVjdVcsra3U2c9WYtYrA3rS50N3p00oUqQm9z1KUrvHzdE+03ZCrvaGdrtYVsaeoCuuvw7qxTQRbItTAEsfRcZLQ5c1v/57HNYNEsjVrt8VukMPRXWgl+lmzh37dd9w45cCY1QPi+JXQQ/4i9Vc3aWSe4X6PHOEMSBHxepnxm5VNHm4PObGcVbjBf0OkunMeztd1YYA9sEPyEK3b8IHxDl34e5t6NDLCIDz0N/UgzCxSxoz+YJ0feQuZtud/YLkuQcMxW2dSGvnJ0nYy7SA5DkW1oqcy6CGDndHl5StOlJ1IF9aGh0gGkx5SRrV7HOGvapR60RphKrR5zQbFFka99kvSQgOZqSB3CGDEQGHv8dXKXIFlzX78jjWDOBT67vA/M9BK9FS2iNnBF5x6shJ9SU5IK4ySxq8qvN7Us8emkN3pyO8yqgsSOzzJT1JmWUAx0tZWG/BwKcFBHfceAPQl6pwxx28TM3BTBRYdzPJLTkAy48y6iXW6UYdfAPlShy79IYjQtEThTuIiEzdzgYdros0x3PDniuAP0KOKMgbikr0gRa6zahPjf0qqBnHeLB6nHAfaVzI0aNbhOg2bdOueE1FX0x48sjKqjOpjlIfq4WeZp9REr2YHEsoLFOBfgId5P3BPtpBQ== cardno:000612078454"
];
shell = pkgs.zsh;
extraGroups = [ "wheel" "video" "systemd-journal" ];
hashedPassword =
"$6$i28yOXoo$/WokLdKds5ZHtJHcuyGrH2WaDQQk/2Pj0xRGLgS8UcmY2oMv3fw2j/85PRpsJJwCB2GBRYRK5LlvdTleHd3mB.";
};
}

12
depot/users/kairi/base/base16.nix
View file

@ -1,12 +0,0 @@
{ config, ... }:
{
base16 = {
shell.enable = true;
schemes = [ "rebecca.rebecca" ];
};
# home.base16-shell = {
# enable = true;
# defaultTheme = "rebecca.rebecca";
# };
}

19
depot/users/kairi/base/default.nix
View file

@ -1,19 +0,0 @@
{ ... }:
{
imports = [
./vim
./zsh.nix
./git.nix
./kitty.nix
./tmux.nix
./base16.nix
./xdg.nix
./ssh.nix
./packages.nix
./weechat.nix
./inputrc.nix
./rink.nix
./secrets.nix
];
}

31
depot/users/kairi/base/git.nix
View file

@ -1,31 +0,0 @@
{ config, pkgs, lib, ... }:
{
home.packages = with pkgs; [
git-crypt
gitAndTools.gitRemoteGcrypt
gitAndTools.gitAnnex
git-revise
gitAndTools.git-annex-remote-b2
];
programs.git = {
enable = true;
package = pkgs.gitAndTools.gitFull;
userName = "kat witch";
userEmail = "kat@kittywit.ch";
extraConfig = {
init = { defaultBranch = "main"; };
protocol.gcrypt.allow = "always";
annex = {
autocommit = false;
backend = "BLAKE2B512";
synccontent = true;
};
};
signing = {
key = "01F50A29D4AA91175A11BDB17248991EFA8EFBEE";
signByDefault = true;
};
};
}

21
depot/users/kairi/base/inputrc.nix
View file

@ -1,21 +0,0 @@
{ config, ... }:
{
xdg.configFile."inputrc".text = ''
set editing-mode vi
set keyseq-timeout 1
set mark-symlinked-directories on
set completion-prefix-display-length 8
set show-all-if-ambiguous on
set show-all-if-unmodified on
set visible-stats on
set colored-stats on
set bell-style audible
set meta-flag on
set input-meta on
set convert-meta off
set output-meta on
'';
home.sessionVariables.INPUTRC = "${config.xdg.configHome}/inputrc";
}

6
depot/users/kairi/base/kitty.nix
View file

@ -1,6 +0,0 @@
{ config, pkgs, ... }:
{
# home.sessionVariables.TERMINFO_DIRS =
# "${pkgs.kitty.terminfo.outPath}/share/terminfo";
}

BIN
depot/users/kairi/base/nano.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 184 KiB

27
depot/users/kairi/base/packages.nix
View file

@ -1,27 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.packages = with pkgs; [
tmate
htop
fd
sd
duc
bat
exa
socat
rsync
wget
ripgrep
nixpkgs-fmt
pv
progress
zstd
file
whois
niv
dnsutils
borgbackup
neofetch
];
}

38
depot/users/kairi/base/rink.nix
View file

@ -1,38 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.packages = with pkgs; [
rink-readline
];
xdg.configFile."rink/config.toml".text = lib.toTOML {
colors = {
enabled = true;
theme = "my_theme";
};
currency = {
cache_duration = "1h";
enabled = true;
endpoint = "https://rinkcalc.app/data/currency.json";
timeout = "2s";
};
rink = {
long_output = true;
prompt = "> ";
};
themes = {
my_theme = {
date_time = "default";
doc_string = "italic";
error = "red";
number = "default";
plain = "default";
pow = "default";
prop_name = "cyan";
quantity = "dimmed cyan";
unit = "cyan";
user_input = "bold";
};
};
};
}

9
depot/users/kairi/base/secrets.nix
View file

@ -1,9 +0,0 @@
{ config, lib, ... }:
{
secrets = {
persistentRoot = config.xdg.cacheHome + "/kat/secrets";
external = true;
};
}

27
depot/users/kairi/base/ssh.nix
View file

@ -1,27 +0,0 @@
{ config, pkgs, lib, ... }:
{
programs.ssh = {
enable = true;
controlMaster = "auto";
controlPersist = "10m";
hashKnownHosts = true;
matchBlocks =
let
common = {
forwardAgent = true;
extraOptions = {
RemoteForward =
"/run/user/1000/gnupg/S.gpg-agent /run/user/1000/gnupg/S.gpg-agent.extra";
};
port = 62954;
};
in
{
"athame" = { hostname = "athame.kittywit.ch"; } // common;
"samhain" = { hostname = "192.168.1.135"; } // common;
"yule" = { hostname = "192.168.1.92"; } // common;
"ostara" = { hostname = "192.168.1.245"; } // common;
};
};
}

53
depot/users/kairi/base/tmux.nix
View file

@ -1,53 +0,0 @@
{ config, lib, pkgs, ... }:
{
programs.zsh.shellAliases = {
tt = "tmux new -AD -s";
};
programs.tmux = {
enable = true;
extraConfig = ''
# start from 1
set -g base-index 1
setw -g pane-base-index 1
# proper title handling
set -g set-titles on
set -g set-titles-string "#T"
# 256 color
set -g default-terminal "screen-256color"
# modes
setw -g clock-mode-colour colour5
setw -g mode-style 'fg=colour1 bg=colour18 bold'
# panes
set -g pane-border-style 'fg=colour19 bg=colour0'
set -g pane-active-border-style 'bg=colour0 fg=colour9'
# statusbar
set -g status-position bottom
set -g status-justify left
set -g status-style 'bg=colour18 fg=colour137 dim'
set -g status-left '''
set -g status-right '#[fg=colour233,bg=colour19] %F #[fg=colour233,bg=colour8] %H:%M:%S %Z'
set -g status-right-length 50
set -g status-left-length 20
setw -g window-status-current-style 'fg=colour1 bg=colour19 bold'
setw -g window-status-current-format ' #I#[fg=colour249]:#[fg=colour255]#W#[fg=colour249]#F '
setw -g window-status-style 'fg=colour9 bg=colour18'
setw -g window-status-format ' #I#[fg=colour237]:#[fg=colour250]#W#[fg=colour244]#F '
setw -g window-status-bell-style 'fg=colour255 bg=colour1 bold'
# messages
set -g message-style 'fg=colour232 bg=colour16 bold'
# mouse
set -g mouse on
'';
};
}

59
depot/users/kairi/base/vim/default.nix
View file

@ -1,59 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.sessionVariables.EDITOR = "vim";
programs.vim = {
enable = true;
settings = {};
package = pkgs.vim_configurable-pynvim;
#withPython3 = true;
plugins = with pkgs.vimPlugins; [
nerdtree
vim-nix
rust-vim
coc-nvim
coc-rust-analyzer
coc-yank
coc-python
coc-json
coc-yaml
coc-git
coc-css
coc-html
vim-fugitive
vim-startify
vim-airline
vim-airline-themes
vim-lastplace
base16-vim
];
#extraPackages = with pkgs;
# [ (python3.withPackages (ps: with ps; [ black flake8 ])) ];
#extraPython3Packages = (ps: with ps; [ jedi pylint ]);
extraConfig = import ./vimrc.nix { inherit pkgs config; };
};
xdg.dataFile = {
"vim/undo/.keep".text = "";
"vim/swap/.keep".text = "";
"vim/backup/.keep".text = "";
};
xdg.configFile = {
"vim/coc/coc-settings.json".text = builtins.toJSON {
"rust.rustfmt_path" = "${pkgs.rustfmt}/bin/rustfmt";
"rust-analyzer.serverPath" = "rust-analyzer";
"rust-analyzer.updates.prompt" = false;
"rust-analyzer.notifications.cargoTomlNotFound" = false;
"rust-analyzer.notifications.workspaceLoaded" = false;
"rust-analyzer.procMacro.enable" = true;
"rust-analyzer.cargo.loadOutDirsFromCheck" = true;
"rust-analyzer.cargo-watch.enable" =
true; # TODO: want some way to toggle this on-demand?
"rust-analyzer.completion.addCallParenthesis" =
false; # consider using this?
"rust-analyzer.hoverActions.linksInHover" = true;
"rust-analyzer.diagnostics.disabled" = [
"inactive-code" # it has strange cfg support..?
];
};
};
}

200
depot/users/kairi/base/vim/vimrc.nix
View file

@ -1,200 +0,0 @@
{ config, pkgs }:
''
source ${pkgs.writeText "vimrc" ''
set encoding=utf-8
scriptencoding utf-8
set list listchars=tab:»\ ,extends:,precedes:,nbsp:·,trail:
''}";
" Enable mouse
set mouse=a
set ttymouse=sgr
set viminfo='100000,<100000,s1000,h,n$XDG_DATA_HOME/vim/viminfo
" colors
let base16colorspace=256
colorscheme base16-default-dark
" tabline
let g:airline#extensions#tabline#enabled = 1
" notmuch!
let g:notmuch_config_file='${config.xdg.configHome}/notmuch/notmuchrc'
let g:notmuch_folders_count_threads=0
let g:notmuch_date_format='%y-%m-%d %H:%M'
let g:notmuch_datetime_format='%y-%m-%d %H:%M'
let g:notmuch_show_date_format='%Y/%m/%d %H:%M'
let g:notmuch_search_date_format='%Y/%m/%d %H:%M'
let g:notmuch_html_converter='${pkgs.elinks}/bin/elinks --dump'
" lastplace
let g:lastplace_ignore = "gitcommit,gitrebase,svn,hgcommit"
autocmd BufEnter * if tabpagenr('$') == 1 && winnr('$') == 1 && exists('b:NERDTree') && b:NERDTree.isTabTree() |
\ quit | endif
autocmd BufEnter * if bufname('#') =~ 'NERD_tree_\d\+' && bufname('%') !~ 'NERD_tree_\d\+' && winnr('$') > 1 |
\ let buf=bufnr() | buffer# | execute "normal! \<C-W>w" | execute 'buffer'.buf | endif
nnoremap <leader>n :NERDTreeFocus<CR>
nnoremap <C-n> :NERDTree<CR>
nnoremap <C-t> :NERDTreeToggle<CR>
nnoremap <C-f> :NERDTreeFind<CR>
let g:coc_node_path='${pkgs.nodejs}/bin/node'
let g:coc_config_home=$XDG_CONFIG_HOME . '/vim/coc'
set undodir=$XDG_DATA_HOME/vim/undo
set directory=$XDG_DATA_HOME/vim/swap//
set backupdir=$XDG_DATA_HOME/vim/backup
set ttimeoutlen=100
set number
set hidden
set nobackup
set nowritebackup
set cmdheight=2
set updatetime=300
set cursorline
set colorcolumn=100
set linebreak showbreak= "
set hlsearch
set relativenumber
set completeopt=longest,menuone
command Spaces set expandtab
command Tabs set noexpandtab
inoremap <silent><expr> <TAB>
\ pumvisible() ? "\<C-n>" :
\ <SID>check_back_space() ? "\<TAB>" :
\ coc#refresh()
inoremap <expr><S-TAB> pumvisible() ? "\<C-p>" : "\<C-h>"
function! s:check_back_space() abort
let col = col('.') - 1
return !col || getline('.')[col - 1] =~# '\s'
endfunction
" Use <c-space> to trigger completion.
if has('nvim')
inoremap <silent><expr> <c-space> coc#refresh()
else
inoremap <silent><expr> <c-@> coc#refresh()
endif
" Make <CR> auto-select the first completion item and notify coc.nvim to
" format on enter, <cr> could be remapped by other vim plugin
noremap <silent><expr> <C-cr> pumvisible() ? coc#_select_confirm()
\: "\<C-g>u\<CR>\<c-r>=coc#on_enter()\<CR>"
" Use `[g` and `]g` to navigate diagnostics
" Use `:CocDiagnostics` to get all diagnostics of current buffer in location list.
nmap <silent> [g <Plug>(coc-diagnostic-prev)
nmap <silent> ]g <Plug>(coc-diagnostic-next)
" GoTo code navigation.
nmap <silent> gd <Plug>(coc-definition)
nmap <silent> gy <Plug>(coc-type-definition)
nmap <silent> gi <Plug>(coc-implementation)
nmap <silent> gr <Plug>(coc-references)
" Use K to show documentation in preview window.
nnoremap <silent> K :call <SID>show_documentation()<CR>
function! s:show_documentation()
if (index(['vim','help'], &filetype) >= 0)
execute 'h '.expand('<cword>')
elseif (coc#rpc#ready())
call CocActionAsync('doHover')
else
execute '!' . &keywordprg . " " . expand('<cword>')
endif
endfunction
" Highlight the symbol and its references when holding the cursor.
autocmd CursorHold * silent call CocActionAsync('highlight')
" Symbol renaming.
nmap <leader>rn <Plug>(coc-rename)
" Formatting selected code.
xmap <leader>f <Plug>(coc-format-selected)
nmap <leader>f <Plug>(coc-format-selected)
augroup mygroup
autocmd!
" Setup formatexpr specified filetype(s).
autocmd FileType typescript,json setl formatexpr=CocAction('formatSelected')
" Update signature help on jump placeholder.
autocmd User CocJumpPlaceholder call CocActionAsync('showSignatureHelp')
augroup end
" Applying codeAction to the selected region.
" Example: `<leader>aap` for current paragraph
xmap <leader>a <Plug>(coc-codeaction-selected)
nmap <leader>a <Plug>(coc-codeaction-selected)
" Remap keys for applying codeAction to the current buffer.
nmap <leader>ac <Plug>(coc-codeaction)
" Apply AutoFix to problem on the current line.
nmap <leader>qf <Plug>(coc-fix-current)
" Map function and class text objects
" NOTE: Requires 'textDocument.documentSymbol' support from the language server.
xmap if <Plug>(coc-funcobj-i)
omap if <Plug>(coc-funcobj-i)
xmap af <Plug>(coc-funcobj-a)
omap af <Plug>(coc-funcobj-a)
xmap ic <Plug>(coc-classobj-i)
omap ic <Plug>(coc-classobj-i)
xmap ac <Plug>(coc-classobj-a)
omap ac <Plug>(coc-classobj-a)
" Remap <C-f> and <C-b> for scroll float windows/popups.
if has('nvim-0.4.0') || has('patch-8.2.0750')
nnoremap <silent><nowait><expr> <C-f> coc#float#has_scroll() ? coc#float#scroll(1) : "\<C-f>"
nnoremap <silent><nowait><expr> <C-b> coc#float#has_scroll() ? coc#float#scroll(0) : "\<C-b>"
inoremap <silent><nowait><expr> <C-f> coc#float#has_scroll() ? "\<c-r>=coc#float#scroll(1)\<cr>" : "\<Right>"
inoremap <silent><nowait><expr> <C-b> coc#float#has_scroll() ? "\<c-r>=coc#float#scroll(0)\<cr>" : "\<Left>"
vnoremap <silent><nowait><expr> <C-f> coc#float#has_scroll() ? coc#float#scroll(1) : "\<C-f>"
vnoremap <silent><nowait><expr> <C-b> coc#float#has_scroll() ? coc#float#scroll(0) : "\<C-b>"
endif
" Use CTRL-S for selections ranges.
" Requires 'textDocument/selectionRange' support of language server.
nmap <silent> <C-s> <Plug>(coc-range-select)
xmap <silent> <C-s> <Plug>(coc-range-select)
" Add `:Format` command to format current buffer.
command! -nargs=0 Format :call CocAction('format')
" Add `:Fold` command to fold current buffer.
command! -nargs=? Fold :call CocAction('fold', <f-args>)
" Add `:OR` command for organize imports of the current buffer.
command! -nargs=0 OR :call CocAction('runCommand', 'editor.action.organizeImport')
" Add (Neo)Vim's native statusline support.
" NOTE: Please see `:h coc-status` for integrations with external plugins that
" provide custom statusline: lightline.vim, vim-airline.
set statusline^=%{coc#status()}%{get(b:,'coc_current_function',''')}
" Mappings for CoCList
" Show all diagnostics.
nnoremap <silent><nowait> <space>a :<C-u>CocList diagnostics<cr>
" Manage extensions.
nnoremap <silent><nowait> <space>e :<C-u>CocList extensions<cr>
" Show commands.
nnoremap <silent><nowait> <space>c :<C-u>CocList commands<cr>
" Find symbol of current document.
nnoremap <silent><nowait> <space>o :<C-u>CocList outline<cr>
" Search workspace symbols.
nnoremap <silent><nowait> <space>s :<C-u>CocList -I symbols<cr>
" Do default action for next item.
nnoremap <silent><nowait> <space>j :<C-u>CocNext<CR>
" Do default action for previous item.
nnoremap <silent><nowait> <space>k :<C-u>CocPrev<CR>
" Resume latest coc list.
nnoremap <silent><nowait> <space>p :<C-u>CocListResume<CR>
''

182
depot/users/kairi/base/weechat.nix
View file

@ -1,182 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
{
programs.weechat = {
init = lib.mkMerge [
(lib.mkBefore ''
/server add espernet athame.kittywit.ch/5001 -ssl -autoconnect
/matrix server add kittywitch kittywit.ch
/key bind meta-g /go
/key bind meta-v /input jump_last_buffer_displayed
/key bind meta-c /buffer close
/key bind meta-n /bar toggle nicklist
/key bind meta-b /bar toggle buflist
/relay add weechat 9000
'')
(lib.mkAfter ''
/matrix connect kittywitch
/window splith +10
/window 2
/buffer highmon
/window 1
'')
];
homeDirectory = "${config.xdg.dataHome}/weechat";
plugins.python = {
enable = true;
packages = [ "weechat-matrix" ];
};
plugins.perl = {
enable = true;
};
scripts = with pkgs.weechatScripts; [
go
auto_away
autosort
colorize_nicks
unread_buffer
urlgrab
vimode-git
weechat-matrix
title
highmon
];
config = with mapAttrs (_: toString) pkgs.base16.shell.shell256; {
logger.level.irc = 0;
logger.level.python.matrix = 0;
logger.level.core.weechat = 0;
buflist = {
format = {
indent = "\${if:\${merged}?\${if:\${buffer.prev_buffer.number}!=\${buffer.number}?:\${if:\${buffer.next_buffer.number}==\${buffer.number}?:\${if:\${buffer.next_buffer.name}=~^server||\${buffer.next_buffer.number}<0?:}}}:\${if:\${buffer.active}>0?\${if:\${buffer.next_buffer.name}=~^server?:\${if:\${buffer.next_buffer.number}>0?:}}:\${if:\${buffer.next_buffer.name}=~^server? :}}}";
buffer_current = "\${color:,${base01}}\${format_buffer}";
hotlist = " \${color:${base0B}}(\${hotlist}\${color:${base0B}})";
hotlist_highlight = "\${color:${base0F}}";
hotlist_low = "\${color:${base06}}";
hotlist_message = "\${color:${base0E}}";
hotlist_none = "\${color:${base05}}";
hotlist_private = "\${color:${base0A}}";
hotlist_separator = "\${color:${base04}},";
number = "\${color:${base0A}}\${number}\${if:\${number_displayed}?.: }";
};
};
weechat = {
look = {
mouse = true;
separator_horizontal = "";
read_marker_string = "";
prefix_same_nick = "";
};
color = {
chat_nick_self = base0F;
separator = base0A;
chat_read_marker = base0D;
chat_read_marker_bg = base03;
};
bar = {
buflist = {
size_max = 24;
color_delim = base0A;
};
input = {
items = "[input_prompt]+(away),[input_search],[input_paste],input_text,[vi_buffer]";
color_delim = base0A;
conditions = "\${window.buffer.full_name} != perl.highmon";
};
nicklist = {
size_max = 18;
color_delim = base0A;
};
status = {
color_bg = base01;
color_fg = base05;
color_delim = base0A;
items = "[time],mode_indicator,[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+matrix_typing_notice+buffer_zoom+buffer_filter,scroll,[lag],[hotlist],completion,cmd_completion";
conditions = "\${window.buffer.full_name} != perl.highmon";
};
title = {
color_bg = base01;
color_fg = base05;
color_delim = base0A;
conditions = "\${window.buffer.full_name} != perl.highmon";
};
};
};
urlgrab.default.copycmd = "${pkgs.wl-clipboard}/bin/wl-copy";
plugins.var = {
python = {
title = {
title_prefix = "weechat - ";
show_hotlist = true;
current_buffer_suffix = " [";
title_suffix = " ]";
};
vimode = {
copy_clipboard_cmd = "wl-copy";
paste_clipboard_cmd = "wl-paste --no-newline";
imap_esc_timeout = "100";
search_vim = true;
user_mappings = builtins.toJSON {
"," = "/buffer #{1}<CR>";
"``" = "/input jump_last_buffer_displayed<CR>";
"`n" = "/input jump_smart<CR>";
"k" = "/input history_previous<CR>";
"j" = "/input history_next<CR>";
"p" = "a/input clipboard_paste<ICMD><ESC>";
"P" = "/input clipboard_paste<CR>";
#"u" = "/input undo<CR>";
#"\\x01R" = "/input redo<CR>";
"\\x01K" = "/buffer move -1<CR>";
"\\x01J" = "/buffer move +1<CR>";
};
user_mappings_noremap = builtins.toJSON {
"\\x01P" = "p";
"/" = "i/";
};
user_search_mapping = "?";
mode_indicator_cmd_color_bg = base01;
mode_indicator_cmd_color = base04;
mode_indicator_insert_color_bg = base01;
mode_indicator_insert_color = base04;
mode_indicator_normal_color_bg = base01;
mode_indicator_normal_color = base04;
mode_indicator_replace_color_bg = base01;
mode_indicator_replace_color = base0E;
mode_indicator_search_color_bg = base0A;
mode_indicator_search_color = base04;
no_warn = true;
};
notify_send.icon = "";
go.short_name = true;
};
perl.highmon = {
short_names = "on";
output = "buffer";
merge_private = "on";
alignment = "nchannel,nick";
};
};
irc = {
look = {
server_buffer = "independent";
color_nicks_in_nicklist = true;
};
};
matrix = {
network = {
max_backlog_sync_events = 30;
lazy_load_room_users = true;
autoreconnect_delay_max = 5;
lag_min-show = 1000;
};
look = {
server_buffer = "independent";
redactions = "notice";
};
};
};
};
}

18
depot/users/kairi/base/xdg.nix
View file

@ -1,18 +0,0 @@
{ config, lib, ... }:
{
xdg = {
enable = true;
userDirs = {
enable = true;
pictures = "$HOME/media";
videos = "$HOME/media/videos";
documents = "$HOME/docs";
download = "$HOME/downloads";
desktop = "$HOME/tmp";
templates = "$HOME/tmp";
publicShare = "$HOME/shared";
music = "$HOME/media-share/music";
};
};
}

87
depot/users/kairi/base/zsh.nix
View file

@ -1,87 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
shellFunAlias = command: replacement: ''
if [[ ! -t 0 ]]; then
command ${command} $@
else
echo 'use ${replacement}!'
fi
'';
shellFunAliases = mapAttrs shellFunAlias;
in {
home.shell.functions = {
genmac = ''
nix run nixpkgs.openssl -c openssl rand -hex 6 | sed 's/\(..\)\(..\)\(..\)\(..\)\(..\)\(..\)/\1:\2:\3:\4:\5:\6/'
'';
nano = ''
${pkgs.wezterm}/bin/wezterm imgcat ${./nano.png}
'';
} // shellFunAliases {
sed = "sd";
find = "fd";
grep = "rg";
};
xdg.dataFile = { "z/.keep".text = ""; };
home.packages = with pkgs; [ fzf fd ];
programs.zsh = {
enable = true;
enableAutosuggestions = true;
shellAliases = {
nixdirfmt = "fd --color=never .nix | xargs nixpkgs-fmt";
exa = "exa --time-style long-iso";
ls = "exa -G";
la = "exa -Ga";
ll = "exa -l";
lla = "exa -lga";
sys = "systemctl";
log = "journalctl";
dmesg = "dmesg -HP";
lg = "log --no-pager | grep";
};
localVariables = {
_Z_DATA = "${config.xdg.dataHome}/z/data";
ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE = "fg=3,bold";
ZSH_AUTOSUGGEST_USE_ASYNC = 1;
};
plugins = [
(with pkgs.zsh-syntax-highlighting; {
name = "zsh-syntax-highlighting";
inherit src;
})
{
name = "z";
file = "z.sh";
src = pkgs.fetchFromGitHub {
owner = "rupa";
repo = "z";
rev = "9d5a3fe0407101e2443499e4b95bca33f7a9a9ca";
sha256 = "0aghw6zmd3851xpzgy0jkh25wzs9a255gxlbdr3zw81948qd9wb1";
};
}
{
name = "fzf-z";
src = pkgs.fetchFromGitHub {
owner = "andrewferrier";
repo = "fzf-z";
rev = "089ba6cacd3876c349cfb6b65dc2c3e68b478fd0";
sha256 = "1lvvkz0v4xibq6z3y8lgfkl9ibcx0spr4qzni0n925ar38s20q81";
};
}
];
oh-my-zsh = {
enable = true;
plugins = [ "git" "sudo" "adb" "cargo" "emoji" ];
};
};
programs.starship = {
enable = true;
enableZshIntegration = true;
};
programs.direnv = {
enable = true;
enableZshIntegration = true;
};
}

12
depot/users/kairi/default.nix
View file

@ -1,12 +0,0 @@
rec {
base = ./base.nix;
gui = ./gui.nix;
fvwm = ./fvwm.nix;
sway = ./sway.nix;
dev = ./dev.nix;
media = ./media.nix;
personal = ./personal.nix;
server = { imports = [ personal ]; };
guiFull = { imports = [ gui fvwm dev media personal ]; };
}

5
depot/users/kairi/dev.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./dev ]; };
}

9
depot/users/kairi/dev/cookiecutter.nix
View file

@ -1,9 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ cookiecutter ];
home.shell.functions.katenv = ''
cookiecutter cookiecutters --directory $1
'';
}

5
depot/users/kairi/dev/default.nix
View file

@ -1,5 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [ ./packages.nix ./cookiecutter.nix ];
}

5
depot/users/kairi/dev/packages.nix
View file

@ -1,5 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ hyperfine hexyl tokei horizon-eda ];
}

5
depot/users/kairi/fvwm.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./fvwm ]; };
}

13
depot/users/kairi/fvwm/default.nix
View file

@ -1,13 +0,0 @@
{ config, pkgs, ... }:
{
home.file = {
".xinitrc" = {
executable = true;
text = ''
#!${pkgs.bash}/bin/bash
exec fvwm
'';
};
};
}

5
depot/users/kairi/gui.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./gui ]; };
}

9
depot/users/kairi/gui/default.nix
View file

@ -1,9 +0,0 @@
{ config, ... }:
{
deploy.profile.gui = true;
imports = [ ./firefox ./kitty.nix ./packages.nix ./gtk.nix ./wezterm.nix ./foot.nix ./xdg.nix ./ranger.nix ];
fonts.fontconfig.enable = true;
}

57
depot/users/kairi/gui/firefox/default.nix
View file

@ -1,57 +0,0 @@
{ config, lib, pkgs, superConfig, ... }:
let
commonSettings = {
"app.update.auto" = false;
"identity.fxaccounts.account.device.name" = superConfig.networking.hostName;
"signon.rememberSignons" = false;
"browser.download.lastDir" = "/home/kairi/downloads";
"browser.urlbar.placeholderName" = "DuckDuckGo";
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
};
in
{
programs.zsh.shellAliases = {
ff-pm = "firefox --ProfileManager";
ff-main = "firefox -P main";
};
home.sessionVariables = {
XDG_CURRENT_DESKTOP = "sway";
};
programs.firefox = {
enable = true;
package = pkgs.firefox-wayland;
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
sponsorblock
auto-tab-discard
bitwarden
darkreader
decentraleyes
foxyproxy-standard
clearurls
df-youtube
https-everywhere
old-reddit-redirect
privacy-badger
reddit-enhancement-suite
refined-github
stylus
terms-of-service-didnt-read
#tree-style-tab
sidebery
multi-account-containers
ublock-origin
violentmonkey
];
profiles = {
main = {
id = 0;
isDefault = true;
settings = commonSettings // { };
userChrome = import ./userChrome.css.nix { profile = "main"; };
};
};
};
}

15
depot/users/kairi/gui/firefox/userChrome.css.nix
View file

@ -1,15 +0,0 @@
{ profile }:
''
#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar > .toolbar-items {
opacity: 0;
pointer-events: none;
}
#main-window:not([tabsintitlebar="true"]) #TabsToolbar {
visibility: collapse !important;
}
#sidebar-header {
display: none;
}
''

21
depot/users/kairi/gui/foot.nix
View file

@ -1,21 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
witch.style.base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
colors.ansi = builtins.concatStringsSep ", " (map (c: ''"#${c.hex.rgb}"'') (sublist 0 8 config.lib.arc.base16.schemeForAlias.default.shell.colours));
colors.brights = builtins.concatStringsSep ", " (map (c: ''"#${c.hex.rgb}"'') (sublist 8 8 config.lib.arc.base16.schemeForAlias.default.shell.colours));
in {
programs.foot = {
enable = true;
settings = {
main = {
term = "xterm-256color";
font = "FantasqueSansMono Nerd Font:size=10";
dpi-aware = "yes";
};
};
};
}

15
depot/users/kairi/gui/gtk.nix
View file

@ -1,15 +0,0 @@
{ config, lib, pkgs, ... }:
{
gtk = {
enable = true;
iconTheme = {
name = "Numix-Square";
package = pkgs.numix-icon-theme-square;
};
theme = {
name = "Adementary-dark";
package = pkgs.adementary-theme;
};
};
}

35
depot/users/kairi/gui/kitty.nix
View file

@ -1,35 +0,0 @@
{ config, lib, pkgs, witch, ... }:
let
witch.style.base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
witch.style.font = {
name = "Iosevka Nerd Font";
size = "10";
size_css = "14px";
};
in
{
wayland.windowManager.sway.extraSessionCommands = ''
export KITTY_CACHE_DIRECTORY="/tmp/kitty";
'';
programs.kitty = {
enable = true;
font.name = witch.style.font.name;
settings = {
font_size = witch.style.font.size;
# background = witch.style.base16.color0;
background_opacity = "0.9";
# foreground = witch.style.base16.color7;
# selection_background = witch.style.base16.color7;
# selection_foreground = witch.style.base16.color0;
# url_color = witch.style.base16.color3;
# cursor = witch.style.base16.color7;
# active_border_color = "#75715e";
# active_tab_background = "#9900ff";
# active_tab_foreground = witch.style.base16.color7;
# inactive_tab_background = "#3a3a3a";
# inactive_tab_foreground = "#665577";
}; # // witch.style.base16;
};
}

28
depot/users/kairi/gui/packages.nix
View file

@ -1,28 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.packages = with pkgs; [
_1password
bitwarden
wire-desktop
element-desktop
exiftool
thunderbird
mumble-develop
dino
transmission-remote-gtk
scrcpy
lm_sensors
p7zip
zip
unzip
nyxt
baresip
discord
tdesktop
yubikey-manager
vegur
gparted
cryptsetup
];
}

12
depot/users/kairi/gui/ranger.nix
View file

@ -1,12 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
ranger
];
xdg.configFile."ranger/rc.conf".text = ''
set preview_images true
set preview_images_method iterm2
'';
}

42
depot/users/kairi/gui/wezterm.nix
View file

@ -1,42 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
witch.style.base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
colors.ansi = builtins.concatStringsSep ", " (map (c: ''"#${c.hex.rgb}"'') (sublist 0 8 config.lib.arc.base16.schemeForAlias.default.shell.colours));
colors.brights = builtins.concatStringsSep ", " (map (c: ''"#${c.hex.rgb}"'') (sublist 8 8 config.lib.arc.base16.schemeForAlias.default.shell.colours));
in {
home.packages = [
pkgs.wezterm
];
xdg.configFile."wezterm/wezterm.lua".text = ''
local wezterm = require 'wezterm';
return {
term = "wezterm",
font = wezterm.font_with_fallback({"Iosevka Term","Twitter Color Emoji"}),
font_size = 9.0,
window_background_opacity = 0.9,
colors = {
ansi = {${colors.ansi}},
brights = {${colors.brights}},
background = "${witch.style.base16.base00}",
foreground = "${witch.style.base16.base05}",
tab_bar = {
background = "${witch.style.base16.base00}",
active_tab = {
bg_color = "${witch.style.base16.base0A}",
fg_color = "${witch.style.base16.base05}",
},
inactive_tab = {
bg_color = "${witch.style.base16.base01}",
fg_color = "${witch.style.base16.base03}",
},
},
},
}
'';
}

7
depot/users/kairi/gui/xdg.nix
View file

@ -1,7 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
xdg-utils
];
}

5
depot/users/kairi/media.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./media ]; };
}

18
depot/users/kairi/media/beets.nix
View file

@ -1,18 +0,0 @@
{ config, pkgs, lib, ... }:
{
programs.beets = {
enable = true;
package = pkgs.beets;
settings = {
directory = "~/media-share/music";
library = "~/.local/share/beets.db";
plugins = lib.concatStringsSep " " [
"mpdstats"
"mpdupdate"
"duplicates"
"chroma"
];
};
};
}

13
depot/users/kairi/media/default.nix
View file

@ -1,13 +0,0 @@
{ ... }:
{
imports = [
./mpv.nix
./obs.nix
./syncplay.nix
./beets.nix
./mpd.nix
./ncmpcpp.nix
./packages.nix
];
}

41
depot/users/kairi/media/mpd.nix
View file

@ -1,41 +0,0 @@
{ config, pkgs, ... }:
{
services.mpd = {
enable = true;
package = pkgs.mpd-youtube-dl;
network = {
startWhenNeeded = true;
listenAddress = "[::]";
};
musicDirectory = "/home/kairi/music";
extraConfig = ''
max_output_buffer_size "32768"
audio_output {
type "fifo"
name "my_fifo"
path "/tmp/mpd.fifo"
format "44100:16:2"
}
audio_output {
type "pulse"
name "speaker"
}
audio_output {
bind_to_address "[::]"
type "httpd"
name "httpd-high"
encoder "opus"
bitrate "96000"
port "32101"
max_clients "4"
format "48000:16:2"
always_on "yes"
tags "yes"
}
'';
};
}

111
depot/users/kairi/media/mpv.nix
View file

@ -1,111 +0,0 @@
{ config, lib, pkgs, ... }:
{
programs.mpv = {
enable = true;
scripts = [ pkgs.mpvScripts.sponsorblock pkgs.mpvScripts.paused ];
bindings =
let
vim = {
"l" = "seek 5";
"h" = "seek -5";
"k" = "seek 60";
"j" = "seek -60";
"Ctrl+l" = "seek 1 exact";
"Ctrl+h" = "seek -1 exact";
"Ctrl+L" = "sub-seek 1";
"Ctrl+H" = "sub-seek -1";
"Ctrl+k" = "add chapter 1";
"Ctrl+j" = "add chapter -1";
"Ctrl+K" = "playlist-next";
"Ctrl+J" = "playlist-prev";
"Alt+h" = "frame-back-step";
"Alt+l" = "frame-step";
"`" = "cycle mute";
"MBTN_RIGHT" = "cycle pause";
"w" = "screenshot";
"W" = "screenshot video";
"Ctrl+w" = "screenshot window";
"Ctrl+W" = "screenshot each-frame";
"o" = "show-progress";
"O" = "script-message show_osc_dur 5";
"F1" = "cycle sub";
"F2" = "cycle audio";
"Ctrl+p" = "cycle video";
"L" = "add volume 2";
"H" = "add volume -2";
"Alt+H" = "add audio-delay -0.100";
"Alt+L" = "add audio-delay 0.100";
"1" = "set volume 10";
"2" = "set volume 20";
"3" = "set volume 30";
"4" = "set volume 40";
"5" = "set volume 50";
"6" = "set volume 60";
"7" = "set volume 70";
"8" = "set volume 80";
"9" = "set volume 90";
")" = "set volume 150";
"0" = "set volume 100";
"m" = "cycle mute";
"Ctrl+r" = "loadfile \${path}";
"Ctrl+R" = "video-reload";
"d" = "drop-buffers";
"Ctrl+d" = "quit";
};
other = {
"RIGHT" = vim."l";
"LEFT" = vim."h";
"UP" = vim."k";
"DOWN" = vim."j";
"Ctrl+0" = "set speed 1.0";
"Ctrl+=" = "multiply speed 1.1";
"Ctrl+-" = "multiply speed 1/1.1";
"Shift+LEFT" = vim."H";
"Shift+RIGHT" = vim."L";
"Ctrl+RIGHT" = vim."Ctrl+l";
"Ctrl+LEFT" = vim."Ctrl+h";
"Ctrl+Shift+LEFT" = vim."Ctrl+H";
"Ctrl+Shift+RIGHT" = vim."Ctrl+L";
"Ctrl+UP" = vim."Ctrl+k";
"Ctrl+DOWN" = vim."Ctrl+j";
"Ctrl+Shift+UP" = vim."Ctrl+K";
"Ctrl+Shift+DOWN" = vim."Ctrl+J";
"Alt+LEFT" = vim."Alt+h";
"Alt+RIGHT" = vim."Alt+l";
"SPACE" = vim."MBTN_RIGHT";
"m" = vim."`";
"WHEEL_UP" = vim."L";
"WHEEL_DOWN" = vim."H";
}; in vim // other;
config = {
no-input-default-bindings = "";
profile = "gpu-hq";
gpu-context = "wayland";
vo = "gpu";
volume-max = 200;
keep-open = true;
opengl-waitvsync = true;
hwdec = "auto";
demuxer-max-bytes = "2000MiB";
demuxer-max-back-bytes = "250MiB";
osd-scale-by-window = false;
osd-bar-h = 2.5; # 3.125 default
osd-border-size = 2; # font border pixels, default 3
term-osd-bar = true;
script-opts = lib.concatStringsSep ","
(lib.mapAttrsToList (k: v: "${k}=${toString v}") {
osc-layout = "slimbox";
osc-vidscale = "no";
osc-deadzonesize = 0.75;
osc-minmousemove = 4;
osc-hidetimeout = 2000;
osc-valign = 0.9;
osc-timems = "yes";
osc-seekbarstyle = "knob";
osc-seekbarkeyframes = "no";
osc-seekrangestyle = "slider";
});
};
};
}

52
depot/users/kairi/media/ncmpcpp.nix
View file

@ -1,52 +0,0 @@
{ config, ... }:
{
programs.ncmpcpp = {
enable = true;
mpdMusicDir = "/home/kairi/music";
settings = {
visualizer_data_source = "/tmp/mpd.fifo";
visualizer_output_name = "my_fifo";
visualizer_in_stereo = "yes";
visualizer_type = "spectrum";
visualizer_look = "+|";
user_interface = "alternative";
colors_enabled = "yes";
discard_colors_if_item_is_selected = "no";
header_window_color = "250";
volume_color = "250";
state_line_color = "cyan";
state_flags_color = "cyan";
alternative_ui_separator_color = "yellow";
statusbar_color = "yellow";
progressbar_color = "black";
progressbar_elapsed_color = "blue";
window_border_color = "yellow";
playlist_display_mode = "classic";
song_columns_list_format =
"(3f)[cyan]{n} (40)[default]{t|f} (25)[red]{a} (30)[blue]{b} (4f)[cyan]{l}";
now_playing_prefix = "$b";
song_list_format =
" $7%n$9 $8-$9 $6%a$9 $8-$9 $5%b$9 $R $8%t$9 ($4%l$9) ";
song_library_format = "{%n > }{%t}|{%f}";
song_status_format = "{%a - }{%t - }{%b}";
titles_visibility = "no";
header_visibility = "no";
statusbar_visibility = "no";
now_playing_suffix = "$/b";
progressbar_look = " ";
media_library_primary_tag = "album_artist";
search_engine_display_mode = "columns";
};
bindings = [
{
key = "+";
command = "add";
}
{
key = "-";
command = "load";
}
];
};
}

10
depot/users/kairi/media/obs.nix
View file

@ -1,10 +0,0 @@
{ config, pkgs, ... }:
{
programs.obs-studio = {
enable = true;
plugins = [ pkgs.obs-studio-plugins.wlrobs ];
};
programs.zsh.shellAliases = { obs = "env QT_QPA_PLATFORM=xcb obs"; };
}

22
depot/users/kairi/media/packages.nix
View file

@ -1,22 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
audacity
avidemux
gst_all_1.gstreamer.dev
gst_all_1.gstreamer
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-good
gst_all_1.gst-plugins-bad
gst_all_1.gst-plugins-ugly
vlc
imv
ffmpeg-full
youtube-dl
mkchromecast
v4l-utils
gimp-with-plugins
wf-recorder
];
}

31
depot/users/kairi/media/syncplay.nix
View file

@ -1,31 +0,0 @@
{ config, ... }:
{
programs.syncplay = {
enable = true;
username = "kat";
defaultRoom = "lounge";
server = { host = "sync.kittywit.ch"; };
playerArgs = [
"--ytdl-format=bestvideo[height<=1080]+bestaudio/best[height<=1080]/bestvideo+bestaudio/best"
];
# gui = false;
config = {
client_settings = {
onlyswitchtotrusteddomains = false;
autoplayrequiresamefiles = false;
readyatstart = true;
pauseonleave = false;
rewindondesync = false;
rewindthreshold = 6.0;
fastforwardthreshold = 6.0;
unpauseaction = "Always";
};
gui = {
#autosavejoinstolist = false;
showdurationnotification = false;
};
};
};
}

5
depot/users/kairi/personal.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./personal ]; };
}

5
depot/users/kairi/personal/default.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
imports = [ ./gpg.nix ./packages.nix ];
}

21
depot/users/kairi/personal/gpg.nix
View file

@ -1,21 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.sessionVariables = {
SSH_AUTH_SOCK =
"\${SSH_AUTH_SOCK:-$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket)}";
};
services.gpg-agent = {
enable = true;
enableExtraSocket = true;
enableSshSupport = false;
pinentryFlavor = "gtk2";
extraConfig = lib.mkMerge [
"auto-expand-secmem 0x30000" # otherwise "gpg: public key decryption failed: Cannot allocate memory"
"pinentry-timeout 30"
"allow-loopback-pinentry"
"enable-ssh-support"
"no-allow-external-cache"
];
};
}

5
depot/users/kairi/personal/packages.nix
View file

@ -1,5 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ pinentry.gtk2 ];
}

5
depot/users/kairi/sway.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./sway ]; };
}

14
depot/users/kairi/sway/default.nix
View file

@ -1,14 +0,0 @@
{ config, pkgs, ... }:
{
deploy.profile.sway = true;
imports = [
./waybar
./mako.nix
./sway.nix
./gammastep.nix
./konawall.nix
./packages.nix
];
}

9
depot/users/kairi/sway/gammastep.nix
View file

@ -1,9 +0,0 @@
{ config, lib, ... }:
{
services.gammastep = {
enable = true;
latitude = "51.5074";
longitude = "0.1278";
};
}

5
depot/users/kairi/sway/konawall.nix
View file

@ -1,5 +0,0 @@
{ config, ... }:
{
services.konawall = { enable = true; };
}

35
depot/users/kairi/sway/mako.nix
View file

@ -1,35 +0,0 @@
{ config, pkgs, lib, witch, ... }:
let
base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
font = {
name = "Iosevka Nerd Font";
size = "10";
size_css = "14px";
};
in
{
systemd.user.services = {
mako = {
Unit = {
Description = "mako";
X-Restart-Triggers =
[ (toString config.xdg.configFile."mako/config".source) ];
};
Service = {
ExecStart = "${pkgs.mako}/bin/mako";
Restart = "always";
};
Install = { WantedBy = [ "graphical-session.target" ]; };
};
};
programs.mako = {
enable = true;
defaultTimeout = 3000;
borderColor = base16.base0A;
backgroundColor = "${base16.base00}70";
textColor = base16.base05;
};
}

5
depot/users/kairi/sway/packages.nix
View file

@ -1,5 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ kat-scrot ];
}

232
depot/users/kairi/sway/sway.nix
View file

@ -1,232 +0,0 @@
{ config, pkgs, lib, witch, ... }:
let
base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
font = {
name = "Iosevka";
size = 9.0;
size_css = "14px";
};
in
{
home.sessionVariables = {
XDG_CURRENT_DESKTOP = "sway";
XDG_SESSION_TYPE = "wayland";
};
home.packages = with pkgs; [ grim slurp wl-clipboard jq ];
services.i3gopher = { enable = true; };
programs.zsh.profileExtra = ''
# If running from tty1 start sway
if [ "$(tty)" = "/dev/tty1" ]; then
systemctl --user unset-environment \
SWAYSOCK \
I3SOCK \
WAYLAND_DISPLAY \
DISPLAY \
IN_NIX_SHELL \
__HM_SESS_VARS_SOURCED \
GPG_TTY \
NIX_PATH \
SHLVL
exec env --unset=SHLVL systemd-cat -t sway -- sway
fi
'';
wayland.windowManager.sway =
let
cfg = config.wayland.windowManager.sway.config;
bindsym = k: v: "bindsym ${k} ${v}";
bindWorkspace = key: workspace: {
"${cfg.modifier}+${key}" = "workspace number ${workspace}";
"${cfg.modifier}+shift+${key}" =
"move container to workspace number ${workspace}";
};
workspaceBindings = map (v: bindWorkspace v "${v}:${v}") [
"1"
"2"
"3"
"4"
"5"
"6"
"7"
"8"
"9"
] ++ [ (bindWorkspace "0" "10:10") ]
++ lib.imap1 (i: v: bindWorkspace v "${toString (10 + i)}:${v}") [
"F1"
"F2"
"F3"
"F4"
"F5"
"F6"
"F7"
"F8"
"F9"
"F10"
"F11"
"F12"
];
workspaceBindings' = map (lib.mapAttrsToList bindsym) workspaceBindings;
workspaceBindingsStr =
lib.concatStringsSep "\n" (lib.flatten workspaceBindings');
in
{
enable = true;
config =
let
dmenu =
"${pkgs.bemenu}/bin/bemenu --fn '${font.name} ${toString font.size}' --nb '${base16.base00}' --nf '${base16.base07}' --sb '${base16.base01}' --sf '${base16.base07}' -l 5 -m -1 -i";
in
{
bars = [{ command = "${pkgs.waybar}/bin/waybar"; }];
input = {
"*" = {
xkb_layout = "gb";
# xkb_variant = "nodeadkeys";
# xkb_options = "ctrl:nocaps";
};
};
fonts = {
names = [ font.name ];
style = "Medium";
size = font.size;
};
terminal = "${pkgs.wezterm}/bin/wezterm";
# TODO: replace with wofi
menu =
"${pkgs.j4-dmenu-desktop}/bin/j4-dmenu-desktop --dmenu=\"${dmenu}\" --term='${cfg.terminal}'";
modifier = "Mod4";
assigns = { "12:F2" = [{ class = "screenstub"; }]; };
startup = [
{
command = "systemctl --user restart mako";
always = true;
}
{ command = "mkchromecast -t"; }
{
command = "systemctl --user restart konawall.service";
always = true;
}
];
window = {
border = 1;
titlebar = true;
};
keybindings = {
"${cfg.modifier}+Return" = "exec ${cfg.terminal}";
"${cfg.modifier}+Left" = "focus left";
"${cfg.modifier}+Down" = "focus down";
"${cfg.modifier}+Up" = "focus up";
"${cfg.modifier}+Right" = "focus right";
"${cfg.modifier}+Shift+Left" = "move left";
"${cfg.modifier}+Shift+Down" = "move down";
"${cfg.modifier}+Shift+Up" = "move up";
"${cfg.modifier}+Shift+Right" = "move right";
"${cfg.modifier}+Shift+space" = "floating toggle";
"${cfg.modifier}+space" = "focus mode_toggle";
"${cfg.modifier}+Tab" = "workspace back_and_forth";
"${cfg.modifier}+Shift+Tab" =
"exec ${config.services.i3gopher.focus-last}";
"${cfg.modifier}+Ctrl+Left" = "workspace prev_on_output";
"${cfg.modifier}+Ctrl+Right" = "workspace next_on_output";
"XF86AudioRaiseVolume" =
"exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') +5%";
"XF86AudioLowerVolume" =
"exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') -5%";
"XF86AudioMute" =
"exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/{print $3}') toggle";
"XF86AudioMicMute" =
"exec pactl set-source-mute $(pacmd list-sources |awk '/* index:/{print $3}') toggle";
"XF86MonBrightnessDown" = "exec ${pkgs.light}/bin/light -U 5";
"XF86MonBrightnessUp" = "exec ${pkgs.light}/bin/light -A 5";
"${cfg.modifier}+d" = "exec ${cfg.menu}";
"${cfg.modifier}+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload screen";
"${cfg.modifier}+Shift+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload area";
"${cfg.modifier}+Mod1+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload window";
"${cfg.modifier}+Control+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload output";
"Print" = "exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys screen";
"Shift+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys area";
"Mod1+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys window";
"Control+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys output";
"${cfg.modifier}+i" = "move workspace to output left";
"${cfg.modifier}+o" = "move workspace to output right";
"${cfg.modifier}+b" = "splith";
"${cfg.modifier}+v" = "splitv";
"${cfg.modifier}+s" = "layout stacking";
"${cfg.modifier}+w" = "layout tabbed";
"${cfg.modifier}+e" = "layout toggle split";
"${cfg.modifier}+f" = "fullscreen";
"${cfg.modifier}+Shift+q" = "kill";
"${cfg.modifier}+Shift+c" = "reload";
"${cfg.modifier}+r" = "mode resize";
"${cfg.modifier}+Delete" = ''
mode "System (l) lock, (e) logout, (s) suspend, (h) hibernate, (r) reboot, (Shift+s) shutdown"'';
};
colors = {
focused = {
border = base16.base08;
background = base16.base0A;
text = base16.base00;
indicator = base16.base0B;
childBorder = base16.base08;
};
focusedInactive = {
border = base16.base00;
background = base16.base07;
text = base16.base0A;
indicator = base16.base0B;
childBorder = base16.base03;
};
unfocused = {
border = base16.base00;
background = base16.base01;
text = base16.base04;
indicator = base16.base08;
childBorder = base16.base08;
};
urgent = {
border = base16.base00;
background = base16.base09;
text = base16.base00;
indicator = base16.base01;
childBorder = base16.base08;
};
};
};
wrapperFeatures.gtk = true;
extraConfig = ''
seat seat0 xcursor_theme breeze_cursors 20
workspace_auto_back_and_forth yes
${workspaceBindingsStr}
'';
};
}

BIN
depot/users/kairi/sway/wallpapers/left.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 451 KiB

BIN
depot/users/kairi/sway/wallpapers/main.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 5.2 MiB

BIN
depot/users/kairi/sway/wallpapers/right.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.3 MiB

116
depot/users/kairi/sway/waybar/default.nix
View file

@ -1,116 +0,0 @@
{ config, lib, pkgs, witch, ... }:
let
base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
font = {
name = "Iosevka Nerd Font";
size = "10";
size_css = "12px";
};
in
{
config = lib.mkIf config.deploy.profile.sway {
programs.waybar = {
enable = true;
style = import ./waybar.css.nix {
inherit font base16;
inherit (pkgs) hextorgba;
};
settings = [{
modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ];
modules-center = [ ]; # "clock" "custom/weather"
modules-right = [
"pulseaudio"
"cpu"
"memory"
"temperature"
"backlight"
"battery"
#"mpd"
"network"
"custom/gpg-status"
#"custom/weather"
"clock"
"idle_inhibitor"
"tray"
];
modules = {
"sway/workspaces" = { format = "{name}"; };
#"custom/weather" = {
# format = "{}";
# interval = 3600;
# on-click = "xdg-open 'https://google.com/search?q=weather'";
# exec =
# "${pkgs.kat-weather}/bin/kat-weather ${witch.secrets.profiles.sway.city} ${witch.secrets.profiles.sway.api_key}";
#};
"custom/gpg-status" = {
format = "{}";
interval = 300;
exec = "${pkgs.kat-gpg-status}/bin/kat-gpg-status";
};
cpu = { format = " {usage}%"; };
#mpd = {
# format = " {albumArtist} - {title}";
# format-stopped = "ﱙ";
# format-paused = " Paused";
# title-len = 16;
#};
memory = { format = " {percentage}%"; };
temperature = { format = "{temperatureC}°C"; };
idle_inhibitor = {
format = "{icon}";
format-icons = {
activated = "";
deactivated = "";
};
};
backlight = {
format = "{icon} {percent}%";
format-icons = [ "" "" ];
on-scroll-up = "${pkgs.light}/bin/light -A 1";
on-scroll-down = "${pkgs.light}/bin/light -U 1";
};
battery = {
states = {
good = 90;
warning = 30;
critical = 15;
};
format = "{icon} {capacity}%";
format-charging = " {capacity}%";
format-plugged = " {capacity}%";
format-alt = "{icon} {time}";
format-icons = [ "" "" "" "" "" ];
};
pulseaudio = {
format = " {volume}%";
on-click = "pavucontrol";
};
network = {
format-wifi = "";
format-ethernet = "";
format-linked = " {ifname} (No IP)";
format-disconnected = " Disconnected ";
format-alt = " {ifname}: {ipaddr}/{cidr}";
tooltip-format-wifi = "{essid} ({signalStrength}%)";
};
clock = {
format = " {:%T %z}";
tooltip = true;
tooltip-format = "{:%A, %F %T %z (%Z)}";
timezones = [
"Europe/London"
"America/Vancouver"
"America/Chicago"
"Europe/Berlin"
"Pacific/Auckland"
];
interval = 1;
};
};
}];
};
};
}

73
depot/users/kairi/sway/waybar/waybar.css.nix
View file

@ -1,73 +0,0 @@
{ hextorgba, base16, font }:
''
* {
border: none;
border-radius: 0;
font-family: "${font.name}";
font-size: ${font.size_css};
min-height: 14px
}
#clock, #memory, #cpu, #temperature, #pulseaudio, #network, #mpd, #backlight, #battery, #custom-weather, #custom-gpg-status, #idle_inhibitor {
margin-left: 8px;
margin-right: 8px;
padding-left: 8px;
padding-right: 8px;
transition: none;
border-bottom: 2px solid ${base16.base00};
color: ${base16.base05}
}
window#waybar { background: ${hextorgba base16.base00} }
#tray {
margin-left: 8px;
}
#window {
color: ${base16.base06};
padding-left: 16px;
padding-right: 16px
}
#workspaces { padding: 0px 4px 0px 4px }
#workspaces button {
color: ${base16.base04};
background: ${hextorgba base16.base02};
font-size: 16px;
margin: 0px 4px 0px 4px;
border-bottom: 2px solid transparent;
border-left: 1px solid ${base16.base07};
border-right: 1px solid ${base16.base07}
}
#workspaces button:last-child { margin-right: 0px }
#workspaces button.focused {
color: ${base16.base0A};
border-bottom-color: ${base16.base0A}
}
#workspaces button:hover {
transition: none;
box-shadow: inherit;
text-shadow: inherit;
color: ${base16.base0F};
border-bottom-color: ${base16.base0F}
}
#mpd, #idle_inhibitor { border-color: #5af78e }
#mpd.disconnected, #mpd.stopped { border-color: #282a36 }
#network { border-color: ${base16.base08} }
#custom-weather { border-color: ${base16.base00} }
#custom-gpg-status { border-color: ${base16.base09} }
#pulseaudio { border-color: ${base16.base0A} }
#temperature { border-color: ${base16.base0B} }
#battery { border-color: ${base16.base0C} }
#backlight { border-color: ${base16.base0D} }
#cpu { border-color: ${base16.base0E} }
#memory { border-color: ${base16.base0F} }
#clock { border-color: ${base16.base06} }
''

4
depot/users/kat/gui/packages.nix
View file

@ -9,7 +9,7 @@
exiftool
thunderbird
mumble-develop
dino
dino-omemo
transmission-remote-gtk
scrcpy
lm_sensors
@ -18,7 +18,7 @@
unzip
nyxt
baresip
discord
discord-nssfix
tdesktop
yubikey-manager
cryptsetup

3
depot/users/kat/media/ncmpcpp.nix
View file

@ -1,9 +1,10 @@
{ config, ... }:
{ config, pkgs, ... }:
{
programs.ncmpcpp = {
enable = true;
mpdMusicDir = "/home/kat/media-share/music";
package = pkgs.ncmpcpp-kat;
settings = {
visualizer_data_source = "/tmp/mpd.fifo";
visualizer_output_name = "my_fifo";

1
depot/users/kat/media/obs.nix
View file

@ -3,6 +3,7 @@
{
programs.obs-studio = {
enable = true;
package = pkgs.obs-studio-pipewire;
plugins = [ pkgs.obs-studio-plugins.wlrobs ];
};

7
depot/users/kat/sway/konawall.nix
View file

@ -1,5 +1,8 @@
{ config, ... }:
{ config, pkgs, ... }:
{
services.konawall = { enable = true; };
services.konawall = {
enable = true;
package = pkgs.konawall-sway;
};
}

2
depot/users/kat/sway/packages.nix
View file

@ -1,5 +1,5 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ kat-scrot ];
home.packages = with pkgs; [ sway-scrot ];
}

16
depot/users/kat/sway/sway.nix
View file

@ -279,22 +279,22 @@ in
# screenshots - upload
"${cfg.modifier}+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload screen";
"exec ${pkgs.sway-scrot}/bin/sway-scrot --notify upload screen";
"${cfg.modifier}+Shift+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload area";
"exec ${pkgs.sway-scrot}/bin/sway-scrot --notify upload area";
"${cfg.modifier}+Mod1+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload window";
"exec ${pkgs.sway-scrot}/bin/sway-scrot --notify upload window";
"${cfg.modifier}+Control+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload output";
"exec ${pkgs.sway-scrot}/bin/sway-scrot --notify upload output";
# screenshots - clipboard
"Print" = "exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys screen";
"Print" = "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify copys screen";
"Shift+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys area";
"exec ${pkgs.sway-scrot}/bin/sway-scrot --notify copys area";
"Mod1+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys window";
"exec ${pkgs.sway-scrot}/bin/sway-scrot --notify copys window";
"Control+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys output";
"exec ${pkgs.sway-scrot}/bin/sway-scrot --notify copys output";
# layout handling
"${cfg.modifier}+b" = "splith";

6
depot/users/kat/sway/waybar/default.nix
View file

@ -52,15 +52,15 @@ in
format = "{}";
interval = 300;
return-type = "json";
exec = "${pkgs.kat-gpg-status}/bin/kat-gpg-status";
exec = "${pkgs.waybar-gpg}/bin/kat-gpg-status";
};
"custom/konawall" = {
format = "{}";
interval = "once";
return-type = "json";
exec = "${pkgs.konawall-toggle}/bin/konawall-status";
exec = "${pkgs.waybar-konawall}/bin/konawall-status";
exec-on-event = true;
on-click = "${pkgs.konawall-toggle}/bin/konawall-toggle";
on-click = "${pkgs.waybar-konawall}/bin/konawall-toggle";
on-click-right = "systemctl --user restart konawall";
};
cpu = { format = " {usage}%"; };

25
lib/color-helpers.nix
View file

@ -1,25 +0,0 @@
{ lib }: rec {
hexChars =
[ "0" "1" "2" "3" "4" "5" "6" "7" "8" "9" "a" "b" "c" "d" "e" "f" ];
hexCharToInt = char:
let
pairs = lib.imap0 (lib.flip lib.nameValuePair) hexChars;
idx = builtins.listToAttrs pairs;
in
idx.${lib.toLower char};
hexToInt = str:
lib.foldl (value: chr: value * 16 + hexCharToInt chr) 0
(lib.stringToCharacters str);
hextorgba = hex: alpha:
(
let
r_hex = lib.substring 1 2 hex;
g_hex = lib.substring 3 2 hex;
b_hex = lib.substring 5 2 hex;
r_dec = hexToInt r_hex;
g_dec = hexToInt g_hex;
b_dec = hexToInt b_hex;
in
"rgba(${toString r_dec}, ${toString g_dec}, ${toString b_dec}, ${toString alpha})"
);
}

20
lib/default.nix
View file

@ -1,20 +0,0 @@
{ pkgs ? import <nixpkgs> { }
, lib ? pkgs.lib
# for internal use...
, super ? if !isOverlayLib then lib else { }
, self ? if isOverlayLib then lib else { }
, before ? if !isOverlayLib then lib else { }
, isOverlayLib ? false
}@args: let
colorHelpers = import ./color-helpers.nix { inherit lib; };
lib = before // katlib // self;
katlib = with before; with katlib; with self;
{
inherit (colorHelpers) hextorgba;
hostImport = import ./host-import.nix { inherit lib; };
virtualHostGen = import ./virtual-host-gen.nix { inherit lib; };
domainMerge = import ./domain-merge.nix { inherit lib; };
modListMerge = import ./intersect-merge.nix { inherit lib; };
modList = import ./module-list.nix { inherit lib; };
folderList = import ./folder-list.nix { inherit lib; };
}; in katlib

9
lib/domain-merge.nix
View file

@ -1,9 +0,0 @@
{ lib }: { folder, defaultFile ? "default.nix", folderPaths ? [ (../depot + "/${folder}") (../depot/trusted + "/${folder}") ] }: with lib; let
defaultFileFinal = if (defaultFile == "default.nix" && folder == "hosts") then
"meta.nix"
else defaultFile;
folderModLists = map (folderPath: modList {
modulesDir = folderPath;
defaultFile = defaultFileFinal;
}) (filter builtins.pathExists folderPaths);
in foldl modListMerge { } folderModLists

5
lib/folder-list.nix
View file

@ -1,5 +0,0 @@
{ lib }: path: excludes: let
filterAttrNamesToList = filter: set:
lib.foldl' (a: b: a ++ b) [ ]
(map (e: if (filter e set.${e}) then [ e ] else [ ]) (lib.attrNames set));
in (filterAttrNamesToList (name: type: ! (builtins.elem name excludes) && type == "directory") (builtins.readDir path))

12
lib/host-import.nix
View file

@ -1,12 +0,0 @@
{ lib }: { hostName, profiles }: with lib; filter builtins.pathExists [
(../depot/hosts + "/${hostName}/nixos.nix")
(../depot/trusted/hosts + "/${hostName}/nixos.nix")
] ++ (if builtins.isAttrs profiles.base then profiles.base.imports
else singleton profiles.base) ++ singleton {
home-manager.users.kat = {
imports = filter builtins.pathExists [
(../depot/hosts + "/${hostName}/home.nix")
(../depot/trusted/hosts + "/${hostName}/home.nix")
];
};
}

4
lib/intersect-merge.nix
View file

@ -1,4 +0,0 @@
{ lib }: pathsA: pathsB: with lib; let
pathIntersection = intersectLists (attrNames pathsA) (attrNames pathsB);
pathMerger = pathA: pathB: { imports = [ pathA pathB ]; };
in pathsA // pathsB // genAttrs pathIntersection (key: (pathMerger pathsA.${key} pathsB.${key}))

28
lib/module-list.nix
View file

@ -1,28 +0,0 @@
{ lib }: { modulesDir, defaultFile ? "default.nix", importAll ? false }:
with builtins;
let
isModule = m: lib.isFunction m && (m.isModule or true);
filterAttrNamesToList = filter: set:
foldl' (a: b: a ++ b) [ ]
(map (e: if (filter e set.${e}) then [ e ] else [ ]) (attrNames set));
nameValuePair = name: value: { inherit name value; };
listToAttrs = foldl' (acc: val: acc // { ${val.name} = val.value; }) { };
directories =
filterAttrNamesToList (_: type: type == "directory") (readDir modulesDir);
files = map (dir: nameValuePair dir (modulesDir + "/${dir}/${defaultFile}"))
(filter (f: builtins.pathExists (modulesDir + "/${f}/${defaultFile}")) directories);
modules = map
({ name, value }:
# if the file contains a function, assume it to be a module and pass the path
# (for dedup and such). if it contains anything else, pass that.
let m = import value;
in
{
inherit name;
value = if lib.isFunction m && ! isModule m then m { inherit lib; } else if isModule m && !importAll then value else m;
})
files;
in
(listToAttrs modules)

9
lib/virtual-host-gen.nix
View file

@ -1,9 +0,0 @@
{ lib }: { config, networkFilter ? [ ], addresses ? [ ], block }: with lib;
let
networks = config.network.addresses;
filteredNetworks = filterAttrs (n: v: elem n networkFilter && v.enable) networks;
networkValues = attrValues filteredNetworks;
addressList = concatMap (n: n.out.identifierList) networkValues;
hostBlocks = map (host: nameValuePair host block) addressList;
in listToAttrs hostBlocks

0
meta-base.nix → meta.nix
View file

Some files were not shown because too many files have changed in this diff Show more