gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

remove kairi user, remove wiki submodule, refactor for nixexprs

Browse source
This commit is contained in:
kat witch 2021-08-17 01:57:41 +01:00
parent 8775c500cb
commit 6008b46cd8
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
128 changed files with 130 additions and 4562 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,3 +1,4 @@
/result /result
/result* /result*
/.direnv/ /.direnv/
/wiki

3
.gitmodules vendored
View file

@ -2,6 +2,3 @@
path = depot/trusted path = depot/trusted
branch = main branch = main
url = "https://git.kittywit.ch/kat/nixfiles-trusted.git" url = "https://git.kittywit.ch/kat/nixfiles-trusted.git"
[submodule "wiki"]
path = wiki
url = git@github.com:kittywitch/nixfiles.wiki.git

13
default.nix
View file

@ -2,11 +2,13 @@ let
# Sources are from niv. # Sources are from niv.
sources = import ./nix/sources.nix; sources = import ./nix/sources.nix;
# We pass sources through to pkgs and get our nixpkgs + overlays. # We pass sources through to pkgs and get our nixpkgs + overlays.
pkgs = import ./pkgs { inherit sources; }; pkgs = import ./pkgs.nix { inherit sources; };
# We want our overlaid lib. # We want our overlaid lib.
inherit (pkgs) lib; inherit (pkgs) lib;
# This is used for caching niv sources in CI. # This is used for caching niv sources in CI.
sourceCache = import ./cache.nix { inherit sources lib; }; sourceCache = import ./cache.nix { inherit sources lib; };
# This is used for the base path for hostImport.
root = ./.;
/* /*
This is used to generate specialArgs + the like. It works as such: This is used to generate specialArgs + the like. It works as such:
@ -19,13 +21,16 @@ let
lib.foldl' (a: b: a ++ b) [ ] lib.foldl' (a: b: a ++ b) [ ]
(map (e: if (filter e set.${e}) then [ e ] else [ ]) (lib.attrNames set)); (map (e: if (filter e set.${e}) then [ e ] else [ ]) (lib.attrNames set));
depotNames = lib.unique (lib.folderList ./depot ["trusted"] ++ lib.folderList ./depot/trusted ["pkgs"]); depotNames = lib.unique (lib.folderList ./depot ["trusted"] ++ lib.folderList ./depot/trusted ["pkgs"]);
depot = lib.mapListToAttrs (folder: lib.nameValuePair folder (lib.domainMerge { inherit folder; })) depotNames; depot = lib.mapListToAttrs (folder: lib.nameValuePair folder (lib.domainMerge {
inherit folder;
folderPaths = [ (./depot + "/${folder}") (./depot/trusted + "/${folder}") ];
})) depotNames;
/* /*
We use this to make the meta runner use this file and to use `--show-trace` on nix-builds. We use this to make the meta runner use this file and to use `--show-trace` on nix-builds.
We also pass through pkgs to meta this way. We also pass through pkgs to meta this way.
*/ */
metaConfig = import ./meta-base.nix { metaConfig = import ./meta.nix {
inherit pkgs lib depot; inherit pkgs lib depot;
}; };
@ -38,7 +43,7 @@ let
++ lib.singleton ./depot/modules/meta/default.nix; ++ lib.singleton ./depot/modules/meta/default.nix;
specialArgs = { specialArgs = {
inherit sources; inherit sources root;
meta = self; meta = self;
} // depot; } // depot;
}; };

4
depot/hosts/athame/meta.nix
View file

@ -1,4 +1,4 @@
{ profiles, lib, config, ... }: with lib; { { profiles, lib, root, config, ... }: with lib; {
config = { config = {
deploy.targets.infra = { deploy.targets.infra = {
tf = { tf = {
@ -15,7 +15,7 @@ config = {
network.nodes.athame = { network.nodes.athame = {
imports = lib.hostImport { imports = lib.hostImport {
hostName = "athame"; hostName = "athame";
inherit profiles; inherit profiles root;
}; };
networking = { networking = {
hostName = "athame"; hostName = "athame";

4
depot/hosts/beltane/meta.nix
View file

@ -1,4 +1,4 @@
{ profiles, config, lib, ... }: with lib; { { profiles, config, root, lib, ... }: with lib; {
config = { config = {
deploy.targets.beltane = { deploy.targets.beltane = {
tf = { tf = {
@ -15,7 +15,7 @@
network.nodes.beltane = { network.nodes.beltane = {
imports = lib.hostImport { imports = lib.hostImport {
hostName = "beltane"; hostName = "beltane";
inherit profiles; inherit profiles root;
}; };
networking = { networking = {
hostName = "beltane"; hostName = "beltane";

3
depot/hosts/beltane/nixos.nix
View file

@ -94,6 +94,9 @@ with lib;
}; };
network = { network = {
extraCerts = {
"private_root" = "altar.kittywit.ch";
};
addresses = { addresses = {
private = { private = {
ipv4.address = "192.168.1.2"; ipv4.address = "192.168.1.2";

4
depot/hosts/dummy/meta.nix
View file

@ -1,9 +1,9 @@
{ lib, config, profiles, ... }: with lib; { { lib, config, root, profiles, ... }: with lib; {
deploy.targets.dummy.enable = false; deploy.targets.dummy.enable = false;
network.nodes.dummy = { network.nodes.dummy = {
imports = lib.hostImport { imports = lib.hostImport {
hostName = "dummy"; hostName = "dummy";
inherit profiles; inherit profiles root;
}; };
networking = { networking = {
hostName = "dummy"; hostName = "dummy";

4
depot/hosts/ostara/meta.nix
View file

@ -1,4 +1,4 @@
{ meta, profiles, config, lib, ... }: with lib; { { meta, profiles, root, config, lib, ... }: with lib; {
config = { config = {
deploy.targets.ostara = { deploy.targets.ostara = {
tf = { tf = {
@ -15,7 +15,7 @@
network.nodes.ostara = { network.nodes.ostara = {
imports = lib.hostImport { imports = lib.hostImport {
hostName = "ostara"; hostName = "ostara";
inherit profiles; inherit profiles root;
}; };
networking = { networking = {
hostName = "ostara"; hostName = "ostara";

4
depot/hosts/samhain/meta.nix
View file

@ -1,4 +1,4 @@
{ lib, config, profiles, ... }: with lib; { { lib, config, root, profiles, ... }: with lib; {
config = { config = {
deploy.targets.personal = { deploy.targets.personal = {
tf = { tf = {
@ -15,7 +15,7 @@
network.nodes.samhain = { network.nodes.samhain = {
imports = lib.hostImport { imports = lib.hostImport {
hostName = "samhain"; hostName = "samhain";
inherit profiles; inherit profiles root;
}; };
networking = { networking = {
hostName = "samhain"; hostName = "samhain";

4
depot/hosts/yule/meta.nix
View file

@ -1,4 +1,4 @@
{ meta, profiles, config, lib, ... }: with lib; { { meta, profiles, config, root, lib, ... }: with lib; {
config = { config = {
deploy.targets.personal = { deploy.targets.personal = {
tf = { tf = {
@ -15,7 +15,7 @@
network.nodes.yule = { network.nodes.yule = {
imports = lib.hostImport { imports = lib.hostImport {
hostName = "yule"; hostName = "yule";
inherit profiles; inherit profiles root;
}; };
networking = { networking = {
hostName = "yule"; hostName = "yule";

5
depot/modules/home/default.nix
View file

@ -2,10 +2,11 @@
{ {
disabledModules = [ "programs/vim.nix" ]; disabledModules = [ "programs/vim.nix" ];
imports = with (import (sources.nixexprs + "/modules")).home-manager; [ base16 syncplay konawall i3gopher weechat shell ] ++ [ imports = with (import (sources.arcexprs + "/modules")).home-manager; [ base16 syncplay konawall i3gopher weechat shell ]
++ [
(import (sources.katexprs + "/modules")).home
./vim.nix ./vim.nix
./fvwm.nix ./fvwm.nix
./network.nix
./deploy.nix ./deploy.nix
./theme.nix ./theme.nix
./secrets.nix ./secrets.nix

79
depot/modules/home/network.nix
View file

@ -1,79 +0,0 @@
{ config, superConfig, lib, ... }:
with lib;
{
options.network = {
addresses = mkOption {
type = with types; attrsOf (submodule ({ name, ... }: {
options = {
enable = mkEnableOption "Is the system a part of the ${name} network?";
ipv4 = {
enable = mkOption {
type = types.bool;
};
address = mkOption {
type = types.str;
};
};
ipv6 = {
enable = mkOption {
type = types.bool;
};
address = mkOption {
type = types.str;
};
};
prefix = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
};
out = {
identifierList = mkOption {
type = types.listOf types.str;
default = if config.enable then singleton config.domain ++ config.out.addressList else [ ];
};
addressList = mkOption {
type = types.listOf types.str;
default = if config.enable then concatMap (i: optional i.enable i.address) [ config.ipv4 config.ipv6 ] else [ ];
};
};
};
}));
};
privateGateway = mkOption {
type = types.str;
};
tf = {
enable = mkEnableOption "Was the system provisioned by terraform?";
ipv4_attr = mkOption {
type = types.str;
};
ipv6_attr = mkOption {
type = types.str;
};
};
dns = {
isRoot = mkEnableOption "Is this system supposed to be the @ for the domain?";
email = mkOption {
type = types.nullOr types.str;
};
tld = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
};
dynamic = mkEnableOption "Enable Glauca Dynamic DNS Updater";
};
};
config = {
network.addresses = superConfig.network.addresses;
network.privateGateway = superConfig.network.privateGateway;
network.tf = superConfig.network.tf;
network.dns = superConfig.network.dns;
};
}

41
depot/modules/nixos/default.nix
View file

@ -1,26 +1,25 @@
{ meta, sources, lib, ... }: { meta, sources, lib, ... }:
{ {
imports = with (import (sources.nixexprs + "/modules")).nixos; [ base16 base16-shared modprobe ] ++ [ imports =
./nftables.nix with (import (sources.arcexprs + "/modules")).nixos; [ base16 base16-shared modprobe ]
./firewall.nix ++ [
./fusionpbx.nix (import (sources.katexprs + "/modules")).nixos
./deploy.nix ./deploy.nix
./dyndns.nix ./dyndns.nix
./network.nix ./secrets.nix
./secrets.nix (sources.tf-nix + "/modules/nixos/secrets.nix")
(sources.tf-nix + "/modules/nixos/secrets.nix") (sources.tf-nix + "/modules/nixos/secrets-users.nix")
(sources.tf-nix + "/modules/nixos/secrets-users.nix") (sources.hexchen + "/modules/network/yggdrasil")
(sources.hexchen + "/modules/network/yggdrasil") ];
];
options.hexchen.dns = lib.mkOption { }; options.hexchen.dns = lib.mkOption { };
options.hexchen.deploy = lib.mkOption { }; options.hexchen.deploy = lib.mkOption { };
/* /*
This maps hosts to network.nodes from the meta config. This is required for hexchen's yggdrasil network module. This maps hosts to network.nodes from the meta config. This is required for hexchen's yggdrasil network module.
*/ */
config = { config = {
_module.args.hosts = lib.mapAttrs (_: config: { inherit config; } ) meta.network.nodes; _module.args.hosts = lib.mapAttrs (_: config: { inherit config; } ) meta.network.nodes;
}; };
} }

80
depot/modules/nixos/firewall.nix
View file

@ -1,80 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.network.firewall;
in
{
options.network.firewall = {
public.tcp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
public.udp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
private.tcp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
private.udp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
public.tcp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
public.udp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
private.tcp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
private.udp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
public.interfaces = mkOption {
type = types.listOf types.str;
description = "Public firewall interfaces";
default = [ ];
};
private.interfaces = mkOption {
type = types.listOf types.str;
description = "Private firewall interfaces";
default = [ ];
};
};
config = {
networking.firewall.interfaces =
let
fwTypes = {
ports = "Ports";
ranges = "PortRanges";
};
interfaceDef = visibility:
listToAttrs (flatten (mapAttrsToList
(type: typeString:
map
(proto: {
name = "allowed${toUpper proto}${typeString}";
value = cfg.${visibility}.${proto}.${type};
}) [ "tcp" "udp" ])
fwTypes));
interfaces = visibility:
listToAttrs
(map (interface: nameValuePair interface (interfaceDef visibility))
cfg.${visibility}.interfaces);
in
mkMerge (map (visibility: interfaces visibility) [ "public" "private" ]);
};
}

415
depot/modules/nixos/fusionpbx.nix
View file

@ -1,415 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.fusionpbx;
toKeyValue = generators.toKeyValue {
mkKeyValue = generators.mkKeyValueDefault {} " = ";
};
php = "${pkgs.php74}/bin/php";
psql_base = "${pkgs.postgresql_11}/bin/psql";
psql = if ! cfg.useLocalPostgreSQL then
"${psql_base} --host=${cfg.postgres.host} --port=${cfg.postgres.port} --username=${cfg.postgres.db_username}"
else psql_base;
freeSwitchConfig = pkgs.writeShellScriptBin "copy_config" ''
set -exu
if [[ ! -f "${cfg.home}/state/installed" ]]; then
mkdir -p /etc/freeswitch
cp --no-preserve=mode,ownership -r ${cfg.package}/resources/templates/conf/* /etc/freeswitch
fi
'';
installerReplacement = pkgs.writeShellScriptBin "installer_replacement" ''
set -exu
if [[ ! -f "${cfg.home}/state/installed" ]]; then
mkdir -p /var/lib/fusionpbx
${if ! cfg.useLocalPostgreSQL then "PGPASSWORD=${cfg.postgres.db_password}" else ""}
${php} ${cfg.package}/core/upgrade/upgrade_schema.php
domain_uuid=$(${php} ${cfg.package}/resources/uuid.php);
domain_name=${cfg.domain}
${psql} -c "insert into v_domains (domain_uuid, domain_name, domain_enabled) values('$domain_uuid', '$domain_name', 'true');"
cd "${cfg.package}" && ${php} ${cfg.package}/core/upgrade/upgrade_domains.php
user_uuid=$(${php} ${cfg.package}/resources/uuid.php);
user_salt=$(${php} ${cfg.package}/resources/uuid.php);
password_hash=$(${php} -r "echo md5('$user_salt$USER_PASSWORD');");
${psql} -t -c "insert into v_users (user_uuid, domain_uuid, username, password, salt, user_enabled) values('$user_uuid', '$domain_uuid', '$USER_NAME', '$password_hash', '$user_salt', 'true');"
group_uuid=$(${psql} -qtAX -c "select group_uuid from v_groups where group_name = 'superadmin';");
group_uuid=$(echo $group_uuid | sed 's/^[[:blank:]]*//;s/[[:blank:]]*$//')
user_group_uuid=$(${php} ${cfg.package}/resources/uuid.php);
group_name=superadmin
#echo "insert into v_user_groups (user_group_uuid, domain_uuid, group_name, group_uuid, user_uuid) values('$user_group_uuid', '$domain_uuid', '$group_name', '$group_uuid', '$user_uuid');"
${psql} -c "insert into v_user_groups (user_group_uuid, domain_uuid, group_name, group_uuid, user_uuid) values('$user_group_uuid', '$domain_uuid', '$group_name', '$group_uuid', '$user_uuid');"
xml_cdr_username=$(dd if=/dev/urandom bs=1 count=20 2>/dev/null | base64 | sed 's/[=\+//]//g')
xml_cdr_password=$(dd if=/dev/urandom bs=1 count=20 2>/dev/null | base64 | sed 's/[=\+//]//g')
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_http_protocol}:http:"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_project_path}::"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"http:\/\/127.0.0.1:https:\/\/${cfg.domain}"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_user}:$xml_cdr_username:"
sed -i /etc/freeswitch/autoload_configs/xml_cdr.conf.xml -e s:"{v_pass}:$xml_cdr_password:"
cd "${cfg.package}" && ${php} ${cfg.package}/core/upgrade/upgrade_domains.php
mkdir -p ${cfg.home}/state
touch ${cfg.home}/state/installed
fi
'';
in {
options.services.fusionpbx = {
enable = mkEnableOption "Enable FusionPBX";
openFirewall = mkEnableOption "Open the firewall for FusionPBX" // { default = true; };
useLocalPostgreSQL = mkEnableOption "Use Local PostgreSQL for FusionPBX" // { default = true; };
postgres = {
host = mkOption {
type = types.nullOr types.str;
default = null;
};
port = mkOption {
type = types.nullOr types.port;
default = null;
};
db_name = mkOption {
type = types.nullOr types.str;
default = null;
};
db_username = mkOption {
type = types.nullOr types.str;
default = null;
};
db_password = mkOption {
type = types.nullOr types.str;
default = null;
};
};
environmentFile = mkOption {
type = types.str;
example = ''
USER_NAME="meow"
USER_PASSWORD="nya"
'';
};
hardphones = mkEnableOption "Are you going to use hardphones with FusionPBX?";
useWebrootACME = mkEnableOption "Do you want webroot-style ACME cert generation?";
useACMEHost = mkOption {
type = types.nullOr types.str;
default = null;
};
domain = mkOption {
type = types.str;
};
package = mkOption {
type = types.package;
description = "What package to use for FusionPBX?";
default = pkgs.fusionpbx;
relatedPackages = [
"fusionpbx"
];
};
freeSwitchPackage = mkOption {
type = types.package;
description = "What package to use for FreeSWITCH?";
default = pkgs.freeswitch;
relatedPackages = [
"freeswitch"
];
};
home = mkOption {
type = types.str;
default = "/var/lib/fusionpbx";
description = "Storage path for FusionPBX";
};
};
config = mkIf cfg.enable {
# User & Group Definition
users.users.fusionpbx = {
home = cfg.home;
group = "fusionpbx";
createHome = true;
isSystemUser = true;
};
users.groups.fusionpbx.members = [
"fusionpbx"
config.services.nginx.user
];
# PostgreSQL
services.postgresql = mkIf cfg.useLocalPostgreSQL {
ensureUsers = [
{
name = "fusionpbx";
ensurePermissions = {
"DATABASE fusionpbx" = "ALL PRIVILEGES";
"DATABASE freeswitch" = "ALL PRIVILEGES";
};
}
];
ensureDatabases = [ "fusionpbx" "freeswitch" ];
};
# ACME
security.acme.certs = mkMerge [
(mkIf cfg.useWebrootACME {
${cfg.domain} = {
group = "fusionpbx";
};
})
(mkIf (cfg.useACMEHost != null) {
${cfg.useACMEHost} = {
postRun = ''
cat {cert,key,chain}.pem >> all.pem
ln -s all.pem agent.pem
ln -s all.pem dlts-srtp.pem
ln -s all.pem tls.pem
ln -s all.pem wss.pem
'';
};
})
];
# NGINX
services.nginx = {
enable = mkDefault true;
virtualHosts.${cfg.domain} = {
enableACME = cfg.useWebrootACME;
useACMEHost = cfg.useACMEHost;
forceSSL = true;
# forceSSL = true; # This might not make sense due to SSL-incapable hardphones?
root = cfg.package;
locations = {
"/" = {
index = "index.php";
};
"~ .htaccess".extraConfig = "deny all;";
"~ .htpassword".extraConfig = "deny all;";
"~^.+.(db)$".extraConfig = "deny all;";
"~ \\.php$" = {
extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_pass unix:${config.services.phpfpm.pools.fusionpbx.socket};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME ${cfg.package}$fastcgi_script_name;
'';
};
" = /core/upgrade/index.php".extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_pass unix:${config.services.phpfpm.pools.fusionpbx.socket};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME ${cfg.package}$fastcgi_script_name;
fastcgi_read_timeout 15m;
'';
};
/*
if ($uri !~* ^.*(provision|xml_cdr).*$) {
rewrite ^(.*) https://$host$1 permanent;
break;
}
*/
extraConfig = ''
client_max_body_size 80M;
client_body_buffer_size 128k;
#REST api
if ($uri ~* ^.*/api/.*$) {
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
break;
}
'' + optionalString cfg.hardphones ''
#algo
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})(\.(conf))?$" /app/provision/?mac=$1;
#mitel
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#grandstream
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
#grandstream-wave softphone by ext because Android doesn't pass MAC.
rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
#aastra
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#yealink common
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
#yealink mac
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
#polycom
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
#cisco
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
#Escene
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
#Vtech
rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
#Digium
rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg";
rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
'';
};
};
# PHP 7.4
services.phpfpm = {
pools.fusionpbx = {
user = "fusionpbx";
group = "fusionpbx";
phpEnv = {
PATH = "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin";
};
settings = {
"pm" = "dynamic";
"pm.max_children" = "32";
"pm.start_servers" = "2";
"pm.min_spare_servers" = "2";
"pm.max_spare_servers" = "4";
"pm.max_requests" = "500";
"listen.owner" = "fusionpbx";
"listen.group" = config.services.nginx.group;
};
phpPackage = pkgs.php74.buildEnv {
extensions = { enabled, all }: (
with all;
enabled ++ [
imap
pgsql
curl
opcache
pdo
pdo_pgsql
soap
xmlrpc
gd
]
);
extraConfig = toKeyValue {
};
};
};
};
# FreeSWITCH
systemd.tmpfiles.rules = [
"v /etc/freeswitch 5777 fusionpbx fusionpbx"
"v /etc/fusionpbx 5777 fusionpbx fusionpbx"
"v /var/cache/fusionpbx 5777 fusionpbx fusionpbx"
];
systemd.services.freeswitch = let
pkg = cfg.freeSwitchPackage;
configPath = "/etc/freeswitch";
in {
description = "Free and open-source application server for real-time communication";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "fusionpbx";
Group = "fusionpbx";
StateDirectory = "freeswitch";
ExecStartPre = "${freeSwitchConfig}/bin/copy_config";
ExecStart = "${pkg}/bin/freeswitch -nf \\
-mod ${pkg}/lib/freeswitch/mod \\
-conf ${configPath} \\
-base /var/lib/freeswitch";
ExecReload = "${pkg}/bin/fs_cli -x reloadxml";
Restart = "on-failure";
RestartSec = "5s";
CPUSchedulingPolicy = "fifo";
};
};
systemd.services.fusionpbx = {
after = [ "network.target" ];
wantedBy = [ "freeswitch.service" ];
script = "${installerReplacement}/bin/installer_replacement";
serviceConfig = {
EnvironmentFile = cfg.environmentFile;
User = "fusionpbx";
Group = "fusionpbx";
Type = "oneshot";
StateDirectory = "fusionpbx";
};
};
# FusionPBX Config
environment.etc."fusionpbx/config.php" = {
user = "nginx";
group = "fusionpbx";
text = let
hostConfig = if cfg.useLocalPostgreSQL then ''
$db_type = 'pgsql';
$db_host = ''';
$db_port = ''';
$db_name = 'fusionpbx';
$db_username = 'fusionpbx';
$db_password = ''';
'' else ''
$db_type = 'pgsql';
$db_host = '${cfg.postgres.host}';
$db_port = '${toString cfg.postgres.port}';
$db_name = '${cfg.postgres.db_name}';
$db_username = '${cfg.postgres.db_username}';
$db_password = '${cfg.postgres.db_password}';
''; in ''
<?php
${hostConfig}
ini_set('display_errors', '1');
error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING);
?>
'';
};
# Firewall
network.firewall = mkIf cfg.openFirewall {
public = {
tcp = {
ports = [ 5060 5061 5080 5081 ];
ranges = [
{
from = 10000;
to = 20000;
}
];
};
udp = {
ports = [ 5060 5061 5080 5081 ];
ranges = [
{
from = 10000;
to = 20000;
}
];
};
};
};
};
}

174
depot/modules/nixos/network.nix
View file

@ -1,174 +0,0 @@
{ config, lib, tf, ... }:
with lib;
let
cfg = config.network;
in {
options.network = {
addresses = mkOption {
type = with types; attrsOf (submodule ({ name, options, config, ... }: {
options = {
enable = mkEnableOption "Is the system a part of the ${name} network?" // {
default = config.ipv4.enable || config.ipv6.enable;
};
ipv4 = {
enable = mkOption {
type = types.bool;
default = options.ipv4.address.isDefined;
};
address = mkOption {
type = types.str;
};
};
ipv6 = {
enable = mkOption {
type = types.bool;
default = options.ipv6.address.isDefined;
};
address = mkOption {
type = types.str;
};
};
prefix = mkOption {
type = types.nullOr types.str;
};
subdomain = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
default = "${config.subdomain}.${cfg.dns.domain}";
};
out = {
identifierList = mkOption {
type = types.listOf types.str;
default = if config.enable then singleton config.domain ++ config.out.addressList else [ ];
};
addressList = mkOption {
type = types.listOf types.str;
default = if config.enable then concatMap (i: optional i.enable i.address) [ config.ipv4 config.ipv6 ] else [ ];
};
};
};
}));
};
privateGateway = mkOption {
type = types.str;
default = "192.168.1.254";
};
tf = {
enable = mkEnableOption "Was the system provisioned by terraform?";
ipv4_attr = mkOption {
type = types.str;
default = "ipv4_address";
};
ipv6_attr = mkOption {
type = types.str;
default = "ipv6_address";
};
};
dns = {
isRoot = mkEnableOption "Is this system supposed to be the @ for the domain?"; # TODO
email = mkOption {
type = types.nullOr types.str;
};
tld = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
};
};
};
config = let
networks = cfg.addresses;
networksWithDomains = filterAttrs (_: v: v.subdomain != null && v.enable) networks;
in {
lib.kw.virtualHostGen = args: virtualHostGen ({ inherit config; } // args);
network = {
dns = {
email = "kat@kittywit.ch";
tld = "kittywit.ch.";
domain = builtins.substring 0 ((builtins.stringLength cfg.dns.tld) - 1) cfg.dns.tld;
};
addresses = {
private = {
prefix = "int";
subdomain = "${config.networking.hostName}.${cfg.addresses.private.prefix}";
};
public = mkMerge [
(mkIf cfg.tf.enable {
ipv4.address = mkIf (cfg.tf.ipv4_attr != null) (tf.resources."${config.networking.hostName}".refAttr config.network.tf.ipv4_attr);
ipv6.address = mkIf (cfg.tf.ipv6_attr != null) (tf.resources."${config.networking.hostName}".refAttr config.network.tf.ipv6_attr);
})
({
subdomain = "${config.networking.hostName}";
})
];
yggdrasil = mkIf cfg.yggdrasil.enable {
ipv6.address = cfg.yggdrasil.address;
prefix = "ygg";
subdomain = "${config.networking.hostName}.${cfg.addresses.yggdrasil.prefix}";
};
};
};
networking = mkIf cfg.addresses.private.enable {
inherit (config.network.dns) domain;
defaultGateway = cfg.privateGateway;
};
deploy.tf.dns.records = let
recordsV4 = mapAttrs' (n: v:
nameValuePair "node_${n}_${config.networking.hostName}_v4" {
enable = v.ipv4.enable;
tld = cfg.dns.tld;
domain = v.subdomain;
a.address = v.ipv4.address;
}) networksWithDomains;
recordsV6 = mapAttrs' (n: v:
nameValuePair "node_${n}_${config.networking.hostName}_v6" {
enable = v.ipv6.enable;
tld = cfg.dns.tld;
domain = v.subdomain;
aaaa.address = v.ipv6.address;
}) networksWithDomains;
in mkMerge [
recordsV4
recordsV6
(mkIf cfg.dns.isRoot {
"node_root_${config.networking.hostName}_v4" = {
enable = cfg.addresses.public.enable;
tld = cfg.dns.tld;
domain = "@";
a.address = cfg.addresses.public.ipv4.address;
};
"node_root_${config.networking.hostName}_v6" = {
enable = cfg.addresses.public.enable;
tld = cfg.dns.tld;
domain = "@";
aaaa.address = cfg.addresses.public.ipv6.address;
};
})
];
security.acme.certs = mkIf config.services.nginx.enable (mapAttrs' (n: v:
nameValuePair "cert_${n}_${config.networking.hostName}" {
inherit (v) domain;
dnsProvider = "rfc2136";
credentialsFile = config.secrets.files.dns_creds.path;
group = "nginx";
}) networksWithDomains);
services.nginx.virtualHosts = mkIf config.services.nginx.enable (mapAttrs' (n: v:
nameValuePair v.domain {
useACMEHost = "cert_${n}_${config.networking.hostName}";
forceSSL = true;
}) networksWithDomains);
_module.args = { inherit (config.lib) kw; };
};
}

134
depot/modules/nixos/nftables.nix
View file

@ -1,134 +0,0 @@
{ pkgs, lib, config, modulesPath, ... }:
let
fwcfg = config.networking.firewall;
cfg = config.network.nftables;
doDocker = config.virtualisation.docker.enable && cfg.generateDockerRules;
mkPorts = cond: ports: ranges: action: let
portStrings = (map (range: "${toString range.from}-${toString range.to}") ranges)
++ (map toString ports);
in lib.optionalString (portStrings != []) ''
${cond} dport { ${lib.concatStringsSep ", " portStrings} } ${action}
'';
ruleset = ''
table inet filter {
chain input {
type filter hook input priority filter
policy ${cfg.inputPolicy}
icmpv6 type { echo-request, echo-reply, mld-listener-query, mld-listener-report, mld-listener-done, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, packet-too-big } accept
icmp type echo-request accept
ct state invalid drop
ct state established,related accept
iifname { ${
lib.concatStringsSep "," (["lo"] ++ fwcfg.trustedInterfaces)
} } accept
${mkPorts "tcp" fwcfg.allowedTCPPorts fwcfg.allowedTCPPortRanges "accept"}
${mkPorts "udp" fwcfg.allowedUDPPorts fwcfg.allowedUDPPortRanges "accept"}
${
lib.concatStringsSep "\n" (lib.mapAttrsToList (name: ifcfg:
mkPorts "iifname ${name} tcp" ifcfg.allowedTCPPorts ifcfg.allowedTCPPortRanges "accept"
+ mkPorts "iifname ${name} udp" ifcfg.allowedUDPPorts ifcfg.allowedUDPPortRanges "accept"
) fwcfg.interfaces)
}
# DHCPv6
ip6 daddr fe80::/64 udp dport 546 accept
${cfg.extraInput}
counter
}
chain output {
type filter hook output priority filter
policy ${cfg.outputPolicy}
${cfg.extraOutput}
counter
}
chain forward {
type filter hook forward priority filter
policy ${cfg.forwardPolicy}
${lib.optionalString doDocker ''
oifname docker0 ct state invalid drop
oifname docker0 ct state established,related accept
iifname docker0 accept
''}
${cfg.extraForward}
counter
}
}
${lib.optionalString doDocker ''
table ip nat {
chain docker-postrouting {
type nat hook postrouting priority 10
iifname docker0 masquerade
}
}
''}
${cfg.extraConfig}
'';
in {
options = with lib; {
network.nftables = {
enable = mkEnableOption "nftables firewall";
extraConfig = mkOption {
type = types.lines;
default = "";
};
extraInput = mkOption {
type = types.lines;
default = "";
};
extraOutput = mkOption {
type = types.lines;
default = "";
};
extraForward = mkOption {
type = types.lines;
default = "";
};
inputPolicy = mkOption {
type = types.str;
default = "drop";
};
outputPolicy = mkOption {
type = types.str;
default = "accept";
};
forwardPolicy = mkOption {
type = types.str;
default = "accept";
};
generateDockerRules = mkOption {
type = types.bool;
default = true;
};
};
};
config = lib.mkIf cfg.enable {
networking.firewall.enable = false;
networking.nftables = {
enable = true;
inherit ruleset;
};
virtualisation.docker = lib.mkIf doDocker {
extraOptions = "--iptables=false";
};
};
}

1
depot/profiles/base/default.nix
View file

@ -7,6 +7,7 @@
users.arc users.arc
users.hexchen users.hexchen
./system.nix ./system.nix
./dns.nix
./home.nix ./home.nix
./profiles.nix ./profiles.nix
./shell.nix ./shell.nix

8
depot/profiles/base/dns.nix Normal file
View file

@ -0,0 +1,8 @@
{ config, ... }:
{
network.dns = {
email = "kat@kittywit.ch";
tld = "kittywit.ch.";
};
}

8
depot/profiles/base/nix.nix
View file

@ -4,11 +4,17 @@
boot.loader.grub.configurationLimit = 8; boot.loader.grub.configurationLimit = 8;
boot.loader.systemd-boot.configurationLimit = 8; boot.loader.systemd-boot.configurationLimit = 8;
environment.systemPackages = [
(pkgs.writeShellScriptBin "nixFlakes" ''
exec ${pkgs.nixUnstable}/bin/nix --experimental-features "nix-command flakes" "$@"
'')
];
nix = { nix = {
nixPath = [ nixPath = [
"nixpkgs=${sources.nixpkgs}" "nixpkgs=${sources.nixpkgs}"
"nur=${sources.nur}" "nur=${sources.nur}"
"arc=${sources.nixexprs}" "arc=${sources.arcexprs}"
"ci=${sources.ci}" "ci=${sources.ci}"
]; ];
sandboxPaths = [ sandboxPaths = [

10
depot/profiles/vfio/default.nix
View file

@ -2,12 +2,16 @@
with lib; with lib;
{ let
win10-screenstub = pkgs.writeShellScriptBin "win10-screenstub" ''
${pkgs.screenstub-kat}/bin/screenstub -c "${./screenstub.yml}" x
'';
in {
deploy.profile.vfio = true; deploy.profile.vfio = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
screenstub screenstub-kat
kat-vm win10-vm
ddcutil ddcutil
]; ];

8
depot/services/fusionpbx/default.nix
View file

@ -40,4 +40,12 @@
package = with pkgs; fusionpbxWithApps [ fusionpbx-apps.sms ]; package = with pkgs; fusionpbxWithApps [ fusionpbx-apps.sms ];
freeSwitchPackage = with pkgs; freeswitch; freeSwitchPackage = with pkgs; freeswitch;
}; };
services.nginx.virtualHosts."altar.kittywit.ch" = {
locations = {
"app/sms/hook/" = {
proxyPass = "http://pbx.kittywit.ch/app/sms/hook";
};
};
};
} }

2
depot/services/katsplash/default.nix
View file

@ -1,6 +1,6 @@
{ config, pkgs, kw, ... }: { config, pkgs, kw, ... }:
let splashy = pkgs.kat-splash config.networking.hostName; in { let splashy = pkgs.host-splash-site config.networking.hostName; in {
services.nginx.virtualHosts = kw.virtualHostGen { services.nginx.virtualHosts = kw.virtualHostGen {
networkFilter = ["private"]; networkFilter = ["private"];
block.locations."/" = { root = splashy; }; block.locations."/" = { root = splashy; };

2
depot/services/website/default.nix
View file

@ -5,7 +5,7 @@
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"${config.network.dns.domain}" = { "${config.network.dns.domain}" = {
root = pkgs.kat-website; root = pkgs.kittywitch-site;
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
}; };

20
depot/users/kairi/base.nix
View file

@ -1,20 +0,0 @@
{ config, pkgs, lib, ... }:
{
home-manager.users.kairi = {
imports = [ ./base ];
home.stateVersion = "20.09";
};
users.users.kairi = {
uid = 1003;
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocjQqiDIvzq+Qu3jkf7FXw5piwtvZ1Mihw9cVjdVcsra3U2c9WYtYrA3rS50N3p00oUqQm9z1KUrvHzdE+03ZCrvaGdrtYVsaeoCuuvw7qxTQRbItTAEsfRcZLQ5c1v/57HNYNEsjVrt8VukMPRXWgl+lmzh37dd9w45cCY1QPi+JXQQ/4i9Vc3aWSe4X6PHOEMSBHxepnxm5VNHm4PObGcVbjBf0OkunMeztd1YYA9sEPyEK3b8IHxDl34e5t6NDLCIDz0N/UgzCxSxoz+YJ0feQuZtud/YLkuQcMxW2dSGvnJ0nYy7SA5DkW1oqcy6CGDndHl5StOlJ1IF9aGh0gGkx5SRrV7HOGvapR60RphKrR5zQbFFka99kvSQgOZqSB3CGDEQGHv8dXKXIFlzX78jjWDOBT67vA/M9BK9FS2iNnBF5x6shJ9SU5IK4ySxq8qvN7Us8emkN3pyO8yqgsSOzzJT1JmWUAx0tZWG/BwKcFBHfceAPQl6pwxx28TM3BTBRYdzPJLTkAy48y6iXW6UYdfAPlShy79IYjQtEThTuIiEzdzgYdros0x3PDniuAP0KOKMgbikr0gRa6zahPjf0qqBnHeLB6nHAfaVzI0aNbhOg2bdOueE1FX0x48sjKqjOpjlIfq4WeZp9REr2YHEsoLFOBfgId5P3BPtpBQ== cardno:000612078454"
];
shell = pkgs.zsh;
extraGroups = [ "wheel" "video" "systemd-journal" ];
hashedPassword =
"$6$i28yOXoo$/WokLdKds5ZHtJHcuyGrH2WaDQQk/2Pj0xRGLgS8UcmY2oMv3fw2j/85PRpsJJwCB2GBRYRK5LlvdTleHd3mB.";
};
}

12
depot/users/kairi/base/base16.nix
View file

@ -1,12 +0,0 @@
{ config, ... }:
{
base16 = {
shell.enable = true;
schemes = [ "rebecca.rebecca" ];
};
# home.base16-shell = {
# enable = true;
# defaultTheme = "rebecca.rebecca";
# };
}

19
depot/users/kairi/base/default.nix
View file

@ -1,19 +0,0 @@
{ ... }:
{
imports = [
./vim
./zsh.nix
./git.nix
./kitty.nix
./tmux.nix
./base16.nix
./xdg.nix
./ssh.nix
./packages.nix
./weechat.nix
./inputrc.nix
./rink.nix
./secrets.nix
];
}

31
depot/users/kairi/base/git.nix
View file

@ -1,31 +0,0 @@
{ config, pkgs, lib, ... }:
{
home.packages = with pkgs; [
git-crypt
gitAndTools.gitRemoteGcrypt
gitAndTools.gitAnnex
git-revise
gitAndTools.git-annex-remote-b2
];
programs.git = {
enable = true;
package = pkgs.gitAndTools.gitFull;
userName = "kat witch";
userEmail = "kat@kittywit.ch";
extraConfig = {
init = { defaultBranch = "main"; };
protocol.gcrypt.allow = "always";
annex = {
autocommit = false;
backend = "BLAKE2B512";
synccontent = true;
};
};
signing = {
key = "01F50A29D4AA91175A11BDB17248991EFA8EFBEE";
signByDefault = true;
};
};
}

21
depot/users/kairi/base/inputrc.nix
View file

@ -1,21 +0,0 @@
{ config, ... }:
{
xdg.configFile."inputrc".text = ''
set editing-mode vi
set keyseq-timeout 1
set mark-symlinked-directories on
set completion-prefix-display-length 8
set show-all-if-ambiguous on
set show-all-if-unmodified on
set visible-stats on
set colored-stats on
set bell-style audible
set meta-flag on
set input-meta on
set convert-meta off
set output-meta on
'';
home.sessionVariables.INPUTRC = "${config.xdg.configHome}/inputrc";
}

6
depot/users/kairi/base/kitty.nix
View file

@ -1,6 +0,0 @@
{ config, pkgs, ... }:
{
# home.sessionVariables.TERMINFO_DIRS =
# "${pkgs.kitty.terminfo.outPath}/share/terminfo";
}

BIN
depot/users/kairi/base/nano.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 184 KiB

27
depot/users/kairi/base/packages.nix
View file

@ -1,27 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.packages = with pkgs; [
tmate
htop
fd
sd
duc
bat
exa
socat
rsync
wget
ripgrep
nixpkgs-fmt
pv
progress
zstd
file
whois
niv
dnsutils
borgbackup
neofetch
];
}

38
depot/users/kairi/base/rink.nix
View file

@ -1,38 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.packages = with pkgs; [
rink-readline
];
xdg.configFile."rink/config.toml".text = lib.toTOML {
colors = {
enabled = true;
theme = "my_theme";
};
currency = {
cache_duration = "1h";
enabled = true;
endpoint = "https://rinkcalc.app/data/currency.json";
timeout = "2s";
};
rink = {
long_output = true;
prompt = "> ";
};
themes = {
my_theme = {
date_time = "default";
doc_string = "italic";
error = "red";
number = "default";
plain = "default";
pow = "default";
prop_name = "cyan";
quantity = "dimmed cyan";
unit = "cyan";
user_input = "bold";
};
};
};
}

9
depot/users/kairi/base/secrets.nix
View file

@ -1,9 +0,0 @@
{ config, lib, ... }:
{
secrets = {
persistentRoot = config.xdg.cacheHome + "/kat/secrets";
external = true;
};
}

27
depot/users/kairi/base/ssh.nix
View file

@ -1,27 +0,0 @@
{ config, pkgs, lib, ... }:
{
programs.ssh = {
enable = true;
controlMaster = "auto";
controlPersist = "10m";
hashKnownHosts = true;
matchBlocks =
let
common = {
forwardAgent = true;
extraOptions = {
RemoteForward =
"/run/user/1000/gnupg/S.gpg-agent /run/user/1000/gnupg/S.gpg-agent.extra";
};
port = 62954;
};
in
{
"athame" = { hostname = "athame.kittywit.ch"; } // common;
"samhain" = { hostname = "192.168.1.135"; } // common;
"yule" = { hostname = "192.168.1.92"; } // common;
"ostara" = { hostname = "192.168.1.245"; } // common;
};
};
}

53
depot/users/kairi/base/tmux.nix
View file

@ -1,53 +0,0 @@
{ config, lib, pkgs, ... }:
{
programs.zsh.shellAliases = {
tt = "tmux new -AD -s";
};
programs.tmux = {
enable = true;
extraConfig = ''
# start from 1
set -g base-index 1
setw -g pane-base-index 1
# proper title handling
set -g set-titles on
set -g set-titles-string "#T"
# 256 color
set -g default-terminal "screen-256color"
# modes
setw -g clock-mode-colour colour5
setw -g mode-style 'fg=colour1 bg=colour18 bold'
# panes
set -g pane-border-style 'fg=colour19 bg=colour0'
set -g pane-active-border-style 'bg=colour0 fg=colour9'
# statusbar
set -g status-position bottom
set -g status-justify left
set -g status-style 'bg=colour18 fg=colour137 dim'
set -g status-left '''
set -g status-right '#[fg=colour233,bg=colour19] %F #[fg=colour233,bg=colour8] %H:%M:%S %Z'
set -g status-right-length 50
set -g status-left-length 20
setw -g window-status-current-style 'fg=colour1 bg=colour19 bold'
setw -g window-status-current-format ' #I#[fg=colour249]:#[fg=colour255]#W#[fg=colour249]#F '
setw -g window-status-style 'fg=colour9 bg=colour18'
setw -g window-status-format ' #I#[fg=colour237]:#[fg=colour250]#W#[fg=colour244]#F '
setw -g window-status-bell-style 'fg=colour255 bg=colour1 bold'
# messages
set -g message-style 'fg=colour232 bg=colour16 bold'
# mouse
set -g mouse on
'';
};
}

59
depot/users/kairi/base/vim/default.nix
View file

@ -1,59 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.sessionVariables.EDITOR = "vim";
programs.vim = {
enable = true;
settings = {};
package = pkgs.vim_configurable-pynvim;
#withPython3 = true;
plugins = with pkgs.vimPlugins; [
nerdtree
vim-nix
rust-vim
coc-nvim
coc-rust-analyzer
coc-yank
coc-python
coc-json
coc-yaml
coc-git
coc-css
coc-html
vim-fugitive
vim-startify
vim-airline
vim-airline-themes
vim-lastplace
base16-vim
];
#extraPackages = with pkgs;
# [ (python3.withPackages (ps: with ps; [ black flake8 ])) ];
#extraPython3Packages = (ps: with ps; [ jedi pylint ]);
extraConfig = import ./vimrc.nix { inherit pkgs config; };
};
xdg.dataFile = {
"vim/undo/.keep".text = "";
"vim/swap/.keep".text = "";
"vim/backup/.keep".text = "";
};
xdg.configFile = {
"vim/coc/coc-settings.json".text = builtins.toJSON {
"rust.rustfmt_path" = "${pkgs.rustfmt}/bin/rustfmt";
"rust-analyzer.serverPath" = "rust-analyzer";
"rust-analyzer.updates.prompt" = false;
"rust-analyzer.notifications.cargoTomlNotFound" = false;
"rust-analyzer.notifications.workspaceLoaded" = false;
"rust-analyzer.procMacro.enable" = true;
"rust-analyzer.cargo.loadOutDirsFromCheck" = true;
"rust-analyzer.cargo-watch.enable" =
true; # TODO: want some way to toggle this on-demand?
"rust-analyzer.completion.addCallParenthesis" =
false; # consider using this?
"rust-analyzer.hoverActions.linksInHover" = true;
"rust-analyzer.diagnostics.disabled" = [
"inactive-code" # it has strange cfg support..?
];
};
};
}

200
depot/users/kairi/base/vim/vimrc.nix
View file

@ -1,200 +0,0 @@
{ config, pkgs }:
''
source ${pkgs.writeText "vimrc" ''
set encoding=utf-8
scriptencoding utf-8
set list listchars=tab:»\ ,extends:,precedes:,nbsp:·,trail:
''}";
" Enable mouse
set mouse=a
set ttymouse=sgr
set viminfo='100000,<100000,s1000,h,n$XDG_DATA_HOME/vim/viminfo
" colors
let base16colorspace=256
colorscheme base16-default-dark
" tabline
let g:airline#extensions#tabline#enabled = 1
" notmuch!
let g:notmuch_config_file='${config.xdg.configHome}/notmuch/notmuchrc'
let g:notmuch_folders_count_threads=0
let g:notmuch_date_format='%y-%m-%d %H:%M'
let g:notmuch_datetime_format='%y-%m-%d %H:%M'
let g:notmuch_show_date_format='%Y/%m/%d %H:%M'
let g:notmuch_search_date_format='%Y/%m/%d %H:%M'
let g:notmuch_html_converter='${pkgs.elinks}/bin/elinks --dump'
" lastplace
let g:lastplace_ignore = "gitcommit,gitrebase,svn,hgcommit"
autocmd BufEnter * if tabpagenr('$') == 1 && winnr('$') == 1 && exists('b:NERDTree') && b:NERDTree.isTabTree() |
\ quit | endif
autocmd BufEnter * if bufname('#') =~ 'NERD_tree_\d\+' && bufname('%') !~ 'NERD_tree_\d\+' && winnr('$') > 1 |
\ let buf=bufnr() | buffer# | execute "normal! \<C-W>w" | execute 'buffer'.buf | endif
nnoremap <leader>n :NERDTreeFocus<CR>
nnoremap <C-n> :NERDTree<CR>
nnoremap <C-t> :NERDTreeToggle<CR>
nnoremap <C-f> :NERDTreeFind<CR>
let g:coc_node_path='${pkgs.nodejs}/bin/node'
let g:coc_config_home=$XDG_CONFIG_HOME . '/vim/coc'
set undodir=$XDG_DATA_HOME/vim/undo
set directory=$XDG_DATA_HOME/vim/swap//
set backupdir=$XDG_DATA_HOME/vim/backup
set ttimeoutlen=100
set number
set hidden
set nobackup
set nowritebackup
set cmdheight=2
set updatetime=300
set cursorline
set colorcolumn=100
set linebreak showbreak= "
set hlsearch
set relativenumber
set completeopt=longest,menuone
command Spaces set expandtab
command Tabs set noexpandtab
inoremap <silent><expr> <TAB>
\ pumvisible() ? "\<C-n>" :
\ <SID>check_back_space() ? "\<TAB>" :
\ coc#refresh()
inoremap <expr><S-TAB> pumvisible() ? "\<C-p>" : "\<C-h>"
function! s:check_back_space() abort
let col = col('.') - 1
return !col || getline('.')[col - 1] =~# '\s'
endfunction
" Use <c-space> to trigger completion.
if has('nvim')
inoremap <silent><expr> <c-space> coc#refresh()
else
inoremap <silent><expr> <c-@> coc#refresh()
endif
" Make <CR> auto-select the first completion item and notify coc.nvim to
" format on enter, <cr> could be remapped by other vim plugin
noremap <silent><expr> <C-cr> pumvisible() ? coc#_select_confirm()
\: "\<C-g>u\<CR>\<c-r>=coc#on_enter()\<CR>"
" Use `[g` and `]g` to navigate diagnostics
" Use `:CocDiagnostics` to get all diagnostics of current buffer in location list.
nmap <silent> [g <Plug>(coc-diagnostic-prev)
nmap <silent> ]g <Plug>(coc-diagnostic-next)
" GoTo code navigation.
nmap <silent> gd <Plug>(coc-definition)
nmap <silent> gy <Plug>(coc-type-definition)
nmap <silent> gi <Plug>(coc-implementation)
nmap <silent> gr <Plug>(coc-references)
" Use K to show documentation in preview window.
nnoremap <silent> K :call <SID>show_documentation()<CR>
function! s:show_documentation()
if (index(['vim','help'], &filetype) >= 0)
execute 'h '.expand('<cword>')
elseif (coc#rpc#ready())
call CocActionAsync('doHover')
else
execute '!' . &keywordprg . " " . expand('<cword>')
endif
endfunction
" Highlight the symbol and its references when holding the cursor.
autocmd CursorHold * silent call CocActionAsync('highlight')
" Symbol renaming.
nmap <leader>rn <Plug>(coc-rename)
" Formatting selected code.
xmap <leader>f <Plug>(coc-format-selected)
nmap <leader>f <Plug>(coc-format-selected)
augroup mygroup
autocmd!
" Setup formatexpr specified filetype(s).
autocmd FileType typescript,json setl formatexpr=CocAction('formatSelected')
" Update signature help on jump placeholder.
autocmd User CocJumpPlaceholder call CocActionAsync('showSignatureHelp')
augroup end
" Applying codeAction to the selected region.
" Example: `<leader>aap` for current paragraph
xmap <leader>a <Plug>(coc-codeaction-selected)
nmap <leader>a <Plug>(coc-codeaction-selected)
" Remap keys for applying codeAction to the current buffer.
nmap <leader>ac <Plug>(coc-codeaction)
" Apply AutoFix to problem on the current line.
nmap <leader>qf <Plug>(coc-fix-current)
" Map function and class text objects
" NOTE: Requires 'textDocument.documentSymbol' support from the language server.
xmap if <Plug>(coc-funcobj-i)
omap if <Plug>(coc-funcobj-i)
xmap af <Plug>(coc-funcobj-a)
omap af <Plug>(coc-funcobj-a)
xmap ic <Plug>(coc-classobj-i)
omap ic <Plug>(coc-classobj-i)
xmap ac <Plug>(coc-classobj-a)
omap ac <Plug>(coc-classobj-a)
" Remap <C-f> and <C-b> for scroll float windows/popups.
if has('nvim-0.4.0') || has('patch-8.2.0750')
nnoremap <silent><nowait><expr> <C-f> coc#float#has_scroll() ? coc#float#scroll(1) : "\<C-f>"
nnoremap <silent><nowait><expr> <C-b> coc#float#has_scroll() ? coc#float#scroll(0) : "\<C-b>"
inoremap <silent><nowait><expr> <C-f> coc#float#has_scroll() ? "\<c-r>=coc#float#scroll(1)\<cr>" : "\<Right>"
inoremap <silent><nowait><expr> <C-b> coc#float#has_scroll() ? "\<c-r>=coc#float#scroll(0)\<cr>" : "\<Left>"
vnoremap <silent><nowait><expr> <C-f> coc#float#has_scroll() ? coc#float#scroll(1) : "\<C-f>"
vnoremap <silent><nowait><expr> <C-b> coc#float#has_scroll() ? coc#float#scroll(0) : "\<C-b>"
endif
" Use CTRL-S for selections ranges.
" Requires 'textDocument/selectionRange' support of language server.
nmap <silent> <C-s> <Plug>(coc-range-select)
xmap <silent> <C-s> <Plug>(coc-range-select)
" Add `:Format` command to format current buffer.
command! -nargs=0 Format :call CocAction('format')
" Add `:Fold` command to fold current buffer.
command! -nargs=? Fold :call CocAction('fold', <f-args>)
" Add `:OR` command for organize imports of the current buffer.
command! -nargs=0 OR :call CocAction('runCommand', 'editor.action.organizeImport')
" Add (Neo)Vim's native statusline support.
" NOTE: Please see `:h coc-status` for integrations with external plugins that
" provide custom statusline: lightline.vim, vim-airline.
set statusline^=%{coc#status()}%{get(b:,'coc_current_function',''')}
" Mappings for CoCList
" Show all diagnostics.
nnoremap <silent><nowait> <space>a :<C-u>CocList diagnostics<cr>
" Manage extensions.
nnoremap <silent><nowait> <space>e :<C-u>CocList extensions<cr>
" Show commands.
nnoremap <silent><nowait> <space>c :<C-u>CocList commands<cr>
" Find symbol of current document.
nnoremap <silent><nowait> <space>o :<C-u>CocList outline<cr>
" Search workspace symbols.
nnoremap <silent><nowait> <space>s :<C-u>CocList -I symbols<cr>
" Do default action for next item.
nnoremap <silent><nowait> <space>j :<C-u>CocNext<CR>
" Do default action for previous item.
nnoremap <silent><nowait> <space>k :<C-u>CocPrev<CR>
" Resume latest coc list.
nnoremap <silent><nowait> <space>p :<C-u>CocListResume<CR>
''

182
depot/users/kairi/base/weechat.nix
View file

@ -1,182 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
{
programs.weechat = {
init = lib.mkMerge [
(lib.mkBefore ''
/server add espernet athame.kittywit.ch/5001 -ssl -autoconnect
/matrix server add kittywitch kittywit.ch
/key bind meta-g /go
/key bind meta-v /input jump_last_buffer_displayed
/key bind meta-c /buffer close
/key bind meta-n /bar toggle nicklist
/key bind meta-b /bar toggle buflist
/relay add weechat 9000
'')
(lib.mkAfter ''
/matrix connect kittywitch
/window splith +10
/window 2
/buffer highmon
/window 1
'')
];
homeDirectory = "${config.xdg.dataHome}/weechat";
plugins.python = {
enable = true;
packages = [ "weechat-matrix" ];
};
plugins.perl = {
enable = true;
};
scripts = with pkgs.weechatScripts; [
go
auto_away
autosort
colorize_nicks
unread_buffer
urlgrab
vimode-git
weechat-matrix
title
highmon
];
config = with mapAttrs (_: toString) pkgs.base16.shell.shell256; {
logger.level.irc = 0;
logger.level.python.matrix = 0;
logger.level.core.weechat = 0;
buflist = {
format = {
indent = "\${if:\${merged}?\${if:\${buffer.prev_buffer.number}!=\${buffer.number}?:\${if:\${buffer.next_buffer.number}==\${buffer.number}?:\${if:\${buffer.next_buffer.name}=~^server||\${buffer.next_buffer.number}<0?:}}}:\${if:\${buffer.active}>0?\${if:\${buffer.next_buffer.name}=~^server?:\${if:\${buffer.next_buffer.number}>0?:}}:\${if:\${buffer.next_buffer.name}=~^server? :}}}";
buffer_current = "\${color:,${base01}}\${format_buffer}";
hotlist = " \${color:${base0B}}(\${hotlist}\${color:${base0B}})";
hotlist_highlight = "\${color:${base0F}}";
hotlist_low = "\${color:${base06}}";
hotlist_message = "\${color:${base0E}}";
hotlist_none = "\${color:${base05}}";
hotlist_private = "\${color:${base0A}}";
hotlist_separator = "\${color:${base04}},";
number = "\${color:${base0A}}\${number}\${if:\${number_displayed}?.: }";
};
};
weechat = {
look = {
mouse = true;
separator_horizontal = "";
read_marker_string = "";
prefix_same_nick = "";
};
color = {
chat_nick_self = base0F;
separator = base0A;
chat_read_marker = base0D;
chat_read_marker_bg = base03;
};
bar = {
buflist = {
size_max = 24;
color_delim = base0A;
};
input = {
items = "[input_prompt]+(away),[input_search],[input_paste],input_text,[vi_buffer]";
color_delim = base0A;
conditions = "\${window.buffer.full_name} != perl.highmon";
};
nicklist = {
size_max = 18;
color_delim = base0A;
};
status = {
color_bg = base01;
color_fg = base05;
color_delim = base0A;
items = "[time],mode_indicator,[buffer_last_number],[buffer_plugin],buffer_number+:+buffer_name+(buffer_modes)+{buffer_nicklist_count}+matrix_typing_notice+buffer_zoom+buffer_filter,scroll,[lag],[hotlist],completion,cmd_completion";
conditions = "\${window.buffer.full_name} != perl.highmon";
};
title = {
color_bg = base01;
color_fg = base05;
color_delim = base0A;
conditions = "\${window.buffer.full_name} != perl.highmon";
};
};
};
urlgrab.default.copycmd = "${pkgs.wl-clipboard}/bin/wl-copy";
plugins.var = {
python = {
title = {
title_prefix = "weechat - ";
show_hotlist = true;
current_buffer_suffix = " [";
title_suffix = " ]";
};
vimode = {
copy_clipboard_cmd = "wl-copy";
paste_clipboard_cmd = "wl-paste --no-newline";
imap_esc_timeout = "100";
search_vim = true;
user_mappings = builtins.toJSON {
"," = "/buffer #{1}<CR>";
"``" = "/input jump_last_buffer_displayed<CR>";
"`n" = "/input jump_smart<CR>";
"k" = "/input history_previous<CR>";
"j" = "/input history_next<CR>";
"p" = "a/input clipboard_paste<ICMD><ESC>";
"P" = "/input clipboard_paste<CR>";
#"u" = "/input undo<CR>";
#"\\x01R" = "/input redo<CR>";
"\\x01K" = "/buffer move -1<CR>";
"\\x01J" = "/buffer move +1<CR>";
};
user_mappings_noremap = builtins.toJSON {
"\\x01P" = "p";
"/" = "i/";
};
user_search_mapping = "?";
mode_indicator_cmd_color_bg = base01;
mode_indicator_cmd_color = base04;
mode_indicator_insert_color_bg = base01;
mode_indicator_insert_color = base04;
mode_indicator_normal_color_bg = base01;
mode_indicator_normal_color = base04;
mode_indicator_replace_color_bg = base01;
mode_indicator_replace_color = base0E;
mode_indicator_search_color_bg = base0A;
mode_indicator_search_color = base04;
no_warn = true;
};
notify_send.icon = "";
go.short_name = true;
};
perl.highmon = {
short_names = "on";
output = "buffer";
merge_private = "on";
alignment = "nchannel,nick";
};
};
irc = {
look = {
server_buffer = "independent";
color_nicks_in_nicklist = true;
};
};
matrix = {
network = {
max_backlog_sync_events = 30;
lazy_load_room_users = true;
autoreconnect_delay_max = 5;
lag_min-show = 1000;
};
look = {
server_buffer = "independent";
redactions = "notice";
};
};
};
};
}

18
depot/users/kairi/base/xdg.nix
View file

@ -1,18 +0,0 @@
{ config, lib, ... }:
{
xdg = {
enable = true;
userDirs = {
enable = true;
pictures = "$HOME/media";
videos = "$HOME/media/videos";
documents = "$HOME/docs";
download = "$HOME/downloads";
desktop = "$HOME/tmp";
templates = "$HOME/tmp";
publicShare = "$HOME/shared";
music = "$HOME/media-share/music";
};
};
}

87
depot/users/kairi/base/zsh.nix
View file

@ -1,87 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
shellFunAlias = command: replacement: ''
if [[ ! -t 0 ]]; then
command ${command} $@
else
echo 'use ${replacement}!'
fi
'';
shellFunAliases = mapAttrs shellFunAlias;
in {
home.shell.functions = {
genmac = ''
nix run nixpkgs.openssl -c openssl rand -hex 6 | sed 's/\(..\)\(..\)\(..\)\(..\)\(..\)\(..\)/\1:\2:\3:\4:\5:\6/'
'';
nano = ''
${pkgs.wezterm}/bin/wezterm imgcat ${./nano.png}
'';
} // shellFunAliases {
sed = "sd";
find = "fd";
grep = "rg";
};
xdg.dataFile = { "z/.keep".text = ""; };
home.packages = with pkgs; [ fzf fd ];
programs.zsh = {
enable = true;
enableAutosuggestions = true;
shellAliases = {
nixdirfmt = "fd --color=never .nix | xargs nixpkgs-fmt";
exa = "exa --time-style long-iso";
ls = "exa -G";
la = "exa -Ga";
ll = "exa -l";
lla = "exa -lga";
sys = "systemctl";
log = "journalctl";
dmesg = "dmesg -HP";
lg = "log --no-pager | grep";
};
localVariables = {
_Z_DATA = "${config.xdg.dataHome}/z/data";
ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE = "fg=3,bold";
ZSH_AUTOSUGGEST_USE_ASYNC = 1;
};
plugins = [
(with pkgs.zsh-syntax-highlighting; {
name = "zsh-syntax-highlighting";
inherit src;
})
{
name = "z";
file = "z.sh";
src = pkgs.fetchFromGitHub {
owner = "rupa";
repo = "z";
rev = "9d5a3fe0407101e2443499e4b95bca33f7a9a9ca";
sha256 = "0aghw6zmd3851xpzgy0jkh25wzs9a255gxlbdr3zw81948qd9wb1";
};
}
{
name = "fzf-z";
src = pkgs.fetchFromGitHub {
owner = "andrewferrier";
repo = "fzf-z";
rev = "089ba6cacd3876c349cfb6b65dc2c3e68b478fd0";
sha256 = "1lvvkz0v4xibq6z3y8lgfkl9ibcx0spr4qzni0n925ar38s20q81";
};
}
];
oh-my-zsh = {
enable = true;
plugins = [ "git" "sudo" "adb" "cargo" "emoji" ];
};
};
programs.starship = {
enable = true;
enableZshIntegration = true;
};
programs.direnv = {
enable = true;
enableZshIntegration = true;
};
}

12
depot/users/kairi/default.nix
View file

@ -1,12 +0,0 @@
rec {
base = ./base.nix;
gui = ./gui.nix;
fvwm = ./fvwm.nix;
sway = ./sway.nix;
dev = ./dev.nix;
media = ./media.nix;
personal = ./personal.nix;
server = { imports = [ personal ]; };
guiFull = { imports = [ gui fvwm dev media personal ]; };
}

5
depot/users/kairi/dev.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./dev ]; };
}

9
depot/users/kairi/dev/cookiecutter.nix
View file

@ -1,9 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ cookiecutter ];
home.shell.functions.katenv = ''
cookiecutter cookiecutters --directory $1
'';
}

5
depot/users/kairi/dev/default.nix
View file

@ -1,5 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [ ./packages.nix ./cookiecutter.nix ];
}

5
depot/users/kairi/dev/packages.nix
View file

@ -1,5 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ hyperfine hexyl tokei horizon-eda ];
}

5
depot/users/kairi/fvwm.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./fvwm ]; };
}

13
depot/users/kairi/fvwm/default.nix
View file

@ -1,13 +0,0 @@
{ config, pkgs, ... }:
{
home.file = {
".xinitrc" = {
executable = true;
text = ''
#!${pkgs.bash}/bin/bash
exec fvwm
'';
};
};
}

5
depot/users/kairi/gui.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./gui ]; };
}

9
depot/users/kairi/gui/default.nix
View file

@ -1,9 +0,0 @@
{ config, ... }:
{
deploy.profile.gui = true;
imports = [ ./firefox ./kitty.nix ./packages.nix ./gtk.nix ./wezterm.nix ./foot.nix ./xdg.nix ./ranger.nix ];
fonts.fontconfig.enable = true;
}

57
depot/users/kairi/gui/firefox/default.nix
View file

@ -1,57 +0,0 @@
{ config, lib, pkgs, superConfig, ... }:
let
commonSettings = {
"app.update.auto" = false;
"identity.fxaccounts.account.device.name" = superConfig.networking.hostName;
"signon.rememberSignons" = false;
"browser.download.lastDir" = "/home/kairi/downloads";
"browser.urlbar.placeholderName" = "DuckDuckGo";
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
};
in
{
programs.zsh.shellAliases = {
ff-pm = "firefox --ProfileManager";
ff-main = "firefox -P main";
};
home.sessionVariables = {
XDG_CURRENT_DESKTOP = "sway";
};
programs.firefox = {
enable = true;
package = pkgs.firefox-wayland;
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
sponsorblock
auto-tab-discard
bitwarden
darkreader
decentraleyes
foxyproxy-standard
clearurls
df-youtube
https-everywhere
old-reddit-redirect
privacy-badger
reddit-enhancement-suite
refined-github
stylus
terms-of-service-didnt-read
#tree-style-tab
sidebery
multi-account-containers
ublock-origin
violentmonkey
];
profiles = {
main = {
id = 0;
isDefault = true;
settings = commonSettings // { };
userChrome = import ./userChrome.css.nix { profile = "main"; };
};
};
};
}

15
depot/users/kairi/gui/firefox/userChrome.css.nix
View file

@ -1,15 +0,0 @@
{ profile }:
''
#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar > .toolbar-items {
opacity: 0;
pointer-events: none;
}
#main-window:not([tabsintitlebar="true"]) #TabsToolbar {
visibility: collapse !important;
}
#sidebar-header {
display: none;
}
''

21
depot/users/kairi/gui/foot.nix
View file

@ -1,21 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
witch.style.base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
colors.ansi = builtins.concatStringsSep ", " (map (c: ''"#${c.hex.rgb}"'') (sublist 0 8 config.lib.arc.base16.schemeForAlias.default.shell.colours));
colors.brights = builtins.concatStringsSep ", " (map (c: ''"#${c.hex.rgb}"'') (sublist 8 8 config.lib.arc.base16.schemeForAlias.default.shell.colours));
in {
programs.foot = {
enable = true;
settings = {
main = {
term = "xterm-256color";
font = "FantasqueSansMono Nerd Font:size=10";
dpi-aware = "yes";
};
};
};
}

15
depot/users/kairi/gui/gtk.nix
View file

@ -1,15 +0,0 @@
{ config, lib, pkgs, ... }:
{
gtk = {
enable = true;
iconTheme = {
name = "Numix-Square";
package = pkgs.numix-icon-theme-square;
};
theme = {
name = "Adementary-dark";
package = pkgs.adementary-theme;
};
};
}

35
depot/users/kairi/gui/kitty.nix
View file

@ -1,35 +0,0 @@
{ config, lib, pkgs, witch, ... }:
let
witch.style.base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
witch.style.font = {
name = "Iosevka Nerd Font";
size = "10";
size_css = "14px";
};
in
{
wayland.windowManager.sway.extraSessionCommands = ''
export KITTY_CACHE_DIRECTORY="/tmp/kitty";
'';
programs.kitty = {
enable = true;
font.name = witch.style.font.name;
settings = {
font_size = witch.style.font.size;
# background = witch.style.base16.color0;
background_opacity = "0.9";
# foreground = witch.style.base16.color7;
# selection_background = witch.style.base16.color7;
# selection_foreground = witch.style.base16.color0;
# url_color = witch.style.base16.color3;
# cursor = witch.style.base16.color7;
# active_border_color = "#75715e";
# active_tab_background = "#9900ff";
# active_tab_foreground = witch.style.base16.color7;
# inactive_tab_background = "#3a3a3a";
# inactive_tab_foreground = "#665577";
}; # // witch.style.base16;
};
}

28
depot/users/kairi/gui/packages.nix
View file

@ -1,28 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.packages = with pkgs; [
_1password
bitwarden
wire-desktop
element-desktop
exiftool
thunderbird
mumble-develop
dino
transmission-remote-gtk
scrcpy
lm_sensors
p7zip
zip
unzip
nyxt
baresip
discord
tdesktop
yubikey-manager
vegur
gparted
cryptsetup
];
}

12
depot/users/kairi/gui/ranger.nix
View file

@ -1,12 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
ranger
];
xdg.configFile."ranger/rc.conf".text = ''
set preview_images true
set preview_images_method iterm2
'';
}

42
depot/users/kairi/gui/wezterm.nix
View file

@ -1,42 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
witch.style.base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
colors.ansi = builtins.concatStringsSep ", " (map (c: ''"#${c.hex.rgb}"'') (sublist 0 8 config.lib.arc.base16.schemeForAlias.default.shell.colours));
colors.brights = builtins.concatStringsSep ", " (map (c: ''"#${c.hex.rgb}"'') (sublist 8 8 config.lib.arc.base16.schemeForAlias.default.shell.colours));
in {
home.packages = [
pkgs.wezterm
];
xdg.configFile."wezterm/wezterm.lua".text = ''
local wezterm = require 'wezterm';
return {
term = "wezterm",
font = wezterm.font_with_fallback({"Iosevka Term","Twitter Color Emoji"}),
font_size = 9.0,
window_background_opacity = 0.9,
colors = {
ansi = {${colors.ansi}},
brights = {${colors.brights}},
background = "${witch.style.base16.base00}",
foreground = "${witch.style.base16.base05}",
tab_bar = {
background = "${witch.style.base16.base00}",
active_tab = {
bg_color = "${witch.style.base16.base0A}",
fg_color = "${witch.style.base16.base05}",
},
inactive_tab = {
bg_color = "${witch.style.base16.base01}",
fg_color = "${witch.style.base16.base03}",
},
},
},
}
'';
}

7
depot/users/kairi/gui/xdg.nix
View file

@ -1,7 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
xdg-utils
];
}

5
depot/users/kairi/media.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./media ]; };
}

18
depot/users/kairi/media/beets.nix
View file

@ -1,18 +0,0 @@
{ config, pkgs, lib, ... }:
{
programs.beets = {
enable = true;
package = pkgs.beets;
settings = {
directory = "~/media-share/music";
library = "~/.local/share/beets.db";
plugins = lib.concatStringsSep " " [
"mpdstats"
"mpdupdate"
"duplicates"
"chroma"
];
};
};
}

13
depot/users/kairi/media/default.nix
View file

@ -1,13 +0,0 @@
{ ... }:
{
imports = [
./mpv.nix
./obs.nix
./syncplay.nix
./beets.nix
./mpd.nix
./ncmpcpp.nix
./packages.nix
];
}

41
depot/users/kairi/media/mpd.nix
View file

@ -1,41 +0,0 @@
{ config, pkgs, ... }:
{
services.mpd = {
enable = true;
package = pkgs.mpd-youtube-dl;
network = {
startWhenNeeded = true;
listenAddress = "[::]";
};
musicDirectory = "/home/kairi/music";
extraConfig = ''
max_output_buffer_size "32768"
audio_output {
type "fifo"
name "my_fifo"
path "/tmp/mpd.fifo"
format "44100:16:2"
}
audio_output {
type "pulse"
name "speaker"
}
audio_output {
bind_to_address "[::]"
type "httpd"
name "httpd-high"
encoder "opus"
bitrate "96000"
port "32101"
max_clients "4"
format "48000:16:2"
always_on "yes"
tags "yes"
}
'';
};
}

111
depot/users/kairi/media/mpv.nix
View file

@ -1,111 +0,0 @@
{ config, lib, pkgs, ... }:
{
programs.mpv = {
enable = true;
scripts = [ pkgs.mpvScripts.sponsorblock pkgs.mpvScripts.paused ];
bindings =
let
vim = {
"l" = "seek 5";
"h" = "seek -5";
"k" = "seek 60";
"j" = "seek -60";
"Ctrl+l" = "seek 1 exact";
"Ctrl+h" = "seek -1 exact";
"Ctrl+L" = "sub-seek 1";
"Ctrl+H" = "sub-seek -1";
"Ctrl+k" = "add chapter 1";
"Ctrl+j" = "add chapter -1";
"Ctrl+K" = "playlist-next";
"Ctrl+J" = "playlist-prev";
"Alt+h" = "frame-back-step";
"Alt+l" = "frame-step";
"`" = "cycle mute";
"MBTN_RIGHT" = "cycle pause";
"w" = "screenshot";
"W" = "screenshot video";
"Ctrl+w" = "screenshot window";
"Ctrl+W" = "screenshot each-frame";
"o" = "show-progress";
"O" = "script-message show_osc_dur 5";
"F1" = "cycle sub";
"F2" = "cycle audio";
"Ctrl+p" = "cycle video";
"L" = "add volume 2";
"H" = "add volume -2";
"Alt+H" = "add audio-delay -0.100";
"Alt+L" = "add audio-delay 0.100";
"1" = "set volume 10";
"2" = "set volume 20";
"3" = "set volume 30";
"4" = "set volume 40";
"5" = "set volume 50";
"6" = "set volume 60";
"7" = "set volume 70";
"8" = "set volume 80";
"9" = "set volume 90";
")" = "set volume 150";
"0" = "set volume 100";
"m" = "cycle mute";
"Ctrl+r" = "loadfile \${path}";
"Ctrl+R" = "video-reload";
"d" = "drop-buffers";
"Ctrl+d" = "quit";
};
other = {
"RIGHT" = vim."l";
"LEFT" = vim."h";
"UP" = vim."k";
"DOWN" = vim."j";
"Ctrl+0" = "set speed 1.0";
"Ctrl+=" = "multiply speed 1.1";
"Ctrl+-" = "multiply speed 1/1.1";
"Shift+LEFT" = vim."H";
"Shift+RIGHT" = vim."L";
"Ctrl+RIGHT" = vim."Ctrl+l";
"Ctrl+LEFT" = vim."Ctrl+h";
"Ctrl+Shift+LEFT" = vim."Ctrl+H";
"Ctrl+Shift+RIGHT" = vim."Ctrl+L";
"Ctrl+UP" = vim."Ctrl+k";
"Ctrl+DOWN" = vim."Ctrl+j";
"Ctrl+Shift+UP" = vim."Ctrl+K";
"Ctrl+Shift+DOWN" = vim."Ctrl+J";
"Alt+LEFT" = vim."Alt+h";
"Alt+RIGHT" = vim."Alt+l";
"SPACE" = vim."MBTN_RIGHT";
"m" = vim."`";
"WHEEL_UP" = vim."L";
"WHEEL_DOWN" = vim."H";
}; in vim // other;
config = {
no-input-default-bindings = "";
profile = "gpu-hq";
gpu-context = "wayland";
vo = "gpu";
volume-max = 200;
keep-open = true;
opengl-waitvsync = true;
hwdec = "auto";
demuxer-max-bytes = "2000MiB";
demuxer-max-back-bytes = "250MiB";
osd-scale-by-window = false;
osd-bar-h = 2.5; # 3.125 default
osd-border-size = 2; # font border pixels, default 3
term-osd-bar = true;
script-opts = lib.concatStringsSep ","
(lib.mapAttrsToList (k: v: "${k}=${toString v}") {
osc-layout = "slimbox";
osc-vidscale = "no";
osc-deadzonesize = 0.75;
osc-minmousemove = 4;
osc-hidetimeout = 2000;
osc-valign = 0.9;
osc-timems = "yes";
osc-seekbarstyle = "knob";
osc-seekbarkeyframes = "no";
osc-seekrangestyle = "slider";
});
};
};
}

52
depot/users/kairi/media/ncmpcpp.nix
View file

@ -1,52 +0,0 @@
{ config, ... }:
{
programs.ncmpcpp = {
enable = true;
mpdMusicDir = "/home/kairi/music";
settings = {
visualizer_data_source = "/tmp/mpd.fifo";
visualizer_output_name = "my_fifo";
visualizer_in_stereo = "yes";
visualizer_type = "spectrum";
visualizer_look = "+|";
user_interface = "alternative";
colors_enabled = "yes";
discard_colors_if_item_is_selected = "no";
header_window_color = "250";
volume_color = "250";
state_line_color = "cyan";
state_flags_color = "cyan";
alternative_ui_separator_color = "yellow";
statusbar_color = "yellow";
progressbar_color = "black";
progressbar_elapsed_color = "blue";
window_border_color = "yellow";
playlist_display_mode = "classic";
song_columns_list_format =
"(3f)[cyan]{n} (40)[default]{t|f} (25)[red]{a} (30)[blue]{b} (4f)[cyan]{l}";
now_playing_prefix = "$b";
song_list_format =
" $7%n$9 $8-$9 $6%a$9 $8-$9 $5%b$9 $R $8%t$9 ($4%l$9) ";
song_library_format = "{%n > }{%t}|{%f}";
song_status_format = "{%a - }{%t - }{%b}";
titles_visibility = "no";
header_visibility = "no";
statusbar_visibility = "no";
now_playing_suffix = "$/b";
progressbar_look = " ";
media_library_primary_tag = "album_artist";
search_engine_display_mode = "columns";
};
bindings = [
{
key = "+";
command = "add";
}
{
key = "-";
command = "load";
}
];
};
}

10
depot/users/kairi/media/obs.nix
View file

@ -1,10 +0,0 @@
{ config, pkgs, ... }:
{
programs.obs-studio = {
enable = true;
plugins = [ pkgs.obs-studio-plugins.wlrobs ];
};
programs.zsh.shellAliases = { obs = "env QT_QPA_PLATFORM=xcb obs"; };
}

22
depot/users/kairi/media/packages.nix
View file

@ -1,22 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [
audacity
avidemux
gst_all_1.gstreamer.dev
gst_all_1.gstreamer
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-good
gst_all_1.gst-plugins-bad
gst_all_1.gst-plugins-ugly
vlc
imv
ffmpeg-full
youtube-dl
mkchromecast
v4l-utils
gimp-with-plugins
wf-recorder
];
}

31
depot/users/kairi/media/syncplay.nix
View file

@ -1,31 +0,0 @@
{ config, ... }:
{
programs.syncplay = {
enable = true;
username = "kat";
defaultRoom = "lounge";
server = { host = "sync.kittywit.ch"; };
playerArgs = [
"--ytdl-format=bestvideo[height<=1080]+bestaudio/best[height<=1080]/bestvideo+bestaudio/best"
];
# gui = false;
config = {
client_settings = {
onlyswitchtotrusteddomains = false;
autoplayrequiresamefiles = false;
readyatstart = true;
pauseonleave = false;
rewindondesync = false;
rewindthreshold = 6.0;
fastforwardthreshold = 6.0;
unpauseaction = "Always";
};
gui = {
#autosavejoinstolist = false;
showdurationnotification = false;
};
};
};
}

5
depot/users/kairi/personal.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./personal ]; };
}

5
depot/users/kairi/personal/default.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
imports = [ ./gpg.nix ./packages.nix ];
}

21
depot/users/kairi/personal/gpg.nix
View file

@ -1,21 +0,0 @@
{ config, lib, pkgs, ... }:
{
home.sessionVariables = {
SSH_AUTH_SOCK =
"\${SSH_AUTH_SOCK:-$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket)}";
};
services.gpg-agent = {
enable = true;
enableExtraSocket = true;
enableSshSupport = false;
pinentryFlavor = "gtk2";
extraConfig = lib.mkMerge [
"auto-expand-secmem 0x30000" # otherwise "gpg: public key decryption failed: Cannot allocate memory"
"pinentry-timeout 30"
"allow-loopback-pinentry"
"enable-ssh-support"
"no-allow-external-cache"
];
};
}

5
depot/users/kairi/personal/packages.nix
View file

@ -1,5 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ pinentry.gtk2 ];
}

5
depot/users/kairi/sway.nix
View file

@ -1,5 +0,0 @@
{ ... }:
{
home-manager.users.kairi = { imports = [ ./sway ]; };
}

14
depot/users/kairi/sway/default.nix
View file

@ -1,14 +0,0 @@
{ config, pkgs, ... }:
{
deploy.profile.sway = true;
imports = [
./waybar
./mako.nix
./sway.nix
./gammastep.nix
./konawall.nix
./packages.nix
];
}

9
depot/users/kairi/sway/gammastep.nix
View file

@ -1,9 +0,0 @@
{ config, lib, ... }:
{
services.gammastep = {
enable = true;
latitude = "51.5074";
longitude = "0.1278";
};
}

5
depot/users/kairi/sway/konawall.nix
View file

@ -1,5 +0,0 @@
{ config, ... }:
{
services.konawall = { enable = true; };
}

35
depot/users/kairi/sway/mako.nix
View file

@ -1,35 +0,0 @@
{ config, pkgs, lib, witch, ... }:
let
base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
font = {
name = "Iosevka Nerd Font";
size = "10";
size_css = "14px";
};
in
{
systemd.user.services = {
mako = {
Unit = {
Description = "mako";
X-Restart-Triggers =
[ (toString config.xdg.configFile."mako/config".source) ];
};
Service = {
ExecStart = "${pkgs.mako}/bin/mako";
Restart = "always";
};
Install = { WantedBy = [ "graphical-session.target" ]; };
};
};
programs.mako = {
enable = true;
defaultTimeout = 3000;
borderColor = base16.base0A;
backgroundColor = "${base16.base00}70";
textColor = base16.base05;
};
}

5
depot/users/kairi/sway/packages.nix
View file

@ -1,5 +0,0 @@
{ config, pkgs, ... }:
{
home.packages = with pkgs; [ kat-scrot ];
}

232
depot/users/kairi/sway/sway.nix
View file

@ -1,232 +0,0 @@
{ config, pkgs, lib, witch, ... }:
let
base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
font = {
name = "Iosevka";
size = 9.0;
size_css = "14px";
};
in
{
home.sessionVariables = {
XDG_CURRENT_DESKTOP = "sway";
XDG_SESSION_TYPE = "wayland";
};
home.packages = with pkgs; [ grim slurp wl-clipboard jq ];
services.i3gopher = { enable = true; };
programs.zsh.profileExtra = ''
# If running from tty1 start sway
if [ "$(tty)" = "/dev/tty1" ]; then
systemctl --user unset-environment \
SWAYSOCK \
I3SOCK \
WAYLAND_DISPLAY \
DISPLAY \
IN_NIX_SHELL \
__HM_SESS_VARS_SOURCED \
GPG_TTY \
NIX_PATH \
SHLVL
exec env --unset=SHLVL systemd-cat -t sway -- sway
fi
'';
wayland.windowManager.sway =
let
cfg = config.wayland.windowManager.sway.config;
bindsym = k: v: "bindsym ${k} ${v}";
bindWorkspace = key: workspace: {
"${cfg.modifier}+${key}" = "workspace number ${workspace}";
"${cfg.modifier}+shift+${key}" =
"move container to workspace number ${workspace}";
};
workspaceBindings = map (v: bindWorkspace v "${v}:${v}") [
"1"
"2"
"3"
"4"
"5"
"6"
"7"
"8"
"9"
] ++ [ (bindWorkspace "0" "10:10") ]
++ lib.imap1 (i: v: bindWorkspace v "${toString (10 + i)}:${v}") [
"F1"
"F2"
"F3"
"F4"
"F5"
"F6"
"F7"
"F8"
"F9"
"F10"
"F11"
"F12"
];
workspaceBindings' = map (lib.mapAttrsToList bindsym) workspaceBindings;
workspaceBindingsStr =
lib.concatStringsSep "\n" (lib.flatten workspaceBindings');
in
{
enable = true;
config =
let
dmenu =
"${pkgs.bemenu}/bin/bemenu --fn '${font.name} ${toString font.size}' --nb '${base16.base00}' --nf '${base16.base07}' --sb '${base16.base01}' --sf '${base16.base07}' -l 5 -m -1 -i";
in
{
bars = [{ command = "${pkgs.waybar}/bin/waybar"; }];
input = {
"*" = {
xkb_layout = "gb";
# xkb_variant = "nodeadkeys";
# xkb_options = "ctrl:nocaps";
};
};
fonts = {
names = [ font.name ];
style = "Medium";
size = font.size;
};
terminal = "${pkgs.wezterm}/bin/wezterm";
# TODO: replace with wofi
menu =
"${pkgs.j4-dmenu-desktop}/bin/j4-dmenu-desktop --dmenu=\"${dmenu}\" --term='${cfg.terminal}'";
modifier = "Mod4";
assigns = { "12:F2" = [{ class = "screenstub"; }]; };
startup = [
{
command = "systemctl --user restart mako";
always = true;
}
{ command = "mkchromecast -t"; }
{
command = "systemctl --user restart konawall.service";
always = true;
}
];
window = {
border = 1;
titlebar = true;
};
keybindings = {
"${cfg.modifier}+Return" = "exec ${cfg.terminal}";
"${cfg.modifier}+Left" = "focus left";
"${cfg.modifier}+Down" = "focus down";
"${cfg.modifier}+Up" = "focus up";
"${cfg.modifier}+Right" = "focus right";
"${cfg.modifier}+Shift+Left" = "move left";
"${cfg.modifier}+Shift+Down" = "move down";
"${cfg.modifier}+Shift+Up" = "move up";
"${cfg.modifier}+Shift+Right" = "move right";
"${cfg.modifier}+Shift+space" = "floating toggle";
"${cfg.modifier}+space" = "focus mode_toggle";
"${cfg.modifier}+Tab" = "workspace back_and_forth";
"${cfg.modifier}+Shift+Tab" =
"exec ${config.services.i3gopher.focus-last}";
"${cfg.modifier}+Ctrl+Left" = "workspace prev_on_output";
"${cfg.modifier}+Ctrl+Right" = "workspace next_on_output";
"XF86AudioRaiseVolume" =
"exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') +5%";
"XF86AudioLowerVolume" =
"exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') -5%";
"XF86AudioMute" =
"exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/{print $3}') toggle";
"XF86AudioMicMute" =
"exec pactl set-source-mute $(pacmd list-sources |awk '/* index:/{print $3}') toggle";
"XF86MonBrightnessDown" = "exec ${pkgs.light}/bin/light -U 5";
"XF86MonBrightnessUp" = "exec ${pkgs.light}/bin/light -A 5";
"${cfg.modifier}+d" = "exec ${cfg.menu}";
"${cfg.modifier}+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload screen";
"${cfg.modifier}+Shift+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload area";
"${cfg.modifier}+Mod1+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload window";
"${cfg.modifier}+Control+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload output";
"Print" = "exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys screen";
"Shift+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys area";
"Mod1+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys window";
"Control+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys output";
"${cfg.modifier}+i" = "move workspace to output left";
"${cfg.modifier}+o" = "move workspace to output right";
"${cfg.modifier}+b" = "splith";
"${cfg.modifier}+v" = "splitv";
"${cfg.modifier}+s" = "layout stacking";
"${cfg.modifier}+w" = "layout tabbed";
"${cfg.modifier}+e" = "layout toggle split";
"${cfg.modifier}+f" = "fullscreen";
"${cfg.modifier}+Shift+q" = "kill";
"${cfg.modifier}+Shift+c" = "reload";
"${cfg.modifier}+r" = "mode resize";
"${cfg.modifier}+Delete" = ''
mode "System (l) lock, (e) logout, (s) suspend, (h) hibernate, (r) reboot, (Shift+s) shutdown"'';
};
colors = {
focused = {
border = base16.base08;
background = base16.base0A;
text = base16.base00;
indicator = base16.base0B;
childBorder = base16.base08;
};
focusedInactive = {
border = base16.base00;
background = base16.base07;
text = base16.base0A;
indicator = base16.base0B;
childBorder = base16.base03;
};
unfocused = {
border = base16.base00;
background = base16.base01;
text = base16.base04;
indicator = base16.base08;
childBorder = base16.base08;
};
urgent = {
border = base16.base00;
background = base16.base09;
text = base16.base00;
indicator = base16.base01;
childBorder = base16.base08;
};
};
};
wrapperFeatures.gtk = true;
extraConfig = ''
seat seat0 xcursor_theme breeze_cursors 20
workspace_auto_back_and_forth yes
${workspaceBindingsStr}
'';
};
}

BIN
depot/users/kairi/sway/wallpapers/left.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 451 KiB

BIN
depot/users/kairi/sway/wallpapers/main.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 5.2 MiB

BIN
depot/users/kairi/sway/wallpapers/right.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.3 MiB

116
depot/users/kairi/sway/waybar/default.nix
View file

@ -1,116 +0,0 @@
{ config, lib, pkgs, witch, ... }:
let
base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
font = {
name = "Iosevka Nerd Font";
size = "10";
size_css = "12px";
};
in
{
config = lib.mkIf config.deploy.profile.sway {
programs.waybar = {
enable = true;
style = import ./waybar.css.nix {
inherit font base16;
inherit (pkgs) hextorgba;
};
settings = [{
modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ];
modules-center = [ ]; # "clock" "custom/weather"
modules-right = [
"pulseaudio"
"cpu"
"memory"
"temperature"
"backlight"
"battery"
#"mpd"
"network"
"custom/gpg-status"
#"custom/weather"
"clock"
"idle_inhibitor"
"tray"
];
modules = {
"sway/workspaces" = { format = "{name}"; };
#"custom/weather" = {
# format = "{}";
# interval = 3600;
# on-click = "xdg-open 'https://google.com/search?q=weather'";
# exec =
# "${pkgs.kat-weather}/bin/kat-weather ${witch.secrets.profiles.sway.city} ${witch.secrets.profiles.sway.api_key}";
#};
"custom/gpg-status" = {
format = "{}";
interval = 300;
exec = "${pkgs.kat-gpg-status}/bin/kat-gpg-status";
};
cpu = { format = " {usage}%"; };
#mpd = {
# format = " {albumArtist} - {title}";
# format-stopped = "ﱙ";
# format-paused = " Paused";
# title-len = 16;
#};
memory = { format = " {percentage}%"; };
temperature = { format = "{temperatureC}°C"; };
idle_inhibitor = {
format = "{icon}";
format-icons = {
activated = "";
deactivated = "";
};
};
backlight = {
format = "{icon} {percent}%";
format-icons = [ "" "" ];
on-scroll-up = "${pkgs.light}/bin/light -A 1";
on-scroll-down = "${pkgs.light}/bin/light -U 1";
};
battery = {
states = {
good = 90;
warning = 30;
critical = 15;
};
format = "{icon} {capacity}%";
format-charging = " {capacity}%";
format-plugged = " {capacity}%";
format-alt = "{icon} {time}";
format-icons = [ "" "" "" "" "" ];
};
pulseaudio = {
format = " {volume}%";
on-click = "pavucontrol";
};
network = {
format-wifi = "";
format-ethernet = "";
format-linked = " {ifname} (No IP)";
format-disconnected = " Disconnected ";
format-alt = " {ifname}: {ipaddr}/{cidr}";
tooltip-format-wifi = "{essid} ({signalStrength}%)";
};
clock = {
format = " {:%T %z}";
tooltip = true;
tooltip-format = "{:%A, %F %T %z (%Z)}";
timezones = [
"Europe/London"
"America/Vancouver"
"America/Chicago"
"Europe/Berlin"
"Pacific/Auckland"
];
interval = 1;
};
};
}];
};
};
}

73
depot/users/kairi/sway/waybar/waybar.css.nix
View file

@ -1,73 +0,0 @@
{ hextorgba, base16, font }:
''
* {
border: none;
border-radius: 0;
font-family: "${font.name}";
font-size: ${font.size_css};
min-height: 14px
}
#clock, #memory, #cpu, #temperature, #pulseaudio, #network, #mpd, #backlight, #battery, #custom-weather, #custom-gpg-status, #idle_inhibitor {
margin-left: 8px;
margin-right: 8px;
padding-left: 8px;
padding-right: 8px;
transition: none;
border-bottom: 2px solid ${base16.base00};
color: ${base16.base05}
}
window#waybar { background: ${hextorgba base16.base00} }
#tray {
margin-left: 8px;
}
#window {
color: ${base16.base06};
padding-left: 16px;
padding-right: 16px
}
#workspaces { padding: 0px 4px 0px 4px }
#workspaces button {
color: ${base16.base04};
background: ${hextorgba base16.base02};
font-size: 16px;
margin: 0px 4px 0px 4px;
border-bottom: 2px solid transparent;
border-left: 1px solid ${base16.base07};
border-right: 1px solid ${base16.base07}
}
#workspaces button:last-child { margin-right: 0px }
#workspaces button.focused {
color: ${base16.base0A};
border-bottom-color: ${base16.base0A}
}
#workspaces button:hover {
transition: none;
box-shadow: inherit;
text-shadow: inherit;
color: ${base16.base0F};
border-bottom-color: ${base16.base0F}
}
#mpd, #idle_inhibitor { border-color: #5af78e }
#mpd.disconnected, #mpd.stopped { border-color: #282a36 }
#network { border-color: ${base16.base08} }
#custom-weather { border-color: ${base16.base00} }
#custom-gpg-status { border-color: ${base16.base09} }
#pulseaudio { border-color: ${base16.base0A} }
#temperature { border-color: ${base16.base0B} }
#battery { border-color: ${base16.base0C} }
#backlight { border-color: ${base16.base0D} }
#cpu { border-color: ${base16.base0E} }
#memory { border-color: ${base16.base0F} }
#clock { border-color: ${base16.base06} }
''

4
depot/users/kat/gui/packages.nix
View file

@ -9,7 +9,7 @@
exiftool exiftool
thunderbird thunderbird
mumble-develop mumble-develop
dino dino-omemo
transmission-remote-gtk transmission-remote-gtk
scrcpy scrcpy
lm_sensors lm_sensors
@ -18,7 +18,7 @@
unzip unzip
nyxt nyxt
baresip baresip
discord discord-nssfix
tdesktop tdesktop
yubikey-manager yubikey-manager
cryptsetup cryptsetup

3
depot/users/kat/media/ncmpcpp.nix
View file

@ -1,9 +1,10 @@
{ config, ... }: { config, pkgs, ... }:
{ {
programs.ncmpcpp = { programs.ncmpcpp = {
enable = true; enable = true;
mpdMusicDir = "/home/kat/media-share/music"; mpdMusicDir = "/home/kat/media-share/music";
package = pkgs.ncmpcpp-kat;
settings = { settings = {
visualizer_data_source = "/tmp/mpd.fifo"; visualizer_data_source = "/tmp/mpd.fifo";
visualizer_output_name = "my_fifo"; visualizer_output_name = "my_fifo";

1
depot/users/kat/media/obs.nix
View file

@ -3,6 +3,7 @@
{ {
programs.obs-studio = { programs.obs-studio = {
enable = true; enable = true;
package = pkgs.obs-studio-pipewire;
plugins = [ pkgs.obs-studio-plugins.wlrobs ]; plugins = [ pkgs.obs-studio-plugins.wlrobs ];
}; };

7
depot/users/kat/sway/konawall.nix
View file

@ -1,5 +1,8 @@
{ config, ... }: { config, pkgs, ... }:
{ {
services.konawall = { enable = true; }; services.konawall = {
enable = true;
package = pkgs.konawall-sway;
};
} }

2
depot/users/kat/sway/packages.nix
View file

@ -1,5 +1,5 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
home.packages = with pkgs; [ kat-scrot ]; home.packages = with pkgs; [ sway-scrot ];
} }

16
depot/users/kat/sway/sway.nix
View file

@ -279,22 +279,22 @@ in
# screenshots - upload # screenshots - upload
"${cfg.modifier}+Print" = "${cfg.modifier}+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload screen"; "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify upload screen";
"${cfg.modifier}+Shift+Print" = "${cfg.modifier}+Shift+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload area"; "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify upload area";
"${cfg.modifier}+Mod1+Print" = "${cfg.modifier}+Mod1+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload window"; "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify upload window";
"${cfg.modifier}+Control+Print" = "${cfg.modifier}+Control+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify upload output"; "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify upload output";
# screenshots - clipboard # screenshots - clipboard
"Print" = "exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys screen"; "Print" = "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify copys screen";
"Shift+Print" = "Shift+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys area"; "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify copys area";
"Mod1+Print" = "Mod1+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys window"; "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify copys window";
"Control+Print" = "Control+Print" =
"exec ${pkgs.kat-scrot}/bin/kat-scrot --notify copys output"; "exec ${pkgs.sway-scrot}/bin/sway-scrot --notify copys output";
# layout handling # layout handling
"${cfg.modifier}+b" = "splith"; "${cfg.modifier}+b" = "splith";

6
depot/users/kat/sway/waybar/default.nix
View file

@ -52,15 +52,15 @@ in
format = "{}"; format = "{}";
interval = 300; interval = 300;
return-type = "json"; return-type = "json";
exec = "${pkgs.kat-gpg-status}/bin/kat-gpg-status"; exec = "${pkgs.waybar-gpg}/bin/kat-gpg-status";
}; };
"custom/konawall" = { "custom/konawall" = {
format = "{}"; format = "{}";
interval = "once"; interval = "once";
return-type = "json"; return-type = "json";
exec = "${pkgs.konawall-toggle}/bin/konawall-status"; exec = "${pkgs.waybar-konawall}/bin/konawall-status";
exec-on-event = true; exec-on-event = true;
on-click = "${pkgs.konawall-toggle}/bin/konawall-toggle"; on-click = "${pkgs.waybar-konawall}/bin/konawall-toggle";
on-click-right = "systemctl --user restart konawall"; on-click-right = "systemctl --user restart konawall";
}; };
cpu = { format = " {usage}%"; }; cpu = { format = " {usage}%"; };

25
lib/color-helpers.nix
View file

@ -1,25 +0,0 @@
{ lib }: rec {
hexChars =
[ "0" "1" "2" "3" "4" "5" "6" "7" "8" "9" "a" "b" "c" "d" "e" "f" ];
hexCharToInt = char:
let
pairs = lib.imap0 (lib.flip lib.nameValuePair) hexChars;
idx = builtins.listToAttrs pairs;
in
idx.${lib.toLower char};
hexToInt = str:
lib.foldl (value: chr: value * 16 + hexCharToInt chr) 0
(lib.stringToCharacters str);
hextorgba = hex: alpha:
(
let
r_hex = lib.substring 1 2 hex;
g_hex = lib.substring 3 2 hex;
b_hex = lib.substring 5 2 hex;
r_dec = hexToInt r_hex;
g_dec = hexToInt g_hex;
b_dec = hexToInt b_hex;
in
"rgba(${toString r_dec}, ${toString g_dec}, ${toString b_dec}, ${toString alpha})"
);
}

20
lib/default.nix
View file

@ -1,20 +0,0 @@
{ pkgs ? import <nixpkgs> { }
, lib ? pkgs.lib
# for internal use...
, super ? if !isOverlayLib then lib else { }
, self ? if isOverlayLib then lib else { }
, before ? if !isOverlayLib then lib else { }
, isOverlayLib ? false
}@args: let
colorHelpers = import ./color-helpers.nix { inherit lib; };
lib = before // katlib // self;
katlib = with before; with katlib; with self;
{
inherit (colorHelpers) hextorgba;
hostImport = import ./host-import.nix { inherit lib; };
virtualHostGen = import ./virtual-host-gen.nix { inherit lib; };
domainMerge = import ./domain-merge.nix { inherit lib; };
modListMerge = import ./intersect-merge.nix { inherit lib; };
modList = import ./module-list.nix { inherit lib; };
folderList = import ./folder-list.nix { inherit lib; };
}; in katlib

9
lib/domain-merge.nix
View file

@ -1,9 +0,0 @@
{ lib }: { folder, defaultFile ? "default.nix", folderPaths ? [ (../depot + "/${folder}") (../depot/trusted + "/${folder}") ] }: with lib; let
defaultFileFinal = if (defaultFile == "default.nix" && folder == "hosts") then
"meta.nix"
else defaultFile;
folderModLists = map (folderPath: modList {
modulesDir = folderPath;
defaultFile = defaultFileFinal;
}) (filter builtins.pathExists folderPaths);
in foldl modListMerge { } folderModLists

5
lib/folder-list.nix
View file

@ -1,5 +0,0 @@
{ lib }: path: excludes: let
filterAttrNamesToList = filter: set:
lib.foldl' (a: b: a ++ b) [ ]
(map (e: if (filter e set.${e}) then [ e ] else [ ]) (lib.attrNames set));
in (filterAttrNamesToList (name: type: ! (builtins.elem name excludes) && type == "directory") (builtins.readDir path))

12
lib/host-import.nix
View file

@ -1,12 +0,0 @@
{ lib }: { hostName, profiles }: with lib; filter builtins.pathExists [
(../depot/hosts + "/${hostName}/nixos.nix")
(../depot/trusted/hosts + "/${hostName}/nixos.nix")
] ++ (if builtins.isAttrs profiles.base then profiles.base.imports
else singleton profiles.base) ++ singleton {
home-manager.users.kat = {
imports = filter builtins.pathExists [
(../depot/hosts + "/${hostName}/home.nix")
(../depot/trusted/hosts + "/${hostName}/home.nix")
];
};
}

4
lib/intersect-merge.nix
View file

@ -1,4 +0,0 @@
{ lib }: pathsA: pathsB: with lib; let
pathIntersection = intersectLists (attrNames pathsA) (attrNames pathsB);
pathMerger = pathA: pathB: { imports = [ pathA pathB ]; };
in pathsA // pathsB // genAttrs pathIntersection (key: (pathMerger pathsA.${key} pathsB.${key}))

28
lib/module-list.nix
View file

@ -1,28 +0,0 @@
{ lib }: { modulesDir, defaultFile ? "default.nix", importAll ? false }:
with builtins;
let
isModule = m: lib.isFunction m && (m.isModule or true);
filterAttrNamesToList = filter: set:
foldl' (a: b: a ++ b) [ ]
(map (e: if (filter e set.${e}) then [ e ] else [ ]) (attrNames set));
nameValuePair = name: value: { inherit name value; };
listToAttrs = foldl' (acc: val: acc // { ${val.name} = val.value; }) { };
directories =
filterAttrNamesToList (_: type: type == "directory") (readDir modulesDir);
files = map (dir: nameValuePair dir (modulesDir + "/${dir}/${defaultFile}"))
(filter (f: builtins.pathExists (modulesDir + "/${f}/${defaultFile}")) directories);
modules = map
({ name, value }:
# if the file contains a function, assume it to be a module and pass the path
# (for dedup and such). if it contains anything else, pass that.
let m = import value;
in
{
inherit name;
value = if lib.isFunction m && ! isModule m then m { inherit lib; } else if isModule m && !importAll then value else m;
})
files;
in
(listToAttrs modules)

9
lib/virtual-host-gen.nix
View file

@ -1,9 +0,0 @@
{ lib }: { config, networkFilter ? [ ], addresses ? [ ], block }: with lib;
let
networks = config.network.addresses;
filteredNetworks = filterAttrs (n: v: elem n networkFilter && v.enable) networks;
networkValues = attrValues filteredNetworks;
addressList = concatMap (n: n.out.identifierList) networkValues;
hostBlocks = map (host: nameValuePair host block) addressList;
in listToAttrs hostBlocks

0
meta-base.nix → meta.nix
View file

Some files were not shown because too many files have changed in this diff Show more