diff --git a/config/common/default.nix b/config/common/default.nix index 09ce52ff..25c05042 100644 --- a/config/common/default.nix +++ b/config/common/default.nix @@ -1,7 +1,6 @@ { config, lib, pkgs, ... }: -let - sources = import ../../nix/sources.nix; +let sources = import ../../nix/sources.nix; in { imports = [ ../../modules ../users (sources.home-manager + "/nixos") ]; diff --git a/config/hosts/athame/configuration.nix b/config/hosts/athame/configuration.nix index b5b16f06..9902f086 100644 --- a/config/hosts/athame/configuration.nix +++ b/config/hosts/athame/configuration.nix @@ -23,7 +23,7 @@ ./matrix.nix ]; - meta.deploy.profiles = []; + meta.deploy.profiles = [ ]; meta.deploy.ssh.host = "athame.kittywit.ch"; boot.loader.grub.enable = true; diff --git a/config/hosts/athame/murmur.nix b/config/hosts/athame/murmur.nix index 6fa9c61e..f672ebef 100644 --- a/config/hosts/athame/murmur.nix +++ b/config/hosts/athame/murmur.nix @@ -2,22 +2,18 @@ let secrets = (import ../../../secrets.nix); in { - security.acme = { - certs."kittywit.ch" = { - group = "kittywit-ch"; - }; - }; + security.acme = { certs."kittywit.ch" = { group = "kittywit-ch"; }; }; - users.groups."kittywit-ch".members = ["murmur" "nginx"]; + users.groups."kittywit-ch".members = [ "murmur" "nginx" ]; - services.murmur = { - enable = true; + services.murmur = { + enable = true; - hostName = "kittywit.ch"; + hostName = "kittywit.ch"; - extraConfig = '' - sslCert=/var/lib/acme/kittywit.ch/fullchain.pem - sslKey=/var/lib/acme/kittywit.ch/key.pem - ''; - }; + extraConfig = '' + sslCert=/var/lib/acme/kittywit.ch/fullchain.pem + sslKey=/var/lib/acme/kittywit.ch/key.pem + ''; + }; } diff --git a/config/hosts/boline/configuration.nix b/config/hosts/boline/configuration.nix index cdbffe08..ce45a3c4 100644 --- a/config/hosts/boline/configuration.nix +++ b/config/hosts/boline/configuration.nix @@ -6,7 +6,7 @@ #./wireguard.nix ]; - meta.deploy.profiles = []; + meta.deploy.profiles = [ ]; meta.deploy.ssh.host = "boline.kittywit.ch"; boot.loader.grub.enable = true; diff --git a/config/hosts/samhain/configuration.nix b/config/hosts/samhain/configuration.nix index 6fab15e4..79420224 100644 --- a/config/hosts/samhain/configuration.nix +++ b/config/hosts/samhain/configuration.nix @@ -61,31 +61,31 @@ in { SUBSYSTEM=="i2c-dev", GROUP="users", MODE="0660" SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="fa58", ATTRS{idProduct}=="04d9", GROUP="users" SUBSYSTEM=="misc", KERNEL=="uinput", OPTIONS+="static_node=uinput", MODE="0660", GROUP="uinput" - SUBSYSTEM=="input", ACTION=="add", DEVPATH=="/devices/virtual/input/*", MODE="0660", GROUP="qemu-libvirtd", RUN+="${pkgs.writeShellScript "mewdev" "${pkgs.coreutils}/bin/echo 'c 13:* rw' > /sys/fs/cgroup/devices/machine.slice/machine-qemu*/devices.allow"}" + SUBSYSTEM=="input", ACTION=="add", DEVPATH=="/devices/virtual/input/*", MODE="0660", GROUP="qemu-libvirtd", RUN+="${ + pkgs.writeShellScript "mewdev" + "${pkgs.coreutils}/bin/echo 'c 13:* rw' > /sys/fs/cgroup/devices/machine.slice/machine-qemu*/devices.allow" + }" ''; environment.systemPackages = [ # pkgs.nur.repos.arc.packages.screenstub # for DDC/CI and input forwarding (currently disabled due to using changed source) pkgs.arc.pkgs.scream-arc # for audio forwarding - pkgs.screenstub # for input handling + pkgs.screenstub # for input handling pkgs.ddcutil # for diagnostics on DDC/CI pkgs.virt-manager # obvious reasons ]; home-manager.users.kat = { - # audio for vm on startup + # audio for vm on startup systemd.user.services = { scream = { - Unit = { - Description = "Scream - Audio forwarding from the VM."; - }; + Unit = { Description = "Scream - Audio forwarding from the VM."; }; Service = { - ExecStart = "${pkgs.arc.pkgs.scream-arc}/bin/scream -i virbr0 -o pulse"; + ExecStart = + "${pkgs.arc.pkgs.scream-arc}/bin/scream -i virbr0 -o pulse"; Restart = "always"; }; - Install = { - WantedBy = [ "default.target" ]; - }; + Install = { WantedBy = [ "default.target" ]; }; }; }; }; diff --git a/config/private b/config/private index 49b90f76..cd1e67c8 160000 --- a/config/private +++ b/config/private @@ -1 +1 @@ -Subproject commit 49b90f76775092bf2545db515c15afe596e4d6eb +Subproject commit cd1e67c8404e20e043f7343b05b960b349fe3b55 diff --git a/config/users/default.nix b/config/users/default.nix index 92386c79..66c099bb 100644 --- a/config/users/default.nix +++ b/config/users/default.nix @@ -4,6 +4,11 @@ imports = [ ./kat ]; users.users.root = { - openssh.authorizedKeys.keys = with pkgs.lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users); + openssh.authorizedKeys.keys = with pkgs.lib; + concatLists (mapAttrsToList (name: user: + if elem "wheel" user.extraGroups then + user.openssh.authorizedKeys.keys + else + [ ]) config.users.users); }; } diff --git a/config/users/kat/default.nix b/config/users/kat/default.nix index a3cb51da..0a20cc9b 100644 --- a/config/users/kat/default.nix +++ b/config/users/kat/default.nix @@ -21,18 +21,13 @@ ]; shell = pkgs.fish; extraGroups = [ "wheel" "video" ]; - packages = with pkgs; [ - git-crypt - gitAndTools.gitRemoteGcrypt - ]; + packages = with pkgs; [ git-crypt gitAndTools.gitRemoteGcrypt ]; }; home-manager.useGlobalPkgs = true; home-manager.users.kat = { - imports = [ - ./modules - ]; - + imports = [ ./modules ]; + programs.fish = { enable = true; shellAliases = { nixdirfmt = "fd --color=never .nix | xargs nixfmt"; }; @@ -57,9 +52,7 @@ package = pkgs.gitAndTools.gitFull; userName = "kat witch"; userEmail = "kat@kittywit.ch"; - extraConfig = { - protocol.gcrypt.allow = "always"; - }; + extraConfig = { protocol.gcrypt.allow = "always"; }; signing = { key = "01F50A29D4AA91175A11BDB17248991EFA8EFBEE"; signByDefault = true; diff --git a/config/users/kat/desktop.nix b/config/users/kat/desktop.nix index 6577ac2f..23301b48 100644 --- a/config/users/kat/desktop.nix +++ b/config/users/kat/desktop.nix @@ -1,7 +1,6 @@ { config, lib, pkgs, ... }: -let - sources = import ../../../nix/sources.nix; +let sources = import ../../../nix/sources.nix; in { imports = [ ./firefox ]; diff --git a/config/users/kat/modules/default.nix b/config/users/kat/modules/default.nix index 4e54c345..08fe0c30 100644 --- a/config/users/kat/modules/default.nix +++ b/config/users/kat/modules/default.nix @@ -1,7 +1,3 @@ -{ ... }: -let sources = import ../../../../nix/sources.nix; -in { - imports = [ - (sources.tf-nix + "/modules/home/secrets.nix") - ]; -} \ No newline at end of file +{ ... }: +let sources = import ../../../../nix/sources.nix; +in { imports = [ (sources.tf-nix + "/modules/home/secrets.nix") ]; } diff --git a/config/users/kat/sound.nix b/config/users/kat/sound.nix index 95113df8..ee612376 100644 --- a/config/users/kat/sound.nix +++ b/config/users/kat/sound.nix @@ -3,12 +3,12 @@ { config = lib.mkIf (lib.elem "desktop" config.meta.deploy.profiles) { sound.extraConfig = '' - defaults.pcm.rate_converter "speexrate_best" + defaults.pcm.rate_converter "speexrate_best" ''; hardware.pulseaudio.daemon.config = { - default-sample-format = "s24le"; - default-sample-rate = 96000; - resample-method = "soxr-vhq"; + default-sample-format = "s24le"; + default-sample-rate = 96000; + resample-method = "soxr-vhq"; }; }; } diff --git a/config/users/kat/waybar/default.nix b/config/users/kat/waybar/default.nix index c57ff50a..ac96e62d 100644 --- a/config/users/kat/waybar/default.nix +++ b/config/users/kat/waybar/default.nix @@ -5,73 +5,77 @@ let secrets = import ../../../../secrets.nix; in { config = lib.mkIf (lib.elem "sway" config.meta.deploy.profiles) { - home-manager.users.kat = { - programs.waybar = { - enable = true; - style = import ./waybar.css.nix { - inherit style; - hextorgba = pkgs.colorhelpers.hextorgba; - }; - settings = [{ - modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ]; - modules-center = [ "clock" "custom/weather" ]; - modules-right = [ - "pulseaudio" - "network" - "cpu" - "memory" - "temperature" - "backlight" - "battery" - "tray" - ]; - - modules = { - "custom/weather" = { - format = "{}"; - interval = 3600; - on-click = "xdg-open 'https://google.com/search?q=weather'"; - exec = "nix-shell --command 'python ${../../../../scripts/weather/weather.py} ${secrets.profiles.sway.city} ${secrets.profiles.sway.api_key}' ${../../../../scripts/weather}"; - }; - cpu = { format = " {usage}%"; }; - memory = { format = " {percentage}%"; }; - temperature = { format = "﨎 {temperatureC}°C"; }; - backlight = { - format = "{icon} {percent}%"; - format-icons = [ "" "" ]; - on-scroll-up = "${pkgs.light}/bin/light -A 1"; - on-scroll-down = "${pkgs.light}/bin/light -U 1"; - }; - battery = { - states = { - good = 90; - warning = 30; - critical = 15; - }; - format = "{icon} {capacity}%"; - format-charging = " {capacity}%"; - format-plugged = " {capacity}%"; - format-alt = "{icon} {time}"; - format-icons = [ "" "" "" "" "" ]; - }; - pulseaudio = { - format = " {volume}%"; - on-click = "pavucontrol"; - }; - network = { - format-wifi = " {essid} ({signalStrength}%)"; - format-ethernet = " {ifname}: {ipaddr}/{cidr}"; - format-linked = " {ifname} (No IP)"; - format-disconnected = " Disconnected "; - format-alt = " {ifname}: {ipaddr}/{cidr}"; - }; - clock = { - format = " {:%A, %F %T %Z}"; - interval = 1; - }; + home-manager.users.kat = { + programs.waybar = { + enable = true; + style = import ./waybar.css.nix { + inherit style; + hextorgba = pkgs.colorhelpers.hextorgba; }; - }]; + settings = [{ + modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ]; + modules-center = [ "clock" "custom/weather" ]; + modules-right = [ + "pulseaudio" + "network" + "cpu" + "memory" + "temperature" + "backlight" + "battery" + "tray" + ]; + + modules = { + "custom/weather" = { + format = "{}"; + interval = 3600; + on-click = "xdg-open 'https://google.com/search?q=weather'"; + exec = "nix-shell --command 'python ${ + ../../../../scripts/weather/weather.py + } ${secrets.profiles.sway.city} ${secrets.profiles.sway.api_key}' ${ + ../../../../scripts/weather + }"; + }; + cpu = { format = " {usage}%"; }; + memory = { format = " {percentage}%"; }; + temperature = { format = "﨎 {temperatureC}°C"; }; + backlight = { + format = "{icon} {percent}%"; + format-icons = [ "" "" ]; + on-scroll-up = "${pkgs.light}/bin/light -A 1"; + on-scroll-down = "${pkgs.light}/bin/light -U 1"; + }; + battery = { + states = { + good = 90; + warning = 30; + critical = 15; + }; + format = "{icon} {capacity}%"; + format-charging = " {capacity}%"; + format-plugged = " {capacity}%"; + format-alt = "{icon} {time}"; + format-icons = [ "" "" "" "" "" ]; + }; + pulseaudio = { + format = " {volume}%"; + on-click = "pavucontrol"; + }; + network = { + format-wifi = " {essid} ({signalStrength}%)"; + format-ethernet = " {ifname}: {ipaddr}/{cidr}"; + format-linked = " {ifname} (No IP)"; + format-disconnected = " Disconnected "; + format-alt = " {ifname}: {ipaddr}/{cidr}"; + }; + clock = { + format = " {:%A, %F %T %Z}"; + interval = 1; + }; + }; + }]; + }; }; }; - }; } diff --git a/lib/hosts.nix b/lib/hosts.nix index 5c1aa64e..8d87fff0 100644 --- a/lib/hosts.nix +++ b/lib/hosts.nix @@ -1,5 +1,4 @@ -{ pkgs, hostsDir ? ../config/hosts, -privateHostsDir ? ../config/private/hosts +{ pkgs, hostsDir ? ../config/hosts, privateHostsDir ? ../config/private/hosts , commonImports ? [ ../config/common ../modules ], pkgsPath ? ../pkgs }: with pkgs.lib; diff --git a/modules/default.nix b/modules/default.nix index dbcf7368..c1477b72 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,10 +1,10 @@ { ... }: - let sources = import ../nix/sources.nix; in - { - imports = [ - ./deploy - (sources.tf-nix + "/modules/nixos/secrets.nix") - (sources.tf-nix + "/modules/nixos/secrets-users.nix") - ]; +let sources = import ../nix/sources.nix; +in { + imports = [ + ./deploy + (sources.tf-nix + "/modules/nixos/secrets.nix") + (sources.tf-nix + "/modules/nixos/secrets-users.nix") + ]; } diff --git a/modules/deploy/default.nix b/modules/deploy/default.nix index eeba664d..7be89c03 100644 --- a/modules/deploy/default.nix +++ b/modules/deploy/default.nix @@ -2,15 +2,16 @@ with lib; -let cfg = config.meta.deploy; -secretsScript = concatMapStrings (file: '' - ssh $NIX_SSHOPTS root@${cfg.ssh.host} "mkdir -p ${toString file.out.dir} - cat > ${file.path} - chmod ${file.mode} ${file.path} - chown ${file.owner}:${file.group} ${file.path}" << 'EOF' - ${file.text} - EOF -'') (attrValues config.secrets.files); +let + cfg = config.meta.deploy; + secretsScript = concatMapStrings (file: '' + ssh $NIX_SSHOPTS root@${cfg.ssh.host} "mkdir -p ${toString file.out.dir} + cat > ${file.path} + chmod ${file.mode} ${file.path} + chown ${file.owner}:${file.group} ${file.path}" << 'EOF' + ${file.text} + EOF + '') (attrValues config.secrets.files); in { options = { meta.deploy = { diff --git a/pkgs/default.nix b/pkgs/default.nix index 7488ad26..aa2ef917 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -13,7 +13,10 @@ let arc = import sources.arc-nixexprs { pkgs = super; }; unstable = import sources.nixpkgs-unstable { inherit (self) config; }; - nur = import sources.NUR { nurpkgs = self; pkgs = self; }; + nur = import sources.NUR { + nurpkgs = self; + pkgs = self; + }; screenstub = unstable.callPackage ./screenstub { }; @@ -26,4 +29,4 @@ let colorhelpers = import ../lib/colorhelpers.nix { inherit (self) lib; }; }; -in pkgs.extend(overlay) \ No newline at end of file +in pkgs.extend (overlay) diff --git a/pkgs/screenstub/default.nix b/pkgs/screenstub/default.nix index b5f2e518..aee0d172 100644 --- a/pkgs/screenstub/default.nix +++ b/pkgs/screenstub/default.nix @@ -1,29 +1,20 @@ -{ - fetchFromGitHub - , rustPlatform - , pkg-config - , lib - , libxcb - , udev - , python3 -}: rustPlatform.buildRustPackage rec { - pname = "screenstub"; - version = "2021-01-08"; - src = fetchFromGitHub { - owner = "arcnmx"; - repo = pname; +{ fetchFromGitHub, rustPlatform, pkg-config, lib, libxcb, udev, python3 }: +rustPlatform.buildRustPackage rec { + pname = "screenstub"; + version = "2021-01-08"; + src = fetchFromGitHub { + owner = "arcnmx"; + repo = pname; rev = "e379279fedaaa1d06b1d89da4cf54752814a456f"; - sha256 = "0qv15rpazrpdspfcvyizbjdrrm2nrqz0790pa8zvp5bjsw4mvwvx"; - }; + sha256 = "0qv15rpazrpdspfcvyizbjdrrm2nrqz0790pa8zvp5bjsw4mvwvx"; + }; - patches = [ - ./main.patch - ]; + patches = [ ./main.patch ]; - nativeBuildInputs = [ pkg-config python3 ]; - buildInputs = [ libxcb udev ]; + nativeBuildInputs = [ pkg-config python3 ]; + buildInputs = [ libxcb udev ]; - cargoSha256 = "0yijg5v731n49ygav2cfiawnw84hxd6kvik5hmz544vikxj96bj4"; + cargoSha256 = "0yijg5v731n49ygav2cfiawnw84hxd6kvik5hmz544vikxj96bj4"; - doCheck = false; - } \ No newline at end of file + doCheck = false; +} diff --git a/pkgs/vendor-reset/default.nix b/pkgs/vendor-reset/default.nix index efd00cb3..e520b6c7 100644 --- a/pkgs/vendor-reset/default.nix +++ b/pkgs/vendor-reset/default.nix @@ -3,8 +3,7 @@ let version = "0.1.1"; rev = "225a49a40941e350899e456366265cf82b87ad25"; - sha256 = - "071zd8slra0iqsvzqpp6lcvg5dql5hkn161gh9aq34wix7pwzbn5"; + sha256 = "071zd8slra0iqsvzqpp6lcvg5dql5hkn161gh9aq34wix7pwzbn5"; in stdenv.mkDerivation { name = "vendor-reset-${version}-${kernel.version}";