gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

profiles and user refactor

Browse source
This commit is contained in:
kat witch 2021-08-18 03:11:51 +01:00
parent 072cc571f9
commit c9bd5a3766
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
30 changed files with 153 additions and 213 deletions
Download patch file Download diff file Expand all files Collapse all files

1
config/hosts/athame/nixos.nix
View file

@ -9,7 +9,6 @@ with lib;
profiles.hardware.hcloud-imperative
users.kat.server
users.kat.services.weechat
services.fail2ban
services.filehost
services.gitea
services.grafana

4
config/modules/home/theme.nix
View file

@ -13,7 +13,9 @@ let cfg = config.kw; in {
type = types.nullOr (types.listOf types.path);
default = [ ../../users/kat/sway/wallpapers/left.jpg ../../users/kat/sway/wallpapers/main.png ../../users/kat/sway/wallpapers/right.jpg ];
};
hexColors = mkOption {
type = types.attrsOf types.str;
};
font = {
name = mkOption {
type = types.str;

2
config/profiles/base/base16.nix
View file

@ -4,7 +4,7 @@
base16 = {
console = {
enable = true;
scheme = "rebecca.rebecca";
scheme = config.home-manager.users.kat.alias.default;
};
};
}

4
config/profiles/base/default.nix
View file

@ -3,16 +3,14 @@
{
imports = with meta; [
users.kat.base
# users.kairi.base TODO
users.arc
users.hexchen
./system.nix
./dns.nix
./home.nix
./profiles.nix
./shell.nix
./base16.nix
./net.nix
./network.nix
./access.nix
./locale.nix
./nix.nix

7
config/profiles/base/net.nix
View file

@ -1,7 +0,0 @@
{ config, lib, ... }:
{
network.nftables.enable = lib.mkDefault true;
network.enable = true;
network.dns.enable = true;
}

13
config/profiles/base/network.nix Normal file
View file

@ -0,0 +1,13 @@
{ config, lib, ... }:
{
network = {
enable = true;
nftables.enable = true;
dns = {
enable = true;
email = "kat@kittywit.ch";
tld = "kittywit.ch.";
};
};
}

6
config/profiles/gui/adb.nix
View file

@ -1,6 +0,0 @@
{ config, ... }:
{
programs.adb.enable = true;
users.users.kat.extraGroups = [ "adbusers" ];
}

5
config/profiles/gui/default.nix
View file

@ -2,18 +2,13 @@
{
imports = [
./adb.nix
./fonts.nix
./sway.nix
./fvwm.nix
./filesystems.nix
./gpg.nix
./xdg-portals.nix
./dns.nix
./nfs.nix
./nix-doc.nix
./mpd.nix
./nixpkgs.nix
./mingetty.nix
./sound.nix
];

1
config/profiles/gui/dns.nix
View file

@ -1,6 +1,5 @@
{ config, lib, pkgs, ... }: {
networking = {
# networkmanager.enable = true;
resolvconf.useLocalResolver = true;
networkmanager.dns = "none";
};

5
config/profiles/gui/fonts.nix
View file

@ -16,12 +16,7 @@
};
fonts.fonts = with pkgs; [
font-awesome
nerdfonts
vegur
creep
cozette
emacs-all-the-icons-fonts
twitter-color-emoji
];
}

14
config/profiles/gui/fvwm.nix
View file

@ -1,14 +0,0 @@
{ config, lib, ... }:
with lib;
{
config = mkIf (any (user: user.programs.fvwm.enable) (attrValues config.home-manager.users)) {
services.xserver.enable = true;
services.xserver.displayManager.startx.enable = true;
services.xserver.windowManager.fvwm = {
enable = true;
gestures = true;
};
};
}

10
config/profiles/gui/mpd.nix
View file

@ -1,10 +0,0 @@
{ config, lib, ... }:
with lib;
{
network.firewall = {
public.tcp.ports = [ 6600 32101 ];
private.tcp.ports = [ 6600 32101 ];
};
}

11
config/profiles/gui/nix-doc.nix
View file

@ -1,11 +0,0 @@
{ pkgs, ... }:
{
nix.extraOptions = ''
plugin-files = ${pkgs.nix-doc}/lib/libnix_doc_plugin.so
'';
environment.systemPackages = with pkgs; [
nix-doc
];
}

8
config/profiles/gui/nixpkgs.nix
View file

@ -1,8 +0,0 @@
{ pkgs, config, lib, ... }:
{
nixpkgs.config = {
allowUnfree = true;
pulseaudio = true;
};
}

41
config/services/fail2ban/default.nix
View file

@ -1,41 +0,0 @@
{ config, pkgs, ... }:
{
services.fail2ban = {
enable = true;
packageFirewall = pkgs.nftables;
banaction = "nftables-multiport";
banaction-allports = "nftables-allports";
jails = {
default = ''
bantime = 7d
blocktype = DROP
action = nftables-allports
logpath = /var/log/auth.log
'';
ssh = ''
enabled = true
filter = sshd
maxretry = 4
action = nftables-multiport[name=SSH, port=ssh, protocol=tcp]
'';
sshd-ddos = ''
enabled = true
filter = sshd-ddos
maxretry = 4
action = nftables-multiport[name=ssh, port=ssh, protocol=tcp]
'';
};
};
environment.etc."fail2ban/filter.d/sshd-ddos.conf" = {
enable = true;
text = ''
[Definition]
failregex = sshd(?:\[\d+\])?: Did not receive identification string from <HOST>$
ignoreregex =
'';
};
systemd.services.fail2ban.serviceConfig.LimitSTACK = 128 * 1024;
}

10
config/users/kat/base/base16.nix
View file

@ -1,14 +1,12 @@
{ config, ... }:
{ config, lib, ... }:
{
base16 = {
shell.enable = true;
schemes = [ "atelier.atelier-cave" "atelier.atelier-cave-light" "tomorrow.tomorrow-night-eighties" "tomorrow.tomorrow" ];
schemes = [ "atelier.atelier-cave" "atelier.atelier-cave-light" ];
alias.light = "atelier.atelier-cave-light";
alias.dark = "atelier.atelier-cave";
};
# home.base16-shell = {
# enable = true;
# defaultTheme = "rebecca.rebecca";
# };
kw.hexColours = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}") config.lib.arc.base16.schemeForAlias.default;
}

2
config/users/kat/gui/default.nix
View file

@ -1,5 +1,5 @@
{ config, ... }:
{
imports = [ ./firefox ./packages.nix ./gtk.nix ./foot.nix ./xdg.nix ./ranger.nix ./fonts.nix ];
imports = [ ./firefox.nix ./firefox-tst.nix ./packages.nix ./gtk.nix ./foot.nix ./xdg.nix ./ranger.nix ./fonts.nix ];
}

73
config/users/kat/gui/firefox/default.nix → config/users/kat/gui/firefox-tst.nix
View file

@ -1,34 +1,7 @@
{ config, lib, pkgs, superConfig, ... }:
{ config, ... }:
let
commonSettings = {
"app.update.auto" = false;
"identity.fxaccounts.account.device.name" = superConfig.networking.hostName;
"signon.rememberSignons" = false;
"browser.download.lastDir" = "/home/kat/downloads";
"browser.urlbar.placeholderName" = "DuckDuckGo";
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"svg.context-properties.content.enabled" = true;
};
base16 = lib.mapAttrs' (k: v: lib.nameValuePair k "#${v.hex.rgb}")
config.lib.arc.base16.schemeForAlias.default;
in
{
programs.zsh.shellAliases = {
ff-pm = "firefox --ProfileManager";
ff-main = "firefox -P main";
};
programs.browserpass = {
enable = true;
browsers = [ "firefox" ];
};
home.sessionVariables = {
XDG_CURRENT_DESKTOP = "sway";
};
home.file.".mozilla/tst.css".text = ''
home.file.".mozilla/tst.css".text = let base16 = config.kw.hexColors; in ''
/* Hide border on tab bar, force its state to 'scroll', adjust margin-left for width of scrollbar. */
#tabbar { border: 0; overflow-y: scroll !important; }
@ -151,46 +124,4 @@ in
opacity: 0.5;
}
'';
programs.firefox = {
enable = true;
package = pkgs.firefox-wayland;
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
sponsorblock
floccus
link-cleaner
octotree
betterttv
canvasblocker
view-image
pkgs.nur.repos.crazazy.firefox-addons.new-tab-override
wappalyzer
auto-tab-discard
bitwarden
darkreader
decentraleyes
foxyproxy-standard
clearurls
df-youtube
old-reddit-redirect
privacy-badger
reddit-enhancement-suite
refined-github
stylus
temporary-containers
browserpass
tree-style-tab
multi-account-containers
ublock-origin
violentmonkey
];
profiles = {
main = {
id = 0;
isDefault = true;
settings = commonSettings // { };
userChrome = import ./userChrome.css.nix { profile = "main"; inherit base16; };
};
};
};
}

0
config/users/kat/gui/firefox/userChrome.css.nix → config/users/kat/gui/firefox-ucc.nix
View file

70
config/users/kat/gui/firefox.nix Normal file
View file

@ -0,0 +1,70 @@
{ config, lib, pkgs, superConfig, ... }:
let
commonSettings = {
"app.update.auto" = false;
"identity.fxaccounts.account.device.name" = superConfig.networking.hostName;
"signon.rememberSignons" = false;
"browser.download.lastDir" = "/home/kat/downloads";
"browser.urlbar.placeholderName" = "DuckDuckGo";
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"svg.context-properties.content.enabled" = true;
};
in
{
programs.zsh.shellAliases = {
ff-pm = "firefox --ProfileManager";
ff-main = "firefox -P main";
};
programs.browserpass = {
enable = true;
browsers = [ "firefox" ];
};
home.sessionVariables = {
XDG_CURRENT_DESKTOP = "sway";
};
programs.firefox = {
enable = true;
package = pkgs.firefox-wayland;
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
sponsorblock
floccus
link-cleaner
octotree
betterttv
canvasblocker
view-image
pkgs.nur.repos.crazazy.firefox-addons.new-tab-override
wappalyzer
auto-tab-discard
bitwarden
darkreader
decentraleyes
foxyproxy-standard
clearurls
df-youtube
old-reddit-redirect
privacy-badger
reddit-enhancement-suite
refined-github
stylus
temporary-containers
browserpass
tree-style-tab
multi-account-containers
ublock-origin
violentmonkey
];
profiles = {
main = {
id = 0;
isDefault = true;
settings = commonSettings // { };
userChrome = import ./firefox-ucc.nix { profile = "main"; base16 = config.kw.hexColors; };
};
};
};
}

1
config/users/kat/gui/ranger.nix
View file

@ -7,6 +7,5 @@
xdg.configFile."ranger/rc.conf".text = ''
set preview_images true
set preview_images_method iterm2
'';
}

3
config/users/kat/media/default.nix
View file

@ -5,9 +5,6 @@
./mpv.nix
./obs.nix
./syncplay.nix
./beets.nix
./mpd.nix
./ncmpcpp.nix
./packages.nix
];
}

0
config/users/kat/media/beets.nix → config/users/kat/services/mpd/beets.nix
View file

9
config/users/kat/services/mpd/default.nix Normal file
View file

@ -0,0 +1,9 @@
{ ... }:
{
imports = [
./mpd.nix
./beets.nix
./ncmpcpp.nix
];
}

5
config/users/kat/media/mpd.nix → config/users/kat/services/mpd/mpd.nix
View file

@ -1,6 +1,11 @@
{ config, pkgs, ... }:
{
network.firewall = {
public.tcp.ports = [ 6600 32101 ];
private.tcp.ports = [ 6600 32101 ];
};
services.mpd = {
enable = true;
package = pkgs.mpd-youtube-dl;

0
config/users/kat/media/ncmpcpp.nix → config/users/kat/services/mpd/ncmpcpp.nix
View file

3
config/users/kat/sway/default.nix
View file

@ -2,7 +2,8 @@
{
imports = [
./waybar
./waybar.nix
./wofi.nix
./mako.nix
./sway.nix
./gammastep.nix

0
config/users/kat/sway/waybar/waybar.css.nix → config/users/kat/sway/waybar.css.nix
View file

17
config/users/kat/sway/waybar/default.nix → config/users/kat/sway/waybar.nix
View file

@ -14,7 +14,7 @@ in
};
settings = [{
modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ];
modules-center = ["clock" "clock#arc" "clock#miku" "clock#hex" ]; # "clock" "custom/weather"
modules-center = ["clock" "clock#arc" "clock#miku" "clock#hex" ];
modules-right = [
"pulseaudio"
"cpu"
@ -22,9 +22,7 @@ in
"temperature"
"backlight"
"battery"
#"mpd"
"network"
#"custom/weather"
"idle_inhibitor"
"custom/konawall"
"custom/gpg-status"
@ -37,13 +35,6 @@ in
format = " {}";
max-length = 50;
};
#"custom/weather" = {
# format = "{}";
# interval = 3600;
# on-click = "xdg-open 'https://google.com/search?q=weather'";
# exec =
# "${pkgs.kat-weather}/bin/kat-weather ${witch.secrets.profiles.sway.city} ${witch.secrets.profiles.sway.api_key}";
#};
tray = {
icon-size = 12;
spacing = 2;
@ -64,12 +55,6 @@ in
on-click-right = "systemctl --user restart konawall";
};
cpu = { format = " {usage}%"; };
#mpd = {
# format = " {albumArtist} - {title}";
# format-stopped = "ﱙ";
# format-paused = " Paused";
# title-len = 16;
#};
memory = { format = " {percentage}%"; };
temperature = {
format = " {temperatureC}°C";

41
config/users/kat/sway/wofi.nix Normal file
View file

@ -0,0 +1,41 @@
{ config, lib, ... }:
{
xdg.configFile."wofi/wofi.css".text = let base16 = config.kw.hexColors; in ''
#scroll, #input {
background: ${base16.base01};
}
window {
font-family: ${config.kw.font.name};
background: ${lib.hextorgba base16.base00 0.75};
border-radius: 1em;
font-size: ${config.kw.font.size_css};
color: ${base16.base07};
}
#outer-box {
margin: 1em;
}
#scroll {
border: 1px solid ${base16.base03};
}
#input {
border: 1px solid ${base16.base0C};
margin: 1em;
background: ${base16.base02};
color: ${base16.base04};
}
#entry {
border-bottom: 1px dashed ${base16.base04};
padding: .75em;
}
#entry:selected {
background-color: ${base16.base0D};
}
'';
}