diff --git a/.gitignore b/.gitignore index 8197208c..10341cca 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -result -secrets.nix \ No newline at end of file +/result +/config/hosts/beltane/secrets.nix \ No newline at end of file diff --git a/README.md b/README.md deleted file mode 100644 index 4e073a26..00000000 --- a/README.md +++ /dev/null @@ -1,58 +0,0 @@ -# nixfiles - -Nix deployment related stuff. - -## How to use - -* Change SSH port for ./result's SSH connection to 62954 `export NIX_SSHOPTS="-p 62954"` -* Change SSH port for ./result's SSH connection to 22: `export NIX_SSHOPTS="-p 22"` -* Build all devices and execute the resulting deploy script: `nix build -f . deploy.all && ./result` -* Build all devices in \ and execute the resulting deploy script: `nix build -f . deploy.\ && ./result` -* Build \ and execute the resulting deploy script: `nix build -f . deploy.\ && ./result` - -## Hosts - -* beltane - Hetzner VPS. -* samhain - Desktop. -* yule - Laptop. -* litha - Relatively unused netbook. - -## To-do - -### Overall -- [ ] Migrate the secrets file currently in use to be usable for each host. -- [ ] DNS provider migration. (Cloudflare -> Glauca) - - [ ] Fancy wildcard certificate shenanigans? - -### Host: beltane -- [ ] Reinstall with a ZFS root filesystem. - - [ ] Backup data from current install. -- [ ] Secrets management for Beltane. -- [ ] Additional services configuration for Beltane - - [ ] Self-hosted mail using [this](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver). - - [ ] matrix-synapse - - [ ] matrix-puppet-discord - - [ ] mautrix-whatsapp - - [ ] mautrix-telegram - - [ ] Nextcloud - - [ ] syncserver - - [ ] bitwarden_rs - -### Group: graphical -- [ ] Move all devices to using Sway. - - [ ] Write a Sway profile using [this](http://blog.patapon.info/nixos-systemd-sway/) as reference material? - - [ ] Move to using LightDM instead of GDM or start using CLI for session management. - - [ ] Migrate graphical group host configurations to using the Sway profile instead of the GNOME / XFCE profiles. - - [ ] Remove GNOME / XFCE profiles. -- [ ] Include redshift in the desktop profile. Configure using secrets file post-migration if required. -- [ ] Firefox configuration refactors - - [ ] See if a 1password NUR package exists. If not, create one. - - [ ] See if a tree style tabs NUR package exists. If not, create one. - - [ ] Check [here](https://rycee.gitlab.io/home-manager/options.html) for reference to Firefox configuration options under home-manager. Write a config involving the required addons: - - 1password - - uBlock Origin - - Privacy Badger - - HTTPS Everywhere - - Tampermonkey - - [ ] Attach self-hosted syncserver to profile. - - [ ] Import into graphical group host configurations. \ No newline at end of file diff --git a/configuration/hosts/beltane/configuration.nix b/config/hosts/beltane/configuration.nix similarity index 76% rename from configuration/hosts/beltane/configuration.nix rename to config/hosts/beltane/configuration.nix index 4f5166e4..e94e10bc 100644 --- a/configuration/hosts/beltane/configuration.nix +++ b/config/hosts/beltane/configuration.nix @@ -3,17 +3,12 @@ let unstable = import { }; in { imports = [ - ../../profiles/common ./hardware-configuration.nix - #./services/postgres.nix ./services/znc.nix ./services/weechat.nix - #./services/gitea.nix - #./services/matrix.nix - #./services/nextcloud.nix - #./services/bitwarden.nix ./services/nginx.nix ]; + meta.deploy.ssh.host = "beltane.dork.dev"; boot.loader.grub.enable = true; boot.loader.grub.version = 2; diff --git a/configuration/hosts/beltane/hardware-configuration.nix b/config/hosts/beltane/hardware-configuration.nix similarity index 100% rename from configuration/hosts/beltane/hardware-configuration.nix rename to config/hosts/beltane/hardware-configuration.nix diff --git a/configuration/hosts/beltane/services/bitwarden.nix b/config/hosts/beltane/services/bitwarden.nix similarity index 100% rename from configuration/hosts/beltane/services/bitwarden.nix rename to config/hosts/beltane/services/bitwarden.nix diff --git a/configuration/hosts/beltane/services/gitea.nix b/config/hosts/beltane/services/gitea.nix similarity index 100% rename from configuration/hosts/beltane/services/gitea.nix rename to config/hosts/beltane/services/gitea.nix diff --git a/configuration/hosts/beltane/services/matrix.nix b/config/hosts/beltane/services/matrix.nix similarity index 100% rename from configuration/hosts/beltane/services/matrix.nix rename to config/hosts/beltane/services/matrix.nix diff --git a/configuration/hosts/beltane/services/nextcloud.nix b/config/hosts/beltane/services/nextcloud.nix similarity index 100% rename from configuration/hosts/beltane/services/nextcloud.nix rename to config/hosts/beltane/services/nextcloud.nix diff --git a/configuration/hosts/beltane/services/nginx.nix b/config/hosts/beltane/services/nginx.nix similarity index 100% rename from configuration/hosts/beltane/services/nginx.nix rename to config/hosts/beltane/services/nginx.nix diff --git a/configuration/hosts/beltane/services/postgres.nix b/config/hosts/beltane/services/postgres.nix similarity index 100% rename from configuration/hosts/beltane/services/postgres.nix rename to config/hosts/beltane/services/postgres.nix diff --git a/configuration/hosts/beltane/services/weechat.nix b/config/hosts/beltane/services/weechat.nix similarity index 100% rename from configuration/hosts/beltane/services/weechat.nix rename to config/hosts/beltane/services/weechat.nix diff --git a/configuration/hosts/beltane/services/znc.nix b/config/hosts/beltane/services/znc.nix similarity index 100% rename from configuration/hosts/beltane/services/znc.nix rename to config/hosts/beltane/services/znc.nix diff --git a/config/hosts/samhain/580-vbios.rom b/config/hosts/samhain/580-vbios.rom new file mode 100644 index 00000000..9f48d8fb Binary files /dev/null and b/config/hosts/samhain/580-vbios.rom differ diff --git a/configuration/hosts/samhain/configuration.nix b/config/hosts/samhain/configuration.nix similarity index 63% rename from configuration/hosts/samhain/configuration.nix rename to config/hosts/samhain/configuration.nix index f8f2daa1..a3ae2f2c 100644 --- a/configuration/hosts/samhain/configuration.nix +++ b/config/hosts/samhain/configuration.nix @@ -2,25 +2,17 @@ { imports = [ + ../../services/zfs.nix ./hardware-configuration.nix - ../../profiles/common - ../../profiles/desktop - ../../profiles/xfce - ../../profiles/sway - ../../profiles/gaming - ../../profiles/development - ../../profiles/network - ../../profiles/yubikey ./services/nginx.nix ./services/thermal/thermal.nix ./services/torrenting.nix ]; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.supportedFilesystems = [ "zfs" "xfs" ]; - boot.extraModulePackages = [ config.boot.kernelPackages.vendor-reset ]; + meta.deploy.profiles = [ "desktop" "development" "sway" "gaming" "network" "yubikey" ]; + meta.deploy.ssh.host = "192.168.1.135"; + # libvirtd is used for our virtual machine virtualisation.libvirtd = { enable = true; qemuOvmf = true; @@ -28,8 +20,12 @@ onBoot = "ignore"; onShutdown = "shutdown"; }; - - users.users.kat.extraGroups = [ "libvirtd" ]; + + # required for guest reboots with the 580 + boot.extraModulePackages = [ (pkgs.linuxPackagesFor config.boot.kernelPackages.kernel).vendor-reset ]; + + # required groups for various intentions + users.users.kat.extraGroups = [ "libvirtd" "input" "qemu-libvirtd" ]; # video=efifb:off allows the 580 to be passed through regardless of being the boot display and allows the 560 to act as a console device # pci=noats means that it doesn't kernel panic on my specific configuration @@ -43,6 +39,8 @@ boot.kernelModules = [ "i2c-dev" "kvm-amd" ]; # i2c-dev is required for DDC/CI for screenstub + # this section makes vfio-pci be injected as the driver for the 580 and its audio thingy + # it should be replaced as mentioned with vfio-pci.ids # the script provided: https://alexbakker.me/post/nixos-pci-passthrough-qemu-vfio.html can be used to find iommu groups boot.initrd.preDeviceCommands = '' DEVS="0000:26:00.0 0000:26:00.1" @@ -52,6 +50,7 @@ modprobe -i vfio-pci ''; + # the nur is used for arc's packages, so we include it here nixpkgs.config.packageOverrides = pkgs: { nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { @@ -59,23 +58,20 @@ }; }; - services.udev.extraRules = let - localGroup = "users"; - assignLocalGroup = ''GROUP="${localGroup}"''; - i2c = '' - SUBSYSTEM=="i2c-dev", ${assignLocalGroup}, MODE="0660" - ''; # for DDC/monitor control - uinput = '' - ACTION=="add", SUBSYSTEM=="input", DEVPATH=="/devices/virtual/input/*", MODE="0660", GROUP="qemu-libvirtd" - ACTION=="add", SUBSYSTEM=="input", ATTRS{idVendor}=="fa58", ATTRS{idProduct}=="04d9", GROUP="users" - SUBSYSTEM=="misc", KERNEL=="uinput", OPTIONS+="static_node=uinput", MODE="0660", GROUP="uinput" - ''; - in '' - ${i2c} - ${uinput} - ''; + # rules are for: + # * monitor ddc/ci + # * input for qemu + # * rule for event-mouse (i hope?) + # * uinput rule + services.udev.extraRules = '' + SUBSYSTEM=="i2c-dev", GROUP="users", MODE="0660" + SUBSYSTEM=="input", ACTION=="add", DEVPATH=="/devices/virtual/input/*", MODE="0660", GROUP="qemu-libvirtd" + SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="fa58", ATTRS{idProduct}=="04d9", GROUP="users" + SUBSYSTEM=="misc", KERNEL=="uinput", OPTIONS+="static_node=uinput", MODE="0660", GROUP="uinput" + ''; + environment.systemPackages = [ - #pkgs.nur.repos.arc.packages.screenstub # for DDC/CI and input forwarding + # pkgs.nur.repos.arc.packages.screenstub # for DDC/CI and input forwarding (currently disabled due to using changed source) pkgs.nur.repos.arc.packages.scream-arc # for audio forwarding pkgs.ddcutil # for diagnostics on DDC/CI pkgs.virt-manager # obvious reasons @@ -92,26 +88,31 @@ # audio for vm on startup systemd.user.services.scream-arc = { enable = true; - description = "Scream Arc"; + wantedBy = [ "multi-user.target" ]; + description = "Scream - Audio forwarding from the VM."; serviceConfig = { ExecStart = - "${pkgs.nur.repos.arc.packages.scream-arc}/bin/scream -i virbr0 -o pulse -v"; + "${pkgs.nur.repos.arc.packages.scream-arc}/bin/scream -i virbr0 -o alsa"; Restart = "always"; }; - wantedBy = [ "multi-user.target" ]; - requires = [ "pulseaudio.service" ]; }; - networking.hostName = "samhain"; - networking.hostId = "617050fc"; - + # BusId is used to specify the graphics card used for X / lightdm / wayland + # BusId must be decimal conversion of the equivalent but matching the format, this was 0000:25:00.0 services.xserver.deviceSection = lib.mkDefault '' Option "TearFree" "true" BusID "PCI:37:0:0" - ''; # busId must be decimal conversion of the equivalent but matching the format, this was 0000:25:00.0 + ''; + # graphics tablet services.xserver.wacom.enable = true; + # other stuffs + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.supportedFilesystems = [ "zfs" "xfs" ]; + networking.hostName = "samhain"; + networking.hostId = "617050fc"; networking.useDHCP = false; networking.interfaces.enp34s0.useDHCP = true; networking.firewall.allowPing = true; diff --git a/configuration/hosts/samhain/hardware-configuration.nix b/config/hosts/samhain/hardware-configuration.nix similarity index 100% rename from configuration/hosts/samhain/hardware-configuration.nix rename to config/hosts/samhain/hardware-configuration.nix diff --git a/configuration/hosts/samhain/screenstub.yml b/config/hosts/samhain/screenstub.yml similarity index 100% rename from configuration/hosts/samhain/screenstub.yml rename to config/hosts/samhain/screenstub.yml diff --git a/configuration/hosts/samhain/services/nginx.nix b/config/hosts/samhain/services/nginx.nix similarity index 100% rename from configuration/hosts/samhain/services/nginx.nix rename to config/hosts/samhain/services/nginx.nix diff --git a/configuration/hosts/samhain/services/thermal/kaede-power.sh b/config/hosts/samhain/services/thermal/kaede-power.sh similarity index 100% rename from configuration/hosts/samhain/services/thermal/kaede-power.sh rename to config/hosts/samhain/services/thermal/kaede-power.sh diff --git a/configuration/hosts/samhain/services/thermal/kaede-thermald.xml b/config/hosts/samhain/services/thermal/kaede-thermald.xml similarity index 100% rename from configuration/hosts/samhain/services/thermal/kaede-thermald.xml rename to config/hosts/samhain/services/thermal/kaede-thermald.xml diff --git a/configuration/hosts/samhain/services/thermal/kaede-thermals.sh b/config/hosts/samhain/services/thermal/kaede-thermals.sh similarity index 100% rename from configuration/hosts/samhain/services/thermal/kaede-thermals.sh rename to config/hosts/samhain/services/thermal/kaede-thermals.sh diff --git a/configuration/hosts/samhain/services/thermal/thermal.nix b/config/hosts/samhain/services/thermal/thermal.nix similarity index 100% rename from configuration/hosts/samhain/services/thermal/thermal.nix rename to config/hosts/samhain/services/thermal/thermal.nix diff --git a/configuration/hosts/samhain/services/torrenting.nix b/config/hosts/samhain/services/torrenting.nix similarity index 100% rename from configuration/hosts/samhain/services/torrenting.nix rename to config/hosts/samhain/services/torrenting.nix diff --git a/configuration/hosts/yule/configuration.nix b/config/hosts/yule/configuration.nix similarity index 69% rename from configuration/hosts/yule/configuration.nix rename to config/hosts/yule/configuration.nix index ef7cd8f1..6b1ca89e 100644 --- a/configuration/hosts/yule/configuration.nix +++ b/config/hosts/yule/configuration.nix @@ -3,15 +3,11 @@ { imports = [ ./hardware-configuration.nix - ../../profiles/common - ../../profiles/desktop - ../../profiles/gnome - ../../profiles/gaming - ../../profiles/development - ../../profiles/network - ../../profiles/yubikey ]; + meta.deploy.profiles = [ "desktop" "development" "sway" "gaming" "network" "yubikey" ]; + meta.deploy.ssh.host = "192.168.1.92"; + boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.supportedFilesystems = [ "zfs" ]; diff --git a/config/hosts/yule/hardware-configuration.nix b/config/hosts/yule/hardware-configuration.nix new file mode 100644 index 00000000..c479281e --- /dev/null +++ b/config/hosts/yule/hardware-configuration.nix @@ -0,0 +1,40 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "rpool/safe/root"; + fsType = "zfs"; + }; + + fileSystems."/home" = + { device = "rpool/safe/home"; + fsType = "zfs"; + }; + + fileSystems."/nix" = + { device = "rpool/local/nix"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/D680-ED0E"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/87ff4f68-cc00-494e-8eba-050469c3bf03"; } + ]; + +} diff --git a/configuration/profiles/common/default.nix b/config/profiles/common/default.nix similarity index 71% rename from configuration/profiles/common/default.nix rename to config/profiles/common/default.nix index 6cc70de6..2c59809f 100644 --- a/configuration/profiles/common/default.nix +++ b/config/profiles/common/default.nix @@ -1,19 +1,20 @@ { config, lib, pkgs, ... }: let - home-manager = fetchGit { - url = "https://github.com/nix-community/home-manager"; - rev = "a98ec6ec158686387d66654ea96153ec06be33d7"; - }; - nixpkgs-master = import - (fetchTarball "https://github.com/NixOS/nixpkgs/archive/master.tar.gz") { - config.allowUnfree = true; - }; + sources = import ../../../nix/sources.nix; + unstable = import sources.nixpkgs-unstable { }; in { - imports = [ ../../../modules "${home-manager}/nixos" ./pbb.nix ./users.nix ]; - - nixpkgs.overlays = - [ (self: super: import ../../../pkgs { nixpkgs = super.path; self = self; super = super; }) ]; + imports = [ + ../../../modules + ../../users + ../desktop + ../development + ../gaming + ../network + ../sway + ../yubikey + (sources.home-manager + "/nixos") + ]; #boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; #boot.kernelParams = [ "quiet" ]; diff --git a/configuration/profiles/common/pbb.nix b/config/profiles/common/pbb.nix similarity index 100% rename from configuration/profiles/common/pbb.nix rename to config/profiles/common/pbb.nix diff --git a/config/profiles/desktop/default.nix b/config/profiles/desktop/default.nix new file mode 100644 index 00000000..55372751 --- /dev/null +++ b/config/profiles/desktop/default.nix @@ -0,0 +1,98 @@ +{ config, lib, pkgs, ... }: + +let + sources = import ../../../nix/sources.nix; + unstable = import sources.nixpkgs-unstable { inherit (pkgs) config; }; +in { + config = lib.mkIf (lib.elem "desktop" config.meta.deploy.profiles) { + + nixpkgs.config = { mumble.speechdSupport = true; pulseaudio = true;}; + + environment.systemPackages = [ pkgs.redshift ]; + + services.xserver.enable = true; + services.xserver.displayManager.lightdm.enable = true; + programs.light.enable = true; + + home-manager.users.kat = { + home.packages = [ + pkgs._1password + pkgs.mpv + pkgs.mumble + pkgs.obs-studio + pkgs.avidemux + pkgs.gnome3.networkmanagerapplet + pkgs.vlc + unstable.syncplay + unstable.youtube-dl + unstable.google-chrome + pkgs.v4l-utils + pkgs.transmission-gtk + pkgs.jdk11 + pkgs.lm_sensors + unstable.discord + pkgs.tdesktop + pkgs.dino + pkgs.vegur + pkgs.nitrogen + pkgs.terminator + pkgs.pavucontrol + pkgs.appimage-run + pkgs.gparted + pkgs.scrot + pkgs.gimp-with-plugins + pkgs.vscode + pkgs.cryptsetup + pkgs.neofetch + pkgs.htop + ]; + + programs.fish = { interactiveShellInit = "set -g fish_greeting ''"; }; + + programs.firefox = { enable = true; }; + + services.kdeconnect = { + enable = true; + indicator = true; + }; + + services.redshift = { + enable = true; + latitude = "51.5074"; + longitude = "0.1278"; + }; + + gtk = { + enable = true; + iconTheme = { + name = "Numix-Square"; + package = pkgs.numix-icon-theme-square; + }; + theme = { + name = "Arc"; + package = pkgs.arc-theme; + }; + }; + }; + + fonts.fontconfig.enable = true; + fonts.fonts = [ pkgs.nerdfonts pkgs.corefonts ]; + + # KDE Connect + networking.firewall = { + allowedTCPPortRanges = [{ + from = 1714; + to = 1764; + }]; + allowedUDPPortRanges = [{ + from = 1714; + to = 1764; + }]; + }; + + sound.enable = true; + hardware.pulseaudio.enable = true; + hardware.opengl.enable = true; + services.xserver.libinput.enable = true; + }; +} diff --git a/config/profiles/development/default.nix b/config/profiles/development/default.nix new file mode 100644 index 00000000..c27fdb0d --- /dev/null +++ b/config/profiles/development/default.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +{ + config = lib.mkIf (lib.elem "development" config.meta.deploy.profiles) { + environment.systemPackages = let + python-env = python-packages: + with pkgs.python38Packages; [ + pip + setuptools + psutil + ]; + python-with-env = pkgs.python3.withPackages python-env; + in [ pkgs.php pkgs.php74Packages.composer2 python-with-env ]; + + home-manager.users.kat = { + programs.go.enable = true; + + programs.fish = { + interactiveShellInit = '' + set fish_user_paths $fish_user_paths $HOME/.config/composer/vendor/bin + ''; + }; + + home.packages = [ + pkgs.jetbrains.clion + pkgs.jetbrains.idea-ultimate + pkgs.jetbrains.goland + pkgs.jetbrains.phpstorm + pkgs.nixfmt + pkgs.carnix + pkgs.rustup + pkgs.gcc + ]; + }; + }; +} diff --git a/config/profiles/gaming/default.nix b/config/profiles/gaming/default.nix new file mode 100644 index 00000000..d4138658 --- /dev/null +++ b/config/profiles/gaming/default.nix @@ -0,0 +1,12 @@ +{ config, lib, pkgs, ... }: { + + config = lib.mkIf (lib.elem "gaming" config.meta.deploy.profiles) { + hardware.opengl.driSupport32Bit = true; + hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; + hardware.pulseaudio.support32Bit = true; + + home-manager.users.kat = { + home.packages = [ pkgs.lutris pkgs.steam-run ]; + }; + }; +} diff --git a/config/profiles/network/default.nix b/config/profiles/network/default.nix new file mode 100644 index 00000000..4cc1ac26 --- /dev/null +++ b/config/profiles/network/default.nix @@ -0,0 +1,43 @@ +{ config, lib, pkgs, ... }: { + config = lib.mkIf (lib.elem "network" config.meta.deploy.profiles) { + networking = { + networkmanager.enable = true; + resolvconf.useLocalResolver = true; + networkmanager.dns = "none"; + }; + + services.dnscrypt-proxy2 = { + enable = true; + settings = { + ipv6_servers = true; + require_dnssec = true; + + sources.public-resolvers = { + urls = [ + "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md" + "https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md" + ]; + cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md"; + minisign_key = + "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; + }; + + # You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/public-resolvers.md + server_names = [ + "acsacsar-ams-ipv4" + "acsacsar-ams-ipv6" + "dnscrypt.eu-dk" + "dnscrypt.eu-dk-ipv6" + "dnscrypt.eu-nl" + "dnscrypt.eu-nl-ipv6" + "meganerd" + "meganerd-ipv6" + ]; + }; + }; + + systemd.services.dnscrypt-proxy2.serviceConfig = { + StateDirectory = "dnscrypt-proxy2"; + }; + }; +} diff --git a/configuration/profiles/sway/colors.nix b/config/profiles/sway/colors.nix similarity index 69% rename from configuration/profiles/sway/colors.nix rename to config/profiles/sway/colors.nix index 57d96cf7..eab6a5bb 100644 --- a/configuration/profiles/sway/colors.nix +++ b/config/profiles/sway/colors.nix @@ -1,22 +1,22 @@ rec { base16 = { - color0 = "#333333"; - color1 = "#ff3399"; - color2 = "#00ff99"; - color3 = "#ffcc33"; - color4 = "#00ccff"; - color5 = "#9977ff"; - color6 = "#3cd8d8"; - color7 = "#f8f8f2"; + color0 = "#292a44"; + color1 = "#a0a0c5"; + color2 = "#6dfedf"; + color3 = "#ae81ff"; + color4 = "#2de0a7"; + color5 = "#7aa5ff"; + color6 = "#8eaee0"; + color7 = "#f1eff8"; - color8 = "#707070"; - color9 = "#ff6699"; - color10 = "#99ff99"; - color11 = "#ffee66"; - color12 = "#99ccff"; - color13 = "#9977ff"; - color14 = "#78e4e4"; - color15 = "#f8f8f2"; + color8 = "#666699"; + color9 = "#efe4a1"; + color10 = "#663399"; + color11 = "#383a62"; + color12 = "#a0a0c5"; + color13 = "#ccccff"; + color14 = "#ff79c6"; + color15 = "#53495d"; color16 = "#fd971f"; color17 = "#cc6633"; diff --git a/config/profiles/sway/default.nix b/config/profiles/sway/default.nix new file mode 100644 index 00000000..26c75366 --- /dev/null +++ b/config/profiles/sway/default.nix @@ -0,0 +1,284 @@ +{ config, pkgs, lib, ... }: + +let colors = import ./colors.nix; +in { + config = lib.mkIf (lib.elem "sway" config.meta.deploy.profiles) { + fonts.fonts = with pkgs; [ + font-awesome + nerdfonts + iosevka + emacs-all-the-icons-fonts + ]; + users.users.kat.packages = with pkgs; [ grim slurp ]; + programs.sway.enable = true; + + systemd.user.services.mako = { + serviceConfig.ExecStart = "${pkgs.mako}/bin/mako"; + restartTriggers = + [ config.home-manager.users.kat.xdg.configFile."mako/config".source ]; + }; + + home-manager.users.kat = { + programs.kitty = { + enable = true; + font.name = "Iosevka Term"; + settings = { + font_size = "10.0"; + background = colors.black; + foreground = colors.white; + background_opacity = "0.8"; + selection_background = colors.white; + selection_foreground = colors.black; + url_color = colors.yellow; + cursor = colors.white; + active_border_color = "#75715e"; + active_tab_background = "#9900ff"; + active_tab_foreground = colors.white; + inactive_tab_background = "#3a3a3a"; + inactive_tab_foreground = "#665577"; + } // colors.base16; + }; + + programs.mako = { + enable = true; + defaultTimeout = 3000; + borderColor = colors.white; + backgroundColor = "${colors.black}70"; + textColor = colors.white; + }; + + wayland.windowManager.sway = { + enable = true; + config = let + dmenu = + "${pkgs.bemenu}/bin/bemenu --fn 'Iosevka 12' --nb '${colors.black}' --nf '${colors.white}' --sb '${colors.red}' --sf '${colors.white}' -l 5 -m -1 -i"; + lockCommand = "swaylock -i ${./middle.jpg} -s fill"; + cfg = config.home-manager.users.kat.wayland.windowManager.sway.config; + in { + bars = [{ command = "${pkgs.waybar}/bin/waybar"; }]; + + output = let + left = { + res = "1920x1080"; + pos = "0 0"; + bg = "${./left.jpg} fill"; + }; + middle = { + res = "1920x1080"; + pos = "1920 0"; + bg = "${./middle.jpg} fill"; + }; + right = { + res = "1920x1080"; + pos = "3840 0"; + bg = "${./right.jpg} fill"; + }; + in { + "DP-1" = left; + "DVI-D-1" = middle; + "HDMI-A-1" = right; + }; + + input = { + # "1739:0:Synaptics_TM3075-002" = { + # dwt = "enabled"; + # tap = "enabled"; + # natural_scroll = "enabled"; + # middle_emulation = "enabled"; + # click_method = "clickfinger"; + # }; + "*" = { + xkb_layout = "gb"; + # xkb_variant = "nodeadkeys"; + # xkb_options = "ctrl:nocaps"; + }; + }; + + fonts = [ "Iosevka Nerd Font 10" ]; + terminal = "${pkgs.kitty}/bin/kitty"; + # TODO: replace with wofi + menu = + "${pkgs.j4-dmenu-desktop}/bin/j4-dmenu-desktop --dmenu=\"${dmenu}\" --term='${cfg.terminal}'"; + modifier = "Mod4"; + + startup = [ + { + command = "systemctl --user restart mako"; + always = true; + } + { + command = + "${pkgs.swayidle}/bin/swayidle -w before-sleep '${lockCommand}'"; + } + ]; + + window = { + border = 1; + titlebar = true; + }; + + keybindings = { + "${cfg.modifier}+Return" = "exec ${cfg.terminal}"; + + "${cfg.modifier}+Left" = "focus left"; + "${cfg.modifier}+Down" = "focus down"; + "${cfg.modifier}+Up" = "focus up"; + "${cfg.modifier}+Right" = "focus right"; + + "${cfg.modifier}+Shift+Left" = "move left"; + "${cfg.modifier}+Shift+Down" = "move down"; + "${cfg.modifier}+Shift+Up" = "move up"; + "${cfg.modifier}+Shift+Right" = "move right"; + + "${cfg.modifier}+Shift+space" = "floating toggle"; + "${cfg.modifier}+space" = "focus mode_toggle"; + + "${cfg.modifier}+1" = "workspace 1"; + "${cfg.modifier}+2" = "workspace 2"; + "${cfg.modifier}+3" = "workspace 3"; + "${cfg.modifier}+4" = "workspace 4"; + "${cfg.modifier}+5" = "workspace 5"; + "${cfg.modifier}+6" = "workspace 6"; + "${cfg.modifier}+7" = "workspace 7"; + "${cfg.modifier}+8" = "workspace 8"; + "${cfg.modifier}+9" = "workspace 9"; + "${cfg.modifier}+0" = "workspace 10"; + + "${cfg.modifier}+Shift+1" = "move container to workspace 1"; + "${cfg.modifier}+Shift+2" = "move container to workspace 2"; + "${cfg.modifier}+Shift+3" = "move container to workspace 3"; + "${cfg.modifier}+Shift+4" = "move container to workspace 4"; + "${cfg.modifier}+Shift+5" = "move container to workspace 5"; + "${cfg.modifier}+Shift+6" = "move container to workspace 6"; + "${cfg.modifier}+Shift+7" = "move container to workspace 7"; + "${cfg.modifier}+Shift+8" = "move container to workspace 8"; + "${cfg.modifier}+Shift+9" = "move container to workspace 9"; + "${cfg.modifier}+Shift+0" = "move container to workspace 10"; + + "XF86AudioRaiseVolume" = + "exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') +5%"; + "XF86AudioLowerVolume" = + "exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') -5%"; + "XF86AudioMute" = + "exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/{print $3}') toggle"; + "XF86AudioMicMute" = + "exec pactl set-source-mute $(pacmd list-sources |awk '/* index:/{print $3}') toggle"; + "XF86MonBrightnessDown" = "exec ${pkgs.light}/bin/light -U 5"; + "XF86MonBrightnessUp" = "exec ${pkgs.light}/bin/light -A 5"; + "${cfg.modifier}+Print" = + "exec ${pkgs.bash}/bin/bash -c '~/.local/bin/elixiremanager.sh -w'"; + + "${cfg.modifier}+d" = "exec ${cfg.menu}"; + "${cfg.modifier}+x" = "exec ${lockCommand}"; + + "${cfg.modifier}+i" = "move workspace to output left"; + "${cfg.modifier}+o" = "move workspace to output left"; + "${cfg.modifier}+b" = "splith"; + "${cfg.modifier}+v" = "splitv"; + "${cfg.modifier}+s" = "layout stacking"; + "${cfg.modifier}+w" = "layout tabbed"; + "${cfg.modifier}+e" = "layout toggle split"; + "${cfg.modifier}+f" = "fullscreen"; + + "${cfg.modifier}+Shift+q" = "kill"; + "${cfg.modifier}+Shift+c" = "reload"; + + "${cfg.modifier}+r" = "mode resize"; + "${cfg.modifier}+Delete" = '' + mode "System (l) lock, (e) logout, (s) suspend, (h) hibernate, (r) reboot, (Shift+s) shutdown"''; + }; + + # keycodebindings = { + # "--no-repeat 107" = "exec dbus-send --session --type=method_call --dest=net.sourceforge.mumble.mumble / net.sourceforge.mumble.Mumble.startTalking"; + # "--release 107" = "exec dbus-send --session --type=method_call --dest=net.sourceforge.mumble.mumble / net.sourceforge.mumble.Mumble.stopTalking"; + # }; + + modes = { + "System (l) lock, (e) logout, (s) suspend, (h) hibernate, (r) reboot, (Shift+s) shutdown" = + { + "l" = "exec ${lockCommand}, mode default"; + "e" = "exec swaymsg exit, mode default"; + "s" = "exec systemctl suspend, mode default"; + "h" = "exec systemctl hibernate, mode default"; + "r" = "exec systemctl reboot, mode default"; + "Shift+s" = "exec systemctl shutdown, mode default"; + "Return" = "mode default"; + "Escape" = "mode default"; + }; + }; + + colors = { + focused = { + border = colors.bright.black; + background = colors.yellow; + text = colors.black; + indicator = colors.green; + childBorder = colors.bright.black; + }; + focusedInactive = { + border = colors.bright.black; + background = colors.bright.green; + text = colors.black; + indicator = colors.green; + childBorder = colors.bright.black; + }; + unfocused = { + border = colors.bright.black; + background = colors.black; + text = colors.bright.black; + indicator = colors.bright.black; + childBorder = colors.bright.black; + }; + urgent = { + border = colors.bright.black; + background = colors.bright.red; + text = colors.black; + indicator = colors.red; + childBorder = colors.bright.black; + }; + }; + }; + wrapperFeatures.gtk = true; + extraConfig = '' + seat seat0 xcursor_theme breeze_cursors 20 + ''; + }; + programs.waybar = { + enable = true; + # style = '' + # * { + # font-family: "Iosevka"; + # } + # ''; + settings = [{ + modules-left = [ "sway/workspaces" "sway/mode" ]; + modules-center = [ "sway/window" ]; + modules-right = [ + "pulseaudio" + "network" + "cpu" + "memory" + "temperature" + "clock" + "tray" + ]; + + modules = { + pulseaudio = { + format = "{volume}%"; + on-click = "pavucontrol"; + }; + network = { + format-wifi = "{essid} ({signalStrength}%) "; + format-ethernet = "{ifname}: {ipaddr}/{cidr} "; + format-linked = "{ifname} (No IP) "; + format-disconnected = "Disconnected ⚠"; + format-alt = "{ifname}: {ipaddr}/{cidr}"; + }; + clock = { format = "{:%A, %F %T %Z}"; }; + }; + }]; + }; + }; + }; +} diff --git a/configuration/profiles/sway/left.jpg b/config/profiles/sway/left.jpg similarity index 100% rename from configuration/profiles/sway/left.jpg rename to config/profiles/sway/left.jpg diff --git a/configuration/profiles/sway/middle.jpg b/config/profiles/sway/middle.jpg similarity index 100% rename from configuration/profiles/sway/middle.jpg rename to config/profiles/sway/middle.jpg diff --git a/configuration/profiles/sway/right.jpg b/config/profiles/sway/right.jpg similarity index 100% rename from configuration/profiles/sway/right.jpg rename to config/profiles/sway/right.jpg diff --git a/config/profiles/yubikey/default.nix b/config/profiles/yubikey/default.nix new file mode 100644 index 00000000..9bc639f9 --- /dev/null +++ b/config/profiles/yubikey/default.nix @@ -0,0 +1,12 @@ +{ config, lib, pkgs, ... }: { + config = lib.mkIf (lib.elem "yubikey" config.meta.deploy.profiles) { + services.pcscd.enable = true; + services.udev.packages = [ pkgs.yubikey-personalization ]; + + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + pinentryFlavor = "curses"; + }; + }; +} diff --git a/config/services/zfs.nix b/config/services/zfs.nix new file mode 100644 index 00000000..2ab45c2d --- /dev/null +++ b/config/services/zfs.nix @@ -0,0 +1,8 @@ +{ config, lib, pkgs, ... }: + +{ + services.zfs = { + autoScrub.enable = true; + autoSnapshot.enable = true; + }; +} diff --git a/config/users/default.nix b/config/users/default.nix new file mode 100644 index 00000000..a94f2edf --- /dev/null +++ b/config/users/default.nix @@ -0,0 +1,5 @@ +{ ... }: + +{ + imports = [ ./kat ]; +} diff --git a/configuration/profiles/common/users.nix b/config/users/kat/default.nix similarity index 87% rename from configuration/profiles/common/users.nix rename to config/users/kat/default.nix index 3ab903f3..2fa1bd2a 100644 --- a/configuration/profiles/common/users.nix +++ b/config/users/kat/default.nix @@ -1,15 +1,6 @@ { config, pkgs, ... }: { - users.users.root = { - openssh.authorizedKeys.keys = with pkgs.lib; - concatLists (mapAttrsToList (name: user: - if elem "wheel" user.extraGroups then - user.openssh.authorizedKeys.keys - else - [ ]) config.users.users); - }; - users.users.kat = { uid = 1000; isNormalUser = true; @@ -23,8 +14,6 @@ home-manager.useGlobalPkgs = true; home-manager.users.kat = { - programs.firefox = { enable = true; }; - programs.fish = { enable = true; plugins = [{ diff --git a/configuration/hosts/default.nix b/configuration/hosts/default.nix deleted file mode 100644 index ff03f9e5..00000000 --- a/configuration/hosts/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -let - hosts = { - yule = { - ssh.host = "kat@yule"; - groups = [ "laptop" "personal" "graphical" ]; - }; - beltane = { - ssh.host = "kat@beltane"; - groups = [ "server" "personal" ]; - }; - samhain = { - ssh.host = "kat@samhain"; - groups = [ "desktop" "personal" "graphical" ]; - }; - litha = { - ssh.host = "root@litha"; - groups = [ "laptop" "personal" "graphical" ]; - }; - mabon = { - ssh.host = "root@192.168.1.218"; - groups = [ "laptop" "personal" "graphical" ]; - }; - }; - pkgs = import { }; - evalConfig = import ; - lib = pkgs.lib; -in lib.mapAttrs (name: host: - host // { - config = if (host ? config) then - host.config - else - (evalConfig { - modules = [ (import "${toString ./.}/${name}/configuration.nix") ]; - }).config; - }) hosts diff --git a/configuration/hosts/litha/configuration.nix b/configuration/hosts/litha/configuration.nix deleted file mode 100644 index 41285ffe..00000000 --- a/configuration/hosts/litha/configuration.nix +++ /dev/null @@ -1,28 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ../../profiles/common - ../../profiles/desktop - ../../profiles/xfce - ../../profiles/network - ../../profiles/yubikey - ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "litha"; - - networking.useDHCP = false; - networking.interfaces.enp34s0.useDHCP = true; - - system.stateVersion = "20.09"; - -} diff --git a/configuration/hosts/litha/hardware-configuration.nix b/configuration/hosts/litha/hardware-configuration.nix deleted file mode 100644 index 43ec6ed0..00000000 --- a/configuration/hosts/litha/hardware-configuration.nix +++ /dev/null @@ -1,29 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = - [ "xhci_pci" "usb_storage" "sd_mod" "sdhci_acpi" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/fa06ba90-ffc9-4ca6-b1cf-1205340a975e"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/BF39-2AA3"; - fsType = "vfat"; - }; - - swapDevices = - [{ device = "/dev/disk/by-uuid/9c88235e-9705-4b80-a988-e95eda06124f"; }]; - - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; -} diff --git a/configuration/hosts/yule/hardware-configuration.nix b/configuration/hosts/yule/hardware-configuration.nix deleted file mode 100644 index dbf2024a..00000000 --- a/configuration/hosts/yule/hardware-configuration.nix +++ /dev/null @@ -1,33 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "zpool/safe/root"; - fsType = "zfs"; - }; - - fileSystems."/home" = { - device = "zpool/safe/home"; - fsType = "zfs"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/4683-4139"; - fsType = "vfat"; - }; - - swapDevices = - [{ device = "/dev/disk/by-uuid/7e6f47fd-bedb-4012-8072-5e3a556e2f45"; }]; - -} diff --git a/configuration/profiles/chat/default.nix b/configuration/profiles/chat/default.nix deleted file mode 100644 index e69de29b..00000000 diff --git a/configuration/profiles/desktop/default.nix b/configuration/profiles/desktop/default.nix deleted file mode 100644 index 5065e3d7..00000000 --- a/configuration/profiles/desktop/default.nix +++ /dev/null @@ -1,89 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - nixpkgs-master = import - (fetchTarball "https://github.com/NixOS/nixpkgs/archive/master.tar.gz") { - config.allowUnfree = true; - }; -in { - nixpkgs.config = { mumble.speechdSupport = true; }; - - environment.systemPackages = [ pkgs.redshift ]; - - home-manager.users.kat = { - home.packages = [ - pkgs._1password - pkgs.mpv - pkgs.mumble - pkgs.obs-studio - pkgs.avidemux - pkgs.vlc - nixpkgs-master.syncplay - nixpkgs-master.youtube-dl - nixpkgs-master.google-chrome - pkgs.v4l-utils - pkgs.transmission-gtk - pkgs.jdk11 - pkgs.lm_sensors - nixpkgs-master.discord - pkgs.tdesktop - pkgs.dino - pkgs.vegur - pkgs.nitrogen - pkgs.terminator - pkgs.appimage-run - pkgs.gparted - pkgs.scrot - pkgs.gimp-with-plugins - pkgs.vscode - pkgs.cryptsetup - pkgs.neofetch - pkgs.htop - ]; - - programs.fish = { interactiveShellInit = "set -g fish_greeting ''"; }; - - services.kdeconnect = { - enable = true; - indicator = true; - }; - - services.redshift = { - enable = true; - latitude = "51.5074"; - longitude = "0.1278"; - }; - - gtk = { - enable = true; - iconTheme = { - name = "Numix-Square"; - package = pkgs.numix-icon-theme-square; - }; - theme = { - name = "Arc"; - package = pkgs.arc-theme; - }; - }; - }; - - fonts.fontconfig.enable = true; - fonts.fonts = [ pkgs.nerdfonts pkgs.corefonts ]; - - # KDE Connect - networking.firewall = { - allowedTCPPortRanges = [{ - from = 1714; - to = 1764; - }]; - allowedUDPPortRanges = [{ - from = 1714; - to = 1764; - }]; - }; - - sound.enable = true; - hardware.pulseaudio.enable = true; - hardware.opengl.enable = true; - services.xserver.libinput.enable = true; -} diff --git a/configuration/profiles/development/default.nix b/configuration/profiles/development/default.nix deleted file mode 100644 index 078c62b8..00000000 --- a/configuration/profiles/development/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - - environment.systemPackages = let - python-env = python-packages: - with pkgs.python38Packages; [ - pip - setuptools - psutil - ]; - python-with-env = pkgs.python3.withPackages python-env; - in [ pkgs.php pkgs.php74Packages.composer2 python-with-env ]; - - home-manager.users.kat = { - programs.go.enable = true; - - programs.fish = { - interactiveShellInit = '' - set fish_user_paths $fish_user_paths $HOME/.config/composer/vendor/bin - ''; - }; - - home.packages = [ - pkgs.jetbrains.clion - pkgs.jetbrains.idea-ultimate - pkgs.jetbrains.goland - pkgs.jetbrains.phpstorm - pkgs.nixfmt - pkgs.carnix - pkgs.rustup - pkgs.gcc - ]; - }; -} diff --git a/configuration/profiles/gaming/default.nix b/configuration/profiles/gaming/default.nix deleted file mode 100644 index 435f3ec7..00000000 --- a/configuration/profiles/gaming/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, lib, pkgs, ... }: { - hardware.opengl.driSupport32Bit = true; - hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; - hardware.pulseaudio.support32Bit = true; - - home-manager.users.kat = { home.packages = [ pkgs.lutris pkgs.steam-run ]; }; -} diff --git a/configuration/profiles/gnome/default.nix b/configuration/profiles/gnome/default.nix deleted file mode 100644 index 0509acf4..00000000 --- a/configuration/profiles/gnome/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ config, lib, pkgs, ... }: { - services.xserver.enable = true; - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome3.enable = true; - - home-manager.users.kat = { - home.packages = [ - pkgs.dconf2nix - pkgs.gnome3.gnome-tweak-tool - pkgs.gnomeExtensions.caffeine - pkgs.gnomeExtensions.emoji-selector - pkgs.gnomeExtensions.dash-to-panel - pkgs.gnomeExtensions.appindicator - pkgs.gnomeExtensions.dash-to-dock - pkgs.gnomeExtensions.arc-menu - pkgs.pcmanfm - pkgs.xfce.thunar - pkgs.xfce.thunar-volman - ]; - }; - - services.gvfs = { - enable = true; - package = pkgs.gnome3.gvfs; - }; -} diff --git a/configuration/profiles/media/default.nix b/configuration/profiles/media/default.nix deleted file mode 100644 index e69de29b..00000000 diff --git a/configuration/profiles/network/default.nix b/configuration/profiles/network/default.nix deleted file mode 100644 index 7d8ad621..00000000 --- a/configuration/profiles/network/default.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ config, lib, pkgs, ... }: { - networking = { - networkmanager.enable = true; - resolvconf.useLocalResolver = true; - networkmanager.dns = "none"; - }; - - services.dnscrypt-proxy2 = { - enable = true; - settings = { - ipv6_servers = true; - require_dnssec = true; - - sources.public-resolvers = { - urls = [ - "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md" - "https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md" - ]; - cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md"; - minisign_key = - "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; - }; - - # You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v2/public-resolvers.md - server_names = [ - "acsacsar-ams-ipv4" - "acsacsar-ams-ipv6" - "dnscrypt.eu-dk" - "dnscrypt.eu-dk-ipv6" - "dnscrypt.eu-nl" - "dnscrypt.eu-nl-ipv6" - "meganerd" - "meganerd-ipv6" - ]; - }; - }; - - systemd.services.dnscrypt-proxy2.serviceConfig = { - StateDirectory = "dnscrypt-proxy2"; - }; -} diff --git a/configuration/profiles/sway/default.nix b/configuration/profiles/sway/default.nix deleted file mode 100644 index d6a5688f..00000000 --- a/configuration/profiles/sway/default.nix +++ /dev/null @@ -1,253 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - colors = import ./colors.nix; -in { -fonts.fonts = with pkgs; [ font-awesome nerdfonts iosevka emacs-all-the-icons-fonts ]; -users.users.kat.packages = with pkgs; [ ]; -programs.sway.enable = true; - -systemd.user.services.mako = { - serviceConfig.ExecStart = "${pkgs.mako}/bin/mako"; - restartTriggers = [ - config.home-manager.users.kat.xdg.configFile."mako/config".source - ]; -}; - -home-manager.users.kat = { - programs.kitty = { - enable = true; - font.name = "Iosevka Term"; - settings = { - font_size = "10.0"; - background = colors.black; - foreground = colors.white; - background_opacity = "0.8"; - selection_background = colors.white; - selection_foreground = colors.black; - url_color = colors.yellow; - cursor = colors.white; - active_border_color = "#75715e"; - active_tab_background = "#9900ff"; - active_tab_foreground = colors.white; - inactive_tab_background = "#3a3a3a"; - inactive_tab_foreground = "#665577"; - } // colors.base16; - }; - - programs.mako = { - enable = true; - defaultTimeout = 3000; - borderColor = colors.white; - backgroundColor = "${colors.black}70"; - textColor = colors.white; - }; - wayland.windowManager.sway = { - enable = true; - config = let - dmenu = "${pkgs.bemenu}/bin/bemenu --fn 'Iosevka 12' --nb '${colors.black}' --nf '${colors.white}' --sb '${colors.red}' --sf '${colors.white}' -l 5 -m 0 -i"; - lockCommand = "swaylock -i ${./middle.jpg} -s fill"; - cfg = config.home-manager.users.kat.wayland.windowManager.sway.config; - in { - bars = [{ command = "${pkgs.waybar}/bin/waybar"; }]; - - output = let - left = { - res = "1920x1080"; - pos = "0 0"; - bg = "${./left.jpg} fill"; - }; - middle = { - res = "1920x1080"; - pos = "1920 0"; - bg = "${./middle.jpg} fill"; - }; - right = { - res = "1920x1080"; - pos = "3840 0"; - bg = "${./right.jpg} fill"; - }; - in { - "DP-1" = left; - "DVI-D-1" = middle; - "HDMI-A-1" = right; - }; - - input = { - # "1739:0:Synaptics_TM3075-002" = { - # dwt = "enabled"; - # tap = "enabled"; - # natural_scroll = "enabled"; - # middle_emulation = "enabled"; - # click_method = "clickfinger"; - # }; - "*" = { - xkb_layout = "gb"; - # xkb_variant = "nodeadkeys"; - # xkb_options = "ctrl:nocaps"; - }; - }; - - fonts = [ "Iosevka Nerd Font 10" ]; - terminal = "${pkgs.kitty}/bin/kitty"; - # TODO: replace with wofi - menu = "${pkgs.j4-dmenu-desktop}/bin/j4-dmenu-desktop --dmenu=\"${dmenu}\" --term='${cfg.terminal}'"; - modifier = "Mod4"; - - startup = [ - { command = "systemctl --user restart mako"; always = true; } - { command = "${pkgs.swayidle}/bin/swayidle -w before-sleep '${lockCommand}'"; } - ]; - - window = { - border = 1; - titlebar = true; - }; - - keybindings = { - "${cfg.modifier}+Return" = "exec ${cfg.terminal}"; - - "${cfg.modifier}+Left" = "focus left"; - "${cfg.modifier}+Down" = "focus down"; - "${cfg.modifier}+Up" = "focus up"; - "${cfg.modifier}+Right" = "focus right"; - - "${cfg.modifier}+Shift+Left" = "move left"; - "${cfg.modifier}+Shift+Down" = "move down"; - "${cfg.modifier}+Shift+Up" = "move up"; - "${cfg.modifier}+Shift+Right" = "move right"; - - "${cfg.modifier}+Shift+space" = "floating toggle"; - "${cfg.modifier}+space" = "focus mode_toggle"; - - "${cfg.modifier}+1" = "workspace 1"; - "${cfg.modifier}+2" = "workspace 2"; - "${cfg.modifier}+3" = "workspace 3"; - "${cfg.modifier}+4" = "workspace 4"; - "${cfg.modifier}+5" = "workspace 5"; - "${cfg.modifier}+6" = "workspace 6"; - "${cfg.modifier}+7" = "workspace 7"; - "${cfg.modifier}+8" = "workspace 8"; - "${cfg.modifier}+9" = "workspace 9"; - "${cfg.modifier}+0" = "workspace 10"; - - "${cfg.modifier}+Shift+1" = "move container to workspace 1"; - "${cfg.modifier}+Shift+2" = "move container to workspace 2"; - "${cfg.modifier}+Shift+3" = "move container to workspace 3"; - "${cfg.modifier}+Shift+4" = "move container to workspace 4"; - "${cfg.modifier}+Shift+5" = "move container to workspace 5"; - "${cfg.modifier}+Shift+6" = "move container to workspace 6"; - "${cfg.modifier}+Shift+7" = "move container to workspace 7"; - "${cfg.modifier}+Shift+8" = "move container to workspace 8"; - "${cfg.modifier}+Shift+9" = "move container to workspace 9"; - "${cfg.modifier}+Shift+0" = "move container to workspace 10"; - - "XF86AudioRaiseVolume" = "exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') +5%"; - "XF86AudioLowerVolume" = "exec pactl set-sink-volume $(pacmd list-sinks |awk '/* index:/{print $3}') -5%"; - "XF86AudioMute" = "exec pactl set-sink-mute $(pacmd list-sinks |awk '/* index:/{print $3}') toggle"; - "XF86AudioMicMute" = "exec pactl set-source-mute $(pacmd list-sources |awk '/* index:/{print $3}') toggle"; - "XF86MonBrightnessDown" = "exec ${pkgs.light}/bin/light -U 5"; - "XF86MonBrightnessUp" = "exec ${pkgs.light}/bin/light -A 5"; - "${cfg.modifier}+Print" = "exec ${pkgs.bash}/bin/bash -c '~/.local/bin/elixiremanager.sh -w'"; - - "${cfg.modifier}+d" = "exec ${cfg.menu}"; - "${cfg.modifier}+x" = "exec ${lockCommand}"; - - "${cfg.modifier}+i" = "move workspace to output left"; - "${cfg.modifier}+o" = "move workspace to output left"; - "${cfg.modifier}+b" = "splith"; - "${cfg.modifier}+v" = "splitv"; - "${cfg.modifier}+s" = "layout stacking"; - "${cfg.modifier}+w" = "layout tabbed"; - "${cfg.modifier}+e" = "layout toggle split"; - "${cfg.modifier}+f" = "fullscreen"; - - "${cfg.modifier}+Shift+q" = "kill"; - "${cfg.modifier}+Shift+c" = "reload"; - - "${cfg.modifier}+r" = "mode resize"; - "${cfg.modifier}+Delete" = "mode \"System (l) lock, (e) logout, (s) suspend, (h) hibernate, (r) reboot, (Shift+s) shutdown\""; - }; - - # keycodebindings = { - # "--no-repeat 107" = "exec dbus-send --session --type=method_call --dest=net.sourceforge.mumble.mumble / net.sourceforge.mumble.Mumble.startTalking"; - # "--release 107" = "exec dbus-send --session --type=method_call --dest=net.sourceforge.mumble.mumble / net.sourceforge.mumble.Mumble.stopTalking"; - # }; - - modes = { - "System (l) lock, (e) logout, (s) suspend, (h) hibernate, (r) reboot, (Shift+s) shutdown" = { - "l" = "exec ${lockCommand}, mode default"; - "e" = "exec swaymsg exit, mode default"; - "s" = "exec systemctl suspend, mode default"; - "h" = "exec systemctl hibernate, mode default"; - "r" = "exec systemctl reboot, mode default"; - "Shift+s" = "exec systemctl shutdown, mode default"; - "Return" = "mode default"; - "Escape" = "mode default"; - }; - }; - - colors = { - focused = { - border = colors.bright.black; - background = colors.bright.green; - text = colors.black; - indicator = colors.green; - childBorder = colors.bright.black; - }; - focusedInactive = { - border = colors.bright.black; - background = colors.green; - text = colors.black; - indicator = colors.green; - childBorder = colors.bright.black; - }; - unfocused = { - border = colors.bright.black; - background = colors.black; - text = colors.bright.black; - indicator = colors.bright.black; - childBorder = colors.bright.black; - }; - urgent = { - border = colors.bright.black; - background = colors.bright.red; - text = colors.black; - indicator = colors.red; - childBorder = colors.bright.black; - }; - }; - }; - wrapperFeatures.gtk = true; - extraConfig = '' - seat seat0 xcursor_theme breeze_cursors 20 - ''; - }; - programs.waybar = { - enable = true; - # style = '' - # * { - # font-family: "Iosevka"; - # } - # ''; - settings = [{ - modules-left = [ "sway/workspaces" "sway/mode" ]; - modules-center = [ "sway/window" ]; - modules-right = [ "pulseaudio" "network" "cpu" "memory" "temperature" "clock" "tray" ]; - - modules = { - network = { - format-wifi = "{essid} ({signalStrength}%) "; - format-ethernet = "{ifname}: {ipaddr}/{cidr} "; - format-linked = "{ifname} (No IP) "; - format-disconnected = "Disconnected ⚠"; - format-alt = "{ifname}: {ipaddr}/{cidr}"; - }; - clock = { - format = "{:%F %T %Z}"; - }; - }; - }]; - }; -}; -} diff --git a/configuration/profiles/xfce/default.nix b/configuration/profiles/xfce/default.nix deleted file mode 100644 index 78e9a56d..00000000 --- a/configuration/profiles/xfce/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, ... }: { - services.xserver.enable = true; - services.xserver.displayManager.lightdm.enable = true; - services.xserver.desktopManager.xfce.enable = true; - services.gvfs = { - enable = true; - package = lib.mkForce pkgs.gnome3.gvfs; - }; - - environment.systemPackages = [ - pkgs.xfce.xfce4-terminal - pkgs.xfce.thunar - pkgs.xfce.orage - pkgs.xfce.xfce4-battery-plugin - pkgs.xfce.xfce4-sensors-plugin - pkgs.xfce.xfce4-weather-plugin - pkgs.xfce.xfce4-pulseaudio-plugin - pkgs.xfce.xfce4-whiskermenu-plugin - pkgs.xfce.xfce4-genmon-plugin - pkgs.xfce.xfce4-screenshooter - pkgs.xfce.thunar-volman - ]; -} diff --git a/configuration/profiles/yubikey/default.nix b/configuration/profiles/yubikey/default.nix deleted file mode 100644 index d24aec07..00000000 --- a/configuration/profiles/yubikey/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, lib, pkgs, ... }: { - services.pcscd.enable = true; - services.udev.packages = [ pkgs.yubikey-personalization ]; - - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - pinentryFlavor = "curses"; - }; -} diff --git a/default.nix b/default.nix index e85a0237..03f9ef9c 100644 --- a/default.nix +++ b/default.nix @@ -1,4 +1,13 @@ -{ - inherit (import ./lib/deploy.nix) deploy; - pkgs = import ./pkgs; +let + pkgs = import ./pkgs { }; + hosts = import ./lib/hosts.nix { inherit pkgs; }; +in { + inherit pkgs; + inherit (pkgs) lib; + inherit (hosts) hosts profiles; + deploy = import ./lib/deploy.nix { + inherit pkgs; + inherit (hosts) hosts profiles; + }; + sources = import ./nix/sources.nix; } diff --git a/lib/deploy.nix b/lib/deploy.nix index 3b193479..18f7bda0 100644 --- a/lib/deploy.nix +++ b/lib/deploy.nix @@ -1,74 +1,18 @@ -let - pkgs = import { }; - lib = pkgs.lib; +{ pkgs, hosts, profiles }: - hosts = import ../configuration/hosts; - nixosHosts = lib.filterAttrs (name: host: host ? ssh) hosts; +with pkgs.lib; - allGroups = lib.unique - (lib.flatten (lib.mapAttrsToList (name: host: host.groups) hosts)); - - hostsInGroup = group: - lib.filterAttrs (k: v: builtins.elem group v.groups) hosts; - - hostsInAllGroups = lib.listToAttrs - (map (group: lib.nameValuePair group (lib.attrNames (hostsInGroup group))) - allGroups); - - mkDeploy = hostnames: - pkgs.writeScript "deploy-${lib.concatStringsSep "-" hostnames}" '' - #!${pkgs.stdenv.shell} - set -e -o pipefail - export PATH=/run/wrappers/bin/:${ - with pkgs; - lib.makeBinPath [ - coreutils - openssh - nix - gnutar - findutils - nettools - gzip - git - ] - } - - MODE=$1 - shift || true - ARGS=$@ - - [ "$MODE" == "" ] && MODE="switch" - - ${lib.concatMapStrings (hostname: - let - hostAttrs = nixosHosts.${hostname}; - nixosSystem = (import { - modules = [ - "${toString ../configuration}/hosts/${hostname}/configuration.nix" - ]; - system = - if hostAttrs ? system then hostAttrs.system else "x86_64-linux"; - }).config.system.build.toplevel; - in '' - ( - echo "deploying ${hostname}..." - nix copy --no-check-sigs --to ssh://${hostAttrs.ssh.host} ${nixosSystem} - ssh $NIX_SSHOPTS ${hostAttrs.ssh.host} "sudo nix-env -p /nix/var/nix/profiles/system -i ${nixosSystem}" - ssh $NIX_SSHOPTS ${hostAttrs.ssh.host} "sudo /nix/var/nix/profiles/system/bin/switch-to-configuration $MODE" - ) & - PID_LIST+=" $!" - '') hostnames} - - echo "deploys started, waiting for them to finish..." - - trap "kill $PID_LIST" SIGINT - wait $PID_LIST - ''; - -in { - deploy = - (lib.mapAttrs (hostname: hostAttrs: mkDeploy [ hostname ]) nixosHosts) - // (lib.mapAttrs (group: hosts: mkDeploy hosts) hostsInAllGroups) // { - all = mkDeploy (lib.attrNames nixosHosts); - }; -} +(mapAttrs (name: hosts: + pkgs.writeScript "deploy-profile-${name}" '' + #!${pkgs.runtimeShell} + export PATH= + ${concatMapStrings (host: '' + echo "deploying ${host.config.networking.hostName}..." + ${host.config.system.build.deployScript} $1 & + PID_LIST+=" $!" + '') hosts} + # FIXME: remove jobs from PIDLIST once they finish + trap "kill $PID_LIST" SIGINT + wait $PID_LIST + '') profiles) +// (mapAttrs (name: host: host.config.system.build.deployScript) hosts) diff --git a/lib/hosts.nix b/lib/hosts.nix new file mode 100644 index 00000000..32fb91e8 --- /dev/null +++ b/lib/hosts.nix @@ -0,0 +1,34 @@ +{ pkgs, hostsDir ? ../config/hosts +, commonImports ? [ ../config/profiles/common ../modules ], pkgsPath ? ../pkgs +}: + +with pkgs.lib; + +rec { + hostNames = attrNames + (filterAttrs (name: type: type == "directory") (builtins.readDir hostsDir)); + + hostConfig = hostName: + { config, ... }: { + _module.args = { inherit hosts profiles; }; + imports = [ + (import (hostsDir + "/${hostName}/configuration.nix")) + ../modules/deploy + ] ++ commonImports; + networking = { inherit hostName; }; + nixpkgs.pkgs = import pkgsPath { inherit (config.nixpkgs) config; }; + }; + + hosts = listToAttrs (map (hostName: + nameValuePair hostName + (import (pkgs.path + "/nixos") { configuration = hostConfig hostName; })) + hostNames); + + profileNames = unique (concatLists + (mapAttrsToList (name: host: host.config.meta.deploy.profiles) hosts)); + + profiles = listToAttrs (map (profileName: + nameValuePair profileName + (filter (host: elem profileName host.config.meta.deploy.profiles) + (attrValues hosts))) profileNames); +} diff --git a/modules/default.nix b/modules/default.nix index adc92a0c..c15550ae 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,5 +1,5 @@ { ... }: { - imports = [ ]; + imports = [ ./deploy ]; } diff --git a/modules/deploy/default.nix b/modules/deploy/default.nix new file mode 100644 index 00000000..4b4a191e --- /dev/null +++ b/modules/deploy/default.nix @@ -0,0 +1,49 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let cfg = config.meta.deploy; + +in { + options = { + meta.deploy = { + enable = mkOption { + type = types.bool; + default = true; + }; + ssh.host = mkOption { + type = types.str; + default = "${config.networking.hostName}.${config.networking.domain}"; + }; + ssh.port = mkOption { + type = types.int; + default = head config.services.openssh.ports; + }; + substitute = mkOption { + type = types.bool; + default = true; + }; + profiles = mkOption { + type = with types; listOf str; + default = [ ]; + }; + }; + }; + + config = mkIf cfg.enable { + meta.deploy.profiles = [ "all" ]; + + system.build.deployScript = + pkgs.writeScript "deploy-${config.networking.hostName}" '' + #!${pkgs.runtimeShell} + set -xeo pipefail + export PATH=${with pkgs; lib.makeBinPath [ coreutils openssh nix ]} + export NIX_SSHOPTS="$NIX_SSHOPTS -p${toString cfg.ssh.port}" + nix copy ${ + if cfg.substitute then "-s" else "" + } --no-check-sigs --to ssh://${cfg.ssh.host} ${config.system.build.toplevel} + ssh $NIX_SSHOPTS ${cfg.ssh.host} "sudo nix-env -p /nix/var/nix/profiles/system -i ${config.system.build.toplevel}" + ssh $NIX_SSHOPTS ${cfg.ssh.host} "sudo /nix/var/nix/profiles/system/bin/switch-to-configuration $1" + ''; + }; +} diff --git a/nix/sources.json b/nix/sources.json new file mode 100644 index 00000000..7188e799 --- /dev/null +++ b/nix/sources.json @@ -0,0 +1,73 @@ +{ + "home-manager": { + "branch": "release-20.09", + "description": "Manage a user environment using Nix [maintainer=@rycee] ", + "homepage": "https://nix-community.github.io/home-manager/", + "owner": "nix-community", + "repo": "home-manager", + "rev": "22f6736e628958f05222ddaadd7df7818fe8f59d", + "sha256": "1j4hyjd3kgvwym5jjazzyn554ngrm05ca9wl1a7z1bid22asr99p", + "type": "tarball", + "url": "https://github.com/nix-community/home-manager/archive/22f6736e628958f05222ddaadd7df7818fe8f59d.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, + "niv": { + "branch": "master", + "description": "Easy dependency management for Nix projects", + "homepage": "https://github.com/nmattia/niv", + "owner": "nmattia", + "repo": "niv", + "rev": "3cd7914b2c4cff48927e11c216dadfab7d903fe5", + "sha256": "1agq4nvbhrylf2s77kb4xhh9k7xcwdwggq764k4jgsbs70py8cw3", + "type": "tarball", + "url": "https://github.com/nmattia/niv/archive/3cd7914b2c4cff48927e11c216dadfab7d903fe5.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, + "nixos-mailserver": { + "ref": "nixos-20.09", + "repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver", + "rev": "fb1cc04c0a517d4200237b02c3472bcaf9104afb", + "sha256": "0vsvgxxg5cgmzwj98171j7h5l028f1yq784alb3lxgbk8znfk51y", + "type": "tarball", + "url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/fb1cc04c0a517d4200237b02c3472bcaf9104afb/nixos-mailserver-fb1cc04c0a517d4200237b02c3472bcaf9104afb.tar.gz", + "url_template": "/-/archive/.tar.gz" + }, + "nixpkgs": { + "branch": "release-20.09", + "description": "Nix Packages collection", + "homepage": "", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "cacb9ac7a5157363a91a1dfb31607024db3bb717", + "sha256": "136lc1lsahv03aqbp36xiszfrsi86dhw56dvzi72iczci7bvz4p2", + "type": "tarball", + "url": "https://github.com/nixos/nixpkgs/archive/cacb9ac7a5157363a91a1dfb31607024db3bb717.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, + "nixpkgs-unstable": { + "branch": "nixos-unstable-small", + "description": "Nix Packages collection", + "homepage": "", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ec334a1b01c491faa3463c96717b71921dddef2c", + "sha256": "0rcsqnnbaqrl010lv0cnvckimng2w3agm675c3dvcfvxyqlc2z2k", + "type": "tarball", + "url": "https://github.com/nixos/nixpkgs/archive/ec334a1b01c491faa3463c96717b71921dddef2c.tar.gz", + "url_template": "https://github.com///archive/.tar.gz" + }, + "pbb-nixfiles": { + "ref": "main", + "repo": "https://git.petabyte.dev/petabyteboy/nixfiles.git", + "rev": "0720c5dba283d782f2f887bf97aad339137d95dc", + "type": "git" + }, + "qyliss-nixlib": { + "repo": "https://git.qyliss.net/nixlib", + "rev": "e14330c5be9b005d4310cd4dc0d384cff882aedc", + "sha256": "0nan14ixhdzxxddnckqqhaxhr96yw08rgcmxssddhji6aq5a445j", + "type": "tarball", + "url": "https://git.qyliss.net/nixlib/snapshot/nixlib-e14330c5be9b005d4310cd4dc0d384cff882aedc.tar.gz", + "url_template": "https://git.qyliss.net/nixlib/snapshot/nixlib-.tar.gz" + } +} diff --git a/nix/sources.nix b/nix/sources.nix new file mode 100644 index 00000000..cde012b1 --- /dev/null +++ b/nix/sources.nix @@ -0,0 +1,169 @@ +# This file has been generated by Niv. + +let + + # + # The fetchers. fetch_ fetches specs of type . + # + + fetch_file = pkgs: spec: + if spec.builtin or true then + builtins_fetchurl { inherit (spec) url sha256; } + else + pkgs.fetchurl { inherit (spec) url sha256; }; + + fetch_tarball = pkgs: name: spec: + let + ok = str: !builtins.isNull (builtins.match "[a-zA-Z0-9+-._?=]" str); + # sanitize the name, though nix will still fail if name starts with period + name' = stringAsChars (x: if !ok x then "-" else x) "${name}-src"; + in if spec.builtin or true then + builtins_fetchTarball { + name = name'; + inherit (spec) url sha256; + } + else + pkgs.fetchzip { + name = name'; + inherit (spec) url sha256; + }; + + fetch_git = spec: + builtins.fetchGit { + url = spec.repo; + inherit (spec) rev ref; + }; + + fetch_local = spec: spec.path; + + fetch_builtin-tarball = name: + throw '' + [${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`. + $ niv modify ${name} -a type=tarball -a builtin=true''; + + fetch_builtin-url = name: + throw '' + [${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`. + $ niv modify ${name} -a type=file -a builtin=true''; + + # + # Various helpers + # + + # The set of packages used when specs are fetched using non-builtins. + mkPkgs = sources: + let + sourcesNixpkgs = + import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) + { }; + hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; + hasThisAsNixpkgsPath = == ./.; + in if builtins.hasAttr "nixpkgs" sources then + sourcesNixpkgs + else if hasNixpkgsPath && !hasThisAsNixpkgsPath then + import { } + else + abort '' + Please specify either (through -I or NIX_PATH=nixpkgs=...) or + add a package called "nixpkgs" to your sources.json. + ''; + + # The actual fetching function. + fetch = pkgs: name: spec: + + if !builtins.hasAttr "type" spec then + abort "ERROR: niv spec ${name} does not have a 'type' attribute" + else if spec.type == "file" then + fetch_file pkgs spec + else if spec.type == "tarball" then + fetch_tarball pkgs name spec + else if spec.type == "git" then + fetch_git spec + else if spec.type == "local" then + fetch_local spec + else if spec.type == "builtin-tarball" then + fetch_builtin-tarball name + else if spec.type == "builtin-url" then + fetch_builtin-url name + else + abort + "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; + + # If the environment variable NIV_OVERRIDE_${name} is set, then use + # the path directly as opposed to the fetched source. + replace = name: drv: + let + saneName = stringAsChars + (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; + ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; + in if ersatz == "" then drv else ersatz; + + # Ports of functions for older nix versions + + # a Nix version of mapAttrs if the built-in doesn't exist + mapAttrs = builtins.mapAttrs or (f: set: + with builtins; + listToAttrs (map (attr: { + name = attr; + value = f attr set.${attr}; + }) (attrNames set))); + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 + range = first: last: + if first > last then + [ ] + else + builtins.genList (n: first + n) (last - first + 1); + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 + stringToCharacters = s: + map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 + stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); + concatStrings = builtins.concatStringsSep ""; + + # fetchTarball version that is compatible between all the versions of Nix + builtins_fetchTarball = { url, name, sha256 }@attrs: + let inherit (builtins) lessThan nixVersion fetchTarball; + in if lessThan nixVersion "1.12" then + fetchTarball { inherit name url; } + else + fetchTarball attrs; + + # fetchurl version that is compatible between all the versions of Nix + builtins_fetchurl = { url, sha256 }@attrs: + let inherit (builtins) lessThan nixVersion fetchurl; + in if lessThan nixVersion "1.12" then + fetchurl { inherit url; } + else + fetchurl attrs; + + # Create the final "sources" from the config + mkSources = config: + mapAttrs (name: spec: + if builtins.hasAttr "outPath" spec then + abort + "The values in sources.json should not have an 'outPath' attribute" + else + spec // { outPath = replace name (fetch config.pkgs name spec); }) + config.sources; + + # The "config" used by the fetchers + mkConfig = { sourcesFile ? + if builtins.pathExists ./sources.json then ./sources.json else null + , sources ? if isNull sourcesFile then + { } + else + builtins.fromJSON (builtins.readFile sourcesFile), pkgs ? mkPkgs sources + }: rec { + # The sources, i.e. the attribute set of spec name to spec + inherit sources; + + # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers + inherit pkgs; + }; + +in mkSources (mkConfig { }) // { + __functor = _: settings: mkSources (mkConfig settings); +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 13e8b39b..de16518e 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,11 +1,24 @@ -{ nixpkgs ? , self, super, ... }: +{ config ? { }, system ? builtins.currentSystem, ... }@args: let - pkgs = import nixpkgs { }; + sources = import ../nix/sources.nix; + pkgs = import sources.nixpkgs args; + callPackage = pkgs.lib.callPackageWith (pkgs // newpkgs); - newpkgs = { - linuxPackagesFor = kernel: (super.linuxPackagesFor kernel).extend (_: ksuper: { - vendor-reset = (callPackage ./vendor-reset {kernel = ksuper.kernel;}).out; - }); + + newpkgs = { + dino = callPackage "${sources.qyliss-nixlib}/overlays/patches/dino" { + inherit (pkgs) dino; + }; + + linuxPackagesFor = kernel: + (pkgs.linuxPackagesFor kernel).extend (_: ksuper: { + vendor-reset = + (callPackage ./vendor-reset { kernel = ksuper.kernel; }).out; + }); + + inherit callPackage; + appendOverlays = overlays: (pkgs.appendOverlays overlays) // newpkgs; }; -in newpkgs + +in pkgs // newpkgs diff --git a/pkgs/vendor-reset/default.nix b/pkgs/vendor-reset/default.nix index e3f1c7b6..3e015eae 100644 --- a/pkgs/vendor-reset/default.nix +++ b/pkgs/vendor-reset/default.nix @@ -3,10 +3,10 @@ let version = "0.0.18"; rev = "765b05cdbd4de854c05f771c954ecee0e019d734"; - sha256 = "0ayn8128i0bfwzcmkn0x2alfplbsmvp0c63z56w11ywyysf342qw"; # TODO add this -in + sha256 = + "0ayn8128i0bfwzcmkn0x2alfplbsmvp0c63z56w11ywyysf342qw"; # TODO add this -stdenv.mkDerivation { +in stdenv.mkDerivation { name = "vendor-reset-${version}-${kernel.version}"; inherit version; @@ -32,4 +32,4 @@ stdenv.mkDerivation { description = "Vendor Reset kernel module"; homepage = "https://github.com/gnif/vendor-reset"; }; -} \ No newline at end of file +}