diff --git a/README.md b/README.md deleted file mode 100644 index 4ec9c62..0000000 --- a/README.md +++ /dev/null @@ -1 +0,0 @@ -NixOS configuration using nix flakes and home-manager diff --git a/README.txt b/README.txt new file mode 100644 index 0000000..2cfe2fe --- /dev/null +++ b/README.txt @@ -0,0 +1,3 @@ +NixOS configuration using nix flakes and home-manager + +Main repository found at: https://git.project-cloud.net/asmir/nixos_flake_config diff --git a/blue/configuration.nix b/blue/configuration.nix index a92c14e..d4757d8 100644 --- a/blue/configuration.nix +++ b/blue/configuration.nix @@ -1,6 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, diff --git a/common/packages.nix b/common/packages.nix index e73131c..a7c6bdb 100644 --- a/common/packages.nix +++ b/common/packages.nix @@ -17,6 +17,7 @@ direnv dmidecode dnsmasq + dtach fd file fzf @@ -55,6 +56,7 @@ strace swaylock tig + tmux traceroute unrar unzip diff --git a/flake.lock b/flake.lock index 75cc969..14e8a1d 100644 --- a/flake.lock +++ b/flake.lock @@ -192,11 +192,11 @@ ] }, "locked": { - "lastModified": 1698363600, - "narHash": "sha256-r71uS/uw3I9xJAnmlgaN0TC9aC/1m2L4iNhKjqBzAtQ=", + "lastModified": 1698783626, + "narHash": "sha256-esHANPDZbeIiBlXdFjBXpalHzSgtn+2TOmUa76dE6us=", "ref": "refs/heads/master", - "rev": "9652f4cb75d799ee5a2511883d2fda60bea00141", - "revCount": 19, + "rev": "b660608fb3ff05e1ba88222d2e8d16a8ca5e580e", + "revCount": 20, "type": "git", "url": "https://git.project-cloud.net/asmir/nvim_flake" }, diff --git a/flake.nix b/flake.nix index f83dc1c..438a132 100644 --- a/flake.nix +++ b/flake.nix @@ -105,6 +105,7 @@ home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.akill = import ./home/home.nix; + home-manager.extraSpecialArgs = {inherit inputs;}; } peerix.nixosModules.peerix { diff --git a/home/home.nix b/home/home.nix index aa0bbcb..4a20c57 100644 --- a/home/home.nix +++ b/home/home.nix @@ -168,6 +168,8 @@ with lib; { pull = {rebase = true;}; credential = {helper = "store";}; }; + signing.key = "020C42B7A9ABA3E2"; + signing.signByDefault = true; }; obs-studio = { @@ -197,6 +199,7 @@ with lib; { enable = true; defaultCacheTtl = 1800; enableSshSupport = true; + pinentryFlavor = "curses"; }; swayidle = { diff --git a/home/home_packages.nix b/home/home_packages.nix index e830493..d790b4e 100644 --- a/home/home_packages.nix +++ b/home/home_packages.nix @@ -25,14 +25,16 @@ firefox gcc gdb + ghostscript glab - glaxnimate + /*glaxnimate*/ gnumake go grim hyperfine imagemagick imv + inkscape jellyfin-media-player kdenlive kicad @@ -52,6 +54,7 @@ patchelf pavucontrol pirate-get + poppler_utils powertop pulsemixer python3 @@ -65,6 +68,7 @@ sioyek skypeforlinux slurp + tea texlive.combined.scheme-full thunderbird upx @@ -83,7 +87,9 @@ zig zls - /* install here until nvim flake is fixed */ + /* + install here until nvim flake is fixed + */ alejandra ccls gopls @@ -101,5 +107,8 @@ ++ [ inputs.swaysw.packages.x86_64-linux.swaysw inputs.nvim.packages.x86_64-linux.nvim + (import ../packages/zapzap/default.nix {inherit pkgs;}) + (pkgs.callPackage ../packages/viber/default.nix {}) + (pkgs.callPackage ../packages/bubblewrap/default.nix {}) ]; } diff --git a/home/sway.nix b/home/sway.nix index 3c9dda4..8c3d810 100644 --- a/home/sway.nix +++ b/home/sway.nix @@ -18,11 +18,11 @@ window.commands = [ { command = "move scratchpad, resize set 1152 648"; - criteria = {app_id = "pulsemixer|python3|whatsapp-for-linux|com.viber.Viber";}; + criteria = {app_id = "pulsemixer|python3|com.rtosta.zapzap|whatsapp-for-linux|com.viber";}; } { command = "move scratchpad, resize set 1502 845"; - criteria = {class = "ViberPC";}; + criteria = {app_id = "com.viber";}; } { command = "floating enable"; @@ -106,8 +106,8 @@ "Mod4+l" = '' exec swaymsg [app_id="python3"] scratchpad show || exec foot -a python3 python3''; - "Mod4+h" = "exec swaymsg [app_id=whatsapp-for-linux] scratchpad show || exec whatsapp-for-linux"; - "Mod4+j" = "exec swaymsg [app_id=com.viber.Viber] scratchpad show"; + "Mod4+h" = "exec swaymsg [app_id=com.rtosta.zapzap] scratchpad show || exec zapzap"; + "Mod4+j" = "exec swaymsg [app_id=com.viber] scratchpad show || exec viber"; "Mod4+y" = '' exec swaymsg [app_id="pulsemixer"] scratchpad show || exec foot -a pulsemixer pulsemixer''; diff --git a/home/zsh.nix b/home/zsh.nix index a444e2b..4ba9c48 100644 --- a/home/zsh.nix +++ b/home/zsh.nix @@ -52,8 +52,8 @@ src = pkgs.fetchFromGitHub { owner = "sindresorhus"; repo = "pure"; - rev = "47c0c881f0e7cfdb5eaccd335f52ad17b897c060"; - sha256 = "15xdhi72pq88ls5gx1h0k23jvb41j6kq6ar17dqmd5d38zsgwl3v"; + rev = "87e6f5dd4c793f6d980532205aaefe196780606f"; + hash = "sha256-TR4CyBZ+KoZRs9XDmWE5lJuUXXU1J8E2Z63nt+FS+5w="; }; file = "pure.plugin.zsh"; } diff --git a/magpie/configuration.nix b/magpie/configuration.nix index 7bda3ac..04e7cf1 100644 --- a/magpie/configuration.nix +++ b/magpie/configuration.nix @@ -240,12 +240,14 @@ owner = config.users.users.nextcloud.name; }; - networking.hostName = "magpie"; - networking.wireless.enable = false; networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [80 443 587]; networking.firewall.allowedUDPPorts = []; + networking.firewall.allowPing = true; + networking.firewall.logRefusedConnections = lib.mkDefault false; + networking.hostName = "magpie"; networking.networkmanager.enable = true; + networking.wireless.enable = false; system.stateVersion = "22.11"; } diff --git a/mediabox/configuration.nix b/mediabox/configuration.nix index 81ea7e9..696f891 100644 --- a/mediabox/configuration.nix +++ b/mediabox/configuration.nix @@ -254,6 +254,14 @@ }; }; + journald.extraConfig = '' + SystemMaxUse=50M + ''; + + logind.extraConfig = '' + KillUserProcesses=yes + ''; + xserver = { enable = true; libinput.enable = true; diff --git a/nixy/configuration.nix b/nixy/configuration.nix index 92fedda..c4c87ec 100644 --- a/nixy/configuration.nix +++ b/nixy/configuration.nix @@ -1,6 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, @@ -29,6 +26,7 @@ gc.options = "--delete-older-than 7d"; package = pkgs.nixUnstable; settings = { + sandbox = true; experimental-features = ["nix-command" "flakes"]; }; }; @@ -110,6 +108,9 @@ nixpkgs.config.allowUnfree = true; nixpkgs.overlays = [nix-xilinx.overlay]; environment = { + extraInit = '' + unset -v SSH_ASKPASS + ''; homeBinInPath = true; variables = { PATH = "$HOME/.cargo/bin"; diff --git a/nixy/hardware-configuration.nix b/nixy/hardware-configuration.nix index 4ea5a4b..6314279 100644 --- a/nixy/hardware-configuration.nix +++ b/nixy/hardware-configuration.nix @@ -55,7 +55,7 @@ }; fileSystems."/opt/xilinx" = { - device = "/dev/disk/by-uuid/09912fb9-0284-4b4e-add1-d4a27329539f"; + device = "/dev/disk/by-uuid/f5c27ef2-8053-4d96-9f8f-c6a50d6193b9"; fsType = "erofs"; }; diff --git a/packages/bubblewrap/default.nix b/packages/bubblewrap/default.nix new file mode 100644 index 0000000..44645bd --- /dev/null +++ b/packages/bubblewrap/default.nix @@ -0,0 +1,56 @@ +{ + lib, + stdenv, + fetchFromGitHub, + docbook_xsl, + libxslt, + meson, + ninja, + pkg-config, + bash-completion, + libcap, + libselinux, +}: +stdenv.mkDerivation rec { + pname = "bubblewrap"; + version = "0.8.0"; + + src = fetchFromGitHub { + owner = "rhendric"; + repo = "bubblewrap"; + rev = "23ff0f875b3a0200c1796daa01173ecec7deaf88"; + hash = "sha256-EWsuAGsShaHEmLi0jUHX2bFQZkinIOsRbgB7tZSfq8E="; + }; + + postPatch = '' + substituteInPlace tests/libtest.sh \ + --replace "/var/tmp" "$TMPDIR" + ''; + + nativeBuildInputs = [ + docbook_xsl + libxslt + meson + ninja + pkg-config + ]; + + buildInputs = [ + bash-completion + libcap + libselinux + ]; + + # incompatible with Nix sandbox + doCheck = false; + + meta = with lib; { + changelog = "https://github.com/containers/bubblewrap/releases/tag/${src.rev}"; + description = "Unprivileged sandboxing tool"; + homepage = "https://github.com/containers/bubblewrap"; + license = licenses.lgpl2Plus; + maintainers = with maintainers; [dotlambda]; + platforms = platforms.linux; + mainProgram = "bwrap"; + }; +} diff --git a/packages/viber/default.nix b/packages/viber/default.nix new file mode 100644 index 0000000..2a61ad4 --- /dev/null +++ b/packages/viber/default.nix @@ -0,0 +1,169 @@ +{ + alsa-lib, + brotli, + cups, + curl, + bubblewrap, + bash, + writeShellScriptBin, + dbus, + dpkg, + expat, + fetchurl, + fontconfig, + freetype, + glib, + gst_all_1, + harfbuzz, + krb5, + lcms, + lib, + libcap, + libevent, + libGL, + libGLU, + libopus, + libpulseaudio, + libwebp, + libxkbcommon, + libxml2, + libxslt, + makeWrapper, + mesa, + nspr, + nss, + openssl, + snappy, + stdenv, + systemd, + wayland, + xorg, + zlib, + zstd, + ... +}: +stdenv.mkDerivation { + pname = "viber"; + version = "21.0.0.1"; + + src = fetchurl { + # Official link: https://download.cdn.viber.com/cdn/desktop/Linux/viber.deb + url = "https://download.cdn.viber.com/cdn/desktop/Linux/viber.deb"; + sha256 = "0q34mwbk0i2vj2f16hk7pyshl8fqwym3lyr7iss22qw8cxx3mcg3"; + }; + + nativeBuildInputs = [makeWrapper]; + buildInputs = [dpkg]; + + dontUnpack = true; + + libPath = lib.makeLibraryPath [ + alsa-lib + brotli + cups + curl + dbus + expat + fontconfig + freetype + glib + gst_all_1.gst-plugins-bad + gst_all_1.gst-plugins-base + gst_all_1.gstreamer + harfbuzz + krb5 + lcms + libcap + libevent + libGLU + libGL + libopus + libpulseaudio + libwebp + libxkbcommon + libxml2 + libxslt + mesa + nspr + nss + openssl + snappy + stdenv.cc.cc + systemd + wayland + zlib + zstd + + xorg.libICE + xorg.libSM + xorg.libX11 + xorg.libxcb + xorg.libXcomposite + xorg.libXcursor + xorg.libXdamage + xorg.libXext + xorg.libXfixes + xorg.libXi + xorg.libXrandr + xorg.libXrender + xorg.libXScrnSaver + xorg.libXtst + xorg.xcbutilimage + xorg.xcbutilkeysyms + xorg.xcbutilrenderutil + xorg.xcbutilwm + xorg.libxkbfile + ]; + + installPhase = let + viberWrap = writeShellScriptBin "viberWrap" '' + ${bubblewrap}/bin/bwrap --bind / / \ + --dev /dev \ + --tmpfs $HOME \ + --bind $HOME/.ViberPC/ $HOME/.ViberPC \ + --bind $HOME/Downloads/ $HOME/Downloads \ + $@ + ''; + in '' + dpkg-deb -x $src $out + mkdir -p $out/bin + + # Soothe nix-build "suspicions" + chmod -R g-w $out + + for file in $(find $out -type f \( -perm /0111 -o -name \*.so\* \) ); do + patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" "$file" || true + patchelf --set-rpath $libPath:$out/opt/viber/lib $file || true + done + + # qt.conf is not working, so override everything using environment variables + wrapProgram $out/opt/viber/Viber \ + --set QT_PLUGIN_PATH "$out/opt/viber/plugins" \ + --set QT_XKB_CONFIG_ROOT "${xorg.xkeyboardconfig}/share/X11/xkb" \ + --set QTCOMPOSE "${xorg.libX11.out}/share/X11/locale" \ + --set QML2_IMPORT_PATH "$out/opt/viber/qml" + + echo "#!${bash}/bin/bash" > $out/bin/viber + echo "${viberWrap}/bin/viberWrap $out/opt/viber/Viber" >> $out/bin/viber + chmod +x $out/bin/viber + + mv $out/usr/share $out/share + rm -rf $out/usr + + # Fix the desktop link + substituteInPlace $out/share/applications/viber.desktop \ + --replace /opt/viber/Viber $out/opt/viber/Viber \ + --replace /usr/share/ $out/share/ + ''; + dontStrip = true; + dontPatchELF = true; + + meta = { + homepage = "https://www.viber.com"; + description = "An instant messaging and Voice over IP (VoIP) app"; + sourceProvenance = with lib.sourceTypes; [binaryNativeCode]; + license = lib.licenses.unfree; + platforms = ["x86_64-linux"]; + maintainers = with lib.maintainers; [jagajaga]; + }; +} diff --git a/packages/zapzap/.nixd.json b/packages/zapzap/.nixd.json new file mode 120000 index 0000000..0a1dd46 --- /dev/null +++ b/packages/zapzap/.nixd.json @@ -0,0 +1 @@ +../../.nixd.json \ No newline at end of file diff --git a/packages/zapzap/default.nix b/packages/zapzap/default.nix new file mode 100644 index 0000000..37155fc --- /dev/null +++ b/packages/zapzap/default.nix @@ -0,0 +1,23 @@ +{pkgs}: +pkgs.python3Packages.buildPythonPackage { + name = "zapzap"; + src = pkgs.fetchFromGitHub { + owner = "zapzap-linux"; + repo = "zapzap"; + rev = "5de4a4015128c164af3c964ecbe5b6358d98b521"; + hash = "sha256-bd3YcITK4lraOu7D/xZfnibilAZQZWqazVVtUwqJ4wc="; + }; + dontWrapQtApps = true; + propagatedBuildInputs = with pkgs.python3Packages; [pyqt6-webengine qt6.qtwayland qt6.qtsvg]; + nativeBuildInputs = with pkgs; [qt6.wrapQtAppsHook makeWrapper]; + env = { + HOME = "/tmp"; + }; + preFixup = '' + makeWrapperArgs+=( + # Force the app to use QT_PLUGIN_PATH values from wrapper + --unset QT_PLUGIN_PATH + "''${qtWrapperArgs[@]}" + ) + ''; +}